From 29394d0921808a94a409f01eff49f681651de5d5 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Fri, 17 Feb 2023 08:06:58 +0000 Subject: gentoo auto-resync : 17:02:2023 - 08:06:58 --- net-misc/Manifest.gz | Bin 54278 -> 54276 bytes net-misc/curl/Manifest | 9 +- net-misc/curl/curl-7.88.0-r1.ebuild | 298 +++++++++++++++++++++ net-misc/curl/curl-7.88.0.ebuild | 298 --------------------- ...roxy-tailmatch-like-in-7.85.0-and-earlier.patch | 84 ------ .../curl-7.86.0-proxy-noproxy-match-comma.patch | 86 ------ .../curl-7.86.0-proxy-noproxy-tailmatching.patch | 66 ----- net-misc/curl/files/curl-7.88.0-http2.patch | 93 +++++++ .../files/curl-7.88.0-test-gnuserv-tls-srp.patch | 39 --- .../curl-7.88.0-test-uninitialised-value.patch | 30 --- net-misc/curl/files/curl-7.88.0-tests.patch | 120 +++++++++ net-misc/httpstat/Manifest | 4 +- net-misc/httpstat/httpstat-1.3.1-r1.ebuild | 28 ++ net-misc/httpstat/httpstat-1.3.1.ebuild | 2 +- net-misc/miniupnpd/Manifest | 3 + net-misc/miniupnpd/miniupnpd-2.3.3.ebuild | 108 ++++++++ 16 files changed, 657 insertions(+), 611 deletions(-) create mode 100644 net-misc/curl/curl-7.88.0-r1.ebuild delete mode 100644 net-misc/curl/curl-7.88.0.ebuild delete mode 100644 net-misc/curl/files/curl-7.86.0-noproxy-tailmatch-like-in-7.85.0-and-earlier.patch delete mode 100644 net-misc/curl/files/curl-7.86.0-proxy-noproxy-match-comma.patch delete mode 100644 net-misc/curl/files/curl-7.86.0-proxy-noproxy-tailmatching.patch create mode 100644 net-misc/curl/files/curl-7.88.0-http2.patch delete mode 100644 net-misc/curl/files/curl-7.88.0-test-gnuserv-tls-srp.patch delete mode 100644 net-misc/curl/files/curl-7.88.0-test-uninitialised-value.patch create mode 100644 net-misc/curl/files/curl-7.88.0-tests.patch create mode 100644 net-misc/httpstat/httpstat-1.3.1-r1.ebuild create mode 100644 net-misc/miniupnpd/miniupnpd-2.3.3.ebuild (limited to 'net-misc') diff --git a/net-misc/Manifest.gz b/net-misc/Manifest.gz index 27d4c383b0b2..9d1595887196 100644 Binary files a/net-misc/Manifest.gz and b/net-misc/Manifest.gz differ diff --git a/net-misc/curl/Manifest b/net-misc/curl/Manifest index 30b34141aa35..12e3e2e27bfe 100644 --- a/net-misc/curl/Manifest +++ b/net-misc/curl/Manifest @@ -1,16 +1,13 @@ AUX curl-7.30.0-prefix.patch 880 BLAKE2B 5b7552a8339014221864a585d174b02a96ec7dd7fe8762d331d1981834044f8ec4db64d527a4ded3f5f4cccc86f281576668de092439eb19f5477d5fcf8369cf SHA512 c7cd13b9ccbd12ed01ea121ffece9c23b898a5b34698bae59ae1dd23b1cf2445180b84d80c4a640981f16dba5018df944f405dd5c660addab54ca21e0e673b7f -AUX curl-7.86.0-noproxy-tailmatch-like-in-7.85.0-and-earlier.patch 3609 BLAKE2B 6f7e80c915d8592b93349d8aade7670f37bf37803ee02130245905636de30a70be51272b2d06392397ffcf76bfda78cfc2fbb671971ab3d18b20677239944544 SHA512 20999f12d5316be5854c9ab09a0f9e887edb7878f157069759c8404d31bfd23db352894c0dca6ce871618d0088f0320ebaa1b6166b54facce0e5faf74600232b -AUX curl-7.86.0-proxy-noproxy-match-comma.patch 3143 BLAKE2B 1aa8d62e6082601eae9e3ae7690a1e7ddce7f12be4cf9f20010f32aa51cd5b1c4206be0b731935a9ddd45bb5654ceed3cba3eabb6a1b9dc60112052d7e79ffa7 SHA512 1a0c67bdabeb1ea8cba7a0f93c12ea626bdc329bbe8c3978f03cb25a78c74fa3257a36f2ed53c177b3a256bca2c0dd8081bab1536b0670e1ec9c0541ac23fc11 -AUX curl-7.86.0-proxy-noproxy-tailmatching.patch 2302 BLAKE2B c4199bc1eb04c8c69f8c72397ce526df6c2186151f77d5e13551e589712e9032e1a52720bd1b946a1b5b984f49a01b297410f4cf74814a58bf4bf43701435c76 SHA512 aa211a5428cc746d07cfd37571169d59ccc97560a69e7c6d21cc8b4a133182366264470de540e1813eee51b376d9056ec8dd01f8e95957e58a83f33d37db0442 AUX curl-7.87.0-gnutls-openssl-build.patch 1010 BLAKE2B 716760a38a7a61420e3e508f976c14776d5f3313c4305e8c2fcff9af1744bcaab61bae643546d625448cc613933f8a7137a783e6313a53799485f432d8b9791f SHA512 2a94cf409f33683ca53a347a99faec3c51ba05c4f531be4e784401e4ed977d1142b5d5bc153dd2444311cdeafd3c406ae4a27e515b875f978f5402487d177e9a AUX curl-7.87.0-typecheck-deprecated.patch 2437 BLAKE2B e04b6cf9b9b4073e2d2762f9c0336d35ef58cbc7b754144ea37a8fba73705e035e1b2f5a05987666f2f0f8a34ef0420a7d5977a9202ea5fe026ee536a44a1b0f SHA512 a7abeb4ab1e0381f78da3732c1ab8ab399e7eed1340efe12c6c9038f811b30095c08794b40ec346db27892fea1f6a240d190b6b655981d5262095569bf9ab815 -AUX curl-7.88.0-test-gnuserv-tls-srp.patch 1226 BLAKE2B 73d6738f647b171a4b332b51938a261f9f334a17e3d0f6b4b8669712ae0836b36bfa833513b312b793f65fdcf6e4e88b9bc27f445e8f1fae5193ac6625b07fe5 SHA512 df0217bc657e355c0237f016ba64d1423a959743892fbf5f16871ae400d7cc2dfd857b8cc15260d6cf13bc3689a0e91985ce7c3042917081882bb250e4c8bcfd -AUX curl-7.88.0-test-uninitialised-value.patch 840 BLAKE2B 9bd2a2dcdeff6fb430e34d93e714f5b8e8c18f9c31298953b07a224fdb2d6e1c494c89bc4d553a31382b3f0a8167d9f40f90a2c3cb4ea8e9692bc41a1dd28a27 SHA512 619dcae5ffa90ea21f1700f4990722a6c508706c4bba295f616691944e2021113247501c9f79ecdf9e7fc3895828cd281847a0ce00f689c417af827d532936f1 +AUX curl-7.88.0-http2.patch 3328 BLAKE2B 86b58fa6ee9c620e7e474c9e5a661b885adbe90172e4f769e503e1911db3664f75e96aead241638a3dabbaf6d393149c5b6b374bf333cb6951c35cae8a4039eb SHA512 7cb11fcbae30c99e0736aa5edf21f042446fc4e6d128c7b9bb3c53cf467e66a03461c1bb9f6e20e1fb64d1223cd9e1b01dfa99a5a3652f1c1748a3e96b795ce0 +AUX curl-7.88.0-tests.patch 3640 BLAKE2B be0f105a0a16df15660404598ff5d227bdaf8b5d3b6f072e16aa489ee3ca4a30775e9b024a6595accabb50657966515e78043dd47bb43c58140d4d2676e48198 SHA512 13e4502929f8bb1366e1587369439ac4560239e1e2a741df6add56bba80bd3d80b3c8f12b9eb1723d7e27693d96aa6e914bced98325a77e96b2a108624d1f835 AUX curl-respect-cflags-3.patch 406 BLAKE2B 1b533144858aff5566150c4a2648ad2e48e8ff29849ae285592edfee4b3332d06e750395dea7190ee6a01d2b5ee2c2c42c10400c2e5defa09963a90a1a10417d SHA512 3219e4e67d534e35012909243fc8d69d58989462db44dd507c502e7aaa299f1d9a01392e2c83797cc2bdb53d503470c5d6e7bf94572a6ccc6e5eafcc0466bc54 DIST curl-7.87.0.tar.xz 2547932 BLAKE2B b272ec928c5ef1728434630d8910f58834327a30570913df9d47921a2810d002bd88b81371005197db857d3a53386420c1e28b1e463e6241d46c1e50fbce0c13 SHA512 aa125991592667280dce3788aabe81487cf8c55b0afc59d675cc30b76055bb7114f5380b4a0e3b6461a8f81bf9812fa26d493a85f7e01d84263d484a0d699ee7 DIST curl-7.87.0.tar.xz.asc 488 BLAKE2B 031d8236b357bd3c519548b181254dc0aea1efc1375738bce04f4f331d35bafe99d1ca394ecf5943ede7cae040854b6d2b478fd305147eb7330f8d50e5d95c96 SHA512 0bcc12bafc4ae50d80128af2cf4bf1a1ec6018ebb8d5b9c49f52b51c0c25acc77e820858965656549ef43c1f923f4e5fe75b0a3523623154b4cfb9dc8a1d76e4 DIST curl-7.88.0.tar.xz 2571564 BLAKE2B 8fae8136a8a52c58b2860b6c3b342d59bb0c9a743f94c3ea3620cbb180f1ebd1310ace17e23d9c4bd2ec4b1dd72777779b2e1fbe66bb47b54a60b02247e3a07d SHA512 2008cbc67694f746b7449f087a19b2a9a4950333d6bac1cdc7d80351aa38d8d9b442087dedbc7b0909a419d3b10f510521c942aac012d04a53c32bdb15dce5f0 DIST curl-7.88.0.tar.xz.asc 488 BLAKE2B 9714e26c1308b036f7b19c909447e20d0c3611b0995845a8fb1a356d74e68027399acaafb69244411787cf2abbcbca446f237ce1277228c33caf0adc97364dbf SHA512 6f3d9a5f8fcec64652f872adf994ff3d0162fba1b483a0e359522173bf29ef3d26eeda7c328207fa1fa974a45e62674a3a8ebec21830ab3981b56851d5804ade EBUILD curl-7.87.0-r2.ebuild 8660 BLAKE2B ce66897406af36dfd872020b5db67428a65954392393529da1678d0b9dec061d05bf52c7debe03d7dab8c051936ab7634f73dea443e094048cd052c76a0f89cb SHA512 b3a9805fab31995d9162f1bdb6159af9f69532c48c6a966be1b08c8a3c21ac3e7ff7f0513a8c33d2973173e1e5400d6e34abca1aa79581fad178e6a98c375adf -EBUILD curl-7.88.0.ebuild 8449 BLAKE2B d3aad8194990c02f6a5ac22dc380ef707148e0621cf320038c20caa8cd95b6f5703dddbbcb5161652cd3118a0de5b72dd2cd73baef86a418d59629906f2b1936 SHA512 3cda7f9a7bae19a2d222afb9e8fb0871417d292bf80bfa74f1e6ece1539b343dbbd713c86eb2eaa214bc6c1a5ea066d3cbd778cb804b71511f9f31f55fef1000 +EBUILD curl-7.88.0-r1.ebuild 8414 BLAKE2B 8ad26a35d3485c82e9a6f8e80ffffa036a77d8bb7a6a590553db5bf397470271ee00a26bae321edaab5bf48f9fb4e7c1fba7457dacb0db012a87833ee7170878 SHA512 1ef1fe83d74f1c449e78ade7d3fae538b494f522a64da11657d543b7401c0995d7b647b4107e75d0d41984a33ec3543ebe21f2b593e9619212f115a465db5476 MISC metadata.xml 2289 BLAKE2B a351f315d1913abff2fec9c559b2b74ddc0a60bfb293d20a62e20a2072e820f88295dc88ab32a622855cd962b90b739b0270ba88e097ca6b41c21f7f4f72987b SHA512 45cafa3eac6aaf777de55e025ef64ac039e6d300a760fc86b2eb1b77153f5242181a09082e443e525923e30e804a9ae90e902fb7f252a24214ac88929c3b89fe diff --git a/net-misc/curl/curl-7.88.0-r1.ebuild b/net-misc/curl/curl-7.88.0-r1.ebuild new file mode 100644 index 000000000000..a95ae998050a --- /dev/null +++ b/net-misc/curl/curl-7.88.0-r1.ebuild @@ -0,0 +1,298 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI="8" + +inherit autotools prefix multilib-minimal verify-sig + +DESCRIPTION="A Client that groks URLs" +HOMEPAGE="https://curl.se/" +SRC_URI="https://curl.se/download/${P}.tar.xz + verify-sig? ( https://curl.se/download/${P}.tar.xz.asc )" + +LICENSE="curl" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +IUSE="+adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp rustls samba +smtp ssh ssl sslv3 static-libs test telnet +tftp websockets zstd" +IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_rustls" +IUSE+=" nghttp3" +VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc + +#Only one default ssl provider can be enabled +REQUIRED_USE=" + ssl? ( + ^^ ( + curl_ssl_gnutls + curl_ssl_mbedtls + curl_ssl_nss + curl_ssl_openssl + curl_ssl_rustls + ) + )" + +# lead to lots of false negatives, bug #285669 +RESTRICT="!test? ( test )" + +RDEPEND="ldap? ( net-nds/openldap:=[${MULTILIB_USEDEP}] ) + brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] ) + ssl? ( + gnutls? ( + net-libs/gnutls:=[static-libs?,${MULTILIB_USEDEP}] + dev-libs/nettle:=[${MULTILIB_USEDEP}] + app-misc/ca-certificates + ) + mbedtls? ( + net-libs/mbedtls:=[${MULTILIB_USEDEP}] + app-misc/ca-certificates + ) + openssl? ( + dev-libs/openssl:=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}] + ) + nss? ( + dev-libs/nss:0[${MULTILIB_USEDEP}] + dev-libs/nss-pem + app-misc/ca-certificates + ) + rustls? ( + net-libs/rustls-ffi:=[${MULTILIB_USEDEP}] + ) + ) + http2? ( net-libs/nghttp2:=[${MULTILIB_USEDEP}] ) + nghttp3? ( + net-libs/nghttp3[${MULTILIB_USEDEP}] + net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}] + ) + idn? ( net-dns/libidn2:=[static-libs?,${MULTILIB_USEDEP}] ) + adns? ( net-dns/c-ares:=[${MULTILIB_USEDEP}] ) + kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) + rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] ) + ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] ) + sys-libs/zlib[${MULTILIB_USEDEP}] + zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )" + +DEPEND="${RDEPEND}" +BDEPEND="dev-lang/perl + virtual/pkgconfig + test? ( + sys-apps/diffutils + ) + verify-sig? ( sec-keys/openpgp-keys-danielstenberg )" + +DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} ) + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/curl/curlbuild.h +) + +MULTILIB_CHOST_TOOLS=( + /usr/bin/curl-config +) + +PATCHES=( + "${FILESDIR}"/${PN}-7.30.0-prefix.patch + "${FILESDIR}"/${PN}-respect-cflags-3.patch + + "${FILESDIR}"/${P}-http2.patch + "${FILESDIR}"/${P}-tests.patch +) + +src_prepare() { + default + + eprefixify curl-config.in + eautoreconf +} + +multilib_src_configure() { + # We make use of the fact that later flags override earlier ones + # So start with all ssl providers off until proven otherwise + # TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/) + local myconf=() + + myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt ) + #myconf+=( --without-default-ssl-backend ) + if use ssl ; then + myconf+=( --without-gnutls --without-mbedtls --without-nss --without-rustls ) + + if use gnutls || use curl_ssl_gnutls; then + einfo "SSL provided by gnutls" + myconf+=( --with-gnutls ) + fi + if use mbedtls || use curl_ssl_mbedtls; then + einfo "SSL provided by mbedtls" + myconf+=( --with-mbedtls ) + fi + if use nss || use curl_ssl_nss; then + einfo "SSL provided by nss" + myconf+=( --with-nss --with-nss-deprecated ) + fi + if use openssl || use curl_ssl_openssl; then + einfo "SSL provided by openssl" + myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs ) + fi + if use rustls || use curl_ssl_rustls; then + einfo "SSL provided by rustls" + myconf+=( --with-rustls ) + fi + if use curl_ssl_gnutls; then + einfo "Default SSL provided by gnutls" + myconf+=( --with-default-ssl-backend=gnutls ) + elif use curl_ssl_mbedtls; then + einfo "Default SSL provided by mbedtls" + myconf+=( --with-default-ssl-backend=mbedtls ) + elif use curl_ssl_nss; then + einfo "Default SSL provided by nss" + myconf+=( --with-default-ssl-backend=nss ) + elif use curl_ssl_openssl; then + einfo "Default SSL provided by openssl" + myconf+=( --with-default-ssl-backend=openssl ) + elif use curl_ssl_rustls; then + einfo "Default SSL provided by rustls" + myconf+=( --with-default-ssl-backend=rustls ) + else + eerror "We can't be here because of REQUIRED_USE." + fi + + else + myconf+=( --without-ssl ) + einfo "SSL disabled" + fi + + # These configuration options are organized alphabetically + # within each category. This should make it easier if we + # ever decide to make any of them contingent on USE flags: + # 1) protocols first. To see them all do + # 'grep SUPPORT_PROTOCOLS configure.ac' + # 2) --enable/disable options second. + # 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort + # 3) --with/without options third. + # grep -- --with configure | grep Check | awk '{ print $4 }' | sort + + myconf+=( + $(use_enable alt-svc) + --enable-crypto-auth + --enable-dict + --disable-ech + --enable-file + $(use_enable ftp) + $(use_enable gopher) + $(use_enable hsts) + --enable-http + $(use_enable imap) + $(use_enable ldap) + $(use_enable ldap ldaps) + --enable-ntlm + --disable-ntlm-wb + $(use_enable pop3) + --enable-rt + --enable-rtsp + $(use_enable samba smb) + $(use_with ssh libssh2) + $(use_enable smtp) + $(use_enable telnet) + $(use_enable tftp) + --enable-tls-srp + $(use_enable adns ares) + --enable-cookies + --enable-dateparse + --enable-dnsshuffle + --enable-doh + --enable-symbol-hiding + --enable-http-auth + --enable-ipv6 + --enable-largefile + --enable-manual + --enable-mime + --enable-netrc + $(use_enable progress-meter) + --enable-proxy + --disable-sspi + $(use_enable static-libs static) + --enable-pthreads + --enable-threaded-resolver + --disable-versioned-symbols + --without-amissl + --without-bearssl + $(use_with brotli) + --without-fish-functions-dir + $(use_with http2 nghttp2) + --without-hyper + $(use_with idn libidn2) + $(use_with kerberos gssapi "${EPREFIX}"/usr) + --without-libgsasl + --without-libpsl + --without-msh3 + $(use_with nghttp3) + $(use_with nghttp3 ngtcp2) + --without-quiche + $(use_with rtmp librtmp) + --without-schannel + --without-secure-transport + $(use_enable websockets) + --without-winidn + --without-wolfssl + --with-zlib + $(use_with zstd) + ) + + # Do not supply a test httpd/caddy/etc + if use test; then + myconf+=( + --without-test-caddy + --without-test-httpd + --without-test-nghttpx + ) + fi + + ECONF_SOURCE="${S}" econf "${myconf[@]}" + + if ! multilib_is_native_abi; then + # avoid building the client + sed -i -e '/SUBDIRS/s:src::' Makefile || die + sed -i -e '/SUBDIRS/s:scripts::' Makefile || die + fi + + # Fix up the pkg-config file to be more robust. + # https://github.com/curl/curl/issues/864 + local priv=() libs=() + # We always enable zlib. + libs+=( "-lz" ) + priv+=( "zlib" ) + if use http2; then + libs+=( "-lnghttp2" ) + priv+=( "libnghttp2" ) + fi + if use nghttp3; then + libs+=( "-lnghttp3" "-lngtcp2" ) + priv+=( "libnghttp3" "libngtcp2" ) + fi + if use ssl && use curl_ssl_openssl; then + libs+=( "-lssl" "-lcrypto" ) + priv+=( "openssl" ) + fi + grep -q Requires.private libcurl.pc && die "need to update ebuild" + libs=$(printf '|%s' "${libs[@]}") + sed -i -r \ + -e "/^Libs.private/s:(${libs#|})( |$)::g" \ + libcurl.pc || die + echo "Requires.private: ${priv[*]}" >> libcurl.pc || die +} + +multilib_src_test() { + # See https://github.com/curl/curl/blob/master/tests/runtests.pl#L5721 + # -n: no valgrind (unreliable in sandbox and doesn't work correctly on all arches) + # -v: verbose + # -a: keep going on failure (so we see everything which breaks, not just 1st test) + # -k: keep test files after completion + # -am: automake style TAP output + # -p: print logs if test fails + # Note: if needed, we can disable tests. See e.g. Fedora's packaging + # or just read https://github.com/curl/curl/tree/master/tests#run. + multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p" +} + +multilib_src_install_all() { + einstalldocs + find "${ED}" -type f -name '*.la' -delete || die + rm -rf "${ED}"/etc/ || die +} diff --git a/net-misc/curl/curl-7.88.0.ebuild b/net-misc/curl/curl-7.88.0.ebuild deleted file mode 100644 index b36a1acba8ac..000000000000 --- a/net-misc/curl/curl-7.88.0.ebuild +++ /dev/null @@ -1,298 +0,0 @@ -# Copyright 1999-2023 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI="8" - -inherit autotools prefix multilib-minimal verify-sig - -DESCRIPTION="A Client that groks URLs" -HOMEPAGE="https://curl.se/" -SRC_URI="https://curl.se/download/${P}.tar.xz - verify-sig? ( https://curl.se/download/${P}.tar.xz.asc )" - -LICENSE="curl" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" -IUSE="+adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp rustls samba +smtp ssh ssl sslv3 static-libs test telnet +tftp websockets zstd" -IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_rustls" -IUSE+=" nghttp3" -VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc - -#Only one default ssl provider can be enabled -REQUIRED_USE=" - ssl? ( - ^^ ( - curl_ssl_gnutls - curl_ssl_mbedtls - curl_ssl_nss - curl_ssl_openssl - curl_ssl_rustls - ) - )" - -# lead to lots of false negatives, bug #285669 -RESTRICT="!test? ( test )" - -RDEPEND="ldap? ( net-nds/openldap:=[${MULTILIB_USEDEP}] ) - brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] ) - ssl? ( - gnutls? ( - net-libs/gnutls:=[static-libs?,${MULTILIB_USEDEP}] - dev-libs/nettle:=[${MULTILIB_USEDEP}] - app-misc/ca-certificates - ) - mbedtls? ( - net-libs/mbedtls:=[${MULTILIB_USEDEP}] - app-misc/ca-certificates - ) - openssl? ( - dev-libs/openssl:=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}] - ) - nss? ( - dev-libs/nss:0[${MULTILIB_USEDEP}] - dev-libs/nss-pem - app-misc/ca-certificates - ) - rustls? ( - net-libs/rustls-ffi:=[${MULTILIB_USEDEP}] - ) - ) - http2? ( net-libs/nghttp2:=[${MULTILIB_USEDEP}] ) - nghttp3? ( - net-libs/nghttp3[${MULTILIB_USEDEP}] - net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}] - ) - idn? ( net-dns/libidn2:=[static-libs?,${MULTILIB_USEDEP}] ) - adns? ( net-dns/c-ares:=[${MULTILIB_USEDEP}] ) - kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) - rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] ) - ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] ) - sys-libs/zlib[${MULTILIB_USEDEP}] - zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )" - -DEPEND="${RDEPEND}" -BDEPEND="dev-lang/perl - virtual/pkgconfig - test? ( - sys-apps/diffutils - ) - verify-sig? ( sec-keys/openpgp-keys-danielstenberg )" - -DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} ) - -MULTILIB_WRAPPED_HEADERS=( - /usr/include/curl/curlbuild.h -) - -MULTILIB_CHOST_TOOLS=( - /usr/bin/curl-config -) - -PATCHES=( - "${FILESDIR}"/${PN}-7.30.0-prefix.patch - "${FILESDIR}"/${PN}-respect-cflags-3.patch - - "${FILESDIR}"/${P}-test-gnuserv-tls-srp.patch - "${FILESDIR}"/${P}-test-uninitialised-value.patch -) - -src_prepare() { - default - - eprefixify curl-config.in - eautoreconf -} - -multilib_src_configure() { - # We make use of the fact that later flags override earlier ones - # So start with all ssl providers off until proven otherwise - # TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/) - local myconf=() - - myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt ) - #myconf+=( --without-default-ssl-backend ) - if use ssl ; then - myconf+=( --without-gnutls --without-mbedtls --without-nss --without-rustls ) - - if use gnutls || use curl_ssl_gnutls; then - einfo "SSL provided by gnutls" - myconf+=( --with-gnutls ) - fi - if use mbedtls || use curl_ssl_mbedtls; then - einfo "SSL provided by mbedtls" - myconf+=( --with-mbedtls ) - fi - if use nss || use curl_ssl_nss; then - einfo "SSL provided by nss" - myconf+=( --with-nss --with-nss-deprecated ) - fi - if use openssl || use curl_ssl_openssl; then - einfo "SSL provided by openssl" - myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs ) - fi - if use rustls || use curl_ssl_rustls; then - einfo "SSL provided by rustls" - myconf+=( --with-rustls ) - fi - if use curl_ssl_gnutls; then - einfo "Default SSL provided by gnutls" - myconf+=( --with-default-ssl-backend=gnutls ) - elif use curl_ssl_mbedtls; then - einfo "Default SSL provided by mbedtls" - myconf+=( --with-default-ssl-backend=mbedtls ) - elif use curl_ssl_nss; then - einfo "Default SSL provided by nss" - myconf+=( --with-default-ssl-backend=nss ) - elif use curl_ssl_openssl; then - einfo "Default SSL provided by openssl" - myconf+=( --with-default-ssl-backend=openssl ) - elif use curl_ssl_rustls; then - einfo "Default SSL provided by rustls" - myconf+=( --with-default-ssl-backend=rustls ) - else - eerror "We can't be here because of REQUIRED_USE." - fi - - else - myconf+=( --without-ssl ) - einfo "SSL disabled" - fi - - # These configuration options are organized alphabetically - # within each category. This should make it easier if we - # ever decide to make any of them contingent on USE flags: - # 1) protocols first. To see them all do - # 'grep SUPPORT_PROTOCOLS configure.ac' - # 2) --enable/disable options second. - # 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort - # 3) --with/without options third. - # grep -- --with configure | grep Check | awk '{ print $4 }' | sort - - myconf+=( - $(use_enable alt-svc) - --enable-crypto-auth - --enable-dict - --disable-ech - --enable-file - $(use_enable ftp) - $(use_enable gopher) - $(use_enable hsts) - --enable-http - $(use_enable imap) - $(use_enable ldap) - $(use_enable ldap ldaps) - --enable-ntlm - --disable-ntlm-wb - $(use_enable pop3) - --enable-rt - --enable-rtsp - $(use_enable samba smb) - $(use_with ssh libssh2) - $(use_enable smtp) - $(use_enable telnet) - $(use_enable tftp) - --enable-tls-srp - $(use_enable adns ares) - --enable-cookies - --enable-dateparse - --enable-dnsshuffle - --enable-doh - --enable-symbol-hiding - --enable-http-auth - --enable-ipv6 - --enable-largefile - --enable-manual - --enable-mime - --enable-netrc - $(use_enable progress-meter) - --enable-proxy - --disable-sspi - $(use_enable static-libs static) - --enable-pthreads - --enable-threaded-resolver - --disable-versioned-symbols - --without-amissl - --without-bearssl - $(use_with brotli) - --without-fish-functions-dir - $(use_with http2 nghttp2) - --without-hyper - $(use_with idn libidn2) - $(use_with kerberos gssapi "${EPREFIX}"/usr) - --without-libgsasl - --without-libpsl - --without-msh3 - $(use_with nghttp3) - $(use_with nghttp3 ngtcp2) - --without-quiche - $(use_with rtmp librtmp) - --without-schannel - --without-secure-transport - $(use_enable websockets) - --without-winidn - --without-wolfssl - --with-zlib - $(use_with zstd) - ) - - # Do not supply a test httpd/caddy/etc - if use test; then - myconf+=( - --without-test-caddy - --without-test-httpd - --without-test-nghttpx - ) - fi - - ECONF_SOURCE="${S}" econf "${myconf[@]}" - - if ! multilib_is_native_abi; then - # avoid building the client - sed -i -e '/SUBDIRS/s:src::' Makefile || die - sed -i -e '/SUBDIRS/s:scripts::' Makefile || die - fi - - # Fix up the pkg-config file to be more robust. - # https://github.com/curl/curl/issues/864 - local priv=() libs=() - # We always enable zlib. - libs+=( "-lz" ) - priv+=( "zlib" ) - if use http2; then - libs+=( "-lnghttp2" ) - priv+=( "libnghttp2" ) - fi - if use nghttp3; then - libs+=( "-lnghttp3" "-lngtcp2" ) - priv+=( "libnghttp3" "libngtcp2" ) - fi - if use ssl && use curl_ssl_openssl; then - libs+=( "-lssl" "-lcrypto" ) - priv+=( "openssl" ) - fi - grep -q Requires.private libcurl.pc && die "need to update ebuild" - libs=$(printf '|%s' "${libs[@]}") - sed -i -r \ - -e "/^Libs.private/s:(${libs#|})( |$)::g" \ - libcurl.pc || die - echo "Requires.private: ${priv[*]}" >> libcurl.pc || die -} - -multilib_src_test() { - # See https://github.com/curl/curl/blob/master/tests/runtests.pl#L5721 - # -n: no valgrind (unreliable in sandbox and doesn't work correctly on all arches) - # -v: verbose - # -a: keep going on failure (so we see everything which breaks, not just 1st test) - # -k: keep test files after completion - # -am: automake style TAP output - # -p: print logs if test fails - # Note: if needed, we can disable tests. See e.g. Fedora's packaging - # or just read https://github.com/curl/curl/tree/master/tests#run. - multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p" -} - -multilib_src_install_all() { - einstalldocs - find "${ED}" -type f -name '*.la' -delete || die - rm -rf "${ED}"/etc/ || die -} diff --git a/net-misc/curl/files/curl-7.86.0-noproxy-tailmatch-like-in-7.85.0-and-earlier.patch b/net-misc/curl/files/curl-7.86.0-noproxy-tailmatch-like-in-7.85.0-and-earlier.patch deleted file mode 100644 index 1f04f22f9b1b..000000000000 --- a/net-misc/curl/files/curl-7.86.0-noproxy-tailmatch-like-in-7.85.0-and-earlier.patch +++ /dev/null @@ -1,84 +0,0 @@ -https://github.com/curl/curl/issues/9842 -https://github.com/curl/curl/commit/b1953c1933b369b1217ef0f16053e26da63488c3 - -From b1953c1933b369b1217ef0f16053e26da63488c3 Mon Sep 17 00:00:00 2001 -From: Daniel Stenberg -Date: Sun, 6 Nov 2022 23:19:51 +0100 -Subject: [PATCH] noproxy: tailmatch like in 7.85.0 and earlier - -A regfression in 7.86.0 (via 1e9a538e05c010) made the tailmatch work -differently than before. This restores the logic to how it used to work: - -All names listed in NO_PROXY are tailmatched against the used domain -name, if the lengths are identical it needs a full match. - -Update the docs, update test 1614. - -Reported-by: Stuart Henderson -Fixes #9842 -Closes #9858 ---- - docs/libcurl/opts/CURLOPT_NOPROXY.3 | 4 ---- - lib/noproxy.c | 32 +++++++++++++++-------------- - tests/unit/unit1614.c | 3 ++- - 3 files changed, 19 insertions(+), 20 deletions(-) - -diff --git a/docs/libcurl/opts/CURLOPT_NOPROXY.3 b/docs/libcurl/opts/CURLOPT_NOPROXY.3 -index 5e4c32130431..dc3cf7c10833 100644 ---- a/docs/libcurl/opts/CURLOPT_NOPROXY.3 -+++ b/docs/libcurl/opts/CURLOPT_NOPROXY.3 -@@ -40,10 +40,6 @@ list is matched as either a domain which contains the hostname, or the - hostname itself. For example, "ample.com" would match ample.com, ample.com:80, - and www.ample.com, but not www.example.com or ample.com.org. - --If the name in the \fInoproxy\fP list has a leading period, it is a domain --match against the provided host name. This way ".example.com" will switch off --proxy use for both "www.example.com" as well as for "foo.example.com". -- - Setting the \fInoproxy\fP string to "" (an empty string) will explicitly - enable the proxy for all host names, even if there is an environment variable - set for it. -diff --git a/lib/noproxy.c b/lib/noproxy.c -index 2832ae166a5b..fb856e4faa72 100644 ---- a/lib/noproxy.c -+++ b/lib/noproxy.c -@@ -187,22 +187,24 @@ bool Curl_check_noproxy(const char *name, const char *no_proxy) - tokenlen--; - - if(tokenlen && (*token == '.')) { -- /* A: example.com matches '.example.com' -- B: www.example.com matches '.example.com' -- C: nonexample.com DOES NOT match '.example.com' -- */ -- if((tokenlen - 1) == namelen) -- /* case A, exact match without leading dot */ -- match = strncasecompare(token + 1, name, namelen); -- else if(tokenlen < namelen) -- /* case B, tailmatch with leading dot */ -- match = strncasecompare(token, name + (namelen - tokenlen), -- tokenlen); -- /* case C passes through, not a match */ -+ /* ignore leading token dot as well */ -+ token++; -+ tokenlen--; - } -- else -- match = (tokenlen == namelen) && -- strncasecompare(token, name, namelen); -+ /* A: example.com matches 'example.com' -+ B: www.example.com matches 'example.com' -+ C: nonexample.com DOES NOT match 'example.com' -+ */ -+ if(tokenlen == namelen) -+ /* case A, exact match */ -+ match = strncasecompare(token, name, namelen); -+ else if(tokenlen < namelen) { -+ /* case B, tailmatch domain */ -+ match = (name[namelen - tokenlen - 1] == '.') && -+ strncasecompare(token, name + (namelen - tokenlen), -+ tokenlen); -+ } -+ /* case C passes through, not a match */ - break; - case TYPE_IPV4: - /* FALLTHROUGH */ diff --git a/net-misc/curl/files/curl-7.86.0-proxy-noproxy-match-comma.patch b/net-misc/curl/files/curl-7.86.0-proxy-noproxy-match-comma.patch deleted file mode 100644 index 6c8f4067e8d5..000000000000 --- a/net-misc/curl/files/curl-7.86.0-proxy-noproxy-match-comma.patch +++ /dev/null @@ -1,86 +0,0 @@ -https://bugs.gentoo.org/878365#c2 -https://github.com/curl/curl/issues/9813 -https://github.com/curl/curl/commit/efc286b7a62af0568fdcbf3c68791c9955182128 - -From efc286b7a62af0568fdcbf3c68791c9955182128 Mon Sep 17 00:00:00 2001 -From: Daniel Stenberg -Date: Thu, 27 Oct 2022 13:54:27 +0200 -Subject: [PATCH] noproxy: also match with adjacent comma - -If the host name is an IP address and the noproxy string contained that -IP address with a following comma, it would erroneously not match. - -Extended test 1614 to verify this combo as well. - -Reported-by: Henning Schild - -Fixes #9813 -Closes #9814 ---- a/lib/noproxy.c -+++ b/lib/noproxy.c -@@ -192,18 +192,22 @@ bool Curl_check_noproxy(const char *name, const char *no_proxy) - /* FALLTHROUGH */ - case TYPE_IPV6: { - const char *check = token; -- char *slash = strchr(check, '/'); -+ char *slash; - unsigned int bits = 0; - char checkip[128]; -+ if(tokenlen >= sizeof(checkip)) -+ /* this cannot match */ -+ break; -+ /* copy the check name to a temp buffer */ -+ memcpy(checkip, check, tokenlen); -+ checkip[tokenlen] = 0; -+ check = checkip; -+ -+ slash = strchr(check, '/'); - /* if the slash is part of this token, use it */ -- if(slash && (slash < &check[tokenlen])) { -+ if(slash) { - bits = atoi(slash + 1); -- /* copy the check name to a temp buffer */ -- if(tokenlen >= sizeof(checkip)) -- break; -- memcpy(checkip, check, tokenlen); -- checkip[ slash - check ] = 0; -- check = checkip; -+ *slash = 0; /* null terminate there */ - } - if(type == TYPE_IPV6) - match = Curl_cidr6_match(name, check, bits); ---- a/tests/data/test1614 -+++ b/tests/data/test1614 -@@ -16,7 +16,7 @@ unittest - proxy - - --cidr comparisons -+noproxy and cidr comparisons - - - ---- a/tests/unit/unit1614.c -+++ b/tests/unit/unit1614.c -@@ -77,6 +77,20 @@ UNITTEST_START - { NULL, NULL, 0, FALSE} /* end marker */ - }; - struct noproxy list[]= { -+ { "127.0.0.1", "127.0.0.1,localhost", TRUE}, -+ { "127.0.0.1", "127.0.0.1,localhost,", TRUE}, -+ { "127.0.0.1", "127.0.0.1/8,localhost,", TRUE}, -+ { "127.0.0.1", "127.0.0.1/28,localhost,", TRUE}, -+ { "127.0.0.1", "127.0.0.1/31,localhost,", TRUE}, -+ { "127.0.0.1", "localhost,127.0.0.1", TRUE}, -+ { "127.0.0.1", "localhost,127.0.0.1.127.0.0.1.127.0.0.1.127.0.0.1." -+ "127.0.0.1.127.0.0.1.127.0.0.1.127.0.0.1.127.0.0.1.127.0.0.1.127." -+ "0.0.1.127.0.0.1.127.0.0." /* 128 bytes "address" */, FALSE}, -+ { "127.0.0.1", "localhost,127.0.0.1.127.0.0.1.127.0.0.1.127.0.0.1." -+ "127.0.0.1.127.0.0.1.127.0.0.1.127.0.0.1.127.0.0.1.127.0.0.1.127." -+ "0.0.1.127.0.0.1.127.0.0" /* 127 bytes "address" */, FALSE}, -+ { "localhost", "localhost,127.0.0.1", TRUE}, -+ { "localhost", "127.0.0.1,localhost", TRUE}, - { "foobar", "barfoo", FALSE}, - { "foobar", "foobar", TRUE}, - { "192.168.0.1", "foobar", FALSE}, - diff --git a/net-misc/curl/files/curl-7.86.0-proxy-noproxy-tailmatching.patch b/net-misc/curl/files/curl-7.86.0-proxy-noproxy-tailmatching.patch deleted file mode 100644 index 15f5e64c91f3..000000000000 --- a/net-misc/curl/files/curl-7.86.0-proxy-noproxy-tailmatching.patch +++ /dev/null @@ -1,66 +0,0 @@ -https://bugs.gentoo.org/878365#c2 -https://github.com/curl/curl/issues/9821 -https://github.com/curl/curl/commit/b830f9ba9e94acf672cd191993ff679fa888838b - -From b830f9ba9e94acf672cd191993ff679fa888838b Mon Sep 17 00:00:00 2001 -From: Daniel Stenberg -Date: Fri, 28 Oct 2022 10:51:49 +0200 -Subject: [PATCH] noproxy: fix tail-matching - -Also ignore trailing dots in both host name and comparison pattern. - -Regression in 7.86.0 (from 1e9a538e05c0) - -Extended test 1614 to verify better. - -Reported-by: Henning Schild -Fixes #9821 -Closes #9822 ---- a/lib/noproxy.c -+++ b/lib/noproxy.c -@@ -153,9 +153,14 @@ bool Curl_check_noproxy(const char *name, const char *no_proxy) - } - else { - unsigned int address; -+ namelen = strlen(name); - if(1 == Curl_inet_pton(AF_INET, name, &address)) - type = TYPE_IPV4; -- namelen = strlen(name); -+ else { -+ /* ignore trailing dots in the host name */ -+ if(name[namelen - 1] == '.') -+ namelen--; -+ } - } - - while(*p) { -@@ -177,12 +182,23 @@ bool Curl_check_noproxy(const char *name, const char *no_proxy) - if(tokenlen) { - switch(type) { - case TYPE_HOST: -- if(*token == '.') { -- ++token; -- --tokenlen; -- /* tailmatch */ -- match = (tokenlen <= namelen) && -- strncasecompare(token, name + (namelen - tokenlen), namelen); -+ /* ignore trailing dots in the token to check */ -+ if(token[tokenlen - 1] == '.') -+ tokenlen--; -+ -+ if(tokenlen && (*token == '.')) { -+ /* A: example.com matches '.example.com' -+ B: www.example.com matches '.example.com' -+ C: nonexample.com DOES NOT match '.example.com' -+ */ -+ if((tokenlen - 1) == namelen) -+ /* case A, exact match without leading dot */ -+ match = strncasecompare(token + 1, name, namelen); -+ else if(tokenlen < namelen) -+ /* case B, tailmatch with leading dot */ -+ match = strncasecompare(token, name + (namelen - tokenlen), -+ tokenlen); -+ /* case C passes through, not a match */ - } - else - match = (tokenlen == namelen) && diff --git a/net-misc/curl/files/curl-7.88.0-http2.patch b/net-misc/curl/files/curl-7.88.0-http2.patch new file mode 100644 index 000000000000..49d90e901823 --- /dev/null +++ b/net-misc/curl/files/curl-7.88.0-http2.patch @@ -0,0 +1,93 @@ +https://github.com/curl/curl/commit/87ed650d04dc1a6f7944a5d952f7d5b0934a19ac +Author: Harry Sintonen +Date: Thu Feb 16 06:26:26 2023 +0200 + + http2: set drain on stream end + + Ensure that on_frame_recv() stream end will trigger a read if there is + pending data. Without this it could happen that the pending data is + never consumed. + + This combined with https://github.com/curl/curl/pull/10529 should fix + https://github.com/curl/curl/issues/10525 + + Ref: https://github.com/curl/curl/issues/10525 + Closes #10530 + +--- a/lib/http2.c ++++ b/lib/http2.c +@@ -868,6 +868,14 @@ static int on_frame_recv(nghttp2_session *session, const nghttp2_frame *frame, + return NGHTTP2_ERR_CALLBACK_FAILURE; + } + } ++ if(frame->hd.flags & NGHTTP2_FLAG_END_STREAM) { ++ /* Stream has ended. If there is pending data, ensure that read ++ will occur to consume it. */ ++ if(!data->state.drain && stream->memlen) { ++ drain_this(cf, data_s); ++ Curl_expire(data, 0, EXPIRE_RUN_NOW); ++ } ++ } + break; + case NGHTTP2_HEADERS: + DEBUGF(LOG_CF(data_s, cf, "[h2sid=%u] recv frame HEADERS", stream_id)); + +https://github.com/curl/curl/commit/3103de2053ca8cacf9cdbe78764ba6814481709f +Author: Stefan Eissing +Date: Wed Feb 15 22:11:13 2023 +0100 + + http2: buffer/pausedata and output flush fix. + + * do not process pending input data when copying pausedata to the + caller + * return CURLE_AGAIN if the output buffer could not be completely + written out. + + Ref: #10525 + Closes #10529 + +--- a/lib/http2.c ++++ b/lib/http2.c +@@ -467,6 +467,7 @@ static CURLcode flush_output(struct Curl_cfilter *cf, + } + if((size_t)written < buflen) { + Curl_dyn_tail(&ctx->outbuf, buflen - (size_t)written); ++ return CURLE_AGAIN; + } + else { + Curl_dyn_reset(&ctx->outbuf); +@@ -1790,6 +1791,7 @@ static ssize_t cf_h2_recv(struct Curl_cfilter *cf, struct Curl_easy *data, + + stream->pausedata += nread; + stream->pauselen -= nread; ++ drain_this(cf, data); + + if(stream->pauselen == 0) { + DEBUGF(LOG_CF(data, cf, "[h2sid=%u] Unpaused", stream->stream_id)); +@@ -1798,18 +1800,6 @@ static ssize_t cf_h2_recv(struct Curl_cfilter *cf, struct Curl_easy *data, + + stream->pausedata = NULL; + stream->pauselen = 0; +- +- /* When NGHTTP2_ERR_PAUSE is returned from +- data_source_read_callback, we might not process DATA frame +- fully. Calling nghttp2_session_mem_recv() again will +- continue to process DATA frame, but if there is no incoming +- frames, then we have to call it again with 0-length data. +- Without this, on_stream_close callback will not be called, +- and stream could be hanged. */ +- if(h2_process_pending_input(cf, data, err) != 0) { +- nread = -1; +- goto out; +- } + } + DEBUGF(LOG_CF(data, cf, "[h2sid=%u] recv: returns unpaused %zd bytes", + stream->stream_id, nread)); +@@ -1933,6 +1923,7 @@ static ssize_t cf_h2_recv(struct Curl_cfilter *cf, struct Curl_easy *data, + drained_transfer(cf, data); + } + ++ *err = CURLE_OK; + nread = retlen; + DEBUGF(LOG_CF(data, cf, "[h2sid=%u] cf_h2_recv -> %zd", + stream->stream_id, nread)); diff --git a/net-misc/curl/files/curl-7.88.0-test-gnuserv-tls-srp.patch b/net-misc/curl/files/curl-7.88.0-test-gnuserv-tls-srp.patch deleted file mode 100644 index fb9e89fd48cb..000000000000 --- a/net-misc/curl/files/curl-7.88.0-test-gnuserv-tls-srp.patch +++ /dev/null @@ -1,39 +0,0 @@ -https://github.com/curl/curl/commit/2fdc1d816ebf3c77f43068103bec1b3a3767881a.patch -From: Daniel Stenberg -Date: Wed, 15 Feb 2023 15:04:07 +0100 -Subject: [PATCH] tests: make sure gnuserv-tls has SRP support before using it - -Reported-by: fundawang on github -Fixes #10522 -Closes #10524 ---- a/tests/runtests.pl -+++ b/tests/runtests.pl -@@ -5382,7 +5382,7 @@ sub startservers { - elsif($what eq "httptls") { - if(!$httptlssrv) { - # for now, we can't run http TLS-EXT tests without gnutls-serv -- return "no gnutls-serv"; -+ return "no gnutls-serv (with SRP support)"; - } - if($torture && $run{'httptls'} && - !responsive_httptls_server($verbose, "IPv4")) { ---- a/tests/sshhelp.pm -+++ b/tests/sshhelp.pm -@@ -408,7 +408,16 @@ sub find_sshkeygen { - # Find httptlssrv (gnutls-serv) and return canonical filename - # - sub find_httptlssrv { -- return find_exe_file_hpath($httptlssrvexe); -+ my $p = find_exe_file_hpath($httptlssrvexe); -+ my @o = `$p -l`; -+ my $found; -+ for(@o) { -+ if(/Key exchange: SRP/) { -+ $found = 1; -+ last; -+ } -+ } -+ return $p if($found); - } - - diff --git a/net-misc/curl/files/curl-7.88.0-test-uninitialised-value.patch b/net-misc/curl/files/curl-7.88.0-test-uninitialised-value.patch deleted file mode 100644 index c5ce31d4e427..000000000000 --- a/net-misc/curl/files/curl-7.88.0-test-uninitialised-value.patch +++ /dev/null @@ -1,30 +0,0 @@ -https://github.com/curl/curl/commit/f1d09231adfc695d15995b9ef2c8c6e568c28091 -From: Daniel Stenberg -Date: Wed, 15 Feb 2023 13:03:21 +0100 -Subject: [PATCH] runtests: fix "uninitialized value $port" - -by using a more appropriate variable - -Reported-by: fundawang on github -Fixes #10518 -Closes #10520 ---- a/tests/runtests.pl -+++ b/tests/runtests.pl -@@ -1740,7 +1740,7 @@ sub runhttpserver { - } - - # where is it? -- my $port; -+ my $port = 0; - if(!$port_or_path) { - $port = $port_or_path = pidfromfile($portfile); - } -@@ -1758,7 +1758,7 @@ sub runhttpserver { - $pid2 = $pid3; - - if($verbose) { -- logmsg "RUN: $srvrname server is on PID $httppid port $port\n"; -+ logmsg "RUN: $srvrname server is on PID $httppid port $port_or_path\n"; - } - - return ($httppid, $pid2, $port); diff --git a/net-misc/curl/files/curl-7.88.0-tests.patch b/net-misc/curl/files/curl-7.88.0-tests.patch new file mode 100644 index 000000000000..81131dc6bc64 --- /dev/null +++ b/net-misc/curl/files/curl-7.88.0-tests.patch @@ -0,0 +1,120 @@ +https://github.com/curl/curl/commit/f1d09231adfc695d15995b9ef2c8c6e568c28091 +Author: Stefan Eissing +Date: Tue Feb 14 14:29:13 2023 +0100 + + tests: make the telnet server shut down a socket gracefully + + - test 1452 failed occasionally with ECONNRESET errnos in curl when the + server closed the connection in an unclean state. + + Closes #10509 + +--- a/tests/negtelnetserver.py ++++ b/tests/negtelnetserver.py +@@ -29,7 +29,9 @@ from __future__ import (absolute_import, division, print_function, + import argparse + import logging + import os ++import socket + import sys ++import time + + from util import ClosingFileHandler + +@@ -90,7 +92,7 @@ class NegotiatingTelnetHandler(socketserver.BaseRequestHandler): + neg.send_wont("NAWS") + + # Get the data passed through the negotiator +- data = neg.recv(1024) ++ data = neg.recv(4*1024) + log.debug("Incoming data: %r", data) + + if VERIFIED_REQ.encode('utf-8') in data: +@@ -109,6 +111,12 @@ class NegotiatingTelnetHandler(socketserver.BaseRequestHandler): + log.debug("Sending %r", response_data) + self.request.sendall(response_data) + ++ # put some effort into making a clean socket shutdown ++ # that does not give the client ECONNRESET ++ self.request.settimeout(0.1) ++ self.request.recv(4*1024) ++ self.request.shutdown(socket.SHUT_RDWR) ++ + except IOError: + log.exception("IOError hit during request") + + +https://github.com/curl/curl/commit/2fdc1d816ebf3c77f43068103bec1b3a3767881a +Author: Daniel Stenberg +Date: Wed Feb 15 15:04:07 2023 +0100 + + tests: make sure gnuserv-tls has SRP support before using it + + Reported-by: fundawang on github + Fixes #10522 + Closes #10524 + +--- a/tests/runtests.pl ++++ b/tests/runtests.pl +@@ -5382,7 +5382,7 @@ sub startservers { + elsif($what eq "httptls") { + if(!$httptlssrv) { + # for now, we can't run http TLS-EXT tests without gnutls-serv +- return "no gnutls-serv"; ++ return "no gnutls-serv (with SRP support)"; + } + if($torture && $run{'httptls'} && + !responsive_httptls_server($verbose, "IPv4")) { +--- a/tests/sshhelp.pm ++++ b/tests/sshhelp.pm +@@ -408,7 +408,16 @@ sub find_sshkeygen { + # Find httptlssrv (gnutls-serv) and return canonical filename + # + sub find_httptlssrv { +- return find_exe_file_hpath($httptlssrvexe); ++ my $p = find_exe_file_hpath($httptlssrvexe); ++ my @o = `$p -l`; ++ my $found; ++ for(@o) { ++ if(/Key exchange: SRP/) { ++ $found = 1; ++ last; ++ } ++ } ++ return $p if($found); + } + + + +https://github.com/curl/curl/commit/79d0b3c0c0bb00829f10ec139dbf3823c249ae72 +Author: Daniel Stenberg +Date: Wed Feb 15 13:03:21 2023 +0100 + + runtests: fix "uninitialized value $port" + + by using a more appropriate variable + + Reported-by: fundawang on github + Fixes #10518 + Closes #10520 + +--- a/tests/runtests.pl ++++ b/tests/runtests.pl +@@ -1740,7 +1740,7 @@ sub runhttpserver { + } + + # where is it? +- my $port; ++ my $port = 0; + if(!$port_or_path) { + $port = $port_or_path = pidfromfile($portfile); + } +@@ -1758,7 +1758,7 @@ sub runhttpserver { + $pid2 = $pid3; + + if($verbose) { +- logmsg "RUN: $srvrname server is on PID $httppid port $port\n"; ++ logmsg "RUN: $srvrname server is on PID $httppid port $port_or_path\n"; + } + + return ($httppid, $pid2, $port); diff --git a/net-misc/httpstat/Manifest b/net-misc/httpstat/Manifest index 4f8ad87f7600..608084dc54df 100644 --- a/net-misc/httpstat/Manifest +++ b/net-misc/httpstat/Manifest @@ -1,4 +1,6 @@ AUX httpstat-1.2.1-gentoo-tests.patch 840 BLAKE2B 478fc8c29c816be383def1d2f2194fe7d0fb888487c45afeba9b3a7808bbc01cbf1c836ee14b5f57115e19a1f63537736d137e19b3e1eac9b8af65f3519d5142 SHA512 6e904552c42e8d5cc9f6b298902601cb7ce1304ba2c85f0910f508ac09e5257562e7ed94fb0462512f02caff2a83fa2bb6ec35045a720e25c4f91e976cd1c99b +DIST httpstat-1.3.1.gh.tar.gz 97691 BLAKE2B f7a5388c3891c1caac654c6c9be425864e2a037eba2e12229ec72c847864f7be23b64d5450ebb42f976335f5b6ca878f1ee555ee3b2178c1a10c5969f883604d SHA512 bca91afe14d50af37c741ca4baa7d3843b010bb6dc012c72bd28c43f59099c20628cadc4dd80652dffeb1d26fb07f5cf156a3f6bf9eba1f6e121d4b250020b46 DIST httpstat-1.3.1.tar.gz 97691 BLAKE2B f7a5388c3891c1caac654c6c9be425864e2a037eba2e12229ec72c847864f7be23b64d5450ebb42f976335f5b6ca878f1ee555ee3b2178c1a10c5969f883604d SHA512 bca91afe14d50af37c741ca4baa7d3843b010bb6dc012c72bd28c43f59099c20628cadc4dd80652dffeb1d26fb07f5cf156a3f6bf9eba1f6e121d4b250020b46 -EBUILD httpstat-1.3.1.ebuild 650 BLAKE2B dff7a361afc34a88850fbebbc196db223250025ce94f56afe647b30a02185481cef8355eec8049fbce9954da125da02ea9c4a8ab40a688ab29b0e54ba3eb172f SHA512 f2cab75573ad3883310ff6d5223df7674a2413216d6a6fee8fc40d9d1bd99eb2f3cfecba09da67624fbb0d610aa98472043493395a95060e2b188829ecd16a09 +EBUILD httpstat-1.3.1-r1.ebuild 687 BLAKE2B 2666f7cbc751f475732fd608e427994bdccf94f29b020451224685fab32bac4063c5ee46ace7b45936f68a40f6fd68dc5d64a966fad50a78a24409098a1065f0 SHA512 c007488b482133402b22df9b7590d84bb92fcd1c4daefcff126e8c3d78e6222c99fb80b818981f3b7dffe0bde369ba7c783c6f1f3233943d62aeb7b2a27f1f56 +EBUILD httpstat-1.3.1.ebuild 650 BLAKE2B 3544466383b4f602a0dcc269b2912733529dcb093cbeac44d031767ec1c0e434d720f6166e011b59c48b62b1c59ccb88d928d66082921b4bf6727a98b66fbd50 SHA512 d523477dfabcca81c68eeefd51673c72a6c7bf3c97ee70c0cf5ecfdf5988636693cfc0c548e97e4efeb1652f7f67b07ca224f5affea58450011d70cfb152430c MISC metadata.xml 379 BLAKE2B 2bf8e348f9314b52a7229deeee8552e1a60e7942b078548f4ad5cc6b80ac6736f9e4564b617ca76788f948615074c409cd23603e73644b60b91b197aefeffaca SHA512 d1f896253bd8562247f3799f32f28d7408faff5d6e598ebc34e4b781691b2a5b2c61e3eabc3e01f0ad55d80660ce0501e8a95d3795f27d14d70de9f727ab5295 diff --git a/net-misc/httpstat/httpstat-1.3.1-r1.ebuild b/net-misc/httpstat/httpstat-1.3.1-r1.ebuild new file mode 100644 index 000000000000..da4d547a2347 --- /dev/null +++ b/net-misc/httpstat/httpstat-1.3.1-r1.ebuild @@ -0,0 +1,28 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DISTUTILS_USE_PEP517=setuptools +PYTHON_COMPAT=( python3_{9..11} pypy3 ) +inherit distutils-r1 + +DESCRIPTION="httpstat visualizes cURL statistics in a way of beauty and clarity" +HOMEPAGE="https://github.com/reorx/httpstat" +SRC_URI="https://github.com/reorx/${PN}/archive/${PV}.tar.gz -> ${P}.gh.tar.gz" + +LICENSE="MIT" +SLOT="0" +KEYWORDS="~amd64 ~x86" + +RDEPEND="net-misc/curl:*" + +# Requires access to google.com and http2.akamai.com +RESTRICT="test" +PROPERTIES="test_network" + +PATCHES=( "${FILESDIR}"/${PN}-1.2.1-gentoo-tests.patch ) + +python_test() { + ./httpstat_test.sh || die +} diff --git a/net-misc/httpstat/httpstat-1.3.1.ebuild b/net-misc/httpstat/httpstat-1.3.1.ebuild index 9e8d0bbbcdc6..381ef2db3345 100644 --- a/net-misc/httpstat/httpstat-1.3.1.ebuild +++ b/net-misc/httpstat/httpstat-1.3.1.ebuild @@ -3,7 +3,7 @@ EAPI=7 -PYTHON_COMPAT=( python3_{9..10} pypy3 ) +PYTHON_COMPAT=( python3_{9..11} pypy3 ) inherit distutils-r1 DESCRIPTION="httpstat visualizes cURL statistics in a way of beauty and clarity" diff --git a/net-misc/miniupnpd/Manifest b/net-misc/miniupnpd/Manifest index 22dbfb42d79d..8f0b37af6dbb 100644 --- a/net-misc/miniupnpd/Manifest +++ b/net-misc/miniupnpd/Manifest @@ -4,6 +4,9 @@ DIST miniupnpd-2.3.1.tar.gz 258050 BLAKE2B c11e3ecb3f1c6b97dfa1acfbc5f844f0bbdae DIST miniupnpd-2.3.1.tar.gz.sig 543 BLAKE2B 7211174bf1fa2244fafa1df63c3f872a8c557845840fa83f7cdc6264f6692fa5b4919d8c086e78253451497d55fca22300894a8d0e0bde58dbf8baaa6d8e4a26 SHA512 c661f8e028f0a3d96cc943dacd85414570473cd6805c2215531d14f355da2cee3695083807c91218eabbb9d40efed3c8f1c0178cff9461bf92202b4a948088c7 DIST miniupnpd-2.3.2.tar.gz 259686 BLAKE2B fe451773be25fd7f5941f89b35a4c94f0bebd5ece93d3b3c526c3c0e1c436773a2c403eb407cde397565ef4ec8f50441a64890bb89a56a9006a6c4556e707cef SHA512 f0956b8f2e52fc9257f6512d780d17c920f6635afaeee604056f3b2afccbfda3f5e65d95d16f1d883bd9e7f4e372856cae620fabcf79c7c87e3f56bbcc089acc DIST miniupnpd-2.3.2.tar.gz.sig 543 BLAKE2B 8c571eb454f6f31757b699c8a06e0b5ade575e058356aad7cdf727caf8f7a6563e98dde31d242cb1fadf136cf2c7bebbc32483c154f2538c1414f04299f40e38 SHA512 2a90aef1c1ca6210ddf5e29d75b0b0dc5daca949732b54a9bcd8230ecd8a4c3d5175b6561a68e180caa70547bcbd533994cad08c21630dd294190d0843cb2f8f +DIST miniupnpd-2.3.3.tar.gz 260079 BLAKE2B 4b32e05bc7002bc7edc946f01b1984f3d184e0e9949a9685ffa5351ece9dacc09dc48567cc6f68972343a1921f4ceb5c541d4b557c4991f311289a511c492efa SHA512 98915e3c1410d6753a58133596bad012fea205f36ae4991c2cf4b358d1e905e029287cfcf1aa97283c2e3c1cb8c20655bff35d49a37ae8756739e33c4ae3e7ef +DIST miniupnpd-2.3.3.tar.gz.sig 543 BLAKE2B 33b6166ba64a7a7c1b019c84d8a623d2905f32b41ea6b7cfd96c180e3d8738af264b5f073a9503c037f4609f15cb73f039701368eba63764de9edc79159961f6 SHA512 f2b167fec659e2f366ac180e8245c35e2907f5fb6be31fb62aad072e8a67868b995dd9400b4f41ebdfe2dcb46df583e5a1d6260f93c9b3eb25ba46bc7f6106dd EBUILD miniupnpd-2.3.1.ebuild 2369 BLAKE2B 659831e2b43aacc6617f4dbcf3470fd3c1b207b0e5d500bad5652cdbaa948d1f039d68ed729ee7c0c8611c0bd81b17da0fb8ee781821594519e4f4af107128e2 SHA512 f531e27530ffa29cc82b5c36669a294fc14345e5ac5040b2d585d4e6eb0ed5514605fe2542bd3d9327f37d50d1d0fdd69e75b4042970ddbf7e943d2d399db4cf EBUILD miniupnpd-2.3.2.ebuild 2369 BLAKE2B 4b344617ba59e7026254763dcaf0e12f5fce66bc24caccd8d07779cf4c302f054eaf44845142fee695abeae5b2c4e51aca6d1cd0a26c32ef9aff5da0f337df37 SHA512 0a92aaf374102cf34d289618537867452741a5ae8750a247eecdc62b223ab5ae3b33253cc84c3a35d644cc7402d83122ba61981c690f8e2ea7b75f3cee8fe26c +EBUILD miniupnpd-2.3.3.ebuild 2369 BLAKE2B 4b344617ba59e7026254763dcaf0e12f5fce66bc24caccd8d07779cf4c302f054eaf44845142fee695abeae5b2c4e51aca6d1cd0a26c32ef9aff5da0f337df37 SHA512 0a92aaf374102cf34d289618537867452741a5ae8750a247eecdc62b223ab5ae3b33253cc84c3a35d644cc7402d83122ba61981c690f8e2ea7b75f3cee8fe26c MISC metadata.xml 985 BLAKE2B 4df9a4cf573d7aa45b80bc5062682325c3e063fd4b6147164dcc2a4e1b859def25df4541e1859c8843153c9de3a74557a3b66c94b69a65a94162752e177a907e SHA512 2068b103e2804c899ab17f63ae0aaf46442252067d6a8c12e7cc94c0b8760f5d764cf4124be78079236611cd05d7c5016b1b08499d1c265c561193344dfdeba6 diff --git a/net-misc/miniupnpd/miniupnpd-2.3.3.ebuild b/net-misc/miniupnpd/miniupnpd-2.3.3.ebuild new file mode 100644 index 000000000000..0bed1072de26 --- /dev/null +++ b/net-misc/miniupnpd/miniupnpd-2.3.3.ebuild @@ -0,0 +1,108 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit toolchain-funcs verify-sig + +DESCRIPTION="MiniUPnP IGD Daemon" +HOMEPAGE=" + http://miniupnp.free.fr/ + https://miniupnp.tuxfamily.org/ + https://github.com/miniupnp/miniupnp/ +" +SRC_URI=" + https://miniupnp.tuxfamily.org/files/${P}.tar.gz + verify-sig? ( + https://miniupnp.tuxfamily.org/files/${P}.tar.gz.sig + ) +" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~x86" +IUSE="+leasefile igd2 ipv6 nftables pcp-peer portinuse strict" + +RDEPEND=" + dev-libs/gmp:0= + sys-apps/util-linux:= + dev-libs/openssl:0= + !nftables? ( + >=net-firewall/iptables-1.4.6:0=[ipv6(+)?] + net-libs/libnfnetlink:= + net-libs/libmnl:= + ) + nftables? ( + net-firewall/nftables + net-libs/libnftnl:= + net-libs/libmnl:= + ) +" +DEPEND=" + ${RDEPEND} + elibc_musl? ( sys-libs/queue-standalone ) +" +BDEPEND=" + sys-apps/lsb-release + verify-sig? ( sec-keys/openpgp-keys-miniupnp ) +" + +VERIFY_SIG_OPENPGP_KEY_PATH=${BROOT}/usr/share/openpgp-keys/miniupnp.asc + +src_prepare() { + default + + # fails without a default route + sed -i -e 's:EXTIF=.*:EXTIF=lo:' testgetifaddr.sh || die +} + +src_configure() { + local opts=( + --vendorcfg + $(usex igd2 '--igd2' '') + $(usex ipv6 '--ipv6' '') + $(usex leasefile '--leasefile' '') + $(usex portinuse '--portinuse' '') + $(usex pcp-peer '--pcp-peer' '') + $(usex strict '--strict' '') + --firewall=$(usex nftables nftables iptables) + ) + + # custom script + ./configure "${opts[@]}" || die + # prevent gzipping manpage + sed -i -e '/gzip/d' Makefile || die +} + +src_compile() { + # By default, it builds a bunch of unittests that are missing wrapper + # scripts in the tarball + emake CC="$(tc-getCC)" STRIP=true miniupnpd +} + +src_test() { + emake CC="$(tc-getCC)" check +} + +src_install() { + emake PREFIX="${ED}" STRIP=true install + + local confd_seds=() + if use nftables; then + confd_seds+=( -e 's/^iptables_scripts=/#&/' ) + else + confd_seds+=( -e 's/^nftables_scripts=/#&/' ) + fi + if ! use ipv6 || use nftables; then + confd_seds+=( -e 's/^ip6tables_scripts=/#&/' ) + fi + + newinitd "${FILESDIR}"/${PN}-init.d-r2 ${PN} + newconfd - ${PN} < <(sed "${confd_seds[@]}" \ + "${FILESDIR}"/${PN}-conf.d-r2 || die) +} + +pkg_postinst() { + elog "Please correct the external interface in the top of the two" + elog "scripts in /etc/miniupnpd and edit the config file in there too" +} -- cgit v1.2.3