summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--net-misc/curl/Manifest9
-rw-r--r--net-misc/curl/curl-7.17.1.ebuild115
-rw-r--r--net-misc/curl/files/curl-7.15-strip-ldflags.patch20
-rw-r--r--net-misc/curl/files/curl-7.15.1-test62.patch15
-rw-r--r--net-misc/curl/files/curl-7.16.2-strip-ldflags.patch24
-rw-r--r--net-misc/curl/files/curl-7.17.0-strip-ldflags.patch24
-rw-r--r--net-misc/curl/files/curl-7.17.1-null-handler-segfault.patch69
-rw-r--r--net-misc/curl/files/curl-correct-gnutls-madness.patch70
-rw-r--r--net-misc/curl/files/libcurl-gnutlscert.patch51
9 files changed, 397 insertions, 0 deletions
diff --git a/net-misc/curl/Manifest b/net-misc/curl/Manifest
new file mode 100644
index 00000000..22d029fb
--- /dev/null
+++ b/net-misc/curl/Manifest
@@ -0,0 +1,9 @@
+AUX curl-7.15-strip-ldflags.patch 636 RMD160 da2a9e8137eb71f0d077d66b9e1580235027f537 SHA1 b8ab23f437d09be49a8f368be8b1822432ab2a93 SHA256 b86804e3a9e3ba9d841e85b2832dc1323dd52895e1b533d0a5782ab668a9609f
+AUX curl-7.15.1-test62.patch 673 RMD160 4f9bd6355cc2289755892ae4142f9853b870a50a SHA1 4c2a0312d9f07ef42493a7138954cab53e8a7d9d SHA256 907e23481083da32f2f85d586067d1f51e3eddc1dd11157c70a2573bea66eec1
+AUX curl-7.16.2-strip-ldflags.patch 844 RMD160 2a4efcf28a438fb8a397f40ff75a49e78f77b4e8 SHA1 abb778120ef4f928f6a0bf4616f7e489768f044c SHA256 f1ae7d976648287b6b083c76b1fa87eb43850396831f43ac33c3e60c3e729ed6
+AUX curl-7.17.0-strip-ldflags.patch 796 RMD160 1bcb5af41c63b0afb7758e3c4c8f9bea5e52c29c SHA1 c63330a3505adb684dd2f1cfa89eae5159cb9cc6 SHA256 f3892c3d2a16f96319fd11cb516f66b5df0ece18ca8271cf3b9c1f286e9b5d73
+AUX curl-7.17.1-null-handler-segfault.patch 2560 RMD160 3f1ce2cab67588b132fa6ad30e49f887e6d16f0a SHA1 e6b20baa6306b26c3dc8ffe78fc0d34c5b531b1b SHA256 6f696c4b1d6ae216225fb2cd9e95527d7513872aae06abef05c35758a3d30887
+AUX curl-correct-gnutls-madness.patch 3084 RMD160 5471e25480fe023efbbce3e65b9edd4868323c6d SHA1 cbc26c0c4d4bd611696a6d7332565b66ce507952 SHA256 466079b63f47a630757063e86e2c44ddd586636756f698f5ab2316395f0863dd
+AUX libcurl-gnutlscert.patch 1498 RMD160 286859e0870c6e5aa21047b28b2c256f7b7bfffe SHA1 6ef8e0887431e62328cc020cad5fb10673336ad3 SHA256 4b0a9db99ddc698c39484a95cba1f52c0dc17ed34f2d7e1dd780f925bf21761b
+DIST curl-7.17.1.tar.bz2 1721551 RMD160 8ab8dc7a33a5265dfe25eb0725248c3cd6519510 SHA1 ad34b9386e7fd1c8f2a8025e2716a8047b194970 SHA256 7f668ec49506ffc968a54fde9404183212bb40b226626e9417d941594e06e57b
+EBUILD curl-7.17.1.ebuild 3438 RMD160 d5c59f4dc7b55d138058b28912e4305e4e643238 SHA1 250dadf1b03d3fdda49f23aaa89082d2edca1000 SHA256 4cca27e9fb9a4ff92fcf7337e60901f4f63b9967410dc08c9201c1a9989d9050
diff --git a/net-misc/curl/curl-7.17.1.ebuild b/net-misc/curl/curl-7.17.1.ebuild
new file mode 100644
index 00000000..43d6c7cb
--- /dev/null
+++ b/net-misc/curl/curl-7.17.1.ebuild
@@ -0,0 +1,115 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/curl/curl-7.17.1.ebuild,v 1.6 2008/02/10 09:12:28 dertobi123 Exp $
+
+# NOTE: If you bump this ebuild, make sure you bump dev-python/pycurl!
