summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKristian Fiskerstrand <k_f@gentoo.org>2015-05-13 15:16:57 +0000
committerKristian Fiskerstrand <k_f@gentoo.org>2015-05-13 15:16:57 +0000
commita5b34ca2f0950b6a9fe6372dea97775cad6e1b5b (patch)
tree2ab918b65e8f1ebbf8d0f01890e207dd7a8b4663 /app-crypt
parentVersion bump, https://github.com/gentoo/gentoo-portage-rsync-mirror/pull/113 ... (diff)
downloadhistorical-a5b34ca2f0950b6a9fe6372dea97775cad6e1b5b.tar.gz
historical-a5b34ca2f0950b6a9fe6372dea97775cad6e1b5b.tar.bz2
historical-a5b34ca2f0950b6a9fe6372dea97775cad6e1b5b.zip
New upstream version 2.1.4, cleanup old files
Package-Manager: portage-2.2.18/cvs/Linux x86_64 Manifest-Sign-Key: 0xFED5002857C1ABFA!
Diffstat (limited to 'app-crypt')
-rw-r--r--app-crypt/gnupg/ChangeLog11
-rw-r--r--app-crypt/gnupg/Manifest24
-rw-r--r--app-crypt/gnupg/files/gnupg-2.1.1-misc-cve.patch130
-rw-r--r--app-crypt/gnupg/files/gnupg-2.1.3-dirmngr-Fix-segfault-in-ldap-engine.patch29
-rw-r--r--app-crypt/gnupg/files/gnupg-2.1.3-dirmngr-no-ldap.patch246
-rw-r--r--app-crypt/gnupg/files/gnupg-2.1.3-gpg-fix-null-segv.patch73
-rw-r--r--app-crypt/gnupg/gnupg-2.1.4.ebuild (renamed from app-crypt/gnupg/gnupg-2.1.3-r3.ebuild)13
7 files changed, 21 insertions, 505 deletions
diff --git a/app-crypt/gnupg/ChangeLog b/app-crypt/gnupg/ChangeLog
index e39ca969c7c3..07c0d3c9b697 100644
--- a/app-crypt/gnupg/ChangeLog
+++ b/app-crypt/gnupg/ChangeLog
@@ -1,6 +1,15 @@
# ChangeLog for app-crypt/gnupg
# Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-crypt/gnupg/ChangeLog,v 1.602 2015/05/11 19:39:45 k_f Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-crypt/gnupg/ChangeLog,v 1.603 2015/05/13 15:16:48 k_f Exp $
+
+*gnupg-2.1.4 (13 May 2015)
+
+ 13 May 2015; Kristian Fiskerstrand <k_f@gentoo.org> +gnupg-2.1.4.ebuild,
+ -files/gnupg-2.1.1-misc-cve.patch,
+ -files/gnupg-2.1.3-dirmngr-Fix-segfault-in-ldap-engine.patch,
+ -files/gnupg-2.1.3-dirmngr-no-ldap.patch,
+ -files/gnupg-2.1.3-gpg-fix-null-segv.patch, -gnupg-2.1.3-r3.ebuild:
+ New upstream version 2.1.4, cleanup old files
11 May 2015; Kristian Fiskerstrand <k_f@gentoo.org> -gnupg-1.4.18.ebuild:
Remove vulnerable version c.f bug #541568
diff --git a/app-crypt/gnupg/Manifest b/app-crypt/gnupg/Manifest
index d1369d3056dd..4b93dec529d9 100644
--- a/app-crypt/gnupg/Manifest
+++ b/app-crypt/gnupg/Manifest
@@ -4,28 +4,24 @@ Hash: SHA256
AUX gnupg-2.0.17-gpgsm-gencert.patch 1121 SHA256 fa8369a4466b3cce54215a348940422f46f4d359f9e9b3c7029a1138870888df SHA512 ecde032b205cc16c33ff21ded55b93e74058cd804d68e4a0738ac70d54b5b388b6f709d21719a5e418c662b7ee74bc4aef7a0c59de106e2d4bd06b7bc1a11138 WHIRLPOOL 5dc4d3de29290e8e274a0f4fef871cea7f49553846254d819ca776000978a72c694212559d9ad03312f94f71f406de4641c0575188d340017a7937b01753b8a0
AUX gnupg-2.0.26-Need-to-init-the-trustdb-for-import.patch 895 SHA256 063f50e8293282ec59ccf30567dafc16f5cdec800d2965acf8cf8a5050d8a9b3 SHA512 85423d0c0a2d6e85d569bd31c8f8209fb8707c827f041055bc2a1b20ec1372257574a2b72d86cdc1fa61188966bbb0e0ca176505bbd2bb1e2df12257f33ae259 WHIRLPOOL b9ee365eb55e637ca80b1ab88f1b48a9f925be73aba4f3e8e1c5526cbdb18a4c6326aa0282b45c6ad285b9c0d2f624e161679abd41bfcbd6cbf37764c0123467
