diff options
Diffstat (limited to 'net-misc/curl')
| -rw-r--r-- | net-misc/curl/Manifest | 12 | ||||
| -rw-r--r-- | net-misc/curl/curl-8.5.0-r1.ebuild (renamed from net-misc/curl/curl-8.3.0-r2.ebuild) | 34 | ||||
| -rw-r--r-- | net-misc/curl/curl-8.5.0-r2.ebuild | 367 | ||||
| -rw-r--r-- | net-misc/curl/curl-9999.ebuild | 3 | ||||
| -rw-r--r-- | net-misc/curl/files/curl-8.3.0-CVE-2023-38545.patch | 136 | ||||
| -rw-r--r-- | net-misc/curl/files/curl-8.3.0-CVE-2023-38546.patch | 131 | ||||
| -rw-r--r-- | net-misc/curl/files/curl-8.3.0-tests-arm-musl.patch | 115 | ||||
| -rw-r--r-- | net-misc/curl/files/curl-8.5.0-ipv6-configure-c99.patch | 31 | ||||
| -rw-r--r-- | net-misc/curl/files/curl-8.5.0-mpd-stream-http-adjust_pollset.patch | 69 |
9 files changed, 492 insertions, 406 deletions
diff --git a/net-misc/curl/Manifest b/net-misc/curl/Manifest index 22f427e2d4f1..8a3e4c859d6c 100644 --- a/net-misc/curl/Manifest +++ b/net-misc/curl/Manifest @@ -1,16 +1,14 @@ -AUX curl-8.3.0-CVE-2023-38545.patch 4345 BLAKE2B b3519d1fdccecf40e9a49cd96bf61e53c2a8ab44b2ca05543ea431da6a00125ccc9b6f7cdde0371db30e741b19a8c86cc90038987750744d2f02a0b1c1f0bec0 SHA512 1b0d3f4d4475bf4d579d4a99504a1e488b4a64e956497dc9558206234f67c60a6006ec9c93df89dc5b18c8d60312877838564adbcb834af5d6389f2f7be856d8 -AUX curl-8.3.0-CVE-2023-38546.patch 4852 BLAKE2B 316a6ca5a05c55ffa029aa97ad9c23844bf9dce2a0220cdce324c678baa8f1bfef6dcb21a6460c80345d2fe81e7738055d207a76e3d0c920c6bbb827869b02c5 SHA512 1a0d047c9c661d39caf4f4f47177aa804b8b8689f68f1f14e83163ce311b5783b58ae3d216e84dbec6bf93b6b0ba7a838831121282702e613ab4c00c1874730d -AUX curl-8.3.0-tests-arm-musl.patch 3472 BLAKE2B 6722ff38b03191a9c26b90b9a2d4dc9d439cfb0d7227e10f1f100bec4a4d8709878bfab89ef9cfa854955dd44462eef66b8eb3a31db75b4555d9eccaa4457729 SHA512 3beaf54c017c9c13e023bdcaa7e187b1689f988ff2837c2e9a998ed9e7beb850e8baf9dafb0a506b60018b853c8039763d59f2849f1772a8bc8b63843111d769 +AUX curl-8.5.0-ipv6-configure-c99.patch 749 BLAKE2B b9d94d4ec5c310f8d3985eb6e4a17cd12b8aec696c015c41e94fe7eee2cced4d6ed1f192f3dbe4877a33f5102522844b63a11039fd285371472f282065cf2894 SHA512 cc04189480055a82fc264fcf3b70a3a748bccaec5f263340c41aabde600ea020fd2bce46461d4f75f5ed7708cfc5a0afcf95e6f1d098333c3968b75169a27a93 +AUX curl-8.5.0-mpd-stream-http-adjust_pollset.patch 2979 BLAKE2B da34eb58eb8b706916657279bc071ab97145e33e7e7eb553ffe924be7a97e3d784d5e2fc8270363e95e815687201b6fae1b374dc666093441c5177bfe76eb835 SHA512 11ed5f8482d985aab4e7ab07f0e8821d76a494d0147a61ce7901379cd1f36f577c544627f5ad61a38b70e9e4659fc050c5b9e0be4247ab410f55850a946872d1 AUX curl-prefix.patch 880 BLAKE2B 5b7552a8339014221864a585d174b02a96ec7dd7fe8762d331d1981834044f8ec4db64d527a4ded3f5f4cccc86f281576668de092439eb19f5477d5fcf8369cf SHA512 c7cd13b9ccbd12ed01ea121ffece9c23b898a5b34698bae59ae1dd23b1cf2445180b84d80c4a640981f16dba5018df944f405dd5c660addab54ca21e0e673b7f AUX curl-respect-cflags-3.patch 406 BLAKE2B 1b533144858aff5566150c4a2648ad2e48e8ff29849ae285592edfee4b3332d06e750395dea7190ee6a01d2b5ee2c2c42c10400c2e5defa09963a90a1a10417d SHA512 3219e4e67d534e35012909243fc8d69d58989462db44dd507c502e7aaa299f1d9a01392e2c83797cc2bdb53d503470c5d6e7bf94572a6ccc6e5eafcc0466bc54 -DIST curl-8.3.0.tar.xz 2641764 BLAKE2B 6875b20e27ed86f9b6ab256210d85e9fb3b39645e8be710b2e6fe29fba40220f870e06bc21e8a92244670fed0a08c7716e4806a267ede49c4ed6d66e03f5fcd4 SHA512 6404b4c74fe1185cb482631ca3a143996cb7298d0d8a76bfafd7696e7729c00559999a069bdba782dee3f3eb273fb678a4438cb27d3deca54022878cdff83a51 -DIST curl-8.3.0.tar.xz.asc 488 BLAKE2B ef5a749e579710d45db9f73da0cbcb58d77a9dfe73be622536496997fa792fe5cbd0331a31f01e21cbdb36c6384dca44baa647c9f3d20effabb5bfc275b1b491 SHA512 b7d45722640ac50181b20a6d663168ec6eec6691c5604ddfe9c7177f07da598cb2de688c631043dc428c311774d781ccd16bd1e2fb4f038be651e3bee383aec4 DIST curl-8.4.0.tar.xz 2658376 BLAKE2B ea5ebecc3c1aeac3ae8fd0cf7d8ff3298149b9c4c556fb85ed8d9310e3613228eb6fca133b0dfb9268988f93d694779fab8d53510cfa5710c1320bb6638f05eb SHA512 7027dbf3b759b39d6ec9c4da58fadd254e84bb93bff599541b3bc3135bad4c2955c6237d7ddd60973f9f1a6948bc32d7e312985fb50658bc958b9f22fee74f2b DIST curl-8.4.0.tar.xz.asc 488 BLAKE2B 0fd4ea46a0942b9bc440e91e8f9323bba6d0eb02fbc87c227004c90e5be14cc644446bc235ab67f857b617975cdeada6ce38a647da9e0bd783e57d58f354cdb4 SHA512 b8b7a5b76be816e7b1552354f267f335fdc608cdadbd2c40ab44faf6450c6bbd2853b6de5c2746a1292aad33a8ee1c367380d32bb1a8282540b38c3b985a320e DIST curl-8.5.0.tar.xz 2658520 BLAKE2B cfd591f9703b9c63712dbe74494b05a80ce5a4fc4f8fc0fbf57058578eed5f33d71277f688d5d9f409bcd82e3a4cacaa5615a44f2a7c554559c6be7dd5188893 SHA512 acffa2cf61d9b8e4188575a1b40227da8d722df2e5fe8bb82a222b4eb2fd64bf8aebd90852ce050c79fb5e517d5cee2546bf7de92ede1dd394263e231cb741a3 DIST curl-8.5.0.tar.xz.asc 488 BLAKE2B d706c401aecf345398411b94c87b8f1ecc752d73d24e1a578c8c0e62732e8e476333a2a4772428c6425eb0d124b1ceee8e377cf41d60a54b6f2df5cccc0b9f23 SHA512 9c6a2e61860878cd731d951fac1bb52cd314db20439a5173a95b48da1742737e02bfb9978d65e25de6535f839e281235203599a29f252e78e0d7a83769727329 -EBUILD curl-8.3.0-r2.ebuild 10601 BLAKE2B 19cc1441f2cf23684095b159430a1e407e351f112aa38849b01af269ae151b45b0751709b8d4202b60f605ea7e060f2bfa054f6650a0de310a31786c808b6d89 SHA512 65248f611a2608b9d965bd8abc2cd8497cc331a112842ab18a230df74942eb79da54cd5f8fc4a0fdd562209b824ad3f560388bf2e1aac80163a4d2e73bf94e04 EBUILD curl-8.4.0.ebuild 10695 BLAKE2B 66b7a3a2ed719bd945d67eb8cbe53f97526cbb0e4408045ea99c16996dc547576ffbfa6bef459b128dd2fc96ef734507eefc50f34d588ca489ad7e8d139c498a SHA512 c3abc0f3e4297aa84054c5fe6717610359afcb027ab2040b5d540d65b6552cb530cd37f85ef3e6522d35995494b2b3c29aa7a443d50ec8af0f637081314f26cc +EBUILD curl-8.5.0-r1.ebuild 10830 BLAKE2B e15b3b6ffc9c3456bf47d5ec3bb8ca66694e8f7210d929735af8c582b2e22002c20962f16e4ac696b2ede20c29972b35a4d2f015c8d86800ce98723efbacc01c SHA512 e62419df12f59390ccdb40cd07b0175dba320ad06b1f9fa382bdcb380b81fef7af46560d153afe518f703f790002a830247fb49ce93511a1cae573b008caa7c9 +EBUILD curl-8.5.0-r2.ebuild 10898 BLAKE2B 6a0d2e82197a206cb2a47c676e66a7d7915e84b873248c099a099131b27ed5a0dd8f8b9bb20ecff4b862b56311d65e6e7aaac0cc179814db3b9e82e46a439f73 SHA512 da6cc63f5bb332967a67e00f393a225c0141bc045931bcd9c59343b32d27ac8ec82d25ded6af0632a40b09a9a901cb2b924dce83afbb071621279836c23a9640 EBUILD curl-8.5.0.ebuild 10785 BLAKE2B 9266873c95d46451519a1cdb8adaad8f47848ebe56600fa235ab378120a53cea11c2016234f8410befdedcb7477284e884e3a100be693e1fd76ab682a59db3c2 SHA512 53d310df6d1acd7dc3a1bef493181f15639809d7e6ad3bd8f0a542ccf10015425e16a7224ddde188186b4bd2036f1ba8d578a8e8f2688a0d6e3cde17dad91109 -EBUILD curl-9999.ebuild 10703 BLAKE2B 9e6ae064999854a7344c1190f2984ede98dd57bf5ca3138ecaf85e30f264dce2e3f4d735a59d3c2cadcea1476fce5bc1f4132089bb26c0472a122329f7927605 SHA512 5078dabb7e2763330cba648b81395482a0592aad948caa958a1048eb484d9cb4c84eece2b93132a1cb9aed403a9a1567e1ac61f6eaf8c2c2bf5d96e88e1c7545 +EBUILD curl-9999.ebuild 10714 BLAKE2B 0c584c3706885a6b4e1c12ed9983884efb1edecfc530c4fa18466fd36d27ee6cd25904504499de7a284a3707e6c3100b76f7f432cb7da0b4559bfb0d1fc9b70e SHA512 75f4920f88357be1d44993befcfd7c6fc5258c425df17614d7e404956f1ff1fadf6afd9d8af1cff809231b0f7eaacf898ed3320f5278dfab5aa5b83c1a57bdca MISC metadata.xml 2040 BLAKE2B 53dc2ea93f6843d71228f0d1a2315ee9e5d8567e1147b4c240f66b3e3a4d12bb514b94df1890b64b345053fe7d35c5c062417ce47e8a2ae36bad08b51b79cdb5 SHA512 6299919b704f1830f186cd0591503936d89388ebb87e9e9d255f715123829663b1e81432ee870a7d10eaed4f6fa73b8aaeab1b2f061bce00800283b66e42dc73 diff --git a/net-misc/curl/curl-8.3.0-r2.ebuild b/net-misc/curl/curl-8.5.0-r1.ebuild index 350d4acf5b7c..8c9e7ec34d3f 100644 --- a/net-misc/curl/curl-8.3.0-r2.ebuild +++ b/net-misc/curl/curl-8.5.0-r1.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2023 Gentoo Authors +# Copyright 1999-2024 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=8 @@ -17,15 +17,15 @@ else https://curl.se/download/${P}.tar.xz verify-sig? ( https://curl.se/download/${P}.tar.xz.asc ) " - KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" fi LICENSE="BSD curl ISC test? ( BSD-4 )" SLOT="0" -IUSE="+adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap kerberos ldap mbedtls +openssl +pop3 +progress-meter rtmp rustls samba +smtp ssh ssl sslv3 static-libs test telnet +tftp websockets zstd" +IUSE="+adns +alt-svc brotli +ftp gnutls gopher +hsts +http2 idn +imap kerberos ldap mbedtls nghttp3 +openssl +pop3" +IUSE+=" +progress-meter rtmp rustls samba +smtp ssh ssl sslv3 static-libs test telnet +tftp websockets zstd" # These select the default SSL implementation IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls +curl_ssl_openssl curl_ssl_rustls" -IUSE+=" nghttp3" RESTRICT="!test? ( test )" # Only one default ssl provider can be enabled @@ -44,34 +44,37 @@ REQUIRED_USE=" curl_ssl_mbedtls? ( mbedtls ) curl_ssl_openssl? ( openssl ) curl_ssl_rustls? ( rustls ) - nghttp3? ( !openssl ) + nghttp3? ( + !openssl + alt-svc ) " # cURL's docs and CI/CD are great resources for confirming supported versions # particulary for fast-moving targets like HTTP/2 and TCP/2 e.g.: -# - https://github.com/curl/curl/blob/master/docs/HTTP3.md -# - https://github.com/curl/curl/blob/master/.github/workflows/quiche-linux.yml +# - https://github.com/curl/curl/blob/master/docs/INTERNALS.md (core dependencies + minimum versions) +# - https://github.com/curl/curl/blob/master/docs/HTTP3.md (example of a feature that moves quickly) +# - https://github.com/curl/curl/blob/master/.github/workflows/quiche-linux.yml (CI/CD for TCP/2) # However 'supported' vs 'works' are two entirely different things; be sane but # don't be afraid to require a later version. RDEPEND=" - sys-libs/zlib[${MULTILIB_USEDEP}] + >=sys-libs/zlib-1.1.4[${MULTILIB_USEDEP}] adns? ( net-dns/c-ares:=[${MULTILIB_USEDEP}] ) brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] ) http2? ( >=net-libs/nghttp2-1.12.0:=[${MULTILIB_USEDEP}] ) idn? ( net-dns/libidn2:=[static-libs?,${MULTILIB_USEDEP}] ) kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) - ldap? ( net-nds/openldap:=[static-libs?,${MULTILIB_USEDEP}] ) + ldap? ( >=net-nds/openldap-2.0.0:=[static-libs?,${MULTILIB_USEDEP}] ) nghttp3? ( >=net-libs/nghttp3-0.15.0[${MULTILIB_USEDEP}] >=net-libs/ngtcp2-0.19.1[gnutls,ssl,-openssl,${MULTILIB_USEDEP}] ) rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] ) - ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] ) + ssh? ( >=net-libs/libssh2-1.0.0[${MULTILIB_USEDEP}] ) ssl? ( gnutls? ( app-misc/ca-certificates - net-libs/gnutls:=[static-libs?,${MULTILIB_USEDEP}] + >=net-libs/gnutls-3.1.10:=[static-libs?,${MULTILIB_USEDEP}] dev-libs/nettle:=[${MULTILIB_USEDEP}] ) mbedtls? ( @@ -79,7 +82,7 @@ RDEPEND=" net-libs/mbedtls:=[${MULTILIB_USEDEP}] ) openssl? ( - dev-libs/openssl:=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}] + >=dev-libs/openssl-0.9.7:=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}] ) rustls? ( net-libs/rustls-ffi:=[${MULTILIB_USEDEP}] @@ -125,9 +128,7 @@ QA_CONFIG_IMPL_DECL_SKIP=( PATCHES=( "${FILESDIR}"/${PN}-prefix.patch "${FILESDIR}"/${PN}-respect-cflags-3.patch - "${FILESDIR}"/${P}-tests-arm-musl.patch - "${FILESDIR}"/${P}-CVE-2023-38545.patch - "${FILESDIR}"/${P}-CVE-2023-38546.patch + "${FILESDIR}"/${P}-ipv6-configure-c99.patch ) src_prepare() { @@ -344,7 +345,8 @@ multilib_src_test() { # this ends up breaking when nproc is huge (like -j80). # The network sandbox causes tests 241 and 1083 to fail; these are typically skipped # as most gentoo users don't have an 'ip6-localhost' - multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p -j$((2*$(makeopts_jobs))) !241 !1083" + # Required deps for 1477 are not included in the release tarball for 8.5.0 + multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p -j$((2*$(makeopts_jobs))) !241 !1083 !1477" } multilib_src_install() { diff --git a/net-misc/curl/curl-8.5.0-r2.ebuild b/net-misc/curl/curl-8.5.0-r2.ebuild new file mode 100644 index 000000000000..03cc7f61ebca --- /dev/null +++ b/net-misc/curl/curl-8.5.0-r2.ebuild @@ -0,0 +1,367 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/danielstenberg.asc +inherit autotools multilib-minimal multiprocessing prefix toolchain-funcs verify-sig + +DESCRIPTION="A Client that groks URLs" +HOMEPAGE="https://curl.se/" + +if [[ ${PV} == 9999 ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/curl/curl.git" +else + SRC_URI=" + https://curl.se/download/${P}.tar.xz + verify-sig? ( https://curl.se/download/${P}.tar.xz.asc ) + " + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +fi + +LICENSE="BSD curl ISC test? ( BSD-4 )" +SLOT="0" +IUSE="+adns +alt-svc brotli +ftp gnutls gopher +hsts +http2 idn +imap kerberos ldap mbedtls nghttp3 +openssl +pop3" +IUSE+=" +progress-meter rtmp rustls samba +smtp ssh ssl sslv3 static-libs test telnet +tftp websockets zstd" +# These select the default SSL implementation +IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls +curl_ssl_openssl curl_ssl_rustls" +RESTRICT="!test? ( test )" + +# Only one default ssl provider can be enabled +# The default ssl provider needs its USE satisfied +# nghttp3 = https://bugs.gentoo.org/912029 +REQUIRED_USE=" + ssl? ( + ^^ ( + curl_ssl_gnutls + curl_ssl_mbedtls + curl_ssl_openssl + curl_ssl_rustls + ) + ) + curl_ssl_gnutls? ( gnutls ) + curl_ssl_mbedtls? ( mbedtls ) + curl_ssl_openssl? ( openssl ) + curl_ssl_rustls? ( rustls ) + nghttp3? ( + !openssl + alt-svc ) +" + +# cURL's docs and CI/CD are great resources for confirming supported versions +# particulary for fast-moving targets like HTTP/2 and TCP/2 e.g.: +# - https://github.com/curl/curl/blob/master/docs/INTERNALS.md (core dependencies + minimum versions) +# - https://github.com/curl/curl/blob/master/docs/HTTP3.md (example of a feature that moves quickly) +# - https://github.com/curl/curl/blob/master/.github/workflows/quiche-linux.yml (CI/CD for TCP/2) +# However 'supported' vs 'works' are two entirely different things; be sane but +# don't be afraid to require a later version. + +RDEPEND=" + >=sys-libs/zlib-1.1.4[${MULTILIB_USEDEP}] + adns? ( net-dns/c-ares:=[${MULTILIB_USEDEP}] ) + brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] ) + http2? ( >=net-libs/nghttp2-1.12.0:=[${MULTILIB_USEDEP}] ) + idn? ( net-dns/libidn2:=[static-libs?,${MULTILIB_USEDEP}] ) + kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) + ldap? ( >=net-nds/openldap-2.0.0:=[static-libs?,${MULTILIB_USEDEP}] ) + nghttp3? ( + >=net-libs/nghttp3-0.15.0[${MULTILIB_USEDEP}] + >=net-libs/ngtcp2-0.19.1[gnutls,ssl,-openssl,${MULTILIB_USEDEP}] + ) + rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] ) + ssh? ( >=net-libs/libssh2-1.0.0[${MULTILIB_USEDEP}] ) + ssl? ( + gnutls? ( + app-misc/ca-certificates + >=net-libs/gnutls-3.1.10:=[static-libs?,${MULTILIB_USEDEP}] + dev-libs/nettle:=[${MULTILIB_USEDEP}] + ) + mbedtls? ( + app-misc/ca-certificates + net-libs/mbedtls:=[${MULTILIB_USEDEP}] + ) + openssl? ( + >=dev-libs/openssl-0.9.7:=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}] + ) + rustls? ( + net-libs/rustls-ffi:=[${MULTILIB_USEDEP}] + ) + ) + zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] ) +" + +DEPEND="${RDEPEND}" + +BDEPEND=" + dev-lang/perl + virtual/pkgconfig + test? ( + sys-apps/diffutils + http2? ( >=net-libs/nghttp2-1.15.0:=[utils,${MULTILIB_USEDEP}] ) + nghttp3? ( net-libs/nghttp2:=[utils,${MULTILIB_USEDEP}] ) + ) + verify-sig? ( sec-keys/openpgp-keys-danielstenberg ) +" + +DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} ) + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/curl/curlbuild.h +) + +MULTILIB_CHOST_TOOLS=( + /usr/bin/curl-config +) + +QA_CONFIG_IMPL_DECL_SKIP=( + __builtin_available + closesocket + CloseSocket + getpass_r + ioctlsocket + IoctlSocket + mach_absolute_time + setmode + _fseeki64 +) + +PATCHES=( + "${FILESDIR}"/${PN}-prefix.patch + "${FILESDIR}"/${PN}-respect-cflags-3.patch + "${FILESDIR}"/${P}-ipv6-configure-c99.patch + "${FILESDIR}"/${P}-mpd-stream-http-adjust_pollset.patch +) + +src_prepare() { + default + + eprefixify curl-config.in + eautoreconf +} + +multilib_src_configure() { + # We make use of the fact that later flags override earlier ones + # So start with all ssl providers off until proven otherwise + # TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/) + local myconf=() + + myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt ) + if use ssl; then + myconf+=( --without-gnutls --without-mbedtls --without-rustls ) + + if use gnutls; then + multilib_is_native_abi && einfo "SSL provided by gnutls" + myconf+=( --with-gnutls ) + fi + if use mbedtls; then + multilib_is_native_abi && einfo "SSL provided by mbedtls" + myconf+=( --with-mbedtls ) + fi + if use openssl; then + multilib_is_native_abi && einfo "SSL provided by openssl" + myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs ) + fi + if use rustls; then + multilib_is_native_abi && einfo "SSL provided by rustls" + myconf+=( --with-rustls ) + fi + if use curl_ssl_gnutls; then + multilib_is_native_abi && einfo "Default SSL provided by gnutls" + myconf+=( --with-default-ssl-backend=gnutls ) + elif use curl_ssl_mbedtls; then + multilib_is_native_abi && einfo "Default SSL provided by mbedtls" + myconf+=( --with-default-ssl-backend=mbedtls ) + elif use curl_ssl_openssl; then + multilib_is_native_abi && einfo "Default SSL provided by openssl" + myconf+=( --with-default-ssl-backend=openssl ) + elif use curl_ssl_rustls; then + multilib_is_native_abi && einfo "Default SSL provided by rustls" + myconf+=( --with-default-ssl-backend=rustls ) + else + eerror "We can't be here because of REQUIRED_USE." + die "Please file a bug, hit impossible condition w/ USE=ssl handling." + fi + + else + myconf+=( --without-ssl ) + einfo "SSL disabled" + fi + + # These configuration options are organized alphabetically + # within each category. This should make it easier if we + # ever decide to make any of them contingent on USE flags: + # 1) protocols first. To see them all do + # 'grep SUPPORT_PROTOCOLS configure.ac' + # 2) --enable/disable options second. + # 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort + # 3) --with/without options third. + # grep -- --with configure | grep Check | awk '{ print $4 }' | sort + + myconf+=( + $(use_enable alt-svc) + --enable-basic-auth + --enable-bearer-auth + --enable-digest-auth + --enable-kerberos-auth + --enable-negotiate-auth + --enable-aws + --enable-dict + --disable-ech + --enable-file + $(use_enable ftp) + $(use_enable gopher) + $(use_enable hsts) + --enable-http + $(use_enable imap) + $(use_enable ldap) + $(use_enable ldap ldaps) + --enable-ntlm + --disable-ntlm-wb + $(use_enable pop3) + --enable-rt + --enable-rtsp + $(use_enable samba smb) + $(use_with ssh libssh2) + $(use_enable smtp) + $(use_enable telnet) + $(use_enable tftp) + --enable-tls-srp + $(use_enable adns ares) + --enable-cookies + --enable-dateparse + --enable-dnsshuffle + --enable-doh + --enable-symbol-hiding + --enable-http-auth + --enable-ipv6 + --enable-largefile + --enable-manual + --enable-mime + --enable-netrc + $(use_enable progress-meter) + --enable-proxy + --enable-socketpair + --disable-sspi + $(use_enable static-libs static) + --enable-pthreads + --enable-threaded-resolver + --disable-versioned-symbols + --without-amissl + --without-bearssl + $(use_with brotli) + --with-fish-functions-dir="${EPREFIX}"/usr/share/fish/vendor_completions.d + $(use_with http2 nghttp2) + --without-hyper + $(use_with idn libidn2) + $(use_with kerberos gssapi "${EPREFIX}"/usr) + --without-libgsasl + --without-libpsl + --without-msh3 + $(use_with nghttp3) + $(use_with nghttp3 ngtcp2) + --without-quiche + $(use_with rtmp librtmp) + --without-schannel + --without-secure-transport + --without-test-caddy + --without-test-httpd + --without-test-nghttpx + $(use_enable websockets) + --without-winidn + --without-wolfssl + --with-zlib + $(use_with zstd) + --with-zsh-functions-dir="${EPREFIX}"/usr/share/zsh/site-functions + ) + + if use test && multilib_is_native_abi && ( use http2 || use nghttp3 ); then + myconf+=( + --with-test-nghttpx="${BROOT}/usr/bin/nghttpx" + ) + fi + + if [[ ${CHOST} == *mingw* ]] ; then + myconf+=( + --disable-pthreads + ) + fi + + ECONF_SOURCE="${S}" econf "${myconf[@]}" + + if ! multilib_is_native_abi; then + # Avoid building the client (we just want libcurl for multilib) + sed -i -e '/SUBDIRS/s:src::' Makefile || die + sed -i -e '/SUBDIRS/s:scripts::' Makefile || die + fi + + # Fix up the pkg-config file to be more robust. + # https://github.com/curl/curl/issues/864 + local priv=() libs=() + # We always enable zlib. + libs+=( "-lz" ) + priv+=( "zlib" ) + if use http2; then + libs+=( "-lnghttp2" ) + priv+=( "libnghttp2" ) + fi + if use nghttp3; then + libs+=( "-lnghttp3" "-lngtcp2" ) + priv+=( "libnghttp3" "libngtcp2" ) + fi + if use ssl && use curl_ssl_openssl; then + libs+=( "-lssl" "-lcrypto" ) + priv+=( "openssl" ) + fi + grep -q Requires.private libcurl.pc && die "need to update ebuild" + libs=$(printf '|%s' "${libs[@]}") + sed -i -r \ + -e "/^Libs.private/s:(${libs#|})( |$)::g" \ + libcurl.pc || die + echo "Requires.private: ${priv[*]}" >> libcurl.pc || die +} + +multilib_src_compile() { + default + + if multilib_is_native_abi; then + # Shell completions + ! tc-is-cross-compiler && emake -C scripts + fi +} + +# There is also a pytest harness that tests for bugs in some very specific +# situations; we can rely on upstream for this rather than adding additional test deps. +multilib_src_test() { + # See https://github.com/curl/curl/blob/master/tests/runtests.pl#L5721 + # -n: no valgrind (unreliable in sandbox and doesn't work correctly on all arches) + # -v: verbose + # -a: keep going on failure (so we see everything which breaks, not just 1st test) + # -k: keep test files after completion + # -am: automake style TAP output + # -p: print logs if test fails + # Note: if needed, we can skip specific tests. See e.g. Fedora's packaging + # or just read https://github.com/curl/curl/tree/master/tests#run. + # Note: we don't run the testsuite for cross-compilation. + # Upstream recommend 7*nproc as a starting point for parallel tests, but + # this ends up breaking when nproc is huge (like -j80). + # The network sandbox causes tests 241 and 1083 to fail; these are typically skipped + # as most gentoo users don't have an 'ip6-localhost' + # Required deps for 1477 are not included in the release tarball for 8.5.0 + multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p -j$((2*$(makeopts_jobs))) !241 !1083 !1477" +} + +multilib_src_install() { + emake DESTDIR="${D}" install + + if multilib_is_native_abi; then + # Shell completions + ! tc-is-cross-compiler && emake -C scripts DESTDIR="${D}" install + fi +} + +multilib_src_install_all() { + einstalldocs + find "${ED}" -type f -name '*.la' -delete || die + rm -rf "${ED}"/etc/ || die +} diff --git a/net-misc/curl/curl-9999.ebuild b/net-misc/curl/curl-9999.ebuild index 7d87477bc1f1..5127f29241f5 100644 --- a/net-misc/curl/curl-9999.ebuild +++ b/net-misc/curl/curl-9999.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2023 Gentoo Authors +# Copyright 1999-2024 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=8 @@ -123,6 +123,7 @@ QA_CONFIG_IMPL_DECL_SKIP=( IoctlSocket mach_absolute_time setmode + _fseeki64 ) PATCHES=( diff --git a/net-misc/curl/files/curl-8.3.0-CVE-2023-38545.patch b/net-misc/curl/files/curl-8.3.0-CVE-2023-38545.patch deleted file mode 100644 index 04603a8c01dc..000000000000 --- a/net-misc/curl/files/curl-8.3.0-CVE-2023-38545.patch +++ /dev/null @@ -1,136 +0,0 @@ -https://bugs.gentoo.org/915195 - -From 1e1f915b73ab0895a68348ad1f96a5283a44ffd7 Mon Sep 17 00:00:00 2001 -From: Jay Satiro <raysatiro@yahoo.com> -Date: Mon, 9 Oct 2023 17:45:07 -0400 -Subject: [PATCH] socks: return error if hostname too long for remote resolve - -Prior to this change the state machine attempted to change the remote -resolve to a local resolve if the hostname was longer than 255 -characters. Unfortunately that did not work as intended and caused a -security issue. - -This patch applies to curl versions 8.2.0 - 8.3.0. Other versions -that are affected take a different patch. Refer to the CVE advisory -for more information. - -Bug: https://curl.se/docs/CVE-2023-38545.html ---- - lib/socks.c | 8 +++---- - tests/data/Makefile.inc | 2 +- - tests/data/test728 | 64 +++++++++++++++++++++++++++++++++++++++++++++++++ - 3 files changed, 69 insertions(+), 5 deletions(-) - create mode 100644 tests/data/test728 - -diff --git a/lib/socks.c b/lib/socks.c -index 25a3578..3d41c93 100644 ---- a/lib/socks.c -+++ b/lib/socks.c -@@ -588,9 +588,9 @@ static CURLproxycode do_SOCKS5(struct Curl_cfilter *cf, - - /* RFC1928 chapter 5 specifies max 255 chars for domain name in packet */ - if(!socks5_resolve_local && hostname_len > 255) { -- infof(data, "SOCKS5: server resolving disabled for hostnames of " -- "length > 255 [actual len=%zu]", hostname_len); -- socks5_resolve_local = TRUE; -+ failf(data, "SOCKS5: the destination hostname is too long to be " -+ "resolved remotely by the proxy."); -+ return CURLPX_LONG_HOSTNAME; - } - - if(auth & ~(CURLAUTH_BASIC | CURLAUTH_GSSAPI)) -@@ -904,7 +904,7 @@ CONNECT_RESOLVE_REMOTE: - } - else { - socksreq[len++] = 3; -- socksreq[len++] = (char) hostname_len; /* one byte address length */ -+ socksreq[len++] = (unsigned char) hostname_len; /* one byte length */ - memcpy(&socksreq[len], sx->hostname, hostname_len); /* w/o NULL */ - len += hostname_len; - } -diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc -index 8ee1394..3e2094e 100644 ---- a/tests/data/Makefile.inc -+++ b/tests/data/Makefile.inc -@@ -100,7 +100,7 @@ test679 test680 test681 test682 test683 test684 test685 test686 \ - \ - test700 test701 test702 test703 test704 test705 test706 test707 test708 \ - test709 test710 test711 test712 test713 test714 test715 test716 test717 \ --test718 test719 test720 test721 \ -+test718 test719 test720 test721 test728 \ - \ - test799 test800 test801 test802 test803 test804 test805 test806 test807 \ - test808 test809 test810 test811 test812 test813 test814 test815 test816 \ -diff --git a/tests/data/test728 b/tests/data/test728 -new file mode 100644 -index 0000000..05bcf28 ---- /dev/null -+++ b/tests/data/test728 -@@ -0,0 +1,64 @@ -+<testcase> -+<info> -+<keywords> -+HTTP -+HTTP GET -+SOCKS5 -+SOCKS5h -+followlocation -+</keywords> -+</info> -+ -+# -+# Server-side -+<reply> -+# The hostname in this redirect is 256 characters and too long (> 255) for -+# SOCKS5 remote resolve. curl must return error CURLE_PROXY in this case. -+<data> -+HTTP/1.1 301 Moved Permanently -+Location: http://AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/ -+Content-Length: 0 -+Connection: close -+ -+</data> -+</reply> -+ -+# -+# Client-side -+<client> -+<features> -+proxy -+</features> -+<server> -+http -+socks5 -+</server> -+ <name> -+SOCKS5h with HTTP redirect to hostname too long -+ </name> -+ <command> -+--no-progress-meter --location --proxy socks5h://%HOSTIP:%SOCKSPORT http://%HOSTIP:%HTTPPORT/%TESTNUMBER -+</command> -+</client> -+ -+# -+# Verify data after the test has been "shot" -+<verify> -+<protocol crlf="yes"> -+GET /%TESTNUMBER HTTP/1.1 -+Host: %HOSTIP:%HTTPPORT -+User-Agent: curl/%VERSION -+Accept: */* -+ -+</protocol> -+<errorcode> -+97 -+</errorcode> -+# the error message is verified because error code CURLE_PROXY (97) may be -+# returned for any number of reasons and we need to make sure it is -+# specifically for the reason below so that we know the check is working. -+<stderr mode="text"> -+curl: (97) SOCKS5: the destination hostname is too long to be resolved remotely by the proxy. -+</stderr> -+</verify> -+</testcase> --- -2.7.4 - diff --git a/net-misc/curl/files/curl-8.3.0-CVE-2023-38546.patch b/net-misc/curl/files/curl-8.3.0-CVE-2023-38546.patch deleted file mode 100644 index 615ab26cb2a8..000000000000 --- a/net-misc/curl/files/curl-8.3.0-CVE-2023-38546.patch +++ /dev/null @@ -1,131 +0,0 @@ -https://bugs.gentoo.org/915195 -https://github.com/curl/curl/commit/61275672b46d9abb3285740467b882e22ed75da8 - -From 61275672b46d9abb3285740467b882e22ed75da8 Mon Sep 17 00:00:00 2001 -From: Daniel Stenberg <daniel@haxx.se> -Date: Thu, 14 Sep 2023 23:28:32 +0200 -Subject: [PATCH] cookie: remove unnecessary struct fields - -Plus: reduce the hash table size from 256 to 63. It seems unlikely to -make much of a speed difference for most use cases but saves 1.5KB of -data per instance. - -Closes #11862 ---- - lib/cookie.c | 13 +------------ - lib/cookie.h | 13 ++++--------- - lib/easy.c | 4 +--- - 3 files changed, 6 insertions(+), 24 deletions(-) - -diff --git a/lib/cookie.c b/lib/cookie.c -index 4345a84c6fd9d..e39c89a94a960 100644 ---- a/lib/cookie.c -+++ b/lib/cookie.c -@@ -119,7 +119,6 @@ static void freecookie(struct Cookie *co) - free(co->name); - free(co->value); - free(co->maxage); -- free(co->version); - free(co); - } - -@@ -718,11 +717,7 @@ Curl_cookie_add(struct Curl_easy *data, - } - } - else if((nlen == 7) && strncasecompare("version", namep, 7)) { -- strstore(&co->version, valuep, vlen); -- if(!co->version) { -- badcookie = TRUE; -- break; -- } -+ /* just ignore */ - } - else if((nlen == 7) && strncasecompare("max-age", namep, 7)) { - /* -@@ -1160,7 +1155,6 @@ Curl_cookie_add(struct Curl_easy *data, - free(clist->path); - free(clist->spath); - free(clist->expirestr); -- free(clist->version); - free(clist->maxage); - - *clist = *co; /* then store all the new data */ -@@ -1224,9 +1218,6 @@ struct CookieInfo *Curl_cookie_init(struct Curl_easy *data, - c = calloc(1, sizeof(struct CookieInfo)); - if(!c) - return NULL; /* failed to get memory */ -- c->filename = strdup(file?file:"none"); /* copy the name just in case */ -- if(!c->filename) -- goto fail; /* failed to get memory */ - /* - * Initialize the next_expiration time to signal that we don't have enough - * information yet. -@@ -1378,7 +1369,6 @@ static struct Cookie *dup_cookie(struct Cookie *src) - CLONE(name); - CLONE(value); - CLONE(maxage); -- CLONE(version); - d->expires = src->expires; - d->tailmatch = src->tailmatch; - d->secure = src->secure; -@@ -1595,7 +1585,6 @@ void Curl_cookie_cleanup(struct CookieInfo *c) - { - if(c) { - unsigned int i; -- free(c->filename); - for(i = 0; i < COOKIE_HASH_SIZE; i++) - Curl_cookie_freelist(c->cookies[i]); - free(c); /* free the base struct as well */ -diff --git a/lib/cookie.h b/lib/cookie.h -index b3c0063b2cfb2..41e9e7a6914e0 100644 ---- a/lib/cookie.h -+++ b/lib/cookie.h -@@ -36,11 +36,7 @@ struct Cookie { - char *domain; /* domain = <this> */ - curl_off_t expires; /* expires = <this> */ - char *expirestr; /* the plain text version */ -- -- /* RFC 2109 keywords. Version=1 means 2109-compliant cookie sending */ -- char *version; /* Version = <value> */ - char *maxage; /* Max-Age = <value> */ -- - bool tailmatch; /* whether we do tail-matching of the domain name */ - bool secure; /* whether the 'secure' keyword was used */ - bool livecookie; /* updated from a server, not a stored file */ -@@ -56,17 +52,16 @@ struct Cookie { - #define COOKIE_PREFIX__SECURE (1<<0) - #define COOKIE_PREFIX__HOST (1<<1) - --#define COOKIE_HASH_SIZE 256 -+#define COOKIE_HASH_SIZE 63 - - struct CookieInfo { - /* linked list of cookies we know of */ - struct Cookie *cookies[COOKIE_HASH_SIZE]; -- char *filename; /* file we read from/write to */ -- long numcookies; /* number of cookies in the "jar" */ -+ curl_off_t next_expiration; /* the next time at which expiration happens */ -+ int numcookies; /* number of cookies in the "jar" */ -+ int lastct; /* last creation-time used in the jar */ - bool running; /* state info, for cookie adding information */ - bool newsession; /* new session, discard session cookies on load */ -- int lastct; /* last creation-time used in the jar */ -- curl_off_t next_expiration; /* the next time at which expiration happens */ - }; - - /* The maximum sizes we accept for cookies. RFC 6265 section 6.1 says -diff --git a/lib/easy.c b/lib/easy.c -index 16bbd35251d40..03195481f9780 100644 ---- a/lib/easy.c -+++ b/lib/easy.c -@@ -925,9 +925,7 @@ struct Curl_easy *curl_easy_duphandle(struct Curl_easy *data) - if(data->cookies) { - /* If cookies are enabled in the parent handle, we enable them - in the clone as well! */ -- outcurl->cookies = Curl_cookie_init(data, -- data->cookies->filename, -- outcurl->cookies, -+ outcurl->cookies = Curl_cookie_init(data, NULL, outcurl->cookies, - data->set.cookiesession); - if(!outcurl->cookies) - goto fail; diff --git a/net-misc/curl/files/curl-8.3.0-tests-arm-musl.patch b/net-misc/curl/files/curl-8.3.0-tests-arm-musl.patch deleted file mode 100644 index e07c13a04766..000000000000 --- a/net-misc/curl/files/curl-8.3.0-tests-arm-musl.patch +++ /dev/null @@ -1,115 +0,0 @@ -https://github.com/curl/curl/issues/11900 -https://github.com/curl/curl/commit/b226bd679a68b8bf94cbb6d58837f00251560e63 -https://github.com/curl/curl/commit/9c7165e96a3a9a2d0b7059c87c699b5ca8cdae93 - -From b226bd679a68b8bf94cbb6d58837f00251560e63 Mon Sep 17 00:00:00 2001 -From: Natanael Copa <ncopa@alpinelinux.org> -Date: Mon, 25 Sep 2023 13:03:26 +0200 -Subject: [PATCH] configure: sort AC_CHECK_FUNCS - -No functional changes. ---- - configure.ac | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/configure.ac b/configure.ac -index 2fc9f2f01783c..a6f9066a133a4 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -3583,8 +3583,10 @@ AC_CHECK_DECLS([getpwuid_r], [], [AC_DEFINE(HAVE_DECL_GETPWUID_R_MISSING, 1, "Se - #include <sys/types.h>]]) - - --AC_CHECK_FUNCS([fnmatch \ -+AC_CHECK_FUNCS([\ -+ arc4random \ - fchmod \ -+ fnmatch \ - fork \ - geteuid \ - getpass_r \ -@@ -3604,7 +3606,6 @@ AC_CHECK_FUNCS([fnmatch \ - snprintf \ - utime \ - utimes \ -- arc4random - ],[ - ],[ - func="$ac_func" - -From 9c7165e96a3a9a2d0b7059c87c699b5ca8cdae93 Mon Sep 17 00:00:00 2001 -From: Natanael Copa <ncopa@alpinelinux.org> -Date: Fri, 22 Sep 2023 13:58:49 +0000 -Subject: [PATCH] lib: use wrapper for curl_mime_data fseek callback - -fseek uses long offset which does not match with curl_off_t. This leads -to undefined behavior when calling the callback and caused failure on -arm 32 bit. - -Use a wrapper to solve this and use fseeko which uses off_t instead of -long. - -Thanks to the nice people at Libera IRC #musl for helping finding this -out. - -Fixes #11882 -Fixes #11900 -Closes #11918 ---- - configure.ac | 2 ++ - lib/formdata.c | 17 +++++++++++++++-- - 3 files changed, 20 insertions(+), 2 deletions(-) - -diff --git a/configure.ac b/configure.ac -index a6f9066a133a4..5fa7c45c47430 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -3584,10 +3584,12 @@ AC_CHECK_DECLS([getpwuid_r], [], [AC_DEFINE(HAVE_DECL_GETPWUID_R_MISSING, 1, "Se - - - AC_CHECK_FUNCS([\ -+ _fseeki64 \ - arc4random \ - fchmod \ - fnmatch \ - fork \ -+ fseeko \ - geteuid \ - getpass_r \ - getppid \ -diff --git a/lib/formdata.c b/lib/formdata.c -index 8984b63223cc0..f370ce6854b5f 100644 ---- a/lib/formdata.c -+++ b/lib/formdata.c -@@ -789,6 +789,20 @@ static CURLcode setname(curl_mimepart *part, const char *name, size_t len) - return res; - } - -+/* wrap call to fseeko so it matches the calling convetion of callback */ -+static int fseeko_wrapper(void *stream, curl_off_t offset, int whence) -+{ -+#if defined(HAVE_FSEEKO) -+ return fseeko(stream, (off_t)offset, whence); -+#elif defined(HAVE__FSEEKI64) -+ return _fseeki64(stream, (__int64)offset, whence); -+#else -+ if(offset > LONG_MAX) -+ return -1; -+ return fseek(stream, (long)offset, whence); -+#endif -+} -+ - /* - * Curl_getformdata() converts a linked list of "meta data" into a mime - * structure. The input list is in 'post', while the output is stored in -@@ -874,8 +888,7 @@ CURLcode Curl_getformdata(struct Curl_easy *data, - compatibility: use of "-" pseudo file name should be avoided. */ - result = curl_mime_data_cb(part, (curl_off_t) -1, - (curl_read_callback) fread, -- CURLX_FUNCTION_CAST(curl_seek_callback, -- fseek), -+ fseeko_wrapper, - NULL, (void *) stdin); - } - else - diff --git a/net-misc/curl/files/curl-8.5.0-ipv6-configure-c99.patch b/net-misc/curl/files/curl-8.5.0-ipv6-configure-c99.patch new file mode 100644 index 000000000000..68830f8f4717 --- /dev/null +++ b/net-misc/curl/files/curl-8.5.0-ipv6-configure-c99.patch @@ -0,0 +1,31 @@ +https://github.com/curl/curl/commit/ae75db3527461248b0a7b1686df52200d28d83b9 + +From ae75db3527461248b0a7b1686df52200d28d83b9 Mon Sep 17 00:00:00 2001 +From: annalee <150648636+a-n-n-a-l-e-e@users.noreply.github.com> +Date: Fri, 29 Dec 2023 05:43:33 +0000 +Subject: [PATCH] configure: fix no default int compile error in ipv6 detection + +Closes #12607 +--- a/configure.ac ++++ b/configure.ac +@@ -1655,15 +1655,12 @@ AS_HELP_STRING([--disable-ipv6],[Disable IPv6 support]), + # include <netinet/in6.h> + #endif + #endif +-#include <stdlib.h> /* for exit() */ +-main() ++ ++int main(void) + { + struct sockaddr_in6 s; + (void)s; +- if (socket(AF_INET6, SOCK_STREAM, 0) < 0) +- exit(1); +- else +- exit(0); ++ return socket(AF_INET6, SOCK_STREAM, 0) < 0; + } + ]]) + ], + + diff --git a/net-misc/curl/files/curl-8.5.0-mpd-stream-http-adjust_pollset.patch b/net-misc/curl/files/curl-8.5.0-mpd-stream-http-adjust_pollset.patch new file mode 100644 index 000000000000..79a16a2cc7b4 --- /dev/null +++ b/net-misc/curl/files/curl-8.5.0-mpd-stream-http-adjust_pollset.patch @@ -0,0 +1,69 @@ +https://github.com/MusicPlayerDaemon/MPD/issues/1952 +https://github.com/curl/curl/issues/12632 +https://github.com/curl/curl/commit/8e2d7b9fa4264b94bd1d9838c84d16e4cd33fbea + +From 8e2d7b9fa4264b94bd1d9838c84d16e4cd33fbea Mon Sep 17 00:00:00 2001 +From: Stefan Eissing <stefan@eissing.org> +Date: Thu, 4 Jan 2024 10:06:17 +0100 +Subject: [PATCH] http: adjust_pollset fix + +do not add a socket for POLLIN when the transfer does not want to send +(for example is paused). + +Follow-up to 47f5b1a + +Reported-by: bubbleguuum on github +Fixes #12632 +Closes #12633 +--- a/lib/cf-socket.c ++++ b/lib/cf-socket.c +@@ -1243,7 +1243,7 @@ static void cf_socket_adjust_pollset(struct Curl_cfilter *cf, + if(ctx->sock != CURL_SOCKET_BAD) { + if(!cf->connected) + Curl_pollset_set_out_only(data, ps, ctx->sock); +- else ++ else if(CURL_WANT_RECV(data)) + Curl_pollset_add_in(data, ps, ctx->sock); + CURL_TRC_CF(data, cf, "adjust_pollset -> %d socks", ps->num); + } +--- a/lib/http2.c ++++ b/lib/http2.c +@@ -2341,8 +2341,8 @@ static void cf_h2_adjust_pollset(struct Curl_cfilter *cf, + bool c_exhaust, s_exhaust; + + CF_DATA_SAVE(save, cf, data); +- c_exhaust = !nghttp2_session_get_remote_window_size(ctx->h2); +- s_exhaust = stream && stream->id >= 0 && ++ c_exhaust = want_send && !nghttp2_session_get_remote_window_size(ctx->h2); ++ s_exhaust = want_send && stream && stream->id >= 0 && + !nghttp2_session_get_stream_remote_window_size(ctx->h2, + stream->id); + want_recv = (want_recv || c_exhaust || s_exhaust); +--- a/lib/vquic/curl_ngtcp2.c ++++ b/lib/vquic/curl_ngtcp2.c +@@ -1166,9 +1166,10 @@ static void cf_ngtcp2_adjust_pollset(struct Curl_cfilter *cf, + bool c_exhaust, s_exhaust; + + CF_DATA_SAVE(save, cf, data); +- c_exhaust = !ngtcp2_conn_get_cwnd_left(ctx->qconn) || +- !ngtcp2_conn_get_max_data_left(ctx->qconn); +- s_exhaust = stream && stream->id >= 0 && stream->quic_flow_blocked; ++ c_exhaust = want_send && (!ngtcp2_conn_get_cwnd_left(ctx->qconn) || ++ !ngtcp2_conn_get_max_data_left(ctx->qconn)); ++ s_exhaust = want_send && stream && stream->id >= 0 && ++ stream->quic_flow_blocked; + want_recv = (want_recv || c_exhaust || s_exhaust); + want_send = (!s_exhaust && want_send) || + !Curl_bufq_is_empty(&ctx->q.sendbuf); +--- a/lib/vquic/curl_quiche.c ++++ b/lib/vquic/curl_quiche.c +@@ -1189,7 +1189,7 @@ static void cf_quiche_adjust_pollset(struct Curl_cfilter *cf, + + c_exhaust = FALSE; /* Have not found any call in quiche that tells + us if the connection itself is blocked */ +- s_exhaust = stream && stream->id >= 0 && ++ s_exhaust = want_send && stream && stream->id >= 0 && + (stream->quic_flow_blocked || !stream_is_writeable(cf, data)); + want_recv = (want_recv || c_exhaust || s_exhaust); + want_send = (!s_exhaust && want_send) || + |