From 5a0825bc306eb977a848bf76c58e176b46f532e7 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Thu, 21 Aug 2025 12:09:17 +0200 Subject: [PATCH] gtls: try fixing build with v3.5.8 (old-linux) ``` /__w/curl/curl/lib/vtls/gtls.c: In function 'Curl_gtls_cache_session': /__w/curl/curl/lib/vtls/gtls.c:693:19: error: implicit declaration of function 'gnutls_record_get_max_early_data_size' [-Wimplicit-function-declaration] earlydata_max = gnutls_record_get_max_early_data_size(session); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /__w/curl/curl/lib/vtls/gtls.c:693:3: error: nested extern declaration of 'gnutls_record_get_max_early_data_size' [-Werror=nested-externs] earlydata_max = gnutls_record_get_max_early_data_size(session); ^~~~~~~~~~~~~ /__w/curl/curl/lib/vtls/gtls.c: In function 'Curl_glts_get_ietf_proto': /__w/curl/curl/lib/vtls/gtls.c:730:8: error: 'GNUTLS_TLS1_3' undeclared (first use in this function) case GNUTLS_TLS1_3: ^~~~~~~~~~~~~ /__w/curl/curl/lib/vtls/gtls.c:730:8: note: each undeclared identifier is reported only once for each function it appears in /__w/curl/curl/lib/vtls/gtls.c: In function 'gtls_client_init': /__w/curl/curl/lib/vtls/gtls.c:887:19: error: 'GNUTLS_ENABLE_EARLY_DATA' undeclared (first use in this function) init_flags |= GNUTLS_ENABLE_EARLY_DATA | GNUTLS_NO_END_OF_EARLY_DATA; ^~~~~~~~~~~~~~~~~~~~~~~~ /__w/curl/curl/lib/vtls/gtls.c:887:46: error: 'GNUTLS_NO_END_OF_EARLY_DATA' undeclared (first use in this function) init_flags |= GNUTLS_ENABLE_EARLY_DATA | GNUTLS_NO_END_OF_EARLY_DATA; ^~~~~~~~~~~~~~~~~~~~~~~~~~~ /__w/curl/curl/lib/vtls/gtls.c: In function 'Curl_gtls_ctx_init': /__w/curl/curl/lib/vtls/gtls.c:1164:5: error: implicit declaration of function 'gnutls_session_set_keylog_function' [-Wimplicit-function-declaration] gnutls_session_set_keylog_function(gctx->session, keylog_callback); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /__w/curl/curl/lib/vtls/gtls.c:1164:5: error: nested extern declaration of 'gnutls_session_set_keylog_function' [-Werror=nested-externs] /__w/curl/curl/lib/vtls/gtls.c: In function 'gtls_verifyserver': /__w/curl/curl/lib/vtls/gtls.c:1798:45: error: 'GNUTLS_TLS1_3' undeclared (first use in this function) if(gnutls_protocol_get_version(session) < GNUTLS_TLS1_3) ^~~~~~~~~~~~~ /__w/curl/curl/lib/vtls/gtls.c: In function 'gtls_send_earlydata': /__w/curl/curl/lib/vtls/gtls.c:1819:9: error: implicit declaration of function 'gnutls_record_send_early_data' [-Wimplicit-function-declaration] n = gnutls_record_send_early_data(backend->gtls.session, buf, blen); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /__w/curl/curl/lib/vtls/gtls.c:1819:5: error: nested extern declaration of 'gnutls_record_send_early_data' [-Werror=nested-externs] n = gnutls_record_send_early_data(backend->gtls.session, buf, blen); ^ /__w/curl/curl/lib/vtls/gtls.c: In function 'gtls_connect_common': /__w/curl/curl/lib/vtls/gtls.c:1926:10: error: 'GNUTLS_SFLAGS_EARLY_DATA' undeclared (first use in this function) GNUTLS_SFLAGS_EARLY_DATA) ? ^~~~~~~~~~~~~~~~~~~~~~~~ cc1: all warnings being treated as errors ``` --- lib/vtls/gtls.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index 7ecf0f0507..2d153e0ab7 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -655,6 +655,7 @@ CURLcode Curl_gtls_client_trust_setup(struct Curl_cfilter *cf, return CURLE_OK; } +#if GNUTLS_VERSION_NUMBER >= 0x030605 CURLcode Curl_gtls_cache_session(struct Curl_cfilter *cf, struct Curl_easy *data, const char *ssl_peer_key, @@ -715,6 +716,7 @@ CURLcode Curl_gtls_cache_session(struct Curl_cfilter *cf, } return result; } +#endif int Curl_glts_get_ietf_proto(gnutls_session_t session) { @@ -727,13 +729,16 @@ int Curl_glts_get_ietf_proto(gnutls_session_t session) return CURL_IETF_PROTO_TLS1_1; case GNUTLS_TLS1_2: return CURL_IETF_PROTO_TLS1_2; +#ifdef GNUTLS_TLS1_3 case GNUTLS_TLS1_3: return CURL_IETF_PROTO_TLS1_3; +#endif default: return CURL_IETF_PROTO_UNKNOWN; } } +#if GNUTLS_VERSION_NUMBER >= 0x030605 static CURLcode cf_gtls_update_session_id(struct Curl_cfilter *cf, struct Curl_easy *data, gnutls_session_t session) @@ -769,6 +774,7 @@ static int gtls_handshake_cb(gnutls_session_t session, unsigned int htype, } return 0; } +#endif static CURLcode gtls_set_priority(struct Curl_cfilter *cf, struct Curl_easy *data, @@ -883,6 +889,7 @@ static CURLcode gtls_client_init(struct Curl_cfilter *cf, /* Initialize TLS session as a client */ init_flags = GNUTLS_CLIENT; +#ifdef GNUTLS_ENABLE_EARLY_DATA if(peer->transport == TRNSPRT_QUIC && earlydata_max > 0) init_flags |= GNUTLS_ENABLE_EARLY_DATA | GNUTLS_NO_END_OF_EARLY_DATA; else if(earlydata_max > 0 && earlydata_max != 0xFFFFFFFFUL) @@ -891,6 +898,7 @@ static CURLcode gtls_client_init(struct Curl_cfilter *cf, * and one announcing 0xFFFFFFFFUL. On TCP+TLS, this is unlikely, but * on QUIC this is common. */ init_flags |= GNUTLS_ENABLE_EARLY_DATA; +#endif #ifdef GNUTLS_FORCE_CLIENT_CERT init_flags |= GNUTLS_FORCE_CLIENT_CERT; @@ -1218,9 +1226,11 @@ gtls_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data) infof(data, VTLS_INFOF_ALPN_OFFER_1STR, proto.data); } +#if GNUTLS_VERSION_NUMBER >= 0x030605 gnutls_handshake_set_hook_function(backend->gtls.session, GNUTLS_HANDSHAKE_ANY, GNUTLS_HOOK_POST, gtls_handshake_cb); +#endif /* register callback functions and handle to send and receive data. */ gnutls_transport_set_ptr(backend->gtls.session, cf); @@ -1793,9 +1803,11 @@ static CURLcode gtls_verifyserver(struct Curl_cfilter *cf, if(result) goto out; +#ifdef GNUTLS_TLS1_3 /* Only on TLSv1.2 or lower do we have the session id now. For * TLSv1.3 we get it via a SESSION_TICKET message that arrives later. */ if(gnutls_protocol_get_version(session) < GNUTLS_TLS1_3) +#endif result = cf_gtls_update_session_id(cf, data, session); out: