import gnupg2-2.3.1-3.el9_b
This commit is contained in:
commit
794b8d0716
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
||||
SOURCES/gnupg-2.3.1.tar.bz2
|
1
.gnupg2.metadata
Normal file
1
.gnupg2.metadata
Normal file
@ -0,0 +1 @@
|
||||
a8f66ba4f7dcb2e7322aef786f942ce5ccca6f14 SOURCES/gnupg-2.3.1.tar.bz2
|
54
SOURCES/gnupg-2.1.1-fips-algo.patch
Normal file
54
SOURCES/gnupg-2.1.1-fips-algo.patch
Normal file
@ -0,0 +1,54 @@
|
||||
diff -up gnupg-2.1.1/g10/mainproc.c.fips gnupg-2.1.1/g10/mainproc.c
|
||||
--- gnupg-2.1.1/g10/mainproc.c.fips 2015-01-29 17:19:49.266031504 +0100
|
||||
+++ gnupg-2.1.1/g10/mainproc.c 2015-01-29 17:27:13.938088122 +0100
|
||||
@@ -719,7 +719,8 @@ proc_plaintext( CTX c, PACKET *pkt )
|
||||
according to 2440, so hopefully it won't come up that often.
|
||||
There is no good way to specify what algorithms to use in
|
||||
that case, so these there are the historical answer. */
|
||||
- gcry_md_enable (c->mfx.md, DIGEST_ALGO_RMD160);
|
||||
+ if (!gcry_fips_mode_active())
|
||||
+ gcry_md_enable (c->mfx.md, DIGEST_ALGO_RMD160);
|
||||
gcry_md_enable (c->mfx.md, DIGEST_ALGO_SHA1);
|
||||
}
|
||||
if (DBG_HASHING)
|
||||
diff --git a/common/t-sexputil.c b/common/t-sexputil.c
|
||||
index d75090c5b..be5eb2122 100644
|
||||
--- a/common/t-sexputil.c
|
||||
+++ b/common/t-sexputil.c
|
||||
@@ -291,36 +291,6 @@ test_ecc_uncompress (void)
|
||||
const char *b; /* Compressed. */
|
||||
}
|
||||
tests[] = {
|
||||
- {
|
||||
- "(public-key"
|
||||
- " (ecc"
|
||||
- " (curve brainpoolP256r1)"
|
||||
- " (q #042ECD8679930BE2DB4AD42B8600BA3F80"
|
||||
- /* */"2D4D539BFF2F69B83EC9B7BBAA7F3406"
|
||||
- /* */"436DD11A1756AFE56CD93408410FCDA9"
|
||||
- /* */"BA95024EB613BD481A14FCFEC27A448A#)))",
|
||||
- /* The same in compressed form. */
|
||||
- "(public-key"
|
||||
- " (ecc"
|
||||
- " (curve brainpoolP256r1)"
|
||||
- " (q #022ECD8679930BE2DB4AD42B8600BA3F80"
|
||||
- /* */"2D4D539BFF2F69B83EC9B7BBAA7F3406#)))"
|
||||
- },
|
||||
- {
|
||||
- "(public-key"
|
||||
- " (ecc"
|
||||
- " (curve brainpoolP256r1)"
|
||||
- " (q #045B784CA008EE64AB3D85017EE0D2BE87"
|
||||
- /* */"558762C7300E0C8E06B1F9AF7C031458"
|
||||
- /* */"9EBBA41915313417BA54218EB0569C59"
|
||||
- /* */"0B156C76DBCAB6E84575E6EF68CE7B87#)))",
|
||||
- /* The same in compressed form. */
|
||||
- "(public-key"
|
||||
- " (ecc"
|
||||
- " (curve brainpoolP256r1)"
|
||||
- " (q #035B784CA008EE64AB3D85017EE0D2BE87"
|
||||
- /* */"558762C7300E0C8E06B1F9AF7C031458#)))"
|
||||
- },
|
||||
{ /* A key which does not require a conversion. */
|
||||
"(public-key"
|
||||
" (ecdsa"
|
33
SOURCES/gnupg-2.1.10-secmem.patch
Normal file
33
SOURCES/gnupg-2.1.10-secmem.patch
Normal file
@ -0,0 +1,33 @@
|
||||
diff -up gnupg-2.1.10/g10/gpg.c.secmem gnupg-2.1.10/g10/gpg.c
|
||||
--- gnupg-2.1.10/g10/gpg.c.secmem 2015-12-04 10:53:27.000000000 +0100
|
||||
+++ gnupg-2.1.10/g10/gpg.c 2015-12-07 15:32:38.922812652 +0100
|
||||
@@ -889,7 +889,7 @@ make_libversion (const char *libname, co
|
||||
|
||||
if (maybe_setuid)
|
||||
{
|
||||
- gcry_control (GCRYCTL_INIT_SECMEM, 0, 0); /* Drop setuid. */
|
||||
+ gcry_control (GCRYCTL_INIT_SECMEM, 4096, 0); /* Drop setuid. */
|
||||
maybe_setuid = 0;
|
||||
}
|
||||
s = getfnc (NULL);
|
||||
@@ -1041,7 +1041,7 @@ build_list (const char *text, char lette
|
||||
char *string;
|
||||
|
||||
if (maybe_setuid)
|
||||
- gcry_control (GCRYCTL_INIT_SECMEM, 0, 0); /* Drop setuid. */
|
||||
+ gcry_control (GCRYCTL_INIT_SECMEM, 4096, 0); /* Drop setuid. */
|
||||
|
||||
indent = utf8_charcount (text, -1);
|
||||
len = 0;
|
||||
diff -up gnupg-2.1.10/sm/gpgsm.c.secmem gnupg-2.1.10/sm/gpgsm.c
|
||||
--- gnupg-2.1.10/sm/gpgsm.c.secmem 2015-11-30 17:39:52.000000000 +0100
|
||||
+++ gnupg-2.1.10/sm/gpgsm.c 2015-12-07 15:31:17.226884207 +0100
|
||||
@@ -530,7 +530,7 @@ make_libversion (const char *libname, co
|
||||
|
||||
if (maybe_setuid)
|
||||
{
|
||||
- gcry_control (GCRYCTL_INIT_SECMEM, 0, 0); /* Drop setuid. */
|
||||
+ gcry_control (GCRYCTL_INIT_SECMEM, 4096, 0); /* Drop setuid. */
|
||||
maybe_setuid = 0;
|
||||
}
|
||||
s = getfnc (NULL);
|
17
SOURCES/gnupg-2.2.16-ocsp-keyusage.patch
Normal file
17
SOURCES/gnupg-2.2.16-ocsp-keyusage.patch
Normal file
@ -0,0 +1,17 @@
|
||||
diff -up gnupg-2.2.16/sm/certlist.c.keyusage gnupg-2.2.16/sm/certlist.c
|
||||
--- gnupg-2.2.16/sm/certlist.c.keyusage 2019-07-01 17:17:06.925254065 +0200
|
||||
+++ gnupg-2.2.16/sm/certlist.c 2019-07-01 17:24:15.665759322 +0200
|
||||
@@ -147,10 +147,9 @@ cert_usage_p (ksba_cert_t cert, int mode
|
||||
|
||||
if (mode == 5)
|
||||
{
|
||||
- if (use != ~0
|
||||
- && (have_ocsp_signing
|
||||
- || (use & (KSBA_KEYUSAGE_KEY_CERT_SIGN
|
||||
- |KSBA_KEYUSAGE_CRL_SIGN))))
|
||||
+ if (have_ocsp_signing
|
||||
+ || (use & (KSBA_KEYUSAGE_KEY_CERT_SIGN
|
||||
+ |KSBA_KEYUSAGE_CRL_SIGN)))
|
||||
return 0;
|
||||
if (!silent)
|
||||
log_info (_("certificate should not have "
|
@ -0,0 +1,32 @@
|
||||
From: Vincent Breitmoser <look@my.amazin.horse>
|
||||
Date: Thu, 13 Jun 2019 21:27:43 +0200
|
||||
Subject: gpg: accept subkeys with a good revocation but no self-sig during
|
||||
import
|
||||
|
||||
* g10/import.c (chk_self_sigs): Set the NODE_GOOD_SELFSIG flag when we
|
||||
encounter a valid revocation signature. This allows import of subkey
|
||||
revocation signatures, even in the absence of a corresponding subkey
|
||||
binding signature.
|
||||
|
||||
--
|
||||
|
||||
This fixes the remaining test in import-incomplete.scm.
|
||||
|
||||
GnuPG-Bug-id: 4393
|
||||
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
||||
---
|
||||
g10/import.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/g10/import.c b/g10/import.c
|
||||
index f9acf95..9217911 100644
|
||||
--- a/g10/import.c
|
||||
+++ b/g10/import.c
|
||||
@@ -3602,6 +3602,7 @@ chk_self_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid, int *non_self)
|
||||
/* It's valid, so is it newer? */
|
||||
if (sig->timestamp >= rsdate)
|
||||
{
|
||||
+ knode->flag |= NODE_GOOD_SELFSIG; /* Subkey is valid. */
|
||||
if (rsnode)
|
||||
{
|
||||
/* Delete the last revocation sig since
|
@ -0,0 +1,107 @@
|
||||
From: Vincent Breitmoser <look@my.amazin.horse>
|
||||
Date: Thu, 13 Jun 2019 21:27:42 +0200
|
||||
Subject: gpg: allow import of previously known keys, even without UIDs
|
||||
|
||||
* g10/import.c (import_one): Accept an incoming OpenPGP certificate that
|
||||
has no user id, as long as we already have a local variant of the cert
|
||||
that matches the primary key.
|
||||
|
||||
--
|
||||
|
||||
This fixes two of the three broken tests in import-incomplete.scm.
|
||||
|
||||
GnuPG-Bug-id: 4393
|
||||
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
||||
---
|
||||
g10/import.c | 44 +++++++++++---------------------------------
|
||||
1 file changed, 11 insertions(+), 33 deletions(-)
|
||||
|
||||
diff --git a/g10/import.c b/g10/import.c
|
||||
index 5d3162c..f9acf95 100644
|
||||
--- a/g10/import.c
|
||||
+++ b/g10/import.c
|
||||
@@ -1788,7 +1788,6 @@ import_one_real (ctrl_t ctrl,
|
||||
size_t an;
|
||||
char pkstrbuf[PUBKEY_STRING_SIZE];
|
||||
int merge_keys_done = 0;
|
||||
- int any_filter = 0;
|
||||
KEYDB_HANDLE hd = NULL;
|
||||
|
||||
if (r_valid)
|
||||
@@ -1825,14 +1824,6 @@ import_one_real (ctrl_t ctrl,
|
||||
log_printf ("\n");
|
||||
}
|
||||
|
||||
-
|
||||
- if (!uidnode)
|
||||
- {
|
||||
- if (!silent)
|
||||
- log_error( _("key %s: no user ID\n"), keystr_from_pk(pk));
|
||||
- return 0;
|
||||
- }
|
||||
-
|
||||
if (screener && screener (keyblock, screener_arg))
|
||||
{
|
||||
log_error (_("key %s: %s\n"), keystr_from_pk (pk),
|
||||
@@ -1907,18 +1898,10 @@ import_one_real (ctrl_t ctrl,
|
||||
}
|
||||
}
|
||||
|
||||
- /* Delete invalid parts and bail out if there are no user ids left. */
|
||||
- if (!delete_inv_parts (ctrl, keyblock, keyid, options))
|
||||
- {
|
||||
- if (!silent)
|
||||
- {
|
||||
- log_error ( _("key %s: no valid user IDs\n"), keystr_from_pk(pk));
|
||||
- if (!opt.quiet)
|
||||
- log_info(_("this may be caused by a missing self-signature\n"));
|
||||
- }
|
||||
- stats->no_user_id++;
|
||||
- return 0;
|
||||
- }
|
||||
+ /* Delete invalid parts, and note if we have any valid ones left.
|
||||
+ * We will later abort import if this key is new but contains
|
||||
+ * no valid uids. */
|
||||
+ delete_inv_parts (ctrl, keyblock, keyid, options);
|
||||
|
||||
/* Get rid of deleted nodes. */
|
||||
commit_kbnode (&keyblock);
|
||||
@@ -1927,24 +1911,11 @@ import_one_real (ctrl_t ctrl,
|
||||
{
|
||||
apply_keep_uid_filter (ctrl, keyblock, import_filter.keep_uid);
|
||||
commit_kbnode (&keyblock);
|
||||
- any_filter = 1;
|
||||
}
|
||||
if (import_filter.drop_sig)
|
||||
{
|
||||
apply_drop_sig_filter (ctrl, keyblock, import_filter.drop_sig);
|
||||
commit_kbnode (&keyblock);
|
||||
- any_filter = 1;
|
||||
- }
|
||||
-
|
||||
- /* If we ran any filter we need to check that at least one user id
|
||||
- * is left in the keyring. Note that we do not use log_error in
|
||||
- * this case. */
|
||||
- if (any_filter && !any_uid_left (keyblock))
|
||||
- {
|
||||
- if (!opt.quiet )
|
||||
- log_info ( _("key %s: no valid user IDs\n"), keystr_from_pk (pk));
|
||||
- stats->no_user_id++;
|
||||
- return 0;
|
||||
}
|
||||
|
||||
/* The keyblock is valid and ready for real import. */
|
||||
@@ -2002,6 +1973,13 @@ import_one_real (ctrl_t ctrl,
|
||||
err = 0;
|
||||
stats->skipped_new_keys++;
|
||||
}
|
||||
+ else if (err && !any_uid_left (keyblock))
|
||||
+ {
|
||||
+ if (!silent)
|
||||
+ log_info( _("key %s: new key but contains no user ID - skipped\n"), keystr(keyid));
|
||||
+ err = 0;
|
||||
+ stats->no_user_id++;
|
||||
+ }
|
||||
else if (err) /* Insert this key. */
|
||||
{
|
||||
/* Note: ERR can only be NO_PUBKEY or UNUSABLE_PUBKEY. */
|
@ -0,0 +1,201 @@
|
||||
From: Vincent Breitmoser <look@my.amazin.horse>
|
||||
Date: Thu, 13 Jun 2019 21:27:41 +0200
|
||||
Subject: tests: add test cases for import without uid
|
||||
|
||||
This commit adds a test case that does the following, in order:
|
||||
- Import of a primary key plus user id
|
||||
- Check that import of a subkey works, without a user id present in the
|
||||
imported key
|
||||
- Check that import of a subkey revocation works, without a user id or
|
||||
subkey binding signature present in the imported key
|
||||
- Check that import of a primary key revocation works, without a user id
|
||||
present in the imported key
|
||||
|
||||
--
|
||||
|
||||
Note that this test currently fails. The following changesets will
|
||||
fix gpg so that the tests pass.
|
||||
|
||||
GnuPG-Bug-id: 4393
|
||||
Signed-Off-By: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
||||
---
|
||||
tests/openpgp/Makefile.am | 1 +
|
||||
tests/openpgp/import-incomplete.scm | 68 ++++++++++++++++++++++
|
||||
.../import-incomplete/primary+revocation.asc | 9 +++
|
||||
.../primary+subkey+sub-revocation.asc | 10 ++++
|
||||
.../import-incomplete/primary+subkey+sub-sig.asc | 10 ++++
|
||||
.../openpgp/import-incomplete/primary+uid-sig.asc | 10 ++++
|
||||
tests/openpgp/import-incomplete/primary+uid.asc | 10 ++++
|
||||
7 files changed, 118 insertions(+)
|
||||
create mode 100755 tests/openpgp/import-incomplete.scm
|
||||
create mode 100644 tests/openpgp/import-incomplete/primary+revocation.asc
|
||||
create mode 100644 tests/openpgp/import-incomplete/primary+subkey+sub-revocation.asc
|
||||
create mode 100644 tests/openpgp/import-incomplete/primary+subkey+sub-sig.asc
|
||||
create mode 100644 tests/openpgp/import-incomplete/primary+uid-sig.asc
|
||||
create mode 100644 tests/openpgp/import-incomplete/primary+uid.asc
|
||||
|
||||
diff --git a/tests/openpgp/Makefile.am b/tests/openpgp/Makefile.am
|
||||
index f6014c9..6423da1 100644
|
||||
--- a/tests/openpgp/Makefile.am
|
||||
+++ b/tests/openpgp/Makefile.am
|
||||
@@ -78,6 +78,7 @@ XTESTS = \
|
||||
gpgv-forged-keyring.scm \
|
||||
armor.scm \
|
||||
import.scm \
|
||||
+ import-incomplete.scm \
|
||||
import-revocation-certificate.scm \
|
||||
ecc.scm \
|
||||
4gb-packet.scm \
|
||||
diff --git a/tests/openpgp/import-incomplete.scm b/tests/openpgp/import-incomplete.scm
|
||||
new file mode 100755
|
||||
index 0000000..727a027
|
||||
--- /dev/null
|
||||
+++ b/tests/openpgp/import-incomplete.scm
|
||||
@@ -0,0 +1,68 @@
|
||||
+#!/usr/bin/env gpgscm
|
||||
+
|
||||
+;; Copyright (C) 2016 g10 Code GmbH
|
||||
+;;
|
||||
+;; This file is part of GnuPG.
|
||||
+;;
|
||||
+;; GnuPG is free software; you can redistribute it and/or modify
|
||||
+;; it under the terms of the GNU General Public License as published by
|
||||
+;; the Free Software Foundation; either version 3 of the License, or
|
||||
+;; (at your option) any later version.
|
||||
+;;
|
||||
+;; GnuPG is distributed in the hope that it will be useful,
|
||||
+;; but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
+;; GNU General Public License for more details.
|
||||
+;;
|
||||
+;; You should have received a copy of the GNU General Public License
|
||||
+;; along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
+
|
||||
+(load (in-srcdir "tests" "openpgp" "defs.scm"))
|
||||
+(setup-environment)
|
||||
+
|
||||
+(call-check `(,(tool 'gpg) --import ,(in-srcdir "tests" "openpgp" "import-incomplete" "primary+uid.asc")))
|
||||
+
|
||||
+(info "Test import of new subkey, from a certificate without uid")
|
||||
+(define keyid "573EA710367356BB")
|
||||
+(call-check `(,(tool 'gpg) --import ,(in-srcdir "tests" "openpgp" "import-incomplete" "primary+subkey+sub-sig.asc")))
|
||||
+(tr:do
|
||||
+ (tr:pipe-do
|
||||
+ (pipe:gpg `(--list-keys --with-colons ,keyid)))
|
||||
+ (tr:call-with-content
|
||||
+ (lambda (c)
|
||||
+ ;; XXX we do not have a regexp library
|
||||
+ (unless (any (lambda (line)
|
||||
+ (and (string-prefix? line "sub:")
|
||||
+ (string-contains? line "573EA710367356BB")))
|
||||
+ (string-split-newlines c))
|
||||
+ (exit 1)))))
|
||||
+
|
||||
+(info "Test import of a subkey revocation, from a certificate without uid")
|
||||
+(define keyid "573EA710367356BB")
|
||||
+(call-check `(,(tool 'gpg) --import ,(in-srcdir "tests" "openpgp" "import-incomplete" "primary+subkey+sub-revocation.asc")))
|
||||
+(tr:do
|
||||
+ (tr:pipe-do
|
||||
+ (pipe:gpg `(--list-keys --with-colons ,keyid)))
|
||||
+ (tr:call-with-content
|
||||
+ (lambda (c)
|
||||
+ ;; XXX we do not have a regexp library
|
||||
+ (unless (any (lambda (line)
|
||||
+ (and (string-prefix? line "sub:r:")
|
||||
+ (string-contains? line "573EA710367356BB")))
|
||||
+ (string-split-newlines c))
|
||||
+ (exit 1)))))
|
||||
+
|
||||
+(info "Test import of revocation, from a certificate without uid")
|
||||
+(call-check `(,(tool 'gpg) --import ,(in-srcdir "tests" "openpgp" "import-incomplete" "primary+revocation.asc")))
|
||||
+(tr:do
|
||||
+ (tr:pipe-do
|
||||
+ (pipe:gpg `(--list-keys --with-colons ,keyid)))
|
||||
+ (tr:call-with-content
|
||||
+ (lambda (c)
|
||||
+ ;; XXX we do not have a regexp library
|
||||
+ (unless (any (lambda (line)
|
||||
+ (and (string-prefix? line "pub:r:")
|
||||
+ (string-contains? line "0843DA969AA8DAFB")))
|
||||
+ (string-split-newlines c))
|
||||
+ (exit 1)))))
|
||||
+
|
||||
diff --git a/tests/openpgp/import-incomplete/primary+revocation.asc b/tests/openpgp/import-incomplete/primary+revocation.asc
|
||||
new file mode 100644
|
||||
index 0000000..6b7b608
|
||||
--- /dev/null
|
||||
+++ b/tests/openpgp/import-incomplete/primary+revocation.asc
|
||||
@@ -0,0 +1,9 @@
|
||||
+-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
+Comment: [E] primary key, revocation signature over primary (no user ID)
|
||||
+
|
||||
+mDMEXNmUGRYJKwYBBAHaRw8BAQdA75R8VlchvmEd2Iz/8l07RoKUaUPDB71Ao1zZ
|
||||
+631VAN2IeAQgFggAIBYhBLRpj5W82H/gSMzKKQhD2paaqNr7BQJc2ZQZAh0AAAoJ
|
||||
+EAhD2paaqNr7qAwA/2jBUpnN0BxwRO/4CrxvrLIsL+C9aSXJUOTv8XkP4lvtAQD3
|
||||
+XsDFfFNgEueiTfF7HtOGt5LPmRqVvUpQSMVgJJW6CQ==
|
||||
+=tM90
|
||||
+-----END PGP PUBLIC KEY BLOCK-----
|
||||
diff --git a/tests/openpgp/import-incomplete/primary+subkey+sub-revocation.asc b/tests/openpgp/import-incomplete/primary+subkey+sub-revocation.asc
|
||||
new file mode 100644
|
||||
index 0000000..83a51a5
|
||||
--- /dev/null
|
||||
+++ b/tests/openpgp/import-incomplete/primary+subkey+sub-revocation.asc
|
||||
@@ -0,0 +1,10 @@
|
||||
+-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
+Comment: [D] primary key, subkey, subkey revocation (no user ID)
|
||||
+
|
||||
+mDMEXNmUGRYJKwYBBAHaRw8BAQdA75R8VlchvmEd2Iz/8l07RoKUaUPDB71Ao1zZ
|
||||
+631VAN24OARc2ZQhEgorBgEEAZdVAQUBAQdABsd5ha0AWXdXcSmfeiWIfrNcGqQK
|
||||
+j++lwwWDAOlkVicDAQgHiHgEKBYIACAWIQS0aY+VvNh/4EjMyikIQ9qWmqja+wUC
|
||||
+XNmnkAIdAgAKCRAIQ9qWmqja+ylaAQDmIKf86BJEq4OpDqU+V9D+wn2cyuxbyWVQ
|
||||
+3r9LiL9qNwD/QAjyrhSN8L3Mfq+wdTHo5i0yB9ZCCpHLXSbhCqfWZwQ=
|
||||
+=dwx2
|
||||
+-----END PGP PUBLIC KEY BLOCK-----
|
||||
diff --git a/tests/openpgp/import-incomplete/primary+subkey+sub-sig.asc b/tests/openpgp/import-incomplete/primary+subkey+sub-sig.asc
