Comments (11)
afrind
commented on May 23, 2024
I usually skip the --protocol arg completely -- does that fix your issues? I know chrome -> hq server is working.
from proxygen.
master-of-darkness
commented on May 23, 2024
Unfortunately it doesn't work :(
from proxygen.
afrind
commented on May 23, 2024
If you just run
./hq --mode=server --cert=<your cert> --key=<your key> --port 8443 -v 4
And hit with chrome, what's the server output?
from proxygen.
master-of-darkness
commented on May 23, 2024
If you just run
./hq --mode=server --cert=<your cert> --key=<your key> --port 8443 -v 4And hit with chrome, what's the server output?
E1109 12:34:45.815054 7856 main.cpp:44] Cannot open /tmp/logs
I1109 12:34:45.816812 7857 AeadTokenCipher.cpp:39] Updating token secrets
I1109 12:34:45.816824 7857 AeadTokenCipher.cpp:48] Updating token secrets, num=1
I1109 12:34:45.817651 7856 AeadTokenCipher.cpp:39] Updating token secrets
I1109 12:34:45.817658 7856 AeadTokenCipher.cpp:48] Updating token secrets, num=1
I1109 12:34:45.818532 7857 SSLContextManager.cpp:833] cert /etc/http32webserver/cert/localhost.crt Identity: localhost
I1109 12:34:45.818539 7857 SSLContextManager.cpp:836] cert /etc/http32webserver/cert/localhost.crt SAN:
I1109 12:34:45.818593 7857 SSLContextManager.cpp:732] For vip vip_, setting sid_ctx localhost
I1109 12:34:45.818710 7857 SSLContextManager.cpp:740] On VipID=[::1]:6667 context=0x7f6788017d40
I1109 12:34:45.818728 7857 SSLContextManager.cpp:1091] Adding CN/Subject-alternative-name "localhost" for SNI search
I1109 12:34:45.819213 7857 AeadTokenCipher.cpp:39] Updating token secrets
I1109 12:34:45.819218 7857 AeadTokenCipher.cpp:48] Updating token secrets, num=1
I1109 12:34:45.819875 7857 SSLContextManager.cpp:833] cert /etc/http32webserver/cert/localhost.crt Identity: localhost
I1109 12:34:45.819881 7857 SSLContextManager.cpp:836] cert /etc/http32webserver/cert/localhost.crt SAN:
I1109 12:34:45.819924 7857 SSLContextManager.cpp:732] For vip vip_, setting sid_ctx localhost
I1109 12:34:45.819931 7857 SSLContextManager.cpp:740] On VipID=[::1]:6667 context=0x7f67880bf360
I1109 12:34:45.819937 7857 SSLContextManager.cpp:1091] Adding CN/Subject-alternative-name "localhost" for SNI search
I1109 12:34:45.820389 7857 AeadTokenCipher.cpp:39] Updating token secrets
I1109 12:34:45.820394 7857 AeadTokenCipher.cpp:48] Updating token secrets, num=1
I1109 12:34:45.821027 7857 SSLContextManager.cpp:833] cert /etc/http32webserver/cert/localhost.crt Identity: localhost
I1109 12:34:45.821031 7857 SSLContextManager.cpp:836] cert /etc/http32webserver/cert/localhost.crt SAN:
I1109 12:34:45.821075 7857 SSLContextManager.cpp:732] For vip vip_, setting sid_ctx localhost
I1109 12:34:45.821081 7857 SSLContextManager.cpp:740] On VipID=[::1]:6667 context=0x7f67880cde90
I1109 12:34:45.821087 7857 SSLContextManager.cpp:1091] Adding CN/Subject-alternative-name "localhost" for SNI search
I1109 12:34:45.821547 7857 AeadTokenCipher.cpp:39] Updating token secrets
I1109 12:34:45.821552 7857 AeadTokenCipher.cpp:48] Updating token secrets, num=1
I1109 12:34:45.822196 7857 SSLContextManager.cpp:833] cert /etc/http32webserver/cert/localhost.crt Identity: localhost
I1109 12:34:45.822201 7857 SSLContextManager.cpp:836] cert /etc/http32webserver/cert/localhost.crt SAN:
I1109 12:34:45.822264 7857 SSLContextManager.cpp:732] For vip vip_, setting sid_ctx localhost
I1109 12:34:45.822273 7857 SSLContextManager.cpp:740] On VipID=[::1]:6667 context=0x7f67880dc390
I1109 12:34:45.822283 7857 SSLContextManager.cpp:1091] Adding CN/Subject-alternative-name "localhost" for SNI search
I1109 12:34:45.822836 7857 AeadTokenCipher.cpp:39] Updating token secrets
I1109 12:34:45.822841 7857 AeadTokenCipher.cpp:48] Updating token secrets, num=1
I1109 12:34:45.823822 7857 SSLContextManager.cpp:833] cert /etc/http32webserver/cert/localhost.crt Identity: localhost
I1109 12:34:45.823828 7857 SSLContextManager.cpp:836] cert /etc/http32webserver/cert/localhost.crt SAN:
I1109 12:34:45.823876 7857 SSLContextManager.cpp:732] For vip vip_, setting sid_ctx localhost
I1109 12:34:45.823884 7857 SSLContextManager.cpp:740] On VipID=[::1]:6667 context=0x7f67880eb2d0
I1109 12:34:45.823891 7857 SSLContextManager.cpp:1091] Adding CN/Subject-alternative-name "localhost" for SNI search
I1109 12:34:45.824409 7857 AeadTokenCipher.cpp:39] Updating token secrets
I1109 12:34:45.824412 7857 AeadTokenCipher.cpp:48] Updating token secrets, num=1
I1109 12:34:45.825254 7857 SSLContextManager.cpp:833] cert /etc/http32webserver/cert/localhost.crt Identity: localhost
I1109 12:34:45.825261 7857 SSLContextManager.cpp:836] cert /etc/http32webserver/cert/localhost.crt SAN:
I1109 12:34:45.825313 7857 SSLContextManager.cpp:732] For vip vip_, setting sid_ctx localhost
I1109 12:34:45.825321 7857 SSLContextManager.cpp:740] On VipID=[::1]:6667 context=0x7f67880f99d0
I1109 12:34:45.825330 7857 SSLContextManager.cpp:1091] Adding CN/Subject-alternative-name "localhost" for SNI search
I1109 12:34:45.825836 7857 AeadTokenCipher.cpp:39] Updating token secrets
I1109 12:34:45.825839 7857 AeadTokenCipher.cpp:48] Updating token secrets, num=1
I1109 12:34:45.826503 7857 SSLContextManager.cpp:833] cert /etc/http32webserver/cert/localhost.crt Identity: localhost
I1109 12:34:45.826508 7857 SSLContextManager.cpp:836] cert /etc/http32webserver/cert/localhost.crt SAN:
I1109 12:34:45.826552 7857 SSLContextManager.cpp:732] For vip vip_, setting sid_ctx localhost
I1109 12:34:45.826558 7857 SSLContextManager.cpp:740] On VipID=[::1]:6667 context=0x7f67880f8950
I1109 12:34:45.826565 7857 SSLContextManager.cpp:1091] Adding CN/Subject-alternative-name "localhost" for SNI search
I1109 12:34:45.827070 7857 AeadTokenCipher.cpp:39] Updating token secrets
I1109 12:34:45.827075 7857 AeadTokenCipher.cpp:48] Updating token secrets, num=1
I1109 12:34:45.827760 7857 SSLContextManager.cpp:833] cert /etc/http32webserver/cert/localhost.crt Identity: localhost
I1109 12:34:45.827769 7857 SSLContextManager.cpp:836] cert /etc/http32webserver/cert/localhost.crt SAN:
I1109 12:34:45.827828 7857 SSLContextManager.cpp:732] For vip vip_, setting sid_ctx localhost
I1109 12:34:45.827836 7857 SSLContextManager.cpp:740] On VipID=[::1]:6667 context=0x7f67881168a0
I1109 12:34:45.827843 7857 SSLContextManager.cpp:1091] Adding CN/Subject-alternative-name "localhost" for SNI search
I1109 12:34:45.828923 7866 QuicServer.cpp:274] No valid takenover fd found for address=[::1]:8443. binding on worker=0x2b7a170 workerId=0 processId=0
I1109 12:34:45.828984 7867 QuicServer.cpp:274] No valid takenover fd found for address=[::1]:8443. binding on worker=0x2b7a940 workerId=1 processId=0
I1109 12:34:45.829016 7868 QuicServer.cpp:274] No valid takenover fd found for address=[::1]:8443. binding on worker=0x2b7b110 workerId=2 processId=0
I1109 12:34:45.829037 7869 QuicServer.cpp:274] No valid takenover fd found for address=[::1]:8443. binding on worker=0x2b7b8e0 workerId=3 processId=0
