-
-
Notifications
You must be signed in to change notification settings - Fork 6.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
configure: when enabling QUIC, check that TLS supports QUIC #12683
Conversation
Most importantly perhaps is when using OpenSSL that the used build/flavor has the QUIC API: the vanilla OpenSSL does not, only BoringSSL, libressl, AWS-LC and quictls do. Ref: 5d044ad#r136780413
- separate ngtcp2 specific parts out - provide callback during init to allow ngtcp2 to apply its defaults Closes #12678
I did not make any elaborate checks for GnuTLS and wolfSSL as I figure they are much less likely to be a problem for users since they support QUIC "from scratch". |
Nice. One problem remains. |
Oh right, that complicates matters a little... |
From Msh3's About: Minimal HTTP/3 library on top of MsQuic. |
They write like this about Linux builds:
It seems they only support vanilla OpenSSL on Windows? |
So what about vquic/vquic-tls.c(219,3): warning C4013: 'SSL_set_quic_use_legacy_codepoint' undefined; assuming extern returning int
SSL_set_quic_use_legacy_codepoint(ctx->ssl, 0);
^ |
That needs a different take than this PR, yes. It probably needs adjustments in the code. |
We should probably have CI jobs doing HTTTP/3 on Windows too... |
Or should it say: --- a/lib/vquic/vquic-tls.c 2024-01-11 11:17:26
+++ b/lib/vquic/vquic-tls.c 2024-01-12 10:26:47
@@ -24,7 +24,7 @@
#include "curl_setup.h"
-#if defined(ENABLE_QUIC) && \
+#if defined(ENABLE_QUIC) && defined(USE_NGTCP2) && defined(USE_NGHTTP3) \
(defined(USE_OPENSSL) || defined(USE_GNUTLS) || defined(USE_WOLFSSL))
#ifdef USE_OPENSSL |
Isn't it used for quiche too? |
So maybe? #if defined(ENABLE_QUIC) && !defined(USE_MSH3) && \
(defined(USE_OPENSSL) || defined(USE_GNUTLS) || defined(USE_WOLFSSL))
|
or wait, isn't this still needed for msh3 on linux? |
We use this code only for ngtcp2 and quiche now. So
should do it? or just
|
right, the latter might be enough |
If we later need it for msh3 on linux, I figure we could set a define for each specific backend that needs the init instead, like |
Most importantly perhaps is when using OpenSSL that the used build/flavor has the QUIC API: the vanilla OpenSSL does not, only BoringSSL, libressl, AWS-LC and quictls do.
Ref: 5d044ad#r136780413