Accepting request 402817 from Base:System

1

OBS-URL: https://build.opensuse.org/request/show/402817
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gpg2?expand=0&rev=105
This commit is contained in:
Dominique Leuenberger 2016-07-09 07:17:21 +00:00 committed by Git OBS Bridge
commit 66e681e30c
9 changed files with 74 additions and 95 deletions

View File

@ -4,11 +4,11 @@
g10/sign.c | 68 ++++++++++++++++++++++++++++++++++++++++++++++++++++------ g10/sign.c | 68 ++++++++++++++++++++++++++++++++++++++++++++++++++++------
3 files changed, 67 insertions(+), 6 deletions(-) 3 files changed, 67 insertions(+), 6 deletions(-)
Index: gnupg-2.1.10/g10/gpg.c Index: gnupg-2.1.13/g10/gpg.c
=================================================================== ===================================================================
--- gnupg-2.1.10.orig/g10/gpg.c 2015-12-04 14:25:25.749577555 +0100 --- gnupg-2.1.13.orig/g10/gpg.c
+++ gnupg-2.1.10/g10/gpg.c 2015-12-04 14:26:04.777192262 +0100 +++ gnupg-2.1.13/g10/gpg.c
@@ -355,6 +355,7 @@ enum cmd_and_opt_values @@ -358,6 +358,7 @@ enum cmd_and_opt_values
oTTYtype, oTTYtype,
oLCctype, oLCctype,
oLCmessages, oLCmessages,
@ -16,7 +16,7 @@ Index: gnupg-2.1.10/g10/gpg.c
oXauthority, oXauthority,
oGroup, oGroup,
oUnGroup, oUnGroup,
@@ -757,6 +758,7 @@ static ARGPARSE_OPTS opts[] = { @@ -770,6 +771,7 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_s (oWeakDigest, "weak-digest","@"), ARGPARSE_s_s (oWeakDigest, "weak-digest","@"),
ARGPARSE_s_n (oUnwrap, "unwrap", "@"), ARGPARSE_s_n (oUnwrap, "unwrap", "@"),
ARGPARSE_s_n (oOnlySignTextIDs, "only-sign-text-ids", "@"), ARGPARSE_s_n (oOnlySignTextIDs, "only-sign-text-ids", "@"),
@ -24,15 +24,15 @@ Index: gnupg-2.1.10/g10/gpg.c
/* Aliases. I constantly mistype these, and assume other people do /* Aliases. I constantly mistype these, and assume other people do
as well. */ as well. */
@@ -2483,6 +2485,7 @@ main (int argc, char **argv) @@ -2247,6 +2249,7 @@ main (int argc, char **argv)
opt.def_cert_expire = "0"; opt.def_cert_expire = "0";
set_homedir (default_homedir ()); gnupg_set_homedir (NULL);
opt.passphrase_repeat = 1; opt.passphrase_repeat = 1;
+ opt.files_are_digests=0; + opt.files_are_digests=0;
opt.emit_version = 1; /* Limit to the major number. */ opt.emit_version = 1; /* Limit to the major number. */
opt.weak_digests = NULL; opt.weak_digests = NULL;
additional_weak_digest("MD5"); additional_weak_digest("MD5");
@@ -3022,6 +3025,7 @@ main (int argc, char **argv) @@ -2797,6 +2800,7 @@ main (int argc, char **argv)
opt.verify_options&=~VERIFY_SHOW_PHOTOS; opt.verify_options&=~VERIFY_SHOW_PHOTOS;
break; break;
case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break; case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break;
@ -40,11 +40,11 @@ Index: gnupg-2.1.10/g10/gpg.c
case oForceMDC: opt.force_mdc = 1; break; case oForceMDC: opt.force_mdc = 1; break;
case oNoForceMDC: opt.force_mdc = 0; break; case oNoForceMDC: opt.force_mdc = 0; break;
Index: gnupg-2.1.10/g10/options.h Index: gnupg-2.1.13/g10/options.h
=================================================================== ===================================================================
--- gnupg-2.1.10.orig/g10/options.h 2015-12-04 14:25:25.749577555 +0100 --- gnupg-2.1.13.orig/g10/options.h
+++ gnupg-2.1.10/g10/options.h 2015-12-04 14:25:28.472550675 +0100 +++ gnupg-2.1.13/g10/options.h
@@ -205,6 +205,7 @@ struct @@ -206,6 +206,7 @@ struct
int no_auto_check_trustdb; int no_auto_check_trustdb;
int preserve_permissions; int preserve_permissions;
int no_homedir_creation; int no_homedir_creation;
@ -52,20 +52,20 @@ Index: gnupg-2.1.10/g10/options.h
struct groupitem *grouplist; struct groupitem *grouplist;
int mangle_dos_filenames; int mangle_dos_filenames;
int enable_progress_filter; int enable_progress_filter;
Index: gnupg-2.1.10/g10/sign.c Index: gnupg-2.1.13/g10/sign.c
=================================================================== ===================================================================
--- gnupg-2.1.10.orig/g10/sign.c 2015-12-04 14:25:25.750577545 +0100 --- gnupg-2.1.13.orig/g10/sign.c
+++ gnupg-2.1.10/g10/sign.c 2015-12-04 14:25:28.473550666 +0100 +++ gnupg-2.1.13/g10/sign.c
@@ -41,7 +41,7 @@ @@ -42,6 +42,8 @@
#include "pkglue.h"
#include "sysutils.h"
#include "call-agent.h" #include "call-agent.h"
- #include "mbox-util.h"
+#include "host2net.h"
+#include "host2net.h"
+
#ifdef HAVE_DOSISH_SYSTEM #ifdef HAVE_DOSISH_SYSTEM
#define LF "\r\n" #define LF "\r\n"
@@ -681,8 +681,12 @@ write_signature_packets (SK_LIST sk_list #else
@@ -694,8 +696,12 @@ write_signature_packets (SK_LIST sk_list
mk_notation_policy_etc (sig, NULL, pk); mk_notation_policy_etc (sig, NULL, pk);
} }
@ -78,7 +78,7 @@ Index: gnupg-2.1.10/g10/sign.c
rc = do_sign (pk, sig, md, hash_for (pk), cache_nonce); rc = do_sign (pk, sig, md, hash_for (pk), cache_nonce);
gcry_md_close (md); gcry_md_close (md);
@@ -740,6 +744,8 @@ sign_file (ctrl_t ctrl, strlist_t filena @@ -753,6 +759,8 @@ sign_file (ctrl_t ctrl, strlist_t filena
SK_LIST sk_rover = NULL; SK_LIST sk_rover = NULL;
int multifile = 0; int multifile = 0;
u32 duration=0; u32 duration=0;
@ -87,7 +87,7 @@ Index: gnupg-2.1.10/g10/sign.c
pfx = new_progress_context (); pfx = new_progress_context ();
afx = new_armor_context (); afx = new_armor_context ();
@@ -756,7 +762,16 @@ sign_file (ctrl_t ctrl, strlist_t filena @@ -769,7 +777,16 @@ sign_file (ctrl_t ctrl, strlist_t filena
fname = NULL; fname = NULL;
if( fname && filenames->next && (!detached || encryptflag) ) if( fname && filenames->next && (!detached || encryptflag) )
@ -105,7 +105,7 @@ Index: gnupg-2.1.10/g10/sign.c
if(encryptflag==2 if(encryptflag==2
&& (rc=setup_symkey(&efx.symkey_s2k,&efx.symkey_dek))) && (rc=setup_symkey(&efx.symkey_s2k,&efx.symkey_dek)))
@@ -777,7 +792,7 @@ sign_file (ctrl_t ctrl, strlist_t filena @@ -790,7 +807,7 @@ sign_file (ctrl_t ctrl, strlist_t filena
goto leave; goto leave;
/* prepare iobufs */ /* prepare iobufs */
@ -114,7 +114,7 @@ Index: gnupg-2.1.10/g10/sign.c
inp = NULL; /* we do it later */ inp = NULL; /* we do it later */
else { else {
inp = iobuf_open(fname); inp = iobuf_open(fname);
@@ -915,7 +930,7 @@ sign_file (ctrl_t ctrl, strlist_t filena @@ -928,7 +945,7 @@ sign_file (ctrl_t ctrl, strlist_t filena
for (sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next) for (sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next)
gcry_md_enable (mfx.md, hash_for (sk_rover->pk)); gcry_md_enable (mfx.md, hash_for (sk_rover->pk));
@ -123,7 +123,7 @@ Index: gnupg-2.1.10/g10/sign.c
iobuf_push_filter( inp, md_filter, &mfx ); iobuf_push_filter( inp, md_filter, &mfx );
if( detached && !encryptflag) if( detached && !encryptflag)
@@ -970,6 +985,8 @@ sign_file (ctrl_t ctrl, strlist_t filena @@ -983,6 +1000,8 @@ sign_file (ctrl_t ctrl, strlist_t filena
write_status_begin_signing (mfx.md); write_status_begin_signing (mfx.md);
@ -132,7 +132,7 @@ Index: gnupg-2.1.10/g10/sign.c
/* Setup the inner packet. */ /* Setup the inner packet. */
if( detached ) { if( detached ) {
if( multifile ) { if( multifile ) {
@@ -1010,6 +1027,45 @@ sign_file (ctrl_t ctrl, strlist_t filena @@ -1023,6 +1042,45 @@ sign_file (ctrl_t ctrl, strlist_t filena
if( opt.verbose ) if( opt.verbose )
log_printf ("\n"); log_printf ("\n");
} }
@ -178,7 +178,7 @@ Index: gnupg-2.1.10/g10/sign.c
else { else {
/* read, so that the filter can calculate the digest */ /* read, so that the filter can calculate the digest */
while( iobuf_get(inp) != -1 ) while( iobuf_get(inp) != -1 )
@@ -1027,8 +1083,8 @@ sign_file (ctrl_t ctrl, strlist_t filena @@ -1040,8 +1098,8 @@ sign_file (ctrl_t ctrl, strlist_t filena
/* write the signatures */ /* write the signatures */
rc = write_signature_packets (sk_list, out, mfx.md, rc = write_signature_packets (sk_list, out, mfx.md,

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:ac34929d2400a58a349963865442ee6cdd75e500a8d5df083d29835e88bfc506
size 5510723

Binary file not shown.

3
gnupg-2.1.13.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:4f9d83a6221daa60130fa79f0b1d37d6c20fffdd0320b640c7a597c5b6219675
size 5545361

BIN
gnupg-2.1.13.tar.bz2.sig Normal file

Binary file not shown.

View File

@ -3,11 +3,11 @@
g10/gpg.c | 9 +++++++++ g10/gpg.c | 9 +++++++++
2 files changed, 27 insertions(+) 2 files changed, 27 insertions(+)
Index: gnupg-2.1.10/doc/gpg.texi Index: gnupg-2.1.13/doc/gpg.texi
=================================================================== ===================================================================
--- gnupg-2.1.10.orig/doc/gpg.texi 2015-12-04 14:28:28.840769433 +0100 --- gnupg-2.1.13.orig/doc/gpg.texi
+++ gnupg-2.1.10/doc/gpg.texi 2015-12-04 14:28:33.784720588 +0100 +++ gnupg-2.1.13/doc/gpg.texi
@@ -1875,6 +1875,24 @@ implies, this option is for experts only @@ -1996,6 +1996,24 @@ implies, this option is for experts only
understand the implications of what it allows you to do, leave this understand the implications of what it allows you to do, leave this
off. @option{--no-expert} disables this option. off. @option{--no-expert} disables this option.
@ -32,19 +32,19 @@ Index: gnupg-2.1.10/doc/gpg.texi
@end table @end table
Index: gnupg-2.1.10/g10/gpg.c Index: gnupg-2.1.13/g10/gpg.c
=================================================================== ===================================================================
--- gnupg-2.1.10.orig/g10/gpg.c 2015-12-04 14:28:28.843769403 +0100 --- gnupg-2.1.13.orig/g10/gpg.c
+++ gnupg-2.1.10/g10/gpg.c 2015-12-04 14:29:04.084421214 +0100 +++ gnupg-2.1.13/g10/gpg.c
@@ -394,6 +394,7 @@ enum cmd_and_opt_values @@ -398,6 +398,7 @@ enum cmd_and_opt_values
oWeakDigest,
oUnwrap, oUnwrap,
oOnlySignTextIDs, oOnlySignTextIDs,
oDisableSignerUID,
+ oSetLegacyFips, + oSetLegacyFips,
oNoop oNoop
}; };
@@ -796,6 +797,7 @@ static ARGPARSE_OPTS opts[] = { @@ -809,6 +810,7 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_n (oAllowMultipleMessages, "allow-multiple-messages", "@"), ARGPARSE_s_n (oAllowMultipleMessages, "allow-multiple-messages", "@"),
ARGPARSE_s_n (oNoAllowMultipleMessages, "no-allow-multiple-messages", "@"), ARGPARSE_s_n (oNoAllowMultipleMessages, "no-allow-multiple-messages", "@"),
ARGPARSE_s_n (oAllowWeakDigestAlgos, "allow-weak-digest-algos", "@"), ARGPARSE_s_n (oAllowWeakDigestAlgos, "allow-weak-digest-algos", "@"),
@ -52,7 +52,7 @@ Index: gnupg-2.1.10/g10/gpg.c
/* These two are aliases to help users of the PGP command line /* These two are aliases to help users of the PGP command line
product use gpg with minimal pain. Many commands are common product use gpg with minimal pain. Many commands are common
@@ -3556,6 +3558,13 @@ main (int argc, char **argv) @@ -3330,6 +3332,13 @@ main (int argc, char **argv)
case oNoAutostart: opt.autostart = 0; break; case oNoAutostart: opt.autostart = 0; break;

View File

@ -1,50 +0,0 @@
From 83a90a916e8e2f8e44c3b11d11e1dd75f65a87fb Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Wed, 11 May 2016 19:27:03 +0900
Subject: [PATCH] g10: Fix signature checking.
* g10/sig-check.c (check_signature_over_key_or_uid): Fix call to
walk_kbnode.
--
Thanks to Vincent Brillault (Feandil).
GnuPG-bug-id: 2351
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
---
g10/sig-check.c | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/g10/sig-check.c b/g10/sig-check.c
index 290f19a..7000b48 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -797,15 +797,20 @@ check_signature_over_key_or_uid (PKT_public_key *signer,
*is_selfsig = 1;
}
else
- /* See if one of the subkeys was the signer (although this is
- extremely unlikely). */
{
kbnode_t ctx = NULL;
kbnode_t n;
- while ((n = walk_kbnode (kb, &ctx, PKT_PUBLIC_SUBKEY)))
+ /* See if one of the subkeys was the signer (although this
+ is extremely unlikely). */
+ while ((n = walk_kbnode (kb, &ctx, 0)))
{
- PKT_public_key *subk = n->pkt->pkt.public_key;
+ PKT_public_key *subk;
+
+ if (n->pkt->pkttype != PKT_PUBLIC_SUBKEY)
+ continue;
+
+ subk = n->pkt->pkt.public_key;
if (sig->keyid[0] == subk->keyid[0]
&& sig->keyid[1] == subk->keyid[1])
/* Issued by a subkey. */
--
2.8.0.rc3

View File

@ -1,3 +1,34 @@
-------------------------------------------------------------------
Thu Jun 16 20:21:39 UTC 2016 - astieger@suse.com
- GnuPG 2.1.13:
* gpg: New command --quick-addkey. Extend the --quick-gen-key
command.
* gpg: New --keyid-format "none" which is now also the default.
* gpg: New option --with-subkey-fingerprint.
* gpg: Include Signer's UID subpacket in signatures if the secret key
has been specified using a mail address and the new option
--disable-signer-uid is not used.
* gpg: Allow unattended deletion of a secret key.
* gpg: Allow export of non-passphrase protected secret keys.
* gpg: New status lines KEY_CONSIDERED and NOTATION_FLAGS.
* gpg: Change status line TOFU_STATS_LONG to use '~' as
a non-breaking-space character.
* gpg: Speedup key listings in Tofu mode.
* gpg: Make sure that the current and total values of a PROGRESS
status line are small enough.
* gpgsm: Allow the use of AES192 and SERPENT ciphers.
* dirmngr: Adjust WKD lookup to current specs.
* dirmngr: Fallback to LDAP v3 if v2 is is not supported.
* gpgconf: New commands --create-socketdir and --remove-socketdir,
new option --homedir.
* If a /run/user/$UID directory exists, that directory is now used
for IPC sockets instead of the GNUPGHOME directory. This fixes
problems with NFS and too long socket names and thus avoids the
need for redirection files.
* Speedup fd closing after a fork.
- drop upstreamed gnupg-fix-signature-checking.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Jun 2 16:01:40 UTC 2016 - pjanouch@suse.de Thu Jun 2 16:01:40 UTC 2016 - pjanouch@suse.de

View File

@ -17,7 +17,7 @@
Name: gpg2 Name: gpg2
Version: 2.1.12 Version: 2.1.13
Release: 0 Release: 0
Summary: GnuPG 2 Summary: GnuPG 2
License: GPL-3.0+ License: GPL-3.0+
@ -34,7 +34,6 @@ Patch6: gnupg-dont-fail-with-seahorse-agent.patch
Patch8: gnupg-set_umask_before_open_outfile.patch Patch8: gnupg-set_umask_before_open_outfile.patch
Patch9: gnupg-detect_FIPS_mode.patch Patch9: gnupg-detect_FIPS_mode.patch
Patch11: gnupg-add_legacy_FIPS_mode_option.patch Patch11: gnupg-add_legacy_FIPS_mode_option.patch
Patch12: gnupg-fix-signature-checking.patch
BuildRequires: expect BuildRequires: expect
BuildRequires: fdupes BuildRequires: fdupes
BuildRequires: libadns-devel BuildRequires: libadns-devel
@ -85,7 +84,6 @@ gpg-agent, and a keybox library.
%patch8 -p1 %patch8 -p1
%patch9 -p1 %patch9 -p1
%patch11 -p1 %patch11 -p1
%patch12 -p1
%build %build
date=$(date -u +%{Y}-%{m}-%{dT}%{H}:%{M}+0000 -r %{SOURCE99}) date=$(date -u +%{Y}-%{m}-%{dT}%{H}:%{M}+0000 -r %{SOURCE99})