From: "Sam James" <sam@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: net-misc/curl/files/, net-misc/curl/
Date: Thu, 16 Feb 2023 05:08:49 +0000 (UTC) [thread overview]
Message-ID: <1676524107.1c6ec8d4579f9fbb2b3fbfb93de2abb7893cb42f.sam@gentoo> (raw)
commit: 1c6ec8d4579f9fbb2b3fbfb93de2abb7893cb42f
Author: Matt Jolly <Matt.Jolly <AT> footclan <DOT> ninja>
AuthorDate: Thu Feb 9 23:37:40 2023 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Thu Feb 16 05:08:27 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1c6ec8d4
net-misc/curl: add 7.88.0
drop ipv6 and quiche USE
Using quiche requires building cURL with the same SSL flavour
as the quiche library (i.e. BoringSSL). This is currently
unsupported on Gentoo.
Drop `ipv6` USE; it doesn't require additional deps and `--ipv4`
can be used at runtime to force connectivity in dual-stack configurations.
Closes: https://bugs.gentoo.org/881711
Closes: https://bugs.gentoo.org/792234
Closes: https://bugs.gentoo.org/847451
Closes: https://bugs.gentoo.org/867985
Closes: https://bugs.gentoo.org/835851
Signed-off-by: Matt Jolly <Matt.Jolly <AT> footclan.ninja>
Closes: https://github.com/gentoo/gentoo/pull/29511
Signed-off-by: Sam James <sam <AT> gentoo.org>
net-misc/curl/Manifest | 2 +
net-misc/curl/curl-7.88.0.ebuild | 298 +++++++++++++++++++++
.../files/curl-7.88.0-test-gnuserv-tls-srp.patch | 39 +++
.../curl-7.88.0-test-uninitialised-value.patch | 30 +++
4 files changed, 369 insertions(+)
diff --git a/net-misc/curl/Manifest b/net-misc/curl/Manifest
index 51a46b81b61b..631ec92aa40b 100644
--- a/net-misc/curl/Manifest
+++ b/net-misc/curl/Manifest
@@ -1,2 +1,4 @@
DIST curl-7.87.0.tar.xz 2547932 BLAKE2B b272ec928c5ef1728434630d8910f58834327a30570913df9d47921a2810d002bd88b81371005197db857d3a53386420c1e28b1e463e6241d46c1e50fbce0c13 SHA512 aa125991592667280dce3788aabe81487cf8c55b0afc59d675cc30b76055bb7114f5380b4a0e3b6461a8f81bf9812fa26d493a85f7e01d84263d484a0d699ee7
DIST curl-7.87.0.tar.xz.asc 488 BLAKE2B 031d8236b357bd3c519548b181254dc0aea1efc1375738bce04f4f331d35bafe99d1ca394ecf5943ede7cae040854b6d2b478fd305147eb7330f8d50e5d95c96 SHA512 0bcc12bafc4ae50d80128af2cf4bf1a1ec6018ebb8d5b9c49f52b51c0c25acc77e820858965656549ef43c1f923f4e5fe75b0a3523623154b4cfb9dc8a1d76e4
+DIST curl-7.88.0.tar.xz 2571564 BLAKE2B 8fae8136a8a52c58b2860b6c3b342d59bb0c9a743f94c3ea3620cbb180f1ebd1310ace17e23d9c4bd2ec4b1dd72777779b2e1fbe66bb47b54a60b02247e3a07d SHA512 2008cbc67694f746b7449f087a19b2a9a4950333d6bac1cdc7d80351aa38d8d9b442087dedbc7b0909a419d3b10f510521c942aac012d04a53c32bdb15dce5f0
+DIST curl-7.88.0.tar.xz.asc 488 BLAKE2B 9714e26c1308b036f7b19c909447e20d0c3611b0995845a8fb1a356d74e68027399acaafb69244411787cf2abbcbca446f237ce1277228c33caf0adc97364dbf SHA512 6f3d9a5f8fcec64652f872adf994ff3d0162fba1b483a0e359522173bf29ef3d26eeda7c328207fa1fa974a45e62674a3a8ebec21830ab3981b56851d5804ade
diff --git a/net-misc/curl/curl-7.88.0.ebuild b/net-misc/curl/curl-7.88.0.ebuild
new file mode 100644
index 000000000000..b36a1acba8ac
--- /dev/null
+++ b/net-misc/curl/curl-7.88.0.ebuild
@@ -0,0 +1,298 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="8"
+
+inherit autotools prefix multilib-minimal verify-sig
+
+DESCRIPTION="A Client that groks URLs"
+HOMEPAGE="https://curl.se/"
+SRC_URI="https://curl.se/download/${P}.tar.xz
+ verify-sig? ( https://curl.se/download/${P}.tar.xz.asc )"
+
+LICENSE="curl"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+IUSE="+adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp rustls samba +smtp ssh ssl sslv3 static-libs test telnet +tftp websockets zstd"
+IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_rustls"
+IUSE+=" nghttp3"
+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc
+
+#Only one default ssl provider can be enabled
+REQUIRED_USE="
+ ssl? (
+ ^^ (
+ curl_ssl_gnutls
+ curl_ssl_mbedtls
+ curl_ssl_nss
+ curl_ssl_openssl
+ curl_ssl_rustls
+ )
+ )"
+
+# lead to lots of false negatives, bug #285669
+RESTRICT="!test? ( test )"
+
+RDEPEND="ldap? ( net-nds/openldap:=[${MULTILIB_USEDEP}] )
+ brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] )
+ ssl? (
+ gnutls? (
+ net-libs/gnutls:=[static-libs?,${MULTILIB_USEDEP}]
+ dev-libs/nettle:=[${MULTILIB_USEDEP}]
+ app-misc/ca-certificates
+ )
+ mbedtls? (
+ net-libs/mbedtls:=[${MULTILIB_USEDEP}]
+ app-misc/ca-certificates
+ )
+ openssl? (
+ dev-libs/openssl:=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}]
+ )
+ nss? (
+ dev-libs/nss:0[${MULTILIB_USEDEP}]
+ dev-libs/nss-pem
+ app-misc/ca-certificates
+ )
+ rustls? (
+ net-libs/rustls-ffi:=[${MULTILIB_USEDEP}]
+ )
+ )
+ http2? ( net-libs/nghttp2:=[${MULTILIB_USEDEP}] )
+ nghttp3? (
+ net-libs/nghttp3[${MULTILIB_USEDEP}]
+ net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}]
+ )
+ idn? ( net-dns/libidn2:=[static-libs?,${MULTILIB_USEDEP}] )
+ adns? ( net-dns/c-ares:=[${MULTILIB_USEDEP}] )
+ kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
+ rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] )
+ ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] )
+ sys-libs/zlib[${MULTILIB_USEDEP}]
+ zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )"
+
+DEPEND="${RDEPEND}"
+BDEPEND="dev-lang/perl
+ virtual/pkgconfig
+ test? (
+ sys-apps/diffutils
+ )
+ verify-sig? ( sec-keys/openpgp-keys-danielstenberg )"
+
+DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} )
+
+MULTILIB_WRAPPED_HEADERS=(
+ /usr/include/curl/curlbuild.h
+)
+
+MULTILIB_CHOST_TOOLS=(
+ /usr/bin/curl-config
+)
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-7.30.0-prefix.patch
+ "${FILESDIR}"/${PN}-respect-cflags-3.patch
+
+ "${FILESDIR}"/${P}-test-gnuserv-tls-srp.patch
+ "${FILESDIR}"/${P}-test-uninitialised-value.patch
+)
+
+src_prepare() {
+ default
+
+ eprefixify curl-config.in
+ eautoreconf
+}
+
+multilib_src_configure() {
+ # We make use of the fact that later flags override earlier ones
+ # So start with all ssl providers off until proven otherwise
+ # TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/)
+ local myconf=()
+
+ myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt )
+ #myconf+=( --without-default-ssl-backend )
+ if use ssl ; then
+ myconf+=( --without-gnutls --without-mbedtls --without-nss --without-rustls )
+
+ if use gnutls || use curl_ssl_gnutls; then
+ einfo "SSL provided by gnutls"
+ myconf+=( --with-gnutls )
+ fi
+ if use mbedtls || use curl_ssl_mbedtls; then
+ einfo "SSL provided by mbedtls"
+ myconf+=( --with-mbedtls )
+ fi
+ if use nss || use curl_ssl_nss; then
+ einfo "SSL provided by nss"
+ myconf+=( --with-nss --with-nss-deprecated )
+ fi
+ if use openssl || use curl_ssl_openssl; then
+ einfo "SSL provided by openssl"
+ myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )
+ fi
+ if use rustls || use curl_ssl_rustls; then
+ einfo "SSL provided by rustls"
+ myconf+=( --with-rustls )
+ fi
+ if use curl_ssl_gnutls; then
+ einfo "Default SSL provided by gnutls"
+ myconf+=( --with-default-ssl-backend=gnutls )
+ elif use curl_ssl_mbedtls; then
+ einfo "Default SSL provided by mbedtls"
+ myconf+=( --with-default-ssl-backend=mbedtls )
+ elif use curl_ssl_nss; then
+ einfo "Default SSL provided by nss"
+ myconf+=( --with-default-ssl-backend=nss )
+ elif use curl_ssl_openssl; then
+ einfo "Default SSL provided by openssl"
+ myconf+=( --with-default-ssl-backend=openssl )
+ elif use curl_ssl_rustls; then
+ einfo "Default SSL provided by rustls"
+ myconf+=( --with-default-ssl-backend=rustls )
+ else
+ eerror "We can't be here because of REQUIRED_USE."
+ fi
+
+ else
+ myconf+=( --without-ssl )
+ einfo "SSL disabled"
+ fi
+
+ # These configuration options are organized alphabetically
+ # within each category. This should make it easier if we
+ # ever decide to make any of them contingent on USE flags:
+ # 1) protocols first. To see them all do
+ # 'grep SUPPORT_PROTOCOLS configure.ac'
+ # 2) --enable/disable options second.
+ # 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort
+ # 3) --with/without options third.
+ # grep -- --with configure | grep Check | awk '{ print $4 }' | sort
+
+ myconf+=(
+ $(use_enable alt-svc)
+ --enable-crypto-auth
+ --enable-dict
+ --disable-ech
+ --enable-file
+ $(use_enable ftp)
+ $(use_enable gopher)
+ $(use_enable hsts)
+ --enable-http
+ $(use_enable imap)
+ $(use_enable ldap)
+ $(use_enable ldap ldaps)
