ngtcp2_开源项目-程序员客栈

ngtcp2

"CallitTCP/2.OneMoreTime."

ngtcp2projectisanefforttoimplementRFC9000QUICprotocol.

Documentation

Onlinedocumentationisavailable.

Publictestserver

Thefollowingendpointsareavailabletotryoutngtcp2implementation:

https://nghttp2.org:4433

https://nghttp2.org:4434(requiresaddressvalidationtoken)

https://nghttp2.org(poweredbynghttpx)

ThisendpointssendsAlt-SvcheaderfieldtoclientsifitisaccessedviaHTTP/1.1orHTTP/2totellthemthatHTTP/3isavailableatUDP443.

Requirements

Thelibngtcp2Clibraryitselfdoesnotdependonanyexternallibraries.Theexampleclient,andserverarewritteninC++17,andshouldcompilewiththemodernC++compilers(e.g.,clang>=8.0,orgcc>=8.0).

Thefollowingpackagesarerequiredtoconfigurethebuildsystem:

pkg-config>=0.20autoconfautomakeautotools-devlibtool

libngtcp2usescunitforitsunittestframework:

cunit>=2.1

Tobuildsourcesundertheexamplesdirectory,libevandnghttp3arerequired:

libevnghttp3forHTTP/3

ngtcp2cryptohelperlibrary,andclientandserverunderexamplesdirectoryrequireatleastoneofthefollowingTLSbackends:

OpenSSLwithQUICsupportGnuTLS>=3.7.2BoringSSL(commitf6ef1c560ae5af51e2df5d8d2175bed207b28b8f)Buildfromgit$gitclone--depth1-bOpenSSL_1_1_1l+quichttps://github.com/quictls/openssl$cdopenssl$#ForLinux$./configenable-tls1_3--prefix=$PWD/build$make-j$(nproc)$makeinstall_sw$cd..$gitclonehttps://github.com/ngtcp2/nghttp3$cdnghttp3$autoreconf-i$./configure--prefix=$PWD/build--enable-lib-only$make-j$(nproc)check$makeinstall$cd..$gitclonehttps://github.com/ngtcp2/ngtcp2$cdngtcp2$autoreconf-i$#ForMacuserswhohaveinstalledlibevwithMacPorts,append$#',-L/opt/local/lib'toLDFLAGS,andalsopass$#CPPFLAGS="-I/opt/local/include"to./configure.$#ForOpenSSLv3.0.0,replace"openssl/build/lib"with$#"openssl/build/lib64".$./configurePKG_CONFIG_PATH=$PWD/../openssl/build/lib/pkgconfig:$PWD/../nghttp3/build/lib/pkgconfigLDFLAGS="-Wl,-rpath,$PWD/../openssl/build/lib"$make-j$(nproc)checkClient/Server

Aftersuccessfulbuild,theclientandserverexecutableshouldbefoundunderexamplesdirectory.TheytalkHTTP/3.

Client$examples/client[OPTIONS]<HOST><PORT>[<URI>...]

Thenotableoptionsare:

-d,--data=<PATH>:Readdatafrom<PATH>andsendittoapeer.Server$examples/server[OPTIONS]<ADDR><PORT><PRIVATE_KEY_FILE><CERTIFICATE_FILE>

Thenotableoptionsare:

-V,--validate-addr:Enforcestatelessaddressvalidation.H09client/H09server

Thereareh09clientandh09serverwhichspeakHTTP/0.9.Theyarewrittenjustforquic-interop-runner.TheysharethebasicfunctionalitieswithHTTP/3clientandserverbuthavelessfunctions(e.g.,h09clientdoesnothaveacapabilitytosendrequestbody,andh09serverdoesnotunderstandnumericrequestpath,like/1000).

Resumptionand0-RTT

Inordertoresumeasession,asessionticket,andatransportparametersmustbefetchedfromserver.First,runexamples/clientwith--session-file,and--tp-fileoptionswhichspecifyapathtosessionticket,andtransportparameterfilesrespectivelytosavethemlocally.

Oncethesefilesareavailable,runexamples/clientwiththesameargumentsagain.Youwillseethatsessionisresumedinyourlogifresumptionsucceeds.Resumingsessionmakesserver'sfirstHandshakepacketprettysmallbecauseitdoesnotsenditscertificates.

Tosend0-RTTdata,aftermakingsurethatresumptionworks,use-doptiontospecifyafilewhichcontainsdatatosend.

Token(NotsomethingincludedinRetrypacket)

QUICservermightsendatokentoclientafterconnectionhasbeenestablished.Clientcansendthistokeninsubsequentconnectiontotheserver.Serververifiesthetokenandifitsucceeds,theaddressvalidationcompletesandliftssomerestrictionsonserverwhichmightspeeduptransfer.Inordertosaveand/orloadatoken,use--token-fileoptionofexamples/client.Thegivenfileisoverwrittenifitalreadyexistswhenstoringatoken.

Cryptohelperlibrary

InordertomakeTLSstackintegrationlesspainful,weprovideacryptohelperlibrarywhichoffersthebasiccryptooperations.

Theheaderfileexistsundercrypto/includes/ngtcp2directory.

EachlibraryfileisbuiltforaparticularTLSbackend.Theavailablecryptohelperlibrariesare:

libngtcp2_crypto_openssl:UseOpenSSLasTLSbackendlibngtcp2_crypto_gnutls:UseGnuTLSasTLSbackendlibngtcp2_crypto_boringssl:UseBoringSSLasTLSbackend

BecauseBoringSSLisanunversionedproduct,weonlytesteditsparticularrevision.SeeRequirementssectionabove.

TheexamplesdirectorycontainsclientandserverthatarelinkedtothosecryptohelperlibrariesandTLSbackends.Theyareonlybuiltiftheircorrespondingcryptohelperlibraryisbuilt:

client:OpenSSLclientserver:OpenSSLservergtlsclient:GnuTLSclientgtlsserver:GnuTLSserverbsslclient:BoringSSLclientbsslserver:BoringSSLserverQUICprotocolextensions

ThelibraryimplementsthefollowingQUICprotocolextensions:

AnUnreliableDatagramExtensiontoQUICGreasingtheQUICBitConfiguringWiresharkforQUIC

WiresharkcanbeconfiguredtoanalyzeQUICtrafficusingthefollowingsteps:

SetSSLKEYLOGFILEenvironmentvariable:

$exportSSLKEYLOGFILE=quic_keylog_file

SettheportthatQUICuses

GotoPreferences->Protocols->QUICandsettheporttheprogramlistensto.Inthecaseoftheexampleapplicationthiswouldbetheportspecifiedonthecommandline.

SetPre-Master-Secretlogfile

GotoPreferences->Protocols->TLSaddsetthePre-Master-SecretlogfiletothesamevaluethatwasspecifiedforSSLKEYLOGFILE.

Choosethecorrectnetworkinterfaceforcapturing

Makesureyouchoosethecorrectnetworkinterfaceforcapturing.Forexample,ifusinglocalhostchoosetheloopbacknetworkinterfaceonmacos.

Createafilter

CreateAfilterfortheudp.portandsettheporttotheporttheapplicationislisteningto.Forexample:

udp.port==7777License

TheMITLicense

ngtcp2开源项目

作品详情

重点城市程序员兼职推荐

重点岗位程序员兼职推荐