[Twisted-Python] Twisted 16.3.0 Prerelease 2 Announcement

Donal McMullan donal.mcmullan at gmail.com
Sat Jul 9 12:08:51 MDT 2016


Works for me with txacme and a lets: cert

IIRC, when I was trying to use a self signed cert on my local network I got
the ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY error.

DJM

On 9 July 2016 at 18:30, Paweł Miech <pawelmhm at gmail.com> wrote:

> Thanks for fixing this.
>
> Did anyone actually manage to make HTTP2 in Twisted work with
> Google-Chrome? I tried to do this today, and it seems this is surprisingly
> difficult. It turns out that Chrome requires ALPN and it dropped support
> for NPN. ALPN is only supported with OpenSSL 1.0.2 or above, which by
> default is not available in most systems. This is discussed here
> <https://www.nginx.com/blog/supporting-http2-google-chrome-users/>. I
> tried setting up docker image with Ubuntu 16.04 that has required version
> of OpenSSL, but it seems that Chrome still doesn't like it. It
> returns ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY error and fails to load
> page. Looking up this error I found out this might be happening because
> some TSL ciphers are blacklisted in HTTP2, there is nice answer about
> this here
> <https://serverfault.com/questions/712808/chrome-reports-err-spdy-inadequate-transport-security-connecting-to-local-web-se/712838#712838> it
> links to this part of HTTP2 spec
> https://http2.github.io/http2-spec/#rfc.section.9.2.2
>
> My question is: should user deal with this kind of stuff themselves? If
> some ciphers are blacklisted in HTTP2 shouldn't this be handled somewhere
> in Twisted? E.g. perhaps there should be some Http2SSLContextFactory? If
> you'd like to reproduce this I did some sample repo here:
> https://github.com/pawelmhm/sf-books-http2 it contains dockerfile that
> builds from Ubuntu 16.04 and runs simple Twisted HTTP 2 resource.
>
> 2016-07-04 13:48 GMT+02:00 Craig Rodrigues <rodrigc at crodrigues.org>:
>
>> On Sun, Jul 3, 2016 at 3:15 AM, Paweł Miech <pawelmhm at gmail.com> wrote:
>>
>>> HTTP2 support sounds really exciting.
>>>
>>> > Please let me know if you have any issues, as well as if you don't! If
>>> everything works well, that's a good thing for me to know :)
>>>
>>> I played around with this today and found out that the command you
>>> recommend:
>>>
>>> >  pip install -U https://twistedmatrix.com/Releases
>>> /pre/16.3.0pre2/Twisted-16.3.0rc2.tar.bz2#egg=Twisted[http2,tls]
>>>
>>> does NOT install dependencies when ran on Python 3, I had to manually
>>> install h2 to HTTP2 support to work. It works ok on Python 2. My
>>> installation logs on Python 3.4 look like this:
>>>
>>>
>> I think I've fixed that in trunk with this:
>>
>> https://github.com/twisted/twisted/pull/287
>>
>> --
>> Craig
>>
>> _______________________________________________
>> Twisted-Python mailing list
>> Twisted-Python at twistedmatrix.com
>> http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
>>
>>
>
> _______________________________________________
> Twisted-Python mailing list
> Twisted-Python at twistedmatrix.com
> http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/twisted-python/attachments/20160709/1a8d4989/attachment-0002.html>


More information about the Twisted-Python mailing list