[gentoo-commits] repo/gentoo:master commit in: net-misc/curl/ - gentoo-commits

From:	"Anthony G. Basile" <blueness@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: net-misc/curl/
Date:	Fri, 01 Jul 2022 16:28:26
Message-Id:	`1656692898.a957bace24527ebae083d99b115f83b1b6e59b38.blueness@gentoo`

1

commit:     a957bace24527ebae083d99b115f83b1b6e59b38

2

Author:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>

3

AuthorDate: Fri Jul  1 16:28:06 2022 +0000

4

Commit:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>

5

CommitDate: Fri Jul  1 16:28:18 2022 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a957bace

7

8

net-misc/curl: security version bump to 7.84.0, bug #854708

9

10

Package-Manager: Portage-3.0.30, Repoman-3.0.3

11

Signed-off-by: Anthony G. Basile <blueness <AT> gentoo.org>

12

13

 net-misc/curl/Manifest           |   2 +

14

 net-misc/curl/curl-7.84.0.ebuild | 288 +++++++++++++++++++++++++++++++++++++++

15

 2 files changed, 290 insertions(+)

16

17

diff --git a/net-misc/curl/Manifest b/net-misc/curl/Manifest

18

index 26281353165e..b649227f055b 100644

19

--- a/net-misc/curl/Manifest

20

+++ b/net-misc/curl/Manifest

21

@@ -2,3 +2,5 @@ DIST curl-7.79.1.tar.xz 2465212 BLAKE2B 2b694f96661c0aa0a136fdae4159e0ca8e811557

22

 DIST curl-7.79.1.tar.xz.asc 488 BLAKE2B cf1864b15ee4b47a61a03968c4fd9526d4c8d0c5a8a0a1357de61758640e6dfda57334df1e63afd94c0064b7e61527623dd20446b27fa0130e0bf92c647d9820 SHA512 4f7930fde0a21358cf0bd8d5cbde5a05efc34202265b4744e59f49d9dc269987f47b4ead77c33e2ae03acabd7b6d6a731c69b91999eea70542f49d9ea0c2ba94

23

 DIST curl-7.83.1.tar.xz 2474940 BLAKE2B 491427b12f082c2246ef6cb2a129340079db28bd93b4381889e7328bef1d61a79bb57cba4b8372759baa4f6e77644966ed95cfa8f839ee9db634786757fb1ce0 SHA512 2f63327d6d3687ba36fb7b8d5d3d15599eca33ebfb08681613612ea9c4b629d3b6ce4d2742fa1ebd7a997ed332001d3a4c798985f9277c83b9e7a9aecdb1b1ee

24

 DIST curl-7.83.1.tar.xz.asc 488 BLAKE2B 78f7a6d9a32cab97e9ce26430eb2be2bc4e20552cf8c59238f30f127e9d7af5b4f9808c3fe0846c18c8f7a67b49f2f75d865d17b7760bb664872934799949441 SHA512 f0d29de315488c844eb81ed5a89ed6334910970224c8cac43e7e6f2d58c35ad0064c0b6122e69b3a34ce91f4b56873c63e2e8aea1c602ef40711bfd62a01b191

25

+DIST curl-7.84.0.tar.xz 2477944 BLAKE2B 811a63285f39a598bc4fd73ae4b8e23e5146b93dcf3eea805345792b7dddd85bbd54240d9871a0dc9f058d58fd7ea7f4efbcb82727218e8afaaae3600bad55e1 SHA512 86231866a35593a1637fbc0c6af3b6761bdfd99fb35580cc52970c36f19604f93dce59fea67a1d5bb4b455f719307599c7916c77d14f2b661f6bf7fb1ca716ce

26

+DIST curl-7.84.0.tar.xz.asc 488 BLAKE2B d74dea89fa89b6ed0a928e01987669f7dde0bcbb30423ea0f3af9f31eea1e059d458629d80455d772264d744fab236d4f506545afa1bfbd6ded7e2b27192a7c8 SHA512 80ff5274277ad97448fa53511bab6e8a1c302bcb25fc0916d78b8dc6c6af43d944c37c4ed46668b651cc639ec4964780725117ca0e85168ea66ad7cc98d29702

27

28

diff --git a/net-misc/curl/curl-7.84.0.ebuild b/net-misc/curl/curl-7.84.0.ebuild

29

new file mode 100644

30

index 000000000000..150319f8e7d6

31

--- /dev/null

32

+++ b/net-misc/curl/curl-7.84.0.ebuild

33

@@ -0,0 +1,288 @@

34

+# Copyright 1999-2022 Gentoo Authors

35

+# Distributed under the terms of the GNU General Public License v2

36

+

37

+EAPI="8"

38

+

39

+inherit autotools prefix multilib-minimal verify-sig

40

+

41

+DESCRIPTION="A Client that groks URLs"

42

+HOMEPAGE="https://curl.haxx.se/"

43

+SRC_URI="https://curl.haxx.se/download/${P}.tar.xz

44

+	verify-sig? ( https://curl.haxx.se/download/${P}.tar.xz.asc )"

45

+

46

+LICENSE="curl"

47

+SLOT="0"

48

+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"

49

+IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads zstd"

50

+IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl"

51

+IUSE+=" nghttp3 quiche"

52

+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc

53

+

54

+# c-ares must be disabled for threads

55

+# only one default ssl provider can be enabled

56

+REQUIRED_USE="

57

+	threads? ( !adns )

58

+	ssl? (

59

+		^^ (

60

+			curl_ssl_gnutls

61

+			curl_ssl_mbedtls

62

+			curl_ssl_nss

63

+			curl_ssl_openssl

64

+		)

65

+	)"

66

+

67

+# lead to lots of false negatives, bug #285669

68

+RESTRICT="!test? ( test )"

69

+

70

+RDEPEND="ldap? ( net-nds/openldap:=[${MULTILIB_USEDEP}] )

71

+	brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] )

72

+	ssl? (

73

+		gnutls? (

74

+			net-libs/gnutls:0=[static-libs?,${MULTILIB_USEDEP}]

75

+			dev-libs/nettle:0=[${MULTILIB_USEDEP}]

76

+			app-misc/ca-certificates

77

+		)

78

+		mbedtls? (

79

+			net-libs/mbedtls:0=[${MULTILIB_USEDEP}]

80

+			app-misc/ca-certificates

81

+		)

82

+		openssl? (

83

+			dev-libs/openssl:0=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}]

84

+		)

85

+		nss? (

86

+			dev-libs/nss:0[${MULTILIB_USEDEP}]

87

+			app-misc/ca-certificates

88

+		)

89

+	)

90

+	http2? ( net-libs/nghttp2:=[${MULTILIB_USEDEP}] )

91

+	nghttp3? (

92

+		net-libs/nghttp3[${MULTILIB_USEDEP}]

93

+		net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}]

94

+	)

95

+	quiche? ( >=net-libs/quiche-0.3.0[${MULTILIB_USEDEP}] )

96

+	idn? ( net-dns/libidn2:0=[static-libs?,${MULTILIB_USEDEP}] )

97

+	adns? ( net-dns/c-ares:0=[${MULTILIB_USEDEP}] )

98

+	kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )

99

+	rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] )

100

+	ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] )

101

+	sys-libs/zlib[${MULTILIB_USEDEP}]

102

+	zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )"

103

+

104

+# Do we need to enforce the same ssl backend for curl and rtmpdump? Bug #423303

105

+#	rtmp? (

106

+#		media-video/rtmpdump

107

+#		curl_ssl_gnutls? ( media-video/rtmpdump[gnutls] )

108

+#		curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,ssl] )

109

+#	)

110

+

111

+DEPEND="${RDEPEND}"

112

+BDEPEND="dev-lang/perl

113

+	virtual/pkgconfig

114

+	test? (

115

+		sys-apps/diffutils

116

+	)

117

+	verify-sig? ( sec-keys/openpgp-keys-danielstenberg )"

