gentoo resync : 12.05.2022

author: V3n3RiX <venerix@koprulu.sector> 2022-05-12 16:42:50 +0300
committer: V3n3RiX <venerix@koprulu.sector> 2022-05-12 16:42:50 +0300
commit: 752d6256e5204b958b0ef7905675a940b5e9172f (patch)
tree: 330d16e6362a49cbed8875a777fe641a43376cd3 /net-misc/curl
parent: 0c100b7dd2b30e75b799d806df4ef899fd98e1ea (diff)
8 files changed, 386 insertions, 17 deletions
diff --git a/net-misc/curl/Manifest b/net-misc/curl/Manifest
index c9f0984046b8..74e700cd26b4 100644
--- a/net-misc/curl/Manifest
+++ b/net-misc/curl/Manifest
@@ -1,11 +1,20 @@
 AUX curl-7.30.0-prefix.patch 880 BLAKE2B 5b7552a8339014221864a585d174b02a96ec7dd7fe8762d331d1981834044f8ec4db64d527a4ded3f5f4cccc86f281576668de092439eb19f5477d5fcf8369cf SHA512 c7cd13b9ccbd12ed01ea121ffece9c23b898a5b34698bae59ae1dd23b1cf2445180b84d80c4a640981f16dba5018df944f405dd5c660addab54ca21e0e673b7f
+AUX curl-7.82.0-certs-processing.patch 853 BLAKE2B 5e05d6f31a93fd81ee597d88c1adeef97ac805befd2615044ad09d41c4b8c8b69f0689b21c2765c547c1dffa695d18791ee4c9301ae9b9e873621fd74eb6107a SHA512 839f262bec4b3730810a3cc849b571c1f7b9482d1c6f37fed9f56e7c3ccf1e07c0eb91bdf973846162bd0e259973e5dc90581db0a9cc7a808924948894437890
+AUX curl-7.83.0-http2.patch 1109 BLAKE2B f1cfcbcd68e046151e5d61c3d95e92cfdec9e412bc51375f08fcb7af508cea19fe48aabdd817949ecde61f9d6ba10d4051f3fe418ce7ca73326847e4bc6b4b04 SHA512 e98eb9129929bd00b1c8387da3668689b4da77b9641761766cf02f28909da5bad8bd506b59b5ce4cd066262a08341d2fa1d39803233c832e998be9a84ecbcab2
 AUX curl-respect-cflags-3.patch 406 BLAKE2B 1b533144858aff5566150c4a2648ad2e48e8ff29849ae285592edfee4b3332d06e750395dea7190ee6a01d2b5ee2c2c42c10400c2e5defa09963a90a1a10417d SHA512 3219e4e67d534e35012909243fc8d69d58989462db44dd507c502e7aaa299f1d9a01392e2c83797cc2bdb53d503470c5d6e7bf94572a6ccc6e5eafcc0466bc54
 DIST curl-7.79.1.tar.xz 2465212 BLAKE2B 2b694f96661c0aa0a136fdae4159e0ca8e811557c5a1f0b47cccaaad122f3ddbdaa6450c3835290955baf9357e872ee105a8cb0912064af3d3e38d16beb124ad SHA512 1edb71647a7f4dbb070baf1a019b4751aefeda793ff523c504410bb5cc74e5bffc52f20dd889697d1585f9ca3c4e81b1a9caadd182c30c8358ffd25f33e4db4d
+DIST curl-7.79.1.tar.xz.asc 488 BLAKE2B cf1864b15ee4b47a61a03968c4fd9526d4c8d0c5a8a0a1357de61758640e6dfda57334df1e63afd94c0064b7e61527623dd20446b27fa0130e0bf92c647d9820 SHA512 4f7930fde0a21358cf0bd8d5cbde5a05efc34202265b4744e59f49d9dc269987f47b4ead77c33e2ae03acabd7b6d6a731c69b91999eea70542f49d9ea0c2ba94
 DIST curl-7.80.0.tar.xz 2474492 BLAKE2B 0452ecb6943bc56b20ad8f1223135c9cae68cf31089b0e17e84d81af98dc5a47f5edfc271c5b4c23f232db6cea7ff5a9bffa9c7c319255d9afdb06fa5b8f761f SHA512 e04ddd74b0d5b3607a29bcf5d379d83a01c7dffa4ad3e2f25d8c85a3df7dbdb0625b0df1f04f02351695674502828e0e17e8b46c889cbf1e43f86d6e6dd716ab
+DIST curl-7.80.0.tar.xz.asc 488 BLAKE2B 5cde8a91059bb19b9ee9b1aa4c3225522398a0d5837edf3d99b7f9ea758e5df2a729ce1d0a9763967c2319c30d94ba80ff50888dec07665a818216d42b91feee SHA512 e11adb85fb061bba8838f435f6afb200924f24cb7351d9a8208ec3d317d8ef8c1e16f06dedfc623acc749931015c42dcd86236a53602c6632b3a750841345b05
 DIST curl-7.81.0.tar.xz 2486388 BLAKE2B bf8a3a03564648a9d7a5b4e7a523d840230f03237cf9eb5b07dcb4f531b036eb8111c1944bedd0c1df188e09a09468b3487d24ea50781124bc33d194546691f4 SHA512 38355aaee38db04bb2babdc5fd7a88284580c836d15df754f42b104997dd344b7841be8e53b4fc91aea31db170a7d6967c4976833eb4bfe0d265c7275c4800df
+DIST curl-7.81.0.tar.xz.asc 488 BLAKE2B 9280f10b14ddd95a1405fda79f8c51528c91c5e86b8f90d16d20d7f11d212e6e4391377eed971d0b0b27f5f4692c702e9d7a11705f0558ad39df38608d6a0648 SHA512 ca32a639900a9f8211005227dfb594f809c5ca5ec1eb87e944ef33cca60e4844f5b6ebe49de79fba53068e5dee9652b1d43a7d3a74e05419a2ffb5b40dab8176
 DIST curl-7.82.0.tar.xz 2446764 BLAKE2B 838accae4a45c090909cff91477a023789a79535691c80e507fd9e9712861b0c08e25ecd26079cb8ac8946cdf429a50991a7521e7b550b43c19e455625bc0750 SHA512 a977d69360d1793f8872096a21f5c0271e7ad145cd69ad45f4056a0657772f0f298b04bdb41aefd4ea5c4478352c60d80b5a118642280a07a7198aa80ffb1d57
-EBUILD curl-7.79.1-r1.ebuild 7957 BLAKE2B dc4d20d1a6bff37960f5c03dfdd6359a173a5b133b41dc5bce6172e543c4bd24129a1097bd949895770dc73e0be968a6ead19cc7dff45a635cbfe19556233cec SHA512 f20444dc9b5f0ddacd62293b3c9289836d48c1ff7a9c21d5555fc2bdcb67c588f07a912b89b7427adab9aac6217282b42a888a08b4d1cd588504c4be0e19d4cc
-EBUILD curl-7.80.0-r1.ebuild 7506 BLAKE2B 51a738a98dfe4a4b2f8e79cd241297a1a1687191f37119db39b8c10251f7d7209d3dd2e2c59637a3cb59ae3d1fb17caf90787153891625ec4b001e4d3ae49526 SHA512 76c9d89615d65d2c0d4ddd55c9ee51b7058a86d4e47928d20e0589874ab9382807eec90d026f4c922eb14fae9eecacb770ac76308186b1b59e5841e462ffb240
-EBUILD curl-7.81.0-r1.ebuild 7506 BLAKE2B f4c85463fe2bc4eb6a9fc0bbf6b58069768bc40ae341ee5396a8265d6f2b8de198d6b560dd97684db1dbfc6e2ae65bbbe15689d85c77f7ef62586f91061a93f8 SHA512 882730b1b758bce4a677f923d01fde75fb39b759f29b1b25445980409e52c3a23af42acaafb1cccbed0a9a6ca39e9833cf13647001277185ac989ea24d6ccd44
-EBUILD curl-7.82.0-r1.ebuild 7528 BLAKE2B bb06f485c65045b022d3a3ea031903bfd9086770f82b139b2fb45ad74f0bdb0062d71a6a17307d2a4b3dfdf0c88b3291dfe35a840584641595dcbc803a2ed225 SHA512 9e45306043a75380354628ae8054d8a2df25c2af013db51d116e0fd9ba18d90eba23052a012ddf0acb22d5e02b92e8ace079455074c365564b65ed4972708aec
+DIST curl-7.82.0.tar.xz.asc 488 BLAKE2B 9da4ea63671621df956aa5dc191cfc6c8d2a8b1958416ca58ffc04d43ed65b89244968588879e6bd3299ca8f60b1eccb34dede012f8a2a37acf3ca34021da958 SHA512 1f14d8ab55360ba735dff916369ee318e98767718394654ce9443b6013509b6d3ed5597685b142e9823cec7496373b709a8656515d66039c06783879655151fe
+DIST curl-7.83.0.tar.xz 2472560 BLAKE2B 0669f40265a56e7549e8038ed8421680d7264bff44dcc0692cf9f5248621311be5e228314710149bf9d2ccbe739f929039e04402c1d04a1362d0bbf08cb8cdc7 SHA512 be02bb2a8a3140eff3a9046f27cd4f872ed9ddaa644af49e56e5ef7dfec84a15b01db133469269437cddc937eda73953fa8c51bb758f7e98873822cd2290d3a9
+DIST curl-7.83.0.tar.xz.asc 488 BLAKE2B a8f6dcf00f1b01b457a7eecc8364538393f414df60757f3664709c62b6007023a34ddf4ecb4688734e396031d30905b490dd0c115f09a9428db6a6be97cdf72c SHA512 8fb90f9692f4fdb82ea49f0e5151219b2334da5d3910f28e787bb688fb055b8b028ccf75cdcc15cd9f86d780d479f88f902fef7d7b9e007a4b849cb25c6c13cc
+EBUILD curl-7.79.1-r1.ebuild 8166 BLAKE2B 69d521028d1ff2d37b270539c8ad37a8033923d60ad057a347b843587a035c0afb829361fb605ef4186243657bef6a94156e493321161c62d16ecc2b4a73d0f0 SHA512 05ef78d4080f609ff1a5deb191d1d7d09ddfe58c617cd8688c231c4e71268784ebc9c2eee1a5a023488868d23b15db7b04718e6e7a3b4dbe17ac9880eeaa1eb9
+EBUILD curl-7.80.0-r1.ebuild 7715 BLAKE2B 13c87739394cb6a67ba281c62ff526f90cf1a569bb1efde7062b7c68ed778df5a21cde4539fce35e9585121618db7bafa57546b3bbdd9f7db0e9449284ab2ad0 SHA512 e7f91f01ff332f7a72aeceed4f739da7b8d950ca0574e541c4992e9a254168102d3337c09d18748ae326b20cb64d6eee78bdc672ef4497b5a925aa7f1d475f1f
+EBUILD curl-7.81.0-r1.ebuild 7715 BLAKE2B 43b427e5dcc240c051bfb8e01d876af9b1cf73a6016035893bc3024d7ceccfd72615bd327f5898a58ddd6c772953d7d2a30613cb70bca92cdbdf904bd6782ab2 SHA512 b76b11e4cae0026c4a887218be05dc49ec261e493891183dec84d07f1238437a12598a9db7ddf20731b69564479e1da2278457f41990ddd1d4da5a20deed9c31
+EBUILD curl-7.82.0-r2.ebuild 7787 BLAKE2B ce60b96c42b3803fd2bf8d55dba99267ce8ac34796bbdd93217e5e767aa4ab0e5bde123e8dab78ce5fa4dcdcbf7887fe9a16171dce06f30125acccf8b38048b7 SHA512 65c6d9765a799e28bdb32e35831c6de269758f2058aef9927b434de9ab6bb91e3db55225d7c7606099db8395e6997a3ca0c4d02e48b029851eea6edbeef43ba1
+EBUILD curl-7.83.0.ebuild 8371 BLAKE2B ff1769914582fea62d02521d4e9bf858151a6c4f4fd9460eefd88c8161dfec5ea1e4433044af508d022018c0428151f6fc5b032e99cbdf278690601ce9f01b2a SHA512 fd1f368701c446ef3c4c8e79b1fa5734ab618923b702d56dccfaef911ccb1d2ebf37398677e6c150e97496f683bf3bc39e36fab5afcc71b785730527dec4fc77
 MISC metadata.xml 2050 BLAKE2B a795f1af5b0945a936d279317ac89de2c32ca0e0512ccbd5d19acd29d82415d6c8e4ea4480150de8910b0a1c5e7ce4260b3c26f5f720a4ec828c4d78f6d40adf SHA512 add740cc284bd6912dcd4beb1d706cbfde85ff9859032b9706dddb69dbd5df613043f8e2b1fe634700b97a92cd6a953908486ec9b7b1564a16ecbec2c48b5dfd
diff --git a/net-misc/curl/curl-7.79.1-r1.ebuild b/net-misc/curl/curl-7.79.1-r1.ebuild
index fc93e21ea1cc..ac8292e30cfe 100644
--- a/net-misc/curl/curl-7.79.1-r1.ebuild
+++ b/net-misc/curl/curl-7.79.1-r1.ebuild
@@ -3,11 +3,12 @@
 
 EAPI="7"
 
-inherit autotools prefix multilib-minimal
+inherit autotools prefix multilib-minimal verify-sig
 
 DESCRIPTION="A Client that groks URLs"
 HOMEPAGE="https://curl.haxx.se/"
-SRC_URI="https://curl.haxx.se/download/${P}.tar.xz"
+SRC_URI="https://curl.haxx.se/download/${P}.tar.xz
+	verify-sig? ( https://curl.haxx.se/download/${P}.tar.xz.asc )"
 
 LICENSE="curl"
 SLOT="0"
@@ -15,6 +16,7 @@ KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 s
 IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads winssl zstd"
 IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_winssl"
 IUSE+=" nghttp3 quiche"
+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc
 
 # c-ares must be disabled for threads
 # only one default ssl provider can be enabled
@@ -84,7 +86,8 @@ BDEPEND="dev-lang/perl
 	test? (
 		sys-apps/diffutils
 		dev-lang/perl
-	)"
+	)
+	verify-sig? ( sec-keys/openpgp-keys-danielstenberg )"
 
 DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} )
 
diff --git a/net-misc/curl/curl-7.80.0-r1.ebuild b/net-misc/curl/curl-7.80.0-r1.ebuild
index 5dc026fde598..f1c2d6838600 100644
--- a/net-misc/curl/curl-7.80.0-r1.ebuild
+++ b/net-misc/curl/curl-7.80.0-r1.ebuild
@@ -3,11 +3,12 @@
 
 EAPI="7"
 
-inherit autotools prefix multilib-minimal
+inherit autotools prefix multilib-minimal verify-sig
 
 DESCRIPTION="A Client that groks URLs"
 HOMEPAGE="https://curl.haxx.se/"
-SRC_URI="https://curl.haxx.se/download/${P}.tar.xz"
+SRC_URI="https://curl.haxx.se/download/${P}.tar.xz
+	verify-sig? ( https://curl.haxx.se/download/${P}.tar.xz.asc )"
 
 LICENSE="curl"
 SLOT="0"
@@ -15,6 +16,7 @@ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~
 IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads zstd"
 IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl"
 IUSE+=" nghttp3 quiche"
+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc
 
 # c-ares must be disabled for threads
 # only one default ssl provider can be enabled
@@ -78,7 +80,8 @@ BDEPEND="dev-lang/perl
 	virtual/pkgconfig
 	test? (
 		sys-apps/diffutils
-	)"
+	)
+	verify-sig? ( sec-keys/openpgp-keys-danielstenberg )"
 
 DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} )
 
diff --git a/net-misc/curl/curl-7.81.0-r1.ebuild b/net-misc/curl/curl-7.81.0-r1.ebuild
index 772988452027..e47b2c09b3db 100644
--- a/net-misc/curl/curl-7.81.0-r1.ebuild
+++ b/net-misc/curl/curl-7.81.0-r1.ebuild
@@ -3,11 +3,12 @@
 
 EAPI="8"
 
-inherit autotools prefix multilib-minimal
+inherit autotools prefix multilib-minimal verify-sig
 
 DESCRIPTION="A Client that groks URLs"
 HOMEPAGE="https://curl.haxx.se/"
-SRC_URI="https://curl.haxx.se/download/${P}.tar.xz"
+SRC_URI="https://curl.haxx.se/download/${P}.tar.xz
+	verify-sig? ( https://curl.haxx.se/download/${P}.tar.xz.asc )"
 
 LICENSE="curl"
 SLOT="0"
@@ -15,6 +16,7 @@ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~
 IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads zstd"
 IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl"
 IUSE+=" nghttp3 quiche"
+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc
 
 # c-ares must be disabled for threads
 # only one default ssl provider can be enabled
@@ -78,7 +80,8 @@ BDEPEND="dev-lang/perl
 	virtual/pkgconfig
 	test? (
 		sys-apps/diffutils
-	)"
+	)
+	verify-sig? ( sec-keys/openpgp-keys-danielstenberg )"
 
 DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} )
 
diff --git a/net-misc/curl/curl-7.82.0-r1.ebuild b/net-misc/curl/curl-7.82.0-r2.ebuild
index 9b955edd99ac..e4a7ea60d92d 100644
--- a/net-misc/curl/curl-7.82.0-r1.ebuild
+++ b/net-misc/curl/curl-7.82.0-r2.ebuild
@@ -3,18 +3,20 @@
 
 EAPI="8"
 
-inherit autotools prefix multilib-minimal
+inherit autotools prefix multilib-minimal verify-sig
 
 DESCRIPTION="A Client that groks URLs"
 HOMEPAGE="https://curl.haxx.se/"
-SRC_URI="https://curl.haxx.se/download/${P}.tar.xz"
+SRC_URI="https://curl.haxx.se/download/${P}.tar.xz
+	verify-sig? ( https://curl.haxx.se/download/${P}.tar.xz.asc )"
 
 LICENSE="curl"
 SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
 IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads zstd"
 IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl"
 IUSE+=" nghttp3 quiche"
+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc
 
 # c-ares must be disabled for threads
 # only one default ssl provider can be enabled
@@ -78,7 +80,8 @@ BDEPEND="dev-lang/perl
 	virtual/pkgconfig
 	test? (
 		sys-apps/diffutils
-	)"
+	)
+	verify-sig? ( sec-keys/openpgp-keys-danielstenberg )"
 
 DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} )
 
@@ -93,6 +96,7 @@ MULTILIB_CHOST_TOOLS=(
 PATCHES=(
 	"${FILESDIR}"/${PN}-7.30.0-prefix.patch
 	"${FILESDIR}"/${PN}-respect-cflags-3.patch
+	"${FILESDIR}"/${P}-certs-processing.patch
 )
 
 src_prepare() {
diff --git a/net-misc/curl/curl-7.83.0.ebuild b/net-misc/curl/curl-7.83.0.ebuild
new file mode 100644
index 000000000000..041b6cd5a2e4
--- /dev/null
+++ b/net-misc/curl/curl-7.83.0.ebuild
@@ -0,0 +1,290 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="8"
+
+inherit autotools prefix multilib-minimal verify-sig
+
+DESCRIPTION="A Client that groks URLs"
+HOMEPAGE="https://curl.haxx.se/"
+SRC_URI="https://curl.haxx.se/download/${P}.tar.xz
+	verify-sig? ( https://curl.haxx.se/download/${P}.tar.xz.asc )"
+
+LICENSE="curl"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads zstd"
+IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl"
+IUSE+=" nghttp3 quiche"
+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc
+
+# c-ares must be disabled for threads
+# only one default ssl provider can be enabled
+REQUIRED_USE="
+	threads? ( !adns )
+	ssl? (
+		^^ (
+			curl_ssl_gnutls
+			curl_ssl_mbedtls
+			curl_ssl_nss
+			curl_ssl_openssl
+		)
+	)"
+
+# lead to lots of false negatives, bug #285669
+RESTRICT="!test? ( test )"
+
+RDEPEND="ldap? ( net-nds/openldap:=[${MULTILIB_USEDEP}] )
+	brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] )
+	ssl? (
+		gnutls? (
+			net-libs/gnutls:0=[static-libs?,${MULTILIB_USEDEP}]
+			dev-libs/nettle:0=[${MULTILIB_USEDEP}]
+			app-misc/ca-certificates
+		)
+		mbedtls? (
+			net-libs/mbedtls:0=[${MULTILIB_USEDEP}]
+			app-misc/ca-certificates
+		)
+		openssl? (
+			dev-libs/openssl:0=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}]
+		)
+		nss? (
+			dev-libs/nss:0[${MULTILIB_USEDEP}]
+			app-misc/ca-certificates
+		)
+	)
+	http2? ( net-libs/nghttp2:=[${MULTILIB_USEDEP}] )
+	nghttp3? (
+		net-libs/nghttp3[${MULTILIB_USEDEP}]
+		net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}]
+	)
+	quiche? ( >=net-libs/quiche-0.3.0[${MULTILIB_USEDEP}] )
+	idn? ( net-dns/libidn2:0=[static-libs?,${MULTILIB_USEDEP}] )
+	adns? ( net-dns/c-ares:0=[${MULTILIB_USEDEP}] )
+	kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
+	rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] )
+	ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] )
+	sys-libs/zlib[${MULTILIB_USEDEP}]
+	zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )"
+
+# Do we need to enforce the same ssl backend for curl and rtmpdump? Bug #423303
+#	rtmp? (
+#		media-video/rtmpdump
+#		curl_ssl_gnutls? ( media-video/rtmpdump[gnutls] )
+#		curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,ssl] )
+#	)
+
+DEPEND="${RDEPEND}"
+BDEPEND="dev-lang/perl
+	virtual/pkgconfig
+	test? (
+		sys-apps/diffutils
+	)
+	verify-sig? ( sec-keys/openpgp-keys-danielstenberg )"
+
+DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} )
+
+MULTILIB_WRAPPED_HEADERS=(
+	/usr/include/curl/curlbuild.h
+)
+
+MULTILIB_CHOST_TOOLS=(
+	/usr/bin/curl-config
+)
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-7.30.0-prefix.patch
+	"${FILESDIR}"/${PN}-respect-cflags-3.patch
+	# Bug 842780, fixed upstream, drop on next version bump
+	"${FILESDIR}"/${P}-http2.patch
+)
+
+src_prepare() {
+	default
+
+	eprefixify curl-config.in
+	eautoreconf
+}
+
+multilib_src_configure() {
+	# We make use of the fact that later flags override earlier ones
+	# So start with all ssl providers off until proven otherwise
+	# TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/)
+	local myconf=()
+
+	myconf+=( --without-gnutls --without-mbedtls --without-nss --without-ssl )
+	myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt  )
+	#myconf+=( --without-default-ssl-backend )
+	if use ssl ; then
+		if use gnutls || use curl_ssl_gnutls; then
+			einfo "SSL provided by gnutls"
+			myconf+=( --with-gnutls --with-nettle )
+		fi
+		if use mbedtls || use curl_ssl_mbedtls; then
+			einfo "SSL provided by mbedtls"
+			myconf+=( --with-mbedtls )
+		fi
+		if use nss || use curl_ssl_nss; then
+			einfo "SSL provided by nss"
+			myconf+=( --with-nss --with-nss-deprecated )
+		fi
+		if use openssl || use curl_ssl_openssl; then
+			einfo "SSL provided by openssl"
+			myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )
+		fi
+
+		if use curl_ssl_gnutls; then
+			einfo "Default SSL provided by gnutls"
+			myconf+=( --with-default-ssl-backend=gnutls )
+		elif use curl_ssl_mbedtls; then
+			einfo "Default SSL provided by mbedtls"
+			myconf+=( --with-default-ssl-backend=mbedtls )
+		elif use curl_ssl_nss; then
+			einfo "Default SSL provided by nss"
+			myconf+=( --with-default-ssl-backend=nss )
+		elif use curl_ssl_openssl; then
+			einfo "Default SSL provided by openssl"
+			myconf+=( --with-default-ssl-backend=openssl )
+		else
+			eerror "We can't be here because of REQUIRED_USE."
+		fi
+
+	else
+		einfo "SSL disabled"
+	fi
+
+	# These configuration options are organized alphabetically
+	# within each category.  This should make it easier if we
+	# ever decide to make any of them contingent on USE flags:
+	# 1) protocols first.  To see them all do
+	# 'grep SUPPORT_PROTOCOLS configure.ac'
+	# 2) --enable/disable options second.
+	# 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort
+	# 3) --with/without options third.
+	# grep -- --with configure | grep Check | awk '{ print $4 }' | sort
+
+	myconf+=(
+		$(use_enable alt-svc)
+		--enable-crypto-auth
+		--enable-dict
+		--disable-ech
+		--enable-file
+		$(use_enable ftp)
+		$(use_enable gopher)
+		$(use_enable hsts)
+		--enable-http
+		$(use_enable imap)
+		$(use_enable ldap)
+		$(use_enable ldap ldaps)
+		--enable-ntlm
+		--disable-ntlm-wb
+		$(use_enable pop3)
+		--enable-rt
+		--enable-rtsp
+		$(use_enable samba smb)
+		$(use_with ssh libssh2)
+		$(use_enable smtp)
+		$(use_enable telnet)
+		$(use_enable tftp)
+		--enable-tls-srp
+		$(use_enable adns ares)
+		--enable-cookies
+		--enable-dateparse
+		--enable-dnsshuffle
+		--enable-doh
+		--enable-symbol-hiding
+		--enable-http-auth
+		$(use_enable ipv6)
+		--enable-largefile
+		--enable-manual
+		--enable-mime
+		--enable-netrc
+		$(use_enable progress-meter)
+		--enable-proxy
+		--disable-sspi
+		$(use_enable static-libs static)
+		$(use_enable threads threaded-resolver)
+		$(use_enable threads pthreads)
+		--disable-versioned-symbols
+		--without-amissl
+		--without-bearssl
+		$(use_with brotli)
+		--without-fish-functions-dir
+		$(use_with http2 nghttp2)
+		--without-hyper
+		$(use_with idn libidn2)
+		$(use_with kerberos gssapi "${EPREFIX}"/usr)
+		--without-libgsasl
+		--without-libpsl
+		--without-msh3
+		$(use_with nghttp3)
+		$(use_with nghttp3 ngtcp2)
+		$(use_with quiche)
+		$(use_with rtmp librtmp)
+		--without-rustls
+		--without-schannel
+		--without-secure-transport
+		--without-winidn
+		--without-wolfssl
+		--with-zlib
+		$(use_with zstd)
+	)
+
+	ECONF_SOURCE="${S}" \
+	econf "${myconf[@]}"
+
+	if ! multilib_is_native_abi; then
+		# avoid building the client
+		sed -i -e '/SUBDIRS/s:src::' Makefile || die
+		sed -i -e '/SUBDIRS/s:scripts::' Makefile || die
+	fi
+
+	# Fix up the pkg-config file to be more robust.
+	# https://github.com/curl/curl/issues/864
+	local priv=() libs=()
+	# We always enable zlib.
+	libs+=( "-lz" )
+	priv+=( "zlib" )
+	if use http2; then
+		libs+=( "-lnghttp2" )
+		priv+=( "libnghttp2" )
+	fi
+	if use quiche; then
+		libs+=( "-lquiche" )
+		priv+=( "quiche" )
+	fi
+	if use nghttp3; then
+		libs+=( "-lnghttp3" "-lngtcp2" )
+		priv+=( "libnghttp3" "-libtcp2" )
+	fi
+	if use ssl && use curl_ssl_openssl; then
+		libs+=( "-lssl" "-lcrypto" )
+		priv+=( "openssl" )
+	fi
+	grep -q Requires.private libcurl.pc && die "need to update ebuild"
+	libs=$(printf '|%s' "${libs[@]}")
+	sed -i -r \
+		-e "/^Libs.private/s:(${libs#|})( |$)::g" \
+		libcurl.pc || die
+	echo "Requires.private: ${priv[*]}" >> libcurl.pc
+}
+
+multilib_src_test() {
+	# See https://github.com/curl/curl/blob/master/tests/runtests.pl#L5721
+	# -n: no valgrind (unreliable in sandbox and doesn't work correctly on all arches)
+	# -v: verbose
+	# -a: keep going on failure (so we see everything which breaks, not just 1st test)
+	# -k: keep test files after completion
+	# -am: automake style TAP output
+	# -p: print logs if test fails
+	# Note: if needed, we can disable tests. See e.g. Fedora's packaging
+	# or just read https://github.com/curl/curl/tree/master/tests#run.
+	multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p"
+}
+
+multilib_src_install_all() {
+	einstalldocs
+	find "${ED}" -type f -name '*.la' -delete || die
+	rm -rf "${ED}"/etc/ || die
+}
diff --git a/net-misc/curl/files/curl-7.82.0-certs-processing.patch b/net-misc/curl/files/curl-7.82.0-certs-processing.patch
new file mode 100644
index 000000000000..a62c1df20b30
--- /dev/null
+++ b/net-misc/curl/files/curl-7.82.0-certs-processing.patch
@@ -0,0 +1,27 @@
+https://github.com/curl/curl/issues/8559
+https://bugs.gentoo.org/836629
+
+From 911714d617c106ed5d553bf003e34ec94ab6a136 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 8 Mar 2022 13:38:13 +0100
+Subject: [PATCH] openssl: fix CN check error code
+
+Due to a missing 'else' this returns error too easily.
+
+Regressed in: d15692ebb
+
+Reported-by: Kristoffer Gleditsch
+Fixes #8559
+Closes #8560
+--- a/lib/vtls/openssl.c
++++ b/lib/vtls/openssl.c
+@@ -1817,7 +1817,8 @@ CURLcode Curl_ossl_verifyhost(struct Curl_easy *data, struct connectdata *conn,
+               memcpy(peer_CN, ASN1_STRING_get0_data(tmp), peerlen);
+               peer_CN[peerlen] = '\0';
+             }
+-            result = CURLE_OUT_OF_MEMORY;
++            else
++              result = CURLE_OUT_OF_MEMORY;
+           }
+         }
+         else /* not a UTF8 name */
diff --git a/net-misc/curl/files/curl-7.83.0-http2.patch b/net-misc/curl/files/curl-7.83.0-http2.patch
new file mode 100644
index 000000000000..ede69a177b98
--- /dev/null
+++ b/net-misc/curl/files/curl-7.83.0-http2.patch
@@ -0,0 +1,30 @@
+Bug: https://bugs.gentoo.org/842780, https://github.com/curl/curl/pull/8768
+https://github.com/curl/curl/commit/6eb7fb37d901ed1e4ce07cbd628ee11bf02db1f3
+
+From 6eb7fb37d901ed1e4ce07cbd628ee11bf02db1f3 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Thu, 28 Apr 2022 17:11:50 +0200
+Subject: [PATCH] mbedtls: fix compile when h2-enabled
+
+Fixes #8766
+Reported-by: LigH-de on github
+Closes #8768
+---
+ lib/vtls/mbedtls.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/lib/vtls/mbedtls.c b/lib/vtls/mbedtls.c
+index 64f57c5d8321..5f9b87e6b75b 100644
+--- a/lib/vtls/mbedtls.c
++++ b/lib/vtls/mbedtls.c
+@@ -815,8 +815,8 @@ mbed_connect_step2(struct Curl_easy *data, struct connectdata *conn,
+     if(next_protocol) {
+       infof(data, VTLS_INFOF_ALPN_ACCEPTED_1STR, next_protocol);
+ #ifdef USE_HTTP2
+-      if(!strncmp(next_protocol, ALPN_H2, ALPN_H2_LEN) &&
+-         !next_protocol[ALPN_H2_LEN]) {
++      if(!strncmp(next_protocol, ALPN_H2, ALPN_H2_LENGTH) &&
++         !next_protocol[ALPN_H2_LENGTH]) {
+         conn->negnpn = CURL_HTTP_VERSION_2;
+       }
+       else
author	V3n3RiX <venerix@koprulu.sector>	2022-05-12 16:42:50 +0300
committer	V3n3RiX <venerix@koprulu.sector>	2022-05-12 16:42:50 +0300
commit	752d6256e5204b958b0ef7905675a940b5e9172f (patch)
tree	330d16e6362a49cbed8875a777fe641a43376cd3 /net-misc/curl
parent	0c100b7dd2b30e75b799d806df4ef899fd98e1ea (diff)