[PR #345] [MERGED] fix(http): populate Request.TLS for private HTTPS via httpConnCtx #7794

Closed
opened 2026-06-22 00:23:56 -05:00 by GiteaMirror · 0 comments
Owner

📋 Pull Request Information

Original PR: https://github.com/fosrl/newt/pull/345
Author: @LaurenceJJones
Created: 5/8/2026
Status: Merged
Merged: 5/8/2026
Merged by: @oschwartz10612

Base: devHead: investigate/https-permanent-redirect-loop


📝 Commits (1)

  • 146e783 fix(http): populate Request.TLS for private HTTPS via httpConnCtx

📊 Changes

2 files changed (+63 additions, -0 deletions)

View changed files

📝 netstack2/http_handler.go (+15 -0)
netstack2/http_handler_tls_test.go (+48 -0)

📄 Description

Community Contribution License Agreement

By creating this pull request, I grant the project maintainers an unlimited,
perpetual license to use, modify, and redistribute these contributions under any terms they
choose, including both the AGPLv3 and the Fossorial Commercial license terms. I
represent that I have the right to grant this license for all contributed content.

Description

net/http only sets Request.TLS for *tls.Conn or conns implementing ConnectionState(). Our listener wrapped tls.Server in httpConnCtx with an embedded net.Conn, so TLS was never surfaced and r.TLS stayed nil. That triggered the HTTP→HTTPS permanent redirect on every request for HTTPS rules.

Add ConnectionState() on httpConnCtx delegating to the underlying TLS conn. Add tests for TLS forwarding and plain TCP.

How to test?

added golang tests for regression


🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/fosrl/newt/pull/345 **Author:** [@LaurenceJJones](https://github.com/LaurenceJJones) **Created:** 5/8/2026 **Status:** ✅ Merged **Merged:** 5/8/2026 **Merged by:** [@oschwartz10612](https://github.com/oschwartz10612) **Base:** `dev` ← **Head:** `investigate/https-permanent-redirect-loop` --- ### 📝 Commits (1) - [`146e783`](https://github.com/fosrl/newt/commit/146e7835eb541c7f0dc6fba2a22b4ccfc37fdde8) fix(http): populate Request.TLS for private HTTPS via httpConnCtx ### 📊 Changes **2 files changed** (+63 additions, -0 deletions) <details> <summary>View changed files</summary> 📝 `netstack2/http_handler.go` (+15 -0) ➕ `netstack2/http_handler_tls_test.go` (+48 -0) </details> ### 📄 Description ## Community Contribution License Agreement By creating this pull request, I grant the project maintainers an unlimited, perpetual license to use, modify, and redistribute these contributions under any terms they choose, including both the AGPLv3 and the Fossorial Commercial license terms. I represent that I have the right to grant this license for all contributed content. ## Description net/http only sets Request.TLS for *tls.Conn or conns implementing ConnectionState(). Our listener wrapped tls.Server in httpConnCtx with an embedded net.Conn, so TLS was never surfaced and r.TLS stayed nil. That triggered the HTTP→HTTPS permanent redirect on every request for HTTPS rules. Add ConnectionState() on httpConnCtx delegating to the underlying TLS conn. Add tests for TLS forwarding and plain TCP. ## How to test? added golang tests for regression --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2026-06-22 00:23:56 -05:00
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/newt#7794