summaryrefslogtreecommitdiffstats
path: root/meta/recipes-support/libgcrypt
Commit message (Collapse)AuthorAgeFilesLines
* recipes-support: Add missing HOMEPAGE and DESCRIPTION for recipesMeh Mbeh Ida Delphine2021-03-021-0/+3
| | | | | | | Fixes: [YOCTO #13471] Signed-off-by: Ida Delphine <idadelm@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: update 1.8.7 -> 1.9.2Alexander Kanavin2021-03-029-664/+67
| | | | | | | | | | | | | | | Drop backports. Add a patch that inserts missing spaces in Makefiles. Drop determinism.patch: upstream has moved the git stuff to an external script, which has a guard that checkes for presence of .git/ in source tree. License-Update: additional source file listed Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: Whitelisted CVEssaloni2021-02-061-0/+3
| | | | | | | | | | | | | | | | | | | | | | Whitelisted below CVEs: 1. CVE-2018-12433 Link: https://security-tracker.debian.org/tracker/CVE-2018-12433 Link: https://nvd.nist.gov/vuln/detail/CVE-2018-12433 CVE-2018-12433 is marked disputed and ignored by NVD as it does not impact crypt libraries for any distros and hence, can be safely marked whitelisted. 2. CVE-2018-12438 Link: https://security-tracker.debian.org/tracker/CVE-2018-12438 Link: https://ubuntu.com/security/CVE-2018-12438 CVE-2018-12438 was reported for affecting openjdk crypt libraries but there are no details available on which openjdk versions are affected and does not directly affect libgcrypt or any specific yocto distributions, hence, can be whitelisted. Signed-off-by: Saloni Jain <Saloni.Jain@kpit.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: upgrade 1.8.6 -> 1.8.7Alexander Kanavin2020-11-031-1/+1
| | | | | Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: upgrade 1.8.5 -> 1.8.6Richard Purdie2020-07-181-2/+1
| | | | Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: Fix determinism issueRichard Purdie2020-02-082-0/+33
| | | | | | | The build was injection git information from the wrong git tree, stop this to allow reproducible builds. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: upgrade 1.8.4 -> 1.8.5Trevor Gamblin2019-11-042-89/+55
| | | | | | | | | | Upgrade libgcrypt. Upstream repo now has a pkg-config feature. The new patch for compatibility with oe-core is a replacement for a patch that added pkg-config as a feature when upstream did not have it. Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* libgcrypt: fix CVE-2019-12904Yi Zhao2019-10-234-0/+603
| | | | | | | | | | | | | | | | | | In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.) Reference: https://nvd.nist.gov/vuln/detail/CVE-2019-12904 Patches from: https://github.com/gpg/libgcrypt/commit/1374254c2904ab5b18ba4a890856824a102d4705 https://github.com/gpg/libgcrypt/commit/daedbbb5541cd8ecda1459d3b843ea4d92788762 https://github.com/gpg/libgcrypt/commit/a4c561aab1014c3630bc88faf6f5246fee16b020 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* libgcrypt: upgrade 1.8.3 -> 1.8.4Hongxu Jia2018-11-231-2/+2
| | | | | Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: Add the LICENSES file to LIC_FILES_CHKSUMPeter Kjellerstedt2018-10-091-1/+2
| | | | | | | | | | The LICENSES file contains references to source files with other licenses than GPL/LGPL that stipulate that they shall be mentioned in any documentation accompanying a product including this library. License-Update: Add missing LICENSES file Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: 1.8.2 -> 1.8.3Hongxu Jia2018-07-031-2/+2
| | | | | Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* libcrypt: remove unused patch fileJuro Bystricky2018-01-291-96/+0
| | | | | Signed-off-by: Juro Bystricky <juro.bystricky@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: upgrade to 1.8.2Alexander Kanavin2018-01-101-2/+2
| | | | | Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: update from version 1.8.0 to 1.8.1Jussi Laako2017-11-052-163/+3
| | | | | | | Update libgcrypt version from 1.8.0 to 1.8.1. Signed-off-by: Jussi Laako <jussi.laako@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* libgcrypt: Fix building on armv6Paul Barker2017-10-162-0/+97
| | | | | | | | This patch is backported from the upstream git repository to fix building libgcrypt on armv6 platforms such as raspberrypi. Signed-off-by: Paul Barker <pbarker@toganlabs.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* libgcrypt: fix CVE-2017-0379Hongxu Jia2017-09-252-0/+159
| | | | | | | | Backport the fix from https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git; a=commit;h=bf76acbf0da6b0f245e491bec12c0f0a1b5be7c9 Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: 1.7.8 -> 1.8.0Hongxu Jia2017-08-175-35/+59
| | | | | | | | | | | Rebase patches: - add-pkgconfig-support.patch -> 0001 - libgcrypt-fix-building-error-with-O2-in-sysroot-path.patch -> 0002 - fix-ICE-failure-on-mips-with-option-O-and-g.patch -> 0003 - fix-undefined-reference-to-pthread.patch -> 0004 Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ossp-uuid, libffi, libgcrypt: Pass --tag=CC option to libtoolKhem Raj2017-08-091-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | libtool tries to guess the --tag value based on CC/CXX environment variables and the compile commandline generated by makefiles. This heuristics however fails when we construct CC variables in OE and add security flags to it, especially -fPIE -pie which are added by external compilers e.g. clang particularly. It fails because libtool removed PIE flags from compiler cmdline intelligently if it figures out that its building a library, which means that the CC variable passed from cmdline does not match with the compiler cmdline constructed by libtool and we end up with errors like | arm-bec-linux-musleabi-libtool: compile: unable to infer tagged configuration | arm-bec-linux-musleabi-libtool: error: specify a tag with '--tag' This works with internal gcc toolchain because we configure gcc for PIE when hardening is selected and dont pass -fPIE -pie options explicitly but this is not an option for clang, and some external gcc toolchains using older gcc This patch adds the --tag option to help libtool set correct tags in packages where it cant get it right via its heuristics Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* libgcrypt: upgrade to 1.7.8Ross Burton2017-07-191-2/+2
| | | | | | | | Fixes CVE-2017-7526, 'flush+reload side-channel attack on RSA secret keys dubbed "Sliding right into disaster"'. Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: merge bb and inc fileRoss Burton2017-07-192-51/+49
| | | | | Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: upgrade to 1.7.7Ross Burton2017-07-172-4/+4
| | | | Signed-off-by: Ross Burton <ross.burton@intel.com>
* libgcrypt: Do not restrict to ARM ISAKhem Raj2017-05-251-2/+0
| | | | | | | | | This works ok with thumb2 as well now a days It was added in 2006 http://git.openembedded.org/openembedded/commit/?id=037b00e3d629962e8d2bc4fcc944c9ecf9a240be Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* libgcrypt: 1.7.3 -> 1.7.6Hongxu Jia2017-02-152-4/+4
| | | | Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
* libgcrypt.inc: Add PACKAGECONFIG for 'capabilities'Nathan Rossi2017-02-051-2/+5
| | | | | | | | Add PACKAGECONFIG options for 'capabilities' which enables the libcap dependency. Signed-off-by: Nathan Rossi <nathan@nathanrossi.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* libgcrypt.inc: Enable nativesdkNathan Rossi2017-02-051-1/+1
| | | | | | | Enable nativesdk on this recipe. Signed-off-by: Nathan Rossi <nathan@nathanrossi.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* libgcrypt: upgrade to 1.7.3Hongxu Jia2016-08-232-4/+4
| | | | | Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* libgcrypt: upgrade to 1.7.2Fan Xin2016-08-102-4/+4
| | | | | Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* libgcrypt: upgrade to 1.7.0Hongxu Jia2016-06-145-61/+115
| | | | | | | | - Add fix-undefined-reference-to-pthread.patch to fix undefined reference to `pthread_create' Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnupg.org-hosted recipes: Change SRC_URI to https siteJussi Kukkonen2016-05-301-1/+2
| | | | | | | | | | | | | | | | https version seems more reliable and in an informal test fetching all gnupg recipes now takes <20% of the time it used to. Define GNUPG_MIRROR in bitbake.conf so future tweaks to this are easier. Replace some slower mirrors with the official ftp site and another from gnupg.org mirror list. Set UPSTREAM_CHECK_URI in all recipes that need it to "https://gnupg.org/download/index.html" as the directory listings are not up-to-date. Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* libgcrypt: update 1.6.4 -> 1.6.5Andre McCurdy2016-02-153-6/+4
| | | | | | | | | | | | | | Noteworthy changes in version 1.6.5 (2016-02-09) [C20/A0/R5] ------------------------------------------------ * Mitigate side-channel attack on ECDH with Weierstrass curves [CVE-2015-7511]. See http://www.cs.tau.ac.IL/~tromer/ecdh/ for details. * Fix build problem on Solaris. Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: 1.6.3 -> 1.6.4Hongxu Jia2016-01-132-4/+4
| | | | | Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: Fix Upstream-Status statementsRoss Burton2015-09-122-2/+2
| | | | | | | | Fix a variety of problems such as typos, bad punctuations, or incorrect Upstream-Status values. Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: modified the license of dumpsexp.Lei Maohui2015-04-191-2/+9
| | | | | | | Because dumpsexp.c is GPLv3. So pick up the dumpsexp and modified license to GPLv3. Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: 1.6.2 -> 1.6.3Robert Yang2015-04-072-4/+4
| | | | | Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: separate B and SRobert Yang2015-01-161-1/+3
| | | | | | | It works well now, and bump the PR to avoid: configure: error: source directory already configured; run "make distclean" there first Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
* libgcrypt: Ugrade to 1.6.2Saul Wold2014-11-093-175/+4
| | | | | | | Remove backported patch Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: Fix ARM assembly when building __PIC__Jackie Huang2014-09-162-0/+171
| | | | | | | | libgcrypt.so.20 contains .text relocations, backport a patch to fix it. Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* libgcrypt: Do not remove m4 files so aggressivelyPeter Kjellerstedt2014-08-151-2/+2
