[
https://issues.apache.org/jira/browse/HTTPCLIENT-2344?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17884596#comment-17884596
]
Oleg Kalnichevski edited comment on HTTPCLIENT-2344 at 9/25/24 12:50 PM:
-------------------------------------------------------------------------
I ran a few message exchnages using this sample [1] as a test case. The proxy
used for tests is Squid 3 running in a docker container. The target server is
httpbin.org that we all love.
This is the wire log of a message exchange executed through a proxy tunnel. As
you can see an `Upgrade` request header does not get added to the outgoing
request messages (both CONNECT and GET) given the tunnel has already been
already TLS secured.
{noformat}
Executing request GET /get via http://localhost:8888
2024-09-25 14:08:20,739 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ex-0000000001 preparing request execution
2024-09-25 14:08:20,768 DEBUG
[main][org.apache.hc.client5.http.impl.classic.ProtocolExec] ex-0000000001
target auth state: UNCHALLENGED
2024-09-25 14:08:20,769 DEBUG
[main][org.apache.hc.client5.http.impl.classic.ConnectExec] ex-0000000001
acquiring connection with route
{tls}->http://localhost:8888->[https://httpbin.org:443]
2024-09-25 14:08:20,770 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ex-0000000001 acquiring endpoint (3 MINUTES)
2024-09-25 14:08:20,773 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ex-0000000001 endpoint lease request (3 MINUTES) [route:
{tls}->http://localhost:8888->[https://httpbin.org:443]][total available: 0;
route allocated: 0 of 5; total allocated: 0 of 25]
2024-09-25 14:08:20,778 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ex-0000000001 endpoint leased [route:
{tls}->http://localhost:8888->[https://httpbin.org:443]][total available: 0;
route allocated: 1 of 5; total allocated: 1 of 25]
2024-09-25 14:08:20,792 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ex-0000000001 acquired ep-0000000001
2024-09-25 14:08:20,793 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ex-0000000001 acquired endpoint ep-0000000001
2024-09-25 14:08:20,793 DEBUG
[main][org.apache.hc.client5.http.impl.classic.ConnectExec] ex-0000000001
opening connection {tls}->http://localhost:8888->[https://httpbin.org:443]
2024-09-25 14:08:20,794 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ep-0000000001 connecting endpoint (null)
2024-09-25 14:08:20,796 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ep-0000000001 connecting endpoint to http://localhost:8888 (3 MINUTES)
2024-09-25 14:08:20,797 DEBUG
[main][org.apache.hc.client5.http.impl.io.DefaultHttpClientConnectionOperator]
localhost resolving remote address
2024-09-25 14:08:20,797 DEBUG
[main][org.apache.hc.client5.http.impl.io.DefaultHttpClientConnectionOperator]
localhost resolved to [localhost/127.0.0.1]
2024-09-25 14:08:20,798 DEBUG
[main][org.apache.hc.client5.http.impl.io.DefaultHttpClientConnectionOperator]
http://localhost:8888 connecting null->localhost/127.0.0.1:8888 (3 MINUTES)
2024-09-25 14:08:20,799 DEBUG
[main][org.apache.hc.client5.http.impl.io.DefaultHttpClientConnectionOperator]
http-outgoing-0 http://localhost:8888 connected
/127.0.0.1:38572->localhost/127.0.0.1:8888
2024-09-25 14:08:20,799 DEBUG
[main][org.apache.hc.client5.http.impl.io.DefaultManagedHttpClientConnection]
http-outgoing-0 set socket timeout to 3 MINUTES
2024-09-25 14:08:20,800 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ep-0000000001 connected http-outgoing-0
2024-09-25 14:08:20,800 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ep-0000000001 endpoint connected
2024-09-25 14:08:20,801 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ep-0000000001 start execution ex-0000000001
2024-09-25 14:08:20,803 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ep-0000000001 executing exchange ex-0000000001 over http-outgoing-0
2024-09-25 14:08:20,804 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 >> CONNECT httpbin.org:443 HTTP/1.1
2024-09-25 14:08:20,804 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 >> Host: httpbin.org:443
2024-09-25 14:08:20,804 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 >> User-Agent: Apache-HttpClient/5.4.1-SNAPSHOT (Java/1.8.0_342)
2024-09-25 14:08:21,000 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << HTTP/1.1 200 Connection established
2024-09-25 14:08:21,000 DEBUG
[main][org.apache.hc.client5.http.impl.classic.ConnectExec] ex-0000000001
tunnel to target created.
