发表新帖
发表新帖

How to detect if a server is using SPDY

前端 未结
关注
2 1539
无人及你
无人及你 2021-02-08 02:28

Any way to detect if a remote website supports SPDY and what version it is?

Something I can use from the command line like a bash script.

Tried sending custom Us

相关标签:
2条回答
  • 庸人自扰
    2021-02-08 02:55

    The SPDY protocol negotiation happens during the initial TLS handshake.

    There are currently two ways to negotiate the protocol: the older one is called NPN (http://tools.ietf.org/html/draft-agl-tls-nextprotoneg-04). In the ClientHello TLS message the client sends the NPN extension with ID 0x3374. The server replies with a ServerHello TLS message that also contains the list of protocols supported by the server also in a NPN extension. The client then chooses the protocol and sends its choice, encrypted, to the server.

    The newer method has been designed for HTTP 2.0 and is called ALPN (http://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg-05). The ClientHello TLS message contains the ALPN extension with ID 0x10. The client, this time, sends the list of protocols supported and the server replies with a ServerHello TLS message that contains the protocol chosen by the server, also in a ALPN extension.

    In both the NPN and ALPN extension the list of protocols is sent as strings such as http/1.1 or spdy/3.

    Once the protocol has been chosen, the TLS handshake continues and then both parties will start to speak immediately the protocol that they have chosen.

    The only way to be aware of negotiation of the protocol is therefore to use TLS and to have a client that exposes the protocol negotiation extensions. Each client does that in a specific way, but there is not yet support for bash scripts, as far as I know.

    HAProxy for example has support for both NPN and ALPN (http://cbonte.github.io/haproxy-dconv/configuration-1.5.html) and Jetty 9.2 too has support for both NPN and ALPN (both for clients and servers).

    Other servers like Nginx or Apache have support for NPN with patches for ALPN (since it will be needed by HTTP 2.0 anyway).

    NPN will eventually fade away; Google's Adam Langley has stated that NPN will be deprecated in favour of ALPN.

    0 讨论(0)
  • 抹茶落季
    2021-02-08 03:09 
    openssl s_client -connect google.com:443 -nextprotoneg ''
CONNECTED(00000003)
Protocols advertised by server: spdy/3.1, spdy/3, http/1.1
    0 讨论(0)
 看不清?
提交回复
热议问题