-
Notifications
You must be signed in to change notification settings - Fork 2k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
net-misc/curl: drop ipv6 and quiche USE
Using quiche requires building cURL with the same SSL flavour as the quiche library (i.e. BoringSSL). This is currently unsupported on Gentoo. Drop `ipv6` USE; it doesn't require additional deps and `--ipv4` can be used at runtime to force connectivity in dual-stack configurations. Closes: https://bugs.gentoo.org/881711 Closes: https://bugs.gentoo.org/792234 Closes: https://bugs.gentoo.org/847451 Closes: https://bugs.gentoo.org/867985 Closes: https://bugs.gentoo.org/835851 Signed-off-by: Matt Jolly <Matt.Jolly@footclan.ninja>
- Loading branch information
Showing
1 changed file
with
290 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,290 @@ | ||
# Copyright 1999-2023 Gentoo Authors | ||
# Distributed under the terms of the GNU General Public License v2 | ||
|
||
EAPI="8" | ||
|
||
inherit autotools prefix multilib-minimal verify-sig | ||
|
||
DESCRIPTION="A Client that groks URLs" | ||
HOMEPAGE="https://curl.se/" | ||
SRC_URI="https://curl.se/download/${P}.tar.xz | ||
verify-sig? ( https://curl.se/download/${P}.tar.xz.asc )" | ||
|
||
LICENSE="curl" | ||
SLOT="0" | ||
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" | ||
IUSE="+adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp rustls samba +smtp ssh ssl sslv3 static-libs test telnet +tftp websockets zstd" | ||
IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_rustls" | ||
IUSE+=" nghttp3" | ||
VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc | ||
|
||
#Only one default ssl provider can be enabled | ||
REQUIRED_USE=" | ||
ssl? ( | ||
^^ ( | ||
curl_ssl_gnutls | ||
curl_ssl_mbedtls | ||
curl_ssl_nss | ||
curl_ssl_openssl | ||
curl_ssl_rustls | ||
) | ||
)" | ||
|
||
# lead to lots of false negatives, bug #285669 | ||
RESTRICT="!test? ( test )" | ||
|
||
RDEPEND="ldap? ( net-nds/openldap:=[${MULTILIB_USEDEP}] ) | ||
brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] ) | ||
ssl? ( | ||
gnutls? ( | ||
net-libs/gnutls:=[static-libs?,${MULTILIB_USEDEP}] | ||
dev-libs/nettle:=[${MULTILIB_USEDEP}] | ||
app-misc/ca-certificates | ||
) | ||
mbedtls? ( | ||
net-libs/mbedtls:=[${MULTILIB_USEDEP}] | ||
app-misc/ca-certificates | ||
) | ||
openssl? ( | ||
dev-libs/openssl:=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}] | ||
) | ||
nss? ( | ||
dev-libs/nss:0[${MULTILIB_USEDEP}] | ||
dev-libs/nss-pem | ||
app-misc/ca-certificates | ||
) | ||
rustls? ( | ||
net-libs/rustls-ffi:=[${MULTILIB_USEDEP}] | ||
) | ||
) | ||
http2? ( net-libs/nghttp2:=[${MULTILIB_USEDEP}] ) | ||
nghttp3? ( | ||
net-libs/nghttp3[${MULTILIB_USEDEP}] | ||
net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}] | ||
) | ||
idn? ( net-dns/libidn2:=[static-libs?,${MULTILIB_USEDEP}] ) | ||
adns? ( net-dns/c-ares:=[${MULTILIB_USEDEP}] ) | ||
kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) | ||
rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] ) | ||
ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] ) | ||
sys-libs/zlib[${MULTILIB_USEDEP}] | ||
zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )" | ||
|
||
DEPEND="${RDEPEND}" | ||
BDEPEND="dev-lang/perl | ||
virtual/pkgconfig | ||
test? ( | ||
sys-apps/diffutils | ||
) | ||
verify-sig? ( sec-keys/openpgp-keys-danielstenberg )" | ||
|
||
DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} ) | ||
|
||
MULTILIB_WRAPPED_HEADERS=( | ||
/usr/include/curl/curlbuild.h | ||
) | ||
|
||
MULTILIB_CHOST_TOOLS=( | ||
/usr/bin/curl-config | ||
) | ||
|
||
PATCHES=( | ||
"${FILESDIR}"/${PN}-7.30.0-prefix.patch | ||
"${FILESDIR}"/${PN}-respect-cflags-3.patch | ||
|
||
"${FILESDIR}"/${P}-gnutls-openssl-build.patch | ||
"${FILESDIR}"/${P}-typecheck-deprecated.patch | ||
) | ||
|
||
src_prepare() { | ||
default | ||
|
||
eprefixify curl-config.in | ||
eautoreconf | ||
} | ||
|
||
multilib_src_configure() { | ||
# We make use of the fact that later flags override earlier ones | ||
# So start with all ssl providers off until proven otherwise | ||
# TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/) | ||
local myconf=() | ||
|
||
myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt ) | ||
#myconf+=( --without-default-ssl-backend ) | ||
if use ssl ; then | ||
myconf+=( --without-gnutls --without-mbedtls --without-nss --without-rustls ) | ||
|
||
if use gnutls || use curl_ssl_gnutls; then | ||
einfo "SSL provided by gnutls" | ||
myconf+=( --with-gnutls ) | ||
fi | ||
if use mbedtls || use curl_ssl_mbedtls; then | ||
einfo "SSL provided by mbedtls" | ||
myconf+=( --with-mbedtls ) | ||
fi | ||
if use nss || use curl_ssl_nss; then | ||
einfo "SSL provided by nss" | ||
myconf+=( --with-nss --with-nss-deprecated ) | ||
fi | ||
if use openssl || use curl_ssl_openssl; then | ||
einfo "SSL provided by openssl" | ||
myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs ) | ||
fi | ||
if use rustls || use curl_ssl_rustls; then | ||
einfo "SSL provided by rustls" | ||
myconf+=( --with-rustls ) | ||
fi | ||
|
||
if use curl_ssl_gnutls; then | ||
einfo "Default SSL provided by gnutls" | ||
myconf+=( --with-default-ssl-backend=gnutls ) | ||
elif use curl_ssl_mbedtls; then | ||
einfo "Default SSL provided by mbedtls" | ||
myconf+=( --with-default-ssl-backend=mbedtls ) | ||
elif use curl_ssl_nss; then | ||
einfo "Default SSL provided by nss" | ||
myconf+=( --with-default-ssl-backend=nss ) | ||
elif use curl_ssl_openssl; then | ||
einfo "Default SSL provided by openssl" | ||
myconf+=( --with-default-ssl-backend=openssl ) | ||
elif use curl_ssl_rustls; then | ||
einfo "Default SSL provided by rustls" | ||
myconf+=( --with-default-ssl-backend=rustls ) | ||
else | ||
eerror "We can't be here because of REQUIRED_USE." | ||
fi | ||
|
||
else | ||
myconf+=( --without-ssl ) | ||
einfo "SSL disabled" | ||
fi | ||
|
||
# These configuration options are organized alphabetically | ||
# within each category. This should make it easier if we | ||
# ever decide to make any of them contingent on USE flags: | ||
# 1) protocols first. To see them all do | ||
# 'grep SUPPORT_PROTOCOLS configure.ac' | ||
# 2) --enable/disable options second. | ||
# 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort | ||
# 3) --with/without options third. | ||
# grep -- --with configure | grep Check | awk '{ print $4 }' | sort | ||
|
||
myconf+=( | ||
$(use_enable alt-svc) | ||
--enable-crypto-auth | ||
--enable-dict | ||
--disable-ech | ||
--enable-file | ||
$(use_enable ftp) | ||
$(use_enable gopher) | ||
$(use_enable hsts) | ||
--enable-http | ||
$(use_enable imap) | ||
$(use_enable ldap) | ||
$(use_enable ldap ldaps) | ||
--enable-ntlm | ||
--disable-ntlm-wb | ||
$(use_enable pop3) | ||
--enable-rt | ||
--enable-rtsp | ||
$(use_enable samba smb) | ||
$(use_with ssh libssh2) | ||
$(use_enable smtp) | ||
$(use_enable telnet) | ||
$(use_enable tftp) | ||
--enable-tls-srp | ||
$(use_enable adns ares) | ||
--enable-cookies | ||
--enable-dateparse | ||
--enable-dnsshuffle | ||
--enable-doh | ||
--enable-symbol-hiding | ||
--enable-http-auth | ||
--enable-ipv6 | ||
--enable-largefile | ||
--enable-manual | ||
--enable-mime | ||
--enable-netrc | ||
$(use_enable progress-meter) | ||
--enable-proxy | ||
--disable-sspi | ||
$(use_enable static-libs static) | ||
--enable-pthreads | ||
--enable-threaded-resolver | ||
--disable-versioned-symbols | ||
--without-amissl | ||
--without-bearssl | ||
$(use_with brotli) | ||
--without-fish-functions-dir | ||
$(use_with http2 nghttp2) | ||
--without-hyper | ||
$(use_with idn libidn2) | ||
$(use_with kerberos gssapi "${EPREFIX}"/usr) | ||
--without-libgsasl | ||
--without-libpsl | ||
--without-msh3 | ||
$(use_with nghttp3) | ||
$(use_with nghttp3 ngtcp2) | ||
--without-quiche | ||
$(use_with rtmp librtmp) | ||
--without-schannel | ||
--without-secure-transport | ||
$(use_enable websockets) | ||
--without-winidn | ||
--without-wolfssl | ||
--with-zlib | ||
$(use_with zstd) | ||
) | ||
|
||
ECONF_SOURCE="${S}" econf "${myconf[@]}" | ||
|
||
if ! multilib_is_native_abi; then | ||
# avoid building the client | ||
sed -i -e '/SUBDIRS/s:src::' Makefile || die | ||
sed -i -e '/SUBDIRS/s:scripts::' Makefile || die | ||
fi | ||
|
||
# Fix up the pkg-config file to be more robust. | ||
# https://github.com/curl/curl/issues/864 | ||
local priv=() libs=() | ||
# We always enable zlib. | ||
libs+=( "-lz" ) | ||
priv+=( "zlib" ) | ||
if use http2; then | ||
libs+=( "-lnghttp2" ) | ||
priv+=( "libnghttp2" ) | ||
fi | ||
if use nghttp3; then | ||
libs+=( "-lnghttp3" "-lngtcp2" ) | ||
priv+=( "libnghttp3" "libngtcp2" ) | ||
fi | ||
if use ssl && use curl_ssl_openssl; then | ||
libs+=( "-lssl" "-lcrypto" ) | ||
priv+=( "openssl" ) | ||
fi | ||
grep -q Requires.private libcurl.pc && die "need to update ebuild" | ||
libs=$(printf '|%s' "${libs[@]}") | ||
sed -i -r \ | ||
-e "/^Libs.private/s:(${libs#|})( |$)::g" \ | ||
libcurl.pc || die | ||
echo "Requires.private: ${priv[*]}" >> libcurl.pc || die | ||
} | ||
|
||
multilib_src_test() { | ||
# See https://github.com/curl/curl/blob/master/tests/runtests.pl#L5721 | ||
# -n: no valgrind (unreliable in sandbox and doesn't work correctly on all arches) | ||
# -v: verbose | ||
# -a: keep going on failure (so we see everything which breaks, not just 1st test) | ||
# -k: keep test files after completion | ||
# -am: automake style TAP output | ||
# -p: print logs if test fails | ||
# Note: if needed, we can disable tests. See e.g. Fedora's packaging | ||
# or just read https://github.com/curl/curl/tree/master/tests#run. | ||
multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p" | ||
} | ||
|
||
multilib_src_install_all() { | ||
einstalldocs | ||
find "${ED}" -type f -name '*.la' -delete || die | ||
rm -rf "${ED}"/etc/ || die | ||
} |