Fatal编程技术网
  • curl/
  • Can';t使用curl发送HTTP/2请求

Can';t使用curl发送HTTP/2请求

curl openssl

Can';t使用curl发送HTTP/2请求,curl,openssl,osx-yosemite,http2,Curl,Openssl,Osx Yosemite,Http2,我安装了支持http2.0协议的curl,我在版本信息中看到了http2 $ ./curl --version curl 7.42.1 (x86_64-apple-darwin14.5.0) libcurl/7.42.1 OpenSSL/1.0.2a zlib/1.2.5 nghttp2/0.7.13 Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smb smbs smt

我安装了支持http2.0协议的curl,我在版本信息中看到了http2

$ ./curl --version
curl 7.42.1 (x86_64-apple-darwin14.5.0) libcurl/7.42.1 OpenSSL/1.0.2a zlib/1.2.5 nghttp2/0.7.13
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp 
Features: IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP HTTP2 UnixSockets
但当我通过curl(使用verbose模式)发送请求时,我看到了http1.1协议

./curl -v --http2 https://http2bin.org/get
*   Trying 104.131.161.90...
* Connected to http2bin.org (104.131.161.90) port 443 (#0)
* ALPN, offering h2-14
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /usr/local/etc/openssl/cert.pem
  CApath: none
* TLSv1.2, TLS Unknown, Unknown (22):
* TLSv1.2, TLS handshake, Client hello (1):
* SSLv2, Unknown (22):
* TLSv1.2, TLS handshake, Server hello (2):
* SSLv2, Unknown (22):
* TLSv1.2, TLS handshake, CERT (11):
* SSLv2, Unknown (22):
* TLSv1.2, TLS handshake, Server key exchange (12):
* SSLv2, Unknown (22):
* TLSv1.2, TLS handshake, Server finished (14):
* SSLv2, Unknown (22):
* TLSv1.2, TLS handshake, Client key exchange (16):
* SSLv2, Unknown (20):
* TLSv1.2, TLS change cipher, Client hello (1):
* SSLv2, Unknown (22):
* TLSv1.2, TLS handshake, Finished (20):
* SSLv2, Unknown (20):
* TLSv1.2, TLS change cipher, Client hello (1):
* SSLv2, Unknown (22):
* TLSv1.2, TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use h2-14
* Server certificate:
*    subject: OU=Domain Control Validated; OU=EssentialSSL; CN=www.http2bin.org
*    start date: 2015-02-21 00:00:00 GMT
*    expire date: 2016-02-21 23:59:59 GMT
*    subjectAltName: http2bin.org matched
*    issuer: C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO RSA Domain Validation Secure Server CA
*    SSL certificate verify ok.
* Using HTTP2
* Using HTTP2
* SSLv2, Unknown (23):
* SSLv2, Unknown (23):
* SSLv2, Unknown (23):
> GET /get HTTP/1.1
> Host: http2bin.org
> User-Agent: curl/7.42.1
> Accept: */*
> 
* http2_recv: 16384 bytes buffer
* SSLv2, Unknown (23):
* SSLv2, Unknown (23):
* http2_recv: 16384 bytes buffer
* SSLv2, Unknown (23):
* http2_recv: 16384 bytes buffer
* SSLv2, Unknown (23):
< HTTP/2.0 200
< server:h2o/1.6.1
< date:Wed, 03 Feb 2016 15:44:23 GMT
< content-type:application/json
< access-control-allow-origin:*
< access-control-allow-credentials:true
< x-clacks-overhead:GNU Terry Pratchett
< content-length:252
< 
{
  "args": {}, 
  "headers": {
    "Accept": "*/*", 
    "Connection": "keep-alive", 
    "Host": "http2bin.org", 
    "User-Agent": "curl/7.42.1", 
    "Via": "2 http2bin.org"
  }, 
  "origin": "193.238.96.12", 
  "url": "https://http2bin.org/get"
}
* Connection #0 to host http2bin.org left intact

