diff options
Diffstat (limited to '')
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | README | 4 | ||||
| -rw-r--r-- | configure.ac | 25 | ||||
| -rw-r--r-- | doc/ChangeLog | 2 | ||||
| -rw-r--r-- | doc/gpg.sgml | 4 | ||||
| -rw-r--r-- | mpi/ChangeLog | 5 | ||||
| -rw-r--r-- | mpi/Makefile.am | 6 |
8 files changed, 49 insertions, 3 deletions
@@ -1,3 +1,7 @@ +2005-03-11 Werner Koch <[email protected]> + + * configure.ac: New option --enable-noexecstack. + 2005-02-16 Werner Koch <[email protected]> Released 1.4.1rc2. @@ -53,6 +53,8 @@ Noteworthy changes in version 1.4.1 * The "fetch" command of --card-edit now retrieves the key using the default keyserver if no URL has been stored on the card. + * New configure option --enable-noexecstack. + Noteworthy changes in version 1.4.0 (2004-12-16) ------------------------------------------------ @@ -607,6 +607,10 @@ This prevents access to certain files and won't allow import or export of secret keys. + --enable-noexecstack + Pass option --noexecstack to as. Works only when + using gcc. + --disable-gnupg-iconv If iconv is available it is used to convert between utf-8 and the system character set. This diff --git a/configure.ac b/configure.ac index 3dbfbede2..54cb51212 100644 --- a/configure.ac +++ b/configure.ac @@ -102,6 +102,18 @@ if test "$use_m_guard" = yes ; then AC_DEFINE(M_GUARD,1,[Define to use the (obsolete) malloc guarding feature]) fi +# We don't have a test to check whetyer as(1) knows about the +# non executable stackioption. Thus we provide an option to enable +# it. +AC_MSG_CHECKING([whether non excutable stack support is requested]) +AC_ARG_ENABLE(noexecstack, + AC_HELP_STRING([--enable-noexecstack], + [enable non executable stack support (gcc only)]), + noexecstack_support=$enableval, noexecstack_support=no) +AC_MSG_RESULT($noexecstack_support) + +# SELinux support includes tracking of sensitive files to avoid +# leaking their contents through processing these files by gpg itself AC_MSG_CHECKING([whether SELinux support is requested]) AC_ARG_ENABLE(selinux-support, AC_HELP_STRING([--enable-selinux-support], @@ -109,6 +121,7 @@ AC_ARG_ENABLE(selinux-support, selinux_support=$enableval, selinux_support=no) AC_MSG_RESULT($selinux_support) + AC_MSG_CHECKING([whether OpenPGP card support is requested]) AC_ARG_ENABLE(card-support, AC_HELP_STRING([--disable-card-support], @@ -1234,14 +1247,26 @@ esac AC_SUBST(NETLIBS) AC_SUBST(W32LIBS) +# Special options used fith gcc. if test "$GCC" = yes; then + # Note that it is okay to use CFLAGS here because this are just + # warning options and the user should have a chance of overriding + #them. if test "$USE_MAINTAINER_MODE" = "yes"; then CFLAGS="$CFLAGS -Wall -Wcast-align -Wshadow -Wstrict-prototypes" CFLAGS="$CFLAGS -Wformat-nonliteral" else CFLAGS="$CFLAGS -Wall" fi + + # Non exec stack hack. Fixme: Write a test to check whether as + # can cope with it and use the enable-noexecstack option only to + # disable it in case it is required on sime platforms. + if test "$noexecstack_support" = yes; then + NOEXECSTACK_FLAGS="-Wa,--noexecstack" + fi fi +AC_SUBST(NOEXECSTACK_FLAGS) if test "$print_egd_warning" = yes; then diff --git a/doc/ChangeLog b/doc/ChangeLog index 7b003b1ff..c9fc5b034 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,5 +1,7 @@ 2005-03-07 Werner Koch <[email protected]> + * gpg.sgml (comment): Add note to keep the comment short. + * DETAILS: Document new status codes. 2005-02-15 Werner Koch <[email protected]> diff --git a/doc/gpg.sgml b/doc/gpg.sgml index 03a7eb841..805f4f885 100644 --- a/doc/gpg.sgml +++ b/doc/gpg.sgml @@ -1769,6 +1769,10 @@ Use &ParmString; as a comment string in clear text signatures and ASCII armored messages or keys (see --armor). The default behavior is not to use a comment string. --comment may be repeated multiple times to get multiple comment strings. --no-comments removes all comments. +It is a good idea to keep the length of a single comment below 60 +characters to avoid problems with mail programs wrapping such lines. +Note, that those comment lines, like all other header lines, are not +protected by the signature. </para></listitem></varlistentry> diff --git a/mpi/ChangeLog b/mpi/ChangeLog index 20175f961..00e0e3e6a 100644 --- a/mpi/ChangeLog +++ b/mpi/ChangeLog @@ -1,3 +1,8 @@ +2005-03-11 Werner Koch <[email protected]> + + * Makefile.am (ASFLAGS): Renamed to AM_CCASFLAGS and added the + variable for non exectubale stack options. Adapted users. + 2004-12-20 Werner Koch <[email protected]> * mpicoder.c (mpi_read_from_buffer): Don't abort in case of an diff --git a/mpi/Makefile.am b/mpi/Makefile.am index 798a4d1dd..35135c24d 100644 --- a/mpi/Makefile.am +++ b/mpi/Makefile.am @@ -20,8 +20,8 @@ INCLUDES = -I.. -I$(top_srcdir)/include -AM_CFLAGS = @MPI_OPT_FLAGS@ -ASFLAGS = @MPI_SFLAGS@ +AM_CFLAGS = $(MPI_OPT_FLAGS) +AM_CCASFLAGS = $(NOEXECSTACK_FLAGS) $(MPI_SFLAGS) EXTRA_DIST = config.links DISTCLEANFILES = mpi-asm-defs.h \ @@ -73,7 +73,7 @@ libmpi_a_LIBADD = $(common_asm_objects) @MPI_EXTRA_ASM_OBJS@ # work and add one to cpp .S files .S.o: $(CPP) $(INCLUDES) $(DEFS) $< | grep -v '^#' > _$*.s - $(COMPILE) $(ASFLAGS) -c _$*.s + $(COMPILE) $(AM_CCASFLAGS) -c _$*.s mv -f _$*.o $*.o .S.lo: |