|
||||
new file mode 100644
|
||||
index 0000000..dc47a02
|
||||
--- /dev/null
|
||||
+++ b/tests/openpgp/import-incomplete/primary+subkey+sub-sig.asc
|
||||
@@ -0,0 +1,10 @@
|
||||
+-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
+Comment: [B] primary key, subkey, subkey binding sig (no user ID)
|
||||
+
|
||||
+mDMEXNmUGRYJKwYBBAHaRw8BAQdA75R8VlchvmEd2Iz/8l07RoKUaUPDB71Ao1zZ
|
||||
+631VAN24OARc2ZQhEgorBgEEAZdVAQUBAQdABsd5ha0AWXdXcSmfeiWIfrNcGqQK
|
||||
+j++lwwWDAOlkVicDAQgHiHgEGBYIACAWIQS0aY+VvNh/4EjMyikIQ9qWmqja+wUC
|
||||
+XNmUIQIbDAAKCRAIQ9qWmqja++vFAP98G1L+1/rWTGbsnxOAV2RocBYIroAvsbkR
|
||||
+Ly6FdP8YNwEA7jOgT05CoKIe37MstpOz23mM80AK369Ca3JMmKKCQgg=
|
||||
+=xuDu
|
||||
+-----END PGP PUBLIC KEY BLOCK-----
|
||||
diff --git a/tests/openpgp/import-incomplete/primary+uid-sig.asc b/tests/openpgp/import-incomplete/primary+uid-sig.asc
|
||||
new file mode 100644
|
||||
index 0000000..134607d
|
||||
--- /dev/null
|
||||
+++ b/tests/openpgp/import-incomplete/primary+uid-sig.asc
|
||||
@@ -0,0 +1,10 @@
|
||||
+-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
+Comment: [C] primary key and self-sig expiring in 2024 (no user ID)
|
||||
+
|
||||
+mDMEXNmUGRYJKwYBBAHaRw8BAQdA75R8VlchvmEd2Iz/8l07RoKUaUPDB71Ao1zZ
|
||||
+631VAN2IlgQTFggAPgIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBLRpj5W8
|
||||
+2H/gSMzKKQhD2paaqNr7BQJc2ZR1BQkJZgHcAAoJEAhD2paaqNr79soA/0lWkUsu
|
||||
+3NLwgbni6EzJxnTzgeNMpljqNpipHAwfix9hAP93AVtFdC8g7hdUZxawobl9lnSN
|
||||
+9ohXOEBWvdJgVv2YAg==
|
||||
+=KWIK
|
||||
+-----END PGP PUBLIC KEY BLOCK-----
|
||||
diff --git a/tests/openpgp/import-incomplete/primary+uid.asc b/tests/openpgp/import-incomplete/primary+uid.asc
|
||||
new file mode 100644
|
||||
index 0000000..055f300
|
||||
--- /dev/null
|
||||
+++ b/tests/openpgp/import-incomplete/primary+uid.asc
|
||||
@@ -0,0 +1,10 @@
|
||||
+-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
+Comment: [A] primary key, user ID, and self-sig expiring in 2021
|
||||
+
|
||||
+mDMEXNmUGRYJKwYBBAHaRw8BAQdA75R8VlchvmEd2Iz/8l07RoKUaUPDB71Ao1zZ
|
||||
+631VAN20CHRlc3Qga2V5iJYEExYIAD4WIQS0aY+VvNh/4EjMyikIQ9qWmqja+wUC
|
||||
+XNmUGQIbAwUJA8JnAAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRAIQ9qWmqja
|
||||
++0G1AQDdQiwhXxjXLMqoth+D4SigVHTJK8ORwifzsy3UE7mPGwD/aZ67XbAF/lgI
|
||||
+kv2O1Jo0u9BL9RNNF+L0DM7rAFbfMAs=
|
||||
+=1eII
|
||||
+-----END PGP PUBLIC KEY BLOCK-----
|
195
SOURCES/gnupg-2.2.20-file-is-digest.patch
Normal file
195
SOURCES/gnupg-2.2.20-file-is-digest.patch
Normal file
@ -0,0 +1,195 @@
|
||||
diff -up gnupg-2.2.20/g10/gpg.c.file-is-digest gnupg-2.2.20/g10/gpg.c
|
||||
--- gnupg-2.2.20/g10/gpg.c.file-is-digest 2020-04-14 16:33:42.630269318 +0200
|
||||
+++ gnupg-2.2.20/g10/gpg.c 2020-04-14 16:34:46.455100086 +0200
|
||||
@@ -380,6 +380,7 @@ enum cmd_and_opt_values
|
||||
oTTYtype,
|
||||
oLCctype,
|
||||
oLCmessages,
|
||||
+ oFileIsDigest,
|
||||
oXauthority,
|
||||
oGroup,
|
||||
oUnGroup,
|
||||
@@ -831,6 +832,7 @@ static ARGPARSE_OPTS opts[] = {
|
||||
ARGPARSE_s_s (oTempDir, "temp-directory", "@"),
|
||||
ARGPARSE_s_s (oExecPath, "exec-path", "@"),
|
||||
ARGPARSE_s_n (oExpert, "expert", "@"),
|
||||
+ ARGPARSE_s_n (oFileIsDigest, "file-is-digest", "@"),
|
||||
ARGPARSE_s_n (oNoExpert, "no-expert", "@"),
|
||||
ARGPARSE_s_n (oNoSecmemWarn, "no-secmem-warning", "@"),
|
||||
ARGPARSE_s_n (oRequireSecmem, "require-secmem", "@"),
|
||||
@@ -2419,6 +2421,7 @@ main (int argc, char **argv)
|
||||
opt.keyid_format = KF_NONE;
|
||||
opt.def_sig_expire = "0";
|
||||
opt.def_cert_expire = "0";
|
||||
+ opt.file_is_digest = 0;
|
||||
opt.passphrase_repeat = 1;
|
||||
opt.emit_version = 0;
|
||||
opt.weak_digests = NULL;
|
||||
@@ -2997,6 +3000,7 @@ main (int argc, char **argv)
|
||||
case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break;
|
||||
|
||||
case oForceAEAD: opt.force_aead = 1; break;
|
||||
+ case oFileIsDigest: opt.file_is_digest = 1; break;
|
||||
|
||||
case oDisableSignerUID: opt.flags.disable_signer_uid = 1; break;
|
||||
case oIncludeKeyBlock: opt.flags.include_key_block = 1; break;
|
||||
diff -up gnupg-2.2.20/g10/options.h.file-is-digest gnupg-2.2.20/g10/options.h
|
||||
--- gnupg-2.2.20/g10/options.h.file-is-digest 2020-03-14 19:54:05.000000000 +0100
|
||||
+++ gnupg-2.2.20/g10/options.h 2020-04-14 16:33:42.634269245 +0200
|
||||
@@ -202,6 +202,7 @@ struct
|
||||
int no_auto_check_trustdb;
|
||||
int preserve_permissions;
|
||||
int no_homedir_creation;
|
||||
+ int file_is_digest;
|
||||
struct groupitem *grouplist;
|
||||
int mangle_dos_filenames;
|
||||
int enable_progress_filter;
|
||||
diff -up gnupg-2.2.20/g10/sign.c.file-is-digest gnupg-2.2.20/g10/sign.c
|
||||
--- gnupg-2.2.20/g10/sign.c.file-is-digest 2020-03-14 19:35:46.000000000 +0100
|
||||
+++ gnupg-2.2.20/g10/sign.c 2020-04-14 16:36:54.661751422 +0200
|
||||
@@ -40,6 +40,7 @@
|
||||
#include "pkglue.h"
|
||||
#include "../common/sysutils.h"
|
||||
#include "call-agent.h"
|
||||
+#include "../common/host2net.h"
|
||||
#include "../common/mbox-util.h"
|
||||
#include "../common/compliance.h"
|
||||
|
||||
@@ -834,6 +835,8 @@ write_signature_packets (ctrl_t ctrl,
|
||||
|
||||
if (pk->version >= 5)
|
||||
sig->version = 5; /* Required for v5 keys. */
|
||||
+ else if (opt.file_is_digest)
|
||||
+ sig->version = 3;
|
||||
else
|
||||
sig->version = 4; /* Required. */
|
||||
|
||||
@@ -860,8 +863,11 @@ write_signature_packets (ctrl_t ctrl,
|
||||
err = mk_sig_subpkt_key_block (ctrl, sig, pk);
|
||||
else
|
||||
err = 0;
|
||||
- hash_sigversion_to_magic (md, sig, extrahash);
|
||||
- gcry_md_final (md);
|
||||
+
|
||||
+ if (!opt.file_is_digest) {
|
||||
+ hash_sigversion_to_magic (md, sig, extrahash);
|
||||
+ gcry_md_final (md);
|
||||
+ }
|
||||
|
||||
if (!err)
|
||||
err = do_sign (ctrl, pk, sig, md, hash_for (pk), cache_nonce, 0);
|
||||
@@ -924,6 +930,8 @@ sign_file (ctrl_t ctrl, strlist_t filena
|
||||
SK_LIST sk_rover = NULL;
|
||||
int multifile = 0;
|
||||
u32 duration=0;
|
||||
+ int sigclass = 0x00;
|
||||
+ u32 timestamp = 0;
|
||||
pt_extra_hash_data_t extrahash = NULL;
|
||||
|
||||
pfx = new_progress_context ();
|
||||
@@ -941,7 +949,16 @@ sign_file (ctrl_t ctrl, strlist_t filena
|
||||
fname = NULL;
|
||||
|
||||
if (fname && filenames->next && (!detached || encryptflag))
|
||||
- log_bug ("multiple files can only be detached signed");
|
||||
+ log_bug ("multiple files can only be detached signed\n");
|
||||
+
|
||||
+ if (opt.file_is_digest && (multifile || !fname))
|
||||
+ log_bug ("file-is-digest only works with one file\n");
|
||||
+ if (opt.file_is_digest && !detached)
|
||||
+ log_bug ("file-is-digest can only write detached signatures\n");
|
||||
+ if (opt.file_is_digest && !opt.def_digest_algo)
|
||||
+ log_bug ("file-is-digest needs --digest-algo\n");
|
||||
+ if (opt.file_is_digest && opt.textmode)
|
||||
+ log_bug ("file-is-digest doesn't work with --textmode\n");
|
||||
|
||||
if (encryptflag == 2
|
||||
&& (rc = setup_symkey (&efx.symkey_s2k, &efx.symkey_dek)))
|
||||
@@ -962,7 +979,7 @@ sign_file (ctrl_t ctrl, strlist_t filena
|
||||
goto leave;
|
||||
|
||||
/* Prepare iobufs. */
|
||||
- if (multifile) /* have list of filenames */
|
||||
+ if (multifile || opt.file_is_digest) /* have list of filenames */
|
||||
inp = NULL; /* we do it later */
|
||||
else
|
||||
{
|
||||
@@ -1100,7 +1117,7 @@ sign_file (ctrl_t ctrl, strlist_t filena
|
||||
for (sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next)
|
||||
gcry_md_enable (mfx.md, hash_for (sk_rover->pk));
|
||||
|
||||
- if (!multifile)
|
||||
+ if (!multifile && !opt.file_is_digest)
|
||||
iobuf_push_filter (inp, md_filter, &mfx);
|
||||
|
||||
if (detached && !encryptflag)
|
||||
@@ -1155,6 +1172,8 @@ sign_file (ctrl_t ctrl, strlist_t filena
|
||||
|
||||
write_status_begin_signing (mfx.md);
|
||||
|
||||
+ sigclass = opt.textmode && !outfile? 0x01 : 0x00;
|
||||
+
|
||||
/* Setup the inner packet. */
|
||||
if (detached)
|
||||
{
|
||||
@@ -1195,6 +1214,49 @@ sign_file (ctrl_t ctrl, strlist_t filena
|
||||
if (opt.verbose)
|
||||
log_printf ("\n");
|
||||
}
|
||||
+ else if (opt.file_is_digest)
|
||||
+ {
|
||||
+ byte *mdb, ts[5];
|
||||
+ size_t mdlen;
|
||||
+ const char *fp;
|
||||
+ int c, d;
|
||||
+
|
||||
+ gcry_md_final(mfx.md);
|
||||
+ /* this assumes gcry_md_read returns the same buffer */
|
||||
+ mdb = gcry_md_read(mfx.md, opt.def_digest_algo);
|
||||
+ mdlen = gcry_md_get_algo_dlen(opt.def_digest_algo);
|
||||
+ if (strlen(fname) != mdlen * 2 + 11)
|
||||
+ log_bug("digests must be %zu + @ + 5 bytes\n", mdlen);
|
||||
+ d = -1;
|
||||
+ for (fp = fname ; *fp; )
|
||||
+ {
|
||||
+ c = *fp++;
|
||||
+ if (c >= '0' && c <= '9')
|
||||
+ c -= '0';
|
||||
+ else if (c >= 'a' && c <= 'f')
|
||||
+ c -= 'a' - 10;
|
||||
+ else if (c >= 'A' && c <= 'F')
|
||||
+ c -= 'A' - 10;
|
||||
+ else
|
||||
+ log_bug("filename is not hex\n");
|
||||
+ if (d >= 0)
|
||||
+ {
|
||||
+ *mdb++ = d << 4 | c;
|
||||
+ c = -1;
|
||||
+ if (--mdlen == 0)
|
||||
+ {
|
||||
+ mdb = ts;
|
||||
+ if (*fp++ != '@')
|
||||
+ log_bug("missing time separator\n");
|
||||
+ }
|
||||
+ }
|
||||
+ d = c;
|
||||
+ }
|
||||
+ sigclass = ts[0];
|
||||
+ if (sigclass != 0x00 && sigclass != 0x01)
|
||||
+ log_bug("bad cipher class\n");
|
||||
+ timestamp = buf32_to_u32(ts + 1);
|
||||
+ }
|
||||
else
|
||||
{
|
||||
/* Read, so that the filter can calculate the digest. */
|
||||
@@ -1213,8 +1271,8 @@ sign_file (ctrl_t ctrl, strlist_t filena
|
||||
|
||||
/* Write the signatures. */
|
||||
rc = write_signature_packets (ctrl, sk_list, out, mfx.md, extrahash,
|
||||
- opt.textmode && !outfile? 0x01 : 0x00,
|
||||
- 0, duration, detached ? 'D':'S', NULL);
|
||||
+ sigclass,
|
||||
+ timestamp, duration, detached ? 'D':'S', NULL);
|
||||
if (rc)
|
||||
goto leave;
|
||||
|
1462
SOURCES/gnupg-2.2.21-coverity.patch
Normal file
1462
SOURCES/gnupg-2.2.21-coverity.patch
Normal file
File diff suppressed because it is too large
Load Diff
12
SOURCES/gnupg-2.2.23-large-rsa.patch
Normal file
12
SOURCES/gnupg-2.2.23-large-rsa.patch
Normal file
@ -0,0 +1,12 @@
|
||||
diff -up gnupg-2.2.23/g10/keygen.c.large-rsa gnupg-2.2.23/g10/keygen.c
|
||||
--- gnupg-2.2.23/g10/keygen.c.large-rsa 2020-09-04 13:53:42.030486671 +0200
|
||||
+++ gnupg-2.2.23/g10/keygen.c 2020-09-04 13:55:52.896669542 +0200
|
||||
@@ -2262,7 +2262,7 @@ get_keysize_range (int algo, unsigned in
|
||||
|
||||
default:
|
||||
*min = opt.compliance == CO_DE_VS ? 2048: 1024;
|
||||
- *max = 4096;
|
||||
+ *max = opt.flags.large_rsa == 1 ? 8192 : 4096;
|
||||
def = 3072;
|
||||
break;
|
||||
}
|
162
SOURCES/gnupg-2.3.1-revert-default-eddsa.patch
Normal file
162
SOURCES/gnupg-2.3.1-revert-default-eddsa.patch
Normal file
@ -0,0 +1,162 @@
|
||||
From ff31dde456f32950f0df6c974b4c41f1d650d68f Mon Sep 17 00:00:00 2001
|
||||
From: Werner Koch <wk@gnupg.org>
|
||||
Date: Mon, 5 Oct 2020 14:21:31 +0200
|
||||
Subject: [PATCH GnuPG] gpg: Switch to ed25519+cv25519 as default algo.
|
||||
|
||||
* g10/keygen.c (DEFAULT_STD_KEY_PARAM): Change to former future
|
||||
default ago.
|
||||
(ask_algo): Change default and also the way we indicate the default
|
||||
algo in the list of algos.
|
||||
(ask_curve): Indicate the default curve.
|
||||
|
||||
Signed-off-by: Werner Koch <wk@gnupg.org>
|
||||
---
|
||||
g10/keygen.c | 57 ++++++++++++++++++++++++++--------------------------
|
||||
1 file changed, 29 insertions(+), 28 deletions(-)
|
||||
|
||||
diff --git a/g10/keygen.c b/g10/keygen.c
|
||||
index 16e4e58ea..b510525e3 100644
|
||||
--- a/g10/keygen.c
|
||||
+++ b/g10/keygen.c
|
||||
@@ -47,10 +47,11 @@
|
||||
#include "../common/mbox-util.h"
|
||||
|
||||
|
||||
-/* The default algorithms. If you change them, you should ensure the value
|
||||
- is inside the bounds enforced by ask_keysize and gen_xxx. See also
|
||||
- get_keysize_range which encodes the allowed ranges. */
|
||||
-#define DEFAULT_STD_KEY_PARAM "rsa3072/cert,sign+rsa3072/encr"
|
||||
+/* The default algorithms. If you change them, you should ensure the
|
||||
+ value is inside the bounds enforced by ask_keysize and gen_xxx.
|
||||
+ See also get_keysize_range which encodes the allowed ranges. The
|
||||
+ default answer in ask_algo also needs to be adjusted. */
|
||||
+#define DEFAULT_STD_KEY_PARAM "ed25519/cert,sign+cv25519/encr"
|
||||
#define FUTURE_STD_KEY_PARAM "ed25519/cert,sign+cv25519/encr"
|
||||
|
||||
/* When generating keys using the streamlined key generation dialog,
|
||||
@@ -2112,50 +2113,49 @@ ask_algo (ctrl_t ctrl, int addmode, int *r_subkey_algo, unsigned int *r_usage,
|
||||
|
||||
#if GPG_USE_RSA
|
||||
if (!addmode)
|
||||
- tty_printf (_(" (%d) RSA and RSA (default)\n"), 1 );
|
||||
+ tty_printf (_(" (%d) RSA and RSA%s\n"), 1, "");
|
||||
#endif
|
||||
|
||||
if (!addmode && opt.compliance != CO_DE_VS)
|
||||
- tty_printf (_(" (%d) DSA and Elgamal\n"), 2 );
|
||||
+ tty_printf (_(" (%d) DSA and Elgamal%s\n"), 2, "");
|
||||
|
||||
if (opt.compliance != CO_DE_VS)
|
||||
- tty_printf (_(" (%d) DSA (sign only)\n"), 3 );
|
||||
+ tty_printf (_(" (%d) DSA (sign only)%s\n"), 3, "");
|
||||
#if GPG_USE_RSA
|
||||
- tty_printf (_(" (%d) RSA (sign only)\n"), 4 );
|
||||
+ tty_printf (_(" (%d) RSA (sign only)%s\n"), 4, "");
|
||||
#endif
|
||||
|
||||
if (addmode)
|
||||
{
|
||||
if (opt.compliance != CO_DE_VS)
|
||||
- tty_printf (_(" (%d) Elgamal (encrypt only)\n"), 5 );
|
||||
+ tty_printf (_(" (%d) Elgamal (encrypt only)%s\n"), 5, "");
|
||||
#if GPG_USE_RSA
|
||||
- tty_printf (_(" (%d) RSA (encrypt only)\n"), 6 );
|
||||
+ tty_printf (_(" (%d) RSA (encrypt only)%s\n"), 6, "");
|
||||
#endif
|
||||
}
|
||||
if (opt.expert)
|
||||
{
|
||||
if (opt.compliance != CO_DE_VS)
|
||||
- tty_printf (_(" (%d) DSA (set your own capabilities)\n"), 7 );
|
||||
+ tty_printf (_(" (%d) DSA (set your own capabilities)%s\n"), 7, "");
|
||||
#if GPG_USE_RSA
|
||||
- tty_printf (_(" (%d) RSA (set your own capabilities)\n"), 8 );
|
||||
+ tty_printf (_(" (%d) RSA (set your own capabilities)%s\n"), 8, "");
|
||||
#endif
|
||||
}
|
||||
|
||||
#if GPG_USE_ECDSA || GPG_USE_ECDH || GPG_USE_EDDSA
|
||||
- if (opt.expert && !addmode)
|
||||
- tty_printf (_(" (%d) ECC and ECC\n"), 9 );
|
||||
- if (opt.expert)
|
||||
- tty_printf (_(" (%d) ECC (sign only)\n"), 10 );
|
||||
+ if (!addmode)
|
||||
+ tty_printf (_(" (%d) ECC (sign and encrypt)%s\n"), 9, _(" *default*") );
|
||||
+ tty_printf (_(" (%d) ECC (sign only)\n"), 10 );
|
||||
if (opt.expert)
|
||||
- tty_printf (_(" (%d) ECC (set your own capabilities)\n"), 11 );
|
||||
- if (opt.expert && addmode)
|
||||
- tty_printf (_(" (%d) ECC (encrypt only)\n"), 12 );
|
||||
+ tty_printf (_(" (%d) ECC (set your own capabilities)%s\n"), 11, "");
|
||||
+ if (addmode)
|
||||
+ tty_printf (_(" (%d) ECC (encrypt only)%s\n"), 12, "");
|
||||
#endif
|
||||
|
||||
if (opt.expert && r_keygrip)
|
||||
- tty_printf (_(" (%d) Existing key\n"), 13 );
|
||||
+ tty_printf (_(" (%d) Existing key%s\n"), 13, "");
|
||||
if (r_keygrip)
|
||||
- tty_printf (_(" (%d) Existing key from card\n"), 14 );
|
||||
+ tty_printf (_(" (%d) Existing key from card%s\n"), 14, "");
|
||||
|
||||
for (;;)
|
||||
{
|
||||
@@ -2164,7 +2164,7 @@ ask_algo (ctrl_t ctrl, int addmode, int *r_subkey_algo, unsigned int *r_usage,
|
||||
xfree (answer);
|
||||
answer = cpr_get ("keygen.algo", _("Your selection? "));
|
||||
cpr_kill_prompt ();
|
||||
- algo = *answer? atoi (answer) : 1;
|
||||
+ algo = *answer? atoi (answer) : 9; /* Default algo is 9 */
|
||||
|
||||
if (opt.compliance == CO_DE_VS
|
||||
&& (algo == 2 || algo == 3 || algo == 5 || algo == 7))
|
||||
@@ -2220,13 +2220,13 @@ ask_algo (ctrl_t ctrl, int addmode, int *r_subkey_algo, unsigned int *r_usage,
|
||||
break;
|
||||
}
|
||||
else if ((algo == 9 || !strcmp (answer, "ecc+ecc"))
|
||||
- && opt.expert && !addmode)
|
||||
+ && !addmode)
|
||||
{
|
||||
algo = PUBKEY_ALGO_ECDSA;
|
||||
*r_subkey_algo = PUBKEY_ALGO_ECDH;
|
||||
break;
|
||||
}
|
||||
- else if ((algo == 10 || !strcmp (answer, "ecc/s")) && opt.expert)
|
||||
+ else if ((algo == 10 || !strcmp (answer, "ecc/s")))
|
||||
{
|
||||
algo = PUBKEY_ALGO_ECDSA;
|
||||
*r_usage = PUBKEY_USAGE_SIG;
|
||||
@@ -2239,7 +2239,7 @@ ask_algo (ctrl_t ctrl, int addmode, int *r_subkey_algo, unsigned int *r_usage,
|
||||
break;
|
||||
}
|
||||
else if ((algo == 12 || !strcmp (answer, "ecc/e"))
|
||||
- && opt.expert && addmode)
|
||||
+ && addmode)
|
||||
{
|
||||
algo = PUBKEY_ALGO_ECDH;
|
||||
*r_usage = PUBKEY_USAGE_ENC;
|
||||
@@ -2616,7 +2616,7 @@ ask_curve (int *algo, int *subkey_algo, const char *current)
|
||||
{ "NIST P-256", NULL, NULL, MY_USE_ECDSADH, 0, 1, 0 },
|
||||
{ "NIST P-384", NULL, NULL, MY_USE_ECDSADH, 0, 0, 0 },
|
||||
{ "NIST P-521", NULL, NULL, MY_USE_ECDSADH, 0, 1, 0 },
|
||||
- { "brainpoolP256r1", NULL, "Brainpool P-256", MY_USE_ECDSADH, 1, 1, 0 },
|
||||
+ { "brainpoolP256r1", NULL, "Brainpool P-256", MY_USE_ECDSADH, 1, 0, 0 },
|
||||
{ "brainpoolP384r1", NULL, "Brainpool P-384", MY_USE_ECDSADH, 1, 1, 0 },
|
||||
{ "brainpoolP512r1", NULL, "Brainpool P-512", MY_USE_ECDSADH, 1, 1, 0 },
|
||||
{ "secp256k1", NULL, NULL, MY_USE_ECDSADH, 0, 1, 0 },
|
||||
@@ -2672,9 +2672,10 @@ ask_curve (int *algo, int *subkey_algo, const char *current)
|
||||
}
|
||||
|
||||
curves[idx].available = 1;
|
||||
- tty_printf (" (%d) %s\n", idx + 1,
|
||||
+ tty_printf (" (%d) %s%s\n", idx + 1,
|
||||
curves[idx].pretty_name?
|
||||
- curves[idx].pretty_name:curves[idx].name);
|
||||
+ curves[idx].pretty_name:curves[idx].name,
|
||||
+ idx == 0? _(" *default*"):"");
|
||||
}
|
||||
gcry_sexp_release (keyparms);
|
||||
|
||||
--
|
||||
2.31.1
|
||||
|
BIN
SOURCES/gnupg-2.3.1.tar.bz2.sig
Normal file
BIN
SOURCES/gnupg-2.3.1.tar.bz2.sig
Normal file
Binary file not shown.
877
SPECS/gnupg2.spec
Normal file
877
SPECS/gnupg2.spec
Normal file
@ -0,0 +1,877 @@
|
||||
%if 0%{?fedora} && 0%{?fedora} < 30
|
||||
%bcond_with unversioned_gpg
|
||||
%else
|
||||
%bcond_without unversioned_gpg
|
||||
%endif
|
||||
|
||||
Summary: Utility for secure communication and data storage
|
||||
Name: gnupg2
|
||||
Version: 2.3.1
|
||||
Release: 3%{?dist}
|
||||
|
||||
License: GPLv3+
|
||||
Source0: https://gnupg.org/ftp/gcrypt/%{?pre:alpha/}gnupg/gnupg-%{version}%{?pre}.tar.bz2
|
||||
Source1: https://gnupg.org/ftp/gcrypt/%{?pre:alpha/}gnupg/gnupg-%{version}%{?pre}.tar.bz2.sig
|
||||
# needed for compatibility with system FIPS mode
|
||||
Patch3: gnupg-2.1.10-secmem.patch
|
||||
# non-upstreamable patch adding file-is-digest option needed for Copr
|
||||
# https://dev.gnupg.org/T1646
|
||||
Patch4: gnupg-2.2.20-file-is-digest.patch
|
||||
# fix handling of missing key usage on ocsp replies - upstream T1333
|
||||
Patch5: gnupg-2.2.16-ocsp-keyusage.patch
|
||||
Patch6: gnupg-2.1.1-fips-algo.patch
|
||||
# allow 8192 bit RSA keys in keygen UI with large RSA
|
||||
Patch9: gnupg-2.2.23-large-rsa.patch
|
||||
# fix missing uid on refresh from keys.openpgp.org
|
||||
# https://salsa.debian.org/debian/gnupg2/commit/f292beac1171c6c77faf41d1f88c2e0942ed4437
|
||||
Patch20: gnupg-2.2.18-tests-add-test-cases-for-import-without-uid.patch
|
||||
Patch21: gnupg-2.2.18-gpg-allow-import-of-previously-known-keys-even-without-UI.patch
|
||||
Patch22: gnupg-2.2.18-gpg-accept-subkeys-with-a-good-revocation-but-no-self-sig.patch
|
||||
# Fixes for issues found in Coverity scan - reported upstream
|
||||
Patch30: gnupg-2.2.21-coverity.patch
|
||||
# Revert default EdDSA key types
|
||||
Patch31: gnupg-2.3.1-revert-default-eddsa.patch
|
||||
|
||||
|
||||
URL: https://www.gnupg.org/
|
||||
|
||||
#BuildRequires: automake libtool texinfo transfig
|
||||
BuildRequires: gcc
|
||||
BuildRequires: bzip2-devel
|
||||
BuildRequires: curl-devel
|
||||
BuildRequires: docbook-utils
|
||||
BuildRequires: gettext
|
||||
BuildRequires: libassuan-devel >= 2.1.0
|
||||
BuildRequires: libgcrypt-devel >= 1.9.1
|
||||
BuildRequires: libgpg-error-devel >= 1.38
|
||||
BuildRequires: libksba-devel >= 1.3.0
|
||||
BuildRequires: openldap-devel
|
||||
BuildRequires: libusb-devel
|
||||
BuildRequires: pcsc-lite-libs
|
||||
BuildRequires: npth-devel
|
||||
BuildRequires: readline-devel ncurses-devel
|
||||
BuildRequires: zlib-devel
|
||||
BuildRequires: gnutls-devel
|
||||
BuildRequires: sqlite-devel
|
||||
BuildRequires: fuse
|
||||
BuildRequires: make
|
||||
|
||||
Requires: libgcrypt >= 1.7.0
|
||||
Requires: libgpg-error >= 1.38
|
||||
|
||||
Suggests: pinentry
|
||||
|
||||
Suggests: gnupg2-smime
|
||||
|
||||
%if %{with unversioned_gpg}
|
||||
# pgp-tools, perl-GnuPG-Interface requires 'gpg' (not sure why) -- Rex
|
||||
Provides: gpg = %{version}-%{release}
|
||||
# Obsolete GnuPG-1 package
|
||||
Provides: gnupg = %{version}-%{release}
|
||||
Obsoletes: gnupg < 1.4.24
|
||||
%endif
|
||||
|
||||
Provides: dirmngr = %{version}-%{release}
|
||||
Obsoletes: dirmngr < 1.2.0-1
|
||||
|
||||
%{!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}-%{version}}
|
||||
|
||||
%package smime
|
||||
Summary: CMS encryption and signing tool and smart card support for GnuPG
|
||||
Requires: gnupg2%{?_isa} = %{version}-%{release}
|
||||
|
||||
|
||||
%description
|
||||
GnuPG is GNU's tool for secure communication and data storage. It can
|
||||
be used to encrypt data and to create digital signatures. It includes
|
||||
an advanced key management facility and is compliant with the proposed
|
||||
OpenPGP Internet standard as described in RFC2440 and the S/MIME
|
||||
standard as described by several RFCs.
|
||||
|
||||
GnuPG 2.0 is a newer version of GnuPG with additional support for
|
||||
S/MIME. It has a different design philosophy that splits
|
||||
functionality up into several modules. The S/MIME and smartcard functionality
|
||||
is provided by the gnupg2-smime package.
|
||||
|
||||
%description smime
|
||||
GnuPG is GNU's tool for secure communication and data storage. This
|
||||
package adds support for smart cards and S/MIME encryption and signing
|
||||
to the base GnuPG package
|
||||
|
||||
%prep
|
||||
%setup -q -n gnupg-%{version}
|
||||
|
||||
%patch3 -p1 -b .secmem
|
||||
%patch4 -p1 -b .file-is-digest
|
||||
%patch5 -p1 -b .keyusage
|
||||
%patch6 -p1 -b .fips
|
||||
%patch9 -p1 -b .large-rsa
|
||||
|
||||
%patch20 -p1 -b .test_missing_uid
|
||||
%patch21 -p1 -b .prev_known_key
|
||||
%patch22 -p1 -b .good_revoc
|
||||
|
||||
%patch30 -p1 -b .coverity
|
||||
%patch31 -p1 -R -b .eddsa
|
||||
|
||||
# pcsc-lite library major: 0 in 1.2.0, 1 in 1.2.9+ (dlopen()'d in pcsc-wrapper)
|
||||
# Note: this is just the name of the default shared lib to load in scdaemon,
|
||||
# it can use other implementations too (including non-pcsc ones).
|
||||
%global pcsclib %(basename $(ls -1 %{_libdir}/libpcsclite.so.? 2>/dev/null ) 2>/dev/null )
|
||||
|
||||
sed -i -e 's/"libpcsclite\.so"/"%{pcsclib}"/' scd/scdaemon.c
|
||||
|
||||
|
||||
%build
|
||||
# can not regenerate makefiles because of automake-1.16.3 requirement
|
||||
# ./autogen.sh
|
||||
%configure \
|
||||
%if %{without unversioned_gpg}
|
||||
--enable-gpg-is-gpg2 \
|
||||
%endif
|
||||
--disable-rpath \
|
||||
--enable-g13 \
|
||||
--enable-large-secmem
|
||||
|
||||
# need scratch gpg database for tests
|
||||
mkdir -p $HOME/.gnupg
|
||||
|
||||
%make_build
|
||||
|
||||
|
||||
%install
|
||||
%make_install \
|
||||
docdir=%{_pkgdocdir}
|
||||
|
||||
%if %{without unversioned_gpg}
|
||||
# rename file conflicting with gnupg-1.x
|
||||
rename gnupg.7 gnupg2.7 %{buildroot}%{_mandir}/man7/gnupg.7*
|
||||
%endif
|
||||
|
||||
%find_lang %{name}
|
||||
|
||||
# gpgconf.conf
|
||||
mkdir -p %{buildroot}%{_sysconfdir}/gnupg
|
||||
touch %{buildroot}%{_sysconfdir}/gnupg/gpgconf.conf
|
||||
|
||||
# more docs
|
||||
install -m644 -p AUTHORS NEWS THANKS TODO \
|
||||
%{buildroot}%{_pkgdocdir}
|
||||
|
||||
%if %{with unversioned_gpg}
|
||||
# compat symlinks
|
||||
ln -sf gpg %{buildroot}%{_bindir}/gpg2
|
||||
ln -sf gpgv %{buildroot}%{_bindir}/gpgv2
|
||||
ln -sf gpg.1 %{buildroot}%{_mandir}/man1/gpg2.1
|
||||
ln -sf gpgv.1 %{buildroot}%{_mandir}/man1/gpgv2.1
|
||||
ln -sf gnupg.7 %{buildroot}%{_mandir}/man7/gnupg2.7
|
||||
%endif
|
||||
|
||||
# info dir
|
||||
rm -f %{buildroot}%{_infodir}/dir
|
||||
|
||||
# drop the gpg scheme interpreter
|
||||
rm -f %{buildroot}%{_bindir}/gpgscm
|
||||
|
||||
# Move the systemd user units to appropriate directory
|
||||
install -d -m755 %{buildroot}%{_userunitdir}
|
||||
mv %{buildroot}%{_pkgdocdir}/examples/systemd-user/*.socket %{buildroot}%{_userunitdir}
|
||||
mv %{buildroot}%{_pkgdocdir}/examples/systemd-user/*.service %{buildroot}%{_userunitdir}
|
||||
|
||||
%check
|
||||
# need scratch gpg database for tests
|
||||
mkdir -p $HOME/.gnupg
|
||||
make -k check
|
||||
|
||||
|
||||
%files -f %{name}.lang
|
||||
%license COPYING
|
||||
#doc AUTHORS NEWS README THANKS TODO
|
||||
%{_pkgdocdir}
|
||||
%dir %{_sysconfdir}/gnupg
|
||||
%ghost %config(noreplace) %{_sysconfdir}/gnupg/gpgconf.conf
|
||||
## docs say to install suid root, but fedora/rh security folk say not to
|
||||
%{_bindir}/gpg2
|
||||
%{_bindir}/gpgv2
|
||||
%{_bindir}/gpg-card
|
||||
%{_bindir}/gpg-connect-agent
|
||||
%{_bindir}/gpg-agent
|
||||
%{_bindir}/gpg-wks-client
|
||||
%{_bindir}/gpgconf
|
||||
%{_bindir}/gpgparsemail
|
||||
%{_bindir}/gpgtar
|
||||
%{_bindir}/g13
|
||||
%{_bindir}/dirmngr
|
||||
%{_bindir}/dirmngr-client
|
||||
%if %{with unversioned_gpg}
|
||||
%{_bindir}/gpg
|
||||
%{_bindir}/gpgv
|
||||
%{_bindir}/gpgsplit
|
||||
%endif
|
||||
%{_bindir}/watchgnupg
|
||||
%{_bindir}/gpg-wks-server
|
||||
%{_sbindir}/*
|
||||
%{_datadir}/gnupg/
|
||||
%{_libexecdir}/*
|
||||
%{_infodir}/*.info*
|
||||
%{_mandir}/man?/*
|
||||
%{_userunitdir}/*
|
||||
%exclude %{_mandir}/man?/gpgsm*
|
||||
|
||||
%files smime
|
||||
%{_bindir}/gpgsm*
|
||||
%{_bindir}/kbxutil
|
||||
%{_mandir}/man?/gpgsm*
|
||||
|
||||
|
||||
%changelog
|
||||
* Wed Sep 08 2021 Jakub Jelen <jjelen@redhat.com> - 2.3.1-3
|
||||
- Revernt default key type back to RSA for FIPS compatibility (#2001937)
|
||||
|
||||
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2.3.1-2
|
||||
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
||||
Related: rhbz#1991688
|
||||
|
||||
* Wed Apr 21 2021 Jakub Jelen <jjelen@redhat.com> - 2.3.1-1
|
||||
- New upstream release (#1947159)
|
||||
|
||||
* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 2.2.27-5
|
||||
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
||||
|
||||
* Mon Mar 29 2021 Jakub Jelen <jjelen@redhat.com> - 2.2.27-4
|
||||
- Add a configuration to not require exclusive access to PCSC
|
||||
|
||||
* Thu Feb 18 2021 Jakub Jelen <jjelen@redhat.com> - 2.2.27-3
|
||||
- Bump required libgpg-error version (#1930110)
|
||||
|
||||
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.2.27-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
||||
|
||||
* Tue Jan 12 2021 Jakub Jelen <jjelen@redhat.com> - 2.2.27-1
|
||||
- New upstream release (#1909825)
|
||||
|
||||
* Mon Jan 04 2021 Jakub Jelen <jjelen@redhat.com> - 2.2.26-1
|
||||
- New upstream release (#1909825)
|
||||
|
||||
* Tue Nov 24 2020 Jakub Jelen <jjelen@redhat.com> - 2.2.25-2
|
||||
- Enable gpgtar (#1901103)
|
||||
|
||||
* Tue Nov 24 2020 Jakub Jelen <jjelen@redhat.com> - 2.2.25-1
|
||||
- Update to 2.2.25 (#1900815)
|
||||
|
||||
* Thu Nov 19 2020 Jakub Jelen <jjelen@redhat.com> - 2.2.24-1
|
||||
- Update to 2.2.24 (#1898504)
|
||||
|
||||
* Fri Sep 4 2020 Tomáš Mráz <tmraz@redhat.com> - 2.2.23-1
|
||||
- upgrade to 2.2.23
|
||||
|
||||
* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.2.21-4
|
||||
- Second attempt - Rebuilt for
|
||||
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||
|
||||
* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.2.21-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||
|
||||
* Tue Jul 21 2020 Tom Stellard <tstellar@redhat.com> - 2.2.21-2
|
||||
- Use make macros
|
||||
- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
|
||||
|
||||
* Mon Jul 20 2020 Tomáš Mráz <tmraz@redhat.com> - 2.2.21-1
|
||||
- upgrade to 2.2.21
|
||||
|
||||
* Mon May 4 2020 Tomáš Mráz <tmraz@redhat.com> - 2.2.20-3
|
||||
- fixes for issues found in Coverity scan
|
||||
|
||||
* Thu Apr 30 2020 Tomáš Mráz <tmraz@redhat.com> - 2.2.20-2
|
||||
- move systemd user units to _userunitdir (no activation by default)
|
||||
|
||||
* Tue Apr 14 2020 Tomáš Mráz <tmraz@redhat.com> - 2.2.20-1
|
||||
- upgrade to 2.2.20
|
||||
|
||||
* Wed Jan 29 2020 Tomáš Mráz <tmraz@redhat.com> - 2.2.19-1
|
||||
- upgrade to 2.2.19
|
||||
|
||||
* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.2.18-4
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
||||
|
||||
* Sat Jan 4 2020 Marcel Härry <mh+fedora@scrit.ch> - 2.2.18-3
|
||||
- Add patches to be able to deal with keys without uids (#1787708)
|
||||
|
||||
* Fri Dec 6 2019 Tomáš Mráz <tmraz@redhat.com> - 2.2.18-2
|
||||
- fix abort when decrypting data with anonymous recipient (#1780057)
|
||||
|
||||
* Tue Dec 3 2019 Tomáš Mráz <tmraz@redhat.com> - 2.2.18-1
|
||||
- upgrade to 2.2.18
|
||||
|
||||
* Wed Nov 6 2019 Tomáš Mráz <tmraz@redhat.com> - 2.2.17-3
|
||||
- fix the gnupg(7) manual page (#1769072)
|
||||
|
||||
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.2.17-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
||||
|
||||
* Mon Jul 15 2019 Tomáš Mráz <tmraz@redhat.com> - 2.2.17-1
|
||||
- upgrade to 2.2.17
|
||||
|
||||
* Mon Jul 1 2019 Tomáš Mráz <tmraz@redhat.com> - 2.2.16-1
|
||||
- upgrade to 2.2.16
|
||||
|
||||
* Tue Feb 26 2019 Tomáš Mráz <tmraz@redhat.com> - 2.2.13-1
|
||||
- upgrade to 2.2.13
|
||||
|
||||
* Sun Feb 17 2019 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 2.2.12-3
|
||||
- Rebuild for readline 8.0
|
||||
|
||||
* Mon Feb 4 2019 Tomáš Mráz <tmraz@redhat.com> - 2.2.12-2
|
||||
- make it build with gcc-9
|
||||
|
||||
* Tue Jan 8 2019 Tomáš Mráz <tmraz@redhat.com> - 2.2.12-1
|
||||
- upgrade to 2.2.12
|
||||
|
||||
* Sat Dec 08 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 2.2.11-2
|
||||
- Provide unversioned GPG on F30+
|
||||
|
||||
* Fri Nov 30 2018 Tomáš Mráz <tmraz@redhat.com> - 2.2.11-1
|
||||
- upgrade to 2.2.11
|
||||
|
||||
* Wed Aug 1 2018 Tomáš Mráz <tmraz@redhat.com> - 2.2.9-1
|
||||
- upgrade to 2.2.9
|
||||
|
||||
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.2.8-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
||||
|
||||
* Mon Jun 11 2018 Tomáš Mráz <tmraz@redhat.com> - 2.2.8-1
|
||||
- upgrade to 2.2.8 fixing CVE 2018-12020
|
||||
|
||||
* Wed Apr 11 2018 Tomáš Mráz <tmraz@redhat.com> - 2.2.6-1
|
||||
- upgrade to 2.2.6
|
||||
|
||||
* Fri Mar 2 2018 Tomáš Mráz <tmraz@redhat.com> - 2.2.5-1
|
||||
- upgrade to 2.2.5
|
||||
|
||||
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.2.4-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
||||
|
||||
* Fri Jan 12 2018 Tomáš Mráz <tmraz@redhat.com> - 2.2.4-1
|
||||
- upgrade to 2.2.4
|
||||
|
||||
* Tue Nov 21 2017 Tomáš Mráz <tmraz@redhat.com> - 2.2.3-1
|
||||
- upgrade to 2.2.3
|
||||
|
||||
* Wed Nov 8 2017 Tomáš Mráz <tmraz@redhat.com> - 2.2.2-1
|
||||
- upgrade to 2.2.2
|
||||
|
||||
* Tue Oct 3 2017 Tomáš Mráz <tmraz@redhat.com> - 2.2.1-1
|
||||
- upgrade to 2.2.1
|
||||
|
||||
* Tue Sep 5 2017 Tomáš Mráz <tmraz@redhat.com> - 2.2.0-1
|
||||
- upgrade to 2.2.0
|
||||
|
||||
* Wed Aug 9 2017 Tomáš Mráz <tmraz@redhat.com> - 2.1.22-1
|
||||
- upgrade to 2.1.22
|
||||
|
||||
* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.21-5
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
|
||||
|
||||
* Fri Jul 28 2017 Tomáš Mráz <tmraz@redhat.com> - 2.1.21-4
|
||||
- explictly remove gpgscm from the buildroot
|
||||
|
||||
* Tue Jul 18 2017 Tomáš Mráz <tmraz@redhat.com> - 2.1.21-3
|
||||
- rebase the insttools patch
|
||||
- enable large secure memory support
|
||||
|
||||
* Tue May 16 2017 Tomáš Mráz <tmraz@redhat.com> - 2.1.21-2
|
||||
- scdaemon is now needed by gpg
|
||||
|
||||
* Tue May 16 2017 Tomáš Mráz <tmraz@redhat.com> - 2.1.21-1
|
||||
- upgrade to 2.1.21
|
||||
|
||||
* Tue Apr 25 2017 Tomáš Mráz <tmraz@redhat.com> - 2.1.20-2
|
||||
- libdns aliasing issues fixed
|
||||
|
||||
* Mon Apr 24 2017 Tomáš Mráz <tmraz@redhat.com> - 2.1.20-1
|
||||
- upgrade to 2.1.20
|
||||
- disable bundled libdns for now (#1444352)
|
||||
|
||||
* Fri Mar 24 2017 Tomáš Mráz <tmraz@redhat.com> - 2.1.19-1
|
||||
- upgrade to 2.1.19
|
||||
- shorten time waiting on gpg-agent/dirmngr to start by exponential
|
||||
backoff (#1431749)
|
||||
|
||||
* Wed Mar 1 2017 Tomáš Mráz <tmraz@redhat.com> - 2.1.18-2
|
||||
- upgrade to 2.1.18
|
||||
|
||||
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.17-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
|
||||
|
||||
* Thu Jan 12 2017 Igor Gnatenko <ignatenko@redhat.com> - 2.1.17-2
|
||||
- Rebuild for readline 7.x
|
||||
|
||||
* Thu Dec 22 2016 Tomáš Mráz <tmraz@redhat.com> - 2.1.17-1
|
||||
- upgrade to 2.1.17
|
||||
|
||||
* Mon Nov 28 2016 Tomáš Mráz <tmraz@redhat.com> - 2.1.16-1
|
||||
- upgrade to 2.1.16
|
||||
|
||||
* Mon Aug 22 2016 Tomáš Mráz <tmraz@redhat.com> - 2.1.13-2
|
||||
- avoid using libgcrypt without initialization (#1366909)
|
||||
|
||||
* Tue Jul 12 2016 Tomáš Mráz <tmraz@redhat.com> - 2.1.13-1
|
||||
- upgrade to 2.1.13
|
||||
|
||||
* Thu May 5 2016 Tomáš Mráz <tmraz@redhat.com> - 2.1.12-1
|
||||
- upgrade to 2.1.12
|
||||
|
||||
* Tue Apr 12 2016 Tomáš Mráz <tmraz@redhat.com> - 2.1.11-4
|
||||
- make the pinentry dependency weak as for the public-key operations it
|
||||
is not needed (#1324595)
|
||||
|
||||
* Mon Mar 7 2016 Tomáš Mráz <tmraz@redhat.com> - 2.1.11-3
|
||||
- add recommends weak dependency for gnupg2-smime
|
||||
|
||||
* Sat Mar 5 2016 Peter Robinson <pbrobinson@fedoraproject.org> 2.1.11-2
|
||||
- Don't ship ChangeLog, core details already covered in NEWS
|
||||
|
||||
* Tue Feb 16 2016 Tomáš Mráz <tmraz@redhat.com> - 2.1.11-1
|
||||
- upgrade to 2.1.11
|
||||
|
||||
* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.10-4
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
|
||||
|
||||
* Wed Jan 13 2016 Dan Horák <dan[at]danny.cz> - 2.1.10-3
|
||||
- fix the insttools patch
|
||||
|
||||
* Wed Jan 13 2016 Tomáš Mráz <tmraz@redhat.com> - 2.1.10-2
|
||||
- rebase the insttools patch needed for full gpgv1 replacement
|
||||
|
||||
* Mon Dec 7 2015 Tomáš Mráz <tmraz@redhat.com> - 2.1.10-1
|
||||
- upgrade to 2.1.10
|
||||
|
||||
* Mon Oct 12 2015 Tomáš Mráz <tmraz@redhat.com> - 2.1.9-1
|
||||
- upgrade to 2.1.9
|
||||
|
||||
* Fri Sep 11 2015 Tomáš Mráz <tmraz@redhat.com> - 2.1.8-1
|
||||
- upgrade to 2.1.8
|
||||
|
||||
* Thu Aug 13 2015 Tomáš Mráz <tmraz@redhat.com> - 2.1.7-1
|
||||
- upgrade to 2.1.7
|
||||
|
||||
* Tue Aug 11 2015 Tomáš Mráz <tmraz@redhat.com> - 2.1.6-1
|
||||
- upgrade to 2.1.6
|
||||
|
||||
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.1.5-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
|
||||
|
||||
* Fri Jun 12 2015 Tomáš Mráz <tmraz@redhat.com> - 2.1.5-1
|
||||
- upgrade to 2.1.5
|
||||
|
||||
* Tue May 26 2015 Tomáš Mráz <tmraz@redhat.com> - 2.1.4-2
|
||||
- use gnutls for TLS support in dirmngr (#1224816)
|
||||
|
||||
* Fri May 15 2015 Robert Scheck <robert@fedoraproject.org> - 2.1.4-1
|
||||
- upgrade to 2.1.4 (#1192353)
|
||||
|
||||
* Thu Apr 16 2015 Tomáš Mráz <tmraz@redhat.com> - 2.1.3-1
|
||||
- new upstream release fixing minor bugs
|
||||
|
||||
* Sat Feb 21 2015 Till Maas <opensource@till.name> - 2.1.2-2
|
||||
- Rebuilt for Fedora 23 Change
|
||||
https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code
|
||||
|
||||
* Wed Feb 18 2015 Tomáš Mráz <tmraz@redhat.com> - 2.1.2-1
|
||||
- new upstream release fixing two minor security issues
|
||||
|
||||
* Fri Jan 30 2015 Tomáš Mráz <tmraz@redhat.com> - 2.1.1-2
|
||||
- resolve conflict with gnupg by renaming conflicting manual page (#1187472)
|
||||
|
||||
* Thu Jan 29 2015 Tomáš Mráz <tmraz@redhat.com> - 2.1.1-1
|
||||
- new upstream release
|
||||
- this release now includes the dirmngr which is obsoleted as separate package
|
||||
|
||||
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.25-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
|
||||
|
||||
* Tue Aug 5 2014 Tomáš Mráz <tmraz@redhat.com> - 2.0.25-1
|
||||
- new upstream release fixing a minor regression introduced by the previous one
|
||||
- add --file-is-digest option needed for copr
|
||||
|
||||
* Sat Jul 12 2014 Tom Callaway <spot@fedoraproject.org> - 2.0.24-2
|
||||
- fix license handling
|
||||
|
||||
* Wed Jun 25 2014 Tomáš Mráz <tmraz@redhat.com> - 2.0.24-1
|
||||
- new upstream release fixing CVE-2014-4617
|
||||
|
||||
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.22-4
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
|
||||
|
||||
* Wed May 7 2014 Tomáš Mráz <tmraz@redhat.com> - 2.0.22-3
|
||||
- do not dump core if hash algorithm not available in the FIPS mode
|
||||
|
||||
* Tue Mar 4 2014 Tomáš Mráz <tmraz@redhat.com> - 2.0.22-2
|
||||
- rebuilt against new libgcrypt
|
||||
|
||||
* Tue Oct 8 2013 Tomáš Mráz <tmraz@redhat.com> - 2.0.22-1
|
||||
- new upstream release fixing CVE-2013-4402
|
||||
|
||||
* Fri Aug 23 2013 Tomáš Mráz <tmraz@redhat.com> - 2.0.21-1
|
||||
- new upstream release
|
||||
|
||||
* Wed Aug 7 2013 Tomas Mraz <tmraz@redhat.com> - 2.0.20-3
|
||||
- adjust to the unversioned docdir change (#993785)
|
||||
|
||||
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.20-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
|
||||
|
||||
* Wed May 15 2013 Tomas Mraz <tmraz@redhat.com> - 2.0.20-1
|
||||
- new upstream release
|
||||
|
||||
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.19-8
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
|
||||
|
||||
* Wed Jan 2 2013 Tomas Mraz <tmraz@redhat.com> - 2.0.19-7
|
||||
- fix CVE-2012-6085 - skip invalid key packets (#891142)
|
||||
|
||||
* Thu Nov 22 2012 Tomas Mraz <tmraz@redhat.com> - 2.0.19-6
|
||||
- use AES as default crypto algorithm in FIPS mode (#879047)
|
||||
|
||||
* Fri Nov 16 2012 Jamie Nguyen <jamielinux@fedoraproject.org> - 2.0.19-5
|
||||
- rebuild for <f18 (#877106)
|
||||
|
||||
* Fri Jul 27 2012 Tomas Mraz <tmraz@redhat.com> - 2.0.19-4
|
||||
- fix negated condition (#843842)
|
||||
|
||||
* Thu Jul 26 2012 Tomas Mraz <tmraz@redhat.com> - 2.0.19-3
|
||||
- add compat symlinks and provides if built on RHEL
|
||||
|
||||
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.19-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
|
||||
|
||||
* Tue Apr 24 2012 Tomas Mraz <tmraz@redhat.com> - 2.0.19-1
|
||||
- new upstream release
|
||||
- set environment in protect-tool (#548528)
|
||||
- do not reject OCSP signing certs without keyUsage (#720174)
|
||||
|
||||
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.18-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
|
||||
|
||||
* Wed Oct 12 2011 Rex Dieter <rdieter@fedoraproject.org> 2.0.18-2
|
||||
- build with --enable-standard-socket
|
||||
|
||||
* Wed Aug 17 2011 Tomas Mraz <tmraz@redhat.com> - 2.0.18-1
|
||||
- new upstream release (#728481)
|
||||
|
||||
* Mon Jul 25 2011 Tomas Mraz <tmraz@redhat.com> - 2.0.17-2
|
||||
- fix a bug that shows up with the new libgcrypt release (#725369)
|
||||
|
||||
* Thu Jan 20 2011 Tomas Mraz <tmraz@redhat.com> - 2.0.17-1
|
||||
- new upstream release (#669611)
|
||||
|
||||
* Tue Aug 17 2010 Tomas Mraz <tmraz@redhat.com> - 2.0.16-3
|
||||
- drop the provides/obsoletes for gnupg
|
||||
- drop the man page file conflicting with gnupg-1.x
|
||||
|
||||
* Fri Aug 13 2010 Tomas Mraz <tmraz@redhat.com> - 2.0.16-2
|
||||
- drop the compat symlinks as gnupg-1.x is revived
|
||||
|
||||
* Tue Jul 27 2010 Rex Dieter <rdieter@fedoraproject.org> - 2.0.16-1
|
||||
- gnupg-2.0.16
|
||||
|
||||
* Fri Jul 23 2010 Rex Dieter <rdieter@fedoraproject.org> - 2.0.14-4
|
||||
- gpgsm realloc patch (#617706)
|
||||
|
||||
* Fri Jun 18 2010 Tomas Mraz <tmraz@redhat.com> - 2.0.14-3
|
||||
- initialize small amount of secmem for list of algorithms in help (#598847)
|
||||
(necessary in the FIPS mode of libgcrypt)
|
||||
|
||||
* Tue Feb 9 2010 Tomas Mraz <tmraz@redhat.com> - 2.0.14-2
|
||||
- disable selinux support - it is too rudimentary and restrictive (#562982)
|
||||
|
||||
* Mon Jan 11 2010 Tomas Mraz <tmraz@redhat.com> - 2.0.14-1
|
||||
- new upstream version
|
||||
- fix a few tests so they do not need to execute gpg-agent
|
||||
|
||||
* Tue Dec 8 2009 Michael Schwendt <mschwendt@fedoraproject.org> - 2.0.13-4
|
||||
- Explicitly BR libassuan-static in accordance with the Packaging
|
||||
Guidelines (libassuan-devel is still static-only).
|
||||
|
||||
* Fri Oct 23 2009 Tomas Mraz <tmraz@redhat.com> - 2.0.13-3
|
||||
- drop s390 specific ifnarchs as all the previously missing dependencies
|
||||
are now there
|
||||
- split out gpgsm into a smime subpackage to reduce main package dependencies
|
||||
|
||||
* Wed Oct 21 2009 Tomas Mraz <tmraz@redhat.com> - 2.0.13-2
|
||||
- provide/obsolete gnupg-1 and add compat symlinks to be able to drop
|
||||
gnupg-1
|
||||
|
||||
* Fri Sep 04 2009 Rex Dieter <rdieter@fedoraproject.org> - 2.0.13-1
|
||||
- gnupg-2.0.13
|
||||
- Unable to use gpg-agent + input methods (#228953)
|
||||
|
||||
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.12-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
|
||||
|
||||
* Wed Jun 17 2009 Rex Dieter <rdieter@fedoraproject.org> - 2.0.12-1
|
||||
- gnupg-2.0.12
|
||||
|
||||
* Wed Mar 04 2009 Rex Dieter <rdieter@fedoraproject.org> - 2.0.11-1
|
||||
- gnupg-2.0.11
|
||||
|
||||
* Tue Feb 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.10-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
|
||||
|
||||
* Sat Jan 31 2009 Karsten Hopp <karsten@redhat.com> 2.0.10-1
|
||||
- don't require pcsc-lite-libs and libusb on mainframe where
|
||||
we don't have those packages as there's no hardware for that
|
||||
|
||||
* Tue Jan 13 2009 Rex Dieter <rdieter@fedoraproject.org> 2.0.10-1
|
||||
- gnupg-2.0.10
|
||||
|
||||
* Mon Aug 04 2008 Rex Dieter <rdieter@fedoraproject.org> 2.0.9-3
|
||||
- workaround rpm quirks
|
||||
|
||||
* Sat May 24 2008 Tom "spot" Callaway <tcallawa@redhat.com> 2.0.9-2
|
||||
- Patch from upstream to fix curl 7.18.1+ and gcc4.3+ compile error
|
||||
|
||||
* Mon May 19 2008 Tom "spot" Callaway <tcallawa@redhat.com> 2.0.9-1.1
|
||||
- minor release bump for sparc rebuild
|
||||
|
||||
* Wed Mar 26 2008 Rex Dieter <rdieter@fedoraproject.org> 2.0.9-1
|
||||
- gnupg2-2.0.9
|
||||
- drop Provides: openpgp
|
||||
- versioned Provides: gpg
|
||||
- own %%_sysconfdir/gnupg
|
||||
|
||||
* Fri Feb 08 2008 Rex Dieter <rdieter@fedoraproject.org> 2.0.8-3
|
||||
- respin (gcc43)
|
||||
|
||||
* Wed Jan 23 2008 Rex Dieter <rdieter@fedoraproject.org> 2.0.8-2
|
||||
- avoid kde-filesystem dep (#427316)
|
||||
|
||||
* Thu Dec 20 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 2.0.8-1
|
||||
- gnupg2-2.0.8
|
||||
|
||||
* Mon Dec 17 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 2.0.8-0.1.rc1
|
||||
- gnupg2-2.0.8rc1
|
||||
|
||||
* Tue Dec 04 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 2.0.7-5
|
||||
- respin for openldap
|
||||
|
||||
* Mon Nov 12 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 2.0.7-4
|
||||
- Requires: kde-filesystem (#377841)
|
||||
|
||||
* Wed Oct 03 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 2.0.7-3
|
||||
- %%build: (re)add mkdir -p $HOME/.gnupg
|
||||
|
||||
* Wed Oct 03 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 2.0.7-2
|
||||
- Requires: dirmngr (#312831)
|
||||
|
||||
* Mon Sep 10 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 2.0.7-1
|
||||
- gnupg-2.0.7
|
||||
|
||||
* Fri Aug 24 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 2.0.6-2
|
||||
- respin (libassuan)
|
||||
|
||||
* Thu Aug 16 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 2.0.6-1
|
||||
- gnupg-2.0.6
|
||||
- License: GPLv3+
|
||||
|
||||
* Thu Aug 02 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 2.0.5-4
|
||||
- License: GPLv3
|
||||
|
||||
* Mon Jul 16 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 2.0.5-3
|
||||
- 2.0.5 too many open files fix
|
||||
|
||||
* Fri Jul 06 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 2.0.5-2
|
||||
- gnupg-2.0.5
|
||||
- gpg-agent not restarted after kde session crash/killed (#196327)
|
||||
- BR: libassuan-devel > 1.0.2, libksba-devel > 1.0.2
|
||||
|
||||
* Fri May 18 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 2.0.4-1
|
||||
- gnupg-2.0.4
|
||||
|
||||
* Thu Mar 08 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 2.0.3-1
|
||||
- gnupg-2.0.3
|
||||
|
||||
* Fri Feb 02 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 2.0.2-1
|
||||
- gnupg-2.0.2
|
||||
|
||||
* Wed Dec 06 2006 Rex Dieter <rexdieter[AT]users.sf.net> 2.0.1-2
|
||||
- CVE-2006-6235 (#219934)
|
||||
|
||||
* Wed Nov 29 2006 Rex Dieter <rexdieter[AT]users.sf.net> 2.0.1-1
|
||||
- gnupg-2.0.1
|
||||
- CVE-2006-6169 (#217950)
|
||||
|
||||
* Sat Nov 25 2006 Rex Dieter <rexdieter[AT]users.sf.net> 2.0.1-0.3.rc1
|
||||
- gnupg-2.0.1rc1
|
||||
|
||||
* Thu Nov 16 2006 Rex Dieter <rexdieter[AT]users.sf.net> 2.0.0-4
|
||||
- update %%description
|
||||
- drop dearmor patch
|
||||
|
||||
* Mon Nov 13 2006 Rex Dieter <rexdieter[AT]users.sf.net> 2.0.0-3
|
||||
- BR: libassuan-static >= 1.0.0
|
||||
|
||||
* Mon Nov 13 2006 Rex Dieter <rexdieter[AT]users.sf.net> 2.0.0-2
|
||||
- gnupg-2.0.0
|
||||
|
||||
* Fri Nov 10 2006 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.95-3
|
||||
- upstream 64bit patch
|
||||
|
||||
* Mon Nov 06 2006 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.95-2
|
||||
- fix (more) file conflicts with gnupg
|
||||
|
||||
* Mon Nov 06 2006 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.95-1
|
||||
- 1.9.95
|
||||
|
||||
* Wed Oct 25 2006 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.94-1
|
||||
- 1.9.94
|
||||
|
||||
* Wed Oct 18 2006 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.93-1
|
||||
- 1.9.93
|
||||
|
||||
* Wed Oct 11 2006 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.92-2
|
||||
- fix file conflicts with gnupg
|
||||
|
||||
* Wed Oct 11 2006 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.92-1
|
||||
- 1.9.92
|
||||
|
||||
* Tue Oct 10 2006 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.91-4
|
||||
- make check ||: (apparently checks return err even on success?)
|
||||
|
||||
* Tue Oct 10 2006 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.91-3
|
||||
- --enable-selinux-support
|
||||
- x86_64: --disable-optimization (to avoid gpg2 segfaults), for now
|
||||
|
||||
* Thu Oct 05 2006 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.91-1
|
||||
- 1.9.91
|
||||
|
||||
* Wed Oct 04 2006 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.22-8
|
||||
- respin
|
||||
|
||||
* Tue Sep 26 2006 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.90-1
|
||||
- 1.9.90 (doesn't build, not released)
|
||||
|
||||
* Mon Sep 18 2006 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.23-1
|
||||
- 1.9.23 (doesn't build, not released)
|
||||
|
||||
* Mon Sep 18 2006 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.22-7
|
||||
- gpg-agent-startup.sh: fix case where valid .gpg-agent-info exists
|
||||
|
||||
* Mon Sep 18 2006 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.22-6
|
||||
- fix "syntax error in gpg-agent-startup.sh" (#206887)
|
||||
|
||||
* Thu Sep 07 2006 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.22-3
|
||||
- fc6 respin (for libksba-1.0)
|
||||
|
||||
* Tue Aug 29 2006 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.22-2
|
||||
- fc6 respin
|
||||
|
||||
* Fri Jul 28 2006 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.22-1
|
||||
- 1.9.22
|
||||
|
||||
* Thu Jun 22 2006 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.21-3
|
||||
- fix "gpg-agent not restarted after kde session crash/killed (#196327)
|
||||
|
||||
* Thu Jun 22 2006 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.21-2
|
||||
- 1.9.21
|
||||
- omit gpg2 binary to address CVS-2006-3082 (#196190)
|
||||
|
||||
* Mon Mar 6 2006 Ville Skyttä <ville.skytta at iki.fi>> 1.9.20-3
|
||||
- Don't hardcode pcsc-lite lib name (#184123)
|
||||
|
||||
* Thu Feb 16 2006 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.20-2
|
||||
- fc4+: use /etc/kde/(env|shutdown) for scripts (#175744)
|
||||
|
||||
* Fri Feb 10 2006 Rex Dieter <rexdieter[AT]users.sf.net>
|
||||
- fc5: gcc/glibc respin
|
||||
|
||||
* Tue Dec 20 2005 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.20-1
|
||||
- 1.9.20
|
||||
|
||||
* Thu Dec 01 2005 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.19-8
|
||||
- include gpg-agent-(startup|shutdown) scripts (#136533)
|
||||
- BR: libksba-devel >= 1.9.12
|
||||
- %%check: be permissive about failures (for now)
|
||||
|
||||
* Wed Nov 30 2005 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.19-3
|
||||
- BR: libksba-devel >= 1.9.13
|
||||
|
||||
* Tue Oct 11 2005 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.19-2
|
||||
- back to BR: libksba-devel = 1.9.11
|
||||
|
||||
* Tue Oct 11 2005 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.19-1
|
||||
- 1.9.19
|
||||
|
||||
* Fri Aug 26 2005 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.18-9
|
||||
- configure: NEED_KSBA_VERSION=0.9.12 -> 0.9.11
|
||||
|
||||
* Fri Aug 26 2005 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.18-7
|
||||
- re-enable 'make check', rebuild against (older) libksba-0.9.11
|
||||
|
||||
* Tue Aug 9 2005 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.18-6
|
||||
- don't 'make check' by default (regular builds pass, but FC4/5+plague fails)
|
||||
|
||||
* Mon Aug 8 2005 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.18-5
|
||||
- 1.9.18
|
||||
- drop pth patch (--enable-gpg build fixed)
|
||||
- update description (from README)
|
||||
|
||||
* Fri Jul 1 2005 Ville Skyttä <ville.skytta at iki.fi> - 1.9.17-1
|
||||
- 1.9.17, signal info patch applied upstream (#162264).
|
||||
- Patch to fix lvalue build error with gcc4 (upstream #485).
|
||||
- Patch scdaemon and pcsc-wrapper to load the versioned (non-devel)
|
||||
pcsc-lite lib by default.
|
||||
|
||||
* Fri May 13 2005 Michael Schwendt <mschwendt[AT]users.sf.net> - 1.9.16-3
|
||||
- Include upstream's patch for signal.c.
|
||||
|
||||
* Tue May 10 2005 Michael Schwendt <mschwendt[AT]users.sf.net> - 1.9.16-1
|
||||
- Merge changes from Rex's 1.9.16-1 (Thu Apr 21):
|
||||
- opensc support unconditional
|
||||
- remove hard-coded .gz from %%post/%%postun
|
||||
- add %%check section
|
||||
- add pth patch
|
||||
- Put back patch modified from 1.9.15-4 to make tests verbose
|
||||
and change signal.c to describe received signals better.
|
||||
|
||||
* Sun May 8 2005 Michael Schwendt <mschwendt[AT]users.sf.net>
|
||||
- Drop patch0 again.
|
||||
|
||||
* Sun May 8 2005 Michael Schwendt <mschwendt[AT]users.sf.net> - 1.9.15-4
|
||||
- Add patch0 temporarily to get some output from failing test.
|
||||
|
||||
* Sat May 7 2005 David Woodhouse <dwmw2@infradead.org> 1.9.15-3
|
||||
- Rebuild.
|
||||
|
||||
* Thu Apr 7 2005 Michael Schwendt <mschwendt[AT]users.sf.net>
|
||||
- rebuilt
|
||||
|
||||
* Tue Feb 1 2005 Michael Schwendt <mschwendt[AT]users.sf.net> - 0:1.9.15-1
|
||||
- Make install-info in scriptlets less noisy.
|
||||
|
||||
* Tue Jan 18 2005 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.15-0.fdr.1
|
||||
- 1.9.15
|
||||
|
||||
* Fri Jan 07 2005 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.14-0.fdr.2
|
||||
- note patch/hack to build against older ( <1.0) libgpg-error-devel
|
||||
|
||||
* Thu Jan 06 2005 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.14-0.fdr.1
|
||||
- 1.9.14
|
||||
- enable opensc support
|
||||
- BR: libassuan-devel >= 0.6.9
|
||||
|
||||
* Thu Oct 21 2004 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.11-0.fdr.4
|
||||
- remove suid.
|
||||
|
||||
* Thu Oct 21 2004 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.11-0.fdr.3
|
||||
- remove Provides: newpg
|
||||
|
||||
* Wed Oct 20 2004 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.11-0.fdr.2
|
||||
- Requires: pinentry
|
||||
- gpg2 suid
|
||||
- update description
|
||||
|
||||
* Tue Oct 19 2004 Rex Dieter <rexdieter[AT]users.sf.net> 1.9.11-0.fdr.1
|
||||
- first try
|
||||
- leave out opensc support (for now), enable --with-opensc
|
||||
|
Loading…
Reference in New Issue
Block a user