878751 – net-misc/curl-7.86.0-r1: configure: error: --without-ssl has been set together with an explicit option to use an ssl library

Bug 878751 - net-misc/curl-7.86.0-r1: configure: error: --without-ssl has been set together with an explicit option to use an ssl library

Summary: net-misc/curl-7.86.0-r1: configure: error: --without-ssl has been set togethe...

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Anthony Basile

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:	CVE-2022-32221, CVE-2022-35260, CVE-2022-42915, CVE-2022-42916
	Show dependency tree

Reported:	2022-10-29 19:50 UTC by Emanuel Czirai
Modified:	2022-11-07 07:11 UTC (History)
CC List:	2 users (show)

See Also:	https://github.com/curl/curl/pull/9414
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Emanuel Czirai 2022-10-29 19:50:33 UTC

```
configure: error: --without-ssl has been set together with an explicit option to use an ssl library
(e.g. --with-openssl, --with-gnutls, --with-wolfssl, --with-mbedtls, --with-nss, --with-schannel, --with-secure-transport, --with-amissl, --with-bearssl, --with-rustls).
Since these are conflicting parameters, verify which is the desired one and drop the other.
```

this is seen in the /var/db/repos/gentoo/net-misc/curl/curl-7.86.0-r1.ebuild

```ebuild
multilib_src_configure() {
	# We make use of the fact that later flags override earlier ones
	# So start with all ssl providers off until proven otherwise
	# TODO: in the future, we may want to add wolfssl (https://www.wolfssl.com/)
	local myconf=()

	myconf+=( --without-gnutls --without-mbedtls --without-nss --without-ssl )
	myconf+=( --without-ca-fallback --with-ca-bundle="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt  )
	#myconf+=( --without-default-ssl-backend )
	if use ssl ; then
		if use gnutls || use curl_ssl_gnutls; then
			einfo "SSL provided by gnutls"
			myconf+=( --with-gnutls --with-nettle )
		fi
```


Reproducible: Always




net-misc/curl-7.85.0-r2::gentoo was built with the following:

USE="ftp http2 imap progress-meter ssl verify-sig zstd -adns -alt-svc -brotli -gnutls -gopher -hsts -idn -ipv6 -kerberos -ldap -mbedtls (-nghttp3) -nss -openssl -pop3 -quiche -rtmp -samba -smtp -ssh -sslv3 -static-libs -telnet -test -tftp" ABI_X86="(64) -32 (-x32)" CURL_SSL="nss -gnutls -mbedtls -openssl"

FEATURES="distlocks network-sandbox prelink-checksums ccache binpkg-multi-instance buildsyspkg parallel-fetch skiprocheck splitdebug assume-digests sandbox cgroup news binpkg-dostrip pid-sandbox buildpkg installsources binpkg-docompress userpriv fixlafiles force-mirror sfperms ipc-sandbox unknown-features-warn config-protect-if-modified unmerge-logs split-log usersandbox fakeroot suidctl merge-sync downgrade-backup ebuild-locks split-elog qa-unresolved-soname-deps getbinpkg preserve-libs buildpkg-live binpkg-logs strict multilib-strict"

Comment 1 Larry the Git Cow gentoo-dev

2022-11-07 05:16:01 UTC

The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=37258e9a9e3b5144df49a70e29c5fe11c9cd0898

commit 37258e9a9e3b5144df49a70e29c5fe11c9cd0898
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2022-11-07 05:15:04 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2022-11-07 05:15:04 +0000

    net-misc/curl: fix USE=-ssl build
    
    Closes: https://bugs.gentoo.org/878751
    Signed-off-by: Sam James <sam@gentoo.org>

 net-misc/curl/curl-7.86.0-r1.ebuild | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

Comment 2 Emanuel Czirai 2022-11-07 07:11:35 UTC

Thank you for fixing this, I've been doing emerge --exclude=curl  for a while :)

Just to be clear though, this happened with USE=ssl (too)
I only say this because the commit message says:  
net-misc/curl: fix USE=-ssl build