Download raw body.
curl + ngtcp2 vs quic
ngtcp2 1.15 renamed ngtcp2_crypto_quictls.so to ngtcp2_crypto_libressl.so.
The main reason for this is that the curl people wanted that...
Unfortunately, ngtcp2 1.15 is broken with libressl as shipped because
they forget to install the still-relevant ngtcp2_crypto_quictls.h for
libressl. So pull in a fix for that.
I think we're better off dealing with this now rather than waiting
for 1.16, so the backports during the next cycle have this stumbling
block of the way, plus we get some testing before release. It still
works for me.
For libngtcp2 only a minor is strictly needed, but let's err on the safe
side.
The patch below updates ngtcp2 to 1.15, pulls in the fix for the
missing header and adds the necessary autoconf patches from upstream
to curl.
I left out the boring wantlib churn and bumps in other ports.
https://github.com/ngtcp2/ngtcp2/pull/1716
https://github.com/ngtcp2/ngtcp2/pull/1726
https://github.com/ngtcp2/ngtcp2/pull/1752
https://github.com/curl/curl/commit/31e6798544bf8aafbd8aef61b08623b92312aa42
Index: net/curl/Makefile
===================================================================
RCS file: /cvs/ports/net/curl/Makefile,v
diff -u -p -r1.208 Makefile
--- net/curl/Makefile 20 Jul 2025 22:10:32 -0000 1.208
+++ net/curl/Makefile 25 Aug 2025 13:02:52 -0000
@@ -4,6 +4,7 @@ DISTNAME= curl-8.15.0
SHARED_LIBS= curl 26.32 # 12.0
CATEGORIES= net
HOMEPAGE= https://curl.se/
+REVISION= 0
MAINTAINER= Christian Weisgerber <naddy@openbsd.org>
@@ -14,7 +15,7 @@ SITES= https://curl.se/download/
EXTRACT_SUFX= .tar.xz
LIB_DEPENDS= www/nghttp2 www/nghttp3 net/ngtcp2
-WANTLIB= c crypto pthread nghttp2 nghttp3 ngtcp2 ngtcp2_crypto_quictls
+WANTLIB= c crypto pthread nghttp2 nghttp3 ngtcp2 ngtcp2_crypto_libressl
WANTLIB+= ssl z
AUTOCONF_VERSION=2.71
Index: net/curl/patches/patch-configure_ac
===================================================================
RCS file: net/curl/patches/patch-configure_ac
diff -N net/curl/patches/patch-configure_ac
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ net/curl/patches/patch-configure_ac 25 Aug 2025 13:02:38 -0000
@@ -0,0 +1,73 @@
+https://github.com/curl/curl/commit/31e6798544bf8aafbd8aef61b08623b92312aa42
+
+Index: configure.ac
+--- configure.ac.orig
++++ configure.ac
+@@ -3201,7 +3201,66 @@ if test X"$want_tcp2" != Xno; then
+ fi
+ fi
+
+-if test "x$USE_NGTCP2" = "x1" -a "x$OPENSSL_ENABLED" = "x1" -a \
++if test "x$USE_NGTCP2" = "x1" -a "x$OPENSSL_ENABLED" = "x1" -a "$HAVE_LIBRESSL" = "1"; then
++ dnl backup the pre-ngtcp2_crypto_libressl variables
++ CLEANLDFLAGS="$LDFLAGS"
++ CLEANLDFLAGSPC="$LDFLAGSPC"
++ CLEANCPPFLAGS="$CPPFLAGS"
++ CLEANLIBS="$LIBS"
++
++ CURL_CHECK_PKGCONFIG(libngtcp2_crypto_libressl, $want_tcp2_path)
++
++ if test "$PKGCONFIG" != "no"; then
++ LIB_NGTCP2_CRYPTO_LIBRESSL=`CURL_EXPORT_PCDIR([$want_tcp2_path])
++ $PKGCONFIG --libs-only-l libngtcp2_crypto_libressl`
++ AC_MSG_NOTICE([-l is $LIB_NGTCP2_CRYPTO_LIBRESSL])
++
++ CPP_NGTCP2_CRYPTO_LIBRESSL=`CURL_EXPORT_PCDIR([$want_tcp2_path]) dnl
++ $PKGCONFIG --cflags-only-I libngtcp2_crypto_libressl`
++ AC_MSG_NOTICE([-I is $CPP_NGTCP2_CRYPTO_LIBRESSL])
++
