New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
net/http: can't handle Onion domains #42283
Comments
Thank you for filing this issue/question @Danger89 and welcome to the Go project! Technically, given that .onion addresses aren't actual DNS names, they require you to connect to Tor first and then the Tor protocol will handle the tunnelling and direction to the appropriate resource -- thus DNS requests are ALWAYS going to fail if you don't have an appropriate reverse proxy. If you have your Tor compatible proxy running, you can create a reverse proxy in Go code by https://golang.org/pkg/net/http/httputil/#NewSingleHostReverseProxy or just set in your environment HTTP_PROXY as per https://golang.org/pkg/net/http/#RoundTripper. From Go's stand point, and from pretty much every language and browser, without Tor-enabled support, resolving such domains won't work. Here is a reference to Facebook describing the problem and them announcing their .onion site https://www.facebook.com/notes/protect-the-graph/making-connections-to-facebook-more-secure/1526085754298237/ For a reference to a deliberate decision not to resolve them unless there is a SOCK5 proxy, please see #13705. I am going to close this issue as non-actionable in 1 day, but in case someone else wants to chime in, or please feel free to correct me. |
I agree with Odeke. We don't plan to support Tor natively in the standard library. |
@odeke-em You know that Tor runs a Does GO support |
Apparently it doesn't ;( |
Using |
What version of Go are you using (
go version
)?go1.13.8 linux/amd64
Does this issue reproduce with the latest release?
Yes
What operating system and processor architecture are you using (
go env
)?go env
OutputWhat did you do?
While using the Go net/http package, try to connect to an valid onion address.
In my case I'm using Drone a CI tool in Docker written in Golang. Drone tries via Oauth2 to connect to the Git server (eg. Gitea), but the POST request on
http://mydomain.onion/login/oauth/access_token
for Gitea fails: no suitable address found. See code lines below for more details what Drone is doing.Usage example: Code line of HTTP package usage in Drone.
Usage example 2: Call to Oauth2 package
--> Code line of HTTP usage in Oauth2 package of Drone
What did you expect to see?
I would expect that Golang is able to connect to onion domains by using the
http
package, WITHOUT errors.What did you see instead?
Output of Drone:
More reports
I'm not the only one suffering from this problem. Maybe not fully related, but somebody that tries to use
go get
by using a onion domain to fetch packages: https://www.reddit.com/r/techsupport/comments/981frd/need_help_with_golang_and_tor/It could be touching the same code base in Go?
Thanks.
Regards,
Melroy van den Berg
The text was updated successfully, but these errors were encountered: