[arch-commits] Commit in gnupg/repos (10 files)
Gaetan Bisson
bisson at nymeria.archlinux.org
Sun Jan 27 22:07:06 UTC 2013
Date: Sunday, January 27, 2013 @ 23:07:06
Author: bisson
Revision: 176233
archrelease: copy trunk to testing-i686, testing-x86_64
Added:
gnupg/repos/testing-i686/
gnupg/repos/testing-i686/PKGBUILD
(from rev 176232, gnupg/trunk/PKGBUILD)
gnupg/repos/testing-i686/install
(from rev 176232, gnupg/trunk/install)
gnupg/repos/testing-i686/protect-tool-env.patch
(from rev 176232, gnupg/trunk/protect-tool-env.patch)
gnupg/repos/testing-i686/valid-keyblock-packet.patch
(from rev 176232, gnupg/trunk/valid-keyblock-packet.patch)
gnupg/repos/testing-x86_64/
gnupg/repos/testing-x86_64/PKGBUILD
(from rev 176232, gnupg/trunk/PKGBUILD)
gnupg/repos/testing-x86_64/install
(from rev 176232, gnupg/trunk/install)
gnupg/repos/testing-x86_64/protect-tool-env.patch
(from rev 176232, gnupg/trunk/protect-tool-env.patch)
gnupg/repos/testing-x86_64/valid-keyblock-packet.patch
(from rev 176232, gnupg/trunk/valid-keyblock-packet.patch)
--------------------------------------------+
testing-i686/PKGBUILD | 53 +++++++++++++++++++++++
testing-i686/install | 20 ++++++++
testing-i686/protect-tool-env.patch | 28 ++++++++++++
testing-i686/valid-keyblock-packet.patch | 61 +++++++++++++++++++++++++++
testing-x86_64/PKGBUILD | 53 +++++++++++++++++++++++
testing-x86_64/install | 20 ++++++++
testing-x86_64/protect-tool-env.patch | 28 ++++++++++++
testing-x86_64/valid-keyblock-packet.patch | 61 +++++++++++++++++++++++++++
8 files changed, 324 insertions(+)
Copied: gnupg/repos/testing-i686/PKGBUILD (from rev 176232, gnupg/trunk/PKGBUILD)
===================================================================
--- testing-i686/PKGBUILD (rev 0)
+++ testing-i686/PKGBUILD 2013-01-27 22:07:06 UTC (rev 176233)
@@ -0,0 +1,53 @@
+# $Id$
+# Maintainer: Gaetan Bisson <bisson at archlinux.org>
+# Contributor: Tobias Powalowski <tpowa at archlinux.org>
+# Contributor: Andreas Radke <andyrtr at archlinux.org>
+# Contributor: Judd Vinet <jvinet at zeroflux.org>
+
+pkgname=gnupg
+pkgver=2.0.19
+pkgrel=5
+pkgdesc='Complete and free implementation of the OpenPGP standard'
+url='http://www.gnupg.org/'
+license=('GPL')
+arch=('i686' 'x86_64')
+optdepends=('curl: gpg2keys_curl'
+ 'libldap: gpg2keys_ldap'
+ 'libusb-compat: scdaemon')
+makedepends=('curl' 'libldap' 'libusb-compat')
+depends=('bzip2' 'libksba' 'libgcrypt' 'pth' 'libassuan' 'readline' 'pinentry' 'dirmngr')
+source=("ftp://ftp.gnupg.org/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2"{,.sig}
+ 'valid-keyblock-packet.patch'
+ 'protect-tool-env.patch')
+sha1sums=('190c09e6688f688fb0a5cf884d01e240d957ac1f'
+ 'f6e6830610a8629b0aad69d789373bf8ca481733'
+ '474d827f1c2976bb107985047f61ac9096ae0953'
+ '2ec97ba55ae47ff0d63bc813b8c64cb79cef11db')
+
+install=install
+
+conflicts=('gnupg2')
+provides=("gnupg2=${pkgver}")
+replaces=('gnupg2')
+
+build() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ patch -p1 -i ../protect-tool-env.patch # FS#31900
+ patch -p1 -i ../valid-keyblock-packet.patch
+ ./configure --prefix=/usr --libexecdir=/usr/lib/gnupg
+ make
+}
+
+check() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ make check
+}
+
+package() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ make DESTDIR="${pkgdir}" install
+ ln -s gpg2 "${pkgdir}"/usr/bin/gpg
+ ln -s gpgv2 "${pkgdir}"/usr/bin/gpgv
+ ln -s gpg2.1.gz "${pkgdir}"/usr/share/man/man1/gpg.1.gz
+ rm "${pkgdir}/usr/share/gnupg/com-certs.pem" # FS#33059
+}
Copied: gnupg/repos/testing-i686/install (from rev 176232, gnupg/trunk/install)
===================================================================
--- testing-i686/install (rev 0)
+++ testing-i686/install 2013-01-27 22:07:06 UTC (rev 176233)
@@ -0,0 +1,20 @@
+info_dir=/usr/share/info
+info_files=(gnupg.info gnupg.info-1 gnupg.info-2)
+
+post_install() {
+ [ -x usr/bin/install-info ] || return 0
+ for f in ${info_files[@]}; do
+ usr/bin/install-info ${info_dir}/$f ${info_dir}/dir 2> /dev/null
+ done
+}
+
+post_upgrade() {
+ post_install $1
+}
+
+pre_remove() {
+ [ -x usr/bin/install-info ] || return 0
+ for f in ${info_files[@]}; do
+ usr/bin/install-info --delete ${info_dir}/$f ${info_dir}/dir 2> /dev/null
+ done
+}
Copied: gnupg/repos/testing-i686/protect-tool-env.patch (from rev 176232, gnupg/trunk/protect-tool-env.patch)
===================================================================
--- testing-i686/protect-tool-env.patch (rev 0)
+++ testing-i686/protect-tool-env.patch 2013-01-27 22:07:06 UTC (rev 176233)
@@ -0,0 +1,28 @@
+diff -Naur old/agent/protect-tool.c new/agent/protect-tool.c
+--- old/agent/protect-tool.c 2012-12-08 13:53:17.067611957 +1100
++++ new/agent/protect-tool.c 2012-12-08 13:53:28.247633012 +1100
+@@ -102,6 +102,7 @@
+ static int opt_status_msg;
+ static const char *opt_p12_charset;
+ static const char *opt_agent_program;
++static session_env_t opt_session_env;
+
+ static char *get_passphrase (int promptno);
+ static void release_passphrase (char *pw);
+@@ -1040,6 +1041,7 @@
+
+ opt_homedir = default_homedir ();
+
++ opt_session_env = session_env_new ();
+
+ pargs.argc = &argc;
+ pargs.argv = &argv;
+@@ -1091,7 +1093,7 @@
+ opt.verbose,
+ opt_homedir,
+ opt_agent_program,
+- NULL, NULL, NULL);
++ NULL, NULL, opt_session_env);
+
+ if (opt_prompt)
+ opt_prompt = percent_plus_unescape (opt_prompt, 0);
Copied: gnupg/repos/testing-i686/valid-keyblock-packet.patch (from rev 176232, gnupg/trunk/valid-keyblock-packet.patch)
===================================================================
--- testing-i686/valid-keyblock-packet.patch (rev 0)
+++ testing-i686/valid-keyblock-packet.patch 2013-01-27 22:07:06 UTC (rev 176233)
@@ -0,0 +1,61 @@
+From: Werner Koch <wk at gnupg.org>
+Date: Thu, 20 Dec 2012 08:43:41 +0000 (+0100)
+Subject: gpg: Import only packets which are allowed in a keyblock.
+X-Git-Url: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff_plain;h=498882296ffac7987c644aaf2a0aa108a2925471;hp=20c95ef258f8520283406239f7c6f4729341d463
+
+gpg: Import only packets which are allowed in a keyblock.
+
+* g10/import.c (valid_keyblock_packet): New.
+(read_block): Store only valid packets.
+--
+
+A corrupted key, which for example included a mangled public key
+encrypted packet, used to corrupt the keyring. This change skips all
+packets which are not allowed in a keyblock.
+
+GnuPG-bug-id: 1455
+
+(cherry-picked from commit 3a4b96e665fa639772854058737ee3d54ba0694e)
+---
+
+diff --git a/g10/import.c b/g10/import.c
+index ba2439d..ad112d6 100644
+--- a/g10/import.c
++++ b/g10/import.c
+@@ -347,6 +347,27 @@ import_print_stats (void *hd)
+ }
+
+
++/* Return true if PKTTYPE is valid in a keyblock. */
++static int
++valid_keyblock_packet (int pkttype)
++{
++ switch (pkttype)
++ {
++ case PKT_PUBLIC_KEY:
++ case PKT_PUBLIC_SUBKEY:
++ case PKT_SECRET_KEY:
++ case PKT_SECRET_SUBKEY:
++ case PKT_SIGNATURE:
++ case PKT_USER_ID:
++ case PKT_ATTRIBUTE:
++ case PKT_RING_TRUST:
++ return 1;
++ default:
++ return 0;
++ }
++}
++
++
+ /****************
+ * Read the next keyblock from stream A.
+ * PENDING_PKT should be initialzed to NULL
+@@ -424,7 +445,7 @@ read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root )
+ }
+ in_cert = 1;
+ default:
+- if( in_cert ) {
++ if (in_cert && valid_keyblock_packet (pkt->pkttype)) {
+ if( !root )
+ root = new_kbnode( pkt );
+ else
Copied: gnupg/repos/testing-x86_64/PKGBUILD (from rev 176232, gnupg/trunk/PKGBUILD)
===================================================================
--- testing-x86_64/PKGBUILD (rev 0)
+++ testing-x86_64/PKGBUILD 2013-01-27 22:07:06 UTC (rev 176233)
@@ -0,0 +1,53 @@
+# $Id$
+# Maintainer: Gaetan Bisson <bisson at archlinux.org>
+# Contributor: Tobias Powalowski <tpowa at archlinux.org>
+# Contributor: Andreas Radke <andyrtr at archlinux.org>
+# Contributor: Judd Vinet <jvinet at zeroflux.org>
+
+pkgname=gnupg
+pkgver=2.0.19
+pkgrel=5
+pkgdesc='Complete and free implementation of the OpenPGP standard'
+url='http://www.gnupg.org/'
+license=('GPL')
+arch=('i686' 'x86_64')
+optdepends=('curl: gpg2keys_curl'
+ 'libldap: gpg2keys_ldap'
+ 'libusb-compat: scdaemon')
+makedepends=('curl' 'libldap' 'libusb-compat')
+depends=('bzip2' 'libksba' 'libgcrypt' 'pth' 'libassuan' 'readline' 'pinentry' 'dirmngr')
+source=("ftp://ftp.gnupg.org/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2"{,.sig}
+ 'valid-keyblock-packet.patch'
+ 'protect-tool-env.patch')
+sha1sums=('190c09e6688f688fb0a5cf884d01e240d957ac1f'
+ 'f6e6830610a8629b0aad69d789373bf8ca481733'
+ '474d827f1c2976bb107985047f61ac9096ae0953'
+ '2ec97ba55ae47ff0d63bc813b8c64cb79cef11db')
+
+install=install
+
+conflicts=('gnupg2')
+provides=("gnupg2=${pkgver}")
+replaces=('gnupg2')
+
+build() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ patch -p1 -i ../protect-tool-env.patch # FS#31900
+ patch -p1 -i ../valid-keyblock-packet.patch
+ ./configure --prefix=/usr --libexecdir=/usr/lib/gnupg
+ make
+}
+
+check() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ make check
+}
+
+package() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ make DESTDIR="${pkgdir}" install
+ ln -s gpg2 "${pkgdir}"/usr/bin/gpg
+ ln -s gpgv2 "${pkgdir}"/usr/bin/gpgv
+ ln -s gpg2.1.gz "${pkgdir}"/usr/share/man/man1/gpg.1.gz
+ rm "${pkgdir}/usr/share/gnupg/com-certs.pem" # FS#33059
+}
Copied: gnupg/repos/testing-x86_64/install (from rev 176232, gnupg/trunk/install)
===================================================================
--- testing-x86_64/install (rev 0)
+++ testing-x86_64/install 2013-01-27 22:07:06 UTC (rev 176233)
@@ -0,0 +1,20 @@
+info_dir=/usr/share/info
+info_files=(gnupg.info gnupg.info-1 gnupg.info-2)
+
+post_install() {
+ [ -x usr/bin/install-info ] || return 0
+ for f in ${info_files[@]}; do
+ usr/bin/install-info ${info_dir}/$f ${info_dir}/dir 2> /dev/null
+ done
+}
+
+post_upgrade() {
+ post_install $1
+}
+
+pre_remove() {
+ [ -x usr/bin/install-info ] || return 0
+ for f in ${info_files[@]}; do
+ usr/bin/install-info --delete ${info_dir}/$f ${info_dir}/dir 2> /dev/null
+ done
+}
Copied: gnupg/repos/testing-x86_64/protect-tool-env.patch (from rev 176232, gnupg/trunk/protect-tool-env.patch)
===================================================================
--- testing-x86_64/protect-tool-env.patch (rev 0)
+++ testing-x86_64/protect-tool-env.patch 2013-01-27 22:07:06 UTC (rev 176233)
@@ -0,0 +1,28 @@
+diff -Naur old/agent/protect-tool.c new/agent/protect-tool.c
+--- old/agent/protect-tool.c 2012-12-08 13:53:17.067611957 +1100
++++ new/agent/protect-tool.c 2012-12-08 13:53:28.247633012 +1100
+@@ -102,6 +102,7 @@
+ static int opt_status_msg;
+ static const char *opt_p12_charset;
+ static const char *opt_agent_program;
++static session_env_t opt_session_env;
+
+ static char *get_passphrase (int promptno);
+ static void release_passphrase (char *pw);
+@@ -1040,6 +1041,7 @@
+
+ opt_homedir = default_homedir ();
+
++ opt_session_env = session_env_new ();
+
+ pargs.argc = &argc;
+ pargs.argv = &argv;
+@@ -1091,7 +1093,7 @@
+ opt.verbose,
+ opt_homedir,
+ opt_agent_program,
+- NULL, NULL, NULL);
++ NULL, NULL, opt_session_env);
+
+ if (opt_prompt)
+ opt_prompt = percent_plus_unescape (opt_prompt, 0);
Copied: gnupg/repos/testing-x86_64/valid-keyblock-packet.patch (from rev 176232, gnupg/trunk/valid-keyblock-packet.patch)
===================================================================
--- testing-x86_64/valid-keyblock-packet.patch (rev 0)
+++ testing-x86_64/valid-keyblock-packet.patch 2013-01-27 22:07:06 UTC (rev 176233)
@@ -0,0 +1,61 @@
+From: Werner Koch <wk at gnupg.org>
+Date: Thu, 20 Dec 2012 08:43:41 +0000 (+0100)
+Subject: gpg: Import only packets which are allowed in a keyblock.
+X-Git-Url: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff_plain;h=498882296ffac7987c644aaf2a0aa108a2925471;hp=20c95ef258f8520283406239f7c6f4729341d463
+
+gpg: Import only packets which are allowed in a keyblock.
+
+* g10/import.c (valid_keyblock_packet): New.
+(read_block): Store only valid packets.
+--
+
+A corrupted key, which for example included a mangled public key
+encrypted packet, used to corrupt the keyring. This change skips all
+packets which are not allowed in a keyblock.
+
+GnuPG-bug-id: 1455
+
+(cherry-picked from commit 3a4b96e665fa639772854058737ee3d54ba0694e)
+---
+
+diff --git a/g10/import.c b/g10/import.c
+index ba2439d..ad112d6 100644
+--- a/g10/import.c
++++ b/g10/import.c
+@@ -347,6 +347,27 @@ import_print_stats (void *hd)
+ }
+
+
++/* Return true if PKTTYPE is valid in a keyblock. */
++static int
++valid_keyblock_packet (int pkttype)
++{
++ switch (pkttype)
++ {
++ case PKT_PUBLIC_KEY:
++ case PKT_PUBLIC_SUBKEY:
++ case PKT_SECRET_KEY:
++ case PKT_SECRET_SUBKEY:
++ case PKT_SIGNATURE:
++ case PKT_USER_ID:
++ case PKT_ATTRIBUTE:
++ case PKT_RING_TRUST:
++ return 1;
++ default:
++ return 0;
++ }
++}
++
++
+ /****************
+ * Read the next keyblock from stream A.
+ * PENDING_PKT should be initialzed to NULL
+@@ -424,7 +445,7 @@ read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root )
+ }
+ in_cert = 1;
+ default:
+- if( in_cert ) {
++ if (in_cert && valid_keyblock_packet (pkt->pkttype)) {
+ if( !root )
+ root = new_kbnode( pkt );
+ else
More information about the arch-commits
mailing list