New issue
Advanced search Search tips

Issue 622181 link

Starred by 3 users
Status: WontFix
Owner: ----
Closed: Jun 2016
Components:
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 2
Type: Bug



Sign in to add a comment

On Windows not work h2 protocol, but on Linux all ok (ALPN is present on Linux server)

Reported by mikhail....@gmail.com, Jun 22 2016 
UserAgent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2767.5 Safari/537.36

Example URL:
https://dev.sy24.ru/

Steps to reproduce the problem:
1. Open https://dev.sy24.ru/
2. Go to Dev tools -> Network
3. Add column with protocol

What is the expected behavior?

What went wrong?
]# echo | openssl s_client -alpn h2 -connect dev.sy24.ru:443 | grep ALPN
depth=2 C = IL, O = StartCom Ltd., OU = Secure Digital Certificate Signing, CN = StartCom Certification Authority
verify return:1
depth=1 C = IL, O = StartCom Ltd., OU = StartCom Certification Authority, CN = StartCom Class 1 DV Server CA
verify return:1
depth=0 CN = sy24.ru
verify return:1
ALPN protocol: h2
DONE

Did this work before? N/A 

Chrome version: 53.0.2767.5  Channel: dev
OS Version: 6.1 (Windows 7, Windows Server 2008 R2)
Flash Version: Shockwave Flash 22.0 r0
chrome_sy.png
330 KB View Download

Comment 1 by mikhail....@gmail.com, Jun 22 2016 

Linux screenshot
Screenshot from 2016-06-22 13-19-52.png
285 KB View Download

Comment 2 by cbentzel@chromium.org, Jun 22 2016 

I tried this on OSX. ALPN is negotiated but the server chooses http/1.1 for
some reason.

On Wed, Jun 22, 2016 at 4:21 AM mikhail.v.gavrilov at gmail.com via
Monorail <monorail@chromium.org> wrote:

Comment 3 by davidben@chromium.org, Jun 22 2016

Status: WontFix (was: Unconfirmed)
There is nothing platform-specific about our ALPN code. This is a problem on the server deployment. dev.sy24.ru has IPv4 and IPv6 addresses.

$ dig A dev.sy24.ru
[...]
dev.sy24.ru.		21138	IN	A	213.136.82.171
[...]

$ dig AAAA dev.sy24.ru
[...]
dev.sy24.ru.		21135	IN	AAAA	2a02:c207:2002:5208::1
[...]

The IPv6 address selects HTTP/2 just fine.

$ ./build/tool/bssl client -connect '[2a02:c207:2002:5208::1]:443' -alpn-protos http/1.1,h2
Connecting to [2a02:c207:2002:5208::1]:443
Connected.
  Version: TLSv1.2
  Resumed session: no
  Cipher: ECDHE-RSA-AES128-GCM-SHA256
  ECDHE curve: P-256
  Secure renegotiation: yes
  Extended master secret: no
  Next protocol negotiated: 
  ALPN protocol: h2
  Cert subject: CN = sy24.ru
  Cert issuer: C = IL, O = StartCom Ltd., OU = StartCom Certification Authority, CN = StartCom Class 1 DV Server CA
�����^C

The IPv4 address selects HTTP/1.1.

$ ./build/tool/bssl client -connect '213.136.82.171:443' -alpn-protos http/1.1,h2
Connecting to 213.136.82.171:443
Connected.
  Version: TLSv1.2
  Resumed session: no
  Cipher: ECDHE-RSA-AES128-GCM-SHA256
  ECDHE curve: P-256
  Secure renegotiation: yes
  Extended master secret: no
  Next protocol negotiated: 
  ALPN protocol: http/1.1
  Cert subject: CN = sy24.ru
  Cert issuer: C = IL, O = StartCom Ltd., OU = StartCom Certification Authority, CN = StartCom Class 1 DV Server CA
^C

Comment 4 by mikhail....@gmail.com, Jun 22 2016 

Thanks you for helping find misconfiguration.
http2 option is absent for IPv4 listener.
Untitled.png
57.6 KB View Download

Sign in to add a comment