The previous report of https://bugs.debian.org/772035 did not make it through to the debian-release mailing list, probably because the l10n patches were so large.
Attached is a debdiff without the l10n patches. As the initial report said: ----------------------- > Please unblock package gnupg > > GnuPG 1.4.18-5 includes several important fixes taken from upstream's > unreleased git and a bunch of great localization work. > > The fixes are: > > * #739424 -- avoid a regression when using larger RSA keys > > * #771987 -- avoid runtime errors on certain malformed inputs > > * #771992 -- deprecate insecure one-argument variant for > "gpg --verify" when used with detached signatures > > The update from 1.4.18-4 also includes a a documentation overhaul > taken from upstream, which helps us ship documentation that matches > the program; and a couple minor packaging updates to improve > lintian-cleanness. > > The debdiff is rather large because of all of the excellent l10n work. > > unblock gnupg/1.4.18-5 Regards, --dkg
diff -Nru gnupg-1.4.18/debian/changelog gnupg-1.4.18/debian/changelog --- gnupg-1.4.18/debian/changelog 2014-09-04 16:28:42.000000000 -0400 +++ gnupg-1.4.18/debian/changelog 2014-12-04 02:51:08.000000000 -0500 @@ -1,3 +1,30 @@ +gnupg (1.4.18-5) unstable; urgency=medium + + [ Daniel Kahn Gillmor ] + * move to debhelper 9 + * add build and runtime support for larger RSA keys (Closes: #739424) + * fix runtime errors on bad input (Closes: #771987) + * deprecate insecure one-argument variant for gpg --verify of detached + signatures (Closes: #771992) + * sync documentation with upstream. + * Standards-Version: bump to 3.9.6 (no changes needed). + + [ David Prévot ] + * Update POT and PO files, and ensure the translations get rebuild + * Update French translation (Closes: #769571) + * Update Danish Translation, thanks to Joe Hansen + * Update Ukrainian translation, thanks to Yuri Chornoivan + * Update Russian translation, thanks to Ineiev + * Update Chinese (traditional) translation, thanks to Jedi Lin + * Update Italian translation, thanks to Milo Casagrande + * Update Polish translation, thanks to Jakub Bogusz + * Update Spanish translation, thanks to Manuel "Venturi" Porras Peralta + (Closes: #770726) + * Update Dutch translation, thanks to Frans Spiesschaert (Closes: #770816) + * Update Czech translation, thanks to Roman Pavlik + + -- Daniel Kahn Gillmor <d...@fifthhorseman.net> Thu, 04 Dec 2014 01:11:22 -0500 + gnupg (1.4.18-4) unstable; urgency=medium * Remove Daniel Leidert from Uploaders at his request. diff -Nru gnupg-1.4.18/debian/clean gnupg-1.4.18/debian/clean --- gnupg-1.4.18/debian/clean 1969-12-31 19:00:00.000000000 -0500 +++ gnupg-1.4.18/debian/clean 2014-12-04 01:14:38.000000000 -0500 @@ -0,0 +1 @@ +po/*.gmo diff -Nru gnupg-1.4.18/debian/compat gnupg-1.4.18/debian/compat --- gnupg-1.4.18/debian/compat 2014-09-02 00:58:08.000000000 -0400 +++ gnupg-1.4.18/debian/compat 2014-12-04 01:10:04.000000000 -0500 @@ -1 +1 @@ -7 +9 diff -Nru gnupg-1.4.18/debian/control gnupg-1.4.18/debian/control --- gnupg-1.4.18/debian/control 2014-09-02 11:12:13.000000000 -0400 +++ gnupg-1.4.18/debian/control 2014-12-04 02:50:50.000000000 -0500 @@ -6,8 +6,8 @@ Eric Dorland <e...@debian.org>, Daniel Kahn Gillmor <d...@fifthhorseman.net>, Thijs Kinkhorst <th...@debian.org> -Standards-Version: 3.9.5 -Build-Depends: debhelper (>> 7), +Standards-Version: 3.9.6 +Build-Depends: debhelper (>> 9), file, gettext, libbz2-dev, diff -Nru gnupg-1.4.18/debian/copyright gnupg-1.4.18/debian/copyright --- gnupg-1.4.18/debian/copyright 2014-09-02 00:58:08.000000000 -0400 +++ gnupg-1.4.18/debian/copyright 2014-12-04 02:53:59.000000000 -0500 @@ -48,7 +48,10 @@ Copyright: 1998-2013 Free Software Foundation, Inc. 1997, 1998, 2013 Werner Koch 1998 The Internet Society -License: The file merely cites and references IETF Draft +License: RFC-Reference + +License: RFC-Reference + doc/OpenPGP merely cites and references IETF Draft draft-ietf-openpgp-formats-07.txt. This is believed to be fair use; but if not, it's covered by the source document's license under the 'comment on' clause. The license statement follows. diff -Nru gnupg-1.4.18/debian/gnupg.docs gnupg-1.4.18/debian/gnupg.docs --- gnupg-1.4.18/debian/gnupg.docs 2014-09-02 00:58:08.000000000 -0400 +++ gnupg-1.4.18/debian/gnupg.docs 2014-12-04 01:10:04.000000000 -0500 @@ -1,3 +1,4 @@ +AUTHORS README THANKS TODO diff -Nru gnupg-1.4.18/debian/patches/0003-Update-POT-file.patch gnupg-1.4.18/debian/patches/0003-Update-POT-file.patch diff -Nru gnupg-1.4.18/debian/patches/0004-Update-PO-files.patch gnupg-1.4.18/debian/patches/0004-Update-PO-files.patch diff -Nru gnupg-1.4.18/debian/patches/0005-Update-French-translation.patch gnupg-1.4.18/debian/patches/0005-Update-French-translation.patch diff -Nru gnupg-1.4.18/debian/patches/0006-Update-Danish-translation.patch gnupg-1.4.18/debian/patches/0006-Update-Danish-translation.patch diff -Nru gnupg-1.4.18/debian/patches/0007-mpi-Improve-mpi_invm-to-detect-bad-input.patch gnupg-1.4.18/debian/patches/0007-mpi-Improve-mpi_invm-to-detect-bad-input.patch --- gnupg-1.4.18/debian/patches/0007-mpi-Improve-mpi_invm-to-detect-bad-input.patch 1969-12-31 19:00:00.000000000 -0500 +++ gnupg-1.4.18/debian/patches/0007-mpi-Improve-mpi_invm-to-detect-bad-input.patch 2014-12-04 02:23:26.000000000 -0500 @@ -0,0 +1,35 @@ +From cd53cdbc3774fb193bdebcdc5d7019ddebc16dbc Mon Sep 17 00:00:00 2001 +From: Werner Koch <w...@gnupg.org> +Date: Thu, 11 Sep 2014 17:06:16 +0200 +Subject: [PATCH 07/20] mpi: Improve mpi_invm to detect bad input. + +* mpi/mpi-inv.c (mpi_invm): Return 0 for bad input. +-- + +Without this patch the function may enter an endless loop. This is a +backport from libgcrypt. + +GnuPG-bug-id: 1713 +--- + mpi/mpi-inv.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/mpi/mpi-inv.c b/mpi/mpi-inv.c +index b762630..361c57e 100644 +--- a/mpi/mpi-inv.c ++++ b/mpi/mpi-inv.c +@@ -165,6 +165,11 @@ mpi_invm( MPI x, MPI a, MPI n ) + int sign; + int odd ; + ++ if (!mpi_cmp_ui (a, 0)) ++ return 0; /* Inverse does not exists. */ ++ if (!mpi_cmp_ui (n, 1)) ++ return 0; /* Inverse does not exists. */ ++ + u = mpi_copy(a); + v = mpi_copy(n); + +-- +2.1.3 + diff -Nru gnupg-1.4.18/debian/patches/0007-Update-Ukrainian-translation.patch gnupg-1.4.18/debian/patches/0007-Update-Ukrainian-translation.patch diff -Nru gnupg-1.4.18/debian/patches/0008-Update-Russian-translation.patch gnupg-1.4.18/debian/patches/0008-Update-Russian-translation.patch diff -Nru gnupg-1.4.18/debian/patches/0009-doc-Final-update-from-master-gnupg-2.1.patch gnupg-1.4.18/debian/patches/0009-doc-Final-update-from-master-gnupg-2.1.patch --- gnupg-1.4.18/debian/patches/0009-doc-Final-update-from-master-gnupg-2.1.patch 1969-12-31 19:00:00.000000000 -0500 +++ gnupg-1.4.18/debian/patches/0009-doc-Final-update-from-master-gnupg-2.1.patch 2014-12-04 02:23:27.000000000 -0500 @@ -0,0 +1,467 @@ +From 3209f270d236fae588edaab3d48fe707eb25641c Mon Sep 17 00:00:00 2001 +From: Werner Koch <w...@gnupg.org> +Date: Mon, 29 Sep 2014 11:11:30 +0200 +Subject: [PATCH 09/20] doc: Final update from master (gnupg 2.1) + +* doc/Makefile.am (sources_from_trunk): Remove. +(update-source): Make it a dummy. +* doc/gpg.texi: Update. +* doc/yat2m.c: Update. +-- + +Maintaining 3 versions in of the gpg manual in one file is getting +more complicated with 2.1. Thus we stop this now and keep the manual +for 1.4 separate. +--- + doc/Makefile.am | 14 +----- + doc/gpg.texi | 146 +++++++++++++++++++++++++++++++++++++++++++++----------- + doc/yat2m.c | 102 +++++++++++++++++++++++++++++++++++++-- + 3 files changed, 218 insertions(+), 44 deletions(-) + +--- a/doc/Makefile.am ++++ b/doc/Makefile.am +@@ -26,10 +26,6 @@ + myman_sources = gpg.texi gpgv.texi + myman_pages = gpg.1 gpgv.1 + +- +-sources_from_trunk = $(myman_sources) \ +- opt-homedir.texi specify-user-id.texi see-also-note.texi +- + info_TEXINFOS = gnupg1.texi + + man_MANS = $(myman_pages) gnupg.7 gpg-zip.1 +@@ -83,12 +79,6 @@ + @if test "`wc -c < gpg.1`" -lt 200; then \ + echo 'ERROR: dummy man page'; false; fi + +-# Copy shared files from the master branch. We keep the texinfo files +-# all in master so that we need to modify only one source. Macros are +-# used to customize them for a specific version. + update-source: +- @set -e; cd $(srcdir); \ +- for i in $(sources_from_trunk) yat2m.c ; do \ +- echo "updating from master:doc/$$i" >&2 ; \ +- git show master:doc/$$i >$$i ; \ +- done ++ @echo Not anymore used - we now keep docs for 1.x separate ++ @echo from GnuPG-2. +--- a/doc/gpg.texi ++++ b/doc/gpg.texi +@@ -1,4 +1,4 @@ +-@c Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, ++ @c Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, + @c 2008, 2009, 2010 Free Software Foundation, Inc. + @c This is part of the GnuPG manual. + @c For copying conditions, see the file gnupg.texi. +@@ -14,6 +14,19 @@ + @cindex command options + @cindex options, GPG command + ++@c Begin algorithm defaults ++ ++@ifclear gpgtwoone ++@set DEFSYMENCALGO CAST5 ++@end ifclear ++ ++@ifset gpgtwoone ++@set DEFSYMENCALGO AES128 ++@end ifset ++ ++@c End algorithm defaults ++ ++ + @c Begin GnuPG 1.x specific stuff + @ifset gpgone + @macro gpgname +@@ -217,7 +230,7 @@ + @itemx -c + @opindex symmetric + Encrypt with a symmetric cipher using a passphrase. The default +-symmetric cipher used is CAST5, but may be chosen with the ++symmetric cipher used is @value{DEFSYMENCALGO}, but may be chosen with the + @option{--cipher-algo} option. This option may be combined with + @option{--sign} (for a signed and symmetrically encrypted message), + @option{--encrypt} (for a message that may be decrypted via a secret key +@@ -415,8 +428,8 @@ + @opindex export + Either export all keys from all keyrings (default keyrings and those + registered via option @option{--keyring}), or if at least one name is given, +-those of the given name. The new keyring is written to STDOUT or to the +-file given with option @option{--output}. Use together with ++those of the given name. The exported keys are written to STDOUT or to the ++file given with option @option{--output}. Use together with + @option{--armor} to mail those keys. + + @item --send-keys @code{key IDs} +@@ -431,14 +444,30 @@ + @itemx --export-secret-subkeys + @opindex export-secret-keys + @opindex export-secret-subkeys +-Same as @option{--export}, but exports the secret keys instead. This is +-normally not very useful and a security risk. The second form of the +-command has the special property to render the secret part of the +-primary key useless; this is a GNU extension to OpenPGP and other +-implementations can not be expected to successfully import such a key. ++Same as @option{--export}, but exports the secret keys instead. The ++exported keys are written to STDOUT or to the file given with option ++@option{--output}. This command is often used along with the option ++@option{--armor} to allow easy printing of the key for paper backup; ++however the external tool @command{paperkey} does a better job for ++creating backups on paper. Note that exporting a secret key can be a ++security risk if the exported keys are send over an insecure channel. ++ ++The second form of the command has the special property to render the ++secret part of the primary key useless; this is a GNU extension to ++OpenPGP and other implementations can not be expected to successfully ++import such a key. Its intended use is to generated a full key with ++an additional signing subkey on a dedicated machine and then using ++this command to export the key without the primary key to the main ++machine. ++ ++@ifset gpgtwoone ++GnuPG may ask you to enter the passphrase for the key. This is ++required because the internal protection method of the secret key is ++different from the one specified by the OpenPGP protocol. ++@end ifset + @ifclear gpgtwoone +-See the option @option{--simple-sk-checksum} if you want to import such +-an exported key with an older OpenPGP implementation. ++See the option @option{--simple-sk-checksum} if you want to import an ++exported secret key into ancient OpenPGP implementations. + @end ifclear + + @item --import +@@ -583,14 +612,36 @@ + + @table @gnupgtabopt + ++@ifset gpgtwoone ++@item --quick-gen-key @code{user-id} ++@opindex quick-gen-key ++This is simple command to generate a standard key with one user id. ++In contrast to @option{--gen-key} the key is generated directly ++without the need to answer a bunch of prompts. Unless the option ++@option{--yes} is given, the key creation will be canceled if the ++given user id already exists in the key ring. ++ ++If invoked directly on the console without any special options an ++answer to a ``Continue?'' style confirmation prompt is required. In ++case the user id already exists in the key ring a second prompt to ++force the creation of the key will show up. ++@end ifset ++ + @item --gen-key + @opindex gen-key +-Generate a new key pair. This command is normally only used +-interactively. ++Generate a new key pair using teh current default parameters. This is ++the standard command to create a new key. + +-There is an experimental feature which allows you to create keys in +-batch mode. See the file @file{doc/DETAILS} in the source distribution +-on how to use this. ++@ifset gpgtwoone ++@item --full-gen-key ++@opindex gen-key ++Generate a new key pair with dialogs for all options. This is an ++extended version of @option{--gen-key}. ++ ++@end ifset ++There is also a feature which allows you to create keys in batch ++mode. See the the manual section ``Unattended key generation'' on how ++to use this. + + @item --gen-revoke @code{name} + @opindex gen-revoke +@@ -923,12 +974,14 @@ + of a key in the local keyring. If no @code{names} are given, all + useful user ids are signed; with given [@code{names}] only useful user + ids matching one of theses names are signed. The command +-@option{--quick-lsign-key} marks the signatures as non-exportable. ++@option{--quick-lsign-key} marks the signatures as non-exportable. If ++such a non-exportable signature already exists the ++@option{--quick-sign-key} turns it into a exportable signature. + + This command uses reasonable defaults and thus does not provide the + full flexibility of the "sign" subcommand from @option{--edit-key}. +-Its intended use to help unattended signing using a list of verified +-fingerprints. ++Its intended use is to help unattended key signing by utilizing a list ++of verified fingerprints. + @end ifset + + @ifclear gpgone +@@ -1070,6 +1123,13 @@ + see @option{--attribute-fd} for the appropriate way to get photo data + for scripts and other frontends. + ++ @item show-usage ++ @opindex list-options:show-usage ++ Show usage information for keys and subkeys in the standard key ++ listing. This is a list of letters indicating the allowed usage for a ++ key (@code{E}=encryption, @code{S}=signing, @code{C}=certification, ++ @code{A}=authentication). Defaults to no. ++ + @item show-policy-urls + @opindex list-options:show-policy-urls + Show policy URLs in the @option{--list-sigs} or @option{--check-sigs} +@@ -1242,7 +1302,13 @@ + + @item --secret-keyring @code{file} + @opindex secret-keyring ++@ifset gpgtwoone ++This is an obsolete option and ignored. All secret keys are stored in ++the @file{private-keys-v1.d} directory below the GnuPG home directory. ++@end ifset ++@ifclear gpgtwoone + Same as @option{--keyring} but for the secret keyrings. ++@end ifclear + + @item --primary-keyring @code{file} + @opindex primary-keyring +@@ -1452,7 +1518,7 @@ + + @item classic + @opindex trust-mode:classic +- This is the standard Web of Trust as used in PGP 2.x and earlier. ++ This is the standard Web of Trust as introduced by PGP 2. + + @item direct + @opindex trust-mode:direct +@@ -2248,7 +2314,7 @@ + @item --s2k-cipher-algo @code{name} + @opindex s2k-cipher-algo + Use @code{name} as the cipher algorithm used to protect secret keys. +-The default cipher is CAST5. This cipher is also used for ++The default cipher is @value{DEFSYMENCALGO}. This cipher is also used for + conventional encryption if @option{--personal-cipher-preferences} and + @option{--cipher-algo} is not given. + +@@ -2318,9 +2384,11 @@ + Reset all packet, cipher and digest options to strict RFC-2440 + behavior. + ++@ifclear gpgtowone + @item --rfc1991 + @opindex rfc1991 +-Try to be more RFC-1991 (PGP 2.x) compliant. ++Try to be more RFC-1991 (PGP 2.x) compliant. This option is ++deprecated will be removed in GnuPG 2.1. + + @item --pgp2 + @opindex pgp2 +@@ -2330,14 +2398,24 @@ + 2.x' here means `MIT PGP 2.6.2'. There are other versions of PGP 2.x + available, but the MIT release is a good common baseline. + +-This option implies @option{--rfc1991 --disable-mdc +---no-force-v4-certs --escape-from-lines --force-v3-sigs ++This option implies ++@ifset gpgone ++@option{--rfc1991 --disable-mdc --no-force-v4-certs ++ --escape-from-lines --force-v3-sigs ++ --cipher-algo IDEA --digest-algo MD5 --compress-algo ZIP}. ++@end ifset + @ifclear gpgone +---allow-weak-digest-algos ++@option{--rfc1991 --disable-mdc --no-force-v4-certs ++ --escape-from-lines --force-v3-sigs --allow-weak-digest-algos ++ --cipher-algo IDEA --digest-algo MD5 --compress-algo ZIP}. ++@end ifclear ++It also disables @option{--textmode} when encrypting. ++ ++This option is deprecated will be removed in GnuPG 2.1. The reason ++for dropping PGP-2 support is that the PGP 2 format is not anymore ++considered safe (for example due to the use of the broken MD5 algorithm). ++Note that the decryption of PGP-2 created messages will continue to work. + @end ifclear +---cipher-algo IDEA --digest-algo +-MD5--compress-algo ZIP}. It also disables @option{--textmode} when +-encrypting. + + @item --pgp6 + @opindex pgp6 +@@ -3102,6 +3180,16 @@ + @item ~/.gnupg/secring.gpg.lock + The lock file for the secret keyring. + ++ @item ~/.gnupg/openpgp-revocs.d/ ++ This is the directory where gpg stores pre-generated revocation ++ certificates. The file name corresponds to the OpenPGP fingerprint of ++ the respective key. It is suggested to backup those certificates and ++ if the primary private key is not stored on the disk to move them to ++ an external storage device. Anyone who can access theses files is ++ able to revoke the corresponding key. You may want to print them out. ++ You should backup all files in this directory and take care to keep ++ this backup closed away. ++ + @item /usr[/local]/share/gnupg/options.skel + The skeleton options file. + +--- a/doc/yat2m.c ++++ b/doc/yat2m.c +@@ -87,6 +87,10 @@ + detects the number of white spaces in front of an @item and remove + this number of spaces from all following lines until a new @item + is found or there are less spaces than for the last @item. ++ ++ Note that @* does only work correctly if used at the end of an ++ input line. ++ + */ + + #include <stdio.h> +@@ -136,6 +140,9 @@ + /* List of all defined macros. */ + static macro_t macrolist; + ++/* List of variables set by @set. */ ++static macro_t variablelist; ++ + /* List of global macro names. The value part is not used. */ + static macro_t predefinedmacrolist; + +@@ -375,8 +382,44 @@ + } + + +-/* Return true if the macro NAME is set, i.e. not the empty string and +- not evaluating to 0. */ ++/* Create or update a variable with name and value given in NAMEANDVALUE. */ ++static void ++set_variable (char *nameandvalue) ++{ ++ macro_t m; ++ const char *value; ++ char *p; ++ ++ for (p = nameandvalue; *p && *p != ' ' && *p != '\t'; p++) ++ ; ++ if (!