tjh.dev / nixpkgs
Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)
fork atom
nixpkgs / pkgs / by-name / cu / curlMinimal / package.nix
at devShellTools-shell 299 lines 9.5 kB view raw
1{ 2 lib, 3 stdenv, 4 fetchurl, 5 pkg-config, 6 perl, 7 nixosTests, 8 autoreconfHook, 9 brotliSupport ? false, 10 brotli, 11 c-aresSupport ? false, 12 c-aresMinimal, 13 gnutlsSupport ? false, 14 gnutls, 15 gsaslSupport ? false, 16 gsasl, 17 gssSupport ? 18 with stdenv.hostPlatform; 19 ( 20 !isWindows 21 && 22 # disable gss because of: undefined reference to `k5_bcmp' 23 # a very sad story re static: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=439039 24 !isStatic 25 && 26 # the "mig" tool does not configure its compiler correctly. This could be 27 # fixed in mig, but losing gss support on cross compilation to darwin is 28 # not worth the effort. 29 !(isDarwin && (stdenv.buildPlatform != stdenv.hostPlatform)) 30 ), 31 libkrb5, 32 http2Support ? true, 33 nghttp2, 34 http3Support ? false, 35 nghttp3, 36 ngtcp2, 37 quictls, 38 websocketSupport ? false, 39 idnSupport ? false, 40 libidn2, 41 ldapSupport ? false, 42 openldap, 43 opensslSupport ? zlibSupport, 44 openssl, 45 pslSupport ? false, 46 libpsl, 47 rtmpSupport ? false, 48 rtmpdump, 49 scpSupport ? zlibSupport && !stdenv.hostPlatform.isSunOS && !stdenv.hostPlatform.isCygwin, 50 libssh2, 51 wolfsslSupport ? false, 52 wolfssl, 53 rustlsSupport ? false, 54 rustls-ffi, 55 zlibSupport ? true, 56 zlib, 57 zstdSupport ? false, 58 zstd, 59 60 # for passthru.tests 61 coeurl, 62 curlpp, 63 haskellPackages, 64 ocamlPackages, 65 phpExtensions, 66 pkgsStatic, 67 python3, 68 tests, 69 testers, 70 fetchpatch, 71}: 72 73# Note: this package is used for bootstrapping fetchurl, and thus 74# cannot use fetchpatch! All mutable patches (generated by GitHub or 75# cgit) that are needed here should be included directly in Nixpkgs as 76# files. 77 78assert 79 !( 80 (lib.count (x: x) [ 81 gnutlsSupport 82 opensslSupport 83 wolfsslSupport 84 rustlsSupport 85 ]) > 1 86 ); 87 88let 89 openssl' = if http3Support then quictls else openssl; 90in 91 92stdenv.mkDerivation (finalAttrs: { 93 pname = "curl"; 94 version = "8.14.1"; 95 96 src = fetchurl { 97 urls = [ 98 "https://curl.haxx.se/download/curl-${finalAttrs.version}.tar.xz" 99 "https://github.com/curl/curl/releases/download/curl-${ 100 builtins.replaceStrings [ "." ] [ "_" ] finalAttrs.version 101 }/curl-${finalAttrs.version}.tar.xz" 102 ]; 103 hash = "sha256-9GGaHiR0xLv+3IinwhkSCcgzS0j6H05T/VhMwS6RIN0="; 104 }; 105 106 # this could be accomplished by updateAutotoolsGnuConfigScriptsHook, but that causes infinite recursion 107 # necessary for FreeBSD code path in configure 108 postPatch = '' 109 substituteInPlace ./config.guess --replace-fail /usr/bin/uname uname 110 patchShebangs scripts 111 ''; 112 113 outputs = [ 114 "bin" 115 "dev" 116 "out" 117 "man" 118 "devdoc" 119 ]; 120 separateDebugInfo = stdenv.hostPlatform.isLinux; 121 122 enableParallelBuilding = true; 123 124 strictDeps = true; 125 126 env = lib.optionalAttrs (stdenv.hostPlatform.isDarwin && stdenv.hostPlatform.isStatic) { 127 # Not having this causes curl’s `configure` script to fail with static builds on Darwin because 128 # some of curl’s propagated inputs need libiconv. 