$ curl -v --http2  https://nghttp2.org/ 
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying 139.162.123.134:443...
* Connected to nghttp2.org (139.162.123.134) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*  CAfile: none
*  CApath: none
* loaded libnssckbi.so
* ALPN, server accepted to use http/1.1
* SSL connection using TLS_AES_256_GCM_SHA384
* Server certificate:
*       subject: CN=nghttp2.org
*       start date: Mar 20 00:00:06 2021 GMT
*       expire date: Jun 18 00:00:06 2021 GMT
*       common name: nghttp2.org
*       issuer: CN=R3,O=Let's Encrypt,C=US
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0> GET / HTTP/1.1
> Host: nghttp2.org
> User-Agent: curl/7.76.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Date: Tue, 06 Apr 2021 17:08:31 GMT
< Content-Type: text/html
< Last-Modified: Tue, 02 Feb 2021 11:41:51 GMT
< Etag: "60193a7f-19d8"
< Accept-Ranges: bytes
< Content-Length: 6616
< X-Backend-Header-Rtt: 0.001242
< Strict-Transport-Security: max-age=31536000
< Server: nghttpx
< Via: 2 nghttpx
< alt-svc: h3-29=":443"; ma=3600
< x-frame-options: SAMEORIGIN
< x-xss-protection: 1; mode=block
< x-content-type-options: nosniff
<
{ [869 bytes data]
100  6616  100  6

/curl-v--http2https://http2bin.org/get
*正在尝试104.131.161.90。。。
*连接到http2bin.org(104.131.161.90)端口443(#0)
*阿尔卑斯山,提供h2-14
*ALPN,提供http/1.1
*密码选择:全部:!出口:!出口40:!出口56:!阿努尔:!低:!RC4:@强度
*已成功设置证书验证位置:
*CAfile:/usr/local/etc/openssl/cert.pem
卡帕斯:没有
*TLSv1.2,TLS未知,未知(22):
*TLSv1.2,TLS握手,客户端你好(1):
*SSLv2,未知(22):
*TLSv1.2,TLS握手,服务器你好(2):
*SSLv2,未知(22):
*TLSv1.2,TLS握手,证书(11):
*SSLv2,未知(22):
*TLSv1.2,TLS握手,服务器密钥交换(12):
*SSLv2,未知(22):
*TLSv1.2,TLS握手,服务器完成(14):
*SSLv2,未知(22):
*TLSv1.2,TLS握手,客户端密钥交换(16):
*SSLv2,未知(20):
*TLSv1.2,TLS更改密码,客户端hello(1):
*SSLv2,未知(22):
*TLSv1.2,TLS握手,完成(20):
*SSLv2,未知(20):
*TLSv1.2,TLS更改密码,客户端hello(1):
*SSLv2,未知(22):
*TLSv1.2,TLS握手,完成(20):
*使用TLSv1.2/ECDHE-RSA-AES256-GCM-SHA384的SSL连接
*ALPN,服务器接受使用h2-14
*服务器证书:
*主题:OU=已验证的域控制;OU=基本SL;CN=www.http2bin.org
*开始日期:2015-02-21 00:00:00 GMT
*过期日期:2016-02-21 23:59:59 GMT
*主题名称:http2bin.org
*发行人:C=GB;ST=大曼彻斯特;L=萨尔福德;O=科摩多CA有限公司;CN=COMODO RSA域验证安全服务器CA
*SSL证书验证正常。
*使用HTTP2
*使用HTTP2
*SSLv2,未知(23):
*SSLv2,未知(23):
*SSLv2,未知(23):
>获取/获取HTTP/1.1
>主持人:http2bin.org
>用户代理:curl/7.42.1
>接受:*/*
> 
*http2_recv:16384字节缓冲区
*SSLv2,未知(23):
*SSLv2,未知(23):
*http2_recv:16384字节缓冲区
*SSLv2,未知(23):
*http2_recv:16384字节缓冲区
*SSLv2,未知(23):
现在通过HTTP/1.1发送请求

如果我设置了
--http1.0
选项,那么cURL将通过HTTP/1.0发送请求

为什么不通过HTTP/2.0发送请求

操作系统:OSXYosemite(10.10.5)