AUX gnupg-2.0.26-misc-cve.patch 3201 SHA256 d0f16d14da9868b79d17fa49ff284ec05fb45ef61f35c864bde9e38dc7539de2 SHA512 bb2860e5d8bb1567238e25d05cda7cb76557fa43dca3b8e802f7b4664e9b46e10187f2cbb76d1bcea5816d14c936d704fd606bdf125855ef3401b08412ac1fed WHIRLPOOL eefd707be37662bccd63d671496c79b30a07c13fb7497562887c678495020c382b5fb664ec8d5c76c45077fd6cfe36d4fc33f804b544f0efd042f6eaa5d2ed36
-AUX gnupg-2.1.1-misc-cve.patch 3548 SHA256 cef5fabc9b02366a33ed79e35b887fcb47e1d46f674f787da11e09b2ec8e5801 SHA512 9616ba2cdc513bc4982a2d66e1e06dcea6e52abba1e14033ab179e19b84ebaf43c60c3d3238ce38c7517c8fc4478570c0ea37f9e23f519d00bb720263d64e5dc WHIRLPOOL 2ab9c19edd012c4267d30aaf38f0880ea3cac2cf1f222cc37a883f69e839cd50486d3f4bd23fb191d3a97ed5557040088d764fa78acdf5eb9982937d1199eee3
-AUX gnupg-2.1.3-dirmngr-Fix-segfault-in-ldap-engine.patch 962 SHA256 d762d7ca1bf850203e24ec1d3151fb3df1b1e368b3cb80ec884cdd6b716e0273 SHA512 602cd338abb7897c6b101ec1644e137880baab2bf35ab0c4b21b439548b3ccb04f8f63c45afb4da89d88200c3402a64e67c3b3845f76e01a42c82f99e20efb30 WHIRLPOOL 3c7d1a29a8f43e2a29d871853ce0042e24df522abc26bd3342874abb8053b735fdc2ffefc3c4686fe82f45f98608914c3f899fba6545f58af8e58da6648a5483
-AUX gnupg-2.1.3-dirmngr-no-ldap.patch 7476 SHA256 d210eb26f0853547948d46e391eb5cbf02ec99fe216238d2475cf478da154f64 SHA512 64176f4158540b64a1c8ddcc1535869a62eff7eb02bd161eb93434288b4bebe123d66ef03b61745c5741ba11eb9ffdce25da80eea4aa8afa18858755a015387d WHIRLPOOL e312ed8de95e0edcbc0eebc46907a0c90b8d872074920fc2a3d80581e30bef8c569e9b70798ad64a638965b1b34803e5acb343c557f195bcd4a6cf440fdb0e88
-AUX gnupg-2.1.3-gpg-fix-null-segv.patch 2064 SHA256 ed58663492c111103a4b7b7d575e5ec3400d2372394cc5da56374e864ae7642a SHA512 a8966a2e50e8e8b2f2f14b32282a41a76f221bf4ff645b0dfbf1fc83cb35afa6d3d426686008a1cb58e51708d5f8cab13762cfba79f2bdd3415ba1b5103793aa WHIRLPOOL 7c916f55d60eb0df86918778c5d8226e56e6ba45c564bdd35c5f5cc16d9eb642f1dce25fd29c2febbfbfb1ba163c274e559dc69517cccaed686f5d8584de5c14
DIST gnupg-1.4.19.tar.bz2 3713811 SHA256 7f09319d044b0f6ee71fe3587bb873be701723ac0952cff5069046a78de8fd86 SHA512 cce2a83efb05f963ad0f8afd04999cc852889d46b4cad4cf399a37fd6e69f0911a5ccaa0192cb891a941cfa93125349b481efa789a127e3c0aa2c5ba53672741 WHIRLPOOL 14eaddca0981f05757aa0751b9563837efd3f5943a422d5f29e0de94eb6233b85b8848a1f4816ab7e897d6e656c7c08705115d53ed89f554604ffd2009c3c39f
DIST gnupg-2.0.26.tar.bz2 4303384 SHA256 7758e30dc382ae7a7167ed41b7f936aa50af5ea2d6fccdef663b5b750b65b8e0 SHA512 5dd23baaac764fd48abd235ed52a85a2c7fd68b98fcde45c0f294ddb3b5629e8b1bd894585fbed4e6a6cb2bc4a5552c098c3cf1a849fffa469424fd0a4fee726 WHIRLPOOL 8d9b30337957f6bfeddea29116d862ef0c0ddd06d59bc2799db236b91b2c6767aad6f37f2166fc431c5d9454eb41f49f3e261bc38d0e89361f0c467f4591cd5a
DIST gnupg-2.0.27.tar.bz2 4424679 SHA256 57646d3e4b919fa1e5c8f1c0cf5fe1215333041c493a5ebc4b8f2978dbe930f2 SHA512 b05e75f5ef9881df9472818743c175cfe3254088086f36dc0fcf3d34e61f648f1775d90d404f6c622561df5066d972aadbf99ea8ec1290e5d7f7310f4ef2989e WHIRLPOOL abb353b20655002a0957e38d2b889fb5e6a47ba7b7546e1c70fc1f97cf42deeca8f2b061678983f3a160210f4eaf7529441246df1f9f1d875f5cc090456fdfb7
-DIST gnupg-2.1.3.tar.bz2 4875813 SHA256 213e7fb0d74bb4e53a2d3153f309ddc077528f2cfffa2af85f2a20cc7875c8ed SHA512 dfa462c490102f6924314aaba44af8492b3825f1431732ad4ac739124077c5ed85bc26b83e72d7b974a4008e7e9be5fa33eb7523c174e3e5291367f28d845de8 WHIRLPOOL e6fade4dfdcdf590b8bc793daf5f00f8feb1e537b1a28c87a98b2e364f171e6c9ae615e6e7742504097df71e636be894d8c95fad5f3f699f93071c73af3726ef
+DIST gnupg-2.1.4.tar.bz2 4885653 SHA256 64127eedd868510f2bccccb22c507a4878ffa07495db16a0f976c67f56426cb0 SHA512 57cabe1c00b830d383790d346b2ac6aafe1df5c71728b3a6e7e9164d0ace7e9638c7c6c01849946fbff671ea8f76d9ec3ea8878419c80cbc70c918e98e955310 WHIRLPOOL 2990169789708c5b2c47c2b4bf64fcc62c1bf0e093ad1991e2975e9a8da3be76142482cf7a29afc9965d9f08aabb8244fabfbe92a9d4d772fb400f6d41ca1ab4
EBUILD gnupg-1.4.19.ebuild 3472 SHA256 e2d789f8ddd23866340e7e2cd450e7d7c51ea135e403571ec00873e85e04a4a1 SHA512 e4b5eb1b1d03762528464596316e433ec2b01330cd76ce5a7d7006ba77f8b7dda2d15e66f8574803a229fb5f543c587fe01b82ad981bb7a26c7ad7c2d86d7f7e WHIRLPOOL 9452157d05e9fc515af5b1d71bc14c820ac09337d6b3ac5ff66bca45a7de1ea50958f42bfdc6aee3f27e2596997efe36a473e7053bd904e144c73c3fbbc3a17e
EBUILD gnupg-2.0.26-r3.ebuild 4889 SHA256 d68393d52300de25451d6e732c7c10484f31283b560988e4992e9ac8fed0874a SHA512 5cc4f633741c32f244aa43eb4606a339e9de7b0d7ceb6cc38bdc985293efc605abcaafe438d0d60250d30f1cf7923a92a093d854f2abb28b302a8ff385b4cfc9 WHIRLPOOL 3d5df13d06a20c6cb53ca9259a416e7f0fc6490331d19ba4b98508d1dd18ddbcfe19913ce0a8fb61071c5a4ed38e8d9dca68b79f22ceb97890ce8236dd2e739c
EBUILD gnupg-2.0.27-r1.ebuild 4814 SHA256 e886319d458473e57a6f88e1f0c15d791e3375e66aca80eceebd3bad539c52ff SHA512 656c96421556ac1b6b1022d28b452db23de5100c0cf8ed0c51e73053f4526d7c38c6682dea596ab7d36489b20978da6a1375a56f5ca24b43b78394c859de363b WHIRLPOOL b3fe2d812c0defcff16030f6fdb07a9b430781fa0027c45dcda3c921785413271ec492f789a7a1a4f5c393794ab539f0bb7e263fd1eb1784972a752d3fd3b9a5
EBUILD gnupg-2.0.27.ebuild 4782 SHA256 5453bd69096075d8866a4877b6dbc3efa03a85ae8cbee63ff72269741749545e SHA512 6fa97736a7995c4f6a0095453bfdc0a627c9915da1e7442a65933532aa2ec7d21fdc69ae1cc1b32147731927eaa3cd1716715fdc8dcd969956201649a9da23ce WHIRLPOOL f9f7fe16b87194311f24f9699c561248faec2600fb632a9bd14a205e5ba8092826c7167e895968ea516d6b260f5bc618faf412cd5e5df0198d04891f7ad2c4f1
-EBUILD gnupg-2.1.3-r3.ebuild 5203 SHA256 eea739e2eec8a95e1acf87c6a31cc9f1be96ed5e588e67cbd96c28e80e1439eb SHA512 c9b264fe0050ce586f981abc6b32413fc0fdec538ade978dc0bb10408d9f064738a083d1e6bfba780f2533ebf93b84cf9fdc5eacbdba056f7074382d77754dbf WHIRLPOOL 36fc5ba7d61dbd8b7e63cd8d4dbd2232af63cec70c83f78bc5c3eab56ba5932352cfe9f6e2859a81d4d2568d2afd800165bbc58fbf1c5c87344c63d668cbf0cb
-MISC ChangeLog 88004 SHA256 081537e5817c7cb6ee06e0b512a48845e007252487eb35de291c9ea385317f88 SHA512 0ca3641ef93fe610c519336a4388db817fc3e1763dd52dd538c25210ea3804c11bc79a4ba6910280dfc0319d5a373067f23384658cc97df86c288f658712b221 WHIRLPOOL 5005960c4b71dc83058f77e62b68a5d4e43a48649d27daebb9b32c6a1f470e4dc699ce3ec5b7d0391f260ea6ff62e28092acff6df8ee518e0f12258dd7817291
+EBUILD gnupg-2.1.4.ebuild 4670 SHA256 93bb56ee1d168196f6282411443889d9c283f6d1603fb34cef0a489777b61fa1 SHA512 60c542ffb685f7bcf3108c8d31e5388cec39ebf004e461108f0acd88935b19dce141a6c061363e7e95f9cd23c1c72c94279c5606e0d9a77fc3d261739eeec58f WHIRLPOOL 35a7daa598c849b2f754908fd425bfb14ed4376de2b041e79f0be11dee63ebc166d18ecf39f0dab746febeef34ba0d530d4139e8a6248904556caa45825e2325
+MISC ChangeLog 88371 SHA256 d2b25feab07dc510bae6d0063ccc84c99ffc7370fde4e7a6fad4ed4508ff4800 SHA512 34b7304800e4822b169dc2a216c4efb8ac6daa4f3a1914ae6d6a32fb8274ad8f8283c2930b16dd29925982b723241bb03af9f1f089c9b760313f608d6fd9eae5 WHIRLPOOL a0d38c17235b35a2a09344f5aa22f4b0f8a02bf4edfe7cc0b8c6dfe36a375d6f025ec76714190bf6cffe2e8dea7ce3d5d4090ff87da6e90c33f87b3bf2b35e49
MISC metadata.xml 1032 SHA256 cbef1621eb1364c8d12ac18e71cf4aabfced9ecd3c990a3f3cdf066902dc97bb SHA512 5e2ef4380effe027a0b0b8a11a29ed1996b3b5256ee333909d4a7cfcb18ea1e9dead9b8303c7dffc1ad10014dea79e827b1d84caa92294f4d3dfc29ff23a6af5 WHIRLPOOL a24c7f71ed140f34dd59b10314869d0c5482063be20faefa1591595feb856c79bc57a6b344dd467875cf3389d8cd14e2d41f2312f51d3b77dcbe27af97b7f129
-----BEGIN PGP SIGNATURE-----
-iQEcBAEBCAAGBQJVUQWCAAoJEP7VAChXwav6yCQH/i+P4lMl7+qMrWOpPkvIa8WF
-lJCnb/jbGJaQmkHjpXqvB9a4IijHGOXYfHFN81/LrBa0TwkKwCwWCGWHZarYWGlX
-DJvR5/JKORFIOZ+oNFTFPDcg0/96Me37pyG+9tB+4AjDzmrFE6HlKLY9ouUQOVLj
-sK/ncktg592W8tJLFB1zD2Ykx8ewJVsE5YltPjAP6YZNw7mEAN0v+qSA1vwNhE4b
-IE75UWsGRGv6uoch6ChQS1xyprqanNJ6zmUNmthAJeSqPjdIG2BLlSTnvZt9fYdd
-pA1aLoIZRGxRzPsoTxZPuM1g5vJuIKZPvQMCYBgAmKSTg2GInO+nhstdFElzQkc=
-=MzxC
+iQEcBAEBCAAGBQJVU2riAAoJEP7VAChXwav6pmwH/izwwpcw6c9ERGAeqDleAzjR
+AiQAZB2TUbZGRtiaZOTyqL2+f7Va3EKj9Bb7Y5ktOKOV+KrpU00C0JcjLVd1J8Hq
+lromLWCg9O242zU+a0ILvEg2B1QatG3xdAiiyPHUz/vB4t0AAUpFnvmDbFeNREY0
+p+nWMlwe9eUwe+qsI1rO+TieGeSoPlllIJv7opMqGwgP+TwdTxWNcgt6yHMzhNM3
+/x5CKexniuTQp5MsXa6dNJKaeIOqwxZzg2w5qPqCOJGrwqYKZQtabEoLSGv5O46o
+1GzVNFLfyL2I9scimmNYBkNTpA0vm3zDOZoCkxJV9Z+xtTgdSqyZp13aGDb4Lhs=
+=R3rI
-----END PGP SIGNATURE-----
diff --git a/app-crypt/gnupg/files/gnupg-2.1.1-misc-cve.patch b/app-crypt/gnupg/files/gnupg-2.1.1-misc-cve.patch
deleted file mode 100644
index 1a54a3d8d58f..000000000000
--- a/app-crypt/gnupg/files/gnupg-2.1.1-misc-cve.patch
+++ /dev/null
@@ -1,130 +0,0 @@
-From ed8383c618e124cfa708c9ee87563fcdf2f4649c Mon Sep 17 00:00:00 2001
-From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
-Date: Fri, 19 Dec 2014 18:53:34 -0500
-Subject: [PATCH] sm: Avoid double-free on iconv failure
-
-* sm/minip12.c: (p12_build) if jnlib_iconv_open fails, avoid
-double-free of pwbuf.
-
---
-
-Observed by Joshua Rogers <honey@internot.info>, who proposed a
-slightly different fix.
-
-Debian-Bug-Id: 773472
-
-Added fix at a second place - wk.
----
- sm/minip12.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/sm/minip12.c b/sm/minip12.c
-index 01b91b7..ca4d248 100644
---- a/sm/minip12.c
-+++ b/sm/minip12.c
-@@ -2422,6 +2422,7 @@ p12_build (gcry_mpi_t *kparms, const void *cert, size_t certlen,
- " requested charset '%s': %s\n",
- charset, strerror (errno));
- gcry_free (pwbuf);
-+ pwbuf = NULL;
- goto failure;
- }
-
-@@ -2436,6 +2437,7 @@ p12_build (gcry_mpi_t *kparms, const void *cert, size_t certlen,
- " requested charset '%s': %s\n",
- charset, strerror (errno));
- gcry_free (pwbuf);
-+ pwbuf = NULL;
- jnlib_iconv_close (cd);
- goto failure;
- }
---
-1.7.10.4
-
-From b0b3803e8c2959dd67ca96debc54b5c6464f0d41 Mon Sep 17 00:00:00 2001
-From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
-Date: Fri, 19 Dec 2014 18:07:55 -0500
-Subject: [PATCH] scd: Avoid double-free on error condition in scd
-
-* scd/command.c (cmd_readkey): avoid double-free of cert
-
---
-
-When ksba_cert_new() fails, cert will be double-freed.
-
-Debian-Bug-Id: 773471
-
-Original patch changed by wk to do the free only at leave.
----
- scd/command.c | 6 ++----
- 1 file changed, 2 insertions(+), 4 deletions(-)
-
-diff --git a/scd/command.c b/scd/command.c
-index dd4191f..1cc580a 100644
---- a/scd/command.c
-+++ b/scd/command.c
-@@ -804,10 +804,8 @@ cmd_readkey (assuan_context_t ctx, char *line)
-
- rc = ksba_cert_new (&kc);
- if (rc)
-- {
-- xfree (cert);
-- goto leave;
-- }
-+ goto leave;
-+
- rc = ksba_cert_init_from_mem (kc, cert, ncert);
- if (rc)
- {
---
-1.7.10.4
-
-From abd5f6752d693b7f313c19604f0723ecec4d39a6 Mon Sep 17 00:00:00 2001
-From: Werner Koch <wk@gnupg.org>
-Date: Mon, 22 Dec 2014 12:16:46 +0100
-Subject: [PATCH] dirmngr,gpgsm: Return NULL on fail
-
-* dirmngr/ldapserver.c (ldapserver_parse_one): Set SERVER to NULL.
-* sm/gpgsm.c (parse_keyserver_line): Ditto.
---
-
-Reported-by: Joshua Rogers <git@internot.info>
-
- "If something inside the ldapserver_parse_one function failed,
- 'server' would be freed, then returned, leading to a
- use-after-free. This code is likely copied from sm/gpgsm.c, which
- was also susceptible to this bug."
-
-Signed-off-by: Werner Koch <wk@gnupg.org>
----
- dirmngr/ldapserver.c | 1 +
- sm/gpgsm.c | 1 +
- 2 files changed, 2 insertions(+)
-
-diff --git a/dirmngr/ldapserver.c b/dirmngr/ldapserver.c
-index 20a574c..5808c5b 100644
---- a/dirmngr/ldapserver.c
-+++ b/dirmngr/ldapserver.c
-@@ -125,6 +125,7 @@ ldapserver_parse_one (char *line,
- {
- log_info (_("%s:%u: skipping this line\n"), filename, lineno);
- ldapserver_list_free (server);
-+ server = NULL;
- }
-
- return server;
-diff --git a/sm/gpgsm.c b/sm/gpgsm.c
-index 3398d17..72bceb4 100644
---- a/sm/gpgsm.c
-+++ b/sm/gpgsm.c
-@@ -862,6 +862,7 @@ parse_keyserver_line (char *line,
- {
- log_info (_("%s:%u: skipping this line\n"), filename, lineno);
- keyserver_list_free (server);
-+ server = NULL;
- }
-
- return server;
---
-1.7.10.4
-
diff --git a/app-crypt/gnupg/files/gnupg-2.1.3-dirmngr-Fix-segfault-in-ldap-engine.patch b/app-crypt/gnupg/files/gnupg-2.1.3-dirmngr-Fix-segfault-in-ldap-engine.patch
deleted file mode 100644
index ca9789609b50..000000000000
--- a/app-crypt/gnupg/files/gnupg-2.1.3-dirmngr-Fix-segfault-in-ldap-engine.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From c3216513bf12cdeec154b6430a50ef6dfd271ee6 Mon Sep 17 00:00:00 2001
-From: Kristian Fiskerstrand <kf@sumptuouscapital.com>
-Date: Sun, 12 Apr 2015 01:11:07 +0200
-Subject: [PATCH] dirmngr: Fix segfault in ldap engine
-
-(ks-engine-ldap.c) Fix segfault caused by missing check whether uri is
-initialized
----
- dirmngr/ks-engine-ldap.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/dirmngr/ks-engine-ldap.c b/dirmngr/ks-engine-ldap.c
-index aefd12a..4497025 100644
---- a/dirmngr/ks-engine-ldap.c
-+++ b/dirmngr/ks-engine-ldap.c
-@@ -306,7 +306,9 @@ ks_ldap_help (ctrl_t ctrl, parsed_uri_t uri)
- "Supported methods: search, get, put\n";
- gpg_error_t err;
-
-- if (strcmp (uri->scheme, "ldap") == 0
-+ if(!uri)
-+ err = ks_print_help (ctrl, " ldap");
-+ else if (strcmp (uri->scheme, "ldap") == 0
- || strcmp (uri->scheme, "ldaps") == 0
- || strcmp (uri->scheme, "ldapi") == 0)
- err = ks_print_help (ctrl, data);
---
-2.3.0
-
diff --git a/app-crypt/gnupg/files/gnupg-2.1.3-dirmngr-no-ldap.patch b/app-crypt/gnupg/files/gnupg-2.1.3-dirmngr-no-ldap.patch
deleted file mode 100644
index 441fa1ae4ca0..000000000000
--- a/app-crypt/gnupg/files/gnupg-2.1.3-dirmngr-no-ldap.patch
+++ /dev/null
@@ -1,246 +0,0 @@
-From 5cde5bf37339cdeb0bd0a33d39477382eafebede Mon Sep 17 00:00:00 2001
-From: "Neal H. Walfield" <neal@g10code.com>
-Date: Mon, 13 Apr 2015 12:02:40 +0200
-Subject: [PATCH 1/1] dirmngr: If LDAP is not enable, don't build the LDAP
- bits.
-
-* dirmngr/Makefile.am (dirmngr_SOURCES): Only include
-ks-engine-ldap.c, ldap-parse-uri.c and ldap-parse-uri.h if USE_LDAP
-is TRUE.
-(module_tests): Only add t-ldap-parse-uri if USE_LDAP is TRUE.
-* dirmngr/ks-action.c: Only include "ldap-parse-uri.h" if USE_LDAP is
-TRUE.
-(ks_action_help): Don't invoke LDAP functionality if USE_LDAP is not
-TRUE.
-(ks_action_search): Likewise.
-(ks_action_get): Likewise.
-(ks_action_put): Likewise.
-* dirmngr/server.c: Only include "ldap-parse-uri.h" if USE_LDAP is
-TRUE.
-(cmd_keyserver): Don't invoke LDAP functionality if USE_LDAP is not
-TRUE.
-
---
-Signed-off-by: Neal H. Walfield <neal@g10code.com>
-GnuPG-bug-id: 1949
----
- dirmngr/Makefile.am | 14 ++++++----
- dirmngr/ks-action.c | 76 ++++++++++++++++++++++++++++++++++++++---------------
- dirmngr/server.c | 10 +++++--
- 3 files changed, 72 insertions(+), 28 deletions(-)
-
-diff --git a/dirmngr/Makefile.am b/dirmngr/Makefile.am
-index a8b1c52..c5713a7 100644
---- a/dirmngr/Makefile.am
-+++ b/dirmngr/Makefile.am
-@@ -62,13 +62,12 @@ dirmngr_SOURCES = dirmngr.c dirmngr.h server.c crlcache.c crlfetch.c \
- cdb.h cdblib.c misc.c dirmngr-err.h \
- ocsp.c ocsp.h validate.c validate.h \
- ks-action.c ks-action.h ks-engine.h \
-- ks-engine-hkp.c ks-engine-http.c ks-engine-finger.c ks-engine-kdns.c \
-- ks-engine-ldap.c \
-- ldap-parse-uri.c ldap-parse-uri.h
-+ ks-engine-hkp.c ks-engine-http.c ks-engine-finger.c ks-engine-kdns.c
-
- if USE_LDAP
- dirmngr_SOURCES += ldapserver.h ldapserver.c ldap.c w32-ldap-help.h \
-- ldap-wrapper.h $(ldap_url) $(extraldap_src)
-+ ldap-wrapper.h ldap-parse-uri.c ldap-parse-uri.h \
-+ ks-engine-ldap.c $(ldap_url) $(extraldap_src)
- ldaplibs = $(LDAPLIBS)
- else
- ldaplibs =
-@@ -114,7 +113,12 @@ t_common_ldadd = $(libcommontls) $(libcommon) no-libgcrypt.o \
- $(NTBTLS_LIBS) $(LIBGNUTLS_LIBS) \
- $(DNSLIBS) $(LIBINTL) $(LIBICONV)
-
--module_tests = t-ldap-parse-uri
-+module_tests =
-+
-+if USE_LDAP
-+module_tests += t-ldap-parse-uri
-+endif
-+
- t_ldap_parse_uri_SOURCES = \
- t-ldap-parse-uri.c ldap-parse-uri.c ldap-parse-uri.h \
- $(ldap_url) $(t_common_src)
-diff --git a/dirmngr/ks-action.c b/dirmngr/ks-action.c
-index c76aaaa..dd4516a 100644
---- a/dirmngr/ks-action.c
-+++ b/dirmngr/ks-action.c
-@@ -30,7 +30,9 @@
- #include "misc.h"
- #include "ks-engine.h"
- #include "ks-action.h"
--#include "ldap-parse-uri.h"
-+#if USE_LDAP
-+# include "ldap-parse-uri.h"
-+#endif
-
- /* Called by the engine's help functions to print the actual help. */
- gpg_error_t
-@@ -73,10 +75,14 @@ ks_action_help (ctrl_t ctrl, const char *url)
- }
- else
- {
-+#if USE_LDAP
- if (ldap_uri_p (url))
- err = ldap_parse_uri (&parsed_uri, url);
- else
-- err = http_parse_uri (&parsed_uri, url, 1);
-+#endif
-+ {
-+ err = http_parse_uri (&parsed_uri, url, 1);
-+ }
-
- if (err)
- return err;
-@@ -90,8 +96,10 @@ ks_action_help (ctrl_t ctrl, const char *url)
- err = ks_finger_help (ctrl, parsed_uri);
- if (!err)
- err = ks_kdns_help (ctrl, parsed_uri);
-+#if USE_LDAP
- if (!err)
- err = ks_ldap_help (ctrl, parsed_uri);
-+#endif
-
- if (!parsed_uri)
- ks_print_help (ctrl,
-@@ -151,16 +159,23 @@ ks_action_search (ctrl_t ctrl, uri_item_t keyservers,
- for (uri = keyservers; !err && uri; uri = uri->next)
- {
- int is_http = uri->parsed_uri->is_http;
-- int is_ldap = (strcmp (uri->parsed_uri->scheme, "ldap") == 0
-- || strcmp (uri->parsed_uri->scheme, "ldaps") == 0
-- || strcmp (uri->parsed_uri->scheme, "ldapi") == 0);
-+ int is_ldap = 0;
-+#if USE_LDAP
-+ is_ldap = (strcmp (uri->parsed_uri->scheme, "ldap") == 0
-+ || strcmp (uri->parsed_uri->scheme, "ldaps") == 0
-+ || strcmp (uri->parsed_uri->scheme, "ldapi") == 0);
-+#endif
- if (is_http || is_ldap)
- {
- any_server = 1;
-- if (is_http)
-- err = ks_hkp_search (ctrl, uri->parsed_uri, patterns->d, &infp);
-- else if (is_ldap)
-+#if USE_LDAP
-+ if (is_ldap)
- err = ks_ldap_search (ctrl, uri->parsed_uri, patterns->d, &infp);
-+ else
-+#endif
-+ {
-+ err = ks_hkp_search (ctrl, uri->parsed_uri, patterns->d, &infp);
-+ }
-
- if (!err)
- {
-@@ -203,18 +218,27 @@ ks_action_get (ctrl_t ctrl, uri_item_t keyservers,
- for (uri = keyservers; !err && uri; uri = uri->next)
- {
- int is_http = uri->parsed_uri->is_http;
-- int is_ldap = (strcmp (uri->parsed_uri->scheme, "ldap") == 0
-- || strcmp (uri->parsed_uri->scheme, "ldaps") == 0
-- || strcmp (uri->parsed_uri->scheme, "ldapi") == 0);
-+ int is_ldap = 0;
-+
-+#if USE_LDAP
-+ is_ldap = (strcmp (uri->parsed_uri->scheme, "ldap") == 0
-+ || strcmp (uri->parsed_uri->scheme, "ldaps") == 0
-+ || strcmp (uri->parsed_uri->scheme, "ldapi") == 0);
-+#endif
-+
- if (is_http || is_ldap)
- {
- any_server = 1;
- for (sl = patterns; !err && sl; sl = sl->next)
- {
-- if (is_http)
-- err = ks_hkp_get (ctrl, uri->parsed_uri, sl->d, &infp);
-- else
-+#if USE_LDAP
-+ if (is_ldap)
- err = ks_ldap_get (ctrl, uri->parsed_uri, sl->d, &infp);
-+ else
-+#endif
-+ {
-+ err = ks_hkp_get (ctrl, uri->parsed_uri, sl->d, &infp);
-+ }
-
- if (err)
- {
-@@ -322,22 +346,32 @@ ks_action_put (ctrl_t ctrl, uri_item_t keyservers,
- int any_server = 0;
- uri_item_t uri;
-
-+ (void) info;
-+ (void) infolen;
-+
- for (uri = keyservers; !err && uri; uri = uri->next)
- {
- int is_http = uri->parsed_uri->is_http;
-- int is_ldap = (strcmp (uri->parsed_uri->scheme, "ldap") == 0
-- || strcmp (uri->parsed_uri->scheme, "ldaps") == 0
-- || strcmp (uri->parsed_uri->scheme, "ldapi") == 0);
-+ int is_ldap = 0;
-+
-+#if USE_LDAP
-+ is_ldap = (strcmp (uri->parsed_uri->scheme, "ldap") == 0
-+ || strcmp (uri->parsed_uri->scheme, "ldaps") == 0
-+ || strcmp (uri->parsed_uri->scheme, "ldapi") == 0);
-+#endif
-
- if (is_http || is_ldap)
- {
- any_server = 1;
-- if (is_http)
-- err = ks_hkp_put (ctrl, uri->parsed_uri, data, datalen);
-- else
-+#if USE_LDAP
-+ if (is_ldap)
- err = ks_ldap_put (ctrl, uri->parsed_uri, data, datalen,
- info, infolen);
--
-+ else
-+#endif
-+ {
-+ err = ks_hkp_put (ctrl, uri->parsed_uri, data, datalen);
-+ }
- if (err)
- {
- first_err = err;
-diff --git a/dirmngr/server.c b/dirmngr/server.c
-index 506b137..3e6d99d 100644
---- a/dirmngr/server.c
-+++ b/dirmngr/server.c
-@@ -48,7 +48,9 @@
- #endif
- #include "ks-action.h"
- #include "ks-engine.h" /* (ks_hkp_print_hosttable) */
--#include "ldap-parse-uri.h"
-+#if USE_LDAP
-+# include "ldap-parse-uri.h"
-+#endif
-
- /* To avoid DoS attacks we limit the size of a certificate to
- something reasonable. */
-@@ -1530,10 +1532,14 @@ cmd_keyserver (assuan_context_t ctx, char *line)
- item->parsed_uri = NULL;
- strcpy (item->uri, line);
-
-+#if USE_LDAP
- if (ldap_uri_p (item->uri))
- err = ldap_parse_uri (&item->parsed_uri, line);
- else
-- err = http_parse_uri (&item->parsed_uri, line, 1);
-+#endif
-+ {
-+ err = http_parse_uri (&item->parsed_uri, line, 1);
-+ }
- if (err)
- {
- xfree (item);
---
-2.1.4
-
diff --git a/app-crypt/gnupg/files/gnupg-2.1.3-gpg-fix-null-segv.patch b/app-crypt/gnupg/files/gnupg-2.1.3-gpg-fix-null-segv.patch
deleted file mode 100644
index 395cbebb797b..000000000000
--- a/app-crypt/gnupg/files/gnupg-2.1.3-gpg-fix-null-segv.patch
+++ /dev/null
@@ -1,73 +0,0 @@
-From 25fce93ba19d997e234a674d5cc98df82c5b5496 Mon Sep 17 00:00:00 2001
-From: Werner Koch <wk@gnupg.org>
-Date: Mon, 13 Apr 2015 11:44:10 +0200
-Subject: [PATCH] gpg: Fix NULL-segv due to invalid imported data.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=utf8
-Content-Transfer-Encoding: 8bit
-
-* g10/free-packet.c (my_mpi_copy): New.
-(copy_public_key, copy_signature): Use instead of mpi_copy.
---
-
-Reported-by: Hanno Böck
-Signed-off-by: Werner Koch <wk@gnupg.org>
----
- g10/free-packet.c | 22 ++++++++++++++++++----
- 1 file changed, 18 insertions(+), 4 deletions(-)
-
-diff --git a/g10/free-packet.c b/g10/free-packet.c
-index 99e7404..49d54f4 100644
---- a/g10/free-packet.c
-+++ b/g10/free-packet.c
-@@ -31,6 +31,20 @@
- #include "options.h"
-
-
-+/* This is mpi_copy with a fix for opaque MPIs which store a NULL
-+ pointer. This will also be fixed in Libggcrypt 1.7.0. */
-+static gcry_mpi_t
-+my_mpi_copy (gcry_mpi_t a)
-+{
-+ if (a
-+ && gcry_mpi_get_flag (a, GCRYMPI_FLAG_OPAQUE)
-+ && !gcry_mpi_get_opaque (a, NULL))
-+ return NULL;
-+
-+ return gcry_mpi_copy (a);
-+}
-+
-+
- void
- free_symkey_enc( PKT_symkey_enc *enc )
- {
-@@ -190,11 +204,11 @@ copy_public_key (PKT_public_key *d, PKT_public_key *s)
- n = pubkey_get_npkey (s->pubkey_algo);
- i = 0;
- if (!n)
-- d->pkey[i++] = mpi_copy (s->pkey[0]);
-+ d->pkey[i++] = my_mpi_copy (s->pkey[0]);
- else
- {
- for (; i < n; i++ )
-- d->pkey[i] = mpi_copy( s->pkey[i] );
-+ d->pkey[i] = my_mpi_copy (s->pkey[i]);
- }
- for (; i < PUBKEY_MAX_NSKEY; i++)
- d->pkey[i] = NULL;
-@@ -237,10 +251,10 @@ copy_signature( PKT_signature *d, PKT_signature *s )
- memcpy( d, s, sizeof *d );
- n = pubkey_get_nsig( s->pubkey_algo );
- if( !n )
-- d->data[0] = mpi_copy(s->data[0]);
-+ d->data[0] = my_mpi_copy(s->data[0]);
- else {
- for(i=0; i < n; i++ )
-- d->data[i] = mpi_copy( s->data[i] );
-+ d->data[i] = my_mpi_copy( s->data[i] );
- }
- d->pka_info = s->pka_info? cp_pka_info (s->pka_info) : NULL;
- d->hashed = cp_subpktarea (s->hashed);
---
-2.1.4
-
diff --git a/app-crypt/gnupg/gnupg-2.1.3-r3.ebuild b/app-crypt/gnupg/gnupg-2.1.4.ebuild
index 4c3dba0be8e1..69f80aae56e7 100644
--- a/app-crypt/gnupg/gnupg-2.1.3-r3.ebuild
+++ b/app-crypt/gnupg/gnupg-2.1.4.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2015 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-crypt/gnupg/gnupg-2.1.3-r3.ebuild,v 1.3 2015/04/26 12:51:31 blueness Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-crypt/gnupg/gnupg-2.1.4.ebuild,v 1.1 2015/05/13 15:16:48 k_f Exp $
EAPI="5"
@@ -60,11 +60,7 @@ S="${WORKDIR}/${MY_P}"
src_prepare() {
epatch "${FILESDIR}/${PN}-2.0.17-gpgsm-gencert.patch"
- epatch "${FILESDIR}/${P}-dirmngr-Fix-segfault-in-ldap-engine.patch"
- epatch "${FILESDIR}/${P}-dirmngr-no-ldap.patch"
- epatch "${FILESDIR}/${P}-gpg-fix-null-segv.patch"
epatch_user
- eautoreconf
}
src_configure() {
@@ -103,13 +99,6 @@ src_configure() {
$(use_enable nls) \
$(use_with readline) \
CC_FOR_BUILD="$(tc-getBUILD_CC)"
-
- # Due to the LDAP patch specific to 2.1.3 is causing an eautoreconf
- # it shows up as being a developer version and with "unknown" suffix
- # we remove this explicitly for the 2.1.3 release as it does not contain
- # unstable code
- sed -i "s/#define IS_DEVELOPMENT_VERSION 1//" config.h || die
- sed -i "s/2.1.3-unknown/2.1.3/" config.h || die
}
src_compile() {