+
+inherit libtool eutils
+
+#MY_P=${P/_pre/-}
+DESCRIPTION="A Client that groks URLs"
+HOMEPAGE="http://curl.haxx.se/ http://curl.planetmirror.com"
+#SRC_URI="http://cool.haxx.se/curl-daily/${MY_P}.tar.bz2"
+SRC_URI="http://curl.planetmirror.com/download/${P}.tar.bz2"
+
+LICENSE="MIT X11"
+SLOT="0"
+KEYWORDS="alpha amd64 ~arm hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc ~sparc-fbsd x86 ~x86-fbsd"
+IUSE="ssl ipv6 ldap ares gnutls nss idn kerberos test"
+#IUSE="ssl ipv6 ldap ares gnutls libssh2 nss idn kerberos test"
+
+RDEPEND="gnutls? ( net-libs/gnutls app-misc/ca-certificates )
+ nss? ( !gnutls? ( dev-libs/nss app-misc/ca-certificates ) )
+ ssl? ( !gnutls? ( !nss? ( dev-libs/openssl app-misc/ca-certificates ) ) )
+ ldap? ( net-nds/openldap )
+ idn? ( net-dns/libidn )
+ ares? ( >=net-dns/c-ares-1.4.0 )
+ kerberos? ( virtual/krb5 )"
+# libssh2? ( >=net-libs/libssh2-0.16 )"
+
+# net-libs/libssh2 (masked) --with-libssh2
+# fbopenssl (not in gentoo) --with-spnego
+# krb4 http://web.mit.edu/kerberos/www/krb4-end-of-life.html
+
+DEPEND="${RDEPEND}
+ test? (
+ sys-apps/diffutils
+ dev-lang/perl
+ )"
+# used - but can do without in self test: net-misc/stunnel
+#S="${WORKDIR}"/${MY_P}
+
+src_unpack() {
+ unpack ${A}
+ cd "${S}"
+# epatch "${FILESDIR}"/${P}-strip-ldflags.patch
+ epatch "${FILESDIR}"/curl-7.16.2-strip-ldflags.patch
+ epatch "${FILESDIR}"/${P}-null-handler-segfault.patch
+ eptach "${FILESDIR}"/curl-correct-gnutls-madness.patch
+ elibtoolize
+}
+
+src_compile() {
+
+ myconf="$(use_enable ldap)
+ $(use_with idn libidn)
+ $(use_enable kerberos gssapi)
+ $(use_enable ipv6)
+ --enable-http
+ --enable-ftp
+ --enable-gopher
+ --enable-file
+ --enable-dict
+ --enable-manual
+ --enable-telnet
+ --enable-nonblocking
+ --enable-largefile
+ --enable-maintainer-mode
+ --disable-sspi
+ --with-ca-bundle=/etc/ssl/certs/ca-certificates.crt
+ --without-krb4
+ --without-libssh2
+ --without-spnego"
+# $(use_with libssh2)
+
+ if use ipv6 && use ares; then
+ elog "c-ares support disabled because it is incompatible with ipv6."
+ myconf="${myconf} --disable-ares"
+ else
+ myconf="${myconf} $(use_enable ares)"
+ fi
+
+ if use gnutls; then
+ myconf="${myconf} --without-ssl --with-gnutls --without-nss"
+ elif use nss; then
+ myconf="${myconf} --without-ssl --without-gnutls --with-nss"
+ elif use ssl; then
+ myconf="${myconf} --without-gnutls --without-nss --with-ssl"
+ else
+ myconf="${myconf} --without-gnutls --without-nss --without-ssl"
+ fi
+
+ econf ${myconf} || die 'configure failed'
+ emake || die "install failed for current version"
+}
+
+src_install() {
+ emake DESTDIR="${D}" install || die "installed failed for current version"
+ rm -rf "${D}"/etc/
+
+ # https://sourceforge.net/tracker/index.php?func=detail&aid=1705197&group_id=976&atid=350976
+ insinto /usr/share/aclocal
+ doins docs/libcurl/libcurl.m4
+
+ dodoc CHANGES README
+ dodoc docs/FEATURES docs/INTERNALS
+ dodoc docs/MANUAL docs/FAQ docs/BUGS docs/CONTRIBUTE
+}
+
+pkg_postinst() {
+ if [[ -e "${ROOT}"/usr/$(get_libdir)/libcurl.so.3 ]] ; then
+ elog "You must re-compile all packages that are linked against"
+ elog "curl-7.15.* by using revdep-rebuild from gentoolkit:"
+ elog "# revdep-rebuild --library libcurl.so.3"
+ fi
+}
diff --git a/net-misc/curl/files/curl-7.15-strip-ldflags.patch b/net-misc/curl/files/curl-7.15-strip-ldflags.patch
new file mode 100644
index 00000000..5c5999ae
--- /dev/null
+++ b/net-misc/curl/files/curl-7.15-strip-ldflags.patch
@@ -0,0 +1,20 @@
+--- curl-7.15.4/curl-config.in 2006-05-02 23:48:22.000000000 +0100
++++ curl-7.15.4/curl-config.in 2006-07-17 12:32:59.000000000 +0100
+@@ -181,7 +181,7 @@
+ ;;
+
+ --libs)
+- echo -L@libdir@ -lcurl @LDFLAGS@ @LIBS@
++ echo -L@libdir@ -lcurl @LIBS@
+ ;;
+
+ *)
+--- curl-7.15.4/libcurl.pc.in 2004-12-11 18:46:40.000000000 +0000
++++ curl-7.15.4/libcurl.pc.in 2006-07-17 12:33:10.000000000 +0100
+@@ -6,5 +6,5 @@
+ Name: libcurl
+ Description: Library to transfer files with ftp, http, etc.
+ Version: @VERSION@
+-Libs: -L${libdir} -lcurl @LDFLAGS@ @LIBS@
++Libs: -L${libdir} -lcurl @LIBS@
+ Cflags: -I${includedir}
diff --git a/net-misc/curl/files/curl-7.15.1-test62.patch b/net-misc/curl/files/curl-7.15.1-test62.patch
new file mode 100644
index 00000000..15ec3637
--- /dev/null
+++ b/net-misc/curl/files/curl-7.15.1-test62.patch
@@ -0,0 +1,15 @@
+--- curl-7.15.5/tests/data/test62.orig 2007-02-11 13:56:10.000000000 +1100
++++ curl-7.15.5/tests/data/test62 2007-02-11 14:01:18.000000000 +1100
+@@ -32,9 +32,9 @@
+ # http://www.netscape.com/newsref/std/cookie_spec.html
+ # This file was generated by libcurl! Edit at your own risk.
+
+-.foo.com TRUE /we/want/ FALSE 1170327387 test yes
+-.host.foo.com TRUE /we/want/ FALSE 1170327387 test2 yes
+-.fake.host.foo.com TRUE /we/want/ FALSE 1170327387 test4 yes
++.foo.com TRUE /we/want/ FALSE 1577802600 test yes
++.host.foo.com TRUE /we/want/ FALSE 1577802600 test2 yes
++.fake.host.foo.com TRUE /we/want/ FALSE 1577802600 test4 yes
+
+ .foo.com TRUE /moo TRUE 0 test3 maybe
+ </file>
diff --git a/net-misc/curl/files/curl-7.16.2-strip-ldflags.patch b/net-misc/curl/files/curl-7.16.2-strip-ldflags.patch
new file mode 100644
index 00000000..1c33fc5f
--- /dev/null
+++ b/net-misc/curl/files/curl-7.16.2-strip-ldflags.patch
@@ -0,0 +1,24 @@
+--- curl-7.16.2/libcurl.pc.in.orig 2007-04-14 10:11:14.000000000 +1000
++++ curl-7.16.2/libcurl.pc.in 2007-04-14 10:11:26.000000000 +1000
+@@ -33,6 +33,6 @@
+ URL: http://curl.haxx.se/
+ Description: Library to transfer files with ftp, http, etc.
+ Version: @VERSION@
+-Libs: -L${libdir} -lcurl @LDFLAGS@ @LIBS@
++Libs: -L${libdir} -lcurl @LIBS@
+ Libs.private: @LIBCURL_LIBS@ @LIBS@
+ Cflags: -I${includedir}
+--- curl-7.16.3/curl-config.in.orig 2007-06-28 22:22:51.000000000 +1000
++++ curl-7.16.3/curl-config.in 2007-06-28 22:23:10.000000000 +1000
+@@ -187,9 +187,9 @@
+ CURLLIBDIR=""
+ fi
+ if test "X@REQUIRE_LIB_DEPS@" = "Xyes"; then
+- echo ${CURLLIBDIR}-lcurl @LDFLAGS@ @LIBCURL_LIBS@ @LIBS@
++ echo ${CURLLIBDIR}-lcurl @LIBCURL_LIBS@ @LIBS@
+ else
+- echo ${CURLLIBDIR}-lcurl @LDFLAGS@ @LIBS@
++ echo ${CURLLIBDIR}-lcurl @LIBS@
+ fi
+ ;;
+
diff --git a/net-misc/curl/files/curl-7.17.0-strip-ldflags.patch b/net-misc/curl/files/curl-7.17.0-strip-ldflags.patch
new file mode 100644
index 00000000..ac11500a
--- /dev/null
+++ b/net-misc/curl/files/curl-7.17.0-strip-ldflags.patch
@@ -0,0 +1,24 @@
+--- libcurl.pc.in.orig 2007-09-14 07:36:31.000000000 +1000
++++ libcurl.pc.in 2007-09-14 07:36:49.000000000 +1000
+@@ -33,6 +33,6 @@
+ URL: http://curl.haxx.se/
+ Description: Library to transfer files with ftp, http, etc.
+ Version: @VERSION@
+-Libs: -L${libdir} -lcurl @LDFLAGS@ @LIBS@
++Libs: -L${libdir} -lcurl @LIBS@
+ Libs.private: @LIBCURL_LIBS@ @LIBS@
+ Cflags: -I${includedir}
+--- curl-config.in.orig 2007-09-14 07:36:18.000000000 +1000
++++ curl-config.in 2007-09-14 07:37:14.000000000 +1000
+@@ -187,9 +187,9 @@
+ CURLLIBDIR=""
+ fi
+ if test "X@REQUIRE_LIB_DEPS@" = "Xyes"; then
+- echo ${CURLLIBDIR}-lcurl @LDFLAGS@ @LIBCURL_LIBS@ @LIBS@
++ echo ${CURLLIBDIR}-lcurl @LIBCURL_LIBS@ @LIBS@
+ else
+- echo ${CURLLIBDIR}-lcurl @LDFLAGS@ @LIBS@
++ echo ${CURLLIBDIR}-lcurl @LIBS@
+ fi
+ ;;
+
diff --git a/net-misc/curl/files/curl-7.17.1-null-handler-segfault.patch b/net-misc/curl/files/curl-7.17.1-null-handler-segfault.patch
new file mode 100644
index 00000000..0d3b766e
--- /dev/null
+++ b/net-misc/curl/files/curl-7.17.1-null-handler-segfault.patch
@@ -0,0 +1,69 @@
+Segfault in CURL (used from PHP)
+Found by Robin H. Johnson <robbat2@gentoo.org>
+This was because of an invalid URL: /hash/597cfbe5740d2bf91eb4b037e6750bacd76d3729/added
+
+#0 0x00002b33e61ba166 in Curl_disconnect (conn=0xe46210) at url.c:2077
+2077 if(conn->handler->disconnect)
+(gdb) print conn->handler
+$1 = (const struct Curl_handler *) 0x0
+(gdb) bt full
+#0 0x00002b33e61ba166 in Curl_disconnect (conn=0xe46210) at url.c:2077
+ data = (struct SessionHandle *) 0xe363d0
+#1 0x00002b33e61bc27e in Curl_connect (data=0xe363d0, in_connect=0x7fffc6067818, asyncp=0x7fffc6067827, protocol_done=0x7fffc6067826) at url.c:4255
+ connected = false
+ code = CURLE_OK
+ dns = (struct Curl_dns_entry *) 0x0
+#2 0x00002b33e61c67db in Curl_perform (data=0xe363d0) at transfer.c:2333
+ res = CURLE_OK
+ res2 = <value optimized out>
+ conn = (struct connectdata *) 0xe46210
+ newurl = 0x0
+ retry = 232
+#3 0x0000000000472005 in zif_curl_exec ()
+#4 0x000000000061bd42 in ?? ()
+#5 0x000000000061ae23 in execute ()
+#6 0x000000000061b815 in ?? ()
+#7 0x000000000061ae23 in execute ()
+#8 0x00000000005fcef3 in zend_execute_scripts ()
+#9 0x00000000005bd468 in php_execute_script ()
+#10 0x00000000006791ab in main ()
+
+diff -Nuar curl-7.17.1-20071013.orig/lib/url.c curl-7.17.1-20071013/lib/url.c
+--- curl-7.17.1-20071013.orig/lib/url.c 2007-10-13 02:00:02.000000000 +0000
++++ curl-7.17.1-20071013/lib/url.c 2007-11-12 13:13:37.401514781 +0000
+@@ -2594,7 +2594,7 @@
+ curl_socket_t *socks,
+ int numsocks)
+ {
+- if(conn->handler->proto_getsock)
++ if(conn && conn->handler && conn->handler->proto_getsock)
+ return conn->handler->proto_getsock(conn, socks, numsocks);
+ return GETSOCK_BLANK;
+ }
+@@ -4325,7 +4325,7 @@
+ }
+
+ /* this calls the protocol-specific function pointer previously set */
+- if(conn->handler->done)
++ if(conn->handler && conn->handler->done)
+ result = conn->handler->done(conn, status, premature);
+ else
+ result = CURLE_OK;
+@@ -4378,7 +4378,7 @@
+ conn->bits.done = FALSE; /* Curl_done() is not called yet */
+ conn->bits.do_more = FALSE; /* by default there's no curl_do_more() to use */
+
+- if(conn->handler->do_it) {
++ if(conn->handler && conn->handler->do_it) {
+ /* generic protocol-specific function pointer set in curl_connect() */
+ result = conn->handler->do_it(conn, done);
+
+@@ -4441,7 +4441,7 @@
+ {
+ CURLcode result=CURLE_OK;
+
+- if(conn->handler->do_more)
++ if(conn->handler && conn->handler->do_more)
+ result = conn->handler->do_more(conn);
+
+ return result;
diff --git a/net-misc/curl/files/curl-correct-gnutls-madness.patch b/net-misc/curl/files/curl-correct-gnutls-madness.patch
new file mode 100644
index 00000000..a9aeec3b
--- /dev/null
+++ b/net-misc/curl/files/curl-correct-gnutls-madness.patch
@@ -0,0 +1,70 @@
+Index: gtls.c
+===================================================================
+RCS file: /cvsroot/curl/curl/lib/gtls.c,v
+retrieving revision 1.37
+diff -u -r1.37 gtls.c
+--- gtls.c 8 Feb 2008 22:02:00 -0000 1.37
++++ gtls.c 15 Feb 2008 22:32:45 -0000
+@@ -336,38 +336,42 @@
+
+ chainp = gnutls_certificate_get_peers(session, &cert_list_size);
+ if(!chainp) {
+- if(data->set.ssl.verifyhost) {
++ if(data->set.ssl.verifypeer) {
+ failf(data, "failed to get server cert");
+ return CURLE_PEER_FAILED_VERIFICATION;
+ }
+ infof(data, "\t common name: WARNING couldn't obtain\n");
+ }
+
+- /* This function will try to verify the peer's certificate and return its
+- status (trusted, invalid etc.). The value of status should be one or more
+- of the gnutls_certificate_status_t enumerated elements bitwise or'd. To
+- avoid denial of service attacks some default upper limits regarding the
+- certificate key size and chain size are set. To override them use
+- gnutls_certificate_set_verify_limits(). */
++ if(data->set.ssl.verifypeer) {
++ /* This function will try to verify the peer's certificate and return its
++ status (trusted, invalid etc.). The value of status should be one or
++ more of the gnutls_certificate_status_t enumerated elements bitwise
++ or'd. To avoid denial of service attacks some default upper limits
++ regarding the certificate key size and chain size are set. To override
++ them use gnutls_certificate_set_verify_limits(). */
+
+- rc = gnutls_certificate_verify_peers2(session, &verify_status);
+- if(rc < 0) {
+- failf(data, "server cert verify failed: %d", rc);
+- return CURLE_SSL_CONNECT_ERROR;
+- }
++ rc = gnutls_certificate_verify_peers2(session, &verify_status);
++ if(rc < 0) {
++ failf(data, "server cert verify failed: %d", rc);
++ return CURLE_SSL_CONNECT_ERROR;
++ }
+
+- /* verify_status is a bitmask of gnutls_certificate_status bits */
+- if(verify_status & GNUTLS_CERT_INVALID) {
+- if(data->set.ssl.verifypeer) {
+- failf(data, "server certificate verification failed. CAfile: %s",
+- data->set.ssl.CAfile?data->set.ssl.CAfile:"none");
+- return CURLE_SSL_CACERT;
++ /* verify_status is a bitmask of gnutls_certificate_status bits */
++ if(verify_status & GNUTLS_CERT_INVALID) {
++ if(data->set.ssl.verifypeer) {
++ failf(data, "server certificate verification failed. CAfile: %s",
++ data->set.ssl.CAfile?data->set.ssl.CAfile:"none");
++ return CURLE_SSL_CACERT;
++ }
++ else
++ infof(data, "\t server certificate verification FAILED\n");
+ }
+ else
+- infof(data, "\t server certificate verification FAILED\n");
++ infof(data, "\t server certificate verification OK\n");
+ }
+ else
+- infof(data, "\t server certificate verification OK\n");
++ infof(data, "\t server certificate verification SKIPPED\n");
+
+ /* initialize an X.509 certificate structure. */
+ gnutls_x509_crt_init(&x509_cert);
diff --git a/net-misc/curl/files/libcurl-gnutlscert.patch b/net-misc/curl/files/libcurl-gnutlscert.patch
new file mode 100644
index 00000000..f905701c
--- /dev/null
+++ b/net-misc/curl/files/libcurl-gnutlscert.patch
@@ -0,0 +1,51 @@
+Index: lib/gtls.c
+===================================================================
+RCS file: /cvsroot/curl/curl/lib/gtls.c,v
+retrieving revision 1.27
+diff -u -r1.27 gtls.c
+--- lib/gtls.c 28 Apr 2007 21:01:30 -0000 1.27
++++ lib/gtls.c 10 Jul 2007 20:27:43 -0000
+@@ -420,6 +420,43 @@
+ else
+ infof(data, "\t common name: %s (matched)\n", certbuf);
+
++ /* Check for time-based validity */
++ clock = gnutls_x509_crt_get_expiration_time(x509_cert);
++
++ if(clock == (time_t)-1) {
++ failf(data, "server cert expiration date verify failed");
++ return CURLE_SSL_CONNECT_ERROR;
++ }
++
++ if(clock < time(NULL)) {
++ if (data->set.ssl.verifypeer) {
++ failf(data, "server certificate expiration date has passed.");
++ return CURLE_SSL_PEER_CERTIFICATE;
++ }
++ else
++ infof(data, "\t server certificate expiration date FAILED\n");
++ }
++ else
++ infof(data, "\t server certificate expiration date OK\n");
++
++ clock = gnutls_x509_crt_get_activation_time(x509_cert);
++
++ if(clock == (time_t)-1) {
++ failf(data, "server cert activation date verify failed");
++ return CURLE_SSL_CONNECT_ERROR;
++ }
++
++ if(clock > time(NULL)) {
++ if (data->set.ssl.verifypeer) {
++ failf(data, "server certificate not activated yet.");
++ return CURLE_SSL_PEER_CERTIFICATE;
++ }
++ else
++ infof(data, "\t server certificate activation date FAILED\n");
++ }
++ else
++ infof(data, "\t server certificate activation date OK\n");
++
+ /* Show:
+
+ - ciphers used