Date: Wednesday, May 15, 2013 @ 01:25:14 Author: bisson Revision: 185550
db-move: moved gnupg from [testing] to [core] (i686, x86_64) Added: gnupg/repos/core-i686/PKGBUILD (from rev 185549, gnupg/repos/testing-i686/PKGBUILD) gnupg/repos/core-i686/install (from rev 185549, gnupg/repos/testing-i686/install) gnupg/repos/core-i686/protect-tool-env.patch (from rev 185549, gnupg/repos/testing-i686/protect-tool-env.patch) gnupg/repos/core-x86_64/PKGBUILD (from rev 185549, gnupg/repos/testing-x86_64/PKGBUILD) gnupg/repos/core-x86_64/install (from rev 185549, gnupg/repos/testing-x86_64/install) gnupg/repos/core-x86_64/protect-tool-env.patch (from rev 185549, gnupg/repos/testing-x86_64/protect-tool-env.patch) Deleted: gnupg/repos/core-i686/PKGBUILD gnupg/repos/core-i686/install gnupg/repos/core-i686/protect-tool-env.patch gnupg/repos/core-i686/valid-keyblock-packet.patch gnupg/repos/core-x86_64/PKGBUILD gnupg/repos/core-x86_64/install gnupg/repos/core-x86_64/protect-tool-env.patch gnupg/repos/core-x86_64/valid-keyblock-packet.patch gnupg/repos/testing-i686/ gnupg/repos/testing-x86_64/ -----------------------------------------+ /PKGBUILD | 120 ++++++++++++++++++++++++++++++ /install | 40 ++++++++++ /protect-tool-env.patch | 56 ++++++++++++++ core-i686/PKGBUILD | 62 --------------- core-i686/install | 20 ----- core-i686/protect-tool-env.patch | 28 ------- core-i686/valid-keyblock-packet.patch | 61 --------------- core-x86_64/PKGBUILD | 62 --------------- core-x86_64/install | 20 ----- core-x86_64/protect-tool-env.patch | 28 ------- core-x86_64/valid-keyblock-packet.patch | 61 --------------- 11 files changed, 216 insertions(+), 342 deletions(-) Deleted: core-i686/PKGBUILD =================================================================== --- core-i686/PKGBUILD 2013-05-14 22:05:08 UTC (rev 185549) +++ core-i686/PKGBUILD 2013-05-14 23:25:14 UTC (rev 185550) @@ -1,62 +0,0 @@ -# $Id$ -# Maintainer: Gaetan Bisson <bis...@archlinux.org> -# Contributor: Tobias Powalowski <tp...@archlinux.org> -# Contributor: Andreas Radke <andy...@archlinux.org> -# Contributor: Judd Vinet <jvi...@zeroflux.org> - -pkgname=gnupg -pkgver=2.0.19 -pkgrel=7 -pkgdesc='Complete and free implementation of the OpenPGP standard' -url='http://www.gnupg.org/' -license=('GPL') -arch=('i686' 'x86_64') -optdepends=('curl: gpg2keys_curl' - 'libldap: gpg2keys_ldap' - 'libusb-compat: scdaemon') -makedepends=('curl' 'libldap' 'libusb-compat') -depends=('bzip2' 'libksba' 'libgcrypt' 'pth' 'libassuan' 'readline' 'pinentry' 'dirmngr') -source=("ftp://ftp.gnupg.org/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2"{,.sig} - 'valid-keyblock-packet.patch' - 'protect-tool-env.patch') -sha1sums=('190c09e6688f688fb0a5cf884d01e240d957ac1f' - 'f6e6830610a8629b0aad69d789373bf8ca481733' - '474d827f1c2976bb107985047f61ac9096ae0953' - '2ec97ba55ae47ff0d63bc813b8c64cb79cef11db') - -install=install - -conflicts=('gnupg2') -provides=("gnupg2=${pkgver}") -replaces=('gnupg2') - -build() { - cd "${srcdir}/${pkgname}-${pkgver}" - - patch -p1 -i ../protect-tool-env.patch # FS#31900 - patch -p1 -i ../valid-keyblock-packet.patch - - ./configure \ - --prefix=/usr \ - --sysconfdir=/etc \ - --libexecdir=/usr/lib/gnupg \ - --enable-maintainer-mode \ - --enable-symcryptrun \ - --enable-gpgtar \ - - make -} - -check() { - cd "${srcdir}/${pkgname}-${pkgver}" - make check -} - -package() { - cd "${srcdir}/${pkgname}-${pkgver}" - make DESTDIR="${pkgdir}" install - ln -s gpg2 "${pkgdir}"/usr/bin/gpg - ln -s gpgv2 "${pkgdir}"/usr/bin/gpgv - ln -s gpg2.1.gz "${pkgdir}"/usr/share/man/man1/gpg.1.gz - rm "${pkgdir}/usr/share/gnupg/com-certs.pem" # FS#33059 -} Copied: gnupg/repos/core-i686/PKGBUILD (from rev 185549, gnupg/repos/testing-i686/PKGBUILD) =================================================================== --- core-i686/PKGBUILD (rev 0) +++ core-i686/PKGBUILD 2013-05-14 23:25:14 UTC (rev 185550) @@ -0,0 +1,60 @@ +# $Id$ +# Maintainer: Gaetan Bisson <bis...@archlinux.org> +# Contributor: Tobias Powalowski <tp...@archlinux.org> +# Contributor: Andreas Radke <andy...@archlinux.org> +# Contributor: Judd Vinet <jvi...@zeroflux.org> + +pkgname=gnupg +pkgver=2.0.20 +pkgrel=1 +pkgdesc='Complete and free implementation of the OpenPGP standard' +url='http://www.gnupg.org/' +license=('GPL') +arch=('i686' 'x86_64') +optdepends=('curl: gpg2keys_curl' + 'libldap: gpg2keys_ldap' + 'libusb-compat: scdaemon') +makedepends=('curl' 'libldap' 'libusb-compat') +depends=('bzip2' 'libksba' 'libgcrypt' 'pth' 'libassuan' 'readline' 'pinentry' 'dirmngr') +source=("ftp://ftp.gnupg.org/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2"{,.sig} + 'protect-tool-env.patch') +sha1sums=('7ddfefa37ee9da89a8aaa8f9059d251b4cd02562' 'SKIP' + '2ec97ba55ae47ff0d63bc813b8c64cb79cef11db') + +install=install + +conflicts=('gnupg2') +provides=("gnupg2=${pkgver}") +replaces=('gnupg2') + +prepare() { + cd "${srcdir}/${pkgname}-${pkgver}" + patch -p1 -i ../protect-tool-env.patch # FS#31900 +} + +build() { + cd "${srcdir}/${pkgname}-${pkgver}" + ./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --libexecdir=/usr/lib/gnupg \ + --enable-maintainer-mode \ + --enable-symcryptrun \ + --enable-gpgtar \ + + make +} + +check() { + cd "${srcdir}/${pkgname}-${pkgver}" + make check +} + +package() { + cd "${srcdir}/${pkgname}-${pkgver}" + make DESTDIR="${pkgdir}" install + ln -s gpg2 "${pkgdir}"/usr/bin/gpg + ln -s gpgv2 "${pkgdir}"/usr/bin/gpgv + ln -s gpg2.1.gz "${pkgdir}"/usr/share/man/man1/gpg.1.gz + rm "${pkgdir}/usr/share/gnupg/com-certs.pem" # FS#33059 +} Deleted: core-i686/install =================================================================== --- core-i686/install 2013-05-14 22:05:08 UTC (rev 185549) +++ core-i686/install 2013-05-14 23:25:14 UTC (rev 185550) @@ -1,20 +0,0 @@ -info_dir=/usr/share/info -info_files=(gnupg.info gnupg.info-1 gnupg.info-2) - -post_install() { - [ -x usr/bin/install-info ] || return 0 - for f in ${info_files[@]}; do - usr/bin/install-info ${info_dir}/$f ${info_dir}/dir 2> /dev/null - done -} - -post_upgrade() { - post_install $1 -} - -pre_remove() { - [ -x usr/bin/install-info ] || return 0 - for f in ${info_files[@]}; do - usr/bin/install-info --delete ${info_dir}/$f ${info_dir}/dir 2> /dev/null - done -} Copied: gnupg/repos/core-i686/install (from rev 185549, gnupg/repos/testing-i686/install) =================================================================== --- core-i686/install (rev 0) +++ core-i686/install 2013-05-14 23:25:14 UTC (rev 185550) @@ -0,0 +1,20 @@ +info_dir=/usr/share/info +info_files=(gnupg.info gnupg.info-1 gnupg.info-2) + +post_install() { + [ -x usr/bin/install-info ] || return 0 + for f in ${info_files[@]}; do + usr/bin/install-info ${info_dir}/$f ${info_dir}/dir 2> /dev/null + done +} + +post_upgrade() { + post_install $1 +} + +pre_remove() { + [ -x usr/bin/install-info ] || return 0 + for f in ${info_files[@]}; do + usr/bin/install-info --delete ${info_dir}/$f ${info_dir}/dir 2> /dev/null + done +} Deleted: core-i686/protect-tool-env.patch =================================================================== --- core-i686/protect-tool-env.patch 2013-05-14 22:05:08 UTC (rev 185549) +++ core-i686/protect-tool-env.patch 2013-05-14 23:25:14 UTC (rev 185550) @@ -1,28 +0,0 @@ -diff -Naur old/agent/protect-tool.c new/agent/protect-tool.c ---- old/agent/protect-tool.c 2012-12-08 13:53:17.067611957 +1100 -+++ new/agent/protect-tool.c 2012-12-08 13:53:28.247633012 +1100 -@@ -102,6 +102,7 @@ - static int opt_status_msg; - static const char *opt_p12_charset; - static const char *opt_agent_program; -+static session_env_t opt_session_env; - - static char *get_passphrase (int promptno); - static void release_passphrase (char *pw); -@@ -1040,6 +1041,7 @@ - - opt_homedir = default_homedir (); - -+ opt_session_env = session_env_new (); - - pargs.argc = &argc; - pargs.argv = &argv; -@@ -1091,7 +1093,7 @@ - opt.verbose, - opt_homedir, - opt_agent_program, -- NULL, NULL, NULL); -+ NULL, NULL, opt_session_env); - - if (opt_prompt) - opt_prompt = percent_plus_unescape (opt_prompt, 0); Copied: gnupg/repos/core-i686/protect-tool-env.patch (from rev 185549, gnupg/repos/testing-i686/protect-tool-env.patch) =================================================================== --- core-i686/protect-tool-env.patch (rev 0) +++ core-i686/protect-tool-env.patch 2013-05-14 23:25:14 UTC (rev 185550) @@ -0,0 +1,28 @@ +diff -Naur old/agent/protect-tool.c new/agent/protect-tool.c +--- old/agent/protect-tool.c 2012-12-08 13:53:17.067611957 +1100 ++++ new/agent/protect-tool.c 2012-12-08 13:53:28.247633012 +1100 +@@ -102,6 +102,7 @@ + static int opt_status_msg; + static const char *opt_p12_charset; + static const char *opt_agent_program; ++static session_env_t opt_session_env; + + static char *get_passphrase (int promptno); + static void release_passphrase (char *pw); +@@ -1040,6 +1041,7 @@ + + opt_homedir = default_homedir (); + ++ opt_session_env = session_env_new (); + + pargs.argc = &argc; + pargs.argv = &argv; +@@ -1091,7 +1093,7 @@ + opt.verbose, + opt_homedir, + opt_agent_program, +- NULL, NULL, NULL); ++ NULL, NULL, opt_session_env); + + if (opt_prompt) + opt_prompt = percent_plus_unescape (opt_prompt, 0); Deleted: core-i686/valid-keyblock-packet.patch =================================================================== --- core-i686/valid-keyblock-packet.patch 2013-05-14 22:05:08 UTC (rev 185549) +++ core-i686/valid-keyblock-packet.patch 2013-05-14 23:25:14 UTC (rev 185550) @@ -1,61 +0,0 @@ -From: Werner Koch <w...@gnupg.org> -Date: Thu, 20 Dec 2012 08:43:41 +0000 (+0100) -Subject: gpg: Import only packets which are allowed in a keyblock. -X-Git-Url: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff_plain;h=498882296ffac7987c644aaf2a0aa108a2925471;hp=20c95ef258f8520283406239f7c6f4729341d463 - -gpg: Import only packets which are allowed in a keyblock. - -* g10/import.c (valid_keyblock_packet): New. -(read_block): Store only valid packets. --- - -A corrupted key, which for example included a mangled public key -encrypted packet, used to corrupt the keyring. This change skips all -packets which are not allowed in a keyblock. - -GnuPG-bug-id: 1455 - -(cherry-picked from commit 3a4b96e665fa639772854058737ee3d54ba0694e) ---- - -diff --git a/g10/import.c b/g10/import.c -index ba2439d..ad112d6 100644 ---- a/g10/import.c -+++ b/g10/import.c -@@ -347,6 +347,27 @@ import_print_stats (void *hd) - } - - -+/* Return true if PKTTYPE is valid in a keyblock. */ -+static int -+valid_keyblock_packet (int pkttype) -+{ -+ switch (pkttype) -+ { -+ case PKT_PUBLIC_KEY: -+ case PKT_PUBLIC_SUBKEY: -+ case PKT_SECRET_KEY: -+ case PKT_SECRET_SUBKEY: -+ case PKT_SIGNATURE: -+ case PKT_USER_ID: -+ case PKT_ATTRIBUTE: -+ case PKT_RING_TRUST: -+ return 1; -+ default: -+ return 0; -+ } -+} -+ -+ - /**************** - * Read the next keyblock from stream A. - * PENDING_PKT should be initialzed to NULL -@@ -424,7 +445,7 @@ read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root ) - } - in_cert = 1; - default: -- if( in_cert ) { -+ if (in_cert && valid_keyblock_packet (pkt->pkttype)) { - if( !root ) - root = new_kbnode( pkt ); - else Deleted: core-x86_64/PKGBUILD =================================================================== --- core-x86_64/PKGBUILD 2013-05-14 22:05:08 UTC (rev 185549) +++ core-x86_64/PKGBUILD 2013-05-14 23:25:14 UTC (rev 185550) @@ -1,62 +0,0 @@ -# $Id$ -# Maintainer: Gaetan Bisson <bis...@archlinux.org> -# Contributor: Tobias Powalowski <tp...@archlinux.org> -# Contributor: Andreas Radke <andy...@archlinux.org> -# Contributor: Judd Vinet <jvi...@zeroflux.org> - -pkgname=gnupg -pkgver=2.0.19 -pkgrel=7 -pkgdesc='Complete and free implementation of the OpenPGP standard' -url='http://www.gnupg.org/' -license=('GPL') -arch=('i686' 'x86_64') -optdepends=('curl: gpg2keys_curl' - 'libldap: gpg2keys_ldap' - 'libusb-compat: scdaemon') -makedepends=('curl' 'libldap' 'libusb-compat') -depends=('bzip2' 'libksba' 'libgcrypt' 'pth' 'libassuan' 'readline' 'pinentry' 'dirmngr') -source=("ftp://ftp.gnupg.org/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2"{,.sig} - 'valid-keyblock-packet.patch' - 'protect-tool-env.patch') -sha1sums=('190c09e6688f688fb0a5cf884d01e240d957ac1f' - 'f6e6830610a8629b0aad69d789373bf8ca481733' - '474d827f1c2976bb107985047f61ac9096ae0953' - '2ec97ba55ae47ff0d63bc813b8c64cb79cef11db') - -install=install - -conflicts=('gnupg2') -provides=("gnupg2=${pkgver}") -replaces=('gnupg2') - -build() { - cd "${srcdir}/${pkgname}-${pkgver}" - - patch -p1 -i ../protect-tool-env.patch # FS#31900 - patch -p1 -i ../valid-keyblock-packet.patch - - ./configure \ - --prefix=/usr \ - --sysconfdir=/etc \ - --libexecdir=/usr/lib/gnupg \ - --enable-maintainer-mode \ - --enable-symcryptrun \ - --enable-gpgtar \ - - make -} - -check() { - cd "${srcdir}/${pkgname}-${pkgver}" - make check -} - -package() { - cd "${srcdir}/${pkgname}-${pkgver}" - make DESTDIR="${pkgdir}" install - ln -s gpg2 "${pkgdir}"/usr/bin/gpg - ln -s gpgv2 "${pkgdir}"/usr/bin/gpgv - ln -s gpg2.1.gz "${pkgdir}"/usr/share/man/man1/gpg.1.gz - rm "${pkgdir}/usr/share/gnupg/com-certs.pem" # FS#33059 -} Copied: gnupg/repos/core-x86_64/PKGBUILD (from rev 185549, gnupg/repos/testing-x86_64/PKGBUILD) =================================================================== --- core-x86_64/PKGBUILD (rev 0) +++ core-x86_64/PKGBUILD 2013-05-14 23:25:14 UTC (rev 185550) @@ -0,0 +1,60 @@ +# $Id$ +# Maintainer: Gaetan Bisson <bis...@archlinux.org> +# Contributor: Tobias Powalowski <tp...@archlinux.org> +# Contributor: Andreas Radke <andy...@archlinux.org> +# Contributor: Judd Vinet <jvi...@zeroflux.org> + +pkgname=gnupg +pkgver=2.0.20 +pkgrel=1 +pkgdesc='Complete and free implementation of the OpenPGP standard' +url='http://www.gnupg.org/' +license=('GPL') +arch=('i686' 'x86_64') +optdepends=('curl: gpg2keys_curl' + 'libldap: gpg2keys_ldap' + 'libusb-compat: scdaemon') +makedepends=('curl' 'libldap' 'libusb-compat') +depends=('bzip2' 'libksba' 'libgcrypt' 'pth' 'libassuan' 'readline' 'pinentry' 'dirmngr') +source=("ftp://ftp.gnupg.org/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2"{,.sig} + 'protect-tool-env.patch') +sha1sums=('7ddfefa37ee9da89a8aaa8f9059d251b4cd02562' 'SKIP' + '2ec97ba55ae47ff0d63bc813b8c64cb79cef11db') + +install=install + +conflicts=('gnupg2') +provides=("gnupg2=${pkgver}") +replaces=('gnupg2') + +prepare() { + cd "${srcdir}/${pkgname}-${pkgver}" + patch -p1 -i ../protect-tool-env.patch # FS#31900 +} + +build() { + cd "${srcdir}/${pkgname}-${pkgver}" + ./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --libexecdir=/usr/lib/gnupg \ + --enable-maintainer-mode \ + --enable-symcryptrun \ + --enable-gpgtar \ + + make +} + +check() { + cd "${srcdir}/${pkgname}-${pkgver}" + make check +} + +package() { + cd "${srcdir}/${pkgname}-${pkgver}" + make DESTDIR="${pkgdir}" install + ln -s gpg2 "${pkgdir}"/usr/bin/gpg + ln -s gpgv2 "${pkgdir}"/usr/bin/gpgv + ln -s gpg2.1.gz "${pkgdir}"/usr/share/man/man1/gpg.1.gz + rm "${pkgdir}/usr/share/gnupg/com-certs.pem" # FS#33059 +} Deleted: core-x86_64/install =================================================================== --- core-x86_64/install 2013-05-14 22:05:08 UTC (rev 185549) +++ core-x86_64/install 2013-05-14 23:25:14 UTC (rev 185550) @@ -1,20 +0,0 @@ -info_dir=/usr/share/info -info_files=(gnupg.info gnupg.info-1 gnupg.info-2) - -post_install() { - [ -x usr/bin/install-info ] || return 0 - for f in ${info_files[@]}; do - usr/bin/install-info ${info_dir}/$f ${info_dir}/dir 2> /dev/null - done -} - -post_upgrade() { - post_install $1 -} - -pre_remove() { - [ -x usr/bin/install-info ] || return 0 - for f in ${info_files[@]}; do - usr/bin/install-info --delete ${info_dir}/$f ${info_dir}/dir 2> /dev/null - done -} Copied: gnupg/repos/core-x86_64/install (from rev 185549, gnupg/repos/testing-x86_64/install) =================================================================== --- core-x86_64/install (rev 0) +++ core-x86_64/install 2013-05-14 23:25:14 UTC (rev 185550) @@ -0,0 +1,20 @@ +info_dir=/usr/share/info +info_files=(gnupg.info gnupg.info-1 gnupg.info-2) + +post_install() { + [ -x usr/bin/install-info ] || return 0 + for f in ${info_files[@]}; do + usr/bin/install-info ${info_dir}/$f ${info_dir}/dir 2> /dev/null + done +} + +post_upgrade() { + post_install $1 +} + +pre_remove() { + [ -x usr/bin/install-info ] || return 0 + for f in ${info_files[@]}; do + usr/bin/install-info --delete ${info_dir}/$f ${info_dir}/dir 2> /dev/null + done +} Deleted: core-x86_64/protect-tool-env.patch =================================================================== --- core-x86_64/protect-tool-env.patch 2013-05-14 22:05:08 UTC (rev 185549) +++ core-x86_64/protect-tool-env.patch 2013-05-14 23:25:14 UTC (rev 185550) @@ -1,28 +0,0 @@ -diff -Naur old/agent/protect-tool.c new/agent/protect-tool.c ---- old/agent/protect-tool.c 2012-12-08 13:53:17.067611957 +1100 -+++ new/agent/protect-tool.c 2012-12-08 13:53:28.247633012 +1100 -@@ -102,6 +102,7 @@ - static int opt_status_msg; - static const char *opt_p12_charset; - static const char *opt_agent_program; -+static session_env_t opt_session_env; - - static char *get_passphrase (int promptno); - static void release_passphrase (char *pw); -@@ -1040,6 +1041,7 @@ - - opt_homedir = default_homedir (); - -+ opt_session_env = session_env_new (); - - pargs.argc = &argc; - pargs.argv = &argv; -@@ -1091,7 +1093,7 @@ - opt.verbose, - opt_homedir, - opt_agent_program, -- NULL, NULL, NULL); -+ NULL, NULL, opt_session_env); - - if (opt_prompt) - opt_prompt = percent_plus_unescape (opt_prompt, 0); Copied: gnupg/repos/core-x86_64/protect-tool-env.patch (from rev 185549, gnupg/repos/testing-x86_64/protect-tool-env.patch) =================================================================== --- core-x86_64/protect-tool-env.patch (rev 0) +++ core-x86_64/protect-tool-env.patch 2013-05-14 23:25:14 UTC (rev 185550) @@ -0,0 +1,28 @@ +diff -Naur old/agent/protect-tool.c new/agent/protect-tool.c +--- old/agent/protect-tool.c 2012-12-08 13:53:17.067611957 +1100 ++++ new/agent/protect-tool.c 2012-12-08 13:53:28.247633012 +1100 +@@ -102,6 +102,7 @@ + static int opt_status_msg; + static const char *opt_p12_charset; + static const char *opt_agent_program; ++static session_env_t opt_session_env; + + static char *get_passphrase (int promptno); + static void release_passphrase (char *pw); +@@ -1040,6 +1041,7 @@ + + opt_homedir = default_homedir (); + ++ opt_session_env = session_env_new (); + + pargs.argc = &argc; + pargs.argv = &argv; +@@ -1091,7 +1093,7 @@ + opt.verbose, + opt_homedir, + opt_agent_program, +- NULL, NULL, NULL); ++ NULL, NULL, opt_session_env); + + if (opt_prompt) + opt_prompt = percent_plus_unescape (opt_prompt, 0); Deleted: core-x86_64/valid-keyblock-packet.patch =================================================================== --- core-x86_64/valid-keyblock-packet.patch 2013-05-14 22:05:08 UTC (rev 185549) +++ core-x86_64/valid-keyblock-packet.patch 2013-05-14 23:25:14 UTC (rev 185550) @@ -1,61 +0,0 @@ -From: Werner Koch <w...@gnupg.org> -Date: Thu, 20 Dec 2012 08:43:41 +0000 (+0100) -Subject: gpg: Import only packets which are allowed in a keyblock. -X-Git-Url: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff_plain;h=498882296ffac7987c644aaf2a0aa108a2925471;hp=20c95ef258f8520283406239f7c6f4729341d463 - -gpg: Import only packets which are allowed in a keyblock. - -* g10/import.c (valid_keyblock_packet): New. -(read_block): Store only valid packets. --- - -A corrupted key, which for example included a mangled public key -encrypted packet, used to corrupt the keyring. This change skips all -packets which are not allowed in a keyblock. - -GnuPG-bug-id: 1455 - -(cherry-picked from commit 3a4b96e665fa639772854058737ee3d54ba0694e) ---- - -diff --git a/g10/import.c b/g10/import.c -index ba2439d..ad112d6 100644 ---- a/g10/import.c -+++ b/g10/import.c -@@ -347,6 +347,27 @@ import_print_stats (void *hd) - } - - -+/* Return true if PKTTYPE is valid in a keyblock. */ -+static int -+valid_keyblock_packet (int pkttype) -+{ -+ switch (pkttype) -+ { -+ case PKT_PUBLIC_KEY: -+ case PKT_PUBLIC_SUBKEY: -+ case PKT_SECRET_KEY: -+ case PKT_SECRET_SUBKEY: -+ case PKT_SIGNATURE: -+ case PKT_USER_ID: -+ case PKT_ATTRIBUTE: -+ case PKT_RING_TRUST: -+ return 1; -+ default: -+ return 0; -+ } -+} -+ -+ - /**************** - * Read the next keyblock from stream A. - * PENDING_PKT should be initialzed to NULL -@@ -424,7 +445,7 @@ read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root ) - } - in_cert = 1; - default: -- if( in_cert ) { -+ if (in_cert && valid_keyblock_packet (pkt->pkttype)) { - if( !root ) - root = new_kbnode( pkt ); - else