Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

NPN negotiation support for example server

  • Loading branch information...
commit 5087306ab4a1d05d45929b1dab2d63654460db82 1 parent af9a8f8
@igrigorik authored
View
8 example/README.md
@@ -3,9 +3,15 @@
First, a quick test to ensure that we can talk to ourselves:
```bash
+# Direct connection
$> ruby server.rb
$> ruby client.rb http://localhost:8080/ # GET
$> ruby client.rb http://localhost:8080/ -d 'some data' # POST
+
+# TLS + NPN negotiation
+$> ruby server.rb --secure
+$> ruby client.rb https://localhost:8080/ # GET
+$> ...
```
### [nghttp2](https://github.com/tatsuhiro-t/nghttp2) (HTTP/2.0 C Library)
@@ -43,3 +49,5 @@ $> ruby client.rb https://gabor.molnar.es:8080/post -d'some data'
# NPN + GET request (http-2 > twitter)
$> ruby client.rb https://twitter.com/
```
+
+For a complete list of current implementations, see [http2 wiki](https://github.com/http2/http2-spec/wiki/Implementations).
View
15 example/client.rb
@@ -9,7 +9,6 @@
end
end.parse!
-draft = 'HTTP-draft-06/2.0'
uri = URI.parse(ARGV[0] || 'http://localhost:8080/')
tcp = TCPSocket.new(uri.host, uri.port)
@@ -19,21 +18,21 @@
ctx = OpenSSL::SSL::SSLContext.new
ctx.verify_mode = OpenSSL::SSL::VERIFY_NONE
- ctx.npn_protocols = [draft]
+ ctx.npn_protocols = [DRAFT]
ctx.npn_select_cb = lambda do |protocols|
puts "NPN protocols supported by server: #{protocols}"
- if protocols.include? draft
- draft
- else
- puts "Server does not support #{draft}"
- exit
- end
+ DRAFT if protocols.include? DRAFT
end
sock = OpenSSL::SSL::SSLSocket.new(tcp, ctx)
sock.sync_close = true
sock.hostname = uri.hostname
sock.connect
+
+ if sock.npn_protocol != DRAFT
+ puts "Failed to negotiate #{DRAFT} via NPN"
+ exit
+ end
else
sock = tcp
end
View
2  example/helper.rb
@@ -6,6 +6,8 @@
require 'http/2'
require 'uri'
+DRAFT = 'HTTP-draft-06/2.0'
+
class Logger
def initialize(id)
@id = id
View
24 example/keys/mycert.pem
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIID9DCCAtygAwIBAgIJAKIwkCCNJr2mMA0GCSqGSIb3DQEBBQUAMFkxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQxEjAQBgNVBAMTCWxvY2FsaG9zdDAeFw0xMjA2MjQxODE4
+MTZaFw0xMzA2MjQxODE4MTZaMFkxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21l
+LVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxEjAQBgNV
+BAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOTQ
+eHgUpZnggH2RwBeghuf86/7wNeO4DIJacLrmCynA871ioOvxzPx5jPTV6dkkitMT
+lNroneNa/BbRHHOVUvCtuJyKXEiFyWs/jCYAZ335uMYtDK2FAHRvNgXMM1YZTpbM
+CSIteVsWIAuNFAWwQS8Bd9oACUS1P69eNbA1BBOqnaYoZT1D+JD4bp9kpBYqXJtf
+wOgHGzPOVatqzJDgOqSwYVz1ZETVopv+TMBght938iVoow2cHnJ2Zj/n/jBkG8E9
+FNlmc67WqQkJsS16E9sEntJOSNldBRsjMFux4E+g7wzyn9tFJ0nYJ/rklWa24BN7
+Vg9diYljQNLLSMv8/tcCAwEAAaOBvjCBuzAdBgNVHQ4EFgQUqBtvGKKXRaXzFV16
+W1uMzroa8SkwgYsGA1UdIwSBgzCBgIAUqBtvGKKXRaXzFV16W1uMzroa8SmhXaRb
+MFkxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJ
+bnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxEjAQBgNVBAMTCWxvY2FsaG9zdIIJAKIw
+kCCNJr2mMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBALji7DAGBRU9
+x6/zw7EcEDlutGv6qp1VasJzSexVCZAr5c7vSDbdM+wlAxvwBguoFNLvrIvBxUMN
+pf/lvig2Q++lGTiqu5VodnmJXnqze7PO2Rdq9Yqgkva7qVFuGrYwGTXfiuz5LqGV
+BWz/i1i8EwJmO+p0yLk+r1hjBaeAqfbZtt1ACeZgu/8zaI9ypb2vpwOyW5TUJ8hk
+S+ZAX1Pd5OMqerD6DTfD/McHkWnC3ilcW4ZQIIJABKGxPc7k9Gyod9PZIPJS/ER7
+7koJ84u8esvnaP3DGHIuWngMpQcgMzJbD5bNX+C0DoaxkWre8u7afCW68a58RP19
+LTlr/GlI51c=
+-----END CERTIFICATE-----
View
27 example/keys/mykey.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEA5NB4eBSlmeCAfZHAF6CG5/zr/vA147gMglpwuuYLKcDzvWKg
+6/HM/HmM9NXp2SSK0xOU2uid41r8FtEcc5VS8K24nIpcSIXJaz+MJgBnffm4xi0M
+rYUAdG82BcwzVhlOlswJIi15WxYgC40UBbBBLwF32gAJRLU/r141sDUEE6qdpihl
+PUP4kPhun2SkFipcm1/A6AcbM85Vq2rMkOA6pLBhXPVkRNWim/5MwGCG33fyJWij
+DZwecnZmP+f+MGQbwT0U2WZzrtapCQmxLXoT2wSe0k5I2V0FGyMwW7HgT6DvDPKf
+20UnSdgn+uSVZrbgE3tWD12JiWNA0stIy/z+1wIDAQABAoIBABSU5/EtMkQoHIav
+AI9fgiMF7hhtdPt5x65GAlPdc22bDJGheIYgpuai7Fntj+5XSiF4ZnBWcjVMLtbC
+koOXD/HUPoHeNDTVy+tYuPuGF8kOGF/DF5vYFdVjV4Gn/4okFpyb18p6OqtFzzYa
+x41HcGWRBT3XuP20K/lTSRMDgc1e5N9bmoOONJqT+K1ak0Dv2Ifl5RTBWbmYymgR
+30cgDkiazCNjhRCCCBX8cctB4ULiOvqdksn5Ln05jvezd1Wog/ryr4SI+HMmAroZ
+dB+F8kODO792/ahR8DusQUVpwVbHqAXOVHmtplMZ4DlIgw+qY5pRawkvdetq/Ghy
+fHAInsECgYEA/U4uNsghZJiWnpZ999esCbHwM6orgX561Nx/WsmKGv0pjslZNDrx
+5Awd0EQo/NW59CUW5RcHnK+ayAsQ1xgN4HB97xYAj5v0xEzhQw8fg39fc/4gja+j
+F89wK3nfX1F4PpisN6eir+z2UcUJLT4rIsFa57R7TbLV6eV/nhxoauECgYEA5z+Y
+ITSdgwsS8FR+8ZL/UvdmkDW34gQUZ3QEAkJZfkCaHXq90tgIHDBm8dZBKEuDHJSN
+yJQ4VeHzBD9q7pdz/qDXAw5Jqgz01ToWWuGvCbcqvH6u1UrVvUhgr0JbyUZgrL4r
+/c5buWHS+IKwtBqWG1oo4kclfz3TIjtLXiVDmLcCgYB+/K2wav5KpzCDSqDWGjo2
+Fg18aSgsYBMGGZCDHBxvUVF/MrPUumQ/1k8v9KuzrRXvLpTevn/jbimjdeC4ZGe4
+h8yqipY3aJD5xCz96Fv9GWLqDJGXVmDl8+mg8hUofPhSMUnNEO4/UgVeku/5zXvk
+jZicJl/WYPxaqOIkistSIQKBgQCoLuhFvi6QkA1GHS32JCLuBGDjoS4Lg0wTsZz4
+x6iu2e08Y3iLT/MWDV3RpTHeTI0ezCwSJTqTu7Ey9ayfuibymafG4S1SL/og2g5I
+KrtTJZQ/YyNknPi2oV0wGeMHj9ffyq/T97FeMndtph893dguLHRvna73y88ypk06
+O3/eIQKBgH10X3RoSDr04vVLFPjJ4beRj4SQA7BVUCio5MSrqkh2aTW0nFv+DiVm
+M5nqfiH5QjO1NkKXrqUYAFVdAxcLRPXSAMHK0G61HyWDKyUEwAqWQ4sZGgFrzFUb
+tihmVFKrXyzeMLumwn6TNCGVPYGAWw4FgHq59Hr+bAMp2g80Nmyj
+-----END RSA PRIVATE KEY-----
View
29 example/server.rb
@@ -1,7 +1,32 @@
require_relative 'helper'
-puts "Starting server on port 8080"
-Socket.tcp_server_loop(8080) do |sock|
+options = {port: 8080}
+OptionParser.new do |opts|
+ opts.banner = "Usage: server.rb [options]"
+
+ opts.on("-s", "--secure", "HTTPS mode") do |v|
+ options[:secure] = v
+ end
+
+ opts.on("-p", "--port [Integer]", "listen port") do |v|
+ options[:port] = v
+ end
+end.parse!
+
+puts "Starting server on port #{options[:port]}"
+server = TCPServer.new(options[:port])
+
+if options[:secure]
+ ctx = OpenSSL::SSL::SSLContext.new
+ ctx.cert = OpenSSL::X509::Certificate.new(File.open("keys/mycert.pem"))
+ ctx.key = OpenSSL::PKey::RSA.new(File.open("keys/mykey.pem"))
+ ctx.npn_protocols = [DRAFT]
+
+ server = OpenSSL::SSL::SSLServer.new(server, ctx)
+end
+
+loop do
+ sock = server.accept
puts "New TCP connection!"
conn = HTTP2::Server.new
Please sign in to comment.
Something went wrong with that request. Please try again.