Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Do not proxy traffic to sockets #59

Open
tommyknows opened this issue Oct 12, 2022 · 0 comments · May be fixed by #60
Open

Do not proxy traffic to sockets #59

tommyknows opened this issue Oct 12, 2022 · 0 comments · May be fixed by #60

Comments

@tommyknows
Copy link

tommyknows commented Oct 12, 2022
edited

First off, thanks a lot for this library!

I am currently facing an issue where I have an application that has two different types of connections:

  • "normal" HTTP connections to some upstream servers
  • TCP HTTP traffic to local sockets, e.g. /var/run/...

The first type of traffic works as expected, however for Socket traffic things get weird. global-agent redirects / routes that traffic through the proxy, and because HTTP requests to sockets do not have a host or port set, something will set localhost:80 as the destination. Now the proxy obviously does not know what to do with it, because the socket-info is lost.

I'm opening this issue because I wanted to ask if it would be possible to add an exception for socket traffic. For example, the easiest solution would be to simply add the following code here:

    if (configuration.socketPath) {
        log.trace({
            destination: request.socketPath,
        }, 'not proxying request; destination is a socket');

        this.fallbackAgent.addRequest(request, configuration);
        return ;
    }

This could also be made configurable through an option, I guess, though because traffic sent to the proxy is "useless" (no / wrong destination attached), I don't see why an option for this could be useful (YMMV 😉)

I'd be happy to open a PR for this, but wanted to get an opinion first.

Thanks!
tommyknows added a commit to snyk/snyk-docker-plugin that referenced this issue Oct 12, 2022
@tommyknows
fix: No HTTP_PROXY when connecting to Docker socket
6db689e 
CLIv2 sets up a global proxy where all traffic from the typescript
modules / CLI parts are routed through a Go proxy. This is an issue for
the Docker modem where we want to connect to Docker's socket directly,
as the proxy alters the behaviour of the calls. Because traffic to a
socket does not need a `host` or `port` to be set, the Go proxy that got
that traffic re-routed it to `localhost:80`, which results in the CLI
failing.

I've opened an [upstream PR in the `global-agent`](gajus/global-agent#59)
repo to not proxy traffic that should reach sockets in the first place.
However, until this is fixed, we should simply use a custom agent for
docker modem.
tommyknows added a commit to snyk/snyk-docker-plugin that referenced this issue Oct 12, 2022
@tommyknows
fix: No HTTP_PROXY when connecting to Docker socket
1f03bad 
CLIv2 sets up a global proxy where all traffic from the typescript
modules / CLI parts are routed through a Go proxy. This is an issue for
the Docker modem where we want to connect to Docker's socket directly,
as the proxy alters the behaviour of the calls. Because traffic to a
socket does not need a `host` or `port` to be set, the Go proxy that got
that traffic re-routed it to `localhost:80`, which results in the CLI
failing.

I've opened an [upstream PR in the `global-agent`](gajus/global-agent#59)
repo to not proxy traffic that should reach sockets in the first place.
However, until this is fixed, we should simply use a custom agent for
docker modem.
@tommyknows tommyknows linked a pull request Oct 14, 2022 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: do not proxy traffic to sockets tommyknows/global-agent
1 participant
@tommyknows