diff --git a/caddyhttp/httpserver/server.go b/caddyhttp/httpserver/server.go index de53cea..1b58e04 100644 --- a/caddyhttp/httpserver/server.go +++ b/caddyhttp/httpserver/server.go @@ -32,7 +32,6 @@ import ( "sync" "time" - "github.com/lucas-clemente/quic-go/h2quic" "github.com/mholt/caddy" "github.com/mholt/caddy/caddyhttp/staticfiles" "github.com/mholt/caddy/caddytls" @@ -42,7 +41,6 @@ import ( // Server is the HTTP server implementation. type Server struct { Server *http.Server - quicServer *h2quic.Server listener net.Listener listenerMu sync.Mutex sites []*SiteConfig @@ -105,12 +103,6 @@ func NewServer(addr string, group []*SiteConfig) (*Server, error) { // if TLS is enabled, make sure we prepare the Server accordingly if s.Server.TLSConfig != nil { - // enable QUIC if desired (requires HTTP/2) - if HTTP2 && QUIC { - s.quicServer = &h2quic.Server{Server: s.Server} - s.Server.Handler = s.wrapWithSvcHeaders(s.Server.Handler) - } - // wrap the HTTP handler with a handler that does MITM detection tlsh := &tlsHandler{next: s.Server.Handler} s.Server.Handler = tlsh // this needs to be the "outer" handler when Serve() is called, for type assertion @@ -237,7 +229,6 @@ func makeHTTPServerWithTimeouts(addr string, group []*SiteConfig) *http.Server { func (s *Server) wrapWithSvcHeaders(previousHandler http.Handler) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { - s.quicServer.SetQuicHeaders(w.Header()) previousHandler.ServeHTTP(w, r) } } @@ -333,18 +324,11 @@ func (s *Server) Serve(ln net.Listener) error { if err == http.ErrServerClosed { err = nil // not an error worth reporting since closing a server is intentional } - if s.quicServer != nil { - s.quicServer.Close() - } return err } // ServePacket serves QUIC requests on pc until it is closed. func (s *Server) ServePacket(pc net.PacketConn) error { - if s.quicServer != nil { - err := s.quicServer.Serve(pc.(*net.UDPConn)) - return fmt.Errorf("serving QUIC connections: %v", err) - } return nil } diff --git a/caddyhttp/proxy/reverseproxy.go b/caddyhttp/proxy/reverseproxy.go index 14d4bd7..d8d0622 100644 --- a/caddyhttp/proxy/reverseproxy.go +++ b/caddyhttp/proxy/reverseproxy.go @@ -40,8 +40,6 @@ import ( "golang.org/x/net/http2" - "github.com/lucas-clemente/quic-go" - "github.com/lucas-clemente/quic-go/h2quic" "github.com/mholt/caddy/caddyhttp/httpserver" ) @@ -250,13 +248,6 @@ func NewSingleHostReverseProxy(target *url.URL, without string, keepalive int, t rp.Transport = &http.Transport{ Dial: socketDial(target.String(), timeout), } - } else if target.Scheme == "quic" { - rp.Transport = &h2quic.RoundTripper{ - QuicConfig: &quic.Config{ - HandshakeTimeout: defaultCryptoHandshakeTimeout, - KeepAlive: true, - }, - } } else if keepalive != http.DefaultMaxIdleConnsPerHost || strings.HasPrefix(target.Scheme, "srv") { dialFunc := rp.dialer.Dial if strings.HasPrefix(target.Scheme, "srv") { @@ -303,11 +294,6 @@ func (rp *ReverseProxy) UseInsecureTransport() { // No http2.ConfigureTransport() here. // For now this is only added in places where // an http.Transport is actually created. - } else if transport, ok := rp.Transport.(*h2quic.RoundTripper); ok { - if transport.TLSClientConfig == nil { - transport.TLSClientConfig = &tls.Config{} - } - transport.TLSClientConfig.InsecureSkipVerify = true } } @@ -322,11 +308,6 @@ func (rp *ReverseProxy) UseOwnCACertificates(CaCertPool *x509.CertPool) { // No http2.ConfigureTransport() here. // For now this is only added in places where // an http.Transport is actually created. - } else if transport, ok := rp.Transport.(*h2quic.RoundTripper); ok { - if transport.TLSClientConfig == nil { - transport.TLSClientConfig = &tls.Config{} - } - transport.TLSClientConfig.RootCAs = CaCertPool } } @@ -340,10 +321,6 @@ func (rp *ReverseProxy) ServeHTTP(rw http.ResponseWriter, outreq *http.Request, rp.Director(outreq) - if outreq.URL.Scheme == "quic" { - outreq.URL.Scheme = "https" // Change scheme back to https for QUIC RoundTripper - } - res, err := transport.RoundTrip(outreq) if err != nil { return err