Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

curl 7.64.0 compile error on tvos #3689

Closed
nianxuejie opened this issue Mar 19, 2019 · 11 comments

Comments

Projects
None yet
3 participants
@nianxuejie
Copy link

commented Mar 19, 2019

I try to cross-compile curl(7.64.0) for tvos on mac, but it is failed!

This is my script:
`export DEVROOT=/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain
DFT_DIST_DIR=${HOME}/Desktop/libcurl-appleTV-dist
DIST_DIR=${DIST_DIR:-$DFT_DIST_DIR}

function check_curl_ver() {
echo "#include "include/curl/curlver.h"
#if LIBCURL_VERSION_MAJOR < 7 || LIBCURL_VERSION_MINOR < 40
#error Required curl 7.40.0+; See http://curl.haxx.se/docs/adv_20150108A.html
#endif"|gcc -c -o /dev/null -xc -||exit 9
}

function build_for_arch() {
ARCH=$1
HOST=$2
SYSROOT=$3
PREFIX=$4
TVOS_MIN_SDK_VERSION="9.0"
export PATH="${DEVROOT}/usr/bin/:${PATH}"
export CFLAGS="-arch ${ARCH} -pipe -Os -gdwarf-2 -isysroot ${SYSROOT} -mtvos-version-min=${TVOS_MIN_SDK_VERSION} -fembed-bitcode"
export LDFLAGS="-arch ${ARCH} -isysroot ${SYSROOT}"

./configure --disable-shared --enable-ipv6 --enable-static --disable-ntlm-wb ${SSL_FLAG} --enable-threaded-resolver --host="${HOST}" --prefix=${PREFIX}

LANG=C sed -i -- 's/define HAVE_FORK 1/define HAVE_FORK 0/' "./lib/curl_config.h"
LANG=C sed -i -- 's/HAVE_FORK"]=" 1"/HAVE_FORK"]=" 0"/' "config.status"

make -j8 && make install
}

if [ "$1" == "openssl" ]
then
if [ ! -d ${HOME}/Desktop/openssl-ios-dist ]
then
echo "Please use https://github.com/sinofool/build-openssl-ios/ to build OpenSSL for iOS first"
exit 8
fi
export SSL_FLAG=--with-ssl=${HOME}/Desktop/openssl-ios-dist
else
check_curl_ver
export SSL_FLAG=--with-darwinssl
fi

TMP_DIR=/Users/iqiyi/Desktop/code/curl/build

build_for_arch arm64 arm-apple-darwin /Applications/Xcode.app/Contents/Developer/Platforms/AppleTVOS.platform/Developer/SDKs/AppleTVOS.sdk ${TMP_DIR}/appletv_arm64 || exit 1
build_for_arch x86_64 arm-apple-darwin /Applications/Xcode.app/Contents/Developer/Platforms/AppleTVSimulator.platform/Developer/SDKs/AppleTVSimulator.sdk ${TMP_DIR}/appletv_x86 || exit 2

mkdir -p ${TMP_DIR}/lib/
${DEVROOT}/usr/bin/lipo
-arch arm64 ${TMP_DIR}/appletv_arm64/lib/libcurl.a
-arch x86_64 ${TMP_DIR}/appletv_x86/lib/libcurl.a
-output ${TMP_DIR}/lib/libcurl.a -create

cp -r ${TMP_DIR}/appletv_arm64/include ${TMP_DIR}/
curl -O https://raw.githubusercontent.com/sinofool/build-libcurl-ios/for-7.54/patch-include.patch
patch ${TMP_DIR}/include/curl/curlbuild.h < patch-include.patch

mkdir -p ${DIST_DIR}
cp -r ${TMP_DIR}/include ${TMP_DIR}/lib ${DIST_DIR}

`

Error info:

vtls/darwinssl.c:1598:13: error: 'SSLSetALPNProtocols' is only available on tvOS
11.0 or newer [-Werror,-Wunguarded-availability-new]
err = SSLSetALPNProtocols(BACKEND->ssl_ctx, alpnArr);

vtls/darwinssl.c:2652:15: error: 'SSLCopyALPNProtocols' is only available on
tvOS 11.0 or newer [-Werror,-Wunguarded-availability-new]
err = SSLCopyALPNProtocols(BACKEND->ssl_ctx, &alpnArr);

curl/libcurl version 7.64.0 source code

[curl -V output]

MacOS Mojave 10.14.1

I don't know if this script needs some special configuration, but it is workable for ios.

@bagder bagder added the build label Mar 19, 2019

@bagder

This comment has been minimized.

