search

apache / trafficserver

Apache Traffic Server™ is a fast, scalable and extensible HTTP/1.1 and HTTP/2 compliant caching proxy server.
https://trafficserver.apache.org/
Apache License 2.0
1.82k stars 804 forks source link

Connection is not successful with curl 8.5.1-DEV #10951

Closed Karthikdasari0423 closed 10 months ago

Karthikdasari0423 commented 10 months ago

I built ATS as explained in the HTTP/3 Docs (https://github.com/apache/trafficserver/wiki/HTTP-3-Documentation)

root@ubuntu:~# netstat -alpn | grep traffic_
tcp        0      0 0.0.0.0:4443            0.0.0.0:*               LISTEN      250548/traffic_serv
tcp        0      0 0.0.0.0:8080            0.0.0.0:*               LISTEN      250548/traffic_serv
tcp6       0      0 :::8080                 :::*                    LISTEN      250548/traffic_serv
udp        0      0 127.0.0.1:50171         127.0.0.53:53           ESTABLISHED 250548/traffic_serv
udp        0      0 0.0.0.0:4443            0.0.0.0:*                           250548/traffic_serv
udp6       0      0 :::4443                 :::*                                250548/traffic_serv
unix  2      [ ACC ]     STREAM     LISTENING     5400858  250548/traffic_serv  /opt/ats/var/trafficserver/jsonrpc20.sock
unix  2      [ ]         DGRAM      CONNECTED     5400853  250548/traffic_serv
root@ubuntu:~#

when i tried to download or establish any connection using curl 8.5.1-DEV built on top of quictls/3.1.4 with ATS, connection is not getting established.

root@ubuntu:~# curl -V
curl 8.5.1-DEV (x86_64-pc-linux-gnu) libcurl/8.5.1-DEV quictls/3.1.4 zlib/1.2.11 brotli/1.0.9 nghttp2/1.59.0-DEV ngtcp2/1.1.0 nghttp3/1.1.0
Release-Date: [unreleased]
Protocols: dict file ftp ftps gopher gophers http https imap imaps ipfs ipns mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS brotli HSTS HTTP2 HTTP3 HTTPS-proxy IPv6 Largefile libz NTLM SSL threadsafe TLS-SRP UnixSockets
root@ubuntu:~#
root@ubuntu:~# curl -k -v --http3 https://127.0.0.1:4443/cache/1024
*   Trying 127.0.0.1:4443...
* QUIC cipher selection: TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_CCM_SHA256
* Skipped certificate verification
* Connected to 127.0.0.1 (127.0.0.1) port 4443
* using HTTP/3
* [HTTP/3] [0] OPENED stream for https://127.0.0.1:4443/cache/1024
* [HTTP/3] [0] [:method: GET]
* [HTTP/3] [0] [:scheme: https]
* [HTTP/3] [0] [:authority: 127.0.0.1:4443]
* [HTTP/3] [0] [:path: /cache/1024]
* [HTTP/3] [0] [user-agent: curl/8.5.1-DEV]
* [HTTP/3] [0] [accept: */*]
> GET /cache/1024 HTTP/3
> Host: 127.0.0.1:4443
> User-Agent: curl/8.5.1-DEV
> Accept: */*
>
* ngtcp2_conn_handle_expiry returned error: ERR_IDLE_CLOSE
* Connection #0 to host 127.0.0.1 left intact
curl: (55) ngtcp2_conn_handle_expiry returned error: ERR_IDLE_CLOSE
root@ubuntu:~#

but when i tried to establish connection with curl 8.2.1-DEV built on top of OpenSSL/3.1.2 with ATS, connection is getting established

root@ubuntu:~# /opt/bin/curl -V
curl 8.2.1-DEV (x86_64-pc-linux-gnu) libcurl/8.2.1-DEV OpenSSL/3.1.2 zlib/1.2.11 brotli/1.0.9 nghttp2/1.55.1 ngtcp2/0.17.0 nghttp3/0.13.0
Release-Date: [unreleased]
Protocols: dict file ftp ftps gopher gophers http https imap imaps mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS brotli HSTS HTTP2 HTTP3 HTTPS-proxy IPv6 Largefile libz NTLM NTLM_WB SSL threadsafe TLS-SRP UnixSockets
root@ubuntu:~#
root@ubuntu:~#
root@ubuntu:~# /opt/bin/curl -k -v --http3 https://127.0.0.1:4443/cache/1024
* processing: https://127.0.0.1:4443/cache/1024
*   Trying 127.0.0.1:4443...
* Skipped certificate verification
* Connected to 127.0.0.1 (127.0.0.1) port 4443
* using HTTP/3
* Using HTTP/3 Stream ID: 0
> GET /cache/1024 HTTP/3
> Host: 127.0.0.1:4443
> User-Agent: curl/8.2.1-DEV
> Accept: */*
>
< HTTP/3 200
< content-length: 1024
< cache-control: max-age=86400, public
< last-modified: Tue, 19 Dec 2023 13:39:12 GMT
< date: Tue, 19 Dec 2023 13:39:12 GMT
< age: 54310
< via: http/1.1 traffic_server (ApacheTrafficServer/10.0.0 [uScRs f p eN:t cCHp s ])
< server: ATS/10.0.0
<
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx* Connection #0 to host 127.0.0.1 left intact
root@ubuntu:~#

is there any known issue with curl 8.5.1-DEV with ATS or am i missing anything here?

brbzull0 commented 10 months ago

@Karthikdasari0423 try using the hostname(localhost) instead of the ip address, I suspect this is related to nghttp2 issue(or misuse not sure).

