Closed diyism closed 3 years ago
Sorry, I just saw these:
v88.0.4324.96-1
klzgrad released this on Jan 20
Rebased to 88.0.4324.96.
HTTP/3/QUIC support is fully functional, but it is not competitive with HTTP/2/TLS in practice due to carrier throttling or congestion control fairness.
QUIC support can be tested using
{ experimental_http3 }
in Caddyfile and quic://user:pass@example.com in Naive config.json.
and this: https://github.com/klzgrad/naiveproxy/issues/77
QUIC support can be tested as following:
Use naiveproxy v85.0.4183.83-4 or newer
Caddyfile:
{
experimental_http3
}
:443, example.com
tls me@example.com
route {
forward_proxy {
basic_auth user pass
hide_ip
hide_via
probe_resistance secret.com
}
file_server {
root /var/www/html
}
}
Naive config.json:
{
"listen": "socks://127.0.0.1:1080",
"proxy": "quic://user:pass@example.com",
"log": ""
}
I'll give a try first
Caddyfile in server(installed latest github.com/klzgrad/forwardproxy@naive): { experimental_http3 } :443, myserver.com tls i@myserver.com route { forward_proxy { basic_auth user1 user1pass1 hide_ip hide_via probe_resistance secret.com } respond / "Hello, world!" }
in local debian(downloaded latest naiveproxy-v89.0.4389.72-1-linux-x64): visit https://myserver.com in firefox, I can see log under Developer/Network:
HTTP/3 200 OK
server: Caddy
alt-svc: h3-32=":443"; ma=2592000,h3-29=":443"; ma=2592000
config.json in local debian: { "listen": "socks://127.0.0.1:8085", "proxy": "quic://user1:user1pass1@myserver.com", "log": "" }
$ ./naive [0414/223117.228951:INFO:naive_proxy_bin.cc(412)] Proxying via quic://myserver.com [0414/223117.229323:INFO:naive_proxy_bin.cc(551)] Listening on 127.0.0.1:8085
$ curl --socks5 127.0.0.1:8085 https://myip.ipip.net curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to myip.ipip.net:443
$ ./naive [0414/223626.473635:INFO:naive_proxy_bin.cc(412)] Proxying via quic://myserver.com [0414/223626.474000:INFO:naive_proxy_bin.cc(551)] Listening on 127.0.0.1:8085 [0414/223633.107353:INFO:naive_connection.cc(250)] Connection 1 to 117.23.61.188:443 [0414/223633.112192:INFO:naive_proxy.cc(178)] Connection 1 closed: ERR_QUIC_HANDSHAKE_FAILED
$ ./caddy adapt --pretty
2021/04/14 15:05:10.140 INFO using adjacent Caddyfile
[WARNING][caddyfile] :0: the 'experimental_http3' global option is deprecated, please use the 'servers > protocol > experimental_http3' option instead
{
"apps": {
"http": {
"servers": {
"srv0": {
"listen": [
":443"
],
"routes": [
{
"handle": [
{
"handler": "subroute",
"routes": [
{
"handle": [
{
"auth_pass_deprecated": "user1pass1",
"auth_user_deprecated": "usser1",
"handler": "forward_proxy",
"hide_ip": true,
"hide_via": true,
"probe_resistance": {
"domain": "secret.com"
}
}
]
},
{
"handle": [
{
"body": "Hello, world!",
"handler": "static_response"
}
],
"match": [
{
"path": [
"/"
]
}
]
}
]
}
]
}
],
"experimental_http3": true
}
}
},
"tls": {
"certificates": {
"automate": [
"myserver.com"
]
},
"automation": {
"policies": [
{
"issuers": [
{
"email": "i@myserver.com",
"module": "acme"
}
]
}
]
}
}
}
}
Sorry, my fault, I have an ip route rule of the ip of myserver.com, after I get rid of it, everything is ok
I see a caddy2-h3 branch in https://github.com/klzgrad/forwardproxy Can the naiveproxy client and server work over http3 protocol? If they can work, do you have time to write some manual about how to setup "caddyserver forwardproxy http3" and "naive client http3"?