Mchlrch added a comment. |
I was able to reproduce the issue outside the WDQR codebase [1], using the blazegraph bigdata-client library.
Unfortunately, I can only confirm what Stas already suspected and commented earlier: There is no easy fix.
What I conclude, is that current WDQR does not support federation to endpoints that also provide HTTP/2 over TLS, because HTTP/2 over TLS requires the use of ALPN. The blazegraph bigdata-client library used in WDQR uses jetty version 9.2.3.v20140905, which predates HTTP/2 standardization from 2015 and therefore lacks ALPN support.
WDQR federation however does work with endpoints that also provide HTTP/2 but without TLS - because negotation works without ALPN in that case.
Looking forward, it would seem reasonable to aim at including support for HTTP/2 over TLS in WDQR. Jetty apparently supports HTTP/2 starting with version 9.3 [2], so maybe upgrading blazegraph to jetty 9.3 is doable. On the other hand, I noticed that the blazegraph codebase has not seen any activity in the last two years, which might also be a motivation for Wikidata to move on to another datastore.
To resolve on the endpoint side would apparently require to completely drop support for HTTP/2 over TLS. Even though theoretically possible, I personally don't consider that an option, because it's just too regressive.
Probably just a bad idea, but I mention it anyway: Another option (pretty far fetched and adventurous) might be to have a MITMing proxy inside Wikidata infrastructure, that terminates outbound HTTP/2-TLS on one side and exposes HTTP/1.1-TLS to WDQR. Also I have no clue if there are products, that actually support such behavior.
1: https://github.com/mchlrch/wdqr-ssz-tc/tree/master/wdqr-ssz-tc
2: http://git.eclipse.org/c/jetty/org.eclipse.jetty.project.git/tree/VERSION.txt
Cc: Mchlrch, Gehel, Aklapper, Smalyshev, Lahi, Gq86, Lucas_Werkmeister_WMDE, GoranSMilovanovic, QZanden, EBjune, merbst, LawExplorer, Jonas, Xmlizer, jkroll, Wikidata-bugs, Jdouglas, aude, Tobias1984, Manybubbles, Mbch331
_______________________________________________ Wikidata-bugs mailing list Wikidata-bugs@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs