gnupg: Update to 2.4.4
Removed patches are included in the new release
This commit is contained in:
Christoph Reiter
parent
ee51cd62b4
commit
abc1994e8a
@ -1,8 +1,8 @@
|
||||
# Maintainer: Alexey Pavlov <alexpux@gmail.com>
|
||||
|
||||
pkgname=gnupg
|
||||
pkgver=2.4.3
|
||||
pkgrel=2
|
||||
pkgver=2.4.4
|
||||
pkgrel=1
|
||||
pkgdesc='Complete and free implementation of the OpenPGP standard'
|
||||
provides=('dirmngr' "gnupg2=${pkgver}")
|
||||
url='https://gnupg.org/'
|
||||
@ -59,17 +59,13 @@ source=("https://gnupg.org/ftp/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2"{,
|
||||
'0001-gnupg-2.2.8-msys2.patch'
|
||||
'gnupg-2.4-avoid_beta_warning.patch'
|
||||
'gnupg-2.4-drop_import_clean.patch'
|
||||
'gnupg-2.4-revert_default_rfc4880bis.patch'
|
||||
'gnupg-2.4.3-fix_tpm2d_keytotpm_handling.patch'
|
||||
'dc13361524c1477b2106c7385f2059f9ea111b84.patch::https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff_plain;h=dc13361524c1477b2106c7385f2059f9ea111b84')
|
||||
sha256sums=('a271ae6d732f6f4d80c258ad9ee88dd9c94c8fdc33c3e45328c4d7c126bd219d'
|
||||
'gnupg-2.4-revert_default_rfc4880bis.patch')
|
||||
sha256sums=('67ebe016ca90fa7688ce67a387ebd82c6261e95897db7b23df24ff335be85bc6'
|
||||
'SKIP'
|
||||
'902563c91c72ed9222343de3482f4ca7b141775235625af5ad790f3d86419370'
|
||||
'243c3a79295519b3931f9d846cf2af5caa064a78de812ee336dc786c1567b4d0'
|
||||
'6ade15b536c50a88efc2d9dc958433b0ccfaf2908025b7672753e6bfce51c3c6'
|
||||
'ef2267eecd9eb59bbbbdb97d55cbfe10236b4979a125c6683a840830bc202905'
|
||||
'dc5958a1d183f786e2413b53d0ad548a255c984a3d68b8e38b3d8704e071bb87'
|
||||
'863def78d36fcb33ee56377c580f8fe4813ff4fa9a2fb731f17a64d5c5e7e354')
|
||||
'ef2267eecd9eb59bbbbdb97d55cbfe10236b4979a125c6683a840830bc202905')
|
||||
validpgpkeys=(
|
||||
'5B80C5754298F0CB55D8ED6ABCEF7E294B092E28' # Andre Heinecke (Release Signing Key)
|
||||
'6DAA6E64A76D2840571B4902528897B826403ADA' # Werner Koch (dist signing 2020)
|
||||
@ -88,10 +84,6 @@ prepare() {
|
||||
patch -p1 -i ${srcdir}/gnupg-2.4-avoid_beta_warning.patch
|
||||
patch -p1 -i ${srcdir}/gnupg-2.4-drop_import_clean.patch
|
||||
patch -p1 -i ${srcdir}/gnupg-2.4-revert_default_rfc4880bis.patch
|
||||
patch -p1 -i ${srcdir}/gnupg-2.4.3-fix_tpm2d_keytotpm_handling.patch
|
||||
|
||||
# https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;h=dc13361524c1477b2106c7385f2059f9ea111b84
|
||||
patch -p1 -i ${srcdir}/dc13361524c1477b2106c7385f2059f9ea111b84.patch
|
||||
|
||||
./autogen.sh --force
|
||||
}
|
||||
|
||||
@ -1,89 +0,0 @@
|
||||
From 9909f622f69e2b5775099931406dce2d35011281 Mon Sep 17 00:00:00 2001
|
||||
From: NIIBE Yutaka <gniibe@fsij.org>
|
||||
Date: Thu, 28 Sep 2023 11:59:14 +0900
|
||||
Subject: [PATCH] agent: fix tpm2d keytotpm handling
|
||||
|
||||
* agent/divert-tpm2.c (agent_write_tpm2_shadow_key): Call
|
||||
agent_delete_key before agent_write_private_key. Recover
|
||||
from an error.
