[gentoo-commits] repo/gentoo:master commit in: net-misc/curl/ - gentoo-commits

From:	"Anthony G. Basile" <blueness@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: net-misc/curl/
Date:	Wed, 29 Nov 2017 14:26:20
Message-Id:	`1511965571.724b6dffc5efac27514ac29e5158416f464fed55.blueness@gentoo`

1

commit:     724b6dffc5efac27514ac29e5158416f464fed55

2

Author:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>

3

AuthorDate: Wed Nov 29 14:25:55 2017 +0000

4

Commit:     Anthony G. Basile <blueness <AT> gentoo <DOT> org>

5

CommitDate: Wed Nov 29 14:26:11 2017 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=724b6dff

7

8

net-misc/curl: security bump to 7.57.0, bug #638734

9

10

This addresses CVE-2017-{8816,8817,8818}.

11

12

Package-Manager: Portage-2.3.13, Repoman-2.3.3

13

14

 net-misc/curl/Manifest           |   7 +-

15

 net-misc/curl/curl-7.57.0.ebuild | 248 +++++++++++++++++++++++++++++++++++++++

16

 2 files changed, 252 insertions(+), 3 deletions(-)

17

18

diff --git a/net-misc/curl/Manifest b/net-misc/curl/Manifest

19

index 7ec3c89966b..7a2b8c59206 100644

20

--- a/net-misc/curl/Manifest

21

+++ b/net-misc/curl/Manifest

22

@@ -1,3 +1,4 @@

23

-DIST curl-7.55.1.tar.bz2 2786830 SHA256 e5b1a92ed3b0c11f149886458fa063419500819f1610c020d62f25b8e4b16cfb SHA512 bfeb39e94b8378519b2efba0a476636b80dbee3434104b98464ee81ce3871eb134e065f52abe8bedb69681b43576cb30655c8be0be6115386859d0cb426d745b WHIRLPOOL 287f6f4f5464a780c338755e4e9870381937768c9f4c9545436856ea690ae6bf4d3f886dd816cf080d2ee84e2a3fbf1a0a5a78e5fbc9d9d18bde428458819a8e

24

-DIST curl-7.56.0.tar.bz2 2838517 SHA256 de60a4725a3d461c70aa571d7d69c788f1816d9d1a8a2ef05f864ce8f01279df SHA512 ba17a9fdc4b540d6053fa542bd875f321d009b9ba0cb56b16fe6c217f3856ab061f2a6c735771a0eadc28338889d071884680b4d4c243b4179872abb29915e3b WHIRLPOOL 89bdd5fdf4c99fd30bd7a63ad19d2285591b19134911160c94bf46bb4cdf6156544142b47e29d7c0c9cf06536215604cfc6bc59a5ba570dc16b23626fd1b44b2

25

-DIST curl-7.56.1.tar.bz2 2824548 SHA256 2594670367875e7d87b0f129b5e4690150780884d90244ba0fe3e74a778b5f90 SHA512 f8a602e6890b2791ea9199c80801ffd027980de3733d4ab001ee80b5167f840cc821c6fe7852087c88a471edc9d3f328cf660af3e2c6f7139d6c8de62b0ade68 WHIRLPOOL 428a2f90657cbe3fdc8a837b28f7ad7d80a1c1321a6976e885f79bc3a428c187e1fbc2c6ec48ffa99773aecb27647a46867c35b2fc0c29dbb6fb7f4e7d13f442

26

+DIST curl-7.55.1.tar.bz2 2786830 BLAKE2B 8de6a383b0ad850c88dce78ef68ec320001b6dd20749293395872d8c87ba79a16b4c0da91299afb0368ebff83c1becb360b402cfe3308374eeeb5e71e443f39b SHA512 bfeb39e94b8378519b2efba0a476636b80dbee3434104b98464ee81ce3871eb134e065f52abe8bedb69681b43576cb30655c8be0be6115386859d0cb426d745b

27

+DIST curl-7.56.0.tar.bz2 2838517 BLAKE2B efe2c213f27ffd1f80a45eed67898b2d9c01192fd3abbe65436fd74afe5235e645905a32dd9b3a01872742b152bdb43ff785ea20f317503d634fd68d31449c89 SHA512 ba17a9fdc4b540d6053fa542bd875f321d009b9ba0cb56b16fe6c217f3856ab061f2a6c735771a0eadc28338889d071884680b4d4c243b4179872abb29915e3b

28

+DIST curl-7.56.1.tar.bz2 2824548 BLAKE2B 8c191db379dc3f66d03b46158bf9da936c12b72c7361f4c36ff12a3af818322bb777b6f23eb9b95cfd576704f2e9b73ca87d7327734b2d3e6268b9079d718a7a SHA512 f8a602e6890b2791ea9199c80801ffd027980de3733d4ab001ee80b5167f840cc821c6fe7852087c88a471edc9d3f328cf660af3e2c6f7139d6c8de62b0ade68

29

+DIST curl-7.57.0.tar.bz2 2849283 BLAKE2B 05bf62df8908a7c2b00abbc31067b8e12e8f8527594597e0c92e950a83e359e3ad430930face01057e0d2e6af8e8d759a9e078bd179cdbd69bc7fe2d10c5c5e3 SHA512 f366d2e931d7aff63bac0e1f760ced32c849252947d522427ba92124566906a7e6bd081b6d1630df36895dda2a00ac4cf1bed1470740693ef47ab90c6a270377

30

31

diff --git a/net-misc/curl/curl-7.57.0.ebuild b/net-misc/curl/curl-7.57.0.ebuild

32

new file mode 100644

33

index 00000000000..12b2d138ba7

34

--- /dev/null

35

+++ b/net-misc/curl/curl-7.57.0.ebuild

36

@@ -0,0 +1,248 @@

37

+# Copyright 1999-2017 Gentoo Foundation

38

+# Distributed under the terms of the GNU General Public License v2

39

+

40

+EAPI="6"

41

+

42

+inherit autotools eutils prefix multilib-minimal

43

+

44

+DESCRIPTION="A Client that groks URLs"

45

+HOMEPAGE="https://curl.haxx.se/"

46

+SRC_URI="https://curl.haxx.se/download/${P}.tar.bz2"

47

+

48

+LICENSE="MIT"

49

+SLOT="0"

50

+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"

51

+IUSE="adns http2 idn ipv6 kerberos ldap metalink rtmp samba ssh ssl static-libs test threads"

52

+IUSE+=" curl_ssl_axtls curl_ssl_gnutls curl_ssl_libressl curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_winssl"

53

+IUSE+=" elibc_Winnt"

54

+

55

+#lead to lots of false negatives, bug #285669

56

+RESTRICT="test"

57

+

58

+RDEPEND="ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] )

59

+	ssl? (

60

+		curl_ssl_axtls? (

61

+			net-libs/axtls:0=[${MULTILIB_USEDEP}]

62

+			app-misc/ca-certificates

63

+		)

64

+		curl_ssl_gnutls? (

65

+			net-libs/gnutls:0=[static-libs?,${MULTILIB_USEDEP}]

66

+			dev-libs/nettle:0=[${MULTILIB_USEDEP}]

67

+			app-misc/ca-certificates

68

+		)

69

+		curl_ssl_libressl? (

70

+			dev-libs/libressl:0=[static-libs?,${MULTILIB_USEDEP}]

71

+		)

72

+		curl_ssl_mbedtls? (

73

+			net-libs/mbedtls:0=[${MULTILIB_USEDEP}]

74

+			app-misc/ca-certificates

75

+		)

76

+		curl_ssl_openssl? (

77

+			dev-libs/openssl:0=[static-libs?,${MULTILIB_USEDEP}]

78

+		)

79

+		curl_ssl_nss? (

80

+			dev-libs/nss:0[${MULTILIB_USEDEP}]

81

+			app-misc/ca-certificates

82

+		)

83

+	)

84

+	http2? ( net-libs/nghttp2[${MULTILIB_USEDEP}] )

85

+	idn? ( net-dns/libidn2:0[static-libs?,${MULTILIB_USEDEP}] )

86

+	adns? ( net-dns/c-ares:0[${MULTILIB_USEDEP}] )

87

+	kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )

88

+	metalink? ( >=media-libs/libmetalink-0.1.1[${MULTILIB_USEDEP}] )

89

+	rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] )

90

+	ssh? ( net-libs/libssh2[static-libs?,${MULTILIB_USEDEP}] )

91

+	sys-libs/zlib[${MULTILIB_USEDEP}]

92

+	abi_x86_32? (

93

+		!<=app-emulation/emul-linux-x86-baselibs-20140508-r13

94

+		!app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]

95

+	)"

96

+

97

+# Do we need to enforce the same ssl backend for curl and rtmpdump? Bug #423303

98

+#	rtmp? (

99

+#		media-video/rtmpdump

100

+#		curl_ssl_gnutls? ( media-video/rtmpdump[gnutls] )

101

+#		curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,ssl] )

102

+#	)

103

+

104

+# ssl providers to be added:

105

+# fbopenssl  $(use_with spnego)

106

+

107

+DEPEND="${RDEPEND}

108

+	>=virtual/pkgconfig-0-r1[${MULTILIB_USEDEP}]

109

+	test? (

110

+		sys-apps/diffutils

111

+		dev-lang/perl

112

+	)"

113

+

114

+# c-ares must be disabled for threads

115

+# only one ssl provider can be enabled

116

+REQUIRED_USE="

117

+	curl_ssl_winssl? ( elibc_Winnt )

118

+	threads? ( !adns )

119

+	ssl? (

120

+		^^ (

121

+			curl_ssl_axtls

122

+			curl_ssl_gnutls

123

+			curl_ssl_libressl

124

+			curl_ssl_mbedtls

125

+			curl_ssl_nss

126

+			curl_ssl_openssl

127

+			curl_ssl_winssl

128

+		)

129

+	)"

130

+

131

+DOCS=( CHANGES README docs/FEATURES docs/INTERNALS.md \

132

+	docs/MANUAL docs/FAQ docs/BUGS docs/CONTRIBUTE.md )

133

+

134

+MULTILIB_WRAPPED_HEADERS=(

135

+	/usr/include/curl/curlbuild.h

136

+)

137

+

138

+MULTILIB_CHOST_TOOLS=(

139

+	/usr/bin/curl-config

140

+)

141

+

142

+src_prepare() {

143

+	eapply "${FILESDIR}"/${PN}-7.30.0-prefix.patch

144

+	eapply "${FILESDIR}"/${PN}-respect-cflags-3.patch

145

+	eapply "${FILESDIR}"/${PN}-fix-gnutls-nettle.patch

146

+

147

+	sed -i '/LD_LIBRARY_PATH=/d' configure.ac || die #382241

148

+

149

+	eapply_user

150

+	eprefixify curl-config.in

151

+	eautoreconf

152

+

153

+	if [[ ${CHOST} == *-darwin17 ]] ; then

154

+		# https://bugs.gentoo.org/show_bug.cgi?id=637252

155

+		sed -i -e '/-Werror=partial-availability/s/Werror/Wno-error/g' \

156

+			configure || die

157

+	fi

158

+}

159

+

160

+multilib_src_configure() {

161

+	# We make use of the fact that later flags override earlier ones

162

+	# So start with all ssl providers off until proven otherwise

163

+	local myconf=()

164

+	myconf+=( --without-axtls --without-gnutls --without-mbedtls --without-nss --without-polarssl --without-ssl --without-winssl )

165

+	myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt  )

166

+	if use ssl ; then

167

+		if use curl_ssl_axtls; then

168

+			einfo "SSL provided by axtls"

169

+			myconf+=( --with-axtls )

170

+		elif use curl_ssl_gnutls; then

171

+			einfo "SSL provided by gnutls"

172

+			myconf+=( --with-gnutls --with-nettle )

173

+		elif use curl_ssl_libressl; then

174

+			einfo "SSL provided by LibreSSL"

175

+			myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )

176

+		elif use curl_ssl_mbedtls; then

177

+			einfo "SSL provided by mbedtls"

178

+			myconf+=( --with-mbedtls )

179

+		elif use curl_ssl_nss; then

180

+			einfo "SSL provided by nss"

181

+			myconf+=( --with-nss )

182

+		elif use curl_ssl_openssl; then

183

+			einfo "SSL provided by openssl"

184

+			myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )

185

+		elif use curl_ssl_winssl; then

186

+			einfo "SSL provided by Windows"

187

+			myconf+=( --with-winssl )

188

+		else

189

+			eerror "We can't be here because of REQUIRED_USE."

