From 48e7f15d37baf7167041b2ab0e2a19a703e5c99f Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Mon, 1 Apr 2024 08:13:46 +0100 Subject: gentoo auto-resync : 01:04:2024 - 08:13:46 --- net-misc/Manifest.gz | Bin 54969 -> 54973 bytes net-misc/curl/Manifest | 10 +- net-misc/curl/curl-8.5.0-r3.ebuild | 1 + net-misc/curl/curl-8.6.0-r1.ebuild | 367 --------------------- net-misc/curl/curl-8.6.0-r2.ebuild | 367 +++++++++++++++++++++ net-misc/curl/curl-8.7.1-r1.ebuild | 366 ++++++++++++++++++++ net-misc/curl/curl-8.7.1.ebuild | 366 -------------------- .../curl-8.6.0-backport-rustls-detection.patch | 256 -------------- net-misc/curl/files/curl-8.6.0-rustls-fixes.patch | 252 ++++++++++++++ .../files/curl-8.7.1-fix-pkgconfig-macros.patch | 39 --- net-misc/curl/files/curl-8.7.1-rustls-fixes.patch | 49 +++ net-misc/passt/Manifest | 4 +- net-misc/passt/passt-2024.03.26.ebuild | 40 +++ net-misc/passt/passt-9999.ebuild | 4 +- 14 files changed, 1085 insertions(+), 1036 deletions(-) delete mode 100644 net-misc/curl/curl-8.6.0-r1.ebuild create mode 100644 net-misc/curl/curl-8.6.0-r2.ebuild create mode 100644 net-misc/curl/curl-8.7.1-r1.ebuild delete mode 100644 net-misc/curl/curl-8.7.1.ebuild delete mode 100644 net-misc/curl/files/curl-8.6.0-backport-rustls-detection.patch create mode 100644 net-misc/curl/files/curl-8.6.0-rustls-fixes.patch delete mode 100644 net-misc/curl/files/curl-8.7.1-fix-pkgconfig-macros.patch create mode 100644 net-misc/curl/files/curl-8.7.1-rustls-fixes.patch create mode 100644 net-misc/passt/passt-2024.03.26.ebuild (limited to 'net-misc') diff --git a/net-misc/Manifest.gz b/net-misc/Manifest.gz index df684064bd8d..b4386465b70c 100644 Binary files a/net-misc/Manifest.gz and b/net-misc/Manifest.gz differ diff --git a/net-misc/curl/Manifest b/net-misc/curl/Manifest index 2b4dbb7407e7..0da7bcbf2cd0 100644 --- a/net-misc/curl/Manifest +++ b/net-misc/curl/Manifest @@ -1,8 +1,8 @@ AUX curl-8.5.0-ipv6-configure-c99.patch 749 BLAKE2B b9d94d4ec5c310f8d3985eb6e4a17cd12b8aec696c015c41e94fe7eee2cced4d6ed1f192f3dbe4877a33f5102522844b63a11039fd285371472f282065cf2894 SHA512 cc04189480055a82fc264fcf3b70a3a748bccaec5f263340c41aabde600ea020fd2bce46461d4f75f5ed7708cfc5a0afcf95e6f1d098333c3968b75169a27a93 AUX curl-8.5.0-mpd-stream-http-adjust_pollset.patch 2979 BLAKE2B da34eb58eb8b706916657279bc071ab97145e33e7e7eb553ffe924be7a97e3d784d5e2fc8270363e95e815687201b6fae1b374dc666093441c5177bfe76eb835 SHA512 11ed5f8482d985aab4e7ab07f0e8821d76a494d0147a61ce7901379cd1f36f577c544627f5ad61a38b70e9e4659fc050c5b9e0be4247ab410f55850a946872d1 -AUX curl-8.6.0-backport-rustls-detection.patch 8387 BLAKE2B 2a77c15f40807b1b19831a8bdd2401fd42297c95b6c66463d5ec8fafc95036796f2f862a258f7825f728f30e886f658fdfff796eebe0e093d7b8758ccfc360a3 SHA512 8f5de7b048f439d0d5da35abb079dfa7a2a9e1fd130ebc7c7b10f06ab66b4adc76ce0b26a80470f57caed64ee2909ef6bd155261edb1cdca037335bc67b91bfc +AUX curl-8.6.0-rustls-fixes.patch 8210 BLAKE2B 8c25023f84ba897eca22d53937259131d8c6032d428ec2ef6f7d696a2634fbb2af298228463209a170bd7ab0ee40f0975a01a331dced24d1ea51c935a3d3b3be SHA512 8737a18d03b1f159c69864e127087bf297077c546ab5a05ff01977a9dfc9e8cf2d4ae14a4091e8f1d8aedcd4f6de894f0b5374baaaf4413bff9bd6de6165a556 AUX curl-8.6.0-vtls-revert-receive-max-buffer-add-test-case.patch 2028 BLAKE2B b018e0fc5649b558e732a903eafe1249575829613b129ceaaaeeae3c7fc9f5c237c3688067c2370dc3ad1d67632acdfb805efa93db4e8bd8d6dd8b2f5043e2b5 SHA512 d8d4eb0b294d243f5c241e0243ca41e28b12aa8804a4f8c73e2ab70edd52de9be2b7a26b706085e10ae4a9c31545112cd4b68dcda6647571bb8d5528b7625de6 -AUX curl-8.7.1-fix-pkgconfig-macros.patch 1228 BLAKE2B c2a3db1fe29ed3023e0f3279f23426474747d44fc7f09c0fd25f2a43e02df1cd7b0f5ff9a11a5e795eb9fd2373117bd88202d79b64d8ed2c97f37251860f8812 SHA512 3a0a86dcdf3c12c2b234ac776c266d2eb4c11545e86219d3533f6e63196be9fc531d72a2d34d3bffdf5e7487bdda92a03a3ebe6910d9ab7601fd9873f4bd695c +AUX curl-8.7.1-rustls-fixes.patch 1526 BLAKE2B c1ce730bc1d78d9655378a174b32706bc964e07b1b4fde5385212542bf0c85b2adfa8110266410b6d8766bb2ca5c46a58295d7098ab4acb71acb0a5dbd6d5d20 SHA512 7ca3004306595ead6057bbbfa6dcbb5d7b8b7782a7627e5607a916fff8626b4c3bfb2cbac48aa0e65a93b3c4fb0f87a7ee09273f1f9b1eadb9126fbcc4a72ce2 AUX curl-prefix.patch 880 BLAKE2B 5b7552a8339014221864a585d174b02a96ec7dd7fe8762d331d1981834044f8ec4db64d527a4ded3f5f4cccc86f281576668de092439eb19f5477d5fcf8369cf SHA512 c7cd13b9ccbd12ed01ea121ffece9c23b898a5b34698bae59ae1dd23b1cf2445180b84d80c4a640981f16dba5018df944f405dd5c660addab54ca21e0e673b7f AUX curl-respect-cflags-3.patch 406 BLAKE2B 1b533144858aff5566150c4a2648ad2e48e8ff29849ae285592edfee4b3332d06e750395dea7190ee6a01d2b5ee2c2c42c10400c2e5defa09963a90a1a10417d SHA512 3219e4e67d534e35012909243fc8d69d58989462db44dd507c502e7aaa299f1d9a01392e2c83797cc2bdb53d503470c5d6e7bf94572a6ccc6e5eafcc0466bc54 DIST curl-8.5.0.tar.xz 2658520 BLAKE2B cfd591f9703b9c63712dbe74494b05a80ce5a4fc4f8fc0fbf57058578eed5f33d71277f688d5d9f409bcd82e3a4cacaa5615a44f2a7c554559c6be7dd5188893 SHA512 acffa2cf61d9b8e4188575a1b40227da8d722df2e5fe8bb82a222b4eb2fd64bf8aebd90852ce050c79fb5e517d5cee2546bf7de92ede1dd394263e231cb741a3 @@ -11,8 +11,8 @@ DIST curl-8.6.0.tar.xz 2630108 BLAKE2B 1b01de396008d57e154e2b5fc1acf1dd000703fa5 DIST curl-8.6.0.tar.xz.asc 488 BLAKE2B 18d7583a9aa6a278bea5a8a74461ff06f45ec418cd4542b015c74091c353b340afcc5dfe7e5e99f0b9fac7de9251164044a85e4f6665bf042636868a2c613d0a SHA512 2b835bb4b307e5e1c929b7136c5acfb9f6f06efa471ac27060336cabcfac40e02143f40434986c5e6817d4a9562b09efa8ff3168beed310a45453148cc1b5c8f DIST curl-8.7.1.tar.xz 2707016 BLAKE2B a2a9f48d0b69c0d92fcbbda535ce55082a5243abe3ab2db80d6fa3f32fb2c98b65026d69fc45c94e966398cf9ba8d9c95b6b91f4768b54749ed3275dd21838ef SHA512 5bbde9d5648e9226f5490fa951690aaf159149345f3a315df2ba58b2468f3e59ca32e8a49734338afc861803a4f81caac6d642a4699b72c6310ebfb1f618aad2 DIST curl-8.7.1.tar.xz.asc 488 BLAKE2B 1c91d116aecc8e98d8ec3aad68b7c96f11151e6c2716f531e5d2989e9b6b1199e180603673891d7967cdcdaee1d6b5e15160ccabe9b51590e2887022db03c2ed SHA512 f98c393997c4a32f545a8982226e8cd612395210915a4576c2ce227d0f650cff341be7bf15e989d1789abf32ac4fd9c190b9250b81e650b569e8532048746b37 -EBUILD curl-8.5.0-r3.ebuild 11033 BLAKE2B 79723d0a812be90d2f758a0170ce014464ea0e6f5b4bae60508f8d4169b35132a73aeeb68c05165c471821d340fc70bdaecd196507ba54bdd6449f580f1e16ab SHA512 6c45139a87c5b48980cf533a169241657439e0a156b67a75770d3530a4984e0be0ac6bb98a560dc8e7b9436865ead3601b1c6347f5f781cf46175fc7f52f208b -EBUILD curl-8.6.0-r1.ebuild 10895 BLAKE2B 0589f67919cc317a0704a132bc8c36960219c686ce10957fa3c437c0479e6ed000d9d5cbf2045acecc2a369207b9a5b06ecd8938609a42babffdfa8a86bac310 SHA512 29a821850b5ace4161101d6034daf248fa449498a2551a4a704df7b39fbea28d115213661bc7d831a1757e700e71dfd332463f9793eec5de723c84d2e314ad97 -EBUILD curl-8.7.1.ebuild 10826 BLAKE2B 8feea206d4a45ed3f1b72a58efe06f2390acc6998c09c78ea83624b1d87da4bbcc621a4fba78ea17d0eab34fda7e19bf14b18ffd9c49fbbd6c095422b07e07b8 SHA512 5f2560ce6acd2706c33aa00e2caa47ec3371a6e88685388dd4e354d17f4950f9a1785d5861189ad8cad378d6701630be07c1da59c537295ce8c55290ec7d67b4 +EBUILD curl-8.5.0-r3.ebuild 11079 BLAKE2B 6d975ad2d3591ea6de6a248ddd1acb049f0cd5d0a371eb487c6a4d193084a5e684673bd55860ac838a48a4c66d11f778b37a253bd325abba5ab545a65bd1bfb5 SHA512 33b5a05de99819327fac0af5ec94790be3953086b2996cb6628cbfb6be959f64a6b5a8d2015371eacd6945be768e3fe1bae67773b512599d127c298c66858c91 +EBUILD curl-8.6.0-r2.ebuild 10882 BLAKE2B 1d706f59390420fae5c19b6615aa6cf07387e0d53ef90d5dcabc9aa75c1435eb89f587f9dda1c9a179b5c71a86897a80008a847145bce2216bcb6a22e1345ad2 SHA512 5f48ab69e84695c8b25675ba5bf32072a74f12e488d30dce653447a65d21f1be0f2a2a34f77608939ed0bd2763e3a86c1ab8b57312f691815b6ce93bf424383d +EBUILD curl-8.7.1-r1.ebuild 10869 BLAKE2B 405e8cc4d0c6ec696d7b6fa97330d3ff6cfb6420cc7239cd56df3416066f6309093f6eba23a3cca964b6ca98850b7e9de785c81a2a42a4fafc31e70a1258dfe1 SHA512 c1914cae9f108a386c39bd1def774e77acfeb617da093fd2ad48c1e47cdd75b53cf5dd20bfdd4f4201518b76f76798013d99e3e27c337d7e2f91d619018a1335 EBUILD curl-9999.ebuild 10771 BLAKE2B 48c610c3ea379320360d48a6473b9db17f7d8ffb895fde8e602e14822f5d8d56d2a9fc499f1302a4bb941581a9b8e082b1aa799222c8aa9c9faf546776ba671a SHA512 9afd073cdbb994726349e8ffd33ab994e64b0fc1f19574343bb0f22953dbb16471b332271478bf0d016c709f82acdf633075c9b55daf286dea9ffa5a927bb6de MISC metadata.xml 2090 BLAKE2B 54d366aadfc25650c40081ff10eb150bcb9811a29f802c418afce166c384e2bafc999ff7e69ceeb25a96e952d4875d808e8e89240b437741cd363fab46267a25 SHA512 2103a849b67f9a14a85eb769b870e7272bf8f9c78ca579b4271150be01f26787a884614bff874d50f90be99af4a6ecb136510fca2837463e0bc91611ddbeae40 diff --git a/net-misc/curl/curl-8.5.0-r3.ebuild b/net-misc/curl/curl-8.5.0-r3.ebuild index d9c017b22b2b..1ea9264041c8 100644 --- a/net-misc/curl/curl-8.5.0-r3.ebuild +++ b/net-misc/curl/curl-8.5.0-r3.ebuild @@ -132,6 +132,7 @@ PATCHES=( "${FILESDIR}"/${PN}-respect-cflags-3.patch "${FILESDIR}"/${P}-ipv6-configure-c99.patch "${FILESDIR}"/${P}-mpd-stream-http-adjust_pollset.patch + "${FILESDIR}"/${PN}-8.6.0-rustls-fixes.patch ) src_prepare() { diff --git a/net-misc/curl/curl-8.6.0-r1.ebuild b/net-misc/curl/curl-8.6.0-r1.ebuild deleted file mode 100644 index f48e3df12d7c..000000000000 --- a/net-misc/curl/curl-8.6.0-r1.ebuild +++ /dev/null @@ -1,367 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/danielstenberg.asc -inherit autotools multilib-minimal multiprocessing prefix toolchain-funcs verify-sig - -DESCRIPTION="A Client that groks URLs" -HOMEPAGE="https://curl.se/" - -if [[ ${PV} == 9999 ]]; then - inherit git-r3 - EGIT_REPO_URI="https://github.com/curl/curl.git" -else - SRC_URI=" - https://curl.se/download/${P}.tar.xz - verify-sig? ( https://curl.se/download/${P}.tar.xz.asc ) - " - KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" -fi - -LICENSE="BSD curl ISC test? ( BSD-4 )" -SLOT="0" -IUSE="+adns +alt-svc brotli +ftp gnutls gopher +hsts +http2 idn +imap kerberos ldap mbedtls nghttp3 +openssl +pop3" -IUSE+=" +psl +progress-meter rtmp rustls samba +smtp ssh ssl sslv3 static-libs test telnet +tftp websockets zstd" -# These select the default SSL implementation -IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls +curl_ssl_openssl curl_ssl_rustls" -RESTRICT="!test? ( test )" - -# Only one default ssl provider can be enabled -# The default ssl provider needs its USE satisfied -# nghttp3 = https://bugs.gentoo.org/912029 -REQUIRED_USE=" - ssl? ( - ^^ ( - curl_ssl_gnutls - curl_ssl_mbedtls - curl_ssl_openssl - curl_ssl_rustls - ) - ) - curl_ssl_gnutls? ( gnutls ) - curl_ssl_mbedtls? ( mbedtls ) - curl_ssl_openssl? ( openssl ) - curl_ssl_rustls? ( rustls ) - nghttp3? ( - !openssl - alt-svc ) -" - -# cURL's docs and CI/CD are great resources for confirming supported versions -# particulary for fast-moving targets like HTTP/2 and TCP/2 e.g.: -# - https://github.com/curl/curl/blob/master/docs/INTERNALS.md (core dependencies + minimum versions) -# - https://github.com/curl/curl/blob/master/docs/HTTP3.md (example of a feature that moves quickly) -# - https://github.com/curl/curl/blob/master/.github/workflows/quiche-linux.yml (CI/CD for TCP/2) -# However 'supported' vs 'works' are two entirely different things; be sane but -# don't be afraid to require a later version. - -RDEPEND=" - >=sys-libs/zlib-1.1.4[${MULTILIB_USEDEP}] - adns? ( net-dns/c-ares:=[${MULTILIB_USEDEP}] ) - brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] ) - http2? ( >=net-libs/nghttp2-1.12.0:=[${MULTILIB_USEDEP}] ) - idn? ( net-dns/libidn2:=[static-libs?,${MULTILIB_USEDEP}] ) - kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) - ldap? ( >=net-nds/openldap-2.0.0:=[static-libs?,${MULTILIB_USEDEP}] ) - nghttp3? ( - >=net-libs/nghttp3-0.15.0[${MULTILIB_USEDEP}] - >=net-libs/ngtcp2-0.19.1[gnutls,ssl,-openssl,${MULTILIB_USEDEP}] - ) - psl? ( net-libs/libpsl[${MULTILIB_USEDEP}] ) - rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] ) - ssh? ( >=net-libs/libssh2-1.0.0[${MULTILIB_USEDEP}] ) - ssl? ( - gnutls? ( - app-misc/ca-certificates - >=net-libs/gnutls-3.1.10:=[static-libs?,${MULTILIB_USEDEP}] - dev-libs/nettle:=[${MULTILIB_USEDEP}] - ) - mbedtls? ( - app-misc/ca-certificates - net-libs/mbedtls:=[${MULTILIB_USEDEP}] - ) - openssl? ( - >=dev-libs/openssl-0.9.7:=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}] - ) - rustls? ( - ~net-libs/rustls-ffi-0.10.0:=[${MULTILIB_USEDEP}] - ) - ) - zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] ) -" - -DEPEND="${RDEPEND}" - -BDEPEND=" - dev-lang/perl - virtual/pkgconfig - test? ( - sys-apps/diffutils - http2? ( >=net-libs/nghttp2-1.15.0:=[utils,${MULTILIB_USEDEP}] ) - nghttp3? ( net-libs/nghttp2:=[utils,${MULTILIB_USEDEP}] ) - ) - verify-sig? ( sec-keys/openpgp-keys-danielstenberg ) -" - -DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} ) - -MULTILIB_WRAPPED_HEADERS=( - /usr/include/curl/curlbuild.h -) - -MULTILIB_CHOST_TOOLS=( - /usr/bin/curl-config -) - -QA_CONFIG_IMPL_DECL_SKIP=( - __builtin_available - closesocket - CloseSocket - getpass_r - ioctlsocket - IoctlSocket - mach_absolute_time - setmode - _fseeki64 -) - -PATCHES=( - "${FILESDIR}"/${PN}-prefix.patch - "${FILESDIR}"/${PN}-respect-cflags-3.patch - "${FILESDIR}"/${P}-vtls-revert-receive-max-buffer-add-test-case.patch - "${FILESDIR}"/${P}-backport-rustls-detection.patch -) - -src_prepare() { - default - - eprefixify curl-config.in - eautoreconf -} - -multilib_src_configure() { - # We make use of the fact that later flags override earlier ones - # So start with all ssl providers off until proven otherwise - # TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/) - local myconf=() - - myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt ) - if use ssl; then - myconf+=( --without-gnutls --without-mbedtls --without-rustls ) - - if use gnutls; then - multilib_is_native_abi && einfo "SSL provided by gnutls" - myconf+=( --with-gnutls ) - fi - if use mbedtls; then - multilib_is_native_abi && einfo "SSL provided by mbedtls" - myconf+=( --with-mbedtls ) - fi - if use openssl; then - multilib_is_native_abi && einfo "SSL provided by openssl" - myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs ) - fi - if use rustls; then - multilib_is_native_abi && einfo "SSL provided by rustls" - myconf+=( --with-rustls ) - fi - if use curl_ssl_gnutls; then - multilib_is_native_abi && einfo "Default SSL provided by gnutls" - myconf+=( --with-default-ssl-backend=gnutls ) - elif use curl_ssl_mbedtls; then - multilib_is_native_abi && einfo "Default SSL provided by mbedtls" - myconf+=( --with-default-ssl-backend=mbedtls ) - elif use curl_ssl_openssl; then - multilib_is_native_abi && einfo "Default SSL provided by openssl" - myconf+=( --with-default-ssl-backend=openssl ) - elif use curl_ssl_rustls; then - multilib_is_native_abi && einfo "Default SSL provided by rustls" - myconf+=( --with-default-ssl-backend=rustls ) - else - eerror "We can't be here because of REQUIRED_USE." - die "Please file a bug, hit impossible condition w/ USE=ssl handling." - fi - - else - myconf+=( --without-ssl ) - einfo "SSL disabled" - fi - - # These configuration options are organized alphabetically - # within each category. This should make it easier if we - # ever decide to make any of them contingent on USE flags: - # 1) protocols first. To see them all do - # 'grep SUPPORT_PROTOCOLS configure.ac' - # 2) --enable/disable options second. - # 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort - # 3) --with/without options third. - # grep -- --with configure | grep Check | awk '{ print $4 }' | sort - - myconf+=( - $(use_enable alt-svc) - --enable-basic-auth - --enable-bearer-auth - --enable-digest-auth - --enable-kerberos-auth - --enable-negotiate-auth - --enable-aws - --enable-dict - --disable-ech - --enable-file - $(use_enable ftp) - $(use_enable gopher) - $(use_enable hsts) - --enable-http - $(use_enable imap) - $(use_enable ldap) - $(use_enable ldap ldaps) - --enable-ntlm - --disable-ntlm-wb - $(use_enable pop3) - --enable-rt - --enable-rtsp - $(use_enable samba smb) - $(use_with ssh libssh2) - $(use_enable smtp) - $(use_enable telnet) - $(use_enable tftp) - --enable-tls-srp - $(use_enable adns ares) - --enable-cookies - --enable-dateparse - --enable-dnsshuffle - --enable-doh - --enable-symbol-hiding - --enable-http-auth - --enable-ipv6 - --enable-largefile - --enable-manual - --enable-mime - --enable-netrc - $(use_enable progress-meter) - --enable-proxy - --enable-socketpair - --disable-sspi - $(use_enable static-libs static) - --enable-pthreads - --enable-threaded-resolver - --disable-versioned-symbols - --without-amissl - --without-bearssl - $(use_with brotli) - --with-fish-functions-dir="${EPREFIX}"/usr/share/fish/vendor_completions.d - $(use_with http2 nghttp2) - --without-hyper - $(use_with idn libidn2) - $(use_with kerberos gssapi "${EPREFIX}"/usr) - --without-libgsasl - $(use_with psl libpsl) - --without-msh3 - $(use_with nghttp3) - $(use_with nghttp3 ngtcp2) - --without-quiche - $(use_with rtmp librtmp) - --without-schannel - --without-secure-transport - --without-test-caddy - --without-test-httpd - --without-test-nghttpx - $(use_enable websockets) - --without-winidn - --without-wolfssl - --with-zlib - $(use_with zstd) - --with-zsh-functions-dir="${EPREFIX}"/usr/share/zsh/site-functions - ) - - if use test && multilib_is_native_abi && ( use http2 || use nghttp3 ); then - myconf+=( - --with-test-nghttpx="${BROOT}/usr/bin/nghttpx" - ) - fi - - if [[ ${CHOST} == *mingw* ]] ; then - myconf+=( - --disable-pthreads - ) - fi - - ECONF_SOURCE="${S}" econf "${myconf[@]}" - - if ! multilib_is_native_abi; then - # Avoid building the client (we just want libcurl for multilib) - sed -i -e '/SUBDIRS/s:src::' Makefile || die - sed -i -e '/SUBDIRS/s:scripts::' Makefile || die - fi - - # Fix up the pkg-config file to be more robust. - # https://github.com/curl/curl/issues/864 - local priv=() libs=() - # We always enable zlib. - libs+=( "-lz" ) - priv+=( "zlib" ) - if use http2; then - libs+=( "-lnghttp2" ) - priv+=( "libnghttp2" ) - fi - if use nghttp3; then - libs+=( "-lnghttp3" "-lngtcp2" ) - priv+=( "libnghttp3" "libngtcp2" ) - fi - if use ssl && use curl_ssl_openssl; then - libs+=( "-lssl" "-lcrypto" ) - priv+=( "openssl" ) - fi - grep -q Requires.private libcurl.pc && die "need to update ebuild" - libs=$(printf '|%s' "${libs[@]}") - sed -i -r \ - -e "/^Libs.private/s:(${libs#|})( |$)::g" \ - libcurl.pc || die - echo "Requires.private: ${priv[*]}" >> libcurl.pc || die -} - -multilib_src_compile() { - default - - if multilib_is_native_abi; then - # Shell completions - ! tc-is-cross-compiler && emake -C scripts - fi -} - -# There is also a pytest harness that tests for bugs in some very specific -# situations; we can rely on upstream for this rather than adding additional test deps. -multilib_src_test() { - # See https://github.com/curl/curl/blob/master/tests/runtests.pl#L5721 - # -n: no valgrind (unreliable in sandbox and doesn't work correctly on all arches) - # -v: verbose - # -a: keep going on failure (so we see everything which breaks, not just 1st test) - # -k: keep test files after completion - # -am: automake style TAP output - # -p: print logs if test fails - # Note: if needed, we can skip specific tests. See e.g. Fedora's packaging - # or just read https://github.com/curl/curl/tree/master/tests#run. - # Note: we don't run the testsuite for cross-compilation. - # Upstream recommend 7*nproc as a starting point for parallel tests, but - # this ends up breaking when nproc is huge (like -j80). - # The network sandbox causes tests 241 and 1083 to fail; these are typically skipped - # as most gentoo users don't have an 'ip6-localhost' - multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p -j$((2*$(makeopts_jobs))) !241 !1083" -} - -multilib_src_install() { - emake DESTDIR="${D}" install - - if multilib_is_native_abi; then - # Shell completions - ! tc-is-cross-compiler && emake -C scripts DESTDIR="${D}" install - fi -} - -multilib_src_install_all() { - einstalldocs - find "${ED}" -type f -name '*.la' -delete || die - rm -rf "${ED}"/etc/ || die -} diff --git a/net-misc/curl/curl-8.6.0-r2.ebuild b/net-misc/curl/curl-8.6.0-r2.ebuild new file mode 100644 index 000000000000..c31bf46b91d8 --- /dev/null +++ b/net-misc/curl/curl-8.6.0-r2.ebuild @@ -0,0 +1,367 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/danielstenberg.asc +inherit autotools multilib-minimal multiprocessing prefix toolchain-funcs verify-sig + +DESCRIPTION="A Client that groks URLs" +HOMEPAGE="https://curl.se/" + +if [[ ${PV} == 9999 ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/curl/curl.git" +else + SRC_URI=" + https://curl.se/download/${P}.tar.xz + verify-sig? ( https://curl.se/download/${P}.tar.xz.asc ) + " + KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +fi + +LICENSE="BSD curl ISC test? ( BSD-4 )" +SLOT="0" +IUSE="+adns +alt-svc brotli +ftp gnutls gopher +hsts +http2 idn +imap kerberos ldap mbedtls nghttp3 +openssl +pop3" +IUSE+=" +psl +progress-meter rtmp rustls samba +smtp ssh ssl sslv3 static-libs test telnet +tftp websockets zstd" +# These select the default SSL implementation +IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls +curl_ssl_openssl curl_ssl_rustls" +RESTRICT="!test? ( test )" + +# Only one default ssl provider can be enabled +# The default ssl provider needs its USE satisfied +# nghttp3 = https://bugs.gentoo.org/912029 +REQUIRED_USE=" + ssl? ( + ^^ ( + curl_ssl_gnutls + curl_ssl_mbedtls + curl_ssl_openssl + curl_ssl_rustls + ) + ) + curl_ssl_gnutls? ( gnutls ) + curl_ssl_mbedtls? ( mbedtls ) + curl_ssl_openssl? ( openssl ) + curl_ssl_rustls? ( rustls ) + nghttp3? ( + !openssl + alt-svc ) +" + +# cURL's docs and CI/CD are great resources for confirming supported versions +# particulary for fast-moving targets like HTTP/2 and TCP/2 e.g.: +# - https://github.com/curl/curl/blob/master/docs/INTERNALS.md (core dependencies + minimum versions) +# - https://github.com/curl/curl/blob/master/docs/HTTP3.md (example of a feature that moves quickly) +# - https://github.com/curl/curl/blob/master/.github/workflows/quiche-linux.yml (CI/CD for TCP/2) +# However 'supported' vs 'works' are two entirely different things; be sane but +# don't be afraid to require a later version. + +RDEPEND=" + >=sys-libs/zlib-1.1.4[${MULTILIB_USEDEP}] + adns? ( net-dns/c-ares:=[${MULTILIB_USEDEP}] ) + brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] ) + http2? ( >=net-libs/nghttp2-1.12.0:=[${MULTILIB_USEDEP}] ) + idn? ( net-dns/libidn2:=[static-libs?,${MULTILIB_USEDEP}] ) + kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) + ldap? ( >=net-nds/openldap-2.0.0:=[static-libs?,${MULTILIB_USEDEP}] ) + nghttp3? ( + >=net-libs/nghttp3-0.15.0[${MULTILIB_USEDEP}] + >=net-libs/ngtcp2-0.19.1[gnutls,ssl,-openssl,${MULTILIB_USEDEP}] + ) + psl? ( net-libs/libpsl[${MULTILIB_USEDEP}] ) + rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] ) + ssh? ( >=net-libs/libssh2-1.0.0[${MULTILIB_USEDEP}] ) + ssl? ( + gnutls? ( + app-misc/ca-certificates + >=net-libs/gnutls-3.1.10:=[static-libs?,${MULTILIB_USEDEP}] + dev-libs/nettle:=[${MULTILIB_USEDEP}] + ) + mbedtls? ( + app-misc/ca-certificates + net-libs/mbedtls:=[${MULTILIB_USEDEP}] + ) + openssl? ( + >=dev-libs/openssl-0.9.7:=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}] + ) + rustls? ( + ~net-libs/rustls-ffi-0.10.0:=[${MULTILIB_USEDEP}] + ) + ) + zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] ) +" + +DEPEND="${RDEPEND}" + +BDEPEND=" + dev-lang/perl + virtual/pkgconfig + test? ( + sys-apps/diffutils + http2? ( >=net-libs/nghttp2-1.15.0:=[utils,${MULTILIB_USEDEP}] ) + nghttp3? ( net-libs/nghttp2:=[utils,${MULTILIB_USEDEP}] ) + ) + verify-sig? ( sec-keys/openpgp-keys-danielstenberg ) +" + +DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} ) + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/curl/curlbuild.h +) + +MULTILIB_CHOST_TOOLS=( + /usr/bin/curl-config +) + +QA_CONFIG_IMPL_DECL_SKIP=( + __builtin_available + closesocket + CloseSocket + getpass_r + ioctlsocket + IoctlSocket + mach_absolute_time + setmode + _fseeki64 +) + +PATCHES=( + "${FILESDIR}"/${PN}-prefix.patch + "${FILESDIR}"/${PN}-respect-cflags-3.patch + "${FILESDIR}"/${P}-vtls-revert-receive-max-buffer-add-test-case.patch + "${FILESDIR}"/${P}-rustls-fixes.patch +) + +src_prepare() { + default + + eprefixify curl-config.in + eautoreconf +} + +multilib_src_configure() { + # We make use of the fact that later flags override earlier ones + # So start with all ssl providers off until proven otherwise + # TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/) + local myconf=() + + myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt ) + if use ssl; then + myconf+=( --without-gnutls --without-mbedtls --without-rustls ) + + if use gnutls; then + multilib_is_native_abi && einfo "SSL provided by gnutls" + myconf+=( --with-gnutls ) + fi + if use mbedtls; then + multilib_is_native_abi && einfo "SSL provided by mbedtls" + myconf+=( --with-mbedtls ) + fi + if use openssl; then + multilib_is_native_abi && einfo "SSL provided by openssl" + myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs ) + fi + if use rustls; then + multilib_is_native_abi && einfo "SSL provided by rustls" + myconf+=( --with-rustls ) + fi + if use curl_ssl_gnutls; then + multilib_is_native_abi && einfo "Default SSL provided by gnutls" + myconf+=( --with-default-ssl-backend=gnutls ) + elif use curl_ssl_mbedtls; then + multilib_is_native_abi && einfo "Default SSL provided by mbedtls" + myconf+=( --with-default-ssl-backend=mbedtls ) + elif use curl_ssl_openssl; then + multilib_is_native_abi && einfo "Default SSL provided by openssl" + myconf+=( --with-default-ssl-backend=openssl ) + elif use curl_ssl_rustls; then + multilib_is_native_abi && einfo "Default SSL provided by rustls" + myconf+=( --with-default-ssl-backend=rustls ) + else + eerror "We can't be here because of REQUIRED_USE." + die "Please file a bug, hit impossible condition w/ USE=ssl handling." + fi + + else + myconf+=( --without-ssl ) + einfo "SSL disabled" + fi + + # These configuration options are organized alphabetically + # within each category. This should make it easier if we + # ever decide to make any of them contingent on USE flags: + # 1) protocols first. To see them all do + # 'grep SUPPORT_PROTOCOLS configure.ac' + # 2) --enable/disable options second. + # 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort + # 3) --with/without options third. + # grep -- --with configure | grep Check | awk '{ print $4 }' | sort + + myconf+=( + $(use_enable alt-svc) + --enable-basic-auth + --enable-bearer-auth + --enable-digest-auth + --enable-kerberos-auth + --enable-negotiate-auth + --enable-aws + --enable-dict + --disable-ech + --enable-file + $(use_enable ftp) + $(use_enable gopher) + $(use_enable hsts) + --enable-http + $(use_enable imap) + $(use_enable ldap) + $(use_enable ldap ldaps) + --enable-ntlm + --disable-ntlm-wb + $(use_enable pop3) + --enable-rt + --enable-rtsp + $(use_enable samba smb) + $(use_with ssh libssh2) + $(use_enable smtp) + $(use_enable telnet) + $(use_enable tftp) + --enable-tls-srp + $(use_enable adns ares) + --enable-cookies + --enable-dateparse + --enable-dnsshuffle + --enable-doh + --enable-symbol-hiding + --enable-http-auth + --enable-ipv6 + --enable-largefile + --enable-manual + --enable-mime + --enable-netrc + $(use_enable progress-meter) + --enable-proxy + --enable-socketpair + --disable-sspi + $(use_enable static-libs static) + --enable-pthreads + --enable-threaded-resolver + --disable-versioned-symbols + --without-amissl + --without-bearssl + $(use_with brotli) + --with-fish-functions-dir="${EPREFIX}"/usr/share/fish/vendor_completions.d + $(use_with http2 nghttp2) + --without-hyper + $(use_with idn libidn2) + $(use_with kerberos gssapi "${EPREFIX}"/usr) + --without-libgsasl + $(use_with psl libpsl) + --without-msh3 + $(use_with nghttp3) + $(use_with nghttp3 ngtcp2) + --without-quiche + $(use_with rtmp librtmp) + --without-schannel + --without-secure-transport + --without-test-caddy + --without-test-httpd + --without-test-nghttpx + $(use_enable websockets) + --without-winidn + --without-wolfssl + --with-zlib + $(use_with zstd) + --with-zsh-functions-dir="${EPREFIX}"/usr/share/zsh/site-functions + ) + + if use test && multilib_is_native_abi && ( use http2 || use nghttp3 ); then + myconf+=( + --with-test-nghttpx="${BROOT}/usr/bin/nghttpx" + ) + fi + + if [[ ${CHOST} == *mingw* ]] ; then + myconf+=( + --disable-pthreads + ) + fi + + ECONF_SOURCE="${S}" econf "${myconf[@]}" + + if ! multilib_is_native_abi; then + # Avoid building the client (we just want libcurl for multilib) + sed -i -e '/SUBDIRS/s:src::' Makefile || die + sed -i -e '/SUBDIRS/s:scripts::' Makefile || die + fi + + # Fix up the pkg-config file to be more robust. + # https://github.com/curl/curl/issues/864 + local priv=() libs=() + # We always enable zlib. + libs+=( "-lz" ) + priv+=( "zlib" ) + if use http2; then + libs+=( "-lnghttp2" ) + priv+=( "libnghttp2" ) + fi + if use nghttp3; then + libs+=( "-lnghttp3" "-lngtcp2" ) + priv+=( "libnghttp3" "libngtcp2" ) + fi + if use ssl && use curl_ssl_openssl; then + libs+=( "-lssl" "-lcrypto" ) + priv+=( "openssl" ) + fi + grep -q Requires.private libcurl.pc && die "need to update ebuild" + libs=$(printf '|%s' "${libs[@]}") + sed -i -r \ + -e "/^Libs.private/s:(${libs#|})( |$)::g" \ + libcurl.pc || die + echo "Requires.private: ${priv[*]}" >> libcurl.pc || die +} + +multilib_src_compile() { + default + + if multilib_is_native_abi; then + # Shell completions + ! tc-is-cross-compiler && emake -C scripts + fi +} + +# There is also a pytest harness that tests for bugs in some very specific +# situations; we can rely on upstream for this rather than adding additional test deps. +multilib_src_test() { + # See https://github.com/curl/curl/blob/master/tests/runtests.pl#L5721 + # -n: no valgrind (unreliable in sandbox and doesn't work correctly on all arches) + # -v: verbose + # -a: keep going on failure (so we see everything which breaks, not just 1st test) + # -k: keep test files after completion + # -am: automake style TAP output + # -p: print logs if test fails + # Note: if needed, we can skip specific tests. See e.g. Fedora's packaging + # or just read https://github.com/curl/curl/tree/master/tests#run. + # Note: we don't run the testsuite for cross-compilation. + # Upstream recommend 7*nproc as a starting point for parallel tests, but + # this ends up breaking when nproc is huge (like -j80). + # The network sandbox causes tests 241 and 1083 to fail; these are typically skipped + # as most gentoo users don't have an 'ip6-localhost' + multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p -j$((2*$(makeopts_jobs))) !241 !1083" +} + +multilib_src_install() { + emake DESTDIR="${D}" install + + if multilib_is_native_abi; then + # Shell completions + ! tc-is-cross-compiler && emake -C scripts DESTDIR="${D}" install + fi +} + +multilib_src_install_all() { + einstalldocs + find "${ED}" -type f -name '*.la' -delete || die + rm -rf "${ED}"/etc/ || die +} diff --git a/net-misc/curl/curl-8.7.1-r1.ebuild b/net-misc/curl/curl-8.7.1-r1.ebuild new file mode 100644 index 000000000000..f81f4b76f480 --- /dev/null +++ b/net-misc/curl/curl-8.7.1-r1.ebuild @@ -0,0 +1,366 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/danielstenberg.asc +inherit autotools multilib-minimal multiprocessing prefix toolchain-funcs verify-sig + +DESCRIPTION="A Client that groks URLs" +HOMEPAGE="https://curl.se/" + +if [[ ${PV} == 9999 ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/curl/curl.git" +else + SRC_URI=" + https://curl.se/download/${P}.tar.xz + verify-sig? ( https://curl.se/download/${P}.tar.xz.asc ) + " + KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +fi + +LICENSE="BSD curl ISC test? ( BSD-4 )" +SLOT="0" +IUSE="+adns +alt-svc brotli +ftp gnutls gopher +hsts +http2 idn +imap kerberos ldap mbedtls nghttp3 +openssl +pop3" +IUSE+=" +psl +progress-meter rtmp rustls samba +smtp ssh ssl sslv3 static-libs test telnet +tftp websockets zstd" +# These select the default SSL implementation +IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls +curl_ssl_openssl curl_ssl_rustls" +RESTRICT="!test? ( test )" + +# Only one default ssl provider can be enabled +# The default ssl provider needs its USE satisfied +# nghttp3 = https://bugs.gentoo.org/912029 +REQUIRED_USE=" + ssl? ( + ^^ ( + curl_ssl_gnutls + curl_ssl_mbedtls + curl_ssl_openssl + curl_ssl_rustls + ) + ) + curl_ssl_gnutls? ( gnutls ) + curl_ssl_mbedtls? ( mbedtls ) + curl_ssl_openssl? ( openssl ) + curl_ssl_rustls? ( rustls ) + nghttp3? ( + !openssl + alt-svc ) +" + +# cURL's docs and CI/CD are great resources for confirming supported versions +# particulary for fast-moving targets like HTTP/2 and TCP/2 e.g.: +# - https://github.com/curl/curl/blob/master/docs/INTERNALS.md (core dependencies + minimum versions) +# - https://github.com/curl/curl/blob/master/docs/HTTP3.md (example of a feature that moves quickly) +# - https://github.com/curl/curl/blob/master/.github/workflows/quiche-linux.yml (CI/CD for TCP/2) +# However 'supported' vs 'works' are two entirely different things; be sane but +# don't be afraid to require a later version. + +RDEPEND=" + >=sys-libs/zlib-1.1.4[${MULTILIB_USEDEP}] + adns? ( net-dns/c-ares:=[${MULTILIB_USEDEP}] ) + brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] ) + http2? ( >=net-libs/nghttp2-1.12.0:=[${MULTILIB_USEDEP}] ) + idn? ( net-dns/libidn2:=[static-libs?,${MULTILIB_USEDEP}] ) + kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) + ldap? ( >=net-nds/openldap-2.0.0:=[static-libs?,${MULTILIB_USEDEP}] ) + nghttp3? ( + >=net-libs/nghttp3-0.15.0[${MULTILIB_USEDEP}] + >=net-libs/ngtcp2-0.19.1[gnutls,ssl,-openssl,${MULTILIB_USEDEP}] + ) + psl? ( net-libs/libpsl[${MULTILIB_USEDEP}] ) + rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] ) + ssh? ( >=net-libs/libssh2-1.0.0[${MULTILIB_USEDEP}] ) + ssl? ( + gnutls? ( + app-misc/ca-certificates + >=net-libs/gnutls-3.1.10:=[static-libs?,${MULTILIB_USEDEP}] + dev-libs/nettle:=[${MULTILIB_USEDEP}] + ) + mbedtls? ( + app-misc/ca-certificates + net-libs/mbedtls:=[${MULTILIB_USEDEP}] + ) + openssl? ( + >=dev-libs/openssl-0.9.7:=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}] + ) + rustls? ( >=net-libs/rustls-ffi-0.12.1:=[${MULTILIB_USEDEP}] + > libcurl.pc || die +} + +multilib_src_compile() { + default + + if multilib_is_native_abi; then + # Shell completions + ! tc-is-cross-compiler && emake -C scripts + fi +} + +# There is also a pytest harness that tests for bugs in some very specific +# situations; we can rely on upstream for this rather than adding additional test deps. +multilib_src_test() { + # See https://github.com/curl/curl/blob/master/tests/runtests.pl#L5721 + # -n: no valgrind (unreliable in sandbox and doesn't work correctly on all arches) + # -v: verbose + # -a: keep going on failure (so we see everything which breaks, not just 1st test) + # -k: keep test files after completion + # -am: automake style TAP output + # -p: print logs if test fails + # Note: if needed, we can skip specific tests. See e.g. Fedora's packaging + # or just read https://github.com/curl/curl/tree/master/tests#run. + # Note: we don't run the testsuite for cross-compilation. + # Upstream recommend 7*nproc as a starting point for parallel tests, but + # this ends up breaking when nproc is huge (like -j80). + # The network sandbox causes tests 241 and 1083 to fail; these are typically skipped + # as most gentoo users don't have an 