h3: add support for ngtcp2 with AWS-LC builds

```
curl 8.4.0-DEV (x86_64-apple-darwin) libcurl/8.4.0-DEV (SecureTransport) AWS-LC/1.15.0 nghttp2/1.56.0 ngtcp2/0.19.1 nghttp3/0.15.0
Release-Date: [unreleased]
Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp ws wss
Features: alt-svc AsynchDNS HSTS HTTP2 HTTP3 HTTPS-proxy IPv6 Largefile MultiSSL NTLM SSL threadsafe UnixSockets
```

Also delete an obsolete GnuTLS TODO and update the header comment in
`FindNGTCP2.cmake`.

Reviewed-by: Daniel Stenberg
Closes #12066
This commit is contained in:
Viktor Szakats 2023-10-08 17:43:10 +00:00
Родитель 58a95b6a49
Коммит 0e4bef0862
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: B5ABD165E2AEF201
3 изменённых файлов: 7 добавлений и 7 удалений

Просмотреть файл

@ -31,8 +31,10 @@ Find the ngtcp2 library
This module accepts optional COMPONENTS to control the crypto library (these are
mutually exclusive)::
OpenSSL: Use libngtcp2_crypto_quictls
GnuTLS: Use libngtcp2_crypto_gnutls
quictls, LibreSSL: Use libngtcp2_crypto_quictls
BoringSSL, AWS-LC: Use libngtcp2_crypto_boringssl
wolfSSL: Use libngtcp2_crypto_wolfssl
GnuTLS: Use libngtcp2_crypto_gnutls
Result Variables
^^^^^^^^^^^^^^^^

Просмотреть файл

@ -668,7 +668,7 @@ if(USE_NGTCP2)
if(USE_OPENSSL OR USE_WOLFSSL)
if(USE_WOLFSSL)
find_package(NGTCP2 REQUIRED wolfSSL)
elseif(HAVE_BORINGSSL)
elseif(HAVE_BORINGSSL OR HAVE_AWSLC)
find_package(NGTCP2 REQUIRED BoringSSL)
else()
find_package(NGTCP2 REQUIRED quictls)
@ -685,9 +685,7 @@ if(USE_NGTCP2)
if(NOT HAVE_SSL_CTX_SET_QUIC_METHOD)
message(FATAL_ERROR "QUIC support is missing in OpenSSL/LibreSSL/BoringSSL/wolfSSL. Try setting -DOPENSSL_ROOT_DIR")
endif()
elseif(USE_GNUTLS)
# TODO add GnuTLS support as vtls library.
find_package(NGTCP2 REQUIRED GnuTLS)
else()
message(FATAL_ERROR "ngtcp2 requires OpenSSL, wolfSSL or GnuTLS")

Просмотреть файл

@ -30,7 +30,7 @@
#ifdef USE_OPENSSL
#include <openssl/err.h>
#ifdef OPENSSL_IS_BORINGSSL
#if defined(OPENSSL_IS_BORINGSSL) || defined(OPENSSL_IS_AWSLC)
#include <ngtcp2/ngtcp2_crypto_boringssl.h>
#else
#include <ngtcp2/ngtcp2_crypto_quictls.h>
@ -407,7 +407,7 @@ static CURLcode quic_ssl_ctx(SSL_CTX **pssl_ctx,
goto out;
}
#ifdef OPENSSL_IS_BORINGSSL
#if defined(OPENSSL_IS_BORINGSSL) || defined(OPENSSL_IS_AWSLC)
if(ngtcp2_crypto_boringssl_configure_client_context(ssl_ctx) != 0) {
failf(data, "ngtcp2_crypto_boringssl_configure_client_context failed");
goto out;