From 1d2accdf07447bb9437b91390905c988bd43eb07 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Mon, 18 Sep 2017 21:41:12 +0100 Subject: [PATCH] Import gnupg2_2.1.18-8~deb9u1.debian.tar.bz2 [dgit import tarball gnupg2 2.1.18-8~deb9u1 gnupg2_2.1.18-8~deb9u1.debian.tar.bz2] --- NEWS | 8 + Xsession.d/90gpg-agent | 22 + changelog | 1987 +++++++++++++++++ clean | 8 + compat | 1 + control | 329 +++ copyright | 233 ++ dirmngr.NEWS | 49 + dirmngr.README.Debian | 47 + dirmngr.docs | 4 + dirmngr.install | 6 + dirmngr.links | 1 + dirmngr.maintscript | 5 + dirmngr.manpages | 2 + gbp.conf | 37 + gnupg-agent.NEWS | 19 + gnupg-agent.README.Debian | 82 + gnupg-agent.examples | 2 + gnupg-agent.install | 12 + gnupg-agent.links | 6 + gnupg-agent.manpages | 5 + gnupg-l10n.install | 2 + gnupg.README.Debian | 44 + gnupg.docs | 9 + gnupg.examples | 1 + gnupg.info | 3 + gnupg.install | 12 + gnupg.manpages | 11 + gnupg2.links | 2 + gpg-check-pattern.1 | 35 + gpg-zip.1 | 102 + gpgsm.install | 1 + gpgsm.manpages | 1 + gpgsplit.1 | 41 + gpgv-static.1 | 32 + gpgv-static.install | 1 + gpgv-static.lintian-overrides | 3 + gpgv-static.manpages | 1 + gpgv-udeb.install | 1 + gpgv-win32.install | 1 + gpgv.install | 1 + gpgv.manpages | 1 + gpgv2.links | 2 + kbxutil.1 | 62 + lspgpot.1 | 22 + migrate-pubring-from-classic-gpg | 76 + migrate-pubring-from-classic-gpg.1 | 50 + patches/0012-tools-Fix-memory-leak.patch | 28 + .../0013-tools-Improve-error-handling.patch | 29 + ...0014-dirmngr-New-option-disable-ipv4.patch | 245 ++ ...mplify-error-returning-inside-http.c.patch | 255 +++ ...-gpg-Print-a-warning-on-Tor-problems.patch | 188 ++ patches/0017-agent-Fix-double-free.patch | 49 + ...ching-for-mail-addresses-in-keyrings.patch | 54 + ...tion-no-use-tor-and-internal-changes.patch | 382 ++++ ...-gpg-Remove-period-at-end-of-warning.patch | 26 + patches/0021-gpg-Add-newline-to-output.patch | 25 + ...ut-TOFU-statistics-for-conflicts-in-.patch | 187 ++ ...a-TOFU-conflict-elide-the-too-few-me.patch | 42 + ...bindings-associated-with-UTKs-are-re.patch | 60 + ...-assume-that-strtoul-interprets-as-0.patch | 53 + ...-diagnostics-for-a-launched-pinentry.patch | 81 + ...027-doc-Clarify-abbreviation-of-help.patch | 27 + ...8-scd-Backport-two-fixes-from-master.patch | 55 + patches/0029-scd-Fix-use-case-of-PC-SC.patch | 93 + patches/0030-scd-Fix-factory-reset.patch | 367 +++ ...ases-list-key-list-sig-and-check-sig.patch | 66 + ...ake-sure-that-all-fd-given-are-valid.patch | 228 ++ ...ning-about-implicit-declaration-of-g.patch | 36 + ...eak-in-the-error-case-of-signature-c.patch | 51 + ...warning-if-no-command-has-been-given.patch | 32 + ...NT-warning-with-change-options-et-al.patch | 40 + ...-lookup-even-if-it-is-missing-from-n.patch | 60 + ...ort-ssh-key-work-for-the-primary-key.patch | 162 ++ ...Avoid-PTR-lookup-for-hosts-in-a-pool.patch | 71 + patches/0040-gpgv-w32-Fix-status-fd.patch | 27 + ...trust-model-configurable-via-gpgconf.patch | 42 + ...uto-key-retrieve-configurable-via-gp.patch | 40 + ...ating-keys-using-an-existing-ECC-key.patch | 204 ++ ...options-work-with-export-secret-keys.patch | 156 ++ ...ays-escape-newlines-when-escaping-da.patch | 63 + ...ror-when-trying-to-revoke-non-exista.patch | 53 + ...-segv-when-attribute-packets-are-fil.patch | 58 + ...empt-to-double-free-an-UID-structure.patch | 59 + ...Add-a-note-to-the-trust-model-direct.patch | 75 + ...-before-printing-stats-with-check-si.patch | 37 + ...arning-alerts-in-the-GNUTLS-handshak.patch | 44 + ...e-conflict-set-includes-the-current-.patch | 72 + ...mngr-Load-the-hosts-file-into-libdns.patch | 60 + patches/0054-dirmngr-Fix-error-handling.patch | 26 + ...icitly-do-a-gpgconf-create-socketdir.patch | 65 + ...6-common-Fix-connecting-to-the-agent.patch | 34 + patches/0057-g10-Fix-memory-leak.patch | 33 + ...0058-common-Avoid-undefined-behavior.patch | 26 + ...ritical-marked-Reason-for-Revocation.patch | 31 + ...-Do-not-assume-that-etc-hosts-exists.patch | 61 + ...rint-a-warning-for-a-missing-etc-hos.patch | 49 + ...IO-which-is-sometimes-returned-by-co.patch | 26 + ...0063-dirmngr-New-option-disable-ipv6.patch | 241 ++ ...Serialize-access-to-passphrase-cache.patch | 220 ++ ...Fix-printing-of-offline-taken-subkey.patch | 27 + ...066-doc-Explain-the-in-a-key-listing.patch | 34 + ...-dirmngr-Fix-possible-null-reference.patch | 28 + ...-Fix-condition-for-gpg-connect-agent.patch | 30 + .../0069-dirmngr-Fix-alignment-of-ADDR.patch | 155 ++ ...mngr-Fix-http.c-for-sockaddr_storage.patch | 70 + ...-import-export-filter-property-match.patch | 25 + patches/0072-g10-Minor-fixes.patch | 66 + ...dirmngr-Fix-final-close-of-LISTEN_FD.patch | 52 + ...-invalidate-the-fd-cache-for-keyring.patch | 41 + ...irmngr-Fix-aliasing-problem-in-dns.c.patch | 89 + ...purious-warnings-about-trust-packets.patch | 39 + ...Avoid-simple-memory-dumps-via-ptrace.patch | 60 + .../0001-avoid-beta-warning.patch | 44 + ...erating-defsincdate-use-shipped-file.patch | 37 + ...d-potential-race-condition-when-some.patch | 77 + ...rngr-Avoid-need-for-hkp-housekeeping.patch | 225 ++ ...automatically-checking-upstream-swdb.patch | 69 + ...05-dirmngr-Drop-useless-housekeeping.patch | 199 ++ ...Create-framework-of-scheduled-timers.patch | 192 ++ ...ads-to-interrupt-main-select-loop-wi.patch | 93 + ...Avoid-tight-timer-tick-when-possible.patch | 112 + ...duled-checks-on-socket-when-inotify-.patch | 26 + patches/series | 78 + ...77-g10-remove-skeleton-options-files.patch | 440 ++++ ...-keys-where-no-secret-key-is-availab.patch | 51 + rules | 67 + scdaemon.examples | 1 + scdaemon.install | 1 + scdaemon.lintian-overrides | 4 + scdaemon.manpages | 1 + scdaemon.udev | 63 + source/format | 1 + source/lintian-overrides | 4 + source/options | 3 + systemd-user/gpg-agent-browser.socket | 13 + tests/control | 3 + tests/gpgv-win32 | 54 + upstream/signing-key.asc | 109 + watch | 5 + 140 files changed, 10864 insertions(+) create mode 100644 NEWS create mode 100644 Xsession.d/90gpg-agent create mode 100644 changelog create mode 100644 clean create mode 100644 compat create mode 100644 control create mode 100644 copyright create mode 100644 dirmngr.NEWS create mode 100644 dirmngr.README.Debian create mode 100644 dirmngr.docs create mode 100644 dirmngr.install create mode 100644 dirmngr.links create mode 100644 dirmngr.maintscript create mode 100644 dirmngr.manpages create mode 100644 gbp.conf create mode 100644 gnupg-agent.NEWS create mode 100644 gnupg-agent.README.Debian create mode 100644 gnupg-agent.examples create mode 100644 gnupg-agent.install create mode 100644 gnupg-agent.links create mode 100644 gnupg-agent.manpages create mode 100644 gnupg-l10n.install create mode 100644 gnupg.README.Debian create mode 100644 gnupg.docs create mode 100644 gnupg.examples create mode 100644 gnupg.info create mode 100644 gnupg.install create mode 100644 gnupg.manpages create mode 100644 gnupg2.links create mode 100644 gpg-check-pattern.1 create mode 100644 gpg-zip.1 create mode 100644 gpgsm.install create mode 100644 gpgsm.manpages create mode 100644 gpgsplit.1 create mode 100644 gpgv-static.1 create mode 100644 gpgv-static.install create mode 100644 gpgv-static.lintian-overrides create mode 100644 gpgv-static.manpages create mode 100644 gpgv-udeb.install create mode 100644 gpgv-win32.install create mode 100644 gpgv.install create mode 100644 gpgv.manpages create mode 100644 gpgv2.links create mode 100644 kbxutil.1 create mode 100644 lspgpot.1 create mode 100755 migrate-pubring-from-classic-gpg create mode 100644 migrate-pubring-from-classic-gpg.1 create mode 100644 patches/0012-tools-Fix-memory-leak.patch create mode 100644 patches/0013-tools-Improve-error-handling.patch create mode 100644 patches/0014-dirmngr-New-option-disable-ipv4.patch create mode 100644 patches/0015-dirmngr-Simplify-error-returning-inside-http.c.patch create mode 100644 patches/0016-gpg-Print-a-warning-on-Tor-problems.patch create mode 100644 patches/0017-agent-Fix-double-free.patch create mode 100644 patches/0018-gpg-Fix-searching-for-mail-addresses-in-keyrings.patch create mode 100644 patches/0019-dirmngr-New-option-no-use-tor-and-internal-changes.patch create mode 100644 patches/0020-gpg-Remove-period-at-end-of-warning.patch create mode 100644 patches/0021-gpg-Add-newline-to-output.patch create mode 100644 patches/0022-gpg-Only-print-out-TOFU-statistics-for-conflicts-in-.patch create mode 100644 patches/0023-gpg-If-there-is-a-TOFU-conflict-elide-the-too-few-me.patch create mode 100644 patches/0024-gpg-Ensure-TOFU-bindings-associated-with-UTKs-are-re.patch create mode 100644 patches/0025-gpg-Don-t-assume-that-strtoul-interprets-as-0.patch create mode 100644 patches/0026-gpg-More-diagnostics-for-a-launched-pinentry.patch create mode 100644 patches/0027-doc-Clarify-abbreviation-of-help.patch create mode 100644 patches/0028-scd-Backport-two-fixes-from-master.patch create mode 100644 patches/0029-scd-Fix-use-case-of-PC-SC.patch create mode 100644 patches/0030-scd-Fix-factory-reset.patch create mode 100644 patches/0031-gpg-Fix-aliases-list-key-list-sig-and-check-sig.patch create mode 100644 patches/0032-gpg-common-Make-sure-that-all-fd-given-are-valid.patch create mode 100644 patches/0033-common-Avoid-warning-about-implicit-declaration-of-g.patch create mode 100644 patches/0034-gpg-Fix-memory-leak-in-the-error-case-of-signature-c.patch create mode 100644 patches/0035-gpg-Print-a-warning-if-no-command-has-been-given.patch create mode 100644 patches/0036-gpgconf-No-ENOENT-warning-with-change-options-et-al.patch create mode 100644 patches/0037-dirmngr-Do-a-DNS-lookup-even-if-it-is-missing-from-n.patch create mode 100644 patches/0038-gpg-Make-export-ssh-key-work-for-the-primary-key.patch create mode 100644 patches/0039-dirmngr-Avoid-PTR-lookup-for-hosts-in-a-pool.patch create mode 100644 patches/0040-gpgv-w32-Fix-status-fd.patch create mode 100644 patches/0041-gpg-tools-Make-trust-model-configurable-via-gpgconf.patch create mode 100644 patches/0042-gpg-tools-Make-auto-key-retrieve-configurable-via-gp.patch create mode 100644 patches/0043-gpg-Allow-creating-keys-using-an-existing-ECC-key.patch create mode 100644 patches/0044-gpg-Make-export-options-work-with-export-secret-keys.patch create mode 100644 patches/0045-common-tools-Always-escape-newlines-when-escaping-da.patch create mode 100644 patches/0046-g10-Signal-an-error-when-trying-to-revoke-non-exista.patch create mode 100644 patches/0047-gpg-Fix-possible-segv-when-attribute-packets-are-fil.patch create mode 100644 patches/0048-gpg-Fix-attempt-to-double-free-an-UID-structure.patch create mode 100644 patches/0049-doc-Add-a-note-to-the-trust-model-direct.patch create mode 100644 patches/0050-gpg-Flush-stdout-before-printing-stats-with-check-si.patch create mode 100644 patches/0051-dirmngr-Ignore-warning-alerts-in-the-GNUTLS-handshak.patch create mode 100644 patches/0052-gpg-Make-sure-the-conflict-set-includes-the-current-.patch create mode 100644 patches/0053-dirmngr-Load-the-hosts-file-into-libdns.patch create mode 100644 patches/0054-dirmngr-Fix-error-handling.patch create mode 100644 patches/0055-common-Implicitly-do-a-gpgconf-create-socketdir.patch create mode 100644 patches/0056-common-Fix-connecting-to-the-agent.patch create mode 100644 patches/0057-g10-Fix-memory-leak.patch create mode 100644 patches/0058-common-Avoid-undefined-behavior.patch create mode 100644 patches/0059-gpg-Handle-critical-marked-Reason-for-Revocation.patch create mode 100644 patches/0060-dirmngr-Do-not-assume-that-etc-hosts-exists.patch create mode 100644 patches/0061-dirmngr-Always-print-a-warning-for-a-missing-etc-hos.patch create mode 100644 patches/0062-dirmngr-Handle-EIO-which-is-sometimes-returned-by-co.patch create mode 100644 patches/0063-dirmngr-New-option-disable-ipv6.patch create mode 100644 patches/0064-agent-Serialize-access-to-passphrase-cache.patch create mode 100644 patches/0065-gpg-Fix-printing-of-offline-taken-subkey.patch create mode 100644 patches/0066-doc-Explain-the-in-a-key-listing.patch create mode 100644 patches/0067-dirmngr-Fix-possible-null-reference.patch create mode 100644 patches/0068-tools-Fix-condition-for-gpg-connect-agent.patch create mode 100644 patches/0069-dirmngr-Fix-alignment-of-ADDR.patch create mode 100644 patches/0070-dirmngr-Fix-http.c-for-sockaddr_storage.patch create mode 100644 patches/0071-g10-Fix-import-export-filter-property-match.patch create mode 100644 patches/0072-g10-Minor-fixes.patch create mode 100644 patches/0073-dirmngr-Fix-final-close-of-LISTEN_FD.patch create mode 100644 patches/0074-g10-invalidate-the-fd-cache-for-keyring.patch create mode 100644 patches/0075-dirmngr-Fix-aliasing-problem-in-dns.c.patch create mode 100644 patches/avoid-spurious-warnings/0078-gpg-Avoid-spurious-warnings-about-trust-packets.patch create mode 100644 patches/block-ptrace-on-agent/0002-Avoid-simple-memory-dumps-via-ptrace.patch create mode 100644 patches/debian-packaging/0001-avoid-beta-warning.patch create mode 100644 patches/debian-packaging/0003-avoid-regenerating-defsincdate-use-shipped-file.patch create mode 100644 patches/dirmngr-idling/0001-dirmngr-hkp-Avoid-potential-race-condition-when-some.patch create mode 100644 patches/dirmngr-idling/0002-dimrngr-Avoid-need-for-hkp-housekeeping.patch create mode 100644 patches/dirmngr-idling/0004-dirmngr-Avoid-automatically-checking-upstream-swdb.patch create mode 100644 patches/dirmngr-idling/0005-dirmngr-Drop-useless-housekeeping.patch create mode 100644 patches/gpg-agent-idling/0001-agent-Create-framework-of-scheduled-timers.patch create mode 100644 patches/gpg-agent-idling/0002-agent-Allow-threads-to-interrupt-main-select-loop-wi.patch create mode 100644 patches/gpg-agent-idling/0003-agent-Avoid-tight-timer-tick-when-possible.patch create mode 100644 patches/gpg-agent-idling/0004-agent-Avoid-scheduled-checks-on-socket-when-inotify-.patch create mode 100644 patches/series create mode 100644 patches/skel-file-removal/0077-g10-remove-skeleton-options-files.patch create mode 100644 patches/skip-missing-signing-keys/0076-g10-Skip-signing-keys-where-no-secret-key-is-availab.patch create mode 100755 rules create mode 100644 scdaemon.examples create mode 100644 scdaemon.install create mode 100644 scdaemon.lintian-overrides create mode 100644 scdaemon.manpages create mode 100644 scdaemon.udev create mode 100644 source/format create mode 100644 source/lintian-overrides create mode 100644 source/options create mode 100644 systemd-user/gpg-agent-browser.socket create mode 100644 tests/control create mode 100755 tests/gpgv-win32 create mode 100644 upstream/signing-key.asc create mode 100644 watch diff --git a/NEWS b/NEWS new file mode 100644 index 0000000..0a6a744 --- /dev/null +++ b/NEWS @@ -0,0 +1,8 @@ +gnupg2 (2.1.11-7+exp1) experimental; urgency=medium + + The gnupg package now provides the "modern" version of GnuPG. + + Please read /usr/share/doc/gnupg/README.Debian for details about the + transition from "classic" to "modern" + + -- Daniel Kahn Gillmor Wed, 30 Mar 2016 09:59:35 -0400 diff --git a/Xsession.d/90gpg-agent b/Xsession.d/90gpg-agent new file mode 100644 index 0000000..8b45b05 --- /dev/null +++ b/Xsession.d/90gpg-agent @@ -0,0 +1,22 @@ +# On systems with systemd running, we expect the agent to be launched +# via systemd's user mode (see +# /usr/lib/systemd/user/gpg-agent.{socket,service} and +# systemd.unit(5)). This allows systemd to clean up the agent +# automatically at logout. + +# If systemd is absent from your system, or you do not permit it to +# run in user mode, then you may need to manually launch gpg-agent +# from your session initialization with something like "gpgconf +# --launch gpg-agent" + +# Nonetheless, ssh and older versions of gpg require environment +# variables to be set in order to find the agent, so we will set those +# here. + +agent_sock=$(gpgconf --list-dirs agent-socket) +export GPG_AGENT_INFO=${agent_sock}:0:1 +if [ -n "$(gpgconf --list-options gpg-agent | \ + awk -F: '/^enable-ssh-support:/{ print $10 }')" ]; then + export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket) +fi + diff --git a/changelog b/changelog new file mode 100644 index 0000000..5696d2a --- /dev/null +++ b/changelog @@ -0,0 +1,1987 @@ +gnupg2 (2.1.18-8~deb9u1) stretch; urgency=medium + + * Bugfix update for debian stretch point release. + + -- Daniel Kahn Gillmor Mon, 18 Sep 2017 16:41:12 -0400 + +gnupg2 (2.1.18-8) unstable; urgency=medium + + * updated scdaemon fix from gniibe (Closes: #862032) + + -- Daniel Kahn Gillmor Mon, 08 May 2017 19:20:45 -0400 + +gnupg2 (2.1.18-7) unstable; urgency=medium + + * scdaemon fixes from gniibe + * more upstream fixes (Closes: #854359, #854829) + * skip over missing signing keys (Closes: #834922) + * drop all skel files (Closes: #858082) + * Avoid spurious warnings when sharing a keybox with gpg >= 2.1.20 + + -- Daniel Kahn Gillmor Fri, 05 May 2017 23:06:48 -0400 + +gnupg2 (2.1.18-6) unstable; urgency=medium + + [ NIIBE Yutaka ] + * scdaemon: Fix duplicated entries (Closes: #855056). + + -- Daniel Kahn Gillmor Mon, 13 Feb 2017 19:29:34 -0500 + +gnupg2 (2.1.18-5) unstable; urgency=medium + + [ Daniel Kahn Gillmor ] + * Xsession.d/90gpg-agent: use simpler and more direct gpgconf + invocations for socket names. + + [ NIIBE Yutaka ] + * scdaemon.udev: Add Yubikey and Nitrokey (Closes: #648331, 734889). + * scdaemon fix for PC/SC (Closes: #852702, #854005, #854595, #854616). + + -- Daniel Kahn Gillmor Mon, 13 Feb 2017 09:15:07 -0500 + +gnupg2 (2.1.18-4) unstable; urgency=medium + + [ Daniel Kahn Gillmor ] + * document that debian disables --allow-version-check + * docs, debugging, and bugfix patches from upstream (Closes: #852979) + + [ NIIBE Yutaka ] + * scdaemon bugfixes + + -- Daniel Kahn Gillmor Sat, 04 Feb 2017 22:03:26 -0500 + +gnupg2 (2.1.18-3) unstable; urgency=medium + + * fix searches for keys with raw addr-spec + + -- Daniel Kahn Gillmor Wed, 25 Jan 2017 16:58:56 -0500 + +gnupg2 (2.1.18-2) unstable; urgency=medium + + * pull fixes from upstream (including a double-free in gpg-agent) + + -- Daniel Kahn Gillmor Wed, 25 Jan 2017 09:29:25 -0500 + +gnupg2 (2.1.18-1) unstable; urgency=medium + + * New upstream release. + + -- Daniel Kahn Gillmor Mon, 23 Jan 2017 23:12:35 -0500 + +gnupg2 (2.1.17-6) unstable; urgency=medium + + * Upstream patches, fixing unnecessary delay in gpg-agent (Closes: #851298) + * gpg-agent: avoid race in shutdown (Closes: #841143) + * improve dirmngr, gpg-agent README.Debian (Closes: #850982) + * clean up gpg-agent-idling patch + + -- Daniel Kahn Gillmor Wed, 18 Jan 2017 14:40:41 -0500 + +gnupg2 (2.1.17-5) unstable; urgency=medium + + * more fixes from upstream (improving but not yet closing: #849845) + * gpg-agent: actively poll when shutdown is pending. Thanks, NIIBE + Yutaka! (addresses but does not close #841143) + + -- Daniel Kahn Gillmor Wed, 11 Jan 2017 15:44:57 -0500 + +gnupg2 (2.1.17-4) unstable; urgency=medium + + * more patches from upstream, including dirmngr debugging + improvements + * resolve ambiguity in aliased options and commands (Closes: #850475) + * auto-enable gpg-agent and dirmngr for systemd user sessions + * enable easy reloads from systemd + + -- Daniel Kahn Gillmor Tue, 10 Jan 2017 17:30:08 -0500 + +gnupg2 (2.1.17-3) unstable; urgency=medium + + * more bugfixes from upstream (improving but not yet closing: #849845) + + -- Daniel Kahn Gillmor Tue, 03 Jan 2017 15:39:52 -0500 + +gnupg2 (2.1.17-2) unstable; urgency=medium + + * include patches from upstream to avoid build failures on 32-bit + arches. + + -- Daniel Kahn Gillmor Sat, 24 Dec 2016 18:11:51 -0500 + +gnupg2 (2.1.17-1) unstable; urgency=medium + + * new upstream release. + + -- Daniel Kahn Gillmor Sat, 24 Dec 2016 15:39:04 -0500 + +gnupg2 (2.1.16-3) unstable; urgency=medium + + * remove -pie from hppa, kfreebsd-amd64, and x32 builds of + gpgv-static (Closes: #846889) + * import several upstream bugfix patches (Closes: #846834, #846168) + * link gnupg-agent and scdaemon with Enhances/Suggests (Closes: #833518) + + -- Daniel Kahn Gillmor Mon, 05 Dec 2016 15:34:49 -0500 + +gnupg2 (2.1.16-2) unstable; urgency=medium + + * avoid using adns, due to lack of security support (Closes: #845078) + + -- Daniel Kahn Gillmor Mon, 21 Nov 2016 09:57:26 -0500 + +gnupg2 (2.1.16-1) unstable; urgency=medium + + * New upstream version + * dropped many patches already incorporated upstream + + -- Daniel Kahn Gillmor Sun, 20 Nov 2016 23:22:49 -0500 + +gnupg2 (2.1.15-9) unstable; urgency=medium + + * Introduce gpgv-static package (Closes: #806940) + * more patches from upstream + * use adns for better DNS resolution in dirmngr + * add some import-options to + migrate-pubring-from-classic-gpg for better migration + * reorganize patches to distinguish debian variations from upstream + * set simple and easy defaults for keyservers + * help dirmngr and gpg-agent idle better in the default case + + -- Daniel Kahn Gillmor Thu, 10 Nov 2016 07:28:16 -0800 + +gnupg2 (2.1.15-8) unstable; urgency=medium + + * rename gpg-agent-restricted.socket to gpg-agent-extra.socket + (for symmetry with option names and actual sockets created) + + -- Daniel Kahn Gillmor Thu, 27 Oct 2016 13:54:53 -0400 + +gnupg2 (2.1.15-7) unstable; urgency=medium + + * more upstream patches + * dirmngr systemd user service is now socket-activated. + + -- Daniel Kahn Gillmor Thu, 27 Oct 2016 12:48:15 -0400 + +gnupg2 (2.1.15-6) unstable; urgency=medium + + * more upstream patches (Closes: #841437, #840680) + + -- Daniel Kahn Gillmor Wed, 26 Oct 2016 17:44:20 -0400 + +gnupg2 (2.1.15-5) unstable; urgency=medium + + * added udev rules for Fujitsu Siemens cardreader (Closes: #840312) + * mark transitional packages Multi-Arch: Foreign (closes: #840258) + * make gnupg2 binNMU-safe + * more patches from upstream + * track upstream decision-making about gpg-agent socket names + + -- Daniel Kahn Gillmor Tue, 25 Oct 2016 21:30:06 -0400 + +gnupg2 (2.1.15-4) unstable; urgency=medium + + * update debian/tests/gpgv-win32 + * more patches from upstream (Closes: #838153) + * tighten dependencies between gnupg and dirmngr (Closes: #834602) + * updated systemd user gpg-agent units for socket activation + + -- Daniel Kahn Gillmor Tue, 04 Oct 2016 17:22:30 -0400 + +gnupg2 (2.1.15-3) unstable; urgency=medium + + * Use upstream fix to avoid touching homedir during test suite + * backward compatibility for preset-passphrase and protect-tool + * add Breaks: for python3-apt too (thanks, Harald Jenny!) + * Avoid network access during tests (Closes: #836259) + * more patches from upstream + - gpgv --output now works + - fingerprint display doesn't vary with --keyid-format + - minor cleanup to scdaemon dealing with removed cards + + -- Daniel Kahn Gillmor Wed, 14 Sep 2016 17:08:58 -0400 + +gnupg2 (2.1.15-2) unstable; urgency=medium + + * restore keyid output in gpgv (Closes: #836144) + * avoid test suite failures when HOME does not exist + + -- Daniel Kahn Gillmor Wed, 31 Aug 2016 12:37:48 -0400 + +gnupg2 (2.1.15-1) unstable; urgency=medium + + * new upstream release + - blocks signals during keyring updates (Closes: #293556) + * avoid libusb on hurd. Thanks, Pino Toscano! (Closes: #834533) + * permissions on test suite are already fixed + * drop patches applied upstream and refresh remaining patches + * make gnupg2 reproducible by not regenerating documentation date + * make autopkgtest work with modern wine (Closes: #835976) + * wrap-and-sort -ast for cleaner diffs + * add versioned Breaks: for affected packages (Closes: #835349) + - gpgv Breaks: python-debian << 0.1.29 (addresses: #782904) + - gnupg Breaks: php-crypt-gpg <= 1.4.1-1 (addresses #835592) + - gnupg Breaks: python-apt <= 1.1.0~beta4 (addresses: #835465) + - gnupg Breaks: python-gnupg << 0.3.8-3 (addresses: #834514, #834600) + - gnupg Breaks: libgnupg-interface-perl << 0.52-3 (addresses: #834281) + - gnupg Breaks: libmail-gnupg-perl <= 0.22-1 (addresses: #835075) + - gnupg Breaks: libgnupg-perl << 0.19-1 (addresses: #834522) + + -- Daniel Kahn Gillmor Tue, 30 Aug 2016 13:19:23 -0400 + +gnupg2 (2.1.14-5) unstable; urgency=medium + + * actually ship /usr/share/doc/gnupg/README.Debian + * Release to unstable. + + -- Daniel Kahn Gillmor Fri, 12 Aug 2016 16:27:22 -0400 + +gnupg2 (2.1.14-4) experimental; urgency=medium + + * add ZeitControl card (Closes: #814584) + * three more fixes from upstream + + -- Daniel Kahn Gillmor Mon, 08 Aug 2016 12:54:21 -0400 + +gnupg2 (2.1.14-3) experimental; urgency=medium + + * cleanup debian/copyright + * update debian/watch + + -- Daniel Kahn Gillmor Wed, 03 Aug 2016 11:09:05 -0400 + +gnupg2 (2.1.14-2) experimental; urgency=medium + + * mark the gpgv binary as Priority: important, since apt depends on it + * import a bunch of fixes from upstream + * include permissioning on patched-in tests + * Breaks: some packages that expect old gpg behavior (Closes: #831500) + * remove scdaemon.service; it will be managed by gpg-agent.service + * avoid bulleted items in debian/NEWS (thanks, Lintian!) + * debian/copyright: cleanup, fix URLs + * debian/control: use standard URL for Vcs-Browser + * fix spelling and grammar noticed by lintian + * avoid lintian notes about a misspelled "written" + * clean up gpgv2 Description + * break out arch-indep localization files into new gnupg-l10n package + + -- Daniel Kahn Gillmor Mon, 01 Aug 2016 17:54:59 -0400 + +gnupg2 (2.1.14-1) experimental; urgency=medium + + * New upstream release + + -- Daniel Kahn Gillmor Fri, 15 Jul 2016 01:39:25 +0200 + +gnupg2 (2.1.13-5) experimental; urgency=medium + + * dependency cleanup! + - make Recommends: strictly versioned between gnupg and {gpg-agent,dirmngr} + - make gnupg Provide: gpg and mention it in the package description + - drop mention of newpg, which has not been in debian for many releases + - gnupg2 2.0.18 predates debian wheezy, which is oldstable; drop mention + in debian/control + - drop Suggests: gnupg-doc, which does not appear to be maintained + - drop all references to gpg-idea, which has not been in debian for + several releases + - removed dependency on "dpkg (>= 1.15.4) | install-info", since that + dpkg version predates oldstable (wheezy) + + -- Daniel Kahn Gillmor Mon, 04 Jul 2016 10:13:42 -0400 + +gnupg2 (2.1.13-4) experimental; urgency=medium + + * add binutils-multiarch [!amd64 !i386] to Build-Depends-Indep: so that + we can generate win32 packages on non-x86 platforms. + + -- Daniel Kahn Gillmor Fri, 01 Jul 2016 11:30:28 -0400 + +gnupg2 (2.1.13-3) experimental; urgency=medium + + * pull bugfixes from upstream (Closes: #828109, #814584) + * should also allow for reproducible builds, with fix to + timestamps in tofu.test + * provide supervised dirmngr, gpg-agent, and scdaemon services from + systemd's user sessioniif the user wants to enable them. These + services should terminate at logout (Closes: #825911) + * avoid launching gpg-agent from Xsession.d since we have more robust + session management available (added NEWS entry about this change) + * gnupg-agent now Provides: gpg-agent to mitigate common confusion. + * updated dirmngr package description. + + -- Daniel Kahn Gillmor Tue, 28 Jun 2016 13:46:36 -0400 + +gnupg2 (2.1.13-2) experimental; urgency=medium + + * brown paper bag time: fix build-dep from libusb-1.0.0-dev to + libusb-1.0-0-dev + + -- Daniel Kahn Gillmor Fri, 17 Jun 2016 23:07:43 -0400 + +gnupg2 (2.1.13-1) experimental; urgency=medium + + * New upstream release + - new keyid-format "none", used by default (Closes: #826273) + * Build-depend on libusb-1.0.0-dev to ensure smartcards work (Thanks, + gniibe!) + + -- Daniel Kahn Gillmor Thu, 16 Jun 2016 18:30:36 -0400 + +gnupg2 (2.1.12-1) experimental; urgency=medium + + * New upstream release + + -- Daniel Kahn Gillmor Tue, 10 May 2016 20:58:06 -0400 + +gnupg2 (2.1.11-7+exp1) experimental; urgency=medium + + * switching over binary package names in experimental -- gnupg2 source + package now provides gnupg and gpgv + + -- Daniel Kahn Gillmor Mon, 18 Apr 2016 19:17:19 -0400 + +gnupg2 (2.1.11-7) unstable; urgency=medium + + * move to unstable + * re-enable test suites on mips and mipsel since #730846 is resolved + + -- Daniel Kahn Gillmor Mon, 18 Apr 2016 07:45:16 -0400 + +gnupg2 (2.1.11-6+exp4) experimental; urgency=medium + + * stop using help2man to fix cross-building + * ensure gpgv-win32 is properly stripped + * enable autopkgtest to run without root on systems that already have + wine32 installed + + -- Daniel Kahn Gillmor Fri, 01 Apr 2016 13:08:07 -0300 + +gnupg2 (2.1.11-6+exp3) experimental; urgency=medium + + * more cleanup on arch-dependent packages. + + -- Daniel Kahn Gillmor Wed, 30 Mar 2016 03:36:18 -0400 + +gnupg2 (2.1.11-6+exp2) experimental; urgency=medium + + * avoid build failures when building only arch-dependent or only + arch-independent packages. + + -- Daniel Kahn Gillmor Wed, 30 Mar 2016 02:59:18 -0400 + +gnupg2 (2.1.11-6+exp1) experimental; urgency=medium + + * take over gpgv-win32 from gnupg 1.4 packaging + + -- Daniel Kahn Gillmor Mon, 28 Mar 2016 23:27:43 -0400 + +gnupg2 (2.1.11-6) unstable; urgency=medium + + * avoid FTBFS with patch from upstream (Closes: #814842) + * bumped standards-version to 3.9.7 (no changes needed) + + -- Daniel Kahn Gillmor Tue, 01 Mar 2016 09:36:41 +0100 + +gnupg2 (2.1.11-5) unstable; urgency=medium + + * taking over gpgv-udeb from gnupg 1.4 packaging + * debian/control: use secure transport for Vcs-* and Homepage + + -- Daniel Kahn Gillmor Thu, 04 Feb 2016 17:17:47 -0500 + +gnupg2 (2.1.11-4) unstable; urgency=medium + + * disable gpgtar, since it is causing unpredictable testsuite failures + and we don't ship it anyway. + + -- Daniel Kahn Gillmor Wed, 03 Feb 2016 11:57:57 -0500 + +gnupg2 (2.1.11-3) unstable; urgency=medium + + * trying again to get a proper dump of the gpgtar.test.log. sigh. + + -- Daniel Kahn Gillmor Thu, 28 Jan 2016 08:34:22 -0500 + +gnupg2 (2.1.11-2) unstable; urgency=medium + + * added temporary hook to view failing gpgtar test output on build + daemons since i can't replicate the failures on my own build systems. + + -- Daniel Kahn Gillmor Thu, 28 Jan 2016 00:53:29 -0500 + +gnupg2 (2.1.11-1) unstable; urgency=medium + + * new upstream release + - drops buggy attempt to detect duplicate keys (Closes: #807819) + * removed -dbg package, since we have automatic -dbgsym packages now + * removed undocumented gpgkey2ssh; use gpg --export-ssh-key instead + + -- Daniel Kahn Gillmor Mon, 25 Jan 2016 15:29:25 -0500 + +gnupg2 (2.1.10-3) unstable; urgency=medium + + * avoid infinite loop when doing --gen-revoke by fingerprint + + -- Daniel Kahn Gillmor Sat, 12 Dec 2015 16:53:40 -0500 + +gnupg2 (2.1.10-2) unstable; urgency=medium + + * actually use sks-keyservers CA by default if the user asks for + hkps://hkps.pool.sks-keyservers.net + * move ownership of some files in /usr/share/gnupg2/ to more appropriate + owners like gpgsm and dirmngr. + + -- Daniel Kahn Gillmor Fri, 11 Dec 2015 17:06:10 -0500 + +gnupg2 (2.1.10-1) unstable; urgency=medium + + * new upstream release + * ship sks-keyservers.netCA.pem in dirmngr to make it easier to use hkps. + * avoid shipping Changelog-2011, use upstream ChangeLog (Closes: + #803225) + + -- Daniel Kahn Gillmor Wed, 09 Dec 2015 12:05:42 -0500 + +gnupg2 (2.1.9-1) unstable; urgency=medium + + * New upstream release + + -- Daniel Kahn Gillmor Tue, 13 Oct 2015 10:04:33 -0400 + +gnupg2 (2.1.8-2) UNRELEASED; urgency=medium + + [ NIIBE Yutaka ] + * update scdaemon dependencies + + [ Daniel Kahn Gillmor ] + * correct ssh fingerprint for ECDSA nistp384 (Closes: #795636) + + -- Daniel Kahn Gillmor Thu, 17 Sep 2015 00:00:28 -0400 + +gnupg2 (2.1.8-1) unstable; urgency=medium + + * New upstream release + + -- Daniel Kahn Gillmor Thu, 10 Sep 2015 17:00:06 -0400 + +gnupg2 (2.1.7-2) unstable; urgency=medium + + * upload to unstable + + -- Daniel Kahn Gillmor Tue, 11 Aug 2015 21:24:18 -0400 + +gnupg2 (2.1.7-1) experimental; urgency=medium + + * new upstream release + * block ptrace connections to gpg-agent + + -- Daniel Kahn Gillmor Tue, 11 Aug 2015 20:05:38 -0400 + +gnupg2 (2.1.6-1) experimental; urgency=medium + + * new upstream release + * drop deprecated gpgsm-gencert.sh + + -- Daniel Kahn Gillmor Tue, 07 Jul 2015 14:27:23 -0400 + +gnupg2 (2.1.5-2) experimental; urgency=medium + + [ Daniel Kahn Gillmor ] + * pass DBUS_SESSION_BUS_ADDRESS through to the agent so that + pinentry-gnome3 can work across sessions. + * ensure that l10n files are rebuilt. + + [ Eric Dorland ] + * debian/patches/0003-Include-defs.inc-in-BUILT_SOURCES.patch: Fix for + build failure when rebuilding info docs. + + -- Daniel Kahn Gillmor Tue, 30 Jun 2015 18:13:58 -0400 + +gnupg2 (2.1.5-1) experimental; urgency=medium + + * New upstream release + + -- Daniel Kahn Gillmor Thu, 11 Jun 2015 13:18:56 -0400 + +gnupg2 (2.1.4-2) experimental; urgency=medium + + * avoid excess dependencies on headless servers (Closes: #753163) + + -- Daniel Kahn Gillmor Wed, 03 Jun 2015 14:12:49 -0400 + +gnupg2 (2.1.4-1) experimental; urgency=medium + + * New upstream release. + + -- Daniel Kahn Gillmor Thu, 28 May 2015 00:25:55 -0400 + +gnupg2 (2.1.3-1) experimental; urgency=medium + + * New upstream version. + * Add gnupg2-dbg (Closes: #781631) + + -- Daniel Kahn Gillmor Wed, 01 Apr 2015 12:10:38 -0400 + +gnupg2 (2.1.2-2) experimental; urgency=medium + + * Fix segv due to NULL value stored as opaque MPI. + + -- Daniel Kahn Gillmor Sat, 21 Feb 2015 10:26:50 -0500 + +gnupg2 (2.1.2-1) experimental; urgency=medium + + * New upstream version + * move from automake1.11 to plain automake (upstream uses 1.14 now) + + -- Daniel Kahn Gillmor Thu, 12 Feb 2015 20:10:43 -0500 + +gnupg2 (2.1.1-1) experimental; urgency=medium + + * New upstream version (closes: #772654) + * gnupg2 now Breaks: older versions of dirmngr (closes: #769460) + + -- Daniel Kahn Gillmor Tue, 16 Dec 2014 14:58:06 -0500 + +gnupg2 (2.1.0-1) experimental; urgency=medium + + * import upstream 2.1.0 release. + * drop debian/patches/speed-up-test-suite.patch -- included upstream. + * avoid self-reporting as a beta now that this is a release + + -- Daniel Kahn Gillmor Thu, 06 Nov 2014 12:31:06 -0500 + +gnupg2 (2.1.0~beta895-3) experimental; urgency=medium + + * update gnupg-agent.xsession to export ssh-agent where + configured. (Closes: #767341) + * use cheap/fast entropy for the test suite so that builds on + low-entropy machines go faster. + + -- Daniel Kahn Gillmor Thu, 30 Oct 2014 13:37:08 -0400 + +gnupg2 (2.1.0~beta895-2) experimental; urgency=medium + + * added pkg-config to Build-Depends. + + -- Daniel Kahn Gillmor Wed, 29 Oct 2014 18:36:27 -0400 + +gnupg2 (2.1.0~beta895-1) experimental; urgency=medium + + * new upstream version in experimental (Closes: #762844, #751266, #762844) + * ship /usr/bin/gpgparsemail (Closes: #760575) + * document that doc/OpenPGP is not actually an RFC, but just refers to + one (closes: #745410) + * Bump Standards-Version to 3.9.6 (no changes needed) + * --enable-large-secmem to ensure that gpg2 works with pre-generated + oversized RSA keys + * updated /etc/X11/Xsession.d/90gpg-agent to export $GPG_AGENT_INFO + about the standard socket. + + -- Daniel Kahn Gillmor Wed, 29 Oct 2014 17:53:06 -0400 + +gnupg2 (2.0.28-3) unstable; urgency=medium + + * pass DBUS_SESION_BUS_ADDRESS to the agent for gnome3. + + -- Daniel Kahn Gillmor Sat, 04 Jul 2015 14:21:41 -0400 + +gnupg2 (2.0.28-2) unstable; urgency=medium + + * d/clean: drop stamp-po to rebuild l10n (Closes: #788989) + + -- Daniel Kahn Gillmor Tue, 30 Jun 2015 17:17:11 -0400 + +gnupg2 (2.0.28-1) unstable; urgency=medium + + * new upstream release + * really address excess dependencies on headless server (thanks Raphaël + Halimi for noticing) (Closes: #753163) + + -- Daniel Kahn Gillmor Tue, 02 Jun 2015 12:16:57 -0400 + +gnupg2 (2.0.27-2) unstable; urgency=medium + + * import upstream fix to avoid replicating unknown subkey + packets. (Closes: #787045) (Thanks, NIIBE Yutaka) + + -- Daniel Kahn Gillmor Thu, 28 May 2015 00:55:51 -0400 + +gnupg2 (2.0.27-1) unstable; urgency=medium + + * New upstream release. + * Provide a simple way for users to avoid gpg-agent hijacking, + working around: #760102 (Closes: #753163) + + -- Daniel Kahn Gillmor Fri, 08 May 2015 18:15:15 -0400 + +gnupg2 (2.0.26-6) unstable; urgency=medium + + * Avoid NULL dereference with opaque MPI. + + -- Daniel Kahn Gillmor Sat, 21 Feb 2015 18:01:40 -0500 + +gnupg2 (2.0.26-5) unstable; urgency=medium + + * import bug-fixes from upstream + (Closes: #773415, #773469, #773471, #773472, #773423) + * Fixes CVE-2015-1606 "Use after free, resulting from failure to skip + invalid packets", CVE-2015-1607 "memcpy with overlapping ranges, + resulting from incorrect bitwise left shifts" (Closes: #778577) + + -- Daniel Kahn Gillmor Mon, 16 Feb 2015 17:45:06 -0500 + +gnupg2 (2.0.26-4) unstable; urgency=medium + + [ David Prévot ] + * Update POT and PO files, and ensure the translations get rebuild + * Update French translation (Closes: #769574) + * Update Ukrainian translation, thanks to Yuri Chornoivan + * Update German translation, thanks to Werner Koch + * Update Danish translation, thanks to Joe Hansen + * Update Japanese translation, thanks to NIIBE Yutaka + * Update Chinese (traditional) translation, thanks to Jedi Lin + * Update Russian translation, thanks to Ineiev + * Update Polish translation, thanks to Jakub Bogusz + * Update Spanish translation, thanks to Manuel "Venturi" Porras Peralta + (Closes: #770727) + * New Dutch translation, thanks to Frans Spiesschaert (Closes: #770981) + + [ Daniel Kahn Gillmor ] + * bugfix and cryptographic safety changes imported from upstream: + - Avoid regression when adding subkeys with strong s2k algorithms + (Closes: #772780) Thanks, NIIBE Yutaka + - Allow french translation to work when prompting for passphrase. + - add build and runtime support for larger RSA keys (Closes: #739424) + - fix runtime errors on bad input (Closes: #771987) + - deprecate insecure one-argument variant for gpg --verify of detached + signatures (Closes: #771992) + - initialize trustdb before trying to clear it (Closes: #735363) + - default to issuing SHA256 signatures for RSA + - avoid relying on MD5 signatures + - show v3 key fingerprints as all zero (OpenPGPv3 is deprecated) + + -- Daniel Kahn Gillmor Sun, 04 Jan 2015 17:17:00 -0500 + +gnupg2 (2.0.26-3) unstable; urgency=medium + + * fix typo in gpg.info (closes: #760273) + * drop versioned Build-Conflicts on automake by setting environment + variables in debian/rules + * ship /usr/bin/gpgparsemail (closes: #760575) + * warn but don't fail when scdaemon options are in ~/.gnupg/gpg.conf + (closes: #762844) + * do not break on --trust-model=always (closes: #751266) + * document that doc/OpenPGP is not actually an RFC, but just refers to + one (closes: #745410) + * Bump Standards-Version to 3.9.6 (no changes needed) + + -- Daniel Kahn Gillmor Tue, 30 Sep 2014 23:39:15 -0400 + +gnupg2 (2.0.26-2) unstable; urgency=medium + + * ignore emacs turds in debian/ + * update Vcs fields + * move package to group maintenance + * wrap-and-sort cleanup of debian/* + + -- Daniel Kahn Gillmor Thu, 28 Aug 2014 11:42:18 -0700 + +gnupg2 (2.0.26-1) unstable; urgency=medium + + * New upstream release. + * debian/control: Suggest parcimonie. Thanks ilf. (Closes: #752261) + + -- Eric Dorland Tue, 19 Aug 2014 18:09:08 -0400 + +gnupg2 (2.0.25-2) unstable; urgency=medium + + * debian/control: Switch to libgcrypt20-dev (aka 1.6 release). + + -- Eric Dorland Fri, 08 Aug 2014 14:12:05 -0400 + +gnupg2 (2.0.25-1) unstable; urgency=medium + + * New upstream release. + + -- Eric Dorland Mon, 30 Jun 2014 13:10:04 -0400 + +gnupg2 (2.0.24-1) unstable; urgency=high + + * New upstream release. Fixes CVE-2014-4617 "infinite loop when + decompressing data packets". (Closes: #752498) + * debian/patches/02-gpgv2-dont-link-libassuan.diff: Drop, now + upstreamed. + + -- Eric Dorland Wed, 25 Jun 2014 00:11:19 -0400 + +gnupg2 (2.0.23-1) unstable; urgency=medium + + * New upstream release. + * debian/upstream/signing-key.asc: Rename upstream-signing-key.pgp to + the new, supported name. + * debian/control: Restore versioned conflict against gpg-idea. (Closes: + #733984) + * debian/control: Add Recommends on dirmngr for gpgsm. (Closes: #683579) + + -- Eric Dorland Sun, 08 Jun 2014 19:20:17 -0400 + +gnupg2 (2.0.22-3) unstable; urgency=low + + * debian/watch, debian/upstream-signing-key.pgp: Add upstream signing + key for uscan verification. + * debian/kbxutil.1, debian/rules: Add better description and regenerate + the manpage. + * debian/control: Remove version on gpg-idea conflict, add missing + Breaks for gpgsm and convert Conflicts to Breaks for gpgv2. + * debian/control: Move gnupg-agent to Depends for gpgsm instead of + Replaces (which in turn should have been Recommends). + * debian/control: Standards-Version to 3.9.5. + * debian/copyright: Switch to a shiny DEP-5 copyright file. + + -- Eric Dorland Wed, 01 Jan 2014 22:56:56 -0500 + +gnupg2 (2.0.22-2) unstable; urgency=low + + * debian/control: Fix Build-Conflicts on newer automakes. Thanks Chris + Boot. (Closes: #726015) + * debian/control: IDEA is no longer patented, drop its metion from the + description. Thanks brian m. carlson. (Closes: #726139) + * debian/rules: Disable the test suite on mips and mipsel to work around + Bug:#730846. + + -- Eric Dorland Sat, 30 Nov 2013 23:47:56 -0500 + +gnupg2 (2.0.22-1) unstable; urgency=low + + * New upstream version. Fixes CVE-2013-4402 and CVE-2013-4351. (Closes: + #725433, #722724) + * debian/gnupg2.install: Install gnupg-card-architecture.png for the + info file. + + -- Eric Dorland Sat, 05 Oct 2013 17:45:28 -0400 + +gnupg2 (2.0.21-2) unstable; urgency=low + + * debian/rules, debian/gnupg2.install: Switch libexecdir to + /usr/lib/gnupg2 to install helper binaries to a non-multiarch specific + location. (Closes: #717303) + * debian/control, debian/gpgv2.install: Split out gpgv2 into its own + package. + * debian/control, debian/gnupg2.install, debian/kbxutil.1: Add rule and + manpage for kbxutil using help2man. (Closes: #323494) + * debian/patches/02-gpgv2-dont-link-libassuan.diff: Don't link gpgv2 + against libassuan as it's not used. + * debian/rules: Install changelog for gpgv2. + + -- Eric Dorland Sun, 01 Sep 2013 00:42:16 -0400 + +gnupg2 (2.0.21-1) unstable; urgency=low + + * New upstream release. (Closes: #613465, #720369) + * debian/patches/01-gnupg2-rename.diff: Refresh patch. + * debian/control: Fix Vcs-Git path. + * debian/control: Now depends on libgpg-error >= 1.11. + * debian/control: Build-Depends on automake1.11 since the test suite + fails on newer versions. (Closes: #713287) + * debian/control: Also need a Build-Conflicts on automake (<= 1.12). + + -- Eric Dorland Sat, 24 Aug 2013 20:33:19 -0400 + +gnupg2 (2.0.20-1) unstable; urgency=low + + * New upstream release. (Closes: #691237, #583893) + * debian/patches/02-cve-2012-6085.diff: Remove, merged upstream. + * debian/control: Upgrade Standards-Version to 3.9.4. + * debian/compat, debian/control: Upgrade to debhelper v9. + * debian/control, debian/rules: Drop hardening-wrapper, now that we use + debhelper v9. + * debian/scdaemon.install: scdaemon has moved under $libexecdir. + * debian/control: Tighten dependency on scdaemon. + * debian/rules: Turn on all hardening options. + * debian/patches/01-gnupg2-rename.diff: Refresh patch. + * debian/gnupg-agent.install, debian/gnupg2.install, + debian/scdaemon.install: Fix /usr/lib paths for multi-arch. + * debian/rules: Pass ${pkglibdir} to --libexecdir since dh v9 passes + ${libdir} by default. + + -- Eric Dorland Sat, 11 May 2013 18:28:57 -0400 + +gnupg2 (2.0.19-2) unstable; urgency=high + + * debian/patches/02-cve-2012-6085.diff: Patch from upstream to fix + CVE-2012-6085, "gnupg key import memory corruption". (Closes: #697251) + * debian/control: Use canonical addresses for VCS. + * debian/control: Fix scdaemon short description. + + -- Eric Dorland Fri, 04 Jan 2013 00:56:52 -0500 + +gnupg2 (2.0.19-1) unstable; urgency=low + + * New upstream release. (Closes: #666092) + * debian/control: Add Multi-Arch: foreign to all packages. + * debian/rules: Update ChangeLog locations. + + -- Eric Dorland Sat, 31 Mar 2012 01:06:02 -0400 + +gnupg2 (2.0.18-2) unstable; urgency=low + + * debian/control, debian/gpgsm.install, debian/scdaemon.install: Add a + separate package for the scdaemon. (Closes: #416129) + * debian/control, debian/gpgsm.install, debian/gnupg2.install, + gnupg-agent.install: Move gpg-preset-passphrase and gpg-protect-tool + into the gnupg-agent. + * debian/control: Upgrade Standards-Version to 3.9.2. + * debian/rules: Install ChangeLog for new scdaemon package. + + -- Eric Dorland Sat, 15 Oct 2011 20:21:35 -0400 + +gnupg2 (2.0.18-1) unstable; urgency=low + + * New upstream release. (Closes: #635206) + * debian/copyright: Update ftp location. (Closes: #624404) + * debian/patches/01-gnupg2-rename.diff: Refresh patch. + + -- Eric Dorland Tue, 30 Aug 2011 03:43:20 -0400 + +gnupg2 (2.0.17-3) unstable; urgency=low + + * debian/rules: Convert the rules file to use the lovely dh format. + * debian/gnupg2.dirs, debian/gnupg-agent.dirs, debian/gpgsm.dirs: Remove + unless dirs files. + * debian/gnupg-agent.lintian-overrides, debian/gnupg2.lintian-overrides, + debian/gpgsm.lintian-overrides: Remove unneeded lintian-overrides files. + + -- Eric Dorland Mon, 14 Feb 2011 03:17:39 -0500 + +gnupg2 (2.0.17-2) unstable; urgency=low + + * debian/control: Add dependency on dpkg (>= 1.15.4) | install-info for + info install trigger. + * debian/control, debian/rules: Use debian build hardening. + + -- Eric Dorland Sun, 13 Feb 2011 16:33:17 -0500 + +gnupg2 (2.0.17-1) unstable; urgency=low + + * New upstream release. (Closes: #584316, #603985, #603983, #603984) + * debian/patches/02-encode-s2k.diff, + debian/patches/03-gpgsm-realloc.diff, debian/patches/series: Drop now + unneeded security patches. + * debian/rules, debian/patches/01-gnupg2-rename.diff, + debian/gnupg2.info, debian/gnupg2.install: No need to rename the info + file anymore. + * debian/patches/01-gnupg2-rename.diff: Rename the autoconf package for + better renaming of pkg directories. (Closes: #579006) + * debian/control, debian/compat: Upgrade to debhelper level 8. + * debian/control: + - Upgrade Standards-Version to 3.9.1. + - Update Build-Depends versions for the latest release. + * debian/gnupg2.install: Add the applygnupgdefaults command. (Closes: + #567537) + * debian/gnupg2.docs: doc/faq.html no longer exists. + + -- Eric Dorland Sun, 13 Feb 2011 16:06:41 -0500 + +gnupg2 (2.0.14-2) unstable; urgency=low + + * debian/*.lintian, debian/*.lintian-overrides, debian/rules: Rename + lintian files and use dh_lintian instead of shell snippets. + * debian/source/patch-header, debian/source/options: Delete patch header + and remove single-debian-patch option. + * debian/patches/01-gnupg2-rename.diff: Move patch to do the necessary + renaming of gnupg -> gnupg2 in a quilt patch. + * debian/patches/02-encode-s2k.diff: Added patch to fix passphrase + problem in gpgsm. Thanks Martijn van Brummelen for the NMU to fix this + problem in 2.0.14-1.1. + * debian/patches/03-gpgsm-realloc.diff: Fix for "Realloc Bug with X.509 + certificates" for gpgsm. (Closes: #590122) + * debian/rules, debian/control: Use dh-autoreconf and autopoint to + regenerate autotools files at build time. + + -- Eric Dorland Sun, 25 Jul 2010 02:16:42 -0400 + +gnupg2 (2.0.14-1) unstable; urgency=low + + * New upstream release. + * debian/control: Build depend on libreadline-dev instead of + libreadline5-dev, since libreadline6-dev is out. (Closes: #548922) + * debian/source/format, debian/source/options, + debian/source/patch-header: Convert to v3 quilt format, with + single-debian-patch. + * debian/control: Tighten dependency on gnupg-agent. (Closes: #551792) + + -- Eric Dorland Sat, 09 Jan 2010 21:15:18 -0500 + +gnupg2 (2.0.13-1) unstable; urgency=low + + * New upstream release. + * debian/control: Depend instead of Recommend gnupg-agent. (Closes: + #538947) + + -- Eric Dorland Mon, 07 Sep 2009 20:38:23 -0400 + +gnupg2 (2.0.12-1) unstable; urgency=low + + * New upstream release. (Closes: #499569, #463270, #446494, #314068, + #519375, #514587) + * debian/control: Change build dependency on gs to ghoscript, since + ghoscript has been replaced. + * debian/compat: Use debhelper v7. + * debian/control: Update Standards-Version to 3.8.2. + * debian/control: Use ${misc:Depends}. + * configure.ac: Override pkgdatadir so that it points to + /usr/share/gnupg2. (Closes: #528734) + * debian/rules: No longer need to specify pkgdatadir at make install + time. + + -- Eric Dorland Sun, 23 Aug 2009 20:48:11 -0400 + +gnupg2 (2.0.11-1) unstable; urgency=low + + * New upstream release. (Closes: #496663) + * debian/control: Make the description a little more distinctive than + gnupg v1's. Thanks Jari Aalto. (Closes: #496323) + + -- Eric Dorland Sun, 08 Mar 2009 22:46:47 -0400 + +gnupg2 (2.0.9-3) unstable; urgency=medium + + * Urgency medium to try to beat the release. + * tools/gpgkey2ssh.c: Patch from Daniel Kahn Gillmor to fix broken ssh + key generation. (Closes: #473841) + + -- Eric Dorland Mon, 21 Jul 2008 03:48:11 -0400 + +gnupg2 (2.0.9-2) unstable; urgency=low + + * The "I've neglected you too long" release. + + * debian/control: + - Add recommends on gnupg-agent for gpgsm and gnupg2, since they need + it under most circumstances. (Closes: #459462, #477691) + - Depend on pinentry instead of recommend, and move pinentry-gtk2 to the + front of the alternatives list. (Closes: #462951) + * keyserver/gpgkeys_curl.c, keyserver/gpgkeys_hkp.c: Fix FTBFS with gcc + 4.3 strictness on bitfields combined with curl. (Closes: #476999) + + -- Eric Dorland Mon, 28 Apr 2008 03:22:20 -0400 + +gnupg2 (2.0.9-1) unstable; urgency=low + + * New upstream release. Fixes CVE-2008-1530, Key import memory corruption. + (Closes: #472928) + * debian/rules: Don't ignore status of make distclean, just check for + the existance of the Makefile. + + -- Eric Dorland Sat, 29 Mar 2008 03:21:21 -0400 + +gnupg2 (2.0.8-1) unstable; urgency=low + + * New upstream release. (Closes: #428635) + * debian/watch: Use passive ftp, ftp.gnupg.org doesn't seem happy + otherwise. (Closes: #456467) + * debian/control: + - Requires libassuan >= 1.0.4 now. + - Remove the XS- prefix from the Vcs-* headers. + - Add Homepage header. + - Upgrade Standards-Version to 