When using new CURL_SSL to switch to NSS, configure will fail with: > * USE: abi_x86_64 amd64 curl_ssl_nss elibc_glibc ftp http2 imap ipv6 kernel_linux openssl pop3 progress-meter smtp ssl tftp userland_GNU > * FEATURES: ccache compressdebug network-sandbox preserve-libs sandbox splitdebug userpriv usersandbox > >>> Unpacking source... > >>> Unpacking curl-7.72.0.tar.xz to /var/tmp/portage/net-misc/curl-7.72.0/work > >>> Source unpacked in /var/tmp/portage/net-misc/curl-7.72.0/work > >>> Preparing source in /var/tmp/portage/net-misc/curl-7.72.0/work/curl-7.72.0 ... > * Applying curl-7.30.0-prefix.patch ... > [ ok ] > * Applying curl-respect-cflags-3.patch ... > [ ok ] > * Applying curl-fix-gnutls-nettle.patch ... > [ ok ] > * Adjusting to prefix / > * curl-config.in ... > [ ok ] > * Running eautoreconf in '/var/tmp/portage/net-misc/curl-7.72.0/work/curl-7.72.0' ... > * Running libtoolize --install --copy --force --automake ... > [ ok ] > * Running aclocal -I m4 ... > [ ok ] > * Running autoconf --force ... > [ ok ] > * Running autoheader ... > [ ok ] > * Running automake --add-missing --copy --foreign --force-missing ... > [ ok ] > * Running elibtoolize in: curl-7.72.0/ > * Applying portage/1.2.0 patch ... > * Applying sed/1.5.6 patch ... > * Applying as-needed/2.4.3 patch ... > >>> Source prepared. > >>> Configuring source in /var/tmp/portage/net-misc/curl-7.72.0/work/curl-7.72.0 ... > * abi_x86_64.amd64: running multilib-minimal_abi_src_configure > * SSL provided by nss > * SSL provided by openssl > * Default SSL provided by nss > * econf: updating curl-7.72.0/config.sub with /usr/share/gnuconfig/config.sub > * econf: updating curl-7.72.0/config.guess with /usr/share/gnuconfig/config.guess > /var/tmp/portage/net-misc/curl-7.72.0/work/curl-7.72.0/configure --prefix=/usr --build=x86_64-pc-linux-gnu --host=x86_64-pc-linux-gnu --mandir=/usr/share/man --infodir=/usr/share/info --datadir=/usr/share --sysconfdir=/etc --localstatedir=/var/lib --disable-dependency-tracking --disable-silent-rules --docdir=/usr/share/doc/curl-7.72.0 --htmldir=/usr/share/doc/curl-7.72.0/html --with-sysroot=/ --libdir=/usr/lib64 --disable-alt-svc --enable-crypto-auth --enable-dict --disable-esni --enable-file --enable-ftp --disable-gopher --enable-http --enable-imap --disable-ldap --disable-ldaps --disable-mqtt --disable-ntlm-wb --enable-pop3 --enable-rt --enable-rtsp --disable-smb --without-libssh2 --enable-smtp --disable-telnet --enable-tftp --enable-tls-srp --disable-ares --enable-cookies --enable-dateparse --enable-dnsshuffle --enable-doh --enable-hidden-symbols --enable-http-auth --enable-ipv6 --enable-largefile --enable-manual --enable-mime --enable-netrc --enable-progress-meter --enable-proxy --disable-sspi --disable-static --disable-threaded-resolver --disable-pthreads --disable-versioned-symbols --without-amissl --without-bearssl --without-cyassl --without-darwinssl --without-fish-functions-dir --without-libidn2 --without-gssapi --without-libmetalink --with-nghttp2 --without-libpsl --without-nghttp3 --without-ngtcp2 --without-quiche --without-librtmp --without-brotli --without-schannel --without-secure-transport --without-spnego --without-winidn --without-wolfssl --with-zlib --without-gnutls --without-mbedtls --without-nss --without-polarssl --without-ssl --without-winssl --without-ca-fallback --with-ca-bundle=/etc/ssl/certs/ca-certificates.crt --with-nss --with-ssl --with-ca-path=/etc/ssl/certs --with-default-ssl-backend=nss > checking whether to enable maintainer-specific portions of Makefiles... no > checking whether make supports nested variables... yes > checking whether to enable debug build options... no > checking whether to enable compiler optimizer... (assumed) yes > checking whether to enable strict compiler warnings... no > checking whether to enable compiler warnings as errors... no > checking whether to enable curl debug memory tracking... no > checking whether to enable hiding of library internal symbols... yes > checking whether to enable c-ares for DNS lookups... no > checking whether to disable dependency on -lrt... no > checking whether to enable ESNI support... no > checking for path separator... : > checking for sed... /bin/sed > checking for grep... /bin/grep > checking for egrep... /bin/grep -E > checking for x86_64-pc-linux-gnu-ar... /usr/bin/x86_64-pc-linux-gnu-ar > checking for a BSD-compatible install... /usr/lib/portage/python3.7/ebuild-helpers/xattr/install -c > checking for x86_64-pc-linux-gnu-gcc... x86_64-pc-linux-gnu-gcc > checking whether the C compiler works... yes > checking for C compiler default output file name... a.out > checking for suffix of executables... > checking whether we are cross compiling... no > checking for suffix of object files... o > checking whether we are using the GNU C compiler... yes > checking whether x86_64-pc-linux-gnu-gcc accepts -g... yes > checking for x86_64-pc-linux-gnu-gcc option to accept ISO C89... none needed > checking whether x86_64-pc-linux-gnu-gcc understands -c and -o together... yes > checking how to run the C preprocessor... x86_64-pc-linux-gnu-gcc -E > checking for a sed that does not truncate output... (cached) /bin/sed > checking for code coverage support... no > checking whether build environment is sane... yes > checking for a thread-safe mkdir -p... /bin/mkdir -p > checking for gawk... gawk > checking whether make sets $(MAKE)... yes > checking whether make supports the include directive... yes (GNU style) > checking dependency style of x86_64-pc-linux-gnu-gcc... none > checking curl version... 7.72.0 > checking build system type... x86_64-pc-linux-gnu > checking host system type... x86_64-pc-linux-gnu > checking for grep that handles long lines and -e... (cached) /bin/grep > checking for egrep... /bin/grep -E > checking if OS is AIX (to define _ALL_SOURCE)... no > checking if _THREAD_SAFE is already defined... no > checking if _THREAD_SAFE is actually needed... no > checking if _THREAD_SAFE is onwards defined... no > checking if _REENTRANT is already defined... no > checking if _REENTRANT is actually needed... no > checking if _REENTRANT is onwards defined... no > checking for special C compiler options needed for large files... no > checking for _FILE_OFFSET_BITS value needed for large files... no > checking how to print strings... printf > checking for a sed that does not truncate output... (cached) /bin/sed > checking for fgrep... /bin/grep -F > checking for ld used by x86_64-pc-linux-gnu-gcc... /usr/x86_64-pc-linux-gnu/bin/ld > checking if the linker (/usr/x86_64-pc-linux-gnu/bin/ld) is GNU ld... yes > checking for BSD- or MS-compatible name lister (nm)... /usr/bin/x86_64-pc-linux-gnu-nm -B > checking the name lister (/usr/bin/x86_64-pc-linux-gnu-nm -B) interface... BSD nm > checking whether ln -s works... yes > checking the maximum length of command line arguments... 1572864 > checking how to convert x86_64-pc-linux-gnu file names to x86_64-pc-linux-gnu format... func_convert_file_noop > checking how to convert x86_64-pc-linux-gnu file names to toolchain format... func_convert_file_noop > checking for /usr/x86_64-pc-linux-gnu/bin/ld option to reload object files... -r > checking for x86_64-pc-linux-gnu-objdump... x86_64-pc-linux-gnu-objdump > checking how to recognize dependent libraries... pass_all > checking for x86_64-pc-linux-gnu-dlltool... no > checking for dlltool... no > checking how to associate runtime and link libraries... printf %s\n > checking for x86_64-pc-linux-gnu-ar... /usr/bin/x86_64-pc-linux-gnu-ar > checking for archiver @FILE support... @ > checking for x86_64-pc-linux-gnu-strip... x86_64-pc-linux-gnu-strip > checking for x86_64-pc-linux-gnu-ranlib... x86_64-pc-linux-gnu-ranlib > checking command to parse /usr/bin/x86_64-pc-linux-gnu-nm -B output from x86_64-pc-linux-gnu-gcc object... ok > checking for sysroot... / > checking for a working dd... /bin/dd > checking how to truncate binary pipes... /bin/dd bs=4096 count=1 > checking for x86_64-pc-linux-gnu-mt... no > checking for mt... no > checking if : is a manifest tool... no > checking for ANSI C header files... yes > checking for sys/types.h... yes > checking for sys/stat.h... yes > checking for stdlib.h... yes > checking for string.h... yes > checking for memory.h... yes > checking for strings.h... yes > checking for inttypes.h... yes > checking for stdint.h... yes > checking for unistd.h... yes > checking for dlfcn.h... yes > checking for objdir... .libs > checking if x86_64-pc-linux-gnu-gcc supports -fno-rtti -fno-exceptions... no > checking for x86_64-pc-linux-gnu-gcc option to produce PIC... -fPIC -DPIC > checking if x86_64-pc-linux-gnu-gcc PIC flag -fPIC -DPIC works... yes > checking if x86_64-pc-linux-gnu-gcc static flag -static works... yes > checking if x86_64-pc-linux-gnu-gcc supports -c -o file.o... yes > checking if x86_64-pc-linux-gnu-gcc supports -c -o file.o... (cached) yes > checking whether the x86_64-pc-linux-gnu-gcc linker (/usr/x86_64-pc-linux-gnu/bin/ld -m elf_x86_64) supports shared libraries... yes > checking whether -lc should be explicitly linked in... no > checking dynamic linker characteristics... GNU/Linux ld.so > checking how to hardcode library paths into programs... immediate > checking whether stripping libraries is possible... yes > checking if libtool supports shared libraries... yes > checking whether to build shared libraries... yes > checking whether to build static libraries... no > checking whether to build shared libraries with -version-info... yes > checking whether to build shared libraries with -no-undefined... no > checking whether to build shared libraries with -mimpure-text... no > checking whether to build shared libraries with PIC... yes > checking whether to build static libraries with PIC... yes > checking whether to build shared libraries only... yes > checking whether to build static libraries only... no > checking for inline... inline > checking if cpp -P is needed... yes > checking if cpp -P works... yes > checking if compiler is DEC/Compaq/HP C... no > checking if compiler is HP-UX C... no > checking if compiler is IBM C... no > checking if compiler is Intel C... no > checking if compiler is clang... no > checking if compiler is GNU C... yes > checking if compiler is LCC... no > checking if compiler is SGI MIPSpro C... no > checking if compiler is SGI MIPS C... no > checking if compiler is SunPro C... no > checking if compiler is Tiny C... no > checking if compiler is Watcom C... no > checking if compiler accepts some basic options... yes > configure: compiler options added: -Werror-implicit-function-declaration > checking if compiler halts on compilation errors... yes > checking if compiler halts on negative sized arrays... yes > checking if compiler halts on function prototype mismatch... yes > checking if compiler supports hiding library internal symbols... yes > checking for windows.h... no > checking whether build target is a native Windows one... no > checking whether build target supports WIN32 file API... no > checking to see if the compiler supports __builtin_available()... no > checking whether to support http... yes > checking whether to support ftp... yes > checking whether to support file... yes > checking whether to support ldap... no > checking whether to support ldaps... no > checking whether to support rtsp... yes > checking whether to support proxies... yes > checking whether to support dict... yes > checking whether to support telnet... no > checking whether to support tftp... yes > checking whether to support pop3... yes > checking whether to support imap... yes > checking whether to support smb... no > checking whether to support smtp... yes > checking whether to support gopher... no > checking whether to support mqtt... no > checking whether to provide built-in manual... yes > checking whether to enable generation of C code... yes > checking whether to use libgcc... no > checking if X/Open network library is required... no > checking for gethostbyname... yes > checking for windows.h... (cached) no > checking for winsock.h... (cached) no > checking for winsock2.h... (cached) no > checking for proto/bsdsocket.h... no > checking for connect in libraries... yes > checking whether time.h and sys/time.h may both be included... yes > checking for sys/types.h... (cached) yes > checking sys/time.h usability... yes > checking sys/time.h presence... yes > checking for sys/time.h... yes > checking time.h usability... yes > checking time.h presence... yes > checking for time.h... yes > checking for monotonic clock_gettime... yes > checking for clock_gettime in libraries... no additional lib required > checking if monotonic clock_gettime works... yes > checking for x86_64-pc-linux-gnu-pkg-config... /usr/bin/x86_64-pc-linux-gnu-pkg-config > checking for zlib options with pkg-config... found > checking zlib.h usability... yes > checking zlib.h presence... yes > checking for zlib.h... yes > configure: found both libz and libz.h header > checking for ZSTD_createDStream in -lzstd... yes > checking zstd.h usability... yes > checking zstd.h presence... yes > checking for zstd.h... yes > checking whether to enable IPv6... yes > checking if struct sockaddr_in6 has sin6_scope_id member... yes > checking if argv can be written to... yes > checking if GSS-API support is requested... no > checking whether to enable Windows native SSL/TLS (Windows native builds only)... no > checking whether to enable Secure Transport... no > checking whether to enable Amiga native SSL/TLS (AmiSSL)... no > checking for x86_64-pc-linux-gnu-pkg-config... (cached) /usr/bin/x86_64-pc-linux-gnu-pkg-config > checking for openssl options with pkg-config... found > configure: pkg-config: SSL_LIBS: "-lssl -lcrypto " > configure: pkg-config: SSL_LDFLAGS: "" > configure: pkg-config: SSL_CPPFLAGS: "" > checking for HMAC_Update in -lcrypto... yes > checking for SSL_connect in -lssl... yes > checking openssl/x509.h usability... yes > checking openssl/x509.h presence... yes > checking for openssl/x509.h... yes > checking openssl/rsa.h usability... yes > checking openssl/rsa.h presence... yes > checking for openssl/rsa.h... yes > checking openssl/crypto.h usability... yes > checking openssl/crypto.h presence... yes > checking for openssl/crypto.h... yes > checking openssl/pem.h usability... yes > checking openssl/pem.h presence... yes > checking for openssl/pem.h... yes > checking openssl/ssl.h usability... yes > checking openssl/ssl.h presence... yes > checking for openssl/ssl.h... yes > checking openssl/err.h usability... yes > checking openssl/err.h presence... yes > checking for openssl/err.h... yes > checking for RAND_egd... no > checking for SSLv2_client_method... no > checking for OpenSSL_version... yes > checking for BoringSSL... no > checking for libressl... no > checking for OpenSSL >= v3... no > checking for OpenSSL headers version... 1.1.1 - 0x1010107fL > checking for OpenSSL library version... 1.1.1 > checking for OpenSSL headers and library versions matching... yes > checking for "/dev/urandom"... yes > checking for SRP_Calc_client_key in -lcrypto... yes > checking for x86_64-pc-linux-gnu-pkg-config... (cached) /usr/bin/x86_64-pc-linux-gnu-pkg-config > checking for nss options with pkg-config... no > checking for SSL_VersionRangeSet in -lnss3... no > configure: built with one SSL backend > configure: error: Default SSL backend nss not enabled! > > !!! Please attach the following file when seeking support: > !!! /var/tmp/portage/net-misc/curl-7.72.0/work/curl-7.72.0-abi_x86_64.amd64/config.log > * ERROR: net-misc/curl-7.72.0::gentoo failed (configure phase): > * econf failed Looks like we need a REQUIRED_USE="curl_ssl_nss? ( nss )" but when I see bug 743995 it looks like commit 5e560782ad7d5b084ed18d92c9f29741f1127460 needs improvement.
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b5a048d520b9fe74be7d34a7e5ff7929668c359a commit b5a048d520b9fe74be7d34a7e5ff7929668c359a Author: Matt Jolly <Matt.Jolly@footclan.ninja> AuthorDate: 2023-05-24 11:30:22 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-05-26 02:06:50 +0000 net-misc/curl: add 8.1.1, 9999 Bugfix release for 8.1.0 which already has the important fixes backported. Additional `REQUIRED_USE` checks to ensure that the default SSL provider is actually enabled. Rename the prefix patch; it hasn't changed in a major version and won't for a while Closes: https://bugs.gentoo.org/905222 Closes: https://bugs.gentoo.org/742641 Closes: https://bugs.gentoo.org/750752 Signed-off-by: Matt Jolly <Matt.Jolly@footclan.ninja> Closes: https://github.com/gentoo/gentoo/pull/31152 Signed-off-by: Sam James <sam@gentoo.org> net-misc/curl/Manifest | 2 + net-misc/curl/curl-8.0.1.ebuild | 2 +- net-misc/curl/curl-8.1.0-r1.ebuild | 2 +- net-misc/curl/curl-8.1.1.ebuild | 331 +++++++++++++++++++++ net-misc/curl/curl-9999.ebuild | 326 ++++++++++++++++++++ net-misc/curl/files/curl-8.1.1-hanging-http2.patch | 36 +++ ...{curl-7.30.0-prefix.patch => curl-prefix.patch} | 0 7 files changed, 697 insertions(+), 2 deletions(-)