118

+

119

+DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} )

120

+

121

+MULTILIB_WRAPPED_HEADERS=(

122

+	/usr/include/curl/curlbuild.h

123

+)

124

+

125

+MULTILIB_CHOST_TOOLS=(

126

+	/usr/bin/curl-config

127

+)

128

+

129

+PATCHES=(

130

+	"${FILESDIR}"/${PN}-7.30.0-prefix.patch

131

+	"${FILESDIR}"/${PN}-respect-cflags-3.patch

132

+)

133

+

134

+src_prepare() {

135

+	default

136

+

137

+	eprefixify curl-config.in

138

+	eautoreconf

139

+}

140

+

141

+multilib_src_configure() {

142

+	# We make use of the fact that later flags override earlier ones

143

+	# So start with all ssl providers off until proven otherwise

144

+	# TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/)

145

+	local myconf=()

146

+

147

+	myconf+=( --without-gnutls --without-mbedtls --without-nss --without-ssl )

148

+	myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt  )

149

+	#myconf+=( --without-default-ssl-backend )

150

+	if use ssl ; then

151

+		if use gnutls || use curl_ssl_gnutls; then

152

+			einfo "SSL provided by gnutls"

153

+			myconf+=( --with-gnutls --with-nettle )

154

+		fi

155

+		if use mbedtls || use curl_ssl_mbedtls; then

156

+			einfo "SSL provided by mbedtls"

157

+			myconf+=( --with-mbedtls )

158

+		fi

159

+		if use nss || use curl_ssl_nss; then

160

+			einfo "SSL provided by nss"

161

+			myconf+=( --with-nss --with-nss-deprecated )

162

+		fi

163

+		if use openssl || use curl_ssl_openssl; then

164

+			einfo "SSL provided by openssl"

165

+			myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )

166

+		fi

167

+

168

+		if use curl_ssl_gnutls; then

169

+			einfo "Default SSL provided by gnutls"

170

+			myconf+=( --with-default-ssl-backend=gnutls )

171

+		elif use curl_ssl_mbedtls; then

172

+			einfo "Default SSL provided by mbedtls"

173

+			myconf+=( --with-default-ssl-backend=mbedtls )

174

+		elif use curl_ssl_nss; then

175

+			einfo "Default SSL provided by nss"

176

+			myconf+=( --with-default-ssl-backend=nss )

177

+		elif use curl_ssl_openssl; then

178

+			einfo "Default SSL provided by openssl"

179

+			myconf+=( --with-default-ssl-backend=openssl )

180

+		else

181

+			eerror "We can't be here because of REQUIRED_USE."

182

+		fi

183

+

184

+	else

185

+		einfo "SSL disabled"

186

+	fi

187

+

188

+	# These configuration options are organized alphabetically

189

+	# within each category.  This should make it easier if we

190

+	# ever decide to make any of them contingent on USE flags:

191

+	# 1) protocols first.  To see them all do

192

+	# 'grep SUPPORT_PROTOCOLS configure.ac'

193

+	# 2) --enable/disable options second.

194

+	# 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort

195

+	# 3) --with/without options third.

196

+	# grep -- --with configure | grep Check | awk '{ print $4 }' | sort

197

+

198

+	myconf+=(

199

+		$(use_enable alt-svc)

200

+		--enable-crypto-auth

201

+		--enable-dict

202

+		--disable-ech

203

+		--enable-file

204

+		$(use_enable ftp)

205

+		$(use_enable gopher)

206

+		$(use_enable hsts)

207

+		--enable-http

208

+		$(use_enable imap)

209

+		$(use_enable ldap)

210

+		$(use_enable ldap ldaps)

211

+		--enable-ntlm

212

+		--disable-ntlm-wb

213

+		$(use_enable pop3)

214

+		--enable-rt

215

+		--enable-rtsp

216

+		$(use_enable samba smb)

217

+		$(use_with ssh libssh2)

218

+		$(use_enable smtp)

219

+		$(use_enable telnet)

220

+		$(use_enable tftp)

221

+		--enable-tls-srp

222

+		$(use_enable adns ares)

223

+		--enable-cookies

224

+		--enable-dateparse

225

+		--enable-dnsshuffle

226

+		--enable-doh

227

+		--enable-symbol-hiding

228

+		--enable-http-auth

229

+		$(use_enable ipv6)

230

+		--enable-largefile

231

+		--enable-manual

232

+		--enable-mime

233

+		--enable-netrc

234

+		$(use_enable progress-meter)

235

+		--enable-proxy

236

+		--disable-sspi

237

+		$(use_enable static-libs static)

238

+		$(use_enable threads threaded-resolver)

239

+		$(use_enable threads pthreads)

240

+		--disable-versioned-symbols

241

+		--without-amissl

242

+		--without-bearssl

243

+		$(use_with brotli)

244

+		--without-fish-functions-dir

245

+		$(use_with http2 nghttp2)

246

+		--without-hyper

247

+		$(use_with idn libidn2)

248

+		$(use_with kerberos gssapi "${EPREFIX}"/usr)

249

+		--without-libgsasl

250

+		--without-libpsl

251

+		--without-msh3

252

+		$(use_with nghttp3)

253

+		$(use_with nghttp3 ngtcp2)

254

+		$(use_with quiche)

255

+		$(use_with rtmp librtmp)

256

+		--without-rustls

257

+		--without-schannel

258

+		--without-secure-transport

259

+		--without-winidn

260

+		--without-wolfssl

261

+		--with-zlib

262

+		$(use_with zstd)

263

+	)

264

+

265

+	ECONF_SOURCE="${S}" \

266

+	econf "${myconf[@]}"

267

+

268

+	if ! multilib_is_native_abi; then

269

+		# avoid building the client

270

+		sed -i -e '/SUBDIRS/s:src::' Makefile || die

271

+		sed -i -e '/SUBDIRS/s:scripts::' Makefile || die

272

+	fi

273

+

274

+	# Fix up the pkg-config file to be more robust.

275

+	# https://github.com/curl/curl/issues/864

276

+	local priv=() libs=()

277

+	# We always enable zlib.

278

+	libs+=( "-lz" )

279

+	priv+=( "zlib" )

280

+	if use http2; then

281

+		libs+=( "-lnghttp2" )

282

+		priv+=( "libnghttp2" )

283

+	fi

284

+	if use quiche; then

285

+		libs+=( "-lquiche" )

286

+		priv+=( "quiche" )

287

+	fi

288

+	if use nghttp3; then

289

+		libs+=( "-lnghttp3" "-lngtcp2" )

290

+		priv+=( "libnghttp3" "-libtcp2" )

291

+	fi

292

+	if use ssl && use curl_ssl_openssl; then

293

+		libs+=( "-lssl" "-lcrypto" )

294

+		priv+=( "openssl" )

295

+	fi

296

+	grep -q Requires.private libcurl.pc && die "need to update ebuild"

297

+	libs=$(printf '|%s' "${libs[@]}")

298

+	sed -i -r \

299

+		-e "/^Libs.private/s:(${libs#|})( |$)::g" \

300

+		libcurl.pc || die

301

+	echo "Requires.private: ${priv[*]}" >> libcurl.pc

302

+}

303

+

304

+multilib_src_test() {

305

+	# See https://github.com/curl/curl/blob/master/tests/runtests.pl#L5721

306

+	# -n: no valgrind (unreliable in sandbox and doesn't work correctly on all arches)

307

+	# -v: verbose

308

+	# -a: keep going on failure (so we see everything which breaks, not just 1st test)

309

+	# -k: keep test files after completion

310

+	# -am: automake style TAP output

311

+	# -p: print logs if test fails

312

+	# Note: if needed, we can disable tests. See e.g. Fedora's packaging

313

+	# or just read https://github.com/curl/curl/tree/master/tests#run.

314

+	multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p"

315

+}

316

+

317

+multilib_src_install_all() {

318

+	einstalldocs

319

+	find "${ED}" -type f -name '*.la' -delete || die

320

+	rm -rf "${ED}"/etc/ || die

321

+}

1	commit: a957bace24527ebae083d99b115f83b1b6e59b38
2	Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
3	AuthorDate: Fri Jul 1 16:28:06 2022 +0000
4	Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
5	CommitDate: Fri Jul 1 16:28:18 2022 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a957bace
7
8	net-misc/curl: security version bump to 7.84.0, bug #854708
9
10	Package-Manager: Portage-3.0.30, Repoman-3.0.3
11	Signed-off-by: Anthony G. Basile <blueness <AT> gentoo.org>
12
13	net-misc/curl/Manifest \| 2 +
14	net-misc/curl/curl-7.84.0.ebuild \| 288 +++++++++++++++++++++++++++++++++++++++
15	2 files changed, 290 insertions(+)
16
17	diff --git a/net-misc/curl/Manifest b/net-misc/curl/Manifest
18	index 26281353165e..b649227f055b 100644
19	--- a/net-misc/curl/Manifest
20	+++ b/net-misc/curl/Manifest
21	@@ -2,3 +2,5 @@ DIST curl-7.79.1.tar.xz 2465212 BLAKE2B 2b694f96661c0aa0a136fdae4159e0ca8e811557
22	DIST curl-7.79.1.tar.xz.asc 488 BLAKE2B cf1864b15ee4b47a61a03968c4fd9526d4c8d0c5a8a0a1357de61758640e6dfda57334df1e63afd94c0064b7e61527623dd20446b27fa0130e0bf92c647d9820 SHA512 4f7930fde0a21358cf0bd8d5cbde5a05efc34202265b4744e59f49d9dc269987f47b4ead77c33e2ae03acabd7b6d6a731c69b91999eea70542f49d9ea0c2ba94
23	DIST curl-7.83.1.tar.xz 2474940 BLAKE2B 491427b12f082c2246ef6cb2a129340079db28bd93b4381889e7328bef1d61a79bb57cba4b8372759baa4f6e77644966ed95cfa8f839ee9db634786757fb1ce0 SHA512 2f63327d6d3687ba36fb7b8d5d3d15599eca33ebfb08681613612ea9c4b629d3b6ce4d2742fa1ebd7a997ed332001d3a4c798985f9277c83b9e7a9aecdb1b1ee
24	DIST curl-7.83.1.tar.xz.asc 488 BLAKE2B 78f7a6d9a32cab97e9ce26430eb2be2bc4e20552cf8c59238f30f127e9d7af5b4f9808c3fe0846c18c8f7a67b49f2f75d865d17b7760bb664872934799949441 SHA512 f0d29de315488c844eb81ed5a89ed6334910970224c8cac43e7e6f2d58c35ad0064c0b6122e69b3a34ce91f4b56873c63e2e8aea1c602ef40711bfd62a01b191
25	+DIST curl-7.84.0.tar.xz 2477944 BLAKE2B 811a63285f39a598bc4fd73ae4b8e23e5146b93dcf3eea805345792b7dddd85bbd54240d9871a0dc9f058d58fd7ea7f4efbcb82727218e8afaaae3600bad55e1 SHA512 86231866a35593a1637fbc0c6af3b6761bdfd99fb35580cc52970c36f19604f93dce59fea67a1d5bb4b455f719307599c7916c77d14f2b661f6bf7fb1ca716ce
26	+DIST curl-7.84.0.tar.xz.asc 488 BLAKE2B d74dea89fa89b6ed0a928e01987669f7dde0bcbb30423ea0f3af9f31eea1e059d458629d80455d772264d744fab236d4f506545afa1bfbd6ded7e2b27192a7c8 SHA512 80ff5274277ad97448fa53511bab6e8a1c302bcb25fc0916d78b8dc6c6af43d944c37c4ed46668b651cc639ec4964780725117ca0e85168ea66ad7cc98d29702
27
28	diff --git a/net-misc/curl/curl-7.84.0.ebuild b/net-misc/curl/curl-7.84.0.ebuild
29	new file mode 100644
30	index 000000000000..150319f8e7d6
31	--- /dev/null
32	+++ b/net-misc/curl/curl-7.84.0.ebuild
33	@@ -0,0 +1,288 @@
34	+# Copyright 1999-2022 Gentoo Authors
35	+# Distributed under the terms of the GNU General Public License v2
