kumquat-buildroot/package/botan/botan.mk
Fabrice Fontaine f276188ef7 package/botan: security bump to version 2.19.3
Fix CVE-2022-43705: In Botan before 2.19.3, it is possible to forge OCSP
responses due to a certificate verification error. This issue was
introduced in Botan 1.11.34 (November 2016).

https://github.com/randombit/botan/security/advisories/GHSA-4v9w-qvcq-6q7w
https://github.com/randombit/botan/blob/2.19.3/news.rst

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-12-09 19:01:09 +01:00

105 lines
2.3 KiB
Makefile

################################################################################
#
# botan
#
################################################################################
BOTAN_VERSION = 2.19.3
BOTAN_SOURCE = Botan-$(BOTAN_VERSION).tar.xz
BOTAN_SITE = http://botan.randombit.net/releases
BOTAN_LICENSE = BSD-2-Clause
BOTAN_LICENSE_FILES = license.txt
BOTAN_CPE_ID_VENDOR = botan_project
BOTAN_INSTALL_STAGING = YES
BOTAN_DEPENDENCIES = host-python3
BOTAN_CONF_OPTS = \
--cpu=$(BR2_ARCH) \
--disable-cc-tests \
--os=linux \
--cc=gcc \
--cc-bin="$(TARGET_CXX)" \
--prefix=/usr \
--without-documentation
ifeq ($(BR2_TOOLCHAIN_HAS_LIBATOMIC),y)
BOTAN_CONF_OPTS += --extra-libs=atomic
endif
ifeq ($(BR2_SHARED_LIBS),y)
BOTAN_CONF_OPTS += \
--disable-static-library \
--enable-shared-library
else ifeq ($(BR2_STATIC_LIBS),y)
BOTAN_CONF_OPTS += \
--disable-shared-library \
--enable-static-library \
--no-autoload
else ifeq ($(BR2_SHARED_STATIC_LIBS),y)
BOTAN_CONF_OPTS += \
--enable-shared-library \
--enable-static-library
endif
ifeq ($(BR2_TOOLCHAIN_HAS_SSP),y)
BOTAN_CONF_OPTS += --with-stack-protector
else
BOTAN_CONF_OPTS += --without-stack-protector
endif
ifeq ($(BR2_TOOLCHAIN_USES_UCLIBC),y)
BOTAN_CONF_OPTS += --without-os-feature=getauxval
endif
ifeq ($(BR2_PACKAGE_BOOST_FILESYSTEM)$(BR2_PACKAGE_BOOST_SYSTEM),yy)
BOTAN_DEPENDENCIES += boost
BOTAN_CONF_OPTS += --with-boost
endif
ifeq ($(BR2_PACKAGE_BZIP2),y)
BOTAN_DEPENDENCIES += bzip2
BOTAN_CONF_OPTS += --with-bzip2
endif
ifeq ($(BR2_PACKAGE_SQLITE),y)
BOTAN_DEPENDENCIES += sqlite
BOTAN_CONF_OPTS += --with-sqlite
endif
ifeq ($(BR2_PACKAGE_XZ),y)
BOTAN_DEPENDENCIES += xz
BOTAN_CONF_OPTS += --with-lzma
endif
ifeq ($(BR2_PACKAGE_ZLIB),y)
BOTAN_DEPENDENCIES += zlib
BOTAN_CONF_OPTS += --with-zlib
endif
ifeq ($(BR2_POWERPC_CPU_HAS_ALTIVEC),)
BOTAN_CONF_OPTS += --disable-altivec
endif
ifeq ($(BR2_ARM_CPU_HAS_NEON),)
BOTAN_CONF_OPTS += --disable-neon
endif
define BOTAN_CONFIGURE_CMDS
(cd $(@D); $(TARGET_MAKE_ENV) ./configure.py $(BOTAN_CONF_OPTS))
endef
define BOTAN_BUILD_CMDS
$(TARGET_MAKE_ENV) $(MAKE) -C $(@D) AR="$(TARGET_AR)"
endef
define BOTAN_INSTALL_STAGING_CMDS
$(TARGET_MAKE_ENV) $(MAKE) -C $(@D) DESTDIR="$(STAGING_DIR)" install
endef
define BOTAN_INSTALL_TARGET_CMDS
$(TARGET_MAKE_ENV) $(MAKE) -C $(@D) DESTDIR="$(TARGET_DIR)" install
endef
$(eval $(generic-package))