Message ID | 20230325181958.25542-1-ps.report@gmx.net |
---|---|
State | Accepted |
Headers | show |
Series | [v1] package/libcurl: disable NTLM support definitely | expand |
Peter, All On 2023-03-25 19:19 +0100, Peter Seiderer spake thusly: > - do not only disable NTLM delegation to winbinds ntlm_auth but > disable NTLM support overall (and drop enforced libopenssl DES > dependency introduced by 'package/libcurl: make sure openssl > supports DES' (commit f25c820a4f93ad0ca7eaf5e504667bd4099b878c) > - change man page hint to https URL > - rearrange configure options to one option per line > > Signed-off-by: Peter Seiderer <ps.report@gmx.net> Applied to master, thanks. Regards, Yann E. MORIN. > --- > Patch works for libcurl-7.88.1 and libcurl-8.0.1 > --- > package/libcurl/Config.in | 1 - > package/libcurl/libcurl.mk | 21 ++++++++++++++------- > 2 files changed, 14 insertions(+), 8 deletions(-) > > diff --git a/package/libcurl/Config.in b/package/libcurl/Config.in > index 218309ed56..adab1ca3e6 100644 > --- a/package/libcurl/Config.in > +++ b/package/libcurl/Config.in > @@ -57,7 +57,6 @@ choice > config BR2_PACKAGE_LIBCURL_OPENSSL > bool "OpenSSL" > depends on BR2_PACKAGE_OPENSSL > - select BR2_PACKAGE_LIBOPENSSL_ENABLE_DES if BR2_PACKAGE_LIBOPENSSL > > config BR2_PACKAGE_LIBCURL_BEARSSL > bool "BearSSL" > diff --git a/package/libcurl/libcurl.mk b/package/libcurl/libcurl.mk > index 1a1594a45e..1ff0ecc004 100644 > --- a/package/libcurl/libcurl.mk > +++ b/package/libcurl/libcurl.mk > @@ -16,15 +16,22 @@ LIBCURL_CPE_ID_VENDOR = haxx > LIBCURL_CPE_ID_PRODUCT = libcurl > LIBCURL_INSTALL_STAGING = YES > > -# We disable NTLM support because it uses fork(), which doesn't work > -# on non-MMU platforms. Moreover, this authentication method is > -# probably almost never used. See > -# http://curl.se/docs/manpage.html#--ntlm. > +# We disable NTLM delegation to winbinds ntlm_auth ('--disable-ntlm-wb') > +# support because it uses fork(), which doesn't work on non-MMU platforms. > +# Moreover, this authentication method is probably almost never used (see > +# https://curl.se/docs/manpage.html#--ntlm), so disable NTLM support overall. > +# > # Likewise, there is no compiler on the target, so libcurl-option (to > # generate C code) isn't very useful > -LIBCURL_CONF_OPTS = --disable-manual --disable-ntlm-wb \ > - --with-random=/dev/urandom --disable-curldebug \ > - --disable-libcurl-option --disable-ldap --disable-ldaps > +LIBCURL_CONF_OPTS = \ > + --disable-manual \ > + --disable-ntlm \ > + --disable-ntlm-wb \ > + --with-random=/dev/urandom \ > + --disable-curldebug \ > + --disable-libcurl-option \ > + --disable-ldap \ > + --disable-ldaps > > ifeq ($(BR2_TOOLCHAIN_HAS_THREADS),y) > LIBCURL_CONF_OPTS += --enable-threaded-resolver > -- > 2.39.2 > > _______________________________________________ > buildroot mailing list > buildroot@buildroot.org > https://lists.buildroot.org/mailman/listinfo/buildroot
>>>>> "Peter" == Peter Seiderer <ps.report@gmx.net> writes: > - do not only disable NTLM delegation to winbinds ntlm_auth but > disable NTLM support overall (and drop enforced libopenssl DES > dependency introduced by 'package/libcurl: make sure openssl > supports DES' (commit f25c820a4f93ad0ca7eaf5e504667bd4099b878c) > - change man page hint to https URL > - rearrange configure options to one option per line > Signed-off-by: Peter Seiderer <ps.report@gmx.net> > --- > Patch works for libcurl-7.88.1 and libcurl-8.0.1 Committed to 2023.02.x, thanks.
diff --git a/package/libcurl/Config.in b/package/libcurl/Config.in index 218309ed56..adab1ca3e6 100644 --- a/package/libcurl/Config.in +++ b/package/libcurl/Config.in @@ -57,7 +57,6 @@ choice config BR2_PACKAGE_LIBCURL_OPENSSL bool "OpenSSL" depends on BR2_PACKAGE_OPENSSL - select BR2_PACKAGE_LIBOPENSSL_ENABLE_DES if BR2_PACKAGE_LIBOPENSSL config BR2_PACKAGE_LIBCURL_BEARSSL bool "BearSSL" diff --git a/package/libcurl/libcurl.mk b/package/libcurl/libcurl.mk index 1a1594a45e..1ff0ecc004 100644 --- a/package/libcurl/libcurl.mk +++ b/package/libcurl/libcurl.mk @@ -16,15 +16,22 @@ LIBCURL_CPE_ID_VENDOR = haxx LIBCURL_CPE_ID_PRODUCT = libcurl LIBCURL_INSTALL_STAGING = YES -# We disable NTLM support because it uses fork(), which doesn't work -# on non-MMU platforms. Moreover, this authentication method is -# probably almost never used. See -# http://curl.se/docs/manpage.html#--ntlm. +# We disable NTLM delegation to winbinds ntlm_auth ('--disable-ntlm-wb') +# support because it uses fork(), which doesn't work on non-MMU platforms. +# Moreover, this authentication method is probably almost never used (see +# https://curl.se/docs/manpage.html#--ntlm), so disable NTLM support overall. +# # Likewise, there is no compiler on the target, so libcurl-option (to # generate C code) isn't very useful -LIBCURL_CONF_OPTS = --disable-manual --disable-ntlm-wb \ - --with-random=/dev/urandom --disable-curldebug \ - --disable-libcurl-option --disable-ldap --disable-ldaps +LIBCURL_CONF_OPTS = \ + --disable-manual \ + --disable-ntlm \ + --disable-ntlm-wb \ + --with-random=/dev/urandom \ + --disable-curldebug \ + --disable-libcurl-option \ + --disable-ldap \ + --disable-ldaps ifeq ($(BR2_TOOLCHAIN_HAS_THREADS),y) LIBCURL_CONF_OPTS += --enable-threaded-resolver
- do not only disable NTLM delegation to winbinds ntlm_auth but disable NTLM support overall (and drop enforced libopenssl DES dependency introduced by 'package/libcurl: make sure openssl supports DES' (commit f25c820a4f93ad0ca7eaf5e504667bd4099b878c) - change man page hint to https URL - rearrange configure options to one option per line Signed-off-by: Peter Seiderer <ps.report@gmx.net> --- Patch works for libcurl-7.88.1 and libcurl-8.0.1 --- package/libcurl/Config.in | 1 - package/libcurl/libcurl.mk | 21 ++++++++++++++------- 2 files changed, 14 insertions(+), 8 deletions(-)