Date: Tuesday, July 1, 2014 @ 08:16:40 Author: bisson Revision: 215944
upstream update Modified: gnupg/trunk/PKGBUILD Deleted: gnupg/trunk/filter.patch gnupg/trunk/protect-tool-env.patch ------------------------+ PKGBUILD | 18 +---- filter.patch | 153 ----------------------------------------------- protect-tool-env.patch | 28 -------- 3 files changed, 4 insertions(+), 195 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2014-07-01 05:55:49 UTC (rev 215943) +++ PKGBUILD 2014-07-01 06:16:40 UTC (rev 215944) @@ -5,8 +5,8 @@ # Contributor: Judd Vinet <jvi...@zeroflux.org> pkgname=gnupg -pkgver=2.0.24 -pkgrel=2 +pkgver=2.0.25 +pkgrel=1 pkgdesc='Complete and free implementation of the OpenPGP standard' url='http://www.gnupg.org/' license=('GPL') @@ -16,12 +16,8 @@ 'libusb-compat: scdaemon') makedepends=('curl' 'libldap' 'libusb-compat') depends=('bzip2' 'libksba' 'libgcrypt' 'pth' 'libassuan' 'readline' 'pinentry' 'dirmngr') -source=("ftp://ftp.gnupg.org/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2"{,.sig} - 'protect-tool-env.patch' - 'filter.patch') -sha1sums=('010e027d5f622778cadc4c124013fe515ed705cf' 'SKIP' - '2ec97ba55ae47ff0d63bc813b8c64cb79cef11db' - 'e99aa2b725342aee188d706b42d392efb2389cf4') +source=("ftp://ftp.gnupg.org/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2"{,.sig}) +sha1sums=('890d77d89f2d187382f95e83e386f2f7ba789436' 'SKIP') install=install @@ -29,12 +25,6 @@ provides=("gnupg2=${pkgver}") replaces=('gnupg2') -prepare() { - cd "${srcdir}/${pkgname}-${pkgver}" - patch -p1 -i ../protect-tool-env.patch # FS#31900 - patch -p1 -i ../filter.patch -} - build() { cd "${srcdir}/${pkgname}-${pkgver}" ./configure \ Deleted: filter.patch =================================================================== --- filter.patch 2014-07-01 05:55:49 UTC (rev 215943) +++ filter.patch 2014-07-01 06:16:40 UTC (rev 215944) @@ -1,153 +0,0 @@ -Hi, - -please give the batch below a try. It works for me but before I do -another release, I would like a second test. - - -Shalom-Salam, - - Werner - -From 044847a0e2013a2833605c1a9f80cfa6ef353309 Mon Sep 17 00:00:00 2001 -From: Werner Koch <w...@gnupg.org> -Date: Wed, 25 Jun 2014 14:33:34 +0200 -Subject: [PATCH] gpg: Make screening of keyserver result work with multi-key - commands. - -* g10/keyserver.c (ks_retrieval_filter_arg_s): new. -(keyserver_retrieval_filter): Use new struct and check all -descriptions. -(keyserver_spawn): Pass filter arg suing the new struct. --- - -This is a fix for commit 5e933008. - -The old code did only work for a single key. It failed as soon as -several keys are specified ("gpg --refresh-keys" or "gpg --recv-key A -B C"). ---- - g10/keyserver.c | 68 ++++++++++++++++++++++++++++++++++++++------------------- - 1 file changed, 45 insertions(+), 23 deletions(-) - -diff --git a/g10/keyserver.c b/g10/keyserver.c -index 83a4b95..aa41536 100644 ---- a/g10/keyserver.c -+++ b/g10/keyserver.c -@@ -982,13 +982,25 @@ direct_uri_map(const char *scheme,unsigned int is_direct) - #define KEYSERVER_ARGS_NOKEEP " -o \"%o\" \"%i\"" - - -+/* Structure to convey the arg to keyserver_retrieval_filter. */ -+struct ks_retrieval_filter_arg_s -+{ -+ KEYDB_SEARCH_DESC *desc; -+ int ndesc; -+}; -+ -+ - /* Check whether a key matches the search description. The filter - returns 0 if the key shall be imported. Note that this kind of - filter is not related to the iobuf filters. */ - static int --keyserver_retrieval_filter (PKT_public_key *pk, PKT_secret_key *sk, void *arg) -+keyserver_retrieval_filter (PKT_public_key *pk, PKT_secret_key *sk, -+ void *opaque) - { -- KEYDB_SEARCH_DESC *desc = arg; -+ struct ks_retrieval_filter_arg_s *arg = opaque; -+ KEYDB_SEARCH_DESC *desc = arg->desc; -+ int ndesc = arg->ndesc; -+ int n; - u32 keyid[2]; - byte fpr[MAX_FINGERPRINT_LEN]; - size_t fpr_len = 0; -@@ -997,32 +1009,40 @@ keyserver_retrieval_filter (PKT_public_key *pk, PKT_secret_key *sk, void *arg) - if (sk) - return G10ERR_GENERAL; - -+ if (!ndesc) -+ return 0; /* Okay if no description given. */ -+ - fingerprint_from_pk (pk, fpr, &fpr_len); - keyid_from_pk (pk, keyid); - - /* Compare requested and returned fingerprints if available. */ -- if (desc->mode == KEYDB_SEARCH_MODE_FPR20) -- { -- if (fpr_len != 20 || memcmp (fpr, desc->u.fpr, 20)) -- return G10ERR_GENERAL; -- } -- else if (desc->mode == KEYDB_SEARCH_MODE_FPR16) -- { -- if (fpr_len != 16 || memcmp (fpr, desc->u.fpr, 16)) -- return G10ERR_GENERAL; -- } -- else if (desc->mode == KEYDB_SEARCH_MODE_LONG_KID) -- { -- if (keyid[0] != desc->u.kid[0] || keyid[1] != desc->u.kid[1]) -- return G10ERR_GENERAL; -- } -- else if (desc->mode == KEYDB_SEARCH_MODE_SHORT_KID) -+ for (n = 0; n < ndesc; n++) - { -- if (keyid[1] != desc->u.kid[1]) -- return G10ERR_GENERAL; -+ if (desc[n].mode == KEYDB_SEARCH_MODE_FPR20) -+ { -+ if (fpr_len == 20 && !memcmp (fpr, desc[n].u.fpr, 20)) -+ return 0; -+ } -+ else if (desc[n].mode == KEYDB_SEARCH_MODE_FPR16) -+ { -+ if (fpr_len == 16 && !memcmp (fpr, desc[n].u.fpr, 16)) -+ return 0; -+ } -+ else if (desc[n].mode == KEYDB_SEARCH_MODE_LONG_KID) -+ { -+ if (keyid[0] == desc[n].u.kid[0] && keyid[1] == desc[n].u.kid[1]) -+ return 0; -+ } -+ else if (desc[n].mode == KEYDB_SEARCH_MODE_SHORT_KID) -+ { -+ if (keyid[1] == desc[n].u.kid[1]) -+ return 0; -+ } -+ else -+ return 0; - } - -- return 0; -+ return G10ERR_GENERAL; - } - - -@@ -1535,6 +1555,7 @@ keyserver_spawn (enum ks_action action, strlist_t list, KEYDB_SEARCH_DESC *desc, - case KS_GETNAME: - { - void *stats_handle; -+ struct ks_retrieval_filter_arg_s filterarg; - - stats_handle=import_new_stats_handle(); - -@@ -1547,11 +1568,12 @@ keyserver_spawn (enum ks_action action, strlist_t list, KEYDB_SEARCH_DESC *desc, - that we don't allow the import of secret keys from a - keyserver. Keyservers should never accept or send them - but we better protect against rogue keyservers. */ -- -+ filterarg.desc = desc; -+ filterarg.ndesc = count; - import_keys_stream (spawn->fromchild, stats_handle, fpr, fpr_len, - (opt.keyserver_options.import_options - | IMPORT_NO_SECKEY), -- keyserver_retrieval_filter, desc); -+ keyserver_retrieval_filter, &filterarg); - - import_print_stats(stats_handle); - import_release_stats_handle(stats_handle); --- -1.8.4.3 - - - --- -Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. Deleted: protect-tool-env.patch =================================================================== --- protect-tool-env.patch 2014-07-01 05:55:49 UTC (rev 215943) +++ protect-tool-env.patch 2014-07-01 06:16:40 UTC (rev 215944) @@ -1,28 +0,0 @@ -diff -Naur old/agent/protect-tool.c new/agent/protect-tool.c ---- old/agent/protect-tool.c 2012-12-08 13:53:17.067611957 +1100 -+++ new/agent/protect-tool.c 2012-12-08 13:53:28.247633012 +1100 -@@ -102,6 +102,7 @@ - static int opt_status_msg; - static const char *opt_p12_charset; - static const char *opt_agent_program; -+static session_env_t opt_session_env; - - static char *get_passphrase (int promptno); - static void release_passphrase (char *pw); -@@ -1040,6 +1041,7 @@ - - opt_homedir = default_homedir (); - -+ opt_session_env = session_env_new (); - - pargs.argc = &argc; - pargs.argv = &argv; -@@ -1091,7 +1093,7 @@ - opt.verbose, - opt_homedir, - opt_agent_program, -- NULL, NULL, NULL); -+ NULL, NULL, opt_session_env); - - if (opt_prompt) - opt_prompt = percent_plus_unescape (opt_prompt, 0);