Google Git
Sign in
cos / mirrors / cros / chromiumos / overlays / portage-stable / 2e7f17ee83370290b206c9aa4fc543854ba4151f^! / .
commit2e7f17ee83370290b206c9aa4fc543854ba4151f[log] [tgz]
authorMattias Nissler <mnissler@chromium.org>Tue Dec 04 13:31:33 2018 +0100
committerChromeOS Commit Bot <chromeos-commit-bot@chromium.org>Fri May 17 23:37:30 2019 +0000
tree2352a5b08d43e8f5c4121e83be95e6bb45e5fb0a
parentfd54d3d31eea7c0b87ab237200f7e7a260f32165 [diff]
net-misc/curl: Uprev to 7.62.0

Pulls in security fixes.

BUG=chromium:883265,b:131265443
TEST=Builds and passes tests.

Change-Id: I559a306ccddd520ba8b6372daf7bbb99b2d3d9b1
Reviewed-on: https://chromium-review.googlesource.com/1360752
Commit-Ready: Mattias Nissler <mnissler@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
(cherry picked from commit cc5bf3674e7130e9173ca51ba4ab8ebd60279411)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/overlays/portage-stable/+/1618423
Reviewed-by: Manoj Gupta <manojgupta@chromium.org>
Commit-Queue: Xuewei Zhang <xueweiz@google.com>
Tested-by: Xuewei Zhang <xueweiz@google.com>

diff --git a/net-misc/curl/Manifest b/net-misc/curl/Manifest
index 11a1038..0be34df 100644
--- a/net-misc/curl/Manifest
+++ b/net-misc/curl/Manifest

@@ -1 +1 @@
-DIST curl-7.60.0.tar.bz2 2938400 SHA256 897dfb2204bd99be328279f88f55b7c61592216b0542fcbe995c60aa92871e9b SHA512 c7566bbe7289cd75d34a65b457905d54b5d07543b9fed5a762c889eb09114ad66de62c3edafd1973e87bc8e303a434e77b4e40eea1718801e79ae9256531abe9 WHIRLPOOL f6d339b098862489f5ec80c0cb078f3285c843b3b53c772df8627380fc0608ac653f3d06feeb55ec1036f8a3a489e8efaf5b1546ebb8bfe87784718018059dad
+DIST curl-7.62.0.tar.bz2 3014762 SHA256 7802c54076500be500b171fde786258579d60547a3a35b8c5a23d8c88e8f9620 SHA512 83ca5c2757745f763316eefdd4c3f0e8a211a7f0db6a708b67ae2133ad41fdf17dd2230f9283a4778c9c866126d407454a090291cd2bf274371d0a214c1c13f5 WHIRLPOOL ac3ef0e7ff60b7cdbba69cbb7cd195b3cd73d6d4194a9a589b4bfd9f3f61c19dd1c5acb28f710b358c95b5967b9c39be982987ecd63905bfb9e05afd56fd4d83

diff --git a/net-misc/curl/curl-7.60.0.ebuild b/net-misc/curl/curl-7.62.0.ebuild
similarity index 97%
rename from net-misc/curl/curl-7.60.0.ebuild
rename to net-misc/curl/curl-7.62.0.ebuild
index b066cfc..cdd6d7a 100644
--- a/net-misc/curl/curl-7.60.0.ebuild
+++ b/net-misc/curl/curl-7.62.0.ebuild

@@ -1,4 +1,4 @@
-# Copyright 1999-2018 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI="5"
@@ -20,7 +20,7 @@
 RESTRICT="test"
 
 RDEPEND="ldap? ( net-nds/openldap[${MULTILIB_USEDEP}] )
-	brotli? ( app-arch/brotli:= )
+	brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] )
 	ssl? (
 		curl_ssl_axtls? (
 			net-libs/axtls:0=[${MULTILIB_USEDEP}]
@@ -227,7 +227,7 @@
 		libs+=( "-lnghttp2" )
 		priv+=( "libnghttp2" )
 	fi
-	if use curl_ssl_openssl; then
+	if use ssl && use curl_ssl_openssl; then
 		libs+=( "-lssl" "-lcrypto" )
 		priv+=( "openssl" )
 	fi

diff --git a/net-misc/curl/files/curl-7.59.0-libressl-compatibility.patch b/net-misc/curl/files/curl-7.59.0-libressl-compatibility.patch
deleted file mode 100644
index e7ee6c3..0000000
--- a/net-misc/curl/files/curl-7.59.0-libressl-compatibility.patch
+++ /dev/null

