Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

schannel: Fix ALPN buffer for HTTP/2 #7138

Closed
wants to merge 1 commit into from

Conversation

@JDepooter
Copy link
Contributor

@JDepooter JDepooter commented May 27, 2021

After upgrading to version 7.77, I noticed that requests using HTTP/2 with SChannel were failing with an error from the InitializeSecurityContext function.

schannel: initial InitializeSecurityContext failed: SEC_E_ILLEGAL_MESSAGE (0x80090326) - This error usually occurs when a fatal SSL/TLS` alert is received (e.g. handshake failed). More detail may be available in the Windows System event log.

In a3268ec the schannel code was changed to use the ALPN_H2 constant instead of the NGHTTP2_PROTO_ALPN constant. However, these constants are not the same. The nghttp2 constant included the length of the string, like this: "\x2h2". The ALPN_H2 constant is just "h2". Therefore we need to re-add the length of the string to the ALPN buffer.

This now matches the way that the "http/1.1" string and it's associated length are added to the ALPN buffer.

In a3268ec this code was changed to use the ALPN_H2 constant instead of the NGHTTP2_PROTO_ALPN constant. However, these constants are not the same. The nghttp2 constant included the length of the string, like this: "\x2h2". The ALPN_H2 constant is just "h2". Therefore we need to re-add the length of the string to the ALPN buffer.
@bagder
bagder approved these changes May 27, 2021
@bagder
Copy link
Member

@bagder bagder commented May 27, 2021

Thanks!

@JDepooter JDepooter deleted the JDepooter:schannel_alpn_h2_length branch May 27, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

2 participants