summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatt Jolly <kangie@gentoo.org>2024-06-21 21:39:38 +1000
committerMatt Jolly <kangie@gentoo.org>2024-06-29 16:52:54 +1000
commite3f2977eec5889630abbc33504d4817c47058b47 (patch)
tree8fe5ace905f061beebe2ae3e3df4c19d33dfb062
parentprofiles: add CURL_QUIC USE_EXPAND (diff)
downloadgentoo-e3f2977eec5889630abbc33504d4817c47058b47.tar.gz
gentoo-e3f2977eec5889630abbc33504d4817c47058b47.tar.bz2
gentoo-e3f2977eec5889630abbc33504d4817c47058b47.zip
net-misc/curl: wire up live ebuild for openssl-quic
Thanks to dev-libs/openssl exposing a QUIC API from 3.2, cURL is able to use OpenSSL as a QUIC backend. This commit enables users to select between the `curl_quic_ngtcp2` and `curl_quic_openssl` backends via their associated USE_EXPAND and provides a mechanism to easily add more backends as they are implemented. It also renames the live ebuild's `nghttp3` USE to `http3` to support its use as a generic feature flag, and to align with net-analyzer/wireshark and www-serners/nginx. Finally, we get to drop a disgusting pkg-config workaround thanks to some upstream efforts that render it irrelevant (and detrimental to a successful build). Closes: https://github.com/gentoo/gentoo/pull/37238 Closes: https://bugs.gentoo.org/934993 Signed-off-by: Matt Jolly <kangie@gentoo.org>
-rw-r--r--net-misc/curl/curl-9999.ebuild70
-rw-r--r--net-misc/curl/metadata.xml4
2 files changed, 30 insertions, 44 deletions
diff --git a/net-misc/curl/curl-9999.ebuild b/net-misc/curl/curl-9999.ebuild
index 7f560fb74a9b..b42cca9c5152 100644
--- a/net-misc/curl/curl-9999.ebuild
+++ b/net-misc/curl/curl-9999.ebuild
@@ -26,16 +26,22 @@ fi
LICENSE="BSD curl ISC test? ( BSD-4 )"
SLOT="0"
-IUSE="+adns +alt-svc brotli debug +ftp gnutls gopher +hsts +http2 idn +imap kerberos ldap mbedtls nghttp3 +openssl +pop3"
-IUSE+=" +psl +progress-meter rtmp rustls samba +smtp ssh ssl sslv3 static-libs test telnet +tftp websockets zstd"
-# These select the default SSL implementation
-IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls +curl_ssl_openssl curl_ssl_rustls"
+IUSE="+adns +alt-svc brotli debug +ftp gnutls gopher +hsts +http2 http3 idn +imap kerberos ldap mbedtls +openssl +pop3"
+IUSE+=" +psl +progress-meter quic rtmp rustls samba +smtp ssh ssl sslv3 static-libs test telnet +tftp websockets zstd"
+# These select the default tls implementation / which quic impl to use
+IUSE+=" curl_quic_openssl curl_quic_ngtcp2 curl_ssl_gnutls curl_ssl_mbedtls +curl_ssl_openssl curl_ssl_rustls"
RESTRICT="!test? ( test )"
-# Only one default ssl provider can be enabled
-# The default ssl provider needs its USE satisfied
-# nghttp3 = https://bugs.gentoo.org/912029
+# Only one default ssl / quic provider can be enabled
+# The default provider needs its USE satisfied
REQUIRED_USE="
+ quic? (
+ ^^ (
+ curl_quic_openssl
+ curl_quic_ngtcp2
+ )
+ http3
+ )
ssl? (
^^ (
curl_ssl_gnutls
@@ -44,13 +50,13 @@ REQUIRED_USE="
curl_ssl_rustls
)
)
+ curl_quic_openssl? ( openssl )
+ curl_quic_ngtcp2? ( gnutls )
curl_ssl_gnutls? ( gnutls )
curl_ssl_mbedtls? ( mbedtls )
curl_ssl_openssl? ( openssl )
curl_ssl_rustls? ( rustls )
- nghttp3? (
- !openssl
- alt-svc )
+ http3? ( alt-svc quic )
"
# cURL's docs and CI/CD are great resources for confirming supported versions
@@ -60,20 +66,21 @@ REQUIRED_USE="
# - https://github.com/curl/curl/blob/master/.github/workflows/quiche-linux.yml (CI/CD for TCP/2)
# However 'supported' vs 'works' are two entirely different things; be sane but
# don't be afraid to require a later version.
-
+# ngtcp2 = https://bugs.gentoo.org/912029 - can only build with one tls backend at a time.
RDEPEND="
>=sys-libs/zlib-1.1.4[${MULTILIB_USEDEP}]
adns? ( >=net-dns/c-ares-1.16.0:=[${MULTILIB_USEDEP}] )
brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] )
http2? ( >=net-libs/nghttp2-1.12.0:=[${MULTILIB_USEDEP}] )
+ http3? ( >=net-libs/nghttp3-1.1.0[${MULTILIB_USEDEP}] )
idn? ( net-dns/libidn2:=[static-libs?,${MULTILIB_USEDEP}] )
kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
ldap? ( >=net-nds/openldap-2.0.0:=[static-libs?,${MULTILIB_USEDEP}] )
- nghttp3? (
- >=net-libs/nghttp3-1.1.0[${MULTILIB_USEDEP}]
- >=net-libs/ngtcp2-1.2.0[gnutls,ssl,-openssl,${MULTILIB_USEDEP}]
- )
psl? ( net-libs/libpsl[${MULTILIB_USEDEP}] )
+ quic? (
+ curl_quic_openssl? ( >=dev-libs/openssl-3.3.0:=[quic,${MULTILIB_USEDEP}] )
+ curl_quic_ngtcp2? ( >=net-libs/ngtcp2-1.2.0[gnutls,ssl,-openssl,${MULTILIB_USEDEP}] )
+ )
rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] )
ssh? ( >=net-libs/libssh2-1.0.0[${MULTILIB_USEDEP}] )
ssl? (
@@ -104,7 +111,7 @@ BDEPEND="
test? (
sys-apps/diffutils
http2? ( >=net-libs/nghttp2-1.15.0:=[utils,${MULTILIB_USEDEP}] )
- nghttp3? ( net-libs/nghttp2:=[utils,${MULTILIB_USEDEP}] )
+ http3? ( net-libs/nghttp2:=[utils,${MULTILIB_USEDEP}] )
)
verify-sig? ( sec-keys/openpgp-keys-danielstenberg )
"
@@ -262,8 +269,9 @@ multilib_src_configure() {
--without-libgsasl
$(use_with psl libpsl)
--without-msh3
- $(use_with nghttp3)
- $(use_with nghttp3 ngtcp2)
+ $(use_with http3 nghttp3)
+ $(use_with curl_quic_ngtcp2 ngtcp2)
+ $(use_with curl_quic_openssl openssl-quic)
--without-quiche
$(use_with rtmp librtmp)
--without-schannel
@@ -285,7 +293,7 @@ multilib_src_configure() {
)
fi
- if use test && multilib_is_native_abi && ( use http2 || use nghttp3 ); then
+ if use test && multilib_is_native_abi && ( use http2 || use http3 ); then
myconf+=(
--with-test-nghttpx="${BROOT}/usr/bin/nghttpx"
)
@@ -305,30 +313,6 @@ multilib_src_configure() {
sed -i -e '/SUBDIRS/s:scripts::' Makefile || die
fi
- # Fix up the pkg-config file to be more robust.
- # https://github.com/curl/curl/issues/864
- local priv=() libs=()
- # We always enable zlib.
- libs+=( "-lz" )
- priv+=( "zlib" )
- if use http2; then
- libs+=( "-lnghttp2" )
- priv+=( "libnghttp2" )
- fi
- if use nghttp3; then
- libs+=( "-lnghttp3" "-lngtcp2" )
- priv+=( "libnghttp3" "libngtcp2" )
- fi
- if use ssl && use curl_ssl_openssl; then
- libs+=( "-lssl" "-lcrypto" )
- priv+=( "openssl" )
- fi
- grep -q Requires.private libcurl.pc && die "need to update ebuild"
- libs=$(printf '|%s' "${libs[@]}")
- sed -i -r \
- -e "/^Libs.private/s:(${libs#|})( |$)::g" \
- libcurl.pc || die
- echo "Requires.private: ${priv[*]}" >> libcurl.pc || die
}
multilib_src_compile() {
diff --git a/net-misc/curl/metadata.xml b/net-misc/curl/metadata.xml
index d79a1ed4affd..884608c7c1f5 100644
--- a/net-misc/curl/metadata.xml
+++ b/net-misc/curl/metadata.xml
@@ -17,11 +17,13 @@
<flag name="hsts">Enable HTTP Strict Transport Security</flag>
<flag name="imap">Enable Internet Message Access Protocol support</flag>
<flag name="mbedtls">Enable mbedtls ssl backend</flag>
- <flag name="nghttp3">Enable HTTP/3.0 support using <pkg>net-libs/nghttp3</pkg> and <pkg>net-libs/ngtcp2</pkg></flag>
+ <flag name="nghttp3">Enable HTTP/3 support using <pkg>net-libs/nghttp3</pkg></flag>
+ <flag name="http3">Enable HTTP/3 support</flag>
<flag name="openssl">Enable openssl ssl backend</flag>
<flag name="pop3">Enable Post Office Protocol 3 support</flag>
<flag name="progress-meter">Enable the progress meter</flag>
<flag name="psl">Enable Public Suffix List (PSL) support. See https://daniel.haxx.se/blog/2024/01/10/psl-in-curl/.</flag>
+ <flag name="quic">Enable support for QUIC (RFC 9000); a UDP-based protocol intended to replace TCP</flag>
<flag name="rtmp">Enable RTMP Streaming Media support</flag>
<flag name="rustls">Enable Rustls ssl backend</flag>
<flag name="smtp">Enable Simple Mail Transfer Protocol support</flag>