X-Git-Url: https://git.notmuchmail.org/git?p=notmuch;a=blobdiff_plain;f=configure;h=a357eb916fef846445e4e4167f3a5c0a7eeec444;hp=32a836bbdb7bcfb9fdc4ffb535d5df2dddfac767;hb=df3fab18fe70ea750f6f06da30291c67de7e74f2;hpb=ef0ab496b3f1e3a85f08102e3aaf251f4af69fd3

diff --git a/configure b/configure
index 32a836bb..a357eb91 100755
--- a/configure
+++ b/configure
@@ -48,7 +48,7 @@ case $PWD in ( *["$IFS"]* )
 esac
 
 subdirs="util compat lib parse-time-string completion doc emacs"
-subdirs="${subdirs} performance-test test test/test-databases"
+subdirs="${subdirs} performance-test test"
 subdirs="${subdirs} bindings"
 
 # For a non-srcdir configure invocation (such as ../configure), create
@@ -108,6 +108,7 @@ PREFIX=/usr/local
 LIBDIR=
 WITH_DOCS=1
 WITH_API_DOCS=1
+WITH_PYTHON_DOCS=1
 WITH_EMACS=1
 WITH_DESKTOP=1
 WITH_BASH=1
@@ -454,26 +455,6 @@ if [ ${have_xapian} = "0" ]; then
     errors=$((errors + 1))
 fi
 
-if [ ${have_xapian} = "1" ]; then
-    default_xapian_backend=""
-    printf "Testing default Xapian backend... "
-    cat >_default_backend.cc <<EOF
-#include <xapian.h>
-int main(int argc, char** argv) {
-   Xapian::WritableDatabase db("test.db",Xapian::DB_CREATE_OR_OPEN);
-}
-EOF
-    ${CXX} ${CXXFLAGS_for_sh} ${xapian_cxxflags} _default_backend.cc -o _default_backend ${xapian_ldflags}
-    ./_default_backend
-    if [ -f test.db/iamglass ]; then
-	default_xapian_backend=glass
-    else
-	default_xapian_backend=chert
-    fi
-    printf "%s\n" "${default_xapian_backend}";
-    rm -rf test.db _default_backend _default_backend.cc
-fi
-
 GMIME_MINVER=3.0.3
 
 printf "Checking for GMime development files (>= $GMIME_MINVER)... "
@@ -620,6 +601,78 @@ EOF
     if [ -n "$TEMP_GPG" -a -d "$TEMP_GPG" ]; then
         rm -rf "$TEMP_GPG"
     fi
+
+    # see https://dev.gnupg.org/T3464
+    # there are problems verifying signatures when decrypting with session keys with GPGME 1.13.0 and 1.13.1
+    printf "Checking signature verification when decrypting using session keys... "
+
+    cat > _verify_sig_with_session_key.c <<EOF
+#include <stdio.h>
+#include <gmime/gmime.h>
+
+int main () {
+    GError *error = NULL;
+    GMimeParser *parser = NULL;
+    GMimeMultipartEncrypted *body = NULL;
+    GMimeDecryptResult *result = NULL;
+    GMimeSignatureList *sig_list = NULL;
+    GMimeSignature *sig = NULL;
+    GMimeObject *output = NULL;
+    GMimeSignatureStatus status;
+    int len;
+
+    g_mime_init ();
+    parser = g_mime_parser_new ();
+    g_mime_parser_init_with_stream (parser, g_mime_stream_file_open("$srcdir/test/corpora/crypto/encrypted-signed.eml", "r", &error));
+    if (error) return !! fprintf (stderr, "failed to instantiate parser with test/corpora/pkcs7/smime-onepart-signed.eml\n");
+
+    body = GMIME_MULTIPART_ENCRYPTED(g_mime_message_get_mime_part (g_mime_parser_construct_message (parser, NULL)));
+    if (body == NULL) return !!	fprintf (stderr, "did not find a multipart/encrypted message\n");
+
+    output = g_mime_multipart_encrypted_decrypt (body, GMIME_DECRYPT_NONE, "9:13607E4217515A70EC8DF9DBC16C5327B94577561D98AD1246FA8756659C7899", &result, &error);
+    if (error || output == NULL) return !! fprintf (stderr, "decrypt failed\n");
+
+    sig_list = g_mime_decrypt_result_get_signatures (result);
+    if (sig_list == NULL) return !! fprintf (stderr, "sig_list is NULL\n");
+
+    if (sig_list == NULL) return !! fprintf (stderr, "no GMimeSignatureList found\n");
+    len = g_mime_signature_list_length (sig_list);
+    if (len != 1) return !! fprintf (stderr, "expected 1 signature, got %d\n", len);
+    sig = g_mime_signature_list_get_signature (sig_list, 0);
+    if (sig == NULL) return !! fprintf (stderr, "no GMimeSignature found at position 0\n");
+    status = g_mime_signature_get_status (sig);
+    if (status & GMIME_SIGNATURE_STATUS_KEY_MISSING) return !! fprintf (stderr, "signature status contains KEY_MISSING (see https://dev.gnupg.org/T3464)\n");
+
+    return 0;
+}
+EOF
+    if ! TEMP_GPG=$(mktemp -d "${TMPDIR:-/tmp}/notmuch.XXXXXX"); then
+        printf 'No.\nCould not make tempdir for testing signature verification when decrypting with session keys.\n'
+        errors=$((errors + 1))
+    elif ${CC} ${CFLAGS} ${gmime_cflags} _verify_sig_with_session_key.c ${gmime_ldflags} -o _verify_sig_with_session_key \
+            && GNUPGHOME=${TEMP_GPG} gpg --batch --quiet --import < "$srcdir"/test/gnupg-secret-key.asc \
+            && rm -f ${TEMP_GPG}/private-keys-v1.d/*.key
+    then
+        if GNUPGHOME=${TEMP_GPG} ./_verify_sig_with_session_key; then
+            gmime_verify_with_session_key=1
+            printf "Yes.\n"
+        else
+            gmime_verify_with_session_key=0
+            printf "No.\n"
+            cat <<EOF
+*** Error: GMime fails to verify signatures when decrypting with a session key.
+
+This is most likely due to a buggy version of GPGME, which should be fixed in 1.13.2 or later.
+See https://dev.gnupg.org/T3464 for more details.
+EOF
+        fi
+    else
+        printf 'No.\nFailed to set up gpg for testing signature verification while decrypting with a session key.\n'
+        errors=$((errors + 1))
+    fi
+    if [ -n "$TEMP_GPG" -a -d "$TEMP_GPG" ]; then
+        rm -rf "$TEMP_GPG"
+    fi
 else
     have_gmime=0
     printf "No.\n"
@@ -713,34 +766,37 @@ fi
 
 have_python3=0
 if [ $have_python -eq 1 ]; then
-    printf "Checking for python3..."
-    if "$python" -c 'import sys; assert sys.version_info >= (3,0)' > /dev/null 2>&1; then
+    printf "Checking for python3 (>= 3.5)..."
+    if "$python" -c 'import sys, sysconfig; assert sys.version_info >= (3,5)'; >/dev/null 2>&1; then
         printf "Yes.\n"
         have_python3=1
     else
-        printf "No.\n"
+        printf "No (will not install CFFI-based python bindings).\n"
     fi
 fi
 
 have_python3_cffi=0
 have_python3_pytest=0
 if [ $have_python3 -eq 1 ]; then
-    printf "Checking for python3 cffi... "
-    if "$python" -c 'import cffi' >/dev/null 2>&1; then
+    printf "Checking for python3 cffi and setuptools... "
+    if "$python" -c 'import cffi,setuptools; cffi.FFI().verify()' >/dev/null 2>&1; then
         printf "Yes.\n"
         have_python3_cffi=1
+        WITH_PYTHON_DOCS=1
     else
-        printf "No.\n"
+        WITH_PYTHON_DOCS=0
+        printf "No (will not install CFFI-based python bindings).\n"
     fi
+    rm -rf __pycache__  # cffi.FFI().verify() uses this space
 
     printf "Checking for python3 pytest (>= 3.0)... "
     conf=$(mktemp)
     printf "[pytest]\nminversion=3.0\n" > $conf
-    if pytest-3 -c $conf --version >/dev/null 2>&1; then
+    if "$python" -m pytest -c $conf --version >/dev/null 2>&1; then
         printf "Yes.\n"
         have_python3_pytest=1
     else
-        printf "No.\n"
+        printf "No (will not test CFFI-based python bindings).\n"
     fi
     rm -f $conf
 fi
@@ -955,7 +1011,7 @@ On Debian and similar systems:
 
 Or on Fedora and similar systems:
 
-	sudo yum install xapian-core-devel gmime-devel libtalloc-devel zlib-devel
+	sudo dnf install xapian-core-devel gmime30-devel libtalloc-devel zlib-devel
 
 On other systems, similar commands can be used, but the details of the
 package names may be different.
@@ -970,7 +1026,7 @@ to install pkg-config with a command such as:
 
 	sudo apt-get install pkg-config
 Or:
-	sudo yum install pkgconfig
+	sudo dnf install pkgconfig
 
 But if pkg-config is not available for your system, then you will need
 to modify the configure script to manually set the cflags and ldflags
@@ -1044,6 +1100,22 @@ else
 fi
 rm -f compat/have_timegm
 
+cat <<EOF > _time_t.c
+#include <time.h>
+#include <assert.h>
+static_assert(sizeof(time_t) >= 8, "sizeof(time_t) < 8");
+EOF
+
+printf "Checking for 64 bit time_t... "
+if ${CC} -c _time_t.c -o /dev/null
+then
+    printf "Yes.\n"
+    have_64bit_time_t=1
+else
+    printf "No.\n"
+    have_64bit_time_t=0
+fi
+
 printf "Checking for dirent.d_type... "
 if ${CC} -o compat/have_d_type "$srcdir"/compat/have_d_type.c > /dev/null 2>&1
 then
@@ -1127,7 +1199,8 @@ for flag in -Wmissing-declarations; do
 done
 printf "\n\t%s\n" "${WARN_CFLAGS}"
 
-rm -f minimal minimal.c _libversion.c _libversion _libversion.sh _check_session_keys.c _check_session_keys _check_x509_validity.c _check_x509_validity
+rm -f minimal minimal.c _time_t.c _libversion.c _libversion _libversion.sh _check_session_keys.c _check_session_keys _check_x509_validity.c _check_x509_validity \
+   _verify_sig_with_session_key.c _verify_sig_with_session_key
 
 # construct the Makefile.config
 cat > Makefile.config <<EOF
@@ -1415,12 +1488,12 @@ NOTMUCH_SRCDIR='${NOTMUCH_SRCDIR}'
 # Whether to have Xapian retry lock
 NOTMUCH_HAVE_XAPIAN_DB_RETRY_LOCK=${WITH_RETRY_LOCK}
 
-# Which backend will Xapian use by default?
-NOTMUCH_DEFAULT_XAPIAN_BACKEND=${default_xapian_backend}
-
 # Whether GMime can verify X.509 certificate validity
 NOTMUCH_GMIME_X509_CERT_VALIDITY=${gmime_x509_cert_validity}
 
+# Whether GMime can verify signatures when decrypting with a session key:
+NOTMUCH_GMIME_VERIFY_WITH_SESSION_KEY=${gmime_verify_with_session_key}
+
 # do we have man pages?
 NOTMUCH_HAVE_MAN=$((have_sphinx))
 
@@ -1428,6 +1501,9 @@ NOTMUCH_HAVE_MAN=$((have_sphinx))
 NOTMUCH_HAVE_BASH=${have_bash}
 NOTMUCH_BASH_ABSOLUTE=${bash_absolute}
 
+# Whether time_t is 64 bits (or more)
+NOTMUCH_HAVE_64BIT_TIME_T=${have_64bit_time_t}
+
 # Whether perl exists, and if so where
 NOTMUCH_HAVE_PERL=${have_perl}
 NOTMUCH_PERL_ABSOLUTE=${perl_absolute}
@@ -1452,6 +1528,17 @@ NOTMUCH_HAVE_PYTHON3_PYTEST=${have_python3_pytest}
 PLATFORM=${platform}
 EOF
 
+{
+    echo "# Generated by configure, run from doc/conf.py"
+    if [ $WITH_EMACS = "1" ]; then
+        echo "tags.add('WITH_EMACS')"
+    fi
+    if [ $WITH_PYTHON_DOCS = "1" ]; then
+        echo "tags.add('WITH_PYTHON')"
+    fi
+    printf "rsti_dir = '%s'\n" $(realpath emacs)
+} > sphinx.config
+
 # Finally, after everything configured, inform the user how to continue.
 cat <<EOF