2024-09-25 14:08:21,000 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ep-0000000001 upgrading endpoint
2024-09-25 14:08:21,002 DEBUG
[main][org.apache.hc.client5.http.impl.io.DefaultHttpClientConnectionOperator]
http-outgoing-0 upgrading to TLS httpbin.org:443
2024-09-25 14:08:21,041 DEBUG
[main][org.apache.hc.client5.http.ssl.AbstractClientTlsStrategy] Enabled
protocols: [TLSv1.2]
2024-09-25 14:08:21,042 DEBUG
[main][org.apache.hc.client5.http.ssl.AbstractClientTlsStrategy] Enabled cipher
suites: [TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_GCM_SHA384,
TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256,
TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA,
TLS_RSA_WITH_AES_128_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
2024-09-25 14:08:21,042 DEBUG
[main][org.apache.hc.client5.http.ssl.AbstractClientTlsStrategy] Starting
handshake (null)
2024-09-25 14:08:21,715 DEBUG
[main][org.apache.hc.client5.http.ssl.AbstractClientTlsStrategy] Secure session
established
2024-09-25 14:08:21,715 DEBUG
[main][org.apache.hc.client5.http.ssl.AbstractClientTlsStrategy] negotiated
protocol: TLSv1.2
2024-09-25 14:08:21,715 DEBUG
[main][org.apache.hc.client5.http.ssl.AbstractClientTlsStrategy] negotiated
cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
2024-09-25 14:08:21,715 DEBUG
[main][org.apache.hc.client5.http.ssl.AbstractClientTlsStrategy] Peer
principal: CN=httpbin.org
2024-09-25 14:08:21,716 DEBUG
[main][org.apache.hc.client5.http.ssl.AbstractClientTlsStrategy] peer
alternative names: [httpbin.org, *.httpbin.org]
2024-09-25 14:08:21,716 DEBUG
[main][org.apache.hc.client5.http.ssl.AbstractClientTlsStrategy] Issuer
principal: CN=Amazon RSA 2048 M02,O=Amazon,C=US
2024-09-25 14:08:21,718 DEBUG
[main][org.apache.hc.client5.http.impl.io.DefaultHttpClientConnectionOperator]
http-outgoing-0 upgraded to TLS httpbin.org:443
2024-09-25 14:08:21,718 DEBUG
[main][org.apache.hc.client5.http.impl.classic.MainClientExec] ex-0000000001
executing GET /get HTTP/1.1
2024-09-25 14:08:21,719 DEBUG
[main][org.apache.hc.client5.http.protocol.RequestUpgrade] Connection is
upgradable: protocol version = HTTP/1.1
2024-09-25 14:08:21,719 DEBUG
[main][org.apache.hc.client5.http.protocol.RequestAddCookies] ex-0000000001
Cookie spec selected: strict
2024-09-25 14:08:21,730 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ep-0000000001 start execution ex-0000000001
2024-09-25 14:08:21,730 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ep-0000000001 executing exchange ex-0000000001 over http-outgoing-0
2024-09-25 14:08:21,731 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 >> GET /get HTTP/1.1
2024-09-25 14:08:21,731 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 >> Accept-Encoding: gzip, x-gzip, deflate, br
2024-09-25 14:08:21,731 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 >> Host: httpbin.org:443
2024-09-25 14:08:21,731 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 >> Connection: keep-alive
2024-09-25 14:08:21,731 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 >> User-Agent: Apache-HttpClient/5.4.1-SNAPSHOT (Java/1.8.0_342)
2024-09-25 14:08:22,242 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << HTTP/1.1 200 OK
2024-09-25 14:08:22,242 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Date: Wed, 25 Sep 2024 12:08:22 GMT
2024-09-25 14:08:22,243 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Content-Type: application/json
2024-09-25 14:08:22,243 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Content-Length: 324
2024-09-25 14:08:22,243 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Connection: keep-alive
2024-09-25 14:08:22,243 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Server: gunicorn/19.9.0
2024-09-25 14:08:22,243 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Access-Control-Allow-Origin: *
2024-09-25 14:08:22,243 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Access-Control-Allow-Credentials: true
2024-09-25 14:08:22,249 DEBUG
[main][org.apache.hc.client5.http.impl.classic.MainClientExec] ex-0000000001
connection can be kept alive for 3 MINUTES
----------------------------------------
GET /get->HTTP/1.1 200 OK
2024-09-25 14:08:22,256 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ep-0000000001 releasing valid endpoint
2024-09-25 14:08:22,257 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ep-0000000001 releasing endpoint
2024-09-25 14:08:22,257 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ep-0000000001 connection http-outgoing-0 can be kept alive for 3 MINUTES
2024-09-25 14:08:22,258 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ep-0000000001 connection released [route:
{tls}->http://localhost:8888->[https://httpbin.org:443]][total available: 1;
route allocated: 1 of 5; total allocated: 1 of 25]
2024-09-25 14:08:22,258 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
Shutdown connection pool GRACEFUL
2024-09-25 14:08:22,258 DEBUG
[main][org.apache.hc.client5.http.impl.io.DefaultManagedHttpClientConnection]
http-outgoing-0 close connection GRACEFUL
2024-09-25 14:08:22,448 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
Connection pool shut down
{noformat}
This is the wire log of a message exchange executed using the proxy as an
intermediary (no tunnel involved). In this case an `Upgrade` header gets added
to the outgoing HTTP request. The message exchange succeeds and the proxy
correctly conveys 200 status from the target server to the client as expected.
