mailarchive of the ptxdist mailing list
 help / color / mirror / Atom feed
* [ptxdist] [PATCH 1/4] libassuan: version bump 2.4.3 -> 2.5.1
@ 2018-01-16 15:52 Clemens Gruber
  2018-01-16 15:52 ` [ptxdist] [PATCH 2/4] libgcrypt: version bump 1.8.1 -> 1.8.2 Clemens Gruber
                   ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: Clemens Gruber @ 2018-01-16 15:52 UTC (permalink / raw)
  To: ptxdist; +Cc: Clemens Gruber

Signed-off-by: Clemens Gruber <clemens.gruber@pqgruber.com>
---
 rules/libassuan.make | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/rules/libassuan.make b/rules/libassuan.make
index b569a8845..3747ff982 100644
--- a/rules/libassuan.make
+++ b/rules/libassuan.make
@@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_LIBASSUAN) += libassuan
 #
 # Paths and names
 #
-LIBASSUAN_VERSION	:= 2.4.3
-LIBASSUAN_MD5		:= 8e01a7c72d3e5d154481230668e6eb5a
+LIBASSUAN_VERSION	:= 2.5.1
+LIBASSUAN_MD5		:= 4354b7ae296894f232ada226a062d7d7
 LIBASSUAN		:= libassuan-$(LIBASSUAN_VERSION)
 LIBASSUAN_SUFFIX	:= tar.bz2
 LIBASSUAN_URL		:= ftp://ftp.gnupg.org/gcrypt/libassuan/$(LIBASSUAN).$(LIBASSUAN_SUFFIX)
@@ -37,7 +37,8 @@ LIBASSUAN_LICENSE_FILES	:= \
 #
 LIBASSUAN_AUTOCONF := \
 	$(CROSS_AUTOCONF_USR) \
-	--enable-build-timestamp="$(PTXDIST_VERSION_YEAR)-$(PTXDIST_VERSION_MONTH)-01T00:00+0000"
+	--enable-build-timestamp="$(PTXDIST_VERSION_YEAR)-$(PTXDIST_VERSION_MONTH)-01T00:00+0000" \
+	--disable-doc
 
 # ----------------------------------------------------------------------------
 # Target-Install
-- 
2.15.1


_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [ptxdist] [PATCH 2/4] libgcrypt: version bump 1.8.1 -> 1.8.2
  2018-01-16 15:52 [ptxdist] [PATCH 1/4] libassuan: version bump 2.4.3 -> 2.5.1 Clemens Gruber
@ 2018-01-16 15:52 ` Clemens Gruber
  2018-01-16 15:52 ` [ptxdist] [PATCH 3/4] npth: new package Clemens Gruber
  2018-01-16 15:52 ` [ptxdist] [PATCH 4/4] gnupg: version bump 2.0.30 -> 2.2.4 Clemens Gruber
  2 siblings, 0 replies; 4+ messages in thread
From: Clemens Gruber @ 2018-01-16 15:52 UTC (permalink / raw)
  To: ptxdist; +Cc: Clemens Gruber

Signed-off-by: Clemens Gruber <clemens.gruber@pqgruber.com>
---
 rules/libgcrypt.make | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/rules/libgcrypt.make b/rules/libgcrypt.make
index b3bf59c36..66a04012e 100644
--- a/rules/libgcrypt.make
+++ b/rules/libgcrypt.make
@@ -17,8 +17,8 @@ PACKAGES-$(PTXCONF_LIBGCRYPT) += libgcrypt
 #
 # Paths and names
 #
-LIBGCRYPT_VERSION	:= 1.8.1
-LIBGCRYPT_MD5		:= b21817f9d850064d2177285f1073ec55
+LIBGCRYPT_VERSION	:= 1.8.2
+LIBGCRYPT_MD5		:= cfb0b5c79eab07686b6898160a407139
 LIBGCRYPT		:= libgcrypt-$(LIBGCRYPT_VERSION)
 LIBGCRYPT_SUFFIX	:= tar.bz2
 LIBGCRYPT_URL		:= http://artfiles.org/gnupg.org/libgcrypt/$(LIBGCRYPT).$(LIBGCRYPT_SUFFIX) ftp://ftp.gnupg.org/gcrypt/libgcrypt/$(LIBGCRYPT).$(LIBGCRYPT_SUFFIX)
-- 
2.15.1