++ LD_NGTCP2_CRYPTO_LIBRESSL=`CURL_EXPORT_PCDIR([$want_tcp2_path])
++ $PKGCONFIG --libs-only-L libngtcp2_crypto_libressl`
++ AC_MSG_NOTICE([-L is $LD_NGTCP2_CRYPTO_LIBRESSL])
++
++ LDFLAGS="$LDFLAGS $LD_NGTCP2_CRYPTO_LIBRESSL"
++ LDFLAGSPC="$LDFLAGSPC $LD_NGTCP2_CRYPTO_LIBRESSL"
++ CPPFLAGS="$CPPFLAGS $CPP_NGTCP2_CRYPTO_LIBRESSL"
++ LIBS="$LIB_NGTCP2_CRYPTO_LIBRESSL $LIBS"
++
++ if test "x$cross_compiling" != "xyes"; then
++ DIR_NGTCP2_CRYPTO_LIBRESSL=`echo $LD_NGTCP2_CRYPTO_LIBRESSL | $SED -e 's/^-L//'`
++ fi
++ AC_CHECK_LIB(ngtcp2_crypto_libressl, ngtcp2_crypto_recv_client_initial_cb,
++ [
++ AC_CHECK_HEADERS(ngtcp2/ngtcp2_crypto.h,
++ USE_NGTCP2=1
++ CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$DIR_NGTCP2_CRYPTO_LIBRESSL"
++ export CURL_LIBRARY_PATH
++ AC_MSG_NOTICE([Added $DIR_NGTCP2_CRYPTO_LIBRESSL to CURL_LIBRARY_PATH])
++ LIBCURL_PC_REQUIRES_PRIVATE="$LIBCURL_PC_REQUIRES_PRIVATE libngtcp2_crypto_libressl"
++ )
++ ],
++ dnl not found, revert back to clean variables
++ LDFLAGS=$CLEANLDFLAGS
++ LDFLAGSPC=$CLEANLDFLAGSPC
++ CPPFLAGS=$CLEANCPPFLAGS
++ LIBS=$CLEANLIBS
++ )
++
++ else
++ dnl no ngtcp2_crypto_libressl pkg-config found, deal with it
++ if test X"$want_tcp2" != Xdefault; then
++ dnl To avoid link errors, we do not allow --with-ngtcp2 without
++ dnl a pkgconfig file
++ AC_MSG_WARN([--with-ngtcp2 was specified but could not find ngtcp2_crypto_libressl pkg-config file.])
++ dnl Pretend to be quictls to fall back to using ngtcp2_crypto_quictls
++ fi
++ HAVE_LIBRESSL=0
++ fi
++fi
++
++if test "x$USE_NGTCP2" = "x1" -a "x$OPENSSL_ENABLED" = "x1" -a "$HAVE_LIBRESSL" != "1" -a \
+ "x$OPENSSL_IS_BORINGSSL" != "x1" -a "x$OPENSSL_QUIC_API2" != "x1"; then
+ dnl backup the pre-ngtcp2_crypto_quictls variables
+ CLEANLDFLAGS="$LDFLAGS"
Index: net/curl/patches/patch-m4_curl-openssl_m4
===================================================================
RCS file: net/curl/patches/patch-m4_curl-openssl_m4
diff -N net/curl/patches/patch-m4_curl-openssl_m4
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ net/curl/patches/patch-m4_curl-openssl_m4 25 Aug 2025 13:02:43 -0000
@@ -0,0 +1,13 @@
+https://github.com/curl/curl/commit/31e6798544bf8aafbd8aef61b08623b92312aa42
+
+Index: m4/curl-openssl.m4
+--- m4/curl-openssl.m4.orig
++++ m4/curl-openssl.m4
+@@ -292,6 +292,7 @@ if test "x$OPT_OPENSSL" != xno; then
+ ],[
+ AC_MSG_RESULT([yes])
+ ssl_msg="LibreSSL"
++ HAVE_LIBRESSL=1
+ ],[
+ AC_MSG_RESULT([no])
+ ])
Index: net/ngtcp2/Makefile
===================================================================
RCS file: /cvs/ports/net/ngtcp2/Makefile,v
diff -u -p -r1.29 Makefile
--- net/ngtcp2/Makefile 26 Jul 2025 06:10:04 -0000 1.29
+++ net/ngtcp2/Makefile 25 Aug 2025 12:52:09 -0000
@@ -1,10 +1,10 @@
COMMENT= implementation of the RFC 9000 QUIC protocol
-V= 1.14.0
+V= 1.15.0
DISTNAME= ngtcp2-$V
-SHARED_LIBS+= ngtcp2 4.1 # 20.0
-SHARED_LIBS+= ngtcp2_crypto_quictls 0.2 # 5.0
+SHARED_LIBS+= ngtcp2 5.0 # 21.0
+SHARED_LIBS+= ngtcp2_crypto_libressl 0.0 # 5.0
CATEGORIES= net
@@ -22,7 +22,9 @@ SITES= https://github.com/ngtcp2/ngtcp2
SEPARATE_BUILD= Yes
DEBUG_PACKAGES= ${BUILD_PACKAGES}
-CONFIGURE_STYLE= gnu
+CONFIGURE_STYLE= autoreconf
+AUTOCONF_VERSION= 2.72
