2019-07-22 05:48:58 +08:00
# HTTP3 (and QUIC)
## Resources
2021-10-05 09:32:59 +08:00
[HTTP/3 Explained ](https://http3-explained.haxx.se/en/ ) - the online free
2019-07-22 05:48:58 +08:00
book describing the protocols involved.
[QUIC implementation ](https://github.com/curl/curl/wiki/QUIC-implementation ) -
the wiki page describing the plan for how to support QUIC and HTTP/3 in curl
and libcurl.
[quicwg.org ](https://quicwg.org/ ) - home of the official protocol drafts
## QUIC libraries
2021-10-31 23:34:44 +08:00
QUIC libraries we are experimenting with:
2019-07-22 05:48:58 +08:00
[ngtcp2 ](https://github.com/ngtcp2/ngtcp2 )
[quiche ](https://github.com/cloudflare/quiche )
2022-04-11 00:21:37 +08:00
[msquic ](https://github.com/microsoft/msquic ) & [msh3 ](https://github.com/nibanks/msh3 )
2021-12-23 18:20:34 +08:00
## Experimental
2019-07-22 05:48:58 +08:00
2019-08-06 20:44:30 +08:00
HTTP/3 and QUIC support in curl is considered **EXPERIMENTAL** until further
notice. It needs to be enabled at build-time.
2019-07-22 05:48:58 +08:00
2019-08-06 20:44:30 +08:00
Further development and tweaking of the HTTP/3 support in curl will happen in
2022-01-27 09:12:50 +08:00
the master branch using pull-requests, just like ordinary changes.
2019-07-22 05:48:58 +08:00
# ngtcp2 version
2020-03-26 05:49:02 +08:00
## Build with OpenSSL
2019-07-22 05:48:58 +08:00
2019-08-11 05:19:55 +08:00
Build (patched) OpenSSL
2021-10-12 09:38:01 +08:00
% git clone --depth 1 -b openssl-3.0.0+quic https://github.com/quictls/openssl
2019-08-11 05:19:55 +08:00
% cd openssl
% ./config enable-tls1_3 --prefix=< somewhere1 >
% make
2021-10-12 09:38:01 +08:00
% make install
2019-08-11 05:19:55 +08:00
Build nghttp3
% cd ..
% git clone https://github.com/ngtcp2/nghttp3
% cd nghttp3
2021-10-12 09:38:01 +08:00
% autoreconf -fi
2019-08-11 05:19:55 +08:00
% ./configure --prefix=< somewhere2 > --enable-lib-only
% make
% make install
Build ngtcp2
% cd ..
2019-09-21 21:46:30 +08:00
% git clone https://github.com/ngtcp2/ngtcp2
2019-08-11 05:19:55 +08:00
% cd ngtcp2
2021-10-12 09:38:01 +08:00
% autoreconf -fi
2020-11-20 13:10:49 +08:00
% ./configure PKG_CONFIG_PATH=< somewhere1 > /lib/pkgconfig:< somewhere2 > /lib/pkgconfig LDFLAGS="-Wl,-rpath,< somewhere1 > /lib" --prefix=< somewhere3 > --enable-lib-only
2019-08-11 05:19:55 +08:00
% make
% make install
Build curl
% cd ..
% git clone https://github.com/curl/curl
% cd curl
2021-09-19 21:17:42 +08:00
% autoreconf -fi
2021-04-14 00:11:43 +08:00
% LDFLAGS="-Wl,-rpath,< somewhere1 > /lib" ./configure --with-openssl=< somewhere1 > --with-nghttp3=< somewhere2 > --with-ngtcp2=< somewhere3 >
2019-08-11 05:19:55 +08:00
% make
2021-10-12 09:38:01 +08:00
% make install
2021-12-18 22:52:39 +08:00
For OpenSSL 3.0.0 or later builds on Linux for x86_64 architecture, substitute all occurrences of "/lib" with "/lib64"
2019-07-22 05:48:58 +08:00
2020-03-26 05:49:02 +08:00
## Build with GnuTLS
2020-11-20 13:10:49 +08:00
Build GnuTLS
2020-03-26 05:49:02 +08:00
2020-11-20 13:10:49 +08:00
% git clone --depth 1 https://gitlab.com/gnutls/gnutls.git
2020-03-26 05:49:02 +08:00
% cd gnutls
% ./bootstrap
2021-10-12 09:38:01 +08:00
% ./configure --prefix=< somewhere1 >
2020-03-26 05:49:02 +08:00
% make
% make install
Build nghttp3
% cd ..
% git clone https://github.com/ngtcp2/nghttp3
% cd nghttp3
2021-10-12 09:38:01 +08:00
% autoreconf -fi
2020-03-26 05:49:02 +08:00
% ./configure --prefix=< somewhere2 > --enable-lib-only
% make
% make install
Build ngtcp2
% cd ..
% git clone https://github.com/ngtcp2/ngtcp2
% cd ngtcp2
2021-10-12 09:38:01 +08:00
% autoreconf -fi
2021-04-07 09:45:01 +08:00
% ./configure PKG_CONFIG_PATH=< somewhere1 > /lib/pkgconfig:< somewhere2 > /lib/pkgconfig LDFLAGS="-Wl,-rpath,< somewhere1 > /lib" --prefix=< somewhere3 > --enable-lib-only --with-gnutls
2020-03-26 05:49:02 +08:00
% make
% make install
Build curl
% cd ..
% git clone https://github.com/curl/curl
% cd curl
2021-09-19 21:17:42 +08:00
% autoreconf -fi
2021-04-14 00:11:43 +08:00
% ./configure --without-openssl --with-gnutls=< somewhere1 > --with-nghttp3=< somewhere2 > --with-ngtcp2=< somewhere3 >
2020-03-26 05:49:02 +08:00
% make
2021-10-12 09:38:01 +08:00
% make install
2020-03-26 05:49:02 +08:00
2019-07-22 05:48:58 +08:00
# quiche version
## build
2020-05-10 22:53:00 +08:00
Build quiche and BoringSSL:
2019-08-10 13:57:04 +08:00
2019-08-13 02:40:32 +08:00
% git clone --recursive https://github.com/cloudflare/quiche
2020-06-05 01:18:00 +08:00
% cd quiche
2021-11-30 21:37:36 +08:00
% cargo build --package quiche --release --features ffi,pkg-config-meta,qlog
% mkdir quiche/deps/boringssl/src/lib
% ln -vnf $(find target/release -name libcrypto.a -o -name libssl.a) quiche/deps/boringssl/src/lib/
2019-07-22 05:48:58 +08:00
2020-02-05 07:25:12 +08:00
Build curl:
2019-07-22 05:48:58 +08:00
% cd ..
% git clone https://github.com/curl/curl
2019-08-10 13:57:04 +08:00
% cd curl
2021-09-19 21:17:42 +08:00
% autoreconf -fi
2021-11-30 21:37:36 +08:00
% ./configure LDFLAGS="-Wl,-rpath,$PWD/../quiche/target/release" --with-openssl=$PWD/../quiche/quiche/deps/boringssl/src --with-quiche=$PWD/../quiche/target/release
2019-09-24 02:56:48 +08:00
% make
2021-10-12 09:38:01 +08:00
% make install
If `make install` results in `Permission denied` error, you will need to prepend it with `sudo` .
2019-07-22 05:48:58 +08:00
2022-04-11 00:21:37 +08:00
# msh3 (msquic) version
## Build Linux (with quictls fork of OpenSSL)
Build msh3:
% git clone -b v0.1.0 --single-branch --recursive https://github.com/nibanks/msh3
% cd msh3 & & mkdir build & & cd build
% cmake -G 'Unix Makefiles' -DCMAKE_BUILD_TYPE=RelWithDebInfo ..
% cmake --build .
% cmake --install .
Build curl:
% git clone https://github.com/curl/curl
% cd curl
% autoreconf -fi
% ./configure LDFLAGS="-Wl,-rpath,/usr/local/lib" --with-msh3=/usr/local --with-openssl
% make
% make install
Run from `/usr/local/bin/curl` .
## Build Windows
Build msh3:
% git clone -b v0.2.0 --single-branch --recursive https://github.com/nibanks/msh3
% cd msh3 & & mkdir build & & cd build
% cmake -G 'Visual Studio 17 2022' -DCMAKE_BUILD_TYPE=RelWithDebInfo ..
% cmake --build . --config Release
% cmake --install . --config Release
> **Note** - On Windows, Schannel will be used for TLS support by default. If you with to use (the quictls fork of) OpenSSL, specify the `-DQUIC_TLS=openssl` option to the generate command above. Also note that OpenSSL brings with it an additional set of build dependencies not specified here.
Build curl (in [Visual Studio Command prompt ](../winbuild/README.md#open-a-command-prompt )):
% git clone https://github.com/curl/curl
% cd curl/winbuild
% nmake /f Makefile.vc mode=dll WITH_MSH3=dll MSH3_PATH="C:/Program Files/msh3" MACHINE=x64
Note: If you encouter a build error with `tool_hugehelp.c` being missing, rename `tool_hugehelp.c.cvs` in the same directory to `tool_hugehelp.c` and then run `nmake` again.
Run in the `C:/Program Files/msh3/lib` directory, copy `curl.exe` to that directory, or copy `msquic.dll` and `msh3.dll` from that directory to the `curl.exe` directory. For example:
% C:\Program Files\msh3\lib> F:\curl\builds\libcurl-vc-x64-release-dll-ipv6-sspi-schannel-msh3\bin\curl.exe --http3 https://www.google.com
2021-12-23 18:20:34 +08:00
# `--http3`
2019-09-26 20:17:09 +08:00
Use HTTP/3 directly:
2021-04-26 10:29:10 +08:00
curl --http3 https://nghttp2.org:4433/
2019-07-22 05:48:58 +08:00
2019-09-26 20:17:09 +08:00
Upgrade via Alt-Svc:
2019-07-22 05:48:58 +08:00
2019-09-26 20:17:09 +08:00
curl --alt-svc altsvc.cache https://quic.aiortc.org/
2019-09-26 19:18:17 +08:00
See this [list of public HTTP/3 servers ](https://bagder.github.io/HTTP3-test/ )
2021-12-16 16:20:54 +08:00
## Known Bugs
2021-12-23 18:20:34 +08:00
Check out the [list of known HTTP3 bugs ](https://curl.se/docs/knownbugs.html#HTTP3 ).
# HTTP/3 Test server
This is not advice on how to run anything in production. This is for
development and experimenting.
2022-01-27 09:12:50 +08:00
## Prereqs
2021-12-23 18:20:34 +08:00
An existing local HTTP/1.1 server that hosts files. Preferably also a few huge
ones. You can easily create huge local files like `truncate -s=8G 8GB` - they
2022-03-29 19:58:11 +08:00
are huge but do not occupy that much space on disk since they are just big
holes.
2021-12-23 18:20:34 +08:00
In my Debian setup I just installed **apache2** . It runs on port 80 and has a
document root in `/var/www/html` . I can get the 8GB file from it with `curl
localhost/8GB -o dev/null`
2022-03-29 19:58:11 +08:00
In this description we setup and run an HTTP/3 reverse-proxy in front of the
2021-12-23 18:20:34 +08:00
HTTP/1 server.
## Setup
You can select either or both of these server solutions.
### nghttpx
Get, build and install **quictls** , **nghttp3** and **ngtcp2** as described
above.
Get, build and install **nghttp2** :
git clone https://github.com/nghttp2/nghttp2.git
cd nghttp2
autoreconf -fi
PKG_CONFIG_PATH=$PKG_CONFIG_PATH:/home/daniel/build-quictls/lib/pkgconfig:/home/daniel/build-nghttp3/lib/pkgconfig:/home/daniel/build-ngtcp2/lib/pkgconfig LDFLAGS=-L/home/daniel/build-quictls/lib CFLAGS=-I/home/daniel/build-quictls/include ./configure --enable-maintainer-mode --prefix=/home/daniel/build-nghttp2 --disable-shared --enable-app --enable-http3 --without-jemalloc --without-libxml2 --without-systemd
make & & make install
Run the local h3 server on port 9443, make it proxy all traffic through to
HTTP/1 on localhost port 80. For local toying, we can just use the test cert
that exists in curl's test dir.
CERT=$CURLSRC/tests/stunnel.pem
$HOME/bin/nghttpx $CERT $CERT --backend=localhost,80 \
--frontend="localhost,9443;quic"
### Caddy
[Install caddy ](https://caddyserver.com/docs/install ), you can even put the
single binary in a separate directory if you prefer.
In the same directory you put caddy, create a `Caddyfile` with the following
2022-03-29 19:58:11 +08:00
content to run an HTTP/3 reverse-proxy on port 7443:
2021-12-23 18:20:34 +08:00
~~~
{
auto_https disable_redirects
servers :7443 {
protocol {
experimental_http3
}
}
}
localhost:7443 {
reverse_proxy localhost:80
}
~~~
Then run caddy:
./caddy start