mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-15 08:56:58 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #343 from flatcar-linux/sayan/update-curl-7.84.0

Browse Source 
net-misc/curl: Sync with Gentoo upstream; updates to 7.84.0
This commit is contained in:
Sayan Chowdhury 2022-07-15 15:30:38 +05:30 committed by GitHub
commit 63e462da73
12 changed files with 62 additions and 904 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
sdk_container/src/third_party/portage-stable/changelog/security/2022-07-15-curl-7.84.0.md vendored Normal file
View File

@ -0,0 +1 @@
- curl ([CVE-2022-32205](https://nvd.nist.gov/vuln/detail/CVE-2022-32205), [CVE-2022-32206](https://nvd.nist.gov/vuln/detail/CVE-2022-32206), [CVE-2022-32207](https://nvd.nist.gov/vuln/detail/CVE-2022-32207), [CVE-2022-32208](https://nvd.nist.gov/vuln/detail/CVE-2022-32208))

1
sdk_container/src/third_party/portage-stable/changelog/updates/2022-07-15-curl-7.84.0.md vendored Normal file
View File

@ -0,0 +1 @@
- curl ([7.84.0](https://github.com/curl/curl/releases/tag/curl-7_84_0))

10
sdk_container/src/third_party/portage-stable/net-misc/curl/Manifest vendored
View File

@ -1,12 +1,6 @@
DIST curl-7.79.1.tar.xz 2465212 BLAKE2B 2b694f96661c0aa0a136fdae4159e0ca8e811557c5a1f0b47cccaaad122f3ddbdaa6450c3835290955baf9357e872ee105a8cb0912064af3d3e38d16beb124ad SHA512 1edb71647a7f4dbb070baf1a019b4751aefeda793ff523c504410bb5cc74e5bffc52f20dd889697d1585f9ca3c4e81b1a9caadd182c30c8358ffd25f33e4db4d
DIST curl-7.79.1.tar.xz.asc 488 BLAKE2B cf1864b15ee4b47a61a03968c4fd9526d4c8d0c5a8a0a1357de61758640e6dfda57334df1e63afd94c0064b7e61527623dd20446b27fa0130e0bf92c647d9820 SHA512 4f7930fde0a21358cf0bd8d5cbde5a05efc34202265b4744e59f49d9dc269987f47b4ead77c33e2ae03acabd7b6d6a731c69b91999eea70542f49d9ea0c2ba94
DIST curl-7.80.0.tar.xz 2474492 BLAKE2B 0452ecb6943bc56b20ad8f1223135c9cae68cf31089b0e17e84d81af98dc5a47f5edfc271c5b4c23f232db6cea7ff5a9bffa9c7c319255d9afdb06fa5b8f761f SHA512 e04ddd74b0d5b3607a29bcf5d379d83a01c7dffa4ad3e2f25d8c85a3df7dbdb0625b0df1f04f02351695674502828e0e17e8b46c889cbf1e43f86d6e6dd716ab
DIST curl-7.80.0.tar.xz.asc 488 BLAKE2B 5cde8a91059bb19b9ee9b1aa4c3225522398a0d5837edf3d99b7f9ea758e5df2a729ce1d0a9763967c2319c30d94ba80ff50888dec07665a818216d42b91feee SHA512 e11adb85fb061bba8838f435f6afb200924f24cb7351d9a8208ec3d317d8ef8c1e16f06dedfc623acc749931015c42dcd86236a53602c6632b3a750841345b05
DIST curl-7.81.0.tar.xz 2486388 BLAKE2B bf8a3a03564648a9d7a5b4e7a523d840230f03237cf9eb5b07dcb4f531b036eb8111c1944bedd0c1df188e09a09468b3487d24ea50781124bc33d194546691f4 SHA512 38355aaee38db04bb2babdc5fd7a88284580c836d15df754f42b104997dd344b7841be8e53b4fc91aea31db170a7d6967c4976833eb4bfe0d265c7275c4800df
DIST curl-7.81.0.tar.xz.asc 488 BLAKE2B 9280f10b14ddd95a1405fda79f8c51528c91c5e86b8f90d16d20d7f11d212e6e4391377eed971d0b0b27f5f4692c702e9d7a11705f0558ad39df38608d6a0648 SHA512 ca32a639900a9f8211005227dfb594f809c5ca5ec1eb87e944ef33cca60e4844f5b6ebe49de79fba53068e5dee9652b1d43a7d3a74e05419a2ffb5b40dab8176
DIST curl-7.82.0.tar.xz 2446764 BLAKE2B 838accae4a45c090909cff91477a023789a79535691c80e507fd9e9712861b0c08e25ecd26079cb8ac8946cdf429a50991a7521e7b550b43c19e455625bc0750 SHA512 a977d69360d1793f8872096a21f5c0271e7ad145cd69ad45f4056a0657772f0f298b04bdb41aefd4ea5c4478352c60d80b5a118642280a07a7198aa80ffb1d57
DIST curl-7.82.0.tar.xz.asc 488 BLAKE2B 9da4ea63671621df956aa5dc191cfc6c8d2a8b1958416ca58ffc04d43ed65b89244968588879e6bd3299ca8f60b1eccb34dede012f8a2a37acf3ca34021da958 SHA512 1f14d8ab55360ba735dff916369ee318e98767718394654ce9443b6013509b6d3ed5597685b142e9823cec7496373b709a8656515d66039c06783879655151fe
DIST curl-7.83.0.tar.xz 2472560 BLAKE2B 0669f40265a56e7549e8038ed8421680d7264bff44dcc0692cf9f5248621311be5e228314710149bf9d2ccbe739f929039e04402c1d04a1362d0bbf08cb8cdc7 SHA512 be02bb2a8a3140eff3a9046f27cd4f872ed9ddaa644af49e56e5ef7dfec84a15b01db133469269437cddc937eda73953fa8c51bb758f7e98873822cd2290d3a9
DIST curl-7.83.0.tar.xz.asc 488 BLAKE2B a8f6dcf00f1b01b457a7eecc8364538393f414df60757f3664709c62b6007023a34ddf4ecb4688734e396031d30905b490dd0c115f09a9428db6a6be97cdf72c SHA512 8fb90f9692f4fdb82ea49f0e5151219b2334da5d3910f28e787bb688fb055b8b028ccf75cdcc15cd9f86d780d479f88f902fef7d7b9e007a4b849cb25c6c13cc
DIST curl-7.83.1.tar.xz 2474940 BLAKE2B 491427b12f082c2246ef6cb2a129340079db28bd93b4381889e7328bef1d61a79bb57cba4b8372759baa4f6e77644966ed95cfa8f839ee9db634786757fb1ce0 SHA512 2f63327d6d3687ba36fb7b8d5d3d15599eca33ebfb08681613612ea9c4b629d3b6ce4d2742fa1ebd7a997ed332001d3a4c798985f9277c83b9e7a9aecdb1b1ee
DIST curl-7.83.1.tar.xz.asc 488 BLAKE2B 78f7a6d9a32cab97e9ce26430eb2be2bc4e20552cf8c59238f30f127e9d7af5b4f9808c3fe0846c18c8f7a67b49f2f75d865d17b7760bb664872934799949441 SHA512 f0d29de315488c844eb81ed5a89ed6334910970224c8cac43e7e6f2d58c35ad0064c0b6122e69b3a34ce91f4b56873c63e2e8aea1c602ef40711bfd62a01b191
DIST curl-7.84.0.tar.xz 2477944 BLAKE2B 811a63285f39a598bc4fd73ae4b8e23e5146b93dcf3eea805345792b7dddd85bbd54240d9871a0dc9f058d58fd7ea7f4efbcb82727218e8afaaae3600bad55e1 SHA512 86231866a35593a1637fbc0c6af3b6761bdfd99fb35580cc52970c36f19604f93dce59fea67a1d5bb4b455f719307599c7916c77d14f2b661f6bf7fb1ca716ce
DIST curl-7.84.0.tar.xz.asc 488 BLAKE2B d74dea89fa89b6ed0a928e01987669f7dde0bcbb30423ea0f3af9f31eea1e059d458629d80455d772264d744fab236d4f506545afa1bfbd6ded7e2b27192a7c8 SHA512 80ff5274277ad97448fa53511bab6e8a1c302bcb25fc0916d78b8dc6c6af43d944c37c4ed46668b651cc639ec4964780725117ca0e85168ea66ad7cc98d29702

278
sdk_container/src/third_party/portage-stable/net-misc/curl/curl-7.80.0-r1.ebuild vendored
View File

@ -1,278 +0,0 @@
# Copyright 1999-2022 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI="7"
inherit autotools prefix multilib-minimal verify-sig
DESCRIPTION="A Client that groks URLs"
HOMEPAGE="https://curl.haxx.se/"
SRC_URI="https://curl.haxx.se/download/${P}.tar.xz
verify-sig? ( https://curl.haxx.se/download/${P}.tar.xz.asc )"
LICENSE="curl"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads zstd"
IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl"
IUSE+=" nghttp3 quiche"
VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc
# c-ares must be disabled for threads
# only one default ssl provider can be enabled
REQUIRED_USE="
threads? ( !adns )
ssl? (
^^ (
curl_ssl_gnutls
curl_ssl_mbedtls
curl_ssl_nss
curl_ssl_openssl
)
)"
# lead to lots of false negatives, bug #285669
RESTRICT="!test? ( test )"
RDEPEND="ldap? ( net-nds/openldap:=[${MULTILIB_USEDEP}] )
brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] )
ssl? (
gnutls? (
net-libs/gnutls:0=[static-libs?,${MULTILIB_USEDEP}]
dev-libs/nettle:0=[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
mbedtls? (
net-libs/mbedtls:0=[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
openssl? (
dev-libs/openssl:0=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}]
)
nss? (
dev-libs/nss:0[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
)
http2? ( net-libs/nghttp2:=[${MULTILIB_USEDEP}] )
nghttp3? (
net-libs/nghttp3[${MULTILIB_USEDEP}]
net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}]
)
quiche? ( >=net-libs/quiche-0.3.0[${MULTILIB_USEDEP}] )
idn? ( net-dns/libidn2:0=[static-libs?,${MULTILIB_USEDEP}] )
adns? ( net-dns/c-ares:0=[${MULTILIB_USEDEP}] )
kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] )
ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] )
sys-libs/zlib[${MULTILIB_USEDEP}]
zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )"
# Do we need to enforce the same ssl backend for curl and rtmpdump? Bug #423303
# rtmp? (
# media-video/rtmpdump
# curl_ssl_gnutls? ( media-video/rtmpdump[gnutls] )
# curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,ssl] )
# )
DEPEND="${RDEPEND}"
BDEPEND="dev-lang/perl
virtual/pkgconfig
test? (
sys-apps/diffutils
)
verify-sig? ( sec-keys/openpgp-keys-danielstenberg )"
DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} )
MULTILIB_WRAPPED_HEADERS=(
/usr/include/curl/curlbuild.h
)
MULTILIB_CHOST_TOOLS=(
/usr/bin/curl-config
)
PATCHES=(
"${FILESDIR}"/${PN}-7.30.0-prefix.patch
"${FILESDIR}"/${PN}-respect-cflags-3.patch
)
src_prepare() {
default
eprefixify curl-config.in
eautoreconf
}
multilib_src_configure() {
# We make use of the fact that later flags override earlier ones
# So start with all ssl providers off until proven otherwise
# TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/)
local myconf=()
myconf+=( --without-gnutls --without-mbedtls --without-nss --without-ssl )
myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt )
#myconf+=( --without-default-ssl-backend )
if use ssl ; then
if use gnutls || use curl_ssl_gnutls; then
einfo "SSL provided by gnutls"
myconf+=( --with-gnutls --with-nettle )
fi
if use mbedtls || use curl_ssl_mbedtls; then
einfo "SSL provided by mbedtls"
myconf+=( --with-mbedtls )
fi
if use nss || use curl_ssl_nss; then
einfo "SSL provided by nss"
myconf+=( --with-nss )
fi
if use openssl || use curl_ssl_openssl; then
einfo "SSL provided by openssl"
myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )
fi
if use curl_ssl_gnutls; then
einfo "Default SSL provided by gnutls"
myconf+=( --with-default-ssl-backend=gnutls )
elif use curl_ssl_mbedtls; then
einfo "Default SSL provided by mbedtls"
myconf+=( --with-default-ssl-backend=mbedtls )
elif use curl_ssl_nss; then
einfo "Default SSL provided by nss"
myconf+=( --with-default-ssl-backend=nss )
elif use curl_ssl_openssl; then
einfo "Default SSL provided by openssl"
myconf+=( --with-default-ssl-backend=openssl )
else
eerror "We can't be here because of REQUIRED_USE."
fi
else
einfo "SSL disabled"
fi
# These configuration options are organized alphabetically
# within each category. This should make it easier if we
# ever decide to make any of them contingent on USE flags:
# 1) protocols first. To see them all do
# 'grep SUPPORT_PROTOCOLS configure.ac'
# 2) --enable/disable options second.
# 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort
# 3) --with/without options third.
# grep -- --with configure | grep Check | awk '{ print $4 }' | sort
myconf+=(
$(use_enable alt-svc)
--enable-crypto-auth
--enable-dict
--disable-ech
--enable-file
$(use_enable ftp)
$(use_enable gopher)
$(use_enable hsts)
--enable-http
$(use_enable imap)
$(use_enable ldap)
$(use_enable ldap ldaps)
--enable-ntlm
--disable-ntlm-wb
$(use_enable pop3)
--enable-rt
--enable-rtsp
$(use_enable samba smb)
$(use_with ssh libssh2)
$(use_enable smtp)
$(use_enable telnet)
$(use_enable tftp)
--enable-tls-srp
$(use_enable adns ares)
--enable-cookies
--enable-dateparse
--enable-dnsshuffle
--enable-doh
--enable-symbol-hiding
--enable-http-auth
$(use_enable ipv6)
--enable-largefile
--enable-manual
--enable-mime
--enable-netrc
$(use_enable progress-meter)
--enable-proxy
--disable-sspi
$(use_enable static-libs static)
$(use_enable threads threaded-resolver)
$(use_enable threads pthreads)
--disable-versioned-symbols
--without-amissl
--without-bearssl
$(use_with brotli)
--without-fish-functions-dir
$(use_with http2 nghttp2)
--without-hyper
$(use_with idn libidn2)
$(use_with kerberos gssapi "${EPREFIX}"/usr)
--without-libgsasl
--without-libpsl
$(use_with nghttp3)
$(use_with nghttp3 ngtcp2)
$(use_with quiche)
$(use_with rtmp librtmp)
--without-rustls
--without-schannel
--without-secure-transport
--without-winidn
--without-wolfssl
--with-zlib
$(use_with zstd)
)
ECONF_SOURCE="${S}" \
econf "${myconf[@]}"
if ! multilib_is_native_abi; then
# avoid building the client
sed -i -e '/SUBDIRS/s:src::' Makefile || die
sed -i -e '/SUBDIRS/s:scripts::' Makefile || die
fi
# Fix up the pkg-config file to be more robust.
# https://github.com/curl/curl/issues/864
local priv=() libs=()
# We always enable zlib.
libs+=( "-lz" )
priv+=( "zlib" )
if use http2; then
libs+=( "-lnghttp2" )
priv+=( "libnghttp2" )
fi
if use quiche; then
libs+=( "-lquiche" )
priv+=( "quiche" )
fi
if use nghttp3; then
libs+=( "-lnghttp3" "-lngtcp2" )
priv+=( "libnghttp3" "-libtcp2" )
fi
if use ssl && use curl_ssl_openssl; then
libs+=( "-lssl" "-lcrypto" )
priv+=( "openssl" )
fi
grep -q Requires.private libcurl.pc && die "need to update ebuild"
libs=$(printf '|%s' "${libs[@]}")
sed -i -r \
-e "/^Libs.private/s:(${libs#|})( |$)::g" \
libcurl.pc || die
echo "Requires.private: ${priv[*]}" >> libcurl.pc
}
multilib_src_test() {
multilib_is_native_abi && default_src_test
}
multilib_src_install_all() {
einstalldocs
find "${ED}" -type f -name '*.la' -delete || die
rm -rf "${ED}"/etc/ || die
}

278
sdk_container/src/third_party/portage-stable/net-misc/curl/curl-7.81.0-r1.ebuild vendored
View File

@ -1,278 +0,0 @@
# Copyright 1999-2022 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI="8"
inherit autotools prefix multilib-minimal verify-sig
DESCRIPTION="A Client that groks URLs"
HOMEPAGE="https://curl.haxx.se/"
SRC_URI="https://curl.haxx.se/download/${P}.tar.xz
verify-sig? ( https://curl.haxx.se/download/${P}.tar.xz.asc )"
LICENSE="curl"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads zstd"
IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl"
IUSE+=" nghttp3 quiche"
VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc
# c-ares must be disabled for threads
# only one default ssl provider can be enabled
REQUIRED_USE="
threads? ( !adns )
ssl? (
^^ (
curl_ssl_gnutls
curl_ssl_mbedtls
curl_ssl_nss
curl_ssl_openssl
)
)"
# lead to lots of false negatives, bug #285669
RESTRICT="!test? ( test )"
RDEPEND="ldap? ( net-nds/openldap:=[${MULTILIB_USEDEP}] )
brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] )
ssl? (
gnutls? (
net-libs/gnutls:0=[static-libs?,${MULTILIB_USEDEP}]
dev-libs/nettle:0=[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
mbedtls? (
net-libs/mbedtls:0=[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
openssl? (
dev-libs/openssl:0=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}]
)
nss? (
dev-libs/nss:0[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
)
http2? ( net-libs/nghttp2:=[${MULTILIB_USEDEP}] )
nghttp3? (
net-libs/nghttp3[${MULTILIB_USEDEP}]
net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}]
)
quiche? ( >=net-libs/quiche-0.3.0[${MULTILIB_USEDEP}] )
idn? ( net-dns/libidn2:0=[static-libs?,${MULTILIB_USEDEP}] )
adns? ( net-dns/c-ares:0=[${MULTILIB_USEDEP}] )
kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] )
ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] )
sys-libs/zlib[${MULTILIB_USEDEP}]
zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )"
# Do we need to enforce the same ssl backend for curl and rtmpdump? Bug #423303
# rtmp? (
# media-video/rtmpdump
# curl_ssl_gnutls? ( media-video/rtmpdump[gnutls] )
# curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,ssl] )
# )
DEPEND="${RDEPEND}"
BDEPEND="dev-lang/perl
virtual/pkgconfig
test? (
sys-apps/diffutils
)
verify-sig? ( sec-keys/openpgp-keys-danielstenberg )"
DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} )
MULTILIB_WRAPPED_HEADERS=(
/usr/include/curl/curlbuild.h
)
MULTILIB_CHOST_TOOLS=(
/usr/bin/curl-config
)
PATCHES=(
"${FILESDIR}"/${PN}-7.30.0-prefix.patch
"${FILESDIR}"/${PN}-respect-cflags-3.patch
)
src_prepare() {
default
eprefixify curl-config.in
eautoreconf
}
multilib_src_configure() {
# We make use of the fact that later flags override earlier ones
# So start with all ssl providers off until proven otherwise
# TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/)
local myconf=()
myconf+=( --without-gnutls --without-mbedtls --without-nss --without-ssl )
myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt )
#myconf+=( --without-default-ssl-backend )
if use ssl ; then
if use gnutls || use curl_ssl_gnutls; then
einfo "SSL provided by gnutls"
myconf+=( --with-gnutls --with-nettle )
fi
if use mbedtls || use curl_ssl_mbedtls; then
einfo "SSL provided by mbedtls"
myconf+=( --with-mbedtls )
fi
if use nss || use curl_ssl_nss; then
einfo "SSL provided by nss"
myconf+=( --with-nss )
fi
if use openssl || use curl_ssl_openssl; then
einfo "SSL provided by openssl"
myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )
fi
if use curl_ssl_gnutls; then
einfo "Default SSL provided by gnutls"
myconf+=( --with-default-ssl-backend=gnutls )
elif use curl_ssl_mbedtls; then
einfo "Default SSL provided by mbedtls"
myconf+=( --with-default-ssl-backend=mbedtls )
elif use curl_ssl_nss; then
einfo "Default SSL provided by nss"
myconf+=( --with-default-ssl-backend=nss )
elif use curl_ssl_openssl; then
einfo "Default SSL provided by openssl"
myconf+=( --with-default-ssl-backend=openssl )
else
eerror "We can't be here because of REQUIRED_USE."
fi
else
einfo "SSL disabled"
fi
# These configuration options are organized alphabetically
# within each category. This should make it easier if we
# ever decide to make any of them contingent on USE flags:
# 1) protocols first. To see them all do
# 'grep SUPPORT_PROTOCOLS configure.ac'
# 2) --enable/disable options second.
# 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort
# 3) --with/without options third.
# grep -- --with configure | grep Check | awk '{ print $4 }' | sort
myconf+=(
$(use_enable alt-svc)
--enable-crypto-auth
--enable-dict
--disable-ech
--enable-file
$(use_enable ftp)
$(use_enable gopher)
$(use_enable hsts)
--enable-http
$(use_enable imap)
$(use_enable ldap)
$(use_enable ldap ldaps)
--enable-ntlm
--disable-ntlm-wb
$(use_enable pop3)
--enable-rt
--enable-rtsp
$(use_enable samba smb)
$(use_with ssh libssh2)
$(use_enable smtp)
$(use_enable telnet)
$(use_enable tftp)
--enable-tls-srp
$(use_enable adns ares)
--enable-cookies
--enable-dateparse
--enable-dnsshuffle
--enable-doh
--enable-symbol-hiding
--enable-http-auth
$(use_enable ipv6)
--enable-largefile
--enable-manual
--enable-mime
--enable-netrc
$(use_enable progress-meter)
--enable-proxy
--disable-sspi
$(use_enable static-libs static)
$(use_enable threads threaded-resolver)
$(use_enable threads pthreads)
--disable-versioned-symbols
--without-amissl
--without-bearssl
$(use_with brotli)
--without-fish-functions-dir
$(use_with http2 nghttp2)
--without-hyper
$(use_with idn libidn2)
$(use_with kerberos gssapi "${EPREFIX}"/usr)
--without-libgsasl
--without-libpsl
$(use_with nghttp3)
$(use_with nghttp3 ngtcp2)
$(use_with quiche)
$(use_with rtmp librtmp)
--without-rustls
--without-schannel
--without-secure-transport
--without-winidn
--without-wolfssl
--with-zlib
$(use_with zstd)
)
ECONF_SOURCE="${S}" \
econf "${myconf[@]}"
if ! multilib_is_native_abi; then
# avoid building the client
sed -i -e '/SUBDIRS/s:src::' Makefile || die
sed -i -e '/SUBDIRS/s:scripts::' Makefile || die
fi
# Fix up the pkg-config file to be more robust.
# https://github.com/curl/curl/issues/864
local priv=() libs=()
# We always enable zlib.
libs+=( "-lz" )
priv+=( "zlib" )
if use http2; then
libs+=( "-lnghttp2" )
priv+=( "libnghttp2" )
fi
if use quiche; then
libs+=( "-lquiche" )
priv+=( "quiche" )
fi
if use nghttp3; then
libs+=( "-lnghttp3" "-lngtcp2" )
priv+=( "libnghttp3" "-libtcp2" )
fi
if use ssl && use curl_ssl_openssl; then
libs+=( "-lssl" "-lcrypto" )
priv+=( "openssl" )
fi
grep -q Requires.private libcurl.pc && die "need to update ebuild"
libs=$(printf '|%s' "${libs[@]}")
sed -i -r \
-e "/^Libs.private/s:(${libs#|})( |$)::g" \
libcurl.pc || die
echo "Requires.private: ${priv[*]}" >> libcurl.pc
}
multilib_src_test() {
multilib_is_native_abi && default_src_test
}
multilib_src_install_all() {
einstalldocs
find "${ED}" -type f -name '*.la' -delete || die
rm -rf "${ED}"/etc/ || die
}

279
sdk_container/src/third_party/portage-stable/net-misc/curl/curl-7.82.0-r2.ebuild vendored
View File

@ -1,279 +0,0 @@
# Copyright 1999-2022 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI="8"
inherit autotools prefix multilib-minimal verify-sig
DESCRIPTION="A Client that groks URLs"
HOMEPAGE="https://curl.haxx.se/"
SRC_URI="https://curl.haxx.se/download/${P}.tar.xz
verify-sig? ( https://curl.haxx.se/download/${P}.tar.xz.asc )"
LICENSE="curl"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads zstd"
IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl"
IUSE+=" nghttp3 quiche"
VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc
# c-ares must be disabled for threads
# only one default ssl provider can be enabled
REQUIRED_USE="
threads? ( !adns )
ssl? (
^^ (
curl_ssl_gnutls
curl_ssl_mbedtls
curl_ssl_nss
curl_ssl_openssl
)
)"
# lead to lots of false negatives, bug #285669
RESTRICT="!test? ( test )"
RDEPEND="ldap? ( net-nds/openldap:=[${MULTILIB_USEDEP}] )
brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] )
ssl? (
gnutls? (
net-libs/gnutls:0=[static-libs?,${MULTILIB_USEDEP}]
dev-libs/nettle:0=[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
mbedtls? (
net-libs/mbedtls:0=[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
openssl? (
dev-libs/openssl:0=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}]
)
nss? (
dev-libs/nss:0[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
)
http2? ( net-libs/nghttp2:=[${MULTILIB_USEDEP}] )
nghttp3? (
net-libs/nghttp3[${MULTILIB_USEDEP}]
net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}]
)
quiche? ( >=net-libs/quiche-0.3.0[${MULTILIB_USEDEP}] )
idn? ( net-dns/libidn2:0=[static-libs?,${MULTILIB_USEDEP}] )
adns? ( net-dns/c-ares:0=[${MULTILIB_USEDEP}] )
kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] )
ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] )
sys-libs/zlib[${MULTILIB_USEDEP}]
zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )"
# Do we need to enforce the same ssl backend for curl and rtmpdump? Bug #423303
# rtmp? (
# media-video/rtmpdump
# curl_ssl_gnutls? ( media-video/rtmpdump[gnutls] )
# curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,ssl] )
# )
DEPEND="${RDEPEND}"
BDEPEND="dev-lang/perl
virtual/pkgconfig
test? (
sys-apps/diffutils
)
verify-sig? ( sec-keys/openpgp-keys-danielstenberg )"
DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} )
MULTILIB_WRAPPED_HEADERS=(
/usr/include/curl/curlbuild.h
)
MULTILIB_CHOST_TOOLS=(
/usr/bin/curl-config
)
PATCHES=(
"${FILESDIR}"/${PN}-7.30.0-prefix.patch
"${FILESDIR}"/${PN}-respect-cflags-3.patch
"${FILESDIR}"/${P}-certs-processing.patch
)
src_prepare() {
default
eprefixify curl-config.in
eautoreconf
}
multilib_src_configure() {
# We make use of the fact that later flags override earlier ones
# So start with all ssl providers off until proven otherwise
# TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/)
local myconf=()
myconf+=( --without-gnutls --without-mbedtls --without-nss --without-ssl )
myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt )
#myconf+=( --without-default-ssl-backend )
if use ssl ; then
if use gnutls || use curl_ssl_gnutls; then
einfo "SSL provided by gnutls"
myconf+=( --with-gnutls --with-nettle )
fi
if use mbedtls || use curl_ssl_mbedtls; then
einfo "SSL provided by mbedtls"
myconf+=( --with-mbedtls )
fi
if use nss || use curl_ssl_nss; then
einfo "SSL provided by nss"
myconf+=( --with-nss --with-nss-deprecated )
fi
if use openssl || use curl_ssl_openssl; then
einfo "SSL provided by openssl"
myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )
fi
if use curl_ssl_gnutls; then
einfo "Default SSL provided by gnutls"
myconf+=( --with-default-ssl-backend=gnutls )
elif use curl_ssl_mbedtls; then
einfo "Default SSL provided by mbedtls"
myconf+=( --with-default-ssl-backend=mbedtls )
elif use curl_ssl_nss; then
einfo "Default SSL provided by nss"
myconf+=( --with-default-ssl-backend=nss )
elif use curl_ssl_openssl; then
einfo "Default SSL provided by openssl"
myconf+=( --with-default-ssl-backend=openssl )
else
eerror "We can't be here because of REQUIRED_USE."
fi
else
einfo "SSL disabled"
fi
# These configuration options are organized alphabetically
# within each category. This should make it easier if we
# ever decide to make any of them contingent on USE flags:
# 1) protocols first. To see them all do
# 'grep SUPPORT_PROTOCOLS configure.ac'
# 2) --enable/disable options second.
# 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort
# 3) --with/without options third.
# grep -- --with configure | grep Check | awk '{ print $4 }' | sort
myconf+=(
$(use_enable alt-svc)
--enable-crypto-auth
--enable-dict
--disable-ech
--enable-file
$(use_enable ftp)
$(use_enable gopher)
$(use_enable hsts)
--enable-http
$(use_enable imap)
$(use_enable ldap)
$(use_enable ldap ldaps)
--enable-ntlm
--disable-ntlm-wb
$(use_enable pop3)
--enable-rt
--enable-rtsp
$(use_enable samba smb)
$(use_with ssh libssh2)
$(use_enable smtp)
$(use_enable telnet)
$(use_enable tftp)
--enable-tls-srp
$(use_enable adns ares)
--enable-cookies
--enable-dateparse
--enable-dnsshuffle
--enable-doh
--enable-symbol-hiding
--enable-http-auth
$(use_enable ipv6)
--enable-largefile
--enable-manual
--enable-mime
--enable-netrc
$(use_enable progress-meter)
--enable-proxy
--disable-sspi
$(use_enable static-libs static)
$(use_enable threads threaded-resolver)
$(use_enable threads pthreads)
--disable-versioned-symbols
--without-amissl
--without-bearssl
$(use_with brotli)
--without-fish-functions-dir
$(use_with http2 nghttp2)
--without-hyper
$(use_with idn libidn2)
$(use_with kerberos gssapi "${EPREFIX}"/usr)
--without-libgsasl
--without-libpsl
$(use_with nghttp3)
$(use_with nghttp3 ngtcp2)
$(use_with quiche)
$(use_with rtmp librtmp)
--without-rustls
--without-schannel
--without-secure-transport
--without-winidn
--without-wolfssl
--with-zlib
$(use_with zstd)
)
ECONF_SOURCE="${S}" \
econf "${myconf[@]}"
if ! multilib_is_native_abi; then
# avoid building the client
sed -i -e '/SUBDIRS/s:src::' Makefile || die
sed -i -e '/SUBDIRS/s:scripts::' Makefile || die
fi
# Fix up the pkg-config file to be more robust.
# https://github.com/curl/curl/issues/864
local priv=() libs=()
# We always enable zlib.
libs+=( "-lz" )
priv+=( "zlib" )
if use http2; then
libs+=( "-lnghttp2" )
priv+=( "libnghttp2" )
fi
if use quiche; then
libs+=( "-lquiche" )
priv+=( "quiche" )
fi
if use nghttp3; then
libs+=( "-lnghttp3" "-lngtcp2" )
priv+=( "libnghttp3" "-libtcp2" )
fi
if use ssl && use curl_ssl_openssl; then
libs+=( "-lssl" "-lcrypto" )
priv+=( "openssl" )
fi
grep -q Requires.private libcurl.pc && die "need to update ebuild"
libs=$(printf '|%s' "${libs[@]}")
sed -i -r \
-e "/^Libs.private/s:(${libs#|})( |$)::g" \
libcurl.pc || die
echo "Requires.private: ${priv[*]}" >> libcurl.pc
}
multilib_src_test() {
multilib_is_native_abi && default_src_test
}
multilib_src_install_all() {
einstalldocs
find "${ED}" -type f -name '*.la' -delete || die
rm -rf "${ED}"/etc/ || die
}

2
sdk_container/src/third_party/portage-stable/net-misc/curl/curl-7.83.1.ebuild vendored
View File

@ -12,7 +12,7 @@ SRC_URI="https://curl.haxx.se/download/${P}.tar.xz
LICENSE="curl"
SLOT="0"
KEYWORDS="~alpha amd64 arm ~arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads zstd"
IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl"
IUSE+=" nghttp3 quiche"

6
sdk_container/src/third_party/portage-stable/net-misc/curl/curl-7.83.0.ebuild → sdk_container/src/third_party/portage-stable/net-misc/curl/curl-7.84.0.ebuild vendored
View File

@ -12,7 +12,7 @@ SRC_URI="https://curl.haxx.se/download/${P}.tar.xz
LICENSE="curl"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads zstd"
IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl"
IUSE+=" nghttp3 quiche"
@ -95,9 +95,9 @@ MULTILIB_CHOST_TOOLS=(
PATCHES=(
"${FILESDIR}"/${PN}-7.30.0-prefix.patch
"${FILESDIR}"/${PN}-7.84.0-easylock.patch
"${FILESDIR}"/${PN}-respect-cflags-3.patch
# Bug 842780, fixed upstream, drop on next version bump
"${FILESDIR}"/${P}-http2.patch
"${FILESDIR}"/${PN}-7.84.0-include-sched.patch
)
src_prepare() {

27
sdk_container/src/third_party/portage-stable/net-misc/curl/files/curl-7.82.0-certs-processing.patch vendored
View File

@ -1,27 +0,0 @@
https://github.com/curl/curl/issues/8559
https://bugs.gentoo.org/836629
From 911714d617c106ed5d553bf003e34ec94ab6a136 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Tue, 8 Mar 2022 13:38:13 +0100
Subject: [PATCH] openssl: fix CN check error code
Due to a missing 'else' this returns error too easily.
Regressed in: d15692ebb
Reported-by: Kristoffer Gleditsch
Fixes #8559
Closes #8560
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -1817,7 +1817,8 @@ CURLcode Curl_ossl_verifyhost(struct Curl_easy *data, struct connectdata *conn,
memcpy(peer_CN, ASN1_STRING_get0_data(tmp), peerlen);
peer_CN[peerlen] = '\0';
}
- result = CURLE_OUT_OF_MEMORY;
+ else
+ result = CURLE_OUT_OF_MEMORY;
}
}
else /* not a UTF8 name */

30
sdk_container/src/third_party/portage-stable/net-misc/curl/files/curl-7.83.0-http2.patch vendored
View File

@ -1,30 +0,0 @@
Bug: https://bugs.gentoo.org/842780, https://github.com/curl/curl/pull/8768
https://github.com/curl/curl/commit/6eb7fb37d901ed1e4ce07cbd628ee11bf02db1f3
From 6eb7fb37d901ed1e4ce07cbd628ee11bf02db1f3 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Thu, 28 Apr 2022 17:11:50 +0200
Subject: [PATCH] mbedtls: fix compile when h2-enabled
Fixes #8766
Reported-by: LigH-de on github
Closes #8768
---
lib/vtls/mbedtls.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c
index 64f57c5d8321..5f9b87e6b75b 100644
--- a/lib/vtls/mbedtls.c
+++ b/lib/vtls/mbedtls.c
@@ -815,8 +815,8 @@ mbed_connect_step2(struct Curl_easy *data, struct connectdata *conn,
if(next_protocol) {
infof(data, VTLS_INFOF_ALPN_ACCEPTED_1STR, next_protocol);
#ifdef USE_HTTP2
- if(!strncmp(next_protocol, ALPN_H2, ALPN_H2_LEN) &&
- !next_protocol[ALPN_H2_LEN]) {
+ if(!strncmp(next_protocol, ALPN_H2, ALPN_H2_LENGTH) &&
+ !next_protocol[ALPN_H2_LENGTH]) {
conn->negnpn = CURL_HTTP_VERSION_2;
}
else

30
sdk_container/src/third_party/portage-stable/net-misc/curl/files/curl-7.84.0-easylock.patch vendored Normal file
View File

@ -0,0 +1,30 @@
From 50efb0822aa0e0ab165158dd0a26e65a2290e6d2 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Tue, 28 Jun 2022 09:00:25 +0200
Subject: [PATCH] easy_lock: switch to using atomic_int instead of bool
To work with more compilers without requiring separate libs to
link. Like with gcc-12 for RISC-V on Linux.
Reported-by: Adam Sampson
Fixes #9055
Closes #9061
---
lib/easy_lock.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lib/easy_lock.h b/lib/easy_lock.h
index 07c85c5ffdd19..9c11bc50c5f20 100644
--- a/lib/easy_lock.h
+++ b/lib/easy_lock.h
@@ -40,8 +40,8 @@
#include <sched.h>
#endif
-#define curl_simple_lock atomic_bool
-#define CURL_SIMPLE_LOCK_INIT false
+#define curl_simple_lock atomic_int
+#define CURL_SIMPLE_LOCK_INIT 0
static inline void curl_simple_lock_lock(curl_simple_lock *lock)
{

24
sdk_container/src/third_party/portage-stable/net-misc/curl/files/curl-7.84.0-include-sched.patch vendored Normal file
View File

@ -0,0 +1,24 @@
https://github.com/curl/curl/commit/e2e7f54b7bea521fa8373095d0f43261a720cda0
https://bugs.gentoo.org/855710
From e2e7f54b7bea521fa8373095d0f43261a720cda0 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 27 Jun 2022 08:46:21 +0200
Subject: [PATCH] easy_lock.h: include sched.h if available to fix build
Patched-by: Harry Sintonen
Closes #9054
--- a/lib/easy_lock.h
+++ b/lib/easy_lock.h
@@ -36,6 +36,9 @@
#elif defined (HAVE_ATOMIC)
#include <stdatomic.h>
+#if defined(HAVE_SCHED_YIELD)
+#include <sched.h>
+#endif
#define curl_simple_lock atomic_bool
#define CURL_SIMPLE_LOCK_INIT false