*p) ++ value = ""; ++ else ++ { ++ *p++ = 0; ++ while (*p == ' ' || *p == '\t') ++ p++; ++ value = p; ++ } ++ ++ for (m=variablelist; m; m = m->next) ++ if (!strcmp (m->name, nameandvalue)) ++ break; ++ if (m) ++ free (m->value); ++ else ++ { ++ m = xcalloc (1, sizeof *m + strlen (nameandvalue)); ++ strcpy (m->name, nameandvalue); ++ m->next = variablelist; ++ variablelist = m; ++ } ++ m->value = xstrdup (value); ++} ++ ++ ++/* Return true if the macro or variable NAME is set, i.e. not the ++ empty string and not evaluating to 0. */ + static int + macro_set_p (const char *name) + { +@@ -385,6 +428,10 @@ + for (m = macrolist; m ; m = m->next) + if (!strcmp (m->name, name)) + break; ++ if (!m) ++ for (m = variablelist; m ; m = m->next) ++ if (!strcmp (m->name, name)) ++ break; + if (!m || !m->value || !*m->value) + return 0; + if ((*m->value & 0x80) || !isdigit (*m->value)) +@@ -664,8 +711,11 @@ + { "table", 3 }, + { "itemize", 3 }, + { "bullet", 0, "* " }, ++ { "*", 0, "\n.br"}, ++ { "/", 0 }, + { "end", 4 }, + { "quotation",1, ".RS\n\\fB" }, ++ { "value", 8 }, + { NULL } + }; + size_t n; +@@ -741,11 +791,46 @@ + case 7: + ignore_args = 1; + break; ++ case 8: ++ ignore_args = 1; ++ if (*rest != '{') ++ { ++ err ("opening brace for command '%s' missing", command); ++ return len; ++ } ++ else ++ { ++ /* Find closing brace. */ ++ for (s=rest+1, n=1; *s && n < len; s++, n++) ++ if (*s == '}') ++ break; ++ if (*s != '}') ++ { ++ err ("closing brace for command '%s' not found", command); ++ return len; ++ } ++ else ++ { ++ size_t len = s - (rest + 1); ++ macro_t m; ++ ++ for (m = variablelist; m; m = m->next) ++ if (strlen (m->name) == len ++ &&!strncmp (m->name, rest+1, len)) ++ break; ++ if (m) ++ fputs (m->value, fp); ++ else ++ inf ("texinfo variable '%.*s' is not set", ++ (int)len, rest+1); ++ } ++ } ++ break; + default: + break; + } + } +- else ++ else /* macro */ + { + macro_t m; + +@@ -1215,6 +1300,10 @@ + macrovalue = xmalloc ((macrovaluesize = 1024)); + macrovalueused = 0; + } ++ else if (n == 4 && !memcmp (line, "@set", 4)) ++ { ++ set_variable (p); ++ } + else if (n == 8 && !memcmp (line, "@manpage", 8)) + { + free (*section_name); +@@ -1325,6 +1414,13 @@ + free (macrolist); + macrolist = next; + } ++ while (variablelist) ++ { ++ macro_t next = variablelist->next; ++ free (variablelist->value); ++ free (variablelist); ++ variablelist = next; ++ } + for (m=predefinedmacrolist; m; m = m->next) + set_macro (m->name, xstrdup ("1")); + cond_is_active = 1; diff -Nru gnupg-1.4.18/debian/patches/0009-Update-Chinese-traditional-translation.patch gnupg-1.4.18/debian/patches/0009-Update-Chinese-traditional-translation.patch diff -Nru gnupg-1.4.18/debian/patches/0010-doc-Cleanup-gpg.texi.patch gnupg-1.4.18/debian/patches/0010-doc-Cleanup-gpg.texi.patch --- gnupg-1.4.18/debian/patches/0010-doc-Cleanup-gpg.texi.patch 1969-12-31 19:00:00.000000000 -0500 +++ gnupg-1.4.18/debian/patches/0010-doc-Cleanup-gpg.texi.patch 2014-12-04 02:23:27.000000000 -0500 @@ -0,0 +1,706 @@ +From 2889a70c102271a1b6ff529bafb6748c4e773014 Mon Sep 17 00:00:00 2001 +From: Werner Koch <w...@gnupg.org> +Date: Mon, 29 Sep 2014 11:28:55 +0200 +Subject: [PATCH 10/20] doc: Cleanup gpg.texi. + +-- + +We don't need the gpgone and gpgtwoone macros anymore. +--- + doc/Makefile.am | 2 +- + doc/gpg.texi | 338 +++----------------------------------------------------- + 2 files changed, 14 insertions(+), 326 deletions(-) + +--- a/doc/Makefile.am ++++ b/doc/Makefile.am +@@ -46,7 +46,7 @@ + AM_MAKEINFOFLAGS = -I $(srcdir) --css-include=$(srcdir)/texi.css -D gpgone + + YAT2M_OPTIONS = -I $(srcdir) -D gpgone \ +- --release "GnuPG @PACKAGE_VERSION@" --source "GNU Privacy Guard" ++ --release "GnuPG @PACKAGE_VERSION@" --source "GNU Privacy Guard 1.4" + + yat2m: Makefile yat2m.c + $(CC_FOR_BUILD) -o $@ $(srcdir)/yat2m.c +--- a/doc/gpg.texi ++++ b/doc/gpg.texi +@@ -3,11 +3,6 @@ + @c This is part of the GnuPG manual. + @c For copying conditions, see the file gnupg.texi. + +-@c Note that we use this texinfo file for all versions of GnuPG: 1.4.x, +-@c 2.0 and 2.1. The macro "gpgone" controls parts which are only valid +-@c for GnuPG 1.4, the macro "gpgtwoone" controls parts which are only +-@c valid for GnupG 2.1 and later. +- + @node Invoking GPG + @chapter Invoking GPG + @cindex GPG command options +@@ -16,19 +11,11 @@ + + @c Begin algorithm defaults + +-@ifclear gpgtwoone + @set DEFSYMENCALGO CAST5 +-@end ifclear +- +-@ifset gpgtwoone +-@set DEFSYMENCALGO AES128 +-@end ifset + + @c End algorithm defaults + + +-@c Begin GnuPG 1.x specific stuff +-@ifset gpgone + @macro gpgname + gpg + @end macro +@@ -49,63 +36,20 @@ + .I command + .RI [ args ] + @end ifset +-@end ifset +-@c End GnuPG 1.x specific stuff +- +-@c Begin GnuPG 2 specific stuff +-@ifclear gpgone +-@macro gpgname +-gpg2 +-@end macro +-@manpage gpg2.1 +-@ifset manverb +-.B gpg2 +-\- OpenPGP encryption and signing tool +-@end ifset +- +-@mansect synopsis +-@ifset manverb +-.B gpg2 +-.RB [ \-\-homedir +-.IR dir ] +-.RB [ \-\-options +-.IR file ] +-.RI [ options ] +-.I command +-.RI [ args ] +-@end ifset +-@end ifclear +-@c Begin GnuPG 2 specific stuff + + @mansect description +-@command{@gpgname} is the OpenPGP part of the GNU Privacy Guard (GnuPG). It +-is a tool to provide digital encryption and signing services using the +-OpenPGP standard. @command{@gpgname} features complete key management and +-all bells and whistles you can expect from a decent OpenPGP +-implementation. ++@command{@gpgname} is the OpenPGP only version of the GNU Privacy ++Guard (GnuPG). It is a tool to provide digital encryption and signing ++services using the OpenPGP standard. @command{@gpgname} features ++complete key management and all bells and whistles you can expect from ++a decent OpenPGP implementation. + +-@ifset gpgone + This is the standalone version of @command{gpg}. For desktop use you +-should consider using @command{gpg2} @footnote{On some platforms gpg2 is +-installed under the name @command{gpg}}. +-@end ifset +- +-@ifclear gpgone +-In contrast to the standalone version @command{gpg}, which is more +-suited for server and embedded platforms, this version is commonly +-installed under the name @command{gpg2} and more targeted to the desktop +-as it requires several other modules to be installed. The standalone +-version will be kept maintained and it is possible to install both +-versions on the same system. If you need to use different configuration +-files, you should make use of something like @file{gpg.conf-2} instead +-of just @file{gpg.conf}. +-@end ifclear ++should consider using @command{gpg2} from the GnuPG-2 package ++@footnote{On some platforms gpg2 is installed under the name ++@command{gpg}}. + + @manpause +-@ifclear gpgone +-Documentation for the old standard @command{gpg} is available as a man +-page and at @inforef{Top,GnuPG 1,gpg}. +-@end ifclear + + @xref{Option Index}, for an index to @command{@gpgname}'s commands and options. + @mancont +@@ -307,12 +251,11 @@ + @opindex list-keys + List all keys from the public keyrings, or just the keys given on the + command line. +-@ifset gpgone ++ + @option{-k} is slightly different from @option{--list-keys} in that it + allows only for one argument and takes the second argument as the + keyring to search. This is for command line compatibility with PGP 2 + and has been removed in @command{gpg2}. +-@end ifset + + Avoid using the output of this command in scripts or other programs as + it is likely to change as GnuPG changes. See @option{--with-colons} for a +@@ -330,10 +273,6 @@ + @item --list-sigs + @opindex list-sigs + Same as @option{--list-keys}, but the signatures are listed too. +-@ifclear gpgone +-This command has the same effect as +-using @option{--list-keys} with @option{--with-sig-list}. +-@end ifclear + + For each signature listed, there are several flags in between the "sig" + tag and keyid. These flags give additional information about each +@@ -353,10 +292,6 @@ + Same as @option{--list-sigs}, but the signatures are verified. Note + that for performance reasons the revocation status of a signing key is + not shown. +-@ifclear gpgone +-This command has the same effect as +-using @option{--list-keys} with @option{--with-sig-check}. +-@end ifclear + + The status of the verification is indicated by a flag directly following + the "sig" tag (and thus before the flags described above for +@@ -365,16 +300,6 @@ + if an error occurred while checking the signature (e.g. a non supported + algorithm). + +-@ifclear gpgone +-@item --locate-keys +-@opindex locate-keys +-Locate the keys given as arguments. This command basically uses the +-same algorithm as used when locating keys for encryption or signing and +-may thus be