190

+		fi

191

+	else

192

+		einfo "SSL disabled"

193

+	fi

194

+

195

+	# These configuration options are organized alphabetically

196

+	# within each category.  This should make it easier if we

197

+	# ever decide to make any of them contingent on USE flags:

198

+	# 1) protocols first.  To see them all do

199

+	# 'grep SUPPORT_PROTOCOLS configure.ac'

200

+	# 2) --enable/disable options second.

201

+	# 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort

202

+	# 3) --with/without options third.

203

+	# grep -- --with configure | grep Check | awk '{ print $4 }' | sort

204

+	ECONF_SOURCE="${S}" \

205

+	econf \

206

+		--enable-crypto-auth \

207

+		--enable-dict \

208

+		--enable-file \

209

+		--enable-ftp \

210

+		--enable-gopher \

211

+		--enable-http \

212

+		--enable-imap \

213

+		$(use_enable ldap) \

214

+		$(use_enable ldap ldaps) \

215

+		--disable-ntlm-wb \

216

+		--enable-pop3 \

217

+		--enable-rt  \

218

+		--enable-rtsp \

219

+		$(use_enable samba smb) \

220

+		$(use_with ssh libssh2) \

221

+		--enable-smtp \

222

+		--enable-telnet \

223

+		--enable-tftp \

224

+		--enable-tls-srp \

225

+		$(use_enable adns ares) \

226

+		--enable-cookies \

227

+		--enable-hidden-symbols \

228

+		$(use_enable ipv6) \

229

+		--enable-largefile \

230

+		--without-libpsl \

231

+		--enable-manual \

232

+		--enable-proxy \

233

+		--disable-sspi \

234

+		$(use_enable static-libs static) \

235

+		$(use_enable threads threaded-resolver) \

236

+		$(use_enable threads pthreads) \

237

+		--disable-versioned-symbols \

238

+		--without-cyassl \

239

+		--without-darwinssl \

240

+		$(use_with idn libidn2) \

241

+		$(use_with kerberos gssapi "${EPREFIX}"/usr) \

242

+		$(use_with metalink libmetalink) \

243

+		$(use_with http2 nghttp2) \

244

+		$(use_with rtmp librtmp) \

245

+		--without-brotli \

246

+		--without-spnego \

247

+		--without-winidn \

248

+		--with-zlib \

249

+		"${myconf[@]}"

250

+

251

+	if ! multilib_is_native_abi; then

252

+		# avoid building the client

253

+		sed -i -e '/SUBDIRS/s:src::' Makefile || die

254

+		sed -i -e '/SUBDIRS/s:scripts::' Makefile || die

255

+	fi

256

+

257

+	# Fix up the pkg-config file to be more robust.

258

+	# https://github.com/curl/curl/issues/864

259

+	local priv=() libs=()

260

+	# We always enable zlib.

261

+	libs+=( "-lz" )

262

+	priv+=( "zlib" )

263

+	if use http2; then

264

+		libs+=( "-lnghttp2" )

265

+		priv+=( "libnghttp2" )

266

+	fi

267

+	if use curl_ssl_openssl; then

268

+		libs+=( "-lssl" "-lcrypto" )

269

+		priv+=( "openssl" )

270

+	fi

271

+	grep -q Requires.private libcurl.pc && die "need to update ebuild"

272

+	libs=$(printf '|%s' "${libs[@]}")

273

+	sed -i -r \

274

+		-e "/^Libs.private/s:(${libs#|})( |$)::g" \

275

+		libcurl.pc || die

276

+	echo "Requires.private: ${priv[*]}" >> libcurl.pc

277

+}

278

+

279

+multilib_src_install_all() {

280

+	einstalldocs

281

+	prune_libtool_files --all

282

+

283

+	rm -rf "${ED}"/etc/

284

+}

1	commit: 724b6dffc5efac27514ac29e5158416f464fed55
2	Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
3	AuthorDate: Wed Nov 29 14:25:55 2017 +0000
4	Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
5	CommitDate: Wed Nov 29 14:26:11 2017 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=724b6dff
7
8	net-misc/curl: security bump to 7.57.0, bug #638734
9
10	This addresses CVE-2017-{8816,8817,8818}.
11
12	Package-Manager: Portage-2.3.13, Repoman-2.3.3
13
14	net-misc/curl/Manifest \| 7 +-
15	net-misc/curl/curl-7.57.0.ebuild \| 248 +++++++++++++++++++++++++++++++++++++++
16	2 files changed, 252 insertions(+), 3 deletions(-)
17
18	diff --git a/net-misc/curl/Manifest b/net-misc/curl/Manifest
19	index 7ec3c89966b..7a2b8c59206 100644
20	--- a/net-misc/curl/Manifest
21	+++ b/net-misc/curl/Manifest
22	@@ -1,3 +1,4 @@
23	-DIST curl-7.55.1.tar.bz2 2786830 SHA256 e5b1a92ed3b0c11f149886458fa063419500819f1610c020d62f25b8e4b16cfb SHA512 bfeb39e94b8378519b2efba0a476636b80dbee3434104b98464ee81ce3871eb134e065f52abe8bedb69681b43576cb30655c8be0be6115386859d0cb426d745b WHIRLPOOL 287f6f4f5464a780c338755e4e9870381937768c9f4c9545436856ea690ae6bf4d3f886dd816cf080d2ee84e2a3fbf1a0a5a78e5fbc9d9d18bde428458819a8e
24	-DIST curl-7.56.0.tar.bz2 2838517 SHA256 de60a4725a3d461c70aa571d7d69c788f1816d9d1a8a2ef05f864ce8f01279df SHA512 ba17a9fdc4b540d6053fa542bd875f321d009b9ba0cb56b16fe6c217f3856ab061f2a6c735771a0eadc28338889d071884680b4d4c243b4179872abb29915e3b WHIRLPOOL 89bdd5fdf4c99fd30bd7a63ad19d2285591b19134911160c94bf46bb4cdf6156544142b47e29d7c0c9cf06536215604cfc6bc59a5ba570dc16b23626fd1b44b2
25	-DIST curl-7.56.1.tar.bz2 2824548 SHA256 2594670367875e7d87b0f129b5e4690150780884d90244ba0fe3e74a778b5f90 SHA512 f8a602e6890b2791ea9199c80801ffd027980de3733d4ab001ee80b5167f840cc821c6fe7852087c88a471edc9d3f328cf660af3e2c6f7139d6c8de62b0ade68 WHIRLPOOL 428a2f90657cbe3fdc8a837b28f7ad7d80a1c1321a6976e885f79bc3a428c187e1fbc2c6ec48ffa99773aecb27647a46867c35b2fc0c29dbb6fb7f4e7d13f442
26	+DIST curl-7.55.1.tar.bz2 2786830 BLAKE2B 8de6a383b0ad850c88dce78ef68ec320001b6dd20749293395872d8c87ba79a16b4c0da91299afb0368ebff83c1becb360b402cfe3308374eeeb5e71e443f39b SHA512 bfeb39e94b8378519b2efba0a476636b80dbee3434104b98464ee81ce3871eb134e065f52abe8bedb69681b43576cb30655c8be0be6115386859d0cb426d745b
27	+DIST curl-7.56.0.tar.bz2 2838517 BLAKE2B efe2c213f27ffd1f80a45eed67898b2d9c01192fd3abbe65436fd74afe5235e645905a32dd9b3a01872742b152bdb43ff785ea20f317503d634fd68d31449c89 SHA512 ba17a9fdc4b540d6053fa542bd875f321d009b9ba0cb56b16fe6c217f3856ab061f2a6c735771a0eadc28338889d071884680b4d4c243b4179872abb29915e3b
