pool/gpg2
SHA256
3
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1217152 from Base:System

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/1217152
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gpg2?expand=0&rev=176
This commit is contained in:
Ana Guerrero 2024-10-25 17:18:26 +00:00 committed by Git OBS Bridge
commit ac9f481e74
9 changed files with 83 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
gnupg-2.4.5.tar.bz2
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:f68f7d75d06cb1635c336d34d844af97436c3f64ea14bcb7c869782f96f44277
size 7889060

BIN
gnupg-2.4.5.tar.bz2.sig
View File

Binary file not shown.

3
gnupg-2.5.1.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:8a34bb318499867962c939e156666ada93ed81f01926590ac68f3ff79178375e
size 8126739

BIN
gnupg-2.5.1.tar.bz2.sig Normal file
View File

Binary file not shown.

22
gnupg-add_legacy_FIPS_mode_option.patch
View File

@ -3,11 +3,11 @@
g10/gpg.c | 9 +++++++++ g10/gpg.c | 9 +++++++++
2 files changed, 27 insertions(+) 2 files changed, 27 insertions(+)
Index: gnupg-2.4.2/doc/gpg.texi Index: gnupg-2.5.1/doc/gpg.texi
=================================================================== ===================================================================
--- gnupg-2.4.2.orig/doc/gpg.texi --- gnupg-2.5.1.orig/doc/gpg.texi
+++ gnupg-2.4.2/doc/gpg.texi +++ gnupg-2.5.1/doc/gpg.texi
@@ -2285,6 +2285,24 @@ implies, this option is for experts only @@ -2340,6 +2340,24 @@ implies, this option is for experts only
understand the implications of what it allows you to do, leave this understand the implications of what it allows you to do, leave this
off. @option{--no-expert} disables this option. off. @option{--no-expert} disables this option.
@ -32,11 +32,11 @@ Index: gnupg-2.4.2/doc/gpg.texi
@end table @end table
Index: gnupg-2.4.2/g10/gpg.c Index: gnupg-2.5.1/g10/gpg.c
=================================================================== ===================================================================
--- gnupg-2.4.2.orig/g10/gpg.c --- gnupg-2.5.1.orig/g10/gpg.c
+++ gnupg-2.4.2/g10/gpg.c +++ gnupg-2.5.1/g10/gpg.c
@@ -446,6 +446,7 @@ enum cmd_and_opt_values @@ -455,6 +455,7 @@ enum cmd_and_opt_values
oForceSignKey, oForceSignKey,
oForbidGenKey, oForbidGenKey,
oRequireCompliance, oRequireCompliance,
@ -44,15 +44,15 @@ Index: gnupg-2.4.2/g10/gpg.c
oCompatibilityFlags, oCompatibilityFlags,
oAddDesigRevoker, oAddDesigRevoker,
oAssertSigner, oAssertSigner,
@@ -886,6 +887,7 @@ static gpgrt_opt_t opts[] = { @@ -906,6 +907,7 @@ static gpgrt_opt_t opts[] = {
ARGPARSE_s_s (oCipherAlgo, "cipher-algo", "@"), ARGPARSE_s_s (oCipherAlgo, "cipher-algo", "@"),
ARGPARSE_s_s (oDigestAlgo, "digest-algo", "@"), ARGPARSE_s_s (oDigestAlgo, "digest-algo", "@"),
ARGPARSE_s_s (oCertDigestAlgo, "cert-digest-algo", "@"), ARGPARSE_s_s (oCertDigestAlgo, "cert-digest-algo", "@"),
+ ARGPARSE_s_n (oSetLegacyFips, "set-legacy-fips", "@"), + ARGPARSE_s_n (oSetLegacyFips, "set-legacy-fips", "@"),
ARGPARSE_s_n (oRequirePQCEncryption, "require-pqc-encryption", "@"),
ARGPARSE_header (NULL, N_("Options for unattended use")), ARGPARSE_header (NULL, N_("Options for unattended use")),
@@ -3756,6 +3758,14 @@ main (int argc, char **argv) @@ -3855,6 +3857,14 @@ main (int argc, char **argv)
keybox_set_buffersize (pargs.r.ret_ulong, 0); keybox_set_buffersize (pargs.r.ret_ulong, 0);
break; break;

16
gnupg-nobetasuffix.patch
View File

@ -1,17 +1,17 @@
Index: gnupg-2.4.3/autogen.sh Index: gnupg-2.5.1/autogen.sh
=================================================================== ===================================================================
--- gnupg-2.4.3.orig/autogen.sh --- gnupg-2.5.1.orig/autogen.sh
+++ gnupg-2.4.3/autogen.sh +++ gnupg-2.5.1/autogen.sh
@@ -221,7 +221,7 @@ if [ "$myhost" = "find-version" ]; then @@ -244,7 +244,7 @@ if [ "$myhost" = "find-version" ]; then
esac fi
beta=no beta=no
- if [ -e .git ]; then - if [ -e .git ]; then
+ if false; then + if false; then
ingit=yes ingit=yes
tmp=$(git describe --match "${matchstr1}" --long 2>/dev/null) tmp=$(git describe --match "${matchstr1}" --long 2>/dev/null)
tmp=$(echo "$tmp" | sed s/^"$package"//) if [ -n "$tmp" ]; then
@@ -237,8 +237,8 @@ if [ "$myhost" = "find-version" ]; then @@ -270,8 +270,8 @@ if [ "$myhost" = "find-version" ]; then
rvd=$((0x$(echo ${rev} | dd bs=1 count=4 2>/dev/null))) rvd=$((0x$(echo ${rev} | dd bs=1 count=4 2>/dev/null)))
else else
ingit=no ingit=no
@ -19,6 +19,6 @@ Index: gnupg-2.4.3/autogen.sh
- tmp="-unknown" - tmp="-unknown"
+ beta=no + beta=no
+ tmp="" + tmp=""
cid="0000000"
rev="0000000" rev="0000000"
rvd="0" rvd="0"
fi

50
gnupg-revert-rfc4880bis.patch
View File

@ -13,11 +13,11 @@ Subject: [PATCH GnuPG] gpg: Merge --rfc4880bis features into --gnupg
(read_parameter_file): Activate the v4 and v5 keywords. (read_parameter_file): Activate the v4 and v5 keywords.
-- --
Index: gnupg-2.4.1/g10/gpg.c Index: gnupg-2.5.1/g10/gpg.c
=================================================================== ===================================================================
--- gnupg-2.4.1.orig/g10/gpg.c --- gnupg-2.5.1.orig/g10/gpg.c
+++ gnupg-2.4.1/g10/gpg.c +++ gnupg-2.5.1/g10/gpg.c
@@ -247,6 +247,7 @@ enum cmd_and_opt_values @@ -254,6 +254,7 @@ enum cmd_and_opt_values
oGnuPG, oGnuPG,
oRFC2440, oRFC2440,
oRFC4880, oRFC4880,
@ -25,7 +25,7 @@ Index: gnupg-2.4.1/g10/gpg.c
oOpenPGP, oOpenPGP,
oPGP7, oPGP7,
oPGP8, oPGP8,
@@ -636,6 +637,7 @@ static gpgrt_opt_t opts[] = { @@ -653,6 +654,7 @@ static gpgrt_opt_t opts[] = {
ARGPARSE_s_n (oGnuPG, "no-pgp8", "@"), ARGPARSE_s_n (oGnuPG, "no-pgp8", "@"),
ARGPARSE_s_n (oRFC2440, "rfc2440", "@"), ARGPARSE_s_n (oRFC2440, "rfc2440", "@"),
ARGPARSE_s_n (oRFC4880, "rfc4880", "@"), ARGPARSE_s_n (oRFC4880, "rfc4880", "@"),
@ -33,7 +33,7 @@ Index: gnupg-2.4.1/g10/gpg.c
ARGPARSE_s_n (oOpenPGP, "openpgp", N_("use strict OpenPGP behavior")), ARGPARSE_s_n (oOpenPGP, "openpgp", N_("use strict OpenPGP behavior")),
ARGPARSE_s_n (oPGP7, "pgp6", "@"), ARGPARSE_s_n (oPGP7, "pgp6", "@"),
ARGPARSE_s_n (oPGP7, "pgp7", "@"), ARGPARSE_s_n (oPGP7, "pgp7", "@"),
@@ -978,7 +980,6 @@ static gpgrt_opt_t opts[] = { @@ -1006,7 +1008,6 @@ static gpgrt_opt_t opts[] = {
ARGPARSE_s_n (oNoop, "no-allow-multiple-messages", "@"), ARGPARSE_s_n (oNoop, "no-allow-multiple-messages", "@"),
ARGPARSE_s_s (oNoop, "aead-algo", "@"), ARGPARSE_s_s (oNoop, "aead-algo", "@"),
ARGPARSE_s_s (oNoop, "personal-aead-preferences","@"), ARGPARSE_s_s (oNoop, "personal-aead-preferences","@"),
@ -41,7 +41,7 @@ Index: gnupg-2.4.1/g10/gpg.c
ARGPARSE_s_n (oNoop, "override-compliance-check", "@"), ARGPARSE_s_n (oNoop, "override-compliance-check", "@"),
@@ -2227,7 +2228,7 @@ static struct gnupg_compliance_option co @@ -2261,7 +2262,7 @@ static struct gnupg_compliance_option co
{ {
{ "gnupg", oGnuPG }, { "gnupg", oGnuPG },
{ "openpgp", oOpenPGP }, { "openpgp", oOpenPGP },
@ -50,7 +50,7 @@ Index: gnupg-2.4.1/g10/gpg.c
{ "rfc4880", oRFC4880 }, { "rfc4880", oRFC4880 },
{ "rfc2440", oRFC2440 }, { "rfc2440", oRFC2440 },
{ "pgp6", oPGP7 }, { "pgp6", oPGP7 },
@@ -2243,8 +2244,28 @@ static struct gnupg_compliance_option co @@ -2277,8 +2278,28 @@ static struct gnupg_compliance_option co
static void static void
set_compliance_option (enum cmd_and_opt_values option) set_compliance_option (enum cmd_and_opt_values option)
{ {
@ -79,7 +79,7 @@ Index: gnupg-2.4.1/g10/gpg.c
case oOpenPGP: case oOpenPGP:
case oRFC4880: case oRFC4880:
/* This is effectively the same as RFC2440, but with /* This is effectively the same as RFC2440, but with
@@ -2288,6 +2309,7 @@ set_compliance_option (enum cmd_and_opt_ @@ -2322,6 +2343,7 @@ set_compliance_option (enum cmd_and_opt_
case oPGP8: opt.compliance = CO_PGP8; break; case oPGP8: opt.compliance = CO_PGP8; break;
case oGnuPG: case oGnuPG:
opt.compliance = CO_GNUPG; opt.compliance = CO_GNUPG;
@ -87,15 +87,15 @@ Index: gnupg-2.4.1/g10/gpg.c
break; break;
case oDE_VS: case oDE_VS:
@@ -2490,6 +2512,7 @@ main (int argc, char **argv) @@ -2526,6 +2548,7 @@ main (int argc, char **argv)
opt.emit_version = 0;
opt.weak_digests = NULL; opt.weak_digests = NULL;
opt.with_subkey_fingerprint = 1;
opt.compliance = CO_GNUPG; opt.compliance = CO_GNUPG;
+ opt.flags.rfc4880bis = 1; + opt.flags.rfc4880bis = 1;
/* Check special options given on the command line. */ /* Check special options given on the command line. */
orig_argc = argc; orig_argc = argc;
@@ -3032,6 +3055,7 @@ main (int argc, char **argv) @@ -3085,6 +3108,7 @@ main (int argc, char **argv)
case oOpenPGP: case oOpenPGP:
case oRFC2440: case oRFC2440:
case oRFC4880: case oRFC4880:
@ -103,7 +103,7 @@ Index: gnupg-2.4.1/g10/gpg.c
case oPGP7: case oPGP7:
case oPGP8: case oPGP8:
case oGnuPG: case oGnuPG:
@@ -3868,6 +3892,11 @@ main (int argc, char **argv) @@ -3990,6 +4014,11 @@ main (int argc, char **argv)
if( may_coredump && !opt.quiet ) if( may_coredump && !opt.quiet )
log_info(_("WARNING: program may create a core file!\n")); log_info(_("WARNING: program may create a core file!\n"));
@ -115,7 +115,7 @@ Index: gnupg-2.4.1/g10/gpg.c
if (eyes_only) { if (eyes_only) {
if (opt.set_filename) if (opt.set_filename)
log_info(_("WARNING: %s overrides %s\n"), log_info(_("WARNING: %s overrides %s\n"),
@@ -4084,7 +4113,7 @@ main (int argc, char **argv) @@ -4212,7 +4241,7 @@ main (int argc, char **argv)
/* Check our chosen algorithms against the list of legal /* Check our chosen algorithms against the list of legal
algorithms. */ algorithms. */
@ -124,11 +124,11 @@ Index: gnupg-2.4.1/g10/gpg.c
{ {
const char *badalg=NULL; const char *badalg=NULL;
preftype_t badtype=PREFTYPE_NONE; preftype_t badtype=PREFTYPE_NONE;
Index: gnupg-2.4.1/g10/keygen.c Index: gnupg-2.5.1/g10/keygen.c
=================================================================== ===================================================================
--- gnupg-2.4.1.orig/g10/keygen.c --- gnupg-2.5.1.orig/g10/keygen.c
+++ gnupg-2.4.1/g10/keygen.c +++ gnupg-2.5.1/g10/keygen.c
@@ -404,7 +404,7 @@ keygen_set_std_prefs (const char *string @@ -453,7 +453,7 @@ keygen_set_std_prefs (const char *string
strcat(dummy_string,"S7 "); strcat(dummy_string,"S7 ");
strcat(dummy_string,"S2 "); /* 3DES */ strcat(dummy_string,"S2 "); /* 3DES */
@ -137,7 +137,7 @@ Index: gnupg-2.4.1/g10/keygen.c
strcat(dummy_string,"A2 "); strcat(dummy_string,"A2 ");
if (personal) if (personal)
@@ -889,7 +889,7 @@ keygen_upd_std_prefs (PKT_signature *sig @@ -938,7 +938,7 @@ keygen_upd_std_prefs (PKT_signature *sig
/* Make sure that the MDC feature flag is set if needed. */ /* Make sure that the MDC feature flag is set if needed. */
add_feature_mdc (sig,mdc_available); add_feature_mdc (sig,mdc_available);
add_feature_aead (sig, aead_available); add_feature_aead (sig, aead_available);
@ -146,7 +146,7 @@ Index: gnupg-2.4.1/g10/keygen.c
add_keyserver_modify (sig,ks_modify); add_keyserver_modify (sig,ks_modify);
keygen_add_keyserver_url(sig,NULL); keygen_add_keyserver_url(sig,NULL);
@@ -3382,7 +3382,10 @@ parse_key_parameter_part (ctrl_t ctrl, @@ -3974,7 +3974,10 @@ parse_key_parameter_part (ctrl_t ctrl,
} }
} }
else if (!ascii_strcasecmp (s, "v5")) else if (!ascii_strcasecmp (s, "v5"))
@ -158,7 +158,7 @@ Index: gnupg-2.4.1/g10/keygen.c
else if (!ascii_strcasecmp (s, "v4")) else if (!ascii_strcasecmp (s, "v4"))
keyversion = 4; keyversion = 4;
else else
@@ -3641,7 +3644,7 @@ parse_key_parameter_part (ctrl_t ctrl, @@ -4235,7 +4238,7 @@ parse_key_parameter_part (ctrl_t ctrl,
* ecdsa := Use algorithm ECDSA. * ecdsa := Use algorithm ECDSA.
* eddsa := Use algorithm EdDSA. * eddsa := Use algorithm EdDSA.
* ecdh := Use algorithm ECDH. * ecdh := Use algorithm ECDH.
@ -167,7 +167,7 @@ Index: gnupg-2.4.1/g10/keygen.c
* *
* There are several defaults and fallbacks depending on the * There are several defaults and fallbacks depending on the
* algorithm. PART can be used to select which part of STRING is * algorithm. PART can be used to select which part of STRING is
@@ -4513,9 +4516,9 @@ read_parameter_file (ctrl_t ctrl, const @@ -5206,9 +5209,9 @@ read_parameter_file (ctrl_t ctrl, const
} }
} }
@ -180,9 +180,9 @@ Index: gnupg-2.4.1/g10/keygen.c
else else
{ {
r = xmalloc_clear( sizeof *r + strlen( value ) ); r = xmalloc_clear( sizeof *r + strlen( value ) );
@@ -4610,11 +4613,14 @@ quickgen_set_para (struct para_data_s *p @@ -5303,11 +5306,14 @@ quickgen_set_para (struct para_data_s *p
para = r; r->next = para;
} para = r;
- r = xmalloc_clear (sizeof *r + 20); - r = xmalloc_clear (sizeof *r + 20);
- r->key = for_subkey? pSUBVERSION : pVERSION; - r->key = for_subkey? pSUBVERSION : pVERSION;

27
gpg2.changes
View File

@ -1,3 +1,30 @@
-------------------------------------------------------------------
Mon Oct 21 18:52:37 UTC 2024 - Pedro Monreal <pmonreal@suse.com>
- Update to 2.5.1:
* gpg: The support for composite Kyber+ECC public key algorithms
does now use the final FIPS-203 and LibrePGP specifications. The
experimental keys from 2.5.0 are no longer supported. [T6815]
* gpg: New commands --add-recipients and --change-recipients. [T1825]
* gpg: New option --proc-all-sigs. [T7261]
* gpg: Fix a regression in 2.5.0 in gpgme's tests. [T7195]
* gpg: Make --no-literal work again for -c and --store. [T5852]
* gpg: Improve detection of input data read errors. [T6528]
* gpg: Fix getting key by IPGP record (rfc-4398). [T7288]
* gpgsm: New option --assert-signer. [T7286]
* gpgsm: More improvements to PKCS#12 parsing to cope with latest
IVBB changes. [T7213]
* agent: Fix KEYTOCARD command when used with a loopback pinentry. [T7283]
* gpg-mail-tube: Make sure GNUPGHOME is set in vsd mode. New option
--as-attach. [rG4511997e9e1b]
* Now uses the process spawn API from libgpg-error. [T7192,T7194]
* Removed the --enable-gpg-is-gpg2 configure time option.
[rG2125f228d36c]
* Rebase patches:
- gnupg-add_legacy_FIPS_mode_option.patch
- gnupg-revert-rfc4880bis.patch
- gnupg-nobetasuffix.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Aug 12 04:30:42 UTC 2024 - Andreas Stieger <andreas.stieger@gmx.de> Mon Aug 12 04:30:42 UTC 2024 - Andreas Stieger <andreas.stieger@gmx.de>

17
gpg2.spec
View File

@ -18,7 +18,7 @@
Name: gpg2 Name: gpg2
Version: 2.4.5 Version: 2.5.1
Release: 0 Release: 0
Summary: File encryption, decryption, signature creation and verification utility Summary: File encryption, decryption, signature creation and verification utility
License: GPL-3.0-or-later License: GPL-3.0-or-later
@ -118,8 +118,7 @@ date=$(date -u +%%Y-%%m-%%dT%%H:%%M+0000 -r %{SOURCE99})
--enable-large-secmem \ --enable-large-secmem \
--with-gnu-ld \ --with-gnu-ld \
--with-default-trust-store-file=%{_sysconfdir}/ssl/ca-bundle.pem \ --with-default-trust-store-file=%{_sysconfdir}/ssl/ca-bundle.pem \
--enable-build-timestamp=$date \ --enable-build-timestamp=$date
--enable-gpg-is-gpg2
%make_build %make_build
@ -136,10 +135,11 @@ rm -rf %{buildroot}%{_docdir}/gpg2/examples/gpgconf.conf
rm %{buildroot}%{_infodir}/dir rm %{buildroot}%{_infodir}/dir
# compat symlinks # compat symlinks
ln -sf gpg2 %{buildroot}%{_bindir}/gpg ln -sf gpg %{buildroot}%{_bindir}/gpg2
ln -sf gpgv2 %{buildroot}%{_bindir}/gpgv ln -sf gpgv %{buildroot}%{_bindir}/gpgv2
ln -sf gpg2.1 %{buildroot}%{_mandir}/man1/gpg.1 ln -sf gpg.1 %{buildroot}%{_mandir}/man1/gpg2.1
ln -sf gpgv2.1 %{buildroot}%{_mandir}/man1/gpgv.1 ln -sf gpgv.1 %{buildroot}%{_mandir}/man1/gpgv2.1
ln -sf gnupg.7 %{buildroot}%{_mandir}/man7/gnupg2.7
# install udev rules for scdaemon # install udev rules for scdaemon
install -Dm 0644 %{SOURCE4} %{buildroot}%{_udevrulesdir}/60-scdaemon.rules install -Dm 0644 %{SOURCE4} %{buildroot}%{_udevrulesdir}/60-scdaemon.rules
@ -165,7 +165,8 @@ cp systemd-user/README.systemd %{buildroot}%{_docdir}/gpg2/
%license COPYING* %license COPYING*
%doc AUTHORS NEWS THANKS TODO ChangeLog %doc AUTHORS NEWS THANKS TODO ChangeLog
%{_infodir}/gnupg* %{_infodir}/gnupg*
%{_mandir}/*/[agsw]*%{ext_man} %dir %{_mandir}/manh/
%{_mandir}/*/[aghsw]*%{ext_man}
%doc %{_docdir}/%{name} %doc %{_docdir}/%{name}
%{_bindir}/[gkw]* %{_bindir}/[gkw]*
%{_libexecdir}/[gks]* %{_libexecdir}/[gks]*