2
0

bump version

This commit is contained in:
Arti Zirk 2019-11-29 13:05:54 +02:00
parent 7a2e77ba28
commit 1f3a44930e
3 changed files with 69 additions and 8 deletions

View File

@ -1,6 +1,6 @@
pkgbase = gnupg-scdaemon-shared-access pkgbase = gnupg-scdaemon-shared-access
pkgdesc = This package adds shared-access option that uses PCSC_SHARE_SHARED for pcsc_connect in scdaemon when using pcsc backend for smartcard access pkgdesc = This package adds shared-access option that uses PCSC_SHARE_SHARED for pcsc_connect in scdaemon when using pcsc backend for smartcard access
pkgver = 2.2.17 pkgver = 2.2.18
pkgrel = 1 pkgrel = 1
url = https://www.gnupg.org/ url = https://www.gnupg.org/
install = install install = install
@ -25,20 +25,22 @@ pkgbase = gnupg-scdaemon-shared-access
optdepends = pcsclite: scdaemon optdepends = pcsclite: scdaemon
provides = gnupg provides = gnupg
provides = dirmngr provides = dirmngr
provides = gnupg=2.2.17 provides = gnupg=2.2.18
provides = gnupg2=2.2.17 provides = gnupg2=2.2.18
conflicts = gnupg conflicts = gnupg
conflicts = dirmngr conflicts = dirmngr
conflicts = gnupg2 conflicts = gnupg2
source = https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.17.tar.bz2 source = https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.18.tar.bz2
source = https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.17.tar.bz2.sig source = https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.18.tar.bz2.sig
source = self-sigs-only.patch
source = scdaemon_shared-access.patch source = scdaemon_shared-access.patch
validpgpkeys = D8692123C4065DEA5E0F3AB5249B39D24F25E3B6 validpgpkeys = D8692123C4065DEA5E0F3AB5249B39D24F25E3B6
validpgpkeys = 46CC730865BB5C78EBABADCF04376F3EE0856959 validpgpkeys = 46CC730865BB5C78EBABADCF04376F3EE0856959
validpgpkeys = 031EC2536E580D8EA286A9F22071B08A33BD3F06 validpgpkeys = 031EC2536E580D8EA286A9F22071B08A33BD3F06
validpgpkeys = D238EA65D64C67ED4C3073F28A861B1C7EFD60D9 validpgpkeys = D238EA65D64C67ED4C3073F28A861B1C7EFD60D9
sha256sums = afa262868e39b651a2db4c071fba90415154243e83a830ca00516f9a807fd514 sha256sums = 30d37ce2ca55b2b9b61480b2a175a3b22066ab41cd3f84688448919b566dec0a
sha256sums = SKIP sha256sums = SKIP
sha256sums = 0130c43321c16f53ab2290833007212f8a26b1b73bd4edc2b2b1c9db2b2d0218
sha256sums = aa46b372830dd8ed355a86a1677c50c6be8178f847c09b7291f47a1dc3ea02dc sha256sums = aa46b372830dd8ed355a86a1677c50c6be8178f847c09b7291f47a1dc3ea02dc
pkgname = gnupg-scdaemon-shared-access pkgname = gnupg-scdaemon-shared-access

View File

@ -6,7 +6,7 @@
_pkgname=gnupg _pkgname=gnupg
pkgname=gnupg-scdaemon-shared-access pkgname=gnupg-scdaemon-shared-access
pkgver=2.2.17 pkgver=2.2.18
pkgrel=1 pkgrel=1
pkgdesc='This package adds shared-access option that uses PCSC_SHARE_SHARED for pcsc_connect in scdaemon when using pcsc backend for smartcard access' pkgdesc='This package adds shared-access option that uses PCSC_SHARE_SHARED for pcsc_connect in scdaemon when using pcsc backend for smartcard access'
url='https://www.gnupg.org/' url='https://www.gnupg.org/'
@ -24,9 +24,11 @@ validpgpkeys=('D8692123C4065DEA5E0F3AB5249B39D24F25E3B6'
'031EC2536E580D8EA286A9F22071B08A33BD3F06' '031EC2536E580D8EA286A9F22071B08A33BD3F06'
'D238EA65D64C67ED4C3073F28A861B1C7EFD60D9') 'D238EA65D64C67ED4C3073F28A861B1C7EFD60D9')
source=("https://gnupg.org/ftp/gcrypt/${_pkgname}/${_pkgname}-${pkgver}.tar.bz2"{,.sig} source=("https://gnupg.org/ftp/gcrypt/${_pkgname}/${_pkgname}-${pkgver}.tar.bz2"{,.sig}
"self-sigs-only.patch"
"scdaemon_shared-access.patch") "scdaemon_shared-access.patch")
sha256sums=('afa262868e39b651a2db4c071fba90415154243e83a830ca00516f9a807fd514' sha256sums=('30d37ce2ca55b2b9b61480b2a175a3b22066ab41cd3f84688448919b566dec0a'
'SKIP' 'SKIP'
'0130c43321c16f53ab2290833007212f8a26b1b73bd4edc2b2b1c9db2b2d0218'
'aa46b372830dd8ed355a86a1677c50c6be8178f847c09b7291f47a1dc3ea02dc') 'aa46b372830dd8ed355a86a1677c50c6be8178f847c09b7291f47a1dc3ea02dc')
install=install install=install
@ -37,6 +39,7 @@ provides=('gnupg' 'dirmngr' "gnupg=${pkgver}" "gnupg2=${pkgver}")
prepare() { prepare() {
cd "${srcdir}/${_pkgname}-${pkgver}" cd "${srcdir}/${_pkgname}-${pkgver}"
sed '/noinst_SCRIPTS = gpg-zip/c sbin_SCRIPTS += gpg-zip' -i tools/Makefile.in sed '/noinst_SCRIPTS = gpg-zip/c sbin_SCRIPTS += gpg-zip' -i tools/Makefile.in
patch -R -p1 -i ../self-sigs-only.patch
patch -p1 -t -N < "${srcdir}/scdaemon_shared-access.patch" patch -p1 -t -N < "${srcdir}/scdaemon_shared-access.patch"
} }

56
self-sigs-only.patch Normal file
View File

@ -0,0 +1,56 @@
From: Werner Koch <wk@gnupg.org>
Date: Thu, 4 Jul 2019 13:45:39 +0000 (+0200)
Subject: gpg: Add "self-sigs-only" and "import-clean" to the keyserver options.
X-Git-Url: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff_plain;h=23c978640812d123eaffd4108744bdfcf48f7c93
gpg: Add "self-sigs-only" and "import-clean" to the keyserver options.
* g10/gpg.c (main): Change default.
--
Due to the DoS attack on the keyeservers we do not anymore default to
import key signatures. That makes the keyserver unsuable for getting
keys for the WoT but it still allows to retriev keys - even if that
takes long to download the large keyblocks.
To revert to the old behavior add
keyserver-optiions no-self-sigs-only,no-import-clean
to gpg.conf.
GnuPG-bug-id: 4607
Signed-off-by: Werner Koch <wk@gnupg.org>
---
diff --git a/doc/gpg.texi b/doc/gpg.texi
index 8feab8218..9513a4e0f 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -1917,6 +1917,11 @@ are available for all keyserver types, some common options are:
@end table
+The default list of options is: "self-sigs-only, import-clean,
+repair-keys, repair-pks-subkey-bug, export-attributes,
+honor-pka-record".
+
+
@item --completes-needed @var{n}
@opindex compliant-needed
Number of completely trusted users to introduce a new
diff --git a/g10/gpg.c b/g10/gpg.c
index 66e47dde5..0bbe72394 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -2424,7 +2424,9 @@ main (int argc, char **argv)
opt.import_options = IMPORT_REPAIR_KEYS;
opt.export_options = EXPORT_ATTRIBUTES;
opt.keyserver_options.import_options = (IMPORT_REPAIR_KEYS
- | IMPORT_REPAIR_PKS_SUBKEY_BUG);
+ | IMPORT_REPAIR_PKS_SUBKEY_BUG
+ | IMPORT_SELF_SIGS_ONLY
+ | IMPORT_CLEAN);
opt.keyserver_options.export_options = EXPORT_ATTRIBUTES;
opt.keyserver_options.options = KEYSERVER_HONOR_PKA_RECORD;
opt.verify_options = (LIST_SHOW_UID_VALIDITY