diff options
Diffstat (limited to 'meta/recipes-support/gnutls')
13 files changed, 346 insertions, 258 deletions
diff --git a/meta/recipes-support/gnutls/gnutls.inc b/meta/recipes-support/gnutls/gnutls.inc deleted file mode 100644 index 0ac7c3720a..0000000000 --- a/meta/recipes-support/gnutls/gnutls.inc +++ /dev/null @@ -1,57 +0,0 @@ -SUMMARY = "GNU Transport Layer Security Library" -HOMEPAGE = "http://www.gnu.org/software/gnutls/" -BUGTRACKER = "https://savannah.gnu.org/support/?group=gnutls" - -LICENSE = "GPLv3+ & LGPLv2.1+" -LICENSE_${PN} = "LGPLv2.1+" -LICENSE_${PN}-xx = "LGPLv2.1+" -LICENSE_${PN}-bin = "GPLv3+" -LICENSE_${PN}-openssl = "GPLv3+" - -LIC_FILES_CHKSUM = "file://LICENSE;md5=71391c8e0c1cfe68077e7fce3b586283 \ - file://doc/COPYING;md5=d32239bcb673463ab874e80d47fae504 \ - file://doc/COPYING.LESSER;md5=a6f89e2100d9b6cdffcea4f398e37343" - -DEPENDS = "nettle gmp virtual/libiconv" -DEPENDS_append_libc-musl = " argp-standalone" - -SHRT_VER = "${@d.getVar('PV', True).split('.')[0]}.${@d.getVar('PV', True).split('.')[1]}" - -SRC_URI = "ftp://ftp.gnutls.org/gcrypt/gnutls/v${SHRT_VER}/gnutls-${PV}.tar.xz" - -inherit autotools texinfo binconfig pkgconfig gettext lib_package - -PACKAGECONFIG ??= "libidn zlib" - -PACKAGECONFIG[docs] = "--enable-doc,--disable-doc" -PACKAGECONFIG[libidn] = "--with-idn,--without-idn,libidn" -PACKAGECONFIG[libtasn1] = "--with-included-libtasn1=no,--with-included-libtasn1,libtasn1" -PACKAGECONFIG[p11-kit] = "--with-p11-kit,--without-p11-kit,p11-kit" -PACKAGECONFIG[tpm] = "--with-tpm,--without-tpm,trousers" -PACKAGECONFIG[zlib] = "--with-zlib,--without-zlib,zlib" - -EXTRA_OECONF = " \ - --disable-libdane \ - --disable-guile \ - --disable-rpath \ - --enable-local-libopts \ - --enable-openssl-compatibility \ - --with-libpthread-prefix=${STAGING_DIR_HOST}${prefix} \ -" - -LDFLAGS_append_libc-musl = " -largp" -LDFLAGS_append_libc-uclibc = " -luargp -pthread" - -do_configure_prepend() { - for dir in . lib; do - rm -f ${dir}/aclocal.m4 ${dir}/m4/libtool.m4 ${dir}/m4/lt*.m4 - done -} - -PACKAGES =+ "${PN}-openssl ${PN}-xx" - -FILES_${PN}-dev += "${bindir}/gnutls-cli-debug" -FILES_${PN}-openssl = "${libdir}/libgnutls-openssl.so.*" -FILES_${PN}-xx = "${libdir}/libgnutlsxx.so.*" - -BBCLASSEXTEND = "native nativesdk" diff --git a/meta/recipes-support/gnutls/gnutls/0001-Creating-.hmac-file-should-be-excuted-in-target-envi.patch b/meta/recipes-support/gnutls/gnutls/0001-Creating-.hmac-file-should-be-excuted-in-target-envi.patch new file mode 100644 index 0000000000..e40b2be362 --- /dev/null +++ b/meta/recipes-support/gnutls/gnutls/0001-Creating-.hmac-file-should-be-excuted-in-target-envi.patch @@ -0,0 +1,28 @@ +From b729a356538d499fe25e82bfc78ea663bdaca0a8 Mon Sep 17 00:00:00 2001 +From: Lei Maohui <leimaohui@fujitsu.com> +Date: Mon, 23 May 2022 10:44:43 +0900 +Subject: [PATCH] Creating .hmac file should be excuted in target environment, + so deleted it from build process. + +Upstream-Status: Inappropriate [https://gitlab.com/gnutls/gnutls/-/issues/1373] +Signed-off-by: Lei Maohui <leimaohui@fujitsu.com> +--- + lib/Makefile.am | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/lib/Makefile.am b/lib/Makefile.am +index 0b43ef9..cf263f0 100644 +--- a/lib/Makefile.am ++++ b/lib/Makefile.am +@@ -206,8 +206,7 @@ hmac_files = .libs/.gnutls.hmac + + all-local: $(hmac_files) + +-.libs/.gnutls.hmac: libgnutls.la fipshmac +- $(AM_V_GEN) $(builddir)/fipshmac > $@-t && mv $@-t $@ ++.libs/.gnutls.hmac: + + CLEANFILES = $(hmac_files) + endif +-- +2.25.1 diff --git a/meta/recipes-support/gnutls/gnutls/0001-configure.ac-fix-sed-command.patch b/meta/recipes-support/gnutls/gnutls/0001-configure.ac-fix-sed-command.patch deleted file mode 100644 index c5b95eb5bf..0000000000 --- a/meta/recipes-support/gnutls/gnutls/0001-configure.ac-fix-sed-command.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 67c638c7e209554d9b19627e9402a20fdabead21 Mon Sep 17 00:00:00 2001 -From: Alexander Kanavin <alex.kanavin@gmail.com> -Date: Fri, 4 Dec 2015 13:19:28 +0200 -Subject: [PATCH] configure.ac: fix sed command - -The "sed 's/.bak//g'" matchs "bitbake", which would cause strange errors -when the S contains "bitbake", fix to "sed 's/\.bak$//'`" - -Upstream-Status: Pending - -Signed-off-by: Robert Yang <liezhi.yang@windriver.com> -Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> ---- - configure.ac | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index e634236..dc9e6a8 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -549,7 +549,7 @@ if test "$enable_tools" != "no" || test "$enable_doc" != "no"; then - dnl replace libopts-generated files with distributed backups, if present - missing_baks= - for i in ${srcdir}/src/*-args.c.bak ${srcdir}/src/*-args.h.bak; do -- nam=`echo $i|sed 's/.bak//g'` -+ nam=`echo $i|sed 's/\.bak$//'` - if test -f $i;then - cp -f $i $nam - else --- -2.6.2 - diff --git a/meta/recipes-support/gnutls/gnutls/Add-ptest-support.patch b/meta/recipes-support/gnutls/gnutls/Add-ptest-support.patch new file mode 100644 index 0000000000..8ad6ba5ad5 --- /dev/null +++ b/meta/recipes-support/gnutls/gnutls/Add-ptest-support.patch @@ -0,0 +1,60 @@ +From 74080376904713a8e6cceefbc25c81512796bf0c Mon Sep 17 00:00:00 2001 +From: Ravineet Singh <ravineet.a.singh@est.tech> +Date: Tue, 10 Jan 2023 16:11:10 +0100 +Subject: [PATCH] gnutls: add ptest support + +Upstream-Status: Inappropriate [embedded specific] +Signed-off-by: Ravineet Singh <ravineet.a.singh@est.tech> +--- + Makefile.am | 3 +++ + configure.ac | 2 ++ + tests/Makefile.am | 6 ++++++ + 3 files changed, 11 insertions(+) + +diff --git a/Makefile.am b/Makefile.am +index 843193f9f..816b09fec 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -191,6 +191,9 @@ dist-hook: + mv ChangeLog $(distdir) + touch -c $(distdir)/doc/*.html $(distdir)/doc/*.pdf $(distdir)/doc/*.info + ++install-ptest: ++ $(MAKE) -C tests DESTDIR=$(DESTDIR)/tests $@ ++ + .PHONY: abi-check abi-dump-versioned abi-dump-latest pic-check symbol-check local-code-coverage-output files-update AUTHORS + + include $(top_srcdir)/cligen/cligen.mk +diff --git a/configure.ac b/configure.ac +index baff1c007..f9f596abf 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -1150,6 +1150,8 @@ AC_SUBST(LIBGNUTLS_CFLAGS) + + AM_CONDITIONAL(NEEDS_LIBRT, test "$gnutls_needs_librt" = "yes") + ++AM_EXTRA_RECURSIVE_TARGETS([buildtest-TESTS]) ++ + AC_DEFINE([GNUTLS_INTERNAL_BUILD], 1, [We allow temporarily usage of deprecated functions - until they are removed.]) + + hw_features= +diff --git a/tests/Makefile.am b/tests/Makefile.am +index 573e911a0..e8a26f8b9 100644 +--- a/tests/Makefile.am ++++ b/tests/Makefile.am +@@ -644,6 +644,12 @@ SH_LOG_COMPILER = $(SHELL) + AM_VALGRINDFLAGS = --suppressions=$(srcdir)/suppressions.valgrind + LOG_COMPILER = $(LOG_VALGRIND) + ++install-ptest: $(check_PROGRAMS) ++ @$(INSTALL) -d $(DESTDIR) ++ @for file in $^; do \ ++ $(INSTALL_PROGRAM) $$file $(DESTDIR) ; \ ++ done ++ + distclean-local: + rm -rf softhsm-*.db softhsm-*.config *.tmp tmp-* x509-crt-list-import-url.config.db port.lock.d + +-- +2.31.1 + diff --git a/meta/recipes-support/gnutls/gnutls/arm_eabi.patch b/meta/recipes-support/gnutls/gnutls/arm_eabi.patch new file mode 100644 index 0000000000..6eb1edbdb1 --- /dev/null +++ b/meta/recipes-support/gnutls/gnutls/arm_eabi.patch @@ -0,0 +1,30 @@ +From 8a5c96057cf305bbeac0d6e0e59ee24fbb9497fe Mon Sep 17 00:00:00 2001 +From: Joe Slater <jslater@windriver.com> +Date: Wed, 25 Jan 2017 13:52:59 -0800 +Subject: [PATCH] gnutls: account for ARM_EABI + +Certain syscall's are not availabe for arm-eabi, so we eliminate +reference to them. + +Upstream-Status: Pending + +Signed-off-by: Joe Slater <jslater@windriver.com> + +--- + tests/seccomp.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/tests/seccomp.c b/tests/seccomp.c +index ed14d00..3c5b726 100644 +--- a/tests/seccomp.c ++++ b/tests/seccomp.c +@@ -53,7 +53,9 @@ int disable_system_calls(void) + + ADD_SYSCALL(nanosleep, 0); + ADD_SYSCALL(clock_nanosleep, 0); ++#if ! defined(__ARM_EABI__) + ADD_SYSCALL(time, 0); ++#endif + ADD_SYSCALL(getpid, 0); + ADD_SYSCALL(gettimeofday, 0); + #if defined(HAVE_CLOCK_GETTIME) diff --git a/meta/recipes-support/gnutls/gnutls/correct_rpl_gettimeofday_signature.patch b/meta/recipes-support/gnutls/gnutls/correct_rpl_gettimeofday_signature.patch deleted file mode 100644 index 5e452c52e7..0000000000 --- a/meta/recipes-support/gnutls/gnutls/correct_rpl_gettimeofday_signature.patch +++ /dev/null @@ -1,67 +0,0 @@ -From ae3370788ed3447bba16969d9eb1bf1b9631e1b7 Mon Sep 17 00:00:00 2001 -From: Valentin Popa <valentin.popa@intel.com> -Date: Fri, 25 Apr 2014 13:58:55 +0300 -Subject: [PATCH] Correct rpl_gettimeofday signature - -Currently we fail on uclibc like below - -| In file included from /home/kraj/work/angstrom/sources/openembedded-core/build/tmp-uclibc/sysroots/qemuarm/usr/include/sys/procfs.h:32:0, -| from /home/kraj/work/angstrom/sources/openembedded-core/build/tmp-uclibc/sysroots/qemuarm/usr/include/sys/ucontext.h:26, -| from /home/kraj/work/angstrom/sources/openembedded-core/build/tmp-uclibc/sysroots/qemuarm/usr/include/signal.h:392, -| from ../../gl/signal.h:52, -| from ../../gl/sys/select.h:58, -| from /home/kraj/work/angstrom/sources/openembedded-core/build/tmp-uclibc/sysroots/qemuarm/usr/include/sys/types.h:220, -| from ../../gl/sys/types.h:28, -| from ../../lib/includes/gnutls/gnutls.h:46, -| from ex-cxx.cpp:3: -| ../../gl/sys/time.h:396:66: error: conflicting declaration 'void* restrict' -| ../../gl/sys/time.h:396:50: error: 'restrict' has a previous declaration as 'timeval* restrict' -| make[4]: *** [ex-cxx.o] Error 1 -| make[4]: *** Waiting for unfinished jobs.... - -GCC detects that we call 'restrict' as param name in function -signatures and complains since both params are called 'restrict' -therefore we use __restrict to denote the C99 keywork - -This only happens of uclibc since this code is not excercised with -eglibc otherwise we will have same issue there too - -Signed-off-by: Khem Raj <raj.khem@gmail.com> - -Upstream-Status: Pending ---- - gl/sys_time.in.h | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/gl/sys_time.in.h b/gl/sys_time.in.h -index 84a17c9..6ceadc3 100644 ---- a/gl/sys_time.in.h -+++ b/gl/sys_time.in.h -@@ -93,20 +93,20 @@ struct timeval - # define gettimeofday rpl_gettimeofday - # endif - _GL_FUNCDECL_RPL (gettimeofday, int, -- (struct timeval *restrict, void *restrict) -+ (struct timeval *__restrict, void *__restrict) - _GL_ARG_NONNULL ((1))); - _GL_CXXALIAS_RPL (gettimeofday, int, -- (struct timeval *restrict, void *restrict)); -+ (struct timeval *__restrict, void *__restrict)); - # else - # if !@HAVE_GETTIMEOFDAY@ - _GL_FUNCDECL_SYS (gettimeofday, int, -- (struct timeval *restrict, void *restrict) -+ (struct timeval *__restrict, void *__restrict) - _GL_ARG_NONNULL ((1))); - # endif - /* Need to cast, because on glibc systems, by default, the second argument is - struct timezone *. */ - _GL_CXXALIAS_SYS_CAST (gettimeofday, int, -- (struct timeval *restrict, void *restrict)); -+ (struct timeval *__restrict, void *__restrict)); - # endif - _GL_CXXALIASWARN (gettimeofday); - #elif defined GNULIB_POSIXCHECK --- -1.9.1 - diff --git a/meta/recipes-support/gnutls/gnutls/run-ptest b/meta/recipes-support/gnutls/gnutls/run-ptest new file mode 100644 index 0000000000..84948f487d --- /dev/null +++ b/meta/recipes-support/gnutls/gnutls/run-ptest @@ -0,0 +1,90 @@ +#!/bin/sh + +rjob() { + local job=$1 + local log=$2 + + # TODO: Output will be garbled + ./${job} >> ${log} 2>&1 + + ret=$? + case $ret in + 0) + echo "PASS: $t" >> ${log} + echo "PASS: $t" + ;; + 77) + echo "SKIP: $t" >> ${log} + echo "SKIP: $t" + ;; + *) + echo "FAIL: $t" >> ${log} + echo "FAIL: $t" + ;; + esac +} + +is_disallowed() { + local key=$1 + $(echo ${test_disallowlist} | grep -w -q ${key}) + return $? +} + +# TODO +# This list should probably be in a external file +# Testcases defined here either take very long time (dtls-stress) +# or are dependent on local files (certs, etc) in local file system +# currently not exported to target. + +test_disallowlist="" +test_disallowlist="${test_disallowlist} dtls-stress" +test_disallowlist="${test_disallowlist} handshake-large-cert" +test_disallowlist="${test_disallowlist} id-on-xmppAddr" +test_disallowlist="${test_disallowlist} mini-x509-cas" +test_disallowlist="${test_disallowlist} pkcs12_simple" +test_disallowlist="${test_disallowlist} protocol-set-allowlist" +test_disallowlist="${test_disallowlist} psk-file" +test_disallowlist="${test_disallowlist} rawpk-api" +test_disallowlist="${test_disallowlist} set_pkcs12_cred" +test_disallowlist="${test_disallowlist} system-override-curves-allowlist" +test_disallowlist="${test_disallowlist} system-override-hash" +test_disallowlist="${test_disallowlist} system-override-sig" +test_disallowlist="${test_disallowlist} system-override-sig-tls" +test_disallowlist="${test_disallowlist} system-prio-file" +test_disallowlist="${test_disallowlist} x509cert-tl" + +LOG=${PWD}/tests.log +cd tests +max_njobs=$(grep -c ^processor /proc/cpuinfo) +njobs=0 + +for t in *; do + [ -x $t ] || continue + [ -f $t ] || continue + + is_disallowed ${t} + [ $? -eq 0 ] && continue + + rjob ${t} ${LOG} & + one=1 + njobs=$(expr ${njobs} + ${one}) + if [ ${njobs} -eq ${max_njobs} ]; then + wait + njobs=0 + fi +done +wait + +skipped=$(grep -c SKIP ${LOG}) +passed=$(grep -c PASS ${LOG}) +failed=$(grep -c FAIL ${LOG}) +total=$(expr ${passed} + ${failed} + ${skipped}) + +echo +echo "gnutls test summary:" +echo "--------------------" +echo "total: ${total}" +echo "pass : ${passed}" +echo "fail : ${failed}" +echo "skip : ${skipped}" +echo diff --git a/meta/recipes-support/gnutls/gnutls/use-pkg-config-to-locate-zlib.patch b/meta/recipes-support/gnutls/gnutls/use-pkg-config-to-locate-zlib.patch deleted file mode 100644 index 0e1b7c8f72..0000000000 --- a/meta/recipes-support/gnutls/gnutls/use-pkg-config-to-locate-zlib.patch +++ /dev/null @@ -1,67 +0,0 @@ -From cee80af1fe93f5b76765afeebfcc3b902768f5d6 Mon Sep 17 00:00:00 2001 -From: Andre McCurdy <armccurdy@gmail.com> -Date: Tue, 26 May 2015 21:41:24 -0700 -Subject: [PATCH] use pkg-config to locate zlib - -AC_LIB_HAVE_LINKFLAGS can sometimes find host libs and is therefore not -robust when cross-compiling. Remove it for zlib and use PKG_CHECK_MODULES -instead. - -Removing AC_LIB_HAVE_LINKFLAGS for zlib also removes the --with-libz-prefix -configure option. If zlib support is enabled, then failure to find zlib via -pkg-config is now treated as a fatal error. - -Change based on ChromeOS gnutls 2.12.23 cross-compile fixes patch: - - https://chromium-review.googlesource.com/#/c/271661/ - -Upstream-Status: Inappropriate [configuration] - -Signed-off-by: Andre McCurdy <armccurdy@gmail.com> ---- - configure.ac | 24 ++++++++++-------------- - 1 file changed, 10 insertions(+), 14 deletions(-) - -diff --git a/configure.ac b/configure.ac -index 1b561d5..0c787dc 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -508,25 +508,21 @@ AC_ARG_WITH(zlib, AS_HELP_STRING([--without-zlib], - AC_MSG_CHECKING([whether to include zlib compression support]) - if test x$ac_zlib != xno; then - AC_MSG_RESULT(yes) -- AC_LIB_HAVE_LINKFLAGS(z,, [#include <zlib.h>], [compress (0, 0, 0, 0);]) -- if test x$ac_cv_libz != xyes; then -- AC_MSG_WARN( --*** --*** ZLIB was not found. You will not be able to use ZLIB compression.) -- fi - else - AC_MSG_RESULT(no) - fi - --PKG_CHECK_EXISTS(zlib, ZLIB_HAS_PKGCONFIG=y, ZLIB_HAS_PKGCONFIG=n) -- - if test x$ac_zlib != xno; then -- if test "$ZLIB_HAS_PKGCONFIG" = "y" ; then -- if test "x$GNUTLS_REQUIRES_PRIVATE" = x; then -- GNUTLS_REQUIRES_PRIVATE="Requires.private: zlib" -- else -- GNUTLS_REQUIRES_PRIVATE="$GNUTLS_REQUIRES_PRIVATE, zlib" -- fi -+ PKG_CHECK_MODULES(ZLIB, zlib) -+ HAVE_LIBZ=yes -+ AC_DEFINE([HAVE_LIBZ], [1], [zlib is enabled]) -+ AC_SUBST(HAVE_LIBZ) -+ LTLIBZ=$ZLIB_LIBS -+ AC_SUBST(LTLIBZ) -+ if test "x$GNUTLS_REQUIRES_PRIVATE" = x; then -+ GNUTLS_REQUIRES_PRIVATE="Requires.private: zlib" -+ else -+ GNUTLS_REQUIRES_PRIVATE="$GNUTLS_REQUIRES_PRIVATE, zlib" - fi - fi - AC_SUBST(GNUTLS_REQUIRES_PRIVATE) --- -1.9.1 - diff --git a/meta/recipes-support/gnutls/gnutls_3.5.1.bb b/meta/recipes-support/gnutls/gnutls_3.5.1.bb deleted file mode 100644 index 85d99040fb..0000000000 --- a/meta/recipes-support/gnutls/gnutls_3.5.1.bb +++ /dev/null @@ -1,8 +0,0 @@ -require gnutls.inc - -SRC_URI += "file://correct_rpl_gettimeofday_signature.patch \ - file://0001-configure.ac-fix-sed-command.patch \ - file://use-pkg-config-to-locate-zlib.patch \ - " -SRC_URI[md5sum] = "cb48bb0cf36d329f7321c6cdc0d7ae36" -SRC_URI[sha256sum] = "bc4a0f80a627c3aca6e7ea59d30e50cda118c61e0e3fab367ff1451d6ec8bdbd" diff --git a/meta/recipes-support/gnutls/gnutls_3.7.8.bb b/meta/recipes-support/gnutls/gnutls_3.7.8.bb new file mode 100644 index 0000000000..fee06393bd --- /dev/null +++ b/meta/recipes-support/gnutls/gnutls_3.7.8.bb @@ -0,0 +1,96 @@ +SUMMARY = "GNU Transport Layer Security Library" +DESCRIPTION = "a secure communications library implementing the SSL, \ +TLS and DTLS protocols and technologies around them." +HOMEPAGE = "https://gnutls.org/" +BUGTRACKER = "https://savannah.gnu.org/support/?group=gnutls" + +LICENSE = "GPL-3.0-or-later & LGPL-2.1-or-later" +LICENSE:${PN} = "LGPL-2.1-or-later" +LICENSE:${PN}-xx = "LGPL-2.1-or-later" +LICENSE:${PN}-bin = "GPL-3.0-or-later" +LICENSE:${PN}-openssl = "GPL-3.0-or-later" + +LIC_FILES_CHKSUM = "file://LICENSE;md5=71391c8e0c1cfe68077e7fce3b586283 \ + file://doc/COPYING;md5=c678957b0c8e964aa6c70fd77641a71e \ + file://doc/COPYING.LESSER;md5=a6f89e2100d9b6cdffcea4f398e37343" + +DEPENDS = "nettle gmp virtual/libiconv libunistring" +DEPENDS:append:libc-musl = " argp-standalone" + +SHRT_VER = "${@d.getVar('PV').split('.')[0]}.${@d.getVar('PV').split('.')[1]}" + +SRC_URI = "https://www.gnupg.org/ftp/gcrypt/gnutls/v${SHRT_VER}/gnutls-${PV}.tar.xz \ + file://arm_eabi.patch \ + file://0001-Creating-.hmac-file-should-be-excuted-in-target-envi.patch \ + file://run-ptest \ + file://Add-ptest-support.patch \ + " + +SRC_URI[sha256sum] = "c58ad39af0670efe6a8aee5e3a8b2331a1200418b64b7c51977fb396d4617114" + +inherit autotools texinfo pkgconfig gettext lib_package gtk-doc ptest + +PACKAGECONFIG ??= "libidn ${@bb.utils.filter('DISTRO_FEATURES', 'seccomp', d)}" + +# You must also have CONFIG_SECCOMP enabled in the kernel for +# seccomp to work. +PACKAGECONFIG[seccomp] = "--with-libseccomp-prefix=${STAGING_EXECPREFIXDIR},ac_cv_libseccomp=no,libseccomp" +PACKAGECONFIG[libidn] = "--with-idn,--without-idn,libidn2" +PACKAGECONFIG[libtasn1] = "--with-included-libtasn1=no,--with-included-libtasn1,libtasn1" +PACKAGECONFIG[p11-kit] = "--with-p11-kit,--without-p11-kit,p11-kit" +PACKAGECONFIG[tpm] = "--with-tpm,--without-tpm,trousers" +PACKAGECONFIG[fips] = "--enable-fips140-mode --with-libdl-prefix=${STAGING_BASELIBDIR}" + +EXTRA_OECONF = " \ + --enable-doc \ + --disable-libdane \ + --disable-guile \ + --disable-rpath \ + --enable-openssl-compatibility \ + --with-libpthread-prefix=${STAGING_DIR_HOST}${prefix} \ + --with-librt-prefix=${STAGING_DIR_HOST}${prefix} \ + --with-default-trust-store-file=${sysconfdir}/ssl/certs/ca-certificates.crt \ +" + +# Otherwise the tools try and use HOSTTOOLS_DIR/bash as a shell. +export POSIX_SHELL="${base_bindir}/sh" + +LDFLAGS:append:libc-musl = " -largp" + +do_configure:prepend() { + for dir in . lib; do + rm -f ${dir}/aclocal.m4 ${dir}/m4/libtool.m4 ${dir}/m4/lt*.m4 + done +} + +do_install:append:class-target() { + if ${@bb.utils.contains('PACKAGECONFIG', 'fips', 'true', 'false', d)}; then + install -d ${D}${bindir}/bin + install -m 0755 ${B}/lib/.libs/fipshmac ${D}/${bindir}/ + fi +} + +do_compile:append() { + oe_runmake ${PARALLEL_MAKE} -C tests buildtest-TESTS +} + +PACKAGES =+ "${PN}-openssl ${PN}-xx ${PN}-fips" + +FILES:${PN}-dev += "${bindir}/gnutls-cli-debug" +FILES:${PN}-openssl = "${libdir}/libgnutls-openssl.so.*" +FILES:${PN}-xx = "${libdir}/libgnutlsxx.so.*" +FILES:${PN}-fips = "${bindir}/fipshmac" + +BBCLASSEXTEND = "native nativesdk" + +pkg_postinst_ontarget:${PN}-fips () { + if test -x ${bindir}/fipshmac + then + mkdir ${sysconfdir}/gnutls + touch ${sysconfdir}/gnutls/config + ${bindir}/fipshmac ${libdir}/libgnutls.so.30.*.* > ${libdir}/.libgnutls.so.30.hmac + ${bindir}/fipshmac ${libdir}/libnettle.so.8.* > ${libdir}/.libnettle.so.8.hmac + ${bindir}/fipshmac ${libdir}/libgmp.so.10.*.* > ${libdir}/.libgmp.so.10.hmac + ${bindir}/fipshmac ${libdir}/libhogweed.so.6.* > ${libdir}/.libhogweed.so.6.hmac + fi +} diff --git a/meta/recipes-support/gnutls/libtasn1/dont-depend-on-help2man.patch b/meta/recipes-support/gnutls/libtasn1/dont-depend-on-help2man.patch index 2ac89f3b32..216d636793 100644 --- a/meta/recipes-support/gnutls/libtasn1/dont-depend-on-help2man.patch +++ b/meta/recipes-support/gnutls/libtasn1/dont-depend-on-help2man.patch @@ -1,14 +1,26 @@ +From 629fc6427710e48b78f8b1f300dd698fe898cfd4 Mon Sep 17 00:00:00 2001 +From: Marko Lindqvist <cazfi74@gmail.com> +Date: Mon, 7 Jan 2013 01:49:40 +0200 +Subject: [PATCH] libtasn1: remove help2man dependency + Upstream-Status: Inappropriate Signed-off-by: Marko Lindqvist <cazfi74@gmail.com> -diff -Nurd libtasn1-2.14/doc/Makefile.am libtasn1-2.14/doc/Makefile.am ---- libtasn1-2.14/doc/Makefile.am 2012-09-24 15:08:42.000000000 +0300 -+++ libtasn1-2.14/doc/Makefile.am 2013-01-03 07:35:26.702763403 +0200 -@@ -31,7 +31,7 @@ - AM_MAKEINFOHTMLFLAGS = $(AM_MAKEINFOFLAGS) \ - --no-split --number-sections --css-include=texinfo.css +--- + doc/Makefile.am | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/doc/Makefile.am b/doc/Makefile.am +index a0171a5..8aa4d3d 100644 +--- a/doc/Makefile.am ++++ b/doc/Makefile.am +@@ -28,7 +28,7 @@ libtasn1_TEXINFOS += asn1Coding-help.texi asn1Decoding-help.texi asn1Parser-help + + AM_MAKEINFOHTMLFLAGS = --no-split $(AM_MAKEINFOFLAGS) + -dist_man_MANS = $(gdoc_MANS) asn1Parser.1 asn1Coding.1 asn1Decoding.1 +dist_man_MANS = $(gdoc_MANS) - + HELP2MAN_OPTS = --info-page libtasn1 + diff --git a/meta/recipes-support/gnutls/libtasn1_4.19.0.bb b/meta/recipes-support/gnutls/libtasn1_4.19.0.bb new file mode 100644 index 0000000000..5fb8b54c06 --- /dev/null +++ b/meta/recipes-support/gnutls/libtasn1_4.19.0.bb @@ -0,0 +1,23 @@ +SUMMARY = "Library for ASN.1 and DER manipulation" +DESCRIPTION = "A highly portable C library that encodes and decodes \ +DER/BER data following an ASN.1 schema. " +HOMEPAGE = "http://www.gnu.org/software/libtasn1/" + +LICENSE = "GPL-3.0-or-later & LGPL-2.1-or-later" +LICENSE:${PN}-bin = "GPL-3.0-or-later" +LICENSE:${PN} = "LGPL-2.1-or-later" +LIC_FILES_CHKSUM = "file://doc/COPYING;md5=d32239bcb673463ab874e80d47fae504 \ + file://doc/COPYING.LESSER;md5=4fbd65380cdd255951079008b364516c \ + file://COPYING;md5=75ac100ec923f959898182307970c360" + +SRC_URI = "${GNU_MIRROR}/libtasn1/libtasn1-${PV}.tar.gz \ + file://dont-depend-on-help2man.patch \ + " + +DEPENDS = "bison-native" + +SRC_URI[sha256sum] = "1613f0ac1cf484d6ec0ce3b8c06d56263cc7242f1c23b30d82d23de345a63f7a" + +inherit autotools texinfo lib_package gtk-doc + +BBCLASSEXTEND = "native nativesdk" diff --git a/meta/recipes-support/gnutls/libtasn1_4.8.bb b/meta/recipes-support/gnutls/libtasn1_4.8.bb deleted file mode 100644 index 360d5296fb..0000000000 --- a/meta/recipes-support/gnutls/libtasn1_4.8.bb +++ /dev/null @@ -1,20 +0,0 @@ -SUMMARY = "Library for ASN.1 and DER manipulation" -HOMEPAGE = "http://www.gnu.org/software/libtasn1/" - -LICENSE = "GPLv3+ & LGPLv2.1+" -LICENSE_${PN}-bin = "GPLv3+" -LICENSE_${PN} = "LGPLv2.1+" -LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504 \ - file://COPYING.LIB;md5=4fbd65380cdd255951079008b364516c \ - file://README;endline=8;md5=c3803a3e8ca5ab5eb1e5912faa405351" - -SRC_URI = "${GNU_MIRROR}/libtasn1/libtasn1-${PV}.tar.gz \ - file://dont-depend-on-help2man.patch \ - " - -SRC_URI[md5sum] = "9a6767705725544f2b86670dcfb34107" -SRC_URI[sha256sum] = "fa802fc94d79baa00e7397cedf29eb6827d4bd8b4dd77b577373577c93a8c513" - -inherit autotools texinfo binconfig lib_package - -BBCLASSEXTEND = "native" |