normanmaurer
commented
11 months ago Closed AquilantiZhao closed 11 months ago
normanmaurer
commented
11 months ago 
AquilantiZhao
commented
11 months ago This is just normal mTLS and is supported:
Thanks @normanmaurer for your quick response. I am sorry but I have to say I tested the same way as you suggested to access to the QUIC server provided by Apple iOS17 but unfortunately get stuck on initial + handshake.
09:33:53.326 [nioEventLoopGroup-4-1] DEBUG io.netty.util.ResourceLeakDetectorFactory - Loaded default ResourceLeakDetector: io.netty.util.ResourceLeakDetector@3b676401 09:33:53.328 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche::tls: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 write message lvl=Initial len=252 09:33:53.328 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 tx pkt Initial version=1 dcid=769d8014ac5eae27d2970ed6bd257f8b scid=b7c0b52619c732c76ecebc887b2343f7b5e17ff4 len=256 pn=0 09:33:53.328 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 tx frm CRYPTO off=0 len=252 09:33:53.328 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche::recovery: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 timer=998.67884ms latest_rtt=0ns srtt=None min_rtt=0ns rttvar=166.5ms loss_time=[None, None, None] loss_probes=[0, 0, 0] cwnd=12000 ssthresh=18446744073709551615 bytes_in_flight=319 app_limited=true congestion_recovery_start_time=None Rate { delivered: 0, delivered_time: Instant { t: 93822509178438 }, first_sent_time: Instant { t: 93822509178438 }, end_of_app_limited: 1, last_sent_packet: 0, largest_acked: 0, rate_sample: RateSample { delivery_rate: 0, is_app_limited: false, interval: 0ns, delivered: 0, prior_delivered: 0, prior_time: None, send_elapsed: 0ns, ack_elapsed: 0ns, rtt: 0ns } } pacer=Pacer { enabled: true, capacity: 12000, used: 0, rate: 0, last_update: Instant { t: 93822509178438 }, next_time: Instant { t: 93822509178438 }, max_datagram_size: 1200, last_packet_size: None, iv: 0ns, max_pacing_rate: None } hystart=window_end=None last_round_min_rtt=18446744073709551615.999999999s current_round_min_rtt=18446744073709551615.999999999s css_baseline_min_rtt=18446744073709551615.999999999s rtt_sample_count=0 css_start_time=None css_round_count=0 cubic={ k=0 w_max=0 } 09:33:53.347 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 rx pkt Initial version=1 dcid=b7c0b52619c732c76ecebc887b2343f7b5e17ff4 scid=af74e854aec2b15b token= len=1162 pn=0 09:33:53.347 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 rx frm CRYPTO off=0 len=90 09:33:53.347 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche::tls: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 set write secret lvl=Handshake 09:33:53.347 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche::tls: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 set read secret lvl=Handshake 09:33:53.347 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 rx frm ACK delay=0 blocks=[0..0] ecn_counts=None 09:33:53.347 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche::recovery: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 packet newly acked 0 09:33:53.347 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 rx frm PADDING len=1046 09:33:53.348 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 tx pkt Initial version=1 dcid=af74e854aec2b15b scid=b7c0b52619c732c76ecebc887b2343f7b5e17ff4 len=6 pn=1 09:33:53.348 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 tx frm ACK delay=141 blocks=[0..0] ecn_counts=None 09:33:53.348 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche::recovery: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 timer=56.584452ms latest_rtt=19.279033ms srtt=Some(19.279033ms) min_rtt=19.279033ms rttvar=9.639516ms loss_time=[None, None, None] loss_probes=[0, 0, 0] cwnd=12000 ssthresh=18446744073709551615 bytes_in_flight=0 app_limited=true congestion_recovery_start_time=None Rate { delivered: 319, delivered_time: Instant { t: 93822529584888 }, first_sent_time: Instant { t: 93822529584888 }, end_of_app_limited: 1, last_sent_packet: 1, largest_acked: 0, rate_sample: RateSample { delivery_rate: 16546, is_app_limited: true, interval: 19.279033ms, delivered: 319, prior_delivered: 0, prior_time: Some(Instant { t: 93822509178438 }), send_elapsed: 0ns, ack_elapsed: 19.279033ms, rtt: 19.279033ms } } pacer=Pacer { enabled: true, capacity: 12000, used: 0, rate: 778047, last_update: Instant { t: 93822529584888 }, next_time: Instant { t: 93822529584888 }, max_datagram_size: 1200, last_packet_size: Some(0), iv: 0ns, max_pacing_rate: None } hystart=window_end=None last_round_min_rtt=18446744073709551615.999999999s current_round_min_rtt=18446744073709551615.999999999s css_baseline_min_rtt=18446744073709551615.999999999s rtt_sample_count=0 css_start_time=None css_round_count=0 cubic={ k=0 w_max=0 } 09:33:53.406 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 loss detection timeout expired 09:33:53.407 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche::recovery: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 timer=115.456468ms latest_rtt=19.279033ms srtt=Some(19.279033ms) min_rtt=19.279033ms rttvar=9.639516ms loss_time=[None, None, None] loss_probes=[0, 1, 0] cwnd=12000 ssthresh=18446744073709551615 bytes_in_flight=0 app_limited=true congestion_recovery_start_time=None Rate { delivered: 319, delivered_time: Instant { t: 93822529584888 }, first_sent_time: Instant { t: 93822529584888 }, end_of_app_limited: 1, last_sent_packet: 1, largest_acked: 0, rate_sample: RateSample { delivery_rate: 16546, is_app_limited: true, interval: 19.279033ms, delivered: 319, prior_delivered: 0, prior_time: Some(Instant { t: 93822509178438 }), send_elapsed: 0ns, ack_elapsed: 19.279033ms, rtt: 19.279033ms } } pacer=Pacer { enabled: true, capacity: 12000, used: 0, rate: 778047, last_update: Instant { t: 93822529584888 }, next_time: Instant { t: 93822529584888 }, max_datagram_size: 1200, last_packet_size: Some(0), iv: 0ns, max_pacing_rate: None } hystart=window_end=None last_round_min_rtt=18446744073709551615.999999999s current_round_min_rtt=18446744073709551615.999999999s css_baseline_min_rtt=18446744073709551615.999999999s rtt_sample_count=0 css_start_time=None css_round_count=0 cubic={ k=0 w_max=0 } 09:33:53.407 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 tx pkt Handshake version=1 dcid=af74e854aec2b15b scid=b7c0b52619c732c76ecebc887b2343f7b5e17ff4 len=4 pn=0 09:33:53.407 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 tx frm PING 09:33:53.407 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 tx frm PADDING len=3 09:33:53.407 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche::recovery: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 timer=115.558502ms latest_rtt=19.279033ms srtt=Some(19.279033ms) min_rtt=19.279033ms rttvar=9.639516ms loss_time=[None, None, None] loss_probes=[0, 0, 0] cwnd=12000 ssthresh=18446744073709551615 bytes_in_flight=58 app_limited=true congestion_recovery_start_time=None Rate { delivered: 319, delivered_time: Instant { t: 93822588329657 }, first_sent_time: Instant { t: 93822588329657 }, end_of_app_limited: 1, last_sent_packet: 0, largest_acked: 0, rate_sample: RateSample { delivery_rate: 16546, is_app_limited: true, interval: 19.279033ms, delivered: 319, prior_delivered: 0, prior_time: Some(Instant { t: 93822509178438 }), send_elapsed: 0ns, ack_elapsed: 19.279033ms, rtt: 19.279033ms } } pacer=Pacer { enabled: true, capacity: 12000, used: 0, rate: 778047, last_update: Instant { t: 93822588329657 }, next_time: Instant { t: 93822588329657 }, max_datagram_size: 1200, last_packet_size: Some(0), iv: 0ns, max_pacing_rate: None } hystart=window_end=None last_round_min_rtt=18446744073709551615.999999999s current_round_min_rtt=18446744073709551615.999999999s css_baseline_min_rtt=18446744073709551615.999999999s rtt_sample_count=0 css_start_time=None css_round_count=0 cubic={ k=0 w_max=0 } 09:33:53.407 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 dropped epoch 0 state 09:33:53.408 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 rx pkt Handshake version=1 dcid=b7c0b52619c732c76ecebc887b2343f7b5e17ff4 scid=af74e854aec2b15b len=1160 pn=0 09:33:53.409 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 rx frm CRYPTO off=0 len=1139 09:33:53.409 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 tx pkt Handshake version=1 dcid=af74e854aec2b15b scid=b7c0b52619c732c76ecebc887b2343f7b5e17ff4 len=5 pn=1 09:33:53.409 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 tx frm ACK delay=52 blocks=[0..0] ecn_counts=None 09:33:53.409 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche::recovery: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 timer=113.599389ms latest_rtt=19.279033ms srtt=Some(19.279033ms) min_rtt=19.279033ms rttvar=9.639516ms loss_time=[None, None, None] loss_probes=[0, 0, 0] cwnd=12000 ssthresh=18446744073709551615 bytes_in_flight=58 app_limited=true congestion_recovery_start_time=None Rate { delivered: 319, delivered_time: Instant { t: 93822588329657 }, first_sent_time: Instant { t: 93822588329657 }, end_of_app_limited: 1, last_sent_packet: 1, largest_acked: 0, rate_sample: RateSample { delivery_rate: 16546, is_app_limited: true, interval: 19.279033ms, delivered: 319, prior_delivered: 0, prior_time: Some(Instant { t: 93822509178438 }), send_elapsed: 0ns, ack_elapsed: 19.279033ms, rtt: 19.279033ms } } pacer=Pacer { enabled: true, capacity: 12000, used: 0, rate: 778047, last_update: Instant { t: 93822590245744 }, next_time: Instant { t: 93822590245777 }, max_datagram_size: 1200, last_packet_size: Some(0), iv: 0ns, max_pacing_rate: None } hystart=window_end=None last_round_min_rtt=18446744073709551615.999999999s current_round_min_rtt=18446744073709551615.999999999s css_baseline_min_rtt=18446744073709551615.999999999s rtt_sample_count=0 css_start_time=None css_round_count=0 cubic={ k=0 w_max=0 } 09:33:53.409 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 rx pkt Handshake version=1 dcid=b7c0b52619c732c76ecebc887b2343f7b5e17ff4 scid=af74e854aec2b15b len=22 pn=1 09:33:53.409 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 rx frm ACK delay=0 blocks=[0..0] ecn_counts=None 09:33:53.409 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche::recovery: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 packet newly acked 0 09:33:58.411 [nioEventLoopGroup-4-1] DEBUG io.netty.incubator.codec.quic.Quiche - quiche: b7c0b52619c732c76ecebc887b2343f7b5e17ff4 idle timeout expired
Really appreciated if you can give some advices please?
I am now facing an issue when interacting to the QUIC server provided by Apple. The server will send a "CertificateRequest" handshake message to client to indicate. It wish the client to authenticate using a certificate and i believe this is not supported so far by using netty.