rebase the insttools patch

enable large secure memory support
2017-07-18 16:32:12 +02:00 · 2017-07-18 16:32:12 +02:00 · 35218296f3
commit 35218296f3
parent 5bcc193b5c
4 changed files with 85 additions and 45 deletions
--- a/gnupg-2.1.11-insttools.patch
+++ b/gnupg-2.1.11-insttools.patch
@ -1,42 +0,0 @@
-diff -up gnupg-2.1.11/tools/Makefile.am.insttools gnupg-2.1.11/tools/Makefile.am
--- gnupg-2.1.11/tools/Makefile.am.insttools	2016-01-26 10:36:37.000000000 +0100
-+++ gnupg-2.1.11/tools/Makefile.am	2016-02-01 17:22:34.177267793 +0100
-@@ -51,7 +51,7 @@ else
-   gpgtar =
- endif
- 
-bin_PROGRAMS = gpgconf gpg-connect-agent ${symcryptrun}
-+bin_PROGRAMS = gpgconf gpg-connect-agent ${symcryptrun} gpgsplit
- if !HAVE_W32_SYSTEM
- bin_PROGRAMS += watchgnupg gpgparsemail
- endif
-@@ -64,7 +64,7 @@ libexec_PROGRAMS = gpg-check-pattern
- endif
- 
- if !HAVE_W32CE_SYSTEM
-noinst_PROGRAMS = clean-sat mk-tdata make-dns-cert gpgsplit
-+noinst_PROGRAMS = clean-sat mk-tdata make-dns-cert
- endif
- 
- common_libs = $(libcommon)
-diff -up gnupg-2.1.11/tools/Makefile.in.insttools gnupg-2.1.11/tools/Makefile.in
--- gnupg-2.1.11/tools/Makefile.in.insttools	2016-01-26 13:54:49.000000000 +0100
-+++ gnupg-2.1.11/tools/Makefile.in	2016-02-01 17:25:02.922105343 +0100
-@@ -136,15 +136,14 @@ DIST_COMMON = $(top_srcdir)/am/cmacros.a
- @GNUPG_PROTECT_TOOL_PGM_TRUE@am__append_6 = -DGNUPG_DEFAULT_PROTECT_TOOL="\"@GNUPG_PROTECT_TOOL_PGM@\""
- @GNUPG_DIRMNGR_LDAP_PGM_TRUE@am__append_7 = -DGNUPG_DEFAULT_DIRMNGR_LDAP="\"@GNUPG_DIRMNGR_LDAP_PGM@\""
- @HAVE_W32_SYSTEM_TRUE@am__append_8 = gpg-connect-agent-w32info.o
-bin_PROGRAMS = gpgconf$(EXEEXT) gpg-connect-agent$(EXEEXT) \
-+bin_PROGRAMS = gpgconf$(EXEEXT) gpg-connect-agent$(EXEEXT) gpgsplit$(EXEEXT) \
- 	$(am__EXEEXT_1) $(am__EXEEXT_2) $(am__EXEEXT_4)
- @HAVE_W32_SYSTEM_FALSE@am__append_9 = watchgnupg gpgparsemail
- @HAVE_W32CE_SYSTEM_FALSE@am__append_10 = ${gpgtar}
- @DISABLE_REGEX_FALSE@libexec_PROGRAMS = gpg-check-pattern$(EXEEXT)
- @HAVE_W32CE_SYSTEM_FALSE@noinst_PROGRAMS = clean-sat$(EXEEXT) \
- @HAVE_W32CE_SYSTEM_FALSE@	mk-tdata$(EXEEXT) \
-@HAVE_W32CE_SYSTEM_FALSE@	make-dns-cert$(EXEEXT) \
-@HAVE_W32CE_SYSTEM_FALSE@	gpgsplit$(EXEEXT)
-+@HAVE_W32CE_SYSTEM_FALSE@	make-dns-cert$(EXEEXT)
- subdir = tools
- ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
- am__aclocal_m4_deps = $(top_srcdir)/m4/autobuild.m4 \
--- a/gnupg-2.1.21-insttools.patch
+++ b/gnupg-2.1.21-insttools.patch
@ -0,0 +1,62 @@
+diff -up gnupg-2.1.21/tools/Makefile.am.insttools gnupg-2.1.21/tools/Makefile.am
+--- gnupg-2.1.21/tools/Makefile.am.insttools	2017-04-03 17:13:56.000000000 +0200
+++ gnupg-2.1.21/tools/Makefile.am	2017-07-18 12:10:59.431729640 +0200
+@@ -35,8 +35,8 @@ AM_CFLAGS = $(LIBGCRYPT_CFLAGS) $(GPG_ER
+ sbin_SCRIPTS = addgnupghome applygnupgdefaults
+ 
+ if HAVE_USTAR
+-# bin_SCRIPTS += gpg-zip
+-noinst_SCRIPTS = gpg-zip
+bin_PROGRAMS += gpg-zip
+#noinst_SCRIPTS = gpg-zip
+ endif
+ 
+ if BUILD_SYMCRYPTRUN
+@@ -53,7 +53,7 @@ endif
+ 
+ libexec_PROGRAMS = gpg-wks-client
+ 
+-bin_PROGRAMS = gpgconf gpg-connect-agent ${symcryptrun}
+bin_PROGRAMS = gpgconf gpg-connect-agent ${symcryptrun} gpgsplit
+ if !HAVE_W32_SYSTEM
+ bin_PROGRAMS += watchgnupg gpgparsemail ${gpg_wks_server}
+ endif
+@@ -63,7 +63,7 @@ libexec_PROGRAMS += gpg-check-pattern
+ endif
+ 
+ if !HAVE_W32CE_SYSTEM
+-noinst_PROGRAMS = clean-sat make-dns-cert gpgsplit
+noinst_PROGRAMS = clean-sat make-dns-cert
+ endif
+ 
+ if !HAVE_W32CE_SYSTEM
+diff -up gnupg-2.1.21/tools/Makefile.in.insttools gnupg-2.1.21/tools/Makefile.in
+--- gnupg-2.1.21/tools/Makefile.in.insttools	2017-05-15 16:15:04.000000000 +0200
+++ gnupg-2.1.21/tools/Makefile.in	2017-07-18 12:12:17.907734745 +0200
+@@ -137,13 +137,13 @@ DIST_COMMON = $(top_srcdir)/am/cmacros.a
+ @GNUPG_DIRMNGR_LDAP_PGM_TRUE@am__append_7 = -DGNUPG_DEFAULT_DIRMNGR_LDAP="\"@GNUPG_DIRMNGR_LDAP_PGM@\""
+ @HAVE_W32_SYSTEM_TRUE@am__append_8 = gpg-connect-agent-w32info.o
+ libexec_PROGRAMS = gpg-wks-client$(EXEEXT) $(am__EXEEXT_5)
+-bin_PROGRAMS = gpgconf$(EXEEXT) gpg-connect-agent$(EXEEXT) \
+bin_PROGRAMS = gpgconf$(EXEEXT) gpg-connect-agent$(EXEEXT) gpgsplit$(EXEEXT) \
+ 	$(am__EXEEXT_1) $(am__EXEEXT_3) $(am__EXEEXT_4)
+ @HAVE_W32_SYSTEM_FALSE@am__append_9 = watchgnupg gpgparsemail ${gpg_wks_server}
+ @DISABLE_REGEX_FALSE@am__append_10 = gpg-check-pattern
+ @HAVE_W32CE_SYSTEM_FALSE@noinst_PROGRAMS = clean-sat$(EXEEXT) \
+ @HAVE_W32CE_SYSTEM_FALSE@	make-dns-cert$(EXEEXT) \
+-@HAVE_W32CE_SYSTEM_FALSE@	gpgsplit$(EXEEXT) $(am__EXEEXT_6)
+@HAVE_W32CE_SYSTEM_FALSE@	$(am__EXEEXT_6)
+ @BUILD_GPGTAR_TRUE@@HAVE_W32CE_SYSTEM_FALSE@am__append_11 = gpgtar
+ @BUILD_GPGTAR_FALSE@@HAVE_W32CE_SYSTEM_FALSE@am__append_12 = gpgtar
+ subdir = tools
+@@ -582,8 +582,8 @@ libcommontlsnpth = ../common/libcommontl
+ AM_CFLAGS = $(LIBGCRYPT_CFLAGS) $(GPG_ERROR_CFLAGS) $(LIBASSUAN_CFLAGS)
+ sbin_SCRIPTS = addgnupghome applygnupgdefaults
+ 
+-# bin_SCRIPTS += gpg-zip
+-@HAVE_USTAR_TRUE@noinst_SCRIPTS = gpg-zip
+@HAVE_USTAR_TRUE@bin_PROGRAMS += gpg-zip
+#@HAVE_USTAR_TRUE@noinst_SCRIPTS = gpg-zip
+ @BUILD_SYMCRYPTRUN_FALSE@symcryptrun = 
+ @BUILD_SYMCRYPTRUN_TRUE@symcryptrun = symcryptrun
+ @BUILD_WKS_TOOLS_FALSE@gpg_wks_server = 
--- a/gnupg-2.1.21-large-rsa.patch
+++ b/gnupg-2.1.21-large-rsa.patch
@ -0,0 +1,12 @@
+diff -up gnupg-2.1.21/g10/keygen.c.large-rsa gnupg-2.1.21/g10/keygen.c
+--- gnupg-2.1.21/g10/keygen.c.large-rsa	2017-05-15 14:13:22.000000000 +0200
+++ gnupg-2.1.21/g10/keygen.c	2017-07-18 16:12:37.738895016 +0200
+@@ -2091,7 +2091,7 @@ get_keysize_range (int algo, unsigned in
+ 
+     default:
+       *min = opt.compliance == CO_DE_VS ? 2048: 1024;
+-      *max = 4096;
+      *max = opt.flags.large_rsa == 1 ? 8192 : 4096;
+       def = 2048;
+       break;
+     }
--- a/gnupg2.spec
+++ b/gnupg2.spec
@ -1,7 +1,7 @@
 Summary: Utility for secure communication and data storage
 Name:    gnupg2
 Version: 2.1.21
-Release: 2%{?dist}
+Release: 3%{?dist}

 License: GPLv3+
 Group:   Applications/System
@ -9,7 +9,7 @@ Source0: ftp://ftp.gnupg.org/gcrypt/%{?pre:alpha/}gnupg/gnupg-%{version}%{?pre}.
 Source1: ftp://ftp.gnupg.org/gcrypt/%{?pre:alpha/}gnupg/gnupg-%{version}%{?pre}.tar.bz2.sig
 # svn export svn://cvs.gnupg.org/gnupg/trunk gnupg2; tar cjf gnupg-<date>svn.tar.bz2 gnupg2
 #Source0: gnupg2-20090809svn.tar.bz2
-Patch1:  gnupg-2.1.11-insttools.patch
+Patch1:  gnupg-2.1.21-insttools.patch
 # exponential backoff when waiting on gpg-agent and dirmngr to save time
 Patch2:  gnupg-2.1.19-exponential.patch
 # needed for compatibility with system FIPS mode
@ -20,6 +20,8 @@ Patch5:  gnupg-2.1.1-ocsp-keyusage.patch
 Patch6:  gnupg-2.1.1-fips-algo.patch
 Patch7:  gnupg-2.1.20-build.patch
 Patch8:  gnupg-2.1.21-scdaemon-path.patch
+# allow 8192 bit RSA keys in keygen UI with large RSA
+Patch9:  gnupg-2.1.21-large-rsa.patch

 URL:     http://www.gnupg.org/

@ -99,6 +101,7 @@ to the base GnuPG package
 %patch6 -p1 -b .fips
 %patch7 -p1 -b .build
 %patch8 -p1 -b .scdaemon
+%patch9 -p1 -b .large-rsa

 # pcsc-lite library major: 0 in 1.2.0, 1 in 1.2.9+ (dlopen()'d in pcsc-wrapper)
 # Note: this is just the name of the default shared lib to load in scdaemon,
@ -113,7 +116,8 @@ sed -i -e 's/"libpcsclite\.so"/"%{pcsclib}"/' scd/scdaemon.c
 %configure \
  --disable-gpgtar \
  --disable-rpath \
-  --enable-g13
+  --enable-g13 \
+  --enable-large-secmem

 # need scratch gpg database for tests
 mkdir -p $HOME/.gnupg
@ -208,6 +212,10 @@ fi


 %changelog
+* Tue Jul 18 2017 Tomáš Mráz <tmraz@redhat.com> - 2.1.21-3
+- rebase the insttools patch
+- enable large secure memory support
+
 * Tue May 16 2017 Tomáš Mráz <tmraz@redhat.com> - 2.1.21-2
 - scdaemon is now needed by gpg