aland/nixpkgs-odroid-hc4
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2

uboot: (firmwareOdroidC2/C4) don't invoke patch tool, use patches = [] instead

Browse source 
https://github.com/NixOS/nixpkgs/blob/master/pkgs/stdenv/generic/setup.sh#L948
this can do it nicely.

Signed-off-by: Anton Arapov <anton@deadbeef.mx>
This commit is contained in:
Anton Arapov 2021-04-03 12:58:10 +02:00 committed by Alan Daniels
commit 56de2bcd43
30691 changed files with 3076956 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

52
pkgs/tools/networking/curl/7.79.1-darwin-no-systemconfiguration.patch Normal file
View file

@ -0,0 +1,52 @@
On darwin, providing SystemConfiguration to curl currently results in a
reference loop, so we have to disable the check for it and the feature
which requires it (NAT64).
Patching actual configure script here as we also don't want to require
autoconf in the bootstrap loop just to regenerate a patched configure.ac.
--- a/configure 2021-10-16 00:51:59.000000000 +0100
+++ b/configure 2021-10-16 01:06:46.000000000 +0100
@@ -20810,7 +20810,7 @@
if test "x$build_for_macos" != xno; then
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5
printf "%s\n" "yes" >&6; }
- LDFLAGS="$LDFLAGS -framework CoreFoundation -framework SystemConfiguration"
+ LDFLAGS="$LDFLAGS -framework CoreFoundation"
else
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5
printf "%s\n" "no" >&6; }
@@ -22211,9 +22211,6 @@
fi
-if test "$HAVE_GETHOSTBYNAME" != "1"; then
- as_fn_error $? "couldn't find libraries for gethostbyname()" "$LINENO" 5
-fi
curl_includes_winsock2="\
diff --git a/lib/curl_setup.h b/lib/curl_setup.h
index 99048c489..19abfbbac 100644
--- a/lib/curl_setup.h
+++ b/lib/curl_setup.h
@@ -247,19 +247,6 @@
# include "setup-win32.h"
#endif
-/*
- * Use getaddrinfo to resolve the IPv4 address literal. If the current network
- * interface doesn't support IPv4, but supports IPv6, NAT64, and DNS64,
- * performing this task will result in a synthesized IPv6 address.
- */
-#if defined(__APPLE__) && !defined(USE_ARES)
-#include <TargetConditionals.h>
-#define USE_RESOLVE_ON_IPS 1
-# if defined(TARGET_OS_OSX) && TARGET_OS_OSX
-# define CURL_OSX_CALL_COPYPROXIES 1
-# endif
-#endif
-
#ifdef USE_LWIPSOCK
# include <lwip/init.h>
# include <lwip/sockets.h>

51
pkgs/tools/networking/curl/7.83.1-quiche-support-ca-fallback.patch Normal file
View file

@ -0,0 +1,51 @@
diff --git a/lib/vquic/quiche.c b/lib/vquic/quiche.c
index bfdc966a85ea..e4bea4d677be 100644
--- a/lib/vquic/quiche.c
+++ b/lib/vquic/quiche.c
@@ -201,23 +201,31 @@ static SSL_CTX *quic_ssl_ctx(struct Curl_easy *data)
{
struct connectdata *conn = data->conn;
- const char * const ssl_cafile = conn->ssl_config.CAfile;
- const char * const ssl_capath = conn->ssl_config.CApath;
-
if(conn->ssl_config.verifypeer) {
- SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, NULL);
- /* tell OpenSSL where to find CA certificates that are used to verify
- the server's certificate. */
- if(!SSL_CTX_load_verify_locations(ssl_ctx, ssl_cafile, ssl_capath)) {
- /* Fail if we insist on successfully verifying the server. */
- failf(data, "error setting certificate verify locations:"
- " CAfile: %s CApath: %s",
- ssl_cafile ? ssl_cafile : "none",
- ssl_capath ? ssl_capath : "none");
- return NULL;
+ const char * const ssl_cafile = conn->ssl_config.CAfile;
+ const char * const ssl_capath = conn->ssl_config.CApath;
+ if(ssl_cafile || ssl_capath) {
+ SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, NULL);
+ /* tell OpenSSL where to find CA certificates that are used to verify
+ the server's certificate. */
+ if(!SSL_CTX_load_verify_locations(ssl_ctx, ssl_cafile, ssl_capath)) {
+ /* Fail if we insist on successfully verifying the server. */
+ failf(data, "error setting certificate verify locations:"
+ " CAfile: %s CApath: %s",
+ ssl_cafile ? ssl_cafile : "none",
+ ssl_capath ? ssl_capath : "none");
+ return NULL;
+ }
+ infof(data, " CAfile: %s", ssl_cafile ? ssl_cafile : "none");
+ infof(data, " CApath: %s", ssl_capath ? ssl_capath : "none");
}
- infof(data, " CAfile: %s", ssl_cafile ? ssl_cafile : "none");
- infof(data, " CApath: %s", ssl_capath ? ssl_capath : "none");
+#ifdef CURL_CA_FALLBACK
+ else {
+ /* verifying the peer without any CA certificates won't work so
+ use openssl's built-in default as fallback */
+ SSL_CTX_set_default_verify_paths(ssl_ctx);
+ }
+#endif
}
}
return ssl_ctx;

201
pkgs/tools/networking/curl/default.nix Normal file
View file

@ -0,0 +1,201 @@
{ lib, stdenv, fetchurl, pkg-config, perl, nixosTests
, brotliSupport ? false, brotli ? null
, c-aresSupport ? false, c-ares ? null
, gnutlsSupport ? false, gnutls ? null
, gsaslSupport ? false, gsasl ? null
, gssSupport ? with stdenv.hostPlatform; (
!isWindows &&
# disable gss becuase of: undefined reference to `k5_bcmp'
# a very sad story re static: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=439039
!isStatic &&
# the "mig" tool does not configure its compiler correctly. This could be
# fixed in mig, but losing gss support on cross compilation to darwin is
# not worth the effort.
!(isDarwin && (stdenv.buildPlatform != stdenv.hostPlatform))
), libkrb5 ? null
, http2Support ? true, nghttp2 ? null
, http3Support ? false, nghttp3, ngtcp2 ? null
, idnSupport ? false, libidn2 ? null
, ldapSupport ? false, openldap ? null
, opensslSupport ? zlibSupport, openssl ? null
, pslSupport ? false, libpsl ? null
, rtmpSupport ? false, rtmpdump ? null
, scpSupport ? zlibSupport && !stdenv.isSunOS && !stdenv.isCygwin, libssh2 ? null
, wolfsslSupport ? false, wolfssl ? null
, zlibSupport ? true, zlib ? null
, zstdSupport ? false, zstd ? null
# for passthru.tests
, coeurl
, curlpp
, haskellPackages
, ocamlPackages
, phpExtensions
, python3
}:
# Note: this package is used for bootstrapping fetchurl, and thus
# cannot use fetchpatch! All mutable patches (generated by GitHub or
# cgit) that are needed here should be included directly in Nixpkgs as
# files.
assert !(gnutlsSupport && opensslSupport);
assert !(gnutlsSupport && wolfsslSupport);
assert !(opensslSupport && wolfsslSupport);
assert brotliSupport -> brotli != null;
assert c-aresSupport -> c-ares != null;
assert gnutlsSupport -> gnutls != null;
assert gsaslSupport -> gsasl != null;
assert gssSupport -> libkrb5 != null;
assert http2Support -> nghttp2 != null;
assert http3Support -> nghttp3 != null;
assert http3Support -> ngtcp2 != null;
assert idnSupport -> libidn2 != null;
assert ldapSupport -> openldap != null;
assert opensslSupport -> openssl != null;
assert pslSupport -> libpsl !=null;
assert rtmpSupport -> rtmpdump !=null;
assert scpSupport -> libssh2 != null;
assert wolfsslSupport -> wolfssl != null;
assert zlibSupport -> zlib != null;
assert zstdSupport -> zstd != null;
stdenv.mkDerivation rec {
pname = "curl";
version = "7.83.1";
src = fetchurl {
urls = [
"https://curl.haxx.se/download/${pname}-${version}.tar.bz2"
"https://github.com/curl/curl/releases/download/${lib.replaceStrings ["."] ["_"] pname}-${version}/${pname}-${version}.tar.bz2"
];
sha256 = "sha256-9Tmjb7RKgmDsXZd+Tg290u7intkPztqpvDyfeKETv/A=";
};
patches = [
./7.79.1-darwin-no-systemconfiguration.patch
# quiche: support ca-fallback
# https://github.com/curl/curl/commit/fdb5e21b4dd171a96cf7c002ee77bb08f8e58021
./7.83.1-quiche-support-ca-fallback.patch
];
outputs = [ "bin" "dev" "out" "man" "devdoc" ];
separateDebugInfo = stdenv.isLinux;
enableParallelBuilding = true;
strictDeps = true;
nativeBuildInputs = [ pkg-config perl ];
# Zlib and OpenSSL must be propagated because `libcurl.la' contains
# "-lz -lssl", which aren't necessary direct build inputs of
# applications that use Curl.
propagatedBuildInputs = with lib;
optional brotliSupport brotli ++
optional c-aresSupport c-ares ++
optional gnutlsSupport gnutls ++
optional gsaslSupport gsasl ++
optional gssSupport libkrb5 ++
optional http2Support nghttp2 ++
optionals http3Support [ nghttp3 ngtcp2 ] ++
optional idnSupport libidn2 ++
optional ldapSupport openldap ++
optional opensslSupport openssl ++
optional pslSupport libpsl ++
optional rtmpSupport rtmpdump ++
optional scpSupport libssh2 ++
optional wolfsslSupport wolfssl ++
optional zlibSupport zlib ++
optional zstdSupport zstd;
# for the second line see https://curl.haxx.se/mail/tracker-2014-03/0087.html
preConfigure = ''
sed -e 's|/usr/bin|/no-such-path|g' -i.bak configure
rm src/tool_hugehelp.c
'';
configureFlags = [
# Build without manual
"--disable-manual"
(lib.enableFeature c-aresSupport "ares")
(lib.enableFeature ldapSupport "ldap")
(lib.enableFeature ldapSupport "ldaps")
# The build fails when using wolfssl with --with-ca-fallback
(lib.withFeature (!wolfsslSupport) "ca-fallback")
(lib.withFeature http3Support "nghttp3")
(lib.withFeature http3Support "ngtcp2")
(lib.withFeature rtmpSupport "librtmp")
(lib.withFeature zstdSupport "zstd")
(lib.withFeatureAs brotliSupport "brotli" (lib.getDev brotli))
(lib.withFeatureAs gnutlsSupport "gnutls" (lib.getDev gnutls))
(lib.withFeatureAs idnSupport "libidn2" (lib.getDev libidn2))
(lib.withFeatureAs opensslSupport "openssl" (lib.getDev openssl))
(lib.withFeatureAs scpSupport "libssh2" (lib.getDev libssh2))
(lib.withFeatureAs wolfsslSupport "wolfssl" (lib.getDev wolfssl))
]
++ lib.optional gssSupport "--with-gssapi=${lib.getDev libkrb5}"
# For the 'urandom', maybe it should be a cross-system option
++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform)
"--with-random=/dev/urandom"
++ lib.optionals stdenv.hostPlatform.isWindows [
"--disable-shared"
"--enable-static"
] ++ lib.optionals stdenv.isDarwin [
# Disable default CA bundle, use NIX_SSL_CERT_FILE or fallback to nss-cacert from the default profile.
# Without this curl might detect /etc/ssl/cert.pem at build time on macOS, causing curl to ignore NIX_SSL_CERT_FILE.
"--without-ca-bundle"
"--without-ca-path"
];
CXX = "${stdenv.cc.targetPrefix}c++";
CXXCPP = "${stdenv.cc.targetPrefix}c++ -E";
doCheck = true;
preCheck = ''
patchShebangs tests/
'' + lib.optionalString stdenv.isDarwin ''
# bad interaction with sandbox if enabled?
rm tests/data/test1453
rm tests/data/test1086
'' + lib.optionalString stdenv.hostPlatform.isMusl ''
# different resolving behaviour?
rm tests/data/test1592
'';
postInstall = ''
moveToOutput bin/curl-config "$dev"
# Install completions
make -C scripts install
'' + lib.optionalString scpSupport ''
sed '/^dependency_libs/s|${lib.getDev libssh2}|${lib.getLib libssh2}|' -i "$out"/lib/*.la
'' + lib.optionalString gnutlsSupport ''
ln $out/lib/libcurl${stdenv.hostPlatform.extensions.sharedLibrary} $out/lib/libcurl-gnutls${stdenv.hostPlatform.extensions.sharedLibrary}
ln $out/lib/libcurl${stdenv.hostPlatform.extensions.sharedLibrary} $out/lib/libcurl-gnutls${stdenv.hostPlatform.extensions.sharedLibrary}.4
ln $out/lib/libcurl${stdenv.hostPlatform.extensions.sharedLibrary} $out/lib/libcurl-gnutls${stdenv.hostPlatform.extensions.sharedLibrary}.4.4.0
'';
passthru = {
inherit opensslSupport openssl;
tests = {
inherit curlpp coeurl;
haskell-curl = haskellPackages.curl;
ocaml-curly = ocamlPackages.curly;
php-curl = phpExtensions.curl;
pycurl = python3.pkgs.pycurl;
# Additional checking with support http3 protocol.
inherit (nixosTests) nginx-http3;
};
};
meta = with lib; {
description = "A command line tool for transferring files with URL syntax";
homepage = "https://curl.se/";
license = licenses.curl;
maintainers = with maintainers; [ lovek323 ];
platforms = platforms.all;
# Fails to link against static brotli or gss
broken = stdenv.hostPlatform.isStatic && (brotliSupport || gssSupport);
};
}