tmraz pushed to gnupg2 (master). "new upstream release fixing minor bugs"
notifications at fedoraproject.org
notifications at fedoraproject.org
Thu Apr 16 16:06:31 UTC 2015
>From 497a1a5e9942d761fd347f7325fe735becc9aad0 Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tmraz at fedoraproject.org>
Date: Thu, 16 Apr 2015 18:06:21 +0200
Subject: new upstream release fixing minor bugs
diff --git a/.gitignore b/.gitignore
index c8d2e79..8305707 100644
--- a/.gitignore
+++ b/.gitignore
@@ -20,3 +20,5 @@ gnupg-2.0.16.tar.bz2.sig
/gnupg-2.1.1.tar.bz2.sig
/gnupg-2.1.2.tar.bz2
/gnupg-2.1.2.tar.bz2.sig
+/gnupg-2.1.3.tar.bz2
+/gnupg-2.1.3.tar.bz2.sig
diff --git a/gnupg-2.1.2-file-is-digest.patch b/gnupg-2.1.2-file-is-digest.patch
deleted file mode 100644
index aa9202e..0000000
--- a/gnupg-2.1.2-file-is-digest.patch
+++ /dev/null
@@ -1,183 +0,0 @@
-diff -up gnupg-2.1.2/g10/gpg.c.file-is-digest gnupg-2.1.2/g10/gpg.c
---- gnupg-2.1.2/g10/gpg.c.file-is-digest 2015-02-17 17:54:53.838469211 +0100
-+++ gnupg-2.1.2/g10/gpg.c 2015-02-18 18:24:46.374201953 +0100
-@@ -349,6 +349,7 @@ enum cmd_and_opt_values
- oTTYtype,
- oLCctype,
- oLCmessages,
-+ oFileIsDigest,
- oXauthority,
- oGroup,
- oUnGroup,
-@@ -730,6 +731,7 @@ static ARGPARSE_OPTS opts[] = {
- ARGPARSE_s_s (oPersonalCompressPreferences,
- "personal-compress-preferences", "@"),
- ARGPARSE_s_s (oFakedSystemTime, "faked-system-time", "@"),
-+ ARGPARSE_s_n (oFileIsDigest, "file-is-digest", "@"),
-
- /* Aliases. I constantly mistype these, and assume other people do
- as well. */
-@@ -2128,6 +2130,7 @@ main (int argc, char **argv)
- set_homedir (default_homedir ());
- opt.passphrase_repeat = 1;
- opt.emit_version = 1; /* Limit to the major number. */
-+ opt.file_is_digest=0;
-
- /* Check whether we have a config file on the command line. */
- orig_argc = argc;
-@@ -2632,6 +2635,7 @@ main (int argc, char **argv)
- opt.verify_options&=~VERIFY_SHOW_PHOTOS;
- break;
- case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break;
-+ case oFileIsDigest: opt.file_is_digest = 1; break;
-
- case oForceMDC: opt.force_mdc = 1; break;
- case oNoForceMDC: opt.force_mdc = 0; break;
-diff -up gnupg-2.1.2/g10/options.h.file-is-digest gnupg-2.1.2/g10/options.h
---- gnupg-2.1.2/g10/options.h.file-is-digest 2015-01-28 09:24:33.000000000 +0100
-+++ gnupg-2.1.2/g10/options.h 2015-02-17 17:54:53.840469255 +0100
-@@ -192,6 +192,7 @@ struct
- int no_auto_check_trustdb;
- int preserve_permissions;
- int no_homedir_creation;
-+ int file_is_digest;
- struct groupitem *grouplist;
- int mangle_dos_filenames;
- int enable_progress_filter;
-diff -up gnupg-2.1.2/g10/sign.c.file-is-digest gnupg-2.1.2/g10/sign.c
---- gnupg-2.1.2/g10/sign.c.file-is-digest 2015-01-28 09:24:33.000000000 +0100
-+++ gnupg-2.1.2/g10/sign.c 2015-02-18 18:24:44.989169317 +0100
-@@ -41,6 +41,7 @@
- #include "pkglue.h"
- #include "sysutils.h"
- #include "call-agent.h"
-+#include "host2net.h"
-
-
- #ifdef HAVE_DOSISH_SYSTEM
-@@ -706,8 +707,12 @@ write_signature_packets (SK_LIST sk_list
- mk_notation_policy_etc (sig, NULL, pk);
- }
-
-- hash_sigversion_to_magic (md, sig);
-- gcry_md_final (md);
-+ if (!opt.file_is_digest) {
-+ hash_sigversion_to_magic (md, sig);
-+ gcry_md_final (md);
-+ } else if (sig->version >= 4) {
-+ log_bug("file-is-digest doesn't work with v4 sigs\n");
-+ }
-
- rc = do_sign (pk, sig, md, hash_for (pk), cache_nonce);
- gcry_md_close (md);
-@@ -765,6 +770,8 @@ sign_file (ctrl_t ctrl, strlist_t filena
- SK_LIST sk_rover = NULL;
- int multifile = 0;
- u32 duration=0;
-+ int sigclass = 0x00;
-+ u32 timestamp = 0;
-
- pfx = new_progress_context ();
- afx = new_armor_context ();
-@@ -781,7 +788,16 @@ sign_file (ctrl_t ctrl, strlist_t filena
- fname = NULL;
-
- if( fname && filenames->next && (!detached || encryptflag) )
-- log_bug("multiple files can only be detached signed");
-+ log_bug("multiple files can only be detached signed\n");
-+
-+ if (opt.file_is_digest && (multifile || !fname))
-+ log_bug("file-is-digest only works with one file\n");
-+ if (opt.file_is_digest && !detached)
-+ log_bug("file-is-digest can only write detached signatures\n");
-+ if (opt.file_is_digest && !opt.def_digest_algo)
-+ log_bug("file-is-digest needs --digest-algo\n");
-+ if (opt.file_is_digest && opt.textmode)
-+ log_bug("file-is-digest doesn't work with --textmode\n");
-
- if(encryptflag==2
- && (rc=setup_symkey(&efx.symkey_s2k,&efx.symkey_dek)))
-@@ -802,7 +818,7 @@ sign_file (ctrl_t ctrl, strlist_t filena
- goto leave;
-
- /* prepare iobufs */
-- if( multifile ) /* have list of filenames */
-+ if( multifile || opt.file_is_digest) /* have list of filenames */
- inp = NULL; /* we do it later */
- else {
- inp = iobuf_open(fname);
-@@ -940,7 +956,7 @@ sign_file (ctrl_t ctrl, strlist_t filena
- for (sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next)
- gcry_md_enable (mfx.md, hash_for (sk_rover->pk));
-
-- if( !multifile )
-+ if( !multifile && !opt.file_is_digest )
- iobuf_push_filter( inp, md_filter, &mfx );
-
- if( detached && !encryptflag)
-@@ -995,6 +1011,8 @@ sign_file (ctrl_t ctrl, strlist_t filena
-
- write_status_begin_signing (mfx.md);
-
-+ sigclass = opt.textmode && !outfile? 0x01 : 0x00;
-+
- /* Setup the inner packet. */
- if( detached ) {
- if( multifile ) {
-@@ -1035,6 +1053,45 @@ sign_file (ctrl_t ctrl, strlist_t filena
- if( opt.verbose )
- putc( '\n', stderr );
- }
-+ else if (opt.file_is_digest) {
-+ byte *mdb, ts[5];
-+ size_t mdlen;
-+ const char *fp;
-+ int c, d;
-+
-+ gcry_md_final(mfx.md);
-+ /* this assumes gcry_md_read returns the same buffer */
-+ mdb = gcry_md_read(mfx.md, opt.def_digest_algo);
-+ mdlen = gcry_md_get_algo_dlen(opt.def_digest_algo);
-+ if (strlen(fname) != mdlen * 2 + 11)
-+ log_bug("digests must be %zu + @ + 5 bytes\n", mdlen);
-+ d = -1;
-+ for (fp = fname ; *fp; ) {
-+ c = *fp++;
-+ if (c >= '0' && c <= '9')
-+ c -= '0';
