[arch-commits] Commit in gnome-keyring/trunk (PKGBUILD gpg-agent-fix-encoding.patch)

Jan de Groot jgc at archlinux.org
Wed Aug 1 09:35:36 UTC 2012 

    Date: Wednesday, August 1, 2012 @ 05:35:36
  Author: jgc
Revision: 164500

upgpkg: gnome-keyring 3.4.1-3

Fix upstream bug that I reported because it causes pain when packaging

Added:
  gnome-keyring/trunk/gpg-agent-fix-encoding.patch
Modified:
  gnome-keyring/trunk/PKGBUILD

------------------------------+
 PKGBUILD                     |    9 ++--
 gpg-agent-fix-encoding.patch |   86 +++++++++++++++++++++++++++++++++++++++++
 2 files changed, 92 insertions(+), 3 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2012-08-01 08:04:05 UTC (rev 164499)
+++ PKGBUILD	2012-08-01 09:35:36 UTC (rev 164500)
@@ -3,7 +3,7 @@
 
 pkgname=gnome-keyring
 pkgver=3.4.1
-pkgrel=2
+pkgrel=3
 pkgdesc="GNOME Password Management daemon"
 arch=(i686 x86_64)
 license=('GPL' 'LGPL')
@@ -13,11 +13,14 @@
 options=('!libtool' '!emptydirs')
 url="http://www.gnome.org"
 install=gnome-keyring.install
-source=(http://ftp.gnome.org/pub/gnome/sources/$pkgname/${pkgver%.*}/$pkgname-$pkgver.tar.xz)
-sha256sums=('9e90267721198cbe6ebc08f6390d24901d9c0de39b180cd2ad1bbcdd7b30b249')
+source=(http://ftp.gnome.org/pub/gnome/sources/$pkgname/${pkgver%.*}/$pkgname-$pkgver.tar.xz
+        gpg-agent-fix-encoding.patch)
+sha256sums=('9e90267721198cbe6ebc08f6390d24901d9c0de39b180cd2ad1bbcdd7b30b249'
+            '05ae4ec8db316b1b7552099721226e3a211bcf3d2445f1ea464d26bf31590760')
 
 build() {
   cd "$pkgname-$pkgver"
+  patch -Np1 -i "$srcdir/gpg-agent-fix-encoding.patch"
   ./configure --prefix=/usr --sysconfdir=/etc \
       --localstatedir=/var --disable-static \
       --libexecdir=/usr/lib/gnome-keyring \

Added: gpg-agent-fix-encoding.patch
===================================================================
--- gpg-agent-fix-encoding.patch	                        (rev 0)
+++ gpg-agent-fix-encoding.patch	2012-08-01 09:35:36 UTC (rev 164500)
@@ -0,0 +1,86 @@
+From d31a26df7ce8d9c084b9c66fe00458683dde9864 Mon Sep 17 00:00:00 2001
+From: Stef Walter <stefw at gnome.org>
+Date: Thu, 28 Jun 2012 15:51:54 +0200
+Subject: [PATCH] gpg-agent: Encode passwords when --data was requested
+
+ * Use URI encoding to return passwords when gnupg calls us with
+   a --data argument.
+
+https://bugzilla.gnome.org/show_bug.cgi?id=678771
+---
+ daemon/gpg-agent/gkd-gpg-agent-ops.c |   41 ++++++++++++++++++++++++++++++----
+ 1 file changed, 37 insertions(+), 4 deletions(-)
+
+diff --git a/daemon/gpg-agent/gkd-gpg-agent-ops.c b/daemon/gpg-agent/gkd-gpg-agent-ops.c
+index be6c4d3..a1a21ff 100644
+--- a/daemon/gpg-agent/gkd-gpg-agent-ops.c
++++ b/daemon/gpg-agent/gkd-gpg-agent-ops.c
+@@ -632,11 +632,12 @@ command_has_option (gchar *command, gchar *option)
+ 	return has_option;
+ }
+ 
++static const char HEXC[] = "0123456789abcdef";
++
+ /* Encode a password in hex */
+ static gchar*
+-encode_password (const gchar *pass)
++hex_encode_password (const gchar *pass)
+ {
+-	static const char HEXC[] = "0123456789abcdef";
+ 	int j, c;
+ 	gchar *enc, *k;
+ 
+@@ -656,6 +657,36 @@ encode_password (const gchar *pass)
+ 	return enc;
+ }
+ 
++static gchar*
++uri_encode_password (const gchar *value)
++{
++	gchar *p;
++	gchar *result;
++
++	/* Just allocate for worst case */
++	result = egg_secure_alloc ((strlen (value) * 3) + 1);
++
++	/* Now loop through looking for escapes */
++	p = result;
++	while (*value) {
++
++		/* These characters we let through verbatim */
++		if (*value && (g_ascii_isalnum (*value) || strchr ("_-.", *value) != NULL)) {
++			*(p++) = *(value++);
++
++		/* All others get encoded */
++		} else {
++			*(p++) = '%';
++			*(p++) = HEXC[((unsigned char)*value) >> 4];
++			*(p++) = HEXC[((unsigned char)*value) & 0x0F];
++			++value;
++		}
++	}
++
++	*p = 0;
++	return result;
++}
++
+ /* ----------------------------------------------------------------------------------
+  * OPERATIONS
+  */
+@@ -737,10 +768,12 @@ gkd_gpg_agent_ops_getpass (GkdGpgAgentCall *call, gchar *args)
+ 	if (password == NULL) {
+ 		gkd_gpg_agent_send_reply (call, FALSE, "111 cancelled");
+ 	} else if (flags & GKD_GPG_AGENT_PASS_AS_DATA) {
+-		gkd_gpg_agent_send_data (call, password);
++		encoded = uri_encode_password (password);
++		gkd_gpg_agent_send_data (call, encoded);
+ 		gkd_gpg_agent_send_reply (call, TRUE, NULL);
++		egg_secure_strfree (encoded);
+ 	} else {
+-		encoded = encode_password (password);
++		encoded = hex_encode_password (password);
+ 		gkd_gpg_agent_send_reply (call, TRUE, encoded);
+ 		egg_secure_strfree (encoded);
+ 	}
+-- 
+1.7.10.2
\ No newline at end of file

More information about the arch-commits mailing list