Return-Path: 
 <users-return-112284-apmail-httpd-users-archive=httpd.apache.org@httpd.apache.org>
X-Original-To: apmail-httpd-users-archive@www.apache.org
Delivered-To: apmail-httpd-users-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id D5F4210ADB
	for <apmail-httpd-users-archive@www.apache.org>;
 Fri, 16 Oct 2015 10:08:24 +0000 (UTC)
Received: (qmail 60243 invoked by uid 500); 16 Oct 2015 10:08:18 -0000
Delivered-To: apmail-httpd-users-archive@httpd.apache.org
Received: (qmail 60207 invoked by uid 500); 16 Oct 2015 10:08:18 -0000
Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
list-help: <mailto:users-help@httpd.apache.org>
list-unsubscribe: <mailto:users-unsubscribe@httpd.apache.org>
List-Post: <mailto:users@httpd.apache.org>
List-Id: <users.httpd.apache.org>
Delivered-To: mailing list users@httpd.apache.org
Received: (qmail 60197 invoked by uid 99); 16 Oct 2015 10:08:18 -0000
Received: from Unknown (HELO spamd3-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 16 Oct 2015 10:08:18 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org)
 with ESMTP id 08D9818098E
	for <users@httpd.apache.org>; Fri, 16 Oct 2015 10:08:18 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: -0.12
X-Spam-Level: 
X-Spam-Status: No, score=-0.12 tagged_above=-999 required=6.31
	tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
	RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001,
	URIBL_BLOCKED=0.001] autolearn=disabled
Authentication-Results: spamd3-us-west.apache.org (amavisd-new);
	dkim=pass (2048-bit key) header.d=gmail.com
Received: from mx1-us-east.apache.org ([10.40.0.8])
	by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new,
 port 10024)
	with ESMTP id 3550K9U72VQE for <users@httpd.apache.org>;
	Fri, 16 Oct 2015 10:08:08 +0000 (UTC)
Received: from mail-wi0-f177.google.com (mail-wi0-f177.google.com
 [209.85.212.177])
	by mx1-us-east.apache.org (ASF Mail Server at mx1-us-east.apache.org) with
 ESMTPS id 17FBE42B59
	for <users@httpd.apache.org>; Fri, 16 Oct 2015 10:08:08 +0000 (UTC)
Received: by wijq8 with SMTP id q8so2960811wij.0
        for <users@httpd.apache.org>; Fri, 16 Oct 2015 03:08:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :content-type;
        bh=4JQCrga8iENdSm7NR0yotf03tlD+uAo6sK16h+x/b1U=;
        b=TvLEeryhTiLw1ilwYZ6t68VjqKoK/lXU10TCO9XBXW5wthIXWd+hv33gLRBf2yG3wL
         mtFUXeI8yK/TeKyJypjtEfn43Cv/tibsHh95P72eYlV/uN0SDrzb9+0UE8+J3iE5ujRQ
         jgjt1L4X0r2RMofsBtQlvHAj3kPXphCSzLfugVsxI7L8v7M22qqEzxlGuGzAvotKTA+a
         t8EfQDy4yTqjPYPEFR5ZJ3DV13UtgkAXrw7pY9sRfivx2A6VJVGiqOGPQ1qU289HJGcr
         YE1hGIcaVIM1IIzqFROfqe9UmpxtCgeJMiNGJHtBNQETN2jiWn28Dr2lhDBvgZdZNg7Q
         hVfw==
X-Received: by 10.180.188.169 with SMTP id gb9mr3766856wic.72.1444990081280;
 Fri, 16 Oct 2015 03:08:01 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.27.88.10 with HTTP; Fri, 16 Oct 2015 03:07:41 -0700 (PDT)
In-Reply-To: <415F7256-73F9-4458-8922-8E4A28892FF0@greenbytes.de>
References: <415F7256-73F9-4458-8922-8E4A28892FF0@greenbytes.de>
From: Chris <chrcoluk@gmail.com>
Date: Fri, 16 Oct 2015 11:07:41 +0100
Message-ID: 
 <CAOhm=5pJUxKUDQq9Hcvq8ysHXUGdUTVzsRgDuOKvhPweKGZuAg@mail.gmail.com>
To: users@httpd.apache.org
Content-Type: text/plain; charset=UTF-8
Subject: Re: [users@httpd] mod_h2 protocols not working

Sorry I meant I tried using Protocols h2 not g2 that was a typo.

On 16 October 2015 at 10:48, Stefan Eissing
<stefan.eissing@greenbytes.de> wrote:
>
> Chris,
>
> http://freebsd-admin.com does a 302 redirect to https://freebsd-admin.com
>
> There is no connection upgrade happening on that. Can be argued that it should.
>
> On the https side, I see:
> * Connected to freebsd-admin.com (78.46.185.201) port 443 (#0)
> * ALPN, offering h2
> * ALPN, offering http/1.1
> * Cipher selection: =
> ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
> * TLSv1.2 (OUT), TLS header, Certificate Status (22):
> * TLSv1.2 (OUT), TLS handshake, Client hello (1):
> * TLSv1.2 (IN), TLS handshake, Server hello (2):
> * TLSv1.2 (IN), TLS handshake, Certificate (11):
> * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
> * TLSv1.2 (IN), TLS handshake, Server finished (14):
> * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
> * TLSv1.2 (OUT), TLS change cipher, Client hello (1):
> * TLSv1.2 (OUT), TLS handshake, Finished (20):
> * TLSv1.2 (IN), TLS change cipher, Client hello (1):
> * TLSv1.2 (IN), TLS handshake, Finished (20):
> * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
> * ALPN, server accepted to use http/1.1
>
> So ALPN is happening, but h2 is not selected. How did you configure this?
>
>> Anfang der weitergeleiteten Nachricht:
>> =20
>> Von: Chris <chrcoluk@gmail.com>
>> Datum: 16. Oktober 2015 um 11:22:57 MESZ
>> An: dev@httpd.apache.org
>> Betreff: Aw: mod_http2 protocols directive broken
>> =20
>> Hi Stefan, here is the output of both checks. Note I will confirm also
>> curl is compiled with http2 support and will also show curl -V output.
>> =20
>> Curl -V
>> "curl 7.45.0 (amd64-portbld-freebsd9.3) libcurl/7.45.0 OpenSSL/1.0.2d
>> zlib/1.2.8 libidn/1.31 nghttp2/1.3.4
>> Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s
>> rtsp smb smbs smtp smtps telnet tftp
>> Features: AsynchDNS IDN IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP
>> HTTP2 UnixSockets "
>> =20
>> Curl http2 test
>> "# curl -v --http2 -v http://freebsd-admin.com/
>> *   Trying 2a01:4f8:201:5465::4...
>> * Connected to freebsd-admin.com (2a01:4f8:201:5465::4) port 80 (#0)
>>> GET / HTTP/1.1
>>> Host: freebsd-admin.com
>>> User-Agent: curl/7.45.0
>>> Accept: */*
>>> Connection: Upgrade, HTTP2-Settings
>>> Upgrade: h2c
>>> HTTP2-Settings: AAMAAABkAAQAAP__
>>> =20
>> < HTTP/1.1 302 Found
>> < Date: Fri, 16 Oct 2015 09:19:56 GMT
>> < Server: Apache
>> < X-Frame-Options: SAMEORIGIN
>> < X-Xss-Protection: 1; mode=3Dblock
>> < X-Content-Type-Options: nosniff
>> < Content-Security-Policy: default-src 'self'; script-src 'self'
>> 'unsafe-eval' 'unsafe-inline' https://*.freebsd-admin.com; connect-src
>> 'self' https://*.freebsd-admin.com; img-src 'self'
>> https://*.freebsd-admin.com; style-src 'unsafe-inline' 'self'
>> https://*.freebsd-admin.com; block-all-mixed-content;
>> < X-Content-Security-Policy: default-src 'self'; script-src 'self'
>> 'unsafe-eval' 'unsafe-inline' https://*.freebsd-admin.com; connect-src
>> 'self' https://*.freebsd-admin.com; img-src 'self'
>> https://*.freebsd-admin.com; style-src 'self' 'unsafe-inline'
>> https://*.freebsd-admin.com; block-all-mixed-content;
>> < Location: https://freebsd-admin.com/
>> < Content-Length: 210
>> < Content-Type: text/html; charset=3Diso-8859-1
>> <
>> <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
>> <html><head>
>> <title>302 Found</title>
>> </head><body>
>> <h1>Found</h1>
>> <p>The document has moved <a =
> href=3D"https://freebsd-admin.com/">here</a>.</p>
>> </body></html>
>> * Connection #0 to host freebsd-admin.com left intact"
>> =20
>> nghttp2 test
>> "# nghttp -uv http://freebsd-admin.com/
>> [  0.000] Connected
>> [  0.000] HTTP Upgrade request
>> GET / HTTP/1.1
>> Host: freebsd-admin.com
>> Connection: Upgrade, HTTP2-Settings
>> Upgrade: h2c
>> HTTP2-Settings: AAMAAABkAAQAAP__
>> Accept: */*
>> User-Agent: nghttp2/1.3.4
>> =20
>> =20
>> [  0.001] HTTP Upgrade response
>> HTTP/1.1 302 Found
>> Date: Fri, 16 Oct 2015 09:21:42 GMT
>> Server: Apache
>> X-Frame-Options: SAMEORIGIN
>> X-Xss-Protection: 1; mode=3Dblock
>> X-Content-Type-Options: nosniff
>> Content-Security-Policy: default-src 'self'; script-src 'self'
>> 'unsafe-eval' 'unsafe-inline' https://*.freebsd-admin.com; connect-src
>> 'self' https://*.freebsd-admin.com; img-src 'self'
>> https://*.freebsd-admin.com; style-src 'unsafe-inline' 'self'
>> https://*.freebsd-admin.com; block-all-mixed-content;
>> X-Content-Security-Policy: default-src 'self'; script-src 'self'
>> 'unsafe-eval' 'unsafe-inline' https://*.freebsd-admin.com; connect-src
>> 'self' https://*.freebsd-admin.com; img-src 'self'
>> https://*.freebsd-admin.com; style-src 'self' 'unsafe-inline'
>> https://*.freebsd-admin.com; block-all-mixed-content;
>> Location: https://freebsd-admin.com/
>> Content-Length: 210
>> Content-Type: text/html; charset=3Diso-8859-1
>> =20
>> <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
>> <html><head>
>> <title>302 Found</title>
>> </head><body>
>> <h1>Found</h1>
>> <p>The document has moved <a =
> href=3D"https://freebsd-admin.com/">here</a>.</p>
>> </body></html>
>> =20
>> [ERROR] HTTP Upgrade failed
>> Some requests were not processed. total=3D1, processed=3D0"
>> =20
>> Finally I also set logging to http2:debug but I dont see anything that
>> indicates an error.
>> =20
>> "[Fri Oct 16 10:06:01.060039 2015] [http2:info] [pid 19537:tid
>> 34410099712] mod_http2 (v1.0.0, nghttp2 1.3.4), initializing...
>> [Fri Oct 16 10:06:01.060051 2015] [http2:debug] [pid 19537:tid
>> 34410099712] h2_h2.c(72): h2_h2, child_init
>> [Fri Oct 16 10:06:01.060059 2015] [http2:debug] [pid 19537:tid
>> 34410099712] h2_switch.c(54): h2_switch init
>> [Fri Oct 16 10:06:01.060287 2015] [lbmethod_heartbeat:notice] [pid
>> 19537:tid 34410099712] AH02282: No slotmem from mod_heartmonitor
>> [Fri Oct 16 10:06:02.001571 2015] [mpm_event:notice] [pid 19537:tid
>> 34410099712] AH00489: Apache/2.4.17 (Unix) OpenSSL/1.0.2d configured
>> -- resuming normal operations
>> [Fri Oct 16 10:06:02.001600 2015] [core:notice] [pid 19537:tid
>> 34410099712] AH00094: Command line: '/usr/sbin/httpd -D SSL'
>> [Fri Oct 16 10:06:02.001697 2015] [http2:debug] [pid 19678:tid
>> 34410099712] h2_conn.c(123): h2_workers: min=3D32 max=3D64, =
> mthrpchild=3D32,
>> thr_limit=3D64
>> [Fri Oct 16 10:06:02.001755 2015] [http2:debug] [pid 19678:tid
>> 34410099712] h2_workers.c(227): h2_workers: starting
>> [Fri Oct 16 10:06:02.002007 2015] [http2:debug] [pid 19727:tid
>> 34410099712] h2_conn.c(123): h2_workers: min=3D32 max=3D64, =
> mthrpchild=3D32,
>> thr_limit=3D64
>> [Fri Oct 16 10:06:02.002062 2015] [http2:debug] [pid 19727:tid
>> 34410099712] h2_workers.c(227): h2_workers: starting"
>> =20
>> Hope this helps.
>> =20
>> On 16 October 2015 at 10:14, Stefan Eissing
>> <stefan.eissing@greenbytes.de> wrote:
>>> Chris,
>>> =20
>>> I wrote some advice at https://icing.github.io/mod_h2/howto.html =
> already.
>>> =20
>>> There are several checks described. Which one fails for you and how? =
> I need
>>> the output of the step that differs from the advice. Just a verbal =
> description
>>> is not enough. Thx.
>>> =20
>>> //Stefan
>>> =20
>>>> Am 16.10.2015 um 11:00 schrieb Chris <chrcoluk@gmail.com>:
>>>> =20
>>>> Hi guys.
>>>> =20
>>>> Was excited to see the module got added to 2.4.17 but I cannot get =
> it
>>>> to work in my testing following information from this url.
>>>> https://icing.github.io/mod_h2/howto.html#http
>>>> =20
>>>> So what is confirmed working?
>>>> =20
>>>> I compiled apache with the appropriate configure flag.
>>>> =20
>>>> I can confirm in the error log the module loads.
>>>> =20
>>>> However the protocols directive seems to be ignored, testing with =
> both
>>>> curl and nghttp2, confirm only http 1.1. is used.  I have tried =
> using
>>>> invalid syntax on the protocols directive to cause an error but the
>>>> server starts anyway without error as if it ignores the value, I =
> have
>>>> tried the value in both the server config and vhost which has no
>>>> affect.
>>>> =20
>>>> Any ideas?
>>>> =20
>>>> I have been testing on both http and https and both stuck on http =
> 1.1.
>>>> =20
>>>> Chris
>>> =20
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org