-+ else if (c >= 'a' && c <= 'f')
-+ c -= 'a' - 10;
-+ else if (c >= 'A' && c <= 'F')
-+ c -= 'A' - 10;
-+ else
-+ log_bug("filename is not hex\n");
-+ if (d >= 0) {
-+ *mdb++ = d << 4 | c;
-+ c = -1;
-+ if (--mdlen == 0) {
-+ mdb = ts;
-+ if (*fp++ != '@')
-+ log_bug("missing time separator\n");
-+ }
-+ }
-+ d = c;
-+ }
-+ sigclass = ts[0];
-+ if (sigclass != 0x00 && sigclass != 0x01)
-+ log_bug("bad cipher class\n");
-+ timestamp = buf32_to_u32(ts + 1);
-+ }
- else {
- /* read, so that the filter can calculate the digest */
- while( iobuf_get(inp) != -1 )
-@@ -1052,8 +1109,8 @@ sign_file (ctrl_t ctrl, strlist_t filena
-
- /* write the signatures */
- rc = write_signature_packets (sk_list, out, mfx.md,
-- opt.textmode && !outfile? 0x01 : 0x00,
-- 0, duration, detached ? 'D':'S', NULL);
-+ sigclass,
-+ timestamp, duration, detached ? 'D':'S', NULL);
- if( rc )
- goto leave;
-
diff --git a/gnupg-2.1.3-file-is-digest.patch b/gnupg-2.1.3-file-is-digest.patch
new file mode 100644
index 0000000..fb4e34f
--- /dev/null
+++ b/gnupg-2.1.3-file-is-digest.patch
@@ -0,0 +1,183 @@
+diff -up gnupg-2.1.3/g10/gpg.c.file-is-digest gnupg-2.1.3/g10/gpg.c
+--- gnupg-2.1.3/g10/gpg.c.file-is-digest 2015-04-16 17:54:20.327168135 +0200
++++ gnupg-2.1.3/g10/gpg.c 2015-04-16 17:54:20.330168205 +0200
+@@ -352,6 +352,7 @@ enum cmd_and_opt_values
+ oTTYtype,
+ oLCctype,
+ oLCmessages,
++ oFileIsDigest,
+ oXauthority,
+ oGroup,
+ oUnGroup,
+@@ -738,6 +739,7 @@ static ARGPARSE_OPTS opts[] = {
+ ARGPARSE_s_s (oPersonalCompressPreferences,
+ "personal-compress-preferences", "@"),
+ ARGPARSE_s_s (oFakedSystemTime, "faked-system-time", "@"),
++ ARGPARSE_s_n (oFileIsDigest, "file-is-digest", "@"),
+
+ /* Aliases. I constantly mistype these, and assume other people do
+ as well. */
+@@ -2149,6 +2151,7 @@ main (int argc, char **argv)
+ set_homedir (default_homedir ());
+ opt.passphrase_repeat = 1;
+ opt.emit_version = 1; /* Limit to the major number. */
++ opt.file_is_digest=0;
+
+ /* Check whether we have a config file on the command line. */
+ orig_argc = argc;
+@@ -2661,6 +2664,7 @@ main (int argc, char **argv)
+ opt.verify_options&=~VERIFY_SHOW_PHOTOS;
+ break;
+ case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break;
++ case oFileIsDigest: opt.file_is_digest = 1; break;
+
+ case oForceMDC: opt.force_mdc = 1; break;
+ case oNoForceMDC: opt.force_mdc = 0; break;
+diff -up gnupg-2.1.3/g10/options.h.file-is-digest gnupg-2.1.3/g10/options.h
+--- gnupg-2.1.3/g10/options.h.file-is-digest 2015-04-06 13:41:53.000000000 +0200
++++ gnupg-2.1.3/g10/options.h 2015-04-16 17:54:20.330168205 +0200
+@@ -194,6 +194,7 @@ struct
+ int no_auto_check_trustdb;
+ int preserve_permissions;
+ int no_homedir_creation;
++ int file_is_digest;
+ struct groupitem *grouplist;
+ int mangle_dos_filenames;
+ int enable_progress_filter;
+diff -up gnupg-2.1.3/g10/sign.c.file-is-digest gnupg-2.1.3/g10/sign.c
+--- gnupg-2.1.3/g10/sign.c.file-is-digest 2015-04-05 19:43:32.000000000 +0200
++++ gnupg-2.1.3/g10/sign.c 2015-04-16 17:56:08.764693096 +0200
+@@ -41,6 +41,7 @@
+ #include "pkglue.h"
+ #include "sysutils.h"
+ #include "call-agent.h"
++#include "host2net.h"
+
+
+ #ifdef HAVE_DOSISH_SYSTEM
+@@ -706,8 +707,12 @@ write_signature_packets (SK_LIST sk_list
+ mk_notation_policy_etc (sig, NULL, pk);
+ }
+
+- hash_sigversion_to_magic (md, sig);
+- gcry_md_final (md);
++ if (!opt.file_is_digest) {
++ hash_sigversion_to_magic (md, sig);
++ gcry_md_final (md);
++ } else if (sig->version >= 4) {
++ log_bug("file-is-digest doesn't work with v4 sigs\n");
++ }
+
+ rc = do_sign (pk, sig, md, hash_for (pk), cache_nonce);
+ gcry_md_close (md);
+@@ -765,6 +770,8 @@ sign_file (ctrl_t ctrl, strlist_t filena
+ SK_LIST sk_rover = NULL;
+ int multifile = 0;
+ u32 duration=0;
++ int sigclass = 0x00;
++ u32 timestamp = 0;
+
+ pfx = new_progress_context ();
+ afx = new_armor_context ();
+@@ -781,7 +788,16 @@ sign_file (ctrl_t ctrl, strlist_t filena
+ fname = NULL;
+
+ if( fname && filenames->next && (!detached || encryptflag) )
+- log_bug("multiple files can only be detached signed");
++ log_bug("multiple files can only be detached signed\n");
++
++ if (opt.file_is_digest && (multifile || !fname))
++ log_bug("file-is-digest only works with one file\n");
++ if (opt.file_is_digest && !detached)
++ log_bug("file-is-digest can only write detached signatures\n");
++ if (opt.file_is_digest && !opt.def_digest_algo)
++ log_bug("file-is-digest needs --digest-algo\n");
++ if (opt.file_is_digest && opt.textmode)
++ log_bug("file-is-digest doesn't work with --textmode\n");
+
+ if(encryptflag==2
+ && (rc=setup_symkey(&efx.symkey_s2k,&efx.symkey_dek)))
+@@ -802,7 +818,7 @@ sign_file (ctrl_t ctrl, strlist_t filena
+ goto leave;
+
+ /* prepare iobufs */
+- if( multifile ) /* have list of filenames */
++ if( multifile || opt.file_is_digest) /* have list of filenames */
+ inp = NULL; /* we do it later */
+ else {
+ inp = iobuf_open(fname);
+@@ -940,7 +956,7 @@ sign_file (ctrl_t ctrl, strlist_t filena
+ for (sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next)
+ gcry_md_enable (mfx.md, hash_for (sk_rover->pk));
+
+- if( !multifile )
++ if( !multifile && !opt.file_is_digest )
+ iobuf_push_filter( inp, md_filter, &mfx );
+
+ if( detached && !encryptflag)
+@@ -995,6 +1011,8 @@ sign_file (ctrl_t ctrl, strlist_t filena
+
+ write_status_begin_signing (mfx.md);
+
++ sigclass = opt.textmode && !outfile? 0x01 : 0x00;
++
+ /* Setup the inner packet. */
+ if( detached ) {
+ if( multifile ) {
+@@ -1035,6 +1053,45 @@ sign_file (ctrl_t ctrl, strlist_t filena
+ if( opt.verbose )
+ log_printf ("\n");
+ }
++ else if (opt.file_is_digest) {
++ byte *mdb, ts[5];
++ size_t mdlen;
++ const char *fp;
++ int c, d;
++
++ gcry_md_final(mfx.md);
++ /* this assumes gcry_md_read returns the same buffer */
++ mdb = gcry_md_read(mfx.md, opt.def_digest_algo);
++ mdlen = gcry_md_get_algo_dlen(opt.def_digest_algo);
++ if (strlen(fname) != mdlen * 2 + 11)
++ log_bug("digests must be %zu + @ + 5 bytes\n", mdlen);
++ d = -1;
++ for (fp = fname ; *fp; ) {
++ c = *fp++;
++ if (c >= '0' && c <= '9')
++ c -= '0';
++ else if (c >= 'a' && c <= 'f')
++ c -= 'a' - 10;
++ else if (c >= 'A' && c <= 'F')
++ c -= 'A' - 10;
++ else
++ log_bug("filename is not hex\n");
++ if (d >= 0) {
++ *mdb++ = d << 4 | c;
++ c = -1;
++ if (--mdlen == 0) {
++ mdb = ts;
++ if (*fp++ != '@')
++ log_bug("missing time separator\n");
++ }
++ }
++ d = c;
++ }
++ sigclass = ts[0];
++ if (sigclass != 0x00 && sigclass != 0x01)
++ log_bug("bad cipher class\n");
++ timestamp = buf32_to_u32(ts + 1);
++ }
+ else {
+ /* read, so that the filter can calculate the digest */
+ while( iobuf_get(inp) != -1 )
+@@ -1052,8 +1109,8 @@ sign_file (ctrl_t ctrl, strlist_t filena
+
+ /* write the signatures */
+ rc = write_signature_packets (sk_list, out, mfx.md,
+- opt.textmode && !outfile? 0x01 : 0x00,
+- 0, duration, detached ? 'D':'S', NULL);
++ sigclass,
++ timestamp, duration, detached ? 'D':'S', NULL);
+ if( rc )
+ goto leave;
+
diff --git a/gnupg2.spec b/gnupg2.spec
index 7a94de2..0611677 100644
--- a/gnupg2.spec
+++ b/gnupg2.spec
@@ -1,7 +1,7 @@
Summary: Utility for secure communication and data storage
Name: gnupg2
-Version: 2.1.2
-Release: 2%{?dist}
+Version: 2.1.3
+Release: 1%{?dist}
License: GPLv3+
Group: Applications/System
@@ -12,7 +12,7 @@ Source1: ftp://ftp.gnupg.org/gcrypt/%{?pre:alpha/}gnupg/gnupg-%{version}%{?pre}.
Patch1: gnupg-2.0.20-insttools.patch
Patch3: gnupg-2.0.20-secmem.patch
# non-upstreamable patch adding file-is-digest option needed for Copr
-Patch4: gnupg-2.1.2-file-is-digest.patch
+Patch4: gnupg-2.1.3-file-is-digest.patch
Patch5: gnupg-2.1.1-ocsp-keyusage.patch
Patch6: gnupg-2.1.1-fips-algo.patch
@@ -115,7 +115,7 @@ make install DESTDIR=%{buildroot} \
# drop file conflicting with gnupg-1.x
rm -f %{buildroot}%{_mandir}/man1/gpg-zip.1*
# and rename another
-rename gnupg gnupg2 %{buildroot}%{_mandir}/man7/gnupg.7*
+rename gnupg.7 gnupg2.7 %{buildroot}%{_mandir}/man7/gnupg.7*
%endif
%find_lang %{name}
@@ -206,6 +206,9 @@ fi
%changelog
+* Thu Apr 16 2015 Tomáš Mráz <tmraz at redhat.com> - 2.1.3-1
+- new upstream release fixing minor bugs
+
* Sat Feb 21 2015 Till Maas <opensource at till.name> - 2.1.2-2
- Rebuilt for Fedora 23 Change
https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code
diff --git a/sources b/sources
index 7de75c4..00edd3b 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-156fbd6566f4c51caac741c858d30d96 gnupg-2.1.2.tar.bz2
-d68ab26438134f2e83d3c49bc04652c4 gnupg-2.1.2.tar.bz2.sig
+e2c6b4d3194f5595bfc43050b580ce7e gnupg-2.1.3.tar.bz2
+7f62cc5aea7c6f12f0efc227d518a48f gnupg-2.1.3.tar.bz2.sig
--
cgit v0.10.2
http://pkgs.fedoraproject.org/cgit/gnupg2.git/commit/?h=master&id=497a1a5e9942d761fd347f7325fe735becc9aad0
More information about the scm-commits
mailing list