Hmm, I have it working fine (Python 2.7/3.5, w/ Cryptography wheels on OS X)...
The default ciphers in Twisted are: ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS So I am not sure why it's not picking up "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" first... - Amber > On 10 Jul 2016, at 01:30, Paweł Miech <pawel...@gmail.com> wrote: > > Thanks for fixing this. > > Did anyone actually manage to make HTTP2 in Twisted work with Google-Chrome? > I tried to do this today, and it seems this is surprisingly difficult. It > turns out that Chrome requires ALPN and it dropped support for NPN. ALPN is > only supported with OpenSSL 1.0.2 or above, which by default is not available > in most systems. This is discussed here. I tried setting up docker image with > Ubuntu 16.04 that has required version of OpenSSL, but it seems that Chrome > still doesn't like it. It returns ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY > error and fails to load page. Looking up this error I found out this might be > happening because some TSL ciphers are blacklisted in HTTP2, there is nice > answer about this here it links to this part of HTTP2 spec > https://http2.github.io/http2-spec/#rfc.section.9.2.2 > > My question is: should user deal with this kind of stuff themselves? If some > ciphers are blacklisted in HTTP2 shouldn't this be handled somewhere in > Twisted? E.g. perhaps there should be some Http2SSLContextFactory? If you'd > like to reproduce this I did some sample repo here: > https://github.com/pawelmhm/sf-books-http2 it contains dockerfile that builds > from Ubuntu 16.04 and runs simple Twisted HTTP 2 resource. > > 2016-07-04 13:48 GMT+02:00 Craig Rodrigues <rodr...@crodrigues.org>: > On Sun, Jul 3, 2016 at 3:15 AM, Paweł Miech <pawel...@gmail.com> wrote: > HTTP2 support sounds really exciting. > > > Please let me know if you have any issues, as well as if you don't! If > > everything works well, that's a good thing for me to know :) > > I played around with this today and found out that the command you recommend: > > > pip install -U > > https://twistedmatrix.com/Releases/pre/16.3.0pre2/Twisted-16.3.0rc2.tar.bz2#egg=Twisted[http2,tls] > > does NOT install dependencies when ran on Python 3, I had to manually install > h2 to HTTP2 support to work. It works ok on Python 2. My installation logs on > Python 3.4 look like this: > > > I think I've fixed that in trunk with this: > > https://github.com/twisted/twisted/pull/287 > > -- > Craig > > _______________________________________________ > Twisted-Python mailing list > Twisted-Python@twistedmatrix.com > http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python > > > _______________________________________________ > Twisted-Python mailing list > Twisted-Python@twistedmatrix.com > http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Twisted-Python mailing list Twisted-Python@twistedmatrix.com http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python