我使用支持http2.0协议安装curl,我在版本信息中看到HTTP2。
$ ./curl --version
curl 7.42.1 (x86_64-apple-darwin14.5.0) libcurl/7.42.1 OpenSSL/1.0.2a zlib/1.2.5 nghttp2/0.7.13
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP HTTP2 UnixSockets
但是当我通过curl发送请求时(使用详细模式),我看到了http1.1协议。
./curl -v --http2 https://http2bin.org/get
* Trying 104.131.161.90...
* Connected to http2bin.org (104.131.161.90) port 443 (#0)
* ALPN, offering h2-14
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /usr/local/etc/openssl/cert.pem
CApath: none
* TLSv1.2, TLS Unknown, Unknown (22):
* TLSv1.2, TLS handshake, Client hello (1):
* SSLv2, Unknown (22):
* TLSv1.2, TLS handshake, Server hello (2):
* SSLv2, Unknown (22):
* TLSv1.2, TLS handshake, CERT (11):
* SSLv2, Unknown (22):
* TLSv1.2, TLS handshake, Server key exchange (12):
* SSLv2, Unknown (22):
* TLSv1.2, TLS handshake, Server finished (14):
* SSLv2, Unknown (22):
* TLSv1.2, TLS handshake, Client key exchange (16):
* SSLv2, Unknown (20):
* TLSv1.2, TLS change cipher, Client hello (1):
* SSLv2, Unknown (22):
* TLSv1.2, TLS handshake, Finished (20):
* SSLv2, Unknown (20):
* TLSv1.2, TLS change cipher, Client hello (1):
* SSLv2, Unknown (22):
* TLSv1.2, TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use h2-14
* Server certificate:
* subject: OU=Domain Control Validated; OU=EssentialSSL; CN=www.http2bin.org
* start date: 2015-02-21 00:00:00 GMT
* expire date: 2016-02-21 23:59:59 GMT
* subjectAltName: http2bin.org matched
* issuer: C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO RSA Domain Validation Secure Server CA
* SSL certificate verify ok.
* Using HTTP2
* Using HTTP2
* SSLv2, Unknown (23):
* SSLv2, Unknown (23):
* SSLv2, Unknown (23):
> GET /get HTTP/1.1
> Host: http2bin.org
> User-Agent: curl/7.42.1
> Accept: */*
>
* http2_recv: 16384 bytes buffer
* SSLv2, Unknown (23):
* SSLv2, Unknown (23):
* http2_recv: 16384 bytes buffer
* SSLv2, Unknown (23):
* http2_recv: 16384 bytes buffer
* SSLv2, Unknown (23):
< HTTP/2.0 200
< server:h2o/1.6.1
< date:Wed, 03 Feb 2016 15:44:23 GMT
< content-type:application/json
< access-control-allow-origin:*
< access-control-allow-credentials:true
< x-clacks-overhead:GNU Terry Pratchett
< content-length:252
<
{
"args": {},
"headers": {
"Accept": "*/*",
"Connection": "keep-alive",
"Host": "http2bin.org",
"User-Agent": "curl/7.42.1",
"Via": "2 http2bin.org"
},
"origin": "193.238.96.12",
"url": "https://http2bin.org/get"
}
* Connection #0 to host http2bin.org left intact
现在cURL通过HTTP / 1.1发送请求
如果我设置--http1.0选项,则cURL通过HTTP / 1.0发送请求。
为什么cURL不通过HTTP / 2.0发送请求?
操作系统:OS X Yosemite(10.10.5)。
通过HomeBrew安装cURL和OpenSSL。
感谢。
答案 0 :(得分:4)
它实际上已经发送和接收HTTP / 2(draft-14版本,这是规范的预发布版本)。您应该考虑升级curl和nghttp2库,使其说出最终版本的HTTP / 2协议(RFC 7540)。
来自服务器的提示:
* ALPN, server accepted to use h2-14
curl显示使用HTTP / 1样式的请求使其看起来很熟悉,但在引擎盖下它将其转换为HTTP / 2并将其发送出去。
然后服务器以HTTP / 2响应:
< HTTP/2.0 200
< server:h2o/1.6.1
< date:Wed, 03 Feb 2016 15:44:23 GMT
< content-type:application/json
< access-control-allow-origin:*
[snip]
答案 1 :(得分:1)
我在使用最新的 curl 时遇到了同样的问题。
$ curl -V
curl 7.76.0 (x86_64-redhat-linux-gnu) libcurl/7.76.0 NSS/3.44 zlib/1.2.7 libpsl/0.7.0 (+libicu/50.1.2) libssh2/1.9.0 nghttp2/1.21.1
Release-Date: 2021-03-31
Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS GSS-API HTTP2 HTTPS-proxy IPv6 Kerberos Largefile libz Metalink NTLM NTLM_WB PSL SPNEGO SSL UnixSockets
但是当我通过 curl(使用详细模式)发送请求时,我看到了 http1.1 协议。
$ curl -v --http2 https://nghttp2.org/
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 139.162.123.134:443...
* Connected to nghttp2.org (139.162.123.134) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: none
* CApath: none
* loaded libnssckbi.so
* ALPN, server accepted to use http/1.1
* SSL connection using TLS_AES_256_GCM_SHA384
* Server certificate:
* subject: CN=nghttp2.org
* start date: Mar 20 00:00:06 2021 GMT
* expire date: Jun 18 00:00:06 2021 GMT
* common name: nghttp2.org
* issuer: CN=R3,O=Let's Encrypt,C=US
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0> GET / HTTP/1.1
> Host: nghttp2.org
> User-Agent: curl/7.76.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Date: Tue, 06 Apr 2021 17:08:31 GMT
< Content-Type: text/html
< Last-Modified: Tue, 02 Feb 2021 11:41:51 GMT
< Etag: "60193a7f-19d8"
< Accept-Ranges: bytes
< Content-Length: 6616
< X-Backend-Header-Rtt: 0.001242
< Strict-Transport-Security: max-age=31536000
< Server: nghttpx
< Via: 2 nghttpx
< alt-svc: h3-29=":443"; ma=3600
< x-frame-options: SAMEORIGIN
< x-xss-protection: 1; mode=block
< x-content-type-options: nosniff
<
{ [869 bytes data]
100 6616 100 6
或者甚至尝试这个给 HTTP 1.1
$ curl -I https://nghttp2.org/
HTTP/1.1 200 OK
Date: Tue, 06 Apr 2021 17:10:12 GMT
Content-Type: text/html
Last-Modified: Tue, 02 Feb 2021 11:41:51 GMT
Etag: "60193a7f-19d8"
Accept-Ranges: bytes
Content-Length: 6616
X-Backend-Header-Rtt: 0.001535
Strict-Transport-Security: max-age=31536000
Server: nghttpx
Via: 2 nghttpx
alt-svc: h3-29=":443"; ma=3600
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
我已经更新了最新的 CURL 版本,它在 CentOS 7 上运行 请让我知道可能的问题是什么,或者需要在与证书问题相关的服务器上专门检查什么?
谢谢