HTTP/3 error against www.google.com

[yschimke]

Jetty version(s)

11.0.8

Java version/vendor (use: java -version)

openjdk version "11.0.14.1" 2022-02-08 LTS
OpenJDK Runtime Environment Zulu11.54+25-CA (build 11.0.14.1+1-LTS)
OpenJDK 64-Bit Server VM Zulu11.54+25-CA (build 11.0.14.1+1-LTS, mixed mode)

OS type/version

OSX - M1

Description

Connecting to www.google.com/142.250.178.4:443
onPreface HTTP3SessionClient@641dca0b[streams=0,CLOSED]
onDisconnect 265 settings_reserved java.lang.IllegalArgumentException: invalid reserved setting
onDisconnect 265 settings_reserved

How to reproduce?

Works

"https://www.cloudflare.com:443/robots.txt"

Fails

https://www.google.com:443/robots.txt

I'm using a client code pretty much just from https://www.eclipse.org/jetty/documentation/jetty-11/programming-guide/index.html#pg-client-http3

[yschimke]

I can provide a full example if requested, but it's in a larger code base.

[lorban]

There seems to be a bug in our HTTP3 Settings frame parser as it rejects key 1 with a new IllegalArgumentException("invalid reserved setting") while the latest draft 34 states that it is valid: https://datatracker.ietf.org/doc/html/draft-ietf-quic-http-34#section-11.2.2

We'll get this fixed, thank you for your report!

[lorban]

@sbordet do we both read the H3 spec the same way?

[sbordet]

@lorban @yschimke I read from the HTTP/3 specification (here):

Setting identifiers which were defined in [HTTP2] where there is no
corresponding HTTP/3 setting have also been reserved
(Section 11.2.2). These reserved settings MUST NOT be sent, and
their receipt MUST be treated as a connection error of type
H3_SETTINGS_ERROR.

Settings 0x06 overlaps, but in HTTP/3 there is no trace of 0x01.
Ah, it's because it's overridden by QPACK here.
Genius 😒

[sbordet]

@lachlan-roberts so it is possible that a HTTP/3 SETTINGS is received with settings 0x01 and 0x07 (see https://datatracker.ietf.org/doc/html/draft-ietf-quic-qpack-21#section-5).

We currently do nothing upon receiving these QPACK settings.
Are there setters that I can call in the Qpack[Encoder|Decoder] APIs that will cause these settings to be effective?

[sbordet]

I can confirm that not rejecting setting 0x01 results in a successful request/response from google.com.

Waiting on @lachlan-roberts for APIs details.
Currently maxBlockedStreams is a final field in QpackEncoder -- does it need to send instructions to the other peer if we make it mutable (like QpackEncoder.setCapacity() does)?

[lachlan-roberts]

@sbordet for SETTINGS_QPACK_MAX_TABLE_CAPACITY (0x1) you should call Encoder.setCapacity(), this will send the capacity instruction to the remote Decoder.

But for SETTINGS_QPACK_BLOCKED_STREAMS (0x7) there is no associated QPACK instruction. I was assuming this would only be set once at creation and then not changed again, this is why it is an argument in the QpackEncoder constructor. But I don't see a problem with adding a setter for it.