curl: update to version 8.7.1

This commits updates the contrib sources to version 8.7.1.

This version requires more random entropy as it queries OpenSSL
about the current random state and will bail if it is not sufficient.
Doubling the content of the '<inline>' VFS plugin as used in static
configurations seems satisfactory.

Furthermore DNS resolving needs a configured '<pipe>' plugin to work
properly.

Fixes #5184.

repos/dde_linux/recipes/raw/test-wg_reconnect/dynamic.config

@@ -30,7 +30,8 @@
 				<start name="fetchurl" caps="200">
 					<resource name="RAM" quantum="10M"/>
 					<config>
-						<libc stdout="/dev/log" stderr="/dev/log" rtc="/dev/rtc" socket="/socket"/>
+						<libc stdout="/dev/log" stderr="/dev/log" rtc="/dev/rtc" socket="/socket"
+						      pipe="/pipe"/>
 						<vfs>
 							<dir name="dev">
 								<log/>
@@ -40,6 +41,9 @@
 							<dir name="socket">
 								<lwip dhcp="yes"/>
 							</dir>
+							<dir name="pipe">
+								<pipe/>
+							</dir>
 							<dir name="out">
 								<ram/>
 							</dir>

repos/dde_linux/run/wg_reconnect.run

@@ -79,6 +79,7 @@ lappend depot_archives [depot_user]/src/[rtc_drv_binary_name]
 lappend depot_archives [depot_user]/src/vfs
 lappend depot_archives [depot_user]/src/vfs_jitterentropy
 lappend depot_archives [depot_user]/src/vfs_lwip
+lappend depot_archives [depot_user]/src/vfs_pipe
 lappend depot_archives [depot_user]/src/wireguard
 lappend depot_archives [depot_user]/src/zlib
 

repos/gems/recipes/pkg/dbg_download/archives

@@ -1,3 +1,4 @@
 _/pkg/depot_download
 _/src/dbg_download
 _/src/vfs_lxip
+_/src/vfs_pipe

repos/gems/recipes/pkg/dbg_download/runtime

@@ -32,6 +32,7 @@
 		<rom label="extract"/>
 		<rom label="libarchive.lib.so"/>
 		<rom label="liblzma.lib.so"/>
+		<rom label="vfs_pipe.lib.so"/>
 		<rom label="dbg_download"/>
 	</content>
 

repos/gems/run/depot_download.run

@@ -16,6 +16,7 @@ import_from_depot [depot_user]/src/[base_src] \
                   [depot_user]/src/fs_rom \
                   [depot_user]/src/vfs \
                   [depot_user]/src/vfs_lxip \
+                  [depot_user]/src/vfs_pipe \
                   [depot_user]/src/fetchurl \
                   [depot_user]/src/libc \
                   [depot_user]/src/libssh \

repos/gems/src/app/depot_download_manager/gen_fetchurl.cc

@@ -29,6 +29,7 @@ void Depot_download_manager::gen_fetchurl_start_content(Xml_generator &xml,
 			xml.attribute("stdout", "/dev/log");
 			xml.attribute("stderr", "/dev/log");
 			xml.attribute("rtc",    "/dev/rtc");
+			xml.attribute("pipe",   "/pipe");
 			xml.attribute("socket", "/socket");
 		});
 		xml.node("report", [&] {
@@ -53,10 +54,15 @@ void Depot_download_manager::gen_fetchurl_start_content(Xml_generator &xml,
 				});
 				xml.node("inline", [&] {
 					xml.attribute("name", "random");
-					String<64> entropy("01234567890123456789");
+					String<64> entropy("01234567890123456789"
+					                   "01234567890123456789");
 					xml.append(entropy.string());
 				});
 			});
+			xml.node("dir", [&] {
+				xml.attribute("name", "pipe");
+				xml.node("pipe", [&] { });
+			});
 			xml.node("fs", [&] {
 				xml.attribute("label", "tcpip"); });
 		});
@@ -106,6 +112,7 @@ void Depot_download_manager::gen_fetchurl_start_content(Xml_generator &xml,
 		gen_parent_rom_route(xml, "libssl.lib.so");
 		gen_parent_rom_route(xml, "libcrypto.lib.so");
 		gen_parent_rom_route(xml, "vfs.lib.so");
+		gen_parent_rom_route(xml, "vfs_pipe.lib.so");
 		gen_parent_rom_route(xml, "zlib.lib.so");
 		gen_parent_route<Cpu_session>    (xml);
 		gen_parent_route<Pd_session>     (xml);

repos/gems/src/app/sculpt_manager/runtime/update.cc

@@ -49,6 +49,7 @@ void Sculpt::gen_update_start_content(Xml_generator &xml)
 		gen_parent_rom_route(xml, "vfs");
 		gen_parent_rom_route(xml, "lxip.lib.so");
 		gen_parent_rom_route(xml, "vfs_lxip.lib.so");
+		gen_parent_rom_route(xml, "vfs_pipe.lib.so");
 		gen_parent_rom_route(xml, "posix.lib.so");
 		gen_parent_rom_route(xml, "libssh.lib.so");
 		gen_parent_rom_route(xml, "libssl.lib.so");

repos/libports/lib/mk/curl.inc

@@ -3,16 +3,21 @@ LIB_SRC_DIR   := $(CURL_PORT_DIR)/src/lib/curl/lib
 
 SRC_C = \
 	altsvc.c \
-	amigaos.c \
-	asyn-ares.c \
 	asyn-thread.c \
 	base64.c \
+	bufq.c \
+	bufref.c \
+	cf-h1-proxy.c \
+	cf-h2-proxy.c \
+	cf-haproxy.c \
+	cf-https-connect.c \
+	cf-socket.c \
+	cfilters.c \
 	conncache.c \
 	connect.c \
 	content_encoding.c \
 	cookie.c \
 	curl_addrinfo.c \
-	curl_ctype.c \
 	curl_des.c \
 	curl_endian.c \
 	curl_fnmatch.c \
@@ -27,11 +32,15 @@ SRC_C = \
 	curl_range.c \
 	curl_rtmp.c \
 	curl_sasl.c \
+	curl_sha512_256.c \
 	curl_sspi.c \
 	curl_threads.c \
+	curl_trc.c \
+	cw-out.c \
 	dict.c \
 	doh.c \
-	dotdot.c \
+	dynbuf.c \
+	dynhds.c \
 	easy.c \
 	escape.c \
 	file.c \
@@ -43,21 +52,23 @@ SRC_C = \
 	getinfo.c \
 	gopher.c \
 	hash.c \
+	headers.c \
 	hmac.c \
 	hostasyn.c \
-	hostcheck.c \
 	hostip.c \
 	hostip4.c \
 	hostip6.c \
 	hostsyn.c \
+	hsts.c \
 	http.c \
+	http1.c \
 	http2.c \
 	http_chunks.c \
 	http_digest.c \
 	http_negotiate.c \
 	http_ntlm.c \
 	http_proxy.c \
-	idn_win32.c \
+	idn.c \
 	if2ip.c \
 	imap.c \
 	inet_ntop.c \
@@ -73,8 +84,8 @@ SRC_C = \
 	mqtt.c \
 	multi.c \
 	netrc.c \
-	non-ascii.c \
 	nonblock.c \
+	noproxy.c \
 	openldap.c \
 	parsedate.c \
 	pingpong.c \
@@ -83,8 +94,8 @@ SRC_C = \
 	psl.c \
 	rand.c \
 	rename.c \
+	request.c \
 	rtsp.c \
-	security.c \
 	select.c \
 	sendf.c \
 	setopt.c \
@@ -107,11 +118,11 @@ SRC_C = \
 	system_win32.c \
 	telnet.c \
 	tftp.c \
+	timediff.c \
 	timeval.c \
 	transfer.c \
 	url.c \
 	urlapi.c \
-	vauth/cleartext.c \
 	vauth/cram.c \
 	vauth/digest.c \
 	vauth/digest_sspi.c \
@@ -124,27 +135,19 @@ SRC_C = \
 	vauth/spnego_sspi.c \
 	vauth/vauth.c \
 	version.c \
-	vquic/ngtcp2.c \
-	vquic/quiche.c \
+	vquic/curl_ngtcp2.c \
+	vquic/curl_quiche.c \
 	vssh/libssh.c \
 	vssh/libssh2.c \
-	vssh/wolfssh.c \
-	vtls/bearssl.c \
-	vtls/gskit.c \
-	vtls/gtls.c \
-	vtls/mbedtls.c \
-	vtls/mbedtls_threadlock.c \
-	vtls/mesalink.c \
-	vtls/nss.c \
+	vtls/hostcheck.c \
+	vtls/keylog.c \
 	vtls/openssl.c \
 	vtls/schannel.c \
 	vtls/schannel_verify.c \
 	vtls/sectransp.c \
 	vtls/vtls.c \
-	vtls/wolfssl.c \
-	warnless.c \
-	wildcard.c \
-	x509asn1.c \
+	vtls/x509asn1.c \
+	warnless.c
 	# end of SRC_C
 
 CC_OPT += -DHAVE_CONFIG_H -DBUILDING_LIBCURL=1

repos/libports/lib/symbols/curl

@@ -2,7 +2,9 @@ curl_easy_cleanup T
 curl_easy_duphandle T
 curl_easy_escape T
 curl_easy_getinfo T
+curl_easy_header T
 curl_easy_init T
+curl_easy_nextheader T
 curl_easy_pause T
 curl_easy_perform T
 curl_easy_recv T
@@ -23,6 +25,7 @@ curl_global_cleanup T
 curl_global_init T
 curl_global_init_mem T
 curl_global_sslset T
+curl_global_trace T
 curl_maprintf T
 curl_mfprintf T
 curl_mime_addpart T
@@ -44,6 +47,7 @@ curl_multi_add_handle T
 curl_multi_assign T
 curl_multi_cleanup T
 curl_multi_fdset T
+curl_multi_get_handles T
 curl_multi_info_read T
 curl_multi_init T
 curl_multi_perform T
@@ -78,5 +82,6 @@ curl_url_cleanup T
 curl_url_dup T
 curl_url_get T
 curl_url_set T
+curl_url_strerror T
 curl_version T
 curl_version_info T

repos/libports/ports/curl.hash

@@ -1 +1 @@
-b2103a900cd655abca670fc02d1574be4785585a
+1394305484ec022e78dfe5c85c87f5bfd8ab2980

repos/libports/ports/curl.port

@@ -1,14 +1,14 @@
 LICENSE   := MIT
 DOWNLOADS := curl.archive
-VERSION   := 7.70.0
+VERSION   := 8.7.1
 
-URL(curl) := http://curl.haxx.se/download/curl-$(VERSION).tar.gz
-SHA(curl) := ca2feeb8ef13368ce5d5e5849a5fd5e2dd4755fecf7d8f0cc94000a4206fb8e7
+URL(curl) := https://curl.se/download/curl-$(VERSION).tar.gz
+SHA(curl) := f91249c87f68ea00cf27c44fdfa5a78423e41e71b7d408e5901a9896d905c495
 SIG(curl) := ${URL(curl)}.asc
 KEY(curl) := daniel@haxx.se
 DIR(curl) := src/lib/curl
 
-PATCHES   := $(addprefix src/lib/curl/,no_socketpair.patch max_write_size.patch)
+PATCHES   := $(addprefix src/lib/curl/,curl_setup.patch max_write_size.patch)
 
 DIRS := include
 DIR_CONTENT(include) = src/lib/curl/include/curl

repos/libports/run/fetchurl.inc

@@ -53,6 +53,8 @@ import_from_depot [depot_user]/src/[base_src] \
                   [depot_user]/src/report_rom \
                   [depot_user]/src/vfs \
                   [depot_user]/src/vfs_[ip_stack] \
+                  [depot_user]/src/vfs_jitterentropy \
+                  [depot_user]/src/vfs_pipe \
                   [depot_user]/src/zlib
 
 install_config {
@@ -135,12 +137,13 @@ install_config {
 			<vfs>
 				<dir name="dev">
 					<log/> <null/> <inline name="rtc">2000-01-01 00:00</inline>
-					<inline name="random">01234567890123456789</inline>
+					<inline name="random">0123456789012345678901234567890123456789</inline>
 				</dir>
+				<dir name="pipe"> <pipe/> </dir>
 				<dir name="socket"> } [socket_fs_plugin] { </dir>
 			</vfs>
 			<libc stdout="/dev/log" stderr="/dev/log" rtc="/dev/rtc"
-			      rng="/dev/random" socket="/socket"/>
+			      rng="/dev/random" socket="/socket" pipe="/pipe"/>
 			<fetch url="https://genode.org/about/LICENSE" path="/dev/log" retry="3"/>
 		</config>
 	</start>

repos/libports/src/app/fetchurl/component.cc

@@ -48,8 +48,8 @@ static size_t write_callback(char   *ptr,
                              void   *userdata);
 
 static int progress_callback(void *userdata,
-                             double dltotal, double dlnow,
-                             double ultotal, double ulnow);
+                             curl_off_t dltotal, curl_off_t dlnow,
+                             curl_off_t ultotal, curl_off_t ulnow);
 
 
 class Fetchurl::Fetch : Genode::List<Fetch>::Element
@@ -262,6 +262,8 @@ struct Fetchurl::Main
 		}
 		_fetch.fd = fd;
 
+		curl_easy_setopt(_curl, CURLOPT_VERBOSE, 1L);
+
 		curl_easy_setopt(_curl, CURLOPT_URL, _fetch.url.string());
 		curl_easy_setopt(_curl, CURLOPT_FOLLOWLOCATION, true);
 
@@ -272,7 +274,7 @@ struct Fetchurl::Main
 		curl_easy_setopt(_curl, CURLOPT_WRITEDATA, &_fetch);
 
 		curl_easy_setopt(_curl, CURLOPT_NOPROGRESS, 0L);
-		curl_easy_setopt(_curl, CURLOPT_PROGRESSFUNCTION, progress_callback);
+		curl_easy_setopt(_curl, CURLOPT_XFERINFOFUNCTION, progress_callback);
 		User_data ud {
 			.timer        = _timer,
 			.last_ms      = _timer.curr_time().trunc_to_plain_ms(),
@@ -354,8 +356,8 @@ static size_t write_callback(char   *ptr,
 
 
 static int progress_callback(void *userdata,
-                             double dltotal, double dlnow,
-                             double ultotal, double ulnow)
+                             curl_off_t dltotal, curl_off_t dlnow,
+                             curl_off_t ultotal, curl_off_t ulnow)
 {
 	(void)ultotal;
 	(void)ulnow;
@@ -377,7 +379,7 @@ static int progress_callback(void *userdata,
 	 * the max timeout value, we will abort the download attempt.
 	 */
 
-	if (dlnow == fetch.dlnow) {
+	if ((double)dlnow == fetch.dlnow) {
 		ud.curr_timeout.value += diff.value;
 	}
 	else {
@@ -385,8 +387,8 @@ static int progress_callback(void *userdata,
 	}
 	bool const timeout = ud.curr_timeout.value >= ud.max_timeout.value;
 
-	fetch.dltotal = dltotal;
-	fetch.dlnow   = dlnow;
+	fetch.dltotal = (double)dltotal;
+	fetch.dlnow   = (double)dlnow;
 	fetch.timeout = timeout;
 	fetch.main._schedule_report();
 

repos/libports/src/lib/curl/curl_setup.patch

@@ -0,0 +1,12 @@
+Include limits.h header before setting SIZE_* defines to prevent
+redefine warnings.
++++ src/lib/curl/lib/curl_setup.h
+@@ -35,6 +35,8 @@
+ #endif
+ #endif
+ 
++#include <sys/limits.h>
++
+ /* Set default _WIN32_WINNT */
+ #ifdef __MINGW32__
+ #include <_mingw.h>

repos/libports/src/lib/curl/no_socketpair.patch

@@ -1,9 +0,0 @@
-+++ src/lib/curl/lib/socketpair.h
-@@ -32,5 +32,7 @@
- 
- /* Defined here to allow specific build configs to disable it completely */
- #define USE_SOCKETPAIR 1
-+/* prevent use of socketpair on Genode */
-+#undef USE_SOCKETPAIR
- 
- #endif /* HEADER_CURL_SOCKETPAIR_H */

repos/ports/run/lighttpd_fetchurl.run

@@ -31,6 +31,7 @@ import_from_depot [depot_user]/src/[base_src] \
                   [depot_user]/src/vfs \
                   [depot_user]/src/vfs_[ip_stack] \
                   [depot_user]/src/vfs_audit \
+                  [depot_user]/src/vfs_pipe \
                   [depot_user]/src/zlib
 
 proc lighttpd_config { } {
@@ -134,13 +135,14 @@ install_config {
 			<vfs>
 				<dir name="dev">
 					<log/> <null/> <inline name="rtc">2000-01-01 00:00</inline>
-					<inline name="random">01234567890123456789</inline>
+					<inline name="random">0123456789012345678901234567890123456789</inline>
 				</dir>
 				<dir name="socket"> } [socket_fs_plugin] { </dir>
 				<dir name="audit"> <audit path="socket"/> </dir>
+				<dir name="pipe"> <pipe/> </dir>
 			</vfs>
 			<libc stdout="/dev/log" stderr="/dev/log" rtc="/dev/rtc"
-			      rng="/dev/random" socket="} [socket_path] {"/>
+			      rng="/dev/random" socket="} [socket_path] {" pipe="/pipe"/>
 			<fetch url="http://10.0.3.2/zero" path="/dev/null" retry="3"/>
 		</config>
 	</start>