nginx quic实验
扫盲文档:
https://http3-explained.haxx.se/zh
最终用 quiche+nginx-1.16 和 quiche+curl 完成了实验环境的搭建。
wireshark升级到3.4.7之后也能够进行quic、http3的识别和tls的解密了。
----------- 杂七杂八的记录 -----------------------
下载代码
┬─[tong@T7:~/Src/thirdparty/boringssl.git]─[11:41:40 AM]
╰─>$ git remote -v
origin git@github.com:google/boringssl.git (fetch)
origin git@github.com:google/boringssl.git (push)
wget: https://hg.nginx.org/nginx-quic/shortlog/quic
编译boringssl
mkdir build
cd build
cmake ..
make
编译nginx-quic
./auto/configure --with-debug --with-http_v3_module --with-cc-opt='-I ../boringssl.git/include/ '
--with-ld-opt=' -L ../boringssl.git/build/ssl/ -L ../boringssl.git/build/crypto/'
make
配置示例
server {
listen 88 http3 reuseport;
server_name localhost;
ssl_certificate /home/tong/Keys/https/sni/sni_test1.cer;
ssl_certificate_key /home/tong/Keys/https/sni/sni_test1.key;
ssl_protocols TLSv1.3;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
add_header Alt-Svc 'h3=":8443"; ma=86400';
}
client
https://github.com/ngtcp2/ngtcp2 + boringssl
examples编译不过去
quiche + curl
https://github.com/cloudflare/quiche
https://github.com/curl/curl/blob/master/docs/HTTP3.md#quiche-version
照着文档编译。
[root@t88 curl.git]# ./src/curl --http3 https://quic.tech:8443/
quiche + nginx-1.16.1
打上patch 照着文档编译。
其他:
还有个支持quic的openssl:https://github.com/quictls/openssl/tree/OpenSSL_1_1_1k+quic
wireshark使用:
https://www.programmersought.com/article/65688366064/
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
