mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-16 01:16:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

net-misc/curl: update to 7.83.1

Browse Source 
Update net-misc/curl to 7.83.1, mainly to address the following CVEs:
CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776,
CVE-2022-27778, CVE-2022-27779, CVE-2022-27780, CVE-2022-27781,
CVE-2022-27782, CVE-2022-30115
This commit is contained in:
Dongsu Park 2022-05-18 13:24:38 +02:00
parent fbd1ad1366
commit e9b49484e7
11 changed files with 704 additions and 185 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
sdk_container/src/third_party/portage-stable/net-misc/curl/Manifest vendored
View File

@ -1,3 +1,12 @@
DIST curl-7.78.0.tar.xz 2440640 BLAKE2B 0422071ce22d38b89652c702989674a2257dd18b05004245c4f2d7494ccdd24b5b52f330629ce6a411a059d5990e8c879cbbdf23d873b881141f9d2b9ad07f7f SHA512 f72e822a0b5e28320ef547c7a441c07f3b4870579a70ab4c428751baba435a1385cb89a22b9ed4b84a7fafecf620f155911e4131e3463ec1bdad80ecde47bb7a
DIST curl-7.79.0.tar.xz 2463072 BLAKE2B c3a8a60d3c04965272b1a439a4719cfaca903daaecd6265869b9188d1b6b13be63817b9daa77260673d67330baa3d9c2d917274f939cdadc467ac64d8fcf3203 SHA512 68bccba61f18de9f94c311b0d92cfa6572bb7e55e8773917c13b25203164a5a9f4ef6b8ad84a14d3d5dcb286271bf18c3dd84c4ca353866763c726f9defce808
DIST curl-7.79.1.tar.xz 2465212 BLAKE2B 2b694f96661c0aa0a136fdae4159e0ca8e811557c5a1f0b47cccaaad122f3ddbdaa6450c3835290955baf9357e872ee105a8cb0912064af3d3e38d16beb124ad SHA512 1edb71647a7f4dbb070baf1a019b4751aefeda793ff523c504410bb5cc74e5bffc52f20dd889697d1585f9ca3c4e81b1a9caadd182c30c8358ffd25f33e4db4d
DIST curl-7.79.1.tar.xz.asc 488 BLAKE2B cf1864b15ee4b47a61a03968c4fd9526d4c8d0c5a8a0a1357de61758640e6dfda57334df1e63afd94c0064b7e61527623dd20446b27fa0130e0bf92c647d9820 SHA512 4f7930fde0a21358cf0bd8d5cbde5a05efc34202265b4744e59f49d9dc269987f47b4ead77c33e2ae03acabd7b6d6a731c69b91999eea70542f49d9ea0c2ba94
DIST curl-7.80.0.tar.xz 2474492 BLAKE2B 0452ecb6943bc56b20ad8f1223135c9cae68cf31089b0e17e84d81af98dc5a47f5edfc271c5b4c23f232db6cea7ff5a9bffa9c7c319255d9afdb06fa5b8f761f SHA512 e04ddd74b0d5b3607a29bcf5d379d83a01c7dffa4ad3e2f25d8c85a3df7dbdb0625b0df1f04f02351695674502828e0e17e8b46c889cbf1e43f86d6e6dd716ab
DIST curl-7.80.0.tar.xz.asc 488 BLAKE2B 5cde8a91059bb19b9ee9b1aa4c3225522398a0d5837edf3d99b7f9ea758e5df2a729ce1d0a9763967c2319c30d94ba80ff50888dec07665a818216d42b91feee SHA512 e11adb85fb061bba8838f435f6afb200924f24cb7351d9a8208ec3d317d8ef8c1e16f06dedfc623acc749931015c42dcd86236a53602c6632b3a750841345b05
DIST curl-7.81.0.tar.xz 2486388 BLAKE2B bf8a3a03564648a9d7a5b4e7a523d840230f03237cf9eb5b07dcb4f531b036eb8111c1944bedd0c1df188e09a09468b3487d24ea50781124bc33d194546691f4 SHA512 38355aaee38db04bb2babdc5fd7a88284580c836d15df754f42b104997dd344b7841be8e53b4fc91aea31db170a7d6967c4976833eb4bfe0d265c7275c4800df
DIST curl-7.81.0.tar.xz.asc 488 BLAKE2B 9280f10b14ddd95a1405fda79f8c51528c91c5e86b8f90d16d20d7f11d212e6e4391377eed971d0b0b27f5f4692c702e9d7a11705f0558ad39df38608d6a0648 SHA512 ca32a639900a9f8211005227dfb594f809c5ca5ec1eb87e944ef33cca60e4844f5b6ebe49de79fba53068e5dee9652b1d43a7d3a74e05419a2ffb5b40dab8176
DIST curl-7.82.0.tar.xz 2446764 BLAKE2B 838accae4a45c090909cff91477a023789a79535691c80e507fd9e9712861b0c08e25ecd26079cb8ac8946cdf429a50991a7521e7b550b43c19e455625bc0750 SHA512 a977d69360d1793f8872096a21f5c0271e7ad145cd69ad45f4056a0657772f0f298b04bdb41aefd4ea5c4478352c60d80b5a118642280a07a7198aa80ffb1d57
DIST curl-7.82.0.tar.xz.asc 488 BLAKE2B 9da4ea63671621df956aa5dc191cfc6c8d2a8b1958416ca58ffc04d43ed65b89244968588879e6bd3299ca8f60b1eccb34dede012f8a2a37acf3ca34021da958 SHA512 1f14d8ab55360ba735dff916369ee318e98767718394654ce9443b6013509b6d3ed5597685b142e9823cec7496373b709a8656515d66039c06783879655151fe
DIST curl-7.83.0.tar.xz 2472560 BLAKE2B 0669f40265a56e7549e8038ed8421680d7264bff44dcc0692cf9f5248621311be5e228314710149bf9d2ccbe739f929039e04402c1d04a1362d0bbf08cb8cdc7 SHA512 be02bb2a8a3140eff3a9046f27cd4f872ed9ddaa644af49e56e5ef7dfec84a15b01db133469269437cddc937eda73953fa8c51bb758f7e98873822cd2290d3a9
DIST curl-7.83.0.tar.xz.asc 488 BLAKE2B a8f6dcf00f1b01b457a7eecc8364538393f414df60757f3664709c62b6007023a34ddf4ecb4688734e396031d30905b490dd0c115f09a9428db6a6be97cdf72c SHA512 8fb90f9692f4fdb82ea49f0e5151219b2334da5d3910f28e787bb688fb055b8b028ccf75cdcc15cd9f86d780d479f88f902fef7d7b9e007a4b849cb25c6c13cc
DIST curl-7.83.1.tar.xz 2474940 BLAKE2B 491427b12f082c2246ef6cb2a129340079db28bd93b4381889e7328bef1d61a79bb57cba4b8372759baa4f6e77644966ed95cfa8f839ee9db634786757fb1ce0 SHA512 2f63327d6d3687ba36fb7b8d5d3d15599eca33ebfb08681613612ea9c4b629d3b6ce4d2742fa1ebd7a997ed332001d3a4c798985f9277c83b9e7a9aecdb1b1ee
DIST curl-7.83.1.tar.xz.asc 488 BLAKE2B 78f7a6d9a32cab97e9ce26430eb2be2bc4e20552cf8c59238f30f127e9d7af5b4f9808c3fe0846c18c8f7a67b49f2f75d865d17b7760bb664872934799949441 SHA512 f0d29de315488c844eb81ed5a89ed6334910970224c8cac43e7e6f2d58c35ad0064c0b6122e69b3a34ce91f4b56873c63e2e8aea1c602ef40711bfd62a01b191

19
sdk_container/src/third_party/portage-stable/net-misc/curl/curl-7.78.0-r1.ebuild → sdk_container/src/third_party/portage-stable/net-misc/curl/curl-7.79.1-r1.ebuild vendored
View File

@ -1,13 +1,14 @@
# Copyright 1999-2021 Gentoo Authors
# Copyright 1999-2022 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI="7"
inherit autotools prefix multilib-minimal
inherit autotools prefix multilib-minimal verify-sig
DESCRIPTION="A Client that groks URLs"
HOMEPAGE="https://curl.haxx.se/"
SRC_URI="https://curl.haxx.se/download/${P}.tar.xz"
SRC_URI="https://curl.haxx.se/download/${P}.tar.xz
verify-sig? ( https://curl.haxx.se/download/${P}.tar.xz.asc )"
LICENSE="curl"
SLOT="0"
@ -15,7 +16,7 @@ KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 s
IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads winssl zstd"
IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_winssl"
IUSE+=" nghttp3 quiche"
IUSE+=" elibc_Winnt"
VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc
# c-ares must be disabled for threads
# only one default ssl provider can be enabled
@ -35,7 +36,7 @@ REQUIRED_USE="
# lead to lots of false negatives, bug #285669
RESTRICT="!test? ( test )"
RDEPEND="ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] )
RDEPEND="ldap? ( net-nds/openldap:=[${MULTILIB_USEDEP}] )
brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] )
ssl? (
gnutls? (
@ -80,11 +81,13 @@ RDEPEND="ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] )
# fbopenssl $(use_with spnego)
DEPEND="${RDEPEND}"
BDEPEND="virtual/pkgconfig
BDEPEND="dev-lang/perl
virtual/pkgconfig
test? (
sys-apps/diffutils
dev-lang/perl
)"
)
verify-sig? ( sec-keys/openpgp-keys-danielstenberg )"
DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} )
@ -185,7 +188,7 @@ multilib_src_configure() {
$(use_enable imap)
$(use_enable ldap)
$(use_enable ldap ldaps)
--disable-ntlm
--enable-ntlm
--disable-ntlm-wb
$(use_enable pop3)
--enable-rt

40
sdk_container/src/third_party/portage-stable/net-misc/curl/curl-7.78.0-r3.ebuild → sdk_container/src/third_party/portage-stable/net-misc/curl/curl-7.80.0-r1.ebuild vendored
View File

@ -1,26 +1,26 @@
# Copyright 1999-2021 Gentoo Authors
# Copyright 1999-2022 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI="7"
inherit autotools prefix multilib-minimal
inherit autotools prefix multilib-minimal verify-sig
DESCRIPTION="A Client that groks URLs"
HOMEPAGE="https://curl.haxx.se/"
SRC_URI="https://curl.haxx.se/download/${P}.tar.xz"
SRC_URI="https://curl.haxx.se/download/${P}.tar.xz
verify-sig? ( https://curl.haxx.se/download/${P}.tar.xz.asc )"
LICENSE="curl"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads winssl zstd"
IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_winssl"
IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads zstd"
IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl"
IUSE+=" nghttp3 quiche"
IUSE+=" elibc_Winnt"
VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc
# c-ares must be disabled for threads
# only one default ssl provider can be enabled
REQUIRED_USE="
winssl? ( elibc_Winnt )
threads? ( !adns )
ssl? (
^^ (
@ -28,14 +28,13 @@ REQUIRED_USE="
curl_ssl_mbedtls
curl_ssl_nss
curl_ssl_openssl
curl_ssl_winssl
)
)"
# lead to lots of false negatives, bug #285669
RESTRICT="!test? ( test )"
RDEPEND="ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] )
RDEPEND="ldap? ( net-nds/openldap:=[${MULTILIB_USEDEP}] )
brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] )
ssl? (
gnutls? (
@ -76,15 +75,13 @@ RDEPEND="ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] )
# curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,ssl] )
# )
# ssl providers to be added:
# fbopenssl $(use_with spnego)
DEPEND="${RDEPEND}"
BDEPEND="virtual/pkgconfig
BDEPEND="dev-lang/perl
virtual/pkgconfig
test? (
sys-apps/diffutils
dev-lang/perl
)"
)
verify-sig? ( sec-keys/openpgp-keys-danielstenberg )"
DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} )
@ -114,7 +111,7 @@ multilib_src_configure() {
# TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/)
local myconf=()
myconf+=( --without-gnutls --without-mbedtls --without-nss --without-polarssl --without-ssl --without-winssl )
myconf+=( --without-gnutls --without-mbedtls --without-nss --without-ssl )
myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt )
#myconf+=( --without-default-ssl-backend )
if use ssl ; then
@ -134,10 +131,6 @@ multilib_src_configure() {
einfo "SSL provided by openssl"
myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )
fi
if use winssl || use curl_ssl_winssl; then
einfo "SSL provided by Windows"
myconf+=( --with-winssl )
fi
if use curl_ssl_gnutls; then
einfo "Default SSL provided by gnutls"
@ -151,9 +144,6 @@ multilib_src_configure() {
elif use curl_ssl_openssl; then
einfo "Default SSL provided by openssl"
myconf+=( --with-default-ssl-backend=openssl )
elif use curl_ssl_winssl; then
einfo "Default SSL provided by Windows"
myconf+=( --with-default-ssl-backend=winssl )
else
eerror "We can't be here because of REQUIRED_USE."
fi
@ -201,7 +191,7 @@ multilib_src_configure() {
--enable-dateparse
--enable-dnsshuffle
--enable-doh
--enable-hidden-symbols
--enable-symbol-hiding
--enable-http-auth
$(use_enable ipv6)
--enable-largefile
@ -218,7 +208,6 @@ multilib_src_configure() {
--without-amissl
--without-bearssl
$(use_with brotli)
--without-cyassl
--without-fish-functions-dir
$(use_with http2 nghttp2)
--without-hyper
@ -233,7 +222,6 @@ multilib_src_configure() {
--without-rustls
--without-schannel
--without-secure-transport
--without-spnego
--without-winidn
--without-wolfssl
--with-zlib

45
sdk_container/src/third_party/portage-stable/net-misc/curl/curl-7.79.0.ebuild → sdk_container/src/third_party/portage-stable/net-misc/curl/curl-7.81.0-r1.ebuild vendored
View File

@ -1,26 +1,26 @@
# Copyright 1999-2021 Gentoo Authors
# Copyright 1999-2022 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI="7"
EAPI="8"
inherit autotools prefix multilib-minimal
inherit autotools prefix multilib-minimal verify-sig
DESCRIPTION="A Client that groks URLs"
HOMEPAGE="https://curl.haxx.se/"
SRC_URI="https://curl.haxx.se/download/${P}.tar.xz"
SRC_URI="https://curl.haxx.se/download/${P}.tar.xz
verify-sig? ( https://curl.haxx.se/download/${P}.tar.xz.asc )"
LICENSE="curl"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads winssl zstd"
IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_winssl"
IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads zstd"
IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl"
IUSE+=" nghttp3 quiche"
IUSE+=" elibc_Winnt"
VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc
# c-ares must be disabled for threads
# only one default ssl provider can be enabled
REQUIRED_USE="
winssl? ( elibc_Winnt )
threads? ( !adns )
ssl? (
^^ (
@ -28,14 +28,13 @@ REQUIRED_USE="
curl_ssl_mbedtls
curl_ssl_nss
curl_ssl_openssl
curl_ssl_winssl
)
)"
# lead to lots of false negatives, bug #285669
RESTRICT="!test? ( test )"
RDEPEND="ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] )
RDEPEND="ldap? ( net-nds/openldap:=[${MULTILIB_USEDEP}] )
brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] )
ssl? (
gnutls? (
@ -76,15 +75,13 @@ RDEPEND="ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] )
# curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,ssl] )
# )
# ssl providers to be added:
# fbopenssl $(use_with spnego)
DEPEND="${RDEPEND}"
BDEPEND="virtual/pkgconfig
BDEPEND="dev-lang/perl
virtual/pkgconfig
test? (
sys-apps/diffutils
dev-lang/perl
)"
)
verify-sig? ( sec-keys/openpgp-keys-danielstenberg )"
DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} )
@ -99,9 +96,6 @@ MULTILIB_CHOST_TOOLS=(
PATCHES=(
"${FILESDIR}"/${PN}-7.30.0-prefix.patch
"${FILESDIR}"/${PN}-respect-cflags-3.patch
# Backported patches to 7.79.0
"${FILESDIR}"/${P}-http2-connection-data.patch
"${FILESDIR}"/${P}-http-3digit-response-code.patch
)
src_prepare() {
@ -117,7 +111,7 @@ multilib_src_configure() {
# TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/)
local myconf=()
myconf+=( --without-gnutls --without-mbedtls --without-nss --without-polarssl --without-ssl --without-winssl )
myconf+=( --without-gnutls --without-mbedtls --without-nss --without-ssl )
myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt )
#myconf+=( --without-default-ssl-backend )
if use ssl ; then
@ -137,10 +131,6 @@ multilib_src_configure() {
einfo "SSL provided by openssl"
myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )
fi
if use winssl || use curl_ssl_winssl; then
einfo "SSL provided by Windows"
myconf+=( --with-winssl )
fi
if use curl_ssl_gnutls; then
einfo "Default SSL provided by gnutls"
@ -154,9 +144,6 @@ multilib_src_configure() {
elif use curl_ssl_openssl; then
einfo "Default SSL provided by openssl"
myconf+=( --with-default-ssl-backend=openssl )
elif use curl_ssl_winssl; then
einfo "Default SSL provided by Windows"
myconf+=( --with-default-ssl-backend=winssl )
else
eerror "We can't be here because of REQUIRED_USE."
fi
@ -204,7 +191,7 @@ multilib_src_configure() {
--enable-dateparse
--enable-dnsshuffle
--enable-doh
--enable-hidden-symbols
--enable-symbol-hiding
--enable-http-auth
$(use_enable ipv6)
--enable-largefile
@ -221,7 +208,6 @@ multilib_src_configure() {
--without-amissl
--without-bearssl
$(use_with brotli)
--without-cyassl
--without-fish-functions-dir
$(use_with http2 nghttp2)
--without-hyper
@ -236,7 +222,6 @@ multilib_src_configure() {
--without-rustls
--without-schannel
--without-secure-transport
--without-spnego
--without-winidn
--without-wolfssl
--with-zlib

47
sdk_container/src/third_party/portage-stable/net-misc/curl/curl-7.79.1.ebuild → sdk_container/src/third_party/portage-stable/net-misc/curl/curl-7.82.0-r2.ebuild vendored
View File

@ -1,26 +1,26 @@
# Copyright 1999-2021 Gentoo Authors
# Copyright 1999-2022 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI="7"
EAPI="8"
inherit autotools prefix multilib-minimal
inherit autotools prefix multilib-minimal verify-sig
DESCRIPTION="A Client that groks URLs"
HOMEPAGE="https://curl.haxx.se/"
SRC_URI="https://curl.haxx.se/download/${P}.tar.xz"
SRC_URI="https://curl.haxx.se/download/${P}.tar.xz
verify-sig? ( https://curl.haxx.se/download/${P}.tar.xz.asc )"
LICENSE="curl"
SLOT="0"
KEYWORDS="~alpha amd64 ~arm ~arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads winssl zstd"
IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_winssl"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads zstd"
IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl"
IUSE+=" nghttp3 quiche"
IUSE+=" elibc_Winnt"
VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc
# c-ares must be disabled for threads
# only one default ssl provider can be enabled
REQUIRED_USE="
winssl? ( elibc_Winnt )
threads? ( !adns )
ssl? (
^^ (
@ -28,14 +28,13 @@ REQUIRED_USE="
curl_ssl_mbedtls
curl_ssl_nss
curl_ssl_openssl
curl_ssl_winssl
)
)"
# lead to lots of false negatives, bug #285669
RESTRICT="!test? ( test )"
RDEPEND="ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] )
RDEPEND="ldap? ( net-nds/openldap:=[${MULTILIB_USEDEP}] )
brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] )
ssl? (
gnutls? (
@ -76,15 +75,13 @@ RDEPEND="ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] )
# curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,ssl] )
# )
# ssl providers to be added:
# fbopenssl $(use_with spnego)
DEPEND="${RDEPEND}"
BDEPEND="virtual/pkgconfig
BDEPEND="dev-lang/perl
virtual/pkgconfig
test? (
sys-apps/diffutils
dev-lang/perl
)"
)
verify-sig? ( sec-keys/openpgp-keys-danielstenberg )"
DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} )
@ -99,6 +96,7 @@ MULTILIB_CHOST_TOOLS=(
PATCHES=(
"${FILESDIR}"/${PN}-7.30.0-prefix.patch
"${FILESDIR}"/${PN}-respect-cflags-3.patch
"${FILESDIR}"/${P}-certs-processing.patch
)
src_prepare() {
@ -114,7 +112,7 @@ multilib_src_configure() {
# TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/)
local myconf=()
myconf+=( --without-gnutls --without-mbedtls --without-nss --without-polarssl --without-ssl --without-winssl )
myconf+=( --without-gnutls --without-mbedtls --without-nss --without-ssl )
myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt )
#myconf+=( --without-default-ssl-backend )
if use ssl ; then
@ -128,16 +126,12 @@ multilib_src_configure() {
fi
if use nss || use curl_ssl_nss; then
einfo "SSL provided by nss"
myconf+=( --with-nss )
myconf+=( --with-nss --with-nss-deprecated )
fi
if use openssl || use curl_ssl_openssl; then
einfo "SSL provided by openssl"
myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )
fi
if use winssl || use curl_ssl_winssl; then
einfo "SSL provided by Windows"
myconf+=( --with-winssl )
fi
if use curl_ssl_gnutls; then
einfo "Default SSL provided by gnutls"
@ -151,9 +145,6 @@ multilib_src_configure() {
elif use curl_ssl_openssl; then
einfo "Default SSL provided by openssl"
myconf+=( --with-default-ssl-backend=openssl )
elif use curl_ssl_winssl; then
einfo "Default SSL provided by Windows"
myconf+=( --with-default-ssl-backend=winssl )
else
eerror "We can't be here because of REQUIRED_USE."
fi
@ -201,7 +192,7 @@ multilib_src_configure() {
--enable-dateparse
--enable-dnsshuffle
--enable-doh
--enable-hidden-symbols
--enable-symbol-hiding
--enable-http-auth
$(use_enable ipv6)
--enable-largefile
@ -218,7 +209,6 @@ multilib_src_configure() {
--without-amissl
--without-bearssl
$(use_with brotli)
--without-cyassl
--without-fish-functions-dir
$(use_with http2 nghttp2)
--without-hyper
@ -233,7 +223,6 @@ multilib_src_configure() {
--without-rustls
--without-schannel
--without-secure-transport
--without-spnego
--without-winidn
--without-wolfssl
--with-zlib

290
sdk_container/src/third_party/portage-stable/net-misc/curl/curl-7.83.0.ebuild vendored Normal file
View File

