[gentoo-commits] repo/gentoo:master commit in: net-misc/curl/, net-misc/curl/files/ - gentoo-commits

From:	Sam James <sam@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: net-misc/curl/, net-misc/curl/files/
Date:	Sat, 18 Sep 2021 03:01:26
Message-Id:	`1631933569.9886665e4f3d22da1d722509fd5de9000a36d4d6.sam@gentoo`

1

commit:     9886665e4f3d22da1d722509fd5de9000a36d4d6

2

Author:     Sam James <sam <AT> gentoo <DOT> org>

3

AuthorDate: Sat Sep 18 02:52:49 2021 +0000

4

Commit:     Sam James <sam <AT> gentoo <DOT> org>

5

CommitDate: Sat Sep 18 02:52:49 2021 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9886665e

7

8

net-misc/curl: add 7.79.0

9

10

Bug: https://bugs.gentoo.org/813270

11

Signed-off-by: Sam James <sam <AT> gentoo.org>

12

13

 net-misc/curl/Manifest                             |   1 +

14

 net-misc/curl/curl-7.79.0.ebuild                   | 293 +++++++++++++++++++++

15

 .../curl-7.79.0-http-3digit-response-code.patch    | 107 ++++++++

16

 .../files/curl-7.79.0-http2-connection-data.patch  |  43 +++

17

 4 files changed, 444 insertions(+)

18

19

diff --git a/net-misc/curl/Manifest b/net-misc/curl/Manifest

20

index 65ea300bc22..b1b6f556d43 100644

21

--- a/net-misc/curl/Manifest

22

+++ b/net-misc/curl/Manifest

23

@@ -1 +1,2 @@

24

 DIST curl-7.78.0.tar.xz 2440640 BLAKE2B 0422071ce22d38b89652c702989674a2257dd18b05004245c4f2d7494ccdd24b5b52f330629ce6a411a059d5990e8c879cbbdf23d873b881141f9d2b9ad07f7f SHA512 f72e822a0b5e28320ef547c7a441c07f3b4870579a70ab4c428751baba435a1385cb89a22b9ed4b84a7fafecf620f155911e4131e3463ec1bdad80ecde47bb7a

25

+DIST curl-7.79.0.tar.xz 2463072 BLAKE2B c3a8a60d3c04965272b1a439a4719cfaca903daaecd6265869b9188d1b6b13be63817b9daa77260673d67330baa3d9c2d917274f939cdadc467ac64d8fcf3203 SHA512 68bccba61f18de9f94c311b0d92cfa6572bb7e55e8773917c13b25203164a5a9f4ef6b8ad84a14d3d5dcb286271bf18c3dd84c4ca353866763c726f9defce808

26

27

diff --git a/net-misc/curl/curl-7.79.0.ebuild b/net-misc/curl/curl-7.79.0.ebuild

28

new file mode 100644

29

index 00000000000..380b1da5a4e

30

--- /dev/null

31

+++ b/net-misc/curl/curl-7.79.0.ebuild

32

@@ -0,0 +1,293 @@

33

+# Copyright 1999-2021 Gentoo Authors

34

+# Distributed under the terms of the GNU General Public License v2

35

+

36

+EAPI="7"

37

+

38

+inherit autotools prefix multilib-minimal

39

+

40

+DESCRIPTION="A Client that groks URLs"

41

+HOMEPAGE="https://curl.haxx.se/"

42

+SRC_URI="https://curl.haxx.se/download/${P}.tar.xz"

43

+

44

+LICENSE="curl"

45

+SLOT="0"

46

+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"

47

+IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads winssl zstd"

48

+IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_winssl"

49

+IUSE+=" nghttp3 quiche"

50

+IUSE+=" elibc_Winnt"

51

+

52

+# c-ares must be disabled for threads

53

+# only one default ssl provider can be enabled

54

+REQUIRED_USE="

55

+	winssl? ( elibc_Winnt )

56

+	threads? ( !adns )

57

+	ssl? (

58

+		^^ (

59

+			curl_ssl_gnutls

60

+			curl_ssl_mbedtls

61

+			curl_ssl_nss

62

+			curl_ssl_openssl

63

+			curl_ssl_winssl

64

+		)

65

+	)"

66

+

67

+# lead to lots of false negatives, bug #285669

68

+RESTRICT="!test? ( test )"

69

+

70

+RDEPEND="ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] )

71

+	brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] )

72

+	ssl? (

73

+		gnutls? (

74

+			net-libs/gnutls:0=[static-libs?,${MULTILIB_USEDEP}]

75

+			dev-libs/nettle:0=[${MULTILIB_USEDEP}]

76

+			app-misc/ca-certificates

77

+		)

78

+		mbedtls? (

79

+			net-libs/mbedtls:0=[${MULTILIB_USEDEP}]

80

+			app-misc/ca-certificates

81

+		)

82

+		openssl? (

83

+			dev-libs/openssl:0=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}]

84

+		)

85

+		nss? (

86

+			dev-libs/nss:0[${MULTILIB_USEDEP}]

87

+			app-misc/ca-certificates

88

+		)

89

+	)

90

+	http2? ( net-libs/nghttp2:=[${MULTILIB_USEDEP}] )

91

+	nghttp3? (

92

+		net-libs/nghttp3[${MULTILIB_USEDEP}]

93

+		net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}]

94

+	)

95

+	quiche? ( >=net-libs/quiche-0.3.0[${MULTILIB_USEDEP}] )

96

+	idn? ( net-dns/libidn2:0=[static-libs?,${MULTILIB_USEDEP}] )

97

+	adns? ( net-dns/c-ares:0=[${MULTILIB_USEDEP}] )

98

+	kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )

99

+	rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] )

100

+	ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] )

101

+	sys-libs/zlib[${MULTILIB_USEDEP}]

102

+	zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )"

103

+

104

+# Do we need to enforce the same ssl backend for curl and rtmpdump? Bug #423303

105

+#	rtmp? (

106

+#		media-video/rtmpdump

107

+#		curl_ssl_gnutls? ( media-video/rtmpdump[gnutls] )

108

+#		curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,ssl] )

109

+#	)

110

+

111

+# ssl providers to be added:

112

+# fbopenssl  $(use_with spnego)

113

+

114

+DEPEND="${RDEPEND}"

115

+BDEPEND="virtual/pkgconfig

116

+	test? (

117

+		sys-apps/diffutils

118

+		dev-lang/perl

119

+	)"

120

+

121

+DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} )

122

+

123

+MULTILIB_WRAPPED_HEADERS=(

124

+	/usr/include/curl/curlbuild.h

125

+)

126

+

127

+MULTILIB_CHOST_TOOLS=(

128

+	/usr/bin/curl-config

129

+)

130

+

131

+PATCHES=(

132

+	"${FILESDIR}"/${PN}-7.30.0-prefix.patch

133

+	"${FILESDIR}"/${PN}-respect-cflags-3.patch

134

+	# Backported patches to 7.79.0

135

+	"${FILESDIR}"/${P}-http2-connection-data.patch

136

+	"${FILESDIR}"/${P}-http-3digit-response-code.patch

137

+)

138

+

139

+src_prepare() {

140

+	default

141

+

142

+	eprefixify curl-config.in

143

+	eautoreconf

144

+}

145

+

146

+multilib_src_configure() {

147

+	# We make use of the fact that later flags override earlier ones

148

+	# So start with all ssl providers off until proven otherwise

149

+	# TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/)

150

+	local myconf=()

151

+

152

+	myconf+=( --without-gnutls --without-mbedtls --without-nss --without-polarssl --without-ssl --without-winssl )

153

+	myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt  )

154

+	#myconf+=( --without-default-ssl-backend )

155

+	if use ssl ; then

156

+		if use gnutls || use curl_ssl_gnutls; then

157

+			einfo "SSL provided by gnutls"

158

+			myconf+=( --with-gnutls --with-nettle )

159

+		fi

160

+		if use mbedtls || use curl_ssl_mbedtls; then

161

+			einfo "SSL provided by mbedtls"

162

+			myconf+=( --with-mbedtls )

163

+		fi

164

+		if use nss || use curl_ssl_nss; then

165

+			einfo "SSL provided by nss"

166

+			myconf+=( --with-nss )

167

+		fi

168

+		if use openssl || use curl_ssl_openssl; then

169

+			einfo "SSL provided by openssl"

170

+			myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )

171

+		fi

172

+		if use winssl || use curl_ssl_winssl; then

173

+			einfo "SSL provided by Windows"

174

+			myconf+=( --with-winssl )

175

+		fi

176

+

177

+		if use curl_ssl_gnutls; then

178

+			einfo "Default SSL provided by gnutls"

179

+			myconf+=( --with-default-ssl-backend=gnutls )

180

+		elif use curl_ssl_mbedtls; then

181

+			einfo "Default SSL provided by mbedtls"

182

+			myconf+=( --with-default-ssl-backend=mbedtls )

183

+		elif use curl_ssl_nss; then

184

+			einfo "Default SSL provided by nss"

185

+			myconf+=( --with-default-ssl-backend=nss )

186

+		elif use curl_ssl_openssl; then

187

+			einfo "Default SSL provided by openssl"

188

+			myconf+=( --with-default-ssl-backend=openssl )

189

+		elif use curl_ssl_winssl; then

190

+			einfo "Default SSL provided by Windows"

191

+			myconf+=( --with-default-ssl-backend=winssl )

192

+		else

193

+			eerror "We can't be here because of REQUIRED_USE."

194

+		fi

195

+

196

+	else

197

+		einfo "SSL disabled"

198

+	fi

199

+

200

+	# These configuration options are organized alphabetically

201

+	# within each category.  This should make it easier if we

202

+	# ever decide to make any of them contingent on USE flags:

203

+	# 1) protocols first.  To see them all do

204

+	# 'grep SUPPORT_PROTOCOLS configure.ac'

205

+	# 2) --enable/disable options second.

206

+	# 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort

207

+	# 3) --with/without options third.

