mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-09-28 00:51:41 +02:00
Code Issues Packages Projects Releases Wiki Activity

net-misc/curl: Sync with Gentoo

Browse Source 
It's from Gentoo commit 6b3e4a4fb0e7658dcaaae0dcc3592d36757cd08f.
This commit is contained in:
Flatcar Buildbot 2023-02-27 07:24:39 +00:00 committed by Krzesimir Nowak
parent c3332c105a
commit a4adac3a61
9 changed files with 723 additions and 236 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sdk_container/src/third_party/portage-stable/net-misc/curl/Manifest vendored
View File

@ -1,2 +1,4 @@
DIST curl-7.87.0.tar.xz 2547932 BLAKE2B b272ec928c5ef1728434630d8910f58834327a30570913df9d47921a2810d002bd88b81371005197db857d3a53386420c1e28b1e463e6241d46c1e50fbce0c13 SHA512 aa125991592667280dce3788aabe81487cf8c55b0afc59d675cc30b76055bb7114f5380b4a0e3b6461a8f81bf9812fa26d493a85f7e01d84263d484a0d699ee7 DIST curl-7.87.0.tar.xz 2547932 BLAKE2B b272ec928c5ef1728434630d8910f58834327a30570913df9d47921a2810d002bd88b81371005197db857d3a53386420c1e28b1e463e6241d46c1e50fbce0c13 SHA512 aa125991592667280dce3788aabe81487cf8c55b0afc59d675cc30b76055bb7114f5380b4a0e3b6461a8f81bf9812fa26d493a85f7e01d84263d484a0d699ee7
DIST curl-7.87.0.tar.xz.asc 488 BLAKE2B 031d8236b357bd3c519548b181254dc0aea1efc1375738bce04f4f331d35bafe99d1ca394ecf5943ede7cae040854b6d2b478fd305147eb7330f8d50e5d95c96 SHA512 0bcc12bafc4ae50d80128af2cf4bf1a1ec6018ebb8d5b9c49f52b51c0c25acc77e820858965656549ef43c1f923f4e5fe75b0a3523623154b4cfb9dc8a1d76e4 DIST curl-7.87.0.tar.xz.asc 488 BLAKE2B 031d8236b357bd3c519548b181254dc0aea1efc1375738bce04f4f331d35bafe99d1ca394ecf5943ede7cae040854b6d2b478fd305147eb7330f8d50e5d95c96 SHA512 0bcc12bafc4ae50d80128af2cf4bf1a1ec6018ebb8d5b9c49f52b51c0c25acc77e820858965656549ef43c1f923f4e5fe75b0a3523623154b4cfb9dc8a1d76e4
DIST curl-7.88.1.tar.xz 2581032 BLAKE2B ed7e7aa29efb02fd89a53d5c8d0ec79b4d17612ea07d2a6b5a951f0ca651b4cf7264704344b1a0c2d82196f4cb5c08525e06b4cdd432bc3278ff23c7a6580839 SHA512 b8d30c52a6d1c3e272608a7a8db78dfd79aef21330f34d6f1df43839a400e13ac6aac72a383526db0b711a70ecbec89a3b934677d7ecf5094fd64d3dbcb3492f
DIST curl-7.88.1.tar.xz.asc 488 BLAKE2B ea90d840846fca3f0b17838a84431cb44d6e3f8d2b42c3eced1fb1c929a58e8899b303c93d27ca3cafcaa52e7269ac440e7102191d6b2c2751729a6c4116e82f SHA512 d6dc720533004c4d533cc4fb3dd33ac28d95e114f440ec011e4b58f65d1f4c40cfa10ba26d2e2f2f1f9de99511632578b4758c5e79593c7c30d29788fdf1cbb6

306
sdk_container/src/third_party/portage-stable/net-misc/curl/curl-7.88.1-r1.ebuild vendored Normal file
View File

@ -0,0 +1,306 @@
# Copyright 1999-2023 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI="8"
inherit autotools multilib-minimal prefix verify-sig
DESCRIPTION="A Client that groks URLs"
HOMEPAGE="https://curl.se/"
SRC_URI="https://curl.se/download/${P}.tar.xz
verify-sig? ( https://curl.se/download/${P}.tar.xz.asc )"
LICENSE="curl"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
IUSE="+adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp rustls samba +smtp ssh ssl sslv3 static-libs test telnet +tftp websockets zstd"
IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_rustls"
IUSE+=" nghttp3"
VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc
#Only one default ssl provider can be enabled
REQUIRED_USE="
ssl? (
^^ (
curl_ssl_gnutls
curl_ssl_mbedtls
curl_ssl_nss
curl_ssl_openssl
curl_ssl_rustls
)
)"
# lead to lots of false negatives, bug #285669
RESTRICT="!test? ( test )"
RDEPEND="ldap? ( net-nds/openldap:=[${MULTILIB_USEDEP}] )
brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] )
ssl? (
gnutls? (
net-libs/gnutls:=[static-libs?,${MULTILIB_USEDEP}]
dev-libs/nettle:=[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
mbedtls? (
net-libs/mbedtls:=[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
openssl? (
dev-libs/openssl:=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}]
)
nss? (
dev-libs/nss:0[${MULTILIB_USEDEP}]
dev-libs/nss-pem
app-misc/ca-certificates
)
rustls? (
net-libs/rustls-ffi:=[${MULTILIB_USEDEP}]
)
)
http2? ( net-libs/nghttp2:=[${MULTILIB_USEDEP}] )
nghttp3? (
net-libs/nghttp3[${MULTILIB_USEDEP}]
net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}]
)
idn? ( net-dns/libidn2:=[static-libs?,${MULTILIB_USEDEP}] )
adns? ( net-dns/c-ares:=[${MULTILIB_USEDEP}] )
kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] )
ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] )
sys-libs/zlib[${MULTILIB_USEDEP}]
zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )"
DEPEND="${RDEPEND}"
BDEPEND="dev-lang/perl
virtual/pkgconfig
test? (
sys-apps/diffutils
http2? ( net-libs/nghttp2:=[utils,${MULTILIB_USEDEP}] )
nghttp3? ( net-libs/nghttp2:=[utils,${MULTILIB_USEDEP}] )
)
verify-sig? ( sec-keys/openpgp-keys-danielstenberg )"
DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} )
MULTILIB_WRAPPED_HEADERS=(
/usr/include/curl/curlbuild.h
)
MULTILIB_CHOST_TOOLS=(
/usr/bin/curl-config
)
PATCHES=(
"${FILESDIR}"/${PN}-7.30.0-prefix.patch
"${FILESDIR}"/${PN}-respect-cflags-3.patch
"${FILESDIR}"/${P}-header-dump-segfault.patch
"${FILESDIR}"/${P}-pipewait.patch
"${FILESDIR}"/${P}-silent-parallel.patch
)
src_prepare() {
default
# Some tests (HTTP/#) rely on ssl certificates that are stored VCS which breaks
# with out-of-tree builds.
sed -i "s:my \$path = getcwd():my \$path = \"${S}/tests\":" tests/http*-server.pl \
|| die "Unable to update test locations"
eprefixify curl-config.in
eautoreconf
}
multilib_src_configure() {
# We make use of the fact that later flags override earlier ones
# So start with all ssl providers off until proven otherwise
# TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/)
local myconf=()
myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt )
#myconf+=( --without-default-ssl-backend )
if use ssl ; then
myconf+=( --without-gnutls --without-mbedtls --without-nss --without-rustls )
if use gnutls || use curl_ssl_gnutls; then
einfo "SSL provided by gnutls"
myconf+=( --with-gnutls )
fi
if use mbedtls || use curl_ssl_mbedtls; then
einfo "SSL provided by mbedtls"
myconf+=( --with-mbedtls )
fi
if use nss || use curl_ssl_nss; then
einfo "SSL provided by nss"
myconf+=( --with-nss --with-nss-deprecated )
fi
if use openssl || use curl_ssl_openssl; then
einfo "SSL provided by openssl"
myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )
fi
if use rustls || use curl_ssl_rustls; then
einfo "SSL provided by rustls"
myconf+=( --with-rustls )
fi
if use curl_ssl_gnutls; then
einfo "Default SSL provided by gnutls"
myconf+=( --with-default-ssl-backend=gnutls )
elif use curl_ssl_mbedtls; then
einfo "Default SSL provided by mbedtls"
myconf+=( --with-default-ssl-backend=mbedtls )
elif use curl_ssl_nss; then
einfo "Default SSL provided by nss"
myconf+=( --with-default-ssl-backend=nss )
elif use curl_ssl_openssl; then
einfo "Default SSL provided by openssl"
myconf+=( --with-default-ssl-backend=openssl )
elif use curl_ssl_rustls; then
einfo "Default SSL provided by rustls"
myconf+=( --with-default-ssl-backend=rustls )
else
eerror "We can't be here because of REQUIRED_USE."
fi
else
myconf+=( --without-ssl )
einfo "SSL disabled"
fi
# These configuration options are organized alphabetically
# within each category. This should make it easier if we
# ever decide to make any of them contingent on USE flags:
# 1) protocols first. To see them all do
# 'grep SUPPORT_PROTOCOLS configure.ac'
# 2) --enable/disable options second.
# 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort
# 3) --with/without options third.
# grep -- --with configure | grep Check | awk '{ print $4 }' | sort
myconf+=(
$(use_enable alt-svc)
--enable-crypto-auth
--enable-dict
--disable-ech
--enable-file
$(use_enable ftp)
$(use_enable gopher)
$(use_enable hsts)
--enable-http
$(use_enable imap)
$(use_enable ldap)
$(use_enable ldap ldaps)
--enable-ntlm
--disable-ntlm-wb
$(use_enable pop3)
--enable-rt
--enable-rtsp
$(use_enable samba smb)
$(use_with ssh libssh2)
$(use_enable smtp)
$(use_enable telnet)
$(use_enable tftp)
--enable-tls-srp
$(use_enable adns ares)
--enable-cookies
--enable-dateparse
--enable-dnsshuffle
--enable-doh
--enable-symbol-hiding
--enable-http-auth
--enable-ipv6
--enable-largefile
--enable-manual
--enable-mime
--enable-netrc
$(use_enable progress-meter)
--enable-proxy
--enable-socketpair
--disable-sspi
$(use_enable static-libs static)
--enable-pthreads
--enable-threaded-resolver
--disable-versioned-symbols
--without-amissl
--without-bearssl
$(use_with brotli)
--without-fish-functions-dir
$(use_with http2 nghttp2)
--without-hyper
$(use_with idn libidn2)
$(use_with kerberos gssapi "${EPREFIX}"/usr)
--without-libgsasl
--without-libpsl
--without-msh3
$(use_with nghttp3)
$(use_with nghttp3 ngtcp2)
--without-quiche
$(use_with rtmp librtmp)
--without-schannel
--without-secure-transport
--without-test-caddy
--without-test-httpd
--without-test-nghttpx
$(use_enable websockets)
--without-winidn
--without-wolfssl
--with-zlib
$(use_with zstd)
)
if use test && multilib_is_native_abi && ( use http2 || use nghttp3 ); then
myconf+=(
--with-test-nghttpx="${BROOT}/usr/bin/nghttpx"
)
fi
ECONF_SOURCE="${S}" econf "${myconf[@]}"
if ! multilib_is_native_abi; then
# avoid building the client
sed -i -e '/SUBDIRS/s:src::' Makefile || die
sed -i -e '/SUBDIRS/s:scripts::' Makefile || die
fi
# Fix up the pkg-config file to be more robust.
# https://github.com/curl/curl/issues/864
local priv=() libs=()
# We always enable zlib.
libs+=( "-lz" )
priv+=( "zlib" )
if use http2; then
libs+=( "-lnghttp2" )
priv+=( "libnghttp2" )
fi
if use nghttp3; then
libs+=( "-lnghttp3" "-lngtcp2" )
priv+=( "libnghttp3" "libngtcp2" )
fi
if use ssl && use curl_ssl_openssl; then
libs+=( "-lssl" "-lcrypto" )
priv+=( "openssl" )
fi
grep -q Requires.private libcurl.pc && die "need to update ebuild"
libs=$(printf '|%s' "${libs[@]}")
sed -i -r \
-e "/^Libs.private/s:(${libs#|})( |$)::g" \
libcurl.pc || die
echo "Requires.private: ${priv[*]}" >> libcurl.pc || die
}
multilib_src_test() {
# See https://github.com/curl/curl/blob/master/tests/runtests.pl#L5721
# -n: no valgrind (unreliable in sandbox and doesn't work correctly on all arches)
# -v: verbose
# -a: keep going on failure (so we see everything which breaks, not just 1st test)
# -k: keep test files after completion
# -am: automake style TAP output
# -p: print logs if test fails
# Note: if needed, we can disable tests. See e.g. Fedora's packaging
# or just read https://github.com/curl/curl/tree/master/tests#run.
multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p"
}
multilib_src_install_all() {
einstalldocs
find "${ED}" -type f -name '*.la' -delete || die
rm -rf "${ED}"/etc/ || die
}

302
sdk_container/src/third_party/portage-stable/net-misc/curl/curl-7.88.1.ebuild vendored Normal file
View File

@ -0,0 +1,302 @@
# Copyright 1999-2023 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI="8"
inherit autotools multilib-minimal prefix verify-sig
DESCRIPTION="A Client that groks URLs"
HOMEPAGE="https://curl.se/"
SRC_URI="https://curl.se/download/${P}.tar.xz
verify-sig? ( https://curl.se/download/${P}.tar.xz.asc )"
LICENSE="curl"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
IUSE="+adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp rustls samba +smtp ssh ssl sslv3 static-libs test telnet +tftp websockets zstd"
IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_rustls"
IUSE+=" nghttp3"
VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc
#Only one default ssl provider can be enabled
REQUIRED_USE="
ssl? (
^^ (
curl_ssl_gnutls
curl_ssl_mbedtls
curl_ssl_nss
curl_ssl_openssl
curl_ssl_rustls
)
)"
# lead to lots of false negatives, bug #285669
RESTRICT="!test? ( test )"
RDEPEND="ldap? ( net-nds/openldap:=[${MULTILIB_USEDEP}] )
brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] )
ssl? (
gnutls? (
net-libs/gnutls:=[static-libs?,${MULTILIB_USEDEP}]
dev-libs/nettle:=[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
mbedtls? (
net-libs/mbedtls:=[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
openssl? (
dev-libs/openssl:=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}]
)
nss? (
dev-libs/nss:0[${MULTILIB_USEDEP}]
dev-libs/nss-pem
app-misc/ca-certificates
)
rustls? (
net-libs/rustls-ffi:=[${MULTILIB_USEDEP}]
)
)
http2? ( net-libs/nghttp2:=[${MULTILIB_USEDEP}] )
nghttp3? (
net-libs/nghttp3[${MULTILIB_USEDEP}]
net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}]
)
idn? ( net-dns/libidn2:=[static-libs?,${MULTILIB_USEDEP}] )
adns? ( net-dns/c-ares:=[${MULTILIB_USEDEP}] )
kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] )
ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] )
sys-libs/zlib[${MULTILIB_USEDEP}]
zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )"
DEPEND="${RDEPEND}"
BDEPEND="dev-lang/perl
virtual/pkgconfig
test? (
sys-apps/diffutils
http2? ( net-libs/nghttp2:=[utils,${MULTILIB_USEDEP}] )
nghttp3? ( net-libs/nghttp2:=[utils,${MULTILIB_USEDEP}] )
)
verify-sig? ( sec-keys/openpgp-keys-danielstenberg )"
DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} )
MULTILIB_WRAPPED_HEADERS=(
/usr/include/curl/curlbuild.h
)
MULTILIB_CHOST_TOOLS=(
/usr/bin/curl-config
)
PATCHES=(
"${FILESDIR}"/${PN}-7.30.0-prefix.patch
"${FILESDIR}"/${PN}-respect-cflags-3.patch
)
src_prepare() {
default
# Some tests (HTTP/#) rely on ssl certificates that are stored VCS which breaks
# with out-of-tree builds.
sed -i "s:my \$path = getcwd():my \$path = \"${S}/tests\":" tests/http*-server.pl \
|| die "Unable to update test locations"
eprefixify curl-config.in
eautoreconf
}
multilib_src_configure() {
# We make use of the fact that later flags override earlier ones
# So start with all ssl providers off until proven otherwise
# TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/)
local myconf=()
myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt )
#myconf+=( --without-default-ssl-backend )
if use ssl ; then
myconf+=( --without-gnutls --without-mbedtls --without-nss --without-rustls )
if use gnutls || use curl_ssl_gnutls; then
einfo "SSL provided by gnutls"
myconf+=( --with-gnutls )
fi
if use mbedtls || use curl_ssl_mbedtls; then
einfo "SSL provided by mbedtls"
myconf+=( --with-mbedtls )
fi
if use nss || use curl_ssl_nss; then
einfo "SSL provided by nss"
myconf+=( --with-nss --with-nss-deprecated )
fi
if use openssl || use curl_ssl_openssl; then
einfo "SSL provided by openssl"
myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )
fi
if use rustls || use curl_ssl_rustls; then
einfo "SSL provided by rustls"
myconf+=( --with-rustls )
fi
if use curl_ssl_gnutls; then
einfo "Default SSL provided by gnutls"
myconf+=( --with-default-ssl-backend=gnutls )
elif use curl_ssl_mbedtls; then
einfo "Default SSL provided by mbedtls"
myconf+=( --with-default-ssl-backend=mbedtls )
elif use curl_ssl_nss; then
einfo "Default SSL provided by nss"
myconf+=( --with-default-ssl-backend=nss )
elif use curl_ssl_openssl; then
einfo "Default SSL provided by openssl"
myconf+=( --with-default-ssl-backend=openssl )
elif use curl_ssl_rustls; then
einfo "Default SSL provided by rustls"
myconf+=( --with-default-ssl-backend=rustls )
else
eerror "We can't be here because of REQUIRED_USE."
fi
else
myconf+=( --without-ssl )
einfo "SSL disabled"
fi
# These configuration options are organized alphabetically
# within each category. This should make it easier if we
# ever decide to make any of them contingent on USE flags:
# 1) protocols first. To see them all do
# 'grep SUPPORT_PROTOCOLS configure.ac'
# 2) --enable/disable options second.
# 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort
# 3) --with/without options third.
# grep -- --with configure | grep Check | awk '{ print $4 }' | sort
myconf+=(
$(use_enable alt-svc)
--enable-crypto-auth
--enable-dict
--disable-ech
--enable-file
$(use_enable ftp)
$(use_enable gopher)
$(use_enable hsts)
--enable-http
$(use_enable imap)
$(use_enable ldap)
$(use_enable ldap ldaps)
--enable-ntlm
--disable-ntlm-wb
$(use_enable pop3)
--enable-rt
--enable-rtsp
$(use_enable samba smb)
$(use_with ssh libssh2)
$(use_enable smtp)
$(use_enable telnet)
$(use_enable tftp)
--enable-tls-srp
$(use_enable adns ares)
--enable-cookies
--enable-dateparse
--enable-dnsshuffle
--enable-doh
--enable-symbol-hiding
--enable-http-auth
--enable-ipv6
--enable-largefile
--enable-manual
--enable-mime
--enable-netrc
$(use_enable progress-meter)
--enable-proxy
--enable-socketpair
--disable-sspi
$(use_enable static-libs static)
--enable-pthreads
--enable-threaded-resolver
--disable-versioned-symbols
--without-amissl
--without-bearssl
$(use_with brotli)
--without-fish-functions-dir
$(use_with http2 nghttp2)
--without-hyper
$(use_with idn libidn2)
$(use_with kerberos gssapi "${EPREFIX}"/usr)
--without-libgsasl
--without-libpsl
--without-msh3
$(use_with nghttp3)
$(use_with nghttp3 ngtcp2)
--without-quiche
$(use_with rtmp librtmp)
--without-schannel
--without-secure-transport
--without-test-caddy
--without-test-httpd
--without-test-nghttpx
$(use_enable websockets)
--without-winidn
--without-wolfssl
--with-zlib
$(use_with zstd)
)
if use test && multilib_is_native_abi && ( use http2 || use nghttp3 ); then
myconf+=(
--with-test-nghttpx="${BROOT}/usr/bin/nghttpx"
)
fi
ECONF_SOURCE="${S}" econf "${myconf[@]}"
if ! multilib_is_native_abi; then
# avoid building the client
sed -i -e '/SUBDIRS/s:src::' Makefile || die
sed -i -e '/SUBDIRS/s:scripts::' Makefile || die
fi
# Fix up the pkg-config file to be more robust.
# https://github.com/curl/curl/issues/864
local priv=() libs=()
# We always enable zlib.
libs+=( "-lz" )
priv+=( "zlib" )
if use http2; then
libs+=( "-lnghttp2" )
priv+=( "libnghttp2" )
fi
if use nghttp3; then
libs+=( "-lnghttp3" "-lngtcp2" )
priv+=( "libnghttp3" "libngtcp2" )
fi
if use ssl && use curl_ssl_openssl; then
libs+=( "-lssl" "-lcrypto" )
priv+=( "openssl" )
fi
grep -q Requires.private libcurl.pc && die "need to update ebuild"
libs=$(printf '|%s' "${libs[@]}")
sed -i -r \
-e "/^Libs.private/s:(${libs#|})( |$)::g" \
libcurl.pc || die
echo "Requires.private: ${priv[*]}" >> libcurl.pc || die
}
multilib_src_test() {
# See https://github.com/curl/curl/blob/master/tests/runtests.pl#L5721
# -n: no valgrind (unreliable in sandbox and doesn't work correctly on all arches)
# -v: verbose
# -a: keep going on failure (so we see everything which breaks, not just 1st test)
# -k: keep test files after completion
# -am: automake style TAP output
# -p: print logs if test fails
# Note: if needed, we can disable tests. See e.g. Fedora's packaging
# or just read https://github.com/curl/curl/tree/master/tests#run.
multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p"
}
multilib_src_install_all() {
einstalldocs
find "${ED}" -type f -name '*.la' -delete || die
rm -rf "${ED}"/etc/ || die
}

84
sdk_container/src/third_party/portage-stable/net-misc/curl/files/curl-7.86.0-noproxy-tailmatch-like-in-7.85.0-and-earlier.patch vendored
View File

@ -1,84 +0,0 @@
https://github.com/curl/curl/issues/9842
https://github.com/curl/curl/commit/b1953c1933b369b1217ef0f16053e26da63488c3
From b1953c1933b369b1217ef0f16053e26da63488c3 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Sun, 6 Nov 2022 23:19:51 +0100
Subject: [PATCH] noproxy: tailmatch like in 7.85.0 and earlier
A regfression in 7.86.0 (via 1e9a538e05c010) made the tailmatch work
differently than before. This restores the logic to how it used to work:
All names listed in NO_PROXY are tailmatched against the used domain
name, if the lengths are identical it needs a full match.
Update the docs, update test 1614.
Reported-by: Stuart Henderson
Fixes #9842
Closes #9858
---
docs/libcurl/opts/CURLOPT_NOPROXY.3 | 4 ----
lib/noproxy.c | 32 +++++++++++++++--------------
tests/unit/unit1614.c | 3 ++-
3 files changed, 19 insertions(+), 20 deletions(-)
diff --git a/docs/libcurl/opts/CURLOPT_NOPROXY.3 b/docs/libcurl/opts/CURLOPT_NOPROXY.3
index 5e4c32130431..dc3cf7c10833 100644
--- a/docs/libcurl/opts/CURLOPT_NOPROXY.3
+++ b/docs/libcurl/opts/CURLOPT_NOPROXY.3
@@ -40,10 +40,6 @@ list is matched as either a domain which contains the hostname, or the
hostname itself. For example, "ample.com" would match ample.com, ample.com:80,
and www.ample.com, but not www.example.com or ample.com.org.
-If the name in the \fInoproxy\fP list has a leading period, it is a domain
-match against the provided host name. This way ".example.com" will switch off
-proxy use for both "www.example.com" as well as for "foo.example.com".
-
Setting the \fInoproxy\fP string to "" (an empty string) will explicitly
enable the proxy for all host names, even if there is an environment variable
set for it.
diff --git a/lib/noproxy.c b/lib/noproxy.c
index 2832ae166a5b..fb856e4faa72 100644
--- a/lib/noproxy.c
+++ b/lib/noproxy.c
@@ -187,22 +187,24 @@ bool Curl_check_noproxy(const char *name, const char *no_proxy)
tokenlen--;
if(tokenlen && (*token == '.')) {
- /* A: example.com matches '.example.com'
- B: www.example.com matches '.example.com'
- C: nonexample.com DOES NOT match '.example.com'
- */
- if((tokenlen - 1) == namelen)
- /* case A, exact match without leading dot */
- match = strncasecompare(token + 1, name, namelen);
- else if(tokenlen < namelen)
- /* case B, tailmatch with leading dot */
- match = strncasecompare(token, name + (namelen - tokenlen),
- tokenlen);
- /* case C passes through, not a match */
+ /* ignore leading token dot as well */
+ token++;
+ tokenlen--;
}
- else
- match = (tokenlen == namelen) &&
- strncasecompare(token, name, namelen);
+ /* A: example.com matches 'example.com'
+ B: www.example.com matches 'example.com'
+ C: nonexample.com DOES NOT match 'example.com'
+ */
+ if(tokenlen == namelen)
+ /* case A, exact match */
+ match = strncasecompare(token, name, namelen);
+ else if(tokenlen < namelen) {
+ /* case B, tailmatch domain */
+ match = (name[namelen - tokenlen - 1] == '.') &&
+ strncasecompare(token, name + (namelen - tokenlen),
+ tokenlen);
+ }
+ /* case C passes through, not a match */
break;
case TYPE_IPV4:
/* FALLTHROUGH */

86
sdk_container/src/third_party/portage-stable/net-misc/curl/files/curl-7.86.0-proxy-noproxy-match-comma.patch vendored
View File

@ -1,86 +0,0 @@
https://bugs.gentoo.org/878365#c2
https://github.com/curl/curl/issues/9813
https://github.com/curl/curl/commit/efc286b7a62af0568fdcbf3c68791c9955182128
From efc286b7a62af0568fdcbf3c68791c9955182128 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Thu, 27 Oct 2022 13:54:27 +0200
Subject: [PATCH] noproxy: also match with adjacent comma
If the host name is an IP address and the noproxy string contained that
IP address with a following comma, it would erroneously not match.
Extended test 1614 to verify this combo as well.
Reported-by: Henning Schild
Fixes #9813
Closes #9814
--- a/lib/noproxy.c
+++ b/lib/noproxy.c
@@ -192,18 +192,22 @@ bool Curl_check_noproxy(const char *name, const char *no_proxy)
/* FALLTHROUGH */
case TYPE_IPV6: {
const char *check = token;
- char *slash = strchr(check, '/');
+ char *slash;
unsigned int bits = 0;
char checkip[128];
+ if(tokenlen >= sizeof(checkip))
+ /* this cannot match */
+ break;
+ /* copy the check name to a temp buffer */
+ memcpy(checkip, check, tokenlen);
+ checkip[tokenlen] = 0;
+ check = checkip;
+
+ slash = strchr(check, '/');
/* if the slash is part of this token, use it */
- if(slash && (slash < &check[tokenlen])) {
+ if(slash) {
bits = atoi(slash + 1);
- /* copy the check name to a temp buffer */
- if(tokenlen >= sizeof(checkip))
- break;
- memcpy(checkip, check, tokenlen);
- checkip[ slash - check ] = 0;
- check = checkip;
+ *slash = 0; /* null terminate there */
}
if(type == TYPE_IPV6)
match = Curl_cidr6_match(name, check, bits);
--- a/tests/data/test1614
+++ b/tests/data/test1614
@@ -16,7 +16,7 @@ unittest
proxy
</features>
<name>
-cidr comparisons
+noproxy and cidr comparisons
</name>
</client>
<errorcode>
--- a/tests/unit/unit1614.c
+++ b/tests/unit/unit1614.c
@@ -77,6 +77,20 @@ UNITTEST_START
{ NULL, NULL, 0, FALSE} /* end marker */
};
struct noproxy list[]= {
+ { "127.0.0.1", "127.0.0.1,localhost", TRUE},
+ { "127.0.0.1", "127.0.0.1,localhost,", TRUE},
+ { "127.0.0.1", "127.0.0.1/8,localhost,", TRUE},
+ { "127.0.0.1", "127.0.0.1/28,localhost,", TRUE},
+ { "127.0.0.1", "127.0.0.1/31,localhost,", TRUE},
+ { "127.0.0.1", "localhost,127.0.0.1", TRUE},
+ { "127.0.0.1", "localhost,127.0.0.1.127.0.0.1.127.0.0.1.127.0.0.1."
+ "127.0.0.1.127.0.0.1.127.0.0.1.127.0.0.1.127.0.0.1.127.0.0.1.127."
+ "0.0.1.127.0.0.1.127.0.0." /* 128 bytes "address" */, FALSE},
+ { "127.0.0.1", "localhost,127.0.0.1.127.0.0.1.127.0.0.1.127.0.0.1."
+ "127.0.0.1.127.0.0.1.127.0.0.1.127.0.0.1.127.0.0.1.127.0.0.1.127."
+ "0.0.1.127.0.0.1.127.0.0" /* 127 bytes "address" */, FALSE},
+ { "localhost", "localhost,127.0.0.1", TRUE},
+ { "localhost", "127.0.0.1,localhost", TRUE},
{ "foobar", "barfoo", FALSE},
{ "foobar", "foobar", TRUE},
{ "192.168.0.1", "foobar", FALSE},

66
sdk_container/src/third_party/portage-stable/net-misc/curl/files/curl-7.86.0-proxy-noproxy-tailmatching.patch vendored
View File

@ -1,66 +0,0 @@
https://bugs.gentoo.org/878365#c2
https://github.com/curl/curl/issues/9821
https://github.com/curl/curl/commit/b830f9ba9e94acf672cd191993ff679fa888838b
From b830f9ba9e94acf672cd191993ff679fa888838b Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Fri, 28 Oct 2022 10:51:49 +0200
Subject: [PATCH] noproxy: fix tail-matching
Also ignore trailing dots in both host name and comparison pattern.
Regression in 7.86.0 (from 1e9a538e05c0)
Extended test 1614 to verify better.
Reported-by: Henning Schild
Fixes #9821
Closes #9822
--- a/lib/noproxy.c
+++ b/lib/noproxy.c
@@ -153,9 +153,14 @@ bool Curl_check_noproxy(const char *name, const char *no_proxy)
}
else {
unsigned int address;
+ namelen = strlen(name);
if(1 == Curl_inet_pton(AF_INET, name, &address))
type = TYPE_IPV4;
- namelen = strlen(name);
+ else {
+ /* ignore trailing dots in the host name */
+ if(name[namelen - 1] == '.')
+ namelen--;
+ }
}
while(*p) {
@@ -177,12 +182,23 @@ bool Curl_check_noproxy(const char *name, const char *no_proxy)
if(tokenlen) {
switch(type) {
case TYPE_HOST:
- if(*token == '.') {
- ++token;
- --tokenlen;
- /* tailmatch */
- match = (tokenlen <= namelen) &&
- strncasecompare(token, name + (namelen - tokenlen), namelen);
+ /* ignore trailing dots in the token to check */
+ if(token[tokenlen - 1] == '.')
+ tokenlen--;
+
+ if(tokenlen && (*token == '.')) {
+ /* A: example.com matches '.example.com'
+ B: www.example.com matches '.example.com'
+ C: nonexample.com DOES NOT match '.example.com'
+ */
+ if((tokenlen - 1) == namelen)
+ /* case A, exact match without leading dot */
+ match = strncasecompare(token + 1, name, namelen);
+ else if(tokenlen < namelen)
+ /* case B, tailmatch with leading dot */
+ match = strncasecompare(token, name + (namelen - tokenlen),
+ tokenlen);
+ /* case C passes through, not a match */
}
else
match = (tokenlen == namelen) &&

29
sdk_container/src/third_party/portage-stable/net-misc/curl/files/curl-7.88.1-header-dump-segfault.patch vendored Normal file
View File

@ -0,0 +1,29 @@
https://github.com/curl/curl/commit/1c9cfb7af368feefb522caf81b052ee742a76da8
From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 20 Feb 2023 18:35:13 +0100
Subject: [PATCH] tool_operate: avoid fclose(NULL) on bad header dump file
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Fixes #10570
Reported-by: Jérémy Rabasco
Closes #10571
--- a/src/tool_operate.c
+++ b/src/tool_operate.c
@@ -984,12 +984,13 @@ static CURLcode single_transfer(struct GlobalConfig *global,
*/
if(!per->prev || per->prev->config != config) {
newfile = fopen(config->headerfile, "wb+");
- fclose(newfile);
+ if(newfile)
+ fclose(newfile);
}
newfile = fopen(config->headerfile, "ab+");
if(!newfile) {
- warnf(global, "Failed to open %s\n", config->headerfile);
+ errorf(global, "Failed to open %s\n", config->headerfile);
result = CURLE_WRITE_ERROR;
break;
}

64
sdk_container/src/third_party/portage-stable/net-misc/curl/files/curl-7.88.1-pipewait.patch vendored Normal file
View File

@ -0,0 +1,64 @@
https://github.com/curl/curl/commit/821f6e2a89de8aec1c7da3c0f381b92b2b801efc
From: Stefan Eissing <stefan@eissing.org>
Date: Thu, 9 Feb 2023 16:07:34 +0100
Subject: [PATCH] CURLOPT_PIPEWAIT: allow waited reuse also for subsequent
connections
note: Dropped test portion of patch; not shipped in source tarball!
As tested in test_02_07, when firing off 200 urls with --parallel, 199
wait for the first connection to be established. if that is multiuse,
urls are added up to its capacity.
The first url over capacity opens another connection. But subsequent
urls found the same situation and open a connection too. They should
have waited for the second connection to actually connect and make its
capacity known.
This change fixes that by
- setting `connkeep()` early in the HTTP setup handler. as otherwise
a new connection is marked as closeit by default and not considered
for multiuse at all
- checking the "connected" status for a candidate always and continuing
to PIPEWAIT if no alternative is found.
pytest:
- removed "skip" from test_02_07
- added test_02_07b to check that http/1.1 continues to work as before
Closes #10456
--- a/lib/http.c
+++ b/lib/http.c
@@ -233,6 +233,7 @@ static CURLcode http_setup_conn(struct Curl_easy *data,
Curl_mime_initpart(&http->form);
data->req.p.http = http;
+ connkeep(conn, "HTTP default");
if((data->state.httpwant == CURL_HTTP_VERSION_3)
|| (data->state.httpwant == CURL_HTTP_VERSION_3ONLY)) {
--- a/lib/url.c
+++ b/lib/url.c
@@ -1170,14 +1170,14 @@ ConnectionExists(struct Curl_easy *data,
continue;
}
}
+ }
- if(!Curl_conn_is_connected(check, FIRSTSOCKET)) {
- foundPendingCandidate = TRUE;
- /* Don't pick a connection that hasn't connected yet */
- infof(data, "Connection #%ld isn't open enough, can't reuse",
- check->connection_id);
- continue;
- }
+ if(!Curl_conn_is_connected(check, FIRSTSOCKET)) {
+ foundPendingCandidate = TRUE;
+ /* Don't pick a connection that hasn't connected yet */
+ infof(data, "Connection #%ld isn't open enough, can't reuse",
+ check->connection_id);
+ continue;
}
#ifdef USE_UNIX_SOCKETS

20
sdk_container/src/third_party/portage-stable/net-misc/curl/files/curl-7.88.1-silent-parallel.patch vendored Normal file
View File

@ -0,0 +1,20 @@
https://github.com/curl/curl/commit/475207c1c834ecf203dc4f3bc1917ae87628b6d0
From: Daniel Stenberg <daniel@haxx.se>
Date: Tue, 21 Feb 2023 11:38:03 +0100
Subject: [PATCH] tool_progress: shut off progress meter for --silent in
parallel
Reported-by: finkjsc on github
Fixes #10573
Closes #10579
--- a/src/tool_progress.c
+++ b/src/tool_progress.c
@@ -173,7 +173,7 @@ bool progress_meter(struct GlobalConfig *global,
struct timeval now;
long diff;
- if(global->noprogress)
+ if(global->noprogress || global->silent)
return FALSE;
now = tvnow();