curl: upgraded package to upstream
Upgraded net-misc/curl to version 8.4.0 on amd64
BUG=b/304681801
TEST=presubmit
RELEASE_NOTE=Upgraded net-misc/curl to version 8.4.0. This resolves CVE-2023-38545.
cos-patch: security-high
Change-Id: I4ccc8be58183cfce17fa15d1b42557bb7ecea541
Reviewed-on: https://cos-review.googlesource.com/c/third_party/overlays/portage-stable/+/59095
Tested-by: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com>
Main-Branch-Verified: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com>
Reviewed-by: Arnav Kansal <rnv@google.com>
diff --git a/metadata/md5-cache/net-misc/curl-7.86.0-r1 b/metadata/md5-cache/net-misc/curl-7.86.0-r1
deleted file mode 100644
index 5fb2224..0000000
--- a/metadata/md5-cache/net-misc/curl-7.86.0-r1
+++ /dev/null
@@ -1,16 +0,0 @@
-BDEPEND=dev-lang/perl virtual/pkgconfig test? ( sys-apps/diffutils ) verify-sig? ( sec-keys/openpgp-keys-danielstenberg ) >=app-portage/elt-patches-20170815 verify-sig? ( app-crypt/gnupg >=app-portage/gemato-16 )
-DEFINED_PHASES=compile configure install prepare test unpack
-DEPEND=ldap? ( net-nds/openldap:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) brotli? ( app-arch/brotli:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) ssl? ( gnutls? ( net-libs/gnutls:0=[static-libs?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] dev-libs/nettle:0=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] app-misc/ca-certificates ) mbedtls? ( net-libs/mbedtls:0=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] app-misc/ca-certificates ) openssl? ( dev-libs/openssl:0=[sslv3(-)=,static-libs?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) nss? ( dev-libs/nss:0[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] dev-libs/nss-pem app-misc/ca-certificates ) ) http2? ( net-libs/nghttp2:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) nghttp3? ( net-libs/nghttp3[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] net-libs/ngtcp2[ssl,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) quiche? ( >=net-libs/quiche-0.3.0[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) idn? ( net-dns/libidn2:0=[static-libs?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) adns? ( net-dns/c-ares:0=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) kerberos? ( >=virtual/krb5-0-r1[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) rtmp? ( media-video/rtmpdump[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) ssh? ( net-libs/libssh2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) sys-libs/zlib[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] zstd? ( app-arch/zstd:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) !<sys-devel/gettext-0.18.1.1-r3 || ( >=sys-devel/automake-1.16.1:1.16 >=sys-devel/automake-1.15.1:1.15 ) >=sys-devel/autoconf-2.69 >=sys-devel/libtool-2.4
-DESCRIPTION=A Client that groks URLs
-EAPI=7
-HOMEPAGE=https://curl.haxx.se/
-IUSE=+adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp websockets zstd curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl nghttp3 quiche abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 abi_arm_32 abi_arm_64 verify-sig
-KEYWORDS=*
-LICENSE=curl
-RDEPEND=ldap? ( net-nds/openldap:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) brotli? ( app-arch/brotli:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) ssl? ( gnutls? ( net-libs/gnutls:0=[static-libs?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] dev-libs/nettle:0=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] app-misc/ca-certificates ) mbedtls? ( net-libs/mbedtls:0=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] app-misc/ca-certificates ) openssl? ( dev-libs/openssl:0=[sslv3(-)=,static-libs?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) nss? ( dev-libs/nss:0[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] dev-libs/nss-pem app-misc/ca-certificates ) ) http2? ( net-libs/nghttp2:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) nghttp3? ( net-libs/nghttp3[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] net-libs/ngtcp2[ssl,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) quiche? ( >=net-libs/quiche-0.3.0[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) idn? ( net-dns/libidn2:0=[static-libs?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) adns? ( net-dns/c-ares:0=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) kerberos? ( >=virtual/krb5-0-r1[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) rtmp? ( media-video/rtmpdump[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) ssh? ( net-libs/libssh2[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) sys-libs/zlib[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] zstd? ( app-arch/zstd:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] )
-REQUIRED_USE=ssl? ( ^^ ( curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss curl_ssl_openssl ) )
-RESTRICT=!test? ( test )
-SLOT=0
-SRC_URI=https://curl.haxx.se/download/curl-7.86.0.tar.xz verify-sig? ( https://curl.haxx.se/download/curl-7.86.0.tar.xz.asc )
-_eclasses_=autotools d0e5375d47f4c809f406eb892e531513 libtool f143db5a74ccd9ca28c1234deffede96 multibuild 40fe59465edacd730c644ec2bc197809 multilib 2477ebe553d3e4d2c606191fe6c33602 multilib-build 1979aa0ff4d356d32507ca4650d9f37d multilib-minimal 8bddda43703ba94d8341f4e247f97566 prefix e51c7882b7b721e54e684f7eb143cbfe toolchain-funcs 605c126bed8d87e4378d5ff1645330cb verify-sig 40b4f4f782cf67118f594ce604cc4c0a
-_md5_=6b65fe8a73bb4722daa33ca1417dc3a3
diff --git a/metadata/md5-cache/net-misc/curl-8.4.0 b/metadata/md5-cache/net-misc/curl-8.4.0
new file mode 100644
index 0000000..a670f4b
--- /dev/null
+++ b/metadata/md5-cache/net-misc/curl-8.4.0
@@ -0,0 +1,16 @@
+BDEPEND=dev-lang/perl virtual/pkgconfig test? ( sys-apps/diffutils http2? ( >=net-libs/nghttp2-1.15.0:=[utils,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) nghttp3? ( net-libs/nghttp2:=[utils,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) ) verify-sig? ( sec-keys/openpgp-keys-danielstenberg ) >=app-portage/elt-patches-20170815 verify-sig? ( app-crypt/gnupg >=app-portage/gemato-16 )
+DEFINED_PHASES=compile configure install prepare test unpack
+DEPEND=>=sys-libs/zlib-1.1.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] adns? ( net-dns/c-ares:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) brotli? ( app-arch/brotli:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) http2? ( >=net-libs/nghttp2-1.12.0:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) idn? ( net-dns/libidn2:=[static-libs?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) kerberos? ( >=virtual/krb5-0-r1[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) ldap? ( >=net-nds/openldap-2.0.0:=[static-libs?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) nghttp3? ( >=net-libs/nghttp3-0.15.0[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] >=net-libs/ngtcp2-0.19.1[gnutls,ssl,-openssl,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) rtmp? ( media-video/rtmpdump[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) ssh? ( >=net-libs/libssh2-1.0.0[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) ssl? ( gnutls? ( app-misc/ca-certificates >=net-libs/gnutls-3.1.10:=[static-libs?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] dev-libs/nettle:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) mbedtls? ( app-misc/ca-certificates net-libs/mbedtls:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) openssl? ( >=dev-libs/openssl-0.9.7:=[sslv3(-)=,static-libs?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) rustls? ( net-libs/rustls-ffi:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) ) zstd? ( app-arch/zstd:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) !<sys-devel/gettext-0.18.1.1-r3 || ( >=sys-devel/automake-1.16.1:1.16 >=sys-devel/automake-1.15.1:1.15 ) >=sys-devel/autoconf-2.69 >=sys-devel/libtool-2.4
+DESCRIPTION=A Client that groks URLs
+EAPI=7
+HOMEPAGE=https://curl.se/
+IUSE=+adns +alt-svc brotli +ftp gnutls gopher +hsts +http2 idn +imap kerberos ldap mbedtls nghttp3 +openssl +pop3 +progress-meter rtmp rustls samba +smtp ssh ssl sslv3 static-libs test telnet +tftp websockets zstd curl_ssl_gnutls curl_ssl_mbedtls +curl_ssl_openssl curl_ssl_rustls abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 abi_arm_32 abi_arm_64 verify-sig
+KEYWORDS=*
+LICENSE=BSD curl ISC test? ( BSD-4 )
+RDEPEND=>=sys-libs/zlib-1.1.4[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] adns? ( net-dns/c-ares:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) brotli? ( app-arch/brotli:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) http2? ( >=net-libs/nghttp2-1.12.0:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) idn? ( net-dns/libidn2:=[static-libs?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) kerberos? ( >=virtual/krb5-0-r1[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) ldap? ( >=net-nds/openldap-2.0.0:=[static-libs?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) nghttp3? ( >=net-libs/nghttp3-0.15.0[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] >=net-libs/ngtcp2-0.19.1[gnutls,ssl,-openssl,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) rtmp? ( media-video/rtmpdump[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) ssh? ( >=net-libs/libssh2-1.0.0[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) ssl? ( gnutls? ( app-misc/ca-certificates >=net-libs/gnutls-3.1.10:=[static-libs?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] dev-libs/nettle:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) mbedtls? ( app-misc/ca-certificates net-libs/mbedtls:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) openssl? ( >=dev-libs/openssl-0.9.7:=[sslv3(-)=,static-libs?,abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) rustls? ( net-libs/rustls-ffi:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] ) ) zstd? ( app-arch/zstd:=[abi_x86_32(-)?,abi_x86_64(-)?,abi_x86_x32(-)?,abi_mips_n32(-)?,abi_mips_n64(-)?,abi_mips_o32(-)?,abi_ppc_32(-)?,abi_ppc_64(-)?,abi_s390_32(-)?,abi_s390_64(-)?,abi_arm_32(-)?,abi_arm_64(-)?] )
+REQUIRED_USE=ssl? ( ^^ ( curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_openssl curl_ssl_rustls ) ) curl_ssl_gnutls? ( gnutls ) curl_ssl_mbedtls? ( mbedtls ) curl_ssl_openssl? ( openssl ) curl_ssl_rustls? ( rustls ) nghttp3? ( !openssl alt-svc )
+RESTRICT=!test? ( test )
+SLOT=0
+SRC_URI=https://curl.se/download/curl-8.4.0.tar.xz verify-sig? ( https://curl.se/download/curl-8.4.0.tar.xz.asc )
+_eclasses_=autotools d0e5375d47f4c809f406eb892e531513 libtool f143db5a74ccd9ca28c1234deffede96 multibuild 40fe59465edacd730c644ec2bc197809 multilib 2477ebe553d3e4d2c606191fe6c33602 multilib-build 1979aa0ff4d356d32507ca4650d9f37d multilib-minimal 8bddda43703ba94d8341f4e247f97566 multiprocessing c3cf317581e5bd068a4b851f03dd8cba prefix e51c7882b7b721e54e684f7eb143cbfe toolchain-funcs 605c126bed8d87e4378d5ff1645330cb verify-sig 40b4f4f782cf67118f594ce604cc4c0a
+_md5_=0d5f44345fa862f124da0d02a7a7f5bf
diff --git a/net-misc/curl/Manifest b/net-misc/curl/Manifest
index 23d9927..ad05e9e 100644
--- a/net-misc/curl/Manifest
+++ b/net-misc/curl/Manifest
@@ -1,4 +1,6 @@
-DIST curl-8.0.1.tar.xz 2575544 BLAKE2B 67d82e9d71f0a351b5c2ed3ad5eab02e367ded872658a295179b935729d5105015f8c29569c396e11cd14036656af894ded85c8838cba260d9f6f1a8dcb5e22b SHA512 3bb777982659ed697ae90f113ff7b65d6ce8ba9fe6a8984cfd6769d2f051a72ba953c911abe234c204ec2cc5a35d68b4d033037fad7fba31bb92a52543f8d13d
-DIST curl-8.0.1.tar.xz.asc 488 BLAKE2B 452e1bebe1028e7621bbf8829e50cf56e254cd63a8cf2a4c0332176b9f18fb2821304ae556a203996d273c986bddbd04db2218c18fd34dee66e9155861ba50ce SHA512 92c6a0570e9a8a708fe2f717b8b37a68dcb9cd4520ca50c9baafec5891bda103bce2d2dcb67f1387bf11bd7e51e0e64ccd52d196e61d58b598ad3aa1960386cf
-DIST curl-8.1.0.tar.xz 2612568 BLAKE2B 768a824b8f5f6ddaa073599c4106f07a8134bcbe0e0d666390be1bce16ba25386d85930853bb47bc90b2c8a499a0b2abb9c685042563801e0fe58b9c315ac6cc SHA512 b99926f372ddd715cd1d2b54d8fb96b26b085e6501715e25aa57b6c6a7f8452473506ddb284e2f280f8afdb301b7f0c3bfde7ad7ed393b12c022430a9301096d
-DIST curl-8.1.0.tar.xz.asc 488 BLAKE2B c1a8e50eddc7dd140af2af29736eb486e96a6d3b67a9161244daa86558f65522527380c92597a5f10e5dad187f0bda6ac5b9cadc29386bef4492bc047c77b423 SHA512 191a74c7a6b6aa78b7f36e1535fda0701bde8b333a61c90343e1f1b2d65cc5097b5febc5fa42b2f373795ef1b34078790deaaa71c8aaa45eed1c753729a45f3d
+DIST curl-8.2.1.tar.xz 2631932 BLAKE2B 77c0b067935397afb3961378f2fe349fa988c6379c1ab7437c5d5f967710b2e9ba7aec91df8fe58a8b26c00c0164d4db9bd095ca27d1bf52b768c8d83cc0ecaf SHA512 3f78c9330c52d32b166f17829fc2be13418ef925e88f75aacad7f369e7afe00dc4a56566418730dbb845b2b284d721b08f639df322e2e1ef2dfab165c4189094
+DIST curl-8.2.1.tar.xz.asc 488 BLAKE2B 569a7c8d338f7175b5035fa281861b57cce7f5327ec6437d79e215e5a806619c9432d7960687e5463787f681cc408371c1eb1f0db7fb8678b8ef34ec50ef69d0 SHA512 31ee66a09e7bd14de949ae991c23a0b905d38407b73ae39bae6d01854d8708355c14bc4d0eab3ff931b85986d0236dd34e934eef6061f4b70739137fd0525084
+DIST curl-8.3.0.tar.xz 2641764 BLAKE2B 6875b20e27ed86f9b6ab256210d85e9fb3b39645e8be710b2e6fe29fba40220f870e06bc21e8a92244670fed0a08c7716e4806a267ede49c4ed6d66e03f5fcd4 SHA512 6404b4c74fe1185cb482631ca3a143996cb7298d0d8a76bfafd7696e7729c00559999a069bdba782dee3f3eb273fb678a4438cb27d3deca54022878cdff83a51
+DIST curl-8.3.0.tar.xz.asc 488 BLAKE2B ef5a749e579710d45db9f73da0cbcb58d77a9dfe73be622536496997fa792fe5cbd0331a31f01e21cbdb36c6384dca44baa647c9f3d20effabb5bfc275b1b491 SHA512 b7d45722640ac50181b20a6d663168ec6eec6691c5604ddfe9c7177f07da598cb2de688c631043dc428c311774d781ccd16bd1e2fb4f038be651e3bee383aec4
+DIST curl-8.4.0.tar.xz 2658376 BLAKE2B ea5ebecc3c1aeac3ae8fd0cf7d8ff3298149b9c4c556fb85ed8d9310e3613228eb6fca133b0dfb9268988f93d694779fab8d53510cfa5710c1320bb6638f05eb SHA512 7027dbf3b759b39d6ec9c4da58fadd254e84bb93bff599541b3bc3135bad4c2955c6237d7ddd60973f9f1a6948bc32d7e312985fb50658bc958b9f22fee74f2b
+DIST curl-8.4.0.tar.xz.asc 488 BLAKE2B 0fd4ea46a0942b9bc440e91e8f9323bba6d0eb02fbc87c227004c90e5be14cc644446bc235ab67f857b617975cdeada6ce38a647da9e0bd783e57d58f354cdb4 SHA512 b8b7a5b76be816e7b1552354f267f335fdc608cdadbd2c40ab44faf6450c6bbd2853b6de5c2746a1292aad33a8ee1c367380d32bb1a8282540b38c3b985a320e
diff --git a/net-misc/curl/curl-8.1.0-r3.ebuild b/net-misc/curl/curl-8.4.0.ebuild
similarity index 61%
rename from net-misc/curl/curl-8.1.0-r3.ebuild
rename to net-misc/curl/curl-8.4.0.ebuild
index f5fca63..a194422 100644
--- a/net-misc/curl/curl-8.1.0-r3.ebuild
+++ b/net-misc/curl/curl-8.4.0.ebuild
@@ -4,67 +4,85 @@
EAPI=7
VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc
-inherit autotools multilib-minimal prefix verify-sig
+inherit autotools multilib-minimal multiprocessing prefix toolchain-funcs verify-sig
DESCRIPTION="A Client that groks URLs"
HOMEPAGE="https://curl.se/"
-SRC_URI="
- https://curl.se/download/${P}.tar.xz
- verify-sig? ( https://curl.se/download/${P}.tar.xz.asc )
-"
-LICENSE="curl"
+if [[ ${PV} == 9999 ]]; then
+ inherit git-r3
+ EGIT_REPO_URI="https://github.com/curl/curl.git"
+else
+ SRC_URI="
+ https://curl.se/download/${P}.tar.xz
+ verify-sig? ( https://curl.se/download/${P}.tar.xz.asc )
+ "
+ KEYWORDS="*"
+fi
+
+LICENSE="BSD curl ISC test? ( BSD-4 )"
SLOT="0"
-KEYWORDS="*"
-IUSE="+adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp rustls samba +smtp ssh ssl sslv3 static-libs test telnet +tftp websockets zstd"
-IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl curl_ssl_rustls"
-IUSE+=" nghttp3"
+IUSE="+adns +alt-svc brotli +ftp gnutls gopher +hsts +http2 idn +imap kerberos ldap mbedtls nghttp3 +openssl +pop3"
+IUSE+=" +progress-meter rtmp rustls samba +smtp ssh ssl sslv3 static-libs test telnet +tftp websockets zstd"
+# These select the default SSL implementation
+IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls +curl_ssl_openssl curl_ssl_rustls"
RESTRICT="!test? ( test )"
# Only one default ssl provider can be enabled
+# The default ssl provider needs its USE satisfied
+# nghttp3 = https://bugs.gentoo.org/912029
REQUIRED_USE="
ssl? (
^^ (
curl_ssl_gnutls
curl_ssl_mbedtls
- curl_ssl_nss
curl_ssl_openssl
curl_ssl_rustls
)
)
+ curl_ssl_gnutls? ( gnutls )
+ curl_ssl_mbedtls? ( mbedtls )
+ curl_ssl_openssl? ( openssl )
+ curl_ssl_rustls? ( rustls )
+ nghttp3? (
+ !openssl
+ alt-svc )
"
+# cURL's docs and CI/CD are great resources for confirming supported versions
+# particulary for fast-moving targets like HTTP/2 and TCP/2 e.g.:
+# - https://github.com/curl/curl/blob/master/docs/INTERNALS.md (core dependencies + minimum versions)
+# - https://github.com/curl/curl/blob/master/docs/HTTP3.md (example of a feature that moves quickly)
+# - https://github.com/curl/curl/blob/master/.github/workflows/quiche-linux.yml (CI/CD for TCP/2)
+# However 'supported' vs 'works' are two entirely different things; be sane but
+# don't be afraid to require a later version.
+
RDEPEND="
- sys-libs/zlib[${MULTILIB_USEDEP}]
+ >=sys-libs/zlib-1.1.4[${MULTILIB_USEDEP}]
adns? ( net-dns/c-ares:=[${MULTILIB_USEDEP}] )
brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] )
- http2? ( net-libs/nghttp2:=[${MULTILIB_USEDEP}] )
+ http2? ( >=net-libs/nghttp2-1.12.0:=[${MULTILIB_USEDEP}] )
idn? ( net-dns/libidn2:=[static-libs?,${MULTILIB_USEDEP}] )
kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
- ldap? ( net-nds/openldap:=[${MULTILIB_USEDEP}] )
+ ldap? ( >=net-nds/openldap-2.0.0:=[static-libs?,${MULTILIB_USEDEP}] )
nghttp3? (
- net-libs/nghttp3[${MULTILIB_USEDEP}]
- net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}]
+ >=net-libs/nghttp3-0.15.0[${MULTILIB_USEDEP}]
+ >=net-libs/ngtcp2-0.19.1[gnutls,ssl,-openssl,${MULTILIB_USEDEP}]
)
rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] )
- ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] )
+ ssh? ( >=net-libs/libssh2-1.0.0[${MULTILIB_USEDEP}] )
ssl? (
gnutls? (
app-misc/ca-certificates
- net-libs/gnutls:=[static-libs?,${MULTILIB_USEDEP}]
+ >=net-libs/gnutls-3.1.10:=[static-libs?,${MULTILIB_USEDEP}]
dev-libs/nettle:=[${MULTILIB_USEDEP}]
)
mbedtls? (
app-misc/ca-certificates
net-libs/mbedtls:=[${MULTILIB_USEDEP}]
)
- nss? (
- app-misc/ca-certificates
- dev-libs/nss[${MULTILIB_USEDEP}]
- dev-libs/nss-pem
- )
openssl? (
- dev-libs/openssl:=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}]
+ >=dev-libs/openssl-0.9.7:=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}]
)
rustls? (
net-libs/rustls-ffi:=[${MULTILIB_USEDEP}]
@@ -72,13 +90,15 @@
)
zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )
"
+
DEPEND="${RDEPEND}"
+
BDEPEND="
dev-lang/perl
virtual/pkgconfig
test? (
sys-apps/diffutils
- http2? ( net-libs/nghttp2:=[utils,${MULTILIB_USEDEP}] )
+ http2? ( >=net-libs/nghttp2-1.15.0:=[utils,${MULTILIB_USEDEP}] )
nghttp3? ( net-libs/nghttp2:=[utils,${MULTILIB_USEDEP}] )
)
verify-sig? ( sec-keys/openpgp-keys-danielstenberg )
@@ -106,14 +126,8 @@
)
PATCHES=(
- "${FILESDIR}"/${PN}-7.30.0-prefix.patch
+ "${FILESDIR}"/${PN}-prefix.patch
"${FILESDIR}"/${PN}-respect-cflags-3.patch
- ### Backports
- "${FILESDIR}"/${P}-numeric-hostname.patch
- "${FILESDIR}"/${P}-header-length.patch
- # CVEs
- "${FILESDIR}"/${PN}-CVE-2023-32001.patch
- "${FILESDIR}"/${PN}-CVE-2023-38039.patch
)
src_prepare() {
@@ -130,47 +144,40 @@
local myconf=()
myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt )
- #myconf+=( --without-default-ssl-backend )
- if use ssl ; then
- myconf+=( --without-gnutls --without-mbedtls --without-nss --without-rustls )
+ if use ssl; then
+ myconf+=( --without-gnutls --without-mbedtls --without-rustls )
- if use gnutls || use curl_ssl_gnutls; then
- einfo "SSL provided by gnutls"
+ if use gnutls; then
+ multilib_is_native_abi && einfo "SSL provided by gnutls"
myconf+=( --with-gnutls )
fi
- if use mbedtls || use curl_ssl_mbedtls; then
- einfo "SSL provided by mbedtls"
+ if use mbedtls; then
+ multilib_is_native_abi && einfo "SSL provided by mbedtls"
myconf+=( --with-mbedtls )
fi
- if use nss || use curl_ssl_nss; then
- einfo "SSL provided by nss"
- myconf+=( --with-nss --with-nss-deprecated )
- fi
- if use openssl || use curl_ssl_openssl; then
- einfo "SSL provided by openssl"
+ if use openssl; then
+ multilib_is_native_abi && einfo "SSL provided by openssl"
myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )
fi
- if use rustls || use curl_ssl_rustls; then
- einfo "SSL provided by rustls"
+ if use rustls; then
+ multilib_is_native_abi && einfo "SSL provided by rustls"
myconf+=( --with-rustls )
fi
if use curl_ssl_gnutls; then
- einfo "Default SSL provided by gnutls"
+ multilib_is_native_abi && einfo "Default SSL provided by gnutls"
myconf+=( --with-default-ssl-backend=gnutls )
elif use curl_ssl_mbedtls; then
- einfo "Default SSL provided by mbedtls"
+ multilib_is_native_abi && einfo "Default SSL provided by mbedtls"
myconf+=( --with-default-ssl-backend=mbedtls )
- elif use curl_ssl_nss; then
- einfo "Default SSL provided by nss"
- myconf+=( --with-default-ssl-backend=nss )
elif use curl_ssl_openssl; then
- einfo "Default SSL provided by openssl"
+ multilib_is_native_abi && einfo "Default SSL provided by openssl"
myconf+=( --with-default-ssl-backend=openssl )
elif use curl_ssl_rustls; then
- einfo "Default SSL provided by rustls"
+ multilib_is_native_abi && einfo "Default SSL provided by rustls"
myconf+=( --with-default-ssl-backend=rustls )
else
eerror "We can't be here because of REQUIRED_USE."
+ die "Please file a bug, hit impossible condition w/ USE=ssl handling."
fi
else
@@ -190,7 +197,12 @@
myconf+=(
$(use_enable alt-svc)
- --enable-crypto-auth
+ --enable-basic-auth
+ --enable-bearer-auth
+ --enable-digest-auth
+ --enable-kerberos-auth
+ --enable-negotiate-auth
+ --enable-aws
--enable-dict
--disable-ech
--enable-file
@@ -235,7 +247,7 @@
--without-amissl
--without-bearssl
$(use_with brotli)
- --without-fish-functions-dir
+ --with-fish-functions-dir="${EPREFIX}"/usr/share/fish/vendor_completions.d
$(use_with http2 nghttp2)
--without-hyper
$(use_with idn libidn2)
@@ -257,6 +269,7 @@
--without-wolfssl
--with-zlib
$(use_with zstd)
+ --with-zsh-functions-dir="${EPREFIX}"/usr/share/zsh/site-functions
)
if use test && multilib_is_native_abi && ( use http2 || use nghttp3 ); then
@@ -265,6 +278,12 @@
)
fi
+ if [[ ${CHOST} == *mingw* ]] ; then
+ myconf+=(
+ --disable-pthreads
+ )
+ fi
+
ECONF_SOURCE="${S}" econf "${myconf[@]}"
if ! multilib_is_native_abi; then
@@ -299,6 +318,17 @@
echo "Requires.private: ${priv[*]}" >> libcurl.pc || die
}
+multilib_src_compile() {
+ default
+
+ if multilib_is_native_abi; then
+ # Shell completions
+ ! tc-is-cross-compiler && emake -C scripts
+ fi
+}
+
+# There is also a pytest harness that tests for bugs in some very specific
+# situations; we can rely on upstream for this rather than adding additional test deps.
multilib_src_test() {
# See https://github.com/curl/curl/blob/master/tests/runtests.pl#L5721
# -n: no valgrind (unreliable in sandbox and doesn't work correctly on all arches)
@@ -307,12 +337,23 @@
# -k: keep test files after completion
# -am: automake style TAP output
# -p: print logs if test fails
- # Note: if needed, we can skip specific tests. Prefix the test number in TFLAGS
- # with a '!'. For example, to skip test 241 and 1083, use '!241 !1083'.
- # See https://github.com/curl/curl/tree/master/tests#run for advanced test selection.
+ # Note: if needed, we can skip specific tests. See e.g. Fedora's packaging
+ # or just read https://github.com/curl/curl/tree/master/tests#run.
+ # Note: we don't run the testsuite for cross-compilation.
+ # Upstream recommend 7*nproc as a starting point for parallel tests, but
+ # this ends up breaking when nproc is huge (like -j80).
# The network sandbox causes tests 241 and 1083 to fail; these are typically skipped
# as most gentoo users don't have an 'ip6-localhost'
- multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p !241 !1083"
+ multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p -j$((2*$(makeopts_jobs))) !241 !1083"
+}
+
+multilib_src_install() {
+ emake DESTDIR="${D}" install
+
+ if multilib_is_native_abi; then
+ # Shell completions
+ ! tc-is-cross-compiler && emake -C scripts DESTDIR="${D}" install
+ fi
}
multilib_src_install_all() {
diff --git a/net-misc/curl/files/curl-8.0.1-onion-resolution.patch b/net-misc/curl/files/curl-8.0.1-onion-resolution.patch
index 9a0ae2b..65b4865 100644
--- a/net-misc/curl/files/curl-8.0.1-onion-resolution.patch
+++ b/net-misc/curl/files/curl-8.0.1-onion-resolution.patch
@@ -156,4 +156,3 @@
+</verify>
+</testcase>
-
diff --git a/net-misc/curl/files/curl-8.1.0-header-length.patch b/net-misc/curl/files/curl-8.1.0-header-length.patch
deleted file mode 100644
index 6229fd8..0000000
--- a/net-misc/curl/files/curl-8.1.0-header-length.patch
+++ /dev/null
@@ -1,86 +0,0 @@
-https://github.com/curl/curl/commit/77c9a9845bbee66f3aff158b8452dc8cd963cbd5.patch
-From: =?UTF-8?q?Emilio=20Cobos=20=C3=81lvarez?= <emilio@crisal.io>
-Date: Thu, 18 May 2023 18:22:57 +0200
-Subject: [PATCH] http2: double http request parser max line length
-
-This works around #11138, by doubling the limit, and should be a
-relatively safe fix.
-
-Ideally the buffer would grow as needed and there would be no need for a
-limit? But that might be follow-up material.
-
-Fixes #11138
-Closes #11139
----
- lib/http1.h | 2 ++
- lib/http2.c | 2 +-
- lib/vquic/curl_msh3.c | 2 +-
- lib/vquic/curl_ngtcp2.c | 2 +-
- lib/vquic/curl_quiche.c | 2 +-
- 5 files changed, 6 insertions(+), 4 deletions(-)
-
-diff --git a/lib/http1.h b/lib/http1.h
-index c2d107587a6f8..8acb9db401a95 100644
---- a/lib/http1.h
-+++ b/lib/http1.h
-@@ -33,6 +33,8 @@
- #define H1_PARSE_OPT_NONE (0)
- #define H1_PARSE_OPT_STRICT (1 << 0)
-
-+#define H1_PARSE_DEFAULT_MAX_LINE_LEN (8 * 1024)
-+
- struct h1_req_parser {
- struct http_req *req;
- struct bufq scratch;
-diff --git a/lib/http2.c b/lib/http2.c
-index 47e6f71393156..4e3b182b8d815 100644
---- a/lib/http2.c
-+++ b/lib/http2.c
-@@ -1860,7 +1860,7 @@ static ssize_t h2_submit(struct stream_ctx **pstream,
- nghttp2_priority_spec pri_spec;
- ssize_t nwritten;
-
-- Curl_h1_req_parse_init(&h1, (4*1024));
-+ Curl_h1_req_parse_init(&h1, H1_PARSE_DEFAULT_MAX_LINE_LEN);
- Curl_dynhds_init(&h2_headers, 0, DYN_HTTP_REQUEST);
-
- *err = http2_data_setup(cf, data, &stream);
-diff --git a/lib/vquic/curl_msh3.c b/lib/vquic/curl_msh3.c
-index 40e89379fc402..173886739b6dc 100644
---- a/lib/vquic/curl_msh3.c
-+++ b/lib/vquic/curl_msh3.c
-@@ -575,7 +575,7 @@ static ssize_t cf_msh3_send(struct Curl_cfilter *cf, struct Curl_easy *data,
-
- CF_DATA_SAVE(save, cf, data);
-
-- Curl_h1_req_parse_init(&h1, (4*1024));
-+ Curl_h1_req_parse_init(&h1, H1_PARSE_DEFAULT_MAX_LINE_LEN);
- Curl_dynhds_init(&h2_headers, 0, DYN_HTTP_REQUEST);
-
- /* Sizes must match for cast below to work" */
-diff --git a/lib/vquic/curl_ngtcp2.c b/lib/vquic/curl_ngtcp2.c
-index 05f960afdffa1..7794f148c6ec9 100644
---- a/lib/vquic/curl_ngtcp2.c
-+++ b/lib/vquic/curl_ngtcp2.c
-@@ -1550,7 +1550,7 @@ static ssize_t h3_stream_open(struct Curl_cfilter *cf,
- nghttp3_data_reader reader;
- nghttp3_data_reader *preader = NULL;
-
-- Curl_h1_req_parse_init(&h1, (4*1024));
-+ Curl_h1_req_parse_init(&h1, H1_PARSE_DEFAULT_MAX_LINE_LEN);
- Curl_dynhds_init(&h2_headers, 0, DYN_HTTP_REQUEST);
-
- *err = h3_data_setup(cf, data);
-diff --git a/lib/vquic/curl_quiche.c b/lib/vquic/curl_quiche.c
-index 392b9beb83c59..c63e8e10a22e0 100644
---- a/lib/vquic/curl_quiche.c
-+++ b/lib/vquic/curl_quiche.c
-@@ -913,7 +913,7 @@ static ssize_t h3_open_stream(struct Curl_cfilter *cf,
- DEBUGASSERT(stream);
- }
-
-- Curl_h1_req_parse_init(&h1, (4*1024));
-+ Curl_h1_req_parse_init(&h1, H1_PARSE_DEFAULT_MAX_LINE_LEN);
- Curl_dynhds_init(&h2_headers, 0, DYN_HTTP_REQUEST);
-
- DEBUGASSERT(stream);
diff --git a/net-misc/curl/files/curl-8.1.0-numeric-hostname.patch b/net-misc/curl/files/curl-8.1.0-numeric-hostname.patch
deleted file mode 100644
index 6a0dd13..0000000
--- a/net-misc/curl/files/curl-8.1.0-numeric-hostname.patch
+++ /dev/null
@@ -1,227 +0,0 @@
-https://github.com/curl/curl/commit/92772e6d395bbdda0e7822d980caf86e8c4aa51c.patch
-From: Daniel Stenberg <daniel@haxx.se>
-Date: Thu, 18 May 2023 00:31:17 +0200
-Subject: [PATCH] urlapi: allow numerical parts in the host name
-
-It can only be an IPv4 address if all parts are all digits and no more than
-four parts, otherwise it is a host name. Even slightly wrong IPv4 will now be
-passed through as a host name.
-
-Regression from 17a15d88467 shipped in 8.1.0
-
-Extended test 1560 accordingly.
-
-Reported-by: Pavel Kalyugin
-Fixes #11129
-Closes #11131
---- a/lib/urlapi.c
-+++ b/lib/urlapi.c
-@@ -34,6 +34,7 @@
- #include "inet_ntop.h"
- #include "strdup.h"
- #include "idn.h"
-+#include "curl_memrchr.h"
-
- /* The last 3 #include files should be in this order */
- #include "curl_printf.h"
-@@ -643,8 +644,8 @@ static CURLUcode hostname_check(struct Curl_URL *u, char *hostname,
- * Handle partial IPv4 numerical addresses and different bases, like
- * '16843009', '0x7f', '0x7f.1' '0177.1.1.1' etc.
- *
-- * If the given input string is syntactically wrong or any part for example is
-- * too big, this function returns FALSE and doesn't create any output.
-+ * If the given input string is syntactically wrong IPv4 or any part for
-+ * example is too big, this function returns HOST_NAME.
- *
- * Output the "normalized" version of that input string in plain quad decimal
- * integers.
-@@ -675,7 +676,7 @@ static int ipv4_normalize(struct dynbuf *host)
- unsigned long l;
- if(!ISDIGIT(*c))
- /* most importantly this doesn't allow a leading plus or minus */
-- return n ? HOST_BAD : HOST_NAME;
-+ return HOST_NAME;
- l = strtoul(c, &endp, 0);
-
- parts[n] = l;
-@@ -684,7 +685,7 @@ static int ipv4_normalize(struct dynbuf *host)
- switch(*c) {
- case '.':
- if(n == 3)
-- return HOST_BAD;
-+ return HOST_NAME;
- n++;
- c++;
- break;
-@@ -694,39 +695,40 @@ static int ipv4_normalize(struct dynbuf *host)
- break;
-
- default:
-- return n ? HOST_BAD : HOST_NAME;
-+ return HOST_NAME;
- }
-
- /* overflow */
- if((l == ULONG_MAX) && (errno == ERANGE))
-- return HOST_BAD;
-+ return HOST_NAME;
-
- #if SIZEOF_LONG > 4
- /* a value larger than 32 bits */
- if(l > UINT_MAX)
-- return HOST_BAD;
-+ return HOST_NAME;
- #endif
- }
-
-- /* this is a valid IPv4 numerical address */
-- Curl_dyn_reset(host);
--
- switch(n) {
- case 0: /* a -- 32 bits */
-+ Curl_dyn_reset(host);
-+
- result = Curl_dyn_addf(host, "%u.%u.%u.%u",
- parts[0] >> 24, (parts[0] >> 16) & 0xff,
- (parts[0] >> 8) & 0xff, parts[0] & 0xff);
- break;
- case 1: /* a.b -- 8.24 bits */
- if((parts[0] > 0xff) || (parts[1] > 0xffffff))
-- return HOST_BAD;
-+ return HOST_NAME;
-+ Curl_dyn_reset(host);
- result = Curl_dyn_addf(host, "%u.%u.%u.%u",
- parts[0], (parts[1] >> 16) & 0xff,
- (parts[1] >> 8) & 0xff, parts[1] & 0xff);
- break;
- case 2: /* a.b.c -- 8.8.16 bits */
- if((parts[0] > 0xff) || (parts[1] > 0xff) || (parts[2] > 0xffff))
-- return HOST_BAD;
-+ return HOST_NAME;
-+ Curl_dyn_reset(host);
- result = Curl_dyn_addf(host, "%u.%u.%u.%u",
- parts[0], parts[1], (parts[2] >> 8) & 0xff,
- parts[2] & 0xff);
-@@ -734,7 +736,8 @@ static int ipv4_normalize(struct dynbuf *host)
- case 3: /* a.b.c.d -- 8.8.8.8 bits */
- if((parts[0] > 0xff) || (parts[1] > 0xff) || (parts[2] > 0xff) ||
- (parts[3] > 0xff))
-- return HOST_BAD;
-+ return HOST_NAME;
-+ Curl_dyn_reset(host);
- result = Curl_dyn_addf(host, "%u.%u.%u.%u",
- parts[0], parts[1], parts[2], parts[3]);
- break;
-@@ -796,6 +799,9 @@ static CURLUcode parse_authority(struct Curl_URL *u,
- if(result)
- goto out;
-
-+ if(!Curl_dyn_len(host))
-+ return CURLUE_NO_HOST;
-+
- switch(ipv4_normalize(host)) {
- case HOST_IPV4:
- break;
---- a/tests/libtest/lib1560.c
-+++ b/tests/libtest/lib1560.c
-@@ -474,6 +474,13 @@ static const struct testcase get_parts_list[] ={
- };
-
- static const struct urltestcase get_url_list[] = {
-+ {"https://1.0x1000000", "https://1.0x1000000/", 0, 0, CURLUE_OK},
-+ {"https://0x7f.1", "https://127.0.0.1/", 0, 0, CURLUE_OK},
-+ {"https://1.2.3.256.com", "https://1.2.3.256.com/", 0, 0, CURLUE_OK},
-+ {"https://10.com", "https://10.com/", 0, 0, CURLUE_OK},
-+ {"https://1.2.com", "https://1.2.com/", 0, 0, CURLUE_OK},
-+ {"https://1.2.3.com", "https://1.2.3.com/", 0, 0, CURLUE_OK},
-+ {"https://1.2.com.99", "https://1.2.com.99/", 0, 0, CURLUE_OK},
- {"https://[fe80::0000:20c:29ff:fe9c:409b]:80/moo",
- "https://[fe80::20c:29ff:fe9c:409b]:80/moo",
- 0, 0, CURLUE_OK},
-@@ -522,22 +529,24 @@ static const struct urltestcase get_url_list[] = {
-
- /* IPv4 trickeries */
- {"https://16843009", "https://1.1.1.1/", 0, 0, CURLUE_OK},
-- {"https://0x7f.1", "https://127.0.0.1/", 0, 0, CURLUE_OK},
- {"https://0177.1", "https://127.0.0.1/", 0, 0, CURLUE_OK},
- {"https://0111.02.0x3", "https://73.2.0.3/", 0, 0, CURLUE_OK},
-+ {"https://0111.02.0x3.", "https://0111.02.0x3./", 0, 0, CURLUE_OK},
-+ {"https://0111.02.030", "https://73.2.0.24/", 0, 0, CURLUE_OK},
-+ {"https://0111.02.030.", "https://0111.02.030./", 0, 0, CURLUE_OK},
- {"https://0xff.0xff.0377.255", "https://255.255.255.255/", 0, 0, CURLUE_OK},
- {"https://1.0xffffff", "https://1.255.255.255/", 0, 0, CURLUE_OK},
- /* IPv4 numerical overflows or syntax errors will not normalize */
- {"https://a127.0.0.1", "https://a127.0.0.1/", 0, 0, CURLUE_OK},
- {"https://\xff.127.0.0.1", "https://%FF.127.0.0.1/", 0, CURLU_URLENCODE,
- CURLUE_OK},
-- {"https://127.-0.0.1", "https://127.-0.0.1/", 0, 0, CURLUE_BAD_HOSTNAME},
-+ {"https://127.-0.0.1", "https://127.-0.0.1/", 0, 0, CURLUE_OK},
- {"https://127.0. 1", "https://127.0.0.1/", 0, 0, CURLUE_MALFORMED_INPUT},
-- {"https://1.0x1000000", "https://1.0x1000000/", 0, 0, CURLUE_BAD_HOSTNAME},
-- {"https://1.2.3.256", "https://1.2.3.256/", 0, 0, CURLUE_BAD_HOSTNAME},
-- {"https://1.2.3.4.5", "https://1.2.3.4.5/", 0, 0, CURLUE_BAD_HOSTNAME},
-- {"https://1.2.0x100.3", "https://1.2.0x100.3/", 0, 0, CURLUE_BAD_HOSTNAME},
-- {"https://4294967296", "https://4294967296/", 0, 0, CURLUE_BAD_HOSTNAME},
-+ {"https://1.2.3.256", "https://1.2.3.256/", 0, 0, CURLUE_OK},
-+ {"https://1.2.3.256.", "https://1.2.3.256./", 0, 0, CURLUE_OK},
-+ {"https://1.2.3.4.5", "https://1.2.3.4.5/", 0, 0, CURLUE_OK},
-+ {"https://1.2.0x100.3", "https://1.2.0x100.3/", 0, 0, CURLUE_OK},
-+ {"https://4294967296", "https://4294967296/", 0, 0, CURLUE_OK},
- {"https://123host", "https://123host/", 0, 0, CURLUE_OK},
- /* 40 bytes scheme is the max allowed */
- {"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA://hostname/path",
-@@ -599,20 +608,11 @@ static const struct urltestcase get_url_list[] = {
- 0, 0, CURLUE_OK},
- /* here the password has the semicolon */
- {"http://user:pass;word@host/file",
-- "http://user:pass;word@host/file",
-- 0, 0, CURLUE_OK},
-- {"file:///file.txt#moo",
-- "file:///file.txt#moo",
-- 0, 0, CURLUE_OK},
-- {"file:////file.txt",
-- "file:////file.txt",
-- 0, 0, CURLUE_OK},
-- {"file:///file.txt",
-- "file:///file.txt",
-- 0, 0, CURLUE_OK},
-- {"file:./",
-- "file://",
-- 0, 0, CURLUE_BAD_SCHEME},
-+ "http://user:pass;word@host/file", 0, 0, CURLUE_OK},
-+ {"file:///file.txt#moo", "file:///file.txt#moo", 0, 0, CURLUE_OK},
-+ {"file:////file.txt", "file:////file.txt", 0, 0, CURLUE_OK},
-+ {"file:///file.txt", "file:///file.txt", 0, 0, CURLUE_OK},
-+ {"file:./", "file://", 0, 0, CURLUE_OK},
- {"http://example.com/hello/../here",
- "http://example.com/hello/../here",
- CURLU_PATH_AS_IS, 0, CURLUE_OK},
-@@ -1124,7 +1124,7 @@ static int get_url(void)
- }
- curl_free(url);
- }
-- else if(rc != get_url_list[i].ucode) {
-+ if(rc != get_url_list[i].ucode) {
- fprintf(stderr, "Get URL\nin: %s\nreturned %d (expected %d)\n",
- get_url_list[i].in, (int)rc, get_url_list[i].ucode);
- error++;
-@@ -1515,6 +1515,9 @@ int test(char *URL)
- {
- (void)URL; /* not used */
-
-+ if(get_url())
-+ return 3;
-+
- if(huge())
- return 9;
-
-@@ -1533,9 +1536,6 @@ int test(char *URL)
- if(set_parts())
- return 2;
-
-- if(get_url())
-- return 3;
--
- if(get_parts())
- return 4;
-
diff --git a/net-misc/curl/files/curl-8.3.0-CVE-2023-38545.patch b/net-misc/curl/files/curl-8.3.0-CVE-2023-38545.patch
new file mode 100644
index 0000000..04603a8
--- /dev/null
+++ b/net-misc/curl/files/curl-8.3.0-CVE-2023-38545.patch
@@ -0,0 +1,136 @@
+https://bugs.gentoo.org/915195
+
+From 1e1f915b73ab0895a68348ad1f96a5283a44ffd7 Mon Sep 17 00:00:00 2001
+From: Jay Satiro <raysatiro@yahoo.com>
+Date: Mon, 9 Oct 2023 17:45:07 -0400
+Subject: [PATCH] socks: return error if hostname too long for remote resolve
+
+Prior to this change the state machine attempted to change the remote
+resolve to a local resolve if the hostname was longer than 255
+characters. Unfortunately that did not work as intended and caused a
+security issue.
+
+This patch applies to curl versions 8.2.0 - 8.3.0. Other versions
+that are affected take a different patch. Refer to the CVE advisory
+for more information.
+
+Bug: https://curl.se/docs/CVE-2023-38545.html
+---
+ lib/socks.c | 8 +++----
+ tests/data/Makefile.inc | 2 +-
+ tests/data/test728 | 64 +++++++++++++++++++++++++++++++++++++++++++++++++
+ 3 files changed, 69 insertions(+), 5 deletions(-)
+ create mode 100644 tests/data/test728
+
+diff --git a/lib/socks.c b/lib/socks.c
+index 25a3578..3d41c93 100644
+--- a/lib/socks.c
++++ b/lib/socks.c
+@@ -588,9 +588,9 @@ static CURLproxycode do_SOCKS5(struct Curl_cfilter *cf,
+
+ /* RFC1928 chapter 5 specifies max 255 chars for domain name in packet */
+ if(!socks5_resolve_local && hostname_len > 255) {
+- infof(data, "SOCKS5: server resolving disabled for hostnames of "
+- "length > 255 [actual len=%zu]", hostname_len);
+- socks5_resolve_local = TRUE;
++ failf(data, "SOCKS5: the destination hostname is too long to be "
++ "resolved remotely by the proxy.");
++ return CURLPX_LONG_HOSTNAME;
+ }
+
+ if(auth & ~(CURLAUTH_BASIC | CURLAUTH_GSSAPI))
+@@ -904,7 +904,7 @@ CONNECT_RESOLVE_REMOTE:
+ }
+ else {
+ socksreq[len++] = 3;
+- socksreq[len++] = (char) hostname_len; /* one byte address length */
++ socksreq[len++] = (unsigned char) hostname_len; /* one byte length */
+ memcpy(&socksreq[len], sx->hostname, hostname_len); /* w/o NULL */
+ len += hostname_len;
+ }
+diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc
+index 8ee1394..3e2094e 100644
+--- a/tests/data/Makefile.inc
++++ b/tests/data/Makefile.inc
+@@ -100,7 +100,7 @@ test679 test680 test681 test682 test683 test684 test685 test686 \
+ \
+ test700 test701 test702 test703 test704 test705 test706 test707 test708 \
+ test709 test710 test711 test712 test713 test714 test715 test716 test717 \
+-test718 test719 test720 test721 \
++test718 test719 test720 test721 test728 \
+ \
+ test799 test800 test801 test802 test803 test804 test805 test806 test807 \
+ test808 test809 test810 test811 test812 test813 test814 test815 test816 \
+diff --git a/tests/data/test728 b/tests/data/test728
+new file mode 100644
+index 0000000..05bcf28
+--- /dev/null
++++ b/tests/data/test728
+@@ -0,0 +1,64 @@
++<testcase>
++<info>
++<keywords>
++HTTP
++HTTP GET
++SOCKS5
++SOCKS5h
++followlocation
++</keywords>
++</info>
++
++#
++# Server-side
++<reply>
++# The hostname in this redirect is 256 characters and too long (> 255) for
++# SOCKS5 remote resolve. curl must return error CURLE_PROXY in this case.
++<data>
++HTTP/1.1 301 Moved Permanently
++Location: http://AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/
++Content-Length: 0
++Connection: close
++
++</data>
++</reply>
++
++#
++# Client-side
++<client>
++<features>
++proxy
++</features>
++<server>
++http
++socks5
++</server>
++ <name>
++SOCKS5h with HTTP redirect to hostname too long
++ </name>
++ <command>
++--no-progress-meter --location --proxy socks5h://%HOSTIP:%SOCKSPORT http://%HOSTIP:%HTTPPORT/%TESTNUMBER
++</command>
++</client>
++
++#
++# Verify data after the test has been "shot"
++<verify>
++<protocol crlf="yes">
++GET /%TESTNUMBER HTTP/1.1
++Host: %HOSTIP:%HTTPPORT
++User-Agent: curl/%VERSION
++Accept: */*
++
++</protocol>
++<errorcode>
++97
++</errorcode>
++# the error message is verified because error code CURLE_PROXY (97) may be
++# returned for any number of reasons and we need to make sure it is
++# specifically for the reason below so that we know the check is working.
++<stderr mode="text">
++curl: (97) SOCKS5: the destination hostname is too long to be resolved remotely by the proxy.
++</stderr>
++</verify>
++</testcase>
+--
+2.7.4
+
diff --git a/net-misc/curl/files/curl-8.3.0-CVE-2023-38546.patch b/net-misc/curl/files/curl-8.3.0-CVE-2023-38546.patch
new file mode 100644
index 0000000..615ab26
--- /dev/null
+++ b/net-misc/curl/files/curl-8.3.0-CVE-2023-38546.patch
@@ -0,0 +1,131 @@
+https://bugs.gentoo.org/915195
+https://github.com/curl/curl/commit/61275672b46d9abb3285740467b882e22ed75da8
+
+From 61275672b46d9abb3285740467b882e22ed75da8 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Thu, 14 Sep 2023 23:28:32 +0200
+Subject: [PATCH] cookie: remove unnecessary struct fields
+
+Plus: reduce the hash table size from 256 to 63. It seems unlikely to
+make much of a speed difference for most use cases but saves 1.5KB of
+data per instance.
+
+Closes #11862
+---
+ lib/cookie.c | 13 +------------
+ lib/cookie.h | 13 ++++---------
+ lib/easy.c | 4 +---
+ 3 files changed, 6 insertions(+), 24 deletions(-)
+
+diff --git a/lib/cookie.c b/lib/cookie.c
+index 4345a84c6fd9d..e39c89a94a960 100644
+--- a/lib/cookie.c
++++ b/lib/cookie.c
+@@ -119,7 +119,6 @@ static void freecookie(struct Cookie *co)
+ free(co->name);
+ free(co->value);
+ free(co->maxage);
+- free(co->version);
+ free(co);
+ }
+
+@@ -718,11 +717,7 @@ Curl_cookie_add(struct Curl_easy *data,
+ }
+ }
+ else if((nlen == 7) && strncasecompare("version", namep, 7)) {
+- strstore(&co->version, valuep, vlen);
+- if(!co->version) {
+- badcookie = TRUE;
+- break;
+- }
++ /* just ignore */
+ }
+ else if((nlen == 7) && strncasecompare("max-age", namep, 7)) {
+ /*
+@@ -1160,7 +1155,6 @@ Curl_cookie_add(struct Curl_easy *data,
+ free(clist->path);
+ free(clist->spath);
+ free(clist->expirestr);
+- free(clist->version);
+ free(clist->maxage);
+
+ *clist = *co; /* then store all the new data */
+@@ -1224,9 +1218,6 @@ struct CookieInfo *Curl_cookie_init(struct Curl_easy *data,
+ c = calloc(1, sizeof(struct CookieInfo));
+ if(!c)
+ return NULL; /* failed to get memory */
+- c->filename = strdup(file?file:"none"); /* copy the name just in case */
+- if(!c->filename)
+- goto fail; /* failed to get memory */
+ /*
+ * Initialize the next_expiration time to signal that we don't have enough
+ * information yet.