208

+	# grep -- --with configure | grep Check | awk '{ print $4 }' | sort

209

+

210

+	myconf+=(

211

+		$(use_enable alt-svc)

212

+		--enable-crypto-auth

213

+		--enable-dict

214

+		--disable-ech

215

+		--enable-file

216

+		$(use_enable ftp)

217

+		$(use_enable gopher)

218

+		$(use_enable hsts)

219

+		--enable-http

220

+		$(use_enable imap)

221

+		$(use_enable ldap)

222

+		$(use_enable ldap ldaps)

223

+		--enable-ntlm

224

+		--disable-ntlm-wb

225

+		$(use_enable pop3)

226

+		--enable-rt

227

+		--enable-rtsp

228

+		$(use_enable samba smb)

229

+		$(use_with ssh libssh2)

230

+		$(use_enable smtp)

231

+		$(use_enable telnet)

232

+		$(use_enable tftp)

233

+		--enable-tls-srp

234

+		$(use_enable adns ares)

235

+		--enable-cookies

236

+		--enable-dateparse

237

+		--enable-dnsshuffle

238

+		--enable-doh

239

+		--enable-hidden-symbols

240

+		--enable-http-auth

241

+		$(use_enable ipv6)

242

+		--enable-largefile

243

+		--enable-manual

244

+		--enable-mime

245

+		--enable-netrc

246

+		$(use_enable progress-meter)

247

+		--enable-proxy

248

+		--disable-sspi

249

+		$(use_enable static-libs static)

250

+		$(use_enable threads threaded-resolver)

251

+		$(use_enable threads pthreads)

252

+		--disable-versioned-symbols

253

+		--without-amissl

254

+		--without-bearssl

255

+		$(use_with brotli)

256

+		--without-cyassl

257

+		--without-fish-functions-dir

258

+		$(use_with http2 nghttp2)

259

+		--without-hyper

260

+		$(use_with idn libidn2)

261

+		$(use_with kerberos gssapi "${EPREFIX}"/usr)

262

+		--without-libgsasl

263

+		--without-libpsl

264

+		$(use_with nghttp3)

265

+		$(use_with nghttp3 ngtcp2)

266

+		$(use_with quiche)

267

+		$(use_with rtmp librtmp)

268

+		--without-rustls

269

+		--without-schannel

270

+		--without-secure-transport

271

+		--without-spnego

272

+		--without-winidn

273

+		--without-wolfssl

274

+		--with-zlib

275

+		$(use_with zstd)

276

+	)

277

+

278

+	ECONF_SOURCE="${S}" \

279

+	econf "${myconf[@]}"

280

+

281

+	if ! multilib_is_native_abi; then

282

+		# avoid building the client

283

+		sed -i -e '/SUBDIRS/s:src::' Makefile || die

284

+		sed -i -e '/SUBDIRS/s:scripts::' Makefile || die

285

+	fi

286

+

287

+	# Fix up the pkg-config file to be more robust.

288

+	# https://github.com/curl/curl/issues/864

289

+	local priv=() libs=()

290

+	# We always enable zlib.

291

+	libs+=( "-lz" )

292

+	priv+=( "zlib" )

293

+	if use http2; then

294

+		libs+=( "-lnghttp2" )

295

+		priv+=( "libnghttp2" )

296

+	fi

297

+	if use quiche; then

298

+		libs+=( "-lquiche" )

299

+		priv+=( "quiche" )

300

+	fi

301

+	if use nghttp3; then

302

+		libs+=( "-lnghttp3" "-lngtcp2" )

303

+		priv+=( "libnghttp3" "-libtcp2" )

304

+	fi

305

+	if use ssl && use curl_ssl_openssl; then

306

+		libs+=( "-lssl" "-lcrypto" )

307

+		priv+=( "openssl" )

308

+	fi

309

+	grep -q Requires.private libcurl.pc && die "need to update ebuild"

310

+	libs=$(printf '|%s' "${libs[@]}")

311

+	sed -i -r \

312

+		-e "/^Libs.private/s:(${libs#|})( |$)::g" \

313

+		libcurl.pc || die

314

+	echo "Requires.private: ${priv[*]}" >> libcurl.pc

315

+}

316

+

317

+multilib_src_test() {

318

+	multilib_is_native_abi && default_src_test

319

+}

320

+

321

+multilib_src_install_all() {

322

+	einstalldocs

323

+	find "${ED}" -type f -name '*.la' -delete || die

324

+	rm -rf "${ED}"/etc/ || die

325

+}

326

327

diff --git a/net-misc/curl/files/curl-7.79.0-http-3digit-response-code.patch b/net-misc/curl/files/curl-7.79.0-http-3digit-response-code.patch

328

new file mode 100644

329

index 00000000000..1da4cebd4aa

330

--- /dev/null

331

+++ b/net-misc/curl/files/curl-7.79.0-http-3digit-response-code.patch

332

@@ -0,0 +1,107 @@

333

+https://github.com/curl/curl/commit/beb8990d934a01acf103871e463d4e61afc9ded2

334

+

335

+From: Daniel Stenberg <daniel@××××.se>

336

+Date: Fri, 17 Sep 2021 16:31:25 +0200

337

+Subject: [PATCH] http: fix the broken >3 digit response code detection

338

+

339

+When the "reason phrase" in the HTTP status line starts with a digit,

340

+that was treated as the forth response code digit and curl would claim

341

+the response to be non-compliant.

342

+

343

+Added test 1466 to verify this case.

344

+

345

+Regression brought by 5dc594e44f73b17

346

+Reported-by: Glenn de boer

347

+Fixes #7738

348

+Closes #7739

349

+--- a/lib/http.c

350

++++ b/lib/http.c

351

+@@ -4232,9 +4232,9 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data,

352

+         char separator;

353

+         char twoorthree[2];

354

+         int httpversion = 0;

355

+-        int digit4 = -1; /* should remain untouched to be good */

356

++        char digit4 = 0;

357

+         nc = sscanf(HEADER1,

358

+-                    " HTTP/%1d.%1d%c%3d%1d",

359

++                    " HTTP/%1d.%1d%c%3d%c",

360

+                     &httpversion_major,

361

+                     &httpversion,

362

+                     &separator,

363

+@@ -4250,13 +4250,13 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data,

364

+

365

+         /* There can only be a 4th response code digit stored in 'digit4' if

366

+            all the other fields were parsed and stored first, so nc is 5 when

367

+-           digit4 is not -1 */

368

+-        else if(digit4 != -1) {

369

++           digit4 a digit */

370

++        else if(ISDIGIT(digit4)) {

371

+           failf(data, "Unsupported response code in HTTP response");

372

+           return CURLE_UNSUPPORTED_PROTOCOL;

373

+         }

374

+

375

+-        if((nc == 4) && (' ' == separator)) {

376

++        if((nc >= 4) && (' ' == separator)) {

377

+           httpversion += 10 * httpversion_major;

378

+           switch(httpversion) {

379

+           case 10:

380

+--- a/tests/data/Makefile.inc

381

++++ b/tests/data/Makefile.inc

382

+@@ -182,7 +182,7 @@ test1432 test1433 test1434 test1435 test1436 test1437 test1438 test1439 \

383

+ test1440 test1441 test1442 test1443 test1444 test1445 test1446 test1447 \

384

+ test1448 test1449 test1450 test1451 test1452 test1453 test1454 test1455 \

385

+ test1456 test1457 test1458 test1459 test1460 test1461 test1462 test1463 \

386

+-test1464 test1465 \

387

++test1464 test1465 test1466 \

388

+ \

389

+ test1500 test1501 test1502 test1503 test1504 test1505 test1506 test1507 \

390

+ test1508 test1509 test1510 test1511 test1512 test1513 test1514 test1515 \

391

+--- /dev/null

392

++++ b/tests/data/test1466

393

+@@ -0,0 +1,45 @@

394

++<testcase>

395

++<info>

396

++<keywords>

397

++HTTP

398

++HTTP GET

399

++</keywords>

400

++</info>

401

++

402

++<reply>

403

++<data>

404

++HTTP/1.1 405 405

405

++Content-Length: 6

406

++Connection: close

407

++

408

++-foo-

409

++</data>

410

++</reply>

411

++

412

++#

413

++# Client-side

414

++<client>

415

++<server>

416

++http

417

++</server>

418

++

419

++<name>

420

++HTTP GET with 3-digit response and only digits in reason

421

++ </name>

422

++ <command>

423

++http://%HOSTIP:%HTTPPORT/%TESTNUMBER

424

++</command>

425

++</client>

426

++

427

++#

428

++# Verify data after the test has been "shot"

429

++<verify>

430

++<protocol>

431

++GET /%TESTNUMBER HTTP/1.1

432

++Host: %HOSTIP:%HTTPPORT

433

++User-Agent: curl/%VERSION

434

++Accept: */*

435

++

436

++</protocol>

437

++</verify>

438

++</testcase>

439

+

440

441

diff --git a/net-misc/curl/files/curl-7.79.0-http2-connection-data.patch b/net-misc/curl/files/curl-7.79.0-http2-connection-data.patch

442

new file mode 100644

443

index 00000000000..bdb1484d1b1

444

--- /dev/null

445

+++ b/net-misc/curl/files/curl-7.79.0-http2-connection-data.patch

446

@@ -0,0 +1,43 @@

447

+https://github.com/curl/curl/commit/901804ef95777b8e735a55b77f8dd630a58c575b

448

+

449

+From: Daniel Stenberg <daniel@××××.se>

450

+Date: Thu, 16 Sep 2021 08:50:54 +0200

451

+Subject: [PATCH] Curl_http2_setup: don't change connection data on repeat

452

+ invokes

453

+

454

+Regression from 3cb8a748670ab88c (releasde in 7.79.0). That change moved

455

+transfer oriented inits to before the check but also erroneously moved a

456

+few connection oriented ones, which causes problems.

457

+

458

+Reported-by: Evangelos Foutras

459

+Fixes #7730

460

+Closes #7731

461

+--- a/lib/http2.c

462

++++ b/lib/http2.c

463

+@@ -2221,12 +2221,6 @@ CURLcode Curl_http2_setup(struct Curl_easy *data,

464

+   stream->mem = data->state.buffer;

465

+   stream->len = data->set.buffer_size;

466

+

467

+-  httpc->inbuflen = 0;

468

+-  httpc->nread_inbuf = 0;

469

+-

470

+-  httpc->pause_stream_id = 0;

471

+-  httpc->drain_total = 0;

472

+-

473

+   multi_connchanged(data->multi);

474

+   /* below this point only connection related inits are done, which only needs

475

+      to be done once per connection */

476

+@@ -2252,6 +2246,12 @@ CURLcode Curl_http2_setup(struct Curl_easy *data,

477

+   conn->httpversion = 20;

478

+   conn->bundle->multiuse = BUNDLE_MULTIPLEX;

479

+

480

++  httpc->inbuflen = 0;

481

++  httpc->nread_inbuf = 0;

482

++

483

++  httpc->pause_stream_id = 0;

484

++  httpc->drain_total = 0;

485

++

486

+   infof(data, "Connection state changed (HTTP/2 confirmed)");

487

+

488

+   return CURLE_OK;

489

+

1	commit: 9886665e4f3d22da1d722509fd5de9000a36d4d6
2	Author: Sam James <sam <AT> gentoo <DOT> org>
3	AuthorDate: Sat Sep 18 02:52:49 2021 +0000
4	Commit: Sam James <sam <AT> gentoo <DOT> org>
5	CommitDate: Sat Sep 18 02:52:49 2021 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9886665e
7
8	net-misc/curl: add 7.79.0
9
10	Bug: https://bugs.gentoo.org/813270
11	Signed-off-by: Sam James <sam <AT> gentoo.org>
12
13	net-misc/curl/Manifest \| 1 +
14	net-misc/curl/curl-7.79.0.ebuild \| 293 +++++++++++++++++++++
15	.../curl-7.79.0-http-3digit-response-code.patch \| 107 ++++++++
16	.../files/curl-7.79.0-http2-connection-data.patch \| 43 +++
17	4 files changed, 444 insertions(+)
18
19	diff --git a/net-misc/curl/Manifest b/net-misc/curl/Manifest
20	index 65ea300bc22..b1b6f556d43 100644
21	--- a/net-misc/curl/Manifest
22	+++ b/net-misc/curl/Manifest
23	@@ -1 +1,2 @@
24	DIST curl-7.78.0.tar.xz 2440640 BLAKE2B 0422071ce22d38b89652c702989674a2257dd18b05004245c4f2d7494ccdd24b5b52f330629ce6a411a059d5990e8c879cbbdf23d873b881141f9d2b9ad07f7f SHA512 f72e822a0b5e28320ef547c7a441c07f3b4870579a70ab4c428751baba435a1385cb89a22b9ed4b84a7fafecf620f155911e4131e3463ec1bdad80ecde47bb7a
25	+DIST curl-7.79.0.tar.xz 2463072 BLAKE2B c3a8a60d3c04965272b1a439a4719cfaca903daaecd6265869b9188d1b6b13be63817b9daa77260673d67330baa3d9c2d917274f939cdadc467ac64d8fcf3203 SHA512 68bccba61f18de9f94c311b0d92cfa6572bb7e55e8773917c13b25203164a5a9f4ef6b8ad84a14d3d5dcb286271bf18c3dd84c4ca353866763c726f9defce808
26
27	diff --git a/net-misc/curl/curl-7.79.0.ebuild b/net-misc/curl/curl-7.79.0.ebuild
28	new file mode 100644
29	index 00000000000..380b1da5a4e
30	--- /dev/null
31	+++ b/net-misc/curl/curl-7.79.0.ebuild
32	@@ -0,0 +1,293 @@
33	+# Copyright 1999-2021 Gentoo Authors
34	+# Distributed under the terms of the GNU General Public License v2
35	+
36	+EAPI="7"
37	+
38	+inherit autotools prefix multilib-minimal
39	+
40	+DESCRIPTION="A Client that groks URLs"
41	+HOMEPAGE="https://curl.haxx.se/"
42	+SRC_URI="https://curl.haxx.se/download/${P}.tar.xz"
43	+
44	+LICENSE="curl"
45	+SLOT="0"
46	+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
47	+IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads winssl zstd"
48	+IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_winssl"
49	+IUSE+=" nghttp3 quiche"
50	+IUSE+=" elibc_Winnt"
51	+
52	+# c-ares must be disabled for threads
53	+# only one default ssl provider can be enabled
54	+REQUIRED_USE="
55	+ winssl? ( elibc_Winnt )
56	+ threads? ( !adns )
57	+ ssl? (
58	+ ^^ (
59	+ curl_ssl_gnutls
60	+ curl_ssl_mbedtls
61	+ curl_ssl_nss
62	+ curl_ssl_openssl
63	+ curl_ssl_winssl
64	+ )
65	+ )"
66	+
67	+# lead to lots of false negatives, bug #285669
68	+RESTRICT="!test? ( test )"
69	+
70	+RDEPEND="ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] )
71	+ brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] )
72	+ ssl? (
73	+ gnutls? (
74	+ net-libs/gnutls:0=[static-libs?,${MULTILIB_USEDEP}]
75	+ dev-libs/nettle:0=[${MULTILIB_USEDEP}]
76	+ app-misc/ca-certificates
77	+ )
78	+ mbedtls? (
79	+ net-libs/mbedtls:0=[${MULTILIB_USEDEP}]
80	+ app-misc/ca-certificates
81	+ )
82	+ openssl? (
83	+ dev-libs/openssl:0=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}]
84	+ )
85	+ nss? (
86	+ dev-libs/nss:0[${MULTILIB_USEDEP}]
87	+ app-misc/ca-certificates
88	+ )
89	+ )
90	+ http2? ( net-libs/nghttp2:=[${MULTILIB_USEDEP}] )
91	+ nghttp3? (
92	+ net-libs/nghttp3[${MULTILIB_USEDEP}]
93	+ net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}]
94	+ )
95	+ quiche? ( >=net-libs/quiche-0.3.0[${MULTILIB_USEDEP}] )
96	+ idn? ( net-dns/libidn2:0=[static-libs?,${MULTILIB_USEDEP}] )
97	+ adns? ( net-dns/c-ares:0=[${MULTILIB_USEDEP}] )
98	+ kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
99	+ rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] )
100	+ ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] )
101	+ sys-libs/zlib[${MULTILIB_USEDEP}]
