Syncing this up with CMake.
Source code uses the built-in `OPENSSL_IS_AWSLC` and
`OPENSSL_IS_BORINSSL` macros to detect BoringSSL and AWS-LC. No help is
necessary from the build tools.
The one use of `HAVE_BORINGSSL` in the source turned out to be no longer
necessary for warning-free BoringSSL + Schannel builds. Ref: #1610#2634
autotools detects this anyway for display purposes.
CMake detects this to decide whether to use the BoringSSL-specific
crypto lib with ngtcp2. It detects AWS-LC, but doesn't use the detection
result just yet (planned in #12066).
Ref: #11964
Reviewed-by: Daniel Stenberg
Reviewed-by: Jay Satiro
Closes#12065
We removed C89 `setjmp.h` and `signal.h` detections and excluded them
from the global header list we use when detecting functions [1]. Then
missed to re-add these headers to the specific functions which need
them to be detected [2]. Fix this omission in this patch.
[1] Follow-up to 3795fcde99#11951
[2] Follow-up to 96c29900bc#11940Closes#12043
- cmake: detect OpenLDAP based on function `ldap_init_fd`.
autotools does this. autotools also publishes this detection result
in `HAVE_LDAP_INIT_FD`. We don't mimic that with CMake as the source
doesn't use this value. (it might need to be remove-listed in
`scripts/cmp-config.pl` for future OpenLDAP test builds.)
This also deletes existing self-declaration method via the
CMake-specific `CURL_USE_OPENLDAP` configuration.
- cmake: define `LDAP_DEPRECATED=1` for OpenLDAP.
Like autotools does. This fixes a long list of these warnings:
```
/usr/local/opt/openldap/include/ldap.h:1049:5: warning: 'LDAP_DEPRECATED' is not defined, evaluates to 0 [-Wundef]
```
- cmake: delete LDAP TODO comment no longer relevant.
Also:
- autotools: replace domain name `dummy` with `0.0.0.0` in LDAP feature
detection functions.
Ref: #11964 (effort to sync cmake detections with autotools)
Closes#12024
Left there by accident after adding proper detection for this.
Follow-up to 772f0d8edf#12006
Ref: #11964 (effort to sync cmake detections with autotools)
Closes#12015
Found the root cause of the startup crash in unity builds with Unicode
and TrackMemory enabled at the same time.
We must make sure that the `memdebug.h` header doesn't apply to
`lib/curl_multibyte.c` (as even noted in a comment there.) In unity
builds all headers apply to all sources, including `curl_multibyte.c`.
This probably resulted in an infinite loop on startup.
Exclude this source from unity compilation with TrackMemory enabled,
in both libcurl and curl tool. Enable unity mode for a debug Unicode
CI job to keep it tested. Also delete the earlier workaround that
fully disabled unity for affected builds.
Follow-up to d82b080f63#12005
Follow-up to 3f8fc25720#11095Closes#11928
"TrackMemory" is `ENABLE_DEBUG=ON` (aka `ENABLE_CURLDEBUG=ON`,
aka `-DCURLDEBUG`).
There is an issue with memory tracking and Unicode when built in "unity"
mode, which results in the curl tool crashing right on startup, even
without any command-line option. Interestingly this doesn't happen under
WINE (at least on the system I tested this on), but consistenly happens
on real Windows machines. Crash is 0xC0000374 heap corruption. Both
shared and static curl executables are affected.
This limitation probably won't hit too many people, but it remains
a TODO to find and fix the root cause and drop this workaround.
Example builds and runs:
https://ci.appveyor.com/project/curlorg/curl/builds/48169111/job/17cptxhtpubd7iwj#L313 (static)
https://ci.appveyor.com/project/curlorg/curl/builds/48169111/job/76e1ge758tbyqu9c#L317 (shared)
Follow-up to 3f8fc25720#11095
Ref: #11928Closes#12005
- set `HAVE_LDAP_URL_PARSE` if `ldap_url_parse` function exists.
Before this patch we set it based it on the presence of `stricmp`,
which correctly enabled it on e.g. Windows, but was inaccurate for
other platforms.
- always set `HAVE_LDAP_SSL` if an LDAP backend is detected and
LDAPS is not explicitly disabled. This mimics autotools behaviour.
Previously we set it only for Windows LDAP. After this fix, LDAPS is
correctly enabled in default macOS builds.
- enable LDAP[S] for a CMake macOS CI job. Target OS X 10.9 (Mavericks)
to avoid deprecation warnings for LDAP API.
- always detect `HAVE_LDAP_SSL_H`, even with LDAPS explicitly disabled.
This doesn't make much sense, but let's do it to sync behaviour with
autotools.
- fix benign typo in variable name.
Ref: #11964 (effort to sync cmake detections with autotools)
Closes#12006
Before this patch CMake builds accepted any value and it was used at
runtime as-is. This patch make sure that the selected default backend
is also enabled in the build. It also enforces a full lowercase value.
This improves reproducibility and brings CMake in sync with autotools
which already worked like described above.
Follow-up to 26c7feb8b9#11774Closes#11998
Based on existing autotools logic.
autotools checks for old versions of the allowlisted target OSes and
disables this feature when seeing them. In CMake we assume we're running
on newer systems and enable regardless of OS version.
autotools always runs all 3 probes for non-fast-tracked systems and
enables this feature if any one of them was successful. To save
configuration time, CMake stops at the first successful check.
OpenBSD is not fast-tracked and then gets blocklisted as a generic BSD
system. I haven't double-checked if this is correct, but looks odd.
Ref: #11964 (effort to sync cmake detections with autotools)
Closes#11979
- check for arc4random. To make rand.c use it accordingly.
- check for fcntl
- fix fseek detection
- add SIZEOF_CURL_SOCKET_T
- fix USE_UNIX_SOCKETS
- define HAVE_SNPRINTF to 1
- check for fnmatch
- check for sched_yield
- remove HAVE_GETPPID duplicate from curl_config.h
- add HAVE_SENDMSG
Ref: #11964
Co-authored-by: Viktor Szakats
Closes#11973
With new option `CURL_DISABLE_SRP=ON` to force-disable it.
To match existing option and detection logic in autotools.
Also:
- fix detecting GnuTLS.
We assume `nettle` as a GnuTLS dependency.
- add CMake GnuTLS CI job.
- bump AppVeyor CMake OpenSSL MSVC job to OpenSSL 1.1.1 (from 1.0.2)
TLS-SRP fails to detect with 1.0.2 due to an OpenSSL header bug.
- fix compiler warning when building with GnuTLS and disabled TLS-SRP.
- fix comment typos, whitespace.
Ref: #11964Closes#11967
- `HAVE_MEMRCHR` for `memrchr`.
- `HAVE_GETIFADDRS` for `getifaddrs`.
This was present in `lib/curl_config.h.cmake` but missed the detection
logic.
To match existing autotools feature checks.
Closes#11954
Before this patch we added standard headers unconditionally to the
global list of headers used for feature checks. This is unnecessary
and also doesn't help CMake 'Generate' performance. This patch moves
these headers to each feature check where they are actually needed.
Stop using `stddef.h`, as it seems unnecessary.
I've used autotools' `m4/curl-functions.m4` to figure out these
dependencies.
Also delete checking for the C89 standard header `time.h`, that I
missed in the earlier commit.
Ref: 96c29900bc#11940Closes#11951
Delete checks and guards for standard C89 headers and assume these are
available: `stdio.h`, `string.h`, `time.h`, `setjmp.h`, `stdlib.h`,
`stddef.h`, `signal.h`.
Some of these we already used unconditionally, some others we only used
for feature checks.
Follow-up to 9c7165e96a#11918 (for `stdio.h` in CMake)
Closes#11940
fseek uses long offset which does not match with curl_off_t. This leads
to undefined behavior when calling the callback and caused failure on
arm 32 bit.
Use a wrapper to solve this and use fseeko which uses off_t instead of
long.
Thanks to the nice people at Libera IRC #musl for helping finding this
out.
Fixes#11882Fixes#11900Closes#11918
Using the system's provided arpa/tftp.h and optimizing, GCC 12 detects
and reports a stringop-overread warning:
tftpd.c: In function ‘write_behind.isra’:
tftpd.c:485:12: warning: ‘write’ reading between 1 and 2147483647 bytes from a region of size 0 [-Wstringop-overread]
485 | return write(test->ofile, writebuf, count);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from tftpd.c:71:
/usr/include/arpa/tftp.h:58:30: note: source object ‘tu_data’ of size 0
58 | char tu_data[0]; /* data or error string */
| ^~~~~~~
This occurs because writebuf points to this field and the latter
cannot be considered as being of dynamic length because it is not
the last field in the structure. Thus it is bound to its declared
size.
This commit always uses curl's own version of tftp.h where the
target field is last in its structure, effectively avoiding the
warning.
As HAVE_ARPA_TFTP_H is not used anymore, cmake/configure checks for
arpa/tftp.h are removed.
Closes#11897
When linking with CoreFoundation, also link with CoreServices which is
apparently required to avoid an NSInvalidArgumentException in software
linking with libcurl on macOS Sonoma 14 and later.
Fixes#11893Closes#11894
Allow overriding the default TLS backend via a CMake setting.
E.g.:
`cmake [...] -DCURL_DEFAULT_SSL_BACKEND=mbedtls`
Accepted values: bearssl, gnutls, mbedtls, openssl, rustls,
schannel, secure-transport, wolfssl
The passed string is baked into the curl/libcurl binaries.
The value is case-insensitive.
We added a similar option to autotools in 2017 via
c7170e20d0.
TODO: Convert to lowercase to improve reproducibility.
Closes#11774
- delete completed TODO from `./CMakeLists.txt`.
- convert a C++ comment to C89 in `./CMake/CurlTests.c`.
- delete duplicate EOLs from EOF.
- add missing EOL at EOF.
- delete whitespace at EOL (except from expected test results).
- convert tabs to spaces.
- convert CRLF EOLs to LF in GHA yaml.
- text casing fixes in `./CMakeLists.txt`.
- fix a codespell typo in `packages/OS400/initscript.sh`.
Closes#11772
- with CMake, use the variable `WINDOWS_STORE` to detect an UWP build
and disable our non-UWP-compatible use the Windows crypto API. This
allows to drop two dynamic feature checks.
`WINDOWS_STORE` is true when invoking CMake with
`CMAKE_SYSTEM_NAME` == `WindowsStore`. Introduced in CMake v3.1.
Ref: https://cmake.org/cmake/help/latest/variable/WINDOWS_STORE.html
- with autotools, drop the separate feature check for `wincrypt.h`. On
one hand this header has been present for long (even Borland C 5.5 had
it from year 2000), on the other we used the check result solely to
enable another check for certain crypto functions. This fails anyway
with the header not present. We save one dynamic feature check at the
configure stage.
Reviewed-by: Marcel Raad
Closes#11657
This system library first shipped with Windows ME, available as an extra
install for some older releases (according to [1]). The import library
was present already in old MinGW 3.4.2 (year 2007).
Drop the feature check and its associated `HAVE_WLDAP32` variable.
To manually disable `wldap32`, you can use the `USE_WIN32_LDAP=OFF`
CMake option, like before.
[1]: https://dlcdn.apache.org/httpd/binaries/win32/LEGACY.html
Reviewed-by: Jay Satiro
Closes#11624
- `HAVE_LIBWINMM` was detected but unused. The `winmm` system library is
also not used by curl, but it is by its optional dependency `librtmp`.
Change the logic to always add `winmm` when `USE_LIBRTMP` is set. This
library has been available since the early days of Windows.
- `HAVE_LIBWS2_32` detected `ws2_32` lib on Windows. This lib is present
since Windows 95 OSR2 (AFAIR). Winsock1 already wasn't supported and
other existing logic already assumed this lib being present, so delete
the check and replace the detection variable with `WIN32` and always
add `ws2_32` on Windows.
Closes#11612
- cache more Windows config results for faster initialization.
- delete unused config macros `HAVE_SYS_UTSNAME_H`, `HAVE_SSL_H`.
- delete dead references to `sys/utsname.h`.
Closes#11551
EGD is Entropy Gathering Daemon, a socket-based entropy source supported
by pre-OpenSSL v1.1 versions and now deprecated. curl also deprecated it
a while ago.
Its detection in CMake was broken all along because OpenSSL libs were
not linked at the point of feature check.
Delete detection from both cmake and autotools, along with the related
source snippet, and the `--with-egd-socket=` `./configure` option.
Closes#11556
Present in OpenSSL 1.1.0 and BoringSSL.
Missing from LibreSSL 3.8.0.
Follow-up to f39472ea9f
While here, also fix `RAND_egd()` detection which was broken, likely all
along. This feature is probably broken with CMake builds and also
requires a sufficiently obsolete OpenSSL version, so this part of the
update was not tested.
Closes#11555
Introduce a --enable-form-api configure option to control its inclusion
in builds. The condition name defined for it is CURL_DISABLE_FORM_API.
Form api code is dependent of MIME: configure and CMake handle this
dependency automatically: CMake by making it a dependent option
explicitly, configure by inheriting the MIME value by default and
rejecting explicit incompatible values.
"form-api" is now a new hidden test feature.
Update libcurl modules to respect this option and adjust tests
accordingly.
Closes#9621
Fix the distcheck CI failure and delete more NSS references.
Follow-up to 7c8bae0d9c
Reviewed-by: Marcel Raad
Reviewed-by: Daniel Stenberg
Closes#11548
This patch adds the ability to build a static and shared libcurl library
in a single build session. It also adds an option to select which one to
use when building the curl executable.
New build options:
- `BUILD_STATIC_LIBS`. Default: `OFF`.
Enabled automatically if `BUILD_SHARED_LIBS` is `OFF`.
- `BUILD_STATIC_CURL`. Default: `OFF`.
Requires `BUILD_STATIC_LIBS` enabled.
Enabled automatically if building static libcurl only.
- `STATIC_LIB_SUFFIX`. Default: empty.
- `IMPORT_LIB_SUFFIX`. Default: `_imp` if implib filename would collide
with static lib name (typically with MSVC) in Windows builds.
Otherwise empty.
Also:
- Stop setting the `CURL_STATICLIB` macro via `curl_config.h`, and pass
it directly to the compiler. This also allows to delete a condition
from `tests/server/CMakeLists.txt`.
- Complete a TODO by following the logic used in autotools (also for
`LIBCURL_NO_SHARED`), and set `-DCURL_STATICLIB` in `Cflags:` of
`libcurl.pc` for _static-only_ curl builds.
- Convert an existing CI test to build both shared and static libcurl.
Closes#11505
The CMake project was set to `QUIET` for Brotli instead of
`REQUIRED`. This makes builds unexpectedly ignore missing Brotli even
when `CURL_BROTLI` is enabled.
Closes#11376
Aka "jumbo" or "amalgamation" builds. It means to compile all sources
per target as a single C source. This is experimental.
You can enable it by passing `-DCMAKE_UNITY_BUILD=ON` to cmake.
It requires CMake 3.16 or newer.
It makes builds (much) faster, allows for better optimizations and tends
to promote less ambiguous code.
Also add a new AppVeyor CI job and convert an existing one to use
"unity" mode (one MSVC, one MinGW), and enable it for one macOS CI job.
Fix related issues:
- add missing include guard to `easy_lock.h`.
- rename static variables and functions (and a macro) with names reused
across sources, or shadowed by local variables.
- add an `#undef` after use.
- add a missing `#undef` before use.
- move internal definitions from `ftp.h` to `ftp.c`.
- `curl_memory.h` fixes to make it work when included repeatedly.
- stop building/linking curlx bits twice for a static-mode curl tool.
These caused doubly defined symbols in unity builds.
- silence missing extern declarations compiler warning for ` _CRT_glob`.
- fix extern declarations for `tool_freq` and `tool_isVistaOrGreater`.
- fix colliding static symbols in debug mode: `debugtime()` and
`statename`.
- rename `ssl_backend_data` structure to unique names for each
TLS-backend, along with the `ssl_connect_data` struct member
referencing them. This required adding casts for each access.
- add workaround for missing `[P]UNICODE_STRING` types in certain Windows
builds when compiling `lib/ldap.c`. To support "unity" builds, we had
to enable `SCHANNEL_USE_BLACKLISTS` for Schannel (a Windows
`schannel.h` option) _globally_. This caused an indirect inclusion of
Windows `schannel.h` from `ldap.c` via `winldap.h` to have it enabled
as well. This requires `[P]UNICODE_STRING` types, which is apperantly
not defined automatically (as seen with both MSVS and mingw-w64).
This patch includes `<subauth.h>` to fix it.
Ref: https://github.com/curl/curl/runs/13987772013
Ref: https://dev.azure.com/daniel0244/curl/_build/results?buildId=15827&view=logs&jobId=2c9f582d-e278-56b6-4354-f38a4d851906&j=2c9f582d-e278-56b6-4354-f38a4d851906&t=90509b00-34fa-5a81-35d7-5ed9569d331c
- tweak unity builds to compile `lib/memdebug.c` separately in memory
trace builds to avoid PP confusion.
- force-disable unity for test programs.
- do not compile and link libcurl sources to libtests _twice_ when libcurl
is built in static mode.
KNOWN ISSUES:
- running tests with unity builds may fail in cases.
- some build configurations/env may not compile in unity mode. E.g.:
https://ci.appveyor.com/project/curlorg/curl/builds/47230972/job/51wfesgnfuauwl8q#L250
Ref: https://github.com/libssh2/libssh2/issues/1034
Ref: https://cmake.org/cmake/help/latest/prop_tgt/UNITY_BUILD.html
Ref: https://en.wikipedia.org/wiki/Unity_buildCloses#11095
Extend existing picky compiler options with ones missing compared to
autotools builds. Also sync options between clang and gcc.
Redesign the way we enable these options to avoid the slow option
detection almost completely.
This reduces the number of detections from 35 to zero for clang and
3 for gcc, even after adding a bunch of new options.
clang 3.0 (2011-11-29) and gcc 2.95 (1999-07-31) now required.
Also show enabled picky options.
Ref: https://github.com/libssh2/libssh2/pull/952
Reviewed-by: Daniel Stenberg
Closes#10973
Logic copied earlier from wolfSSL. wolfSSL requires zlib headers for its
public headers. OpenSSL does not, so stop adding zlib headers for it.
Follow-up to 1e3319a167Closes#10878
* Configure changes to detect AWS-LC
* CMakeLists.txt changes to detect AWS-LC
* Compile-time branches needed to support AWS-LC
* Correctly set OSSL_VERSION and report AWS-LC release number
* GitHub Actions script to build with autoconf and cmake against AWS-LC
AWS-LC is a BoringSSL/OpenSSL derivative
For more information see https://github.com/awslabs/aws-lc/Closes#10320
- fix HTTP/3 support detection with OpenSSL/quictls built with ZLIB.
(Requires curl be built with ZLIB option also.)
- fix HTTP/3 support detection with OpenSSL/quictls/LibreSSL and `ld`
linker on Windows.
- fix HTTP/3 support detection with wolfSSL to automatically add
`ws2_32` to the lib list on Windows. For all linkers.
- reposition ZLIB (and other compression) detection _after_ TLS
detection, but before calling HTTP/3-support detection via
`CheckQuicSupportInOpenSSL`.
May be a regression from ebef55a61d
May fix#10832 (Reported-by: Micah Snyder)
This also seems to fix an odd case, where OpenSSL/quictls is correctly
detected, but its header path is not set while compiling, breaking
build at `src/curl_ntlm_core.c`. Reason for this remains undiscovered.
- satisfy "picky" linkers such as `ld` with MinGW, that are highly
sensitive to lib order, by also adding brotli to the beginning of the
lib list.
- satisfy "picky" linkers by adding certain Windows systems libs to
the lib list for OpenSSL/LibreSSL. (Might need additional ones for
other forks, such as `pthread` for BoringSSL.)
Note: It'd make sense to _always_ add `ws2_32`, `crypt32` (except
Windows App targets perhaps?), `bcrypt` (except old-mingw!) on Windows
at this point. They are almost always required, and if some aren't,
they are ignored by the linker with no effect on final binaries.
Closes#10857
