Package: gpgv-udeb
Version: 1.4.18-1
Severity: grave
Tags: patch
Justification: renders package unusable
Hi folks,
I'm really sorry for:
- having failed to reply to your request in time[1];
- having failed to deliver any testing, which led to lost user time[2]
and is going to cost another gnupg upload.
1. https://lists.debian.org/debian-boot/2014/01/msg00129.html
2. https://lists.debian.org/debian-boot/2014/07/msg00007.html
I've finally spent some time on this, and checked the following things:
a) A trivial removal of the --enable-minimal flag would need to go
together with disabling bzip2 support; resulting udebs would be
uninstallable due to a libbz2 dependency. d-i would then be bigger
but functional again.
b) Thankfully we don't need to consider the backup plan mentioned in a)
since all we need is enabling sha256 support. Currently, Release
files include MD5+SHA1+SHA256. You'll find a tested patch attached.
(This means a whole installation using a netboot-gtk image.)
I also noticed "make check" isn't run for the udeb build; I don't think
it would hurt to do so (the testsuite is smart enough to notice support
for some bits wasn't enabled, see output below my signature), that's why
I'm including an extra patch adding that.
Sorry again…
Mraw,
KiBi.
Testsuite output for the udeb check:
| make[2]: Entering directory '/home/kibi/hack/gnupg.git/build-udeb/checks'
| gpg (GnuPG) 1.4.18
| Copyright (C) 2014 Free Software Foundation, Inc.
| License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
| This is free software: you are free to change and redistribute it.
| There is NO WARRANTY, to the extent permitted by law.
|
| Home: .
| Supported algorithms:
| Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
| Cipher: 3DES
| Hash: MD5, SHA1, RIPEMD160, SHA256, SHA224
| Compression: Uncompressed, ZIP, ZLIB
| PASS: version.test
| Hash algorithm SHA-384 is not installed (not an error)
| Hash algorithm SHA-512 is not installed (not an error)
| PASS: mds.test
| PASS: decrypt.test
| PASS: decrypt-dsa.test
| MD5 SHA1 RIPEMD160 SHA256 SHA224 | PASS: sigs.test
| PASS: sigs-dsa.test
| 3DES | PASS: encrypt.test
| 3DES | PASS: encrypt-dsa.test
| PASS: seat.test
| PASS: clearsig.test
| PASS: encryptp.test
| PASS: detach.test
| PASS: armsigs.test
| PASS: armencrypt.test
| PASS: armencryptp.test
| PASS: signencrypt.test
| PASS: signencrypt-dsa.test
| PASS: armsignencrypt.test
| PASS: armdetach.test
| PASS: armdetachm.test
| PASS: detachm.test
| PASS: genkey1024.test
| 3DES | PASS: conventional.test
| 3DES | PASS: conventional-mdc.test
| PASS: multisig.test
| PASS: verify.test
| PASS: armor.test
| ===================
| All 27 tests passed
| ===================
| make[2]: Leaving directory '/home/kibi/hack/gnupg.git/build-udeb/checks'
>From 716ad8686c8dc274d62399042cd89a1549ce817e Mon Sep 17 00:00:00 2001
From: Cyril Brulebois <k...@debian.org>
Date: Sun, 6 Jul 2014 21:25:45 +0200
Subject: [PATCH 1/2] Fix gpgv-udeb by adding --enable-sha256, which is needed
to validate Release files.
---
debian/changelog | 7 +++++++
debian/rules | 2 +-
2 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/debian/changelog b/debian/changelog
index 4987723..db5868a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+gnupg (1.4.18-2) UNRELEASED; urgency=medium
+
+ * Fix gpgv-udeb by adding --enable-sha256, which is needed to validate
+ Release files.
+
+ -- Cyril Brulebois <k...@debian.org> Sun, 06 Jul 2014 21:10:24 +0200
+
gnupg (1.4.18-1) unstable; urgency=medium
* New upstream release.
diff --git a/debian/rules b/debian/rules
index 683b8b2..6878842 100755
--- a/debian/rules
+++ b/debian/rules
@@ -22,7 +22,7 @@ CONFARGS = --prefix=/usr --libexecdir=/usr/lib/ \
--enable-noexecstack
CONFARGS_FULL = --enable-mailto --with-mailprog=/usr/sbin/sendmail
-CONFARGS_MINIMAL = --enable-minimal --enable-rsa --disable-nls --disable-regex --disable-gnupg-iconv --disable-gettext --without-iconv --without-readline --without-zlib
+CONFARGS_MINIMAL = --enable-minimal --enable-rsa --disable-nls --disable-regex --disable-gnupg-iconv --disable-gettext --without-iconv --without-readline --without-zlib --enable-sha256
ifneq ($(DEB_BUILD_GNU_TYPE),$(DEB_HOST_GNU_TYPE))
HOSTARG += --host=$(DEB_HOST_GNU_TYPE)
--
2.0.1
>From 46e6fd9616a8bf39f3fd0e8f3d5e822122a5bcce Mon Sep 17 00:00:00 2001
From: Cyril Brulebois <k...@debian.org>
Date: Sun, 6 Jul 2014 21:46:32 +0200
Subject: [PATCH 2/2] Run the check target in the udeb build directory.
---
debian/changelog | 1 +
debian/rules | 3 +++
2 files changed, 4 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index db5868a..1e134e9 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,6 +2,7 @@ gnupg (1.4.18-2) UNRELEASED; urgency=medium
* Fix gpgv-udeb by adding --enable-sha256, which is needed to validate
Release files.
+ * Run the check target in the udeb build directory.
-- Cyril Brulebois <k...@debian.org> Sun, 06 Jul 2014 21:10:24 +0200
diff --git a/debian/rules b/debian/rules
index 6878842..1d30d25 100755
--- a/debian/rules
+++ b/debian/rules
@@ -81,6 +81,9 @@ endif
build-udeb-stamp: build-udeb/config.status
dh_testdir
$(MAKE) -C build-udeb/
+ifeq (,$(findstring nocheck,$(DEB_BUILD_OPTIONS)))
+ make -C build-udeb/checks check || exit 1
+endif
touch $@
build-win32-stamp: build-win32/config.status
--
2.0.1