Copy link
Member

commented Mar 19, 2019

I presume this means we need this source line to be adjusted for tvOS somehow:

#if (CURL_BUILD_MAC_10_13 || CURL_BUILD_IOS_11) && HAVE_BUILTIN_AVAILABLE == 1

@nianxuejie

This comment has been minimized.

Copy link
Author

commented Mar 19, 2019

I presume this means we need this source line to be adjusted for tvOS somehow:

curl/lib/vtls/sectransp.c

Line 1578 in dc5edf9

#if (CURL_BUILD_MAC_10_13 || CURL_BUILD_IOS_11) && HAVE_BUILTIN_AVAILABLE == 1

Thank you for your reply.
Do you mean vtls/darwinssl.c?Will you adjust later?

@bagder

This comment has been minimized.

Copy link
Member

commented Mar 19, 2019

The file once called darwinssl.c doesn't exist anymore. It is now called sectransp.c in git as we've switched to always refer to the apple native TLS as Secure Transport and not Darwinssl.

@nianxuejie

This comment has been minimized.

Copy link
Author

commented Mar 19, 2019

The file once called darwinssl.c doesn't exist anymore. It is now called sectransp.c in git as we've switched to always refer to the apple native TLS as Secure Transport and not Darwinssl.

If so, does the configuration option "--with-darwinssl" still work?
I am not sure what is the difference between the apple native TLS as Secure Transport and darwinssl.
When can we use your latest code?

@bagder

This comment has been minimized.

Copy link
Member

commented Mar 19, 2019

does the configuration option "--with-darwinssl" still work?

Yes

I am not sure what is the difference between the apple native TLS as Secure Transport and darwinssl.

There's no difference other than the name. And the official public name was always Secure Transport. We've just adjusted curl to use the "standard" name.

When can we use your latest code?

Our code is always in git and available, you can use it any time you wish. But we have not fixed this issue you're talking about...

@bagder

This comment has been minimized.

Copy link
Member

commented Mar 19, 2019

What if we disable ALPN for all versions of tvOS? Can you see if a patch like this works for you?

diff --git a/lib/vtls/sectransp.c b/lib/vtls/sectransp.c
index 949bd236b..f477a51fc 100644
--- a/lib/vtls/sectransp.c
+++ b/lib/vtls/sectransp.c
@@ -106,10 +106,15 @@
 
 #else
 #error "The Secure Transport back-end requires iOS or macOS."
 #endif /* (TARGET_OS_MAC && !(TARGET_OS_EMBEDDED || TARGET_OS_IPHONE)) */
 
+#if (CURL_BUILD_MAC_10_13 || CURL_BUILD_IOS_11) && \
+  (HAVE_BUILTIN_AVAILABLE == 1) && !defined(TARGET_OS_TV)
+#define SECTRANSP_HAS_ALPN
+#endif
+
 #if CURL_BUILD_MAC
 #include <sys/sysctl.h>
 #endif /* CURL_BUILD_MAC */
 
 #include "urldata.h"
@@ -1573,11 +1578,11 @@ static CURLcode sectransp_connect_step1(struct connectdata *conn,
     failf(data, "Unrecognized parameter passed via CURLOPT_SSLVERSION");
     return CURLE_SSL_CONNECT_ERROR;
   }
 #endif /* CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS */
 
-#if (CURL_BUILD_MAC_10_13 || CURL_BUILD_IOS_11) && HAVE_BUILTIN_AVAILABLE == 1
+#ifdef SECTRANSP_HAS_ALPN
   if(conn->bits.tls_enable_alpn) {
     if(__builtin_available(macOS 10.13.4, iOS 11, *)) {
       CFMutableArrayRef alpnArr = CFArrayCreateMutable(NULL, 0,
                                                        &kCFTypeArrayCallBacks);
 
@@ -2624,11 +2629,11 @@ sectransp_connect_step2(struct connectdata *conn, int sockindex)
       default:
         infof(data, "Unknown protocol connection\n");
         break;
     }
 
-#if(CURL_BUILD_MAC_10_13 || CURL_BUILD_IOS_11) && HAVE_BUILTIN_AVAILABLE == 1
+#ifdef SECTRANSP_HAS_ALPN
     if(conn->bits.tls_enable_alpn) {
       if(__builtin_available(macOS 10.13.4, iOS 11, *)) {
         CFArrayRef alpnArr = NULL;
         CFStringRef chosenProtocol = NULL;
         err = SSLCopyALPNProtocols(BACKEND->ssl_ctx, &alpnArr);
@nianxuejie

This comment has been minimized.

