commit: 3a6aaa3e0ff967d2cb28b87dde7459845aa10269 Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> AuthorDate: Tue May 25 01:55:58 2021 +0000 Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> CommitDate: Tue May 25 01:55:58 2021 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3a6aaa3e
net-misc/curl: security cleanup Bug: https://bugs.gentoo.org/779535 Package-Manager: Portage-3.0.18, Repoman-3.0.3 Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org> net-misc/curl/Manifest | 3 - net-misc/curl/curl-7.74.0-r2.ebuild | 286 ----------------------------------- net-misc/curl/curl-7.74.0-r4.ebuild | 289 ----------------------------------- net-misc/curl/curl-7.75.0.ebuild | 290 ----------------------------------- net-misc/curl/curl-7.76.0.ebuild | 291 ------------------------------------ 5 files changed, 1159 deletions(-) diff --git a/net-misc/curl/Manifest b/net-misc/curl/Manifest index 79073dc330e..4c03138de9e 100644 --- a/net-misc/curl/Manifest +++ b/net-misc/curl/Manifest @@ -1,4 +1 @@ -DIST curl-7.74.0.tar.xz 2400972 BLAKE2B bef9e01493994afc933549a78b41065708aeaa9f6f5cdd1dbf2f43bbb03bbc97b17308b8bda5f11599c3cc0c6c77903e6fa6f1310ff874fad902a59566b51e8a SHA512 5d987f0b4d051c9e254f14d4e2a05f7cda9fb0f0ac7b3ca3664a25a51ee5ffe092ee072c0d9a613fcd3f34727d75bba14b70f5500cb110ca818591e071c3e6f4 -DIST curl-7.75.0.tar.xz 2418816 BLAKE2B 74889ede1b57a6685eef0f504d4c261c0b271b36ab3290bfc895efe9a6fffe4bfd433eaae438cd2b54a920671a2ebc2ca5e73bd88f6be40b4f46ef281028f1d8 SHA512 4c2fc6658379b8b93dd50665b70f3000b63d3bcafd2df60b7e651a8edf4735b3decb06c338b84cb22058191aa9f8f4dc85760a42f9987210b59300758304b746 -DIST curl-7.76.0.tar.xz 2428552 BLAKE2B 7c02bbd3c86a5de38990f7ef63e92804fc02977bf34eb4372e7ac95aa091689094193bcf58e30d76114341f930777787cbfbbf83f02c5037f7ac7599296a6735 SHA512 a67e5078b48150c6f5331e76b25a6b197f1e916be1db900bf9455b032b3af5a71610b47e607546ecbae510d196a0cfcb75a14dac549288797af1701b7b587ece DIST curl-7.76.1.tar.xz 2427636 BLAKE2B 56452871fbd998f0c9a5af86b3853ed1dfc956c39380e5da472b4f382db45926ac3aa9e395ae7d2812aac0f0f29bee28343218810a169beb592c5224e0a4f018 SHA512 5fe85d2e776789aa8117c57fe7648e375b7fa92d5ead5d69855f19ca9a2624d77a1f9ab91766ecb72bbc17e82862248cd07e48917884d6fd856b93fb00d83e28 diff --git a/net-misc/curl/curl-7.74.0-r2.ebuild b/net-misc/curl/curl-7.74.0-r2.ebuild deleted file mode 100644 index e5b102b31a7..00000000000 --- a/net-misc/curl/curl-7.74.0-r2.ebuild +++ /dev/null @@ -1,286 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI="7" - -inherit autotools prefix multilib-minimal - -DESCRIPTION="A Client that groks URLs" -HOMEPAGE="https://curl.haxx.se/"; -SRC_URI="https://curl.haxx.se/download/${P}.tar.xz"; - -LICENSE="curl" -SLOT="0" -#KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" -IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls metalink nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl static-libs test telnet +tftp threads winssl zstd" -IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_winssl" -IUSE+=" nghttp3 quiche" -IUSE+=" elibc_Winnt" - -#lead to lots of false negatives, bug #285669 -RESTRICT="!test? ( test )" - -RDEPEND="ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] ) - brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] ) - ssl? ( - gnutls? ( - net-libs/gnutls:0=[static-libs?,${MULTILIB_USEDEP}] - dev-libs/nettle:0=[${MULTILIB_USEDEP}] - app-misc/ca-certificates - ) - mbedtls? ( - net-libs/mbedtls:0=[${MULTILIB_USEDEP}] - app-misc/ca-certificates - ) - openssl? ( - dev-libs/openssl:0=[static-libs?,${MULTILIB_USEDEP}] - ) - nss? ( - dev-libs/nss:0[${MULTILIB_USEDEP}] - app-misc/ca-certificates - ) - ) - http2? ( net-libs/nghttp2[${MULTILIB_USEDEP}] ) - nghttp3? ( - net-libs/nghttp3[${MULTILIB_USEDEP}] - net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}] - ) - quiche? ( >=net-libs/quiche-0.3.0[${MULTILIB_USEDEP}] ) - idn? ( net-dns/libidn2:0=[static-libs?,${MULTILIB_USEDEP}] ) - adns? ( net-dns/c-ares:0[${MULTILIB_USEDEP}] ) - kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) - metalink? ( >=media-libs/libmetalink-0.1.1[${MULTILIB_USEDEP}] ) - rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] ) - ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] ) - sys-libs/zlib[${MULTILIB_USEDEP}] - zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )" - -# Do we need