Open chobits opened 6 years ago
This would be great :)
Hey @chobits - any updates on this?
@jamiepmullan Currently not in plan. Hope that I can have free time to complete it or Someone can pull a reqeust for this issue. Details are in first comment.
The preparatory work for development is logged here:
CONNECT method in h3 protocol:
See section " 4.4. The CONNECT Method" in https://datatracker.ietf.org/doc/rfc9114/
for curl, we can use following command to test wheter connect method work under ssl/h2 protocol:(--proxy-insecure
makes curl ignore CA check with our proxy server(localhost:8888))
curl https://github.com/ -sv -o/dev/null --proxy-insecure -x https://localhost:8888 --http2
with nginx proxy_connect configuration as follwong:
server {
listen 8888 ssl http2;
ssl_certificate_key /opt/nginx/server.key; # self-signed cert created by openssl command
ssl_certificate /opt/nginx/server.crt;
ssl_session_cache shared:SSL:1m;
error_log logs/err_8888.log debug;
resolver 223.5.5.5 ipv6=off;
proxy_connect;
proxy_connect_allow 443 563;
proxy_connect_connect_timeout 10s;
proxy_connect_data_timeout 120s;
location / {
proxy_pass http://$host;
proxy_set_header Host $host;
}
}
At least three points we should pay attention to: