Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HttpServer::bind_ssl not upgrading connections to HTTP/2 #519

Closed
transkatgirl opened this issue Sep 23, 2018 · 2 comments
Closed

HttpServer::bind_ssl not upgrading connections to HTTP/2 #519

transkatgirl opened this issue Sep 23, 2018 · 2 comments
Labels
C-bug Category: bug

Comments

@transkatgirl
Copy link

transkatgirl commented Sep 23, 2018
edited
Loading

When connecting to a HTTPS server built with actix-web, TLS-ALPN fails to work properly, and HTTP/1.1 is used instead of HTTP/2.

The documentation says that "actix-web automatically upgrades connections to HTTP/2.0 if possible", but it appears that it's not being upgraded properly.

Here's a simple example server to show the issue:

extern crate actix_web;
extern crate openssl;
use actix_web::{server, App, HttpRequest};
use openssl::ssl::{SslMethod, SslAcceptor, SslFiletype};

fn index(_req: &HttpRequest) -> &'static str {
    "Hello world!"
}

fn main() {
    let mut builder = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap();
    builder.set_private_key_file("key.pem", SslFiletype::PEM).unwrap();
    builder.set_certificate_chain_file("cert.pem").unwrap();

    server::new(|| App::new().resource("/", |r| r.f(index)))
	.bind_ssl("[::]:8181", builder)
	.unwrap()
	.run();
}

And, here's the output when I attempt to connect to it through curl (truncated):

* Connected to localhost (::1) port 8181 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
...
* SSL connection using TLSv1.2 / ECDHE-ECDSA-CHACHA20-POLY1305
* ALPN, server did not agree to a protocol
...
> GET / HTTP/1.1
> Host: localhost:8181
> User-Agent: curl/7.62.0-DEV
> Accept: */*
> 
< HTTP/1.1 200 OK
< content-length: 12
< content-type: text/plain; charset=utf-8
< date: Sun, 23 Sep 2018 03:13:37 GMT
@transkatgirl transkatgirl changed the title Server ALPN not working properly Server ALPN negotiation not working properly Sep 23, 2018
@transkatgirl transkatgirl changed the title Server ALPN negotiation not working properly Actix-web not upgrading connections to HTTP/2 Sep 27, 2018
@transkatgirl transkatgirl changed the title Actix-web not upgrading connections to HTTP/2 Server not upgrading connections to HTTP/2 Sep 27, 2018
@transkatgirl transkatgirl changed the title Server not upgrading connections to HTTP/2 HttpServer::bind_ssl not upgrading connections to HTTP/2 Sep 27, 2018
@OtaK
Copy link
Contributor

OtaK commented Oct 2, 2018
edited
Loading

I think we should give the utmost attention to this issue since one of the biggest selling points of actix-web plain doesn't work anymore.

Currently trying to pinpoint the faulty version that caused the regression

Edit: Found.

Actix-web 0.7.3:

starting benchmark...
spawning thread #0: 100 total client(s). 1000 total requests
TLS Protocol: TLSv1.2
Cipher: ECDHE-RSA-AES128-GCM-SHA256
Server Temp Key: ECDH P-256 256 bits
Application protocol: h2

Actix 0.7.4 and above:

starting benchmark...
spawning thread #0: 100 total client(s). 1000 total requests
TLS Protocol: TLSv1.2
Cipher: ECDHE-RSA-AES128-GCM-SHA256
Server Temp Key: ECDH P-256 256 bits
No protocol negotiated. Fallback behaviour may be activated
Server does not support NPN/ALPN. Falling back to HTTP/1.1.
Application protocol: http/1.1

@fafhrd91 @DoumanAsh

@DoumanAsh
Copy link
Contributor

Sorry, I forgot about it. I'll check it

@DoumanAsh DoumanAsh mentioned this issue Oct 2, 2018
Merged
@DoumanAsh DoumanAsh added the C-bug Category: bug label Oct 2, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
C-bug Category: bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@OtaK @DoumanAsh @transkatgirl