diff --git a/gnupg-2.2.19.tar.bz2 b/gnupg-2.2.19.tar.bz2 deleted file mode 100644 index 45b0b77..0000000 --- a/gnupg-2.2.19.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:242554c0e06f3a83c420b052f750b65ead711cc3fddddb5e7274fcdbb4e9dec0 -size 6754972 diff --git a/gnupg-2.2.19.tar.bz2.sig b/gnupg-2.2.19.tar.bz2.sig deleted file mode 100644 index e3c9845..0000000 Binary files a/gnupg-2.2.19.tar.bz2.sig and /dev/null differ diff --git a/gnupg-2.2.20.tar.bz2 b/gnupg-2.2.20.tar.bz2 new file mode 100644 index 0000000..a1c9c43 --- /dev/null +++ b/gnupg-2.2.20.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:04a7c9d48b74c399168ee8270e548588ddbe52218c337703d7f06373d326ca30 +size 6786913 diff --git a/gnupg-2.2.20.tar.bz2.sig b/gnupg-2.2.20.tar.bz2.sig new file mode 100644 index 0000000..2f2868c Binary files /dev/null and b/gnupg-2.2.20.tar.bz2.sig differ diff --git a/gnupg-2.2.8-files-are-digests.patch b/gnupg-2.2.8-files-are-digests.patch index 110ad63..b64927d 100644 --- a/gnupg-2.2.8-files-are-digests.patch +++ b/gnupg-2.2.8-files-are-digests.patch @@ -4,11 +4,11 @@ g10/sign.c | 68 ++++++++++++++++++++++++++++++++++++++++++++++++++++------ 3 files changed, 67 insertions(+), 6 deletions(-) -Index: gnupg-2.2.18/g10/gpg.c +Index: gnupg-2.2.20/g10/gpg.c =================================================================== ---- gnupg-2.2.18.orig/g10/gpg.c -+++ gnupg-2.2.18/g10/gpg.c -@@ -378,6 +378,7 @@ enum cmd_and_opt_values +--- gnupg-2.2.20.orig/g10/gpg.c ++++ gnupg-2.2.20/g10/gpg.c +@@ -380,6 +380,7 @@ enum cmd_and_opt_values oTTYtype, oLCctype, oLCmessages, @@ -16,7 +16,7 @@ Index: gnupg-2.2.18/g10/gpg.c oXauthority, oGroup, oUnGroup, -@@ -830,6 +831,7 @@ static ARGPARSE_OPTS opts[] = { +@@ -834,6 +835,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_s (oWeakDigest, "weak-digest","@"), ARGPARSE_s_n (oUnwrap, "unwrap", "@"), ARGPARSE_s_n (oOnlySignTextIDs, "only-sign-text-ids", "@"), @@ -24,7 +24,7 @@ Index: gnupg-2.2.18/g10/gpg.c /* Aliases. I constantly mistype these, and assume other people do as well. */ -@@ -2412,6 +2414,7 @@ main (int argc, char **argv) +@@ -2421,6 +2423,7 @@ main (int argc, char **argv) opt.def_cert_expire = "0"; gnupg_set_homedir (NULL); opt.passphrase_repeat = 1; @@ -32,19 +32,19 @@ Index: gnupg-2.2.18/g10/gpg.c opt.emit_version = 0; opt.weak_digests = NULL; -@@ -2988,6 +2991,7 @@ main (int argc, char **argv) +@@ -2997,6 +3000,7 @@ main (int argc, char **argv) opt.verify_options&=~VERIFY_SHOW_PHOTOS; break; case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break; + case oFilesAreDigests: opt.files_are_digests = 1; break; case oDisableSignerUID: opt.flags.disable_signer_uid = 1; break; - -Index: gnupg-2.2.18/g10/options.h + case oIncludeKeyBlock: opt.flags.include_key_block = 1; break; +Index: gnupg-2.2.20/g10/options.h =================================================================== ---- gnupg-2.2.18.orig/g10/options.h -+++ gnupg-2.2.18/g10/options.h -@@ -210,6 +210,7 @@ struct +--- gnupg-2.2.20.orig/g10/options.h ++++ gnupg-2.2.20/g10/options.h +@@ -202,6 +202,7 @@ struct int no_auto_check_trustdb; int preserve_permissions; int no_homedir_creation; @@ -52,10 +52,10 @@ Index: gnupg-2.2.18/g10/options.h struct groupitem *grouplist; int mangle_dos_filenames; int enable_progress_filter; -Index: gnupg-2.2.18/g10/sign.c +Index: gnupg-2.2.20/g10/sign.c =================================================================== ---- gnupg-2.2.18.orig/g10/sign.c -+++ gnupg-2.2.18/g10/sign.c +--- gnupg-2.2.20.orig/g10/sign.c ++++ gnupg-2.2.20/g10/sign.c @@ -43,6 +43,8 @@ #include "../common/mbox-util.h" #include "../common/compliance.h" @@ -65,7 +65,7 @@ Index: gnupg-2.2.18/g10/sign.c #ifdef HAVE_DOSISH_SYSTEM #define LF "\r\n" #else -@@ -749,6 +751,8 @@ write_signature_packets (ctrl_t ctrl, +@@ -834,6 +836,8 @@ write_signature_packets (ctrl_t ctrl, if (duration || opt.sig_policy_url || opt.sig_notations || opt.sig_keyserver_url) sig->version = 4; @@ -74,10 +74,10 @@ Index: gnupg-2.2.18/g10/sign.c else sig->version = pk->version; -@@ -772,8 +776,12 @@ write_signature_packets (ctrl_t ctrl, - mk_notation_policy_etc (sig, NULL, pk); +@@ -860,8 +864,12 @@ write_signature_packets (ctrl_t ctrl, + else + err = 0; } - + if (!opt.files_are_digests) { hash_sigversion_to_magic (md, sig); gcry_md_final (md); @@ -85,9 +85,9 @@ Index: gnupg-2.2.18/g10/sign.c + log_bug("files-are-digests doesn't work with v4 sigs\n"); + } - rc = do_sign (ctrl, pk, sig, md, hash_for (pk), cache_nonce, 0); - gcry_md_close (md); -@@ -835,6 +843,8 @@ sign_file (ctrl_t ctrl, strlist_t filena + if (!err) + err = do_sign (ctrl, pk, sig, md, hash_for (pk), cache_nonce, 0); +@@ -924,6 +932,8 @@ sign_file (ctrl_t ctrl, strlist_t filena SK_LIST sk_rover = NULL; int multifile = 0; u32 duration=0; @@ -96,7 +96,7 @@ Index: gnupg-2.2.18/g10/sign.c pfx = new_progress_context (); afx = new_armor_context (); -@@ -852,7 +862,16 @@ sign_file (ctrl_t ctrl, strlist_t filena +@@ -941,7 +951,16 @@ sign_file (ctrl_t ctrl, strlist_t filena fname = NULL; if( fname && filenames->next && (!detached || encryptflag) ) @@ -114,7 +114,7 @@ Index: gnupg-2.2.18/g10/sign.c if(encryptflag==2 && (rc=setup_symkey(&efx.symkey_s2k,&efx.symkey_dek))) -@@ -873,7 +892,7 @@ sign_file (ctrl_t ctrl, strlist_t filena +@@ -962,7 +981,7 @@ sign_file (ctrl_t ctrl, strlist_t filena goto leave; /* prepare iobufs */ @@ -123,7 +123,7 @@ Index: gnupg-2.2.18/g10/sign.c inp = NULL; /* we do it later */ else { inp = iobuf_open(fname); -@@ -1011,7 +1030,7 @@ sign_file (ctrl_t ctrl, strlist_t filena +@@ -1100,7 +1119,7 @@ sign_file (ctrl_t ctrl, strlist_t filena for (sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next) gcry_md_enable (mfx.md, hash_for (sk_rover->pk)); @@ -132,7 +132,7 @@ Index: gnupg-2.2.18/g10/sign.c iobuf_push_filter( inp, md_filter, &mfx ); if( detached && !encryptflag) -@@ -1066,6 +1085,8 @@ sign_file (ctrl_t ctrl, strlist_t filena +@@ -1155,6 +1174,8 @@ sign_file (ctrl_t ctrl, strlist_t filena write_status_begin_signing (mfx.md); @@ -141,7 +141,7 @@ Index: gnupg-2.2.18/g10/sign.c /* Setup the inner packet. */ if( detached ) { if( multifile ) { -@@ -1106,6 +1127,45 @@ sign_file (ctrl_t ctrl, strlist_t filena +@@ -1195,6 +1216,45 @@ sign_file (ctrl_t ctrl, strlist_t filena if( opt.verbose ) log_printf ("\n"); } @@ -187,7 +187,7 @@ Index: gnupg-2.2.18/g10/sign.c else { /* read, so that the filter can calculate the digest */ while( iobuf_get(inp) != -1 ) -@@ -1124,8 +1184,8 @@ sign_file (ctrl_t ctrl, strlist_t filena +@@ -1213,8 +1273,8 @@ sign_file (ctrl_t ctrl, strlist_t filena /* write the signatures */ rc = write_signature_packets (ctrl, sk_list, out, mfx.md, diff --git a/gnupg-add_legacy_FIPS_mode_option.patch b/gnupg-add_legacy_FIPS_mode_option.patch index 6fe53e2..258c800 100644 --- a/gnupg-add_legacy_FIPS_mode_option.patch +++ b/gnupg-add_legacy_FIPS_mode_option.patch @@ -3,11 +3,11 @@ g10/gpg.c | 9 +++++++++ 2 files changed, 27 insertions(+) -Index: gnupg-2.2.18/doc/gpg.texi +Index: gnupg-2.2.20/doc/gpg.texi =================================================================== ---- gnupg-2.2.18.orig/doc/gpg.texi -+++ gnupg-2.2.18/doc/gpg.texi -@@ -2115,6 +2115,24 @@ implies, this option is for experts only +--- gnupg-2.2.20.orig/doc/gpg.texi ++++ gnupg-2.2.20/doc/gpg.texi +@@ -2133,6 +2133,24 @@ implies, this option is for experts only understand the implications of what it allows you to do, leave this off. @option{--no-expert} disables this option. @@ -32,19 +32,19 @@ Index: gnupg-2.2.18/doc/gpg.texi @end table -Index: gnupg-2.2.18/g10/gpg.c +Index: gnupg-2.2.20/g10/gpg.c =================================================================== ---- gnupg-2.2.18.orig/g10/gpg.c -+++ gnupg-2.2.18/g10/gpg.c -@@ -425,6 +425,7 @@ enum cmd_and_opt_values - oRequestOrigin, - oNoSymkeyCache, +--- gnupg-2.2.20.orig/g10/gpg.c ++++ gnupg-2.2.20/g10/gpg.c +@@ -429,6 +429,7 @@ enum cmd_and_opt_values oUseOnlyOpenPGPCard, + oIncludeKeyBlock, + oNoIncludeKeyBlock, + oSetLegacyFips, oNoop }; -@@ -870,6 +871,7 @@ static ARGPARSE_OPTS opts[] = { +@@ -874,6 +875,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_n (oAllowMultipleMessages, "allow-multiple-messages", "@"), ARGPARSE_s_n (oNoAllowMultipleMessages, "no-allow-multiple-messages", "@"), ARGPARSE_s_n (oAllowWeakDigestAlgos, "allow-weak-digest-algos", "@"), @@ -52,7 +52,7 @@ Index: gnupg-2.2.18/g10/gpg.c ARGPARSE_s_s (oDefaultNewKeyAlgo, "default-new-key-algo", "@"), -@@ -3600,6 +3602,13 @@ main (int argc, char **argv) +@@ -3614,6 +3616,13 @@ main (int argc, char **argv) opt.flags.use_only_openpgp_card = 1; break; diff --git a/gpg2-gcc10-build-fno-common.patch b/gpg2-gcc10-build-fno-common.patch deleted file mode 100644 index 871edb8..0000000 --- a/gpg2-gcc10-build-fno-common.patch +++ /dev/null @@ -1,527 +0,0 @@ -From 6aff8a132815a84bab69401c1e7de96ec549fbf2 Mon Sep 17 00:00:00 2001 -From: Werner Koch -Date: Mon, 10 Feb 2020 16:37:34 +0100 -Subject: [PATCH] build: Always use EXTERN_UNLESS_MAIN_MODULE pattern. -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -* common/util.h (EXTERN_UNLESS_MAIN_MODULE): Add the definion only -here but now without the Norcroft-C. Change all other places where it -gets defined. -* common/iobuf.h (iobuf_debug_mode): Declare unconditionally as -extern. -* common/iobuf.c (iobuf_debug_mode): Define it here. -* agent/gpg-agent.c (INCLUDED_BY_MAIN_MODULE): Define here and also in -all main modules of all other programs. - -* g10/main.h: Put util.h before the local header files. --- - -This change is required for use with gcc/ld's LTO feature which does -not allow common blocks. Further gcc 10 will make -fno-common the -default and thus this chnage is always needed. What a pitty. - -Co-authored-by: Tomáš Mráz -GnuPG-bug-id: 4831 -Signed-off-by: Werner Koch -(cherry picked from commit 21d9bd8b87a9f793a106095e3838eb71825189d7) - -- Applied respective chnages also to gpg-card and keyboxd. - -Signed-off-by: Werner Koch ---- - agent/agent.h | 1 + - agent/gpg-agent.c | 1 + - agent/preset-passphrase.c | 1 + - agent/protect-tool.c | 1 + - agent/t-protect.c | 1 + - common/iobuf.c | 1 + - common/iobuf.h | 9 +-------- - common/util.h | 8 ++++++++ - dirmngr/dirmngr.c | 1 + - dirmngr/dirmngr.h | 1 + - g10/gpgcompose.c | 1 + - g10/main.h | 2 +- - g10/options.h | 8 -------- - g10/test.c | 1 + - g13/g13-common.h | 2 +- - g13/g13-syshelp.c | 1 + - g13/g13.c | 1 + - kbx/keyboxd.c | 1 + - kbx/keyboxd.h | 1 + - scd/scdaemon.c | 1 + - scd/scdaemon.h | 1 + - sm/gpgsm.c | 2 ++ - sm/gpgsm.h | 1 + - tools/gpg-card.c | 2 ++ - tools/gpg-card.h | 1 + - tools/gpg-wks-client.c | 1 + - tools/gpg-wks-server.c | 1 + - tools/gpg-wks.h | 1 + - tools/gpgconf.c | 1 + - tools/gpgconf.h | 1 + - tools/gpgtar.c | 1 + - tools/gpgtar.h | 2 ++ - 32 files changed, 41 insertions(+), 18 deletions(-) - -Index: gnupg-2.2.19/agent/agent.h -=================================================================== ---- gnupg-2.2.19.orig/agent/agent.h -+++ gnupg-2.2.19/agent/agent.h -@@ -37,6 +37,14 @@ - #include "../common/session-env.h" - #include "../common/shareddefs.h" - -+#ifndef EXTERN_UNLESS_MAIN_MODULE -+# if !defined (INCLUDED_BY_MAIN_MODULE) -+# define EXTERN_UNLESS_MAIN_MODULE extern -+# else -+# define EXTERN_UNLESS_MAIN_MODULE -+# endif -+#endif -+ - /* To convey some special hash algorithms we use algorithm numbers - reserved for application use. */ - #ifndef GCRY_MODULE_ID_USER -@@ -55,6 +63,7 @@ - - - /* A large struct name "opt" to keep global flags */ -+EXTERN_UNLESS_MAIN_MODULE - struct - { - unsigned int debug; /* Debug flags (DBG_foo_VALUE) */ -Index: gnupg-2.2.19/agent/gpg-agent.c -=================================================================== ---- gnupg-2.2.19.orig/agent/gpg-agent.c -+++ gnupg-2.2.19/agent/gpg-agent.c -@@ -49,6 +49,7 @@ - #endif - #include - -+#define INCLUDED_BY_MAIN_MODULE 1 - #define GNUPG_COMMON_NEED_AFLOCAL - #include "agent.h" - #include /* Malloc hooks and socket wrappers. */ -Index: gnupg-2.2.19/agent/preset-passphrase.c -=================================================================== ---- gnupg-2.2.19.orig/agent/preset-passphrase.c -+++ gnupg-2.2.19/agent/preset-passphrase.c -@@ -44,6 +44,7 @@ - # include /* To initialize the sockets. fixme */ - #endif - -+#define INCLUDED_BY_MAIN_MODULE 1 - #include "agent.h" - #include "../common/simple-pwquery.h" - #include "../common/i18n.h" -Index: gnupg-2.2.19/agent/protect-tool.c -=================================================================== ---- gnupg-2.2.19.orig/agent/protect-tool.c -+++ gnupg-2.2.19/agent/protect-tool.c -@@ -38,6 +38,7 @@ - #include /* for setmode() */ - #endif - -+#define INCLUDED_BY_MAIN_MODULE 1 - #include "agent.h" - #include "../common/i18n.h" - #include "../common/get-passphrase.h" -Index: gnupg-2.2.19/agent/t-protect.c -=================================================================== ---- gnupg-2.2.19.orig/agent/t-protect.c -+++ gnupg-2.2.19/agent/t-protect.c -@@ -23,6 +23,7 @@ - #include - #include - -+#define INCLUDED_BY_MAIN_MODULE 1 - #include "agent.h" - - -Index: gnupg-2.2.19/common/iobuf.c -=================================================================== ---- gnupg-2.2.19.orig/common/iobuf.c -+++ gnupg-2.2.19/common/iobuf.c -@@ -118,6 +118,7 @@ struct close_cache_s - typedef struct close_cache_s *close_cache_t; - static close_cache_t close_cache; - -+int iobuf_debug_mode; - - - #ifdef HAVE_W32_SYSTEM -Index: gnupg-2.2.19/common/iobuf.h -=================================================================== ---- gnupg-2.2.19.orig/common/iobuf.h -+++ gnupg-2.2.19/common/iobuf.h -@@ -249,14 +249,7 @@ struct iobuf_struct - int subno; - }; - --#ifndef EXTERN_UNLESS_MAIN_MODULE --#if defined (__riscos__) && !defined (INCLUDED_BY_MAIN_MODULE) --#define EXTERN_UNLESS_MAIN_MODULE extern --#else --#define EXTERN_UNLESS_MAIN_MODULE --#endif --#endif --EXTERN_UNLESS_MAIN_MODULE int iobuf_debug_mode; -+extern int iobuf_debug_mode; - - - /* Returns whether the specified filename corresponds to a pipe. In -Index: gnupg-2.2.19/common/util.h -=================================================================== ---- gnupg-2.2.19.orig/common/util.h -+++ gnupg-2.2.19/common/util.h -@@ -56,6 +56,14 @@ - #endif - - -+#ifndef EXTERN_UNLESS_MAIN_MODULE -+# if !defined (INCLUDED_BY_MAIN_MODULE) -+# define EXTERN_UNLESS_MAIN_MODULE extern -+# else -+# define EXTERN_UNLESS_MAIN_MODULE -+# endif -+#endif -+ - /* Hash function used with libksba. */ - #define HASH_FNC ((void (*)(void *, const void*,size_t))gcry_md_write) - -Index: gnupg-2.2.19/dirmngr/dirmngr.c -=================================================================== ---- gnupg-2.2.19.orig/dirmngr/dirmngr.c -+++ gnupg-2.2.19/dirmngr/dirmngr.c -@@ -55,6 +55,7 @@ - #endif /*HTTP_USE_GNUTLS*/ - - -+#define INCLUDED_BY_MAIN_MODULE 1 - #define GNUPG_COMMON_NEED_AFLOCAL - #include "dirmngr.h" - -Index: gnupg-2.2.19/dirmngr/dirmngr.h -=================================================================== ---- gnupg-2.2.19.orig/dirmngr/dirmngr.h -+++ gnupg-2.2.19/dirmngr/dirmngr.h -@@ -39,6 +39,14 @@ - #include "dirmngr-status.h" - #include "http.h" /* (parsed_uri_t) */ - -+#ifndef EXTERN_UNLESS_MAIN_MODULE -+# if !defined (INCLUDED_BY_MAIN_MODULE) -+# define EXTERN_UNLESS_MAIN_MODULE extern -+# else -+# define EXTERN_UNLESS_MAIN_MODULE -+# endif -+#endif -+ - /* This objects keeps information about a particular LDAP server and - is used as item of a single linked list of servers. */ - struct ldap_server_s -@@ -76,6 +84,7 @@ struct fingerprint_list_s - - - /* A large struct named "opt" to keep global flags. */ -+EXTERN_UNLESS_MAIN_MODULE - struct - { - unsigned int debug; /* debug flags (DBG_foo_VALUE) */ -Index: gnupg-2.2.19/g10/gpgcompose.c -=================================================================== ---- gnupg-2.2.19.orig/g10/gpgcompose.c -+++ gnupg-2.2.19/g10/gpgcompose.c -@@ -20,6 +20,7 @@ - #include - #include - -+#define INCLUDED_BY_MAIN_MODULE 1 - #include "gpg.h" - #include "packet.h" - #include "keydb.h" -Index: gnupg-2.2.19/g10/main.h -=================================================================== ---- gnupg-2.2.19.orig/g10/main.h -+++ gnupg-2.2.19/g10/main.h -@@ -22,9 +22,9 @@ - - #include "../common/types.h" - #include "../common/iobuf.h" -+#include "../common/util.h" - #include "keydb.h" - #include "keyedit.h" --#include "../common/util.h" - - /* It could be argued that the default cipher should be 3DES rather - than AES128, and the default compression should be 0 -Index: gnupg-2.2.19/g10/options.h -=================================================================== ---- gnupg-2.2.19.orig/g10/options.h -+++ gnupg-2.2.19/g10/options.h -@@ -32,7 +32,7 @@ - - #ifndef EXTERN_UNLESS_MAIN_MODULE - /* Norcraft can't cope with common symbols */ --#if defined (__riscos__) && !defined (INCLUDED_BY_MAIN_MODULE) -+#if !defined (INCLUDED_BY_MAIN_MODULE) - #define EXTERN_UNLESS_MAIN_MODULE extern - #else - #define EXTERN_UNLESS_MAIN_MODULE -Index: gnupg-2.2.19/g10/test.c -=================================================================== ---- gnupg-2.2.19.orig/g10/test.c -+++ gnupg-2.2.19/g10/test.c -@@ -22,6 +22,7 @@ - #include - #include - -+#define INCLUDED_BY_MAIN_MODULE 1 - #include "gpg.h" - - /* A unit test consists of one or more tests. Tests can be broken -Index: gnupg-2.2.19/g13/g13-common.h -=================================================================== ---- gnupg-2.2.19.orig/g13/g13-common.h -+++ gnupg-2.2.19/g13/g13-common.h -@@ -32,6 +32,13 @@ - #include "../common/session-env.h" - #include "../common/strlist.h" - -+#ifndef EXTERN_UNLESS_MAIN_MODULE -+# if !defined (INCLUDED_BY_MAIN_MODULE) -+# define EXTERN_UNLESS_MAIN_MODULE extern -+# else -+# define EXTERN_UNLESS_MAIN_MODULE -+# endif -+#endif - - /* Debug values and macros. */ - #define DBG_MOUNT_VALUE 1 /* Debug mount or device stuff. */ -@@ -48,6 +55,7 @@ - /* A large struct named "opt" to keep global flags. Note that this - struct is used by g13 and g13-syshelp and thus some fields may only - make sense for one of them. */ -+EXTERN_UNLESS_MAIN_MODULE - struct - { - unsigned int debug; /* Debug flags (DBG_foo_VALUE). */ -Index: gnupg-2.2.19/g13/g13-syshelp.c -=================================================================== ---- gnupg-2.2.19.orig/g13/g13-syshelp.c -+++ gnupg-2.2.19/g13/g13-syshelp.c -@@ -31,6 +31,7 @@ - #endif - #include - -+#define INCLUDED_BY_MAIN_MODULE 1 - #include "g13-syshelp.h" - - #include -Index: gnupg-2.2.19/g13/g13.c -=================================================================== ---- gnupg-2.2.19.orig/g13/g13.c -+++ gnupg-2.2.19/g13/g13.c -@@ -27,6 +27,7 @@ - #include - #include - -+#define INCLUDED_BY_MAIN_MODULE 1 - #include "g13.h" - - #include -Index: gnupg-2.2.19/scd/scdaemon.c -=================================================================== ---- gnupg-2.2.19.orig/scd/scdaemon.c -+++ gnupg-2.2.19/scd/scdaemon.c -@@ -37,6 +37,7 @@ - #include - #include - -+#define INCLUDED_BY_MAIN_MODULE 1 - #define GNUPG_COMMON_NEED_AFLOCAL - #include "scdaemon.h" - #include -Index: gnupg-2.2.19/scd/scdaemon.h -=================================================================== ---- gnupg-2.2.19.orig/scd/scdaemon.h -+++ gnupg-2.2.19/scd/scdaemon.h -@@ -31,6 +31,14 @@ - #include "../common/util.h" - #include "../common/sysutils.h" - -+#ifndef EXTERN_UNLESS_MAIN_MODULE -+# if !defined (INCLUDED_BY_MAIN_MODULE) -+# define EXTERN_UNLESS_MAIN_MODULE extern -+# else -+# define EXTERN_UNLESS_MAIN_MODULE -+# endif -+#endif -+ - /* To convey some special hash algorithms we use algorithm numbers - reserved for application use. */ - #ifndef GCRY_MODULE_ID_USER -@@ -44,6 +52,7 @@ - - - /* A large struct name "opt" to keep global flags. */ -+EXTERN_UNLESS_MAIN_MODULE - struct - { - unsigned int debug; /* Debug flags (DBG_foo_VALUE). */ -Index: gnupg-2.2.19/sm/gpgsm.c -=================================================================== ---- gnupg-2.2.19.orig/sm/gpgsm.c -+++ gnupg-2.2.19/sm/gpgsm.c -@@ -28,6 +28,8 @@ - #include - /*#include */ - -+#define INCLUDED_BY_MAIN_MODULE 1 -+ - #include "gpgsm.h" - #include - #include /* malloc hooks */ -Index: gnupg-2.2.19/sm/gpgsm.h -=================================================================== ---- gnupg-2.2.19.orig/sm/gpgsm.h -+++ gnupg-2.2.19/sm/gpgsm.h -@@ -36,6 +36,13 @@ - #include "../common/ksba-io-support.h" - #include "../common/compliance.h" - -+#ifndef EXTERN_UNLESS_MAIN_MODULE -+# if !defined (INCLUDED_BY_MAIN_MODULE) -+# define EXTERN_UNLESS_MAIN_MODULE extern -+# else -+# define EXTERN_UNLESS_MAIN_MODULE -+# endif -+#endif - - #define MAX_DIGEST_LEN 64 - -@@ -52,6 +59,7 @@ struct keyserver_spec - - - /* A large struct named "opt" to keep global flags. */ -+EXTERN_UNLESS_MAIN_MODULE - struct - { - unsigned int debug; /* debug flags (DBG_foo_VALUE) */ -Index: gnupg-2.2.19/tools/gpg-wks-client.c -=================================================================== ---- gnupg-2.2.19.orig/tools/gpg-wks-client.c -+++ gnupg-2.2.19/tools/gpg-wks-client.c -@@ -25,6 +25,7 @@ - #include - #include - -+#define INCLUDED_BY_MAIN_MODULE 1 - #include "../common/util.h" - #include "../common/status.h" - #include "../common/i18n.h" -Index: gnupg-2.2.19/tools/gpg-wks-server.c -=================================================================== ---- gnupg-2.2.19.orig/tools/gpg-wks-server.c -+++ gnupg-2.2.19/tools/gpg-wks-server.c -@@ -32,6 +32,7 @@ - #include - #include - -+#define INCLUDED_BY_MAIN_MODULE 1 - #include "../common/util.h" - #include "../common/init.h" - #include "../common/sysutils.h" -Index: gnupg-2.2.19/tools/gpg-wks.h -=================================================================== ---- gnupg-2.2.19.orig/tools/gpg-wks.h -+++ gnupg-2.2.19/tools/gpg-wks.h -@@ -25,11 +25,20 @@ - #include "../common/strlist.h" - #include "mime-maker.h" - -+#ifndef EXTERN_UNLESS_MAIN_MODULE -+# if !defined (INCLUDED_BY_MAIN_MODULE) -+# define EXTERN_UNLESS_MAIN_MODULE extern -+# else -+# define EXTERN_UNLESS_MAIN_MODULE -+# endif -+#endif -+ - /* The draft version we implement. */ - #define WKS_DRAFT_VERSION 3 - - - /* We keep all global options in the structure OPT. */ -+EXTERN_UNLESS_MAIN_MODULE - struct - { - int verbose; -Index: gnupg-2.2.19/tools/gpgconf.c -=================================================================== ---- gnupg-2.2.19.orig/tools/gpgconf.c -+++ gnupg-2.2.19/tools/gpgconf.c -@@ -25,6 +25,7 @@ - #include - #include - -+#define INCLUDED_BY_MAIN_MODULE 1 - #include "gpgconf.h" - #include "../common/i18n.h" - #include "../common/sysutils.h" -Index: gnupg-2.2.19/tools/gpgconf.h -=================================================================== ---- gnupg-2.2.19.orig/tools/gpgconf.h -+++ gnupg-2.2.19/tools/gpgconf.h -@@ -22,7 +22,16 @@ - - #include "../common/util.h" - -+#ifndef EXTERN_UNLESS_MAIN_MODULE -+# if !defined (INCLUDED_BY_MAIN_MODULE) -+# define EXTERN_UNLESS_MAIN_MODULE extern -+# else -+# define EXTERN_UNLESS_MAIN_MODULE -+# endif -+#endif -+ - /* We keep all global options in the structure OPT. */ -+EXTERN_UNLESS_MAIN_MODULE - struct - { - int verbose; /* Verbosity level. */ -Index: gnupg-2.2.19/tools/gpgtar.c -=================================================================== ---- gnupg-2.2.19.orig/tools/gpgtar.c -+++ gnupg-2.2.19/tools/gpgtar.c -@@ -34,6 +34,7 @@ - #include - #include - -+#define INCLUDED_BY_MAIN_MODULE 1 - #include "../common/util.h" - #include "../common/i18n.h" - #include "../common/sysutils.h" -Index: gnupg-2.2.19/tools/gpgtar.h -=================================================================== ---- gnupg-2.2.19.orig/tools/gpgtar.h -+++ gnupg-2.2.19/tools/gpgtar.h -@@ -23,7 +23,16 @@ - #include "../common/util.h" - #include "../common/strlist.h" - -+#ifndef EXTERN_UNLESS_MAIN_MODULE -+# if !defined (INCLUDED_BY_MAIN_MODULE) -+# define EXTERN_UNLESS_MAIN_MODULE extern -+# else -+# define EXTERN_UNLESS_MAIN_MODULE -+# endif -+#endif -+ - /* We keep all global options in the structure OPT. */ -+EXTERN_UNLESS_MAIN_MODULE - struct - { - int verbose; diff --git a/gpg2.changes b/gpg2.changes index 503cec7..d8b0566 100644 --- a/gpg2.changes +++ b/gpg2.changes @@ -1,3 +1,24 @@ +------------------------------------------------------------------- +Fri Mar 20 20:17:44 UTC 2020 - Andreas Stieger + +- GnuPG 2.2.20: + * Protect the error counter against overflow to guarantee that the + tools can't be tricked into returning success after an error + * gpg: Make really sure that --verify-files always returns an error + * gpg: Fix key listing --with-secret if a pattern is given + * gpg: Fix detection of certain keys used as default-key + * gpg: Fix default-key selection when a card is available + * gpg: Fix key expiration and key usage for keys created with a + creation date of zero + * gpgsm: Fix import of some CR,LF terminated certificates + * gpg: New options --include-key-block and --auto-key-import to + allow encrypted replies after an initial signed message + * gpg: Allow the use of a fingerprint with --trusted-key + * gpg: New property "fpr" for use by --export-filter + * scdaemon: Disable the pinpad if a KDF DO is used + * dirmngr: Improve finding OCSP certificates +- drop gpg2-gcc10-build-fno-common.patch, upstream + ------------------------------------------------------------------- Fri Mar 13 10:39:09 UTC 2020 - Fabian Vogt diff --git a/gpg2.spec b/gpg2.spec index ff32740..678f3d5 100644 --- a/gpg2.spec +++ b/gpg2.spec @@ -17,7 +17,7 @@ Name: gpg2 -Version: 2.2.19 +Version: 2.2.20 Release: 0 Summary: File encryption, decryption, signature creation and verification utility License: GPL-3.0-or-later @@ -29,7 +29,6 @@ Source2: ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.bz2.sig Source3: %{name}.keyring Source4: scdaemon.udev Source99: %{name}.changes -Patch1124847: gnupg-gpg-agent-ulimit.patch Patch4: gnupg-2.0.9-langinfo.patch Patch5: gnupg-2.2.8-files-are-digests.patch Patch6: gnupg-dont-fail-with-seahorse-agent.patch @@ -40,8 +39,8 @@ Patch12: gnupg-2.2.16-secmem.patch Patch13: gnupg-accept_subkeys_with_a_good_revocation_but_no_self-sig_during_import.patch Patch14: gnupg-add-test-cases-for-import-without-uid.patch Patch15: gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch +Patch1124847: gnupg-gpg-agent-ulimit.patch # PATCH-FIX-UPSTREAM bsc#1160394 Fix gcc10 build -Patch16: gpg2-gcc10-build-fno-common.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: libassuan-devel >= 2.5.0 @@ -107,7 +106,6 @@ gpgsm, or via the gpg-connect-agent tool. %patch13 -p1 %patch14 -p1 %patch15 -p1 -%patch16 -p1 touch -d 2018-05-04 doc/gpg.texi # to compensate for patch11 in order to not have man pages and info files have the build date (boo#1047218) %build @@ -132,7 +130,7 @@ date=$(date -u +%%Y-%%m-%%dT%%H:%%M+0000 -r %{SOURCE99}) --enable-gpg-is-gpg2 \ --enable-Werror -make %{?_smp_mflags} +%make_build %install %make_install