used to see what keys @command{@gpgname} might use. In +-particular external methods as defined by @option{--auto-key-locate} may +-be used to locate a key. Only public keys are listed. +-@end ifclear +- + + @item --fingerprint + @opindex fingerprint +@@ -460,15 +385,8 @@ + this command to export the key without the primary key to the main + machine. + +-@ifset gpgtwoone +-GnuPG may ask you to enter the passphrase for the key. This is +-required because the internal protection method of the secret key is +-different from the one specified by the OpenPGP protocol. +-@end ifset +-@ifclear gpgtwoone + See the option @option{--simple-sk-checksum} if you want to import an + exported secret key into ancient OpenPGP implementations. +-@end ifclear + + @item --import + @itemx --fast-import +@@ -612,33 +530,11 @@ + + @table @gnupgtabopt + +-@ifset gpgtwoone +-@item --quick-gen-key @code{user-id} +-@opindex quick-gen-key +-This is simple command to generate a standard key with one user id. +-In contrast to @option{--gen-key} the key is generated directly +-without the need to answer a bunch of prompts. Unless the option +-@option{--yes} is given, the key creation will be canceled if the +-given user id already exists in the key ring. +- +-If invoked directly on the console without any special options an +-answer to a ``Continue?'' style confirmation prompt is required. In +-case the user id already exists in the key ring a second prompt to +-force the creation of the key will show up. +-@end ifset +- + @item --gen-key + @opindex gen-key + Generate a new key pair using teh current default parameters. This is + the standard command to create a new key. + +-@ifset gpgtwoone +-@item --full-gen-key +-@opindex gen-key +-Generate a new key pair with dialogs for all options. This is an +-extended version of @option{--gen-key}. +- +-@end ifset + There is also a feature which allows you to create keys in batch + mode. See the the manual section ``Unattended key generation'' on how + to use this. +@@ -964,34 +860,6 @@ + non-exportable. This is a shortcut version of the subcommand "lsign" + from @option{--edit-key}. + +-@ifset gpgtwoone +-@item --quick-sign-key @code{fpr} [@code{names}] +-@itemx --quick-lsign-key @code{name} +-@opindex quick-sign-key +-@opindex quick-lsign-key +-Directly sign a key from the passphrase without any further user +-interaction. The @code{fpr} must be the verified primary fingerprint +-of a key in the local keyring. If no @code{names} are given, all +-useful user ids are signed; with given [@code{names}] only useful user +-ids matching one of theses names are signed. The command +-@option{--quick-lsign-key} marks the signatures as non-exportable. If +-such a non-exportable signature already exists the +-@option{--quick-sign-key} turns it into a exportable signature. +- +-This command uses reasonable defaults and thus does not provide the +-full flexibility of the "sign" subcommand from @option{--edit-key}. +-Its intended use is to help unattended key signing by utilizing a list +-of verified fingerprints. +-@end ifset +- +-@ifclear gpgone +-@item --passwd @var{user_id} +-@opindex passwd +-Change the passphrase of the secret key belonging to the certificate +-specified as @var{user_id}. This is a shortcut for the sub-command +-@code{passwd} of the edit key menu. +-@end ifclear +- + @end table + + +@@ -1302,13 +1170,7 @@ + + @item --secret-keyring @code{file} + @opindex secret-keyring +-@ifset gpgtwoone +-This is an obsolete option and ignored. All secret keys are stored in +-the @file{private-keys-v1.d} directory below the GnuPG home directory. +-@end ifset +-@ifclear gpgtwoone + Same as @option{--keyring} but for the secret keyrings. +-@end ifclear + + @item --primary-keyring @code{file} + @opindex primary-keyring +@@ -1324,31 +1186,24 @@ + home directory (@file{~/.gnupg} if @option{--homedir} or $GNUPGHOME is + not used). + +-@ifset gpgone + @anchor{option --homedir} +-@end ifset + @include opt-homedir.texi + + +-@ifset gpgone + @item --pcsc-driver @code{file} + @opindex pcsc-driver + Use @code{file} to access the smartcard reader. The current default is + `libpcsclite.so.1' for GLIBC based systems, + `/System/Library/Frameworks/PCSC.framework/PCSC' for MAC OS X, + `winscard.dll' for Windows and `libpcsclite.so' for other systems. +-@end ifset + +-@ifset gpgone + @item --disable-ccid + @opindex disable-ccid + Disable the integrated support for CCID compliant readers. This + allows to fall back to one of the other drivers even if the internal + CCID driver can handle the reader. Note, that CCID support is only + available if libusb was available at build time. +-@end ifset + +-@ifset gpgone + @item --reader-port @code{number_or_string} + @opindex reader-port + This option may be used to specify the port of the card terminal. A +@@ -1357,7 +1212,6 @@ + readers might need a string here; run the program in verbose mode to get + a list of available readers. The default is then the first reader + found. +-@end ifset + + @item --display-charset @code{name} + @opindex display-charset +@@ -1699,11 +1553,9 @@ + "http_proxy" environment variable, if any. + + +-@ifclear gpgtwoone + @item max-cert-size + When retrieving a key via DNS CERT, only accept keys up to this size. + Defaults to 16384 bytes. +-@end ifclear + + @item debug + Turn on debug output in the keyserver helper program. Note that the +@@ -1712,28 +1564,16 @@ + program uses internally (libcurl, openldap, etc). + + @item check-cert +-@ifset gpgtwoone +- This option has no more function since GnuPG 2.1. Use the +- @code{dirmngr} configuration options instead. +-@end ifset +-@ifclear gpgtwoone + Enable certificate checking if the keyserver presents one (for hkps or + ldaps). Defaults to on. +-@end ifclear + + @item ca-cert-file +-@ifset gpgtwoone +- This option has no more function since GnuPG 2.1. Use the +- @code{dirmngr} configuration options instead. +-@end ifset +-@ifclear gpgtwoone + Provide a certificate store to override the system default. Only + necessary if check-cert is enabled, and the keyserver is using a + certificate that is not present in a system default certificate list. + + Note that depending on the SSL library that the keyserver helper is + built with, this may actually be a directory or a file. +-@end ifclear + + @end table + +@@ -1751,7 +1591,6 @@ + @opindex max-cert-depth + Maximum depth of a certification chain (default is 5). + +-@ifclear gpgtwoone + @item --simple-sk-checksum + @opindex simple-sk-checksum + Secret keys are integrity protected by using a SHA-1 checksum. This +@@ -1763,7 +1602,6 @@ + the secret key is encrypted - the simplest way to make this happen is + to change the passphrase on the key (even changing it to the same + value is acceptable). +-@end ifclear + + @item --no-sig-cache + @opindex no-sig-cache +@@ -1794,46 +1632,18 @@ + @item --use-agent + @itemx --no-use-agent + @opindex use-agent +-@ifclear gpgone +-This is dummy option. @command{@gpgname} always requires the agent. +-@end ifclear +-@ifset gpgone + Try to use the GnuPG-Agent. With this option, GnuPG first tries to + connect to the agent before it asks for a + passphrase. @option{--no-use-agent} disables this option. +-@end ifset + + @item --gpg-agent-info + @opindex gpg-agent-info +-@ifclear gpgone +-This is dummy option. It has no effect when used with @command{gpg2}. +-@end ifclear +-@ifset gpgone + Override the value of the environment variable + @samp{GPG_AGENT_INFO}. This is only used when @option{--use-agent} has + been given. Given that this option is not anymore used by + @command{gpg2}, it should be avoided if possible. +-@end ifset + + +-@ifclear gpgone +-@item --agent-program @var{file} +-@opindex agent-program +-Specify an agent program to be used for secret key operations. The +-default value is the @file{/usr/bin/gpg-agent}. This is only used +-as a fallback when the environment variable @code{GPG_AGENT_INFO} is not +-set or a running agent cannot be connected. +-@end ifclear +- +-@ifset gpgtwoone +-@item --dirmngr-program @var{file} +-@opindex dirmngr-program +-Specify a dirmngr program to be used for keyserver access. The +-default value is @file{/usr/sbin/dirmngr}. This is only used as a +-fallback when the environment variable @code{DIRMNGR_INFO} is not set or +-a running dirmngr cannot be connected. +-@end ifset +- + @item --lock-once + @opindex lock-once + Lock the databases the first time a lock is requested +@@ -2013,20 +1823,6 @@ + Use @var{name} as the key to sign with. Note that this option overrides + @option{--default-key}. + +-@ifset gpgtwoone +-@item --try-secret-key @var{name} +-@opindex try-secret-key +-For hidden recipients GPG needs to know the keys to use for trial +-decryption. The key set with @option{--default-key} is always tried +-first, but this is often not sufficient. This option allows to set more +-keys to be used for trial decryption. Although any valid user-id +-specification may be used for @var{name} it makes sense to use at least +-the long keyid to avoid ambiguities. Note that gpg-agent might pop up a +-pinentry for a lot keys to do the trial decryption. If you want to stop +-all further trial decryption you may use close-window button instead of +-the cancel button. +-@end ifset +- + @item --try-all-secrets + @opindex try-all-secrets + Don't look at the key ID as stored in the message but try all secret +@@ -2145,17 +1941,11 @@ + Include designated revoker information that was marked as + "sensitive". Defaults to no. + +- @c Since GnuPG 2.1 gpg-agent manages the secret key and thus the +- @c export-reset-subkey-passwd hack is not anymore justified. Such use +- @c cases need to be implemented using a specialized secret key export +- @c tool. +-@ifclear gpgtwoone + @item export-reset-subkey-passwd + When using the @option{--export-secret-subkeys} command, this option resets + the passphrases for all exported subkeys to empty. This is useful + when the exported subkey is to be used on an unattended machine where + a passphrase doesn't necessarily make sense. Defaults to no. +-@end ifclear + + @item export-clean + Compact (remove all signatures from) user IDs on the key being +@@ -2186,37 +1976,12 @@ + @opindex fixed-list-mode + Do not merge primary user ID and primary key in @option{--with-colon} + listing mode and print all timestamps as seconds since 1970-01-01. +-@ifclear gpgone +-Since GnuPG 2.0.10, this mode is always used and thus this option is +-obsolete; it does not harm to use it though. +-@end ifclear +- +-@ifset gpgtwoone +-@item --legacy-list-mode +-@opindex legacy-list-mode +-Revert to the pre-2.1 public key list mode. This only affects the +-human readable output and not the machine interface +-(i.e. @code{--with-colons}). Note that the legacy format does not +-allow to convey suitable information for elliptic curves. +-@end ifset + + @item --with-fingerprint + @opindex with-fingerprint + Same as the command @option{--fingerprint} but changes only the format + of the output and may be used together with another command. + +-@ifset gpgtwoone +-@item --with-keygrip +-@opindex with-keygrip +-Include the keygrip in the key listings. +- +-@item --with-secret +-@opindex with-secret +-Include info about the presence of a secret key in public key listings +-done with @code{--with-colons}. +- +-@end ifset +- + @end table + + @c ******************************************* +@@ -2239,13 +2004,11 @@ + Mac to Windows, etc). @option{--no-textmode} disables this option, and + is the default. + +-@ifset gpgone + If @option{-t} (but not @option{--textmode}) is used together with + armoring and signing, this enables clearsigned messages. This kludge is + needed for command-line compatibility with command-line versions of PGP; + normally you would use @option{--sign} or @option{--clearsign} to select + the type of the signature. +-@end ifset + + @item --force-v3-sigs + @itemx --no-force-v3-sigs +@@ -2399,16 +2162,9 @@ + available, but the MIT release is a good common baseline. + + This option implies +-@ifset gpgone + @option{--rfc1991 --disable-mdc --no-force-v4-certs + --escape-from-lines --force-v3-sigs + --cipher-algo IDEA --digest-algo MD5 --compress-algo ZIP}. +-@end ifset +-@ifclear gpgone +-@option{--rfc1991 --disable-mdc --no-force-v4-certs +- --escape-from-lines --force-v3-sigs --allow-weak-digest-algos +- --cipher-algo IDEA --digest-algo MD5 --compress-algo ZIP}. +-@end ifclear + It also disables @option{--textmode} when encrypting. + + This option is deprecated will be removed in GnuPG 2.1. The reason +@@ -2509,12 +2265,10 @@ + @opindex debug-all + Set all useful debugging flags. + +-@ifset gpgone + @item --debug-ccid-driver + @opindex debug-ccid-driver + Enable debug output from the included CCID driver for smartcards. + Note that this option is only available on some system. +-@end ifset + + @item --faked-system-time @var{epoch} + @opindex faked-system-time +@@ -2765,10 +2519,6 @@ + will be read from file descriptor @code{n}. If you use 0 for @code{n}, + the passphrase will be read from STDIN. This can only be used if only + one passphrase is supplied. +-@ifclear gpgone +-Note that this passphrase is only used if the option @option{--batch} +-has also been given. This is different from @command{gpg}. +-@end ifclear + + @item --passphrase-file @code{file} + @opindex passphrase-file +@@ -2777,10 +2527,6 @@ + passphrase is supplied. Obviously, a passphrase stored in a file is + of questionable security if other users can read this file. Don't use + this option if you can avoid it. +-@ifclear gpgone +-Note that this passphrase is only used if the option @option{--batch} +-has also been given. This is different from @command{gpg}. +-@end ifclear + + @item --passphrase @code{string} + @opindex passphrase +@@ -2788,30 +2534,6 @@ + passphrase is supplied. Obviously, this is of very questionable + security on a multi-user system. Don't use this option if you can + avoid it. +-@ifclear gpgone +-Note that this passphrase is only used if the option @option{--batch} +-has also been given. This is different from @command{gpg}. +-@end ifclear +- +-@ifset gpgtwoone +-@item --pinentry-mode @code{mode} +-@opindex pinentry-mode +-Set the pinentry mode to @code{mode}. Allowed values for @code{mode} +-are: +-@table @asis +- @item default +- Use the default of the agent, which is @code{ask}. +- @item ask +- Force the use of the Pinentry. +- @item cancel +- Emulate use of Pinentry's cancel button. +- @item error +- Return a Pinentry error (``No Pinentry''). +- @item loopback +- Redirect Pinentry queries to the caller. Note that in contrast to +- Pinentry the user is not prompted again if he enters a bad password. +-@end table +-@end ifset + + @item --command-fd @code{n} + @opindex command-fd +@@ -2871,14 +2593,6 @@ + However, be aware that a MDC protection failure may also mean that the + message was tampered with intentionally by an attacker. + +-@ifclear gpgone +-@item --allow-weak-digest-algos +-@opindex allow-weak-digest-algos +-Signatures made with the broken MD5 algorithm are normally rejected +-with an ``invalid digest algorithm'' message. This option allows the +-verification of signatures made with such weak algorithms. +-@end ifclear +- + @item --no-default-keyring + @opindex no-default-keyring + Do not add the default keyrings to the list of keyrings. Note that +@@ -3042,14 +2756,12 @@ + + @table @gnupgtabopt + +-@ifset gpgone + @item --load-extension @code{name} + @opindex load-extension + Load an extension module. If @code{name} does not contain a slash it is + searched for in the directory configured when GnuPG was built + (generally "/usr/local/lib/gnupg"). Extensions are not generally + useful anymore, and the use of this option is deprecated. +-@end ifset + + @item --show-photos + @itemx --no-show-photos +@@ -3067,13 +2779,11 @@ + keyring a given key resides on. This option is deprecated: use + @option{--list-options [no-]show-keyring} instead. + +-@ifset gpgone + @item --ctapi-driver @code{file} + @opindex ctapi-driver + Use @code{file} to access the smartcard reader. The current default + is `libtowitoko.so'. Note that the use of this interface is + deprecated; it may be removed in future releases. +-@end ifset + + @item --always-trust + @opindex always-trust +@@ -3129,10 +2839,6 @@ + Note that on larger installations, it is useful to put predefined files + into the directory @file{/etc/skel/.gnupg/} so that newly created users + start up with a working configuration. +-@ifclear gpgone +-For existing users the a small +-helper script is provided to create these files (@pxref{addgnupghome}). +-@end ifclear + + For internal purposes @command{@gpgname} creates and maintains a few other + files; They all live in in the current home directory (@pxref{option +@@ -3146,26 +2852,13 @@ + @item ~/.gnupg/pubring.gpg.lock + The lock file for the public keyring. + +-@ifset gpgtwoone + @item ~/.gnupg/pubring.kbx +- The public keyring using a different format. This file is sharred +- with @command{gpgsm}. You should backup this file. +- +- @item ~/.gnupg/pubring.kbx.lock +- The lock file for @file{pubring.kbx}. +-@end ifset ++ @itemx ~/.gnupg/pubring.kbx.lock ++ A public keyring and its lock file used by GnuPG versions >= 2. ++ It is ignored by GnuPG 1.x + + @item ~/.gnupg/secring.gpg +-@ifclear gpgtwoone + The secret keyring. You should backup this file. +-@end ifclear +-@ifset gpgtwoone +- A secret keyring as used by GnuPG versions before 2.1. It is not +- used by GnuPG 2.1 and later. +- +- @item ~/.gnupg/.gpg-v21-migrated +- File indicating that a migration to GnuPG 2.1 has taken place. +-@end ifset + + @item ~/.gnupg/trustdb.gpg + The trust database. There is no need to backup this file; it is better +@@ -3211,9 +2904,8 @@ + + @item GPG_AGENT_INFO + Used to locate the gpg-agent. +-@ifset gpgone + This is only honored when @option{--use-agent} is set. +-@end ifset ++ + The value consists of 3 colon delimited fields: The first is the path + to the Unix Domain Socket, the second the PID of the gpg-agent and the + protocol version which should be set to 1. When starting the gpg-agent +@@ -3627,9 +3319,5 @@ + @mansect see also + @ifset isman + @command{gpgv}(1), +-@ifclear gpgone +-@command{gpgsm}(1), +-@command{gpg-agent}(1) +-@end ifclear + @end ifset + @include see-also-note.texi diff -Nru gnupg-1.4.18/debian/patches/0010-Update-Italian-translation.patch gnupg-1.4.18/debian/patches/0010-Update-Italian-translation.patch diff -Nru gnupg-1.4.18/debian/patches/0011-Update-Polish-translation.patch gnupg-1.4.18/debian/patches/0011-Update-Polish-translation.patch diff -Nru gnupg-1.4.18/debian/patches/0012-Update-Spanish-translation.patch gnupg-1.4.18/debian/patches/0012-Update-Spanish-translation.patch diff -Nru gnupg-1.4.18/debian/patches/0013-doc-Minor-fix.patch gnupg-1.4.18/debian/patches/0013-doc-Minor-fix.patch --- gnupg-1.4.18/debian/patches/0013-doc-Minor-fix.patch 1969-12-31 19:00:00.000000000 -0500 +++ gnupg-1.4.18/debian/patches/0013-doc-Minor-fix.patch 2014-12-04 02:23:27.000000000 -0500 @@ -0,0 +1,23 @@ +From 65c05f5c18d4331d6f1a5de98b4c6af27bc1aed8 Mon Sep 17 00:00:00 2001 +From: Werner Koch <w...@gnupg.org> +Date: Fri, 3 Oct 2014 20:21:28 +0200 +Subject: [PATCH 13/20] doc: Minor fix + +-- + +Thanks to dkg for the reminder. +--- + doc/gpg.texi | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/doc/gpg.texi ++++ b/doc/gpg.texi +@@ -1382,7 +1382,7 @@ + @item always + @opindex trust-mode:always + Skip key validation and assume that used keys are always fully +- trusted. You generally won't use this unless you are using some ++ valid. You generally won't use this unless you are using some + external validation scheme. This option also suppresses the + "[uncertain]" tag printed with signature checks when there is no + evidence that the user ID is bound to the key. Note that this diff -Nru gnupg-1.4.18/debian/patches/0013-Update-Dutch-translation.patch gnupg-1.4.18/debian/patches/0013-Update-Dutch-translation.patch diff -Nru gnupg-1.4.18/debian/patches/0014-Update-Czech-translation.patch gnupg-1.4.18/debian/patches/0014-Update-Czech-translation.patch diff -Nru gnupg-1.4.18/debian/patches/0015-gpg-Make-the-use-of-verify-FILE-for-detached-sigs-ha.patch gnupg-1.4.18/debian/patches/0015-gpg-Make-the-use-of-verify-FILE-for-detached-sigs-ha.patch --- gnupg-1.4.18/debian/patches/0015-gpg-Make-the-use-of-verify-FILE-for-detached-sigs-ha.patch 1969-12-31 19:00:00.000000000 -0500 +++ gnupg-1.4.18/debian/patches/0015-gpg-Make-the-use-of-verify-FILE-for-detached-sigs-ha.patch 2014-12-04 02:23:27.000000000 -0500 @@ -0,0 +1,316 @@ +From fbb50867f81d790c4bf819dcadcd14be6c3f957b Mon Sep 17 00:00:00 2001 +From: Werner Koch <w...@gnupg.org> +Date: Fri, 14 Nov 2014 09:36:19 +0100 +Subject: [PATCH 15/20] gpg: Make the use of "--verify FILE" for detached sigs + harder. + +* g10/openfile.c (open_sigfile): Factor some code out to ... +(get_matching_datafile): new function. +* g10/plaintext.c (hash_datafiles): Do not try to find matching file +in batch mode. +* g10/mainproc.c (check_sig_and_print): Print a warning if a possibly +matching data file is not used by a standard signatures. +-- + +Allowing to use the abbreviated form for detached signatures is a long +standing bug which has only been noticed by the public with the +release of 2.1.0. :-( + +What we do is to remove the ability to check detached signature in +--batch using the one file abbreviated mode. This should exhibit +problems in scripts which use this insecure practice. We also print a +warning if a matching data file exists but was not considered because +the detached signature was actually a standard signature: + + gpgv: Good signature from "Werner Koch (dist sig)" + gpgv: WARNING: not a detached signature; \ + file 'gnupg-2.1.0.tar.bz2' was NOT verified! + +We can only print a warning because it is possible that a standard +signature is indeed to be verified but by coincidence a file with a +matching name is stored alongside the standard signature. + +Reported-by: Simon Nicolussi (to gnupg-users on Nov 7) +Signed-off-by: Werner Koch <w...@gnupg.org> + +(backported from commit 69384568f66a48eff3968bb1714aa13925580e9f) + +Updated doc/gpg.texi. +--- + doc/gpg.texi | 27 ++++++++++------- + g10/main.h | 1 + + g10/mainproc.c | 38 ++++++++++++++++++++++++ + g10/openfile.c | 91 +++++++++++++++++++++++++++++++++++++-------------------- + g10/plaintext.c | 21 ++++++++----- + 5 files changed, 130 insertions(+), 48 deletions(-) + +--- a/doc/gpg.texi ++++ b/doc/gpg.texi +@@ -241,16 +241,22 @@ + + @item --verify + @opindex verify +-Assume that the first argument is a signed file or a detached signature +-and verify it without generating any output. With no arguments, the +-signature packet is read from STDIN. If only a sigfile is given, it may +-be a complete signature or a detached signature, in which case the +-signed stuff is expected in a file without the ".sig" or ".asc" +-extension. With more than 1 argument, the first should be a detached +-signature and the remaining files are the signed stuff. To read the +-signed stuff from STDIN, use @samp{-} as the second filename. For +-security reasons a detached signature cannot read the signed material +-from STDIN without denoting it in the above way. ++Assume that the first argument is a signed file and verify it without ++generating any output. With no arguments, the signature packet is ++read from STDIN. If only a one argument is given, it is expected to ++be a complete signature. ++ ++With more than 1 argument, the first should be a detached signature ++and the remaining files ake up the the signed data. To read the signed ++data from STDIN, use @samp{-} as the second filename. For security ++reasons a detached signature cannot read the signed material from ++STDIN without denoting it in the above way. ++ ++Note: If the option @option{--batch} is not used, @command{gpg} ++may assume that a single argument is a file with a detached signature ++and it will try to find a matching data file by stripping certain ++suffixes. Using this historical feature to verify a detached ++signature is strongly discouraged; always specify the data file too. + + Note: When verifying a cleartext signature, @command{gpg} verifies + only what makes up the cleartext signed data and not any extra data +@@ -260,6 +266,7 @@ + format as well. It is suggested to avoid cleartext signatures in + favor of detached signatures. + ++ + @item --multifile + @opindex multifile + This modifies certain other commands to accept multiple files for +--- a/g10/main.h ++++ b/g10/main.h +@@ -195,6 +195,7 @@ + char *make_outfile_name( const char *iname ); + char *ask_outfile_name( const char *name, size_t namelen ); + int open_outfile( const char *iname, int mode, IOBUF *a ); ++char *get_matching_datafile (const char *sigfilename); + IOBUF open_sigfile( const char *iname, progress_filter_context_t *pfx ); + void try_make_homedir( const char *fname ); + +--- a/g10/mainproc.c ++++ b/g10/mainproc.c +@@ -1949,6 +1949,44 @@ + sig->sig_class==0x01?_("textmode"):_("unknown"), + digest_algo_to_string(sig->digest_algo)); + ++ if (!rc && !c->signed_data) ++ { ++ /* Signature is basically good but we test whether the ++ deprecated command ++ gpg --verify FILE.sig ++ was used instead of ++ gpg --verify FILE.sig FILE ++ to verify a detached signature. If we figure out that a ++ data file with a matching name exists, we print a warning. ++ ++ The problem is that the first form would also verify a ++ standard signature. This behavior could be used to ++ create a made up .sig file for a tarball by creating a ++ standard signature from a valid detached signature packet ++ (for example from a signed git tag). Then replace the ++ sig file on the FTP server along with a changed tarball. ++ Using the first form the verify command would correctly ++ verify the signature but don't even consider the tarball. */ ++ kbnode_t n; ++ char *dfile; ++ ++ dfile = get_matching_datafile (c->sigfilename); ++ if (dfile) ++ { ++ for (n = c->list; n; n = n->next) ++ if (n->pkt->pkttype != PKT_SIGNATURE) ++ break; ++ if (n) ++ { ++ /* Not only signature packets in the tree thus this ++ is not a detached signature. */ ++ log_info (_("WARNING: not a detached signature; " ++ "file '%s' was NOT verified!\n"), dfile); ++ } ++ xfree (dfile); ++ } ++ } ++ + if( rc ) + g10_errors_seen = 1; + if( opt.batch && rc ) +--- a/g10/openfile.c ++++ b/g10/openfile.c +@@ -199,7 +199,7 @@ + else { + char *buf = NULL; + const char *name; +- ++ + if ( opt.dry_run ) + { + #ifdef HAVE_W32_SYSTEM +@@ -224,12 +224,12 @@ + char *dot; + const char *newsfx = mode==1 ? ".asc" : + mode==2 ? ".sig" : ".gpg"; +- ++ + buf = xmalloc(strlen(iname)+4+1); + strcpy(buf,iname); + dot = strrchr(buf, '.' ); + if ( dot && dot > buf && dot[1] && strlen(dot) <= 4 +- && CMP_FILENAME(newsfx, dot) ++ && CMP_FILENAME(newsfx, dot) + && !(strchr (dot, '/') || strchr (dot, '\\'))) + { + /* There is a dot, the dot is not the first character, +@@ -272,7 +272,7 @@ + xfree (buf); + name = buf = tmp; + } +- ++ + if( !rc ) + { + if (is_secured_filename (name) ) +@@ -300,41 +300,70 @@ + } + + ++/* Find a matching data file for the signature file SIGFILENAME and ++ return it as a malloced string. If no matching data file is found, ++ return NULL. */ ++char * ++get_matching_datafile (const char *sigfilename) ++{ ++ char *fname = NULL; ++ size_t len; ++ ++ if (iobuf_is_pipe_filename (sigfilename)) ++ return NULL; ++ ++ len = strlen (sigfilename); ++ if (len > 4 ++ && (!strcmp (sigfilename + len - 4, EXTSEP_S "sig") ++ || (len > 5 && !strcmp(sigfilename + len - 5, EXTSEP_S "sign")) ++ || !strcmp(sigfilename + len - 4, EXTSEP_S "asc"))) ++ { ++ ++ fname = xstrdup (sigfilename); ++ fname[len-(fname[len-1]=='n'?5:4)] = 0 ; ++ if (access (fname, R_OK )) ++ { ++ /* Not found or other error. */ ++ xfree (fname); ++ fname = NULL; ++ } ++ } ++ ++ return fname; ++} ++ ++ + /**************** + * Try to open a file without the extension ".sig" or ".asc" + * Return NULL if such a file is not available. + */ + IOBUF +-open_sigfile( const char *iname, progress_filter_context_t *pfx ) ++open_sigfile (const char *sigfilename, progress_filter_context_t *pfx) + { +- IOBUF a = NULL; +- size_t len; ++ iobuf_t a = NULL; ++ char *buf; + +- if( !iobuf_is_pipe_filename (iname) ) { +- len = strlen(iname); +- if( len > 4 && ( !strcmp(iname + len - 4, EXTSEP_S "sig") +- || ( len > 5 && !strcmp(iname + len - 5, EXTSEP_S "sign") ) +- || !strcmp(iname + len - 4, EXTSEP_S "asc")) ) { +- char *buf; +- buf = xstrdup(iname); +- buf[len-(buf[len-1]=='n'?5:4)] = 0 ; +- a = iobuf_open( buf ); +- if (a && is_secured_file (iobuf_get_fd (a))) +- { +- iobuf_close (a); +- a = NULL; +- errno = EPERM; +- } +- if( a && opt.verbose ) +- log_info(_("assuming signed data in `%s'\n"), buf ); +- if (a && pfx) +- handle_progress (pfx, a, buf); +- xfree(buf); +- } ++ buf = get_matching_datafile (sigfilename); ++ if (buf) ++ { ++ a = iobuf_open (buf); ++ if (a && is_secured_file (iobuf_get_fd (a))) ++ { ++ iobuf_close (a); ++ a = NULL; ++ errno = EPERM; ++ } ++ if (a) ++ log_info (_("assuming signed data in `%s'\n"), buf); ++ if (a && pfx) ++ handle_progress (pfx, a, buf); ++ xfree (buf); + } +- return a; ++ ++ return a; + } + ++ + /**************** + * Copy the option file skeleton to the given directory. + */ +@@ -398,7 +427,7 @@ + ; + else if (c == '#') + esc = 2; +- else ++ else + any_option = 1; + } + } +--- a/g10/plaintext.c ++++ b/g10/plaintext.c +@@ -538,13 +538,20 @@ + STRLIST sl; + + if( !files ) { +- /* check whether we can open the signed material */ +- fp = open_sigfile( sigfilename, &pfx ); +- if( fp ) { +- do_hash( md, md2, fp, textmode ); +- iobuf_close(fp); +- return 0; +- } ++ /* Check whether we can open the signed material. We avoid ++ trying to open a file if run in batch mode. This assumed ++ data file for a sig file feature is just a convenience thing ++ for the command line and the user needs to read possible ++ warning messages. */ ++ if (!opt.batch) { ++ fp = open_sigfile( sigfilename, &pfx ); ++ if( fp ) { ++ do_hash( md, md2, fp, textmode ); ++ iobuf_close(fp); ++ return 0; ++ } ++ } ++ + log_error (_("no signed data\n")); + return G10ERR_OPEN_FILE; + } diff -Nru gnupg-1.4.18/debian/patches/0016-gpg-Fix-a-NULL-deref-for-invalid-input-data.patch gnupg-1.4.18/debian/patches/0016-gpg-Fix-a-NULL-deref-for-invalid-input-data.patch --- gnupg-1.4.18/debian/patches/0016-gpg-Fix-a-NULL-deref-for-invalid-input-data.patch 1969-12-31 19:00:00.000000000 -0500 +++ gnupg-1.4.18/debian/patches/0016-gpg-Fix-a-NULL-deref-for-invalid-input-data.patch 2014-12-04 02:23:26.000000000 -0500 @@ -0,0 +1,50 @@ +From 69767ccf4218d0dc5ef2d7e141be0f14c88fea59 Mon Sep 17 00:00:00 2001 +From: Werner Koch <w...@gnupg.org> +Date: Mon, 24 Nov 2014 19:32:47 +0100 +Subject: [PATCH 16/20] gpg: Fix a NULL-deref for invalid input data. + +* g10/mainproc.c (proc_encrypted): Take care of canceled passpharse +entry. +-- + +GnuPG-bug-id: 1761 +Signed-off-by: Werner Koch <w...@gnupg.org> + +(backported from commit 32e85668b82f6fbcb824eea9548970804fb41d9e) +--- + g10/mainproc.c | 10 ++++++++-- + 1 file changed, 8 insertions(+), 2 deletions(-) + +diff --git a/g10/mainproc.c b/g10/mainproc.c +index d355a21..15baefe 100644 +--- a/g10/mainproc.c ++++ b/g10/mainproc.c +@@ -540,7 +540,9 @@ proc_encrypted( CTX c, PACKET *pkt ) + result = -1; + else if( !c->dek && !c->last_was_session_key ) { + int algo; +- STRING2KEY s2kbuf, *s2k = NULL; ++ STRING2KEY s2kbuf; ++ STRING2KEY *s2k = NULL; ++ int canceled; + + if(opt.override_session_key) + { +@@ -580,9 +582,13 @@ proc_encrypted( CTX c, PACKET *pkt ) + log_info (_("assuming %s encrypted data\n"), "IDEA"); + } + +- c->dek = passphrase_to_dek ( NULL, 0, algo, s2k, 0, NULL, NULL ); ++ c->dek = passphrase_to_dek ( NULL, 0, algo, s2k, 0, NULL,&canceled); + if (c->dek) + c->dek->algo_info_printed = 1; ++ else if (canceled) ++ result = G10ERR_CANCELED; ++ else ++ result = G10ERR_PASSPHRASE; + } + } + else if( !c->dek ) +-- +2.1.3 + diff -Nru gnupg-1.4.18/debian/patches/0017-gpg-Fix-off-by-one-read-in-the-attribute-subpacket-p.patch gnupg-1.4.18/debian/patches/0017-gpg-Fix-off-by-one-read-in-the-attribute-subpacket-p.patch --- gnupg-1.4.18/debian/patches/0017-gpg-Fix-off-by-one-read-in-the-attribute-subpacket-p.patch 1969-12-31 19:00:00.000000000 -0500 +++ gnupg-1.4.18/debian/patches/0017-gpg-Fix-off-by-one-read-in-the-attribute-subpacket-p.patch 2014-12-04 02:23:26.000000000 -0500 @@ -0,0 +1,43 @@ +From 2b4809406b6536cbb67a2282bf855710b8454dc2 Mon Sep 17 00:00:00 2001 +From: Werner Koch <w...@gnupg.org> +Date: Mon, 24 Nov 2014 19:38:04 +0100 +Subject: [PATCH 17/20] gpg: Fix off-by-one read in the attribute subpacket + parser. +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +* g10/parse-packet.c (parse_attribute_subpkts): Check that the +attribute packet is large enough for the subpacket type. +-- + +Reported-by: Hanno Böck +Signed-off-by: Werner Koch <w...@gnupg.org> + +(backported from commit 0988764397f99db4efef1eabcdb8072d6159af76) +--- + g10/parse-packet.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/g10/parse-packet.c b/g10/parse-packet.c +index dcda8ef..db1702f 100644 +--- a/g10/parse-packet.c ++++ b/g10/parse-packet.c +@@ -2026,6 +2026,14 @@ parse_attribute_subpkts(PKT_user_id *uid) + if( buflen < n ) + goto too_short; + ++ if (!n) ++ { ++ /* Too short to encode the subpacket type. */ ++ if (opt.verbose) ++ log_info ("attribute subpacket too short\n"); ++ break; ++ } ++ + attribs=xrealloc(attribs,(count+1)*sizeof(struct user_attribute)); + memset(&attribs[count],0,sizeof(struct user_attribute)); + +-- +2.1.3 + diff -Nru gnupg-1.4.18/debian/patches/0018-gpg-Fix-use-of-uninit.value-in-listing-sig-subpkts.patch gnupg-1.4.18/debian/patches/0018-gpg-Fix-use-of-uninit.value-in-listing-sig-subpkts.patch --- gnupg-1.4.18/debian/patches/0018-gpg-Fix-use-of-uninit.value-in-listing-sig-subpkts.patch 1969-12-31 19:00:00.000000000 -0500 +++ gnupg-1.4.18/debian/patches/0018-gpg-Fix-use-of-uninit.value-in-listing-sig-subpkts.patch 2014-12-04 02:23:26.000000000 -0500 @@ -0,0 +1,52 @@ +From 2d359681f08999686734421228cb69893d8a0060 Mon Sep 17 00:00:00 2001 +From: Werner Koch <w...@gnupg.org> +Date: Mon, 24 Nov 2014 19:41:46 +0100 +Subject: [PATCH 18/20] gpg: Fix use of uninit.value in listing sig subpkts. +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +* g10/parse-packet.c (dump_sig_subpkt): Print regex subpacket +sanitized. +-- + +We may not use "%s" to print an arbitrary buffer. At least "%.*s" +should have been used. However, it is in general preferable to escape +control characters while printf user data. + +Reported-by: Hanno Böck +Signed-off-by: Werner Koch <w...@gnupg.org> + +(backported from commit 596ae9f5433ca3b0e01f7acbe06fd2e424c42ae8) +--- + g10/parse-packet.c | 9 +++++++-- + 1 file changed, 7 insertions(+), 2 deletions(-) + +diff --git a/g10/parse-packet.c b/g10/parse-packet.c +index db1702f..01600e4 100644 +--- a/g10/parse-packet.c ++++ b/g10/parse-packet.c +@@ -892,13 +892,18 @@ dump_sig_subpkt( int hashed, int type, int critical, + if(length!=2) + p="[invalid trust subpacket]"; + else +- fprintf (listfp, "trust signature of depth %d, value %d",buffer[0],buffer[1]); ++ fprintf (listfp, "trust signature of depth %d, value %d", ++ buffer[0],buffer[1]); + break; + case SIGSUBPKT_REGEXP: + if(!length) + p="[invalid regexp subpacket]"; + else +- fprintf (listfp, "regular expression: \"%s\"",buffer); ++ { ++ fprintf (listfp, "regular expression: \""); ++ print_string (listfp, buffer, length, '\"'); ++ p = "\""; ++ } + break; + case SIGSUBPKT_REVOCABLE: + if( length ) +-- +2.1.3 + diff -Nru gnupg-1.4.18/debian/patches/Add-build-and-runtime-support-for-larger-RSA-key.patch gnupg-1.4.18/debian/patches/Add-build-and-runtime-support-for-larger-RSA-key.patch --- gnupg-1.4.18/debian/patches/Add-build-and-runtime-support-for-larger-RSA-key.patch 1969-12-31 19:00:00.000000000 -0500 +++ gnupg-1.4.18/debian/patches/Add-build-and-runtime-support-for-larger-RSA-key.patch 2014-12-04 02:41:01.000000000 -0500 @@ -0,0 +1,254 @@ +From 534e2876acc05f9f8d9b54c18511fe768d77dfb5 Mon Sep 17 00:00:00 2001 +From: Daniel Kahn Gillmor <d...@fifthhorseman.net> +Date: Fri, 3 Oct 2014 12:01:11 -0400 +Subject: [PATCH] gpg: Add build and runtime support for larger RSA keys + +* configure.ac: Added --enable-large-secmem option. +* g10/options.h: Add opt.flags.large_rsa. +* g10/gpg.c: Contingent on configure option: adjust secmem size, +add gpg --enable-large-rsa, bound to opt.flags.large_rsa. +* g10/keygen.c: Adjust max RSA size based on opt.flags.large_rsa +* doc/gpg.texi: Document --enable-large-rsa. + +-- + +Some older implementations built and used RSA keys up to 16Kib, but +the larger secret keys now fail when used by more recent GnuPG, due to +secure memory limitations. + +Building with ./configure --enable-large-secmem will make gpg +capable of working with those secret keys, as well as permitting the +use of a new gpg option --enable-large-rsa, which let gpg generate RSA +keys up to 8Kib when used with --batch --gen-key. + +Debian-bug-id: 739424 + +Minor edits by wk. + +GnuPG-bug-id: 1732 +--- + configure.ac | 16 ++++++++++++++++ + doc/gpg.texi | 9 +++++++++ + g10/gpg.c | 22 +++++++++++++++++++++- + g10/keygen.c | 5 +++-- + g10/options.h | 1 + + 5 files changed, 50 insertions(+), 3 deletions(-) + +diff --git a/configure.ac b/configure.ac +index ae63a4a..1fd6253 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -158,6 +158,7 @@ use_exec=yes + card_support=yes + agent_support=yes + disable_keyserver_path=no ++large_secmem=no + + AC_ARG_ENABLE(minimal, + AC_HELP_STRING([--enable-minimal],[build the smallest gpg binary possible]), +@@ -177,6 +178,21 @@ AC_ARG_ENABLE(minimal, + agent_support=no) + + ++AC_MSG_CHECKING([whether to allocate extra secure memory]) ++AC_ARG_ENABLE(large-secmem, ++ AC_HELP_STRING([--enable-large-secmem], ++ [allocate extra secure memory]), ++ large_secmem=$enableval, large_secmem=no) ++AC_MSG_RESULT($large_secmem) ++if test "$large_secmem" = yes ; then ++ SECMEM_BUFFER_SIZE=65536 ++else ++ SECMEM_BUFFER_SIZE=32768 ++fi ++AC_DEFINE_UNQUOTED(SECMEM_BUFFER_SIZE,$SECMEM_BUFFER_SIZE, ++ [Size of secure memory buffer]) ++ ++ + AC_MSG_CHECKING([whether OpenPGP card support is requested]) + AC_ARG_ENABLE(card-support, + AC_HELP_STRING([--disable-card-support], +diff --git a/doc/gpg.texi b/doc/gpg.texi +index ded69ce..ae86809 100644 +--- a/doc/gpg.texi ++++ b/doc/gpg.texi +@@ -1104,6 +1104,15 @@ the opposite meaning. The options are: + validation. This option is only meaningful if pka-lookups is set. + @end table + ++@item --enable-large-rsa ++@itemx --disable-large-rsa ++@opindex enable-large-rsa ++@opindex disable-large-rsa ++With --gen-key and --batch, enable the creation of larger RSA secret ++keys than is generally recommended (up to 8192 bits). These large ++keys are more expensive to use, and their signatures and ++certifications are also larger. ++ + @item --enable-dsa2 + @itemx --disable-dsa2 + @opindex enable-dsa2 +diff --git a/g10/gpg.c b/g10/gpg.c +index 1b0a364..6dc15fa 100644 +--- a/g10/gpg.c ++++ b/g10/gpg.c +@@ -372,6 +372,8 @@ enum cmd_and_opt_values + oAutoKeyLocate, + oNoAutoKeyLocate, + oAllowMultisigVerification, ++ oEnableLargeRSA, ++ oDisableLargeRSA, + oEnableDSA2, + oDisableDSA2, + oAllowMultipleMessages, +@@ -719,6 +721,8 @@ static ARGPARSE_OPTS opts[] = { + { oDebugCCIDDriver, "debug-ccid-driver", 0, "@"}, + #endif + { oAllowMultisigVerification, "allow-multisig-verification", 0, "@"}, ++ { oEnableLargeRSA, "enable-large-rsa", 0, "@"}, ++ { oDisableLargeRSA, "disable-large-rsa", 0, "@"}, + { oEnableDSA2, "enable-dsa2", 0, "@"}, + { oDisableDSA2, "disable-dsa2", 0, "@"}, + { oAllowMultipleMessages, "allow-multiple-messages", 0, "@"}, +@@ -1995,7 +1999,7 @@ main (int argc, char **argv ) + } + #endif + /* initialize the secure memory. */ +- got_secmem=secmem_init( 32768 ); ++ got_secmem=secmem_init( SECMEM_BUFFER_SIZE ); + maybe_setuid = 0; + /* Okay, we are now working under our real uid */ + +@@ -2851,6 +2855,22 @@ main (int argc, char **argv ) + release_akl(); + break; + ++ case oEnableLargeRSA: ++#if SECMEM_BUFFER_SIZE >= 65536 ++ opt.flags.large_rsa=1; ++#else ++ if (configname) ++ log_info("%s:%d: WARNING: gpg not built with large secure " ++ "memory buffer. Ignoring enable-large-rsa\n", ++ configname,configlineno); ++ else ++ log_info("WARNING: gpg not built with large secure " ++ "memory buffer. Ignoring --enable-large-rsa\n"); ++#endif /* SECMEM_BUFFER_SIZE >= 65536 */ ++ break; ++ case oDisableLargeRSA: opt.flags.large_rsa=0; ++ break; ++ + case oEnableDSA2: opt.flags.dsa2=1; break; + case oDisableDSA2: opt.flags.dsa2=0; break; + +diff --git a/g10/keygen.c b/g10/keygen.c +index 84f852f..9020908 100644 +--- a/g10/keygen.c ++++ b/g10/keygen.c +@@ -1253,6 +1253,7 @@ gen_rsa(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek, + PKT_public_key *pk; + MPI skey[6]; + MPI *factors; ++ const unsigned maxsize = (opt.flags.large_rsa ? 8192 : 4096); + + assert( is_RSA(algo) ); + +@@ -1260,8 +1261,8 @@ gen_rsa(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek, + nbits = 2048; + log_info(_("keysize invalid; using %u bits\n"), nbits ); + } +- else if (nbits > 4096) { +- nbits = 4096; ++ else if (nbits > maxsize) { ++ nbits = maxsize; + log_info(_("keysize invalid; using %u bits\n"), nbits ); + } + +diff --git a/g10/options.h b/g10/options.h +index d6326d8..670cf64 100644 +--- a/g10/options.h ++++ b/g10/options.h +@@ -231,6 +231,7 @@ struct + unsigned int utf8_filename:1; + unsigned int dsa2:1; + unsigned int allow_multiple_messages:1; ++ unsigned int large_rsa:1; + } flags; + + /* Linked list of ways to find a key if the key isn't on the local +-- +2.1.1 + +diff --git a/config.h.in b/config.h.in +index 379ca1e..f21b779 100644 +--- a/config.h.in ++++ b/config.h.in +@@ -690,6 +690,9 @@ + /* Define as the return type of signal handlers (`int' or `void'). */ + #undef RETSIGTYPE + ++/* Size of secure memory buffer */ ++#undef SECMEM_BUFFER_SIZE ++ + /* The size of `time_t', as computed by sizeof. */ + #undef SIZEOF_TIME_T + +diff --git a/configure b/configure +index 203794c..07639ab 100755 +--- a/configure ++++ b/configure +@@ -856,6 +856,7 @@ enable_asm + enable_selinux_support + enable_gnupg_iconv + enable_minimal ++enable_large_secmem + enable_card_support + enable_agent_support + enable_rsa +@@ -1548,6 +1549,7 @@ Optional Features: + enable SELinux support + --disable-gnupg-iconv disable the new iconv code + --enable-minimal build the smallest gpg binary possible ++ --enable-large-secmem allocate extra secure memory + --disable-card-support disable OpenPGP card support + --disable-agent-support disable gpg-agent support + --disable-rsa disable the RSA public key algorithm +@@ -4869,6 +4871,7 @@ use_exec=yes + card_support=yes + agent_support=yes + disable_keyserver_path=no ++large_secmem=no + + # Check whether --enable-minimal was given. + if test "${enable_minimal+set}" = set; then : +@@ -4890,6 +4893,29 @@ fi + + + ++{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to allocate extra secure memory" >&5 ++$as_echo_n "checking whether to allocate extra secure memory... " >&6; } ++# Check whether --enable-large-secmem was given. ++if test "${enable_large_secmem+set}" = set; then : ++ enableval=$enable_large_secmem; large_secmem=$enableval ++else ++ large_secmem=no ++fi ++ ++{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $large_secmem" >&5 ++$as_echo "$large_secmem" >&6; } ++if test "$large_secmem" = yes ; then ++ SECMEM_BUFFER_SIZE=65536 ++else ++ SECMEM_BUFFER_SIZE=32768 ++fi ++ ++cat >>confdefs.h <<_ACEOF ++#define SECMEM_BUFFER_SIZE $SECMEM_BUFFER_SIZE ++_ACEOF ++ ++ ++ + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether OpenPGP card support is requested" >&5 + $as_echo_n "checking whether OpenPGP card support is requested... " >&6; } + # Check whether --enable-card-support was given. diff -Nru gnupg-1.4.18/debian/patches/series gnupg-1.4.18/debian/patches/series --- gnupg-1.4.18/debian/patches/series 2014-09-02 10:44:23.000000000 -0400 +++ gnupg-1.4.18/debian/patches/series 2014-12-04 02:23:27.000000000 -0500 @@ -1,2 +1,23 @@ fix_760273.patch fix_import_filter_regression.patch +Add-build-and-runtime-support-for-larger-RSA-key.patch +0003-Update-POT-file.patch +0004-Update-PO-files.patch +0005-Update-French-translation.patch +0006-Update-Danish-translation.patch +0007-Update-Ukrainian-translation.patch +0008-Update-Russian-translation.patch +0009-Update-Chinese-traditional-translation.patch +0010-Update-Italian-translation.patch +0011-Update-Polish-translation.patch +0012-Update-Spanish-translation.patch +0013-Update-Dutch-translation.patch +0014-Update-Czech-translation.patch +0007-mpi-Improve-mpi_invm-to-detect-bad-input.patch +0016-gpg-Fix-a-NULL-deref-for-invalid-input-data.patch +0017-gpg-Fix-off-by-one-read-in-the-attribute-subpacket-p.patch +0018-gpg-Fix-use-of-uninit.value-in-listing-sig-subpkts.patch +0015-gpg-Make-the-use-of-verify-FILE-for-detached-sigs-ha.patch +0009-doc-Final-update-from-master-gnupg-2.1.patch +0010-doc-Cleanup-gpg.texi.patch +0013-doc-Minor-fix.patch diff -Nru gnupg-1.4.18/debian/rules gnupg-1.4.18/debian/rules --- gnupg-1.4.18/debian/rules 2014-09-02 00:58:08.000000000 -0400 +++ gnupg-1.4.18/debian/rules 2014-12-04 01:10:04.000000000 -0500 @@ -21,7 +21,7 @@ CONFARGS = --prefix=/usr --libexecdir=/usr/lib/ \ --enable-noexecstack -CONFARGS_FULL = --enable-mailto --with-mailprog=/usr/sbin/sendmail +CONFARGS_FULL = --enable-mailto --with-mailprog=/usr/sbin/sendmail --enable-large-secmem CONFARGS_MINIMAL = --enable-minimal --enable-rsa --disable-nls --disable-regex --disable-gnupg-iconv --disable-gettext --without-iconv --without-readline --without-zlib --enable-sha256 ifneq ($(DEB_BUILD_GNU_TYPE),$(DEB_HOST_GNU_TYPE)) diff -Nru gnupg-1.4.18/debian/source/lintian-overrides gnupg-1.4.18/debian/source/lintian-overrides --- gnupg-1.4.18/debian/source/lintian-overrides 1969-12-31 19:00:00.000000000 -0500 +++ gnupg-1.4.18/debian/source/lintian-overrides 2014-12-04 02:54:24.000000000 -0500 @@ -0,0 +1,5 @@ +gnupg source: binaries-have-file-conflict gnupg gnupg-curl usr/lib/gnupg/gpgkeys_curl +gnupg source: binaries-have-file-conflict gnupg gnupg-curl usr/lib/gnupg/gpgkeys_hkp +# doc merely references / cites IETF RFC: +gnupg source: license-problem-non-free-RFC doc/OpenPGP +gnupg source: license-problem-non-free-RFC debian/copyright diff -Nru gnupg-1.4.18/debian/source.lintian-overrides gnupg-1.4.18/debian/source.lintian-overrides --- gnupg-1.4.18/debian/source.lintian-overrides 2014-09-02 00:58:08.000000000 -0400 +++ gnupg-1.4.18/debian/source.lintian-overrides 1969-12-31 19:00:00.000000000 -0500 @@ -1,4 +0,0 @@ -gnupg source: binaries-have-file-conflict gnupg gnupg-curl usr/lib/gnupg/gpgkeys_curl -gnupg source: binaries-have-file-conflict gnupg gnupg-curl usr/lib/gnupg/gpgkeys_hkp -# doc merely references / cites IETF RFC: -gnupg source: license-problem-non-free-RFC doc/OpenPGP
signature.asc
Description: OpenPGP digital signature