Return-Path: X-Original-To: apmail-httpd-dev-archive@www.apache.org Delivered-To: apmail-httpd-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 89E53184D5 for ; Thu, 3 Sep 2015 12:47:18 +0000 (UTC) Received: (qmail 63867 invoked by uid 500); 3 Sep 2015 12:47:17 -0000 Delivered-To: apmail-httpd-dev-archive@httpd.apache.org Received: (qmail 63802 invoked by uid 500); 3 Sep 2015 12:47:17 -0000 Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list dev@httpd.apache.org Received: (qmail 63792 invoked by uid 99); 3 Sep 2015 12:47:17 -0000 Received: from Unknown (HELO spamd1-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 03 Sep 2015 12:47:17 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id 54937F132A for ; Thu, 3 Sep 2015 12:47:17 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -0.01 X-Spam-Level: X-Spam-Status: No, score=-0.01 tagged_above=-999 required=6.31 tests=[SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, URIBL_BLOCKED=0.001] autolearn=disabled Received: from mx1-us-west.apache.org ([10.40.0.8]) by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024) with ESMTP id JtNaRP5XzSmt for ; Thu, 3 Sep 2015 12:47:10 +0000 (UTC) Received: from mail.greenbytes.de (mail.greenbytes.de [217.91.35.233]) by mx1-us-west.apache.org (ASF Mail Server at mx1-us-west.apache.org) with ESMTPS id D867320FD3 for ; Thu, 3 Sep 2015 12:47:09 +0000 (UTC) Received: from [192.168.1.42] (unknown [5.10.171.186]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mail.greenbytes.de (Postfix) with ESMTPSA id B53B915A047D for ; Thu, 3 Sep 2015 14:47:07 +0200 (CEST) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\)) Subject: Re: svn commit: r1695727 - in /httpd/httpd/trunk: docs/manual/mod/core.xml include/http_core.h server/core.c server/protocol.c From: Stefan Eissing In-Reply-To: Date: Thu, 3 Sep 2015 14:47:07 +0200 Content-Transfer-Encoding: quoted-printable Message-Id: References: <20150813153307.D0EBEAC0734@hades.apache.org> <96991731-9044-4977-B666-8A46F5B1C281@greenbytes.de> To: dev@httpd.apache.org X-Mailer: Apple Mail (2.2104) Added in r1701005. > Am 03.09.2015 um 11:49 schrieb Yann Ylavic : >=20 > On Wed, Sep 2, 2015 at 7:54 PM, Stefan Eissing > wrote: >> If we want to be more safe, we can change the Protocols default to = just http/1.1. Also the default for ordering we can change, np. >>=20 >> Other opinions? >=20 > Thanks, LGTM (though I like the idea of ap_select_protocol() returning > a different value whether the client proposed "http/1.1" or not - > NULL?) . >=20 >>=20 >> For ALPN, afaik the callback only gets triggered if the client = actually sends ALPN in its hello. Since "http/1.1" is the only = identifier defined in the standard (for http version < 2), we cannot = send any 1.0 or 0.9. And if the client does, it's an unidentified thing. = ALPN says that the server is free to select even a protocol not = mentioned in the client hello. So sending back "http/1.1" in case = server/client wishes do not overlap is fine too. Either the client = reconsiders or closes the connection. >=20 > Doesn't the server have the (optional) ability to enforce Protocols > (close/alert by itself)? >=20 >>=20 >> Legacy clients will not send ALPN, so the whole handshake will work = as before. (modulo bugs) >=20 > Agreed. bytes GmbH Hafenweg 16, 48155 M=C3=BCnster, Germany Phone: +49 251 2807760. Amtsgericht M=C3=BCnster: HRB5782