diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index eb1420f1..bef6d837 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -51,6 +51,7 @@ jobs: - curl_fuzzer_gopher - curl_fuzzer_http - curl_fuzzer_https + - curl_fuzzer_http3 - curl_fuzzer_imap - curl_fuzzer_ldap - curl_fuzzer_mqtt diff --git a/.gitignore b/.gitignore index 269c2a40..33287f8f 100644 --- a/.gitignore +++ b/.gitignore @@ -40,6 +40,8 @@ missing /curl_fuzzer_http_seed_corpus.zip /curl_fuzzer_https /curl_fuzzer_https_seed_corpus.zip +/curl_fuzzer_http3 +/curl_fuzzer_http3_seed_corpus.zip /curl_fuzzer_imap /curl_fuzzer_imap_seed_corpus.zip /curl_fuzzer_ldap @@ -62,3 +64,7 @@ missing /curl_fuzzer_smtp_seed_corpus.zip /curl_fuzzer_tftp /curl_fuzzer_tftp_seed_corpus.zip +/curl_fuzzer_ws +/curl_fuzzer_ws_seed_corpus.zip +/fuzz_url +/fuzz_url.zip diff --git a/Makefile.am b/Makefile.am index 12b29cba..30ddb80f 100644 --- a/Makefile.am +++ b/Makefile.am @@ -25,7 +25,7 @@ ACLOCAL_AMFLAGS = -I m4 @CODE_COVERAGE_RULES@ # Include debug symbols by default as recommended by libfuzzer. -AM_CXXFLAGS = -g -I@INSTALLDIR@/include -I@INSTALLDIR@/utfuzzer +AM_CXXFLAGS = -g LIBS = -lpthread -lm @@ -42,6 +42,7 @@ FUZZPROGS = curl_fuzzer \ curl_fuzzer_gopher \ curl_fuzzer_http \ curl_fuzzer_https \ + curl_fuzzer_http3 \ curl_fuzzer_imap \ curl_fuzzer_ldap \ curl_fuzzer_mqtt \ @@ -59,8 +60,10 @@ FUZZPROGS = curl_fuzzer \ FUZZLIBS = libstandaloneengine.a COMMON_SOURCES = curl_fuzzer.cc curl_fuzzer_tlv.cc curl_fuzzer_callback.cc -COMMON_FLAGS = $(AM_CXXFLAGS) $(CODE_COVERAGE_CXXFLAGS) -COMMON_LDADD = @INSTALLDIR@/lib/libcurl.la $(LIB_FUZZING_ENGINE) $(CODE_COVERAGE_LIBS) +COMMON_FLAGS = -I@INSTALLDIR@/openssl/include -I@INSTALLDIR@/openssl/utfuzzer $(AM_CXXFLAGS) $(CODE_COVERAGE_CXXFLAGS) +COMMON_LDADD = @INSTALLDIR@/openssl/lib/libcurl.la $(LIB_FUZZING_ENGINE) $(CODE_COVERAGE_LIBS) +HTTP3_FLAGS = -I@INSTALLDIR@/openssl_quic/include -I@INSTALLDIR@/openssl_quic/utfuzzer $(AM_CXXFLAGS) $(CODE_COVERAGE_CXXFLAGS) +HTTP3_LDADD = @INSTALLDIR@/openssl_quic/lib/libcurl.la $(LIB_FUZZING_ENGINE) $(CODE_COVERAGE_LIBS) libstandaloneengine_a_SOURCES = standalone_fuzz_target_runner.cc libstandaloneengine_a_CXXFLAGS = $(AM_CXXFLAGS) @@ -89,6 +92,9 @@ curl_fuzzer_http_LDADD = $(COMMON_LDADD) curl_fuzzer_https_SOURCES = $(COMMON_SOURCES) curl_fuzzer_https_CXXFLAGS = $(COMMON_FLAGS) -DFUZZ_PROTOCOLS_HTTPS curl_fuzzer_https_LDADD = $(COMMON_LDADD) +curl_fuzzer_http3_SOURCES = $(COMMON_SOURCES) +curl_fuzzer_http3_CXXFLAGS = $(HTTP3_FLAGS) -DFUZZ_PROTOCOLS_HTTP3 -DFUZZ_PROTOCOLS_HTTPS +curl_fuzzer_http3_LDADD = $(HTTP3_LDADD) curl_fuzzer_imap_SOURCES = $(COMMON_SOURCES) curl_fuzzer_imap_CXXFLAGS = $(COMMON_FLAGS) -DFUZZ_PROTOCOLS_IMAP curl_fuzzer_imap_LDADD = $(COMMON_LDADD) diff --git a/corpora/curl_fuzzer_http3/test_simple_httppost b/corpora/curl_fuzzer_http3/test_simple_httppost new file mode 100644 index 00000000..e7e295dc Binary files /dev/null and b/corpora/curl_fuzzer_http3/test_simple_httppost differ diff --git a/curl_fuzzer.cc b/curl_fuzzer.cc index 44f0a239..89a1c297 100644 --- a/curl_fuzzer.cc +++ b/curl_fuzzer.cc @@ -207,8 +207,10 @@ int fuzz_set_easy_options(FUZZ_DATA *fuzz) /* Set the hsts header cache filepath so that it can be fuzzed. */ FTRY(curl_easy_setopt(fuzz->easy, CURLOPT_HSTS, FUZZ_HSTS_HEADER_CACHE_PATH)); +#ifndef FUZZ_PROTOCOLS_HTTPS /* Set the Certificate Revocation List file path so it can be fuzzed */ FTRY(curl_easy_setopt(fuzz->easy, CURLOPT_CRLFILE, FUZZ_CRL_FILE_PATH)); +#endif /* Set the .netrc file path so it can be fuzzed */ FTRY(curl_easy_setopt(fuzz->easy, CURLOPT_NETRC_FILE, FUZZ_NETRC_FILE_PATH)); @@ -571,6 +573,16 @@ int fuzz_set_allowed_protocols(FUZZ_DATA *fuzz) FTRY(curl_easy_setopt(fuzz->easy, CURLOPT_PROTOCOLS_STR, allowed_protocols)); + #ifdef FUZZ_PROTOCOLS_HTTP3 + /* If we are fuzzing HTTP3, then we must be fuzzing the HTTPS protocol */ + #ifndef FUZZ_PROTOCOLS_HTTPS + rc = 255; + goto EXIT_LABEL; + #endif + + FTRY(curl_easy_setopt(fuzz->easy, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_3ONLY)); + #endif + EXIT_LABEL: return rc; diff --git a/curl_fuzzer_callback.cc b/curl_fuzzer_callback.cc index 7d6152fc..eee46154 100644 --- a/curl_fuzzer_callback.cc +++ b/curl_fuzzer_callback.cc @@ -69,7 +69,14 @@ curl_socket_t fuzz_open_socket(void *ptr, sman->index, sman->index); - if(socketpair(AF_UNIX, SOCK_STREAM, 0, fds)) { + + #ifdef FUZZ_PROTOCOLS_HTTP3 + const int socket_type = SOCK_DGRAM; + #else + const int socket_type = SOCK_STREAM; + #endif + + if(socketpair(AF_UNIX, socket_type, 0, fds)) { /* Failed to create a pair of sockets. */ return CURL_SOCKET_BAD; } diff --git a/mainline.sh b/mainline.sh index c0991a5f..f0c18c66 100755 --- a/mainline.sh +++ b/mainline.sh @@ -8,21 +8,25 @@ SCRIPTDIR=${BUILD_ROOT}/scripts CURLDIR=/tmp/curl OPENSSLDIR=/tmp/openssl -NGHTTPDIR=/tmp/nghttp2 -INSTALLDIR=/tmp/curl_install +NGHTTP2DIR=/tmp/nghttp2 +NGHTTP3DIR=/tmp/nghttp3 +NGTCP2DIR=/tmp/ngtcp2 +INSTALLDIRTOP=/tmp/curl_install # Parse the options. OPTIND=1 -while getopts "c:n:o:" opt +while getopts "c:n:o:t:" opt do case "$opt" in c) CURLDIR=$OPTARG ;; - n) NGHTTPDIR=$OPTARG + n) NGHTTP2DIR=$OPTARG ;; o) OPENSSLDIR=$OPTARG ;; + t) NGTCP2DIR=$OPTARG + ;; esac done shift $((OPTIND-1)) @@ -34,16 +38,29 @@ FUZZ_FLAG="-DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION" export CFLAGS="-fsanitize=address" export CXXFLAGS="-fsanitize=address -stdlib=libstdc++ $FUZZ_FLAG" export CPPFLAGS="$FUZZ_FLAG" -export OPENSSLFLAGS="-fno-sanitize=alignment" +export OPENSSLFLAGS="-fno-sanitize=alignment -lstdc++" + +for tls_lib in openssl openssl_quic; do + INSTALLDIR="$INSTALLDIRTOP/$tls_lib" + mkdir -p "$INSTALLDIR" + + # Install tls_lib + ${SCRIPTDIR}/handle_x.sh ${tls_lib} ${OPENSSLDIR}/${tls_lib} ${INSTALLDIR} || exit 1 -# Install openssl -${SCRIPTDIR}/handle_x.sh openssl ${OPENSSLDIR} ${INSTALLDIR} || exit 1 + # Install nghttp2 + ${SCRIPTDIR}/handle_x.sh nghttp2 ${NGHTTP2DIR} ${INSTALLDIR} || exit 1 -# Install nghttp2 -${SCRIPTDIR}/handle_x.sh nghttp2 ${NGHTTPDIR} ${INSTALLDIR} || exit 1 + if [[ "$tls_lib" == "openssl_quic" ]]; then + # Install nghttp3 + ${SCRIPTDIR}/handle_x.sh nghttp3 ${NGHTTP3DIR} ${INSTALLDIR} || exit 1 -# Install curl after all other dependencies -${SCRIPTDIR}/handle_x.sh curl ${CURLDIR} ${INSTALLDIR} || exit 1 + # Install ngtcp2 + ${SCRIPTDIR}/handle_x.sh ngtcp2 ${NGTCP2DIR} ${INSTALLDIR} || exit 1 + fi + + # Install curl after all other dependencies + ${SCRIPTDIR}/handle_x.sh curl ${CURLDIR} ${INSTALLDIR} || exit 1 +done # Compile and test the fuzzers. -${SCRIPTDIR}/compile_fuzzer.sh ${INSTALLDIR} || exit 1 +${SCRIPTDIR}/compile_fuzzer.sh ${INSTALLDIRTOP} || exit 1 diff --git a/ossfuzz.sh b/ossfuzz.sh index b70772be..7152b3e1 100755 --- a/ossfuzz.sh +++ b/ossfuzz.sh @@ -29,7 +29,9 @@ SCRIPTDIR=${BUILD_ROOT}/scripts ZLIBDIR=/src/zlib OPENSSLDIR=/src/openssl -NGHTTPDIR=/src/nghttp2 +NGHTTP2DIR=/src/nghttp2 +NGHTTP3DIR=/src/nghttp3 +NGTCP2DIR=/src/ngtcp2 GDBDIR=/src/gdb # Check for GDB-specific behaviour by checking for the GDBMODE flag. @@ -53,7 +55,7 @@ echo "FUZZ_TARGETS: $FUZZ_TARGETS" export MAKEFLAGS+="-j$(nproc)" # Make an install directory -export INSTALLDIR=/src/curl_install +export INSTALLDIRTOP=/src/curl_install # Check for GDB-specific behaviour by checking for the GDBMODE flag. # - Compile and installing GDB if necessary. @@ -67,26 +69,40 @@ then fi fi -# Install zlib -${SCRIPTDIR}/handle_x.sh zlib ${ZLIBDIR} ${INSTALLDIR} || exit 1 +for tls_lib in openssl openssl_quic; do + INSTALLDIR="$INSTALLDIRTOP/$tls_lib" + mkdir -p "$INSTALLDIR" -# For the memory sanitizer build, turn off OpenSSL as it causes bugs we can't -# affect (see 16697, 17624) -if [[ ${SANITIZER} != "memory" ]] -then - # Install openssl - export OPENSSLFLAGS="-fno-sanitize=alignment" - ${SCRIPTDIR}/handle_x.sh openssl ${OPENSSLDIR} ${INSTALLDIR} || exit 1 -fi + # Install zlib + ${SCRIPTDIR}/handle_x.sh zlib ${ZLIBDIR} ${INSTALLDIR} || exit 1 + + # For the memory sanitizer build, turn off OpenSSL as it causes bugs we can't + # affect (see 16697, 17624) + if [[ ${SANITIZER} != "memory" ]] + then + # Install openssl_quic (need openssl_quic, nghttp3, and ngtcp2 for HTTP3 support) + export OPENSSLFLAGS="-fno-sanitize=alignment" + ${SCRIPTDIR}/handle_x.sh ${tls_lib} ${OPENSSLDIR}/${tls_lib} ${INSTALLDIR} || exit 1 -# Install nghttp2 -${SCRIPTDIR}/handle_x.sh nghttp2 ${NGHTTPDIR} ${INSTALLDIR} || exit 1 + if [[ "$tls_lib" == "openssl_quic" ]] + then + # Install nghttp3 + ${SCRIPTDIR}/handle_x.sh nghttp3 ${NGHTTP3DIR} ${INSTALLDIR} || exit 1 -# Compile curl -${SCRIPTDIR}/install_curl.sh /src/curl ${INSTALLDIR} + # Install ngtcp2 + ${SCRIPTDIR}/handle_x.sh ngtcp2 ${NGTCP2DIR} ${INSTALLDIR} || exit 1 + fi + fi + + # Install nghttp2 + ${SCRIPTDIR}/handle_x.sh nghttp2 ${NGHTTP2DIR} ${INSTALLDIR} || exit 1 + + # Compile curl + ${SCRIPTDIR}/install_curl.sh /src/curl ${INSTALLDIR} +done # Build the fuzzers. -${SCRIPTDIR}/compile_fuzzer.sh ${INSTALLDIR} +${SCRIPTDIR}/compile_fuzzer.sh ${INSTALLDIRTOP} make zip # Copy the fuzzers over. diff --git a/renovate.json b/renovate.json index 32f5071d..3d6693b1 100644 --- a/renovate.json +++ b/renovate.json @@ -23,6 +23,17 @@ "depNameTemplate": "openssl/openssl", "versioningTemplate": "regex:^openssl-(?\\d+)\\.(?\\d+)\\.(?\\d+)$", "registryUrlTemplate": "https://github.com" + }, + { + "customType": "regex", + "fileMatch": ["^scripts/VERSIONS$"], + "matchStrings": [ + "QUICTLS_VERSION=(?.*)\\s" + ], + "datasourceTemplate": "github-tags", + "depNameTemplate": "openssl/openssl", + "versioningTemplate": "regex:^openssl-(?\\d+)\\.(?\\d+)\\.(?\\d+)-quic\\d+$", + "registryUrlTemplate": "https://github.com" } ], "packageRules": [ diff --git a/scripts/VERSIONS b/scripts/VERSIONS index 4cc54338..1e1a19a1 100644 --- a/scripts/VERSIONS +++ b/scripts/VERSIONS @@ -3,5 +3,14 @@ # Handled by renovate.json OPENSSL_VERSION=openssl-3.2.0 +# Handled by renovate.json +QUICTLS_VERSION=openssl-3.1.4-quic1 + # renovate: datasource=github-tags depName=nghttp2/nghttp2 versioning=semver registryUrl=https://github.com NGHTTP2_VERSION=v1.58.0 + +# renovate: datasource=github-tags depName=ngtcp2/nghttp3 versioning=semver registryUrl=https://github.com +NGHTTP3_VERSION=v1.1.0 + +# renovate: datasource=github-tags depName=ngtcp2/ngtcp2 versioning=semver registryUrl=https://github.com +NGTCP2_VERSION=v1.1.0 diff --git a/scripts/download_curl.sh b/scripts/download_curl.sh index 0d078d88..6a90b983 100755 --- a/scripts/download_curl.sh +++ b/scripts/download_curl.sh @@ -6,3 +6,21 @@ set -ex # Clone the curl repository to the specified directory. git clone http://github.com/curl/curl $1 +# TODO: Ignore HTTP3 socket connection failures +pushd $1 +patch -p1 <<'EOF' +diff --git a/lib/cf-socket.c b/lib/cf-socket.c +index e42b4a87b..f99fcd80c 100644 +--- a/lib/cf-socket.c ++++ b/lib/cf-socket.c +@@ -1650,7 +1650,7 @@ static CURLcode cf_udp_setup_quic(struct Curl_cfilter *cf, + + rc = connect(ctx->sock, &ctx->addr.sa_addr, ctx->addr.addrlen); + if(-1 == rc) { +- return socket_connect_result(data, ctx->r_ip, SOCKERRNO); ++ /* return socket_connect_result(data, ctx->r_ip, SOCKERRNO); */ + } + set_local_ip(cf, data); + CURL_TRC_CF(data, cf, "%s socket %" CURL_FORMAT_SOCKET_T +EOF +popd diff --git a/scripts/download_nghttp3.sh b/scripts/download_nghttp3.sh new file mode 100755 index 00000000..809a9b01 --- /dev/null +++ b/scripts/download_nghttp3.sh @@ -0,0 +1,11 @@ +#!/bin/bash + +# If any commands fail, fail the script immediately. +set -ex + +# Get the script directory and source the VERSIONS file +SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" +source $SCRIPT_DIR/VERSIONS + +# Clone the repository to the specified directory. +git clone --depth 1 --branch ${NGHTTP3_VERSION} https://github.com/ngtcp2/nghttp3 $1 diff --git a/scripts/download_ngtcp2.sh b/scripts/download_ngtcp2.sh new file mode 100755 index 00000000..8569af9e --- /dev/null +++ b/scripts/download_ngtcp2.sh @@ -0,0 +1,92 @@ +#!/bin/bash + +# If any commands fail, fail the script immediately. +set -ex + +# Get the script directory and source the VERSIONS file +SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" +source $SCRIPT_DIR/VERSIONS + +# Clone the repository to the specified directory. +git clone --depth 1 --branch ${NGTCP2_VERSION} https://github.com/ngtcp2/ngtcp2 $1 + +# Teach ngtcp2 about sockets +pushd $1 +patch -p1 <<'EOF' +From 52690d08112ccd9a5c01b5991735bf3f8e5121b0 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Emilio=20L=C3=B3pez?= +Date: Sat, 16 Dec 2023 21:33:17 +0000 +Subject: [PATCH] Teach ngtcp2 about sockets + +--- + crypto/shared.c | 4 ++++ + lib/includes/ngtcp2/ngtcp2.h | 5 +++++ + lib/ngtcp2_addr.c | 8 ++++++++ + 3 files changed, 17 insertions(+) + +diff --git a/crypto/shared.c b/crypto/shared.c +index 162094a3..08c9ed44 100644 +--- a/crypto/shared.c ++++ b/crypto/shared.c +@@ -1096,6 +1096,10 @@ static size_t crypto_generate_regular_token_aad(uint8_t *dest, + (const uint8_t *)&((const ngtcp2_sockaddr_in6 *)(void *)sa)->sin6_addr; + addrlen = sizeof(((const ngtcp2_sockaddr_in6 *)(void *)sa)->sin6_addr); + break; ++ case NGTCP2_AF_UNIX: ++ addr = NULL; ++ addrlen = 0; ++ break; + default: + assert(0); + abort(); +diff --git a/lib/includes/ngtcp2/ngtcp2.h b/lib/includes/ngtcp2/ngtcp2.h +index a8d4b4af..63958e4c 100644 +--- a/lib/includes/ngtcp2/ngtcp2.h ++++ b/lib/includes/ngtcp2/ngtcp2.h +@@ -1235,6 +1235,10 @@ typedef struct ngtcp2_pkt_stateless_reset { + # error NGTCP2_AF_INET6 must be defined + # endif /* !NGTCP2_AF_INET6 */ + ++# ifndef NGTCP2_AF_UNIX ++# error NGTCP2_AF_UNIX must be defined ++# endif /* !NGTCP2_AF_UNIX */ ++ + typedef unsigned short int ngtcp2_sa_family; + typedef uint16_t ngtcp2_in_port; + +@@ -1270,6 +1274,7 @@ typedef uint32_t ngtcp2_socklen; + #else /* !NGTCP2_USE_GENERIC_SOCKADDR */ + # define NGTCP2_AF_INET AF_INET + # define NGTCP2_AF_INET6 AF_INET6 ++# define NGTCP2_AF_UNIX AF_UNIX + + /** + * @typedef +diff --git a/lib/ngtcp2_addr.c b/lib/ngtcp2_addr.c +index f389abe7..26b57f3d 100644 +--- a/lib/ngtcp2_addr.c ++++ b/lib/ngtcp2_addr.c +@@ -67,6 +67,10 @@ static int sockaddr_eq(const ngtcp2_sockaddr *a, const ngtcp2_sockaddr *b) { + return ai->sin6_port == bi->sin6_port && + memcmp(&ai->sin6_addr, &bi->sin6_addr, sizeof(ai->sin6_addr)) == 0; + } ++ case NGTCP2_AF_UNIX: { ++ // TODO: see what makes sense here ++ return 1; ++ } + default: + ngtcp2_unreachable(); + } +@@ -109,6 +113,10 @@ uint32_t ngtcp2_addr_compare(const ngtcp2_addr *aa, const ngtcp2_addr *bb) { + } + return flags; + } ++ case NGTCP2_AF_UNIX: { ++ // TODO: see what makes sense here? ++ return 0; ++ } + default: + ngtcp2_unreachable(); + } +EOF +popd diff --git a/scripts/download_openssl_quic.sh b/scripts/download_openssl_quic.sh new file mode 100755 index 00000000..06320bdd --- /dev/null +++ b/scripts/download_openssl_quic.sh @@ -0,0 +1,11 @@ +#!/bin/bash + +# If any commands fail, fail the script immediately. +set -ex + +# Get the script directory and source the VERSIONS file +SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" +source $SCRIPT_DIR/VERSIONS + +# Clone the repository to the specified directory. +git clone --depth 1 --branch ${QUICTLS_VERSION} https://github.com/quictls/openssl $1 diff --git a/scripts/fuzz_targets b/scripts/fuzz_targets index 907a163a..6af13615 100644 --- a/scripts/fuzz_targets +++ b/scripts/fuzz_targets @@ -1,3 +1,3 @@ #!/bin/bash -export FUZZ_TARGETS="curl_fuzzer_dict curl_fuzzer_file curl_fuzzer_ftp curl_fuzzer_gopher curl_fuzzer_http curl_fuzzer_https curl_fuzzer_imap curl_fuzzer_ldap curl_fuzzer_mqtt curl_fuzzer_pop3 curl_fuzzer_rtmp curl_fuzzer_rtsp curl_fuzzer_scp curl_fuzzer_sftp curl_fuzzer_smb curl_fuzzer_smtp curl_fuzzer_tftp curl_fuzzer_ws curl_fuzzer fuzz_url" +export FUZZ_TARGETS="curl_fuzzer_dict curl_fuzzer_file curl_fuzzer_ftp curl_fuzzer_gopher curl_fuzzer_http curl_fuzzer_https curl_fuzzer_http3 curl_fuzzer_imap curl_fuzzer_ldap curl_fuzzer_mqtt curl_fuzzer_pop3 curl_fuzzer_rtmp curl_fuzzer_rtsp curl_fuzzer_scp curl_fuzzer_sftp curl_fuzzer_smb curl_fuzzer_smtp curl_fuzzer_tftp curl_fuzzer_ws curl_fuzzer fuzz_url" diff --git a/scripts/install_curl.sh b/scripts/install_curl.sh index 4d6ec473..99c7728d 100755 --- a/scripts/install_curl.sh +++ b/scripts/install_curl.sh @@ -38,16 +38,31 @@ fi if [[ -f ${INSTALLDIR}/lib/libnghttp2.a ]] then - NGHTTPOPTION=--with-nghttp2=${INSTALLDIR} + NGHTTP2OPTION=--with-nghttp2=${INSTALLDIR} else - NGHTTPOPTION=--without-nghttp2 + NGHTTP2OPTION=--without-nghttp2 +fi + +if [[ -f ${INSTALLDIR}/lib/libnghttp3.a ]] +then + NGHTTP3OPTION=--with-nghttp3=${INSTALLDIR} +else + NGHTTP3OPTION=--without-nghttp3 +fi + +if [[ -f ${INSTALLDIR}/lib/libngtcp2.a ]] +then + NGTCP2OPTION=--with-ngtcp2=${INSTALLDIR} +else + NGTCP2OPTION=--without-ngtcp2 fi pushd ${SRCDIR} # Build the library. ./buildconf -./configure --prefix=${INSTALLDIR} \ +./configure PKG_CONFIG_PATH=${INSTALLDIR}/lib/pkgconfig \ + --prefix=${INSTALLDIR} \ --disable-shared \ --enable-debug \ --enable-maintainer-mode \ @@ -56,7 +71,9 @@ pushd ${SRCDIR} --enable-websockets \ --with-random=/dev/null \ ${SSLOPTION} \ - ${NGHTTPOPTION} \ + ${NGHTTP2OPTION} \ + ${NGHTTP3OPTION} \ + ${NGTCP2OPTION} \ ${CODE_COVERAGE_OPTION} make V=1 diff --git a/scripts/install_nghttp3.sh b/scripts/install_nghttp3.sh new file mode 100755 index 00000000..e8b50cef --- /dev/null +++ b/scripts/install_nghttp3.sh @@ -0,0 +1,26 @@ +#!/bin/bash + +# If any commands fail, fail the script immediately. +set -ex + +SRCDIR=$1 +INSTALLDIR=$2 + +if [[ ! -d ${INSTALLDIR} ]] +then + # Make an install target directory. + mkdir ${INSTALLDIR} +fi + +pushd ${SRCDIR} + +# Build the library. +autoreconf -fi +./configure --prefix=${INSTALLDIR} \ + --disable-shared \ + --enable-static \ + --disable-threads \ + --enable-lib-only + +make +make install diff --git a/scripts/install_ngtcp2.sh b/scripts/install_ngtcp2.sh new file mode 100755 index 00000000..3e53e831 --- /dev/null +++ b/scripts/install_ngtcp2.sh @@ -0,0 +1,28 @@ +#!/bin/bash + +# If any commands fail, fail the script immediately. +set -ex + +SRCDIR=$1 +INSTALLDIR=$2 + +if [[ ! -d ${INSTALLDIR} ]] +then + # Make an install target directory. + mkdir ${INSTALLDIR} +fi + +pushd ${SRCDIR} + +autoreconf -fi +./configure PKG_CONFIG_PATH=${INSTALLDIR}/lib/pkgconfig \ + LDFLAGS="-Wl,-rpath,${INSTALLDIR}" \ + --prefix=${INSTALLDIR} \ + --disable-shared \ + --enable-static \ + --enable-lib-only \ + --with-openssl \ + + +make +make install diff --git a/scripts/install_openssl_quic.sh b/scripts/install_openssl_quic.sh new file mode 100755 index 00000000..fd881cdc --- /dev/null +++ b/scripts/install_openssl_quic.sh @@ -0,0 +1,10 @@ + +#!/bin/bash + +# If any commands fail, fail the script immediately. +set -ex + +SRCDIR=$1 +INSTALLDIR=$2 + +$(dirname "$0")/install_openssl.sh $SRCDIR $INSTALLDIR