Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove deprecated beecrypt and NSS crypto backends #1245

Merged
merged 3 commits into from May 29, 2020
Merged

Remove deprecated beecrypt and NSS crypto backends #1245

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
e3c48ea
Bump version to mark beginning of a new development cycle
pmatilai May 28, 2020
48eec22
Remove support for beecrypt
pmatilai May 28, 2020
294692a
Remove support for NSS
pmatilai May 28, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
16 changes: 2 additions & 14 deletions INSTALL
View file
Open in desktop
Expand Up @@ -14,24 +14,12 @@ The source for the file utility + library is available from
ftp://ftp.astron.com/pub/file/

You will need a cryptographic library to support digests and signatures.
This library may be libgcrypt, Mozilla NSS, OpenSSL or beecrypt.
Which library to use can be specified with the
--with-crypto=[libgcrypt|beecrypt|nss|openssl] argument to configure,
This library may be libgcrypt or OpenSSL, and can be specified with the
--with-crypto=[libgcrypt|openssl] argument to configure.
libgcrypt is the default.

libgcrypt library is available from https://www.gnupg.org/software/libgcrypt/

If using the Mozilla NSS library for encyption (and NSPR library which
NSS uses) it must be version 3.12 or later. Both NSPR and NSS libraries and
headers need to be installed during RPM compilation. As NSPR and NSS
typically install their headers outside the regular include search path,
you need to tell configure about this, eg something like:
./configure <......> CPPFLAGS="-I/usr/include/nspr -I/usr/include/nss"

The NSPR and NSS libraries are available from
http://www.mozilla.org/projects/security/pki/nss/
http://www.mozilla.org/projects/nspr/

If using the OpenSSL library for encryption, it must be version 1.0.2 or
later. Note: when compiling against OpenSSL, there is a possible license
incompatibility. For more details on this, see
Expand Down
2 changes: 0 additions & 2 deletions Makefile.am
View file
Open in desktop
Expand Up @@ -53,8 +53,6 @@ AM_CPPFLAGS = -I$(top_builddir) -I$(top_srcdir) -I$(top_builddir)/include/
AM_CPPFLAGS += -I$(top_srcdir)/build
AM_CPPFLAGS += -I$(top_srcdir)/lib
AM_CPPFLAGS += -I$(top_srcdir)/rpmio
AM_CPPFLAGS += @WITH_BEECRYPT_INCLUDE@
AM_CPPFLAGS += @WITH_NSS_INCLUDE@
AM_CPPFLAGS += @WITH_OPENSSL_INCLUDE@
AM_CPPFLAGS += @WITH_POPT_INCLUDE@
AM_CPPFLAGS += -I$(top_srcdir)/misc
Expand Down
2 changes: 0 additions & 2 deletions build/Makefile.am
View file
Open in desktop
Expand Up @@ -5,8 +5,6 @@ AM_CFLAGS = @RPMCFLAGS@
AM_CFLAGS += @OPENMP_CFLAGS@

AM_CPPFLAGS = -I$(top_builddir) -I$(top_srcdir) -I$(top_builddir)/include/
AM_CPPFLAGS += @WITH_BEECRYPT_INCLUDE@
AM_CPPFLAGS += @WITH_NSS_INCLUDE@
AM_CPPFLAGS += @WITH_MAGIC_INCLUDE@
AM_CPPFLAGS += @WITH_POPT_INCLUDE@
AM_CPPFLAGS += -I$(top_srcdir)/misc
Expand Down
65 changes: 2 additions & 63 deletions configure.ac
View file
Open in desktop
@@ -1,5 +1,5 @@
AC_PREREQ(2.61)
AC_INIT(rpm, 4.15.90, rpm-maint@lists.rpm.org)
AC_INIT(rpm, 4.16.90, rpm-maint@lists.rpm.org)

AC_CONFIG_SRCDIR([rpm.c])
AC_CONFIG_HEADERS([config.h])
Expand Down Expand Up @@ -246,39 +246,10 @@ AM_CONDITIONAL(LIBDWARF,[test "$WITH_LIBDWARF" = yes])
# Select crypto library
AC_ARG_WITH(crypto,
[AC_HELP_STRING([--with-crypto=CRYPTO_LIB],
[The cryptographic library to use (nss|beecrypt|openssl|libgcrypt). The default is libgcrypt. beecrypt and nss are DEPRECATED.])
[The cryptographic library to use (openssl|libgcrypt). The default is libgcrypt.])
],[],
[with_crypto=libgcrypt])

# Check for beecrypt library if requested.
AC_ARG_WITH(internal_beecrypt, [ --with-internal-beecrypt build with internal beecrypt library (DEPRECATED)],,[with_internal_beecrypt=no])
AM_CONDITIONAL([WITH_INTERNAL_BEECRYPT],[test "$with_internal_beecrypt" = yes])
if test "$with_internal_beecrypt" = yes ; then
with_crypto=beecrypt
fi
AM_CONDITIONAL([WITH_BEECRYPT],[test "$with_crypto" = beecrypt])

WITH_BEECRYPT_INCLUDE=
WITH_BEECRYPT_LIB=
if test "$with_crypto" = beecrypt ; then
AC_MSG_WARN([Using the beecrypt library with rpm is deprecated and support will be removed in a future release!])
AC_DEFINE(WITH_BEECRYPT, 1, [Build with beecrypt instead of nss3 support?])
if test "$with_internal_beecrypt" = yes ; then
WITH_BEECRYPT_INCLUDE="-I\$(top_srcdir)/beecrypt"
AC_DEFINE(HAVE_BEECRYPT_API_H, 1, [Define to 1 if you have the <beecrypt/api.h> header file.])
else
AC_CHECK_LIB(beecrypt, mpfprintln, [
WITH_BEECRYPT_LIB="-lbeecrypt"
],[
AC_MSG_ERROR([missing required library 'beecrypt'])
])
AC_CHECK_HEADER([beecrypt/api.h], [AC_DEFINE(HAVE_BEECRYPT_API_H, 1, [Define to 1 if you have the <beecrypt/api.h> header file.])
])
fi
fi
AC_SUBST(WITH_BEECRYPT_LIB)
AC_SUBST(WITH_BEECRYPT_INCLUDE)

#=================
# Check for OpenSSL library.
# We need evp.h from OpenSSL.
Expand Down Expand Up @@ -385,38 +356,6 @@ AM_CONDITIONAL([WITH_LIBGCRYPT],[test "$with_crypto" = libgcrypt])
AC_SUBST(WITH_LIBGCRYPT_INCLUDE)
AC_SUBST(WITH_LIBGCRYPT_LIB)

#=================
# Check for NSS library.
# We need nss.h from NSS which needs nspr.h. Unfortunately both glibc and NSS
# have a header named nss.h... so make extra check for NSS's sechash.h
# which we use too and hopefully is slightly more unique to NSS.
WITH_NSS_INCLUDE=
WITH_NSS_LIB=
if test "$with_crypto" = nss; then
AC_MSG_WARN([Using the nss library with rpm is deprecated and support will be removed in a future release!])
# If we have pkgconfig make sure CPPFLAGS are setup correctly for the nss
# -I include path. Otherwise the below checks will fail because nspr.h
# cannot be found.
AC_PATH_TOOL([PKGCONFIG], [pkg-config], [no], [$PATH:/usr/bin:/usr/local/bin])
if test "x$PKGCONFIG" != "xno"; then
CPPFLAGS="$CPPFLAGS $($PKGCONFIG --cflags nss)"
fi
AC_CHECK_HEADERS([nspr.h nss.h sechash.h], [], [
AC_MSG_ERROR([missing required NSPR / NSS header])
])
AC_CHECK_LIB(nss3, VFY_VerifyDigestDirect, [
WITH_NSS_LIB=-lnss3
AC_CHECK_LIB(nss3, NSS_InitContext, [
AC_DEFINE(HAVE_NSS_INITCONTEXT, 1, [Define to 1 if NSS has NSS_InitContext])
AC_SUBST(HAVE_NSS_INITCONTEXT, [1])
])
], [
AC_MSG_ERROR([required NSS library 'nss3' missing or too old])
])
fi
AC_SUBST(WITH_NSS_INCLUDE)
AC_SUBST(WITH_NSS_LIB)

#=================
# Check for magic library.
WITH_MAGIC_INCLUDE=
Expand Down
2 changes: 0 additions & 2 deletions lib/Makefile.am
View file
Open in desktop
Expand Up @@ -4,8 +4,6 @@ include $(top_srcdir)/rpm.am
AM_CFLAGS = @RPMCFLAGS@

AM_CPPFLAGS = -I$(top_builddir) -I$(top_srcdir) -I$(top_builddir)/include/
AM_CPPFLAGS += @WITH_BEECRYPT_INCLUDE@
AM_CPPFLAGS += @WITH_NSS_INCLUDE@
AM_CPPFLAGS += @WITH_POPT_INCLUDE@
AM_CPPFLAGS += -I$(top_srcdir)/misc
AM_CPPFLAGS += -DLOCALEDIR="\"$(localedir)\""
Expand Down
1 change: 0 additions & 1 deletion po/POTFILES.in
View file
Open in desktop
Expand Up @@ -82,7 +82,6 @@ plugins/systemd_inhibit.c
python/rpmts-py.c
rpmio/argv.c
rpmio/digest.c
rpmio/digest_nss.c
rpmio/expression.c
rpmio/macro.c
rpmio/rpmfileutil.c
Expand Down
2 changes: 1 addition & 1 deletion rpm.pc.in
View file
Open in desktop
Expand Up @@ -12,4 +12,4 @@ Requires.private: @ZSTD_REQUIRES@
# Conflicts:
Cflags: -I${includedir}
Libs: -L${libdir} -lrpm -lrpmio
Libs.private: -lpopt -lrt -lpthread @WITH_LZMA_LIB@ @WITH_DB_LIB@ @WITH_BZ2_LIB@ @WITH_ZLIB_LIB@ @WITH_BEECRYPT_LIB@ @WITH_NSS_LIB@ @LUA_LIBS@
Libs.private: -lpopt -lrt -lpthread @WITH_LZMA_LIB@ @WITH_DB_LIB@ @WITH_BZ2_LIB@ @WITH_ZLIB_LIB@ @LUA_LIBS@
20 changes: 0 additions & 20 deletions rpmio/Makefile.am
View file
Open in desktop
Expand Up @@ -4,8 +4,6 @@ include $(top_srcdir)/rpm.am
AM_CFLAGS = @RPMCFLAGS@

AM_CPPFLAGS = -I$(top_builddir) -I$(top_srcdir) -I$(top_builddir)/include/
AM_CPPFLAGS += @WITH_NSS_INCLUDE@
AM_CPPFLAGS += @WITH_BEECRYPT_INCLUDE@
AM_CPPFLAGS += @WITH_OPENSSL_INCLUDE@
AM_CPPFLAGS += @WITH_LIBGCRYPT_INCLUDE@
AM_CPPFLAGS += @WITH_POPT_INCLUDE@
Expand All @@ -24,26 +22,17 @@ librpmio_la_SOURCES = \
rpmstring.c rpmfileutil.c rpmglob.c \
rpmkeyring.c rpmstrpool.c rpmmacro_internal.h

if WITH_BEECRYPT
librpmio_la_SOURCES += digest_beecrypt.c
else
if WITH_OPENSSL
librpmio_la_SOURCES += digest_openssl.c
else
if WITH_LIBGCRYPT
librpmio_la_SOURCES += digest_libgcrypt.c
else
librpmio_la_SOURCES += digest_nss.c
endif
endif
endif


librpmio_la_LDFLAGS = -version-info $(rpm_version_info)
librpmio_la_LIBADD = \
../misc/libmisc.la \
@WITH_NSS_LIB@ \
@WITH_BEECRYPT_LIB@ \
@WITH_OPENSSL_LIB@ \
@WITH_LIBGCRYPT_LIB@ \
@WITH_BZ2_LIB@ \
Expand All @@ -53,15 +42,6 @@ librpmio_la_LIBADD = \
$(ZSTD_LIBS) \
-lpthread

if WITH_INTERNAL_BEECRYPT
librpmio_la_LIBADD += $(libbeecrypt_la)

libbeecrypt_la = $(top_builddir)/beecrypt/libbeecrypt_nolibdir.la

$(top_builddir)/beecrypt/libbeecrypt_nolibdir.la: $(top_builddir)/beecrypt/libbeecrypt.la
sed -e 's/libdir=.*/libdir=/' < $(top_builddir)/beecrypt/libbeecrypt.la > $(top_builddir)/beecrypt/libbeecrypt_nolibdir.la
endif

if WITH_LUA
AM_CPPFLAGS += -I$(top_srcdir)/luaext/
AM_CPPFLAGS += @LUA_CFLAGS@
Expand Down