;);
> }
> apr_brigade_destroy(temp);
> }
>
> This would still block in the non ssl case if directmode is not set to off
> explicitly. I would propose to change the default behaviour of directmode
> here to off as directmode seems to be something very special to
2015 10:58
>> To: dev@httpd.apache.org
>> Subject: Re: 2.4.17 test failure for mod_nntp_like_ssl when mod_http2 is
>> loaded
>>
>> The AP_MODE_INIT triggers the handshake nicely. But the protocol switching
>> still happens
>> on the first read. currently lo
ion");
>> }
>> apr_brigade_destroy(temp);
>> }
>>
>> This would still block in the non ssl case if directmode is not set to off
>> explicitly. I would propose to change the default behaviour of directmode
>> here to off as directmode seems
>>> ap_log_cerror(APLOG_MARK, APLOG_DEBUG, status, c,
>>> - "h2_h2, error reading 24 bytes speculative");
>>> + "h2_h2, Failed to init connection");
>>> }
>>> apr_
On Mon, Oct 12, 2015 at 11:13 AM, Rainer Jung wrote:
>
> Since I started this thread: IMHO this discussion shouldn't stop/influence
> 2.4.17. mod_http2 is experimental, so even a change of defaults in early
> releases should be OK. And any exotic interop problems are not
hat should be
explicitly enabled.
Regards
Rüdiger
> -Original Message-----
> From: Stefan Eissing [mailto:stefan.eiss...@greenbytes.de]
> Sent: Sonntag, 11. Oktober 2015 19:54
> To: dev@httpd.apache.org
> Subject: Re: 2.4.17 test failure for mod_nntp_like_ssl when mod_http2 is
>
s",
>>>> - (int)slen, s);
>>>> -}
>>>>}
>>>> +else {
>>>> + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, status, c,
>>>> +
> -Original Message-
> From: Stefan Eissing [mailto:stefan.eiss...@greenbytes.de]
> Sent: Montag, 12. Oktober 2015 10:58
> To: dev@httpd.apache.org
> Subject: Re: 2.4.17 test failure for mod_nntp_like_ssl when mod_http2 is
> loaded
>
> The AP_MODE_INIT trigg
It is default for some, others do not do it.
No browser speaks h2c nowadays.
I think reading bytes on a connection which is supposed to allow h2c traffic
should be fine. Then one could argue if 24 bytes can always be expected...
Since we no longer enabled h2c by default in a server, I expect
Am 12.10.2015 um 11:09 schrieb Stefan Eissing:
I plan to change it to only happen for servers, where h2/h2c is among
configured protocols.
Am 12.10.2015 um 11:07 schrieb Yann Ylavic :
On Sun, Oct 11, 2015 at 7:15 PM, Yann Ylavic wrote:
On Sun,
On Mon, Oct 12, 2015 at 11:12 AM, Yann Ylavic wrote:
> Is this something used by real world h2 clients?
I meant browers :p
I plan to change it to only happen for servers, where h2/h2c is among
configured protocols.
> Am 12.10.2015 um 11:07 schrieb Yann Ylavic :
>
> On Sun, Oct 11, 2015 at 7:15 PM, Yann Ylavic wrote:
>> On Sun, Oct 11, 2015 at 7:11 PM, Stefan Eissing
>>
On Sun, Oct 11, 2015 at 7:15 PM, Yann Ylavic wrote:
> On Sun, Oct 11, 2015 at 7:11 PM, Stefan Eissing
> wrote:
>> Don't think so. But loading the module should do no harm, I think. And it
>> does now.
>
> Isn't configuring H2Direct on which
That would be better, but still the doc says "This mode falls outside
the RFC 7540 but has become widely implemented as it is very
convenient for development and testing".
Is this something used by real world h2 clients?
