GHA/windows: add GnuTLS to MSVC jobs

- enable GnuTLS in MultiSSL job. - add new GnuTLS job with HTTP/3 enabled. Replacing the `!ssl` job. Use `Release` mode to work around a vcpkg package issue, ending up depending on both the debug and release versions of the gnutls DLL, one of them miss to copy next to the binary. - cmake: add `pkg-config` detection for GnuTLS. Co-authored-by: Tal Regev Fixes #14494 Closes #14495
2024-08-10 11:15:25 +03:00 · 2024-08-10 11:15:25 +03:00 · fd662fb3f4
commit fd662fb3f4
parent ed76a23fcc
2 changed files with 24 additions and 15 deletions
--- a/.github/workflows/windows.yml
+++ b/.github/workflows/windows.yml
@ -351,13 +351,13 @@ jobs:
    strategy:
      matrix:
        include:
-        - name: 'schannel U'
-          install: 'brotli zlib zstd libpsl nghttp2 libssh2[core,zlib] pkgconf gsasl openssl mbedtls'
+        - name: 'schannel MultiSSL U'
+          install: 'brotli zlib zstd libpsl nghttp2 libssh2[core,zlib] pkgconf gsasl openssl mbedtls shiftmedia-libgnutls'
          arch: 'x64'
          plat: 'windows'
          type: 'Debug'
          tflags: '~1516 ~2301 ~2302 ~2303 ~2307'
-          config: '-DENABLE_DEBUG=ON -DENABLE_UNICODE=ON  -DCURL_USE_SCHANNEL=ON  -DCURL_BROTLI=ON -DCURL_ZSTD=ON -DCURL_USE_LIBPSL=ON -DBUILD_SHARED_LIBS=OFF -DCURL_USE_LIBSSH2=ON -DUSE_WIN32_IDN=ON -DCURL_USE_GSASL=ON -DCURL_USE_OPENSSL=ON -DCURL_USE_MBEDTLS=ON -DCURL_DEFAULT_SSL_BACKEND=schannel'
+          config: '-DENABLE_DEBUG=ON -DENABLE_UNICODE=ON  -DCURL_USE_SCHANNEL=ON  -DCURL_BROTLI=ON -DCURL_ZSTD=ON -DCURL_USE_LIBPSL=ON -DBUILD_SHARED_LIBS=OFF -DCURL_USE_LIBSSH2=ON -DUSE_WIN32_IDN=ON -DCURL_USE_GSASL=ON -DCURL_USE_OPENSSL=ON -DCURL_USE_MBEDTLS=ON -DCURL_USE_GNUTLS=ON -DCURL_DEFAULT_SSL_BACKEND=schannel'
        - name: 'openssl'
          install: 'brotli zlib zstd libpsl nghttp2 nghttp3 openssl libssh2 pkgconf gsasl'
          arch: 'x64'
@ -386,17 +386,6 @@ jobs:
          type: 'Debug'
          tflags: '~1516 ~2301 ~2302 ~2303 ~2307'
          config: '-DENABLE_DEBUG=ON -DENABLE_UNICODE=OFF -DCURL_USE_SCHANNEL=OFF -DCURL_BROTLI=ON -DCURL_ZSTD=ON -DCURL_USE_LIBPSL=ON -DBUILD_SHARED_LIBS=OFF -DCURL_USE_LIBSSH2=ON -DCURL_USE_OPENSSL=ON -DUSE_HTTPSRR=ON -DUSE_ECH=ON'
-        - name: '!ssl'
-          install: 'brotli zlib zstd libpsl pkgconf libidn2 libssh'
-          arch: 'x64'
-          plat: 'windows'
-          type: 'Debug'
-          tflags: '~1516 ~2301 ~2302 ~2303 ~2307'
-          # WARNING: libssh uses hard-coded world-writable paths (/etc/..., ~/.ssh/) to
-          #          read its configuration from, making it vulnerable to attacks on
-          #          Windows. Do not use this component till there is a fix for these.
-          # https://github.com/curl/curl-for-win/blob/3951808deb04df9489ee17430f236ed54436f81a/libssh.sh#L6-L8
-          config: '-DENABLE_DEBUG=ON -DENABLE_UNICODE=OFF -DCURL_USE_SCHANNEL=OFF -DCURL_BROTLI=ON -DCURL_ZSTD=ON -DCURL_USE_LIBPSL=ON -DHTTP_ONLY=ON -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=ON'
        - name: 'wolfssl'
          install: 'brotli zlib zstd libpsl nghttp2 wolfssl libssh2 pkgconf gsasl'
          arch: 'x64'
@ -404,6 +393,17 @@ jobs:
          type: 'Debug'
          tflags: '~1516'
          config: '-DENABLE_DEBUG=ON -DENABLE_UNICODE=OFF -DCURL_USE_SCHANNEL=OFF -DCURL_BROTLI=ON -DCURL_ZSTD=ON -DCURL_USE_LIBPSL=ON -DBUILD_SHARED_LIBS=OFF -DCURL_USE_LIBSSH2=ON -DCURL_USE_WOLFSSL=ON -DCURL_USE_GSASL=ON'
+        - name: 'gnutls'
+          install: 'brotli zlib zstd libpsl nghttp2 shiftmedia-libgnutls libssh pkgconf gsasl ngtcp2[gnutls] nghttp3'
+          arch: 'x64'
+          plat: 'windows'
+          type: 'Release'
+          tflags: '~1516'
+          # WARNING: libssh uses hard-coded world-writable paths (/etc/..., ~/.ssh/) to
+          #          read its configuration from, making it vulnerable to attacks on
+          #          Windows. Do not use this component till there is a fix for these.
+          # https://github.com/curl/curl-for-win/blob/3951808deb04df9489ee17430f236ed54436f81a/libssh.sh#L6-L8
+          config: '-DENABLE_DEBUG=ON -DENABLE_UNICODE=OFF -DCURL_USE_SCHANNEL=OFF -DCURL_BROTLI=ON -DCURL_ZSTD=ON -DCURL_USE_LIBPSL=ON -DUSE_NGHTTP2=ON -DBUILD_SHARED_LIBS=OFF -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=ON -DCURL_USE_GNUTLS=ON -DCURL_USE_GSASL=ON -DUSE_NGTCP2=ON'
      fail-fast: false
    steps:
      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@ -594,7 +594,16 @@ if(CURL_USE_WOLFSSL)
 endif()

 if(CURL_USE_GNUTLS)
-  find_package(GnuTLS REQUIRED)
+  if(CURL_USE_PKGCONFIG)
+    find_package(PkgConfig QUIET)
+    pkg_search_module(GNUTLS "gnutls")
+    if(GNUTLS_FOUND)
+      set(GNUTLS_LIBRARIES ${GNUTLS_LINK_LIBRARIES})
+    endif()
+  endif()
+  if(NOT GNUTLS_FOUND)
+    find_package(GnuTLS REQUIRED)
+  endif()
  find_package(nettle REQUIRED)
  set(_ssl_enabled ON)
  set(USE_GNUTLS ON)