From 845d5e61d8e1ed4f25da424cfc5b0bb0fbb8678d Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Mon, 18 Sep 2023 17:37:42 +0200 Subject: dirmngr: Cleanup the http module. * configure.ac (NEED_NTBTLS_VERSION): Require at least 0.2.0 so that we can remove a conditional compilation. * dirmngr/http.c (struct proxy_info_s): New. (release_proxy_info): New to keep proxy information in one object. (send_request): Factor some code out to ... (get_proxy_for_url): this, (send_request_basic_checks): this, (send_request_set_sni): this, (run_ntbtls_handshake): this, (run_gnutls_handshake): and this. -- Note that this also removes some never used code. For example the NTBTLS handshake has code taken from GNUTLS which was never used due to the different ways on how the certificates are checked. The proxy code has been factored out to make to prepare further authentication methods. The proxy_info_t was introduced for the same reason. Tested against gnutls and ntbtls builds. No proxy tests yet done, because we need more sophisticated tests anyway. GnuPG-bug-id: 5768 --- configure.ac | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'configure.ac') diff --git a/configure.ac b/configure.ac index 953e2616f..cfe6091b5 100644 --- a/configure.ac +++ b/configure.ac @@ -67,7 +67,7 @@ NEED_KSBA_API=1 NEED_KSBA_VERSION=1.6.3 NEED_NTBTLS_API=1 -NEED_NTBTLS_VERSION=0.1.0 +NEED_NTBTLS_VERSION=0.2.0 NEED_NPTH_API=1 NEED_NPTH_VERSION=1.2 -- cgit v1.2.3 From 3054016db9da31f3c18aed8158f764b14e021754 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Thu, 21 Sep 2023 13:32:56 +0200 Subject: dirmngr: Require gnutls 3.2 * dirmngr/http.c: Remove gnutls version specific code. (send_request): Factor some code out to ... (run_proxy_connect): new. (mk_proxy_request): new. (mk_std_request): new. * configure.ac (NEED_GNUTLS_VERSION): Require 3.2. -- This patch is to factor out some code and also to remove support for legacy gnutls versions. Note that gnutls 3.2 was released 10 years ago. --- configure.ac | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'configure.ac') diff --git a/configure.ac b/configure.ac index cfe6091b5..6f544bf98 100644 --- a/configure.ac +++ b/configure.ac @@ -73,7 +73,7 @@ NEED_NPTH_API=1 NEED_NPTH_VERSION=1.2 -NEED_GNUTLS_VERSION=3.0 +NEED_GNUTLS_VERSION=3.2 NEED_SQLITE_VERSION=3.27 -- cgit v1.2.3 From 0494ec8f4d6399336f3202a23144f4afe734aede Mon Sep 17 00:00:00 2001 From: NIIBE Yutaka Date: Tue, 3 Oct 2023 16:55:02 +0900 Subject: build: Simplify detecting a TPM emulator. * configure.ac (TPMSERVER): Don't supply hard-coded path. (SWTPM, SWTPM_IOCTL, TSSSTARTUP): Likewise. -- Cherry-picked from master commit of: f2ca727978da5b1ed84f97bf37d604e8a4e60091 Having hard-coded path has bad side effect; It may not be detected even if it's available with PATH. Signed-off-by: NIIBE Yutaka --- configure.ac | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'configure.ac') diff --git a/configure.ac b/configure.ac index 6f544bf98..6536810f1 100644 --- a/configure.ac +++ b/configure.ac @@ -1613,10 +1613,10 @@ if test "$build_tpm2d" = "yes"; then if test "$have_libtss" != no; then AC_DEFINE(HAVE_LIBTSS, 1, [Defined