From 7b2799047dc57fc5726bef122450f4670b356c323cb24c397349b6413ccb3819 Mon Sep 17 00:00:00 2001 From: Pedro Monreal Gonzalez Date: Mon, 6 Jul 2020 09:13:39 +0000 Subject: [PATCH] Accepting request 818265 from home:dancermak:branches:Base:System Add patch for https://dev.gnupg.org/T3464 OBS-URL: https://build.opensuse.org/request/show/818265 OBS-URL: https://build.opensuse.org/package/show/Base:System/gpgme?expand=0&rev=117 --- ...diagnostics-with-override-session-ke.patch | 49 +++++++++++++++++++ gpgme.changes | 12 +++++ gpgme.spec | 8 +-- 3 files changed, 66 insertions(+), 3 deletions(-) create mode 100644 0001-gpg-Avoid-error-diagnostics-with-override-session-ke.patch diff --git a/0001-gpg-Avoid-error-diagnostics-with-override-session-ke.patch b/0001-gpg-Avoid-error-diagnostics-with-override-session-ke.patch new file mode 100644 index 0000000..3f225cb --- /dev/null +++ b/0001-gpg-Avoid-error-diagnostics-with-override-session-ke.patch @@ -0,0 +1,49 @@ +From ae4d7761a15b82eb98b0bcc72af2ae2e8973e1f9 Mon Sep 17 00:00:00 2001 +From: Daniel Kahn Gillmor +Date: Wed, 29 May 2019 17:56:01 -0400 +Subject: [GPGME PATCH] gpg: Avoid error diagnostics with + --override-session-key when verifying + +* src/engine-gpg.c (gpg_decrypt): only send --no-keyring when we are +not verifying. + +-- + +Without this change, the signature verification would fail. This +problem was introduced in bded8ebc59c7fdad2617f4c9232a58047656834c in +an attempt to avoid an error when *not* verifying. Clearly more test +suite coverage is needed to avoid introducing this sort of problem in +the future. + +GnuPG-bug-id: 3464 +Signed-off-by: Daniel Kahn Gillmor +--- + src/engine-gpg.c | 9 ++++++--- + 1 file changed, 6 insertions(+), 3 deletions(-) + +diff --git a/src/engine-gpg.c b/src/engine-gpg.c +index 5c335cb2..223404ed 100644 +--- a/src/engine-gpg.c ++++ b/src/engine-gpg.c +@@ -1717,12 +1717,15 @@ gpg_decrypt (void *engine, + strlen (override_session_key), 1); + if (!err) + { +- /* We add --no-keyring because a keyring is not required +- * when we are overriding the session key. It would ++ /* When we are not trying to verify signatures as well, ++ * we add --no-keyring because a keyring is not required ++ * for decryption when overriding the session key. It would + * work without that option but --no-keyring avoids that + * gpg return a failure due to a missing key log_error() + * diagnostic. --no-keyring is supported since 2.1.14. */ +- err = add_arg (gpg, "--no-keyring"); ++ ++ if (!(flags & GPGME_DECRYPT_VERIFY)) ++ err = add_arg (gpg, "--no-keyring"); + if (!err) + err = add_arg (gpg, "--override-session-key-fd"); + if (!err) +-- +2.27.0 + diff --git a/gpgme.changes b/gpgme.changes index 09507ec..51ede97 100644 --- a/gpgme.changes +++ b/gpgme.changes @@ -1,3 +1,15 @@ +------------------------------------------------------------------- +Thu Jul 2 08:23:12 UTC 2020 - Dan Čermák + +- Add 0001-gpg-Avoid-error-diagnostics-with-override-session-ke.patch + + This patch is a fix from + https://dev.gnupg.org/rMae4d7761a15b82eb98b0bcc72af2ae2e8973e1f9 which fixes + https://dev.gnupg.org/T3464 + The patch is required to make notmuch's testsuite pass with gpgme 1.13.0 and + 1.13.1. For further details, see id:87366av72u.fsf@fifthhorseman.net on + notmuch@notmuchmail.org + ------------------------------------------------------------------- Thu May 14 16:24:40 UTC 2020 - Matej Cepl diff --git a/gpgme.spec b/gpgme.spec index b6c20d7..dfdcbf3 100644 --- a/gpgme.spec +++ b/gpgme.spec @@ -43,6 +43,10 @@ Source3: gpgme.keyring Source99: gpgme.changes Patch1: gpgme-t-json-test-Bravo-key-no-secret-key-material.patch Patch2: gpgme-t-json-test-with-keygrip-when-listing-keys.patch +# fix from https://dev.gnupg.org/rMae4d7761a15b82eb98b0bcc72af2ae2e8973e1f9 +# required to make notmuch's testsuite pass, see +# id:87366av72u.fsf@fifthhorseman.net on notmuch@notmuchmail.org +Patch3: 0001-gpg-Avoid-error-diagnostics-with-override-session-ke.patch BuildRequires: gcc-c++ BuildRequires: gpg2 >= 2.0.10 BuildRequires: libassuan-devel >= 2.4.2 @@ -184,9 +188,7 @@ management. This package contains the bindings to use the library in Qt C++ applications. %prep -%setup -q -n gpgme-%{version} -%patch1 -p1 -%patch2 -p1 +%autosetup -n gpgme-%{version} -p1 %ifarch %{ix86} sed -i -e '/t-callbacks.py/d' lang/python/tests/Makefile.{am,in}