net-misc/curl: add 7.83.0

Now with verbose tests & disabled valgrind (unreliable on various arches
and within sandbox).

Bug: https://bugs.gentoo.org/841302
Closes: https://bugs.gentoo.org/739738
Signed-off-by: Sam James <sam@gentoo.org>

2 files changed, 289 insertions, 0 deletions

diff --git a/net-misc/curl/Manifest b/net-misc/curl/Manifest
index 8478ecaaa8d5..2d24c0dc1752 100644
--- a/net-misc/curl/Manifest
+++ b/net-misc/curl/Manifest
@@ -6,3 +6,5 @@ DIST curl-7.81.0.tar.xz 2486388 BLAKE2B bf8a3a03564648a9d7a5b4e7a523d840230f0323
 DIST curl-7.81.0.tar.xz.asc 488 BLAKE2B 9280f10b14ddd95a1405fda79f8c51528c91c5e86b8f90d16d20d7f11d212e6e4391377eed971d0b0b27f5f4692c702e9d7a11705f0558ad39df38608d6a0648 SHA512 ca32a639900a9f8211005227dfb594f809c5ca5ec1eb87e944ef33cca60e4844f5b6ebe49de79fba53068e5dee9652b1d43a7d3a74e05419a2ffb5b40dab8176
 DIST curl-7.82.0.tar.xz 2446764 BLAKE2B 838accae4a45c090909cff91477a023789a79535691c80e507fd9e9712861b0c08e25ecd26079cb8ac8946cdf429a50991a7521e7b550b43c19e455625bc0750 SHA512 a977d69360d1793f8872096a21f5c0271e7ad145cd69ad45f4056a0657772f0f298b04bdb41aefd4ea5c4478352c60d80b5a118642280a07a7198aa80ffb1d57
 DIST curl-7.82.0.tar.xz.asc 488 BLAKE2B 9da4ea63671621df956aa5dc191cfc6c8d2a8b1958416ca58ffc04d43ed65b89244968588879e6bd3299ca8f60b1eccb34dede012f8a2a37acf3ca34021da958 SHA512 1f14d8ab55360ba735dff916369ee318e98767718394654ce9443b6013509b6d3ed5597685b142e9823cec7496373b709a8656515d66039c06783879655151fe
+DIST curl-7.83.0.tar.xz 2472560 BLAKE2B 0669f40265a56e7549e8038ed8421680d7264bff44dcc0692cf9f5248621311be5e228314710149bf9d2ccbe739f929039e04402c1d04a1362d0bbf08cb8cdc7 SHA512 be02bb2a8a3140eff3a9046f27cd4f872ed9ddaa644af49e56e5ef7dfec84a15b01db133469269437cddc937eda73953fa8c51bb758f7e98873822cd2290d3a9
+DIST curl-7.83.0.tar.xz.asc 488 BLAKE2B a8f6dcf00f1b01b457a7eecc8364538393f414df60757f3664709c62b6007023a34ddf4ecb4688734e396031d30905b490dd0c115f09a9428db6a6be97cdf72c SHA512 8fb90f9692f4fdb82ea49f0e5151219b2334da5d3910f28e787bb688fb055b8b028ccf75cdcc15cd9f86d780d479f88f902fef7d7b9e007a4b849cb25c6c13cc
diff --git a/net-misc/curl/curl-7.83.0.ebuild b/net-misc/curl/curl-7.83.0.ebuild
new file mode 100644
index 000000000000..08bd291889b6
--- /dev/null
+++ b/net-misc/curl/curl-7.83.0.ebuild
@@ -0,0 +1,287 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="8"
+
+inherit autotools prefix multilib-minimal verify-sig
+
+DESCRIPTION="A Client that groks URLs"
+HOMEPAGE="https://curl.haxx.se/"
+SRC_URI="https://curl.haxx.se/download/${P}.tar.xz
+	verify-sig? ( https://curl.haxx.se/download/${P}.tar.xz.asc )"
+
+LICENSE="curl"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+IUSE="adns alt-svc brotli +ftp gnutls gopher hsts +http2 idn +imap ipv6 kerberos ldap mbedtls nss +openssl +pop3 +progress-meter rtmp samba +smtp ssh ssl sslv3 static-libs test telnet +tftp threads zstd"
+IUSE+=" curl_ssl_gnutls curl_ssl_mbedtls curl_ssl_nss +curl_ssl_openssl"
+IUSE+=" nghttp3 quiche"
+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/danielstenberg.asc
+
+# c-ares must be disabled for threads
+# only one default ssl provider can be enabled
+REQUIRED_USE="
+	threads? ( !adns )
+	ssl? (
+		^^ (
+			curl_ssl_gnutls
+			curl_ssl_mbedtls
+			curl_ssl_nss
+			curl_ssl_openssl
+		)
+	)"
+
+# lead to lots of false negatives, bug #285669
+RESTRICT="!test? ( test )"
+
+RDEPEND="ldap? ( net-nds/openldap:=[${MULTILIB_USEDEP}] )
+	brotli? ( app-arch/brotli:=[${MULTILIB_USEDEP}] )
+	ssl? (
+		gnutls? (
+			net-libs/gnutls:0=[static-libs?,${MULTILIB_USEDEP}]
+			dev-libs/nettle:0=[${MULTILIB_USEDEP}]
+			app-misc/ca-certificates
+		)
+		mbedtls? (
+			net-libs/mbedtls:0=[${MULTILIB_USEDEP}]
+			app-misc/ca-certificates
+		)
+		openssl? (
+			dev-libs/openssl:0=[sslv3(-)=,static-libs?,${MULTILIB_USEDEP}]
+		)
+		nss? (
+			dev-libs/nss:0[${MULTILIB_USEDEP}]
+			app-misc/ca-certificates
+		)
+	)
+	http2? ( net-libs/nghttp2:=[${MULTILIB_USEDEP}] )
+	nghttp3? (
+		net-libs/nghttp3[${MULTILIB_USEDEP}]
+		net-libs/ngtcp2[ssl,${MULTILIB_USEDEP}]
+	)
+	quiche? ( >=net-libs/quiche-0.3.0[${MULTILIB_USEDEP}] )
+	idn? ( net-dns/libidn2:0=[static-libs?,${MULTILIB_USEDEP}] )
+	adns? ( net-dns/c-ares:0=[${MULTILIB_USEDEP}] )
+	kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
+	rtmp? ( media-video/rtmpdump[${MULTILIB_USEDEP}] )
+	ssh? ( net-libs/libssh2[${MULTILIB_USEDEP}] )
+	sys-libs/zlib[${MULTILIB_USEDEP}]
+	zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )"
+
+# Do we need to enforce the same ssl backend for curl and rtmpdump? Bug #423303
+#	rtmp? (
+#		media-video/rtmpdump
+#		curl_ssl_gnutls? ( media-video/rtmpdump[gnutls] )
+#		curl_ssl_openssl? ( media-video/rtmpdump[-gnutls,ssl] )
+#	)
+
+DEPEND="${RDEPEND}"
+BDEPEND="dev-lang/perl
+	virtual/pkgconfig
+	test? (
+		sys-apps/diffutils
+	)
+	verify-sig? ( sec-keys/openpgp-keys-danielstenberg )"
+
+DOCS=( CHANGES README docs/{FEATURES.md,INTERNALS.md,FAQ,BUGS.md,CONTRIBUTE.md} )
+
+MULTILIB_WRAPPED_HEADERS=(
+	/usr/include/curl/curlbuild.h
+)
+
+MULTILIB_CHOST_TOOLS=(
+	/usr/bin/curl-config
+)
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-7.30.0-prefix.patch
+	"${FILESDIR}"/${PN}-respect-cflags-3.patch
+)
+
+src_prepare() {
+	default
+
+	eprefixify curl-config.in
+	eautoreconf
+}
+
+multilib_src_configure() {
+	# We make use of the fact that later flags override earlier ones
+	# So start with all ssl providers off until proven otherwise
+	# TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/)
+	local myconf=()
+
+	myconf+=( --without-gnutls --without-mbedtls --without-nss --without-ssl )
+	myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt  )
+	#myconf+=( --without-default-ssl-backend )
+	if use ssl ; then
+		if use gnutls || use curl_ssl_gnutls; then
+			einfo "SSL provided by gnutls"
+			myconf+=( --with-gnutls --with-nettle )
+		fi
+		if use mbedtls || use curl_ssl_mbedtls; then
+			einfo "SSL provided by mbedtls"
+			myconf+=( --with-mbedtls )
+		fi
+		if use nss || use curl_ssl_nss; then
+			einfo "SSL provided by nss"
+			myconf+=( --with-nss --with-nss-deprecated )
+		fi
+		if use openssl || use curl_ssl_openssl; then
+			einfo "SSL provided by openssl"
+			myconf+=( --with-ssl --with-ca-path="${EPREFIX}"/etc/ssl/certs )
+		fi
+
+		if use curl_ssl_gnutls; then
+			einfo "Default SSL provided by gnutls"
+			myconf+=( --with-default-ssl-backend=gnutls )
+		elif use curl_ssl_mbedtls; then
+			einfo "Default SSL provided by mbedtls"
+			myconf+=( --with-default-ssl-backend=mbedtls )
+		elif use curl_ssl_nss; then
+			einfo "Default SSL provided by nss"
+			myconf+=( --with-default-ssl-backend=nss )
+		elif use curl_ssl_openssl; then
+			einfo "Default SSL provided by openssl"
+			myconf+=( --with-default-ssl-backend=openssl )
+		else
+			eerror "We can't be here because of REQUIRED_USE."
+		fi
+
+	else
+		einfo "SSL disabled"
+	fi
+
+	# These configuration options are organized alphabetically
+	# within each category.  This should make it easier if we
+	# ever decide to make any of them contingent on USE flags:
+	# 1) protocols first.  To see them all do
+	# 'grep SUPPORT_PROTOCOLS configure.ac'
+	# 2) --enable/disable options second.
+	# 'grep -- --enable configure | grep Check | awk '{ print $4 }' | sort
+	# 3) --with/without options third.
+	# grep -- --with configure | grep Check | awk '{ print $4 }' | sort
+
+	myconf+=(
+		$(use_enable alt-svc)
+		--enable-crypto-auth
+		--enable-dict
+		--disable-ech
+		--enable-file
+		$(use_enable ftp)
+		$(use_enable gopher)
+		$(use_enable hsts)
+		--enable-http
+		$(use_enable imap)
+		$(use_enable ldap)
+		$(use_enable ldap ldaps)
+		--enable-ntlm
+		--disable-ntlm-wb
+		$(use_enable pop3)
+		--enable-rt
+		--enable-rtsp
+		$(use_enable samba smb)
+		$(use_with ssh libssh2)
+		$(use_enable smtp)
+		$(use_enable telnet)
+		$(use_enable tftp)
+		--enable-tls-srp
+		$(use_enable adns ares)
+		--enable-cookies
+		--enable-dateparse
+		--enable-dnsshuffle
+		--enable-doh
+		--enable-symbol-hiding
+		--enable-http-auth
+		$(use_enable ipv6)
+		--enable-largefile
+		--enable-manual
+		--enable-mime
+		--enable-netrc
+		$(use_enable progress-meter)
+		--enable-proxy
+		--disable-sspi
+		$(use_enable static-libs static)
+		$(use_enable threads threaded-resolver)
+		$(use_enable threads pthreads)
+		--disable-versioned-symbols
+		--without-amissl
+		--without-bearssl
+		$(use_with brotli)
+		--without-fish-functions-dir
+		$(use_with http2 nghttp2)
+		--without-hyper
+		$(use_with idn libidn2)
+		$(use_with kerberos gssapi "${EPREFIX}"/usr)
+		--without-libgsasl
+		--without-libpsl
+		$(use_with nghttp3)
+		$(use_with nghttp3 ngtcp2)
+		$(use_with quiche)
+		$(use_with rtmp librtmp)
+		--without-rustls
+		--without-schannel
+		--without-secure-transport
+		--without-winidn
+		--without-wolfssl
+		--with-zlib
+		$(use_with zstd)
+	)
+
+	ECONF_SOURCE="${S}" \
+	econf "${myconf[@]}"
+
+	if ! multilib_is_native_abi; then
+		# avoid building the client
+		sed -i -e '/SUBDIRS/s:src::' Makefile || die
+		sed -i -e '/SUBDIRS/s:scripts::' Makefile || die
+	fi
+
+	# Fix up the pkg-config file to be more robust.
+	# https://github.com/curl/curl/issues/864
+	local priv=() libs=()
+	# We always enable zlib.
+	libs+=( "-lz" )
+	priv+=( "zlib" )
+	if use http2; then
+		libs+=( "-lnghttp2" )
+		priv+=( "libnghttp2" )
+	fi
+	if use quiche; then
+		libs+=( "-lquiche" )
+		priv+=( "quiche" )
+	fi
+	if use nghttp3; then
+		libs+=( "-lnghttp3" "-lngtcp2" )
+		priv+=( "libnghttp3" "-libtcp2" )
+	fi
+	if use ssl && use curl_ssl_openssl; then
+		libs+=( "-lssl" "-lcrypto" )
+		priv+=( "openssl" )
+	fi
+	grep -q Requires.private libcurl.pc && die "need to update ebuild"
+	libs=$(printf '|%s' "${libs[@]}")
+	sed -i -r \
+		-e "/^Libs.private/s:(${libs#|})( |$)::g" \
+		libcurl.pc || die
+	echo "Requires.private: ${priv[*]}" >> libcurl.pc
+}
+
+multilib_src_test() {
+	# See https://github.com/curl/curl/blob/master/tests/runtests.pl#L5721
+	# -n: no valgrind (unreliable in sandbox and doesn't work correctly on all arches)
+	# -v: verbose
+	# -a: keep going on failure (so we see everything which breaks, not just 1st test)
+	# -k: keep test files after completion
+	# -am: automake style TAP output
+	# -p: print logs if test fails
+	# Note: if needed, we can disable tests. See e.g. Fedora's packaging
+	# or just read https://github.com/curl/curl/tree/master/tests#run.
+	multilib_is_native_abi && emake test TFLAGS="-n -v -a -k -am -p"
+}
+
+multilib_src_install_all() {
+	einstalldocs
+	find "${ED}" -type f -name '*.la' -delete || die
+	rm -rf "${ED}"/etc/ || die
+}