# For ART-build %define with_atomicscl %{?_with_atomicscl: 1} %{?!_with_atomicscl: 0} %if %{with_atomicscl} %global scl atomic-curl %define _scl_prefix /opt/atomic %global debug_package %{nil} %endif %if 0%{?scl:1} %scl_package curl %else %global pkg_name %{name} %global _root_sysconfdir %{_sysconfdir} %global _root_bindir %{_bindir} %global _root_sbindir %{_sbindir} %global _root_includedir %{_includedir} %global _root_libdir %{_libdir} %global _root_prefix %{_prefix} %if 0%{?rhel} < 6 %global _root_initddir /etc %else %global _root_initddir %{_initddir} %endif %endif Summary: A utility for getting files from remote servers (FTP, HTTP, and others) Name: %{?scl_prefix}curl Version: 7.38.0 # based on 37.3 Release: 5.1 License: MIT Group: Applications/Internet Source: http://curl.haxx.se/download/curl-%{version}.tar.gz Source2: curlbuild.h URL: http://curl.haxx.se/ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: automake BuildRequires: groff BuildRequires: krb5-devel #BuildRequires: libidn-devel # we want to use libssh2_scp_send64(), which does not appear in older versions #BuildRequires: libssh2-devel >= 1.2.6 #BuildRequires: openldap-devel #BuildRequires: openssh-clients #BuildRequires: openssh-server BuildRequires: pkgconfig #BuildRequires: stunnel BuildRequires: openssl-devel # valgrind is not available on some architectures, however it's going to be # used only by the test-suite anyway %ifnarch s390 s390x BuildRequires: valgrind %endif BuildRequires: zlib-devel Requires: %{?scl_prefix}libcurl = %{version}-%{release} # require at least the version of libssh2 that we were built against, # to ensure that we have the necessary symbols available (#525002, #642796) #%global libssh2_version %(pkg-config --modversion libssh2 2>/dev/null || echo 0) %description cURL is a tool for getting files from HTTP, FTP, FILE, LDAP, LDAPS, DICT, TELNET and TFTP servers, using any of the supported protocols. cURL is designed to work without user interaction or any kind of interactivity. cURL offers many useful capabilities, like proxy support, user authentication, FTP upload, HTTP post, and file transfer resume. %package -n %{?scl_prefix}libcurl Summary: A library for getting files from web servers Group: Development/Libraries #Requires: libssh2%{?_isa} >= %{libssh2_version} %description -n %{?scl_prefix}libcurl This package provides a way for applications to use FTP, HTTP, Gopher and other servers for getting files. %package -n %{?scl_prefix}libcurl-devel Summary: Files needed for building applications with libcurl Group: Development/Libraries Requires: automake Requires: %{?scl_prefix}libcurl = %{version}-%{release} Requires: libidn-devel Requires: pkgconfig Provides: %{?scl_prefix}curl-devel = %{version}-%{release} Obsoletes: %{?scl_prefix}curl-devel < %{version}-%{release} %description -n %{?scl_prefix}libcurl-devel cURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and Dict servers, using any of the supported protocols. The libcurl-devel package includes files needed for developing applications which can use cURL's capabilities internally. #%if 0%{?scl:1} %package runtime Summary: Package that handles %scl Software Collection. Group: Applications/Internet Requires: scl-utils Provides: atomic-curl-runtime ## %description runtime SCL Runtime #%endif %prep %setup -q -n curl-%{version} cat < ${f}.utf8 mv -f ${f}.utf8 ${f} done %build # Test 1: failed # get rid of --without-ssl # get rid of --with-libssh2 # Test 2: failed # add --without-libssh2 # remove --with-gssapi --with-libidn # remove --enable-ldaps --disable-static --enable-manual # Test 3: # remove --enable-ipv6 # remove --with-ca-bundle # Add --with-ssl=/usr %configure --without-libssh2 --with-ssl sed -i -e 's,-L/usr/lib ,,g;s,-L/usr/lib64 ,,g;s,-L/usr/lib$,,g;s,-L/usr/lib64$,,g' \ Makefile libcurl.pc # Remove bogus rpath sed -i \ -e 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' \ -e 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool # uncomment to turn off optimizations #find -name Makefile | xargs sed -i 's/-O2/-O0/' make %{?_smp_mflags} #%check #export LD_LIBRARY_PATH=$RPM_BUILD_ROOT%{_libdir} #cd tests #make %{?_smp_mflags} ## use different port range for 32bit and 64bit build, thus make it possible ## to run both in parallel on the same machine #./runtests.pl -a -b%{?__isa_bits}90 -p -v %install rm -rf $RPM_BUILD_ROOT make DESTDIR=$RPM_BUILD_ROOT INSTALL="%{__install} -p" install rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la install -d $RPM_BUILD_ROOT/%{_datadir}/aclocal install -m 644 docs/libcurl/libcurl.m4 $RPM_BUILD_ROOT/%{_datadir}/aclocal # This might not be working on el5 # Make libcurl-devel multilib-ready (bug #488922) %if 0%{?__isa_bits} == 64 %define _curlbuild_h curlbuild-64.h %else %define _curlbuild_h curlbuild-32.h %endif mv $RPM_BUILD_ROOT%{_includedir}/curl/curlbuild.h \ $RPM_BUILD_ROOT%{_includedir}/curl/curlbuild-64.h #$RPM_BUILD_ROOT%{_includedir}/curl/%{_curlbuild_h} install -m 644 %{SOURCE2} $RPM_BUILD_ROOT%{_includedir}/curl/curlbuild.h # don't need curl's copy of the certs; use openssl's find ${RPM_BUILD_ROOT} -name ca-bundle.crt -exec rm -f '{}' \; %if 0%{?scl:1} install -m 644 enable %{buildroot}%{_scl_scripts}/enable # this thing is worth exploring later #scl_install %endif %clean rm -rf $RPM_BUILD_ROOT %post -n %{?scl_prefix}libcurl -p /sbin/ldconfig %postun -n %{?scl_prefix}libcurl -p /sbin/ldconfig %files %defattr(-,root,root,-) %doc CHANGES README* COPYING %doc docs/BUGS docs/FAQ docs/FEATURES %doc docs/MANUAL docs/RESOURCES %doc docs/TheArtOfHttpScripting docs/TODO %{_bindir}/curl %{_mandir}/man1/curl.1* %files -n %{?scl_prefix}libcurl %defattr(-,root,root,-) %{_libdir}/libcurl.so.* %{_libdir}/libcurl.a %files -n %{?scl_prefix}libcurl-devel %defattr(-,root,root,-) %doc docs/examples/*.c docs/examples/Makefile.example docs/INTERNALS %doc docs/CONTRIBUTE docs/libcurl/ABI %{_bindir}/curl-config* %{_includedir}/curl %{_libdir}/*.so %{_libdir}/pkgconfig/*.pc %{_mandir}/man1/curl-config.1* %{_mandir}/man3/* %{_datadir}/aclocal/libcurl.m4 %files runtime #%{_root_sysconfdir}/rpm/macros.%{scl}-config %{_scl_scripts}/enable %changelog * Mon May 19 2014 Kamil Dudka 7.19.7-37.el6_5.3 - fix re-use of wrong HTTP NTLM connection (CVE-2014-0015) - fix connection re-use when using different log-in credentials (CVE-2014-0138) * Mon May 12 2014 Kamil Dudka 7.19.7-37.el6_5.2 - fix authentication failure when server offers multiple auth options (#1096797) * Fri Apr 25 2014 Kamil Dudka 7.19.7-37.el6_5.1 - refresh expired cookie in test172 from upstream test-suite (#1092486) - fix a memory leak caused by write after close (#1092479) - nss: implement non-blocking SSL handshake (#1092480) * Fri Jun 14 2013 Kamil Dudka 7.19.7-37 - fix heap-based buffer overflow in curl_easy_unescape() (CVE-2013-2174) * Sat Apr 13 2013 Kamil Dudka 7.19.7-36 - fix cookie tailmatching to prevent cross-domain leakage (CVE-2013-1944) * Thu Jan 10 2013 Kamil Dudka 7.19.7-35 - clear NSS session cache if a client certificate from file was used (#885058) * Mon Dec 03 2012 Kamil Dudka 7.19.7-34 - prevent NSS from crashing on client auth hook failure (#880897) * Fri Nov 23 2012 Kamil Dudka 7.19.7-33 - SCP: send large files properly with new enough libssh2 (#879592) - fix handling of errors returned from libssh2 when sending data (#873789) * Tue Oct 16 2012 Kamil Dudka 7.19.7-32 - remove a redundant dependency on a fixed version of libssh2 * Tue Oct 16 2012 Kamil Dudka 7.19.7-31 - fix a header problem with chunked-encoding and Content-Length (#813127) * Wed Jul 25 2012 Kamil Dudka 7.19.7-30 - print reason phrase from HTTP status line on error (#676596) - fix typo in curl.1 man page (#729984) - introduce the --delegation option of curl (#730445) - enforce versioned libssh2 dependency for libcurl (#741935) - nss: select client certificates by DER (#746629) - fix a build failure when building against newer libssh2-devel (#841905) * Tue Mar 06 2012 Kamil Dudka 7.19.7-29 - initialize NSS with no database if the selected database is broken (#772642) - use NSS_InitContext() to avoid a collision with OpenLDAP (#738456) * Wed Aug 03 2011 Kamil Dudka 7.19.7-28 - add a new option CURLOPT_GSSAPI_DELEGATION (#719938) * Thu Jun 23 2011 Kamil Dudka 7.19.7-27 - do not delegate GSSAPI credentials (CVE-2011-2192) * Thu Apr 07 2011 Kamil Dudka 7.19.7-26 - force NSS to ask for a new client certificate when connecting second time to the same host (#694294) * Wed Apr 06 2011 Kamil Dudka 7.19.7-25 - fix SIGSEGV in CERT_VerifyCert (#690273) * Thu Mar 17 2011 Kamil Dudka 7.19.7-24 - make GSS authentication work when a curl handle is reused (#684892) * Wed Mar 16 2011 Kamil Dudka 7.19.7-23 - do not ignore value of CURLOPT_SSL_VERIFYPEER in certain cases (#678580) * Tue Feb 22 2011 Kamil Dudka 7.19.7-22 - do not ignore failure of SSL handshake (#669702) * Fri Feb 18 2011 Kamil Dudka 7.19.7-21 - avoid memory leaks on SSL connection failure (#678594) * Wed Jan 19 2011 Kamil Dudka 7.19.7-20 - avoid memory leaks and failure of NSS shutdown (#670802) * Tue Jan 18 2011 Kamil Dudka 7.19.7-19 - fix handling of CURLOPT_CAPATH in libcurl (#669702) * Thu Jan 13 2011 Kamil Dudka 7.19.7-18 - avoid build failure caused by a bug in libnih-devel (#669048) * Mon Jan 10 2011 Kamil Dudka 7.19.7-17 - avoid CURLE_OUT_OF_MEMORY given a file name without any slash (#623663) - proxy tunnel support for LDAP requests (#655134) - proxy with kerberos authentication for https (#625685) - improve handling of FTP server session timeout (#651592) * Wed Jun 30 2010 Kamil Dudka 7.19.7-16 - add support for NTLM authentication (#606819) * Thu Jun 17 2010 Kamil Dudka 7.19.7-15 - improve handling of proxy related environment variables (#589132) * Tue Apr 27 2010 Kamil Dudka 7.19.7-14 - do not ignore given timeout during SSL connection (#586355) * Wed Apr 14 2010 Kamil Dudka 7.19.7-13 - kerberos installation prefix has been changed * Wed Apr 14 2010 Kamil Dudka 7.19.7-12 - support for CRL loading from a PEM file (#581485) * Tue Apr 06 2010 Kamil Dudka 7.19.7-11 - eliminated a race condition in handling of SIGALRM (#579732) * Fri Mar 26 2010 Kamil Dudka 7.19.7-10 - throw CURLE_SSL_CERTPROBLEM in case peer rejects a certificate (#565972) - add change-log entries for patches applied upstream * Tue Mar 23 2010 Kamil Dudka - 7.19.7-9 - remove signal handler in case of DNS timeout (#575977) * Mon Feb 22 2010 Kamil Dudka - 7.19.7-8 - http://curl.haxx.se/docs/adv_20100209.html (#563236) * Tue Feb 02 2010 Kamil Dudka 7.19.7-7 - mention lack of IPv6, FTPS and LDAP support while using a socks proxy (#559578) * Thu Jan 07 2010 Kamil Dudka 7.19.7-6 - fix incorrect SSL recv/send timeout handling, patch contributed by Kevin Baughman - http://permalink.gmane.org/gmane.comp.web.curl.library/26302 * Tue Dec 15 2009 Kamil Dudka 7.19.7-5 - use different port numbers for 32bit and 64bit builds - replace hard wired port numbers in the test suite * Tue Dec 08 2009 Kamil Dudka 7.19.7-4 - avoid use of uninitialized value in lib/nss.c - make it possible to run test241 - suppress failure of test513 on s390 - re-enable SCP/SFTP tests (#539444) * Tue Dec 01 2009 Kamil Dudka 7.19.7-3 - do not require valgrind on s390 and s390x - temporarily disabled SCP/SFTP test-suite (#539444) * Thu Nov 26 2009 Kamil Dudka 7.19.7-2 - workaround for broken TLS servers (#525496, #527771) * Thu Nov 12 2009 Kamil Dudka 7.19.7-1 - new upstream release, dropped applied patches - fix crash on doubly closed NSPR descriptor, patch contributed by Kevin Baughman (#534176) * Sun Sep 27 2009 Kamil Dudka 7.19.6-10 - require libssh2>=1.2 properly (#525002) * Sat Sep 26 2009 Kamil Dudka 7.19.6-9 - let curl test-suite use valgrind - require libssh2>=1.2 (#525002) * Mon Sep 21 2009 Chris Weyl - 7.19.6-8 - rebuild for libssh2 1.2 * Thu Sep 17 2009 Kamil Dudka 7.19.6-7 - make curl test-suite more verbose * Wed Sep 16 2009 Kamil Dudka 7.19.6-6 - update polling patch to the latest upstream version * Thu Sep 03 2009 Kamil Dudka 7.19.6-5 - cover ssh and stunnel support by the test-suite * Wed Sep 02 2009 Kamil Dudka 7.19.6-4 - use pkg-config to find nss and libssh2 if possible - better patch (not only) for SCP/SFTP polling - improve error message for not matching common name (#516056) * Fri Aug 21 2009 Kamil Dudka 7.19.6-3 - avoid tight loop during a sftp upload - http://permalink.gmane.org/gmane.comp.web.curl.library/24744 * Tue Aug 18 2009 Kamil Dudka 7.19.6-2 - let curl package depend on the same version of libcurl * Fri Aug 14 2009 Kamil Dudka 7.19.6-1 - new upstream release, dropped applied patches - changed NSS code to not ignore the value of ssl.verifyhost and produce more verbose error messages (#516056) * Wed Aug 12 2009 Ville Skyttä - 7.19.5-10 - Use lzma compressed upstream tarball. * Fri Jul 24 2009 Fedora Release Engineering - 7.19.5-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild * Wed Jul 22 2009 Kamil Dudka 7.19.5-8 - do not pre-login to all PKCS11 slots, it causes problems with HW tokens - try to select client certificate automatically when not specified, thanks to Claes Jakobsson * Fri Jul 10 2009 Kamil Dudka 7.19.5-7 - fix SIGSEGV when using NSS client certificates, thanks to Claes Jakobsson * Sun Jul 05 2009 Kamil Dudka 7.19.5-6 - force test suite to use the just built libcurl, thanks to Paul Howarth * Thu Jul 02 2009 Kamil Dudka 7.19.5-5 - run test suite after build - enable built-in manual * Wed Jun 24 2009 Kamil Dudka 7.19.5-4 - fix bug introduced by the last build (#504857) * Wed Jun 24 2009 Kamil Dudka 7.19.5-3 - exclude curlbuild.h content from spec (#504857) * Wed Jun 10 2009 Kamil Dudka 7.19.5-2 - avoid unguarded comparison in the spec file, thanks to R P Herrold (#504857) * Tue May 19 2009 Kamil Dudka 7.19.5-1 - update to 7.19.5, dropped applied patches * Mon May 11 2009 Kamil Dudka 7.19.4-11 - fix infinite loop while loading a private key, thanks to Michael Cronenworth (#453612) * Mon Apr 27 2009 Kamil Dudka 7.19.4-10 - fix curl/nss memory leaks while using client certificate (#453612, accepted by upstream) * Wed Apr 22 2009 Kamil Dudka 7.19.4-9 - add missing BuildRequire for autoconf * Wed Apr 22 2009 Kamil Dudka 7.19.4-8 - fix configure.ac to not discard -g in CFLAGS (#496778) * Tue Apr 21 2009 Debarshi Ray 7.19.4-7 - Fixed configure to respect the environment's CFLAGS and CPPFLAGS settings. * Tue Apr 14 2009 Kamil Dudka 7.19.4-6 - upstream patch fixing memory leak in lib/nss.c (#453612) - remove redundant dependency of libcurl-devel on libssh2-devel * Wed Mar 18 2009 Kamil Dudka 7.19.4-5 - enable 6 additional crypto algorithms by default (#436781, accepted by upstream) * Thu Mar 12 2009 Kamil Dudka 7.19.4-4 - fix memory leak in src/main.c (accepted by upstream) - avoid using %%ifarch * Wed Mar 11 2009 Kamil Dudka 7.19.4-3 - make libcurl-devel multilib-ready (bug #488922) * Fri Mar 06 2009 Jindrich Novy 7.19.4-2 - drop .easy-leak patch, causes problems in pycurl (#488791) - fix libcurl-devel dependencies (#488895) * Tue Mar 03 2009 Jindrich Novy 7.19.4-1 - update to 7.19.4 (fixes CVE-2009-0037) - fix leak in curl_easy* functions, thanks to Kamil Dudka - drop nss-fix patch, applied upstream * Tue Feb 24 2009 Fedora Release Engineering - 7.19.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild * Tue Feb 17 2009 Kamil Dudka 7.19.3-1 - update to 7.19.3, dropped applied nss patches - add patch fixing 7.19.3 curl/nss bugs