The connection actually does not get upgraded. Apparently the proxy simply
chose to ignore the TLS upgrade request if it is not able or willing to execute
it. As it should.
{noformat}
Executing request GET /get via http://localhost:8888
2024-09-25 14:09:44,846 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ex-0000000001 preparing request execution
2024-09-25 14:09:44,874 DEBUG
[main][org.apache.hc.client5.http.impl.classic.ProtocolExec] ex-0000000001
target auth state: UNCHALLENGED
2024-09-25 14:09:44,875 DEBUG
[main][org.apache.hc.client5.http.impl.classic.ProtocolExec] ex-0000000001
proxy auth state: UNCHALLENGED
2024-09-25 14:09:44,876 DEBUG
[main][org.apache.hc.client5.http.impl.classic.ConnectExec] ex-0000000001
acquiring connection with route
{}->http://localhost:8888->[http://httpbin.org:80]
2024-09-25 14:09:44,876 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ex-0000000001 acquiring endpoint (3 MINUTES)
2024-09-25 14:09:44,879 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ex-0000000001 endpoint lease request (3 MINUTES) [route:
{}->http://localhost:8888->[http://httpbin.org:80]][total available: 0; route
allocated: 0 of 5; total allocated: 0 of 25]
2024-09-25 14:09:44,885 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ex-0000000001 endpoint leased [route:
{}->http://localhost:8888->[http://httpbin.org:80]][total available: 0; route
allocated: 1 of 5; total allocated: 1 of 25]
2024-09-25 14:09:44,899 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ex-0000000001 acquired ep-0000000001
2024-09-25 14:09:44,899 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ex-0000000001 acquired endpoint ep-0000000001
2024-09-25 14:09:44,899 DEBUG
[main][org.apache.hc.client5.http.impl.classic.ConnectExec] ex-0000000001
opening connection {}->http://localhost:8888->[http://httpbin.org:80]
2024-09-25 14:09:44,900 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ep-0000000001 connecting endpoint (null)
2024-09-25 14:09:44,901 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ep-0000000001 connecting endpoint to http://localhost:8888 (3 MINUTES)
2024-09-25 14:09:44,903 DEBUG
[main][org.apache.hc.client5.http.impl.io.DefaultHttpClientConnectionOperator]
localhost resolving remote address
2024-09-25 14:09:44,904 DEBUG
[main][org.apache.hc.client5.http.impl.io.DefaultHttpClientConnectionOperator]
localhost resolved to [localhost/127.0.0.1]
2024-09-25 14:09:44,904 DEBUG
[main][org.apache.hc.client5.http.impl.io.DefaultHttpClientConnectionOperator]
http://localhost:8888 connecting null->localhost/127.0.0.1:8888 (3 MINUTES)
2024-09-25 14:09:44,905 DEBUG
[main][org.apache.hc.client5.http.impl.io.DefaultHttpClientConnectionOperator]
http-outgoing-0 http://localhost:8888 connected
/127.0.0.1:42656->localhost/127.0.0.1:8888
2024-09-25 14:09:44,906 DEBUG
[main][org.apache.hc.client5.http.impl.io.DefaultManagedHttpClientConnection]
http-outgoing-0 set socket timeout to 3 MINUTES
2024-09-25 14:09:44,906 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ep-0000000001 connected http-outgoing-0
2024-09-25 14:09:44,906 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ep-0000000001 endpoint connected
2024-09-25 14:09:44,908 DEBUG
[main][org.apache.hc.client5.http.impl.classic.MainClientExec] ex-0000000001
executing GET http://httpbin.org:80/get HTTP/1.1
2024-09-25 14:09:44,909 DEBUG
[main][org.apache.hc.client5.http.protocol.RequestUpgrade] Connection is
upgradable: protocol version = HTTP/1.1
2024-09-25 14:09:44,909 DEBUG
[main][org.apache.hc.client5.http.protocol.RequestUpgrade] Connection is
upgradable to TLS: method = GET
2024-09-25 14:09:44,909 DEBUG
[main][org.apache.hc.client5.http.protocol.RequestAddCookies] ex-0000000001
Cookie spec selected: strict
2024-09-25 14:09:44,924 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ep-0000000001 start execution ex-0000000001