_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [ptxdist] [PATCH 3/4] npth: new package
  2018-01-16 15:52 [ptxdist] [PATCH 1/4] libassuan: version bump 2.4.3 -> 2.5.1 Clemens Gruber
  2018-01-16 15:52 ` [ptxdist] [PATCH 2/4] libgcrypt: version bump 1.8.1 -> 1.8.2 Clemens Gruber
@ 2018-01-16 15:52 ` Clemens Gruber
  2018-01-16 15:52 ` [ptxdist] [PATCH 4/4] gnupg: version bump 2.0.30 -> 2.2.4 Clemens Gruber
  2 siblings, 0 replies; 4+ messages in thread
From: Clemens Gruber @ 2018-01-16 15:52 UTC (permalink / raw)
  To: ptxdist; +Cc: Clemens Gruber

Signed-off-by: Clemens Gruber <clemens.gruber@pqgruber.com>
---
 rules/npth.in   | 10 ++++++++++
 rules/npth.make | 61 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 71 insertions(+)
 create mode 100644 rules/npth.in
 create mode 100644 rules/npth.make

diff --git a/rules/npth.in b/rules/npth.in
new file mode 100644
index 000000000..a8db4f6ca
--- /dev/null
+++ b/rules/npth.in
@@ -0,0 +1,10 @@
+## SECTION=system_libraries
+
+config NPTH
+	tristate
+	prompt "npth"
+	help
+	  New Portable Threads Library used by GnuPG
+
+	  nPth is a library to provide the GNU Pth API and thus
+	  a non-preemptive threads implementation.
diff --git a/rules/npth.make b/rules/npth.make
new file mode 100644
index 000000000..6dda1e361
--- /dev/null
+++ b/rules/npth.make
@@ -0,0 +1,61 @@
+# -*-makefile-*-
+#
+# Copyright (C) 2018 by Clemens Gruber <clemens.gruber@pqgruber.com>
+#
+# See CREDITS for details about who has contributed to this project.
+#
+# For further information about the PTXdist project and license conditions
+# see the README file.
+#
+
+#
+# We provide this package
+#
+PACKAGES-$(PTXCONF_NPTH) += npth
+
+#
+# Paths and names
+#
+NPTH_VERSION		:= 1.5
+NPTH_MD5		:= 9ba2dc4302d2f32c66737c43ed191b1b
+NPTH			:= npth-$(NPTH_VERSION)
+NPTH_SUFFIX		:= tar.bz2
+NPTH_URL		:= ftp://ftp.gnupg.org/gcrypt/npth/$(NPTH).$(NPTH_SUFFIX)
+NPTH_SOURCE		:= $(SRCDIR)/$(NPTH).$(NPTH_SUFFIX)
+NPTH_DIR		:= $(BUILDDIR)/$(NPTH)
+NPTH_LICENSE		:= LGPL-2.1
+NPTH_LICENSE_FILES	:= \
+	file://COPYING.LIB;md5=2caced0b25dfefd4c601d92bd15116de
+
+# ----------------------------------------------------------------------------
+# Prepare
+# ----------------------------------------------------------------------------
+
+#
+# autoconf
+#
+NPTH_AUTOCONF := \
+	$(CROSS_AUTOCONF_USR) \
+	--disable-tests \
+	--enable-build-timestamp="$(PTXDIST_VERSION_YEAR)-$(PTXDIST_VERSION_MONTH)-01T00:00+0000"
+
+# ----------------------------------------------------------------------------
+# Target-Install
+# ----------------------------------------------------------------------------
+
+$(STATEDIR)/npth.targetinstall:
+	@$(call targetinfo)
+
+	@$(call install_init, npth)
+	@$(call install_fixup, npth,PRIORITY,optional)
+	@$(call install_fixup, npth,SECTION,base)
+	@$(call install_fixup, npth,AUTHOR,"Clemens Gruber")
+	@$(call install_fixup, npth,DESCRIPTION,"The new GNU portable threads library")
+
+	@$(call install_lib, npth, 0, 0, 0644, libnpth)
+
+	@$(call install_finish, npth)
+
+	@$(call touch)
+
+# vim: syntax=make
-- 
2.15.1


_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [ptxdist] [PATCH 4/4] gnupg: version bump 2.0.30 -> 2.2.4
  2018-01-16 15:52 [ptxdist] [PATCH 1/4] libassuan: version bump 2.4.3 -> 2.5.1 Clemens Gruber
  2018-01-16 15:52 ` [ptxdist] [PATCH 2/4] libgcrypt: version bump 1.8.1 -> 1.8.2 Clemens Gruber
  2018-01-16 15:52 ` [ptxdist] [PATCH 3/4] npth: new package Clemens Gruber
@ 2018-01-16 15:52 ` Clemens Gruber
  2 siblings, 0 replies; 4+ messages in thread
From: Clemens Gruber @ 2018-01-16 15:52 UTC (permalink / raw)
  To: ptxdist; +Cc: Clemens Gruber

Makes public key, cipher and hash algorithms configurable.

The binaries are now gpg and gpgv with symlinks gpg2 and gpgv2.

The gpgv patch is now upstream and can be removed.

Signed-off-by: Clemens Gruber <clemens.gruber@pqgruber.com>
---
 ...-tweak-default-options-for-extra-security.patch | 44 --------------
 patches/gnupg-2.0.30/series                        |  1 -
 rules/gnupg.in                                     | 68 +++++++++++++++++++++
 rules/gnupg.make                                   | 70 ++++++++++++++++------
 4 files changed, 121 insertions(+), 62 deletions(-)
 delete mode 100644 patches/gnupg-2.0.30/0001-gpgv-tweak-default-options-for-extra-security.patch
 delete mode 100644 patches/gnupg-2.0.30/series

diff --git a/patches/gnupg-2.0.30/0001-gpgv-tweak-default-options-for-extra-security.patch b/patches/gnupg-2.0.30/0001-gpgv-tweak-default-options-for-extra-security.patch
deleted file mode 100644
index ea5c43977..000000000
--- a/patches/gnupg-2.0.30/0001-gpgv-tweak-default-options-for-extra-security.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-From b531f2fd75be3f616073cba714d73324525fd3e4 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Sat, 9 Jul 2016 10:20:02 +0900
-Subject: [PATCH] gpgv: Tweak default options for extra security.
-
-* g10/gpgv.c (main): Set opt.no_sig _cache, so that it doesn't depend on
-cached status.  Similarly, set opt.flags.require_cross_cert for backsig
-validation for subkey signature.
-
---
-
-(backport of master
-commit e32c575e0f3704e7563048eea6d26844bdfc494b)
-
-It is common that an organization distributes binary keyrings with
-signature cache (Tag 12, Trust Packet) and people use gpgv to validate
-signature with such keyrings.  In such a use case, it is possible that
-the key validation itself is skipped.
-
-For the purpose of gpgv validation of signatures, we should not depend
-on signature cache in keyrings (if any), but we should validate the key
-by its self signature for primary key, and back signature for subkey.
-
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
----
- g10/gpgv.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/g10/gpgv.c b/g10/gpgv.c
-index b700f17..3b48a0e 100644
---- a/g10/gpgv.c
-+++ b/g10/gpgv.c
-@@ -163,6 +163,8 @@ main( int argc, char **argv )
-   opt.pgp2_workarounds = 1;
-   opt.keyserver_options.options|=KEYSERVER_AUTO_KEY_RETRIEVE;
-   opt.trust_model = TM_ALWAYS;
-+  opt.no_sig_cache = 1;
-+  opt.flags.require_cross_cert = 1;
-   opt.batch = 1;
- 
-   opt.homedir = default_homedir ();
--- 
-2.8.0.rc3
-
diff --git a/patches/gnupg-2.0.30/series b/patches/gnupg-2.0.30/series
deleted file mode 100644
index 62a2fae81..000000000
--- a/patches/gnupg-2.0.30/series
+++ /dev/null
@@ -1 +0,0 @@
-0001-gpgv-tweak-default-options-for-extra-security.patch
diff --git a/rules/gnupg.in b/rules/gnupg.in
index 25226558d..eac44f509 100644
--- a/rules/gnupg.in
+++ b/rules/gnupg.in
@@ -7,6 +7,7 @@ menuconfig GNUPG
 	select LIBASSUAN
 	select LIBGCRYPT
 	select LIBKSBA
+	select NPTH
 	select READLINE
 	select ZLIB
 	help
@@ -26,4 +27,71 @@ config GNUPG_GPGV
 	bool
 	prompt "Install gpgv2"
 
+menu "public key algorithms"
+
+config GNUPG_GPG_RSA
+	bool
+	default y
+	prompt "RSA"
+
+config GNUPG_GPG_ECDH
+	bool
+	prompt "ECDH"
+
+config GNUPG_GPG_ECDSA
+	bool
+	prompt "ECDSA"
+
+config GNUPG_GPG_EDDSA
+	bool
+	prompt "EdDSA"
+
+endmenu
+
+menu "cipher algorithms"
+
+config GNUPG_GPG_AES
+	bool
+	default y
+	prompt "AES"
+
+config GNUPG_GPG_BLOWFISH
+	bool
+	prompt "Blowfish"
+
+config GNUPG_GPG_CAMELLIA
+	bool
+	prompt "Camellia"
+
+config GNUPG_GPG_CAST5
+	bool
+	prompt "CAST5"
+
+config GNUPG_GPG_IDEA
+	bool
+	prompt "IDEA"
+
+config GNUPG_GPG_TWOFISH
+	bool
+	prompt "Twofish"
+
+endmenu
+
+menu "hash algorithms"
+
+config GNUPG_GPG_SHA
+	bool
+	default y
+	prompt "SHA"
+
+config GNUPG_GPG_MD5
+	bool
+	prompt "MD5"
+
+config GNUPG_GPG_RMD160
+	bool
+	prompt "RIPE-MD160"
+
+endmenu
+
 endif
diff --git a/rules/gnupg.make b/rules/gnupg.make
index 39f168714..78a331673 100644
--- a/rules/gnupg.make
+++ b/rules/gnupg.make
@@ -1,7 +1,8 @@
 # -*-makefile-*-
 #
 # Copyright (C) 2005 by Jiri Nesladek
-#          
+# Copyright (C) 2018 by Clemens Gruber <clemens.gruber@pqgruber.com>
+#
 # See CREDITS for details about who has contributed to this project.
 #
 # For further information about the PTXdist project and license conditions
@@ -16,8 +17,8 @@ PACKAGES-$(PTXCONF_GNUPG) += gnupg
 #
 # Paths and names
 #
-GNUPG_VERSION	:= 2.0.30
-GNUPG_MD5	:= 01bb47e669a78eaca90dbe6b4b4acc24
+GNUPG_VERSION	:= 2.2.4
+GNUPG_MD5	:= 709e5af5bba84d251c520222e720972f
 GNUPG		:= gnupg-$(GNUPG_VERSION)
 GNUPG_SUFFIX	:= tar.bz2
 GNUPG_URL	:= ftp://ftp.gnupg.org/gcrypt/gnupg/$(GNUPG).$(GNUPG_SUFFIX)
@@ -31,27 +32,61 @@ GNUPG_LICENSE	:= GPL-3.0+
 
