HTTP/3 in curl
•
3 recomendaciones•1,936 vistas
Daniel Stenberg gave a presentation on HTTP/3 and how to enable it in curl. He discussed how HTTP/3 uses QUIC to improve on HTTP/1 and HTTP/2 by eliminating head of line blocking, enabling faster handshakes and earlier data, and always using encryption. He explained how to build curl with either the Quiche or ngtcp2 libraries to support HTTP/3 and demonstrated commands to test HTTP/3 functionality. While the implementation is still experimental, Stenberg welcomed help from the community to further develop HTTP/3 and QUIC support in curl.
Recomendados
Más contenido relacionado
La actualidad más candente
La actualidad más candente (20)
Similar a HTTP/3 in curl
Similar a HTTP/3 in curl (20)
Más de Daniel Stenberg
Más de Daniel Stenberg (17)
Último
Último (20)
HTTP/3 in curl
- 1. $ curl --http3 https://www.meetup.com/FOSS-Sthlm HTTP/3 200 date: Thu, 12 Dec 2019 17:15:00 GMT content-type: blab/presentation presenter: Daniel Stenberg content-length: 25 minutes HTTP/3 with curl $ @bagder@bagder
- 5. How HTTP/3 differs from 1 and 2How HTTP/3 differs from 1 and 2 Build curl to enable HTTP/3Build curl to enable HTTP/3 HTTP/3 with the curl toolHTTP/3 with the curl tool HTTP/3 with libcurlHTTP/3 with libcurl @bagder@bagder
- 7. Improvements in QUICImprovements in QUIC TCP head of line blockingTCP head of line blocking Faster handshakesFaster handshakes Earlier dataEarlier data More encryption, alwaysMore encryption, always Future developmentFuture development @bagder@bagder
- 8. QUIC on top of UDP TCP and UDP remain “the ones”TCP and UDP remain “the ones” Use UDP instead of IPUse UDP instead of IP Reliable transport protocol - inReliable transport protocol - in user-spaceuser-space A little like TCP + TLSA little like TCP + TLS @bagder@bagder
- 9. Streams! QUIC provides streamsQUIC provides streams Many logical flows within a single connectionMany logical flows within a single connection Similar to HTTP/2 but in the transport layerSimilar to HTTP/2 but in the transport layer IndependentIndependent streamsstreams @bagder@bagder
- 10. HTTP/3 = HTTP over QUIC @bagder@bagder
- 11. Stacks: old vs new TCP TLS 1.2+ HTTP/2 UDP HTTP/3 QUIC TLS 1.3 IP HTTP/1 @bagder@bagder streams @bagder@bagder
- 12. HTTPS is TCP? HTTPS:// URLs are everywhereHTTPS:// URLs are everywhere TCP (and TLS) on TCP port 443TCP (and TLS) on TCP port 443 @bagder@bagder
- 13. This service - over there! The Alt-Svc: response header Another host, protocol or port number is the same “origin” This site also runs on HTTP/3 “over there”, for the next NNNN seconds @bagder@bagder
- 14. HTTP/3 challenges 3-7% something of all QUIC attempts fail Clients need “fall back” algorithms CPU intensive Unoptimized UDP stacks “Funny” TLS layer All QUIC stacks are user-land No standard QUIC API Lack of tooling @bagder@bagder
- 16. curl runs in all your devices @bagder@bagder
- 18. Work in progress Early days – your help is appreciated HTTP/3 and QUIC support is experimental Things might will change Code is in git master and shipped @bagder@bagder
- 19. Build curl Early support aids the protocol community Requires 3rd party libraries for low level Selectable backend, use one out of several choices Quiche or ngtcp2 for now - Different TLS requirements - Very different APIs @bagder@bagder
- 20. Build curl with quiche https://github.com/cloudflare/quiche Uses BoringSSL (Look at docs/HTTP3.md) You probably want alt-svc support as well @bagder@bagder
- 21. Build curl with ngtcp2 (and nghttp3) https://github.com/ngtcp2/ngtcp2 https://github.com/ngtcp2/nghttp3 Uses custom patched OpenSSL (Look at docs/HTTP3.md) You probably want alt-svc support as well @bagder@bagder
- 22. TLS APIs for QUIC QUIC uses TLS 1.3 crypto - but differently than TCP uses TLS ngtcp2 uses a patched OpenSSL https://github.com/tatsuhiro-t/openssl/tree/quic-draft-22 BoringSSL is a forked version of OpenSSL that already has the necessary QUIC APIs. Pull request in progress for OpenSSL: #8797. Different than the patch above. Offers an API similar to the BoringSSL one. https://github.com/openssl/openssl/pull/8797 Most other TLS libraries curl supports lack the necessary APIs @bagder@bagder
- 24. It looks like HTTP/1 As for HTTP/2, HTTP/3 in curl is made to lookmade to look like HTTP/1like HTTP/1 when curl shows requests, headers and similar. For consistency and easy of use. @bagder@bagder
- 25. Run curl --http3 Forces curl to try QUIC and HTTP/3 on the given host name No fallback! --alt-svc <filename> Bootstraps into HTTP/3 the “standard way” Requires alt-svc: response headers (several dev servers don’t do those) Takes an additional round-trip Makes the initial request HTTP/1 or HTTP/2 the “usual way” The alt-svc file format: https://curl.haxx.se/docs/alt-svc.html @bagder@bagder
- 26. Run curl $ curl –-http3 https://quic.tech:8443/ -v $ curl –-alt-svc alt.txt https://quic.tech:8443/ -v $ curl --version … Features: alt-svc ... HTTP3 ... @bagder@bagder
- 27. Should work with HTTP/3 Connecting over IPv4 and IPv6 and “Happy eyeballs” Funny host name/DNS tricks like --resolve and friends HTTP GET and POST requests HTTP header parsing, adding and removing headers Cookies, connection caching, connection re-use etc @bagder@bagder
- 28. Lacking in the HTTP/3 implementation (Areas to join in and help out with) Multiplexing support Tests! File bugs! @bagder@bagder
- 30. curl is powered by libcurl Previously mentioned features are in libcurl … with a few more knobs to tweak @bagder@bagder
- 35. Specifications Ship curl HTTP/3-enabled? Deployed servers Browser support libcurl TLS libraries QUIC and HTTP/3 libraries @bagder@bagder
- 36. It will take a while @bagder@bagder
- 37. December 6, 2019December 6, 2019
- 39. Daniel Stenberg @bagder https://daniel.haxx.se/ Thank you!Thank you! Questions?Questions?