mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-10-01 02:22:11 +02:00
Code Issues Packages Projects Releases Wiki Activity

net-misc/curl: sync with gentoo upstream

Browse Source 
this addresses the following CVE:
- CVE-2021-22898
- CVE-2021-22901

Signed-off-by: Mathieu Tortuyaux <mathieu@kinvolk.io>
This commit is contained in:
Mathieu Tortuyaux 2021-06-22 11:47:45 +02:00
parent dd8c068abf
commit 3e4da82981
7 changed files with 3 additions and 1194 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
sdk_container/src/third_party/portage-stable/net-misc/curl/Manifest vendored
View File

@ -1,4 +1 @@
DIST curl-7.74.0.tar.xz 2400972 BLAKE2B bef9e01493994afc933549a78b41065708aeaa9f6f5cdd1dbf2f43bbb03bbc97b17308b8bda5f11599c3cc0c6c77903e6fa6f1310ff874fad902a59566b51e8a SHA512 5d987f0b4d051c9e254f14d4e2a05f7cda9fb0f0ac7b3ca3664a25a51ee5ffe092ee072c0d9a613fcd3f34727d75bba14b70f5500cb110ca818591e071c3e6f4
DIST curl-7.75.0.tar.xz 2418816 BLAKE2B 74889ede1b57a6685eef0f504d4c261c0b271b36ab3290bfc895efe9a6fffe4bfd433eaae438cd2b54a920671a2ebc2ca5e73bd88f6be40b4f46ef281028f1d8 SHA512 4c2fc6658379b8b93dd50665b70f3000b63d3bcafd2df60b7e651a8edf4735b3decb06c338b84cb22058191aa9f8f4dc85760a42f9987210b59300758304b746
DIST curl-7.76.0.tar.xz 2428552 BLAKE2B 7c02bbd3c86a5de38990f7ef63e92804fc02977bf34eb4372e7ac95aa091689094193bcf58e30d76114341f930777787cbfbbf83f02c5037f7ac7599296a6735 SHA512 a67e5078b48150c6f5331e76b25a6b197f1e916be1db900bf9455b032b3af5a71610b47e607546ecbae510d196a0cfcb75a14dac549288797af1701b7b587ece
DIST curl-7.76.1.tar.xz 2427636 BLAKE2B 56452871fbd998f0c9a5af86b3853ed1dfc956c39380e5da472b4f382db45926ac3aa9e395ae7d2812aac0f0f29bee28343218810a169beb592c5224e0a4f018 SHA512 5fe85d2e776789aa8117c57fe7648e375b7fa92d5ead5d69855f19ca9a2624d77a1f9ab91766ecb72bbc17e82862248cd07e48917884d6fd856b93fb00d83e28
DIST curl-7.77.0.tar.xz 2439336 BLAKE2B 433b3179dcf2c3363514b72bf9c54286873d8e5559b33e543ba8f3e7df25a619c5be13a8aacb9361c4464b646af4d1fb214d4de57a17f3de7e8f379777214d13 SHA512 aef92a0e3f8ce8491b258a9a1c4dcea3c07c29b139a1f68f08619caa0295cfde76335d2dfb9cdf434525daea7dd05d8acd22f203f5ccc7735bd317964ec1da76

291
sdk_container/src/third_party/portage-stable/net-misc/curl/curl-7.74.0-r2.ebuild vendored
View File

@ -1,291 +0,0 @@
# Copyright 1999-2021 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI="7"
inherit autotools prefix multilib-minimal
DESCRIPTION="A Client that groks URLs"
HOMEPAGE="https://curl.haxx.se/"
SRC_URI="https://curl.haxx.se/download/${P}.tar.xz"
LICENSE="curl"
SLOT="0"
#KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap libressl mbedtls metalink nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl static-libs test telnet +tftp threads winssl zstd"
IUSE+=" curl_ssl_gnutls curl_ssl_libressl curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_winssl"
IUSE+=" nghttp3 quiche"
IUSE+=" elibc_Winnt"
#lead to lots of false negatives, bug #285669
RESTRICT="!test? ( test )"
RDEPEND="ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] )
brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] )
ssl? (
gnutls? (
net-libs/gnutls:0=[static-libs?,${MULTILIB_USEDEP}]
dev-libs/nettle:0=[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
mbedtls? (
net-libs/mbedtls:0=[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
openssl? (
!libressl? ( dev-libs/openssl:0=[static-libs?,${MULTILIB_USEDEP}] )
libressl? ( dev-libs/libressl:0=[static-libs?,${MULTILIB_USEDEP}] )
)
nss? (
dev-libs/nss:0[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
)
http2? ( net-libs/nghttp2[${MULTILIB_USEDEP}] )
nghttp3? (
net-libs/nghttp3[${MULTILIB_USEDEP}]
net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}]
)
quiche? ( >=net-libs/quiche-0.3.0[${MULTILIB_USEDEP}] )
idn? ( net-dns/libidn2:0=[static-libs?,${MULTILIB_USEDEP}] )
adns? ( net-dns/c-ares:0[${MULTILIB_USEDEP}] )
kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
metalink? ( >=media-libs/libmetalink-0.1.1[${MULTILIB_USEDEP}] )
rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] )
ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] )
sys-libs/zlib[${MULTILIB_USEDEP}]
zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )"
# Do we need to enforce the same ssl backend for curl and rtmpdump? Bug #423303
# rtmp? (
# media-video/rtmpdump
# curl_ssl_gnutls? ( media-video/rtmpdump[gnutls] )
# curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,ssl] )
# )
# ssl providers to be added:
# fbopenssl $(use_with spnego)
DEPEND="${RDEPEND}"
BDEPEND="virtual/pkgconfig
test? (
sys-apps/diffutils
dev-lang/perl
)"
# c-ares must be disabled for threads
# only one default ssl provider can be enabled
REQUIRED_USE="
winssl? ( elibc_Winnt )
threads? ( !adns )
ssl? (
^^ (
curl_ssl_gnutls
curl_ssl_libressl
curl_ssl_mbedtls
curl_ssl_nss
curl_ssl_openssl
curl_ssl_winssl
)
)"
DOCS=( CHANGES README docs/FEATURES.md docs/INTERNALS.md \
docs/FAQ docs/BUGS.md docs/CONTRIBUTE.md )
MULTILIB_WRAPPED_HEADERS=(
/usr/include/curl/curlbuild.h
)
MULTILIB_CHOST_TOOLS=(
/usr/bin/curl-config
)
src_prepare() {
eapply "${FILESDIR}"/${PN}-7.30.0-prefix.patch
eapply "${FILESDIR}"/${PN}-respect-cflags-3.patch
eapply "${FILESDIR}"/${PN}-fix-gnutls-nettle.patch
sed -i '/LD_LIBRARY_PATH=/d' configure.ac || die #382241
sed -i '/CURL_MAC_CFLAGS/d' configure.ac || die #637252
eapply_user
eprefixify curl-config.in
eautoreconf
}
multilib_src_configure() {
# We make use of the fact that later flags override earlier ones
# So start with all ssl providers off until proven otherwise
# TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/)
local myconf=()
myconf+=( --without-gnutls --without-mbedtls --without-nss --without-polarssl --without-ssl --without-winssl )
myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt )
#myconf+=( --without-default-ssl-backend )
if use ssl ; then
if use gnutls || use curl_ssl_gnutls; then
einfo "SSL provided by gnutls"
myconf+=( --with-gnutls --with-nettle )
fi
if use mbedtls || use curl_ssl_mbedtls; then
einfo "SSL provided by mbedtls"
myconf+=( --with-mbedtls )
fi
if use nss || use curl_ssl_nss; then
einfo "SSL provided by nss"
myconf+=( --with-nss )
fi
if use openssl || use curl_ssl_openssl || use curl_ssl_libressl; then
