diff options
| author | Jacob Hoffman-Andrews <github@hoffman-andrews.com> | 2021-03-16 17:09:47 -0700 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2021-03-21 00:16:32 +0100 |
| commit | 2e444a17d4ae3976ea69865dd2a63ba0fb40267f (patch) | |
| tree | f65bf4f9626b3fc2383a99505f81d8e3b1120efc | |
| parent | 7488ef296015f3a1b90f9743903221e154d339cf (diff) | |
| download | curl-2e444a17d4ae3976ea69865dd2a63ba0fb40267f.tar.gz | |
docs: document version of crustls dependency
This also pins a specific release in the Travis test so future
API-breaking changins in crustls won't break curl builds.
Add RUSTLS documentation to release tarball.
Enable running tests for rustls, minus FTP tests (require
connect_blocking, which rustls doesn't implement) and 313 (requires CRL
handling).
Closes #6763
| -rw-r--r-- | .travis.yml | 2 | ||||
| -rw-r--r-- | docs/Makefile.am | 1 | ||||
| -rw-r--r-- | docs/RUSTLS.md | 26 | ||||
| -rwxr-xr-x | scripts/travis/before_script.sh | 4 | ||||
| -rwxr-xr-x | scripts/travis/script.sh | 6 |
5 files changed, 36 insertions, 3 deletions
diff --git a/.travis.yml b/.travis.yml index 1153bd59d..69df43d00 100644 --- a/.travis.yml +++ b/.travis.yml @@ -125,7 +125,7 @@ jobs: - libbrotli-dev - libzstd-dev - env: - - T=debug RUSTLS="yes" C="--with-rustls=$HOME/crust --without-ssl" NOTESTS=1 + - T=debug-rustls RUSTLS_VERSION="v0.4.0" C="--with-rustls=$HOME/crust --without-ssl" addons: apt: <<: *common_apt diff --git a/docs/Makefile.am b/docs/Makefile.am index 5318ce206..b98c51e29 100644 --- a/docs/Makefile.am +++ b/docs/Makefile.am @@ -80,6 +80,7 @@ EXTRA_DIST = \ PARALLEL-TRANSFERS.md \ README.md \ RELEASE-PROCEDURE.md \ + RUSTLS.md \ ROADMAP.md \ SECURITY-PROCESS.md \ SSL-PROBLEMS.md \ diff --git a/docs/RUSTLS.md b/docs/RUSTLS.md new file mode 100644 index 000000000..39d96ab60 --- /dev/null +++ b/docs/RUSTLS.md @@ -0,0 +1,26 @@ +# Rustls + +[Rustls is a TLS backend written in Rust.](https://docs.rs/rustls/). Curl can +be built to use it as an alternative to OpenSSL or other TLS backends. We use +the [crustls C bindings](https://github.com/abetterinternet/crustls/). This +version of curl depends on version v0.4.0 of crustls. + +# Building with rustls + +First, [install Rust](https://rustup.rs/). + +Next, check out, build, and install the appropriate version of crustls: + + % cargo install cbindgen + % git clone https://github.com/abetterinternet/crustls/ -b v0.4.0 + % cd crustls + % make + % make DESTDIR=${HOME}/crustls-built/ install + +Now configure and build curl with rustls: + + % git clone https://github.com/curl/curl + % cd curl + % ./buildconf + % ./configure --without-ssl --with-rustls=${HOME}/crustls-built + % make diff --git a/scripts/travis/before_script.sh b/scripts/travis/before_script.sh index 181b2e286..96825f0ab 100755 --- a/scripts/travis/before_script.sh +++ b/scripts/travis/before_script.sh @@ -126,9 +126,9 @@ if [ "$TRAVIS_OS_NAME" = linux -a "$QUICHE" ]; then ln -vnf $(find target/release -name libcrypto.a -o -name libssl.a) deps/boringssl/src/lib/ fi -if [ "$TRAVIS_OS_NAME" = linux -a "$RUSTLS" ]; then +if [ "$TRAVIS_OS_NAME" = linux -a "$RUSTLS_VERSION" ]; then cd $HOME - git clone --depth=1 --recursive https://github.com/abetterinternet/crustls.git + git clone --depth=1 --recursive https://github.com/abetterinternet/crustls.git -b "$RUSTLS_VERSION" curl https://sh.rustup.rs -sSf | sh -s -- -y source $HOME/.cargo/env cargo install cbindgen diff --git a/scripts/travis/script.sh b/scripts/travis/script.sh index 9a35affea..0cb5df1fd 100755 --- a/scripts/travis/script.sh +++ b/scripts/travis/script.sh @@ -70,6 +70,12 @@ if [ "$T" = "debug-mesalink" ]; then make "TFLAGS=-n !313 !410 !3001" test-nonflaky fi +if [ "$T" = "debug-rustls" ]; then + ./configure --enable-debug --enable-werror $C + make + make "TFLAGS=HTTPS !313" test-nonflaky +fi + if [ "$T" = "novalgrind" ]; then ./configure --enable-werror $C make |