9 files changed, 0 insertions, 543 deletions
diff --git a/meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4242.patch b/meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4242.patch
deleted file mode 100644
index f0667741c8..0000000000
--- a/meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4242.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-From e2202ff2b704623efc6277fb5256e4e15bac5676 Mon Sep 17 00:00:00 2001
-From: Werner Koch <wk@gnupg.org>
-Date: Thu, 25 Jul 2013 11:17:52 +0200
-Subject: [PATCH] Mitigate a flush+reload cache attack on RSA secret
- exponents.
-commit e2202ff2b704623efc6277fb5256e4e15bac5676 from
-git://git.gnupg.org/libgcrypt.git
-* mpi/mpi-pow.c (gcry_mpi_powm): Always perfrom the mpi_mul for
-exponents in secure memory.
-Upstream-Status: Backport
-CVE: CVE-2013-4242
-Signed-off-by: Kai Kang <kai.kang@windriver.com>
--
-The attack is published as http://eprint.iacr.org/2013/448 :
-Flush+Reload: a High Resolution, Low Noise, L3 Cache Side-Channel
-Attack by Yuval Yarom and Katrina Falkner. 18 July 2013.
-  Flush+Reload is a cache side-channel attack that monitors access to
-  data in shared pages. In this paper we demonstrate how to use the
-  attack to extract private encryption keys from GnuPG.  The high
-  resolution and low noise of the Flush+Reload attack enables a spy
-  program to recover over 98% of the bits of the private key in a
-  single decryption or signing round. Unlike previous attacks, the
-  attack targets the last level L3 cache. Consequently, the spy
-  program and the victim do not need to share the execution core of
-  the CPU. The attack is not limited to a traditional OS and can be
-  used in a virtualised environment, where it can attack programs
-  executing in a different VM.
-Index: gnupg-1.4.7/mpi/mpi-pow.c
-===================================================================
--- gnupg-1.4.7.orig/mpi/mpi-pow.c
-+++ gnupg-1.4.7/mpi/mpi-pow.c
-@@ -212,7 +212,13 @@ mpi_powm( MPI res, MPI base, MPI exponen
-                tp = rp; rp = xp; xp = tp;
-                rsize = xsize;
- 
-               if( (mpi_limb_signed_t)e < 0 ) {
-+            /* To mitigate the Yarom/Falkner flush+reload cache
-+             * side-channel attack on the RSA secret exponent, we do
-+             * the multiplication regardless of the value of the
-+             * high-bit of E.  But to avoid this performance penalty
-+             * we do it only if the exponent has been stored in secure
-+             * memory and we can thus assume it is a secret exponent.  */
-+               if (esec || (mpi_limb_signed_t)e < 0) {
-                    /*mpihelp_mul( xp, rp, rsize, bp, bsize );*/
-                    if( bsize < KARATSUBA_THRESHOLD ) {
-                        mpihelp_mul( xp, rp, rsize, bp, bsize );
-@@ -227,6 +233,8 @@ mpi_powm( MPI res, MPI base, MPI exponen
-                        mpihelp_divrem(xp + msize, 0, xp, xsize, mp, msize);
-                        xsize = msize;
-                    }
-+               }
-+               if ( (mpi_limb_signed_t)e < 0 ) {
- 
-                    tp = rp; rp = xp; xp = tp;
-                    rsize = xsize;
diff --git a/meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4351.patch b/meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4351.patch
deleted file mode 100644
index b50a32f40c..0000000000
--- a/meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4351.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-Upstream-Status: Backport
-CVE: CVE-2013-4351
-Index: gnupg-1.4.7/g10/getkey.c
-===================================================================
--- gnupg-1.4.7.orig/g10/getkey.c       2007-03-05 16:54:41.000000000 +0800
-+++ gnupg-1.4.7/g10/getkey.c    2013-11-28 14:41:59.640212240 +0800
-@@ -1454,7 +1454,11 @@
- 
-       if(flags)
-        key_usage |= PUBKEY_USAGE_UNKNOWN;
-+      if (!key_usage)
-+       key_usage |= PUBKEY_USAGE_NONE;
-     }
-+  else if (p)
-+    key_usage |= PUBKEY_USAGE_NONE;
- 
-   /* We set PUBKEY_USAGE_UNKNOWN to indicate that this key has a
-      capability that we do not handle.  This serves to distinguish
-Index: gnupg-1.4.7/g10/keygen.c
-===================================================================
--- gnupg-1.4.7.orig/g10/keygen.c       2007-02-05 00:27:40.000000000 +0800
-+++ gnupg-1.4.7/g10/keygen.c    2013-11-28 14:43:05.016670092 +0800
-@@ -209,9 +209,6 @@
-     if (use & PUBKEY_USAGE_AUTH)
-         buf[0] |= 0x20;
- 
-    if (!buf[0]) 
-        return;
-
-     build_sig_subpkt (sig, SIGSUBPKT_KEY_FLAGS, buf, 1);
- }
- 
-Index: gnupg-1.4.7/include/cipher.h
-===================================================================
--- gnupg-1.4.7.orig/include/cipher.h   2006-04-21 20:39:49.000000000 +0800
-+++ gnupg-1.4.7/include/cipher.h        2013-11-28 14:49:24.159322744 +0800
-@@ -52,6 +52,7 @@
- #define PUBKEY_USAGE_CERT    4      /* key is also good to certify other keys*/
- #define PUBKEY_USAGE_AUTH    8      /* key is good for authentication */
- #define PUBKEY_USAGE_UNKNOWN 128    /* key has an unknown usage bit */
-+#define PUBKEY_USAGE_NONE    256    /* No usage given. */
- 
- #define DIGEST_ALGO_MD5       1
- #define DIGEST_ALGO_SHA1      2
diff --git a/meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4576.patch b/meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4576.patch
deleted file mode 100644
index 5dcde1f9cb..0000000000
--- a/meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4576.patch
+++ /dev/null
@@ -1,154 +0,0 @@
-Upstream-Status: Backport
-CVE: CVE-2013-4576
-Index: gnupg-1.4.7/cipher/dsa.c
-===================================================================
--- gnupg-1.4.7.orig/cipher/dsa.c       2006-12-12 02:27:21.000000000 +0800
-+++ gnupg-1.4.7/cipher/dsa.c    2014-01-23 11:30:17.300915919 +0800
-@@ -287,6 +287,8 @@
-     MPI kinv;
-     MPI tmp;
- 
-+    mpi_normalize (hash);
-+
-     /* select a random k with 0 < k < q */
-     k = gen_k( skey->q );
- 
-Index: gnupg-1.4.7/cipher/elgamal.c
-===================================================================
--- gnupg-1.4.7.orig/cipher/elgamal.c   2006-12-12 03:08:05.000000000 +0800
-+++ gnupg-1.4.7/cipher/elgamal.c        2014-01-23 11:30:17.300915919 +0800
-@@ -376,6 +376,9 @@
- {
-     MPI t1 = mpi_alloc_secure( mpi_get_nlimbs( skey->p ) );
- 
-+    mpi_normalize (a);
-+    mpi_normalize (b);
-+
-     /* output = b/(a^x) mod p */
-     mpi_powm( t1, a, skey->x, skey->p );
-     mpi_invm( t1, t1, skey->p );
-Index: gnupg-1.4.7/cipher/random.c
-===================================================================
--- gnupg-1.4.7.orig/cipher/random.c    2006-11-03 18:09:39.000000000 +0800
-+++ gnupg-1.4.7/cipher/random.c 2014-01-23 11:31:53.993495462 +0800
-@@ -273,6 +273,18 @@
- }
- 
- 
-+/* Randomize the MPI */ 
-+void
-+randomize_mpi (MPI mpi, size_t nbits, int level)
-+{
-+  unsigned char *buffer;
-+
-+  buffer = get_random_bits (nbits, level, mpi_is_secure (mpi));
-+  mpi_set_buffer (mpi, buffer, (nbits+7)/8, 0);
-+  xfree (buffer);
-+}
-+
-+
- int
- random_is_faked()
- {
-Index: gnupg-1.4.7/cipher/random.h
-===================================================================
--- gnupg-1.4.7.orig/cipher/random.h    2006-02-09 19:29:29.000000000 +0800
-+++ gnupg-1.4.7/cipher/random.h 2014-01-23 11:30:17.300915919 +0800
-@@ -32,6 +32,7 @@
- int  random_is_faked(void);
- void random_disable_locking (void);
- void randomize_buffer( byte *buffer, size_t length, int level );
-+void randomize_mpi (MPI mpi, size_t nbits, int level);
- byte *get_random_bits( size_t nbits, int level, int secure );
- void fast_random_poll( void );
- 
-Index: gnupg-1.4.7/cipher/rsa.c
-===================================================================
--- gnupg-1.4.7.orig/cipher/rsa.c       2006-12-12 03:09:00.000000000 +0800
-+++ gnupg-1.4.7/cipher/rsa.c    2014-01-23 11:35:04.330639125 +0800
-@@ -301,9 +301,26 @@
- #if 0
-     mpi_powm( output, input, skey->d, skey->n );
- #else
-    MPI m1   = mpi_alloc_secure( mpi_get_nlimbs(skey->n)+1 );
-    MPI m2   = mpi_alloc_secure( mpi_get_nlimbs(skey->n)+1 );
-    MPI h    = mpi_alloc_secure( mpi_get_nlimbs(skey->n)+1 );
-+    int nlimbs = mpi_get_nlimbs (skey->n)+1;
-+    MPI m1   = mpi_alloc_secure (nlimbs);
-+    MPI m2   = mpi_alloc_secure (nlimbs);
-+    MPI h    = mpi_alloc_secure (nlimbs);
-+# if 1
-+    MPI bdata= mpi_alloc_secure (nlimbs);
-+    MPI r    = mpi_alloc_secure (nlimbs);
-+# endif
-+
-+    /* Remove superfluous leading zeroes from INPUT.  */
-+    mpi_normalize (input);
-+
-+# if 1 
-+    /* Blind:  bdata = (data * r^e) mod n   */
-+    randomize_mpi (r, mpi_get_nbits (skey->n), 0);
-+    mpi_fdiv_r (r, r, skey->n);
-+    mpi_powm (bdata, r, skey->e, skey->n);
-+    mpi_mulm (bdata, bdata, input, skey->n);
-+    input = bdata;
-+# endif
- 
-     /* m1 = c ^ (d mod (p-1)) mod p */
-     mpi_sub_ui( h, skey->p, 1  );
-@@ -321,8 +338,15 @@
-     /* m = m2 + h * p */
-     mpi_mul ( h, h, skey->p );
-     mpi_add ( output, m1, h );
-    /* ready */
-    
-+
-+# if 1
-+    mpi_free (bdata);
-+    /* Unblind: output = (output * r^(-1)) mod n  */
-+    mpi_invm (r, r, skey->n);
-+    mpi_mulm (output, output, r, skey->n);
-+    mpi_free (r);
-+# endif
-+
-     mpi_free ( h );
-     mpi_free ( m1 );
-     mpi_free ( m2 );
-@@ -397,6 +421,7 @@
- rsa_decrypt( int algo, MPI *result, MPI *data, MPI *skey )
- {
-     RSA_secret_key sk;
-+    MPI input;
- 
-     if( algo != 1 && algo != 2 )
-        return G10ERR_PUBKEY_ALGO;
-@@ -407,8 +432,14 @@
-     sk.p = skey[3];
-     sk.q = skey[4];
-     sk.u = skey[5];
-    *result = mpi_alloc_secure( mpi_get_nlimbs( sk.n ) );
-    secret( *result, data[0], &sk );
-+
-+    /* Mitigates side-channel attacks (CVE-2013-4576).  */
-+    input = mpi_alloc (0);
-+    mpi_normalize (data[0]);
-+    mpi_fdiv_r (input, data[0], sk.n);
-+    *result = mpi_alloc_secure (mpi_get_nlimbs (sk.n));
-+    secret (*result, input, &sk);
-+    mpi_free (input);
-     return 0;
- }
- 
-Index: gnupg-1.4.7/g10/gpgv.c
-===================================================================
--- gnupg-1.4.7.orig/g10/gpgv.c 2006-12-13 19:25:04.000000000 +0800
-+++ gnupg-1.4.7/g10/gpgv.c      2014-01-23 11:30:17.300915919 +0800
-@@ -390,6 +390,7 @@
- void random_dump_stats(void) {}
- int quick_random_gen( int onoff ) { return -1;}
- void randomize_buffer( byte *buffer, size_t length, int level ) {}
-+void randomize_mpi (MPI mpi, size_t nbits, int level) {}
- int random_is_faked() { return -1;}
- byte *get_random_bits( size_t nbits, int level, int secure ) { return NULL;}
- void set_random_seed_file( const char *name ) {}
diff --git a/meta/recipes-support/gnupg/gnupg-1.4.7/GnuPG1-CVE-2012-6085.patch b/meta/recipes-support/gnupg/gnupg-1.4.7/GnuPG1-CVE-2012-6085.patch
deleted file mode 100644
index 362717636b..0000000000
--- a/meta/recipes-support/gnupg/gnupg-1.4.7/GnuPG1-CVE-2012-6085.patch
+++ /dev/null
@@ -1,64 +0,0 @@
-commit f0b33b6fb8e0586e9584a7a409dcc31263776a67
-Author: Werner Koch <wk@gnupg.org>
-Date:   Thu Dec 20 09:43:41 2012 +0100
-    gpg: Import only packets which are allowed in a keyblock.
-    
-    * g10/import.c (valid_keyblock_packet): New.
-    (read_block): Store only valid packets.
-    --
-    
-    A corrupted key, which for example included a mangled public key
-    encrypted packet, used to corrupt the keyring.  This change skips all
-    packets which are not allowed in a keyblock.
-    
-    GnuPG-bug-id: 1455
-    
-    (cherry-picked from commit f795a0d59e197455f8723c300eebf59e09853efa)
-Upstream-Status: Backport
-CVE: CVE-2012-6085
-Signed-off-by: Saul Wold <sgw@linux.intel.com>
-diff --git a/g10/import.c b/g10/import.c
-index bfe02eb..a57b32e 100644
--- a/g10/import.c
-+++ b/g10/import.c
-@@ -384,6 +384,27 @@ import_print_stats (void *hd)
- }
- 
- 
-+/* Return true if PKTTYPE is valid in a keyblock.  */
-+static int
-+valid_keyblock_packet (int pkttype)
-+{
-+  switch (pkttype)
-+    {
-+    case PKT_PUBLIC_KEY:
-+    case PKT_PUBLIC_SUBKEY:
-+    case PKT_SECRET_KEY:
-+    case PKT_SECRET_SUBKEY:
-+    case PKT_SIGNATURE:
-+    case PKT_USER_ID:
-+    case PKT_ATTRIBUTE:
-+    case PKT_RING_TRUST:
-+      return 1;
-+    default:
-+      return 0;
-+    }
-+}
-+
-+
- /****************
-  * Read the next keyblock from stream A.
-  * PENDING_PKT should be initialzed to NULL
-@@ -461,7 +482,7 @@ read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root )
-            }
-            in_cert = 1;
-          default:
-           if( in_cert ) {
-+           if (in_cert && valid_keyblock_packet (pkt->pkttype)) {
-                if( !root )
-                    root = new_kbnode( pkt );
-                else
diff --git a/meta/recipes-support/gnupg/gnupg-1.4.7/configure.patch b/meta/recipes-support/gnupg/gnupg-1.4.7/configure.patch
deleted file mode 100644
index e005ac658f..0000000000
--- a/meta/recipes-support/gnupg/gnupg-1.4.7/configure.patch
+++ /dev/null
@@ -1,17 +0,0 @@
-Upstream-Status: Inappropriate [configuration]
-Signed-off-by: Saul Wold <sgw@linux.intel.com>
-Index: gnupg-1.4.7/configure.ac
-===================================================================
--- gnupg-1.4.7.orig/configure.ac
-+++ gnupg-1.4.7/configure.ac
-@@ -827,7 +827,6 @@ else
-   AC_SUBST(USE_NLS)
-   AC_SUBST(USE_INCLUDED_LIBINTL)
-   AC_SUBST(BUILD_INCLUDED_LIBINTL)
-  AM_PO_SUBDIRS
- fi
- 
- if test "$try_extensions" = yes || test x"$card_support" = xyes ; then
diff --git a/meta/recipes-support/gnupg/gnupg-1.4.7/curl_typeof_fix_backport.patch b/meta/recipes-support/gnupg/gnupg-1.4.7/curl_typeof_fix_backport.patch
deleted file mode 100644
index e5fb24aa63..0000000000
--- a/meta/recipes-support/gnupg/gnupg-1.4.7/curl_typeof_fix_backport.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-This has been discussed in a couple of different bug reported
-upstream:
-http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=486250
-http://bugs.sourcemage.org/show_bug.cgi?id=14446
-Fix:
-http://lists.gnupg.org/pipermail/gnupg-devel/2008-April/024344.html
-Upstream-Status: Backport [Debian]
-Signed-off-by: Saul Wold <sgw@linux.intel.com>
-Index: gnupg-1.4.7/keyserver/gpgkeys_curl.c
-===================================================================
--- gnupg-1.4.7.orig/keyserver/gpgkeys_curl.c
-+++ gnupg-1.4.7/keyserver/gpgkeys_curl.c
-@@ -286,7 +286,7 @@ main(int argc,char *argv[])
-       curl_easy_setopt(curl,CURLOPT_VERBOSE,1);
-     }
- 
-  curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER,opt->flags.check_cert);
-+  curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER,(long)opt->flags.check_cert);
-   curl_easy_setopt(curl,CURLOPT_CAINFO,opt->ca_cert_file);
- 
-   if(proxy)
diff --git a/meta/recipes-support/gnupg/gnupg-1.4.7/long-long-thumb.patch b/meta/recipes-support/gnupg/gnupg-1.4.7/long-long-thumb.patch
deleted file mode 100644
index 2855cab24b..0000000000
--- a/meta/recipes-support/gnupg/gnupg-1.4.7/long-long-thumb.patch
+++ /dev/null
@@ -1,19 +0,0 @@
-Orignal Patch came from OpenWrt via OE-Classic
-https://dev.openwrt.org/browser/packages/utils/gnupg/patches/001-mips_gcc4.4
-which is no longer a valid revision!
-Upstream-Status: Inappropriate [configuration]
--- gnupg/mpi/longlong.h~      2006-02-14 10:09:55.000000000 +0000
-+++ gnupg/mpi/longlong.h       2008-10-27 13:11:09.000000000 +0000
-@@ -181,7 +181,7 @@
- /***************************************
-  **************  ARM  ******************
-  ***************************************/
-#if defined (__arm__) && W_TYPE_SIZE == 32
-+#if defined (__arm__) && W_TYPE_SIZE == 32 && !defined(__thumb__)
- #define add_ssaaaa(sh, sl, ah, al, bh, bl) \
-   __asm__ ("adds %1, %4, %5\n"                                          \
-          "adc  %0, %2, %3"                                            \
diff --git a/meta/recipes-support/gnupg/gnupg-1.4.7/mips_gcc4.4.patch b/meta/recipes-support/gnupg/gnupg-1.4.7/mips_gcc4.4.patch
deleted file mode 100644
index 9a03b2b705..0000000000
--- a/meta/recipes-support/gnupg/gnupg-1.4.7/mips_gcc4.4.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-From Openembedded-Classic
-    gnupg-1.4.10: Readd the ARM Thumb patch as debian has no thumb support
-Upstream-Status: Inappropriate [embedded-specific]
-Index: gnupg-1.4.10/mpi/longlong.h
-===================================================================
--- gnupg-1.4.10.orig/mpi/longlong.h    2008-12-11 17:39:43.000000000 +0100
-+++ gnupg-1.4.10/mpi/longlong.h 2010-03-27 14:27:53.000000000 +0100
-@@ -706,18 +706,35 @@
- #endif /* __m88110__ */
- #endif /* __m88000__ */
- 
-+/* Test for gcc >= maj.min, as per __GNUC_PREREQ in glibc */
-+#if defined (__GNUC__) && defined (__GNUC_MINOR__)
-+#define __GNUC_PREREQ(maj, min) \
-+       ((__GNUC__ << 16) + __GNUC_MINOR__ >= ((maj) << 16) + (min))
-+#else
-+#define __GNUC_PREREQ(maj, min)  0
-+#endif
-+
- /***************************************
-  **************  MIPS  *****************
-  ***************************************/
- #if defined (__mips__) && W_TYPE_SIZE == 32
-#if __GNUC__ > 2 || __GNUC_MINOR__ >= 7
-+#if __GNUC_PREREQ (4,4)
-+#define umul_ppmm(w1, w0, u, v) \
-+  do {                                                                 \
-+       UDItype __ll = (UDItype)(u) * (v);                                 \
-+       w1 = __ll >> 32;                                                   \
-+       w0 = __ll;                                                         \
-+  } while (0)
-+#endif
-+#if !defined (umul_ppmm) && __GNUC_PREREQ (2,7)
- #define umul_ppmm(w1, w0, u, v) \
-   __asm__ ("multu %2,%3"                                                \
-           : "=l" ((USItype)(w0)),                                      \
-             "=h" ((USItype)(w1))                                       \
-           : "d" ((USItype)(u)),                                        \
-             "d" ((USItype)(v)))
-#else
-+#endif
-+#if !defined (umul_ppmm)
- #define umul_ppmm(w1, w0, u, v) \
-   __asm__ ("multu %2,%3 \n" \
-           "mflo %0 \n"     \
diff --git a/meta/recipes-support/gnupg/gnupg_1.4.7.bb b/meta/recipes-support/gnupg/gnupg_1.4.7.bb
deleted file mode 100644
index 6ccffd54ca..0000000000
--- a/meta/recipes-support/gnupg/gnupg_1.4.7.bb
+++ /dev/null
@@ -1,104 +0,0 @@
-SUMMARY = "GNU Privacy Guard - encryption and signing tools"
-HOMEPAGE = "http://www.gnupg.org/"
-DEPENDS = "zlib bzip2 readline"
-SECTION = "console/utils"
-LICENSE = "GPLv2"
-LIC_FILES_CHKSUM = "file://COPYING;md5=eb723b61539feef013de476e68b5c50a"
-PR = "r9"
-SRC_URI = "${GNUPG_MIRROR}/gnupg/gnupg-${PV}.tar.bz2 \
-           file://long-long-thumb.patch \
-           file://configure.patch \
-           file://mips_gcc4.4.patch \
-           file://GnuPG1-CVE-2012-6085.patch \
-           file://curl_typeof_fix_backport.patch \
-           file://CVE-2013-4351.patch \
-           file://CVE-2013-4576.patch \
-           file://CVE-2013-4242.patch \
-          "
-SRC_URI[md5sum] = "b06a141cca5cd1a55bbdd25ab833303c"
-SRC_URI[sha256sum] = "69d18b7d193f62ca27ed4febcb4c9044aa0c95305d3258fe902e2fae5fc6468d"
-inherit autotools gettext texinfo
-#   --with-egd-socket=NAME  use NAME for the EGD socket
-#   --with-photo-viewer=FIXED_VIEWER  set a fixed photo ID viewer
-#   --with-included-zlib    use the zlib code included here
-#   --with-capabilities     use linux capabilities default=no
-#   --with-mailprog=NAME    use "NAME -t" for mail transport
-#   --with-libiconv-prefix[=DIR]  search for libiconv in DIR/include and DIR/lib
-#   --without-libiconv-prefix     don't search for libiconv in includedir and libdir
-#   --with-included-gettext use the GNU gettext library included here
-#   --with-libintl-prefix[=DIR]  search for libintl in DIR/include and DIR/lib
-#   --without-libintl-prefix     don't search for libintl in includedir and libdir
-#   --without-readline      do not support fancy command line editing
-#   --with-included-regex   use the included GNU regex library
-#   --with-zlib=DIR         use libz in DIR
-#   --with-bzip2=DIR        look for bzip2 in DIR
-#   --enable-static-rnd=egd|unix|linux|auto
-#   --disable-dev-random    disable the use of dev random
-#   --disable-asm           do not use assembler modules
-#   --enable-m-guard        enable memory guard facility
-#   --enable-selinux-support
-#                           enable SELinux support
-#   --disable-card-support  disable OpenPGP card support
-#   --disable-gnupg-iconv   disable the new iconv code
-#   --enable-backsigs       enable the experimental backsigs code
-#   --enable-minimal        build the smallest gpg binary possible
-#   --disable-rsa           disable the RSA public key algorithm
-#   --disable-idea          disable the IDEA cipher
-#   --disable-cast5         disable the CAST5 cipher
-#   --disable-blowfish      disable the BLOWFISH cipher
-#   --disable-aes           disable the AES, AES192, and AES256 ciphers
-#   --disable-twofish       disable the TWOFISH cipher
-#   --disable-sha256        disable the SHA-256 digest
-#   --disable-sha512        disable the SHA-384 and SHA-512 digests
-#   --disable-bzip2         disable the BZIP2 compression algorithm
-#   --disable-exec          disable all external program execution
-#   --disable-photo-viewers disable photo ID viewers
-#   --disable-keyserver-helpers  disable all external keyserver support
-#   --disable-ldap          disable LDAP keyserver interface
-#   --disable-hkp           disable HKP keyserver interface
-#   --disable-http          disable HTTP key fetching interface
-#   --disable-finger        disable Finger key fetching interface
-#   --disable-mailto        disable email keyserver interface
-#   --disable-keyserver-path disable the exec-path option for keyserver helpers
-#   --enable-key-cache=SIZE Set key cache to SIZE (default 4096)
-#   --disable-largefile     omit support for large files
-#   --disable-dns-srv       disable the use of DNS SRV in HKP and HTTP
-#   --disable-nls           do not use Native Language Support
-#   --disable-regex         do not handle regular expressions in trust sigs
-EXTRA_OECONF = "--disable-ldap \
-                --with-zlib=${STAGING_LIBDIR}/.. \
-                --with-bzip2=${STAGING_LIBDIR}/.. \
-                --disable-selinux-support \
-                --with-readline=${STAGING_LIBDIR}/.. \
-                ac_cv_sys_symbol_underscore=no \
-                "
-# Force gcc's traditional handling of inline to avoid issues with gcc 5
-CFLAGS += "-fgnu89-inline"
-do_install () {
-        autotools_do_install
-        install -d ${D}${docdir}/${BPN}
-        mv ${D}${datadir}/${BPN}/* ${D}/${docdir}/${BPN}/ || :
-        mv ${D}${prefix}/doc/* ${D}/${docdir}/${BPN}/ || :
-}
-# split out gpgv from main package
-RDEPENDS_${PN} = "gpgv"
-PACKAGES =+ "gpgv"
-FILES_gpgv = "${bindir}/gpgv"
-# Exclude debug files from the main packages
-FILES_${PN} = "${bindir}/* ${datadir}/${BPN} ${libexecdir}/${BPN}/*"
-PACKAGECONFIG ??= ""
-PACKAGECONFIG[curl] = "--with-libcurl=${STAGING_LIBDIR},--without-libcurl,curl"
-PACKAGECONFIG[libusb] = "--with-libusb=${STAGING_LIBDIR},--without-libusb,libusb-compat"