Commit b4f7d1f9 authored by Daniel Kahn Gillmor's avatar Daniel Kahn Gillmor

Imported Upstream version 2.1.0~beta864

parent 66154740
......@@ -161,12 +161,18 @@ Yutaka Niibe Assigns Past and Future Changes
Authors with a DCO
==================
Andre Heinecke <aheinecke@intevation.de>
2014-09-19:4525694.FcpLvWDUFT@esus:
Andreas Schwier <andreas.schwier@cardcontact.de>
2014-07-22:53CED1D8.1010306@cardcontact.de:
Christian Aistleitner <christian@quelltextlich.at>
2013-05-26:20130626112332.GA2228@quelltextlich.at:
Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2014-09-24:87oau6w9q7.fsf@alice.fifthhorseman.net:
Hans of Guardian <hans@guardianproject.info>
2013-06-26:D84473D7-F3F7-43D5-A9CE-16580B88D574@guardianproject.info:
......
2014-10-03 Werner Koch <wk@gnupg.org>
Release 2.1.0-beta864.
gpg: Allow creating a cert-only primary key.
* g10/keygen.c (ask_key_flags): Allow a 'c' in direct entry.
build: Add configure options --disable-{ntb,gnu}tls.
* configure.ac: Add --disable-ntbtls and --disable-gnutls.
2014-10-03 Andre Heinecke <aheinecke@intevation.de>
gpg: Check gpg-agent version before 2.1 migration.
* g10/call-agent.c, g10/call-agent.h (agent_get_version): New.
* g10/migrate.c (migrate_secring): Abort migration if
agent_get_version returns not at least 2.1.0
2014-10-03 Werner Koch <wk@gnupg.org>
po: Update German translation.
Remove support for the GPG_AGENT_INFO envvar.
* agent/agent.h (opt): Remove field use_standard_socket.
* agent/command.c (cmd_killagent): Always allow killing.
* agent/gpg-agent.c (main): Turn --{no,}use-standard-socket and
--write-env-file into dummy options. Always return true for
--use-standard-socket-p. Do not print the GPG_AGENT_INFO envvar
setting or set that envvar.
(create_socket_name): Simplify by removing non standard socket
support.
(check_for_running_agent): Ditto.
* common/asshelp.c (start_new_gpg_agent): Remove GPG_AGENT_INFO use.
* common/simple-pwquery.c (agent_open): Ditto.
* configure.ac (GPG_AGENT_INFO_NAME): Remove.
* g10/server.c (gpg_server): Do not print the AgentInfo comment.
* g13/server.c (g13_server): Ditto.
* sm/server.c (gpgsm_server): Ditto.
* tools/gpgconf.c (main): Simplify by removing non standard socket
support.
2014-10-02 Werner Koch <wk@gnupg.org>
gpg: Fix regression removing SHA256.
* g10/misc.c (map_md_openpgp_to_gcry): Always use SHA256.
First changes for future use of NTBTLS.
* configure.ac (NEED_NTBTLS_ABI, NEED_NTBTLS_VERSION): New.
(HTTP_USE_NTBTLS): New. Prefer over GNUTLS.
* m4/ntbtls.m4: New.
* m4/Makefile.am (EXTRA_DIST): Add new file.
* common/http.c: Add conditionals to eventually use NTBTLS.
build: Update m4 scripts.
* m4/gpg-error.m4: Update from Libgpg-error git master.
* m4/libgcrypt.m4: Update from Libgcrypt git master.
* configure.ac: Declare SYSROOT a precious variable. Add extra error
message for library configuration mismatches.
2014-09-29 Werner Koch <wk@gnupg.org>
doc: Remove GnuPG-1 related parts from gpg.texi.
* doc/Makefile.am (YAT2M_OPTIONS): Add 2.1 to the source info.
* doc/gpg.texi: Remove gpg1 related texts.
2014-09-27 Werner Koch <wk@gnupg.org>
gpg: Default to SHA-256 for all signature types on RSA keys.
* g10/main.h (DEFAULT_DIGEST_ALGO): Use SHA256 in --gnupg and SHA1 in
strict RFC or PGP modes.
* g10/sign.c (make_keysig_packet): Use DEFAULT_DIGEST_ALGO also for
RSA key signatures.
* configure.ac: Do not allow to disable sha256.
gpg: Simplify command --gen-key and add --full-gen-key.
* g10/gpg.c (aFullKeygen): New.
(opts): Add command --full-key-gen.
(main): Implement it.
* g10/keygen.c (DEFAULT_STD_ALGO): Replace wrong GCRY_PK_RSA although
the value is identical.
(DEFAULT_STD_CURVE): New.
(DEFAULT_STD_SUBALGO): New.
(DEFAULT_STD_SUBKEYSIZE): New.
(DEFAULT_STD_SUBCURVE): New.
(quick_generate_keypair): Use new macros here.
(generate_keypair): Add arg "full" and fix call callers. Do not ask
for keysize in non-full node.
(ask_user_id): Add arg "full" and simplify for non-full mode.
2014-09-26 Werner Koch <wk@gnupg.org>
gpg: Add shortcut for setting key capabilities.
* g10/keygen.c (ask_key_flags): Add shortcut '='.
* doc/help.txt (gpg.keygen.flags): New.
2014-09-25 Werner Koch <wk@gnupg.org>
gpg: Do not always print dashes in obsolete_option.
* g10/gpg.c (main): Pass option names to obsolete_option without
double dash.
* g10/misc.c (obsolete_option, obsolete_scdaemon_option): Print double
dash only for command line options.
2014-09-25 Daniel Kahn Gillmor <dkg@fifthhorseman.net>
gpg: Warn about (but don't fail) on scdaemon options in gpg.conf.
* g10/gpg.c: Add config options that should belong in scdaemon.conf
* g10/main.h, g10/misc.c (obsolete_scdaemon_option): New.
2014-09-22 Werner Koch <wk@gnupg.org>
speedo: Check that wget and gpgv are installed.
* build-aux/getswdb.sh: Check for required tools.
speedo: Autodetect sha1sum tools.
* build-aux/getswdb.sh: Add option --find-sha1sum.
* build-aux/speedo.mk (check-tools): New phony target. Not yet used.
(SHA1SUM): New var. Use it instead of sha1sum.
gpg: Create default keyring with .kbx suffix.
* g10/keydb.c (maybe_create_keyring_or_box): Rename arg for clarity.
(keydb_add_resource): Fix order of args to maybe_create_keyring_or_box
and check and create .kbx.
2014-09-20 Werner Koch <wk@gnupg.org>
gpg: --delete-secret-key - check that a secret key exists.
* g10/delkey.c (do_delete_key): Check availibility of a secret key.
gpg: Make algorithm selection prompt for ECC more clear.
* g10/keygen.c (ask_algo): Change 9 to "ECC and ECC".
2014-09-18 Werner Koch <wk@gnupg.org>
Release 2.1.0-beta834.
......
......@@ -95,11 +95,12 @@ am__aclocal_m4_deps = $(top_srcdir)/gl/m4/absolute-header.m4 \
$(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libassuan.m4 \
$(top_srcdir)/m4/libgcrypt.m4 $(top_srcdir)/m4/longdouble.m4 \
$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/npth.m4 \
$(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/progtest.m4 \
$(top_srcdir)/m4/readline.m4 $(top_srcdir)/m4/size_max.m4 \
$(top_srcdir)/m4/socklen.m4 $(top_srcdir)/m4/sys_socket_h.m4 \
$(top_srcdir)/m4/tar-ustar.m4 $(top_srcdir)/m4/xsize.m4 \
$(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac
$(top_srcdir)/m4/ntbtls.m4 $(top_srcdir)/m4/po.m4 \
