Re: Invalid HTTP2 preface handling?
Greg Wilkins <gregw@intalio.com> Wed, 11 February 2015 01:31 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ietf.org@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 36DA91A1AF6 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 10 Feb 2015 17:31:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.289
X-Spam-Level:
X-Spam-Status: No, score=-6.289 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Nz8h-K1KxSxW for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 10 Feb 2015 17:31:15 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CF3021A06FD for <httpbisa-archive-bis2Juki@lists.ietf.org>; Tue, 10 Feb 2015 17:31:14 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1YLM6D-000680-Lz for ietf-http-wg-dist@listhub.w3.org; Wed, 11 Feb 2015 01:28:17 +0000
Resent-Date: Wed, 11 Feb 2015 01:28:17 +0000
Resent-Message-Id: <E1YLM6D-000680-Lz@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.80) (envelope-from <gregw@intalio.com>) id 1YLM67-00067A-Lq for ietf-http-wg@listhub.w3.org; Wed, 11 Feb 2015 01:28:11 +0000
Received: from mail-la0-f47.google.com ([209.85.215.47]) by lisa.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <gregw@intalio.com>) id 1YLM65-000195-Mh for ietf-http-wg@w3.org; Wed, 11 Feb 2015 01:28:11 +0000
Received: by labgq15 with SMTP id gq15so513921lab.6 for <ietf-http-wg@w3.org>; Tue, 10 Feb 2015 17:27:42 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=pQRsYM9qzQaV+Gq35D/0iqeXRB8BNhfb05DtDk4EYG4=; b=dv9e4JlFjgsvfcqtg8C/VTzG3okJcANOk18wYvj1z2hSjPgEYFJ6t3iajp/DulU+nV UJhi2JRZF4f6/MrIW/EbEN2tFw714SS6VM7OU7OoL1lwPoDk0pEI6/9QCrfG3D8PmeBT f7N/JvFPAybdv3M/QQDYnUTL0svlwAYY+xZCr38K33uz7cSIez74xOIQIgcmXu212c6r XfJIU5cBOycbylWAr4x7U+rh69WUqiphojNDi8fQW6rJ+3Rk2p+WfCLgki4PtQ+n+Hxa 7TuuNZlaRuwq7Wjrb4gynwwLYUon+7G8+mpQ5OB45yRHMtT4ab6m3zSyaolb1cWXGCbW icYw==
X-Gm-Message-State: ALoCoQnHwprZfuXm9dB9o/Z0nmDCn8yaEJLqZJ6DazfrFvA6WculXoot8wFoIHOUssSsT0jWAddm
MIME-Version: 1.0
X-Received: by 10.152.43.18 with SMTP id s18mr25718246lal.26.1423618062009; Tue, 10 Feb 2015 17:27:42 -0800 (PST)
Received: by 10.114.57.7 with HTTP; Tue, 10 Feb 2015 17:27:41 -0800 (PST)
In-Reply-To: <54DAA3A4.8060608@treenet.co.nz>
References: <CAH_y2NE5Sa625XEec5WXJ7LdjK+h1b4M=Fc-_iGj2ZQKa1q_jg@mail.gmail.com> <5C91DE2C-BC82-4142-B292-815EED3627EC@mnot.net> <54DAA3A4.8060608@treenet.co.nz>
Date: Wed, 11 Feb 2015 12:27:41 +1100
Message-ID: <CAH_y2NG0_Y9nnDjLd2Fc_5wBessfy0DOfKBfkH8NiKjyzAiRVg@mail.gmail.com>
From: Greg Wilkins <gregw@intalio.com>
To: Amos Jeffries <squid3@treenet.co.nz>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="001a11c36724e1e09a050ec5e824"
Received-SPF: permerror client-ip=209.85.215.47; envelope-from=gregw@intalio.com; helo=mail-la0-f47.google.com
X-W3C-Hub-Spam-Status: No, score=-3.6
X-W3C-Hub-Spam-Report: AWL=-2.941, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001
X-W3C-Scan-Sig: lisa.w3.org 1YLM65-000195-Mh 6fe6430044d2a06c79af135d90808ed7
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Invalid HTTP2 preface handling?
Archived-At: <http://www.w3.org/mid/CAH_y2NG0_Y9nnDjLd2Fc_5wBessfy0DOfKBfkH8NiKjyzAiRVg@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/28804
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Amos,
that is a good way of doing it - more or less like an upgrade, but without
the complexity of having to inject the settings frame and HTTP/1 request
into the server. While I hear what Mark says about caution, I really
don't see a great risk here and thus will look at supporting it also.
cheers
On 11 February 2015 at 11:34, Amos Jeffries <squid3@treenet.co.nz> wrote:
> On 11/02/2015 1:03 p.m., Mark Nottingham wrote:
> >> On 11 Feb 2015, at 10:48 am, Greg Wilkins wrote:
> >>
> >>
> >> Section 3.5 says:
> >>
> >> Clients and servers MUST treat an invalid connection preface as a
> >> connection error (
> >> Section 5.4.1
> >> ) of type PROTOCOL_ERROR. A GOAWAY
> >> frame (
> >> Section 6.8
> >> ) MAY be omitted in this case, since an invalid
> >> preface indicates that the peer is not using HTTP/2.
> >>
> >> I'm wondering what would be the problem if on an invalid preface, the
> server check if it is actually a valid HTTP/1 request and if so, then to
> proceed on that basis? This would allow a server to converse a HTTP/1
> client that is pointed at a HTTP/2 port - it could be application specific
> if that conversation was an error message or just a normal HTTP/1
> conversation.
> >>
> >> Is there some attack we would be enabling if we allowed such behaviour
> in our server? Anything else undesirable about doing this?
> >
> > The client and server have a different idea of what protocol they're
> talking (however they got there); using a heuristic ("that looks like
> HTTP/1") is asking for trouble; we've had a history of attacks tricking
> protocol stacks into thinking they're in a different state...
> >
>
>
> FWIW I am doing it the other way around in Squid. With a one-way upgrade
> from HTTP/1 to HTTP/2 raising both the capabilities and processing
> strictness. If at any time a request-line matches the full HTTP/2 magic
> prefix it completes outstanding transactions then switches the
> connection irrevocably to talking HTTP/2. Treating the connection as if
> it had just been opened with native HTTP/2.
>
> Due to HTTP/2's stricter compliance requirements there seem to be no
> security issues over what would happen anyway for Upgrade: requests -
> and the simpler operation also means less potential bugs.
>
> Amos
>
>
>
--
Greg Wilkins <gregw@intalio.com> @ Webtide - *an Intalio subsidiary*
http://eclipse.org/jetty HTTP, SPDY, Websocket server and client that scales
http://www.webtide.com advice and support for jetty and cometd.
- Invalid HTTP2 preface handling? Greg Wilkins
- Re: Invalid HTTP2 preface handling? Mark Nottingham
- Re: Invalid HTTP2 preface handling? Amos Jeffries
- Re: Invalid HTTP2 preface handling? Greg Wilkins
- Re: Invalid HTTP2 preface handling? Amos Jeffries
- Re: Invalid HTTP2 preface handling? Michael Sweet
- Re: Invalid HTTP2 preface handling? Greg Wilkins
- Re: Invalid HTTP2 preface handling? Martin Thomson
- Re: Invalid HTTP2 preface handling? Willy Tarreau
- Re: Invalid HTTP2 preface handling? Julian Reschke
- Re: Invalid HTTP2 preface handling? Poul-Henning Kamp
- Re: Invalid HTTP2 preface handling? Mark Nottingham
- Re: Invalid HTTP2 preface handling? Greg Wilkins