Commit e82fadab23 (gnupg2: bump to version 2.2.0) added a configure
option to keep the old 'gpg2' executable name to avoid conflict with the
gnupg package. It turns out that gnupg depends on !BR2_PACKAGE_GNUPG2
since commit 2cadb26e6d (gnupg: make gnupg and gnupg2 mutually
exclusive). Drop this configure option.
Rename the config option that controls the removal of gpgv2, now gpgv,
to match the new name. Add legacy config symbol handling.
Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Switch to https download for firewall compatibility and security.
As upstream now defaults to 'gpg' for the main binary name, keep the
'gpg2' name as in previous releases, to avoid conflict with the gnupg
package.
Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
gnupg2 removed gnulib in version 2.1.1. The workaround for non-wchar
toolchains introduced in commit 8a87887095 (gnupg2: fix build on
non-wchar toolchains), is no longer needed.
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Romain Naour <romain.naour@openwide.fr>
Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
gnupg2 migrated to libusb-1.0 in version 2.1.12.
Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
We want to use SPDX identifier for license string as much as possible.
SPDX short identifier for GPLv3/GPLv3+ is GPL-3.0/GPL-3.0+.
This change is done using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/\<GPLv3\>/GPL-3.0/g'
Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Also add host-pkgconf to detect sqlite support, otherwise
checking pkg-config is at least version 0.9.0...
./configure: line 7981: /home/buildroot/br2/output/host/usr/bin/pkg-config: No such file or directory
no
[...]
checking for SQLITE3... no
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
When libusb-compat was compiled before, gnupg2 will use it as optional
dependency:
$ output/host/usr/bin/x86_64-linux-readelf -a output/target/usr/libexec/scdaemon | grep NEEDED
[...]
0x0000000000000001 (NEEDED) Shared library: [libusb-0.1.so.4]
[...]
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
gnupg2 still tries to run test even if it tries to avoid it in
cross-compilation.
Really disable running the tests.
Since that requires a complete autoreconf, the existing patch against
configure is turned into a patch against the m4 macro.
since we autoreconf, we slightly patch configure.ac to not emit git
errors on stderr because it is not in a git tree.
[Thomas: rename patch 0000 to 0004, as suggested by Arnout.]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes:
CVE-2015-1606: Use after free, resulting from failure to skip invalid packets
CVE-2015-1607: memcpy with overlapping ranges, resulting from incorrect
bitwise left shifts
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
To be consistent with the recent change of FOO_MAKE_OPT into FOO_MAKE_OPTS,
make the same change for FOO_CONF_OPT.
Sed command used:
find * -type f | xargs sed -i 's#_CONF_OPT\>#&S#g'
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The gnupg2 configure script checks whether <stdint.h> complies with
C99. When doing this, it expects a number of WCHAR_* definitions to be
present, which is not the case on non-wchar capable toolchains. The
gnupg2 configure script then concludes that <stdint.h> is not
C99-compliant and generates its own, which causes some build failures
related to intmax_t being not defined.
Since wchar is not actually used in gnupg2, this commit fixes this
problem by forcing gnupg2 to think that our <stdint.h> is
C99-compliant.
Fixes:
http://autobuild.buildroot.org/results/40f/40fff3bc304e1a83524f28be8f6afc2e217281ad/
And lots of similar issues. Thanks a lot for Romain Naour for the
initial investigation and lots of discussion on IRC about this issue.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Romain Naour <romain.naour@openwide.fr>
This is to improve build reproducibility.
[Thomas: add --with-readline and --without-readline options to
explicitly enable/disable readline usage.]
Signed-off-by: Romain Naour <romain.naour@openwide.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This is to improve build reproducibility.
[Thomas: add --enable-bzip2 --with-bzip options.]
Signed-off-by: Romain Naour <romain.naour@openwide.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
gnupg2 needs a toolchain with locale support or a package which provides
a suitable iconv implementation (libiconv). Otherwise it will fail at
the configure phase with an error like this one:
*** It is now required to build with support for iconv
*** Please install a suitable iconv implementation.
Fixes:
http://autobuild.buildroot.net/results/8c9/8c93c28533dfebffa8b2e34b1421d3fa3cdeb278/
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Reviewed-by: Markos Chandras <Markos.Chandras@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes CVE-2014-4617 (The do_uncompress function in g10/compress.c
allows context-dependent attackers to cause a denial of service
(infinite loop) via malformed compressed packets, as demonstrated by an
a3 01 5b ff byte sequence.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
[Thomas: use libpthsem instead of pth, remove !uclibc dependency,
minor formatting fixes in the .mk file.]
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Reviewed-by: Markos Chandras <Markos.Chandras@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>