[Gpg4win-commits] [git] Gpg4win - branch, master, updated. gpg4win-2.2.2-11-g5c80af9
by Andre Heinecke
cvs at cvs.gnupg.org
Mon Nov 17 15:29:10 CET 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG for Windows".
The branch, master has been updated
via 5c80af9ab23e577d556bd681375d0559e353d563 (commit)
via fe05743d252073bea44a153d74e30bf91e72c28f (commit)
via 2b0da1d796532486b7cdbc4f98938f18c99fcf22 (commit)
via 9f93330bb053d73bdd0f0ad5006f0a230b10152a (commit)
via a9f45d1e01bdbcda496d8a3474d415a22864e23c (commit)
via 639c355b84635f7d2457980519aa60c08b486439 (commit)
via af53edaf0001e1380a0894236c19de288d8cc96f (commit)
from 8ba3751e84087c030909efea8fc5afffc186bf43 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 5c80af9ab23e577d556bd681375d0559e353d563
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Mon Nov 17 15:26:31 2014 +0100
Spellcheck and minor wording changes for NEWS
* NEWS: Minor spelling / wording fixes.
diff --git a/NEWS b/NEWS
index 2c33aa7..a27c2b3 100644
--- a/NEWS
+++ b/NEWS
@@ -20,11 +20,11 @@ Noteworthy changes in version 2.2.3 (unreleased)
(de) GPA funktioniert nun auch wieder unter Windows XP.
(en) Verification of a detached signature without specifying what
- should be verified now shows a warning and has been disabled
+ should be verified may now show a warning and has been disabled
in batch mode.
-(de) Die verifikation von abgetrennten Signaturdateien ohne den
- Dateinamen anzugeben erzeugt nun eine Warnung und wird im
+(de) Die Verifikation von abgetrennten Signaturdateien ohne den
+ Dateinamen anzugeben erzeugt nun ggf. eine Warnung und wird im
Batch modus verhindert.
(en) Tar archives can now include files and folders that use
@@ -39,8 +39,8 @@ Noteworthy changes in version 2.2.3 (unreleased)
(en) Kleopatra now handles pre processing (e.g. Archiving) errors
and treats them as failure.
-(de) Kleopatra erkennt nun fehler bei der Vorverarbeitung von Dateien
- (z.B. beim Archivieren) und behandelt diese als Fehlschlag
+(de) Kleopatra erkennt nun Fehler bei der Vorverarbeitung von Dateien
+ (z.B. Archivieren) und behandelt diese als Fehlschlag
der Operation.
~~~~~~~~~~~~~~~
commit fe05743d252073bea44a153d74e30bf91e72c28f
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Mon Nov 17 15:21:36 2014 +0100
Update Kleopatra to include input error handling
* NEWS: Mention this.
* packages/packages.current (kleopatra): Update to current
gpg4win branch head.
--
This only commit that is new in this version is mentioned
in issue1624.
diff --git a/NEWS b/NEWS
index 2c6bfa2..2c33aa7 100644
--- a/NEWS
+++ b/NEWS
@@ -36,9 +36,16 @@ Noteworthy changes in version 2.2.3 (unreleased)
nativen Windows 8-Bit Zeichenkodierung kodiert werden
können.
+(en) Kleopatra now handles pre processing (e.g. Archiving) errors
+ and treats them as failure.
+
+(de) Kleopatra erkennt nun fehler bei der Vorverarbeitung von Dateien
+ (z.B. beim Archivieren) und behandelt diese als Fehlschlag
+ der Operation.
+
~~~~~~~~~~~~~~~
GnuPG: 2.0.26
-Kleopatra: 2.2.0-gitac229d2
+Kleopatra: 2.2.0-git2a58b4cb
GPA: 0.9.4
GpgOL: 1.2.1
GpgEX: 1.0.1
diff --git a/packages/packages.current b/packages/packages.current
index f905d7c..615bf9b 100644
--- a/packages/packages.current
+++ b/packages/packages.current
@@ -515,8 +515,8 @@ server http://files.kolab.org/local/gpg4win
# This is kdepim/gpg4win branch
# ac229d2213619345c7148f11a9732bb1ce2890a7
-file kleopatra-20140812-1-bin.tar.xz
-chk 58ecaeb5e13107bdcb38122b9b475293a63e8359
+file kleopatra-20141117-bin.tar.xz
+chk a75770a7d184afca705640f9ceb22522cf771434
-file kleopatra-20140812-src.tar.xz
-chk d540f02dd2b0134dd298783a4be42254020e9970
+file kleopatra-20141117-src.tar.xz
+chk 4b02f0d046d42175f347f0732eec904575915285
commit 2b0da1d796532486b7cdbc4f98938f18c99fcf22
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Mon Nov 17 14:58:24 2014 +0100
Add fix for gpgtar windows codepage handling
* NEWS: Mention this.
* patches/gnupg2-2.0.26/
0005-Fix-gpgtar-8-bit-encoding-handling-on-Win32.patch: New.
--
See issue1624 for details on this patch.
diff --git a/NEWS b/NEWS
index 9ec9263..2c6bfa2 100644
--- a/NEWS
+++ b/NEWS
@@ -27,6 +27,15 @@ Noteworthy changes in version 2.2.3 (unreleased)
Dateinamen anzugeben erzeugt nun eine Warnung und wird im
Batch modus verhindert.
+(en) Tar archives can now include files and folders that use
+ special characters (e.g. umlauts) which can be encoded
+ in the native Windows 8-Bit codepage.
+
+(de) Tar Archive können nun Dateien und Ordner beinhalten deren
+ Namen Sonderzeichen (z.B. Umlaute) enthalten welche in der
+ nativen Windows 8-Bit Zeichenkodierung kodiert werden
+ können.
+
~~~~~~~~~~~~~~~
GnuPG: 2.0.26
Kleopatra: 2.2.0-gitac229d2
diff --git a/patches/gnupg2-2.0.26/0005-Fix-gpgtar-8-bit-encoding-handling-on-Win32.patch b/patches/gnupg2-2.0.26/0005-Fix-gpgtar-8-bit-encoding-handling-on-Win32.patch
new file mode 100755
index 0000000..2d4b70c
--- /dev/null
+++ b/patches/gnupg2-2.0.26/0005-Fix-gpgtar-8-bit-encoding-handling-on-Win32.patch
@@ -0,0 +1,187 @@
+#! /bin/sh
+patch -p1 -l -f $* < $0
+exit $?
+
+From 70c387b523fa115f02a7d545fb1f503e9b86f913 Mon Sep 17 00:00:00 2001
+From: Andre Heinecke <aheinecke at intevation.de>
+Date: Fri, 24 Oct 2014 18:05:29 +0200
+Subject: [PATCH] Fix gpgtar 8 bit encoding handling on Win32
+
+ * tools/gpgtar-create.c (fillup_entry_w32, scan_directory): Convert
+ to and from local encoding.
+ * tools/gpgtar.c (wchar_to_cp, cp_to_wchar): New. Generalized
+ conversion functions.
+ (utf8_to_wchar, wchar_to_utf8): Removed.
+ (wchar_to_native, native_to_wchar): New.
+ * tools/gpgtar.h: Update accordingly.
+
+--
+
+ Gpgtar needs to handle filenames in the local 8 bit encoding on
+ Windows as it uses the 8 bit file io functions.
+
+ GnuPG-bug-id: 1624, 1746
+---
+ tools/gpgtar-create.c | 10 +++++-----
+ tools/gpgtar.c | 48 ++++++++++++++++++++++++++++++++++--------------
+ tools/gpgtar.h | 4 ++--
+ 3 files changed, 41 insertions(+), 21 deletions(-)
+
+diff --git a/tools/gpgtar-create.c b/tools/gpgtar-create.c
+index 09587e4..b586243 100644
+--- a/tools/gpgtar-create.c
++++ b/tools/gpgtar-create.c
+@@ -72,13 +72,13 @@ fillup_entry_w32 (tar_header_t hdr)
+ for (p=hdr->name; *p; p++)
+ if (*p == '/')
+ *p = '\\';
+- wfname = utf8_to_wchar (hdr->name);
++ wfname = native_to_wchar (hdr->name);
+ for (p=hdr->name; *p; p++)
+ if (*p == '\\')
+ *p = '/';
+ if (!wfname)
+ {
+- log_error ("error utf8-ing `%s': %s\n", hdr->name, w32_strerror (-1));
++ log_error ("error converting `%s': %s\n", hdr->name, w32_strerror (-1));
+ return gpg_error_from_syserror ();
+ }
+ if (!GetFileAttributesExW (wfname, GetFileExInfoStandard, &fad))
+@@ -299,7 +299,7 @@ scan_directory (const char *dname, scanctrl_t scanctrl)
+ for (p=fname; *p; p++)
+ if (*p == '/')
+ *p = '\\';
+- wfname = utf8_to_wchar (fname);
++ wfname = native_to_wchar (fname);
+ xfree (fname);
+ if (!wfname)
+ {
+@@ -322,11 +322,11 @@ scan_directory (const char *dname, scanctrl_t scanctrl)
+
+ do
+ {
+- char *fname = wchar_to_utf8 (fi.cFileName);
++ char *fname = wchar_to_native (fi.cFileName);
+ if (!fname)
+ {
+ err = gpg_error_from_syserror ();
+- log_error ("error utf8-ing filename: %s\n", w32_strerror (-1));
++ log_error ("error converting filename: %s\n", w32_strerror (-1));
+ break;
+ }
+ for (p=fname; *p; p++)
+diff --git a/tools/gpgtar.c b/tools/gpgtar.c
+index f88964f..644cdd0 100644
+--- a/tools/gpgtar.c
++++ b/tools/gpgtar.c
+@@ -465,18 +465,19 @@ gnupg_mkdir (const char *name, const char *modestr)
+ #endif
+ }
+
++
+ #ifdef HAVE_W32_SYSTEM
+-/* Return a malloced string encoded in UTF-8 from the wide char input
+- string STRING. Caller must free this value. Returns NULL and sets
+- ERRNO on failure. Calling this function with STRING set to NULL is
+- not defined. */
+-char *
+-wchar_to_utf8 (const wchar_t *string)
++/* Return a malloced string encoded for the codepage CODEPAGE from the wide
++ char input string STRING. Caller must free this value. Returns NULL
++ and sets ERRNO on failure. Calling this function with STRING set to
++ NULL is not defined. */
++static char *
++wchar_to_cp (const wchar_t *string, unsigned int codepage)
+ {
+ int n;
+ char *result;
+
+- n = WideCharToMultiByte (CP_UTF8, 0, string, -1, NULL, 0, NULL, NULL);
++ n = WideCharToMultiByte (codepage, 0, string, -1, NULL, 0, NULL, NULL);
+ if (n < 0)
+ {
+ errno = EINVAL;
+@@ -487,7 +488,7 @@ wchar_to_utf8 (const wchar_t *string)
+ if (!result)
+ return NULL;
+
+- n = WideCharToMultiByte (CP_UTF8, 0, string, -1, result, n, NULL, NULL);
++ n = WideCharToMultiByte (codepage, 0, string, -1, result, n, NULL, NULL);
+ if (n < 0)
+ {
+ xfree (result);
+@@ -497,19 +498,18 @@ wchar_to_utf8 (const wchar_t *string)
+ return result;
+ }
+
+-
+-/* Return a malloced wide char string from an UTF-8 encoded input
++/* Return a malloced wide char string from an CODEPAGE encoded input
+ string STRING. Caller must free this value. Returns NULL and sets
+ ERRNO on failure. Calling this function with STRING set to NULL is
+ not defined. */
+-wchar_t *
+-utf8_to_wchar (const char *string)
++static wchar_t*
++cp_to_wchar (const char *string, unsigned int codepage)
+ {
+ int n;
+ size_t nbytes;
+ wchar_t *result;
+
+- n = MultiByteToWideChar (CP_UTF8, 0, string, -1, NULL, 0);
++ n = MultiByteToWideChar (codepage, 0, string, -1, NULL, 0);
+ if (n < 0)
+ {
+ errno = EINVAL;
+@@ -526,7 +526,7 @@ utf8_to_wchar (const char *string)
+ if (!result)
+ return NULL;
+
+- n = MultiByteToWideChar (CP_UTF8, 0, string, -1, result, n);
++ n = MultiByteToWideChar (codepage, 0, string, -1, result, n);
+ if (n < 0)
+ {
+ free (result);
+@@ -535,4 +535,24 @@ utf8_to_wchar (const char *string)
+ }
+ return result;
+ }
++
++/* Return a malloced string encoded in the active code page from the
++ wide char input string STRING. Caller must free this value.
++ Returns NULL and sets ERRNO on failure.
++ Calling this function with STRING set to NULL is not defined. */
++char *
++wchar_to_native (const wchar_t *string)
++{
++ return wchar_to_cp (string, CP_ACP);
++}
++
++/* Return a malloced wide char string from an UTF-8 encoded input
++ string STRING. Caller must free this value. Returns NULL and sets
++ ERRNO on failure. Calling this function with STRING set to NULL is
++ not defined. */
++wchar_t *
++native_to_wchar (const char *string)
++{
++ return cp_to_wchar(string, CP_ACP);
++}
+ #endif /*HAVE_W32_SYSTEM*/
+diff --git a/tools/gpgtar.h b/tools/gpgtar.h
+index 5790894..8c0de85 100644
+--- a/tools/gpgtar.h
++++ b/tools/gpgtar.h
+@@ -113,8 +113,8 @@ gpg_error_t write_record (estream_t stream, const void *record);
+
+ int gnupg_mkdir (const char *name, const char *modestr);
+ #ifdef HAVE_W32_SYSTEM
+-char *wchar_to_utf8 (const wchar_t *string);
+-wchar_t *utf8_to_wchar (const char *string);
++char *wchar_to_native (const wchar_t *string);
++wchar_t *native_to_wchar (const char *string);
+ #endif
+
+ /*-- gpgtar-create.c --*/
+--
+1.9.1
commit 9f93330bb053d73bdd0f0ad5006f0a230b10152a
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Mon Nov 17 14:42:37 2014 +0100
Add gnupg commit a5ca45e
* NEWS: Mention the change.
* patches/gnupg2-2.0.26/
0004-Make-the-use-of-verifiy-file-harder.patch: New.
diff --git a/NEWS b/NEWS
index 5f520fb..9ec9263 100644
--- a/NEWS
+++ b/NEWS
@@ -19,6 +19,14 @@ Noteworthy changes in version 2.2.3 (unreleased)
(de) GPA funktioniert nun auch wieder unter Windows XP.
+(en) Verification of a detached signature without specifying what
+ should be verified now shows a warning and has been disabled
+ in batch mode.
+
+(de) Die verifikation von abgetrennten Signaturdateien ohne den
+ Dateinamen anzugeben erzeugt nun eine Warnung und wird im
+ Batch modus verhindert.
+
~~~~~~~~~~~~~~~
GnuPG: 2.0.26
Kleopatra: 2.2.0-gitac229d2
diff --git a/patches/gnupg2-2.0.26/0004-Make-the-use-of-verifiy-file-harder.patch b/patches/gnupg2-2.0.26/0004-Make-the-use-of-verifiy-file-harder.patch
new file mode 100755
index 0000000..af3417f
--- /dev/null
+++ b/patches/gnupg2-2.0.26/0004-Make-the-use-of-verifiy-file-harder.patch
@@ -0,0 +1,245 @@
+#! /bin/sh
+patch -p1 -l -f $* < $0
+exit $?
+
+commit a5ca45e6168e75aa6f3743b764d601ab3df966b7
+Author: Werner Koch <wk at gnupg.org>
+Date: Fri Nov 14 09:36:19 2014 +0100
+
+ gpg: Make the use of "--verify FILE" for detached sigs harder.
+
+ * g10/openfile.c (open_sigfile): Factor some code out to ...
+ (get_matching_datafile): new function.
+ * g10/plaintext.c (hash_datafiles): Do not try to find matching file
+ in batch mode.
+ * g10/mainproc.c (check_sig_and_print): Print a warning if a possibly
+ matching data file is not used by a standard signatures.
+ --
+
+ Allowing to use the abbreviated form for detached signatures is a long
+ standing bug which has only been noticed by the public with the
+ release of 2.1.0. :-(
+
+ What we do is to remove the ability to check detached signature in
+ --batch using the one file abbreviated mode. This should exhibit
+ problems in scripts which use this insecure practice. We also print a
+ warning if a matching data file exists but was not considered because
+ the detached signature was actually a standard signature:
+
+ gpgv: Good signature from "Werner Koch (dist sig)"
+ gpgv: WARNING: not a detached signature; \
+ file 'gnupg-2.1.0.tar.bz2' was NOT verified!
+
+ We can only print a warning because it is possible that a standard
+ signature is indeed to be verified but by coincidence a file with a
+ matching name is stored alongside the standard signature.
+
+ Reported-by: Simon Nicolussi (to gnupg-users on Nov 7)
+ Signed-off-by: Werner Koch <wk at gnupg.org>
+
+ (backported from commit 69384568f66a48eff3968bb1714aa13925580e9f)
+
+diff --git a/g10/main.h b/g10/main.h
+index e97b936..b55a184 100644
+--- a/g10/main.h
++++ b/g10/main.h
+@@ -253,7 +253,8 @@ int overwrite_filep( const char *fname );
+ char *make_outfile_name( const char *iname );
+ char *ask_outfile_name( const char *name, size_t namelen );
+ int open_outfile( const char *iname, int mode, iobuf_t *a );
+-iobuf_t open_sigfile( const char *iname, progress_filter_context_t *pfx );
++char *get_matching_datafile (const char *sigfilename);
++iobuf_t open_sigfile (const char *sigfilename, progress_filter_context_t *pfx);
+ void try_make_homedir( const char *fname );
+
+ /*-- seskey.c --*/
+diff --git a/g10/mainproc.c b/g10/mainproc.c
+index 551ab58..3abcb15 100644
+--- a/g10/mainproc.c
++++ b/g10/mainproc.c
+@@ -1959,6 +1959,44 @@ check_sig_and_print( CTX c, KBNODE node )
+ sig->sig_class==0x01?_("textmode"):_("unknown"),
+ gcry_md_algo_name (sig->digest_algo));
+
++ if (!rc && !c->signed_data.used)
++ {
++ /* Signature is basically good but we test whether the
++ deprecated command
++ gpg --verify FILE.sig
++ was used instead of
++ gpg --verify FILE.sig FILE
++ to verify a detached signature. If we figure out that a
++ data file with a matching name exists, we print a warning.
++
++ The problem is that the first form would also verify a
++ standard signature. This behavior could be used to
++ create a made up .sig file for a tarball by creating a
++ standard signature from a valid detached signature packet
++ (for example from a signed git tag). Then replace the
++ sig file on the FTP server along with a changed tarball.
++ Using the first form the verify command would correctly
++ verify the signature but don't even consider the tarball. */
++ kbnode_t n;
++ char *dfile;
++
++ dfile = get_matching_datafile (c->sigfilename);
++ if (dfile)
++ {
++ for (n = c->list; n; n = n->next)
++ if (n->pkt->pkttype != PKT_SIGNATURE)
++ break;
++ if (n)
++ {
++ /* Not only signature packets in the tree thus this
++ is not a detached signature. */
++ log_info (_("WARNING: not a detached signature; "
++ "file '%s' was NOT verified!\n"), dfile);
++ }
++ xfree (dfile);
++ }
++ }
++
+ if( rc )
+ g10_errors_seen = 1;
+ if( opt.batch && rc )
+diff --git a/g10/openfile.c b/g10/openfile.c
+index db5cdc2..dc9dfd0 100644
+--- a/g10/openfile.c
++++ b/g10/openfile.c
+@@ -287,41 +287,70 @@ open_outfile( const char *iname, int mode, IOBUF *a )
+ }
+
+
++/* Find a matching data file for the signature file SIGFILENAME and
++ return it as a malloced string. If no matching data file is found,
++ return NULL. */
++char *
++get_matching_datafile (const char *sigfilename)
++{
++ char *fname = NULL;
++ size_t len;
++
++ if (iobuf_is_pipe_filename (sigfilename))
++ return NULL;
++
++ len = strlen (sigfilename);
++ if (len > 4
++ && (!strcmp (sigfilename + len - 4, EXTSEP_S "sig")
++ || (len > 5 && !strcmp(sigfilename + len - 5, EXTSEP_S "sign"))
++ || !strcmp(sigfilename + len - 4, EXTSEP_S "asc")))
++ {
++
++ fname = xstrdup (sigfilename);
++ fname[len-(fname[len-1]=='n'?5:4)] = 0 ;
++ if (access (fname, R_OK ))
++ {
++ /* Not found or other error. */
++ xfree (fname);
++ fname = NULL;
++ }
++ }
++
++ return fname;
++}
++
++
+ /****************
+ * Try to open a file without the extension ".sig" or ".asc"
+ * Return NULL if such a file is not available.
+ */
+-IOBUF
+-open_sigfile( const char *iname, progress_filter_context_t *pfx )
++iobuf_t
++open_sigfile (const char *sigfilename, progress_filter_context_t *pfx)
+ {
+- IOBUF a = NULL;
+- size_t len;
+-
+- if( !iobuf_is_pipe_filename (iname) ) {
+- len = strlen(iname);
+- if( len > 4 && ( !strcmp(iname + len - 4, EXTSEP_S "sig")
+- || ( len > 5 && !strcmp(iname + len - 5, EXTSEP_S "sign") )
+- || !strcmp(iname + len - 4, EXTSEP_S "asc")) ) {
+- char *buf;
+- buf = xstrdup(iname);
+- buf[len-(buf[len-1]=='n'?5:4)] = 0 ;
+- a = iobuf_open( buf );
+- if (a && is_secured_file (iobuf_get_fd (a)))
+- {
+- iobuf_close (a);
+- a = NULL;
+- errno = EPERM;
+- }
+- if( a && opt.verbose )
+- log_info(_("assuming signed data in `%s'\n"), buf );
+- if (a && pfx)
+- handle_progress (pfx, a, buf);
+- xfree(buf);
+- }
++ iobuf_t a = NULL;
++ char *buf;
++
++ buf = get_matching_datafile (sigfilename);
++ if (buf)
++ {
++ a = iobuf_open (buf);
++ if (a && is_secured_file (iobuf_get_fd (a)))
++ {
++ iobuf_close (a);
++ a = NULL;
++ gpg_err_set_errno (EPERM);
++ }
++ if (a)
++ log_info (_("assuming signed data in '%s'\n"), buf);
++ if (a && pfx)
++ handle_progress (pfx, a, buf);
++ xfree (buf);
+ }
+- return a;
++
++ return a;
+ }
+
++
+ /****************
+ * Copy the option file skeleton to the given directory.
+ */
+diff --git a/g10/plaintext.c b/g10/plaintext.c
+index 3777648..d24c640 100644
+--- a/g10/plaintext.c
++++ b/g10/plaintext.c
+@@ -546,17 +546,25 @@ hash_datafiles( gcry_md_hd_t md, gcry_md_hd_t md2, strlist_t files,
+ pfx = new_progress_context ();
+
+ if( !files ) {
+- /* check whether we can open the signed material */
+- fp = open_sigfile( sigfilename, pfx );
+- if( fp ) {
+- do_hash( md, md2, fp, textmode );
+- iobuf_close(fp);
+- release_progress_context (pfx);
+- return 0;
+- }
+- log_error (_("no signed data\n"));
+- release_progress_context (pfx);
+- return gpg_error (GPG_ERR_NO_DATA);
++ /* Check whether we can open the signed material. We avoid
++ trying to open a file if run in batch mode. This assumed
++ data file for a sig file feature is just a convenience thing
++ for the command line and the user needs to read possible
++ warning messages. */
++ if (!opt.batch)
++ {
++ fp = open_sigfile( sigfilename, pfx );
++ if( fp )
++ {
++ do_hash( md, md2, fp, textmode );
++ iobuf_close(fp);
++ release_progress_context (pfx);
++ return 0;
++ }
++ }
++ log_error (_("no signed data\n"));
++ release_progress_context (pfx);
++ return gpg_error (GPG_ERR_NO_DATA);
+ }
commit a9f45d1e01bdbcda496d8a3474d415a22864e23c
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Mon Nov 17 12:58:15 2014 +0100
Update glib patches and remove rand_s usage.
* NEWS: Mention rand_s removal (fixes xp compatibility).
* patches/glib-2.34.3/02-no-kill.patch: Removed. Problem
addressed upstream.
* patches/glib-2.34.3/01-socket.patch: Moved to 2.41.0.
* patches/glib-2.41.0/03-remove-rand_s.patch: New. Reverts
upstream commit 0e1924a.
--
The remove-rand_s patch can be removed when we use mingw
libraries > 3.1 as they no longer import rand_s directly
but load it at runtime / use a fallback which also works
on Windows XP.
diff --git a/Makefile.am b/Makefile.am
index 73c7b0f..abd62e2 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -36,8 +36,9 @@ EXTRA_DIST = autogen.sh README.GIT ONEWS \
patches/claws-mail-3.9.1/51-version-file.patch \
patches/claws-mail-3.9.1/80-src-makefile.postcfg-build \
patches/dirmngr-1.1.1/dirmngr-pth.patch \
- patches/glib-2.34.3/01-socket.patch \
- patches/glib-2.34.3/02-no-kill.patch \
+ patches/glib-2.41.0/01-socket.patch \
+ patches/glib-2.41.0/02-no-kill.patch \
+ patches/glib-2.41.0/03-remove-rand_s.patch \
patches/gnupg2-2.0.26/0001-Enable-wildcard-expansion-with-mingw-w64.patch \
patches/gnupg2/01-version.patch \
patches/gnupg2/01-version.patch.in \
diff --git a/NEWS b/NEWS
index c0fcc3b..5f520fb 100644
--- a/NEWS
+++ b/NEWS
@@ -5,7 +5,7 @@
Noteworthy changes in version 2.2.3 (unreleased)
------------------------------------------------
-(en) The vanilla installer has been fixed and now also includes GnuTLS
+(en) The vanilla installer has been fixed and now also includes GnuTLS.