 GNUPG_CONF_TOOL := autoconf
 GNUPG_CONF_OPT := $(CROSS_AUTOCONF_USR) \
-	$(GLOBAL_LARGE_FILE_OPTION) \
 	--enable-gpg \
 	--disable-gpgsm \
-	--disable-agent \
 	--disable-scdaemon \
-	--disable-tools \
+	--disable-g13 \
+	--disable-dirmngr \
 	--disable-doc \
+	--disable-symcryptrun \
 	--disable-gpgtar \
+	--disable-wks-tools \
+	--disable-gpg-is-gpg2 \
+	--$(call ptx/endis, PTXCONF_GLOBAL_SELINUX)-selinux-support \
+	--disable-large-secmem \
+	--enable-trust-models \
+	--disable-tofu \
+	--disable-libdns \
+	--$(call ptx/endis, PTXCONF_GNUPG_GPG_RSA)-gpg-rsa \
+	--$(call ptx/endis, PTXCONF_GNUPG_GPG_ECDH)-gpg-ecdh \
+	--$(call ptx/endis, PTXCONF_GNUPG_GPG_ECDSA)-gpg-ecdsa \
+	--$(call ptx/endis, PTXCONF_GNUPG_GPG_EDDSA)-gpg-eddsa \
+	--$(call ptx/endis, PTXCONF_GNUPG_GPG_IDEA)-gpg-idea \
+	--$(call ptx/endis, PTXCONF_GNUPG_GPG_CAST5)-gpg-cast5 \
+	--$(call ptx/endis, PTXCONF_GNUPG_GPG_BLOWFISH)-gpg-blowfish \
+	--$(call ptx/endis, PTXCONF_GNUPG_GPG_AES)-gpg-aes128 \
+	--$(call ptx/endis, PTXCONF_GNUPG_GPG_AES)-gpg-aes192 \
+	--$(call ptx/endis, PTXCONF_GNUPG_GPG_AES)-gpg-aes256 \
+	--$(call ptx/endis, PTXCONF_GNUPG_GPG_TWOFISH)-gpg-twofish \
+	--$(call ptx/endis, PTXCONF_GNUPG_GPG_CAMELLIA)-gpg-camellia128 \
+	--$(call ptx/endis, PTXCONF_GNUPG_GPG_CAMELLIA)-gpg-camellia192 \
+	--$(call ptx/endis, PTXCONF_GNUPG_GPG_CAMELLIA)-gpg-camellia256 \
+	--$(call ptx/endis, PTXCONF_GNUPG_GPG_MD5)-gpg-md5 \
+	--$(call ptx/endis, PTXCONF_GNUPG_GPG_RMD160)-gpg-rmd160 \
+	--$(call ptx/endis, PTXCONF_GNUPG_GPG_SHA)-gpg-sha224 \
+	--$(call ptx/endis, PTXCONF_GNUPG_GPG_SHA)-gpg-sha384 \
+	--$(call ptx/endis, PTXCONF_GNUPG_GPG_SHA)-gpg-sha512 \
+	--disable-zip \
+	--disable-bzip2 \
 	--disable-exec \
 	--disable-photo-viewers \
-	--disable-keyserver-helpers \
+	--disable-card-support \
+	--disable-ccid-driver \
+	--disable-dirmngr-auto-start \
+	$(GLOBAL_LARGE_FILE_OPTION) \
+	--disable-sqlite \
+	--disable-ntbtls \
+	--disable-gnutls \
 	--disable-ldap \
-	--disable-hkp \
-	--disable-finger \
-	--disable-keyserver-path \
-	--disable-standard-socket \
-	--disable-dns-srv \
-	--disable-nls \
 	--disable-rpath \
+	--disable-nls \
+	--enable-endian-check \
 	--disable-regex \
-	--disable-bzip2
+	--enable-optimization \
+	--disable-werror \
+	--disable-all-tests \
+	--disable-run-gnupg-user-socket \
+	--enable-build-timestamp="$(PTXDIST_VERSION_YEAR)-$(PTXDIST_VERSION_MONTH)-01T00:00+0000"
 
 ifndef PTXCONF_ICONV
 GNUPG_CONF_OPT += --without-libiconv-prefix
@@ -71,11 +106,12 @@ $(STATEDIR)/gnupg.targetinstall:
 	@$(call install_fixup, gnupg,DESCRIPTION,missing)
 
 ifdef PTXCONF_GNUPG_GPG
-	@$(call install_copy, gnupg, 0, 0, 0755, -, /usr/bin/gpg2)
-	@$(call install_link, gnupg, gpg2, /usr/bin/gpg)
+	@$(call install_copy, gnupg, 0, 0, 0755, -, /usr/bin/gpg)
+	@$(call install_link, gnupg, gpg, /usr/bin/gpg2)
 endif
 ifdef PTXCONF_GNUPG_GPGV
-	@$(call install_copy, gnupg, 0, 0, 0755, -, /usr/bin/gpgv2)
+	@$(call install_copy, gnupg, 0, 0, 0755, -, /usr/bin/gpgv)
+	@$(call install_link, gnupg, gpgv, /usr/bin/gpgv2)
 endif
 
 	@$(call install_finish, gnupg)
-- 
2.15.1


_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2018-01-16 15:53 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-01-16 15:52 [ptxdist] [PATCH 1/4] libassuan: version bump 2.4.3 -> 2.5.1 Clemens Gruber
2018-01-16 15:52 ` [ptxdist] [PATCH 2/4] libgcrypt: version bump 1.8.1 -> 1.8.2 Clemens Gruber
2018-01-16 15:52 ` [ptxdist] [PATCH 3/4] npth: new package Clemens Gruber
2018-01-16 15:52 ` [ptxdist] [PATCH 4/4] gnupg: version bump 2.0.30 -> 2.2.4 Clemens Gruber

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox