修复windows上curl TLCP无法使用的问题

windows上使用nmake构建，和Linux构建脚本不一样，增加NTLS相关编译选项; 同步curl最新代码，重新适配。
Tongsuo-Project · Jan 5, 2025 · acf0af0 · acf0af0
1 parent e54886d
commit acf0af0
Show file tree

Hide file tree

Showing 8 changed files with 1,025 additions and 879 deletions.
diff --git a/.github/scripts/spacecheck.pl b/.github/scripts/spacecheck.pl
@@ -33,6 +33,7 @@
     "\\.(bat|sln|vc)\$",
     "^tests/certs/.+\\.der\$",
     "^tests/data/test",
+    "tongsuo.patch",
 );
 
 my @mixed_eol = (
@@ -49,6 +50,7 @@
 my @space_at_eol = (
     "^tests/.+\\.(cacert|crt|pem)\$",
     "^tests/data/test",
+    "tongsuo.patch",
 );
 
 my @eol_at_eof = (

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -4,7 +4,7 @@
 
 name: release
 
-on:
+'on':
   workflow_dispatch:
     tags:
       - '*'
@@ -34,20 +34,20 @@ jobs:
     needs: [new_release]
     strategy:
       matrix:
-        builder: [macos-latest, ubuntu-20.04]
+        builder: [ubuntu-20.04, macos-latest, macos-13]
     name: "build-${{ matrix.builder }}"
     steps:
-      - run: |
-          brew install libtool autoconf automake pkg-config
-          mv /usr/local/include/openssl /usr/local/include/openssl.bak
-        if: ${{ matrix.builder == 'macos-latest' }}
+      - run: brew install libtool autoconf automake pkg-config
+        if: ${{ matrix.builder == 'macos-latest' || matrix.builder == 'macos-13' }}
+      - run: mv /usr/local/include/openssl /usr/local/include/openssl.bak
+        if: ${{ matrix.builder == 'macos-13' }}
       - name: build Tongsuo
         run: |
-          VERSION=8.3.3
+          VERSION=8.4.0
           wget "https://github.com/Tongsuo-Project/Tongsuo/archive/refs/tags/${VERSION}.tar.gz"
           tar zxf "${VERSION}.tar.gz"
           pushd "Tongsuo-${VERSION}"
-          ./config --prefix=${GITHUB_WORKSPACE}/tongsuo no-shared enable-ntls --release
+          ./config --prefix=${GITHUB_WORKSPACE}/tongsuo no-shared enable-ntls enable-ssl-trace --release
           make -s -j4
           make install_sw
           popd
@@ -62,15 +62,14 @@ jobs:
           autoreconf -fi
           ./configure --enable-warnings --enable-werror --with-openssl=${GITHUB_WORKSPACE}/tongsuo --without-zlib --without-brotli --disable-shared --disable-ldap --disable-ldaps --disable-rtsp --without-librtmp --enable-static
           make -s -j4
-      
       - name: upload artifact
         uses: actions/upload-release-asset@v1
         env:
           GITHUB_TOKEN: ${{ github.token }}
         with:
           upload_url: ${{ needs.new_release.outputs.upload_url }}
           asset_path: ./curl/src/curl
-          asset_name: curl-${{ runner.os }}
+          asset_name: curl-${{ runner.os }}-${{ runner.arch }}
           asset_content_type: application/octet-stream
 
   build_windows:
@@ -88,7 +87,7 @@ jobs:
       - name: Export env
         shell: bash
         run: |
-          VERSION=8.3.3
+          VERSION=8.4.0
           echo "TONGSUO_VERSION=${VERSION}" >> $GITHUB_ENV
           echo "TONGSUO_HOME=${GITHUB_WORKSPACE}\tongsuo${VERSION}" >> $GITHUB_ENV
       - name: Download Tongsuo source
@@ -103,7 +102,7 @@ jobs:
           pushd "Tongsuo-%TONGSUO_VERSION%"
           mkdir _build
           pushd _build
-          perl ..\Configure no-makedepend no-shared VC-WIN64A --prefix=%TONGSUO_HOME%
+          perl ..\Configure no-makedepend no-shared enable-ntls enable-ssl-trace VC-WIN64A --prefix=%TONGSUO_HOME% --release
           nmake /S
           nmake install_sw
           popd
@@ -116,16 +115,18 @@ jobs:
         working-directory: ./curl
         shell: powershell
         run: |
-          git apply tongsuo.diff
+          git apply tongsuo.patch
           ./buildconf.bat
           cd winbuild
-          nmake /f Makefile.vc mode=static WITH_SSL=static SSL_PATH=${env:TONGSUO_HOME} RTLIBCFG=static
+          nmake /f Makefile.vc MACHINE=x64 mode=static WITH_SSL=static SSL_PATH=${env:TONGSUO_HOME} RTLIBCFG=static ENABLE_NTLS=yes
+          cd ..
+          builds\libcurl-vc-x64-release-static-ssl-static-ipv6-sspi\bin\curl.exe --help tls | findstr tlcp
       - name: upload artifact
         uses: actions/upload-release-asset@v1
         env:
           GITHUB_TOKEN: ${{ github.token }}
         with:
           upload_url: ${{ needs.new_release.outputs.upload_url }}
           asset_path: .\curl\builds\libcurl-vc-x64-release-static-ssl-static-ipv6-sspi\bin\curl.exe
-          asset_name: curl-${{ runner.os }}.exe
+          asset_name: curl-${{ runner.os }}-${{ runner.arch }}.exe
           asset_content_type: application/octet-stream
diff --git a/.github/workflows/reuse.yml b/.github/workflows/reuse.yml
diff --git a/.github/workflows/tongsuo.yml b/.github/workflows/tongsuo.yml
@@ -4,36 +4,91 @@
 
 name: build-with-tongsuo
 
-on: [workflow_dispatch, pull_request, push]
+'on': [workflow_dispatch, pull_request, push]
 
 jobs:
-  autotools:
-    runs-on: 'ubuntu-latest'
-    timeout-minutes: 60
-
+  build_linux_macos:
+    runs-on: ${{ matrix.builder }}
+    strategy:
+      matrix:
+        builder: [ubuntu-20.04, macos-latest, macos-13]
+    name: "build-${{ matrix.builder }}"
     steps:
-      - name: checkout tongsuo
-        uses: actions/checkout@v2
-        with:
-          repository: Tongsuo-Project/Tongsuo
-          path: Tongsuo
-      - name: install Tongsuo
-        working-directory: ./Tongsuo
+      - run: brew install libtool autoconf automake pkg-config
+        if: ${{ matrix.builder == 'macos-latest' || matrix.builder == 'macos-13' }}
+      - run: mv /usr/local/include/openssl /usr/local/include/openssl.bak
+        if: ${{ matrix.builder == 'macos-13' }}
+      - name: build Tongsuo
         run: |
-          ./config --banner=Configured --prefix=${GITHUB_WORKSPACE}/install enable-ntls
+          VERSION=8.4.0
+          wget "https://github.com/Tongsuo-Project/Tongsuo/archive/refs/tags/${VERSION}.tar.gz"
+          tar zxf "${VERSION}.tar.gz"
+          pushd "Tongsuo-${VERSION}"
+          ./config --prefix=${GITHUB_WORKSPACE}/tongsuo no-shared enable-ntls enable-ssl-trace --release
           make -s -j4
-          make install
-      - uses: actions/checkout@v3
+          make install_sw
+          popd
+      - uses: actions/checkout@v2
         with:
           path: curl
-
+          fetch-depth: 0
       - name: build curl
         working-directory: ./curl
         run: |
           git apply tongsuo.patch
           autoreconf -fi
-          LDFLAGS=-Wl,-rpath=${GITHUB_WORKSPACE}/install/lib64/ ./configure --enable-warnings --enable-werror --with-openssl=${GITHUB_WORKSPACE}/install
-          make V=1
+          ./configure --enable-warnings --enable-werror --with-openssl=${GITHUB_WORKSPACE}/tongsuo --without-zlib --without-brotli --disable-shared --disable-ldap --disable-ldaps --disable-rtsp --without-librtmp --without-libpsl --enable-static
+          make -s -j4
           make V=1 examples
           make V=1 -C tests
           make V=1 test-ci
+          ./src/curl --help tls | grep tlcp
+
+  build_windows:
+    runs-on: windows-latest
+    steps:
+      - run: choco install -y winrar
+      - uses: ilammy/msvc-dev-cmd@v1
+        with:
+          arch: win64
+      - uses: ilammy/setup-nasm@v1
+        with:
+          platform: win64
+      - uses: shogo82148/actions-setup-perl@v1
+      - name: Export env
+        shell: bash
+        run: |
+          VERSION=8.4.0
+          echo "TONGSUO_VERSION=${VERSION}" >> $GITHUB_ENV
+          echo "TONGSUO_HOME=${GITHUB_WORKSPACE}\tongsuo${VERSION}" >> $GITHUB_ENV
+      - name: Download Tongsuo source
+        run: |
+          wget "https://github.com/Tongsuo-Project/Tongsuo/archive/refs/tags/${env:TONGSUO_VERSION}.tar.gz" -OutFile "${env:TONGSUO_VERSION}.tar.gz"
+        shell: powershell
+      - run: '"C:\Program Files\WinRAR\WinRAR.exe" -INUL x %TONGSUO_VERSION%.tar.gz'
+        shell: cmd
+      - name: Build Tongsuo
+        shell: cmd
+        run: |
+          pushd "Tongsuo-%TONGSUO_VERSION%"
+          mkdir _build
+          pushd _build
+          perl ..\Configure no-makedepend no-shared enable-ntls enable-ssl-trace VC-WIN64A --prefix=%TONGSUO_HOME% --release
+          nmake /S
+          nmake install_sw
+          popd
+          popd
+      - uses: actions/checkout@v2
+        with:
+          path: curl
+          fetch-depth: 0
+      - name: build curl
+        working-directory: ./curl
+        shell: powershell
+        run: |
+          git apply tongsuo.patch
+          ./buildconf.bat
+          cd winbuild
+          nmake /f Makefile.vc MACHINE=x64 mode=static WITH_SSL=static SSL_PATH=${env:TONGSUO_HOME} RTLIBCFG=static ENABLE_NTLS=yes
+          cd ..
+          builds\libcurl-vc-x64-release-static-ssl-static-ipv6-sspi\bin\curl.exe --help tls | findstr tlcp
diff --git a/Makefile.am b/Makefile.am
@@ -83,7 +83,7 @@ PLAN9_DIST = plan9/include/mkfile \
 
 EXTRA_DIST = CHANGES.md COPYING Makefile.dist             \
  RELEASE-NOTES $(CMAKE_DIST) $(VC_DIST) $(WINBUILD_DIST)  \
- $(PLAN9_DIST) buildconf.bat Dockerfile
+ $(PLAN9_DIST) buildconf.bat Dockerfile tongsuo.patch
 
 CLEANFILES = $(VC14_LIBVCXPROJ) $(VC14_SRCVCXPROJ) \
  $(VC14_10_LIBVCXPROJ) $(VC14_10_SRCVCXPROJ)       \

diff --git a/docs/examples/https-tlcp-doublecerts.c b/docs/examples/https-tlcp-doublecerts.c
@@ -28,36 +28,40 @@
 #include <stdio.h>
 #include <curl/curl.h>
 
-int main(int argc, char **argv)
+int main(void)
 {
-    CURL *curl;
-    CURLcode res;
+  CURL *curl;
+  CURLcode res;
 
-    curl = curl_easy_init();
-    if (curl) {
-        curl_easy_setopt(curl, CURLOPT_URL, "https://127.0.0.1:443");
-        curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_NTLSv1_1);
-        curl_easy_setopt(curl, CURLOPT_SSL_CIPHER_LIST,
-                         "ECDHE-SM2-SM4-CBC-SM3");
+  curl = curl_easy_init();
+  if(curl) {
+    curl_easy_setopt(curl, CURLOPT_URL, "https://127.0.0.1:443");
+    curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_NTLSv1_1);
+    curl_easy_setopt(curl, CURLOPT_SSL_CIPHER_LIST,
+                     "ECDHE-SM2-SM4-CBC-SM3");
 
-        curl_easy_setopt(curl, CURLOPT_SSLSIGNCERT, "sm2_sign.crt");
-        curl_easy_setopt(curl, CURLOPT_SSLSIGNKEY, "sm2_sign.key");
-        curl_easy_setopt(curl, CURLOPT_SSLENCCERT, "sm2_enc.crt");
-        curl_easy_setopt(curl, CURLOPT_SSLENCKEY, "sm2_enc.key");
+    curl_easy_setopt(curl, CURLOPT_SSLSIGNCERT, "sm2_sign.crt");
+    curl_easy_setopt(curl, CURLOPT_SSLSIGNKEY, "sm2_sign.key");
+    curl_easy_setopt(curl, CURLOPT_SSLENCCERT, "sm2_enc.crt");
+    curl_easy_setopt(curl, CURLOPT_SSLENCKEY, "sm2_enc.key");
 
-        /* optional */
-        curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
-        curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);
+    /* optional */
+    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
+    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);
 
-        res = curl_easy_perform(curl);
+    res = curl_easy_perform(curl);
 
-        if(res != CURLE_OK)
-            fprintf(stderr, "curl_easy_perform() failed: %s\n",
-                    curl_easy_strerror(res));
+    if(res != CURLE_OK)
+      fprintf(stderr, "curl_easy_perform() failed: %s\n",
+        curl_easy_strerror(res));
 
-        curl_easy_cleanup(curl);
-    }
+    curl_easy_cleanup(curl);
+  }
 
-    return 0;
+  return 0;
 }
-// gcc https-tlcp-doublecerts.c -o https-tlcp-doublecerts -I/usr/local/curl/include -lcurl -L/usr/local/curl/lib -Wl,-rpath=/usr/local/curl/lib
+/*
+gcc https-tlcp-doublecerts.c -o https-tlcp-doublecerts \
+-I/usr/local/curl/include -lcurl -L/usr/local/curl/lib \
+-Wl,-rpath=/usr/local/curl/lib
+*/
diff --git a/docs/examples/https-tlcp.c b/docs/examples/https-tlcp.c
@@ -28,30 +28,33 @@
 #include <stdio.h>
 #include <curl/curl.h>
 
-int main(int argc, char **argv)
+int main(void)
 {
-    CURL *curl;
-    CURLcode res;
+  CURL *curl;
+  CURLcode res;
 
-    curl = curl_easy_init();
-    if (curl) {
-        curl_easy_setopt(curl, CURLOPT_URL, "https://127.0.0.1:443");
-        curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_NTLSv1_1);
-        curl_easy_setopt(curl, CURLOPT_SSL_CIPHER_LIST, "ECC-SM2-SM4-CBC-SM3");
+  curl = curl_easy_init();
+  if(curl) {
+    curl_easy_setopt(curl, CURLOPT_URL, "https://127.0.0.1:443");
+    curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_NTLSv1_1);
+    curl_easy_setopt(curl, CURLOPT_SSL_CIPHER_LIST, "ECC-SM2-SM4-CBC-SM3");
 
-        /* optional */
-        curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
-        curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);
+    /* optional */
+    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
+    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);
 
-        res = curl_easy_perform(curl);
+    res = curl_easy_perform(curl);
 
-        if(res != CURLE_OK)
-            fprintf(stderr, "curl_easy_perform() failed: %s\n",
-                    curl_easy_strerror(res));
+    if(res != CURLE_OK)
+      fprintf(stderr, "curl_easy_perform() failed: %s\n",
+              curl_easy_strerror(res));
 
-        curl_easy_cleanup(curl);
-    }
+    curl_easy_cleanup(curl);
+  }
 
-    return 0;
+  return 0;
 }
-// gcc https-tlcp.c -o https-tlcp -I/usr/local/curl/include -lcurl -L/usr/local/curl/lib -Wl,-rpath=/usr/local/curl/lib
+/*
+gcc https-tlcp.c -o https-tlcp -I/usr/local/curl/include -lcurl \
+-L/usr/local/curl/lib -Wl,-rpath=/usr/local/curl/lib
+*/