2013-06-06 01:53:30 +02:00
|
|
|
################################################################################
|
2012-10-15 09:19:55 +02:00
|
|
|
#
|
|
|
|
# gnupg
|
|
|
|
#
|
2013-06-06 01:53:30 +02:00
|
|
|
################################################################################
|
2012-10-15 09:19:55 +02:00
|
|
|
|
2018-06-11 18:08:43 +02:00
|
|
|
GNUPG_VERSION = 1.4.23
|
2012-10-15 09:19:55 +02:00
|
|
|
GNUPG_SOURCE = gnupg-$(GNUPG_VERSION).tar.bz2
|
2017-08-30 14:01:04 +02:00
|
|
|
GNUPG_SITE = https://gnupg.org/ftp/gcrypt/gnupg
|
2017-03-30 15:43:33 +02:00
|
|
|
GNUPG_LICENSE = GPL-3.0+
|
2012-10-15 09:19:55 +02:00
|
|
|
GNUPG_LICENSE_FILES = COPYING
|
2018-10-03 02:25:48 +02:00
|
|
|
GNUPG_DEPENDENCIES = zlib $(if $(BR2_PACKAGE_LIBICONV),libiconv)
|
2012-10-16 22:05:19 +02:00
|
|
|
GNUPG_CONF_ENV = ac_cv_sys_symbol_underscore=no
|
2017-04-07 03:09:43 +02:00
|
|
|
GNUPG_CONF_OPTS = \
|
|
|
|
--disable-rpath \
|
|
|
|
--enable-minimal \
|
|
|
|
--disable-regex \
|
|
|
|
--enable-sha256 \
|
|
|
|
--enable-sha512
|
2012-10-15 09:19:55 +02:00
|
|
|
|
2018-10-03 02:25:48 +02:00
|
|
|
HOST_GNUPG_DEPENDENCIES = host-zlib
|
2017-12-11 18:04:29 +01:00
|
|
|
HOST_GNUPG_CONF_OPTS = \
|
|
|
|
--disable-rpath \
|
|
|
|
--enable-minimal \
|
|
|
|
--disable-regex \
|
|
|
|
--enable-sha256 \
|
|
|
|
--enable-sha512 \
|
|
|
|
--enable-aes \
|
|
|
|
--enable-rsa \
|
|
|
|
--without-libcurl \
|
|
|
|
--without-readline
|
|
|
|
|
2016-07-31 10:27:19 +02:00
|
|
|
# gnupg doesn't support assembly for coldfire
|
|
|
|
ifeq ($(BR2_m68k_cf),y)
|
|
|
|
GNUPG_CONF_OPTS += --disable-asm
|
|
|
|
endif
|
|
|
|
|
2012-10-15 09:19:55 +02:00
|
|
|
ifeq ($(BR2_PACKAGE_BZIP2),y)
|
2014-09-27 21:32:44 +02:00
|
|
|
GNUPG_CONF_OPTS += --enable-bzip2
|
2012-10-15 09:19:55 +02:00
|
|
|
GNUPG_DEPENDENCIES += bzip2
|
|
|
|
endif
|
|
|
|
|
|
|
|
ifeq ($(BR2_PACKAGE_LIBCURL),y)
|
|
|
|
GNUPG_CONF_ENV += ac_cv_path__libcurl_config=$(STAGING_DIR)/usr/bin/curl-config
|
|
|
|
GNUPG_DEPENDENCIES += libcurl
|
|
|
|
else
|
2014-09-27 21:32:44 +02:00
|
|
|
GNUPG_CONF_OPTS += --without-libcurl
|
2012-10-15 09:19:55 +02:00
|
|
|
endif
|
|
|
|
|
|
|
|
ifeq ($(BR2_PACKAGE_READLINE),y)
|
|
|
|
GNUPG_DEPENDENCIES += readline
|
|
|
|
else
|
2014-09-27 21:32:44 +02:00
|
|
|
GNUPG_CONF_OPTS += --without-readline
|
2012-10-15 09:19:55 +02:00
|
|
|
endif
|
|
|
|
|
2015-07-02 17:30:24 +02:00
|
|
|
ifeq ($(BR2_PACKAGE_GNUPG_AES),y)
|
|
|
|
GNUPG_CONF_OPTS += --enable-aes
|
|
|
|
else
|
|
|
|
GNUPG_CONF_OPTS += --disable-aes
|
|
|
|
endif
|
|
|
|
|
2013-09-30 02:25:20 +02:00
|
|
|
ifeq ($(BR2_PACKAGE_GNUPG_RSA),y)
|
2014-09-27 21:32:44 +02:00
|
|
|
GNUPG_CONF_OPTS += --enable-rsa
|
2013-09-30 02:25:20 +02:00
|
|
|
else
|
2014-09-27 21:32:44 +02:00
|
|
|
GNUPG_CONF_OPTS += --disable-rsa
|
2013-09-30 02:25:20 +02:00
|
|
|
endif
|
|
|
|
|
2012-10-15 09:19:55 +02:00
|
|
|
ifneq ($(BR2_PACKAGE_GNUPG_GPGV),y)
|
|
|
|
define GNUPG_REMOVE_GPGV
|
2014-11-30 15:18:23 +01:00
|
|
|
rm -f $(TARGET_DIR)/usr/bin/gpgv
|
2012-10-15 09:19:55 +02:00
|
|
|
endef
|
|
|
|
GNUPG_POST_INSTALL_TARGET_HOOKS += GNUPG_REMOVE_GPGV
|
|
|
|
endif
|
|
|
|
|
|
|
|
ifneq ($(BR2_PACKAGE_GNUPG_GPGSPLIT),y)
|
|
|
|
define GNUPG_REMOVE_GPGSPLIT
|
|
|
|
rm -f $(TARGET_DIR)/usr/bin/gpgsplit
|
|
|
|
endef
|
|
|
|
GNUPG_POST_INSTALL_TARGET_HOOKS += GNUPG_REMOVE_GPGSPLIT
|
|
|
|
endif
|
|
|
|
|
package/gnupg: fix TAR path in gpg-zip script
gnupg installs a shell script called gpg-zip, which contains a
reference to the 'tar' program. Unfortunately, the location of the tar
program is determined at build time, and is therefore incorrect on the
target. This causes runtime issues, but also potentially leaks some
host paths into the target, causing BR2_REPRODUCIBLE=y failures.
gnupg has a --with-tar option, but it doesn't work properly as the
implementation of the GNUPG_CHECK_USTAR m4 macro in m4/tar-ustar.m4 is
incomplete:
- If --with-tar is passed, AC_PATH_PROG is not called, so the TAR
variable is not defined and AC_SUBST([TAR]) is not called, so the
@TAR@ replacement in tools/gpg-zip.in is replaced by the empty
string.
- If --with-tar is passed, the check that this tar version support
the ustar format is not executed, so the HAVE_USTAR automake
conditional is never defined. There is unfortunately no way to
determine if the target tar supports ustar or not, but since even
the Busybox variant apparently does, we can probably assume all tar
versions that Buildroot can build support the ustar format.
Fixing this logic is a bit cumbersome, gnupg 1.4.x is not really
maintained anymore and fixing the logic would require an AUTORECONF =
YES.
So we just opt with a very simple solution: replace TAR=something by
TAR=/bin/tar, through a post-install target hook. We only do this if
gpg-zip is installed, since its installation is optional. Note that
the logic is still not ideal, because the installation (or not) of
gpg-zip depends on whether the system/host tar has ustar format or
not.
Fixes the gpg-zip reproducibility issue reported in:
http://autobuild.buildroot.net/results/d1c/d1c5ad34ba928edfbb5901eb936c7e4457cc9083//diffoscope-results.txt
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2019-12-26 23:14:36 +01:00
|
|
|
define GNUPG_FIXUP_GPG_ZIP
|
|
|
|
test -f $(TARGET_DIR)/usr/bin/gpg-zip && \
|
|
|
|
$(SED) 's%^TAR=.*%TAR=/bin/tar%' $(TARGET_DIR)/usr/bin/gpg-zip
|
|
|
|
endef
|
|
|
|
GNUPG_POST_INSTALL_TARGET_HOOKS += GNUPG_FIXUP_GPG_ZIP
|
|
|
|
|
2012-10-15 09:19:55 +02:00
|
|
|
$(eval $(autotools-package))
|
2017-12-11 18:04:29 +01:00
|
|
|
$(eval $(host-autotools-package))
|