Skip to content

Commit

Permalink
curl with http3 support
Browse files Browse the repository at this point in the history
Signed-off-by: PI <[email protected]>
  • Loading branch information
pi-314159 authored Aug 19, 2024
1 parent 809320b commit 04f7799
Show file tree
Hide file tree
Showing 3 changed files with 60 additions and 1 deletion.
25 changes: 25 additions & 0 deletions curl/Dockerfile-QUIC
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
FROM ubuntu:latest AS build

ARG CURL_VERSION=8.9.1
ARG QUICHE_VERSION=0.22.0

RUN apt update && apt install cmake gcc ninja-build libunwind-dev pkg-config build-essential cargo git wget -y && cd /root && \
# Clone BoringSSL&liboqs
git clone --branch master https://github.com/open-quantum-safe/boringssl.git bssl && git clone --branch main --single-branch --depth 1 https://github.com/open-quantum-safe/liboqs.git && \
# Build liboqs
cd liboqs && mkdir build && cd build && cmake -G"Ninja" -DCMAKE_INSTALL_PREFIX=../../bssl/oqs -DOQS_USE_OPENSSL=OFF .. && ninja && ninja install && \
# Build BoringSSL
cd /root/bssl && mkdir build && cd build && cmake -GNinja -DCMAKE_BUILD_TYPE=Release -DBUILD_SHARED_LIBS=1 .. && ninja && ninja install && cp -rp ../install/include /usr/local/include/bssl && cp -rp ../install/lib /usr/local/lib/bssl && \
# Build quiche
cd /root && git clone --recursive -b ${QUICHE_VERSION} https://github.com/cloudflare/quiche && cd quiche/quiche/deps && rm -R boringssl && ln -s /root/bssl boringssl && cd /root/quiche && cargo build --package quiche --release --features ffi,pkg-config-meta,qlog && cp -p target/release/libquiche.so /usr/local/lib/bssl/libquiche.so.0 && \
# Build curl
cd /root && wget https://curl.se/download/curl-${CURL_VERSION}.tar.gz && tar -zxf curl-${CURL_VERSION}.tar.gz && rm -R curl-${CURL_VERSION}.tar.gz && mv curl-${CURL_VERSION} curl && cd curl && LIBS=-lpthread ./configure LDFLAGS="-Wl,-rpath,/usr/local/lib/bssl" --with-openssl=/root/bssl/install --with-quiche=/root/quiche/target/release --prefix="/usr/local/curl" && make && make install


FROM ubuntu:latest

COPY --from=build /usr/local/include/bssl /usr/local/include/bssl
COPY --from=build /usr/local/lib/bssl /usr/local/lib/bssl
COPY --from=build /usr/local/curl /usr/local/curl

RUN ln -s /usr/local/curl/bin/curl /usr/local/bin/curl
34 changes: 34 additions & 0 deletions curl/README-QUIC.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
# cURL with OQS-BoringSSL for QUIC

This Docker setup provides a curl instance configured to use OQS-BoringSSL, which supports QUIC with quantum-safe algorithms. For more information on the supported quantum-safe algorithms and how to enable additional algorithms, please refer to the following resources:

- [Supported Algorithms](https://github.com/open-quantum-safe/boringssl?tab=readme-ov-file#supported-algorithms)
- [Using LibOQS Algorithms Not in the Fork](https://github.com/open-quantum-safe/boringssl/wiki/Using-liboqs-algorithms-not-in-the-fork)

## Setup Instructions

### Step 1: Build the Docker Image

Build the Docker image using the provided Dockerfile:

```bash
docker build -t curl-quic -f Dockerfile-QUIC .
```

### Step 2: Start the Docker Container

To start the container from the Docker image, use the following command:

```bash
docker run -it --name curl-quic-instance curl-quic
```

### Step 3: Use cURL Inside the Container

Once inside the container, you can use the following command to make HTTP/3 requests:

```bash
curl --http3-only https://example.com -curves kex
```

In this command, `kex` represents the key exchange algorithm, such as `mlkem768`.
2 changes: 1 addition & 1 deletion curl/README.md
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
This directory contains a Dockerfile that builds `curl` using OpenSSL v3 using the [OQS provider](https://github.com/open-quantum-safe/oqs-provider), which allows `curl` to negotiate quantum-safe keys and use quantum-safe authentication in TLS 1.3.
This directory contains a Dockerfile that builds `curl` using OpenSSL v3 using the [OQS provider](https://github.com/open-quantum-safe/oqs-provider), which allows `curl` to negotiate quantum-safe keys and use quantum-safe authentication in TLS 1.3. For instructions on setting up and using curl with HTTP/3 QUIC support, please refer to the [cURL QUIC README](https://github.com/open-quantum-safe/oqs-demos/blob/main/curl/README-QUIC.md).

## Quick start

Expand Down

0 comments on commit 04f7799

Please sign in to comment.