checking whether hiding of library internal symbols will actually happen... yes configure: error: MultiSSL cannot be enabled with HTTP/3 and vice versa !!! Please attach the following file when seeking support: !!! /var/tmp/portage/net-misc/curl-8.9.0/work/curl-8.9.0-abi_x86_32.x86/config.log * ERROR: net-misc/curl-8.9.0::gentoo failed (configure phase): * econf failed * * Call stack: * ebuild.sh, line 136: Called src_configure * environment, line 2307: Called multilib-minimal_src_configure * environment, line 1653: Called multilib_foreach_abi 'multilib-minimal_abi_src_configure' * environment, line 1903: Called multibuild_foreach_variant '_multilib_multibuild_wrapper' 'multilib-minimal_abi_src_configure' * environment, line 1608: Called _multibuild_run '_multilib_multibuild_wrapper' 'multilib-minimal_abi_src_configure' * environment, line 1606: Called _multilib_multibuild_wrapper 'multilib-minimal_abi_src_configure' * environment, line 512: Called multilib-minimal_abi_src_configure * environment, line 1647: Called multilib_src_configure * environment, line 2186: Called econf '--without-ca-fallback' '--with-ca-bundle=/etc/ssl/certs/ca-certificates.crt' '--without-gnutls' '--without-mbedtls' '--without-rustls' '--with-gnutls' '--with-ssl' '--with-ca-path=/etc/ssl/certs' '--with-default-ssl-backend=openssl' '--enable-alt-svc' '--enable-basic-auth' '--enable-bearer-auth' '--enable-digest-auth' '--enable-kerberos-auth' '--enable-negotiate-auth' '--enable-aws' '--enable-dict' '--disable-ech' '--enable-file' '--enable-ftp' '--disable-gopher' '--enable-hsts' '--enable-http' '--enable-imap' '--disable-ldap' '--disable-ldaps' '--enable-ntlm' '--enable-pop3' '--enable-rt' '--enable-rtsp' '--enable-smb' '--with-libssh2' '--enable-smtp' '--disable-telnet' '--enable-tftp' '--enable-tls-srp' '--enable-ares' '--enable-cookies' '--enable-dateparse' '--enable-dnsshuffle' '--enable-doh' '--enable-symbol-hiding' '--enable-http-auth' '--enable-ipv6' '--enable-largefile' '--enable-manual' '--enable-mime' '--enable-netrc' '--enable-progress-meter' '--enable-proxy' '--enable-socketpair' '--disable-sspi' '--disable-static' '--enable-pthreads' '--enable-threaded-resolver' '--disable-versioned-symbols' '--without-amissl' '--without-bearssl' '--without-brotli' '--with-fish-functions-dir=/usr/share/fish/vendor_completions.d' '--with-nghttp2' '--without-hyper' '--with-libidn2' '--with-gssapi=/usr' '--without-libgsasl' '--with-libpsl' '--without-msh3' '--with-nghttp3' '--without-ngtcp2' '--with-openssl-quic' '--without-quiche' '--with-librtmp' '--without-schannel' '--without-secure-transport' '--without-test-caddy' '--without-test-httpd' '--without-test-nghttpx' '--enable-websockets' '--without-winidn' '--without-wolfssl' '--with-zlib' '--with-zstd' '--with-zsh-functions-dir=/usr/share/zsh/site-functions' * phase-helpers.sh, line 719: Called __helpers_die 'econf failed' * isolated-functions.sh, line 112: Called die * The specific snippet of code: * die "$@" * * If you need support, post the output of `emerge --info '=net-misc/curl-8.9.0::gentoo'`, * the complete build log and the output of `emerge -pqv '=net-misc/curl-8.9.0::gentoo'`. * The complete build log is located at '/var/tmp/portage/net-misc/curl-8.9.0/temp/build.log'. * The ebuild environment file is located at '/var/tmp/portage/net-misc/curl-8.9.0/temp/environment'. * Working directory: '/var/tmp/portage/net-misc/curl-8.9.0/work/curl-8.9.0-abi_x86_32.x86' * S: '/var/tmp/portage/net-misc/curl-8.9.0/work/curl-8.9.0' Reproducible: Always May be related to Bug 912029
Created attachment 898297 [details] build.log
Created attachment 898298 [details] emerge --info
Note that after disabling gnutls useflag it built successfully
Thanks for the bug report, this is good to know. I'll set up some more REQUIRED_USE stuff for a bit and ask around a bit.
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=00f5031e36ffde7784d10ded6f2c753c3a5513a5 commit 00f5031e36ffde7784d10ded6f2c753c3a5513a5 Author: Matt Jolly <kangie@gentoo.org> AuthorDate: 2024-08-01 00:42:53 +0000 Commit: Matt Jolly <kangie@gentoo.org> CommitDate: 2024-08-01 03:17:41 +0000 net-misc/curl: add 8.9.1; enable HTTP/3 (QUIC) by default The support for HTTP/3 is stable enough and we haven't seen any reported issues since unmasking the USE where possible. HTTP/3 is default-enabled using dev-libs/openssl[quic], with the USE_EXPAND and REQUIRED_USE enforcing required deps and enabling users to select an alternative implementation. The only currently-supported option for this is net-libs/ngtcp2[gnutls], though it is expected that as other TLS backends implement QUIC (or are supported by other backends) that this will increase. Of note is that HTTP/3 support and MultiSSL are mutually exclusive at this point in time. There does not appear to be a significant benefit to MutliSSL in 2024: > An original driving factor for this feature was to allow Schannel with > other TLS backends on Windows so that users could access "native" CA certs > in the Windows CA store. Subsequently, curl has introduced support in multiple > TLS backends to use native CAs. > This reduces the need for many people to use and switch TLS backends. > There are probably also other use cases, since the TLS backends are not all alike. We're not dropping MutliSSL support, however HTTP/3 as the default seems like the option that provides the greater utility as a default configuration. This is not to say that MultiSSL support is inherently incompatible with HTTP/3, it will just require a sufficiently motivated developer to implement the code. Closes: https://bugs.gentoo.org/936627 Signed-off-by: Matt Jolly <kangie@gentoo.org> net-misc/curl/Manifest | 2 + net-misc/curl/curl-8.9.1.ebuild | 380 ++++++++++++++++++++++++++++++++++++++++ net-misc/curl/curl-9999.ebuild | 26 ++- 3 files changed, 401 insertions(+), 7 deletions(-) Additionally, it has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ce62cb187ae48cfe4e0c3f2ee44156e89d1ebe45 commit ce62cb187ae48cfe4e0c3f2ee44156e89d1ebe45 Author: Matt Jolly <kangie@gentoo.org> AuthorDate: 2024-08-01 00:48:03 +0000 Commit: Matt Jolly <kangie@gentoo.org> CommitDate: 2024-08-01 03:17:56 +0000 net-misc/curl: drop 8.9.0 Bug: https://bugs.gentoo.org/936627 Signed-off-by: Matt Jolly <kangie@gentoo.org> net-misc/curl/Manifest | 2 - net-misc/curl/curl-8.9.0.ebuild | 368 ---------------------------------------- 2 files changed, 370 deletions(-)
enabling curl quic with openssl by default doesn't seem like a good idea. curl says this is EXPERIMENTAL, and has very poor performance which is generally important to Gentoo users. https://curl.se/mail/distros-2024-04/0001.html
You're free to disable it, or pick the gnutls/ngtcp2 backend. The point of the defaults is to provide a broadly useful base that doesn't surprise users with features that they need to add. OpenSSL allows us to accomplish that with a dependency that is well looked after on all arches. Performance will improve over time and is sufficient for now.
