1. 下载nginx quic版本
wget https://hg.nginx.org/nginx-quic/archive/quic.zip
获取quic版本更新可以跟踪https://quic.nginx.org
2. 下载boringssl
由于nginx quic版本使用了新的tls1.3协议,需要openssl支持quic,但目前的openssl版本没有对应的支持,这里使用google的boringssl。
git clone https://github.com/google/boringssl
3.其他依赖库pcre,zlib请自行下载
4.编译boringssl
mkdir -p /Users/cynicliu/Documents/code/quic/boringssl/build /Users/cynicliu/Documents/code/quic/boringssl/.openssl/lib /Users/cynicliu/Documents/code/quic/boringssl/.openssl/include
ln -sf /Users/cynicliu/Documents/code/quic/boringssl/include/openssl /Users/cynicliu/Documents/code/quic/boringssl/.openssl/include/openssl
touch /Users/cynicliu/Documents/code/quic/boringssl/.openssl/include/openssl/ssl.h
cmake -B/Users/cynicliu/Documents/code/quic/boringssl/build -H/Users/cynicliu/Documents/code/quic/boringssl
make -C /Users/cynicliu/Documents/code/quic/boringssl/build
cp /Users/cynicliu/Documents/code/quic/boringssl/build/crypto/libcrypto.a /Users/cynicliu/Documents/code/quic/boringssl/build/ssl/libssl.a /Users/cynicliu/Documents/code/quic/boringssl/.openssl/lib
5.configure nginx
./auto/configure --with-zlib=../zlib-1.2.11 --with-pcre=../pcre-8.44 --with-openssl=../boringssl/ --with-http_v3_module --with-http_ssl_module
这个地方可能会有个异常,
./auto/configure: error: certain modules require OpenSSL QUIC support.
You can either do not enable the modules, or install the OpenSSL library
into the system, or build the OpenSSL library statically from the source
with nginx by using --with-openssl=<path> option.
大家视情况而定,如果遇到异常将编译好的库libcrypto.a和libssl.a手动拷贝到/usr/local/lib目录下即可
为了避免nginx重新编译openssl,执行下面动作更改ssl.h时间
touch ../boringssl/.openssl/include/openssl/ssl.h
6.make
#make
#./obj/nginx -V
nginx version: nginx/1.19.0
built by clang 11.0.0 (clang-1100.0.33.17)
built with OpenSSL 1.1.0 (compatible; BoringSSL) (running with BoringSSL)
TLS SNI support enabled