From 97f40b36b1afa9726e32962d11f3ac2d0bc5792e Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Thu, 16 Feb 2023 08:04:03 +0000 Subject: gentoo auto-resync : 16:02:2023 - 08:04:02 --- net-misc/curl/Manifest | 5 + net-misc/curl/curl-7.88.0.ebuild | 298 +++++++++++++++++++++ .../files/curl-7.88.0-test-gnuserv-tls-srp.patch | 39 +++ .../curl-7.88.0-test-uninitialised-value.patch | 30 +++ 4 files changed, 372 insertions(+) create mode 100644 net-misc/curl/curl-7.88.0.ebuild create mode 100644 net-misc/curl/files/curl-7.88.0-test-gnuserv-tls-srp.patch create mode 100644 net-misc/curl/files/curl-7.88.0-test-uninitialised-value.patch (limited to 'net-misc/curl') diff --git a/net-misc/curl/Manifest b/net-misc/curl/Manifest index e62427bbb7a7..30b34141aa35 100644 --- a/net-misc/curl/Manifest +++ b/net-misc/curl/Manifest @@ -4,8 +4,13 @@ AUX curl-7.86.0-proxy-noproxy-match-comma.patch 3143 BLAKE2B 1aa8d62e6082601eae9 AUX curl-7.86.0-proxy-noproxy-tailmatching.patch 2302 BLAKE2B c4199bc1eb04c8c69f8c72397ce526df6c2186151f77d5e13551e589712e9032e1a52720bd1b946a1b5b984f49a01b297410f4cf74814a58bf4bf43701435c76 SHA512 aa211a5428cc746d07cfd37571169d59ccc97560a69e7c6d21cc8b4a133182366264470de540e1813eee51b376d9056ec8dd01f8e95957e58a83f33d37db0442 AUX curl-7.87.0-gnutls-openssl-build.patch 1010 BLAKE2B 716760a38a7a61420e3e508f976c14776d5f3313c4305e8c2fcff9af1744bcaab61bae643546d625448cc613933f8a7137a783e6313a53799485f432d8b9791f SHA512 2a94cf409f33683ca53a347a99faec3c51ba05c4f531be4e784401e4ed977d1142b5d5bc153dd2444311cdeafd3c406ae4a27e515b875f978f5402487d177e9a AUX curl-7.87.0-typecheck-deprecated.patch 2437 BLAKE2B e04b6cf9b9b4073e2d2762f9c0336d35ef58cbc7b754144ea37a8fba73705e035e1b2f5a05987666f2f0f8a34ef0420a7d5977a9202ea5fe026ee536a44a1b0f SHA512 a7abeb4ab1e0381f78da3732c1ab8ab399e7eed1340efe12c6c9038f811b30095c08794b40ec346db27892fea1f6a240d190b6b655981d5262095569bf9ab815 +AUX curl-7.88.0-test-gnuserv-tls-srp.patch 1226 BLAKE2B 73d6738f647b171a4b332b51938a261f9f334a17e3d0f6b4b8669712ae0836b36bfa833513b312b793f65fdcf6e4e88b9bc27f445e8f1fae5193ac6625b07fe5 SHA512 df0217bc657e355c0237f016ba64d1423a959743892fbf5f16871ae400d7cc2dfd857b8cc15260d6cf13bc3689a0e91985ce7c3042917081882bb250e4c8bcfd +AUX curl-7.88.0-test-uninitialised-value.patch 840 BLAKE2B 9bd2a2dcdeff6fb430e34d93e714f5b8e8c18f9c31298953b07a224fdb2d6e1c494c89bc4d553a31382b3f0a8167d9f40f90a2c3cb4ea8e9692bc41a1dd28a27 SHA512 619dcae5ffa90ea21f1700f4990722a6c508706c4bba295f616691944e2021113247501c9f79ecdf9e7fc3895828cd281847a0ce00f689c417af827d532936f1 AUX curl-respect-cflags-3.patch 406 BLAKE2B 1b533144858aff5566150c4a2648ad2e48e8ff29849ae285592edfee4b3332d06e750395dea7190ee6a01d2b5ee2c2c42c10400c2e5defa09963a90a1a10417d SHA512 3219e4e67d534e35012909243fc8d69d58989462db44dd507c502e7aaa299f1d9a01392e2c83797cc2bdb53d503470c5d6e7bf94572a6ccc6e5eafcc0466bc54 DIST curl-7.87.0.tar.xz 2547932 BLAKE2B b272ec928c5ef1728434630d8910f58834327a30570913df9d47921a2810d002bd88b81371005197db857d3a53386420c1e28b1e463e6241d46c1e50fbce0c13 SHA512 aa125991592667280dce3788aabe81487cf8c55b0afc59d675cc30b76055bb7114f5380b4a0e3b6461a8f81bf9812fa26d493a85f7e01d84263d484a0d699ee7 DIST curl-7.87.0.tar.xz.asc 488 BLAKE2B 031d8236b357bd3c519548b181254dc0aea1efc1375738bce04f4f331d35bafe99d1ca394ecf5943ede7cae040854b6d2b478fd305147eb7330f8d50e5d95c96 SHA512 0bcc12bafc4ae50d80128af2cf4bf1a1ec6018ebb8d5b9c49f52b51c0c25acc77e820858965656549ef43c1f923f4e5fe75b0a3523623154b4cfb9dc8a1d76e4 +DIST curl-7.88.0.tar.xz 2571564 BLAKE2B 8fae8136a8a52c58b2860b6c3b342d59bb0c9a743f94c3ea3620cbb180f1ebd1310ace17e23d9c4bd2ec4b1dd72777779b2e1fbe66bb47b54a60b02247e3a07d SHA512 2008cbc67694f746b7449f087a19b2a9a4950333d6bac1cdc7d80351aa38d8d9b442087dedbc7b0909a419d3b10f510521c942aac012d04a53c32bdb15dce5f0 +DIST curl-7.88.0.tar.xz.asc 488 BLAKE2B 9714e26c1308b036f7b19c909447e20d0c3611b0995845a8fb1a356d74e68027399acaafb69244411787cf2abbcbca446f237ce1277228c33caf0adc97364dbf SHA512 6f3d9a5f8fcec64652f872adf994ff3d0162fba1b483a0e359522173bf29ef3d26eeda7c328207fa1fa974a45e62674a3a8ebec21830ab3981b56851d5804ade EBUILD curl-7.87.0-r2.ebuild 8660 BLAKE2B ce66897406af36dfd872020b5db67428a65954392393529da1678d0b9dec061d05bf52c7debe03d7dab8c051936ab7634f73dea443e094048cd052c76a0f89cb SHA512 b3a9805fab31995d9162f1bdb6159af9f69532c48c6a966be1b08c8a3c21ac3e7ff7f0513a8c33d2973173e1e5400d6e34abca1aa79581fad178e6a98c375adf +EBUILD curl-7.88.0.ebuild 8449 BLAKE2B d3aad8194990c02f6a5ac22dc380ef707148e0621cf320038c20caa8cd95b6f5703dddbbcb5161652cd3118a0de5b72dd2cd73baef86a418d59629906f2b1936 SHA512 3cda7f9a7bae19a2d222afb9e8fb0871417d292bf80bfa74f1e6ece1539b343dbbd713c86eb2eaa214bc6c1a5ea066d3cbd778cb804b71511f9f31f55fef1000 MISC metadata.xml 2289 BLAKE2B a351f315d1913abff2fec9c559b2b74ddc0a60bfb293d20a62e20a2072e820f88295dc88ab32a622855cd962b90b739b0270ba88e097ca6b41c21f7f4f72987b SHA512 45cafa3eac6aaf777de55e025ef64ac039e6d300a760fc86b2eb1b77153f5242181a09082e443e525923e30e804a9ae90e902fb7f252a24214ac88929c3b89fe diff --git a/net-misc/curl/curl-7.88.0.ebuild b/net-misc/curl/curl-7.88.0.ebuild new file mode 100644 index 000000000000..b36a1acba8ac --- /dev/null +++ b/net-misc/curl/curl-7.88.0.ebuild @@ -0,0 +1,298 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI="8" + +inherit autotools prefix multilib-minimal verify-sig + +DESCRIPTION="A Client that groks URLs" +HOMEPAGE="https://curl.se/" +SRC_URI="https://curl.se/download/${P}.tar.xz + verify-sig? ( https://curl.se/download/${P}.tar.xz.asc )" + +LICENSE="curl" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +IUSE="+adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp rustls samba +smtp ssh ssl sslv3 static-libs test telnet +tftp websockets zstd" +IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_rustls" +IUSE+=" nghttp3" +VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc + +#Only one default ssl provider can be enabled +REQUIRED_USE=" + ssl? ( + ^^ ( + curl_ssl_gnutls + curl_ssl_mbedtls + curl_ssl_nss + curl_ssl_openssl + curl_ssl_rustls + ) + )" + +# lead to lots of false negatives, bug #285669 +RESTRICT="!test? ( test )" + +RDEPEND="ldap? ( net-nds/openldap:=[${MULTILIB_USEDEP}] ) + brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] ) + ssl? ( + gnutls? ( + net-libs/gnutls:=[static-libs?,${MULTILIB_USEDEP}] + dev-libs/nettle:=[${MULTILIB_USEDEP}] + app-misc/ca-certificates + ) + mbedtls? ( + net-libs/mbedtls:=[${MULTILIB_USEDEP}] + app-misc/ca-certificates + ) + openssl? ( + dev-libs/openssl:=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}] + ) + nss? ( + dev-libs/nss:0[${MULTILIB_USEDEP}] + dev-libs/nss-pem + app-misc/ca-certificates + ) + rustls? ( + net-libs/rustls-ffi:=[${MULTILIB_USEDEP}] + ) + ) + http2? ( net-libs/nghttp2:=[${MULTILIB_USEDEP}] ) + nghttp3? ( + net-libs/nghttp3[${MULTILIB_USEDEP}] + net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}] + ) + idn? ( net-dns/libidn2:=[static-libs?,${MULTILIB_USEDEP}] ) + adns? ( net-dns/c-ares:=[${MULTILIB_USEDEP}] ) + kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) + rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] ) + ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] ) + sys-libs/zlib[${MULTILIB_USEDEP}] + zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )" + +DEPEND="${RDEPEND}" +BDEPEND="dev-lang/perl + virtual/pkgconfig + test? ( + sys-apps/diffutils + ) + verify-sig? ( sec-keys/openpgp-keys-danielstenberg )" + +DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} ) + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/curl/curlbuild.h +) + +MULTILIB_CHOST_TOOLS=( + /usr/bin/curl-config +) + +PATCHES=( + "${FILESDIR}"/${PN}-7.30.0-prefix.patch + "${FILESDIR}"/${PN}-respect-cflags-3.patch + + "${FILESDIR}"/${P}-test-gnuserv-tls-srp.patch + "${FILESDIR}"/${P}-test-uninitialised-value.patch +) + +src_prepare() { + default + + eprefixify curl-config.in + eautoreconf +} + +multilib_src_configure() { + # We make use of the fact that later flags override earlier ones + # So start with all ssl providers off until proven otherwise + # TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/) + local myconf=() + + myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt ) + #myconf+=( --without-default-ssl-backend ) + if use ssl ; then + myconf+=( --without-gnutls --without-mbedtls --without-nss --without-rustls ) + + if use gnutls || use curl_ssl_gnutls; then + einfo "SSL provided by gnutls" + myconf+=( --with-gnutls ) + fi + if use mbedtls || use curl_ssl_mbedtls; then + einfo "SSL provided by mbedtls" + myconf+=( --with-mbedtls ) + fi + if use nss || use curl_ssl_nss; then + einfo "SSL provided by nss" + myconf+=( --with-nss --with-nss-deprecated ) + fi + if use openssl || use curl_ssl_openssl; then + einfo "SSL provided by openssl" + myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs ) + fi + if use rustls || use curl_ssl_rustls; then + einfo "SSL provided by rustls" + myconf+=( --with-rustls ) + fi + if use curl_ssl_gnutls; then + einfo "Default SSL provided by gnutls" + myconf+=( --with-default-ssl-backend=gnutls ) + elif use curl_ssl_mbedtls; then + einfo "Default SSL provided by mbedtls" + myconf+=( --with-default-ssl-backend=mbedtls ) + elif use curl_ssl_nss; then + einfo "Default SSL provided by nss" + myconf+=( --with-default-ssl-backend=nss ) + elif use curl_ssl_openssl; then + einfo "Default SSL provided by openssl" + myconf+=( --with-default-ssl-backend=openssl ) + elif use curl_ssl_rustls; then + einfo "Default SSL provided by rustls" + myconf+=( --with-default-ssl-backend=rustls ) + else + eerror "We can't be here because of REQUIRED_USE." + fi + + else + myconf+=( --without-ssl ) + einfo "SSL disabled" + fi + + # These configuration options are organized alphabetically + # within each category. This should make it easier if we + # ever decide to make any of them contingent on USE flags: + # 1) protocols first. To see them all do + # 'grep SUPPORT_PROTOCOLS configure.ac' + # 2) --enable/disable options second. + # 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort + # 3) --with/without options third. + # grep -- --with configure | grep Check | awk '{ print $4 }' | sort + + myconf+=( + $(use_enable alt-svc) + --enable-crypto-auth + --enable-dict + --disable-ech + --enable-file + $(use_enable ftp) + $(use_enable gopher) + $(use_enable hsts) + --enable-http + $(use_enable imap) + $(use_enable ldap) + $(use_enable ldap ldaps) + --enable-ntlm + --disable-ntlm-wb + $(use_enable pop3) + --enable-rt + --enable-rtsp + $(use_enable samba smb) + $(use_with ssh libssh2) + $(use_enable smtp) + $(use_enable telnet) + $(use_enable tftp) + --enable-tls-srp + $(use_enable adns ares) + --enable-cookies + --enable-dateparse + --enable-dnsshuffle + --enable-doh + --enable-symbol-hiding + --enable-http-auth + --enable-ipv6 + --enable-largefile + --enable-manual + --enable-mime + --enable-netrc + $(use_enable progress-meter) + --enable-proxy + --disable-sspi + $(use_enable static-libs static) + --enable-pthreads + --enable-threaded-resolver + --disable-versioned-symbols + --without-amissl + --without-bearssl + $(use_with brotli) + --without-fish-functions-dir + $(use_with http2 nghttp2) + --without-hyper + $(use_with idn libidn2) + $(use_with kerberos gssapi "${EPREFIX}"/usr) + --without-libgsasl + --without-libpsl + --without-msh3 + $(use_with nghttp3) + $(use_with nghttp3 ngtcp2) + --without-quiche + $(use_with rtmp librtmp) + --without-schannel + --without-secure-transport + $(use_enable websockets) + --without-winidn + --without-wolfssl + --with-zlib + $(use_with zstd) + ) + + # Do not supply a test httpd/caddy/etc + if use test; then + myconf+=( + --without-test-caddy + --without-test-httpd + --without-test-nghttpx + ) + fi + + ECONF_SOURCE="${S}" econf "${myconf[@]}" + + if ! multilib_is_native_abi; then + # avoid building the client + sed -i -e '/SUBDIRS/s:src::' Makefile || die + sed -i -e '/SUBDIRS/s:scripts::' Makefile || die + fi + + # Fix up the pkg-config file to be more robust. + # https://github.com/curl/curl/issues/864 + local priv=() libs=() + # We always enable zlib. + libs+=( "-lz" ) + priv+=( "zlib" ) + if use http2; then + libs+=( "-lnghttp2" ) + priv+=( "libnghttp2" ) + fi + if use nghttp3; then + libs+=( "-lnghttp3" "-lngtcp2" ) + priv+=( "libnghttp3" "libngtcp2" ) + fi + if use ssl && use curl_ssl_openssl; then + libs+=( "-lssl" "-lcrypto" ) + priv+=( "openssl" ) + fi + grep -q Requires.private libcurl.pc && die "need to update ebuild" + libs=$(printf '|%s' "${libs[@]}") + sed -i -r \ + -e "/^Libs.private/s:(${libs#|})( |$)::g" \ + libcurl.pc || die + echo "Requires.private: ${priv[*]}" >> libcurl.pc || die +} + +multilib_src_test() { + # See https://github.com/curl/curl/blob/master/tests/runtests.pl#L5721 + # -n: no valgrind (unreliable in sandbox and doesn't work correctly on all arches) + # -v: verbose + # -a: keep going on failure (so we see everything which breaks, not just 1st test) + # -k: keep test files after completion + # -am: automake style TAP output + # -p: print logs if test fails + # Note: if needed, we can disable tests. See e.g. Fedora's packaging + # or just read https://github.com/curl/curl/tree/master/tests#run. + multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p" +} + +multilib_src_install_all() { + einstalldocs + find "${ED}" -type f -name '*.la' -delete || die + rm -rf "${ED}"/etc/ || die +} diff --git a/net-misc/curl/files/curl-7.88.0-test-gnuserv-tls-srp.patch b/net-misc/curl/files/curl-7.88.0-test-gnuserv-tls-srp.patch new file mode 100644 index 000000000000..fb9e89fd48cb --- /dev/null +++ b/net-misc/curl/files/curl-7.88.0-test-gnuserv-tls-srp.patch @@ -0,0 +1,39 @@ +https://github.com/curl/curl/commit/2fdc1d816ebf3c77f43068103bec1b3a3767881a.patch +From: Daniel Stenberg +Date: Wed, 15 Feb 2023 15:04:07 +0100 +Subject: [PATCH] tests: make sure gnuserv-tls has SRP support before using it + +Reported-by: fundawang on github +Fixes #10522 +Closes #10524 +--- a/tests/runtests.pl ++++ b/tests/runtests.pl +@@ -5382,7 +5382,7 @@ sub startservers { + elsif($what eq "httptls") { + if(!$httptlssrv) { + # for now, we can't run http TLS-EXT tests without gnutls-serv +- return "no gnutls-serv"; ++ return "no gnutls-serv (with SRP support)"; + } + if($torture && $run{'httptls'} && + !responsive_httptls_server($verbose, "IPv4")) { +--- a/tests/sshhelp.pm ++++ b/tests/sshhelp.pm +@@ -408,7 +408,16 @@ sub find_sshkeygen { + # Find httptlssrv (gnutls-serv) and return canonical filename + # + sub find_httptlssrv { +- return find_exe_file_hpath($httptlssrvexe); ++ my $p = find_exe_file_hpath($httptlssrvexe); ++ my @o = `$p -l`; ++ my $found; ++ for(@o) { ++ if(/Key exchange: SRP/) { ++ $found = 1; ++ last; ++ } ++ } ++ return $p if($found); + } + + diff --git a/net-misc/curl/files/curl-7.88.0-test-uninitialised-value.patch b/net-misc/curl/files/curl-7.88.0-test-uninitialised-value.patch new file mode 100644 index 000000000000..c5ce31d4e427 --- /dev/null +++ b/net-misc/curl/files/curl-7.88.0-test-uninitialised-value.patch @@ -0,0 +1,30 @@ +https://github.com/curl/curl/commit/f1d09231adfc695d15995b9ef2c8c6e568c28091 +From: Daniel Stenberg +Date: Wed, 15 Feb 2023 13:03:21 +0100 +Subject: [PATCH] runtests: fix "uninitialized value $port" + +by using a more appropriate variable + +Reported-by: fundawang on github +Fixes #10518 +Closes #10520 +--- a/tests/runtests.pl ++++ b/tests/runtests.pl +@@ -1740,7 +1740,7 @@ sub runhttpserver { + } + + # where is it? +- my $port; ++ my $port = 0; + if(!$port_or_path) { + $port = $port_or_path = pidfromfile($portfile); + } +@@ -1758,7 +1758,7 @@ sub runhttpserver { + $pid2 = $pid3; + + if($verbose) { +- logmsg "RUN: $srvrname server is on PID $httppid port $port\n"; ++ logmsg "RUN: $srvrname server is on PID $httppid port $port_or_path\n"; + } + + return ($httppid, $pid2, $port); -- cgit v1.2.3