From ac611f9a275e3b1656deea8e1c539f66a8dea9b8b0986e0ce7b11598d1184f7b Mon Sep 17 00:00:00 2001 From: Pedro Monreal Gonzalez Date: Mon, 20 Jul 2020 08:51:43 +0000 Subject: [PATCH] Accepting request 821568 from home:AndreasStieger:branches:Base:System gpgme 1.14.0 OBS-URL: https://build.opensuse.org/request/show/821568 OBS-URL: https://build.opensuse.org/package/show/Base:System/gpgme?expand=0&rev=122 --- ...diagnostics-with-override-session-ke.patch | 49 ------------------ gpgme-1.13.1.tar.bz2 | 3 -- gpgme-1.13.1.tar.bz2.sig | Bin 310 -> 0 bytes gpgme-1.14.0.tar.bz2 | 3 ++ gpgme-1.14.0.tar.bz2.sig | Bin 0 -> 310 bytes ...est-Bravo-key-no-secret-key-material.patch | 38 -------------- ...-test-with-keygrip-when-listing-keys.patch | 39 -------------- gpgme.changes | 22 ++++++++ gpgme.spec | 21 +++----- 9 files changed, 32 insertions(+), 143 deletions(-) delete mode 100644 0001-gpg-Avoid-error-diagnostics-with-override-session-ke.patch delete mode 100644 gpgme-1.13.1.tar.bz2 delete mode 100644 gpgme-1.13.1.tar.bz2.sig create mode 100644 gpgme-1.14.0.tar.bz2 create mode 100644 gpgme-1.14.0.tar.bz2.sig delete mode 100644 gpgme-t-json-test-Bravo-key-no-secret-key-material.patch delete mode 100644 gpgme-t-json-test-with-keygrip-when-listing-keys.patch diff --git a/0001-gpg-Avoid-error-diagnostics-with-override-session-ke.patch b/0001-gpg-Avoid-error-diagnostics-with-override-session-ke.patch deleted file mode 100644 index 3f225cb..0000000 --- a/0001-gpg-Avoid-error-diagnostics-with-override-session-ke.patch +++ /dev/null @@ -1,49 +0,0 @@ -From ae4d7761a15b82eb98b0bcc72af2ae2e8973e1f9 Mon Sep 17 00:00:00 2001 -From: Daniel Kahn Gillmor -Date: Wed, 29 May 2019 17:56:01 -0400 -Subject: [GPGME PATCH] gpg: Avoid error diagnostics with - --override-session-key when verifying - -* src/engine-gpg.c (gpg_decrypt): only send --no-keyring when we are -not verifying. - --- - -Without this change, the signature verification would fail. This -problem was introduced in bded8ebc59c7fdad2617f4c9232a58047656834c in -an attempt to avoid an error when *not* verifying. Clearly more test -suite coverage is needed to avoid introducing this sort of problem in -the future. - -GnuPG-bug-id: 3464 -Signed-off-by: Daniel Kahn Gillmor ---- - src/engine-gpg.c | 9 ++++++--- - 1 file changed, 6 insertions(+), 3 deletions(-) - -diff --git a/src/engine-gpg.c b/src/engine-gpg.c -index 5c335cb2..223404ed 100644 ---- a/src/engine-gpg.c -+++ b/src/engine-gpg.c -@@ -1717,12 +1717,15 @@ gpg_decrypt (void *engine, - strlen (override_session_key), 1); - if (!err) - { -- /* We add --no-keyring because a keyring is not required -- * when we are overriding the session key. It would -+ /* When we are not trying to verify signatures as well, -+ * we add --no-keyring because a keyring is not required -+ * for decryption when overriding the session key. It would - * work without that option but --no-keyring avoids that - * gpg return a failure due to a missing key log_error() - * diagnostic. --no-keyring is supported since 2.1.14. */ -- err = add_arg (gpg, "--no-keyring"); -+ -+ if (!(flags & GPGME_DECRYPT_VERIFY)) -+ err = add_arg (gpg, "--no-keyring"); - if (!err) - err = add_arg (gpg, "--override-session-key-fd"); - if (!err) --- -2.27.0 - diff --git a/gpgme-1.13.1.tar.bz2 b/gpgme-1.13.1.tar.bz2 deleted file mode 100644 index 98872f6..0000000 --- a/gpgme-1.13.1.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:c4e30b227682374c23cddc7fdb9324a99694d907e79242a25a4deeedb393be46 -size 1759616 diff --git a/gpgme-1.13.1.tar.bz2.sig b/gpgme-1.13.1.tar.bz2.sig deleted file mode 100644 index 4fc6e1b7cc40aed08db43bd3934b17dc3ad3ef85e3e32e4d05f9752c6266c56b..0000000000000000000000000000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 310 zcmV-60m=S}0W$;u0SEvc79j-KX(1!T23_i24?49Zn>o@?CF8aQ0$l=79{>so5G0#9 z(oZGhw(rIW0G(oDZKL1&x!QAL5#=C4iW|9S#`9X0W%O@yAPhBYYYe}j{b;a+$#_kX zi9FTH2>};Uh5&k{Z{duGuD^ZIX3qJtXW3KTdRc18q>fSfRMnMP!Za8O9~=voz+afW zu}~9a%=9w9{7)luTxlVUzUlm!H#tmV^j637&{z@!=K1=xZDdhzeHZm> zzSQY|h$6LoZK_gYw>XWtwSdL@ZHld%Bsmv-7sbc6om5wvs`Di!HKs=RJ*+~_k{JoF z1KzpN7_&D3X^B{=PVs>2MY09Uo@?CF8aQ0$&hvPXG!D5G0#9 z(oZGhw!Yd2{vsIRsifYh;}Jk}_WSX{Yx&n#WTlM*x(-ig*b$yKgMh*;BIdPN_Mn;WpNc}rkfNfrL>{5WxVqmMyl z5~CUUL^%P)HE#;%Y!4Bc!TFbAU$SnSKsHVnkeCB(?A=X*wsP0)tf-j0O^w+YNDl3zK^}z1=QDoxJV&0j=~s0h02A5BdA)0-FhRqVN6rB!a~_z(1cN^ z1^k)aB6}KTWlE39-POO8MQ?4qs0f6C|hTA IlBs~HCAtleMgRZ+ literal 0 HcmV?d00001 diff --git a/gpgme-t-json-test-Bravo-key-no-secret-key-material.patch b/gpgme-t-json-test-Bravo-key-no-secret-key-material.patch deleted file mode 100644 index ff5bb9f..0000000 --- a/gpgme-t-json-test-Bravo-key-no-secret-key-material.patch +++ /dev/null @@ -1,38 +0,0 @@ -From: Daniel Kahn Gillmor -Date: Thu, 23 Jan 2020 16:43:13 -0500 -Subject: tests/json: Bravo key does not have secret key material - -* tests/json/t-keylist-secret.out.json: indicate correctly that the -"Bravo" test key does not have secret key material. - --- - -Some older versions of GnuPG are buggy, and will claim "secret: true" -for this key, even though the keyring in question has no secret key -material for it. - -The underlying call to gpg looks something like: - - gpg --with-colons --with-secret --list-keys -- \ - alpha@example.net bravo@example.net - -You can see the change in field 15 of the "pub" and "sub" output. - -Signed-off-by: Daniel Kahn Gillmor ---- - tests/json/t-keylist-secret.out.json | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/tests/json/t-keylist-secret.out.json b/tests/json/t-keylist-secret.out.json -index 5da20db..109eae3 100644 ---- a/tests/json/t-keylist-secret.out.json -+++ b/tests/json/t-keylist-secret.out.json -@@ -91,7 +91,7 @@ - "can_sign": true, - "can_certify": true, - "can_authenticate": true, -- "secret": true, -+ "secret": false, - "is_qualified": false, - "protocol": "OpenPGP", - "fingerprint": "D695676BDCEDCC2CDD6152BCFE180B1DA9E3B0B2", diff --git a/gpgme-t-json-test-with-keygrip-when-listing-keys.patch b/gpgme-t-json-test-with-keygrip-when-listing-keys.patch deleted file mode 100644 index f919d44..0000000 --- a/gpgme-t-json-test-with-keygrip-when-listing-keys.patch +++ /dev/null @@ -1,39 +0,0 @@ -From: Daniel Kahn Gillmor -Date: Thu, 23 Jan 2020 17:04:43 -0500 -Subject: gpg: Send --with-keygrip when listing keys - -* src/engine-gpg.c (gpg_keylist_build_options): Always pass ---with-keygrip when listing keys. - --- - -Some older versions of GnuPG (at least gpg in version -2.2.12-1+deb10u1) appear to unilaterally emit the keygrip, and it's -certainly useful to know that programmatically it will always be -present in the output needed. - -However, as of GnuPG 2.2.19-1, the following command does not emit the -keygrip for non-secret keys: - - gpg --with-colons --with-secret --list-keys - -This change fixes tests/json/t-json by making the output comply with -tests/json/t-keylist-secret.out.json correctly. - -Signed-off-by: Daniel Kahn Gillmor ---- - src/engine-gpg.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/src/engine-gpg.c b/src/engine-gpg.c -index 4f4a06a..fc52a5d 100644 ---- a/src/engine-gpg.c -+++ b/src/engine-gpg.c -@@ -2922,6 +2922,7 @@ gpg_keylist_build_options (engine_gpg_t gpg, int secret_only, - gpg_error_t err; - - err = add_arg (gpg, "--with-colons"); -+ err = add_arg (gpg, "--with-keygrip"); - - /* Since gpg 2.1.15 fingerprints are always printed, thus there is - * no more need to explicitly request them. */ diff --git a/gpgme.changes b/gpgme.changes index 51ede97..2e9d59a 100644 --- a/gpgme.changes +++ b/gpgme.changes @@ -1,3 +1,25 @@ +------------------------------------------------------------------- +Fri Jul 17 20:26:35 UTC 2020 - Andreas Stieger + +- gpgme 1.14.0: + * New keylist mode to force the engine to return the keygrip + * New export mode to export as OpenSSH public key + * New context flag "extended-edit" to enable expert key edit + * Deprecate the anyway non working trustlist functions + * cpp: Add convenience API to obtain remarks + * cpp: The sign key edit-interactor now supports multiple + signatures from the same key + * qt: Extended signkeyjob to handle remarks and multiple + signatures + * qt: Added job API for gpg-card + * qt: The logging category has been changed to gpg.qgpgme to be + more consistent with other qt logging categories +- drop upstream patches: + * 0001-gpg-Avoid-error-diagnostics-with-override-session-ke.patch +- drop patches no longer needed that now break tests: + * gpgme-t-json-test-Bravo-key-no-secret-key-material.patch + * gpgme-t-json-test-with-keygrip-when-listing-keys.patch + ------------------------------------------------------------------- Thu Jul 2 08:23:12 UTC 2020 - Dan Čermák diff --git a/gpgme.spec b/gpgme.spec index dfdcbf3..0d87d8b 100644 --- a/gpgme.spec +++ b/gpgme.spec @@ -18,35 +18,29 @@ %global flavor @BUILD_FLAVOR@%{nil} %if "%{flavor}" == "" +%define psuffix %{nil} %bcond_without python2 %bcond_without python3 %bcond_with qt -%define psuffix %{nil} %else +%define psuffix qt %bcond_with python2 %bcond_with python3 %bcond_without qt -%define psuffix qt %endif Name: gpgme%{psuffix} -Version: 1.13.1 +Version: 1.14.0 Release: 0 Summary: Programmatic library interface to GnuPG License: LGPL-2.1-or-later AND GPL-3.0-or-later Group: Productivity/Security -URL: http://www.gnupg.org/related_software/gpgme/ +URL: https://www.gnupg.org/related_software/gpgme/ Source: ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-%{version}.tar.bz2 Source1: ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-%{version}.tar.bz2.sig Source2: baselibs.conf Source3: gpgme.keyring # used to have a fixed timestamp Source99: gpgme.changes -Patch1: gpgme-t-json-test-Bravo-key-no-secret-key-material.patch -Patch2: gpgme-t-json-test-with-keygrip-when-listing-keys.patch -# fix from https://dev.gnupg.org/rMae4d7761a15b82eb98b0bcc72af2ae2e8973e1f9 -# required to make notmuch's testsuite pass, see -# id:87366av72u.fsf@fifthhorseman.net on notmuch@notmuchmail.org -Patch3: 0001-gpg-Avoid-error-diagnostics-with-override-session-ke.patch BuildRequires: gcc-c++ BuildRequires: gpg2 >= 2.0.10 BuildRequires: libassuan-devel >= 2.4.2 @@ -188,7 +182,7 @@ management. This package contains the bindings to use the library in Qt C++ applications. %prep -%autosetup -n gpgme-%{version} -p1 +%setup -q -n gpgme-%{version} %ifarch %{ix86} sed -i -e '/t-callbacks.py/d' lang/python/tests/Makefile.{am,in} @@ -212,7 +206,7 @@ languages="cpp qt" --disable-fd-passing \ --enable-languages="${languages}" \ --enable-build-timestamp="${build_timestamp}" -make %{?_smp_mflags} +%make_build %install %make_install @@ -231,7 +225,7 @@ rm -r %{buildroot}%{_libdir}/pkgconfig/gpgme* %check %if ! 0%{?qemu_user_space_build} -make %{?_smp_mflags} check +%make_build check %endif %if %{with qt} @@ -244,7 +238,6 @@ make %{?_smp_mflags} check %postun -n libgpgme11 -p /sbin/ldconfig %post -n libgpgmepp6 -p /sbin/ldconfig %postun -n libgpgmepp6 -p /sbin/ldconfig - %post %install_info --info-dir=%{_infodir} %{_infodir}/gpgme.info%{ext_info}