Accepting request 427261 from Base:System

- avoid mixing up status and colon line output - bsc#993324 - enable web key discovery tools - Add an explicit runtime dependency on libgcrypt >= 1.7.0 to match runtime version check OBS-URL: https://build.opensuse.org/request/show/427261 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gpg2?expand=0&rev=108
2016-09-17 12:32:21 +00:00 · 2016-09-17 12:32:21 +00:00 · 4159ec1770
commit 4159ec1770
parent 77a5f649db 5058b5ebe2
3 changed files with 213 additions and 3 deletions
--- a/gnupg-2.1.15-bsc993324-status-output.patch
+++ b/gnupg-2.1.15-bsc993324-status-output.patch
@ -0,0 +1,190 @@
+From 31fc420727f45dd081f8ad5d056da6675dad29f2 Mon Sep 17 00:00:00 2001
+From: Werner Koch <wk@gnupg.org>
+Date: Mon, 12 Sep 2016 17:42:50 +0200
+Subject: [PATCH] gpg: Avoid mixing up status and colon line output.
+
+* g10/keylist.c (list_keyblock_colon): Avoid calling functions which
+trigger a status line output before having printed a LF.
+--
+
+Status lines like KEY_CONSIDERED and KEYEPXIRED were messing up the
+colons output, like here:
+
+  pub:[GNUPG:] KEY_CONSIDERED 94A5C9A03C2FE5CA3B095D8E1FDF723CF46[...]
+
+Reported-by: Andreas Stieger <astieger@suse.com>
+Signed-off-by: Werner Koch <wk@gnupg.org>
+
+---
+
+This version of the patch backported onto the 2.1.15 tag -- astieger@suse.com
+
+---
+ g10/keylist.c | 83 +++++++++++++++++++++++++++++++++--------------------------
+ 1 file changed, 47 insertions(+), 36 deletions(-)
+
+Index: gnupg-2.1.15/g10/keylist.c
+===================================================================
+--- gnupg-2.1.15.orig/g10/keylist.c	2016-09-13 15:40:30.178482877 +0200
+++ gnupg-2.1.15/g10/keylist.c	2016-09-13 15:45:53.605670795 +0200
+@@ -1183,9 +1183,10 @@ list_keyblock_colon (ctrl_t ctrl, kbnode
+   PKT_public_key *pk;
+   u32 keyid[2];
+   int trustletter = 0;
+  int trustletter_print;
+  int ownertrust_print;
+   int ulti_hack = 0;
+   int i;
+-  char *p;
+   char *hexgrip_buffer = NULL;
+   const char *hexgrip = NULL;
+   char *serialno = NULL;
+@@ -1217,31 +1218,38 @@ list_keyblock_colon (ctrl_t ctrl, kbnode
+     stubkey = 1;  /* Key not found.  */
+ 
+   keyid_from_pk (pk, keyid);
+-  es_fputs (secret? "sec:":"pub:", es_stdout);
+   if (!pk->flags.valid)
+-    es_putc ('i', es_stdout);
+    trustletter_print = 'i';
+   else if (pk->flags.revoked)
+-    es_putc ('r', es_stdout);
+    trustletter_print = 'r';
+   else if (pk->has_expired)
+-    es_putc ('e', es_stdout);
+    trustletter_print = 'e';
+   else if (opt.fast_list_mode || opt.no_expensive_trust_checks)
+-    ;
+    trustletter_print = 0;
+   else
+     {
+       trustletter = get_validity_info (ctrl, pk, NULL);
+       if (trustletter == 'u')
+         ulti_hack = 1;
+-      es_putc (trustletter, es_stdout);
+      trustletter_print = trustletter;
+     }
+ 
+  if (!opt.fast_list_mode && !opt.no_expensive_trust_checks)
+    ownertrust_print = get_ownertrust_info (pk);
+  else
+    ownertrust_print = 0;
+
+  es_fputs (secret? "sec:":"pub:", es_stdout);
+  if (trustletter_print)
+    es_putc (trustletter_print, es_stdout);
+   es_fprintf (es_stdout, ":%u:%d:%08lX%08lX:%s:%s::",
+           nbits_from_pk (pk),
+           pk->pubkey_algo,
+           (ulong) keyid[0], (ulong) keyid[1],
+           colon_datestr_from_pk (pk), colon_strtime (pk->expiredate));
+ 
+-  if (!opt.fast_list_mode && !opt.no_expensive_trust_checks)
+-    es_putc (get_ownertrust_info (pk), es_stdout);
+  if (ownertrust_print)
+    es_putc (ownertrust_print, es_stdout);
+   es_putc (':', es_stdout);
+ 
+   es_putc (':', es_stdout);
+@@ -1286,31 +1294,27 @@ list_keyblock_colon (ctrl_t ctrl, kbnode
+     {
+       if (node->pkt->pkttype == PKT_USER_ID)
+ 	{
+-	  char *str;
+ 	  PKT_user_id *uid = node->pkt->pkt.user_id;
+          int uid_validity;
+ 
+ 	  if (attrib_fp && node->pkt->pkt.user_id->attrib_data != NULL)
+ 	    dump_attribs (node->pkt->pkt.user_id, pk);
+-	  /*
+-	   * Fixme: We need a valid flag here too
+-	   */
+-	  str = uid->attrib_data ? "uat" : "uid";
+
+ 	  if (uid->is_revoked)
+-	    es_fprintf (es_stdout, "%s:r::::", str);
+	    uid_validity = 'r';
+ 	  else if (uid->is_expired)
+-	    es_fprintf (es_stdout, "%s:e::::", str);
+	    uid_validity = 'e';
+ 	  else if (opt.no_expensive_trust_checks)
+-	    es_fprintf (es_stdout, "%s:::::", str);
+-	  else
+-	    {
+-	      int uid_validity;
+-
+-	      if (!ulti_hack)
+-		uid_validity = get_validity_info (ctrl, pk, uid);
+-	      else
+-		uid_validity = 'u';
+-	      es_fprintf (es_stdout, "%s:%c::::", str, uid_validity);
+-	    }
+	    uid_validity = 0;
+	  else if (ulti_hack)
+            uid_validity = 'u';
+          else
+            uid_validity = get_validity_info (ctrl, pk, uid);
+
+          es_fputs (uid->attrib_data? "uat:":"uid:", es_stdout);
+          if (uid_validity)
+            es_putc (uid_validity, es_stdout);
+          es_fputs ("::::", es_stdout);
+ 
+ 	  es_fprintf (es_stdout, "%s:", colon_strtime (uid->created));
+ 	  es_fprintf (es_stdout, "%s:", colon_strtime (uid->expiredate));
+@@ -1425,6 +1429,8 @@ list_keyblock_colon (ctrl_t ctrl, kbnode
+ 	  char *sigstr;
+ 	  size_t fplen;
+ 	  byte fparray[MAX_FINGERPRINT_LEN];
+          char *siguid;
+          size_t siguidlen;
+ 
+ 	  if (sig->sig_class == 0x20 || sig->sig_class == 0x28
+ 	      || sig->sig_class == 0x30)
+@@ -1484,6 +1490,16 @@ list_keyblock_colon (ctrl_t ctrl, kbnode
+ 	      rc = 0;
+ 	      sigrc = ' ';
+ 	    }
+
+	  if (sigrc != '%' && sigrc != '?' && !opt.fast_list_mode)
+            siguid = get_user_id (sig->keyid, &siguidlen);
+          else
+            {
+              siguid = NULL;
+              siguidlen = 0;
+            }
+
+
+ 	  es_fputs (sigstr, es_stdout);
+ 	  es_putc (':', es_stdout);
+ 	  if (sigrc != ' ')
+@@ -1504,17 +1520,11 @@ list_keyblock_colon (ctrl_t ctrl, kbnode
+ 
+ 	  if (sigrc == '%')
+ 	    es_fprintf (es_stdout, "[%s] ", gpg_strerror (rc));
+-	  else if (sigrc == '?')
+-	    ;
+-	  else if (!opt.fast_list_mode)
+-	    {
+-	      size_t n;
+-	      p = get_user_id (sig->keyid, &n);
+-	      es_write_sanitized (es_stdout, p, n, ":", NULL);
+-	      xfree (p);
+-	    }
+	  else if (siguid)
+            es_write_sanitized (es_stdout, siguid, siguidlen, ":", NULL);
+
+ 	  es_fprintf (es_stdout, ":%02x%c::", sig->sig_class,
+-		  sig->flags.exportable ? 'x' : 'l');
+                      sig->flags.exportable ? 'x' : 'l');
+ 
+ 	  if (opt.no_sig_cache && opt.check_sigs && fprokay)
+ 	    {
+@@ -1528,6 +1538,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode
+ 	    print_subpackets_colon (sig);
+ 
+ 	  /* fixme: check or list other sigs here */
+          xfree (siguid);
+ 	}
+     }
+ 
--- a/gpg2.changes
+++ b/gpg2.changes
@ -1,3 +1,20 @@
+-------------------------------------------------------------------
+Tue Sep 13 13:50:52 UTC 2016 - astieger@suse.com
+
+- avoid mixing up status and colon line output - bsc#993324
+  add gnupg-2.1.15-bsc993324-status-output.patch
+
+-------------------------------------------------------------------
+Thu Sep  1 08:23:28 UTC 2016 - astieger@suse.com
+
+- enable web key discovery tools
+
+-------------------------------------------------------------------
+Wed Aug 31 13:06:28 UTC 2016 - astieger@suse.com
+
+- Add an explicit runtime dependency on libgcrypt >= 1.7.0 to
+  match runtime version check
+
 -------------------------------------------------------------------
 Fri Aug 19 21:22:22 UTC 2016 - astieger@suse.com

--- a/gpg2.spec
+++ b/gpg2.spec
@ -35,12 +35,11 @@ Patch8:         gnupg-set_umask_before_open_outfile.patch
 Patch9:         gnupg-detect_FIPS_mode.patch
 Patch11:        gnupg-add_legacy_FIPS_mode_option.patch
 Patch12:        0001-common-Follow-up-to-14479e2-fix-void-return-in-non-v.patch
+Patch13:        gnupg-2.1.15-bsc993324-status-output.patch
 BuildRequires:  expect
 BuildRequires:  fdupes
 BuildRequires:  libadns-devel
 BuildRequires:  libassuan-devel >= 2.4.3
-# patch11 (gnupg-add_legacy_FIPS_mode_option.patch) mentions GCRYCTL_INACTIVATE_FIPS_FLAG
-# raising gcrypt requirement from 1.4.0
 BuildRequires:  libgcrypt-devel >= 1.7.0
 BuildRequires:  libgpg-error-devel >= 1.24
 BuildRequires:  libksba-devel >= 1.3.4
@ -56,7 +55,9 @@ BuildRequires:  pkgconfig(libusb-1.0)
 BuildRequires:  pkgconfig(sqlite3) >= 3.7
 BuildRequires:  pkgconfig(zlib)
 # Add an explicit runtime dependency to match boo#955982
-Requires:       libassuan0 >= 2.4.1
+Requires:       libassuan0 >= 2.4.3
+# Explicit runtime depencency - runtime version check
+Requires:       libgcrypt20 >= 1.7.0
 Requires:       pinentry
 # FIXME: use proper Requires(pre/post/preun/...)
 PreReq:         %{install_info_prereq}
@ -86,6 +87,7 @@ gpg-agent, and a keybox library.
 %patch9 -p1
 %patch11 -p1
 %patch12 -p1
+%patch13 -p1

 %build
 date=$(date -u +%%Y-%%m-%%dT%%H:%%M+0000 -r %{SOURCE99})
@ -102,6 +104,7 @@ date=$(date -u +%%Y-%%m-%%dT%%H:%%M+0000 -r %{SOURCE99})
    --enable-gpgtar \
    --enable-g13 \
    --enable-large-secmem \
+    --enable-wks-tools \
    --with-gnu-ld \
    --enable-build-timestamp=$date