1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-10-29 19:48:43 +01:00
Commit Graph

571 Commits

Author SHA1 Message Date
Werner Koch
f799b3ddbb
Post release updates
--
2020-08-27 14:55:48 +02:00
Werner Koch
0be5decc09
build: Silence gcc warning -Wformat-zero-length
* configure.ac: Avoid useless gcc warning.  We use an empty string
quite often, for example in log_printhex.
--
2020-08-26 15:13:43 +02:00
Werner Koch
829bc3bc60
build: New configure option --disable-tests
* configure.ac: Add option --disable-tests.  Print warnings in the
summary.
(DISABLE_TESTS): New am_conditional.
--
GnuPG-bug-id: 4960
2020-08-20 10:58:52 +02:00
NIIBE Yutaka
8904b18822 regexp: Fix generation of _unicode_mapping.c.
* configure.ac (AWK_HEX_NUMBER_OPTION): Detect GNU Awk.
* regexp/Makefile.am: Use AWK_HEX_NUMBER_OPTION.
* regexp/parse-unidata.awk: Don't use strtonum.

--

Backport master commit of:
	50b320952e

GnuPG-bug-id: 4915
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-07-15 14:18:09 +09:00
NIIBE Yutaka
199309190a gpg: Add regular expression support.
* AUTHORS, COPYING.other: Update.
* Makefile.am (SUBDIRS): Add regexp sub directory.
* configure.ac (DISABLE_REGEX): Remove.
* g10/Makefile.am (needed_libs): Add libregexp.a.
* g10/trustdb.c: Remove DISABLE_REGEX support.
* regexp/LICENSE, regexp/jimregexp.c, regexp/jimregexp.h,
  regexp/utf8.c, regexp/utf8.h: New from Jim Tcl.
* regexp/UnicodeData.txt: New from Unicode.
* regexp/Makefile.am, regexp/parse-unidata.awk: New.
* tests/openpgp/Makefile.am: Remove DISABLE_REGEX support.
* tools/Makefile.am: Remove DISABLE_REGEX support.

--

Backport master commit of:
	ba247a114c

GnuPG-bug-id: 4843
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-07-15 14:16:57 +09:00
Werner Koch
68dd4f4398
Post release updates
--
2020-07-09 13:06:32 +02:00
Werner Koch
381c54179c
common: Add missing error code GPG_ERR_WRONG_NAME.
* configure.ac: Require libgpg-error 1.25.
* common/util.h: Define some extra error codes.
--

This actually defines a few more error ocdes in case they are used by
backported code.  The requirement chnaged to 1.25 because erro codes
from there are also required.

GnuPG-bug-id: 4965
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-06-03 10:29:18 +02:00
Werner Koch
c6324ee07a
common: Change argument order of log_printhex.
* common/logging.c (log_printhex): Chnage order of args.  Make it
printf alike.  Change all callers.
* configure.ac: Add -Wno-format-zero-length
--

This makes it consistent with modern libgpgrt logging and thus eases
back porting from newer GnuPG versions which use libgpgrt logging.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-05-12 18:51:47 +02:00
Werner Koch
76d2a02dfe
wks: Take name of sendmail from configure.
* configure.ac (NAME_OF_SENDMAIL): New ac_define.
* tools/send-mail.c (run_sendmail): Use it.
--

