Skip to content

Commit

Permalink
Use string flag properly
Browse files Browse the repository at this point in the history
  • Loading branch information
lalten committed Jun 14, 2024
1 parent 16dfd0d commit 7aebe3b
Show file tree
Hide file tree
Showing 2 changed files with 43 additions and 36 deletions.
77 changes: 42 additions & 35 deletions modules/curl/8.8.0/patches/add_build_file.patch
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
diff --git a/BUILD.bazel b/BUILD.bazel
new file mode 100644
index 000000000..f40364c9c
index 000000000..0eaa6df71
--- /dev/null
+++ b/BUILD.bazel
@@ -0,0 +1,294 @@
@@ -0,0 +1,301 @@
+# Copyright The OpenTelemetry Authors
+# SPDX-License-Identifier: Apache-2.0
+
Expand Down Expand Up @@ -31,6 +31,35 @@ index 000000000..f40364c9c
+ flag_values = {":http_only": "true"},
+)
+
+# Curl's default CA path depends on the OS. If CURL_CA_BUNDLE/CURL_CA_PATH are not set,
+# (and you don't `curl_easy_setopt(curl_, CURLOPT_CAPATH, "/etc/ssl/certs");`), curl
+# will fail to verify server certificates.
+# The string_flag below allows the user to specify their (OS-specific) default CA path
+# like `--@curl//:ca_bundle=/etc/ssl/certs/ca-certificates.crt` on the command line or
+# in .bazelrc. See also https://github.com/curl/curl/blob/curl-8_8_0/acinclude.m4#L1202
+
+string_flag(
+ name = "ca_bundle",
+ build_setting_default = "",
+ make_variable = "CURL_CA_BUNDLE",
+)
+
+config_setting(
+ name = "ca_bundle_is_unset",
+ flag_values = {":ca_bundle": ""},
+)
+
+string_flag(
+ name = "ca_path",
+ build_setting_default = "",
+ make_variable = "CURL_CA_PATH",
+)
+
+config_setting(
+ name = "ca_path_is_unset",
+ flag_values = {":ca_path": ""},
+)
+
+_BASE_CURL_COPTS = [
+ "-DCURL_DISABLE_LDAP=1",
+ "-DENABLE_IPV6=1",
Expand Down Expand Up @@ -197,38 +226,6 @@ index 000000000..f40364c9c
+ "-DCURL_HIDDEN_SYMBOLS",
+]
+
+# Curl's default CA path depends on the OS. If CURL_CA_BUNDLE/CURL_CA_PATH are not set,
+# and you don't `curl_easy_setopt(curl_, CURLOPT_CAPATH, "/etc/ssl/certs");`, curl will
+# fail to verify server certificates.
+# The string_flag/config_settings below allows the user to specify the OS-specific
+# default CA path like `--@curl//:ca_bundle=Debian` on the command line or in .bazelrc
+# The values are from https://github.com/curl/curl/blob/curl-8_8_0/acinclude.m4#L1202
+_CA_BUNDLE_OSES = "Debian Redhat OldRedhat MidnightBSD OpenBSD SUSE".split(" ")
+
+string_flag(
+ name = "ca_bundle",
+ build_setting_default = "None",
+ values = ["None"] + _CA_BUNDLE_OSES,
+)
+
+[
+ config_setting(
+ name = "ca_bundle_" + os,
+ flag_values = {":ca_bundle": os},
+ )
+ for os in _CA_BUNDLE_OSES
+]
+
+_CA_BUNDLE = select({
+ ":ca_bundle_Debian": ['CURL_CA_BUNDLE=\\"/etc/ssl/certs/ca-certificates.crt\\"'],
+ ":ca_bundle_Redhat": ['CURL_CA_BUNDLE=\\"/etc/pki/tls/certs/ca-bundle.crt\\"'],
+ ":ca_bundle_OldRedhat": ['CURL_CA_BUNDLE=\\"/usr/share/ssl/certs/ca-bundle.crt\\"'],
+ ":ca_bundle_MidnightBSD": ['CURL_CA_BUNDLE=\\"/usr/local/share/certs/ca-root-nss.crt\\"'],
+ ":ca_bundle_OpenBSD": ['CURL_CA_BUNDLE=\\"/etc/ssl/cert.pem\\"'],
+ ":ca_bundle_SUSE": ['CURL_CA_PATH=\\"/etc/ssl/certs\\"'],
+ "//conditions:default": [],
+})
+
+cc_library(
+ name = "curl",
+ srcs = glob([
Expand Down Expand Up @@ -280,7 +277,17 @@ index 000000000..f40364c9c
+ }) + select({
+ ":http_only_setting": ["HTTP_ONLY"],
+ "//conditions:default": [],
+ }) + _CA_BUNDLE,
+ }) + select({
+ ":ca_bundle_is_unset": [],
+ "//conditions:default": ['CURL_CA_BUNDLE=\\"$(CURL_CA_BUNDLE)\\"'],
+ }) + select({
+ ":ca_path_is_unset": [],
+ "//conditions:default": ['CURL_CA_PATH=\\"$(CURL_CA_PATH)\\"'],
+ }),
+ toolchains = [
+ ":ca_bundle",
+ ":ca_path",
+ ],
+ visibility = ["//visibility:public"],
+ deps = select({
+ ":use_mbedtls_setting": ["@mbedtls"],
Expand Down
2 changes: 1 addition & 1 deletion modules/curl/8.8.0/source.json
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
"url": "https://github.com/curl/curl/releases/download/curl-8_8_0/curl-8.8.0.tar.gz",
"patch_strip": 1,
"patches": {
"add_build_file.patch": "sha256-j9XaaDuRZ/ebKU3eojK2L4G9pyKaYxm6TA1PZxftNfU=",
"add_build_file.patch": "sha256-lKgUeYnNCpzXrDQH5AMbdQ8+GMlnhV59R5sVNmf27Qw=",
"module_dot_bazel.patch": "sha256-QcYejB5CL4QORcinUW701hWtraX+OFWe/sISBxzwy94="
}
}

0 comments on commit 7aebe3b

Please sign in to comment.