Skip to content
This repository has been archived by the owner on Jun 17, 2024. It is now read-only.

Home

Jump to bottom
Jonathan Protzenko edited this page Aug 2, 2016 · 5 revisions

Welcome to the mitls-curl wiki!

How to build

One-time steps

Run make tls-ffi from src/tls in your mitls-fstar repository. Then, in the mitls-curl repository:

libtoolize
aclocal
autoheader
automake --add-missing

Note (JP): this doesn't work on my mac because 1) libtoolize is actually glibtoolize and 2) following these steps I don't end up with a configure script. Instead, this single invocation worked for me:

./buildconf

At least once, to configure the curl options

./configure --with-mitls=/cygdrive/c/Repos/mitls

(specifying the path to the root of the miTLS repro. You must have built the tls-ffi target first)

You may also want to add --enable-debug to build the debug flavor of curl, with more compiler warnings and runtime diagnostics. Also, if this picks up OpenSSL, try adding --without-ssl.

Expected results from the configure step

configure: Configured to build curl/libcurl:

  curl version:     7.50.0-DEV
  Host setup:       x86_64-unknown-cygwin
  Install prefix:   /usr/local
  Compiler:         gcc
  SSL support:      enabled (miTLS)
  SSH support:      no      (--with-libssh2)
  zlib support:     no      (--with-zlib)
  GSS-API support:  no      (--with-gssapi)
  TLS-SRP support:  no      (--enable-tls-srp)
  resolver:         default (--enable-ares / --enable-threaded-resolver)
  IPv6 support:     enabled
  Unix sockets support: enabled
  IDN support:      no      (--with-{libidn,winidn})
  Build libcurl:    Shared=yes, Static=yes
  Built-in manual:  enabled
  --libcurl option: enabled (--disable-libcurl-option)
  Verbose errors:   enabled (--disable-verbose)
  SSPI support:     no      (--enable-sspi)
  ca cert bundle:   /etc/pki/tls/certs/ca-bundle.crt
  ca cert path:     no
  ca fallback:      no
  LDAP support:     no      (--enable-ldap / --with-ldap-lib / --with-lber-lib)
  LDAPS support:    no      (--enable-ldaps)
  RTSP support:     enabled
  RTMP support:     no      (--with-librtmp)
  metalink support: no      (--with-libmetalink)
  PSL support:      no      (libpsl not found)
  HTTP2 support:    disabled (--with-nghttp2)
  Protocols:        DICT FILE FTP FTPS GOPHER HTTP HTTPS IMAP IMAPS POP3 POP3S RTSP SMTP SMTPS TELNET TFTP

Note the "SSL support: enabled (miTLS)" line indicating mitls was detected successfully and enabled.

Building

make

Running

src/curl.exe https://www.google.com
src/curl.exe --tlsv1.3 https://localhost:4443

Make sure LD_LIBRARY_PATH points to wherever libmitls.so is.

Debugging

/cygdrive/c/debuggers/windbg -o src\curl.exe https://www.google.com

Note the -o switch, which enables debugging of child processes. The top-level curl.exe launches a child curl.exe that does the actual work. The libmitls.so loads into that process, and all of its symbols will be available.

Clone this wiki locally