+ --enable-ntlm
+ --disable-ntlm-wb
+ $(use_enable pop3)
+ --enable-rt
+ --enable-rtsp
+ $(use_enable samba smb)
+ $(use_with ssh libssh2)
+ $(use_enable smtp)
+ $(use_enable telnet)
+ $(use_enable tftp)
+ --enable-tls-srp
+ $(use_enable adns ares)
+ --enable-cookies
+ --enable-dateparse
+ --enable-dnsshuffle
+ --enable-doh
+ --enable-symbol-hiding
+ --enable-http-auth
+ --enable-ipv6
+ --enable-largefile
+ --enable-manual
+ --enable-mime
+ --enable-netrc
+ $(use_enable progress-meter)
+ --enable-proxy
+ --disable-sspi
+ $(use_enable static-libs static)
+ --enable-pthreads
+ --enable-threaded-resolver
+ --disable-versioned-symbols
+ --without-amissl
+ --without-bearssl
+ $(use_with brotli)
+ --without-fish-functions-dir
+ $(use_with http2 nghttp2)
+ --without-hyper
+ $(use_with idn libidn2)
+ $(use_with kerberos gssapi "${EPREFIX}"/usr)
+ --without-libgsasl
+ --without-libpsl
+ --without-msh3
+ $(use_with nghttp3)
+ $(use_with nghttp3 ngtcp2)
+ --without-quiche
+ $(use_with rtmp librtmp)
+ --without-schannel
+ --without-secure-transport
+ $(use_enable websockets)
+ --without-winidn
+ --without-wolfssl
+ --with-zlib
+ $(use_with zstd)
+ )
+
+ # Do not supply a test httpd/caddy/etc
+ if use test; then
+ myconf+=(
+ --without-test-caddy
+ --without-test-httpd
+ --without-test-nghttpx
+ )
+ fi
+
+ ECONF_SOURCE="${S}" econf "${myconf[@]}"
+
+ if ! multilib_is_native_abi; then
+ # avoid building the client
+ sed -i -e '/SUBDIRS/s:src::' Makefile || die
+ sed -i -e '/SUBDIRS/s:scripts::' Makefile || die
+ fi
+
+ # Fix up the pkg-config file to be more robust.
+ # https://github.com/curl/curl/issues/864
+ local priv=() libs=()
+ # We always enable zlib.
+ libs+=( "-lz" )
+ priv+=( "zlib" )
+ if use http2; then
+ libs+=( "-lnghttp2" )
+ priv+=( "libnghttp2" )
+ fi
+ if use nghttp3; then
+ libs+=( "-lnghttp3" "-lngtcp2" )
+ priv+=( "libnghttp3" "libngtcp2" )
+ fi
+ if use ssl && use curl_ssl_openssl; then
+ libs+=( "-lssl" "-lcrypto" )
+ priv+=( "openssl" )
+ fi
+ grep -q Requires.private libcurl.pc && die "need to update ebuild"
+ libs=$(printf '|%s' "${libs[@]}")
+ sed -i -r \
+ -e "/^Libs.private/s:(${libs#|})( |$)::g" \
+ libcurl.pc || die
+ echo "Requires.private: ${priv[*]}" >> libcurl.pc || die
+}
+
+multilib_src_test() {
+ # See https://github.com/curl/curl/blob/master/tests/runtests.pl#L5721
+ # -n: no valgrind (unreliable in sandbox and doesn't work correctly on all arches)
+ # -v: verbose
+ # -a: keep going on failure (so we see everything which breaks, not just 1st test)
+ # -k: keep test files after completion
+ # -am: automake style TAP output
+ # -p: print logs if test fails
+ # Note: if needed, we can disable tests. See e.g. Fedora's packaging
+ # or just read https://github.com/curl/curl/tree/master/tests#run.
+ multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p"
+}
+
+multilib_src_install_all() {
+ einstalldocs
+ find "${ED}" -type f -name '*.la' -delete || die
+ rm -rf "${ED}"/etc/ || die
+}
diff --git a/net-misc/curl/files/curl-7.88.0-test-gnuserv-tls-srp.patch b/net-misc/curl/files/curl-7.88.0-test-gnuserv-tls-srp.patch
new file mode 100644
index 000000000000..fb9e89fd48cb
--- /dev/null
+++ b/net-misc/curl/files/curl-7.88.0-test-gnuserv-tls-srp.patch
@@ -0,0 +1,39 @@
+https://github.com/curl/curl/commit/2fdc1d816ebf3c77f43068103bec1b3a3767881a.patch
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Wed, 15 Feb 2023 15:04:07 +0100
+Subject: [PATCH] tests: make sure gnuserv-tls has SRP support before using it
+
+Reported-by: fundawang on github
+Fixes #10522
+Closes #10524
+--- a/tests/runtests.pl
++++ b/tests/runtests.pl
+@@ -5382,7 +5382,7 @@ sub startservers {
+ elsif($what eq "httptls") {
+ if(!$httptlssrv) {
+ # for now, we can't run http TLS-EXT tests without gnutls-serv
+- return "no gnutls-serv";
++ return "no gnutls-serv (with SRP support)";
+ }
+ if($torture && $run{'httptls'} &&
+ !responsive_httptls_server($verbose, "IPv4")) {
+--- a/tests/sshhelp.pm
++++ b/tests/sshhelp.pm
+@@ -408,7 +408,16 @@ sub find_sshkeygen {
+ # Find httptlssrv (gnutls-serv) and return canonical filename
+ #
+ sub find_httptlssrv {
+- return find_exe_file_hpath($httptlssrvexe);
++ my $p = find_exe_file_hpath($httptlssrvexe);
++ my @o = `$p -l`;
++ my $found;
++ for(@o) {
++ if(/Key exchange: SRP/) {
++ $found = 1;
++ last;
++ }
++ }
++ return $p if($found);
+ }
+
+
diff --git a/net-misc/curl/files/curl-7.88.0-test-uninitialised-value.patch b/net-misc/curl/files/curl-7.88.0-test-uninitialised-value.patch
new file mode 100644
index 000000000000..c5ce31d4e427
--- /dev/null
+++ b/net-misc/curl/files/curl-7.88.0-test-uninitialised-value.patch
@@ -0,0 +1,30 @@
+https://github.com/curl/curl/commit/f1d09231adfc695d15995b9ef2c8c6e568c28091
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Wed, 15 Feb 2023 13:03:21 +0100
+Subject: [PATCH] runtests: fix "uninitialized value $port"
+
+by using a more appropriate variable
+
+Reported-by: fundawang on github
+Fixes #10518
+Closes #10520
+--- a/tests/runtests.pl
++++ b/tests/runtests.pl
+@@ -1740,7 +1740,7 @@ sub runhttpserver {
+ }
+
+ # where is it?
+- my $port;
++ my $port = 0;
+ if(!$port_or_path) {
+ $port = $port_or_path = pidfromfile($portfile);
+ }
+@@ -1758,7 +1758,7 @@ sub runhttpserver {
+ $pid2 = $pid3;
+
+ if($verbose) {
+- logmsg "RUN: $srvrname server is on PID $httppid port $port\n";
++ logmsg "RUN: $srvrname server is on PID $httppid port $port_or_path\n";
+ }
+
+ return ($httppid, $pid2, $port);
next reply other threads:[~2023-02-16 5:08 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-16 5:08 Sam James [this message]
-- strict thread matches above, loose matches on Subject: below --
2025-04-15 1:14 [gentoo-commits] repo/gentoo:master commit in: net-misc/curl/files/, net-misc/curl/ Matt Jolly
2025-02-08 18:18 Sam James
2025-02-05 8:40 Matt Jolly
2024-12-12 21:26 Matt Jolly
2024-11-10 1:39 Matt Jolly
2024-05-22 13:19 Matt Jolly
2024-05-22 7:03 Matt Jolly
2024-05-22 7:03 Matt Jolly
2024-04-01 3:59 Matt Jolly
2024-03-31 6:04 Matt Jolly
2024-01-05 6:10 Sam James
2023-10-10 4:29 Sam James
2023-07-23 1:52 Sam James
2023-05-26 4:30 Sam James
2023-05-26 2:07 Sam James
2023-03-15 5:05 Sam James
2023-02-17 5:14 Sam James
2023-01-13 5:51 Sam James
2022-11-17 1:06 Sam James
2020-07-27 3:15 Sam James
2017-08-18 16:33 Anthony G. Basile
2016-12-30 1:45 Anthony G. Basile
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1676524107.1c6ec8d4579f9fbb2b3fbfb93de2abb7893cb42f.sam@gentoo \
--to=sam@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox