Commit graph

203 commits

Author SHA1 Message Date
Daniel Kahn Gillmor
7880092964 configure: report GMime minimum version in ./configure output
We already report the minimum version for Glib, zlib, and Xapian
development libraries.  For consistency, report it for GMime as well.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2020-05-22 22:07:51 -03:00
Daniel Kahn Gillmor
b14d9ae204 smime: tests of X.509 certificate validity are known-broken on GMime < 3.2.7
When checking cryptographic signatures, Notmuch relies on GMime to
tell it whether the certificate that signs a message has a valid User
ID or not.

If the User ID is not valid, then notmuch does not report the signer's
User ID to the user.  This means that the consumer of notmuch's
cryptographic summary of a message (or of its protected headers) can
be confident in relaying the reported identity to the user.

However, some versions of GMime before 3.2.7 cannot report Certificate
validity for X.509 certificates.  This is resolved upstream in GMime
at https://github.com/jstedfast/gmime/pull/90.

We adapt to this by marking tests of reported User IDs for
S/MIME-signed messages as known-broken if GMime is older than 3.2.7
and has not been patched.

If GMime >= 3.2.7 and certificate validity still doesn't work for
X.509 certs, then there has likely been a regression in GMime and we
should fail early, during ./configure.

To break out these specific User ID checks from other checks, i had to
split some tests into two parts, and reuse $output across the two
subtests.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2020-05-22 22:04:57 -03:00
Tomi Ollila
00cdfe1071 build: drop support for xapian versions less than 1.4
Xapian 1.4 is over 3 years old now (1.4.0 released 2016-06-24),
and 1.2 has been deprecated in Notmuch version 0.27 (2018-06-13).

Xapian 1.4 supports compaction, field processors and retry locking;
conditionals checking compaction and field processors were removed
but user may want to disable retry locking at configure time so it
is kept.
2020-04-23 21:28:45 -03:00
Daniel Kahn Gillmor
13f2027101 configure: Check GMime version properly
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2020-03-19 21:55:04 -03:00
Tomi Ollila
eb1f799892 configure: fix reference to possibly undefined $PKG_CONFIG_PATH
In case zlib not found by pkg-config(1) the pkg-config information
is resolved by attempting to print ZLIB_VERSION from from zlib
installation if it exists anyway.

If above done successfully compat/zlib.pc is written for forthcoming
pkg-config execution.

Since `set -u` is in effect (since 124a67e96, 2016-05-06),
expanding unset $PKG_CONFIG_PATH (would have) failed whenever tried.

Now it is changed to set as "$PKG_CONFIG_PATH:compat" if PKG_CONFIG_PATH
is set and is non-empty string, plain "compat" otherwise.
2019-12-09 16:24:37 -04:00
Oliver Kiddle
2044c7aad9 configure: Install zsh completions where zsh will find them.
Zsh searches in the $fpath array for completion functions. By default
this includes $(prefix)/share/zsh/site-functions but not the existing
value. The prefix for zsh and notmuch isn't guaranteed to be the same
but it normally will be making this a better default for
zsh_completion_dir.
2019-12-03 08:25:55 -04:00
David Bremner
85adc756c9 tests: run python-cffi tests
The entire python-cffi test suite is considered as a single test at
the level of the notmuch test suite. This might or might not be ideal,
but it gets them run.
2019-12-03 08:12:30 -04:00
David Bremner
3aaa8cfe94 configure: check for python cffi and pytest modules
This is needed to build the new python bindings, and run their tests.
2019-12-03 08:12:30 -04:00
Tomi Ollila
e0e55c5b6f configure: disallow whitespace in paths, extend checks to $PWD
Whitespace in $NOTMUCH_SRCDIR (and $PWD) may work in builds,
but definitely will not work in tests. It would be difficult
to make tests support whitespace in test filename paths -- and
fragile to maintain if done.

So it is just easier and safer to disallow whitespace there.

In case of out of tree build $NOTMUCH_SRCDIR differs from $PWD
(current directory). Extend this whitespace, and also previously
made unsafe characters check to $PWD too.
2019-09-11 18:51:23 -03:00
Tomi Ollila
e13862f127 configure: fix out of tree build; check unsafe characters in srcdir
While check for GMime session key extraction support... was made
out of tree build compatible, related (and some unrelated) unsafe
characters are now checked in notmuch source directory path.

The known unsafe characters in NOTMUCH_SRCDIR are:

- Single quote (') -- NOTMUCH_SRCDIR='${NOTMUCH_SRCDIR}'
  is written to sh.config in configure line 1328.

- Double quote (") -- configure line 521 *now* writes "$srcdir"
  into generated c source file ($NOTMUCH_SRCDIR includes $srcdir).

- Backslash (\) could also be problematic in configure line 521.

- The added $ and ` are potentially unsafe -- inside double quotes
  in shell script those have special meaning.

  Other characters don't expand inside double quoted strings.
2019-08-29 14:32:54 -03:00
David Bremner
b23902a611 Merge branch 'release' 2019-06-17 07:07:45 +02:00
Ralph Seichter
4b17201c4f configure: fix mktemp call for macOS
Add missing template to mktemp, as required by macOS / OS X.

Signed-off-by: Ralph Seichter <abbot@monksofcool.net>
2019-06-17 07:05:08 +02:00
David Bremner
a6a8df7e03 build: drop variable HAVE_EMACS. use WITH_EMACS instead
The extra flexibility of having both HAVE_EMACS (for yes, there is an
emacs we can use) and WITH_EMACS (the user wants emacs support) lead
to confusion and bugs. We now just force WITH_EMACS to 0 if no
suitable emacs is detected.
2019-06-12 19:58:30 -03:00
Daniel Kahn Gillmor
2669117ad7 configure: make _check_session_keys work with an as-needed linker
When using a promiscuous linker, _check_session_keys was working fine.

But some OSes (including some versions of Ubuntu) have set their
linker to always link in "--as-needed" mode, which means that the
order of the objects linked is relevant.  If a library is loaded
before it is needed, that library will no longer be linked in the
final outcome.  _check_session_keys.c was failing on those systems.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-20 18:34:12 -03:00
Daniel Kahn Gillmor
0def7b6860 configure: handle TEMP_GPG more robustly
We never want ./configure to try to do something with an unassigned
variable.  So, make the directory $TEMP_GPG at the start of the
testing of session-key handling, and clean it up afterwards as long as
the directory exists.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-20 18:24:15 -03:00
Daniel Kahn Gillmor
7546fd9cf6 configure: better error handling on session key check.
There are a few changes bundled here:

 * say "No." explicitly if there's a failure.

 * try to avoid implying that gpgme-config is necessary to build
   notmuch itself (it's not, though it may be useful if you need to
   rebuild gmime).

 * leave _check_session_keys and _check_session_keys.c around if
   ./configure fails, so that the user can play with it more easily
   for debugging.

 * let error messages show when _check_session_keys.c is built.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Amended by DB: use command -v instead of which.
2019-05-20 18:17:18 -03:00
Daniel Kahn Gillmor
30c4fa3702 configure: Ensure that GMime can extract session keys
GMime 3.0 and higher can extract session keys, but it will *not*
extract session keys if it was built with --disable-crypto, or if it
was built against GPGME version < 1.8.0.

Notmuch currently expects to be able to extract session keys, and
tests will fail if it is not possible, so we ensure that this is the
case during ./configure time.

Part of this feels awkward because notmuch doesn't directly depend on
gpg at all.  Rather, it depends on GMime, and the current
implementation of GMime depends on GPGME for its crypto, and GPGME in
turn depends on gpg.

So the use of gpg in ./configure isn't actually introducing a new
dependency, though if a future version of GMime were ever to move away
from GnuPG, we might need to reconsider.

Note that this changeset depends on
id:20190506174327.13457-1-dkg@fifthhorseman.net , which supplies the
rfc822 message test/corpora/crypto/basic-encrypted.eml used in it.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-20 16:28:37 -03:00
Daniel Kahn Gillmor
c7bb4c7741 gmime-cleanup: no longer need to use GMime major version during build
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-03 06:58:21 -03:00
Daniel Kahn Gillmor
bb0b119358 gmime-cleanup: always support session keys
Our minimum version of GMime 3.0 always supports good session key
handling.

signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-03 06:55:32 -03:00
David Bremner
570349e132 build: drop support for gmime-2.6
GMime 3.0 is over 2 years old now, and 2.6 has been deprecated in
notmuch for about 1.5 years.

Comments and documentation no longer need to refer to GMime 2.6, so
clean them all up.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-05-03 06:49:49 -03:00
Luis Ressel
5569e04231 Add a configure flag to disable rpaths
Better support build environments where our /sbin/ldconfig based
heuristic does not work (e.g. some musl libc based systems).
2019-03-12 20:12:49 -03:00
David Bremner
87eb477ba5 notmuch 0.28.1 release
-----BEGIN PGP SIGNATURE-----
 
 iQGzBAABCAAdFiEE3VS2dnyDRXKVCQCp8gKXHaSnniwFAlxUOSIACgkQ8gKXHaSn
 nizwvAv8DPoLLssPfwY1AJtc7+JQzAl5scpkjJbGYlzXWTkhD14Efnb0FzMFulRG
 fG4gpsqFA9iNJGT2uTKtYRvKayoMNQMk2eSk8IKyINIVO/jclNbsaSFhL7vqyzsm
 8l+A1UBQ2BsmUsv58ImoS/F65iF2ZBXu5OEEzqxzL+m+WBh9rNyuBaN4Arr64eVy
 f0V/CWYr9VmauuWg0UW3lZ2kwT2+eJDdw7/UwkdeaesuqypPrb+PyRbSDozr4yEj
 n+l0LsbP2iN2i8b0MBNS1vf9fSkUxhBmLzSoqJWbsEZFKwXLFTp5+TLyVxYDzKO5
 D5ug22DG4VFUOmvBaKkMdnavr8z0QZrfL1/z6998Ux+iYG/YrITsrAv02+BxXr5a
 MPmmhW+9x5AZBSP/qasvNCu/Zhczcu/DZ0oUe5qLXTY0yPsOWZRv/+iAWTxXbk+Q
 iS5wbmeZsF/WSH1l3vtK9PnD1wePqITQPK22bKCjSXhPxWOO6AxNcfpy3/lsZ2j2
 9NPLfpFl
 =G2Qd
 -----END PGP SIGNATURE-----

Merge tag '0.28.1'

notmuch 0.28.1 release
2019-02-01 08:35:20 -04:00
David Bremner
a38853518e configure: don't use special variable BASH
bash, in it's wisdom, sets that variable when invoked as /bin/sh, but
then doesn't act as bash, at least not to the degree we need to run
scripts.
2019-02-01 07:59:12 -04:00
Tomi Ollila
5e44372373 configure: check that the version of emacs we may have is at least 24
This also effectively drops support to Emacs version 23, which was
deprecated in version 0.23.2 (2016-11-20) and did not entirely work
any more.
2019-01-25 21:15:32 -04:00
David Bremner
11d0edeac2 configure: absolute path of perl
This can be used to set shebang lines during install.
2018-09-18 07:34:33 -03:00
David Bremner
aab395b2d4 configure: absolute path of bash
This can be used to set shebang lines during install.
2018-09-18 07:34:33 -03:00
David Bremner
b71fa262b5 configure: check for links to/from libdir in ldconfig output
If e.g. /lib is a link to /usr/lib, then the latter may not show up in
the way we expect in the output of ldconfig. 'test foo -ef bar' checks
if foo and bar have the same device and inode numbers. Since (at least
in bash, dash, ksh, and zsh) the shell dereferences symlinks before
applying the test, this includes both the case where file1 is equal to
file2 and the case where one is a symlink to the other.
2018-05-31 08:14:47 -03:00
David Bremner
7e3575c0ca configure: set 'infodir'
This turns --infodir from an ignored option into a real one
2018-05-26 08:26:02 -07:00
David Bremner
db666126cd configure: check for makeinfo and install-info
These are needed to build and install (respectively) the info format
documentation.
2018-05-26 08:25:51 -07:00
Thomas Schneider
b2e4778ea4 build: Allow user to specify ruby executable
This way, one can build for a different Ruby than $PATH/ruby
(e. g. different versions, or Ruby in other paths).

Signed-off-by: Thomas Schneider <qsx@chaotikum.eu>
2018-05-10 21:01:06 -03:00
Daniel Kahn Gillmor
c20a5eb805 move more http -> https
Correct URLs that have crept into the notmuch codebase with http://
when https:// is possible.

As part of this conversion, this changeset also indicates the current
preferred upstream URLs for both gmime and sup.  the new URLs are
https-enabled, the old ones are not.

This also fixes T310-emacs.sh, thanks to Bremner for catching it.
2018-05-03 20:59:20 -03:00
David Bremner
040c3236af Merge branch 'release'
Conflicts:
        NEWS

Add in NEWS from point release
2017-12-08 22:19:06 -04:00
Daniel Kahn Gillmor
cb855d8a9d crypto: signature verification reports valid User IDs
When i'm trying to understand a message signature, i care that i know
who it came from (the "validity" of the identity associated with the
key), *not* whether i'm willing to accept the keyholder's other
identity assertions (the "trust" associated with the certificate).

We've been reporting User ID information based on the "trust"
associated with the certificate, because GMime didn't clearly expose
the validity of the User IDs.

This change relies on fixes made in GMime 3.0.3 and later which
include https://github.com/jstedfast/gmime/pull/18.
2017-12-08 20:35:18 -04:00
Daniel Kahn Gillmor
de80ede3df cli/help: give a hint about notmuch-emacs-mua
"notmuch help" doesn't mention "notmuch-emacs-mua" even though we
support it through the try_external_command() mechanism.

In addition, "notmuch help emacs-mua" doesn't work, even though we
ship the appropriate manpage.

This changeset fixes both of these problems.
2017-12-07 08:20:00 -04:00
Daniel Kahn Gillmor
03f4f75124 debian/control: build-depend on python3-sphinx instead of python-sphinx
python2 is going to be deprecated, and python3-sphinx is available all
the way back to oldoldstable.  let's use the more modern version.

To make this work and still ship the manpages, tell ./configure to
prefer python3 over python, if it exists.
2017-12-07 08:18:29 -04:00
Daniel Kahn Gillmor
0ff13f862c configure: session key handling in gmime maps to built_with("session_key")
This flag should make it easier to write the code for session-key
handling.

Note that this only works for GMime 2.6.21 and later (the session key
interface wasn't available before then).  It should be fine to build
the rest of notmuch if this functionality isn't available.

Note that this also adds the "session_key" built_with() aspect to
libnotmuch.
2017-12-04 21:39:50 -04:00
Jani Nikula
d6929040a4 build: don't copy the test directory for out-of-tree builds
It should now work without.
2017-10-21 16:34:55 -03:00
Jan Malakhovski
46bda291ba build: fix unbound variable in configure
Commentary by db:

This missing initialization caused configure to crash, and hence the
build to fail in environments without cppcheck.
2017-08-31 10:09:02 -03:00
David Bremner
af64530d3f build: add target to run cppcheck
The advantage of having a target as opposed to running cppcheck by
hand

  - reuse list of source files
  - output errors in a format parsable, e.g. by emacs
  - returns exit code 1 on any error, for possibly use in other
    targets.

For the moment, leave this as an optional target. If desired, it can
be added to e.g. the release targets in the same way as the test
target.

Using two levels of directory for the stamps is arguably
overengineering, but it doesn't really cost anything, and leaves open
the possibility of putting other kinds of stamp files there.

This only checks "new" source files (w.r.t. their last check). A future target
(cppcheck-all ?) could blow away the stamp files first.
2017-08-29 22:05:37 -03:00
David Bremner
6ac3d8c27f test: define GMime version dependant breakage
We have some tests where the gmime 3 behaviour seems like a bug fix,
others where it's less clear, so we allow both possibilities.
2017-05-31 21:54:08 -03:00
David Bremner
6977316a5f configure: add optional support for gmime-3.0
This is only the changes to make configure work; it won't compile with
gmime-3.0 yet.
2017-05-31 21:52:15 -03:00
Tomi Ollila
807a9cb8aa configure: Be more verbose when compiler sanity checks fail
When configure could not get past initial compiler sanity check
the user was left with no explanation why this happened (usually
the reason is that compilers are not installed).

By printing the executed command line and re-executing it without
output redirection user gets better information how to proceed
(or ask for help) to resolve this problem.

The shell builtin 'printf' is used to print the executed command
line to ensure verbatim output.
2017-04-14 16:14:26 -03:00
David Bremner
949a5ac4d4 configure: change default bash completion location to /usr/share
At least Fedora and Debian now use
/usr/share/bash-completion/completions now. Apparently
/etc/bash_completion.d will be phased out at some point in the future.
2017-03-25 12:01:22 -03:00
Mikhail
9b7dbed58e tests: add compatibility layer
Make test-lib-common.sh load test-lib-<$PLATFORM>.sh to create
additional shim for platform specifics.

Use test-lib-FREEBSD.sh to call GNU utilities instead of native ones.

- amended by db following Tomi's suggestions
2017-03-25 07:56:52 -03:00
Tomi Ollila
35cdebdad0 fix out of tree build
In addition to use ${srcdir} and deliver ${NOTMUCH_SRCDIR} where needed,
source from ruby bindings had to be copied to the out-of-tree target
directory -- if the source files in source directory were referenced
in build and there were also built object files there, those could have
been considered as target files (and then not found when attempting
to create bindings/ruby/notmuch.so).
2017-03-12 09:17:29 -03:00
Tomi Ollila
18914c725b configure: add ${NOTMUCH_SRCDIR} -- absolute path to notmuch source
The ${srcdir} -- usually relative path to notmuch source -- works fine
in current ./configure and all makefiles. To have simple access to
notmuch source in tests and out of tree builds holding absolute path to
the source directory is useful.
2017-03-12 09:16:54 -03:00
Tomi Ollila
b7763c94e2 configure: removed $zlib_(cflags|ldflags) from compat code build
When pkg-config does not find configure, a compat version of the
zlib.pc is created. In creation of that configure attempted to
read values of $zlib_cflags and $zlib_ldflags. In the usual case
those were undefined, and with `set -a` now in the beginning of
configure, configure broke.

Even if $zlib_cflags and $zlib_ldflags had values which were used
to create zlib.pc, the values were overwritten (with static content)
a few lines later in next pkg-config --cflags and --libs run. These
values would not be different and probably useless -- the following
boild would probably fail.

But instead of using those, CPATH and LIBRARY_PATH environment
variables can be used successfully (both while configuring and
building).
2017-03-09 10:20:01 -04:00
David Bremner
508b5c20fa Merge branch 'release'
Second gnugpg test suite fix
2017-02-28 21:21:07 -04:00
David Bremner
a4ddc63b23 Revert "configure: add test for gpgconf --create-socketdir"
This reverts commit 12f7d4e61d.

Since we're not using gpgconf anymore, drop the unneeded test in
configure.
2017-02-27 18:27:49 -04:00
David Bremner
9951598d11 Merge branch 'release'
Merge changes to use gpgconf --create-socketdir
2017-02-21 08:16:07 -04:00