Home >System Tutorial >LINUX >Debian Curl Now Supports HTTP3: What You Need To Know

Debian Curl Now Supports HTTP3: What You Need To Know

Lisa Kudrow
Lisa KudrowOriginal
2025-03-16 09:36:11144browse

Debian Curl Now Supports HTTP3: What You Need To Know

Great news for Debian users! Curl now boasts HTTP/3 support, starting with version 8.0.0-2. This upgrade significantly boosts curl's performance and efficiency in web communication.

Table of Contents

  • HTTP/3 Availability Across Debian Versions
  • Addressing Implementation Challenges
  • Deployment Process and Steps
  • Maintaining System Stability
  • Summary

Using HTTP/3 with Curl in Debian

Testing this new feature is simple, using the --http3-only flag:

curl --http3-only https://example.com

For containerized testing with Podman:

podman run debian:unstable apt update -y && apt install -y curl && curl --http3-only https://example.com

Note: The apt update command is included for clarity; this is necessary for the upgrade and installation. This isn't yet available in the stable release.

HTTP/3 Availability Across Debian Versions

HTTP/3 support is being rolled out across Debian versions:

  • Debian Unstable: Available since July 2, 2024.
  • Debian Testing: Expected mid-July 2024 (pending any issues).
  • Debian 12 (bookworm) Backports: Available once the package reaches Debian Testing.
  • Debian 12 (bookworm): Not in the standard repository due to Debian's stability focus, but accessible via backports.
  • Debian Derivatives: Rolling releases will receive it upon its arrival in Debian Testing. Stable derivatives will include it in their next major release.

Addressing Implementation Challenges

HTTP/3's relative newness presented challenges:

  1. OpenSSL Limitations: OpenSSL's incomplete HTTP/3 support and the widespread use of OpenSSL in curl packages made switching TLS backends risky.
  2. Performance Concerns: OpenSSL's HTTP/3 performance in version 3.3 was suboptimal.
  3. nginx Compatibility: While nginx supports HTTP/3 via OpenSSL, it recommends alternative SSL libraries (BoringSSL, LibreSSL, or QuicTLS) for enhanced QUIC support.

Debian's solution involved leveraging GnuTLS, which recently gained robust HTTP/3 support via ngtcp2 and nghttp3.

Deployment Process and Steps

Debian's curl package traditionally includes both OpenSSL and GnuTLS libcurl variants. The GnuTLS variant already supports HTTP/3.

Key Steps:

  1. Dependency Fulfillment: Ensuring all dependencies met minimum requirements.
  2. Enabling GnuTLS HTTP/3: Activating HTTP/3 support within the GnuTLS libcurl version.
  3. TLS Backend Transition: Switching the curl CLI's TLS backend from OpenSSL to GnuTLS.

This involved nghttp3 updates (necessitating a SONAME bump) and compatibility checks. Once dependencies were ready, enabling HTTP/3 was straightforward.

Maintaining System Stability

To prevent disruptions:

  1. No Immediate Stable Release Push: The update won't be included in current stable releases; it will be in the next stable release (13/trixie).
  2. Risk Assessment: A thorough evaluation of potential functionality loss due to the OpenSSL backend shift. The primary concern was the experimental Encrypted Client Hello (ECH), unsupported by standard OpenSSL.
  3. Comprehensive CI Testing: CI tests for all curl-dependent packages were run to identify and address potential breakages. Results were compared against the pre-change OpenSSL curl CLI.

Deployment to Debian Testing is anticipated within a few days (approximately 5 days), pending any issues. Resolution of any problems before migration is expected to take under a month.

Summary

HTTP/3 integration in Debian's curl is a major advancement, enhancing performance and aligning with current web standards. Debian developers carefully managed this complex upgrade to maintain stability and reliability for all users.

Resources:

  • Debian's curl now supports HTTP/3

The above is the detailed content of Debian Curl Now Supports HTTP3: What You Need To Know. For more information, please follow other related articles on the PHP Chinese website!

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn