search

curl / curl-for-win

Reproducible curl binaries for Linux, macOS and Windows
https://curl.se/windows/
MIT License
686 stars 207 forks source link

untangle dependencies from configuration #60

Closed dhewg closed 9 months ago

dhewg commented 9 months ago

Currently most dependencies are bound to configurations (big, mini etc). I expected CW_CONFIG=main-win-gcc-x86-msvcrt-pico-osnotls-libressl so work, but it doesn't ;) osnotls works, since it's a curl internal option, but libressl doesn't drag in that library. The result of those two is a completely tls unaware curl.

This fixes the ssl selection for me, but other options have the same issue:

diff --git a/_dl.sh b/_dl.sh
index 124017f..1c104e8 100755
--- a/_dl.sh
+++ b/_dl.sh
@@ -718,25 +718,24 @@ if [[ "${_CONFIG}" = *'mbedtls'* ]]; then
   _DEPS+=' mbedtls'
 fi

-if [[ ! "${_CONFIG}" =~ (zero|bldtst) ]]; then
-  if [ "${_OS}" = 'linux' ] || \
-     [[ ! "${_CONFIG}" =~ (pico|nano|micro|mini|ostls) ]]; then
-
-    if   [[ "${_CONFIG}" = *'libressl'* ]]; then
-      _DEPS+=' libressl'
-    elif [[ "${_CONFIG}" = *'awslc'* ]]; then
-      _DEPS+=' awslc'
-    elif [[ "${_CONFIG}" = *'boringssl'* ]]; then
-      _DEPS+=' boringssl'
-    elif [[ "${_CONFIG}" = *'openssl'* ]]; then
-      _DEPS+=' openssl'
-    elif [[ "${_CONFIG}" = *'quictls'* ]]; then
-      _DEPS+=' quictls'
-    else
-      _DEPS+=' libressl'
-    fi
-    need_cacert=1
-  fi
+if [[ "${_CONFIG}" = *'libressl'* ]]; then
+  _DEPS+=' libressl'
+  need_cacert=1
+elif [[ "${_CONFIG}" = *'awslc'* ]]; then
+  _DEPS+=' awslc'
+  need_cacert=1
+elif [[ "${_CONFIG}" = *'boringssl'* ]]; then
+  _DEPS+=' boringssl'
+  need_cacert=1
+elif [[ "${_CONFIG}" = *'openssl'* ]]; then
+  _DEPS+=' openssl'
+  need_cacert=1
+elif [[ "${_CONFIG}" = *'quictls'* ]]; then
+  _DEPS+=' quictls'
+  need_cacert=1
+elif [[ ! "${_CONFIG}" =~ (zero|bldtst) ]]; then
+  _DEPS+=' libressl'
+  need_cacert=1
 fi

 if [[ ! "${_CONFIG}" =~ (zero|bldtst|pico|nano|micro) ]]; then
vszakats commented 9 months ago

pico was meant to not include a non-OS TLS backend, but yes, why not allow to re-select one manually. This combo is already allowed on Linux, so should work on other platforms, too.

But I think the diff is missing the if [ "${_OS}" = 'linux' ] || [[ ! "${_CONFIG}" =~ (pico|nano|micro|mini|ostls) ]] condition inside the last elif, to keep out the backend by default in pico and others, except on Linux.

dhewg commented 9 months ago

Nice, thanks!