NPN clients fail when talking to NPN servers that don't advertise
See original GitHub issueExpected behavior
Netty clients that support NPN should be able to talk to any server that supports NPN.
Actual behavior
When netty clients using tcnative + NPN try to talk to servers that support NPN but don’t advertise any protocols, netty barfs.
Steps to reproduce
Use an SslContextBuilder, and call the applicationProtocolConfig, passing an ApplicationProtocolConfig where the Protocol is either Protocol.NPN_AND_ALPN or Protocol.NPN. Then talk to a server that supports NPN but doesn’t advertise NPN protocols, like happylifestyle.com or ossifrage.net.
Minimal yet complete reproducer code (or URL to code)
Using finagle:
import com.twitter.util.Await
import com.twitter.finagle.Http
import com.twitter.finagle.http.Request
val req = Request("/")
req.host = "happylifestyle.com"
val client = Http.client.configuredParams(Http.Http2).withTls("happylifestyle.com").newService("happylifestyle.com:443")
Await.result(client(req))
You can also do this when talking to ossifrage.net.
Note if you use openssl s_client -tlsextdebug -connect ossifrage.net:443 -nextprotoneg 'h2,http/1.1'
that it doesn’t advertise any protocols.
Netty version
4.1.16.Final
tcnative version
2.0.6.Final
JVM version (e.g. java -version
)
JDK8
OS version (e.g. uname -a
)
Darwin tw-mbp13-mnakamura.local 16.7.0 Darwin Kernel Version 16.7.0: Thu Jun 15 17:36:27 PDT 2017; root:xnu-3789.70.16~2/RELEASE_X86_64 x86_64
Issue Analytics
- State:
- Created 6 years ago
- Comments:22 (21 by maintainers)
Top GitHub Comments
Let me just close this for now. @mosesn please re-open if you still think there is an issue.
FYI, I think @mosesn meant to put
4.1.16.Final
as the version of Netty that we’re using, not4.1.6.Final
.