102	+ zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )"
103	+
104	+# Do we need to enforce the same ssl backend for curl and rtmpdump? Bug #423303
105	+# rtmp? (
106	+# media-video/rtmpdump
107	+# curl_ssl_gnutls? ( media-video/rtmpdump[gnutls] )
108	+# curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,ssl] )
109	+# )
110	+
111	+# ssl providers to be added:
112	+# fbopenssl $(use_with spnego)
113	+
114	+DEPEND="${RDEPEND}"
115	+BDEPEND="virtual/pkgconfig
116	+ test? (
117	+ sys-apps/diffutils
118	+ dev-lang/perl
119	+ )"
120	+
121	+DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} )
122	+
123	+MULTILIB_WRAPPED_HEADERS=(
124	+ /usr/include/curl/curlbuild.h
125	+)
126	+
127	+MULTILIB_CHOST_TOOLS=(
128	+ /usr/bin/curl-config
129	+)
130	+
131	+PATCHES=(
132	+ "${FILESDIR}"/${PN}-7.30.0-prefix.patch
133	+ "${FILESDIR}"/${PN}-respect-cflags-3.patch
134	+ # Backported patches to 7.79.0
135	+ "${FILESDIR}"/${P}-http2-connection-data.patch
136	+ "${FILESDIR}"/${P}-http-3digit-response-code.patch
137	+)
138	+
139	+src_prepare() {
140	+ default
141	+
142	+ eprefixify curl-config.in
143	+ eautoreconf
144	+}
145	+
146	+multilib_src_configure() {
147	+ # We make use of the fact that later flags override earlier ones
148	+ # So start with all ssl providers off until proven otherwise
149	+ # TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/)
150	+ local myconf=()
151	+
152	+ myconf+=( --without-gnutls --without-mbedtls --without-nss --without-polarssl --without-ssl --without-winssl )
153	+ myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt )
154	+ #myconf+=( --without-default-ssl-backend )
155	+ if use ssl ; then
156	+ if use gnutls \|\| use curl_ssl_gnutls; then
157	+ einfo "SSL provided by gnutls"
158	+ myconf+=( --with-gnutls --with-nettle )
159	+ fi
160	+ if use mbedtls \|\| use curl_ssl_mbedtls; then
161	+ einfo "SSL provided by mbedtls"
162	+ myconf+=( --with-mbedtls )
163	+ fi
164	+ if use nss \|\| use curl_ssl_nss; then
165	+ einfo "SSL provided by nss"
166	+ myconf+=( --with-nss )
167	+ fi
168	+ if use openssl \|\| use curl_ssl_openssl; then
169	+ einfo "SSL provided by openssl"
170	+ myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )
171	+ fi
172	+ if use winssl \|\| use curl_ssl_winssl; then
173	+ einfo "SSL provided by Windows"
174	+ myconf+=( --with-winssl )
175	+ fi
176	+
177	+ if use curl_ssl_gnutls; then
178	+ einfo "Default SSL provided by gnutls"
179	+ myconf+=( --with-default-ssl-backend=gnutls )
180	+ elif use curl_ssl_mbedtls; then
181	+ einfo "Default SSL provided by mbedtls"
182	+ myconf+=( --with-default-ssl-backend=mbedtls )
183	+ elif use curl_ssl_nss; then
184	+ einfo "Default SSL provided by nss"
185	+ myconf+=( --with-default-ssl-backend=nss )
186	+ elif use curl_ssl_openssl; then
187	+ einfo "Default SSL provided by openssl"
188	+ myconf+=( --with-default-ssl-backend=openssl )
189	+ elif use curl_ssl_winssl; then
190	+ einfo "Default SSL provided by Windows"
191	+ myconf+=( --with-default-ssl-backend=winssl )
192	+ else
193	+ eerror "We can't be here because of REQUIRED_USE."
194	+ fi
195	+
196	+ else
197	+ einfo "SSL disabled"
198	+ fi
199	+
200	+ # These configuration options are organized alphabetically
201	+ # within each category. This should make it easier if we
202	+ # ever decide to make any of them contingent on USE flags:
203	+ # 1) protocols first. To see them all do
204	+ # 'grep SUPPORT_PROTOCOLS configure.ac'
205	+ # 2) --enable/disable options second.
206	+ # 'grep -- --enable configure \| grep Check \| awk '{ print $4 }' \| sort
207	+ # 3) --with/without options third.
208	+ # grep -- --with configure \| grep Check \| awk '{ print $4 }' \| sort
209	+
210	+ myconf+=(
211	+ $(use_enable alt-svc)
212	+ --enable-crypto-auth
213	+ --enable-dict
214	+ --disable-ech
215	+ --enable-file
216	+ $(use_enable ftp)
217	+ $(use_enable gopher)
218	+ $(use_enable hsts)
219	+ --enable-http
220	+ $(use_enable imap)
221	+ $(use_enable ldap)
222	+ $(use_enable ldap ldaps)
223	+ --enable-ntlm
224	+ --disable-ntlm-wb
225	+ $(use_enable pop3)
226	+ --enable-rt
227	+ --enable-rtsp
228	+ $(use_enable samba smb)
229	+ $(use_with ssh libssh2)
230	+ $(use_enable smtp)
231	+ $(use_enable telnet)
232	+ $(use_enable tftp)
233	+ --enable-tls-srp
234	+ $(use_enable adns ares)
235	+ --enable-cookies
236	+ --enable-dateparse
237	+ --enable-dnsshuffle
238	+ --enable-doh
239	+ --enable-hidden-symbols
240	+ --enable-http-auth
241	+ $(use_enable ipv6)
242	+ --enable-largefile
243	+ --enable-manual
244	+ --enable-mime
245	+ --enable-netrc
246	+ $(use_enable progress-meter)
247	+ --enable-proxy
248	+ --disable-sspi
249	+ $(use_enable static-libs static)
250	+ $(use_enable threads threaded-resolver)
251	+ $(use_enable threads pthreads)
252	+ --disable-versioned-symbols
253	+ --without-amissl
254	+ --without-bearssl
255	+ $(use_with brotli)
256	+ --without-cyassl
257	+ --without-fish-functions-dir
258	+ $(use_with http2 nghttp2)
259	+ --without-hyper
260	+ $(use_with idn libidn2)
261	+ $(use_with kerberos gssapi "${EPREFIX}"/usr)
262	+ --without-libgsasl
263	+ --without-libpsl
264	+ $(use_with nghttp3)
265	+ $(use_with nghttp3 ngtcp2)
266	+ $(use_with quiche)
267	+ $(use_with rtmp librtmp)
268	+ --without-rustls
269	+ --without-schannel
270	+ --without-secure-transport
271	+ --without-spnego
272	+ --without-winidn
273	+ --without-wolfssl
274	+ --with-zlib
275	+ $(use_with zstd)
276	+ )
277	+
278	+ ECONF_SOURCE="${S}" \
279	+ econf "${myconf[@]}"
280	+
281	+ if ! multilib_is_native_abi; then
282	+ # avoid building the client
283	+ sed -i -e '/SUBDIRS/s:src::' Makefile \|\| die
284	+ sed -i -e '/SUBDIRS/s:scripts::' Makefile \|\| die
285	+ fi
286	+
287	+ # Fix up the pkg-config file to be more robust.
288	+ # https://github.com/curl/curl/issues/864
289	+ local priv=() libs=()
290	+ # We always enable zlib.
291	+ libs+=( "-lz" )
292	+ priv+=( "zlib" )
293	+ if use http2; then
294	+ libs+=( "-lnghttp2" )
295	+ priv+=( "libnghttp2" )
296	+ fi
297	+ if use quiche; then
298	+ libs+=( "-lquiche" )
299	+ priv+=( "quiche" )
300	+ fi
301	+ if use nghttp3; then
302	+ libs+=( "-lnghttp3" "-lngtcp2" )
303	+ priv+=( "libnghttp3" "-libtcp2" )
304	+ fi
305	+ if use ssl && use curl_ssl_openssl; then
306	+ libs+=( "-lssl" "-lcrypto" )
307	+ priv+=( "openssl" )
308	+ fi
309	+ grep -q Requires.private libcurl.pc && die "need to update ebuild"
310	+ libs=$(printf '\|%s' "${libs[@]}")
311	+ sed -i -r \
312	+ -e "/^Libs.private/s:(${libs#\|})( \|$)::g" \
313	+ libcurl.pc \|\| die
314	+ echo "Requires.private: ${priv[*]}" >> libcurl.pc
315	+}
316	+
317	+multilib_src_test() {
318	+ multilib_is_native_abi && default_src_test
319	+}
320	+
321	+multilib_src_install_all() {
322	+ einstalldocs
323	+ find "${ED}" -type f -name '*.la' -delete \|\| die
324	+ rm -rf "${ED}"/etc/ \|\| die
325	+}
326
327	diff --git a/net-misc/curl/files/curl-7.79.0-http-3digit-response-code.patch b/net-misc/curl/files/curl-7.79.0-http-3digit-response-code.patch
328	new file mode 100644
329	index 00000000000..1da4cebd4aa
330	--- /dev/null
331	+++ b/net-misc/curl/files/curl-7.79.0-http-3digit-response-code.patch
332	@@ -0,0 +1,107 @@
333	+https://github.com/curl/curl/commit/beb8990d934a01acf103871e463d4e61afc9ded2
334	+
335	+From: Daniel Stenberg <daniel@××××.se>
336	+Date: Fri, 17 Sep 2021 16:31:25 +0200
337	+Subject: [PATCH] http: fix the broken >3 digit response code detection
338	+
339	+When the "reason phrase" in the HTTP status line starts with a digit,
340	+that was treated as the forth response code digit and curl would claim
341	+the response to be non-compliant.
342	+
343	+Added test 1466 to verify this case.
344	+
345	+Regression brought by 5dc594e44f73b17
346	+Reported-by: Glenn de boer
347	+Fixes #7738
348	+Closes #7739
349	+--- a/lib/http.c
350	++++ b/lib/http.c
351	+@@ -4232,9 +4232,9 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data,
352	+ char separator;
353	+ char twoorthree[2];
354	+ int httpversion = 0;
355	+- int digit4 = -1; /* should remain untouched to be good */
356	++ char digit4 = 0;
357	+ nc = sscanf(HEADER1,
358	+- " HTTP/%1d.%1d%c%3d%1d",
359	++ " HTTP/%1d.%1d%c%3d%c",
360	+ &httpversion_major,
361	+ &httpversion,
362	+ &separator,
363	+@@ -4250,13 +4250,13 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data,
364	+
365	+ /* There can only be a 4th response code digit stored in 'digit4' if
366	+ all the other fields were parsed and stored first, so nc is 5 when
367	+- digit4 is not -1 */
368	+- else if(digit4 != -1) {
369	++ digit4 a digit */
370	++ else if(ISDIGIT(digit4)) {
371	+ failf(data, "Unsupported response code in HTTP response");
372	+ return CURLE_UNSUPPORTED_PROTOCOL;
373	+ }
374	+
375	+- if((nc == 4) && (' ' == separator)) {
376	++ if((nc >= 4) && (' ' == separator)) {
377	+ httpversion += 10 * httpversion_major;
378	+ switch(httpversion) {
379	+ case 10:
380	+--- a/tests/data/Makefile.inc
381	++++ b/tests/data/Makefile.inc
382	+@@ -182,7 +182,7 @@ test1432 test1433 test1434 test1435 test1436 test1437 test1438 test1439 \
383	+ test1440 test1441 test1442 test1443 test1444 test1445 test1446 test1447 \
384	+ test1448 test1449 test1450 test1451 test1452 test1453 test1454 test1455 \
385	+ test1456 test1457 test1458 test1459 test1460 test1461 test1462 test1463 \
386	+-test1464 test1465 \
387	++test1464 test1465 test1466 \
388	+ \
389	+ test1500 test1501 test1502 test1503 test1504 test1505 test1506 test1507 \
390	+ test1508 test1509 test1510 test1511 test1512 test1513 test1514 test1515 \
391	+--- /dev/null
392	++++ b/tests/data/test1466
393	+@@ -0,0 +1,45 @@
394	++<testcase>
395	++<info>
396	++<keywords>
397	++HTTP
398	++HTTP GET
399	++</keywords>
400	++</info>
401	++
402	++<reply>
403	++<data>
404	++HTTP/1.1 405 405
405	++Content-Length: 6
406	++Connection: close
407	++
408	++-foo-
409	++</data>
410	++</reply>
411	++
412	++#
413	++# Client-side
414	++<client>
415	++<server>
416	++http
417	++</server>
418	++
419	++<name>
420	++HTTP GET with 3-digit response and only digits in reason
421	++ </name>
422	++ <command>
423	++http://%HOSTIP:%HTTPPORT/%TESTNUMBER
424	++</command>
425	++</client>
426	++
427	++#
428	++# Verify data after the test has been "shot"
429	++<verify>
430	++<protocol>
431	++GET /%TESTNUMBER HTTP/1.1
432	++Host: %HOSTIP:%HTTPPORT
433	++User-Agent: curl/%VERSION
434	++Accept: /
435	++
436	++</protocol>
437	++</verify>
438	++</testcase>
439	+
440
441	diff --git a/net-misc/curl/files/curl-7.79.0-http2-connection-data.patch b/net-misc/curl/files/curl-7.79.0-http2-connection-data.patch
442	new file mode 100644
443	index 00000000000..bdb1484d1b1
444	--- /dev/null
445	+++ b/net-misc/curl/files/curl-7.79.0-http2-connection-data.patch
446	@@ -0,0 +1,43 @@
447	+https://github.com/curl/curl/commit/901804ef95777b8e735a55b77f8dd630a58c575b
448	+
449	+From: Daniel Stenberg <daniel@××××.se>
450	+Date: Thu, 16 Sep 2021 08:50:54 +0200
451	+Subject: [PATCH] Curl_http2_setup: don't change connection data on repeat
452	+ invokes
453	+
454	+Regression from 3cb8a748670ab88c (releasde in 7.79.0). That change moved
455	+transfer oriented inits to before the check but also erroneously moved a
456	+few connection oriented ones, which causes problems.
457	+
458	+Reported-by: Evangelos Foutras
459	+Fixes #7730
460	+Closes #7731
461	+--- a/lib/http2.c
462	++++ b/lib/http2.c
463	+@@ -2221,12 +2221,6 @@ CURLcode Curl_http2_setup(struct Curl_easy *data,
464	+ stream->mem = data->state.buffer;
465	+ stream->len = data->set.buffer_size;
466	+
467	+- httpc->inbuflen = 0;
468	+- httpc->nread_inbuf = 0;
469	+-
470	+- httpc->pause_stream_id = 0;
471	+- httpc->drain_total = 0;
472	+-
473	+ multi_connchanged(data->multi);
474	+ /* below this point only connection related inits are done, which only needs
475	+ to be done once per connection */
476	+@@ -2252,6 +2246,12 @@ CURLcode Curl_http2_setup(struct Curl_easy *data,
477	+ conn->httpversion = 20;
478	+ conn->bundle->multiuse = BUNDLE_MULTIPLEX;
479	+
480	++ httpc->inbuflen = 0;
481	++ httpc->nread_inbuf = 0;
482	++
483	++ httpc->pause_stream_id = 0;
484	++ httpc->drain_total = 0;
485	++
486	+ infof(data, "Connection state changed (HTTP/2 confirmed)");
487	+
488	+ return CURLE_OK;
489	+

Gentoo Archives: gentoo-commits