diff options
author | Ross Burton <ross.burton@intel.com> | 2018-09-19 14:44:40 +0100 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2018-11-24 21:49:51 +0000 |
commit | 64a257fa22126c4a40ff7e03424a404e360ebe1e (patch) | |
tree | da2bb0dcc19936e79ebc1cf0b74cc67b1daa75c9 /meta/recipes-support | |
parent | 26864d29ef5b0476cc458ff14b536ef526826573 (diff) | |
download | poky-64a257fa22126c4a40ff7e03424a404e360ebe1e.tar.gz |
gnupg: patch gnupg-native to allow path relocation
GnuPG hard-codes $bindir etc and uses them to find the helper binaries, such as
gpg-agent. This breaks if gnupg-native is reused from sstate for a different
build directory and GPG signing of packages is required.
Patch in getenv() checks for gnupg-native when returning the hardcoded paths,
and create a wrapper script which overrides GNUPG_BINDIR. There are more paths
that can be overridden, but this one is sufficient to make GnuPG work.
(From OE-Core rev: dfd69ff889ed78bf137116583d8ae351859ee203)
(From OE-Core rev: ddaf41f210f80556eca1d0acaee1e3f9cbf80122)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-support')
-rw-r--r-- | meta/recipes-support/gnupg/gnupg/relocate.patch | 81 | ||||
-rw-r--r-- | meta/recipes-support/gnupg/gnupg_2.2.4.bb | 7 |
2 files changed, 87 insertions, 1 deletions
diff --git a/meta/recipes-support/gnupg/gnupg/relocate.patch b/meta/recipes-support/gnupg/gnupg/relocate.patch new file mode 100644 index 0000000000..87ec409ca3 --- /dev/null +++ b/meta/recipes-support/gnupg/gnupg/relocate.patch | |||
@@ -0,0 +1,81 @@ | |||
1 | Allow the environment to override where gnupg looks for its own files. Useful in native builds. | ||
2 | |||
3 | Upstream-Status: Inappropriate [OE-specific] | ||
4 | Signed-off-by: Ross Burton <ross.burton@intel.com> | ||
5 | |||
6 | diff --git a/common/homedir.c b/common/homedir.c | ||
7 | index e9e75d01e..19140aa0d 100644 | ||
8 | --- a/common/homedir.c | ||
9 | +++ b/common/homedir.c | ||
10 | @@ -760,7 +760,7 @@ gnupg_socketdir (void) | ||
11 | if (!name) | ||
12 | { | ||
13 | unsigned int dummy; | ||
14 | - name = _gnupg_socketdir_internal (0, &dummy); | ||
15 | + name = getenv("GNUPG_SOCKETDIR") ?: _gnupg_socketdir_internal (0, &dummy); | ||
16 | } | ||
17 | |||
18 | return name; | ||
19 | @@ -786,7 +786,7 @@ gnupg_sysconfdir (void) | ||
20 | } | ||
21 | return name; | ||
22 | #else /*!HAVE_W32_SYSTEM*/ | ||
23 | - return GNUPG_SYSCONFDIR; | ||
24 | + return getenv("GNUPG_SYSCONFDIR") ?: GNUPG_SYSCONFDIR; | ||
25 | #endif /*!HAVE_W32_SYSTEM*/ | ||
26 | } | ||
27 | |||
28 | @@ -815,7 +815,7 @@ gnupg_bindir (void) | ||
29 | else | ||
30 | return rdir; | ||
31 | #else /*!HAVE_W32_SYSTEM*/ | ||
32 | - return GNUPG_BINDIR; | ||
33 | + return getenv("GNUPG_BINDIR") ?: GNUPG_BINDIR; | ||
34 | #endif /*!HAVE_W32_SYSTEM*/ | ||
35 | } | ||
36 | |||
37 | @@ -828,7 +828,7 @@ gnupg_libexecdir (void) | ||
38 | #ifdef HAVE_W32_SYSTEM | ||
39 | return gnupg_bindir (); | ||
40 | #else /*!HAVE_W32_SYSTEM*/ | ||
41 | - return GNUPG_LIBEXECDIR; | ||
42 | + return getenv("GNUPG_LIBEXECDIR") ?: GNUPG_LIBEXECDIR; | ||
43 | #endif /*!HAVE_W32_SYSTEM*/ | ||
44 | } | ||
45 | |||
46 | @@ -842,7 +842,7 @@ gnupg_libdir (void) | ||
47 | name = xstrconcat (w32_rootdir (), DIRSEP_S "lib" DIRSEP_S "gnupg", NULL); | ||
48 | return name; | ||
49 | #else /*!HAVE_W32_SYSTEM*/ | ||
50 | - return GNUPG_LIBDIR; | ||
51 | + return getenv("GNUPG_LIBDIR") ?: GNUPG_LIBDIR; | ||
52 | #endif /*!HAVE_W32_SYSTEM*/ | ||
53 | } | ||
54 | |||
55 | @@ -856,7 +856,7 @@ gnupg_datadir (void) | ||
56 | name = xstrconcat (w32_rootdir (), DIRSEP_S "share" DIRSEP_S "gnupg", NULL); | ||
57 | return name; | ||
58 | #else /*!HAVE_W32_SYSTEM*/ | ||
59 | - return GNUPG_DATADIR; | ||
60 | + return getenv("GNUPG_DATADIR") ?: GNUPG_DATADIR; | ||
61 | #endif /*!HAVE_W32_SYSTEM*/ | ||
62 | } | ||
63 | |||
64 | @@ -872,7 +872,7 @@ gnupg_localedir (void) | ||
65 | NULL); | ||
66 | return name; | ||
67 | #else /*!HAVE_W32_SYSTEM*/ | ||
68 | - return LOCALEDIR; | ||
69 | + return getenv("LOCALEDIR") ?: LOCALEDIR; | ||
70 | #endif /*!HAVE_W32_SYSTEM*/ | ||
71 | } | ||
72 | |||
73 | @@ -940,7 +940,7 @@ gnupg_cachedir (void) | ||
74 | } | ||
75 | return dir; | ||
76 | #else /*!HAVE_W32_SYSTEM*/ | ||
77 | - return GNUPG_LOCALSTATEDIR "/cache/" PACKAGE_NAME; | ||
78 | + return getenv("GNUPG_LOCALSTATEDIR") ?: GNUPG_LOCALSTATEDIR "/cache/" PACKAGE_NAME; | ||
79 | #endif /*!HAVE_W32_SYSTEM*/ | ||
80 | } | ||
81 | |||
diff --git a/meta/recipes-support/gnupg/gnupg_2.2.4.bb b/meta/recipes-support/gnupg/gnupg_2.2.4.bb index d777fcb122..5a3688acfb 100644 --- a/meta/recipes-support/gnupg/gnupg_2.2.4.bb +++ b/meta/recipes-support/gnupg/gnupg_2.2.4.bb | |||
@@ -17,7 +17,8 @@ SRC_URI = "${GNUPG_MIRROR}/${BPN}/${BPN}-${PV}.tar.bz2 \ | |||
17 | file://CVE-2018-12020.patch \ | 17 | file://CVE-2018-12020.patch \ |
18 | file://CVE-2018-9234.patch \ | 18 | file://CVE-2018-9234.patch \ |
19 | " | 19 | " |
20 | SRC_URI_append_class-native = " file://0001-configure.ac-use-a-custom-value-for-the-location-of-.patch" | 20 | SRC_URI_append_class-native = " file://0001-configure.ac-use-a-custom-value-for-the-location-of-.patch \ |
21 | file://relocate.patch" | ||
21 | 22 | ||
22 | 23 | ||
23 | SRC_URI[md5sum] = "709e5af5bba84d251c520222e720972f" | 24 | SRC_URI[md5sum] = "709e5af5bba84d251c520222e720972f" |
@@ -45,6 +46,10 @@ do_install_append() { | |||
45 | ln -sf gpgv2 ${D}${bindir}/gpgv | 46 | ln -sf gpgv2 ${D}${bindir}/gpgv |
46 | } | 47 | } |
47 | 48 | ||
49 | do_install_append_class-native() { | ||
50 | create_wrapper ${D}${bindir}/gpg2 GNUPG_BINDIR=${STAGING_BINDIR_NATIVE} | ||
51 | } | ||
52 | |||
48 | PACKAGECONFIG ??= "gnutls" | 53 | PACKAGECONFIG ??= "gnutls" |
49 | PACKAGECONFIG[gnutls] = "--enable-gnutls, --disable-gnutls, gnutls" | 54 | PACKAGECONFIG[gnutls] = "--enable-gnutls, --disable-gnutls, gnutls" |
50 | PACKAGECONFIG[sqlite3] = "--enable-sqlite, --disable-sqlite, sqlite3" | 55 | PACKAGECONFIG[sqlite3] = "--enable-sqlite, --disable-sqlite, sqlite3" |