system/curl/APKBUILD


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145

# Contributor: Sergey Lukin <sergej.lukin@gmail.com>
# Contributor: Valery Kartel <valery.kartel@gmail.com>
# Contributor: Łukasz Jendrysik <scadu@yandex.com>
# Maintainer: Zach van Rijn <me@zv.io>
pkgname=curl
pkgver=8.13.0
pkgrel=0
pkgdesc="A URL retrival utility and library"
url="https://curl.haxx.se"
arch="all"
license="MIT"
depends="ca-certificates"
makedepends_build="perl"
makedepends_host="libssh2-dev nghttp2-dev openssl-dev zlib-dev zstd-dev"
makedepends="$makedepends_build $makedepends_host"
source="https://curl.haxx.se/download/$pkgname-$pkgver.tar.xz
	errorcodes.pl
	"
subpackages="$pkgname-dbg $pkgname-doc $pkgname-dev libcurl"

# secfixes:
#   8.0.1-r0:
#     - CVE-2023-27538
#     - CVE-2023-27536
#     - CVE-2023-27535
#     - CVE-2023-27534
#     - CVE-2023-27533
#     - CVE-2023-23916
#     - CVE-2023-23915
#     - CVE-2023-23914
#   7.79.1-r0:
#     - CVE-2021-22947
#     - CVE-2021-22946
#     - CVE-2021-22945
#   7.78.0-r0:
#     - CVE-2021-22925
#     - CVE-2021-22924
#     - CVE-2021-22923
#     - CVE-2021-22922
#     - CVE-2021-22898
#     - CVE-2021-22890
#     - CVE-2021-22876
#   7.66.0-r0:
#     - CVE-2019-5481
#     - CVE-2019-5482
#   7.65.1-r0:
#     - CVE-2019-5435
#     - CVE-2019-5436
#   7.64.0-r0:
#     - CVE-2019-3823
#     - CVE-2019-3822
#     - CVE-2018-16890
#     - CVE-2018-16842
#     - CVE-2018-16840
#     - CVE-2018-16839
#   7.60.0-r0:
#     - CVE-2017-8816
#     - CVE-2017-8817
#     - CVE-2017-8818
#     - CVE-2018-1000005
#     - CVE-2018-1000007
#     - CVE-2018-1000120
#     - CVE-2018-1000121
#     - CVE-2018-1000122
#     - CVE-2018-1000300
#     - CVE-2018-1000301
#   7.56.1-r0:
#     - CVE-2017-1000257
#   7.55.0-r0:
#     - CVE-2017-1000099
#     - CVE-2017-1000100
#     - CVE-2017-1000101
#   7.54.0-r0:
#     - CVE-2017-7468
#   7.53.1-r2:
#     - CVE-2017-7407
#   7.53.0:
#     - CVE-2017-2629
#   7.52.1:
#     - CVE-2016-9594
#   7.51.0:
#     - CVE-2016-8615
#     - CVE-2016-8616
#     - CVE-2016-8617
#     - CVE-2016-8618
#     - CVE-2016-8619
#     - CVE-2016-8620
#     - CVE-2016-8621
#     - CVE-2016-8622
#     - CVE-2016-8623
#     - CVE-2016-8624
#     - CVE-2016-8625
#   7.50.3:
#     - CVE-2016-7167
#   7.50.2:
#     - CVE-2016-7141
#   7.50.1:
#     - CVE-2016-5419
#     - CVE-2016-5420
#     - CVE-2016-5421
#   7.36.0:
#     - CVE-2014-0138
#     - CVE-2014-0139

prepare() {
	default_prepare

	cp "$srcdir"/errorcodes.pl "$builddir"/tests/errorcodes.pl
}

build() {
	./configure \
		--build=$CBUILD \
		--host=$CHOST \
		--prefix=/usr \
		--enable-ipv6 \
		--enable-unix-sockets \
		--with-libssh2 \
		--without-libidn2 \
		--disable-ldap \
		--with-pic \
		--with-openssl \
		--with-nghttp2 \
		--without-libpsl
	make
}

check() {
	# -p: print log contents on test failure
	# ignore:  557: fails under valgrind only
	make check TFLAGS='-p ~557'
}

package() {
	make DESTDIR="$pkgdir" install
}

libcurl() {
	pkgdesc="The multiprotocol file transfer library"
	mkdir -p "$subpkgdir"/usr
	mv "$pkgdir"/usr/lib "$subpkgdir"/usr
}

sha512sums="d266e460f162ee455b56726e5b7247b2d1aa5265ae12081513fc0c5c79e785a594097bc71d505dc9bcd2c2f6f1ff6f4bab9dbd9d120bb76d06c5be8521a8ca7d  curl-8.13.0.tar.xz
7848b1271e0bfe3be40221fb0582712d4af3ce1e1bdf16b5f0cac731d81bda145efc039f945a311af70caff279a44435a8ead6bb6e1db7570a4bd22df0a77fdb  errorcodes.pl"