gpt4 book ai didi

Node.js HTTP2 服务器错误 : socket hang up

转载 作者:搜寻专家 更新时间:2023-10-31 22:24:17 24 4
gpt4 key购买 nike

给定具有实验性 HTTP2 支持的最新版本的 Node.js:

$ node -v
v9.2.0

一个 HTTP2 服务器:

var options = {
key: getKey(),
cert: getCert(),
allowHTTP1: true
}

var server = http2.createSecureServer(options)
server.on('stream', onstream)
server.on('error', onerror)
server.on('connect', onconnect)
server.on('socketError', onsocketerror)
server.on('frameError', onframeerror)
server.on('remoteSettings', onremotesettings)
server.listen(8443)

function onconnect() {
console.log('connect')
}

function onremotesettings(settings) {
console.log('remote settings', settings)
}

function onframeerror(error) {
console.log('frame error', error)
}

function onsocketerror(error) {
console.log('socket error', error)
}

function onerror(error) {
console.log(error)
}

function onstream(stream, headers) {
console.log('stream')
}

向它提出的请求:

var https = require('https')

var options = {
method: 'GET',
hostname: 'localhost',
port: '8443',
path: '/',
protocol: 'https:',
rejectUnauthorized: false,
agent: false
}

var req = https.request(options, function(res){
var body = ''
res.setEncoding('utf8')
res.on('data', function(data){
body += data;
});
res.on('end', function(){
callback(null, body)
})
})

req.end()

它只是挂起并最终说:

Error: socket hang up
at createHangUpError (_http_client.js:330:15)
at TLSSocket.socketOnEnd (_http_client.js:423:23)
at TLSSocket.emit (events.js:164:20)
at endReadableNT (_stream_readable.js:1054:12)
at _combinedTickCallback (internal/process/next_tick.js:138:11)
at process._tickCallback (internal/process/next_tick.js:180:9)

如果设置了rejectUnauthorized: true,那么它会出错:

Error: self signed certificate
at TLSSocket.onConnectSecure (_tls_wrap.js:1036:34)
at TLSSocket.emit (events.js:159:13)
at TLSSocket._finishInit (_tls_wrap.js:637:8)

不确定出了什么问题以及为什么它不会到达记录 stream 的地步。

如果我进入浏览器并访问 https://localhost:8443 ,并点击警告消息,它实际上记录了 stream 并成功发出了请求。但是一直无法让 Node 发出请求。

我想将其视为 HTTP1 服务器,因此不想使用 HTTP2 客户端发出请求。但是尝试使用那个和同样的东西。

最佳答案

HTTP/1 与 HTTP/2 不共享相同的请求语义,因此需要在 HTTP/2 服务器中检测和处理 HTTP/1 客户端。要支持两者,您需要使用 HTTP2 Compatibility API .

“挂起”发生在 HTTP1 客户端连接到设置了 allowHTTP1: true 的 HTTP/2 服务器但不处理 HTTP/1 请求时。

示例基于 Node documentation example code .

HTTP/1 和/2 混合服务器

const http2 = require('http2')
const fs = require('fs')

var options = {
key: fs.readFileSync('server-key.pem'),
cert: fs.readFileSync('server-crt.pem'),
//ca: fs.readFileSync('ca-crt.pem'),
allowHTTP1: true,
}

var server = http2.createSecureServer(options, (req, res) => {
// detects if it is a HTTPS request or HTTP/2
const { socket: { alpnProtocol } } = (req.httpVersion === '2.0')
? req.stream.session
: req

res.writeHead(200, { 'content-type': 'application/json' })
res.end(JSON.stringify({
alpnProtocol,
httpVersion: req.httpVersion
}))
})

server.listen(8443)

HTTP/2 客户端

const http2 = require('http2')
const fs = require('fs')

const client = http2.connect('https://localhost:8443', {
ca: fs.readFileSync('ca-crt.pem'),
rejectUnauthorized: true,
})
client.on('socketError', (err) => console.error(err))
client.on('error', (err) => console.error(err))

const req = client.request({ ':path': '/' })

req.on('response', (headers, flags) => {
for (const name in headers) {
console.log('Header: "%s" "%s"', name, headers[name])
}
})

req.setEncoding('utf8')
let data = ''
req.on('data', chunk => data += chunk)
req.on('end', () => {
console.log('Data:', data)
client.destroy()
})
req.end()

然后运行:

→ node http2_client.js 
(node:34542) ExperimentalWarning: The http2 module is an experimental API.
Header: ":status" "200"
Header: "content-type" "application/json"
Header: "date" "Sat, 02 Dec 2017 23:27:21 GMT"
Data: {"alpnProtocol":"h2","httpVersion":"2.0"}

HTTP/1 客户端

const https = require('https')
const fs = require('fs')

var options = {
method: 'GET',
hostname: 'localhost',
port: '8443',
path: '/',
protocol: 'https:',
ca: fs.readFileSync('ca-crt.pem'),
rejectUnauthorized: true,
//agent: false
}

var req = https.request(options, function(res){
var body = ''
res.setEncoding('utf8')
res.on('data', data => body += data)
res.on('end', ()=> console.log('Body:', body))
})

req.on('response', response => {
for (const name in response.headers) {
console.log('Header: "%s" "%s"', name, response.headers[name])
}
})

req.end()

然后运行

→ node http1_client.js 
Header: "content-type" "application/json"
Header: "date" "Sat, 02 Dec 2017 23:27:08 GMT"
Header: "connection" "close"
Header: "transfer-encoding" "chunked"
Body: {"alpnProtocol":false,"httpVersion":"1.1"}

HTTP/2 服务器

使用普通 HTTP/2 服务器将与 http2_client 一起工作,但对于 http1_client 会“挂起”。当您删除 allowHTTP1: true 时,来自 HTTP/1 客户端的 TLS 连接将关闭。

const http2 = require('http2')
const fs = require('fs')

var options = {
key: fs.readFileSync('server-key.pem'),
cert: fs.readFileSync('server-crt.pem'),
ca: fs.readFileSync('ca-crt.pem'),
allowHTTP1: true,
}

var server = http2.createSecureServer(options)
server.on('error', error => console.log(error))
server.on('connect', conn => console.log('connect', conn))
server.on('socketError', error => console.log('socketError', error))
server.on('frameError', error => console.log('frameError', error))
server.on('remoteSettings', settings => console.log('remote settings', settings))

server.on('stream', (stream, headers) => {
console.log('stream', headers)
stream.respond({
'content-type': 'application/html',
':status': 200
})
console.log(stream.session)
stream.end(JSON.stringify({
alpnProtocol: stream.session.socket.alpnProtocol,
httpVersion: "2"
}))
})

server.listen(8443)

证书

通过 gist 中详述的扩展中间证书设置,需要向客户端提供 CA 的完整证书链。

cat ca/x/certs/x.public.pem > caxy.pem
cat ca/y/certs/y.public.pem >> caxy.pem

然后在客户端的选项中使用这个ca

{ 
ca: fs.readFileSync('caxy.pem'),
}

这些示例是使用来自 this circle.com article 的以下简单 CA 设置运行的:

To simplify the configuration, let’s grab the following CA configuration file.

wget https://raw.githubusercontent.com/anders94/https-authorized-clients/master/keys/ca.cnf

Next, we’ll create a new certificate authority using this configuration.

openssl req -new -x509 \
-days 9999 \
-config ca.cnf \
-keyout ca-key.pem \
-out ca-crt.pem

Now that we have our certificate authority in ca-key.pem and ca-crt.pem, let’s generate a private key for the server.

openssl genrsa \
-out server-key.pem \
4096

Our next move is to generate a certificate signing request. Again to simplify configuration, let’s use server.cnf as a configuration shortcut.

wget https://raw.githubusercontent.com/anders94/https-authorized-clients/master/keys/server.cnf

Now we’ll generate the certificate signing request.

openssl req -new \
-config server.cnf \
-key server-key.pem \
-out server-csr.pem

Now let’s sign the request.

openssl x509 -req -extfile server.cnf \
-days 999 \
-passin "pass:password" \
-in server-csr.pem \
-CA ca-crt.pem \
-CAkey ca-key.pem \
-CAcreateserial \
-out server-crt.pem

关于Node.js HTTP2 服务器错误 : socket hang up,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/47460500/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com