Curl (or server) offers HTTP/2 but falls back to HTTP/1.1

Fri, 28 Jul 2023 00:48:06 -0700 

curl-8.1.2-1.fc39.x86_64

I'm trying to force HTTP/2 to a particular server in my program (to
test multiplexing).  For some reason the server always falls back to
HTTP/1.1, even when I use CURL_HTTP_VERSION_2_0 or
CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE.

Actually it happens at the command line too, see below.

Why is this?

$ curl -v -I --http2 
https://gemmei.ftp.acc.umu.se/images/cloud/bookworm/daily/latest/debian-12-backports-generic-amd64-daily.qcow2
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* 
  Trying [2001:6b0:19::137]:443...
* Connected to gemmei.ftp.acc.umu.se (2001:6b0:19::137) port 443 (#0)
* ALPN: offers h2,http/1.1
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
*  CAfile: /etc/pki/tls/certs/ca-bundle.crt
*  CApath: none
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [21 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [4564 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [264 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [36 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [36 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
* ALPN: server accepted http/1.1
* Server certificate:
*  subject: CN=ftp.acc.umu.se
*  start date: Jul 11 21:18:48 2023 GMT
*  expire date: Oct  9 21:18:47 2023 GMT
*  subjectAltName: host "gemmei.ftp.acc.umu.se" matched cert's 
"gemmei.ftp.acc.umu.se"
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
* using HTTP/1.1
} [5 bytes data]
> HEAD 
> /images/cloud/bookworm/daily/latest/debian-12-backports-generic-amd64-daily.qcow2
>  HTTP/1.1
> Host: gemmei.ftp.acc.umu.se
> User-Agent: curl/8.1.2
> Accept: */*
> 
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [249 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [249 bytes data]
* old SSL session ID is stale, removing
{ [5 bytes data]
< HTTP/1.1 200 OK
< Date: Fri, 28 Jul 2023 07:34:29 GMT
< Server: Apache/2.4.55 (Unix)
< Last-Modified: Thu, 27 Jul 2023 06:16:27 GMT
< Content-Length: 378874880
< Accept-Ranges: bytes
< Age: 357
< 
  0  361M    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
* Connection #0 to host gemmei.ftp.acc.umu.se left intact
HTTP/1.1 200 OK
Date: Fri, 28 Jul 2023 07:34:29 GMT
Server: Apache/2.4.55 (Unix)
Last-Modified: Thu, 27 Jul 2023 06:16:27 GMT
Content-Length: 378874880
Accept-Ranges: bytes
Age: 357


Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
libguestfs lets you edit virtual machines.  Supports shell scripting,
bindings from many languages.  http://libguestfs.org

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* 
  Trying [2001:6b0:19::137]:443...
* Connected to gemmei.ftp.acc.umu.se (2001:6b0:19::137) port 443 (#0)
* ALPN: offers h2,http/1.1
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
*  CAfile: /etc/pki/tls/certs/ca-bundle.crt
*  CApath: none
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [21 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [4564 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [264 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [36 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [36 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
* ALPN: server accepted http/1.1
* Server certificate:
*  subject: CN=ftp.acc.umu.se
*  start date: Jul 11 21:18:48 2023 GMT
*  expire date: Oct  9 21:18:47 2023 GMT
*  subjectAltName: host "gemmei.ftp.acc.umu.se" matched cert's 
"gemmei.ftp.acc.umu.se"
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
* using HTTP/1.1
} [5 bytes data]
> HEAD 
> /images/cloud/bookworm/daily/latest/debian-12-backports-generic-amd64-daily.qcow2
>  HTTP/1.1
> Host: gemmei.ftp.acc.umu.se
> User-Agent: curl/8.1.2
> Accept: */*
> 
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [249 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [249 bytes data]
* old SSL session ID is stale, removing
{ [5 bytes data]
< HTTP/1.1 200 OK
< Date: Fri, 28 Jul 2023 07:34:29 GMT
< Server: Apache/2.4.55 (Unix)
< Last-Modified: Thu, 27 Jul 2023 06:16:27 GMT
< Content-Length: 378874880
< Accept-Ranges: bytes
< Age: 357
< 
  0  361M    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
* Connection #0 to host gemmei.ftp.acc.umu.se left intact
HTTP/1.1 200 OK
Date: Fri, 28 Jul 2023 07:34:29 GMT
Server: Apache/2.4.55 (Unix)
Last-Modified: Thu, 27 Jul 2023 06:16:27 GMT
Content-Length: 378874880
Accept-Ranges: bytes
Age: 357


-- 
Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library
Etiquette:   https://curl.se/mail/etiquette.html

Reply via email to