diff options
author | Neal H. Walfield <neal@pep.foundation> | 2022-03-27 00:53:39 +0100 |
---|---|---|
committer | Panu Matilainen <pmatilai@redhat.com> | 2022-08-17 13:50:46 +0300 |
commit | 26876ae605b010d71b31bab33dd830f382c95110 (patch) | |
tree | 397e96bf47ed7805963e5fca7cbeb1e5820f824f | |
parent | 317da93533812116fea626324b6090e58714d267 (diff) | |
download | rpm-26876ae605b010d71b31bab33dd830f382c95110.tar.gz |
Add a Sequoia-based OpenPGP backend
This change adds support for using Sequoia as an alternative to the
internal OpenPGP backend. To use this backend, it is necessary to
have the rpm-sequoia library installed.
https://gitlab.com/sequoia-pgp/rpm-sequoia
Fixes #1978.
(Backport db36ea85aac23620d71ed38cc9a263b6bab3af98.)
-rw-r--r-- | INSTALL | 11 | ||||
-rw-r--r-- | configure.ac | 20 | ||||
-rw-r--r-- | rpm.pc.in | 2 | ||||
-rw-r--r-- | rpmio/Makefile.am | 9 | ||||
-rw-r--r-- | tests/Makefile.am | 3 |
5 files changed, 34 insertions, 11 deletions
@@ -22,10 +22,13 @@ The libmagic (aka file) library for file type detection (used by rpmbuild). The source for the file utility + library is available from ftp://ftp.astron.com/pub/file/ -You will need a cryptographic library to support digests and signatures. -This library may be libgcrypt or OpenSSL, and can be specified with the ---with-crypto=[libgcrypt|openssl] argument to configure. -libgcrypt is the default. +You will need a cryptographic library to support digests and +signatures. This library may be libgcrypt, OpenSSL, or Sequoia PGP, +and can be specified with the --with-crypto=[libgcrypt|openssl|sequoia] +argument to configure. libgcrypt is the default. + +Sequoia is used via the rpm-sequoia library, which is available from +https://gitlab.com/sequoia-pgp/rpm-sequoia libgcrypt library is available from https://www.gnupg.org/software/libgcrypt/ diff --git a/configure.ac b/configure.ac index 0046044be..c7795aabd 100644 --- a/configure.ac +++ b/configure.ac @@ -269,7 +269,7 @@ AM_CONDITIONAL(LIBELF,[test "$WITH_LIBELF" = yes]) # Select crypto library AC_ARG_WITH(crypto, [AS_HELP_STRING([--with-crypto=CRYPTO_LIB], - [The cryptographic library to use (openssl|libgcrypt). The default is libgcrypt.]) + [The cryptographic library to use (openssl|libgcrypt|sequoia). The default is libgcrypt.]) ],[], [with_crypto=libgcrypt]) @@ -380,6 +380,24 @@ AC_SUBST(WITH_LIBGCRYPT_INCLUDE) AC_SUBST(WITH_LIBGCRYPT_LIB) #================= +# Check for the rpm-sequoia backend. +WITH_RPM_SEQUOIA_INCLUDE= +WITH_RPM_SEQUOIA_LIB= +if test "$with_crypto" = sequoia ; then + PKG_CHECK_MODULES([RPM_SEQUOIA], [rpm-sequoia], [have_rpm_sequoia=yes], [have_rpm_sequoia=no]) + if test "$have_rpm_sequoia" = "yes"; then + WITH_RPM_SEQUOIA_INCLUDE="$RPM_SEQUOIA_CFLAGS" + WITH_RPM_SEQUOIA_LIB="$RPM_SEQUOIA_LIBS" + else + AC_MSG_ERROR([librpm-sequoia not found]) + fi +fi + +AM_CONDITIONAL([WITH_RPM_SEQUOIA],[test "$with_crypto" = sequoia]) +AC_SUBST(WITH_RPM_SEQUOIA_INCLUDE) +AC_SUBST(WITH_RPM_SEQUOIA_LIB) + +#================= # Check for magic library. WITH_MAGIC_INCLUDE= WITH_MAGIC_LIB= @@ -12,5 +12,5 @@ Requires: popt Requires.private: @ZSTD_REQUIRES@ # Conflicts: Cflags: -I${includedir} -Libs: -L${libdir} -lrpm -lrpmio +Libs: -L${libdir} -lrpm -lrpmio @WITH_RPM_SEQUOIA_LIB@ Libs.private: -lpopt -lrt -lpthread @WITH_LZMA_LIB@ @WITH_BZ2_LIB@ @WITH_ZLIB_LIB@ @LUA_LIBS@ diff --git a/rpmio/Makefile.am b/rpmio/Makefile.am index 94be6581f..106e69d00 100644 --- a/rpmio/Makefile.am +++ b/rpmio/Makefile.am @@ -8,6 +8,7 @@ EXTRA_DIST = modemuncher.c AM_CPPFLAGS = -I$(top_builddir) -I$(top_srcdir) -I$(top_srcdir)/include/ AM_CPPFLAGS += @WITH_OPENSSL_INCLUDE@ AM_CPPFLAGS += @WITH_LIBGCRYPT_INCLUDE@ +AM_CPPFLAGS += @WITH_RPM_SEQUOIA_INCLUDE@ AM_CPPFLAGS += @WITH_POPT_INCLUDE@ AM_CPPFLAGS += $(ZSTD_CFLAGS) AM_CPPFLAGS += @LUA_CFLAGS@ @@ -24,14 +25,13 @@ librpmio_la_SOURCES = \ rpmio_internal.h rpmhook.h rpmvercmp.c rpmver.c \ rpmstring.c rpmfileutil.c rpmglob.c \ rpmkeyring.c rpmstrpool.c rpmmacro_internal.h \ - rpmlua.c rpmlua.h lposix.c lposix.h \ - rpmpgp_internal.c rpmpgp_internal.h + rpmlua.c rpmlua.h lposix.c lposix.h if WITH_OPENSSL -librpmio_la_SOURCES += digest_openssl.c +librpmio_la_SOURCES += digest_openssl.c rpmpgp_internal.c rpmpgp_internal.h else if WITH_LIBGCRYPT -librpmio_la_SOURCES += digest_libgcrypt.c +librpmio_la_SOURCES += digest_libgcrypt.c rpmpgp_internal.c rpmpgp_internal.h endif endif @@ -40,6 +40,7 @@ librpmio_la_LIBADD = \ ../misc/libmisc.la \ @WITH_OPENSSL_LIB@ \ @WITH_LIBGCRYPT_LIB@ \ + @WITH_RPM_SEQUOIA_LIB@ \ @WITH_BZ2_LIB@ \ @WITH_ZLIB_LIB@ \ @WITH_POPT_LIB@ \ diff --git a/tests/Makefile.am b/tests/Makefile.am index 7e7806da6..8f36f9fdc 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -12,7 +12,8 @@ EXTRA_DIST += local.at $(TESTSUITE) AM_CPPFLAGS = -I$(top_srcdir)/include -rpmpgpcheck_LDADD = ../rpmio/librpmio.la +rpmpgpcheck_LDADD = ../rpmio/librpmio.la \ + @WITH_RPM_SEQUOIA_LIB@ ## testsuite components TESTSUITE_AT = rpmtests.at |