3.7.3.0. + - Make gnupg2 optional rather than extra. + - Remove unnecessary conflict on suidmanager. + + -- Eric Dorland Sat, 22 Dec 2007 02:06:42 -0500 + +gnupg2 (2.0.7-1) unstable; urgency=low + + * New upstream release. + * debian/rules: + - Remove unnecessary deletion of the .gmo files. (Closes: #442583) + - Clean out some old comments + * gnupg-agent.xsession: Remove the quotes around --write-env-file + argument. Not ideal, but fine for now. Thanks Luis Rodrigo Gallardo + Cruz. (Closes: #443580) + + -- Eric Dorland Sun, 30 Sep 2007 02:50:40 -0400 + +gnupg2 (2.0.6-1) unstable; urgency=low + + * New upstream release. (Closes: #437289) + * debian/gnupg-agent.xsession: Run the Xsession under the gpg-agent, so + it exits properly when the session dies. (Closes: #401843) + * debian/control: Add XS-Vcs headers for its new git home. + + -- Eric Dorland Mon, 03 Sep 2007 23:29:11 -0400 + +gnupg2 (2.0.5-2) unstable; urgency=low + + * The "Ubuntu, I would have done it had you only asked" release. + + * debian/copyright: Fix download location. Thanks Ubuntu. + * debian/README.Debian: Remove, doesn't contain any relevant info. + * debian/rules: + - Build with --sysconfdir=/etc, thanks Bernhard Herzog. (Closes: #434790) + - Run dh_installexamples. + - Don't list the docs to install in here. + * debian/gnupg2.examples: New file, install gpgconf.conf as an example + into /usr/share/doc. Hope this is a good compromise Bernhard. (Closes: + #434878) + * debian/control: + - Remove opensc and pcsc-lite build dependencies, they're not used anymore. + - Add libcurl4-gnutls-dev build dep, to use the real curl. + * g10/call-agent.c: set DBG_ASSUAN to 0 to suppress a debug + message. Thanks Ubuntu. + * debian/gnupg2.docs, debian/gpgsm.docs: Move installed docs in here, + add some new docs. Thanks Ubuntu. + * debian/rules, debian/gnupg-agent.install: Build symcryptrun and install it + in the gnupg-agent package. Thanks Bernhard Herzog. (Closes: #434787) + * debian/rules, debian/control: Only recommend libldap, don't depend on + it.Thanks Riku. (Closes: #435138) + + -- Eric Dorland Thu, 16 Aug 2007 22:24:16 -0400 + +gnupg2 (2.0.5-1) unstable; urgency=low + + * New upstream release. + * debian/watch: Add watch file. + * debian/control: + - Require libassuan 1.0.2 or greater. + - Require libksba 1.0.2 or greater. + - Don't recommend plain gpg anymore. + * debian/copyright: Update copyright text for GPL v3 relicensing. + * docs/scdaemon.texi: Remove old --print-atr documentation. Thanks + Ludovic Rousseau. (Closes: #404128) + + -- Eric Dorland Sun, 22 Jul 2007 16:03:32 -0400 + +gnupg2 (2.0.4-1) unstable; urgency=low + + * New upstream release. + + -- Eric Dorland Fri, 11 May 2007 00:41:01 -0400 + +gnupg2 (2.0.3-1) unstable; urgency=high + + * New upstream release. + - Fixes multoiple messages problem aka CVE-2007-1263. + + -- Eric Dorland Fri, 9 Mar 2007 03:28:53 -0500 + +gnupg2 (2.0.2-1) unstable; urgency=high + + * New upstream release. (Closes: #409559) + * Thanks Andreas Barth for NMUs. (Closes: #400777, #401895, #401913) + * debian/gpgsm.install: pcsc-wrapper renamed to gnupg-pcsc-wrapper. + + -- Eric Dorland Mon, 19 Feb 2007 20:34:52 -0500 + +gnupg2 (2.0.0-5) unstable; urgency=high + + * debian/control: Remove unnecessary dependencies on makedev and + udev. Thanks Marco d'Itri. + * doc/gnupg.texi, debian/gnupg2.info, debian/rules: Set the output file + to gnupg2.info, and use that for the index. (Closes: #398493) + + -- Eric Dorland Fri, 24 Nov 2006 02:23:35 -0500 + +gnupg2 (2.0.0-4) unstable; urgency=medium + + * debian/control: Update forgotten replaces for pcsc-wrapper move. + + -- Eric Dorland Mon, 20 Nov 2006 23:02:25 -0500 + +gnupg2 (2.0.0-3) unstable; urgency=medium + + * debian/control: Remove warning about development, thanks Gonzalo + HIGUERA DIAZ. (Closes: #399551) + + -- Eric Dorland Mon, 20 Nov 2006 14:32:33 -0500 + +gnupg2 (2.0.0-2) unstable; urgency=medium + + * All packaging fixes, so urgency medium to beat the freeze. + * debian/distfiles, debian/lintian.override, debian/point-to-info.1: + Remove unused files. + * debian/gnupg2.info, debian/rules, gnupg2.files: Install all the info + files properly. (Closes: #398493) + * debian/rules: + - Remove some unnecessary autotools build rules. + - Move some of make install targets more correctly to the + configure line. + * debian/*.files, debian/rules: Rename *.files to .install and use + dh_install nstead of dh_movefiles. + * debian/gnupg-agent.xsession: Account for spaces in the configuration + file, thanks Artem Zolochevskiy. (Closes: #352326) + * debian/control: + - Adjust build-dependency versions slightly to match what the + configure scipt requires. + - Update Standards-Version to 3.7.2.2. + * debian/gpgsm.install, debian/gnupg2.install: Install the pcsc-wrapper + in gpgsm. (Closes: #353232) + * debian/gpgsm.install, debian/rules: Install gpg-protect-tool into + /usr/libb/gnupg2. + + -- Eric Dorland Sun, 19 Nov 2006 18:03:39 -0500 + +gnupg2 (2.0.0-1) unstable; urgency=medium + + * New upstream release. (Closes: #398215) + * common/estream.c: #define PTH_SYSCALL_SOFT 0 as suggested by Daniel Hess. + + -- Eric Dorland Sun, 12 Nov 2006 23:52:59 -0500 + +gnupg2 (1.9.94-1) unstable; urgency=low + + * New upstream release. + + -- Eric Dorland Thu, 2 Nov 2006 16:06:30 -0500 + +gnupg2 (1.9.93-1) unstable; urgency=medium + + * New upstream release. Urgency medium to try to beat the freeze. Thanks + to Andreas Metzler for getting this package into shape. + + -- Eric Dorland Wed, 25 Oct 2006 00:41:15 -0400 + +gnupg2 (1.9.91-0.1) unstable; urgency=low + + * New upstream version, built against clean upstream tarball. + (Closes: #378489,#388257) + * bump Build-Depends: + - libgpg-error-dev 0.6 -> 1.4 + - libassuan-dev 0.6.10 -> 0.9.1 + - libksba-dev 0.9.13 -> 1.0.0 (closes: #368552) + * Add libreadline5-dev to Build-Depends. + * Pass proper --build and --host args to ./configure. + * configure with --mandir='$${prefix}/share/man'. + * Add $(LIBINTL) to gpgsplit_LDADD in tools/Makefile.am. + * New upstream includes a lot more manpages, ship them. + (Closes: #300129,#300677) + gpg-agent(1) documents ~/gpg-agent.conf. (Closes: #300676) + * Update debian/copyright. + * Drop gnupg2.postinst gnupg2.postrm postinst postrm. They all only consited + of calls to suidregister for /usr/bin/gpg" or "chmod 4755 /usr/bin/gpg". + suidregister has been obsolete for a long time and /usr/bin/gpg is not + part of these packages. - If /usr/bin/gpg(v)2 was supposed to be installed + suid it should be shipped with these permissions in the deb instead + using chmod in postinst anyway. + * Drop preinst (ending up as gnupg-agent's preinst), which only showed + a warning on upgrades from <<0.3.2-1. - There never was a gnupg-agent + 0.3.2-1. + * Add (noop) binary-indep target as required by policy 4.9. + + -- Andreas Metzler Sun, 8 Oct 2006 07:51:44 +0000 + +gnupg2 (1.9.20-2) unstable; urgency=high + + * debian/control: Make myself the maintainer with Matthias' permission. + * Acknowledge NMU. (Closes: #375053, #376755) + * g10/parse-packet.c: Patch from Martin Schulze to backport security fix + for CVE-2006-3746, crash when receiving overly long comments. + + -- Eric Dorland Fri, 4 Aug 2006 18:11:43 -0400 + +gnupg2 (1.9.20-1.1) unstable; urgency=high + + * Non-maintainer upload. + * Adapt patch from upstream CVS, fixing buffer overflow leading to remote + DoS/crash (CVE-2006-3082). (Closes: #375053) + + -- Steinar H. Gunderson Tue, 4 Jul 2006 20:37:43 +0200 + +gnupg2 (1.9.20-1) unstable; urgency=low + + * New Upstream version. Closes:#306890,#344530 + * Closes:#320490: gpg-protect-tool fails to decrypt PKCS-12 files + * Depend on libopensc2-dev, not -1-. Closes:#348106 + + -- Matthias Urlichs Tue, 24 Jan 2006 04:31:42 +0100 + +gnupg2 (1.9.19-2) unstable; urgency=low + + * Convert debian/changelog to UTF-8. + * Put gnupg-agent and gpgsm lintian overrides in the respectively + right package. Closes: #335066 + * Added debhelper tokens to maintainer scripts. + * xsession fixes: + o Added host name to gpg-agent PID file name. Closes: #312717 + o Fixed xsession script to be able to run under zsh. Closes: #308516 + o Don't run gpg-agent if one is already running. Closes: #336480 + * debian/control: + o Fixed package description of gpgsm package. Closes: #299842 + o Added mention of gpg-agent to description of gnupg-agent package. + Closes: #304355 + * Thanks to Peter Eisentraut for all of the above. + + -- Matthias Urlichs Thu, 8 Dec 2005 22:13:21 +0100 + +gnupg2 (1.9.19-1) unstable; urgency=low + + * Merged with 1.9.19. + * Re-enable gpgv2 package. + + -- Matthias Urlichs Sat, 22 Oct 2005 14:33:33 +0200 + +gnupg2 (1.9.17-1) unstable; urgency=low + + * Merged with Upstream 1.9.17. + + -- Matthias Urlichs Mon, 4 Jul 2005 01:56:43 +0200 + +gnupg2 (1.9.15-6) unstable; urgency=high + + * Move gpg-protect-tool to the gpgsm package. + Closes: #303492. + High urgency because this renders gpgsm unuseable for some people. + * gpg-agent: Override max-cache-ttl if a higher default is set. + Closes: #302692. + + -- Matthias Urlichs Thu, 7 Apr 2005 10:13:19 +0200 + +gnupg2 (1.9.15-5) unstable; urgency=low + + * Add /etc/X11/Xsession.d/90gpg-agent script. Closes: #300128. + * Emphasize that gnupg2 is NOT useful at the moment. + * Conflict+replace gpg-agent with newpg. + + -- Matthias Urlichs Thu, 10 Mar 2005 22:46:10 +0100 + +gnupg2 (1.9.15-4) unstable; urgency=low + + * Incorporated Ubuntu changes from Andreas Mueller. + + -- Matthias Urlichs Thu, 10 Mar 2005 21:41:59 +0100 + +gnupg2 (1.9.15-3ubuntu3) hoary; urgency=low + + * removed info file + + -- Andreas Mueller Tue, 8 Mar 2005 01:58:39 +0100 + +gnupg2 (1.9.15-3ubuntu2) hoary; urgency=low + + * changed rules file, part cp gnupg.info to mv + and added dh_installinfo. + * changed Standards Version to 3.6.1 + + -- Andreas Mueller Tue, 8 Mar 2005 00:53:31 +0100 + +gnupg2 (1.9.15-3ubuntu1) hoary; urgency=low + + * added missing build depends texinfo + + -- Andreas Mueller Mon, 7 Mar 2005 22:47:56 +0100 + +gnupg2 (1.9.15-2) hoary; urgency=low + + * Initial checkin + + -- Andreas Mueller Mon, 7 Mar 2005 21:13:32 +0100 + +gnupg2 (1.9.15-1) experimental; urgency=low + + * New Upstream release. + * Removed -doc package: + - The package itself is too smal to merit being packaged separately. + - Interim solution: Documentation is included in the gnupg2 package. + - Goal: ask Upstream to split the .info file. + * Removed suidness. + * Update debian/copyright. + * Require libassuan >= 0.6.9. + + -- Matthias Urlichs Tue, 25 Jan 2005 08:19:15 +0100 + +gnupg2 (1.9.11+cvs20040924-5) experimental; urgency=low + + * Rebuild to depend on opensc1. + * Split -doc into its own package. + + -- Matthias Urlichs Thu, 16 Dec 2004 10:30:44 +0100 + +gnupg2 (1.9.11+cvs20040924-4) experimental; urgency=low + + * Turn on setuid-ness. + - Added Lintian overrides. + * Install all "standard" message files. + - Makefile.in: The package name for gettext is in the macro PACKAGE_GT, + not PACKAGE. + * Fix shebang line of addgnupghome script. + * Install info file in the correct place. + * Build cleanups. + + -- Matthias Urlichs Tue, 5 Oct 2004 10:59:56 +0200 + +gnupg2 (1.9.11+cvs20040924-3) experimental; urgency=low + + * rename gnupg-agent's changelog file + * Fix gnupg-agent's dependencies + + -- Matthias Urlichs Sun, 3 Oct 2004 20:14:30 +0200 + +gnupg2 (1.9.11+cvs20040924-2) experimental; urgency=low + + * Shipped a /usr/share/locale.alias file. Ouch. + * Split off gpgsm. + + -- Matthias Urlichs Wed, 29 Sep 2004 10:25:51 +0200 + +gnupg2 (1.9.11+cvs20040924-1) experimental; urgency=low + + * New Upstream. + + -- Matthias Urlichs Sat, 25 Sep 2004 11:05:44 +0200 + +gnupg2 (1.9.10+cvs-1) experimental; urgency=low + + * Packaged latest Upstream version. + * Split gpg-agent into its own .deb. + * Bit the bullet and started using debhelper. + + -- Matthias Urlichs Thu, 19 Aug 2004 11:43:34 +0200 + +gnupg2 (1.9.9-1) experimental; urgency=low + + * Packaged latest Upstream version. + + -- Matthias Urlichs Mon, 14 Jun 2004 17:18:18 +0200 + +gnupg2 (1.9.5-1) experimental; urgency=low + + * Packaged Upstream development version. + Closes:#187548 + + -- Matthias Urlichs Mon, 8 Mar 2004 05:30:35 +0100 + +gnupg (1.2.4-4) unstable; urgency=low + + * 12_zero_length_header.dpatch: update patch from David Shaw + to fix the fix of crashing on certain + keys. Closes: #234289 + + -- James Troup Mon, 23 Feb 2004 18:02:20 +0000 + +gnupg (1.2.4-3) unstable; urgency=low + + * Move to dpatch; existing non-debian/ change split into + 10_hppa_unaligned_constant.dpatch. + + * debian/rules: include /usr/share/dpatch/dpatch.make. + * debian/rules (build): depend on patch-stamp. + * debian/rules (clean): depend on unpatch. Remove debian/patched. + * debian/control (Build-Depends): add dpatch. + + * debian/rules: update version number and use install_foo convenience + variables. + * debian/rules (clean): remove emacs backup files from any directory. + + * 11_fi_po_update.dpatch: new patch from Tommi Vainikainen + to update Finnish translation as the current one + renders gnupg unusable. Closes: #232030, #222951, #192582 + * debian/rules (clean): remove po/fi.gmo to avoid dpkg-source errors + over unrepresentable changes to source. + + * 12_zero_length_header.dpatch: new patch from David Shaw + to fix cases where importing certain keys + makes the keyring unuseable. Closes: #232714 + + * 13_revoked_keys.dpatch: new patch from David Shaw + to list revoked keys as revoked. Closes: #231814 + + * 14_getkey_not_found_fix.dpatch: new patch from David Shaw + to fix --list-sigs incorrectly claiming "User + id not found". Closes: #229549 + + -- James Troup Fri, 20 Feb 2004 16:38:12 +0000 + +gnupg (1.2.4-2) unstable; urgency=low + + * mpi/hppa1.1/udiv-qrnnd.S: patch from LaMont Jones + to fix unaligned constant. Closes: #228456 + * debian/copyright: update year and version number. + + -- James Troup Tue, 20 Jan 2004 17:19:58 +0000 + +gnupg (1.2.4-1) unstable; urgency=medium + + * New upstream release. + * Most support for ElGamal Sign+Encrypt keys has been removed. Closes: #222293 + * No longer miss-identifies GNU/KFreeBSD as GNU/Hurd. Closes: #216957 + * Fixes build error on GNU/KFreeBSD (and Glibc-based GNU/KNetBSD). Closes: #221079 + * Fixes segmentation fault in prime generator. Closes: #213989 + * Fixes trustdb not updating without ultimately trusted keys. Closes: #222368 + + * debian/control (Build-Depends): add libbz2-dev. + + -- James Troup Wed, 31 Dec 2003 17:57:52 +0000 + +gnupg (1.2.3-1) unstable; urgency=low + + * New upstream release (Closes: #207340). + * gpg no longer kills keyrings by importing broken keys. Closes: #196505 + * options.skel uses subkeys.pgp.net instead of pgp.mit.edu. Closes: #206092 + * --import now closes files when it's done. Closes: #196643 + * A key listing speed regression has been fixed. Closes: #192083 + * debian/copyright: update URL and date. + * debian/rules: update dates and version. + + * debian/control (Standards-Version): bump to 3.6.0. + + * debian/Upgrading_From_PGP.txt: new file from to Richard Braakman + . Closes: #173233 + * debian/rules (binary-arch): install it. + + * debian/rules (build): correct libexecdir passed to configure; patch + from Matthias Cramer . Fixes invocation of + gpgkeys_ldap. Closes: #168486 + + -- James Troup Thu, 28 Aug 2003 14:08:50 +0100 + +gnupg (1.2.2-1) unstable; urgency=low + + * New upstream release. + * debian/control (Standards-Version): bump to 3.5.9.0. + * debian/rules (binary-arch): install convert-from-106 as + gpg-convert-from-106 and fix the path to gpg. + * debian/control: remove trailing full stop from short description. + * debian/control: remove out-dated and contradictory information about + RSA. + + -- James Troup Mon, 5 May 2003 03:08:58 +0100 + +gnupg (1.2.1-2) unstable; urgency=low + + * Update config.guess (to 2002-10-21) and config.sub (to 2002-09-05). + Thanks to Ryan Murray. Closes: #166696 + + -- James Troup Mon, 28 Oct 2002 01:47:26 +0000 + +gnupg (1.2.1-1) unstable; urgency=low + + * New upstream version. + * An inifinte loop in --update-trustdb has been fixed. Closes: #162039 + * The polish translation is now correctly specified as UTF-8. Closes: #162885 + * --refresh-keys is now documented in the manpage. Closes: #165566 + * debian/control (Conflicts): add gpg-idea <= 2.2 since gnupg >= 1.2 is + incompatible with that version of gpg-idea. Closes: #162314 + + -- James Troup Fri, 25 Oct 2002 18:18:43 +0100 + +gnupg (1.2.0-1) unstable; urgency=low + + * New upstream version. Closes: #161817. + * --options no longer mis-handles a directory as an argument. Closes: #151973 + * gpg now prompts before sending all keys to the keyserver. Closes: #64607 + * There is now a gnupg(7) manpage. Closes: #157750 + * The permission checking has been sanitized and handles non-home-dir + keyrings better. Closes: #147760 + * notation data longer than 5 characters is now handled. Closes: #156871 + * an abort when setting trust levels in a czech locale has been fixed. + Closes: #149212 + * debian/rules (binary-arch): there are no more modules, adjust + accordingly. + * debian/postinst, debian/prerm: remove; no longer do /usr/doc symlinks. + * debian/rules (binary-arch): don't install obsolete postinst or prerm. + * debian/rules (binary-arch): gzip gnupg.7 too. + * debian/rules (build): pass --libexecdir=/usr/lib/gnupg to configure. + * debian/rules (binary-arch): likewise, pass suitable libexcedir + argument to make install. + * debian/control (Standards-Version): update to 3.5.7.0. + * debian/copyright: update URL and date. + * debian/rules: update dates and version. + + -- James Troup Sun, 22 Sep 2002 22:26:25 +0100 + +gnupg (1.0.7-2) unstable; urgency=low + + * debian/control (Suggests): add xloadimage since that's what gpg uses + by default to view photo IDs. Thanks to Julien Danjou + for the suggestion. Closes: #156245 + * debian/control (Depends): add "hurd" to the alternatives to + makedev. Thanks to Michal Suchanek for + noticing. Closes: #158492 + * po/it.po: patch to fix typos from Marco Bodrato + Thu, 29 Aug 2002 01:42:58 +0100 + +gnupg (1.0.7-1) unstable; urgency=low + + * New upstream version. Closes: #145477. + * GDBM support has been removed. Closes: #33009. + * Now adds the default keyring when a keyring is specified. + Closes: #50616, #65260. + * Now does the Right Thing when receiving a key from the keyserver and + the key in question is in both a read-only and writable keyring. + Closes: #63297. + * Automatic key retrieval is now configurable. Closes: #64940. + * --no-options supresses ~/.gnupg creation again. Closes: #95486. + * duplicate trust entries are no longer treated as an error. Closes: #96480. + * There's now no comment line in ascii armours. Closes: #100088. + * Handle secret keyring given as keyring better. Closes: #100581, #106670. + * It's now documented that --with-colons unconditionally uses UTF8. + Closes: #101446, 101454. + * s/now/knows/ typo in manpage fixed. Closes: #107471. + * There's now support for a primary UID. Closes: #106567, #108155. + * Handles errors in uncompression layer beter. Closes: #112392. + * Key selection has been entirely revamped. Closes: #136170. + * Handles empty encrypt-to. Closes: #138378 + + * debian/rules (binary-arch): remove empty /usr/info directory, thanks + to Joey Hess . Closes: #121864. + * debian/control: remove duplicated word from long description, thanks + to Nicolas Boulenguez . Closes: #144786. + * README: correct URL to GPH and other docs, thanks to Mark Brown + . Closes: #100277. + * debian/control (Standards-Version): updated to 3.5.6.1. + * debian/rules (binary-arch): only strip ELF binaries. es_ES -> es hack + no longer needed as fixed upstream. + * debian/control (Build-Depends): remove libgdbmg1-dev; no longer used. + * debian/README.Debian: remove note about gdbm support which was finally + removed. Update note on old versions of gnupg to reflect the + pre-historic nature of those versions. + * debian/control (Build-Depends): add libldap2-dev. + * debian/rules (binary-arch): call dpkg-shlibdeps for all ELF binaries. + * debian/control (Build-Depends): add file. + * debian/control (Priority): increase to standard to match overrides. + + -- James Troup Sat, 11 May 2002 15:08:02 +0100 + +gnupg (1.0.6-3) unstable; urgency=low + + * moved into main. + + -- James Troup Tue, 19 Mar 2002 16:17:09 +0000 + +gnupg (1.0.6-2) unstable; urgency=high + + * debian/rules (binary-arch): remove the erroneous + /usr/share/locale/locale.alias that 'make install' adds; closes: + #99293. + + -- James Troup Wed, 30 May 2001 20:40:59 +0100 + +gnupg (1.0.6-1) unstable; urgency=low + + * New upstream version. + + -- James Troup Tue, 29 May 2001 20:59:49 +0100 + +gnupg (1.0.5-4) unstable; urgency=low + + * Patch from Werner. + + -- James Troup Sun, 27 May 2001 09:34:50 +0100 + +gnupg (1.0.5-3) unstable; urgency=low + + * Apply patch from Matthew Wilcox to fix assembly on + hppa. + + -- James Troup Sun, 13 May 2001 02:36:45 +0100 + +gnupg (1.0.5-2) unstable; urgency=medium + + * util/http.c: patch from Werner that fixes --send-key, closes: #96277. + * debian/control (Depends): accept devfsd in place of makedev, closes: + #96307. + + -- James Troup Mon, 7 May 2001 00:13:51 +0100 + +gnupg (1.0.5-1) unstable; urgency=low + + * New upstream version. + * debian/README.Debian: fix spelling and update URL. + * debian/rules (binary): remove the new info files. + * scripts/config.{guess,sub}: sync with subversions, closes: #95729. + + -- James Troup Mon, 30 Apr 2001 02:12:38 +0100 + +gnupg (1.0.4-4) unstable; urgency=low + + * po/ru.po: patch by Ilya Martynov to replace German + entries and add missing translations, closes: #93987. + * g10/revoke.c (ask_revocation_reason): typo fix (s/non longer/no + longer/g); noticed by Colin Watson , closes: + #93664. + + * Deprecated depreciated; noticed by Vincent Broman + . + + * Following two patches are from Vincent Broman. + * g10/mainproc.c (proc_tree): use iobuf_get_real_fname() in preference + to iobuf_get_fname(). + * g10/openfile.c (open_sigfile): handle .sign prefixed files correctly. + + -- James Troup Fri, 20 Apr 2001 23:32:44 +0100 + +gnupg (1.0.4-3) unstable; urgency=medium + + * debian/rules (binary): make gpg binary suid, closes: #86433. + * debian/postinst: don't use suidregister. + * debian/postrm: removed (only called suidunregister). + * debian/control: conflict with suidmanager << 0.50. + * mpi/longlong.h: apply fix for ARM long long artimetic from Philip + Blundell , closes: #87487. + * debian/preinst: the old GnuPG debs have moved to people.debian.org. + * cipher/random.c: #include as well as + * g10/misc.c: likewise. + * debian/rules: define a strip alias which removes the .comment and + .note sections. + * debian/rules (binary-arch): use it. + * debian/lintian.override: new file; override the SUID warning from + lintian. + * debian/rules (binary-arch): install it. + + -- James Troup Sun, 25 Feb 2001 05:24:58 +0000 + +gnupg (1.0.4-2) stable unstable; urgency=high + + * Apply security fix patch from Werner. + * Apply another patch from Werner to fix bogus warning on Rijndael + usage. + * Change section to 'non-US'. + + -- James Troup Mon, 12 Feb 2001 07:47:02 +0000 + +gnupg (1.0.4-1) stable unstable; urgency=high + + * New upstream version. + * Fixes a serious bug which could lead to false signature verification + results when more than one signature is fed to gpg. + + -- James Troup Tue, 17 Oct 2000 17:26:17 +0100 + +gnupg (1.0.3b-1) unstable; urgency=low + + * New upstream snapshot version. + + -- James Troup Fri, 13 Oct 2000 18:08:14 +0100 + +gnupg (1.0.3-2) unstable; urgency=low + + * debian/control: Conflict, Replace and Provide gpg-rsa & gpg-rsaref. + Fix long description to reflect the fact that RSA is no longer + patented and now included. [#72177] + * debian/rules: move faq.html to /usr/share/doc/gnupg/ and remove FAQ + from /usr/share/gnupg/. Thanks to Robert Luberda + for noticing. [#72151] + * debian/control: Suggest new package gnupg-doc. [#64323, #65560] + * utils/secmem.c (lock_pool): don't bomb out if mlock() returns ENOMEM, + as Linux will do this if resource limits (or other reasons) prevent + memory from being locked, instead treat it like permission was denied + and warn but continue. Thanks to Topi Miettinen + . [#70446] + * g10/hkp.c (not_implemented): s/ist/is/ in error message. + * debian/README.Debian: add a note about GDBM support and why it is + disabled. Upstream already fixed the manpage. [#65913] + * debian/rules (binary-arch): fix the Spanish translation to be 'es' not + 'es_ES' at Nicolás Lichtmaier 's request. [#57314] + + -- James Troup Sun, 1 Oct 2000 14:55:03 +0100 + +gnupg (1.0.3-1) unstable; urgency=low + + * New upstream version. + + -- James Troup Mon, 18 Sep 2000 15:56:54 +0100 + +gnupg (1.0.2-1) unstable; urgency=low + + * New upstream version. + + -- James Troup Thu, 13 Jul 2000 20:26:50 +0100 + +gnupg (1.0.1-2) unstable; urgency=low + + * debian/control (Build-Depends): added. + * debian/copyright: corrected location of copyright file. Removed + references to Linux. Removed warnings about beta nature of GnuPG. + * debian/rules (binary-arch): install documentation into + /usr/share/doc/gnupg/ and pass mandir to make install to ensure the + manpages go to /usr/share/man/. + * debian/postinst: create /usr/doc/gnupg symlink. + * debian/prerm: new file; remove /usr/doc/gnupg symlink. + * debian/rules (binary-arch): install prerm. + * debian/control (Standards-Version): updated to 3.1.1.1. + + -- James Troup Thu, 30 Dec 1999 16:16:49 +0000 + +gnupg (1.0.1-1) unstable; urgency=low + + * New upstream version. + * doc/gpg.1: updated to something usable from + ftp://ftp.gnupg.org/pub/gcrypt/gnupg/gpg.1.gz. + + -- James Troup Sun, 19 Dec 1999 23:47:10 +0000 + +gnupg (1.0.0-3) unstable; urgency=low + + * debian/rules (build): remove the stunningly ill-advised --host option + to configure. [#44698, #48212, #48281] + + -- James Troup Tue, 26 Oct 1999 01:12:59 +0100 + +gnupg (1.0.0-2) unstable; urgency=low + + * debian/rules (binary-arch): fix the permissions on the + modules. [#47280] + * debian/postinst, debian/postrm: fix the package name passed to + suidregister. [#45013] + * debian/control: update long description. [#44636] + * debian/rules (build): pass the host explicitly to configure to avoid + problems on sparc64. [(Should fix) #44698]. + + -- James Troup Wed, 20 Oct 1999 23:39:05 +0100 + +gnupg (1.0.0-1) unstable; urgency=low + + * New upstream release. [#44545] + + -- James Troup Wed, 8 Sep 1999 00:53:02 +0100 + +gnupg (0.9.10-2) unstable; urgency=low + + * debian/rules (binary-arch): install lspgpot. Requested by Kai + Henningsen . [#42288] + * debian/rules (binary-arch): correct the path where modules are looked + for. Reported by Karl M. Hegbloom . [#40881] + * debian/postinst, debian/postrm: under protest, register gpg the + package with suidmanager and make it suid by default. + [#29780,#32590,#40391] + + -- James Troup Tue, 10 Aug 1999 00:12:40 +0100 + +gnupg (0.9.10-1) unstable; urgency=low + + * New upstream version. + + -- James Troup Fri, 6 Aug 1999 01:16:21 +0100 + +gnupg (0.9.9-1) unstable; urgency=low + + * New upstream version. + + -- James Troup Sun, 25 Jul 1999 01:06:31 +0100 + +gnupg (0.9.8-1) unstable; urgency=low + + * New upstream version. + * debian/rules (binary-arch): don't create a gpgm manpage as the binary + no longer exists. Noticed by Wichert Akkerman + . [#38864] + + -- James Troup Sun, 27 Jun 1999 01:07:58 +0100 + +gnupg (0.9.7-1) unstable; urgency=low + + * New upstream version. + + -- James Troup Tue, 25 May 1999 13:23:24 +0100 + +gnupg (0.9.6-1) unstable; urgency=low + + * New upstream version. + * debian/copyright: update version number, noticed by Lazarus Long + . + * debian/control (Depends): depend on makedev (>= 2.3.1-13) to ensure + that /dev/urandom exists; reported by Steffen Markert + . [#32076] + + -- James Troup Tue, 11 May 1999 21:06:27 +0100 + +gnupg (0.9.5-1) unstable; urgency=low + + * New upstream version. + * debian/control (Description): no tabs. [Lintian] + + -- James Troup Wed, 24 Mar 1999 22:37:40 +0000 + +gnupg (0.9.4-1) unstable; urgency=low + + * New version. + * debian/control: s/GNUPG/GnuPG/ + + -- Werner Koch Mon, 8 Mar 1999 19:58:28 +0100 + +gnupg (0.9.3-1) unstable; urgency=low + + * New upstream version. + + -- James Troup Mon, 22 Feb 1999 22:55:04 +0000 + +gnupg (0.9.2-1) unstable; urgency=low + + * New version. + * debian/rules (build): Removed CFLAGS as the default is now sufficient. + * debian/rules (clean): remove special handling cleanup in intl. + + -- Werner Koch Wed, 20 Jan 1999 21:23:11 +0100 + +gnupg (0.9.1-1) unstable; urgency=low + + * New upstream version. + + -- James Troup Sat, 9 Jan 1999 22:29:11 +0000 + +gnupg (0.9.0-1) unstable; urgency=low + + * New upstream version. + * g10/armor.c (armor_filter): add missing new line in comment string; as + noticed by Stainless Steel Rat . + + -- James Troup Tue, 29 Dec 1998 20:22:43 +0000 + +gnupg (0.4.5-1) unstable; urgency=low + + * New upstream version. + * debian/rules (clean): force removal of intl/libintl.h which the + Makefiles fail to remove properly. + + -- James Troup Tue, 8 Dec 1998 22:40:23 +0000 + +gnupg (0.4.4-1) unstable; urgency=low + + * New upstream version. + + -- James Troup Sat, 21 Nov 1998 01:34:29 +0000 + +gnupg (0.4.3-1) unstable; urgency=low + + * New upstream version. + * debian/README.Debian: new file; contains same information as is in the + preinst. Suggested by Wichert Akkerman . + * debian/rules (binary-arch): install `README.Debian' + * debian/control (Standards-Version): updated to 2.5.0.0. + + -- James Troup Sun, 8 Nov 1998 19:08:12 +0000 + +gnupg (0.4.2-1) unstable; urgency=low + + * New upstream version. + * debian/preinst: improve message about the NEWS file which isn't + actually installed when it's referred to, thanks to Martin Mitchell + . + * debian/rules (binary-arch): don't install the now non-existent `rfcs', + but do install `OpenPGP'. + + -- James Troup Sun, 18 Oct 1998 22:48:34 +0100 + +gnupg (0.4.1-1) unstable; urgency=low + + * New upstream version. + * debian/rules (binary-arch): fix the gpgm manpage symlink now installed + by `make install'. + + -- James Troup Sun, 11 Oct 1998 17:01:21 +0100 + +gnupg (0.4.0-1) unstable; urgency=high + + * New upstream version. [#26717] + * debian/copyright: tone down warning about alpha nature of gnupg. + * debian/copyright: new maintainer address. + * debian/control: update extended description. + * debian/rules (binary-arch): install FAQ and all ChangeLogs. + * debian/preinst: new; check for upgrade from (<= 0.3.2-1) and warn about + incompatibilities in keyring format and offer to move old copy out of + gpg out of the way for transition strategy and inform the user about + the old copies of gnupg available on my web page. + * debian/rules (binary-arch) install preinst. + * debian/rules (binary-arch): don't depend on the test target as it is + now partially interactive (tries to generate a key, which requires + someone else to be using the computer). + + -- James Troup Thu, 8 Oct 1998 00:47:07 +0100 + +gnupg (0.3.2-1) unstable; urgency=low + + * New upstream version. + * debian/control (Maintainer): new address. + * debian/copyright: updated list of changes. + + -- James Troup Thu, 9 Jul 1998 21:06:07 +0200 + +gnupg (0.3.1-1) unstable; urgency=low + + * New upstream version. + + -- James Troup Tue, 7 Jul 1998 00:26:21 +0200 + +gnupg (0.3.0-2) unstable; urgency=low + + * Applied bug-fix patch from Werner. + + -- James Troup Fri, 26 Jun 1998 12:18:29 +0200 + +gnupg (0.3.0-1) unstable; urgency=low + + * New upstream version. + * debian/control: rewrote short and long description. + * cipher/Makefile.am: link tiger with -lc. + * debian/rules (binary-arch): strip loadable modules. + * util/secmem.c (lock_pool): get rid of errant test code; fix from + Werner Koch . + * debian/rules (test): new target which runs gnupg's test suite. + binary-arch depends on it, to ensure it's run whenever the package is + built. + + -- James Troup Thu, 25 Jun 1998 16:04:57 +0200 + +gnupg (0.2.19-1) unstable; urgency=low + + * New upstream version. + * debian/control: Updated long description. + + -- James Troup Sat, 30 May 1998 12:12:35 +0200 + +gnupg (0.2.18-1) unstable; urgency=low + + * New upstream version. + + -- James Troup Sat, 16 May 1998 11:52:47 +0200 + +gnupg (0.2.17-1) unstable; urgency=high + + * New upstream version. + * debian/control (Standards-Version): updated to 2.4.1.0. + * debian/control: tone down warning about alpha nature of gnupg, as per + README. + * debian/copyright: ditto. + + -- James Troup Mon, 4 May 1998 22:36:51 +0200 + +gnupg (0.2.15-1) unstable; urgency=high + + * New upstream version. + + -- James Troup Fri, 10 Apr 1998 01:12:20 +0100 + +gnupg (0.2.13-1) unstable; urgency=high + + * New upstream version. + + -- James Troup Wed, 11 Mar 1998 01:52:51 +0000 + +gnupg (0.2.12-1) unstable; urgency=low + + * New upstream version. + + -- James Troup Sat, 7 Mar 1998 13:52:40 +0000 + +gnupg (0.2.11-1) unstable; urgency=low + + * New upstream version. + + -- James Troup Wed, 4 Mar 1998 01:32:12 +0000 + +gnupg (0.2.10-1) unstable; urgency=low + + * New upstream version. + * Name changed upstream. + + -- James Troup Mon, 2 Mar 1998 07:32:05 +0000 + +g10 (0.2.7-1) unstable; urgency=low + + * Initial release. + + -- James Troup Fri, 20 Feb 1998 02:05:34 +0000 diff --git a/clean b/clean new file mode 100644 index 0000000..922f2c9 --- /dev/null +++ b/clean @@ -0,0 +1,8 @@ +po/*.gmo +po/stamp-po +build-gpgv-static/ +build-gpgv-udeb/ +build-gpgv-win32/ +doc/gnupg.info +doc/gnupg.info-1 +doc/gnupg.info-2 diff --git a/compat b/compat new file mode 100644 index 0000000..ec63514 --- /dev/null +++ b/compat @@ -0,0 +1 @@ +9 diff --git a/control b/control new file mode 100644 index 0000000..d13718d --- /dev/null +++ b/control @@ -0,0 +1,329 @@ +Source: gnupg2 +Section: utils +Priority: optional +Maintainer: Debian GnuPG Maintainers +Uploaders: + Eric Dorland , + Daniel Kahn Gillmor , +Standards-Version: 3.9.8 +Build-Depends: + automake, + autopoint, + debhelper (>= 9), + dh-autoreconf, + file, + gettext, + ghostscript, + imagemagick, + libassuan-dev (>= 2.4.3), + libbz2-dev, + libcurl4-gnutls-dev, + libgcrypt20-dev (>= 1.7.0), + libgnutls28-dev (>= 3.0), + libgpg-error-dev (>= 1.26-2~), + libksba-dev (>= 1.3.4), + libldap2-dev, + libnpth0-dev (>= 1.2), + libreadline-dev, + librsvg2-bin, + libsqlite3-dev, + libusb-1.0-0-dev [!hurd-any], + pkg-config, + texinfo, + transfig, + zlib1g-dev | libz-dev, +Build-Depends-Indep: + binutils-multiarch [!amd64 !i386], + libassuan-mingw-w64-dev, + libgcrypt-mingw-w64-dev, + libgpg-error-mingw-w64-dev, + libksba-mingw-w64-dev, + libnpth-mingw-w64-dev, + libz-mingw-w64-dev, + mingw-w64, +Vcs-Git: https://anonscm.debian.org/git/pkg-gnupg/gnupg2.git -b stretch +Vcs-Browser: https://anonscm.debian.org/git/pkg-gnupg/gnupg2.git +Homepage: https://www.gnupg.org/ + +Package: gnupg-agent +Architecture: any +Multi-Arch: foreign +Depends: + pinentry-curses | pinentry, + ${misc:Depends}, + ${shlibs:Depends}, +Recommends: + gnupg (= ${binary:Version}) | gpgsm, +Suggests: + dbus-user-session, + libpam-systemd, + pinentry-gnome3, + scdaemon, +Provides: + gpg-agent, +Description: GNU privacy guard - cryptographic agent + GnuPG is GNU's tool for secure communication and data storage. + It can be used to encrypt data and to create digital signatures. + It includes an advanced key management facility and is compliant + with the proposed OpenPGP Internet standard as described in RFC4880. + . + This package contains the agent program gpg-agent which handles all + secret key material for OpenPGP and S/MIME use. The agent also + provides a passphrase cache, which is used by pre-2.1 versions of + GnuPG for OpenPGP operations. + +Package: scdaemon +Architecture: any +Multi-Arch: foreign +Depends: + gnupg-agent (= ${binary:Version}), + ${misc:Depends}, + ${shlibs:Depends}, +Enhances: + gnupg-agent, +Description: GNU privacy guard - smart card support + GnuPG is GNU's tool for secure communication and data storage. + It can be used to encrypt data and to create digital signatures. + It includes an advanced key management facility and is compliant + with the proposed OpenPGP Internet standard as described in RFC4880. + . + This package contains the smart card program scdaemon, which is used + by gnupg-agent to access OpenPGP smart cards. + +Package: gpgsm +Architecture: any +Multi-Arch: foreign +Depends: + gnupg-agent (= ${binary:Version}), + ${misc:Depends}, + ${shlibs:Depends}, +Recommends: + dirmngr (= ${binary:Version}), +Breaks: + gnupg2 (<< 2.1.10-2), +Replaces: + gnupg2 (<< 2.1.10-2), +Description: GNU privacy guard - S/MIME version + GnuPG is GNU's tool for secure communication and data storage. + It can be used to encrypt data and to create digital signatures. + It includes an advanced key management facility and is compliant + with the proposed OpenPGP Internet standard as described in RFC4880. + . + This package contains the gpgsm program. gpgsm is a tool to provide + digital encryption and signing services on X.509 certificates and the + CMS protocol. gpgsm includes complete certificate management. + +Package: gnupg +Architecture: any +Multi-Arch: foreign +Depends: + gnupg-agent (= ${binary:Version}), + ${misc:Depends}, + ${shlibs:Depends}, +Recommends: + dirmngr (= ${binary:Version}), + gnupg-l10n (= ${source:Version}), + ${shlibs:Recommends}, +Suggests: + parcimonie, + xloadimage, +Breaks: + debsig-verify (<< 0.15), + dirmngr (<< ${binary:Version}), + gnupg2 (<< 2.1.11-7+exp1), + libgnupg-interface-perl (<< 0.52-3), + libgnupg-perl (<= 0.19-1), + libmail-gnupg-perl (<= 0.22-1), + monkeysphere (<< 0.38~), + php-crypt-gpg (<= 1.4.1-1), + python-apt (<= 1.1.0~beta4), + python-gnupg (<< 0.3.8-3), + python3-apt (<= 1.1.0~beta4), +Replaces: + gnupg2 (<< 2.1.11-7+exp1), +Provides: + gpg, +Description: GNU privacy guard - a free PGP replacement + GnuPG is GNU's tool for secure communication and data storage. + It can be used to encrypt data and to create digital signatures. + It includes an advanced key management facility and is compliant + with the proposed OpenPGP Internet standard as described in RFC4880. + . + This package contains /usr/bin/gpg and some helper utilities like + gpgconf and kbxutil. + +Package: gnupg2 +Architecture: all +Section: oldlibs +Priority: extra +Multi-Arch: foreign +Depends: + gnupg (>= ${source:Version}), + ${misc:Depends}, +Description: GNU privacy guard - a free PGP replacement (dummy transitional package) + GnuPG is GNU's tool for secure communication and data storage. + It can be used to encrypt data and to create digital signatures. + It includes an advanced key management facility and is compliant + with the proposed OpenPGP Internet standard as described in RFC4880. + . + This is a dummy transitional package that provides symlinks from gpg2 + to gpg. + +Package: gpgv +Architecture: any +Priority: important +Multi-Arch: foreign +Depends: + ${misc:Depends}, + ${shlibs:Depends}, +Breaks: + gnupg2 (<< 2.0.21-2), + gpgv2 (<< 2.1.11-7+exp1), + python-debian (<< 0.1.29), +Replaces: + gnupg2 (<< 2.0.21-2), + gpgv2 (<< 2.1.11-7+exp1), +Suggests: + gnupg, +Description: GNU privacy guard - signature verification tool + GnuPG is GNU's tool for secure communication and data storage. + . + gpgv is actually a stripped-down version of gpg which is only able + to check signatures. It is somewhat smaller than the fully-blown gpg + and uses a different (and simpler) way to check that the public keys + used to make the signature are valid. There are no configuration + files and only a few options are implemented. + +Package: gpgv2 +Section: oldlibs +Priority: extra +Architecture: all +Multi-Arch: foreign +Depends: + gpgv (>= ${source:Version}), + ${misc:Depends}, +Description: GNU privacy guard - signature verification tool (dummy transitional package) + GnuPG is GNU's tool for secure communication and data storage. gpgv + is a stripped-down version of gpg which is only able to check + signatures. + . + This is a dummy transitional package that provides symlinks from gpgv2 + to gpgv. + +Package: dirmngr +Architecture: any +Depends: + adduser, + lsb-base (>= 3.2-13), + ${misc:Depends}, + ${shlibs:Depends}, +Recommends: + gnupg (= ${binary:Version}), + ${shlibs:Recommends}, +Enhances: + gnupg, + gpgsm, + squid, +Breaks: + gnupg2 (<< 2.1.10-2), +Replaces: + gnupg2 (<< 2.1.10-2), +Suggests: + dbus-user-session, + libpam-systemd, + pinentry-gnome3, + tor, +Description: GNU privacy guard - network certificate management service + dirmngr is a server for managing and downloading OpenPGP and X.509 + certificates, as well as updates and status signals related to those + certificates. For OpenPGP, this means pulling from the public + HKP/HKPS keyservers, or from LDAP servers. For X.509 this includes + Certificate Revocation Lists (CRLs) and Online Certificate Status + Protocol updates (OCSP). It is capable of using tor for network + access. + . + dirmngr is used for network access by gpg, gpgsm, and dirmngr-client, + among other tools. + +Package: gpgv-udeb +Package-Type: udeb +Section: debian-installer +Priority: extra +Architecture: any +Depends: + ${misc:Depends}, + ${shlibs:Depends}, +Description: minimal signature verification tool + GnuPG is GNU's tool for secure communication and data storage. + It can be used to encrypt data and to create digital signatures. + It includes an advanced key management facility and is compliant + with the proposed OpenPGP Internet standard as described in RFC 4880. + . + This is GnuPG's signature verification tool, gpgv, packaged in minimal + form for use in debian-installer. + +Package: gpgv-static +Priority: extra +Architecture: any +Depends: + ${misc:Depends}, + ${shlibs:Depends}, +Recommends: + debian-archive-keyring, + debootstrap, +Description: minimal signature verification tool (static build) + GnuPG is GNU's tool for secure communication and data storage. + It can be used to encrypt data and to create digital signatures. + It includes an advanced key management facility and is compliant + with the proposed OpenPGP Internet standard as described in RFC 4880. + . + This is GnuPG's signature verification tool, gpgv, built statically + so that it can be directly used on any platform that is running on + the Linux kernel. Android and ChromeOS are two well known examples, + but there are many other platforms that this will work for, like + embedded Linux OSes. This gpgv in combination with debootstrap and + the Debian archive keyring allows the secure creation of chroot + installs on these platforms by using the full Debian signature + verification that is present in all official Debian mirrors. + +Package: gpgv-win32 +Architecture: all +Priority: extra +Multi-Arch: foreign +Depends: + ${misc:Depends}, +Suggests: + wine, +Description: GNU privacy guard - signature verification tool (win32 build) + GnuPG is GNU's tool for secure communication and data storage. + . + gpgv is a stripped-down version of gnupg which is only able to check + signatures. It is smaller than the full-blown gnupg and uses a + different (and simpler) way to check that the public keys used to + make the signature are trustworthy. + . + This is a win32 version of gpgv. It's meant to be used by the win32-loader + component of Debian-Installer. + +Package: gnupg-l10n +Architecture: all +Priority: extra +Multi-Arch: foreign +Depends: + ${misc:Depends}, +Enhances: + gnupg, +Breaks: + gnupg (<< 2.1.14-2~), + gnupg2 (<< 2.1.14-2~), +Replaces: + gnupg (<< 2.1.14-2~), + gnupg2 (<< 2.1.14-2~), +Description: GNU privacy guard - localization files + GnuPG is GNU's tool for secure communication and data storage. + It can be used to encrypt data and to create digital signatures. + It includes an advanced key management facility and is compliant + with the proposed OpenPGP Internet standard as described in RFC 4880. + . + This package contains the translation files for the use of GnuPG in + non-English locales. diff --git a/copyright b/copyright new file mode 100644 index 0000000..5676d81 --- /dev/null +++ b/copyright @@ -0,0 +1,233 @@ +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: GnuPG - The GNU Privacy Guard (modern version) +Upstream-Contact: GnuPG development mailing list +Source: https://gnupg.org/download/ + +Files: * +Copyright: 1992, 1995-2016, Free Software Foundation, Inc +License: GPL-3+ + +Files: agent/command.c + agent/command-ssh.c + agent/gpg-agent.c + common/homedir.c + common/sysutils.c + g10/mainproc.c +Copyright: 1998-2007, 2009, 2012, Free Software Foundation, Inc + 2013, Werner Koch +License: GPL-3+ + +Files: autogen.sh +Copyright: 2003, g10 Code GmbH +License: permissive + +Files: common/gc-opt-flags.h + common/i18n.h + tools/clean-sat.c + tools/no-libgcrypt.c +Copyright: 1998-2001, 2003, 2004, 2006, 2007 Free Software Foundation, Inc +License: permissive + +Files: common/localename.c +Copyright: 1985, 1989-1993, 1995-2003, 2007, 2008 Free Software Foundation, Inc. +License: LGPL-2.1+ + +Files: dirmngr/dns.c + dirmngr/dns.h +Copyright: 2008-2010, 2012-2016 William Ahern +License: Expat + +Files: doc/yat2m.c + scd/app-geldkarte.c +Copyright: 2004, 2005, g10 Code GmbH + 2006, 2008, 2009, 2011, Free Software Foundation, Inc +License: GPL-3+ + +Files: scd/ccid-driver.h + scd/ccid-driver.c +Copyright: 2003-2007, Free Software Foundation, Inc +License: GPL-3+ or BSD-3-clause + +Files: tools/rfc822parse.c + tools/rfc822parse.h +Copyright: 1999-2000, Werner Koch, Duesseldorf + 2003-2004, g10 Code GmbH +License: LGPL-3+ + +Files: tools/sockprox.c +Copyright: 2007, g10 Code GmbH +License: GPL-3+ + +Files: doc/OpenPGP +Copyright: 1998-2013 Free Software Foundation, Inc. + 1997, 1998, 2013 Werner Koch + 1998 The Internet Society +License: RFC-Reference + +Files: tests/gpgscm/* +Copyright: 2000, Dimitrios Souflis + 2016, Justus Winter, Werner Koch +License: TinySCHEME + +License: TinySCHEME + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are + met: + . + Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + . + Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + . + Neither the name of Dimitrios Souflis nor the names of the + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + . + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR + CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +License: permissive + This file is free software; as a special exception the author gives + unlimited permission to copy and/or distribute it, with or without + modifications, as long as this notice is preserved. + . + This file is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY, to the extent permitted by law; without even + the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR + PURPOSE. + +License: RFC-Reference + doc/OpenPGP merely cites and references IETF Draft + draft-ietf-openpgp-formats-07.txt. This is believed to be fair use; + but if not, it's covered by the source document's license under + the 'comment on' clause. The license statement follows. + . + This document and translations of it may be copied and furnished to + others, and derivative works that comment on or otherwise explain it + or assist in its implementation may be prepared, copied, published + and distributed, in whole or in part, without restriction of any + kind, provided that the above copyright notice and this paragraph + are included on all such copies and derivative works. However, this + document itself may not be modified in any way, such as by removing + the copyright notice or references to the Internet Society or other + Internet organizations, except as needed for the purpose of + developing Internet standards in which case the procedures for + copyrights defined in the Internet Standards process must be + followed, or as required to translate it into languages other than + English. + . + The limited permissions granted above are perpetual and will not be + revoked by the Internet Society or its successors or assigns. + + +License: GPL-3+ + GnuPG is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + . + GnuPG is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + . + You should have received a copy of the GNU General Public License + along with this program; if not, see . + . + On Debian systems, the full text of the GNU General Public + License version 3 can be found in the file + `/usr/share/common-licenses/GPL-3'. + +License: LGPL-3+ + This program is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as + published by the Free Software Foundation; either version 3 of + the License, or (at your option) any later version. + . + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + . + You should have received a copy of the GNU Lesser General Public + License along with this program; if not, see . + . + On Debian systems, the full text of the GNU Lesser General Public + License version 3 can be found in the file + `/usr/share/common-licenses/LGPL-3'. + +License: LGPL-2.1+ + This program is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as + published by the Free Software Foundation; either version 2.1 of + the License, or (at your option) any later version. + . + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + . + You should have received a copy of the GNU Lesser General Public + License along with this program; if not, see . + . + On Debian systems, the full text of the GNU Lesser General Public + License version 2.1 can be found in the file + `/usr/share/common-licenses/LGPL-2.1'. + +License: BSD-3-clause + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, and the entire permission notice in its entirety, + including the disclaimer of warranties. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the author may not be used to endorse or promote + products derived from this software without specific prior + written permission. + . + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED + WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, + INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + OF THE POSSIBILITY OF SUCH DAMAGE. + +License: Expat + Permission is hereby granted, free of charge, to any person obtaining a + copy of this software and associated documentation files (the + "Software"), to deal in the Software without restriction, including + without limitation the rights to use, copy, modify, merge, publish, + distribute, sublicense, and/or sell copies of the Software, and to permit + persons to whom the Software is furnished to do so, subject to the + following conditions: + . + The above copyright notice and this permission notice shall be included + in all copies or substantial portions of the Software. + . + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS + OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN + NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, + DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR + OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE + USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/dirmngr.NEWS b/dirmngr.NEWS new file mode 100644 index 0000000..b0c550f --- /dev/null +++ b/dirmngr.NEWS @@ -0,0 +1,49 @@ +dirmngr (2.1.18-1) unstable; urgency=medium + + If your machine is configured with system user session management, + dirmngr will be managed automatically by systemd's user sessions on + machines configured with use systemd. Please consider installing the + packages that the dirmngr package Suggests:, and see + /usr/share/doc/dirmngr/README.Debian for more details. + + -- Daniel Kahn Gillmor Mon, 23 Jan 2017 22:50:34 -0500 + +dirmngr (2.1.13-3) experimental; urgency=medium + + gpg and most related processes will auto-launch dirmngr if needed. + + Any user who wants to launch dirmngr manually should do so with: + + gpgconf --launch dirmngr + + and may want to terminate dirmngr when their session ends with: + + gpgconf --kill dirmngr + + Users on machines with systemd can ensure that dirmngr is always + running for their session (and that it gets terminated at logout) + with: + + gpgconf --kill dirmngr + systemctl --user enable dirmngr + systemctl --user start dirmngr + + -- Daniel Kahn Gillmor Tue, 28 Jun 2016 17:55:15 -0400 + +dirmngr (2.1.0~beta895-1) experimental; urgency=medium + + No more dirmngr system service! + =============================== + + As of the 2.1.0 beta series, dirmngr is a local daemon that works + closely with gnupg2. It is launched on its own, per-user, and + listens on a standard socket (usually ~/.gnupg/S.dirmngr). There is + no more system-wide dirmngr process. + + If there is a special case where a dirmngr system process is + actually needed, please report a bug in dirmngr, and we can sort out + a way to set one up for that case so that everyone with dirmngr + installed doesn't need to have it running. + + -- Daniel Kahn Gillmor Tue, 07 Oct 2014 10:33:52 -0400 + diff --git a/dirmngr.README.Debian b/dirmngr.README.Debian new file mode 100644 index 0000000..099240a --- /dev/null +++ b/dirmngr.README.Debian @@ -0,0 +1,47 @@ +dirmngr system integration +========================== + +Since 2.1.x, gpg and most related processes will auto-launch dirmngr +if needed. These auto-launched processes will inherit whatever +environment they started from, and they will not terminate +automatically. + +systemd +======= + +Since 2.1.17, users on machines with systemd will have a dirmngr +process launched automatically by systemd's user session, upon first +access of the standard socket. systemd will also cleanly tear this +process down at session logout. + +Users who don't want systemd to manage their dirmngr in this way for +all future sessions should do: + + systemctl --user mask --now dirmngr.socket + +Doing this means that dirmngr will fall back to its manual mode of +operation. (This decision can be reversed by the user with "unmask" +instead of "mask") + +See systemctl(1) for more details about managing the dirmngr.socket +unit. + +Manual dirmngr startup and teardown +=================================== + +Any user who wants to launch dirmngr manually (e.g., to talk to it +with a tool from outside the GnuPG suite) and is *not* using systemd +should first ensure that it is launched with: + + gpgconf --launch dirmngr + +If dirmngr is launched manually or automatically (but not supervised +by systemd), you also probably want to ensure that it terminates when +your session ends with: + + gpgconf --kill dirmngr + +If you're not using systemd, you may wish to add this command to your +session logout scripts. + + -- Daniel Kahn Gillmor , Mon, 23 Jan 2017 22:49:45 -0500 diff --git a/dirmngr.docs b/dirmngr.docs new file mode 100644 index 0000000..817be40 --- /dev/null +++ b/dirmngr.docs @@ -0,0 +1,4 @@ +AUTHORS +NEWS +THANKS +TODO diff --git a/dirmngr.install b/dirmngr.install new file mode 100644 index 0000000..4bd9ed2 --- /dev/null +++ b/dirmngr.install @@ -0,0 +1,6 @@ +debian/tmp/usr/bin/dirmngr +debian/tmp/usr/bin/dirmngr-client +debian/tmp/usr/lib/gnupg/dirmngr_ldap +debian/tmp/usr/share/gnupg/sks-keyservers.netCA.pem +doc/examples/systemd-user/dirmngr.service usr/lib/systemd/user +doc/examples/systemd-user/dirmngr.socket usr/lib/systemd/user diff --git a/dirmngr.links b/dirmngr.links new file mode 100644 index 0000000..ca801e7 --- /dev/null +++ b/dirmngr.links @@ -0,0 +1 @@ +usr/lib/systemd/user/dirmngr.socket /usr/lib/systemd/user/sockets.target.wants/dirmngr.socket diff --git a/dirmngr.maintscript b/dirmngr.maintscript new file mode 100644 index 0000000..aa11aa5 --- /dev/null +++ b/dirmngr.maintscript @@ -0,0 +1,5 @@ +rm_conffile /etc/default/dirmngr +rm_conffile /etc/dirmngr/dirmngr.conf +rm_conffile /etc/dirmngr/ldapservers.conf +rm_conffile /etc/init.d/dirmngr +rm_conffile /etc/logrotate.d/dirmngr diff --git a/dirmngr.manpages b/dirmngr.manpages new file mode 100644 index 0000000..93702d9 --- /dev/null +++ b/dirmngr.manpages @@ -0,0 +1,2 @@ +debian/tmp/usr/share/man/man1/dirmngr-client.1 +debian/tmp/usr/share/man/man8/dirmngr.8 diff --git a/gbp.conf b/gbp.conf new file mode 100644 index 0000000..b6518b7 --- /dev/null +++ b/gbp.conf @@ -0,0 +1,37 @@ +[DEFAULT] +pristine-tar = True +upstream-vcs-tag = gnupg-%(version)s +debian-branch = stretch + +[buildpackage] +compression = bzip2 + +[import-orig] +filter = [ + 'aclocal.m4', + 'build-aux/compile', + 'build-aux/config.rpath', + 'build-aux/depcomp', + 'build-aux/install-sh', + 'build-aux/missing', + 'build-aux/mkinstalldirs', + 'build-aux/texinfo.tex', + 'config.h.in', + 'configure', + 'doc/gnupg.info*', + 'INSTALL', + 'm4/intdiv0.m4', + 'm4/intl.m4', + 'm4/lock.m4', + 'm4/printf-posix.m4', + 'm4/size_max.m4', + 'm4/uintmax_t.m4', + 'm4/wint_t.m4', + '*/*/Makefile.in', + '*/Makefile.in', + 'Makefile.in', + 'po/*.gmo', + 'po/Makefile.in.in', + 'po/stamp-po', + ] +filter-pristine-tar = False diff --git a/gnupg-agent.NEWS b/gnupg-agent.NEWS new file mode 100644 index 0000000..69b4e49 --- /dev/null +++ b/gnupg-agent.NEWS @@ -0,0 +1,19 @@ +gnupg-agent (2.1.18-1) unstable; urgency=medium + + If your machine is configured with system user session management, + gpg-agent will be managed automatically by systemd's user sessions on + machines configured with use systemd. Please consider installing the + packages that the gnupg-agent package Suggests:, and see + /usr/share/doc/gnupg-agent/README.Debian for more details. + + -- Daniel Kahn Gillmor Mon, 23 Jan 2017 22:54:48 -0500 + +gnupg-agent (2.1.13-3) experimental; urgency=medium + + gpg-agent is no longer auto-launched by + /etc/X11/Xsession.d/90gpg-agent. Please read + /usr/share/doc/gnupg-agent/README.Debian for details about system + integration. + + -- Daniel Kahn Gillmor Tue, 28 Jun 2016 17:29:46 -0400 + diff --git a/gnupg-agent.README.Debian b/gnupg-agent.README.Debian new file mode 100644 index 0000000..f57d278 --- /dev/null +++ b/gnupg-agent.README.Debian @@ -0,0 +1,82 @@ +gpg-agent system integration +============================ + +Since 2.1.x, gpg and most related processes will auto-launch gpg-agent +if needed. These auto-launched processes will inherit whatever +environment they started from, and they will not terminate +automatically. + +systemd +======= + +Since 2.1.17, users on machines with systemd will have their gpg-agent +process launched automatically by systemd's user session, upon first +access of any of the expected gpg-agent sockets (including the ssh +socket). systemd will also cleanly tear this process down at session +logout. + +If dbus-user-session and pinentry-gnome3 packages are installed, then +all user interaction with this systemd-managed gpg-agent process +(e.g. prompting for passwords or confirmations, etc) will take place +over the d-bus session, for better integration with graphical +environments like GNOME. + +Users who don't want systemd to manage their gpg-agent in this way for +all future sessions should do: + + systemctl --user mask --now gpg-agent.service gpg-agent.socket gpg-agent-ssh.socket gpg-agent-extra.socket gpg-agent-browser.socket + +Doing this means that gpg-agent will fall back to its manual mode of +operation. (This decision can be reversed by the user with "unmask" +instead of "mask") + +See systemctl(1) for more details about managing the gpg-agent*.socket +units. + +ssh-agent emulation +=================== + +gpg-agent offers an ssh-agent emulation which can be achieved by +setting the environment variable SSH_AUTH_SOCK to: + + /run/user/$(id -u)/gnupg/S.gpg-agent.ssh + +(replace $(id -u) with the user's numeric user ID, of course). + +But ssh doesn't have a way to tell ssh-agent how to prompt the user +when necessary; the systemd-managed gpg-agent process will only know +how to prompt the user if you have dbus-user-session and +pinentry-gnome3 installed. This is the recommended configuration for +gpg-agent's ssh-agent emulation on desktop machines running systemd, +and doesn't need any additional configuration. + +However, if dbus-user-session and pinentry-gnome3 are not in use, by +default the systemd-managed gpg-agent will not know how to get +feedback from the user when a request is first received by ssh. You +can give it a hint for all future ssh connections by running: + + gpg-connect-agent updatestartuptty /bye + +You may wish to do this in the login scripts for your user session if +you run systemd without dbus-user-session and pinentry-gnome3, and you +plan to use gpg-agent's ssh-agent emulation. + +Manual gpg-agent startup and teardown +===================================== + +Any user who wants to launch gpg-agent manually (e.g., to talk to it +with a tool from outside the GnuPG suite) and is *not* using systemd +should first ensure that it is launched with: + + gpgconf --launch gpg-agent + +If gpg-agent is launched manually or automatically (but not supervised +by systemd), you probably want to ensure that it terminates when your +session ends with: + + gpgconf --kill gpg-agent + +If you're not using systemd, you may wish to add this to your session +logout scripts. + + -- Daniel Kahn Gillmor , Mon, 23 Jan 2017 22:56:08 -0500 diff --git a/gnupg-agent.examples b/gnupg-agent.examples new file mode 100644 index 0000000..34213be --- /dev/null +++ b/gnupg-agent.examples @@ -0,0 +1,2 @@ +doc/examples/pwpattern.list +doc/examples/trustlist.txt diff --git a/gnupg-agent.install b/gnupg-agent.install new file mode 100644 index 0000000..2a4dcbe --- /dev/null +++ b/gnupg-agent.install @@ -0,0 +1,12 @@ +debian/Xsession.d/90gpg-agent etc/X11/Xsession.d +debian/systemd-user/gpg-agent-browser.socket usr/lib/systemd/user +debian/tmp/usr/bin/gpg-agent +debian/tmp/usr/bin/gpg-connect-agent +debian/tmp/usr/bin/symcryptrun +debian/tmp/usr/lib/gnupg/gpg-check-pattern +debian/tmp/usr/lib/gnupg/gpg-preset-passphrase +debian/tmp/usr/lib/gnupg/gpg-protect-tool +doc/examples/systemd-user/gpg-agent-extra.socket usr/lib/systemd/user +doc/examples/systemd-user/gpg-agent-ssh.socket usr/lib/systemd/user +doc/examples/systemd-user/gpg-agent.service usr/lib/systemd/user +doc/examples/systemd-user/gpg-agent.socket usr/lib/systemd/user diff --git a/gnupg-agent.links b/gnupg-agent.links new file mode 100644 index 0000000..90f6ce1 --- /dev/null +++ b/gnupg-agent.links @@ -0,0 +1,6 @@ +usr/lib/gnupg/gpg-preset-passphrase usr/lib/gnupg2/gpg-preset-passphrase +usr/lib/gnupg/gpg-protect-tool usr/lib/gnupg2/gpg-protect-tool +usr/lib/systemd/user/gpg-agent-browser.socket usr/lib/systemd/user/sockets.target.wants/gpg-agent-browser.socket +usr/lib/systemd/user/gpg-agent-extra.socket usr/lib/systemd/user/sockets.target.wants/gpg-agent-extra.socket +usr/lib/systemd/user/gpg-agent-ssh.socket usr/lib/systemd/user/sockets.target.wants/gpg-agent-ssh.socket +usr/lib/systemd/user/gpg-agent.socket usr/lib/systemd/user/sockets.target.wants/gpg-agent.socket diff --git a/gnupg-agent.manpages b/gnupg-agent.manpages new file mode 100644 index 0000000..4819831 --- /dev/null +++ b/gnupg-agent.manpages @@ -0,0 +1,5 @@ +debian/gpg-check-pattern.1 +debian/tmp/usr/share/man/man1/gpg-agent.1 +debian/tmp/usr/share/man/man1/gpg-connect-agent.1 +debian/tmp/usr/share/man/man1/gpg-preset-passphrase.1 +debian/tmp/usr/share/man/man1/symcryptrun.1 diff --git a/gnupg-l10n.install b/gnupg-l10n.install new file mode 100644 index 0000000..9aaad82 --- /dev/null +++ b/gnupg-l10n.install @@ -0,0 +1,2 @@ +debian/tmp/usr/share/gnupg/help.*.txt +debian/tmp/usr/share/locale diff --git a/gnupg.README.Debian b/gnupg.README.Debian new file mode 100644 index 0000000..24944d3 --- /dev/null +++ b/gnupg.README.Debian @@ -0,0 +1,44 @@ +Using "Modern" GnuPG +==================== + +As of version 2.1.11-7+exp1, the gnupg package is provided by the "modern" +version of GnuPG. + +This means: + + * supporting daemons are auto-launched as needed + + * all access to secret key material is handled by gpg-agent + + * all smartcard access is handled by scdaemon + + * all network access is handled by dirmngr + + * PGPv3 keys are no longer supported + + * secret keys are no longer stored in $GNUPGHOME/secring.gpg, but + instead in $GNUPGHOME/private-keys-v1.d/ + + * public keyrings are stored in keybox format (~/.gnupg/pubring.kbx) by + default for new users. Upgrading users will continue to use + pubring.gpg until they decide to explicitly convert. + +Converting an existing installation +----------------------------------- + +If you have an existing GnuPG homedir from "classic" GnuPG, secret +keys should be migrated automatically upon the first run of the +"modern" version. + +If you have any secret keys that are stored only in a smartcard, after +your first use of "modern" gpg you should insert the card and run: + + gpg --card-status + + (see https://bugs.debian.org/795881) + +Public keys will not be automatically migrated from pubring.gpg to +pubring.kbx, however. If you want to migrate your public keyring, you +can use a script like /usr/bin/migrate-pubring-from-classic-gpg + + -- Daniel Kahn Gillmor , Mon, 18 Apr 2016 19:08:36 -0400 diff --git a/gnupg.docs b/gnupg.docs new file mode 100644 index 0000000..b182260 --- /dev/null +++ b/gnupg.docs @@ -0,0 +1,9 @@ +NEWS +README +THANKS +TODO +doc/DETAILS +doc/FAQ +doc/HACKING +doc/KEYSERVER +doc/OpenPGP diff --git a/gnupg.examples b/gnupg.examples new file mode 100644 index 0000000..3e74b94 --- /dev/null +++ b/gnupg.examples @@ -0,0 +1 @@ +doc/examples/gpgconf.conf diff --git a/gnupg.info b/gnupg.info new file mode 100644 index 0000000..e4baa0f --- /dev/null +++ b/gnupg.info @@ -0,0 +1,3 @@ +debian/tmp/usr/share/info/gnupg.info* +doc/gnupg-card-architecture.png +doc/gnupg-module-overview.png diff --git a/gnupg.install b/gnupg.install new file mode 100644 index 0000000..9208425 --- /dev/null +++ b/gnupg.install @@ -0,0 +1,12 @@ +build/tools/gpg-zip usr/bin +build/tools/gpgsplit usr/bin +debian/migrate-pubring-from-classic-gpg usr/bin +debian/tmp/usr/bin/gpg +debian/tmp/usr/bin/gpgconf +debian/tmp/usr/bin/gpgparsemail +debian/tmp/usr/bin/kbxutil +debian/tmp/usr/bin/watchgnupg +debian/tmp/usr/sbin/addgnupghome +debian/tmp/usr/sbin/applygnupgdefaults +debian/tmp/usr/share/gnupg/distsigkey.gpg +tools/lspgpot usr/bin diff --git a/gnupg.manpages b/gnupg.manpages new file mode 100644 index 0000000..4fc76c3 --- /dev/null +++ b/gnupg.manpages @@ -0,0 +1,11 @@ +debian/gpg-zip.1 +debian/gpgsplit.1 +debian/kbxutil.1 +debian/lspgpot.1 +debian/migrate-pubring-from-classic-gpg.1 +debian/tmp/usr/share/man/man1/gpg.1 +debian/tmp/usr/share/man/man1/gpgconf.1 +debian/tmp/usr/share/man/man1/gpgparsemail.1 +debian/tmp/usr/share/man/man1/watchgnupg.1 +debian/tmp/usr/share/man/man8/addgnupghome.8 +debian/tmp/usr/share/man/man8/applygnupgdefaults.8 diff --git a/gnupg2.links b/gnupg2.links new file mode 100644 index 0000000..96fde98 --- /dev/null +++ b/gnupg2.links @@ -0,0 +1,2 @@ +usr/bin/gpg usr/bin/gpg2 +usr/share/man/man1/gpg.1.gz usr/share/man/man1/gpg2.1.gz diff --git a/gpg-check-pattern.1 b/gpg-check-pattern.1 new file mode 100644 index 0000000..05dbc1e --- /dev/null +++ b/gpg-check-pattern.1 @@ -0,0 +1,35 @@ +.TH GPG-CHECK-PATTERN "1" "March 2016" "gpg-check-pattern (GnuPG) 2.1.11" "User Commands" + +.SH NAME +gpg-check-pattern \- Check a passphrase on stdin against the patternfile + +.SH SYNOPSIS +.B gpg\-check\-pattern +.RB [ options ] +.I patternfile + +.SH DESCRIPTION +.B gpg\-check\-pattern checks a passphrase given on stdin against a specified patternfile. + +.SH OPTIONS +.TP +.BR \-v ", " \-\-verbose +Produce verbose output +.TP +.BR \-\-check +run only a syntax check on the patternfile +.TP +.BR \-0 ", " \-\-null +input is expected to be null delimited +.PP +Please report bugs to . + +.SH COPYRIGHT +Copyright \(co 2016 Free Software Foundation, Inc. +License GPLv3+: GNU GPL version 3 or later + +This is free software: you are free to change and redistribute it. +There is NO WARRANTY, to the extent permitted by law. + +This manpage was written by \fBDaniel Kahn Gillmor\fR for the Debian +distribution (but may be used by others). diff --git a/gpg-zip.1 b/gpg-zip.1 new file mode 100644 index 0000000..cba5db4 --- /dev/null +++ b/gpg-zip.1 @@ -0,0 +1,102 @@ +.TH "GPG\-ZIP" 1 "November 2006" + +.SH NAME +gpg\-zip \- encrypt or sign files into an archive + +.SH SYNOPSIS +.B gpg\-zip +.RB [ OPTIONS ] +.IR filename1 " [" "filename2, ..." ] +.IR directory1 " [" "directory2, ..." ] + +.SH DESCRIPTION +This manual page documents briefly the +.B gpg\-zip +command. +.PP +.B gpg\-zip +encrypts or signs files into an archive. It is an gpg-ized tar using the +same format as PGP's PGP Zip. + +.SH OPTIONS +.TP +.BR \-e ", " \-\-encrypt +Encrypt data. This option may be combined with +.B \-\-symmetric +(for output that may be decrypted via a secret key or a passphrase). +.TP +.BR \-d ", " \-\-decrypt +Decrypt data. +.TP +.BR \-c ", " \-\-symmetric +Encrypt with a symmetric cipher using a passphrase. The default +symmetric cipher used is CAST5, but may be chosen with the +.B \-\-cipher\-algo +option to +.BR gpg (1). +.TP +.BR \-s ", " \-\-sign +Make a signature. See +.BR gpg (1). +.TP +.BR \-r ", " \-\-recipient " \fIUSER\fR" +Encrypt for user id \fIUSER\fR. See +.BR gpg (1). +.TP +.BR \-u ", " \-\-local\-user " \fIUSER\fR" +Use \fIUSER\fR as the key to sign with. See +.BR gpg (1). +.TP +.B \-\-list\-archive +List the contents of the specified archive. +.TP +.BR \-o ", " \-\-output " " \fIFILE\fR" +Write output to specified file +.IR FILE . +.TP +.BI \-\-gpg " GPG" +Use the specified command instead of +.BR gpg . +.TP +.BI \-\-gpg\-args " ARGS" +Pass the specified options to +.BR gpg (1). +.TP +.BI \-\-tar " TAR" +Use the specified command instead of +.BR tar . +.TP +.BI \-\-tar\-args " ARGS" +Pass the specified options to +.BR tar (1). +.TP +.BR \-h ", " \-\-help +Output a short usage information. +.TP +.B \-\-version +Output the program version. + +.SH DIAGNOSTICS +The program returns \fB0\fR if everything was fine, \fB1\fR otherwise. + +.SH EXAMPLES +Encrypt the contents of directory \fImydocs\fR for user Bob to file \fItest1\fR: +.IP +.B gpg\-zip \-\-encrypt \-\-output test1 \-\-gpg-args ""\-r Bob"" mydocs +.PP +List the contents of archive \fItest1\fR: +.IP +.B gpg\-zip \-\-list\-archive test1 + +.SH SEE ALSO +.BR gpg (1), +.BR tar (1) + +.SH AUTHOR +Copyright (C) 2005 Free Software Foundation, Inc. Please report bugs to +<\&bug-gnupg@gnu.org\&>. + +This manpage was written by \fBColin Tuckley\fR <\&colin@tuckley.org\&> +and \fBDaniel Leidert\fR <\&daniel.leidert@wgdd.de\&> for the Debian +distribution (but may be used by others). + diff --git a/gpgsm.install b/gpgsm.install new file mode 100644 index 0000000..8822607 --- /dev/null +++ b/gpgsm.install @@ -0,0 +1 @@ +debian/tmp/usr/bin/gpgsm diff --git a/gpgsm.manpages b/gpgsm.manpages new file mode 100644 index 0000000..ad6a686 --- /dev/null +++ b/gpgsm.manpages @@ -0,0 +1 @@ +debian/tmp/usr/share/man/man1/gpgsm.1 diff --git a/gpgsplit.1 b/gpgsplit.1 new file mode 100644 index 0000000..116ce89 --- /dev/null +++ b/gpgsplit.1 @@ -0,0 +1,41 @@ +.TH "gpgsplit" 1 "December 2005" + +.SH NAME +gpgsplit \- Split an OpenPGP message into packets + +.SH SYNOPSIS +.B gpgsplit +.RI [ OPTIONS ] +.RI [ FILES ] + +.SH DESCRIPTION +This manual page documents briefly the +.B gpgsplit +command. +.PP +.B gpgsplit +splits an OpenPGP message into packets. + +.SH OPTIONS +.TP +.BR \-v , \-\-verbose +Verbose. +.TP +.BR \-p , "\-\-prefix " \fISTRING\fR +Prepend filenames with \fISTRING\fR. +.TP +.B \-\-uncompress +Uncompress a packet. +.TP +.B \-\-secret\-to\-public +Convert secret keys to public keys. +.TP +.B \-\-no\-split +Write to stdout and don't actually split. + +.SH AUTHOR +Copyright (C) 2002 Free Software Foundation, Inc. Please report bugs to +. + +This manpage was written by Francois Wendling . + diff --git a/gpgv-static.1 b/gpgv-static.1 new file mode 100644 index 0000000..c8dcc1a --- /dev/null +++ b/gpgv-static.1 @@ -0,0 +1,32 @@ +.TH GPGV-STATIC "1" "November 2016" "GnuPG" "Gnu Privacy Guard 2.1" + +.SH NAME +gpgv-static - Verify OpenPGP signatures (static build) + +.SH SYNOPSIS +.B gpgv-static [\fIoptions\fP] \fIsigned_files\fP + +.SH DESCRIPTION +\fBgpgv\fR is an OpenPGP signature verification tool. + +\fBgpgv-static\fR is \fBgpgv\fR built statically so that it can be +directly used on any platform that is running on the Linux kernel, +such as Android, ChromeOS, or many embedded Linux systems. + +This version of \fBgpgv\fR in combination with \fBdebootstrap\fR and +the Debian archive keyring allows the secure creation of chroot +installs on these platforms by using the full Debian signature +verification that is present in all official Debian mirrors. + +You may wish to re-name the binary to plain \fBgpgv\fR when +transferring it into such a platform to create a chroot. + +Please read the documentation for \fBgpgv\fR for more details. + +.SH SEE ALSO +\fBgpg\fR(1) + +.SH AUTHOR +This manual page was written by Daniel Kahn Gillmor + for the Debian project, but may be used by +others under the same license as GnuPG itself. diff --git a/gpgv-static.install b/gpgv-static.install new file mode 100644 index 0000000..adb6deb --- /dev/null +++ b/gpgv-static.install @@ -0,0 +1 @@ +build-gpgv-static/g10/gpgv-static usr/bin/ diff --git a/gpgv-static.lintian-overrides b/gpgv-static.lintian-overrides new file mode 100644 index 0000000..fa0b8df --- /dev/null +++ b/gpgv-static.lintian-overrides @@ -0,0 +1,3 @@ +# gpgv-static is deliberately built statically. We cannot avoid +# embedding zlib. +gpgv-static: embedded-library usr/bin/gpgv-static: zlib diff --git a/gpgv-static.manpages b/gpgv-static.manpages new file mode 100644 index 0000000..e3f73aa --- /dev/null +++ b/gpgv-static.manpages @@ -0,0 +1 @@ +debian/gpgv-static.1 diff --git a/gpgv-udeb.install b/gpgv-udeb.install new file mode 100644 index 0000000..fe27533 --- /dev/null +++ b/gpgv-udeb.install @@ -0,0 +1 @@ +build-gpgv-udeb/g10/gpgv usr/bin/ diff --git a/gpgv-win32.install b/gpgv-win32.install new file mode 100644 index 0000000..cf3cd8c --- /dev/null +++ b/gpgv-win32.install @@ -0,0 +1 @@ +build-gpgv-win32/g10/gpgv.exe usr/share/win32 diff --git a/gpgv.install b/gpgv.install new file mode 100644 index 0000000..0a9f9a2 --- /dev/null +++ b/gpgv.install @@ -0,0 +1 @@ +debian/tmp/usr/bin/gpgv diff --git a/gpgv.manpages b/gpgv.manpages new file mode 100644 index 0000000..86a9e29 --- /dev/null +++ b/gpgv.manpages @@ -0,0 +1 @@ +debian/tmp/usr/share/man/man1/gpgv.1 diff --git a/gpgv2.links b/gpgv2.links new file mode 100644 index 0000000..5107429 --- /dev/null +++ b/gpgv2.links @@ -0,0 +1,2 @@ +usr/bin/gpgv usr/bin/gpgv2 +usr/share/man/man1/gpgv.1.gz usr/share/man/man1/gpgv2.1.gz diff --git a/kbxutil.1 b/kbxutil.1 new file mode 100644 index 0000000..52b338a --- /dev/null +++ b/kbxutil.1 @@ -0,0 +1,62 @@ +.TH KBXUTIL "1" "March 2016" "kbxutil (GnuPG) 2.1.11" "User Commands" + +.SH NAME +kbxutil \- List, export, import Keybox data + +.SH SYNOPSIS +.B kbxutil +.RB [ OPTIONS ] +.RB [ FILES ] + +.SH DESCRIPTION +List, export, import Keybox data + +.SH COMMANDS +.TP +.B \-\-stats +show key statistics +.TP +.B \-\-import\-openpgp +import OpenPGP keyblocks +.TP +.B \-\-find\-dups +find duplicates +.TP +.B \-\-cut +export records + +.SH OPTIONS +.TP +.BI \-\-from " N" +first record to export +.TP +.BI \-\-to " N" +last record to export +.TP +.BR \-v ", " \-\-verbose +verbose +.TP +.BR \-q ", " \-\-quiet +be somewhat more quiet +.TP +.BR \-n ", " \-\-dry\-run +do not make any changes +.TP +.B \-\-debug +set debugging flags +.TP +.B \-\-debug\-all +enable full debugging + +.SH BUGS +Please report bugs to . + +.SH COPYRIGHT +Copyright \(co 2016 Free Software Foundation, Inc. +License GPLv3+: GNU GPL version 3 or later + +This is free software: you are free to change and redistribute it. +There is NO WARRANTY, to the extent permitted by law. + +This manpage was written by \fBDaniel Kahn Gillmor\fR for the Debian +distribution (but may be used by others). diff --git a/lspgpot.1 b/lspgpot.1 new file mode 100644 index 0000000..ba27eca --- /dev/null +++ b/lspgpot.1 @@ -0,0 +1,22 @@ +.TH "lspgpot" 1 "December 2005" + +.SH NAME +lspgpot - extracts the ownertrust values from PGP keyrings and list them in +GnuPG ownertrust format. + + +.SH SYNOPSIS +.B lspgpot + + +.SH DESCRIPTION +.B lspgpot +extracts the ownertrust values from PGP keyrings and list them in +GnuPG ownertrust format. + +.SH AUTHOR +Copyright (C) 2002 Free Software Foundation, Inc. Please report bugs to +. + +This manpage was written by Francois Wendling . + diff --git a/migrate-pubring-from-classic-gpg b/migrate-pubring-from-classic-gpg new file mode 100755 index 0000000..13ee1f8 --- /dev/null +++ b/migrate-pubring-from-classic-gpg @@ -0,0 +1,76 @@ +#!/bin/bash + +# script to migrate fully from pubring.gpg to pubring.kbx + +# Author: Daniel Kahn Gillmor +# Date: 2016-04-01 +# License: GPLv3+ + +# This was written for the Debian project + +set -e + +GPG="${GPG:-gpg}" + +# select the default GnuPG home directory to work from: +GHD=${GNUPGHOME:-${HOME:-$(getent passwd "$(id -u)" | cut -f6 -d:)}/.gnupg} + +# Check that this is gnupg 2.1 or 2.2: +VERSION=$("$GPG" --version | head -n1 | cut -f3 -d\ | cut -f1,2 -d.) +if [ "$VERSION" != 2.1 ] && [ "$VERSION" != 2.2 ] ; then + printf '%s is version %s not version 2.1 or 2.2, this script might be wrong\n' "$GPG" "$VERSION" >&2 + exit 1 +fi + +usage() { + printf 'Usage: %s [GPGHOMEDIR|--default] +\tMigrate public keyring in GPGHOMEDIR from "classic" to "modern" GnuPG +\tusing %s version %s. + +\t--default migrates the GnuPG home directory at "%s" +' "$0" "$GPG" "$VERSION" "$GHD" +} + +if [ -z "$1" ]; then + usage >&2 + exit 1 +else + case "$1" in + --help|--usage|-h) + usage + exit + ;; + --default) + ;; + *) + GHD="$1" + ;; + esac +fi + +# ensure that there is a pubring.gpg to migrate: +if ! [ -f "$GHD/pubring.gpg" ]; then + printf 'There is no %s/pubring.gpg, no need to migrate\n' "$GHD" >&2 + exit +fi +if ! [ -s "$GHD/pubring.gpg" ]; then + mv -- "$GHD/pubring.gpg" "$GHD/pubring.gpg.empty" + printf '%s/pubring.gpg was empty (and has been moved out of the way), no need to migrate\n' "$GHD" >&2 + exit +fi + +BACKUP="$(mktemp -d "$GHD/migrate-from-classic-backup.$(date +%F).XXXXXX")" +printf 'Migrating from:\n%s\n[Backing up to %s]\n' "$(ls -l "$GHD/pubring.gpg")" "$BACKUP" >&2 + +"$GPG" --export-ownertrust > "$BACKUP/ownertrust.txt" +mv "$GHD/pubring.gpg" "$BACKUP/" +"$GPG" --import-options import-local-sigs,keep-ownertrust,repair-pks-subkey-bug --import < "$BACKUP/pubring.gpg" +"$GPG" --import-ownertrust < "$BACKUP/ownertrust.txt" +"$GPG" --check-trustdb + +if ! [ -f "$GHD/pubring.kbx" ]; then + printf 'No keybox was created at %s/pubring.kbx. Something went wrong!\n' "$GHD" >&2 + exit 1 +fi + +printf 'Migration completed successfully:\n%s\n' "$(ls -l "$GHD/pubring.kbx")" >&2 diff --git a/migrate-pubring-from-classic-gpg.1 b/migrate-pubring-from-classic-gpg.1 new file mode 100644 index 0000000..4d26b89 --- /dev/null +++ b/migrate-pubring-from-classic-gpg.1 @@ -0,0 +1,50 @@ +.TH "MIGRATE-PUBRING-FROM-CLASSIC-GPG" 1 "April 2016" + +.SH NAME +migrate\-pubring\-from\-classic\-gpg \- Migrate a public keyring from "classic" to "modern" GnuPG + +.SH SYNOPSIS +.B migrate\-pubring\-from\-classic\-gpg +.RB "[ " GPGHOMEDIR " | " +.IR \-\-default " ]" + +.SH DESCRIPTION + +.B migrate\-pubring\-from\-classic\-gpg +migrates the public keyring in GnuPG home directory GPGHOMEDIR from +the "classic" keyring format to the "modern" keybox format using GnuPG +versions 2.1 or 2.2. + +Specifying +.B \-\-default +selects the standard GnuPG home directory (looking at $GNUPGHOME +first, and falling back to ~/.gnupg if unset. + +.SH OPTIONS +.BR \-h ", " \-\-help ", " \-\-usage +Output a short usage information. + +.SH DIAGNOSTICS +The program sends quite a bit of text (perhaps too much) to stderr. + +During a migration, the tool backs up several pieces of data in a +timestamped subdirectory of the GPGHOMEDIR. + +.SH ENVIRONMENT VARIABLES + +.B GNUPGHOME +Selects the GnuPG home directory when set and --default is given. + +.B GPG +The name of the +.B gpg +executable (defaults to +.B gpg +). + +.SH SEE ALSO +.BR gpg (1) + +.SH AUTHOR +Copyright (C) 2016 Daniel Kahn Gillmor for the Debian project. Please +report bugs via the Debian BTS. diff --git a/patches/0012-tools-Fix-memory-leak.patch b/patches/0012-tools-Fix-memory-leak.patch new file mode 100644 index 0000000..4d47557 --- /dev/null +++ b/patches/0012-tools-Fix-memory-leak.patch @@ -0,0 +1,28 @@ +From: Justus Winter +Date: Mon, 23 Jan 2017 11:52:30 +0100 +Subject: tools: Fix memory leak. + +* tools/gpgconf-comp.c (change_options_file): Fix leak. +-- +Previously, 'src_filename' and 'orig_filename' leaked if creating the +backup file failed. + +Signed-off-by: Justus Winter +(cherry picked from commit 5b28f025085b386e0ec49535d4cd3f875a414eb0) +--- + tools/gpgconf-comp.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c +index a25b5136e..85eb80ab5 100644 +--- a/tools/gpgconf-comp.c ++++ b/tools/gpgconf-comp.c +@@ -2641,6 +2641,8 @@ change_options_file (gc_component_t component, gc_backend_t backend, + if (res < 0 && errno != ENOENT) + { + xfree (dest_filename); ++ xfree (src_filename); ++ xfree (orig_filename); + return -1; + } + if (res < 0) diff --git a/patches/0013-tools-Improve-error-handling.patch b/patches/0013-tools-Improve-error-handling.patch new file mode 100644 index 0000000..b0034da --- /dev/null +++ b/patches/0013-tools-Improve-error-handling.patch @@ -0,0 +1,29 @@ +From: Justus Winter +Date: Mon, 23 Jan 2017 14:24:22 +0100 +Subject: tools: Improve error handling. + +* tools/gpgconf-comp.c (gp_component_change_options): Improve error +handling when reading from stdin. +-- +Previously, errors encountered while reading the configuration changes +were ignored. + +Signed-off-by: Justus Winter +(cherry picked from commit b0348fdb26637b0bcbd68a96c1746a1613b309af) +--- + tools/gpgconf-comp.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c +index 85eb80ab5..180fd65c2 100644 +--- a/tools/gpgconf-comp.c ++++ b/tools/gpgconf-comp.c +@@ -3328,6 +3328,8 @@ gc_component_change_options (int component, estream_t in, estream_t out, + + change_one_value (option, runtime, flags, new_value, 0); + } ++ if (length < 0 || gpgrt_ferror (in)) ++ gc_error (1, errno, "error reading stream 'in'"); + } + + /* Now that we have collected and locally verified the changes, diff --git a/patches/0014-dirmngr-New-option-disable-ipv4.patch b/patches/0014-dirmngr-New-option-disable-ipv4.patch new file mode 100644 index 0000000..0aa0549 --- /dev/null +++ b/patches/0014-dirmngr-New-option-disable-ipv4.patch @@ -0,0 +1,245 @@ +From: Werner Koch +Date: Tue, 24 Jan 2017 16:36:28 +0100 +Subject: dirmngr: New option --disable-ipv4. + +* dirmngr/dirmngr.c (oDisableIPv4): New const. +(opts): New option --disable-ipv4. +(parse_rereadable_options): Set that option. +* dirmngr/dirmngr.h (opt): New field 'disable_ipv4'. +* dirmngr/dns-stuff.c (opt_disable_ipv4): bew var. +(set_dns_disable_ipv4): New. +(resolve_name_standard): Skip v4 addresses when OPT_DISABLE_IPV4 is +set. +* dirmngr/ks-engine-hkp.c (map_host): Ditto. +(send_request): Pass HTTP_FLAG_IGNORE_IPv4 if opt.disable_v4 is set. +* dirmngr/crlfetch.c (crl_fetch): Ditto. +* dirmngr/ks-engine-finger.c (ks_finger_fetch): Ditto. +* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto. +* dirmngr/ocsp.c (do_ocsp_request): Ditto. + +Signed-off-by: Werner Koch +(cherry picked from commit 72736af86a501592d974d46ff754a63959e183bd) +--- + dirmngr/crlfetch.c | 4 +++- + dirmngr/dirmngr.c | 5 +++++ + dirmngr/dirmngr.h | 1 + + dirmngr/dns-stuff.c | 15 +++++++++++++++ + dirmngr/dns-stuff.h | 4 ++++ + dirmngr/ks-engine-finger.c | 4 +++- + dirmngr/ks-engine-hkp.c | 8 ++++++-- + dirmngr/ks-engine-http.c | 3 ++- + dirmngr/ocsp.c | 3 ++- + doc/dirmngr.texi | 5 +++++ + 10 files changed, 46 insertions(+), 6 deletions(-) + +diff --git a/dirmngr/crlfetch.c b/dirmngr/crlfetch.c +index 8fe6e0b1b..aa82137f7 100644 +--- a/dirmngr/crlfetch.c ++++ b/dirmngr/crlfetch.c +@@ -198,7 +198,9 @@ crl_fetch (ctrl_t ctrl, const char *url, ksba_reader_t *reader) + err = http_open_document (&hd, url, NULL, + ((opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0) + |(DBG_LOOKUP? HTTP_FLAG_LOG_RESP:0) +- |(opt.use_tor? HTTP_FLAG_FORCE_TOR:0)), ++ |(opt.use_tor? HTTP_FLAG_FORCE_TOR:0) ++ |(opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4:0) ++ ), + ctrl->http_proxy, NULL, NULL, NULL); + + switch ( err? 99999 : http_get_status_code (hd) ) +diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c +index 8d9de9e5a..83356c94c 100644 +--- a/dirmngr/dirmngr.c ++++ b/dirmngr/dirmngr.c +@@ -111,6 +111,7 @@ enum cmd_and_opt_values { + oBatch, + oDisableHTTP, + oDisableLDAP, ++ oDisableIPv4, + oIgnoreLDAPDP, + oIgnoreHTTPDP, + oIgnoreOCSPSvcUrl, +@@ -224,6 +225,8 @@ static ARGPARSE_OPTS opts[] = { + + ARGPARSE_s_n (oUseTor, "use-tor", N_("route all network traffic via Tor")), + ++ ARGPARSE_s_n (oDisableIPv4, "disable-ipv4", "@"), ++ + ARGPARSE_s_s (oSocketName, "socket-name", "@"), /* Only for debugging. */ + + ARGPARSE_s_u (oFakedSystemTime, "faked-system-time", "@"), /*(epoch time)*/ +@@ -586,6 +589,7 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread) + + case oDisableHTTP: opt.disable_http = 1; break; + case oDisableLDAP: opt.disable_ldap = 1; break; ++ case oDisableIPv4: opt.disable_ipv4 = 1; break; + case oHonorHTTPProxy: opt.honor_http_proxy = 1; break; + case oHTTPProxy: opt.http_proxy = pargs->r.ret_str; break; + case oLDAPProxy: opt.ldap_proxy = pargs->r.ret_str; break; +@@ -645,6 +649,7 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread) + + set_dns_verbose (opt.verbose, !!DBG_DNS); + http_set_verbose (opt.verbose, !!DBG_NETWORK); ++ set_dns_disable_ipv4 (opt.disable_ipv4); + + return 1; /* Handled. */ + } +diff --git a/dirmngr/dirmngr.h b/dirmngr/dirmngr.h +index acd4c636d..fd80d7237 100644 +--- a/dirmngr/dirmngr.h ++++ b/dirmngr/dirmngr.h +@@ -98,6 +98,7 @@ struct + + int disable_http; /* Do not use HTTP at all. */ + int disable_ldap; /* Do not use LDAP at all. */ ++ int disable_ipv4; /* Do not use leagacy IP addresses. */ + int honor_http_proxy; /* Honor the http_proxy env variable. */ + const char *http_proxy; /* The default HTTP proxy. */ + const char *ldap_proxy; /* Use given LDAP proxy. */ +diff --git a/dirmngr/dns-stuff.c b/dirmngr/dns-stuff.c +index 9347196b3..ad19fc2ce 100644 +--- a/dirmngr/dns-stuff.c ++++ b/dirmngr/dns-stuff.c +@@ -119,6 +119,10 @@ static int opt_debug; + /* The timeout in seconds for libdns requests. */ + static int opt_timeout; + ++/* The flag to disable IPv4 access - right now this only skips ++ * returned A records. */ ++static int opt_disable_ipv4; ++ + /* If set force the use of the standard resolver. */ + static int standard_resolver; + +@@ -227,6 +231,15 @@ set_dns_verbose (int verbose, int debug) + } + + ++/* Set the Disable-IPv4 flag so that the name resolver does not return ++ * A addresses. */ ++void ++set_dns_disable_ipv4 (int yes) ++{ ++ opt_disable_ipv4 = !!yes; ++} ++ ++ + /* Set the timeout for libdns requests to SECONDS. A value of 0 sets + * the default timeout and values are capped at 10 minutes. */ + void +@@ -873,6 +886,8 @@ resolve_name_standard (const char *name, unsigned short port, + { + if (ai->ai_family != AF_INET6 && ai->ai_family != AF_INET) + continue; ++ if (opt_disable_ipv4 && ai->ai_family == AF_INET) ++ continue; + + dai = xtrymalloc (sizeof *dai + ai->ai_addrlen - 1); + dai->family = ai->ai_family; +diff --git a/dirmngr/dns-stuff.h b/dirmngr/dns-stuff.h +index d68dd1728..9eb97fd6a 100644 +--- a/dirmngr/dns-stuff.h ++++ b/dirmngr/dns-stuff.h +@@ -95,6 +95,10 @@ struct srventry + /* Set verbosity and debug mode for this module. */ + void set_dns_verbose (int verbose, int debug); + ++/* Set the Disable-IPv4 flag so that the name resolver does not return ++ * A addresses. */ ++void set_dns_disable_ipv4 (int yes); ++ + /* Set the timeout for libdns requests to SECONDS. */ + void set_dns_timeout (int seconds); + +diff --git a/dirmngr/ks-engine-finger.c b/dirmngr/ks-engine-finger.c +index b1f02ad7d..114f2e9ac 100644 +--- a/dirmngr/ks-engine-finger.c ++++ b/dirmngr/ks-engine-finger.c +@@ -83,7 +83,9 @@ ks_finger_fetch (ctrl_t ctrl, parsed_uri_t uri, estream_t *r_fp) + *server++ = 0; + + err = http_raw_connect (&http, server, 79, +- (opt.use_tor? HTTP_FLAG_FORCE_TOR : 0), NULL); ++ ((opt.use_tor? HTTP_FLAG_FORCE_TOR : 0) ++ | (opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0)), ++ NULL); + if (err) + { + xfree (name); +diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c +index 2b90441e2..dad83efcd 100644 +--- a/dirmngr/ks-engine-hkp.c ++++ b/dirmngr/ks-engine-hkp.c +@@ -526,6 +526,8 @@ map_host (ctrl_t ctrl, const char *name, const char *srvtag, int force_reselect, + { + if (ai->family != AF_INET && ai->family != AF_INET6) + continue; ++ if (opt.disable_ipv4 && ai->family == AF_INET) ++ continue; + dirmngr_tick (ctrl); + + add_host (name, is_pool, ai, 0, reftbl, reftblsize, &refidx); +@@ -607,7 +609,8 @@ map_host (ctrl_t ctrl, const char *name, const char *srvtag, int force_reselect, + { + for (ai = aibuf; ai; ai = ai->next) + { +- if (ai->family == AF_INET6 || ai->family == AF_INET) ++ if (ai->family == AF_INET6 ++ || (!opt.disable_ipv4 && ai->family == AF_INET)) + { + err = resolve_dns_addr (ai->addr, ai->addrlen, 0, &host); + if (!err) +@@ -1058,7 +1061,8 @@ send_request (ctrl_t ctrl, const char *request, const char *hostportstr, + /* fixme: AUTH */ NULL, + (httpflags + |(opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0) +- |(opt.use_tor? HTTP_FLAG_FORCE_TOR:0)), ++ |(opt.use_tor? HTTP_FLAG_FORCE_TOR:0) ++ |(opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0)), + ctrl->http_proxy, + session, + NULL, +diff --git a/dirmngr/ks-engine-http.c b/dirmngr/ks-engine-http.c +index 858c943ea..dbbf4bb79 100644 +--- a/dirmngr/ks-engine-http.c ++++ b/dirmngr/ks-engine-http.c +@@ -88,7 +88,8 @@ ks_http_fetch (ctrl_t ctrl, const char *url, estream_t *r_fp) + /* httphost */ NULL, + /* fixme: AUTH */ NULL, + ((opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0) +- | (opt.use_tor? HTTP_FLAG_FORCE_TOR:0)), ++ | (opt.use_tor? HTTP_FLAG_FORCE_TOR:0) ++ | (opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0)), + ctrl->http_proxy, + session, + NULL, +diff --git a/dirmngr/ocsp.c b/dirmngr/ocsp.c +index 9127cf754..b46c78567 100644 +--- a/dirmngr/ocsp.c ++++ b/dirmngr/ocsp.c +@@ -174,7 +174,8 @@ do_ocsp_request (ctrl_t ctrl, ksba_ocsp_t ocsp, gcry_md_hd_t md, + once_more: + err = http_open (&http, HTTP_REQ_POST, url, NULL, NULL, + ((opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0) +- | (opt.use_tor? HTTP_FLAG_FORCE_TOR:0)), ++ | (opt.use_tor? HTTP_FLAG_FORCE_TOR:0) ++ | (opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0)), + ctrl->http_proxy, NULL, NULL, NULL); + if (err) + { +diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi +index dd104273d..b00c2d377 100644 +--- a/doc/dirmngr.texi ++++ b/doc/dirmngr.texi +@@ -312,6 +312,11 @@ not be used a different one can be given using this option. Note that + a numerical IP address must be given (IPv6 or IPv4) and that no error + checking is done for @var{ipaddr}. + ++@item --disable-ipv4 ++@opindex disable-ipv4 ++Disable the use of all IPv4 addresses. This option is mainly useful ++for debugging. ++ + @item --disable-ldap + @opindex disable-ldap + Entirely disables the use of LDAP. diff --git a/patches/0015-dirmngr-Simplify-error-returning-inside-http.c.patch b/patches/0015-dirmngr-Simplify-error-returning-inside-http.c.patch new file mode 100644 index 0000000..bcf4ee6 --- /dev/null +++ b/patches/0015-dirmngr-Simplify-error-returning-inside-http.c.patch @@ -0,0 +1,255 @@ +From: Werner Koch +Date: Tue, 24 Jan 2017 18:41:43 +0100 +Subject: dirmngr: Simplify error returning inside http.c. + +* dirmngr/http.c (connect_server): Change to return an gpg_error_t +and to store socket at the passed address. +(http_raw_connect, send_request): Adjust accordingly. +-- + +This change removes cruft from the code and allows to return the error +code from the name lookup. + +Signed-off-by: Werner Koch +(cherry picked from commit 51e5a5e5a46279809848b4ab4419f35045336010) +--- + dirmngr/http.c | 101 ++++++++++++++++++++++++++++----------------------------- + 1 file changed, 50 insertions(+), 51 deletions(-) + +diff --git a/dirmngr/http.c b/dirmngr/http.c +index 35877d241..fe9c3c734 100644 +--- a/dirmngr/http.c ++++ b/dirmngr/http.c +@@ -155,9 +155,9 @@ static gpg_error_t send_request (http_t hd, const char *httphost, + static char *build_rel_path (parsed_uri_t uri); + static gpg_error_t parse_response (http_t hd); + +-static assuan_fd_t connect_server (const char *server, unsigned short port, ++static gpg_error_t connect_server (const char *server, unsigned short port, + unsigned int flags, const char *srvtag, +- int *r_host_not_found); ++ assuan_fd_t *r_sock); + static gpg_error_t write_server (int sock, const char *data, size_t length); + + static gpgrt_ssize_t cookie_read (void *cookie, void *buffer, size_t size); +@@ -924,7 +924,6 @@ http_raw_connect (http_t *r_hd, const char *server, unsigned short port, + gpg_error_t err = 0; + http_t hd; + cookie_t cookie; +- int hnf; + + *r_hd = NULL; + +@@ -950,12 +949,9 @@ http_raw_connect (http_t *r_hd, const char *server, unsigned short port, + { + assuan_fd_t sock; + +- sock = connect_server (server, port, hd->flags, srvtag, &hnf); +- if (sock == ASSUAN_INVALID_FD) ++ err = connect_server (server, port, hd->flags, srvtag, &sock); ++ if (err) + { +- err = gpg_err_make (default_errsource, +- (hnf? GPG_ERR_UNKNOWN_HOST +- : gpg_err_code_from_syserror ())); + xfree (hd); + return err; + } +@@ -1643,7 +1639,6 @@ send_request (http_t hd, const char *httphost, const char *auth, + char *proxy_authstr = NULL; + char *authstr = NULL; + int sock; +- int hnf; + + if (hd->uri->use_tls && !hd->session) + { +@@ -1713,7 +1708,6 @@ send_request (http_t hd, const char *httphost, const char *auth, + && *http_proxy )) + { + parsed_uri_t uri; +- int save_errno; + + if (proxy) + http_proxy = proxy; +@@ -1760,25 +1754,20 @@ send_request (http_t hd, const char *httphost, const char *auth, + } + } + +- sock = connect_server (*uri->host ? uri->host : "localhost", +- uri->port ? uri->port : 80, +- hd->flags, srvtag, &hnf); +- save_errno = errno; ++ err = connect_server (*uri->host ? uri->host : "localhost", ++ uri->port ? uri->port : 80, ++ hd->flags, srvtag, &sock); + http_release_parsed_uri (uri); +- if (sock == ASSUAN_INVALID_FD) +- gpg_err_set_errno (save_errno); + } + else + { +- sock = connect_server (server, port, hd->flags, srvtag, &hnf); ++ err = connect_server (server, port, hd->flags, srvtag, &sock); + } + +- if (sock == ASSUAN_INVALID_FD) ++ if (err) + { + xfree (proxy_authstr); +- return gpg_err_make (default_errsource, +- (hnf? GPG_ERR_UNKNOWN_HOST +- : gpg_err_code_from_syserror ())); ++ return err; + } + hd->sock = my_socket_new (sock); + if (!hd->sock) +@@ -1788,7 +1777,6 @@ send_request (http_t hd, const char *httphost, const char *auth, + } + + +- + #if HTTP_USE_NTBTLS + if (hd->uri->use_tls) + { +@@ -2476,11 +2464,13 @@ my_sock_new_for_addr (struct sockaddr *addr, int type, int proto) + } + + +-/* Actually connect to a server. Returns the file descriptor or -1 on +- error. ERRNO is set on error. */ +-static assuan_fd_t ++/* Actually connect to a server. On success 0 is returned and the ++ * file descriptor for the socket is stored at R_SOCK; on error an ++ * error code is returned and ASSUAN_INVALID_FD is stored at ++ * R_SOCK. */ ++static gpg_error_t + connect_server (const char *server, unsigned short port, +- unsigned int flags, const char *srvtag, int *r_host_not_found) ++ unsigned int flags, const char *srvtag, assuan_fd_t *r_sock) + { + gpg_error_t err; + assuan_fd_t sock = ASSUAN_INVALID_FD; +@@ -2488,11 +2478,11 @@ connect_server (const char *server, unsigned short port, + int hostfound = 0; + int anyhostaddr = 0; + int srv, connected; +- int last_errno = 0; ++ gpg_error_t last_err = 0; + struct srventry *serverlist = NULL; +- int ret; + +- *r_host_not_found = 0; ++ *r_sock = ASSUAN_INVALID_FD; ++ + #if defined(HAVE_W32_SYSTEM) && !defined(HTTP_NO_WSASTARTUP) + init_sockets (); + #endif /*Windows*/ +@@ -2509,18 +2499,21 @@ connect_server (const char *server, unsigned short port, + ASSUAN_SOCK_TOR); + if (sock == ASSUAN_INVALID_FD) + { +- if (errno == EHOSTUNREACH) +- *r_host_not_found = 1; +- log_error ("can't connect to '%s': %s\n", server, strerror (errno)); ++ err = gpg_err_make (default_errsource, ++ (errno == EHOSTUNREACH)? GPG_ERR_UNKNOWN_HOST ++ : gpg_err_code_from_syserror ()); ++ log_error ("can't connect to '%s': %s\n", server, gpg_strerror (err)); ++ return err; + } +- else +- notify_netactivity (); +- return sock; ++ ++ notify_netactivity (); ++ *r_sock = sock; ++ return 0; + + #else /*!ASSUAN_SOCK_TOR*/ + +- gpg_err_set_errno (ENETUNREACH); +- return -1; /* Out of core. */ ++ err = gpg_err_make (default_errsource, GPG_ERR_ENETUNREACH); ++ return ASSUAN_INVALID_FD; + + #endif /*!HASSUAN_SOCK_TOR*/ + } +@@ -2533,6 +2526,7 @@ connect_server (const char *server, unsigned short port, + log_info ("getting '%s' SRV for '%s' failed: %s\n", + srvtag, server, gpg_strerror (err)); + /* Note that on error SRVCOUNT is zero. */ ++ err = 0; + } + + if (!serverlist) +@@ -2541,7 +2535,8 @@ connect_server (const char *server, unsigned short port, + up a fake SRV record. */ + serverlist = xtrycalloc (1, sizeof *serverlist); + if (!serverlist) +- return -1; /* Out of core. */ ++ return gpg_err_make (default_errsource, gpg_err_code_from_syserror ()); ++ + serverlist->port = port; + strncpy (serverlist->target, server, DIMof (struct srventry, target)); + serverlist->target[DIMof (struct srventry, target)-1] = '\0'; +@@ -2562,6 +2557,7 @@ connect_server (const char *server, unsigned short port, + { + log_info ("resolving '%s' failed: %s\n", + serverlist[srv].target, gpg_strerror (err)); ++ last_err = err; + continue; /* Not found - try next one. */ + } + hostfound = 1; +@@ -2578,18 +2574,20 @@ connect_server (const char *server, unsigned short port, + sock = my_sock_new_for_addr (ai->addr, ai->socktype, ai->protocol); + if (sock == ASSUAN_INVALID_FD) + { +- int save_errno = errno; +- log_error ("error creating socket: %s\n", strerror (errno)); ++ err = gpg_err_make (default_errsource, ++ gpg_err_code_from_syserror ()); ++ log_error ("error creating socket: %s\n", gpg_strerror (err)); + free_dns_addrinfo (aibuf); + xfree (serverlist); +- errno = save_errno; +- return ASSUAN_INVALID_FD; ++ return err; + } + + anyhostaddr = 1; +- ret = assuan_sock_connect (sock, ai->addr, ai->addrlen); +- if (ret) +- last_errno = errno; ++ if (assuan_sock_connect (sock, ai->addr, ai->addrlen)) ++ { ++ last_err = gpg_err_make (default_errsource, ++ gpg_err_code_from_syserror ()); ++ } + else + { + connected = 1; +@@ -2616,17 +2614,18 @@ connect_server (const char *server, unsigned short port, + server, (int)WSAGetLastError()); + #else + log_error ("can't connect to '%s': %s\n", +- server, strerror (last_errno)); ++ server, gpg_strerror (last_err)); + #endif + } +- if (!hostfound || (hostfound && !anyhostaddr)) +- *r_host_not_found = 1; ++ err = last_err? last_err : gpg_err_make (default_errsource, ++ GPG_ERR_UNKNOWN_HOST); + if (sock != ASSUAN_INVALID_FD) + assuan_sock_close (sock); +- gpg_err_set_errno (last_errno); +- return ASSUAN_INVALID_FD; ++ return err; + } +- return sock; ++ ++ *r_sock = sock; ++ return 0; + } + + diff --git a/patches/0016-gpg-Print-a-warning-on-Tor-problems.patch b/patches/0016-gpg-Print-a-warning-on-Tor-problems.patch new file mode 100644 index 0000000..1979069 --- /dev/null +++ b/patches/0016-gpg-Print-a-warning-on-Tor-problems.patch @@ -0,0 +1,188 @@ +From: Werner Koch +Date: Tue, 24 Jan 2017 20:45:31 +0100 +Subject: gpg: Print a warning on Tor problems. + +* dirmngr/ks-engine-hkp.c (tor_not_running_p): New. +(map_host): Call that to print a warning. +(handle_send_request_error): Ditto and avoid marking the host dead. +Also print a tor_config_problem warning. Add arg CTRL; adjust callers +to pass that new arg. +* g10/call-dirmngr.c (ks_status_cb): Detect and print the new +warnings. + +Signed-off-by: Werner Koch +(cherry picked from commit 770b75a746836773909af25ccb9b480e61cea677) +--- + dirmngr/ks-engine-hkp.c | 60 ++++++++++++++++++++++++++++++++++++------------- + g10/call-dirmngr.c | 26 ++++++++++++++++++++- + 2 files changed, 70 insertions(+), 16 deletions(-) + +diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c +index dad83efcd..858cd2f26 100644 +--- a/dirmngr/ks-engine-hkp.c ++++ b/dirmngr/ks-engine-hkp.c +@@ -278,6 +278,31 @@ arecords_is_pool (dns_addrinfo_t aibuf) + } + + ++/* Print a warninng iff Tor is not running but Tor has been requested. ++ * Also return true if it is not running. */ ++static int ++tor_not_running_p (ctrl_t ctrl) ++{ ++ assuan_fd_t sock; ++ ++ if (!opt.use_tor) ++ return 0; ++ ++ sock = assuan_sock_connect_byname (NULL, 0, 0, NULL, ASSUAN_SOCK_TOR); ++ if (sock != ASSUAN_INVALID_FD) ++ { ++ assuan_sock_close (sock); ++ return 0; ++ } ++ ++ log_info ("(it seems Tor is not running)\n"); ++ dirmngr_status (ctrl, "WARNING", "tor_not_running 0", ++ "Tor is enabled but the local Tor daemon" ++ " seems to be down", NULL); ++ return 1; ++} ++ ++ + /* Add the host AI under the NAME into the HOSTTABLE. If PORT is not + zero, it specifies which port to use to talk to the host. If NAME + specifies a pool (as indicated by IS_POOL), update the given +@@ -475,6 +500,8 @@ map_host (ctrl_t ctrl, const char *name, const char *srvtag, int force_reselect, + if (err) + { + xfree (reftbl); ++ if (gpg_err_code (err) == GPG_ERR_ECONNREFUSED) ++ tor_not_running_p (ctrl); + return err; + } + +@@ -1180,13 +1207,13 @@ send_request (ctrl_t ctrl, const char *request, const char *hostportstr, + } + + +-/* Helper to evaluate the error code ERR form a send_request() call ++/* Helper to evaluate the error code ERR from a send_request() call + with REQUEST. The function returns true if the caller shall try + again. TRIES_LEFT points to a variable to track the number of + retries; this function decrements it and won't return true if it is + down to zero. */ + static int +-handle_send_request_error (gpg_error_t err, const char *request, ++handle_send_request_error (ctrl_t ctrl, gpg_error_t err, const char *request, + unsigned int *tries_left) + { + int retry = 0; +@@ -1197,16 +1224,9 @@ handle_send_request_error (gpg_error_t err, const char *request, + switch (gpg_err_code (err)) + { + case GPG_ERR_ECONNREFUSED: +- if (opt.use_tor) +- { +- assuan_fd_t sock; +- +- sock = assuan_sock_connect_byname (NULL, 0, 0, NULL, ASSUAN_SOCK_TOR); +- if (sock == ASSUAN_INVALID_FD) +- log_info ("(it seems Tor is not running)\n"); +- else +- assuan_sock_close (sock); +- } ++ if (tor_not_running_p (ctrl)) ++ break; /* A retry does not make sense. */ ++ /* Okay: Tor is up or --use-tor is not used. */ + /*FALLTHRU*/ + case GPG_ERR_ENETUNREACH: + case GPG_ERR_ENETDOWN: +@@ -1224,6 +1244,16 @@ handle_send_request_error (gpg_error_t err, const char *request, + } + break; + ++ case GPG_ERR_EACCES: ++ if (opt.use_tor) ++ { ++ log_info ("(Tor configuration problem)\n"); ++ dirmngr_status (ctrl, "WARNING", "tor_config_problem 0", ++ "Please check that the \"SocksPort\" flag " ++ "\"IPv6Traffic\" is set in torrc", NULL); ++ } ++ break; ++ + default: + break; + } +@@ -1334,7 +1364,7 @@ ks_hkp_search (ctrl_t ctrl, parsed_uri_t uri, const char *pattern, + /* Send the request. */ + err = send_request (ctrl, request, hostport, httphost, httpflags, + NULL, NULL, &fp, r_http_status); +- if (handle_send_request_error (err, request, &tries)) ++ if (handle_send_request_error (ctrl, err, request, &tries)) + { + reselect = 1; + goto again; +@@ -1468,7 +1498,7 @@ ks_hkp_get (ctrl_t ctrl, parsed_uri_t uri, const char *keyspec, estream_t *r_fp) + /* Send the request. */ + err = send_request (ctrl, request, hostport, httphost, httpflags, + NULL, NULL, &fp, NULL); +- if (handle_send_request_error (err, request, &tries)) ++ if (handle_send_request_error (ctrl, err, request, &tries)) + { + reselect = 1; + goto again; +@@ -1577,7 +1607,7 @@ ks_hkp_put (ctrl_t ctrl, parsed_uri_t uri, const void *data, size_t datalen) + /* Send the request. */ + err = send_request (ctrl, request, hostport, httphost, 0, + put_post_cb, &parm, &fp, NULL); +- if (handle_send_request_error (err, request, &tries)) ++ if (handle_send_request_error (ctrl, err, request, &tries)) + { + reselect = 1; + goto again; +diff --git a/g10/call-dirmngr.c b/g10/call-dirmngr.c +index 4be9da117..2f2ba982e 100644 +--- a/g10/call-dirmngr.c ++++ b/g10/call-dirmngr.c +@@ -374,7 +374,8 @@ ks_status_cb (void *opaque, const char *line) + { + struct ks_status_parm_s *parm = opaque; + gpg_error_t err = 0; +- const char *s; ++ const char *s, *s2; ++ const char *warn; + + if ((s = has_leading_keyword (line, parm->keyword? parm->keyword : "SOURCE"))) + { +@@ -385,6 +386,29 @@ ks_status_cb (void *opaque, const char *line) + err = gpg_error_from_syserror (); + } + } ++ else if ((s = has_leading_keyword (line, "WARNING"))) ++ { ++ if ((s2 = has_leading_keyword (s, "tor_not_running"))) ++ warn = _("Tor is not running"); ++ else if ((s2 = has_leading_keyword (s, "tor_config_problem"))) ++ warn = _("Tor is not properly configured"); ++ else ++ warn = NULL; ++ ++ if (warn) ++ { ++ log_info (_("WARNING: %s\n"), warn); ++ if (s2) ++ { ++ while (*s2 && !spacep (s2)) ++ s2++; ++ while (*s2 && spacep (s2)) ++ s2++; ++ if (*s2) ++ print_further_info ("%s", s2); ++ } ++ } ++ } + + return err; + } diff --git a/patches/0017-agent-Fix-double-free.patch b/patches/0017-agent-Fix-double-free.patch new file mode 100644 index 0000000..b3d96ed --- /dev/null +++ b/patches/0017-agent-Fix-double-free.patch @@ -0,0 +1,49 @@ +From: Justus Winter +Date: Wed, 25 Jan 2017 13:51:57 +0100 +Subject: agent: Fix double free. + +* agent/cache.c (agent_store_cache_hit): Make sure the update is +atomic. +-- +Previously, the function freed the last key, and duplicated the new +key after doing that. There is a chance, however, that calling the +allocator surrenders control to a different thread, causing a double +free if a different thread also calls this function. + +To make sure the update is atomic under the non-preemptive thread +model, we must make sure not to surrender control to a different +thread. Therefore, we avoid calling the allocator during the +update. + +Signed-off-by: Justus Winter +(cherry picked from commit e175152ef7515921635bf1e00383e812668d13fc) +--- + agent/cache.c | 17 +++++++++++++++-- + 1 file changed, 15 insertions(+), 2 deletions(-) + +diff --git a/agent/cache.c b/agent/cache.c +index f58eaeaaa..248368277 100644 +--- a/agent/cache.c ++++ b/agent/cache.c +@@ -475,6 +475,19 @@ agent_get_cache (const char *key, cache_mode_t cache_mode) + void + agent_store_cache_hit (const char *key) + { +- xfree (last_stored_cache_key); +- last_stored_cache_key = key? xtrystrdup (key) : NULL; ++ char *new; ++ char *old; ++ ++ /* To make sure the update is atomic under the non-preemptive thread ++ * model, we must make sure not to surrender control to a different ++ * thread. Therefore, we avoid calling the allocator during the ++ * update. */ ++ new = key ? xtrystrdup (key) : NULL; ++ ++ /* Atomic update. */ ++ old = last_stored_cache_key; ++ last_stored_cache_key = new; ++ /* Done. */ ++ ++ xfree (old); + } diff --git a/patches/0018-gpg-Fix-searching-for-mail-addresses-in-keyrings.patch b/patches/0018-gpg-Fix-searching-for-mail-addresses-in-keyrings.patch new file mode 100644 index 0000000..6365109 --- /dev/null +++ b/patches/0018-gpg-Fix-searching-for-mail-addresses-in-keyrings.patch @@ -0,0 +1,54 @@ +From: Justus Winter +Date: Wed, 25 Jan 2017 16:33:20 +0100 +Subject: gpg: Fix searching for mail addresses in keyrings. + +* g10/keyring.c (compare_name): Fix KEYDB_SEARCH_MODE_MAIL* searches +in keyrings when the UID is a plain addr-spec. +-- +Previously, 'gpg --list-key ""' failed if 1/ the +keyring format is used and 2/ the key's UID is a plain addr-spec +(cf. RFC2822 section 4.3), e.g. 'foo@example.org'. + +GnuPG-bug-id: 2930 +Signed-off-by: Justus Winter +(cherry picked from commit 3f4f20ee6eff052c88647b820d9ecfdbd8df0f40) +--- + g10/keyring.c | 22 ++++++++++++++++++---- + 1 file changed, 18 insertions(+), 4 deletions(-) + +diff --git a/g10/keyring.c b/g10/keyring.c +index f1281e98e..328290ed8 100644 +--- a/g10/keyring.c ++++ b/g10/keyring.c +@@ -928,13 +928,27 @@ compare_name (int mode, const char *name, const char *uid, size_t uidlen) + else if ( mode == KEYDB_SEARCH_MODE_MAIL + || mode == KEYDB_SEARCH_MODE_MAILSUB + || mode == KEYDB_SEARCH_MODE_MAILEND) { ++ int have_angles = 1; + for (i=0, s= uid; i < uidlen && *s != '<'; s++, i++) + ; ++ if (i == uidlen) ++ { ++ /* The UID is a plain addr-spec (cf. RFC2822 section 4.3). */ ++ have_angles = 0; ++ s = uid; ++ i = 0; ++ } + if (i < uidlen) { +- /* skip opening delim and one char and look for the closing one*/ +- s++; i++; +- for (se=s+1, i++; i < uidlen && *se != '>'; se++, i++) +- ; ++ if (have_angles) ++ { ++ /* skip opening delim and one char and look for the closing one*/ ++ s++; i++; ++ for (se=s+1, i++; i < uidlen && *se != '>'; se++, i++) ++ ; ++ } ++ else ++ se = s + uidlen; ++ + if (i < uidlen) { + i = se - s; + if (mode == KEYDB_SEARCH_MODE_MAIL) { diff --git a/patches/0019-dirmngr-New-option-no-use-tor-and-internal-changes.patch b/patches/0019-dirmngr-New-option-no-use-tor-and-internal-changes.patch new file mode 100644 index 0000000..f936685 --- /dev/null +++ b/patches/0019-dirmngr-New-option-no-use-tor-and-internal-changes.patch @@ -0,0 +1,382 @@ +From: Werner Koch +Date: Wed, 1 Feb 2017 17:54:14 +0100 +Subject: dirmngr: New option --no-use-tor and internal changes. + +* dirmngr/dns-stuff.c (disable_dns_tormode): New. +* dirmngr/dirmngr.c (oNoUseTor): New const. +(opts): New option --no-use-tor. +(tor_mode): New var. +(parse_rereadable_options): Change to use TOR_MODE. +(dirmngr_use_tor): New. +(set_tor_mode): Call disable_dns_tormode. Implement oNoUseTor. +* dirmngr/dirmngr.h (opt): Remove field 'use_tor'. Replace all +references by a call to dirmngr_use_tor(). +* dirmngr/server.c (cmd_getinfo): Distinguish between default and +enforced TOR_MODE. +-- + +This patch replaces the global variable opt.use_tar by a function +testing a file local mode flag. This patch prepares for a +use-tor-if-available mode. + +GnuPG-bug-id: 2935 +Signed-off-by: Werner Koch +(cherry picked from commit 7440119e729d3fdedda8a9b44b70f8959beea8d7) +--- + dirmngr/crlfetch.c | 10 +++++----- + dirmngr/dirmngr.c | 46 +++++++++++++++++++++++++++++++++++++++++++--- + dirmngr/dirmngr.h | 3 +-- + dirmngr/dns-stuff.c | 8 ++++++++ + dirmngr/dns-stuff.h | 1 + + dirmngr/ks-engine-finger.c | 2 +- + dirmngr/ks-engine-hkp.c | 6 +++--- + dirmngr/ks-engine-http.c | 2 +- + dirmngr/ks-engine-ldap.c | 6 +++--- + dirmngr/ocsp.c | 4 ++-- + dirmngr/server.c | 10 +++++++--- + 11 files changed, 75 insertions(+), 23 deletions(-) + +diff --git a/dirmngr/crlfetch.c b/dirmngr/crlfetch.c +index aa82137f7..337fe6e4d 100644 +--- a/dirmngr/crlfetch.c ++++ b/dirmngr/crlfetch.c +@@ -198,7 +198,7 @@ crl_fetch (ctrl_t ctrl, const char *url, ksba_reader_t *reader) + err = http_open_document (&hd, url, NULL, + ((opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0) + |(DBG_LOOKUP? HTTP_FLAG_LOG_RESP:0) +- |(opt.use_tor? HTTP_FLAG_FORCE_TOR:0) ++ |(dirmngr_use_tor()? HTTP_FLAG_FORCE_TOR:0) + |(opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4:0) + ), + ctrl->http_proxy, NULL, NULL, NULL); +@@ -292,7 +292,7 @@ crl_fetch (ctrl_t ctrl, const char *url, ksba_reader_t *reader) + "LDAP"); + err = gpg_error (GPG_ERR_NOT_SUPPORTED); + } +- else if (opt.use_tor) ++ else if (dirmngr_use_tor ()) + { + /* For now we do not support LDAP over Tor. */ + log_error (_("CRL access not possible due to Tor mode\n")); +@@ -318,7 +318,7 @@ crl_fetch (ctrl_t ctrl, const char *url, ksba_reader_t *reader) + gpg_error_t + crl_fetch_default (ctrl_t ctrl, const char *issuer, ksba_reader_t *reader) + { +- if (opt.use_tor) ++ if (dirmngr_use_tor ()) + { + /* For now we do not support LDAP over Tor. */ + log_error (_("CRL access not possible due to Tor mode\n")); +@@ -350,7 +350,7 @@ crl_fetch_default (ctrl_t ctrl, const char *issuer, ksba_reader_t *reader) + gpg_error_t + ca_cert_fetch (ctrl_t ctrl, cert_fetch_context_t *context, const char *dn) + { +- if (opt.use_tor) ++ if (dirmngr_use_tor ()) + { + /* For now we do not support LDAP over Tor. */ + log_error (_("CRL access not possible due to Tor mode\n")); +@@ -377,7 +377,7 @@ gpg_error_t + start_cert_fetch (ctrl_t ctrl, cert_fetch_context_t *context, + strlist_t patterns, const ldap_server_t server) + { +- if (opt.use_tor) ++ if (dirmngr_use_tor ()) + { + /* For now we do not support LDAP over Tor. */ + log_error (_("CRL access not possible due to Tor mode\n")); +diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c +index 83356c94c..43e9cbd07 100644 +--- a/dirmngr/dirmngr.c ++++ b/dirmngr/dirmngr.c +@@ -138,6 +138,7 @@ enum cmd_and_opt_values { + oHTTPWrapperProgram, + oIgnoreCertExtension, + oUseTor, ++ oNoUseTor, + oKeyServer, + oNameServer, + oDisableCheckOwnSocket, +@@ -224,6 +225,7 @@ static ARGPARSE_OPTS opts[] = { + N_("|FILE|use the CA certificates in FILE for HKP over TLS")), + + ARGPARSE_s_n (oUseTor, "use-tor", N_("route all network traffic via Tor")), ++ ARGPARSE_s_n (oNoUseTor, "no-use-tor", "@"), + + ARGPARSE_s_n (oDisableIPv4, "disable-ipv4", "@"), + +@@ -300,6 +302,16 @@ static volatile int shutdown_pending; + /* Flags to indicate that we shall not watch our own socket. */ + static int disable_check_own_socket; + ++/* Flag to control the Tor mode. */ ++static enum ++ { TOR_MODE_AUTO = 0, /* Switch to NO or YES */ ++ TOR_MODE_NEVER, /* Never use Tor. */ ++ TOR_MODE_NO, /* Do not use Tor */ ++ TOR_MODE_YES, /* Use Tor */ ++ TOR_MODE_FORCE /* Force using Tor */ ++ } tor_mode; ++ ++ + /* Counter for the active connections. */ + static int active_connections; + +@@ -475,7 +487,7 @@ set_debug (void) + static void + set_tor_mode (void) + { +- if (opt.use_tor) ++ if (dirmngr_use_tor ()) + { + /* Enable Tor mode and when called again force a new curcuit + * (e.g. on SIGHUP). */ +@@ -486,6 +498,26 @@ set_tor_mode (void) + log_info ("(is your Libassuan recent enough?)\n"); + } + } ++ else ++ disable_dns_tormode (); ++} ++ ++ ++/* Return true if Tor shall be used. */ ++int ++dirmngr_use_tor (void) ++{ ++ if (tor_mode == TOR_MODE_AUTO) ++ { ++ /* FIXME: Figure out whether Tor is running. */ ++ } ++ ++ if (tor_mode == TOR_MODE_FORCE) ++ return 2; /* Use Tor (using 2 to indicate force mode) */ ++ else if (tor_mode == TOR_MODE_YES) ++ return 1; /* Use Tor */ ++ else ++ return 0; /* Do not use Tor. */ + } + + +@@ -548,7 +580,9 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread) + FREE_STRLIST (opt.ignored_cert_extensions); + http_register_tls_ca (NULL); + FREE_STRLIST (opt.keyserver); +- /* Note: We do not allow resetting of opt.use_tor at runtime. */ ++ /* Note: We do not allow resetting of TOR_MODE_FORCE at runtime. */ ++ if (tor_mode != TOR_MODE_FORCE) ++ tor_mode = TOR_MODE_AUTO; + disable_check_own_socket = 0; + enable_standard_resolver (0); + set_dns_timeout (0); +@@ -625,7 +659,13 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread) + add_to_strlist (&opt.ignored_cert_extensions, pargs->r.ret_str); + break; + +- case oUseTor: opt.use_tor = 1; break; ++ case oUseTor: ++ tor_mode = TOR_MODE_FORCE; ++ break; ++ case oNoUseTor: ++ if (tor_mode != TOR_MODE_FORCE) ++ tor_mode = TOR_MODE_NEVER; ++ break; + + case oStandardResolver: enable_standard_resolver (1); break; + case oRecursiveResolver: enable_recursive_resolver (1); break; +diff --git a/dirmngr/dirmngr.h b/dirmngr/dirmngr.h +index fd80d7237..6a4fd003f 100644 +--- a/dirmngr/dirmngr.h ++++ b/dirmngr/dirmngr.h +@@ -91,7 +91,6 @@ struct + program. */ + + int running_detached; /* We are running in detached mode. */ +- int use_tor; /* Tor mode has been enabled. */ + int allow_version_check; /* --allow-version-check is active. */ + + int force; /* Force loading outdated CRLs. */ +@@ -191,7 +190,7 @@ void dirmngr_init_default_ctrl (ctrl_t ctrl); + void dirmngr_deinit_default_ctrl (ctrl_t ctrl); + void dirmngr_sighup_action (void); + const char* dirmngr_get_current_socket_name (void); +- ++int dirmngr_use_tor (void); + + /*-- Various housekeeping functions. --*/ + void ks_hkp_reload (void); +diff --git a/dirmngr/dns-stuff.c b/dirmngr/dns-stuff.c +index ad19fc2ce..52f011a00 100644 +--- a/dirmngr/dns-stuff.c ++++ b/dirmngr/dns-stuff.c +@@ -222,6 +222,14 @@ enable_dns_tormode (int new_circuit) + } + + ++/* Disable tor mode. */ ++void ++disable_dns_tormode (void) ++{ ++ tor_mode = 0; ++} ++ ++ + /* Set verbosity and debug mode for this module. */ + void + set_dns_verbose (int verbose, int debug) +diff --git a/dirmngr/dns-stuff.h b/dirmngr/dns-stuff.h +index 9eb97fd6a..9b8303c3b 100644 +--- a/dirmngr/dns-stuff.h ++++ b/dirmngr/dns-stuff.h +@@ -120,6 +120,7 @@ int recursive_resolver_p (void); + /* Put this module eternally into Tor mode. When called agained with + * NEW_CIRCUIT request a new TOR circuit for the next DNS query. */ + void enable_dns_tormode (int new_circuit); ++void disable_dns_tormode (void); + + /* Change the default IP address of the nameserver to IPADDR. The + address needs to be a numerical IP address and will be used for the +diff --git a/dirmngr/ks-engine-finger.c b/dirmngr/ks-engine-finger.c +index 114f2e9ac..811b72de4 100644 +--- a/dirmngr/ks-engine-finger.c ++++ b/dirmngr/ks-engine-finger.c +@@ -83,7 +83,7 @@ ks_finger_fetch (ctrl_t ctrl, parsed_uri_t uri, estream_t *r_fp) + *server++ = 0; + + err = http_raw_connect (&http, server, 79, +- ((opt.use_tor? HTTP_FLAG_FORCE_TOR : 0) ++ ((dirmngr_use_tor ()? HTTP_FLAG_FORCE_TOR : 0) + | (opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0)), + NULL); + if (err) +diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c +index 858cd2f26..be8b08333 100644 +--- a/dirmngr/ks-engine-hkp.c ++++ b/dirmngr/ks-engine-hkp.c +@@ -285,7 +285,7 @@ tor_not_running_p (ctrl_t ctrl) + { + assuan_fd_t sock; + +- if (!opt.use_tor) ++ if (!dirmngr_use_tor ()) + return 0; + + sock = assuan_sock_connect_byname (NULL, 0, 0, NULL, ASSUAN_SOCK_TOR); +@@ -1088,7 +1088,7 @@ send_request (ctrl_t ctrl, const char *request, const char *hostportstr, + /* fixme: AUTH */ NULL, + (httpflags + |(opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0) +- |(opt.use_tor? HTTP_FLAG_FORCE_TOR:0) ++ |(dirmngr_use_tor ()? HTTP_FLAG_FORCE_TOR:0) + |(opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0)), + ctrl->http_proxy, + session, +@@ -1245,7 +1245,7 @@ handle_send_request_error (ctrl_t ctrl, gpg_error_t err, const char *request, + break; + + case GPG_ERR_EACCES: +- if (opt.use_tor) ++ if (dirmngr_use_tor ()) + { + log_info ("(Tor configuration problem)\n"); + dirmngr_status (ctrl, "WARNING", "tor_config_problem 0", +diff --git a/dirmngr/ks-engine-http.c b/dirmngr/ks-engine-http.c +index dbbf4bb79..69642ff98 100644 +--- a/dirmngr/ks-engine-http.c ++++ b/dirmngr/ks-engine-http.c +@@ -88,7 +88,7 @@ ks_http_fetch (ctrl_t ctrl, const char *url, estream_t *r_fp) + /* httphost */ NULL, + /* fixme: AUTH */ NULL, + ((opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0) +- | (opt.use_tor? HTTP_FLAG_FORCE_TOR:0) ++ | (dirmngr_use_tor ()? HTTP_FLAG_FORCE_TOR:0) + | (opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0)), + ctrl->http_proxy, + session, +diff --git a/dirmngr/ks-engine-ldap.c b/dirmngr/ks-engine-ldap.c +index 6d520e98e..b7aa7cc65 100644 +--- a/dirmngr/ks-engine-ldap.c ++++ b/dirmngr/ks-engine-ldap.c +@@ -850,7 +850,7 @@ ks_ldap_get (ctrl_t ctrl, parsed_uri_t uri, const char *keyspec, + + (void) ctrl; + +- if (opt.use_tor) ++ if (dirmngr_use_tor ()) + { + /* For now we do not support LDAP over Tor. */ + log_error (_("LDAP access not possible due to Tor mode\n")); +@@ -1033,7 +1033,7 @@ ks_ldap_search (ctrl_t ctrl, parsed_uri_t uri, const char *pattern, + + (void) ctrl; + +- if (opt.use_tor) ++ if (dirmngr_use_tor ()) + { + /* For now we do not support LDAP over Tor. */ + log_error (_("LDAP access not possible due to Tor mode\n")); +@@ -1909,7 +1909,7 @@ ks_ldap_put (ctrl_t ctrl, parsed_uri_t uri, + /* Elide a warning. */ + (void) ctrl; + +- if (opt.use_tor) ++ if (dirmngr_use_tor ()) + { + /* For now we do not support LDAP over Tor. */ + log_error (_("LDAP access not possible due to Tor mode\n")); +diff --git a/dirmngr/ocsp.c b/dirmngr/ocsp.c +index b46c78567..aff8e3288 100644 +--- a/dirmngr/ocsp.c ++++ b/dirmngr/ocsp.c +@@ -132,7 +132,7 @@ do_ocsp_request (ctrl_t ctrl, ksba_ocsp_t ocsp, gcry_md_hd_t md, + + (void)ctrl; + +- if (opt.use_tor) ++ if (dirmngr_use_tor ()) + { + /* For now we do not allow OCSP via Tor due to possible privacy + concerns. Needs further research. */ +@@ -174,7 +174,7 @@ do_ocsp_request (ctrl_t ctrl, ksba_ocsp_t ocsp, gcry_md_hd_t md, + once_more: + err = http_open (&http, HTTP_REQ_POST, url, NULL, NULL, + ((opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0) +- | (opt.use_tor? HTTP_FLAG_FORCE_TOR:0) ++ | (dirmngr_use_tor ()? HTTP_FLAG_FORCE_TOR:0) + | (opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0)), + ctrl->http_proxy, NULL, NULL, NULL); + if (err) +diff --git a/dirmngr/server.c b/dirmngr/server.c +index c9c4ad437..bca3a61e4 100644 +--- a/dirmngr/server.c ++++ b/dirmngr/server.c +@@ -625,7 +625,7 @@ option_handler (assuan_context_t ctx, const char *key, const char *value) + else if (!strcmp (key, "honor-keyserver-url-used")) + { + /* Return an error if we are running in Tor mode. */ +- if (opt.use_tor) ++ if (dirmngr_use_tor ()) + err = gpg_error (GPG_ERR_FORBIDDEN); + } + else +@@ -2338,14 +2338,18 @@ cmd_getinfo (assuan_context_t ctx, char *line) + } + else if (!strcmp (line, "tor")) + { +- if (opt.use_tor) ++ int use_tor; ++ ++ use_tor = dirmngr_use_tor (); ++ if (use_tor) + { + if (!is_tor_running (ctrl)) + err = assuan_write_status (ctx, "NO_TOR", "Tor not running"); + else + err = 0; + if (!err) +- assuan_set_okay_line (ctx, "- Tor mode is enabled"); ++ assuan_set_okay_line (ctx, use_tor == 1 ? "- Tor mode is enabled" ++ /**/ : "- Tor mode is enforced"); + } + else + err = set_error (GPG_ERR_FALSE, "Tor mode is NOT enabled"); diff --git a/patches/0020-gpg-Remove-period-at-end-of-warning.patch b/patches/0020-gpg-Remove-period-at-end-of-warning.patch new file mode 100644 index 0000000..247ff44 --- /dev/null +++ b/patches/0020-gpg-Remove-period-at-end-of-warning.patch @@ -0,0 +1,26 @@ +From: "Neal H. Walfield" +Date: Fri, 6 Jan 2017 11:51:08 +0100 +Subject: gpg: Remove period at end of warning. + +* g10/tofu.c (tofu_register_encryption): Remove period at end of +warning. + +Signed-off-by: Neal H. Walfield +(cherry picked from commit 6f9d8a956b2ca0f5a0eb7acc656fc17af2f2de47) +--- + g10/tofu.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/g10/tofu.c b/g10/tofu.c +index 8d535fa6c..149a18545 100644 +--- a/g10/tofu.c ++++ b/g10/tofu.c +@@ -3480,7 +3480,7 @@ tofu_register_encryption (ctrl_t ctrl, + + if (! user_id_list) + log_info (_("WARNING: Encrypting to %s, which has no " +- "non-revoked user ids.\n"), ++ "non-revoked user ids\n"), + keystr (pk->keyid)); + } + diff --git a/patches/0021-gpg-Add-newline-to-output.patch b/patches/0021-gpg-Add-newline-to-output.patch new file mode 100644 index 0000000..b79c546 --- /dev/null +++ b/patches/0021-gpg-Add-newline-to-output.patch @@ -0,0 +1,25 @@ +From: "Neal H. Walfield" +Date: Thu, 2 Feb 2017 11:00:51 +0100 +Subject: gpg: Add newline to output. + +* g10/tofu.c (ask_about_binding): Add newline to output. + +Signed-off-by: Neal H. Walfield +(cherry picked from commit 74268180e5a3acc827f3a369f1fe5971f3bbe285) +--- + g10/tofu.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/g10/tofu.c b/g10/tofu.c +index 149a18545..9f5f40694 100644 +--- a/g10/tofu.c ++++ b/g10/tofu.c +@@ -1969,7 +1969,7 @@ ask_about_binding (ctrl_t ctrl, + else if (!response[0]) + /* Default to unknown. Don't save it. */ + { +- tty_printf (_("Defaulting to unknown.")); ++ tty_printf (_("Defaulting to unknown.\n")); + *policy = TOFU_POLICY_UNKNOWN; + break; + } diff --git a/patches/0022-gpg-Only-print-out-TOFU-statistics-for-conflicts-in-.patch b/patches/0022-gpg-Only-print-out-TOFU-statistics-for-conflicts-in-.patch new file mode 100644 index 0000000..d8b5d79 --- /dev/null +++ b/patches/0022-gpg-Only-print-out-TOFU-statistics-for-conflicts-in-.patch @@ -0,0 +1,187 @@ +From: "Neal H. Walfield" +Date: Thu, 2 Feb 2017 13:24:57 +0100 +Subject: gpg: Only print out TOFU statistics for conflicts in interactive mode + +* g10/tofu.c (get_trust): Add arguments POLICYP and CONFLICT_SETP. If +they are not NULL, return the policy and conflict set (if there is +one), respectively. Update callers. If MAY_ASK is FALSE, don't print +out the statistics. +(tofu_register_encryption): If there is a conflict and we haven't yet +printed the statistics about the conflicting bindings, do so now. +(tofu_get_validity): Likewise. + +Signed-off-by: Neal H. Walfield +GnuPG-bug-id: 2914 +(cherry picked from commit 027b81b35fe36692005b8dba22d9eb2db05e8c80) +--- + g10/tofu.c | 83 +++++++++++++++++++++++++++++++++++++++++++++++++++----------- + 1 file changed, 69 insertions(+), 14 deletions(-) + +diff --git a/g10/tofu.c b/g10/tofu.c +index 9f5f40694..fc03c5a7d 100644 +--- a/g10/tofu.c ++++ b/g10/tofu.c +@@ -2644,7 +2644,9 @@ get_policy (tofu_dbs_t dbs, PKT_public_key *pk, + static enum tofu_policy + get_trust (ctrl_t ctrl, PKT_public_key *pk, + const char *fingerprint, const char *email, +- const char *user_id, int may_ask, time_t now) ++ const char *user_id, int may_ask, ++ enum tofu_policy *policyp, strlist_t *conflict_setp, ++ time_t now) + { + tofu_dbs_t dbs = ctrl->tofu.dbs; + int in_transaction = 0; +@@ -2683,6 +2685,7 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk, + if (tdb_keyid_is_utk (kid)) + { + trust_level = TRUST_ULTIMATE; ++ policy = TOFU_POLICY_GOOD; + goto out; + } + } +@@ -2690,7 +2693,8 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk, + begin_transaction (ctrl, 0); + in_transaction = 1; + +- policy = get_policy (dbs, pk, fingerprint, user_id, email, &conflict_set, now); ++ policy = get_policy (dbs, pk, fingerprint, user_id, email, ++ &conflict_set, now); + if (policy == TOFU_POLICY_AUTO) + { + policy = opt.tofu_default_policy; +@@ -2758,10 +2762,6 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk, + } + else + { +- for (iter = conflict_set; iter; iter = iter->next) +- show_statistics (dbs, iter->d, email, +- TOFU_POLICY_ASK, NULL, 1, now); +- + trust_level = TRUST_UNDEFINED; + } + +@@ -2807,7 +2807,13 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk, + if (in_transaction) + end_transaction (ctrl, 0); + +- free_strlist (conflict_set); ++ if (policyp) ++ *policyp = policy; ++ ++ if (conflict_setp) ++ *conflict_setp = conflict_set; ++ else ++ free_strlist (conflict_set); + + return trust_level; + } +@@ -3326,7 +3332,8 @@ tofu_register_signature (ctrl_t ctrl, + + /* Make sure the binding exists and record any TOFU + conflicts. */ +- if (get_trust (ctrl, pk, fingerprint, email, user_id->d, 0, now) ++ if (get_trust (ctrl, pk, fingerprint, email, user_id->d, ++ 0, NULL, NULL, now) + == _tofu_GET_TRUST_ERROR) + { + rc = gpg_error (GPG_ERR_GENERAL); +@@ -3492,11 +3499,13 @@ tofu_register_encryption (ctrl_t ctrl, + for (user_id = user_id_list; user_id; user_id = user_id->next) + { + char *email = email_from_user_id (user_id->d); ++ strlist_t conflict_set = NULL; ++ enum tofu_policy policy; + + /* Make sure the binding exists and that we recognize any + conflicts. */ + int tl = get_trust (ctrl, pk, fingerprint, email, user_id->d, +- may_ask, now); ++ may_ask, &policy, &conflict_set, now); + if (tl == _tofu_GET_TRUST_ERROR) + { + /* An error. */ +@@ -3505,6 +3514,28 @@ tofu_register_encryption (ctrl_t ctrl, + goto die; + } + ++ ++ /* If there is a conflict and MAY_ASK is true, we need to show ++ * the TOFU statistics for the current binding and the ++ * conflicting bindings. But, if we are not in batch mode, then ++ * they have already been printed (this is required to make sure ++ * the information is available to the caller before cpr_get is ++ * called). */ ++ if (policy == TOFU_POLICY_ASK && may_ask && opt.batch) ++ { ++ strlist_t iter; ++ ++ /* The conflict set should contain at least the current ++ * key. */ ++ log_assert (conflict_set); ++ ++ for (iter = conflict_set; iter; iter = iter->next) ++ show_statistics (dbs, iter->d, email, ++ TOFU_POLICY_ASK, NULL, 1, now); ++ } ++ ++ free_strlist (conflict_set); ++ + rc = gpgsql_stepx + (dbs->db, &dbs->s.register_encryption, NULL, NULL, &err, + "insert into encryptions\n" +@@ -3681,11 +3712,13 @@ tofu_get_validity (ctrl_t ctrl, PKT_public_key *pk, strlist_t user_id_list, + for (user_id = user_id_list; user_id; user_id = user_id->next, bindings ++) + { + char *email = email_from_user_id (user_id->d); ++ strlist_t conflict_set = NULL; ++ enum tofu_policy policy; + + /* Always call get_trust to make sure the binding is + registered. */ + int tl = get_trust (ctrl, pk, fingerprint, email, user_id->d, +- may_ask, now); ++ may_ask, &policy, &conflict_set, now); + if (tl == _tofu_GET_TRUST_ERROR) + { + /* An error. */ +@@ -3708,13 +3741,35 @@ tofu_get_validity (ctrl_t ctrl, PKT_public_key *pk, strlist_t user_id_list, + + if (may_ask && tl != TRUST_ULTIMATE && tl != TRUST_EXPIRED) + { +- enum tofu_policy policy = +- get_policy (dbs, pk, fingerprint, user_id->d, email, NULL, now); ++ /* If policy is ask, then we already printed out the ++ * conflict information in ask_about_binding or will do so ++ * in a moment. */ ++ if (policy != TOFU_POLICY_ASK) ++ need_warning |= ++ show_statistics (dbs, fingerprint, email, policy, NULL, 0, now); ++ ++ /* If there is a conflict and MAY_ASK is true, we need to ++ * show the TOFU statistics for the current binding and the ++ * conflicting bindings. But, if we are not in batch mode, ++ * then they have already been printed (this is required to ++ * make sure the information is available to the caller ++ * before cpr_get is called). */ ++ if (policy == TOFU_POLICY_ASK && opt.batch) ++ { ++ strlist_t iter; + +- need_warning |= +- show_statistics (dbs, fingerprint, email, policy, NULL, 0, now); ++ /* The conflict set should contain at least the current ++ * key. */ ++ log_assert (conflict_set); ++ ++ for (iter = conflict_set; iter; iter = iter->next) ++ show_statistics (dbs, iter->d, email, ++ TOFU_POLICY_ASK, NULL, 1, now); ++ } + } + ++ free_strlist (conflict_set); ++ + if (tl == TRUST_NEVER) + trust_level = TRUST_NEVER; + else if (tl == TRUST_EXPIRED) diff --git a/patches/0023-gpg-If-there-is-a-TOFU-conflict-elide-the-too-few-me.patch b/patches/0023-gpg-If-there-is-a-TOFU-conflict-elide-the-too-few-me.patch new file mode 100644 index 0000000..2ae2abe --- /dev/null +++ b/patches/0023-gpg-If-there-is-a-TOFU-conflict-elide-the-too-few-me.patch @@ -0,0 +1,42 @@ +From: "Neal H. Walfield" +Date: Thu, 2 Feb 2017 13:26:17 +0100 +Subject: gpg: If there is a TOFU conflict, elide the too few message warning. + +* g10/tofu.c (tofu_get_validity): If there was a conflict, don't also +print out a warning about too few messages. + +Signed-off-by: Neal H. Walfield +(cherry picked from commit a08c781739e7561093f32b732c4991f2bd817ec2) +--- + g10/tofu.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/g10/tofu.c b/g10/tofu.c +index fc03c5a7d..41bdd5f30 100644 +--- a/g10/tofu.c ++++ b/g10/tofu.c +@@ -3694,6 +3694,7 @@ tofu_get_validity (ctrl_t ctrl, PKT_public_key *pk, strlist_t user_id_list, + int bindings = 0; + int bindings_valid = 0; + int need_warning = 0; ++ int had_conflict = 0; + + dbs = opendbs (ctrl); + if (! dbs) +@@ -3762,6 +3763,7 @@ tofu_get_validity (ctrl_t ctrl, PKT_public_key *pk, strlist_t user_id_list, + * key. */ + log_assert (conflict_set); + ++ had_conflict = 1; + for (iter = conflict_set; iter; iter = iter->next) + show_statistics (dbs, iter->d, email, + TOFU_POLICY_ASK, NULL, 1, now); +@@ -3794,7 +3796,7 @@ tofu_get_validity (ctrl_t ctrl, PKT_public_key *pk, strlist_t user_id_list, + xfree (email); + } + +- if (need_warning) ++ if (need_warning && ! had_conflict) + show_warning (fingerprint, user_id_list); + + die: diff --git a/patches/0024-gpg-Ensure-TOFU-bindings-associated-with-UTKs-are-re.patch b/patches/0024-gpg-Ensure-TOFU-bindings-associated-with-UTKs-are-re.patch new file mode 100644 index 0000000..42d257e --- /dev/null +++ b/patches/0024-gpg-Ensure-TOFU-bindings-associated-with-UTKs-are-re.patch @@ -0,0 +1,60 @@ +From: "Neal H. Walfield" +Date: Thu, 2 Feb 2017 14:24:38 +0100 +Subject: gpg: Ensure TOFU bindings associated with UTKs are registered as + usual + +* g10/tofu.c (get_trust): Call get_policy before short-circuiting the +policy lookup for ultimately trusted keys to make sure the binding is +added to the bindings table, if necessary. + +Signed-off-by: Neal H. Walfield +GnuPG-bug-id: 2929 +(cherry picked from commit 769272ba87f282a69e8d5f9bb27c86e6bec4496b) +--- + g10/tofu.c | 19 +++++++++++++------ + 1 file changed, 13 insertions(+), 6 deletions(-) + +diff --git a/g10/tofu.c b/g10/tofu.c +index 41bdd5f30..85347bb74 100644 +--- a/g10/tofu.c ++++ b/g10/tofu.c +@@ -2306,7 +2306,11 @@ build_conflict_set (tofu_dbs_t dbs, + /* Return the effective policy for the binding + * (email has already been normalized) and any conflict information in + * *CONFLICT_SETP, if CONFLICT_SETP is not NULL. Returns +- * _tofu_GET_POLICY_ERROR if an error occurs. */ ++ * _tofu_GET_POLICY_ERROR if an error occurs. ++ * ++ * This function registers the binding in the bindings table if it has ++ * not yet been registered. ++ */ + static enum tofu_policy + get_policy (tofu_dbs_t dbs, PKT_public_key *pk, + const char *fingerprint, const char *user_id, const char *email, +@@ -2677,6 +2681,14 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk, + && _tofu_GET_TRUST_ERROR != TRUST_FULLY + && _tofu_GET_TRUST_ERROR != TRUST_ULTIMATE); + ++ begin_transaction (ctrl, 0); ++ in_transaction = 1; ++ ++ /* We need to call get_policy even if the key is ultimately trusted ++ * to make sure the binding has been registered. */ ++ policy = get_policy (dbs, pk, fingerprint, user_id, email, ++ &conflict_set, now); ++ + /* If the key is ultimately trusted, there is nothing to do. */ + { + u32 kid[2]; +@@ -2690,11 +2702,6 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk, + } + } + +- begin_transaction (ctrl, 0); +- in_transaction = 1; +- +- policy = get_policy (dbs, pk, fingerprint, user_id, email, +- &conflict_set, now); + if (policy == TOFU_POLICY_AUTO) + { + policy = opt.tofu_default_policy; diff --git a/patches/0025-gpg-Don-t-assume-that-strtoul-interprets-as-0.patch b/patches/0025-gpg-Don-t-assume-that-strtoul-interprets-as-0.patch new file mode 100644 index 0000000..b92a49f --- /dev/null +++ b/patches/0025-gpg-Don-t-assume-that-strtoul-interprets-as-0.patch @@ -0,0 +1,53 @@ +From: "Neal H. Walfield" +Date: Thu, 2 Feb 2017 15:48:45 +0100 +Subject: gpg: Don't assume that strtoul interprets "" as 0. + +* g10/tofu.c (show_statistics): If there are not records, return 0 +instead of NULL. + +-- +Signed-off-by: Neal H. Walfield +GnuPG-bug-id: 2853 + +According to SUSv3: + + If the subject sequence is empty or does not have the expected form, + no conversion is performed + ... + If no conversion could be performed, 0 is returned and errno may be + set to [EINVAL]. + + http://pubs.opengroup.org/onlinepubs/007908799/xsh/strtol.html + +It appears that MacOS X sets errno to EINVAL, but glibc doesn't. +Hence, we map NULL to 0 explicitly. + +(cherry picked from commit 407f5f9baea5591f148974240a87dfb43e5efef3) +--- + g10/tofu.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/g10/tofu.c b/g10/tofu.c +index 85347bb74..449e921b6 100644 +--- a/g10/tofu.c ++++ b/g10/tofu.c +@@ -2983,7 +2983,8 @@ show_statistics (tofu_dbs_t dbs, + /* Get the signature stats. */ + rc = gpgsql_exec_printf + (dbs->db, strings_collect_cb, &strlist, &err, +- "select count (*), min (signatures.time), max (signatures.time)\n" ++ "select count (*), coalesce (min (signatures.time), 0),\n" ++ " coalesce (max (signatures.time), 0)\n" + " from signatures\n" + " left join bindings on signatures.binding = bindings.oid\n" + " where fingerprint = %Q and email = %Q;", +@@ -3036,7 +3037,8 @@ show_statistics (tofu_dbs_t dbs, + /* Get the encryption stats. */ + rc = gpgsql_exec_printf + (dbs->db, strings_collect_cb, &strlist, &err, +- "select count (*), min (encryptions.time), max (encryptions.time)\n" ++ "select count (*), coalesce (min (encryptions.time), 0),\n" ++ " coalesce (max (encryptions.time), 0)\n" + " from encryptions\n" + " left join bindings on encryptions.binding = bindings.oid\n" + " where fingerprint = %Q and email = %Q;", diff --git a/patches/0026-gpg-More-diagnostics-for-a-launched-pinentry.patch b/patches/0026-gpg-More-diagnostics-for-a-launched-pinentry.patch new file mode 100644 index 0000000..7fe05e5 --- /dev/null +++ b/patches/0026-gpg-More-diagnostics-for-a-launched-pinentry.patch @@ -0,0 +1,81 @@ +From: Werner Koch +Date: Fri, 3 Feb 2017 12:04:52 +0100 +Subject: gpg: More diagnostics for a launched pinentry. + +* agent/call-pinentry.c (start_pinentry): Call getinfo/ttyinfo. +* g10/server.c (gpg_proxy_pinentry_notify): Simplify the output so +that we do not change the code when adding new fields to +PINENTRY_LAUNCHED. +-- + +This patch changes the --verbose output of gpg to show +for example + + gpg: pinentry launched (5228 gtk2 1.0.1-beta10 \ + /dev/pts/4 xterm localhost:10.0) + +the used tty, its type, and the value of DISPLAY in addiion to the +pid, flavor, and version. + +Signed-off-by: Werner Koch +(cherry picked from commit 7052a0d77cf8f3a445b252a809d29be445788625) +--- + agent/call-pinentry.c | 6 +++++- + g10/server.c | 19 ++++++++----------- + 2 files changed, 13 insertions(+), 12 deletions(-) + +diff --git a/agent/call-pinentry.c b/agent/call-pinentry.c +index fa00bf921..2bebee205 100644 +--- a/agent/call-pinentry.c ++++ b/agent/call-pinentry.c +@@ -541,7 +541,7 @@ start_pinentry (ctrl_t ctrl) + } + + +- /* Ask the pinentry for its version and flavor and streo that as a ++ /* Ask the pinentry for its version and flavor and store that as a + * string in MB. This information is useful for helping users to + * figure out Pinentry problems. */ + { +@@ -555,6 +555,10 @@ start_pinentry (ctrl_t ctrl) + if (assuan_transact (entry_ctx, "GETINFO version", + put_membuf_cb, &mb, NULL, NULL, NULL, NULL)) + put_membuf_str (&mb, "unknown"); ++ put_membuf_str (&mb, " "); ++ if (assuan_transact (entry_ctx, "GETINFO ttyinfo", ++ put_membuf_cb, &mb, NULL, NULL, NULL, NULL)) ++ put_membuf_str (&mb, "? ? ?"); + put_membuf (&mb, "", 1); + flavor_version = get_membuf (&mb, NULL); + } +diff --git a/g10/server.c b/g10/server.c +index b89f0be69..e3a3bad22 100644 +--- a/g10/server.c ++++ b/g10/server.c +@@ -770,18 +770,15 @@ gpg_server (ctrl_t ctrl) + gpg_error_t + gpg_proxy_pinentry_notify (ctrl_t ctrl, const unsigned char *line) + { +- if (opt.verbose) +- { +- char *linecopy = xtrystrdup (line); +- char *fields[4]; +- +- if (linecopy +- && split_fields (linecopy, fields, DIM (fields)) >= 4 +- && !strcmp (fields[0], "PINENTRY_LAUNCHED")) +- log_info (_("pinentry launched (pid %s, flavor %s, version %s)\n"), +- fields[1], fields[2], fields[3]); ++ const char *s; + +- xfree (linecopy); ++ if (opt.verbose ++ && !strncmp (line, "PINENTRY_LAUNCHED", 17) ++ && (line[17]==' '||!line[17])) ++ { ++ for (s = line + 17; *s && spacep (s); s++) ++ ; ++ log_info (_("pinentry launched (%s)\n"), s); + } + + if (!ctrl || !ctrl->server_local diff --git a/patches/0027-doc-Clarify-abbreviation-of-help.patch b/patches/0027-doc-Clarify-abbreviation-of-help.patch new file mode 100644 index 0000000..6d08d4b --- /dev/null +++ b/patches/0027-doc-Clarify-abbreviation-of-help.patch @@ -0,0 +1,27 @@ +From: Daniel Kahn Gillmor +Date: Sat, 4 Feb 2017 01:28:08 -0500 +Subject: doc: Clarify abbreviation of --help. + +* doc/gpg.texi: clarify abbreviation of --help. + +Debian-bug-id: 852979 +Signed-off-by: Daniel Kahn Gillmor +(cherry picked from commit f2b276dffbe2435b17abf2b3c51684d3636f3f11) +--- + doc/gpg.texi | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/doc/gpg.texi b/doc/gpg.texi +index 8e1a5e6fc..b79b78334 100644 +--- a/doc/gpg.texi ++++ b/doc/gpg.texi +@@ -141,7 +141,8 @@ cannot abbreviate this command. + @itemx -h + @opindex help + Print a usage message summarizing the most useful command-line options. +-Note that you cannot abbreviate this command. ++Note that you cannot arbitrarily abbreviate this command ++(though you can use its short form @option{-h}). + + @item --warranty + @opindex warranty diff --git a/patches/0028-scd-Backport-two-fixes-from-master.patch b/patches/0028-scd-Backport-two-fixes-from-master.patch new file mode 100644 index 0000000..2193f94 --- /dev/null +++ b/patches/0028-scd-Backport-two-fixes-from-master.patch @@ -0,0 +1,55 @@ +From: NIIBE Yutaka +Date: Sun, 5 Feb 2017 08:34:08 +0900 +Subject: scd: Backport two fixes from master. + +* scd/app.c (app_new_register): Initialize by -1, so that it can detect +an error correctly when card reader can't power-on the card initially. +* scd/command.c (open_card_with_request): Release APP before the scan. + +-- +The first one-liner patch handles an erroneous card. + +The second patch handles the case when we repeatedly do +signing/decrypting by a single session of scdaemon. + +Signed-off-by: NIIBE Yutaka +--- + scd/app.c | 1 + + scd/command.c | 5 +++++ + 2 files changed, 6 insertions(+) + +diff --git a/scd/app.c b/scd/app.c +index b10a452d6..989e0c060 100644 +--- a/scd/app.c ++++ b/scd/app.c +@@ -192,6 +192,7 @@ app_new_register (int slot, ctrl_t ctrl, const char *name) + } + + app->slot = slot; ++ app->card_status = (unsigned int)-1; + + if (npth_mutex_init (&app->lock, NULL)) + { +diff --git a/scd/command.c b/scd/command.c +index 8c7ca20a6..0ae6d29aa 100644 +--- a/scd/command.c ++++ b/scd/command.c +@@ -217,6 +217,7 @@ open_card_with_request (ctrl_t ctrl, const char *apptype, const char *serialno) + gpg_error_t err; + unsigned char *serialno_bin = NULL; + size_t serialno_bin_len = 0; ++ app_t app = ctrl->app_ctx; + + /* If we are already initialized for one specific application we + need to check that the client didn't requested a specific +@@ -224,6 +225,10 @@ open_card_with_request (ctrl_t ctrl, const char *apptype, const char *serialno) + if (apptype && ctrl->app_ctx) + return check_application_conflict (apptype, ctrl->app_ctx); + ++ /* Re-scan USB devices. Release APP, before the scan. */ ++ ctrl->app_ctx = NULL; ++ release_application (app); ++ + if (serialno) + serialno_bin = hex_to_buffer (serialno, &serialno_bin_len); + diff --git a/patches/0029-scd-Fix-use-case-of-PC-SC.patch b/patches/0029-scd-Fix-use-case-of-PC-SC.patch new file mode 100644 index 0000000..a26360d --- /dev/null +++ b/patches/0029-scd-Fix-use-case-of-PC-SC.patch @@ -0,0 +1,93 @@ +From: NIIBE Yutaka +Date: Mon, 13 Feb 2017 11:09:13 +0900 +Subject: scd: Fix use case of PC/SC. + +* scd/apdu.c (apdu_open_reader): Add an argument APP_EMPTY. +When CCID driver fails to open, try PC/SC if APP is nothing. +* scd/app.c (select_application): Supply arg if APP is nothing. + +-- + +After scanning available card readers by CCID driver, scdaemon should +try PC/SC service if no APP is registered yet. Also, when the slot +is allocated for PC/SC (ccid.handle==NULL), it should not call +ccid_compare_BAI, otherwise scdaemon crashes. + +Debian-bug-id: 852702, 854005, 854595, 854616 + +Signed-off-by: NIIBE Yutaka +--- + scd/apdu.c | 14 +++++++++++--- + scd/apdu.h | 2 +- + scd/app.c | 2 +- + 3 files changed, 13 insertions(+), 5 deletions(-) + +diff --git a/scd/apdu.c b/scd/apdu.c +index 38ebd2be5..149154cf3 100644 +--- a/scd/apdu.c ++++ b/scd/apdu.c +@@ -3117,7 +3117,7 @@ apdu_open_one_reader (const char *portstr) + } + + int +-apdu_open_reader (struct dev_list *dl) ++apdu_open_reader (struct dev_list *dl, int app_empty) + { + int slot; + +@@ -3167,6 +3167,7 @@ apdu_open_reader (struct dev_list *dl) + /* Check identity by BAI against already opened HANDLEs. */ + for (slot = 0; slot < MAX_READER; slot++) + if (reader_table[slot].used ++ && reader_table[slot].ccid.handle + && ccid_compare_BAI (reader_table[slot].ccid.handle, bai)) + break; + +@@ -3191,12 +3192,19 @@ apdu_open_reader (struct dev_list *dl) + dl->idx++; + } + +- slot = -1; ++ /* Not found. Try one for PC/SC, only when it's the initial scan. */ ++ if (app_empty && dl->idx == dl->idx_max) ++ { ++ dl->idx++; ++ slot = apdu_open_one_reader (dl->portstr); ++ } ++ else ++ slot = -1; + } + else + #endif + { /* PC/SC readers. */ +- if (dl->idx == 0) ++ if (app_empty && dl->idx == 0) + { + dl->idx++; + slot = apdu_open_one_reader (dl->portstr); +diff --git a/scd/apdu.h b/scd/apdu.h +index 473def518..6751e8c9b 100644 +--- a/scd/apdu.h ++++ b/scd/apdu.h +@@ -91,7 +91,7 @@ gpg_error_t apdu_dev_list_start (const char *portstr, struct dev_list **l_p); + void apdu_dev_list_finish (struct dev_list *l); + + /* Note, that apdu_open_reader returns no status word but -1 on error. */ +-int apdu_open_reader (struct dev_list *l); ++int apdu_open_reader (struct dev_list *l, int app_empty); + int apdu_open_remote_reader (const char *portstr, + const unsigned char *cookie, size_t length, + int (*readfnc) (void *opaque, +diff --git a/scd/app.c b/scd/app.c +index 989e0c060..8fb0d4553 100644 +--- a/scd/app.c ++++ b/scd/app.c +@@ -340,7 +340,7 @@ select_application (ctrl_t ctrl, const char *name, app_t *r_app, + int slot; + int sw; + +- slot = apdu_open_reader (l); ++ slot = apdu_open_reader (l, !app_top); + if (slot < 0) + break; + diff --git a/patches/0030-scd-Fix-factory-reset.patch b/patches/0030-scd-Fix-factory-reset.patch new file mode 100644 index 0000000..6a8822e --- /dev/null +++ b/patches/0030-scd-Fix-factory-reset.patch @@ -0,0 +1,367 @@ +From: NIIBE Yutaka +Date: Fri, 17 Feb 2017 03:30:05 -0500 +Subject: scd: Fix factory-reset. + +Signed-off-by: NIIBE Yutaka + +Backport from master branch: + + 99d4dfe83 + e2792813a + 031e3fa7b + +Additionally, fix another bug when tested with 2.1.18-7 with PC/SC. +--- + scd/app-common.h | 3 +- + scd/app.c | 86 ++++++++++++++++++++++++++++++++------------------------ + scd/command.c | 6 ++-- + scd/scdaemon.c | 51 ++++++++++++++++++++++++++++++--- + scd/scdaemon.h | 1 + + 5 files changed, 102 insertions(+), 45 deletions(-) + +diff --git a/scd/app-common.h b/scd/app-common.h +index b979f54..c7a0575 100644 +--- a/scd/app-common.h ++++ b/scd/app-common.h +@@ -54,6 +54,7 @@ struct app_ctx_s { + const char *apptype; + unsigned int card_version; + unsigned int card_status; ++ unsigned int reset_requested:1; + unsigned int require_get_status:1; + unsigned int did_chv1:1; + unsigned int force_chv1:1; /* True if the card does not cache CHV1. */ +@@ -134,7 +135,7 @@ gpg_error_t select_application (ctrl_t ctrl, const char *name, app_t *r_app, + int scan, const unsigned char *serialno_bin, + size_t serialno_bin_len); + char *get_supported_applications (void); +-void release_application (app_t app); ++void release_application (app_t app, int locked_already); + gpg_error_t app_munge_serialno (app_t app); + gpg_error_t app_write_learn_status (app_t app, ctrl_t ctrl, + unsigned int flags); +diff --git a/scd/app.c b/scd/app.c +index 8fb0d45..3f3f3ef 100644 +--- a/scd/app.c ++++ b/scd/app.c +@@ -136,40 +136,32 @@ check_application_conflict (const char *name, app_t app) + } + + +-static void +-release_application_internal (app_t app) +-{ +- if (!app->ref_count) +- log_bug ("trying to release an already released context\n"); +- +- --app->ref_count; +-} +- + gpg_error_t + app_reset (app_t app, ctrl_t ctrl, int send_reset) + { +- gpg_error_t err; +- +- err = lock_app (app, ctrl); +- if (err) +- return err; ++ gpg_error_t err = 0; + + if (send_reset) + { +- int sw = apdu_reset (app->slot); ++ int sw; ++ ++ lock_app (app, ctrl); ++ sw = apdu_reset (app->slot); + if (sw) + err = gpg_error (GPG_ERR_CARD_RESET); + +- /* Release the same application which is used by other sessions. */ +- send_client_notifications (app, 1); ++ app->reset_requested = 1; ++ unlock_app (app); ++ ++ scd_kick_the_loop (); ++ gnupg_sleep (1); + } + else + { + ctrl->app_ctx = NULL; +- release_application_internal (app); ++ release_application (app, 0); + } + +- unlock_app (app); + return err; + } + +@@ -370,6 +362,7 @@ select_application (ctrl_t ctrl, const char *name, app_t *r_app, + } + + apdu_dev_list_finish (l); ++ scd_kick_the_loop (); + } + + npth_mutex_lock (&app_list_lock); +@@ -465,6 +458,8 @@ deallocate_app (app_t app) + } + + xfree (app->serialno); ++ ++ unlock_app (app); + xfree (app); + } + +@@ -474,7 +469,7 @@ deallocate_app (app_t app) + actually deferring the deallocation to allow for a later reuse by + a new connection. */ + void +-release_application (app_t app) ++release_application (app_t app, int locked_already) + { + if (!app) + return; +@@ -484,9 +479,15 @@ release_application (app_t app) + is using the card - this way the PIN cache and other cached data + are preserved. */ + +- lock_app (app, NULL); +- release_application_internal (app); +- unlock_app (app); ++ if (!locked_already) ++ lock_app (app, NULL); ++ ++ if (!app->ref_count) ++ log_bug ("trying to release an already released context\n"); ++ ++ --app->ref_count; ++ if (!locked_already) ++ unlock_app (app); + } + + +@@ -1023,11 +1024,16 @@ scd_update_reader_status_file (void) + npth_mutex_lock (&app_list_lock); + for (a = app_top; a; a = app_next) + { ++ unsigned int status; ++ ++ lock_app (a, NULL); + app_next = a->next; +- if (a->require_get_status) ++ ++ if (a->reset_requested) ++ status = 0; ++ else + { + int sw; +- unsigned int status; + sw = apdu_get_status (a->slot, 0, &status); + + if (sw == SW_HOST_NO_READER) +@@ -1038,24 +1044,30 @@ scd_update_reader_status_file (void) + else if (sw) + { + /* Get status failed. Ignore that. */ ++ unlock_app (a); + continue; + } ++ } ++ ++ if (a->card_status != status) ++ { ++ report_change (a->slot, a->card_status, status); ++ send_client_notifications (a, status == 0); + +- if (a->card_status != status) ++ if (status == 0) + { +- report_change (a->slot, a->card_status, status); +- send_client_notifications (a, status == 0); +- +- if (status == 0) +- { +- log_debug ("Removal of a card: %d\n", a->slot); +- apdu_close_reader (a->slot); +- deallocate_app (a); +- } +- else +- a->card_status = status; ++ log_debug ("Removal of a card: %d\n", a->slot); ++ apdu_close_reader (a->slot); ++ deallocate_app (a); ++ } ++ else ++ { ++ a->card_status = status; ++ unlock_app (a); + } + } ++ else ++ unlock_app (a); + } + npth_mutex_unlock (&app_list_lock); + } +diff --git a/scd/command.c b/scd/command.c +index 0ae6d29..b17c4a1 100644 +--- a/scd/command.c ++++ b/scd/command.c +@@ -227,7 +227,7 @@ open_card_with_request (ctrl_t ctrl, const char *apptype, const char *serialno) + + /* Re-scan USB devices. Release APP, before the scan. */ + ctrl->app_ctx = NULL; +- release_application (app); ++ release_application (app, 0); + + if (serialno) + serialno_bin = hex_to_buffer (serialno, &serialno_bin_len); +@@ -1492,7 +1492,7 @@ cmd_restart (assuan_context_t ctx, char *line) + if (app) + { + ctrl->app_ctx = NULL; +- release_application (app); ++ release_application (app, 0); + } + if (locked_session && ctrl->server_local == locked_session) + { +@@ -1919,7 +1919,7 @@ send_client_notifications (app_t app, int removal) + { + sl->ctrl_backlink->app_ctx = NULL; + sl->card_removed = 1; +- release_application (app); ++ release_application (app, 1); + } + + if (!sl->event_signal || !sl->assuan_ctx) +diff --git a/scd/scdaemon.c b/scd/scdaemon.c +index 74fed44..02f0e72 100644 +--- a/scd/scdaemon.c ++++ b/scd/scdaemon.c +@@ -52,6 +52,7 @@ + #include "ccid-driver.h" + #include "gc-opt-flags.h" + #include "asshelp.h" ++#include "exechelp.h" + #include "../common/init.h" + + #ifndef ENAMETOOLONG +@@ -224,7 +225,8 @@ static assuan_sock_nonce_t socket_nonce; + disabled but it won't perform any ticker specific actions. */ + static int ticker_disabled; + +- ++/* FD to notify update of usb devices. */ ++static int notify_fd; + + static char *create_socket_name (char *standard_name); + static gnupg_fd_t create_server_socket (const char *name, +@@ -1181,6 +1183,16 @@ start_connection_thread (void *arg) + } + + ++void ++scd_kick_the_loop (void) ++{ ++ int ret; ++ ++ /* Kick the select loop. */ ++ ret = write (notify_fd, "", 1); ++ (void)ret; ++} ++ + /* Connection handler loop. Wait for connection requests and spawn a + thread after accepting a connection. LISTEN_FD is allowed to be -1 + in which case this code will only do regular timeouts and handle +@@ -1202,9 +1214,23 @@ handle_connections (int listen_fd) + #ifndef HAVE_W32_SYSTEM + int signo; + #endif ++ int pipe_fd[2]; ++ ++ ret = gnupg_create_pipe (pipe_fd); ++ if (ret) ++ { ++ log_error ("pipe creation failed: %s\n", gpg_strerror (ret)); ++ return; ++ } ++ notify_fd = pipe_fd[1]; + + ret = npth_attr_init(&tattr); +- /* FIXME: Check error. */ ++ if (ret) ++ { ++ log_error ("npth_attr_init failed: %s\n", strerror (ret)); ++ return; ++ } ++ + npth_attr_setdetachstate (&tattr, NPTH_CREATE_DETACHED); + + #ifndef HAVE_W32_SYSTEM +@@ -1233,6 +1259,8 @@ handle_connections (int listen_fd) + + for (;;) + { ++ int max_fd; ++ + if (shutdown_pending) + { + if (active_connections == 0) +@@ -1261,14 +1289,20 @@ handle_connections (int listen_fd) + thus a simple assignment is fine to copy the entire set. */ + read_fdset = fdset; + ++ FD_SET (pipe_fd[0], &read_fdset); ++ if (nfd < pipe_fd[0]) ++ max_fd = pipe_fd[0]; ++ else ++ max_fd = nfd; ++ + #ifndef HAVE_W32_SYSTEM +- ret = npth_pselect (nfd+1, &read_fdset, NULL, NULL, &timeout, npth_sigev_sigmask()); ++ ret = npth_pselect (max_fd+1, &read_fdset, NULL, NULL, &timeout, npth_sigev_sigmask()); + saved_errno = errno; + + while (npth_sigev_get_pending(&signo)) + handle_signal (signo); + #else +- ret = npth_eselect (nfd+1, &read_fdset, NULL, NULL, &timeout, NULL, NULL); ++ ret = npth_eselect (max_fd+1, &read_fdset, NULL, NULL, &timeout, NULL, NULL); + saved_errno = errno; + #endif + +@@ -1284,6 +1318,13 @@ handle_connections (int listen_fd) + /* Timeout. Will be handled when calculating the next timeout. */ + continue; + ++ if (FD_ISSET (pipe_fd[0], &read_fdset)) ++ { ++ char buf[256]; ++ ++ ret = read (pipe_fd[0], buf, sizeof buf); ++ } ++ + if (listen_fd != -1 && FD_ISSET (listen_fd, &read_fdset)) + { + ctrl_t ctrl; +@@ -1322,6 +1363,8 @@ handle_connections (int listen_fd) + } + } + ++ close (pipe_fd[0]); ++ close (pipe_fd[1]); + cleanup (); + log_info (_("%s %s stopped\n"), strusage(11), strusage(13)); + npth_attr_destroy (&tattr); +diff --git a/scd/scdaemon.h b/scd/scdaemon.h +index d0bc98e..fcab648 100644 +--- a/scd/scdaemon.h ++++ b/scd/scdaemon.h +@@ -125,6 +125,7 @@ void send_status_info (ctrl_t ctrl, const char *keyword, ...) + void send_status_direct (ctrl_t ctrl, const char *keyword, const char *args); + void scd_update_reader_status_file (void); + void send_client_notifications (app_t app, int removal); ++void scd_kick_the_loop (void); + + + #endif /*SCDAEMON_H*/ diff --git a/patches/0031-gpg-Fix-aliases-list-key-list-sig-and-check-sig.patch b/patches/0031-gpg-Fix-aliases-list-key-list-sig-and-check-sig.patch new file mode 100644 index 0000000..e22f218 --- /dev/null +++ b/patches/0031-gpg-Fix-aliases-list-key-list-sig-and-check-sig.patch @@ -0,0 +1,66 @@ +From: Daniel Kahn Gillmor +Date: Sat, 4 Feb 2017 01:23:32 -0500 +Subject: gpg: Fix aliases --list-key, --list-sig, and --check-sig. + +* g10/gpg.c (opts): Define commands with ARGPARSE_c +instead of ARGPARSE_s_n. + +-- + +These three entries are commands, but they're being treated as a +string-based option for some reason. However, if you try to use them +concurrently with another command like --clearsign, you'll get "gpg: +conflicting commands". + +Furthermore, because they're marked as options, their flags differ +from the commands that they alias, they cause ambiguity in +abbreviation (e.g. try "gpg --list-ke") which should have been fixed +by 7249ab0f95d1f6cb8ee61eefedc79801bb56398f. + +Marking them explicitly as commands for argparse should be more +accurate and should resolve the abbreviation ambiguity issue. + +Signed-off-by: Daniel Kahn Gillmor +gpg: fix aliases --list-key, --list-sig, and --check-sig. + +* g10/gpg.c: ARGPARSE_OPTS opts[]: define commands with ARGPARSE_c +instead of ARGPARSE_s_n. + +-- + +These three entries are commands, but they're being treated as a +string-based option for some reason. However, if you try to use them +concurrently with another command like --clearsign, you'll get "gpg: +conflicting commands". + +Furthermore, because they're marked as options, their flags differ +from the commands that they alias, they cause ambiguity in +abbreviation (e.g. try "gpg --list-ke") which should have been fixed +by 7249ab0f95d1f6cb8ee61eefedc79801bb56398f. + +Marking them explicitly as commands for argparse should be more +accurate and should resolve the abbreviation ambiguity issue. + +Signed-off-by: Daniel Kahn Gillmor +(cherry picked from commit f31120a5aa40b6e4e89d41d1d5d34e0f7da173b4) +--- + g10/gpg.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/g10/gpg.c b/g10/gpg.c +index f9039ae..e280c22 100644 +--- a/g10/gpg.c ++++ b/g10/gpg.c +@@ -728,9 +728,9 @@ static ARGPARSE_OPTS opts[] = { + ARGPARSE_s_n (oWithKeyData,"with-key-data", "@"), + ARGPARSE_s_n (oWithSigList,"with-sig-list", "@"), + ARGPARSE_s_n (oWithSigCheck,"with-sig-check", "@"), +- ARGPARSE_s_n (aListKeys, "list-key", "@"), /* alias */ +- ARGPARSE_s_n (aListSigs, "list-sig", "@"), /* alias */ +- ARGPARSE_s_n (aCheckKeys, "check-sig", "@"), /* alias */ ++ ARGPARSE_c (aListKeys, "list-key", "@"), /* alias */ ++ ARGPARSE_c (aListSigs, "list-sig", "@"), /* alias */ ++ ARGPARSE_c (aCheckKeys, "check-sig", "@"), /* alias */ + ARGPARSE_s_n (oSkipVerify, "skip-verify", "@"), + ARGPARSE_s_n (oSkipHiddenRecipients, "skip-hidden-recipients", "@"), + ARGPARSE_s_n (oNoSkipHiddenRecipients, "no-skip-hidden-recipients", "@"), diff --git a/patches/0032-gpg-common-Make-sure-that-all-fd-given-are-valid.patch b/patches/0032-gpg-common-Make-sure-that-all-fd-given-are-valid.patch new file mode 100644 index 0000000..bf9691b --- /dev/null +++ b/patches/0032-gpg-common-Make-sure-that-all-fd-given-are-valid.patch @@ -0,0 +1,228 @@ +From: Justus Winter +Date: Wed, 8 Feb 2017 13:49:41 +0100 +Subject: gpg,common: Make sure that all fd given are valid. + +* common/sysutils.c (gnupg_fd_valid): New function. +* common/sysutils.h (gnupg_fd_valid): New declaration. +* common/logging.c (log_set_file): Use the new function. +* g10/cpr.c (set_status_fd): Likewise. +* g10/gpg.c (main): Likewise. +* g10/keylist.c (read_sessionkey_from_fd): Likewise. +* g10/passphrase.c (set_attrib_fd): Likewise. +* tests/openpgp/Makefile.am (XTESTS): Add the new test. +* tests/openpgp/issue2941.scm: New file. +-- + +Consider a situation where the user passes "--status-fd 3" but file +descriptor 3 is not open. + +During the course of executing the rest of the commands, it's possible +that gpg itself will open some files, and file descriptor 3 will get +allocated. + +In this situation, the status information will be appended directly to +whatever file happens to have landed on fd 3 (the trustdb? the +keyring?). + +This is a potential data destruction issue for all writable file +descriptor options: + + --status-fd + --attribute-fd + --logger-fd + +It's also a potential issue for readable file descriptor options, but +the risk is merely weird behavior, and not data corruption: + + --override-session-key-fd + --passphrase-fd + --command-fd + +Fixes this by checking whether the fd is valid early on before using +it. + +GnuPG-bug-id: 2941 +Signed-off-by: Justus Winter +(cherry picked from commit 6823ed46584e753de3aba48a00ab738ab009a860) +--- + common/logging.c | 3 +++ + common/sysutils.c | 11 +++++++++++ + common/sysutils.h | 1 + + g10/cpr.c | 3 +++ + g10/gpg.c | 5 +++++ + g10/keylist.c | 3 +++ + g10/passphrase.c | 3 +++ + tests/openpgp/Makefile.am | 4 ++-- + tests/openpgp/issue2941.scm | 34 ++++++++++++++++++++++++++++++++++ + 9 files changed, 65 insertions(+), 2 deletions(-) + create mode 100755 tests/openpgp/issue2941.scm + +diff --git a/common/logging.c b/common/logging.c +index 8c70742..ac13053 100644 +--- a/common/logging.c ++++ b/common/logging.c +@@ -570,6 +570,9 @@ log_set_file (const char *name) + void + log_set_fd (int fd) + { ++ if (! gnupg_fd_valid (fd)) ++ log_fatal ("logger-fd is invalid: %s\n", strerror (errno)); ++ + set_file_fd (NULL, fd); + } + +diff --git a/common/sysutils.c b/common/sysutils.c +index e67420f..a796677 100644 +--- a/common/sysutils.c ++++ b/common/sysutils.c +@@ -1281,3 +1281,14 @@ gnupg_get_socket_name (int fd) + return name; + } + #endif /*!HAVE_W32_SYSTEM*/ ++ ++/* Check whether FD is valid. */ ++int ++gnupg_fd_valid (int fd) ++{ ++ int d = dup (fd); ++ if (d < 0) ++ return 0; ++ close (d); ++ return 1; ++} +diff --git a/common/sysutils.h b/common/sysutils.h +index a9316d7..ecd9f84 100644 +--- a/common/sysutils.h ++++ b/common/sysutils.h +@@ -72,6 +72,7 @@ int gnupg_setenv (const char *name, const char *value, int overwrite); + int gnupg_unsetenv (const char *name); + char *gnupg_getcwd (void); + char *gnupg_get_socket_name (int fd); ++int gnupg_fd_valid (int fd); + + gpg_error_t gnupg_inotify_watch_socket (int *r_fd, const char *socket_name); + int gnupg_inotify_has_name (int fd, const char *name); +diff --git a/g10/cpr.c b/g10/cpr.c +index 0133cad..4984e89 100644 +--- a/g10/cpr.c ++++ b/g10/cpr.c +@@ -107,6 +107,9 @@ set_status_fd (int fd) + if (fd == -1) + return; + ++ if (! gnupg_fd_valid (fd)) ++ log_fatal ("status-fd is invalid: %s\n", strerror (errno)); ++ + if (fd == 1) + statusfp = es_stdout; + else if (fd == 2) +diff --git a/g10/gpg.c b/g10/gpg.c +index e280c22..66a2055 100644 +--- a/g10/gpg.c ++++ b/g10/gpg.c +@@ -3079,6 +3079,8 @@ main (int argc, char **argv) + + case oCommandFD: + opt.command_fd = translate_sys2libc_fd_int (pargs.r.ret_int, 0); ++ if (! gnupg_fd_valid (opt.command_fd)) ++ log_fatal ("command-fd is invalid: %s\n", strerror (errno)); + break; + case oCommandFile: + opt.command_fd = open_info_file (pargs.r.ret_str, 0, 1); +@@ -5293,6 +5295,9 @@ read_sessionkey_from_fd (int fd) + int i, len; + char *line; + ++ if (! gnupg_fd_valid (fd)) ++ log_fatal ("override-session-key-fd is invalid: %s\n", strerror (errno)); ++ + for (line = NULL, i = len = 100; ; i++ ) + { + if (i >= len-1 ) +diff --git a/g10/keylist.c b/g10/keylist.c +index 4fe1e40..abdcb9f 100644 +--- a/g10/keylist.c ++++ b/g10/keylist.c +@@ -1900,6 +1900,9 @@ set_attrib_fd (int fd) + if (fd == -1) + return; + ++ if (! gnupg_fd_valid (fd)) ++ log_fatal ("attribute-fd is invalid: %s\n", strerror (errno)); ++ + #ifdef HAVE_DOSISH_SYSTEM + setmode (fd, O_BINARY); + #endif +diff --git a/g10/passphrase.c b/g10/passphrase.c +index fb4ec4c..37abc0f 100644 +--- a/g10/passphrase.c ++++ b/g10/passphrase.c +@@ -166,6 +166,9 @@ read_passphrase_from_fd( int fd ) + int i, len; + char *pw; + ++ if (! gnupg_fd_valid (fd)) ++ log_fatal ("passphrase-fd is invalid: %s\n", strerror (errno)); ++ + if ( !opt.batch && opt.pinentry_mode != PINENTRY_MODE_LOOPBACK) + { /* Not used but we have to do a dummy read, so that it won't end + up at the begin of the message if the quite usual trick to +diff --git a/tests/openpgp/Makefile.am b/tests/openpgp/Makefile.am +index 05341fb..377a2ed 100644 +--- a/tests/openpgp/Makefile.am ++++ b/tests/openpgp/Makefile.am +@@ -95,12 +95,12 @@ XTESTS = \ + issue2015.scm \ + issue2346.scm \ + issue2417.scm \ +- issue2419.scm ++ issue2419.scm \ ++ issue2941.scm + + # Fixme: gpgconf.scm does not yet work with make distcheck. + # gpgconf.scm + +- + # XXX: Currently, one cannot override automake's 'check' target. As a + # workaround, we avoid defining 'TESTS', thus automake will not emit + # the 'check' target. For extra robustness, we merely define a +diff --git a/tests/openpgp/issue2941.scm b/tests/openpgp/issue2941.scm +new file mode 100755 +index 0000000..d7220e0 +--- /dev/null ++++ b/tests/openpgp/issue2941.scm +@@ -0,0 +1,34 @@ ++#!/usr/bin/env gpgscm ++ ++;; Copyright (C) 2017 g10 Code GmbH ++;; ++;; This file is part of GnuPG. ++;; ++;; GnuPG is free software; you can redistribute it and/or modify ++;; it under the terms of the GNU General Public License as published by ++;; the Free Software Foundation; either version 3 of the License, or ++;; (at your option) any later version. ++;; ++;; GnuPG is distributed in the hope that it will be useful, ++;; but WITHOUT ANY WARRANTY; without even the implied warranty of ++;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++;; GNU General Public License for more details. ++;; ++;; You should have received a copy of the GNU General Public License ++;; along with this program; if not, see . ++ ++(load (with-path "defs.scm")) ++(setup-legacy-environment) ++ ++(define (check-failure options) ++ (let ((command `(,@gpg ,@options))) ++ (catch '() ++ (call-check command) ++ (error "Expected an error, but got none when executing" command)))) ++ ++(for-each-p ++ "Checking invocation with invalid file descriptors (issue2941)." ++ (lambda (option) ++ (check-failure `(,(string-append "--" option "=23") --sign gpg.conf))) ++ '("status-fd" "attribute-fd" "logger-fd" ++ "override-session-key-fd" "passphrase-fd" "command-fd")) diff --git a/patches/0033-common-Avoid-warning-about-implicit-declaration-of-g.patch b/patches/0033-common-Avoid-warning-about-implicit-declaration-of-g.patch new file mode 100644 index 0000000..52f4d36 --- /dev/null +++ b/patches/0033-common-Avoid-warning-about-implicit-declaration-of-g.patch @@ -0,0 +1,36 @@ +From: Daniel Kahn Gillmor +Date: Wed, 8 Feb 2017 12:05:08 -0500 +Subject: common: Avoid warning about implicit declaration of gnupg_fd_valid. +MIME-Version: 1.0 +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +* common/logging.c: Add #include "sysutils.h". + +-- + +Without this, we see: + +logging.c:573:9: warning: implicit declaration of function \ + ‘gnupg_fd_valid’ [-Wimplicit-function-declaration] + if (! gnupg_fd_valid (fd)) + ^~~~~~~~~~~~~~ + +Signed-off-by: Daniel Kahn Gillmor +(cherry picked from commit 8810314e377a9cb6612150a57cf99260ed0bb9f6) +--- + common/logging.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/common/logging.c b/common/logging.c +index ac13053..670affb 100644 +--- a/common/logging.c ++++ b/common/logging.c +@@ -61,6 +61,7 @@ + #include "i18n.h" + #include "common-defs.h" + #include "logging.h" ++#include "sysutils.h" + + #ifdef HAVE_W32_SYSTEM + # define S_IRGRP S_IRUSR diff --git a/patches/0034-gpg-Fix-memory-leak-in-the-error-case-of-signature-c.patch b/patches/0034-gpg-Fix-memory-leak-in-the-error-case-of-signature-c.patch new file mode 100644 index 0000000..3665e3b --- /dev/null +++ b/patches/0034-gpg-Fix-memory-leak-in-the-error-case-of-signature-c.patch @@ -0,0 +1,51 @@ +From: Werner Koch +Date: Fri, 10 Feb 2017 17:16:07 +0100 +Subject: gpg: Fix memory leak in the error case of signature creation. +MIME-Version: 1.0 +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +* g10/sign.c (write_signature_packets): Free SIG. Also replace +xcalloc by xtrycalloc. +-- + +If do_sign fails SIG was not released. Note that in the good case SIG +is transferred to PKT and freed by free_packet. + +Reported-by: Stephan Müller +Signed-off-by: Werner Koch +(cherry picked from commit 5996c7bf99f3a681393fd9589276399ebc956cff) +--- + g10/sign.c | 11 +++++++++-- + 1 file changed, 9 insertions(+), 2 deletions(-) + +diff --git a/g10/sign.c b/g10/sign.c +index acc894c..ff099b3 100644 +--- a/g10/sign.c ++++ b/g10/sign.c +@@ -686,7 +686,10 @@ write_signature_packets (SK_LIST sk_list, IOBUF out, gcry_md_hd_t hash, + pk = sk_rover->pk; + + /* Build the signature packet. */ +- sig = xmalloc_clear (sizeof *sig); ++ sig = xtrycalloc (1, sizeof *sig); ++ if (!sig) ++ return gpg_error_from_syserror (); ++ + if (duration || opt.sig_policy_url + || opt.sig_notations || opt.sig_keyserver_url) + sig->version = 4; +@@ -731,8 +734,12 @@ write_signature_packets (SK_LIST sk_list, IOBUF out, gcry_md_hd_t hash, + print_status_sig_created (pk, sig, status_letter); + free_packet (&pkt); + if (rc) +- log_error ("build signature packet failed: %s\n", gpg_strerror (rc)); ++ log_error ("build signature packet failed: %s\n", ++ gpg_strerror (rc)); + } ++ else ++ xfree (sig); ++ + if (rc) + return rc; + } diff --git a/patches/0035-gpg-Print-a-warning-if-no-command-has-been-given.patch b/patches/0035-gpg-Print-a-warning-if-no-command-has-been-given.patch new file mode 100644 index 0000000..6172346 --- /dev/null +++ b/patches/0035-gpg-Print-a-warning-if-no-command-has-been-given.patch @@ -0,0 +1,32 @@ +From: Werner Koch +Date: Mon, 13 Feb 2017 13:09:51 +0100 +Subject: gpg: Print a warning if no command has been given. + +* g10/gpg.c (main): Print in the default case. +-- + +GnuPG-bug-id: 2943 +Signed-off-by: Werner Koch +(cherry picked from commit 810adfd47801fc01e45fb71af9f05c91f7890cdb) +--- + g10/gpg.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/g10/gpg.c b/g10/gpg.c +index 66a2055..0c5a167 100644 +--- a/g10/gpg.c ++++ b/g10/gpg.c +@@ -4894,8 +4894,12 @@ main (int argc, char **argv) + #endif /*USE_TOFU*/ + break; + +- case aListPackets: + default: ++ if (!opt.quiet) ++ log_info (_("WARNING: no command supplied." ++ " Trying to guess what you mean ...\n")); ++ /*FALLTHU*/ ++ case aListPackets: + if( argc > 1 ) + wrong_args("[filename]"); + /* Issue some output for the unix newbie */ diff --git a/patches/0036-gpgconf-No-ENOENT-warning-with-change-options-et-al.patch b/patches/0036-gpgconf-No-ENOENT-warning-with-change-options-et-al.patch new file mode 100644 index 0000000..fa39a09 --- /dev/null +++ b/patches/0036-gpgconf-No-ENOENT-warning-with-change-options-et-al.patch @@ -0,0 +1,40 @@ +From: Werner Koch +Date: Mon, 13 Feb 2017 19:38:53 +0100 +Subject: gpgconf: No ENOENT warning with --change-options et al. + +* tools/gpgconf-comp.c (retrieve_options_from_program): Check ERRNO +before printing a warning. +-- + +It is common that a conf files does not exist - thus we should not +print a warning. + +GnuPG-bug-id: 2944 + +BTW: The error messages in gpgconf should be reworked to match those +of the other components. + +Signed-off-by: Werner Koch +(cherry picked from commit 30dac0486b6357e84fbe79c612eea940b654e4d1) +--- + tools/gpgconf-comp.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c +index 180fd65..a0d9659 100644 +--- a/tools/gpgconf-comp.c ++++ b/tools/gpgconf-comp.c +@@ -2163,8 +2163,11 @@ retrieve_options_from_program (gc_component_t component, gc_backend_t backend) + + config = es_fopen (config_filename, "r"); + if (!config) +- gc_error (0, errno, "warning: can not open config file %s", +- config_filename); ++ { ++ if (errno != ENOENT) ++ gc_error (0, errno, "warning: can not open config file %s", ++ config_filename); ++ } + else + { + while ((length = es_read_line (config, &line, &line_len, NULL)) > 0) diff --git a/patches/0037-dirmngr-Do-a-DNS-lookup-even-if-it-is-missing-from-n.patch b/patches/0037-dirmngr-Do-a-DNS-lookup-even-if-it-is-missing-from-n.patch new file mode 100644 index 0000000..b91abd7 --- /dev/null +++ b/patches/0037-dirmngr-Do-a-DNS-lookup-even-if-it-is-missing-from-n.patch @@ -0,0 +1,60 @@ +From: Werner Koch +Date: Mon, 13 Feb 2017 20:09:26 +0100 +Subject: dirmngr: Do a DNS lookup even if it is missing from nsswitch.conf. + +* dirmngr/dns-stuff.c (libdns_init): Do not print error message for a +missing nsswitch.conf. Make sure that tehre is a DNS entry. +-- + +GnuPG-bug-id: 2948 +Signed-off-by: Werner Koch +(cherry picked from commit dee026d761ae3d7594c3dbc5b3fa842df53cc189) +--- + dirmngr/dns-stuff.c | 27 +++++++++++++++++++++------ + 1 file changed, 21 insertions(+), 6 deletions(-) + +diff --git a/dirmngr/dns-stuff.c b/dirmngr/dns-stuff.c +index 52f011a..bc2e071 100644 +--- a/dirmngr/dns-stuff.c ++++ b/dirmngr/dns-stuff.c +@@ -498,12 +498,10 @@ libdns_init (void) + (dns_nssconf_loadpath (ld.resolv_conf, fname)); + if (err) + { +- log_error ("failed to load '%s': %s\n", fname, gpg_strerror (err)); +- /* not fatal, nsswitch.conf is not used on all systems; assume +- * classic behavior instead. Our dns library states "bf" which tries +- * DNS then Files, which is not classic; FreeBSD +- * /usr/src/lib/libc/net/gethostnamadr.c defines default_src[] which +- * is Files then DNS, which is. */ ++ /* This is not a fatal error: nsswitch.conf is not used on ++ * all systems; assume classic behavior instead. */ ++ if (gpg_err_code (err) != GPG_ERR_ENOENT) ++ log_error ("failed to load '%s': %s\n", fname, gpg_strerror (err)); + if (opt_debug) + log_debug ("dns: fallback resolution order, files then DNS\n"); + ld.resolv_conf->lookup[0] = 'f'; +@@ -511,6 +509,23 @@ libdns_init (void) + ld.resolv_conf->lookup[2] = '\0'; + err = GPG_ERR_NO_ERROR; + } ++ else if (!strchr (ld.resolv_conf->lookup, 'b')) ++ { ++ /* No DNS resulution type found in the list. This might be ++ * due to systemd based systems which allow for custom ++ * keywords which are not known to us and thus we do not ++ * know whether DNS is wanted or not. Becuase DNS is ++ * important for our infrastructure, we forcefully append ++ * DNS to the end of the list. */ ++ if (strlen (ld.resolv_conf->lookup)+2 < sizeof ld.resolv_conf->lookup) ++ { ++ if (opt_debug) ++ log_debug ("dns: appending DNS to resolution order\n"); ++ strcat (ld.resolv_conf->lookup, "b"); ++ } ++ else ++ log_error ("failed to append DNS to resolution order\n"); ++ } + + #endif /* Unix */ + } diff --git a/patches/0038-gpg-Make-export-ssh-key-work-for-the-primary-key.patch b/patches/0038-gpg-Make-export-ssh-key-work-for-the-primary-key.patch new file mode 100644 index 0000000..9ba738b --- /dev/null +++ b/patches/0038-gpg-Make-export-ssh-key-work-for-the-primary-key.patch @@ -0,0 +1,162 @@ +From: Werner Koch +Date: Tue, 14 Feb 2017 10:55:13 +0100 +Subject: gpg: Make --export-ssh-key work for the primary key. + +* g10/export.c (export_ssh_key): Also check the primary key. +-- + +If no suitable subkey was found for export, we now check whether the +primary key is suitable for export and export this one. Without this +change it was only possible to export the primary key by using the '!' +suffix in the key specification. + +Also added a sample key for testing this. + +GnuPG-bug-id: 2957 +Signed-off-by: Werner Koch +(cherry picked from commit b456e5be91dc064fc9509ea86edab113721ed299) +--- + g10/export.c | 42 ++++++++++++++++++++++ + tests/openpgp/samplekeys/README | 2 ++ + .../samplekeys/rsa-primary-auth-only.pub.asc | 23 ++++++++++++ + .../samplekeys/rsa-primary-auth-only.sec.asc | 38 ++++++++++++++++++++ + 4 files changed, 105 insertions(+) + create mode 100644 tests/openpgp/samplekeys/rsa-primary-auth-only.pub.asc + create mode 100644 tests/openpgp/samplekeys/rsa-primary-auth-only.sec.asc + +diff --git a/g10/export.c b/g10/export.c +index f354ca0..8668126 100644 +--- a/g10/export.c ++++ b/g10/export.c +@@ -2208,6 +2208,48 @@ export_ssh_key (ctrl_t ctrl, const char *userid) + latest_key = node; + } + } ++ ++ /* If no subkey was suitable check the primary key. */ ++ if (!latest_key ++ && (node = keyblock) && node->pkt->pkttype == PKT_PUBLIC_KEY) ++ { ++ pk = node->pkt->pkt.public_key; ++ if (DBG_LOOKUP) ++ log_debug ("\tchecking primary key %08lX\n", ++ (ulong) keyid_from_pk (pk, NULL)); ++ if (!(pk->pubkey_usage & PUBKEY_USAGE_AUTH)) ++ { ++ if (DBG_LOOKUP) ++ log_debug ("\tprimary key not usable for authentication\n"); ++ } ++ else if (!pk->flags.valid) ++ { ++ if (DBG_LOOKUP) ++ log_debug ("\tprimary key not valid\n"); ++ } ++ else if (pk->flags.revoked) ++ { ++ if (DBG_LOOKUP) ++ log_debug ("\tprimary key has been revoked\n"); ++ } ++ else if (pk->has_expired) ++ { ++ if (DBG_LOOKUP) ++ log_debug ("\tprimary key has expired\n"); ++ } ++ else if (pk->timestamp > curtime && !opt.ignore_valid_from) ++ { ++ if (DBG_LOOKUP) ++ log_debug ("\tprimary key not yet valid\n"); ++ } ++ else ++ { ++ if (DBG_LOOKUP) ++ log_debug ("\tprimary key is fine\n"); ++ latest_date = pk->timestamp; ++ latest_key = node; ++ } ++ } + } + + if (!latest_key) +diff --git a/tests/openpgp/samplekeys/README b/tests/openpgp/samplekeys/README +index 29524d5..6f2399f 100644 +--- a/tests/openpgp/samplekeys/README ++++ b/tests/openpgp/samplekeys/README +@@ -17,3 +17,5 @@ E657FB607BB4F21C90BB6651BC067AF28BC90111.asc Key with subkeys (no protection) + rsa-rsa-sample-1.asc RSA+RSA sample key (no passphrase) + ed25519-cv25519-sample-1.asc Ed25519+CV25519 sample key (no passphrase) + silent-running.asc Collection of sample secret keys (no passphrases) ++rsa-primary-auth-only.pub.asc rsa2408 primary only, usage: cert,auth ++rsa-primary-auth-only.sec.asc Ditto but the secret keyblock. +diff --git a/tests/openpgp/samplekeys/rsa-primary-auth-only.pub.asc b/tests/openpgp/samplekeys/rsa-primary-auth-only.pub.asc +new file mode 100644 +index 0000000..f34999e +--- /dev/null ++++ b/tests/openpgp/samplekeys/rsa-primary-auth-only.pub.asc +@@ -0,0 +1,23 @@ ++pub rsa2048 2017-02-14 [CA] ++ F74B4029E6906D12EBDA8EE3BD7744900FDABC8D ++ Keygrip = AB1BB1843677AF7CC4D6C14444320C3FF4147E98 ++uid [ unknown] ssh://host.example.net ++ ++-----BEGIN PGP PUBLIC KEY BLOCK----- ++ ++mQENBFiizWgBCACi28riS0AaC7UvXaZfoafEvcXq/MAq6akiowPf3eY4zz5DkBPf ++Ep3kGuDMAFqULvchIt9vpg719Zar/Xldi+UG+/KsDz+TT5k+nP6CwvBHbAXXtISv ++S51TKKnTFpvjcgJc1BMFN0pGf7JnZx1QfRfsZO2BvS4qVzYCWbSS9hlpMq4aIgOc ++ERBMsZYMPnI4ijbXysksecDC91kbJH0q5j8aGir5sDyrDwfVLp0SUAubRFU5gXuZ ++SEv9QmeV7XoXKXzk9KEYy7GUgoAJzabvbF0rVXqd3DE8KFkwK7rKBe8sGC04DWlK ++j/sHJcAfMSqCi/SZyYpO+FSfnB+uJ1BNc05hABEBAAG0FnNzaDovL2hvc3QuZXhh ++bXBsZS5uZXSJAU4EEwEIADgWIQT3S0Ap5pBtEuvajuO9d0SQD9q8jQUCWKLNaAIb ++IQULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRC9d0SQD9q8jZBrB/41MJWUeclV ++tM60+ydPNgUJwyRXpKdLIm/AtM1zOijlFkwsaMmzbFSFJJX98HGASHdU5OpL2Lv3 ++1NNDNMbUuFumApVrLzJUBugFRb+8/uY7H3Z0/YKQ9g9OC3z7+uqFFv/+/wA+VdYX ++Zy6uim8E4OlJ41S68fQcMiTxbLTCDkvBbpf505t6JhNqF6JB+SBFQJXvRqjoydXf ++dyoiDz9N1V0ERzmGEiPewvHg2zWcVia07NGhxN3slQ3klOfYJQ8Ye72feNq1zKCy ++AyU3X8fL10XKWooCAU+t4hR5hXYxYTSZse5q0FHZ38Lt9c3ApMSZ2+ueeOtGbsH9 ++kV8icGkI6KXp ++=zMXp ++-----END PGP PUBLIC KEY BLOCK----- +diff --git a/tests/openpgp/samplekeys/rsa-primary-auth-only.sec.asc b/tests/openpgp/samplekeys/rsa-primary-auth-only.sec.asc +new file mode 100644 +index 0000000..9d72421 +--- /dev/null ++++ b/tests/openpgp/samplekeys/rsa-primary-auth-only.sec.asc +@@ -0,0 +1,38 @@ ++sec rsa2048 2017-02-14 [CA] ++ F74B4029E6906D12EBDA8EE3BD7744900FDABC8D ++ Keygrip = AB1BB1843677AF7CC4D6C14444320C3FF4147E98 ++uid [ unknown] ssh://host.example.net ++ ++Passprase: none ++ ++-----BEGIN PGP PRIVATE KEY BLOCK----- ++ ++lQOYBFiizWgBCACi28riS0AaC7UvXaZfoafEvcXq/MAq6akiowPf3eY4zz5DkBPf ++Ep3kGuDMAFqULvchIt9vpg719Zar/Xldi+UG+/KsDz+TT5k+nP6CwvBHbAXXtISv ++S51TKKnTFpvjcgJc1BMFN0pGf7JnZx1QfRfsZO2BvS4qVzYCWbSS9hlpMq4aIgOc ++ERBMsZYMPnI4ijbXysksecDC91kbJH0q5j8aGir5sDyrDwfVLp0SUAubRFU5gXuZ ++SEv9QmeV7XoXKXzk9KEYy7GUgoAJzabvbF0rVXqd3DE8KFkwK7rKBe8sGC04DWlK ++j/sHJcAfMSqCi/SZyYpO+FSfnB+uJ1BNc05hABEBAAEAB/wN0yan4HIdQ+fU5i2c ++v0uknI9+i9zW8mWUi84Puks0K15CZ1VTLHC8JQ6hgq4twhw3HeS7GkJO3X2K4BuQ ++tggdIv94slqtQKaQ9XbNgYraz/AMXZtIiNy0FdGaGmM6rY+ccwxM9w1BFXn+48v4 ++lzCUCq/2wX53wwDSC5dpRPw8km6+uksFh3dfY8kgfpjU/lUCCwQiooYrQhut1EGB ++lDLRHp2ntC1xsnowtdPzluIHFetFSnmn2ehGqXqXtXLAMF0HOirViO5dUVMuj2Pe ++ra3IYVYANYK/7FEsRXHxU6aB/BSnubb5EiqB1Oi1JNyMrvYZnRsoRUaMjVgjA4ne ++RwD5BADBZN2USYGgciDVh7kvTbrtS1igPhoe3xUUQsM0hVIEwBzG4A4pWXznIQyW ++BziVTnRNp953EbHJIYdn7vmJzdiRKI+hOvrF8dfvVsq+fp4pWxrc+zrC6qptpo6H ++IhkHWUpyfIPuTI8d+glIUIuDshwKau0UZ8VDTOYuRYEZX9PrAwQA15RdS3geA1cf ++UK/ZaKs5VnohcLtEE/z3BlvlQaEdHxSQJSLYC4By7zKVOFZlZkHk36IPikwYNTgc ++P57aLe7rwNZqPhADue1ZN6Ypetvrek55lAYL9XoPJ/mWaYz6oDWWW8vHYqEPk8OL ++N8/8a6DhK0iydXi9/ztHQllbOt0EUcsEAJBjX84FgIi3VRotRSEDN/tIhekNo8p6 ++Pl8YF4V8A1hCVBEKRIcsPVx603DFiGFRcQQcBbblqVG4fpOYYgiBtEgJksRiMg/o ++kmVkl8BPrIhBGe2ez7byhhFvJDAoOWCdH0MWGaPGUoCGTDvd046GE8B3UWN9TSmo ++qAqfrUG0hQVQLEa0FnNzaDovL2hvc3QuZXhhbXBsZS5uZXSJAU4EEwEIADgWIQT3 ++S0Ap5pBtEuvajuO9d0SQD9q8jQUCWKLNaAIbIQULCQgHAgYVCAkKCwIEFgIDAQIe ++AQIXgAAKCRC9d0SQD9q8jZBrB/41MJWUeclVtM60+ydPNgUJwyRXpKdLIm/AtM1z ++OijlFkwsaMmzbFSFJJX98HGASHdU5OpL2Lv31NNDNMbUuFumApVrLzJUBugFRb+8 ++/uY7H3Z0/YKQ9g9OC3z7+uqFFv/+/wA+VdYXZy6uim8E4OlJ41S68fQcMiTxbLTC ++DkvBbpf505t6JhNqF6JB+SBFQJXvRqjoydXfdyoiDz9N1V0ERzmGEiPewvHg2zWc ++Via07NGhxN3slQ3klOfYJQ8Ye72feNq1zKCyAyU3X8fL10XKWooCAU+t4hR5hXYx ++YTSZse5q0FHZ38Lt9c3ApMSZ2+ueeOtGbsH9kV8icGkI6KXp ++=3QG9 ++-----END PGP PRIVATE KEY BLOCK----- diff --git a/patches/0039-dirmngr-Avoid-PTR-lookup-for-hosts-in-a-pool.patch b/patches/0039-dirmngr-Avoid-PTR-lookup-for-hosts-in-a-pool.patch new file mode 100644 index 0000000..f1e9791 --- /dev/null +++ b/patches/0039-dirmngr-Avoid-PTR-lookup-for-hosts-in-a-pool.patch @@ -0,0 +1,71 @@ +From: Werner Koch +Date: Wed, 15 Feb 2017 17:03:57 +0100 +Subject: dirmngr: Avoid PTR lookup for hosts in a pool + +* dirmngr/ks-engine-hkp.c (add_host): Don't to a PTR lookup for hosts +in a pool. +-- + +GnuPG-bug-id: 2928 +Signed-off-by: Werner Koch +(cherry picked from commit da2ba20868093e3054d18adc2b1bc56cb23e4ba7) +--- + dirmngr/ks-engine-hkp.c | 23 ++++++++++++++++++----- + 1 file changed, 18 insertions(+), 5 deletions(-) + +diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c +index be8b083..32db4bc 100644 +--- a/dirmngr/ks-engine-hkp.c ++++ b/dirmngr/ks-engine-hkp.c +@@ -320,10 +320,17 @@ add_host (const char *name, int is_pool, + + idx = find_hostinfo (name); + +- if (!is_pool && !is_ip_address (name)) ++ if (is_pool) + { +- /* This is a hostname but not a pool. Use the name +- as given without going through resolve_dns_addr. */ ++ /* For a pool immediately convert the address to a string. */ ++ tmperr = resolve_dns_addr (ai->addr, ai->addrlen, ++ (DNS_NUMERICHOST | DNS_WITHBRACKET), &tmphost); ++ is_numeric = 1; ++ } ++ else if (!is_ip_address (name)) ++ { ++ /* This is a hostname. Use the name as given without going ++ * through resolve_dns_addr. */ + tmphost = xtrystrdup (name); + if (!tmphost) + tmperr = gpg_error_from_syserror (); +@@ -332,6 +339,10 @@ add_host (const char *name, int is_pool, + } + else + { ++ /* Do a PTR lookup on AI. If a name was not found the function ++ * returns the numeric address (with brackets) and we set a flag ++ * so that we know that the conversion to a numerical string has ++ * already be done. */ + tmperr = resolve_dns_addr (ai->addr, ai->addrlen, + DNS_WITHBRACKET, &tmphost); + if (tmphost && is_ip_address (tmphost)) +@@ -364,8 +375,7 @@ add_host (const char *name, int is_pool, + + if (tmpidx == -1) + { +- log_error ("map_host for '%s' problem: %s - '%s'" +- " [ignored]\n", ++ log_error ("map_host for '%s' problem: %s - '%s' [ignored]\n", + name, strerror (errno), tmphost); + } + else /* Set or update the entry. */ +@@ -375,6 +385,9 @@ add_host (const char *name, int is_pool, + if (port) + hosttable[tmpidx]->port = port; + ++ /* If TMPHOST is not yet a numerical value do this now. ++ * Note: This is a simple string operations and not a PTR ++ * lookup (due to DNS_NUMERICHOST). */ + if (!is_numeric) + { + xfree (tmphost); diff --git a/patches/0040-gpgv-w32-Fix-status-fd.patch b/patches/0040-gpgv-w32-Fix-status-fd.patch new file mode 100644 index 0000000..555af36 --- /dev/null +++ b/patches/0040-gpgv-w32-Fix-status-fd.patch @@ -0,0 +1,27 @@ +From: Werner Koch +Date: Tue, 28 Feb 2017 09:35:41 +0100 +Subject: gpgv,w32: Fix --status-fd. + +* g10/gpgv.c (main): Use translate_sys2libc_fd_int for --status-fd. + +Signed-off-by: Werner Koch +(cherry picked from commit 8a67dc4c4324b617b5a3fea51c59c674488544d6) +--- + g10/gpgv.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/g10/gpgv.c b/g10/gpgv.c +index bd16b39..ca8fca4 100644 +--- a/g10/gpgv.c ++++ b/g10/gpgv.c +@@ -194,7 +194,9 @@ main( int argc, char **argv ) + break; + case oKeyring: append_to_strlist( &nrings, pargs.r.ret_str); break; + case oOutput: opt.outfile = pargs.r.ret_str; break; +- case oStatusFD: set_status_fd( pargs.r.ret_int ); break; ++ case oStatusFD: ++ set_status_fd (translate_sys2libc_fd_int (pargs.r.ret_int, 1)); ++ break; + case oLoggerFD: + log_set_fd (translate_sys2libc_fd_int (pargs.r.ret_int, 1)); + break; diff --git a/patches/0041-gpg-tools-Make-trust-model-configurable-via-gpgconf.patch b/patches/0041-gpg-tools-Make-trust-model-configurable-via-gpgconf.patch new file mode 100644 index 0000000..ae0cff9 --- /dev/null +++ b/patches/0041-gpg-tools-Make-trust-model-configurable-via-gpgconf.patch @@ -0,0 +1,42 @@ +From: Justus Winter +Date: Tue, 28 Feb 2017 13:15:42 +0100 +Subject: gpg,tools: Make trust-model configurable via gpgconf. + +* g10/gpg.c (gpgconf_list): Add 'trust-model'. +* tools/gpgconf-comp.c (gc_options_gpg): Likewise. + +GnuPG-bug-id: 2381 +Signed-off-by: Justus Winter +(cherry picked from commit ebeccd73eb85f9027f0985d77dfe901266c6ddef) +--- + g10/gpg.c | 1 + + tools/gpgconf-comp.c | 4 ++++ + 2 files changed, 5 insertions(+) + +diff --git a/g10/gpg.c b/g10/gpg.c +index 0c5a167..09bdf66 100644 +--- a/g10/gpg.c ++++ b/g10/gpg.c +@@ -1845,6 +1845,7 @@ gpgconf_list (const char *configfile) + es_printf ("group:%lu:\n", GC_OPT_FLAG_NONE); + es_printf ("compliance:%lu:\"%s:\n", GC_OPT_FLAG_DEFAULT, "gnupg"); + es_printf ("default-new-key-algo:%lu:\n", GC_OPT_FLAG_NONE); ++ es_printf ("trust-model:%lu:\n", GC_OPT_FLAG_NONE); + + /* The next one is an info only item and should match the macros at + the top of keygen.c */ +diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c +index a0d9659..cdd2586 100644 +--- a/tools/gpgconf-comp.c ++++ b/tools/gpgconf-comp.c +@@ -716,6 +716,10 @@ static gc_option_t gc_options_gpg[] = + (GC_OPT_FLAG_ARG_OPT|GC_OPT_FLAG_NO_CHANGE), GC_LEVEL_INVISIBLE, + NULL, NULL, + GC_ARG_TYPE_STRING, GC_BACKEND_GPG }, ++ { "trust-model", ++ GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE, ++ NULL, NULL, ++ GC_ARG_TYPE_STRING, GC_BACKEND_GPG }, + + + { "Debug", diff --git a/patches/0042-gpg-tools-Make-auto-key-retrieve-configurable-via-gp.patch b/patches/0042-gpg-tools-Make-auto-key-retrieve-configurable-via-gp.patch new file mode 100644 index 0000000..60d29b7 --- /dev/null +++ b/patches/0042-gpg-tools-Make-auto-key-retrieve-configurable-via-gp.patch @@ -0,0 +1,40 @@ +From: Justus Winter +Date: Tue, 28 Feb 2017 14:59:11 +0100 +Subject: gpg,tools: Make auto-key-retrieve configurable via gpgconf. + +* g10/gpg.c (gpgconf_list): Add 'auto-key-retrieve'. +* tools/gpgconf-comp.c (gc_options_gpg): Likewise. + +GnuPG-bug-id: 2381 +Signed-off-by: Justus Winter +(cherry picked from commit d379a0174cca595204b32da9a66c513a1304e6d0) +--- + g10/gpg.c | 1 + + tools/gpgconf-comp.c | 2 ++ + 2 files changed, 3 insertions(+) + +diff --git a/g10/gpg.c b/g10/gpg.c +index 09bdf66..2a4a0ad 100644 +--- a/g10/gpg.c ++++ b/g10/gpg.c +@@ -1840,6 +1840,7 @@ gpgconf_list (const char *configfile) + es_printf ("encrypt-to:%lu:\n", GC_OPT_FLAG_NONE); + es_printf ("try-secret-key:%lu:\n", GC_OPT_FLAG_NONE); + es_printf ("auto-key-locate:%lu:\n", GC_OPT_FLAG_NONE); ++ es_printf ("auto-key-retrieve:%lu:\n", GC_OPT_FLAG_NONE); + es_printf ("log-file:%lu:\n", GC_OPT_FLAG_NONE); + es_printf ("debug-level:%lu:\"none:\n", GC_OPT_FLAG_DEFAULT); + es_printf ("group:%lu:\n", GC_OPT_FLAG_NONE); +diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c +index cdd2586..530c128 100644 +--- a/tools/gpgconf-comp.c ++++ b/tools/gpgconf-comp.c +@@ -747,6 +747,8 @@ static gc_option_t gc_options_gpg[] = + { "auto-key-locate", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED, + "gnupg", N_("|MECHANISMS|use MECHANISMS to locate keys by mail address"), + GC_ARG_TYPE_STRING, GC_BACKEND_GPG }, ++ { "auto-key-retrieve", GC_OPT_FLAG_NONE, GC_LEVEL_INVISIBLE, ++ NULL, NULL, GC_ARG_TYPE_NONE, GC_BACKEND_GPG }, + + + GC_OPTION_NULL diff --git a/patches/0043-gpg-Allow-creating-keys-using-an-existing-ECC-key.patch b/patches/0043-gpg-Allow-creating-keys-using-an-existing-ECC-key.patch new file mode 100644 index 0000000..9d6fe6e --- /dev/null +++ b/patches/0043-gpg-Allow-creating-keys-using-an-existing-ECC-key.patch @@ -0,0 +1,204 @@ +From: Werner Koch +Date: Wed, 1 Mar 2017 13:36:01 +0100 +Subject: gpg: Allow creating keys using an existing ECC key. + +* common/sexputil.c (get_pk_algo_from_canon_sexp): Remove arg R_ALGO. +Change to return the algo id. Reimplement using get_pk_algo_from_key. +* g10/keygen.c (check_keygrip): Adjust for change. +* sm/certreqgen-ui.c (check_keygrip): Ditto. +-- + +GnuPG-bug-id: 2976 +Signed-off-by: Werner Koch +(cherry picked from commit 2bbdeb8ee87a6c7ec211be16391a11b7c6030bed) +--- + common/sexputil.c | 65 +++++++++++++++--------------------------------------- + common/util.h | 6 ++--- + g10/keygen.c | 22 +++--------------- + sm/certreqgen-ui.c | 24 +++++++++----------- + 4 files changed, 34 insertions(+), 83 deletions(-) + +diff --git a/common/sexputil.c b/common/sexputil.c +index 0c5c730..a8dc1a5 100644 +--- a/common/sexputil.c ++++ b/common/sexputil.c +@@ -512,53 +512,6 @@ get_rsa_pk_from_canon_sexp (const unsigned char *keydata, size_t keydatalen, + } + + +-/* Return the algo of a public RSA expressed as an canonical encoded +- S-expression. The return value is a statically allocated +- string. On error that string is set to NULL. */ +-gpg_error_t +-get_pk_algo_from_canon_sexp (const unsigned char *keydata, size_t keydatalen, +- const char **r_algo) +-{ +- gpg_error_t err; +- const unsigned char *buf, *tok; +- size_t buflen, toklen; +- int depth; +- +- *r_algo = NULL; +- +- buf = keydata; +- buflen = keydatalen; +- depth = 0; +- if ((err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen))) +- return err; +- if ((err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen))) +- return err; +- if (!tok || toklen != 10 || memcmp ("public-key", tok, toklen)) +- return gpg_error (GPG_ERR_BAD_PUBKEY); +- if ((err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen))) +- return err; +- if ((err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen))) +- return err; +- if (!tok) +- return gpg_error (GPG_ERR_BAD_PUBKEY); +- +- if (toklen == 3 && !memcmp ("rsa", tok, toklen)) +- *r_algo = "rsa"; +- else if (toklen == 3 && !memcmp ("dsa", tok, toklen)) +- *r_algo = "dsa"; +- else if (toklen == 3 && !memcmp ("elg", tok, toklen)) +- *r_algo = "elg"; +- else if (toklen == 5 && !memcmp ("ecdsa", tok, toklen)) +- *r_algo = "ecdsa"; +- else if (toklen == 5 && !memcmp ("eddsa", tok, toklen)) +- *r_algo = "eddsa"; +- else +- return gpg_error (GPG_ERR_PUBKEY_ALGO); +- +- return 0; +-} +- +- + /* Return the algo of a public KEY of SEXP. */ + int + get_pk_algo_from_key (gcry_sexp_t key) +@@ -606,3 +559,21 @@ get_pk_algo_from_key (gcry_sexp_t key) + + return algo; + } ++ ++ ++/* This is a variant of get_pk_algo_from_key but takes an canonical ++ * encoded S-expression as input. Returns a GCRYPT public key ++ * identiier or 0 on error. */ ++int ++get_pk_algo_from_canon_sexp (const unsigned char *keydata, size_t keydatalen) ++{ ++ gcry_sexp_t sexp; ++ int algo; ++ ++ if (gcry_sexp_sscan (&sexp, NULL, keydata, keydatalen)) ++ return 0; ++ ++ algo = get_pk_algo_from_key (sexp); ++ gcry_sexp_release (sexp); ++ return algo; ++} +diff --git a/common/util.h b/common/util.h +index f7a53e1..b6d7156 100644 +--- a/common/util.h ++++ b/common/util.h +@@ -195,10 +195,10 @@ gpg_error_t get_rsa_pk_from_canon_sexp (const unsigned char *keydata, + size_t *r_nlen, + unsigned char const **r_e, + size_t *r_elen); +-gpg_error_t get_pk_algo_from_canon_sexp (const unsigned char *keydata, +- size_t keydatalen, +- const char **r_algo); ++ + int get_pk_algo_from_key (gcry_sexp_t key); ++int get_pk_algo_from_canon_sexp (const unsigned char *keydata, ++ size_t keydatalen); + + /*-- convert.c --*/ + int hex2bin (const char *string, void *buffer, size_t length); +diff --git a/g10/keygen.c b/g10/keygen.c +index 98ef29e..0180581 100644 +--- a/g10/keygen.c ++++ b/g10/keygen.c +@@ -1838,7 +1838,7 @@ check_keygrip (ctrl_t ctrl, const char *hexgrip) + gpg_error_t err; + unsigned char *public; + size_t publiclen; +- const char *algostr; ++ int algo; + + if (hexgrip[0] == '&') + hexgrip++; +@@ -1848,26 +1848,10 @@ check_keygrip (ctrl_t ctrl, const char *hexgrip) + return 0; + publiclen = gcry_sexp_canon_len (public, 0, NULL, NULL); + +- get_pk_algo_from_canon_sexp (public, publiclen, &algostr); ++ algo = get_pk_algo_from_canon_sexp (public, publiclen); + xfree (public); + +- /* FIXME: Mapping of ECC algorithms is probably not correct. */ +- if (!algostr) +- return 0; +- else if (!strcmp (algostr, "rsa")) +- return PUBKEY_ALGO_RSA; +- else if (!strcmp (algostr, "dsa")) +- return PUBKEY_ALGO_DSA; +- else if (!strcmp (algostr, "elg")) +- return PUBKEY_ALGO_ELGAMAL_E; +- else if (!strcmp (algostr, "ecc")) +- return PUBKEY_ALGO_ECDH; +- else if (!strcmp (algostr, "ecdsa")) +- return PUBKEY_ALGO_ECDSA; +- else if (!strcmp (algostr, "eddsa")) +- return PUBKEY_ALGO_EDDSA; +- else +- return 0; ++ return map_pk_gcry_to_openpgp (algo); + } + + +diff --git a/sm/certreqgen-ui.c b/sm/certreqgen-ui.c +index ece8668..b50d338 100644 +--- a/sm/certreqgen-ui.c ++++ b/sm/certreqgen-ui.c +@@ -95,7 +95,7 @@ check_keygrip (ctrl_t ctrl, const char *hexgrip) + gpg_error_t err; + ksba_sexp_t public; + size_t publiclen; +- const char *algostr; ++ int algo; + + if (hexgrip[0] == '&') + hexgrip++; +@@ -105,21 +105,17 @@ check_keygrip (ctrl_t ctrl, const char *hexgrip) + return NULL; + publiclen = gcry_sexp_canon_len (public, 0, NULL, NULL); + +- get_pk_algo_from_canon_sexp (public, publiclen, &algostr); ++ algo = get_pk_algo_from_canon_sexp (public, publiclen); + xfree (public); + +- if (!algostr) +- return NULL; +- else if (!strcmp (algostr, "rsa")) +- return "RSA"; +- else if (!strcmp (algostr, "dsa")) +- return "DSA"; +- else if (!strcmp (algostr, "elg")) +- return "ELG"; +- else if (!strcmp (algostr, "ecdsa")) +- return "ECDSA"; +- else +- return NULL; ++ switch (algo) ++ { ++ case GCRY_PK_RSA: return "RSA"; ++ case GCRY_PK_DSA: return "DSA"; ++ case GCRY_PK_ELG: return "ELG"; ++ case GCRY_PK_EDDSA: return "ECDSA"; ++ default: return NULL; ++ } + } + + diff --git a/patches/0044-gpg-Make-export-options-work-with-export-secret-keys.patch b/patches/0044-gpg-Make-export-options-work-with-export-secret-keys.patch new file mode 100644 index 0000000..7dc7666 --- /dev/null +++ b/patches/0044-gpg-Make-export-options-work-with-export-secret-keys.patch @@ -0,0 +1,156 @@ +From: Werner Koch +Date: Wed, 1 Mar 2017 14:41:47 +0100 +Subject: gpg: Make --export-options work with --export-secret-keys. + +* g10/export.c (export_seckeys): Add arg OPTIONS and pass it to +do_export. +(export_secsubkeys): Ditto. +* g10/gpg.c (main): Pass opt.export_options to export_seckeys and +export_secsubkeys +-- + +Back in the old days we did not used the export options for secret +keys export because of a lot of duplicated code and that the old +secring.gpg was anyway smaller that the pubring.gpg. With 2.1 it was +pretty easy to enable it. + +Reported-by: Peter Lebbing +GnuPG-bug-id: 2973 +(cherry picked from commit 891ab23411b7f20ef37d8bde81d9857b083235df) +--- + doc/gpg.texi | 7 ++++--- + g10/export.c | 31 ++++++++++++++++--------------- + g10/gpg.c | 4 ++-- + g10/main.h | 6 ++++-- + 4 files changed, 26 insertions(+), 22 deletions(-) + +diff --git a/doc/gpg.texi b/doc/gpg.texi +index b79b783..3b82b44 100644 +--- a/doc/gpg.texi ++++ b/doc/gpg.texi +@@ -1824,7 +1824,8 @@ are available for all keyserver types, some common options are: + used with HKP keyservers. + + @item auto-key-retrieve +- This is the same as the option @option{auto-key-retrieve}. ++ This is an obsolete alias for the option @option{auto-key-retrieve}. ++ Please do not use it; it will be removed in future versions.. + + @item honor-keyserver-url + When using @option{--refresh-keys}, if the key in question has a preferred +@@ -2371,8 +2372,8 @@ The available properties are: + @item --export-options @code{parameters} + @opindex export-options + This is a space or comma delimited string that gives options for +-exporting keys. Options can be prepended with a `no-' to give the +-opposite meaning. The options are: ++exporting keys. Options can be prepended with a `no-' to give the ++opposite meaning. The options are: + + @table @asis + +diff --git a/g10/export.c b/g10/export.c +index 8668126..207f994 100644 +--- a/g10/export.c ++++ b/g10/export.c +@@ -247,16 +247,17 @@ export_pubkeys (ctrl_t ctrl, strlist_t users, unsigned int options, + /* + * Export secret keys (to stdout or to --output FILE). + * +- * Depending on opt.armor the output is armored. If USERS is NULL, +- * all secret keys will be exported. STATS is either an export stats +- * object for update or NULL. ++ * Depending on opt.armor the output is armored. OPTIONS are defined ++ * in main.h. If USERS is NULL, all secret keys will be exported. ++ * STATS is either an export stats object for update or NULL. + * + * This function is the core of "gpg --export-secret-keys". + */ + int +-export_seckeys (ctrl_t ctrl, strlist_t users, export_stats_t stats) ++export_seckeys (ctrl_t ctrl, strlist_t users, unsigned int options, ++ export_stats_t stats) + { +- return do_export (ctrl, users, 1, 0, stats); ++ return do_export (ctrl, users, 1, options, stats); + } + + +@@ -264,16 +265,18 @@ export_seckeys (ctrl_t ctrl, strlist_t users, export_stats_t stats) + * Export secret sub keys (to stdout or to --output FILE). + * + * This is the same as export_seckeys but replaces the primary key by +- * a stub key. Depending on opt.armor the output is armored. If +- * USERS is NULL, all secret subkeys will be exported. STATS is +- * either an export stats object for update or NULL. ++ * a stub key. Depending on opt.armor the output is armored. OPTIONS ++ * are defined in main.h. If USERS is NULL, all secret subkeys will ++ * be exported. STATS is either an export stats object for update or ++ * NULL. + * + * This function is the core of "gpg --export-secret-subkeys". + */ + int +-export_secsubkeys (ctrl_t ctrl, strlist_t users, export_stats_t stats) ++export_secsubkeys (ctrl_t ctrl, strlist_t users, unsigned int options, ++ export_stats_t stats) + { +- return do_export (ctrl, users, 2, 0, stats); ++ return do_export (ctrl, users, 2, options, stats); + } + + +@@ -1969,11 +1972,9 @@ do_export_stream (ctrl_t ctrl, iobuf_t out, strlist_t users, int secret, + } + + /* Always do the cleaning on the public key part if requested. +- Note that we don't yet set this option if we are exporting +- secret keys. Note that both export-clean and export-minimal +- only apply to UID sigs (0x10, 0x11, 0x12, and 0x13). A +- designated revocation is never stripped, even with +- export-minimal set. */ ++ * Note that both export-clean and export-minimal only apply to ++ * UID sigs (0x10, 0x11, 0x12, and 0x13). A designated ++ * revocation is never stripped, even with export-minimal set. */ + if ((options & EXPORT_CLEAN)) + clean_key (keyblock, opt.verbose, (options&EXPORT_MINIMAL), NULL, NULL); + +diff --git a/g10/gpg.c b/g10/gpg.c +index 2a4a0ad..5a880fd 100644 +--- a/g10/gpg.c ++++ b/g10/gpg.c +@@ -4546,7 +4546,7 @@ main (int argc, char **argv) + add_to_strlist2( &sl, *argv, utf8_strings ); + { + export_stats_t stats = export_new_stats (); +- export_seckeys (ctrl, sl, stats); ++ export_seckeys (ctrl, sl, opt.export_options, stats); + export_print_stats (stats); + export_release_stats (stats); + } +@@ -4559,7 +4559,7 @@ main (int argc, char **argv) + add_to_strlist2( &sl, *argv, utf8_strings ); + { + export_stats_t stats = export_new_stats (); +- export_secsubkeys (ctrl, sl, stats); ++ export_secsubkeys (ctrl, sl, opt.export_options, stats); + export_print_stats (stats); + export_release_stats (stats); + } +diff --git a/g10/main.h b/g10/main.h +index 5ed501b..6837e98 100644 +--- a/g10/main.h ++++ b/g10/main.h +@@ -397,8 +397,10 @@ gpg_error_t parse_and_set_export_filter (const char *string); + + int export_pubkeys (ctrl_t ctrl, strlist_t users, unsigned int options, + export_stats_t stats); +-int export_seckeys (ctrl_t ctrl, strlist_t users, export_stats_t stats); +-int export_secsubkeys (ctrl_t ctrl, strlist_t users, export_stats_t stats); ++int export_seckeys (ctrl_t ctrl, strlist_t users, unsigned int options, ++ export_stats_t stats); ++int export_secsubkeys (ctrl_t ctrl, strlist_t users, unsigned int options, ++ export_stats_t stats); + + gpg_error_t export_pubkey_buffer (ctrl_t ctrl, const char *keyspec, + unsigned int options, diff --git a/patches/0045-common-tools-Always-escape-newlines-when-escaping-da.patch b/patches/0045-common-tools-Always-escape-newlines-when-escaping-da.patch new file mode 100644 index 0000000..8b3e32b --- /dev/null +++ b/patches/0045-common-tools-Always-escape-newlines-when-escaping-da.patch @@ -0,0 +1,63 @@ +From: Justus Winter +Date: Wed, 1 Mar 2017 17:47:47 +0100 +Subject: common,tools: Always escape newlines when escaping data. + +* common/stringhelp.c (do_percent_escape): Always escape newlines. +* tools/gpgconf-comp.c (gc_percent_escape): Likewise. +-- +Newlines always pose a problem for a line-based communication format. + +GnuPG-bug-id: 2387 +Signed-off-by: Justus Winter +(cherry picked from commit e064c75b08a523f738108428fe0c417a46e66238) +--- + common/stringhelp.c | 10 +++++++++- + tools/gpgconf-comp.c | 7 +++++++ + 2 files changed, 16 insertions(+), 1 deletion(-) + +diff --git a/common/stringhelp.c b/common/stringhelp.c +index dea2212..0abfa3d 100644 +--- a/common/stringhelp.c ++++ b/common/stringhelp.c +@@ -1052,7 +1052,8 @@ do_percent_escape (const char *str, const char *extra, int die) + return NULL; + + for (i=j=0; str[i]; i++) +- if (str[i] == ':' || str[i] == '%' || (extra && strchr (extra, str[i]))) ++ if (str[i] == ':' || str[i] == '%' || str[i] == '\n' ++ || (extra && strchr (extra, str[i]))) + j++; + if (die) + ptr = xmalloc (i + 2 * j + 1); +@@ -1077,6 +1078,13 @@ do_percent_escape (const char *str, const char *extra, int die) + ptr[i++] = '2'; + ptr[i++] = '5'; + } ++ else if (*str == '\n') ++ { ++ /* The newline is problematic in a line-based format. */ ++ ptr[i++] = '%'; ++ ptr[i++] = '0'; ++ ptr[i++] = 'a'; ++ } + else if (extra && strchr (extra, *str)) + { + ptr[i++] = '%'; +diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c +index 530c128..9358e2e 100644 +--- a/tools/gpgconf-comp.c ++++ b/tools/gpgconf-comp.c +@@ -1490,6 +1490,13 @@ gc_percent_escape (const char *src) + *(dst++) = '2'; + *(dst++) = 'c'; + } ++ else if (*src == '\n') ++ { ++ /* The newline is problematic in a line-based format. */ ++ *(dst++) = '%'; ++ *(dst++) = '0'; ++ *(dst++) = 'a'; ++ } + else + *(dst++) = *(src); + src++; diff --git a/patches/0046-g10-Signal-an-error-when-trying-to-revoke-non-exista.patch b/patches/0046-g10-Signal-an-error-when-trying-to-revoke-non-exista.patch new file mode 100644 index 0000000..14480bf --- /dev/null +++ b/patches/0046-g10-Signal-an-error-when-trying-to-revoke-non-exista.patch @@ -0,0 +1,53 @@ +From: Justus Winter +Date: Thu, 2 Mar 2017 11:39:00 +0100 +Subject: g10: Signal an error when trying to revoke non-existant UID. + +* g10/keyedit.c (keyedit_quick_revuid): Signal an error when trying to +revoke non-existant UID. +* tests/openpgp/quick-key-manipulation.scm: Test that. + +GnuPG-bug-id: 2962 +Signed-off-by: Justus Winter +(cherry picked from commit 62d21a4ab4029b32ea129f1cf3a0e1f22e2fb7b0) +--- + g10/keyedit.c | 2 ++ + tests/openpgp/quick-key-manipulation.scm | 6 ++++++ + 2 files changed, 8 insertions(+) + +diff --git a/g10/keyedit.c b/g10/keyedit.c +index 1456d28..a477e92 100644 +--- a/g10/keyedit.c ++++ b/g10/keyedit.c +@@ -3053,6 +3053,8 @@ keyedit_quick_revuid (ctrl_t ctrl, const char *username, const char *uidtorev) + } + } + ++ log_error (_("User ID revocation failed: %s\n"), gpg_strerror (GPG_ERR_NOT_FOUND)); ++ + leave: + release_kbnode (keyblock); + keydb_release (kdbhd); +diff --git a/tests/openpgp/quick-key-manipulation.scm b/tests/openpgp/quick-key-manipulation.scm +index d43f7b5..ae1d0b9 100755 +--- a/tests/openpgp/quick-key-manipulation.scm ++++ b/tests/openpgp/quick-key-manipulation.scm +@@ -36,6 +36,7 @@ + + (define alpha "Alpha ") + (define bravo "Bravo ") ++(define charlie "Charlie ") + + (define (key-data key) + (filter (lambda (x) (or (string=? (car x) "pub") +@@ -78,6 +79,11 @@ + (info "Checking that we can revoke a user ID...") + (call-check `(,@GPG --quick-revoke-uid ,(exact bravo) ,alpha)) + ++(info "Checking that we get an error revoking a non-existant user ID.") ++(catch '() ++ (call-check `(,@GPG --quick-revoke-uid ,(exact bravo) ,charlie)) ++ (error "Expected an error, but get none.")) ++ + (assert (= 1 (count-uids-of-secret-key bravo))) + + (info "Checking that we can change the expiration time.") diff --git a/patches/0047-gpg-Fix-possible-segv-when-attribute-packets-are-fil.patch b/patches/0047-gpg-Fix-possible-segv-when-attribute-packets-are-fil.patch new file mode 100644 index 0000000..3b232db --- /dev/null +++ b/patches/0047-gpg-Fix-possible-segv-when-attribute-packets-are-fil.patch @@ -0,0 +1,58 @@ +From: Werner Koch +Date: Fri, 3 Mar 2017 09:50:40 +0100 +Subject: gpg: Fix possible segv when attribute packets are filtered. + +* g10/import.c (impex_filter_getval): Handle PKT_ATTRIBUTE the same as +PKT_USER_ID +(apply_drop_sig_filter): Ditto. +-- + +The old code was plainly wrong in that it considered PKT_ATTRIBUTE to +use a PKT_signature object. + +Signed-off-by: Werner Koch +(cherry picked from commit 5f6f3f5cae8a95ed469129f9677782c17951dab3) +--- + g10/import.c | 12 ++++++------ + 1 file changed, 6 insertions(+), 6 deletions(-) + +diff --git a/g10/import.c b/g10/import.c +index b6c04dc..4e6f692 100644 +--- a/g10/import.c ++++ b/g10/import.c +@@ -1173,7 +1173,8 @@ impex_filter_getval (void *cookie, const char *propname) + static char numbuf[20]; + const char *result; + +- if (node->pkt->pkttype == PKT_USER_ID) ++ if (node->pkt->pkttype == PKT_USER_ID ++ || node->pkt->pkttype == PKT_ATTRIBUTE) + { + if (!strcmp (propname, "uid")) + result = node->pkt->pkt.user_id->name; +@@ -1191,8 +1192,7 @@ impex_filter_getval (void *cookie, const char *propname) + else + result = NULL; + } +- else if (node->pkt->pkttype == PKT_SIGNATURE +- || node->pkt->pkttype == PKT_ATTRIBUTE) ++ else if (node->pkt->pkttype == PKT_SIGNATURE) + { + PKT_signature *sig = node->pkt->pkt.signature; + +@@ -1313,12 +1313,12 @@ apply_drop_sig_filter (kbnode_t keyblock, recsel_expr_t selector) + if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY + || node->pkt->pkttype == PKT_SECRET_SUBKEY) + break; /* ready. */ +- if (node->pkt->pkttype == PKT_USER_ID) ++ if (node->pkt->pkttype == PKT_USER_ID ++ || node->pkt->pkttype == PKT_ATTRIBUTE) + active = 1; + if (!active) + continue; +- if (node->pkt->pkttype != PKT_SIGNATURE +- && node->pkt->pkttype != PKT_ATTRIBUTE) ++ if (node->pkt->pkttype != PKT_SIGNATURE) + continue; + + sig = node->pkt->pkt.signature; diff --git a/patches/0048-gpg-Fix-attempt-to-double-free-an-UID-structure.patch b/patches/0048-gpg-Fix-attempt-to-double-free-an-UID-structure.patch new file mode 100644 index 0000000..9de4ed1 --- /dev/null +++ b/patches/0048-gpg-Fix-attempt-to-double-free-an-UID-structure.patch @@ -0,0 +1,59 @@ +From: Werner Koch +Date: Sun, 5 Mar 2017 23:24:15 +0100 +Subject: gpg: Fix attempt to double free an UID structure. + +* g10/getkey.c (get_best_pubkey_byname): Set released .UID to NULL. +-- + +Phil Pennock reported an assertion failure when doing + + % gpg --auto-key-locate dane --locate-keys someone + gpg: Ohhhh jeeee: Assertion "uid->ref > 0" in \ + free_user_id failed (free-packet.c:310) + +on his keyring. This patch is not tested but a good guess. + +Signed-off-by: Werner Koch +(cherry picked from commit 4a130bbc2c2f4be6e8c6357512a943f435ade28f) +--- + g10/getkey.c | 9 +++++++-- + 1 file changed, 7 insertions(+), 2 deletions(-) + +diff --git a/g10/getkey.c b/g10/getkey.c +index e39de28..21dcf08 100644 +--- a/g10/getkey.c ++++ b/g10/getkey.c +@@ -1592,8 +1592,10 @@ get_best_pubkey_byname (ctrl_t ctrl, GETKEY_CTX *retctx, PKT_public_key *pk, + if (is_valid_mailbox (name) && ctx) + { + /* Rank results and return only the most relevant key. */ +- struct pubkey_cmp_cookie best = { 0 }, new; +- KBNODE new_keyblock; ++ struct pubkey_cmp_cookie best = { 0 }; ++ struct pubkey_cmp_cookie new; ++ kbnode_t new_keyblock; ++ + while (getkey_next (ctx, &new.key, &new_keyblock) == 0) + { + int diff = pubkey_cmp (ctrl, name, &best, &new, new_keyblock); +@@ -1610,17 +1612,20 @@ get_best_pubkey_byname (ctrl_t ctrl, GETKEY_CTX *retctx, PKT_public_key *pk, + /* Old key is better. */ + release_public_key_parts (&new.key); + free_user_id (new.uid); ++ new.uid = NULL; + } + else + { + /* A tie. Keep the old key. */ + release_public_key_parts (&new.key); + free_user_id (new.uid); ++ new.uid = NULL; + } + } + getkey_end (ctx); + ctx = NULL; + free_user_id (best.uid); ++ best.uid = NULL; + + if (best.valid) + { diff --git a/patches/0049-doc-Add-a-note-to-the-trust-model-direct.patch b/patches/0049-doc-Add-a-note-to-the-trust-model-direct.patch new file mode 100644 index 0000000..de1f75d --- /dev/null +++ b/patches/0049-doc-Add-a-note-to-the-trust-model-direct.patch @@ -0,0 +1,75 @@ +From: Werner Koch +Date: Wed, 8 Mar 2017 10:46:09 +0100 +Subject: doc: Add a note to the trust model direct. + +* doc/gpg.texi (GPG Configuration Options): Add note. Chnage Index +from trust-mode:foo to trust-model:foo. + +(cherry picked from commit f0257b4a86b73f5b956028e68590b6d2a23ea4da) +--- + doc/gpg.texi | 20 ++++++++++++-------- + 1 file changed, 12 insertions(+), 8 deletions(-) + +diff --git a/doc/gpg.texi b/doc/gpg.texi +index 3b82b44..d658737 100644 +--- a/doc/gpg.texi ++++ b/doc/gpg.texi +@@ -1600,17 +1600,17 @@ Set what trust model GnuPG should follow. The models are: + @table @asis + + @item pgp +- @opindex trust-mode:pgp ++ @opindex trust-model:pgp + This is the Web of Trust combined with trust signatures as used in PGP + 5.x and later. This is the default trust model when creating a new + trust database. + + @item classic +- @opindex trust-mode:classic ++ @opindex trust-model:classic + This is the standard Web of Trust as introduced by PGP 2. + + @item tofu +- @opindex trust-mode:tofu ++ @opindex trust-model:tofu + @anchor{trust-model-tofu} + TOFU stands for Trust On First Use. In this trust model, the first + time a key is seen, it is memorized. If later another key is seen +@@ -1656,7 +1656,7 @@ Set what trust model GnuPG should follow. The models are: + @code{undefined} trust level is returned. + + @item tofu+pgp +- @opindex trust-mode:tofu+pgp ++ @opindex trust-model:tofu+pgp + This trust model combines TOFU with the Web of Trust. This is done + by computing the trust level for each model and then taking the + maximum trust level where the trust levels are ordered as follows: +@@ -1669,12 +1669,16 @@ Set what trust model GnuPG should follow. The models are: + which some security-conscious users don't like. + + @item direct +- @opindex trust-mode:direct ++ @opindex trust-model:direct + Key validity is set directly by the user and not calculated via the +- Web of Trust. ++ Web of Trust. This model is soley based on the key and does ++ not distinguish user IDs. Note that when changing to another trust ++ model the trust values assigned to a key are transformed into ++ ownertrust values, which also indicate how you trust the owner of ++ the key to sign other keys. + + @item always +- @opindex trust-mode:always ++ @opindex trust-model:always + Skip key validation and assume that used keys are always fully + valid. You generally won't use this unless you are using some + external validation scheme. This option also suppresses the +@@ -1684,7 +1688,7 @@ Set what trust model GnuPG should follow. The models are: + disabled keys. + + @item auto +- @opindex trust-mode:auto ++ @opindex trust-model:auto + Select the trust model depending on whatever the internal trust + database says. This is the default model if such a database already + exists. diff --git a/patches/0050-gpg-Flush-stdout-before-printing-stats-with-check-si.patch b/patches/0050-gpg-Flush-stdout-before-printing-stats-with-check-si.patch new file mode 100644 index 0000000..62cbee9 --- /dev/null +++ b/patches/0050-gpg-Flush-stdout-before-printing-stats-with-check-si.patch @@ -0,0 +1,37 @@ +From: Werner Koch +Date: Mon, 13 Mar 2017 17:42:08 +0100 +Subject: gpg: Flush stdout before printing stats with --check-sigs. + +* g10/keylist.c (print_signature_stats): Flush stdout. +(list_keyblock_colon): Use es_flush instead of fflush. + +Signed-off-by: Werner Koch +(cherry picked from commit 9a77b3b6e41f97b1209ad61c04b3dd33242ecae8) +--- + g10/keylist.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/g10/keylist.c b/g10/keylist.c +index abdcb9f..4078053 100644 +--- a/g10/keylist.c ++++ b/g10/keylist.c +@@ -465,6 +465,10 @@ print_signature_stats (struct keylist_context *s) + if (!s->check_sigs) + return; /* Signature checking was not requested. */ + ++ /* Better flush stdout so that the stats are always printed after ++ * the output. */ ++ es_fflush (es_stdout); ++ + if (s->good_sigs) + log_info (ngettext("%d good signature\n", + "%d good signatures\n", s->good_sigs), s->good_sigs); +@@ -1447,7 +1451,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock, + { + PKT_public_key *signer_pk = NULL; + +- fflush (stdout); ++ es_fflush (es_stdout); + if (opt.no_sig_cache) + signer_pk = xmalloc_clear (sizeof (PKT_public_key)); + diff --git a/patches/0051-dirmngr-Ignore-warning-alerts-in-the-GNUTLS-handshak.patch b/patches/0051-dirmngr-Ignore-warning-alerts-in-the-GNUTLS-handshak.patch new file mode 100644 index 0000000..c30365b --- /dev/null +++ b/patches/0051-dirmngr-Ignore-warning-alerts-in-the-GNUTLS-handshak.patch @@ -0,0 +1,44 @@ +From: Werner Koch +Date: Fri, 17 Mar 2017 12:46:09 +0100 +Subject: dirmngr: Ignore warning alerts in the GNUTLS handshake. + +* dirmngr/http.c (send_request) [GNUTLS]: Don't bail out on warning +alerts. +-- + +GnuPG-bug-id: 2833 +Signed-off-by: Werner Koch +(cherry picked from commit 69c521df422a6c9a6b0a93e45c9373a8b6ceb28e) +--- + dirmngr/http.c | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +diff --git a/dirmngr/http.c b/dirmngr/http.c +index fe9c3c7..c9c16df 100644 +--- a/dirmngr/http.c ++++ b/dirmngr/http.c +@@ -1847,6 +1847,7 @@ send_request (http_t hd, const char *httphost, const char *auth, + gnutls_transport_set_push_function (hd->session->tls_session, + my_gnutls_write); + ++ handshake_again: + do + { + rc = gnutls_handshake (hd->session->tls_session); +@@ -1862,10 +1863,15 @@ send_request (http_t hd, const char *httphost, const char *auth, + + alertno = gnutls_alert_get (hd->session->tls_session); + alertstr = gnutls_alert_get_name (alertno); +- log_info ("TLS handshake failed: %s (alert %d)\n", ++ log_info ("TLS handshake %s: %s (alert %d)\n", ++ rc == GNUTLS_E_WARNING_ALERT_RECEIVED ++ ? "warning" : "failed", + alertstr, (int)alertno); + if (alertno == GNUTLS_A_UNRECOGNIZED_NAME && server) + log_info (" (sent server name '%s')\n", server); ++ ++ if (rc == GNUTLS_E_WARNING_ALERT_RECEIVED) ++ goto handshake_again; + } + else + log_info ("TLS handshake failed: %s\n", gnutls_strerror (rc)); diff --git a/patches/0052-gpg-Make-sure-the-conflict-set-includes-the-current-.patch b/patches/0052-gpg-Make-sure-the-conflict-set-includes-the-current-.patch new file mode 100644 index 0000000..0a11a8e --- /dev/null +++ b/patches/0052-gpg-Make-sure-the-conflict-set-includes-the-current-.patch @@ -0,0 +1,72 @@ +From: "Neal H. Walfield" +Date: Fri, 17 Mar 2017 13:36:51 +0100 +Subject: gpg: Make sure the conflict set includes the current key. + +* g10/tofu.c (get_trust): Sanity check CONFLICT_SET after calling +get_policy. If POLICY is 'auto' and the default policy is 'ask', make +sure CONFLICT_SET includes the current key. + +-- +Signed-off-by: Neal H. Walfield +GnuPG-bug-id: 2959 +Debian-bug-id: 854829 + +Signed-off-by: Neal H. Walfield +(cherry picked from commit b1106b4d640325c60a7212a4a44e4f67c0e3312d) +--- + g10/tofu.c | 28 +++++++++++++++++++++++++--- + 1 file changed, 25 insertions(+), 3 deletions(-) + +diff --git a/g10/tofu.c b/g10/tofu.c +index 449e921..39457a5 100644 +--- a/g10/tofu.c ++++ b/g10/tofu.c +@@ -2304,9 +2304,14 @@ build_conflict_set (tofu_dbs_t dbs, + + + /* Return the effective policy for the binding +- * (email has already been normalized) and any conflict information in +- * *CONFLICT_SETP, if CONFLICT_SETP is not NULL. Returns +- * _tofu_GET_POLICY_ERROR if an error occurs. ++ * (email has already been normalized). Returns ++ * _tofu_GET_POLICY_ERROR if an error occurs. Returns any conflict ++ * information in *CONFLICT_SETP if CONFLICT_SETP is not NULL and the ++ * returned policy is TOFU_POLICY_ASK (consequently, if there is a ++ * conflict, but the user set the policy to good *CONFLICT_SETP will ++ * empty). Note: as per build_conflict_set, which is used to build ++ * the conflict information, the conflict information includes the ++ * current user id as the first element of the linked list. + * + * This function registers the binding in the bindings table if it has + * not yet been registered. +@@ -2689,6 +2694,15 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk, + policy = get_policy (dbs, pk, fingerprint, user_id, email, + &conflict_set, now); + ++ if (policy == TOFU_POLICY_ASK) ++ /* The conflict set should always contain at least one element: ++ * the current key. */ ++ log_assert (conflict_set); ++ else ++ /* If the policy is not TOFU_POLICY_ASK, then conflict_set will be ++ * NULL. */ ++ log_assert (! conflict_set); ++ + /* If the key is ultimately trusted, there is nothing to do. */ + { + u32 kid[2]; +@@ -2710,6 +2724,14 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk, + " auto (default: %s).\n", + fingerprint, email, + tofu_policy_str (opt.tofu_default_policy)); ++ ++ if (policy == TOFU_POLICY_ASK) ++ /* The default policy is ASK, but there is no conflict (policy ++ * was 'auto'). In this case, we need to make sure the ++ * conflict set includes at least the current user id. */ ++ { ++ add_to_strlist (&conflict_set, fingerprint); ++ } + } + switch (policy) + { diff --git a/patches/0053-dirmngr-Load-the-hosts-file-into-libdns.patch b/patches/0053-dirmngr-Load-the-hosts-file-into-libdns.patch new file mode 100644 index 0000000..aae341c --- /dev/null +++ b/patches/0053-dirmngr-Load-the-hosts-file-into-libdns.patch @@ -0,0 +1,60 @@ +From: Justus Winter +Date: Tue, 21 Mar 2017 14:18:25 +0100 +Subject: dirmngr: Load the hosts file into libdns. + +* dirmngr/dns-stuff.c (libdns_init): Actually load the hosts file into +libdns. +-- + +Previously, connecting to key servers specified in /etc/hosts was not +possible because libdns' hosts structure was initialized, but not +filled with the content of the hosts file. + +GnuPG-bug-id: 2977 +Signed-off-by: Justus Winter +(cherry picked from commit 88f1505f0613894d5544290a170119eb538921e5) +--- + dirmngr/dns-stuff.c | 26 +++++++++++++++++++++++++- + 1 file changed, 25 insertions(+), 1 deletion(-) + +diff --git a/dirmngr/dns-stuff.c b/dirmngr/dns-stuff.c +index bc2e071..35e6c82 100644 +--- a/dirmngr/dns-stuff.c ++++ b/dirmngr/dns-stuff.c +@@ -533,11 +533,35 @@ libdns_init (void) + ld.hosts = dns_hosts_open (&derr); + if (!ld.hosts) + { +- log_error ("failed to load hosts file: %s\n", gpg_strerror (err)); + err = libdns_error_to_gpg_error (derr); ++ log_error ("failed to initialize hosts file: %s\n", gpg_strerror (err)); + goto leave; + } + ++ ++ { ++#if HAVE_W32_SYSTEM ++ char *hosts_path = xtryasprintf ("%s\System32\drivers\etc\hosts", ++ getenv ("SystemRoot")); ++ if (! hosts_path) ++ { ++ err = gpg_error_from_syserror (); ++ goto leave; ++ } ++ ++ derr = dns_hosts_loadpath (ld.hosts, hosts_path); ++ xfree (hosts_path); ++#else ++ derr = dns_hosts_loadpath (ld.hosts, "/etc/hosts"); ++#endif ++ if (derr) ++ { ++ err = libdns_error_to_gpg_error (derr); ++ log_error ("failed to load hosts file: %s\n", gpg_strerror (err)); ++ goto leave; ++ } ++ } ++ + /* dns_hints_local for stub mode, dns_hints_root for recursive. */ + ld.hints = (recursive_resolver + ? dns_hints_root (ld.resolv_conf, &derr) diff --git a/patches/0054-dirmngr-Fix-error-handling.patch b/patches/0054-dirmngr-Fix-error-handling.patch new file mode 100644 index 0000000..5b1d359 --- /dev/null +++ b/patches/0054-dirmngr-Fix-error-handling.patch @@ -0,0 +1,26 @@ +From: Justus Winter +Date: Tue, 21 Mar 2017 14:22:13 +0100 +Subject: dirmngr: Fix error handling. + +* dirmngr/dns-stuff.c (libdns_init): Convert error before printing it. + +Signed-off-by: Justus Winter +(cherry picked from commit 483c1288a8f86dc6bf93d0d3f2865ecc246aecba) +--- + dirmngr/dns-stuff.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/dirmngr/dns-stuff.c b/dirmngr/dns-stuff.c +index 35e6c82..c79a9c7 100644 +--- a/dirmngr/dns-stuff.c ++++ b/dirmngr/dns-stuff.c +@@ -568,8 +568,8 @@ libdns_init (void) + : dns_hints_local (ld.resolv_conf, &derr)); + if (!ld.hints) + { +- log_error ("failed to load DNS hints: %s\n", gpg_strerror (err)); + err = libdns_error_to_gpg_error (derr); ++ log_error ("failed to load DNS hints: %s\n", gpg_strerror (err)); + goto leave; + } + diff --git a/patches/0055-common-Implicitly-do-a-gpgconf-create-socketdir.patch b/patches/0055-common-Implicitly-do-a-gpgconf-create-socketdir.patch new file mode 100644 index 0000000..f7d7608 --- /dev/null +++ b/patches/0055-common-Implicitly-do-a-gpgconf-create-socketdir.patch @@ -0,0 +1,65 @@ +From: Werner Koch +Date: Thu, 23 Mar 2017 09:38:19 +0100 +Subject: common: Implicitly do a gpgconf --create-socketdir. + +* common/homedir.c (_gnupg_socketdir_internal): Create the +sub-directory. +-- + +Although there is no auto cleanup (yet) this should be helpful. Let's +see whether possibly leaving stale directories around is better than +running into trouble when --create-socketdir was not used. + +Signed-off-by: Werner Koch +(cherry picked from commit 26086b362ff47d21b1abefaf674a6464bf0a8921) +--- + common/homedir.c | 25 ++++++++++++++++++------- + 1 file changed, 18 insertions(+), 7 deletions(-) + +diff --git a/common/homedir.c b/common/homedir.c +index 6b40bb6..c41cbdc 100644 +--- a/common/homedir.c ++++ b/common/homedir.c +@@ -542,7 +542,7 @@ _gnupg_socketdir_internal (int skip_checks, unsigned *r_info) + + /* If a non default homedir is used, we check whether an + * corresponding sub directory below the socket dir is available +- * and use that. We has the non default homedir to keep the new ++ * and use that. We hash the non default homedir to keep the new + * subdir short enough. */ + if (non_default_homedir) + { +@@ -566,16 +566,27 @@ _gnupg_socketdir_internal (int skip_checks, unsigned *r_info) + goto leave; + } + +- /* Stat that directory and check constraints. Note that we +- * do not auto create such a directory because we would not +- * have a way to remove it. Thus the directory needs to be +- * pre-created. The command +- * gpgconf --create-socketdir +- * can be used tocreate that directory. */ ++ /* Stat that directory and check constraints. ++ * The command ++ * gpgconf --remove-socketdir ++ * can be used to remove that directory. */ + if (stat (name, &sb)) + { + if (errno != ENOENT) + *r_info |= 1; /* stat failed. */ ++ else if (!skip_checks) ++ { ++ /* Try to create the directory and check again. */ ++ if (gnupg_mkdir (name, "-rwx")) ++ *r_info |= 16; /* mkdir failed. */ ++ else if (stat (prefix, &sb)) ++ { ++ if (errno != ENOENT) ++ *r_info |= 1; /* stat failed. */ ++ else ++ *r_info |= 64; /* Subdir does not exist. */ ++ } ++ } + else + *r_info |= 64; /* Subdir does not exist. */ + if (!skip_checks) diff --git a/patches/0056-common-Fix-connecting-to-the-agent.patch b/patches/0056-common-Fix-connecting-to-the-agent.patch new file mode 100644 index 0000000..4923afb --- /dev/null +++ b/patches/0056-common-Fix-connecting-to-the-agent.patch @@ -0,0 +1,34 @@ +From: Justus Winter +Date: Mon, 27 Mar 2017 16:14:20 +0200 +Subject: common: Fix connecting to the agent. + +* common/homedir.c (_gnupg_socketdir_internal): Fix error handling. +-- + +Prior to 26086b36 the non-existance of the socket directory was +considered an error if a non-default home directory is used. Since +26086b36 we now create the directory on demand, but the function still +returned the fallback path. This made the agent bind the socket in +the socket directory, and the client trying to connect to the socket +in the home directory. + +Fixes-commit: 26086b362ff47d21b1abefaf674a6464bf0a8921 +Signed-off-by: Justus Winter +(cherry picked from commit caf00915532e6e8e509738962964edcd14fb0654) +--- + common/homedir.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/common/homedir.c b/common/homedir.c +index c41cbdc..4571aac 100644 +--- a/common/homedir.c ++++ b/common/homedir.c +@@ -586,6 +586,8 @@ _gnupg_socketdir_internal (int skip_checks, unsigned *r_info) + else + *r_info |= 64; /* Subdir does not exist. */ + } ++ else ++ goto leave; /* Success! */ + } + else + *r_info |= 64; /* Subdir does not exist. */ diff --git a/patches/0057-g10-Fix-memory-leak.patch b/patches/0057-g10-Fix-memory-leak.patch new file mode 100644 index 0000000..d6e074f --- /dev/null +++ b/patches/0057-g10-Fix-memory-leak.patch @@ -0,0 +1,33 @@ +From: Justus Winter +Date: Tue, 28 Mar 2017 12:10:28 +0200 +Subject: g10: Fix memory leak. + +* g10/decrypt-data.c (decrypt_data): Free 'filename'. + +Signed-off-by: Justus Winter +(cherry picked from commit 6d3edfd972c1114f43f6b35773dc25e0256f48f4) +--- + g10/decrypt-data.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/g10/decrypt-data.c b/g10/decrypt-data.c +index 585b150..f5843d6 100644 +--- a/g10/decrypt-data.c ++++ b/g10/decrypt-data.c +@@ -222,7 +222,7 @@ decrypt_data (ctrl_t ctrl, void *procctx, PKT_encrypted *ed, DEK *dek) + + if (opt.unwrap_encryption) + { +- char *filename; ++ char *filename = NULL; + estream_t fp; + rc = get_output_file ("", 0, ed->buf, &filename, &fp); + if (! rc) +@@ -248,6 +248,7 @@ decrypt_data (ctrl_t ctrl, void *procctx, PKT_encrypted *ed, DEK *dek) + if (afx) + release_armor_context (afx); + } ++ xfree (filename); + } + else + proc_packets (ctrl, procctx, ed->buf ); diff --git a/patches/0058-common-Avoid-undefined-behavior.patch b/patches/0058-common-Avoid-undefined-behavior.patch new file mode 100644 index 0000000..ad46b22 --- /dev/null +++ b/patches/0058-common-Avoid-undefined-behavior.patch @@ -0,0 +1,26 @@ +From: Justus Winter +Date: Thu, 30 Mar 2017 15:44:35 +0200 +Subject: common: Avoid undefined behavior. + +* common/iobuf.c (iobuf_read_line): Do not consider 'length' if +'buffer' is NULL. + +Signed-off-by: Justus Winter +(cherry picked from commit 214fa9012296d796b78f1a3106d656639cf50aef) +--- + common/iobuf.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/common/iobuf.c b/common/iobuf.c +index d346027..b8baf7f 100644 +--- a/common/iobuf.c ++++ b/common/iobuf.c +@@ -2552,7 +2552,7 @@ iobuf_read_line (iobuf_t a, byte ** addr_of_buffer, + NUL character in the buffer. This requires at least 2 bytes. We + don't complicate the code by handling the stupid corner case, but + simply assert that it can't happen. */ +- assert (length >= 2 || maxlen >= 2); ++ assert (!buffer || length >= 2 || maxlen >= 2); + + if (!buffer || length <= 1) + /* must allocate a new buffer */ diff --git a/patches/0059-gpg-Handle-critical-marked-Reason-for-Revocation.patch b/patches/0059-gpg-Handle-critical-marked-Reason-for-Revocation.patch new file mode 100644 index 0000000..8d958d5 --- /dev/null +++ b/patches/0059-gpg-Handle-critical-marked-Reason-for-Revocation.patch @@ -0,0 +1,31 @@ +From: Werner Koch +Date: Mon, 3 Apr 2017 08:51:52 +0200 +Subject: gpg: Handle critical marked 'Reason for Revocation'. + +* g10/parse-packet.c (can_handle_critical): Add +SIGSUBPKT_REVOC_REASON. +-- + +Some software seems to mark that subpacket as criticial. Although gpg +has no special treatment for a revocation reasons (except for +--list-packets) we can accept a criticial marked anyway. There are no +mandatary rules specified on how to handle a revocation reason. + +Signed-off-by: Werner Koch +(cherry picked from commit 3f6d949011f485613bb4bd3e06a2643be79cce40) +--- + g10/parse-packet.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/g10/parse-packet.c b/g10/parse-packet.c +index 7f44ce5..bbb784a 100644 +--- a/g10/parse-packet.c ++++ b/g10/parse-packet.c +@@ -1572,6 +1572,7 @@ can_handle_critical (const byte * buffer, size_t n, int type) + /* Is it enough to show the policy or keyserver? */ + case SIGSUBPKT_POLICY: + case SIGSUBPKT_PREF_KS: ++ case SIGSUBPKT_REVOC_REASON: /* At least we know about it. */ + return 1; + + default: diff --git a/patches/0060-dirmngr-Do-not-assume-that-etc-hosts-exists.patch b/patches/0060-dirmngr-Do-not-assume-that-etc-hosts-exists.patch new file mode 100644 index 0000000..7cec8ae --- /dev/null +++ b/patches/0060-dirmngr-Do-not-assume-that-etc-hosts-exists.patch @@ -0,0 +1,61 @@ +From: Werner Koch +Date: Mon, 3 Apr 2017 19:10:50 +0200 +Subject: dirmngr: Do not assume that /etc/hosts exists. + +* dirmngr/dns-stuff.c (libdns_init): Do not bail out. +-- + +A standard Windows installation does not have a hosts file and thus we +can't bail out here. We should also not bail out on a Unix system +because /etc/hosts is just one method in nsswitch.conf. + +Fixes-commit: 88f1505f0613894d5544290a170119eb538921e5 +Signed-off-by: Werner Koch +(cherry picked from commit 5d873f288e86edfb684f4dd57ac36466b06494a4) +--- + dirmngr/dns-stuff.c | 16 ++++++++++++---- + 1 file changed, 12 insertions(+), 4 deletions(-) + +diff --git a/dirmngr/dns-stuff.c b/dirmngr/dns-stuff.c +index c79a9c7..c2d5488 100644 +--- a/dirmngr/dns-stuff.c ++++ b/dirmngr/dns-stuff.c +@@ -538,10 +538,9 @@ libdns_init (void) + goto leave; + } + +- + { + #if HAVE_W32_SYSTEM +- char *hosts_path = xtryasprintf ("%s\System32\drivers\etc\hosts", ++ char *hosts_path = xtryasprintf ("%s\\System32\\drivers\\etc\\hosts", + getenv ("SystemRoot")); + if (! hosts_path) + { +@@ -551,15 +550,24 @@ libdns_init (void) + + derr = dns_hosts_loadpath (ld.hosts, hosts_path); + xfree (hosts_path); ++ if (derr) ++ { ++ err = libdns_error_to_gpg_error (derr); ++ /* Most Windows systems don't have a hosts files. So do not ++ * report in this case. */ ++ if (gpg_err_code (err) != GPG_ERR_ENOENT) ++ log_error ("failed to load hosts file: %s\n", gpg_strerror (err)); ++ err = 0; /* Do not bail out. */ ++ } + #else + derr = dns_hosts_loadpath (ld.hosts, "/etc/hosts"); +-#endif + if (derr) + { + err = libdns_error_to_gpg_error (derr); + log_error ("failed to load hosts file: %s\n", gpg_strerror (err)); +- goto leave; ++ err = 0; /* Do not bail out - having no /etc/hosts is legal. */ + } ++#endif + } + + /* dns_hints_local for stub mode, dns_hints_root for recursive. */ diff --git a/patches/0061-dirmngr-Always-print-a-warning-for-a-missing-etc-hos.patch b/patches/0061-dirmngr-Always-print-a-warning-for-a-missing-etc-hos.patch new file mode 100644 index 0000000..ecf484e --- /dev/null +++ b/patches/0061-dirmngr-Always-print-a-warning-for-a-missing-etc-hos.patch @@ -0,0 +1,49 @@ +From: Werner Koch +Date: Mon, 3 Apr 2017 20:20:27 +0200 +Subject: dirmngr: Always print a warning for a missing /etc/hosts. + +* dirmngr/dns-stuff.c (libdns_init): No Windows specific handling of a +missing /etc/hosts. +-- + +My last comment on this was flawed. Windows seems to always have its +version of /etc/hosts. Only the en passant fixed bad escaping led me +assume that this was the case. Thanks to Andre for complaining about +my comment remark. + +Signed-off-by: Werner Koch +(cherry picked from commit 35c843c815306f36d1efbc52f5e2f6bac3f67aec) +--- + dirmngr/dns-stuff.c | 11 +---------- + 1 file changed, 1 insertion(+), 10 deletions(-) + +diff --git a/dirmngr/dns-stuff.c b/dirmngr/dns-stuff.c +index c2d5488..150237e 100644 +--- a/dirmngr/dns-stuff.c ++++ b/dirmngr/dns-stuff.c +@@ -550,24 +550,15 @@ libdns_init (void) + + derr = dns_hosts_loadpath (ld.hosts, hosts_path); + xfree (hosts_path); +- if (derr) +- { +- err = libdns_error_to_gpg_error (derr); +- /* Most Windows systems don't have a hosts files. So do not +- * report in this case. */ +- if (gpg_err_code (err) != GPG_ERR_ENOENT) +- log_error ("failed to load hosts file: %s\n", gpg_strerror (err)); +- err = 0; /* Do not bail out. */ +- } + #else + derr = dns_hosts_loadpath (ld.hosts, "/etc/hosts"); ++#endif + if (derr) + { + err = libdns_error_to_gpg_error (derr); + log_error ("failed to load hosts file: %s\n", gpg_strerror (err)); + err = 0; /* Do not bail out - having no /etc/hosts is legal. */ + } +-#endif + } + + /* dns_hints_local for stub mode, dns_hints_root for recursive. */ diff --git a/patches/0062-dirmngr-Handle-EIO-which-is-sometimes-returned-by-co.patch b/patches/0062-dirmngr-Handle-EIO-which-is-sometimes-returned-by-co.patch new file mode 100644 index 0000000..9a53665 --- /dev/null +++ b/patches/0062-dirmngr-Handle-EIO-which-is-sometimes-returned-by-co.patch @@ -0,0 +1,26 @@ +From: Werner Koch +Date: Mon, 3 Apr 2017 20:23:18 +0200 +Subject: dirmngr: Handle EIO which is sometimes returned by cookie functions. + +* dirmngr/ks-engine-hkp.c (handle_send_request_error): Handle EIO. +-- + +Suggested-by: Andre Heinecke +Signed-off-by: Werner Koch +(cherry picked from commit cc32ddbcba8c53d3e2cad952d72f62dc73911042) +--- + dirmngr/ks-engine-hkp.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c +index 32db4bc..66350a7 100644 +--- a/dirmngr/ks-engine-hkp.c ++++ b/dirmngr/ks-engine-hkp.c +@@ -1245,6 +1245,7 @@ handle_send_request_error (ctrl_t ctrl, gpg_error_t err, const char *request, + case GPG_ERR_ENETDOWN: + case GPG_ERR_UNKNOWN_HOST: + case GPG_ERR_NETWORK: ++ case GPG_ERR_EIO: /* Sometimes used by estream cookie functions. */ + if (mark_host_dead (request) && *tries_left) + retry = 1; + break; diff --git a/patches/0063-dirmngr-New-option-disable-ipv6.patch b/patches/0063-dirmngr-New-option-disable-ipv6.patch new file mode 100644 index 0000000..6a8ea61 --- /dev/null +++ b/patches/0063-dirmngr-New-option-disable-ipv6.patch @@ -0,0 +1,241 @@ +From: Werner Koch +Date: Mon, 3 Apr 2017 20:56:12 +0200 +Subject: dirmngr: New option --disable-ipv6 + +* dirmngr/dirmngr.h (struct opt): Add field 'disable_ipv6'. +* dirmngr/dirmngr.c (oDisableIPv6): New const. +(opts): New option --disable-ipv6. +(parse_rereadable_options): Set that option. +* dirmngr/dns-stuff.c (opt_disable_ipv6): New var. +(set_dns_disable_ipv6): New. +(resolve_name_standard): Make use of it. +* dirmngr/ks-engine-finger.c (ks_finger_fetch): Take care of +OPT.DISABLE_IPV6. +* dirmngr/ks-engine-hkp.c (map_host): Ditto. +(send_request): Ditto. +* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto. +* dirmngr/ocsp.c (do_ocsp_request): Ditto. + +Signed-off-by: Werner Koch +(cherry picked from commit 3533b854408fa93734742b2ee12b62aa0d55ff28) +--- + dirmngr/crlfetch.c | 1 + + dirmngr/dirmngr.c | 4 ++++ + dirmngr/dirmngr.h | 3 ++- + dirmngr/dns-stuff.c | 15 +++++++++++++++ + dirmngr/dns-stuff.h | 4 ++++ + dirmngr/ks-engine-finger.c | 3 ++- + dirmngr/ks-engine-hkp.c | 7 +++++-- + dirmngr/ks-engine-http.c | 3 ++- + dirmngr/ocsp.c | 3 ++- + doc/dirmngr.texi | 5 +++-- + 10 files changed, 40 insertions(+), 8 deletions(-) + +diff --git a/dirmngr/crlfetch.c b/dirmngr/crlfetch.c +index 337fe6e..2700cf9 100644 +--- a/dirmngr/crlfetch.c ++++ b/dirmngr/crlfetch.c +@@ -200,6 +200,7 @@ crl_fetch (ctrl_t ctrl, const char *url, ksba_reader_t *reader) + |(DBG_LOOKUP? HTTP_FLAG_LOG_RESP:0) + |(dirmngr_use_tor()? HTTP_FLAG_FORCE_TOR:0) + |(opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4:0) ++ |(opt.disable_ipv6? HTTP_FLAG_IGNORE_IPv6:0) + ), + ctrl->http_proxy, NULL, NULL, NULL); + +diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c +index 43e9cbd..31d3ca2 100644 +--- a/dirmngr/dirmngr.c ++++ b/dirmngr/dirmngr.c +@@ -112,6 +112,7 @@ enum cmd_and_opt_values { + oDisableHTTP, + oDisableLDAP, + oDisableIPv4, ++ oDisableIPv6, + oIgnoreLDAPDP, + oIgnoreHTTPDP, + oIgnoreOCSPSvcUrl, +@@ -228,6 +229,7 @@ static ARGPARSE_OPTS opts[] = { + ARGPARSE_s_n (oNoUseTor, "no-use-tor", "@"), + + ARGPARSE_s_n (oDisableIPv4, "disable-ipv4", "@"), ++ ARGPARSE_s_n (oDisableIPv6, "disable-ipv6", "@"), + + ARGPARSE_s_s (oSocketName, "socket-name", "@"), /* Only for debugging. */ + +@@ -624,6 +626,7 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread) + case oDisableHTTP: opt.disable_http = 1; break; + case oDisableLDAP: opt.disable_ldap = 1; break; + case oDisableIPv4: opt.disable_ipv4 = 1; break; ++ case oDisableIPv6: opt.disable_ipv6 = 1; break; + case oHonorHTTPProxy: opt.honor_http_proxy = 1; break; + case oHTTPProxy: opt.http_proxy = pargs->r.ret_str; break; + case oLDAPProxy: opt.ldap_proxy = pargs->r.ret_str; break; +@@ -690,6 +693,7 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread) + set_dns_verbose (opt.verbose, !!DBG_DNS); + http_set_verbose (opt.verbose, !!DBG_NETWORK); + set_dns_disable_ipv4 (opt.disable_ipv4); ++ set_dns_disable_ipv6 (opt.disable_ipv6); + + return 1; /* Handled. */ + } +diff --git a/dirmngr/dirmngr.h b/dirmngr/dirmngr.h +index 6a4fd00..4cc2be0 100644 +--- a/dirmngr/dirmngr.h ++++ b/dirmngr/dirmngr.h +@@ -97,7 +97,8 @@ struct + + int disable_http; /* Do not use HTTP at all. */ + int disable_ldap; /* Do not use LDAP at all. */ +- int disable_ipv4; /* Do not use leagacy IP addresses. */ ++ int disable_ipv4; /* Do not use legacy IP addresses. */ ++ int disable_ipv6; /* Do not use standard IP addresses. */ + int honor_http_proxy; /* Honor the http_proxy env variable. */ + const char *http_proxy; /* The default HTTP proxy. */ + const char *ldap_proxy; /* Use given LDAP proxy. */ +diff --git a/dirmngr/dns-stuff.c b/dirmngr/dns-stuff.c +index 150237e..ed77742 100644 +--- a/dirmngr/dns-stuff.c ++++ b/dirmngr/dns-stuff.c +@@ -123,6 +123,10 @@ static int opt_timeout; + * returned A records. */ + static int opt_disable_ipv4; + ++/* The flag to disable IPv6 access - right now this only skips ++ * returned AAAA records. */ ++static int opt_disable_ipv6; ++ + /* If set force the use of the standard resolver. */ + static int standard_resolver; + +@@ -248,6 +252,15 @@ set_dns_disable_ipv4 (int yes) + } + + ++/* Set the Disable-IPv6 flag so that the name resolver does not return ++ * AAAA addresses. */ ++void ++set_dns_disable_ipv6 (int yes) ++{ ++ opt_disable_ipv6 = !!yes; ++} ++ ++ + /* Set the timeout for libdns requests to SECONDS. A value of 0 sets + * the default timeout and values are capped at 10 minutes. */ + void +@@ -934,6 +947,8 @@ resolve_name_standard (const char *name, unsigned short port, + continue; + if (opt_disable_ipv4 && ai->ai_family == AF_INET) + continue; ++ if (opt_disable_ipv6 && ai->ai_family == AF_INET6) ++ continue; + + dai = xtrymalloc (sizeof *dai + ai->ai_addrlen - 1); + dai->family = ai->ai_family; +diff --git a/dirmngr/dns-stuff.h b/dirmngr/dns-stuff.h +index 9b8303c..71605b7 100644 +--- a/dirmngr/dns-stuff.h ++++ b/dirmngr/dns-stuff.h +@@ -99,6 +99,10 @@ void set_dns_verbose (int verbose, int debug); + * A addresses. */ + void set_dns_disable_ipv4 (int yes); + ++/* Set the Disable-IPv6 flag so that the name resolver does not return ++ * AAAA addresses. */ ++void set_dns_disable_ipv6 (int yes); ++ + /* Set the timeout for libdns requests to SECONDS. */ + void set_dns_timeout (int seconds); + +diff --git a/dirmngr/ks-engine-finger.c b/dirmngr/ks-engine-finger.c +index 811b72d..8a21c9f 100644 +--- a/dirmngr/ks-engine-finger.c ++++ b/dirmngr/ks-engine-finger.c +@@ -84,7 +84,8 @@ ks_finger_fetch (ctrl_t ctrl, parsed_uri_t uri, estream_t *r_fp) + + err = http_raw_connect (&http, server, 79, + ((dirmngr_use_tor ()? HTTP_FLAG_FORCE_TOR : 0) +- | (opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0)), ++ | (opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0) ++ | (opt.disable_ipv6? HTTP_FLAG_IGNORE_IPv6 : 0)), + NULL); + if (err) + { +diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c +index 66350a7..7c91b6a 100644 +--- a/dirmngr/ks-engine-hkp.c ++++ b/dirmngr/ks-engine-hkp.c +@@ -568,6 +568,8 @@ map_host (ctrl_t ctrl, const char *name, const char *srvtag, int force_reselect, + continue; + if (opt.disable_ipv4 && ai->family == AF_INET) + continue; ++ if (opt.disable_ipv6 && ai->family == AF_INET6) ++ continue; + dirmngr_tick (ctrl); + + add_host (name, is_pool, ai, 0, reftbl, reftblsize, &refidx); +@@ -649,7 +651,7 @@ map_host (ctrl_t ctrl, const char *name, const char *srvtag, int force_reselect, + { + for (ai = aibuf; ai; ai = ai->next) + { +- if (ai->family == AF_INET6 ++ if ((!opt.disable_ipv6 && ai->family == AF_INET6) + || (!opt.disable_ipv4 && ai->family == AF_INET)) + { + err = resolve_dns_addr (ai->addr, ai->addrlen, 0, &host); +@@ -1102,7 +1104,8 @@ send_request (ctrl_t ctrl, const char *request, const char *hostportstr, + (httpflags + |(opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0) + |(dirmngr_use_tor ()? HTTP_FLAG_FORCE_TOR:0) +- |(opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0)), ++ |(opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0) ++ |(opt.disable_ipv6? HTTP_FLAG_IGNORE_IPv6 : 0)), + ctrl->http_proxy, + session, + NULL, +diff --git a/dirmngr/ks-engine-http.c b/dirmngr/ks-engine-http.c +index 69642ff..6de0616 100644 +--- a/dirmngr/ks-engine-http.c ++++ b/dirmngr/ks-engine-http.c +@@ -89,7 +89,8 @@ ks_http_fetch (ctrl_t ctrl, const char *url, estream_t *r_fp) + /* fixme: AUTH */ NULL, + ((opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0) + | (dirmngr_use_tor ()? HTTP_FLAG_FORCE_TOR:0) +- | (opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0)), ++ | (opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0) ++ | (opt.disable_ipv6? HTTP_FLAG_IGNORE_IPv6 : 0)), + ctrl->http_proxy, + session, + NULL, +diff --git a/dirmngr/ocsp.c b/dirmngr/ocsp.c +index aff8e32..22391c3 100644 +--- a/dirmngr/ocsp.c ++++ b/dirmngr/ocsp.c +@@ -175,7 +175,8 @@ do_ocsp_request (ctrl_t ctrl, ksba_ocsp_t ocsp, gcry_md_hd_t md, + err = http_open (&http, HTTP_REQ_POST, url, NULL, NULL, + ((opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0) + | (dirmngr_use_tor ()? HTTP_FLAG_FORCE_TOR:0) +- | (opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0)), ++ | (opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0) ++ | (opt.disable_ipv6? HTTP_FLAG_IGNORE_IPv6 : 0)), + ctrl->http_proxy, NULL, NULL, NULL); + if (err) + { +diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi +index b00c2d3..9a7238f 100644 +--- a/doc/dirmngr.texi ++++ b/doc/dirmngr.texi +@@ -313,9 +313,10 @@ a numerical IP address must be given (IPv6 or IPv4) and that no error + checking is done for @var{ipaddr}. + + @item --disable-ipv4 ++@item --disable-ipv6 + @opindex disable-ipv4 +-Disable the use of all IPv4 addresses. This option is mainly useful +-for debugging. ++@opindex disable-ipv6 ++Disable the use of all IPv4 or IPv6 addresses. + + @item --disable-ldap + @opindex disable-ldap diff --git a/patches/0064-agent-Serialize-access-to-passphrase-cache.patch b/patches/0064-agent-Serialize-access-to-passphrase-cache.patch new file mode 100644 index 0000000..8231848 --- /dev/null +++ b/patches/0064-agent-Serialize-access-to-passphrase-cache.patch @@ -0,0 +1,220 @@ +From: NIIBE Yutaka +Date: Fri, 7 Apr 2017 08:39:26 +0900 +Subject: agent: Serialize access to passphrase cache. + +* agent/cache.c (encryption_lock): Remove. +(cache_lock): New. Now, we have coarse grain lock to serialize +entire cache access. +(initialize_module_cache): Use CACHE_LOCK. +(init_encryption, new_data): Remove ENCRYPTION_LOCK. +(agent_flush_cache, agent_put_cache, agent_get_cache): Lock the cache. + +-- + +GnuPG-bug-id: 3027 +Signed-off-by: NIIBE Yutaka +(cherry picked from commit ebe12be034f052cdec871f0d8ad1bfab85d7b943) +--- + agent/cache.c | 73 ++++++++++++++++++++++++++++++----------------------------- + 1 file changed, 37 insertions(+), 36 deletions(-) + +diff --git a/agent/cache.c b/agent/cache.c +index 2483682..fead737 100644 +--- a/agent/cache.c ++++ b/agent/cache.c +@@ -31,9 +31,8 @@ + /* The size of the encryption key in bytes. */ + #define ENCRYPTION_KEYSIZE (128/8) + +-/* A mutex used to protect the encryption. This is required because +- we use one context to do all encryption and decryption. */ +-static npth_mutex_t encryption_lock; ++/* A mutex used to serialize access to the cache. */ ++static npth_mutex_t cache_lock; + /* The encryption context. This is the only place where the + encryption key for all cached entries is available. It would be nice + to keep this (or just the key) in some hardware device, for example +@@ -76,7 +75,7 @@ initialize_module_cache (void) + { + int err; + +- err = npth_mutex_init (&encryption_lock, NULL); ++ err = npth_mutex_init (&cache_lock, NULL); + + if (err) + log_fatal ("error initializing cache module: %s\n", strerror (err)); +@@ -102,15 +101,10 @@ init_encryption (void) + { + gpg_error_t err; + void *key; +- int res; + + if (encryption_handle) + return 0; /* Shortcut - Already initialized. */ + +- res = npth_mutex_lock (&encryption_lock); +- if (res) +- log_fatal ("failed to acquire cache encryption mutex: %s\n", strerror (res)); +- + err = gcry_cipher_open (&encryption_handle, GCRY_CIPHER_AES128, + GCRY_CIPHER_MODE_AESWRAP, GCRY_CIPHER_SECURE); + if (!err) +@@ -133,10 +127,6 @@ init_encryption (void) + log_error ("error initializing cache encryption context: %s\n", + gpg_strerror (err)); + +- res = npth_mutex_unlock (&encryption_lock); +- if (res) +- log_fatal ("failed to release cache encryption mutex: %s\n", strerror (res)); +- + return err? gpg_error (GPG_ERR_NOT_INITIALIZED) : 0; + } + +@@ -155,7 +145,6 @@ new_data (const char *string, struct secret_data_s **r_data) + struct secret_data_s *d, *d_enc; + size_t length; + int total; +- int res; + + *r_data = NULL; + +@@ -186,17 +175,9 @@ new_data (const char *string, struct secret_data_s **r_data) + } + + d_enc->totallen = total; +- res = npth_mutex_lock (&encryption_lock); +- if (res) +- log_fatal ("failed to acquire cache encryption mutex: %s\n", +- strerror (res)); +- + err = gcry_cipher_encrypt (encryption_handle, d_enc->data, total, + d->data, total - 8); + xfree (d); +- res = npth_mutex_unlock (&encryption_lock); +- if (res) +- log_fatal ("failed to release cache encryption mutex: %s\n", strerror (res)); + if (err) + { + xfree (d_enc); +@@ -281,10 +262,15 @@ void + agent_flush_cache (void) + { + ITEM r; ++ int res; + + if (DBG_CACHE) + log_debug ("agent_flush_cache\n"); + ++ res = npth_mutex_lock (&cache_lock); ++ if (res) ++ log_fatal ("failed to acquire cache mutex: %s\n", strerror (res)); ++ + for (r=thecache; r; r = r->next) + { + if (r->pw) +@@ -296,6 +282,10 @@ agent_flush_cache (void) + r->accessed = 0; + } + } ++ ++ res = npth_mutex_unlock (&cache_lock); ++ if (res) ++ log_fatal ("failed to release cache mutex: %s\n", strerror (res)); + } + + +@@ -321,6 +311,11 @@ agent_put_cache (const char *key, cache_mode_t cache_mode, + { + gpg_error_t err = 0; + ITEM r; ++ int res; ++ ++ res = npth_mutex_lock (&cache_lock); ++ if (res) ++ log_fatal ("failed to acquire cache mutex: %s\n", strerror (res)); + + if (DBG_CACHE) + log_debug ("agent_put_cache '%s' (mode %d) requested ttl=%d\n", +@@ -336,7 +331,7 @@ agent_put_cache (const char *key, cache_mode_t cache_mode, + } + } + if ((!ttl && data) || cache_mode == CACHE_MODE_IGNORE) +- return 0; ++ goto out; + + for (r=thecache; r; r = r->next) + { +@@ -386,6 +381,12 @@ agent_put_cache (const char *key, cache_mode_t cache_mode, + if (err) + log_error ("error inserting cache item: %s\n", gpg_strerror (err)); + } ++ ++ out: ++ res = npth_mutex_unlock (&cache_lock); ++ if (res) ++ log_fatal ("failed to release cache mutex: %s\n", strerror (res)); ++ + return err; + } + +@@ -405,15 +406,18 @@ agent_get_cache (const char *key, cache_mode_t cache_mode) + if (cache_mode == CACHE_MODE_IGNORE) + return NULL; + ++ res = npth_mutex_lock (&cache_lock); ++ if (res) ++ log_fatal ("failed to acquire cache mutex: %s\n", strerror (res)); ++ + if (!key) + { + key = last_stored_cache_key; + if (!key) +- return NULL; ++ goto out; + last_stored = 1; + } + +- + if (DBG_CACHE) + log_debug ("agent_get_cache '%s' (mode %d)%s ...\n", + key, cache_mode, +@@ -440,17 +444,9 @@ agent_get_cache (const char *key, cache_mode_t cache_mode) + err = gpg_error_from_syserror (); + else + { +- res = npth_mutex_lock (&encryption_lock); +- if (res) +- log_fatal ("failed to acquire cache encryption mutex: %s\n", +- strerror (res)); + err = gcry_cipher_decrypt (encryption_handle, + value, r->pw->totallen - 8, + r->pw->data, r->pw->totallen); +- res = npth_mutex_unlock (&encryption_lock); +- if (res) +- log_fatal ("failed to release cache encryption mutex: %s\n", +- strerror (res)); + } + if (err) + { +@@ -459,13 +455,18 @@ agent_get_cache (const char *key, cache_mode_t cache_mode) + log_error ("retrieving cache entry '%s' failed: %s\n", + key, gpg_strerror (err)); + } +- return value; ++ break; + } + } +- if (DBG_CACHE) ++ if (DBG_CACHE && value == NULL) + log_debug ("... miss\n"); + +- return NULL; ++ out: ++ res = npth_mutex_unlock (&cache_lock); ++ if (res) ++ log_fatal ("failed to release cache mutex: %s\n", strerror (res)); ++ ++ return value; + } + + diff --git a/patches/0065-gpg-Fix-printing-of-offline-taken-subkey.patch b/patches/0065-gpg-Fix-printing-of-offline-taken-subkey.patch new file mode 100644 index 0000000..4c17652 --- /dev/null +++ b/patches/0065-gpg-Fix-printing-of-offline-taken-subkey.patch @@ -0,0 +1,27 @@ +From: Werner Koch +Date: Fri, 7 Apr 2017 10:11:07 +0200 +Subject: gpg: Fix printing of offline taken subkey. + +* g10/keylist.c (list_keyblock_print): Set SECRET to 2 and not 0x32. +-- + +Reported-by: Danielle McLean +Signed-off-by: Werner Koch +(cherry picked from commit 547bc01d57528ecc27b3b5e16797967a7f88fecf) +--- + g10/keylist.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/g10/keylist.c b/g10/keylist.c +index 4078053..1998ee9 100644 +--- a/g10/keylist.c ++++ b/g10/keylist.c +@@ -1017,7 +1017,7 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr, + if (!agent_get_keyinfo (NULL, hexgrip, &serialno, NULL)) + secret = serialno? 3 : 1; + else +- secret = '2'; /* Key not found. */ ++ secret = 2; /* Key not found. */ + } + + /* Print the "sub" line. */ diff --git a/patches/0066-doc-Explain-the-in-a-key-listing.patch b/patches/0066-doc-Explain-the-in-a-key-listing.patch new file mode 100644 index 0000000..aba3532 --- /dev/null +++ b/patches/0066-doc-Explain-the-in-a-key-listing.patch @@ -0,0 +1,34 @@ +From: Werner Koch +Date: Fri, 7 Apr 2017 10:26:55 +0200 +Subject: doc: Explain the '>' in a key listing. + +-- + +Signed-off-by: Werner Koch +(cherry picked from commit 9c9fde1495be4accf4526a2626110876fd9d788d) +--- + doc/gpg.texi | 11 +++++++---- + 1 file changed, 7 insertions(+), 4 deletions(-) + +diff --git a/doc/gpg.texi b/doc/gpg.texi +index d658737..c591049 100644 +--- a/doc/gpg.texi ++++ b/doc/gpg.texi +@@ -301,10 +301,13 @@ and other programs. + @itemx -K + @opindex list-secret-keys + List the specified secret keys. If no keys are specified, then all +-known secret keys are listed. A @code{#} after the letters @code{sec} +-means that the secret key is not usable (for example, if it was +-exported using @option{--export-secret-subkeys}). See also +-@option{--list-keys}. ++known secret keys are listed. A @code{#} after the intial tags ++@code{sec} or @code{ssb} means that the secret key or subkey is ++currently not usable. We also say that this key has been taken ++offline (for example, a primary key can be taken offline by exported ++the key using the command @option{--export-secret-subkeys}). A ++@code{>} after these tags indicate that the key is stored on a ++smartcard. See also @option{--list-keys}. + + @item --list-signatures + @opindex list-signatures diff --git a/patches/0067-dirmngr-Fix-possible-null-reference.patch b/patches/0067-dirmngr-Fix-possible-null-reference.patch new file mode 100644 index 0000000..d71c926 --- /dev/null +++ b/patches/0067-dirmngr-Fix-possible-null-reference.patch @@ -0,0 +1,28 @@ +From: NIIBE Yutaka +Date: Wed, 12 Apr 2017 15:58:11 +0900 +Subject: dirmngr: Fix possible null reference. + +* dirmngr/dns.c (dns_error_t dns_trace_fput): Check NULL. + +Signed-off-by: NIIBE Yutaka +(cherry picked from commit 7ae1857c90ab43ad9e31f0fb6dbd37f25cc37278) +--- + dirmngr/dns.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/dirmngr/dns.c b/dirmngr/dns.c +index 869e7ed..ebfd4c3 100644 +--- a/dirmngr/dns.c ++++ b/dirmngr/dns.c +@@ -4594,8 +4594,9 @@ dns_error_t dns_trace_fput(const struct dns_trace_event *te, const void *data, s + + if (fwrite(&tmp, 1, headsize, fp) < headsize) + return errno; +- if (fwrite(data, 1, datasize, fp) < datasize) +- return errno; ++ if (data) ++ if (fwrite(data, 1, datasize, fp) < datasize) ++ return errno; + if (fflush(fp)) + return errno; + diff --git a/patches/0068-tools-Fix-condition-for-gpg-connect-agent.patch b/patches/0068-tools-Fix-condition-for-gpg-connect-agent.patch new file mode 100644 index 0000000..821d0a9 --- /dev/null +++ b/patches/0068-tools-Fix-condition-for-gpg-connect-agent.patch @@ -0,0 +1,30 @@ +From: NIIBE Yutaka +Date: Wed, 12 Apr 2017 16:01:16 +0900 +Subject: tools: Fix condition for gpg-connect-agent. + +* tools/gpg-connect-agent.c (start_agent): Add paren. + +-- + +The intention is comparing the error code depending opt.use_dirmngr. +Considering C Operator Precedence, we should have paren here. + +Signed-off-by: NIIBE Yutaka +(cherry picked from commit f52f6af834cc488d11612e349e4af023d69a45f4) +--- + tools/gpg-connect-agent.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tools/gpg-connect-agent.c b/tools/gpg-connect-agent.c +index a5413cf..5af1465 100644 +--- a/tools/gpg-connect-agent.c ++++ b/tools/gpg-connect-agent.c +@@ -2237,7 +2237,7 @@ start_agent (void) + { + if (!opt.autostart + && (gpg_err_code (err) +- == opt.use_dirmngr? GPG_ERR_NO_DIRMNGR : GPG_ERR_NO_AGENT)) ++ == (opt.use_dirmngr? GPG_ERR_NO_DIRMNGR : GPG_ERR_NO_AGENT))) + { + /* In the no-autostart case we don't make gpg-connect-agent + fail on a missing server. */ diff --git a/patches/0069-dirmngr-Fix-alignment-of-ADDR.patch b/patches/0069-dirmngr-Fix-alignment-of-ADDR.patch new file mode 100644 index 0000000..ef6e2ce --- /dev/null +++ b/patches/0069-dirmngr-Fix-alignment-of-ADDR.patch @@ -0,0 +1,155 @@ +From: NIIBE Yutaka +Date: Thu, 13 Apr 2017 14:33:33 +0900 +Subject: dirmngr: Fix alignment of ADDR. + +* dirmngr/dns-stuff.h (dns_addrinfo_s): Use struct sockaddr_storage +for size and alignment. +* dirmngr/dns-stuff.c (resolve_name_libdns): Follow the change. +(resolve_dns_name): Use struct sockaddr_storage. +(resolve_addr_standard, resolve_dns_addr): Likewise. +(resolve_dns_addr): Likewise. + +Signed-off-by: NIIBE Yutaka +(cherry picked from commit 892b33bb2c57785927ea6652091191da2deed464) +--- + dirmngr/dns-stuff.c | 31 +++++++++++++++++-------------- + dirmngr/dns-stuff.h | 4 ++-- + 2 files changed, 19 insertions(+), 16 deletions(-) + +diff --git a/dirmngr/dns-stuff.c b/dirmngr/dns-stuff.c +index ed77742..c63d958 100644 +--- a/dirmngr/dns-stuff.c ++++ b/dirmngr/dns-stuff.c +@@ -827,7 +827,7 @@ resolve_name_libdns (const char *name, unsigned short port, + (*r_canonname)[strlen (*r_canonname)-1] = 0; + } + +- dai = xtrymalloc (sizeof *dai + ent->ai_addrlen -1); ++ dai = xtrymalloc (sizeof *dai); + if (dai == NULL) + { + err = gpg_error_from_syserror (); +@@ -950,7 +950,7 @@ resolve_name_standard (const char *name, unsigned short port, + if (opt_disable_ipv6 && ai->ai_family == AF_INET6) + continue; + +- dai = xtrymalloc (sizeof *dai + ai->ai_addrlen - 1); ++ dai = xtrymalloc (sizeof *dai); + dai->family = ai->ai_family; + dai->socktype = ai->ai_socktype; + dai->protocol = ai->ai_protocol; +@@ -1018,7 +1018,7 @@ resolve_dns_name (const char *name, unsigned short port, + #ifdef USE_LIBDNS + /* Resolve an address using libdns. */ + static gpg_error_t +-resolve_addr_libdns (const struct sockaddr *addr, int addrlen, ++resolve_addr_libdns (const struct sockaddr_storage *addr, int addrlen, + unsigned int flags, char **r_name) + { + gpg_error_t err; +@@ -1032,13 +1032,13 @@ resolve_addr_libdns (const struct sockaddr *addr, int addrlen, + + /* First we turn ADDR into a DNS name (with ".arpa" suffix). */ + err = 0; +- if (addr->sa_family == AF_INET6) ++ if (addr->ss_family == AF_INET6) + { + const struct sockaddr_in6 *a6 = (const struct sockaddr_in6 *)addr; + if (!dns_aaaa_arpa (host, sizeof host, (void*)&a6->sin6_addr)) + err = gpg_error (GPG_ERR_INV_OBJ); + } +- else if (addr->sa_family == AF_INET) ++ else if (addr->ss_family == AF_INET) + { + const struct sockaddr_in *a4 = (const struct sockaddr_in *)addr; + if (!dns_a_arpa (host, sizeof host, (void*)&a4->sin_addr)) +@@ -1126,18 +1126,19 @@ resolve_addr_libdns (const struct sockaddr *addr, int addrlen, + buflen = sizeof ptr.host; + + p = buffer; +- if (addr->sa_family == AF_INET6 && (flags & DNS_WITHBRACKET)) ++ if (addr->ss_family == AF_INET6 && (flags & DNS_WITHBRACKET)) + { + *p++ = '['; + buflen -= 2; + } +- ec = getnameinfo (addr, addrlen, p, buflen, NULL, 0, NI_NUMERICHOST); ++ ec = getnameinfo ((const struct sockaddr *)addr, ++ addrlen, p, buflen, NULL, 0, NI_NUMERICHOST); + if (ec) + { + err = map_eai_to_gpg_error (ec); + goto leave; + } +- if (addr->sa_family == AF_INET6 && (flags & DNS_WITHBRACKET)) ++ if (addr->ss_family == AF_INET6 && (flags & DNS_WITHBRACKET)) + strcat (buffer, "]"); + } + +@@ -1151,7 +1152,7 @@ resolve_addr_libdns (const struct sockaddr *addr, int addrlen, + + /* Resolve an address using the standard system function. */ + static gpg_error_t +-resolve_addr_standard (const struct sockaddr *addr, int addrlen, ++resolve_addr_standard (const struct sockaddr_storage *addr, int addrlen, + unsigned int flags, char **r_name) + { + gpg_error_t err; +@@ -1169,20 +1170,22 @@ resolve_addr_standard (const struct sockaddr *addr, int addrlen, + if ((flags & DNS_NUMERICHOST) || tor_mode) + ec = EAI_NONAME; + else +- ec = getnameinfo (addr, addrlen, buffer, buflen, NULL, 0, NI_NAMEREQD); ++ ec = getnameinfo ((const struct sockaddr *)addr, ++ addrlen, buffer, buflen, NULL, 0, NI_NAMEREQD); + + if (!ec && *buffer == '[') + ec = EAI_FAIL; /* A name may never start with a bracket. */ + else if (ec == EAI_NONAME) + { + p = buffer; +- if (addr->sa_family == AF_INET6 && (flags & DNS_WITHBRACKET)) ++ if (addr->ss_family == AF_INET6 && (flags & DNS_WITHBRACKET)) + { + *p++ = '['; + buflen -= 2; + } +- ec = getnameinfo (addr, addrlen, p, buflen, NULL, 0, NI_NUMERICHOST); +- if (!ec && addr->sa_family == AF_INET6 && (flags & DNS_WITHBRACKET)) ++ ec = getnameinfo ((const struct sockaddr *)addr, ++ addrlen, p, buflen, NULL, 0, NI_NUMERICHOST); ++ if (!ec && addr->ss_family == AF_INET6 && (flags & DNS_WITHBRACKET)) + strcat (buffer, "]"); + } + +@@ -1211,7 +1214,7 @@ resolve_addr_standard (const struct sockaddr *addr, int addrlen, + + /* A wrapper around getnameinfo. */ + gpg_error_t +-resolve_dns_addr (const struct sockaddr *addr, int addrlen, ++resolve_dns_addr (const struct sockaddr_storage *addr, int addrlen, + unsigned int flags, char **r_name) + { + gpg_error_t err; +diff --git a/dirmngr/dns-stuff.h b/dirmngr/dns-stuff.h +index 71605b7..adb0b80 100644 +--- a/dirmngr/dns-stuff.h ++++ b/dirmngr/dns-stuff.h +@@ -78,7 +78,7 @@ struct dns_addrinfo_s + int socktype; + int protocol; + int addrlen; +- struct sockaddr addr[1]; ++ struct sockaddr_storage addr[1]; + }; + + +@@ -142,7 +142,7 @@ gpg_error_t resolve_dns_name (const char *name, unsigned short port, + dns_addrinfo_t *r_dai, char **r_canonname); + + /* Function similar to getnameinfo. */ +-gpg_error_t resolve_dns_addr (const struct sockaddr *addr, int addrlen, ++gpg_error_t resolve_dns_addr (const struct sockaddr_storage *addr, int addrlen, + unsigned int flags, char **r_name); + + /* Return true if NAME is a numerical IP address. */ diff --git a/patches/0070-dirmngr-Fix-http.c-for-sockaddr_storage.patch b/patches/0070-dirmngr-Fix-http.c-for-sockaddr_storage.patch new file mode 100644 index 0000000..a87e7b2 --- /dev/null +++ b/patches/0070-dirmngr-Fix-http.c-for-sockaddr_storage.patch @@ -0,0 +1,70 @@ +From: NIIBE Yutaka +Date: Thu, 13 Apr 2017 14:46:57 +0900 +Subject: dirmngr: Fix http.c for sockaddr_storage. + +dirmngr/http.c (use_socks): Use sockaddr_storage. +(my_sock_new_for_addr, connect_server): Likewise. + +Signed-off-by: NIIBE Yutaka +(cherry picked from commit 86dcb03134fd4957d51ebaa06b7991239f9ee56a) +--- + dirmngr/http.c | 13 +++++++------ + 1 file changed, 7 insertions(+), 6 deletions(-) + +diff --git a/dirmngr/http.c b/dirmngr/http.c +index c9c16df..674cb3d 100644 +--- a/dirmngr/http.c ++++ b/dirmngr/http.c +@@ -2415,13 +2415,13 @@ start_server () + * This function is basically a copy of the same internal fucntion in + * Libassuan. */ + static int +-use_socks (struct sockaddr *addr) ++use_socks (struct sockaddr_storage *addr) + { + int mode; + + if (assuan_sock_get_flag (ASSUAN_INVALID_FD, "tor-mode", &mode) || !mode) + return 0; /* Not in Tor mode. */ +- else if (addr->sa_family == AF_INET6) ++ else if (addr->ss_family == AF_INET6) + { + struct sockaddr_in6 *addr_in6 = (struct sockaddr_in6 *)addr; + const unsigned char *s; +@@ -2436,7 +2436,7 @@ use_socks (struct sockaddr *addr) + + return 0; /* This is the loopback address. */ + } +- else if (addr->sa_family == AF_INET) ++ else if (addr->ss_family == AF_INET) + { + struct sockaddr_in *addr_in = (struct sockaddr_in *)addr; + +@@ -2453,7 +2453,7 @@ use_socks (struct sockaddr *addr) + /* Wrapper around assuan_sock_new which takes the domain from an + * address parameter. */ + static assuan_fd_t +-my_sock_new_for_addr (struct sockaddr *addr, int type, int proto) ++my_sock_new_for_addr (struct sockaddr_storage *addr, int type, int proto) + { + int domain; + +@@ -2464,7 +2464,7 @@ my_sock_new_for_addr (struct sockaddr *addr, int type, int proto) + domain = AF_INET; + } + else +- domain = addr->sa_family; ++ domain = addr->ss_family; + + return assuan_sock_new (domain, type, proto); + } +@@ -2589,7 +2589,8 @@ connect_server (const char *server, unsigned short port, + } + + anyhostaddr = 1; +- if (assuan_sock_connect (sock, ai->addr, ai->addrlen)) ++ if (assuan_sock_connect (sock, (struct sockaddr *)ai->addr, ++ ai->addrlen)) + { + last_err = gpg_err_make (default_errsource, + gpg_err_code_from_syserror ()); diff --git a/patches/0071-g10-Fix-import-export-filter-property-match.patch b/patches/0071-g10-Fix-import-export-filter-property-match.patch new file mode 100644 index 0000000..5c96039 --- /dev/null +++ b/patches/0071-g10-Fix-import-export-filter-property-match.patch @@ -0,0 +1,25 @@ +From: NIIBE Yutaka +Date: Mon, 17 Apr 2017 09:08:31 +0900 +Subject: g10: Fix import/export filter property match. + +* g10/import.c (impex_filter_getval): Fix to "else if". + +Signed-off-by: NIIBE Yutaka +(cherry picked from commit af5f8ecf51f5e1f33e832d4946d02313b78a0536) +--- + g10/import.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/g10/import.c b/g10/import.c +index 4e6f692..125b994 100644 +--- a/g10/import.c ++++ b/g10/import.c +@@ -1235,7 +1235,7 @@ impex_filter_getval (void *cookie, const char *propname) + snprintf (numbuf, sizeof numbuf, "%d", pk->pubkey_algo); + result = numbuf; + } +- if (!strcmp (propname, "key_created")) ++ else if (!strcmp (propname, "key_created")) + { + snprintf (numbuf, sizeof numbuf, "%lu", (ulong)pk->timestamp); + result = numbuf; diff --git a/patches/0072-g10-Minor-fixes.patch b/patches/0072-g10-Minor-fixes.patch new file mode 100644 index 0000000..774e57d --- /dev/null +++ b/patches/0072-g10-Minor-fixes.patch @@ -0,0 +1,66 @@ +From: NIIBE Yutaka +Date: Mon, 17 Apr 2017 09:15:13 +0900 +Subject: g10: Minor fixes. + +* g10/export.c (cleartext_secret_key_to_openpgp): No initialization. +(do_export_one_keyblock): Initialize with GPG_ERR_NOT_FOUND. +* g10/getkey.c (get_best_pubkey_byname): Add non-null check. +* g10/tofu.c (tofu_set_policy): ERR initialize to 0. + +Signed-off-by: NIIBE Yutaka +(cherry picked from commit 0dec0cc281dfa26db89f8cc5ee002dea5c2b2e81) +--- + g10/export.c | 4 ++-- + g10/getkey.c | 3 ++- + g10/tofu.c | 2 +- + 3 files changed, 5 insertions(+), 4 deletions(-) + +diff --git a/g10/export.c b/g10/export.c +index 207f994..ea9ffb4 100644 +--- a/g10/export.c ++++ b/g10/export.c +@@ -580,7 +580,7 @@ canon_pk_algo (enum gcry_pk_algos algo) + static gpg_error_t + cleartext_secret_key_to_openpgp (gcry_sexp_t s_key, PKT_public_key *pk) + { +- gpg_error_t err = gpg_error (GPG_ERR_NOT_IMPLEMENTED); ++ gpg_error_t err; + gcry_sexp_t top_list; + gcry_sexp_t key = NULL; + char *key_type = NULL; +@@ -1524,7 +1524,7 @@ do_export_one_keyblock (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid, + KEYDB_SEARCH_DESC *desc, size_t ndesc, + size_t descindex, gcry_cipher_hd_t cipherhd) + { +- gpg_error_t err; ++ gpg_error_t err = gpg_error (GPG_ERR_NOT_FOUND); + char *cache_nonce = NULL; + subkey_list_t subkey_list = NULL; /* Track already processed subkeys. */ + int skip_until_subkey = 0; +diff --git a/g10/getkey.c b/g10/getkey.c +index 21dcf08..961d7de 100644 +--- a/g10/getkey.c ++++ b/g10/getkey.c +@@ -1640,7 +1640,8 @@ get_best_pubkey_byname (ctrl_t ctrl, GETKEY_CTX *retctx, PKT_public_key *pk, + if (! ctx->kr_handle) + { + xfree (ctx); +- *retctx = NULL; ++ if (retctx) ++ *retctx = NULL; + rc = gpg_error_from_syserror (); + } + else +diff --git a/g10/tofu.c b/g10/tofu.c +index 39457a5..c3a4988 100644 +--- a/g10/tofu.c ++++ b/g10/tofu.c +@@ -3857,7 +3857,7 @@ tofu_get_validity (ctrl_t ctrl, PKT_public_key *pk, strlist_t user_id_list, + gpg_error_t + tofu_set_policy (ctrl_t ctrl, kbnode_t kb, enum tofu_policy policy) + { +- gpg_error_t err; ++ gpg_error_t err = 0; + time_t now = gnupg_get_time (); + tofu_dbs_t dbs; + PKT_public_key *pk; diff --git a/patches/0073-dirmngr-Fix-final-close-of-LISTEN_FD.patch b/patches/0073-dirmngr-Fix-final-close-of-LISTEN_FD.patch new file mode 100644 index 0000000..0963208 --- /dev/null +++ b/patches/0073-dirmngr-Fix-final-close-of-LISTEN_FD.patch @@ -0,0 +1,52 @@ +From: NIIBE Yutaka +Date: Tue, 18 Apr 2017 09:04:11 +0900 +Subject: dirmngr: Fix final close of LISTEN_FD. + +* dirmngr/dirmngr.c (handle_connections): Close LISTEN_FD. + +Signed-off-by: NIIBE Yutaka +(cherry picked from commit 4b2581dc0ea1d03e70023bb0748aa0c21c0a2173) +--- + dirmngr/dirmngr.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c +index 31d3ca2..513e2a6 100644 +--- a/dirmngr/dirmngr.c ++++ b/dirmngr/dirmngr.c +@@ -1905,7 +1905,6 @@ handle_connections (assuan_fd_t listen_fd) + #endif + struct sockaddr_un paddr; + socklen_t plen = sizeof( paddr ); +- gnupg_fd_t fd; + int nfd, ret; + fd_set fdset, read_fdset; + int saved_errno; +@@ -2030,6 +2029,8 @@ handle_connections (assuan_fd_t listen_fd) + + if (FD_ISSET (FD2INT (listen_fd), &read_fdset)) + { ++ gnupg_fd_t fd; ++ + plen = sizeof paddr; + fd = INT2FD (npth_accept (FD2INT(listen_fd), + (struct sockaddr *)&paddr, &plen)); +@@ -2058,7 +2059,6 @@ handle_connections (assuan_fd_t listen_fd) + } + npth_setname_np (thread, threadname); + } +- fd = GNUPG_INVALID_FD; + } + } + +@@ -2067,8 +2067,8 @@ handle_connections (assuan_fd_t listen_fd) + close (my_inotify_fd); + #endif /*HAVE_INOTIFY_INIT*/ + npth_attr_destroy (&tattr); +- if (listen_fd != -1) +- assuan_sock_close (fd); ++ if (listen_fd != GNUPG_INVALID_FD) ++ assuan_sock_close (listen_fd); + cleanup (); + log_info ("%s %s stopped\n", strusage(11), strusage(13)); + } diff --git a/patches/0074-g10-invalidate-the-fd-cache-for-keyring.patch b/patches/0074-g10-invalidate-the-fd-cache-for-keyring.patch new file mode 100644 index 0000000..e366af1 --- /dev/null +++ b/patches/0074-g10-invalidate-the-fd-cache-for-keyring.patch @@ -0,0 +1,41 @@ +From: NIIBE Yutaka +Date: Tue, 25 Apr 2017 07:48:51 +0900 +Subject: g10: invalidate the fd cache for keyring. + +* g10/keyring.c (keyring_search_reset): Don't keep the FD cache. + +-- + +GnuPG-bug-id: 3096 +Fixes-commit: 5556eca5acd46983bff0b38a1ffbc2f07fbaba9f +Signed-off-by: NIIBE Yutaka +(cherry picked from commit 116cfd60779fbb3540da629db54dc2e148f4a3a2) +--- + g10/keyring.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/g10/keyring.c b/g10/keyring.c +index 328290e..d75fdbc 100644 +--- a/g10/keyring.c ++++ b/g10/keyring.c +@@ -692,7 +692,6 @@ keyring_search_reset (KEYRING_HANDLE hd) + { + log_assert (hd); + +- hd->current.kr = NULL; + iobuf_close (hd->current.iobuf); + hd->current.iobuf = NULL; + hd->current.eof = 0; +@@ -700,6 +699,12 @@ keyring_search_reset (KEYRING_HANDLE hd) + + hd->found.kr = NULL; + hd->found.offset = 0; ++ ++ if (hd->current.kr) ++ iobuf_ioctl (NULL, IOBUF_IOCTL_INVALIDATE_CACHE, 0, ++ (char*)hd->current.kr->fname); ++ hd->current.kr = NULL; ++ + return 0; + } + diff --git a/patches/0075-dirmngr-Fix-aliasing-problem-in-dns.c.patch b/patches/0075-dirmngr-Fix-aliasing-problem-in-dns.c.patch new file mode 100644 index 0000000..07c2b54 --- /dev/null +++ b/patches/0075-dirmngr-Fix-aliasing-problem-in-dns.c.patch @@ -0,0 +1,89 @@ +From: NIIBE Yutaka +Date: Tue, 25 Apr 2017 21:00:41 +0900 +Subject: dirmngr: Fix aliasing problem in dns.c. + +* dirmngr/dns.c (dns_ai_setent): Care about aliasing. + +-- + +Co-authored-by: Tomas Mraz +GnuPG-bug-id: 3105 +Signed-off-by: NIIBE Yutaka +(cherry picked from commit 247932f367f856e7ce91528e14f0aaf838150857) +--- + dirmngr/dns.c | 34 ++++++++++++++++++---------------- + 1 file changed, 18 insertions(+), 16 deletions(-) + +diff --git a/dirmngr/dns.c b/dirmngr/dns.c +index ebfd4c3..866f69d 100644 +--- a/dirmngr/dns.c ++++ b/dirmngr/dns.c +@@ -9440,29 +9440,31 @@ void dns_ai_close(struct dns_addrinfo *ai) { + + + static int dns_ai_setent(struct addrinfo **ent, union dns_any *any, enum dns_type type, struct dns_addrinfo *ai) { +- struct sockaddr *saddr; +- struct sockaddr_in sin; +- struct sockaddr_in6 sin6; ++ union u { ++ struct sockaddr_in sin; ++ struct sockaddr_in6 sin6; ++ struct sockaddr_storage ss; ++ } addr; + const char *cname; + size_t clen; + + switch (type) { + case DNS_T_A: +- saddr = memset(&sin, '\0', sizeof sin); ++ memset(&addr.sin, '\0', sizeof addr.sin); + +- sin.sin_family = AF_INET; +- sin.sin_port = htons(ai->port); ++ addr.sin.sin_family = AF_INET; ++ addr.sin.sin_port = htons(ai->port); + +- memcpy(&sin.sin_addr, any, sizeof sin.sin_addr); ++ memcpy(&addr.sin.sin_addr, any, sizeof addr.sin.sin_addr); + + break; + case DNS_T_AAAA: +- saddr = memset(&sin6, '\0', sizeof sin6); ++ memset(&addr.sin6, '\0', sizeof addr.sin6); + +- sin6.sin6_family = AF_INET6; +- sin6.sin6_port = htons(ai->port); ++ addr.sin6.sin6_family = AF_INET6; ++ addr.sin6.sin6_port = htons(ai->port); + +- memcpy(&sin6.sin6_addr, any, sizeof sin6.sin6_addr); ++ memcpy(&addr.sin6.sin6_addr, any, sizeof addr.sin6.sin6_addr); + + break; + default: +@@ -9477,20 +9479,20 @@ static int dns_ai_setent(struct addrinfo **ent, union dns_any *any, enum dns_typ + clen = 0; + } + +- if (!(*ent = malloc(sizeof **ent + dns_sa_len(saddr) + ((ai->hints.ai_flags & AI_CANONNAME)? clen + 1 : 0)))) ++ if (!(*ent = malloc(sizeof **ent + dns_sa_len(&addr) + ((ai->hints.ai_flags & AI_CANONNAME)? clen + 1 : 0)))) + return dns_syerr(); + + memset(*ent, '\0', sizeof **ent); + +- (*ent)->ai_family = saddr->sa_family; ++ (*ent)->ai_family = addr.ss.ss_family; + (*ent)->ai_socktype = ai->hints.ai_socktype; + (*ent)->ai_protocol = ai->hints.ai_protocol; + +- (*ent)->ai_addr = memcpy((unsigned char *)*ent + sizeof **ent, saddr, dns_sa_len(saddr)); +- (*ent)->ai_addrlen = dns_sa_len(saddr); ++ (*ent)->ai_addr = memcpy((unsigned char *)*ent + sizeof **ent, &addr, dns_sa_len(&addr)); ++ (*ent)->ai_addrlen = dns_sa_len(&addr); + + if (ai->hints.ai_flags & AI_CANONNAME) +- (*ent)->ai_canonname = memcpy((unsigned char *)*ent + sizeof **ent + dns_sa_len(saddr), cname, clen + 1); ++ (*ent)->ai_canonname = memcpy((unsigned char *)*ent + sizeof **ent + dns_sa_len(&addr), cname, clen + 1); + + ai->found++; + diff --git a/patches/avoid-spurious-warnings/0078-gpg-Avoid-spurious-warnings-about-trust-packets.patch b/patches/avoid-spurious-warnings/0078-gpg-Avoid-spurious-warnings-about-trust-packets.patch new file mode 100644 index 0000000..d0d7921 --- /dev/null +++ b/patches/avoid-spurious-warnings/0078-gpg-Avoid-spurious-warnings-about-trust-packets.patch @@ -0,0 +1,39 @@ +From: Daniel Kahn Gillmor +Date: Fri, 5 May 2017 22:37:23 -0400 +Subject: gpg: Avoid spurious warnings about trust packets. + +* g10/keydb.c (parse_keyblock_image): Do not emit a warning when +skipping a trust packet. + +-- + +2.1.20 and later store trust packets in the keybox. If an older +version (like 2.1.18) ends up accessing a keybox that 2.1.20 or later +has used, it produces many spurious warnings like: + + gpg: skipped packet of type 12 in keybox + +This is a temporary cleanup to avoid these specific warnings; it can +be dropped when moving to 2.1.20 or later. + +Signed-off-by: Daniel Kahn Gillmor +--- + g10/keydb.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/g10/keydb.c b/g10/keydb.c +index aab90e3..81dd32e 100644 +--- a/g10/keydb.c ++++ b/g10/keydb.c +@@ -1205,8 +1205,9 @@ parse_keyblock_image (iobuf_t iobuf, int pk_no, int uid_no, + default: + /* Note that can't allow ring trust packets here and some of + the other GPG specific packets don't make sense either. */ +- log_error ("skipped packet of type %d in keybox\n", +- (int)pkt->pkttype); ++ if (pkt->pkttype != PKT_RING_TRUST) ++ log_error ("skipped packet of type %d in keybox\n", ++ (int)pkt->pkttype); + free_packet(pkt); + init_packet(pkt); + continue; diff --git a/patches/block-ptrace-on-agent/0002-Avoid-simple-memory-dumps-via-ptrace.patch b/patches/block-ptrace-on-agent/0002-Avoid-simple-memory-dumps-via-ptrace.patch new file mode 100644 index 0000000..96a8e0d --- /dev/null +++ b/patches/block-ptrace-on-agent/0002-Avoid-simple-memory-dumps-via-ptrace.patch @@ -0,0 +1,60 @@ +From: Daniel Kahn Gillmor +Date: Tue, 11 Aug 2015 20:28:26 -0400 +Subject: Avoid simple memory dumps via ptrace + +This avoids needing to setgid gpg-agent. It probably doesn't defend +against all possible attacks, but it defends against one specific (and +easy) one. If there are other protections we should do them too. + +This will make it slightly harder to debug the agent because the +normal user won't be able to attach gdb to it directly while it runs. + +The remaining options for debugging are: + + * launch the agent from gdb directly + * connect gdb to a running agent as the superuser + +Upstream bug: https://bugs.gnupg.org/gnupg/issue1211 +--- + agent/gpg-agent.c | 8 ++++++++ + configure.ac | 1 + + 2 files changed, 9 insertions(+) + +diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c +index c0208cc88..31bf3370a 100644 +--- a/agent/gpg-agent.c ++++ b/agent/gpg-agent.c +@@ -48,6 +48,9 @@ + # include + #endif + #include ++#ifdef HAVE_PRCTL ++# include ++#endif + + #define GNUPG_COMMON_NEED_AFLOCAL + #include "agent.h" +@@ -949,6 +952,11 @@ main (int argc, char **argv ) + + early_system_init (); + ++#if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE) ++ /* Disable ptrace on Linux without sgid bit */ ++ prctl(PR_SET_DUMPABLE, 0); ++#endif ++ + /* Before we do anything else we save the list of currently open + file descriptors and the signal mask. This info is required to + do the exec call properly. We don't need it on Windows. */ +diff --git a/configure.ac b/configure.ac +index f929cb60f..f2b6a70d2 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -1335,6 +1335,7 @@ AC_CHECK_FUNCS([strerror strlwr tcgetattr mmap canonicalize_file_name]) + AC_CHECK_FUNCS([strcasecmp strncasecmp ctermid times gmtime_r strtoull]) + AC_CHECK_FUNCS([setenv unsetenv fcntl ftruncate inet_ntop]) + AC_CHECK_FUNCS([canonicalize_file_name]) ++AC_CHECK_FUNCS([prctl]) + AC_CHECK_FUNCS([gettimeofday getrusage getrlimit setrlimit clock_gettime]) + AC_CHECK_FUNCS([atexit raise getpagesize strftime nl_langinfo setlocale]) + AC_CHECK_FUNCS([waitpid wait4 sigaction sigprocmask pipe getaddrinfo]) diff --git a/patches/debian-packaging/0001-avoid-beta-warning.patch b/patches/debian-packaging/0001-avoid-beta-warning.patch new file mode 100644 index 0000000..ea08ce8 --- /dev/null +++ b/patches/debian-packaging/0001-avoid-beta-warning.patch @@ -0,0 +1,44 @@ +From: Debian GnuPG Maintainers +Date: Tue, 14 Apr 2015 10:02:31 -0400 +Subject: avoid-beta-warning + +avoid self-describing as a beta + +Using autoreconf against the source as distributed in tarball form +invariably results in a package that thinks it's a "beta" package, +which produces the "THIS IS A DEVELOPMENT VERSION" warning string. + +since we use dh_autoreconf, i need this patch to avoid producing +builds that announce themselves as DEVELOPMENT VERSIONs. + +See discussion at: + + http://lists.gnupg.org/pipermail/gnupg-devel/2014-November/029065.html +--- + autogen.sh | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/autogen.sh b/autogen.sh +index e5ba5bf05..d7bab0383 100755 +--- a/autogen.sh ++++ b/autogen.sh +@@ -229,7 +229,7 @@ if [ "$myhost" = "find-version" ]; then + esac + + beta=no +- if [ -e .git ]; then ++ if false; then + ingit=yes + tmp=$(git describe --match "${matchstr1}" --long 2>/dev/null) + tmp=$(echo "$tmp" | sed s/^"$package"//) +@@ -245,8 +245,8 @@ if [ "$myhost" = "find-version" ]; then + rvd=$((0x$(echo ${rev} | dd bs=1 count=4 2>/dev/null))) + else + ingit=no +- beta=yes +- tmp="-unknown" ++ beta=no ++ tmp="" + rev="0000000" + rvd="0" + fi diff --git a/patches/debian-packaging/0003-avoid-regenerating-defsincdate-use-shipped-file.patch b/patches/debian-packaging/0003-avoid-regenerating-defsincdate-use-shipped-file.patch new file mode 100644 index 0000000..c141e4f --- /dev/null +++ b/patches/debian-packaging/0003-avoid-regenerating-defsincdate-use-shipped-file.patch @@ -0,0 +1,37 @@ +From: Daniel Kahn Gillmor +Date: Mon, 29 Aug 2016 12:34:42 -0400 +Subject: avoid regenerating defsincdate (use shipped file) + +upstream ships doc/defsincdate in its tarballs. but doc/Makefile.am +tries to rewrite doc/defsincdate if it notices that any of the files +have been modified more recently, and it does so assuming that we're +running from a git repo. + +However, we'd rather ship the documents cleanly without regenerating +defsincdate -- we don't have a git repo available (debian builds from +upstream tarballs) and any changes to the texinfo files (e.g. from +debian/patches/) might result in different dates on the files than we +expect after they're applied by dpkg or quilt or whatever, which makes +the datestamp unreproducible. +--- + doc/Makefile.am | 7 ------- + 1 file changed, 7 deletions(-) + +diff --git a/doc/Makefile.am b/doc/Makefile.am +index 0c2f2c9dc..65b941ca7 100644 +--- a/doc/Makefile.am ++++ b/doc/Makefile.am +@@ -167,13 +167,6 @@ $(myman_pages) gnupg.7 : yat2m-stamp defs.inc + + dist-hook: defsincdate + +-defsincdate: $(gnupg_TEXINFOS) +- : >defsincdate ; \ +- if test -e $(top_srcdir)/.git; then \ +- (cd $(srcdir) && git log -1 --format='%ct' \ +- -- $(gnupg_TEXINFOS) 2>/dev/null) >>defsincdate; \ +- fi +- + defs.inc : defsincdate Makefile mkdefsinc + incd="`test -f defsincdate || echo '$(srcdir)/'`defsincdate"; \ + ./mkdefsinc -C $(srcdir) --date "`cat $$incd 2>/dev/null`" \ diff --git a/patches/dirmngr-idling/0001-dirmngr-hkp-Avoid-potential-race-condition-when-some.patch b/patches/dirmngr-idling/0001-dirmngr-hkp-Avoid-potential-race-condition-when-some.patch new file mode 100644 index 0000000..f1bcde3 --- /dev/null +++ b/patches/dirmngr-idling/0001-dirmngr-hkp-Avoid-potential-race-condition-when-some.patch @@ -0,0 +1,77 @@ +From: Daniel Kahn Gillmor +Date: Sat, 29 Oct 2016 01:25:05 -0400 +Subject: dirmngr: hkp: Avoid potential race condition when some hosts die. + +* dirmngr/ks-engine-hkp.c (select_random_host): Use atomic pass +through the host table instead of risking out-of-bounds write. + +-- + +Multiple threads may write to hosttable[x]->dead while +select_random_host() is running. For example, a housekeeping thread +might clear the ->dead bit on some entries, or another connection to +dirmngr might manually mark a host as alive. + +If one or more hosts are resurrected between the two loops over a +given table in select_random_host(), then the allocation of tbl might +not be large enough, resulting in a write past the end of tbl on the +second loop. + +This change collapses the two loops into a single loop to avoid this +discrepancy: each host's "dead" bit is now only checked once. + +As Werner points out, this isn't currently strictly necessary, since +npth will not switch threads unless a blocking system call is made, +and no blocking system call is made in these two loops. + +However, in a subsequent change in this series, we will call a +function in this loop, and that function may sometimes write(2), or +call other functions, which may themselves block. Keeping this as a +single-pass loop avoids the need to keep track of what might block and +what might not. + +Signed-off-by: Daniel Kahn Gillmor +--- + dirmngr/ks-engine-hkp.c | 21 ++++++++++----------- + 1 file changed, 10 insertions(+), 11 deletions(-) + +diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c +index 45965cecc..57e7529f3 100644 +--- a/dirmngr/ks-engine-hkp.c ++++ b/dirmngr/ks-engine-hkp.c +@@ -209,25 +209,24 @@ host_in_pool_p (int *pool, int tblidx) + static int + select_random_host (int *table) + { +- int *tbl; +- size_t tblsize; ++ int *tbl = NULL; ++ size_t tblsize = 0; + int pidx, idx; + + /* We create a new table so that we randomly select only from + currently alive hosts. */ +- for (idx=0, tblsize=0; (pidx = table[idx]) != -1; idx++) ++ for (idx=0; (pidx = table[idx]) != -1; idx++) + if (hosttable[pidx] && !hosttable[pidx]->dead) +- tblsize++; ++ { ++ tblsize++; ++ tbl = xtryrealloc(tbl, tblsize * sizeof *tbl); ++ if (!tbl) ++ return -1; /* memory allocation failed! */ ++ tbl[tblsize-1] = pidx; ++ } + if (!tblsize) + return -1; /* No hosts. */ + +- tbl = xtrymalloc (tblsize * sizeof *tbl); +- if (!tbl) +- return -1; +- for (idx=0, tblsize=0; (pidx = table[idx]) != -1; idx++) +- if (hosttable[pidx] && !hosttable[pidx]->dead) +- tbl[tblsize++] = pidx; +- + if (tblsize == 1) /* Save a get_uint_nonce. */ + pidx = tbl[0]; + else diff --git a/patches/dirmngr-idling/0002-dimrngr-Avoid-need-for-hkp-housekeeping.patch b/patches/dirmngr-idling/0002-dimrngr-Avoid-need-for-hkp-housekeeping.patch new file mode 100644 index 0000000..c23485c --- /dev/null +++ b/patches/dirmngr-idling/0002-dimrngr-Avoid-need-for-hkp-housekeeping.patch @@ -0,0 +1,225 @@ +From: Daniel Kahn Gillmor +Date: Sat, 29 Oct 2016 02:00:50 -0400 +Subject: dimrngr: Avoid need for hkp housekeeping. + +* dirmngr/ks-engine-hkp.c (host_is_alive): New function. Test whether +host is alive and resurrects it if it has been dead long enough. +(select_random_host, map_host, ks_hkp_mark_host): Use host_is_alive +instead of testing hostinfo_t->dead directly. +(ks_hkp_housekeeping): Remove function, no longer needed. +* dirmngr/dirmngr.c (housekeeping_thread): Remove call to +ks_hkp_housekeeping. + +-- + +Rather than resurrecting hosts upon scheduled resurrection times, test +whether hosts should be resurrected as they're inspected for being +dead. This removes the need for explicit housekeeping, and makes host +resurrections happen "just in time", rather than being clustered on +HOUSEKEEPING_INTERVAL seconds. + +Signed-off-by: Daniel Kahn Gillmor +--- + dirmngr/dirmngr.c | 3 -- + dirmngr/dirmngr.h | 1 - + dirmngr/ks-engine-hkp.c | 73 ++++++++++++++++++++++++------------------------- + 3 files changed, 36 insertions(+), 41 deletions(-) + +diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c +index 061cfc300..a8be56fa4 100644 +--- a/dirmngr/dirmngr.c ++++ b/dirmngr/dirmngr.c +@@ -1771,12 +1771,10 @@ static void * + housekeeping_thread (void *arg) + { + static int sentinel; +- time_t curtime; + struct server_control_s ctrlbuf; + + (void)arg; + +- curtime = gnupg_get_time (); + if (sentinel) + { + log_info ("housekeeping is already going on\n"); +@@ -1789,7 +1787,6 @@ housekeeping_thread (void *arg) + memset (&ctrlbuf, 0, sizeof ctrlbuf); + dirmngr_init_default_ctrl (&ctrlbuf); + +- ks_hkp_housekeeping (curtime); + if (network_activity_seen) + { + network_activity_seen = 0; +diff --git a/dirmngr/dirmngr.h b/dirmngr/dirmngr.h +index 35bc000fb..acd4c636d 100644 +--- a/dirmngr/dirmngr.h ++++ b/dirmngr/dirmngr.h +@@ -193,7 +193,6 @@ const char* dirmngr_get_current_socket_name (void); + + + /*-- Various housekeeping functions. --*/ +-void ks_hkp_housekeeping (time_t curtime); + void ks_hkp_reload (void); + + +diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c +index 57e7529f3..2b90441e2 100644 +--- a/dirmngr/ks-engine-hkp.c ++++ b/dirmngr/ks-engine-hkp.c +@@ -203,6 +203,25 @@ host_in_pool_p (int *pool, int tblidx) + } + + ++static int ++host_is_alive (hostinfo_t hi, time_t curtime) ++{ ++ if (!hi) ++ return 0; ++ if (!hi->dead) ++ return 1; ++ if (!hi->died_at) ++ return 0; /* manually marked dead */ ++ if (hi->died_at + RESURRECT_INTERVAL <= curtime ++ || hi->died_at > curtime) ++ { ++ hi->dead = 0; ++ log_info ("resurrected host '%s'", hi->name); ++ return 1; ++ } ++ return 0; ++} ++ + /* Select a random host. Consult TABLE which indices into the global + hosttable. Returns index into TABLE or -1 if no host could be + selected. */ +@@ -212,11 +231,13 @@ select_random_host (int *table) + int *tbl = NULL; + size_t tblsize = 0; + int pidx, idx; ++ time_t curtime; + ++ curtime = gnupg_get_time (); + /* We create a new table so that we randomly select only from + currently alive hosts. */ + for (idx=0; (pidx = table[idx]) != -1; idx++) +- if (hosttable[pidx] && !hosttable[pidx]->dead) ++ if (hosttable[pidx] && host_is_alive (hosttable[pidx], curtime)) + { + tblsize++; + tbl = xtryrealloc(tbl, tblsize * sizeof *tbl); +@@ -395,6 +416,7 @@ map_host (ctrl_t ctrl, const char *name, const char *srvtag, int force_reselect, + gpg_error_t err = 0; + hostinfo_t hi; + int idx; ++ time_t curtime; + + *r_host = NULL; + if (r_httpflags) +@@ -531,6 +553,7 @@ map_host (ctrl_t ctrl, const char *name, const char *srvtag, int force_reselect, + xfree (reftbl); + } + ++ curtime = gnupg_get_time (); + hi = hosttable[idx]; + if (hi->pool) + { +@@ -547,7 +570,7 @@ map_host (ctrl_t ctrl, const char *name, const char *srvtag, int force_reselect, + if (force_reselect) + hi->poolidx = -1; + else if (hi->poolidx >= 0 && hi->poolidx < hosttable_size +- && hosttable[hi->poolidx] && hosttable[hi->poolidx]->dead) ++ && hosttable[hi->poolidx] && !host_is_alive (hosttable[hi->poolidx], curtime)) + hi->poolidx = -1; + + /* Select a host if needed. */ +@@ -599,7 +622,7 @@ map_host (ctrl_t ctrl, const char *name, const char *srvtag, int force_reselect, + free_dns_addrinfo (aibuf); + } + +- if (hi->dead) ++ if (!host_is_alive (hi, curtime)) + { + log_error ("host '%s' marked as dead\n", hi->name); + if (r_httphost) +@@ -704,7 +727,8 @@ ks_hkp_mark_host (ctrl_t ctrl, const char *name, int alive) + { + gpg_error_t err = 0; + hostinfo_t hi, hi2; +- int idx, idx2, idx3, n; ++ int idx, idx2, idx3, n, is_alive; ++ time_t curtime; + + if (!name || !*name || !strcmp (name, "localhost")) + return 0; +@@ -713,13 +737,15 @@ ks_hkp_mark_host (ctrl_t ctrl, const char *name, int alive) + if (idx == -1) + return gpg_error (GPG_ERR_NOT_FOUND); + ++ curtime = gnupg_get_time (); + hi = hosttable[idx]; +- if (alive && hi->dead) ++ is_alive = host_is_alive (hi, curtime); ++ if (alive && !is_alive) + { + hi->dead = 0; + err = ks_printf_help (ctrl, "marking '%s' as alive", name); + } +- else if (!alive && !hi->dead) ++ else if (!alive && is_alive) + { + hi->dead = 1; + hi->died_at = 0; /* Manually set dead. */ +@@ -751,14 +777,15 @@ ks_hkp_mark_host (ctrl_t ctrl, const char *name, int alive) + + hi2 = hosttable[n]; + if (!hi2) +- ; +- else if (alive && hi2->dead) ++ continue; ++ is_alive = host_is_alive (hi2, curtime); ++ if (alive && !is_alive) + { + hi2->dead = 0; + err = ks_printf_help (ctrl, "marking '%s' as alive", + hi2->name); + } +- else if (!alive && !hi2->dead) ++ else if (!alive && is_alive) + { + hi2->dead = 1; + hi2->died_at = 0; /* Manually set dead. */ +@@ -974,34 +1001,6 @@ ks_hkp_resolve (ctrl_t ctrl, parsed_uri_t uri) + } + + +-/* Housekeeping function called from the housekeeping thread. It is +- used to mark dead hosts alive so that they may be tried again after +- some time. */ +-void +-ks_hkp_housekeeping (time_t curtime) +-{ +- int idx; +- hostinfo_t hi; +- +- for (idx=0; idx < hosttable_size; idx++) +- { +- hi = hosttable[idx]; +- if (!hi) +- continue; +- if (!hi->dead) +- continue; +- if (!hi->died_at) +- continue; /* Do not resurrect manually shot hosts. */ +- if (hi->died_at + RESURRECT_INTERVAL <= curtime +- || hi->died_at > curtime) +- { +- hi->dead = 0; +- log_info ("resurrected host '%s'", hi->name); +- } +- } +-} +- +- + /* Reload (SIGHUP) action for this module. We mark all host alive + * even those which have been manually shot. */ + void diff --git a/patches/dirmngr-idling/0004-dirmngr-Avoid-automatically-checking-upstream-swdb.patch b/patches/dirmngr-idling/0004-dirmngr-Avoid-automatically-checking-upstream-swdb.patch new file mode 100644 index 0000000..7791852 --- /dev/null +++ b/patches/dirmngr-idling/0004-dirmngr-Avoid-automatically-checking-upstream-swdb.patch @@ -0,0 +1,69 @@ +From: Daniel Kahn Gillmor +Date: Sun, 20 Nov 2016 23:09:24 -0500 +Subject: dirmngr: Avoid automatically checking upstream swdb. + +* dirmngr/dirmngr.c (housekeeping_thread): Avoid automatically +checking upstream's software database. In Debian, software updates +should be handled by the distro mechanism, and additional upstream +checks only confuse the user. +* doc/dirmngr.texi: document that --allow-version-check does nothing. + +Signed-off-by: Daniel Kahn Gillmor +--- + dirmngr/dirmngr.c | 13 ------------- + doc/dirmngr.texi | 11 +++++------ + 2 files changed, 5 insertions(+), 19 deletions(-) + +diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c +index a8be56fa4..746f43d10 100644 +--- a/dirmngr/dirmngr.c ++++ b/dirmngr/dirmngr.c +@@ -1771,7 +1771,6 @@ static void * + housekeeping_thread (void *arg) + { + static int sentinel; +- struct server_control_s ctrlbuf; + + (void)arg; + +@@ -1784,18 +1783,6 @@ housekeeping_thread (void *arg) + if (opt.verbose > 1) + log_info ("starting housekeeping\n"); + +- memset (&ctrlbuf, 0, sizeof ctrlbuf); +- dirmngr_init_default_ctrl (&ctrlbuf); +- +- if (network_activity_seen) +- { +- network_activity_seen = 0; +- if (opt.use_tor || opt.allow_version_check) +- dirmngr_load_swdb (&ctrlbuf, 0); +- } +- +- dirmngr_deinit_default_ctrl (&ctrlbuf); +- + if (opt.verbose > 1) + log_info ("ready with housekeeping\n"); + sentinel--; +diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi +index e27157c00..dd104273d 100644 +--- a/doc/dirmngr.texi ++++ b/doc/dirmngr.texi +@@ -266,12 +266,11 @@ seconds. + @item --allow-version-check + @opindex allow-version-check + Allow Dirmngr to connect to @code{https://versions.gnupg.org} to get +-the list of current software versions. If this option is enabled, or +-if @option{use-tor} is active, the list is retrieved when the local +-copy does not exist or is older than 5 to 7 days. See the option +-@option{--query-swdb} of the command @command{gpgconf} for more +-details. Note, that regardless of this option a version check can +-always be triggered using this command: ++the list of current software versions. On debian-packaged versions, ++this option does nothing since software updates should be handled by ++the distribution. See the option @option{--query-swdb} of the command ++@command{gpgconf} for more details. Note, that regardless of this ++option a version check can always be triggered using this command: + + @example + gpg-connect-agent --dirmngr 'loadswdb --force' /bye diff --git a/patches/dirmngr-idling/0005-dirmngr-Drop-useless-housekeeping.patch b/patches/dirmngr-idling/0005-dirmngr-Drop-useless-housekeeping.patch new file mode 100644 index 0000000..69bdc9d --- /dev/null +++ b/patches/dirmngr-idling/0005-dirmngr-Drop-useless-housekeeping.patch @@ -0,0 +1,199 @@ +From: Daniel Kahn Gillmor +Date: Sat, 29 Oct 2016 02:15:08 -0400 +Subject: dirmngr: Drop useless housekeeping. + +* dirmngr/dirmngr.c (handle_tick, time_for_housekeeping_p, +housekeeping_thread): Remove, no longer needed. +(handle_connections): Drop any attempt at a timeout, since no +housekeeping is necessary. + +-- + +The housekeeping thread no longer does anything, and the main loop was +waking up every 60 seconds for no good reason. The code is simpler +and the runtime is more efficient if we drop this. + +Signed-off-by: Daniel Kahn Gillmor +--- + dirmngr/dirmngr.c | 113 +++--------------------------------------------------- + 1 file changed, 5 insertions(+), 108 deletions(-) + +diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c +index 746f43d10..8d9de9e5a 100644 +--- a/dirmngr/dirmngr.c ++++ b/dirmngr/dirmngr.c +@@ -304,13 +304,6 @@ static int active_connections; + * thread to run background network tasks. */ + static int network_activity_seen; + +-/* The timer tick used for housekeeping stuff. */ +-#define TIMERTICK_INTERVAL (60) +- +-/* How oft to run the housekeeping. */ +-#define HOUSEKEEPING_INTERVAL (600) +- +- + /* This union is used to avoid compiler warnings in case a pointer is + 64 bit and an int 32 bit. We store an integer in a pointer and get + it back later (npth_getspecific et al.). */ +@@ -1766,83 +1759,6 @@ handle_signal (int signo) + #endif /*!HAVE_W32_SYSTEM*/ + + +-/* Thread to do the housekeeping. */ +-static void * +-housekeeping_thread (void *arg) +-{ +- static int sentinel; +- +- (void)arg; +- +- if (sentinel) +- { +- log_info ("housekeeping is already going on\n"); +- return NULL; +- } +- sentinel++; +- if (opt.verbose > 1) +- log_info ("starting housekeeping\n"); +- +- if (opt.verbose > 1) +- log_info ("ready with housekeeping\n"); +- sentinel--; +- return NULL; +- +-} +- +- +-#if GPGRT_GCC_HAVE_PUSH_PRAGMA +-# pragma GCC push_options +-# pragma GCC optimize ("no-strict-overflow") +-#endif +-static int +-time_for_housekeeping_p (time_t curtime) +-{ +- static time_t last_housekeeping; +- +- if (!last_housekeeping) +- last_housekeeping = curtime; +- +- if (last_housekeeping + HOUSEKEEPING_INTERVAL <= curtime +- || last_housekeeping > curtime /*(be prepared for y2038)*/) +- { +- last_housekeeping = curtime; +- return 1; +- } +- return 0; +-} +-#if GPGRT_GCC_HAVE_PUSH_PRAGMA +-# pragma GCC pop_options +-#endif +- +- +-/* This is the worker for the ticker. It is called every few seconds +- and may only do fast operations. */ +-static void +-handle_tick (void) +-{ +- if (time_for_housekeeping_p (gnupg_get_time ())) +- { +- npth_t thread; +- npth_attr_t tattr; +- int err; +- +- err = npth_attr_init (&tattr); +- if (err) +- log_error ("error preparing housekeeping thread: %s\n", strerror (err)); +- else +- { +- npth_attr_setdetachstate (&tattr, NPTH_CREATE_DETACHED); +- err = npth_create (&thread, &tattr, housekeeping_thread, NULL); +- if (err) +- log_error ("error spawning housekeeping thread: %s\n", +- strerror (err)); +- npth_attr_destroy (&tattr); +- } +- } +-} +- +- + /* Check the nonce on a new connection. This is a NOP unless we are + using our Unix domain socket emulation under Windows. */ + static int +@@ -1943,9 +1859,6 @@ handle_connections (assuan_fd_t listen_fd) + gnupg_fd_t fd; + int nfd, ret; + fd_set fdset, read_fdset; +- struct timespec abstime; +- struct timespec curtime; +- struct timespec timeout; + int saved_errno; + int my_inotify_fd = -1; + +@@ -1985,9 +1898,7 @@ handle_connections (assuan_fd_t listen_fd) + #endif /*HAVE_INOTIFY_INIT*/ + + +- /* Setup the fdset. It has only one member. This is because we use +- pth_select instead of pth_accept to properly sync timeouts with +- to full second. */ ++ /* Setup the fdset. */ + FD_ZERO (&fdset); + FD_SET (FD2INT (listen_fd), &fdset); + nfd = FD2INT (listen_fd); +@@ -1998,9 +1909,6 @@ handle_connections (assuan_fd_t listen_fd) + nfd = my_inotify_fd; + } + +- npth_clock_gettime (&abstime); +- abstime.tv_sec += TIMERTICK_INTERVAL; +- + /* Main loop. */ + for (;;) + { +@@ -2011,7 +1919,7 @@ handle_connections (assuan_fd_t listen_fd) + break; /* ready */ + + /* Do not accept new connections but keep on running the +- * loop to cope with the timer events. ++ * select loop to wait for signals (e.g. SIGCHLD). + * + * Note that we do not close the listening socket because a + * client trying to connect to that socket would instead +@@ -2031,24 +1939,14 @@ handle_connections (assuan_fd_t listen_fd) + /* Take a copy of the fdset. */ + read_fdset = fdset; + +- npth_clock_gettime (&curtime); +- if (!(npth_timercmp (&curtime, &abstime, <))) +- { +- /* Timeout. */ +- handle_tick (); +- npth_clock_gettime (&abstime); +- abstime.tv_sec += TIMERTICK_INTERVAL; +- } +- npth_timersub (&abstime, &curtime, &timeout); +- + #ifndef HAVE_W32_SYSTEM +- ret = npth_pselect (nfd+1, &read_fdset, NULL, NULL, &timeout, npth_sigev_sigmask()); ++ ret = npth_pselect (nfd+1, &read_fdset, NULL, NULL, NULL, npth_sigev_sigmask()); + saved_errno = errno; + + while (npth_sigev_get_pending(&signo)) + handle_signal (signo); + #else +- ret = npth_eselect (nfd+1, &read_fdset, NULL, NULL, &timeout, NULL, NULL); ++ ret = npth_eselect (nfd+1, &read_fdset, NULL, NULL, NULL, NULL, NULL); + saved_errno = errno; + #endif + +@@ -2062,8 +1960,7 @@ handle_connections (assuan_fd_t listen_fd) + + if (ret <= 0) + { +- /* Interrupt or timeout. Will be handled when calculating the +- next timeout. */ ++ /* Interrupt. Will be handled at the top of the next loop. */ + continue; + } + diff --git a/patches/gpg-agent-idling/0001-agent-Create-framework-of-scheduled-timers.patch b/patches/gpg-agent-idling/0001-agent-Create-framework-of-scheduled-timers.patch new file mode 100644 index 0000000..05817dd --- /dev/null +++ b/patches/gpg-agent-idling/0001-agent-Create-framework-of-scheduled-timers.patch @@ -0,0 +1,192 @@ +From: Daniel Kahn Gillmor +Date: Mon, 31 Oct 2016 21:27:36 -0400 +Subject: agent: Create framework of scheduled timers. + +agent/gpg-agent.c (handle_tick): Remove intermittent call to +check_own_socket. +(tv_is_set): Add inline helper function for readability. +(handle_connections) Create general table of pending scheduled +timeouts. + +-- + +handle_tick() does fine-grained, rapid activity. check_own_socket() +is supposed to happen at a different interval. + +Mixing the two of them makes it a requirement that one interval be a +multiple of the other, which isn't ideal if there are different delay +strategies that we might want in the future. + +Creating an extensible regular timer framework in handle_connections +should make it possible to have any number of cadenced timers fire +regularly, without requiring that they happen in cadences related to +each other. + +It should also make it possible to dynamically change the cadence of +any regularly-scheduled timeout. + +Signed-off-by: Daniel Kahn Gillmor +--- + agent/gpg-agent.c | 87 ++++++++++++++++++++++++++++++++++++------------------- + 1 file changed, 58 insertions(+), 29 deletions(-) + +diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c +index 31bf3370a..25aae6af0 100644 +--- a/agent/gpg-agent.c ++++ b/agent/gpg-agent.c +@@ -2282,11 +2282,6 @@ create_directories (void) + static void + handle_tick (void) + { +- static time_t last_minute; +- +- if (!last_minute) +- last_minute = time (NULL); +- + /* Check whether the scdaemon has died and cleanup in this case. */ + agent_scd_check_aliveness (); + +@@ -2305,16 +2300,6 @@ handle_tick (void) + } + } + #endif /*HAVE_W32_SYSTEM*/ +- +- /* Code to be run from time to time. */ +-#if CHECK_OWN_SOCKET_INTERVAL > 0 +- if (last_minute + CHECK_OWN_SOCKET_INTERVAL <= time (NULL)) +- { +- check_own_socket (); +- last_minute = time (NULL); +- } +-#endif +- + } + + +@@ -2711,6 +2696,15 @@ start_connection_thread_ssh (void *arg) + } + + ++/* helper function for readability: test whether a given struct ++ timespec is set to all-zeros */ ++static inline int ++tv_is_set (struct timespec tv) ++{ ++ return tv.tv_sec || tv.tv_nsec; ++} ++ ++ + /* Connection handler loop. Wait for connection requests and spawn a + thread after accepting a connection. */ + static void +@@ -2728,9 +2722,11 @@ handle_connections (gnupg_fd_t listen_fd, + gnupg_fd_t fd; + int nfd; + int saved_errno; ++ int idx; + struct timespec abstime; + struct timespec curtime; + struct timespec timeout; ++ struct timespec *select_timeout; + #ifdef HAVE_W32_SYSTEM + HANDLE events[2]; + unsigned int events_set; +@@ -2746,6 +2742,14 @@ handle_connections (gnupg_fd_t listen_fd, + { "browser", start_connection_thread_browser }, + { "ssh", start_connection_thread_ssh } + }; ++ struct { ++ struct timespec interval; ++ void (*func) (void); ++ struct timespec next; ++ } timertbl[] = { ++ { { TIMERTICK_INTERVAL, 0 }, handle_tick }, ++ { { CHECK_OWN_SOCKET_INTERVAL, 0 }, check_own_socket } ++ }; + + + ret = npth_attr_init(&tattr); +@@ -2835,9 +2839,6 @@ handle_connections (gnupg_fd_t listen_fd, + listentbl[2].l_fd = listen_fd_browser; + listentbl[3].l_fd = listen_fd_ssh; + +- npth_clock_gettime (&abstime); +- abstime.tv_sec += TIMERTICK_INTERVAL; +- + for (;;) + { + /* Shutdown test. */ +@@ -2866,18 +2867,47 @@ handle_connections (gnupg_fd_t listen_fd, + thus a simple assignment is fine to copy the entire set. */ + read_fdset = fdset; + ++ /* loop through all timers, fire any registered functions, and ++ plan next timer to trigger */ + npth_clock_gettime (&curtime); +- if (!(npth_timercmp (&curtime, &abstime, <))) +- { +- /* Timeout. */ +- handle_tick (); +- npth_clock_gettime (&abstime); +- abstime.tv_sec += TIMERTICK_INTERVAL; +- } +- npth_timersub (&abstime, &curtime, &timeout); ++ abstime.tv_sec = abstime.tv_nsec = 0; ++ for (idx=0; idx < DIM(timertbl); idx++) ++ { ++ /* schedule any unscheduled timers */ ++ if ((!tv_is_set (timertbl[idx].next)) && tv_is_set (timertbl[idx].interval)) ++ npth_timeradd (&timertbl[idx].interval, &curtime, &timertbl[idx].next); ++ /* if a timer is due, fire it ... */ ++ if (tv_is_set (timertbl[idx].next)) ++ { ++ if (!