heads/modules/curl

# cURL and libcurl
modules-$(CONFIG_CURL) += curl

curl_depends := openssl zlib $(musl_dep)

curl_version := 7.83.1
curl_dir := curl-$(curl_version)
curl_tar := curl-$(curl_version).tar.xz
curl_url := https://curl.se/download/$(curl_tar)
curl_hash := 2cb9c2356e7263a1272fd1435ef7cdebf2cd21400ec287b068396deb705c22c4

curl_configure := ./configure \
	$(CROSS_TOOLS) \
	--host $(target) \
	--prefix "/" \
	--with-openssl \
	--enable-optimize \
	--disable-ares \
	--disable-rt \
	--disable-ech \
	--disable-dependency-tracking \
	--enable-shared \
	--disable-static \
	--enable-http \
	--disable-ftp \
	--enable-file \
	--disable-ldap \
	--disable-ldaps \
	--disable-rtsp \
	--enable-proxy \
	--disable-dict \
	--enable-telnet	\
	--enable-tftp \
	--disable-pop3 \
	--disable-imap \
	--disable-smb \
	--disable-smtp \
	--disable-gopher \
	--disable-mqtt \
	--enable-manual \
	--disable-libcurl-option \
	--enable-openssl-auto-load-config \
	--enable-versioned-symbols \
	--disable-threaded-resolver \
	--disable-sspi \
	--enable-crypto-auth \
	--disable-ntlm \
	--enable-tls-srp \
	--enable-unix-sockets \
	--enable-cookies \
	--enable-socketpair \
	--enable-http-auth \
	--enable-doh \
	--enable-mime \
	--enable-dateparse \
	--enable-netrc \
	--enable-progress-meter \
	--disable-dnsshuffle \
	--enable-get-easy-options \
	--enable-alt-svc \
	--enable-headers-api \
	--enable-hsts \

curl_target := $(MAKE_JOBS) \
	&& $(MAKE) -C $(build)/$(curl_dir) \
		DESTDIR="$(INSTALL)" \
		install

curl_libraries := lib/.libs/libcurl.so.4

curl_output := src/.libs/curl
Addition of qemu-(fb)whiptail-tpm2(-hotp) boards -coreboot support of TPM v2.0 (shared config for TPM2 support across all 4 previous variations) -swtpm set to be launched under TPM v2.0 mode under board config -Documentation file under each board.md softlinks to qemu-coreboot-fbwhiptail-tpm1.md (which has been generalized) This is skeleton for TPM v2 integration under Heads ------------- WiP TODO: - libcurl cannot be built as a tpm2-tools dependency as of now not sure why. curl currently needs to be added in board config to be built - Note: tpm-reset (master and here) needs some review, no handle of no tpm use case. Caller is responsible to not call it otherwise does nothing - init tries to bind fd and fails currently - Note: Check if whiptail is different of fbwhiptail in clearing screen. As of now every clear seems to be removed, still whiptail clears previous console output - When no OS' /boot can be mounted, do not try to TPM reset (will fail) - seal-hotpkey is not working properly - setting disk unlock key asks for TPM ownership passphrase (sealing in NV requires ownership, but text is misleading user as if reowning TPM) - We should cache input, feed tpm behind the scene and wipe passphrase and state clearly that this is TPM disk unlock kye passphrase. - primary key from TPM2 is invalid most of the time from kexec-select-boot and verifying global hashes but is setuped correctly at disk unlock key setup - would be nice to take advantage of bash function tracing to understand where we are for debugging purposes, code takes ash in consideration only - tpmr says it implements nv calls but actually doesn't. Removing those falsely wrapped functions would help. - Implementing them would be better - REVIEW TODOS IN CODE - READD CIRCLECI CONFIG Current state: - TPM unseal works without disk unlock key and generates TOTP properly (was missing die condition at unseal to not produce always good TOTP even if invalid) - TPM disk encryption key fails. Hypothesis is that sealing with USB drivers loaded and measures in inconsistent with sealed with/without. - TPM disk unsealing happens without USB modules being loaded in non-HOTP setup. This fails. - Current tests are with fbwhiptail (no clear called so having traces on command line of what happens) - Testing with HOTP implementation for sealing/unsealing since that forces USB module loads on each boot to remove this from failing possibilities 2022-08-25 18:43:31 +00:00			`# cURL and libcurl`
			`modules-$(CONFIG_CURL) += curl`

			`curl_depends := openssl zlib $(musl_dep)`

			`curl_version := 7.83.1`
			`curl_dir := curl-$(curl_version)`
			`curl_tar := curl-$(curl_version).tar.xz`
			`curl_url := https://curl.se/download/$(curl_tar)`
			`curl_hash := 2cb9c2356e7263a1272fd1435ef7cdebf2cd21400ec287b068396deb705c22c4`

			`curl_configure := ./configure \`
			`$(CROSS_TOOLS) \`
			`--host $(target) \`
			`--prefix "/" \`
			`--with-openssl \`
			`--enable-optimize \`
			`--disable-ares \`
			`--disable-rt \`
			`--disable-ech \`
			`--disable-dependency-tracking \`
			`--enable-shared \`
			`--disable-static \`
			`--enable-http \`
			`--disable-ftp \`
			`--enable-file \`
			`--disable-ldap \`
			`--disable-ldaps \`
			`--disable-rtsp \`
			`--enable-proxy \`
			`--disable-dict \`
			`--enable-telnet \`
			`--enable-tftp \`
			`--disable-pop3 \`
			`--disable-imap \`
			`--disable-smb \`
			`--disable-smtp \`
			`--disable-gopher \`
			`--disable-mqtt \`
			`--enable-manual \`
			`--disable-libcurl-option \`
			`--enable-openssl-auto-load-config \`
			`--enable-versioned-symbols \`
			`--disable-threaded-resolver \`
			`--disable-sspi \`
			`--enable-crypto-auth \`
			`--disable-ntlm \`
			`--enable-tls-srp \`
			`--enable-unix-sockets \`
			`--enable-cookies \`
			`--enable-socketpair \`
			`--enable-http-auth \`
			`--enable-doh \`
			`--enable-mime \`
			`--enable-dateparse \`
			`--enable-netrc \`
			`--enable-progress-meter \`
			`--disable-dnsshuffle \`
			`--enable-get-easy-options \`
			`--enable-alt-svc \`
			`--enable-headers-api \`
			`--enable-hsts \`

			`curl_target := $(MAKE_JOBS) \`
			`&& $(MAKE) -C $(build)/$(curl_dir) \`
			`DESTDIR="$(INSTALL)" \`
			`install`

			`curl_libraries := lib/.libs/libcurl.so.4`

			`curl_output := src/.libs/curl`