Imported Upstream version 7.86.0upstream/7.86.0

Change-Id: I69742b17b658f837c72674c476b7a93c6965b2dc

1 files changed, 114 insertions, 26 deletions

diff --git a/docs/HTTP3.md b/docs/HTTP3.md
index 3c713b045..26141bb75 100644
--- a/docs/HTTP3.md
+++ b/docs/HTTP3.md
@@ -5,10 +5,6 @@
 [HTTP/3 Explained](https://http3-explained.haxx.se/en/) - the online free
 book describing the protocols involved.
 
-[QUIC implementation](https://github.com/curl/curl/wiki/QUIC-implementation) -
-the wiki page describing the plan for how to support QUIC and HTTP/3 in curl
-and libcurl.
-
 [quicwg.org](https://quicwg.org/) - home of the official protocol drafts
 
 ## QUIC libraries
@@ -19,13 +15,15 @@ QUIC libraries we are experimenting with:
 
 [quiche](https://github.com/cloudflare/quiche)
 
+[msquic](https://github.com/microsoft/msquic) & [msh3](https://github.com/nibanks/msh3)
+
 ## Experimental
 
 HTTP/3 and QUIC support in curl is considered **EXPERIMENTAL** until further
 notice. It needs to be enabled at build-time.
 
 Further development and tweaking of the HTTP/3 support in curl will happen in
-in the master branch using pull-requests, just like ordinary changes.
+the master branch using pull-requests, just like ordinary changes.
 
 # ngtcp2 version
 
@@ -108,7 +106,48 @@ Build curl
      % git clone https://github.com/curl/curl
      % cd curl
      % autoreconf -fi
-     % ./configure --without-openssl --with-gnutls=<somewhere1> --with-nghttp3=<somewhere2> --with-ngtcp2=<somewhere3>
+     % ./configure --with-gnutls=<somewhere1> --with-nghttp3=<somewhere2> --with-ngtcp2=<somewhere3>
+     % make
+     % make install
+
+## Build with wolfSSL
+
+Build wolfSSL
+
+     % git clone https://github.com/wolfSSL/wolfssl.git
+     % cd wolfssl
+     % autoreconf -fi
+     % ./configure --prefix=<somewhere1> --enable-quic --enable-session-ticket --enable-earlydata --enable-psk --enable-harden --enable-altcertchains
+     % make
+     % make install
+
+Build nghttp3
+
+     % cd ..
+     % git clone https://github.com/ngtcp2/nghttp3
+     % cd nghttp3
+     % autoreconf -fi
+     % ./configure --prefix=<somewhere2> --enable-lib-only
+     % make
+     % make install
+
+Build ngtcp2 (once https://github.com/ngtcp2/ngtcp2/pull/505 is merged)
+
+     % cd ..
+     % git clone https://github.com/ngtcp2/ngtcp2
+     % cd ngtcp2
+     % autoreconf -fi
+     % ./configure PKG_CONFIG_PATH=<somewhere1>/lib/pkgconfig:<somewhere2>/lib/pkgconfig LDFLAGS="-Wl,-rpath,<somewhere1>/lib" --prefix=<somewhere3> --enable-lib-only --with-wolfssl
+     % make
+     % make install
+
+Build curl
+
+     % cd ..
+     % git clone https://github.com/curl/curl
+     % cd curl
+     % autoreconf -fi
+     % ./configure --with-wolfssl=<somewhere1> --with-nghttp3=<somewhere2> --with-ngtcp2=<somewhere3>
      % make
      % make install
 
@@ -136,6 +175,60 @@ Build curl:
 
  If `make install` results in `Permission denied` error, you will need to prepend it with `sudo`.
 
+# msh3 (msquic) version
+
+## Build Linux (with quictls fork of OpenSSL)
+
+Build msh3:
+
+     % git clone -b v0.4.0 --depth 1 --recursive https://github.com/nibanks/msh3
+     % cd msh3 && mkdir build && cd build
+     % cmake -G 'Unix Makefiles' -DCMAKE_BUILD_TYPE=RelWithDebInfo ..
+     % cmake --build .
+     % cmake --install .
+
+Build curl:
+
+     % git clone https://github.com/curl/curl
+     % cd curl
+     % autoreconf -fi
+     % ./configure LDFLAGS="-Wl,-rpath,/usr/local/lib" --with-msh3=/usr/local --with-openssl
+     % make
+     % make install
+
+Run from `/usr/local/bin/curl`.
+
+## Build Windows
+
+Build msh3:
+
+     % git clone -b v0.4.0 --depth 1 --recursive https://github.com/nibanks/msh3
+     % cd msh3 && mkdir build && cd build
+     % cmake -G 'Visual Studio 17 2022' -DCMAKE_BUILD_TYPE=RelWithDebInfo ..
+     % cmake --build . --config Release
+     % cmake --install . --config Release
+
+**Note** - On Windows, Schannel will be used for TLS support by default. If
+you with to use (the quictls fork of) OpenSSL, specify the `-DQUIC_TLS=openssl`
+option to the generate command above. Also note that OpenSSL brings with it an
+additional set of build dependencies not specified here.
+
+Build curl (in [Visual Studio Command prompt](../winbuild/README.md#open-a-command-prompt)):
+
+     % git clone https://github.com/curl/curl
+     % cd curl/winbuild
+     % nmake /f Makefile.vc mode=dll WITH_MSH3=dll MSH3_PATH="C:/Program Files/msh3" MACHINE=x64
+
+**Note** - If you encounter a build error with `tool_hugehelp.c` being missing,
+rename `tool_hugehelp.c.cvs` in the same directory to `tool_hugehelp.c` and
+then run `nmake` again.
+
+Run in the `C:/Program Files/msh3/lib` directory, copy `curl.exe` to that
+directory, or copy `msquic.dll` and `msh3.dll` from that directory to the
+`curl.exe` directory. For example:
+
+     % C:\Program Files\msh3\lib> F:\curl\builds\libcurl-vc-x64-release-dll-ipv6-sspi-schannel-msh3\bin\curl.exe --http3 https://www.google.com
+
 # `--http3`
 
 Use HTTP/3 directly:
@@ -157,18 +250,18 @@ Check out the [list of known HTTP3 bugs](https://curl.se/docs/knownbugs.html#HTT
 This is not advice on how to run anything in production. This is for
 development and experimenting.
 
-## Preqreqs
+## Prerequisite(s)
 
 An existing local HTTP/1.1 server that hosts files. Preferably also a few huge
-ones.  You can easily create huge local files like `truncate -s=8G 8GB` - they
-are huge but do not occupy that much space on disk since they're just a big
-hole.
+ones. You can easily create huge local files like `truncate -s=8G 8GB` - they
+are huge but do not occupy that much space on disk since they are just big
+holes.
 
 In my Debian setup I just installed **apache2**. It runs on port 80 and has a
 document root in `/var/www/html`. I can get the 8GB file from it with `curl
 localhost/8GB -o dev/null`
 
-In this description we setup and run a HTTP/3 reverse-proxy in front of the
+In this description we setup and run an HTTP/3 reverse-proxy in front of the
 HTTP/1 server.
 
 ## Setup
@@ -198,26 +291,21 @@ that exists in curl's test dir.
 
 ### Caddy
 
-[Install caddy](https://caddyserver.com/docs/install), you can even put the
-single binary in a separate directory if you prefer.
+[Install Caddy](https://caddyserver.com/docs/install). For easiest use, the binary
+should be either in your PATH or your current directory.
 
-In the same directory you put caddy, create a `Caddyfile` with the following
-content to run a HTTP/3 reverse-proxy on port 7443:
+Create a `Caddyfile` with the following content:
 ~~~
-{
-    auto_https disable_redirects
-	servers :7443 {
-		protocol {
-			experimental_http3
-		}
-	}
-}
-
 localhost:7443 {
-	reverse_proxy localhost:80
+	respond "Hello, world! You're using {http.request.proto}"
 }
 ~~~
 
-Then run caddy:
+Then run Caddy:
 
     ./caddy start
+
+Making requests to `https://localhost:7443` should tell you which protocol is being used.
+
+You can change the hard-coded response to something more useful by replacing `respond`
+with `reverse_proxy` or `file_server`, for example: `reverse_proxy localhost:80`