No luck with `Protocols h2`

[Jacob Champion <ch...@gmail.com>]

Stefan,

I'm trying to test mod_http2 for the 2.4.17 release, but I cannot for 
the life of me get ALPN and the h2 protocol working together. h2c seems 
to work, as does http/1.1 over TLS. My hope is that I'm just missing a 
config directive somewhere; can anyone else confirm that h2 negotiation 
is working for them?

I've attached a few files; hopefully they help.
- working.txt shows the debug log for an HTTP/1.1 Firefox request that 
ends in a 404. Note "ALPN selected protocol: 'http/1.1'", so ALPN 
appears to be functioning there.
- not_working.txt shows the same request, but after I've added a 
`Protocols h2 http/1.1`	line and restarted the server. Note the "h2_h2, 
error reading 24 bytes speculative" line with status "End of file 
found". Firefox sees a response of zero bytes and does nothing.
- httpd.conf is my server configuration. (It's the result of trying to 
strip out huge pieces of the actual conf to see where the error started 
from; sorry for the mess.)

It's not just Firefox: nghttp also complains that h2 is not being 
negotiated and refuses to continue with the request. I saw the 
no-matching-SSL-virtual-host error first and thought that might have 
something to do with it, but adding ServerAliases didn't seem to help 
anything.

I'm running on Ubuntu 14.04 with Apache 2.4.17, APR 2.0, OpenSSL 1.0.2d, 
nghttp2 1.3.4.

Thanks for any wisdom you can provide,
--Jacob

Re: No luck with `Protocols h2`

[Jacob Champion <ch...@gmail.com>]

On 10/10/2015 12:20 AM, Stefan Eissing wrote:
> In the meantime, I have prepped a howto h2 to point people to in order to give/collect some advice. http://icing.github.io/mod_h2/howto.html
>
> That will, once stable become part of the official docs.

Great, thanks! That is very helpful. One bit of feedback: in the Firefox 
section you say that

 > Among the response headers, you see this strange X-Firefox-Spdy entry
 > listing "h2". That is the indication that HTTP/2 is used on this
 > https: connection.

Another (possibly more future-proof?) indicator in that Network Headers 
panel is the "Version: HTTP/2.0" field that is underneath the Status 
Code and above the search bar.

>> Am 10.10.2015 um 02:24 schrieb Jacob Champion <ch...@gmail.com>:
>>
>>>(Haven't figured out the nghttp failure yet though.) Thanks Gregg!

For those following at home, and to save anyone else the trouble... 
nghttp still wasn't working, so I

- built Wireshark trunk to get HTTP/2 dissection for the stream, but I 
still couldn't decrypt the ephemeral ciphers, so I
- installed an LD_PRELOAD shim to get the pre-master secret keys only to 
find that the encrypted alerts were simply disconnection notices, then 
noticed that
- NPN was being sent in the Client Hello instead of ALPN, which is 
probably because
- my nghttp is using my system OpenSSL (1.0.1) instead of my latest 
compile (1.0.2).

The bleeding edge is fun. :)

In any case, I've now got an httpbin instance running in mod_passenger 
over HTTP/2, which is very cool. I was originally hoping to help with 
the vote, but now that I've discovered my binaries are mismatched, I 
wouldn't trust my test results anyway. Maybe next time.

Good luck with the release!
--Jacob

Re: No luck with `Protocols h2`

[Stefan Eissing <st...@greenbytes.de>]

Glad that Gregg pointed you the right way. 

Yes, I'll add that to the todos. There should be a better spec compliance check configurable in the server that gives at least logs for clients that do not comply and are turned down. 

In the meantime, I have prepped a howto h2 to point people to in order to give/collect some advice. http://icing.github.io/mod_h2/howto.html

That will, once stable become part of the official docs. 

> Am 10.10.2015 um 02:24 schrieb Jacob Champion <ch...@gmail.com>:
> 
>> On 10/09/2015 05:11 PM, Gregg Smith wrote:
>> I have no real recommendation for you but the RFC states all
>> implementations must support
>> TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 or OpenSSL's equivalent
>> ECDHE-RSA-AES128-GCM-SHA256.
>> So it's a starting point.
> 
> Perfect! After pulling it up front with
> 
>    SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:HIGH:MEDIUM:!MD5:!RC4
> 
> all appears to be working with Firefox. (Haven't figured out the nghttp failure yet though.) Thanks Gregg!
> 
> So, there's some feedback for the module then: that's a really strange failure mode. It would be nice if something in the logs reflected the bad cipher in use, and/or the documentation pointed this interaction out. (Or maybe it already does and I just overlooked it?)
> 
> --Jacob
> 

Re: No luck with `Protocols h2`

[Jacob Champion <ch...@gmail.com>]

On 10/09/2015 05:11 PM, Gregg Smith wrote:
> I have no real recommendation for you but the RFC states all
> implementations must support
> TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 or OpenSSL's equivalent
> ECDHE-RSA-AES128-GCM-SHA256.
> So it's a starting point.

Perfect! After pulling it up front with

     SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:HIGH:MEDIUM:!MD5:!RC4

all appears to be working with Firefox. (Haven't figured out the nghttp 
failure yet though.) Thanks Gregg!

So, there's some feedback for the module then: that's a really strange 
failure mode. It would be nice if something in the logs reflected the 
bad cipher in use, and/or the documentation pointed this interaction 
out. (Or maybe it already does and I just overlooked it?)

--Jacob

Re: No luck with `Protocols h2`

[Gregg Smith <gl...@gknw.net>]

Hi Jacob,
On 10/9/2015 4:47 PM, Jacob Champion wrote:
> Stefan,
>
> I'm trying to test mod_http2 for the 2.4.17 release, but I cannot for 
> the life of me get ALPN and the h2 protocol working together. h2c 
> seems to work, as does http/1.1 over TLS. My hope is that I'm just 
> missing a config directive somewhere; can anyone else confirm that h2 
> negotiation is working for them?
>
> I've attached a few files; hopefully they help.
> - working.txt shows the debug log for an HTTP/1.1 Firefox request that 
> ends in a 404. Note "ALPN selected protocol: 'http/1.1'", so ALPN 
> appears to be functioning there.
> - not_working.txt shows the same request, but after I've added a 
> `Protocols h2 http/1.1`    line and restarted the server. Note the 
> "h2_h2, error reading 24 bytes speculative" line with status "End of 
> file found". Firefox sees a response of zero bytes and does nothing.
> - httpd.conf is my server configuration. (It's the result of trying to 
> strip out huge pieces of the actual conf to see where the error 
> started from; sorry for the mess.)
>
> It's not just Firefox: nghttp also complains that h2 is not being 
> negotiated and refuses to continue with the request. I saw the 
> no-matching-SSL-virtual-host error first and thought that might have 
> something to do with it, but adding ServerAliases didn't seem to help 
> anything.
>
> I'm running on Ubuntu 14.04 with Apache 2.4.17, APR 2.0, OpenSSL 
> 1.0.2d, nghttp2 1.3.4.
>
> Thanks for any wisdom you can provide,
> --Jacob
I'm betting it's the cipher being used ECDHE-RSA-AES256-SHA. OpenSSL says
ECDHE-RSA-AES256-SHA = TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

There is a big list of blacklisted ciphers in the RFC 
https://httpwg.github.io/specs/rfc7540.html#BadCipherSuites
You will find that cipher on the list.

I have no real recommendation for you but the RFC states all 
implementations must support
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 or OpenSSL's equivalent 
ECDHE-RSA-AES128-GCM-SHA256.
So it's a starting point.

Happy http/2-ing,

Gregg