On Mon, Oct 12, 2015 at 11:09 AM, Stefan Eissing
On 11 Oct 2015, at 7:00 PM, Stefan Eissing wrote:
> Ok, analyzed the code. Here is what seems to be happening:
>
> - mod_http2, in the connection hook, does a blocking, speculative read to
> a) make sure the ALPN has been triggered
Looking at the code inside the
With r1708107 I committed the following changes to /trunk:
mod_ssl:
- calling ap_switch_protocol directly after ap_select protocol from inside the
SSL ALPN callback. Error in switching will result in a TLS error which seems
correct. This makes sure that after the ALPN has been triggered, the
On 10/12/2015 02:12 AM, Yann Ylavic wrote:
That would be better, but still the doc says "[H2Direct] falls outside
the RFC 7540 but has become widely implemented as it is very
convenient for development and testing".
_Does_ it fall outside the RFC? Section 3.4 covers the establishment of
I get a test failure for 2.4.17 in the mod_nntp_like_ssl part. Te
failure happens on Solaris. Note that the nntp tests are disabled by
default on Linux because of problems with the kernel accept filter, so
that many of you wont run this test and thus not observe the problem.
The problems is
On Sun, Oct 11, 2015 at 9:32 AM, Rainer Jung wrote:
> The problems is that the test hangs after test 1 when waiting for the result
> of 2. On Solaris 8 the behavior changes a bit, there test 2 succeeds, but
> 3-5 receive an empty result. The difference might be due to
Am 11.10.2015 um 19:08 schrieb Yann Ylavic:
On Sun, Oct 11, 2015 at 7:00 PM, Stefan Eissing
wrote:
Ok, analyzed the code. Here is what seems to be happening:
- mod_http2, in the connection hook, does a blocking, speculative read to
a) make sure the ALPN has
> Am 11.10.2015 um 19:19 schrieb Rainer Jung :
>
> Am 11.10.2015 um 19:08 schrieb Yann Ylavic:
>> On Sun, Oct 11, 2015 at 7:00 PM, Stefan Eissing
>> wrote:
>>> Ok, analyzed the code. Here is what seems to be happening:
>>>
>>> - mod_http2,
On Sun, Oct 11, 2015 at 7:00 PM, Stefan Eissing
wrote:
> Ok, analyzed the code. Here is what seems to be happening:
>
> - mod_http2, in the connection hook, does a blocking, speculative read to
> a) make sure the ALPN has been triggered
> b) check for the magic
On Sun, Oct 11, 2015 at 7:11 PM, Stefan Eissing
wrote:
> Don't think so. But loading the module should do no harm, I think. And it
> does now.
Isn't configuring H2Direct on which harms?
Ok, in ssl_engine_io.c, lines 1426+ I see a hint:
/* XXX: we could actually move ssl_io_filter_handshake to an
* ap_hook_process_connection but would still need to call it for
* AP_MODE_INIT for protocols that may upgrade the connection
* rather than have SSLEngine On
Hmm, will look into this. The module does a speculative non_blocking read on
the connection.
That happens only if H2Direct is "on", which I enabled to allow test when the
client does not have ALPN.
Then it can detect on the first 24 bytes if the client starts talking h2 right
away. Is doing
Ok, analyzed the code. Here is what seems to be happening:
- mod_http2, in the connection hook, does a blocking, speculative read to
a) make sure the ALPN has been triggered
b) check for the magic 24 bytes h2 preface in case H2Direct is on
This works fine for HTTP/1.1 or protocols where the
Don't think so. But loading the module should do no harm, I think. And it does
now.
I am not familiar with the NNTP use case. Is this always an NNTP-only server
then?
> Am 11.10.2015 um 19:08 schrieb Yann Ylavic :
>
> On Sun, Oct 11, 2015 at 7:00 PM, Stefan Eissing
>
What is the penalty of invoking SSL_do_handshake(ssl) on the server side for a
new connection? We do this on renegotiate and upgrade cases...
> Am 11.10.2015 um 19:23 schrieb Stefan Eissing :
>
>
>> Am 11.10.2015 um 19:19 schrieb Rainer Jung
28 matches
Mail list logo