Bug 1225284

Summary:	curl -I (HEAD request) fails with HTTP/2 against a Debian Apache instance
Product:	[openSUSE] openSUSE Distribution	Reporter:	Samuel Henrique <samueloph>
Component:	Basesystem	Assignee:	David Anes <david.anes>
Status:	NEW ---	QA Contact:	E-mail List <qa-bugs>
Severity:	Normal
Priority:	P5 - None	CC:	samueloph
Version:	Leap 15.5
Target Milestone:	---
Hardware:	All
OS:	openSUSE Leap 15.5
Whiteboard:
Found By:	---	Services Priority:
Business Priority:		Blocker:	---
Marketing QA Status:	---	IT Deployment:	---

Description Samuel Henrique 2024-05-25 11:26:06 UTC

User-Agent:       Mozilla/5.0 (X11; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0
Build Identifier: 

I'm forwarding a bug report from Debian, I've noticed SUSE also ships the affected release and I confirmed I can reproduce the issue on SUSE with:
$ podman pull opensuse/leap
$ podman run -it opensuse/leap
$ curl -I https://h2.git.dgit.debian.org/dgit/info/refs
curl: (92) HTTP/2 stream 1 was not closed cleanly: PROTOCOL_ERROR (err 1)

The issue can happen on other endpoints too.

Please check the Debian bug report and curl-library thread for details:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1037258
https://curl.se/mail/lib-2024-05/0020.html

Reproducible: Always

Steps to Reproduce:
1. curl -I https://h2.git.dgit.debian.org/dgit/info/refs

Actual Results:  
curl: (92) HTTP/2 stream 1 was not closed cleanly: PROTOCOL_ERROR (err 1)

Expected Results:  
HTTP/2 200 
expires: Fri, 01 Jan 1980 00:00:00 GMT
pragma: no-cache
cache-control: no-cache, max-age=0, must-revalidate
x-content-type-options: nosniff
x-frame-options: sameorigin
referrer-policy: no-referrer
x-xss-protection: 1
permissions-policy: interest-cohort=()
strict-transport-security: max-age=15552000
vary: Accept-Encoding
x-clacks-overhead: GNU Terry Pratchett
content-type: text/plain
date: Sat, 25 May 2024 11:24:51 GMT
server: Apache

This should happen on every SUSE release shipping any curl releases between the affected releases mention in the external links.