httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Eissing <stefan.eiss...@greenbytes.de>
Subject Re: 2.4.17 test failure for mod_nntp_like_ssl when mod_http2 is loaded
Date Sun, 11 Oct 2015 17:30:34 GMT
What is the penalty of invoking SSL_do_handshake(ssl) on the server side for a new connection?
We do this on renegotiate and upgrade cases...

> Am 11.10.2015 um 19:23 schrieb Stefan Eissing <stefan.eissing@greenbytes.de>:
> 
> 
>> Am 11.10.2015 um 19:19 schrieb Rainer Jung <rainer.jung@kippdata.de>:
>> 
>> Am 11.10.2015 um 19:08 schrieb Yann Ylavic:
>>> On Sun, Oct 11, 2015 at 7:00 PM, Stefan Eissing
>>> <stefan.eissing@greenbytes.de> wrote:
>>>> Ok, analyzed the code. Here is what seems to be happening:
>>>> 
>>>> - mod_http2, in the connection hook, does a blocking, speculative read to
>>>>  a) make sure the ALPN has been triggered
>>>>  b) check for the magic 24 bytes h2 preface in case H2Direct is on
>>>>  This works fine for HTTP/1.1 or protocols where the client starts sending
bytes right away.
>>>>  If the client waits for something from the server first, it gives a timeout.
This seems to be the NNTP case.
>>> 
>>> Does it make any sense to enable h2 on NNTP?
>> 
>> For now I disabled the nntp over ssl test when mod_http2 is loaded (disabled in the
test file) so that the test suite does not hang.
>> 
>> I guess we don't want to test h2 and NNTP on the same requests, but it would be ideal,
if the modules would not disturb each other, if they serve different vhosts in the same Apache.
If that's not possible and doesn't actually indicate a bigger problem, I'm personally fine
with that incompatibility with protocols that show "server sends first" behavior.
> 
> Agreed. What we need is a way to make sure that any ALPN handling is done for later connection
hooks. Then mod_http2 will only need to sniff when H2Direct is enabled.


Mime
View raw message