# Copyright (C) Daniel Stenberg, , et al. # # SPDX-License-Identifier: curl name: Linux HTTP/3 'on': push: branches: - master - '*/ci' paths-ignore: - '**/*.md' - '**/CMakeLists.txt' - '.circleci/**' - 'appveyor.*' - 'CMake/**' - 'packages/**' - 'plan9/**' - 'projects/**' - 'winbuild/**' pull_request: branches: - master paths-ignore: - '**/*.md' - '**/CMakeLists.txt' - '.circleci/**' - 'appveyor.*' - 'CMake/**' - 'packages/**' - 'plan9/**' - 'projects/**' - 'winbuild/**' concurrency: # Hardcoded workflow filename as workflow name above is just Linux again group: http3-${{ github.event.pull_request.number || github.sha }} cancel-in-progress: true permissions: {} env: MAKEFLAGS: -j 5 # handled in renovate.json openssl-version: 3.4.0 # handled in renovate.json quictls-version: 3.3.0 # renovate: datasource=github-tags depName=gnutls/gnutls versioning=semver registryUrl=https://github.com gnutls-version: 3.8.8 wolfssl-version: master # renovate: datasource=github-tags depName=ngtcp2/nghttp3 versioning=semver registryUrl=https://github.com nghttp3-version: 1.6.0 # renovate: datasource=github-tags depName=ngtcp2/ngtcp2 versioning=semver registryUrl=https://github.com ngtcp2-version: 1.8.1 # renovate: datasource=github-tags depName=nghttp2/nghttp2 versioning=semver registryUrl=https://github.com nghttp2-version: 1.64.0 # renovate: datasource=github-tags depName=cloudflare/quiche versioning=semver registryUrl=https://github.com quiche-version: 0.22.0 jobs: setup: runs-on: ubuntu-latest outputs: wolfssl-version: ${{ steps.wolfssl-version.outputs.result }} steps: - id: wolfssl-version uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7 with: result-encoding: string script: | let version = '${{ env.wolfssl-version }}' if (version != 'master') { return version } let { data: commits } = await github.rest.repos.listCommits({ owner: 'wolfSSL', repo: 'wolfssl', }) return commits[0].sha build-cache: needs: - setup runs-on: ubuntu-latest steps: - name: cache quictls uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 id: cache-quictls-no-deprecated env: cache-name: cache-quictls-no-deprecated with: path: /home/runner/quictls/build key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.quictls-version }}-quic1 - name: cache gnutls uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 id: cache-gnutls env: cache-name: cache-gnutls with: path: /home/runner/gnutls/build key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.gnutls-version }} - name: cache wolfssl uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 id: cache-wolfssl env: cache-name: cache-wolfssl wolfssl-version: ${{ needs.setup.outputs.wolfssl-version }} with: path: /home/runner/wolfssl/build key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.wolfssl-version }} - name: cache nghttp3 uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 id: cache-nghttp3 env: cache-name: cache-nghttp3 with: path: /home/runner/nghttp3/build key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp3-version }} - name: cache ngtcp2 uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 id: cache-ngtcp2 env: cache-name: cache-ngtcp2 with: path: /home/runner/ngtcp2/build key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.ngtcp2-version }} - name: cache nghttp2 uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 id: cache-nghttp2 env: cache-name: cache-nghttp2 with: path: /home/runner/nghttp2/build key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp2-version }} - id: settings if: | steps.cache-quictls-no-deprecated.outputs.cache-hit != 'true' || steps.cache-gnutls.outputs.cache-hit != 'true' || steps.cache-wolfssl.outputs.cache-hit != 'true' || steps.cache-nghttp3.outputs.cache-hit != 'true' || steps.cache-ngtcp2.outputs.cache-hit != 'true' || steps.cache-nghttp2.outputs.cache-hit != 'true' run: | echo 'needs-build=true' >> $GITHUB_OUTPUT - name: install build prereqs if: steps.settings.outputs.needs-build == 'true' run: | sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list sudo apt-get update -y sudo apt-get install -y --no-install-suggests --no-install-recommends \ libtool autoconf automake pkgconf stunnel4 \ libpsl-dev libbrotli-dev libzstd-dev zlib1g-dev libev-dev libc-ares-dev \ nettle-dev libp11-kit-dev libtspi-dev libunistring-dev guile-2.2-dev libtasn1-bin \ libtasn1-6-dev libidn2-0-dev gawk gperf libtss2-dev dns-root-data bison gtk-doc-tools \ texinfo texlive texlive-extra-utils autopoint libev-dev \ apache2 apache2-dev libnghttp2-dev echo 'CC=gcc-12' >> $GITHUB_ENV echo 'CXX=g++-12' >> $GITHUB_ENV - if: steps.cache-quictls-no-deprecated.outputs.cache-hit != 'true' run: | cd $HOME git clone --quiet --depth=1 -b openssl-${{ env.quictls-version }}-quic1 https://github.com/quictls/openssl quictls cd quictls ./config no-deprecated --prefix=$PWD/build --libdir=lib make make -j1 install_sw name: 'build quictls' - if: steps.cache-gnutls.outputs.cache-hit != 'true' run: | cd $HOME git clone --quiet --depth=1 -b ${{ env.gnutls-version }} https://github.com/gnutls/gnutls.git cd gnutls ./bootstrap ./configure --disable-dependency-tracking --prefix=$PWD/build \ LDFLAGS="-Wl,-rpath,$PWD/build/lib -L$PWD/build/lib" \ --with-included-libtasn1 --with-included-unistring \ --disable-guile --disable-doc --disable-tests --disable-tools make make install name: 'build gnutls' - if: steps.cache-wolfssl.outputs.cache-hit != 'true' env: wolfssl-version: ${{ needs.setup.outputs.wolfssl-version }} run: | cd $HOME mkdir wolfssl cd wolfssl git init git remote add origin https://github.com/wolfSSL/wolfssl.git git fetch origin --depth=1 ${{ env.wolfssl-version }} git checkout ${{ env.wolfssl-version }} ./autogen.sh ./configure --disable-dependency-tracking --enable-all --enable-quic --prefix=$PWD/build make make install name: 'build wolfssl' - if: steps.cache-nghttp3.outputs.cache-hit != 'true' run: | cd $HOME git clone --quiet --depth=1 -b v${{ env.nghttp3-version }} https://github.com/ngtcp2/nghttp3 cd nghttp3 git submodule update --init --depth=1 autoreconf -fi ./configure --disable-dependency-tracking --prefix=$PWD/build PKG_CONFIG_PATH="$PWD/build/lib/pkgconfig" --enable-lib-only make make install name: 'build nghttp3' - if: steps.cache-ngtcp2.outputs.cache-hit != 'true' run: | cd $HOME git clone --quiet --depth=1 -b v${{ env.ngtcp2-version }} https://github.com/ngtcp2/ngtcp2 cd ngtcp2 autoreconf -fi ./configure --disable-dependency-tracking --prefix=$PWD/build \ PKG_CONFIG_PATH="$PWD/build/lib/pkgconfig:$HOME/quictls/build/lib/pkgconfig:$HOME/gnutls/build/lib/pkgconfig:$HOME/wolfssl/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig" \ --enable-lib-only --with-openssl --with-gnutls --with-wolfssl make install name: 'build ngtcp2' - if: steps.cache-nghttp2.outputs.cache-hit != 'true' run: | cd $HOME git clone --quiet --depth=1 -b v${{ env.nghttp2-version }} https://github.com/nghttp2/nghttp2 cd nghttp2 autoreconf -fi ./configure --disable-dependency-tracking --prefix=$PWD/build \ PKG_CONFIG_PATH="$HOME/build/lib/pkgconfig:$HOME/quictls/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig" \ LDFLAGS="-Wl,-rpath,$HOME/quictls/build/lib" \ --enable-http3 make install name: 'build nghttp2' linux: name: ${{ matrix.build.generate && 'CM' || 'AM' }} ${{ matrix.build.name }} needs: - setup - build-cache runs-on: 'ubuntu-24.04' timeout-minutes: 45 strategy: fail-fast: false matrix: build: - name: quictls PKG_CONFIG_PATH: '$HOME/quictls/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig' configure: >- LDFLAGS="-Wl,-rpath,$HOME/quictls/build/lib" --with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug --disable-ntlm --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" --with-openssl=$HOME/quictls/build - name: gnutls PKG_CONFIG_PATH: '$HOME/gnutls/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig' configure: >- LDFLAGS="-Wl,-rpath,$HOME/gnutls/build/lib" --with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" --with-gnutls=$HOME/gnutls/build - name: wolfssl PKG_CONFIG_PATH: '$HOME/wolfssl/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig' configure: >- LDFLAGS="-Wl,-rpath,$HOME/wolfssl/build/lib" --with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" --with-wolfssl=$HOME/wolfssl/build - name: wolfssl PKG_CONFIG_PATH: '$HOME/wolfssl/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig' generate: >- -DCURL_USE_WOLFSSL=ON -DUSE_NGTCP2=ON -DENABLE_DEBUG=ON -DTEST_NGHTTPX="$HOME/nghttp2/build/bin/nghttpx" -DHTTPD_NGHTTPX="$HOME/nghttp2/build/bin/nghttpx" - name: openssl-quic PKG_CONFIG_PATH: '$HOME/openssl/build/lib64/pkgconfig' configure: >- LDFLAGS="-Wl,-rpath,$HOME/openssl/build/lib64" --enable-warnings --enable-werror --enable-debug --disable-ntlm --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" --with-openssl=$HOME/openssl/build --with-openssl-quic --with-nghttp3=$HOME/nghttp3/build - name: quiche configure: >- LDFLAGS="-Wl,-rpath,$HOME/quiche/target/release" --with-openssl=$HOME/quiche/quiche/deps/boringssl/src --enable-warnings --enable-werror --enable-debug --with-quiche=$HOME/quiche/target/release --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" --with-ca-fallback - name: quiche PKG_CONFIG_PATH: '$HOME/quiche/target/release' generate: >- -DOPENSSL_ROOT_DIR=$HOME/quiche/quiche/deps/boringssl/src -DENABLE_DEBUG=ON -DUSE_QUICHE=ON -DTEST_NGHTTPX="$HOME/nghttp2/build/bin/nghttpx" -DHTTPD_NGHTTPX="$HOME/nghttp2/build/bin/nghttpx" -DCURL_CA_FALLBACK=ON steps: - run: | sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list sudo apt-get update -y sudo apt-get install -y --no-install-suggests --no-install-recommends \ libtool autoconf automake ninja-build pkgconf stunnel4 \ libpsl-dev libbrotli-dev libzstd-dev zlib1g-dev libev-dev libc-ares-dev \ nettle-dev libp11-kit-dev libtspi-dev libunistring-dev guile-2.2-dev libtasn1-bin \ libtasn1-6-dev libidn2-0-dev gawk gperf libtss2-dev dns-root-data bison gtk-doc-tools \ texinfo texlive texlive-extra-utils autopoint libev-dev \ apache2 apache2-dev libnghttp2-dev vsftpd echo 'CC=gcc-12' >> $GITHUB_ENV echo 'CXX=g++-12' >> $GITHUB_ENV name: 'install prereqs' - name: cache quictls uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 id: cache-quictls-no-deprecated env: cache-name: cache-quictls-no-deprecated with: path: /home/runner/quictls/build key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.quictls-version }} fail-on-cache-miss: true - name: cache gnutls if: matrix.build.name == 'gnutls' uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 id: cache-gnutls env: cache-name: cache-gnutls with: path: /home/runner/gnutls/build key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.gnutls-version }} fail-on-cache-miss: true - name: cache wolfssl if: matrix.build.name == 'wolfssl' uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 id: cache-wolfssl env: cache-name: cache-wolfssl wolfssl-version: ${{ needs.setup.outputs.wolfssl-version }} with: path: /home/runner/wolfssl/build key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.wolfssl-version }} fail-on-cache-miss: true - name: cache nghttp3 uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 id: cache-nghttp3 env: cache-name: cache-nghttp3 with: path: /home/runner/nghttp3/build key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp3-version }} fail-on-cache-miss: true - name: cache ngtcp2 uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 id: cache-ngtcp2 env: cache-name: cache-ngtcp2 with: path: /home/runner/ngtcp2/build key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.ngtcp2-version }} fail-on-cache-miss: true - name: cache nghttp2 uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 id: cache-nghttp2 env: cache-name: cache-nghttp2 with: path: /home/runner/nghttp2/build