@@ -1,70 +0,0 @@
-From da51ddee81e10398172f0baf3327b5db82846175 Mon Sep 17 00:00:00 2001
-From: Bernard Spil <brnrd@FreeBSD.org>
-Date: Mon, 2 Apr 2018 19:04:06 +0200
-Subject: [PATCH] openssl: fix build with LibreSSL 2.7
-
- - LibreSSL 2.7 implements (most of) OpenSSL 1.1 API
-
-Fixes #2319
-Closes #2447
-Closes #2448
-
-Signed-off-by: Bernard Spil <brnrd@FreeBSD.org>
----
- lib/vtls/openssl.c | 15 +++++++++------
- 1 file changed, 9 insertions(+), 6 deletions(-)
-
-diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
-index 2a6b3cfac..bbb8ec766 100644
---- a/lib/vtls/openssl.c
-+++ b/lib/vtls/openssl.c
-@@ -104,7 +104,8 @@
- #endif
- 
- #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && /* OpenSSL 1.1.0+ */ \
--  !defined(LIBRESSL_VERSION_NUMBER)
-+    !(defined(LIBRESSL_VERSION_NUMBER) && \
-+      LIBRESSL_VERSION_NUMBER < 0x20700000L)
- #define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER
- #define HAVE_X509_GET0_EXTENSIONS 1 /* added in 1.1.0 -pre1 */
- #define HAVE_OPAQUE_EVP_PKEY 1 /* since 1.1.0 -pre3 */
-@@ -128,7 +129,8 @@ static unsigned long OpenSSL_version_num(void)
- #endif
- 
- #if (OPENSSL_VERSION_NUMBER >= 0x1000200fL) && /* 1.0.2 or later */ \
--  !defined(LIBRESSL_VERSION_NUMBER)
-+    !(defined(LIBRESSL_VERSION_NUMBER) && \
-+      LIBRESSL_VERSION_NUMBER < 0x20700000L)
- #define HAVE_X509_GET0_SIGNATURE 1
- #endif
- 
-@@ -147,7 +149,7 @@ static unsigned long OpenSSL_version_num(void)
-  * Whether SSL_CTX_set_keylog_callback is available.
-  * OpenSSL: supported since 1.1.1 https://github.com/openssl/openssl/pull/2287
-  * BoringSSL: supported since d28f59c27bac (committed 2015-11-19)
-- * LibreSSL: unsupported in at least 2.5.1 (explicitly check for it since it
-+ * LibreSSL: unsupported in at least 2.7.2 (explicitly check for it since it
-  *           lies and pretends to be OpenSSL 2.0.0).
-  */
- #if (OPENSSL_VERSION_NUMBER >= 0x10101000L && \
-@@ -259,7 +261,9 @@ static void tap_ssl_key(const SSL *ssl, ssl_tap_state_t *state)
-   if(!session || !keylog_file_fp)
-     return;
- 
--#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && \
-+    !(defined(LIBRESSL_VERSION_NUMBER) && \
-+      LIBRESSL_VERSION_NUMBER < 0x20700000L)
-   /* ssl->s3 is not checked in openssl 1.1.0-pre6, but let's assume that
-    * we have a valid SSL context if we have a non-NULL session. */
-   SSL_get_client_random(ssl, client_random, SSL3_RANDOM_SIZE);
-@@ -2082,8 +2086,7 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
-   case CURL_SSLVERSION_TLSv1_2:
-   case CURL_SSLVERSION_TLSv1_3:
-     /* it will be handled later with the context options */
--#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && \
--    !defined(LIBRESSL_VERSION_NUMBER)
-+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
-     req_method = TLS_client_method();
- #else
-     req_method = SSLv23_client_method();