Merge pull request #816 from joshcooper/curl8

cthorn42 · web-flow · commit 50954b500c34 · 2024-04-18T15:29:03.000-07:00
Add curl 8.7.1 and configure agent-runtime-main to use it
diff --git a/configs/components/curl.rb b/configs/components/curl.rb
@@ -1,6 +1,17 @@
 component 'curl' do |pkg, settings, platform|
-  pkg.version '7.88.1'
-  pkg.sha256sum 'cdb38b72e36bc5d33d5b8810f8018ece1baa29a8f215b4495e495ded82bbf3c7'
+  # Projects may define a :curl_version setting
+  version = settings[:curl_version] || '7.88.1'
+  pkg.version version
+
+  case version
+  when '7.88.1'
+    pkg.sha256sum 'cdb38b72e36bc5d33d5b8810f8018ece1baa29a8f215b4495e495ded82bbf3c7'
+  when '8.7.1'
+    pkg.sha256sum 'f91249c87f68ea00cf27c44fdfa5a78423e41e71b7d408e5901a9896d905c495'
+  else
+    raise "curl version #{version} has not been configured; Cannot continue."
+  end
+
   pkg.url "https://curl.se/download/curl-#{pkg.get_version}.tar.gz"
   pkg.mirror "#{settings[:buildsources_url]}/curl-#{pkg.get_version}.tar.gz"
 
@@ -26,15 +37,17 @@
     pkg.environment "PATH", "/opt/pl-build-tools/bin:$(PATH):#{settings[:bindir]}"
   end
 
-  # Following 3 lines should we removed once we upgrade CURL to 8.x.x
-  pkg.apply_patch 'resources/patches/curl/CVE-2023-27535.patch'
-  pkg.apply_patch 'resources/patches/curl/CVE-2023-28319.patch'
-  pkg.apply_patch 'resources/patches/curl/CVE-2023-32001.patch'
-  pkg.apply_patch 'resources/patches/curl/CVE-2023-38545.patch'
-  pkg.apply_patch 'resources/patches/curl/CVE-2023-38546.patch'
-  pkg.apply_patch 'resources/patches/curl/CVE-2023-46218.patch'
-  pkg.apply_patch 'resources/patches/curl/CVE-2024-2004.patch'
-  pkg.apply_patch 'resources/patches/curl/CVE-2024-2398.patch'
+  # Following lines should we removed once we drop curl 7
+  if version.start_with?('7')
+    pkg.apply_patch 'resources/patches/curl/CVE-2023-27535.patch'
+    pkg.apply_patch 'resources/patches/curl/CVE-2023-28319.patch'
+    pkg.apply_patch 'resources/patches/curl/CVE-2023-32001.patch'
+    pkg.apply_patch 'resources/patches/curl/CVE-2023-38545.patch'
+    pkg.apply_patch 'resources/patches/curl/CVE-2023-38546.patch'
+    pkg.apply_patch 'resources/patches/curl/CVE-2023-46218.patch'
+    pkg.apply_patch 'resources/patches/curl/CVE-2024-2004.patch'
+    pkg.apply_patch 'resources/patches/curl/CVE-2024-2398.patch'
+  end
 
   configure_options = []
   configure_options << "--with-ssl=#{settings[:prefix]}"
diff --git a/configs/projects/agent-runtime-main.rb b/configs/projects/agent-runtime-main.rb
@@ -12,6 +12,8 @@
     proj.setting :augeas_version, '1.14.1'
   end
 
+  proj.setting :curl_version, '8.7.1'
+
   ########
   # Load shared agent settings
   ########
diff --git a/resources/patches/curl/curl-7.55.1-aix-poll.patch b/resources/patches/curl/curl-7.55.1-aix-poll.patch
