Permalink
Browse files

Merge branch 'master' of git.funtoo.org:funtoo-overlay

  • Loading branch information...
2 parents de460ba + 626f37f commit 94755b24d337316639c912de36f090f578ec067f @danielrobbins danielrobbins committed Apr 27, 2013
@@ -0,0 +1 @@
+DIST gnupg-2.0.19.tar.bz2 4187460 SHA256 efa23a8a925adb51c7d3b708c25b6d000300f5ce37de9bdec6453be7b419c622 SHA512 9bfc83ebca29ca8e3dde803ba494adb3c4e2fdcacbf33b5592764fe187dbe2433e04ff53734a9c3197358d559c1046098707089ddbea9fa63c849d48ce73ca51 WHIRLPOOL 026f9a8740322b951b256ec87fabb8a1b3ad2114208f52c2082b73b2193d1be8e276f0f526762bbebb04e612351162eb78c9c50eeb058e35fad9c4df1d7db540
@@ -0,0 +1,34 @@
+From c34486a64c223bcbfbb57d9abcf107d684b815b6 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Diego=20Elio=20Petten=C3=B2?= <flameeyes@gmail.com>
+Date: Sun, 17 Apr 2011 01:34:39 +0200
+Subject: [PATCH] gpgsm-gencert.sh: make sure not to abort after creating temp
+ file.
+
+https://bugs.g10code.com/gnupg/issue1466
+
+---
+ tools/gpgsm-gencert.sh | 8 ++++----
+ 1 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/tools/gpgsm-gencert.sh b/tools/gpgsm-gencert.sh
+index b209c8e..e7c812f 100755
+--- a/tools/gpgsm-gencert.sh
++++ b/tools/gpgsm-gencert.sh
+@@ -178,10 +178,10 @@ Key-Length: $KEY_LENGTH
+ Key-Usage: $KEY_USAGE
+ Name-DN: $NAME
+ EOF
+-[ -n "$KEY_GRIP" ] && echo "Key-Grip: $KEY_GRIP"
+-[ -n "$EMAIL_ADDRESSES" ] && echo "$EMAIL_ADDRESSES"
+-[ -n "$DNS_ADDRESSES" ] && echo "$DNS_ADDRESSES"
+-[ -n "$URI_ADDRESSES" ] && echo "$URI_ADDRESSES"
++[ -n "$KEY_GRIP" ] && echo "Key-Grip: $KEY_GRIP" || true
++[ -n "$EMAIL_ADDRESSES" ] && echo "$EMAIL_ADDRESSES" || true
++[ -n "$DNS_ADDRESSES" ] && echo "$DNS_ADDRESSES" || true
++[ -n "$URI_ADDRESSES" ] && echo "$URI_ADDRESSES" || true
+ ) > "$file_parameter"
+
+
+--
+1.7.5.rc1
+
@@ -0,0 +1,31 @@
+diff --git a/gl/stdinit_.h b/gl/stdint_.h
+
+--- a/gl/stdint_.h 2012-12-26 15:40:09.771486357 -0500
++++ b/gl/stdint_.h 2012-12-26 15:41:45.409931190 -0500
+@@ -62,7 +62,8 @@
+ int{8,16,32,64}_t, uint{8,16,32,64}_t and __BIT_TYPES_DEFINED__.
+ <inttypes.h> also defines intptr_t and uintptr_t. */
+ # define _GL_JUST_INCLUDE_ABSOLUTE_INTTYPES_H
+-# include <inttypes.h>
++// This line breaks Clang/LLVM Builds.
++//# include <inttypes.h>
+ # undef _GL_JUST_INCLUDE_ABSOLUTE_INTTYPES_H
+ #elif @HAVE_SYS_INTTYPES_H@
+ /* Solaris 7 <sys/inttypes.h> has the types except the *_fast*_t types, and
+@@ -206,10 +207,12 @@
+
+ /* 7.18.1.4. Integer types capable of holding object pointers */
+
+-#undef intptr_t
+-#undef uintptr_t
+-#define intptr_t long int
+-#define uintptr_t unsigned long int
++/* Comment this out, it breaks Clang/LLVM builds. */
++
++//#undef intptr_t
++//#undef uintptr_t
++//#define intptr_t long int
++//#define uintptr_t unsigned long int
+
+ /* 7.18.1.5. Greatest-width integer types */
+
@@ -0,0 +1,184 @@
+From ab4ea45f54006eba55db11263431c4c0c4f557dc Mon Sep 17 00:00:00 2001
+From: Werner Koch <wk@gnupg.org>
+Date: Tue, 6 Nov 2012 14:39:22 +0100
+Subject: [PATCH 1/1] Allow decryption with card keys > 3072 bit
+
+* scd/command.c (MAXLEN_SETDATA): New.
+(cmd_setdata): Add option --append.
+* g10/call-agent.c (agent_scd_pkdecrypt): Use new option for long data
+
+* scd/app-openpgp.c (struct app_local_s): Add field manufacturer.
+(app_select_openpgp): Store manufacturer.
+(do_decipher): Print a note for broken cards.
+
+--
+
+Please note that I was not able to run a full test because I only have
+broken cards (S/N < 346) available.
+---
+ g10/call-agent.c | 22 ++++++++++++++--------
+ scd/app-openpgp.c | 10 ++++++++++
+ scd/command.c | 38 ++++++++++++++++++++++++++++++++------
+ 3 files changed, 56 insertions(+), 14 deletions(-)
+
+diff --git a/g10/call-agent.c b/g10/call-agent.c
+index cded773..373d8c9 100644
+--- a/g10/call-agent.c
++++ b/g10/call-agent.c
+@@ -1034,7 +1034,7 @@ agent_scd_pksign (const char *serialno, int hashalgo,
+
+
+ /* Decrypt INDATA of length INDATALEN using the card identified by
+- SERIALNO. Return the plaintext in a nwly allocated buffer stored
++ SERIALNO. Return the plaintext in a newly allocated buffer stored
+ at the address of R_BUF.
+
+ Note, we currently support only RSA or more exactly algorithms
+@@ -1058,20 +1058,26 @@ agent_scd_pkdecrypt (const char *serialno,
+ return rc;
+
+ /* FIXME: use secure memory where appropriate */
+- if (indatalen*2 + 50 > DIM(line))
+- return gpg_error (GPG_ERR_GENERAL);
+
+ rc = select_openpgp (serialno);
+ if (rc)
+ return rc;
+
+- sprintf (line, "SCD SETDATA ");
+- p = line + strlen (line);
+- for (i=0; i < indatalen ; i++, p += 2 )
+- sprintf (p, "%02X", indata[i]);
+- rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
++ for (len = 0; len < indatalen;)
++ {
++ p = stpcpy (line, "SCD SETDATA ");
++ if (len)
++ p = stpcpy (p, "--append ");
++ for (i=0; len < indatalen && (i*2 < DIM(line)-50); i++, len++)
++ {
++ sprintf (p, "%02X", indata[len]);
++ p += 2;
++ }
++ rc = assuan_transact (agent_ctx, line,
++ NULL, NULL, NULL, NULL, NULL, NULL);
+ if (rc)
+ return rc;
++ }
+
+ init_membuf (&data, 1024);
+ snprintf (line, DIM(line)-1, "SCD PKDECRYPT %s", serialno);
+diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c
+index ff26b36..141b2b7 100644
+--- a/scd/app-openpgp.c
++++ b/scd/app-openpgp.c
+@@ -158,6 +158,8 @@ struct app_local_s {
+
+ unsigned char status_indicator; /* The card status indicator. */
+
++ unsigned int manufacturer:16; /* Manufacturer ID from the s/n. */
++
+ /* Keep track of the ISO card capabilities. */
+ struct
+ {
+@@ -3462,6 +3464,12 @@ do_decipher (app_t app, const char *keyidstr,
+ indata, indatalen, le_value, padind,
+ outdata, outdatalen);
+ xfree (fixbuf);
++
++ if (gpg_err_code (rc) == GPG_ERR_CARD /* actual SW is 0x640a */
++ && app->app_local->manufacturer == 5
++ && app->card_version == 0x0200)
++ log_info ("NOTE: Cards with manufacturer id 5 and s/n <= 346 (0x15a)"
++ " do not work with encryption keys > 2048 bits\n");
+ }
+
+ return rc;
+@@ -3749,6 +3757,8 @@ app_select_openpgp (app_t app)
+ goto leave;
+ }
+
++ app->app_local->manufacturer = manufacturer;
++
+ if (app->card_version >= 0x0200)
+ app->app_local->extcap.is_v2 = 1;
+
+diff --git a/scd/command.c b/scd/command.c
+index 6053fc6..3ce4a57 100644
+--- a/scd/command.c
++++ b/scd/command.c
+@@ -46,6 +46,9 @@
+ /* Maximum allowed size of key data as used in inquiries. */
+ #define MAXLEN_KEYDATA 4096
+
++/* Maximum allowed total data size for SETDATA. */
++#define MAXLEN_SETDATA 4096
++
+ /* Maximum allowed size of certificate data as used in inquiries. */
+ #define MAXLEN_CERTDATA 16384
+
+@@ -820,17 +823,24 @@ cmd_readkey (assuan_context_t ctx, char *line)
+
+
+ static const char hlp_setdata[] =
+- "SETDATA <hexstring> \n"
++ "SETDATA [--append] <hexstring>\n"
+ "\n"
+- "The client should use this command to tell us the data he want to sign.";
++ "The client should use this command to tell us the data he want to sign.\n"
++ "With the option --append, the data is appended to the data set by a\n"
++ "previous SETDATA command.";
+ static gpg_error_t
+ cmd_setdata (assuan_context_t ctx, char *line)
+ {
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+- int n;
++ int append;
++ int n, i, off;
+ char *p;
+ unsigned char *buf;
+
++ append = (ctrl->in_data.value && has_option (line, "--append"));
++
++ line = skip_options (line);
++
+ if (locked_session && locked_session != ctrl->server_local)
+ return gpg_error (GPG_ERR_LOCKED);
+
+@@ -844,14 +854,30 @@ cmd_setdata (assuan_context_t ctx, char *line)
+ if ((n&1))
+ return set_error (GPG_ERR_ASS_PARAMETER, "odd number of digits");
+ n /= 2;
++ if (append)
++ {
++ if (ctrl->in_data.valuelen + n > MAXLEN_SETDATA)
++ return set_error (GPG_ERR_TOO_LARGE,
++ "limit on total size of data reached");
++ buf = xtrymalloc (ctrl->in_data.valuelen + n);
++ }
++ else
+ buf = xtrymalloc (n);
+ if (!buf)
+ return out_of_core ();
+
++ if (append)
++ {
++ memcpy (buf, ctrl->in_data.value, ctrl->in_data.valuelen);
++ off = ctrl->in_data.valuelen;
++ }
++ else
++ off = 0;
++ for (p=line, i=0; i < n; p += 2, i++)
++ buf[off+i] = xtoi_2 (p);
++
+ ctrl->in_data.value = buf;
+- ctrl->in_data.valuelen = n;
+- for (p=line, n=0; n < ctrl->in_data.valuelen; p += 2, n++)
+- buf[n] = xtoi_2 (p);
++ ctrl->in_data.valuelen = off + n;
+ return 0;
+ }
+
+--
+1.7.2.5
+
@@ -0,0 +1,38 @@
+diff -ru gnupg-2.0.19.orig/doc/gpgsm.texi gnupg-2.0.19/doc/gpgsm.texi
+--- gnupg-2.0.19.orig/doc/gpgsm.texi 2012-03-27 10:03:23.000000000 +0200
++++ gnupg-2.0.19/doc/gpgsm.texi 2013-04-10 11:46:02.179960198 +0200
+@@ -760,8 +760,8 @@
+ This is the standard configuration file read by @command{gpgsm} on
+ startup. It may contain any valid long option; the leading two dashes
+ may not be entered and the option may not be abbreviated. This default
+-name may be changed on the command line (@pxref{option
+- --options}). You should backup this file.
++name may be changed on the command line (@pxref{option --options}).
++You should backup this file.
+
+
+ @item policies.txt
+diff -ru gnupg-2.0.19.orig/doc/gpl.texi gnupg-2.0.19/doc/gpl.texi
+--- gnupg-2.0.19.orig/doc/gpl.texi 2012-03-27 10:03:23.000000000 +0200
++++ gnupg-2.0.19/doc/gpl.texi 2013-04-10 12:45:20.988492453 +0200
+@@ -659,12 +659,14 @@
+ Program, unless a warranty or assumption of liability accompanies a
+ copy of the Program in return for a fee.
+
++@end enumerate
++
+ @iftex
+ @heading END OF TERMS AND CONDITIONS
+ @end iftex
+ @ifinfo
+ @center END OF TERMS AND CONDITIONS
+ @end ifinfo
+ @unnumberedsec How to Apply These Terms to Your New Programs
+
+ If you develop a new program, and you want it to be of the greatest
+@@ -721,5 +724,3 @@
+ applications with the library. If this is what you want to do, use
+ the GNU Lesser General Public License instead of this License. But
+ first, please read @url{http://www.gnu.org/philosophy/why-not-lgpl.html}.
+-
+-@end enumerate
Oops, something went wrong.

0 comments on commit 94755b2

Please sign in to comment.