if we have TPM2 support library]) # look for a TPM emulator for testing - AC_PATH_PROG(TPMSERVER, tpm_server,,/bin:/usr/bin:/usr/lib/ibmtss:/usr/libexec/ibmtss) - AC_PATH_PROG(SWTPM, swtpm,,/bin:/usr/bin:/usr/lib/ibmtss:/usr/libexec/ibmtss) - AC_PATH_PROG(SWTPM_IOCTL, swtpm_ioctl,,/bin:/usr/bin:/usr/lib/ibmtss:/usr/libexec/ibmtss) - AC_PATH_PROG(TSSSTARTUP, tssstartup,,/bin:/usr/bin:/usr/lib/ibmtss:/usr/libexec/ibmtss) + AC_PATH_PROG(TPMSERVER, tpm_server) + AC_PATH_PROG(SWTPM, swtpm) + AC_PATH_PROG(SWTPM_IOCTL, swtpm_ioctl) + AC_PATH_PROG(TSSSTARTUP, tssstartup) fi fi if test "$have_libtss" = no; then -- cgit v1.2.3 From 0e200f2187e005d8c52d8efb5ef89e4709eabcc1 Mon Sep 17 00:00:00 2001 From: NIIBE Yutaka Date: Wed, 4 Oct 2023 18:30:33 +0900 Subject: tests:tpm2dtests: Fix tests with SWTPM. * configure.ac (TEST_LIBTSS): Fix the condition with SWTPM. * tests/tpm2dtests/start_sw_tpm.sh: Use --daemon and --pid to run SWTPM. -- Cherry-picked from master commit of: 98dd6f7af6aa3dcce19f20c22e3f825676e6b184 GnuPG-bug-id: 6052 Signed-off-by: NIIBE Yutaka --- configure.ac | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'configure.ac') diff --git a/configure.ac b/configure.ac index 6536810f1..72c99b1be 100644 --- a/configure.ac +++ b/configure.ac @@ -1625,7 +1625,7 @@ fi AC_SUBST(LIBTSS_LIBS) AC_SUBST(LIBTSS_CFLAGS) AM_CONDITIONAL(HAVE_LIBTSS, test "$have_libtss" != no) -AM_CONDITIONAL(TEST_LIBTSS, test -n "$TPMSERVER" || test -n "$SWTPM" && test -n "$TSSSTARTUP") +AM_CONDITIONAL(TEST_LIBTSS, test -n "$TPMSERVER" -o -n "$SWTPM" -a -n "$TSSSTARTUP" -a -n "$SWTPM_IOCTL") AC_SUBST(HAVE_LIBTSS) # -- cgit v1.2.3 From 9353dc811a04cf47f2445bb1e1f0401ea5f3d044 Mon Sep 17 00:00:00 2001 From: NIIBE Yutaka Date: Thu, 5 Oct 2023 10:21:35 +0900 Subject: tests:tpm2dtests: Modify tests with SWTPM and relax the condition. * configure.ac (SWTPM_IOCTL): Remove. (TEST_LIBTSS): Fix the condition. * tests/tpm2dtests/Makefile.am (TESTS_ENVIRONMENT): Remove SWTPM_IOCTL. * tests/tpm2dtests/start_sw_tpm.sh: Add --flags to invoke SWTPM, not requiring SWTPM_IOCTL and TSSSTARTUP any more. -- Cherry-picked from master commit of: 227b3b14f4be2f33ed721818c2186e7fca4cebdf GnuPG-bug-id: 6052 Signed-off-by: NIIBE Yutaka --- configure.ac | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'configure.ac') diff --git a/configure.ac b/configure.ac index 72c99b1be..fc0590c14 100644 --- a/configure.ac +++ b/configure.ac @@ -1614,9 +1614,8 @@ if test "$build_tpm2d" = "yes"; then AC_DEFINE(HAVE_LIBTSS, 1, [Defined if we have TPM2 support library]) # look for a TPM emulator for testing AC_PATH_PROG(TPMSERVER, tpm_server) - AC_PATH_PROG(SWTPM, swtpm) - AC_PATH_PROG(SWTPM_IOCTL, swtpm_ioctl) AC_PATH_PROG(TSSSTARTUP, tssstartup) + AC_PATH_PROG(SWTPM, swtpm) fi fi if test "$have_libtss" = no; then @@ -1625,7 +1624,7 @@ fi AC_SUBST(LIBTSS_LIBS) AC_SUBST(LIBTSS_CFLAGS) AM_CONDITIONAL(HAVE_LIBTSS, test "$have_libtss" != no) -AM_CONDITIONAL(TEST_LIBTSS, test -n "$TPMSERVER" -o -n "$SWTPM" -a -n "$TSSSTARTUP" -a -n "$SWTPM_IOCTL") +AM_CONDITIONAL(TEST_LIBTSS, test -n "$SWTPM" -o -n "$TPMSERVER" -a -n "$TSSSTARTUP") AC_SUBST(HAVE_LIBTSS) # -- cgit v1.2.3