update to 2.4.0 (#2155170)

Rebase the patch which allows importing of keys without UIDs. The code changed slightly with upstream 7aaedfb10 (gpg: Import stray revocation certificates., 2022-10-28). Bump the minimum required libksba to 1.6.3, per upstream fc8b81128 (Update NEWS for 2.4.0, 2022-12-16). Also increase libgpg-error to 1.46, per upstream c51139f2b (agent,w32: Support Win32-OpenSSH emulation by gpg-agent., 2022-10-14). Fix broken GPGME tests with the patch attached to T6313¹. The patch is edited to apply the changes to Makefile.in rather than Makefile.am. That avoids the need to run autoreconf. ¹ https://dev.gnupg.org/T6313#166375
2022-12-20 21:39:15 -05:00 · 2022-12-20 21:39:15 -05:00 · 23b2090dcb
commit 23b2090dcb
parent 1290f085e2
3 changed files with 85 additions and 15 deletions
--- a/gnupg-2.2.18-gpg-allow-import-of-previously-known-keys-even-without-UI.patch
+++ b/gnupg-2.2.18-gpg-allow-import-of-previously-known-keys-even-without-UI.patch
@ -1,3 +1,4 @@
+From c9485d59f735dbf7509a0136a896fe76f9cc915a Mon Sep 17 00:00:00 2001
 From: Vincent Breitmoser <look@my.amazin.horse>
 Date: Thu, 13 Jun 2019 21:27:42 +0200
 Subject: gpg: allow import of previously known keys, even without UIDs
@ -13,14 +14,14 @@ This fixes two of the three broken tests in import-incomplete.scm.
 GnuPG-Bug-id: 4393
 Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
 ---
- g10/import.c | 44 +++++++++++---------------------------------
- 1 file changed, 11 insertions(+), 33 deletions(-)
+ g10/import.c | 45 +++++++++++----------------------------------
+ 1 file changed, 11 insertions(+), 34 deletions(-)

 diff --git a/g10/import.c b/g10/import.c
-index 5d3162c..f9acf95 100644
+index 9fab46ca6..c70a6221c 100644
 --- a/g10/import.c
 +++ b/g10/import.c
-@@ -1788,7 +1788,6 @@ import_one_real (ctrl_t ctrl,
+@@ -1954,7 +1954,6 @@ import_one_real (ctrl_t ctrl,
   size_t an;
   char pkstrbuf[PUBKEY_STRING_SIZE];
   int merge_keys_done = 0;
@ -28,7 +29,7 @@ index 5d3162c..f9acf95 100644
   KEYDB_HANDLE hd = NULL;
 
   if (r_valid)
-@@ -1825,14 +1824,6 @@ import_one_real (ctrl_t ctrl,
+@@ -1991,14 +1990,6 @@ import_one_real (ctrl_t ctrl,
       log_printf ("\n");
     }
 
@ -43,12 +44,12 @@ index 5d3162c..f9acf95 100644
   if (screener && screener (keyblock, screener_arg))
     {
       log_error (_("key %s: %s\n"), keystr_from_pk (pk),
-@@ -1907,18 +1898,10 @@ import_one_real (ctrl_t ctrl,
+@@ -2078,18 +2069,10 @@ import_one_real (ctrl_t ctrl,
 	  }
     }
 
 -  /* Delete invalid parts and bail out if there are no user ids left.  */
-  if (!delete_inv_parts (ctrl, keyblock, keyid, options))
+-  if (!delete_inv_parts (ctrl, keyblock, keyid, options, otherrevsigs))
 -    {
 -      if (!silent)
 -        {
@ -62,11 +63,11 @@ index 5d3162c..f9acf95 100644
 +  /* Delete invalid parts, and note if we have any valid ones left.
 +   * We will later abort import if this key is new but contains
 +   * no valid uids.  */
-+  delete_inv_parts (ctrl, keyblock, keyid, options);
+  delete_inv_parts (ctrl, keyblock, keyid, options, otherrevsigs);
 
   /* Get rid of deleted nodes.  */
   commit_kbnode (&keyblock);
-@@ -1927,24 +1911,11 @@ import_one_real (ctrl_t ctrl,
+@@ -2099,24 +2082,11 @@ import_one_real (ctrl_t ctrl,
     {
       apply_keep_uid_filter (ctrl, keyblock, import_filter.keep_uid);
       commit_kbnode (&keyblock);
@ -91,7 +92,7 @@ index 5d3162c..f9acf95 100644
     }
 
   /* The keyblock is valid and ready for real import.  */
-@@ -2002,6 +1973,13 @@ import_one_real (ctrl_t ctrl,
+@@ -2174,6 +2144,13 @@ import_one_real (ctrl_t ctrl,
       err = 0;
       stats->skipped_new_keys++;
     }
--- a/gnupg-2.4.0-tests-Fix-tests-gpgme-for-in-source-tree-builds.patch
+++ b/gnupg-2.4.0-tests-Fix-tests-gpgme-for-in-source-tree-builds.patch
@ -0,0 +1,62 @@
+From 0486caf56f96a279c7fe381b2a49ec674d6e60e2 Mon Sep 17 00:00:00 2001
+From: NIIBE Yutaka <gniibe@fsij.org>
+Date: Wed, 21 Dec 2022 10:52:24 +0900
+Subject: tests: Fix tests/gpgme for in-source-tree builds.
+
+* tests/gpgme/Makefile.am: Don't use setup.scm/ dir.
+* tests/gpgme/all-tests.scm: Fix the name of the environment.
+
+--
+
+GnuPG-bug-id: 6313
+Fixes-commit: c19ea75f10d6278569619f90977ce7c820e9319d
+Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
+---
+ tests/gpgme/Makefile.in   | 5 ++---
+ tests/gpgme/all-tests.scm | 4 ++--
+ 2 files changed, 4 insertions(+), 5 deletions(-)
+
+diff --git a/tests/gpgme/Makefile.in b/tests/gpgme/Makefile.in
+--- a/tests/gpgme/Makefile.in	2022-12-16 11:49:34.000000000 -0500
+++ b/tests/gpgme/Makefile.in	2022-12-20 23:35:26.757302512 -0500
+@@ -614,8 +614,7 @@ check: xcheck
+ 
+ .PHONY: xcheck
+ xcheck:
+-	@$(MKDIR_P) setup.scm/tests \
+-	  tests/gpg lang/qt/tests lang/python/tests
+	@$(MKDIR_P) tests/gpg lang/qt/tests lang/python/tests
+ 	$(TESTS_ENVIRONMENT) $(abs_top_builddir)/tests/gpgscm/gpgscm$(EXEEXT) \
+ 	  $(abs_srcdir)/run-tests.scm $(TESTFLAGS) $(TESTS)
+ 
+@@ -624,7 +623,7 @@ xcheck:
+ all-local: $(required_pgms)
+ 
+ clean-local:
+-	-rm -rf setup.scm/tests tests/gpg lang/qt/tests lang/python/tests
+	-rm -rf tests lang
+ 
+ # Tell versions [3.59,3.63) of GNU make to not export all variables.
+ # Otherwise a system limit (for SysV at least) may be exceeded.
+diff --git a/tests/gpgme/all-tests.scm b/tests/gpgme/all-tests.scm
+index 1746c4ee1..aef7d6a21 100644
+--- a/tests/gpgme/all-tests.scm
+++ b/tests/gpgme/all-tests.scm
+@@ -41,7 +41,7 @@
+     (test::scm
+      #f
+      #f
+-     (path-join "tests" "gpgme" "setup.scm" "tests" "gpg")
+     (path-join "tests" "gpgme" "tests" "gpg")
+      (in-srcdir "tests" "gpgme" "setup.scm")
+      "--" "tests" "gpg")))
+  (define setup-py
+@@ -49,7 +49,7 @@
+     (test::scm
+      #f
+      #f
+-     (path-join "tests" "gpgme" "setup.scm" "lang" "python" "tests")
+     (path-join "tests" "gpgme" "lang" "python" "tests")
+      (in-srcdir "tests" "gpgme" "setup.scm")
+      "--" "lang" "python" "tests")))
+ 
--- a/gnupg2.spec
+++ b/gnupg2.spec
@ -7,7 +7,7 @@

 Summary: Utility for secure communication and data storage
 Name:    gnupg2
-Version: 2.3.8
+Version: 2.4.0
 Release: 1%{?dist}

 License: GPLv3+
@ -25,10 +25,13 @@ Patch9:  gnupg-2.2.23-large-rsa.patch
 # fix missing uid on refresh from keys.openpgp.org
 # https://salsa.debian.org/debian/gnupg2/commit/f292beac1171c6c77faf41d1f88c2e0942ed4437
 Patch20: gnupg-2.2.18-tests-add-test-cases-for-import-without-uid.patch
-Patch21: gnupg-2.2.18-gpg-allow-import-of-previously-known-keys-even-without-UI.patch
+Patch21: gnupg-2.4.0-gpg-allow-import-of-previously-known-keys-even-without-UI.patch
 Patch22: gnupg-2.2.18-gpg-accept-subkeys-with-a-good-revocation-but-no-self-sig.patch
 # Fixes for issues found in Coverity scan - reported upstream
 Patch30: gnupg-2.2.21-coverity.patch
+# fix gpgme tests fail for in-source-tree builds (https://dev.gnupg.org/T6313)
+# (edited to patch Makefile.in instead of Makefile.am to avoid autoreconf)
+Patch31: gnupg-2.4.0-tests-Fix-tests-gpgme-for-in-source-tree-builds.patch


 URL:     https://www.gnupg.org/
@ -45,8 +48,8 @@ BuildRequires: gnupg2
 %endif
 BuildRequires: libassuan-devel >= 2.5.0
 BuildRequires: libgcrypt-devel >= 1.9.1
-BuildRequires: libgpg-error-devel >= 1.41
-BuildRequires: libksba-devel >= 1.3.4
+BuildRequires: libgpg-error-devel >= 1.46
+BuildRequires: libksba-devel >= 1.6.3
 BuildRequires: openldap-devel
 BuildRequires: pcsc-lite-libs
 BuildRequires: ncurses-devel
@ -62,7 +65,7 @@ BuildRequires: systemd-rpm-macros
 BuildRequires: openssh-clients

 Requires: libgcrypt >= 1.9.1
-Requires: libgpg-error >= 1.41
+Requires: libgpg-error >= 1.46

 Recommends: pinentry

@ -120,6 +123,7 @@ to the base GnuPG package
 %patch22 -p1 -b .good_revoc

 %patch30 -p1 -b .coverity
+%patch31 -p1 -b .tests_gpgme

 # pcsc-lite library major: 0 in 1.2.0, 1 in 1.2.9+ (dlopen()'d in pcsc-wrapper)
 # Note: this is just the name of the default shared lib to load in scdaemon,
@ -221,6 +225,9 @@ make -k check


 %changelog
+* Tue Dec 20 2022 Todd Zullinger <tmz@pobox.com> - 2.4.0-1
+- update to 2.4.0 (#2155170)
+
 * Mon Oct 17 2022 Todd Zullinger <tmz@pobox.com> - 2.3.8-1
 - update to 2.3.8
 - BR systemd-rpm-macros for %%{_userunitdir}