Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

http_source does not honor tls.alpn_protocols and always default to http/1.1 #18842

Closed
anil-db opened this issue Oct 14, 2023 · 1 comment
Closed

http_source does not honor tls.alpn_protocols and always default to http/1.1 #18842

anil-db opened this issue Oct 14, 2023 · 1 comment
Labels
type: bug A code related bug.

Comments

@anil-db
Copy link
Contributor

anil-db commented Oct 14, 2023

A note for the community

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Problem

when running http_server source with tls and alpn_protocols, protocol negotiation does not happen and it always defaults to http/1.1

Configuration

[sources.dummy_logs]
type = "http_server"
address = "0.0.0.0:443"
tls.alpn_protocols = ["h2"]
tls.ca_file = "/Users/anil.gupta/localHttpsFiles/certs/myCA.pem"
tls.crt_file = "/Users/anil.gupta/localHttpsFiles/certs/localhost.crt"
tls.enabled = true
tls.key_file = "/Users/anil.gupta/localHttpsFiles/certs/localhost.key"
tls.key_pass = ""
tls.verify_certificate = false
tls.verify_hostname = false
# Print parsed logs to stdout
[sinks.print]
type = "console"
inputs = ["dummy_logs"]
encoding.codec = "json"

Version

vector 0.31.0 (x86_64-apple-darwin 0f13b22 2023-07-06 13:52:34.591204470)

Debug Output

No response

Example Data

after running http_server if you use curl we see that protocol negotiation did not happen

curl -k -vv -X POST https://localhost:443 -d "hello"
Note: Unnecessary use of -X or --request, POST is already inferred.

  • Trying 127.0.0.1:443...
  • Connected to localhost (127.0.0.1) port 443 (#0)
  • ALPN: offers h2,http/1.1
  • (304) (OUT), TLS handshake, Client hello (1):
  • (304) (IN), TLS handshake, Server hello (2):
  • TLSv1.2 (IN), TLS handshake, Certificate (11):
  • TLSv1.2 (IN), TLS handshake, Server key exchange (12):
  • TLSv1.2 (IN), TLS handshake, Server finished (14):
  • TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
  • TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
  • TLSv1.2 (OUT), TLS handshake, Finished (20):
  • TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
  • TLSv1.2 (IN), TLS handshake, Finished (20):
  • SSL connection using TLSv1.2 / ECDHE-RSA-CHACHA20-POLY1305
  • ALPN: server did not agree on a protocol. Uses default.
  • Server certificate:
  • subject: CN=localhost
  • start date: Sep 20 01:21:19 2023 GMT
  • expire date: Dec 23 01:21:19 2025 GMT
  • issuer: C=US; ST=CA; CN=localhost
  • SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
  • using HTTP/1.x

POST / HTTP/1.1
Host: localhost
User-Agent: curl/8.1.2
Accept: /
Content-Length: 5
Content-Type: application/x-www-form-urlencoded

< HTTP/1.1 200 OK
< content-length: 0
< date: Sat, 14 Oct 2023 17:19:50 GMT
<

Additional Context

No response

References

No response
@anil-db anil-db added the type: bug A code related bug. label Oct 14, 2023
@anil-db anil-db mentioned this issue Oct 14, 2023
Merged
@bruceg
Copy link
Member

bruceg commented Oct 17, 2023

Closed by #18843

@bruceg bruceg closed this as completed Oct 17, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type: bug A code related bug.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bruceg @anil-db