Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Tue, Dec 8, 2015 at 3:07 AM, William A Rowe Jr wrote: >> >> The handler handling the first request has to read the body before the >> switch, eg. mod_proxy could forward the request without the client >> having switched to any other protocol. > > Whoa... First the handler

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

> Am 08.12.2015 um 01:58 schrieb William A Rowe Jr : > > On Mon, Dec 7, 2015 at 6:35 PM, Yann Ylavic wrote: > On Tue, Dec 8, 2015 at 1:27 AM, William A Rowe Jr wrote: > > On Mon, Dec 7, 2015 at 6:15 PM, Yann Ylavic

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

> Am 08.12.2015 um 10:48 schrieb Yann Ylavic : > > On Tue, Dec 8, 2015 at 3:07 AM, William A Rowe Jr wrote: > [...] > That's why I'd rather go with *not* honoring the Upgrade until a > request comes with no body. ++1

RE: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

> -Original Message- > From: Stefan Eissing [mailto:stefan.eiss...@greenbytes.de] > Sent: dinsdag 8 december 2015 10:25 > To: dev@httpd.apache.org > Subject: Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl > Upgrade tls > > > > Am 08.12.2015 um 0

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

Wow, you have been busy in my sleep... I will respond to individual messages later in my office. From what I got overall: - I completely agree with Yann, request bodies, 100 continue or not, are sent using the original, pre-upgrade protocol, e.g. http/1.1 - until the body is read, 101 may be

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

Hi folks, sorry for the late interruption after we have already shipped 2.4.16, but there seems to be an issue that merits revisiting before the 2.4.16 API schema is widely adopted. We seem to have misplaced the upgrade handler in the wrong hook. This is easily shown by the fact that we had two

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Mon, Dec 7, 2015 at 5:38 PM, William A Rowe Jr wrote: > > https://tools.ietf.org/html/rfc7230#section-6.7 makes things more > interesting, it calls out that 101-continue and the request body read > precedes the 101-switching protocols. Not sure who decided that would be a

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Mon, Dec 7, 2015 at 7:25 PM, Jacob Champion wrote: > On 12/07/2015 03:49 PM, William A Rowe Jr wrote: > >> Just to confirm, the purpose of splitting this up into two separate >> calls to the same function is solely to deal with "OPTIONS *", which >> doesn't

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

Sorry it took so long to respond to this earlier post, some of this might have already been covered... On Mon, Dec 7, 2015 at 1:03 PM, Stefan Eissing wrote: > > Think about CORS restrictions and other stuff. > - I think its the protocol handlers job to deal with

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

Ugh, looks like I'm too slow on my work with the upgrade proposal hooks; sorry I haven't been able to give in-depth feedback yet. On Dec 7, 2015 11:09 AM, "Stefan Eissing" wrote: > > Not at my machine to really check the runtime behaviour. Can do that tomorrow. My

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Dec 7, 2015 8:43 AM, "William A Rowe Jr" wrote: > > https://tools.ietf.org/html/rfc7230#section-6.7 makes things more interesting, it calls out that 101-continue and the request body read precedes the 101-switching protocols. Not sure who decided that would be a good

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Mon, Dec 7, 2015 at 2:15 PM, Jacob Champion wrote: > On Dec 7, 2015 8:43 AM, "William A Rowe Jr" wrote: > > > > https://tools.ietf.org/html/rfc7230#section-6.7 makes things more > interesting, it calls out that 101-continue and the request body read

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

There can be no 100 after a 101. After a 101, the downstream speaks the new protocol, immediately. > Am 07.12.2015 um 21:29 schrieb William A Rowe Jr : > >> On Mon, Dec 7, 2015 at 2:15 PM, Jacob Champion wrote: >> On Dec 7, 2015 8:43 AM, "William A

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

ok, after some more thinking. if a tls+http/1.1 upgrade together with Expect is indeed a use case, then, to make that work, sending the 101 needs to become the task of the switch protocol handler itself. Then the order in which intermediate responses are sent depends on the switched protocol.

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Dec 7, 2015 12:44 PM, "Stefan Eissing" wrote: > > There can be no 100 after a 101. After a 101, the downstream speaks the new protocol, immediately. I suspect Bill is talking about the very specific case of an upgrade to HTTP/1.1-over-TLS, in which case I think

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On 12/07/2015 11:55 AM, Jacob Champion wrote: > - moving things to post read sounds tempting, however I'm not sure if we want to upgrade on non-authed request or not, for example. I am not sure what else we do in post read, maybe someone else has an opinion about that. It certainly looks nicer

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Mon, Dec 7, 2015 at 2:39 PM, Stefan Eissing wrote: > There can be no 100 after a 101. After a 101, the downstream speaks the > new protocol, immediately. > Right, and the new protocol is TLS/1.x HTTP/1.1 in the mod_ssl case. What's so confusing? > Am

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Mon, Dec 7, 2015 at 4:12 PM, William A Rowe Jr wrote: > On Mon, Dec 7, 2015 at 2:39 PM, Stefan Eissing < > stefan.eiss...@greenbytes.de> wrote: > >> There can be no 100 after a 101. After a 101, the downstream speaks the >> new protocol, immediately. >> > > Right, and the

