1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
|
diff --git a/caddyhttp/httpserver/server.go b/caddyhttp/httpserver/server.go
index 7940ac8..71cc657 100644
--- a/caddyhttp/httpserver/server.go
+++ b/caddyhttp/httpserver/server.go
@@ -31,7 +31,6 @@ import (
"strings"
"time"
- "github.com/lucas-clemente/quic-go/h2quic"
"github.com/mholt/caddy"
"github.com/mholt/caddy/caddyhttp/staticfiles"
"github.com/mholt/caddy/caddytls"
@@ -41,7 +40,6 @@ import (
// Server is the HTTP server implementation.
type Server struct {
Server *http.Server
- quicServer *h2quic.Server
sites []*SiteConfig
connTimeout time.Duration // max time to wait for a connection before force stop
tlsGovChan chan struct{} // close to stop the TLS maintenance goroutine
@@ -104,7 +102,6 @@ func NewServer(addr string, group []*SiteConfig) (*Server, error) {
if s.Server.TLSConfig != nil {
// enable QUIC if desired (requires HTTP/2)
if HTTP2 && QUIC {
- s.quicServer = &h2quic.Server{Server: s.Server}
s.Server.Handler = s.wrapWithSvcHeaders(s.Server.Handler)
}
@@ -234,9 +231,6 @@ func makeHTTPServerWithTimeouts(addr string, group []*SiteConfig) *http.Server {
func (s *Server) wrapWithSvcHeaders(previousHandler http.Handler) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
- if err := s.quicServer.SetQuicHeaders(w.Header()); err != nil {
- log.Println("[Error] failed to set proper headers for QUIC: ", err)
- }
previousHandler.ServeHTTP(w, r)
}
}
@@ -324,14 +318,6 @@ func (s *Server) Serve(ln net.Listener) error {
s.tlsGovChan = caddytls.RotateSessionTicketKeys(s.Server.TLSConfig)
}
- defer func() {
- if s.quicServer != nil {
- if err := s.quicServer.Close(); err != nil {
- log.Println("[ERROR] failed to close QUIC server: ", err)
- }
- }
- }()
-
err := s.Server.Serve(ln)
if err != nil && err != http.ErrServerClosed {
return err
@@ -341,10 +327,6 @@ func (s *Server) Serve(ln net.Listener) error {
// ServePacket serves QUIC requests on pc until it is closed.
func (s *Server) ServePacket(pc net.PacketConn) error {
- if s.quicServer != nil {
- err := s.quicServer.Serve(pc.(*net.UDPConn))
- return fmt.Errorf("serving QUIC connections: %v", err)
- }
return nil
}
diff --git a/caddyhttp/proxy/reverseproxy.go b/caddyhttp/proxy/reverseproxy.go
index c20be0c..884fd4d 100644
--- a/caddyhttp/proxy/reverseproxy.go
+++ b/caddyhttp/proxy/reverseproxy.go
@@ -41,8 +41,6 @@ import (
"golang.org/x/net/http2"
- "github.com/lucas-clemente/quic-go"
- "github.com/lucas-clemente/quic-go/h2quic"
"github.com/mholt/caddy/caddyhttp/httpserver"
)
@@ -253,13 +251,6 @@ func NewSingleHostReverseProxy(target *url.URL, without string, keepalive int, t
rp.Transport = &http.Transport{
Dial: socketDial(target.String(), timeout),
}
- } else if target.Scheme == "quic" {
- rp.Transport = &h2quic.RoundTripper{
- QuicConfig: &quic.Config{
- HandshakeTimeout: defaultCryptoHandshakeTimeout,
- KeepAlive: true,
- },
- }
} else if keepalive != http.DefaultMaxIdleConnsPerHost || strings.HasPrefix(target.Scheme, "srv") {
dialFunc := rp.dialer.Dial
if strings.HasPrefix(target.Scheme, "srv") {
@@ -310,11 +301,6 @@ func (rp *ReverseProxy) UseInsecureTransport() {
// No http2.ConfigureTransport() here.
// For now this is only added in places where
// an http.Transport is actually created.
- } else if transport, ok := rp.Transport.(*h2quic.RoundTripper); ok {
- if transport.TLSClientConfig == nil {
- transport.TLSClientConfig = &tls.Config{}
- }
- transport.TLSClientConfig.InsecureSkipVerify = true
}
}
@@ -329,11 +315,6 @@ func (rp *ReverseProxy) UseOwnCACertificates(CaCertPool *x509.CertPool) {
// No http2.ConfigureTransport() here.
// For now this is only added in places where
// an http.Transport is actually created.
- } else if transport, ok := rp.Transport.(*h2quic.RoundTripper); ok {
- if transport.TLSClientConfig == nil {
- transport.TLSClientConfig = &tls.Config{}
- }
- transport.TLSClientConfig.RootCAs = CaCertPool
}
}
@@ -347,10 +328,6 @@ func (rp *ReverseProxy) ServeHTTP(rw http.ResponseWriter, outreq *http.Request,
rp.Director(outreq)
- if outreq.URL.Scheme == "quic" {
- outreq.URL.Scheme = "https" // Change scheme back to https for QUIC RoundTripper
- }
-
res, err := transport.RoundTrip(outreq)
if err != nil {
return err
|