Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

vquic: add support for GnuTLS backend of ngtcp2 #5148

Closed
wants to merge 2 commits into from

Conversation

@ueno
Copy link
Contributor

ueno commented Mar 26, 2020

This can be built with the same steps as the ngtcp2 + OpenSSL procedure mentioned in docs/HTTP3.md, except:

  • gnutls (from the tmp-quic branch) needs to be installed instead
     % git clone https://gitlab.com/gnutls/gnutls.git
     % cd gnutls
     % git checkout tmp-quic
     % ./bootstrap
     % ./configure --prefix=<somewhere1> --disable-doc
     % make -j$(nproc)
     % make install
     % cd ..
     % git clone https://github.com/ueno/ngtcp2.git
     % cd ngtcp2
     % git checkout wip/dueno/crypto-gnutls
     % autoreconf -i
     % ./configure --prefix=<somewhere2> --enable-lib-only
     % make -j$(nproc)
     % make install
  • curl must be configured with --with-gnutls instead of --with-ssl
     % cd ..
     % git clone https://github.com/curl/curl
     % cd curl
     % ./buildconf
     % LDFLAGS="-Wl,-rpath,<somewhere1>/lib" ./configure --without-ssl --with-gnutls=<somewhere1> --with-nghttp3=<somewhere2> --with-ngtcp2=<somewhere3> --enable-alt-svc
     % make

Currently, the TLS backend used by vquic/ngtcp2.c is selected at compile time. Therefore OpenSSL support needs to be explicitly disabled.

@bagder
Copy link
Member

bagder commented Mar 26, 2020

Lovely! Can you also update docs/HTTP3.md with these how-to details?

Do you have any ideas or guesses on when we can hope for this work to be merged into the master branches of GnuTLS and ngtcp2?

It think it also makes sense to create a CI job that verifies the build, in the same spirit as the existing ngtcp2-openssl build is done. We can of course do that as a second follow-up PR.

@ueno ueno force-pushed the ueno:wip/dueno/h3-gtls branch from 53aa589 to 605f10e Mar 28, 2020
@tatsuhiro-t
Copy link
Contributor

tatsuhiro-t commented Mar 29, 2020

I just merged GnuTLS support into ngtcp2.

@ueno ueno force-pushed the ueno:wip/dueno/h3-gtls branch from 605f10e to 2ef19f4 Mar 30, 2020
@ueno
Copy link
Contributor Author

ueno commented Mar 30, 2020

Thank you; updated the patches with the suggested changes.

@ueno ueno force-pushed the ueno:wip/dueno/h3-gtls branch from 2ef19f4 to 568eb40 Mar 30, 2020
@bagder
Copy link
Member

bagder commented Mar 30, 2020

Maybe you could/should make a separate PR for db45199 first to fix #5166 independently? Or does it make more sense to fix it within this PR?

@ueno
Copy link
Contributor Author

ueno commented Mar 30, 2020

Sure, filed a separate PR as #5168.

Currently, the TLS backend used by vquic/ngtcp2.c is selected at
compile time.  Therefore OpenSSL support needs to be explicitly
disabled.

Signed-off-by: Daiki Ueno <dueno@redhat.com>
@ueno ueno force-pushed the ueno:wip/dueno/h3-gtls branch 6 times, most recently from f692bb8 to ded8586 Mar 30, 2020
@ueno ueno force-pushed the ueno:wip/dueno/h3-gtls branch from ded8586 to c3ed0fe Mar 31, 2020
@ueno
Copy link
Contributor Author

ueno commented Mar 31, 2020

The build in Travis CI seems to have succeeded (finally): https://travis-ci.org/github/curl/curl/jobs/669087295

@bagder bagder closed this in 0736ee7 Mar 31, 2020
@bagder
Copy link
Member

bagder commented Mar 31, 2020

Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants
You can’t perform that action at this time.