diff --git a/debian/changelog b/debian/changelog index a40840ab2..552d87290 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +libgit2 (0.26.0+dfsg.1-1.1) UNRELEASED; urgency=medium + + * Non-maintainer upload. + * Use git_curl_stream_new for HTTPS because we don't link against openssl. + + -- Ximin Luo Tue, 01 Aug 2017 15:54:10 +0200 + libgit2 (0.26.0+dfsg.1-1) experimental; urgency=medium * New upstream release. diff --git a/debian/patches/revert-curl-no-encrypt.patch b/debian/patches/revert-curl-no-encrypt.patch new file mode 100644 index 000000000..177de82f3 --- /dev/null +++ b/debian/patches/revert-curl-no-encrypt.patch @@ -0,0 +1,85 @@ +commit e96800420abf894673e8eeca4af5277dbb12d730 +Author: Ximin Luo +Date: Tue Aug 1 16:07:35 2017 +0200 + + Revert "curl: remove the encrypted param to the constructor" + + This reverts commit 8443f492dd53451c1c74f61c0e51ddb32c5e6ba0. + +diff --git a/src/curl_stream.c b/src/curl_stream.c +index 4e0455cca..346b0c00d 100644 +--- a/src/curl_stream.c ++++ b/src/curl_stream.c +@@ -296,7 +296,7 @@ static void curls_free(git_stream *stream) + git__free(s); + } + +-int git_curl_stream_new(git_stream **out, const char *host, const char *port) ++int git_curl_stream_new(git_stream **out, const char *host, const char *port, int encrypted) + { + curl_stream *st; + CURL *handle; +@@ -317,7 +317,15 @@ int git_curl_stream_new(git_stream **out, const char *host, const char *port) + return error; + } + +- curl_easy_setopt(handle, CURLOPT_URL, host); ++ if (encrypted) { ++ git_buf buf = GIT_BUF_INIT; ++ git_buf_printf(&buf, "https://%s", host); ++ curl_easy_setopt(handle, CURLOPT_URL, buf.ptr); ++ git_buf_free(&buf); ++ } else { ++ curl_easy_setopt(handle, CURLOPT_URL, host); ++ } ++ + curl_easy_setopt(handle, CURLOPT_ERRORBUFFER, st->curl_error); + curl_easy_setopt(handle, CURLOPT_PORT, iport); + curl_easy_setopt(handle, CURLOPT_CONNECT_ONLY, 1); +@@ -329,7 +337,7 @@ int git_curl_stream_new(git_stream **out, const char *host, const char *port) + /* curl_easy_setopt(handle, CURLOPT_VERBOSE, 1); */ + + st->parent.version = GIT_STREAM_VERSION; +- st->parent.encrypted = 0; /* we don't encrypt ourselves */ ++ st->parent.encrypted = encrypted; + st->parent.proxy_support = 1; + st->parent.connect = curls_connect; + st->parent.certificate = curls_certificate; +diff --git a/src/curl_stream.h b/src/curl_stream.h +index 283f0fe40..168fbe8c4 100644 +--- a/src/curl_stream.h ++++ b/src/curl_stream.h +@@ -9,6 +9,6 @@ + + #include "git2/sys/stream.h" + +-extern int git_curl_stream_new(git_stream **out, const char *host, const char *port); ++extern int git_curl_stream_new(git_stream **out, const char *host, const char *port, bool encrypted); + + #endif +diff --git a/src/openssl_stream.c b/src/openssl_stream.c +index 759c5015f..f567347a1 100644 +--- a/src/openssl_stream.c ++++ b/src/openssl_stream.c +@@ -588,7 +588,7 @@ int git_openssl_stream_new(git_stream **out, const char *host, const char *port) + + st->io = NULL; + #ifdef GIT_CURL +- error = git_curl_stream_new(&st->io, host, port); ++ error = git_curl_stream_new(&st->io, host, port, false); + #else + error = git_socket_stream_new(&st->io, host, port); + #endif +diff --git a/src/transports/http.c b/src/transports/http.c +index cb4a6d0d5..e4535b6db 100644 +--- a/src/transports/http.c ++++ b/src/transports/http.c +@@ -609,7 +609,7 @@ static int http_connect(http_subtransport *t) + error = git_tls_stream_new(&t->io, t->connection_data.host, t->connection_data.port); + } else { + #ifdef GIT_CURL +- error = git_curl_stream_new(&t->io, t->connection_data.host, t->connection_data.port); ++ error = git_curl_stream_new(&t->io, t->connection_data.host, t->connection_data.port, false); + #else + error = git_socket_stream_new(&t->io, t->connection_data.host, t->connection_data.port); + #endif diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 000000000..07e349b28 --- /dev/null +++ b/debian/patches/series @@ -0,0 +1,2 @@ +revert-curl-no-encrypt.patch +use-curl-stream.patch diff --git a/debian/patches/use-curl-stream.patch b/debian/patches/use-curl-stream.patch new file mode 100644 index 000000000..4d75ace66 --- /dev/null +++ b/debian/patches/use-curl-stream.patch @@ -0,0 +1,29 @@ +Description: Add -DUSE_CURL_SSL to allow distros to avoid OpenSSL +Author: Ximin Luo +Forwarded: https://github.com/libgit2/libgit2/pull/4325 +--- a/src/transports/http.c ++++ b/src/transports/http.c +@@ -606,7 +606,11 @@ + } + + if (t->connection_data.use_ssl) { ++#ifdef GIT_CURL_SSL ++ error = git_curl_stream_new(&t->io, t->connection_data.host, t->connection_data.port, true); ++#else + error = git_tls_stream_new(&t->io, t->connection_data.host, t->connection_data.port); ++#endif + } else { + #ifdef GIT_CURL + error = git_curl_stream_new(&t->io, t->connection_data.host, t->connection_data.port, false); +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -285,6 +285,9 @@ + ENDIF () + + IF (CURL_FOUND) ++ IF (USE_CURL_SSL) ++ ADD_DEFINITIONS(-DGIT_CURL_SSL) ++ ENDIF() + ADD_DEFINITIONS(-DGIT_CURL) + INCLUDE_DIRECTORIES(${CURL_INCLUDE_DIRS}) + LINK_DIRECTORIES(${CURL_LIBRARY_DIRS}) diff --git a/debian/rules b/debian/rules index 6ee865315..7f8123b63 100755 --- a/debian/rules +++ b/debian/rules @@ -18,6 +18,7 @@ override_dh_auto_configure: dh_auto_configure --builddirectory=build-debian-release -- \ -DCMAKE_BUILD_TYPE:STRING=RelWithDebInfo \ -DUSE_OPENSSL:BOOL=OFF \ + -DUSE_CURL_SSL:BOOL=ON \ -DUSE_GSSAPI:BOOL=ON \ -DTHREADSAFE:BOOL=ON \ -DBUILD_CLAR:BOOL=ON \ @@ -27,6 +28,7 @@ override_dh_auto_configure: -DCMAKE_BUILD_TYPE:STRING=Release \ -DTHREADSAFE:BOOL=ON \ -DUSE_OPENSSL:BOOL=OFF \ + -DUSE_CURL_SSL:BOOL=ON \ -DUSE_GSSAPI:BOOL=ON \ -DBUILD_CLAR:BOOL=OFF \ -DBUILD_SHARED_LIBS:BOOL=OFF \