Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

H2->H1 downgrades trigger a retry over H2 first #6788

Closed
nox opened this issue Mar 24, 2021 · 0 comments
Closed

H2->H1 downgrades trigger a retry over H2 first #6788

nox opened this issue Mar 24, 2021 · 0 comments
Assignees

Comments

@nox
Copy link

@nox nox commented Mar 24, 2021

curl 'https://roaming.officeapps.live.com/rs/v1/settings/1065?rs=en-US' -X OPTIONS -v
*   Trying 52.109.88.174:443...
* Connected to roaming.officeapps.live.com (52.109.88.174) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=roaming.officeapps.live.com
*  start date: Oct  6 18:18:00 2020 GMT
*  expire date: Oct  6 18:18:00 2021 GMT
*  subjectAltName: host "roaming.officeapps.live.com" matched cert's "*.officeapps.live.com"
*  issuer: C=US; O=Microsoft Corporation; CN=Microsoft RSA TLS CA 02
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x7fc64b00d400)
> OPTIONS /rs/v1/settings/1065?rs=en-US HTTP/2
> Host: roaming.officeapps.live.com
> user-agent: curl/7.75.0
> accept: */*
> 
* Connection state changed (MAX_CONCURRENT_STREAMS == 100)!
* HTTP/2 stream 0 was not closed cleanly: HTTP_1_1_REQUIRED (err 13)
* Downgrades to HTTP/1.1!
* Empty reply from server
* Connection #0 to host roaming.officeapps.live.com left intact
* Issue another request to this URL: 'https://roaming.officeapps.live.com/rs/v1/settings/1065?rs=en-US'
* Found bundle for host roaming.officeapps.live.com: 0x7fc649f05ce0 [can multiplex]
* Re-using existing connection! (#0) with host roaming.officeapps.live.com
* Connected to roaming.officeapps.live.com (52.109.88.174) port 443 (#0)
* Using Stream ID: 3 (easy handle 0x7fc64b00d400)
> OPTIONS /rs/v1/settings/1065?rs=en-US HTTP/2
> Host: roaming.officeapps.live.com
> user-agent: curl/7.75.0
> accept: */*
> 
* HTTP/2 stream 0 was not closed cleanly: HTTP_1_1_REQUIRED (err 13)
* Connection died, retrying a fresh connect(retry count: 1)
* Downgrades to HTTP/1.1!
* Closing connection 0
* Issue another request to this URL: 'https://roaming.officeapps.live.com/rs/v1/settings/1065?rs=en-US'
* Hostname roaming.officeapps.live.com was found in DNS cache
*   Trying 52.109.88.174:443...
* Connected to roaming.officeapps.live.com (52.109.88.174) port 443 (#1)
* ALPN, offering http/1.1
* SSL re-using session ID
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* old SSL session ID is stale, removing
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use http/1.1
* Server certificate:
*  subject: CN=roaming.officeapps.live.com
*  start date: Oct  6 18:18:00 2020 GMT
*  expire date: Oct  6 18:18:00 2021 GMT
*  subjectAltName: host "roaming.officeapps.live.com" matched cert's "*.officeapps.live.com"
*  issuer: C=US; O=Microsoft Corporation; CN=Microsoft RSA TLS CA 02
*  SSL certificate verify ok.
> OPTIONS /rs/v1/settings/1065?rs=en-US HTTP/1.1
> Host: roaming.officeapps.live.com
> User-Agent: curl/7.75.0
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 204 No Content
< Cache-Control: no-cache
< Pragma: no-cache
< Content-Type: application/json; charset=utf-8
< Expires: -1
< Server: Microsoft-IIS/10.0
< X-OfficeFE: RoamingFE_IN_1
< X-OfficeVersion: 16.0.13914.30575
< X-OfficeCluster: weu-roaming.officeapps.live.com
< X-CorrelationId: 3bf5bf83-e562-4b74-b46c-396b4cf8bbfc
< X-Powered-By: ASP.NET
< Date: Mon, 22 Mar 2021 11:30:27 GMT
< 
* Excess found: excess = 384 url = /rs/v1/settings/1065 (zero-length body)
* Connection #1 to host roaming.officeapps.live.com left intact

Note how it says "* Downgrades to HTTP/1.1!" twice.

@bagder bagder self-assigned this Mar 25, 2021
bagder added a commit that referenced this issue Mar 25, 2021
Otherwise libcurl is likely to reuse the connection again in the next
attempt since the connection reuse logic doesn't take downgrades into
account.

Reported-by: Anthony Ramine
Fixes #6788
@bagder bagder closed this in 7b6bfd2 Mar 25, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

2 participants