TUN-4947: Use http when talking to Unix sockets origins

nmldiegues · nmldiegues · commit 0ab6867ae5fa · 2022-02-02T19:33:30.000Z
Right now the proxying of cloudflared -> unix socket is a bit of a no man's land, where we do not have the ability to specify the actual protocol since the user just configures "unix:/path/" In practice, we proxy using an HTTP client. But it could be that the origin expects HTTP or HTTPS. However, we have no way of knowing. So how are we proxying to it? We are configuring the http.Request in ways that depend on the transport and edge implementation, and it so happens that for h2mux and http2 we are using a http.Request whose Scheme is HTTP, whereas for quic we are generating a http.Request whose scheme is HTTPS. Since it does not make sense to have different behaviours depending on the transport, we are making a (hopefully temporary) change so that proxied requests to Unix sockets are systematically HTTP. In practice we should do #502 to make this configurable.
diff --git a/ingress/origin_proxy.go b/ingress/origin_proxy.go
@@ -23,6 +23,7 @@ type StreamBasedOriginProxy interface {
 }
 
 func (o *unixSocketPath) RoundTrip(req *http.Request) (*http.Response, error) {
+	req.URL.Scheme = "http"
 	return o.transport.RoundTrip(req)
 }
 

Original file line number	Diff line number	Diff line change
`@@ -23,6 +23,7 @@ type StreamBasedOriginProxy interface {`
`23`	`23`	`}`
`24`	`24`
`25`	`25`	`func (o unixSocketPath) RoundTrip(req http.Request) (*http.Response, error) {`
	`26`	`+ req.URL.Scheme = "http"`
`26`	`27`	`return o.transport.RoundTrip(req)`
`27`	`28`	`}`
`28`	`29`