mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-12 07:26:58 +02:00
Code Issues Packages Projects Releases Wiki Activity

net-misc/curl: Sync with Gentoo

Browse Source 
It's from Gentoo commit cc1824275e07e2a2b7c3f516b25eb0832cd0e716.
This commit is contained in:
Flatcar Buildbot 2023-06-19 07:15:28 +00:00
parent d48fc89a1e
commit bd90d2e31b
8 changed files with 5 additions and 1079 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
sdk_container/src/third_party/portage-stable/net-misc/curl/Manifest vendored
View File

@ -1,8 +1,4 @@
DIST curl-8.0.1.tar.xz 2575544 BLAKE2B 67d82e9d71f0a351b5c2ed3ad5eab02e367ded872658a295179b935729d5105015f8c29569c396e11cd14036656af894ded85c8838cba260d9f6f1a8dcb5e22b SHA512 3bb777982659ed697ae90f113ff7b65d6ce8ba9fe6a8984cfd6769d2f051a72ba953c911abe234c204ec2cc5a35d68b4d033037fad7fba31bb92a52543f8d13d
DIST curl-8.0.1.tar.xz.asc 488 BLAKE2B 452e1bebe1028e7621bbf8829e50cf56e254cd63a8cf2a4c0332176b9f18fb2821304ae556a203996d273c986bddbd04db2218c18fd34dee66e9155861ba50ce SHA512 92c6a0570e9a8a708fe2f717b8b37a68dcb9cd4520ca50c9baafec5891bda103bce2d2dcb67f1387bf11bd7e51e0e64ccd52d196e61d58b598ad3aa1960386cf
DIST curl-8.1.0.tar.xz 2612568 BLAKE2B 768a824b8f5f6ddaa073599c4106f07a8134bcbe0e0d666390be1bce16ba25386d85930853bb47bc90b2c8a499a0b2abb9c685042563801e0fe58b9c315ac6cc SHA512 b99926f372ddd715cd1d2b54d8fb96b26b085e6501715e25aa57b6c6a7f8452473506ddb284e2f280f8afdb301b7f0c3bfde7ad7ed393b12c022430a9301096d
DIST curl-8.1.0.tar.xz.asc 488 BLAKE2B c1a8e50eddc7dd140af2af29736eb486e96a6d3b67a9161244daa86558f65522527380c92597a5f10e5dad187f0bda6ac5b9cadc29386bef4492bc047c77b423 SHA512 191a74c7a6b6aa78b7f36e1535fda0701bde8b333a61c90343e1f1b2d65cc5097b5febc5fa42b2f373795ef1b34078790deaaa71c8aaa45eed1c753729a45f3d
DIST curl-8.1.1.tar.xz 2613348 BLAKE2B 465a3237335e73665086ac43f5c66cfbab7e9b163e1ae0e2345da82f9c736d87fccf4d76369cc069abc29621f10db7ddbf22d0337db9ca85042bb12438d4aaed SHA512 d034b1ab9c00e8a0acf7ba6c6344734945d45666b4f38394f5456fcd9b22623146a897270861b7411412ca25c912e1bbf24eb139a6dfc1a8c00d098b3b925399
DIST curl-8.1.1.tar.xz.asc 488 BLAKE2B c92017d0fe4933d6c27d833944c231967263607a7871a658e0cbb9de46f7df8dfbec141e269296caf17ced004fb2b237b8311ec9f7bf98f03fb405b5755950fc SHA512 6a71c18d67de8c340b5d80c7452a82c00f7ef466f690eec12edcd6123aee6866e8a0e757e1cc6c9af87a63fdeaafbc9fc1b1a4e2e0fd8a75b5952d4738fd0b27
DIST curl-8.1.2.tar.xz 2612652 BLAKE2B 66d0828912bb9971dac99025aa8b5c1c2fac1f8b568f2a8a97bd9f66986bdb164b603b539ec3e123cd6a26ea65829e58c90fc9852be88b42074cf40c89c566d1 SHA512 532ab96eba6dea66d272f3be56f5af5c5da922480f9a10e203de98037c311f12f8145ba6bf813831e42815e068874ccfd108f84f7650743f5dbb3ebc3bc9c4f4
DIST curl-8.1.2.tar.xz.asc 488 BLAKE2B 304dbdb51aa113c0b70b2662e29b1be3294b04f5f00264ce60703756363999cd567dcd0301e27b294d1d53f16ecc016ba429fcbea240949b372750f7e6e7375a SHA512 d120299a2d59259aeb19ae0fa3a3e181e25b6927677187037c61a0901879956177ce8dda10764073a47848f81dcbbcb94e0b6008742994042b6b8fd194e169c3

319
sdk_container/src/third_party/portage-stable/net-misc/curl/curl-8.1.0-r1.ebuild vendored
View File

@ -1,319 +0,0 @@
# Copyright 1999-2023 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc
inherit autotools multilib-minimal prefix verify-sig
DESCRIPTION="A Client that groks URLs"
HOMEPAGE="https://curl.se/"
SRC_URI="
https://curl.se/download/${P}.tar.xz
verify-sig? ( https://curl.se/download/${P}.tar.xz.asc )
"
LICENSE="curl"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
IUSE="+adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp rustls samba +smtp ssh ssl sslv3 static-libs test telnet +tftp websockets zstd"
IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_rustls"
IUSE+=" nghttp3"
RESTRICT="!test? ( test )"
# Only one default ssl provider can be enabled
REQUIRED_USE="
ssl? (
^^ (
curl_ssl_gnutls
curl_ssl_mbedtls
curl_ssl_nss
curl_ssl_openssl
curl_ssl_rustls
)
)
"
RDEPEND="
sys-libs/zlib[${MULTILIB_USEDEP}]
adns? ( net-dns/c-ares:=[${MULTILIB_USEDEP}] )
brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] )
http2? ( net-libs/nghttp2:=[${MULTILIB_USEDEP}] )
idn? ( net-dns/libidn2:=[static-libs?,${MULTILIB_USEDEP}] )
kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
ldap? ( net-nds/openldap:=[${MULTILIB_USEDEP}] )
nghttp3? (
net-libs/nghttp3[${MULTILIB_USEDEP}]
net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}]
)
rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] )
ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] )
ssl? (
gnutls? (
app-misc/ca-certificates
net-libs/gnutls:=[static-libs?,${MULTILIB_USEDEP}]
dev-libs/nettle:=[${MULTILIB_USEDEP}]
)
mbedtls? (
app-misc/ca-certificates
net-libs/mbedtls:=[${MULTILIB_USEDEP}]
)
nss? (
app-misc/ca-certificates
dev-libs/nss[${MULTILIB_USEDEP}]
dev-libs/nss-pem
)
openssl? (
dev-libs/openssl:=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}]
)
rustls? (
net-libs/rustls-ffi:=[${MULTILIB_USEDEP}]
)
)
zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )
"
DEPEND="${RDEPEND}"
BDEPEND="
dev-lang/perl
virtual/pkgconfig
test? (
sys-apps/diffutils
http2? ( net-libs/nghttp2:=[utils,${MULTILIB_USEDEP}] )
nghttp3? ( net-libs/nghttp2:=[utils,${MULTILIB_USEDEP}] )
)
verify-sig? ( sec-keys/openpgp-keys-danielstenberg )
"
DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} )
MULTILIB_WRAPPED_HEADERS=(
/usr/include/curl/curlbuild.h
)
MULTILIB_CHOST_TOOLS=(
/usr/bin/curl-config
)
QA_CONFIG_IMPL_DECL_SKIP=(
__builtin_available
closesocket
CloseSocket
getpass_r
ioctlsocket
IoctlSocket
mach_absolute_time
setmode
)
PATCHES=(
"${FILESDIR}"/${PN}-prefix.patch
"${FILESDIR}"/${PN}-respect-cflags-3.patch
### Backports
"${FILESDIR}"/${P}-numeric-hostname.patch
"${FILESDIR}"/${P}-header-length.patch
)
src_prepare() {
default
eprefixify curl-config.in
eautoreconf
}
multilib_src_configure() {
# We make use of the fact that later flags override earlier ones
# So start with all ssl providers off until proven otherwise
# TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/)
local myconf=()
myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt )
#myconf+=( --without-default-ssl-backend )
if use ssl ; then
myconf+=( --without-gnutls --without-mbedtls --without-nss --without-rustls )
if use gnutls || use curl_ssl_gnutls; then
einfo "SSL provided by gnutls"
myconf+=( --with-gnutls )
fi
if use mbedtls || use curl_ssl_mbedtls; then
einfo "SSL provided by mbedtls"
myconf+=( --with-mbedtls )
fi
if use nss || use curl_ssl_nss; then
einfo "SSL provided by nss"
myconf+=( --with-nss --with-nss-deprecated )
fi
if use openssl || use curl_ssl_openssl; then
einfo "SSL provided by openssl"
myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )
fi
if use rustls || use curl_ssl_rustls; then
einfo "SSL provided by rustls"
myconf+=( --with-rustls )
fi
if use curl_ssl_gnutls; then
einfo "Default SSL provided by gnutls"
myconf+=( --with-default-ssl-backend=gnutls )
elif use curl_ssl_mbedtls; then
einfo "Default SSL provided by mbedtls"
myconf+=( --with-default-ssl-backend=mbedtls )
elif use curl_ssl_nss; then
einfo "Default SSL provided by nss"
myconf+=( --with-default-ssl-backend=nss )
elif use curl_ssl_openssl; then
einfo "Default SSL provided by openssl"
myconf+=( --with-default-ssl-backend=openssl )
elif use curl_ssl_rustls; then
einfo "Default SSL provided by rustls"
myconf+=( --with-default-ssl-backend=rustls )
else
eerror "We can't be here because of REQUIRED_USE."
fi
else
myconf+=( --without-ssl )
einfo "SSL disabled"
fi
# These configuration options are organized alphabetically
# within each category. This should make it easier if we
# ever decide to make any of them contingent on USE flags:
# 1) protocols first. To see them all do
# 'grep SUPPORT_PROTOCOLS configure.ac'
# 2) --enable/disable options second.
# 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort
# 3) --with/without options third.
# grep -- --with configure | grep Check | awk '{ print $4 }' | sort
myconf+=(
$(use_enable alt-svc)
--enable-crypto-auth
--enable-dict
--disable-ech
--enable-file
$(use_enable ftp)
$(use_enable gopher)
$(use_enable hsts)
--enable-http
$(use_enable imap)
$(use_enable ldap)
$(use_enable ldap ldaps)
--enable-ntlm
--disable-ntlm-wb
$(use_enable pop3)
--enable-rt
--enable-rtsp
$(use_enable samba smb)
$(use_with ssh libssh2)
$(use_enable smtp)
$(use_enable telnet)
$(use_enable tftp)
--enable-tls-srp
$(use_enable adns ares)
--enable-cookies
--enable-dateparse
--enable-dnsshuffle
--enable-doh
--enable-symbol-hiding
--enable-http-auth
--enable-ipv6
--enable-largefile
--enable-manual
--enable-mime
--enable-netrc
$(use_enable progress-meter)
--enable-proxy
--enable-socketpair
--disable-sspi
$(use_enable static-libs static)
--enable-pthreads
--enable-threaded-resolver
--disable-versioned-symbols
--without-amissl
--without-bearssl
$(use_with brotli)
--without-fish-functions-dir
$(use_with http2 nghttp2)
--without-hyper
$(use_with idn libidn2)
$(use_with kerberos gssapi "${EPREFIX}"/usr)
--without-libgsasl
--without-libpsl
--without-msh3
$(use_with nghttp3)
$(use_with nghttp3 ngtcp2)
--without-quiche
$(use_with rtmp librtmp)
--without-schannel
--without-secure-transport
--without-test-caddy
--without-test-httpd
--without-test-nghttpx
$(use_enable websockets)
--without-winidn
--without-wolfssl
--with-zlib
$(use_with zstd)
)
if use test && multilib_is_native_abi && ( use http2 || use nghttp3 ); then
myconf+=(
--with-test-nghttpx="${BROOT}/usr/bin/nghttpx"
)
fi
ECONF_SOURCE="${S}" econf "${myconf[@]}"
if ! multilib_is_native_abi; then
# Avoid building the client (we just want libcurl for multilib)
sed -i -e '/SUBDIRS/s:src::' Makefile || die
sed -i -e '/SUBDIRS/s:scripts::' Makefile || die
fi
# Fix up the pkg-config file to be more robust.
# https://github.com/curl/curl/issues/864
local priv=() libs=()
# We always enable zlib.
libs+=( "-lz" )
priv+=( "zlib" )
if use http2; then
libs+=( "-lnghttp2" )
priv+=( "libnghttp2" )
fi
if use nghttp3; then
libs+=( "-lnghttp3" "-lngtcp2" )
priv+=( "libnghttp3" "libngtcp2" )
fi
if use ssl && use curl_ssl_openssl; then
libs+=( "-lssl" "-lcrypto" )
priv+=( "openssl" )
fi
grep -q Requires.private libcurl.pc && die "need to update ebuild"
libs=$(printf '|%s' "${libs[@]}")
sed -i -r \
-e "/^Libs.private/s:(${libs#|})( |$)::g" \
libcurl.pc || die
echo "Requires.private: ${priv[*]}" >> libcurl.pc || die
}
multilib_src_test() {
# See https://github.com/curl/curl/blob/master/tests/runtests.pl#L5721
# -n: no valgrind (unreliable in sandbox and doesn't work correctly on all arches)
# -v: verbose
# -a: keep going on failure (so we see everything which breaks, not just 1st test)
# -k: keep test files after completion
# -am: automake style TAP output
# -p: print logs if test fails
# Note: if needed, we can skip specific tests. Prefix the test number in TFLAGS
# with a '!'. For example, to skip test 241 and 1083, use '!241 !1083'.
# See https://github.com/curl/curl/tree/master/tests#run for advanced test selection.
# The network sandbox causes tests 241 and 1083 to fail; these are typically skipped
# as most gentoo users don't have an 'ip6-localhost'
multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p !241 !1083"
}
multilib_src_install_all() {
einstalldocs
find "${ED}" -type f -name '*.la' -delete || die
rm -rf "${ED}"/etc/ || die
}

332
sdk_container/src/third_party/portage-stable/net-misc/curl/curl-8.1.1.ebuild vendored
View File

@ -1,332 +0,0 @@
# Copyright 1999-2023 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc
inherit autotools multilib-minimal prefix verify-sig
DESCRIPTION="A Client that groks URLs"
HOMEPAGE="https://curl.se/"
if [[ ${PV} == 9999 ]]; then
inherit git-r3
EGIT_REPO_URI="https://github.com/curl/curl.git"
else
SRC_URI="
https://curl.se/download/${P}.tar.xz
verify-sig? ( https://curl.se/download/${P}.tar.xz.asc )
"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
fi
LICENSE="curl"
SLOT="0"
IUSE="+adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp rustls samba +smtp ssh ssl sslv3 static-libs test telnet +tftp websockets zstd"
# These select the default SSL implementation
IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_rustls"
IUSE+=" nghttp3"
RESTRICT="!test? ( test )"
# Only one default ssl provider can be enabled
# The default ssl provider needs its USE satisfied
REQUIRED_USE="
ssl? (
^^ (
curl_ssl_gnutls
curl_ssl_mbedtls
curl_ssl_nss
curl_ssl_openssl
curl_ssl_rustls
)
)
curl_ssl_gnutls? ( gnutls )
curl_ssl_mbedtls? ( mbedtls )
curl_ssl_nss? ( nss )
curl_ssl_openssl? ( openssl )
curl_ssl_rustls? ( rustls )
"
RDEPEND="
sys-libs/zlib[${MULTILIB_USEDEP}]
adns? ( net-dns/c-ares:=[${MULTILIB_USEDEP}] )
brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] )
http2? ( net-libs/nghttp2:=[${MULTILIB_USEDEP}] )
idn? ( net-dns/libidn2:=[static-libs?,${MULTILIB_USEDEP}] )
kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
ldap? ( net-nds/openldap:=[${MULTILIB_USEDEP}] )
nghttp3? (
net-libs/nghttp3[${MULTILIB_USEDEP}]
net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}]
)
rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] )
ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] )
ssl? (
gnutls? (
app-misc/ca-certificates
net-libs/gnutls:=[static-libs?,${MULTILIB_USEDEP}]
dev-libs/nettle:=[${MULTILIB_USEDEP}]
)
mbedtls? (
app-misc/ca-certificates
net-libs/mbedtls:=[${MULTILIB_USEDEP}]
)
nss? (
app-misc/ca-certificates
dev-libs/nss[${MULTILIB_USEDEP}]
dev-libs/nss-pem
)
openssl? (
dev-libs/openssl:=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}]
)
rustls? (
net-libs/rustls-ffi:=[${MULTILIB_USEDEP}]
)
)
zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )
"
DEPEND="${RDEPEND}"
BDEPEND="
dev-lang/perl
virtual/pkgconfig
test? (
sys-apps/diffutils
http2? ( net-libs/nghttp2:=[utils,${MULTILIB_USEDEP}] )
nghttp3? ( net-libs/nghttp2:=[utils,${MULTILIB_USEDEP}] )
)
verify-sig? ( sec-keys/openpgp-keys-danielstenberg )
"
DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} )
MULTILIB_WRAPPED_HEADERS=(
/usr/include/curl/curlbuild.h
)
MULTILIB_CHOST_TOOLS=(
/usr/bin/curl-config
)
QA_CONFIG_IMPL_DECL_SKIP=(
__builtin_available
closesocket
CloseSocket
getpass_r
ioctlsocket
IoctlSocket
mach_absolute_time
setmode
)
PATCHES=(
"${FILESDIR}"/${PN}-prefix.patch
"${FILESDIR}"/${PN}-respect-cflags-3.patch
### Backports
"${FILESDIR}"/${P}-hanging-http2.patch
"${FILESDIR}"/${P}-configure-compiler.patch
)
src_prepare() {
default
eprefixify curl-config.in
eautoreconf
}
multilib_src_configure() {
# We make use of the fact that later flags override earlier ones
# So start with all ssl providers off until proven otherwise
# TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/)
local myconf=()
myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt )
if use ssl ; then
myconf+=( --without-gnutls --without-mbedtls --without-nss --without-rustls )
if use gnutls; then
einfo "SSL provided by gnutls"
myconf+=( --with-gnutls )
fi
if use mbedtls; then
einfo "SSL provided by mbedtls"
myconf+=( --with-mbedtls )
fi
if use nss; then
einfo "SSL provided by nss"
myconf+=( --with-nss --with-nss-deprecated )
fi
if use openssl; then
einfo "SSL provided by openssl"
myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )
fi
if use rustls; then
einfo "SSL provided by rustls"
myconf+=( --with-rustls )
fi
if use curl_ssl_gnutls; then
einfo "Default SSL provided by gnutls"
myconf+=( --with-default-ssl-backend=gnutls )
elif use curl_ssl_mbedtls; then
einfo "Default SSL provided by mbedtls"
myconf+=( --with-default-ssl-backend=mbedtls )
elif use curl_ssl_nss; then
einfo "Default SSL provided by nss"
myconf+=( --with-default-ssl-backend=nss )
elif use curl_ssl_openssl; then
einfo "Default SSL provided by openssl"
myconf+=( --with-default-ssl-backend=openssl )
elif use curl_ssl_rustls; then
einfo "Default SSL provided by rustls"
myconf+=( --with-default-ssl-backend=rustls )
else
eerror "We can't be here because of REQUIRED_USE."
fi
else
myconf+=( --without-ssl )
einfo "SSL disabled"
fi
# These configuration options are organized alphabetically
# within each category. This should make it easier if we
# ever decide to make any of them contingent on USE flags:
# 1) protocols first. To see them all do
# 'grep SUPPORT_PROTOCOLS configure.ac'
# 2) --enable/disable options second.
# 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort
# 3) --with/without options third.
# grep -- --with configure | grep Check | awk '{ print $4 }' | sort
myconf+=(
$(use_enable alt-svc)
--enable-crypto-auth
--enable-dict
--disable-ech
--enable-file
$(use_enable ftp)
$(use_enable gopher)
$(use_enable hsts)
--enable-http
$(use_enable imap)
$(use_enable ldap)
$(use_enable ldap ldaps)
--enable-ntlm
--disable-ntlm-wb
$(use_enable pop3)
--enable-rt
--enable-rtsp
$(use_enable samba smb)
$(use_with ssh libssh2)
$(use_enable smtp)
$(use_enable telnet)
$(use_enable tftp)
--enable-tls-srp
$(use_enable adns ares)
--enable-cookies
--enable-dateparse
--enable-dnsshuffle
--enable-doh
--enable-symbol-hiding
--enable-http-auth
--enable-ipv6
--enable-largefile
--enable-manual
--enable-mime
--enable-netrc
$(use_enable progress-meter)
--enable-proxy
--enable-socketpair
--disable-sspi
$(use_enable static-libs static)
--enable-pthreads
--enable-threaded-resolver
--disable-versioned-symbols
--without-amissl
--without-bearssl
$(use_with brotli)
--without-fish-functions-dir
$(use_with http2 nghttp2)
--without-hyper
$(use_with idn libidn2)
$(use_with kerberos gssapi "${EPREFIX}"/usr)
--without-libgsasl
--without-libpsl
--without-msh3
$(use_with nghttp3)
$(use_with nghttp3 ngtcp2)
--without-quiche
$(use_with rtmp librtmp)
--without-schannel
--without-secure-transport
--without-test-caddy
--without-test-httpd
--without-test-nghttpx
$(use_enable websockets)
--without-winidn
--without-wolfssl
--with-zlib
$(use_with zstd)
)
if use test && multilib_is_native_abi && ( use http2 || use nghttp3 ); then
myconf+=(
--with-test-nghttpx="${BROOT}/usr/bin/nghttpx"
)
fi
ECONF_SOURCE="${S}" econf "${myconf[@]}"
if ! multilib_is_native_abi; then
# Avoid building the client (we just want libcurl for multilib)
sed -i -e '/SUBDIRS/s:src::' Makefile || die
sed -i -e '/SUBDIRS/s:scripts::' Makefile || die
fi
# Fix up the pkg-config file to be more robust.
# https://github.com/curl/curl/issues/864
local priv=() libs=()
# We always enable zlib.
libs+=( "-lz" )
priv+=( "zlib" )
if use http2; then
libs+=( "-lnghttp2" )
priv+=( "libnghttp2" )
fi
if use nghttp3; then
libs+=( "-lnghttp3" "-lngtcp2" )
priv+=( "libnghttp3" "libngtcp2" )
fi
if use ssl && use curl_ssl_openssl; then
libs+=( "-lssl" "-lcrypto" )
priv+=( "openssl" )
fi
grep -q Requires.private libcurl.pc && die "need to update ebuild"
libs=$(printf '|%s' "${libs[@]}")
sed -i -r \
-e "/^Libs.private/s:(${libs#|})( |$)::g" \
libcurl.pc || die
echo "Requires.private: ${priv[*]}" >> libcurl.pc || die
}
multilib_src_test() {
# See https://github.com/curl/curl/blob/master/tests/runtests.pl#L5721
# -n: no valgrind (unreliable in sandbox and doesn't work correctly on all arches)
# -v: verbose
# -a: keep going on failure (so we see everything which breaks, not just 1st test)
# -k: keep test files after completion
# -am: automake style TAP output
# -p: print logs if test fails
# Note: if needed, we can skip specific tests. See e.g. Fedora's packaging
# or just read https://github.com/curl/curl/tree/master/tests#run.
# Note: we don't run the testsuite for cross-compilation.
# The network sandbox causes tests 241 and 1083 to fail; these are typically skipped
# as most gentoo users don't have an 'ip6-localhost'
multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p !241 !1083"
}
multilib_src_install_all() {
einstalldocs
find "${ED}" -type f -name '*.la' -delete || die
rm -rf "${ED}"/etc/ || die
}

7
sdk_container/src/third_party/portage-stable/net-misc/curl/curl-9999.ebuild vendored
View File

@ -4,7 +4,7 @@
EAPI=8
VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc
inherit autotools multilib-minimal prefix verify-sig
inherit autotools multilib-minimal multiprocessing prefix verify-sig
DESCRIPTION="A Client that groks URLs"
HOMEPAGE="https://curl.se/"
@ -318,7 +318,10 @@ multilib_src_test() {
# Note: if needed, we can skip specific tests. See e.g. Fedora's packaging
# or just read https://github.com/curl/curl/tree/master/tests#run.
# Note: we don't run the testsuite for cross-compilation.
multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p"
# Upstream recommend 7*nproc as a starting point for parallel tests.
# The network sandbox causes tests 241 and 1083 to fail; these are typically skipped
# as most gentoo users don't have an 'ip6-localhost'
multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p -j$((7*$(makeopts_jobs))) !241 !1083"
}
multilib_src_install_all() {

86
sdk_container/src/third_party/portage-stable/net-misc/curl/files/curl-8.1.0-header-length.patch vendored
View File

@ -1,86 +0,0 @@
https://github.com/curl/curl/commit/77c9a9845bbee66f3aff158b8452dc8cd963cbd5.patch
From: =?UTF-8?q?Emilio=20Cobos=20=C3=81lvarez?= <emilio@crisal.io>
Date: Thu, 18 May 2023 18:22:57 +0200
Subject: [PATCH] http2: double http request parser max line length
This works around #11138, by doubling the limit, and should be a
relatively safe fix.
Ideally the buffer would grow as needed and there would be no need for a
limit? But that might be follow-up material.
Fixes #11138
Closes #11139
---
lib/http1.h | 2 ++
lib/http2.c | 2 +-
lib/vquic/curl_msh3.c | 2 +-
lib/vquic/curl_ngtcp2.c | 2 +-
lib/vquic/curl_quiche.c | 2 +-
5 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/lib/http1.h b/lib/http1.h
index c2d107587a6f8..8acb9db401a95 100644
--- a/lib/http1.h
+++ b/lib/http1.h
@@ -33,6 +33,8 @@
#define H1_PARSE_OPT_NONE (0)
#define H1_PARSE_OPT_STRICT (1 << 0)
+#define H1_PARSE_DEFAULT_MAX_LINE_LEN (8 * 1024)
+
struct h1_req_parser {
struct http_req *req;
struct bufq scratch;
diff --git a/lib/http2.c b/lib/http2.c
index 47e6f71393156..4e3b182b8d815 100644
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -1860,7 +1860,7 @@ static ssize_t h2_submit(struct stream_ctx **pstream,
nghttp2_priority_spec pri_spec;
ssize_t nwritten;
- Curl_h1_req_parse_init(&h1, (4*1024));
+ Curl_h1_req_parse_init(&h1, H1_PARSE_DEFAULT_MAX_LINE_LEN);
Curl_dynhds_init(&h2_headers, 0, DYN_HTTP_REQUEST);
*err = http2_data_setup(cf, data, &stream);
diff --git a/lib/vquic/curl_msh3.c b/lib/vquic/curl_msh3.c
index 40e89379fc402..173886739b6dc 100644
--- a/lib/vquic/curl_msh3.c
+++ b/lib/vquic/curl_msh3.c
@@ -575,7 +575,7 @@ static ssize_t cf_msh3_send(struct Curl_cfilter *cf, struct Curl_easy *data,
CF_DATA_SAVE(save, cf, data);
- Curl_h1_req_parse_init(&h1, (4*1024));
+ Curl_h1_req_parse_init(&h1, H1_PARSE_DEFAULT_MAX_LINE_LEN);
Curl_dynhds_init(&h2_headers, 0, DYN_HTTP_REQUEST);
/* Sizes must match for cast below to work" */
diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c
index 05f960afdffa1..7794f148c6ec9 100644
--- a/lib/vquic/curl_ngtcp2.c
+++ b/lib/vquic/curl_ngtcp2.c
@@ -1550,7 +1550,7 @@ static ssize_t h3_stream_open(struct Curl_cfilter *cf,
nghttp3_data_reader reader;
nghttp3_data_reader *preader = NULL;
- Curl_h1_req_parse_init(&h1, (4*1024));
+ Curl_h1_req_parse_init(&h1, H1_PARSE_DEFAULT_MAX_LINE_LEN);
Curl_dynhds_init(&h2_headers, 0, DYN_HTTP_REQUEST);
*err = h3_data_setup(cf, data);
diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c
index 392b9beb83c59..c63e8e10a22e0 100644
--- a/lib/vquic/curl_quiche.c
+++ b/lib/vquic/curl_quiche.c
@@ -913,7 +913,7 @@ static ssize_t h3_open_stream(struct Curl_cfilter *cf,
DEBUGASSERT(stream);
}
- Curl_h1_req_parse_init(&h1, (4*1024));
+ Curl_h1_req_parse_init(&h1, H1_PARSE_DEFAULT_MAX_LINE_LEN);
Curl_dynhds_init(&h2_headers, 0, DYN_HTTP_REQUEST);
DEBUGASSERT(stream);

