mailarchive of the ptxdist mailing list
 help / color / mirror / Atom feed
* [ptxdist] [PATCH 1/2] libcurl: allow choice between OpenSSL and GnuTLS backend
@ 2021-06-08 15:53 Bastian Krause
  2021-06-08 15:53 ` [ptxdist] [PATCH 2/2] libcurl: version bump 7.72.0 -> 7.77.0 Bastian Krause
                   ` (2 more replies)
  0 siblings, 3 replies; 7+ messages in thread
From: Bastian Krause @ 2021-06-08 15:53 UTC (permalink / raw)
  To: ptxdist; +Cc: Bastian Krause

Signed-off-by: Bastian Krause <bst@pengutronix.de>
---
 rules/libcurl.in   | 20 +++++++++++++++++++-
 rules/libcurl.make |  6 +++---
 2 files changed, 22 insertions(+), 4 deletions(-)

diff --git a/rules/libcurl.in b/rules/libcurl.in
index 390e495ca..632ed48e4 100644
--- a/rules/libcurl.in
+++ b/rules/libcurl.in
@@ -5,7 +5,8 @@ menuconfig LIBCURL
 	prompt "libcurl                       "
 	select LIBC_RT
 	select ZLIB
-	select OPENSSL		if LIBCURL_SSL
+	select OPENSSL		if LIBCURL_SSL_OPENSSL
+	select GNUTLS		if LIBCURL_SSL_GNUTLS
 	select LIBSSH2		if LIBCURL_LIBSSH2
 	select CA_CERTIFICATES	if LIBCURL_SSL_CA_CERTIFICATES && RUNTIME
 	select C_ARES		if LIBCURL_C_ARES
@@ -58,6 +59,17 @@ config LIBCURL_SSL
 
 if LIBCURL_SSL
 
+choice
+	prompt "SSL backend"
+	default LIBCURL_SSL_OPENSSL
+
+	config LIBCURL_SSL_OPENSSL
+		bool "OpenSSL"
+
+	config LIBCURL_SSL_GNUTLS
+		bool "GnuTLS"
+endchoice
+
 choice
 	prompt "Central CA certificate storage"
 	
@@ -81,6 +93,12 @@ config LIBCURL_SSL_CA_CERTIFICATES_PATH
 
 endif
 
+config LIBCURL_SSL_DEFAULT_BACKEND
+	string
+	default "openssl"	if LIBCURL_SSL_OPENSSL
+	default "gnutls"	if LIBCURL_SSL_GNUTLS
+	default "no"		if !LIBCURL_SSL
+
 config LIBCURL_SSL_CAPATH_PATH
 	string "CA directory path" if LIBCURL_SSL_CAPATH
 	default "/etc/ssl/certs" if LIBCURL_SSL_CAPATH || (LIBCURL_SSL_CA_CERTIFICATES && LIBCURL_SSL_CA_CERTIFICATES_PATH)
diff --git a/rules/libcurl.make b/rules/libcurl.make
index 5620ba276..7a915dce3 100644
--- a/rules/libcurl.make
+++ b/rules/libcurl.make
@@ -89,15 +89,15 @@ LIBCURL_CONF_OPT	:= \
 	--without-brotli \
 	--without-zstd \
 	--without-gssapi \
-	--with-default-ssl-backend=$(call ptx/ifdef, PTXCONF_LIBCURL_SSL,openssl,no) \
+	--with-default-ssl-backend=$(PTXCONF_LIBCURL_SSL_DEFAULT_BACKEND) \
 	--without-winssl \
 	--without-schannel \
 	--without-darwinssl \
 	--without-secure-transport \
 	--without-amissl \
-	--with-ssl=$(call ptx/ifdef, PTXCONF_LIBCURL_SSL,$(SYSROOT)/usr,no) \
+	--with-ssl=$(call ptx/ifdef, PTXCONF_LIBCURL_SSL_OPENSSL,$(SYSROOT)/usr,no) \
 	--with-random=/dev/urandom \
-	--without-gnutls \
+	--with-gnutls=$(call ptx/ifdef, PTXCONF_LIBCURL_SSL_GNUTLS,$(SYSROOT)/usr,no) \
 	--without-mbedtls \
 	--without-wolfssl \
 	--without-mesalink \
-- 
2.29.2


_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de


^ permalink raw reply	[flat|nested] 7+ messages in thread

* [ptxdist] [PATCH 2/2] libcurl: version bump 7.72.0 -> 7.77.0
  2021-06-08 15:53 [ptxdist] [PATCH 1/2] libcurl: allow choice between OpenSSL and GnuTLS backend Bastian Krause
@ 2021-06-08 15:53 ` Bastian Krause
  2021-06-08 15:58   ` Bastian Krause
  2021-06-16 10:35   ` [ptxdist] [APPLIED] " Michael Olbrich
  2021-06-08 16:31 ` [ptxdist] [PATCH 1/2] libcurl: allow choice between OpenSSL and GnuTLS backend Roland Hieber
  2021-06-16 10:35 ` [ptxdist] [APPLIED] " Michael Olbrich
  2 siblings, 2 replies; 7+ messages in thread
From: Bastian Krause @ 2021-06-08 15:53 UTC (permalink / raw)
  To: ptxdist; +Cc: Bastian Krause

Signed-off-by: Bastian Krause <bst@pengutronix.de>
---
 rules/libcurl.make | 31 +++++++++++++++++++------------
 1 file changed, 19 insertions(+), 12 deletions(-)

diff --git a/rules/libcurl.make b/rules/libcurl.make
index 7a915dce3..2e68e51ea 100644
--- a/rules/libcurl.make
+++ b/rules/libcurl.make
@@ -15,8 +15,8 @@ PACKAGES-$(PTXCONF_LIBCURL) += libcurl
 #
 # Paths and names
 #
-LIBCURL_VERSION	:= 7.72.0
-LIBCURL_MD5	:= 84c557176d185661655b00c17f150fc7
+LIBCURL_VERSION	:= 7.77.0
+LIBCURL_MD5	:= 045d28029679dabb6b20a814934671ad
 LIBCURL		:= curl-$(LIBCURL_VERSION)
 LIBCURL_SUFFIX	:= tar.bz2
 LIBCURL_URL	:= https://curl.haxx.se/download/$(LIBCURL).$(LIBCURL_SUFFIX)
@@ -43,7 +43,7 @@ LIBCURL_CONF_OPT	:= \
 	--enable-hidden-symbols \
 	--$(call ptx/endis, PTXCONF_LIBCURL_C_ARES)-ares \
 	--enable-rt \
-	--disable-esni \
+	--disable-ech \
 	--disable-code-coverage \
 	$(GLOBAL_LARGE_FILE_OPTION) \
 	--$(call ptx/endis, PTXCONF_LIBCURL_HTTP)-http \
@@ -77,6 +77,7 @@ LIBCURL_CONF_OPT	:= \
 	--enable-tls-srp \
 	--enable-unix-sockets \
 	--$(call ptx/endis, PTXCONF_LIBCURL_COOKIES)-cookies \
+	--enable-socketpair \
 	--$(call ptx/endis, PTXCONF_LIBCURL_HTTP)-http-auth \
 	--disable-doh \
 	--disable-mime \
@@ -84,29 +85,31 @@ LIBCURL_CONF_OPT	:= \
 	--enable-netrc \
 	--enable-progress-meter \
 	--disable-dnsshuffle \
+	--enable-get-easy-option \
 	--disable-alt-svc \
-	--with-zlib=$(SYSROOT) \
-	--without-brotli \
-	--without-zstd \
-	--without-gssapi \
-	--with-default-ssl-backend=$(PTXCONF_LIBCURL_SSL_DEFAULT_BACKEND) \
-	--without-winssl \
+	--enable-hsts \
 	--without-schannel \
-	--without-darwinssl \
 	--without-secure-transport \
 	--without-amissl \
-	--with-ssl=$(call ptx/ifdef, PTXCONF_LIBCURL_SSL_OPENSSL,$(SYSROOT)/usr,no) \
-	--with-random=/dev/urandom \
+	--with-openssl=$(call ptx/ifdef, PTXCONF_LIBCURL_SSL_OPENSSL,$(SYSROOT)/usr,no) \
 	--with-gnutls=$(call ptx/ifdef, PTXCONF_LIBCURL_SSL_GNUTLS,$(SYSROOT)/usr,no) \
 	--without-mbedtls \
 	--without-wolfssl \
 	--without-mesalink \
 	--without-bearssl \
+	--without-rustls \
 	--without-nss \
+	--with-zlib=$(SYSROOT) \
+	--without-brotli \
+	--without-zstd \
+	--without-gssapi \
+	--with-default-ssl-backend=$(PTXCONF_LIBCURL_SSL_DEFAULT_BACKEND) \
+	--with-random=/dev/urandom \
 	--with-ca-bundle=$(PTXCONF_LIBCURL_SSL_CABUNDLE_PATH) \
 	--with-ca-path=$(PTXCONF_LIBCURL_SSL_CAPATH_PATH) \
 	--without-ca-fallback \
 	--without-libpsl \
+	--without-libgsasl \
 	--without-libmetalink \
 	--$(call ptx/wwo, PTXCONF_LIBCURL_LIBSSH2)-libssh2 \
 	--without-libssh \
@@ -115,6 +118,10 @@ LIBCURL_CONF_OPT	:= \
 	--without-winidn \
 	--without-libidn2 \
 	--without-nghttp2 \
+	--without-ngtcp2 \
+	--without-nghttp3 \
+	--without-quiche \
+	--without-hyper \
 	--without-zsh-functions-dir \
 	--without-fish-functions-dir
 
-- 
2.29.2


_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [ptxdist] [PATCH 2/2] libcurl: version bump 7.72.0 -> 7.77.0
  2021-06-08 15:53 ` [ptxdist] [PATCH 2/2] libcurl: version bump 7.72.0 -> 7.77.0 Bastian Krause
@ 2021-06-08 15:58   ` Bastian Krause
  2021-06-16 10:35   ` [ptxdist] [APPLIED] " Michael Olbrich
  1 sibling, 0 replies; 7+ messages in thread
From: Bastian Krause @ 2021-06-08 15:58 UTC (permalink / raw)
  To: ptxdist


On 6/8/21 5:53 PM, Bastian Krause wrote:
> Signed-off-by: Bastian Krause <bst@pengutronix.de>
> ---
>  rules/libcurl.make | 31 +++++++++++++++++++------------
>  1 file changed, 19 insertions(+), 12 deletions(-)
> 
> diff --git a/rules/libcurl.make b/rules/libcurl.make
> index 7a915dce3..2e68e51ea 100644
> --- a/rules/libcurl.make
> +++ b/rules/libcurl.make
> @@ -15,8 +15,8 @@ PACKAGES-$(PTXCONF_LIBCURL) += libcurl
>  #
>  # Paths and names
>  #
> -LIBCURL_VERSION	:= 7.72.0
> -LIBCURL_MD5	:= 84c557176d185661655b00c17f150fc7
> +LIBCURL_VERSION	:= 7.77.0
> +LIBCURL_MD5	:= 045d28029679dabb6b20a814934671ad
>  LIBCURL		:= curl-$(LIBCURL_VERSION)
>  LIBCURL_SUFFIX	:= tar.bz2
>  LIBCURL_URL	:= https://curl.haxx.se/download/$(LIBCURL).$(LIBCURL_SUFFIX)
> @@ -43,7 +43,7 @@ LIBCURL_CONF_OPT	:= \
>  	--enable-hidden-symbols \
>  	--$(call ptx/endis, PTXCONF_LIBCURL_C_ARES)-ares \
>  	--enable-rt \
> -	--disable-esni \
> +	--disable-ech \
>  	--disable-code-coverage \
>  	$(GLOBAL_LARGE_FILE_OPTION) \
>  	--$(call ptx/endis, PTXCONF_LIBCURL_HTTP)-http \
> @@ -77,6 +77,7 @@ LIBCURL_CONF_OPT	:= \
>  	--enable-tls-srp \
>  	--enable-unix-sockets \
>  	--$(call ptx/endis, PTXCONF_LIBCURL_COOKIES)-cookies \
> +	--enable-socketpair \
>  	--$(call ptx/endis, PTXCONF_LIBCURL_HTTP)-http-auth \
>  	--disable-doh \
>  	--disable-mime \
> @@ -84,29 +85,31 @@ LIBCURL_CONF_OPT	:= \
>  	--enable-netrc \
>  	--enable-progress-meter \
>  	--disable-dnsshuffle \
> +	--enable-get-easy-option \

For the record: the help text advertises this as
--enable-get-easy-options (with plural s), but the configure option is
acutally --enable-get-easy-option (without plural s).

I've opened a PR to fix this:

https://github.com/curl/curl/pull/7213

For now, just use --enable-get-easy-option.

Regards,
Bastian

>  	--disable-alt-svc \
> -	--with-zlib=$(SYSROOT) \
> -	--without-brotli \
> -	--without-zstd \
> -	--without-gssapi \
> -	--with-default-ssl-backend=$(PTXCONF_LIBCURL_SSL_DEFAULT_BACKEND) \
> -	--without-winssl \
> +	--enable-hsts \
>  	--without-schannel \
> -	--without-darwinssl \
>  	--without-secure-transport \
>  	--without-amissl \
> -	--with-ssl=$(call ptx/ifdef, PTXCONF_LIBCURL_SSL_OPENSSL,$(SYSROOT)/usr,no) \
> -	--with-random=/dev/urandom \
> +	--with-openssl=$(call ptx/ifdef, PTXCONF_LIBCURL_SSL_OPENSSL,$(SYSROOT)/usr,no) \
>  	--with-gnutls=$(call ptx/ifdef, PTXCONF_LIBCURL_SSL_GNUTLS,$(SYSROOT)/usr,no) \
>  	--without-mbedtls \
>  	--without-wolfssl \
>  	--without-mesalink \
>  	--without-bearssl \
> +	--without-rustls \
>  	--without-nss \
> +	--with-zlib=$(SYSROOT) \
> +	--without-brotli \
> +	--without-zstd \
> +	--without-gssapi \
> +	--with-default-ssl-backend=$(PTXCONF_LIBCURL_SSL_DEFAULT_BACKEND) \
> +	--with-random=/dev/urandom \
>  	--with-ca-bundle=$(PTXCONF_LIBCURL_SSL_CABUNDLE_PATH) \
>  	--with-ca-path=$(PTXCONF_LIBCURL_SSL_CAPATH_PATH) \
>  	--without-ca-fallback \
>  	--without-libpsl \
> +	--without-libgsasl \
>  	--without-libmetalink \
>  	--$(call ptx/wwo, PTXCONF_LIBCURL_LIBSSH2)-libssh2 \
>  	--without-libssh \
> @@ -115,6 +118,10 @@ LIBCURL_CONF_OPT	:= \
>  	--without-winidn \
>  	--without-libidn2 \
>  	--without-nghttp2 \
> +	--without-ngtcp2 \
> +	--without-nghttp3 \
> +	--without-quiche \
> +	--without-hyper \
>  	--without-zsh-functions-dir \
>  	--without-fish-functions-dir
>  
> 


-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [ptxdist] [PATCH 1/2] libcurl: allow choice between OpenSSL and GnuTLS backend
  2021-06-08 15:53 [ptxdist] [PATCH 1/2] libcurl: allow choice between OpenSSL and GnuTLS backend Bastian Krause
  2021-06-08 15:53 ` [ptxdist] [PATCH 2/2] libcurl: version bump 7.72.0 -> 7.77.0 Bastian Krause
@ 2021-06-08 16:31 ` Roland Hieber
  2021-06-08 16:37   ` Bastian Krause
  2021-06-16 10:35 ` [ptxdist] [APPLIED] " Michael Olbrich
  2 siblings, 1 reply; 7+ messages in thread
From: Roland Hieber @ 2021-06-08 16:31 UTC (permalink / raw)
  To: Bastian Krause; +Cc: ptxdist

On Tue, Jun 08, 2021 at 05:53:28PM +0200, Bastian Krause wrote:
> Signed-off-by: Bastian Krause <bst@pengutronix.de>
> ---
>  rules/libcurl.in   | 20 +++++++++++++++++++-
>  rules/libcurl.make |  6 +++---
>  2 files changed, 22 insertions(+), 4 deletions(-)
> 
> diff --git a/rules/libcurl.in b/rules/libcurl.in
> index 390e495ca..632ed48e4 100644
> --- a/rules/libcurl.in
> +++ b/rules/libcurl.in
> @@ -5,7 +5,8 @@ menuconfig LIBCURL
>  	prompt "libcurl                       "
>  	select LIBC_RT
>  	select ZLIB
> -	select OPENSSL		if LIBCURL_SSL
> +	select OPENSSL		if LIBCURL_SSL_OPENSSL
> +	select GNUTLS		if LIBCURL_SSL_GNUTLS
>  	select LIBSSH2		if LIBCURL_LIBSSH2
>  	select CA_CERTIFICATES	if LIBCURL_SSL_CA_CERTIFICATES && RUNTIME
>  	select C_ARES		if LIBCURL_C_ARES
> @@ -58,6 +59,17 @@ config LIBCURL_SSL
>  
>  if LIBCURL_SSL
>  
> +choice
> +	prompt "SSL backend"
> +	default LIBCURL_SSL_OPENSSL
> +
> +	config LIBCURL_SSL_OPENSSL
> +		bool "OpenSSL"
> +
> +	config LIBCURL_SSL_GNUTLS
> +		bool "GnuTLS"
> +endchoice
> +
>  choice
>  	prompt "Central CA certificate storage"
>  	
> @@ -81,6 +93,12 @@ config LIBCURL_SSL_CA_CERTIFICATES_PATH
>  
>  endif
>  
> +config LIBCURL_SSL_DEFAULT_BACKEND
> +	string
> +	default "openssl"	if LIBCURL_SSL_OPENSSL
> +	default "gnutls"	if LIBCURL_SSL_GNUTLS
> +	default "no"		if !LIBCURL_SSL
> +
>  config LIBCURL_SSL_CAPATH_PATH
>  	string "CA directory path" if LIBCURL_SSL_CAPATH
>  	default "/etc/ssl/certs" if LIBCURL_SSL_CAPATH || (LIBCURL_SSL_CA_CERTIFICATES && LIBCURL_SSL_CA_CERTIFICATES_PATH)
> diff --git a/rules/libcurl.make b/rules/libcurl.make
> index 5620ba276..7a915dce3 100644
> --- a/rules/libcurl.make
> +++ b/rules/libcurl.make
> @@ -89,15 +89,15 @@ LIBCURL_CONF_OPT	:= \
>  	--without-brotli \
>  	--without-zstd \
>  	--without-gssapi \
> -	--with-default-ssl-backend=$(call ptx/ifdef, PTXCONF_LIBCURL_SSL,openssl,no) \
> +	--with-default-ssl-backend=$(PTXCONF_LIBCURL_SSL_DEFAULT_BACKEND) \
>  	--without-winssl \
>  	--without-schannel \
>  	--without-darwinssl \
>  	--without-secure-transport \
>  	--without-amissl \
> -	--with-ssl=$(call ptx/ifdef, PTXCONF_LIBCURL_SSL,$(SYSROOT)/usr,no) \
> +	--with-ssl=$(call ptx/ifdef, PTXCONF_LIBCURL_SSL_OPENSSL,$(SYSROOT)/usr,no) \
>  	--with-random=/dev/urandom \
> -	--without-gnutls \
> +	--with-gnutls=$(call ptx/ifdef, PTXCONF_LIBCURL_SSL_GNUTLS,$(SYSROOT)/usr,no) \

Without having looked further into this, it looks like you could build
libcurl with OpenSSL support, but use GnuTLS as default with ./configure
--with-default-ssl-backend=gnutls --with-ssl=/usr --with-gnutls=/usr …?
But our kconfig prevents that, so I think it's okay.

 - Roland

>  	--without-mbedtls \
>  	--without-wolfssl \
>  	--without-mesalink \
> -- 
> 2.29.2
> 
> 
> _______________________________________________
> ptxdist mailing list
> ptxdist@pengutronix.de
> To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de
> 

-- 
Roland Hieber, Pengutronix e.K.          | r.hieber@pengutronix.de     |
Steuerwalder Str. 21                     | https://www.pengutronix.de/ |
31137 Hildesheim, Germany                | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686         | Fax:   +49-5121-206917-5555 |

_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [ptxdist] [PATCH 1/2] libcurl: allow choice between OpenSSL and GnuTLS backend
  2021-06-08 16:31 ` [ptxdist] [PATCH 1/2] libcurl: allow choice between OpenSSL and GnuTLS backend Roland Hieber
@ 2021-06-08 16:37   ` Bastian Krause
  0 siblings, 0 replies; 7+ messages in thread
From: Bastian Krause @ 2021-06-08 16:37 UTC (permalink / raw)
  To: Roland Hieber; +Cc: ptxdist


On 6/8/21 6:31 PM, Roland Hieber wrote:
> On Tue, Jun 08, 2021 at 05:53:28PM +0200, Bastian Krause wrote:
>> Signed-off-by: Bastian Krause <bst@pengutronix.de>
>> ---
>>  rules/libcurl.in   | 20 +++++++++++++++++++-
>>  rules/libcurl.make |  6 +++---
>>  2 files changed, 22 insertions(+), 4 deletions(-)
>>
>> diff --git a/rules/libcurl.in b/rules/libcurl.in
>> index 390e495ca..632ed48e4 100644
>> --- a/rules/libcurl.in
>> +++ b/rules/libcurl.in
>> @@ -5,7 +5,8 @@ menuconfig LIBCURL
>>  	prompt "libcurl                       "
>>  	select LIBC_RT
>>  	select ZLIB
>> -	select OPENSSL		if LIBCURL_SSL
>> +	select OPENSSL		if LIBCURL_SSL_OPENSSL
>> +	select GNUTLS		if LIBCURL_SSL_GNUTLS
>>  	select LIBSSH2		if LIBCURL_LIBSSH2
>>  	select CA_CERTIFICATES	if LIBCURL_SSL_CA_CERTIFICATES && RUNTIME
>>  	select C_ARES		if LIBCURL_C_ARES
>> @@ -58,6 +59,17 @@ config LIBCURL_SSL
>>  
>>  if LIBCURL_SSL
>>  
>> +choice
>> +	prompt "SSL backend"
>> +	default LIBCURL_SSL_OPENSSL
>> +
>> +	config LIBCURL_SSL_OPENSSL
>> +		bool "OpenSSL"
>> +
>> +	config LIBCURL_SSL_GNUTLS
>> +		bool "GnuTLS"
>> +endchoice
>> +
>>  choice
>>  	prompt "Central CA certificate storage"
>>  	
>> @@ -81,6 +93,12 @@ config LIBCURL_SSL_CA_CERTIFICATES_PATH
>>  
>>  endif
>>  
>> +config LIBCURL_SSL_DEFAULT_BACKEND
>> +	string
>> +	default "openssl"	if LIBCURL_SSL_OPENSSL
>> +	default "gnutls"	if LIBCURL_SSL_GNUTLS
>> +	default "no"		if !LIBCURL_SSL
>> +
>>  config LIBCURL_SSL_CAPATH_PATH
>>  	string "CA directory path" if LIBCURL_SSL_CAPATH
>>  	default "/etc/ssl/certs" if LIBCURL_SSL_CAPATH || (LIBCURL_SSL_CA_CERTIFICATES && LIBCURL_SSL_CA_CERTIFICATES_PATH)
>> diff --git a/rules/libcurl.make b/rules/libcurl.make
>> index 5620ba276..7a915dce3 100644
>> --- a/rules/libcurl.make
>> +++ b/rules/libcurl.make
>> @@ -89,15 +89,15 @@ LIBCURL_CONF_OPT	:= \
>>  	--without-brotli \
>>  	--without-zstd \
>>  	--without-gssapi \
>> -	--with-default-ssl-backend=$(call ptx/ifdef, PTXCONF_LIBCURL_SSL,openssl,no) \
>> +	--with-default-ssl-backend=$(PTXCONF_LIBCURL_SSL_DEFAULT_BACKEND) \
>>  	--without-winssl \
>>  	--without-schannel \
>>  	--without-darwinssl \
>>  	--without-secure-transport \
>>  	--without-amissl \
>> -	--with-ssl=$(call ptx/ifdef, PTXCONF_LIBCURL_SSL,$(SYSROOT)/usr,no) \
>> +	--with-ssl=$(call ptx/ifdef, PTXCONF_LIBCURL_SSL_OPENSSL,$(SYSROOT)/usr,no) \
>>  	--with-random=/dev/urandom \
>> -	--without-gnutls \
>> +	--with-gnutls=$(call ptx/ifdef, PTXCONF_LIBCURL_SSL_GNUTLS,$(SYSROOT)/usr,no) \
> 
> Without having looked further into this, it looks like you could build
> libcurl with OpenSSL support, but use GnuTLS as default with ./configure
> --with-default-ssl-backend=gnutls --with-ssl=/usr --with-gnutls=/usr …?
> But our kconfig prevents that, so I think it's okay.

Yes, you can actually build curl with multiple backends. But I do not
need that, so I leave that to someone in the future who needs it ;)

Regards,
Bastian

> 
>  - Roland
> 
>>  	--without-mbedtls \
>>  	--without-wolfssl \
>>  	--without-mesalink \
>> -- 
>> 2.29.2
>>
>>
>> _______________________________________________
>> ptxdist mailing list
>> ptxdist@pengutronix.de
>> To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de
>>
> 


-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [ptxdist] [APPLIED] libcurl: allow choice between OpenSSL and GnuTLS backend
  2021-06-08 15:53 [ptxdist] [PATCH 1/2] libcurl: allow choice between OpenSSL and GnuTLS backend Bastian Krause
  2021-06-08 15:53 ` [ptxdist] [PATCH 2/2] libcurl: version bump 7.72.0 -> 7.77.0 Bastian Krause
  2021-06-08 16:31 ` [ptxdist] [PATCH 1/2] libcurl: allow choice between OpenSSL and GnuTLS backend Roland Hieber
@ 2021-06-16 10:35 ` Michael Olbrich
  2 siblings, 0 replies; 7+ messages in thread
From: Michael Olbrich @ 2021-06-16 10:35 UTC (permalink / raw)
  To: ptxdist; +Cc: Bastian Krause

Thanks, applied as 21e4d71d3c932449e6bebd5c5fc29077b8ac9d86.

Michael

[sent from post-receive hook]

On Wed, 16 Jun 2021 12:35:49 +0200, Bastian Krause <bst@pengutronix.de> wrote:
> Signed-off-by: Bastian Krause <bst@pengutronix.de>
> Message-Id: <20210608155329.14346-1-bst@pengutronix.de>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
> 
> diff --git a/rules/libcurl.in b/rules/libcurl.in
> index 390e495cac3b..632ed48e47ca 100644
> --- a/rules/libcurl.in
> +++ b/rules/libcurl.in
> @@ -5,7 +5,8 @@ menuconfig LIBCURL
>  	prompt "libcurl                       "
>  	select LIBC_RT
>  	select ZLIB
> -	select OPENSSL		if LIBCURL_SSL
> +	select OPENSSL		if LIBCURL_SSL_OPENSSL
> +	select GNUTLS		if LIBCURL_SSL_GNUTLS
>  	select LIBSSH2		if LIBCURL_LIBSSH2
>  	select CA_CERTIFICATES	if LIBCURL_SSL_CA_CERTIFICATES && RUNTIME
>  	select C_ARES		if LIBCURL_C_ARES
> @@ -58,6 +59,17 @@ config LIBCURL_SSL
>  
>  if LIBCURL_SSL
>  
> +choice
> +	prompt "SSL backend"
> +	default LIBCURL_SSL_OPENSSL
> +
> +	config LIBCURL_SSL_OPENSSL
> +		bool "OpenSSL"
> +
> +	config LIBCURL_SSL_GNUTLS
> +		bool "GnuTLS"
> +endchoice
> +
>  choice
>  	prompt "Central CA certificate storage"
>  	
> @@ -81,6 +93,12 @@ config LIBCURL_SSL_CA_CERTIFICATES_PATH
>  
>  endif
>  
> +config LIBCURL_SSL_DEFAULT_BACKEND
> +	string
> +	default "openssl"	if LIBCURL_SSL_OPENSSL
> +	default "gnutls"	if LIBCURL_SSL_GNUTLS
> +	default "no"		if !LIBCURL_SSL
> +
>  config LIBCURL_SSL_CAPATH_PATH
>  	string "CA directory path" if LIBCURL_SSL_CAPATH
>  	default "/etc/ssl/certs" if LIBCURL_SSL_CAPATH || (LIBCURL_SSL_CA_CERTIFICATES && LIBCURL_SSL_CA_CERTIFICATES_PATH)
> diff --git a/rules/libcurl.make b/rules/libcurl.make
> index 5620ba2767e7..7a915dce32f7 100644
> --- a/rules/libcurl.make
> +++ b/rules/libcurl.make
> @@ -89,15 +89,15 @@ LIBCURL_CONF_OPT	:= \
>  	--without-brotli \
>  	--without-zstd \
>  	--without-gssapi \
> -	--with-default-ssl-backend=$(call ptx/ifdef, PTXCONF_LIBCURL_SSL,openssl,no) \
> +	--with-default-ssl-backend=$(PTXCONF_LIBCURL_SSL_DEFAULT_BACKEND) \
>  	--without-winssl \
>  	--without-schannel \
>  	--without-darwinssl \
>  	--without-secure-transport \
>  	--without-amissl \
> -	--with-ssl=$(call ptx/ifdef, PTXCONF_LIBCURL_SSL,$(SYSROOT)/usr,no) \
> +	--with-ssl=$(call ptx/ifdef, PTXCONF_LIBCURL_SSL_OPENSSL,$(SYSROOT)/usr,no) \
>  	--with-random=/dev/urandom \
> -	--without-gnutls \
> +	--with-gnutls=$(call ptx/ifdef, PTXCONF_LIBCURL_SSL_GNUTLS,$(SYSROOT)/usr,no) \
>  	--without-mbedtls \
>  	--without-wolfssl \
>  	--without-mesalink \

_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [ptxdist] [APPLIED] libcurl: version bump 7.72.0 -> 7.77.0
  2021-06-08 15:53 ` [ptxdist] [PATCH 2/2] libcurl: version bump 7.72.0 -> 7.77.0 Bastian Krause
  2021-06-08 15:58   ` Bastian Krause
@ 2021-06-16 10:35   ` Michael Olbrich
  1 sibling, 0 replies; 7+ messages in thread
From: Michael Olbrich @ 2021-06-16 10:35 UTC (permalink / raw)
  To: ptxdist; +Cc: Bastian Krause

Thanks, applied as 1f869e97196fc76065a316a7b13a08482a0c9a37.

Michael

[sent from post-receive hook]

On Wed, 16 Jun 2021 12:35:51 +0200, Bastian Krause <bst@pengutronix.de> wrote:
> Signed-off-by: Bastian Krause <bst@pengutronix.de>
> Message-Id: <20210608155329.14346-2-bst@pengutronix.de>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
> 
> diff --git a/rules/libcurl.make b/rules/libcurl.make
> index 7a915dce32f7..2e68e51ea930 100644
> --- a/rules/libcurl.make
> +++ b/rules/libcurl.make
> @@ -15,8 +15,8 @@ PACKAGES-$(PTXCONF_LIBCURL) += libcurl
>  #
>  # Paths and names
>  #
> -LIBCURL_VERSION	:= 7.72.0
> -LIBCURL_MD5	:= 84c557176d185661655b00c17f150fc7
> +LIBCURL_VERSION	:= 7.77.0
> +LIBCURL_MD5	:= 045d28029679dabb6b20a814934671ad
>  LIBCURL		:= curl-$(LIBCURL_VERSION)
>  LIBCURL_SUFFIX	:= tar.bz2
>  LIBCURL_URL	:= https://curl.haxx.se/download/$(LIBCURL).$(LIBCURL_SUFFIX)
> @@ -43,7 +43,7 @@ LIBCURL_CONF_OPT	:= \
>  	--enable-hidden-symbols \
>  	--$(call ptx/endis, PTXCONF_LIBCURL_C_ARES)-ares \
>  	--enable-rt \
> -	--disable-esni \
> +	--disable-ech \
>  	--disable-code-coverage \
>  	$(GLOBAL_LARGE_FILE_OPTION) \
>  	--$(call ptx/endis, PTXCONF_LIBCURL_HTTP)-http \
> @@ -77,6 +77,7 @@ LIBCURL_CONF_OPT	:= \
>  	--enable-tls-srp \
>  	--enable-unix-sockets \
>  	--$(call ptx/endis, PTXCONF_LIBCURL_COOKIES)-cookies \
> +	--enable-socketpair \
>  	--$(call ptx/endis, PTXCONF_LIBCURL_HTTP)-http-auth \
>  	--disable-doh \
>  	--disable-mime \
> @@ -84,29 +85,31 @@ LIBCURL_CONF_OPT	:= \
>  	--enable-netrc \
>  	--enable-progress-meter \
>  	--disable-dnsshuffle \
> +	--enable-get-easy-option \
>  	--disable-alt-svc \
> -	--with-zlib=$(SYSROOT) \
> -	--without-brotli \
> -	--without-zstd \
> -	--without-gssapi \
> -	--with-default-ssl-backend=$(PTXCONF_LIBCURL_SSL_DEFAULT_BACKEND) \
> -	--without-winssl \
> +	--enable-hsts \
>  	--without-schannel \
> -	--without-darwinssl \
>  	--without-secure-transport \
>  	--without-amissl \
> -	--with-ssl=$(call ptx/ifdef, PTXCONF_LIBCURL_SSL_OPENSSL,$(SYSROOT)/usr,no) \
> -	--with-random=/dev/urandom \
> +	--with-openssl=$(call ptx/ifdef, PTXCONF_LIBCURL_SSL_OPENSSL,$(SYSROOT)/usr,no) \
>  	--with-gnutls=$(call ptx/ifdef, PTXCONF_LIBCURL_SSL_GNUTLS,$(SYSROOT)/usr,no) \
>  	--without-mbedtls \
>  	--without-wolfssl \
>  	--without-mesalink \
>  	--without-bearssl \
> +	--without-rustls \
>  	--without-nss \
> +	--with-zlib=$(SYSROOT) \
> +	--without-brotli \
> +	--without-zstd \
> +	--without-gssapi \
> +	--with-default-ssl-backend=$(PTXCONF_LIBCURL_SSL_DEFAULT_BACKEND) \
> +	--with-random=/dev/urandom \
>  	--with-ca-bundle=$(PTXCONF_LIBCURL_SSL_CABUNDLE_PATH) \
>  	--with-ca-path=$(PTXCONF_LIBCURL_SSL_CAPATH_PATH) \
>  	--without-ca-fallback \
>  	--without-libpsl \
> +	--without-libgsasl \
>  	--without-libmetalink \
>  	--$(call ptx/wwo, PTXCONF_LIBCURL_LIBSSH2)-libssh2 \
>  	--without-libssh \
> @@ -115,6 +118,10 @@ LIBCURL_CONF_OPT	:= \
>  	--without-winidn \
>  	--without-libidn2 \
>  	--without-nghttp2 \
> +	--without-ngtcp2 \
> +	--without-nghttp3 \
> +	--without-quiche \
> +	--without-hyper \
>  	--without-zsh-functions-dir \
>  	--without-fish-functions-dir
>  

_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de


^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2021-06-16 10:39 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-06-08 15:53 [ptxdist] [PATCH 1/2] libcurl: allow choice between OpenSSL and GnuTLS backend Bastian Krause
2021-06-08 15:53 ` [ptxdist] [PATCH 2/2] libcurl: version bump 7.72.0 -> 7.77.0 Bastian Krause
2021-06-08 15:58   ` Bastian Krause
2021-06-16 10:35   ` [ptxdist] [APPLIED] " Michael Olbrich
2021-06-08 16:31 ` [ptxdist] [PATCH 1/2] libcurl: allow choice between OpenSSL and GnuTLS backend Roland Hieber
2021-06-08 16:37   ` Bastian Krause
2021-06-16 10:35 ` [ptxdist] [APPLIED] " Michael Olbrich

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox