Skip to content

feat(grpc): Add resolver wrapper to handle HTTP CONNECT proxy configuration#2679

Open
arjan-bal wants to merge 11 commits into
grpc:masterfrom
arjan-bal:http-proxy-resolver
Open

feat(grpc): Add resolver wrapper to handle HTTP CONNECT proxy configuration#2679
arjan-bal wants to merge 11 commits into
grpc:masterfrom
arjan-bal:http-proxy-resolver

Conversation

@arjan-bal

@arjan-bal arjan-bal commented Jun 8, 2026

Copy link
Copy Markdown
Contributor

This PR includes changes from grpc/grpc-rust#2677.

It implements a resolver wrapper that determines proxy routing by checking the HTTPS_PROXY and NO_PROXY environment variables. By default, hyper-util matches cURL's behavior by falling back to ALL_PROXY when HTTPS_PROXY is unset. However, because Go's FromEnvironment and gRPC C++ ignore ALL_PROXY, gRPC Rust manually configures the Matcher to bypass it, ensuring cross-language consistency.

Resolution Flow
When HttpsProxyResolver::Builder builds a resolver for a target URI, it uses hyper_util::client::proxy::Matcher to evaluate the environment variables:

  1. Direct Connection: If no proxy is required, it delegates resolution entirely to the wrapped child builder, bypassing the proxy resolver.
  2. Proxied Connection: If a proxy is required, it creates an HttpsProxyResolver, which uses the child DNS resolver to resolve the proxy server's hostname instead of the target.
  3. Attribute Injection: The HttpsProxyResolver intercepts resolution updates from the child resolver. It attaches the necessary proxy configuration (the original target authority and basic auth credentials) as attributes to each resolved proxy address.

In follow-up PRs, the subchannel will read these address attributes to wrap the channel credentials and carry out the HTTP CONNECT handshake prior to the standard credential handshake.

Internal design doc: go/grpc-rust-http-connect

@arjan-bal

arjan-bal commented Jun 8, 2026

Copy link
Copy Markdown
Contributor Author

/gemini review

gemini-code-assist[bot]
gemini-code-assist Bot reviewed Jun 8, 2026
View reviewed changes

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request refactors the gRPC client to support arbitrary byte-based addresses (via ByteStr) instead of requiring valid UTF-8 strings, enabling support for non-UTF-8 unix socket paths. It also introduces an HTTP CONNECT proxy resolver that intercepts DNS resolution and applies proxy configurations based on environment variables. The review feedback suggests bypassing proxy resolution entirely for non-DNS schemes (like unix or inmemory), safely handling empty NO_PROXY environment variables, and updating tests to verify that unix paths correctly bypass the proxy.

Comment thread grpc/src/client/name_resolution/proxy_resolver.rs
Comment thread grpc/src/client/name_resolution/proxy_resolver.rs
Comment thread grpc/src/client/name_resolution/proxy_resolver.rs
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@arjan-bal