Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TLSClientConfig isn't set for CONNECT requests #440

Open
moonchen opened this issue Apr 16, 2021 · 0 comments
Open

TLSClientConfig isn't set for CONNECT requests #440

moonchen opened this issue Apr 16, 2021 · 0 comments

Comments

@moonchen
Copy link

moonchen commented Apr 16, 2021
edited
Loading

I'm trying to proxy my CONNECT requests through another HTTPS proxy. I tried doing this:

if externalProxy != "" {
    proxy.Tr = &http.Transport{Proxy: func(req *http.Request) (*url.URL, error) {
        return url.Parse(externalProxy)
    }}
    proxy.ConnectDial = proxy.NewConnectDialToProxy(externalProxy)
}

When I proxy a CONNECT request through it, there is an error internally here:

goproxy/https.go

Line 399 in a92cc75

connectReq.Write(c)
The message is tls: either ServerName or InsecureSkipVerify must be specified in the tls.Config.

I'm working around this by setting proxy.Tr.TLSClientConfig.ServerName when creating the proxy.

u, err := url.Parse(externalProxy)
proxy.Tr = &http.Transport{
	Proxy: func(req *http.Request) (*url.URL, error) {
		return u, nil
	},
	TLSClientConfig: &tls.Config{
		ServerName: u.Hostname(),
	},
}

I'd expect this server name to be set automatically when I call NewConnectDialToProxy, since the intent is to connect through another proxy.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@moonchen