einfo "SSL provided by openssl"
myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )
fi
if use winssl || use curl_ssl_winssl; then
einfo "SSL provided by Windows"
myconf+=( --with-winssl )
fi
if use curl_ssl_gnutls; then
einfo "Default SSL provided by gnutls"
myconf+=( --with-default-ssl-backend=gnutls )
elif use curl_ssl_libressl; then
einfo "Default SSL provided by LibreSSL"
myconf+=( --with-default-ssl-backend=openssl ) # NOTE THE HACK HERE
elif use curl_ssl_mbedtls; then
einfo "Default SSL provided by mbedtls"
myconf+=( --with-default-ssl-backend=mbedtls )
elif use curl_ssl_nss; then
einfo "Default SSL provided by nss"
myconf+=( --with-default-ssl-backend=nss )
elif use curl_ssl_openssl; then
einfo "Default SSL provided by openssl"
myconf+=( --with-default-ssl-backend=openssl )
elif use curl_ssl_winssl; then
einfo "Default SSL provided by Windows"
myconf+=( --with-default-ssl-backend=winssl )
else
eerror "We can't be here because of REQUIRED_USE."
fi
else
einfo "SSL disabled"
fi
# These configuration options are organized alphabetically
# within each category. This should make it easier if we
# ever decide to make any of them contingent on USE flags:
# 1) protocols first. To see them all do
# 'grep SUPPORT_PROTOCOLS configure.ac'
# 2) --enable/disable options second.
# 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort
# 3) --with/without options third.
# grep -- --with configure | grep Check | awk '{ print $4 }' | sort
ECONF_SOURCE="${S}" \
econf \
$(use_enable alt-svc) \
--enable-crypto-auth \
--enable-dict \
--disable-ech \
--enable-file \
$(use_enable ftp) \
$(use_enable gopher) \
$(use_enable hsts) \
--enable-http \
$(use_enable imap) \
$(use_enable ldap) \
$(use_enable ldap ldaps) \
--disable-ntlm-wb \
$(use_enable pop3) \
--enable-rt \
--enable-rtsp \
$(use_enable samba smb) \
$(use_with ssh libssh2) \
$(use_enable smtp) \
$(use_enable telnet) \
$(use_enable tftp) \
--enable-tls-srp \
$(use_enable adns ares) \
--enable-cookies \
--enable-dateparse \
--enable-dnsshuffle \
--enable-doh \
--enable-hidden-symbols \
--enable-http-auth \
$(use_enable ipv6) \
--enable-largefile \
--enable-manual \
--enable-mime \
--enable-netrc \
$(use_enable progress-meter) \
--enable-proxy \
--disable-sspi \
$(use_enable static-libs static) \
$(use_enable threads threaded-resolver) \
$(use_enable threads pthreads) \
--disable-versioned-symbols \
--without-amissl \
--without-bearssl \
--without-cyassl \
--without-darwinssl \
--without-fish-functions-dir \
$(use_with idn libidn2) \
$(use_with kerberos gssapi "${EPREFIX}"/usr) \
$(use_with metalink libmetalink) \
$(use_with http2 nghttp2) \
--without-libpsl \
$(use_with nghttp3) \
$(use_with nghttp3 ngtcp2) \
$(use_with quiche) \
$(use_with rtmp librtmp) \
$(use_with brotli) \
--without-schannel \
--without-secure-transport \
--without-spnego \
--without-winidn \
--without-wolfssl \
--with-zlib \
$(use_with zstd) \
"${myconf[@]}"
if ! multilib_is_native_abi; then
# avoid building the client
sed -i -e '/SUBDIRS/s:src::' Makefile || die
sed -i -e '/SUBDIRS/s:scripts::' Makefile || die
fi
# Fix up the pkg-config file to be more robust.
# https://github.com/curl/curl/issues/864
local priv=() libs=()
# We always enable zlib.
libs+=( "-lz" )
priv+=( "zlib" )
if use http2; then
libs+=( "-lnghttp2" )
priv+=( "libnghttp2" )
fi
if use quiche; then
libs+=( "-lquiche" )
priv+=( "quiche" )
fi
if use nghttp3; then
libs+=( "-lnghttp3" "-lngtcp2" )
priv+=( "libnghttp3" "-libtcp2" )
fi
if use ssl && use curl_ssl_openssl; then
libs+=( "-lssl" "-lcrypto" )
priv+=( "openssl" )
fi
grep -q Requires.private libcurl.pc && die "need to update ebuild"
libs=$(printf '|%s' "${libs[@]}")
sed -i -r \
-e "/^Libs.private/s:(${libs#|})( |$)::g" \
libcurl.pc || die
echo "Requires.private: ${priv[*]}" >> libcurl.pc
}
multilib_src_install_all() {
einstalldocs
find "${ED}" -type f -name '*.la' -delete
rm -rf "${ED}"/etc/
}

289
sdk_container/src/third_party/portage-stable/net-misc/curl/curl-7.74.0-r4.ebuild vendored
View File

@ -1,289 +0,0 @@
# Copyright 1999-2021 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI="7"
inherit autotools prefix multilib-minimal
DESCRIPTION="A Client that groks URLs"
HOMEPAGE="https://curl.haxx.se/"
SRC_URI="https://curl.haxx.se/download/${P}.tar.xz"
LICENSE="curl"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls metalink nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads winssl zstd"
IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_winssl"
IUSE+=" nghttp3 quiche"
IUSE+=" elibc_Winnt"
# c-ares must be disabled for threads
# only one default ssl provider can be enabled
REQUIRED_USE="
winssl? ( elibc_Winnt )
threads? ( !adns )
ssl? (
^^ (
curl_ssl_gnutls
curl_ssl_mbedtls
curl_ssl_nss
curl_ssl_openssl
curl_ssl_winssl
)
)"
# lead to lots of false negatives, bug #285669
RESTRICT="!test? ( test )"
RDEPEND="ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] )
brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] )
ssl? (
gnutls? (
net-libs/gnutls:0=[static-libs?,${MULTILIB_USEDEP}]
dev-libs/nettle:0=[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
mbedtls? (
net-libs/mbedtls:0=[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
openssl? (
dev-libs/openssl:0=[sslv3=,static-libs?,${MULTILIB_USEDEP}]
)
nss? (
dev-libs/nss:0[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
)
http2? ( net-libs/nghttp2[${MULTILIB_USEDEP}] )
nghttp3? (
net-libs/nghttp3[${MULTILIB_USEDEP}]
net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}]
)
quiche? ( >=net-libs/quiche-0.3.0[${MULTILIB_USEDEP}] )
idn? ( net-dns/libidn2:0=[static-libs?,${MULTILIB_USEDEP}] )
adns? ( net-dns/c-ares:0[${MULTILIB_USEDEP}] )
kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
metalink? ( >=media-libs/libmetalink-0.1.1[${MULTILIB_USEDEP}] )
rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] )
ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] )
sys-libs/zlib[${MULTILIB_USEDEP}]
zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )"
# Do we need to enforce the same ssl backend for curl and rtmpdump? Bug #423303
# rtmp? (
# media-video/rtmpdump
# curl_ssl_gnutls? ( media-video/rtmpdump[gnutls] )
# curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,ssl] )
# )
# ssl providers to be added:
# fbopenssl $(use_with spnego)
DEPEND="${RDEPEND}"
BDEPEND="virtual/pkgconfig
test? (
sys-apps/diffutils
dev-lang/perl
)"
DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} )
MULTILIB_WRAPPED_HEADERS=(
/usr/include/curl/curlbuild.h
)
MULTILIB_CHOST_TOOLS=(
/usr/bin/curl-config
)
PATCHES=(
"${FILESDIR}"/${PN}-7.30.0-prefix.patch
"${FILESDIR}"/${PN}-respect-cflags-3.patch
"${FILESDIR}"/${PN}-fix-gnutls-nettle.patch
)
src_prepare() {
default
sed -i '/LD_LIBRARY_PATH=/d' configure.ac || die #382241
sed -i '/CURL_MAC_CFLAGS/d' configure.ac || die #637252
eprefixify curl-config.in
eautoreconf
}
multilib_src_configure() {
# We make use of the fact that later flags override earlier ones
# So start with all ssl providers off until proven otherwise
# TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/)
local myconf=()
myconf+=( --without-gnutls --without-mbedtls --without-nss --without-polarssl --without-ssl --without-winssl )
myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt )
#myconf+=( --without-default-ssl-backend )
if use ssl ; then
if use gnutls || use curl_ssl_gnutls; then
einfo "SSL provided by gnutls"
myconf+=( --with-gnutls --with-nettle )
fi
if use mbedtls || use curl_ssl_mbedtls; then
einfo "SSL provided by mbedtls"
myconf+=( --with-mbedtls )
fi
if use nss || use curl_ssl_nss; then
einfo "SSL provided by nss"
myconf+=( --with-nss )
fi
if use openssl || use curl_ssl_openssl; then
einfo "SSL provided by openssl"
myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )
fi
if use winssl || use curl_ssl_winssl; then
einfo "SSL provided by Windows"
myconf+=( --with-winssl )
fi
if use curl_ssl_gnutls; then
einfo "Default SSL provided by gnutls"
myconf+=( --with-default-ssl-backend=gnutls )
elif use curl_ssl_mbedtls; then
einfo "Default SSL provided by mbedtls"
myconf+=( --with-default-ssl-backend=mbedtls )
elif use curl_ssl_nss; then
einfo "Default SSL provided by nss"
myconf+=( --with-default-ssl-backend=nss )
elif use curl_ssl_openssl; then
einfo "Default SSL provided by openssl"
myconf+=( --with-default-ssl-backend=openssl )
elif use curl_ssl_winssl; then
einfo "Default SSL provided by Windows"
myconf+=( --with-default-ssl-backend=winssl )
else
eerror "We can't be here because of REQUIRED_USE."
fi
else
einfo "SSL disabled"
fi
# These configuration options are organized alphabetically
# within each category. This should make it easier if we
# ever decide to make any of them contingent on USE flags:
# 1) protocols first. To see them all do
# 'grep SUPPORT_PROTOCOLS configure.ac'
# 2) --enable/disable options second.
# 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort
# 3) --with/without options third.
# grep -- --with configure | grep Check | awk '{ print $4 }' | sort
myconf+=(
$(use_enable alt-svc)
--enable-crypto-auth
--enable-dict
--disable-ech
--enable-file
$(use_enable ftp)
$(use_enable gopher)
$(use_enable hsts)
--enable-http
$(use_enable imap)
$(use_enable ldap)
$(use_enable ldap ldaps)
--disable-ntlm-wb
$(use_enable pop3)
--enable-rt
--enable-rtsp
$(use_enable samba smb)
$(use_with ssh libssh2)
$(use_enable smtp)
$(use_enable telnet)
$(use_enable tftp)
--enable-tls-srp
$(use_enable adns ares)
--enable-cookies
--enable-dateparse
--enable-dnsshuffle
--enable-doh
--enable-hidden-symbols
--enable-http-auth
$(use_enable ipv6)
--enable-largefile
--enable-manual
--enable-mime
--enable-netrc
$(use_enable progress-meter)
--enable-proxy
--disable-sspi
$(use_enable static-libs static)
$(use_enable threads threaded-resolver)
$(use_enable threads pthreads)
--disable-versioned-symbols
--without-amissl
--without-bearssl
--without-cyassl
--without-darwinssl
--without-fish-functions-dir
$(use_with idn libidn2)
$(use_with kerberos gssapi "${EPREFIX}"/usr)
$(use_with metalink libmetalink)
$(use_with http2 nghttp2)
--without-libpsl
$(use_with nghttp3)
$(use_with nghttp3 ngtcp2)
$(use_with quiche)
$(use_with rtmp librtmp)
$(use_with brotli)
--without-schannel
--without-secure-transport
--without-spnego
--without-winidn
--without-wolfssl
--with-zlib
$(use_with zstd)
)
ECONF_SOURCE="${S}" \
econf "${myconf[@]}"
if ! multilib_is_native_abi; then
# avoid building the client
sed -i -e '/SUBDIRS/s:src::' Makefile || die
sed -i -e '/SUBDIRS/s:scripts::' Makefile || die
fi
# Fix up the pkg-config file to be more robust.
# https://github.com/curl/curl/issues/864
local priv=() libs=()
# We always enable zlib.
libs+=( "-lz" )
priv+=( "zlib" )
if use http2; then
libs+=( "-lnghttp2" )
priv+=( "libnghttp2" )
fi
if use quiche; then
libs+=( "-lquiche" )
priv+=( "quiche" )
fi
if use nghttp3; then
libs+=( "-lnghttp3" "-lngtcp2" )
priv+=( "libnghttp3" "-libtcp2" )
fi
if use ssl && use curl_ssl_openssl; then
libs+=( "-lssl" "-lcrypto" )
priv+=( "openssl" )
fi
grep -q Requires.private libcurl.pc && die "need to update ebuild"
libs=$(printf '|%s' "${libs[@]}")
sed -i -r \
-e "/^Libs.private/s:(${libs#|})( |$)::g" \
libcurl.pc || die
echo "Requires.private: ${priv[*]}" >> libcurl.pc
}
multilib_src_install_all() {
einstalldocs
find "${ED}" -type f -name '*.la' -delete || die
rm -rf "${ED}"/etc/ || die
}