@ -0,0 +1,290 @@
# Copyright 1999-2022 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI="8"
inherit autotools prefix multilib-minimal verify-sig
DESCRIPTION="A Client that groks URLs"
HOMEPAGE="https://curl.haxx.se/"
SRC_URI="https://curl.haxx.se/download/${P}.tar.xz
verify-sig? ( https://curl.haxx.se/download/${P}.tar.xz.asc )"
LICENSE="curl"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads zstd"
IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl"
IUSE+=" nghttp3 quiche"
VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc
# c-ares must be disabled for threads
# only one default ssl provider can be enabled
REQUIRED_USE="
threads? ( !adns )
ssl? (
^^ (
curl_ssl_gnutls
curl_ssl_mbedtls
curl_ssl_nss
curl_ssl_openssl
)
)"
# lead to lots of false negatives, bug #285669
RESTRICT="!test? ( test )"
RDEPEND="ldap? ( net-nds/openldap:=[${MULTILIB_USEDEP}] )
brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] )
ssl? (
gnutls? (
net-libs/gnutls:0=[static-libs?,${MULTILIB_USEDEP}]
dev-libs/nettle:0=[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
mbedtls? (
net-libs/mbedtls:0=[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
openssl? (
dev-libs/openssl:0=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}]
)
nss? (
dev-libs/nss:0[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
)
http2? ( net-libs/nghttp2:=[${MULTILIB_USEDEP}] )
nghttp3? (
net-libs/nghttp3[${MULTILIB_USEDEP}]
net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}]
)
quiche? ( >=net-libs/quiche-0.3.0[${MULTILIB_USEDEP}] )
idn? ( net-dns/libidn2:0=[static-libs?,${MULTILIB_USEDEP}] )
adns? ( net-dns/c-ares:0=[${MULTILIB_USEDEP}] )
kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] )
ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] )
sys-libs/zlib[${MULTILIB_USEDEP}]
zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )"
# Do we need to enforce the same ssl backend for curl and rtmpdump? Bug #423303
# rtmp? (
# media-video/rtmpdump
# curl_ssl_gnutls? ( media-video/rtmpdump[gnutls] )
# curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,ssl] )
# )
DEPEND="${RDEPEND}"
BDEPEND="dev-lang/perl
virtual/pkgconfig
test? (
sys-apps/diffutils
)
verify-sig? ( sec-keys/openpgp-keys-danielstenberg )"
DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} )
MULTILIB_WRAPPED_HEADERS=(
/usr/include/curl/curlbuild.h
)
MULTILIB_CHOST_TOOLS=(
/usr/bin/curl-config
)
PATCHES=(
"${FILESDIR}"/${PN}-7.30.0-prefix.patch
"${FILESDIR}"/${PN}-respect-cflags-3.patch
# Bug 842780, fixed upstream, drop on next version bump
"${FILESDIR}"/${P}-http2.patch
)
src_prepare() {
default
eprefixify curl-config.in
eautoreconf
}
multilib_src_configure() {
# We make use of the fact that later flags override earlier ones
# So start with all ssl providers off until proven otherwise
# TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/)
local myconf=()
myconf+=( --without-gnutls --without-mbedtls --without-nss --without-ssl )
myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt )
#myconf+=( --without-default-ssl-backend )
if use ssl ; then
if use gnutls || use curl_ssl_gnutls; then
einfo "SSL provided by gnutls"
myconf+=( --with-gnutls --with-nettle )
fi
if use mbedtls || use curl_ssl_mbedtls; then
einfo "SSL provided by mbedtls"
myconf+=( --with-mbedtls )
fi
if use nss || use curl_ssl_nss; then
einfo "SSL provided by nss"
myconf+=( --with-nss --with-nss-deprecated )
fi
if use openssl || use curl_ssl_openssl; then
einfo "SSL provided by openssl"
myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )
fi
if use curl_ssl_gnutls; then
einfo "Default SSL provided by gnutls"
myconf+=( --with-default-ssl-backend=gnutls )
elif use curl_ssl_mbedtls; then
einfo "Default SSL provided by mbedtls"
myconf+=( --with-default-ssl-backend=mbedtls )
elif use curl_ssl_nss; then
einfo "Default SSL provided by nss"
myconf+=( --with-default-ssl-backend=nss )
elif use curl_ssl_openssl; then
einfo "Default SSL provided by openssl"
myconf+=( --with-default-ssl-backend=openssl )
else
eerror "We can't be here because of REQUIRED_USE."
fi
else
einfo "SSL disabled"
fi
# These configuration options are organized alphabetically
# within each category. This should make it easier if we
# ever decide to make any of them contingent on USE flags:
# 1) protocols first. To see them all do
# 'grep SUPPORT_PROTOCOLS configure.ac'
# 2) --enable/disable options second.
# 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort
# 3) --with/without options third.
# grep -- --with configure | grep Check | awk '{ print $4 }' | sort
myconf+=(
$(use_enable alt-svc)
--enable-crypto-auth
--enable-dict
--disable-ech
--enable-file
$(use_enable ftp)
$(use_enable gopher)
$(use_enable hsts)
--enable-http
$(use_enable imap)
$(use_enable ldap)
$(use_enable ldap ldaps)
--enable-ntlm
--disable-ntlm-wb
$(use_enable pop3)
--enable-rt
--enable-rtsp
$(use_enable samba smb)
$(use_with ssh libssh2)
$(use_enable smtp)
$(use_enable telnet)
$(use_enable tftp)
--enable-tls-srp
$(use_enable adns ares)
--enable-cookies
--enable-dateparse
--enable-dnsshuffle
--enable-doh
--enable-symbol-hiding
--enable-http-auth
$(use_enable ipv6)
--enable-largefile
--enable-manual
--enable-mime
--enable-netrc
$(use_enable progress-meter)
--enable-proxy
--disable-sspi
$(use_enable static-libs static)
$(use_enable threads threaded-resolver)
$(use_enable threads pthreads)
--disable-versioned-symbols
--without-amissl
--without-bearssl
$(use_with brotli)
--without-fish-functions-dir
$(use_with http2 nghttp2)
--without-hyper
$(use_with idn libidn2)
$(use_with kerberos gssapi "${EPREFIX}"/usr)
--without-libgsasl
--without-libpsl
--without-msh3
$(use_with nghttp3)
$(use_with nghttp3 ngtcp2)
$(use_with quiche)
$(use_with rtmp librtmp)
--without-rustls
--without-schannel
--without-secure-transport
--without-winidn
--without-wolfssl
--with-zlib
$(use_with zstd)
)
ECONF_SOURCE="${S}" \
econf "${myconf[@]}"
if ! multilib_is_native_abi; then
# avoid building the client
sed -i -e '/SUBDIRS/s:src::' Makefile || die
sed -i -e '/SUBDIRS/s:scripts::' Makefile || die
fi
# Fix up the pkg-config file to be more robust.
# https://github.com/curl/curl/issues/864
local priv=() libs=()
# We always enable zlib.
libs+=( "-lz" )
priv+=( "zlib" )
if use http2; then
libs+=( "-lnghttp2" )
priv+=( "libnghttp2" )
fi
if use quiche; then
libs+=( "-lquiche" )
priv+=( "quiche" )
fi
if use nghttp3; then
libs+=( "-lnghttp3" "-lngtcp2" )
priv+=( "libnghttp3" "-libtcp2" )
fi
if use ssl && use curl_ssl_openssl; then
libs+=( "-lssl" "-lcrypto" )
priv+=( "openssl" )
fi
grep -q Requires.private libcurl.pc && die "need to update ebuild"
libs=$(printf '|%s' "${libs[@]}")
sed -i -r \
-e "/^Libs.private/s:(${libs#|})( |$)::g" \
libcurl.pc || die
echo "Requires.private: ${priv[*]}" >> libcurl.pc
}
multilib_src_test() {
# See https://github.com/curl/curl/blob/master/tests/runtests.pl#L5721
# -n: no valgrind (unreliable in sandbox and doesn't work correctly on all arches)
# -v: verbose
# -a: keep going on failure (so we see everything which breaks, not just 1st test)
# -k: keep test files after completion
# -am: automake style TAP output
# -p: print logs if test fails
# Note: if needed, we can disable tests. See e.g. Fedora's packaging
# or just read https://github.com/curl/curl/tree/master/tests#run.
multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p"
}
multilib_src_install_all() {
einstalldocs
find "${ED}" -type f -name '*.la' -delete || die
rm -rf "${ED}"/etc/ || die
}