$(top_srcdir)/m4/progtest.m4 $(top_srcdir)/m4/readline.m4 \
$(top_srcdir)/m4/size_max.m4 $(top_srcdir)/m4/socklen.m4 \
$(top_srcdir)/m4/sys_socket_h.m4 $(top_srcdir)/m4/tar-ustar.m4 \
$(top_srcdir)/m4/xsize.m4 $(top_srcdir)/acinclude.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \
......@@ -259,6 +260,8 @@ GPGKEYS_LDAP = @GPGKEYS_LDAP@
GPG_ERROR_CFLAGS = @GPG_ERROR_CFLAGS@
GPG_ERROR_CONFIG = @GPG_ERROR_CONFIG@
GPG_ERROR_LIBS = @GPG_ERROR_LIBS@
GPG_ERROR_MT_CFLAGS = @GPG_ERROR_MT_CFLAGS@
GPG_ERROR_MT_LIBS = @GPG_ERROR_MT_LIBS@
GREP = @GREP@
HAVE_INTTYPES_H = @HAVE_INTTYPES_H@
HAVE_LONG_LONG_INT = @HAVE_LONG_LONG_INT@
......@@ -316,6 +319,9 @@ NETLIBS = @NETLIBS@
NPTH_CFLAGS = @NPTH_CFLAGS@
NPTH_CONFIG = @NPTH_CONFIG@
NPTH_LIBS = @NPTH_LIBS@
NTBTLS_CFLAGS = @NTBTLS_CFLAGS@
NTBTLS_CONFIG = @NTBTLS_CONFIG@
NTBTLS_LIBS = @NTBTLS_LIBS@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
......@@ -341,6 +347,7 @@ SIG_ATOMIC_T_SUFFIX = @SIG_ATOMIC_T_SUFFIX@
SIZE_T_SUFFIX = @SIZE_T_SUFFIX@
STDINT_H = @STDINT_H@
STRIP = @STRIP@
SYSROOT = @SYSROOT@
SYS_SOCKET_H = @SYS_SOCKET_H@
TAR = @TAR@
UNISTD_H = @UNISTD_H@
......
Noteworthy changes in version 2.1.0-beta864 (2014-10-03)
--------------------------------------------------------
* gpg: Removed the GPG_AGENT_INFO related code. GnuPG does now only
use a fixed socket name in its home directory.
* gpg: Renamed --gen-key to --full-gen-key and re-added a --gen-key
command using less prompts.
* gpg: Use SHA-256 for all signature types also on RSA keys.
* gpg: Default keyring is now created with a .kbx suffix.
* gpg: Add a shortcut to key capabilies menu (e.g. "=e" sets the
encryption capabilities).
* gpg: Fixed obsolete options parsing.
* speedo: Improved the quick build system.
Noteworthy changes in version 2.1.0-beta834 (2014-09-18)
--------------------------------------------------------
......
This diff is collapsed.
2.1.0-beta834
2.1.0-beta864
......@@ -1448,6 +1448,7 @@ m4_include([m4/libgcrypt.m4])
m4_include([m4/longdouble.m4])
m4_include([m4/nls.m4])
m4_include([m4/npth.m4])
m4_include([m4/ntbtls.m4])
m4_include([m4/po.m4])
m4_include([m4/progtest.m4])
m4_include([m4/readline.m4])
......
......@@ -130,11 +130,12 @@ am__aclocal_m4_deps = $(top_srcdir)/gl/m4/absolute-header.m4 \
$(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libassuan.m4 \
$(top_srcdir)/m4/libgcrypt.m4 $(top_srcdir)/m4/longdouble.m4 \
$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/npth.m4 \
$(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/progtest.m4 \
$(top_srcdir)/m4/readline.m4 $(top_srcdir)/m4/size_max.m4 \
$(top_srcdir)/m4/socklen.m4 $(top_srcdir)/m4/sys_socket_h.m4 \
$(top_srcdir)/m4/tar-ustar.m4 $(top_srcdir)/m4/xsize.m4 \
$(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac
$(top_srcdir)/m4/ntbtls.m4 $(top_srcdir)/m4/po.m4 \
$(top_srcdir)/m4/progtest.m4 $(top_srcdir)/m4/readline.m4 \
$(top_srcdir)/m4/size_max.m4 $(top_srcdir)/m4/socklen.m4 \
$(top_srcdir)/m4/sys_socket_h.m4 $(top_srcdir)/m4/tar-ustar.m4 \
$(top_srcdir)/m4/xsize.m4 $(top_srcdir)/acinclude.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
mkinstalldirs = $(SHELL) $(top_srcdir)/build-aux/mkinstalldirs
......@@ -272,6 +273,8 @@ GPGKEYS_LDAP = @GPGKEYS_LDAP@
GPG_ERROR_CFLAGS = @GPG_ERROR_CFLAGS@
GPG_ERROR_CONFIG = @GPG_ERROR_CONFIG@
GPG_ERROR_LIBS = @GPG_ERROR_LIBS@
GPG_ERROR_MT_CFLAGS = @GPG_ERROR_MT_CFLAGS@
GPG_ERROR_MT_LIBS = @GPG_ERROR_MT_LIBS@
GREP = @GREP@
HAVE_INTTYPES_H = @HAVE_INTTYPES_H@
HAVE_LONG_LONG_INT = @HAVE_LONG_LONG_INT@
......@@ -329,6 +332,9 @@ NETLIBS = @NETLIBS@
NPTH_CFLAGS = @NPTH_CFLAGS@
NPTH_CONFIG = @NPTH_CONFIG@
NPTH_LIBS = @NPTH_LIBS@
NTBTLS_CFLAGS = @NTBTLS_CFLAGS@
NTBTLS_CONFIG = @NTBTLS_CONFIG@
NTBTLS_LIBS = @NTBTLS_LIBS@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
......@@ -354,6 +360,7 @@ SIG_ATOMIC_T_SUFFIX = @SIG_ATOMIC_T_SUFFIX@
SIZE_T_SUFFIX = @SIZE_T_SUFFIX@
STDINT_H = @STDINT_H@
STRIP = @STRIP@
SYSROOT = @SYSROOT@
SYS_SOCKET_H = @SYS_SOCKET_H@
TAR = @TAR@
UNISTD_H = @UNISTD_H@
......
......@@ -58,9 +58,6 @@ struct
int batch; /* Batch mode */
const char *homedir; /* Configuration directory name */
/* True if we are listening on the standard socket. */
int use_standard_socket;
/* True if we handle sigusr2. */
int sigusr2_enabled;
......
......@@ -2605,8 +2605,7 @@ cmd_updatestartuptty (assuan_context_t ctx, char *line)
static const char hlp_killagent[] =
"KILLAGENT\n"
"\n"
"If the agent has been started using a standard socket\n"
"we allow a client to stop the agent.";
"Stop the agent.";
static gpg_error_t
cmd_killagent (assuan_context_t ctx, char *line)
{
......@@ -2614,9 +2613,6 @@ cmd_killagent (assuan_context_t ctx, char *line)
(void)line;
if (!opt.use_standard_socket)
return set_error (GPG_ERR_NOT_SUPPORTED, "no --use-standard-socket");
ctrl->server_local->stopme = 1;
assuan_set_flag (ctx, ASSUAN_FORCE_CLOSE, 1);
return 0;
......
This diff is collapsed.
......@@ -42,4 +42,4 @@ esac
extra_aclocal_flags="-I gl/m4"
final_info="./configure --sysconfdir=/etc --enable-maintainer-mode --enable-symcryptrun --enable-gpgtar && make"
final_info="./configure --sysconfdir=/etc --enable-maintainer-mode && make"
......@@ -11,7 +11,9 @@
# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
# The URL of the file to retrieve.
urlbase="https://www.gnupg.org/"
# (some wget versions seem to have problems with SubjectAltName, thus
# we do not use www.gnupg.org)
urlbase="https://gnupg.org/"
WGET=wget
GPGV=gpgv
......@@ -32,6 +34,7 @@ Usage: $(basename $0) [OPTIONS]
Get the online version of the GnuPG software version database
Options:
--skip-download Assume download has already been done.
--find-sha1sum Print the name of the sha1sum utility
--help Print this help.
EOF
exit $1
......@@ -41,6 +44,7 @@ EOF
# Parse options
#
skip_download=no
find_sha1sum=no
while test $# -gt 0; do
case "$1" in
# Set up `optarg'.
......@@ -59,6 +63,9 @@ while test $# -gt 0; do
--skip-download)
skip_download=yes
;;
--find-sha1sum)
find_sha1sum=yes
;;
*)
usage 1 1>&2
;;
......@@ -66,7 +73,20 @@ while test $# -gt 0; do
shift
done
# Get GnuPG version from VERSIOn file. For a GIT checkout this means
# Mac OSX has only a shasum and not sha1sum
if [ ${find_sha1sum} = yes ]; then
for i in sha1sum shasum ; do
tmp=$($i </dev/null 2>/dev/null | cut -d ' ' -f1)
if [ x"$tmp" = x"da39a3ee5e6b4b0d3255bfef95601890afd80709" ]; then
echo "$i"
exit 0
fi
done
echo "false"
exit 1
fi
# Get GnuPG version from VERSION file. For a GIT checkout this means
# that ./autogen.sh must have been run first. For a regular tarball
# VERSION is always available.
if [ ! -f "$srcdir/../VERSION" ]; then
......@@ -76,6 +96,12 @@ fi
version=$(cat "$srcdir/../VERSION")
version_num=$(echo "$version" | cvtver)
if ! $GPGV --version >/dev/null 2>/dev/null ; then
echo "command \"gpgv\" is not installed" >&2
echo "(please install an older version of GnuPG)" >&2
exit 1
fi
#
# Download the list and verify.
#
......@@ -89,6 +115,11 @@ if [ $skip_download = yes ]; then
exit 1
fi
else
if ! $WGET --version >/dev/null 2>/dev/null ; then
echo "command \"wget\" is not installed" >&2
exit 1
fi
if ! $WGET -q -O swdb.lst "$urlbase/swdb.lst" ; then
echo "download of swdb.lst failed." >&2
exit 1
......
......@@ -58,45 +58,47 @@ help:
@echo ' w32-installer Build a Windows installer'
@echo ' w32-source Pack a source archive'
@echo
@echo 'Prepend TARGET with "git-" to build from GIT repos'
@echo 'Prepend TARGET with "this-" to build from the source tarball'
@echo 'You may append INSTALL_REFIX=<dir> for native builds.'
@echo 'Prepend TARGET with "git-" to build from GIT repos.'
@echo 'Prepend TARGET with "this-" to build from the source tarball.'
SPEEDOMAKE := $(MAKE) -f $(SPEEDO_MK) UPD_SWDB=1
native:
native: check-tools
$(SPEEDOMAKE) TARGETOS=native WHAT=release WITH_GUI=0 all
git-native:
git-native: check-tools
$(SPEEDOMAKE) TARGETOS=native WHAT=git WITH_GUI=0 all
this-native:
this-native: check-tools
$(SPEEDOMAKE) TARGETOS=native WHAT=this WITH_GUI=0 all
native-gui:
native-gui: check-tools
$(SPEEDOMAKE) TARGETOS=native WHAT=release WITH_GUI=1 all
git-native-gui:
git-native-gui: check-tools
$(SPEEDOMAKE) TARGETOS=native WHAT=git WITH_GUI=1 all
this-native-gui:
this-native-gui: check-tools
$(SPEEDOMAKE) TARGETOS=native WHAT=this WITH_GUI=1 all
w32-installer:
w32-installer: check-tools
$(SPEEDOMAKE) TARGETOS=w32 WHAT=release WITH_GUI=1 installer
git-w32-installer:
git-w32-installer: check-tools
$(SPEEDOMAKE) TARGETOS=w32 WHAT=git WITH_GUI=1 installer
this-w32-installer:
this-w32-installer: check-tools
$(SPEEDOMAKE) TARGETOS=w32 WHAT=this WITH_GUI=1 installer
w32-source:
w32-source: check-tools
$(SPEEDOMAKE) TARGETOS=w32 WHAT=release WITH_GUI=1 dist-source
git-w32-source:
git-w32-source: check-tools
$(SPEEDOMAKE) TARGETOS=w32 WHAT=git WITH_GUI=1 dist-source
this-w32-source:
this-w32-source: check-tools
$(SPEEDOMAKE) TARGETOS=w32 WHAT=git WITH_GUI=1 dist-source
......@@ -124,6 +126,9 @@ MAKE_J=3
# Name to use for the w32 installer and sources
INST_NAME=gnupg-w32
# Use this to override the installaion directory for native builds.
INSTALL_PREFIX=none
# Directory names.
# They must be absolute, as we switch directories pretty often.
......@@ -131,7 +136,11 @@ root := $(shell pwd)/PLAY
sdir := $(root)/src
bdir := $(root)/build
bdir6:= $(root)/build-w64
ifeq ($(INSTALL_PREFIX),none)
idir := $(root)/inst
else
idir := $(abspath $(INSTALL_PREFIX))
endif
idir6:= $(root)/inst-w64
stampdir := $(root)/stamps
topsrc := $(shell cd $(dir $(SPEEDO_MK)).. && pwd)
......@@ -548,6 +557,12 @@ W32CC = i686-w64-mingw32-gcc
MKDIR=mkdir
MAKENSIS=makensis
SHA1SUM := $(shell $(topsrc)/build-aux/getswdb.sh --find-sha1sum)
ifeq ($(SHA1SUM),false)
$(error The sha1sum tool is missing)
endif
BUILD_ISODATE=$(shell date -u +%Y-%m-%d)
# The next two macros will work only after gnupg has been build.
......@@ -583,7 +598,6 @@ endif
# The playground area is our scratch area, where we unpack, build and
# install the packages.
$(stampdir)/stamp-directories:
......@@ -723,7 +737,7 @@ $(stampdir)/stamp-$(1)-00-unpack: $(stampdir)/stamp-directories
esac; \
if [ -f tmp.tgz ]; then \
if [ -n "$$$${sha1}" ]; then \
tmp=$$$$(sha1sum <tmp.tgz|cut -d' ' -f1);\
tmp=$$$$($(SHA1SUM) <tmp.tgz|cut -d' ' -f1);\
if [ "$$$${tmp}" != "$$$${sha1}" ]; then \
echo "speedo:"; \
echo "speedo: ERROR: checksum mismatch for $(1)";\
......@@ -1014,8 +1028,14 @@ installer: all w32_insthelpers $(w32src)/inst-options.ini $(bdir)/README.txt
$(w32src)/inst.nsi
@echo "Ready: $(idir)/$(INST_NAME)-$(INST_VERSION)"
#
# Check availibility of standard tools
#
check-tools:
#
# Mark phony targets
#
.PHONY: all all-speedo report-speedo clean-stamps clean-speedo installer \
w32_insthelpers
w32_insthelpers check-tools
......@@ -226,8 +226,9 @@ t_zb32_LDADD = $(t_common_ldadd)
# http tests
t_http_SOURCES = t-http.c
t_http_CFLAGS = $(t_common_cflags) $(LIBGNUTLS_CFLAGS)
t_http_LDADD = libcommontls.a $(t_common_ldadd) $(LIBGNUTLS_LIBS) $(DNSLIBS)
t_http_CFLAGS = $(t_common_cflags) $(NTBTLS_CFLAGS) $(LIBGNUTLS_CFLAGS)
t_http_LDADD = libcommontls.a $(t_common_ldadd) \
$(NTBTLS_LIBS) $(LIBGNUTLS_LIBS) $(DNSLIBS)
# All programs should depend on the created libs.
$(PROGRAMS) : libcommon.a libcommonpth.a libcommontls.a libcommontlsnpth.a
......@@ -139,11 +139,12 @@ am__aclocal_m4_deps = $(top_srcdir)/gl/m4/absolute-header.m4 \
$(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libassuan.m4 \
$(top_srcdir)/m4/libgcrypt.m4 $(top_srcdir)/m4/longdouble.m4 \
$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/npth.m4 \
$(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/progtest.m4 \
$(top_srcdir)/m4/readline.m4 $(top_srcdir)/m4/size_max.m4 \
$(top_srcdir)/m4/socklen.m4 $(top_srcdir)/m4/sys_socket_h.m4 \
$(top_srcdir)/m4/tar-ustar.m4 $(top_srcdir)/m4/xsize.m4 \
$(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac
$(top_srcdir)/m4/ntbtls.m4 $(top_srcdir)/m4/po.m4 \
$(top_srcdir)/m4/progtest.m4 $(top_srcdir)/m4/readline.m4 \
$(top_srcdir)/m4/size_max.m4 $(top_srcdir)/m4/socklen.m4 \
$(top_srcdir)/m4/sys_socket_h.m4 $(top_srcdir)/m4/tar-ustar.m4 \
$(top_srcdir)/m4/xsize.m4 $(top_srcdir)/acinclude.m4 \
$(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
mkinstalldirs = $(SHELL) $(top_srcdir)/build-aux/mkinstalldirs
......@@ -337,7 +338,8 @@ t_helpfile_DEPENDENCIES = $(am__DEPENDENCIES_2)
am_t_http_OBJECTS = t_http-t-http.$(OBJEXT)
t_http_OBJECTS = $(am_t_http_OBJECTS)
t_http_DEPENDENCIES = libcommontls.a $(am__DEPENDENCIES_2) \
$(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1)
$(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
$(am__DEPENDENCIES_1)
t_http_LINK = $(CCLD) $(t_http_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
$(LDFLAGS) -o $@
t_mapstrings_SOURCES = t-mapstrings.c
......@@ -476,6 +478,8 @@ GPGKEYS_LDAP = @GPGKEYS_LDAP@
GPG_ERROR_CFLAGS = @GPG_ERROR_CFLAGS@
GPG_ERROR_CONFIG = @GPG_ERROR_CONFIG@
GPG_ERROR_LIBS = @GPG_ERROR_LIBS@
GPG_ERROR_MT_CFLAGS = @GPG_ERROR_MT_CFLAGS@
GPG_ERROR_MT_LIBS = @GPG_ERROR_MT_LIBS@
GREP = @GREP@
HAVE_INTTYPES_H = @HAVE_INTTYPES_H@
HAVE_LONG_LONG_INT = @HAVE_LONG_LONG_INT@
......@@ -533,6 +537,9 @@ NETLIBS = @NETLIBS@
NPTH_CFLAGS = @NPTH_CFLAGS@
NPTH_CONFIG = @NPTH_CONFIG@
NPTH_LIBS = @NPTH_LIBS@
NTBTLS_CFLAGS = @NTBTLS_CFLAGS@
NTBTLS_CONFIG = @NTBTLS_CONFIG@
NTBTLS_LIBS = @NTBTLS_LIBS@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
......@@ -558,6 +565,7 @@ SIG_ATOMIC_T_SUFFIX = @SIG_ATOMIC_T_SUFFIX@
SIZE_T_SUFFIX = @SIZE_T_SUFFIX@
STDINT_H = @STDINT_H@
STRIP = @STRIP@
SYSROOT = @SYSROOT@
SYS_SOCKET_H = @SYS_SOCKET_H@
TAR = @TAR@
UNISTD_H = @UNISTD_H@
......@@ -741,8 +749,10 @@ t_zb32_LDADD = $(t_common_ldadd)
# http tests
t_http_SOURCES = t-http.c
t_http_CFLAGS = $(t_common_cflags) $(LIBGNUTLS_CFLAGS)
t_http_LDADD = libcommontls.a $(t_common_ldadd) $(LIBGNUTLS_LIBS) $(DNSLIBS)
t_http_CFLAGS = $(t_common_cflags) $(NTBTLS_CFLAGS) $(LIBGNUTLS_CFLAGS)
t_http_LDADD = libcommontls.a $(t_common_ldadd) \
$(NTBTLS_LIBS) $(LIBGNUTLS_LIBS) $(DNSLIBS)
all: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) all-am
......
This diff is collapsed.
......@@ -754,10 +754,7 @@ gnupg_spawn_process_detached (const char *pgmname, const char *argv[],
char *cmdline;
/* FIXME: We don't make use of ENVP yet. It is currently only used
to pass the GPG_AGENT_INFO variable to gpg-agent. As the default
on windows is to use a standard socket, this does not really
matter. */
/* We don't use ENVP. */
(void)envp;
if (access (pgmname, X_OK))
......
......@@ -39,7 +39,7 @@
- fixme: list other requirements.
- With HTTP_USE_GNUTLS or HTTP_USE_POLARSSL support for https is
- With HTTP_USE_NTBTLS or HTTP_USE_GNUTLS support for https is
provided (this also requires estream).
- With HTTP_NO_WSASTARTUP the socket initialization is not done
......@@ -82,17 +82,16 @@
# include <npth.h>
#endif
#if defined (HTTP_USE_GNUTLS) && defined (HTTP_USE_POLARSSL)
# error Both, HTTP_USE_GNUTLS and HTTP_USE_POLARSSL, are defined.
#if defined (HTTP_USE_GNUTLS) && defined (HTTP_USE_NTBTLS)
# error Both, HTTP_USE_GNUTLS and HTTP_USE_NTBTLS, are defined.
#endif
#ifdef HTTP_USE_GNUTLS
#ifdef HTTP_USE_NTBTLS
# include <ntbtls.h>
#elif HTTP_USE_GNUTLS
# include <gnutls/gnutls.h>
# include <gnutls/x509.h>
#endif /*HTTP_USE_GNUTLS*/
#ifdef HTTP_USE_POLARSSL
# error Support for PolarSSL has not yet been added
#endif
#include "util.h"
......@@ -156,8 +155,15 @@ typedef unsigned long longcounter_t;
# define counter_strtoul(a) strtoul ((a), NULL, 10)
#endif
#ifndef HTTP_USE_GNUTLS
typedef void * gnutls_session_t;
#if HTTP_USE_NTBTLS
typedef ntbtls_t tls_session_t;
# define USE_TLS 1
#elif HTTP_USE_GNUTLS
typedef gnutls_session_t tls_session_t;
# define USE_TLS 1
#else
typedef void *tls_session_t;
# undef USE_TLS
#endif
static gpg_err_code_t do_parse_uri (parsed_uri_t uri, int only_local_part,
......@@ -226,14 +232,16 @@ struct http_session_s
int refcount; /* Number of references to this object. */
#ifdef HTTP_USE_GNUTLS
gnutls_certificate_credentials_t certcred;
gnutls_session_t tls_session;
#endif /*HTTP_USE_GNUTLS*/
#ifdef USE_TLS
tls_session_t tls_session;
struct {
int done; /* Verifciation has been done. */
int rc; /* GnuTLS verification return code. */
int rc; /* TLS verification return code. */
unsigned int status; /* Verification status. */
} verify;
char *servername; /* Malloced server name. */
#endif /*HTTP_USE_GNUTLS*/
#endif /*USE_TLS*/
/* A callback function to log details of TLS certifciates. */
void (*cert_log_cb) (http_session_t, gpg_error_t, const char *,
const void **, size_t *);
......@@ -522,7 +530,8 @@ session_unref (int lnr, http_session_t sess)
if (sess->refcount)
return;
#ifdef HTTP_USE_GNUTLS
#ifdef USE_TLS
# ifdef HTTP_USE_GNUTLS
if (sess->tls_session)
{
my_socket_t sock = gnutls_transport_get_ptr (sess->tls_session);
......@@ -531,8 +540,9 @@ session_unref (int lnr, http_session_t sess)
}
if (sess->certcred)
gnutls_certificate_free_credentials (sess->certcred);
# endif /*HTTP_USE_GNUTLS*/
xfree (sess->servername);
#endif /*HTTP_USE_GNUTLS*/
#endif /*USE_TLS*/
xfree (sess);
}
......@@ -560,7 +570,18 @@ http_session_new (http_session_t *r_session, const char *tls_priority)
return gpg_error_from_syserror ();
sess->refcount = 1;
#ifdef HTTP_USE_GNUTLS
#if HTTP_USE_NTBTLS
{
(void)tls_priority;
err = ntbtls_new (&sess->tls_session, NTBTLS_CLIENT);
if (err)
{
log_error ("ntbtls_new failed: %s\n", gpg_strerror (err));
goto leave;
}
}
#elif HTTP_USE_GNUTLS
{
const char *errpos;
int rc;
......@@ -616,17 +637,18 @@ http_session_new (http_session_t *r_session, const char *tls_priority)
goto leave;
}
}
#else /*!HTTP_USE_GNUTLS*/
(void)tls_priority;
{
(void)tls_priority;
}
#endif /*!HTTP_USE_GNUTLS*/
/* log_debug ("http.c:session_new: sess %p created\n", sess); */
err = 0;
#ifdef HTTP_USE_GNUTLS
#if USE_TLS
leave:
#endif /*HTTP_USE_GNUTLS*/
#endif /*USE_TLS*/
if (err)
http_session_unref (sess);
else
......@@ -1067,7 +1089,7 @@ do_parse_uri (parsed_uri_t uri, int only_local_part,
uri->port = 11371;
uri->is_http = 1;
}
#ifdef HTTP_USE_GNUTLS