From 5a6df94a9a4b2a2c16c5184c37e215302574b90b Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Fri, 12 Jan 2024 10:42:05 +0100 Subject: [PATCH] speedo: Patch ELF binaries to use built libraries * build-aux/speedo.mk: Remove GUI stuff. Add patchelf feature. * Makefile.am (speedo): New target. -- GnuPG-bug-id: 6710 --- AUTHORS | 2 +- Makefile.am | 7 +- README | 17 +-- build-aux/speedo.mk | 251 ++++++++--------------------------------- common/w32info-rc.h.in | 2 +- configure.ac | 2 +- tests/cms/Makefile.am | 1 + 7 files changed, 66 insertions(+), 216 deletions(-) diff --git a/AUTHORS b/AUTHORS index bd1d528e3..44a755333 100644 --- a/AUTHORS +++ b/AUTHORS @@ -16,7 +16,7 @@ List of Copyright holders ========================= Copyright (C) 1997-2019 Werner Koch - Copyright (C) 2003-2023 g10 Code GmbH + Copyright (C) 2003-2024 g10 Code GmbH Copyright (C) 1994-2021 Free Software Foundation, Inc. Copyright (C) 2002 Klarälvdalens Datakonsult AB Copyright (C) 1995-1997, 2000-2007 Ulrich Drepper diff --git a/Makefile.am b/Makefile.am index 1cd009811..67ee98e20 100644 --- a/Makefile.am +++ b/Makefile.am @@ -191,7 +191,7 @@ endif gen_start_date = 2011-12-01T06:00:00 -.PHONY: gen-ChangeLog +.PHONY: gen-ChangeLog stowinstall speedo gen-ChangeLog: if test -e $(top_srcdir)/.git; then \ (cd $(top_srcdir) && \ @@ -207,6 +207,11 @@ gen-ChangeLog: stowinstall: $(MAKE) $(AM_MAKEFLAGS) install prefix=/usr/local/stow/gnupg + +speedo: + $(MAKE) -f $(top_srcdir)/build-aux/speedo.mk native SELFCHECK=0 + + TESTS_ENVIRONMENT = \ LC_ALL=C \ EXEEXT=$(EXEEXT) \ diff --git a/README b/README index 8fc906bb5..02e0fedd4 100644 --- a/README +++ b/README @@ -4,7 +4,7 @@ Copyright 1997-2019 Werner Koch Copyright 1998-2021 Free Software Foundation, Inc. - Copyright 2003-2023 g10 Code GmbH + Copyright 2003-2024 g10 Code GmbH * INTRODUCTION @@ -40,7 +40,7 @@ Several other standard libraries are also required. The configure script prints diagnostic messages if one of these libraries is not - available and a feature will not be available.. + available and a feature will not be available. You also need the Pinentry package for most functions of GnuPG; however it is not a build requirement. Pinentry is available at @@ -80,15 +80,16 @@ to view the directories used by GnuPG. +** Quick build method on Unix + To quickly build all required software without installing it, the - Speedo method may be used: + Speedo target may be used: - cd build - make -f ../build-aux/speedo.mk native + make speedo - This method downloads all required libraries and does a native build - of GnuPG to PLAY/inst/. GNU make is required and you need to set - LD_LIBRARY_PATH to $(pwd)/PLAY/inst/lib to test the binaries. + This target downloads all required libraries and does a native build + of GnuPG to PLAY/inst/. GNU make and the patchelf tool are + required. Follow the instructions give at the end of the make run. ** Specific build problems on some machines: diff --git a/build-aux/speedo.mk b/build-aux/speedo.mk index 7777411e2..0cefebed9 100644 --- a/build-aux/speedo.mk +++ b/build-aux/speedo.mk @@ -94,16 +94,15 @@ # We need to know our own name. SPEEDO_MK := $(realpath $(lastword $(MAKEFILE_LIST))) -.PHONY : help native native-gui w32-installer w32-source w32-wixlib -.PHONY : git-native git-native-gui git-w32-installer git-w32-source -.PHONY : this-native this-native-gui this-w32-installer this-w32-source +.PHONY : help native w32-installer w32-source w32-wixlib +.PHONY : git-native git-w32-installer git-w32-source +.PHONY : this-native this-w32-installer this-w32-source help: @echo 'usage: make -f speedo.mk TARGET' @echo ' with TARGET being one of:' @echo ' help This help' @echo ' native Native build of the GnuPG core' - @echo ' native-gui Ditto but with pinentry and GPA' @echo ' w32-installer Build a Windows installer' @echo ' w32-source Pack a source archive' @echo ' w32-release Build a Windows release' @@ -148,66 +147,54 @@ help-wixlib: SPEEDOMAKE := $(MAKE) -f $(SPEEDO_MK) UPD_SWDB=1 native: check-tools - $(SPEEDOMAKE) TARGETOS=native WHAT=release WITH_GUI=0 all + $(SPEEDOMAKE) TARGETOS=native WHAT=release all git-native: check-tools - $(SPEEDOMAKE) TARGETOS=native WHAT=git WITH_GUI=0 all + $(SPEEDOMAKE) TARGETOS=native WHAT=git all this-native: check-tools - $(SPEEDOMAKE) TARGETOS=native WHAT=this WITH_GUI=0 all - -native-gui: check-tools - $(SPEEDOMAKE) TARGETOS=native WHAT=release WITH_GUI=1 all - -git-native-gui: check-tools - $(SPEEDOMAKE) TARGETOS=native WHAT=git WITH_GUI=1 all - -this-native-gui: check-tools - $(SPEEDOMAKE) TARGETOS=native WHAT=this WITH_GUI=1 all + $(SPEEDOMAKE) TARGETOS=native WHAT=this all w32-installer: check-tools - $(SPEEDOMAKE) TARGETOS=w32 WHAT=release WITH_GUI=0 installer + $(SPEEDOMAKE) TARGETOS=w32 WHAT=release installer git-w32-installer: check-tools - $(SPEEDOMAKE) TARGETOS=w32 WHAT=git WITH_GUI=0 installer + $(SPEEDOMAKE) TARGETOS=w32 WHAT=git installer this-w32-installer: check-tools - $(SPEEDOMAKE) TARGETOS=w32 WHAT=this WITH_GUI=0 \ - CUSTOM_SWDB=1 installer + $(SPEEDOMAKE) TARGETOS=w32 WHAT=this CUSTOM_SWDB=1 installer w32-wixlib: check-tools - $(SPEEDOMAKE) TARGETOS=w32 WHAT=release WITH_GUI=0 wixlib + $(SPEEDOMAKE) TARGETOS=w32 WHAT=release wixlib git-w32-wixlib: check-tools - $(SPEEDOMAKE) TARGETOS=w32 WHAT=git WITH_GUI=0 wixlib + $(SPEEDOMAKE) TARGETOS=w32 WHAT=git wixlib this-w32-wixlib: check-tools - $(SPEEDOMAKE) TARGETOS=w32 WHAT=this WITH_GUI=0 \ - CUSTOM_SWDB=1 wixlib + $(SPEEDOMAKE) TARGETOS=w32 WHAT=this CUSTOM_SWDB=1 wixlib w32-source: check-tools - $(SPEEDOMAKE) TARGETOS=w32 WHAT=release WITH_GUI=0 dist-source + $(SPEEDOMAKE) TARGETOS=w32 WHAT=release dist-source git-w32-source: check-tools - $(SPEEDOMAKE) TARGETOS=w32 WHAT=git WITH_GUI=0 dist-source + $(SPEEDOMAKE) TARGETOS=w32 WHAT=git dist-source this-w32-source: check-tools - $(SPEEDOMAKE) TARGETOS=w32 WHAT=this WITH_GUI=0 \ - CUSTOM_SWDB=1 dist-source + $(SPEEDOMAKE) TARGETOS=w32 WHAT=this CUSTOM_SWDB=1 dist-source w32-release: check-tools - $(SPEEDOMAKE) TARGETOS=w32 WHAT=release WITH_GUI=0 SELFCHECK=0 \ + $(SPEEDOMAKE) TARGETOS=w32 WHAT=release SELFCHECK=0 \ installer-from-source w32-msi-release: check-tools - $(SPEEDOMAKE) TARGETOS=w32 WHAT=release WITH_GUI=0 SELFCHECK=0 \ + $(SPEEDOMAKE) TARGETOS=w32 WHAT=release SELFCHECK=0 \ WITH_WIXLIB=1 installer-from-source w32-sign-installer: check-tools - $(SPEEDOMAKE) TARGETOS=w32 WHAT=release WITH_GUI=0 SELFCHECK=0 \ + $(SPEEDOMAKE) TARGETOS=w32 WHAT=release SELFCHECK=0 \ sign-installer w32-release-offline: check-tools - $(SPEEDOMAKE) TARGETOS=w32 WHAT=release WITH_GUI=0 SELFCHECK=0 \ + $(SPEEDOMAKE) TARGETOS=w32 WHAT=release SELFCHECK=0 \ CUSTOM_SWDB=1 pkgrep=${HOME}/b pkg10rep=${HOME}/b \ installer-from-source @@ -220,9 +207,6 @@ WHAT=git # Set target to "native" or "w32" TARGETOS= -# Set to 1 to build the GUI tools -WITH_GUI=0 - # Set to 1 to use a pre-installed swdb.lst instead of the online version. CUSTOM_SWDB=0 @@ -240,7 +224,7 @@ STATIC=0 TARBALLS=$(shell pwd)/../tarballs # Number of parallel make jobs for each package -MAKE_J=3 +MAKE_J=6 # Name to use for the w32 installer and sources INST_NAME=gnupg-w32 @@ -251,6 +235,9 @@ INSTALL_PREFIX=none # Set this to the location of wixtools WIXPREFIX=$(shell readlink -f ~/w32root/wixtools) +# If patchelf(1) is not availale disable the command. +PATCHELF := $(shell patchelf --version 2>/dev/null >/dev/null || echo "echo please run: ")patchelf + # Read signing information from ~/.gnupg-autogen.rc define READ_AUTOGEN_template $(1) = $$(shell grep '^$(1)=' $$$$HOME/.gnupg-autogen.rc|cut -d= -f2) @@ -324,55 +311,16 @@ speedo_spkgs = \ ifeq ($(TARGETOS),w32) speedo_spkgs += \ zlib bzip2 sqlite -ifeq ($(WITH_GUI),1) -speedo_spkgs += gettext libiconv -endif endif -speedo_spkgs += \ - libassuan libksba - -ifeq ($(TARGETOS),w32) -speedo_spkgs += \ - ntbtls -endif - -speedo_spkgs += \ - gnupg - -ifeq ($(TARGETOS),w32) -ifeq ($(WITH_GUI),1) -speedo_spkgs += \ - libffi glib pkg-config -endif -endif +speedo_spkgs += libassuan libksba ntbtls gnupg ifeq ($(STATIC),0) -speedo_spkgs += \ - gpgme +speedo_spkgs += gpgme endif ifeq ($(TARGETOS),w32) -ifeq ($(WITH_GUI),1) -speedo_spkgs += \ - libpng \ - gdk-pixbuf atk pixman cairo pango gtk+ -endif -endif - -ifeq ($(TARGETOS),w32) - speedo_spkgs += pinentry -ifeq ($(WITH_GUI),1) -speedo_spkgs += gpa gpgex -endif - -else - -ifeq ($(WITH_GUI),1) -speedo_spkgs += pinentry gpa -endif - endif @@ -383,15 +331,12 @@ endif # only used for gpgex and thus we need to build them only if we want # a full installer. speedo_w64_spkgs = -ifeq ($(WITH_GUI),1) -speedo_w64_spkgs += libgpg-error libiconv gettext libassuan gpgex -endif # Packages which use the gnupg autogen.sh build style speedo_gnupg_style = \ libgpg-error npth libgcrypt \ libassuan libksba ntbtls gnupg gpgme \ - pinentry gpa gpgex + pinentry # Packages which use only make and no build directory speedo_make_only_style = \ @@ -451,14 +396,6 @@ pinentry_ver := $(shell awk '$$1=="pinentry_ver" {print $$2}' swdb.lst) pinentry_sha1 := $(shell awk '$$1=="pinentry_sha1" {print $$2}' swdb.lst) pinentry_sha2 := $(shell awk '$$1=="pinentry_sha2" {print $$2}' swdb.lst) -gpa_ver := $(shell awk '$$1=="gpa_ver" {print $$2}' swdb.lst) -gpa_sha1 := $(shell awk '$$1=="gpa_sha1" {print $$2}' swdb.lst) -gpa_sha2 := $(shell awk '$$1=="gpa_sha2" {print $$2}' swdb.lst) - -gpgex_ver := $(shell awk '$$1=="gpgex_ver" {print $$2}' swdb.lst) -gpgex_sha1 := $(shell awk '$$1=="gpgex_sha1" {print $$2}' swdb.lst) -gpgex_sha2 := $(shell awk '$$1=="gpgex_sha2" {print $$2}' swdb.lst) - zlib_ver := $(shell awk '$$1=="zlib_ver" {print $$2}' swdb.lst) zlib_sha1 := $(shell awk '$$1=="zlib_sha1_gz" {print $$2}' swdb.lst) zlib_sha2 := $(shell awk '$$1=="zlib_sha2_gz" {print $$2}' swdb.lst) @@ -474,7 +411,7 @@ sqlite_sha2 := $(shell awk '$$1=="sqlite_sha2_gz" {print $$2}' swdb.lst) $(info Information from the version database) $(info GnuPG ..........: $(gnupg_ver) (building $(gnupg_ver_this))) -$(info Libgpg-error ...: $(libgpg_error_ver)) +$(info GpgRT ..........: $(libgpg_error_ver)) $(info Npth ...........: $(npth_ver)) $(info Libgcrypt ......: $(libgcrypt_ver)) $(info Libassuan ......: $(libassuan_ver)) @@ -485,23 +422,13 @@ $(info SQLite .........: $(sqlite_ver)) $(info NtbTLS .. ......: $(ntbtls_ver)) $(info GPGME ..........: $(gpgme_ver)) $(info Pinentry .......: $(pinentry_ver)) -$(info GPA ............: $(gpa_ver)) -$(info GpgEX.... ......: $(gpgex_ver)) endif # Version number for external packages pkg_config_ver = 0.23 libiconv_ver = 1.14 gettext_ver = 0.18.2.1 -libffi_ver = 3.0.13 -glib_ver = 2.34.3 -libpng_ver = 1.4.12 -gdk_pixbuf_ver = 2.26.5 -atk_ver = 1.32.0 -pango_ver = 1.29.4 -pixman_ver = 0.32.4 -cairo_ver = 1.12.16 -gtk__ver = 2.24.17 + # The GIT repository. Using a local repo is much faster. #gitrep = git://git.gnupg.org @@ -552,10 +479,6 @@ else ifeq ($(WHAT),git) speedo_pkg_gpgme_gitref = master speedo_pkg_pinentry_git = $(gitrep)/pinentry speedo_pkg_pinentry_gitref = master - speedo_pkg_gpa_git = $(gitrep)/gpa - speedo_pkg_gpa_gitref = master - speedo_pkg_gpgex_git = $(gitrep)/gpgex - speedo_pkg_gpgex_gitref = master else ifeq ($(WHAT),release) speedo_pkg_libgpg_error_tar = \ $(pkgrep)/libgpg-error/libgpg-error-$(libgpg_error_ver).tar.bz2 @@ -573,10 +496,6 @@ else ifeq ($(WHAT),release) $(pkgrep)/gpgme/gpgme-$(gpgme_ver).tar.bz2 speedo_pkg_pinentry_tar = \ $(pkgrep)/pinentry/pinentry-$(pinentry_ver).tar.bz2 - speedo_pkg_gpa_tar = \ - $(pkgrep)/gpa/gpa-$(gpa_ver).tar.bz2 - speedo_pkg_gpgex_tar = \ - $(pkg10rep)/gpgex/gpgex-$(gpgex_ver).tar.bz2 else $(error invalid value for WHAT (use on of: git release this)) endif @@ -587,15 +506,6 @@ speedo_pkg_bzip2_tar = $(pkgrep)/bzip2/bzip2-$(bzip2_ver).tar.gz speedo_pkg_sqlite_tar = $(pkgrep)/sqlite/sqlite-autoconf-$(sqlite_ver).tar.gz speedo_pkg_libiconv_tar = $(pkg2rep)/libiconv-$(libiconv_ver).tar.gz speedo_pkg_gettext_tar = $(pkg2rep)/gettext-$(gettext_ver).tar.gz -speedo_pkg_libffi_tar = $(pkg2rep)/libffi-$(libffi_ver).tar.gz -speedo_pkg_glib_tar = $(pkg2rep)/glib-$(glib_ver).tar.xz -speedo_pkg_libpng_tar = $(pkg2rep)/libpng-$(libpng_ver).tar.bz2 -speedo_pkg_gdk_pixbuf_tar = $(pkg2rep)/gdk-pixbuf-$(gdk_pixbuf_ver).tar.xz -speedo_pkg_atk_tar = $(pkg2rep)/atk-$(atk_ver).tar.bz2 -speedo_pkg_pango_tar = $(pkg2rep)/pango-$(pango_ver).tar.bz2 -speedo_pkg_pixman_tar = $(pkg2rep)/pixman-$(pixman_ver).tar.gz -speedo_pkg_cairo_tar = $(pkg2rep)/cairo-$(cairo_ver).tar.xz -speedo_pkg_gtk__tar = $(pkg2rep)/gtk+-$(gtk__ver).tar.xz # @@ -651,25 +561,13 @@ define speedo_pkg_gnupg_post_install endef endif -# The LDFLAGS is needed for -lintl for glib. -ifeq ($(WITH_GUI),1) -speedo_pkg_gpgme_configure = \ - --enable-static --enable-w32-glib \ - --with-gpg-error-prefix=$(idir) \ - LDFLAGS=-L$(idir)/lib -else +# The LDFLAGS was needed for -lintl for glib. speedo_pkg_gpgme_configure = \ --disable-static --disable-w32-glib \ --with-gpg-error-prefix=$(idir) \ LDFLAGS=-L$(idir)/lib -endif -ifeq ($(TARGETOS),w32) -speedo_pkg_pinentry_configure = --disable-pinentry-gtk2 -else -speedo_pkg_pinentry_configure = --enable-pinentry-gtk2 -endif speedo_pkg_pinentry_configure += \ --disable-pinentry-qt5 \ --disable-pinentry-qt \ @@ -680,22 +578,6 @@ speedo_pkg_pinentry_configure += \ CXXFLAGS=-static-libstdc++ -speedo_pkg_gpa_configure = \ - --with-libiconv-prefix=$(idir) --with-libintl-prefix=$(idir) \ - --with-gpgme-prefix=$(idir) --with-zlib=$(idir) \ - --with-libassuan-prefix=$(idir) --with-gpg-error-prefix=$(idir) - -speedo_pkg_gpgex_configure = \ - --with-gpg-error-prefix=$(idir) \ - --with-libassuan-prefix=$(idir) \ - --enable-gpa-only - -speedo_pkg_w64_gpgex_configure = \ - --with-gpg-error-prefix=$(idir6) \ - --with-libassuan-prefix=$(idir6) \ - --enable-gpa-only - - # # External packages # @@ -759,60 +641,6 @@ speedo_pkg_gettext_extracflags = -O2 speedo_pkg_gettext_make_dir = gettext-runtime -speedo_pkg_glib_configure = \ - --disable-modular-tests \ - --with-libiconv=gnu \ - CPPFLAGS=-I$(idir)/include \ - LDFLAGS=-L$(idir)/lib \ - CCC=$(host)-g++ \ - LIBFFI_CFLAGS=-I$(idir)/lib/libffi-$(libffi_ver)/include \ - LIBFFI_LIBS=\"-L$(idir)/lib -lffi\" -ifeq ($(TARGETOS),w32) -speedo_pkg_glib_extracflags = -march=i486 -endif - -ifeq ($(TARGETOS),w32) -speedo_pkg_libpng_configure = \ - CPPFLAGS=\"-I$(idir)/include -DPNG_BUILD_DLL\" \ - LDFLAGS=\"-L$(idir)/lib\" LIBPNG_DEFINES=\"-DPNG_BUILD_DLL\" -else -speedo_pkg_libpng_configure = \ - CPPFLAGS=\"-I$(idir)/include\" \ - LDFLAGS=\"-L$(idir)/lib\" -endif - -ifneq ($(TARGETOS),w32) -speedo_pkg_gdk_pixbuf_configure = --without-libtiff --without-libjpeg -endif - -speedo_pkg_pixman_configure = \ - CPPFLAGS=-I$(idir)/include \ - LDFLAGS=-L$(idir)/lib - -ifeq ($(TARGETOS),w32) -speedo_pkg_cairo_configure = \ - --disable-qt --disable-ft --disable-fc \ - --enable-win32 --enable-win32-font \ - CPPFLAGS=-I$(idir)/include \ - LDFLAGS=-L$(idir)/lib -else -speedo_pkg_cairo_configure = \ - --disable-qt \ - CPPFLAGS=-I$(idir)/include \ - LDFLAGS=-L$(idir)/lib -endif - -speedo_pkg_pango_configure = \ - --disable-gtk-doc \ - CPPFLAGS=-I$(idir)/include \ - LDFLAGS=-L$(idir)/lib - -speedo_pkg_gtk__configure = \ - --disable-cups \ - CPPFLAGS=-I$(idir)/include \ - LDFLAGS=-L$(idir)/lib - - # --------- all: all-speedo @@ -1286,6 +1114,24 @@ clean-pkg-versions: @: >$(bdir)/pkg-versions.txt all-speedo: $(stampdir)/stamp-final +ifneq ($(TARGETOS),w32) + @(set -e;\ + cd "$(idir)"; \ + echo "speedo: Making RPATH relative";\ + for d in bin sbin libexec lib; do \ + for f in $$(find $$d -type f); do \ + if file $$f | grep ELF >/dev/null; then \ + $(PATCHELF) --set-rpath '$$ORIGIN/../lib' $$f; \ + fi; \ + done; \ + done; \ + echo "sysconfdir = /etc" >bin/gpgconf.ctl ;\ + echo "rootdir = $(idir)" >>bin/gpgconf.ctl ;\ + echo "speedo: /*" ;\ + echo "speedo: * Now copy $(idir)/ to the final location and" ;\ + echo "speedo: * adjust $(idir)/bin/gpgconf.ctl accordingly." ;\ + echo "speedo: */") +endif report-speedo: $(addprefix report-,$(speedo_build_list)) @@ -1357,9 +1203,6 @@ $(bdir)/inst-options.ini: $(w32src)/inst-options.ini cat $(w32src)/inst-options.ini >$(bdir)/inst-options.ini extra_installer_options = -ifeq ($(WITH_GUI),1) -extra_installer_options += -DWITH_GUI=1 -endif # Note that we sign only when doing the final installer. installer: all w32_insthelpers $(w32src)/inst-options.ini $(bdir)/README.txt diff --git a/common/w32info-rc.h.in b/common/w32info-rc.h.in index 1e76b58a9..bec152eb2 100644 --- a/common/w32info-rc.h.in +++ b/common/w32info-rc.h.in @@ -29,4 +29,4 @@ built on @BUILD_HOSTNAME@ at @BUILD_TIMESTAMP@\0" #define W32INFO_PRODUCTVERSION "@VERSION@\0" #define W32INFO_LEGALCOPYRIGHT "Copyright \xa9 \ -2023 g10 Code GmbH\0" +2024 g10 Code GmbH\0" diff --git a/configure.ac b/configure.ac index fc0590c14..26d7f7b55 100644 --- a/configure.ac +++ b/configure.ac @@ -525,7 +525,7 @@ AH_BOTTOM([ #define GNUPG_OPENPGP_REVOC_DIR "openpgp-revocs.d" #define GNUPG_CACHE_DIR "cache.d" -#define GNUPG_DEF_COPYRIGHT_LINE "Copyright (C) 2023 g10 Code GmbH" +#define GNUPG_DEF_COPYRIGHT_LINE "Copyright (C) 2024 g10 Code GmbH" /* For some systems (DOS currently), we hardcode the path here. For POSIX systems the values are constructed by the Makefiles, so that diff --git a/tests/cms/Makefile.am b/tests/cms/Makefile.am index b43fb1c91..557729770 100644 --- a/tests/cms/Makefile.am +++ b/tests/cms/Makefile.am @@ -99,6 +99,7 @@ EXTRA_DIST = $(XTESTS) $(KEYS) $(CERTS) $(TEST_FILES) \ samplekeys/opensc-test.p12 \ samplekeys/t5793-openssl.pfx \ samplekeys/t5793-test.pfx \ + samplekeys/t6752-ov-user-ff.p12 \ samplekeys/edward.tester@demo.gnupg.com.p12 \ samplekeys/nistp256-openssl-self-signed.p12 \ samplemsgs/pwri-sample.cbc.p7m \