Re: nginxQuic: зависание соединения и сброс на HTTP/2 протокол
izorkin на gmail.com
izorkin на gmail.com
Пн Апр 10 16:41:28 UTC 2023
Здравствуйте, Роман.
Все тесты проводил на внутри одной локальной сети, потери по UDP протоколу маловероятны.
Лог удачного и неудачного запроса:
* Trying 192.168.0.21:443...
* Trying 192.168.0.21:443...
* Connected to example.com (192.168.0.21) port 443 (#0)
* ALPN: offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* subjectAltName: host "example.com" matched cert's "example.com"
* Verified certificate just fine
* Connected to example.com (192.168.0.21) port 443 (#0)
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS alert, close notify (256):
* using HTTP/3
* h2h3 [:method: HEAD]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: example.com]
* h2h3 [user-agent: curl/8.0.1]
* h2h3 [accept: */*]
* Using HTTP/3 Stream ID: 0 (easy handle 0x1152ed0)
> HEAD / HTTP/3
> Host: example.com
> user-agent: curl/8.0.1
> accept: */*
>
< HTTP/3 403
HTTP/3 403
< server: nginx/1.23.4
server: nginx/1.23.4
< date: Mon, 10 Apr 2023 16:28:29 GMT
date: Mon, 10 Apr 2023 16:28:29 GMT
< content-type: text/html
content-type: text/html
< content-length: 153
content-length: 153
<
* Connection #0 to host example.com left intact
* Trying 192.168.0.21:443...
* Trying 192.168.0.21:443...
* Connected to example.com (192.168.0.21) port 443 (#0)
* ALPN: offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN: server accepted h2
* Server certificate:
* subject: CN=example.com
* start date: Mar 6 17:57:46 2023 GMT
* expire date: Apr 5 17:57:46 2025 GMT
* subjectAltName: host "example.com" matched cert's "example.com"
* issuer: CN=minica root ca 283035
* SSL certificate verify ok.
* using HTTP/2
* h2h3 [:method: HEAD]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: example.com]
* h2h3 [user-agent: curl/8.0.1]
* h2h3 [accept: */*]
* Using Stream ID: 1 (easy handle 0x1ae6ed0)
> HEAD / HTTP/2
> Host: example.com
> user-agent: curl/8.0.1
> accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
< HTTP/2 403
HTTP/2 403
< server: nginx/1.23.4
server: nginx/1.23.4
< date: Mon, 10 Apr 2023 16:28:32 GMT
date: Mon, 10 Apr 2023 16:28:32 GMT
< content-type: text/html
content-type: text/html
< content-length: 153
content-length: 153
<
* Connection #0 to host example.com left intact
Лог с бесконечным запросом:
* Trying 192.168.0.21:443...
* Trying 192.168.0.21:443...
* Connected to example.com (192.168.0.21) port 443 (#0)
* ALPN: offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* subjectAltName: host "example.com" matched cert's "example.com"
* Verified certificate just fine
* Connected to example.com (192.168.0.21) port 443 (#0)
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS alert, close notify (256):
* using HTTP/3
* h2h3 [:method: HEAD]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: example.com]
* h2h3 [user-agent: curl/8.0.1]
* h2h3 [accept: */*]
* Using HTTP/3 Stream ID: 0 (easy handle 0x18f6ed0)
> HEAD / HTTP/3
> Host: example.com
> user-agent: curl/8.0.1
> accept: */*
>
* ngtcp2_conn_writev_stream returned error: ERR_DRAINING
* ngtcp2_conn_writev_stream returned error: ERR_DRAINING
* ngtcp2_conn_writev_stream returned error: ERR_DRAINING
* ngtcp2_conn_writev_stream returned error: ERR_DRAINING
* ngtcp2_conn_writev_stream returned error: ERR_DRAINING
* ngtcp2_conn_writev_stream returned error: ERR_DRAINING
--
С уважением,
Izorkin mailto:izorkin на gmail.com
Подробная информация о списке рассылки nginx-ru