1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

565 Commits

Author SHA1 Message Date
Werner Koch
5fd5e7433d
dirmngr: Require gnutls 3.2
* dirmngr/http.c: Remove gnutls version specific code.
(send_request): Factor some code out to ...
(run_proxy_connect): new.
(mk_proxy_request): new.
(mk_std_request): new.
* configure.ac (NEED_GNUTLS_VERSION): Require 3.2.
--

This patch is to factor out some code and also to remove support for
legacy gnutls versions.  Note that gnutls 3.2 was released 10 years
ago.
2023-09-26 12:37:45 +02:00
Werner Koch
f4b72c4eb7
dirmngr: Cleanup the http module.
* configure.ac (NEED_NTBTLS_VERSION): Require at least 0.2.0 so that
we can remove a conditional compilation.

* dirmngr/http.c (struct proxy_info_s): New.
(release_proxy_info): New to keep proxy information in one object.
(send_request): Factor some code out to ...
(get_proxy_for_url): this,
(send_request_basic_checks): this,
(send_request_set_sni): this,
(run_ntbtls_handshake): this,
(run_gnutls_handshake): and this.
--

Note that this also removes some never used code.  For example the
NTBTLS handshake has code taken from GNUTLS which was never used due
to the different ways on how the certificates are checked.

The proxy code has been factored out to make to prepare further
authentication methods.  The proxy_info_t was introduced for the same
reason.

Tested against gnutls and ntbtls builds.  No proxy tests yet done,
because we need more sophisticated tests anyway.

GnuPG-bug-id: 5768
2023-09-18 17:37:47 +02:00
NIIBE Yutaka
292caef663
build: Fix detection of sigdescr_np for newer glibc.
* configure.ac: Check sigdescr_np.

--

Fixes-commit: cdb053620a4ca4e3b97bf47e62f8935bcda460cb
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-09-06 09:53:05 +09:00
Werner Koch
edbd259875
build: Remove m4 macro defs which are not anymore used.
* configure.ac (GNUPG_FUNC_MKDIR_TAKES_ONE_ARG): Do not use.
* acinclude.m4 (GNUPG_FUNC_MKDIR_TAKES_ONE_ARG): Remove unused macro
defs.
(GNUPG_CHECK_FAQPROG): Ditto.
(GNUPG_CHECK_DOCBOOK_TO_TEXI): Ditto.
(GNUPG_CHECK_MLOCK): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 6397cf5fbe3bbc1f616431b011f76e031a387d4c)
2023-08-31 10:29:47 +02:00
NIIBE Yutaka
50e59f88c4
build: Use modern Autoconf check for types.
* common/types.h: Use HAVE_TYPE_BYTE, HAVE_USHORT_TYPEDEF,
HAVE_ULONG_TYPEDEF, HAVE_U16_TYPEDEF, and HAVE_TYPE_U32.
* configure.ac (byte, ushort, ulong, u16, u32): Use AC_CHECK_TYPES.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit aeeb8e975dc740cb79954de7fec4fcfe902d3a42)
2023-08-31 10:29:21 +02:00
NIIBE Yutaka
51dc05c308
build: Update for newer autoconf.
* configure.ac (AC_PREREQ): Use >= 2.69.
(AC_CONFIG_HEADERS): Use it, instead of AC_CONFIG_HEADER.
(AC_HEADER_STDC, AC_HEADER_TIME): Remove obsolete macros.
(sys/time.h): Add the check of the header.
(time_t): Don't use TIME_WITH_SYS_TIME.
* acinclude.m4 (AC_HEADER_TIME): Don't require.
Don't use TIME_WITH_SYS_TIME.
* dirmngr/dns.c: Don't use TIME_WITH_SYS_TIME.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit 6b4441a7de9d7090bb3b1570a12e1e8bce0554cb)
2023-08-31 10:25:45 +02:00
NIIBE Yutaka
cdb053620a
build: Update to newer autoconf constructs.
* acinclude.m4 (GNUPG_CHECK_ENDIAN): Use AC_COMPILE_IFELSE instead of
AC_TRY_COMPILE.  Use AC_RUN_IFELSE instead of AC_TRY_RUN.
(GNUPG_BUILD_PROGRAM): Use AS_HELP_STRING instead of AC_HELP_STRING.
* configure.ac: Use AC_USE_SYSTEM_EXTENSIONS instead of AC_GNU_SOURCE.
Use AS_HELP_STRING instead of AC_HELP_STRING.
(AC_ISC_POSIX): Replace by AC_SEARCH_LIBS.
(AC_TYPE_SIGNAL): Remove.
* m4/isc-posix.m4: Remove.
* m4/codeset.m4: Update from gnulib.
* m4/gettext.m4: Update from gnulib.
* m4/lcmessage.m4: Update from gnulib.
* m4/socklen.m4: Update from gnulib.
* m4/ldap.m4: Use AS_HELP_STRING instead of AC_HELP_STRING.
Use AC_LINK_IFELSE instead of AC_TRY_LINK.
Use AC_RUN_IFELSE instead of AC_TRY_RUN.
* m4/gpg-error.m4: Update from libgpg-error.
* m4/readline.m4: Update from libgpg-error.
* m4/npth.m4: Update from npth.
* m4/libassuan.m4: Update from libassuan.
* m4/libgcrypt.m4: Update from libgcrypt.
* m4/ksba.m4: Update from libksba.
* m4/ntbtls.m4: Update from ntbtls.
* common/signal.c [!HAVE_DOSISH_SYSTEM] (init_one_signal): Replace
RETSIGTYPE to void.
[!HAVE_DOSISH_SYSTEM] (got_fatal_signal, got_usr_signal): Likewise.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit d66fb3aa53a6c4a815fe35a15e3c61886c5df628)

Still a lot of warnings.  Need to cherry pick more stuff.
2023-08-31 10:05:32 +02:00
Werner Koch
625fb54899
w32: Add missing manifests and set a requestedExecutionLevel.
* agent/gpg-agent.w32-manifest.in: New.
* dirmngr/dirmngr-client-w32info.rc: New.
* dirmngr/dirmngr-client.w32-manifest.in: New.
* dirmngr/dirmngr-w32info.rc: New.
* dirmngr/dirmngr.w32-manifest.in: New.
* dirmngr/dirmngr_ldap-w32info.rc: New.
* dirmngr/dirmngr_ldap.w32-manifest.in: New.
* g10/gpgv-w32info.rc: New.
* g10/gpgv.w32-manifest.in: New.
* kbx/keyboxd.w32-manifest.in: New.
* scd/scdaemon.w32-manifest.in: New.
* sm/gpgsm.w32-manifest.in: New.
--

This avoids the use of the VirtualStore uner Windows.

GnuPG-bug-id: 6503

Backported from 2.4; some manifest files already existed in 2.2 but
not in 2.4
2023-05-25 11:10:21 +02:00
Werner Koch
841c691128
Update copyright notices
--
2023-01-16 13:25:22 +01:00
Werner Koch
8c0dedd99b
Post release updates
--
2022-12-09 10:46:26 +01:00
Werner Koch
70ec346fb4
Post release updates
--

Also switch speedo to use https instead of ftp for download.
2022-10-13 17:02:47 +02:00
Werner Koch
268e876ee2
Post release updates
--
2022-09-02 15:40:09 +02:00
Werner Koch
9eb03b722c
Post release updates
--
2022-09-01 13:35:39 +02:00
Werner Koch
afa64aceab
Post release updates
--
2022-08-24 17:16:22 +02:00
Werner Koch
3777bc6528
Post release updates
--
2022-07-06 20:17:29 +02:00
Werner Koch
740c02f33a
Post release updates
--

This also includes a speedo update for the Scute based authenticode
thing which has been manually added to speedo.mk at the end of the
release process of 2.2.35.
2022-04-25 19:05:15 +02:00
Werner Koch
5f3e857ef6
Post release updates
--
2022-02-07 21:44:36 +01:00
Werner Koch
ce6e0b172e
Update copyright notices.
--

Note that for this LTS version we now print g10 Code as the first
copyright holder with --version.  This is to avoid confusion at our
customers, now that we also provide a Linux^WGNU/Linux version of
GnuPG VS-Desktop and the Windows version has always shown g10 Code.
2022-02-07 18:22:30 +01:00
Werner Koch
65c80d6b0f
Post release updates
--
2021-11-23 11:48:27 +01:00
Werner Koch
bb750cf4ba
Post release updates
--
2021-10-06 21:15:11 +02:00
Werner Koch
48dc463ada
Post release updates
--
2021-09-16 11:54:18 +02:00
NIIBE Yutaka
0ca84cbdf0 build: Fix removal of AC_TYPE_SIGNAL.
* configure.ac: AC_TYPE_SIGNAL is still needed.

--

Fixes-commit: d5f9481186eaf2ff28d7ab04fd36f0bbd1c9714d
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2021-08-27 09:58:47 +09:00
NIIBE Yutaka
d5f9481186 common: Fix get_signal_name for GNU/Linux.
* common/signal.c (get_signal_name): Use sigdescr_np if available.
* configure.ac: Check the function.

--

Backport master commit of:
	c4ba712736ddeda66055567874d573e79d22666b

GnuPG-bug-id: 5568
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2021-08-27 08:50:12 +09:00
Werner Koch
f64e0f63d6
Post release updates
--
2021-08-26 21:13:30 +02:00
Werner Koch
4952ed9584
Post release updates
--
2021-07-04 17:23:56 +02:00
Werner Koch
47c4e3e00a
dirmngr: Change the default keyserver.
* configure.ac (DIRMNGR_DEFAULT_KEYSERVER): Change to
keyserver.ubuntu.com.

* dirmngr/certcache.c (cert_cache_init): Disable default pool cert.
* dirmngr/http-ntbtls.c (gnupg_http_tls_verify_cb): Ditto.
* dirmngr/http.c (http_session_new): Ditto.

* dirmngr/server.c (make_keyserver_item): Use a different mapping for
the gnupg.net names.
--

Due to the unfortunate shutdown of the keyserver pool, the long term
defaults won't work anymore.  Thus it is better to change them.

For https access keyserver.ubuntu.com is now used because it can be
expected that this server can stand the load from newer gnupg LTS
versions.

For http based access the Dutch Surfnet keyserver is used.  However
due to a non-standard TLS certificate this server can not easily be
made the default for https.

Note: that the default server will be changed again as soon as a new
connected keyserver infrastructure has been established.
2021-06-25 19:15:24 +02:00
NIIBE Yutaka
8ee4c8d1e0 dirmngr: Remove use of USE_LDAPWRAPPER.
* configure.ac (USE_LDAPWRAPPER): Remove.
* dirmngr/Makefile.am: Use USE_LDAP instead of USE_LDAPWRAPPER.
* dirmngr/ldap-wrapper-ce.c: Remove.
* dirmngr/ldap-wrapper.h, dirmngr/ldap-wrapper.c: Remove
USE_LDAPWRAPPER things.

--

Backported-from-master: 4c295646ba0e175743e6be13457308c1e6d21dd3
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2021-06-11 10:06:24 +09:00
Werner Koch
fd2571e8fa
Post release updates
--
2021-06-10 19:44:16 +02:00
NIIBE Yutaka
40b2890b43 build: _DARWIN_C_SOURCE should be 1.
* configure.ac (*-apple-darwin*): Set _DARWIN_C_SOURCE 1.

--

GnuPG-bug-id: 5440
Reported-by: Jay Freeman
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2021-05-27 13:33:34 +09:00
Werner Koch
26de9c400e
build: Silence a cimpiler warning also in non-maintainer mode.
--

This yields less warnings during a release build.
2021-05-04 12:47:44 +02:00
Werner Koch
2ba2b7644e
Post release updates
--
2021-01-11 19:55:46 +01:00
Werner Koch
4c53b2b867
Update copyright notices.
--
2021-01-11 18:40:45 +01:00
Werner Koch
1d5c4788ff
Post release updates
--
2020-12-21 19:09:58 +01:00
Werner Koch
725f4a487f
build: Remove the code to build symcryptrun
--

syncryptrun is too ancient to be of any use and has not been tested in
many years.  Thus we should not allow to build it.
2020-12-21 17:24:44 +01:00
Werner Koch
a028f24136
Backport of the new option parser from 2.3
* configure.ac (GPGRT_ENABLE_ARGPARSE_MACROS): Define.
* common/argparse.c, common/argparse.h: Rewrite.
* tests/gpgscm/main.c: Switch to the new option parser.

* g10/gpg.c: Switch to the new option parser and enable a global conf
file.
* g10/gpgv.c: Ditto.
* agent/gpg-agent.c: Ditto.
* agent/preset-passphrase.c: Ditto.
* agent/protect-tool.c: Ditto.
* scd/scdaemon.c: Ditto.
* dirmngr/dirmngr.c: Ditto.
* dirmngr/dirmngr_ldap.c: Ditto
* dirmngr/dirmngr-client.c: Ditto.
* kbx/kbxutil.c: Ditto.
* tools/gpg-card.c: Ditto.
* tools/gpg-check-pattern.c: Ditto.
* tools/gpg-connect-agent.c: Ditto.
* tools/gpg-pair-tool.c: Ditto.
* tools/gpg-wks-client.c: Ditto.
* tools/gpg-wks-server.c: Ditto.
* tools/gpgconf.c: Ditto.
* tools/gpgsplit.c: Ditto.
* tools/gpgtar.c: Ditto.
* g13/g13.c: Ditto.
* g13/g13-syshelp.c: Ditto.  Do not force verbose mode.
* sm/gpgsm.c: Ditto. Add option --no-options.
--

This is backport from master

commit cdbe10b762f38449b86da69076209324b0c99982
commit ba463128ce65a0f347643f7246a8e097c5be19f1
commit 3bc004decd289810bc1b6ad6fb8f47e45c770ce6
commit 2c823bd878fcdbcc4f6c34993e1d0539d9a6b237
commit 0e8f6e2aa98c212442001036fb5178cd6cd8af59

but without changing all functions names to gpgrt.  Instead we use
wrapper functions which, when building against old Libgpg-error
versions, are implemented in argparse.c using code from the current
libgpg-error.  This allows to keep the dependency requirement at
libgpg-error 1.27 to support older distributions.  Tested builds
against 1.27 and 1.40-beta.

Note that g13-syshelp does not anymore default to --verbose because
that can now be enabled in /etc/gnupg/g13-syshelp.conf.

GnuPG-bug-id: 4788
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-12-04 12:12:20 +01:00
Werner Koch
abd9aeecfb
Post release updates
--
2020-11-23 18:40:55 +01:00
Werner Koch
126fa09f8b
Post release updates
--
2020-11-17 10:51:01 +01:00
Werner Koch
549dc8cfe9
Require libksba 1.3.5
* configure.ac (NEED_KSBA_VERSION): Set to 1.3.5.
--

Minor update to make sure that important fixes are used.  That version
was release in 2016 and thus before the new requirement for Libgcrypt
1.8.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-09 12:16:42 +01:00
Werner Koch
fc01ae5071
Require Libgpg-error 1.27
* configure.ac (NEED_GPG_ERROR_VERSION): Require 1.27
* common/util.h: Remove compatibility macros.
--

This is just a minor change to align with the need for Libgcrypt 1.8.
The latter was first released in summer 2017 while Libgpg-error 1.27
was released earlier in spring that year.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-09 12:10:48 +01:00
Werner Koch
99ab3aed15
Require Libgcrypt 1.8
* configure.ac (NEED_LIBGCRYPT_VERSION): Require 1.8.
* tools/gpgconf.c (show_version_libgcrypt): Remove conditional case
for Libgcrypt < 1.8.
* common/compliance.c (gnupg_rng_is_compliant): Ditto.
* agent/pksign.c: Ditto.
* agent/gpg-agent.c (thread_init_once): Ditto.
(agent_libgcrypt_progress_cb): Ditto.
* agent/command.c (cmd_getinfo): Ditto.
--

Libgcrypt 1.7 reached end-of-life more than a year ago.  Thus there is
no reason to keep backward support for it.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-09 12:03:19 +01:00
Werner Koch
77e416741a
build: Fix SENDMAIL define for a PATH with spaces.
* configure.ac: Fix use of $PATH
2020-10-04 20:47:13 +02:00
Werner Koch
c81f02c959
w32: Add manifest files to most binaries
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-10-02 17:04:12 +02:00
Werner Koch
239e60a37f
gpgconf,w32: Add manifest so we get the correct windows version.
* common/w32info-rc.h.in: Update copyright info.
* tools/gpg-connect-agent-w32info.rc: Tweak file info.
* tools/gpgconf-w32info.rc: New.
* tools/gpgconf.w32-manifest.in: New.
* configure.ac: Add new .in file.
* tools/Makefile.am (EXTRA_DIST): Add them.
(gpg_connect_agent_robjs, gpgconf_robjs): New.
(gpgconf_LDADD): Add resource file.
(gpg_connect_agent_LDADD): Change name of resource macro.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-10-02 14:24:04 +02:00
Werner Koch
390ae3c309
Post release updates
--
2020-09-03 17:49:21 +02:00
Werner Koch
f799b3ddbb
Post release updates
--
2020-08-27 14:55:48 +02:00
Werner Koch
0be5decc09
build: Silence gcc warning -Wformat-zero-length
* configure.ac: Avoid useless gcc warning.  We use an empty string
quite often, for example in log_printhex.
--
2020-08-26 15:13:43 +02:00
Werner Koch
829bc3bc60
build: New configure option --disable-tests
* configure.ac: Add option --disable-tests.  Print warnings in the
summary.
(DISABLE_TESTS): New am_conditional.
--
GnuPG-bug-id: 4960
2020-08-20 10:58:52 +02:00
NIIBE Yutaka
8904b18822 regexp: Fix generation of _unicode_mapping.c.
* configure.ac (AWK_HEX_NUMBER_OPTION): Detect GNU Awk.
* regexp/Makefile.am: Use AWK_HEX_NUMBER_OPTION.
* regexp/parse-unidata.awk: Don't use strtonum.

--

Backport master commit of:
	50b320952e99ea20f9b77c6c501280fe37fd2598

GnuPG-bug-id: 4915
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-07-15 14:18:09 +09:00
NIIBE Yutaka
199309190a gpg: Add regular expression support.
* AUTHORS, COPYING.other: Update.
* Makefile.am (SUBDIRS): Add regexp sub directory.
* configure.ac (DISABLE_REGEX): Remove.
* g10/Makefile.am (needed_libs): Add libregexp.a.
* g10/trustdb.c: Remove DISABLE_REGEX support.
* regexp/LICENSE, regexp/jimregexp.c, regexp/jimregexp.h,
  regexp/utf8.c, regexp/utf8.h: New from Jim Tcl.
* regexp/UnicodeData.txt: New from Unicode.
* regexp/Makefile.am, regexp/parse-unidata.awk: New.
* tests/openpgp/Makefile.am: Remove DISABLE_REGEX support.
* tools/Makefile.am: Remove DISABLE_REGEX support.

--

Backport master commit of:
	ba247a114c75a84473c11c1484013b09fbb9bcd1

GnuPG-bug-id: 4843
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-07-15 14:16:57 +09:00
Werner Koch
68dd4f4398
Post release updates
--
2020-07-09 13:06:32 +02:00