I1109 12:34:45.829056 7870 QuicServer.cpp:274] No valid takenover fd found for address=[::1]:8443. binding on worker=0x2b7c0d0 workerId=4 processId=0
I1109 12:34:45.829073 7872 QuicServer.cpp:274] No valid takenover fd found for address=[::1]:8443. binding on worker=0x2b7c8e0 workerId=5 processId=0
I1109 12:34:45.829092 7873 QuicServer.cpp:274] No valid takenover fd found for address=[::1]:8443. binding on worker=0x2b7d0d0 workerId=6 processId=0
I1109 12:34:45.829123 7874 QuicServer.cpp:274] No valid takenover fd found for address=[::1]:8443. binding on worker=0x2b7d8e0 workerId=7 processId=0
I1109 12:34:45.829139 7874 QuicServer.cpp:285] Initialized all workers in the eventbase
I1109 12:34:45.829190 7856 HQServer.cpp:285] HQ server started at: [::1]:8443
I1109 12:34:47.248520 7858 AsyncSSLSocket.cpp:340] actual destruction of AsyncSSLSocket(this=0x7f6780002550, evb=0x7f6780000d80, fd=folly::NetworkSocket(-1), state=3, sslState=9, events=0)
I1109 12:34:47.248592 7858 AsyncSocket.cpp:3169] this=0x7f6780003560, AsyncSocket::handleRead() got 517 bytes
I1109 12:34:47.255234 7858 AsyncSocket.cpp:3169] this=0x7f6780003560, AsyncSocket::handleRead() got 30 bytes
I1109 12:34:47.255358 7858 FizzAcceptorHandshakeHelper.cpp:153] Fizz handshake error with (peer=[::1]:45860, local=[::1]:6667) after 6 ms; 547 bytes received & 2120 bytes sent: fizz::FizzException: received alert: certificate_unknown, in state ExpectingFinished
I1109 12:34:47.255385 7858 Acceptor.cpp:548] Acceptor=0x7f6788007680 onEmpty()
I1109 12:34:48.002563 7859 AsyncSSLSocket.cpp:340] actual destruction of AsyncSSLSocket(this=0x7f67840021e0, evb=0x7f6784000d40, fd=folly::NetworkSocket(-1), state=3, sslState=9, events=0)
I1109 12:34:48.002631 7859 AsyncSocket.cpp:3169] this=0x7f6784002f00, AsyncSocket::handleRead() got 517 bytes
I1109 12:34:48.010644 7859 AsyncSocket.cpp:3169] this=0x7f6784002f00, AsyncSocket::handleRead() got 30 bytes
I1109 12:34:48.010754 7859 FizzAcceptorHandshakeHelper.cpp:153] Fizz handshake error with (peer=[::1]:45868, local=[::1]:6667) after 8 ms; 547 bytes received & 2120 bytes sent: fizz::FizzException: received alert: certificate_unknown, in state ExpectingFinished
I1109 12:34:48.010775 7859 Acceptor.cpp:548] Acceptor=0x7f678804b2d0 onEmpty()
from proxygen.
master-of-darkness
commented on May 23, 2024
On older version(10.16)
I1109 13:27:25.661306 67818 QuicServerWorker.cpp:1134] QuicServer readerr: AsyncSocketException: AsyncUDPSocket::getReadBuffer() returned empty buffer, type = Invalid arguments
I1109 13:27:25.661463 67811 QuicServerWorker.cpp:1384] QuicServer shutdown all connections. addressMap=0 connectionIdMap=0
I1109 13:27:25.661550 67812 QuicServerWorker.cpp:1384] QuicServer shutdown all connections. addressMap=0 connectionIdMap=0
I1109 13:27:25.661600 67813 QuicServerWorker.cpp:1384] QuicServer shutdown all connections. addressMap=0 connectionIdMap=0
I1109 13:27:25.661643 67814 QuicServerWorker.cpp:1384] QuicServer shutdown all connections. addressMap=0 connectionIdMap=0
I1109 13:27:25.661676 67815 QuicServerWorker.cpp:1384] QuicServer shutdown all connections. addressMap=0 connectionIdMap=0
I1109 13:27:25.661716 67816 QuicServerWorker.cpp:1384] QuicServer shutdown all connections. addressMap=0 connectionIdMap=0
I1109 13:27:25.661752 67817 QuicServerWorker.cpp:1384] QuicServer shutdown all connections. addressMap=0 connectionIdMap=0
I1109 13:27:25.661772 67818 QuicServerWorker.cpp:1384] QuicServer shutdown all connections. addressMap=0 connectionIdMap=0
from proxygen.
