Unknown CMake command openssl_check_symbol_exists for USE_ECH option

[afulsamet]

I tried build with CMake but got error (Unknown CMake command "openssl_check_symbol_exists".) because of USE_ECH option. If I move ECH option snippet to below openssl_check_symbol_exists macro, it fixes.

Here it is new patch about ECH option snippet to fix the problem.

diff --git a/CMakeLists.txt b/CMakeLists.txt
index a54c2ff..9b23a59 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -671,6 +671,29 @@ if(USE_OPENSSL OR USE_WOLFSSL)
   endif()
 endif()
 
+option(USE_ECH "Enable ECH support" OFF)
+if(USE_ECH)
+  if(USE_OPENSSL OR USE_WOLFSSL)
+    # Be sure that the OpenSSL/wolfSSL library actually supports ECH.
+    if(NOT DEFINED HAVE_ECH)
+      if(USE_OPENSSL AND HAVE_BORINGSSL)
+        openssl_check_symbol_exists(SSL_set1_ech_config_list "openssl/ssl.h" HAVE_ECH)
+      elseif(USE_OPENSSL)
+        openssl_check_symbol_exists(SSL_ech_set1_echconfig "openssl/ech.h" HAVE_ECH)
+      elseif(USE_WOLFSSL)
+        openssl_check_symbol_exists(wolfSSL_CTX_GenerateEchConfig "wolfssl/options.h;wolfssl/ssl.h" HAVE_ECH)
+      endif()
+    endif()
+    if(NOT HAVE_ECH)
+      message(FATAL_ERROR "ECH support missing in OpenSSL/BoringSSL/wolfSSL")
+    else()
+      message("ECH enabled.")
+    endif()
+  else()
+    message(FATAL_ERROR "ECH requires ECH-enablded OpenSSL, BoringSSL or wolfSSL")
+  endif()
+endif()
+
 option(USE_NGHTTP2 "Use nghttp2 library" OFF)
 if(USE_NGHTTP2)
   find_package(NGHTTP2 REQUIRED)

CMake configure command

cmake -GNinja -S curl -B build/curl -DCMAKE_BUILD_TYPE=Debug -DBUILD_SHARED_LIBS=OFF -DBUILD_STATIC_LIBS=ON -DBUILD_STATIC_CURL=ON -DCURL_USE_OPENSSL=ON -DCURL_BROTLI=ON -DCURL_ZSTD=ON -DUSE_ZLIB=ON -DUSE_WIN32_IDN=ON -DUSE_NGHTTP2=ON -DUSE_ECH=ON -DENABLE_WEBSOCKETS=ON -DCMAKE_PREFIX_PATH=packages -DCMAKE_INSTALL_PREFIX=packages

CMake version: cmake version 3.28.0-msvc1
Platform: Windows 10 22H2 - 19045.3693

[perklet]

I see you are using MSVC, not mingw-gcc. The build script was only tested in a mingw environment, so there is currently nowhere I can apply your patch, Maybe we should add a msvc version later.

[afulsamet]

To build with MSVC, just clone the dependencies (brotli, nghttp2, zlib, zstd) with git and build & install them with CMake. I hate that CMake installs dependencies on C:\Program Files (x86) by default, so I prefer to set -DCMAKE_INSTALL_PREFIX=packages for each dependency for select install directory before installing. Clone boringssl & curl and apply patches. Configure curl with the command that is in this issue and build with CMake. If you set CMAKE_INSTALL_PREFIX, don't forget to set CMAKE_PREFIX_PATH for curl when configure with cmake.

[perklet]

Hi @afulsamet, How did you compile boringssl with MSVC? I thought it only works with Ninja.

[afulsamet]

Hi @afulsamet, How did you compile boringssl with MSVC? I thought it only works with Ninja.

I actually use Clang (clang-cl) & Ninja to build libcurl and dependencies.

cmake -GNinja -B /path/to/build -DCMAKE_BUILD_TYPE=Release -DCMAKE_C_COMPILER=clang-cl -DCMAKE_CXX_COMPILER=clang-cl -DCMAKE_INSTALL_PREFIX=/path/to/install
cmake --build /path/to/build --config Release --target install

But the below configure & install command also works to build boringssl for MSVC. I just prefer Ninja generator for speed.

cmake -G"Visual Studio 17 2022" -B /path/to/build -DCMAKE_BUILD_TYPE=Release -DCMAKE_INSTALL_PREFIX=/path/to/install
cmake --build /path/to/build --config Release --target install

you switched your compiler is clang-cl.exe to cl.exe.

[perklet]

Cool, I will try that later.

As for you original issue, I just found the curl 8.8.0 has supported ECH officially, this issue should be resolved automatically once we upgraded to that version.

[lexiforest]

@afulsamet Can you share your full build script? Mine always fails when there is an update. I was thinking that maybe the native way of using MSVC is better, and it may solve the incompatiblity with Windows 7.