pool/gpg2
SHA256
3
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1217152 from Base:System

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/1217152
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gpg2?expand=0&rev=176
This commit is contained in:
Ana Guerrero 2024-10-25 17:18:26 +00:00 committed by Git OBS Bridge
commit ac9f481e74
9 changed files with 83 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
gnupg-2.4.5.tar.bz2
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:f68f7d75d06cb1635c336d34d844af97436c3f64ea14bcb7c869782f96f44277
size 7889060

BIN
gnupg-2.4.5.tar.bz2.sig
View File

Binary file not shown.

3
gnupg-2.5.1.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:8a34bb318499867962c939e156666ada93ed81f01926590ac68f3ff79178375e
size 8126739

BIN
gnupg-2.5.1.tar.bz2.sig Normal file
View File

Binary file not shown.

22
gnupg-add_legacy_FIPS_mode_option.patch
View File

@ -3,11 +3,11 @@
g10/gpg.c | 9 +++++++++
2 files changed, 27 insertions(+)
Index: gnupg-2.4.2/doc/gpg.texi
Index: gnupg-2.5.1/doc/gpg.texi
===================================================================
--- gnupg-2.4.2.orig/doc/gpg.texi
+++ gnupg-2.4.2/doc/gpg.texi
@@ -2285,6 +2285,24 @@ implies, this option is for experts only
--- gnupg-2.5.1.orig/doc/gpg.texi
+++ gnupg-2.5.1/doc/gpg.texi
@@ -2340,6 +2340,24 @@ implies, this option is for experts only
understand the implications of what it allows you to do, leave this
off. @option{--no-expert} disables this option.
@ -32,11 +32,11 @@ Index: gnupg-2.4.2/doc/gpg.texi
@end table
Index: gnupg-2.4.2/g10/gpg.c
Index: gnupg-2.5.1/g10/gpg.c
===================================================================
--- gnupg-2.4.2.orig/g10/gpg.c
+++ gnupg-2.4.2/g10/gpg.c
@@ -446,6 +446,7 @@ enum cmd_and_opt_values
--- gnupg-2.5.1.orig/g10/gpg.c
+++ gnupg-2.5.1/g10/gpg.c
@@ -455,6 +455,7 @@ enum cmd_and_opt_values
oForceSignKey,
oForbidGenKey,
oRequireCompliance,
@ -44,15 +44,15 @@ Index: gnupg-2.4.2/g10/gpg.c
oCompatibilityFlags,
oAddDesigRevoker,
oAssertSigner,
@@ -886,6 +887,7 @@ static gpgrt_opt_t opts[] = {
@@ -906,6 +907,7 @@ static gpgrt_opt_t opts[] = {
ARGPARSE_s_s (oCipherAlgo, "cipher-algo", "@"),
ARGPARSE_s_s (oDigestAlgo, "digest-algo", "@"),
ARGPARSE_s_s (oCertDigestAlgo, "cert-digest-algo", "@"),
+ ARGPARSE_s_n (oSetLegacyFips, "set-legacy-fips", "@"),
ARGPARSE_s_n (oRequirePQCEncryption, "require-pqc-encryption", "@"),
ARGPARSE_header (NULL, N_("Options for unattended use")),
@@ -3756,6 +3758,14 @@ main (int argc, char **argv)
@@ -3855,6 +3857,14 @@ main (int argc, char **argv)
keybox_set_buffersize (pargs.r.ret_ulong, 0);
break;

16
gnupg-nobetasuffix.patch
View File

@ -1,17 +1,17 @@
Index: gnupg-2.4.3/autogen.sh
Index: gnupg-2.5.1/autogen.sh
===================================================================
--- gnupg-2.4.3.orig/autogen.sh
+++ gnupg-2.4.3/autogen.sh
@@ -221,7 +221,7 @@ if [ "$myhost" = "find-version" ]; then
esac
--- gnupg-2.5.1.orig/autogen.sh
+++ gnupg-2.5.1/autogen.sh
@@ -244,7 +244,7 @@ if [ "$myhost" = "find-version" ]; then
fi
beta=no
- if [ -e .git ]; then
+ if false; then
ingit=yes
tmp=$(git describe --match "${matchstr1}" --long 2>/dev/null)
tmp=$(echo "$tmp" | sed s/^"$package"//)
@@ -237,8 +237,8 @@ if [ "$myhost" = "find-version" ]; then
if [ -n "$tmp" ]; then
@@ -270,8 +270,8 @@ if [ "$myhost" = "find-version" ]; then
rvd=$((0x$(echo ${rev} | dd bs=1 count=4 2>/dev/null)))
else
ingit=no
@ -19,6 +19,6 @@ Index: gnupg-2.4.3/autogen.sh
- tmp="-unknown"
+ beta=no
+ tmp=""
cid="0000000"
rev="0000000"
rvd="0"
fi

50
gnupg-revert-rfc4880bis.patch
View File

@ -13,11 +13,11 @@ Subject: [PATCH GnuPG] gpg: Merge --rfc4880bis features into --gnupg
(read_parameter_file): Activate the v4 and v5 keywords.
--
Index: gnupg-2.4.1/g10/gpg.c
Index: gnupg-2.5.1/g10/gpg.c
===================================================================
--- gnupg-2.4.1.orig/g10/gpg.c
+++ gnupg-2.4.1/g10/gpg.c
@@ -247,6 +247,7 @@ enum cmd_and_opt_values
--- gnupg-2.5.1.orig/g10/gpg.c
+++ gnupg-2.5.1/g10/gpg.c
@@ -254,6 +254,7 @@ enum cmd_and_opt_values
oGnuPG,
oRFC2440,
oRFC4880,
@ -25,7 +25,7 @@ Index: gnupg-2.4.1/g10/gpg.c
oOpenPGP,
oPGP7,
oPGP8,
@@ -636,6 +637,7 @@ static gpgrt_opt_t opts[] = {
@@ -653,6 +654,7 @@ static gpgrt_opt_t opts[] = {
ARGPARSE_s_n (oGnuPG, "no-pgp8", "@"),
ARGPARSE_s_n (oRFC2440, "rfc2440", "@"),
ARGPARSE_s_n (oRFC4880, "rfc4880", "@"),
@ -33,7 +33,7 @@ Index: gnupg-2.4.1/g10/gpg.c
ARGPARSE_s_n (oOpenPGP, "openpgp", N_("use strict OpenPGP behavior")),
ARGPARSE_s_n (oPGP7, "pgp6", "@"),
ARGPARSE_s_n (oPGP7, "pgp7", "@"),
@@ -978,7 +980,6 @@ static gpgrt_opt_t opts[] = {
@@ -1006,7 +1008,6 @@ static gpgrt_opt_t opts[] = {
ARGPARSE_s_n (oNoop, "no-allow-multiple-messages", "@"),
ARGPARSE_s_s (oNoop, "aead-algo", "@"),
ARGPARSE_s_s (oNoop, "personal-aead-preferences","@"),
@ -41,7 +41,7 @@ Index: gnupg-2.4.1/g10/gpg.c
ARGPARSE_s_n (oNoop, "override-compliance-check", "@"),
@@ -2227,7 +2228,7 @@ static struct gnupg_compliance_option co
@@ -2261,7 +2262,7 @@ static struct gnupg_compliance_option co
{
{ "gnupg", oGnuPG },
{ "openpgp", oOpenPGP },
@ -50,7 +50,7 @@ Index: gnupg-2.4.1/g10/gpg.c
{ "rfc4880", oRFC4880 },
{ "rfc2440", oRFC2440 },
{ "pgp6", oPGP7 },
@@ -2243,8 +2244,28 @@ static struct gnupg_compliance_option co
@@ -2277,8 +2278,28 @@ static struct gnupg_compliance_option co
static void
set_compliance_option (enum cmd_and_opt_values option)
{
@ -79,7 +79,7 @@ Index: gnupg-2.4.1/g10/gpg.c
case oOpenPGP:
case oRFC4880:
/* This is effectively the same as RFC2440, but with
@@ -2288,6 +2309,7 @@ set_compliance_option (enum cmd_and_opt_
@@ -2322,6 +2343,7 @@ set_compliance_option (enum cmd_and_opt_
case oPGP8: opt.compliance = CO_PGP8; break;
case oGnuPG:
opt.compliance = CO_GNUPG;
@ -87,15 +87,15 @@ Index: gnupg-2.4.1/g10/gpg.c
break;
case oDE_VS:
@@ -2490,6 +2512,7 @@ main (int argc, char **argv)
opt.emit_version = 0;
@@ -2526,6 +2548,7 @@ main (int argc, char **argv)
opt.weak_digests = NULL;
opt.with_subkey_fingerprint = 1;
opt.compliance = CO_GNUPG;
+ opt.flags.rfc4880bis = 1;
/* Check special options given on the command line. */
orig_argc = argc;
@@ -3032,6 +3055,7 @@ main (int argc, char **argv)
@@ -3085,6 +3108,7 @@ main (int argc, char **argv)
case oOpenPGP:
case oRFC2440:
case oRFC4880:
@ -103,7 +103,7 @@ Index: gnupg-2.4.1/g10/gpg.c
case oPGP7:
case oPGP8:
case oGnuPG:
@@ -3868,6 +3892,11 @@ main (int argc, char **argv)
@@ -3990,6 +4014,11 @@ main (int argc, char **argv)
if( may_coredump && !opt.quiet )
log_info(_("WARNING: program may create a core file!\n"));
@ -115,7 +115,7 @@ Index: gnupg-2.4.1/g10/gpg.c
if (eyes_only) {
if (opt.set_filename)
log_info(_("WARNING: %s overrides %s\n"),
@@ -4084,7 +4113,7 @@ main (int argc, char **argv)
@@ -4212,7 +4241,7 @@ main (int argc, char **argv)
/* Check our chosen algorithms against the list of legal
algorithms. */
@ -124,11 +124,11 @@ Index: gnupg-2.4.1/g10/gpg.c
{
const char *badalg=NULL;
preftype_t badtype=PREFTYPE_NONE;
Index: gnupg-2.4.1/g10/keygen.c
Index: gnupg-2.5.1/g10/keygen.c
===================================================================
--- gnupg-2.4.1.orig/g10/keygen.c
+++ gnupg-2.4.1/g10/keygen.c
@@ -404,7 +404,7 @@ keygen_set_std_prefs (const char *string
--- gnupg-2.5.1.orig/g10/keygen.c
+++ gnupg-2.5.1/g10/keygen.c
@@ -453,7 +453,7 @@ keygen_set_std_prefs (const char *string
strcat(dummy_string,"S7 ");
strcat(dummy_string,"S2 "); /* 3DES */
@ -137,7 +137,7 @@ Index: gnupg-2.4.1/g10/keygen.c
strcat(dummy_string,"A2 ");
if (personal)
@@ -889,7 +889,7 @@ keygen_upd_std_prefs (PKT_signature *sig
@@ -938,7 +938,7 @@ keygen_upd_std_prefs (PKT_signature *sig
/* Make sure that the MDC feature flag is set if needed. */
add_feature_mdc (sig,mdc_available);
add_feature_aead (sig, aead_available);
@ -146,7 +146,7 @@ Index: gnupg-2.4.1/g10/keygen.c
add_keyserver_modify (sig,ks_modify);
keygen_add_keyserver_url(sig,NULL);
@@ -3382,7 +3382,10 @@ parse_key_parameter_part (ctrl_t ctrl,
@@ -3974,7 +3974,10 @@ parse_key_parameter_part (ctrl_t ctrl,
}
}
else if (!ascii_strcasecmp (s, "v5"))
@ -158,7 +158,7 @@ Index: gnupg-2.4.1/g10/keygen.c
else if (!ascii_strcasecmp (s, "v4"))
keyversion = 4;
else
@@ -3641,7 +3644,7 @@ parse_key_parameter_part (ctrl_t ctrl,
@@ -4235,7 +4238,7 @@ parse_key_parameter_part (ctrl_t ctrl,
* ecdsa := Use algorithm ECDSA.
* eddsa := Use algorithm EdDSA.
* ecdh := Use algorithm ECDH.
@ -167,7 +167,7 @@ Index: gnupg-2.4.1/g10/keygen.c
*
* There are several defaults and fallbacks depending on the
* algorithm. PART can be used to select which part of STRING is
@@ -4513,9 +4516,9 @@ read_parameter_file (ctrl_t ctrl, const
@@ -5206,9 +5209,9 @@ read_parameter_file (ctrl_t ctrl, const
}
}
@ -180,9 +180,9 @@ Index: gnupg-2.4.1/g10/keygen.c
else
{
r = xmalloc_clear( sizeof *r + strlen( value ) );
@@ -4610,11 +4613,14 @@ quickgen_set_para (struct para_data_s *p
para = r;
}
@@ -5303,11 +5306,14 @@ quickgen_set_para (struct para_data_s *p
r->next = para;
para = r;
- r = xmalloc_clear (sizeof *r + 20);
- r->key = for_subkey? pSUBVERSION : pVERSION;

27
gpg2.changes
View File

@ -1,3 +1,30 @@
-------------------------------------------------------------------
Mon Oct 21 18:52:37 UTC 2024 - Pedro Monreal <pmonreal@suse.com>
- Update to 2.5.1:
* gpg: The support for composite Kyber+ECC public key algorithms
does now use the final FIPS-203 and LibrePGP specifications. The
experimental keys from 2.5.0 are no longer supported. [T6815]
* gpg: New commands --add-recipients and --change-recipients. [T1825]
* gpg: New option --proc-all-sigs. [T7261]
* gpg: Fix a regression in 2.5.0 in gpgme's tests. [T7195]
* gpg: Make --no-literal work again for -c and --store. [T5852]
* gpg: Improve detection of input data read errors. [T6528]
* gpg: Fix getting key by IPGP record (rfc-4398). [T7288]
* gpgsm: New option --assert-signer. [T7286]
* gpgsm: More improvements to PKCS#12 parsing to cope with latest
IVBB changes. [T7213]
* agent: Fix KEYTOCARD command when used with a loopback pinentry. [T7283]
* gpg-mail-tube: Make sure GNUPGHOME is set in vsd mode. New option
--as-attach. [rG4511997e9e1b]
* Now uses the process spawn API from libgpg-error. [T7192,T7194]
* Removed the --enable-gpg-is-gpg2 configure time option.
[rG2125f228d36c]
* Rebase patches:
- gnupg-add_legacy_FIPS_mode_option.patch
- gnupg-revert-rfc4880bis.patch
- gnupg-nobetasuffix.patch
-------------------------------------------------------------------
Mon Aug 12 04:30:42 UTC 2024 - Andreas Stieger <andreas.stieger@gmx.de>

17
gpg2.spec
View File

@ -18,7 +18,7 @@
Name: gpg2
Version: 2.4.5
Version: 2.5.1
Release: 0
Summary: File encryption, decryption, signature creation and verification utility
License: GPL-3.0-or-later
@ -118,8 +118,7 @@ date=$(date -u +%%Y-%%m-%%dT%%H:%%M+0000 -r %{SOURCE99})
--enable-large-secmem \
--with-gnu-ld \
--with-default-trust-store-file=%{_sysconfdir}/ssl/ca-bundle.pem \
--enable-build-timestamp=$date \
--enable-gpg-is-gpg2
--enable-build-timestamp=$date
%make_build
@ -136,10 +135,11 @@ rm -rf %{buildroot}%{_docdir}/gpg2/examples/gpgconf.conf
rm %{buildroot}%{_infodir}/dir
# compat symlinks
ln -sf gpg2 %{buildroot}%{_bindir}/gpg
ln -sf gpgv2 %{buildroot}%{_bindir}/gpgv
ln -sf gpg2.1 %{buildroot}%{_mandir}/man1/gpg.1
ln -sf gpgv2.1 %{buildroot}%{_mandir}/man1/gpgv.1
ln -sf gpg %{buildroot}%{_bindir}/gpg2
ln -sf gpgv %{buildroot}%{_bindir}/gpgv2
ln -sf gpg.1 %{buildroot}%{_mandir}/man1/gpg2.1
ln -sf gpgv.1 %{buildroot}%{_mandir}/man1/gpgv2.1
ln -sf gnupg.7 %{buildroot}%{_mandir}/man7/gnupg2.7
# install udev rules for scdaemon
install -Dm 0644 %{SOURCE4} %{buildroot}%{_udevrulesdir}/60-scdaemon.rules
@ -165,7 +165,8 @@ cp systemd-user/README.systemd %{buildroot}%{_docdir}/gpg2/
%license COPYING*
%doc AUTHORS NEWS THANKS TODO ChangeLog
%{_infodir}/gnupg*
%{_mandir}/*/[agsw]*%{ext_man}
%dir %{_mandir}/manh/
%{_mandir}/*/[aghsw]*%{ext_man}
%doc %{_docdir}/%{name}
%{_bindir}/[gkw]*
%{_libexecdir}/[gks]*