28	+DIST curl-7.56.1.tar.bz2 2824548 BLAKE2B 8c191db379dc3f66d03b46158bf9da936c12b72c7361f4c36ff12a3af818322bb777b6f23eb9b95cfd576704f2e9b73ca87d7327734b2d3e6268b9079d718a7a SHA512 f8a602e6890b2791ea9199c80801ffd027980de3733d4ab001ee80b5167f840cc821c6fe7852087c88a471edc9d3f328cf660af3e2c6f7139d6c8de62b0ade68
29	+DIST curl-7.57.0.tar.bz2 2849283 BLAKE2B 05bf62df8908a7c2b00abbc31067b8e12e8f8527594597e0c92e950a83e359e3ad430930face01057e0d2e6af8e8d759a9e078bd179cdbd69bc7fe2d10c5c5e3 SHA512 f366d2e931d7aff63bac0e1f760ced32c849252947d522427ba92124566906a7e6bd081b6d1630df36895dda2a00ac4cf1bed1470740693ef47ab90c6a270377
30
31	diff --git a/net-misc/curl/curl-7.57.0.ebuild b/net-misc/curl/curl-7.57.0.ebuild
32	new file mode 100644
33	index 00000000000..12b2d138ba7
34	--- /dev/null
35	+++ b/net-misc/curl/curl-7.57.0.ebuild
36	@@ -0,0 +1,248 @@
37	+# Copyright 1999-2017 Gentoo Foundation
38	+# Distributed under the terms of the GNU General Public License v2
39	+
40	+EAPI="6"
41	+
42	+inherit autotools eutils prefix multilib-minimal
43	+
44	+DESCRIPTION="A Client that groks URLs"
45	+HOMEPAGE="https://curl.haxx.se/"
46	+SRC_URI="https://curl.haxx.se/download/${P}.tar.bz2"
47	+
48	+LICENSE="MIT"
49	+SLOT="0"
50	+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
51	+IUSE="adns http2 idn ipv6 kerberos ldap metalink rtmp samba ssh ssl static-libs test threads"
52	+IUSE+=" curl_ssl_axtls curl_ssl_gnutls curl_ssl_libressl curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_winssl"
53	+IUSE+=" elibc_Winnt"
54	+
55	+#lead to lots of false negatives, bug #285669
56	+RESTRICT="test"
57	+
58	+RDEPEND="ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] )
59	+ ssl? (
60	+ curl_ssl_axtls? (
61	+ net-libs/axtls:0=[${MULTILIB_USEDEP}]
62	+ app-misc/ca-certificates
63	+ )
64	+ curl_ssl_gnutls? (
65	+ net-libs/gnutls:0=[static-libs?,${MULTILIB_USEDEP}]
66	+ dev-libs/nettle:0=[${MULTILIB_USEDEP}]
67	+ app-misc/ca-certificates
68	+ )
69	+ curl_ssl_libressl? (
70	+ dev-libs/libressl:0=[static-libs?,${MULTILIB_USEDEP}]
71	+ )
72	+ curl_ssl_mbedtls? (
73	+ net-libs/mbedtls:0=[${MULTILIB_USEDEP}]
74	+ app-misc/ca-certificates
75	+ )
76	+ curl_ssl_openssl? (
77	+ dev-libs/openssl:0=[static-libs?,${MULTILIB_USEDEP}]
78	+ )
79	+ curl_ssl_nss? (
80	+ dev-libs/nss:0[${MULTILIB_USEDEP}]
81	+ app-misc/ca-certificates
82	+ )
83	+ )
84	+ http2? ( net-libs/nghttp2[${MULTILIB_USEDEP}] )
85	+ idn? ( net-dns/libidn2:0[static-libs?,${MULTILIB_USEDEP}] )
86	+ adns? ( net-dns/c-ares:0[${MULTILIB_USEDEP}] )
87	+ kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
88	+ metalink? ( >=media-libs/libmetalink-0.1.1[${MULTILIB_USEDEP}] )
89	+ rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] )
90	+ ssh? ( net-libs/libssh2[static-libs?,${MULTILIB_USEDEP}] )
91	+ sys-libs/zlib[${MULTILIB_USEDEP}]
92	+ abi_x86_32? (
93	+ !<=app-emulation/emul-linux-x86-baselibs-20140508-r13
94	+ !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)]
95	+ )"
96	+