afrind
commented on May 23, 2024
Relevant log line:
I1109 12:34:47.255358 7858 FizzAcceptorHandshakeHelper.cpp:153] Fizz handshake error with (peer=[::1]:45860, local=[::1]:6667) after 6 ms; 547 bytes received & 2120 bytes sent: fizz::FizzException: received alert: certificate_unknown, in state ExpectingFinished
Is your cert unexpired and trusted by your browser?
from proxygen.
master-of-darkness
commented on May 23, 2024
Relevant log line:
I1109 12:34:47.255358 7858 FizzAcceptorHandshakeHelper.cpp:153] Fizz handshake error with (peer=[::1]:45860, local=[::1]:6667) after 6 ms; 547 bytes received & 2120 bytes sent: fizz::FizzException: received alert: certificate_unknown, in state ExpectingFinishedIs your cert unexpired and trusted by your browser?
My certificate is unexpired and added to my browser
from proxygen.
PooyaEimandar
commented on May 23, 2024
I have the same issue on macOS, hq http3 not working with browsers but it works with HQClient.
Update: It works on FireFox nightly.
from proxygen.
qtuancr261
commented on May 23, 2024
I'm working with proxygen <v2023.10.16.00>. HQServer works well with these parameters : --host=:: --port=443 --h2port==443 --protocol=h3 --quic_version=0. Google Chrome 119.0.6045.159, Mozilla Firefox 120.0, Microsoft Edge 119.0.2151.58 could setup a h3 connection to HQServer without problem.
from proxygen.
PooyaEimandar
commented on May 23, 2024
I'm working with proxygen <v2023.10.16.00>. HQServer works well with these parameters : --host=:: --port=443 --h2port==443 --protocol=h3 --quic_version=0. Google Chrome 119.0.6045.159, Mozilla Firefox 120.0, Microsoft Edge 119.0.2151.58 could setup a h3 connection to HQServer without problem.
I tested it on Google Chrome on macOS, but unfortunately, it didn't work. It seems that your test was conducted on Windows OS.
from proxygen.
qtuancr261
commented on May 23, 2024
I'm working with proxygen <v2023.10.16.00>. HQServer works well with these parameters : --host=:: --port=443 --h2port==443 --protocol=h3 --quic_version=0. Google Chrome 119.0.6045.159, Mozilla Firefox 120.0, Microsoft Edge 119.0.2151.58 could setup a h3 connection to HQServer without problem.
I tested it on Google Chrome on macOS, but unfortunately, it didn't work. It seems that your test was conducted on Windows OS.
I built and tested on Rocky Linux 9 - not Windows, btw i didn't use the default TLS certificates in the sample code https://github.com/facebook/proxygen/blob/main/proxygen/httpserver/samples/hq/FizzContext.cpp, just imported the real TLS certificates from Let's Encrypt
from proxygen.
Related Issues (20)
- Transferring Sessions between threads for Http Client Connection Pool HOT 8
- DetachThreadLocals() fails CHECK HOT 22
- Homebrew build of proxygen failing HOT 7
- ServerIdleSessionConroller:getIdleSession() returns session already in thread HOT 5
- Concurrent performance supported by the HTTP server
- Websocket Key Mismatch HOT 2
- Connection Close Reason SHUTDOWN HOT 3
- `EchoHandler` in `proxygen/httpserver/samples/echo/EchoHandler.h` has unnecessary `body_` member
- Request smuggling vulnerability in Proxygen
- websocket client with SSL problem: Server replied to me "Bad Request" HOT 5
- proxygen fails to build when a newer glog package is installed
- Proxygen for iOS HOT 2
- httpserver/samples/websocket
- Ingress Error and drain() HOT 2
- httpserver/samples/websocket
- Segfault in HQ server
- Build problems, segfault UT HOT 2
- Remove the use of requiring sudo for installing deps HOT 3
- HTTP2 Protocol Error HOT 3
- Proxygen For Windows
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from proxygen.