key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp2-version }} fail-on-cache-miss: true - name: cache openssl if: matrix.build.name == 'openssl-quic' uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 id: cache-openssl env: cache-name: cache-openssl with: path: /home/runner/openssl/build key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.openssl-version }} - name: 'install openssl' if: matrix.build.name == 'openssl-quic' && steps.cache-openssl.outputs.cache-hit != 'true' run: | git clone --quiet --depth=1 -b openssl-${{ env.openssl-version }} https://github.com/openssl/openssl cd openssl ./config --prefix=$HOME/openssl/build make -j1 install_sw cat exporters/openssl.pc - name: cache quiche if: matrix.build.name == 'quiche' uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 id: cache-quiche env: cache-name: cache-quiche with: path: /home/runner/quiche key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.quiche-version }} - if: matrix.build.name == 'quiche' && steps.cache-quiche.outputs.cache-hit != 'true' run: | cd $HOME git clone --quiet --depth=1 -b ${{ env.quiche-version }} --recursive https://github.com/cloudflare/quiche.git cd quiche #### Work-around https://github.com/curl/curl/issues/7927 ####### #### See https://github.com/alexcrichton/cmake-rs/issues/131 #### sed -i -e 's/cmake = "0.1"/cmake = "=0.1.45"/' quiche/Cargo.toml cargo build -v --package quiche --release --features ffi,pkg-config-meta,qlog --verbose ln -s libquiche.so target/release/libquiche.so.0 mkdir -v quiche/deps/boringssl/src/lib ln -vnf $(find target/release -name libcrypto.a -o -name libssl.a) quiche/deps/boringssl/src/lib/ # include dir # $HOME/quiche/quiche/deps/boringssl/src/include # lib dir # $HOME/quiche/quiche/deps/boringssl/src/lib name: 'build quiche and boringssl' - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - run: autoreconf -fi if: ${{ matrix.build.configure }} name: 'autoreconf' - name: 'configure' run: | if [ -n '${{ matrix.build.PKG_CONFIG_PATH }}' ]; then export PKG_CONFIG_PATH="${{ matrix.build.PKG_CONFIG_PATH }}" fi if [ -n '${{ matrix.build.generate }}' ]; then cmake -B . -G Ninja \ -DCMAKE_C_COMPILER_TARGET=$(uname -m)-pc-linux-gnu -DBUILD_STATIC_LIBS=ON \ -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON \ -DCURL_BROTLI=ON -DCURL_ZSTD=ON \ ${{ matrix.build.generate }} else ./configure --disable-dependency-tracking --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ ${{ matrix.build.configure }} fi - name: 'configure log' if: ${{ !cancelled() }} run: cat config.log CMakeFiles/CMakeConfigureLog.yaml 2>/dev/null || true - name: 'curl_config.h' run: | echo '::group::raw'; cat lib/curl_config.h || true; echo '::endgroup::' grep -F '#define' lib/curl_config.h | sort || true - name: 'test configs' run: | cat tests/config || true cat tests/http/config.ini || true - name: 'build' run: | if [ -n '${{ matrix.build.generate }}' ]; then cmake --build . --verbose else make V=1 fi - run: ./src/curl -V name: 'check curl -V output' - name: 'build tests' run: | if [ -n '${{ matrix.build.generate }}' ]; then cmake --build . --verbose --target testdeps else make V=1 -C tests fi - name: 'install test prereqs' run: | sudo python3 -m pip install --break-system-packages -r tests/requirements.txt - name: 'run tests' env: TFLAGS: "${{ matrix.build.tflags }}" run: | if [ -n '${{ matrix.build.generate }}' ]; then cmake --build . --verbose --target test-ci else make V=1 test-ci fi - name: 'install pytest prereqs' run: | sudo python3 -m pip install --break-system-packages -r tests/http/requirements.txt - name: 'run pytest' env: TFLAGS: "${{ matrix.build.tflags }}" CURL_CI: github run: | if [ -n '${{ matrix.build.generate }}' ]; then cmake --build . --verbose --target curl-pytest-ci else make V=1 pytest-ci fi - name: 'build examples' run: | if [ -n '${{ matrix.build.generate }}' ]; then cmake --build . --verbose --target curl-examples else make V=1 examples fi