+AUTOMAKE_VERSION= 1.16
CONFIGURE_ARGS+= --with-openssl
.include <bsd.port.mk>
Index: net/ngtcp2/distinfo
===================================================================
RCS file: /cvs/ports/net/ngtcp2/distinfo,v
diff -u -p -r1.27 distinfo
--- net/ngtcp2/distinfo 26 Jul 2025 06:10:04 -0000 1.27
+++ net/ngtcp2/distinfo 25 Aug 2025 11:33:52 -0000
@@ -1,2 +1,2 @@
-SHA256 (ngtcp2-1.14.0.tar.gz) = JSckc/Eur3oE+PQ37diSdT5edy9JD0aWCWCbdWk9SRA=
-SIZE (ngtcp2-1.14.0.tar.gz) = 1170472
+SHA256 (ngtcp2-1.15.0.tar.gz) = fe6JmgUzShDLSUWv8DDAvtcHlmPsANbrx9Z/HwG1RL8=
+SIZE (ngtcp2-1.15.0.tar.gz) = 1189156
Index: net/ngtcp2/pkg/PLIST
===================================================================
RCS file: /cvs/ports/net/ngtcp2/pkg/PLIST,v
diff -u -p -r1.2 PLIST
--- net/ngtcp2/pkg/PLIST 20 Sep 2023 15:58:21 -0000 1.2
+++ net/ngtcp2/pkg/PLIST 25 Aug 2025 12:55:37 -0000
@@ -6,10 +6,10 @@ include/ngtcp2/version.h
@static-lib lib/libngtcp2.a
lib/libngtcp2.la
@lib lib/libngtcp2.so.${LIBngtcp2_VERSION}
-@static-lib lib/libngtcp2_crypto_quictls.a
-lib/libngtcp2_crypto_quictls.la
-@lib lib/libngtcp2_crypto_quictls.so.${LIBngtcp2_crypto_quictls_VERSION}
+@static-lib lib/libngtcp2_crypto_libressl.a
+lib/libngtcp2_crypto_libressl.la
+@lib lib/libngtcp2_crypto_libressl.so.${LIBngtcp2_crypto_libressl_VERSION}
lib/pkgconfig/libngtcp2.pc
-lib/pkgconfig/libngtcp2_crypto_quictls.pc
+lib/pkgconfig/libngtcp2_crypto_libressl.pc
share/doc/ngtcp2/
share/doc/ngtcp2/README.rst
Index: net/ngtcp2/patches/patch-crypto_includes_CMakeLists_txt
===================================================================
RCS file: net/ngtcp2/patches/patch-crypto_includes_CMakeLists_txt
diff -N net/ngtcp2/patches/patch-crypto_includes_CMakeLists_txt
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ net/ngtcp2/patches/patch-crypto_includes_CMakeLists_txt 25 Aug 2025 13:14:48 -0000
@@ -0,0 +1,14 @@
+https://github.com/ngtcp2/ngtcp2/pull/1752
+
+Index: crypto/includes/CMakeLists.txt
+--- crypto/includes/CMakeLists.txt.orig
++++ crypto/includes/CMakeLists.txt
+@@ -25,7 +25,7 @@ install(FILES
+ ngtcp2/ngtcp2_crypto.h
+ DESTINATION "${CMAKE_INSTALL_INCLUDEDIR}/ngtcp2")
+
+-if(HAVE_QUICTLS)
++if(HAVE_QUICTLS OR HAVE_LIBRESSL)
+ install(FILES
+ ngtcp2/ngtcp2_crypto_quictls.h
+ DESTINATION "${CMAKE_INSTALL_INCLUDEDIR}/ngtcp2")
Index: net/ngtcp2/patches/patch-crypto_includes_Makefile_am
===================================================================
RCS file: net/ngtcp2/patches/patch-crypto_includes_Makefile_am
diff -N net/ngtcp2/patches/patch-crypto_includes_Makefile_am
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ net/ngtcp2/patches/patch-crypto_includes_Makefile_am 25 Aug 2025 13:14:48 -0000
@@ -0,0 +1,16 @@
+https://github.com/ngtcp2/ngtcp2/pull/1752
+
+Index: crypto/includes/Makefile.am
+--- crypto/includes/Makefile.am.orig
++++ crypto/includes/Makefile.am
+@@ -28,6 +28,10 @@ if HAVE_QUICTLS
+ nobase_include_HEADERS += ngtcp2/ngtcp2_crypto_quictls.h
+ endif
+
++if HAVE_LIBRESSL
++nobase_include_HEADERS += ngtcp2/ngtcp2_crypto_quictls.h
++endif
++
+ if HAVE_GNUTLS
+ nobase_include_HEADERS += ngtcp2/ngtcp2_crypto_gnutls.h
+ endif
curl + ngtcp2 vs quic