summaryrefslogtreecommitdiff
path: root/configure.ac
Commit message (Collapse)AuthorAgeFilesLines
* Release 3.7.13.7.1Daiki Ueno2021-03-101-1/+1
| | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
* Merge branch 'wip/dueno/valgrind' into 'master'Daiki Ueno2021-02-191-1/+1
|\ | | | | | | | | | | | | tests: enable all tests to run under valgrind Closes #1174 and #708 See merge request gnutls/gnutls!1383
| * safe-memfuncs: rely on explicit_bzero implementation from gnulibDaiki Ueno2021-02-171-1/+1
| | | | | | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
* | fips: replace fipshmac usage with internal programOndrej Moris2021-02-171-0/+1
|/ | | | | | | | | | | This introduces a non-installed program "fipshmac" and uses it for generating HMAC files required in FIPS 140-2. The generated files are installed along with the main library. Resolves issues #1101. Signed-off-by: Ondrej Moris <omoris@redhat.com> Co-authored-by: Daiki Ueno <dueno@redhat.com>
* configure.ac: fix "nettle_rsa_sec_decrypt" check errorDmitriy Tsvettsikh2021-02-171-1/+1
| | | | | | | When libhogweed built with external gmplib, then it required explicit path to gmplib to pass check. Signed-off-by: Dmitriy Tsvettsikh <dmitrycvet@gmail.com>
* Merge branch 'wip/dueno/guile-fixes' into 'master'Daiki Ueno2021-02-151-1/+1
|\ | | | | | | | | | | | | configure.ac: include <libguile.h> when checking scm_* functions Closes #1116 See merge request gnutls/gnutls!1360
| * configure.ac: include <libguile.h> when checking scm_* functionsDaiki Ueno2020-11-231-1/+1
| | | | | | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
* | configure.ac: fix misleading --help output on guile bindingsDaiki Ueno2021-02-131-1/+1
| | | | | | | | | | | | | | Reported by Tim Rühsen in: https://gitlab.com/gnutls/gnutls/-/issues/577 Signed-off-by: Daiki Ueno <ueno@gnu.org>
* | configure: Remove -no_weak_links from LDFLAGS after detecting function ↵Martin Storsjo2021-01-081-1/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | availability This reverts commit 945a48993dcdd9ead17216e55c59db209923ea5e and fixes the original issue (#966) differently. This makes sure that when targeting a version of macOS less than 10.12, we won't pick up and unconditionally use functions that only appeared later, when building with Xcode 11.4 or newer. (With Xcode 11.4 or newer, the fix from 945a48993dcdd9 caused -no_weak_links not be added, affecting the function availability tests.) Signed-off-by: Martin Storsjo <martin@martin.st>
* | Release 3.7.03.7.0Daiki Ueno2020-12-021-1/+1
|/ | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
* build: hard require nettle 3.6Daiki Ueno2020-11-041-72/+0
| | | | | | | This allows us to remove several backports, including XTS, CFB8, raw-ChaCha, CMAC64, Curve448, and the GOST curves and hashes. Signed-off-by: Daiki Ueno <ueno@gnu.org>
* bootstrap.conf: exercise more tests from GnulibDaiki Ueno2020-10-271-1/+1
| | | | | | | | | | | | | | | | | | | | This fixes the build failure with -Werror: configure:53786: gcc -o conftest -O0 -Wall -Werror -g3 conftest.c -lev >&5 conftest.c:412: error: "GNULIB_STRERROR" redefined [-Werror] 412 | #define GNULIB_STRERROR 1 | conftest.c:305: note: this is the location of the previous definition 305 | #define GNULIB_STRERROR IN_GNUTLS_GNULIB_TESTS | cc1: all warnings being treated as errors as well as improves code coverage. Suggested by Bruno Haible in: <https://lists.gnu.org/archive/html/bug-gnulib/2020-10/msg00148.html>. Signed-off-by: Daiki Ueno <ueno@gnu.org>
* configure.ac: don't enable warning only available in decent gccDaiki Ueno2020-09-171-0/+1
| | | | | | -Warith-conversion is new in GCC 10. Signed-off-by: Daiki Ueno <ueno@gnu.org>
* gnulib: update git submoduleDaiki Ueno2020-09-171-1/+1
| | | | | | | | | This brings in the build fixes of parse-datetime module: https://lists.gnu.org/archive/html/bug-gnulib/2020-07/msg00178.html https://lists.gnu.org/archive/html/bug-gnulib/2020-08/msg00001.html https://lists.gnu.org/archive/html/bug-gnulib/2020-09/msg00046.html Signed-off-by: Daiki Ueno <ueno@gnu.org>
* Merge branch 'tmp-type-limits' into 'master'Daiki Ueno2020-08-181-0/+1
|\ | | | | | | | | | | | | minitasn1: move WARN_CFLAGS setting to configure.ac Closes #1022 See merge request gnutls/gnutls!1307
| * minitasn1: move WARN_CFLAGS setting to configure.actmp-type-limitsDaiki Ueno2020-08-131-0/+1
| | | | | | | | | | | | | | Some compilers don't support -Wno-type-limits, while they support -Wtype-limits. Signed-off-by: Daiki Ueno <ueno@gnu.org>
* | Merge branch 'tmp-public-header-guards' into 'master'Daiki Ueno2020-08-141-1/+0
|\ \ | |/ |/| | | | | Add or clean header guards in lib/includes/gnutls/ See merge request gnutls/gnutls!993
| * Add or clean header guards in lib/includes/gnutls/tmp-public-header-guardsTim Rühsen2019-05-081-1/+0
| | | | | | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* | Detect Python interpreter instead of assuming "python"Fiona Klute2020-06-161-0/+3
| | | | | | | | | | | | | | This makes the extended test suite work one Debian(-ish) systems without Python 2, where the Python 3 interpreter is called "python3". Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
* | Merge branch 'tmp-gettext' into 'master'Dmitry Baryshkov2020-06-141-0/+3
|\ \ | | | | | | | | | | | | configure.ac: prefer the latest version of build infrastructure See merge request gnutls/gnutls!1284
| * | configure.ac: prefer the latest version of build infrastructuretmp-gettextDaiki Ueno2020-06-081-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | AM_GNU_GETTEXT_REQUIRE_VERSION tells autopoint to copy the latest possible build infrastructure installed on the system, rather than the fixed version from the archive.dir.tar.xz. This makes the bootstrapping slightly faster and allows us not to stick with the ancient gettext version. Signed-off-by: Daiki Ueno <ueno@gnu.org>
* | | configure: improve nettle, gmp, and hogweed soname detectionVitezslav Cizek2020-06-091-3/+12
|/ / | | | | | | | | | | | | | | | | | | | | Some linkers might optimize away the libraries passed on the command line if they aren't actually needed, such as gnu ld with --as-needed. The ldd output then won't list the shared libraries and the detection will fail. Make sure nettle and others are really used. Signed-off-by: Vitezslav Cizek <vcizek@suse.com>
* | Merge branch 'gost-split-6' into 'master'Dmitry Baryshkov2020-06-061-0/+31
|\ \ | | | | | | | | | | | | MAGMA/KUZNYECHIK CTR-ACPKM and CMAC support See merge request gnutls/gnutls!1161
| * | nettle/gost: add CMAC-64/Magma/Kuznyechik codeDmitry Eremin-Solenikov2020-06-071-0/+19
| | | | | | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * | nettle/gost: add Kuznyechik codeDmitry Eremin-Solenikov2020-06-071-0/+6
| | | | | | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * | nettle/gost: add Magma codeDmitry Eremin-Solenikov2020-06-071-0/+6
| | | | | | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* | | Merge the extra libraries to link dynamically in GNUTLS_LIBS_PRIVATESteve Lhomme2020-06-061-6/+6
|/ / | | | | | | | | | | | | | | | | This should fix #1020 where bcrypt is missing from thirdparty_libadd. Ultimately it would be good to add libraries that always need to be linked in one variable that is shared between the Makefile and the pkg-config file. Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
* | Release 3.6.14 [ci skip]Daiki Ueno2020-06-031-1/+1
| | | | | | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
* | Merge branch 'nowincrypt' into 'master'Dmitry Baryshkov2020-05-311-0/+7
|\ \ | | | | | | | | | | | | use bcrypt for the windows random generator instead of wincrypt See merge request gnutls/gnutls!1255
| * | win32: use bcrypt instead of CryptoAPI on Vista+ for random numbersSteve Lhomme2020-05-281-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CryptoAPI is a deprecated API [1] that is forbidden in UWP builds. Rewrite the CryptoAPI calls in bcrypt. bcrypt is used instead of CryptoAPI when targeting Windows Vista and above. https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptdecrypt Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
* | | Merge branch 'fix-valgrind' into 'master'Dmitry Baryshkov2020-05-311-0/+4
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | configure.ac: add -fno-builtin-strcmp if valgrind is enabled Closes #944 See merge request gnutls/gnutls!1264
| * | | configure.ac: add -fno-builtin-strcmp if valgrind is enabledDmitry Baryshkov2020-05-261-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Recent GCC provides strcmp which makes Valgrind assume that it accesses uninitialized data. Disable this optimization if Valgrind tests are enabled. Fixes #944 Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
* | | | Merge branch 'tmp-fix-macosx-link' into 'master'Dmitry Baryshkov2020-05-301-1/+1
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | configure: check that -no_weak_links works with FD_SET Closes #966 See merge request gnutls/gnutls!1266
| * | | | configure: check that -no_weak_links works with FD_SETDmitry Baryshkov2020-05-261-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Several Xcode/SDK versions provide FD_SET implementation that does not work with -no_weak_links. Check that this option does not break FD_SET usage. Fixes #966 Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
* | | | | Merge branch 'tmp-fileio' into 'master'Daiki Ueno2020-05-301-1/+0
|\ \ \ \ \ | |_|_|/ / |/| | | | | | | | | | | | | | lib: improve external file loading See merge request gnutls/gnutls!1261
| * | | | gnulib: update git submoduleDaiki Ueno2020-05-291-1/+0
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This brings in the new fopen-gnu module and the RF_SENSITIVE flag for fread_file and read_file. This also adds the following changes to be consistent with the latest changes in Gnulib: - the callers of fread_file and read_file to be adjusted for the FLAGS argument - "attribute.h" needs to be used extensively Signed-off-by: Daiki Ueno <ueno@gnu.org>
* | | | configure.ac: determine if the Vista APIs can be linked staticallySteve Lhomme2020-05-271-0/+17
| |/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If _WIN32_WINNT is higher or equal to 0x0600, Vista API's are allowed during the build. We can assume that the minimum platform the code will run on is Vista [1] In that case there's no need to call API's (ncrypt) dynamically when it can be done statically. [1] https://docs.microsoft.com/en-us/cpp/porting/modifying-winver-and-win32-winnt Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
* | | win32: link with crypt32Steve Lhomme2020-05-201-0/+2
|/ / | | | | | | | | | | | | | | | | | | | | Since 5d03564cccd2c10c41252ea468d4a098bd08e9c1 we use CertOpenStore(). To properly link it needs to be linked with the crypt32.dll. https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certopenstore This library was missing from the pkg-config library. It exists in thirdparty_libadd to link gnutls as a DLL. Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
* | Merge branch 'tmp-siv' into 'master'Dmitry Baryshkov2020-05-041-3/+17
|\ \ | | | | | | | | | | | | | | | | | | nettle: expose SIV-CMAC through the AEAD interface Closes #974 and #463 See merge request gnutls/gnutls!1238
| * | nettle: vendor in SIV-CMAC implementationDaiki Ueno2020-05-041-0/+7
| | | | | | | | | | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
| * | nettle: avoid manual backports of CFB8, CMAC, and XTSDaiki Ueno2020-05-041-0/+8
| | | | | | | | | | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
