From patchwork Mon Jan 8 19:38:17 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Tomas Volf <~@wolfsden.cz> X-Patchwork-Id: 58687 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 5ABD727BBEA; Mon, 8 Jan 2024 19:39:51 +0000 (GMT) X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_ADSP_ALL, DKIM_INVALID,DKIM_SIGNED,MAILING_LIST_MULTI,SPF_HELO_PASS, URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.6 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id 2DA0427BBE2 for ; Mon, 8 Jan 2024 19:39:50 +0000 (GMT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rMvSd-00061j-7H; Mon, 08 Jan 2024 14:38:59 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rMvSb-00061D-Rt for guix-patches@gnu.org; Mon, 08 Jan 2024 14:38:57 -0500 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1rMvSb-0006TJ-Fx for guix-patches@gnu.org; Mon, 08 Jan 2024 14:38:57 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1rMvSh-0003JG-Iz for guix-patches@gnu.org; Mon, 08 Jan 2024 14:39:03 -0500 X-Loop: help-debbugs@gnu.org Subject: [bug#68332] [PATCH 5/6] gnu: Add curl-full. Resent-From: Tomas Volf <~@wolfsden.cz> Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Mon, 08 Jan 2024 19:39:03 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 68332 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 68332@debbugs.gnu.org Cc: Tomas Volf <~@wolfsden.cz> Received: via spool by 68332-submit@debbugs.gnu.org id=B68332.170474272512655 (code B ref 68332); Mon, 08 Jan 2024 19:39:03 +0000 Received: (at 68332) by debbugs.gnu.org; 8 Jan 2024 19:38:45 +0000 Received: from localhost ([127.0.0.1]:37640 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rMvSO-0003Hx-Ru for submit@debbugs.gnu.org; Mon, 08 Jan 2024 14:38:45 -0500 Received: from wolfsden.cz ([37.205.8.62]:50580) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <~@wolfsden.cz>) id 1rMvSJ-0003H2-CU for 68332@debbugs.gnu.org; Mon, 08 Jan 2024 14:38:41 -0500 Received: by wolfsden.cz (Postfix, from userid 104) id 6039B24C524; Mon, 8 Jan 2024 19:38:32 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wolfsden.cz; s=mail; t=1704742712; bh=4V3eU1JfhR0guQh9KnJaPspoTy9H1jTFvfymhxtq3og=; h=From:To:Cc:Subject:Date:In-Reply-To:References; b=mbociWeRi3cUTz/VJySsZ3RFIWpF9kgTKfBCUauPFGBxhraVhHXAutZkbIN/zYKSo BTVXx3V6dU6nUj3mmjPZYxmxj4DDHvIsMr1DbM7E49Jz82vMxh7SDOVhlcE3Ow2rpv tEb0BLlCrBgPPN0xTAULxX9q5Sp5iLbybKeaW+a1NNB4VvPwgnZmpTsJM9bqtzeIvH 5VZGVL3nNO0/KIHzq1b57HfIeMw3A66E1cCBI54pY5/QNPnhZj+ZtocXKIXNcd9854 fTSlsbrsnVarH/P3cUadLkq7MepA/HfAlwbYbxoAD3L7v9zTuByZ7kQ3bsCPOWsnsG lqmue4nYeR+pJuLq8QJjcs3O5c7qpT8iQfkkYLYQyQFyZmBBKy+94iQcO7Tvpiqa8h l1qR5ld82GTzzpxJ8WmDPWBZ8i27FBWRoc4TnGvjrTJqPQMvbuWby8ClueIBRca3jx husVlmiMnSIhFPcC/6J13xZs+SmuF5Na2teczShpMfQn+tDgjaXaDJ+EmcL6sKqraF LmJmfLKX/L/jh1eWi/7m/heySZJgrEMWLjfrorQcVtJPj4LKsoBxAwNkwZ8lhKq2sI 8yvlV9waA2WuqcxFj2VLcVE52VfDQqN8NsWPHsr8t+aNoSEqN+iqSvmwHF/MNutZoP Xy4QaCBxBNHgYHiea5yxw/ps= Received: from localhost (unknown [146.70.134.143]) by wolfsden.cz (Postfix) with ESMTPSA id B6CEE24CE9A; Mon, 8 Jan 2024 19:38:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wolfsden.cz; s=mail; t=1704742711; bh=4V3eU1JfhR0guQh9KnJaPspoTy9H1jTFvfymhxtq3og=; h=From:To:Cc:Subject:Date:In-Reply-To:References; b=fHLRK2oB6owEJZILPlZKbmMQv9E3RqlVljowiFtd/RGKQ9H2IDVs5jPyP8q92f+5X JA/Whwdb0BjpTPkz+17fJPDF3rM2gEx9NS95iDcTlYeDFdVdPw9IIbU22Qr5FjBgrB SrlK4NnUN+yxUgOC4Xxgtxb7fqdH+lYxPgmYDF4dJKYbmDZXQ6syNI7se0hb97LOX8 f39+RnHWwR3qd4/IhqzQkTP1ocVY0/Br3pqU2286FWLzCDqbsuxx/gy0JuKV17PYZq /tyUr2PFrN64/5IPSRMvcWFqD/bD1IRqRwOHqUprJbEZfOQIunw6ptb6Y0+uCgl/M7 f7yxHCvc8WY7W3Rc/TBQUSRRZdhenhAh2QIeVS7hfSJLS0d2NxnmMVykVpETozb8zd 0oIrLctu5CA19XvaVM3jvDSOQaq3HjBVUorNAzj/pthpcnxe/TywNl0rBJCcQe1w+h wfeuTnkqVAtXnc5tIHTKGiUfGz6hR3KMxx0E8eEXMevvMDPcLLtPHH4JUwrxwcMNpf wTiQJGZsPBdQaU4YewM0E6o+ulGo/r9JP06olu0Fg/U+udUMwVaTiC97mYfeXikxnt kmiArBgfc+X4LqHM4lsLFHc9puFstUK8Si2/27j3+zKVCxNyIDNer98xZ3zHNBkUh+ K/dsV1/yeo8O3QdlCe3ejjDQ= From: Tomas Volf <~@wolfsden.cz> Date: Mon, 8 Jan 2024 20:38:17 +0100 Message-ID: X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org X-getmail-retrieved-from-mailbox: Patches New variable providing curl compiled with all available features is added. * gnu/packages/curl.scm (curl-full): New variable. * gnu/packages/patches/curl-8.5-use-ssl-cert-env.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. Change-Id: Ic3c9b2b9bd0a81d6840dcdccd21d52a9d0b311e2 --- gnu/local.mk | 1 + gnu/packages/curl.scm | 69 ++++++++++++++++ .../patches/curl-8.5-use-ssl-cert-env.patch | 79 +++++++++++++++++++ 3 files changed, 149 insertions(+) create mode 100644 gnu/packages/patches/curl-8.5-use-ssl-cert-env.patch diff --git a/gnu/local.mk b/gnu/local.mk index f804f4ef5b..73eab7cf93 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1060,6 +1060,7 @@ dist_patch_DATA = \ %D%/packages/patches/clucene-contribs-lib.patch \ %D%/packages/patches/cube-nocheck.patch \ %D%/packages/patches/curl-use-ssl-cert-env.patch \ + %D%/packages/patches/curl-8.5-use-ssl-cert-env.patch \ %D%/packages/patches/curlftpfs-fix-error-closing-file.patch \ %D%/packages/patches/curlftpfs-fix-file-names.patch \ %D%/packages/patches/curlftpfs-fix-memory-leak.patch \ diff --git a/gnu/packages/curl.scm b/gnu/packages/curl.scm index b33f4d36d4..0f0336cb6a 100644 --- a/gnu/packages/curl.scm +++ b/gnu/packages/curl.scm @@ -16,6 +16,7 @@ ;;; Copyright © 2021 Felix Gruber ;;; Copyright © 2023 Sharlatan Hellseher ;;; Copyright © 2023 John Kehayias +;;; Copyright © 2024 Tomas Volf <~@wolfsden.cz> ;;; ;;; This file is part of GNU Guix. ;;; @@ -46,14 +47,19 @@ (define-module (gnu packages curl) #:use-module (guix build-system meson) #:use-module ((guix search-paths) #:select ($SSL_CERT_DIR $SSL_CERT_FILE)) #:use-module (gnu packages) + #:use-module (gnu packages certs) #:use-module (gnu packages check) #:use-module (gnu packages compression) #:use-module (gnu packages golang) + #:use-module (gnu packages gsasl) + #:use-module (gnu packages groff) #:use-module (gnu packages guile) #:use-module (gnu packages kerberos) #:use-module (gnu packages logging) #:use-module (gnu packages libevent) #:use-module (gnu packages libidn) + #:use-module (gnu packages openldap) + #:use-module (gnu packages networking) #:use-module (gnu packages perl) #:use-module (gnu packages pkg-config) #:use-module (gnu packages python) @@ -169,6 +175,69 @@ (define-public curl "See COPYING in the distribution.")) (home-page "https://curl.haxx.se/"))) +(define-public curl-full + (package/inherit curl + (name "curl-full") + (version "8.5.0") + (source (origin + (method url-fetch) + (uri (string-append "https://curl.se/download/curl-" + version ".tar.gz")) + (sha256 + (base32 + "1pas8z1vijp08za5xgh2vvsajwi1p2208vlhl0vs94xp4pzigz05")) + (patches (search-patches "curl-8.5-use-ssl-cert-env.patch")))) + (arguments + (substitute-keyword-arguments (package-arguments curl) + ((#:configure-flags flags) + #~(cons* "--enable-manual" + ;; Not yet available: https://github.com/curl/curl/pull/11922 + ;; "--enable-ech" + "--enable-websockets" + "--with-brotli" + "--with-ldap" + "--with-ldaps" + "--with-librtmp" + "--with-libssh2" + "--with-nghttp3" + "--with-ngtcp2" + "--with-zstd" + #$flags)) + ((#:phases phases) + #~(modify-phases #$phases + (add-after 'unpack 'skip-tests + (lambda _ + (let ((port (open-file "tests/data/DISABLED" "a"))) + ;; I do not understand why curl package ignores this test + ;; just on some architectures. I had it fail even on amd64, + ;; it is just too flaky. + (display "1474\n" port) + ;; Required files are missing, should be fixed in >8.5.0: + ;; https://github.com/curl/curl/issues/12462 + (display "1477\n" port) + (close port)))))))) + (propagated-inputs + (list nss-certs)) + (native-inputs + (modify-inputs (package-native-inputs curl) + (prepend groff))) + (inputs + (modify-inputs (package-inputs curl) + (prepend brotli + gsasl + libpsl + libssh2 + nghttp3 + ngtcp2 + openldap + rtmpdump + `(,zstd "lib")))) + (description (string-append (package-description curl) + "\n\n" + "Compared to the regular curl package, this +one enables everything that can be enabled, bringing in additional features +and security.")))) + (define-public curl-ssh (package/inherit curl (arguments diff --git a/gnu/packages/patches/curl-8.5-use-ssl-cert-env.patch b/gnu/packages/patches/curl-8.5-use-ssl-cert-env.patch new file mode 100644 index 0000000000..70f703a999 --- /dev/null +++ b/gnu/packages/patches/curl-8.5-use-ssl-cert-env.patch @@ -0,0 +1,79 @@ +From 0a942e9f2f5255793e99408ca3da0940d52dfdad Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jakub=20K=C4=85dzio=C5=82ka?= +Date: Mon, 8 Jan 2024 15:07:38 +0100 +Subject: [PATCH] libcurl: Respect SSL_CERT_DIR and SSL_CERT_FILE. + +Make libcurl respect the SSL_CERT_{DIR,FILE} variables by default. The variables +are fetched during initialization to preserve thread-safety (curl_global_init(3) +must be called when no other threads exist). + +This fixes network functionality in rust:cargo, and probably removes the need +for other future workarounds. +--- + lib/easy.c | 9 +++++++++ + lib/url.c | 15 +++++++++++++++ + 2 files changed, 24 insertions(+) + +diff --git a/lib/easy.c b/lib/easy.c +index 322d1a41b..2a235a19c 100644 +--- a/lib/easy.c ++++ b/lib/easy.c +@@ -137,6 +137,9 @@ curl_wcsdup_callback Curl_cwcsdup = Curl_wcsdup; + static char *leakpointer; + #endif + ++char * Curl_ssl_cert_dir = NULL; ++char * Curl_ssl_cert_file = NULL; ++ + /** + * curl_global_init() globally initializes curl given a bitwise set of the + * different features of what to initialize. +@@ -163,6 +166,9 @@ static CURLcode global_init(long flags, bool memoryfuncs) + goto fail; + } + ++ Curl_ssl_cert_dir = curl_getenv("SSL_CERT_DIR"); ++ Curl_ssl_cert_file = curl_getenv("SSL_CERT_FILE"); ++ + if(!Curl_ssl_init()) { + DEBUGF(fprintf(stderr, "Error: Curl_ssl_init failed\n")); + goto fail; +@@ -287,6 +293,9 @@ void curl_global_cleanup(void) + Curl_ssl_cleanup(); + Curl_resolver_global_cleanup(); + ++ free(Curl_ssl_cert_dir); ++ free(Curl_ssl_cert_file); ++ + #ifdef _WIN32 + Curl_win32_cleanup(easy_init_flags); + #endif +diff --git a/lib/url.c b/lib/url.c +index b81785fe2..d607e74bb 100644 +--- a/lib/url.c ++++ b/lib/url.c +@@ -454,6 +454,21 @@ CURLcode Curl_init_userdefined(struct Curl_easy *data) + if(result) + return result; + #endif ++ extern char * Curl_ssl_cert_dir; ++ extern char * Curl_ssl_cert_file; ++ if(Curl_ssl_cert_dir) { ++ if(result = Curl_setstropt(&set->str[STRING_SSL_CAPATH], Curl_ssl_cert_dir)) ++ return result; ++ if(result = Curl_setstropt(&set->str[STRING_SSL_CAPATH_PROXY], Curl_ssl_cert_dir)) ++ return result; ++ } ++ ++ if(Curl_ssl_cert_file) { ++ if(result = Curl_setstropt(&set->str[STRING_SSL_CAFILE], Curl_ssl_cert_file)) ++ return result; ++ if(result = Curl_setstropt(&set->str[STRING_SSL_CAFILE_PROXY], Curl_ssl_cert_file)) ++ return result; ++ } + } + + #ifndef CURL_DISABLE_FTP +-- +2.41.0 +