From 906c1a584ad32c9baf03ed4bc81a1ff1849496bb Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Mon, 24 Apr 2017 17:34:09 +0200 Subject: [PATCH] upgrade to 2.1.20 disable bundled libdns for now (#1444352) --- .gitignore | 2 + gnupg-2.1.19-build.patch | 243 ------------------ gnupg-2.1.20-build.patch | 70 +++++ ...patch => gnupg-2.1.20-file-is-digest.patch | 56 ++-- gnupg2.spec | 11 +- sources | 4 +- 6 files changed, 110 insertions(+), 276 deletions(-) delete mode 100644 gnupg-2.1.19-build.patch create mode 100644 gnupg-2.1.20-build.patch rename gnupg-2.1.16-file-is-digest.patch => gnupg-2.1.20-file-is-digest.patch (75%) diff --git a/.gitignore b/.gitignore index 96ab5d9..08c7d3e 100644 --- a/.gitignore +++ b/.gitignore @@ -50,3 +50,5 @@ gnupg-2.0.16.tar.bz2.sig /gnupg-2.1.18.tar.bz2.sig /gnupg-2.1.19.tar.bz2 /gnupg-2.1.19.tar.bz2.sig +/gnupg-2.1.20.tar.bz2 +/gnupg-2.1.20.tar.bz2.sig diff --git a/gnupg-2.1.19-build.patch b/gnupg-2.1.19-build.patch deleted file mode 100644 index 6d01b8a..0000000 --- a/gnupg-2.1.19-build.patch +++ /dev/null @@ -1,243 +0,0 @@ -diff -up gnupg-2.1.19/configure.ac.build gnupg-2.1.19/configure.ac ---- gnupg-2.1.19/configure.ac.build 2017-03-01 18:30:52.000000000 +0100 -+++ gnupg-2.1.19/configure.ac 2017-03-15 17:03:23.909920917 +0100 -@@ -89,8 +89,8 @@ AC_GNU_SOURCE - # CFLAGS (they are restored at the end of the configure script). This - # is because some configure checks don't work with -Werror, but we'd - # like to use -Werror with our build. --CFLAGS_orig=$CFLAGS --CFLAGS= -+#CFLAGS_orig=$CFLAGS -+#CFLAGS= - - # Some status variables. - have_gpg_error=no -@@ -1710,7 +1710,7 @@ fi - # - # Add user CFLAGS. - # --CFLAGS="$CFLAGS $CFLAGS_orig" -+# CFLAGS="$CFLAGS $CFLAGS_orig" - - # - # Decide what to build -diff -up gnupg-2.1.19/configure.build gnupg-2.1.19/configure ---- gnupg-2.1.19/configure.build 2017-03-01 18:41:49.000000000 +0100 -+++ gnupg-2.1.19/configure 2017-03-15 17:03:23.911920964 +0100 -@@ -5044,8 +5044,8 @@ $as_echo "$ac_cv_safe_to_define___extens - # CFLAGS (they are restored at the end of the configure script). This - # is because some configure checks don't work with -Werror, but we'd - # like to use -Werror with our build. --CFLAGS_orig=$CFLAGS --CFLAGS= -+#CFLAGS_orig=$CFLAGS -+#CFLAGS= - - # Some status variables. - have_gpg_error=no -@@ -15656,7 +15656,7 @@ fi - # - # Add user CFLAGS. - # --CFLAGS="$CFLAGS $CFLAGS_orig" -+# CFLAGS="$CFLAGS $CFLAGS_orig" - - # - # Decide what to build -diff -up gnupg-2.1.19/dirmngr/Makefile.am.build gnupg-2.1.19/dirmngr/Makefile.am ---- gnupg-2.1.19/dirmngr/Makefile.am.build 2017-03-01 14:04:33.000000000 +0100 -+++ gnupg-2.1.19/dirmngr/Makefile.am 2017-03-15 17:03:23.911920964 +0100 -@@ -152,7 +152,7 @@ t_ldap_parse_uri_SOURCES = \ - t-ldap-parse-uri.c ldap-parse-uri.c ldap-parse-uri.h \ - http.c dns-stuff.c \ - $(ldap_url) $(t_common_src) --t_ldap_parse_uri_CFLAGS = -DWITHOUT_NPTH=1 $(USE_C99_CFLAGS) \ -+t_ldap_parse_uri_CFLAGS = -DWITHOUT_NPTH=1 $(LIBASSUAN_CFLAGS) $(USE_C99_CFLAGS) \ - $(LIBGCRYPT_CFLAGS) $(GPG_ERROR_CFLAGS) - t_ldap_parse_uri_LDADD = $(ldaplibs) $(t_common_ldadd) $(DNSLIBS) - -diff -up gnupg-2.1.19/dirmngr/Makefile.in.build gnupg-2.1.19/dirmngr/Makefile.in ---- gnupg-2.1.19/dirmngr/Makefile.in.build 2017-03-01 18:41:47.000000000 +0100 -+++ gnupg-2.1.19/dirmngr/Makefile.in 2017-03-15 17:03:23.911920964 +0100 -@@ -681,7 +681,7 @@ t_ldap_parse_uri_SOURCES = \ - http.c dns-stuff.c \ - $(ldap_url) $(t_common_src) - --t_ldap_parse_uri_CFLAGS = -DWITHOUT_NPTH=1 $(USE_C99_CFLAGS) \ -+t_ldap_parse_uri_CFLAGS = -DWITHOUT_NPTH=1 $(LIBASSUAN_CFLAGS) $(USE_C99_CFLAGS) \ - $(LIBGCRYPT_CFLAGS) $(GPG_ERROR_CFLAGS) - - t_ldap_parse_uri_LDADD = $(ldaplibs) $(t_common_ldadd) $(DNSLIBS) -diff -up gnupg-2.1.19/tests/gpgscm/scheme.c.build gnupg-2.1.19/tests/gpgscm/scheme.c ---- gnupg-2.1.19/tests/gpgscm/scheme.c.build 2017-03-01 14:04:33.000000000 +0100 -+++ gnupg-2.1.19/tests/gpgscm/scheme.c 2017-03-24 17:22:38.305054344 +0100 -@@ -113,41 +113,29 @@ static const char *strlwr(char *s) { - - - --/* Support for immediate values. -- * -- * Immediate values are tagged with IMMEDIATE_TAG, which is neither -- * used in types, nor in pointer values. -- * -- * XXX: Currently, we only use this to tag pointers in vectors. */ --#define IMMEDIATE_TAG 1 --#define is_immediate(p) ((pointer) ((uintptr_t) (p) & IMMEDIATE_TAG)) --#define set_immediate(p) ((pointer) ((uintptr_t) (p) | IMMEDIATE_TAG)) --#define clr_immediate(p) ((pointer) ((uintptr_t) (p) & ~IMMEDIATE_TAG)) -- -- -- -+/* All types have the LSB set. The garbage collector takes advantage -+ * of that to identify types. */ - enum scheme_types { -- T_STRING=1 << 1, /* Do not use the lsb, it is used for -- * immediate values. */ -- T_NUMBER=2 << 1, -- T_SYMBOL=3 << 1, -- T_PROC=4 << 1, -- T_PAIR=5 << 1, -- T_CLOSURE=6 << 1, -- T_CONTINUATION=7 << 1, -- T_FOREIGN=8 << 1, -- T_CHARACTER=9 << 1, -- T_PORT=10 << 1, -- T_VECTOR=11 << 1, -- T_MACRO=12 << 1, -- T_PROMISE=13 << 1, -- T_ENVIRONMENT=14 << 1, -- T_FOREIGN_OBJECT=15 << 1, -- T_BOOLEAN=16 << 1, -- T_NIL=17 << 1, -- T_EOF_OBJ=18 << 1, -- T_SINK=19 << 1, -- T_LAST_SYSTEM_TYPE=19 << 1 -+ T_STRING = 1 << 1 | 1, -+ T_NUMBER = 2 << 1 | 1, -+ T_SYMBOL = 3 << 1 | 1, -+ T_PROC = 4 << 1 | 1, -+ T_PAIR = 5 << 1 | 1, -+ T_CLOSURE = 6 << 1 | 1, -+ T_CONTINUATION = 7 << 1 | 1, -+ T_FOREIGN = 8 << 1 | 1, -+ T_CHARACTER = 9 << 1 | 1, -+ T_PORT = 10 << 1 | 1, -+ T_VECTOR = 11 << 1 | 1, -+ T_MACRO = 12 << 1 | 1, -+ T_PROMISE = 13 << 1 | 1, -+ T_ENVIRONMENT = 14 << 1 | 1, -+ T_FOREIGN_OBJECT = 15 << 1 | 1, -+ T_BOOLEAN = 16 << 1 | 1, -+ T_NIL = 17 << 1 | 1, -+ T_EOF_OBJ = 18 << 1 | 1, -+ T_SINK = 19 << 1 | 1, -+ T_LAST_SYSTEM_TYPE = 19 << 1 | 1 - }; - - static const char * -@@ -1357,20 +1345,20 @@ INTERFACE static void fill_vector(pointe - size_t i; - assert (is_vector (vec)); - for(i = 0; i < vector_length(vec); i++) { -- vec->_object._vector._elements[i] = set_immediate(obj); -+ vec->_object._vector._elements[i] = obj; - } - } - - INTERFACE static pointer vector_elem(pointer vec, int ielem) { - assert (is_vector (vec)); - assert (ielem < vector_length(vec)); -- return clr_immediate(vec->_object._vector._elements[ielem]); -+ return vec->_object._vector._elements[ielem]; - } - - INTERFACE static pointer set_vector_elem(pointer vec, int ielem, pointer a) { - assert (is_vector (vec)); - assert (ielem < vector_length(vec)); -- vec->_object._vector._elements[ielem] = set_immediate(a); -+ vec->_object._vector._elements[ielem] = a; - return a; - } - -@@ -1572,7 +1560,7 @@ E2: setmark(p); - if(is_vector(p)) { - int i; - for (i = 0; i < vector_length(p); i++) { -- mark(clr_immediate(p->_object._vector._elements[i])); -+ mark(p->_object._vector._elements[i]); - } - } - #if SHOW_ERROR_LINE -@@ -1673,8 +1661,9 @@ static void gc(scheme *sc, pointer a, po - for (i = sc->last_cell_seg; i >= 0; i--) { - p = sc->cell_seg[i] + CELL_SEGSIZE; - while (--p >= sc->cell_seg[i]) { -- if (typeflag(p) & IMMEDIATE_TAG) -- continue; -+ if ((typeflag(p) & 1) == 0) -+ /* All types have the LSB set. This is not a typeflag. */ -+ continue; - if (is_mark(p)) { - clrmark(p); - } else { -diff -up gnupg-2.1.19/tests/openpgp/Makefile.am.build gnupg-2.1.19/tests/openpgp/Makefile.am ---- gnupg-2.1.19/tests/openpgp/Makefile.am.build 2017-03-01 14:04:33.000000000 +0100 -+++ gnupg-2.1.19/tests/openpgp/Makefile.am 2017-03-15 18:41:09.899078597 +0100 -@@ -82,7 +82,6 @@ XTESTS = \ - import-revocation-certificate.scm \ - ecc.scm \ - 4gb-packet.scm \ -- tofu.scm \ - gpgtar.scm \ - use-exact-key.scm \ - default-key.scm \ -diff -up gnupg-2.1.19/tests/openpgp/Makefile.in.build gnupg-2.1.19/tests/openpgp/Makefile.in ---- gnupg-2.1.19/tests/openpgp/Makefile.in.build 2017-03-01 18:41:48.000000000 +0100 -+++ gnupg-2.1.19/tests/openpgp/Makefile.in 2017-03-15 18:41:27.318482699 +0100 -@@ -478,7 +478,6 @@ XTESTS = \ - import-revocation-certificate.scm \ - ecc.scm \ - 4gb-packet.scm \ -- tofu.scm \ - gpgtar.scm \ - use-exact-key.scm \ - default-key.scm \ -diff -up gnupg-2.1.19/tests/openpgp/quick-key-manipulation.scm.build gnupg-2.1.19/tests/openpgp/quick-key-manipulation.scm ---- gnupg-2.1.19/tests/openpgp/quick-key-manipulation.scm.build 2017-03-01 14:04:33.000000000 +0100 -+++ gnupg-2.1.19/tests/openpgp/quick-key-manipulation.scm 2017-03-24 17:23:01.123587702 +0100 -@@ -123,8 +123,13 @@ - (default default never) - (rsa "sign auth encr" "seconds=600") ;; GPGME uses this - (rsa "auth,encr" "2") ;; "without a letter, days is assumed" -- (rsa "sign" "2105-01-01") ;; "last year GnuPG can represent is 2105" -- (rsa "sign" "21050101T115500") ;; "last year GnuPG can represent is 2105" -+ ;; Sadly, the timestamp is truncated by the use of time_t on -+ ;; systems where time_t is a signed 32 bit value. -+ (rsa "sign" "2038-01-01") ;; unix millennium -+ (rsa "sign" "20380101T115500") ;; unix millennium -+ ;; Once fixed, we can use later timestamps: -+ ;; (rsa "sign" "2105-01-01") ;; "last year GnuPG can represent is 2105" -+ ;; (rsa "sign" "21050101T115500") ;; "last year GnuPG can represent is 2105" - (rsa sign "2d") - (rsa1024 sign "2w") - (rsa2048 encr "2m") -@@ -155,7 +160,8 @@ - (lambda (subkey) - (assert (= 1 (:alg subkey))) - (assert (string-contains? (:cap subkey) "s")) -- (assert (time-matches? 4260207600 ;; 2105-01-01 -+ (assert (time-matches? 2145916800 ;; 2038-01-01 -+ ;; 4260207600 ;; 2105-01-01 - (string->number (:expire subkey)) - ;; This is off by 12h, but I guess it just - ;; choses the middle of the day. -@@ -163,7 +169,8 @@ - (lambda (subkey) - (assert (= 1 (:alg subkey))) - (assert (string-contains? (:cap subkey) "s")) -- (assert (time-matches? 4260254100 ;; UTC 2105-01-01 11:55:00 -+ (assert (time-matches? 2145959700 ;; UTC 2038-01-01 11:55:00 -+ ;; 4260254100 ;; UTC 2105-01-01 11:55:00 - (string->number (:expire subkey)) - (minutes->seconds 5)))) - (lambda (subkey) diff --git a/gnupg-2.1.20-build.patch b/gnupg-2.1.20-build.patch new file mode 100644 index 0000000..65b06e5 --- /dev/null +++ b/gnupg-2.1.20-build.patch @@ -0,0 +1,70 @@ +diff -up gnupg-2.1.20/configure.ac.build gnupg-2.1.20/configure.ac +--- gnupg-2.1.20/configure.ac.build 2017-04-03 17:13:56.000000000 +0200 ++++ gnupg-2.1.20/configure.ac 2017-04-24 15:45:15.236829650 +0200 +@@ -89,8 +89,8 @@ AC_GNU_SOURCE + # CFLAGS (they are restored at the end of the configure script). This + # is because some configure checks don't work with -Werror, but we'd + # like to use -Werror with our build. +-CFLAGS_orig=$CFLAGS +-CFLAGS= ++#CFLAGS_orig=$CFLAGS ++#CFLAGS= + + # Some status variables. + have_gpg_error=no +@@ -1679,7 +1679,7 @@ fi + # + # Add user CFLAGS. + # +-CFLAGS="$CFLAGS $CFLAGS_orig" ++# CFLAGS="$CFLAGS $CFLAGS_orig" + + # + # Decide what to build +diff -up gnupg-2.1.20/configure.build gnupg-2.1.20/configure +--- gnupg-2.1.20/configure.build 2017-04-03 21:03:13.000000000 +0200 ++++ gnupg-2.1.20/configure 2017-04-24 15:45:15.237829673 +0200 +@@ -5097,8 +5097,8 @@ $as_echo "$ac_cv_safe_to_define___extens + # CFLAGS (they are restored at the end of the configure script). This + # is because some configure checks don't work with -Werror, but we'd + # like to use -Werror with our build. +-CFLAGS_orig=$CFLAGS +-CFLAGS= ++#CFLAGS_orig=$CFLAGS ++#CFLAGS= + + # Some status variables. + have_gpg_error=no +@@ -15631,7 +15631,7 @@ fi + # + # Add user CFLAGS. + # +-CFLAGS="$CFLAGS $CFLAGS_orig" ++# CFLAGS="$CFLAGS $CFLAGS_orig" + + # + # Decide what to build +diff -up gnupg-2.1.20/dirmngr/Makefile.am.build gnupg-2.1.20/dirmngr/Makefile.am +--- gnupg-2.1.20/dirmngr/Makefile.am.build 2017-04-03 17:13:56.000000000 +0200 ++++ gnupg-2.1.20/dirmngr/Makefile.am 2017-04-24 15:59:50.323444901 +0200 +@@ -151,7 +151,7 @@ t_ldap_parse_uri_SOURCES = \ + t-ldap-parse-uri.c ldap-parse-uri.c ldap-parse-uri.h \ + http.c http-common.c dns-stuff.c \ + $(ldap_url) $(t_common_src) +-t_ldap_parse_uri_CFLAGS = -DWITHOUT_NPTH=1 $(USE_C99_CFLAGS) \ ++t_ldap_parse_uri_CFLAGS = -DWITHOUT_NPTH=1 $(LIBASSUAN_CFLAGS) $(USE_C99_CFLAGS) \ + $(LIBGCRYPT_CFLAGS) $(GPG_ERROR_CFLAGS) + t_ldap_parse_uri_LDADD = $(ldaplibs) $(t_common_ldadd) $(DNSLIBS) + +diff -up gnupg-2.1.20/dirmngr/Makefile.in.build gnupg-2.1.20/dirmngr/Makefile.in +--- gnupg-2.1.20/dirmngr/Makefile.in.build 2017-04-03 21:03:11.000000000 +0200 ++++ gnupg-2.1.20/dirmngr/Makefile.in 2017-04-24 16:00:30.548390528 +0200 +@@ -682,7 +682,7 @@ t_ldap_parse_uri_SOURCES = \ + http.c http-common.c dns-stuff.c \ + $(ldap_url) $(t_common_src) + +-t_ldap_parse_uri_CFLAGS = -DWITHOUT_NPTH=1 $(USE_C99_CFLAGS) \ ++t_ldap_parse_uri_CFLAGS = -DWITHOUT_NPTH=1 $(LIBASSUAN_CFLAGS) $(USE_C99_CFLAGS) \ + $(LIBGCRYPT_CFLAGS) $(GPG_ERROR_CFLAGS) + + t_ldap_parse_uri_LDADD = $(ldaplibs) $(t_common_ldadd) $(DNSLIBS) diff --git a/gnupg-2.1.16-file-is-digest.patch b/gnupg-2.1.20-file-is-digest.patch similarity index 75% rename from gnupg-2.1.16-file-is-digest.patch rename to gnupg-2.1.20-file-is-digest.patch index 2e82870..e0999c0 100644 --- a/gnupg-2.1.16-file-is-digest.patch +++ b/gnupg-2.1.20-file-is-digest.patch @@ -1,7 +1,7 @@ -diff -up gnupg-2.1.16/g10/gpg.c.file-is-digest gnupg-2.1.16/g10/gpg.c ---- gnupg-2.1.16/g10/gpg.c.file-is-digest 2016-11-24 15:30:57.324481279 +0100 -+++ gnupg-2.1.16/g10/gpg.c 2016-11-24 15:32:12.119210726 +0100 -@@ -372,6 +372,7 @@ enum cmd_and_opt_values +diff -up gnupg-2.1.20/g10/gpg.c.file-is-digest gnupg-2.1.20/g10/gpg.c +--- gnupg-2.1.20/g10/gpg.c.file-is-digest 2017-04-24 15:39:44.279999738 +0200 ++++ gnupg-2.1.20/g10/gpg.c 2017-04-24 15:39:44.281999785 +0200 +@@ -374,6 +374,7 @@ enum cmd_and_opt_values oTTYtype, oLCctype, oLCmessages, @@ -9,7 +9,7 @@ diff -up gnupg-2.1.16/g10/gpg.c.file-is-digest gnupg-2.1.16/g10/gpg.c oXauthority, oGroup, oUnGroup, -@@ -795,6 +796,7 @@ static ARGPARSE_OPTS opts[] = { +@@ -817,6 +818,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_s (oPersonalCompressPreferences, "personal-compress-preferences", "@"), ARGPARSE_s_s (oFakedSystemTime, "faked-system-time", "@"), @@ -17,7 +17,7 @@ diff -up gnupg-2.1.16/g10/gpg.c.file-is-digest gnupg-2.1.16/g10/gpg.c ARGPARSE_s_s (oWeakDigest, "weak-digest","@"), ARGPARSE_s_n (oUnwrap, "unwrap", "@"), ARGPARSE_s_n (oOnlySignTextIDs, "only-sign-text-ids", "@"), -@@ -2356,6 +2358,7 @@ main (int argc, char **argv) +@@ -2394,6 +2396,7 @@ main (int argc, char **argv) gnupg_set_homedir (NULL); opt.passphrase_repeat = 1; opt.emit_version = 0; @@ -25,7 +25,7 @@ diff -up gnupg-2.1.16/g10/gpg.c.file-is-digest gnupg-2.1.16/g10/gpg.c opt.weak_digests = NULL; additional_weak_digest("MD5"); -@@ -2902,6 +2905,7 @@ main (int argc, char **argv) +@@ -2942,6 +2945,7 @@ main (int argc, char **argv) opt.verify_options&=~VERIFY_SHOW_PHOTOS; break; case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break; @@ -33,10 +33,10 @@ diff -up gnupg-2.1.16/g10/gpg.c.file-is-digest gnupg-2.1.16/g10/gpg.c case oForceMDC: opt.force_mdc = 1; break; case oNoForceMDC: opt.force_mdc = 0; break; -diff -up gnupg-2.1.16/g10/options.h.file-is-digest gnupg-2.1.16/g10/options.h ---- gnupg-2.1.16/g10/options.h.file-is-digest 2016-11-18 15:23:15.000000000 +0100 -+++ gnupg-2.1.16/g10/options.h 2016-11-24 15:30:57.327481228 +0100 -@@ -213,6 +213,7 @@ struct +diff -up gnupg-2.1.20/g10/options.h.file-is-digest gnupg-2.1.20/g10/options.h +--- gnupg-2.1.20/g10/options.h.file-is-digest 2017-04-03 17:13:56.000000000 +0200 ++++ gnupg-2.1.20/g10/options.h 2017-04-24 15:39:44.281999785 +0200 +@@ -214,6 +214,7 @@ struct int no_auto_check_trustdb; int preserve_permissions; int no_homedir_creation; @@ -44,18 +44,18 @@ diff -up gnupg-2.1.16/g10/options.h.file-is-digest gnupg-2.1.16/g10/options.h struct groupitem *grouplist; int mangle_dos_filenames; int enable_progress_filter; -diff -up gnupg-2.1.16/g10/sign.c.file-is-digest gnupg-2.1.16/g10/sign.c ---- gnupg-2.1.16/g10/sign.c.file-is-digest 2016-11-18 15:23:15.000000000 +0100 -+++ gnupg-2.1.16/g10/sign.c 2016-11-24 15:30:57.327481228 +0100 +diff -up gnupg-2.1.20/g10/sign.c.file-is-digest gnupg-2.1.20/g10/sign.c +--- gnupg-2.1.20/g10/sign.c.file-is-digest 2017-04-03 17:13:56.000000000 +0200 ++++ gnupg-2.1.20/g10/sign.c 2017-04-24 15:43:51.475847998 +0200 @@ -40,6 +40,7 @@ #include "pkglue.h" - #include "sysutils.h" + #include "../common/sysutils.h" #include "call-agent.h" -+#include "host2net.h" - #include "mbox-util.h" ++#include "../common/host2net.h" + #include "../common/mbox-util.h" #ifdef HAVE_DOSISH_SYSTEM -@@ -688,6 +689,8 @@ write_signature_packets (SK_LIST sk_list +@@ -695,6 +696,8 @@ write_signature_packets (ctrl_t ctrl, if (duration || opt.sig_policy_url || opt.sig_notations || opt.sig_keyserver_url) sig->version = 4; @@ -64,7 +64,7 @@ diff -up gnupg-2.1.16/g10/sign.c.file-is-digest gnupg-2.1.16/g10/sign.c else sig->version = pk->version; -@@ -711,8 +714,10 @@ write_signature_packets (SK_LIST sk_list +@@ -718,8 +721,10 @@ write_signature_packets (ctrl_t ctrl, mk_notation_policy_etc (sig, NULL, pk); } @@ -75,9 +75,9 @@ diff -up gnupg-2.1.16/g10/sign.c.file-is-digest gnupg-2.1.16/g10/sign.c + gcry_md_final (md); + } - rc = do_sign (pk, sig, md, hash_for (pk), cache_nonce); + rc = do_sign (ctrl, pk, sig, md, hash_for (pk), cache_nonce); gcry_md_close (md); -@@ -770,6 +775,8 @@ sign_file (ctrl_t ctrl, strlist_t filena +@@ -781,6 +786,8 @@ sign_file (ctrl_t ctrl, strlist_t filena SK_LIST sk_rover = NULL; int multifile = 0; u32 duration=0; @@ -86,7 +86,7 @@ diff -up gnupg-2.1.16/g10/sign.c.file-is-digest gnupg-2.1.16/g10/sign.c pfx = new_progress_context (); afx = new_armor_context (); -@@ -786,7 +793,16 @@ sign_file (ctrl_t ctrl, strlist_t filena +@@ -798,7 +805,16 @@ sign_file (ctrl_t ctrl, strlist_t filena fname = NULL; if( fname && filenames->next && (!detached || encryptflag) ) @@ -104,7 +104,7 @@ diff -up gnupg-2.1.16/g10/sign.c.file-is-digest gnupg-2.1.16/g10/sign.c if(encryptflag==2 && (rc=setup_symkey(&efx.symkey_s2k,&efx.symkey_dek))) -@@ -807,7 +823,7 @@ sign_file (ctrl_t ctrl, strlist_t filena +@@ -819,7 +835,7 @@ sign_file (ctrl_t ctrl, strlist_t filena goto leave; /* prepare iobufs */ @@ -113,7 +113,7 @@ diff -up gnupg-2.1.16/g10/sign.c.file-is-digest gnupg-2.1.16/g10/sign.c inp = NULL; /* we do it later */ else { inp = iobuf_open(fname); -@@ -945,7 +961,7 @@ sign_file (ctrl_t ctrl, strlist_t filena +@@ -957,7 +973,7 @@ sign_file (ctrl_t ctrl, strlist_t filena for (sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next) gcry_md_enable (mfx.md, hash_for (sk_rover->pk)); @@ -122,7 +122,7 @@ diff -up gnupg-2.1.16/g10/sign.c.file-is-digest gnupg-2.1.16/g10/sign.c iobuf_push_filter( inp, md_filter, &mfx ); if( detached && !encryptflag) -@@ -1000,6 +1016,8 @@ sign_file (ctrl_t ctrl, strlist_t filena +@@ -1012,6 +1028,8 @@ sign_file (ctrl_t ctrl, strlist_t filena write_status_begin_signing (mfx.md); @@ -131,7 +131,7 @@ diff -up gnupg-2.1.16/g10/sign.c.file-is-digest gnupg-2.1.16/g10/sign.c /* Setup the inner packet. */ if( detached ) { if( multifile ) { -@@ -1040,6 +1058,45 @@ sign_file (ctrl_t ctrl, strlist_t filena +@@ -1052,6 +1070,45 @@ sign_file (ctrl_t ctrl, strlist_t filena if( opt.verbose ) log_printf ("\n"); } @@ -177,10 +177,10 @@ diff -up gnupg-2.1.16/g10/sign.c.file-is-digest gnupg-2.1.16/g10/sign.c else { /* read, so that the filter can calculate the digest */ while( iobuf_get(inp) != -1 ) -@@ -1058,8 +1115,8 @@ sign_file (ctrl_t ctrl, strlist_t filena +@@ -1070,8 +1127,8 @@ sign_file (ctrl_t ctrl, strlist_t filena /* write the signatures */ - rc = write_signature_packets (sk_list, out, mfx.md, + rc = write_signature_packets (ctrl, sk_list, out, mfx.md, - opt.textmode && !outfile? 0x01 : 0x00, - 0, duration, detached ? 'D':'S', NULL); + sigclass, diff --git a/gnupg2.spec b/gnupg2.spec index bba7477..8a8a6a7 100644 --- a/gnupg2.spec +++ b/gnupg2.spec @@ -1,6 +1,6 @@ Summary: Utility for secure communication and data storage Name: gnupg2 -Version: 2.1.19 +Version: 2.1.20 Release: 1%{?dist} License: GPLv3+ @@ -15,10 +15,10 @@ Patch2: gnupg-2.1.19-exponential.patch # needed for compatibility with system FIPS mode Patch3: gnupg-2.1.10-secmem.patch # non-upstreamable patch adding file-is-digest option needed for Copr -Patch4: gnupg-2.1.16-file-is-digest.patch +Patch4: gnupg-2.1.20-file-is-digest.patch Patch5: gnupg-2.1.1-ocsp-keyusage.patch Patch6: gnupg-2.1.1-fips-algo.patch -Patch7: gnupg-2.1.19-build.patch +Patch7: gnupg-2.1.20-build.patch URL: http://www.gnupg.org/ @@ -109,6 +109,7 @@ sed -i -e 's/"libpcsclite\.so"/"%{pcsclib}"/' scd/scdaemon.c %build %configure \ + --disable-libdns \ --disable-gpgtar \ --disable-rpath \ --enable-g13 @@ -210,6 +211,10 @@ fi %changelog +* Mon Apr 24 2017 Tomáš Mráz - 2.1.20-1 +- upgrade to 2.1.20 +- disable bundled libdns for now (#1444352) + * Fri Mar 24 2017 Tomáš Mráz - 2.1.19-1 - upgrade to 2.1.19 - shorten time waiting on gpg-agent/dirmngr to start by exponential diff --git a/sources b/sources index 5bd4250..351dc43 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (gnupg-2.1.19.tar.bz2) = c6d0a2cb7f1f7ce851729559edab08d2356dffe00ee836fc1d71eb4c4e34b566e214a0352934d2985fb0183b9e7ecc1221422d258f3bd467e735c0a5c8a3d0ca -SHA512 (gnupg-2.1.19.tar.bz2.sig) = 501e2a9ef2b41b6b252a9880e948914c182ae86d1478d59f94a68f022da25e6bc7bdc1e71e343408c161da7c0fedba3e17856b376bed25d5d980f4ef040cdf0c +SHA512 (gnupg-2.1.20.tar.bz2) = 14a9890bc64e143f87cff121dd298d490d78dbd34e36883e0f25763ff9064e5706a7632893d7c5d0e8e9b8cf9cdb0d378b4ce1715348729f0fc080455b61eca9 +SHA512 (gnupg-2.1.20.tar.bz2.sig) = d46007b34ca26be2eb9a4999c42c9163382c2b94fcea6f255f2f5158f382865747c6c7fa725524646844698f118740e8f60ae1dd8185348f15d0e5fe66d48ab0