Commit Graph

29 Commits

Author SHA1 Message Date
Baruch Siach
97ec1ddd5a gnupg2: bump to version 2.2.4
Add license hash.

Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-12 19:53:56 +01:00
Baruch Siach
02a07dde42 gnupg2: bump to version 2.2.3
Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-12-14 06:33:11 +01:00
Baruch Siach
3587d29eae gnupg2: bump to version 2.2.2
Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-11-27 21:56:49 +01:00
Baruch Siach
86dfb429ae gnupg2: don't preserve the old gpg2 executable name
Commit e82fadab23 (gnupg2: bump to version 2.2.0) added a configure
option to keep the old 'gpg2' executable name to avoid conflict with the
gnupg package. It turns out that gnupg depends on !BR2_PACKAGE_GNUPG2
since commit 2cadb26e6d (gnupg: make gnupg and gnupg2 mutually
exclusive). Drop this configure option.

Rename the config option that controls the removal of gpgv2, now gpgv,
to match the new name. Add legacy config symbol handling.

Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-11-27 21:52:13 +01:00
Baruch Siach
e82fadab23 gnupg2: bump to version 2.2.0
Switch to https download for firewall compatibility and security.

As upstream now defaults to 'gpg' for the main binary name, keep the
'gpg2' name as in previous releases, to avoid conflict with the gnupg
package.

Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-09-03 14:21:43 +02:00
Baruch Siach
72007d80d4 gnupg2: drop non-wchar toolchain workaround
gnupg2 removed gnulib in version 2.1.1. The workaround for non-wchar
toolchains introduced in commit 8a87887095 (gnupg2: fix build on
non-wchar toolchains), is no longer needed.

Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Romain Naour <romain.naour@openwide.fr>
Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-09-03 14:21:31 +02:00
Baruch Siach
65818acad6 gnupg2: switch optional dependency to libusb
gnupg2 migrated to libusb-1.0 in version 2.1.12.

Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-09-03 14:19:17 +02:00
Vicente Olivert Riera
3f265b3eb4 gnupg2: bump version to 2.1.21
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-05-17 21:55:53 +02:00
Vicente Olivert Riera
32e8a130bf gnupg2: bump version to 2.1.20
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-04-04 13:01:39 +02:00
Rahul Bedarkar
337aa51f3f boot, package: use SPDX short identifier for GPLv3/GPLv3+
We want to use SPDX identifier for license string as much as possible.
SPDX short identifier for GPLv3/GPLv3+ is GPL-3.0/GPL-3.0+.

This change is done using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/\<GPLv3\>/GPL-3.0/g'

Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-04-01 15:17:59 +02:00
Bernd Kuhls
8ae1804ff6 package/gnupg2: fix libusb detection
gnupg2 does not use pkgconf to detect the include dir of libusb.

Fixes
http://autobuild.buildroot.net/results/70c/70c9f5f8ae77fbda2b5eba3aacf831430dc59a1c/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-03-21 22:51:03 +01:00
Bernd Kuhls
e71413b73b package/gnupg2: add optional support for gnutls
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-03-19 21:46:52 +01:00
Bernd Kuhls
cde1d5d8b8 package/gnupg2: add optional support for sqlite
Also add host-pkgconf to detect sqlite support, otherwise

checking pkg-config is at least version 0.9.0...
 ./configure: line 7981: /home/buildroot/br2/output/host/usr/bin/pkg-config: No such file or directory
no
[...]
checking for SQLITE3... no

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-03-19 21:46:46 +01:00
Bernd Kuhls
284e71a0ad package/gnupg2: bump version to 2.1.19
Support for GnuPG 2.0 will end 2017-12-31:
https://lists.gnupg.org/pipermail/gnupg-announce/2017q1/000402.html

Removed all patches:

- 0001-fix-pth-config-usage.patch
  Not needed anymore, gnupg2 now depends on libnpth:
  https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff;h=001352077cdc7e402421c77328bea1a052005673

- 0002-missing-include.patch
  Not needed anymore after upstream commit
  https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff;h=0367a4b8cfbf1f197e093ca2b83b27e0a409c3c7

- 0003-dont-run-tests.patch
  Not needed anymore after upstream commit
  https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff;h=4a232d23a8f51bebf9ee382e480248b4bde30f28

- 0004-silence-git-when-not-in-git-tree.patch
  Not needed anymore after upstream commit restricting the usage of git
  commands to the case where the directory .git exists
  https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff;h=b67e4e523e6d19d384e23c5bb03010caebd150e7

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-03-19 21:46:29 +01:00
Gustavo Zacarias
0ab0d80c7c gnupg2: bump to version 2.0.30
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-03-31 21:02:35 +02:00
Bernd Kuhls
e44f0ce289 package/gnupg2: add optional support for libusb-compat
When libusb-compat was compiled before, gnupg2 will use it as optional
dependency:

$ output/host/usr/bin/x86_64-linux-readelf -a output/target/usr/libexec/scdaemon | grep NEEDED
[...]
 0x0000000000000001 (NEEDED)             Shared library: [libusb-0.1.so.4]
[...]

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-02-21 21:26:51 +01:00
Yann E. MORIN
80677e0208 package/gnupg2: really do not run tests in cross-compilation
gnupg2 still tries to run test even if it tries to avoid it in
cross-compilation.

Really disable running the tests.

Since that requires a complete autoreconf, the existing patch against
configure is turned into a patch against the m4 macro.

since we autoreconf, we slightly patch configure.ac to not emit git
errors on stderr because it is not in a git tree.

[Thomas: rename patch 0000 to 0004, as suggested by Arnout.]

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-12-16 23:38:59 +01:00
Vicente Olivert Riera
a33f1917dc gnupg2: bump version to 2.0.29
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-09-11 19:49:14 +02:00
Gustavo Zacarias
90687cc72a gnupg2: bump to version 2.0.28
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2015-06-04 15:34:01 +02:00
Baruch Siach
b17e5352ca gnupg2: security bump to version 2.0.27
Fixes:

CVE-2015-1606: Use after free, resulting from failure to skip invalid packets

CVE-2015-1607: memcpy with overlapping ranges, resulting from incorrect
bitwise left shifts

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2015-02-27 13:56:49 +01:00
Thomas De Schampheleire
aaffd209fa packages: rename FOO_CONF_OPT into FOO_CONF_OPTS
To be consistent with the recent change of FOO_MAKE_OPT into FOO_MAKE_OPTS,
make the same change for FOO_CONF_OPT.

Sed command used:
   find * -type f | xargs sed -i 's#_CONF_OPT\>#&S#g'

Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-10-04 18:54:16 +02:00
Thomas Petazzoni
8a87887095 gnupg2: fix build on non-wchar toolchains
The gnupg2 configure script checks whether <stdint.h> complies with
C99. When doing this, it expects a number of WCHAR_* definitions to be
present, which is not the case on non-wchar capable toolchains. The
gnupg2 configure script then concludes that <stdint.h> is not
C99-compliant and generates its own, which causes some build failures
related to intmax_t being not defined.

Since wchar is not actually used in gnupg2, this commit fixes this
problem by forcing gnupg2 to think that our <stdint.h> is
C99-compliant.

Fixes:

  http://autobuild.buildroot.org/results/40f/40fff3bc304e1a83524f28be8f6afc2e217281ad/

And lots of similar issues. Thanks a lot for Romain Naour for the
initial investigation and lots of discussion on IRC about this issue.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Romain Naour <romain.naour@openwide.fr>
2014-10-01 23:14:47 +02:00
Romain Naour
5f9d235e66 package/gnupg2: add readline optional dependency
This is to improve build reproducibility.

[Thomas: add --with-readline and --without-readline options to
explicitly enable/disable readline usage.]

Signed-off-by: Romain Naour <romain.naour@openwide.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-10-01 22:45:24 +02:00
Romain Naour
b39e3e39eb package/gnupg2: add bzip2 optional dependency
This is to improve build reproducibility.

[Thomas: add --enable-bzip2 --with-bzip options.]

Signed-off-by: Romain Naour <romain.naour@openwide.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-10-01 22:45:21 +02:00
Peter Korsgaard
5aedb8be68 Merge branch 'next'
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-09-01 15:22:07 +02:00
Gustavo Zacarias
b13b0218c2 gnupg2: bump to version 2.0.26
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-08-27 21:33:31 +02:00
Vicente Olivert Riera
c0da68a90c gnupg2: Needs a suitable iconv implementation
gnupg2 needs a toolchain with locale support or a package which provides
a suitable iconv implementation (libiconv). Otherwise it will fail at
the configure phase with an error like this one:

*** It is now required to build with support for iconv
*** Please install a suitable iconv implementation.

Fixes:
  http://autobuild.buildroot.net/results/8c9/8c93c28533dfebffa8b2e34b1421d3fa3cdeb278/

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Reviewed-by: Markos Chandras <Markos.Chandras@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-08-15 22:30:36 +02:00
Gustavo Zacarias
79c77a6e7f gnupg2: security bump to version 2.0.25
Fixes CVE-2014-4617 (The do_uncompress function in g10/compress.c
allows context-dependent attackers to cause a denial of service
(infinite loop) via malformed compressed packets, as demonstrated by an
a3 01 5b ff byte sequence.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-08-04 20:08:54 +02:00
Vicente Olivert Riera
beb49d882e gnupg2: new package
[Thomas: use libpthsem instead of pth, remove !uclibc dependency,
minor formatting fixes in the .mk file.]

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Reviewed-by: Markos Chandras <Markos.Chandras@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-07-23 23:32:05 +02:00