The example client fails with ClientDied(None)

[hxw]

When trying the example client command from the top level README, there was a problem with multiple IPs

% cargo run --example client https://google.com

thread 'main' panicked at 'client: AddrResolvedToMoreThanOneAddr([V6([2404:6800:4012::200e]:443), V4(172.217.160.78:443)])', examples/client.rs:32:9

However this can be worked around:-

diff --git a/src/client/mod.rs b/src/client/mod.rs
index 699971b..b9a392b 100644
--- a/src/client/mod.rs
+++ b/src/client/mod.rs
@@ -89,7 +89,7 @@ impl<C: TlsConnector> ClientBuilder<C> {
             return Err(Error::AddrResolvedToEmptyList);
         } else if addrs.len() > 1 {
             // TODO: allow multiple addresses
-            return Err(Error::AddrResolvedToMoreThanOneAddr(addrs));
+            // return Err(Error::AddrResolvedToMoreThanOneAddr(addrs));
         }
         self.addr = Some(AnySocketAddr::Inet(addrs.into_iter().next().unwrap()));
         Ok(())

Now the failure can be observed:

% cargo run --example client https://google.com

thread 'main' panicked at 'execute request: ClientDied(None)', examples/client.rs:35:16

I added a patch to see what the real error was:

diff --git a/src/client/conn.rs b/src/client/conn.rs
index 131d314..f564727 100644
--- a/src/client/conn.rs
+++ b/src/client/conn.rs
@@ -374,7 +374,13 @@ impl ClientConn {
         let connect = assert_send_future(connect);
 
         let tls_conn = connect
-            .and_then(move |conn| async move { Ok(connector.connect(&domain, conn).await?) });
+            .and_then(move |conn| async move {
+                println!("connect & await: domain: {:?}  conn: {:?}", domain, conn);
+                match connector.connect(&domain, conn).await {
+                    Ok(r) => Ok(r),
+                    Err(e) => panic!("**ERROR: `{}´ **", e),
+                }
+            });
 
         let tls_conn = assert_send_future(tls_conn);
 

It appears to be self signed cert!

% cargo run --example client https://google.com

connect & await: domain: "google.com"  conn: TcpStream { addr: V6([2001:b030:2314:200:3224:32ff:fe43:f12f]:63032), peer: V6([2404:6800:4012::200e]:443), fd: 9 }

thread 'http2-client-loop' panicked at '**ERROR: `the handshake failed: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:/usr/src/crypto/openssl/ssl/statem/statem_clnt.c:1915:: self signed certificate´ **', <::std::macros::panic macros>:5:6

I tried with many sites and have the similar problems, e.g., microsoft.com gave Hostname mismatch. However wikipedia.org did work. There is no problem using curl --http2-prior-knowledge to access these.

Some versions:

% openssl version
OpenSSL 1.1.1d-freebsd  10 Sep 2019
% uname -rsm
FreeBSD 12.1-RELEASE-p3 amd64

[hxw]

Just a note: I came here trying to make grpc work and after trying various versions ended up with httpbis aoverridden to this repo and still getting the ClientDied(None) failure.

I just tried the greeter example with the above patches and the message is Certificate Expired :)

Is there a way to propagate the openssl error so could see something like:

ClientDied(Err("Certificate Expired"))

[alexxroche]

This is still an issue

$ cargo run --example client https://google.com/
    Finished dev [unoptimized + debuginfo] target(s) in 0.06s
     Running `target/debug/examples/client 'https://google.com/'`
thread 'main' panicked at 'client: AddrResolvedToMoreThanOneAddr([[2a00:1450:4007:80a::200e]:443, 172.217.18.206:443])', httpbis/examples/client.rs:28:14

While this is being fixed, maybe change the example to: cargo run --example client https://ipv6.google.com/ ?