✔ ~/code/curl [curl-8_5_0|⚑ 1] 
11:27 $ /optnew/bin/curl -k --http3 https://localhost:4443/cache/10 -v
* Host localhost:4443 was resolved.
* IPv6: ::1
* IPv4: 127.0.0.1
*   Trying [::1]:4443...
* QUIC cipher selection: TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_CCM_SHA256
* Skipped certificate verification
* Connected to localhost (::1) port 4443
* using HTTP/3
* [HTTP/3] [0] OPENED stream for https://localhost:4443/cache/10
* [HTTP/3] [0] [:method: GET]
* [HTTP/3] [0] [:scheme: https]
* [HTTP/3] [0] [:authority: localhost:4443]
* [HTTP/3] [0] [:path: /cache/10]
* [HTTP/3] [0] [user-agent: curl/8.5.0-DEV]
* [HTTP/3] [0] [accept: */*]
> GET /cache/10 HTTP/3
> Host: localhost:4443
> User-Agent: curl/8.5.0-DEV
> Accept: */*
> 
< HTTP/3 200 
< content-length: 10
< cache-control: max-age=86400, public
< last-modified: Wed, 20 Dec 2023 10:30:09 GMT
< date: Wed, 20 Dec 2023 10:30:09 GMT
< age: 0
< via: http/1.1 traffic_server (ApacheTrafficServer/10.0.0 [uScSsSfUpSeN:t cCSp sS])
< server: ATS/10.0.0
< 
* Connection #0 to host localhost left intact
xxxxxxxxxx
✔ ~/code/curl [curl-8_5_0|⚑ 1]
Karthikdasari0423 commented 10 months ago

@brbzull0 correct, when i use localhost connection is fine

root@ubuntu:~# curl -k -v --http3-only https://localhost:4443/cache/1024
* Host localhost:4443 was resolved.
* IPv6: ::1
* IPv4: 127.0.0.1
*   Trying [::1]:4443...
* QUIC cipher selection: TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_CCM_SHA256
* Skipped certificate verification
* Connected to localhost (::1) port 4443
* using HTTP/3
* [HTTP/3] [0] OPENED stream for https://localhost:4443/cache/1024
* [HTTP/3] [0] [:method: GET]
* [HTTP/3] [0] [:scheme: https]
* [HTTP/3] [0] [:authority: localhost:4443]
* [HTTP/3] [0] [:path: /cache/1024]
* [HTTP/3] [0] [user-agent: curl/8.5.1-DEV]
* [HTTP/3] [0] [accept: */*]
> GET /cache/1024 HTTP/3
> Host: localhost:4443
> User-Agent: curl/8.5.1-DEV
> Accept: */*
>
< HTTP/3 200
< content-length: 1024
< cache-control: max-age=86400, public
< last-modified: Wed, 20 Dec 2023 05:19:21 GMT
< date: Wed, 20 Dec 2023 05:19:21 GMT
< age: 21887
< via: http/1.1 traffic_server (ApacheTrafficServer/10.0.0 [uScRs f p eN:t cCHp s ])
< server: ATS/10.0.0
<
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx* Connection #0 to host localhost left intact
root@ubuntu:~#
Karthikdasari0423 commented 10 months ago

Thank you @brbzull0,

I placed all my files in /var/www/html If I try to download file which is in above path then I am getting error Any idea what configuration do I need to change and in which file

Could you please help me with this

For example i have a file like below

root@ubuntu:~# ls -lrth /var/www/html/test.pdf
-rw-r--r-- 1 root root 560K Dec 17 19:12 /var/www/html/test.pdf
root@ubuntu:~#

if i try to download test.pdf,i will get error cause my ATS is not pointing to /var/www/html

root@ubuntu:~# curl -k -v --http3-only -o /tmp/test.pdf https://localhost:4443/test.pdf
* Host localhost:4443 was resolved.
* IPv6: ::1
* IPv4: 127.0.0.1
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying [::1]:4443...
* QUIC cipher selection: TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_CCM_SHA256
* Skipped certificate verification
* Connected to localhost (::1) port 4443
* using HTTP/3
* [HTTP/3] [0] OPENED stream for https://localhost:4443/test.pdf
* [HTTP/3] [0] [:method: GET]
* [HTTP/3] [0] [:scheme: https]
* [HTTP/3] [0] [:authority: localhost:4443]
* [HTTP/3] [0] [:path: /test.pdf]
* [HTTP/3] [0] [user-agent: curl/8.5.1-DEV]
* [HTTP/3] [0] [accept: */*]
> GET /test.pdf HTTP/3
> Host: localhost:4443
> User-Agent: curl/8.5.1-DEV
> Accept: */*
>
  0     0    0     0    0     0      0      0 --:--:--  0:00:29 --:--:--     0* ngtcp2_conn_handle_expiry returned error: ERR_IDLE_CLOSE
  0     0    0     0    0     0      0      0 --:--:--  0:00:30 --:--:--     0
* Connection #0 to host localhost left intact
curl: (55) ngtcp2_conn_handle_expiry returned error: ERR_IDLE_CLOSE
root@ubuntu:~#

Could you please help me to point my ATS to /var/www/html folder instead of default folder

Karthikdasari0423 commented 10 months ago

Thank you @brbzull0 Closing this.