From 445a896800a12dd72eb616c84037b246be6f2b2d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Matczuk?= Date: Fri, 23 Feb 2024 14:08:55 +0100 Subject: [PATCH] martian: fix connection hangs in mitm mode A regression was introduced in 9cc985423c4b49f98580ff7531ee671aa5f474da that allowed use of HTTP/2 inside MITM. This patch adds the following to all http.Transport instances t.TLSNextProto = make(map[string]func(string, *tls.Conn) http.RoundTripper) Interestingly with that t = t.Clone() we get an error forwarder encountered an unexpected error net/http: HTTP/1.x transport connection broken: malformed HTTP response "\x00\x00\x12\x04\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x80\x00\x04\x00\x01\x00\x00\x00\x05\x00\xff\xff\xff\x00\x00\x04\b\x00\x00\x00\x00\x00\x7f\xff\x00\x00\x00\x00\b\a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01" --- internal/martian/proxy.go | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/internal/martian/proxy.go b/internal/martian/proxy.go index d5104845..b581595e 100644 --- a/internal/martian/proxy.go +++ b/internal/martian/proxy.go @@ -131,9 +131,6 @@ func (p *Proxy) init() { p.initOnce.Do(func() { if p.RoundTripper == nil { p.rt = &http.Transport{ - // TODO(adamtanner): This forces the http.Transport to not upgrade requests - // to HTTP/2 in Go 1.6+. Remove this once Martian can support HTTP/2. - TLSNextProto: make(map[string]func(string, *tls.Conn) http.RoundTripper), Proxy: http.ProxyFromEnvironment, TLSHandshakeTimeout: 10 * time.Second, ExpectContinueTimeout: time.Second, @@ -143,7 +140,9 @@ func (p *Proxy) init() { } if t, ok := p.rt.(*http.Transport); ok { - t = t.Clone() + // TODO(adamtanner): This forces the http.Transport to not upgrade requests + // to HTTP/2 in Go 1.6+. Remove this once Martian can support HTTP/2. + t.TLSNextProto = make(map[string]func(string, *tls.Conn) http.RoundTripper) if p.DialContext == nil { p.DialContext = t.DialContext