to enforce the same ssl backend for curl and rtmpdump? Bug #423303 -# rtmp? ( -# media-video/rtmpdump -# curl_ssl_gnutls? ( media-video/rtmpdump[gnutls] ) -# curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,ssl] ) -# ) - -# ssl providers to be added: -# fbopenssl $(use_with spnego) - -DEPEND="${RDEPEND}" -BDEPEND="virtual/pkgconfig - test? ( - sys-apps/diffutils - dev-lang/perl - )" - -# c-ares must be disabled for threads -# only one default ssl provider can be enabled -REQUIRED_USE=" - winssl? ( elibc_Winnt ) - threads? ( !adns ) - ssl? ( - ^^ ( - curl_ssl_gnutls - curl_ssl_mbedtls - curl_ssl_nss - curl_ssl_openssl - curl_ssl_winssl - ) - )" - -DOCS=( CHANGES README docs/FEATURES.md docs/INTERNALS.md \ - docs/FAQ docs/BUGS.md docs/CONTRIBUTE.md ) - -MULTILIB_WRAPPED_HEADERS=( - /usr/include/curl/curlbuild.h -) - -MULTILIB_CHOST_TOOLS=( - /usr/bin/curl-config -) - -src_prepare() { - eapply "${FILESDIR}"/${PN}-7.30.0-prefix.patch - eapply "${FILESDIR}"/${PN}-respect-cflags-3.patch - eapply "${FILESDIR}"/${PN}-fix-gnutls-nettle.patch - - sed -i '/LD_LIBRARY_PATH=/d' configure.ac || die #382241 - sed -i '/CURL_MAC_CFLAGS/d' configure.ac || die #637252 - - eapply_user - eprefixify curl-config.in - eautoreconf -} - -multilib_src_configure() { - # We make use of the fact that later flags override earlier ones - # So start with all ssl providers off until proven otherwise - # TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/) - local myconf=() - - myconf+=( --without-gnutls --without-mbedtls --without-nss --without-polarssl --without-ssl --without-winssl ) - myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt ) - #myconf+=( --without-default-ssl-backend ) - if use ssl ; then - if use gnutls || use curl_ssl_gnutls; then - einfo "SSL provided by gnutls" - myconf+=( --with-gnutls --with-nettle ) - fi - if use mbedtls || use curl_ssl_mbedtls; then - einfo "SSL provided by mbedtls" - myconf+=( --with-mbedtls ) - fi - if use nss || use curl_ssl_nss; then - einfo "SSL provided by nss" - myconf+=( --with-nss ) - fi - if use openssl || use curl_ssl_openssl; then - einfo "SSL provided by openssl" - myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs ) - fi - if use winssl || use curl_ssl_winssl; then - einfo "SSL provided by Windows" - myconf+=( --with-winssl ) - fi - - if use curl_ssl_gnutls; then - einfo "Default SSL provided by gnutls" - myconf+=( --with-default-ssl-backend=gnutls ) - elif use curl_ssl_mbedtls; then - einfo "Default SSL provided by mbedtls" - myconf+=( --with-default-ssl-backend=mbedtls ) - elif use curl_ssl_nss; then - einfo "Default SSL provided by nss" - myconf+=( --with-default-ssl-backend=nss ) - elif use curl_ssl_openssl; then - einfo "Default SSL provided by openssl" - myconf+=( --with-default-ssl-backend=openssl ) - elif use curl_ssl_winssl; then - einfo "Default SSL provided by Windows" - myconf+=( --with-default-ssl-backend=winssl ) - else - eerror "We can't be here because of REQUIRED_USE." - fi - - else - einfo "SSL disabled" - fi - - # These configuration options are organized alphabetically - # within each category. This should make it easier if we - # ever decide to make any of them contingent on USE flags: - # 1) protocols first. To see them all do - # 'grep SUPPORT_PROTOCOLS configure.ac' - # 2) --enable/disable options second. - # 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort - # 3) --with/without options third. - # grep -- --with configure | grep Check | awk '{ print $4 }' | sort - - ECONF_SOURCE="${S}" \ - econf \ - $(use_enable alt-svc) \ - --enable-crypto-auth \ - --enable-dict \ - --disable-ech \ - --enable-file \ - $(use_enable ftp) \ - $(use_enable gopher) \ - $(use_enable hsts) \ - --enable-http \ - $(use_enable imap) \ - $(use_enable ldap) \ - $(use_enable ldap ldaps) \ - --disable-ntlm-wb \ - $(use_enable pop3) \ - --enable-rt \ - --enable-rtsp \ - $(use_enable samba smb) \ - $(use_with ssh libssh2) \ - $(use_enable smtp) \ - $(use_enable telnet) \ - $(use_enable tftp) \ - --enable-tls-srp \ - $(use_enable adns ares) \ - --enable-cookies \ - --enable-dateparse \ - --enable-dnsshuffle \ - --enable-doh \ - --enable-hidden-symbols \ - --enable-http-auth \ - $(use_enable ipv6) \ - --enable-largefile \ - --enable-manual \ - --enable-mime \ - --enable-netrc \ - $(use_enable progress-meter) \ - --enable-proxy \ - --disable-sspi \ - $(use_enable static-libs static) \ - $(use_enable threads threaded-resolver) \ - $(use_enable threads pthreads) \ - --disable-versioned-symbols \ - --without-amissl \ - --without-bearssl \ - --without-cyassl \ - --without-darwinssl \ - --without-fish-functions-dir \ - $(use_with idn libidn2) \ - $(use_with kerberos gssapi "${EPREFIX}"/usr) \ - $(use_with metalink libmetalink) \ - $(use_with http2 nghttp2) \ - --without-libpsl \ - $(use_with nghttp3) \ - $(use_with nghttp3 ngtcp2) \ - $(use_with quiche) \ - $(use_with rtmp librtmp) \ - $(use_with brotli) \ - --without-schannel \ - --without-secure-transport \ - --without-spnego \ - --without-winidn \ - --without-wolfssl \ - --with-zlib \ - $(use_with zstd) \ - "${myconf[@]}" - - if ! multilib_is_native_abi; then - # avoid building the client - sed -i -e '/SUBDIRS/s:src::' Makefile || die - sed -i -e '/SUBDIRS/s:scripts::' Makefile || die - fi - - # Fix up the pkg-config file to be more robust. - # https://github.com/curl/curl/issues/864 - local priv=() libs=() - # We always enable zlib. - libs+=( "-lz" ) - priv+=( "zlib" ) - if use http2; then - libs+=( "-lnghttp2" ) - priv+=( "libnghttp2" ) - fi - if use quiche; then - libs+=( "-lquiche" ) - priv+=( "quiche" ) - fi - if use nghttp3; then - libs+=( "-lnghttp3" "-lngtcp2" ) - priv+=( "libnghttp3" "-libtcp2" ) - fi - if use ssl && use curl_ssl_openssl; then - libs+=( "-lssl" "-lcrypto" ) - priv+=( "openssl" ) - fi - grep -q Requires.private libcurl.pc && die "need to update ebuild" - libs=$(printf '|%s' "${libs[@]}") - sed -i -r \ - -e "/^Libs.private/s:(${libs#|})( |$)::g" \ - libcurl.pc || die - echo "Requires.private: ${priv[*]}" >> libcurl.pc -} - -multilib_src_install_all() { - einstalldocs - find "${ED}" -type f -name '*.la' -delete - rm -rf "${ED}"/etc/ -} diff --git a/net-misc/curl/curl-7.74.0-r4.ebuild b/net-misc/curl/curl-7.74.0-r4.ebuild deleted file mode 100644 index 07c50b9ce55..00000000000 --- a/net-misc/curl/curl-7.74.0-r4.ebuild +++ /dev/null @@ -1,289 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI="7" - -inherit autotools prefix multilib-minimal - -DESCRIPTION="A Client that groks URLs" -HOMEPAGE="https://curl.haxx.se/"; -SRC_URI="https://curl.haxx.se/download/${P}.tar.xz"; - -LICENSE="curl" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" -IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls metalink nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads winssl zstd" -IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_winssl" -IUSE+=" nghttp3 quiche" -IUSE+=" elibc_Winnt" - -# c-ares must be disabled for threads -# only one default ssl provider can be enabled -REQUIRED_USE=" - winssl? ( elibc_Winnt ) - threads? ( !adns ) - ssl? ( - ^^ ( - curl_ssl_gnutls - curl_ssl_mbedtls - curl_ssl_nss - curl_ssl_openssl - curl_ssl_winssl - ) - )" - -# lead to lots of false negatives, bug #285669 -RESTRICT="!test? ( test )" - -RDEPEND="ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] ) - brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] ) - ssl? ( - gnutls? ( - net-libs/gnutls:0=[static-libs?,${MULTILIB_USEDEP}] - dev-libs/nettle:0=[${MULTILIB_USEDEP}] - app-misc/ca-certificates - ) - mbedtls? ( - net-libs/mbedtls:0=[${MULTILIB_USEDEP}] - app-misc/ca-certificates - ) - openssl? ( - dev-libs/openssl:0=[sslv3=,static-libs?,${MULTILIB_USEDEP}] - ) - nss? ( - dev-libs/nss:0[${MULTILIB_USEDEP}] - app-misc/ca-certificates - ) - ) - http2? ( net-libs/nghttp2[${MULTILIB_USEDEP}] ) - nghttp3? ( - net-libs/nghttp3[${MULTILIB_USEDEP}] - net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}] - ) - quiche? ( >=net-libs/quiche-0.3.0[${MULTILIB_USEDEP}] ) - idn? ( net-dns/libidn2:0=[static-libs?,${MULTILIB_USEDEP}] ) - adns? ( net-dns/c-ares:0[${MULTILIB_USEDEP}] ) - kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) - metalink? ( >=media-libs/libmetalink-0.1.1[${MULTILIB_USEDEP}] ) - rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] ) - ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] ) - sys-libs/zlib[${MULTILIB_USEDEP}] - zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )" - -# Do we need to enforce the same ssl backend for curl and rtmpdump? Bug #423303 -# rtmp? ( -# media-video/rtmpdump -# curl_ssl_gnutls? ( media-video/rtmpdump[gnutls] ) -# curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,ssl] ) -# ) - -# ssl providers to be added: -# fbopenssl $(use_with spnego) - -DEPEND="${RDEPEND}" -BDEPEND="virtual/pkgconfig - test? ( - sys-apps/diffutils - dev-lang/perl - )" - -DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} ) - -MULTILIB_WRAPPED_HEADERS=( - /usr/include/curl/curlbuild.h -) - -MULTILIB_CHOST_TOOLS=( - /usr/bin/curl-config -) - -PATCHES=( - "${FILESDIR}"/${PN}-7.30.0-prefix.patch - "${FILESDIR}"/${PN}-respect-cflags-3.patch - "${FILESDIR}"/${PN}-fix-gnutls-nettle.patch -) - -src_prepare() { - default - - sed -i '/LD_LIBRARY_PATH=/d' configure.ac || die #382241 - sed -i '/CURL_MAC_CFLAGS/d' configure.ac || die #637252 - - eprefixify curl-config.in - eautoreconf -} - -multilib_src_configure() { - # We make use of the fact that later flags override earlier ones - # So start with all ssl providers off until proven otherwise - # TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/) - local myconf=() - - myconf+=( --without-gnutls --without-mbedtls --without-nss --without-polarssl --without-ssl --without-winssl ) - myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt ) - #myconf+=( --without-default-ssl-backend ) - if use ssl ; then - if use gnutls || use curl_ssl_gnutls; then - einfo "SSL provided by gnutls" - myconf+=( --with-gnutls --with-nettle ) - fi - if use mbedtls || use curl_ssl_mbedtls; then - einfo "SSL provided by mbedtls" - myconf+=( --with-mbedtls ) - fi - if use nss || use curl_ssl_nss; then - einfo "SSL provided by nss" - myconf+=( --with-nss ) - fi - if use openssl || use curl_ssl_openssl; then - einfo "SSL provided by openssl" - myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs ) - fi - if use winssl || use curl_ssl_winssl; then - einfo "SSL provided by Windows" - myconf+=( --with-winssl ) - fi - - if use curl_ssl_gnutls; then - einfo "Default SSL provided by gnutls" - myconf+=( --with-default-ssl-backend=gnutls ) - elif use curl_ssl_mbedtls; then - einfo "Default SSL provided by mbedtls" - myconf+=( --with-default-ssl-backend=mbedtls ) - elif use curl_ssl_nss; then - einfo "Default SSL provided by nss" - myconf+=( --with-default-ssl-backend=nss ) - elif use curl_ssl_openssl; then - einfo "Default SSL provided by openssl" - myconf+=( --with-default-ssl-backend=openssl ) - elif use curl_ssl_winssl; then - einfo "Default SSL provided by Windows" - myconf+=( --with-default-ssl-backend=winssl ) - else - eerror "We can't be here because of REQUIRED_USE." - fi - - else - einfo "SSL disabled" - fi - - # These configuration options are organized alphabetically - # within each category. This should make it easier if we - # ever decide to make any of them contingent on USE flags: - # 1) protocols first. To see them all do - # 'grep SUPPORT_PROTOCOLS configure.ac' - # 2) --enable/disable options second. - # 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort - # 3) --with/without options third. - # grep -- --with configure | grep Check | awk '{ print $4 }' | sort - - myconf+=( - $(use_enable alt-svc) - --enable-crypto-auth - --enable-dict - --disable-ech - --enable-file - $(use_enable ftp) - $(use_enable gopher) - $(use_enable hsts) - --enable-http - $(use_enable imap) - $(use_enable ldap) - $(use_enable ldap ldaps) - --disable-ntlm-wb - $(use_enable pop3) - --enable-rt - --enable-rtsp - $(use_enable samba smb) - $(use_with ssh libssh2) - $(use_enable smtp) - $(use_enable telnet) - $(use_enable tftp) - --enable-tls-srp - $(use_enable adns ares) - --enable-cookies - --enable-dateparse - --enable-dnsshuffle - --enable-doh - --enable-hidden-symbols - --enable-http-auth - $(use_enable ipv6) - --enable-largefile - --enable-manual - --enable-mime - --enable-netrc - $(use_enable progress-meter) - --enable-proxy - --disable-sspi - $(use_enable static-libs static) - $(use_enable threads threaded-resolver) - $(use_enable threads pthreads) - --disable-versioned-symbols - --without-amissl - --without-bearssl - --without-cyassl - --without-darwinssl - --without-fish-functions-dir - $(use_with idn libidn2) - $(use_with kerberos gssapi "${EPREFIX}"/usr) - $(use_with metalink libmetalink) - $(use_with http2 nghttp2) - --without-libpsl - $(use_with nghttp3) - $(use_with nghttp3 ngtcp2) - $(use_with quiche) - $(use_with rtmp librtmp) - $(use_with brotli) - --without-schannel - --without-secure-transport - --without-spnego - --without-winidn - --without-wolfssl - --with-zlib - $(use_with zstd) - ) - - ECONF_SOURCE="${S}" \ - econf "${myconf[@]}" - - if ! multilib_is_native_abi; then - # avoid building the client - sed -i -e '/SUBDIRS/s:src::' Makefile || die - sed -i -e '/SUBDIRS/s:scripts::' Makefile || die - fi - - # Fix up the pkg-config file to be more robust. - # https://github.com/curl/curl/issues/864 - local priv=() libs=() - # We always enable zlib. - libs+=( "-lz" ) - priv+=( "zlib" ) - if use http2; then - libs+=( "-lnghttp2" ) - priv+=( "libnghttp2" ) - fi - if use quiche; then - libs+=( "-lquiche" ) - priv+=( "quiche" ) - fi - if use nghttp3; then - libs+=( "-lnghttp3" "-lngtcp2" ) - priv+=( "libnghttp3" "-libtcp2" ) - fi - if use ssl && use curl_ssl_openssl; then - libs+=( "-lssl" "-lcrypto" ) - priv+=( "openssl" ) - fi - grep -q Requires.private libcurl.pc && die "need to update ebuild" - libs=$(printf '|%s' "${libs[@]}") - sed -i -r \ - -e "/^Libs.private/s:(${libs#|})( |$)::g" \ - libcurl.pc || die - echo "Requires.private: ${priv[*]}" >> libcurl.pc -} - -multilib_src_install_all() { - einstalldocs - find "${ED}" -type f -name '*.la' -delete || die - rm -rf "${ED}"/etc/ || die -} diff --git a/net-misc/curl/curl-7.75.0.ebuild b/net-misc/curl/curl-7.75.0.ebuild deleted file mode 100644 index 89cefa1028f..00000000000 --- a/net-misc/curl/curl-7.75.0.ebuild +++ /dev/null @@ -1,290 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI="7" - -inherit autotools prefix multilib-minimal - -DESCRIPTION="A Client that groks URLs" -HOMEPAGE="https://curl.haxx.se/"; -SRC_URI="https://curl.haxx.se/download/${P}.tar.xz"; - -LICENSE="curl" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" -IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls metalink nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads winssl zstd" -IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_winssl" -IUSE+=" nghttp3 quiche" -IUSE+=" elibc_Winnt" - -# c-ares must be disabled for threads -# only one default ssl provider can be enabled -REQUIRED_USE=" - winssl? ( elibc_Winnt ) - threads? ( !adns ) - ssl? ( - ^^ ( - curl_ssl_gnutls - curl_ssl_mbedtls - curl_ssl_nss - curl_ssl_openssl - curl_ssl_winssl - ) - )" - -# lead to lots of false negatives, bug #285669 -RESTRICT="!test? ( test )" - -RDEPEND="ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] ) - brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] ) - ssl? ( - gnutls? ( - net-libs/gnutls:0=[static-libs?,${MULTILIB_USEDEP}] - dev-libs/nettle:0=[${MULTILIB_USEDEP}] - app-misc/ca-certificates - ) - mbedtls? ( - net-libs/mbedtls:0=[${MULTILIB_USEDEP}] - app-misc/ca-certificates - ) - openssl? ( - dev-libs/openssl:0=[sslv3=,static-libs?,${MULTILIB_USEDEP}] - ) - nss? ( - dev-libs/nss:0[${MULTILIB_USEDEP}] - app-misc/ca-certificates - ) - ) - http2? ( net-libs/nghttp2[${MULTILIB_USEDEP}] ) - nghttp3? ( - net-libs/nghttp3[${MULTILIB_USEDEP}] - net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}] - ) - quiche? ( >=net-libs/quiche-0.3.0[${MULTILIB_USEDEP}] ) - idn? ( net-dns/libidn2:0=[static-libs?,${MULTILIB_USEDEP}] ) - adns? ( net-dns/c-ares:0[${MULTILIB_USEDEP}] ) - kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) - metalink? ( >=media-libs/libmetalink-0.1.1[${MULTILIB_USEDEP}] ) - rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] ) - ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] ) - sys-libs/zlib[${MULTILIB_USEDEP}] - zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )" - -# Do we need to enforce the same ssl backend for curl and rtmpdump? Bug #423303 -# rtmp? ( -# media-video/rtmpdump -# curl_ssl_gnutls? ( media-video/rtmpdump[gnutls] ) -# curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,ssl] ) -# ) - -# ssl providers to be added: -# fbopenssl $(use_with spnego) - -DEPEND="${RDEPEND}" -BDEPEND="virtual/pkgconfig - test? ( - sys-apps/diffutils - dev-lang/perl - )" - -DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} ) - -MULTILIB_WRAPPED_HEADERS=( - /usr/include/curl/curlbuild.h -) - -MULTILIB_CHOST_TOOLS=( - /usr/bin/curl-config -) - -PATCHES=( - "${FILESDIR}"/${PN}-7.30.0-prefix.patch - "${FILESDIR}"/${PN}-respect-cflags-3.patch - "${FILESDIR}"/${PN}-fix-gnutls-nettle.patch -) - -src_prepare() { - default - - sed -i '/LD_LIBRARY_PATH=/d' configure.ac || die #382241 - sed -i '/CURL_MAC_CFLAGS/d' configure.ac || die #637252 - - eprefixify curl-config.in - eautoreconf -} - -multilib_src_configure() { - # We make use of the fact that later flags override earlier ones - # So start with all ssl providers off until proven otherwise - # TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/) - local myconf=() - - myconf+=( --without-gnutls --without-mbedtls --without-nss --without-polarssl --without-ssl --without-winssl ) - myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt ) - #myconf+=( --without-default-ssl-backend ) - if use ssl ; then - if use gnutls || use curl_ssl_gnutls; then - einfo "SSL provided by gnutls" - myconf+=( --with-gnutls --with-nettle ) - fi - if use mbedtls || use curl_ssl_mbedtls; then - einfo "SSL provided by mbedtls" - myconf+=( --with-mbedtls ) - fi - if use nss || use curl_ssl_nss; then - einfo "SSL provided by nss" - myconf+=( --with-nss ) - fi - if use openssl || use curl_ssl_openssl; then - einfo "SSL provided by openssl" - myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs ) - fi - if use winssl || use curl_ssl_winssl; then - einfo "SSL provided by Windows" - myconf+=( --with-winssl ) - fi - - if use curl_ssl_gnutls; then - einfo "Default SSL provided by gnutls" - myconf+=( --with-default-ssl-backend=gnutls ) - elif use curl_ssl_mbedtls; then - einfo "Default SSL provided by mbedtls" - myconf+=( --with-default-ssl-backend=mbedtls ) - elif use curl_ssl_nss; then - einfo "Default SSL provided by nss" - myconf+=( --with-default-ssl-backend=nss ) - elif use curl_ssl_openssl; then - einfo "Default SSL provided by openssl" - myconf+=( --with-default-ssl-backend=openssl ) - elif use curl_ssl_winssl; then - einfo "Default SSL provided by Windows" - myconf+=( --with-default-ssl-backend=winssl ) - else - eerror "We can't be here because of REQUIRED_USE." - fi - - else - einfo "SSL disabled" - fi - - # These configuration options are organized alphabetically - # within each category. This should make it easier if we - # ever decide to make any of them contingent on USE flags: - # 1) protocols first. To see them all do - # 'grep SUPPORT_PROTOCOLS configure.ac' - # 2) --enable/disable options second. - # 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort - # 3) --with/without options third. - # grep -- --with configure | grep Check | awk '{ print $4 }' | sort - - myconf+=( - $(use_enable alt-svc) - --enable-crypto-auth - --enable-dict - --disable-ech - --enable-file - $(use_enable ftp) - $(use_enable gopher) - $(use_enable hsts) - --enable-http - $(use_enable imap) - $(use_enable ldap) - $(use_enable ldap ldaps) - --disable-ntlm-wb - $(use_enable pop3) - --enable-rt - --enable-rtsp - $(use_enable samba smb) - $(use_with ssh libssh2) - $(use_enable smtp) - $(use_enable telnet) - $(use_enable tftp) - --enable-tls-srp - $(use_enable adns ares) - --enable-cookies - --enable-dateparse - --enable-dnsshuffle - --enable-doh - --enable-hidden-symbols - --enable-http-auth - $(use_enable ipv6) - --enable-largefile - --enable-manual - --enable-mime - --enable-netrc - $(use_enable progress-meter) - --enable-proxy - --disable-sspi - $(use_enable static-libs static) - $(use_enable threads threaded-resolver) - $(use_enable threads pthreads) - --disable-versioned-symbols - --without-amissl - --without-bearssl - --without-cyassl - --without-darwinssl - --without-fish-functions-dir - --without-hyper - $(use_with idn libidn2) - $(use_with kerberos gssapi "${EPREFIX}"/usr) - $(use_with metalink libmetalink) - $(use_with http2 nghttp2) - --without-libpsl - $(use_with nghttp3) - $(use_with nghttp3 ngtcp2) - $(use_with quiche) - $(use_with rtmp librtmp) - $(use_with brotli) - --without-schannel - --without-secure-transport - --without-spnego - --without-winidn - --without-wolfssl - --with-zlib - $(use_with zstd) - ) - - ECONF_SOURCE="${S}" \ - econf "${myconf[@]}" - - if ! multilib_is_native_abi; then - # avoid building the client - sed -i -e '/SUBDIRS/s:src::' Makefile || die - sed -i -e '/SUBDIRS/s:scripts::' Makefile || die - fi - - # Fix up the pkg-config file to be more robust. - # https://github.com/curl/curl/issues/864 - local priv=() libs=() - # We always enable zlib. - libs+=( "-lz" ) - priv+=( "zlib" ) - if use http2; then - libs+=( "-lnghttp2" ) - priv+=( "libnghttp2" ) - fi - if use quiche; then - libs+=( "-lquiche" ) - priv+=( "quiche" ) - fi - if use nghttp3; then - libs+=( "-lnghttp3" "-lngtcp2" ) - priv+=( "libnghttp3" "-libtcp2" ) - fi - if use ssl && use curl_ssl_openssl; then - libs+=( "-lssl" "-lcrypto" ) - priv+=( "openssl" ) - fi - grep -q Requires.private libcurl.pc && die "need to update ebuild" - libs=$(printf '|%s' "${libs[@]}") - sed -i -r \ - -e "/^Libs.private/s:(${libs#|})( |$)::g" \ - libcurl.pc || die - echo "Requires.private: ${priv[*]}" >> libcurl.pc -} - -multilib_src_install_all() { - einstalldocs - find "${ED}" -type f -name '*.la' -delete || die - rm -rf "${ED}"/etc/ || die -} diff --git a/net-misc/curl/curl-7.76.0.ebuild b/net-misc/curl/curl-7.76.0.ebuild deleted file mode 100644 index dbfb4e71fdf..00000000000 --- a/net-misc/curl/curl-7.76.0.ebuild +++ /dev/null @@ -1,291 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI="7" - -inherit autotools prefix multilib-minimal - -DESCRIPTION="A Client that groks URLs" -HOMEPAGE="https://curl.haxx.se/"; -SRC_URI="https://curl.haxx.se/download/${P}.tar.xz"; - -LICENSE="curl" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" -IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls metalink nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads winssl zstd" -IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_winssl" -IUSE+=" nghttp3 quiche" -IUSE+=" elibc_Winnt" - -# c-ares must be disabled for threads -# only one default ssl provider can be enabled -REQUIRED_USE=" - winssl? ( elibc_Winnt ) - threads? ( !adns ) - ssl? ( - ^^ ( - curl_ssl_gnutls - curl_ssl_mbedtls - curl_ssl_nss - curl_ssl_openssl - curl_ssl_winssl - ) - )" - -# lead to lots of false negatives, bug #285669 -RESTRICT="!test? ( test )" - -RDEPEND="ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] ) - brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] ) - ssl? ( - gnutls? ( - net-libs/gnutls:0=[static-libs?,${MULTILIB_USEDEP}] - dev-libs/nettle:0=[${MULTILIB_USEDEP}] - app-misc/ca-certificates - ) - mbedtls? ( - net-libs/mbedtls:0=[${MULTILIB_USEDEP}] - app-misc/ca-certificates - ) - openssl? ( - dev-libs/openssl:0=[sslv3=,static-libs?,${MULTILIB_USEDEP}] - ) - nss? ( - dev-libs/nss:0[${MULTILIB_USEDEP}] - app-misc/ca-certificates - ) - ) - http2? ( net-libs/nghttp2[${MULTILIB_USEDEP}] ) - nghttp3? ( - net-libs/nghttp3[${MULTILIB_USEDEP}] - net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}] - ) - quiche? ( >=net-libs/quiche-0.3.0[${MULTILIB_USEDEP}] ) - idn? ( net-dns/libidn2:0=[static-libs?,${MULTILIB_USEDEP}] ) - adns? ( net-dns/c-ares:0[${MULTILIB_USEDEP}] ) - kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) - metalink? ( >=media-libs/libmetalink-0.1.1[${MULTILIB_USEDEP}] ) - rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] ) - ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] ) - sys-libs/zlib[${MULTILIB_USEDEP}] - zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )" - -# Do we need to enforce the same ssl backend for curl and rtmpdump? Bug #423303 -# rtmp? ( -# media-video/rtmpdump -# curl_ssl_gnutls? ( media-video/rtmpdump[gnutls] ) -# curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,ssl] ) -# ) - -# ssl providers to be added: -# fbopenssl $(use_with spnego) - -DEPEND="${RDEPEND}" -BDEPEND="virtual/pkgconfig - test? ( - sys-apps/diffutils - dev-lang/perl - )" - -DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} ) - -MULTILIB_WRAPPED_HEADERS=( - /usr/include/curl/curlbuild.h -) - -MULTILIB_CHOST_TOOLS=( - /usr/bin/curl-config -) - -PATCHES=( - "${FILESDIR}"/${PN}-7.30.0-prefix.patch - "${FILESDIR}"/${PN}-respect-cflags-3.patch -) - -src_prepare() { - default - - sed -i '/LD_LIBRARY_PATH=/d' configure.ac || die #382241 - sed -i '/CURL_MAC_CFLAGS/d' configure.ac || die #637252 - - eprefixify curl-config.in - eautoreconf -} - -multilib_src_configure() { - # We make use of the fact that later flags override earlier ones - # So start with all ssl providers off until proven otherwise - # TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/) - local myconf=() - - myconf+=( --without-gnutls --without-mbedtls --without-nss --without-polarssl --without-ssl --without-winssl ) - myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt ) - #myconf+=( --without-default-ssl-backend ) - if use ssl ; then - if use gnutls || use curl_ssl_gnutls; then - einfo "SSL provided