We used to ac_subst the SENDMAIL in the old keyserver via mail script.
We can reuse this to avoid a fixed name for sendmail in the
send-mail.c helper.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 08147f8bbd)
GnuPG-bug-id: 4886
2020-03-30 17:38:26 +02:00
Werner Koch
bc7e56d9dc
Post release updates
--
2020-03-20 17:34:20 +01:00
Werner Koch
b27d30df62
Copyright notice updates et al.
--
2020-03-19 15:48:12 +01:00
Werner Koch
0bdbd37b87
Post release updates
--
2019-12-07 12:51:18 +01:00
Werner Koch
80971adbc1
Post release updates
--
2019-11-25 21:50:26 +01:00
Werner Koch
2671c4dda3
Post release updates
--
2019-07-09 16:56:20 +02:00
Werner Koch
f9934dcb57
Post release updates
--
2019-05-28 17:40:16 +02:00
Werner Koch
644cabc6b3
Post release updates
--
2019-03-26 15:10:38 +01:00
Werner Koch
d9af95de47
Post release updates
--
2019-03-19 12:10:18 +01:00
Werner Koch
e5580ae788
Post release updates
--
2019-02-12 18:37:40 +01:00
Werner Koch
7922e2dd1c
Release 2.2.13 2019-02-12 16:30:31 +01:00
Werner Koch
3520a7b1fc
Post release updates
--
2018-12-14 15:45:35 +01:00
Daniel Kahn Gillmor
0cf0f3aaf8
agent: compile-time configuration of s2k calibration.
* configure.ac: add --with-agent-s2k-calibration=MSEC, introduces
AGENT_S2K_CALIBRATION (measured in milliseconds)
* agent/protect.c (calibrate_s2k_count): Calibrate based on
AGENT_S2K_CALIBRATION.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
GnuPG-bug-id: 3399
(cherry picked from commit 926d07c5fa)
2018-12-11 17:29:45 +01:00
Jussi Kivilinna
21fdef6963
common: Use platform memory zeroing function for wipememory
* common/mischelp.h (wipememory): Replace macro with function
prototype.
(wipememory2): Remove.
* common/mischelp.c (wipememory): New.
* configure.ac (AC_CHECK_FUNCS): Check for 'explicit_bzero' and
remove duplicated checks.
--

In new wipememory function, memory is cleared through platform
provided secure memory zeroing function, SecureZeroMemory
or explicit_bzero.

If none of these is available, memset is called through
volatile function pointer to so that compiler won't optimize
away the call.

Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
(cherry picked from commit 2a650772b4)
2018-12-05 08:23:57 +01:00
Werner Koch
10157b4179
Post release updates.
--
2018-11-06 11:42:26 +01:00
Werner Koch
8a33d5c9c6
build: By default build wks-tools on all Unix platforms.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit b83fed64f8)
2018-10-26 14:59:51 +02:00
Werner Koch
4b5cddeb58
Post release updates.
--
2018-08-30 15:34:38 +02:00
Werner Koch
a6ce89b6ef
Post release updates
--
2018-07-12 16:31:34 +02:00
Werner Koch
e9667dd20a
Post release updates
--
2018-06-08 12:47:19 +02:00
Werner Koch
2e2ab4b69c
Post release updates
--
2018-05-02 22:02:40 +02:00
Werner Koch
ddfd39e91a
build: New configure option to help with nPth debugging.
* configure.ac: Add option --enable-npth-debug
--

This requires a not yet release nPth version to have an effect.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-05-02 17:06:22 +02:00
Werner Koch
f9fbfc64e4
dirmngr: Use the LDAP wrapper process also for Windows.
* dirmngr/ldap-wrapper.c: Revamp module to make use of es_poll for
portability.
* configure.ac: Always use the ldap wrapper.
--

Since the migration from GNU Pth to nPth the ldap wrapper never worked
reliable on Windows.  Our long term use of the old Window CE wrapper
thing didn't fixed this either.  The new code uses the portable
es_poll function and thus code which is tested at several other
places.  It Should(tm) fix the Windows issues.

GnuPG-bug-id: 3937
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-27 12:05:31 +02:00
Werner Koch
30081d2851
Post release updates
--
2018-04-09 22:25:37 +02:00
NIIBE Yutaka
71e5282c25 scd: Fix for GNU/Linux suspend/resume.
* configure.ac (require_pipe_to_unblock_pselect): Default is "yes".
* scd/scdaemon.c (scd_kick_the_loop): Minor clean up.

--

Normally SIGCONT or SIGUSR2 works for unblocking pselect.  But on my
machine with GNU/Linux, when a machine is suspend/resume-ed, pselect
keeps blocked, while signal itself is delivered.

It's better to use pipe.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-03-13 12:05:57 +09:00
Werner Koch
59ee87aae8
Post release updates.
--
2018-02-22 16:10:20 +01:00
Werner Koch
9581a65ccc
Release 2.2.5
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-02-22 15:32:36 +01:00
NIIBE Yutaka
015fe1c47b scd: Use pipe to kick the loop on NetBSD.
* configure.ac (HAVE_PSELECT_NO_EINTR): New.
* scd/scdaemon.c (scd_kick_the_loop): Write to pipe.
(handle_connections): Use pipe.

--

On NetBSD, signal to the same process cannot unblock pselect,
with unknown reason.  Use pipe instead, for such systems.

GnuPG-bug-id: 3778
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-02-07 12:43:07 +09:00
NIIBE Yutaka
d7207b39b7 agent: Fix last commit.
* configure.ac: Check ucred.h as well as sys/ucred.h.
* agent/command-ssh.c: Add inclusion of ucred.h.

--

It was T2981, adding ucred.h for Solaris.  We also need sys/ucred.h
for FreeBSD and macOS.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-01-26 10:42:31 +09:00
NIIBE Yutaka
08e686a6a6 agent: More fix for get_client_pid for portability.
* configure.ac: Check sys/ucred.h instead of ucred.h.
    * agent/command-ssh.c: Include sys/ucred.h.

--

It's *BSD and macOS thing.

Fixes-commit: f7f806afa5
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-01-26 10:13:34 +09:00
Kristian Fiskerstrand
a684988829
build: Increase libassuan min version to 2.5.0
--
assuan_sock_set_system_hooks is used unconditionally in gnupg since
commit 9f641430dc, and as such it requires
libassuan 2.5.0 (function introduced in
commit 90dc81682b13a7cf716a8a26b891051cbd4b0caf)

For a detailed description see:
https://lists.gnupg.org/pipermail/gnupg-devel/2017-December/033323.html
2017-12-22 13:35:42 +01:00
Werner Koch
84555d5372
Post release updates
--
2017-12-20 10:13:54 +01:00
Werner Koch
17efcd2a2a
build: New configure option --enable-run-gnupg-user-socket.
* configure.ac: (USE_RUN_GNUPG_USER_SOCKET): New ac_define.
* common/homedir.c (_gnupg_socketdir_internal): Add extra directories.
--

This allows to build GnuPG with an extra socketdir below /run.  See
https://lists.gnupg.org/pipermail/gnupg-devel/2017-November/033250.html
for a longer explanation why this is sometimes useful.

Suggested-by: Rainer Perske
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-12-12 09:42:43 +01:00
Werner Koch
e0140c0a6a
Post release updates
--
2017-11-20 13:35:36 +01:00
Werner Koch
04d9833e71
build: Use -Werror only for the check.
* configure.ac: Do not add -Werror to mycflags.
--

On Windows and possible also on other platforms we expect to a get a
few errors or warnins.  Thus we can't use -Werror by default.  This is
why we have a separate configure options --enable-werror ;-).

Fixes-commit: 3ecd1a41be
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-11-20 12:32:31 +01:00
NIIBE Yutaka
3ecd1a41be build: Check -Wlogical-op flag availability with -Werror.
* configure.ac: Use -Werror.

--

Using clang, -Wlogical-op doesn't fail but generates warning.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-11-20 12:01:31 +09:00
NIIBE Yutaka
e1984969ca build: BSD make support for yat2m.
* configure.ac (YAT2M): Only define when found.
* doc/Makefile.am: Portability fix.

--

This is not intended to apply to master, but 2.2 branch only.  When
new libgpg-error is required, installation of yat2m can be assumed.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-11-20 11:33:26 +09:00
Andre Heinecke
4f5afaf1fd
w32: Fix default registry path
* configure.ac (GNUPG_REGISTRY_DIR): Remove leading backslash.

--
Windows does not like the leading backslash and won't read
the key.
Problem reported in the Gpg4win Message boards.

This bug was introduced by rev. 75ba215e

Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
2017-11-15 11:44:53 +01:00
Werner Koch
6530aff692
Post release updates.
--
2017-11-07 11:04:44 +01:00
NIIBE Yutaka
b13972dfbf Fix comment of configure.
* configure.ac (BUILD_WITH_DIRMNGR): Comment fix.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-10-26 11:38:50 +09:00
Werner Koch
812fe29bff
build: New configure option --enable-werror
* configure.ac: Implement that option.
--

This can be used as a workaround in case of bogus autoconf tests.

GnuPG-bug-id: 2423
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-10-24 18:44:49 +02:00
Werner Koch
e417aaf698
build: Do not mess with CFLAGS in configure.
* configure.ac: Do not mess with the user provided CFLAGS.
--

A problem was claimed with some configure tests if the user provided
CFLAGS=-Werror.  The commit introducing this

Fixes-commit: 02eb9fc9d5

does not mention a concrete case.  Anyway, messing with CFLAGS is a
bad idea because configure tests will then test something different
than what is used later (cf. autoconf manual).  Tests which depend on
the whether -Werror is used needsto be fixed.

Note that in certain cases we modify CFLAGS.  This is only done for
some configure options or if the platform requires the use of special
compiler flags (e.g. on HP/UX).

GnuPG-bug-id: 2423
2017-10-24 18:34:28 +02:00
Werner Koch
e1f04616e4
Post release updates
--
2017-09-19 08:34:36 +02:00
Werner Koch
9e3d41bf72
Post release updates
--
2017-08-28 11:57:17 +02:00
Werner Koch
9d80fb8e00
Release 2.2.0 2017-08-28 11:18:26 +02:00
Werner Koch
008ae0bd86
build: Change SWDB tag "gnupg21" to "gnupg22".
* configure.ac (GNUPG_SWDB_TAG): New ac_define.  Set it to "gnupg22".
* tools/gpgconf.c (query_swdb): Use it.
* build-aux/speedo.mk: Change tag "gnupg21" to "gnupg22".
* Makefile.am (distcheck-hook): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-08-23 14:52:29 +02:00
Werner Koch
d6b40a9c86
Post release updates
--
2017-08-09 16:58:47 +02:00
Werner Koch
fb21aa8b50
build: New configure option --enable-all-tests.
* configure.ac: New option --enable-all-tests.
* tests/gpgscm/ffi.c (ffi_init): New gloabl var *run-all-tests*.
* tests/openpgp/all-tests.scm (all-tests): Use that var instead
of *maintainer-mode*.
* Makefile.am (AM_DISTCHECK_CONFIGURE_FLAGS): Add --enable-all-tests.
--

It is better to have a separate option to run all tests than to put
this on top of --enable-maintainer-mode.  This way we can also make
sure to run all tests during "make distcheck".

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-08-08 17:49:53 +02:00
Justus Winter
b0112dbca9
tests: Do not run all tests unless in maintainer mode.
* configure.ac: Leak the maintainer mode flag into 'config.h'.
* tests/gpgscm/ffi.c: Pass it into the scheme environment.
* tests/openpgp/all-tests.scm: Only run tests against non-default
configurations (keyring, extended-key-format) in maintainer mode.
--

Werner is concerned that the tests do take up too much time and asked
me to reduce the runtime of the tests for normal users.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-08-07 11:15:56 +02:00
Werner Koch
a69464b0b6
gpg: Install gpg by default under the name gpg.
* configure.ac: Remove option --enable-gpg2-is-gpg.  Add option
--enable-gpg-is-gpg2.
* build-aux/speedo.mk (speedo_pkg_gnupg_configure): Remove
--enable-gpg2-is-gpg.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-08-05 14:39:32 +02:00
Werner Koch
dd56bc411e
Post release updates
--
2017-07-28 20:10:16 +02:00
Werner Koch
24c7aa0d58
common: Strip trailing slashes from the homedir.
* common/homedir.c (default_homedir): Strip trailing slashes.
(gnupg_set_homedir): Ditto.

--

is_gnupg_default_homedir() does not ignore trailing slashes when
comparing directory names.  This can lead to multiple agents started
on the same directory if the homedir was specified with --homedir or
GNUPGHOME without or with a number of slashes.

We now make sure that the home directory name never ends in a
slash (except for the roo of course).

GnuPG-bug-id: 3295
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-07-25 15:22:48 +02:00
Werner Koch
5dac85fba7
doc: Revert the bug reporting address to bugs.gnupg.org
--

dev.gnupg org is the development platform but the canonical bug
address is and has always been bugs.gnupg.org.  We should keep on
using this address for the case that we switch the tracker again or
split it off the development system.

That is also the reason why we should keep on communicating a plain
bug number without the 'T' prefix.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-07-24 10:43:27 +02:00
Werner Koch
f6faa05874
doc: Prefer an installed version of yat2m
* configure.ac (YAT2M): Check for tool.
* doc/Makefile.am (yat2m-stamp): Use installed tool if possible.
--
2017-07-05 11:01:36 +02:00
Daniel Kahn Gillmor
705da1eb23 docs: Point to https://dev.gnupg.org/ .
Replace mentions of bugs.gnupg.org with https://dev.gnupg.org/.  Since
the project has transitioned to a better workflow for supporting
contributions, we should ensure that our documentation points to the
right place.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2017-05-18 15:05:57 -04:00
Werner Koch
99e68350a8
Post release updates
--
2017-05-15 17:21:58 +02:00
NIIBE Yutaka
5c8fe54809 Spelling fixes in docs and comments.
--

In addition, fix trailing spaces in tests/inittests.

GnuPG-bug-id: 3121
Reported-by: ka7 (klemens)
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-04-28 10:06:33 +09:00
NIIBE Yutaka
10519270d3 g13: Fix for Solaris.
* configure.ac: Check sys/mkdev.h.
* g13/sh-dmcrypt.c: Include sys/mkdev.h.

--

GnuPG-bug-id: 3098
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-04-20 20:43:29 +09:00
NIIBE Yutaka
c3cc9551dc g13: Include sys/sysmacros.h if available.
* configure.ac: Add test for sys/sysmacros.h.
* g13/sh-dmcrypt.c: Include sys/sysmacros.h.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-04-11 19:59:07 +09:00
Werner Koch
943176c732
Post release updates.
--
2017-04-03 21:54:53 +02:00
Justus Winter
6993e42088
build: Remove '--disable-tools' configuration option.
* Makefile.am (SUBDIRS): Unconditionally include 'tools'.
* configure.ac: Remove '--disable-tools' configuration option.
--
gpgconf is a core component nowadays and is always required.

GnuPG-bug-id: 2993
Signed-off-by: Justus Winter <justus@g10code.com>
2017-03-15 10:51:03 +01:00
Justus Winter
dd60e868d2
build: Use macOS' compatibility macros to enable all features.
* configure.ac: On macOS, use the compatibility macros to expose every
feature of the libc.  This is the equivalent of _GNU_SOURCE on GNU
libc.
--
Not defining this leads to compilation errors or superfluous warnings
on macOS.

GnuPG-bug-id: 2910
Signed-off-by: Justus Winter <justus@g10code.com>
2017-03-08 13:31:11 +01:00
Justus Winter
b71384c805
Revert "build: Improve CFLAGS handling."
This reverts commit 4b57359ef3.
2017-03-07 15:34:35 +01:00
Justus Winter
4b57359ef3
build: Improve CFLAGS handling.
* configure.ac: Strip any flags matching '-Werror' from CFLAGS before
running the tests, and add them back later on.
--
Previously, the tests were run with empty CFLAGS.  This caused
problems, e.g. on Fedora mmap was not detected due to some missing
CFLAGS while running the tests.

GnuPG-bug-id: 2423
Fixes-commit: 02eb9fc9d5
Signed-off-by: Justus Winter <justus@g10code.com>
2017-03-07 15:20:19 +01:00
NIIBE Yutaka
f7f806afa5 agent: Fix get_client_pid for portability.
* configure.ac: Simply check getpeerucred and ucred.h, and structure
members.
* agent/command-ssh.c: Include ucred.h.
(get_client_pid) [HAVE_STRUCT_SOCKPEERCRED_PID]: Use sockpeercred
structure for OpenBSD.
[LOCAL_PEERPID]: Use LOCAL_PEERPID for macOS.
[LOCAL_PEEREID]: Use LOCAL_PEEREID for NetBSD.
[HAVE_GETPEERUCRED]: Use getpeerucred for OpenSolaris.

--

This change also addresses following bug.

GnuPG-bug-id: 2981.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-03-07 14:06:35 +09:00
NIIBE Yutaka
ce37ada871 tools: More portable for openpty use.
* configure.ac (AC_CHECK_HEADERS): Add util.h libutil.h and termios.h.
* tools/symcryptrun.c: Include those headers.

--

This is for OpenBSD and FreeBSD.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-03-07 10:42:28 +09:00
Werner Koch
3cdb792007
Post release updates.
--
2017-03-01 19:26:16 +01:00
Werner Koch
246b27921b
build: Add kludge for "make distcheck" in a release build.
* configure.ac: New option --enable-gnupg-builddir-envvar.
(ENABLE_GNUPG_BUILDDIR_ENVVAR): New ac_define.
* common/homedir.c (gnupg_set_builddir_from_env): Consider
ENABLE_GNUPG_BUILDDIR_ENVVAR.
* Makefile.am (DISTCHECK_CONFIGURE_FLAGS): Rename to ...
(AM_DISTCHECK_CONFIGURE_FLAGS): this to be future proof.  Add option
--enable-gnupg-builddir-envvar.

--

Our regression test suite makes use of the envvar GNUPG_BUILDDIR.  Now
the code in gnupg for evaluating this envvar is only included in a
development version (that is one with a "-betaNNN" suffix).  For a
real release the envvar is not considered.  However during a "make
distcheck" a "make check" is done for the build directory.  Without
defining that envar we would try to run binaries in the install
directory ("_inst" sub-directory) which are not yet installed at that
time.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-01 18:40:05 +01:00
Werner Koch
9a1a5ca0bc
dirmngr: Load all system provided certificates.
* configure.ac: Add option --default-trust-store.
(DEFAULT_TRUST_STORE_FILE): New ac_define.
* dirmngr/certcache.c: Include ksba-io-support.h.
(total_trusted_certificates, total_system_trusted_certificates): New.
(put_cert): Manage the new counters.
(cert_cache_deinit): Reset them.
(cert_cache_print_stats): Print them.
(is_trusted_cert): Add arg WITH_SYSTRUST.  Change all callers to pass
false.
(load_certs_from_file): New.
(load_certs_from_system): New.
(cert_cache_init): Load system certificates.
--

Note that this code does not yet allow to load the system certificates
on Windows.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-16 18:58:27 +01:00
Werner Koch
309f464a59
agent: Tell the Pinentry the client's pid.
* configure.ac: Check for SO_PEERCRED et al.
* agent/agent.h (server_control_s): Add field 'client_pid'.
* agent/command.c (start_command_handler): Set CLIENT_PID.
* agent/command-ssh.c (get_client_pid): New.
(start_command_handler_ssh): Set CLIENT_PID.
* agent/call-pinentry.c (start_pinentry): Tell Pinentry the client-pid.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-03 17:13:08 +01:00
Werner Koch
14bc2fa43e
Post release updates
--
2017-01-23 22:24:20 +01:00
Werner Koch
5c0777e1ca
tests: Fix t-gettime for a time_t of 64 and a long of 32 bit.
* configure.ac (AC_CHECK_HEADERS): Add stdint.h.
* common/t-gettime.c: Include stdint.h.
(UINTMAX_C): Define replacement.
(test_isotime2epoch): Use UINTMAX_C for the >32 bit constants.
--

This is for example the case on 32 bit OpenBSD.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-01-12 10:39:19 +01:00
Werner Koch
c52930d11f
build: Enable gcc warnings to detect non-portable code.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-01-02 12:59:36 +01:00
Justus Winter
36c1413928 tests: Add test suite for gpgsm.
* configure.ac (AC_CONFIG_FILES): Add new file.
* tests/Makefile.am (SUBDIRS): Add new directory.
* tests/gpgsm/32100C27173EF6E9C4E9A25D3D69F86D37A4F939: New file.
* tests/gpgsm/Makefile.am: Likewise.
* tests/gpgsm/cert_dfn_pca01.der: Likewise.
* tests/gpgsm/cert_dfn_pca15.der: Likewise.
* tests/gpgsm/cert_g10code_test1.der: Likewise.
* tests/gpgsm/decrypt.scm: Likewise.
* tests/gpgsm/encrypt.scm: Likewise.
* tests/gpgsm/export.scm: Likewise.
* tests/gpgsm/gpgsm-defs.scm: Likewise.
* tests/gpgsm/import.scm: Likewise.
* tests/gpgsm/plain-1.cms.asc: Likewise.
* tests/gpgsm/plain-2.cms.asc: Likewise.
* tests/gpgsm/plain-3.cms.asc: Likewise.
* tests/gpgsm/plain-large.cms.asc: Likewise.
* tests/gpgsm/run-tests.scm: Likewise.
* tests/gpgsm/setup.scm: Likewise.
* tests/gpgsm/shell.scm: Likewise.
* tests/gpgsm/sign.scm: Likewise.
* tests/gpgsm/verify.scm: Likewise.
--
The certificates and keys are taken from GPGME's test suite.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-20 16:51:38 +01:00
Werner Koch
bff47f6ec0
Post release updates.
--
2016-12-20 12:07:23 +01:00
Werner Koch
e77b924fec
dirmngr: Fix setup of libdns for W32.
* configure.ac (DNSLIB) {W32]: Add -liphlpapi.
* dirmngr/dns-stuff.c [W32]: Include iphlpapi.h and define
WIN32_LEAN_AND_MEAN.
(libdns_init) [W32]: Use GetNetworkParams to get the nameserver.
* dirmngr/t-dns-stuff.c (init_sockets): New.
(main): Call it.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-12-17 21:57:10 +01:00
Justus Winter
948cca9c99 tests: Reuse GPGME's tests.
* configure.ac (AC_CONFIG_FILES): Add new Makefile.
* tests/Makefile.am (SUBDIRS): Add new directory.
* tests/gpgme/Makefile.am: New file.
* tests/gpgme/gpgme-defs.scm: Likewise.
* tests/gpgme/run-tests.scm: Likewise.
* tests/gpgme/setup.scm: Likewise.
* tests/gpgme/wrap.scm: Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-14 16:50:44 +01:00
Werner Koch
d34a2bb410
dirmngr: New configure option --disable-libdns.
* configure.ac: Add option --disable-libdns
(USE_LIBDNS): New ac_subst and am_conditional.
(USE_C99_CFLAGS): Set only if libdns is used.
* dirmngr/Makefile.am (dirmngr_SOURCES): Move dns.c and dns.h to ...
(dirmngr_SOURCES) [USE_LIBDNS0: here.
(t_common_src): Ditto.
* dirmngr/dirmngr.c (oRecursiveResolver): New constant.
(opts): New option "--recursive-resolver".
(parse_rereadable_options): Set option.
* dirmngr/t-dns-stuff.c (main): Add option --recursive-resolver.
* dirmngr/server.c (cmd_getinfo): Depend output of "dnsinfo" on the
new variables.
* dirmngr/dns-stuff.c: Include dns.h only if USE_DNSLIB is defined.
Also build and call dnslib functions only if USE_DNSLIB is defined.
(recursive_resolver): New var.
(enable_recursive_resolver): New func.
(recursive_resolver_p): New func.
--

In case users run into problems building GnuPG, the configure option
allows to disable that support and continue w/o Tor support using the
system resolver.

--recursive-resolver was easy enough to implement and may be useful in
some situation.  It does not fully work, though.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-12-14 15:57:17 +01:00
Werner Koch
392966aed9
dirmngr: Require a c99 compiler
* configure.ac (USE_C99_CFLAGS): New ac_subst.  Set to -std=gnu99 for
gcc.
* dirmngr/Makefile.am (AM_CFLAGS): Add USE_C99_CFLAGS.
(t_http_CFLAGS): Ditto.
(t_ldap_parse_uri_CFLAGS): Ditto.
(t_dns_stuff_CFLAGS): Ditto.
--

C99 and the GCC option is required for use with dns.c which makes
heavy use of C99 features.  We should consider to switch GnuPG
entirely to C99 but enable gcc warnings to detect features which are
not supported by not-real-c99 compilers and which makes audits
harder (VLA etc.).

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-12-14 15:57:16 +01:00
Justus Winter
2e734a3ce1
dirmngr,build: Remove support for ADNS.
* autogen.rc: Remove '--with-adns' argument.
* configure.ac: Remove check for ADNS.
* dirmngr/dns-stuff.c: Remove all code that uses ADNS.
* dirmngr/server.c (cmd_getinfo): Update status line.
* doc/dirmngr.texi: Do not mention ADNS.
--

We used ADNS to support queries over Tor.  However, our patch to ADNS
that adds Tor support was never accepted upstream.  Furthermore, there
are other shortcomings that let us to consider alternatives.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-14 15:52:01 +01:00
Werner Koch
304566d332
dirmngr: Add option --standard-resolver.
* dirmngr/dirmngr.c (oStandardResolver): New constant.
(opts): New option --standard-resolver.
(parse_rereadable_options): Set option.
* dirmngr/dns-stuff.c: Refactor all code to support the new option.
(standard_resolver): New var.
(enable_standard_resolver, standard_resolver_p): New func.
* dirmngr/http.c (connect_server): Remove USE_DNS_SRV build
conditional.
* dirmngr/ks-engine-hkp.c (map_host): Ditto.
* dirmngr/server.c (cmd_getinfo) <dnsinfo>: Take care of new option
* configure.ac (HAVE_ADNS_IF_TORMODE): Remove var ADNSLIB.  ac_define
USE_ADNS in the adns checking code.  Remove options --disable-dns-srv
and --disable-dns-cert.  Always look for the system resolver.  Print
warning if no system resolver was found.
(USE_DNS_CERT, USE_DNS_SRV): Remove ac_defines.
(HAVE_SYSTEM_RESOLVER): New ac_define.
(USE_DNS_SRV): Remove am_conditional; not used anyway.
--

This option allows for runtime switching to the system's standard
resolver.  This is mainly useful to work around possible bugs in the
optional resolver libraries (as of now ADNS).  Note that on Windows
there is no code to use systems's resolver and thus for full
functionality dirmngr must be build with a separate resolver.

This patch also does way with configure options to disable the use of
CERT and SRV records.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-12-01 16:40:32 +01:00
Werner Koch
7e174fcc74
Post release updates.
--
2016-11-18 21:50:34 +01:00
Daniel Kahn Gillmor
8fb4822524
dirmngr: Use a default keyserver if none is explicitly set
* configure.ac: Define DIRMNGR_DEFAULT_KEYSERVER.
* dirmngr/server.c (ensure_keyserver): Use it if no keyservers are set.
* doc/dirmngr.texi: Document this behavior.

--

A user who doesn't specify a keyserver, but asks gnupg to fetch a key
currently just gets a simple error messages "No keyserver available".

If the user is asking to contact a keyserver, we should have a
reasonable default, and not require them to fiddle with settings when
they might not know what settings to choose.  This patch makes the
default hkps://hkps.pool.sks-keyservers.net.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-11-17 15:29:35 +01:00
Werner Koch
4d7dc432b5
Change all http://www.gnu.org in license notices to https://
--
2016-11-05 12:02:19 +01:00
Daniel Kahn Gillmor
5e693ddfbe build: Fix misspelled dirmngr.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-11-02 13:00:46 +01:00
Werner Koch
ad491ceec6
common: New function gnupg_usleep.
* configure.ac (HAVE_NANOSLEEP): Test for nanosleep.
* common/sysutils.c: Always include time.h.
(gnupg_usleep): New.
--

This function has been compiled from nPth and Libassuan.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-10-31 12:24:45 +01:00
Werner Koch
0b0f9a3788
agent: Use straightforward names for the default socket names.
* configure.ac (GPG_AGENT_SOCK_NAME): Change name to *.extra.
(GPG_AGENT_EXTRA_SOCK_NAME): Change name to *browser.
--

There has been quite some fuzz about the naming of the (new) default
socket files.  The used names do not match the names of the option.
Because these are just names we now change the names to match the
names of the options instead of changing the option names to something
we can't agree upon.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-10-16 23:26:04 +02:00
Justus Winter
4a232d23a8 build,w32: Unconditionally build tests.
* configure.ac (run_tests, RUN_TESTS, RUN_GPG_TESTS): Remove
variables.  They are misleadingly named, as they inhibit building the
tests.  There is no reason not to build the tests even when
cross-compiling, as they are only run if one does 'make check'.
* Makefile: Adapt accordingly.
* tests/Makefile.am: Adapt accordingly.  Avoid building 'asschk' on
Windows as it uses non-portable functions.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-10-04 13:23:17 +02:00
Justus Winter
e11686f973 agent: Enable restricted, browser, and ssh socket by default.
* agent/gpg-agent.c (main): Provide defaults for 'extra-socket' and
'browser-socket', enable ssh socket by default, but do not emit the
'SSH_AUTH_SOCK' variable unless it has been explicitly requested.
* configure.ac (GPG_AGENT_{EXTRA,BROWSER}_SOCK_NAME): New definitions.
* doc/gpg-agent.texi: Update documentation.
--

This change enables the restricted, browser, and ssh socket by
default.  Note that in all cases, the user has to do some additional
configuration to her setup to make use of these features.  Therefore,
this should not break any existing setups, but makes it simpler to
discover and use these features.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-09-30 12:06:02 +02:00
Justus Winter
2e64ccb0f9 build: Fix check for resolver library on macOS.
* configure.ac: Check for the mangled name of 'dn_skipname' first.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-09-27 17:20:01 +02:00
Werner Koch
650356148a
agent: Terminate on deletion of the socket file (Linux only).
* configure.ac (AC_CHECK_FUNCS): Chec for inotify_init.
* agent/gpg-agent.c [HAVE_INOTIFY_INIT]: Include sys/inotify.h.
(my_inotify_is_name) [HAVE_INOTIFY_INIT]: New.
(handle_connections) [HAVE_INOTIFY_INIT]: New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-06 11:00:12 +02:00
Werner Koch
d4bd9743cf
Post release updates.
--
2016-08-18 18:23:28 +02:00
Fredrik Fornwall
583a464c62 build: Fix check for Android.
* configure.ac: Match other Android targets as well.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-07-27 12:31:19 +02:00