129 NIX_LDFLAGS = "-liconv"; 130 }; 131 132 nativeBuildInputs = [ 133 pkg-config 134 perl 135 ] 136 ++ lib.optionals stdenv.hostPlatform.isOpenBSD [ autoreconfHook ]; 137 138 nativeCheckInputs = [ 139 # See https://github.com/curl/curl/pull/16928 140 openssl' 141 ]; 142 143 # Zlib and OpenSSL must be propagated because `libcurl.la' contains 144 # "-lz -lssl", which aren't necessary direct build inputs of 145 # applications that use Curl. 146 propagatedBuildInputs = 147 lib.optional brotliSupport brotli 148 ++ lib.optional c-aresSupport c-aresMinimal 149 ++ lib.optional gnutlsSupport gnutls 150 ++ lib.optional gsaslSupport gsasl 151 ++ lib.optional gssSupport libkrb5 152 ++ lib.optional http2Support nghttp2 153 ++ lib.optionals http3Support [ 154 nghttp3 155 ngtcp2 156 ] 157 ++ lib.optional idnSupport libidn2 158 ++ lib.optional ldapSupport openldap 159 ++ lib.optional opensslSupport openssl' 160 ++ lib.optional pslSupport libpsl 161 ++ lib.optional rtmpSupport rtmpdump 162 ++ lib.optional scpSupport libssh2 163 ++ lib.optional wolfsslSupport wolfssl 164 ++ lib.optional rustlsSupport rustls-ffi 165 ++ lib.optional zlibSupport zlib 166 ++ lib.optional zstdSupport zstd; 167 168 # for the second line see https://curl.haxx.se/mail/tracker-2014-03/0087.html 169 preConfigure = '' 170 sed -e 's|/usr/bin|/no-such-path|g' -i.bak configure 171 rm src/tool_hugehelp.c 172 ''; 173 174 configureFlags = [ 175 "--enable-versioned-symbols" 176 # Build without manual 177 "--disable-manual" 178 (lib.enableFeature c-aresSupport "ares") 179 (lib.enableFeature ldapSupport "ldap") 180 (lib.enableFeature ldapSupport "ldaps") 181 (lib.enableFeature websocketSupport "websockets") 182 # --with-ca-fallback is only supported for openssl and gnutls https://github.com/curl/curl/blame/curl-8_0_1/acinclude.m4#L1640 183 (lib.withFeature (opensslSupport || gnutlsSupport) "ca-fallback") 184 (lib.withFeature http3Support "nghttp3") 185 (lib.withFeature http3Support "ngtcp2") 186 (lib.withFeature rtmpSupport "librtmp") 187 (lib.withFeature rustlsSupport "rustls") 188 (lib.withFeature zstdSupport "zstd") 189 (lib.withFeature pslSupport "libpsl") 190 (lib.withFeatureAs brotliSupport "brotli" (lib.getDev brotli)) 191 (lib.withFeatureAs gnutlsSupport "gnutls" (lib.getDev gnutls)) 192 (lib.withFeatureAs idnSupport "libidn2" (lib.getDev libidn2)) 193 (lib.withFeatureAs opensslSupport "openssl" (lib.getDev openssl')) 194 (lib.withFeatureAs scpSupport "libssh2" (lib.getDev libssh2)) 195 (lib.withFeatureAs wolfsslSupport "wolfssl" (lib.getDev wolfssl)) 196 ] 197 ++ lib.optional gssSupport "--with-gssapi=${lib.getDev libkrb5}" 198 # For the 'urandom', maybe it should be a cross-system option 199 ++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) "--with-random=/dev/urandom" 200 ++ lib.optionals stdenv.hostPlatform.isDarwin [ 201 # Disable default CA bundle, use NIX_SSL_CERT_FILE or fallback to nss-cacert from the default profile. 202 # Without this curl might detect /etc/ssl/cert.pem at build time on macOS, causing curl to ignore NIX_SSL_CERT_FILE. 203 "--without-ca-bundle" 204 "--without-ca-path" 205 ] 206 ++ lib.optionals (!gnutlsSupport && !opensslSupport && !wolfsslSupport && !rustlsSupport) [ 207 "--without-ssl" 208 ] 209 ++ lib.optionals (rustlsSupport && !stdenv.hostPlatform.isDarwin) [ 210 "--with-ca-bundle=/etc/ssl/certs/ca-certificates.crt" 211 ] 212 ++ lib.optionals (gnutlsSupport && !stdenv.hostPlatform.isDarwin) [ 213 "--with-ca-path=/etc/ssl/certs" 214 ]; 215 216 CXX = "${stdenv.cc.targetPrefix}c++"; 217 CXXCPP = "${stdenv.cc.targetPrefix}c++ -E"; 218 219 # takes 14 minutes on a 24 core and because many other packages depend on curl 220 # they cannot be run concurrently and are a bottleneck 221 # tests are available in passthru.tests.withCheck 222 doCheck = false; 223 preCheck = '' 224 patchShebangs tests/ 225 '' 226 + lib.optionalString stdenv.hostPlatform.isDarwin '' 227 # bad interaction with sandbox if enabled? 228 rm tests/data/test1453 229 rm tests/data/test1086 230 '' 231 + lib.optionalString stdenv.hostPlatform.isMusl '' 232 # different resolving behaviour? 233 rm tests/data/test1592 234 ''; 235 236 __darwinAllowLocalNetworking = true; 237 238 postInstall = '' 239 moveToOutput bin/curl-config "$dev" 240 241 # Install completions 242 make -C scripts install 243 '' 244 + lib.optionalString scpSupport '' 245 sed '/^dependency_libs/s|${lib.getDev libssh2}|${lib.getLib libssh2}|' -i "$out"/lib/*.la 246 '' 247 + lib.optionalString gnutlsSupport '' 248 ln $out/lib/libcurl${stdenv.hostPlatform.extensions.sharedLibrary} $out/lib/libcurl-gnutls${stdenv.hostPlatform.extensions.sharedLibrary} 249 ln $out/lib/libcurl${stdenv.hostPlatform.extensions.sharedLibrary} $out/lib/libcurl-gnutls${stdenv.hostPlatform.extensions.sharedLibrary}.4 250 ln $out/lib/libcurl${stdenv.hostPlatform.extensions.sharedLibrary} $out/lib/libcurl-gnutls${stdenv.hostPlatform.extensions.sharedLibrary}.4.4.0 251 ''; 252 253 passthru = 254 let 255 useThisCurl = attr: attr.override { curl = finalAttrs.finalPackage; }; 256 in 257 { 258 inherit opensslSupport; 259 openssl = openssl'; 260 tests = { 261 withCheck = finalAttrs.finalPackage.overrideAttrs (_: { 262 doCheck = true; 263 }); 264 fetchpatch = tests.fetchpatch.simple.override { 265 fetchpatch = (fetchpatch.override { fetchurl = useThisCurl fetchurl; }) // { 266 version = 1; 267 }; 268 }; 269 curlpp = useThisCurl curlpp; 270 coeurl = useThisCurl coeurl; 271 haskell-curl = useThisCurl haskellPackages.curl; 272 ocaml-curly = useThisCurl ocamlPackages.curly; 273 pycurl = useThisCurl python3.pkgs.pycurl; 274 php-curl = useThisCurl phpExtensions.curl; 275 # error: attribute 'override' missing 276 # Additional checking with support http3 protocol. 277 # nginx-http3 = useThisCurl nixosTests.nginx-http3; 278 nginx-http3 = nixosTests.nginx-http3; 279 pkg-config = testers.testMetaPkgConfig finalAttrs.finalPackage; 280 static = pkgsStatic.curl; 281 }; 282 }; 283 284 meta = { 285 changelog = "https://curl.se/ch/${finalAttrs.version}.html"; 286 description = "Command line tool for transferring files with URL syntax"; 287 homepage = "https://curl.se/"; 288 license = lib.licenses.curl; 289 maintainers = with lib.maintainers; [ 290 lovek323 291 Scrumplex 292 ]; 293 platforms = lib.platforms.all; 294 # Fails to link against static brotli or gss 295 broken = stdenv.hostPlatform.isStatic && (brotliSupport || gssSupport); 296 pkgConfigModules = [ "libcurl" ]; 297 mainProgram = "curl"; 298 }; 299})