'ip6-localhost' + multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p -j$((2*$(makeopts_jobs))) !241 !1083" +} + +multilib_src_install() { + emake DESTDIR="${D}" install + + if multilib_is_native_abi; then + # Shell completions + ! tc-is-cross-compiler && emake -C scripts DESTDIR="${D}" install + fi +} + +multilib_src_install_all() { + einstalldocs + find "${ED}" -type f -name '*.la' -delete || die + rm -rf "${ED}"/etc/ || die +} diff --git a/net-misc/curl/curl-8.7.1.ebuild b/net-misc/curl/curl-8.7.1.ebuild deleted file mode 100644 index 3338a14e2bef..000000000000 --- a/net-misc/curl/curl-8.7.1.ebuild +++ /dev/null @@ -1,366 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/danielstenberg.asc -inherit autotools multilib-minimal multiprocessing prefix toolchain-funcs verify-sig - -DESCRIPTION="A Client that groks URLs" -HOMEPAGE="https://curl.se/" - -if [[ ${PV} == 9999 ]]; then - inherit git-r3 - EGIT_REPO_URI="https://github.com/curl/curl.git" -else - SRC_URI=" - https://curl.se/download/${P}.tar.xz - verify-sig? ( https://curl.se/download/${P}.tar.xz.asc ) - " - KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" -fi - -LICENSE="BSD curl ISC test? ( BSD-4 )" -SLOT="0" -IUSE="+adns +alt-svc brotli +ftp gnutls gopher +hsts +http2 idn +imap kerberos ldap mbedtls nghttp3 +openssl +pop3" -IUSE+=" +psl +progress-meter rtmp rustls samba +smtp ssh ssl sslv3 static-libs test telnet +tftp websockets zstd" -# These select the default SSL implementation -IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls +curl_ssl_openssl curl_ssl_rustls" -RESTRICT="!test? ( test )" - -# Only one default ssl provider can be enabled -# The default ssl provider needs its USE satisfied -# nghttp3 = https://bugs.gentoo.org/912029 -REQUIRED_USE=" - ssl? ( - ^^ ( - curl_ssl_gnutls - curl_ssl_mbedtls - curl_ssl_openssl - curl_ssl_rustls - ) - ) - curl_ssl_gnutls? ( gnutls ) - curl_ssl_mbedtls? ( mbedtls ) - curl_ssl_openssl? ( openssl ) - curl_ssl_rustls? ( rustls ) - nghttp3? ( - !openssl - alt-svc ) -" - -# cURL's docs and CI/CD are great resources for confirming supported versions -# particulary for fast-moving targets like HTTP/2 and TCP/2 e.g.: -# - https://github.com/curl/curl/blob/master/docs/INTERNALS.md (core dependencies + minimum versions) -# - https://github.com/curl/curl/blob/master/docs/HTTP3.md (example of a feature that moves quickly) -# - https://github.com/curl/curl/blob/master/.github/workflows/quiche-linux.yml (CI/CD for TCP/2) -# However 'supported' vs 'works' are two entirely different things; be sane but -# don't be afraid to require a later version. - -RDEPEND=" - >=sys-libs/zlib-1.1.4[${MULTILIB_USEDEP}] - adns? ( net-dns/c-ares:=[${MULTILIB_USEDEP}] ) - brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] ) - http2? ( >=net-libs/nghttp2-1.12.0:=[${MULTILIB_USEDEP}] ) - idn? ( net-dns/libidn2:=[static-libs?,${MULTILIB_USEDEP}] ) - kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) - ldap? ( >=net-nds/openldap-2.0.0:=[static-libs?,${MULTILIB_USEDEP}] ) - nghttp3? ( - >=net-libs/nghttp3-0.15.0[${MULTILIB_USEDEP}] - >=net-libs/ngtcp2-0.19.1[gnutls,ssl,-openssl,${MULTILIB_USEDEP}] - ) - psl? ( net-libs/libpsl[${MULTILIB_USEDEP}] ) - rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] ) - ssh? ( >=net-libs/libssh2-1.0.0[${MULTILIB_USEDEP}] ) - ssl? ( - gnutls? ( - app-misc/ca-certificates - >=net-libs/gnutls-3.1.10:=[static-libs?,${MULTILIB_USEDEP}] - dev-libs/nettle:=[${MULTILIB_USEDEP}] - ) - mbedtls? ( - app-misc/ca-certificates - net-libs/mbedtls:=[${MULTILIB_USEDEP}] - ) - openssl? ( - >=dev-libs/openssl-0.9.7:=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}] - ) - rustls? ( - ~net-libs/rustls-ffi-0.12.1:=[${MULTILIB_USEDEP}] - ) - ) - zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] ) -" - -DEPEND="${RDEPEND}" - -BDEPEND=" - dev-lang/perl - virtual/pkgconfig - test? ( - sys-apps/diffutils - http2? ( >=net-libs/nghttp2-1.15.0:=[utils,${MULTILIB_USEDEP}] ) - nghttp3? ( net-libs/nghttp2:=[utils,${MULTILIB_USEDEP}] ) - ) - verify-sig? ( sec-keys/openpgp-keys-danielstenberg ) -" - -DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} ) - -MULTILIB_WRAPPED_HEADERS=( - /usr/include/curl/curlbuild.h -) - -MULTILIB_CHOST_TOOLS=( - /usr/bin/curl-config -) - -QA_CONFIG_IMPL_DECL_SKIP=( - __builtin_available - closesocket - CloseSocket - getpass_r - ioctlsocket - IoctlSocket - mach_absolute_time - setmode - _fseeki64 -) - -PATCHES=( - "${FILESDIR}"/${PN}-prefix.patch - "${FILESDIR}"/${PN}-respect-cflags-3.patch - "${FILESDIR}"/${PN}-8.7.1-fix-pkgconfig-macros.patch -) - -src_prepare() { - default - - eprefixify curl-config.in - eautoreconf -} - -multilib_src_configure() { - # We make use of the fact that later flags override earlier ones - # So start with all ssl providers off until proven otherwise - # TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/) - local myconf=() - - myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt ) - if use ssl; then - myconf+=( --without-gnutls --without-mbedtls --without-rustls ) - - if use gnutls; then - multilib_is_native_abi && einfo "SSL provided by gnutls" - myconf+=( --with-gnutls ) - fi - if use mbedtls; then - multilib_is_native_abi && einfo "SSL provided by mbedtls" - myconf+=( --with-mbedtls ) - fi - if use openssl; then - multilib_is_native_abi && einfo "SSL provided by openssl" - myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs ) - fi - if use rustls; then - multilib_is_native_abi && einfo "SSL provided by rustls" - myconf+=( --with-rustls ) - fi - if use curl_ssl_gnutls; then - multilib_is_native_abi && einfo "Default SSL provided by gnutls" - myconf+=( --with-default-ssl-backend=gnutls ) - elif use curl_ssl_mbedtls; then - multilib_is_native_abi && einfo "Default SSL provided by mbedtls" - myconf+=( --with-default-ssl-backend=mbedtls ) - elif use curl_ssl_openssl; then - multilib_is_native_abi && einfo "Default SSL provided by openssl" - myconf+=( --with-default-ssl-backend=openssl ) - elif use curl_ssl_rustls; then - multilib_is_native_abi && einfo "Default SSL provided by rustls" - myconf+=( --with-default-ssl-backend=rustls ) - else - eerror "We can't be here because of REQUIRED_USE." - die "Please file a bug, hit impossible condition w/ USE=ssl handling." - fi - - else - myconf+=( --without-ssl ) - einfo "SSL disabled" - fi - - # These configuration options are organized alphabetically - # within each category. This should make it easier if we - # ever decide to make any of them contingent on USE flags: - # 1) protocols first. To see them all do - # 'grep SUPPORT_PROTOCOLS configure.ac' - # 2) --enable/disable options second. - # 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort - # 3) --with/without options third. - # grep -- --with configure | grep Check | awk '{ print $4 }' | sort - - myconf+=( - $(use_enable alt-svc) - --enable-basic-auth - --enable-bearer-auth - --enable-digest-auth - --enable-kerberos-auth - --enable-negotiate-auth - --enable-aws - --enable-dict - --disable-ech - --enable-file - $(use_enable ftp) - $(use_enable gopher) - $(use_enable hsts) - --enable-http - $(use_enable imap) - $(use_enable ldap) - $(use_enable ldap ldaps) - --enable-ntlm - --disable-ntlm-wb - $(use_enable pop3) - --enable-rt - --enable-rtsp - $(use_enable samba smb) - $(use_with ssh libssh2) - $(use_enable smtp) - $(use_enable telnet) - $(use_enable tftp) - --enable-tls-srp - $(use_enable adns ares) - --enable-cookies - --enable-dateparse - --enable-dnsshuffle - --enable-doh - --enable-symbol-hiding - --enable-http-auth - --enable-ipv6 - --enable-largefile - --enable-manual - --enable-mime - --enable-netrc - $(use_enable progress-meter) - --enable-proxy - --enable-socketpair - --disable-sspi - $(use_enable static-libs static) - --enable-pthreads - --enable-threaded-resolver - --disable-versioned-symbols - --without-amissl - --without-bearssl - $(use_with brotli) - --with-fish-functions-dir="${EPREFIX}"/usr/share/fish/vendor_completions.d - $(use_with http2 nghttp2) - --without-hyper - $(use_with idn libidn2) - $(use_with kerberos gssapi "${EPREFIX}"/usr) - --without-libgsasl - $(use_with psl libpsl) - --without-msh3 - $(use_with nghttp3) - $(use_with nghttp3 ngtcp2) - --without-quiche - $(use_with rtmp librtmp) - --without-schannel - --without-secure-transport - --without-test-caddy - --without-test-httpd - --without-test-nghttpx - $(use_enable websockets) - --without-winidn - --without-wolfssl - --with-zlib - $(use_with zstd) - --with-zsh-functions-dir="${EPREFIX}"/usr/share/zsh/site-functions - ) - - if use test && multilib_is_native_abi && ( use http2 || use nghttp3 ); then - myconf+=( - --with-test-nghttpx="${BROOT}/usr/bin/nghttpx" - ) - fi - - if [[ ${CHOST} == *mingw* ]] ; then - myconf+=( - --disable-pthreads - ) - fi - - ECONF_SOURCE="${S}" econf "${myconf[@]}" - - if ! multilib_is_native_abi; then - # Avoid building the client (we just want libcurl for multilib) - sed -i -e '/SUBDIRS/s:src::' Makefile || die - sed -i -e '/SUBDIRS/s:scripts::' Makefile || die - fi - - # Fix up the pkg-config file to be more robust. - # https://github.com/curl/curl/issues/864 - local priv=() libs=() - # We always enable zlib. - libs+=( "-lz" ) - priv+=( "zlib" ) - if use http2; then - libs+=( "-lnghttp2" ) - priv+=( "libnghttp2" ) - fi - if use nghttp3; then - libs+=( "-lnghttp3" "-lngtcp2" ) - priv+=( "libnghttp3" "libngtcp2" ) - fi - if use ssl && use curl_ssl_openssl; then - libs+=( "-lssl" "-lcrypto" ) - priv+=( "openssl" ) - fi - grep -q Requires.private libcurl.pc && die "need to update ebuild" - libs=$(printf '|%s' "${libs[@]}") - sed -i -r \ - -e "/^Libs.private/s:(${libs#|})( |$)::g" \ - libcurl.pc || die - echo "Requires.private: ${priv[*]}" >> libcurl.pc || die -} - -multilib_src_compile() { - default - - if multilib_is_native_abi; then - # Shell completions - ! tc-is-cross-compiler && emake -C scripts - fi -} - -# There is also a pytest harness that tests for bugs in some very specific -# situations; we can rely on upstream for this rather than adding additional test deps. -multilib_src_test() { - # See https://github.com/curl/curl/blob/master/tests/runtests.pl#L5721 - # -n: no valgrind (unreliable in sandbox and doesn't work correctly on all arches) - # -v: verbose - # -a: keep going on failure (so we see everything which breaks, not just 1st test) - # -k: keep test files after completion - # -am: automake style TAP output - # -p: print logs if test fails - # Note: if needed, we can skip specific tests. See e.g. Fedora's packaging - # or just read https://github.com/curl/curl/tree/master/tests#run. - # Note: we don't run the testsuite for cross-compilation. - # Upstream recommend 7*nproc as a starting point for parallel tests, but - # this ends up breaking when nproc is huge (like -j80). - # The network sandbox causes tests 241 and 1083 to fail; these are typically skipped - # as most gentoo users don't have an 'ip6-localhost' - multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p -j$((2*$(makeopts_jobs))) !241 !1083" -} - -multilib_src_install() { - emake DESTDIR="${D}" install - - if multilib_is_native_abi; then - # Shell completions - ! tc-is-cross-compiler && emake -C scripts DESTDIR="${D}" install - fi -} - -multilib_src_install_all() { - einstalldocs - find "${ED}" -type f -name '*.la' -delete || die - rm -rf "${ED}"/etc/ || die -} diff --git a/net-misc/curl/files/curl-8.6.0-backport-rustls-detection.patch b/net-misc/curl/files/curl-8.6.0-backport-rustls-detection.patch deleted file mode 100644 index 5d7b3a23c2c9..000000000000 --- a/net-misc/curl/files/curl-8.6.0-backport-rustls-detection.patch +++ /dev/null @@ -1,256 +0,0 @@ -https://github.com/curl/curl/commit/647e86a3efe1eea7a2a456c009cfe1eb55fe48eb -https://github.com/curl/curl/pull/13202 -From: Matt Jolly -Date: Fri, 29 Mar 2024 09:58:14 +1000 -Subject: [PATCH] curl-rustls.m4: add pkg-config support to rustls detection - -Based on the existing openssl pkg-config detection, this commit tries to -use pkg-config to find `rustls` then falls back to the current approach -if that fails. - -We use the following logic: - -- if no path is provided, just use pkg-config, if it's not there we have - a problem! -- if a path is provided, try pkg-config - + if pkg-config fails, try and find rustls directly ---- - m4/curl-rustls.m4 | 209 ++++++++++++++++++++++++++++++++-------------- - 1 file changed, 145 insertions(+), 64 deletions(-) - -diff --git a/m4/curl-rustls.m4 b/m4/curl-rustls.m4 -index 75542e4..902327a 100644 ---- a/m4/curl-rustls.m4 -+++ b/m4/curl-rustls.m4 -@@ -28,84 +28,165 @@ dnl check for rustls - dnl ---------------------------------------------------- - - if test "x$OPT_RUSTLS" != xno; then -- _cppflags=$CPPFLAGS -- _ldflags=$LDFLAGS - ssl_msg= - -- if test X"$OPT_RUSTLS" != Xno; then -+ dnl backup the pre-ssl variables -+ CLEANLDFLAGS="$LDFLAGS" -+ CLEANCPPFLAGS="$CPPFLAGS" - -- if test "$OPT_RUSTLS" = "yes"; then -- OPT_RUSTLS="" -- fi -+ case $host_os in -+ darwin*) -+ LDFLAGS="$LDFLAGS -framework Security" -+ ;; -+ *) -+ ;; -+ esac -+ ## NEW CODE - -- case $host_os in -- darwin*) -- LDFLAGS="$LDFLAGS -framework Security" -- ;; -- *) -- ;; -- esac -- -- if test -z "$OPT_RUSTLS" ; then -- dnl check for lib first without setting any new path -- -- AC_CHECK_LIB(rustls, rustls_client_session_read, -- dnl librustls found, set the variable -- [ -- AC_DEFINE(USE_RUSTLS, 1, [if rustls is enabled]) -- AC_SUBST(USE_RUSTLS, [1]) -- RUSTLS_ENABLED=1 -- USE_RUSTLS="yes" -- ssl_msg="rustls" -- test rustls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes -- ], [], -lpthread -ldl -lm) -- fi -+ dnl use pkg-config unless we have been given a path -+ dnl even then, try pkg-config first - -- if test "x$USE_RUSTLS" != "xyes"; then -- dnl add the path and test again -- addld=-L$OPT_RUSTLS/lib$libsuff -- addcflags=-I$OPT_RUSTLS/include -- rustlslib=$OPT_RUSTLS/lib$libsuff -+ case "$OPT_RUSTLS" in -+ yes) -+ dnl --with-rustls (without path) used -+ PKGTEST="yes" -+ PREFIX_RUSTLS= -+ ;; -+ *) -+ dnl check the provided --with-rustls path -+ PKGTEST="no" -+ PREFIX_RUSTLS=$OPT_RUSTLS - -- LDFLAGS="$LDFLAGS $addld" -- if test "$addcflags" != "-I/usr/include"; then -- CPPFLAGS="$CPPFLAGS $addcflags" -+ dnl Try pkg-config even when cross-compiling. Since we -+ dnl specify PKG_CONFIG_LIBDIR we are only looking where -+ dnl the user told us to look -+ -+ RUSTLS_PCDIR="$PREFIX_RUSTLS/lib/pkgconfig" -+ if test -f "$RUSTLS_PCDIR/rustls.pc"; then -+ AC_MSG_NOTICE([PKG_CONFIG_LIBDIR will be set to "$RUSTLS_PCDIR"]) -+ PKGTEST="yes" - fi - -- AC_CHECK_LIB(rustls, rustls_connection_read, -- [ -- AC_DEFINE(USE_RUSTLS, 1, [if rustls is enabled]) -- AC_SUBST(USE_RUSTLS, [1]) -- RUSTLS_ENABLED=1 -- USE_RUSTLS="yes" -- ssl_msg="rustls" -- test rustls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes -- ], -- AC_MSG_ERROR([--with-rustls was specified but could not find rustls.]), -- -lpthread -ldl -lm) -- fi -+ if test "$PKGTEST" != "yes"; then -+ # try lib64 instead -+ RUSTLS_PCDIR="$PREFIX_RUSTLS/lib64/pkgconfig" -+ if test -f "$RUSTLS_PCDIR/rustls.pc"; then -+ AC_MSG_NOTICE([PKG_CONFIG_LIBDIR will be set to "$RUSTLS_PCDIR"]) -+ PKGTEST="yes" -+ fi -+ fi -+ -+ if test "$PKGTEST" != "yes"; then -+ dnl pkg-config came up empty, use what we got -+ dnl via --with-rustls - -- if test "x$USE_RUSTLS" = "xyes"; then -- AC_MSG_NOTICE([detected rustls]) -- check_for_ca_bundle=1 -- -- LIBS="-lrustls -lpthread -ldl -lm $LIBS" -- -- if test -n "$rustlslib"; then -- dnl when shared libs were found in a path that the run-time -- dnl linker doesn't search through, we need to add it to -- dnl CURL_LIBRARY_PATH to prevent further configure tests to fail -- dnl due to this -- if test "x$cross_compiling" != "xyes"; then -- CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$rustlslib" -- export CURL_LIBRARY_PATH -- AC_MSG_NOTICE([Added $rustlslib to CURL_LIBRARY_PATH]) -+ addld=-L$PREFIX_RUSTLS/lib$libsuff -+ addcflags=-I$PREFIX_RUSTLS/include -+ -+ LDFLAGS="$LDFLAGS $addld" -+ if test "$addcflags" != "-I/usr/include"; then -+ CPPFLAGS="$CPPFLAGS $addcflags" -+ fi -+ -+ AC_CHECK_LIB(rustls, rustls_connection_read, -+ [ -+ AC_DEFINE(USE_RUSTLS, 1, [if rustls is enabled]) -+ AC_SUBST(USE_RUSTLS, [1]) -+ RUSTLS_ENABLED=1 -+ USE_RUSTLS="yes" -+ ssl_msg="rustls" -+ test rustls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes -+ ], -+ AC_MSG_ERROR([--with-rustls was specified but could not find rustls.]), -+ -lpthread -ldl -lm) -+ -+ USE_RUSTLS="yes" -+ ssl_msg="rustls" -+ -+ LIB_RUSTLS="$PREFIX_RUSTLS/lib$libsuff" -+ if test "$PREFIX_RUSTLS" != "/usr" ; then -+ SSL_LDFLAGS="-L$LIB_RUSTLS" -+ SSL_CPPFLAGS="-I$PREFIX_RUSTLS/include" - fi - fi -+ ;; -+ esac -+ -+ if test "$PKGTEST" = "yes"; then -+ -+ CURL_CHECK_PKGCONFIG(rustls, [$RUSTLS_PCDIR]) -+ -+ if test "$PKGCONFIG" != "no" ; then -+ SSL_LIBS=`CURL_EXPORT_PCDIR([$RUSTLS_PCDIR]) dnl -+ $PKGCONFIG --libs-only-l --libs-only-other rustls 2>/dev/null` -+ -+ SSL_LDFLAGS=`CURL_EXPORT_PCDIR([$RUSTLS_PCDIR]) dnl -+ $PKGCONFIG --libs-only-L rustls 2>/dev/null` -+ -+ SSL_CPPFLAGS=`CURL_EXPORT_PCDIR([$RUSTLS_PCDIR]) dnl -+ $PKGCONFIG --cflags-only-I rustls 2>/dev/null` -+ -+ AC_SUBST(SSL_LIBS) -+ AC_MSG_NOTICE([pkg-config: SSL_LIBS: "$SSL_LIBS"]) -+ AC_MSG_NOTICE([pkg-config: SSL_LDFLAGS: "$SSL_LDFLAGS"]) -+ AC_MSG_NOTICE([pkg-config: SSL_CPPFLAGS: "$SSL_CPPFLAGS"]) -+ -+ LIB_RUSTLS=`echo $SSL_LDFLAGS | sed -e 's/^-L//'` -+ -+ dnl use the values pkg-config reported. This is here -+ dnl instead of below with CPPFLAGS and LDFLAGS because we only -+ dnl learn about this via pkg-config. If we only have -+ dnl the argument to --with-rustls we don't know what -+ dnl additional libs may be necessary. Hope that we -+ dnl don't need any. -+ LIBS="$SSL_LIBS $LIBS" -+ USE_RUSTLS="yes" -+ ssl_msg="rustls" -+ AC_DEFINE(USE_RUSTLS, 1, [if rustls is enabled]) -+ AC_SUBST(USE_RUSTLS, [1]) -+ RUSTLS_ENABLED=1 -+ test rustls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes -+ else -+ AC_MSG_ERROR([pkg-config: Could not find rustls]) - fi - -- fi dnl rustls not disabled -+ else -+ dnl we did not use pkg-config, so we need to add the -+ dnl rustls lib to LIBS -+ LIBS="-lrustls -lpthread -ldl -lm $LIBS" -+ fi -+ -+ dnl finally, set flags to use this TLS backend -+ CPPFLAGS="$CLEAN_CPPFLAGS $SSL_CPPFLAGS" -+ LDFLAGS="$CLAN_LDFLAGS $SSL_LDFLAGS" -+ -+ if test "x$USE_RUSTLS" = "xyes"; then -+ AC_MSG_NOTICE([detected rustls]) -+ check_for_ca_bundle=1 -+ -+ if test -n "$LIB_RUSTLS"; then -+ dnl when shared libs were found in a path that the run-time -+ dnl linker does not search through, we need to add it to -+ dnl CURL_LIBRARY_PATH so that further configure tests do not -+ dnl fail due to this -+ if test "x$cross_compiling" != "xyes"; then -+ CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$LIB_RUSTLS" -+ export CURL_LIBRARY_PATH -+ AC_MSG_NOTICE([Added $LIB_RUSTLS to CURL_LIBRARY_PATH]) -+ fi -+ fi -+ fi - - test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg" -+ -+ if test X"$OPT_RUSTLS" != Xno && -+ test "$RUSTLS_ENABLED" != "1"; then -+ AC_MSG_NOTICE([OPT_RUSTLS: $OPT_RUSTLS]) -+ AC_MSG_NOTICE([RUSTLS_ENABLED: $RUSTLS_ENABLED]) -+ AC_MSG_ERROR([--with-rustls was given but Rustls could not be detected]) -+ fi - fi - ]) -+ -+ -+RUSTLS_ENABLED --- -2.44.0 diff --git a/net-misc/curl/files/curl-8.6.0-rustls-fixes.patch b/net-misc/curl/files/curl-8.6.0-rustls-fixes.patch new file mode 100644 index 000000000000..4f713668fd35 --- /dev/null +++ b/net-misc/curl/files/curl-8.6.0-rustls-fixes.patch @@ -0,0 +1,252 @@ +From a59683a3607bc0167ff702352d15eee1c0d658a6 Mon Sep 17 00:00:00 2001 +From: Matt Jolly +Date: Mon, 1 Apr 2024 08:49:27 +1000 +Subject: [PATCH] m4: fix rustls builds + +This patch consolidates the following commits to do with rustls +detection using pkg-config: + +- https://github.com/curl/curl/commit/9c4209837094781d5eef69ae6bcad0e86b64bf99 +- https://github.com/curl/curl/commit/5a50cb5a18a141a463148562dab83fa3be1a3b90 +--- + m4/curl-rustls.m4 | 210 ++++++++++++++++++++++++++++++++-------------- + 1 file changed, 146 insertions(+), 64 deletions(-) + +diff --git a/m4/curl-rustls.m4 b/m4/curl-rustls.m4 +index 75542e4..8082cf9 100644 +--- a/m4/curl-rustls.m4 ++++ b/m4/curl-rustls.m4 +@@ -28,84 +28,166 @@ dnl check for rustls + dnl ---------------------------------------------------- + + if test "x$OPT_RUSTLS" != xno; then +- _cppflags=$CPPFLAGS +- _ldflags=$LDFLAGS + ssl_msg= + +- if test X"$OPT_RUSTLS" != Xno; then ++ dnl backup the pre-ssl variables ++ CLEANLDFLAGS="$LDFLAGS" ++ CLEANCPPFLAGS="$CPPFLAGS" + +- if test "$OPT_RUSTLS" = "yes"; then +- OPT_RUSTLS="" +- fi ++ case $host_os in ++ darwin*) ++ LDFLAGS="$LDFLAGS -framework Security" ++ ;; ++ *) ++ ;; ++ esac ++ ## NEW CODE + +- case $host_os in +- darwin*) +- LDFLAGS="$LDFLAGS -framework Security" +- ;; +- *) +- ;; +- esac +- +- if test -z "$OPT_RUSTLS" ; then +- dnl check for lib first without setting any new path +- +- AC_CHECK_LIB(rustls, rustls_client_session_read, +- dnl librustls found, set the variable +- [ +- AC_DEFINE(USE_RUSTLS, 1, [if rustls is enabled]) +- AC_SUBST(USE_RUSTLS, [1]) +- RUSTLS_ENABLED=1 +- USE_RUSTLS="yes" +- ssl_msg="rustls" +- test rustls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes +- ], [], -lpthread -ldl -lm) +- fi ++ dnl use pkg-config unless we have been given a path ++ dnl even then, try pkg-config first + +- if test "x$USE_RUSTLS" != "xyes"; then +- dnl add the path and test again +- addld=-L$OPT_RUSTLS/lib$libsuff +- addcflags=-I$OPT_RUSTLS/include +- rustlslib=$OPT_RUSTLS/lib$libsuff ++ case "$OPT_RUSTLS" in ++ yes) ++ dnl --with-rustls (without path) used ++ PKGTEST="yes" ++ PREFIX_RUSTLS= ++ ;; ++ *) ++ dnl check the provided --with-rustls path ++ PKGTEST="no" ++ PREFIX_RUSTLS=$OPT_RUSTLS + +- LDFLAGS="$LDFLAGS $addld" +- if test "$addcflags" != "-I/usr/include"; then +- CPPFLAGS="$CPPFLAGS $addcflags" ++ dnl Try pkg-config even when cross-compiling. Since we ++ dnl specify PKG_CONFIG_LIBDIR we are only looking where ++ dnl the user told us to look ++ ++ RUSTLS_PCDIR="$PREFIX_RUSTLS/lib/pkgconfig" ++ if test -f "$RUSTLS_PCDIR/rustls.pc"; then ++ AC_MSG_NOTICE([PKG_CONFIG_LIBDIR will be set to "$RUSTLS_PCDIR"]) ++ PKGTEST="yes" + fi + +- AC_CHECK_LIB(rustls, rustls_connection_read, +- [ +- AC_DEFINE(USE_RUSTLS, 1, [if rustls is enabled]) +- AC_SUBST(USE_RUSTLS, [1]) +- RUSTLS_ENABLED=1 +- USE_RUSTLS="yes" +- ssl_msg="rustls" +- test rustls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes +- ], +- AC_MSG_ERROR([--with-rustls was specified but could not find rustls.]), +- -lpthread -ldl -lm) +- fi ++ if test "$PKGTEST" != "yes"; then ++ # try lib64 instead ++ RUSTLS_PCDIR="$PREFIX_RUSTLS/lib64/pkgconfig" ++ if test -f "$RUSTLS_PCDIR/rustls.pc"; then ++ AC_MSG_NOTICE([PKG_CONFIG_LIBDIR will be set to "$RUSTLS_PCDIR"]) ++ PKGTEST="yes" ++ fi ++ fi ++ ++ if test "$PKGTEST" != "yes"; then ++ dnl pkg-config came up empty, use what we got ++ dnl via --with-rustls + +- if test "x$USE_RUSTLS" = "xyes"; then +- AC_MSG_NOTICE([detected rustls]) +- check_for_ca_bundle=1 +- +- LIBS="-lrustls -lpthread -ldl -lm $LIBS" +- +- if test -n "$rustlslib"; then +- dnl when shared libs were found in a path that the run-time +- dnl linker doesn't search through, we need to add it to +- dnl CURL_LIBRARY_PATH to prevent further configure tests to fail +- dnl due to this +- if test "x$cross_compiling" != "xyes"; then +- CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$rustlslib" +- export CURL_LIBRARY_PATH +- AC_MSG_NOTICE([Added $rustlslib to CURL_LIBRARY_PATH]) ++ addld=-L$PREFIX_RUSTLS/lib$libsuff ++ addcflags=-I$PREFIX_RUSTLS/include ++ ++ LDFLAGS="$LDFLAGS $addld" ++ if test "$addcflags" != "-I/usr/include"; then ++ CPPFLAGS="$CPPFLAGS $addcflags" ++ fi ++ ++ AC_CHECK_LIB(rustls, rustls_connection_read, ++ [ ++ AC_DEFINE(USE_RUSTLS, 1, [if rustls is enabled]) ++ AC_SUBST(USE_RUSTLS, [1]) ++ RUSTLS_ENABLED=1 ++ USE_RUSTLS="yes" ++ ssl_msg="rustls" ++ test rustls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes ++ ], ++ AC_MSG_ERROR([--with-rustls was specified but could not find rustls.]), ++ -lpthread -ldl -lm) ++ ++ USE_RUSTLS="yes" ++ ssl_msg="rustls" ++ ++ LIB_RUSTLS="$PREFIX_RUSTLS/lib$libsuff" ++ if test "$PREFIX_RUSTLS" != "/usr" ; then ++ SSL_LDFLAGS="-L$LIB_RUSTLS" ++ SSL_CPPFLAGS="-I$PREFIX_RUSTLS/include" + fi + fi ++ ;; ++ esac ++ ++ if test "$PKGTEST" = "yes"; then ++ ++ CURL_CHECK_PKGCONFIG(rustls, [$RUSTLS_PCDIR]) ++ ++ if test "$PKGCONFIG" != "no" ; then ++ SSL_LIBS=`CURL_EXPORT_PCDIR([$RUSTLS_PCDIR]) dnl ++ $PKGCONFIG --libs-only-l --libs-only-other rustls 2>/dev/null` ++ ++ SSL_LDFLAGS=`CURL_EXPORT_PCDIR([$RUSTLS_PCDIR]) dnl ++ $PKGCONFIG --libs-only-L rustls 2>/dev/null` ++ ++ SSL_CPPFLAGS=`CURL_EXPORT_PCDIR([$RUSTLS_PCDIR]) dnl ++ $PKGCONFIG --cflags-only-I rustls 2>/dev/null` ++ ++ AC_SUBST(SSL_LIBS) ++ AC_MSG_NOTICE([pkg-config: SSL_LIBS: "$SSL_LIBS"]) ++ AC_MSG_NOTICE([pkg-config: SSL_LDFLAGS: "$SSL_LDFLAGS"]) ++ AC_MSG_NOTICE([pkg-config: SSL_CPPFLAGS: "$SSL_CPPFLAGS"]) ++ ++ LIB_RUSTLS=`echo $SSL_LDFLAGS | sed -e 's/^-L//'` ++ ++ dnl use the values pkg-config reported. This is here ++ dnl instead of below with CPPFLAGS and LDFLAGS because we only ++ dnl learn about this via pkg-config. If we only have ++ dnl the argument to --with-rustls we don't know what ++ dnl additional libs may be necessary. Hope that we ++ dnl don't need any. ++ LIBS="$SSL_LIBS $LIBS" ++ USE_RUSTLS="yes" ++ ssl_msg="rustls" ++ AC_DEFINE(USE_RUSTLS, 1, [if rustls is enabled]) ++ AC_SUBST(USE_RUSTLS, [1]) ++ USE_RUSTLS="yes" ++ RUSTLS_ENABLED=1 ++ test rustls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes ++ else ++ AC_MSG_ERROR([pkg-config: Could not find rustls]) + fi + +- fi dnl rustls not disabled ++ else ++ dnl we did not use pkg-config, so we need to add the ++ dnl rustls lib to LIBS ++ LIBS="-lrustls -lpthread -ldl -lm $LIBS" ++ fi ++ ++ dnl finally, set flags to use this TLS backend ++ CPPFLAGS="$CLEAN_CPPFLAGS $SSL_CPPFLAGS" ++ LDFLAGS="$CLAN_LDFLAGS $SSL_LDFLAGS" ++ ++ if test "x$USE_RUSTLS" = "xyes"; then ++ AC_MSG_NOTICE([detected rustls]) ++ check_for_ca_bundle=1 ++ ++ if test -n "$LIB_RUSTLS"; then ++ dnl when shared libs were found in a path that the run-time ++ dnl linker does not search through, we need to add it to ++ dnl CURL_LIBRARY_PATH so that further configure tests do not ++ dnl fail due to this ++ if test "x$cross_compiling" != "xyes"; then ++ CURL_LIBRARY_PATH="$CURL_LIBRARY_PATH:$LIB_RUSTLS" ++ export CURL_LIBRARY_PATH ++ AC_MSG_NOTICE([Added $LIB_RUSTLS to CURL_LIBRARY_PATH]) ++ fi ++ fi ++ fi + + test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg" ++ ++ if test X"$OPT_RUSTLS" != Xno && ++ test "$RUSTLS_ENABLED" != "1"; then ++ AC_MSG_NOTICE([OPT_RUSTLS: $OPT_RUSTLS]) ++ AC_MSG_NOTICE([RUSTLS_ENABLED: $RUSTLS_ENABLED]) ++ AC_MSG_ERROR([--with-rustls was given but Rustls could not be detected]) ++ fi + fi + ]) ++ ++ ++RUSTLS_ENABLED +-- +2.44.0 + diff --git a/net-misc/curl/files/curl-8.7.1-fix-pkgconfig-macros.patch b/net-misc/curl/files/curl-8.7.1-fix-pkgconfig-macros.patch deleted file mode 100644 index 91aed9582521..000000000000 --- a/net-misc/curl/files/curl-8.7.1-fix-pkgconfig-macros.patch +++ /dev/null @@ -1,39 +0,0 @@ -https://github.com/curl/curl/pull/13202 -From: Matt Jolly -Date: Wed, 27 Mar 2024 22:52:26 +1000 -Subject: [PATCH] m4: fix rustls pkg-config codepath - -The previous pkg-config code would successfully detect rustls -but did not set all appropriate variables and call the right macros to -properly configure cURL. - -Closes: #13200 ---- a/m4/curl-rustls.m4 -+++ b/m4/curl-rustls.m4 -@@ -142,6 +142,10 @@ if test "x$OPT_RUSTLS" != xno; then - LIBS="$SSL_LIBS $LIBS" - USE_RUSTLS="yes" - ssl_msg="rustls" -+ AC_DEFINE(USE_RUSTLS, 1, [if rustls is enabled]) -+ AC_SUBST(USE_RUSTLS, [1]) -+ RUSTLS_ENABLED=1 -+ test rustls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes - else - AC_MSG_ERROR([pkg-config: Could not find rustls]) - fi -@@ -174,5 +178,15 @@ if test "x$OPT_RUSTLS" != xno; then - fi - - test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg" -+ -+ if test X"$OPT_RUSTLS" != Xno && -+ test "$RUSTLS_ENABLED" != "1"; then -+ AC_MSG_NOTICE([OPT_RUSTLS: $OPT_RUSTLS]) -+ AC_MSG_NOTICE([RUSTLS_ENABLED: $RUSTLS_ENABLED]) -+ AC_MSG_ERROR([--with-rustls was given but Rustls could not be detected]) -+ fi - fi - ]) -+ -+ -+RUSTLS_ENABLED diff --git a/net-misc/curl/files/curl-8.7.1-rustls-fixes.patch b/net-misc/curl/files/curl-8.7.1-rustls-fixes.patch new file mode 100644 index 000000000000..81bcb0734339 --- /dev/null +++ b/net-misc/curl/files/curl-8.7.1-rustls-fixes.patch @@ -0,0 +1,49 @@ +From a866b062b17ab94b16b817ab9969c561364a4d72 Mon Sep 17 00:00:00 2001 +From: Matt Jolly +Date: Mon, 1 Apr 2024 08:36:51 +1000 +Subject: [PATCH] m4: fix rustls builds + +This patch consolidates the following commits to do with rustls +detection using pkg-config: + +- https://github.com/curl/curl/commit/9c4209837094781d5eef69ae6bcad0e86b64bf99 +- https://github.com/curl/curl/commit/5a50cb5a18a141a463148562dab83fa3be1a3b90 +--- + m4/curl-rustls.m4 | 15 +++++++++++++++ + 1 file changed, 15 insertions(+) + +diff --git a/m4/curl-rustls.m4 b/m4/curl-rustls.m4 +index 7c55230..8082cf9 100644 +--- a/m4/curl-rustls.m4 ++++ b/m4/curl-rustls.m4 +@@ -142,6 +142,11 @@ if test "x$OPT_RUSTLS" != xno; then + LIBS="$SSL_LIBS $LIBS" + USE_RUSTLS="yes" + ssl_msg="rustls" ++ AC_DEFINE(USE_RUSTLS, 1, [if rustls is enabled]) ++ AC_SUBST(USE_RUSTLS, [1]) ++ USE_RUSTLS="yes" ++ RUSTLS_ENABLED=1 ++ test rustls != "$DEFAULT_SSL_BACKEND" || VALID_DEFAULT_SSL_BACKEND=yes + else + AC_MSG_ERROR([pkg-config: Could not find rustls]) + fi +@@ -174,5 +179,15 @@ if test "x$OPT_RUSTLS" != xno; then + fi + + test -z "$ssl_msg" || ssl_backends="${ssl_backends:+$ssl_backends, }$ssl_msg" ++ ++ if test X"$OPT_RUSTLS" != Xno && ++ test "$RUSTLS_ENABLED" != "1"; then ++ AC_MSG_NOTICE([OPT_RUSTLS: $OPT_RUSTLS]) ++ AC_MSG_NOTICE([RUSTLS_ENABLED: $RUSTLS_ENABLED]) ++ AC_MSG_ERROR([--with-rustls was given but Rustls could not be detected]) ++ fi + fi + ]) ++ ++ ++RUSTLS_ENABLED +-- +2.44.0 + diff --git a/net-misc/passt/Manifest b/net-misc/passt/Manifest index ae702608bc0c..0e4eb1674873 100644 --- a/net-misc/passt/Manifest +++ b/net-misc/passt/Manifest @@ -2,8 +2,10 @@ AUX Makefile-2024.03.20.patch 433 BLAKE2B 5e64a2a449806698bc812e38bfe46860e13a3b DIST passt-2023.12.04.tar.xz 188136 BLAKE2B f1d72fbb4bbb25f6a11e9ff87a91cf9bac06e047b8cb9a8b40402ced1422c23b105fa7e64646698d38ad747efa449c34cfdaecf492a3e4984114cbcf60656cdc SHA512 febd9fa22363438b52b2688481183d81c22966e1775139fc559dbfa50437c9b00ba09800db867738d25fcea8ac05d4589b75dcd2d0c88eeffefc0598d4236001 DIST passt-2023.12.30.tar.xz 188596 BLAKE2B 75712a7cb7a00fea20427979153090d938b8c7b0e3da61c83cabb3751786034df35ebbe8afbd991d582a680f55b12792547b68efa931a5576dc181040b31e5fd SHA512 4b19d191e2526bacc61bb8ab2964f5da4e0535656b094a7592f91d6b437c855a586fc772e2abd89138ff4f89aae12ade494c6e0fe7bee1502fe319215200d8f0 DIST passt-2024.03.20.tar.xz 195332 BLAKE2B 1bed740ddd235f300a4233fb2024f155758809589f1fdd2174ab99a8a93dd16044ab41814b215d12eb1e557966a73a3754bbff2b9acd752b45b385edd88ba3c7 SHA512 3701820e539545771d0f867fe0b8977cb5967e7501413f717fed08d2d2c141f17d86ed7238177b4fb4cf4cfc01c6c9d07e3c218c34b48e0a5a1f2b2ce8a5b903 +DIST passt-2024.03.26.tar.xz 195348 BLAKE2B d91e6ac1d50aae04ceb53a34341b545ff644ceccdfcfab461907050612d9d871f61591aac02ebddef9a607a9b39ce5017a2fc47c9189f85b9b9a70a30d010e4c SHA512 da771f8f334862f81702b22688c9d3552aefc2883b5a44c39156ff7a69f301cabf52fa0fb13f8695240db5411c498806d28d847fca8caff2bedb69d1a4b4e5a7 EBUILD passt-2023.12.04.ebuild 707 BLAKE2B fe3b6c4c697e725c51b3cefec18e7501055c3abb0d2cb74d8b5983a73a6803ff2a5fafa2502b54725e4225072a5fa2dc6e0043524c89c6019d5380df79314aeb SHA512 0845a4d1dda79af28f08b2735297cd8fc515460df24fa9cf8d5d8653ffa3c20379e3ab5167b895fcd35b7f2068531aebe7c2e51fe9b86a65aa526f9a2cbf3306 EBUILD passt-2023.12.30.ebuild 714 BLAKE2B afabcac34eb836f21812deeb1946d657a9bb7ed3e87868a2d50641ca8a21f43f869397f6ffe8736f66f96bf890f19f3c59f8f4c43956abfc9a0f8d17fa278b17 SHA512 e75a6066c5d13053047843c2bb0be917941d97305a53138e68dd6b5f758be01a623ca66c4d7dee37e14fc8fab212248d131cc1ccec049a506bc4ca0f679f2ec7 EBUILD passt-2024.03.20.ebuild 842 BLAKE2B bdfd388a62cee3b064e5bdfd3f3960ff19fd505365469b3e5cc0d0148139b8dfb02020af67fda5be6e313faf1294a96ad6df106b8bf8b2fa01ee234285179bf7 SHA512 0c3f1480d9a325fba24471cd97a0030047d9f78261e93fc33429d6a56cb593f27828de96ddf5fd3cce547f0cfb95d5af8d5eae5331f9b29d9b565ac38ce94b27 -EBUILD passt-9999.ebuild 835 BLAKE2B 9ebedc9984187b66967d1061ee9d0017763e7dc873f705705da3baaf35859c173caf5aa88216d208de37fa17697945828e930a82c2cd3411d7ad27820489f521 SHA512 47c610d1df6e94f658265c5c20a31d0b2c0b8df8b6a2229cb9e00910c87c372410ddd36c0a9da584c8b2dc4d6984bac468951d9cd04609d6c7763e19e582cd3c +EBUILD passt-2024.03.26.ebuild 842 BLAKE2B 2d3a84c42100682fc7cf027c16545a8ccb811f943a43bad17d8c8f00dfcbb54c5ecd73bb8e0690165dfa896baa6a898e95aa0c57482ec878b2d5bb46c593a2ac SHA512 7155fef1d337530c70ec44bef45a6acf5dbc9f747953a77569db921324ea0e69c3d314144735af83f33feef97f148fabd96c89779c17837f7062bdb4288f3a32 +EBUILD passt-9999.ebuild 842 BLAKE2B 2d3a84c42100682fc7cf027c16545a8ccb811f943a43bad17d8c8f00dfcbb54c5ecd73bb8e0690165dfa896baa6a898e95aa0c57482ec878b2d5bb46c593a2ac SHA512 7155fef1d337530c70ec44bef45a6acf5dbc9f747953a77569db921324ea0e69c3d314144735af83f33feef97f148fabd96c89779c17837f7062bdb4288f3a32 MISC metadata.xml 1410 BLAKE2B 415cf4ab3e0d993066251ff9e136ea4a5ef13fc50b838b5dd057784600b5fb89fecb411cc0d61d08459e34da7fe34097d22b8908240f3e46e6ff50f503aa7089 SHA512 85d756f5b8077fb0838e1881f9ef48f08ca8da1ca540d8677632c81d34765d6fb1483b3fdd0eead64467aa7872b1ca133745610736d0afc5a2b8223abacc1cb6 diff --git a/net-misc/passt/passt-2024.03.26.ebuild b/net-misc/passt/passt-2024.03.26.ebuild new file mode 100644 index 000000000000..90df839f93d9 --- /dev/null +++ b/net-misc/passt/passt-2024.03.26.ebuild @@ -0,0 +1,40 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit toolchain-funcs + +DESCRIPTION="User-mode networking daemons for VMs and namespaces, replacement for Slirp" +HOMEPAGE="https://passt.top/" + +RELEASE_COMMIT="4988e2b" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="git://passt.top/passt" +else + SRC_URI="https://passt.top/passt/snapshot/passt-${RELEASE_COMMIT}.tar.xz -> ${P}.tar.xz" + S="${WORKDIR}/${PN}-${RELEASE_COMMIT}" + KEYWORDS="~amd64 ~arm64 ~riscv" +fi + +LICENSE="BSD GPL-2+" +SLOT="0" +IUSE="static" + +PATCHES=( + "${FILESDIR}"/Makefile-2024.03.20.patch +) + +src_prepare() { + default + tc-export CC +} + +src_compile() { + [[ ${PV} != 9999* ]] && export VERSION="${PV}" + export prefix="${EPREFIX}/usr" docdir="${EPREFIX}/usr/share/doc/${P}" + + emake $(usev static) +} diff --git a/net-misc/passt/passt-9999.ebuild b/net-misc/passt/passt-9999.ebuild index 267622576406..90df839f93d9 100644 --- a/net-misc/passt/passt-9999.ebuild +++ b/net-misc/passt/passt-9999.ebuild @@ -8,7 +8,7 @@ inherit toolchain-funcs DESCRIPTION="User-mode networking daemons for VMs and namespaces, replacement for Slirp" HOMEPAGE="https://passt.top/" -RELEASE_COMMIT="71dd405" +RELEASE_COMMIT="4988e2b" if [[ ${PV} == 9999* ]]; then inherit git-r3 @@ -16,7 +16,7 @@ if [[ ${PV} == 9999* ]]; then else SRC_URI="https://passt.top/passt/snapshot/passt-${RELEASE_COMMIT}.tar.xz -> ${P}.tar.xz" S="${WORKDIR}/${PN}-${RELEASE_COMMIT}" - KEYWORDS="~amd64 ~riscv" + KEYWORDS="~amd64 ~arm64 ~riscv" fi LICENSE="BSD GPL-2+" -- cgit v1.2.3