290
sdk_container/src/third_party/portage-stable/net-misc/curl/curl-7.75.0.ebuild vendored
View File

@ -1,290 +0,0 @@
# Copyright 1999-2021 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI="7"
inherit autotools prefix multilib-minimal
DESCRIPTION="A Client that groks URLs"
HOMEPAGE="https://curl.haxx.se/"
SRC_URI="https://curl.haxx.se/download/${P}.tar.xz"
LICENSE="curl"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls metalink nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads winssl zstd"
IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_winssl"
IUSE+=" nghttp3 quiche"
IUSE+=" elibc_Winnt"
# c-ares must be disabled for threads
# only one default ssl provider can be enabled
REQUIRED_USE="
winssl? ( elibc_Winnt )
threads? ( !adns )
ssl? (
^^ (
curl_ssl_gnutls
curl_ssl_mbedtls
curl_ssl_nss
curl_ssl_openssl
curl_ssl_winssl
)
)"
# lead to lots of false negatives, bug #285669
RESTRICT="!test? ( test )"
RDEPEND="ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] )
brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] )
ssl? (
gnutls? (
net-libs/gnutls:0=[static-libs?,${MULTILIB_USEDEP}]
dev-libs/nettle:0=[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
mbedtls? (
net-libs/mbedtls:0=[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
openssl? (
dev-libs/openssl:0=[sslv3=,static-libs?,${MULTILIB_USEDEP}]
)
nss? (
dev-libs/nss:0[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
)
http2? ( net-libs/nghttp2[${MULTILIB_USEDEP}] )
nghttp3? (
net-libs/nghttp3[${MULTILIB_USEDEP}]
net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}]
)
quiche? ( >=net-libs/quiche-0.3.0[${MULTILIB_USEDEP}] )
idn? ( net-dns/libidn2:0=[static-libs?,${MULTILIB_USEDEP}] )
adns? ( net-dns/c-ares:0[${MULTILIB_USEDEP}] )
kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
metalink? ( >=media-libs/libmetalink-0.1.1[${MULTILIB_USEDEP}] )
rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] )
ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] )
sys-libs/zlib[${MULTILIB_USEDEP}]
zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )"
# Do we need to enforce the same ssl backend for curl and rtmpdump? Bug #423303
# rtmp? (
# media-video/rtmpdump
# curl_ssl_gnutls? ( media-video/rtmpdump[gnutls] )
# curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,ssl] )
# )
# ssl providers to be added:
# fbopenssl $(use_with spnego)
DEPEND="${RDEPEND}"
BDEPEND="virtual/pkgconfig
test? (
sys-apps/diffutils
dev-lang/perl
)"
DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} )
MULTILIB_WRAPPED_HEADERS=(
/usr/include/curl/curlbuild.h
)
MULTILIB_CHOST_TOOLS=(
/usr/bin/curl-config
)
PATCHES=(
"${FILESDIR}"/${PN}-7.30.0-prefix.patch
"${FILESDIR}"/${PN}-respect-cflags-3.patch
"${FILESDIR}"/${PN}-fix-gnutls-nettle.patch
)
src_prepare() {
default
sed -i '/LD_LIBRARY_PATH=/d' configure.ac || die #382241
sed -i '/CURL_MAC_CFLAGS/d' configure.ac || die #637252
eprefixify curl-config.in
eautoreconf
}
multilib_src_configure() {
# We make use of the fact that later flags override earlier ones
# So start with all ssl providers off until proven otherwise
# TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/)
local myconf=()
myconf+=( --without-gnutls --without-mbedtls --without-nss --without-polarssl --without-ssl --without-winssl )
myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt )
#myconf+=( --without-default-ssl-backend )
if use ssl ; then
if use gnutls || use curl_ssl_gnutls; then
einfo "SSL provided by gnutls"
myconf+=( --with-gnutls --with-nettle )
fi
if use mbedtls || use curl_ssl_mbedtls; then
einfo "SSL provided by mbedtls"
myconf+=( --with-mbedtls )
fi
if use nss || use curl_ssl_nss; then
einfo "SSL provided by nss"
myconf+=( --with-nss )
fi
if use openssl || use curl_ssl_openssl; then
einfo "SSL provided by openssl"
myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )
fi
if use winssl || use curl_ssl_winssl; then
einfo "SSL provided by Windows"
myconf+=( --with-winssl )
fi
if use curl_ssl_gnutls; then
einfo "Default SSL provided by gnutls"
myconf+=( --with-default-ssl-backend=gnutls )
elif use curl_ssl_mbedtls; then
einfo "Default SSL provided by mbedtls"
myconf+=( --with-default-ssl-backend=mbedtls )
elif use curl_ssl_nss; then
einfo "Default SSL provided by nss"
myconf+=( --with-default-ssl-backend=nss )
elif use curl_ssl_openssl; then
einfo "Default SSL provided by openssl"
myconf+=( --with-default-ssl-backend=openssl )
elif use curl_ssl_winssl; then
einfo "Default SSL provided by Windows"
myconf+=( --with-default-ssl-backend=winssl )
else
eerror "We can't be here because of REQUIRED_USE."
fi
else
einfo "SSL disabled"
fi
# These configuration options are organized alphabetically
# within each category. This should make it easier if we
# ever decide to make any of them contingent on USE flags:
# 1) protocols first. To see them all do
# 'grep SUPPORT_PROTOCOLS configure.ac'
# 2) --enable/disable options second.
# 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort
# 3) --with/without options third.
# grep -- --with configure | grep Check | awk '{ print $4 }' | sort
myconf+=(
$(use_enable alt-svc)
--enable-crypto-auth
--enable-dict
--disable-ech
--enable-file
$(use_enable ftp)
$(use_enable gopher)
$(use_enable hsts)
--enable-http
$(use_enable imap)
$(use_enable ldap)
$(use_enable ldap ldaps)
--disable-ntlm-wb
$(use_enable pop3)
--enable-rt
--enable-rtsp
$(use_enable samba smb)
$(use_with ssh libssh2)
$(use_enable smtp)
$(use_enable telnet)
$(use_enable tftp)
--enable-tls-srp
$(use_enable adns ares)
--enable-cookies
--enable-dateparse
--enable-dnsshuffle
--enable-doh
--enable-hidden-symbols
--enable-http-auth
$(use_enable ipv6)
--enable-largefile
--enable-manual
--enable-mime
--enable-netrc
$(use_enable progress-meter)
--enable-proxy
--disable-sspi
$(use_enable static-libs static)
$(use_enable threads threaded-resolver)
$(use_enable threads pthreads)
--disable-versioned-symbols
--without-amissl
--without-bearssl
--without-cyassl
--without-darwinssl
--without-fish-functions-dir
--without-hyper
$(use_with idn libidn2)
$(use_with kerberos gssapi "${EPREFIX}"/usr)
$(use_with metalink libmetalink)
$(use_with http2 nghttp2)
--without-libpsl
$(use_with nghttp3)
$(use_with nghttp3 ngtcp2)
$(use_with quiche)
$(use_with rtmp librtmp)
$(use_with brotli)
--without-schannel
--without-secure-transport
--without-spnego
--without-winidn
--without-wolfssl
--with-zlib
$(use_with zstd)
)
ECONF_SOURCE="${S}" \
econf "${myconf[@]}"
if ! multilib_is_native_abi; then
# avoid building the client
sed -i -e '/SUBDIRS/s:src::' Makefile || die
sed -i -e '/SUBDIRS/s:scripts::' Makefile || die
fi
# Fix up the pkg-config file to be more robust.
# https://github.com/curl/curl/issues/864
local priv=() libs=()
# We always enable zlib.
libs+=( "-lz" )
priv+=( "zlib" )
if use http2; then
libs+=( "-lnghttp2" )
priv+=( "libnghttp2" )
fi
if use quiche; then
libs+=( "-lquiche" )
priv+=( "quiche" )
fi
if use nghttp3; then
libs+=( "-lnghttp3" "-lngtcp2" )
priv+=( "libnghttp3" "-libtcp2" )
fi
if use ssl && use curl_ssl_openssl; then
libs+=( "-lssl" "-lcrypto" )
priv+=( "openssl" )
fi
grep -q Requires.private libcurl.pc && die "need to update ebuild"
libs=$(printf '|%s' "${libs[@]}")
sed -i -r \
-e "/^Libs.private/s:(${libs#|})( |$)::g" \
libcurl.pc || die
echo "Requires.private: ${priv[*]}" >> libcurl.pc
}
multilib_src_install_all() {
einstalldocs
find "${ED}" -type f -name '*.la' -delete || die
rm -rf "${ED}"/etc/ || die
}

291
sdk_container/src/third_party/portage-stable/net-misc/curl/curl-7.76.0.ebuild vendored
View File

@ -1,291 +0,0 @@
# Copyright 1999-2021 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI="7"
inherit autotools prefix multilib-minimal
DESCRIPTION="A Client that groks URLs"
HOMEPAGE="https://curl.haxx.se/"
SRC_URI="https://curl.haxx.se/download/${P}.tar.xz"
LICENSE="curl"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls metalink nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads winssl zstd"
IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_winssl"
IUSE+=" nghttp3 quiche"
IUSE+=" elibc_Winnt"
# c-ares must be disabled for threads
# only one default ssl provider can be enabled
REQUIRED_USE="
winssl? ( elibc_Winnt )
threads? ( !adns )
ssl? (
^^ (
curl_ssl_gnutls
curl_ssl_mbedtls
curl_ssl_nss
curl_ssl_openssl
curl_ssl_winssl
)
)"
# lead to lots of false negatives, bug #285669
RESTRICT="!test? ( test )"
RDEPEND="ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] )
brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] )
ssl? (
gnutls? (
net-libs/gnutls:0=[static-libs?,${MULTILIB_USEDEP}]
dev-libs/nettle:0=[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
mbedtls? (
net-libs/mbedtls:0=[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
openssl? (
dev-libs/openssl:0=[sslv3=,static-libs?,${MULTILIB_USEDEP}]
)
nss? (
dev-libs/nss:0[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
)
http2? ( net-libs/nghttp2[${MULTILIB_USEDEP}] )
nghttp3? (
net-libs/nghttp3[${MULTILIB_USEDEP}]
net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}]
)
quiche? ( >=net-libs/quiche-0.3.0[${MULTILIB_USEDEP}] )
idn? ( net-dns/libidn2:0=[static-libs?,${MULTILIB_USEDEP}] )
adns? ( net-dns/c-ares:0[${MULTILIB_USEDEP}] )
kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
metalink? ( >=media-libs/libmetalink-0.1.1[${MULTILIB_USEDEP}] )
rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] )
ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] )
sys-libs/zlib[${MULTILIB_USEDEP}]
zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )"
# Do we need to enforce the same ssl backend for curl and rtmpdump? Bug #423303
# rtmp? (
# media-video/rtmpdump
# curl_ssl_gnutls? ( media-video/rtmpdump[gnutls] )
# curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,ssl] )
# )
# ssl providers to be added:
# fbopenssl $(use_with spnego)
DEPEND="${RDEPEND}"
BDEPEND="virtual/pkgconfig
test? (
sys-apps/diffutils
dev-lang/perl
)"
DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} )
MULTILIB_WRAPPED_HEADERS=(
/usr/include/curl/curlbuild.h
)
MULTILIB_CHOST_TOOLS=(
/usr/bin/curl-config
)
PATCHES=(
"${FILESDIR}"/${PN}-7.30.0-prefix.patch
"${FILESDIR}"/${PN}-respect-cflags-3.patch
)
src_prepare() {
default
sed -i '/LD_LIBRARY_PATH=/d' configure.ac || die #382241
sed -i '/CURL_MAC_CFLAGS/d' configure.ac || die #637252
eprefixify curl-config.in
eautoreconf
}
multilib_src_configure() {
# We make use of the fact that later flags override earlier ones
# So start with all ssl providers off until proven otherwise
# TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/)
local myconf=()
myconf+=( --without-gnutls --without-mbedtls --without-nss --without-polarssl --without-ssl --without-winssl )
myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt )
#myconf+=( --without-default-ssl-backend )
if use ssl ; then
if use gnutls || use curl_ssl_gnutls; then
einfo "SSL provided by gnutls"
myconf+=( --with-gnutls --with-nettle )
fi
if use mbedtls || use curl_ssl_mbedtls; then
einfo "SSL provided by mbedtls"
myconf+=( --with-mbedtls )
fi
if use nss || use curl_ssl_nss; then
einfo "SSL provided by nss"
myconf+=( --with-nss )
fi
if use openssl || use curl_ssl_openssl; then
einfo "SSL provided by openssl"
myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )
fi
if use winssl || use curl_ssl_winssl; then
einfo "SSL provided by Windows"
myconf+=( --with-winssl )
fi
if use curl_ssl_gnutls; then
einfo "Default SSL provided by gnutls"
myconf+=( --with-default-ssl-backend=gnutls )
elif use curl_ssl_mbedtls; then
einfo "Default SSL provided by mbedtls"
myconf+=( --with-default-ssl-backend=mbedtls )
elif use curl_ssl_nss; then
einfo "Default SSL provided by nss"
myconf+=( --with-default-ssl-backend=nss )
elif use curl_ssl_openssl; then
einfo "Default SSL provided by openssl"
myconf+=( --with-default-ssl-backend=openssl )
elif use curl_ssl_winssl; then
einfo "Default SSL provided by Windows"
myconf+=( --with-default-ssl-backend=winssl )
else
eerror "We can't be here because of REQUIRED_USE."
fi
else
einfo "SSL disabled"
fi
# These configuration options are organized alphabetically
# within each category. This should make it easier if we
# ever decide to make any of them contingent on USE flags:
# 1) protocols first. To see them all do
# 'grep SUPPORT_PROTOCOLS configure.ac'
# 2) --enable/disable options second.
# 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort
# 3) --with/without options third.
# grep -- --with configure | grep Check | awk '{ print $4 }' | sort
myconf+=(
$(use_enable alt-svc)
--enable-crypto-auth
--enable-dict
--disable-ech
--enable-file
$(use_enable ftp)
$(use_enable gopher)
$(use_enable hsts)
--enable-http
$(use_enable imap)
$(use_enable ldap)
$(use_enable ldap ldaps)
--disable-ntlm-wb
$(use_enable pop3)
--enable-rt
--enable-rtsp
$(use_enable samba smb)
$(use_with ssh libssh2)
$(use_enable smtp)
$(use_enable telnet)
$(use_enable tftp)
--enable-tls-srp
$(use_enable adns ares)
--enable-cookies
--enable-dateparse
--enable-dnsshuffle
--enable-doh
--enable-hidden-symbols
--enable-http-auth
$(use_enable ipv6)
--enable-largefile
--enable-manual
--enable-mime
--enable-netrc
$(use_enable progress-meter)
--enable-proxy
--disable-sspi
$(use_enable static-libs static)
$(use_enable threads threaded-resolver)
$(use_enable threads pthreads)
--disable-versioned-symbols
--without-amissl
--without-bearssl
$(use_with brotli)
--without-cyassl
--without-darwinssl
--without-fish-functions-dir
$(use_with http2 nghttp2)
--without-hyper
$(use_with idn libidn2)
$(use_with kerberos gssapi "${EPREFIX}"/usr)
$(use_with metalink libmetalink)
--without-libgsasl
--without-libpsl
$(use_with nghttp3)
$(use_with nghttp3 ngtcp2)
$(use_with quiche)
$(use_with rtmp librtmp)
--without-rustls
--without-schannel
--without-secure-transport
--without-spnego
--without-winidn
--without-wolfssl
--with-zlib
$(use_with zstd)
)
ECONF_SOURCE="${S}" \
econf "${myconf[@]}"
if ! multilib_is_native_abi; then
# avoid building the client
sed -i -e '/SUBDIRS/s:src::' Makefile || die
sed -i -e '/SUBDIRS/s:scripts::' Makefile || die
fi
# Fix up the pkg-config file to be more robust.
# https://github.com/curl/curl/issues/864
local priv=() libs=()
# We always enable zlib.
libs+=( "-lz" )
priv+=( "zlib" )
if use http2; then
libs+=( "-lnghttp2" )
priv+=( "libnghttp2" )
fi
if use quiche; then
libs+=( "-lquiche" )
priv+=( "quiche" )
fi
if use nghttp3; then
libs+=( "-lnghttp3" "-lngtcp2" )
priv+=( "libnghttp3" "-libtcp2" )
fi
if use ssl && use curl_ssl_openssl; then
libs+=( "-lssl" "-lcrypto" )
priv+=( "openssl" )
fi
grep -q Requires.private libcurl.pc && die "need to update ebuild"
libs=$(printf '|%s' "${libs[@]}")
sed -i -r \
-e "/^Libs.private/s:(${libs#|})( |$)::g" \
libcurl.pc || die
echo "Requires.private: ${priv[*]}" >> libcurl.pc
}
multilib_src_install_all() {
einstalldocs
find "${ED}" -type f -name '*.la' -delete || die
rm -rf "${ED}"/etc/ || die
}

4
sdk_container/src/third_party/portage-stable/net-misc/curl/curl-7.76.1.ebuild → sdk_container/src/third_party/portage-stable/net-misc/curl/curl-7.77.0-r1.ebuild vendored
View File

@ -11,7 +11,7 @@ SRC_URI="https://curl.haxx.se/download/${P}.tar.xz"
LICENSE="curl"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls metalink nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads winssl zstd"
IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_winssl"
IUSE+=" nghttp3 quiche"
@ -48,7 +48,7 @@ RDEPEND="ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] )
app-misc/ca-certificates
)
openssl? (
dev-libs/openssl:0=[sslv3=,static-libs?,${MULTILIB_USEDEP}]
dev-libs/openssl:0=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}]
)
nss? (
dev-libs/nss:0[${MULTILIB_USEDEP}]

27
sdk_container/src/third_party/portage-stable/net-misc/curl/files/curl-fix-gnutls-nettle.patch vendored
View File

@ -1,27 +0,0 @@
diff -Naur curl-7.25.0.orig//configure.ac curl-7.25.0/configure.ac
--- curl-7.25.0.orig//configure.ac 2012-04-04 17:24:48.000000000 -0400
+++ curl-7.25.0/configure.ac 2012-04-04 17:23:07.000000000 -0400
@@ -1823,20 +1823,9 @@
if test "$GNUTLS_ENABLED" = "1"; then
USE_GNUTLS_NETTLE=
- # First check if we can detect either crypto library via transitive linking
- AC_CHECK_LIB(gnutls, nettle_MD5Init, [ USE_GNUTLS_NETTLE=1 ])
- if test "$USE_GNUTLS_NETTLE" = ""; then
- AC_CHECK_LIB(gnutls, gcry_control, [ USE_GNUTLS_NETTLE=0 ])
- fi
- # If not, try linking directly to both of them to see if they are available
- if test "$USE_GNUTLS_NETTLE" = ""; then
- AC_CHECK_LIB(nettle, nettle_MD5Init, [ USE_GNUTLS_NETTLE=1 ])
- fi
- if test "$USE_GNUTLS_NETTLE" = ""; then
- AC_CHECK_LIB(gcrypt, gcry_control, [ USE_GNUTLS_NETTLE=0 ])
- fi
- if test "$USE_GNUTLS_NETTLE" = ""; then
- AC_MSG_ERROR([GnuTLS found, but neither gcrypt nor nettle found])
+ AC_ARG_WITH(nettle)
+ if test "x$withval" = "xyes"; then
+ USE_GNUTLS_NETTLE=1
fi
if test "$USE_GNUTLS_NETTLE" = "1"; then
AC_DEFINE(USE_GNUTLS_NETTLE, 1, [if GnuTLS uses nettle as crypto backend])