| | | | | | | | | Removing all m4 files in the m4 directory led to a number of non-fatal errors while running configure when the expected m4 macros could not be found. Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binconfig-disabled: Add class and useRichard Purdie2014-06-161-1/+3
| | | | | | | | | | | | | | | | | | | | This adds a binconfig-disabled class which can be used by recipes where a -config file is installed but we wish to disable it and just rely on the .pc files instead. Rather than simply deleting it, we make the script "exit 1" so that it can be found in PATH and raise a build error rather than something silently falling back to the build system for example. Rather than randomly finding -config files, this adds in the specification of a list of binconfig scripts which is more deterministic and maintainable moving forward. This patch converts various users in OE-Core to use this, a world build of OE-Core tests out ok with this change. There will likely be issues in other layers however, hence this being a RFT. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: fix do_configure failedRobert Yang2014-06-101-1/+1
| | | | | | | | | | Fixed: rm: cannot remove `/path/libgcrypt-1.6.1/m4/*.m4': No such file or directory We would meet this error if we stop the configure and run again. Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
* libgcrypt: workaround ICE failure on mips with '-O -g'Hongxu Jia2014-06-102-1/+74
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Hit a ICE and could reduce it to the following minimal example: 1. Only the size of array assigned with 2 caused the issue: $ cat > mipgcc-test.c << END int main (int argc, char **argv) { char *pStrArry[ARRAY_SIZE_MAX] = {"hello"}; int i = 0; while(pStrArry[i] && i<ARRAY_SIZE_MAX) { printf("%s\n", pStrArry[i]); i++; } return 0; } END 2. Only -O1 and -g on mips caused the issue: $ mips-poky-linux-gcc -O1 -g -o mipgcc-test mipgcc-test.c mipgcc-test.c: In function 'main': mipgcc-test.c:18:1: internal compiler error: in dwarf2out_var_location, at dwarf2out.c:20810 } ^ Please submit a full bug report, with preprocessed source if appropriate. See <http://gcc.gnu.org/bugs.html> for instructions [YOCTO #6034] 3. The quick workround is trying to enlarge the size of array with larger than 2. 4. File a bug to GNU, but it could not be reproduced on there environment. http://gcc.gnu.org/bugzilla/show_bug.cgi?id=60643 Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
* libgcrypt: Use pkg-config for dependenciesRichard Purdie2014-05-282-2/+107
| | | | | | Use pkg-config instead of -config files in the m4 macros. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: update to 1.6.1Saul Wold2014-05-062-4/+4
| | | | Signed-off-by: Saul Wold <sgw@linux.intel.com>
* Add texinfo.bbclass; recipes that use texinfo utils at build-time inherit it.Max Eliaser2014-05-011-1/+1
| | | | | | | | | | | The class itself currently does nothing. The idea is to mark all recipes that make use of the texinfo utilities. In the future, this class could be used to suppress the generation/formatting of documentation for performance, explicitly track dependencies on these utilities, and eliminate Yocto's current dependency on the host system's texinfo utilities. Signed-off-by: Max Eliaser <max.eliaser@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* autotools-brokensep: Mark recipes with broken separate build dir supportRichard Purdie2014-02-281-1/+1
| | | | | | | | | | This patch goes through the OE-Core recipes and marks those which use autotools but don't support a separate build directory (${S} != ${B}). A new class, autotools-brokensep is used for this purpose. This doesn't introduce any change in behaviour in its own right. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Replace one-line DESCRIPTION with SUMMARYPaul Eggleton2014-01-021-1/+1
| | | | | | | | | | | A lot of our recipes had short one-line DESCRIPTION values and no SUMMARY value set. In this case it's much better to just set SUMMARY since DESCRIPTION is defaulted from SUMMARY anyway and then the SUMMARY is at least useful. I also took the opportunity to fix up a lot of the new SUMMARY values, making them concisely explain the function of the recipe / package where possible. Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
* libgcrypt: fix compile error with '-O2' in sysroot pathChen Qi2013-12-142-1/+34
| | | | | | | | | | | | | | | Characters like '-O2' or '-Ofast' will be replaced by '-O1' when compiling cipher. If we are cross compiling libgcrypt and sysroot contains such characters, we would get compile errors because the sysroot path has been modified. Fix this by adding whitespaces before and after the original matching pattern in the sed command. [YOCTO #5628] Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
* libgcrypt: remove --without-pthRoss Burton2013-10-291-1/+1
| | | | | | | | This isn't recognised by configure, and the random number daemon that requires Pth isn't enabled. Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libgcrypt: upgrade to 1.5.3Saul Wold2013-08-022-4/+4
| | | | Signed-off-by: Saul Wold <sgw@linux.intel.com>
* libgcrypt: Update to 1.5.2Saul Wold2013-05-122-4/+4
| | | | Signed-off-by: Saul Wold <sgw@linux.intel.com>