+@@ -1378,7 +1369,6 @@ static struct Cookie *dup_cookie(struct Cookie *src)
+ CLONE(name);
+ CLONE(value);
+ CLONE(maxage);
+- CLONE(version);
+ d->expires = src->expires;
+ d->tailmatch = src->tailmatch;
+ d->secure = src->secure;
+@@ -1595,7 +1585,6 @@ void Curl_cookie_cleanup(struct CookieInfo *c)
+ {
+ if(c) {
+ unsigned int i;
+- free(c->filename);
+ for(i = 0; i < COOKIE_HASH_SIZE; i++)
+ Curl_cookie_freelist(c->cookies[i]);
+ free(c); /* free the base struct as well */
+diff --git a/lib/cookie.h b/lib/cookie.h
+index b3c0063b2cfb2..41e9e7a6914e0 100644
+--- a/lib/cookie.h
++++ b/lib/cookie.h
+@@ -36,11 +36,7 @@ struct Cookie {
+ char *domain; /* domain = <this> */
+ curl_off_t expires; /* expires = <this> */
+ char *expirestr; /* the plain text version */
+-
+- /* RFC 2109 keywords. Version=1 means 2109-compliant cookie sending */
+- char *version; /* Version = <value> */
+ char *maxage; /* Max-Age = <value> */
+-
+ bool tailmatch; /* whether we do tail-matching of the domain name */
+ bool secure; /* whether the 'secure' keyword was used */
+ bool livecookie; /* updated from a server, not a stored file */
+@@ -56,17 +52,16 @@ struct Cookie {
+ #define COOKIE_PREFIX__SECURE (1<<0)
+ #define COOKIE_PREFIX__HOST (1<<1)
+
+-#define COOKIE_HASH_SIZE 256
++#define COOKIE_HASH_SIZE 63
+
+ struct CookieInfo {
+ /* linked list of cookies we know of */
+ struct Cookie *cookies[COOKIE_HASH_SIZE];
+- char *filename; /* file we read from/write to */
+- long numcookies; /* number of cookies in the "jar" */
++ curl_off_t next_expiration; /* the next time at which expiration happens */
++ int numcookies; /* number of cookies in the "jar" */
++ int lastct; /* last creation-time used in the jar */
+ bool running; /* state info, for cookie adding information */
+ bool newsession; /* new session, discard session cookies on load */
+- int lastct; /* last creation-time used in the jar */
+- curl_off_t next_expiration; /* the next time at which expiration happens */
+ };
+
+ /* The maximum sizes we accept for cookies. RFC 6265 section 6.1 says
+diff --git a/lib/easy.c b/lib/easy.c
+index 16bbd35251d40..03195481f9780 100644
+--- a/lib/easy.c
++++ b/lib/easy.c
+@@ -925,9 +925,7 @@ struct Curl_easy *curl_easy_duphandle(struct Curl_easy *data)
+ if(data->cookies) {
+ /* If cookies are enabled in the parent handle, we enable them
+ in the clone as well! */
+- outcurl->cookies = Curl_cookie_init(data,
+- data->cookies->filename,
+- outcurl->cookies,
++ outcurl->cookies = Curl_cookie_init(data, NULL, outcurl->cookies,
+ data->set.cookiesession);
+ if(!outcurl->cookies)
+ goto fail;
diff --git a/net-misc/curl/files/curl-8.3.0-tests-arm-musl.patch b/net-misc/curl/files/curl-8.3.0-tests-arm-musl.patch
new file mode 100644
index 0000000..e07c13a
--- /dev/null
+++ b/net-misc/curl/files/curl-8.3.0-tests-arm-musl.patch
@@ -0,0 +1,115 @@
+https://github.com/curl/curl/issues/11900
+https://github.com/curl/curl/commit/b226bd679a68b8bf94cbb6d58837f00251560e63
+https://github.com/curl/curl/commit/9c7165e96a3a9a2d0b7059c87c699b5ca8cdae93
+
+From b226bd679a68b8bf94cbb6d58837f00251560e63 Mon Sep 17 00:00:00 2001
+From: Natanael Copa <ncopa@alpinelinux.org>
+Date: Mon, 25 Sep 2023 13:03:26 +0200
+Subject: [PATCH] configure: sort AC_CHECK_FUNCS
+
+No functional changes.
+---
+ configure.ac | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 2fc9f2f01783c..a6f9066a133a4 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -3583,8 +3583,10 @@ AC_CHECK_DECLS([getpwuid_r], [], [AC_DEFINE(HAVE_DECL_GETPWUID_R_MISSING, 1, "Se
+ #include <sys/types.h>]])
+
+
+-AC_CHECK_FUNCS([fnmatch \
++AC_CHECK_FUNCS([\
++ arc4random \
+ fchmod \
++ fnmatch \
+ fork \
+ geteuid \
+ getpass_r \
+@@ -3604,7 +3606,6 @@ AC_CHECK_FUNCS([fnmatch \
+ snprintf \
+ utime \
+ utimes \
+- arc4random
+ ],[
+ ],[
+ func="$ac_func"
+
+From 9c7165e96a3a9a2d0b7059c87c699b5ca8cdae93 Mon Sep 17 00:00:00 2001
+From: Natanael Copa <ncopa@alpinelinux.org>
+Date: Fri, 22 Sep 2023 13:58:49 +0000
+Subject: [PATCH] lib: use wrapper for curl_mime_data fseek callback
+
+fseek uses long offset which does not match with curl_off_t. This leads
+to undefined behavior when calling the callback and caused failure on
+arm 32 bit.
+
+Use a wrapper to solve this and use fseeko which uses off_t instead of
+long.
+
+Thanks to the nice people at Libera IRC #musl for helping finding this
+out.
+
+Fixes #11882
+Fixes #11900
+Closes #11918
+---
+ configure.ac | 2 ++
+ lib/formdata.c | 17 +++++++++++++++--
+ 3 files changed, 20 insertions(+), 2 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index a6f9066a133a4..5fa7c45c47430 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -3584,10 +3584,12 @@ AC_CHECK_DECLS([getpwuid_r], [], [AC_DEFINE(HAVE_DECL_GETPWUID_R_MISSING, 1, "Se
+
+
+ AC_CHECK_FUNCS([\
++ _fseeki64 \
+ arc4random \
+ fchmod \
+ fnmatch \
+ fork \
++ fseeko \
+ geteuid \
+ getpass_r \
+ getppid \
+diff --git a/lib/formdata.c b/lib/formdata.c
+index 8984b63223cc0..f370ce6854b5f 100644
+--- a/lib/formdata.c
++++ b/lib/formdata.c
+@@ -789,6 +789,20 @@ static CURLcode setname(curl_mimepart *part, const char *name, size_t len)
+ return res;
+ }
+
++/* wrap call to fseeko so it matches the calling convetion of callback */
++static int fseeko_wrapper(void *stream, curl_off_t offset, int whence)
++{
++#if defined(HAVE_FSEEKO)
++ return fseeko(stream, (off_t)offset, whence);
++#elif defined(HAVE__FSEEKI64)
++ return _fseeki64(stream, (__int64)offset, whence);
++#else
++ if(offset > LONG_MAX)
++ return -1;
++ return fseek(stream, (long)offset, whence);
++#endif
++}
++
+ /*
+ * Curl_getformdata() converts a linked list of "meta data" into a mime
+ * structure. The input list is in 'post', while the output is stored in
+@@ -874,8 +888,7 @@ CURLcode Curl_getformdata(struct Curl_easy *data,
+ compatibility: use of "-" pseudo file name should be avoided. */
+ result = curl_mime_data_cb(part, (curl_off_t) -1,
+ (curl_read_callback) fread,
+- CURLX_FUNCTION_CAST(curl_seek_callback,
+- fseek),
++ fseeko_wrapper,
+ NULL, (void *) stdin);
+ }
+ else
+
diff --git a/net-misc/curl/files/curl-CVE-2023-32001.patch b/net-misc/curl/files/curl-CVE-2023-32001.patch
deleted file mode 100644
index 2c4ebe5..0000000
--- a/net-misc/curl/files/curl-CVE-2023-32001.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From 0c667188e0c6cda615a036b8a2b4125f2c404dde Mon Sep 17 00:00:00 2001
-From: SaltyMilk <soufiane.elmelcaoui@gmail.com>
-Date: Mon, 10 Jul 2023 21:43:28 +0200
-Subject: [PATCH] fopen: optimize
-
-Closes #11419
----
- lib/fopen.c | 12 ++++++------
- 1 file changed, 6 insertions(+), 6 deletions(-)
-
-diff --git a/lib/fopen.c b/lib/fopen.c
-index c9c9e3d6e73a2..b6e3cadddef65 100644
---- a/lib/fopen.c
-+++ b/lib/fopen.c
-@@ -56,13 +56,13 @@ CURLcode Curl_fopen(struct Curl_easy *data, const char *filename,
- int fd = -1;
- *tempname = NULL;
-
-- if(stat(filename, &sb) == -1 || !S_ISREG(sb.st_mode)) {
-- /* a non-regular file, fallback to direct fopen() */
-- *fh = fopen(filename, FOPEN_WRITETEXT);
-- if(*fh)
-- return CURLE_OK;
-+ *fh = fopen(filename, FOPEN_WRITETEXT);
-+ if(!*fh)
- goto fail;
-- }
-+ if(fstat(fileno(*fh), &sb) == -1 || !S_ISREG(sb.st_mode))
-+ return CURLE_OK;
-+ fclose(*fh);
-+ *fh = NULL;
-
- result = Curl_rand_hex(data, randsuffix, sizeof(randsuffix));
- if(result)
diff --git a/net-misc/curl/files/curl-CVE-2023-38039.patch b/net-misc/curl/files/curl-CVE-2023-38039.patch
deleted file mode 100644
index b080237..0000000
--- a/net-misc/curl/files/curl-CVE-2023-38039.patch
+++ /dev/null
@@ -1,211 +0,0 @@
-From 3ee79c1674fd6f99e8efca52cd7510e08b766770 Mon Sep 17 00:00:00 2001
-From: Daniel Stenberg <daniel@haxx.se>
-Date: Wed, 2 Aug 2023 23:34:48 +0200
-Subject: [PATCH] http: return error when receiving too large header set
-
-To avoid abuse. The limit is set to 300 KB for the accumulated size of
-all received HTTP headers for a single response. Incomplete research
-suggests that Chrome uses a 256-300 KB limit, while Firefox allows up to
-1MB.
-
-Closes #11582
----
- lib/c-hyper.c | 12 +++++++-----
- lib/cf-h1-proxy.c | 4 +++-
- lib/http.c | 34 ++++++++++++++++++++++++++++++----
- lib/http.h | 9 +++++++++
- lib/pingpong.c | 4 +++-
- lib/urldata.h | 17 ++++++++---------
- 6 files changed, 60 insertions(+), 20 deletions(-)
-
-diff --git a/lib/c-hyper.c b/lib/c-hyper.c
-index c29983c0b24a6..0b9d9ab478e67 100644
---- a/lib/c-hyper.c
-+++ b/lib/c-hyper.c
-@@ -182,8 +182,11 @@ static int hyper_each_header(void *userdata,
- }
- }
-
-- data->info.header_size += (curl_off_t)len;
-- data->req.headerbytecount += (curl_off_t)len;
-+ result = Curl_bump_headersize(data, len, FALSE);
-+ if(result) {
-+ data->state.hresult = result;
-+ return HYPER_ITER_BREAK;
-+ }
- return HYPER_ITER_CONTINUE;
- }
-
-@@ -313,9 +316,8 @@ static CURLcode status_line(struct Curl_easy *data,
- if(result)
- return result;
- }
-- data->info.header_size += (curl_off_t)len;
-- data->req.headerbytecount += (curl_off_t)len;
-- return CURLE_OK;
-+ result = Curl_bump_headersize(data, len, FALSE);
-+ return result;
- }
-
- /*
-diff --git a/lib/cf-h1-proxy.c b/lib/cf-h1-proxy.c
-index c9b157c9bccc7..b1d8cb618b7d1 100644
---- a/lib/cf-h1-proxy.c
-+++ b/lib/cf-h1-proxy.c
-@@ -587,7 +587,9 @@ static CURLcode recv_CONNECT_resp(struct Curl_cfilter *cf,
- return result;
- }
-
-- data->info.header_size += (long)perline;
-+ result = Curl_bump_headersize(data, perline, TRUE);
-+ if(result)
-+ return result;
-
- /* Newlines are CRLF, so the CR is ignored as the line isn't
- really terminated until the LF comes. Treat a following CR
-diff --git a/lib/http.c b/lib/http.c
-index f7c71afd7d847..bc78ff97435c4 100644
---- a/lib/http.c
-+++ b/lib/http.c
-@@ -3920,6 +3920,29 @@ static CURLcode verify_header(struct Curl_easy *data)
- return CURLE_OK;
- }
-
-+CURLcode Curl_bump_headersize(struct Curl_easy *data,
-+ size_t delta,
-+ bool connect_only)
-+{
-+ size_t bad = 0;
-+ if(delta < MAX_HTTP_RESP_HEADER_SIZE) {
-+ if(!connect_only)
-+ data->req.headerbytecount += (unsigned int)delta;
-+ data->info.header_size += (unsigned int)delta;
-+ if(data->info.header_size > MAX_HTTP_RESP_HEADER_SIZE)
-+ bad = data->info.header_size;
-+ }
-+ else
-+ bad = data->info.header_size + delta;
-+ if(bad) {
-+ failf(data, "Too large response headers: %zu > %zu",
-+ bad, MAX_HTTP_RESP_HEADER_SIZE);
-+ return CURLE_RECV_ERROR;
-+ }
-+ return CURLE_OK;
-+}
-+
-+
- /*
- * Read any HTTP header lines from the server and pass them to the client app.
- */
-@@ -4173,8 +4196,9 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data,
- if(result)
- return result;
-
-- data->info.header_size += (long)headerlen;
-- data->req.headerbytecount += (long)headerlen;
-+ result = Curl_bump_headersize(data, headerlen, FALSE);
-+ if(result)
-+ return result;
-
- /*
- * When all the headers have been parsed, see if we should give
-@@ -4496,8 +4520,10 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data,
- if(result)
- return result;
-
-- data->info.header_size += Curl_dyn_len(&data->state.headerb);
-- data->req.headerbytecount += Curl_dyn_len(&data->state.headerb);
-+ result = Curl_bump_headersize(data, Curl_dyn_len(&data->state.headerb),
-+ FALSE);
-+ if(result)
-+ return result;
-
- Curl_dyn_reset(&data->state.headerb);
- }
-diff --git a/lib/http.h b/lib/http.h
-index df3b4e38b8a88..4aeabc345938c 100644
---- a/lib/http.h
-+++ b/lib/http.h
-@@ -64,6 +64,10 @@ extern const struct Curl_handler Curl_handler_wss;
-
- struct dynhds;
-
-+CURLcode Curl_bump_headersize(struct Curl_easy *data,
-+ size_t delta,
-+ bool connect_only);
-+
- /* Header specific functions */
- bool Curl_compareheader(const char *headerline, /* line to check */
- const char *header, /* header keyword _with_ colon */
-@@ -183,6 +187,11 @@ CURLcode Curl_http_auth_act(struct Curl_easy *data);
- #define EXPECT_100_THRESHOLD (1024*1024)
- #endif
-
-+/* MAX_HTTP_RESP_HEADER_SIZE is the maximum size of all response headers
-+ combined that libcurl allows for a single HTTP response, any HTTP
-+ version. This count includes CONNECT response headers. */
-+#define MAX_HTTP_RESP_HEADER_SIZE (300*1024)
-+
- #endif /* CURL_DISABLE_HTTP */
-
- /****************************************************************************
-diff --git a/lib/pingpong.c b/lib/pingpong.c
-index f3f7cb93cb9b7..523bbec189fe6 100644
---- a/lib/pingpong.c
-+++ b/lib/pingpong.c
-@@ -341,7 +341,9 @@ CURLcode Curl_pp_readresp(struct Curl_easy *data,
- ssize_t clipamount = 0;
- bool restart = FALSE;
-
-- data->req.headerbytecount += (long)gotbytes;
-+ result = Curl_bump_headersize(data, gotbytes, FALSE);
-+ if(result)
-+ return result;
-
- pp->nread_resp += gotbytes;
- for(i = 0; i < gotbytes; ptr++, i++) {
-diff --git a/lib/urldata.h b/lib/urldata.h
-index e5446b6840f63..d21aa415dc94b 100644
---- a/lib/urldata.h
-+++ b/lib/urldata.h
-@@ -629,17 +629,16 @@ struct SingleRequest {
- curl_off_t bytecount; /* total number of bytes read */
- curl_off_t writebytecount; /* number of bytes written */
-
-- curl_off_t headerbytecount; /* only count received headers */
-- curl_off_t deductheadercount; /* this amount of bytes doesn't count when we
-- check if anything has been transferred at
-- the end of a connection. We use this
-- counter to make only a 100 reply (without a
-- following second response code) result in a
-- CURLE_GOT_NOTHING error code */
--
- curl_off_t pendingheader; /* this many bytes left to send is actually
- header and not body */
- struct curltime start; /* transfer started at this time */
-+ unsigned int headerbytecount; /* only count received headers */
-+ unsigned int deductheadercount; /* this amount of bytes doesn't count when
-+ we check if anything has been transferred
-+ at the end of a connection. We use this
-+ counter to make only a 100 reply (without
-+ a following second response code) result
-+ in a CURLE_GOT_NOTHING error code */
- enum {
- HEADER_NORMAL, /* no bad header at all */
- HEADER_PARTHEADER, /* part of the chunk is a bad header, the rest
-@@ -1089,7 +1088,6 @@ struct PureInfo {
- int httpversion; /* the http version number X.Y = X*10+Y */
- time_t filetime; /* If requested, this is might get set. Set to -1 if the
- time was unretrievable. */
-- curl_off_t header_size; /* size of read header(s) in bytes */
- curl_off_t request_size; /* the amount of bytes sent in the request(s) */
- unsigned long proxyauthavail; /* what proxy auth types were announced */
- unsigned long httpauthavail; /* what host auth types were announced */
-@@ -1097,6 +1095,7 @@ struct PureInfo {
- char *contenttype; /* the content type of the object */
- char *wouldredirect; /* URL this would've been redirected to if asked to */
- curl_off_t retry_after; /* info from Retry-After: header */
-+ unsigned int header_size; /* size of read header(s) in bytes */
-
- /* PureInfo members 'conn_primary_ip', 'conn_primary_port', 'conn_local_ip'
- and, 'conn_local_port' are copied over from the connectdata struct in
diff --git a/net-misc/curl/files/curl-7.30.0-prefix.patch b/net-misc/curl/files/curl-prefix.patch
similarity index 100%
rename from net-misc/curl/files/curl-7.30.0-prefix.patch
rename to net-misc/curl/files/curl-prefix.patch
diff --git a/net-misc/curl/metadata.xml b/net-misc/curl/metadata.xml
index bedd897..10ae7d7 100644
--- a/net-misc/curl/metadata.xml
+++ b/net-misc/curl/metadata.xml
@@ -1,9 +1,13 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
- <maintainer type="person">
- <email>blueness@gentoo.org</email>
- <name>Anthony G. Basile</name>
+ <maintainer type="person" proxied="yes">
+ <email>Matt.Jolly@footclan.ninja</email>
+ <name>Matt Jolly</name>
+ </maintainer>
+ <maintainer type="project">
+ <email>base-system@gentoo.org</email>
+ <name>Gentoo Base System</name>
</maintainer>
<use>
<flag name="alt-svc">Enable alt-svc support</flag>
@@ -21,6 +25,7 @@
<flag name="pop3">Enable Post Office Protocol 3 support</flag>
<flag name="progress-meter">Enable the progress meter</flag>
<flag name="rtmp">Enable RTMP Streaming Media support</flag>
+ <flag name="rustls">Enable Rustls ssl backend</flag>
<flag name="smtp">Enable Simple Mail Transfer Protocol support</flag>
<flag name="ssh">Enable SSH urls in curl using libssh2</flag>
<flag name="ssl">Enable crypto engine support (via openssl if USE='-gnutls -nss')</flag>