36	+
37	+EAPI="8"
38	+
39	+inherit autotools prefix multilib-minimal verify-sig
40	+
41	+DESCRIPTION="A Client that groks URLs"
42	+HOMEPAGE="https://curl.haxx.se/"
43	+SRC_URI="https://curl.haxx.se/download/${P}.tar.xz
44	+ verify-sig? ( https://curl.haxx.se/download/${P}.tar.xz.asc )"
45	+
46	+LICENSE="curl"
47	+SLOT="0"
48	+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
49	+IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads zstd"
50	+IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl"
51	+IUSE+=" nghttp3 quiche"
52	+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc
53	+
54	+# c-ares must be disabled for threads
55	+# only one default ssl provider can be enabled
56	+REQUIRED_USE="
57	+ threads? ( !adns )
58	+ ssl? (
59	+ ^^ (
60	+ curl_ssl_gnutls
61	+ curl_ssl_mbedtls
62	+ curl_ssl_nss
63	+ curl_ssl_openssl
64	+ )
65	+ )"
66	+
67	+# lead to lots of false negatives, bug #285669
68	+RESTRICT="!test? ( test )"
69	+
70	+RDEPEND="ldap? ( net-nds/openldap:=[${MULTILIB_USEDEP}] )
71	+ brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] )
72	+ ssl? (
73	+ gnutls? (
74	+ net-libs/gnutls:0=[static-libs?,${MULTILIB_USEDEP}]
75	+ dev-libs/nettle:0=[${MULTILIB_USEDEP}]
76	+ app-misc/ca-certificates
77	+ )
78	+ mbedtls? (
79	+ net-libs/mbedtls:0=[${MULTILIB_USEDEP}]
80	+ app-misc/ca-certificates
81	+ )
82	+ openssl? (
83	+ dev-libs/openssl:0=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}]
84	+ )
85	+ nss? (
86	+ dev-libs/nss:0[${MULTILIB_USEDEP}]
87	+ app-misc/ca-certificates
88	+ )
89	+ )
90	+ http2? ( net-libs/nghttp2:=[${MULTILIB_USEDEP}] )
91	+ nghttp3? (
92	+ net-libs/nghttp3[${MULTILIB_USEDEP}]
93	+ net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}]
94	+ )
95	+ quiche? ( >=net-libs/quiche-0.3.0[${MULTILIB_USEDEP}] )
96	+ idn? ( net-dns/libidn2:0=[static-libs?,${MULTILIB_USEDEP}] )
97	+ adns? ( net-dns/c-ares:0=[${MULTILIB_USEDEP}] )
98	+ kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
99	+ rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] )
100	+ ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] )
101	+ sys-libs/zlib[${MULTILIB_USEDEP}]
102	+ zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )"
103	+
104	+# Do we need to enforce the same ssl backend for curl and rtmpdump? Bug #423303
105	+# rtmp? (
106	+# media-video/rtmpdump
107	+# curl_ssl_gnutls? ( media-video/rtmpdump[gnutls] )
108	+# curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,ssl] )
109	+# )
110	+
111	+DEPEND="${RDEPEND}"
112	+BDEPEND="dev-lang/perl
113	+ virtual/pkgconfig
114	+ test? (
115	+ sys-apps/diffutils
116	+ )
117	+ verify-sig? ( sec-keys/openpgp-keys-danielstenberg )"
118	+
119	+DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} )
120	+
121	+MULTILIB_WRAPPED_HEADERS=(
122	+ /usr/include/curl/curlbuild.h
123	+)
124	+
125	+MULTILIB_CHOST_TOOLS=(
126	+ /usr/bin/curl-config
127	+)
128	+
129	+PATCHES=(
130	+ "${FILESDIR}"/${PN}-7.30.0-prefix.patch
131	+ "${FILESDIR}"/${PN}-respect-cflags-3.patch
132	+)
133	+
134	+src_prepare() {
135	+ default
136	+
137	+ eprefixify curl-config.in
138	+ eautoreconf
139	+}
140	+
141	+multilib_src_configure() {
142	+ # We make use of the fact that later flags override earlier ones
143	+ # So start with all ssl providers off until proven otherwise
144	+ # TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/)
145	+ local myconf=()
146	+
147	+ myconf+=( --without-gnutls --without-mbedtls --without-nss --without-ssl )
148	+ myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt )
149	+ #myconf+=( --without-default-ssl-backend )
150	+ if use ssl ; then
151	+ if use gnutls \|\| use curl_ssl_gnutls; then
152	+ einfo "SSL provided by gnutls"
153	+ myconf+=( --with-gnutls --with-nettle )
154	+ fi
155	+ if use mbedtls \|\| use curl_ssl_mbedtls; then
156	+ einfo "SSL provided by mbedtls"
157	+ myconf+=( --with-mbedtls )
158	+ fi
159	+ if use nss \|\| use curl_ssl_nss; then
160	+ einfo "SSL provided by nss"
161	+ myconf+=( --with-nss --with-nss-deprecated )
162	+ fi
163	+ if use openssl \|\| use curl_ssl_openssl; then
164	+ einfo "SSL provided by openssl"
165	+ myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )
166	+ fi
167	+
168	+ if use curl_ssl_gnutls; then
169	+ einfo "Default SSL provided by gnutls"
170	+ myconf+=( --with-default-ssl-backend=gnutls )
171	+ elif use curl_ssl_mbedtls; then
172	+ einfo "Default SSL provided by mbedtls"
173	+ myconf+=( --with-default-ssl-backend=mbedtls )
174	+ elif use curl_ssl_nss; then
175	+ einfo "Default SSL provided by nss"
176	+ myconf+=( --with-default-ssl-backend=nss )
177	+ elif use curl_ssl_openssl; then
178	+ einfo "Default SSL provided by openssl"
179	+ myconf+=( --with-default-ssl-backend=openssl )
180	+ else
181	+ eerror "We can't be here because of REQUIRED_USE."
182	+ fi
183	+
184	+ else
185	+ einfo "SSL disabled"
186	+ fi
187	+
188	+ # These configuration options are organized alphabetically
189	+ # within each category. This should make it easier if we
190	+ # ever decide to make any of them contingent on USE flags:
191	+ # 1) protocols first. To see them all do
192	+ # 'grep SUPPORT_PROTOCOLS configure.ac'
193	+ # 2) --enable/disable options second.
194	+ # 'grep -- --enable configure \| grep Check \| awk '{ print $4 }' \| sort
195	+ # 3) --with/without options third.
196	+ # grep -- --with configure \| grep Check \| awk '{ print $4 }' \| sort
197	+
198	+ myconf+=(
199	+ $(use_enable alt-svc)
200	+ --enable-crypto-auth
201	+ --enable-dict
202	+ --disable-ech
203	+ --enable-file
204	+ $(use_enable ftp)
205	+ $(use_enable gopher)
206	+ $(use_enable hsts)
207	+ --enable-http
208	+ $(use_enable imap)
209	+ $(use_enable ldap)
210	+ $(use_enable ldap ldaps)
211	+ --enable-ntlm
212	+ --disable-ntlm-wb
213	+ $(use_enable pop3)
214	+ --enable-rt
215	+ --enable-rtsp
216	+ $(use_enable samba smb)
217	+ $(use_with ssh libssh2)
218	+ $(use_enable smtp)
219	+ $(use_enable telnet)
220	+ $(use_enable tftp)
221	+ --enable-tls-srp
222	+ $(use_enable adns ares)
223	+ --enable-cookies
224	+ --enable-dateparse
225	+ --enable-dnsshuffle
226	+ --enable-doh
227	+ --enable-symbol-hiding
228	+ --enable-http-auth
229	+ $(use_enable ipv6)
230	+ --enable-largefile
231	+ --enable-manual
232	+ --enable-mime
233	+ --enable-netrc
234	+ $(use_enable progress-meter)
235	+ --enable-proxy
236	+ --disable-sspi
237	+ $(use_enable static-libs static)
238	+ $(use_enable threads threaded-resolver)
239	+ $(use_enable threads pthreads)
240	+ --disable-versioned-symbols
241	+ --without-amissl
242	+ --without-bearssl
243	+ $(use_with brotli)
244	+ --without-fish-functions-dir
245	+ $(use_with http2 nghttp2)
246	+ --without-hyper
247	+ $(use_with idn libidn2)
248	+ $(use_with kerberos gssapi "${EPREFIX}"/usr)
249	+ --without-libgsasl
250	+ --without-libpsl
251	+ --without-msh3
252	+ $(use_with nghttp3)
253	+ $(use_with nghttp3 ngtcp2)
254	+ $(use_with quiche)
255	+ $(use_with rtmp librtmp)
256	+ --without-rustls
257	+ --without-schannel
258	+ --without-secure-transport
259	+ --without-winidn
260	+ --without-wolfssl
261	+ --with-zlib
262	+ $(use_with zstd)
263	+ )
264	+
265	+ ECONF_SOURCE="${S}" \
266	+ econf "${myconf[@]}"
267	+
268	+ if ! multilib_is_native_abi; then
269	+ # avoid building the client
270	+ sed -i -e '/SUBDIRS/s:src::' Makefile \|\| die
271	+ sed -i -e '/SUBDIRS/s:scripts::' Makefile \|\| die
272	+ fi
273	+
274	+ # Fix up the pkg-config file to be more robust.
275	+ # https://github.com/curl/curl/issues/864
276	+ local priv=() libs=()
277	+ # We always enable zlib.
278	+ libs+=( "-lz" )
279	+ priv+=( "zlib" )
280	+ if use http2; then
281	+ libs+=( "-lnghttp2" )
282	+ priv+=( "libnghttp2" )
283	+ fi
284	+ if use quiche; then
285	+ libs+=( "-lquiche" )
286	+ priv+=( "quiche" )
287	+ fi
288	+ if use nghttp3; then
289	+ libs+=( "-lnghttp3" "-lngtcp2" )
290	+ priv+=( "libnghttp3" "-libtcp2" )
291	+ fi
292	+ if use ssl && use curl_ssl_openssl; then
293	+ libs+=( "-lssl" "-lcrypto" )
294	+ priv+=( "openssl" )
295	+ fi
296	+ grep -q Requires.private libcurl.pc && die "need to update ebuild"
297	+ libs=$(printf '\|%s' "${libs[@]}")
298	+ sed -i -r \
299	+ -e "/^Libs.private/s:(${libs#\|})( \|$)::g" \
300	+ libcurl.pc \|\| die
301	+ echo "Requires.private: ${priv[*]}" >> libcurl.pc
302	+}
303	+
304	+multilib_src_test() {
305	+ # See https://github.com/curl/curl/blob/master/tests/runtests.pl#L5721
306	+ # -n: no valgrind (unreliable in sandbox and doesn't work correctly on all arches)
307	+ # -v: verbose
308	+ # -a: keep going on failure (so we see everything which breaks, not just 1st test)
309	+ # -k: keep test files after completion
310	+ # -am: automake style TAP output
311	+ # -p: print logs if test fails
312	+ # Note: if needed, we can disable tests. See e.g. Fedora's packaging
313	+ # or just read https://github.com/curl/curl/tree/master/tests#run.
314	+ multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p"
315	+}
316	+
317	+multilib_src_install_all() {
318	+ einstalldocs
319	+ find "${ED}" -type f -name '*.la' -delete \|\| die
320	+ rm -rf "${ED}"/etc/ \|\| die
321	+}

Gentoo Archives: gentoo-commits