|
||||
|
||||
--
|
||||
|
||||
Cherry-picked from master commit of:
|
||||
eda3997b439e415f1bebaa3be20c8bdb43d3a1d0
|
||||
|
||||
Fixes-commit: a1015bf2fc07dabb1200eab5fa41f13e7bf98202
|
||||
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
|
||||
---
|
||||
agent/divert-tpm2.c | 33 ++++++++++++++++++++++++++++-----
|
||||
1 file changed, 28 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/agent/divert-tpm2.c b/agent/divert-tpm2.c
|
||||
index b2f884f93..e7c6a8aae 100644
|
||||
--- a/agent/divert-tpm2.c
|
||||
+++ b/agent/divert-tpm2.c
|
||||
@@ -26,9 +26,10 @@ divert_tpm2_pksign (ctrl_t ctrl,
|
||||
|
||||
static gpg_error_t
|
||||
agent_write_tpm2_shadow_key (ctrl_t ctrl, const unsigned char *grip,
|
||||
- unsigned char *shadow_info)
|
||||
+ unsigned char *shadow_info,
|
||||
+ gcry_sexp_t s_key)
|
||||
{
|
||||
- gpg_error_t err;
|
||||
+ gpg_error_t err, err1;
|
||||
unsigned char *shdkey;
|
||||
unsigned char *pkbuf;
|
||||
size_t len;
|
||||
@@ -44,7 +45,14 @@ agent_write_tpm2_shadow_key (ctrl_t ctrl, const unsigned char *grip,
|
||||
xfree (pkbuf);
|
||||
if (err)
|
||||
{
|
||||
- log_error ("shadowing the key failed: %s\n", gpg_strerror (err));
|
||||
+ log_error ("shadowing the tpm key failed: %s\n", gpg_strerror (err));
|
||||
+ return err;
|
||||
+ }
|
||||
+
|
||||
+ err = agent_delete_key (ctrl, NULL, grip, 1, 0);
|
||||
+ if (err)
|
||||
+ {
|
||||
+ log_error ("failed to delete unshadowed key: %s\n", gpg_strerror (err));
|
||||
return err;
|
||||
}
|
||||
|
||||
@@ -53,7 +61,22 @@ agent_write_tpm2_shadow_key (ctrl_t ctrl, const unsigned char *grip,
|
||||
NULL, NULL, NULL, 0);
|
||||
xfree (shdkey);
|
||||
if (err)
|
||||
- log_error ("error writing key: %s\n", gpg_strerror (err));
|
||||
+ {
|
||||
+ log_error ("error writing tpm key: %s\n", gpg_strerror (err));
|
||||
+
|
||||
+ len = gcry_sexp_sprint(s_key, GCRYSEXP_FMT_CANON, NULL, 0);
|
||||
+ pkbuf = xtrymalloc(len);
|
||||
+ if (!pkbuf)
|
||||
+ return GPG_ERR_ENOMEM;
|
||||
+
|
||||
+ gcry_sexp_sprint(s_key, GCRYSEXP_FMT_CANON, pkbuf, len);
|
||||
+ err1 = agent_write_private_key (grip, pkbuf, len, 1 /*force*/,
|
||||
+ NULL, NULL, NULL, 0);
|
||||
+ xfree(pkbuf);
|
||||
+ if (err1)
|
||||
+ log_error ("error trying to restore private key: %s\n",
|
||||
+ gpg_strerror (err1));
|
||||
+ }
|
||||
|
||||
return err;
|
||||
}
|
||||
@@ -68,7 +91,7 @@ divert_tpm2_writekey (ctrl_t ctrl, const unsigned char *grip,
|
||||
|
||||
ret = agent_tpm2d_writekey(ctrl, &shadow_info, s_skey);
|
||||
if (!ret) {
|
||||
- ret = agent_write_tpm2_shadow_key (ctrl, grip, shadow_info);
|
||||
+ ret = agent_write_tpm2_shadow_key (ctrl, grip, shadow_info, s_skey);
|
||||
xfree (shadow_info);
|
||||
}
|
||||
return ret;
|
||||
--
|
||||
2.30.2
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user