rlm_rest and HTTP/2

Hoggins! hoggins at wheres5.com
Tue Jul 30 10:45:33 CEST 2019


Hello there,

Been playing around with rlm_rest, and it works like a charm over
HTTPS... until you activate HTTP/2 on your web server. Because then I
get this in the logs:

    (1) rest: Processing response header
    (1) rest: ERROR: Malformed HTTP header: Status line too short
    (1) rest: ERROR: Received 13 bytes of response data: HTTP/2 404  
    (1) rest: ERROR: Request failed: 23 - Failed writing received data
    to disk/application
    (1) rest: ERROR: Server returned no data
    rlm_rest (rest): Released connection (0)


Note that performing the HTTP call with cURL works with both HTTP/1.1
and HTTP/2 (correct answer given when trying to authenticate a user) so
the web server behavior in itself is not the cause.

It seems that rlm_rest does not handle HTTP/2 very well, expecting
something that does not exist under this protocol, or at least before
the parties agreed to use it.

I'm no HTTP/2 expert, but cURL in verbose mode shows:

    * Using HTTP2, server supports multi-use
    * Connection state changed (HTTP/2 confirmed)
    * Copying HTTP/2 data in stream buffer to connection buffer after
    upgrade: len=0


... which seem to indicate that some connection upgrade is being
performed (like for a websocket?), and one might think that rlm_rest
does not like it very much.

Are these assumptions correct?

    Thanks!

        Hoggins!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20190730/31862b8d/attachment-0001.sig>


More information about the Freeradius-Users mailing list