New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OpenSSL 3.2 QUIC stack based HTTP/3 #12734
Conversation
Can you also add a description to HTTP3.md how to build this setup? |
- HTTP/3 for curl using OpenSSL's own QUIC stack together with nghttp3 - configure with `--with-openssl-quic` to enable curl to build this. This requires the nghttp3 library - implementation with the following restrictions: * macOS has to use an unconnected UDP socket due to an issue in OpenSSL's datagram implementation See openssl/openssl#23251 This makes connections to non-reponsive servers hang. * GET requests will send the indicator that they have no body in a separate QUIC packet. This may result in processing delays or Transfer-Encodings on proxied requests * uploads that encounter blocks will use 100% cpu as detection of these flow control issue is not working (we have not figured out to pry that from OpenSSL).
- remove no longer neede config param in building openssl3
Done. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Otherwise I think this looks good!
It works with some manual hacks due to nghttp3 being undetected by autotools (a long-time issue). When enabled, the version string is showing some duplication: ``` curl 8.6.0-DEV (x86_64-w64-mingw32) libcurl/8.6.0-DEV OpenSSL/3.2.0 (Schannel) zlib/1.3 WinIDN libssh2/1.11.1_DEV nghttp2/1.58.0 OpenSSL/3.2.0 (Schannel) nghttp3/1.1.0 Release-Date: [unreleased] Protocols: dict file ftp ftps gopher gophers http https imap imaps ipfs ipns ldap ldaps mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp ws wss Features: alt-svc AsynchDNS HSTS HTTP2 HTTP3 HTTPS-proxy IDN IPv6 Kerberos Largefile libz MultiSSL NTLM SPNEGO SSL SSPI threadsafe UnixSockets ``` Ref: curl/curl@0535f6e Ref: curl/curl#12734
Few observations after enabling support for this in curl-for-win:
|
@icing Can you add the cmake functionality / flag to compile http3 with openssl 3.2 + nghttp3 ? |
@talregev I must admit my cmake skills are lacking. |
I will open an issue about it. |
--with-openssl-quic
to enable curl to build this. This requires the nghttp3 library