From fbd2168761f3a30f223748167ee2166803df09621aef1eceb31e30abeea7a2a2 Mon Sep 17 00:00:00 2001 From: OBS User autobuild Date: Wed, 24 Feb 2010 01:05:28 +0000 Subject: [PATCH] Accepting request 33137 from Base:System Copy from Base:System/gpg2 based on submit request 33137 from user msmeissn OBS-URL: https://build.opensuse.org/request/show/33137 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gpg2?expand=0&rev=36 --- gnupg-files-are-digests.patch | 174 ++++++++++++++++++++++++++++++++++ gpg2.changes | 5 + gpg2.spec | 6 +- 3 files changed, 183 insertions(+), 2 deletions(-) create mode 100644 gnupg-files-are-digests.patch diff --git a/gnupg-files-are-digests.patch b/gnupg-files-are-digests.patch new file mode 100644 index 0000000..5f06508 --- /dev/null +++ b/gnupg-files-are-digests.patch @@ -0,0 +1,174 @@ +--- + g10/gpg.c | 3 ++ + g10/options.h | 1 + g10/sign.c | 66 +++++++++++++++++++++++++++++++++++++++++++++++++++++----- + 3 files changed, 65 insertions(+), 5 deletions(-) + +Index: gnupg-2.0.13/g10/gpg.c +=================================================================== +--- gnupg-2.0.13.orig/g10/gpg.c 2009-08-05 12:09:24.000000000 +0200 ++++ gnupg-2.0.13/g10/gpg.c 2010-01-27 17:13:20.000000000 +0100 +@@ -338,6 +338,7 @@ enum cmd_and_opt_values + oTTYtype, + oLCctype, + oLCmessages, ++ oFilesAreDigests, + oXauthority, + oGroup, + oUnGroup, +@@ -700,6 +701,7 @@ static ARGPARSE_OPTS opts[] = { + ARGPARSE_s_s (oPersonalDigestPreferences, "personal-digest-preferences","@"), + ARGPARSE_s_s (oPersonalCompressPreferences, + "personal-compress-preferences", "@"), ++ ARGPARSE_s_n (oFilesAreDigests, "files-are-digests", "@"), + + /* Aliases. I constantly mistype these, and assume other people do + as well. */ +@@ -2850,6 +2852,7 @@ main (int argc, char **argv) + + case oLCctype: opt.lc_ctype = pargs.r.ret_str; break; + case oLCmessages: opt.lc_messages = pargs.r.ret_str; break; ++ case oFilesAreDigests: opt.files_are_digests = pargs.r.ret_str; break; + + case oGroup: add_group(pargs.r.ret_str); break; + case oUnGroup: rm_group(pargs.r.ret_str); break; +Index: gnupg-2.0.13/g10/options.h +=================================================================== +--- gnupg-2.0.13.orig/g10/options.h 2009-07-07 09:40:19.000000000 +0200 ++++ gnupg-2.0.13/g10/options.h 2010-01-27 16:42:03.000000000 +0100 +@@ -194,6 +194,7 @@ struct + int no_auto_check_trustdb; + int preserve_permissions; + int no_homedir_creation; ++ int files_are_digests; + struct groupitem *grouplist; + int mangle_dos_filenames; + int enable_progress_filter; +Index: gnupg-2.0.13/g10/sign.c +=================================================================== +--- gnupg-2.0.13.orig/g10/sign.c 2009-05-11 10:14:54.000000000 +0200 ++++ gnupg-2.0.13/g10/sign.c 2010-01-27 16:59:09.000000000 +0100 +@@ -662,8 +662,12 @@ write_signature_packets (SK_LIST sk_list + mk_notation_policy_etc (sig, NULL, sk); + } + ++ if (!opt.files_are_digests) { + hash_sigversion_to_magic (md, sig); + gcry_md_final (md); ++ } else if (sig->version >= 4) { ++ log_bug("files-are-digests doesn't work with v4 sigs\n"); ++ } + + rc = do_sign( sk, sig, md, hash_for (sk) ); + gcry_md_close (md); +@@ -720,6 +724,8 @@ sign_file( strlist_t filenames, int deta + SK_LIST sk_rover = NULL; + int multifile = 0; + u32 duration=0; ++ int sigclass = 0x00; ++ u32 timestamp = 0; + + pfx = new_progress_context (); + afx = new_armor_context (); +@@ -736,7 +742,16 @@ sign_file( strlist_t filenames, int deta + fname = NULL; + + if( fname && filenames->next && (!detached || encryptflag) ) +- log_bug("multiple files can only be detached signed"); ++ log_bug("multiple files can only be detached signed\n"); ++ ++ if (opt.files_are_digests && (multifile || !fname)) ++ log_bug("files-are-digests only works with one file\n"); ++ if (opt.files_are_digests && !detached) ++ log_bug("files-are-digests can only write detached signatures\n"); ++ if (opt.files_are_digests && !opt.def_digest_algo) ++ log_bug("files-are-digests needs --digest-algo\n"); ++ if (opt.files_are_digests && opt.textmode) ++ log_bug("files-are-digests doesn't work with --textmode\n"); + + if(encryptflag==2 + && (rc=setup_symkey(&efx.symkey_s2k,&efx.symkey_dek))) +@@ -764,7 +779,7 @@ sign_file( strlist_t filenames, int deta + goto leave; + + /* prepare iobufs */ +- if( multifile ) /* have list of filenames */ ++ if( multifile || opt.files_are_digests) /* have list of filenames */ + inp = NULL; /* we do it later */ + else { + inp = iobuf_open(fname); +@@ -897,7 +912,7 @@ sign_file( strlist_t filenames, int deta + gcry_md_enable (mfx.md, hash_for(sk)); + } + +- if( !multifile ) ++ if( !multifile && !opt.files_are_digests ) + iobuf_push_filter( inp, md_filter, &mfx ); + + if( detached && !encryptflag && !RFC1991 ) +@@ -952,6 +967,8 @@ sign_file( strlist_t filenames, int deta + + write_status_begin_signing (mfx.md); + ++ sigclass = opt.textmode && !outfile? 0x01 : 0x00; ++ + /* Setup the inner packet. */ + if( detached ) { + if( multifile ) { +@@ -992,6 +1009,45 @@ sign_file( strlist_t filenames, int deta + if( opt.verbose ) + putc( '\n', stderr ); + } ++ else if (opt.files_are_digests) { ++ byte *mdb, ts[5]; ++ size_t mdlen; ++ const char *fp; ++ int c, d; ++ ++ gcry_md_final(mfx.md); ++ /* this assumes gcry_md_read returns the same buffer */ ++ mdb = gcry_md_read(mfx.md, opt.def_digest_algo); ++ (void) gcry_md_algo_info (opt.def_digest_algo, GCRYCTL_GET_ASNOID, NULL, &mdlen); ++ if (strlen(fname) != mdlen * 2 + 11) ++ log_bug("digests must be %d + @ + 5 bytes\n", mdlen); ++ d = -1; ++ for (fp = fname ; *fp; ) { ++ c = *fp++; ++ if (c >= '0' && c <= '9') ++ c -= '0'; ++ else if (c >= 'a' && c <= 'f') ++ c -= 'a' - 10; ++ else if (c >= 'A' && c <= 'F') ++ c -= 'A' - 10; ++ else ++ log_bug("filename is not hex\n"); ++ if (d >= 0) { ++ *mdb++ = d << 4 | c; ++ c = -1; ++ if (--mdlen == 0) { ++ mdb = ts; ++ if (*fp++ != '@') ++ log_bug("missing time separator\n"); ++ } ++ } ++ d = c; ++ } ++ sigclass = ts[0]; ++ if (sigclass != 0x00 && sigclass != 0x01) ++ log_bug("bad cipher class\n"); ++ timestamp = buffer_to_u32(ts + 1); ++ } + else { + /* read, so that the filter can calculate the digest */ + while( iobuf_get(inp) != -1 ) +@@ -1009,8 +1065,8 @@ sign_file( strlist_t filenames, int deta + + /* write the signatures */ + rc = write_signature_packets (sk_list, out, mfx.md, +- opt.textmode && !outfile? 0x01 : 0x00, +- 0, duration, detached ? 'D':'S'); ++ sigclass, ++ timestamp, duration, detached ? 'D':'S'); + if( rc ) + goto leave; + diff --git a/gpg2.changes b/gpg2.changes index ad883ce..6b4228e 100644 --- a/gpg2.changes +++ b/gpg2.changes @@ -21,6 +21,11 @@ Thu Jan 28 14:15:24 UTC 2010 - puzel@novell.com - fix build for older distributions +------------------------------------------------------------------- +Wed Jan 27 16:30:41 UTC 2010 - puzel@novell.com + +- port files-are-digests patch from gpg1 (bnc#469229) + ------------------------------------------------------------------- Tue Dec 15 20:56:35 CET 2009 - jengelh@medozas.de diff --git a/gpg2.spec b/gpg2.spec index db9d954..baa0782 100644 --- a/gpg2.spec +++ b/gpg2.spec @@ -20,7 +20,7 @@ Name: gpg2 Version: 2.0.14 -Release: 1 +Release: 2 BuildRequires: expect BuildRequires: fdupes BuildRequires: libgpg-error-devel >= 1.4 @@ -54,8 +54,9 @@ Patch5: gnupg-2.0.10-tmpdir.diff Patch7: gnupg-2.0.4-install_tools.diff Patch10: gnupg-2.0.9-RSA_ES.patch Patch11: gnupg-2.0.9-langinfo.patch +Patch12: gnupg-files-are-digests.patch # PATCH-FIX-UPSTREAM gnupg-2.0.14-s2kcount.patch dimstar@opensuse.org -- use fixed s2k-count number to not use gpg-agent. -Patch12: gnupg-2.0.14-s2kcount.patch +Patch13: gnupg-2.0.14-s2kcount.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -70,6 +71,7 @@ gpg-agent, and a keybox library. %patch10 -p1 %patch11 %patch12 -p1 +%patch13 -p1 %build # Required for patch7: