New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Alt-svc: support IPv6 alt-authority #11737
Labels
Comments
bagder
added a commit
that referenced
this issue
Aug 27, 2023
Store numerical IPv6 addresses in the alt-svc file with the brackets present. Verify with test 437 and 438 Fixes #11737 Reported-by: oliverpool on github Closes #.....
@bagder thank you for the quick fix! (and your amazing work in general!) |
ptitSeb
pushed a commit
to wasix-org/curl
that referenced
this issue
Sep 25, 2023
Store numerical IPv6 addresses in the alt-svc file with the brackets present. Verify with test 437 and 438 Fixes curl#11737 Reported-by: oliverpool on github Closes curl#11743
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I did this
Run
curl -v --alt-svc cache "https://caddy.pfad.fr"
caddy.pfad.fr is a test server which replies with an
Alt-svc
header containing an IPv6 as alt-authority:I expected the following
The cache file to be populated.
Instead, the cache file is empty and I see in the logs:
Triggered by this code:
curl/lib/altsvc.c
Lines 502 to 507 in c2212c0
Relevant specifications:
alt-authority = quoted-string ; containing [ uri-host ] ":" port
RFC7838uri-host = <host, see [RFC3986], Section 3.2.2>
RFC7230host = IP-literal / IPv4address / reg-name
RFC3986IP-literal = "[" ( IPv6address / IPvFuture ) "]"
RFC3986 as wellHence I think that
h3="[2a01:4f8:c0c:9a6d::42]:443"; ma=2592000
is a validalt-svc
header value and should be correctly handled by curl.Background information:
Each of my service listens on 1 dedicated IPv6 address on the same machine. The traffic to the shared IPv4 gets forwarded to the right service thanks to snid (which uses SNI). However this setup can't handle UDP packets, hence I make http3 only available on IPv6.
Possible workaround: publish AAAA-only DNS record and use this domain as alt-svc (so IPv4 clients will waste a bit of their resources).
curl/libcurl version
curl 8.2.1 (x86_64-pc-linux-gnu) libcurl/8.2.1 OpenSSL/3.1.2 zlib/1.3 brotli/1.0.9 zstd/1.5.5 libidn2/2.3.4 libpsl/0.21.2 (+libidn2/2.3.4) libssh2/1.11.0 nghttp2/1.55.1
Release-Date: 2023-07-26
Protocols: dict file ftp ftps gopher gophers http https imap imaps mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS brotli GSS-API HSTS HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL threadsafe TLS-SRP UnixSockets zstd
operating system
Arch Linux:
Linux 6.4.11-arch2-1 #1 SMP PREEMPT_DYNAMIC Sat, 19 Aug 2023 15:38:34 +0000 x86_64 GNU/Linux
The text was updated successfully, but these errors were encountered: