-
Notifications
You must be signed in to change notification settings - Fork 10.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Python client cannot communicate with C# server using unix socket #34305
Comments
Thanks for the reproduction script! I'm able to reproduce it locally. This is log from the working script: https://gist.github.com/XuanWang-Amos/5afe7cbbfa5b00047439b18904b84615
|
Found the culprit: #33571 @markdroth Can you help take a look? |
Looks like this is expected, can you try override the authority by setting the GRPC_ARG_DEFAULT_AUTHORITY channel arg? |
In Python or in C# ? and to which value do you reckon (in the reproduction example) ? |
I wouldn't say this is "expected", really. What's suggested is more of a workaround, since we believe the headers being sent by default are valid, but are being rejected by the server as invalid. |
You can add the channel arg to python client like this:
|
Did this, and doesn't change anything in my test |
I tried it locally and it fixed the issue for me, can you add env vars |
Retried it today, it works indeed (didn't have enough delay between server starting and client) |
More than 30 days have passed since label "disposition/requires reporter action" was added. Closing this issue. Please feel free to re-open/create a new issue if this is still relevant. |
This issue is still not resolved |
It does seem like when a unix socket is used that the authority for the channel should be |
I don't see why that behavior would be more correct. The authority should be determined by the target used to create the channel. In this case, the target is a UDS socket, not "localhost". |
The authority is supposed to be the host's name. The host is not the socket; the best we can assume at that point is "localhost". At least, this is what we decided back in 2020. [Edit: sorry, somehow I botched adding this link] It looks like node's HTTP server requires/d |
The authority is intended to reflect the name that the client used to reach the server. In the case of UDS, it's the path to the socket. The initial decision in grpc/grpc-go#2628 was to escape special characters in the authority header, which is what we're now doing. It looks like the only reason that you instead went with "localhost" was because at the time, it would have been harder to do the escaping. I don't see any actual argument in that issue that "localhost" is actually the right behavior from a correctness perspective. |
The problem is it isn't defined anywhere what should be used in this case. HTTP[/2] just says it's "the authority portion of the URI" with the implication that you only make HTTP connections when a URI is involved, which it isn't in the case of gRPC (ignoring the conflation with the way we specify our targets using URIs in a different way than how a browser does), and doesn't make sense when a file is used as the transport instead of a TCP connection. The extra complexity comes in with the downstream effects, namely, the authority passed to the credentials. This is interpreted by the credentials as a "server name", where "localhost" makes more sense than "/tmp/file", and in fact, of the two, only "localhost" is allowed by the TLS SNI spec: https://datatracker.ietf.org/doc/html/rfc6066#section-3
IIRC, this is the main reason we chose to go with "localhost" at the time, even though it's not mentioned in the issue. I've always thought of our (FWIW I also found whatwg/url#577 when looking for info on this, which may be of interest.) |
This issue also affects c++ clients. I'm seeing this on both Ubuntu 22.04 and Windows 11 with gRPC version 1.63.0-pre2. We're using the workaround with Reproduction repo is here for anyone interested: https://github.com/gmcchessney/gRPC-UDS-RST_STREAM-Error |
Looks like we need more discussion on this issue, assigning it to the Core team. |
What version of gRPC and what language are you using?
Python
gRPC 1.57.0 (1.58.0 is also affected, 1.56.0 is NOT affected)
What operating system (Linux, Windows,...) and version?
Linux (Ubuntu 22.04)
What runtime / compiler are you using (e.g. python version or version of gcc)
Python 3.10.12 (but same issue with Python 3.7-slim docker)
What did you do?
What did you expect to see?
Request succeeding
What did you see instead?
With Python gRPC 1.57.0
Kestrel rejects the connection with the following error :
Note that unix sockets work between Python clients and Python servers
This bug is present in the 1.57.0, and 1.58.0 releases
This bug is NOT present in 1.56.0
Anything else we should know about your project / environment?
You can find a "simple" reproduction example here : https://github.com/dbrasseur-aneo/grpc1.57bug
To use this reproduction example you need :
Follow the reproduction steps:
The text was updated successfully, but these errors were encountered: