NGTCP2_VERSION: 1.22.1
# renovate: datasource=github-tags depName=nghttp2/nghttp2 versioning=semver registryUrl=https://github.com
NGHTTP2_VERSION: 1.69.0
+ # no tagged releases
+ H2O_VERSION: 11b0cfa2771e3ccad4a852e72473e4e278ab1de7 # 2026-05-28
+ H2O_SHA256: 5ae1bd7b09970d7d49c41fa68193e24da04c2a7ac5581fbe2affc79200b0721f
jobs:
build-cache:
- name: 'cache openssl-prev'
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
- id: cache-openssl-prev-http3-no-deprecated
+ id: cache-openssl-prev-http3
env:
- cache-name: cache-openssl-prev-http3-no-deprecated
+ cache-name: cache-openssl-prev-http3
with:
path: ~/openssl-prev/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.OPENSSL_PREV_VERSION }}
key: "${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGHTTP2_VERSION }}-${{ env.OPENSSL_VERSION }}-\
${{ env.NGTCP2_VERSION }}-${{ env.NGHTTP3_VERSION }}"
+ - name: 'cache h2o'
+ uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
+ id: cache-h2o
+ env:
+ cache-name: cache-h2o
+ with:
+ path: ~/h2o/build
+ key: "${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.H2O_VERSION }}-${{ env.OPENSSL_PREV_VERSION }}"
+
- id: settings
if: >-
${{ !steps.cache-awslc.outputs.cache-hit ||
!steps.cache-gnutls.outputs.cache-hit ||
!steps.cache-libressl.outputs.cache-hit ||
!steps.cache-openssl-http3-no-deprecated.outputs.cache-hit ||
- !steps.cache-openssl-prev-http3-no-deprecated.outputs.cache-hit ||
+ !steps.cache-openssl-prev-http3.outputs.cache-hit ||
!steps.cache-wolfssl.outputs.cache-hit ||
!steps.cache-nghttp3.outputs.cache-hit ||
!steps.cache-ngtcp2-boringssl.outputs.cache-hit ||
!steps.cache-ngtcp2-openssl-prev.outputs.cache-hit ||
!steps.cache-ngtcp2.outputs.cache-hit ||
- !steps.cache-nghttp2.outputs.cache-hit }}
+ !steps.cache-nghttp2.outputs.cache-hit ||
+ !steps.cache-h2o.outputs.cache-hit }}
run: echo 'needs-build=true' >> "$GITHUB_OUTPUT"
libtool autoconf automake pkgconf \
libbrotli-dev libzstd-dev zlib1g-dev \
libev-dev \
+ libuv1-dev \
libc-ares-dev \
libp11-kit-dev autopoint bison gperf gtk-doc-tools libtasn1-bin # for GnuTLS
echo 'CC=gcc-12' >> "$GITHUB_ENV"
make -j1 install_sw
- name: 'build openssl-prev'
- if: ${{ !steps.cache-openssl-prev-http3-no-deprecated.outputs.cache-hit }}
+ if: ${{ !steps.cache-openssl-prev-http3.outputs.cache-hit }}
run: |
cd ~
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \
--location --proto-redir =https "https://github.com/openssl/openssl/releases/download/openssl-${OPENSSL_PREV_VERSION}/openssl-${OPENSSL_PREV_VERSION}.tar.gz" --output pkg.bin
sha256sum pkg.bin | tee /dev/stderr | grep -qwF -- "${OPENSSL_PREV_SHA256}" && tar -xzf pkg.bin && rm -f pkg.bin
cd "openssl-${OPENSSL_PREV_VERSION}"
- ./config --prefix=/home/runner/openssl-prev/build --libdir=lib no-makedepend no-apps no-docs no-tests no-deprecated
+ ./config --prefix=/home/runner/openssl-prev/build --libdir=lib no-makedepend no-apps no-docs no-tests
make
make -j1 install_sw
--with-libbrotlienc --with-libbrotlidec
make install
+ - name: 'build h2o'
+ if: ${{ !steps.cache-h2o.outputs.cache-hit }}
+ run: |
+ cd ~
+ curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \
+ --location --proto-redir =https "https://github.com/h2o/h2o/archive/${H2O_VERSION}.tar.gz" --output pkg.bin
+ sha256sum pkg.bin | tee /dev/stderr | grep -qwF -- "${H2O_SHA256}" && tar -xzf pkg.bin && rm -f pkg.bin
+ cd "h2o-${H2O_VERSION}"
+ cmake -B . -G Ninja -DWITHOUT_LIBS=ON -DOPENSSL_ROOT_DIR=/home/runner/openssl-prev/build -DCMAKE_INSTALL_PREFIX=/home/runner/h2o/build
+ cmake --build .
+ cmake --install .
+
linux:
name: ${{ matrix.build.generate && 'CM' || 'AM' }} ${{ matrix.build.name }}
needs: build-cache
LDFLAGS: -Wl,-rpath,/home/runner/openssl/build/lib
PKG_CONFIG_PATH: /home/runner/openssl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
configure: >-
- --with-openssl=/home/runner/openssl/build --with-ngtcp2=/home/runner/ngtcp2/build --enable-ech --enable-ssls-export
+ --with-openssl=/home/runner/openssl/build --with-ngtcp2=/home/runner/ngtcp2/build --enable-ech --enable-ssls-export --enable-proxy-http3
- name: 'openssl'
install_steps: skipall
generate: >-
-DOPENSSL_ROOT_DIR=/home/runner/openssl/build -DUSE_NGTCP2=ON
-DCURL_DISABLE_LDAP=ON
- -DUSE_ECH=ON
+ -DUSE_ECH=ON -DUSE_PROXY_HTTP3=ON
-DCMAKE_UNITY_BUILD=ON
- name: 'openssl-prev'
- name: 'cache openssl-prev'
if: ${{ contains(matrix.build.name, 'openssl-prev') }}
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
- id: cache-openssl-prev-http3-no-deprecated
+ id: cache-openssl-prev-http3
env:
- cache-name: cache-openssl-prev-http3-no-deprecated
+ cache-name: cache-openssl-prev-http3
with:
path: ~/openssl-prev/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.OPENSSL_PREV_VERSION }}
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGHTTP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.NGTCP2_VERSION }}-${{ env.NGHTTP3_VERSION }}
fail-on-cache-miss: true
+ - name: 'cache h2o'
+ uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
+ id: cache-h2o
+ env:
+ cache-name: cache-h2o
+ with:
+ path: ~/h2o/build
+ key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.H2O_VERSION }}-${{ env.OPENSSL_PREV_VERSION }}
+ fail-on-cache-miss: true
+
- name: 'cache quiche'
if: ${{ contains(matrix.build.name, 'quiche') }}
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
-DCURL_WERROR=ON -DENABLE_DEBUG=ON \
-DCURL_USE_LIBUV=ON -DCURL_ENABLE_NTLM=ON \
-DTEST_NGHTTPX=/home/runner/nghttp2/build/bin/nghttpx \
+ -DH2O=/home/runner/h2o/build/bin/h2o \
-DHTTPD_NGHTTPX=/home/runner/nghttp2/build/bin/nghttpx \
${MATRIX_GENERATE} ${options}
else
mkdir bld && cd bld && ../configure --enable-warnings --enable-werror --enable-debug --disable-static \
--disable-dependency-tracking --enable-option-checking=fatal \
--with-libuv --enable-ntlm \
+ --with-test-h2o=/home/runner/h2o/build/bin/h2o \
--with-test-nghttpx=/home/runner/nghttp2/build/bin/nghttpx \
${MATRIX_CONFIGURE}
fi
- name: 'OpenSSL libssh'
compiler: llvm@18
- install: libssh libnghttp3
+ install: libssh
generate: -DENABLE_DEBUG=ON -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=ON -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl -DCURL_BROTLI=OFF -DCURL_ZSTD=OFF
- name: '!ssl HTTP-only c-ares'
install_steps: pytest
generate: >-
-DENABLE_DEBUG=ON -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl -DUSE_NGTCP2=ON -DCURL_BROTLI=OFF -DCURL_ZSTD=OFF -DCURL_USE_LIBSSH2=OFF
- -DCMAKE_C_STANDARD=90 -DCURL_ENABLE_NTLM=ON
+ -DCMAKE_C_STANDARD=90 -DCURL_ENABLE_NTLM=ON -DUSE_PROXY_HTTP3=ON
- name: 'OpenSSL SecTrust'
compiler: clang
install: libnghttp3 libngtcp2
install_steps: pytest