(npth_timercmp (&curtime, &timertbl[idx].next, <))) ++ { ++ timertbl[idx].func (); ++ npth_clock_gettime (&curtime); ++ /* ...and reschedule it, if desired: */ ++ if (tv_is_set (timertbl[idx].interval)) ++ npth_timeradd (&timertbl[idx].interval, &curtime, &timertbl[idx].next); ++ else ++ timertbl[idx].next.tv_sec = timertbl[idx].next.tv_nsec = 0; ++ } ++ } ++ /* accumulate next timer to come due in abstime: */ ++ if (tv_is_set (timertbl[idx].next) && ++ ((!tv_is_set (abstime)) || ++ (npth_timercmp (&abstime, &timertbl[idx].next, >)))) ++ abstime = timertbl[idx].next; ++ } ++ /* choose a timeout for the select loop: */ ++ if (tv_is_set (abstime)) ++ { ++ npth_timersub (&abstime, &curtime, &timeout); ++ select_timeout = &timeout; ++ } ++ else ++ select_timeout = NULL; ++ + + #ifndef HAVE_W32_SYSTEM +- ret = npth_pselect (nfd+1, &read_fdset, NULL, NULL, &timeout, ++ ret = npth_pselect (nfd+1, &read_fdset, NULL, NULL, select_timeout, + npth_sigev_sigmask ()); + saved_errno = errno; + +@@ -2887,7 +2917,7 @@ handle_connections (gnupg_fd_t listen_fd, + handle_signal (signo); + } + #else +- ret = npth_eselect (nfd+1, &read_fdset, NULL, NULL, &timeout, ++ ret = npth_eselect (nfd+1, &read_fdset, NULL, NULL, select_timeout, + events, &events_set); + saved_errno = errno; + +@@ -2910,7 +2940,6 @@ handle_connections (gnupg_fd_t listen_fd, + + if (!shutdown_pending) + { +- int idx; + ctrl_t ctrl; + npth_t thread; + diff --git a/patches/gpg-agent-idling/0002-agent-Allow-threads-to-interrupt-main-select-loop-wi.patch b/patches/gpg-agent-idling/0002-agent-Allow-threads-to-interrupt-main-select-loop-wi.patch new file mode 100644 index 0000000..317cea5 --- /dev/null +++ b/patches/gpg-agent-idling/0002-agent-Allow-threads-to-interrupt-main-select-loop-wi.patch @@ -0,0 +1,93 @@ +From: Daniel Kahn Gillmor +Date: Tue, 1 Nov 2016 00:45:23 -0400 +Subject: agent: Allow threads to interrupt main select loop with SIGCONT. + +* agent/gpg-agent.c (interrupt_main_thread_loop): New function on +non-windows platforms, allows other threads to interrupt the main loop +if there's something that the main loop might be interested in. + +-- + +For example, the main loop might be interested in changes in program +state that affect the timers it expects to see. + +I don't know how to do this on Windows platforms, but i welcome any +proposed improvements. + +Signed-off-by: Daniel Kahn Gillmor +--- + agent/agent.h | 1 + + agent/gpg-agent.c | 18 +++++++++++++++++- + 2 files changed, 18 insertions(+), 1 deletion(-) + +diff --git a/agent/agent.h b/agent/agent.h +index 2db5a5c74..4e75b2a56 100644 +--- a/agent/agent.h ++++ b/agent/agent.h +@@ -345,6 +345,7 @@ void *get_agent_scd_notify_event (void); + #endif + void agent_sighup_action (void); + int map_pk_openpgp_to_gcry (int openpgp_algo); ++void interrupt_main_thread_loop (void); + + /*-- command.c --*/ + gpg_error_t agent_inq_pinentry_launched (ctrl_t ctrl, unsigned long pid, +diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c +index 25aae6af0..73cd560aa 100644 +--- a/agent/gpg-agent.c ++++ b/agent/gpg-agent.c +@@ -384,6 +384,9 @@ static char *current_logfile; + watched. */ + static pid_t parent_pid = (pid_t)(-1); + ++/* Record the pid of the main thread, for easier signalling */ ++static pid_t main_thread_pid = (pid_t)(-1); ++ + /* Number of active connections. */ + static int active_connections; + +@@ -2032,7 +2035,7 @@ get_agent_scd_notify_event (void) + GetCurrentProcess(), &h2, + EVENT_MODIFY_STATE|SYNCHRONIZE, TRUE, 0)) + { +- log_error ("setting syncronize for scd notify event failed: %s\n", ++ log_error ("setting synchronize for scd notify event failed: %s\n", + w32_strerror (-1) ); + CloseHandle (h); + } +@@ -2358,6 +2361,10 @@ handle_signal (int signo) + agent_sigusr2_action (); + break; + ++ /* nothing to do here, just take an extra cycle on the select loop */ ++ case SIGCONT: ++ break; ++ + case SIGTERM: + if (!shutdown_pending) + log_info ("SIGTERM received - shutting down ...\n"); +@@ -2696,6 +2703,13 @@ start_connection_thread_ssh (void *arg) + } + + ++void interrupt_main_thread_loop (void) ++{ ++#ifndef HAVE_W32_SYSTEM ++ kill (main_thread_pid, SIGCONT); ++#endif ++} ++ + /* helper function for readability: test whether a given struct + timespec is set to all-zeros */ + static inline int +@@ -2764,8 +2778,10 @@ handle_connections (gnupg_fd_t listen_fd, + npth_sigev_add (SIGUSR1); + npth_sigev_add (SIGUSR2); + npth_sigev_add (SIGINT); ++ npth_sigev_add (SIGCONT); + npth_sigev_add (SIGTERM); + npth_sigev_fini (); ++ main_thread_pid = getpid (); + #else + # ifdef HAVE_W32CE_SYSTEM + /* Use a dummy event. */ diff --git a/patches/gpg-agent-idling/0003-agent-Avoid-tight-timer-tick-when-possible.patch b/patches/gpg-agent-idling/0003-agent-Avoid-tight-timer-tick-when-possible.patch new file mode 100644 index 0000000..f107e78 --- /dev/null +++ b/patches/gpg-agent-idling/0003-agent-Avoid-tight-timer-tick-when-possible.patch @@ -0,0 +1,112 @@ +From: Daniel Kahn Gillmor +Date: Tue, 1 Nov 2016 00:14:10 -0400 +Subject: agent: Avoid tight timer tick when possible. + +* agent/gpg-agent.c (need_tick): Evaluate whether the short-phase +handle_tick() is needed. +(handle_connections): On each cycle of the select loop, adjust whether +we should call handle_tick() or not. +(start_connection_thread_ssh, do_start_connection_thread): Signal the +main loop when the child terminates. +* agent/call-scd.c (start_scd): Call interrupt_main_thread_loop() once +the scdaemon thread context has started up. + +-- + +With this change, an idle gpg-agent that has no scdaemon running only +wakes up once a minute (to check_own_socket). + +Thanks to Ian Jackson and NIIBE Yutaka who helped me improve some of +the blocking and corner cases. + +Signed-off-by: Daniel Kahn Gillmor +--- + agent/call-scd.c | 4 +++- + agent/gpg-agent.c | 31 ++++++++++++++++++++++++++++--- + 2 files changed, 31 insertions(+), 4 deletions(-) + +diff --git a/agent/call-scd.c b/agent/call-scd.c +index 15a2ba529..0bf603084 100644 +--- a/agent/call-scd.c ++++ b/agent/call-scd.c +@@ -407,7 +407,9 @@ start_scd (ctrl_t ctrl) + + primary_scd_ctx = ctx; + primary_scd_ctx_reusable = 0; +- ++ /* notify the main loop that something has changed */ ++ interrupt_main_thread_loop (); ++ + leave: + xfree (abs_homedir); + if (err) +diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c +index 73cd560aa..b33de7d39 100644 +--- a/agent/gpg-agent.c ++++ b/agent/gpg-agent.c +@@ -2279,6 +2279,26 @@ create_directories (void) + } + + ++static int ++need_tick (void) ++{ ++#ifdef HAVE_W32_SYSTEM ++ /* We do not know how to interrupt the select loop on Windows, so we ++ always need a short tick there. */ ++ return 1; ++#else ++ /* if we were invoked like "gpg-agent cmd arg1 arg2" then we need to ++ watch our parent. */ ++ if (parent_pid != (pid_t)(-1)) ++ return 1; ++ /* if scdaemon is running, we need to check that it's alive */ ++ if (agent_scd_check_running ()) ++ return 1; ++ /* otherwise, nothing fine-grained to do. */ ++ return 0; ++#endif /*HAVE_W32_SYSTEM*/ ++} ++ + + /* This is the worker for the ticker. It is called every few seconds + and may only do fast operations. */ +@@ -2337,7 +2357,7 @@ agent_sigusr2_action (void) + + #ifndef HAVE_W32_SYSTEM + /* The signal handler for this program. It is expected to be run in +- its own trhead and not in the context of a signal handler. */ ++ its own thread and not in the context of a signal handler. */ + static void + handle_signal (int signo) + { +@@ -2618,7 +2638,8 @@ do_start_connection_thread (ctrl_t ctrl) + + agent_deinit_default_ctrl (ctrl); + xfree (ctrl); +- active_connections--; ++ if (--active_connections == 0) ++ interrupt_main_thread_loop(); + return NULL; + } + +@@ -2698,7 +2719,8 @@ start_connection_thread_ssh (void *arg) + + agent_deinit_default_ctrl (ctrl); + xfree (ctrl); +- active_connections--; ++ if (--active_connections == 0) ++ interrupt_main_thread_loop(); + return NULL; + } + +@@ -2883,6 +2905,9 @@ handle_connections (gnupg_fd_t listen_fd, + thus a simple assignment is fine to copy the entire set. */ + read_fdset = fdset; + ++ /* avoid a fine-grained timer if we don't need one: */ ++ timertbl[0].interval.tv_sec = need_tick () ? TIMERTICK_INTERVAL : 0; ++ + /* loop through all timers, fire any registered functions, and + plan next timer to trigger */ + npth_clock_gettime (&curtime); diff --git a/patches/gpg-agent-idling/0004-agent-Avoid-scheduled-checks-on-socket-when-inotify-.patch b/patches/gpg-agent-idling/0004-agent-Avoid-scheduled-checks-on-socket-when-inotify-.patch new file mode 100644 index 0000000..557deff --- /dev/null +++ b/patches/gpg-agent-idling/0004-agent-Avoid-scheduled-checks-on-socket-when-inotify-.patch @@ -0,0 +1,26 @@ +From: Daniel Kahn Gillmor +Date: Tue, 1 Nov 2016 00:57:44 -0400 +Subject: agent: Avoid scheduled checks on socket when inotify is working. + +* agent/gpg-agent.c (handle_connections): When inotify is working, we +do not need to schedule a timer to evaluate whether we control our own +socket or not. + +Signed-off-by: Daniel Kahn Gillmor +--- + agent/gpg-agent.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c +index b33de7d39..56c28a679 100644 +--- a/agent/gpg-agent.c ++++ b/agent/gpg-agent.c +@@ -2907,6 +2907,8 @@ handle_connections (gnupg_fd_t listen_fd, + + /* avoid a fine-grained timer if we don't need one: */ + timertbl[0].interval.tv_sec = need_tick () ? TIMERTICK_INTERVAL : 0; ++ /* avoid waking up to check sockets if we can count on inotify */ ++ timertbl[1].interval.tv_sec = (my_inotify_fd == -1) ? CHECK_OWN_SOCKET_INTERVAL : 0; + + /* loop through all timers, fire any registered functions, and + plan next timer to trigger */ diff --git a/patches/series b/patches/series new file mode 100644 index 0000000..4ec24b8 --- /dev/null +++ b/patches/series @@ -0,0 +1,78 @@ +debian-packaging/0001-avoid-beta-warning.patch +block-ptrace-on-agent/0002-Avoid-simple-memory-dumps-via-ptrace.patch +debian-packaging/0003-avoid-regenerating-defsincdate-use-shipped-file.patch +dirmngr-idling/0001-dirmngr-hkp-Avoid-potential-race-condition-when-some.patch +dirmngr-idling/0002-dimrngr-Avoid-need-for-hkp-housekeeping.patch +dirmngr-idling/0004-dirmngr-Avoid-automatically-checking-upstream-swdb.patch +dirmngr-idling/0005-dirmngr-Drop-useless-housekeeping.patch +gpg-agent-idling/0001-agent-Create-framework-of-scheduled-timers.patch +gpg-agent-idling/0002-agent-Allow-threads-to-interrupt-main-select-loop-wi.patch +gpg-agent-idling/0003-agent-Avoid-tight-timer-tick-when-possible.patch +gpg-agent-idling/0004-agent-Avoid-scheduled-checks-on-socket-when-inotify-.patch +0012-tools-Fix-memory-leak.patch +0013-tools-Improve-error-handling.patch +0014-dirmngr-New-option-disable-ipv4.patch +0015-dirmngr-Simplify-error-returning-inside-http.c.patch +0016-gpg-Print-a-warning-on-Tor-problems.patch +0017-agent-Fix-double-free.patch +0018-gpg-Fix-searching-for-mail-addresses-in-keyrings.patch +0019-dirmngr-New-option-no-use-tor-and-internal-changes.patch +0020-gpg-Remove-period-at-end-of-warning.patch +0021-gpg-Add-newline-to-output.patch +0022-gpg-Only-print-out-TOFU-statistics-for-conflicts-in-.patch +0023-gpg-If-there-is-a-TOFU-conflict-elide-the-too-few-me.patch +0024-gpg-Ensure-TOFU-bindings-associated-with-UTKs-are-re.patch +0025-gpg-Don-t-assume-that-strtoul-interprets-as-0.patch +0026-gpg-More-diagnostics-for-a-launched-pinentry.patch +0027-doc-Clarify-abbreviation-of-help.patch +0028-scd-Backport-two-fixes-from-master.patch +0029-scd-Fix-use-case-of-PC-SC.patch +0030-scd-Fix-factory-reset.patch +0031-gpg-Fix-aliases-list-key-list-sig-and-check-sig.patch +0032-gpg-common-Make-sure-that-all-fd-given-are-valid.patch +0033-common-Avoid-warning-about-implicit-declaration-of-g.patch +0034-gpg-Fix-memory-leak-in-the-error-case-of-signature-c.patch +0035-gpg-Print-a-warning-if-no-command-has-been-given.patch +0036-gpgconf-No-ENOENT-warning-with-change-options-et-al.patch +0037-dirmngr-Do-a-DNS-lookup-even-if-it-is-missing-from-n.patch +0038-gpg-Make-export-ssh-key-work-for-the-primary-key.patch +0039-dirmngr-Avoid-PTR-lookup-for-hosts-in-a-pool.patch +0040-gpgv-w32-Fix-status-fd.patch +0041-gpg-tools-Make-trust-model-configurable-via-gpgconf.patch +0042-gpg-tools-Make-auto-key-retrieve-configurable-via-gp.patch +0043-gpg-Allow-creating-keys-using-an-existing-ECC-key.patch +0044-gpg-Make-export-options-work-with-export-secret-keys.patch +0045-common-tools-Always-escape-newlines-when-escaping-da.patch +0046-g10-Signal-an-error-when-trying-to-revoke-non-exista.patch +0047-gpg-Fix-possible-segv-when-attribute-packets-are-fil.patch +0048-gpg-Fix-attempt-to-double-free-an-UID-structure.patch +0049-doc-Add-a-note-to-the-trust-model-direct.patch +0050-gpg-Flush-stdout-before-printing-stats-with-check-si.patch +0051-dirmngr-Ignore-warning-alerts-in-the-GNUTLS-handshak.patch +0052-gpg-Make-sure-the-conflict-set-includes-the-current-.patch +0053-dirmngr-Load-the-hosts-file-into-libdns.patch +0054-dirmngr-Fix-error-handling.patch +0055-common-Implicitly-do-a-gpgconf-create-socketdir.patch +0056-common-Fix-connecting-to-the-agent.patch +0057-g10-Fix-memory-leak.patch +0058-common-Avoid-undefined-behavior.patch +0059-gpg-Handle-critical-marked-Reason-for-Revocation.patch +0060-dirmngr-Do-not-assume-that-etc-hosts-exists.patch +0061-dirmngr-Always-print-a-warning-for-a-missing-etc-hos.patch +0062-dirmngr-Handle-EIO-which-is-sometimes-returned-by-co.patch +0063-dirmngr-New-option-disable-ipv6.patch +0064-agent-Serialize-access-to-passphrase-cache.patch +0065-gpg-Fix-printing-of-offline-taken-subkey.patch +0066-doc-Explain-the-in-a-key-listing.patch +0067-dirmngr-Fix-possible-null-reference.patch +0068-tools-Fix-condition-for-gpg-connect-agent.patch +0069-dirmngr-Fix-alignment-of-ADDR.patch +0070-dirmngr-Fix-http.c-for-sockaddr_storage.patch +0071-g10-Fix-import-export-filter-property-match.patch +0072-g10-Minor-fixes.patch +0073-dirmngr-Fix-final-close-of-LISTEN_FD.patch +0074-g10-invalidate-the-fd-cache-for-keyring.patch +0075-dirmngr-Fix-aliasing-problem-in-dns.c.patch +skip-missing-signing-keys/0076-g10-Skip-signing-keys-where-no-secret-key-is-availab.patch +skel-file-removal/0077-g10-remove-skeleton-options-files.patch +avoid-spurious-warnings/0078-gpg-Avoid-spurious-warnings-about-trust-packets.patch diff --git a/patches/skel-file-removal/0077-g10-remove-skeleton-options-files.patch b/patches/skel-file-removal/0077-g10-remove-skeleton-options-files.patch new file mode 100644 index 0000000..55e63f0 --- /dev/null +++ b/patches/skel-file-removal/0077-g10-remove-skeleton-options-files.patch @@ -0,0 +1,440 @@ +From: Daniel Kahn Gillmor +Date: Mon, 17 Apr 2017 10:51:55 -0400 +Subject: g10: remove skeleton options files + +* build-aux/speed/w32/inst.nsi: stop installing skeleton files. +* doc/gpg.texi: stop documenting skeleton files. +* g10/Makefile.am: stop installing skeleton files. +* g10/openfile.c (copy_options_file): Remove. +(try_make_homedir): do not call copy_options_file() + +The defaults for gpg and dirmngr are good. Both programs should work +fine for the simple case without any config file. The skeleton config +files were being copied at first use (when the defaults are fine). +But when the user needs to fiddle with them (after they've become +sophisticated users), they're likely out of date because gpg has been +upgraded since then. So they're used for documentation, but they're +stale documentation, which is probably worse than a clean empty file. + +-- + +GnuPG-bug-id: 3086 +Signed-off-by: Daniel Kahn Gillmor +--- + build-aux/speedo/w32/inst.nsi | 2 - + doc/gpg.texi | 4 -- + g10/Makefile.am | 8 +-- + g10/dirmngr-conf.skel | 69 --------------------- + g10/openfile.c | 102 ------------------------------- + g10/options.skel | 139 ------------------------------------------ + 6 files changed, 1 insertion(+), 323 deletions(-) + delete mode 100644 g10/dirmngr-conf.skel + delete mode 100644 g10/options.skel + +diff --git a/build-aux/speedo/w32/inst.nsi b/build-aux/speedo/w32/inst.nsi +index 164e26b..779c759 100644 +--- a/build-aux/speedo/w32/inst.nsi ++++ b/build-aux/speedo/w32/inst.nsi +@@ -607,8 +607,6 @@ Section "GnuPG" SEC_gnupg + Rename /REBOOTOK scdaemon.exe.tmp scdaemon.exe + + SetOutPath "$INSTDIR\share\gnupg" +- File "share/gnupg/gpg-conf.skel" +- File "share/gnupg/dirmngr-conf.skel" + File "share/gnupg/distsigkey.gpg" + + SetOutPath "$INSTDIR\share\locale\ca\LC_MESSAGES" +diff --git a/doc/gpg.texi b/doc/gpg.texi +index c591049..a7d78c4 100644 +--- a/doc/gpg.texi ++++ b/doc/gpg.texi +@@ -3452,10 +3452,6 @@ files; They all live in in the current home directory (@pxref{option + You should backup all files in this directory and take care to keep + this backup closed away. + +- @item @value{DATADIR}/options.skel +- @efindex options.skel +- The skeleton options file. +- + @end table + + Operation is further controlled by a few environment variables: +diff --git a/g10/Makefile.am b/g10/Makefile.am +index 604be93..19c5c78 100644 +--- a/g10/Makefile.am ++++ b/g10/Makefile.am +@@ -18,7 +18,7 @@ + + ## Process this file with automake to produce Makefile.in + +-EXTRA_DIST = options.skel dirmngr-conf.skel distsigkey.gpg \ ++EXTRA_DIST = distsigkey.gpg \ + ChangeLog-2011 gpg-w32info.rc \ + gpg.w32-manifest.in test.c t-keydb-keyring.kbx \ + t-keydb-get-keyblock.gpg t-stutter-data.asc +@@ -238,18 +238,12 @@ install-exec-hook: + + install-data-local: + $(mkinstalldirs) $(DESTDIR)$(pkgdatadir) +- $(INSTALL_DATA) $(srcdir)/options.skel \ +- $(DESTDIR)$(pkgdatadir)/gpg-conf.skel +- $(INSTALL_DATA) $(srcdir)/dirmngr-conf.skel \ +- $(DESTDIR)$(pkgdatadir)/dirmngr-conf.skel + $(INSTALL_DATA) $(srcdir)/distsigkey.gpg \ + $(DESTDIR)$(pkgdatadir)/distsigkey.gpg + + # NB: For uninstalling gpg and gpgv we use -local because there is + # no need for a specific order the targets need to be run. + uninstall-local: +- -@rm $(DESTDIR)$(pkgdatadir)/gpg-conf.skel +- -@rm $(DESTDIR)$(pkgdatadir)/dirmngr-conf.skel + -@rm $(DESTDIR)$(pkgdatadir)/distsigkey.gpg + -@files=`for p in $(gpg2_hack_uninst); do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ +diff --git a/g10/dirmngr-conf.skel b/g10/dirmngr-conf.skel +deleted file mode 100644 +index fbb730b..0000000 +--- a/g10/dirmngr-conf.skel ++++ /dev/null +@@ -1,69 +0,0 @@ +-# dirmngr-conf.skel - Skeleton to create dirmngr.conf. +-# (Note that the first three lines are not copied.) +-# +-# dirmngr.conf - Options for Dirmngr +-# Written in 2015 by The GnuPG Project +-# +-# To the extent possible under law, the authors have dedicated all +-# copyright and related and neighboring rights to this file to the +-# public domain worldwide. This file is distributed without any +-# warranty. You should have received a copy of the CC0 Public Domain +-# Dedication along with this file. If not, see +-# . +-# +-# +-# Unless you specify which option file to use (with the command line +-# option "--options filename"), the file ~/.gnupg/dirmngr.conf is used +-# by dirmngr. The file can contain any long options which are valid +-# for Dirmngr. If the first non white space character of a line is a +-# '#', the line is ignored. Empty lines are also ignored. See the +-# dirmngr man page or the manual for a list of options. +-# +- +-# --keyserver URI +-# +-# GPG can send and receive keys to and from a keyserver. These +-# servers can be HKP, Email, or LDAP (if GnuPG is built with LDAP +-# support). +-# +-# Example HKP keyservers: +-# hkp://keys.gnupg.net +-# +-# Example HKP keyserver using a Tor OnionBalance service +-# hkp://jirk5u4osbsr34t5.onion +-# +-# Example HKPS keyservers (see --hkp-cacert below): +-# hkps://hkps.pool.sks-keyservers.net +-# +-# Example LDAP keyservers: +-# ldap://pgp.surfnet.nl:11370 +-# +-# Regular URL syntax applies, and you can set an alternate port +-# through the usual method: +-# hkp://keyserver.example.net:22742 +-# +-# Most users just set the name and type of their preferred keyserver. +-# Note that most servers (with the notable exception of +-# ldap://keyserver.pgp.com) synchronize changes with each other. Note +-# also that a single server name may actually point to multiple +-# servers via DNS round-robin. hkp://keys.gnupg.net is an example of +-# such a "server", which spreads the load over a number of physical +-# servers. +-# +-# If exactly two keyservers are configured and only one is a Tor hidden +-# service, Dirmngr selects the keyserver to use depending on whether +-# Tor is locally running or not (on a per session base). +- +-keyserver hkp://jirk5u4osbsr34t5.onion +-keyserver hkp://keys.gnupg.net +- +-# --hkp-cacert FILENAME +-# +-# For the "hkps" scheme (keyserver access over TLS), Dirmngr needs to +-# know the root certificates for verification of the TLS certificates +-# used for the connection. Enter the full name of a file with the +-# root certificates here. If that file is in PEM format a ".pem" +-# suffix is expected. This option may be given multiple times to add +-# more root certificates. Tilde expansion is supported. +- +-#hkp-cacert /path/to/CA/sks-keyservers.netCA.pem +diff --git a/g10/openfile.c b/g10/openfile.c +index f62deec..2e8c102 100644 +--- a/g10/openfile.c ++++ b/g10/openfile.c +@@ -36,12 +36,6 @@ + #include "status.h" + #include "i18n.h" + +-#ifdef USE_ONLY_8DOT3 +-#define SKELEXT ".skl" +-#else +-#define SKELEXT EXTSEP_S "skel" +-#endif +- + #ifdef HAVE_W32_SYSTEM + #define NAME_OF_DEV_NULL "nul" + #else +@@ -373,93 +367,6 @@ open_sigfile (const char *sigfilename, progress_filter_context_t *pfx) + } + + +-/**************** +- * Copy the option file skeleton for NAME to the given directory. +- * Returns true if the new option file has any option. +- */ +-static int +-copy_options_file (const char *destdir, const char *name) +-{ +- const char *datadir = gnupg_datadir (); +- char *fname; +- FILE *src, *dst; +- int linefeeds=0; +- int c; +- mode_t oldmask; +- int esc = 0; +- int any_option = 0; +- +- if (opt.dry_run) +- return 0; +- +- fname = xstrconcat (datadir, DIRSEP_S, name, "-conf", SKELEXT, NULL); +- src = fopen (fname, "r"); +- if (src && is_secured_file (fileno (src))) +- { +- fclose (src); +- src = NULL; +- gpg_err_set_errno (EPERM); +- } +- if (!src) +- { +- log_info (_("can't open '%s': %s\n"), fname, strerror(errno)); +- xfree(fname); +- return 0; +- } +- xfree (fname); +- fname = xstrconcat (destdir, DIRSEP_S, name, EXTSEP_S, "conf", NULL); +- +- oldmask = umask (077); +- if (is_secured_filename (fname)) +- { +- dst = NULL; +- gpg_err_set_errno (EPERM); +- } +- else +- dst = fopen( fname, "w" ); +- umask (oldmask); +- +- if (!dst) +- { +- log_info (_("can't create '%s': %s\n"), fname, strerror(errno) ); +- fclose (src); +- xfree (fname); +- return 0; +- } +- +- while ((c = getc (src)) != EOF) +- { +- if (linefeeds < 3) +- { +- if (c == '\n') +- linefeeds++; +- } +- else +- { +- putc (c, dst); +- if (c== '\n') +- esc = 1; +- else if (esc == 1) +- { +- if (c == ' ' || c == '\t') +- ; +- else if (c == '#') +- esc = 2; +- else +- any_option = 1; +- } +- } +- } +- +- fclose (dst); +- fclose (src); +- +- log_info (_("new configuration file '%s' created\n"), fname); +- xfree (fname); +- return any_option; +-} +- +- + void + try_make_homedir (const char *fname) + { +@@ -489,15 +396,6 @@ try_make_homedir (const char *fname) + fname, strerror(errno) ); + else if (!opt.quiet ) + log_info ( _("directory '%s' created\n"), fname ); +- +- /* Note that we also copy a dirmngr.conf file here. This is +- because gpg is likely the first invoked tool and thus creates +- the directory. */ +- copy_options_file (fname, DIRMNGR_NAME); +- if (copy_options_file (fname, GPG_NAME)) +- log_info (_("WARNING: options in '%s'" +- " are not yet active during this run\n"), +- fname); + } + } + +diff --git a/g10/options.skel b/g10/options.skel +deleted file mode 100644 +index 87fc627..0000000 +--- a/g10/options.skel ++++ /dev/null +@@ -1,139 +0,0 @@ +-# These first three lines are not copied to the gpg.conf file in +-# the users home directory. +-# $Id$ +-# Options for GnuPG +-# Copyright 1998-2003, 2010 Free Software Foundation, Inc. +-# Copyright 1998-2003, 2010 Werner Koch +-# +-# This file is free software; as a special exception the author gives +-# unlimited permission to copy and/or distribute it, with or without +-# modifications, as long as this notice is preserved. +-# +-# This file is distributed in the hope that it will be useful, but +-# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the +-# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +-# +-# Unless you specify which option file to use (with the command line +-# option "--options filename"), GnuPG uses the file ~/.gnupg/gpg.conf +-# by default. +-# +-# An options file can contain any long options which are available in +-# GnuPG. If the first non white space character of a line is a '#', +-# this line is ignored. Empty lines are also ignored. +-# +-# See the gpg man page for a list of options. +- +- +-# If you have more than 1 secret key in your keyring, you may want to +-# uncomment the following option and set your preferred keyid. +- +-#default-key 621CC013 +- +- +-# If you do not pass a recipient to gpg, it will ask for one. Using +-# this option you can encrypt to a default key. Key validation will +-# not be done in this case. The second form uses the default key as +-# default recipient. +- +-#default-recipient some-user-id +-#default-recipient-self +- +- +-# Group names may be defined like this: +-# group mynames = paige 0x12345678 joe patti +-# +-# Any time "mynames" is a recipient (-r or --recipient), it will be +-# expanded to the names "paige", "joe", and "patti", and the key ID +-# "0x12345678". Note there is only one level of expansion - you +-# cannot make an group that points to another group. Note also that +-# if there are spaces in the recipient name, this will appear as two +-# recipients. In these cases it is better to use the key ID. +- +-#group mynames = paige 0x12345678 joe patti +- +- +-# GnuPG can automatically locate and retrieve keys as needed using +-# this option. This happens when encrypting to an email address (in +-# the "user@@example.com" form) and there are no keys matching +-# "user@example.com" in the local keyring. This option takes any +-# number mechanisms which are tried in the given order. The default +-# is "--auto-key-locate local" to search for keys only in the local +-# key database. Uncomment the next line to locate a missing key using +-# two DNS based mechanisms. +- +-#auto-key-locate local,pka,dane +- +- +-# Common options for keyserver functions: +-# (Note that the --keyserver option has been moved to dirmngr.conf) +-# +-# include-disabled = when searching, include keys marked as "disabled" +-# on the keyserver (not all keyservers support this). +-# +-# no-include-revoked = when searching, do not include keys marked as +-# "revoked" on the keyserver. +-# +-# verbose = show more information as the keys are fetched. +-# Can be used more than once to increase the amount +-# of information shown. +-# +-# auto-key-retrieve = automatically fetch keys as needed from the keyserver +-# when verifying signatures or when importing keys that +-# have been revoked by a revocation key that is not +-# present on the keyring. +-# +-# no-include-attributes = do not include attribute IDs (aka "photo IDs") +-# when sending keys to the keyserver. +- +-#keyserver-options auto-key-retrieve +- +- +-# Uncomment this line to display photo user IDs in key listings and +-# when a signature from a key with a photo is verified. +- +-#show-photos +- +- +-# Use this program to display photo user IDs +-# +-# %i is expanded to a temporary file that contains the photo. +-# %I is the same as %i, but the file isn't deleted afterwards by GnuPG. +-# %k is expanded to the key ID of the key. +-# %K is expanded to the long OpenPGP key ID of the key. +-# %t is expanded to the extension of the image (e.g. "jpg"). +-# %T is expanded to the MIME type of the image (e.g. "image/jpeg"). +-# %f is expanded to the fingerprint of the key. +-# %% is %, of course. +-# +-# If %i or %I are not present, then the photo is supplied to the +-# viewer on standard input. If your platform supports it, standard +-# input is the best way to do this as it avoids the time and effort in +-# generating and then cleaning up a secure temp file. +-# +-# The default program is "xloadimage -fork -quiet -title 'KeyID 0x%k' stdin" +-# On Mac OS X and Windows, the default is to use your regular JPEG image +-# viewer. +-# +-# Some other viewers: +-# photo-viewer "qiv %i" +-# photo-viewer "ee %i" +-# photo-viewer "display -title 'KeyID 0x%k'" +-# +-# This one saves a copy of the photo ID in your home directory: +-# photo-viewer "cat > ~/photoid-for-key-%k.%t" +-# +-# Use your MIME handler to view photos: +-# photo-viewer "metamail -q -d -b -c %T -s 'KeyID 0x%k' -f GnuPG" +- +- +-# Because some mailers change lines starting with "From " to ">From " +-# it is good to handle such lines in a special way when creating +-# cleartext signatures; all other PGP versions do it this way too. +-# To enable full OpenPGP compliance you may want to use this option. +- +-#no-escape-from-lines +- +- +-# Uncomment the following option to get rid of the copyright notice +- +-#no-greeting diff --git a/patches/skip-missing-signing-keys/0076-g10-Skip-signing-keys-where-no-secret-key-is-availab.patch b/patches/skip-missing-signing-keys/0076-g10-Skip-signing-keys-where-no-secret-key-is-availab.patch new file mode 100644 index 0000000..628565d --- /dev/null +++ b/patches/skip-missing-signing-keys/0076-g10-Skip-signing-keys-where-no-secret-key-is-availab.patch @@ -0,0 +1,51 @@ +From: Simon Arlott +Date: Sun, 5 Feb 2017 16:31:35 -0500 +Subject: g10: Skip signing keys where no secret key is available. + +* g10/getkey.c (finish_lookup): When requiring PUBKEY_USAGE_SIG, skip +over keys where no signing key is available. + +-- + +This should only be relevant when gpg is required to choose which key +to sign with -- if verifying signatures, we already know which subkey +to look at, and indeed gpg doesn't seem to have a problem with this. + +This patch comes from +https://bugs.gnupg.org/gnupg/file793/sign-fix.patch + +I (dkg) have reviewed and tested it with missing local keys, and it +makes sense to me as the default behavior. If the user has the secret +key for a signing-capable subkey available and the command is --sign, +it should be used. + +If the user has explicitly specified a subkey that happens to be +missing (e.g. with the trailing ! for --default-key 0x${FPR}!) then +this does not override that behavior (the signature will still fail). + +GnuPG-bug-id: 1967 +Debian-bug-id: 834922 + +Signed-off-by: Daniel Kahn Gillmor +--- + g10/getkey.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/g10/getkey.c b/g10/getkey.c +index 961d7de..bb31dfb 100644 +--- a/g10/getkey.c ++++ b/g10/getkey.c +@@ -3529,6 +3529,13 @@ finish_lookup (kbnode_t keyblock, unsigned int req_usage, int want_exact, + continue; + } + ++ if ((req_usage & PUBKEY_USAGE_SIG) && agent_probe_secret_key (NULL, pk)) ++ { ++ if (DBG_LOOKUP) ++ log_debug ("\tno secret key for signing\n"); ++ continue; ++ } ++ + if (DBG_LOOKUP) + log_debug ("\tsubkey might be fine\n"); + /* In case a key has a timestamp of 0 set, we make sure diff --git a/rules b/rules new file mode 100755 index 0000000..241cead --- /dev/null +++ b/rules @@ -0,0 +1,67 @@ +#!/usr/bin/make -f +# debian/rules file - for GnuPG +# Copyright 1994,1995 by Ian Jackson. +# Copyright 1998-2003 by James Troup. +# Copyright 2003-2004 by Matthias Urlichs. +# +# I hereby give you perpetual unlimited permission to copy, +# modify and relicense this file, provided that you do not remove +# my name from the file itself. (I assert my moral right of +# paternity under the Copyright, Designs and Patents Act 1988.) +# This file may have to be extensively modified + +include /usr/share/dpkg/architecture.mk + +export DEB_BUILD_MAINT_OPTIONS = hardening=+all + +# avoid -pie for gpgv-static on hppa, kfreebsd-amd64, and x32 +# platforms, which cannot support it by default: +ifeq (,$(filter $(DEB_HOST_ARCH), hppa kfreebsd-amd64 x32)) +GPGV_STATIC_HARDENING = "-pie" +else +GPGV_STATIC_HARDENING = "" +endif + +%: + dh $@ --with=autoreconf --builddirectory=build + +GPGV_UDEB_UNNEEDED = gpgtar bzip2 gpgsm scdaemon dirmngr doc tofu exec ldap gnutls sqlite libdns + +WIN32_FLAGS=LDFLAGS="-Xlinker --no-insert-timestamp -static" CFLAGS="-g -Os" CPPFLAGS= + +override_dh_auto_configure: + dh_auto_configure --builddirectory=build-gpgv-udeb -- \ + --enable-gpg2-is-gpg \ + $(foreach x, $(GPGV_UDEB_UNNEEDED), --disable-$(x)) + dh_auto_configure --builddirectory=build -- --libexecdir=\$${prefix}/lib/gnupg \ + --enable-gpg2-is-gpg \ + --enable-symcryptrun --enable-large-secmem + +override_dh_auto_build-arch: + dh_auto_build --builddirectory=build-gpgv-udeb + dh_auto_build --builddirectory=build + cp -a build-gpgv-udeb build-gpgv-static + rm -f build-gpgv-static/g10/gpgv + cd build-gpgv-static/g10 && $(MAKE) LDFLAGS="$$LDFLAGS $(GPGV_STATIC_HARDENING) -static" gpgv + mv build-gpgv-static/g10/gpgv build-gpgv-static/g10/gpgv-static + +override_dh_auto_build-indep: + mkdir -p build-gpgv-win32 + cd build-gpgv-win32 && $(WIN32_FLAGS) ../configure \ + $(foreach x, $(GPGV_UDEB_UNNEEDED), --disable-$(x)) \ + $(foreach x, libgpg-error libgcrypt libassuan ksba npth, --with-$x-prefix=/usr/i686-w64-mingw32) \ + --enable-gpg2-is-gpg \ + --with-zlib=/usr/i686-w64-mingw \ + --prefix=/usr/i686-w64-mingw32 \ + --host i686-w64-mingw32 + cd build-gpgv-win32/common && $(WIN32_FLAGS) $(MAKE) libcommon.a + cd build-gpgv-win32/common && $(WIN32_FLAGS) $(MAKE) libgpgrl.a + cd build-gpgv-win32/common && $(WIN32_FLAGS) $(MAKE) libsimple-pwquery.a + cd build-gpgv-win32/kbx && $(WIN32_FLAGS) $(MAKE) libkeybox.a + cd build-gpgv-win32/g10 && $(WIN32_FLAGS) $(MAKE) gpgv.exe + strip build-gpgv-win32/g10/gpgv.exe + +override_dh_shlibdeps: +# Make ldap a recommends rather than a hard dependency. + dpkg-shlibdeps -Tdebian/dirmngr.substvars -dRecommends debian/dirmngr/usr/lib/gnupg/dirmngr_ldap -dDepends debian/dirmngr/usr/bin/dirmngr* + dh_shlibdeps -Ndirmngr diff --git a/scdaemon.examples b/scdaemon.examples new file mode 100644 index 0000000..29f41a8 --- /dev/null +++ b/scdaemon.examples @@ -0,0 +1 @@ +doc/examples/scd-event diff --git a/scdaemon.install b/scdaemon.install new file mode 100644 index 0000000..a2a79aa --- /dev/null +++ b/scdaemon.install @@ -0,0 +1 @@ +debian/tmp/usr/lib/gnupg/scdaemon diff --git a/scdaemon.lintian-overrides b/scdaemon.lintian-overrides new file mode 100644 index 0000000..b575cb1 --- /dev/null +++ b/scdaemon.lintian-overrides @@ -0,0 +1,4 @@ +# there is actually a function for interacting with the smartcard +# called "writen" that writes n octets; it is in the binary because it +# can be emitted in debug output: +scdaemon: spelling-error-in-binary usr/lib/gnupg/scdaemon writen written diff --git a/scdaemon.manpages b/scdaemon.manpages new file mode 100644 index 0000000..9efee23 --- /dev/null +++ b/scdaemon.manpages @@ -0,0 +1 @@ +debian/tmp/usr/share/man/man1/scdaemon.1 diff --git a/scdaemon.udev b/scdaemon.udev new file mode 100644 index 0000000..dd076df --- /dev/null +++ b/scdaemon.udev @@ -0,0 +1,63 @@ +# do not edit this file, it will be overwritten on update + +SUBSYSTEM!="usb", GOTO="gnupg_rules_end" +ACTION!="add", GOTO="gnupg_rules_end" + +# USB SmartCard Readers +## Cherry GmbH (XX33, ST2000) +ATTR{idVendor}=="046a", ATTR{idProduct}=="0005", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +ATTR{idVendor}=="046a", ATTR{idProduct}=="0010", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +ATTR{idVendor}=="046a", ATTR{idProduct}=="003e", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +## SCM Microsystems, Inc (SCR331-DI, SCR335, SCR3320, SCR331, SCR3310 and SPR532) +ATTR{idVendor}=="04e6", ATTR{idProduct}=="5111", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +ATTR{idVendor}=="04e6", ATTR{idProduct}=="5115", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +ATTR{idVendor}=="04e6", ATTR{idProduct}=="5116", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +ATTR{idVendor}=="04e6", ATTR{idProduct}=="5117", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +ATTR{idVendor}=="04e6", ATTR{idProduct}=="e001", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +ATTR{idVendor}=="04e6", ATTR{idProduct}=="e003", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +## Omnikey AG (CardMan 3821, CardMan 6121) +ATTR{idVendor}=="076b", ATTR{idProduct}=="3821", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +ATTR{idVendor}=="076b", ATTR{idProduct}=="6622", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +## Gemalto +ATTR{idVendor}=="08e6", ATTR{idProduct}=="3437", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +ATTR{idVendor}=="08e6", ATTR{idProduct}=="3438", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +ATTR{idVendor}=="08e6", ATTR{idProduct}=="3478", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +ATTR{idVendor}=="08e6", ATTR{idProduct}=="34c2", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +ATTR{idVendor}=="08e6", ATTR{idProduct}=="34ec", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +## Reiner (SCT cyberJack) +ATTR{idVendor}=="0c4b", ATTR{idProduct}=="0500", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +## Kobil (KAAN) +ATTR{idVendor}=="0d46", ATTR{idProduct}=="2012", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +## VASCO (DIGIPASS 920) +ATTR{idVendor}=="1a44", ATTR{idProduct}=="0920", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +## Crypto Stick +ATTR{idVendor}=="20a0", ATTR{idProduct}=="4107", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +## Nitrokey +ATTR{idVendor}=="20a0", ATTR{idProduct}=="4108", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +ATTR{idVendor}=="20a0", ATTR{idProduct}=="4109", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +ATTR{idVendor}=="20a0", ATTR{idProduct}=="4211", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +## Gnuk Token +ATTR{idVendor}=="234b", ATTR{idProduct}=="0000", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +## Alcor Micro Corp cardreader (in ThinkPad X250) +ATTR{idVendor}=="058f", ATTR{idProduct}=="9540", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +## Fujitsu Siemens +ATTR{idVendor}=="0bf8", ATTR{idProduct}=="1006", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +## Yubico +# Yubikey NEO OTP+CCID +ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0111", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +# Yubikey NEO CCID +ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0112", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +# Yubikey NEO U2F+CCID +ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0115", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +# Yubikey NEO OTP+U2F+CCID +ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0116", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +# Yubikey 4 CCID +ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0404", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +# Yubikey 4 OTP+CCID +ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0405", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +# Yubikey 4 U2F+CCID +ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0406", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +# Yubikey 4 OTP+U2F+CCID +ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0407", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" + +LABEL="gnupg_rules_end" diff --git a/source/format b/source/format new file mode 100644 index 0000000..163aaf8 --- /dev/null +++ b/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/source/lintian-overrides b/source/lintian-overrides new file mode 100644 index 0000000..b5221c7 --- /dev/null +++ b/source/lintian-overrides @@ -0,0 +1,4 @@ +# doc merely references / cites IETF RFC: +gnupg2 source: license-problem-non-free-RFC doc/OpenPGP +gnupg2 source: license-problem-non-free-RFC debian/copyright + diff --git a/source/options b/source/options new file mode 100644 index 0000000..f0f8ede --- /dev/null +++ b/source/options @@ -0,0 +1,3 @@ +# let dpkg-source create a debian.tar.bz2 with maximal compression +compression = "bzip2" +compression-level = 9 diff --git a/systemd-user/gpg-agent-browser.socket b/systemd-user/gpg-agent-browser.socket new file mode 100644 index 0000000..67690ce --- /dev/null +++ b/systemd-user/gpg-agent-browser.socket @@ -0,0 +1,13 @@ +[Unit] +Description=GnuPG cryptographic agent (access for web browsers) +Documentation=man:gpg-agent(1) + +[Socket] +ListenStream=%t/gnupg/S.gpg-agent.browser +FileDescriptorName=browser +Service=gpg-agent.service +SocketMode=0600 +DirectoryMode=0700 + +[Install] +WantedBy=sockets.target diff --git a/tests/control b/tests/control new file mode 100644 index 0000000..9178821 --- /dev/null +++ b/tests/control @@ -0,0 +1,3 @@ +Tests: gpgv-win32 +Depends: gpgv-win32, gnupg2, gpgv2 +Restrictions: needs-root, allow-stderr diff --git a/tests/gpgv-win32 b/tests/gpgv-win32 new file mode 100755 index 0000000..3142a65 --- /dev/null +++ b/tests/gpgv-win32 @@ -0,0 +1,54 @@ +#!/bin/sh + +set -e + +export GNUPGHOME=$(mktemp -d) + +arch=$(dpkg --print-architecture) + +case "$arch" in + amd64) + if ! dpkg --print-foreign-architectures | grep -Fqx i386; then + echo "I: setting up multiarch" + dpkg --add-architecture i386 + apt update # FIXME you might want to try this up to some N times to avoid failures on temporary network issues + fi + ;; + arm64) + if ! dpkg --print-foreign-architectures | grep -Fqx armhf; then + echo "I: setting up multiarch" + dpkg --add-architecture armhf + apt update # FIXME you might want to try this up to some N times to avoid failures on temporary network issues + fi + ;; + i386|armel|armhf|powerpc) + : nothing, tests should just work + ;; + *) + echo "I: skipping tests on $arch; only works on amd64, i386, arm64, armhf, armel, and powerpc" + exit + ;; +esac + +if ! dpkg-query --status wine32 | grep -Fqx 'Status: install ok installed'; then + DEBIAN_FRONTEND=noninteractive apt install -qy wine32 # FIXME ditto +fi + +echo 'no-allow-loopback-pinentry:16' | gpgconf --change-options gpg-agent + +# Generate a minimal signing key: +gpg2 --batch --debug-quick-random --pinentry-mode loopback --passphrase '' --quick-gen-key 'Test key for gpgv-win32 ' + +gpg2 -o "$GNUPGHOME/key.gpg" --export test-key@example.com + +# Sign this very script +rm -f "${0}.gpg" +gpg2 --output "${0}.gpg" --detach-sign "${0}" + +# Verify using gpgv +gpgv2 --keyring "$GNUPGHOME/key.gpg" "${0}.gpg" "${0}" + +# Verify using gpgv.exe +wine /usr/share/win32/gpgv.exe --keyring "Z:\\\\${GNUPGHOME}/key.gpg" "Z:\\\\$(pwd)/${0}.gpg" "Z:\\\\$(pwd)/${0}" + +rm -rf "$GNUPGHOME" diff --git a/upstream/signing-key.asc b/upstream/signing-key.asc new file mode 100644 index 0000000..1e57599 --- /dev/null +++ b/upstream/signing-key.asc @@ -0,0 +1,109 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v2 + +mQENBE0ti4EBCACqGtKlX9jI/enhlBdy2cyQP6Q7JoyxtaG6/ckAKWHYrqFTQk3I +Ue8TuDrGT742XFncG9PoMBfJDUNltIPgKFn8E9tYQqAOlpSA25bOb30cA2ADkrjg +jvDAH8cZ+fkIayWtObTxwqLfPivjFxEM//IdShFFVQj+QHmXYBJggWyEIil8Bje7 +KRw6B5ucs4qSzp5VH4CqDr9PDnLD8lBGHk0x8jpwh4V/yEODJKATY0Vj00793L8u +qA35ZiyczUvvJSLYvf7STO943GswkxdAfqxXbYifiK2gjE/7SAmB+2jFxsonUDOB +1BAY5s3FKqrkaxZr3BBjeuGGoCuiSX/cXRIhABEBAAG0Fldlcm5lciBLb2NoIChk +aXN0IHNpZymJAT4EEwECACgFAk0ti4ECGwMFCRDdnwIGCwkIBwMCBhUIAgkKCwQW +AgMBAh4BAheAAAoJECSbOdJPJeO2PlMIAJxPtFXf5yozPpFjRbSkSdjsk9eru05s +hKZOAKw3RUePTU80SRLPdg4AH+vkm1JMWFFpwvHlgfxqnE9rp13o7L/4UwNUwqH8 +5zCwu7SHz9cX3d4UUwzcP6qQP4BQEH9/xlpQS9eTK9b2RMyggqwd/J8mxjvoWzL8 +Klf/wl6jXHn/yP92xG9/YA86lNOL1N3/PhlZzLuJ6bdD9WzsEp/+kh3UDfjkIrOc +WkqwupB+d01R4bHPu9tvXy8Xut8Sok2zku2xVkEOsV2TXHbwuHO2AGC5pWDX6wgC +E4F5XeCB/0ovao2/bk22w1TxzP6PMxo6sLkmaF6D0frhM2bl4C/uSsq5AQ0ETS2L +gQEIAKHwucgbaRj0V7Ht0FnM6RmbqwZ7IFV2lR+YN1gkZaWRRCaJoPEZFKhhPEBX +1bDVwr/iTPaPPEtpi7oQoHk65yeLrhtOmXXpNVkV/5WQjAJIrWn+JQ3z/ZejxHUL +hzKsGg5FC6pRYcEyzRXHtv4BO9kBIKNVirZjEkQG4BnIrQgl6e2YFa47GNMqcQH7 +nJdwG1cGQOZOIDQQM41gBzwoSrStMA6DjHkukFegKfcSbSLArBtYNAwTwmW7RqOM +EJwlo0+NYx2Yn75x66bYwdlsP0FLOgez/O/IxoPRxXr0l4e+uj6dFHqvBi04dx6J +sPmXEyeAyLiCWSh7Rwq8uIhBUBUAEQEAAYkBJQQYAQIADwUCTS2LgQIbIAUJEN2f +AgAKCRAkmznSTyXjtrsSCACRNgfGkD0OqOiwYo1/+KyWnrQLusVvSYOw8hN66geU +3BO8iQ0Koy+m0QKY1kWjaHwewpg8ZebY4E2sHbNIC9Spyiyz29sAJ2invf4/4Mep +TgpxNiw4+XmykCkN1AfVhvMTQXMzRbO5ZwRtPpjsMr1j5vX1s6U3/RxSAItpAkCu +1GGTTOH0r12Ochc/um+QGAyO6WUj/IiZ1MX7toXW0SCo8DSl8z5Q7KmJWF6TQLK1 +Lku4bIVG1Huwo1/0WHc2vCad5BxHjgoy8TsKLTmvYQZWtnjWvQGV2UOABYWcacut +ZXQQ2PPCIY7LlpuS/45CXWbT5Y+mxY3y7dbz4aF+8uyCiJwEEAECAAYFAk0tjQQA +CgkQU7Yg0BzgxjBGTwQAi5qzI6cJslbyOl+TeDZVnLV0FmPuDg8dojvQrVDPxfem +IjxZZoMLCVM8ly8AC2JPrIYfN040C343saIc0tTtOwwmVMuy7G/Uex22CdWH/0HB +MpG4gFuOuQmW9QQDjEdh1DgwU2gAWonX54ZlMybWss+2NCikRwMflVUupH57BauZ +AQ0EVFA7IwEIAOYQcDfRdzqin/vZlwl1AyuJW+cDI3bYvesRtOIAJ+8FqOzp+nOZ +7a4mULkXUeRh3HcO91wughXoR3qP3klWIlqgTQQHxPVM25BEvnGPuMA86lWnKoSs +Xe9F5h0IMiu6aURvzMJC9VMgKwhhgCjejFf9n8zuiBkMN457Ubnt/9jxhpxmorDQ +Cpb7bR1mfdbsuCmOXwTNfbkAoGXceL/P6z9PskKrFk8CVCr8pseRiHzWgib4Bfr/ +mj68LKcQTH/Y6R16g154eC6PAvxrEDA+hgpVX0I7L781Byh9nqC+KDX5LvlGuQbg +B2IvrgLs6lfU3aRfTwqUDMj37rmXJTDy3TMAEQEAAbQyTklJQkUgWXV0YWthIChH +bnVQRyBSZWxlYXNlIEtleSkgPGduaWliZUBmc2lqLm9yZz6JATwEEwEIACYFAlRQ +OyMCGwMFCQPCZwAFCwcICQMEFQgJCgUWAgMBAAIeAQIXgAAKCRAgcbCKM70/BnX/ +CADQspqXXAVlrwU9SidzYbPAT1iGRmIkHwoD9rtPr/9xbg3jr8azCKpknE3VF0qz +UH6unsQwxTduGhey0sFwhi96WOqHiU8FYKxNPb786nACaCfOOB1MdymcIxMQ51mS +0PlIqtOPa1VpZcCVYr9SwQRqcDdy/Oh/Ljifuub4Shrs/VgYIcv74iGyLroSVt6G +KVNP/HFyQddSOLVcO+hqAQQ0QeTmPhnaaFa2OcZyW+6IGRLhd7N7M0xb988DKllf +huRRE1sZ3yO2RvcSq35u/5lChID5SS/wA9oDOPyVFLD4JiMPGmgzSO2aI+uT678O +jjoI5UD8hfbZpg1PZjYqhYlXuQENBFRQOyMBCAC94CWuMHLmP1B7oFxU0FjKv3D6 +RTpLSLqC/nqRWeKVdlSddR4LnO/r9ahRsGgekAEVyeD04SKAD7g3OWMhWvEsK6aY +gmzc0cLJCJRTsLW+X7kRWo33KUAKIpKYO8VF8iErWejajvo5UgN3y1V/anqlBU45 +DalLk/mu6JXOr6t7u83+IscTrFQTkW17wOxoc6i9zDOU1FoWZFyNU+hxpPCGndfn +S25qzaEpb1qzxYoHpyttCkGX4R3siX6gAkRLIPhsYK4sZihBZhTBgHdAVYSYkCrK +hRNWoSb3XpUhdT5l88uPozwxXruXmzk6WCv6ZdCJ+0rGShwJjU1j6g+Fksk9ABEB +AAGJASUEGAEIAA8FAlRQOyMCGwwFCQPCZwAACgkQIHGwijO9Pwbgqwf7BfdPgAkx +Mrt0BJeLJu1ItnCQ4cZ8rbuS5gwAxrY80QXDoJquwRWs1AXaBu0VW+9KvWdp0uhQ +b0Wy7fv40rRtC+T8nuE/1jaf2byMIfQwPVp3ODH+O3WZew1KvrQZquDKimgHxRso +WH5vq2VjohI8oQuQNN8AYeyxYo74eB8+3WfUrdw4MYiJcKd20MjoZZS16Klb99qm +LVZfE/dt/+wwZYFB7cpb5vvvE1voqS+ycD2Rt0irRg6ulw7OXoUrJ25sfkrv9otD +omDl9V//pyJZSp+IiwK4r0xnk8sjXHgXkzUdIyS0AB17Aw1+G2sbUKyX/SdOgzN7 +D8qEd3C7n53TwpkBDQRUUF8HAQgAh1mo8r+kVWVTNsNlyurm2tdZKiQbdeVgpBgc +DnqI3fAV58C3nC8DVuK5qVGZPB/jbu42jc8BXGP1l6UP+515LQL5GpTtV0pRWUO0 +2WOuTLZBVQcq53vzbg1xVo31rWV96mqGAPs8lGUCm09fpuiVKQojO6/Ihkg7/bnz +eSbcX5Xk9eKLhyB7tnakuYJeRYm4bjs+YDApK8IFQyevYF8pjTcbLTSNJPW9WLCs +ozsy11r4xdfRcTWjARVz5VzTnQ+Px8YtsnjQ3qwNJBpsqMLCdDN7YGhh/mlwPjgd +q/UFf5+bY6f3ew0vshBqInBQycBSmYyoX0Ye3sAS/OR4nu5ZaQARAQABtD5EYXZp +ZCBTaGF3IChHbnVQRyBSZWxlYXNlIFNpZ25pbmcgS2V5KSA8ZHNoYXdAamFiYmVy +d29ja3kuY29tPokBPgQTAQIAKAUCVFBfBwIbAwUJCbp27gYLCQgHAwIGFQgCCQoL +BBYCAwECHgECF4AACgkQBDdvPuCFaVmIoQf+POxCWkCTicRVlq0kust/iwYO1egK +9FWG130e2Irnv2lAZZN/0S5ibjHCYFp9gfMgmtVTF5oWXjSDAy/kIykQBBcUVx4S +CJbdMtKSdsSIQMz6P4DxXumxQm79msOsbi5TsdtUwjqdrbu2sHloE7ck/hTXUCkX +3zuqtxY7W23BCQxVVT5qUaFuAHkkQaaBgAb8gdgixmkIBfu9u8k3k9zUKm/PNfMj +xClvORkP8gev+XyzNgcXM49h5YYlmDT+Ahv99nUM1wg8yJTjefBAY0fL982Scx30 +nDQO3w7ihALUoj5+TXQjhs3sWPJ8u3pstr9XcfzEZC77/CZmRYNr8g5hBrkBDQRU +UF8HAQgAodT0id+C6PMV7C8JxE8POGvX2wA6QLw29ESO0Ws8+Jq9EPQ3114mH+sC ++kDsweCDMyaY34i8gvh6hWxG9JfZmSkRUv0QX2zvlcwr8SOZ9dXzrV7ip+QgpzO2 +2eYRnH/RB+KWfFzqSop51sd1Uls41qKphDEm/ZAnnTwxYWX6jElOCpIuemTAiSxp +qtjPXVftchSEy06/bDRFuC4FevfU5aWTg3FSZEZpk0KF5RZBdzvOfX9PwHf2Fxhg +QtLkAsdvvWzDToYD0qOecM/MGt1doryBo8IkAiHJ+TRNyVi6/fAq/rig3brF5ETG +N7W5IRRGoLetY++4YO+1gY7Ea+1tZwARAQABiQElBBgBAgAPBQJUUF8HAhsgBQkJ +unbuAAoJEAQ3bz7ghWlZ6PAH/iTMC5+H/Ynj7G1KOjhyoufPoM+j+g4Ec8RmEA6v +YOWIi8F4AU86iS6Sq2HkZXSKxLgAYbWuseFHS6QA/qZPDPdIv8TceE3jMW3ZEmmm +nCsS6cmkQhpjRCKuWGfaOyZIEV2BT6Ere+MU5jU+wRqkbJGk1BS8myQHkZRN/5dg +fo5syFYKY4T64Z7DvlbQF70cCARlsIwk4lN6QJ/iqaHR9c2sWtzHfxAvdctApdg5 +w8GRcEpdDMieejha/lBMRTYVWY1vrEg++mkkhvCOkBilDFFCVojOnSdTJy7dNZji +BlEFwlmcjLq984C5FRwj5+eN0Bev5hZsWobLeRqt8QOGMlG5AQ0EVFBfBwEIAK4b +kUPSxSlmE8GHAI4FNQDA+QZzIvLPpf1p5JqFULpJeelwfVtbj6qOfPKwXVvam0yH +OiyrMnffdlZ/6+QXjP665RdbsPzEDPxCH972eGmdw8yV95wmPCVaoyBTH9XBDTX2 +52h0vPjgcbbOLUvUuYBV8C74ir6ESoA20g/rjYEGjJ/UAtgBGIfMo0Vk2Qc6/7wx +M3jNPxUc/6h5oiggUkgdbFcgzC2sOAUj3nJ0CS01dNPJuAlGPRjig9o61/PiumSO +Vy98efAetsjLLS00ysAmjxj7eFuxnf73TJOyAItKZPv3i7K4LIgMZXwL71Ox00zU +dzm6H+/JomSorqtLlOUAEQEAAYkBJQQYAQIADwUCVFBfBwIbDAUJCbp27gAKCRAE +N28+4IVpWbkxB/0azsvpA9eJPr6oNu3Iw4aCvLQi9I2jodGXpsNg3GN+ATp3PKMi +21KsneqkYXzwxY+27HAwNSQEmMeyOh37nkPXJMlBgJ0+aV7J2nAj3as310gnV3kY +Id8NXvLi+YLngqfTyQpxedDhBeSyTYLAP96mDtUuGFQ9/TWBF0wjZkBqFllnsmmU +Cs9lMmdaFUk1cT1/R1vwiGz1mAaUzyP2NNUnXsoE25TkeXg+Kf95QkxS0C3C9S+c +A4jCCHXEuGFxMe4+6IbubsVepIUFrlzbUaYpYB8lwFQutoSJ1qLc2jFcW00Qy2Z2 +SOVYJ5oyMhZNei0ZFsgQ9tp2PhtICjm5JfvPmQENBFRDqVIBCAC0k8eZKDmNqdma +wOlJ/m62L2g8uXT/+/vAEGb1yaib09xI6tfGXzbqlDwrLIZcJsSIT/nt/ajJnIVb +c3137va4XbwMzsDpAMH4mmiToqk+izEChGm2knzrLwhoflR8aGsKL35QoZT/erdj +fgPeCRLvf25fHsN2Jb0WIMzC56VkMeFoza+9HZ5hrkemmm+gPvIvhEUopxCyOS8m +K5WjB4zzIdyDJfkqVpHvafNP0N4LIsedKdyHcj/K3kY4Kejl99GW1z1snBgPamoN +2/e52Pf6KTw2FjsSGZ72oalcrkBR4wacUizGxKcRD2Y6Xa0g9mwToWdNBQCIII+u +TzOzq1EDABEBAAG0IVdlcm5lciBLb2NoIChSZWxlYXNlIFNpZ25pbmcgS2V5KYkB +PQQTAQgAJwUCVEOpUgIbAwUJC6oF9QULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAK +CRCKhhscfv1g2aH7B/wIW6mVmTmzW2xc1q1MUdssExQBhEeONrbWJ/HiGZP/Maab +gQ/+wZuThTAwfGM5zFQBOvrBOGURhINU6lYQlcOrVo+V8Z1mNQKFWaKxJaY5Ku1b +B1OuX9FHLEiMibogHu5fjJIXBE8XrnvueejyFQ5g/uX2xcGgCWlMe49sR3K+lEl3 +n93xTmSNhP52r0gTjMjbqKWKUaIGJ5OcWSrvawdfqLXkxR8phq2AlHHEfxpcZsOp +9mZirWYQ5jcgGgFP0LYXUw/RnxFpOcrj45qufmyEL9QJKjBV5RaHJbqukefwUInP +QtVUmINqQxztSh5QxQP2tsUPIeEi5RAoCwLJam8z +=PXPh +-----END PGP PUBLIC KEY BLOCK----- diff --git a/watch b/watch new file mode 100644 index 0000000..e6d36a1 --- /dev/null +++ b/watch @@ -0,0 +1,5 @@ +version=4 + +opts=pgpsigurlmangle=s/$/.sig/ \ + https://gnupg.org/ftp/gcrypt/gnupg/gnupg@ANY_VERSION@@ARCHIVE_EXT@ \ + debian uupdate -- 2.30.2