diff --git a/.gitignore b/.gitignore index 2a62ed5..4894f4f 100644 --- a/.gitignore +++ b/.gitignore @@ -10,6 +10,7 @@ proguard-project.txt # assets/busybox assets/cdebootstrap.tar +assets/gpgv external/cdebootstrap/cdebootstrap-static-0.*/ external/cdebootstrap/cdebootstrap.tar external/debian-archive-keyring/debian-archive-keyring-201*/ diff --git a/README.md b/README.md index bca91f4..f330297 100644 --- a/README.md +++ b/README.md @@ -166,9 +166,10 @@ externals/Makefile using a custom config file. gpgv ---- -https://github.com/guardianproject/gnupg-for-android +git://git.gnupg.org/gnupg.git -Building gpgv for Android is quite complicated, so the binary is included in -this project. The binary is built from source using the gnupg-for-android -build system. The binary ends up in external/data/ called gpgv2-static. To -build it yourself, follow the included instructions. +Only `gpgv` is needed, so it is built from GnuPG v1.4.x. It is built +statically to get around PIE vs non-PIE. If an executable is built fully +statically, with no dynamic linking at all, then the same binary will work on +both PIE systems (android-21 and above), and systems where PIE does not work +(older than android-16). diff --git a/assets/gpgv b/assets/gpgv deleted file mode 100755 index 2775a9f..0000000 Binary files a/assets/gpgv and /dev/null differ diff --git a/external/Makefile b/external/Makefile index 701f034..630a1ec 100644 --- a/external/Makefile +++ b/external/Makefile @@ -70,12 +70,13 @@ export TZ=UTC .PHONY: all assets clean distclean -all: $(EXTERNAL_ROOT)/busybox/busybox +all: $(EXTERNAL_ROOT)/busybox/busybox $(EXTERNAL_ROOT)/gnupg/g10/gpgv make -C $(EXTERNAL_ROOT)/cdebootstrap assets: all install $(EXTERNAL_ROOT)/busybox/busybox \ $(EXTERNAL_ROOT)/cdebootstrap/cdebootstrap.tar \ + $(EXTERNAL_ROOT)/gnupg/g10/gpgv \ $(ASSETS)/ @@ -94,6 +95,39 @@ $(EXTERNAL_ROOT)/busybox/busybox: $(EXTERNAL_ROOT)/busybox/.config echo "TIMESTAMP: $(TIMESTAMP)" faketime -f $(TIMESTAMP) make -C $(EXTERNAL_ROOT)/busybox/ + +$(EXTERNAL_ROOT)/gnupg/configure: $(EXTERNAL_ROOT)/gnupg/configure.ac + cd $(EXTERNAL_ROOT)/gnupg && \ + ./autogen.sh --force + +$(EXTERNAL_ROOT)/gnupg/Makefile: $(EXTERNAL_ROOT)/gnupg/configure + cd $(EXTERNAL_ROOT)/gnupg && \ + SYSROOT=$(NDK_SYSROOT) \ + AR="$(AR)" \ + CC="$(CC)" \ + LD="$(LD)" \ + CFLAGS="$(ALL_CFLAGS)" \ + LDFLAGS="$(ALL_LDFLAGS) -static" \ + ./configure \ + --host=$(HOST) \ + --disable-agent-support \ + --disable-bzip2 \ + --disable-card-support \ + --disable-exec \ + --disable-keyserver-helpers \ + --disable-hkp \ + --disable-ldap \ + --disable-nls \ + --disable-photo-viewers + +$(EXTERNAL_ROOT)/gnupg/g10/gpgv: $(EXTERNAL_ROOT)/gnupg/Makefile + make -C $(EXTERNAL_ROOT)/gnupg/cipher + make -C $(EXTERNAL_ROOT)/gnupg/mpi + make -C $(EXTERNAL_ROOT)/gnupg/util + make -C $(EXTERNAL_ROOT)/gnupg/zlib + make -C $(EXTERNAL_ROOT)/gnupg/g10 + $(STRIP) $(EXTERNAL_ROOT)/gnupg/g10/gpgv + # to re-download and verify that the .debs included in git match the official # Debian ones verify-debian-packages: clean @@ -101,13 +135,14 @@ verify-debian-packages: clean -rm $(EXTERNAL_ROOT)/cdebootstrap/cdebootstrap-static*.deb make -C $(EXTERNAL_ROOT)/cdebootstrap -clean: +clean: rm -f -- $(EXTERNAL_ROOT)/busybox/.config rm -f -- $(EXTERNAL_ROOT)/busybox/busybox -cd $(EXTERNAL_ROOT)/busybox/ && \ patch -N -R -p1 --reject-file=- < ../003-mount-umount-fsck-df.patch make -C $(EXTERNAL_ROOT)/busybox/ clean make -C $(EXTERNAL_ROOT)/cdebootstrap/ clean + make -C $(EXTERNAL_ROOT)/gnupg/ clean make -C $(EXTERNAL_ROOT)/debian-archive-keyring/ clean distclean: clean