扫盲文档:
https://http3-explained.haxx.se/zh
最终用 quiche+nginx-1.16 和 quiche+curl 完成了实验环境的搭建。
wireshark升级到3.4.7之后也能够进行quic、http3的识别和tls的解密了。
----------- 杂七杂八的记录 -----------------------
下载代码
┬─[tong@T7:~/Src/thirdparty/boringssl.git]─[11:41:40 AM] ╰─>$ git remote -v origin git@github.com:google/boringssl.git (fetch) origin git@github.com:google/boringssl.git (push)
wget: https://hg.nginx.org/nginx-quic/shortlog/quic
编译boringssl
mkdir build
cd build
cmake ..
make
编译nginx-quic
./auto/configure --with-debug --with-http_v3_module --with-cc-opt='-I ../boringssl.git/include/ '
--with-ld-opt=' -L ../boringssl.git/build/ssl/ -L ../boringssl.git/build/crypto/'
make
配置示例
server { listen 88 http3 reuseport; server_name localhost; ssl_certificate /home/tong/Keys/https/sni/sni_test1.cer; ssl_certificate_key /home/tong/Keys/https/sni/sni_test1.key; ssl_protocols TLSv1.3; #charset koi8-r; #access_log logs/host.access.log main; location / { root /usr/share/nginx/html; index index.html index.htm; add_header Alt-Svc 'h3=":8443"; ma=86400'; }
client
https://github.com/ngtcp2/ngtcp2 + boringssl
examples编译不过去
quiche + curl
https://github.com/cloudflare/quiche
https://github.com/curl/curl/blob/master/docs/HTTP3.md#quiche-version
照着文档编译。
[root@t88 curl.git]# ./src/curl --http3 https://quic.tech:8443/
quiche + nginx-1.16.1
打上patch 照着文档编译。
其他:
还有个支持quic的openssl:https://github.com/quictls/openssl/tree/OpenSSL_1_1_1k+quic
wireshark使用:
https://www.programmersought.com/article/65688366064/