net/http: support socks5h proxy schema

Extend the net/http Transport to recognize the 'socks5h' schema as an
alias for 'socks5'. Traditionally, the 'socks5h' schema indicates that
the hostname should be resolved by the proxy server, which is behavior
already implemented in Go for 'socks5'.

Fixes #24135

Change-Id: I0a6a92bbd282a3200dc4dc7b47a9b0628f931783
Reviewed-on: https://go-review.googlesource.com/c/go/+/569977
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Damien Neil <dneil@google.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Reviewed-by: Damien Neil <dneil@google.com>

diff --git a/src/net/http/transport.go b/src/net/http/transport.go
index 828da01247b017f6e60a6667df3ed8bda69f6963..cc590f1b374ccbb56be0e9e5b62a159fb9602de6 100644 (file)
--- a/src/net/http/transport.go
+++ b/src/net/http/transport.go
@@ -114,8 +114,9 @@ type Transport struct {
        // request is aborted with the provided error.
        //
        // The proxy type is determined by the URL scheme. "http",
-       // "https", and "socks5" are supported. If the scheme is empty,
+       // "https", "socks5", and "socks5h" are supported. If the scheme is empty,
        // "http" is assumed.
+       // "socks5" is treated the same as "socks5h".
        //
        // If the proxy URL contains a userinfo subcomponent,
        // the proxy request will pass the username and password
@@ -440,7 +441,6 @@ func (t *Transport) onceSetNextProtoDefaults() {
 //
 // The environment values may be either a complete URL or a
 // "host[:port]", in which case the "http" scheme is assumed.
-// The schemes "http", "https", and "socks5" are supported.
 // An error is returned if the value is a different form.
 //
 // A nil URL and nil error are returned if no proxy is defined in the
@@ -1676,7 +1676,7 @@ func (t *Transport) dialConn(ctx context.Context, cm connectMethod) (pconn *pers
        switch {
        case cm.proxyURL == nil:
                // Do nothing. Not using a proxy.
-       case cm.proxyURL.Scheme == "socks5":
+       case cm.proxyURL.Scheme == "socks5" || cm.proxyURL.Scheme == "socks5h":
                conn := pconn.conn
                d := socksNewDialer("tcp", conn.RemoteAddr().String())
                if u := cm.proxyURL.User; u != nil {
@@ -2777,9 +2777,10 @@ func (pc *persistConn) closeLocked(err error) {
 }
 
 var portMap = map[string]string{
-       "http":   "80",
-       "https":  "443",
-       "socks5": "1080",
+       "http":    "80",
+       "https":   "443",
+       "socks5":  "1080",
+       "socks5h": "1080",
 }
 
 func idnaASCIIFromURL(url *url.URL) string {

diff --git a/src/net/http/transport_test.go b/src/net/http/transport_test.go
index 55222a67635114bd39e3475841a5e75e501896de..e407d1768af3f42111d62b6293aeeaaf9cd2692b 100644 (file)
--- a/src/net/http/transport_test.go
+++ b/src/net/http/transport_test.go
@@ -3282,6 +3282,7 @@ var proxyFromEnvTests = []proxyFromEnvTest{
        {env: "http://127.0.0.1:8080", want: "http://127.0.0.1:8080"},
        {env: "https://127.0.0.1:8080", want: "https://127.0.0.1:8080"},
        {env: "socks5://127.0.0.1", want: "socks5://127.0.0.1"},
+       {env: "socks5h://127.0.0.1", want: "socks5h://127.0.0.1"},
 
        // Don't use secure for http
        {req: "http://insecure.tld/", env: "http.proxy.tld", httpsenv: "secure.proxy.tld", want: "http://http.proxy.tld"},