1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
|
#! /usr/bin/make -f
# Include pkg-info to make use of DEB_VERSION
include /usr/share/dpkg/pkg-info.mk
# enable all hardening options (see #763372)
export DEB_BUILD_MAINT_OPTIONS = hardening=+all
DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE)
DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH)
CONFIGURE_ARGS = -- --disable-dependency-tracking \
--disable-symbol-hiding --enable-versioned-symbols \
--enable-threaded-resolver --with-lber-lib=lber \
--with-gssapi=/usr --with-nghttp2 \
--includedir=/usr/include/$(DEB_HOST_MULTIARCH) \
--with-zsh-functions-dir=/usr/share/zsh/vendor-completions \
--with-fish-functions-dir=/usr/share/fish/vendor_completions.d \
--with-ca-path=/etc/ssl/certs \
--with-ca-bundle=/etc/ssl/certs/ca-certificates.crt \
--without-libssh --with-libssh2
ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
NUMJOBS = $(patsubst parallel=%,%,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
MAKEFLAGS += -j$(NUMJOBS)
endif
export DEB_CFLAGS_MAINT_APPEND = -D_DEB_HOST_ARCH=\"$(DEB_HOST_MULTIARCH)\" -DCURL_PATCHSTAMP=\"$(DEB_VERSION)\"
export DEB_CXXFLAGS_MAINT_APPEND = -D_DEB_HOST_ARCH=\"$(DEB_HOST_MULTIARCH)\" -DCURL_PATCHSTAMP=\"$(DEB_VERSION)\"
export DEB_LDFLAGS_MAINT_APPEND = -Wl,--no-undefined
ifneq ($(filter pkg.curl.openssl-only,$(DEB_BUILD_PROFILES)),)
DEB_BUILD_PROFILES += pkg.curl.no-gnutls
endif
ifneq ($(filter pkg.curl.gnutls-only,$(DEB_BUILD_PROFILES)),)
DEB_BUILD_PROFILES += pkg.curl.no-openssl
endif
# Enable debug support when the debug profile is active.
ifneq ($(filter pkg.curl.debug,$(DEB_BUILD_PROFILES)),)
CONFIGURE_ARGS += --enable-debug
TESTS_GENERAL_PARAMETERS += feat:debug
endif
%:
dh $@
override_dh_auto_configure:
ifeq ($(filter pkg.curl.no-openssl,$(DEB_BUILD_PROFILES)),)
mkdir -p debian/build
tar -cf - --exclude=debian/build* --exclude=.pc . \
| tar -xf - -C debian/build
cd debian/build && \
autoreconf -fi && \
cp ../../ltmain.sh . && \
dh_auto_configure ${CONFIGURE_ARGS} --with-openssl \
--with-openssl-quic \
--with-nghttp3
endif
ifeq ($(filter pkg.curl.no-gnutls,$(DEB_BUILD_PROFILES)),)
mkdir -p debian/build-gnutls
tar -cf - --exclude=debian/build* --exclude=.pc . \
| tar -xf - -C debian/build-gnutls
cd debian/build-gnutls && \
autoreconf -fi && \
cp ../../ltmain.sh . && \
dh_auto_configure ${CONFIGURE_ARGS} --with-gnutls \
--with-ngtcp2 \
--with-nghttp3
endif
override_dh_auto_build:
ifeq ($(filter pkg.curl.no-openssl,$(DEB_BUILD_PROFILES)),)
cd debian/build && dh_auto_build
endif
ifeq ($(filter pkg.curl.no-gnutls,$(DEB_BUILD_PROFILES)),)
cd debian/build-gnutls && dh_auto_build
endif
# Test parameters that are passed to runtests.pl.
# -n disables valgrind usage
TESTS_GENERAL_PARAMETERS += -n
# -j parallel tests: https://daniel.haxx.se/blog/2023/06/08/parallel-curl-tests/
ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
NUMJOBS = $(patsubst parallel=%,%,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
TESTS_GENERAL_PARAMETERS += -j$(shell echo $$(( $(NUMJOBS) * 4 )))
endif
# These tests fail if a IPv6-only builder is used:
# https://bugs.debian.org/1032343
# https://github.com/curl/curl/issues/10682
TESTS_FAILS_ON_IPV6_ONLY_MACHINES ?= $(addprefix ~, 300 301 303 304 306 309 310 325 364 400 401 403 406 407 408 409 410 414 417 560 678 987 988 989 1112 1272 1470 1561 1562 1630 1631 1632 2034 2037 2041 3000 3001 3102)
TESTS_GENERAL_PARAMETERS += $(TESTS_FAILS_ON_IPV6_ONLY_MACHINES)
override_dh_auto_test:
ifeq ($(filter nocheck,$(DEB_BUILD_PROFILES)),)
ifeq ($(filter pkg.curl.no-openssl,$(DEB_BUILD_PROFILES)),)
# OpenSSL tests.
cd debian/build && VERBOSE=1 \
TFLAGS="$(TESTS_GENERAL_PARAMETERS)" \
$(MAKE) $(MAKE_EXTRA_FLAGS) test-nonflaky
endif
ifeq ($(filter pkg.curl.no-gnutls,$(DEB_BUILD_PROFILES)),)
# GnuTLS tests.
cd debian/build-gnutls && VERBOSE=1 \
TFLAGS="$(TESTS_GENERAL_PARAMETERS)" \
$(MAKE) $(MAKE_EXTRA_FLAGS) test-nonflaky
endif
endif
override_dh_install:
ifeq ($(filter pkg.curl.no-openssl,$(DEB_BUILD_PROFILES)),)
${MAKE} -C debian/build \
DESTDIR=$(shell pwd)/debian/tmp install
endif
ifeq ($(filter pkg.curl.no-gnutls,$(DEB_BUILD_PROFILES)),)
${MAKE} -C debian/build-gnutls \
DESTDIR=$(shell pwd)/debian/tmp-gnutls install
endif
find debian/tmp* -name '*.la' -delete
ifeq ($(filter pkg.curl.no-openssl,$(DEB_BUILD_PROFILES)),)
dh_install -plibcurl4t64 -plibcurl4-openssl-dev -plibcurl4-doc \
-pcurl \
--sourcedir=debian/tmp
endif
ifeq ($(filter pkg.curl.no-gnutls,$(DEB_BUILD_PROFILES)),)
dh_install -plibcurl3t64-gnutls -plibcurl4-gnutls-dev \
--sourcedir=debian/tmp-gnutls
endif
# Modify curl-config to make it architecture-independent:
# 1. In --static-libs output, replace the output of krb5-config (which
# currently includes architecture-specific paths) with a call at
# runtime to krb5-config. Of course, this will only work correctly
# if the installed libkrb5-dev matches the architecture of the
# program you're linking, or if libkrb5-dev is made
# multiarch-compatible at some point in the future. For dynamic
# linking this has no impact.
# 2. In --configure output, replace the architecture-specific paths
# used for --libdir and --libexecdir with a literal backquoted call
# to dpkg-architecture. This is functionally equivalent to the way
# debhelper actually invokes configure, and indicates to the user
# (who runs curl-config --configure in order to learn about how the
# library was compiled) that they are in fact using a multi-arch
# package.
# 3. Likewise, replace the architecture name used for --build (and
# build_alias) with a literal backquoted call to dpkg-architecture.
# 4. In --configure output, remove
# -fdebug-prefix-map=/buildd/specific/random/path=. and
# -ffile-prefix-map=/buildd/specific/random/path=.
# 5. Remove -D_DEB_HOST_ARCH from CFLAGS. This is a (hopefully
# temporary) hack needed to properly build curl with NSS PEM
# support in Debian.
# 6. CFLAGS also contain some arch specific hardening flags so we
# replace it with dpkg-buildflags call.
# 7. After t64 transition, CPPFLAGS also differ on 32bits t64 arches, so we
# replace it with dpkg-buildflags
sed -e "/-lcurl /s|`krb5-config --libs gssapi`|\`krb5-config --libs gssapi\`|" \
-e "/--prefix/s|/$(DEB_HOST_MULTIARCH)'|/\\\`dpkg-architecture -qDEB_HOST_MULTIARCH\\\`'|g" \
-e "/--prefix/s|=$(DEB_BUILD_GNU_TYPE)'|=\\\`dpkg-architecture -qDEB_BUILD_GNU_TYPE\\\`'|g" \
-e "/-fdebug-prefix-map=/s|\(-fdebug-prefix-map=\)/[^ ]*=.||" \
-e "/CFLAGS/s|CFLAGS=.\+\(-DCURL_PATCHSTAMP\)|CFLAGS=\\\`dpkg-buildflags --get CFLAGS \| sed -e \"/-ffile-prefix-map=/s\|\\\\(-ffile-prefix-map=\\\\)/[^ ]*=.\|\|\"\\\` \1|" \
-e "/-D_DEB_HOST_ARCH=/s|-D_DEB_HOST_ARCH=\\\\\"[^ ']*\\\\\"||" \
-e "/CPPFLAGS/s|CPPFLAGS=.\+\'|CPPFLAGS=\\\`dpkg-buildflags --get CPPFLAGS\\\`'\"|" \
-i `find . -name curl-config`
# When we get here, everything has been properly installed. Because
# of debhelper-compat 13, we have to remove some files that are
# otherwise flagged as not installed and will cause the build to fail.
rm -rfv debian/tmp/usr/share/aclocal/*
override_dh_installchangelogs:
dh_installchangelogs CHANGES.md
override_dh_compress:
dh_compress -X.pdf
override_dh_auto_clean:
$(RM) -r debian/build* debian/tmp*
dh_auto_clean
|
