[arch-commits] Commit in gnupg/repos (14 files)
Gaetan Bisson
bisson at nymeria.archlinux.org
Wed Jun 25 13:31:54 UTC 2014
Date: Wednesday, June 25, 2014 @ 15:31:54
Author: bisson
Revision: 215438
archrelease: copy trunk to testing-i686, testing-x86_64
Added:
gnupg/repos/testing-i686/PKGBUILD
(from rev 215437, gnupg/trunk/PKGBUILD)
gnupg/repos/testing-i686/filter.patch
(from rev 215437, gnupg/trunk/filter.patch)
gnupg/repos/testing-i686/install
(from rev 215437, gnupg/trunk/install)
gnupg/repos/testing-i686/protect-tool-env.patch
(from rev 215437, gnupg/trunk/protect-tool-env.patch)
gnupg/repos/testing-x86_64/PKGBUILD
(from rev 215437, gnupg/trunk/PKGBUILD)
gnupg/repos/testing-x86_64/filter.patch
(from rev 215437, gnupg/trunk/filter.patch)
gnupg/repos/testing-x86_64/install
(from rev 215437, gnupg/trunk/install)
gnupg/repos/testing-x86_64/protect-tool-env.patch
(from rev 215437, gnupg/trunk/protect-tool-env.patch)
Deleted:
gnupg/repos/testing-i686/PKGBUILD
gnupg/repos/testing-i686/install
gnupg/repos/testing-i686/protect-tool-env.patch
gnupg/repos/testing-x86_64/PKGBUILD
gnupg/repos/testing-x86_64/install
gnupg/repos/testing-x86_64/protect-tool-env.patch
---------------------------------------+
/PKGBUILD | 128 ++++++++++++++++++++++++++
/install | 40 ++++++++
/protect-tool-env.patch | 56 +++++++++++
testing-i686/PKGBUILD | 61 ------------
testing-i686/filter.patch | 153 ++++++++++++++++++++++++++++++++
testing-i686/install | 20 ----
testing-i686/protect-tool-env.patch | 28 -----
testing-x86_64/PKGBUILD | 61 ------------
testing-x86_64/filter.patch | 153 ++++++++++++++++++++++++++++++++
testing-x86_64/install | 20 ----
testing-x86_64/protect-tool-env.patch | 28 -----
11 files changed, 530 insertions(+), 218 deletions(-)
Deleted: testing-i686/PKGBUILD
===================================================================
--- testing-i686/PKGBUILD 2014-06-25 13:31:31 UTC (rev 215437)
+++ testing-i686/PKGBUILD 2014-06-25 13:31:54 UTC (rev 215438)
@@ -1,61 +0,0 @@
-# $Id$
-# Maintainer: Gaetan Bisson <bisson at archlinux.org>
-# Contributor: Tobias Powalowski <tpowa at archlinux.org>
-# Contributor: Andreas Radke <andyrtr at archlinux.org>
-# Contributor: Judd Vinet <jvinet at zeroflux.org>
-
-pkgname=gnupg
-pkgver=2.0.24
-pkgrel=1
-pkgdesc='Complete and free implementation of the OpenPGP standard'
-url='http://www.gnupg.org/'
-license=('GPL')
-arch=('i686' 'x86_64')
-optdepends=('curl: gpg2keys_curl'
- 'libldap: gpg2keys_ldap'
- 'libusb-compat: scdaemon')
-makedepends=('curl' 'libldap' 'libusb-compat')
-depends=('bzip2' 'libksba' 'libgcrypt' 'pth' 'libassuan' 'readline' 'pinentry' 'dirmngr')
-source=("ftp://ftp.gnupg.org/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2"{,.sig}
- 'protect-tool-env.patch')
-sha1sums=('010e027d5f622778cadc4c124013fe515ed705cf' 'SKIP'
- '2ec97ba55ae47ff0d63bc813b8c64cb79cef11db')
-
-install=install
-
-conflicts=('gnupg2')
-provides=("gnupg2=${pkgver}")
-replaces=('gnupg2')
-
-prepare() {
- cd "${srcdir}/${pkgname}-${pkgver}"
- patch -p1 -i ../protect-tool-env.patch # FS#31900
-}
-
-build() {
- cd "${srcdir}/${pkgname}-${pkgver}"
- ./configure \
- --prefix=/usr \
- --sysconfdir=/etc \
- --sbindir=/usr/bin \
- --libexecdir=/usr/lib/gnupg \
- --enable-maintainer-mode \
- --enable-symcryptrun \
- --enable-gpgtar \
-
- make
-}
-
-check() {
- cd "${srcdir}/${pkgname}-${pkgver}"
- make check
-}
-
-package() {
- cd "${srcdir}/${pkgname}-${pkgver}"
- make DESTDIR="${pkgdir}" install
- ln -s gpg2 "${pkgdir}"/usr/bin/gpg
- ln -s gpgv2 "${pkgdir}"/usr/bin/gpgv
- ln -s gpg2.1.gz "${pkgdir}"/usr/share/man/man1/gpg.1.gz
- rm "${pkgdir}/usr/share/gnupg/com-certs.pem" # FS#33059
-}
Copied: gnupg/repos/testing-i686/PKGBUILD (from rev 215437, gnupg/trunk/PKGBUILD)
===================================================================
--- testing-i686/PKGBUILD (rev 0)
+++ testing-i686/PKGBUILD 2014-06-25 13:31:54 UTC (rev 215438)
@@ -0,0 +1,64 @@
+# $Id$
+# Maintainer: Gaetan Bisson <bisson at archlinux.org>
+# Contributor: Tobias Powalowski <tpowa at archlinux.org>
+# Contributor: Andreas Radke <andyrtr at archlinux.org>
+# Contributor: Judd Vinet <jvinet at zeroflux.org>
+
+pkgname=gnupg
+pkgver=2.0.24
+pkgrel=2
+pkgdesc='Complete and free implementation of the OpenPGP standard'
+url='http://www.gnupg.org/'
+license=('GPL')
+arch=('i686' 'x86_64')
+optdepends=('curl: gpg2keys_curl'
+ 'libldap: gpg2keys_ldap'
+ 'libusb-compat: scdaemon')
+makedepends=('curl' 'libldap' 'libusb-compat')
+depends=('bzip2' 'libksba' 'libgcrypt' 'pth' 'libassuan' 'readline' 'pinentry' 'dirmngr')
+source=("ftp://ftp.gnupg.org/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2"{,.sig}
+ 'protect-tool-env.patch'
+ 'filter.patch')
+sha1sums=('010e027d5f622778cadc4c124013fe515ed705cf' 'SKIP'
+ '2ec97ba55ae47ff0d63bc813b8c64cb79cef11db'
+ 'e99aa2b725342aee188d706b42d392efb2389cf4')
+
+install=install
+
+conflicts=('gnupg2')
+provides=("gnupg2=${pkgver}")
+replaces=('gnupg2')
+
+prepare() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ patch -p1 -i ../protect-tool-env.patch # FS#31900
+ patch -p1 -i ../filter.patch
+}
+
+build() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ ./configure \
+ --prefix=/usr \
+ --sysconfdir=/etc \
+ --sbindir=/usr/bin \
+ --libexecdir=/usr/lib/gnupg \
+ --enable-maintainer-mode \
+ --enable-symcryptrun \
+ --enable-gpgtar \
+
+ make
+}
+
+check() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ make check
+}
+
+package() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ make DESTDIR="${pkgdir}" install
+ ln -s gpg2 "${pkgdir}"/usr/bin/gpg
+ ln -s gpgv2 "${pkgdir}"/usr/bin/gpgv
+ ln -s gpg2.1.gz "${pkgdir}"/usr/share/man/man1/gpg.1.gz
+ rm "${pkgdir}/usr/share/gnupg/com-certs.pem" # FS#33059
+}
Copied: gnupg/repos/testing-i686/filter.patch (from rev 215437, gnupg/trunk/filter.patch)
===================================================================
--- testing-i686/filter.patch (rev 0)
+++ testing-i686/filter.patch 2014-06-25 13:31:54 UTC (rev 215438)
@@ -0,0 +1,153 @@
+Hi,
+
+please give the batch below a try. It works for me but before I do
+another release, I would like a second test.
+
+
+Shalom-Salam,
+
+ Werner
+
+From 044847a0e2013a2833605c1a9f80cfa6ef353309 Mon Sep 17 00:00:00 2001
+From: Werner Koch <wk at gnupg.org>
+Date: Wed, 25 Jun 2014 14:33:34 +0200
+Subject: [PATCH] gpg: Make screening of keyserver result work with multi-key
+ commands.
+
+* g10/keyserver.c (ks_retrieval_filter_arg_s): new.
+(keyserver_retrieval_filter): Use new struct and check all
+descriptions.
+(keyserver_spawn): Pass filter arg suing the new struct.
+--
+
+This is a fix for commit 5e933008.
+
+The old code did only work for a single key. It failed as soon as
+several keys are specified ("gpg --refresh-keys" or "gpg --recv-key A
+B C").
+---
+ g10/keyserver.c | 68 ++++++++++++++++++++++++++++++++++++++-------------------
+ 1 file changed, 45 insertions(+), 23 deletions(-)
+
+diff --git a/g10/keyserver.c b/g10/keyserver.c
+index 83a4b95..aa41536 100644
+--- a/g10/keyserver.c
++++ b/g10/keyserver.c
+@@ -982,13 +982,25 @@ direct_uri_map(const char *scheme,unsigned int is_direct)
+ #define KEYSERVER_ARGS_NOKEEP " -o \"%o\" \"%i\""
+
+
++/* Structure to convey the arg to keyserver_retrieval_filter. */
++struct ks_retrieval_filter_arg_s
++{
++ KEYDB_SEARCH_DESC *desc;
++ int ndesc;
++};
++
++
+ /* Check whether a key matches the search description. The filter
+ returns 0 if the key shall be imported. Note that this kind of
+ filter is not related to the iobuf filters. */
+ static int
+-keyserver_retrieval_filter (PKT_public_key *pk, PKT_secret_key *sk, void *arg)
++keyserver_retrieval_filter (PKT_public_key *pk, PKT_secret_key *sk,
++ void *opaque)
+ {
+- KEYDB_SEARCH_DESC *desc = arg;
++ struct ks_retrieval_filter_arg_s *arg = opaque;
++ KEYDB_SEARCH_DESC *desc = arg->desc;
++ int ndesc = arg->ndesc;
++ int n;
+ u32 keyid[2];
+ byte fpr[MAX_FINGERPRINT_LEN];
+ size_t fpr_len = 0;
+@@ -997,32 +1009,40 @@ keyserver_retrieval_filter (PKT_public_key *pk, PKT_secret_key *sk, void *arg)
+ if (sk)
+ return G10ERR_GENERAL;
+
++ if (!ndesc)
++ return 0; /* Okay if no description given. */
++
+ fingerprint_from_pk (pk, fpr, &fpr_len);
+ keyid_from_pk (pk, keyid);
+
+ /* Compare requested and returned fingerprints if available. */
+- if (desc->mode == KEYDB_SEARCH_MODE_FPR20)
+- {
+- if (fpr_len != 20 || memcmp (fpr, desc->u.fpr, 20))
+- return G10ERR_GENERAL;
+- }
+- else if (desc->mode == KEYDB_SEARCH_MODE_FPR16)
+- {
+- if (fpr_len != 16 || memcmp (fpr, desc->u.fpr, 16))
+- return G10ERR_GENERAL;
+- }
+- else if (desc->mode == KEYDB_SEARCH_MODE_LONG_KID)
+- {
+- if (keyid[0] != desc->u.kid[0] || keyid[1] != desc->u.kid[1])
+- return G10ERR_GENERAL;
+- }
+- else if (desc->mode == KEYDB_SEARCH_MODE_SHORT_KID)
++ for (n = 0; n < ndesc; n++)
+ {
+- if (keyid[1] != desc->u.kid[1])
+- return G10ERR_GENERAL;
++ if (desc[n].mode == KEYDB_SEARCH_MODE_FPR20)
++ {
++ if (fpr_len == 20 && !memcmp (fpr, desc[n].u.fpr, 20))
++ return 0;
++ }
++ else if (desc[n].mode == KEYDB_SEARCH_MODE_FPR16)
++ {
++ if (fpr_len == 16 && !memcmp (fpr, desc[n].u.fpr, 16))
++ return 0;
++ }
++ else if (desc[n].mode == KEYDB_SEARCH_MODE_LONG_KID)
++ {
++ if (keyid[0] == desc[n].u.kid[0] && keyid[1] == desc[n].u.kid[1])
++ return 0;
++ }
++ else if (desc[n].mode == KEYDB_SEARCH_MODE_SHORT_KID)
++ {
++ if (keyid[1] == desc[n].u.kid[1])
++ return 0;
++ }
++ else
++ return 0;
+ }
+
+- return 0;
++ return G10ERR_GENERAL;
+ }
+
+
+@@ -1535,6 +1555,7 @@ keyserver_spawn (enum ks_action action, strlist_t list, KEYDB_SEARCH_DESC *desc,
+ case KS_GETNAME:
+ {
+ void *stats_handle;
++ struct ks_retrieval_filter_arg_s filterarg;
+
+ stats_handle=import_new_stats_handle();
+
+@@ -1547,11 +1568,12 @@ keyserver_spawn (enum ks_action action, strlist_t list, KEYDB_SEARCH_DESC *desc,
+ that we don't allow the import of secret keys from a
+ keyserver. Keyservers should never accept or send them
+ but we better protect against rogue keyservers. */
+-
++ filterarg.desc = desc;
++ filterarg.ndesc = count;
+ import_keys_stream (spawn->fromchild, stats_handle, fpr, fpr_len,
+ (opt.keyserver_options.import_options
+ | IMPORT_NO_SECKEY),
+- keyserver_retrieval_filter, desc);
++ keyserver_retrieval_filter, &filterarg);
+
+ import_print_stats(stats_handle);
+ import_release_stats_handle(stats_handle);
+--
+1.8.4.3
+
+
+
+--
+Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
Deleted: testing-i686/install
===================================================================
--- testing-i686/install 2014-06-25 13:31:31 UTC (rev 215437)
+++ testing-i686/install 2014-06-25 13:31:54 UTC (rev 215438)
@@ -1,20 +0,0 @@
-info_dir=/usr/share/info
-info_files=(gnupg.info gnupg.info-1 gnupg.info-2)
-
-post_install() {
- [ -x usr/bin/install-info ] || return 0
- for f in ${info_files[@]}; do
- usr/bin/install-info ${info_dir}/$f ${info_dir}/dir 2> /dev/null
- done
-}
-
-post_upgrade() {
- post_install $1
-}
-
-pre_remove() {
- [ -x usr/bin/install-info ] || return 0
- for f in ${info_files[@]}; do
- usr/bin/install-info --delete ${info_dir}/$f ${info_dir}/dir 2> /dev/null
- done
-}
Copied: gnupg/repos/testing-i686/install (from rev 215437, gnupg/trunk/install)
===================================================================
--- testing-i686/install (rev 0)
+++ testing-i686/install 2014-06-25 13:31:54 UTC (rev 215438)
@@ -0,0 +1,20 @@
+info_dir=/usr/share/info
+info_files=(gnupg.info gnupg.info-1 gnupg.info-2)
+
+post_install() {
+ [ -x usr/bin/install-info ] || return 0
+ for f in ${info_files[@]}; do
+ usr/bin/install-info ${info_dir}/$f ${info_dir}/dir 2> /dev/null
+ done
+}
+
+post_upgrade() {
+ post_install $1
+}
+
+pre_remove() {
+ [ -x usr/bin/install-info ] || return 0
+ for f in ${info_files[@]}; do
+ usr/bin/install-info --delete ${info_dir}/$f ${info_dir}/dir 2> /dev/null
+ done
+}
Deleted: testing-i686/protect-tool-env.patch
===================================================================
--- testing-i686/protect-tool-env.patch 2014-06-25 13:31:31 UTC (rev 215437)
+++ testing-i686/protect-tool-env.patch 2014-06-25 13:31:54 UTC (rev 215438)
@@ -1,28 +0,0 @@
-diff -Naur old/agent/protect-tool.c new/agent/protect-tool.c
---- old/agent/protect-tool.c 2012-12-08 13:53:17.067611957 +1100
-+++ new/agent/protect-tool.c 2012-12-08 13:53:28.247633012 +1100
-@@ -102,6 +102,7 @@
- static int opt_status_msg;
- static const char *opt_p12_charset;
- static const char *opt_agent_program;
-+static session_env_t opt_session_env;
-
- static char *get_passphrase (int promptno);
- static void release_passphrase (char *pw);
-@@ -1040,6 +1041,7 @@
-
- opt_homedir = default_homedir ();
-
-+ opt_session_env = session_env_new ();
-
- pargs.argc = &argc;
- pargs.argv = &argv;
-@@ -1091,7 +1093,7 @@
- opt.verbose,
- opt_homedir,
- opt_agent_program,
-- NULL, NULL, NULL);
-+ NULL, NULL, opt_session_env);
-
- if (opt_prompt)
- opt_prompt = percent_plus_unescape (opt_prompt, 0);
Copied: gnupg/repos/testing-i686/protect-tool-env.patch (from rev 215437, gnupg/trunk/protect-tool-env.patch)
===================================================================
--- testing-i686/protect-tool-env.patch (rev 0)
+++ testing-i686/protect-tool-env.patch 2014-06-25 13:31:54 UTC (rev 215438)
@@ -0,0 +1,28 @@
+diff -Naur old/agent/protect-tool.c new/agent/protect-tool.c
+--- old/agent/protect-tool.c 2012-12-08 13:53:17.067611957 +1100
++++ new/agent/protect-tool.c 2012-12-08 13:53:28.247633012 +1100
+@@ -102,6 +102,7 @@
+ static int opt_status_msg;
+ static const char *opt_p12_charset;
+ static const char *opt_agent_program;
++static session_env_t opt_session_env;
+
+ static char *get_passphrase (int promptno);
+ static void release_passphrase (char *pw);
+@@ -1040,6 +1041,7 @@
+
+ opt_homedir = default_homedir ();
+
++ opt_session_env = session_env_new ();
+
+ pargs.argc = &argc;
+ pargs.argv = &argv;
+@@ -1091,7 +1093,7 @@
+ opt.verbose,
+ opt_homedir,
+ opt_agent_program,
+- NULL, NULL, NULL);
++ NULL, NULL, opt_session_env);
+
+ if (opt_prompt)
+ opt_prompt = percent_plus_unescape (opt_prompt, 0);
Deleted: testing-x86_64/PKGBUILD
===================================================================
--- testing-x86_64/PKGBUILD 2014-06-25 13:31:31 UTC (rev 215437)
+++ testing-x86_64/PKGBUILD 2014-06-25 13:31:54 UTC (rev 215438)
@@ -1,61 +0,0 @@
-# $Id$
-# Maintainer: Gaetan Bisson <bisson at archlinux.org>
-# Contributor: Tobias Powalowski <tpowa at archlinux.org>
-# Contributor: Andreas Radke <andyrtr at archlinux.org>
-# Contributor: Judd Vinet <jvinet at zeroflux.org>
-
-pkgname=gnupg
-pkgver=2.0.24
-pkgrel=1
-pkgdesc='Complete and free implementation of the OpenPGP standard'
-url='http://www.gnupg.org/'
-license=('GPL')
-arch=('i686' 'x86_64')
-optdepends=('curl: gpg2keys_curl'
- 'libldap: gpg2keys_ldap'
- 'libusb-compat: scdaemon')
-makedepends=('curl' 'libldap' 'libusb-compat')
-depends=('bzip2' 'libksba' 'libgcrypt' 'pth' 'libassuan' 'readline' 'pinentry' 'dirmngr')
-source=("ftp://ftp.gnupg.org/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2"{,.sig}
- 'protect-tool-env.patch')
-sha1sums=('010e027d5f622778cadc4c124013fe515ed705cf' 'SKIP'
- '2ec97ba55ae47ff0d63bc813b8c64cb79cef11db')
-
-install=install
-
-conflicts=('gnupg2')
-provides=("gnupg2=${pkgver}")
-replaces=('gnupg2')
-
-prepare() {
- cd "${srcdir}/${pkgname}-${pkgver}"
- patch -p1 -i ../protect-tool-env.patch # FS#31900
-}
-
-build() {
- cd "${srcdir}/${pkgname}-${pkgver}"
- ./configure \
- --prefix=/usr \
- --sysconfdir=/etc \
- --sbindir=/usr/bin \
- --libexecdir=/usr/lib/gnupg \
- --enable-maintainer-mode \
- --enable-symcryptrun \
- --enable-gpgtar \
-
- make
-}
-
-check() {
- cd "${srcdir}/${pkgname}-${pkgver}"
- make check
-}
-
-package() {
- cd "${srcdir}/${pkgname}-${pkgver}"
- make DESTDIR="${pkgdir}" install
- ln -s gpg2 "${pkgdir}"/usr/bin/gpg
- ln -s gpgv2 "${pkgdir}"/usr/bin/gpgv
- ln -s gpg2.1.gz "${pkgdir}"/usr/share/man/man1/gpg.1.gz
- rm "${pkgdir}/usr/share/gnupg/com-certs.pem" # FS#33059
-}
Copied: gnupg/repos/testing-x86_64/PKGBUILD (from rev 215437, gnupg/trunk/PKGBUILD)
===================================================================
--- testing-x86_64/PKGBUILD (rev 0)
+++ testing-x86_64/PKGBUILD 2014-06-25 13:31:54 UTC (rev 215438)
@@ -0,0 +1,64 @@
+# $Id$
+# Maintainer: Gaetan Bisson <bisson at archlinux.org>
+# Contributor: Tobias Powalowski <tpowa at archlinux.org>
+# Contributor: Andreas Radke <andyrtr at archlinux.org>
+# Contributor: Judd Vinet <jvinet at zeroflux.org>
+
+pkgname=gnupg
+pkgver=2.0.24
+pkgrel=2
+pkgdesc='Complete and free implementation of the OpenPGP standard'
+url='http://www.gnupg.org/'
+license=('GPL')
+arch=('i686' 'x86_64')
+optdepends=('curl: gpg2keys_curl'
+ 'libldap: gpg2keys_ldap'
+ 'libusb-compat: scdaemon')
+makedepends=('curl' 'libldap' 'libusb-compat')
+depends=('bzip2' 'libksba' 'libgcrypt' 'pth' 'libassuan' 'readline' 'pinentry' 'dirmngr')
+source=("ftp://ftp.gnupg.org/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2"{,.sig}
+ 'protect-tool-env.patch'
+ 'filter.patch')
+sha1sums=('010e027d5f622778cadc4c124013fe515ed705cf' 'SKIP'
+ '2ec97ba55ae47ff0d63bc813b8c64cb79cef11db'
+ 'e99aa2b725342aee188d706b42d392efb2389cf4')
+
+install=install
+
+conflicts=('gnupg2')
+provides=("gnupg2=${pkgver}")
+replaces=('gnupg2')
+
+prepare() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ patch -p1 -i ../protect-tool-env.patch # FS#31900
+ patch -p1 -i ../filter.patch
+}
+
+build() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ ./configure \
+ --prefix=/usr \
+ --sysconfdir=/etc \
+ --sbindir=/usr/bin \
+ --libexecdir=/usr/lib/gnupg \
+ --enable-maintainer-mode \
+ --enable-symcryptrun \
+ --enable-gpgtar \
+
+ make
+}
+
+check() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ make check
+}
+
+package() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ make DESTDIR="${pkgdir}" install
+ ln -s gpg2 "${pkgdir}"/usr/bin/gpg
+ ln -s gpgv2 "${pkgdir}"/usr/bin/gpgv
+ ln -s gpg2.1.gz "${pkgdir}"/usr/share/man/man1/gpg.1.gz
+ rm "${pkgdir}/usr/share/gnupg/com-certs.pem" # FS#33059
+}
Copied: gnupg/repos/testing-x86_64/filter.patch (from rev 215437, gnupg/trunk/filter.patch)
===================================================================
--- testing-x86_64/filter.patch (rev 0)
+++ testing-x86_64/filter.patch 2014-06-25 13:31:54 UTC (rev 215438)
@@ -0,0 +1,153 @@
+Hi,
+
+please give the batch below a try. It works for me but before I do
+another release, I would like a second test.
+
+
+Shalom-Salam,
+
+ Werner
+
+From 044847a0e2013a2833605c1a9f80cfa6ef353309 Mon Sep 17 00:00:00 2001
+From: Werner Koch <wk at gnupg.org>
+Date: Wed, 25 Jun 2014 14:33:34 +0200
+Subject: [PATCH] gpg: Make screening of keyserver result work with multi-key
+ commands.
+
+* g10/keyserver.c (ks_retrieval_filter_arg_s): new.
+(keyserver_retrieval_filter): Use new struct and check all
+descriptions.
+(keyserver_spawn): Pass filter arg suing the new struct.
+--
+
+This is a fix for commit 5e933008.
+
+The old code did only work for a single key. It failed as soon as
+several keys are specified ("gpg --refresh-keys" or "gpg --recv-key A
+B C").
+---
+ g10/keyserver.c | 68 ++++++++++++++++++++++++++++++++++++++-------------------
+ 1 file changed, 45 insertions(+), 23 deletions(-)
+
+diff --git a/g10/keyserver.c b/g10/keyserver.c
+index 83a4b95..aa41536 100644
+--- a/g10/keyserver.c
++++ b/g10/keyserver.c
+@@ -982,13 +982,25 @@ direct_uri_map(const char *scheme,unsigned int is_direct)
+ #define KEYSERVER_ARGS_NOKEEP " -o \"%o\" \"%i\""
+
+
++/* Structure to convey the arg to keyserver_retrieval_filter. */
++struct ks_retrieval_filter_arg_s
++{
++ KEYDB_SEARCH_DESC *desc;
++ int ndesc;
++};
++
++
+ /* Check whether a key matches the search description. The filter
+ returns 0 if the key shall be imported. Note that this kind of
+ filter is not related to the iobuf filters. */
+ static int
+-keyserver_retrieval_filter (PKT_public_key *pk, PKT_secret_key *sk, void *arg)
++keyserver_retrieval_filter (PKT_public_key *pk, PKT_secret_key *sk,
++ void *opaque)
+ {
+- KEYDB_SEARCH_DESC *desc = arg;
++ struct ks_retrieval_filter_arg_s *arg = opaque;
++ KEYDB_SEARCH_DESC *desc = arg->desc;
++ int ndesc = arg->ndesc;
++ int n;
+ u32 keyid[2];
+ byte fpr[MAX_FINGERPRINT_LEN];
+ size_t fpr_len = 0;
+@@ -997,32 +1009,40 @@ keyserver_retrieval_filter (PKT_public_key *pk, PKT_secret_key *sk, void *arg)
+ if (sk)
+ return G10ERR_GENERAL;
+
++ if (!ndesc)
++ return 0; /* Okay if no description given. */
++
+ fingerprint_from_pk (pk, fpr, &fpr_len);
+ keyid_from_pk (pk, keyid);
+
+ /* Compare requested and returned fingerprints if available. */
+- if (desc->mode == KEYDB_SEARCH_MODE_FPR20)
+- {
+- if (fpr_len != 20 || memcmp (fpr, desc->u.fpr, 20))
+- return G10ERR_GENERAL;
+- }
+- else if (desc->mode == KEYDB_SEARCH_MODE_FPR16)
+- {
+- if (fpr_len != 16 || memcmp (fpr, desc->u.fpr, 16))
+- return G10ERR_GENERAL;
+- }
+- else if (desc->mode == KEYDB_SEARCH_MODE_LONG_KID)
+- {
+- if (keyid[0] != desc->u.kid[0] || keyid[1] != desc->u.kid[1])
+- return G10ERR_GENERAL;
+- }
+- else if (desc->mode == KEYDB_SEARCH_MODE_SHORT_KID)
++ for (n = 0; n < ndesc; n++)
+ {
+- if (keyid[1] != desc->u.kid[1])
+- return G10ERR_GENERAL;
++ if (desc[n].mode == KEYDB_SEARCH_MODE_FPR20)
++ {
++ if (fpr_len == 20 && !memcmp (fpr, desc[n].u.fpr, 20))
++ return 0;
++ }
++ else if (desc[n].mode == KEYDB_SEARCH_MODE_FPR16)
++ {
++ if (fpr_len == 16 && !memcmp (fpr, desc[n].u.fpr, 16))
++ return 0;
++ }
++ else if (desc[n].mode == KEYDB_SEARCH_MODE_LONG_KID)
++ {
++ if (keyid[0] == desc[n].u.kid[0] && keyid[1] == desc[n].u.kid[1])
++ return 0;
++ }
++ else if (desc[n].mode == KEYDB_SEARCH_MODE_SHORT_KID)
++ {
++ if (keyid[1] == desc[n].u.kid[1])
++ return 0;
++ }
++ else
++ return 0;
+ }
+
+- return 0;
++ return G10ERR_GENERAL;
+ }
+
+
+@@ -1535,6 +1555,7 @@ keyserver_spawn (enum ks_action action, strlist_t list, KEYDB_SEARCH_DESC *desc,
+ case KS_GETNAME:
+ {
+ void *stats_handle;
++ struct ks_retrieval_filter_arg_s filterarg;
+
+ stats_handle=import_new_stats_handle();
+
+@@ -1547,11 +1568,12 @@ keyserver_spawn (enum ks_action action, strlist_t list, KEYDB_SEARCH_DESC *desc,
+ that we don't allow the import of secret keys from a
+ keyserver. Keyservers should never accept or send them
+ but we better protect against rogue keyservers. */
+-
++ filterarg.desc = desc;
++ filterarg.ndesc = count;
+ import_keys_stream (spawn->fromchild, stats_handle, fpr, fpr_len,
+ (opt.keyserver_options.import_options
+ | IMPORT_NO_SECKEY),
+- keyserver_retrieval_filter, desc);
++ keyserver_retrieval_filter, &filterarg);
+
+ import_print_stats(stats_handle);
+ import_release_stats_handle(stats_handle);
+--
+1.8.4.3
+
+
+
+--
+Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
Deleted: testing-x86_64/install
===================================================================
--- testing-x86_64/install 2014-06-25 13:31:31 UTC (rev 215437)
+++ testing-x86_64/install 2014-06-25 13:31:54 UTC (rev 215438)
@@ -1,20 +0,0 @@
-info_dir=/usr/share/info
-info_files=(gnupg.info gnupg.info-1 gnupg.info-2)
-
-post_install() {
- [ -x usr/bin/install-info ] || return 0
- for f in ${info_files[@]}; do
- usr/bin/install-info ${info_dir}/$f ${info_dir}/dir 2> /dev/null
- done
-}
-
-post_upgrade() {
- post_install $1
-}
-
-pre_remove() {
- [ -x usr/bin/install-info ] || return 0
- for f in ${info_files[@]}; do
- usr/bin/install-info --delete ${info_dir}/$f ${info_dir}/dir 2> /dev/null
- done
-}
Copied: gnupg/repos/testing-x86_64/install (from rev 215437, gnupg/trunk/install)
===================================================================
--- testing-x86_64/install (rev 0)
+++ testing-x86_64/install 2014-06-25 13:31:54 UTC (rev 215438)
@@ -0,0 +1,20 @@
+info_dir=/usr/share/info
+info_files=(gnupg.info gnupg.info-1 gnupg.info-2)
+
+post_install() {
+ [ -x usr/bin/install-info ] || return 0
+ for f in ${info_files[@]}; do
+ usr/bin/install-info ${info_dir}/$f ${info_dir}/dir 2> /dev/null
+ done
+}
+
+post_upgrade() {
+ post_install $1
+}
+
+pre_remove() {
+ [ -x usr/bin/install-info ] || return 0
+ for f in ${info_files[@]}; do
+ usr/bin/install-info --delete ${info_dir}/$f ${info_dir}/dir 2> /dev/null
+ done
+}
Deleted: testing-x86_64/protect-tool-env.patch
===================================================================
--- testing-x86_64/protect-tool-env.patch 2014-06-25 13:31:31 UTC (rev 215437)
+++ testing-x86_64/protect-tool-env.patch 2014-06-25 13:31:54 UTC (rev 215438)
@@ -1,28 +0,0 @@
-diff -Naur old/agent/protect-tool.c new/agent/protect-tool.c
---- old/agent/protect-tool.c 2012-12-08 13:53:17.067611957 +1100
-+++ new/agent/protect-tool.c 2012-12-08 13:53:28.247633012 +1100
-@@ -102,6 +102,7 @@
- static int opt_status_msg;
- static const char *opt_p12_charset;
- static const char *opt_agent_program;
-+static session_env_t opt_session_env;
-
- static char *get_passphrase (int promptno);
- static void release_passphrase (char *pw);
-@@ -1040,6 +1041,7 @@
-
- opt_homedir = default_homedir ();
-
-+ opt_session_env = session_env_new ();
-
- pargs.argc = &argc;
- pargs.argv = &argv;
-@@ -1091,7 +1093,7 @@
- opt.verbose,
- opt_homedir,
- opt_agent_program,
-- NULL, NULL, NULL);
-+ NULL, NULL, opt_session_env);
-
- if (opt_prompt)
- opt_prompt = percent_plus_unescape (opt_prompt, 0);
Copied: gnupg/repos/testing-x86_64/protect-tool-env.patch (from rev 215437, gnupg/trunk/protect-tool-env.patch)
===================================================================
--- testing-x86_64/protect-tool-env.patch (rev 0)
+++ testing-x86_64/protect-tool-env.patch 2014-06-25 13:31:54 UTC (rev 215438)
@@ -0,0 +1,28 @@
+diff -Naur old/agent/protect-tool.c new/agent/protect-tool.c
+--- old/agent/protect-tool.c 2012-12-08 13:53:17.067611957 +1100
++++ new/agent/protect-tool.c 2012-12-08 13:53:28.247633012 +1100
+@@ -102,6 +102,7 @@
+ static int opt_status_msg;
+ static const char *opt_p12_charset;
+ static const char *opt_agent_program;
++static session_env_t opt_session_env;
+
+ static char *get_passphrase (int promptno);
+ static void release_passphrase (char *pw);
+@@ -1040,6 +1041,7 @@
+
+ opt_homedir = default_homedir ();
+
++ opt_session_env = session_env_new ();
+
+ pargs.argc = &argc;
+ pargs.argv = &argv;
+@@ -1091,7 +1093,7 @@
+ opt.verbose,
+ opt_homedir,
+ opt_agent_program,
+- NULL, NULL, NULL);
++ NULL, NULL, opt_session_env);
+
+ if (opt_prompt)
+ opt_prompt = percent_plus_unescape (opt_prompt, 0);
More information about the arch-commits
mailing list