Summary:
This commit amends f57d661416ecbdfbf9c16d8116c296cfdcbeb7d6.
HKDF support was added only in the new versions of the libs.
Reviewers: dfaure, bcooksley
Reviewed By: dfaure
Differential Revision: https://phabricator.kde.org/D16248
This change adds a mandatory dependency on Botan, which is not available at this time within Craft.
As this change was not notified to Sysadmin and because it has left us in a state whereby we are unable to get the Windows CI system back up and running, this is being reverted so it can be brought back online.
Please reintroduce this change once support for having Botan as optional is restored
This reverts commit 47163784d74232e3a844fc42897bffc7eff817b4.
Botan 1.10 will be EOL'd this year. This patch is a rough port to botan 2 API. Also:
- Removes support for botan < 1.10 to simplify code (1.10 was released 7 years ago)
- Ports the cmake module to use pkgconfig, since botan-config doesn't exist anymore in v2.
- To minimize ifdef'd code, botan2 unique_ptr's are release'd
- Removes -ansi C(XX)FLAGS, botan 2 requires C++11
Differential Revision: https://phabricator.kde.org/D11997
Test Plan:
Ran the testsuite with OpenSSL 1.1.0g and 1.0.2j, all passed.
Using this code with kdeconnect and okteta successfully on my system now.
Reviewers: iromanov
Subscribers: anthonyfieroni, alonbl, heikobecker, cfeck, asturmlechner, bero, rdieter
Differential Revision: https://phabricator.kde.org/D9416
On Windows gpg uses ANSI codepage to output homedir and keyrings
paths. No way to output in utf-8. Gpg returns utf-8 strings output
only when --with-colons option is used.
When no keys 'gpg --list-keys' doesn't return path to keyring file.
Path is needest for watching to know when keys added or removed.
Use default keyrings path based on GnuPG home directory. This
directory gets with output 'gpg --version'. Line which starts with
'Home: ' contains GnuPG home directory. I believe it is correct
for GnuPG always and won't be changed in the future.
LibreSSL >= 2.3.0 removed support for SHA-0, so there's no EVP_sha
anymore.
Wikipedia says about SHA-0: "160-bit hash function published in 1993
under the name SHA. It was withdrawn shortly after publication due to
an undisclosed "significant flaw" and replaced by the slightly revised
version SHA-1.'
REVIEW: 125387
This fixes building with LibreSSL >= 2.3.0 which has removed support
for SSLv3 completely. As far as I know OpenSSL can be configured to
build without it, so it might be helpful there as well.
REVIEW: 125386
libressl removed the SSL Compression functionality (which might
be considered insecure) and thus also compress_meth.
SSL_SESSION_get_compress_id is just a stub in libressl which always
returns 0 and in openssl it returns compress_meth.
REVIEW: 121107
1. SafeTimer now is common and public class. All plugins use this
implementation.
2. Added debug messages in SafeTimer. Uncomment SAFETIMER_DEBUG to
enable.
3. TimerFixer skips SafeTimer objects. No need extra fixes for
SafeTimer. But can be problems with children of SafeTimer I
believe no such.
Ignore KEYEXPIRED which will be thrown for any expired subkey regardless
of being related to the current operation. Instead, use EXPKEYSIG,
REVKEYSIG, EXPSIG and INV_RECP accordingly.
Add new errors QCA::SecureMessage::{ErrorSignerRevoked,
ErrorSignatureExpired,
ErrorEncryptRevoked}.
Due to GnuPG bug #1650 <https://bugs.g10code.com/gnupg/issue1650>
encrypting to an expired or revoked key will omit the reason for failing,
resulting in the error code QCA::SecureMessage::ErrorEncryptInvalid.
REVIEW: 118567
On Windows when compiling with Visual Studio will be produced special
.pdb files for debuggins purposes. It must be put next to target
runtime (.dll or .exe) file.
