[CVS] OpenPKG: OPENPKG_1_3_SOLID: openpkg-src/gnupg/ gnupg.patch gnupg...

Fri, 12 Dec 2003 08:39:14 -0800 

  OpenPKG CVS Repository
  http://cvs.openpkg.org/
  ____________________________________________________________________________

  Server: cvs.openpkg.org                  Name:   Thomas Lotterer
  Root:   /e/openpkg/cvs                   Email:  [EMAIL PROTECTED]
  Module: openpkg-src openpkg-web          Date:   12-Dec-2003 16:36:22
  Branch: OPENPKG_1_3_SOLID HEAD           Handle: 2003121215361803

  Added files:              (Branch: OPENPKG_1_3_SOLID)
    openpkg-src/gnupg       gnupg.patch
  Modified files:
    openpkg-web             news.txt
  Modified files:           (Branch: OPENPKG_1_3_SOLID)
    openpkg-src/gnupg       gnupg.spec

  Log:
    CAN-2003-0971

  Summary:
    Revision    Changes     Path
    1.2.2.1     +66 -0      openpkg-src/gnupg/gnupg.patch
    1.30.2.3.2.2+3  -1      openpkg-src/gnupg/gnupg.spec
    1.7741      +1  -0      openpkg-web/news.txt
  ____________________________________________________________________________

  patch -p0 <<'@@ .'
  Index: openpkg-src/gnupg/gnupg.patch
  ============================================================================
  $ cvs diff -u -r0 -r1.2.2.1 gnupg.patch
  --- /dev/null 2003-12-12 16:36:21.000000000 +0100
  +++ gnupg.patch       2003-12-12 16:36:21.000000000 +0100
  @@ -0,0 +1,66 @@
  +David Shaw wrote a patch against GnuPG 1.2.3 to disable the ability to
  +create signatures using the ElGamal sign+encrypt (type 20) keys as
  +well as to remove the option to create such keys.
  +
  +Index: g10/getkey.c
  +--- g10/getkey.c.orig        2003-04-29 09:26:40.000000000 +0200
  ++++ g10/getkey.c     2003-12-12 16:27:56.000000000 +0100
  +@@ -1636,6 +1636,11 @@
  +         if ( x ) /* mask it down to the actual allowed usage */
  +             key_usage &= x; 
  +     }
  ++
  ++    /* Type 20 Elgamal keys are not usable. */
  ++    if(pk->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
  ++      key_usage=0;
  ++
  +     pk->pubkey_usage = key_usage;
  + 
  +     if ( !key_expire_seen ) {
  +@@ -1806,6 +1811,13 @@
  +         if ( x ) /* mask it down to the actual allowed usage */
  +             key_usage &= x; 
  +     }
  ++
  ++    /* Type 20 Elgamal subkeys or any subkey on a type 20 primary are
  ++       not usable. */
  ++    if(mainpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL
  ++       || subpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
  ++      key_usage=0;
  ++
  +     subpk->pubkey_usage = key_usage;
  +     
  +     p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);
  +Index: g10/keygen.c
  +--- g10/keygen.c.orig        2003-04-09 16:58:01.000000000 +0200
  ++++ g10/keygen.c     2003-12-12 16:28:23.000000000 +0100
  +@@ -953,8 +953,6 @@
  +     tty_printf(    _("   (%d) DSA (sign only)\n"), 2 );
  +     if( addmode )
  +     tty_printf(    _("   (%d) ElGamal (encrypt only)\n"), 3 );
  +-    if (opt.expert)
  +-        tty_printf(    _("   (%d) ElGamal (sign and encrypt)\n"), 4 );
  +     tty_printf(    _("   (%d) RSA (sign only)\n"), 5 );
  +     if (addmode)
  +         tty_printf(    _("   (%d) RSA (encrypt only)\n"), 6 );
  +@@ -985,20 +983,6 @@
  +             *r_usage = PUBKEY_USAGE_SIG;
  +         break;
  +     }
  +-    else if( algo == 4 && opt.expert)
  +-      {
  +-        tty_printf(_(
  +-"The use of this algorithm is only supported by GnuPG.  You will not be\n"
  +-"able to use this key to communicate with PGP users.  This algorithm is also\n"
  +-"very slow, and may not be as secure as the other choices.\n"));
  +-
  +-        if( cpr_get_answer_is_yes("keygen.algo.elg_se",
  +-                                  _("Create anyway? ")))
  +-          {
  +-            algo = PUBKEY_ALGO_ELGAMAL;
  +-            break;
  +-          }
  +-    }
  +     else if( algo == 3 && addmode ) {
  +         algo = PUBKEY_ALGO_ELGAMAL_E;
  +         break;
  @@ .
  patch -p0 <<'@@ .'
  Index: openpkg-src/gnupg/gnupg.spec
  ============================================================================
  $ cvs diff -u -r1.30.2.3.2.1 -r1.30.2.3.2.2 gnupg.spec
  --- openpkg-src/gnupg/gnupg.spec      29 Jul 2003 14:59:08 -0000      1.30.2.3.2.1
  +++ openpkg-src/gnupg/gnupg.spec      12 Dec 2003 15:36:21 -0000      1.30.2.3.2.2
  @@ -33,7 +33,7 @@
   Group:        Cryptography
   License:      GPL
   Version:      1.2.2
  -Release:      1.3.0
  +Release:      1.3.1
   
   #   package options
   %option       with_idea  no
  @@ -41,6 +41,7 @@
   #   list of sources
   Source0:      ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.gz
   Source1:      ftp://ftp.gnupg.dk/pub/contrib-dk/idea.c.gz
  +Patch0:       gnupg.patch
   
   #   build information
   Prefix:       %{l_prefix}
  @@ -62,6 +63,7 @@
   
   %prep
       %setup -q
  +    %patch -p0
   %if "%{with_idea}" == "yes"
       %{l_gzip} -d -c %{SOURCE idea.c.gz} >cipher/idea.c
   %endif
  @@ .
  patch -p0 <<'@@ .'
  Index: openpkg-web/news.txt
  ============================================================================
  $ cvs diff -u -r1.7740 -r1.7741 news.txt
  --- openpkg-web/news.txt      12 Dec 2003 07:37:19 -0000      1.7740
  +++ openpkg-web/news.txt      12 Dec 2003 15:36:18 -0000      1.7741
  @@ -1,3 +1,4 @@
  +12-Dec-2003: Upgraded package: P<gnupg-1.2.2-1.3.1>
   12-Dec-2003: Upgraded package: P<tinyca-0.5.4-20031212>
   12-Dec-2003: Upgraded package: P<perl-gtk-20031212-20031212>
   12-Dec-2003: Upgraded package: P<tcpreplay-1.4.6-20031212>
  @@ .
______________________________________________________________________
The OpenPKG Project                                    www.openpkg.org
CVS Repository Commit List                     [EMAIL PROTECTED]

Reply via email to