--=-=-=
Content-Type: text/plain
Control: forwarded 1102621
https://dev.gnupg.org/T7603
Control: tags 1102621 + patch
On Fri 2025-04-11 19:27:12 +0200, Andreas Metzler wrote:
npth was added in
ce9906b008c94c2aa4ac770a981d1e1e0b8aea47
gpg: First rough implementation of keyboxd access for key lookup.
and libassuan in aba82684fe14289cf62b4694bc398f3a274b4762
gpg: New option --use-keyboxd.
Thanks for the sleuthing here, Andreas. It's definitely useful to know
where these additional dependencies were added. But i don't think gpgv
has any business talking to keyboxd, at least according to its
documentation.
And, in the places where we use gpgv, it would probably be a disaster if
it *did* talk to keyboxd.
It looks like libassuan is present only due to g10/call-keyboxd.c. I've reported that upstream as
https://dev.gnupg.org/T7603, and the patch
attached here stubs out those calls for gpgv.
I'm now looking into whether the npth dependency is really needed. it
seems like the only invocations of npth in gpgv are:
- npth_read
- npth_sleep
- npth_usleep
afaict, those are merely collaborative asynchronous wrappers around the standard POSIX calls, which again seem unnecessary for gpgv.
They appear to have been pulled in from common/sysutils.c when built
with pth, which suggests that we just need to link gpgv against a
non-pth libcommon. I'll test further and report back.
--dkg
--=-=-=
Content-Type: text/x-diff
Content-Disposition: inline;
filename=0001-gpgv-Avoid-Assuan-dependency.patch
Content-Transfer-Encoding: quoted-printable
From 10db0bcdabf13adbbd9ffbb34e3b2b8516455ab3 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <
dkg@fifthhorseman.net>
Date: Fri, 11 Apr 2025 16:59:20 -0400
Subject: [PATCH] gpgv: Avoid Assuan dependency
* g10/internal-keydb.c: (new file) stub functions for basic keydb
parsing without talking to keyboxd.
* g10/Makefile.am: gpgv depend on internal-keydb instead of
call-keyboxd
--
This avoids an unnecessary dependency on libassuan in gpgv. Since
gpgv is targeted toward minimal environments, keeping a reduced set of dependencies is beneficial.
GnuPG-Bug-Id: T7603
Signed-off-by: Daniel Kahn Gillmor <
dkg@fifthhorseman.net>
---
g10/Makefile.am | 11 ++--
g10/internal-keydb.c | 118 +++++++++++++++++++++++++++++++++++++++++++
2 files changed, 124 insertions(+), 5 deletions(-)
create mode 100644 g10/internal-keydb.c
diff --git a/g10/Makefile.am b/g10/Makefile.am
index e8d8e9017..dce8e37b9 100644
--- a/g10/Makefile.am
+++ b/g10/Makefile.am
@@ -104,7 +104,6 @@ common_source = \
expand-group.c \
keydb.h \
keydb-private.h \
- call-keyboxd.c \
keydb.c \
keyring.c keyring.h \
seskey.c \
@@ -132,6 +131,7 @@ common_source = \
gpg_sources = server.c \
$(common_source) \
+ call-keyboxd.c \
pkclist.c \
skclist.c \
pubkey-enc.c \
@@ -168,6 +168,7 @@ gpg_SOURCES = gpg.c \
gpgv_SOURCES = gpgv.c \
$(common_source) \
+ internal-keydb.c \
verify.c
LDADD = $(needed_libs) ../common/libgpgrl.a \
@@ -186,21 +187,21 @@ t