[arch-commits] Commit in gnupg/repos (16 files)
Gaetan Bisson
bisson at nymeria.archlinux.org
Tue Jan 29 03:50:03 UTC 2013
Date: Tuesday, January 29, 2013 @ 04:50:02
Author: bisson
Revision: 176299
db-move: moved gnupg from [testing] to [core] (i686, x86_64)
Added:
gnupg/repos/core-i686/PKGBUILD
(from rev 176298, gnupg/repos/testing-i686/PKGBUILD)
gnupg/repos/core-i686/install
(from rev 176298, gnupg/repos/testing-i686/install)
gnupg/repos/core-i686/protect-tool-env.patch
(from rev 176298, gnupg/repos/testing-i686/protect-tool-env.patch)
gnupg/repos/core-i686/valid-keyblock-packet.patch
(from rev 176298, gnupg/repos/testing-i686/valid-keyblock-packet.patch)
gnupg/repos/core-x86_64/PKGBUILD
(from rev 176298, gnupg/repos/testing-x86_64/PKGBUILD)
gnupg/repos/core-x86_64/install
(from rev 176298, gnupg/repos/testing-x86_64/install)
gnupg/repos/core-x86_64/protect-tool-env.patch
(from rev 176298, gnupg/repos/testing-x86_64/protect-tool-env.patch)
gnupg/repos/core-x86_64/valid-keyblock-packet.patch
(from rev 176298, gnupg/repos/testing-x86_64/valid-keyblock-packet.patch)
Deleted:
gnupg/repos/core-i686/PKGBUILD
gnupg/repos/core-i686/install
gnupg/repos/core-i686/protect-tool-env.patch
gnupg/repos/core-x86_64/PKGBUILD
gnupg/repos/core-x86_64/install
gnupg/repos/core-x86_64/protect-tool-env.patch
gnupg/repos/testing-i686/
gnupg/repos/testing-x86_64/
-----------------------------------------+
core-i686/PKGBUILD | 103 +++++++++++++++---------------
core-i686/install | 40 +++++------
core-i686/protect-tool-env.patch | 56 ++++++++--------
core-i686/valid-keyblock-packet.patch | 61 +++++++++++++++++
core-x86_64/PKGBUILD | 103 +++++++++++++++---------------
core-x86_64/install | 40 +++++------
core-x86_64/protect-tool-env.patch | 56 ++++++++--------
core-x86_64/valid-keyblock-packet.patch | 61 +++++++++++++++++
8 files changed, 324 insertions(+), 196 deletions(-)
Deleted: core-i686/PKGBUILD
===================================================================
--- core-i686/PKGBUILD 2013-01-28 17:54:15 UTC (rev 176298)
+++ core-i686/PKGBUILD 2013-01-29 03:50:02 UTC (rev 176299)
@@ -1,50 +0,0 @@
-# $Id$
-# Maintainer: Gaetan Bisson <bisson at archlinux.org>
-# Contributor: Tobias Powalowski <tpowa at archlinux.org>
-# Contributor: Andreas Radke <andyrtr at archlinux.org>
-# Contributor: Judd Vinet <jvinet at zeroflux.org>
-
-pkgname=gnupg
-pkgver=2.0.19
-pkgrel=4
-pkgdesc='Complete and free implementation of the OpenPGP standard'
-url='http://www.gnupg.org/'
-license=('GPL')
-arch=('i686' 'x86_64')
-optdepends=('curl: gpg2keys_curl'
- 'libldap: gpg2keys_ldap'
- 'libusb-compat: scdaemon')
-makedepends=('curl' 'libldap' 'libusb-compat')
-depends=('bzip2' 'libksba' 'libgcrypt' 'pth' 'libassuan' 'readline' 'pinentry' 'dirmngr')
-source=("ftp://ftp.gnupg.org/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2"{,.sig}
- 'protect-tool-env.patch')
-sha1sums=('190c09e6688f688fb0a5cf884d01e240d957ac1f'
- 'f6e6830610a8629b0aad69d789373bf8ca481733'
- '2ec97ba55ae47ff0d63bc813b8c64cb79cef11db')
-
-install=install
-
-conflicts=('gnupg2')
-provides=("gnupg2=${pkgver}")
-replaces=('gnupg2')
-
-build() {
- cd "${srcdir}/${pkgname}-${pkgver}"
- patch -p1 -i ../protect-tool-env.patch # FS#31900
- ./configure --prefix=/usr --libexecdir=/usr/lib/gnupg
- make
-}
-
-check() {
- cd "${srcdir}/${pkgname}-${pkgver}"
- make check
-}
-
-package() {
- cd "${srcdir}/${pkgname}-${pkgver}"
- make DESTDIR="${pkgdir}" install
- ln -s gpg2 "${pkgdir}"/usr/bin/gpg
- ln -s gpgv2 "${pkgdir}"/usr/bin/gpgv
- ln -s gpg2.1.gz "${pkgdir}"/usr/share/man/man1/gpg.1.gz
- rm "${pkgdir}/usr/share/gnupg/com-certs.pem" # FS#33059
-}
Copied: gnupg/repos/core-i686/PKGBUILD (from rev 176298, gnupg/repos/testing-i686/PKGBUILD)
===================================================================
--- core-i686/PKGBUILD (rev 0)
+++ core-i686/PKGBUILD 2013-01-29 03:50:02 UTC (rev 176299)
@@ -0,0 +1,53 @@
+# $Id$
+# Maintainer: Gaetan Bisson <bisson at archlinux.org>
+# Contributor: Tobias Powalowski <tpowa at archlinux.org>
+# Contributor: Andreas Radke <andyrtr at archlinux.org>
+# Contributor: Judd Vinet <jvinet at zeroflux.org>
+
+pkgname=gnupg
+pkgver=2.0.19
+pkgrel=5
+pkgdesc='Complete and free implementation of the OpenPGP standard'
+url='http://www.gnupg.org/'
+license=('GPL')
+arch=('i686' 'x86_64')
+optdepends=('curl: gpg2keys_curl'
+ 'libldap: gpg2keys_ldap'
+ 'libusb-compat: scdaemon')
+makedepends=('curl' 'libldap' 'libusb-compat')
+depends=('bzip2' 'libksba' 'libgcrypt' 'pth' 'libassuan' 'readline' 'pinentry' 'dirmngr')
+source=("ftp://ftp.gnupg.org/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2"{,.sig}
+ 'valid-keyblock-packet.patch'
+ 'protect-tool-env.patch')
+sha1sums=('190c09e6688f688fb0a5cf884d01e240d957ac1f'
+ 'f6e6830610a8629b0aad69d789373bf8ca481733'
+ '474d827f1c2976bb107985047f61ac9096ae0953'
+ '2ec97ba55ae47ff0d63bc813b8c64cb79cef11db')
+
+install=install
+
+conflicts=('gnupg2')
+provides=("gnupg2=${pkgver}")
+replaces=('gnupg2')
+
+build() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ patch -p1 -i ../protect-tool-env.patch # FS#31900
+ patch -p1 -i ../valid-keyblock-packet.patch
+ ./configure --prefix=/usr --libexecdir=/usr/lib/gnupg
+ make
+}
+
+check() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ make check
+}
+
+package() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ make DESTDIR="${pkgdir}" install
+ ln -s gpg2 "${pkgdir}"/usr/bin/gpg
+ ln -s gpgv2 "${pkgdir}"/usr/bin/gpgv
+ ln -s gpg2.1.gz "${pkgdir}"/usr/share/man/man1/gpg.1.gz
+ rm "${pkgdir}/usr/share/gnupg/com-certs.pem" # FS#33059
+}
Deleted: core-i686/install
===================================================================
--- core-i686/install 2013-01-28 17:54:15 UTC (rev 176298)
+++ core-i686/install 2013-01-29 03:50:02 UTC (rev 176299)
@@ -1,20 +0,0 @@
-info_dir=/usr/share/info
-info_files=(gnupg.info gnupg.info-1 gnupg.info-2)
-
-post_install() {
- [ -x usr/bin/install-info ] || return 0
- for f in ${info_files[@]}; do
- usr/bin/install-info ${info_dir}/$f ${info_dir}/dir 2> /dev/null
- done
-}
-
-post_upgrade() {
- post_install $1
-}
-
-pre_remove() {
- [ -x usr/bin/install-info ] || return 0
- for f in ${info_files[@]}; do
- usr/bin/install-info --delete ${info_dir}/$f ${info_dir}/dir 2> /dev/null
- done
-}
Copied: gnupg/repos/core-i686/install (from rev 176298, gnupg/repos/testing-i686/install)
===================================================================
--- core-i686/install (rev 0)
+++ core-i686/install 2013-01-29 03:50:02 UTC (rev 176299)
@@ -0,0 +1,20 @@
+info_dir=/usr/share/info
+info_files=(gnupg.info gnupg.info-1 gnupg.info-2)
+
+post_install() {
+ [ -x usr/bin/install-info ] || return 0
+ for f in ${info_files[@]}; do
+ usr/bin/install-info ${info_dir}/$f ${info_dir}/dir 2> /dev/null
+ done
+}
+
+post_upgrade() {
+ post_install $1
+}
+
+pre_remove() {
+ [ -x usr/bin/install-info ] || return 0
+ for f in ${info_files[@]}; do
+ usr/bin/install-info --delete ${info_dir}/$f ${info_dir}/dir 2> /dev/null
+ done
+}
Deleted: core-i686/protect-tool-env.patch
===================================================================
--- core-i686/protect-tool-env.patch 2013-01-28 17:54:15 UTC (rev 176298)
+++ core-i686/protect-tool-env.patch 2013-01-29 03:50:02 UTC (rev 176299)
@@ -1,28 +0,0 @@
-diff -Naur old/agent/protect-tool.c new/agent/protect-tool.c
---- old/agent/protect-tool.c 2012-12-08 13:53:17.067611957 +1100
-+++ new/agent/protect-tool.c 2012-12-08 13:53:28.247633012 +1100
-@@ -102,6 +102,7 @@
- static int opt_status_msg;
- static const char *opt_p12_charset;
- static const char *opt_agent_program;
-+static session_env_t opt_session_env;
-
- static char *get_passphrase (int promptno);
- static void release_passphrase (char *pw);
-@@ -1040,6 +1041,7 @@
-
- opt_homedir = default_homedir ();
-
-+ opt_session_env = session_env_new ();
-
- pargs.argc = &argc;
- pargs.argv = &argv;
-@@ -1091,7 +1093,7 @@
- opt.verbose,
- opt_homedir,
- opt_agent_program,
-- NULL, NULL, NULL);
-+ NULL, NULL, opt_session_env);
-
- if (opt_prompt)
- opt_prompt = percent_plus_unescape (opt_prompt, 0);
Copied: gnupg/repos/core-i686/protect-tool-env.patch (from rev 176298, gnupg/repos/testing-i686/protect-tool-env.patch)
===================================================================
--- core-i686/protect-tool-env.patch (rev 0)
+++ core-i686/protect-tool-env.patch 2013-01-29 03:50:02 UTC (rev 176299)
@@ -0,0 +1,28 @@
+diff -Naur old/agent/protect-tool.c new/agent/protect-tool.c
+--- old/agent/protect-tool.c 2012-12-08 13:53:17.067611957 +1100
++++ new/agent/protect-tool.c 2012-12-08 13:53:28.247633012 +1100
+@@ -102,6 +102,7 @@
+ static int opt_status_msg;
+ static const char *opt_p12_charset;
+ static const char *opt_agent_program;
++static session_env_t opt_session_env;
+
+ static char *get_passphrase (int promptno);
+ static void release_passphrase (char *pw);
+@@ -1040,6 +1041,7 @@
+
+ opt_homedir = default_homedir ();
+
++ opt_session_env = session_env_new ();
+
+ pargs.argc = &argc;
+ pargs.argv = &argv;
+@@ -1091,7 +1093,7 @@
+ opt.verbose,
+ opt_homedir,
+ opt_agent_program,
+- NULL, NULL, NULL);
++ NULL, NULL, opt_session_env);
+
+ if (opt_prompt)
+ opt_prompt = percent_plus_unescape (opt_prompt, 0);
Copied: gnupg/repos/core-i686/valid-keyblock-packet.patch (from rev 176298, gnupg/repos/testing-i686/valid-keyblock-packet.patch)
===================================================================
--- core-i686/valid-keyblock-packet.patch (rev 0)
+++ core-i686/valid-keyblock-packet.patch 2013-01-29 03:50:02 UTC (rev 176299)
@@ -0,0 +1,61 @@
+From: Werner Koch <wk at gnupg.org>
+Date: Thu, 20 Dec 2012 08:43:41 +0000 (+0100)
+Subject: gpg: Import only packets which are allowed in a keyblock.
+X-Git-Url: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff_plain;h=498882296ffac7987c644aaf2a0aa108a2925471;hp=20c95ef258f8520283406239f7c6f4729341d463
+
+gpg: Import only packets which are allowed in a keyblock.
+
+* g10/import.c (valid_keyblock_packet): New.
+(read_block): Store only valid packets.
+--
+
+A corrupted key, which for example included a mangled public key
+encrypted packet, used to corrupt the keyring. This change skips all
+packets which are not allowed in a keyblock.
+
+GnuPG-bug-id: 1455
+
+(cherry-picked from commit 3a4b96e665fa639772854058737ee3d54ba0694e)
+---
+
+diff --git a/g10/import.c b/g10/import.c
+index ba2439d..ad112d6 100644
+--- a/g10/import.c
++++ b/g10/import.c
+@@ -347,6 +347,27 @@ import_print_stats (void *hd)
+ }
+
+
++/* Return true if PKTTYPE is valid in a keyblock. */
++static int
++valid_keyblock_packet (int pkttype)
++{
++ switch (pkttype)
++ {
++ case PKT_PUBLIC_KEY:
++ case PKT_PUBLIC_SUBKEY:
++ case PKT_SECRET_KEY:
++ case PKT_SECRET_SUBKEY:
++ case PKT_SIGNATURE:
++ case PKT_USER_ID:
++ case PKT_ATTRIBUTE:
++ case PKT_RING_TRUST:
++ return 1;
++ default:
++ return 0;
++ }
++}
++
++
+ /****************
+ * Read the next keyblock from stream A.
+ * PENDING_PKT should be initialzed to NULL
+@@ -424,7 +445,7 @@ read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root )
+ }
+ in_cert = 1;
+ default:
+- if( in_cert ) {
++ if (in_cert && valid_keyblock_packet (pkt->pkttype)) {
+ if( !root )
+ root = new_kbnode( pkt );
+ else
Deleted: core-x86_64/PKGBUILD
===================================================================
--- core-x86_64/PKGBUILD 2013-01-28 17:54:15 UTC (rev 176298)
+++ core-x86_64/PKGBUILD 2013-01-29 03:50:02 UTC (rev 176299)
@@ -1,50 +0,0 @@
-# $Id$
-# Maintainer: Gaetan Bisson <bisson at archlinux.org>
-# Contributor: Tobias Powalowski <tpowa at archlinux.org>
-# Contributor: Andreas Radke <andyrtr at archlinux.org>
-# Contributor: Judd Vinet <jvinet at zeroflux.org>
-
-pkgname=gnupg
-pkgver=2.0.19
-pkgrel=4
-pkgdesc='Complete and free implementation of the OpenPGP standard'
-url='http://www.gnupg.org/'
-license=('GPL')
-arch=('i686' 'x86_64')
-optdepends=('curl: gpg2keys_curl'
- 'libldap: gpg2keys_ldap'
- 'libusb-compat: scdaemon')
-makedepends=('curl' 'libldap' 'libusb-compat')
-depends=('bzip2' 'libksba' 'libgcrypt' 'pth' 'libassuan' 'readline' 'pinentry' 'dirmngr')
-source=("ftp://ftp.gnupg.org/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2"{,.sig}
- 'protect-tool-env.patch')
-sha1sums=('190c09e6688f688fb0a5cf884d01e240d957ac1f'
- 'f6e6830610a8629b0aad69d789373bf8ca481733'
- '2ec97ba55ae47ff0d63bc813b8c64cb79cef11db')
-
-install=install
-
-conflicts=('gnupg2')
-provides=("gnupg2=${pkgver}")
-replaces=('gnupg2')
-
-build() {
- cd "${srcdir}/${pkgname}-${pkgver}"
- patch -p1 -i ../protect-tool-env.patch # FS#31900
- ./configure --prefix=/usr --libexecdir=/usr/lib/gnupg
- make
-}
-
-check() {
- cd "${srcdir}/${pkgname}-${pkgver}"
- make check
-}
-
-package() {
- cd "${srcdir}/${pkgname}-${pkgver}"
- make DESTDIR="${pkgdir}" install
- ln -s gpg2 "${pkgdir}"/usr/bin/gpg
- ln -s gpgv2 "${pkgdir}"/usr/bin/gpgv
- ln -s gpg2.1.gz "${pkgdir}"/usr/share/man/man1/gpg.1.gz
- rm "${pkgdir}/usr/share/gnupg/com-certs.pem" # FS#33059
-}
Copied: gnupg/repos/core-x86_64/PKGBUILD (from rev 176298, gnupg/repos/testing-x86_64/PKGBUILD)
===================================================================
--- core-x86_64/PKGBUILD (rev 0)
+++ core-x86_64/PKGBUILD 2013-01-29 03:50:02 UTC (rev 176299)
@@ -0,0 +1,53 @@
+# $Id$
+# Maintainer: Gaetan Bisson <bisson at archlinux.org>
+# Contributor: Tobias Powalowski <tpowa at archlinux.org>
+# Contributor: Andreas Radke <andyrtr at archlinux.org>
+# Contributor: Judd Vinet <jvinet at zeroflux.org>
+
+pkgname=gnupg
+pkgver=2.0.19
+pkgrel=5
+pkgdesc='Complete and free implementation of the OpenPGP standard'
+url='http://www.gnupg.org/'
+license=('GPL')
+arch=('i686' 'x86_64')
+optdepends=('curl: gpg2keys_curl'
+ 'libldap: gpg2keys_ldap'
+ 'libusb-compat: scdaemon')
+makedepends=('curl' 'libldap' 'libusb-compat')
+depends=('bzip2' 'libksba' 'libgcrypt' 'pth' 'libassuan' 'readline' 'pinentry' 'dirmngr')
+source=("ftp://ftp.gnupg.org/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2"{,.sig}
+ 'valid-keyblock-packet.patch'
+ 'protect-tool-env.patch')
+sha1sums=('190c09e6688f688fb0a5cf884d01e240d957ac1f'
+ 'f6e6830610a8629b0aad69d789373bf8ca481733'
+ '474d827f1c2976bb107985047f61ac9096ae0953'
+ '2ec97ba55ae47ff0d63bc813b8c64cb79cef11db')
+
+install=install
+
+conflicts=('gnupg2')
+provides=("gnupg2=${pkgver}")
+replaces=('gnupg2')
+
+build() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ patch -p1 -i ../protect-tool-env.patch # FS#31900
+ patch -p1 -i ../valid-keyblock-packet.patch
+ ./configure --prefix=/usr --libexecdir=/usr/lib/gnupg
+ make
+}
+
+check() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ make check
+}
+
+package() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ make DESTDIR="${pkgdir}" install
+ ln -s gpg2 "${pkgdir}"/usr/bin/gpg
+ ln -s gpgv2 "${pkgdir}"/usr/bin/gpgv
+ ln -s gpg2.1.gz "${pkgdir}"/usr/share/man/man1/gpg.1.gz
+ rm "${pkgdir}/usr/share/gnupg/com-certs.pem" # FS#33059
+}
Deleted: core-x86_64/install
===================================================================
--- core-x86_64/install 2013-01-28 17:54:15 UTC (rev 176298)
+++ core-x86_64/install 2013-01-29 03:50:02 UTC (rev 176299)
@@ -1,20 +0,0 @@
-info_dir=/usr/share/info
-info_files=(gnupg.info gnupg.info-1 gnupg.info-2)
-
-post_install() {
- [ -x usr/bin/install-info ] || return 0
- for f in ${info_files[@]}; do
- usr/bin/install-info ${info_dir}/$f ${info_dir}/dir 2> /dev/null
- done
-}
-
-post_upgrade() {
- post_install $1
-}
-
-pre_remove() {
- [ -x usr/bin/install-info ] || return 0
- for f in ${info_files[@]}; do
- usr/bin/install-info --delete ${info_dir}/$f ${info_dir}/dir 2> /dev/null
- done
-}
Copied: gnupg/repos/core-x86_64/install (from rev 176298, gnupg/repos/testing-x86_64/install)
===================================================================
--- core-x86_64/install (rev 0)
+++ core-x86_64/install 2013-01-29 03:50:02 UTC (rev 176299)
@@ -0,0 +1,20 @@
+info_dir=/usr/share/info
+info_files=(gnupg.info gnupg.info-1 gnupg.info-2)
+
+post_install() {
+ [ -x usr/bin/install-info ] || return 0
+ for f in ${info_files[@]}; do
+ usr/bin/install-info ${info_dir}/$f ${info_dir}/dir 2> /dev/null
+ done
+}
+
+post_upgrade() {
+ post_install $1
+}
+
+pre_remove() {
+ [ -x usr/bin/install-info ] || return 0
+ for f in ${info_files[@]}; do
+ usr/bin/install-info --delete ${info_dir}/$f ${info_dir}/dir 2> /dev/null
+ done
+}
Deleted: core-x86_64/protect-tool-env.patch
===================================================================
--- core-x86_64/protect-tool-env.patch 2013-01-28 17:54:15 UTC (rev 176298)
+++ core-x86_64/protect-tool-env.patch 2013-01-29 03:50:02 UTC (rev 176299)
@@ -1,28 +0,0 @@
-diff -Naur old/agent/protect-tool.c new/agent/protect-tool.c
---- old/agent/protect-tool.c 2012-12-08 13:53:17.067611957 +1100
-+++ new/agent/protect-tool.c 2012-12-08 13:53:28.247633012 +1100
-@@ -102,6 +102,7 @@
- static int opt_status_msg;
- static const char *opt_p12_charset;
- static const char *opt_agent_program;
-+static session_env_t opt_session_env;
-
- static char *get_passphrase (int promptno);
- static void release_passphrase (char *pw);
-@@ -1040,6 +1041,7 @@
-
- opt_homedir = default_homedir ();
-
-+ opt_session_env = session_env_new ();
-
- pargs.argc = &argc;
- pargs.argv = &argv;
-@@ -1091,7 +1093,7 @@
- opt.verbose,
- opt_homedir,
- opt_agent_program,
-- NULL, NULL, NULL);
-+ NULL, NULL, opt_session_env);
-
- if (opt_prompt)
- opt_prompt = percent_plus_unescape (opt_prompt, 0);
Copied: gnupg/repos/core-x86_64/protect-tool-env.patch (from rev 176298, gnupg/repos/testing-x86_64/protect-tool-env.patch)
===================================================================
--- core-x86_64/protect-tool-env.patch (rev 0)
+++ core-x86_64/protect-tool-env.patch 2013-01-29 03:50:02 UTC (rev 176299)
@@ -0,0 +1,28 @@
+diff -Naur old/agent/protect-tool.c new/agent/protect-tool.c
+--- old/agent/protect-tool.c 2012-12-08 13:53:17.067611957 +1100
++++ new/agent/protect-tool.c 2012-12-08 13:53:28.247633012 +1100
+@@ -102,6 +102,7 @@
+ static int opt_status_msg;
+ static const char *opt_p12_charset;
+ static const char *opt_agent_program;
++static session_env_t opt_session_env;
+
+ static char *get_passphrase (int promptno);
+ static void release_passphrase (char *pw);
+@@ -1040,6 +1041,7 @@
+
+ opt_homedir = default_homedir ();
+
++ opt_session_env = session_env_new ();
+
+ pargs.argc = &argc;
+ pargs.argv = &argv;
+@@ -1091,7 +1093,7 @@
+ opt.verbose,
+ opt_homedir,
+ opt_agent_program,
+- NULL, NULL, NULL);
++ NULL, NULL, opt_session_env);
+
+ if (opt_prompt)
+ opt_prompt = percent_plus_unescape (opt_prompt, 0);
Copied: gnupg/repos/core-x86_64/valid-keyblock-packet.patch (from rev 176298, gnupg/repos/testing-x86_64/valid-keyblock-packet.patch)
===================================================================
--- core-x86_64/valid-keyblock-packet.patch (rev 0)
+++ core-x86_64/valid-keyblock-packet.patch 2013-01-29 03:50:02 UTC (rev 176299)
@@ -0,0 +1,61 @@
+From: Werner Koch <wk at gnupg.org>
+Date: Thu, 20 Dec 2012 08:43:41 +0000 (+0100)
+Subject: gpg: Import only packets which are allowed in a keyblock.
+X-Git-Url: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff_plain;h=498882296ffac7987c644aaf2a0aa108a2925471;hp=20c95ef258f8520283406239f7c6f4729341d463
+
+gpg: Import only packets which are allowed in a keyblock.
+
+* g10/import.c (valid_keyblock_packet): New.
+(read_block): Store only valid packets.
+--
+
+A corrupted key, which for example included a mangled public key
+encrypted packet, used to corrupt the keyring. This change skips all
+packets which are not allowed in a keyblock.
+
+GnuPG-bug-id: 1455
+
+(cherry-picked from commit 3a4b96e665fa639772854058737ee3d54ba0694e)
+---
+
+diff --git a/g10/import.c b/g10/import.c
+index ba2439d..ad112d6 100644
+--- a/g10/import.c
++++ b/g10/import.c
+@@ -347,6 +347,27 @@ import_print_stats (void *hd)
+ }
+
+
++/* Return true if PKTTYPE is valid in a keyblock. */
++static int
++valid_keyblock_packet (int pkttype)
++{
++ switch (pkttype)
++ {
++ case PKT_PUBLIC_KEY:
++ case PKT_PUBLIC_SUBKEY:
++ case PKT_SECRET_KEY:
++ case PKT_SECRET_SUBKEY:
++ case PKT_SIGNATURE:
++ case PKT_USER_ID:
++ case PKT_ATTRIBUTE:
++ case PKT_RING_TRUST:
++ return 1;
++ default:
++ return 0;
++ }
++}
++
++
+ /****************
+ * Read the next keyblock from stream A.
+ * PENDING_PKT should be initialzed to NULL
+@@ -424,7 +445,7 @@ read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root )
+ }
+ in_cert = 1;
+ default:
+- if( in_cert ) {
++ if (in_cert && valid_keyblock_packet (pkt->pkttype)) {
+ if( !root )
+ root = new_kbnode( pkt );
+ else
More information about the arch-commits
mailing list