rename packages/ to recipes/ per earlier agreement

See links below for more details: http://thread.gmane.org/gmane.comp.handhelds.openembedded/21326 http://thread.gmane.org/gmane.comp.handhelds.openembedded/21816 Signed-off-by: Denys Dmytriyenko <denis@denix.org> Acked-by: Mike Westerhof <mwester@dls.net> Acked-by: Philip Balister <philip@balister.org> Acked-by: Khem Raj <raj.khem@gmail.com> Acked-by: Marcin Juszkiewicz <hrw@openembedded.org> Acked-by: Koen Kooi <koen@openembedded.org> Acked-by: Frans Meulenbroeks <fransmeulenbroeks@gmail.com>
author: Denys Dmytriyenko <denis@denix.org> 2009-03-17 14:32:59 -0400
committer: Denys Dmytriyenko <denis@denix.org> 2009-03-17 14:32:59 -0400
commit: 709c4d66e0b107ca606941b988bad717c0b45d9b (patch)
tree: 37ee08b1eb308f3b2b6426d5793545c38396b838 /recipes/gnupg
parent: fa6cd5a3b993f16c27de4ff82b42684516d433ba (diff)
download: openembedded-709c4d66e0b107ca606941b988bad717c0b45d9b.tar.gz
7 files changed, 321 insertions, 0 deletions
diff --git a/recipes/gnupg/gnupg-1.4.2.2/15_free_caps.patch b/recipes/gnupg/gnupg-1.4.2.2/15_free_caps.patch
new file mode 100644
index 0000000000..20949a7d49
--- /dev/null
+++ b/recipes/gnupg/gnupg-1.4.2.2/15_free_caps.patch
@@ -0,0 +1,93 @@
+--- /home/weasel/tmp/debian-gpg/gnupg-1.2.5/g10/status.c	2004-07-21 09:59:45.000000000 +0200
++++ gnupg-1.2.5/g10/status.c	2004-08-01 20:07:42.071690680 +0200
+@@ -346,6 +346,9 @@
+ {
+     char buf[100];
+     struct shmid_ds shmds;
++#ifdef USE_CAPABILITIES
++    cap_t caps;
++#endif
+ 
+ #ifndef IPC_RMID_DEFERRED_RELEASE
+     atexit( remove_shmid );
+@@ -371,7 +374,9 @@
+ 			    (unsigned)shm_size/1024, shm_area, shm_id );
+     if( lock_mem ) {
+ #ifdef USE_CAPABILITIES
+-	cap_set_proc( cap_from_text("cap_ipc_lock+ep") );
++	caps = cap_from_text("cap_ipc_lock=ep");
++	cap_set_proc( caps );
++	cap_free( caps );
+ #endif
+ 	/* (need the cast for Solaris with Sun's workshop compilers) */
+ 	if ( mlock ( (char*)shm_area, shm_size) )
+@@ -380,7 +385,9 @@
+ 	else
+ 	    shm_is_locked = 1;
+ #ifdef USE_CAPABILITIES
+-	cap_set_proc( cap_from_text("cap_ipc_lock+p") );
++	caps = cap_from_text("cap_ipc_lock=p");
++	cap_set_proc( caps );
++	cap_free( caps );
+ #endif
+     }
+ 
+@@ -407,7 +414,9 @@
+ 
+     if( lock_mem ) {
+ #ifdef USE_CAPABILITIES
+-	cap_set_proc( cap_from_text("cap_ipc_lock+ep") );
++	caps = cap_from_text("cap_ipc_lock=ep");
++	cap_set_proc( caps );
++	cap_free( caps );
+ #endif
+ #ifdef IPC_HAVE_SHM_LOCK
+ 	if ( shmctl (shm_id, SHM_LOCK, 0) )
+@@ -419,7 +428,9 @@
+ 	log_info("Locking shared memory %d failed: No way to do it\n", shm_id );
+ #endif
+ #ifdef USE_CAPABILITIES
+-	cap_set_proc( cap_from_text("cap_ipc_lock+p") );
++	caps = cap_from_text("cap_ipc_lock=p");
++	cap_set_proc( caps );
++	cap_free( caps );
+ #endif
+     }
+ 
+--- /home/weasel/tmp/debian-gpg/gnupg-1.2.5/util/secmem.c	2004-02-24 17:06:58.000000000 +0100
++++ gnupg-1.2.5/util/secmem.c	2004-08-01 20:08:10.873412378 +0200
+@@ -97,12 +97,18 @@
+ {
+ #if defined(USE_CAPABILITIES) && defined(HAVE_MLOCK)
+     int err;
++    cap_t caps;
++
++    caps = cap_from_text("cap_ipc_lock=ep");
++    cap_set_proc( caps );
++    cap_free( caps );
+ 
+-    cap_set_proc( cap_from_text("cap_ipc_lock+ep") );
+     err = mlock( p, n );
+     if( err && errno )
+ 	err = errno;
+-    cap_set_proc( cap_from_text("cap_ipc_lock+p") );
++    caps = cap_from_text("cap_ipc_lock=p");
++    cap_set_proc( caps );
++    cap_free( caps );
+ 
+     if( err ) {
+ 	if( errno != EPERM
+@@ -301,8 +307,12 @@
+     if( !n ) {
+ #ifndef __riscos__
+ #ifdef USE_CAPABILITIES
++	cap_t caps;
++
+ 	/* drop all capabilities */
+-	cap_set_proc( cap_from_text("all-eip") );
++	caps = cap_from_text("all-eip");
++	cap_set_proc( caps );
++	cap_free( caps );
+ 
+ #elif !defined(HAVE_DOSISH_SYSTEM)
+ 	uid_t uid;
diff --git a/recipes/gnupg/gnupg-1.4.2.2/16_min_privileges.patch b/recipes/gnupg/gnupg-1.4.2.2/16_min_privileges.patch
new file mode 100644
index 0000000000..b29233b33b
--- /dev/null
+++ b/recipes/gnupg/gnupg-1.4.2.2/16_min_privileges.patch
@@ -0,0 +1,68 @@
+--- gnupg-1.4.0/g10/g10.c	2004-12-16 09:47:36.000000000 +0000
++++ /tmp/dpep.O5S02c/gnupg-1.4.0/g10/g10.c	2005-02-03 23:31:40.645873299 +0000
+@@ -69,6 +69,11 @@
+ #endif
+ 
+ 
++#ifdef USE_CAPABILITIES
++#include <sys/capability.h>
++#include <sys/prctl.h>
++#endif
++
+ enum cmd_and_opt_values
+   {
+     aNull = 0,
+@@ -1618,6 +1623,10 @@
+ #ifdef USE_SHM_COPROCESSING
+     ulong requested_shm_size=0;
+ #endif
++#ifdef USE_CAPABILITIES
++    uid_t curr_uid;
++    cap_t caps;
++#endif
+ 
+ #ifdef __riscos__
+     opt.lock_once = 1;
+@@ -1629,6 +1638,33 @@
+      * when adding any stuff between here and the call to
+      * secmem_init()  somewhere after the option parsing
+      */
++
++    /* if we use capabilities and run as root, we can immediately setuid back
++     * to the normal user and only keep CAP_IPC_LOCK until the shared memory is
++     * set up.
++     */
++#ifdef USE_CAPABILITIES
++    curr_uid = getuid();
++    if( curr_uid && !geteuid() ) { /* we are setuid root */
++	if( prctl( PR_SET_KEEPCAPS, 1, 0, 0, 0 ) ) {
++	    perror( "main(): could not keep capabilities" );
++	    return -100;
++	}
++
++	if( setuid( curr_uid ) ) {
++	    perror( "main(): could not set user id" );
++	    return -100;
++	}
++
++	caps = cap_from_text( "cap_ipc_lock=p" );
++	if( cap_set_proc( caps ) ) {
++	    perror( "main(): could not install capabilities" );
++	    return -100;
++	}
++	cap_free( caps );
++    }
++#endif
++
+     log_set_name("gpg");
+     secure_random_alloc(); /* put random number into secure memory */
+     may_coredump = disable_core_dumps();
+@@ -1747,7 +1783,7 @@
+     }
+ #endif
+     /* initialize the secure memory. */
+-    got_secmem=secmem_init( 32768 );
++    got_secmem=secmem_init( 32768 ); /* this will drop all remaining privileges */
+     maybe_setuid = 0;
+     /* Okay, we are now working under our real uid */
+ 
diff --git a/recipes/gnupg/gnupg-1.4.2.2/22_zero_length_mpi_fix.patch b/recipes/gnupg/gnupg-1.4.2.2/22_zero_length_mpi_fix.patch
new file mode 100644
index 0000000000..8f13db4d23
--- /dev/null
+++ b/recipes/gnupg/gnupg-1.4.2.2/22_zero_length_mpi_fix.patch
@@ -0,0 +1,37 @@
+diff -urNad gnupg-1.4.2~/mpi/mpicoder.c gnupg-1.4.2/mpi/mpicoder.c
+--- gnupg-1.4.2~/mpi/mpicoder.c	2005-05-31 06:30:05.000000000 +0000
++++ gnupg-1.4.2/mpi/mpicoder.c	2005-09-29 00:52:19.000000000 +0000
+@@ -80,16 +80,20 @@
+     mpi_limb_t a;
+     MPI val = MPI_NULL;
+ 
++    if (nread == nmax)
++        goto overflow;
+     if( (c = iobuf_get(inp)) == -1 )
+ 	goto leave;
+-    if (++nread >= nmax)
+-        goto overflow;
++    nread++;
+     nbits = c << 8;
++
++    if (nread == nmax)
++        goto overflow;
+     if( (c = iobuf_get(inp)) == -1 )
+ 	goto leave;
+-    if (++nread >= nmax)
+-        goto overflow;
++    nread++;
+     nbits |= c;
++
+     if( nbits > MAX_EXTERN_MPI_BITS ) {
+ 	log_error("mpi too large for this implementation (%u bits)\n", nbits);
+ 	goto leave;
+@@ -112,7 +116,7 @@
+     for( ; j > 0; j-- ) {
+ 	a = 0;
+ 	for(; i < BYTES_PER_MPI_LIMB; i++ ) {
+-            if (nread >= nmax) {
++            if (nread == nmax) {
+ #ifdef M_DEBUG
+                 mpi_debug_free (val);
+ #else
diff --git a/recipes/gnupg/gnupg-1.4.2.2/30_nm_always_check.patch b/recipes/gnupg/gnupg-1.4.2.2/30_nm_always_check.patch
new file mode 100644
index 0000000000..914f1475b7
--- /dev/null
+++ b/recipes/gnupg/gnupg-1.4.2.2/30_nm_always_check.patch
@@ -0,0 +1,21 @@
+Originally the test for _'s on symbols was not done when cross-compiling and
+it was assumed that the _'s were appended. The test does in fact work since
+it simply compiles a file and then run's nm on it. So patch this to enable.
+Without this x86 targets fail during linking since the assembler code has
+the _'s appended when it shouldn't.
+
+--- gnupg-1.4.2.2/acinclude.m4	2006/09/11 22:11:23	1.1
++++ gnupg-1.4.2.2/acinclude.m4	2006/09/11 22:17:25
+@@ -673,11 +673,7 @@
+         ac_cv_sys_symbol_underscore=yes
+         ;;
+     *)
+-      if test "$cross_compiling" = yes; then
+-         ac_cv_sys_symbol_underscore=yes
+-      else
+-         tmp_do_check="yes"
+-      fi
++        tmp_do_check="yes"
+        ;;
+ esac
+ 
diff --git a/recipes/gnupg/gnupg-1.4.2.2/long-long-thumb.patch b/recipes/gnupg/gnupg-1.4.2.2/long-long-thumb.patch
new file mode 100644
index 0000000000..36e9992772
--- /dev/null
+++ b/recipes/gnupg/gnupg-1.4.2.2/long-long-thumb.patch
@@ -0,0 +1,11 @@
+--- gnupg/mpi/longlong.h~	2006-02-14 10:09:55.000000000 +0000
++++ gnupg/mpi/longlong.h	2008-10-27 13:11:09.000000000 +0000
+@@ -181,7 +181,7 @@
+ /***************************************
+  **************  ARM  ******************
+  ***************************************/
+-#if defined (__arm__) && W_TYPE_SIZE == 32
++#if defined (__arm__) && W_TYPE_SIZE == 32 && !defined(__thumb__)
+ #define add_ssaaaa(sh, sl, ah, al, bh, bl) \
+   __asm__ ("adds %1, %4, %5\n"                                          \
+ 	   "adc  %0, %2, %3"                                            \
diff --git a/recipes/gnupg/gnupg.inc b/recipes/gnupg/gnupg.inc
new file mode 100644
index 0000000000..2d8e37605f
--- /dev/null
+++ b/recipes/gnupg/gnupg.inc
@@ -0,0 +1,76 @@
+SECTION = "console/utils"
+DESCRIPTION = "gnupg - GNU privacy guard"
+HOMEPAGE = "http://www.gnupg.org/"
+LICENSE = "GPLv2"
+DEPENDS = "zlib bzip2"
+
+inherit autotools gettext
+
+MIRRORS_prepend () {
+ftp://ftp.gnupg.org/gcrypt	http://mirrors.rootmode.com/ftp.gnupg.org
+}
+SRC_URI = "ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-${PV}.tar.bz2"
+S = "${WORKDIR}/gnupg-${PV}"
+
+#   --with-egd-socket=NAME  use NAME for the EGD socket
+#   --with-photo-viewer=FIXED_VIEWER  set a fixed photo ID viewer
+#   --with-included-zlib    use the zlib code included here
+#   --with-capabilities     use linux capabilities default=no
+#   --with-mailprog=NAME    use "NAME -t" for mail transport
+#   --with-libiconv-prefix[=DIR]  search for libiconv in DIR/include and DIR/lib
+#   --without-libiconv-prefix     don't search for libiconv in includedir and libdir
+#   --with-included-gettext use the GNU gettext library included here
+#   --with-libintl-prefix[=DIR]  search for libintl in DIR/include and DIR/lib
+#   --without-libintl-prefix     don't search for libintl in includedir and libdir
+#   --with-included-regex   use the included GNU regex library
+#   --with-zlib=DIR         use libz in DIR
+#   --with-bzip2=DIR        look for bzip2 in DIR
+#   --enable-static-rnd=egd|unix|linux|auto
+#   --disable-dev-random    disable the use of dev random
+#   --disable-asm           do not use assembler modules
+#   --enable-m-guard        enable memory guard facility
+#   --enable-selinux-support
+#                           enable SELinux support
+#   --disable-card-support  disable OpenPGP card support
+#   --disable-gnupg-iconv   disable the new iconv code
+#   --enable-backsigs       enable the experimental backsigs code
+#   --enable-minimal        build the smallest gpg binary possible
+#   --disable-rsa           disable the RSA public key algorithm
+#   --disable-idea          disable the IDEA cipher
+#   --disable-cast5         disable the CAST5 cipher
+#   --disable-blowfish      disable the BLOWFISH cipher
+#   --disable-aes           disable the AES, AES192, and AES256 ciphers
+#   --disable-twofish       disable the TWOFISH cipher
+#   --disable-sha256        disable the SHA-256 digest
+#   --disable-sha512        disable the SHA-384 and SHA-512 digests
+#   --disable-bzip2         disable the BZIP2 compression algorithm
+#   --disable-exec          disable all external program execution
+#   --disable-photo-viewers disable photo ID viewers
+#   --disable-keyserver-helpers  disable all external keyserver support
+#   --disable-ldap          disable LDAP keyserver interface
+#   --disable-hkp           disable HKP keyserver interface
+#   --disable-http          disable HTTP key fetching interface
+#   --disable-finger        disable Finger key fetching interface
+#   --disable-mailto        disable email keyserver interface
+#   --disable-keyserver-path disable the exec-path option for keyserver helpers
+#   --enable-key-cache=SIZE Set key cache to SIZE (default 4096)
+#   --disable-largefile     omit support for large files
+#   --disable-dns-srv       disable the use of DNS SRV in HKP and HTTP
+#   --disable-nls           do not use Native Language Support
+#   --disable-regex         do not handle regular expressions in trust sigs
+
+EXTRA_OECONF = "--disable-ldap \
+		--with-zlib=${STAGING_LIBDIR}/.. \
+		--with-bzip2=${STAGING_LIBDIR}/.. \
+		--disable-selinux-support"
+
+do_install () {
+	autotools_do_install
+	install -d ${D}${docdir}/${PN}
+	mv ${D}${datadir}/${PN}/* ${D}/${docdir}/${PN}/ || :
+	mv ${D}${prefix}/doc/* ${D}/${docdir}/${PN}/ || :
+}
+
+# Exclude debug files from the main packages
+FILES_${PN} = "${bindir}/* ${datadir}/${PN} ${libexecdir}/${PN}/*"
+FILES_${PN}-dbg += "${libexecdir}/${PN}/.debug"
diff --git a/recipes/gnupg/gnupg_1.4.2.2.bb b/recipes/gnupg/gnupg_1.4.2.2.bb
new file mode 100644
index 0000000000..8492617683
--- /dev/null
+++ b/recipes/gnupg/gnupg_1.4.2.2.bb
@@ -0,0 +1,15 @@
+require gnupg.inc
+
+DEPENDS += "readline"
+EXTRA_OECONF += "--with-readline=${STAGING_LIBDIR}/.."
+#   --without-readline      do not support fancy command line editing
+
+SRC_URI += "file://15_free_caps.patch;patch=1 \
+	    file://16_min_privileges.patch;patch=1 \
+	    file://22_zero_length_mpi_fix.patch;patch=1 \
+            file://30_nm_always_check.patch;patch=1 \
+            file://long-long-thumb.patch;patch=1"
+
+S = "${WORKDIR}/gnupg-${PV}"
+
+PR = "r2"
author	Denys Dmytriyenko <denis@denix.org>	2009-03-17 14:32:59 -0400
committer	Denys Dmytriyenko <denis@denix.org>	2009-03-17 14:32:59 -0400
commit	709c4d66e0b107ca606941b988bad717c0b45d9b (patch)
tree	37ee08b1eb308f3b2b6426d5793545c38396b838 /recipes/gnupg
parent	fa6cd5a3b993f16c27de4ff82b42684516d433ba (diff)
download	openembedded-709c4d66e0b107ca606941b988bad717c0b45d9b.tar.gz