by gnutls" - myconf+=( --with-gnutls --with-nettle ) - fi - if use mbedtls || use curl_ssl_mbedtls; then - einfo "SSL provided by mbedtls" - myconf+=( --with-mbedtls ) - fi - if use nss || use curl_ssl_nss; then - einfo "SSL provided by nss" - myconf+=( --with-nss ) - fi - if use openssl || use curl_ssl_openssl; then - einfo "SSL provided by openssl" - myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs ) - fi - if use winssl || use curl_ssl_winssl; then - einfo "SSL provided by Windows" - myconf+=( --with-winssl ) - fi - - if use curl_ssl_gnutls; then - einfo "Default SSL provided by gnutls" - myconf+=( --with-default-ssl-backend=gnutls ) - elif use curl_ssl_mbedtls; then - einfo "Default SSL provided by mbedtls" - myconf+=( --with-default-ssl-backend=mbedtls ) - elif use curl_ssl_nss; then - einfo "Default SSL provided by nss" - myconf+=( --with-default-ssl-backend=nss ) - elif use curl_ssl_openssl; then - einfo "Default SSL provided by openssl" - myconf+=( --with-default-ssl-backend=openssl ) - elif use curl_ssl_winssl; then - einfo "Default SSL provided by Windows" - myconf+=( --with-default-ssl-backend=winssl ) - else - eerror "We can't be here because of REQUIRED_USE." - fi - - else - einfo "SSL disabled" - fi - - # These configuration options are organized alphabetically - # within each category. This should make it easier if we - # ever decide to make any of them contingent on USE flags: - # 1) protocols first. To see them all do - # 'grep SUPPORT_PROTOCOLS configure.ac' - # 2) --enable/disable options second. - # 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort - # 3) --with/without options third. - # grep -- --with configure | grep Check | awk '{ print $4 }' | sort - - myconf+=( - $(use_enable alt-svc) - --enable-crypto-auth - --enable-dict - --disable-ech - --enable-file - $(use_enable ftp) - $(use_enable gopher) - $(use_enable hsts) - --enable-http - $(use_enable imap) - $(use_enable ldap) - $(use_enable ldap ldaps) - --disable-ntlm-wb - $(use_enable pop3) - --enable-rt - --enable-rtsp - $(use_enable samba smb) - $(use_with ssh libssh2) - $(use_enable smtp) - $(use_enable telnet) - $(use_enable tftp) - --enable-tls-srp - $(use_enable adns ares) - --enable-cookies - --enable-dateparse - --enable-dnsshuffle - --enable-doh - --enable-hidden-symbols - --enable-http-auth - $(use_enable ipv6) - --enable-largefile - --enable-manual - --enable-mime - --enable-netrc - $(use_enable progress-meter) - --enable-proxy - --disable-sspi - $(use_enable static-libs static) - $(use_enable threads threaded-resolver) - $(use_enable threads pthreads) - --disable-versioned-symbols - --without-amissl - --without-bearssl - $(use_with brotli) - --without-cyassl - --without-darwinssl - --without-fish-functions-dir - $(use_with http2 nghttp2) - --without-hyper - $(use_with idn libidn2) - $(use_with kerberos gssapi "${EPREFIX}"/usr) - $(use_with metalink libmetalink) - --without-libgsasl - --without-libpsl - $(use_with nghttp3) - $(use_with nghttp3 ngtcp2) - $(use_with quiche) - $(use_with rtmp librtmp) - --without-rustls - --without-schannel - --without-secure-transport - --without-spnego - --without-winidn - --without-wolfssl - --with-zlib - $(use_with zstd) - ) - - ECONF_SOURCE="${S}" \ - econf "${myconf[@]}" - - if ! multilib_is_native_abi; then - # avoid building the client - sed -i -e '/SUBDIRS/s:src::' Makefile || die - sed -i -e '/SUBDIRS/s:scripts::' Makefile || die - fi - - # Fix up the pkg-config file to be more robust. - # https://github.com/curl/curl/issues/864 - local priv=() libs=() - # We always enable zlib. - libs+=( "-lz" ) - priv+=( "zlib" ) - if use http2; then - libs+=( "-lnghttp2" ) - priv+=( "libnghttp2" ) - fi - if use quiche; then - libs+=( "-lquiche" ) - priv+=( "quiche" ) - fi - if use nghttp3; then - libs+=( "-lnghttp3" "-lngtcp2" ) - priv+=( "libnghttp3" "-libtcp2" ) - fi - if use ssl && use curl_ssl_openssl; then - libs+=( "-lssl" "-lcrypto" ) - priv+=( "openssl" ) - fi - grep -q Requires.private libcurl.pc && die "need to update ebuild" - libs=$(printf '|%s' "${libs[@]}") - sed -i -r \ - -e "/^Libs.private/s:(${libs#|})( |$)::g" \ - libcurl.pc || die - echo "Requires.private: ${priv[*]}" >> libcurl.pc -} - -multilib_src_install_all() { - einstalldocs - find "${ED}" -type f -name '*.la' -delete || die - rm -rf "${ED}"/etc/ || die -}
