Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2016-08-06 20:36:23 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gpg2" Changes: -------- --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes 2016-07-09 09:17:32.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2016-08-06 20:36:25.000000000 +0200 @@ -1,0 +2,15 @@ +Thu Aug 4 12:17:14 UTC 2016 - [email protected] + +- Fix date call as the curlified parameter for sure are not parsed + correctly by escaping it with % + +------------------------------------------------------------------- +Wed Aug 3 11:56:58 UTC 2016 - [email protected] + +- Fix upstream bug 1985: --try-all-secrets doesn't work when + decrypting messages encrypted with --hidden-recipient, fixes unit + tests of the duplicity package. + Adding gnupg-make_--try-all-secrets_work.patch +- record the fact that gpg-error 1.21 is required + +------------------------------------------------------------------- New: ---- gnupg-make_--try-all-secrets_work.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gpg2.spec ++++++ --- /var/tmp/diff_new_pack.jke44S/_old 2016-08-06 20:36:26.000000000 +0200 +++ /var/tmp/diff_new_pack.jke44S/_new 2016-08-06 20:36:26.000000000 +0200 @@ -34,6 +34,7 @@ Patch8: gnupg-set_umask_before_open_outfile.patch Patch9: gnupg-detect_FIPS_mode.patch Patch11: gnupg-add_legacy_FIPS_mode_option.patch +Patch12: gnupg-make_--try-all-secrets_work.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: libadns-devel @@ -41,7 +42,7 @@ # patch11 (gnupg-add_legacy_FIPS_mode_option.patch) mentions GCRYCTL_INACTIVATE_FIPS_FLAG # raising gcrypt requirement from 1.4.0 BuildRequires: libgcrypt-devel >= 1.6.1 -BuildRequires: libgpg-error-devel >= 1.16 +BuildRequires: libgpg-error-devel >= 1.21 BuildRequires: libksba-devel >= 1.2.0 BuildRequires: makeinfo BuildRequires: npth-devel >= 0.91 @@ -84,9 +85,10 @@ %patch8 -p1 %patch9 -p1 %patch11 -p1 +%patch12 -p1 %build -date=$(date -u +%{Y}-%{m}-%{dT}%{H}:%{M}+0000 -r %{SOURCE99}) +date=$(date -u +%%Y-%%m-%%dT%%H:%%M+0000 -r %{SOURCE99}) %configure \ --libexecdir=%{_libdir} \ --docdir=%{_docdir}/%{name} \ ++++++ gnupg-make_--try-all-secrets_work.patch ++++++ >From 82b90eee100cf1c9680517059b2d35e295dd992a Mon Sep 17 00:00:00 2001 From: Daiki Ueno <[email protected]> Date: Tue, 18 Aug 2015 16:57:44 +0900 Subject: [PATCH] gpg: Make --try-all-secrets work for hidden recipients Upstream: committed * g10/getkey.c (enum_secret_keys): Really enumerate all secret keys if --try-all-secrets is specified. -- GnuPG-bug-id: 1985 Signed-off-by: Daiki Ueno <[email protected]> - Add new arg CTRL to getkey_byname call. Signed-off-by: Werner Koch <[email protected]> --- g10/getkey.c | 60 ++++++++++++++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 50 insertions(+), 10 deletions(-) On openSUSE, this fixes the unit tests of the duplicity package. diff --git a/g10/getkey.c b/g10/getkey.c index 90fd175..3fe8274 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -3555,6 +3555,7 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk) { gpg_error_t err = 0; const char *name; + kbnode_t keyblock; struct { int eof; @@ -3562,6 +3563,7 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk) strlist_t sl; kbnode_t keyblock; kbnode_t node; + getkey_ctx_t ctx; } *c = *context; if (!c) @@ -3577,6 +3579,7 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk) { /* Free the context. */ release_kbnode (c->keyblock); + getkey_end (c->ctx); xfree (c); *context = NULL; return 0; @@ -3594,6 +3597,7 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk) do { name = NULL; + keyblock = NULL; switch (c->state) { case 0: /* First try to use the --default-key. */ @@ -3616,24 +3620,60 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk) c->state++; break; + case 3: /* Init search context to try all keys. */ + if (opt.try_all_secrets) + { + err = getkey_bynames (&c->ctx, NULL, NULL, 1, &keyblock); + if (err) + { + release_kbnode (keyblock); + keyblock = NULL; + getkey_end (c->ctx); + c->ctx = NULL; + } + } + c->state++; + break; + + case 4: /* Get next item from the context. */ + if (c->ctx) + { + err = getkey_next (c->ctx, NULL, &keyblock); + if (err) + { + release_kbnode (keyblock); + keyblock = NULL; + getkey_end (c->ctx); + c->ctx = NULL; + } + } + else + c->state++; + break; + default: /* No more names to check - stop. */ c->eof = 1; return gpg_error (GPG_ERR_EOF); } } - while (!name || !*name); + while ((!name || !*name) && !keyblock); - err = getkey_byname (ctrl, NULL, NULL, name, 1, &c->keyblock); - if (err) + if (keyblock) + c->node = c->keyblock = keyblock; + else { - /* getkey_byname might return a keyblock even in the - error case - I have not checked. Thus better release - it. */ - release_kbnode (c->keyblock); - c->keyblock = NULL; + err = getkey_byname (ctrl, NULL, NULL, name, 1, &c->keyblock); + if (err) + { + /* getkey_byname might return a keyblock even in the + error case - I have not checked. Thus better release + it. */ + release_kbnode (c->keyblock); + c->keyblock = NULL; + } + else + c->node = c->keyblock; } - else - c->node = c->keyblock; } /* Get the next key from the current keyblock. */
