The example client fails with ClientDied(None) #40
Description
When trying the example client command from the top level README, there was a problem with multiple IPs
% cargo run --example client https://google.com thread 'main' panicked at 'client: AddrResolvedToMoreThanOneAddr([V6([2404:6800:4012::200e]:443), V4(172.217.160.78:443)])', examples/client.rs:32:9 However this can be worked around:-
diff --git a/src/client/mod.rs b/src/client/mod.rs index 699971b..b9a392b 100644 --- a/src/client/mod.rs +++ b/src/client/mod.rs @@ -89,7 +89,7 @@ impl<C: TlsConnector> ClientBuilder<C> { return Err(Error::AddrResolvedToEmptyList); } else if addrs.len() > 1 { // TODO: allow multiple addresses - return Err(Error::AddrResolvedToMoreThanOneAddr(addrs)); + // return Err(Error::AddrResolvedToMoreThanOneAddr(addrs)); } self.addr = Some(AnySocketAddr::Inet(addrs.into_iter().next().unwrap())); Ok(()) Now the failure can be observed:
% cargo run --example client https://google.com thread 'main' panicked at 'execute request: ClientDied(None)', examples/client.rs:35:16 I added a patch to see what the real error was:
diff --git a/src/client/conn.rs b/src/client/conn.rs index 131d314..f564727 100644 --- a/src/client/conn.rs +++ b/src/client/conn.rs @@ -374,7 +374,13 @@ impl ClientConn { let connect = assert_send_future(connect); let tls_conn = connect - .and_then(move |conn| async move { Ok(connector.connect(&domain, conn).await?) }); + .and_then(move |conn| async move { + println!("connect & await: domain: {:?} conn: {:?}", domain, conn); + match connector.connect(&domain, conn).await { + Ok(r) => Ok(r), + Err(e) => panic!("**ERROR: `{}´ **", e), + } + }); let tls_conn = assert_send_future(tls_conn); It appears to be self signed cert!
% cargo run --example client https://google.com connect & await: domain: "google.com" conn: TcpStream { addr: V6([2001:b030:2314:200:3224:32ff:fe43:f12f]:63032), peer: V6([2404:6800:4012::200e]:443), fd: 9 } thread 'http2-client-loop' panicked at '**ERROR: `the handshake failed: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:/usr/src/crypto/openssl/ssl/statem/statem_clnt.c:1915:: self signed certificate´ **', <::std::macros::panic macros>:5:6 I tried with many sites and have the similar problems, e.g., microsoft.com gave Hostname mismatch. However wikipedia.org did work. There is no problem using curl --http2-prior-knowledge to access these.
Some versions:
% openssl version OpenSSL 1.1.1d-freebsd 10 Sep 2019 % uname -rsm FreeBSD 12.1-RELEASE-p3 amd64