Skip to content

Latest commit

 

History

History
72 lines (49 loc) · 2.25 KB

BUILD_TLS.adoc

File metadata and controls

72 lines (49 loc) · 2.25 KB

Building for TLS Support

If you want to include support for Transport Layer Security (tls+tcp:// and wss:// URLs) you should follow these directions.

At this time, TLS support depends on the Mbed TLS library.

Mbed TLS is licensed under different terms than NNG. You are responsible for reading those license terms, and ensuring that your use conforms to them.

On many distributions you may be able to install a pre-packaged version of Mbed TLS. We recommend doing so if this is an option for you. For example, Ubuntu users can install the libmbedtls-dev package.

You can also build Mbed TLS from source; if you choose to do so, please make sure you also install it somewhere (even a temporary staging directory).

Configuring NNG with Mbed TLS

TLS support is not enabled by default, but can be enabled by configuring with the CMake option NNG_ENABLE_TLS=ON.

By default NNG searches for an installed copy of Mbed TLS in /usr/local, as well as the normal installation directories for libraries on your system.

If you have installed Mbed TLS elsewhere, you can direct the NNG configuration to it by setting the MBEDTLS_ROOT_DIR CMake variable.

Configuring NNG with msQUIC

QUIC = TLS 1.3 + UDP, so we put it here temporarily QUIC support is not disabled by default, but can be enabled by configuring with the CMake option NNG_ENABLE_QUIC=ON.

By default NNG searches for an installed copy of msQUIC in /usr/local, as well as the normal installation directories for libraries on your system.

If you have installed msQUIC elsewhere, you can direct the NNG configuration to it by setting the MSQUIC_ROOT_DIR CMake variable.

Example

The following example would work on either Linux or macOS, and assumes that we have checked out github source trees into $HOME/work. It also assumes that Mbed TLS is already installed in /usr/local or a standard search path.

$ export NNGDIR=$HOME/work/nng
$ mkdir build
$ cd build

$ cmake -DNNG_ENABLE_TLS=ON ..

   ... (lots of lines of output from cmake...)

$ make

   ... (lots of lines of output from make...)

$ ./tests/tls
ok      ./tests/tls                                            1.503s