Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
Re: Curl (or server) offers HTTP/2 but falls back to HTTP/1.1
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Richard W.M. Jones via curl-library <curl-library_at_lists.haxx.se>
Date: Fri, 28 Jul 2023 09:15:20 +0100
On Fri, Jul 28, 2023 at 08:47:45AM +0100, Richard W.M. Jones via curl-library wrote:
> curl-8.1.2-1.fc39.x86_64
This is how this version of curl was compiled, if that matters:
https://kojipkgs.fedoraproject.org//packages/curl/8.1.2/1.fc39/data/logs/x86_64/build.log
(search down a bit for the ./configure line)
I have this version of libnghttp2:
libnghttp2-1.55.0-1.fc39.x86_64
> I'm trying to force HTTP/2 to a particular server in my program (to
> test multiplexing). For some reason the server always falls back to
> HTTP/1.1, even when I use CURL_HTTP_VERSION_2_0 or
> CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE.
>
> Actually it happens at the command line too, see below.
>
> Why is this?
>
> $ curl -v -I --http2 https://gemmei.ftp.acc.umu.se/images/cloud/bookworm/daily/latest/debian-12-backports-generic-amd64-daily.qcow2
> % Total % Received % Xferd Average Speed Time Time Time Current
> Dload Upload Total Spent Left Speed
> 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying [2001:6b0:19::137]:443...
> * Connected to gemmei.ftp.acc.umu.se (2001:6b0:19::137) port 443 (#0)
> * ALPN: offers h2,http/1.1
> } [5 bytes data]
> * TLSv1.3 (OUT), TLS handshake, Client hello (1):
> } [512 bytes data]
> * CAfile: /etc/pki/tls/certs/ca-bundle.crt
> * CApath: none
> { [5 bytes data]
> * TLSv1.3 (IN), TLS handshake, Server hello (2):
> { [122 bytes data]
> * TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
> { [21 bytes data]
> * TLSv1.3 (IN), TLS handshake, Certificate (11):
> { [4564 bytes data]
> * TLSv1.3 (IN), TLS handshake, CERT verify (15):
> { [264 bytes data]
> * TLSv1.3 (IN), TLS handshake, Finished (20):
> { [36 bytes data]
> * TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
> } [1 bytes data]
> * TLSv1.3 (OUT), TLS handshake, Finished (20):
> } [36 bytes data]
> * SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
> * ALPN: server accepted http/1.1
I read about ALPN, which seems incredibly complicated and confusing.
I wonder if curl could print some more debugging about why a
particular protocol was selected?
Rich.
> * Server certificate:
> * subject: CN=ftp.acc.umu.se
> * start date: Jul 11 21:18:48 2023 GMT
> * expire date: Oct 9 21:18:47 2023 GMT
> * subjectAltName: host "gemmei.ftp.acc.umu.se" matched cert's "gemmei.ftp.acc.umu.se"
> * issuer: C=US; O=Let's Encrypt; CN=R3
> * SSL certificate verify ok.
> * using HTTP/1.1
> } [5 bytes data]
> > HEAD /images/cloud/bookworm/daily/latest/debian-12-backports-generic-amd64-daily.qcow2 HTTP/1.1
> > Host: gemmei.ftp.acc.umu.se
> > User-Agent: curl/8.1.2
> > Accept: */*
> >
> { [5 bytes data]
> * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
> { [249 bytes data]
> * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
> { [249 bytes data]
> * old SSL session ID is stale, removing
> { [5 bytes data]
> < HTTP/1.1 200 OK
> < Date: Fri, 28 Jul 2023 07:34:29 GMT
> < Server: Apache/2.4.55 (Unix)
> < Last-Modified: Thu, 27 Jul 2023 06:16:27 GMT
> < Content-Length: 378874880
> < Accept-Ranges: bytes
> < Age: 357
> <
> 0 361M 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
> * Connection #0 to host gemmei.ftp.acc.umu.se left intact
> HTTP/1.1 200 OK
> Date: Fri, 28 Jul 2023 07:34:29 GMT
> Server: Apache/2.4.55 (Unix)
> Last-Modified: Thu, 27 Jul 2023 06:16:27 GMT
> Content-Length: 378874880
> Accept-Ranges: bytes
> Age: 357
>
>
> Rich.
>
> --
> Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
> Read my programming and virtualization blog: http://rwmj.wordpress.com
> libguestfs lets you edit virtual machines. Supports shell scripting,
> bindings from many languages. http://libguestfs.org
> % Total % Received % Xferd Average Speed Time Time Time Current
> Dload Upload Total Spent Left Speed
> 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying [2001:6b0:19::137]:443...
> * Connected to gemmei.ftp.acc.umu.se (2001:6b0:19::137) port 443 (#0)
> * ALPN: offers h2,http/1.1
> } [5 bytes data]
> * TLSv1.3 (OUT), TLS handshake, Client hello (1):
> } [512 bytes data]
> * CAfile: /etc/pki/tls/certs/ca-bundle.crt
> * CApath: none
> { [5 bytes data]
> * TLSv1.3 (IN), TLS handshake, Server hello (2):
> { [122 bytes data]
> * TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
> { [21 bytes data]
> * TLSv1.3 (IN), TLS handshake, Certificate (11):
> { [4564 bytes data]
> * TLSv1.3 (IN), TLS handshake, CERT verify (15):
> { [264 bytes data]
> * TLSv1.3 (IN), TLS handshake, Finished (20):
> { [36 bytes data]
> * TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
> } [1 bytes data]
> * TLSv1.3 (OUT), TLS handshake, Finished (20):
> } [36 bytes data]
> * SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
> * ALPN: server accepted http/1.1
> * Server certificate:
> * subject: CN=ftp.acc.umu.se
> * start date: Jul 11 21:18:48 2023 GMT
> * expire date: Oct 9 21:18:47 2023 GMT
> * subjectAltName: host "gemmei.ftp.acc.umu.se" matched cert's "gemmei.ftp.acc.umu.se"
> * issuer: C=US; O=Let's Encrypt; CN=R3
> * SSL certificate verify ok.
> * using HTTP/1.1
> } [5 bytes data]
> > HEAD /images/cloud/bookworm/daily/latest/debian-12-backports-generic-amd64-daily.qcow2 HTTP/1.1
> > Host: gemmei.ftp.acc.umu.se
> > User-Agent: curl/8.1.2
> > Accept: */*
> >
> { [5 bytes data]
> * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
> { [249 bytes data]
> * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
> { [249 bytes data]
> * old SSL session ID is stale, removing
> { [5 bytes data]
> < HTTP/1.1 200 OK
> < Date: Fri, 28 Jul 2023 07:34:29 GMT
> < Server: Apache/2.4.55 (Unix)
> < Last-Modified: Thu, 27 Jul 2023 06:16:27 GMT
> < Content-Length: 378874880
> < Accept-Ranges: bytes
> < Age: 357
> <
> 0 361M 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
> * Connection #0 to host gemmei.ftp.acc.umu.se left intact
> HTTP/1.1 200 OK
> Date: Fri, 28 Jul 2023 07:34:29 GMT
> Server: Apache/2.4.55 (Unix)
> Last-Modified: Thu, 27 Jul 2023 06:16:27 GMT
> Content-Length: 378874880
> Accept-Ranges: bytes
> Age: 357
>
> --
> Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library
> Etiquette: https://curl.se/mail/etiquette.html
Date: Fri, 28 Jul 2023 09:15:20 +0100
On Fri, Jul 28, 2023 at 08:47:45AM +0100, Richard W.M. Jones via curl-library wrote:
> curl-8.1.2-1.fc39.x86_64
This is how this version of curl was compiled, if that matters:
https://kojipkgs.fedoraproject.org//packages/curl/8.1.2/1.fc39/data/logs/x86_64/build.log
(search down a bit for the ./configure line)
I have this version of libnghttp2:
libnghttp2-1.55.0-1.fc39.x86_64
> I'm trying to force HTTP/2 to a particular server in my program (to
> test multiplexing). For some reason the server always falls back to
> HTTP/1.1, even when I use CURL_HTTP_VERSION_2_0 or
> CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE.
>
> Actually it happens at the command line too, see below.
>
> Why is this?
>
> $ curl -v -I --http2 https://gemmei.ftp.acc.umu.se/images/cloud/bookworm/daily/latest/debian-12-backports-generic-amd64-daily.qcow2
> % Total % Received % Xferd Average Speed Time Time Time Current
> Dload Upload Total Spent Left Speed
> 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying [2001:6b0:19::137]:443...
> * Connected to gemmei.ftp.acc.umu.se (2001:6b0:19::137) port 443 (#0)
> * ALPN: offers h2,http/1.1
> } [5 bytes data]
> * TLSv1.3 (OUT), TLS handshake, Client hello (1):
> } [512 bytes data]
> * CAfile: /etc/pki/tls/certs/ca-bundle.crt
> * CApath: none
> { [5 bytes data]
> * TLSv1.3 (IN), TLS handshake, Server hello (2):
> { [122 bytes data]
> * TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
> { [21 bytes data]
> * TLSv1.3 (IN), TLS handshake, Certificate (11):
> { [4564 bytes data]
> * TLSv1.3 (IN), TLS handshake, CERT verify (15):
> { [264 bytes data]
> * TLSv1.3 (IN), TLS handshake, Finished (20):
> { [36 bytes data]
> * TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
> } [1 bytes data]
> * TLSv1.3 (OUT), TLS handshake, Finished (20):
> } [36 bytes data]
> * SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
> * ALPN: server accepted http/1.1
I read about ALPN, which seems incredibly complicated and confusing.
I wonder if curl could print some more debugging about why a
particular protocol was selected?
Rich.
> * Server certificate:
> * subject: CN=ftp.acc.umu.se
> * start date: Jul 11 21:18:48 2023 GMT
> * expire date: Oct 9 21:18:47 2023 GMT
> * subjectAltName: host "gemmei.ftp.acc.umu.se" matched cert's "gemmei.ftp.acc.umu.se"
> * issuer: C=US; O=Let's Encrypt; CN=R3
> * SSL certificate verify ok.
> * using HTTP/1.1
> } [5 bytes data]
> > HEAD /images/cloud/bookworm/daily/latest/debian-12-backports-generic-amd64-daily.qcow2 HTTP/1.1
> > Host: gemmei.ftp.acc.umu.se
> > User-Agent: curl/8.1.2
> > Accept: */*
> >
> { [5 bytes data]
> * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
> { [249 bytes data]
> * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
> { [249 bytes data]
> * old SSL session ID is stale, removing
> { [5 bytes data]
> < HTTP/1.1 200 OK
> < Date: Fri, 28 Jul 2023 07:34:29 GMT
> < Server: Apache/2.4.55 (Unix)
> < Last-Modified: Thu, 27 Jul 2023 06:16:27 GMT
> < Content-Length: 378874880
> < Accept-Ranges: bytes
> < Age: 357
> <
> 0 361M 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
> * Connection #0 to host gemmei.ftp.acc.umu.se left intact
> HTTP/1.1 200 OK
> Date: Fri, 28 Jul 2023 07:34:29 GMT
> Server: Apache/2.4.55 (Unix)
> Last-Modified: Thu, 27 Jul 2023 06:16:27 GMT
> Content-Length: 378874880
> Accept-Ranges: bytes
> Age: 357
>
>
> Rich.
>
> --
> Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
> Read my programming and virtualization blog: http://rwmj.wordpress.com
> libguestfs lets you edit virtual machines. Supports shell scripting,
> bindings from many languages. http://libguestfs.org
> % Total % Received % Xferd Average Speed Time Time Time Current
> Dload Upload Total Spent Left Speed
> 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying [2001:6b0:19::137]:443...
> * Connected to gemmei.ftp.acc.umu.se (2001:6b0:19::137) port 443 (#0)
> * ALPN: offers h2,http/1.1
> } [5 bytes data]
> * TLSv1.3 (OUT), TLS handshake, Client hello (1):
> } [512 bytes data]
> * CAfile: /etc/pki/tls/certs/ca-bundle.crt
> * CApath: none
> { [5 bytes data]
> * TLSv1.3 (IN), TLS handshake, Server hello (2):
> { [122 bytes data]
> * TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
> { [21 bytes data]
> * TLSv1.3 (IN), TLS handshake, Certificate (11):
> { [4564 bytes data]
> * TLSv1.3 (IN), TLS handshake, CERT verify (15):
> { [264 bytes data]
> * TLSv1.3 (IN), TLS handshake, Finished (20):
> { [36 bytes data]
> * TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
> } [1 bytes data]
> * TLSv1.3 (OUT), TLS handshake, Finished (20):
> } [36 bytes data]
> * SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
> * ALPN: server accepted http/1.1
> * Server certificate:
> * subject: CN=ftp.acc.umu.se
> * start date: Jul 11 21:18:48 2023 GMT
> * expire date: Oct 9 21:18:47 2023 GMT
> * subjectAltName: host "gemmei.ftp.acc.umu.se" matched cert's "gemmei.ftp.acc.umu.se"
> * issuer: C=US; O=Let's Encrypt; CN=R3
> * SSL certificate verify ok.
> * using HTTP/1.1
> } [5 bytes data]
> > HEAD /images/cloud/bookworm/daily/latest/debian-12-backports-generic-amd64-daily.qcow2 HTTP/1.1
> > Host: gemmei.ftp.acc.umu.se
> > User-Agent: curl/8.1.2
> > Accept: */*
> >
> { [5 bytes data]
> * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
> { [249 bytes data]
> * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
> { [249 bytes data]
> * old SSL session ID is stale, removing
> { [5 bytes data]
> < HTTP/1.1 200 OK
> < Date: Fri, 28 Jul 2023 07:34:29 GMT
> < Server: Apache/2.4.55 (Unix)
> < Last-Modified: Thu, 27 Jul 2023 06:16:27 GMT
> < Content-Length: 378874880
> < Accept-Ranges: bytes
> < Age: 357
> <
> 0 361M 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
> * Connection #0 to host gemmei.ftp.acc.umu.se left intact
> HTTP/1.1 200 OK
> Date: Fri, 28 Jul 2023 07:34:29 GMT
> Server: Apache/2.4.55 (Unix)
> Last-Modified: Thu, 27 Jul 2023 06:16:27 GMT
> Content-Length: 378874880
> Accept-Ranges: bytes
> Age: 357
>
> --
> Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library
> Etiquette: https://curl.se/mail/etiquette.html
-- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com virt-builder quickly builds VMs from scratch http://libguestfs.org/virt-builder.1.html -- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.htmlReceived on 2023-07-28