通过自制安装cURL和OpenSSL

谢谢。

它实际上已经发送和接收了HTTP/2(draft-14版本,这是规范的预发布版本)。您应该考虑升级CURL和NGHTTP2库,以使其能够说出HTTP/2协议(RFC 7540)的最终版本。 来自服务器的提示:

* ALPN, server accepted to use h2-14
curl使用HTTP/1样式显示请求,使其看起来很熟悉,但在后台它将其转换为HTTP/2并发送出去

然后,服务器用HTTP/2响应:

< HTTP/2.0 200
< server:h2o/1.6.1
< date:Wed, 03 Feb 2016 15:44:23 GMT
< content-type:application/json
< access-control-allow-origin:*
[snip]
它实际上已经发送和接收了HTTP/2(draft-14版本,这是规范的预发布版本)。您应该考虑升级CURL和NGHTTP2库,以使其能够说出HTTP/2协议(RFC 7540)的最终版本。 来自服务器的提示:

* ALPN, server accepted to use h2-14
curl使用HTTP/1样式显示请求,使其看起来很熟悉,但在后台它将其转换为HTTP/2并发送出去

然后,服务器用HTTP/2响应:

< HTTP/2.0 200
< server:h2o/1.6.1
< date:Wed, 03 Feb 2016 15:44:23 GMT
< content-type:application/json
< access-control-allow-origin:*
[snip]
我对最新的卷发也有同样的问题

$ curl -V
curl 7.76.0 (x86_64-redhat-linux-gnu) libcurl/7.76.0 NSS/3.44 zlib/1.2.7 libpsl/0.7.0 (+libicu/50.1.2) libssh2/1.9.0 nghttp2/1.21.1
Release-Date: 2021-03-31
Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS GSS-API HTTP2 HTTPS-proxy IPv6 Kerberos Largefile libz Metalink NTLM NTLM_WB PSL SPNEGO SSL UnixSockets
但是当我通过curl(使用verbose模式)发送请求时,我看到了http1.1协议

./curl -v --http2 https://http2bin.org/get
*   Trying 104.131.161.90...
* Connected to http2bin.org (104.131.161.90) port 443 (#0)
* ALPN, offering h2-14
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /usr/local/etc/openssl/cert.pem
  CApath: none
* TLSv1.2, TLS Unknown, Unknown (22):
* TLSv1.2, TLS handshake, Client hello (1):
* SSLv2, Unknown (22):
* TLSv1.2, TLS handshake, Server hello (2):
* SSLv2, Unknown (22):
* TLSv1.2, TLS handshake, CERT (11):
* SSLv2, Unknown (22):
* TLSv1.2, TLS handshake, Server key exchange (12):
* SSLv2, Unknown (22):
* TLSv1.2, TLS handshake, Server finished (14):
* SSLv2, Unknown (22):
* TLSv1.2, TLS handshake, Client key exchange (16):
* SSLv2, Unknown (20):
* TLSv1.2, TLS change cipher, Client hello (1):
* SSLv2, Unknown (22):
* TLSv1.2, TLS handshake, Finished (20):
* SSLv2, Unknown (20):
* TLSv1.2, TLS change cipher, Client hello (1):
* SSLv2, Unknown (22):
* TLSv1.2, TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use h2-14
* Server certificate:
*    subject: OU=Domain Control Validated; OU=EssentialSSL; CN=www.http2bin.org
*    start date: 2015-02-21 00:00:00 GMT
*    expire date: 2016-02-21 23:59:59 GMT
*    subjectAltName: http2bin.org matched
*    issuer: C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO RSA Domain Validation Secure Server CA
*    SSL certificate verify ok.
* Using HTTP2
* Using HTTP2
* SSLv2, Unknown (23):
* SSLv2, Unknown (23):
* SSLv2, Unknown (23):
> GET /get HTTP/1.1
> Host: http2bin.org
> User-Agent: curl/7.42.1
> Accept: */*
> 
* http2_recv: 16384 bytes buffer
* SSLv2, Unknown (23):
* SSLv2, Unknown (23):
* http2_recv: 16384 bytes buffer
* SSLv2, Unknown (23):
* http2_recv: 16384 bytes buffer
* SSLv2, Unknown (23):
< HTTP/2.0 200
< server:h2o/1.6.1
< date:Wed, 03 Feb 2016 15:44:23 GMT
< content-type:application/json
< access-control-allow-origin:*
< access-control-allow-credentials:true
< x-clacks-overhead:GNU Terry Pratchett
< content-length:252
< 
{
  "args": {}, 
  "headers": {
    "Accept": "*/*", 
    "Connection": "keep-alive", 
    "Host": "http2bin.org", 
    "User-Agent": "curl/7.42.1", 
    "Via": "2 http2bin.org"
  }, 
  "origin": "193.238.96.12", 
  "url": "https://http2bin.org/get"
}
* Connection #0 to host http2bin.org left intact

$ curl -v --http2  https://nghttp2.org/ 
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying 139.162.123.134:443...
* Connected to nghttp2.org (139.162.123.134) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*  CAfile: none
*  CApath: none
* loaded libnssckbi.so
* ALPN, server accepted to use http/1.1
* SSL connection using TLS_AES_256_GCM_SHA384
* Server certificate:
*       subject: CN=nghttp2.org
*       start date: Mar 20 00:00:06 2021 GMT
*       expire date: Jun 18 00:00:06 2021 GMT
*       common name: nghttp2.org
*       issuer: CN=R3,O=Let's Encrypt,C=US
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0> GET / HTTP/1.1
> Host: nghttp2.org
> User-Agent: curl/7.76.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Date: Tue, 06 Apr 2021 17:08:31 GMT
< Content-Type: text/html
< Last-Modified: Tue, 02 Feb 2021 11:41:51 GMT
< Etag: "60193a7f-19d8"
< Accept-Ranges: bytes
< Content-Length: 6616
< X-Backend-Header-Rtt: 0.001242
< Strict-Transport-Security: max-age=31536000
< Server: nghttpx
< Via: 2 nghttpx
< alt-svc: h3-29=":443"; ma=3600
< x-frame-options: SAMEORIGIN
< x-xss-protection: 1; mode=block
< x-content-type-options: nosniff
<
{ [869 bytes data]
100  6616  100  6
我已经更新了最新的CURL版本,它正在CentOS 7上运行 请让我知道什么可能是问题或什么东西,特别是在服务器上检查有关证书问题

谢谢

我对最新的卷发也有同样的问题

$ curl -V
curl 7.76.0 (x86_64-redhat-linux-gnu) libcurl/7.76.0 NSS/3.44 zlib/1.2.7 libpsl/0.7.0 (+libicu/50.1.2) libssh2/1.9.0 nghttp2/1.21.1
Release-Date: 2021-03-31
Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS GSS-API HTTP2 HTTPS-proxy IPv6 Kerberos Largefile libz Metalink NTLM NTLM_WB PSL SPNEGO SSL UnixSockets
但是当我通过curl(使用verbose模式)发送请求时,我看到了http1.1协议

./curl -v --http2 https://http2bin.org/get
*   Trying 104.131.161.90...
* Connected to http2bin.org (104.131.161.90) port 443 (#0)
* ALPN, offering h2-14
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /usr/local/etc/openssl/cert.pem
  CApath: none
* TLSv1.2, TLS Unknown, Unknown (22):
* TLSv1.2, TLS handshake, Client hello (1):
* SSLv2, Unknown (22):
* TLSv1.2, TLS handshake, Server hello (2):
* SSLv2, Unknown (22):
* TLSv1.2, TLS handshake, CERT (11):
* SSLv2, Unknown (22):
* TLSv1.2, TLS handshake, Server key exchange (12):
* SSLv2, Unknown (22):
* TLSv1.2, TLS handshake, Server finished (14):
* SSLv2, Unknown (22):
* TLSv1.2, TLS handshake, Client key exchange (16):
* SSLv2, Unknown (20):
* TLSv1.2, TLS change cipher, Client hello (1):
* SSLv2, Unknown (22):
* TLSv1.2, TLS handshake, Finished (20):
* SSLv2, Unknown (20):
* TLSv1.2, TLS change cipher, Client hello (1):
* SSLv2, Unknown (22):
* TLSv1.2, TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use h2-14
* Server certificate:
*    subject: OU=Domain Control Validated; OU=EssentialSSL; CN=www.http2bin.org
*    start date: 2015-02-21 00:00:00 GMT
*    expire date: 2016-02-21 23:59:59 GMT
*    subjectAltName: http2bin.org matched
*    issuer: C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO RSA Domain Validation Secure Server CA
*    SSL certificate verify ok.
* Using HTTP2
* Using HTTP2
* SSLv2, Unknown (23):
* SSLv2, Unknown (23):
* SSLv2, Unknown (23):
> GET /get HTTP/1.1
> Host: http2bin.org
> User-Agent: curl/7.42.1
> Accept: */*
> 
* http2_recv: 16384 bytes buffer
* SSLv2, Unknown (23):
* SSLv2, Unknown (23):
* http2_recv: 16384 bytes buffer
* SSLv2, Unknown (23):
* http2_recv: 16384 bytes buffer
* SSLv2, Unknown (23):
< HTTP/2.0 200
< server:h2o/1.6.1
< date:Wed, 03 Feb 2016 15:44:23 GMT
< content-type:application/json
< access-control-allow-origin:*
< access-control-allow-credentials:true
< x-clacks-overhead:GNU Terry Pratchett
< content-length:252
< 
{
  "args": {}, 
  "headers": {
    "Accept": "*/*", 
    "Connection": "keep-alive", 
    "Host": "http2bin.org", 
    "User-Agent": "curl/7.42.1", 
    "Via": "2 http2bin.org"
  }, 
  "origin": "193.238.96.12", 
  "url": "https://http2bin.org/get"
}
* Connection #0 to host http2bin.org left intact

$ curl -v --http2  https://nghttp2.org/ 
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying 139.162.123.134:443...
* Connected to nghttp2.org (139.162.123.134) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*  CAfile: none
*  CApath: none
* loaded libnssckbi.so
* ALPN, server accepted to use http/1.1
* SSL connection using TLS_AES_256_GCM_SHA384
* Server certificate:
*       subject: CN=nghttp2.org
*       start date: Mar 20 00:00:06 2021 GMT
*       expire date: Jun 18 00:00:06 2021 GMT
*       common name: nghttp2.org
*       issuer: CN=R3,O=Let's Encrypt,C=US
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0> GET / HTTP/1.1
> Host: nghttp2.org
> User-Agent: curl/7.76.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Date: Tue, 06 Apr 2021 17:08:31 GMT
< Content-Type: text/html
< Last-Modified: Tue, 02 Feb 2021 11:41:51 GMT
< Etag: "60193a7f-19d8"
< Accept-Ranges: bytes
< Content-Length: 6616
< X-Backend-Header-Rtt: 0.001242
< Strict-Transport-Security: max-age=31536000
< Server: nghttpx
< Via: 2 nghttpx
< alt-svc: h3-29=":443"; ma=3600
< x-frame-options: SAMEORIGIN
< x-xss-protection: 1; mode=block
< x-content-type-options: nosniff
<
{ [869 bytes data]
100  6616  100  6
我已经更新了最新的CURL版本,它正在CentOS 7上运行 请让我知道什么可能是问题或什么东西,特别是在服务器上检查有关证书问题

谢谢

谢谢,我不知道,什么样的curl只显示http/1.1请求,在发送之前转换为2.0。@Daniel,你能帮我解决以下问题吗?这不是curl帮助台,我们不会对现有的问题提出后续问题。您的问题是我们在curl项目中处理的一个bug。谢谢,我不知道,什么curl只显示http/1.1请求,在发送之前转换为2.0。@Daniel,您能帮助解决以下问题吗?这不是curl帮助台,我们不会对现有问题进行后续问题。您的问题是我们在curl项目中处理的一个bug。