(de) Das Vanilla Installationspaket enthält nun GnuTLS und kann somit
wieder verwendet werden.
@@ -15,6 +15,10 @@ Noteworthy changes in version 2.2.3 (unreleased)
(de) Die Erstellung einer portablen Version mit mkportable funktioniert
nun wieder.
+(en) GPA now works again under Windows XP.
+
+(de) GPA funktioniert nun auch wieder unter Windows XP.
+
~~~~~~~~~~~~~~~
GnuPG: 2.0.26
Kleopatra: 2.2.0-gitac229d2
diff --git a/patches/glib-2.34.3/02-no-kill.patch b/patches/glib-2.34.3/02-no-kill.patch
deleted file mode 100755
index 029f42a..0000000
--- a/patches/glib-2.34.3/02-no-kill.patch
+++ /dev/null
@@ -1,69 +0,0 @@
-#! /bin/sh
-patch -p0 -f $* < $0
-exit $?
-
-Replace kill() by TerminateProcess. "interface" is a macro in Windows
-and thus we need to rename it too.
-
-
---- gio/tests/gdbus-proxy.c~ 2012-11-26 17:52:48.000000000 +0100
-+++ gio/tests/gdbus-proxy.c 2013-04-30 09:56:34.301673374 +0200
-@@ -23,6 +23,9 @@
- #include <gio/gio.h>
- #include <unistd.h>
- #include <string.h>
-+#ifdef G_OS_WIN32
-+# include <windows.h>
-+#endif
-
- #include "gdbus-tests.h"
-
-@@ -693,7 +696,7 @@ test_basic (GDBusProxy *proxy)
- GDBusInterfaceInfo *info;
- gchar *name;
- gchar *path;
-- gchar *interface;
-+ gchar *iface;
- gint timeout;
-
- connection = g_bus_get_sync (G_BUS_TYPE_SESSION, NULL, NULL);
-@@ -712,7 +715,7 @@ test_basic (GDBusProxy *proxy)
- "g-flags", &flags,
- "g-name", &name,
- "g-object-path", &path,
-- "g-interface-name", &interface,
-+ "g-interface-name", &iface,
- "g-default-timeout", &timeout,
- NULL);
-
-@@ -721,13 +724,13 @@ test_basic (GDBusProxy *proxy)
- g_assert_cmpint (flags, ==, G_DBUS_PROXY_FLAGS_NONE);
- g_assert_cmpstr (name, ==, "com.example.TestService");
- g_assert_cmpstr (path, ==, "/com/example/TestObject");
-- g_assert_cmpstr (interface, ==, "com.example.Frob");
-+ g_assert_cmpstr (iface, ==, "com.example.Frob");
- g_assert_cmpint (timeout, ==, -1);
-
- g_object_unref (conn);
- g_free (name);
- g_free (path);
-- g_free (interface);
-+ g_free (iface);
-
- g_object_unref (connection);
- }
-@@ -753,7 +756,14 @@ kill_test_service (GDBusConnection *conn
- &error);
- g_variant_get (ret, "(u)", &pid);
- g_variant_unref (ret);
-+#ifdef G_OS_WIN32
-+ {
-+ HANDLE process = (HANDLE) pid;
-+ TerminateProcess (process, 1);
-+ }
-+#else
- kill (pid, SIGTERM);
-+#endif
- }
-
- static void
diff --git a/patches/glib-2.34.3/01-socket.patch b/patches/glib-2.41.0/01-socket.patch
similarity index 100%
rename from patches/glib-2.34.3/01-socket.patch
rename to patches/glib-2.41.0/01-socket.patch
diff --git a/patches/glib-2.41.0/03-remove-rand_s.patch b/patches/glib-2.41.0/03-remove-rand_s.patch
new file mode 100755
index 0000000..2ee3cdb
--- /dev/null
+++ b/patches/glib-2.41.0/03-remove-rand_s.patch
@@ -0,0 +1,76 @@
+#! /bin/sh
+patch -p1 -R -f $* < $0
+exit $?
