From: Matt Jolly <kan...@gentoo.org> Thanks to dev-libs/openssl exposing a QUIC API from 3.2, cURL is able to use OpenSSL as a QUIC backend.
This commit enables users to select between the `curl_quic_ngtcp2` and `curl_quic_openssl` backends via their associated USE_EXPAND and provides a mechanism to easily add more backends as they are implemented. It also renames the live ebuild's `nghttp3` USE to `http3` to support its use as a generic feature flag, and to align with net-analyzer/wireshark and www-serners/nginx. Finally, we get to drop a disgusting pkg-config workaround thanks to some upstream efforts that render it irrelevant (and detrimental to a successful build). Signed-off-by: Matt Jolly <kan...@gentoo.org> --- net-misc/curl/curl-9999.ebuild | 70 +++++++++++++--------------------- net-misc/curl/metadata.xml | 4 +- 2 files changed, 30 insertions(+), 44 deletions(-) diff --git a/net-misc/curl/curl-9999.ebuild b/net-misc/curl/curl-9999.ebuild index 7f560fb74a9b..b42cca9c5152 100644 --- a/net-misc/curl/curl-9999.ebuild +++ b/net-misc/curl/curl-9999.ebuild @@ -26,16 +26,22 @@ fi LICENSE="BSD curl ISC test? ( BSD-4 )" SLOT="0" -IUSE="+adns +alt-svc brotli debug +ftp gnutls gopher +hsts +http2 idn +imap kerberos ldap mbedtls nghttp3 +openssl +pop3" -IUSE+=" +psl +progress-meter rtmp rustls samba +smtp ssh ssl sslv3 static-libs test telnet +tftp websockets zstd" -# These select the default SSL implementation -IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls +curl_ssl_openssl curl_ssl_rustls" +IUSE="+adns +alt-svc brotli debug +ftp gnutls gopher +hsts +http2 http3 idn +imap kerberos ldap mbedtls +openssl +pop3" +IUSE+=" +psl +progress-meter quic rtmp rustls samba +smtp ssh ssl sslv3 static-libs test telnet +tftp websockets zstd" +# These select the default tls implementation / which quic impl to use +IUSE+=" curl_quic_openssl curl_quic_ngtcp2 curl_ssl_gnutls curl_ssl_mbedtls +curl_ssl_openssl curl_ssl_rustls" RESTRICT="!test? ( test )" -# Only one default ssl provider can be enabled -# The default ssl provider needs its USE satisfied -# nghttp3 = https://bugs.gentoo.org/912029 +# Only one default ssl / quic provider can be enabled +# The default provider needs its USE satisfied REQUIRED_USE=" + quic? ( + ^^ ( + curl_quic_openssl + curl_quic_ngtcp2 + ) + http3 + ) ssl? ( ^^ ( curl_ssl_gnutls @@ -44,13 +50,13 @@ REQUIRED_USE=" curl_ssl_rustls ) ) + curl_quic_openssl? ( openssl ) + curl_quic_ngtcp2? ( gnutls ) curl_ssl_gnutls? ( gnutls ) curl_ssl_mbedtls? ( mbedtls ) curl_ssl_openssl? ( openssl ) curl_ssl_rustls? ( rustls ) - nghttp3? ( - !openssl - alt-svc ) + http3? ( alt-svc quic ) " # cURL's docs and CI/CD are great resources for confirming supported versions @@ -60,20 +66,21 @@ REQUIRED_USE=" # - https://github.com/curl/curl/blob/master/.github/workflows/quiche-linux.yml (CI/CD for TCP/2) # However 'supported' vs 'works' are two entirely different things; be sane but # don't be afraid to require a later version. - +# ngtcp2 = https://bugs.gentoo.org/912029 - can only build with one tls backend at a time. RDEPEND=" >=sys-libs/zlib-1.1.4[${MULTILIB_USEDEP}] adns? ( >=net-dns/c-ares-1.16.0:=[${MULTILIB_USEDEP}] ) brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] ) http2? ( >=net-libs/nghttp2-1.12.0:=[${MULTILIB_USEDEP}] ) + http3? ( >=net-libs/nghttp3-1.1.0[${MULTILIB_USEDEP}] ) idn? ( net-dns/libidn2:=[static-libs?,${MULTILIB_USEDEP}] ) kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) ldap? ( >=net-nds/openldap-2.0.0:=[static-libs?,${MULTILIB_USEDEP}] ) - nghttp3? ( - >=net-libs/nghttp3-1.1.0[${MULTILIB_USEDEP}] - >=net-libs/ngtcp2-1.2.0[gnutls,ssl,-openssl,${MULTILIB_USEDEP}] - ) psl? ( net-libs/libpsl[${MULTILIB_USEDEP}] ) + quic? ( + curl_quic_openssl? ( >=dev-libs/openssl-3.3.0:=[quic,${MULTILIB_USEDEP}] ) + curl_quic_ngtcp2? ( >=net-libs/ngtcp2-1.2.0[gnutls,ssl,-openssl,${MULTILIB_USEDEP}] ) + ) rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] ) ssh? ( >=net-libs/libssh2-1.0.0[${MULTILIB_USEDEP}] ) ssl? ( @@ -104,7 +111,7 @@ BDEPEND=" test? ( sys-apps/diffutils http2? ( >=net-libs/nghttp2-1.15.0:=[utils,${MULTILIB_USEDEP}] ) - nghttp3? ( net-libs/nghttp2:=[utils,${MULTILIB_USEDEP}] ) + http3? ( net-libs/nghttp2:=[utils,${MULTILIB_USEDEP}] ) ) verify-sig? ( sec-keys/openpgp-keys-danielstenberg ) " @@ -262,8 +269,9 @@ multilib_src_configure() { --without-libgsasl $(use_with psl libpsl) --without-msh3 - $(use_with nghttp3) - $(use_with nghttp3 ngtcp2) + $(use_with http3 nghttp3) + $(use_with curl_quic_ngtcp2 ngtcp2) + $(use_with curl_quic_openssl openssl-quic) --without-quiche $(use_with rtmp librtmp) --without-schannel @@ -285,7 +293,7 @@ multilib_src_configure() { ) fi - if use test && multilib_is_native_abi && ( use http2 || use nghttp3 ); then + if use test && multilib_is_native_abi && ( use http2 || use http3 ); then myconf+=( --with-test-nghttpx="${BROOT}/usr/bin/nghttpx" ) @@ -305,30 +313,6 @@ multilib_src_configure() { sed -i -e '/SUBDIRS/s:scripts::' Makefile || die fi - # Fix up the pkg-config file to be more robust. - # https://github.com/curl/curl/issues/864 - local priv=() libs=() - # We always enable zlib. - libs+=( "-lz" ) - priv+=( "zlib" ) - if use http2; then - libs+=( "-lnghttp2" ) - priv+=( "libnghttp2" ) - fi - if use nghttp3; then - libs+=( "-lnghttp3" "-lngtcp2" ) - priv+=( "libnghttp3" "libngtcp2" ) - fi - if use ssl && use curl_ssl_openssl; then - libs+=( "-lssl" "-lcrypto" ) - priv+=( "openssl" ) - fi - grep -q Requires.private libcurl.pc && die "need to update ebuild" - libs=$(printf '|%s' "${libs[@]}") - sed -i -r \ - -e "/^Libs.private/s:(${libs#|})( |$)::g" \ - libcurl.pc || die - echo "Requires.private: ${priv[*]}" >> libcurl.pc || die } multilib_src_compile() { diff --git a/net-misc/curl/metadata.xml b/net-misc/curl/metadata.xml index d79a1ed4affd..884608c7c1f5 100644 --- a/net-misc/curl/metadata.xml +++ b/net-misc/curl/metadata.xml @@ -17,11 +17,13 @@ <flag name="hsts">Enable HTTP Strict Transport Security</flag> <flag name="imap">Enable Internet Message Access Protocol support</flag> <flag name="mbedtls">Enable mbedtls ssl backend</flag> - <flag name="nghttp3">Enable HTTP/3.0 support using <pkg>net-libs/nghttp3</pkg> and <pkg>net-libs/ngtcp2</pkg></flag> + <flag name="nghttp3">Enable HTTP/3 support using <pkg>net-libs/nghttp3</pkg></flag> + <flag name="http3">Enable HTTP/3 support</flag> <flag name="openssl">Enable openssl ssl backend</flag> <flag name="pop3">Enable Post Office Protocol 3 support</flag> <flag name="progress-meter">Enable the progress meter</flag> <flag name="psl">Enable Public Suffix List (PSL) support. See https://daniel.haxx.se/blog/2024/01/10/psl-in-curl/.</flag> + <flag name="quic">Enable support for QUIC (RFC 9000); a UDP-based protocol intended to replace TCP</flag> <flag name="rtmp">Enable RTMP Streaming Media support</flag> <flag name="rustls">Enable Rustls ssl backend</flag> <flag name="smtp">Enable Simple Mail Transfer Protocol support</flag> -- 2.45.2