97	+# Do we need to enforce the same ssl backend for curl and rtmpdump? Bug #423303
98	+# rtmp? (
99	+# media-video/rtmpdump
100	+# curl_ssl_gnutls? ( media-video/rtmpdump[gnutls] )
101	+# curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,ssl] )
102	+# )
103	+
104	+# ssl providers to be added:
105	+# fbopenssl $(use_with spnego)
106	+
107	+DEPEND="${RDEPEND}
108	+ >=virtual/pkgconfig-0-r1[${MULTILIB_USEDEP}]
109	+ test? (
110	+ sys-apps/diffutils
111	+ dev-lang/perl
112	+ )"
113	+
114	+# c-ares must be disabled for threads
115	+# only one ssl provider can be enabled
116	+REQUIRED_USE="
117	+ curl_ssl_winssl? ( elibc_Winnt )
118	+ threads? ( !adns )
119	+ ssl? (
120	+ ^^ (
121	+ curl_ssl_axtls
122	+ curl_ssl_gnutls
123	+ curl_ssl_libressl
124	+ curl_ssl_mbedtls
125	+ curl_ssl_nss
126	+ curl_ssl_openssl
127	+ curl_ssl_winssl
128	+ )
129	+ )"
130	+
131	+DOCS=( CHANGES README docs/FEATURES docs/INTERNALS.md \
132	+ docs/MANUAL docs/FAQ docs/BUGS docs/CONTRIBUTE.md )
133	+
134	+MULTILIB_WRAPPED_HEADERS=(
135	+ /usr/include/curl/curlbuild.h
136	+)
137	+
138	+MULTILIB_CHOST_TOOLS=(
139	+ /usr/bin/curl-config
140	+)
141	+
142	+src_prepare() {
143	+ eapply "${FILESDIR}"/${PN}-7.30.0-prefix.patch
144	+ eapply "${FILESDIR}"/${PN}-respect-cflags-3.patch
145	+ eapply "${FILESDIR}"/${PN}-fix-gnutls-nettle.patch
146	+
147	+ sed -i '/LD_LIBRARY_PATH=/d' configure.ac \|\| die #382241
148	+
149	+ eapply_user
150	+ eprefixify curl-config.in
151	+ eautoreconf
152	+
153	+ if [[ ${CHOST} == *-darwin17 ]] ; then
154	+ # https://bugs.gentoo.org/show_bug.cgi?id=637252
155	+ sed -i -e '/-Werror=partial-availability/s/Werror/Wno-error/g' \
156	+ configure \|\| die
157	+ fi
158	+}
159	+
160	+multilib_src_configure() {
161	+ # We make use of the fact that later flags override earlier ones
162	+ # So start with all ssl providers off until proven otherwise
163	+ local myconf=()
164	+ myconf+=( --without-axtls --without-gnutls --without-mbedtls --without-nss --without-polarssl --without-ssl --without-winssl )
165	+ myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt )
166	+ if use ssl ; then
167	+ if use curl_ssl_axtls; then
168	+ einfo "SSL provided by axtls"
169	+ myconf+=( --with-axtls )
170	+ elif use curl_ssl_gnutls; then
171	+ einfo "SSL provided by gnutls"
172	+ myconf+=( --with-gnutls --with-nettle )
173	+ elif use curl_ssl_libressl; then
174	+ einfo "SSL provided by LibreSSL"
175	+ myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )
176	+ elif use curl_ssl_mbedtls; then
177	+ einfo "SSL provided by mbedtls"
178	+ myconf+=( --with-mbedtls )
179	+ elif use curl_ssl_nss; then
180	+ einfo "SSL provided by nss"
181	+ myconf+=( --with-nss )
182	+ elif use curl_ssl_openssl; then
183	+ einfo "SSL provided by openssl"
184	+ myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )
185	+ elif use curl_ssl_winssl; then
186	+ einfo "SSL provided by Windows"
187	+ myconf+=( --with-winssl )
188	+ else
