HTTP is the most widely used data exchange protocol on the Internet. With the development of the Internet, the protocol has undergone several major version upgrades, from the original HTTP/1 to HTTP/2, and then to the current QUIC-based protocol HTTP/3.
The original HTTP protocol is a request-response interaction method. The client initiates the request actively, and the server sends the processing result back to the client after receiving the request. This method cannot maintain a long connection between the client and the server, so it is difficult to achieve two-way real-time data transmission. In order to realize full-duplex communication, the HTTP protocol has been extended in various ways, such as adding CONNECT method, Websocket extension protocol, HTTP/2 server push and HTTP/3 WebTransport. GOST already supports most of the above functions.
The CONNECT method is used to establish a proxy connection for HTTP. Strictly speaking, it cannot be called a tunnel. However, its essence is to establish a long connection that can communicate in both directions, so it is uniformly regarded as a tunnel here.
HTTP CONNECT MEthod¶
The above is a simplest HTTP proxy service with authentication function.
The client itself is also an HTTP proxy service and forwards the request to the up-stream HTTP proxy service through the forwarding chain.
Plain HTTP Tunnel(pht)¶
The CONNECT method is not supported by all services. In order to be as general as possible, GOST uses the GET and POST methods in the original HTTP protocol to implement data tunnel, including encrypted phts and plaintext pht modes.
Websocket is an extension protocol added in HTTP/1 for establishing long connections.
The authentication information here is set for SOCKS5 proxy, and websocket currently does not support authentication settings.
There are two ways to use HTTP/2 in GOST, proxy mode and tunnel mode.
HTTP/2 CONNECT Method¶
HTTP/2 implements proxy mode using the same CONNECT method as HTTP.
HTTP/2 can use encrypted (h2) and plaintext (h2c) modes as a tunnel.
GOST does not support the server push function of HTTP/2.
gRPC is based on HTTP/2, so it has the inherent advantages of HTTP/2 itself. In addition, gRPC naturally supports bidirectional streaming, so it is very suitable as a tunnel.
gRPC uses TLS encryption by default and can communicate in clear text by setting the
The HTTP/3 protocol supports the CONNECT method and the WebTransport method to establish a tunnel.
GOST currently does not support the above two methods, but establishes a tunnel by using pht on top of HTTP/3
WebTransport is currently in the early draft stage, and GOST will add support for it when the time is right.