summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAnthony G. Basile <blueness@gentoo.org>2012-10-18 18:16:20 +0000
committerAnthony G. Basile <blueness@gentoo.org>2012-10-18 18:16:20 +0000
commit0f8b92d1762a4f4babab4a2ff9a82c450dd4cb1b (patch)
tree436bca285240b2a85194dd15fb7d0ba13e76599b /net-misc/curl
parent[bump] dev-perl/DateTime-TimeZone-1.510.0 (diff)
downloadgentoo-2-0f8b92d1762a4f4babab4a2ff9a82c450dd4cb1b.tar.gz
gentoo-2-0f8b92d1762a4f4babab4a2ff9a82c450dd4cb1b.tar.bz2
gentoo-2-0f8b92d1762a4f4babab4a2ff9a82c450dd4cb1b.zip
Patch to fix git/curl over http/https with auth, bug #438718
(Portage version: 2.1.11.9/cvs/Linux x86_64)
Diffstat (limited to 'net-misc/curl')
-rw-r--r--net-misc/curl/ChangeLog8
-rw-r--r--net-misc/curl/curl-7.28.0-r1.ebuild207
-rw-r--r--net-misc/curl/files/curl-7.28.0-fix-http-auth.patch22
3 files changed, 236 insertions, 1 deletions
diff --git a/net-misc/curl/ChangeLog b/net-misc/curl/ChangeLog
index 55c8b7573475..1a3b781bc027 100644
--- a/net-misc/curl/ChangeLog
+++ b/net-misc/curl/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for net-misc/curl
# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/curl/ChangeLog,v 1.252 2012/10/18 17:20:39 blueness Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/curl/ChangeLog,v 1.253 2012/10/18 18:16:20 blueness Exp $
+
+*curl-7.28.0-r1 (18 Oct 2012)
+
+ 18 Oct 2012; Anthony G. Basile <blueness@gentoo.org> +curl-7.28.0-r1.ebuild,
+ +files/curl-7.28.0-fix-http-auth.patch:
+ Patch to fix git/curl over http/https with auth, bug #438718
18 Oct 2012; Anthony G. Basile <blueness@gentoo.org> curl-7.27.0-r3.ebuild,
curl-7.28.0.ebuild:
diff --git a/net-misc/curl/curl-7.28.0-r1.ebuild b/net-misc/curl/curl-7.28.0-r1.ebuild
new file mode 100644
index 000000000000..2596a15f5b10
--- /dev/null
+++ b/net-misc/curl/curl-7.28.0-r1.ebuild
@@ -0,0 +1,207 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/curl/curl-7.28.0-r1.ebuild,v 1.1 2012/10/18 18:16:20 blueness Exp $
+
+EAPI="4"
+
+inherit autotools eutils prefix
+
+DESCRIPTION="A Client that groks URLs"
+HOMEPAGE="http://curl.haxx.se/"
+SRC_URI="http://curl.haxx.se/download/${P}.tar.bz2"
+
+LICENSE="MIT"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x64-freebsd ~x86-freebsd ~hppa-hpux ~ia64-hpux ~x86-interix ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+IUSE="adns idn ipv6 kerberos ldap metalink +nonblocking rtmp ssh ssl static-libs test threads"
+IUSE="${IUSE} curl_ssl_axtls curl_ssl_cyassl curl_ssl_gnutls curl_ssl_nss +curl_ssl_openssl curl_ssl_polarssl"
+
+#lead to lots of false negatives, bug #285669
+RESTRICT="test"
+
+RDEPEND="ldap? ( net-nds/openldap )
+ ssl? (
+ curl_ssl_axtls? ( net-libs/axtls app-misc/ca-certificates )
+ curl_ssl_cyassl? ( net-libs/cyassl app-misc/ca-certificates )
+ curl_ssl_gnutls? (
+ || (
+ ( >=net-libs/gnutls-3[static-libs?] dev-libs/nettle )
+ ( =net-libs/gnutls-2.12*[nettle,static-libs?] dev-libs/nettle )
+ ( =net-libs/gnutls-2.12*[-nettle,static-libs?] dev-libs/libgcrypt[static-libs?] )
+ )
+ app-misc/ca-certificates
+ )
+ curl_ssl_openssl? ( dev-libs/openssl[static-libs?] )
+ curl_ssl_nss? ( dev-libs/nss app-misc/ca-certificates )
+ curl_ssl_polarssl? ( net-libs/polarssl app-misc/ca-certificates )
+ )
+ idn? ( net-dns/libidn[static-libs?] )
+ adns? ( net-dns/c-ares )
+ kerberos? ( virtual/krb5 )
+ metalink? ( >=media-libs/libmetalink-0.1.0 )
+ rtmp? ( media-video/rtmpdump )
+ ssh? ( net-libs/libssh2[static-libs?] )
+ sys-libs/zlib"
+
+# Do we need to enforce the same ssl backend for curl and rtmpdump? Bug #423303
+# rtmp? (
+# media-video/rtmpdump
+# curl_ssl_gnutls? ( media-video/rtmpdump[gnutls] )
+# curl_ssl_polarssl? ( media-video/rtmpdump[polarssl] )
+# curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,-polarssl,ssl] )
+# )
+
+# ssl providers to be added:
+# fbopenssl $(use_with spnego)
+
+# krb4 http://web.mit.edu/kerberos/www/krb4-end-of-life.html
+
+DEPEND="${RDEPEND}
+ sys-apps/ed
+ virtual/pkgconfig
+ test? (
+ sys-apps/diffutils
+ dev-lang/perl
+ )"
+
+# c-ares must be disabled for threads
+# metalink cannot use nss for its backend #433822
+# only one ssl provider can be enabled
+REQUIRED_USE="
+ threads? ( !adns )
+ metalink? ( !curl_ssl_nss )
+ ssl? (
+ ^^ (
+ curl_ssl_axtls
+ curl_ssl_cyassl
+ curl_ssl_gnutls
+ curl_ssl_openssl
+ curl_ssl_nss
+ curl_ssl_polarssl
+ )
+ )"
+
+DOCS=( CHANGES README docs/FEATURES docs/INTERNALS \
+ docs/MANUAL docs/FAQ docs/BUGS docs/CONTRIBUTE)
+
+src_prepare() {
+ epatch \
+ "${FILESDIR}"/${PN}-7.28.0-prefix.patch \
+ "${FILESDIR}"/${PN}-respect-cflags-3.patch \
+ "${FILESDIR}"/${PN}-fix-gnutls-nettle.patch \
+ "${FILESDIR}"/${P}-fix-http-auth.patch
+ sed -i '/LD_LIBRARY_PATH=/d' configure.ac || die #382241
+
+ eprefixify curl-config.in
+ eautoreconf
+}
+
+src_configure() {
+ einfo "\033[1;32m**************************************************\033[00m"
+
+ # We make use of the fact that later flags override earlier ones
+ # So start with all ssl providers off until proven otherwise
+ local myconf=()
+ myconf+=( --without-axtls --without-cyassl --without-gnutls --without-nss --without-polarssl --without-ssl )
+ myconf+=( --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt )
+ if use ssl ; then
+ if use curl_ssl_axtls; then
+ einfo "SSL provided by axtls"
+ einfo "NOTE: axtls is meant for embedded systems and"
+ einfo "may not be the best choice as an ssl provider"
+ myconf+=( --with-axtls )
+ fi
+ if use curl_ssl_cyassl; then
+ einfo "SSL provided by cyassl"
+ einfo "NOTE: cyassl is meant for embedded systems and"
+ einfo "may not be the best choice as an ssl provider"
+ myconf+=( --with-cyassl )
+ fi
+ if use curl_ssl_gnutls; then
+ einfo "SSL provided by gnutls"
+ if has_version ">=net-libs/gnutls-3" || has_version "=net-libs/gnutls-2.12*[nettle]"; then
+ einfo "gnutls compiled with dev-libs/nettle"
+ myconf+=( --with-gnutls --with-nettle )
+ else
+ einfo "gnutls compiled with dev-libs/libgcrypt"
+ myconf+=( --with-gnutls --without-nettle )
+ fi
+ fi
+ if use curl_ssl_nss; then
+ einfo "SSL provided by nss"
+ myconf+=( --with-nss )
+ fi
+ if use curl_ssl_polarssl; then
+ einfo "SSL provided by polarssl"
+ einfo "NOTE: polarssl is meant for embedded systems and"
+ einfo "may not be the best choice as an ssl provider"
+ myconf+=( --with-polarssl )
+ fi
+ if use curl_ssl_openssl; then
+ einfo "SSL provided by openssl"
+ myconf+=( --with-ssl --without-ca-bundle --with-ca-path="${EPREFIX}"/etc/ssl/certs )
+ fi
+ else
+ einfo "SSL disabled"
+ fi
+ einfo "\033[1;32m**************************************************\033[00m"
+
+ # These configuration options are organized alphabetically
+ # within each category. This should make it easier if we
+ # ever decide to make any of them contingent on USE flags:
+ # 1) protocols first. To see them all do
+ # 'grep SUPPORT_PROTOCOLS configure.ac'
+ # 2) --enable/disable options second.
+ # 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort
+ # 3) --with/without options third.
+ # grep -- --with configure | grep Check | awk '{ print $4 }' | sort
+ econf \
+ --enable-dict \
+ --enable-file \
+ --enable-ftp \
+ --enable-gopher \
+ --enable-http \
+ --enable-imap \
+ $(use_enable ldap) \
+ $(use_enable ldap ldaps) \
+ --enable-pop3 \
+ --enable-rtsp \
+ $(use_with ssh libssh2) \
+ --enable-smtp \
+ --enable-telnet \
+ --enable-tftp \
+ $(use_enable adns ares) \
+ --enable-cookies \
+ --enable-hidden-symbols \
+ $(use_enable ipv6) \
+ --enable-largefile \
+ --enable-manual \
+ $(use_enable nonblocking) \
+ --enable-proxy \
+ --disable-soname-bump \
+ --disable-sspi \
+ $(use_enable static-libs static) \
+ $(use_enable threads threaded-resolver) \
+ --disable-versioned-symbols \
+ --without-darwinssl \
+ $(use_with idn libidn) \
+ $(use_with kerberos gssapi "${EPREFIX}"/usr) \
+ --without-krb4 \
+ $(use_with metalink libmetalink) \
+ $(use_with rtmp librtmp) \
+ --without-spnego \
+ --without-winidn \
+ --without-winssl \
+ --with-zlib \
+ "${myconf[@]}"
+}
+
+src_install() {
+ default
+ find "${ED}" -name '*.la' -delete
+ rm -rf "${ED}"/etc/
+
+ # https://sourceforge.net/tracker/index.php?func=detail&aid=1705197&group_id=976&atid=350976
+ insinto /usr/share/aclocal
+ doins docs/libcurl/libcurl.m4
+}
diff --git a/net-misc/curl/files/curl-7.28.0-fix-http-auth.patch b/net-misc/curl/files/curl-7.28.0-fix-http-auth.patch
new file mode 100644
index 000000000000..441fd3f47e33
--- /dev/null
+++ b/net-misc/curl/files/curl-7.28.0-fix-http-auth.patch
@@ -0,0 +1,22 @@
+Revert "zero out auth structs before transfer" which breaks http/https auth.
+
+See:
+https://bugs.gentoo.org/show_bug.cgi?id=438718
+https://sourceforge.net/tracker/?func=detail&aid=3577557&group_id=976&atid=100976
+
+--
+diff --git a/lib/transfer.c b/lib/transfer.c
+index 2ad5fad..a00469e 100644
+--- a/lib/transfer.c
++++ b/lib/transfer.c
+@@ -1433,10 +1433,6 @@ CURLcode Curl_pretransfer(struct SessionHandle *data)
+
+ data->state.ssl_connect_retry = FALSE;
+
+- /* zero out auth state */
+- memset(&data->state.authhost, 0, sizeof(struct auth));
+- memset(&data->state.authproxy, 0, sizeof(struct auth));
+-
+ data->state.authproblem = FALSE;
+ data->state.authhost.want = data->set.httpauth;
+ data->state.authproxy.want = data->set.proxyauth;