Stop relying on NPN in favor of ALPN to prevent false negatives

[mathiasbynens]

benchmarkjs.com supports HTTP/2 according to Opera/Chrome DevTools (see the “Protocol” column):

This third-party tool confirms it: https://tools.keycdn.com/http2-test?public=&url=https://benchmarkjs.com/

However, is-http2 thinks it doesn’t support HTTP/2:

$ is-http2 benchmarkjs.com
× HTTP/2 not supported by benchmarkjs.com

Is this a bug in is-http2 or is benchmarkjs.com doing something weird?

[mathiasbynens]

Here’s the openssl command output as run by is-http2:

$ openssl s_client -connect benchmarkjs.com:443 -servername benchmarkjs.com -nextprotoneg ""
CONNECTED(00000003)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X1
verify return:1
depth=0 CN = benchmarkjs.com
verify return:1
---
Certificate chain
 0 s:/CN=benchmarkjs.com
   i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X1
 1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X1
   i:/O=Digital Signature Trust Co./CN=DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAa4CbcWjToL42nMWg0ap26A9MA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTAeFw0xNjAxMjUwNzI1MDBaFw0x
NjA0MjQwNzI1MDBaMBoxGDAWBgNVBAMTD2JlbmNobWFya2pzLmNvbTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBALvMQ3AdBw4Dm2s2tWz07BZ+vE8/oAA9
DT0NKrOzna9IKEJLwYJFGVoqISM6Sk9RYcD9Qox6FvVC3AWT6xRvMdytt2MwaZyM
mnIl7xD8kAExQE4a/c81cah8fW/+hGcbY2wrq8F0SrZkVrNLkBjox2pLH+IwLsEm
4U7qRyiuMnKBgsAoUH45tUt06OMK04E5d/QApaJqMeax/VHwgTB6rC8ZVxMwlFAC
4ZBb5v9s2E6gq5NZpHB3mk6THynN7UrTPrgV1sKs9dHaYfRS0Ke3VABSuqtwt6o1
wFn+HyTYTcVOqupFC70XLga9bAL7ZZign2x1IifKpC2Nb4KSoBH1t70CAwEAAaOC
AiUwggIhMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
BQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUepuUFAMhSM7Pp27QTBAGwxpj
CpwwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwcAYIKwYBBQUHAQEE
ZDBiMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5pbnQteDEubGV0c2VuY3J5cHQu
b3JnLzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgxLmxldHNlbmNyeXB0
Lm9yZy8wLwYDVR0RBCgwJoIPYmVuY2htYXJranMuY29tghN3d3cuYmVuY2htYXJr
anMuY29tMIH+BgNVHSAEgfYwgfMwCAYGZ4EMAQIBMIHmBgsrBgEEAYLfEwEBATCB
1jAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwgasGCCsG
AQUFBwICMIGeDIGbVGhpcyBDZXJ0aWZpY2F0ZSBtYXkgb25seSBiZSByZWxpZWQg
dXBvbiBieSBSZWx5aW5nIFBhcnRpZXMgYW5kIG9ubHkgaW4gYWNjb3JkYW5jZSB3
aXRoIHRoZSBDZXJ0aWZpY2F0ZSBQb2xpY3kgZm91bmQgYXQgaHR0cHM6Ly9sZXRz
ZW5jcnlwdC5vcmcvcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAFcTslkK
xVf3e++3boQtOM26BB0KQDHRWCJ6OmmVf+SMPOLVowqdRW2q9EzzLuGhBSc0sdiK
NznM/woZ4DD3JRYUy7284s1Jkh4IBPlZNeRcbk0NK2DVd8fJyM+L+MWUQNBBBQE/
AF6+WksFUtDXDIEo1VAFx7KDHd2pY4fyJd4d1/pZa4v34gYLtH8c8UeTwfZ+QwhY
IAtbcsB4Jj/hXcmphAzCI6eXTE5hrKBdC2ONrtWnZ/jaF+cAqcGEUH9wbcWLW1Gb
5KL7KJ2zwVJalCbjn1+IFQ3GmSq3CXlEEUfj7o/PeR+gJ84XNlX4e5pIkQ81lcry
jax9ArWtauvomAs=
-----END CERTIFICATE-----
subject=/CN=benchmarkjs.com
issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X1
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 3022 bytes and written 472 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES128-GCM-SHA256
    Session-ID: EE359691D9E466B0D9E077A8981F7FD55166853C2D2046F3697B6B9C37C14CB5
    Session-ID-ctx:
    Master-Key: CFEE0D79638BA43F830E12A3597C16D94E0BA9261A05B80BBBB3048662C8EF02E922FAEE2CEED3F2FADEEF6036C15B0B
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1455095625
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---

[stefanjudis]

@mathiasbynens

Thanks for pointing that out, I checked several sites and there it worked fine.

I'll try to have a look at this asap... But maybe take a while as I have to dig into the topic of TLS negotiation a bit more. :)

[mathiasbynens]

I’ve asked here: https://serverfault.com/q/755236/13896

[stefanjudis]

:+1:

[janmoesen]

Building on the answer on ServerFault, "Next Protocol Negotation" is not available in Apache 2.4.x, which is what benchmarkjs.com is using. It has appeared in 2.5.0, according to the Apache httpd trunk CHANGES.

So it is possible to support HTTP/2 using Apache 2.4.17 and later, but is-http2 does not detect it. Maybe it could try an actual request to see if that works? Seems like a lot of work, though. :-)

[mathiasbynens]

Trying to make actual requests using each protocol sounds like a more robust approach indeed (even if only as a fallback).

[stefanjudis]

:+1:

Trying to make actual requests using each protocol sounds like a more robust approach indeed (even if only as a fallback).

Sounds good. Can not estimate how hard it is though.

[mathiasbynens]

https://blog.chromium.org/2016/02/transitioning-from-spdy-to-http2.html:

NPN has been superseded by the TLS extension ALPN, published by the IETF in 2014. ALPN is already used 99% of the time to negotiate HTTP/2 with Chrome, and the remaining servers can gain ALPN support by upgrading their SSL library.

Sounds like is-http2 should be using ALPN instead of NPN (per the current approach; actually making requests might still be better).

According to http://www.kafsemo.org/2015/01/08_talking-HTTP-2.html the command could be:

openssl s_client -connect benchmarkjs.com:443 -servername benchmarkjs.com -alpn 'h2-17'

…but this requires a recent openssl. I can’t get the command to produce the output mentioned in the article, though.

[mathiasbynens]

https://groups.google.com/a/chromium.org/d/topic/blink-dev/Qroz7eyCzRs/discussion

[gmetais]

Maybe we can call cURL to the rescue. I tested a bunch of urls and it detects http/2 without errors.

The problem is that very few systems have the latest version of cURL and you need to update first: https://serversforhackers.com/video/curl-with-http2-support

[stefanjudis]

@gmetais I'd be up for it if this works more reliable. :)

Not sure, when I'll find the time though.