Date: Tuesday, January 29, 2013 @ 04:50:02 Author: bisson Revision: 176299
db-move: moved gnupg from [testing] to [core] (i686, x86_64) Added: gnupg/repos/core-i686/PKGBUILD (from rev 176298, gnupg/repos/testing-i686/PKGBUILD) gnupg/repos/core-i686/install (from rev 176298, gnupg/repos/testing-i686/install) gnupg/repos/core-i686/protect-tool-env.patch (from rev 176298, gnupg/repos/testing-i686/protect-tool-env.patch) gnupg/repos/core-i686/valid-keyblock-packet.patch (from rev 176298, gnupg/repos/testing-i686/valid-keyblock-packet.patch) gnupg/repos/core-x86_64/PKGBUILD (from rev 176298, gnupg/repos/testing-x86_64/PKGBUILD) gnupg/repos/core-x86_64/install (from rev 176298, gnupg/repos/testing-x86_64/install) gnupg/repos/core-x86_64/protect-tool-env.patch (from rev 176298, gnupg/repos/testing-x86_64/protect-tool-env.patch) gnupg/repos/core-x86_64/valid-keyblock-packet.patch (from rev 176298, gnupg/repos/testing-x86_64/valid-keyblock-packet.patch) Deleted: gnupg/repos/core-i686/PKGBUILD gnupg/repos/core-i686/install gnupg/repos/core-i686/protect-tool-env.patch gnupg/repos/core-x86_64/PKGBUILD gnupg/repos/core-x86_64/install gnupg/repos/core-x86_64/protect-tool-env.patch gnupg/repos/testing-i686/ gnupg/repos/testing-x86_64/ -----------------------------------------+ core-i686/PKGBUILD | 103 +++++++++++++++--------------- core-i686/install | 40 +++++------ core-i686/protect-tool-env.patch | 56 ++++++++-------- core-i686/valid-keyblock-packet.patch | 61 +++++++++++++++++ core-x86_64/PKGBUILD | 103 +++++++++++++++--------------- core-x86_64/install | 40 +++++------ core-x86_64/protect-tool-env.patch | 56 ++++++++-------- core-x86_64/valid-keyblock-packet.patch | 61 +++++++++++++++++ 8 files changed, 324 insertions(+), 196 deletions(-) Deleted: core-i686/PKGBUILD =================================================================== --- core-i686/PKGBUILD 2013-01-28 17:54:15 UTC (rev 176298) +++ core-i686/PKGBUILD 2013-01-29 03:50:02 UTC (rev 176299) @@ -1,50 +0,0 @@ -# $Id$ -# Maintainer: Gaetan Bisson <bis...@archlinux.org> -# Contributor: Tobias Powalowski <tp...@archlinux.org> -# Contributor: Andreas Radke <andy...@archlinux.org> -# Contributor: Judd Vinet <jvi...@zeroflux.org> - -pkgname=gnupg -pkgver=2.0.19 -pkgrel=4 -pkgdesc='Complete and free implementation of the OpenPGP standard' -url='http://www.gnupg.org/' -license=('GPL') -arch=('i686' 'x86_64') -optdepends=('curl: gpg2keys_curl' - 'libldap: gpg2keys_ldap' - 'libusb-compat: scdaemon') -makedepends=('curl' 'libldap' 'libusb-compat') -depends=('bzip2' 'libksba' 'libgcrypt' 'pth' 'libassuan' 'readline' 'pinentry' 'dirmngr') -source=("ftp://ftp.gnupg.org/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2"{,.sig} - 'protect-tool-env.patch') -sha1sums=('190c09e6688f688fb0a5cf884d01e240d957ac1f' - 'f6e6830610a8629b0aad69d789373bf8ca481733' - '2ec97ba55ae47ff0d63bc813b8c64cb79cef11db') - -install=install - -conflicts=('gnupg2') -provides=("gnupg2=${pkgver}") -replaces=('gnupg2') - -build() { - cd "${srcdir}/${pkgname}-${pkgver}" - patch -p1 -i ../protect-tool-env.patch # FS#31900 - ./configure --prefix=/usr --libexecdir=/usr/lib/gnupg - make -} - -check() { - cd "${srcdir}/${pkgname}-${pkgver}" - make check -} - -package() { - cd "${srcdir}/${pkgname}-${pkgver}" - make DESTDIR="${pkgdir}" install - ln -s gpg2 "${pkgdir}"/usr/bin/gpg - ln -s gpgv2 "${pkgdir}"/usr/bin/gpgv - ln -s gpg2.1.gz "${pkgdir}"/usr/share/man/man1/gpg.1.gz - rm "${pkgdir}/usr/share/gnupg/com-certs.pem" # FS#33059 -} Copied: gnupg/repos/core-i686/PKGBUILD (from rev 176298, gnupg/repos/testing-i686/PKGBUILD) =================================================================== --- core-i686/PKGBUILD (rev 0) +++ core-i686/PKGBUILD 2013-01-29 03:50:02 UTC (rev 176299) @@ -0,0 +1,53 @@ +# $Id$ +# Maintainer: Gaetan Bisson <bis...@archlinux.org> +# Contributor: Tobias Powalowski <tp...@archlinux.org> +# Contributor: Andreas Radke <andy...@archlinux.org> +# Contributor: Judd Vinet <jvi...@zeroflux.org> + +pkgname=gnupg +pkgver=2.0.19 +pkgrel=5 +pkgdesc='Complete and free implementation of the OpenPGP standard' +url='http://www.gnupg.org/' +license=('GPL') +arch=('i686' 'x86_64') +optdepends=('curl: gpg2keys_curl' + 'libldap: gpg2keys_ldap' + 'libusb-compat: scdaemon') +makedepends=('curl' 'libldap' 'libusb-compat') +depends=('bzip2' 'libksba' 'libgcrypt' 'pth' 'libassuan' 'readline' 'pinentry' 'dirmngr') +source=("ftp://ftp.gnupg.org/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2"{,.sig} + 'valid-keyblock-packet.patch' + 'protect-tool-env.patch') +sha1sums=('190c09e6688f688fb0a5cf884d01e240d957ac1f' + 'f6e6830610a8629b0aad69d789373bf8ca481733' + '474d827f1c2976bb107985047f61ac9096ae0953' + '2ec97ba55ae47ff0d63bc813b8c64cb79cef11db') + +install=install + +conflicts=('gnupg2') +provides=("gnupg2=${pkgver}") +replaces=('gnupg2') + +build() { + cd "${srcdir}/${pkgname}-${pkgver}" + patch -p1 -i ../protect-tool-env.patch # FS#31900 + patch -p1 -i ../valid-keyblock-packet.patch + ./configure --prefix=/usr --libexecdir=/usr/lib/gnupg + make +} + +check() { + cd "${srcdir}/${pkgname}-${pkgver}" + make check +} + +package() { + cd "${srcdir}/${pkgname}-${pkgver}" + make DESTDIR="${pkgdir}" install + ln -s gpg2 "${pkgdir}"/usr/bin/gpg + ln -s gpgv2 "${pkgdir}"/usr/bin/gpgv + ln -s gpg2.1.gz "${pkgdir}"/usr/share/man/man1/gpg.1.gz + rm "${pkgdir}/usr/share/gnupg/com-certs.pem" # FS#33059 +} Deleted: core-i686/install =================================================================== --- core-i686/install 2013-01-28 17:54:15 UTC (rev 176298) +++ core-i686/install 2013-01-29 03:50:02 UTC (rev 176299) @@ -1,20 +0,0 @@ -info_dir=/usr/share/info -info_files=(gnupg.info gnupg.info-1 gnupg.info-2) - -post_install() { - [ -x usr/bin/install-info ] || return 0 - for f in ${info_files[@]}; do - usr/bin/install-info ${info_dir}/$f ${info_dir}/dir 2> /dev/null - done -} - -post_upgrade() { - post_install $1 -} - -pre_remove() { - [ -x usr/bin/install-info ] || return 0 - for f in ${info_files[@]}; do - usr/bin/install-info --delete ${info_dir}/$f ${info_dir}/dir 2> /dev/null - done -} Copied: gnupg/repos/core-i686/install (from rev 176298, gnupg/repos/testing-i686/install) =================================================================== --- core-i686/install (rev 0) +++ core-i686/install 2013-01-29 03:50:02 UTC (rev 176299) @@ -0,0 +1,20 @@ +info_dir=/usr/share/info +info_files=(gnupg.info gnupg.info-1 gnupg.info-2) + +post_install() { + [ -x usr/bin/install-info ] || return 0 + for f in ${info_files[@]}; do + usr/bin/install-info ${info_dir}/$f ${info_dir}/dir 2> /dev/null + done +} + +post_upgrade() { + post_install $1 +} + +pre_remove() { + [ -x usr/bin/install-info ] || return 0 + for f in ${info_files[@]}; do + usr/bin/install-info --delete ${info_dir}/$f ${info_dir}/dir 2> /dev/null + done +} Deleted: core-i686/protect-tool-env.patch =================================================================== --- core-i686/protect-tool-env.patch 2013-01-28 17:54:15 UTC (rev 176298) +++ core-i686/protect-tool-env.patch 2013-01-29 03:50:02 UTC (rev 176299) @@ -1,28 +0,0 @@ -diff -Naur old/agent/protect-tool.c new/agent/protect-tool.c ---- old/agent/protect-tool.c 2012-12-08 13:53:17.067611957 +1100 -+++ new/agent/protect-tool.c 2012-12-08 13:53:28.247633012 +1100 -@@ -102,6 +102,7 @@ - static int opt_status_msg; - static const char *opt_p12_charset; - static const char *opt_agent_program; -+static session_env_t opt_session_env; - - static char *get_passphrase (int promptno); - static void release_passphrase (char *pw); -@@ -1040,6 +1041,7 @@ - - opt_homedir = default_homedir (); - -+ opt_session_env = session_env_new (); - - pargs.argc = &argc; - pargs.argv = &argv; -@@ -1091,7 +1093,7 @@ - opt.verbose, - opt_homedir, - opt_agent_program, -- NULL, NULL, NULL); -+ NULL, NULL, opt_session_env); - - if (opt_prompt) - opt_prompt = percent_plus_unescape (opt_prompt, 0); Copied: gnupg/repos/core-i686/protect-tool-env.patch (from rev 176298, gnupg/repos/testing-i686/protect-tool-env.patch) =================================================================== --- core-i686/protect-tool-env.patch (rev 0) +++ core-i686/protect-tool-env.patch 2013-01-29 03:50:02 UTC (rev 176299) @@ -0,0 +1,28 @@ +diff -Naur old/agent/protect-tool.c new/agent/protect-tool.c +--- old/agent/protect-tool.c 2012-12-08 13:53:17.067611957 +1100 ++++ new/agent/protect-tool.c 2012-12-08 13:53:28.247633012 +1100 +@@ -102,6 +102,7 @@ + static int opt_status_msg; + static const char *opt_p12_charset; + static const char *opt_agent_program; ++static session_env_t opt_session_env; + + static char *get_passphrase (int promptno); + static void release_passphrase (char *pw); +@@ -1040,6 +1041,7 @@ + + opt_homedir = default_homedir (); + ++ opt_session_env = session_env_new (); + + pargs.argc = &argc; + pargs.argv = &argv; +@@ -1091,7 +1093,7 @@ + opt.verbose, + opt_homedir, + opt_agent_program, +- NULL, NULL, NULL); ++ NULL, NULL, opt_session_env); + + if (opt_prompt) + opt_prompt = percent_plus_unescape (opt_prompt, 0); Copied: gnupg/repos/core-i686/valid-keyblock-packet.patch (from rev 176298, gnupg/repos/testing-i686/valid-keyblock-packet.patch) =================================================================== --- core-i686/valid-keyblock-packet.patch (rev 0) +++ core-i686/valid-keyblock-packet.patch 2013-01-29 03:50:02 UTC (rev 176299) @@ -0,0 +1,61 @@ +From: Werner Koch <w...@gnupg.org> +Date: Thu, 20 Dec 2012 08:43:41 +0000 (+0100) +Subject: gpg: Import only packets which are allowed in a keyblock. +X-Git-Url: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff_plain;h=498882296ffac7987c644aaf2a0aa108a2925471;hp=20c95ef258f8520283406239f7c6f4729341d463 + +gpg: Import only packets which are allowed in a keyblock. + +* g10/import.c (valid_keyblock_packet): New. +(read_block): Store only valid packets. +-- + +A corrupted key, which for example included a mangled public key +encrypted packet, used to corrupt the keyring. This change skips all +packets which are not allowed in a keyblock. + +GnuPG-bug-id: 1455 + +(cherry-picked from commit 3a4b96e665fa639772854058737ee3d54ba0694e) +--- + +diff --git a/g10/import.c b/g10/import.c +index ba2439d..ad112d6 100644 +--- a/g10/import.c ++++ b/g10/import.c +@@ -347,6 +347,27 @@ import_print_stats (void *hd) + } + + ++/* Return true if PKTTYPE is valid in a keyblock. */ ++static int ++valid_keyblock_packet (int pkttype) ++{ ++ switch (pkttype) ++ { ++ case PKT_PUBLIC_KEY: ++ case PKT_PUBLIC_SUBKEY: ++ case PKT_SECRET_KEY: ++ case PKT_SECRET_SUBKEY: ++ case PKT_SIGNATURE: ++ case PKT_USER_ID: ++ case PKT_ATTRIBUTE: ++ case PKT_RING_TRUST: ++ return 1; ++ default: ++ return 0; ++ } ++} ++ ++ + /**************** + * Read the next keyblock from stream A. + * PENDING_PKT should be initialzed to NULL +@@ -424,7 +445,7 @@ read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root ) + } + in_cert = 1; + default: +- if( in_cert ) { ++ if (in_cert && valid_keyblock_packet (pkt->pkttype)) { + if( !root ) + root = new_kbnode( pkt ); + else Deleted: core-x86_64/PKGBUILD =================================================================== --- core-x86_64/PKGBUILD 2013-01-28 17:54:15 UTC (rev 176298) +++ core-x86_64/PKGBUILD 2013-01-29 03:50:02 UTC (rev 176299) @@ -1,50 +0,0 @@ -# $Id$ -# Maintainer: Gaetan Bisson <bis...@archlinux.org> -# Contributor: Tobias Powalowski <tp...@archlinux.org> -# Contributor: Andreas Radke <andy...@archlinux.org> -# Contributor: Judd Vinet <jvi...@zeroflux.org> - -pkgname=gnupg -pkgver=2.0.19 -pkgrel=4 -pkgdesc='Complete and free implementation of the OpenPGP standard' -url='http://www.gnupg.org/' -license=('GPL') -arch=('i686' 'x86_64') -optdepends=('curl: gpg2keys_curl' - 'libldap: gpg2keys_ldap' - 'libusb-compat: scdaemon') -makedepends=('curl' 'libldap' 'libusb-compat') -depends=('bzip2' 'libksba' 'libgcrypt' 'pth' 'libassuan' 'readline' 'pinentry' 'dirmngr') -source=("ftp://ftp.gnupg.org/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2"{,.sig} - 'protect-tool-env.patch') -sha1sums=('190c09e6688f688fb0a5cf884d01e240d957ac1f' - 'f6e6830610a8629b0aad69d789373bf8ca481733' - '2ec97ba55ae47ff0d63bc813b8c64cb79cef11db') - -install=install - -conflicts=('gnupg2') -provides=("gnupg2=${pkgver}") -replaces=('gnupg2') - -build() { - cd "${srcdir}/${pkgname}-${pkgver}" - patch -p1 -i ../protect-tool-env.patch # FS#31900 - ./configure --prefix=/usr --libexecdir=/usr/lib/gnupg - make -} - -check() { - cd "${srcdir}/${pkgname}-${pkgver}" - make check -} - -package() { - cd "${srcdir}/${pkgname}-${pkgver}" - make DESTDIR="${pkgdir}" install - ln -s gpg2 "${pkgdir}"/usr/bin/gpg - ln -s gpgv2 "${pkgdir}"/usr/bin/gpgv - ln -s gpg2.1.gz "${pkgdir}"/usr/share/man/man1/gpg.1.gz - rm "${pkgdir}/usr/share/gnupg/com-certs.pem" # FS#33059 -} Copied: gnupg/repos/core-x86_64/PKGBUILD (from rev 176298, gnupg/repos/testing-x86_64/PKGBUILD) =================================================================== --- core-x86_64/PKGBUILD (rev 0) +++ core-x86_64/PKGBUILD 2013-01-29 03:50:02 UTC (rev 176299) @@ -0,0 +1,53 @@ +# $Id$ +# Maintainer: Gaetan Bisson <bis...@archlinux.org> +# Contributor: Tobias Powalowski <tp...@archlinux.org> +# Contributor: Andreas Radke <andy...@archlinux.org> +# Contributor: Judd Vinet <jvi...@zeroflux.org> + +pkgname=gnupg +pkgver=2.0.19 +pkgrel=5 +pkgdesc='Complete and free implementation of the OpenPGP standard' +url='http://www.gnupg.org/' +license=('GPL') +arch=('i686' 'x86_64') +optdepends=('curl: gpg2keys_curl' + 'libldap: gpg2keys_ldap' + 'libusb-compat: scdaemon') +makedepends=('curl' 'libldap' 'libusb-compat') +depends=('bzip2' 'libksba' 'libgcrypt' 'pth' 'libassuan' 'readline' 'pinentry' 'dirmngr') +source=("ftp://ftp.gnupg.org/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2"{,.sig} + 'valid-keyblock-packet.patch' + 'protect-tool-env.patch') +sha1sums=('190c09e6688f688fb0a5cf884d01e240d957ac1f' + 'f6e6830610a8629b0aad69d789373bf8ca481733' + '474d827f1c2976bb107985047f61ac9096ae0953' + '2ec97ba55ae47ff0d63bc813b8c64cb79cef11db') + +install=install + +conflicts=('gnupg2') +provides=("gnupg2=${pkgver}") +replaces=('gnupg2') + +build() { + cd "${srcdir}/${pkgname}-${pkgver}" + patch -p1 -i ../protect-tool-env.patch # FS#31900 + patch -p1 -i ../valid-keyblock-packet.patch + ./configure --prefix=/usr --libexecdir=/usr/lib/gnupg + make +} + +check() { + cd "${srcdir}/${pkgname}-${pkgver}" + make check +} + +package() { + cd "${srcdir}/${pkgname}-${pkgver}" + make DESTDIR="${pkgdir}" install + ln -s gpg2 "${pkgdir}"/usr/bin/gpg + ln -s gpgv2 "${pkgdir}"/usr/bin/gpgv + ln -s gpg2.1.gz "${pkgdir}"/usr/share/man/man1/gpg.1.gz + rm "${pkgdir}/usr/share/gnupg/com-certs.pem" # FS#33059 +} Deleted: core-x86_64/install =================================================================== --- core-x86_64/install 2013-01-28 17:54:15 UTC (rev 176298) +++ core-x86_64/install 2013-01-29 03:50:02 UTC (rev 176299) @@ -1,20 +0,0 @@ -info_dir=/usr/share/info -info_files=(gnupg.info gnupg.info-1 gnupg.info-2) - -post_install() { - [ -x usr/bin/install-info ] || return 0 - for f in ${info_files[@]}; do - usr/bin/install-info ${info_dir}/$f ${info_dir}/dir 2> /dev/null - done -} - -post_upgrade() { - post_install $1 -} - -pre_remove() { - [ -x usr/bin/install-info ] || return 0 - for f in ${info_files[@]}; do - usr/bin/install-info --delete ${info_dir}/$f ${info_dir}/dir 2> /dev/null - done -} Copied: gnupg/repos/core-x86_64/install (from rev 176298, gnupg/repos/testing-x86_64/install) =================================================================== --- core-x86_64/install (rev 0) +++ core-x86_64/install 2013-01-29 03:50:02 UTC (rev 176299) @@ -0,0 +1,20 @@ +info_dir=/usr/share/info +info_files=(gnupg.info gnupg.info-1 gnupg.info-2) + +post_install() { + [ -x usr/bin/install-info ] || return 0 + for f in ${info_files[@]}; do + usr/bin/install-info ${info_dir}/$f ${info_dir}/dir 2> /dev/null + done +} + +post_upgrade() { + post_install $1 +} + +pre_remove() { + [ -x usr/bin/install-info ] || return 0 + for f in ${info_files[@]}; do + usr/bin/install-info --delete ${info_dir}/$f ${info_dir}/dir 2> /dev/null + done +} Deleted: core-x86_64/protect-tool-env.patch =================================================================== --- core-x86_64/protect-tool-env.patch 2013-01-28 17:54:15 UTC (rev 176298) +++ core-x86_64/protect-tool-env.patch 2013-01-29 03:50:02 UTC (rev 176299) @@ -1,28 +0,0 @@ -diff -Naur old/agent/protect-tool.c new/agent/protect-tool.c ---- old/agent/protect-tool.c 2012-12-08 13:53:17.067611957 +1100 -+++ new/agent/protect-tool.c 2012-12-08 13:53:28.247633012 +1100 -@@ -102,6 +102,7 @@ - static int opt_status_msg; - static const char *opt_p12_charset; - static const char *opt_agent_program; -+static session_env_t opt_session_env; - - static char *get_passphrase (int promptno); - static void release_passphrase (char *pw); -@@ -1040,6 +1041,7 @@ - - opt_homedir = default_homedir (); - -+ opt_session_env = session_env_new (); - - pargs.argc = &argc; - pargs.argv = &argv; -@@ -1091,7 +1093,7 @@ - opt.verbose, - opt_homedir, - opt_agent_program, -- NULL, NULL, NULL); -+ NULL, NULL, opt_session_env); - - if (opt_prompt) - opt_prompt = percent_plus_unescape (opt_prompt, 0); Copied: gnupg/repos/core-x86_64/protect-tool-env.patch (from rev 176298, gnupg/repos/testing-x86_64/protect-tool-env.patch) =================================================================== --- core-x86_64/protect-tool-env.patch (rev 0) +++ core-x86_64/protect-tool-env.patch 2013-01-29 03:50:02 UTC (rev 176299) @@ -0,0 +1,28 @@ +diff -Naur old/agent/protect-tool.c new/agent/protect-tool.c +--- old/agent/protect-tool.c 2012-12-08 13:53:17.067611957 +1100 ++++ new/agent/protect-tool.c 2012-12-08 13:53:28.247633012 +1100 +@@ -102,6 +102,7 @@ + static int opt_status_msg; + static const char *opt_p12_charset; + static const char *opt_agent_program; ++static session_env_t opt_session_env; + + static char *get_passphrase (int promptno); + static void release_passphrase (char *pw); +@@ -1040,6 +1041,7 @@ + + opt_homedir = default_homedir (); + ++ opt_session_env = session_env_new (); + + pargs.argc = &argc; + pargs.argv = &argv; +@@ -1091,7 +1093,7 @@ + opt.verbose, + opt_homedir, + opt_agent_program, +- NULL, NULL, NULL); ++ NULL, NULL, opt_session_env); + + if (opt_prompt) + opt_prompt = percent_plus_unescape (opt_prompt, 0); Copied: gnupg/repos/core-x86_64/valid-keyblock-packet.patch (from rev 176298, gnupg/repos/testing-x86_64/valid-keyblock-packet.patch) =================================================================== --- core-x86_64/valid-keyblock-packet.patch (rev 0) +++ core-x86_64/valid-keyblock-packet.patch 2013-01-29 03:50:02 UTC (rev 176299) @@ -0,0 +1,61 @@ +From: Werner Koch <w...@gnupg.org> +Date: Thu, 20 Dec 2012 08:43:41 +0000 (+0100) +Subject: gpg: Import only packets which are allowed in a keyblock. +X-Git-Url: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff_plain;h=498882296ffac7987c644aaf2a0aa108a2925471;hp=20c95ef258f8520283406239f7c6f4729341d463 + +gpg: Import only packets which are allowed in a keyblock. + +* g10/import.c (valid_keyblock_packet): New. +(read_block): Store only valid packets. +-- + +A corrupted key, which for example included a mangled public key +encrypted packet, used to corrupt the keyring. This change skips all +packets which are not allowed in a keyblock. + +GnuPG-bug-id: 1455 + +(cherry-picked from commit 3a4b96e665fa639772854058737ee3d54ba0694e) +--- + +diff --git a/g10/import.c b/g10/import.c +index ba2439d..ad112d6 100644 +--- a/g10/import.c ++++ b/g10/import.c +@@ -347,6 +347,27 @@ import_print_stats (void *hd) + } + + ++/* Return true if PKTTYPE is valid in a keyblock. */ ++static int ++valid_keyblock_packet (int pkttype) ++{ ++ switch (pkttype) ++ { ++ case PKT_PUBLIC_KEY: ++ case PKT_PUBLIC_SUBKEY: ++ case PKT_SECRET_KEY: ++ case PKT_SECRET_SUBKEY: ++ case PKT_SIGNATURE: ++ case PKT_USER_ID: ++ case PKT_ATTRIBUTE: ++ case PKT_RING_TRUST: ++ return 1; ++ default: ++ return 0; ++ } ++} ++ ++ + /**************** + * Read the next keyblock from stream A. + * PENDING_PKT should be initialzed to NULL +@@ -424,7 +445,7 @@ read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root ) + } + in_cert = 1; + default: +- if( in_cert ) { ++ if (in_cert && valid_keyblock_packet (pkt->pkttype)) { + if( !root ) + root = new_kbnode( pkt ); + else