Re: [jetty-users] No no_application_protocol when server doesn't support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [jetty-users] No no_application_protocol when server doesn't support any client protocol

From: John Jiang <john.sha.jiang@xxxxxxxxx>
Date: Wed, 13 Nov 2019 11:01:59 +0800
Delivered-to: jetty-users@xxxxxxxxxxx
List-archive: <https://www.eclipse.org/mailman/private/jetty-users>
List-help: <mailto:jetty-users-request@eclipse.org?subject=help>
List-subscribe: <https://www.eclipse.org/mailman/listinfo/jetty-users>, <mailto:jetty-users-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://www.eclipse.org/mailman/options/jetty-users>, <mailto:jetty-users-request@eclipse.org?subject=unsubscribe>

Hi Glen,
Not sure understand your point.

It looks the application protocol was successfully negotiated in your case.

But that's not my case.

In my case, the negotiation should fail, but the alter would be fatal no_application_protocol instead of warning user_canceled.

On Wed, Nov 13, 2019 at 1:19 AM Glen Peterson <glen.k.peterson@xxxxxxxxx> wrote:

Hi John,

I was having similar issues and made a minimal sample project to debug my issues. When I run it and issue:
$ openssl s_client -alpn h3,h4 -connect localhost:8443
in another terminal, I get:

...
Peer signing digest: SHA256
Peer signature type: ECDSA
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 872 bytes and written 403 bytes
Verification error: self signed certificate
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 256 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
ALPN protocol: h3
Early data was not sent
Verify return code: 18 (self signed certificate)
---
read:errno=0

If that's what you wanted, you can see how I configured jetty here:
https://github.com/GlenKPeterson/http2-server-jar-sample

On Tue, Nov 12, 2019 at 1:49 AM John Jiang <john.sha.jiang@xxxxxxxxx> wrote:
Hi,
Using 9.4.22.

My jetty server supports HTTP/2, including h2c and h2, and try the below command,
openssl s_client -alpn h3,h4 -connect host:port
For this case, per RFC 7301 section 3.2, the server shall alter fatal no_application_protocol.
But with my testing, the server raised warning user_canceled.
Is this a bug?

Thanks!
_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users

--
Glen K. Peterson
(828) 393-0081
_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users

References:
- [jetty-users] No no_application_protocol when server doesn't support any client protocol
  - From: John Jiang
- Re: [jetty-users] No no_application_protocol when server doesn't support any client protocol
  - From: Glen Peterson

Prev by Date: Re: [jetty-users] No no_application_protocol when server doesn't support any client protocol
Next by Date: Re: [jetty-users] No no_application_protocol when server doesn't support any client protocol
Previous by thread: Re: [jetty-users] No no_application_protocol when server doesn't support any client protocol
Next by thread: Re: [jetty-users] No no_application_protocol when server doesn't support any client protocol
Index(es):
- Date
- Thread

Breadcrumbs