Hello community,
here is the log from the commit of package gpg2 for openSUSE:Factory checked in
at 2015-03-01 14:52:09
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/gpg2 (Old)
and /work/SRC/openSUSE:Factory/.gpg2.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gpg2"
Changes:
--------
--- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes 2015-02-14
13:54:24.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2015-03-01
14:52:10.000000000 +0100
@@ -1,0 +2,6 @@
+Tue Feb 24 08:10:22 UTC 2015 - astie...@suse.com
+
+- Fix invalid packet read error when reading keyrings [boo#914625]
+ add 0001-gpg-Skip-legacy-keys-while-searching-keyrings.patch
+
+-------------------------------------------------------------------
New:
----
0001-gpg-Skip-legacy-keys-while-searching-keyrings.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ gpg2.spec ++++++
--- /var/tmp/diff_new_pack.mREGL8/_old 2015-03-01 14:52:11.000000000 +0100
+++ /var/tmp/diff_new_pack.mREGL8/_new 2015-03-01 14:52:11.000000000 +0100
@@ -1,7 +1,7 @@
#
# spec file for package gpg2
#
-# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -36,6 +36,7 @@
Patch11: gnupg-add_legacy_FIPS_mode_option.patch
Patch12: gnupg-remove_development_version_warning.patch
Patch14: gnupg-large_keys.patch
+Patch15: 0001-gpg-Skip-legacy-keys-while-searching-keyrings.patch
BuildRequires: automake >= 1.14
BuildRequires: expect
BuildRequires: fdupes
@@ -87,6 +88,7 @@
%patch11 -p1
%patch12 -p1
%patch14 -p1
+%patch15 -p1
%build
autoreconf -fi
++++++ 0001-gpg-Skip-legacy-keys-while-searching-keyrings.patch ++++++
>From a8116aacd91b7e775762a62c268fab6cc3c77438 Mon Sep 17 00:00:00 2001
From: Werner Koch <w...@gnupg.org>
Date: Mon, 23 Feb 2015 16:37:57 +0100
Subject: [PATCH] gpg: Skip legacy keys while searching keyrings.
* g10/getkey.c (search_modes_are_fingerprint): New.
(lookup): Skip over legacy keys.
--
GnuPG-bug-id: 1847
Signed-off-by: Werner Koch <w...@gnupg.org>
---
g10/getkey.c | 39 +++++++++++++++++++++++++++++++++++++--
1 file changed, 37 insertions(+), 2 deletions(-)
diff --git a/g10/getkey.c b/g10/getkey.c
index 76ee493..116753c 100644
--- a/g10/getkey.c
+++ b/g10/getkey.c
@@ -2525,6 +2525,29 @@ found:
}
+/* Return true if all the search modes are fingerprints. */
+static int
+search_modes_are_fingerprint (getkey_ctx_t ctx)
+{
+ size_t n, found;
+
+ for (n=found=0; n < ctx->nitems; n++)
+ {
+ switch (ctx->items[n].mode)
+ {
+ case KEYDB_SEARCH_MODE_FPR16:
+ case KEYDB_SEARCH_MODE_FPR20:
+ case KEYDB_SEARCH_MODE_FPR:
+ found++;
+ break;
+ default:
+ break;
+ }
+ }
+ return found && found == ctx->nitems;
+}
+
+
/* The main function to lookup a key. On success the found keyblock
is stored at RET_KEYBLOCK and also in CTX. If WANT_SECRET is true
a corresponding secret key is required. */
@@ -2534,9 +2557,21 @@ lookup (getkey_ctx_t ctx, kbnode_t *ret_keyblock, int
want_secret)
int rc;
int no_suitable_key = 0;
- rc = 0;
- while (!(rc = keydb_search (ctx->kr_handle, ctx->items, ctx->nitems, NULL)))
+ for (;;)
{
+ rc = keydb_search (ctx->kr_handle, ctx->items, ctx->nitems, NULL);
+ /* Skip over all legacy keys but only if they are not requested
+ by fingerprints.
+ Fixme: The lower level keydb code should actually do that but
+ then it would be harder to report the number of skipped
+ legacy keys during import. */
+ if (gpg_err_code (rc) == GPG_ERR_LEGACY_KEY
+ && !(ctx->nitems && ctx->items->mode == KEYDB_SEARCH_MODE_FIRST)
+ && !search_modes_are_fingerprint (ctx))
+ continue;
+ if (rc)
+ break;
+
/* If we are searching for the first key we have to make sure
that the next iteration does not do an implicit reset.
This can be triggered by an empty key ring. */
--
2.1.4
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
