Move http2 out of experimental
Http2 support in bmcweb has been relatively stable for a while. The
http2 implementation passes all known Redfish tests (some of which
require ported to httpx to support http2), the UI loads, and so far as
the project is concerned, is a complete improvement over the existing
http1 stack.
This commit removes the experimental classification from http2, and
declares it ready for production use, while enabling it by default.
note, that enabling this by default only makes the server advertise that
http2 is available. Http2 must still be supported by the client to
enable ALPN negotiation, so existing http1 clients that only support
http1 will continue to function as they did before.
Tested: Enabled http option and saw http2 advertised, http2 now takes
effect.
Change-Id: I92843a3afc532f0b2a64904bb872e5d84a1a54fe
Signed-off-by: Ed Tanous <etanous@nvidia.com>
diff --git a/README.md b/README.md
index 7346188..d895538 100644
--- a/README.md
+++ b/README.md
@@ -19,7 +19,8 @@
## Protocols
bmcweb at a protocol level supports http and https. TLS is supported through
-OpenSSL.
+OpenSSL. Http1 and http2 are supported using ALPN registration for TLS
+connections and h2c upgrade header for http connections.
## AuthX
diff --git a/config/meson.build b/config/meson.build
index e62dbec..c69b789 100644
--- a/config/meson.build
+++ b/config/meson.build
@@ -5,11 +5,11 @@
feature_options = [
'basic-auth',
'cookie-auth',
- 'experimental-http2',
'experimental-redfish-dbus-log-subscription',
'experimental-redfish-multi-computer-system',
'google-api',
'host-serial-socket',
+ 'http2',
'hypervisor-computer-system',
'ibm-management-console',
'insecure-disable-auth',
diff --git a/http/http_connection.hpp b/http/http_connection.hpp
index 3f0ba40..807ca35 100644
--- a/http/http_connection.hpp
+++ b/http/http_connection.hpp
@@ -246,7 +246,7 @@
}
BMCWEB_LOG_DEBUG("{} SSL handshake succeeded", logPtr(this));
// If http2 is enabled, negotiate the protocol
- if constexpr (BMCWEB_EXPERIMENTAL_HTTP2)
+ if constexpr (BMCWEB_HTTP2)
{
const unsigned char* alpn = nullptr;
unsigned int alpnlen = 0;
@@ -320,7 +320,7 @@
logPtr(this), isWebsocket, isH2c);
}
- if (BMCWEB_EXPERIMENTAL_HTTP2 && isH2c)
+ if (BMCWEB_HTTP2 && isH2c)
{
std::string_view base64settings = req->req[field::http2_settings];
if (utility::base64Decode<true>(base64settings, http2settings))
diff --git a/meson.options b/meson.options
index 298b34f..cb68db7 100644
--- a/meson.options
+++ b/meson.options
@@ -435,14 +435,12 @@
production environment, or where API stability is required.''',
)
-# BMCWEB_EXPERIMENTAL_HTTP2
+# BMCWEB_HTTP2
option(
- 'experimental-http2',
+ 'http2',
type: 'feature',
- value: 'disabled',
- description: '''Enable HTTP/2 protocol support using nghttp2. Do not rely
- on this option for any production systems. It may have
- behavior changes or be removed at any time.''',
+ value: 'enabled',
+ description: 'Enable HTTP/2 protocol support using nghttp2.',
)
# BMCWEB_WATCHDOG_TIMEOUT
diff --git a/src/ssl_key_handler.cpp b/src/ssl_key_handler.cpp
index 128d1f2..f1442b9 100644
--- a/src/ssl_key_handler.cpp
+++ b/src/ssl_key_handler.cpp
@@ -578,7 +578,7 @@
SSL_CTX_set_options(sslCtx.native_handle(), SSL_OP_NO_RENEGOTIATION);
- if constexpr (BMCWEB_EXPERIMENTAL_HTTP2)
+ if constexpr (BMCWEB_HTTP2)
{
SSL_CTX_set_next_protos_advertised_cb(sslCtx.native_handle(),
nextProtoCallback, nullptr);