vacp2p/nim-ngtcp2
1
0
Fork 0
mirror of https://github.com/vacp2p/nim-ngtcp2.git synced 2026-01-08 04:33:56 -05:00
Code Issues Packages Projects Releases 4 Wiki Activity

Compare commits

base: vacp2p:v0.36.1
Branches Tags
vacp2p:main vacp2p:boringssl-asm vacp2p:awslc vacp2p:boring vacp2p:boringssl vacp2p:docs-improvement vacp2p:add-nim2-to-ci vacp2p:version-34 vacp2p:upgrade-ngtcp2 vacp2p:stylecheck
vacp2p:v0.39.0 vacp2p:v0.38.0 vacp2p:v0.37.0 vacp2p:v0.36.1 vacp2p:v0.36.0 vacp2p:v0.35.0 vacp2p:v0.34.0 vacp2p:0.33.0 vacp2p:0.32.0
...
compare: vacp2p:main
Branches Tags
vacp2p:boringssl-asm vacp2p:main vacp2p:awslc vacp2p:boring vacp2p:boringssl vacp2p:docs-improvement vacp2p:add-nim2-to-ci vacp2p:version-34 vacp2p:upgrade-ngtcp2 vacp2p:stylecheck
vacp2p:v0.39.0 vacp2p:v0.38.0 vacp2p:v0.37.0 vacp2p:v0.36.1 vacp2p:v0.36.0 vacp2p:v0.35.0 vacp2p:v0.34.0 vacp2p:0.33.0 vacp2p:0.32.0

4 Commits
v0.36.1 ... main

Author SHA1 Message Date
richΛrd
791eb85914 feat: replace picotls by BoringSSL (#21) 2025-10-15 21:40:54 -04:00
richΛrd
14adc588ba chore: remove nim 1.6 and macos-amd64 support (#20) 2025-09-03 16:09:24 -04:00
richΛrd
50c9d44f76 chore: make quictls optional (#19) 2025-09-03 16:09:11 -04:00
MorganaFuture
6ca91ea115 feat: add ngtcp2_crypto_quictls support (#18) 2025-08-18 17:09:12 -04:00
20 changed files with 71507 additions and 7674 deletions
Expand all files Collapse all files

14
.github/workflows/test.yml vendored
View File

@@ -25,15 +25,11 @@ jobs:
cpu: i386
- os: linux-gcc-14
cpu: amd64
- os: macos
cpu: amd64
- os: macos-14
cpu: arm64
- os: windows
cpu: amd64
nim:
- ref: version-1-6
memory_management: refc
- ref: version-2-0
memory_management: refc
include:
@@ -45,10 +41,6 @@ jobs:
os: linux-gcc-14
builder: ubuntu-24.04
shell: bash
- platform:
os: macos
builder: macos-13
shell: bash
- platform:
os: macos-14
builder: macos-14
@@ -62,7 +54,7 @@ jobs:
run:
shell: ${{ matrix.shell }}
name: '${{ matrix.platform.os }}-${{ matrix.platform.cpu }} (Nim ${{ matrix.nim.ref }})'
name: "${{ matrix.platform.os }}-${{ matrix.platform.cpu }} (Nim ${{ matrix.nim.ref }})"
runs-on: ${{ matrix.builder }}
steps:
- name: Checkout
@@ -93,7 +85,7 @@ jobs:
nimble install
- name: Use gcc 14
if : ${{ matrix.platform.os == 'linux-gcc-14'}}
if: ${{ matrix.platform.os == 'linux-gcc-14'}}
run: |
# Add GCC-14 to alternatives
sudo update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-14 14
@@ -102,7 +94,7 @@ jobs:
sudo update-alternatives --set gcc /usr/bin/gcc-14
- name: Install deps (windows)
if : ${{ matrix.platform.os == 'windows'}}
if: ${{ matrix.platform.os == 'windows'}}
run: |
pacman -S --noconfirm base-devel gcc

6
.gitmodules vendored
View File

@@ -1,6 +1,6 @@
[submodule "libs/ngtcp2"]
path = libs/ngtcp2
url = https://github.com/ngtcp2/ngtcp2
[submodule "libs/picotls"]
path = libs/picotls
url = https://github.com/h2o/picotls
[submodule "libs/boringssl"]
path = libs/boringssl
url = https://boringssl.googlesource.com/boringssl

14
README.md
View File

@@ -1,18 +1,14 @@
ngtcp2 for Nim
==============
# ngtcp2 for Nim
[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT)
[![License: Apache](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
![Github action](https://github.com/status-im/nim-bearssl/workflows/CI/badge.svg)
<img src="https://img.shields.io/badge/nim-%3E%3D1.2.0-orange.svg?style=flat-square" />
Wrapper around the [ngtcp2](https://github.com/ngtcp2/ngtcp2) C library for
[Nim](https://nim-lang.org/).
Updating to a newer version
---------------------------
## Updating to a newer version
Follow these steps when updating the wrapper to a newer version of ngtcp2:
@@ -21,3 +17,9 @@ Follow these steps when updating the wrapper to a newer version of ngtcp2:
- run `build.sh` (requires Nim, CMake and clang to be installed)
- increase the `version` property in the `ngtcp2.nimble` file
- commit the changes
### Enabling QuicTLS
```
`-d:ngtcp2_enable_quictls`
```

309
boringssl.nim Normal file
View File

@@ -0,0 +1,309 @@
# libcrypto + libssl sources without cmake, no-asm, no fips, no tests, tools
# TODO: look into use assembly files for perf
# ----- toolchain + includes -----
{.passc: "-DBORINGSSL_IMPLEMENTATION -DOPENSSL_NO_ASM -DS2N_BN_HIDE_SYMBOLS".}
{.localPassC: "-ffunction-sections -fdata-sections -fno-exceptions -fno-rtti".}
{.passc: "-I./libs/boringssl/include".}
when not defined(release):
{.localPassC: "-DNDEBUG".}
# link stdc++/pthread as needed
when defined(macosx):
{.localPassC: "-lc++".}
elif defined(linux):
{.localPassC: "-D_XOPEN_SOURCE=700".}
{.localPassC: "-lstdc++".}
elif defined(windows):
{.
localPassC:
"-D_HAS_EXCEPTIONS=0 -DWIN32_LEAN_AND_MEAN -DNOMINMAX -D_CRT_SECURE_NO_WARNINGS"
.}
# ----- generated sources -----
{.compile: "./libs/boringssl/crypto/fipsmodule/bcm.cc".}
{.compile: "./libs/boringssl/crypto/aes/aes.cc".}
{.compile: "./libs/boringssl/crypto/asn1/a_bitstr.cc".}
{.compile: "./libs/boringssl/crypto/asn1/a_bool.cc".}
{.compile: "./libs/boringssl/crypto/asn1/a_d2i_fp.cc".}
{.compile: "./libs/boringssl/crypto/asn1/a_dup.cc".}
{.compile: "./libs/boringssl/crypto/asn1/a_gentm.cc".}
{.compile: "./libs/boringssl/crypto/asn1/a_i2d_fp.cc".}
{.compile: "./libs/boringssl/crypto/asn1/a_int.cc".}
{.compile: "./libs/boringssl/crypto/asn1/a_mbstr.cc".}
{.compile: "./libs/boringssl/crypto/asn1/a_object.cc".}
{.compile: "./libs/boringssl/crypto/asn1/a_octet.cc".}
{.compile: "./libs/boringssl/crypto/asn1/a_strex.cc".}
{.compile: "./libs/boringssl/crypto/asn1/a_strnid.cc".}
{.compile: "./libs/boringssl/crypto/asn1/a_time.cc".}
{.compile: "./libs/boringssl/crypto/asn1/a_type.cc".}
{.compile: "./libs/boringssl/crypto/asn1/a_utctm.cc".}
{.compile: "./libs/boringssl/crypto/asn1/asn1_lib.cc".}
{.compile: "./libs/boringssl/crypto/asn1/asn1_par.cc".}
{.compile: "./libs/boringssl/crypto/asn1/asn_pack.cc".}
{.compile: "./libs/boringssl/crypto/asn1/f_int.cc".}
{.compile: "./libs/boringssl/crypto/asn1/f_string.cc".}
{.compile: "./libs/boringssl/crypto/asn1/posix_time.cc".}
{.compile: "./libs/boringssl/crypto/asn1/tasn_dec.cc".}
{.compile: "./libs/boringssl/crypto/asn1/tasn_enc.cc".}
{.compile: "./libs/boringssl/crypto/asn1/tasn_fre.cc".}
{.compile: "./libs/boringssl/crypto/asn1/tasn_new.cc".}
{.compile: "./libs/boringssl/crypto/asn1/tasn_typ.cc".}
{.compile: "./libs/boringssl/crypto/asn1/tasn_utl.cc".}
{.compile: "./libs/boringssl/crypto/base64/base64.cc".}
{.compile: "./libs/boringssl/crypto/bio/bio.cc".}
{.compile: "./libs/boringssl/crypto/bio/bio_mem.cc".}
{.compile: "./libs/boringssl/crypto/bio/connect.cc".}
{.compile: "./libs/boringssl/crypto/bio/errno.cc".}
{.compile: "./libs/boringssl/crypto/bio/fd.cc".}
{.compile: "./libs/boringssl/crypto/bio/file.cc".}
{.compile: "./libs/boringssl/crypto/bio/hexdump.cc".}
{.compile: "./libs/boringssl/crypto/bio/pair.cc".}
{.compile: "./libs/boringssl/crypto/bio/printf.cc".}
{.compile: "./libs/boringssl/crypto/bio/socket.cc".}
{.compile: "./libs/boringssl/crypto/bio/socket_helper.cc".}
{.compile: "./libs/boringssl/crypto/blake2/blake2.cc".}
{.compile: "./libs/boringssl/crypto/bn/bn_asn1.cc".}
{.compile: "./libs/boringssl/crypto/bn/convert.cc".}
{.compile: "./libs/boringssl/crypto/bn/div.cc".}
{.compile: "./libs/boringssl/crypto/bn/exponentiation.cc".}
{.compile: "./libs/boringssl/crypto/bn/sqrt.cc".}
{.compile: "./libs/boringssl/crypto/buf/buf.cc".}
{.compile: "./libs/boringssl/crypto/bytestring/asn1_compat.cc".}
{.compile: "./libs/boringssl/crypto/bytestring/ber.cc".}
{.compile: "./libs/boringssl/crypto/bytestring/cbb.cc".}
{.compile: "./libs/boringssl/crypto/bytestring/cbs.cc".}
{.compile: "./libs/boringssl/crypto/bytestring/unicode.cc".}
{.compile: "./libs/boringssl/crypto/chacha/chacha.cc".}
{.compile: "./libs/boringssl/crypto/cipher/derive_key.cc".}
{.compile: "./libs/boringssl/crypto/cipher/e_aesctrhmac.cc".}
{.compile: "./libs/boringssl/crypto/cipher/e_aeseax.cc".}
{.compile: "./libs/boringssl/crypto/cipher/e_aesgcmsiv.cc".}
{.compile: "./libs/boringssl/crypto/cipher/e_chacha20poly1305.cc".}
{.compile: "./libs/boringssl/crypto/cipher/e_des.cc".}
{.compile: "./libs/boringssl/crypto/cipher/e_null.cc".}
{.compile: "./libs/boringssl/crypto/cipher/e_rc2.cc".}
{.compile: "./libs/boringssl/crypto/cipher/e_rc4.cc".}
{.compile: "./libs/boringssl/crypto/cipher/e_tls.cc".}
{.compile: "./libs/boringssl/crypto/cipher/get_cipher.cc".}
{.compile: "./libs/boringssl/crypto/cipher/tls_cbc.cc".}
{.compile: "./libs/boringssl/crypto/cms/cms.cc".}
{.compile: "./libs/boringssl/crypto/conf/conf.cc".}
{.compile: "./libs/boringssl/crypto/cpu_aarch64_apple.cc".}
{.compile: "./libs/boringssl/crypto/cpu_aarch64_fuchsia.cc".}
{.compile: "./libs/boringssl/crypto/cpu_aarch64_linux.cc".}
{.compile: "./libs/boringssl/crypto/cpu_aarch64_openbsd.cc".}
{.compile: "./libs/boringssl/crypto/cpu_aarch64_sysreg.cc".}
{.compile: "./libs/boringssl/crypto/cpu_aarch64_win.cc".}
{.compile: "./libs/boringssl/crypto/cpu_arm_freebsd.cc".}
{.compile: "./libs/boringssl/crypto/cpu_arm_linux.cc".}
{.compile: "./libs/boringssl/crypto/cpu_intel.cc".}
{.compile: "./libs/boringssl/crypto/crypto.cc".}
{.compile: "./libs/boringssl/crypto/curve25519/curve25519.cc".}
{.compile: "./libs/boringssl/crypto/curve25519/curve25519_64_adx.cc".}
{.compile: "./libs/boringssl/crypto/curve25519/spake25519.cc".}
{.compile: "./libs/boringssl/crypto/des/des.cc".}
{.compile: "./libs/boringssl/crypto/dh/dh_asn1.cc".}
{.compile: "./libs/boringssl/crypto/dh/params.cc".}
{.compile: "./libs/boringssl/crypto/digest/digest_extra.cc".}
{.compile: "./libs/boringssl/crypto/dsa/dsa.cc".}
{.compile: "./libs/boringssl/crypto/dsa/dsa_asn1.cc".}
{.compile: "./libs/boringssl/crypto/ec/ec_asn1.cc".}
{.compile: "./libs/boringssl/crypto/ec/ec_derive.cc".}
{.compile: "./libs/boringssl/crypto/ec/hash_to_curve.cc".}
{.compile: "./libs/boringssl/crypto/ecdh/ecdh.cc".}
{.compile: "./libs/boringssl/crypto/ecdsa/ecdsa_asn1.cc".}
{.compile: "./libs/boringssl/crypto/ecdsa/ecdsa_p1363.cc".}
{.compile: "./libs/boringssl/crypto/engine/engine.cc".}
{.compile: "./libs/boringssl/crypto/err/err.cc".}
{.compile: "./libs/boringssl/crypto/evp/evp.cc".}
{.compile: "./libs/boringssl/crypto/evp/evp_asn1.cc".}
{.compile: "./libs/boringssl/crypto/evp/evp_ctx.cc".}
{.compile: "./libs/boringssl/crypto/evp/p_dh.cc".}
{.compile: "./libs/boringssl/crypto/evp/p_dh_asn1.cc".}
{.compile: "./libs/boringssl/crypto/evp/p_dsa_asn1.cc".}
{.compile: "./libs/boringssl/crypto/evp/p_ec.cc".}
{.compile: "./libs/boringssl/crypto/evp/p_ec_asn1.cc".}
{.compile: "./libs/boringssl/crypto/evp/p_ed25519.cc".}
{.compile: "./libs/boringssl/crypto/evp/p_ed25519_asn1.cc".}
{.compile: "./libs/boringssl/crypto/evp/p_hkdf.cc".}
{.compile: "./libs/boringssl/crypto/evp/p_rsa.cc".}
{.compile: "./libs/boringssl/crypto/evp/p_rsa_asn1.cc".}
{.compile: "./libs/boringssl/crypto/evp/p_x25519.cc".}
{.compile: "./libs/boringssl/crypto/evp/p_x25519_asn1.cc".}
{.compile: "./libs/boringssl/crypto/evp/pbkdf.cc".}
{.compile: "./libs/boringssl/crypto/evp/print.cc".}
{.compile: "./libs/boringssl/crypto/evp/scrypt.cc".}
{.compile: "./libs/boringssl/crypto/evp/sign.cc".}
{.compile: "./libs/boringssl/crypto/ex_data.cc".}
{.compile: "./libs/boringssl/crypto/fipsmodule/fips_shared_support.cc".}
{.compile: "./libs/boringssl/crypto/fuzzer_mode.cc".}
{.compile: "./libs/boringssl/crypto/hpke/hpke.cc".}
{.compile: "./libs/boringssl/crypto/hrss/hrss.cc".}
{.compile: "./libs/boringssl/crypto/kyber/kyber.cc".}
{.compile: "./libs/boringssl/crypto/lhash/lhash.cc".}
{.compile: "./libs/boringssl/crypto/md4/md4.cc".}
{.compile: "./libs/boringssl/crypto/md5/md5.cc".}
{.compile: "./libs/boringssl/crypto/mem.cc".}
{.compile: "./libs/boringssl/crypto/mldsa/mldsa.cc".}
{.compile: "./libs/boringssl/crypto/mlkem/mlkem.cc".}
{.compile: "./libs/boringssl/crypto/obj/obj.cc".}
{.compile: "./libs/boringssl/crypto/obj/obj_xref.cc".}
{.compile: "./libs/boringssl/crypto/pem/pem_all.cc".}
{.compile: "./libs/boringssl/crypto/pem/pem_info.cc".}
{.compile: "./libs/boringssl/crypto/pem/pem_lib.cc".}
{.compile: "./libs/boringssl/crypto/pem/pem_oth.cc".}
{.compile: "./libs/boringssl/crypto/pem/pem_pk8.cc".}
{.compile: "./libs/boringssl/crypto/pem/pem_pkey.cc".}
{.compile: "./libs/boringssl/crypto/pem/pem_x509.cc".}
{.compile: "./libs/boringssl/crypto/pem/pem_xaux.cc".}
{.compile: "./libs/boringssl/crypto/pkcs7/pkcs7.cc".}
{.compile: "./libs/boringssl/crypto/pkcs7/pkcs7_x509.cc".}
{.compile: "./libs/boringssl/crypto/pkcs8/p5_pbev2.cc".}
{.compile: "./libs/boringssl/crypto/pkcs8/pkcs8.cc".}
{.compile: "./libs/boringssl/crypto/pkcs8/pkcs8_x509.cc".}
{.compile: "./libs/boringssl/crypto/poly1305/poly1305.cc".}
{.compile: "./libs/boringssl/crypto/poly1305/poly1305_arm.cc".}
{.compile: "./libs/boringssl/crypto/poly1305/poly1305_vec.cc".}
{.compile: "./libs/boringssl/crypto/pool/pool.cc".}
{.compile: "./libs/boringssl/crypto/rand/deterministic.cc".}
{.compile: "./libs/boringssl/crypto/rand/fork_detect.cc".}
{.compile: "./libs/boringssl/crypto/rand/forkunsafe.cc".}
{.compile: "./libs/boringssl/crypto/rand/getentropy.cc".}
{.compile: "./libs/boringssl/crypto/rand/ios.cc".}
{.compile: "./libs/boringssl/crypto/rand/passive.cc".}
{.compile: "./libs/boringssl/crypto/rand/rand.cc".}
{.compile: "./libs/boringssl/crypto/rand/trusty.cc".}
{.compile: "./libs/boringssl/crypto/rand/urandom.cc".}
{.compile: "./libs/boringssl/crypto/rand/windows.cc".}
{.compile: "./libs/boringssl/crypto/rc4/rc4.cc".}
{.compile: "./libs/boringssl/crypto/refcount.cc".}
{.compile: "./libs/boringssl/crypto/rsa/rsa_asn1.cc".}
{.compile: "./libs/boringssl/crypto/rsa/rsa_crypt.cc".}
{.compile: "./libs/boringssl/crypto/rsa/rsa_extra.cc".}
{.compile: "./libs/boringssl/crypto/rsa/rsa_print.cc".}
{.compile: "./libs/boringssl/crypto/sha/sha1.cc".}
{.compile: "./libs/boringssl/crypto/sha/sha256.cc".}
{.compile: "./libs/boringssl/crypto/sha/sha512.cc".}
{.compile: "./libs/boringssl/crypto/siphash/siphash.cc".}
{.compile: "./libs/boringssl/crypto/slhdsa/slhdsa.cc".}
{.compile: "./libs/boringssl/crypto/spake2plus/spake2plus.cc".}
{.compile: "./libs/boringssl/crypto/stack/stack.cc".}
{.compile: "./libs/boringssl/crypto/thread.cc".}
{.compile: "./libs/boringssl/crypto/thread_none.cc".}
{.compile: "./libs/boringssl/crypto/thread_pthread.cc".}
{.compile: "./libs/boringssl/crypto/thread_win.cc".}
{.compile: "./libs/boringssl/crypto/trust_token/pmbtoken.cc".}
{.compile: "./libs/boringssl/crypto/trust_token/trust_token.cc".}
{.compile: "./libs/boringssl/crypto/trust_token/voprf.cc".}
{.compile: "./libs/boringssl/crypto/x509/a_digest.cc".}
{.compile: "./libs/boringssl/crypto/x509/a_sign.cc".}
{.compile: "./libs/boringssl/crypto/x509/a_verify.cc".}
{.compile: "./libs/boringssl/crypto/x509/algorithm.cc".}
{.compile: "./libs/boringssl/crypto/x509/asn1_gen.cc".}
{.compile: "./libs/boringssl/crypto/x509/by_dir.cc".}
{.compile: "./libs/boringssl/crypto/x509/by_file.cc".}
{.compile: "./libs/boringssl/crypto/x509/i2d_pr.cc".}
{.compile: "./libs/boringssl/crypto/x509/name_print.cc".}
{.compile: "./libs/boringssl/crypto/x509/policy.cc".}
{.compile: "./libs/boringssl/crypto/x509/rsa_pss.cc".}
{.compile: "./libs/boringssl/crypto/x509/t_crl.cc".}
{.compile: "./libs/boringssl/crypto/x509/t_req.cc".}
{.compile: "./libs/boringssl/crypto/x509/t_x509.cc".}
{.compile: "./libs/boringssl/crypto/x509/t_x509a.cc".}
{.compile: "./libs/boringssl/crypto/x509/v3_akey.cc".}
{.compile: "./libs/boringssl/crypto/x509/v3_akeya.cc".}
{.compile: "./libs/boringssl/crypto/x509/v3_alt.cc".}
{.compile: "./libs/boringssl/crypto/x509/v3_bcons.cc".}
{.compile: "./libs/boringssl/crypto/x509/v3_bitst.cc".}
{.compile: "./libs/boringssl/crypto/x509/v3_conf.cc".}
{.compile: "./libs/boringssl/crypto/x509/v3_cpols.cc".}
{.compile: "./libs/boringssl/crypto/x509/v3_crld.cc".}
{.compile: "./libs/boringssl/crypto/x509/v3_enum.cc".}
{.compile: "./libs/boringssl/crypto/x509/v3_extku.cc".}
{.compile: "./libs/boringssl/crypto/x509/v3_genn.cc".}
{.compile: "./libs/boringssl/crypto/x509/v3_ia5.cc".}
{.compile: "./libs/boringssl/crypto/x509/v3_info.cc".}
{.compile: "./libs/boringssl/crypto/x509/v3_int.cc".}
{.compile: "./libs/boringssl/crypto/x509/v3_lib.cc".}
{.compile: "./libs/boringssl/crypto/x509/v3_ncons.cc".}
{.compile: "./libs/boringssl/crypto/x509/v3_ocsp.cc".}
{.compile: "./libs/boringssl/crypto/x509/v3_pcons.cc".}
{.compile: "./libs/boringssl/crypto/x509/v3_pmaps.cc".}
{.compile: "./libs/boringssl/crypto/x509/v3_prn.cc".}
{.compile: "./libs/boringssl/crypto/x509/v3_purp.cc".}
{.compile: "./libs/boringssl/crypto/x509/v3_skey.cc".}
{.compile: "./libs/boringssl/crypto/x509/v3_utl.cc".}
{.compile: "./libs/boringssl/crypto/x509/x509.cc".}
{.compile: "./libs/boringssl/crypto/x509/x509_att.cc".}
{.compile: "./libs/boringssl/crypto/x509/x509_cmp.cc".}
{.compile: "./libs/boringssl/crypto/x509/x509_d2.cc".}
{.compile: "./libs/boringssl/crypto/x509/x509_def.cc".}
{.compile: "./libs/boringssl/crypto/x509/x509_ext.cc".}
{.compile: "./libs/boringssl/crypto/x509/x509_lu.cc".}
{.compile: "./libs/boringssl/crypto/x509/x509_obj.cc".}
{.compile: "./libs/boringssl/crypto/x509/x509_req.cc".}
{.compile: "./libs/boringssl/crypto/x509/x509_set.cc".}
{.compile: "./libs/boringssl/crypto/x509/x509_trs.cc".}
{.compile: "./libs/boringssl/crypto/x509/x509_txt.cc".}
{.compile: "./libs/boringssl/crypto/x509/x509_v3.cc".}
{.compile: "./libs/boringssl/crypto/x509/x509_vfy.cc".}
{.compile: "./libs/boringssl/crypto/x509/x509_vpm.cc".}
{.compile: "./libs/boringssl/crypto/x509/x509cset.cc".}
{.compile: "./libs/boringssl/crypto/x509/x509name.cc".}
{.compile: "./libs/boringssl/crypto/x509/x509rset.cc".}
{.compile: "./libs/boringssl/crypto/x509/x509spki.cc".}
{.compile: "./libs/boringssl/crypto/x509/x_algor.cc".}
{.compile: "./libs/boringssl/crypto/x509/x_all.cc".}
{.compile: "./libs/boringssl/crypto/x509/x_attrib.cc".}
{.compile: "./libs/boringssl/crypto/x509/x_crl.cc".}
{.compile: "./libs/boringssl/crypto/x509/x_exten.cc".}
{.compile: "./libs/boringssl/crypto/x509/x_name.cc".}
{.compile: "./libs/boringssl/crypto/x509/x_pubkey.cc".}
{.compile: "./libs/boringssl/crypto/x509/x_req.cc".}
{.compile: "./libs/boringssl/crypto/x509/x_sig.cc".}
{.compile: "./libs/boringssl/crypto/x509/x_spki.cc".}
{.compile: "./libs/boringssl/crypto/x509/x_x509.cc".}
{.compile: "./libs/boringssl/crypto/x509/x_x509a.cc".}
{.compile: "./libs/boringssl/crypto/xwing/xwing.cc".}
{.compile: "./libs/boringssl/gen/crypto//err_data.cc".}
{.compile: "./libs/boringssl/ssl/bio_ssl.cc".}
{.compile: "./libs/boringssl/ssl/d1_both.cc".}
{.compile: "./libs/boringssl/ssl/d1_lib.cc".}
{.compile: "./libs/boringssl/ssl/d1_pkt.cc".}
{.compile: "./libs/boringssl/ssl/d1_srtp.cc".}
{.compile: "./libs/boringssl/ssl/dtls_method.cc".}
{.compile: "./libs/boringssl/ssl/dtls_record.cc".}
{.compile: "./libs/boringssl/ssl/encrypted_client_hello.cc".}
{.compile: "./libs/boringssl/ssl/extensions.cc".}
{.compile: "./libs/boringssl/ssl/handoff.cc".}
{.compile: "./libs/boringssl/ssl/handshake.cc".}
{.compile: "./libs/boringssl/ssl/handshake_client.cc".}
{.compile: "./libs/boringssl/ssl/handshake_server.cc".}
{.compile: "./libs/boringssl/ssl/s3_both.cc".}
{.compile: "./libs/boringssl/ssl/s3_lib.cc".}
{.compile: "./libs/boringssl/ssl/s3_pkt.cc".}
{.compile: "./libs/boringssl/ssl/ssl_aead_ctx.cc".}
{.compile: "./libs/boringssl/ssl/ssl_asn1.cc".}
{.compile: "./libs/boringssl/ssl/ssl_buffer.cc".}
{.compile: "./libs/boringssl/ssl/ssl_cert.cc".}
{.compile: "./libs/boringssl/ssl/ssl_cipher.cc".}
{.compile: "./libs/boringssl/ssl/ssl_credential.cc".}
{.compile: "./libs/boringssl/ssl/ssl_file.cc".}
{.compile: "./libs/boringssl/ssl/ssl_key_share.cc".}
{.compile: "./libs/boringssl/ssl/ssl_lib.cc".}
{.compile: "./libs/boringssl/ssl/ssl_privkey.cc".}
{.compile: "./libs/boringssl/ssl/ssl_session.cc".}
{.compile: "./libs/boringssl/ssl/ssl_stat.cc".}
{.compile: "./libs/boringssl/ssl/ssl_transcript.cc".}
{.compile: "./libs/boringssl/ssl/ssl_versions.cc".}
{.compile: "./libs/boringssl/ssl/ssl_x509.cc".}
{.compile: "./libs/boringssl/ssl/t1_enc.cc".}
{.compile: "./libs/boringssl/ssl/tls13_both.cc".}
{.compile: "./libs/boringssl/ssl/tls13_client.cc".}
{.compile: "./libs/boringssl/ssl/tls13_enc.cc".}
{.compile: "./libs/boringssl/ssl/tls13_server.cc".}
{.compile: "./libs/boringssl/ssl/tls_method.cc".}
{.compile: "./libs/boringssl/ssl/tls_record.cc".}
{.compile: "./libs/boringssl/decrepit/x509/x509_decrepit.cc".}

11
build.sh
View File

@@ -6,25 +6,18 @@ rm -f ngtcp2.nim
# assemble list of C files to be compiled
toCompile=(
"${sources}/picotls/picotlsvs/picotls/wintimeofday.c"
"${sources}/picotls/lib/pembase64.c"
"${sources}/picotls/lib/hpke.c"
"${sources}/picotls/lib/picotls.c"
"${sources}/picotls/lib/openssl.c"
# "${sources}/path/to/file.c"
)
for file in `ls "${sources}/ngtcp2/crypto"/*.c`; do
toCompile+=("$file")
done
for file in `ls "${sources}/ngtcp2/crypto/picotls"/*.c`; do
for file in `ls "${sources}/ngtcp2/crypto/boringssl"/*.c`; do
toCompile+=("$file")
done
for file in `ls "${sources}/ngtcp2/lib"/*.c`; do
toCompile+=("$file")
done
for file in `ls "${root}/build/lib"/*.c`; do
toCompile+=("$file")
done
# futhark is required by generate_ngtcp2.nim
nimble install futhark@0.15.0

140
build/lib/cred_buffer.c
View File

@@ -1,140 +0,0 @@
#include <stddef.h>
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
#include "utils/cred_buffer.h"
#define MIN(a, b) ((a) < (b) ? (a) : (b))
static int cred_buffer_getc(ptls_cred_buffer_t *buf)
{
return PTLS_CRED_BUFFER_LEFT(buf) > 0 ? buf->base[buf->off++] : -1;
}
static ssize_t fsize(FILE *fp)
{
long sz;
if (fseek(fp, 0, SEEK_END) == -1 || (sz = ftell(fp)) == -1) {
return -1;
}
rewind(fp);
return (ssize_t) sz;
}
/* The caller owns 'mem' and must have called ptls_buffer_init prior to
* invoking this function */
int ptls_cred_buffer_set_from_file(ptls_cred_buffer_t *buf, const char *fname)
{
FILE *fp = NULL;
ssize_t sz;
char *m = NULL;
#ifdef _WINDOWS
errno_t err = fopen_s(&fp, fname, "r");
if (err != 0) {
return -1;
}
#else
fp = fopen(fname, "r");
if (fp == NULL) {
return -1;
}
#endif
if ((sz = fsize(fp)) == -1 ||
(m = malloc(sz)) == NULL ||
fread(m, sz, 1, fp) != 1) {
goto err;
}
(void) fclose(fp);
buf->base = m;
buf->len = sz;
buf->off = 0;
buf->owns_base = 1;
return 0;
err:
if (m)
free(m);
if (fp != NULL)
(void) fclose(fp);
return -1;
}
int ptls_cred_buffer_set_from_string(ptls_cred_buffer_t *buf, char *s)
{
buf->base = s;
buf->len = strlen(s);
buf->off = 0;
buf->owns_base = 0;
return 0;
}
void ptls_cred_buffer_dispose(ptls_cred_buffer_t *buf)
{
if (buf->owns_base) {
if (buf->base) {
free(buf->base);
buf->base = NULL;
}
buf->len = buf->off = 0;
buf->owns_base = 0;
}
return;
}
void ptls_cred_buffer_rewind(ptls_cred_buffer_t *buf)
{
buf->off = 0;
return;
}
/* z -> nlptr */
char *ptls_cred_buffer_gets(char *s, int n, ptls_cred_buffer_t *buf)
{
char *p = s;
char *z;
size_t k;
int c;
if (n-- <= 1) {
if (n) return NULL;
*s = '\0';
return s;
}
while (n) {
if (PTLS_CRED_BUFFER_RPOS(buf) != PTLS_CRED_BUFFER_REND(buf)) {
z = memchr(PTLS_CRED_BUFFER_RPOS(buf), '\n', PTLS_CRED_BUFFER_LEFT(buf));
k = z ? z - PTLS_CRED_BUFFER_RPOS(buf) + 1 : PTLS_CRED_BUFFER_LEFT(buf);
k = MIN(k, n);
memcpy(p, PTLS_CRED_BUFFER_RPOS(buf), k);
buf->off += k;
p += k;
n -= k;
if (z || !n) break;
}
if ((c = cred_buffer_getc(buf)) < 0) {
if (p == s || PTLS_CRED_BUFFER_LEFT(buf) > 0) s = NULL;
break;
}
n--;
if ((*p++ = c) == '\n') break;
}
if (s) *p = '\0';
return s;
}

24
build/lib/includes/utils/cred_buffer.h
View File

@@ -1,24 +0,0 @@
#ifndef PTLS_CRED_BUFFER_H
#define PTLS_CRED_BUFFER_H
#include <stddef.h>
#include "picotls.h"
typedef struct ptls_cred_buffer_s {
char *base;
size_t len;
size_t off;
int owns_base;
#define PTLS_CRED_BUFFER_RPOS(buf) ((buf)->base + (buf)->off)
#define PTLS_CRED_BUFFER_REND(buf) ((buf)->base + (buf)->len)
#define PTLS_CRED_BUFFER_LEFT(buf) ((buf)->len - (buf)->off)
} ptls_cred_buffer_t;
int ptls_cred_buffer_set_from_file(ptls_cred_buffer_t *buf, const char *fname);
int ptls_cred_buffer_set_from_string(ptls_cred_buffer_t *buf, char *s);
void ptls_cred_buffer_dispose(ptls_cred_buffer_t *buf);
void ptls_cred_buffer_rewind(ptls_cred_buffer_t *buf);
char *ptls_cred_buffer_gets(char *s, int n, ptls_cred_buffer_t *buf);
#endif /* !PTLS_CRED_BUFFER_H */

28
build/lib/includes/utils/pem_utils.h
View File

@@ -1,28 +0,0 @@
/*
* Copyright (c) 2017 Christian Huitema <huitema@huitema.net>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#ifndef PTLS_PEM_UTILS
#define PTLS_PEM_UTILS
#include <picotls.h>
#include <picotls/openssl.h>
#include "cred_buffer.h"
int ptls_load_certificates_from_memory(ptls_context_t *ctx, ptls_cred_buffer_t *mem);
int ptls_openssl_init_sign_certificate_with_mem_key(ptls_openssl_sign_certificate_t *self, const void *buf, int len);
#endif /* PTLS_PEM_UTILS */

152
build/lib/pem_utils.c
View File

@@ -1,152 +0,0 @@
#include <stdlib.h>
#include <picotls.h>
#include <picotls/pembase64.h>
#include "utils/pem_utils.h"
#include <openssl/pem.h>
#include <openssl/evp.h>
#include <openssl/ec.h>
#include <openssl/err.h>
static int ptls_compare_separator_line(const char *line, const char *begin_or_end, const char *label)
{
int ret = strncmp(line, "-----", 5);
size_t text_index = 5;
if (ret == 0) {
size_t begin_or_end_length = strlen(begin_or_end);
ret = strncmp(line + text_index, begin_or_end, begin_or_end_length);
text_index += begin_or_end_length;
}
if (ret == 0) {
ret = line[text_index] - ' ';
text_index++;
}
if (ret == 0) {
size_t label_length = strlen(label);
ret = strncmp(line + text_index, label, label_length);
text_index += label_length;
}
if (ret == 0) {
ret = strncmp(line + text_index, "-----", 5);
}
return ret;
}
// Extracted from https://github.com/h2o/picotls/pull/284/
// Remove both pem.c/h and cred_buffer.c/h once that PR gets merged
static int ptls_get_pem_object_from_memory(ptls_cred_buffer_t *mem, const char *label, ptls_buffer_t *buf)
{
int ret = PTLS_ERROR_PEM_LABEL_NOT_FOUND;
char line[256];
ptls_base64_decode_state_t state;
/* Get the label on a line by itself */
while (ptls_cred_buffer_gets(line, 256, mem)) {
if (ptls_compare_separator_line(line, "BEGIN", label) == 0) {
ret = 0;
ptls_base64_decode_init(&state);
break;
}
}
/* Get the data in the buffer */
while (ret == 0 && ptls_cred_buffer_gets(line, 256, mem)) {
if (ptls_compare_separator_line(line, "END", label) == 0) {
if (state.status == PTLS_BASE64_DECODE_DONE || (state.status == PTLS_BASE64_DECODE_IN_PROGRESS && state.nbc == 0)) {
ret = 0;
} else {
ret = PTLS_ERROR_INCORRECT_BASE64;
}
break;
} else {
ret = ptls_base64_decode(line, &state, buf);
}
}
return ret;
}
int ptls_load_pem_objects_from_memory(ptls_cred_buffer_t *mem, const char *label, ptls_iovec_t *list, size_t list_max, size_t *nb_objects)
{
int ret = 0;
size_t count = 0;
*nb_objects = 0;
if (ret == 0) {
while (count < list_max) {
ptls_buffer_t buf;
ptls_buffer_init(&buf, "", 0);
ret = ptls_get_pem_object_from_memory(mem, label, &buf);
if (ret == 0) {
if (buf.off > 0 && buf.is_allocated) {
list[count].base = buf.base;
list[count].len = buf.off;
count++;
} else {
ptls_buffer_dispose(&buf);
}
} else {
ptls_buffer_dispose(&buf);
break;
}
}
}
if (ret == PTLS_ERROR_PEM_LABEL_NOT_FOUND && count > 0) {
ret = 0;
}
*nb_objects = count;
return ret;
}
#define PTLS_MAX_CERTS_IN_CONTEXT 16
int ptls_load_certificates_from_memory(ptls_context_t *ctx, ptls_cred_buffer_t *mem)
{
int ret = 0;
ctx->certificates.list = (ptls_iovec_t *)malloc(PTLS_MAX_CERTS_IN_CONTEXT * sizeof(ptls_iovec_t));
if (ctx->certificates.list == NULL) {
ret = PTLS_ERROR_NO_MEMORY;
} else {
ret = ptls_load_pem_objects_from_memory(mem, "CERTIFICATE", ctx->certificates.list, PTLS_MAX_CERTS_IN_CONTEXT,
&ctx->certificates.count);
}
return ret;
}
int ptls_openssl_init_sign_certificate_with_mem_key(ptls_openssl_sign_certificate_t *self, const void *buf, int len) {
BIO *bio = BIO_new_mem_buf(buf, len);
if (bio == NULL) {
return 8880;
}
EVP_PKEY *evp_key = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL);
BIO_free(bio);
if (evp_key == NULL) {
return 8881;
}
// Initialize the certificate signing structure
int ret = ptls_openssl_init_sign_certificate(self, evp_key);
EVP_PKEY_free(evp_key);
return ret;
}

16
config.nims
View File

@@ -1,5 +1,11 @@
--styleCheck:usages
if (NimMajor, NimMinor) < (1, 6):
--styleCheck:hint
else:
--styleCheck:error
when not defined(windows):
# use the C++ linker profile because it's a C++ library
when defined(macosx):
switch("clang.linkerexe", "clang++")
else:
switch("gcc.linkerexe", "g++")
--styleCheck:
usages
--styleCheck:
error

67
diff1 Normal file
View File

@@ -0,0 +1,67 @@
diff --git a/crypto/x509/x509name.cc b/crypto/x509/x509name.cc
index 72c88834b..97966b518 100644
--- a/crypto/x509/x509name.cc
+++ b/crypto/x509/x509name.cc
@@ -21,7 +21,7 @@
#include <openssl/obj.h>
#include <openssl/stack.h>
#include <openssl/x509.h>
-
+#include <iostream>
#include "../internal.h"
#include "internal.h"
@@ -182,12 +182,17 @@ int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,
const unsigned char *bytes, ossl_ssize_t len,
int loc, int set) {
- X509_NAME_ENTRY *ne =
+ std::cout << "HERE" << std::endl;
+
+ X509_NAME_ENTRY *ne =
X509_NAME_ENTRY_create_by_txt(NULL, field, type, bytes, len);
if (!ne) {
+ std::cout << "FAIL1" << std::endl;
return 0;
}
int ret = X509_NAME_add_entry(name, ne, loc, set);
+ std::cout << "THE RET2: " << ret << std::endl;
+
X509_NAME_ENTRY_free(ne);
return ret;
}
@@ -197,11 +202,13 @@ int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,
int X509_NAME_add_entry(X509_NAME *name, const X509_NAME_ENTRY *entry, int loc,
int set) {
if (name == nullptr) {
+ std::cout << "FAIL3" << std::endl;
return 0;
}
if (name->entries == nullptr) {
name->entries = sk_X509_NAME_ENTRY_new_null();
if (name->entries == nullptr) {
+ std::cout << "FAIL4" << std::endl;
return 0;
}
}
@@ -238,10 +245,12 @@ int X509_NAME_add_entry(X509_NAME *name, const X509_NAME_ENTRY *entry, int loc,
bssl::UniquePtr<X509_NAME_ENTRY> new_entry(X509_NAME_ENTRY_dup(entry));
if (new_entry == nullptr) {
+ std::cout << "FAIL5" << std::endl;
return 0;
}
new_entry->set = set;
if (!sk_X509_NAME_ENTRY_insert(sk, new_entry.get(), loc)) {
+ std::cout << "FAIL6" << std::endl;
return 0;
}
new_entry.release(); // |sk| took ownership.
@@ -263,6 +272,7 @@ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
obj = OBJ_txt2obj(field, 0);
if (obj == NULL) {
+ std::cout << "FAIL2" << std::endl;
OPENSSL_PUT_ERROR(X509, X509_R_INVALID_FIELD_NAME);
ERR_add_error_data(2, "name=", field);
return NULL;

94
extras.nim
View File

@@ -1,14 +1,80 @@
type
ptls_handshake_properties_t_anon0_t* = struct_st_ptls_handshake_properties_t_anon0_t
ptls_handshake_properties_t_anon0_t_client_t* =
struct_st_ptls_handshake_properties_t_anon0_t_client_t
ptls_handshake_properties_t_anon0_t_client_t_negotiated_protocols_t* =
struct_st_ptls_handshake_properties_t_anon0_t_client_t_negotiated_protocols_t
ptls_handshake_properties_t_anon0_t_client_t_ech_t* =
struct_st_ptls_handshake_properties_t_anon0_t_client_t_ech_t
ptls_handshake_properties_t_anon0_t_server_t* =
struct_st_ptls_handshake_properties_t_anon0_t_server_t
ptls_handshake_properties_t_anon0_t_server_t_selected_psk_binder_t* =
struct_st_ptls_handshake_properties_t_anon0_t_server_t_selected_psk_binder_t
ptls_handshake_properties_t_anon0_t_server_t_cookie_t* =
struct_st_ptls_handshake_properties_t_anon0_t_server_t_cookie_t
when defined(ngtcp2_enable_quictls):
# OpenSSL/QuicTLS crypto support
# OpenSSL/QuicTLS type definitions
type
SSL_CTX* = pointer
OSSL_ENCRYPTION_LEVEL* = enum
OSSL_ENCRYPTION_LEVEL_INITIAL = 0
OSSL_ENCRYPTION_LEVEL_EARLY_DATA = 1
OSSL_ENCRYPTION_LEVEL_HANDSHAKE = 2
OSSL_ENCRYPTION_LEVEL_APPLICATION = 3
# ngtcp2_crypto_quictls error constants
const
NGTCP2_CRYPTO_QUICTLS_ERR_TLS_WANT_X509_LOOKUP* = -10001
NGTCP2_CRYPTO_QUICTLS_ERR_TLS_WANT_CLIENT_HELLO_CB* = -10002
# ngtcp2_crypto_quictls function bindings
when not declared(ngtcp2_crypto_quictls_init):
proc ngtcp2_crypto_quictls_init*(): cint {.
cdecl, importc: "ngtcp2_crypto_quictls_init"
.}
else:
static:
hint(
"Declaration of " & "ngtcp2_crypto_quictls_init" &
" already exists, not redeclaring"
)
when not declared(ngtcp2_crypto_quictls_from_ossl_encryption_level):
proc ngtcp2_crypto_quictls_from_ossl_encryption_level*(
ossl_level: OSSL_ENCRYPTION_LEVEL
): ngtcp2_encryption_level_553648745 {.
cdecl, importc: "ngtcp2_crypto_quictls_from_ossl_encryption_level"
.}
else:
static:
hint(
"Declaration of " & "ngtcp2_crypto_quictls_from_ossl_encryption_level" &
" already exists, not redeclaring"
)
when not declared(ngtcp2_crypto_quictls_from_ngtcp2_encryption_level):
proc ngtcp2_crypto_quictls_from_ngtcp2_encryption_level*(
encryption_level: ngtcp2_encryption_level_553648745
): OSSL_ENCRYPTION_LEVEL {.
cdecl, importc: "ngtcp2_crypto_quictls_from_ngtcp2_encryption_level"
.}
else:
static:
hint(
"Declaration of " & "ngtcp2_crypto_quictls_from_ngtcp2_encryption_level" &
" already exists, not redeclaring"
)
when not declared(ngtcp2_crypto_quictls_configure_server_context):
proc ngtcp2_crypto_quictls_configure_server_context*(
ssl_ctx: SSL_CTX
): cint {.cdecl, importc: "ngtcp2_crypto_quictls_configure_server_context".}
else:
static:
hint(
"Declaration of " & "ngtcp2_crypto_quictls_configure_server_context" &
" already exists, not redeclaring"
)
when not declared(ngtcp2_crypto_quictls_configure_client_context):
proc ngtcp2_crypto_quictls_configure_client_context*(
ssl_ctx: SSL_CTX
): cint {.cdecl, importc: "ngtcp2_crypto_quictls_configure_client_context".}
else:
static:
hint(
"Declaration of " & "ngtcp2_crypto_quictls_configure_client_context" &
" already exists, not redeclaring"
)

25
generate_ngtcp2.nim
View File

@@ -1,16 +1,15 @@
import futhark, strformat
import futhark
from os import parentDir, `/`
importc:
outputPath currentSourcePath.parentDir / "tmp_ngtcp2.nim"
path currentSourcePath.parentDir/"libs/ngtcp2/lib/includes"
path currentSourcePath.parentDir/"build/lib/includes"
path currentSourcePath.parentDir/"libs/ngtcp2/crypto/includes/"
path currentSourcePath.parentDir/"libs"/"picotls"/"include"
"ngtcp2/ngtcp2.h"
"ngtcp2/ngtcp2_crypto.h"
"picotls.h"
"picotls/openssl.h"
"ngtcp2/ngtcp2_crypto_picotls.h"
"utils/cred_buffer.h"
"utils/pem_utils.h"
outputPath currentSourcePath.parentDir / "tmp_ngtcp2.nim"
path currentSourcePath.parentDir / "libs/ngtcp2/lib/includes"
path currentSourcePath.parentDir / "build/lib/includes"
path currentSourcePath.parentDir / "libs/ngtcp2/crypto/includes"
path currentSourcePath.parentDir / "libs/boringssl/include"
rename FILE, CFile # Rename `FILE` that STB uses to `CFile` which is the Nim equivalent
"ngtcp2/ngtcp2.h"
"ngtcp2/ngtcp2_crypto.h"
"ngtcp2/ngtcp2_crypto_boringssl.h"
"openssl/rand.h"
"openssl/asn1.h"

1
libs/boringssl Submodule

Submodule libs/boringssl added at db1a845616

2
libs/ngtcp2

Submodule libs/ngtcp2 updated: 048cdfd0c2...b6f2c756af

1
libs/picotls

Submodule libs/picotls deleted from bbcdbe6dc3

78196
ngtcp2.nim
View File

File diff suppressed because it is too large Load Diff

16
ngtcp2.nimble
View File

@@ -1,9 +1,19 @@
packageName = "ngtcp2"
version = "0.36.1"
version = "0.39.0"
author = "Status Research & Development GmbH"
description = "Nim wrapper around the ngtcp2 library"
license = "MIT"
installDirs = @["libs", "build"]
installFiles = @["ngtcp2.nim"]
installFiles = @["ngtcp2.nim", "boringssl.nim"]
requires "nim >= 1.6.0"
requires "nim >= 2.0.0"
task format, "Format nim code using nph":
exec "nimble install nph"
exec "nph ."
task test, "Run tests":
when defined(windows):
exec "nim cpp -d:nimDebugDlOpen -r --threads:on tests/testNgtcp2.nim"
else:
exec "nim cpp -r --threads:on tests/testNgtcp2.nim"

30
prelude.nim
View File

@@ -1,9 +1,12 @@
import os
import strformat
import strformat, strutils
import ./boringssl
# Socket definitions
import nativesockets
type ptrdiff_t* {.importc: "ptrdiff_t", header: "<stddef.h>".} = int
{.passc: "-DNGTCP2_STATICLIB".}
when defined(windows):
@@ -13,23 +16,22 @@ when defined(windows):
else:
{.passc: "-DHAVE_UNISTD_H".}
when defined(macosx):
{.passl: "-L/opt/homebrew/opt/openssl@3/lib -lcrypto".}
{.passc: "-I/opt/homebrew/opt/openssl@3/include".}
else:
{.passl: "-lcrypto".}
const root = currentSourcePath.parentDir
const libIncludes = root/"build"/"lib"/"includes"
const ngtcp2Crypto = root/"libs"/"ngtcp2"/"crypto"
const ngtcp2CryptoIncludes = root/"libs"/"ngtcp2"/"crypto"/"includes"
const ngtcp2Lib = root/"libs"/"ngtcp2"/"lib"
const ngtcp2LibIncludes = root/"libs"/"ngtcp2"/"lib"/"includes"
const picotlsInclude = root/"libs"/"picotls"/"include"
const libIncludes = root / "build/lib/includes"
const ngtcp2Crypto = root / "libs/ngtcp2/crypto"
const ngtcp2CryptoIncludes = root / "libs/ngtcp2/crypto/includes"
const ngtcp2Lib = root / "libs/ngtcp2/lib"
const ngtcp2LibIncludes = root / "libs/ngtcp2/lib/includes"
const boringsslInclude = root / "libs/boringssl/include"
{.passc: fmt"-I{libIncludes}".}
{.passc: fmt"-I{ngtcp2Crypto}".}
{.passc: fmt"-I{ngtcp2CryptoIncludes}".}
{.passc: fmt"-I{ngtcp2Lib}".}
{.passc: fmt"-I{ngtcp2LibIncludes}".}
{.passc: fmt"-I{picotlsInclude}".}
{.passc: fmt"-I{boringsslInclude}".}
when defined(ngtcp2_enable_quictls):
# QuicTLS/OpenSSL crypto support
{.passc: "-DNGTCP2_CRYPTO_QUICTLS".}
{.passc: "-I/usr/include/openssl".}

35
tests/testNgtcp2.nim
View File

@@ -7,15 +7,30 @@ test "default settings":
check settings.max_tx_udp_payload_size > 0
var transport_params: ngtcp2_transport_params
ngtcp2_transport_params_default_versioned(NGTCP2_TRANSPORT_PARAMS_V1, addr transport_params)
ngtcp2_transport_params_default_versioned(
NGTCP2_TRANSPORT_PARAMS_V1, addr transport_params
)
check transport_params.active_connection_id_limit > 0
test "ptls_instantiation":
var ctx: ptls_context_t
ctx.random_bytes = ptls_openssl_random_bytes
ctx.get_time = addr ptls_get_time
ctx.key_exchanges = cast[ptr ptr ptls_key_exchange_algorithm_t](addr ptls_openssl_key_exchanges[0])
ctx.cipher_suites = cast[ptr ptr ptls_cipher_suite_t](ptls_openssl_cipher_suites[0])
var tls: ptr ptls_t = ptls_client_new(addr ctx);
check tls != nil
test "BoringSSL bindings":
let
clientMethod = TLS_client_method()
ssl_ctx = SSL_CTX_new(clientMethod)
ssl = SSL_new(ssl_ctx)
check ssl != nil
when defined(ngtcp2_enable_quictls):
test "QuicTLS bindings":
# Test error constants
check NGTCP2_CRYPTO_QUICTLS_ERR_TLS_WANT_X509_LOOKUP == -10001
check NGTCP2_CRYPTO_QUICTLS_ERR_TLS_WANT_CLIENT_HELLO_CB == -10002
# Test OSSL_ENCRYPTION_LEVEL enum values
check ord(OSSL_ENCRYPTION_LEVEL_INITIAL) == 0
check ord(OSSL_ENCRYPTION_LEVEL_EARLY_DATA) == 1
check ord(OSSL_ENCRYPTION_LEVEL_HANDSHAKE) == 2
check ord(OSSL_ENCRYPTION_LEVEL_APPLICATION) == 3
# Test that SSL_CTX type is properly defined as pointer
check sizeof(SSL_CTX) == sizeof(pointer)