diff options
author | Tudor Florea <tudor.florea@enea.com> | 2015-10-09 22:59:03 +0200 |
---|---|---|
committer | Tudor Florea <tudor.florea@enea.com> | 2015-10-09 22:59:03 +0200 |
commit | 972dcfcdbfe75dcfeb777150c136576cf1a71e99 (patch) | |
tree | 97a61cd7e293d7ae9d56ef7ed0f81253365bb026 /meta/recipes-support/gpgme | |
download | poky-972dcfcdbfe75dcfeb777150c136576cf1a71e99.tar.gz |
initial commit for Enea Linux 5.0 arm
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Diffstat (limited to 'meta/recipes-support/gpgme')
4 files changed, 147 insertions, 0 deletions
diff --git a/meta/recipes-support/gpgme/gpgme-1.4.3/disable_gpgconf_check.patch b/meta/recipes-support/gpgme/gpgme-1.4.3/disable_gpgconf_check.patch new file mode 100644 index 0000000000..df0953069c --- /dev/null +++ b/meta/recipes-support/gpgme/gpgme-1.4.3/disable_gpgconf_check.patch | |||
@@ -0,0 +1,39 @@ | |||
1 | From 1.2.0, gpgme will check if gpgconf & g13(from 1.3.0) exist, and cause | ||
2 | configure failure if not founding them in cross-compile environment. We can | ||
3 | add the gnupg-native to get them, but still have some issues: | ||
4 | |||
5 | 1. need add new package: libksba, update libassuan(not in sato), and extend | ||
6 | native support in some other packages(libgcrypt, libgpg-error, pth...) | ||
7 | 2. Even we have gnupg, the g13 only exist in development branch, so that we | ||
8 | still have the g13 check failure in configure. | ||
9 | |||
10 | I have searched the compile log, and found gpgconf/g13 are not used. So use a | ||
11 | simple method here, throw a warning mesg rather than an error here just like in | ||
12 | non-cross-compile environment. | ||
13 | |||
14 | Signed-off-by: Zhai Edwin <edwin.zhai@intel.com> | ||
15 | |||
16 | Upstream-Status: Inappropriate [embedded specific] | ||
17 | |||
18 | Index: gpgme-1.3.0/configure.ac | ||
19 | =================================================================== | ||
20 | --- gpgme-1.3.0.orig/configure.ac 2010-07-21 09:38:09.000000000 +0800 | ||
21 | +++ gpgme-1.3.0/configure.ac 2010-07-21 09:39:19.000000000 +0800 | ||
22 | @@ -574,7 +574,7 @@ | ||
23 | *** Could not find gpgconf, install gpgconf or use --with-gpgconf=PATH to enable it | ||
24 | ***]) | ||
25 | else | ||
26 | - AC_MSG_ERROR([ | ||
27 | + AC_MSG_WARN([ | ||
28 | *** | ||
29 | *** Can not determine path to gpgconf when cross-compiling, use --with-gpgconf=PATH | ||
30 | ***]) | ||
31 | @@ -670,7 +670,7 @@ | ||
32 | *** Could not find g13, install g13 or use --with-g13=PATH to enable it | ||
33 | ***]) | ||
34 | else | ||
35 | - AC_MSG_ERROR([ | ||
36 | + AC_MSG_WARN([ | ||
37 | *** | ||
38 | *** Can not determine path to g13 when cross-compiling, use --with-g13=PATH | ||
39 | ***]) | ||
diff --git a/meta/recipes-support/gpgme/gpgme-1.4.3/gpgme-fix-CVE-2014-3564.patch b/meta/recipes-support/gpgme/gpgme-1.4.3/gpgme-fix-CVE-2014-3564.patch new file mode 100644 index 0000000000..c728f58658 --- /dev/null +++ b/meta/recipes-support/gpgme/gpgme-1.4.3/gpgme-fix-CVE-2014-3564.patch | |||
@@ -0,0 +1,56 @@ | |||
1 | Upstream-Status: Backport | ||
2 | |||
3 | Backport patch to fix CVE-2014-3564. | ||
4 | |||
5 | http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gpgme.git;a=commit;h=2cbd76f7911fc215845e89b50d6af5ff4a83dd77 | ||
6 | |||
7 | Signed-off-by: Kai Kang <kai.kang@windriver.com> | ||
8 | --- | ||
9 | From 2cbd76f7911fc215845e89b50d6af5ff4a83dd77 Mon Sep 17 00:00:00 2001 | ||
10 | From: Werner Koch <wk@gnupg.org> | ||
11 | Date: Wed, 30 Jul 2014 11:04:55 +0200 | ||
12 | Subject: [PATCH 1/1] Fix possible realloc overflow for gpgsm and uiserver | ||
13 | engines. | ||
14 | |||
15 | After a realloc (realloc is also used for initial alloc) the allocated | ||
16 | size if the buffer is not correctly recorded. Thus an overflow can be | ||
17 | introduced by receiving data with different line lengths in a specific | ||
18 | order. This is not easy exploitable because libassuan constructs the | ||
19 | line. However a crash has been reported and thus it might be possible | ||
20 | to constructs an exploit. | ||
21 | |||
22 | CVE-id: CVE-2014-3564 | ||
23 | Reported-by: Tomáš Trnka | ||
24 | --- | ||
25 | src/engine-gpgsm.c | 2 +- | ||
26 | src/engine-uiserver.c | 2 +- | ||
27 | 3 files changed, 5 insertions(+), 2 deletions(-) | ||
28 | |||
29 | diff --git a/src/engine-gpgsm.c b/src/engine-gpgsm.c | ||
30 | index 8ec1598..3a83757 100644 | ||
31 | --- a/src/engine-gpgsm.c | ||
32 | +++ b/src/engine-gpgsm.c | ||
33 | @@ -836,7 +836,7 @@ status_handler (void *opaque, int fd) | ||
34 | else | ||
35 | { | ||
36 | *aline = newline; | ||
37 | - gpgsm->colon.attic.linesize += linelen + 1; | ||
38 | + gpgsm->colon.attic.linesize = *alinelen + linelen + 1; | ||
39 | } | ||
40 | } | ||
41 | if (!err) | ||
42 | diff --git a/src/engine-uiserver.c b/src/engine-uiserver.c | ||
43 | index 2738c36..a7184b7 100644 | ||
44 | --- a/src/engine-uiserver.c | ||
45 | +++ b/src/engine-uiserver.c | ||
46 | @@ -698,7 +698,7 @@ status_handler (void *opaque, int fd) | ||
47 | else | ||
48 | { | ||
49 | *aline = newline; | ||
50 | - uiserver->colon.attic.linesize += linelen + 1; | ||
51 | + uiserver->colon.attic.linesize = *alinelen + linelen + 1; | ||
52 | } | ||
53 | } | ||
54 | if (!err) | ||
55 | -- | ||
56 | 2.1.4 | ||
diff --git a/meta/recipes-support/gpgme/gpgme-1.4.3/gpgme.pc b/meta/recipes-support/gpgme/gpgme-1.4.3/gpgme.pc new file mode 100644 index 0000000000..30a4d56d6e --- /dev/null +++ b/meta/recipes-support/gpgme/gpgme-1.4.3/gpgme.pc | |||
@@ -0,0 +1,10 @@ | |||
1 | prefix=/usr | ||
2 | libdir=${prefix}/lib | ||
3 | includedir=${prefix}/include | ||
4 | |||
5 | Name: gpgme | ||
6 | Description: GNU Privacy Guard Made Easy | ||
7 | Version: 1.4.3 | ||
8 | Requires: | ||
9 | Libs: -L${libdir} -lgpgme -lassuan -lgpg-error | ||
10 | Cflags: -I${includedir} | ||
diff --git a/meta/recipes-support/gpgme/gpgme_1.4.3.bb b/meta/recipes-support/gpgme/gpgme_1.4.3.bb new file mode 100644 index 0000000000..f16677e96e --- /dev/null +++ b/meta/recipes-support/gpgme/gpgme_1.4.3.bb | |||
@@ -0,0 +1,42 @@ | |||
1 | SUMMARY = "High-level GnuPG encryption/signing API" | ||
2 | DESCRIPTION = "GnuPG Made Easy (GPGME) is a library designed to make access to GnuPG easier for applications. It provides a High-Level Crypto API for encryption, decryption, signing, signature verification and key management" | ||
3 | HOMEPAGE = "http://www.gnupg.org/gpgme.html" | ||
4 | BUGTRACKER = "https://bugs.g10code.com/gnupg/index" | ||
5 | |||
6 | LICENSE = "GPLv2+ & LGPLv2.1+" | ||
7 | LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f \ | ||
8 | file://COPYING.LESSER;md5=bbb461211a33b134d42ed5ee802b37ff \ | ||
9 | file://src/gpgme.h.in;endline=23;md5=dccb4bb624011e36513c61ef0422d054 \ | ||
10 | file://src/engine.h;endline=22;md5=4b6d8ba313d9b564cc4d4cfb1640af9d" | ||
11 | |||
12 | SRC_URI = "ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-${PV}.tar.bz2 \ | ||
13 | file://disable_gpgconf_check.patch \ | ||
14 | file://gpgme.pc \ | ||
15 | file://gpgme-fix-CVE-2014-3564.patch \ | ||
16 | " | ||
17 | |||
18 | SRC_URI[md5sum] = "334e524cffa8af4e2f43ae8afe585672" | ||
19 | SRC_URI[sha256sum] = "2d1cc12411753752d9c5b9037e6fd3fd363517af720154768cc7b46b60120496" | ||
20 | |||
21 | DEPENDS = "libgpg-error libassuan" | ||
22 | |||
23 | EXTRA_OECONF = "--with-gpg=${bindir}/gpg --without-gpgsm" | ||
24 | |||
25 | BINCONFIG = "${bindir}/gpgme-config" | ||
26 | |||
27 | inherit autotools texinfo binconfig-disabled pkgconfig | ||
28 | |||
29 | PACKAGES =+ "${PN}-pthread" | ||
30 | FILES_${PN}-pthread = "${libdir}/libgpgme-pthread.so.*" | ||
31 | FILES_${PN}-dev += "${datadir}/common-lisp/source/gpgme/*" | ||
32 | |||
33 | do_configure_prepend () { | ||
34 | # Else these could be used in preference to those in aclocal-copy | ||
35 | rm -f ${S}/m4/gpg-error.m4 | ||
36 | rm -f ${S}/m4/libassuan.m4 | ||
37 | } | ||
38 | |||
39 | do_install_append () { | ||
40 | install -d ${D}${libdir}/pkgconfig | ||
41 | install -m 0644 ${WORKDIR}/gpgme.pc ${D}${libdir}/pkgconfig/ | ||
42 | } | ||