add basic support for SNI different than URI in H3 #71428
Conversation
|
Tagging subscribers to this area: @dotnet/ncl Issue DetailsWe had minimal support for cases with IP address. This extends that with simple DNS lookup. While we can get more than one address and in Sockets we would try to try them all, this PR simply mimics MsQuic and only use first IP. fixes #57169
|
| @@ -536,15 +537,32 @@ internal unsafe ValueTask ConnectAsync(CancellationToken cancellationToken = def | |||
| // We don't have way how to set separate SNI and name for connection at this moment. | |||
| // If the name is actually IP address we can use it to make at least some cases work for people | |||
| // who want to bypass DNS but connect to specific virtual host. | |||
| if (!string.IsNullOrEmpty(_state.TargetHost) && !dnsHost.Equals(_state.TargetHost, StringComparison.InvariantCultureIgnoreCase) && IPAddress.TryParse(dnsHost, out IPAddress? address)) | |||
| if (!dnsHost.Equals(_state.TargetHost, StringComparison.InvariantCultureIgnoreCase) && !string.IsNullOrEmpty(_state.TargetHost)) | |||
There was a problem hiding this comment.
Is there a reason to swap the IsNullOrEmpty check with the equality comparison?
There was a problem hiding this comment.
not really. I think _state.TargetHost is unlikely to be null. (or maybe never would)
There was a problem hiding this comment.
I was just asking because you swapped them, I don't mind either way.
| } | ||
| else | ||
| { | ||
| IPAddress[] addresses = Dns.GetHostAddressesAsync(dnsHost, cancellationToken).GetAwaiter().GetResult(); |
There was a problem hiding this comment.
You're in an async method, you can await or you can just use the sync version of the method.
There was a problem hiding this comment.
While the name is ConnectAsync it does not have async keyword. I was thinking about sync method but that does not have cancellation overload.
There was a problem hiding this comment.
I don't think that using sync-over-async on an async method within an async method (albeit only task returning atm) is the best option here.
There was a problem hiding this comment.
I can switch to Dns.GetHostAddresses and give up on cancellation completely. cc: @stephentoub for any additional suggestions.
There was a problem hiding this comment.
Once I merge this with the static ConnectAsync, I can take the full advantage of the async and call await. So I guess it doesn't matter much here atm.
src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/MsQuicConnection.cs
Show resolved
Hide resolved
| cancellationToken.ThrowIfCancellationRequested(); | ||
| if (addresses.Length == 0) | ||
| { | ||
| throw new SocketException((int)SocketError.HostNotFound); |
There was a problem hiding this comment.
This is what we get in HTTP/Sockets and in case GetHostAddressesAsync fail to resolve. I'm not 100% we would ever get empty list without failure but if we would I did not want to cause index errors. I'm open to QuicException but fail to resolve may not be IOException.
There was a problem hiding this comment.
fail to resolve may not be IOException
Why?
We should then reconsider inheriting QuicException from IOException, but we shouldn't throw SocketException from S.N.Quic.
cc @rzikm
There was a problem hiding this comment.
as I mentioned we may do it anyway if Dns.GetHostAddressesAsync fails. Unless you want to catch it and throw something else in both cases. We can certainly do it as well.
There was a problem hiding this comment.
Baaah, I'm not sure, let's keep the SocketException for now to be consistent with NameResolution class. We can revisit this in the future if it'll cause confusion.
| cancellationToken.ThrowIfCancellationRequested(); | ||
| if (addresses.Length == 0) | ||
| { | ||
| throw new SocketException((int)SocketError.HostNotFound); |
There was a problem hiding this comment.
Baaah, I'm not sure, let's keep the SocketException for now to be consistent with NameResolution class. We can revisit this in the future if it'll cause confusion.
| @@ -536,15 +537,32 @@ internal unsafe ValueTask ConnectAsync(CancellationToken cancellationToken = def | |||
| // We don't have way how to set separate SNI and name for connection at this moment. | |||
| // If the name is actually IP address we can use it to make at least some cases work for people | |||
| // who want to bypass DNS but connect to specific virtual host. | |||
| if (!string.IsNullOrEmpty(_state.TargetHost) && !dnsHost.Equals(_state.TargetHost, StringComparison.InvariantCultureIgnoreCase) && IPAddress.TryParse(dnsHost, out IPAddress? address)) | |||
| if (!dnsHost.Equals(_state.TargetHost, StringComparison.InvariantCultureIgnoreCase) && !string.IsNullOrEmpty(_state.TargetHost)) | |||
There was a problem hiding this comment.
I was just asking because you swapped them, I don't mind either way.
| } | ||
| else | ||
| { | ||
| IPAddress[] addresses = Dns.GetHostAddressesAsync(dnsHost, cancellationToken).GetAwaiter().GetResult(); |
There was a problem hiding this comment.
Once I merge this with the static ConnectAsync, I can take the full advantage of the async and call await. So I guess it doesn't matter much here atm.
src/libraries/System.Net.Quic/src/System/Net/Quic/Implementations/MsQuic/MsQuicConnection.cs
Show resolved
Hide resolved
ghost
locked as resolved and limited conversation to collaborators
We had minimal support for cases with IP address. This extends that with simple DNS lookup. While we can get more than one address and in Sockets we would try to try them all, this PR simply mimics MsQuic and only use first IP.
That may be sufficient as this scenario mostly involve testing. Also in the future we can enhance whole connect (or MsQuic) to do something better.
fixes #57169