From: Viktor Szakats <commit@vsz.me>
Date: Mon, 11 Aug 2025 21:47:03 +0000 (+0200)
Subject: cmake: improve error message for invalid HTTP/3 MultiSSL configs
X-Git-Tag: curl-8_16_0~192
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=79b470cc5df2af7fea10909c0e84cc0084b1d345;p=thirdparty%2Fcurl.git

cmake: improve error message for invalid HTTP/3 MultiSSL configs

Error out for these combinations before trying to detect HTTP/3
dependencies, for a clearer error message.

Reported-by: Daniel Engberg
Fixes https://github.com/curl/curl/issues/18246
Closes https://github.com/curl/curl/issues/18256
---

diff --git a/CMakeLists.txt b/CMakeLists.txt
index c12d2bcc18..50db8602d7 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1093,7 +1093,9 @@ endif()
 
 option(USE_NGTCP2 "Use ngtcp2 and nghttp3 libraries for HTTP/3 support" OFF)
 if(USE_NGTCP2)
-  if(USE_OPENSSL OR USE_WOLFSSL)
+  if(CURL_WITH_MULTI_SSL)
+    message(FATAL_ERROR "MultiSSL cannot be enabled with HTTP/3 and vice versa.")
+  elseif(USE_OPENSSL OR USE_WOLFSSL)
     if(USE_WOLFSSL)
       find_package(NGTCP2 REQUIRED "wolfSSL")
     elseif(HAVE_BORINGSSL OR HAVE_AWSLC)
@@ -1141,6 +1143,8 @@ option(USE_QUICHE "Use quiche library for HTTP/3 support" OFF)
 if(USE_QUICHE)
   if(USE_NGTCP2)
     message(FATAL_ERROR "Only one HTTP/3 backend can be selected")
+  elseif(CURL_WITH_MULTI_SSL)
+    message(FATAL_ERROR "MultiSSL cannot be enabled with HTTP/3 and vice versa.")
   endif()
   find_package(Quiche REQUIRED)
   if(NOT HAVE_BORINGSSL)
@@ -1167,6 +1171,8 @@ endif()
 if(USE_OPENSSL_QUIC)
   if(USE_NGTCP2 OR USE_QUICHE)
     message(FATAL_ERROR "Only one HTTP/3 backend can be selected")
+  elseif(CURL_WITH_MULTI_SSL)
+    message(FATAL_ERROR "MultiSSL cannot be enabled with HTTP/3 and vice versa.")
   endif()
   find_package(OpenSSL 3.3.0 REQUIRED)
 
@@ -1182,10 +1188,6 @@ if(USE_OPENSSL_QUIC)
   endif()
 endif()
 
-if(CURL_WITH_MULTI_SSL AND (USE_NGTCP2 OR USE_QUICHE OR USE_OPENSSL_QUIC))
-  message(FATAL_ERROR "MultiSSL cannot be enabled with HTTP/3 and vice versa.")
-endif()
-
 if(NOT CURL_DISABLE_SRP AND (HAVE_GNUTLS_SRP OR HAVE_OPENSSL_SRP))
   set(USE_TLS_SRP 1)
 endif()