Rebase to 2.3.3

Resolves: rhbz#1984842
2021-11-19 19:07:03 +01:00 · 2021-11-19 19:07:03 +01:00 · bec1b4ae6c
parent 250560d956
commit bec1b4ae6c
5 changed files with 13 additions and 1134 deletions
--- a/.gitignore
+++ b/.gitignore
@ -106,3 +106,5 @@ gnupg-2.0.16.tar.bz2.sig
 /gnupg-2.3.0.tar.bz2.sig
 /gnupg-2.3.1.tar.bz2
 /gnupg-2.3.1.tar.bz2.sig
+/gnupg-2.3.3.tar.bz2
+/gnupg-2.3.3.tar.bz2.sig
--- a/gnupg-2.2.16-ocsp-keyusage.patch
+++ b/gnupg-2.2.16-ocsp-keyusage.patch
@ -1,17 +0,0 @@
-diff -up gnupg-2.2.16/sm/certlist.c.keyusage gnupg-2.2.16/sm/certlist.c
--- gnupg-2.2.16/sm/certlist.c.keyusage	2019-07-01 17:17:06.925254065 +0200
-+++ gnupg-2.2.16/sm/certlist.c	2019-07-01 17:24:15.665759322 +0200
-@@ -147,10 +147,9 @@ cert_usage_p (ksba_cert_t cert, int mode
- 
-   if (mode == 5)
-     {
-      if (use != ~0
-          && (have_ocsp_signing
-              || (use & (KSBA_KEYUSAGE_KEY_CERT_SIGN
-                         |KSBA_KEYUSAGE_CRL_SIGN))))
-+      if (have_ocsp_signing
-+          || (use & (KSBA_KEYUSAGE_KEY_CERT_SIGN
-+                     |KSBA_KEYUSAGE_CRL_SIGN)))
-         return 0;
-       if (!silent)
-         log_info (_("certificate should not have "
--- a/gnupg-2.2.21-coverity.patch
+++ b/gnupg-2.2.21-coverity.patch
--- a/gnupg2.spec
+++ b/gnupg2.spec
@ -6,8 +6,8 @@

 Summary: Utility for secure communication and data storage
 Name:    gnupg2
-Version: 2.3.1
-Release: 4%{?dist}
+Version: 2.3.3
+Release: 1%{?dist}

 License: GPLv3+
 Source0: https://gnupg.org/ftp/gcrypt/%{?pre:alpha/}gnupg/gnupg-%{version}%{?pre}.tar.bz2
@ -17,8 +17,6 @@ Patch3:  gnupg-2.1.10-secmem.patch
 # non-upstreamable patch adding file-is-digest option needed for Copr
 # https://dev.gnupg.org/T1646
 Patch4:  gnupg-2.2.20-file-is-digest.patch
-# fix handling of missing key usage on ocsp replies - upstream T1333
-Patch5:  gnupg-2.2.16-ocsp-keyusage.patch
 Patch6:  gnupg-2.1.1-fips-algo.patch
 # allow 8192 bit RSA keys in keygen UI with large RSA
 Patch9:  gnupg-2.2.23-large-rsa.patch
@ -63,6 +61,9 @@ Suggests: pinentry

 Suggests: gnupg2-smime

+# for USB smart card support
+Suggests: pcsc-lite-ccid
+
 %if %{with unversioned_gpg}
 # pgp-tools, perl-GnuPG-Interface requires 'gpg' (not sure why) -- Rex
 Provides: gpg = %{version}-%{release}
@ -103,7 +104,6 @@ to the base GnuPG package

 %patch3 -p1 -b .secmem
 %patch4 -p1 -b .file-is-digest
-%patch5 -p1 -b .keyusage
 %patch6 -p1 -b .fips
 %patch9 -p1 -b .large-rsa

@ -131,6 +131,7 @@ sed -i -e 's/"libpcsclite\.so"/"%{pcsclib}"/' scd/scdaemon.c
 %endif
  --disable-rpath \
  --enable-g13 \
+  --disable-ccid-driver \
  --enable-large-secmem

 # need scratch gpg database for tests
@ -225,6 +226,9 @@ make -k check


 %changelog
+* Fri Nov 19 2021 Jakub Jelen <jjelen@redhat.com> - 2.3.3-1
+- Rebase to 2.3.1 to address random tests failures (#1984842)
+
 * Thu Nov 18 2021 Jakub Jelen <jjelen@redhat.com> - 2.3.1-4
 - Fix --file-is-digest patch (#2024710)

--- a/4
+++ b/4
@ -1,2 +1,2 @@
-SHA512 (gnupg-2.3.1.tar.bz2) = d2cc82c1b47bbd79acd6ef787c01684fb084b1c5507bbca6cf7ca8834ed978ae7a44c01d652cc3afbd70e2906583c8701aebc8d9fd3fc5e0401769ad4cd46af1
-SHA512 (gnupg-2.3.1.tar.bz2.sig) = 8641330ddc11c08a1a7db0042f70bad4daa74f03bb88204f0b47a05c82165559d249c019d8af757a5d37acd7a206be78f35a6c513627c01e106149ba5643f96f
+SHA512 (gnupg-2.3.3.tar.bz2) = 12d500e6b45910d5f7bfd4916bcee37ac988a58a35563fcf425a65b88c0cf92c2af2e94d3e31e9e5e19094c8beb5ec3779cf90bfe43d1555c4196f69eee2f102
+SHA512 (gnupg-2.3.3.tar.bz2.sig) = 87bcf668c13ffad35c0815a237669b9e3cc002604a11937e7d303d80e7ec6f32669422d217c2c403306bc84d4e0a36adba3e5967c48356c4cab835463a344e50