| * | configure.ac: fix broken nettle_cfb8_decrypt detectionDaiki Ueno2020-05-041-3/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Given the fixed version of the function will be part of Nettle 3.6, use pkg-config --atleast-version instead of a manually comparison of the Nettle version. Fixes #974. Signed-off-by: Daiki Ueno <ueno@gnu.org>
* | | Merge branch 'tmp-reproducible-build' into 'master'Tim Rühsen2020-05-041-4/+0
|\ \ \ | |/ / |/| | | | | | | | | | | | | | New make target 'update-copyright-year' Closes #980 See merge request gnutls/gnutls!1241
| * | New make target 'update-copyright-year'tmp-reproducible-buildTim Rühsen2020-05-011-4/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We don't want to automatically update the copyright year as this prevents reproducible builds. Instead, 'make update-copyright-year' has to be executed at the start of each new year and the changes have to be pushed. Closes #980 Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* | | gost: use gostdsa-vko from nettle 3.6rc3Dmitry Baryshkov2020-04-281-6/+0
|/ / | | | | | | | | | | | | Now as we have upgraded Nettle to 3.6rc3 (which includes gostdsa_vko), use this function from imported nettle sources. Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
* | fips: check library soname during configuretmp-check-sonameDaiki Ueno2020-04-241-0/+43
| | | | | | | | | | | | | | | | | | | | | | | | Previously, we hard-coded the sonames of linked libraries for FIPS integrity checking. That required downstream packagers to manually adjust the relevant code in lib/fips.c, when a new interface version of the dependent libraries (nettle, gmp) becomes available and linked to libgnutls. This patch automates that process with the configure script. Signed-off-by: Daiki Ueno <dueno@redhat.com>
* | gost: update gostdsa_vko to follow NettleDmitry Baryshkov2020-04-211-0/+6
| | | | | | | | | | | | Update gostdsa_vko() following changes going to be accepted into Nettle. Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
* | nettle: use new imported source files for GOST DSADmitry Baryshkov2020-04-141-14/+5
| | | | | | | | | | | | | | Provide GOST support using source files copied by script rather than manually crafted by me. Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
* | Merge branch 'tmp-valgrind-memcheck' into 'master'Nikos Mavrogiannopoulos2020-04-051-0/+2
|\ \ | | | | | | | | | | | | build: use valgrind client request to detect undefined memory use See merge request gnutls/gnutls!1228
| * | build: use valgrind client request to detect undefined memory usetmp-valgrind-memcheckDaiki Ueno2020-04-041-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This tightens the check introduced in ac2f71b892d13a7ab4cc39086eef179042c7e23c, by using the valgrind client request to explicitly mark the "uninitialized but initialization is needed before use" regions. With this patch and the fix (c01011c2d8533dbbbe754e49e256c109cb848d0d) reverted, you will see the following error when running dtls_hello_random_value under valgrind: $ valgrind ./dtls_hello_random_value testing: default ==520145== Conditional jump or move depends on uninitialised value(s) ==520145== at 0x4025F5: hello_callback (dtls_hello_random_value.c:90) ==520145== by 0x488BF97: _gnutls_call_hook_func (handshake.c:1215) ==520145== by 0x488C1AA: _gnutls_send_handshake2 (handshake.c:1332) ==520145== by 0x488FC7E: send_client_hello (handshake.c:2290) ==520145== by 0x48902A1: handshake_client (handshake.c:2908) ==520145== by 0x48902A1: gnutls_handshake (handshake.c:2740) ==520145== by 0x402CB3: client (dtls_hello_random_value.c:153) ==520145== by 0x402CB3: start (dtls_hello_random_value.c:317) ==520145== by 0x402EFE: doit (dtls_hello_random_value.c:331) ==520145== by 0x4023D4: main (utils.c:254) ==520145== Signed-off-by: Daiki Ueno <dueno@redhat.com>
View Lorry Controller Status