From 972dcfcdbfe75dcfeb777150c136576cf1a71e99 Mon Sep 17 00:00:00 2001
From: Tudor Florea <tudor.florea@enea.com>
Date: Fri, 9 Oct 2015 22:59:03 +0200
Subject: initial commit for Enea Linux 5.0 arm

Signed-off-by: Tudor Florea <tudor.florea@enea.com>
---
 .../gpgme/gpgme-1.4.3/disable_gpgconf_check.patch  | 39 +++++++++++++++
 .../gpgme-1.4.3/gpgme-fix-CVE-2014-3564.patch      | 56 ++++++++++++++++++++++
 meta/recipes-support/gpgme/gpgme-1.4.3/gpgme.pc    | 10 ++++
 meta/recipes-support/gpgme/gpgme_1.4.3.bb          | 42 ++++++++++++++++
 4 files changed, 147 insertions(+)
 create mode 100644 meta/recipes-support/gpgme/gpgme-1.4.3/disable_gpgconf_check.patch
 create mode 100644 meta/recipes-support/gpgme/gpgme-1.4.3/gpgme-fix-CVE-2014-3564.patch
 create mode 100644 meta/recipes-support/gpgme/gpgme-1.4.3/gpgme.pc
 create mode 100644 meta/recipes-support/gpgme/gpgme_1.4.3.bb

(limited to 'meta/recipes-support/gpgme')

diff --git a/meta/recipes-support/gpgme/gpgme-1.4.3/disable_gpgconf_check.patch b/meta/recipes-support/gpgme/gpgme-1.4.3/disable_gpgconf_check.patch
new file mode 100644
index 0000000000..df0953069c
--- /dev/null
+++ b/meta/recipes-support/gpgme/gpgme-1.4.3/disable_gpgconf_check.patch
@@ -0,0 +1,39 @@
+From 1.2.0, gpgme will check if gpgconf & g13(from 1.3.0) exist, and cause
+configure failure if not founding them in cross-compile environment. We can
+add the gnupg-native to get them, but still have some issues:
+
+1. need add new package: libksba, update libassuan(not in sato), and extend
+   native support in some other packages(libgcrypt, libgpg-error, pth...)
+2. Even we have gnupg, the g13 only exist in development branch, so that we
+   still have the g13 check failure in configure.
+
+I have searched the compile log, and found gpgconf/g13 are not used. So use a
+simple method here, throw a warning mesg rather than an error here just like in
+non-cross-compile environment.
+
+Signed-off-by: Zhai Edwin <edwin.zhai@intel.com>
+
+Upstream-Status: Inappropriate [embedded specific]
+
+Index: gpgme-1.3.0/configure.ac
+===================================================================
+--- gpgme-1.3.0.orig/configure.ac	2010-07-21 09:38:09.000000000 +0800
++++ gpgme-1.3.0/configure.ac	2010-07-21 09:39:19.000000000 +0800
+@@ -574,7 +574,7 @@
+ *** Could not find gpgconf, install gpgconf or use --with-gpgconf=PATH to enable it
+ ***])
+     else
+-      AC_MSG_ERROR([
++      AC_MSG_WARN([
+ ***
+ *** Can not determine path to gpgconf when cross-compiling, use --with-gpgconf=PATH
+ ***])
+@@ -670,7 +670,7 @@
+ *** Could not find g13, install g13 or use --with-g13=PATH to enable it
+ ***])
+     else
+-      AC_MSG_ERROR([
++      AC_MSG_WARN([
+ ***
+ *** Can not determine path to g13 when cross-compiling, use --with-g13=PATH
+ ***])
diff --git a/meta/recipes-support/gpgme/gpgme-1.4.3/gpgme-fix-CVE-2014-3564.patch b/meta/recipes-support/gpgme/gpgme-1.4.3/gpgme-fix-CVE-2014-3564.patch
new file mode 100644
index 0000000000..c728f58658
--- /dev/null
+++ b/meta/recipes-support/gpgme/gpgme-1.4.3/gpgme-fix-CVE-2014-3564.patch
@@ -0,0 +1,56 @@
+Upstream-Status: Backport
+
+Backport patch to fix CVE-2014-3564.
+
+http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gpgme.git;a=commit;h=2cbd76f7911fc215845e89b50d6af5ff4a83dd77
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+---
+From 2cbd76f7911fc215845e89b50d6af5ff4a83dd77 Mon Sep 17 00:00:00 2001
+From: Werner Koch <wk@gnupg.org>
+Date: Wed, 30 Jul 2014 11:04:55 +0200
+Subject: [PATCH 1/1] Fix possible realloc overflow for gpgsm and uiserver
+ engines.
+
+After a realloc (realloc is also used for initial alloc) the allocated
+size if the buffer is not correctly recorded.  Thus an overflow can be
+introduced by receiving data with different line lengths in a specific
+order.  This is not easy exploitable because libassuan constructs the
+line.  However a crash has been reported and thus it might be possible
+to constructs an exploit.
+
+CVE-id: CVE-2014-3564
+Reported-by: TomÃ¡Å¡ Trnka
+---
+ src/engine-gpgsm.c    | 2 +-
+ src/engine-uiserver.c | 2 +-
+ 3 files changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/src/engine-gpgsm.c b/src/engine-gpgsm.c
+index 8ec1598..3a83757 100644
+--- a/src/engine-gpgsm.c
++++ b/src/engine-gpgsm.c
+@@ -836,7 +836,7 @@ status_handler (void *opaque, int fd)
+ 	      else
+ 		{
+ 		  *aline = newline;
+-		  gpgsm->colon.attic.linesize += linelen + 1;
++		  gpgsm->colon.attic.linesize = *alinelen + linelen + 1;
+ 		}
+ 	    }
+ 	  if (!err)
+diff --git a/src/engine-uiserver.c b/src/engine-uiserver.c
+index 2738c36..a7184b7 100644
+--- a/src/engine-uiserver.c
++++ b/src/engine-uiserver.c
+@@ -698,7 +698,7 @@ status_handler (void *opaque, int fd)
+ 	      else
+ 		{
+ 		  *aline = newline;
+-		  uiserver->colon.attic.linesize += linelen + 1;
++		  uiserver->colon.attic.linesize = *alinelen + linelen + 1;
+ 		}
+ 	    }
+ 	  if (!err)
+-- 
+2.1.4
diff --git a/meta/recipes-support/gpgme/gpgme-1.4.3/gpgme.pc b/meta/recipes-support/gpgme/gpgme-1.4.3/gpgme.pc
new file mode 100644
index 0000000000..30a4d56d6e
--- /dev/null
+++ b/meta/recipes-support/gpgme/gpgme-1.4.3/gpgme.pc
@@ -0,0 +1,10 @@
+prefix=/usr
+libdir=${prefix}/lib
+includedir=${prefix}/include
+
+Name: gpgme
+Description: GNU Privacy Guard Made Easy
+Version: 1.4.3
+Requires:
+Libs: -L${libdir} -lgpgme -lassuan -lgpg-error
+Cflags: -I${includedir}
diff --git a/meta/recipes-support/gpgme/gpgme_1.4.3.bb b/meta/recipes-support/gpgme/gpgme_1.4.3.bb
new file mode 100644
index 0000000000..f16677e96e
--- /dev/null
+++ b/meta/recipes-support/gpgme/gpgme_1.4.3.bb
@@ -0,0 +1,42 @@
+SUMMARY = "High-level GnuPG encryption/signing API"
+DESCRIPTION = "GnuPG Made Easy (GPGME) is a library designed to make access to GnuPG easier for applications. It provides a High-Level Crypto API for encryption, decryption, signing, signature verification and key management"
+HOMEPAGE = "http://www.gnupg.org/gpgme.html"
+BUGTRACKER = "https://bugs.g10code.com/gnupg/index"
+
+LICENSE = "GPLv2+ & LGPLv2.1+"
+LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f \
+                    file://COPYING.LESSER;md5=bbb461211a33b134d42ed5ee802b37ff \
+                    file://src/gpgme.h.in;endline=23;md5=dccb4bb624011e36513c61ef0422d054 \
+                    file://src/engine.h;endline=22;md5=4b6d8ba313d9b564cc4d4cfb1640af9d"
+
+SRC_URI = "ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-${PV}.tar.bz2 \
+           file://disable_gpgconf_check.patch \
+           file://gpgme.pc \
+           file://gpgme-fix-CVE-2014-3564.patch \
+          "
+
+SRC_URI[md5sum] = "334e524cffa8af4e2f43ae8afe585672"
+SRC_URI[sha256sum] = "2d1cc12411753752d9c5b9037e6fd3fd363517af720154768cc7b46b60120496"
+
+DEPENDS = "libgpg-error libassuan"
+
+EXTRA_OECONF = "--with-gpg=${bindir}/gpg --without-gpgsm"
+
+BINCONFIG = "${bindir}/gpgme-config"
+
+inherit autotools texinfo binconfig-disabled pkgconfig
+
+PACKAGES =+ "${PN}-pthread"
+FILES_${PN}-pthread = "${libdir}/libgpgme-pthread.so.*"
+FILES_${PN}-dev += "${datadir}/common-lisp/source/gpgme/*"
+
+do_configure_prepend () {
+	# Else these could be used in preference to those in aclocal-copy
+	rm -f ${S}/m4/gpg-error.m4
+	rm -f ${S}/m4/libassuan.m4
+}
+
+do_install_append () {
+        install -d ${D}${libdir}/pkgconfig
+        install -m 0644 ${WORKDIR}/gpgme.pc ${D}${libdir}/pkgconfig/
+}
-- 
cgit v1.2.3-54-g00ecf