diff options
Diffstat (limited to 'net-misc/curl')
-rw-r--r-- | net-misc/curl/Manifest | 8 | ||||
-rw-r--r-- | net-misc/curl/curl-8.5.0-r3.ebuild | 2 | ||||
-rw-r--r-- | net-misc/curl/curl-8.5.0.ebuild | 364 | ||||
-rw-r--r-- | net-misc/curl/curl-8.6.0-r1.ebuild | 3 | ||||
-rw-r--r-- | net-misc/curl/curl-8.7.1.ebuild | 2 | ||||
-rw-r--r-- | net-misc/curl/files/curl-8.6.0-backport-rustls-detection.patch | 256 |
6 files changed, 264 insertions, 371 deletions
diff --git a/net-misc/curl/Manifest b/net-misc/curl/Manifest index b7dcf3323e88..2b4dbb7407e7 100644 --- a/net-misc/curl/Manifest +++ b/net-misc/curl/Manifest @@ -1,5 +1,6 @@ AUX curl-8.5.0-ipv6-configure-c99.patch 749 BLAKE2B b9d94d4ec5c310f8d3985eb6e4a17cd12b8aec696c015c41e94fe7eee2cced4d6ed1f192f3dbe4877a33f5102522844b63a11039fd285371472f282065cf2894 SHA512 cc04189480055a82fc264fcf3b70a3a748bccaec5f263340c41aabde600ea020fd2bce46461d4f75f5ed7708cfc5a0afcf95e6f1d098333c3968b75169a27a93 AUX curl-8.5.0-mpd-stream-http-adjust_pollset.patch 2979 BLAKE2B da34eb58eb8b706916657279bc071ab97145e33e7e7eb553ffe924be7a97e3d784d5e2fc8270363e95e815687201b6fae1b374dc666093441c5177bfe76eb835 SHA512 11ed5f8482d985aab4e7ab07f0e8821d76a494d0147a61ce7901379cd1f36f577c544627f5ad61a38b70e9e4659fc050c5b9e0be4247ab410f55850a946872d1 +AUX curl-8.6.0-backport-rustls-detection.patch 8387 BLAKE2B 2a77c15f40807b1b19831a8bdd2401fd42297c95b6c66463d5ec8fafc95036796f2f862a258f7825f728f30e886f658fdfff796eebe0e093d7b8758ccfc360a3 SHA512 8f5de7b048f439d0d5da35abb079dfa7a2a9e1fd130ebc7c7b10f06ab66b4adc76ce0b26a80470f57caed64ee2909ef6bd155261edb1cdca037335bc67b91bfc AUX curl-8.6.0-vtls-revert-receive-max-buffer-add-test-case.patch 2028 BLAKE2B b018e0fc5649b558e732a903eafe1249575829613b129ceaaaeeae3c7fc9f5c237c3688067c2370dc3ad1d67632acdfb805efa93db4e8bd8d6dd8b2f5043e2b5 SHA512 d8d4eb0b294d243f5c241e0243ca41e28b12aa8804a4f8c73e2ab70edd52de9be2b7a26b706085e10ae4a9c31545112cd4b68dcda6647571bb8d5528b7625de6 AUX curl-8.7.1-fix-pkgconfig-macros.patch 1228 BLAKE2B c2a3db1fe29ed3023e0f3279f23426474747d44fc7f09c0fd25f2a43e02df1cd7b0f5ff9a11a5e795eb9fd2373117bd88202d79b64d8ed2c97f37251860f8812 SHA512 3a0a86dcdf3c12c2b234ac776c266d2eb4c11545e86219d3533f6e63196be9fc531d72a2d34d3bffdf5e7487bdda92a03a3ebe6910d9ab7601fd9873f4bd695c AUX curl-prefix.patch 880 BLAKE2B 5b7552a8339014221864a585d174b02a96ec7dd7fe8762d331d1981834044f8ec4db64d527a4ded3f5f4cccc86f281576668de092439eb19f5477d5fcf8369cf SHA512 c7cd13b9ccbd12ed01ea121ffece9c23b898a5b34698bae59ae1dd23b1cf2445180b84d80c4a640981f16dba5018df944f405dd5c660addab54ca21e0e673b7f @@ -10,9 +11,8 @@ DIST curl-8.6.0.tar.xz 2630108 BLAKE2B 1b01de396008d57e154e2b5fc1acf1dd000703fa5 DIST curl-8.6.0.tar.xz.asc 488 BLAKE2B 18d7583a9aa6a278bea5a8a74461ff06f45ec418cd4542b015c74091c353b340afcc5dfe7e5e99f0b9fac7de9251164044a85e4f6665bf042636868a2c613d0a SHA512 2b835bb4b307e5e1c929b7136c5acfb9f6f06efa471ac27060336cabcfac40e02143f40434986c5e6817d4a9562b09efa8ff3168beed310a45453148cc1b5c8f DIST curl-8.7.1.tar.xz 2707016 BLAKE2B a2a9f48d0b69c0d92fcbbda535ce55082a5243abe3ab2db80d6fa3f32fb2c98b65026d69fc45c94e966398cf9ba8d9c95b6b91f4768b54749ed3275dd21838ef SHA512 5bbde9d5648e9226f5490fa951690aaf159149345f3a315df2ba58b2468f3e59ca32e8a49734338afc861803a4f81caac6d642a4699b72c6310ebfb1f618aad2 DIST curl-8.7.1.tar.xz.asc 488 BLAKE2B 1c91d116aecc8e98d8ec3aad68b7c96f11151e6c2716f531e5d2989e9b6b1199e180603673891d7967cdcdaee1d6b5e15160ccabe9b51590e2887022db03c2ed SHA512 f98c393997c4a32f545a8982226e8cd612395210915a4576c2ce227d0f650cff341be7bf15e989d1789abf32ac4fd9c190b9250b81e650b569e8532048746b37 -EBUILD curl-8.5.0-r3.ebuild 11025 BLAKE2B b10bc84ca0ac1ade0685a56f73558492d1fd6eb5e47280dd073ce2be1dc6542a9c5666a55fe2c26c0508c3f221409ce7f80f5846d7ccce0aaeb9ad8254a8f0ff SHA512 5e9d1aa24df4d424a5a5fc64e28e41a3aa86a2008d7d59db6ee1327efd7c17ae0d9cc4be881d0af4bb31847046cc059ed9355f2c46930a227073595b63ca57ca -EBUILD curl-8.5.0.ebuild 10777 BLAKE2B 14fea8da51ac209f0fd9ef2665066a44504f0ceeaed838dfb41bc64c52951392e67f6adc23d01ca09c34610658171b9b83dda7c310ed3a62f558825718a97bba SHA512 0c7d812544f26a7f424efffbd5231f6ce958479933716f8638f99b83d097ac0cc5e09dbe7f32e75e0b6b4705d6705870cba2b64f24e982f6edc7d5ccb90844fc -EBUILD curl-8.6.0-r1.ebuild 10835 BLAKE2B 34f910a7310c832f7864d7679eaa741088212f392b4c63bff67921790d3c2ce4de5a663672464e1626194929199da007214848120ecb70c2718c5da13e1d8950 SHA512 910f3005507c99a5118bbb2d43b841918ba2fcc23d7e8921c4a7bec18d786b3be3b04c5657c392213d3791c26dfa3139e1a333f08cd92fb01ca5f0312d4740fb -EBUILD curl-8.7.1.ebuild 10827 BLAKE2B a68c2e982cd3cc68bdd51a25f71f30439b02e0b05983cacbdd43ca42088a88e04150453d82bdff66516979134072d2f929c50e750a8d2bad8af7b3a6ac5744ce SHA512 9ec1ba093544ee26b41c8735c4f57fa5c492c3bb58cdb22b7a24231f2ba10d21a16665e5f489390c281640e0b8a30f3d6982ab9ada92a67b634f8164b4021a28 +EBUILD curl-8.5.0-r3.ebuild 11033 BLAKE2B 79723d0a812be90d2f758a0170ce014464ea0e6f5b4bae60508f8d4169b35132a73aeeb68c05165c471821d340fc70bdaecd196507ba54bdd6449f580f1e16ab SHA512 6c45139a87c5b48980cf533a169241657439e0a156b67a75770d3530a4984e0be0ac6bb98a560dc8e7b9436865ead3601b1c6347f5f781cf46175fc7f52f208b +EBUILD curl-8.6.0-r1.ebuild 10895 BLAKE2B 0589f67919cc317a0704a132bc8c36960219c686ce10957fa3c437c0479e6ed000d9d5cbf2045acecc2a369207b9a5b06ecd8938609a42babffdfa8a86bac310 SHA512 29a821850b5ace4161101d6034daf248fa449498a2551a4a704df7b39fbea28d115213661bc7d831a1757e700e71dfd332463f9793eec5de723c84d2e314ad97 +EBUILD curl-8.7.1.ebuild 10826 BLAKE2B 8feea206d4a45ed3f1b72a58efe06f2390acc6998c09c78ea83624b1d87da4bbcc621a4fba78ea17d0eab34fda7e19bf14b18ffd9c49fbbd6c095422b07e07b8 SHA512 5f2560ce6acd2706c33aa00e2caa47ec3371a6e88685388dd4e354d17f4950f9a1785d5861189ad8cad378d6701630be07c1da59c537295ce8c55290ec7d67b4 EBUILD curl-9999.ebuild 10771 BLAKE2B 48c610c3ea379320360d48a6473b9db17f7d8ffb895fde8e602e14822f5d8d56d2a9fc499f1302a4bb941581a9b8e082b1aa799222c8aa9c9faf546776ba671a SHA512 9afd073cdbb994726349e8ffd33ab994e64b0fc1f19574343bb0f22953dbb16471b332271478bf0d016c709f82acdf633075c9b55daf286dea9ffa5a927bb6de MISC metadata.xml 2090 BLAKE2B 54d366aadfc25650c40081ff10eb150bcb9811a29f802c418afce166c384e2bafc999ff7e69ceeb25a96e952d4875d808e8e89240b437741cd363fab46267a25 SHA512 2103a849b67f9a14a85eb769b870e7272bf8f9c78ca579b4271150be01f26787a884614bff874d50f90be99af4a6ecb136510fca2837463e0bc91611ddbeae40 diff --git a/net-misc/curl/curl-8.5.0-r3.ebuild b/net-misc/curl/curl-8.5.0-r3.ebuild index 2ec6057d272b..d9c017b22b2b 100644 --- a/net-misc/curl/curl-8.5.0-r3.ebuild +++ b/net-misc/curl/curl-8.5.0-r3.ebuild @@ -86,7 +86,7 @@ RDEPEND=" >=dev-libs/openssl-0.9.7:=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}] ) rustls? ( - net-libs/rustls-ffi:=[${MULTILIB_USEDEP}] + ~net-libs/rustls-ffi-0.10.0:=[${MULTILIB_USEDEP}] ) ) zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] ) diff --git a/net-misc/curl/curl-8.5.0.ebuild b/net-misc/curl/curl-8.5.0.ebuild deleted file mode 100644 index 9d7765b85566..000000000000 --- a/net-misc/curl/curl-8.5.0.ebuild +++ /dev/null @@ -1,364 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/danielstenberg.asc -inherit autotools multilib-minimal multiprocessing prefix toolchain-funcs verify-sig - -DESCRIPTION="A Client that groks URLs" -HOMEPAGE="https://curl.se/" - -if [[ ${PV} == 9999 ]]; then - inherit git-r3 - EGIT_REPO_URI="https://github.com/curl/curl.git" -else - SRC_URI=" - https://curl.se/download/${P}.tar.xz - verify-sig? ( https://curl.se/download/${P}.tar.xz.asc ) - " - KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" -fi - -LICENSE="BSD curl ISC test? ( BSD-4 )" -SLOT="0" -IUSE="+adns +alt-svc brotli +ftp gnutls gopher +hsts +http2 idn +imap kerberos ldap mbedtls nghttp3 +openssl +pop3" -IUSE+=" +progress-meter rtmp rustls samba +smtp ssh ssl sslv3 static-libs test telnet +tftp websockets zstd" -# These select the default SSL implementation -IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls +curl_ssl_openssl curl_ssl_rustls" -RESTRICT="!test? ( test )" - -# Only one default ssl provider can be enabled -# The default ssl provider needs its USE satisfied -# nghttp3 = https://bugs.gentoo.org/912029 -REQUIRED_USE=" - ssl? ( - ^^ ( - curl_ssl_gnutls - curl_ssl_mbedtls - curl_ssl_openssl - curl_ssl_rustls - ) - ) - curl_ssl_gnutls? ( gnutls ) - curl_ssl_mbedtls? ( mbedtls ) - curl_ssl_openssl? ( openssl ) - curl_ssl_rustls? ( rustls ) - nghttp3? ( - !openssl - alt-svc ) -" - -# cURL's docs and CI/CD are great resources for confirming supported versions -# particulary for fast-moving targets like HTTP/2 and TCP/2 e.g.: -# - https://github.com/curl/curl/blob/master/docs/INTERNALS.md (core dependencies + minimum versions) -# - https://github.com/curl/curl/blob/master/docs/HTTP3.md (example of a feature that moves quickly) -# - https://github.com/curl/curl/blob/master/.github/workflows/quiche-linux.yml (CI/CD for TCP/2) -# However 'supported' vs 'works' are two entirely different things; be sane but -# don't be afraid to require a later version. - -RDEPEND=" - >=sys-libs/zlib-1.1.4[${MULTILIB_USEDEP}] - adns? ( net-dns/c-ares:=[${MULTILIB_USEDEP}] ) - brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] ) - http2? ( >=net-libs/nghttp2-1.12.0:=[${MULTILIB_USEDEP}] ) - idn? ( net-dns/libidn2:=[static-libs?,${MULTILIB_USEDEP}] ) - kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) - ldap? ( >=net-nds/openldap-2.0.0:=[static-libs?,${MULTILIB_USEDEP}] ) - nghttp3? ( - >=net-libs/nghttp3-0.15.0[${MULTILIB_USEDEP}] - >=net-libs/ngtcp2-0.19.1[gnutls,ssl,-openssl,${MULTILIB_USEDEP}] - ) - rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] ) - ssh? ( >=net-libs/libssh2-1.0.0[${MULTILIB_USEDEP}] ) - ssl? ( - gnutls? ( - app-misc/ca-certificates - >=net-libs/gnutls-3.1.10:=[static-libs?,${MULTILIB_USEDEP}] - dev-libs/nettle:=[${MULTILIB_USEDEP}] - ) - mbedtls? ( - app-misc/ca-certificates - net-libs/mbedtls:=[${MULTILIB_USEDEP}] - ) - openssl? ( - >=dev-libs/openssl-0.9.7:=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}] - ) - rustls? ( - net-libs/rustls-ffi:=[${MULTILIB_USEDEP}] - ) - ) - zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] ) -" - -DEPEND="${RDEPEND}" - -BDEPEND=" - dev-lang/perl - virtual/pkgconfig - test? ( - sys-apps/diffutils - http2? ( >=net-libs/nghttp2-1.15.0:=[utils,${MULTILIB_USEDEP}] ) - nghttp3? ( net-libs/nghttp2:=[utils,${MULTILIB_USEDEP}] ) - ) - verify-sig? ( sec-keys/openpgp-keys-danielstenberg ) -" - -DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} ) - -MULTILIB_WRAPPED_HEADERS=( - /usr/include/curl/curlbuild.h -) - -MULTILIB_CHOST_TOOLS=( - /usr/bin/curl-config -) - -QA_CONFIG_IMPL_DECL_SKIP=( - __builtin_available - closesocket - CloseSocket - getpass_r - ioctlsocket - IoctlSocket - mach_absolute_time - setmode -) - -PATCHES=( - "${FILESDIR}"/${PN}-prefix.patch - "${FILESDIR}"/${PN}-respect-cflags-3.patch -) - -src_prepare() { - default - - eprefixify curl-config.in - eautoreconf -} - -multilib_src_configure() { - # We make use of the fact that later flags override earlier ones - # So start with all ssl providers off until proven otherwise - # TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/) - local myconf=() - - myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt ) - if use ssl; then - myconf+=( --without-gnutls --without-mbedtls --without-rustls ) - - if use gnutls; then - multilib_is_native_abi && einfo "SSL provided by gnutls" - myconf+=( --with-gnutls ) - fi - if use mbedtls; then - multilib_is_native_abi && einfo "SSL provided by mbedtls" - myconf+=( --with-mbedtls ) - fi - if use openssl; then - multilib_is_native_abi && einfo "SSL provided by openssl" - myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs ) - fi - if use rustls; then - multilib_is_native_abi && einfo "SSL provided by rustls" - myconf+=( --with-rustls ) - fi - if use curl_ssl_gnutls; then - multilib_is_native_abi && einfo "Default SSL provided by gnutls" - myconf+=( --with-default-ssl-backend=gnutls ) - elif use curl_ssl_mbedtls; then - multilib_is_native_abi && einfo "Default SSL provided by mbedtls" - myconf+=( --with-default-ssl-backend=mbedtls ) - elif use curl_ssl_openssl; then - multilib_is_native_abi && einfo "Default SSL provided by openssl" - myconf+=( --with-default-ssl-backend=openssl ) - elif use curl_ssl_rustls; then - multilib_is_native_abi && einfo "Default SSL provided by rustls" - myconf+=( --with-default-ssl-backend=rustls ) - else - eerror "We can't be here because of REQUIRED_USE." - die "Please file a bug, hit impossible condition w/ USE=ssl handling." - fi - - else - myconf+=( --without-ssl ) - einfo "SSL disabled" - fi - - # These configuration options are organized alphabetically - # within each category. This should make it easier if we - # ever decide to make any of them contingent on USE flags: - # 1) protocols first. To see them all do - # 'grep SUPPORT_PROTOCOLS configure.ac' - # 2) --enable/disable options second. - # 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort - # 3) --with/without options third. - # grep -- --with configure | grep Check | awk '{ print $4 }' | sort - - myconf+=( - $(use_enable alt-svc) - --enable-basic-auth - --enable-bearer-auth - --enable-digest-auth - --enable-kerberos-auth - --enable-negotiate-auth - --enable-aws - --enable-dict - --disable-ech - --enable-file - $(use_enable ftp) - $(use_enable gopher) - $(use_enable hsts) - --enable-http - $(use_enable imap) - $(use_enable ldap) - $(use_enable ldap