When “--multi-target-endpoint” is specified, nh_client fails to parse the SNI of each domain name based on multiple target domain names and request headers

[yjzhang73]

Title:
When “--multi-target-endpoint” is specified, nh_client fails to parse the SNI of each domain name based on multiple target domain names and request headers.

Description:
I want to implement a function: nh_client simultaneously sends 2 HTTPS requests to 2 domain names provided by one nh_test_server, and nh_test_server selects different filter_chains to response based on the SNI in the TLS handshake information. But nh_client failed to parse the SNI of each domain name based on multiple target domain names and request headers, so the TLS handshake fails.

Does nh support sending HTTPS requests to multiple different target domain names with different SNIs in transport_socket at the same time? Could you please tell me how to modify my CMD in next section to achieve my purpose?

Reproduction steps:

• I use the following CMD to send HTTPS request to nh_test_server:
  taskset -c 10 nighthawk_client --max-requests-per-connection 1 --rps 2  --duration 2 --request-body-size 400 --address-family v4 -p http2 --multi-target-use-https --multi-target-endpoint example1.com:10000 --multi-target-endpoint example2.com:10000 --multi-target-path "/“
  or
  taskset -c 10 nighthawk_client --max-requests-per-connection 1 --rps 2 --duration 2 --request-body-size 400 --address-family v4 -p http2 --multi-target-use-https --multi-target-endpoint example1.com:10000 --request-header 'host: example1.com' --multi-target-endpoint example2.com:10000 --request-header 'host: example2.com' --multi-target-path "/" -v debug
• In order to perform correct DNS resolution, I configured the nh_test_server IP (192.168.126.18) in the hosts file：
  192.168.126.18 example1.com example2.com
• nighthawk_test_server selects different filter_chains to response based on the server name. The configuration file is as follows:
  nh_test_server_config.txt

Logs:
Log of CMD taskset -c 10 bazel-bin/nighthawk_client --max-requests-per-connection 1 --rps 2 --duration 2 --request-body-size 400 --address-family v4 -p http2 --multi-target-use-https --multi-target-endpoint example1.com:10000 --request-header 'host: example1.com' --multi-target-endpoint example2.com:10000 --request-header 'host: example2.com' --multi-target-path "/" -v debug is as follow:


From the above log, I found that the computed server name indication is '', and the transport_socket does not contain ”sni“. I think this is the main reason for the SSL handshake failure.

I found in the source code that computeSniHost called by createTransportSocket does not support parsing multi uris and request headers into multiple SNIs, and transport_socket can only be configured once. So I'm not sure if nh supports sending HTTPS requests to multiple different target domain names with different SNIs in transport_socket at the same time?

I also tested the accessibility of domain names example1.com and example2.com provided by nh_test_server using curl:
curl --noproxy "example1.com" -kv https://example1.com:10000, it successes.
The result is as follows:

[mum4k]

Thank you for reporting this @yjzhang73, I agree with your conclusion that the current code doesn't correctly calculate SNIs when having multiple targets. Nighthawk would need to be updated to perform the SNI calculation accordingly when --multi-target-endpoint is in use.

Are you interested and able to modify the code to improve this functionality?