[arch-commits] Commit in gnupg/trunk (PKGBUILD valid-keyblock-packet.patch)
Date: Friday, May 10, 2013 @ 21:07:59
Author: bisson
Revision: 185064
upstream update
Modified:
gnupg/trunk/PKGBUILD
Deleted:
gnupg/trunk/valid-keyblock-packet.patch
-+
PKGBUILD| 16 ---
valid-keyblock-packet.patch | 61 --
2 files changed, 7 insertions(+), 70 deletions(-)
Modified: PKGBUILD
===
--- PKGBUILD2013-05-10 18:52:41 UTC (rev 185063)
+++ PKGBUILD2013-05-10 19:07:59 UTC (rev 185064)
@@ -5,8 +5,8 @@
# Contributor: Judd Vinet jvi...@zeroflux.org
pkgname=gnupg
-pkgver=2.0.19
-pkgrel=7
+pkgver=2.0.20
+pkgrel=1
pkgdesc='Complete and free implementation of the OpenPGP standard'
url='http://www.gnupg.org/'
license=('GPL')
@@ -17,11 +17,8 @@
makedepends=('curl' 'libldap' 'libusb-compat')
depends=('bzip2' 'libksba' 'libgcrypt' 'pth' 'libassuan' 'readline' 'pinentry'
'dirmngr')
source=(ftp://ftp.gnupg.org/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2{,.sig}
-'valid-keyblock-packet.patch'
'protect-tool-env.patch')
-sha1sums=('190c09e6688f688fb0a5cf884d01e240d957ac1f'
- 'f6e6830610a8629b0aad69d789373bf8ca481733'
- '474d827f1c2976bb107985047f61ac9096ae0953'
+sha1sums=('7ddfefa37ee9da89a8aaa8f9059d251b4cd02562' 'SKIP'
'2ec97ba55ae47ff0d63bc813b8c64cb79cef11db')
install=install
@@ -30,12 +27,13 @@
provides=(gnupg2=${pkgver})
replaces=('gnupg2')
-build() {
+prepare() {
cd ${srcdir}/${pkgname}-${pkgver}
-
patch -p1 -i ../protect-tool-env.patch # FS#31900
- patch -p1 -i ../valid-keyblock-packet.patch
+}
+build() {
+ cd ${srcdir}/${pkgname}-${pkgver}
./configure \
--prefix=/usr \
--sysconfdir=/etc \
Deleted: valid-keyblock-packet.patch
===
--- valid-keyblock-packet.patch 2013-05-10 18:52:41 UTC (rev 185063)
+++ valid-keyblock-packet.patch 2013-05-10 19:07:59 UTC (rev 185064)
@@ -1,61 +0,0 @@
-From: Werner Koch w...@gnupg.org
-Date: Thu, 20 Dec 2012 08:43:41 + (+0100)
-Subject: gpg: Import only packets which are allowed in a keyblock.
-X-Git-Url:
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff_plain;h=498882296ffac7987c644aaf2a0aa108a2925471;hp=20c95ef258f8520283406239f7c6f4729341d463
-
-gpg: Import only packets which are allowed in a keyblock.
-
-* g10/import.c (valid_keyblock_packet): New.
-(read_block): Store only valid packets.
---
-
-A corrupted key, which for example included a mangled public key
-encrypted packet, used to corrupt the keyring. This change skips all
-packets which are not allowed in a keyblock.
-
-GnuPG-bug-id: 1455
-
-(cherry-picked from commit 3a4b96e665fa639772854058737ee3d54ba0694e)
-
-diff --git a/g10/import.c b/g10/import.c
-index ba2439d..ad112d6 100644
a/g10/import.c
-+++ b/g10/import.c
-@@ -347,6 +347,27 @@ import_print_stats (void *hd)
- }
-
-
-+/* Return true if PKTTYPE is valid in a keyblock. */
-+static int
-+valid_keyblock_packet (int pkttype)
-+{
-+ switch (pkttype)
-+{
-+case PKT_PUBLIC_KEY:
-+case PKT_PUBLIC_SUBKEY:
-+case PKT_SECRET_KEY:
-+case PKT_SECRET_SUBKEY:
-+case PKT_SIGNATURE:
-+case PKT_USER_ID:
-+case PKT_ATTRIBUTE:
-+case PKT_RING_TRUST:
-+ return 1;
-+default:
-+ return 0;
-+}
-+}
-+
-+
- /
- * Read the next keyblock from stream A.
- * PENDING_PKT should be initialzed to NULL
-@@ -424,7 +445,7 @@ read_block( IOBUF a, PACKET **pending_pkt, KBNODE
*ret_root )
- }
- in_cert = 1;
- default:
-- if( in_cert ) {
-+ if (in_cert valid_keyblock_packet (pkt-pkttype)) {
- if( !root )
- root = new_kbnode( pkt );
- else
[arch-commits] Commit in gnupg/trunk (PKGBUILD valid-keyblock-packet.patch)
Date: Sunday, January 27, 2013 @ 23:06:14
Author: bisson
Revision: 176232
prevent keyring corruption when importing dodgy packets
Added:
gnupg/trunk/valid-keyblock-packet.patch
Modified:
gnupg/trunk/PKGBUILD
-+
PKGBUILD|5 ++-
valid-keyblock-packet.patch | 61 ++
2 files changed, 65 insertions(+), 1 deletion(-)
Modified: PKGBUILD
===
--- PKGBUILD2013-01-27 20:40:41 UTC (rev 176231)
+++ PKGBUILD2013-01-27 22:06:14 UTC (rev 176232)
@@ -6,7 +6,7 @@
pkgname=gnupg
pkgver=2.0.19
-pkgrel=4
+pkgrel=5
pkgdesc='Complete and free implementation of the OpenPGP standard'
url='http://www.gnupg.org/'
license=('GPL')
@@ -17,9 +17,11 @@
makedepends=('curl' 'libldap' 'libusb-compat')
depends=('bzip2' 'libksba' 'libgcrypt' 'pth' 'libassuan' 'readline' 'pinentry'
'dirmngr')
source=(ftp://ftp.gnupg.org/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2{,.sig}
+'valid-keyblock-packet.patch'
'protect-tool-env.patch')
sha1sums=('190c09e6688f688fb0a5cf884d01e240d957ac1f'
'f6e6830610a8629b0aad69d789373bf8ca481733'
+ '474d827f1c2976bb107985047f61ac9096ae0953'
'2ec97ba55ae47ff0d63bc813b8c64cb79cef11db')
install=install
@@ -31,6 +33,7 @@
build() {
cd ${srcdir}/${pkgname}-${pkgver}
patch -p1 -i ../protect-tool-env.patch # FS#31900
+ patch -p1 -i ../valid-keyblock-packet.patch
./configure --prefix=/usr --libexecdir=/usr/lib/gnupg
make
}
Added: valid-keyblock-packet.patch
===
--- valid-keyblock-packet.patch (rev 0)
+++ valid-keyblock-packet.patch 2013-01-27 22:06:14 UTC (rev 176232)
@@ -0,0 +1,61 @@
+From: Werner Koch w...@gnupg.org
+Date: Thu, 20 Dec 2012 08:43:41 + (+0100)
+Subject: gpg: Import only packets which are allowed in a keyblock.
+X-Git-Url:
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff_plain;h=498882296ffac7987c644aaf2a0aa108a2925471;hp=20c95ef258f8520283406239f7c6f4729341d463
+
+gpg: Import only packets which are allowed in a keyblock.
+
+* g10/import.c (valid_keyblock_packet): New.
+(read_block): Store only valid packets.
+--
+
+A corrupted key, which for example included a mangled public key
+encrypted packet, used to corrupt the keyring. This change skips all
+packets which are not allowed in a keyblock.
+
+GnuPG-bug-id: 1455
+
+(cherry-picked from commit 3a4b96e665fa639772854058737ee3d54ba0694e)
+---
+
+diff --git a/g10/import.c b/g10/import.c
+index ba2439d..ad112d6 100644
+--- a/g10/import.c
b/g10/import.c
+@@ -347,6 +347,27 @@ import_print_stats (void *hd)
+ }
+
+
++/* Return true if PKTTYPE is valid in a keyblock. */
++static int
++valid_keyblock_packet (int pkttype)
++{
++ switch (pkttype)
++{
++case PKT_PUBLIC_KEY:
++case PKT_PUBLIC_SUBKEY:
++case PKT_SECRET_KEY:
++case PKT_SECRET_SUBKEY:
++case PKT_SIGNATURE:
++case PKT_USER_ID:
++case PKT_ATTRIBUTE:
++case PKT_RING_TRUST:
++ return 1;
++default:
++ return 0;
++}
++}
++
++
+ /
+ * Read the next keyblock from stream A.
+ * PENDING_PKT should be initialzed to NULL
+@@ -424,7 +445,7 @@ read_block( IOBUF a, PACKET **pending_pkt, KBNODE
*ret_root )
+ }
+ in_cert = 1;
+ default:
+- if( in_cert ) {
++ if (in_cert valid_keyblock_packet (pkt-pkttype)) {
+ if( !root )
+ root = new_kbnode( pkt );
+ else
