[Pkg-gnupg-commit] [gnupg2] 148/160: build: Require latest released libraries
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Fri Jul 15 09:36:45 UTC 2016
This is an automated email from the git hooks/post-receive script.
dkg pushed a commit to branch upstream
in repository gnupg2.
commit c98995efefbdebea8f53d54ba2df4217dfd31ad4
Author: Werner Koch <wk at gnupg.org>
Date: Thu Jul 14 10:40:15 2016 +0200
build: Require latest released libraries
* agent/protect.c (OCB_MODE_SUPPORTED): Remove macro.
(do_encryption): Always support OCB.
(do_decryption): Ditto.
(agent_unprotect): Ditto.
* dirmngr/server.c (is_tor_running): Unconditionally build this.
--
Although not technically required, it is easier to require them to
avoid bug reports due to too old library versions.
Signed-off-by: Werner Koch <wk at gnupg.org>
---
agent/protect.c | 23 +----------------------
common/util.h | 9 ++++-----
configure.ac | 11 +++++------
dirmngr/server.c | 9 ++-------
4 files changed, 12 insertions(+), 40 deletions(-)
diff --git a/agent/protect.c b/agent/protect.c
index ee08e57..68e4081 100644
--- a/agent/protect.c
+++ b/agent/protect.c
@@ -42,12 +42,6 @@
#include "sexp-parse.h"
-#if GCRYPT_VERSION_NUMBER < 0x010700
-# define OCB_MODE_SUPPORTED 0
-#else
-# define OCB_MODE_SUPPORTED 1
-#endif
-
/* To use the openpgp-s2k3-ocb-aes scheme by default set the value of
* this macro to 1. Note that the caller of agent_protect may
* override this default. */
@@ -353,16 +347,11 @@ do_encryption (const unsigned char *hashbegin, size_t hashlen,
*resultlen = 0;
*result = NULL;
- if (use_ocb && !OCB_MODE_SUPPORTED)
- return gpg_error (GPG_ERR_UNSUPPORTED_PROTECTION);
-
modestr = (use_ocb? "openpgp-s2k3-ocb-aes"
/* */: "openpgp-s2k3-sha1-" PROT_CIPHER_STRING "-cbc");
rc = gcry_cipher_open (&hd, PROT_CIPHER,
-#if OCB_MODE_SUPPORTED
use_ocb? GCRY_CIPHER_MODE_OCB :
-#endif
GCRY_CIPHER_MODE_CBC,
GCRY_CIPHER_SECURE);
if (rc)
@@ -500,7 +489,6 @@ do_encryption (const unsigned char *hashbegin, size_t hashlen,
p += blklen;
}
assert ( p - outbuf == outlen);
-#if OCB_MODE_SUPPORTED
if (use_ocb)
{
gcry_cipher_final (hd);
@@ -512,7 +500,6 @@ do_encryption (const unsigned char *hashbegin, size_t hashlen,
}
}
else
-#endif /*OCB_MODE_SUPPORTED*/
{
rc = gcry_cipher_encrypt (hd, outbuf, enclen, NULL, 0);
}
@@ -755,9 +742,6 @@ do_decryption (const unsigned char *aad_begin, size_t aad_len,
unsigned char *outbuf;
size_t reallen;
- if (is_ocb && !OCB_MODE_SUPPORTED)
- return gpg_error (GPG_ERR_UNSUPPORTED_PROTECTION);
-
blklen = gcry_cipher_get_algo_blklen (prot_cipher);
if (is_ocb)
{
@@ -774,9 +758,7 @@ do_decryption (const unsigned char *aad_begin, size_t aad_len,
}
rc = gcry_cipher_open (&hd, prot_cipher,
-#if OCB_MODE_SUPPORTED
is_ocb? GCRY_CIPHER_MODE_OCB :
-#endif
GCRY_CIPHER_MODE_CBC,
GCRY_CIPHER_SECURE);
if (rc)
@@ -813,7 +795,6 @@ do_decryption (const unsigned char *aad_begin, size_t aad_len,
/* Decrypt. */
if (!rc)
{
-#if OCB_MODE_SUPPORTED
if (is_ocb)
{
rc = gcry_cipher_authenticate (hd, aad_begin,
@@ -833,7 +814,6 @@ do_decryption (const unsigned char *aad_begin, size_t aad_len,
rc = gcry_cipher_checktag (hd, protected + protectedlen - 16, 16);
}
else
-#endif /*OCB_MODE_SUPPORTED*/
{
rc = gcry_cipher_decrypt (hd, outbuf, protectedlen,
protected, protectedlen);
@@ -1177,8 +1157,7 @@ agent_unprotect (ctrl_t ctrl,
is_ocb = algotable[i].is_ocb;
break;
}
- if (i == DIM (algotable)
- || (is_ocb && !OCB_MODE_SUPPORTED))
+ if (i == DIM (algotable))
return gpg_error (GPG_ERR_UNSUPPORTED_PROTECTION);
if (!prot_cipher) /* This is "openpgp-native". */
diff --git a/common/util.h b/common/util.h
index c84847a..eb7a3fd 100644
--- a/common/util.h
+++ b/common/util.h
@@ -36,11 +36,10 @@
#include <gpg-error.h> /* We need gpg_error_t and estream. */
/* These error codes are used but not defined in the required
- libgpg-error version. Define them here. */
-/* Example: (#if GPG_ERROR_VERSION_NUMBER < 0x011500 // 1.21) */
-#if GPG_ERROR_VERSION_NUMBER < 0x011600 /* 1.22 */
-# define GPG_ERR_DB_CORRUPTED 218
-#endif /* gpg_error < 1.22 */
+ * libgpg-error version. Define them here.
+ * Example: (#if GPG_ERROR_VERSION_NUMBER < 0x011500 // 1.21)
+ */
+
/* Hash function used with libksba. */
#define HASH_FNC ((void (*)(void *, const void*,size_t))gcry_md_write)
diff --git a/configure.ac b/configure.ac
index 7f2ca33..9bc32ee 100644
--- a/configure.ac
+++ b/configure.ac
@@ -49,23 +49,22 @@ m4_define([mym4_revision_dec], m4_argn(8, mym4_verslist))
m4_esyscmd([echo ]mym4_version[>VERSION])
AC_INIT([mym4_package],[mym4_version], [https://bugs.gnupg.org])
-# Note that for Windows we require version 1.22
-NEED_GPG_ERROR_VERSION=1.21
+NEED_GPG_ERROR_VERSION=1.24
NEED_LIBGCRYPT_API=1
-NEED_LIBGCRYPT_VERSION=1.6.0
+NEED_LIBGCRYPT_VERSION=1.7.0
NEED_LIBASSUAN_API=2
-NEED_LIBASSUAN_VERSION=2.4.1
+NEED_LIBASSUAN_VERSION=2.4.3
NEED_KSBA_API=1
-NEED_KSBA_VERSION=1.2.0
+NEED_KSBA_VERSION=1.3.4
NEED_NTBTLS_API=1
NEED_NTBTLS_VERSION=0.1.0
NEED_NPTH_API=1
-NEED_NPTH_VERSION=0.91
+NEED_NPTH_VERSION=1.2
NEED_GNUTLS_VERSION=3.0
diff --git a/dirmngr/server.c b/dirmngr/server.c
index d3e57c0..db6f5a8 100644
--- a/dirmngr/server.c
+++ b/dirmngr/server.c
@@ -274,14 +274,12 @@ strcpy_escaped_plus (char *d, const unsigned char *s)
}
-/* This fucntion returns true if a Tor server is running. The sattus
+/* This function returns true if a Tor server is running. The sattus
is cached for the current conenction. */
static int
is_tor_running (ctrl_t ctrl)
{
-#if ASSUAN_VERSION_NUMBER >= 0x020402
- /* Check whether we can connect to the proxy. We use a
- special feature introduced with libassuan 2.4.2. */
+ /* Check whether we can connect to the proxy. */
if (!ctrl || !ctrl->server_local)
return 0; /* Ooops. */
@@ -300,9 +298,6 @@ is_tor_running (ctrl_t ctrl)
}
}
return (ctrl->server_local->tor_state > 0);
-#else /* Libassuan < 2.4.2 */
- return 0; /* We don't know. */
-#endif
}
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git
More information about the Pkg-gnupg-commit
mailing list