2024-09-25 14:09:44,926 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ep-0000000001 executing exchange ex-0000000001 over http-outgoing-0
2024-09-25 14:09:44,927 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 >> GET http://httpbin.org:80/get HTTP/1.1
2024-09-25 14:09:44,928 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 >> Accept-Encoding: gzip, x-gzip, deflate, br
2024-09-25 14:09:44,928 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 >> Host: httpbin.org:80
2024-09-25 14:09:44,928 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 >> User-Agent: Apache-HttpClient/5.4.1-SNAPSHOT (Java/1.8.0_342)
2024-09-25 14:09:44,928 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 >> Upgrade: TLS/1.2
2024-09-25 14:09:44,928 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 >> Connection: Upgrade
2024-09-25 14:09:47,744 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << HTTP/1.1 200 OK
2024-09-25 14:09:47,744 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Date: Wed, 25 Sep 2024 12:09:47 GMT
2024-09-25 14:09:47,744 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Content-Type: application/json
2024-09-25 14:09:47,745 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Content-Length: 375
2024-09-25 14:09:47,745 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Server: gunicorn/19.9.0
2024-09-25 14:09:47,745 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Access-Control-Allow-Origin: *
2024-09-25 14:09:47,745 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Access-Control-Allow-Credentials: true
2024-09-25 14:09:47,745 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << X-Cache: MISS from 0fe073e489bb
2024-09-25 14:09:47,745 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << X-Cache-Lookup: MISS from 0fe073e489bb:8888
2024-09-25 14:09:47,745 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Via: 1.1 0fe073e489bb (squid/3.3.8)
2024-09-25 14:09:47,745 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Connection: keep-alive
2024-09-25 14:09:47,750 DEBUG
[main][org.apache.hc.client5.http.impl.classic.MainClientExec] ex-0000000001
connection can be kept alive for 3 MINUTES
----------------------------------------
GET /get->HTTP/1.1 200 OK
2024-09-25 14:09:47,756 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ep-0000000001 releasing valid endpoint
2024-09-25 14:09:47,757 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ep-0000000001 releasing endpoint
2024-09-25 14:09:47,757 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ep-0000000001 connection http-outgoing-0 can be kept alive for 3 MINUTES
2024-09-25 14:09:47,758 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ep-0000000001 connection released [route:
{}->http://localhost:8888->[http://httpbin.org:80]][total available: 1; route
allocated: 1 of 5; total allocated: 1 of 25]
2024-09-25 14:09:47,758 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
Shutdown connection pool GRACEFUL
2024-09-25 14:09:47,759 DEBUG
[main][org.apache.hc.client5.http.impl.io.DefaultManagedHttpClientConnection]
http-outgoing-0 close connection GRACEFUL
2024-09-25 14:09:47,759 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
Connection pool shut down
{noformat}
Oleg
[1]
https://github.com/apache/httpcomponents-client/blob/master/httpclient5/src/test/java/org/apache/hc/client5/http/examples/ClientExecuteProxy.java
was (Author: olegk):
I ran a few message exchnages using this sample [1] as a test case. The proxy
used for tests is Squid 3 running in a docker container. The target server is
httpbin.org that we all love.
This is the wire log of a message exchange executed through a proxy tunnel. As
you can see an `Upgrade` request header does not get added to outgoing message
given the tunnel has already been already TLS secured.
{noformat}
Executing request GET /get via http://localhost:8888
2024-09-25 14:08:20,739 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ex-0000000001 preparing request execution
2024-09-25 14:08:20,768 DEBUG
[main][org.apache.hc.client5.http.impl.classic.ProtocolExec] ex-0000000001
target auth state: UNCHALLENGED
2024-09-25 14:08:20,769 DEBUG
[main][org.apache.hc.client5.http.impl.classic.ConnectExec] ex-0000000001
acquiring connection with route
{tls}->http://localhost:8888->[https://httpbin.org:443]
2024-09-25 14:08:20,770 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ex-0000000001 acquiring endpoint (3 MINUTES)
2024-09-25 14:08:20,773 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ex-0000000001 endpoint lease request (3 MINUTES) [route:
{tls}->http://localhost:8888->[https://httpbin.org:443]][total available: 0;
route allocated: 0 of 5; total allocated: 0 of 25]
2024-09-25 14:08:20,778 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ex-0000000001 endpoint leased [route:
{tls}->http://localhost:8888->[https://httpbin.org:443]][total available: 0;
route allocated: 1 of 5; total allocated: 1 of 25]
2024-09-25 14:08:20,792 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ex-0000000001 acquired ep-0000000001
2024-09-25 14:08:20,793 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ex-0000000001 acquired endpoint ep-0000000001
2024-09-25 14:08:20,793 DEBUG
[main][org.apache.hc.client5.http.impl.classic.ConnectExec] ex-0000000001
opening connection {tls}->http://localhost:8888->[https://httpbin.org:443]
2024-09-25 14:08:20,794 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ep-0000000001 connecting endpoint (null)
2024-09-25 14:08:20,796 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ep-0000000001 connecting endpoint to http://localhost:8888 (3 MINUTES)
2024-09-25 14:08:20,797 DEBUG
[main][org.apache.hc.client5.http.impl.io.DefaultHttpClientConnectionOperator]
localhost resolving remote address
2024-09-25 14:08:20,797 DEBUG
[main][org.apache.hc.client5.http.impl.io.DefaultHttpClientConnectionOperator]
localhost resolved to [localhost/127.0.0.1]
2024-09-25 14:08:20,798 DEBUG
[main][org.apache.hc.client5.http.impl.io.DefaultHttpClientConnectionOperator]
http://localhost:8888 connecting null->localhost/127.0.0.1:8888 (3 MINUTES)
2024-09-25 14:08:20,799 DEBUG
[main][org.apache.hc.client5.http.impl.io.DefaultHttpClientConnectionOperator]
http-outgoing-0 http://localhost:8888 connected
/127.0.0.1:38572->localhost/127.0.0.1:8888
2024-09-25 14:08:20,799 DEBUG
[main][org.apache.hc.client5.http.impl.io.DefaultManagedHttpClientConnection]
http-outgoing-0 set socket timeout to 3 MINUTES
2024-09-25 14:08:20,800 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ep-0000000001 connected http-outgoing-0
2024-09-25 14:08:20,800 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ep-0000000001 endpoint connected
2024-09-25 14:08:20,801 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ep-0000000001 start execution ex-0000000001
2024-09-25 14:08:20,803 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ep-0000000001 executing exchange ex-0000000001 over http-outgoing-0
2024-09-25 14:08:20,804 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 >> CONNECT httpbin.org:443 HTTP/1.1
2024-09-25 14:08:20,804 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 >> Host: httpbin.org:443
2024-09-25 14:08:20,804 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 >> User-Agent: Apache-HttpClient/5.4.1-SNAPSHOT (Java/1.8.0_342)
2024-09-25 14:08:21,000 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << HTTP/1.1 200 Connection established
2024-09-25 14:08:21,000 DEBUG
[main][org.apache.hc.client5.http.impl.classic.ConnectExec] ex-0000000001
tunnel to target created.
2024-09-25 14:08:21,000 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ep-0000000001 upgrading endpoint
2024-09-25 14:08:21,002 DEBUG
[main][org.apache.hc.client5.http.impl.io.DefaultHttpClientConnectionOperator]
http-outgoing-0 upgrading to TLS httpbin.org:443
2024-09-25 14:08:21,041 DEBUG
[main][org.apache.hc.client5.http.ssl.AbstractClientTlsStrategy] Enabled
protocols: [TLSv1.2]
2024-09-25 14:08:21,042 DEBUG
[main][org.apache.hc.client5.http.ssl.AbstractClientTlsStrategy] Enabled cipher
suites: [TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_GCM_SHA384,
TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256,
TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA,
TLS_RSA_WITH_AES_128_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
2024-09-25 14:08:21,042 DEBUG
[main][org.apache.hc.client5.http.ssl.AbstractClientTlsStrategy] Starting
handshake (null)
2024-09-25 14:08:21,715 DEBUG
[main][org.apache.hc.client5.http.ssl.AbstractClientTlsStrategy] Secure session
established
2024-09-25 14:08:21,715 DEBUG
[main][org.apache.hc.client5.http.ssl.AbstractClientTlsStrategy] negotiated
protocol: TLSv1.2
2024-09-25 14:08:21,715 DEBUG
[main][org.apache.hc.client5.http.ssl.AbstractClientTlsStrategy] negotiated
cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
2024-09-25 14:08:21,715 DEBUG
[main][org.apache.hc.client5.http.ssl.AbstractClientTlsStrategy] Peer
principal: CN=httpbin.org
2024-09-25 14:08:21,716 DEBUG
[main][org.apache.hc.client5.http.ssl.AbstractClientTlsStrategy] peer
alternative names: [httpbin.org, *.httpbin.org]
2024-09-25 14:08:21,716 DEBUG
[main][org.apache.hc.client5.http.ssl.AbstractClientTlsStrategy] Issuer
principal: CN=Amazon RSA 2048 M02,O=Amazon,C=US
2024-09-25 14:08:21,718 DEBUG
[main][org.apache.hc.client5.http.impl.io.DefaultHttpClientConnectionOperator]
http-outgoing-0 upgraded to TLS httpbin.org:443
2024-09-25 14:08:21,718 DEBUG
[main][org.apache.hc.client5.http.impl.classic.MainClientExec] ex-0000000001
executing GET /get HTTP/1.1
2024-09-25 14:08:21,719 DEBUG
[main][org.apache.hc.client5.http.protocol.RequestUpgrade] Connection is
upgradable: protocol version = HTTP/1.1
2024-09-25 14:08:21,719 DEBUG
[main][org.apache.hc.client5.http.protocol.RequestAddCookies] ex-0000000001
Cookie spec selected: strict
2024-09-25 14:08:21,730 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ep-0000000001 start execution ex-0000000001
2024-09-25 14:08:21,730 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ep-0000000001 executing exchange ex-0000000001 over http-outgoing-0
2024-09-25 14:08:21,731 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 >> GET /get HTTP/1.1
2024-09-25 14:08:21,731 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 >> Accept-Encoding: gzip, x-gzip, deflate, br
2024-09-25 14:08:21,731 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 >> Host: httpbin.org:443
2024-09-25 14:08:21,731 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 >> Connection: keep-alive
2024-09-25 14:08:21,731 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 >> User-Agent: Apache-HttpClient/5.4.1-SNAPSHOT (Java/1.8.0_342)
2024-09-25 14:08:22,242 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << HTTP/1.1 200 OK
2024-09-25 14:08:22,242 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Date: Wed, 25 Sep 2024 12:08:22 GMT
2024-09-25 14:08:22,243 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Content-Type: application/json
2024-09-25 14:08:22,243 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Content-Length: 324
2024-09-25 14:08:22,243 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Connection: keep-alive
2024-09-25 14:08:22,243 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Server: gunicorn/19.9.0
2024-09-25 14:08:22,243 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Access-Control-Allow-Origin: *
2024-09-25 14:08:22,243 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Access-Control-Allow-Credentials: true
2024-09-25 14:08:22,249 DEBUG
[main][org.apache.hc.client5.http.impl.classic.MainClientExec] ex-0000000001
connection can be kept alive for 3 MINUTES
----------------------------------------
GET /get->HTTP/1.1 200 OK
2024-09-25 14:08:22,256 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ep-0000000001 releasing valid endpoint
2024-09-25 14:08:22,257 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ep-0000000001 releasing endpoint
2024-09-25 14:08:22,257 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ep-0000000001 connection http-outgoing-0 can be kept alive for 3 MINUTES
2024-09-25 14:08:22,258 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ep-0000000001 connection released [route:
{tls}->http://localhost:8888->[https://httpbin.org:443]][total available: 1;
route allocated: 1 of 5; total allocated: 1 of 25]
2024-09-25 14:08:22,258 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
Shutdown connection pool GRACEFUL
2024-09-25 14:08:22,258 DEBUG
[main][org.apache.hc.client5.http.impl.io.DefaultManagedHttpClientConnection]
http-outgoing-0 close connection GRACEFUL
2024-09-25 14:08:22,448 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
Connection pool shut down
{noformat}
This is the wire log of a message exchange executed using the proxy as an
intermediary (no tunnel involved). In this case an `Upgrade` header gets added
to outgoing HTTP requests. The message exchange succeeds and the proxy
correctly conveys 200 status from the target server to the client as expected.
The connection actually does not get upgraded. Apparently the proxy simply
chose to ignore the TLS upgrade request if it is not able or willing to execute
it. As it should.
{noformat}
Executing request GET /get via http://localhost:8888
2024-09-25 14:09:44,846 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ex-0000000001 preparing request execution
2024-09-25 14:09:44,874 DEBUG
[main][org.apache.hc.client5.http.impl.classic.ProtocolExec] ex-0000000001
target auth state: UNCHALLENGED
2024-09-25 14:09:44,875 DEBUG
[main][org.apache.hc.client5.http.impl.classic.ProtocolExec] ex-0000000001
proxy auth state: UNCHALLENGED
2024-09-25 14:09:44,876 DEBUG
[main][org.apache.hc.client5.http.impl.classic.ConnectExec] ex-0000000001
acquiring connection with route
{}->http://localhost:8888->[http://httpbin.org:80]
2024-09-25 14:09:44,876 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ex-0000000001 acquiring endpoint (3 MINUTES)
2024-09-25 14:09:44,879 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ex-0000000001 endpoint lease request (3 MINUTES) [route:
{}->http://localhost:8888->[http://httpbin.org:80]][total available: 0; route
allocated: 0 of 5; total allocated: 0 of 25]
2024-09-25 14:09:44,885 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ex-0000000001 endpoint leased [route:
{}->http://localhost:8888->[http://httpbin.org:80]][total available: 0; route
allocated: 1 of 5; total allocated: 1 of 25]
2024-09-25 14:09:44,899 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ex-0000000001 acquired ep-0000000001
2024-09-25 14:09:44,899 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ex-0000000001 acquired endpoint ep-0000000001
2024-09-25 14:09:44,899 DEBUG
[main][org.apache.hc.client5.http.impl.classic.ConnectExec] ex-0000000001
opening connection {}->http://localhost:8888->[http://httpbin.org:80]
2024-09-25 14:09:44,900 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ep-0000000001 connecting endpoint (null)
2024-09-25 14:09:44,901 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ep-0000000001 connecting endpoint to http://localhost:8888 (3 MINUTES)
2024-09-25 14:09:44,903 DEBUG
[main][org.apache.hc.client5.http.impl.io.DefaultHttpClientConnectionOperator]
localhost resolving remote address
2024-09-25 14:09:44,904 DEBUG
[main][org.apache.hc.client5.http.impl.io.DefaultHttpClientConnectionOperator]
localhost resolved to [localhost/127.0.0.1]
2024-09-25 14:09:44,904 DEBUG
[main][org.apache.hc.client5.http.impl.io.DefaultHttpClientConnectionOperator]
http://localhost:8888 connecting null->localhost/127.0.0.1:8888 (3 MINUTES)
2024-09-25 14:09:44,905 DEBUG
[main][org.apache.hc.client5.http.impl.io.DefaultHttpClientConnectionOperator]
http-outgoing-0 http://localhost:8888 connected
/127.0.0.1:42656->localhost/127.0.0.1:8888
2024-09-25 14:09:44,906 DEBUG
[main][org.apache.hc.client5.http.impl.io.DefaultManagedHttpClientConnection]
http-outgoing-0 set socket timeout to 3 MINUTES
2024-09-25 14:09:44,906 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ep-0000000001 connected http-outgoing-0
2024-09-25 14:09:44,906 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ep-0000000001 endpoint connected
2024-09-25 14:09:44,908 DEBUG
[main][org.apache.hc.client5.http.impl.classic.MainClientExec] ex-0000000001
executing GET http://httpbin.org:80/get HTTP/1.1
2024-09-25 14:09:44,909 DEBUG
[main][org.apache.hc.client5.http.protocol.RequestUpgrade] Connection is
upgradable: protocol version = HTTP/1.1
2024-09-25 14:09:44,909 DEBUG
[main][org.apache.hc.client5.http.protocol.RequestUpgrade] Connection is
upgradable to TLS: method = GET
2024-09-25 14:09:44,909 DEBUG
[main][org.apache.hc.client5.http.protocol.RequestAddCookies] ex-0000000001
Cookie spec selected: strict
2024-09-25 14:09:44,924 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ep-0000000001 start execution ex-0000000001
2024-09-25 14:09:44,926 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ep-0000000001 executing exchange ex-0000000001 over http-outgoing-0
2024-09-25 14:09:44,927 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 >> GET http://httpbin.org:80/get HTTP/1.1
2024-09-25 14:09:44,928 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 >> Accept-Encoding: gzip, x-gzip, deflate, br
2024-09-25 14:09:44,928 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 >> Host: httpbin.org:80
2024-09-25 14:09:44,928 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 >> User-Agent: Apache-HttpClient/5.4.1-SNAPSHOT (Java/1.8.0_342)
2024-09-25 14:09:44,928 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 >> Upgrade: TLS/1.2
2024-09-25 14:09:44,928 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 >> Connection: Upgrade
2024-09-25 14:09:47,744 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << HTTP/1.1 200 OK
2024-09-25 14:09:47,744 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Date: Wed, 25 Sep 2024 12:09:47 GMT
2024-09-25 14:09:47,744 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Content-Type: application/json
2024-09-25 14:09:47,745 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Content-Length: 375
2024-09-25 14:09:47,745 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Server: gunicorn/19.9.0
2024-09-25 14:09:47,745 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Access-Control-Allow-Origin: *
2024-09-25 14:09:47,745 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Access-Control-Allow-Credentials: true
2024-09-25 14:09:47,745 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << X-Cache: MISS from 0fe073e489bb
2024-09-25 14:09:47,745 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << X-Cache-Lookup: MISS from 0fe073e489bb:8888
2024-09-25 14:09:47,745 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Via: 1.1 0fe073e489bb (squid/3.3.8)
2024-09-25 14:09:47,745 DEBUG [main][org.apache.hc.client5.http.headers]
http-outgoing-0 << Connection: keep-alive
2024-09-25 14:09:47,750 DEBUG
[main][org.apache.hc.client5.http.impl.classic.MainClientExec] ex-0000000001
connection can be kept alive for 3 MINUTES
----------------------------------------
GET /get->HTTP/1.1 200 OK
2024-09-25 14:09:47,756 DEBUG
[main][org.apache.hc.client5.http.impl.classic.InternalHttpClient]
ep-0000000001 releasing valid endpoint
2024-09-25 14:09:47,757 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ep-0000000001 releasing endpoint
2024-09-25 14:09:47,757 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ep-0000000001 connection http-outgoing-0 can be kept alive for 3 MINUTES
2024-09-25 14:09:47,758 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
ep-0000000001 connection released [route:
{}->http://localhost:8888->[http://httpbin.org:80]][total available: 1; route
allocated: 1 of 5; total allocated: 1 of 25]
2024-09-25 14:09:47,758 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
Shutdown connection pool GRACEFUL
2024-09-25 14:09:47,759 DEBUG
[main][org.apache.hc.client5.http.impl.io.DefaultManagedHttpClientConnection]
http-outgoing-0 close connection GRACEFUL
2024-09-25 14:09:47,759 DEBUG
[main][org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManager]
Connection pool shut down
{noformat}
Oleg
[1]
https://github.com/apache/httpcomponents-client/blob/master/httpclient5/src/test/java/org/apache/hc/client5/http/examples/ClientExecuteProxy.java
> HTTP/1.1 TLS Upgrade (RFC-2817) should not be default
> -----------------------------------------------------
>
> Key: HTTPCLIENT-2344
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2344
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpClient (classic)
> Affects Versions: 5.4
> Reporter: Ben Plotnick
> Priority: Minor
> Fix For: 5.4.1
>
>
> Version 5.4 added RFC-2817 support, which by default tries to upgradeĀ since
> protocolUpgradeEnabled is default enabled.
> Although the strict reading of the spec would indicate that a server should
> ignore upgrade requests that it cannot service, conservative proxies might
> reject these requests entirely. This is the case in Envoy today
> I don't see a big advantage to enabling this by default and it is causing
> real issues now.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org
For additional commands, e-mail: dev-h...@hc.apache.org
