[CVS] OpenPKG: openpkg-src/gnupg/ gnupg.patch gnupg.spec openpkg-web/ ...

Thu, 27 Nov 2003 12:24:01 -0800 

  OpenPKG CVS Repository
  http://cvs.openpkg.org/
  ____________________________________________________________________________

  Server: cvs.openpkg.org                  Name:   Ralf S. Engelschall
  Root:   /e/openpkg/cvs                   Email:  [EMAIL PROTECTED]
  Module: openpkg-src openpkg-web          Date:   27-Nov-2003 20:20:36
  Branch: HEAD                             Handle: 2003112719203402

  Added files:
    openpkg-src/gnupg       gnupg.patch
  Modified files:
    openpkg-src/gnupg       gnupg.spec
    openpkg-web             news.txt

  Log:
    include feature disabling patch Werner Koch posted on BugTraq until
    next release is available

  Summary:
    Revision    Changes     Path
    1.2         +67 -0      openpkg-src/gnupg/gnupg.patch
    1.40        +3  -1      openpkg-src/gnupg/gnupg.spec
    1.7581      +1  -0      openpkg-web/news.txt
  ____________________________________________________________________________

  patch -p0 <<'@@ .'
  Index: openpkg-src/gnupg/gnupg.patch
  ============================================================================
  $ cvs diff -u -r0 -r1.2 gnupg.patch
  --- /dev/null 2003-11-27 20:20:36.000000000 +0100
  +++ gnupg.patch       2003-11-27 20:20:36.000000000 +0100
  @@ -0,0 +1,67 @@
  +David Shaw wrote a patch against GnuPG 1.2.3 to disable the ability to
  +create signatures using the ElGamal sign+encrypt (type 20) keys as
  +well as to remove the option to create such keys.
  +
  +Index: g10/getkey.c
  +--- g10/getkey.c     21 Jul 2003 14:55:00 -0000      1.78.2.20
  ++++ g10/getkey.c     27 Nov 2003 00:32:30 -0000
  +@@ -1655,6 +1655,11 @@
  +         if ( x ) /* mask it down to the actual allowed usage */
  +             key_usage &= x; 
  +     }
  ++
  ++    /* Type 20 Elgamal keys are not usable. */
  ++    if(pk->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
  ++      key_usage=0;
  ++
  +     pk->pubkey_usage = key_usage;
  + 
  +     if ( !key_expire_seen ) {
  +@@ -1869,6 +1874,13 @@
  +         if ( x ) /* mask it down to the actual allowed usage */
  +             key_usage &= x; 
  +     }
  ++
  ++    /* Type 20 Elgamal subkeys or any subkey on a type 20 primary are
  ++       not usable. */
  ++    if(mainpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL
  ++       || subpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
  ++      key_usage=0;
  ++
  +     subpk->pubkey_usage = key_usage;
  +     
  +     p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);
  +Index: g10/keygen.c
  +--- g10/keygen.c     16 Jul 2003 03:09:15 -0000      1.90.2.11
  ++++ g10/keygen.c     27 Nov 2003 00:32:31 -0000
  +@@ -958,8 +958,6 @@
  +     tty_printf(    _("   (%d) DSA (sign only)\n"), 2 );
  +     if( addmode )
  +     tty_printf(    _("   (%d) ElGamal (encrypt only)\n"), 3 );
  +-    if (opt.expert)
  +-        tty_printf(    _("   (%d) ElGamal (sign and encrypt)\n"), 4 );
  +     tty_printf(    _("   (%d) RSA (sign only)\n"), 5 );
  +     if (addmode)
  +         tty_printf(    _("   (%d) RSA (encrypt only)\n"), 6 );
  +@@ -989,21 +987,6 @@
  +         algo = PUBKEY_ALGO_RSA;
  +             *r_usage = PUBKEY_USAGE_SIG;
  +         break;
  +-    }
  +-    else if( algo == 4 && opt.expert)
  +-      {
  +-        tty_printf(_(
  +-"The use of this algorithm is only supported by GnuPG.  You will not be\n"
  +-"able to use this key to communicate with PGP users.  This algorithm is also\n"
  +-"very slow, and may not be as secure as the other choices.\n"));
  +-
  +-        if( cpr_get_answer_is_yes("keygen.algo.elg_se",
  +-                                  _("Create anyway? ")))
  +-          {
  +-            algo = PUBKEY_ALGO_ELGAMAL;
  +-            *r_usage = PUBKEY_USAGE_ENC | PUBKEY_USAGE_SIG;
  +-            break;
  +-          }
  +     }
  +     else if( algo == 3 && addmode ) {
  +         algo = PUBKEY_ALGO_ELGAMAL_E;
  @@ .
  patch -p0 <<'@@ .'
  Index: openpkg-src/gnupg/gnupg.spec
  ============================================================================
  $ cvs diff -u -r1.39 -r1.40 gnupg.spec
  --- openpkg-src/gnupg/gnupg.spec      22 Aug 2003 09:09:30 -0000      1.39
  +++ openpkg-src/gnupg/gnupg.spec      27 Nov 2003 19:20:36 -0000      1.40
  @@ -33,7 +33,7 @@
   Group:        Cryptography
   License:      GPL
   Version:      1.2.3
  -Release:      20030822
  +Release:      20031127
   
   #   package options
   %option       with_idea  no
  @@ -41,6 +41,7 @@
   #   list of sources
   Source0:      ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.gz
   Source1:      ftp://ftp.gnupg.dk/pub/contrib-dk/idea.c.gz
  +Patch0:       gnupg.patch
   
   #   build information
   Prefix:       %{l_prefix}
  @@ -62,6 +63,7 @@
   
   %prep
       %setup -q
  +    %patch -p0
   %if "%{with_idea}" == "yes"
       %{l_gzip} -d -c %{SOURCE idea.c.gz} >cipher/idea.c
   %endif
  @@ .
  patch -p0 <<'@@ .'
  Index: openpkg-web/news.txt
  ============================================================================
  $ cvs diff -u -r1.7580 -r1.7581 news.txt
  --- openpkg-web/news.txt      27 Nov 2003 19:14:30 -0000      1.7580
  +++ openpkg-web/news.txt      27 Nov 2003 19:20:34 -0000      1.7581
  @@ -1,3 +1,4 @@
  +27-Nov-2003: Upgraded package: P<gnupg-1.2.3-20031127>
   27-Nov-2003: Upgraded package: P<screen-4.0.1-20031127>
   27-Nov-2003: Upgraded package: P<tre-0.6.2-20031127>
   27-Nov-2003: Upgraded package: P<crm114-20031111rc8-20031127>
  @@ .
______________________________________________________________________
The OpenPKG Project                                    www.openpkg.org
CVS Repository Commit List                     [EMAIL PROTECTED]

Reply via email to