Hello community,
here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2016-09-17 14:32:21
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/gpg2 (Old)
and /work/SRC/openSUSE:Factory/.gpg2.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gpg2"
Changes:
--------
--- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes 2016-08-31 00:00:38.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2016-09-17 14:32:23.000000000 +0200
@@ -1,0 +2,17 @@
+Tue Sep 13 13:50:52 UTC 2016 - astieger@suse.com
+
+- avoid mixing up status and colon line output - bsc#993324
+ add gnupg-2.1.15-bsc993324-status-output.patch
+
+-------------------------------------------------------------------
+Thu Sep 1 08:23:28 UTC 2016 - astieger@suse.com
+
+- enable web key discovery tools
+
+-------------------------------------------------------------------
+Wed Aug 31 13:06:28 UTC 2016 - astieger@suse.com
+
+- Add an explicit runtime dependency on libgcrypt >= 1.7.0 to
+ match runtime version check
+
+-------------------------------------------------------------------
New:
----
gnupg-2.1.15-bsc993324-status-output.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ gpg2.spec ++++++
--- /var/tmp/diff_new_pack.OKCpLo/_old 2016-09-17 14:32:24.000000000 +0200
+++ /var/tmp/diff_new_pack.OKCpLo/_new 2016-09-17 14:32:24.000000000 +0200
@@ -35,12 +35,11 @@
Patch9: gnupg-detect_FIPS_mode.patch
Patch11: gnupg-add_legacy_FIPS_mode_option.patch
Patch12: 0001-common-Follow-up-to-14479e2-fix-void-return-in-non-v.patch
+Patch13: gnupg-2.1.15-bsc993324-status-output.patch
BuildRequires: expect
BuildRequires: fdupes
BuildRequires: libadns-devel
BuildRequires: libassuan-devel >= 2.4.3
-# patch11 (gnupg-add_legacy_FIPS_mode_option.patch) mentions GCRYCTL_INACTIVATE_FIPS_FLAG
-# raising gcrypt requirement from 1.4.0
BuildRequires: libgcrypt-devel >= 1.7.0
BuildRequires: libgpg-error-devel >= 1.24
BuildRequires: libksba-devel >= 1.3.4
@@ -56,7 +55,9 @@
BuildRequires: pkgconfig(sqlite3) >= 3.7
BuildRequires: pkgconfig(zlib)
# Add an explicit runtime dependency to match boo#955982
-Requires: libassuan0 >= 2.4.1
+Requires: libassuan0 >= 2.4.3
+# Explicit runtime depencency - runtime version check
+Requires: libgcrypt20 >= 1.7.0
Requires: pinentry
# FIXME: use proper Requires(pre/post/preun/...)
PreReq: %{install_info_prereq}
@@ -86,6 +87,7 @@
%patch9 -p1
%patch11 -p1
%patch12 -p1
+%patch13 -p1
%build
date=$(date -u +%%Y-%%m-%%dT%%H:%%M+0000 -r %{SOURCE99})
@@ -102,6 +104,7 @@
--enable-gpgtar \
--enable-g13 \
--enable-large-secmem \
+ --enable-wks-tools \
--with-gnu-ld \
--enable-build-timestamp=$date
++++++ gnupg-2.1.15-bsc993324-status-output.patch ++++++
From 31fc420727f45dd081f8ad5d056da6675dad29f2 Mon Sep 17 00:00:00 2001
From: Werner Koch
Date: Mon, 12 Sep 2016 17:42:50 +0200
Subject: [PATCH] gpg: Avoid mixing up status and colon line output.
* g10/keylist.c (list_keyblock_colon): Avoid calling functions which
trigger a status line output before having printed a LF.
--
Status lines like KEY_CONSIDERED and KEYEPXIRED were messing up the
colons output, like here:
pub:[GNUPG:] KEY_CONSIDERED 94A5C9A03C2FE5CA3B095D8E1FDF723CF46[...]
Reported-by: Andreas Stieger
Signed-off-by: Werner Koch
---
This version of the patch backported onto the 2.1.15 tag -- astieger@suse.com
---
g10/keylist.c | 83 +++++++++++++++++++++++++++++++++--------------------------
1 file changed, 47 insertions(+), 36 deletions(-)
Index: gnupg-2.1.15/g10/keylist.c
===================================================================
--- gnupg-2.1.15.orig/g10/keylist.c 2016-09-13 15:40:30.178482877 +0200
+++ gnupg-2.1.15/g10/keylist.c 2016-09-13 15:45:53.605670795 +0200
@@ -1183,9 +1183,10 @@ list_keyblock_colon (ctrl_t ctrl, kbnode
PKT_public_key *pk;
u32 keyid[2];
int trustletter = 0;
+ int trustletter_print;
+ int ownertrust_print;
int ulti_hack = 0;
int i;
- char *p;
char *hexgrip_buffer = NULL;
const char *hexgrip = NULL;
char *serialno = NULL;
@@ -1217,31 +1218,38 @@ list_keyblock_colon (ctrl_t ctrl, kbnode
stubkey = 1; /* Key not found. */
keyid_from_pk (pk, keyid);
- es_fputs (secret? "sec:":"pub:", es_stdout);
if (!pk->flags.valid)
- es_putc ('i', es_stdout);
+ trustletter_print = 'i';
else if (pk->flags.revoked)
- es_putc ('r', es_stdout);
+ trustletter_print = 'r';
else if (pk->has_expired)
- es_putc ('e', es_stdout);
+ trustletter_print = 'e';
else if (opt.fast_list_mode || opt.no_expensive_trust_checks)
- ;
+ trustletter_print = 0;
else
{
trustletter = get_validity_info (ctrl, pk, NULL);
if (trustletter == 'u')
ulti_hack = 1;
- es_putc (trustletter, es_stdout);
+ trustletter_print = trustletter;
}
+ if (!opt.fast_list_mode && !opt.no_expensive_trust_checks)
+ ownertrust_print = get_ownertrust_info (pk);
+ else
+ ownertrust_print = 0;
+
+ es_fputs (secret? "sec:":"pub:", es_stdout);
+ if (trustletter_print)
+ es_putc (trustletter_print, es_stdout);
es_fprintf (es_stdout, ":%u:%d:%08lX%08lX:%s:%s::",
nbits_from_pk (pk),
pk->pubkey_algo,
(ulong) keyid[0], (ulong) keyid[1],
colon_datestr_from_pk (pk), colon_strtime (pk->expiredate));
- if (!opt.fast_list_mode && !opt.no_expensive_trust_checks)
- es_putc (get_ownertrust_info (pk), es_stdout);
+ if (ownertrust_print)
+ es_putc (ownertrust_print, es_stdout);
es_putc (':', es_stdout);
es_putc (':', es_stdout);
@@ -1286,31 +1294,27 @@ list_keyblock_colon (ctrl_t ctrl, kbnode
{
if (node->pkt->pkttype == PKT_USER_ID)
{
- char *str;
PKT_user_id *uid = node->pkt->pkt.user_id;
+ int uid_validity;
if (attrib_fp && node->pkt->pkt.user_id->attrib_data != NULL)
dump_attribs (node->pkt->pkt.user_id, pk);
- /*
- * Fixme: We need a valid flag here too
- */
- str = uid->attrib_data ? "uat" : "uid";
+
if (uid->is_revoked)
- es_fprintf (es_stdout, "%s:r::::", str);
+ uid_validity = 'r';
else if (uid->is_expired)
- es_fprintf (es_stdout, "%s:e::::", str);
+ uid_validity = 'e';
else if (opt.no_expensive_trust_checks)
- es_fprintf (es_stdout, "%s:::::", str);
- else
- {
- int uid_validity;
-
- if (!ulti_hack)
- uid_validity = get_validity_info (ctrl, pk, uid);
- else
- uid_validity = 'u';
- es_fprintf (es_stdout, "%s:%c::::", str, uid_validity);
- }
+ uid_validity = 0;
+ else if (ulti_hack)
+ uid_validity = 'u';
+ else
+ uid_validity = get_validity_info (ctrl, pk, uid);
+
+ es_fputs (uid->attrib_data? "uat:":"uid:", es_stdout);
+ if (uid_validity)
+ es_putc (uid_validity, es_stdout);
+ es_fputs ("::::", es_stdout);
es_fprintf (es_stdout, "%s:", colon_strtime (uid->created));
es_fprintf (es_stdout, "%s:", colon_strtime (uid->expiredate));
@@ -1425,6 +1429,8 @@ list_keyblock_colon (ctrl_t ctrl, kbnode
char *sigstr;
size_t fplen;
byte fparray[MAX_FINGERPRINT_LEN];
+ char *siguid;
+ size_t siguidlen;
if (sig->sig_class == 0x20 || sig->sig_class == 0x28
|| sig->sig_class == 0x30)
@@ -1484,6 +1490,16 @@ list_keyblock_colon (ctrl_t ctrl, kbnode
rc = 0;
sigrc = ' ';
}
+
+ if (sigrc != '%' && sigrc != '?' && !opt.fast_list_mode)
+ siguid = get_user_id (sig->keyid, &siguidlen);
+ else
+ {
+ siguid = NULL;
+ siguidlen = 0;
+ }
+
+
es_fputs (sigstr, es_stdout);
es_putc (':', es_stdout);
if (sigrc != ' ')
@@ -1504,17 +1520,11 @@ list_keyblock_colon (ctrl_t ctrl, kbnode
if (sigrc == '%')
es_fprintf (es_stdout, "[%s] ", gpg_strerror (rc));
- else if (sigrc == '?')
- ;
- else if (!opt.fast_list_mode)
- {
- size_t n;
- p = get_user_id (sig->keyid, &n);
- es_write_sanitized (es_stdout, p, n, ":", NULL);
- xfree (p);
- }
+ else if (siguid)
+ es_write_sanitized (es_stdout, siguid, siguidlen, ":", NULL);
+
es_fprintf (es_stdout, ":%02x%c::", sig->sig_class,
- sig->flags.exportable ? 'x' : 'l');
+ sig->flags.exportable ? 'x' : 'l');
if (opt.no_sig_cache && opt.check_sigs && fprokay)
{
@@ -1528,6 +1538,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode
print_subpackets_colon (sig);
/* fixme: check or list other sigs here */
+ xfree (siguid);
}
}