search

itzg / docker-minecraft-bedrock-server

Containerized Minecraft Bedrock Dedicated Server with selectable version
MIT License
1.19k stars 224 forks source link

Force curl to use HTTP/1.1 #470

Closed Vex closed 3 weeks ago

Vex commented 3 weeks ago

Fixing issue where curl is defaulting to HTTP/2 which isn't supported by the download server.

itzg commented 3 weeks ago

What symptoms were you seeing?

With DEBUG set to true, I was able to confirm their CDN responds fine to HTTP/2:

+ curl -v -o /tmp/bedrock-server-1.21.43.01.zip -A itzg/minecraft-bedrock-server -fsSL https://www.minecraft.net/bedrockdedicatedserver/bin-linux/bedrock-server-1.21.43.01.zip
Downloading Bedrock server version 1.21.43.01 ...
*   Trying 104.117.247.72:443...
* Connected to www.minecraft.net (104.117.247.72) port 443 (#0)
* ALPN: offers h2,http/1.1
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [29 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [2427 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [80 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [52 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [52 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN: server accepted h2
* Server certificate:
*  subject: C=US; ST=WA; L=Redmond; O=Microsoft Corporation; CN=*.minecraft.net
*  start date: May 29 20:28:20 2024 GMT
*  expire date: May 24 20:28:20 2025 GMT
*  subjectAltName: host "www.minecraft.net" matched cert's "*.minecraft.net"
*  issuer: C=US; O=Microsoft Corporation; CN=Microsoft Azure ECC TLS Issuing CA 04
*  SSL certificate verify ok.
} [5 bytes data]
* using HTTP/2
* h2h3 [:method: GET]
* h2h3 [:path: /bedrockdedicatedserver/bin-linux/bedrock-server-1.21.43.01.zip]
* h2h3 [:scheme: https]
* h2h3 [:authority: www.minecraft.net]
* h2h3 [user-agent: itzg/minecraft-bedrock-server]
* h2h3 [accept: */*]
* Using Stream ID: 1 (easy handle 0x55e5d728cce0)
} [5 bytes data]
> GET /bedrockdedicatedserver/bin-linux/bedrock-server-1.21.43.01.zip HTTP/2
> Host: www.minecraft.net
> user-agent: itzg/minecraft-bedrock-server
> accept: */*
>
Vex commented 3 weeks ago

Hmm.. Odd

I got this in the docker logs:

Downloading Bedrock server version 1.21.31.04 ...
curl: (92) HTTP/2 stream 0 was not closed cleanly: INTERNAL_ERROR (err 2)
ERROR failed to download from https://www.minecraft.net/bedrockdedicatedserver/bin-linux/bedrock-server-1.21.31.04.zip
      Double check that the given VERSION is valid
DEBU[0000] Using /data to match uid and gid             
DEBU[0000] Resolved UID=1000 from match path            
DEBU[0000] Resolved GID=1000 from match path            
Looking up latest version...
Downloading Bedrock server version 1.21.31.04 ...

And this was from a curl -v 

* TCP_NODELAY set
* Connected to www.minecraft.net (62.252.173.96) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS Unknown, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Unknown (8):
* TLSv1.3 (IN), TLS Unknown, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS Unknown, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS Unknown, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Client hello (1):
* TLSv1.3 (OUT), TLS Unknown, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
*  subject: C=US; ST=WA; L=Redmond; O=Microsoft Corporation; CN=*.minecraft.net
*  start date: May 29 20:28:20 2024 GMT
*  expire date: May 24 20:28:20 2025 GMT
*  subjectAltName: host "www.minecraft.net" matched cert's "*.minecraft.net"
*  issuer: C=US; O=Microsoft Corporation; CN=Microsoft Azure ECC TLS Issuing CA 04
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* TLSv1.3 (OUT), TLS Unknown, Unknown (23):
* TLSv1.3 (OUT), TLS Unknown, Unknown (23):
* TLSv1.3 (OUT), TLS Unknown, Unknown (23):
* Using Stream ID: 1 (easy handle 0x55b10d62a270)
* TLSv1.3 (OUT), TLS Unknown, Unknown (23):
> GET /bedrockdedicatedserver/bin-linux/bedrock-server-1.21.43.01.zip HTTP/2
> Host: www.minecraft.net
> User-Agent: curl/7.58.0
> Accept: */*
> 
* TLSv1.3 (IN), TLS Unknown, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS Unknown, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS Unknown, Unknown (23):
* Connection state changed (MAX_CONCURRENT_STREAMS updated)!
* TLSv1.3 (OUT), TLS Unknown, Unknown (23):
* TLSv1.3 (IN), TLS Unknown, Unknown (23):
* TLSv1.3 (IN), TLS Unknown, Unknown (23):
* HTTP/2 stream 1 was not closed cleanly: INTERNAL_ERROR (err 2)
* Connection #0 to host www.minecraft.net left intact
curl: (92) HTTP/2 stream 1 was not closed cleanly: INTERNAL_ERROR (err 2)

Perhaps this is actually a problem with my connection in some way? Is there a way to get curl to drop down to http/1.1 if 2 fails

itzg commented 3 weeks ago

Just re-pull your image. You're experiencing #458 which was fixed a while ago.

Vex commented 3 weeks ago

You're right! I wasn't on the latest version, now I need to figure out why my scripts aren't pulling the latest version down.

Sorry for the time waste.

itzg commented 3 weeks ago

No problem at all.