288
sdk_container/src/third_party/portage-stable/net-misc/curl/curl-7.83.1.ebuild vendored Normal file
View File

@ -0,0 +1,288 @@
# Copyright 1999-2022 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI="8"
inherit autotools prefix multilib-minimal verify-sig
DESCRIPTION="A Client that groks URLs"
HOMEPAGE="https://curl.haxx.se/"
SRC_URI="https://curl.haxx.se/download/${P}.tar.xz
verify-sig? ( https://curl.haxx.se/download/${P}.tar.xz.asc )"
LICENSE="curl"
SLOT="0"
KEYWORDS="~alpha amd64 arm ~arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads zstd"
IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl"
IUSE+=" nghttp3 quiche"
VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc
# c-ares must be disabled for threads
# only one default ssl provider can be enabled
REQUIRED_USE="
threads? ( !adns )
ssl? (
^^ (
curl_ssl_gnutls
curl_ssl_mbedtls
curl_ssl_nss
curl_ssl_openssl
)
)"
# lead to lots of false negatives, bug #285669
RESTRICT="!test? ( test )"
RDEPEND="ldap? ( net-nds/openldap:=[${MULTILIB_USEDEP}] )
brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] )
ssl? (
gnutls? (
net-libs/gnutls:0=[static-libs?,${MULTILIB_USEDEP}]
dev-libs/nettle:0=[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
mbedtls? (
net-libs/mbedtls:0=[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
openssl? (
dev-libs/openssl:0=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}]
)
nss? (
dev-libs/nss:0[${MULTILIB_USEDEP}]
app-misc/ca-certificates
)
)
http2? ( net-libs/nghttp2:=[${MULTILIB_USEDEP}] )
nghttp3? (
net-libs/nghttp3[${MULTILIB_USEDEP}]
net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}]
)
quiche? ( >=net-libs/quiche-0.3.0[${MULTILIB_USEDEP}] )
idn? ( net-dns/libidn2:0=[static-libs?,${MULTILIB_USEDEP}] )
adns? ( net-dns/c-ares:0=[${MULTILIB_USEDEP}] )
kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] )
ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] )
sys-libs/zlib[${MULTILIB_USEDEP}]
zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )"
# Do we need to enforce the same ssl backend for curl and rtmpdump? Bug #423303
# rtmp? (
# media-video/rtmpdump
# curl_ssl_gnutls? ( media-video/rtmpdump[gnutls] )
# curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,ssl] )
# )
DEPEND="${RDEPEND}"
BDEPEND="dev-lang/perl
virtual/pkgconfig
test? (
sys-apps/diffutils
)
verify-sig? ( sec-keys/openpgp-keys-danielstenberg )"
DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} )
MULTILIB_WRAPPED_HEADERS=(
/usr/include/curl/curlbuild.h
)
MULTILIB_CHOST_TOOLS=(
/usr/bin/curl-config
)
PATCHES=(
"${FILESDIR}"/${PN}-7.30.0-prefix.patch
"${FILESDIR}"/${PN}-respect-cflags-3.patch
)
src_prepare() {
default
eprefixify curl-config.in
eautoreconf
}
multilib_src_configure() {
# We make use of the fact that later flags override earlier ones
# So start with all ssl providers off until proven otherwise
# TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/)
local myconf=()
myconf+=( --without-gnutls --without-mbedtls --without-nss --without-ssl )
myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt )
#myconf+=( --without-default-ssl-backend )
if use ssl ; then
if use gnutls || use curl_ssl_gnutls; then
einfo "SSL provided by gnutls"
myconf+=( --with-gnutls --with-nettle )
fi
if use mbedtls || use curl_ssl_mbedtls; then
einfo "SSL provided by mbedtls"
myconf+=( --with-mbedtls )
fi
if use nss || use curl_ssl_nss; then
einfo "SSL provided by nss"
myconf+=( --with-nss --with-nss-deprecated )
fi
if use openssl || use curl_ssl_openssl; then
einfo "SSL provided by openssl"
myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )
fi
if use curl_ssl_gnutls; then
einfo "Default SSL provided by gnutls"
myconf+=( --with-default-ssl-backend=gnutls )
elif use curl_ssl_mbedtls; then
einfo "Default SSL provided by mbedtls"
myconf+=( --with-default-ssl-backend=mbedtls )
elif use curl_ssl_nss; then
einfo "Default SSL provided by nss"
myconf+=( --with-default-ssl-backend=nss )
elif use curl_ssl_openssl; then
einfo "Default SSL provided by openssl"
myconf+=( --with-default-ssl-backend=openssl )
else
eerror "We can't be here because of REQUIRED_USE."
fi
else
einfo "SSL disabled"
fi
# These configuration options are organized alphabetically
# within each category. This should make it easier if we
# ever decide to make any of them contingent on USE flags:
# 1) protocols first. To see them all do
# 'grep SUPPORT_PROTOCOLS configure.ac'
# 2) --enable/disable options second.
# 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort
# 3) --with/without options third.
# grep -- --with configure | grep Check | awk '{ print $4 }' | sort
myconf+=(
$(use_enable alt-svc)
--enable-crypto-auth
--enable-dict
--disable-ech
--enable-file
$(use_enable ftp)
$(use_enable gopher)
$(use_enable hsts)
--enable-http
$(use_enable imap)
$(use_enable ldap)
$(use_enable ldap ldaps)
--enable-ntlm
--disable-ntlm-wb
$(use_enable pop3)
--enable-rt
--enable-rtsp
$(use_enable samba smb)
$(use_with ssh libssh2)
$(use_enable smtp)
$(use_enable telnet)
$(use_enable tftp)
--enable-tls-srp
$(use_enable adns ares)
--enable-cookies
--enable-dateparse
--enable-dnsshuffle
--enable-doh
--enable-symbol-hiding
--enable-http-auth
$(use_enable ipv6)
--enable-largefile
--enable-manual
--enable-mime
--enable-netrc
$(use_enable progress-meter)
--enable-proxy
--disable-sspi
$(use_enable static-libs static)
$(use_enable threads threaded-resolver)
$(use_enable threads pthreads)
--disable-versioned-symbols
--without-amissl
--without-bearssl
$(use_with brotli)
--without-fish-functions-dir
$(use_with http2 nghttp2)
--without-hyper
$(use_with idn libidn2)
$(use_with kerberos gssapi "${EPREFIX}"/usr)
--without-libgsasl
--without-libpsl
--without-msh3
$(use_with nghttp3)
$(use_with nghttp3 ngtcp2)
$(use_with quiche)
$(use_with rtmp librtmp)
--without-rustls
--without-schannel
--without-secure-transport
--without-winidn
--without-wolfssl
--with-zlib
$(use_with zstd)
)
ECONF_SOURCE="${S}" \
econf "${myconf[@]}"
if ! multilib_is_native_abi; then
# avoid building the client
sed -i -e '/SUBDIRS/s:src::' Makefile || die
sed -i -e '/SUBDIRS/s:scripts::' Makefile || die
fi
# Fix up the pkg-config file to be more robust.
# https://github.com/curl/curl/issues/864
local priv=() libs=()
# We always enable zlib.
libs+=( "-lz" )
priv+=( "zlib" )
if use http2; then
libs+=( "-lnghttp2" )
priv+=( "libnghttp2" )
fi
if use quiche; then
libs+=( "-lquiche" )
priv+=( "quiche" )
fi
if use nghttp3; then
libs+=( "-lnghttp3" "-lngtcp2" )
priv+=( "libnghttp3" "-libtcp2" )
fi
if use ssl && use curl_ssl_openssl; then
libs+=( "-lssl" "-lcrypto" )
priv+=( "openssl" )
fi
grep -q Requires.private libcurl.pc && die "need to update ebuild"
libs=$(printf '|%s' "${libs[@]}")
sed -i -r \
-e "/^Libs.private/s:(${libs#|})( |$)::g" \
libcurl.pc || die
echo "Requires.private: ${priv[*]}" >> libcurl.pc
}
multilib_src_test() {
# See https://github.com/curl/curl/blob/master/tests/runtests.pl#L5721
# -n: no valgrind (unreliable in sandbox and doesn't work correctly on all arches)
# -v: verbose
# -a: keep going on failure (so we see everything which breaks, not just 1st test)
# -k: keep test files after completion
# -am: automake style TAP output
# -p: print logs if test fails
# Note: if needed, we can disable tests. See e.g. Fedora's packaging
# or just read https://github.com/curl/curl/tree/master/tests#run.
multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p"
}
multilib_src_install_all() {
einstalldocs
find "${ED}" -type f -name '*.la' -delete || die
rm -rf "${ED}"/etc/ || die
}

47
sdk_container/src/third_party/portage-stable/net-misc/curl/files/curl-7.79.0-http-3digit-response-code.patch vendored
View File

@ -1,47 +0,0 @@
https://github.com/curl/curl/commit/beb8990d934a01acf103871e463d4e61afc9ded2
From: Daniel Stenberg <daniel@haxx.se>
Date: Fri, 17 Sep 2021 16:31:25 +0200
Subject: [PATCH] http: fix the broken >3 digit response code detection
When the "reason phrase" in the HTTP status line starts with a digit,
that was treated as the forth response code digit and curl would claim
the response to be non-compliant.
Added test 1466 to verify this case.
Regression brought by 5dc594e44f73b17
Reported-by: Glenn de boer
Fixes #7738
Closes #7739
--- a/lib/http.c
+++ b/lib/http.c
@@ -4232,9 +4232,9 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data,
char separator;
char twoorthree[2];
int httpversion = 0;
- int digit4 = -1; /* should remain untouched to be good */
+ char digit4 = 0;
nc = sscanf(HEADER1,
- " HTTP/%1d.%1d%c%3d%1d",
+ " HTTP/%1d.%1d%c%3d%c",
&httpversion_major,
&httpversion,
&separator,
@@ -4250,13 +4250,13 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data,
/* There can only be a 4th response code digit stored in 'digit4' if
all the other fields were parsed and stored first, so nc is 5 when
- digit4 is not -1 */
- else if(digit4 != -1) {
+ digit4 a digit */
+ else if(ISDIGIT(digit4)) {
failf(data, "Unsupported response code in HTTP response");
return CURLE_UNSUPPORTED_PROTOCOL;
}
- if((nc == 4) && (' ' == separator)) {
+ if((nc >= 4) && (' ' == separator)) {
httpversion += 10 * httpversion_major;
switch(httpversion) {
case 10:

43
sdk_container/src/third_party/portage-stable/net-misc/curl/files/curl-7.79.0-http2-connection-data.patch vendored
View File

@ -1,43 +0,0 @@
https://github.com/curl/curl/commit/901804ef95777b8e735a55b77f8dd630a58c575b
From: Daniel Stenberg <daniel@haxx.se>
Date: Thu, 16 Sep 2021 08:50:54 +0200
Subject: [PATCH] Curl_http2_setup: don't change connection data on repeat
invokes
Regression from 3cb8a748670ab88c (releasde in 7.79.0). That change moved
transfer oriented inits to before the check but also erroneously moved a
few connection oriented ones, which causes problems.
Reported-by: Evangelos Foutras
Fixes #7730
Closes #7731
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -2221,12 +2221,6 @@ CURLcode Curl_http2_setup(struct Curl_easy *data,
stream->mem = data->state.buffer;
stream->len = data->set.buffer_size;
- httpc->inbuflen = 0;
- httpc->nread_inbuf = 0;
-
- httpc->pause_stream_id = 0;
- httpc->drain_total = 0;
-
multi_connchanged(data->multi);
/* below this point only connection related inits are done, which only needs
to be done once per connection */
@@ -2252,6 +2246,12 @@ CURLcode Curl_http2_setup(struct Curl_easy *data,
conn->httpversion = 20;
conn->bundle->multiuse = BUNDLE_MULTIPLEX;
+ httpc->inbuflen = 0;
+ httpc->nread_inbuf = 0;
+
+ httpc->pause_stream_id = 0;
+ httpc->drain_total = 0;
+
infof(data, "Connection state changed (HTTP/2 confirmed)");
return CURLE_OK;

27
sdk_container/src/third_party/portage-stable/net-misc/curl/files/curl-7.82.0-certs-processing.patch vendored Normal file
View File

@ -0,0 +1,27 @@
https://github.com/curl/curl/issues/8559
https://bugs.gentoo.org/836629
From 911714d617c106ed5d553bf003e34ec94ab6a136 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Tue, 8 Mar 2022 13:38:13 +0100
Subject: [PATCH] openssl: fix CN check error code
Due to a missing 'else' this returns error too easily.
Regressed in: d15692ebb
Reported-by: Kristoffer Gleditsch
Fixes #8559
Closes #8560
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -1817,7 +1817,8 @@ CURLcode Curl_ossl_verifyhost(struct Curl_easy *data, struct connectdata *conn,
memcpy(peer_CN, ASN1_STRING_get0_data(tmp), peerlen);
peer_CN[peerlen] = '\0';
}
- result = CURLE_OUT_OF_MEMORY;
+ else
+ result = CURLE_OUT_OF_MEMORY;
}
}
else /* not a UTF8 name */

30
sdk_container/src/third_party/portage-stable/net-misc/curl/files/curl-7.83.0-http2.patch vendored Normal file
View File

@ -0,0 +1,30 @@
Bug: https://bugs.gentoo.org/842780, https://github.com/curl/curl/pull/8768
https://github.com/curl/curl/commit/6eb7fb37d901ed1e4ce07cbd628ee11bf02db1f3
From 6eb7fb37d901ed1e4ce07cbd628ee11bf02db1f3 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Thu, 28 Apr 2022 17:11:50 +0200
Subject: [PATCH] mbedtls: fix compile when h2-enabled
Fixes #8766
Reported-by: LigH-de on github
Closes #8768
---
lib/vtls/mbedtls.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c
index 64f57c5d8321..5f9b87e6b75b 100644
--- a/lib/vtls/mbedtls.c
+++ b/lib/vtls/mbedtls.c
@@ -815,8 +815,8 @@ mbed_connect_step2(struct Curl_easy *data, struct connectdata *conn,
if(next_protocol) {
infof(data, VTLS_INFOF_ALPN_ACCEPTED_1STR, next_protocol);
#ifdef USE_HTTP2
- if(!strncmp(next_protocol, ALPN_H2, ALPN_H2_LEN) &&
- !next_protocol[ALPN_H2_LEN]) {
+ if(!strncmp(next_protocol, ALPN_H2, ALPN_H2_LENGTH) &&
+ !next_protocol[ALPN_H2_LENGTH]) {
conn->negnpn = CURL_HTTP_VERSION_2;
}
else