189	+ eerror "We can't be here because of REQUIRED_USE."
190	+ fi
191	+ else
192	+ einfo "SSL disabled"
193	+ fi
194	+
195	+ # These configuration options are organized alphabetically
196	+ # within each category. This should make it easier if we
197	+ # ever decide to make any of them contingent on USE flags:
198	+ # 1) protocols first. To see them all do
199	+ # 'grep SUPPORT_PROTOCOLS configure.ac'
200	+ # 2) --enable/disable options second.
201	+ # 'grep -- --enable configure \| grep Check \| awk '{ print $4 }' \| sort
202	+ # 3) --with/without options third.
203	+ # grep -- --with configure \| grep Check \| awk '{ print $4 }' \| sort
204	+ ECONF_SOURCE="${S}" \
205	+ econf \
206	+ --enable-crypto-auth \
207	+ --enable-dict \
208	+ --enable-file \
209	+ --enable-ftp \
210	+ --enable-gopher \
211	+ --enable-http \
212	+ --enable-imap \
213	+ $(use_enable ldap) \
214	+ $(use_enable ldap ldaps) \
215	+ --disable-ntlm-wb \
216	+ --enable-pop3 \
217	+ --enable-rt \
218	+ --enable-rtsp \
219	+ $(use_enable samba smb) \
220	+ $(use_with ssh libssh2) \
221	+ --enable-smtp \
222	+ --enable-telnet \
223	+ --enable-tftp \
224	+ --enable-tls-srp \
225	+ $(use_enable adns ares) \
226	+ --enable-cookies \
227	+ --enable-hidden-symbols \
228	+ $(use_enable ipv6) \
229	+ --enable-largefile \
230	+ --without-libpsl \
231	+ --enable-manual \
232	+ --enable-proxy \
233	+ --disable-sspi \
234	+ $(use_enable static-libs static) \
235	+ $(use_enable threads threaded-resolver) \
236	+ $(use_enable threads pthreads) \
237	+ --disable-versioned-symbols \
238	+ --without-cyassl \
239	+ --without-darwinssl \
240	+ $(use_with idn libidn2) \
241	+ $(use_with kerberos gssapi "${EPREFIX}"/usr) \
242	+ $(use_with metalink libmetalink) \
243	+ $(use_with http2 nghttp2) \
244	+ $(use_with rtmp librtmp) \
245	+ --without-brotli \
246	+ --without-spnego \
247	+ --without-winidn \
248	+ --with-zlib \
249	+ "${myconf[@]}"
250	+
251	+ if ! multilib_is_native_abi; then
252	+ # avoid building the client
253	+ sed -i -e '/SUBDIRS/s:src::' Makefile \|\| die
254	+ sed -i -e '/SUBDIRS/s:scripts::' Makefile \|\| die
255	+ fi
256	+
257	+ # Fix up the pkg-config file to be more robust.
258	+ # https://github.com/curl/curl/issues/864
259	+ local priv=() libs=()
260	+ # We always enable zlib.
261	+ libs+=( "-lz" )
262	+ priv+=( "zlib" )
263	+ if use http2; then
264	+ libs+=( "-lnghttp2" )
265	+ priv+=( "libnghttp2" )
266	+ fi
267	+ if use curl_ssl_openssl; then
268	+ libs+=( "-lssl" "-lcrypto" )
269	+ priv+=( "openssl" )
270	+ fi
271	+ grep -q Requires.private libcurl.pc && die "need to update ebuild"
272	+ libs=$(printf '\|%s' "${libs[@]}")
273	+ sed -i -r \
274	+ -e "/^Libs.private/s:(${libs#\|})( \|$)::g" \
275	+ libcurl.pc \|\| die
276	+ echo "Requires.private: ${priv[*]}" >> libcurl.pc
277	+}
278	+
279	+multilib_src_install_all() {
280	+ einstalldocs
281	+ prune_libtool_files --all
282	+
283	+ rm -rf "${ED}"/etc/
284	+}

Gentoo Archives: gentoo-commits