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Mon, Dec 7, 2015 at 4:10 PM, Jacob Champion wrote: > On 12/07/2015 11:55 AM, Jacob Champion wrote: > >> > - moving things to post read sounds tempting, however I'm not sure if >> we want to upgrade on non-authed request or not, for example. I am not >> sure what else we

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On 12/07/2015 02:40 PM, William A Rowe Jr wrote: Not "noise" at all... I'm imagining a mod_echo protocol example that looks much like your use case... 1st call to core_upgrade_request in post_read_req hook, after setenvif and mod_headers processing... tls is ready, echo (or websocket) would not

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Mon, Dec 7, 2015 at 6:07 PM, Yann Ylavic wrote: > On Mon, Dec 7, 2015 at 5:38 PM, William A Rowe Jr > wrote: > > > > https://tools.ietf.org/html/rfc7230#section-6.7 makes things more > > interesting, it calls out that 101-continue and the request

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

Here's my thoughts to address this rather quickly for 2.4.18 to keep ourselves on track; simply move the core protocol handling phase and ap_switch_protocol action into the appropriate request processing phase, address the fail-cases of the ap_switch_protocol exceptions that have been overlooked

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

Not at my machine to really check the runtime behaviour. Can do that tomorrow. My thoughts so far: - the return code was not checked intentionally. Once the 101 intermediate response is sent, there is nothing core can do on the connection. It has been switched to a protocol unknown to core.

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Mon, Dec 7, 2015 at 2:54 PM, Stefan Eissing wrote: > ok, after some more thinking. if a tls+http/1.1 upgrade together with > Expect is indeed a use case, then, to make that work, sending the 101 needs > to become the task of the switch protocol handler itself.

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Tue, Dec 8, 2015 at 1:07 AM, Yann Ylavic wrote: > > the body ought to be > set aside for any (relevant) TLS response (which needs the > handshake...). Hmm, no need to set aside, *unless* with must produce a response before the entire body (and the handshake) is read. But

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Mon, Dec 7, 2015 at 6:15 PM, Yann Ylavic wrote: > On Tue, Dec 8, 2015 at 1:07 AM, Yann Ylavic wrote: > > > > the body ought to be > > set aside for any (relevant) TLS response (which needs the > > handshake...). > > Hmm, no need to set aside,

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Mon, Dec 7, 2015 at 5:21 PM, Jacob Champion wrote: > On 12/07/2015 02:40 PM, William A Rowe Jr wrote: > >> Not "noise" at all... I'm imagining a mod_echo protocol example that >> looks much like your use case... >> >> 1st call to core_upgrade_request in post_read_req

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Mon, Dec 7, 2015 at 6:05 PM, William A Rowe Jr wrote: > On Mon, Dec 7, 2015 at 2:54 PM, Stefan Eissing < > stefan.eiss...@greenbytes.de> wrote: > >> ok, after some more thinking. if a tls+http/1.1 upgrade together with >> Expect is indeed a use case, then, to make that

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Tue, Dec 8, 2015 at 1:27 AM, William A Rowe Jr wrote: > On Mon, Dec 7, 2015 at 6:15 PM, Yann Ylavic wrote: >> >> On Tue, Dec 8, 2015 at 1:07 AM, Yann Ylavic wrote: >> > >> > the body ought to be >> > set aside for any

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Tue, Dec 8, 2015 at 1:13 AM, William A Rowe Jr wrote: > On Mon, Dec 7, 2015 at 6:07 PM, Yann Ylavic wrote: >> >> The 100-continue case isn't a particular one IMHO, any Upgrade header >> would be informative, not authoritative (not a 101 status). > >

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Mon, Dec 7, 2015 at 6:35 PM, Yann Ylavic wrote: > On Tue, Dec 8, 2015 at 1:27 AM, William A Rowe Jr > wrote: > > On Mon, Dec 7, 2015 at 6:15 PM, Yann Ylavic > wrote: > >> > >> On Tue, Dec 8, 2015 at 1:07 AM, Yann Ylavic

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Tue, Dec 8, 2015 at 1:58 AM, William A Rowe Jr wrote: > On Mon, Dec 7, 2015 at 6:35 PM, Yann Ylavic wrote: >> >> The body of the first request is never Upgraded, so why would we read >> it using the Upgraded protocol? > > > How do you mean? The RFC

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On 12/07/2015 03:49 PM, William A Rowe Jr wrote: Just to confirm, the purpose of splitting this up into two separate calls to the same function is solely to deal with "OPTIONS *", which doesn't follow the same logical path in httpd? Or is there another reason? No, it is because

Re: 2.4 pause - mod_http2 patchset Upgrade h2c vs mod_ssl Upgrade tls

On Dec 7, 2015 19:29, "Yann Ylavic" wrote: > > On Tue, Dec 8, 2015 at 1:58 AM, William A Rowe Jr wrote: > > On Mon, Dec 7, 2015 at 6:35 PM, Yann Ylavic wrote: > >> > >> The body of the first request is never Upgraded, so why would