227
sdk_container/src/third_party/portage-stable/net-misc/curl/files/curl-8.1.0-numeric-hostname.patch vendored
View File

@ -1,227 +0,0 @@
https://github.com/curl/curl/commit/92772e6d395bbdda0e7822d980caf86e8c4aa51c.patch
From: Daniel Stenberg <daniel@haxx.se>
Date: Thu, 18 May 2023 00:31:17 +0200
Subject: [PATCH] urlapi: allow numerical parts in the host name
It can only be an IPv4 address if all parts are all digits and no more than
four parts, otherwise it is a host name. Even slightly wrong IPv4 will now be
passed through as a host name.
Regression from 17a15d88467 shipped in 8.1.0
Extended test 1560 accordingly.
Reported-by: Pavel Kalyugin
Fixes #11129
Closes #11131
--- a/lib/urlapi.c
+++ b/lib/urlapi.c
@@ -34,6 +34,7 @@
#include "inet_ntop.h"
#include "strdup.h"
#include "idn.h"
+#include "curl_memrchr.h"
/* The last 3 #include files should be in this order */
#include "curl_printf.h"
@@ -643,8 +644,8 @@ static CURLUcode hostname_check(struct Curl_URL *u, char *hostname,
* Handle partial IPv4 numerical addresses and different bases, like
* '16843009', '0x7f', '0x7f.1' '0177.1.1.1' etc.
*
- * If the given input string is syntactically wrong or any part for example is
- * too big, this function returns FALSE and doesn't create any output.
+ * If the given input string is syntactically wrong IPv4 or any part for
+ * example is too big, this function returns HOST_NAME.
*
* Output the "normalized" version of that input string in plain quad decimal
* integers.
@@ -675,7 +676,7 @@ static int ipv4_normalize(struct dynbuf *host)
unsigned long l;
if(!ISDIGIT(*c))
/* most importantly this doesn't allow a leading plus or minus */
- return n ? HOST_BAD : HOST_NAME;
+ return HOST_NAME;
l = strtoul(c, &endp, 0);
parts[n] = l;
@@ -684,7 +685,7 @@ static int ipv4_normalize(struct dynbuf *host)
switch(*c) {
case '.':
if(n == 3)
- return HOST_BAD;
+ return HOST_NAME;
n++;
c++;
break;
@@ -694,39 +695,40 @@ static int ipv4_normalize(struct dynbuf *host)
break;
default:
- return n ? HOST_BAD : HOST_NAME;
+ return HOST_NAME;
}
/* overflow */
if((l == ULONG_MAX) && (errno == ERANGE))
- return HOST_BAD;
+ return HOST_NAME;
#if SIZEOF_LONG > 4
/* a value larger than 32 bits */
if(l > UINT_MAX)
- return HOST_BAD;
+ return HOST_NAME;
#endif
}
- /* this is a valid IPv4 numerical address */
- Curl_dyn_reset(host);
-
switch(n) {
case 0: /* a -- 32 bits */
+ Curl_dyn_reset(host);
+
result = Curl_dyn_addf(host, "%u.%u.%u.%u",
parts[0] >> 24, (parts[0] >> 16) & 0xff,
(parts[0] >> 8) & 0xff, parts[0] & 0xff);
break;
case 1: /* a.b -- 8.24 bits */
if((parts[0] > 0xff) || (parts[1] > 0xffffff))
- return HOST_BAD;
+ return HOST_NAME;
+ Curl_dyn_reset(host);
result = Curl_dyn_addf(host, "%u.%u.%u.%u",
parts[0], (parts[1] >> 16) & 0xff,
(parts[1] >> 8) & 0xff, parts[1] & 0xff);
break;
case 2: /* a.b.c -- 8.8.16 bits */
if((parts[0] > 0xff) || (parts[1] > 0xff) || (parts[2] > 0xffff))
- return HOST_BAD;
+ return HOST_NAME;
+ Curl_dyn_reset(host);
result = Curl_dyn_addf(host, "%u.%u.%u.%u",
parts[0], parts[1], (parts[2] >> 8) & 0xff,
parts[2] & 0xff);
@@ -734,7 +736,8 @@ static int ipv4_normalize(struct dynbuf *host)
case 3: /* a.b.c.d -- 8.8.8.8 bits */
if((parts[0] > 0xff) || (parts[1] > 0xff) || (parts[2] > 0xff) ||
(parts[3] > 0xff))
- return HOST_BAD;
+ return HOST_NAME;
+ Curl_dyn_reset(host);
result = Curl_dyn_addf(host, "%u.%u.%u.%u",
parts[0], parts[1], parts[2], parts[3]);
break;
@@ -796,6 +799,9 @@ static CURLUcode parse_authority(struct Curl_URL *u,
if(result)
goto out;
+ if(!Curl_dyn_len(host))
+ return CURLUE_NO_HOST;
+
switch(ipv4_normalize(host)) {
case HOST_IPV4:
break;
--- a/tests/libtest/lib1560.c
+++ b/tests/libtest/lib1560.c
@@ -474,6 +474,13 @@ static const struct testcase get_parts_list[] ={
};
static const struct urltestcase get_url_list[] = {
+ {"https://1.0x1000000", "https://1.0x1000000/", 0, 0, CURLUE_OK},
+ {"https://0x7f.1", "https://127.0.0.1/", 0, 0, CURLUE_OK},
+ {"https://1.2.3.256.com", "https://1.2.3.256.com/", 0, 0, CURLUE_OK},
+ {"https://10.com", "https://10.com/", 0, 0, CURLUE_OK},
+ {"https://1.2.com", "https://1.2.com/", 0, 0, CURLUE_OK},
+ {"https://1.2.3.com", "https://1.2.3.com/", 0, 0, CURLUE_OK},
+ {"https://1.2.com.99", "https://1.2.com.99/", 0, 0, CURLUE_OK},
{"https://[fe80::0000:20c:29ff:fe9c:409b]:80/moo",
"https://[fe80::20c:29ff:fe9c:409b]:80/moo",
0, 0, CURLUE_OK},
@@ -522,22 +529,24 @@ static const struct urltestcase get_url_list[] = {
/* IPv4 trickeries */
{"https://16843009", "https://1.1.1.1/", 0, 0, CURLUE_OK},
- {"https://0x7f.1", "https://127.0.0.1/", 0, 0, CURLUE_OK},
{"https://0177.1", "https://127.0.0.1/", 0, 0, CURLUE_OK},
{"https://0111.02.0x3", "https://73.2.0.3/", 0, 0, CURLUE_OK},
+ {"https://0111.02.0x3.", "https://0111.02.0x3./", 0, 0, CURLUE_OK},
+ {"https://0111.02.030", "https://73.2.0.24/", 0, 0, CURLUE_OK},
+ {"https://0111.02.030.", "https://0111.02.030./", 0, 0, CURLUE_OK},
{"https://0xff.0xff.0377.255", "https://255.255.255.255/", 0, 0, CURLUE_OK},
{"https://1.0xffffff", "https://1.255.255.255/", 0, 0, CURLUE_OK},
/* IPv4 numerical overflows or syntax errors will not normalize */
{"https://a127.0.0.1", "https://a127.0.0.1/", 0, 0, CURLUE_OK},
{"https://\xff.127.0.0.1", "https://%FF.127.0.0.1/", 0, CURLU_URLENCODE,
CURLUE_OK},
- {"https://127.-0.0.1", "https://127.-0.0.1/", 0, 0, CURLUE_BAD_HOSTNAME},
+ {"https://127.-0.0.1", "https://127.-0.0.1/", 0, 0, CURLUE_OK},
{"https://127.0. 1", "https://127.0.0.1/", 0, 0, CURLUE_MALFORMED_INPUT},
- {"https://1.0x1000000", "https://1.0x1000000/", 0, 0, CURLUE_BAD_HOSTNAME},
- {"https://1.2.3.256", "https://1.2.3.256/", 0, 0, CURLUE_BAD_HOSTNAME},
- {"https://1.2.3.4.5", "https://1.2.3.4.5/", 0, 0, CURLUE_BAD_HOSTNAME},
- {"https://1.2.0x100.3", "https://1.2.0x100.3/", 0, 0, CURLUE_BAD_HOSTNAME},
- {"https://4294967296", "https://4294967296/", 0, 0, CURLUE_BAD_HOSTNAME},
+ {"https://1.2.3.256", "https://1.2.3.256/", 0, 0, CURLUE_OK},
+ {"https://1.2.3.256.", "https://1.2.3.256./", 0, 0, CURLUE_OK},
+ {"https://1.2.3.4.5", "https://1.2.3.4.5/", 0, 0, CURLUE_OK},
+ {"https://1.2.0x100.3", "https://1.2.0x100.3/", 0, 0, CURLUE_OK},
+ {"https://4294967296", "https://4294967296/", 0, 0, CURLUE_OK},
{"https://123host", "https://123host/", 0, 0, CURLUE_OK},
/* 40 bytes scheme is the max allowed */
{"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA://hostname/path",
@@ -599,20 +608,11 @@ static const struct urltestcase get_url_list[] = {
0, 0, CURLUE_OK},
/* here the password has the semicolon */
{"http://user:pass;word@host/file",
- "http://user:pass;word@host/file",
- 0, 0, CURLUE_OK},
- {"file:///file.txt#moo",
- "file:///file.txt#moo",
- 0, 0, CURLUE_OK},
- {"file:////file.txt",
- "file:////file.txt",
- 0, 0, CURLUE_OK},
- {"file:///file.txt",
- "file:///file.txt",
- 0, 0, CURLUE_OK},
- {"file:./",
- "file://",
- 0, 0, CURLUE_BAD_SCHEME},
+ "http://user:pass;word@host/file", 0, 0, CURLUE_OK},
+ {"file:///file.txt#moo", "file:///file.txt#moo", 0, 0, CURLUE_OK},
+ {"file:////file.txt", "file:////file.txt", 0, 0, CURLUE_OK},
+ {"file:///file.txt", "file:///file.txt", 0, 0, CURLUE_OK},
+ {"file:./", "file://", 0, 0, CURLUE_OK},
{"http://example.com/hello/../here",
"http://example.com/hello/../here",
CURLU_PATH_AS_IS, 0, CURLUE_OK},
@@ -1124,7 +1124,7 @@ static int get_url(void)
}
curl_free(url);
}
- else if(rc != get_url_list[i].ucode) {
+ if(rc != get_url_list[i].ucode) {
fprintf(stderr, "Get URL\nin: %s\nreturned %d (expected %d)\n",
get_url_list[i].in, (int)rc, get_url_list[i].ucode);
error++;
@@ -1515,6 +1515,9 @@ int test(char *URL)
{
(void)URL; /* not used */
+ if(get_url())
+ return 3;
+
if(huge())
return 9;
@@ -1533,9 +1536,6 @@ int test(char *URL)
if(set_parts())
return 2;
- if(get_url())
- return 3;
-
if(get_parts())
return 4;

73
sdk_container/src/third_party/portage-stable/net-misc/curl/files/curl-8.1.1-configure-compiler.patch vendored
View File

@ -1,73 +0,0 @@
The check for "basic compiler options" hangs otherwise.
https://github.com/curl/curl/commit/471dab2da0c6b2b08ca2b96a1da0a4825e2c3c36
https://github.com/curl/curl/commit/c4a019603b82a08c3572591a9393df0818ee02f6
From 471dab2da0c6b2b08ca2b96a1da0a4825e2c3c36 Mon Sep 17 00:00:00 2001
From: Christian Hesse <mail@eworm.de>
Date: Tue, 23 May 2023 09:40:18 +0200
Subject: [PATCH] configure: quote the assignments for run-compiler
Building for multilib failed, as the compiler command contains an
extra argument. That needs quoting.
Regression from b78ca50cb3dda361f9c1
Fixes #11179
Closes #11180
--- a/configure.ac
+++ b/configure.ac
@@ -193,8 +193,8 @@ dnl something different but only have that affect the execution of the results
dnl of the compile, not change the libraries for the compiler itself.
dnl
compilersh="run-compiler"
-echo "CC=$CC" > $compilersh
-echo "LD_LIBRARY_PATH=$LD_LIBRARY_PATH" >> $compilersh
+echo "CC=\"$CC\"" > $compilersh
+echo "LD_LIBRARY_PATH=\"$LD_LIBRARY_PATH\"" >> $compilersh
echo 'exec $CC $@' >> $compilersh
dnl **********************************************************************
From c4a019603b82a08c3572591a9393df0818ee02f6 Mon Sep 17 00:00:00 2001
From: Emanuele Torre <torreemanuele6@gmail.com>
Date: Tue, 23 May 2023 11:59:59 +0200
Subject: [PATCH] configure: fix build with arbitrary CC and LD_LIBRARY_PATH
Since ./configure and processes that inherit its environment variables
are the only callers of the run-compiler script, we can just save the
current value of the LD_LIBRARY_PATH and CC variables to another pair of
environment variables, and make run-compiler a static script that
simply restores CC and LD_LIBRARY_PATH to the saved value, and before
running the compiler.
This avoids having to inject the values of the variables in the script,
possibly causing problems if they contains spaces, quotes, and other
special characters.
Also add exports in the script just in case LD_LIBRARY_PATH and CC are
not already in the environment.
follow-up from 471dab2
Closes #11182
--- a/configure.ac
+++ b/configure.ac
@@ -193,9 +193,13 @@ dnl something different but only have that affect the execution of the results
dnl of the compile, not change the libraries for the compiler itself.
dnl
compilersh="run-compiler"
-echo "CC=\"$CC\"" > $compilersh
-echo "LD_LIBRARY_PATH=\"$LD_LIBRARY_PATH\"" >> $compilersh
-echo 'exec $CC $@' >> $compilersh
+export "CURL_SAVED_CC=$CC"
+export "CURL_SAVED_LD_LIBRARY_PATH=$LD_LIBRARY_PATH"
+cat <<\EOF > "$compilersh"
+export "CC=$CURL_SAVED_CC"
+export "LD_LIBRARY_PATH=$CURL_SAVED_LD_LIBRARY_PATH"
+exec $CC "$@"
+EOF
dnl **********************************************************************
dnl See which TLS backend(s) that are requested. Just do all the

36
sdk_container/src/third_party/portage-stable/net-misc/curl/files/curl-8.1.1-hanging-http2.patch vendored
View File

@ -1,36 +0,0 @@
https://github.com/curl/curl/commit/5c58cb0212bcf63cce33a974906bf9905948b4bb
From: Stefan Eissing <stefan@eissing.org>
Date: Wed, 24 May 2023 18:48:16 +0200
Subject: [PATCH] http2: fix EOF handling on uploads with auth negotiation
- doing a POST with `--digest` does an override on the initial request
with `Content-Length: 0`, but the http2 filter was unaware of that
and expected the originally request body. It did therefore not
send a final DATA frame with EOF flag to the server.
- The fix overrides any initial notion of post size when the `done_send`
event is triggered by the transfer loop, leading to the EOF that
is necessary.
- refs #11194. The fault did not happen in testing, as Apache httpd
never tries to read the request body of the initial request,
sends the 401 reply and closes the stream. The server used in the
reported issue however tried to read the EOF and timed out on the
request.
Reported-by: Aleksander Mazur
Fixes #11194
Cloes #11200
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -1527,10 +1527,8 @@ static CURLcode http2_data_done_send(struct Curl_cfilter *cf,
if(!stream->send_closed) {
stream->send_closed = TRUE;
if(stream->upload_left) {
- /* If we operated with unknown length, we now know that everything
- * that is buffered is all we have to send. */
- if(stream->upload_left == -1)
- stream->upload_left = Curl_bufq_len(&stream->sendbuf);
+ /* we now know that everything that is buffered is all there is. */
+ stream->upload_left = Curl_bufq_len(&stream->sendbuf);
/* resume sending here to trigger the callback to get called again so
that it can signal EOF to nghttp2 */
(void)nghttp2_session_resume_data(ctx->h2, stream->id);