Home Debian Debian Curl Now Supports HTTP3: What You Need To Know

Debian Curl Now Supports HTTP3: What You Need To Know

Experience Faster Downloads and Enhanced Security with HTTP3 in Debian Curl.

By sk
Published: Updated: 976 views

Good news for Debian users! HTTP3 arrives in Debian Curl. Yes, starting with curl 8.0.0-2, Debian users can now utilize HTTP3. This marks a significant upgrade in the capabilities of curl, enhancing its performance and efficiency in handling web communications.

How to use HTTP3 with Curl in Debian

This new feature can be easily tested using the --http3-only flag.

To use HTTP3 with curl, simply run the following command:

curl --http3-only https://example.com

Alternatively, you can test it in a container using Podman:

podman run debian:unstable apt install --update -y curl && curl --http3-only https://example.com

Note that the apt command now includes the --update option for the upgrade and install commands, although this feature is not yet available in the stable version.

Availability Across Debian Versions

The HTTP3 support for curl is rolling out across different Debian versions.

  • Debian Unstable: Already available since July 2, 2024.
  • Debian Testing: Expected to receive the update in mid-July 2024, assuming no issues arise.
  • Debian 12/bookworm Backports: Will be available as soon as the package reaches Debian Testing.
  • Debian 12/bookworm: Due to Debian's commitment to stability, this feature won't be shipped in the regular repository for Debian 12. However, users can access it through the backports repositories.
  • Debian Derivatives: Rolling releases will receive it when it's in Debian Testing. Stable derivatives will include it in their next major release.

Overcoming Technical Challenges

HTTP3 is relatively new, and no other Linux distribution currently supports it in curl. The primary challenges include:

  1. OpenSSL Support: OpenSSL lacks proper HTTP3 support. Almost every curl package uses OpenSSL, making it risky to switch the TLS backend.
  2. Performance Issues: The performance of OpenSSL is not yet satisfactory for HTTP3 as of version 3.3.
  3. Nginx Compatibility: Although nginx supports HTTP3 through OpenSSL, it recommends using other SSL libraries like BoringSSL, LibreSSL, or QuicTLS for better QUIC support.

Debian curl uses GnuTLS, which recently gained non-experimental support for HTTP3 via ngtcp2 and nghttp3. This made it feasible to enable HTTP3 in Debian's curl package.

Implementation Process

Debian's curl package historically includes both OpenSSL and GnuTLS variants of libcurl. The GnuTLS variant can already support HTTP3, while the OpenSSL variant cannot.

Steps Taken

The Debian developers took the following steps to implement this feature in curl:

  1. Fulfill Dependencies: Ensure all required dependencies meet the minimum requirements.
  2. Enable HTTP3 for GnuTLS libcurl: Activate HTTP3 support in the GnuTLS version of libcurl.
  3. Switch TLS Backend: Change the curl CLI's TLS backend from OpenSSL to GnuTLS.

This process involved updating nghttp3, which required a transition due to a SONAME bump, and ensuring all dependencies were compatible. Once dependencies were in place, enabling HTTP3 was straightforward.

Ensuring Stability

To avoid breaking users' environments, the following steps were taken:

  1. No Direct Push to Stable: The change will not be pushed to current stable releases. It will be present in the next stable release (13/trixie).
  2. Risk Analysis: Assess the risk of losing functionality limited to the OpenSSL backend. The only significant feature potentially affected is the experimental Encrypted Client Hello (ECH), which is not yet supported by standard OpenSSL.
  3. CI Testing: The CI tests for all packages depending on curl are running to ensure no breakages. Results are compared against the pre-change curl CLI with OpenSSL.

If no issues arise, curl with HTTP3 support will migrate to Debian Testing in a couple days (approximately 5 days). If problems are found, they will be addressed before migration, which is expected to take less than a month.


Related Read:


Conclusion

The inclusion of HTTP3 in Debian's curl is a significant step forward. It enhances the performance and capabilities of curl, aligning with the latest web standards. Even though this upgrade is complex, the Debian developers carefully managed it to ensure stability and reliability for all users.

Resource:

You May Also Like

Leave a Comment

* By using this form you agree with the storage and handling of your data by this website.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. By using this site, we will assume that you're OK with it. Accept Read More