Copy link
Author

commented Mar 19, 2019

What if we disable ALPN for all versions of tvOS? Can you see if a patch like this works for you?

diff --git a/lib/vtls/sectransp.c b/lib/vtls/sectransp.c
index 949bd236b..f477a51fc 100644
--- a/lib/vtls/sectransp.c
+++ b/lib/vtls/sectransp.c
@@ -106,10 +106,15 @@
 
 #else
 #error "The Secure Transport back-end requires iOS or macOS."
 #endif /* (TARGET_OS_MAC && !(TARGET_OS_EMBEDDED || TARGET_OS_IPHONE)) */
 
+#if (CURL_BUILD_MAC_10_13 || CURL_BUILD_IOS_11) && \
+  (HAVE_BUILTIN_AVAILABLE == 1) && !defined(TARGET_OS_TV)
+#define SECTRANSP_HAS_ALPN
+#endif
+
 #if CURL_BUILD_MAC
 #include <sys/sysctl.h>
 #endif /* CURL_BUILD_MAC */
 
 #include "urldata.h"
@@ -1573,11 +1578,11 @@ static CURLcode sectransp_connect_step1(struct connectdata *conn,
     failf(data, "Unrecognized parameter passed via CURLOPT_SSLVERSION");
     return CURLE_SSL_CONNECT_ERROR;
   }
 #endif /* CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS */
 
-#if (CURL_BUILD_MAC_10_13 || CURL_BUILD_IOS_11) && HAVE_BUILTIN_AVAILABLE == 1
+#ifdef SECTRANSP_HAS_ALPN
   if(conn->bits.tls_enable_alpn) {
     if(__builtin_available(macOS 10.13.4, iOS 11, *)) {
       CFMutableArrayRef alpnArr = CFArrayCreateMutable(NULL, 0,
                                                        &kCFTypeArrayCallBacks);
 
@@ -2624,11 +2629,11 @@ sectransp_connect_step2(struct connectdata *conn, int sockindex)
       default:
         infof(data, "Unknown protocol connection\n");
         break;
     }
 
-#if(CURL_BUILD_MAC_10_13 || CURL_BUILD_IOS_11) && HAVE_BUILTIN_AVAILABLE == 1
+#ifdef SECTRANSP_HAS_ALPN
     if(conn->bits.tls_enable_alpn) {
       if(__builtin_available(macOS 10.13.4, iOS 11, *)) {
         CFArrayRef alpnArr = NULL;
         CFStringRef chosenProtocol = NULL;
         err = SSLCopyALPNProtocols(BACKEND->ssl_ctx, &alpnArr);

Thanks.
Is TARGET_OS_TV defined by default for tvos?
I can try.

@bagder

This comment has been minimized.

Copy link
Member

commented Mar 19, 2019

@bagder bagder added the SSL/TLS label Mar 19, 2019

@nianxuejie

This comment has been minimized.

Copy link
Author

commented Mar 19, 2019

It looks like that

ok. It is workable.

bagder added a commit that referenced this issue Mar 19, 2019

sectransp: make it build on tvOS (== no ALPN support)
Reported-by: nianxuejie on github
Fixes #3689
@nickzman

This comment has been minimized.

Copy link
Collaborator

commented Mar 20, 2019

What version of tvOS are you targeting? Version 11.0 and later does support ALPN, so instead of disabling ALPN entirely on tvOS, we ought to just adjust how we weak-link the symbol if you're targeting a version older than 11.0.

@nianxuejie

This comment has been minimized.

Copy link
Author

commented Mar 20, 2019

What version of tvOS are you targeting? Version 11.0 and later does support ALPN, so instead of disabling ALPN entirely on tvOS, we ought to just adjust how we weak-link the symbol if you're targeting a version older than 11.0.

Please confirm the error message.

vtls/darwinssl.c:1598:13: error: 'SSLSetALPNProtocols' is only available on tvOS
11.0 or newer [-Werror,-Wunguarded-availability-new]
err = SSLSetALPNProtocols(BACKEND->ssl_ctx, alpnArr);

vtls/darwinssl.c:2652:15: error: 'SSLCopyALPNProtocols' is only available on
tvOS 11.0 or newer [-Werror,-Wunguarded-availability-new]
err = SSLCopyALPNProtocols(BACKEND->ssl_ctx, &alpnArr);

Our target version is 9.0 or newer.

@bagder bagder closed this in 7550f62 Mar 20, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.