diff options
author | Cy Schubert <cy@FreeBSD.org> | 2021-05-23 03:36:23 +0000 |
---|---|---|
committer | Cy Schubert <cy@FreeBSD.org> | 2021-05-23 03:41:32 +0000 |
commit | 527821a60c9f2e706a0549ac23c8ddc6d8b778c3 (patch) | |
tree | 6a9ae3cc34967d10b373a19bf861f256adb56f10 | |
parent | 865a2a94e8fd819d5598b3f2230db4e82ff7fc44 (diff) | |
download | ports-527821a60c9f2e706a0549ac23c8ddc6d8b778c3.tar.gz ports-527821a60c9f2e706a0549ac23c8ddc6d8b778c3.zip |
security/libgcrypt: Make static an option
Static linked binaries, due to the fact that they're statically linked,
can pose a security risk should a library be updated and depending
software not be recompiled and linked. This was a hot topic on BUGTRAQ
about 25 years ago.
The default is to build static libraries so as not to alter the package
avoiding a POLA violation.
PR: 255735
Submitted by: Daniel Engberg <daniel.engberg.lists@pyret.net> (mostly)
Reported by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Reviewed by: cy
Tested by: cy
MFH: 2021Q2
-rw-r--r-- | security/libgcrypt/Makefile | 8 | ||||
-rw-r--r-- | security/libgcrypt/pkg-plist | 2 |
2 files changed, 7 insertions, 3 deletions
diff --git a/security/libgcrypt/Makefile b/security/libgcrypt/Makefile index 50bdb9691697..6e3635f6977e 100644 --- a/security/libgcrypt/Makefile +++ b/security/libgcrypt/Makefile @@ -17,7 +17,7 @@ USES= cpe libtool makeinfo tar:bzip2 CPE_VENDOR= gnupg USE_CSTD= gnu89 GNU_CONFIGURE= yes -CONFIGURE_ARGS= --disable-drng-support --enable-static=yes +CONFIGURE_ARGS= --disable-drng-support CONFIGURE_ENV= MAKEINFO="${MAKEINFO} --no-split" CONFIGURE_TARGET=${ARCH:S/amd64/x86_64/}-portbld-${OPSYS:tl}${OSREL} USE_LDCONFIG= yes @@ -28,7 +28,11 @@ DOCS= AUTHORS ChangeLog ChangeLog-2011 INSTALL NEWS THANKS TODO \ INFO= gcrypt PORTDOCS= * -OPTIONS_DEFINE= DOCS +OPTIONS_DEFINE= DOCS STATIC +OPTIONS_DEFAULT= DOCS STATIC +OPTIONS_SUB= yes + +STATIC_CONFIGURE_ENABLE= static .include <bsd.port.options.mk> diff --git a/security/libgcrypt/pkg-plist b/security/libgcrypt/pkg-plist index b09d7fdf9bf5..00796bc75bb1 100644 --- a/security/libgcrypt/pkg-plist +++ b/security/libgcrypt/pkg-plist @@ -3,7 +3,7 @@ bin/dumpsexp bin/hmac256 bin/libgcrypt-config include/gcrypt.h -lib/libgcrypt.a +%%STATIC%%lib/libgcrypt.a lib/libgcrypt.so lib/libgcrypt.so.20 lib/libgcrypt.so.20.3.3 |