[gnupg2/f13/master] - fix wrong iteration count encoded into the private keys patch from upstream (#637414)
Tomáš Mráz
tmraz at fedoraproject.org
Wed Sep 29 14:43:23 UTC 2010
commit 7303bba47b7fe4653cc526555c7258ae9371b34c
Author: Tomas Mraz <tmraz at fedoraproject.org>
Date: Wed Sep 29 16:43:25 2010 +0200
- fix wrong iteration count encoded into the private keys
patch from upstream (#637414)
gnupg-2.0.14-encode-s2k.patch | 65 +++++++++++++++++++++++++++++++++++++++++
gnupg2.spec | 9 +++++-
2 files changed, 73 insertions(+), 1 deletions(-)
---
diff --git a/gnupg-2.0.14-encode-s2k.patch b/gnupg-2.0.14-encode-s2k.patch
new file mode 100644
index 0000000..26c798e
--- /dev/null
+++ b/gnupg-2.0.14-encode-s2k.patch
@@ -0,0 +1,65 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+NotDashEscaped: You need GnuPG to verify this message
+
+#! /bin/sh
+patch -p0 -f $* < $0
+exit $?
+
+agent/
+2010-01-26 Werner Koch <wk at g10code.com>
+
+ * protect.c (do_encryption): Encode the s2kcount and do not use a
+ static value of 96.
+
+--- agent/protect.c (revision 5231)
++++ agent/protect.c (working copy)
+@@ -360,19 +360,25 @@
+
+ in canoncical format of course. We use asprintf and %n modifier
+ and dummy values as placeholders. */
+- p = xtryasprintf
+- ("(9:protected%d:%s((4:sha18:%n_8bytes_2:96)%d:%n%*s)%d:%n%*s)",
+- (int)strlen (modestr), modestr,
+- &saltpos,
+- blklen, &ivpos, blklen, "",
+- enclen, &encpos, enclen, "");
+- if (!p)
+- {
+- gpg_error_t tmperr = out_of_core ();
+- xfree (iv);
+- xfree (outbuf);
+- return tmperr;
+- }
++ {
++ char countbuf[35];
++
++ snprintf (countbuf, sizeof countbuf, "%lu", get_standard_s2k_count ());
++ p = xtryasprintf
++ ("(9:protected%d:%s((4:sha18:%n_8bytes_%u:%s)%d:%n%*s)%d:%n%*s)",
++ (int)strlen (modestr), modestr,
++ &saltpos,
++ (unsigned int)strlen (countbuf), countbuf,
++ blklen, &ivpos, blklen, "",
++ enclen, &encpos, enclen, "");
++ if (!p)
++ {
++ gpg_error_t tmperr = out_of_core ();
++ xfree (iv);
++ xfree (outbuf);
++ return tmperr;
++ }
++ }
+ *resultlen = strlen (p);
+ *result = (unsigned char*)p;
+ memcpy (p+saltpos, iv+2*blklen, 8);
+
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.1.0-svn5201 (GNU/Linux)
+
+iJwEAQECAAYFAktmpLoACgkQU7Yg0BzgxjCj5wQAyZjQbZM77wdcXIgPgeLsG99W
+esWR89/5VM34dY5tOG+McCAiA4/0hl6CYUkkK/394wcfUXbvbZYARPjJg5wMoZsG
+VufEL+Uz+eLgkejYPVakOWzK00i7MHqDSjttOqHg0d8wSiy3LKk6CN6N19uPqxbI
+/1Io5f3gcroLGfEZlN0=
+=oP/V
+-----END PGP SIGNATURE-----
diff --git a/gnupg2.spec b/gnupg2.spec
index 0ecfa2c..6eac152 100644
--- a/gnupg2.spec
+++ b/gnupg2.spec
@@ -2,7 +2,7 @@
Summary: Utility for secure communication and data storage
Name: gnupg2
Version: 2.0.14
-Release: 6%{?dist}
+Release: 7%{?dist}
License: GPLv3+
Group: Applications/System
@@ -20,6 +20,8 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
# Security Alert for GnuPG 2.0 - Realloc bug in GPGSM
# http://lists.gnupg.org/pipermail/gnupg-announce/2010q3/000302.html
Patch100: gnupg-2.0.16-gpgsm_realloc.patch
+# Wrong count encoded into private keys
+Patch101: gnupg-2.0.14-encode-s2k.patch
#BuildRequires: automake libtool texinfo transfig
BuildRequires: bzip2-devel
@@ -71,6 +73,7 @@ to the base GnuPG package
%patch2 -p1 -b .s2k
%patch3 -p1 -b .secmem
%patch100 -p1 -b .gpgsm_realloc
+%patch101 -p0 -b .encode-s2k
# pcsc-lite library major: 0 in 1.2.0, 1 in 1.2.9+ (dlopen()'d in pcsc-wrapper)
# Note: this is just the name of the default shared lib to load in scdaemon,
@@ -171,6 +174,10 @@ rm -rf %{buildroot}
%changelog
+* Wed Sep 29 2010 Tomas Mraz <tmraz at redhat.com> - 2.0.14-7
+- fix wrong iteration count encoded into the private keys
+ patch from upstream (#637414)
+
* Tue Aug 17 2010 Tomas Mraz <tmraz at redhat.com> - 2.0.14-6
- drop the provides/obsoletes for gnupg
- drop the man page file conflicting with gnupg-1.x
More information about the scm-commits
mailing list