On Wednesday, April 05, 2017 10:33:11 Stephen Gallagher wrote: > On 04/05/2017 09:59 AM, Colin Walters wrote: > > On Wed, Apr 5, 2017, at 09:52 AM, Kamil Dudka wrote: > >> In order to make even smaller Fedora base images, it was proposed to > >> switch > >> libcurl back to OpenSSL. The Fedora Crypto Consolidation project, which > >> motivated the switch of libcurl from OpenSSL to NSS ten years ago, is now > >> deprecated and libcurl is the only package that pulls NSS as its > >> dependency > >> into the Fedora base image. Hence, by switching libcurl back to OpenSSL, > >> we could create Fedora base image that contains fewer crypto libraries > >> inside.> > > Makes sense to me - from the Atomic Host perspective, we are switching > > ostree to use libcurl, since libdnf already does (and librepo hard depends > > on OpenSSL, even though libcurl used NSS). > > > >> Additional proposal that would help to reduce the size of base image is > >> the > >> libcurl-minimal subpackage, which can be installed installed as a > >> lightweight replacement of the libcurl package, with smaller size and > >> fewer dependencies.> > > I'm in agreement with this except: > > > > # configure minimal build > > ... > > > > --without-nghttp2 > > > > I'd really prefer to keep HTTP2 available by default - it can be > > dramatically better. > > I'll second this: it looks like libnghttp2 does not pull in any dependencies > that wouldn't already be part of any minimal install (just glibc and ld) > and its filesystem space is only about 150k uncompressed. > > It's probably reasonable to keep this in our minimal set for the HTTP2 > functionality. Thanks for the suggestion! I have implemented it in my private branch: http://pkgs.fedoraproject.org/cgit/rpms/curl.git/commit/?id=e8208d3e ... and scheduled a new Copr build with the change included. Anyway, do not overestimate the power of HTTP/2. It will not transparently bring you better transfers for free. You can speak HTTP/2 even while using the curl tool but it is mainly useful for testing. If you want to take the advantage of the HTTP/2 features, you need to use the multi API of libcurl and your software built on top of libcurl needs to be aware of the HTTP/2 protocol. Moreover, the throughput of HTTP/2 can be much lower compared to HTTP/1 if you are communicating over IP network with some packet loss. I would suggest to watch the following talks by Daniel Stenberg to obtain realistic expectations about the HTTP/2 support in libcurl and the HTTP/2 protocol in general: https://thomas.glanzmann.de/curl-meet-2017/2017-03-19_03_Daniel_Stenberg_web_transport.mp4 https://thomas.glanzmann.de/curl-meet-2017/2017-03-19_08_Daniel_Stenberg_http2_curl.mp4 Kamil _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
