From 61674c678c8d66c95a2388a5329e39e606ab00179beac02563378ac0f71265fc Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Mon, 22 Feb 2010 17:27:31 +0000 Subject: [PATCH 1/5] Accepting request 32920 from home:puzel:branches:Base:System Copy from home:puzel:branches:Base:System/gpg2 via accept of submit request 32920 revision 4. Request was accepted with message: Reviewed ok OBS-URL: https://build.opensuse.org/request/show/32920 OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=14 --- gnupg-files-are-digests.patch | 174 ++++++++++++++++++++++++++++++++++ gpg2.changes | 5 + gpg2.spec | 4 +- 3 files changed, 182 insertions(+), 1 deletion(-) create mode 100644 gnupg-files-are-digests.patch diff --git a/gnupg-files-are-digests.patch b/gnupg-files-are-digests.patch new file mode 100644 index 0000000..5f06508 --- /dev/null +++ b/gnupg-files-are-digests.patch @@ -0,0 +1,174 @@ +--- + g10/gpg.c | 3 ++ + g10/options.h | 1 + g10/sign.c | 66 +++++++++++++++++++++++++++++++++++++++++++++++++++++----- + 3 files changed, 65 insertions(+), 5 deletions(-) + +Index: gnupg-2.0.13/g10/gpg.c +=================================================================== +--- gnupg-2.0.13.orig/g10/gpg.c 2009-08-05 12:09:24.000000000 +0200 ++++ gnupg-2.0.13/g10/gpg.c 2010-01-27 17:13:20.000000000 +0100 +@@ -338,6 +338,7 @@ enum cmd_and_opt_values + oTTYtype, + oLCctype, + oLCmessages, ++ oFilesAreDigests, + oXauthority, + oGroup, + oUnGroup, +@@ -700,6 +701,7 @@ static ARGPARSE_OPTS opts[] = { + ARGPARSE_s_s (oPersonalDigestPreferences, "personal-digest-preferences","@"), + ARGPARSE_s_s (oPersonalCompressPreferences, + "personal-compress-preferences", "@"), ++ ARGPARSE_s_n (oFilesAreDigests, "files-are-digests", "@"), + + /* Aliases. I constantly mistype these, and assume other people do + as well. */ +@@ -2850,6 +2852,7 @@ main (int argc, char **argv) + + case oLCctype: opt.lc_ctype = pargs.r.ret_str; break; + case oLCmessages: opt.lc_messages = pargs.r.ret_str; break; ++ case oFilesAreDigests: opt.files_are_digests = pargs.r.ret_str; break; + + case oGroup: add_group(pargs.r.ret_str); break; + case oUnGroup: rm_group(pargs.r.ret_str); break; +Index: gnupg-2.0.13/g10/options.h +=================================================================== +--- gnupg-2.0.13.orig/g10/options.h 2009-07-07 09:40:19.000000000 +0200 ++++ gnupg-2.0.13/g10/options.h 2010-01-27 16:42:03.000000000 +0100 +@@ -194,6 +194,7 @@ struct + int no_auto_check_trustdb; + int preserve_permissions; + int no_homedir_creation; ++ int files_are_digests; + struct groupitem *grouplist; + int mangle_dos_filenames; + int enable_progress_filter; +Index: gnupg-2.0.13/g10/sign.c +=================================================================== +--- gnupg-2.0.13.orig/g10/sign.c 2009-05-11 10:14:54.000000000 +0200 ++++ gnupg-2.0.13/g10/sign.c 2010-01-27 16:59:09.000000000 +0100 +@@ -662,8 +662,12 @@ write_signature_packets (SK_LIST sk_list + mk_notation_policy_etc (sig, NULL, sk); + } + ++ if (!opt.files_are_digests) { + hash_sigversion_to_magic (md, sig); + gcry_md_final (md); ++ } else if (sig->version >= 4) { ++ log_bug("files-are-digests doesn't work with v4 sigs\n"); ++ } + + rc = do_sign( sk, sig, md, hash_for (sk) ); + gcry_md_close (md); +@@ -720,6 +724,8 @@ sign_file( strlist_t filenames, int deta + SK_LIST sk_rover = NULL; + int multifile = 0; + u32 duration=0; ++ int sigclass = 0x00; ++ u32 timestamp = 0; + + pfx = new_progress_context (); + afx = new_armor_context (); +@@ -736,7 +742,16 @@ sign_file( strlist_t filenames, int deta + fname = NULL; + + if( fname && filenames->next && (!detached || encryptflag) ) +- log_bug("multiple files can only be detached signed"); ++ log_bug("multiple files can only be detached signed\n"); ++ ++ if (opt.files_are_digests && (multifile || !fname)) ++ log_bug("files-are-digests only works with one file\n"); ++ if (opt.files_are_digests && !detached) ++ log_bug("files-are-digests can only write detached signatures\n"); ++ if (opt.files_are_digests && !opt.def_digest_algo) ++ log_bug("files-are-digests needs --digest-algo\n"); ++ if (opt.files_are_digests && opt.textmode) ++ log_bug("files-are-digests doesn't work with --textmode\n"); + + if(encryptflag==2 + && (rc=setup_symkey(&efx.symkey_s2k,&efx.symkey_dek))) +@@ -764,7 +779,7 @@ sign_file( strlist_t filenames, int deta + goto leave; + + /* prepare iobufs */ +- if( multifile ) /* have list of filenames */ ++ if( multifile || opt.files_are_digests) /* have list of filenames */ + inp = NULL; /* we do it later */ + else { + inp = iobuf_open(fname); +@@ -897,7 +912,7 @@ sign_file( strlist_t filenames, int deta + gcry_md_enable (mfx.md, hash_for(sk)); + } + +- if( !multifile ) ++ if( !multifile && !opt.files_are_digests ) + iobuf_push_filter( inp, md_filter, &mfx ); + + if( detached && !encryptflag && !RFC1991 ) +@@ -952,6 +967,8 @@ sign_file( strlist_t filenames, int deta + + write_status_begin_signing (mfx.md); + ++ sigclass = opt.textmode && !outfile? 0x01 : 0x00; ++ + /* Setup the inner packet. */ + if( detached ) { + if( multifile ) { +@@ -992,6 +1009,45 @@ sign_file( strlist_t filenames, int deta + if( opt.verbose ) + putc( '\n', stderr ); + } ++ else if (opt.files_are_digests) { ++ byte *mdb, ts[5]; ++ size_t mdlen; ++ const char *fp; ++ int c, d; ++ ++ gcry_md_final(mfx.md); ++ /* this assumes gcry_md_read returns the same buffer */ ++ mdb = gcry_md_read(mfx.md, opt.def_digest_algo); ++ (void) gcry_md_algo_info (opt.def_digest_algo, GCRYCTL_GET_ASNOID, NULL, &mdlen); ++ if (strlen(fname) != mdlen * 2 + 11) ++ log_bug("digests must be %d + @ + 5 bytes\n", mdlen); ++ d = -1; ++ for (fp = fname ; *fp; ) { ++ c = *fp++; ++ if (c >= '0' && c <= '9') ++ c -= '0'; ++ else if (c >= 'a' && c <= 'f') ++ c -= 'a' - 10; ++ else if (c >= 'A' && c <= 'F') ++ c -= 'A' - 10; ++ else ++ log_bug("filename is not hex\n"); ++ if (d >= 0) { ++ *mdb++ = d << 4 | c; ++ c = -1; ++ if (--mdlen == 0) { ++ mdb = ts; ++ if (*fp++ != '@') ++ log_bug("missing time separator\n"); ++ } ++ } ++ d = c; ++ } ++ sigclass = ts[0]; ++ if (sigclass != 0x00 && sigclass != 0x01) ++ log_bug("bad cipher class\n"); ++ timestamp = buffer_to_u32(ts + 1); ++ } + else { + /* read, so that the filter can calculate the digest */ + while( iobuf_get(inp) != -1 ) +@@ -1009,8 +1065,8 @@ sign_file( strlist_t filenames, int deta + + /* write the signatures */ + rc = write_signature_packets (sk_list, out, mfx.md, +- opt.textmode && !outfile? 0x01 : 0x00, +- 0, duration, detached ? 'D':'S'); ++ sigclass, ++ timestamp, duration, detached ? 'D':'S'); + if( rc ) + goto leave; + diff --git a/gpg2.changes b/gpg2.changes index ad883ce..6b4228e 100644 --- a/gpg2.changes +++ b/gpg2.changes @@ -21,6 +21,11 @@ Thu Jan 28 14:15:24 UTC 2010 - puzel@novell.com - fix build for older distributions +------------------------------------------------------------------- +Wed Jan 27 16:30:41 UTC 2010 - puzel@novell.com + +- port files-are-digests patch from gpg1 (bnc#469229) + ------------------------------------------------------------------- Tue Dec 15 20:56:35 CET 2009 - jengelh@medozas.de diff --git a/gpg2.spec b/gpg2.spec index db9d954..376e54f 100644 --- a/gpg2.spec +++ b/gpg2.spec @@ -54,8 +54,9 @@ Patch5: gnupg-2.0.10-tmpdir.diff Patch7: gnupg-2.0.4-install_tools.diff Patch10: gnupg-2.0.9-RSA_ES.patch Patch11: gnupg-2.0.9-langinfo.patch +Patch12: gnupg-files-are-digests.patch # PATCH-FIX-UPSTREAM gnupg-2.0.14-s2kcount.patch dimstar@opensuse.org -- use fixed s2k-count number to not use gpg-agent. -Patch12: gnupg-2.0.14-s2kcount.patch +Patch13: gnupg-2.0.14-s2kcount.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -70,6 +71,7 @@ gpg-agent, and a keybox library. %patch10 -p1 %patch11 %patch12 -p1 +%patch13 -p1 %build # Required for patch7: From f64981a2d3d4c61ba229cf91200ef7b43e4f52e309a4ebb48abeb3a51b49dcb2 Mon Sep 17 00:00:00 2001 From: OBS User autobuild Date: Wed, 24 Feb 2010 01:05:27 +0000 Subject: [PATCH 2/5] Accepting request 33137 from Base:System checked in (request 33137) OBS-URL: https://build.opensuse.org/request/show/33137 OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=15 --- gnupg-files-are-digests.patch | 174 ---------------------------------- gpg2.changes | 5 - gpg2.spec | 4 +- 3 files changed, 1 insertion(+), 182 deletions(-) delete mode 100644 gnupg-files-are-digests.patch diff --git a/gnupg-files-are-digests.patch b/gnupg-files-are-digests.patch deleted file mode 100644 index 5f06508..0000000 --- a/gnupg-files-are-digests.patch +++ /dev/null @@ -1,174 +0,0 @@ ---- - g10/gpg.c | 3 ++ - g10/options.h | 1 - g10/sign.c | 66 +++++++++++++++++++++++++++++++++++++++++++++++++++++----- - 3 files changed, 65 insertions(+), 5 deletions(-) - -Index: gnupg-2.0.13/g10/gpg.c -=================================================================== ---- gnupg-2.0.13.orig/g10/gpg.c 2009-08-05 12:09:24.000000000 +0200 -+++ gnupg-2.0.13/g10/gpg.c 2010-01-27 17:13:20.000000000 +0100 -@@ -338,6 +338,7 @@ enum cmd_and_opt_values - oTTYtype, - oLCctype, - oLCmessages, -+ oFilesAreDigests, - oXauthority, - oGroup, - oUnGroup, -@@ -700,6 +701,7 @@ static ARGPARSE_OPTS opts[] = { - ARGPARSE_s_s (oPersonalDigestPreferences, "personal-digest-preferences","@"), - ARGPARSE_s_s (oPersonalCompressPreferences, - "personal-compress-preferences", "@"), -+ ARGPARSE_s_n (oFilesAreDigests, "files-are-digests", "@"), - - /* Aliases. I constantly mistype these, and assume other people do - as well. */ -@@ -2850,6 +2852,7 @@ main (int argc, char **argv) - - case oLCctype: opt.lc_ctype = pargs.r.ret_str; break; - case oLCmessages: opt.lc_messages = pargs.r.ret_str; break; -+ case oFilesAreDigests: opt.files_are_digests = pargs.r.ret_str; break; - - case oGroup: add_group(pargs.r.ret_str); break; - case oUnGroup: rm_group(pargs.r.ret_str); break; -Index: gnupg-2.0.13/g10/options.h -=================================================================== ---- gnupg-2.0.13.orig/g10/options.h 2009-07-07 09:40:19.000000000 +0200 -+++ gnupg-2.0.13/g10/options.h 2010-01-27 16:42:03.000000000 +0100 -@@ -194,6 +194,7 @@ struct - int no_auto_check_trustdb; - int preserve_permissions; - int no_homedir_creation; -+ int files_are_digests; - struct groupitem *grouplist; - int mangle_dos_filenames; - int enable_progress_filter; -Index: gnupg-2.0.13/g10/sign.c -=================================================================== ---- gnupg-2.0.13.orig/g10/sign.c 2009-05-11 10:14:54.000000000 +0200 -+++ gnupg-2.0.13/g10/sign.c 2010-01-27 16:59:09.000000000 +0100 -@@ -662,8 +662,12 @@ write_signature_packets (SK_LIST sk_list - mk_notation_policy_etc (sig, NULL, sk); - } - -+ if (!opt.files_are_digests) { - hash_sigversion_to_magic (md, sig); - gcry_md_final (md); -+ } else if (sig->version >= 4) { -+ log_bug("files-are-digests doesn't work with v4 sigs\n"); -+ } - - rc = do_sign( sk, sig, md, hash_for (sk) ); - gcry_md_close (md); -@@ -720,6 +724,8 @@ sign_file( strlist_t filenames, int deta - SK_LIST sk_rover = NULL; - int multifile = 0; - u32 duration=0; -+ int sigclass = 0x00; -+ u32 timestamp = 0; - - pfx = new_progress_context (); - afx = new_armor_context (); -@@ -736,7 +742,16 @@ sign_file( strlist_t filenames, int deta - fname = NULL; - - if( fname && filenames->next && (!detached || encryptflag) ) -- log_bug("multiple files can only be detached signed"); -+ log_bug("multiple files can only be detached signed\n"); -+ -+ if (opt.files_are_digests && (multifile || !fname)) -+ log_bug("files-are-digests only works with one file\n"); -+ if (opt.files_are_digests && !detached) -+ log_bug("files-are-digests can only write detached signatures\n"); -+ if (opt.files_are_digests && !opt.def_digest_algo) -+ log_bug("files-are-digests needs --digest-algo\n"); -+ if (opt.files_are_digests && opt.textmode) -+ log_bug("files-are-digests doesn't work with --textmode\n"); - - if(encryptflag==2 - && (rc=setup_symkey(&efx.symkey_s2k,&efx.symkey_dek))) -@@ -764,7 +779,7 @@ sign_file( strlist_t filenames, int deta - goto leave; - - /* prepare iobufs */ -- if( multifile ) /* have list of filenames */ -+ if( multifile || opt.files_are_digests) /* have list of filenames */ - inp = NULL; /* we do it later */ - else { - inp = iobuf_open(fname); -@@ -897,7 +912,7 @@ sign_file( strlist_t filenames, int deta - gcry_md_enable (mfx.md, hash_for(sk)); - } - -- if( !multifile ) -+ if( !multifile && !opt.files_are_digests ) - iobuf_push_filter( inp, md_filter, &mfx ); - - if( detached && !encryptflag && !RFC1991 ) -@@ -952,6 +967,8 @@ sign_file( strlist_t filenames, int deta - - write_status_begin_signing (mfx.md); - -+ sigclass = opt.textmode && !outfile? 0x01 : 0x00; -+ - /* Setup the inner packet. */ - if( detached ) { - if( multifile ) { -@@ -992,6 +1009,45 @@ sign_file( strlist_t filenames, int deta - if( opt.verbose ) - putc( '\n', stderr ); - } -+ else if (opt.files_are_digests) { -+ byte *mdb, ts[5]; -+ size_t mdlen; -+ const char *fp; -+ int c, d; -+ -+ gcry_md_final(mfx.md); -+ /* this assumes gcry_md_read returns the same buffer */ -+ mdb = gcry_md_read(mfx.md, opt.def_digest_algo); -+ (void) gcry_md_algo_info (opt.def_digest_algo, GCRYCTL_GET_ASNOID, NULL, &mdlen); -+ if (strlen(fname) != mdlen * 2 + 11) -+ log_bug("digests must be %d + @ + 5 bytes\n", mdlen); -+ d = -1; -+ for (fp = fname ; *fp; ) { -+ c = *fp++; -+ if (c >= '0' && c <= '9') -+ c -= '0'; -+ else if (c >= 'a' && c <= 'f') -+ c -= 'a' - 10; -+ else if (c >= 'A' && c <= 'F') -+ c -= 'A' - 10; -+ else -+ log_bug("filename is not hex\n"); -+ if (d >= 0) { -+ *mdb++ = d << 4 | c; -+ c = -1; -+ if (--mdlen == 0) { -+ mdb = ts; -+ if (*fp++ != '@') -+ log_bug("missing time separator\n"); -+ } -+ } -+ d = c; -+ } -+ sigclass = ts[0]; -+ if (sigclass != 0x00 && sigclass != 0x01) -+ log_bug("bad cipher class\n"); -+ timestamp = buffer_to_u32(ts + 1); -+ } - else { - /* read, so that the filter can calculate the digest */ - while( iobuf_get(inp) != -1 ) -@@ -1009,8 +1065,8 @@ sign_file( strlist_t filenames, int deta - - /* write the signatures */ - rc = write_signature_packets (sk_list, out, mfx.md, -- opt.textmode && !outfile? 0x01 : 0x00, -- 0, duration, detached ? 'D':'S'); -+ sigclass, -+ timestamp, duration, detached ? 'D':'S'); - if( rc ) - goto leave; - diff --git a/gpg2.changes b/gpg2.changes index 6b4228e..ad883ce 100644 --- a/gpg2.changes +++ b/gpg2.changes @@ -21,11 +21,6 @@ Thu Jan 28 14:15:24 UTC 2010 - puzel@novell.com - fix build for older distributions -------------------------------------------------------------------- -Wed Jan 27 16:30:41 UTC 2010 - puzel@novell.com - -- port files-are-digests patch from gpg1 (bnc#469229) - ------------------------------------------------------------------- Tue Dec 15 20:56:35 CET 2009 - jengelh@medozas.de diff --git a/gpg2.spec b/gpg2.spec index 376e54f..db9d954 100644 --- a/gpg2.spec +++ b/gpg2.spec @@ -54,9 +54,8 @@ Patch5: gnupg-2.0.10-tmpdir.diff Patch7: gnupg-2.0.4-install_tools.diff Patch10: gnupg-2.0.9-RSA_ES.patch Patch11: gnupg-2.0.9-langinfo.patch -Patch12: gnupg-files-are-digests.patch # PATCH-FIX-UPSTREAM gnupg-2.0.14-s2kcount.patch dimstar@opensuse.org -- use fixed s2k-count number to not use gpg-agent. -Patch13: gnupg-2.0.14-s2kcount.patch +Patch12: gnupg-2.0.14-s2kcount.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -71,7 +70,6 @@ gpg-agent, and a keybox library. %patch10 -p1 %patch11 %patch12 -p1 -%patch13 -p1 %build # Required for patch7: From 11eb0e170bc9d1f76c86fc9a141eca11bf44456b0f7cd3e65d984dedd5982a20 Mon Sep 17 00:00:00 2001 From: Petr Uzel Date: Mon, 22 Mar 2010 15:13:26 +0000 Subject: [PATCH 3/5] fix files-are-digests patch OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=16 --- gnupg-files-are-digests.patch | 182 ++++++++++++++++++++++++++++++++++ gpg2.changes | 10 ++ gpg2.spec | 6 +- ready | 0 4 files changed, 196 insertions(+), 2 deletions(-) create mode 100644 gnupg-files-are-digests.patch delete mode 100644 ready diff --git a/gnupg-files-are-digests.patch b/gnupg-files-are-digests.patch new file mode 100644 index 0000000..5a6e760 --- /dev/null +++ b/gnupg-files-are-digests.patch @@ -0,0 +1,182 @@ +--- + g10/gpg.c | 4 +++ + g10/options.h | 1 + g10/sign.c | 66 +++++++++++++++++++++++++++++++++++++++++++++++++++++----- + 3 files changed, 66 insertions(+), 5 deletions(-) + +Index: gnupg-2.0.14/g10/gpg.c +=================================================================== +--- gnupg-2.0.14.orig/g10/gpg.c 2009-12-21 15:00:55.000000000 +0100 ++++ gnupg-2.0.14/g10/gpg.c 2010-03-22 15:05:00.000000000 +0100 +@@ -340,6 +340,7 @@ enum cmd_and_opt_values + oTTYtype, + oLCctype, + oLCmessages, ++ oFilesAreDigests, + oXauthority, + oGroup, + oUnGroup, +@@ -705,6 +706,7 @@ static ARGPARSE_OPTS opts[] = { + ARGPARSE_s_s (oPersonalDigestPreferences, "personal-digest-preferences","@"), + ARGPARSE_s_s (oPersonalCompressPreferences, + "personal-compress-preferences", "@"), ++ ARGPARSE_s_n (oFilesAreDigests, "files-are-digests", "@"), + + /* Aliases. I constantly mistype these, and assume other people do + as well. */ +@@ -1998,6 +2000,7 @@ main (int argc, char **argv) + opt.def_cert_expire="0"; + set_homedir ( default_homedir () ); + opt.passwd_repeat=1; ++ opt.files_are_digests=0; + + /* Check whether we have a config file on the command line. */ + orig_argc = argc; +@@ -2481,6 +2484,7 @@ main (int argc, char **argv) + case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break; + case oForceV3Sigs: opt.force_v3_sigs = 1; break; + case oNoForceV3Sigs: opt.force_v3_sigs = 0; break; ++ case oFilesAreDigests: opt.files_are_digests = 1; break; + case oForceV4Certs: opt.force_v4_certs = 1; break; + case oNoForceV4Certs: opt.force_v4_certs = 0; break; + case oForceMDC: opt.force_mdc = 1; break; +Index: gnupg-2.0.14/g10/options.h +=================================================================== +--- gnupg-2.0.14.orig/g10/options.h 2009-09-21 18:53:51.000000000 +0200 ++++ gnupg-2.0.14/g10/options.h 2010-03-22 11:34:09.000000000 +0100 +@@ -194,6 +194,7 @@ struct + int no_auto_check_trustdb; + int preserve_permissions; + int no_homedir_creation; ++ int files_are_digests; + struct groupitem *grouplist; + int mangle_dos_filenames; + int enable_progress_filter; +Index: gnupg-2.0.14/g10/sign.c +=================================================================== +--- gnupg-2.0.14.orig/g10/sign.c 2009-09-21 18:53:51.000000000 +0200 ++++ gnupg-2.0.14/g10/sign.c 2010-03-22 16:07:47.000000000 +0100 +@@ -662,8 +662,12 @@ write_signature_packets (SK_LIST sk_list + mk_notation_policy_etc (sig, NULL, sk); + } + ++ if (!opt.files_are_digests) { + hash_sigversion_to_magic (md, sig); + gcry_md_final (md); ++ } else if (sig->version >= 4) { ++ log_bug("files-are-digests doesn't work with v4 sigs\n"); ++ } + + rc = do_sign( sk, sig, md, hash_for (sk) ); + gcry_md_close (md); +@@ -720,6 +724,8 @@ sign_file( strlist_t filenames, int deta + SK_LIST sk_rover = NULL; + int multifile = 0; + u32 duration=0; ++ int sigclass = 0x00; ++ u32 timestamp = 0; + + pfx = new_progress_context (); + afx = new_armor_context (); +@@ -736,7 +742,16 @@ sign_file( strlist_t filenames, int deta + fname = NULL; + + if( fname && filenames->next && (!detached || encryptflag) ) +- log_bug("multiple files can only be detached signed"); ++ log_bug("multiple files can only be detached signed\n"); ++ ++ if (opt.files_are_digests && (multifile || !fname)) ++ log_bug("files-are-digests only works with one file\n"); ++ if (opt.files_are_digests && !detached) ++ log_bug("files-are-digests can only write detached signatures\n"); ++ if (opt.files_are_digests && !opt.def_digest_algo) ++ log_bug("files-are-digests needs --digest-algo\n"); ++ if (opt.files_are_digests && opt.textmode) ++ log_bug("files-are-digests doesn't work with --textmode\n"); + + if(encryptflag==2 + && (rc=setup_symkey(&efx.symkey_s2k,&efx.symkey_dek))) +@@ -764,7 +779,7 @@ sign_file( strlist_t filenames, int deta + goto leave; + + /* prepare iobufs */ +- if( multifile ) /* have list of filenames */ ++ if( multifile || opt.files_are_digests) /* have list of filenames */ + inp = NULL; /* we do it later */ + else { + inp = iobuf_open(fname); +@@ -897,7 +912,7 @@ sign_file( strlist_t filenames, int deta + gcry_md_enable (mfx.md, hash_for(sk)); + } + +- if( !multifile ) ++ if( !multifile && !opt.files_are_digests ) + iobuf_push_filter( inp, md_filter, &mfx ); + + if( detached && !encryptflag && !RFC1991 ) +@@ -952,6 +967,8 @@ sign_file( strlist_t filenames, int deta + + write_status_begin_signing (mfx.md); + ++ sigclass = opt.textmode && !outfile? 0x01 : 0x00; ++ + /* Setup the inner packet. */ + if( detached ) { + if( multifile ) { +@@ -992,6 +1009,45 @@ sign_file( strlist_t filenames, int deta + if( opt.verbose ) + putc( '\n', stderr ); + } ++ else if (opt.files_are_digests) { ++ byte *mdb, ts[5]; ++ size_t mdlen; ++ const char *fp; ++ int c, d; ++ ++ gcry_md_final(mfx.md); ++ /* this assumes gcry_md_read returns the same buffer */ ++ mdb = gcry_md_read(mfx.md, opt.def_digest_algo); ++ mdlen = gcry_md_get_algo_dlen(opt.def_digest_algo); ++ if (strlen(fname) != mdlen * 2 + 11) ++ log_bug("digests must be %d + @ + 5 bytes\n", mdlen); ++ d = -1; ++ for (fp = fname ; *fp; ) { ++ c = *fp++; ++ if (c >= '0' && c <= '9') ++ c -= '0'; ++ else if (c >= 'a' && c <= 'f') ++ c -= 'a' - 10; ++ else if (c >= 'A' && c <= 'F') ++ c -= 'A' - 10; ++ else ++ log_bug("filename is not hex\n"); ++ if (d >= 0) { ++ *mdb++ = d << 4 | c; ++ c = -1; ++ if (--mdlen == 0) { ++ mdb = ts; ++ if (*fp++ != '@') ++ log_bug("missing time separator\n"); ++ } ++ } ++ d = c; ++ } ++ sigclass = ts[0]; ++ if (sigclass != 0x00 && sigclass != 0x01) ++ log_bug("bad cipher class\n"); ++ timestamp = buffer_to_u32(ts + 1); ++ } + else { + /* read, so that the filter can calculate the digest */ + while( iobuf_get(inp) != -1 ) +@@ -1009,8 +1065,8 @@ sign_file( strlist_t filenames, int deta + + /* write the signatures */ + rc = write_signature_packets (sk_list, out, mfx.md, +- opt.textmode && !outfile? 0x01 : 0x00, +- 0, duration, detached ? 'D':'S'); ++ sigclass, ++ timestamp, duration, detached ? 'D':'S'); + if( rc ) + goto leave; + diff --git a/gpg2.changes b/gpg2.changes index ad883ce..5fbf741 100644 --- a/gpg2.changes +++ b/gpg2.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Mon Mar 22 15:09:24 UTC 2010 - puzel@novell.com + +- fix files-are-digests patch (bnc#469229) + ------------------------------------------------------------------- Wed Feb 17 13:29:18 CET 2010 - dimstar@opensuse.org @@ -21,6 +26,11 @@ Thu Jan 28 14:15:24 UTC 2010 - puzel@novell.com - fix build for older distributions +------------------------------------------------------------------- +Wed Jan 27 16:30:41 UTC 2010 - puzel@novell.com + +- port files-are-digests patch from gpg1 (bnc#469229) + ------------------------------------------------------------------- Tue Dec 15 20:56:35 CET 2009 - jengelh@medozas.de diff --git a/gpg2.spec b/gpg2.spec index db9d954..baa0782 100644 --- a/gpg2.spec +++ b/gpg2.spec @@ -20,7 +20,7 @@ Name: gpg2 Version: 2.0.14 -Release: 1 +Release: 2 BuildRequires: expect BuildRequires: fdupes BuildRequires: libgpg-error-devel >= 1.4 @@ -54,8 +54,9 @@ Patch5: gnupg-2.0.10-tmpdir.diff Patch7: gnupg-2.0.4-install_tools.diff Patch10: gnupg-2.0.9-RSA_ES.patch Patch11: gnupg-2.0.9-langinfo.patch +Patch12: gnupg-files-are-digests.patch # PATCH-FIX-UPSTREAM gnupg-2.0.14-s2kcount.patch dimstar@opensuse.org -- use fixed s2k-count number to not use gpg-agent. -Patch12: gnupg-2.0.14-s2kcount.patch +Patch13: gnupg-2.0.14-s2kcount.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -70,6 +71,7 @@ gpg-agent, and a keybox library. %patch10 -p1 %patch11 %patch12 -p1 +%patch13 -p1 %build # Required for patch7: diff --git a/ready b/ready deleted file mode 100644 index 473a0f4..0000000 From a700e7a0884c2b984812723d18d3a1f34e5e9e6e3906e76712bafaaa52c3b52e Mon Sep 17 00:00:00 2001 From: OBS User autobuild Date: Fri, 26 Mar 2010 00:11:47 +0000 Subject: [PATCH 4/5] Accepting request 35485 from Base:System checked in (request 35485) OBS-URL: https://build.opensuse.org/request/show/35485 OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=17 --- gnupg-files-are-digests.patch | 50 +++++++++++++++-------------------- gpg2.changes | 5 ---- 2 files changed, 21 insertions(+), 34 deletions(-) diff --git a/gnupg-files-are-digests.patch b/gnupg-files-are-digests.patch index 5a6e760..5f06508 100644 --- a/gnupg-files-are-digests.patch +++ b/gnupg-files-are-digests.patch @@ -1,14 +1,14 @@ --- - g10/gpg.c | 4 +++ + g10/gpg.c | 3 ++ g10/options.h | 1 g10/sign.c | 66 +++++++++++++++++++++++++++++++++++++++++++++++++++++----- - 3 files changed, 66 insertions(+), 5 deletions(-) + 3 files changed, 65 insertions(+), 5 deletions(-) -Index: gnupg-2.0.14/g10/gpg.c +Index: gnupg-2.0.13/g10/gpg.c =================================================================== ---- gnupg-2.0.14.orig/g10/gpg.c 2009-12-21 15:00:55.000000000 +0100 -+++ gnupg-2.0.14/g10/gpg.c 2010-03-22 15:05:00.000000000 +0100 -@@ -340,6 +340,7 @@ enum cmd_and_opt_values +--- gnupg-2.0.13.orig/g10/gpg.c 2009-08-05 12:09:24.000000000 +0200 ++++ gnupg-2.0.13/g10/gpg.c 2010-01-27 17:13:20.000000000 +0100 +@@ -338,6 +338,7 @@ enum cmd_and_opt_values oTTYtype, oLCctype, oLCmessages, @@ -16,7 +16,7 @@ Index: gnupg-2.0.14/g10/gpg.c oXauthority, oGroup, oUnGroup, -@@ -705,6 +706,7 @@ static ARGPARSE_OPTS opts[] = { +@@ -700,6 +701,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_s (oPersonalDigestPreferences, "personal-digest-preferences","@"), ARGPARSE_s_s (oPersonalCompressPreferences, "personal-compress-preferences", "@"), @@ -24,26 +24,18 @@ Index: gnupg-2.0.14/g10/gpg.c /* Aliases. I constantly mistype these, and assume other people do as well. */ -@@ -1998,6 +2000,7 @@ main (int argc, char **argv) - opt.def_cert_expire="0"; - set_homedir ( default_homedir () ); - opt.passwd_repeat=1; -+ opt.files_are_digests=0; +@@ -2850,6 +2852,7 @@ main (int argc, char **argv) - /* Check whether we have a config file on the command line. */ - orig_argc = argc; -@@ -2481,6 +2484,7 @@ main (int argc, char **argv) - case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break; - case oForceV3Sigs: opt.force_v3_sigs = 1; break; - case oNoForceV3Sigs: opt.force_v3_sigs = 0; break; -+ case oFilesAreDigests: opt.files_are_digests = 1; break; - case oForceV4Certs: opt.force_v4_certs = 1; break; - case oNoForceV4Certs: opt.force_v4_certs = 0; break; - case oForceMDC: opt.force_mdc = 1; break; -Index: gnupg-2.0.14/g10/options.h + case oLCctype: opt.lc_ctype = pargs.r.ret_str; break; + case oLCmessages: opt.lc_messages = pargs.r.ret_str; break; ++ case oFilesAreDigests: opt.files_are_digests = pargs.r.ret_str; break; + + case oGroup: add_group(pargs.r.ret_str); break; + case oUnGroup: rm_group(pargs.r.ret_str); break; +Index: gnupg-2.0.13/g10/options.h =================================================================== ---- gnupg-2.0.14.orig/g10/options.h 2009-09-21 18:53:51.000000000 +0200 -+++ gnupg-2.0.14/g10/options.h 2010-03-22 11:34:09.000000000 +0100 +--- gnupg-2.0.13.orig/g10/options.h 2009-07-07 09:40:19.000000000 +0200 ++++ gnupg-2.0.13/g10/options.h 2010-01-27 16:42:03.000000000 +0100 @@ -194,6 +194,7 @@ struct int no_auto_check_trustdb; int preserve_permissions; @@ -52,10 +44,10 @@ Index: gnupg-2.0.14/g10/options.h struct groupitem *grouplist; int mangle_dos_filenames; int enable_progress_filter; -Index: gnupg-2.0.14/g10/sign.c +Index: gnupg-2.0.13/g10/sign.c =================================================================== ---- gnupg-2.0.14.orig/g10/sign.c 2009-09-21 18:53:51.000000000 +0200 -+++ gnupg-2.0.14/g10/sign.c 2010-03-22 16:07:47.000000000 +0100 +--- gnupg-2.0.13.orig/g10/sign.c 2009-05-11 10:14:54.000000000 +0200 ++++ gnupg-2.0.13/g10/sign.c 2010-01-27 16:59:09.000000000 +0100 @@ -662,8 +662,12 @@ write_signature_packets (SK_LIST sk_list mk_notation_policy_etc (sig, NULL, sk); } @@ -136,7 +128,7 @@ Index: gnupg-2.0.14/g10/sign.c + gcry_md_final(mfx.md); + /* this assumes gcry_md_read returns the same buffer */ + mdb = gcry_md_read(mfx.md, opt.def_digest_algo); -+ mdlen = gcry_md_get_algo_dlen(opt.def_digest_algo); ++ (void) gcry_md_algo_info (opt.def_digest_algo, GCRYCTL_GET_ASNOID, NULL, &mdlen); + if (strlen(fname) != mdlen * 2 + 11) + log_bug("digests must be %d + @ + 5 bytes\n", mdlen); + d = -1; diff --git a/gpg2.changes b/gpg2.changes index 5fbf741..6b4228e 100644 --- a/gpg2.changes +++ b/gpg2.changes @@ -1,8 +1,3 @@ -------------------------------------------------------------------- -Mon Mar 22 15:09:24 UTC 2010 - puzel@novell.com - -- fix files-are-digests patch (bnc#469229) - ------------------------------------------------------------------- Wed Feb 17 13:29:18 CET 2010 - dimstar@opensuse.org From 0578875b95d910e756048d2133fa0994e33ee4a8e59fc05201c2788d25930123 Mon Sep 17 00:00:00 2001 From: OBS User buildservice-autocommit Date: Fri, 26 Mar 2010 00:11:48 +0000 Subject: [PATCH 5/5] Updating link to change in openSUSE:Factory/gpg2 revision 38.0 OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=d4eaa900d83b29431f570f660df11b41 --- gnupg-files-are-digests.patch | 50 ++++++++++++++++++++--------------- gpg2.changes | 5 ++++ gpg2.spec | 2 +- 3 files changed, 35 insertions(+), 22 deletions(-) diff --git a/gnupg-files-are-digests.patch b/gnupg-files-are-digests.patch index 5f06508..5a6e760 100644 --- a/gnupg-files-are-digests.patch +++ b/gnupg-files-are-digests.patch @@ -1,14 +1,14 @@ --- - g10/gpg.c | 3 ++ + g10/gpg.c | 4 +++ g10/options.h | 1 g10/sign.c | 66 +++++++++++++++++++++++++++++++++++++++++++++++++++++----- - 3 files changed, 65 insertions(+), 5 deletions(-) + 3 files changed, 66 insertions(+), 5 deletions(-) -Index: gnupg-2.0.13/g10/gpg.c +Index: gnupg-2.0.14/g10/gpg.c =================================================================== ---- gnupg-2.0.13.orig/g10/gpg.c 2009-08-05 12:09:24.000000000 +0200 -+++ gnupg-2.0.13/g10/gpg.c 2010-01-27 17:13:20.000000000 +0100 -@@ -338,6 +338,7 @@ enum cmd_and_opt_values +--- gnupg-2.0.14.orig/g10/gpg.c 2009-12-21 15:00:55.000000000 +0100 ++++ gnupg-2.0.14/g10/gpg.c 2010-03-22 15:05:00.000000000 +0100 +@@ -340,6 +340,7 @@ enum cmd_and_opt_values oTTYtype, oLCctype, oLCmessages, @@ -16,7 +16,7 @@ Index: gnupg-2.0.13/g10/gpg.c oXauthority, oGroup, oUnGroup, -@@ -700,6 +701,7 @@ static ARGPARSE_OPTS opts[] = { +@@ -705,6 +706,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_s (oPersonalDigestPreferences, "personal-digest-preferences","@"), ARGPARSE_s_s (oPersonalCompressPreferences, "personal-compress-preferences", "@"), @@ -24,18 +24,26 @@ Index: gnupg-2.0.13/g10/gpg.c /* Aliases. I constantly mistype these, and assume other people do as well. */ -@@ -2850,6 +2852,7 @@ main (int argc, char **argv) +@@ -1998,6 +2000,7 @@ main (int argc, char **argv) + opt.def_cert_expire="0"; + set_homedir ( default_homedir () ); + opt.passwd_repeat=1; ++ opt.files_are_digests=0; - case oLCctype: opt.lc_ctype = pargs.r.ret_str; break; - case oLCmessages: opt.lc_messages = pargs.r.ret_str; break; -+ case oFilesAreDigests: opt.files_are_digests = pargs.r.ret_str; break; - - case oGroup: add_group(pargs.r.ret_str); break; - case oUnGroup: rm_group(pargs.r.ret_str); break; -Index: gnupg-2.0.13/g10/options.h + /* Check whether we have a config file on the command line. */ + orig_argc = argc; +@@ -2481,6 +2484,7 @@ main (int argc, char **argv) + case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break; + case oForceV3Sigs: opt.force_v3_sigs = 1; break; + case oNoForceV3Sigs: opt.force_v3_sigs = 0; break; ++ case oFilesAreDigests: opt.files_are_digests = 1; break; + case oForceV4Certs: opt.force_v4_certs = 1; break; + case oNoForceV4Certs: opt.force_v4_certs = 0; break; + case oForceMDC: opt.force_mdc = 1; break; +Index: gnupg-2.0.14/g10/options.h =================================================================== ---- gnupg-2.0.13.orig/g10/options.h 2009-07-07 09:40:19.000000000 +0200 -+++ gnupg-2.0.13/g10/options.h 2010-01-27 16:42:03.000000000 +0100 +--- gnupg-2.0.14.orig/g10/options.h 2009-09-21 18:53:51.000000000 +0200 ++++ gnupg-2.0.14/g10/options.h 2010-03-22 11:34:09.000000000 +0100 @@ -194,6 +194,7 @@ struct int no_auto_check_trustdb; int preserve_permissions; @@ -44,10 +52,10 @@ Index: gnupg-2.0.13/g10/options.h struct groupitem *grouplist; int mangle_dos_filenames; int enable_progress_filter; -Index: gnupg-2.0.13/g10/sign.c +Index: gnupg-2.0.14/g10/sign.c =================================================================== ---- gnupg-2.0.13.orig/g10/sign.c 2009-05-11 10:14:54.000000000 +0200 -+++ gnupg-2.0.13/g10/sign.c 2010-01-27 16:59:09.000000000 +0100 +--- gnupg-2.0.14.orig/g10/sign.c 2009-09-21 18:53:51.000000000 +0200 ++++ gnupg-2.0.14/g10/sign.c 2010-03-22 16:07:47.000000000 +0100 @@ -662,8 +662,12 @@ write_signature_packets (SK_LIST sk_list mk_notation_policy_etc (sig, NULL, sk); } @@ -128,7 +136,7 @@ Index: gnupg-2.0.13/g10/sign.c + gcry_md_final(mfx.md); + /* this assumes gcry_md_read returns the same buffer */ + mdb = gcry_md_read(mfx.md, opt.def_digest_algo); -+ (void) gcry_md_algo_info (opt.def_digest_algo, GCRYCTL_GET_ASNOID, NULL, &mdlen); ++ mdlen = gcry_md_get_algo_dlen(opt.def_digest_algo); + if (strlen(fname) != mdlen * 2 + 11) + log_bug("digests must be %d + @ + 5 bytes\n", mdlen); + d = -1; diff --git a/gpg2.changes b/gpg2.changes index 6b4228e..5fbf741 100644 --- a/gpg2.changes +++ b/gpg2.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Mon Mar 22 15:09:24 UTC 2010 - puzel@novell.com + +- fix files-are-digests patch (bnc#469229) + ------------------------------------------------------------------- Wed Feb 17 13:29:18 CET 2010 - dimstar@opensuse.org diff --git a/gpg2.spec b/gpg2.spec index baa0782..172e945 100644 --- a/gpg2.spec +++ b/gpg2.spec @@ -20,7 +20,7 @@ Name: gpg2 Version: 2.0.14 -Release: 2 +Release: 3 BuildRequires: expect BuildRequires: fdupes BuildRequires: libgpg-error-devel >= 1.4