diff --git a/ports/aws-sdk-cpp/vcpkg.in.json b/ports/aws-sdk-cpp/vcpkg.in.json index 3eb486f732feff..22ae4c7450dbe3 100644 --- a/ports/aws-sdk-cpp/vcpkg.in.json +++ b/ports/aws-sdk-cpp/vcpkg.in.json @@ -1,7 +1,7 @@ { "name": "aws-sdk-cpp", "version": "1.11.215", - "port-version": 1, + "port-version": 2, "description": "AWS SDK for C++", "homepage": "https://github.com/aws/aws-sdk-cpp", "license": "Apache-2.0", @@ -12,7 +12,7 @@ "name": "curl", "default-features": false, "features": [ - "ssl" + "openssl" ], "platform": "!uwp & !windows" }, diff --git a/ports/aws-sdk-cpp/vcpkg.json b/ports/aws-sdk-cpp/vcpkg.json index cbe626657fef08..988f93414c3fec 100644 --- a/ports/aws-sdk-cpp/vcpkg.json +++ b/ports/aws-sdk-cpp/vcpkg.json @@ -2,6 +2,7 @@ "$note": "Automatically generated by generateFeatures.ps1", "name": "aws-sdk-cpp", "version": "1.11.255", + "port-version": 1, "description": "AWS SDK for C++", "homepage": "https://github.com/aws/aws-sdk-cpp", "license": "Apache-2.0", @@ -12,7 +13,7 @@ "name": "curl", "default-features": false, "features": [ - "ssl" + "openssl" ], "platform": "!uwp & !windows" }, diff --git a/ports/azure-core-cpp/vcpkg.json b/ports/azure-core-cpp/vcpkg.json index 51099a1489cd1b..3290292f0723f0 100644 --- a/ports/azure-core-cpp/vcpkg.json +++ b/ports/azure-core-cpp/vcpkg.json @@ -5,6 +5,7 @@ ], "name": "azure-core-cpp", "version-semver": "1.11.2", + "port-version": 1, "description": [ "Microsoft Azure Core SDK for C++", "This library provides shared primitives, abstractions, and helpers for modern Azure SDK client libraries written in the C++." @@ -40,7 +41,7 @@ "name": "curl", "default-features": false, "features": [ - "ssl" + "openssl" ] } ] diff --git a/ports/configcat/vcpkg.json b/ports/configcat/vcpkg.json index da1ccd6119749e..2d71782e61b5c2 100644 --- a/ports/configcat/vcpkg.json +++ b/ports/configcat/vcpkg.json @@ -1,6 +1,7 @@ { "name": "configcat", "version": "3.2.0", + "port-version": 1, "description": "ConfigCat SDK for C++ provides easy integration for your application to ConfigCat. ConfigCat is a feature flag and configuration management service that lets you separate feature releases from deployments. Alternative to LaunchDarkly.", "homepage": "https://configcat.com/", "license": "MIT", @@ -28,7 +29,7 @@ "name": "curl", "default-features": false, "features": [ - "ssl" + "openssl" ] }, { diff --git a/ports/cpr/vcpkg.json b/ports/cpr/vcpkg.json index 6a7400895f8414..e04a5f0a27ac67 100644 --- a/ports/cpr/vcpkg.json +++ b/ports/cpr/vcpkg.json @@ -1,7 +1,7 @@ { "name": "cpr", "version-semver": "1.10.5", - "port-version": 2, + "port-version": 3, "description": "C++ Requests is a simple wrapper around libcurl inspired by the excellent Python Requests project.", "homepage": "https://github.com/libcpr/cpr", "license": "MIT", @@ -30,7 +30,7 @@ "name": "curl", "default-features": false, "features": [ - "ssl" + "openssl" ] }, { diff --git a/ports/curl/ca-native.patch b/ports/curl/ca-native.patch new file mode 100644 index 00000000000000..c891c747b40eae --- /dev/null +++ b/ports/curl/ca-native.patch @@ -0,0 +1,69 @@ +diff --git a/CMakeLists.txt b/CMakeLists.txt +index 656aa7c740facf..c4bea84462679a 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -399,6 +399,11 @@ cmake_dependent_option(CURL_USE_BEARSSL "Enable BearSSL for SSL/TLS" OFF CURL_EN + cmake_dependent_option(CURL_USE_WOLFSSL "Enable wolfSSL for SSL/TLS" OFF CURL_ENABLE_SSL OFF) + cmake_dependent_option(CURL_USE_GNUTLS "Enable GnuTLS for SSL/TLS" OFF CURL_ENABLE_SSL OFF) + ++option(CURL_USE_CA_NATIVE "Use standard certificate store of operating system" OFF) ++if(CURL_USE_CA_NATIVE) ++ set(USE_CA_NATIVE ON) ++endif() ++ + set(openssl_default ON) + if(WIN32 OR CURL_USE_SECTRANSP OR CURL_USE_SCHANNEL OR CURL_USE_MBEDTLS OR CURL_USE_WOLFSSL) + set(openssl_default OFF) +diff --git a/lib/curl_config.h.cmake b/lib/curl_config.h.cmake +index 0f4db69820ed17..09f1fd14ca9528 100644 +--- a/lib/curl_config.h.cmake ++++ b/lib/curl_config.h.cmake +@@ -741,6 +741,9 @@ ${SIZEOF_TIME_T_CODE} + /* to enable Windows SSL */ + #cmakedefine USE_SCHANNEL 1 + ++/* Use standard certificate store of operating system */ ++#cmakedefine USE_CA_NATIVE 1 ++ + /* enable multiple SSL backends */ + #cmakedefine CURL_WITH_MULTI_SSL 1 + +diff --git a/lib/setopt.c b/lib/setopt.c +index 8a5a5d7c33d21d..a7ce186baef681 100644 +--- a/lib/setopt.c ++++ b/lib/setopt.c +@@ -2370,6 +2370,9 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param) + data->set.ssl.no_partialchain = !!(arg & CURLSSLOPT_NO_PARTIALCHAIN); + data->set.ssl.revoke_best_effort = !!(arg & CURLSSLOPT_REVOKE_BEST_EFFORT); + data->set.ssl.native_ca_store = !!(arg & CURLSSLOPT_NATIVE_CA); ++#ifdef USE_CA_NATIVE ++ data->set.ssl.native_ca_store = true; ++#endif + data->set.ssl.auto_client_cert = !!(arg & CURLSSLOPT_AUTO_CLIENT_CERT); + /* If a setting is added here it should also be added in dohprobe() + which sets its own CURLOPT_SSL_OPTIONS based on these settings. */ +@@ -2385,6 +2388,9 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param) + data->set.proxy_ssl.revoke_best_effort = + !!(arg & CURLSSLOPT_REVOKE_BEST_EFFORT); + data->set.proxy_ssl.native_ca_store = !!(arg & CURLSSLOPT_NATIVE_CA); ++#ifdef USE_CA_NATIVE ++ data->set.ssl.native_ca_store = true; ++#endif + data->set.proxy_ssl.auto_client_cert = + !!(arg & CURLSSLOPT_AUTO_CLIENT_CERT); + break; +diff --git a/src/tool_getparam.c b/src/tool_getparam.c +index 52bb24959ddd71..1c1cf596820bcf 100644 +--- a/src/tool_getparam.c ++++ b/src/tool_getparam.c +@@ -2749,7 +2749,9 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */ + a = NULL; + + } while(!longopt && !singleopt && *++parse && !*usedarg && !err); +- ++#ifdef USE_CA_NATIVE ++ config->native_ca_store = true; ++#endif + error: + if(nextalloc) + free(nextarg); diff --git a/ports/curl/openssl_quic.patch b/ports/curl/openssl_quic.patch new file mode 100644 index 00000000000000..997992c9c67f3e --- /dev/null +++ b/ports/curl/openssl_quic.patch @@ -0,0 +1,53 @@ +diff --git a/CMakeLists.txt b/CMakeLists.txt +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -719,9 +719,22 @@ + include_directories(${MSH3_INCLUDE_DIRS}) + list(APPEND CURL_LIBS ${MSH3_LIBRARIES}) + endif() + +-if(CURL_WITH_MULTI_SSL AND (USE_NGTCP2 OR USE_QUICHE OR USE_MSH3)) ++option(USE_OPENSSL_QUIC "Use openssl and nghttp3 libraries for HTTP/3 support" OFF) ++if(USE_OPENSSL_QUIC) ++ if(USE_NGTCP2 OR USE_QUICHE OR USE_MSH3) ++ message(FATAL_ERROR "Only one HTTP/3 backend can be selected!") ++ endif() ++ find_package(OpenSSL 3.2.0 REQUIRED) ++ ++ find_package(NGHTTP3 REQUIRED) ++ set(USE_NGHTTP3 ON) ++ include_directories(${NGHTTP3_INCLUDE_DIRS}) ++ list(APPEND CURL_LIBS ${NGHTTP3_LIBRARIES}) ++endif() ++ ++if(CURL_WITH_MULTI_SSL AND (USE_NGTCP2 OR USE_QUICHE OR USE_MSH3 OR USE_OPENSSL_QUIC)) + message(FATAL_ERROR "MultiSSL cannot be enabled with HTTP/3 and vice versa.") + endif() + + if(NOT CURL_DISABLE_SRP AND (HAVE_GNUTLS_SRP OR HAVE_OPENSSL_SRP)) +@@ -1541,9 +1554,9 @@ + (use_curl_ntlm_core OR USE_WINDOWS_SSPI) AND + NOT CURL_DISABLE_HTTP AND NTLM_WB_ENABLED) + _add_if("TLS-SRP" USE_TLS_SRP) + _add_if("HTTP2" USE_NGHTTP2) +- _add_if("HTTP3" USE_NGTCP2 OR USE_QUICHE) ++ _add_if("HTTP3" USE_NGTCP2 OR USE_QUICHE OR USE_OPENSSL_QUIC) + _add_if("MultiSSL" CURL_WITH_MULTI_SSL) + # TODO wolfSSL only support this from v5.0.0 onwards + _add_if("HTTPS-proxy" SSL_ENABLED AND (USE_OPENSSL OR USE_GNUTLS + OR USE_SCHANNEL OR USE_RUSTLS OR USE_BEARSSL OR +diff --git a/lib/curl_config.h.cmake b/lib/curl_config.h.cmake +--- a/lib/curl_config.h.cmake ++++ b/lib/curl_config.h.cmake +@@ -719,8 +719,11 @@ + + /* to enable quiche */ + #cmakedefine USE_QUICHE 1 + ++/* to enable openssl + nghttp3 */ ++#cmakedefine USE_OPENSSL_QUIC 1 ++ + /* Define to 1 if you have the quiche_conn_set_qlog_fd function. */ + #cmakedefine HAVE_QUICHE_CONN_SET_QLOG_FD 1 + + /* to enable msh3 */ diff --git a/ports/curl/portfile.cmake b/ports/curl/portfile.cmake index fe3cd4beb5f444..c1f31fe91fe7fe 100644 --- a/ports/curl/portfile.cmake +++ b/ports/curl/portfile.cmake @@ -15,12 +15,15 @@ vcpkg_from_github( export-components.patch dependencies.patch cmake-config.patch + openssl_quic.patch + ca-native.patch ) vcpkg_check_features(OUT_FEATURE_OPTIONS FEATURE_OPTIONS FEATURES # Support HTTP2 TLS Download https://curl.haxx.se/ca/cacert.pem rename to curl-ca-bundle.crt, copy it to libcurl.dll location. http2 USE_NGHTTP2 + http3 USE_OPENSSL_QUIC wolfssl CURL_USE_WOLFSSL openssl CURL_USE_OPENSSL mbedtls CURL_USE_MBEDTLS @@ -35,6 +38,7 @@ vcpkg_check_features(OUT_FEATURE_OPTIONS FEATURE_OPTIONS winidn USE_WIN32_IDN websockets ENABLE_WEBSOCKETS zstd CURL_ZSTD + ca-native CURL_USE_CA_NATIVE INVERTED_FEATURES ldap CURL_DISABLE_LDAP ldap CURL_DISABLE_LDAPS diff --git a/ports/curl/vcpkg.json b/ports/curl/vcpkg.json index 00d693476cdaff..0e329c3b0eddaa 100644 --- a/ports/curl/vcpkg.json +++ b/ports/curl/vcpkg.json @@ -1,7 +1,7 @@ { "name": "curl", "version": "8.6.0", - "port-version": 1, + "port-version": 2, "description": "A library for transferring data with URLs", "homepage": "https://curl.se/", "license": "curl AND ISC AND BSD-3-Clause", @@ -17,8 +17,9 @@ "zlib" ], "default-features": [ + "ca-native", "non-http", - "ssl" + "openssl" ], "features": { "brotli": { @@ -33,6 +34,9 @@ "c-ares" ] }, + "ca-native": { + "description": "Use standard certificate store of operating system" + }, "http2": { "description": "HTTP2 support", "dependencies": [ @@ -40,12 +44,29 @@ "name": "curl", "default-features": false, "features": [ - "ssl" + "openssl" ] }, "nghttp2" ] }, + "http3": { + "description": "HTTP3 support", + "dependencies": [ + { + "name": "curl", + "default-features": false, + "features": [ + "openssl" + ] + }, + "nghttp3", + { + "name": "openssl", + "version>=": "3.2.0" + } + ] + }, "idn": { "description": "Default IDN support", "dependencies": [ @@ -90,12 +111,6 @@ } ] }, - "mbedtls": { - "description": "SSL support (mbedTLS)", - "dependencies": [ - "mbedtls" - ] - }, "non-http": { "description": "Enables protocols beyond HTTP/HTTPS/HTTP2" }, @@ -105,23 +120,6 @@ "openssl" ] }, - "schannel": { - "description": "SSL support (Secure Channel)", - "supports": "windows & !uwp", - "dependencies": [ - { - "name": "curl", - "default-features": false, - "features": [ - "sspi" - ] - } - ] - }, - "sectransp": { - "description": "SSL support (sectransp)", - "supports": "osx | ios" - }, "ssh": { "description": "SSH support via libssh2", "dependencies": [ @@ -142,35 +140,6 @@ "libssh2" ] }, - "ssl": { - "description": "Default SSL backend", - "dependencies": [ - { - "name": "curl", - "default-features": false, - "features": [ - "sectransp" - ], - "platform": "osx | ios" - }, - { - "name": "curl", - "default-features": false, - "features": [ - "schannel" - ], - "platform": "(windows & !uwp) | mingw" - }, - { - "name": "curl", - "default-features": false, - "features": [ - "openssl" - ], - "platform": "(uwp | !windows) & !(osx | ios) & !mingw" - } - ] - }, "sspi": { "description": "SSPI support", "supports": "windows & !uwp" @@ -198,25 +167,6 @@ } ] }, - "winssl": { - "description": "Legacy name for schannel", - "supports": "windows & !uwp", - "dependencies": [ - { - "name": "curl", - "default-features": false, - "features": [ - "schannel" - ] - } - ] - }, - "wolfssl": { - "description": "SSL support (wolfSSL)", - "dependencies": [ - "wolfssl" - ] - }, "zstd": { "description": "ZStandard support (zstd)", "dependencies": [ diff --git a/ports/google-cloud-cpp/vcpkg.json b/ports/google-cloud-cpp/vcpkg.json index b429f3bda8190f..da12583ee7feb0 100644 --- a/ports/google-cloud-cpp/vcpkg.json +++ b/ports/google-cloud-cpp/vcpkg.json @@ -1,6 +1,7 @@ { "name": "google-cloud-cpp", "version": "2.22.0", + "port-version": 1, "description": "C++ Client Libraries for Google Cloud Platform APIs.", "homepage": "https://github.com/googleapis/google-cloud-cpp", "license": "Apache-2.0", @@ -1090,7 +1091,7 @@ { "name": "curl", "features": [ - "ssl" + "openssl" ] }, "nlohmann-json" diff --git a/versions/a-/aws-sdk-cpp.json b/versions/a-/aws-sdk-cpp.json index 1337d87eea9fcc..3f294e4a77256c 100644 --- a/versions/a-/aws-sdk-cpp.json +++ b/versions/a-/aws-sdk-cpp.json @@ -1,5 +1,10 @@ { "versions": [ + { + "git-tree": "bc34b897b476775be702fcfe49296bc991654596", + "version": "1.11.255", + "port-version": 1 + }, { "git-tree": "192340da352851921d2c706648ce973435657d35", "version": "1.11.255", diff --git a/versions/a-/azure-core-cpp.json b/versions/a-/azure-core-cpp.json index 9a5ad9269d9ebb..c45e026eb63294 100644 --- a/versions/a-/azure-core-cpp.json +++ b/versions/a-/azure-core-cpp.json @@ -1,5 +1,10 @@ { "versions": [ + { + "git-tree": "8e2f151a270a9e416bb834e98c87386adcd35f25", + "version-semver": "1.11.2", + "port-version": 1 + }, { "git-tree": "6d0b991648eed7860c0e873b5e9b6332cdc23d25", "version-semver": "1.11.2", diff --git a/versions/baseline.json b/versions/baseline.json index a17d20ccd6c3cf..3598de90278d37 100644 --- a/versions/baseline.json +++ b/versions/baseline.json @@ -418,7 +418,7 @@ }, "aws-sdk-cpp": { "baseline": "1.11.255", - "port-version": 0 + "port-version": 1 }, "azmq": { "baseline": "2023-03-23", @@ -434,7 +434,7 @@ }, "azure-core-cpp": { "baseline": "1.11.2", - "port-version": 0 + "port-version": 1 }, "azure-core-tracing-opentelemetry-cpp": { "baseline": "1.0.0-beta.4", @@ -1786,7 +1786,7 @@ }, "configcat": { "baseline": "3.2.0", - "port-version": 0 + "port-version": 1 }, "console-bridge": { "baseline": "1.0.2", @@ -1950,7 +1950,7 @@ }, "cpr": { "baseline": "1.10.5", - "port-version": 2 + "port-version": 3 }, "cpu-features": { "baseline": "0.9.0", @@ -2062,7 +2062,7 @@ }, "curl": { "baseline": "8.6.0", - "port-version": 1 + "port-version": 2 }, "curlpp": { "baseline": "2018-06-15", @@ -3110,7 +3110,7 @@ }, "google-cloud-cpp": { "baseline": "2.22.0", - "port-version": 0 + "port-version": 1 }, "google-cloud-cpp-common": { "baseline": "alias", @@ -4308,10 +4308,6 @@ "baseline": "1.2.6", "port-version": 2 }, - "libfuse": { - "baseline": "3.16.2", - "port-version": 0 - }, "libenvpp": { "baseline": "1.4.0", "port-version": 0 @@ -4392,6 +4388,10 @@ "baseline": "1.5", "port-version": 4 }, + "libfuse": { + "baseline": "3.16.2", + "port-version": 0 + }, "libgcrypt": { "baseline": "1.10.2", "port-version": 0 diff --git a/versions/c-/configcat.json b/versions/c-/configcat.json index 09f3e0386d5e94..1293de3aeca466 100644 --- a/versions/c-/configcat.json +++ b/versions/c-/configcat.json @@ -1,5 +1,10 @@ { "versions": [ + { + "git-tree": "8561c376c36ae5d369c87beb827d104716036e32", + "version": "3.2.0", + "port-version": 1 + }, { "git-tree": "4f1f87e186100760a5a093476a921eb6396b46c7", "version": "3.2.0", diff --git a/versions/c-/cpr.json b/versions/c-/cpr.json index cbe6fb3b1acdb0..7e749533c49adb 100644 --- a/versions/c-/cpr.json +++ b/versions/c-/cpr.json @@ -1,5 +1,10 @@ { "versions": [ + { + "git-tree": "a414a3fbdfacff1bb49e0643135c990960a83f9d", + "version-semver": "1.10.5", + "port-version": 3 + }, { "git-tree": "25dbacaabb8b12e7032cbad5e03434c983732f2a", "version-semver": "1.10.5", diff --git a/versions/c-/curl.json b/versions/c-/curl.json index fa17b055bd4d7a..56734e8479ded6 100644 --- a/versions/c-/curl.json +++ b/versions/c-/curl.json @@ -1,5 +1,10 @@ { "versions": [ + { + "git-tree": "4d747cbf95b76ee077752486659cf8da435819f8", + "version": "8.6.0", + "port-version": 2 + }, { "git-tree": "1e5908adb574672dfc7a65baa8523ae184f5c0b7", "version": "8.6.0", diff --git a/versions/g-/google-cloud-cpp.json b/versions/g-/google-cloud-cpp.json index 3bd88bc832115f..67d35b1cec87ef 100644 --- a/versions/g-/google-cloud-cpp.json +++ b/versions/g-/google-cloud-cpp.json @@ -1,5 +1,10 @@ { "versions": [ + { + "git-tree": "d60c9acd3407d824909a1d2b740802c8375c02af", + "version": "2.22.0", + "port-version": 1 + }, { "git-tree": "6a57a0d679af7122244a1d5180c8d43a96f297b7", "version": "2.22.0",