ldaps) - --enable-ntlm - --disable-ntlm-wb - $(use_enable pop3) - --enable-rt - --enable-rtsp - $(use_enable samba smb) - $(use_with ssh libssh2) - $(use_enable smtp) - $(use_enable telnet) - $(use_enable tftp) - --enable-tls-srp - $(use_enable adns ares) - --enable-cookies - --enable-dateparse - --enable-dnsshuffle - --enable-doh - --enable-symbol-hiding - --enable-http-auth - --enable-ipv6 - --enable-largefile - --enable-manual - --enable-mime - --enable-netrc - $(use_enable progress-meter) - --enable-proxy - --enable-socketpair - --disable-sspi - $(use_enable static-libs static) - --enable-pthreads - --enable-threaded-resolver - --disable-versioned-symbols - --without-amissl - --without-bearssl - $(use_with brotli) - --with-fish-functions-dir="${EPREFIX}"/usr/share/fish/vendor_completions.d - $(use_with http2 nghttp2) - --without-hyper - $(use_with idn libidn2) - $(use_with kerberos gssapi "${EPREFIX}"/usr) - --without-libgsasl - --without-libpsl - --without-msh3 - $(use_with nghttp3) - $(use_with nghttp3 ngtcp2) - --without-quiche - $(use_with rtmp librtmp) - --without-schannel - --without-secure-transport - --without-test-caddy - --without-test-httpd - --without-test-nghttpx - $(use_enable websockets) - --without-winidn - --without-wolfssl - --with-zlib - $(use_with zstd) - --with-zsh-functions-dir="${EPREFIX}"/usr/share/zsh/site-functions - ) - - if use test && multilib_is_native_abi && ( use http2 || use nghttp3 ); then - myconf+=( - --with-test-nghttpx="${BROOT}/usr/bin/nghttpx" - ) - fi - - if [[ ${CHOST} == *mingw* ]] ; then - myconf+=( - --disable-pthreads - ) - fi - - ECONF_SOURCE="${S}" econf "${myconf[@]}" - - if ! multilib_is_native_abi; then - # Avoid building the client (we just want libcurl for multilib) - sed -i -e '/SUBDIRS/s:src::' Makefile || die - sed -i -e '/SUBDIRS/s:scripts::' Makefile || die - fi - - # Fix up the pkg-config file to be more robust. - # https://github.com/curl/curl/issues/864 - local priv=() libs=() - # We always enable zlib. - libs+=( "-lz" ) - priv+=( "zlib" ) - if use http2; then - libs+=( "-lnghttp2" ) - priv+=( "libnghttp2" ) - fi - if use nghttp3; then - libs+=( "-lnghttp3" "-lngtcp2" ) - priv+=( "libnghttp3" "libngtcp2" ) - fi - if use ssl && use curl_ssl_openssl; then - libs+=( "-lssl" "-lcrypto" ) - priv+=( "openssl" ) - fi - grep -q Requires.private libcurl.pc && die "need to update ebuild" - libs=$(printf '|%s' "${libs[@]}") - sed -i -r \ - -e "/^Libs.private/s:(${libs#|})( |$)::g" \ - libcurl.pc || die - echo "Requires.private: ${priv[*]}" >> libcurl.pc || die -} - -multilib_src_compile() { - default - - if multilib_is_native_abi; then - # Shell completions - ! tc-is-cross-compiler && emake -C scripts - fi -} - -# There is also a pytest harness that tests for bugs in some very specific -# situations; we can rely on upstream for this rather than adding additional test deps. -multilib_src_test() { - # See https://github.com/curl/curl/blob/master/tests/runtests.pl#L5721 - # -n: no valgrind (unreliable in sandbox and doesn't work correctly on all arches) - # -v: verbose - # -a: keep going on failure (so we see everything which breaks, not just 1st test) - # -k: keep test files after completion - # -am: automake style TAP output - # -p: print logs if test fails - # Note: if needed, we can skip specific tests. See e.g. Fedora's packaging - # or just read https://github.com/curl/curl/tree/master/tests#run. - # Note: we don't run the testsuite for cross-compilation. - # Upstream recommend 7*nproc as a starting point for parallel tests, but - # this ends up breaking when nproc is huge (like -j80). - # The network sandbox causes tests 241 and 1083 to fail; these are typically skipped - # as most gentoo users don't have an 'ip6-localhost' - # Required deps for 1477 are not included in the release tarball for 8.5.0 - multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p -j$((2*$(makeopts_jobs))) !241 !1083 !1477" -} - -multilib_src_install() { - emake DESTDIR="${D}" install - - if multilib_is_native_abi; then - # Shell completions - ! tc-is-cross-compiler && emake -C scripts DESTDIR="${D}" install - fi -} - -multilib_src_install_all() { - einstalldocs - find "${ED}" -type f -name '*.la' -delete || die - rm -rf "${ED}"/etc/ || die -} diff --git a/net-misc/curl/curl-8.6.0-r1.ebuild b/net-misc/curl/curl-8.6.0-r1.ebuild index ec36bfb60122..f48e3df12d7c 100644 --- a/net-misc/curl/curl-8.6.0-r1.ebuild +++ b/net-misc/curl/curl-8.6.0-r1.ebuild @@ -86,7 +86,7 @@ RDEPEND=" >=dev-libs/openssl-0.9.7:=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}] ) rustls? ( - net-libs/rustls-ffi:=[${MULTILIB_USEDEP}] + ~net-libs/rustls-ffi-0.10.0:=[${MULTILIB_USEDEP}] ) ) zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] ) @@ -131,6 +131,7 @@ PATCHES=( "${FILESDIR}"/${PN}-prefix.patch "${FILESDIR}"/${PN}-respect-cflags-3.patch "${FILESDIR}"/${P}-vtls-revert-receive-max-buffer-add-test-case.patch + "${FILESDIR}"/${P}-backport-rustls-detection.patch ) src_prepare() { diff --git a/net-misc/curl/curl-8.7.1.ebuild b/net-misc/curl/curl-8.7.1.ebuild index cdb30b15df5c..3338a14e2bef 100644 --- a/net-misc/curl/curl-8.7.1.ebuild +++ b/net-misc/curl/curl-8.7.1.ebuild @@ -86,7 +86,7 @@ RDEPEND=" >=dev-libs/openssl-0.9.7:=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}] ) rustls? ( - >=net-libs/rustls-ffi-0.12.0:=[${MULTILIB_USEDEP}] + ~net-libs/rustls-ffi-0.12.1:=[${MULTILIB_USEDEP}] ) ) zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] ) diff --git a/net-misc/curl/files/curl-8.6.0-backport-rustls-detection.patch b/net-misc/curl/files/curl-8.6.0-backport-rustls-detection.patch new file mode 100644 index 000000000000..5d7b3a23c2c9 --- /dev/null +++ b/net-misc/curl/files/curl-8.6.0-backport-rustls-detection.patch @@ -0,0 +1,256 @@ +https://github.com/curl/curl/commit/647e86a3efe1eea7a2a456c009cfe1eb55fe48eb +https://github.com/curl/curl/pull/13202 +From: Matt Jolly <Matt.Jolly@footclan.ninja> +Date: Fri, 29 Mar 2024 09:58:14 +1000 +Subject: [PATCH] curl-rustls.m4: add pkg-config support to rustls detection + +Based on the existing openssl pkg-config detection, this commit tries to +use pkg-config to find `rustls` then falls back to the current approach +if that fails. + +We use the following logic: + +- if no path is provided, just use pkg-config, if it's not there we have + a problem! +- if a path is provided, try pkg-config + + if pkg-config fails, try and find rustls directly +--- + m4/curl-rustls.m4 | 209 ++++++++++++++++++++++++++++++++-------------- + 1 file changed, 145 insertions(+), 64 deletions(-) + +diff --git a/m4/curl-rustls.m4 b/m4/curl-rustls.m4 +index 75542e4..902327a 100644 +--- a/m4/curl-rustls.m4 ++++ b/m4/curl-rustls.m4 +@@ -28,84 +28,165 @@ dnl check for rustls + dnl ---------------------------------------------------- + + if test "x$OPT_RUSTLS" != xno; then +- _cppflags=$CPPFLAGS +- _ldflags=$LDFLAGS + ssl_msg= + +- if test X"$OPT_RUSTLS" != Xno; then ++ dnl backup the pre-ssl variables ++ CLEANLDFLAGS="$LDFLAGS" ++ CLEANCPPFLAGS="$CPPFLAGS" + +- if test "$OPT_RUSTLS" = "yes"; then +- OPT_RUSTLS="" +- fi ++ case $host_os in ++ darwin*) ++ LDFLAGS="$LDFLAGS -framework Security" ++ ;; ++ *) ++ ;; ++ esac ++ ## NEW CODE + +- case $host_os in +- darwin*) +- LDFLAGS="$LDFLAGS -framework Security" +- ;; +- *) +- ;; +- esac +- +- if test -z "$OPT_RUSTLS" ; then +- dnl check for lib first without setting any new path +- +- AC_CHECK_LIB(rustls, rustls_client_session_read, +- dnl librustls found, set the variable +- [ +- AC_DEFINE(USE_RUSTLS, 1, [if rustls is enabled]) +- AC_SUBST(USE_RUSTLS, [1]) +- RUSTLS_ENABLED=1 +- USE_RUSTLS="yes" +- ssl_msg="rustls" +- test rustls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes +- ], [], -lpthread -ldl -lm) +- fi ++ dnl use pkg-config unless we have been given a path ++ dnl even then, try pkg-config first + +- if test "x$USE_RUSTLS" != "xyes"; then +- dnl add the path and test again +- addld=-L$OPT_RUSTLS/lib$libsuff +- addcflags=-I$OPT_RUSTLS/include +- rustlslib=$OPT_RUSTLS/lib$libsuff ++ case "$OPT_RUSTLS" in ++ yes) ++ dnl --with-rustls (without path) used ++ PKGTEST="yes" ++ PREFIX_RUSTLS= ++ ;; ++ *) ++ dnl check the provided --with-rustls path ++ PKGTEST="no" ++ PREFIX_RUSTLS=$OPT_RUSTLS + +- LDFLAGS="$LDFLAGS $addld" +- if test "$addcflags" != "-I/usr/include"; then +- CPPFLAGS="$CPPFLAGS $addcflags" ++ dnl Try pkg-config even when cross-compiling. Since we ++ dnl specify PKG_CONFIG_LIBDIR we are only looking where ++ dnl the user told us to look ++ ++ RUSTLS_PCDIR="$PREFIX_RUSTLS/lib/pkgconfig" ++ if test -f "$RUSTLS_PCDIR/rustls.pc"; then ++ AC_MSG_NOTICE([PKG_CONFIG_LIBDIR will be set to "$RUSTLS_PCDIR"]) ++ PKGTEST="yes" + fi + +- AC_CHECK_LIB(rustls, rustls_connection_read, +- [ +- AC_DEFINE(USE_RUSTLS, 1, [if rustls is enabled]) +- AC_SUBST(USE_RUSTLS, [1]) +- RUSTLS_ENABLED=1 +- USE_RUSTLS="yes" +- ssl_msg="rustls" +- test rustls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes +- ], +- AC_MSG_ERROR([--with-rustls was specified but could not find rustls.]), +- -lpthread -ldl -lm) +- fi ++ if test "$PKGTEST" != "yes"; then ++ # try lib64 instead ++ RUSTLS_PCDIR="$PREFIX_RUSTLS/lib64/pkgconfig" ++ if test -f "$RUSTLS_PCDIR/rustls.pc"; then ++ AC_MSG_NOTICE([PKG_CONFIG_LIBDIR will be set to "$RUSTLS_PCDIR"]) ++ PKGTEST="yes" ++ fi ++ fi ++ ++ if test "$PKGTEST" != "yes"; then ++ dnl pkg-config came up empty, use what we got ++ dnl via --with-rustls + +- if test "x$USE_RUSTLS" = "xyes"; then +- AC_MSG_NOTICE([detected rustls]) +- check_for_ca_bundle=1 +- +- LIBS="-lrustls -lpthread -ldl -lm $LIBS" +- +- if test -n "$rustlslib"; then +- dnl when shared libs were found in a path that the run-time +- dnl linker doesn't search through, we need to add it to +- dnl CURL_LIBRARY_PATH to prevent further configure tests to fail +- dnl due to this +- if test "x$cross_compiling" != "xyes"; then +- CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$rustlslib" +- export CURL_LIBRARY_PATH +- AC_MSG_NOTICE([Added $rustlslib to CURL_LIBRARY_PATH]) ++ addld=-L$PREFIX_RUSTLS/lib$libsuff ++ addcflags=-I$PREFIX_RUSTLS/include ++ ++ LDFLAGS="$LDFLAGS $addld" ++ if test "$addcflags" != "-I/usr/include"; then ++ CPPFLAGS="$CPPFLAGS $addcflags" ++ fi ++ ++ AC_CHECK_LIB(rustls, rustls_connection_read, ++ [ ++ AC_DEFINE(USE_RUSTLS, 1, [if rustls is enabled]) ++ AC_SUBST(USE_RUSTLS, [1]) ++ RUSTLS_ENABLED=1 ++ USE_RUSTLS="yes" ++ ssl_msg="rustls" ++ test rustls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes ++ ], ++ AC_MSG_ERROR([--with-rustls was specified but could not find rustls.]), ++ -lpthread -ldl -lm) ++ ++ USE_RUSTLS="yes" ++ ssl_msg="rustls" ++ ++ LIB_RUSTLS="$PREFIX_RUSTLS/lib$libsuff" ++ if test "$PREFIX_RUSTLS" != "/usr" ; then ++ SSL_LDFLAGS="-L$LIB_RUSTLS" ++ SSL_CPPFLAGS="-I$PREFIX_RUSTLS/include" + fi + fi ++ ;; ++ esac ++ ++ if test "$PKGTEST" = "yes"; then ++ ++ CURL_CHECK_PKGCONFIG(rustls, [$RUSTLS_PCDIR]) ++ ++ if test "$PKGCONFIG" != "no" ; then ++ SSL_LIBS=`CURL_EXPORT_PCDIR([$RUSTLS_PCDIR]) dnl ++ $PKGCONFIG --libs-only-l --libs-only-other rustls 2>/dev/null` ++ ++ SSL_LDFLAGS=`CURL_EXPORT_PCDIR([$RUSTLS_PCDIR]) dnl ++ $PKGCONFIG --libs-only-L rustls 2>/dev/null` ++ ++ SSL_CPPFLAGS=`CURL_EXPORT_PCDIR([$RUSTLS_PCDIR]) dnl ++ $PKGCONFIG --cflags-only-I rustls 2>/dev/null` ++ ++ AC_SUBST(SSL_LIBS) ++ AC_MSG_NOTICE([pkg-config: SSL_LIBS: "$SSL_LIBS"]) ++ AC_MSG_NOTICE([pkg-config: SSL_LDFLAGS: "$SSL_LDFLAGS"]) ++ AC_MSG_NOTICE([pkg-config: SSL_CPPFLAGS: "$SSL_CPPFLAGS"]) ++ ++ LIB_RUSTLS=`echo $SSL_LDFLAGS | sed -e 's/^-L//'` ++ ++ dnl use the values pkg-config reported. This is here ++ dnl instead of below with CPPFLAGS and LDFLAGS because we only ++ dnl learn about this via pkg-config. If we only have ++ dnl the argument to --with-rustls we don't know what ++ dnl additional libs may be necessary. Hope that we ++ dnl don't need any. ++ LIBS="$SSL_LIBS $LIBS" ++ USE_RUSTLS="yes" ++ ssl_msg="rustls" ++ AC_DEFINE(USE_RUSTLS, 1, [if rustls is enabled]) ++ AC_SUBST(USE_RUSTLS, [1]) ++ RUSTLS_ENABLED=1 ++ test rustls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes ++ else ++ AC_MSG_ERROR([pkg-config: Could not find rustls]) + fi + +- fi dnl rustls not disabled ++ else ++ dnl we did not use pkg-config, so we need to add the ++ dnl rustls lib to LIBS ++ LIBS="-lrustls -lpthread -ldl -lm $LIBS" ++ fi ++ ++ dnl finally, set flags to use this TLS backend ++ CPPFLAGS="$CLEAN_CPPFLAGS $SSL_CPPFLAGS" ++ LDFLAGS="$CLAN_LDFLAGS $SSL_LDFLAGS" ++ ++ if test "x$USE_RUSTLS" = "xyes"; then ++ AC_MSG_NOTICE([detected rustls]) ++ check_for_ca_bundle=1 ++ ++ if test -n "$LIB_RUSTLS"; then ++ dnl when shared libs were found in a path that the run-time ++ dnl linker does not search through, we need to add it to ++ dnl CURL_LIBRARY_PATH so that further configure tests do not ++ dnl fail due to this ++ if test "x$cross_compiling" != "xyes"; then ++ CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$LIB_RUSTLS" ++ export CURL_LIBRARY_PATH ++ AC_MSG_NOTICE([Added $LIB_RUSTLS to CURL_LIBRARY_PATH]) ++ fi ++ fi ++ fi + + test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg" ++ ++ if test X"$OPT_RUSTLS" != Xno && ++ test "$RUSTLS_ENABLED" != "1"; then ++ AC_MSG_NOTICE([OPT_RUSTLS: $OPT_RUSTLS]) ++ AC_MSG_NOTICE([RUSTLS_ENABLED: $RUSTLS_ENABLED]) ++ AC_MSG_ERROR([--with-rustls was given but Rustls could not be detected]) ++ fi + fi + ]) ++ ++ ++RUSTLS_ENABLED +-- +2.44.0 |