- configure: --enable-debug --with-openssl=/opt/homebrew/opt/openssl --with-ngtcp2 --with-apple-sectrust --enable-ntlm
+ configure: --enable-debug --with-openssl=/opt/homebrew/opt/openssl --with-ngtcp2 --with-apple-sectrust --enable-ntlm --enable-proxy-http3
- name: 'OpenSSL event-based'
compiler: clang
install: openssl@4 libnghttp3 libngtcp2 gsasl
generate: >-
-DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl@4 -DUSE_ECH=ON -DCURL_USE_GSASL=ON -DUSE_APPLE_IDN=ON -DUSE_NGTCP2=ON -DCURL_DISABLE_VERBOSE_STRINGS=ON
- -DUSE_APPLE_SECTRUST=ON -DCURL_ENABLE_NTLM=ON
+ -DUSE_APPLE_SECTRUST=ON -DCURL_ENABLE_NTLM=ON -DUSE_PROXY_HTTP3=ON
- name: 'MultiSSL AppleIDN clang-tidy +examples'
image: macos-26
-DCURL_USE_GSSAPI=ON -DGSS_ROOT_DIR=/opt/homebrew/opt/krb5
-DCURL_BROTLI=ON -DCURL_ZSTD=ON
-DCURL_CLANG_TIDY=ON -DCLANG_TIDY=/opt/homebrew/opt/llvm/bin/clang-tidy
- -DCURL_ENABLE_NTLM=ON
+ -DCURL_ENABLE_NTLM=ON -DUSE_PROXY_HTTP3=ON
- name: 'LibreSSL openldap krb5 c-ares +examples'
compiler: clang
- name: 'OpenSSL torture 1'
compiler: clang
- install: openssl@4 libnghttp3
+ install: openssl@4
install_steps: torture
generate: -DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=OFF -DENABLE_THREADED_RESOLVER=OFF -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl@4 -DUSE_ECH=ON -DCURL_ENABLE_NTLM=ON
tflags: '-t --shallow=25 --min=480 1 to 500'
- name: 'OpenSSL torture 2'
compiler: clang
- install: openssl@4 libnghttp3
+ install: openssl@4
install_steps: torture
generate: -DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=OFF -DENABLE_THREADED_RESOLVER=OFF -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl@4 -DUSE_ECH=ON -DCURL_ENABLE_NTLM=ON
tflags: '-t --shallow=25 --min=730 501 to 1250'
- name: 'OpenSSL torture 3'
compiler: clang
- install: openssl@4 libnghttp3
+ install: openssl@4
install_steps: torture
generate: -DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=OFF -DENABLE_THREADED_RESOLVER=OFF -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl@4 -DUSE_ECH=ON -DCURL_ENABLE_NTLM=ON
tflags: '-t --shallow=25 --min=628 1251 to 9999'
install: 'mingw-w64-clang-aarch64-libssh2' }
- { name: 'openssl', type: 'Release', chkprefill: '_chkprefill',
build: 'cmake' , sys: 'clang64' , env: 'clang-x86_64' , tflags: 'skiprun' ,
- config: '-DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=OFF -DCURL_USE_OPENSSL=ON -DENABLE_UNICODE=OFF -DUSE_NGTCP2=ON',
+ config: '-DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=OFF -DCURL_USE_OPENSSL=ON -DENABLE_UNICODE=OFF -DUSE_NGTCP2=ON -DUSE_PROXY_HTTP3=ON',
install: 'mingw-w64-clang-x86_64-openssl mingw-w64-clang-x86_64-nghttp3 mingw-w64-clang-x86_64-ngtcp2 mingw-w64-clang-x86_64-libssh2' }
- { name: 'schannel', type: 'Release', test: 'uwp',
build: 'cmake' , sys: 'ucrt64' , env: 'ucrt-x86_64' , tflags: 'skiprun' ,
-DNGTCP2_LIBRARY=/ucrt64/lib/libngtcp2.dll.a
-DNGTCP2_CRYPTO_OSSL_LIBRARY=/ucrt64/lib/libngtcp2_crypto_ossl.dll.a
-DCURL_CA_NATIVE=ON
- -DCURL_ENABLE_NTLM=ON
+ -DCURL_ENABLE_NTLM=ON -DUSE_PROXY_HTTP3=ON
- name: 'schannel U'
install-vcpkg: 'zlib libssh2[core,zlib]'
projects / thirdparty / curl.git / commitdiff