+
+From 0e1924a66c642d4aa4a30b97cff509903f972435 Mon Sep 17 00:00:00 2001
+From: Ryan Lortie <desrt at desrt.ca>
+Date: Fri, 25 Oct 2013 12:22:42 -0400
+Subject: win32: use real random data for seed on win32
+
+We can get cryptographically secure data from rand_s().
+
+https://bugzilla.gnome.org/show_bug.cgi?id=710738
+
+diff --git a/glib/grand.c b/glib/grand.c
+index 9b2c0f8..56e443d 100644
+--- a/glib/grand.c
++++ b/glib/grand.c
+@@ -37,6 +37,7 @@
+ */
+
+ #include "config.h"
++#define _CRT_RAND_S
+
+ #include <math.h>
+ #include <errno.h>
+@@ -56,7 +57,7 @@
+ #include "gthread.h"
+
+ #ifdef G_OS_WIN32
+-#include <process.h> /* For getpid() */
++#include <stdlib.h>
+ #endif
+
+ /**
+@@ -219,9 +221,9 @@ GRand*
+ g_rand_new (void)
+ {
+ guint32 seed[4];
+- GTimeVal now;
+ #ifdef G_OS_UNIX
+ static gboolean dev_urandom_exists = TRUE;
++ GTimeVal now;
+
+ if (dev_urandom_exists)
+ {
+@@ -253,9 +255,6 @@ g_rand_new (void)
+ else
+ dev_urandom_exists = FALSE;
+ }
+-#else
+- static gboolean dev_urandom_exists = FALSE;
+-#endif
+
+ if (!dev_urandom_exists)
+ {
+@@ -263,12 +262,14 @@ g_rand_new (void)
+ seed[0] = now.tv_sec;
+ seed[1] = now.tv_usec;
+ seed[2] = getpid ();
+-#ifdef G_OS_UNIX
+ seed[3] = getppid ();
+-#else
+- seed[3] = 0;
+-#endif
+ }
++#else /* G_OS_WIN32 */
++ gint i;
++
++ for (i = 0; i < G_N_ELEMENTS (seed); i++)
++ rand_s (&seed[i]);
++#endif
+
+ return g_rand_new_with_seed_array (seed, 4);
+ }
+--
+cgit v0.10.1
commit 639c355b84635f7d2457980519aa60c08b486439
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Mon Nov 17 12:51:07 2014 +0100
Include GnuTLS in vanilla installer
* NEWS: Mention this.
* src/gpg4win.nsi: Include GnuTLS in vanilla package.
--
Keyserver lookup over hkps needs gnutls and curl is linked
directly against it now.
diff --git a/NEWS b/NEWS
index c37c4fb..c0fcc3b 100644
--- a/NEWS
+++ b/NEWS
@@ -5,6 +5,10 @@
Noteworthy changes in version 2.2.3 (unreleased)
------------------------------------------------
+(en) The vanilla installer has been fixed and now also includes GnuTLS
+
+(de) Das Vanilla Installationspaket enthält nun GnuTLS und kann somit
+ wieder verwendet werden.
(en) Creation of portable versions with mkportable has been fixed.
diff --git a/src/gpg4win.nsi b/src/gpg4win.nsi
index d69468b..4a62a05 100644
--- a/src/gpg4win.nsi
+++ b/src/gpg4win.nsi
@@ -59,9 +59,9 @@
!ifdef HAVE_PKG_LIBTASN1
!undef HAVE_PKG_LIBTASN1
!endif
-!ifdef HAVE_PKG_GNUTLS
-!undef HAVE_PKG_GNUTLS
-!endif
+;!ifdef HAVE_PKG_GNUTLS
+;!undef HAVE_PKG_GNUTLS
+;!endif
!ifdef HAVE_PKG_LIBXML2
!undef HAVE_PKG_LIBXML2
!endif
commit af53edaf0001e1380a0894236c19de288d8cc96f
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Mon Nov 17 12:49:19 2014 +0100
Start NEWS for 2.2.3
* NEWS: Mention the mkportable fix.
diff --git a/NEWS b/NEWS
index e58abf1..c37c4fb 100644
--- a/NEWS
+++ b/NEWS
@@ -3,6 +3,25 @@
# The version number given below are for the standard installers as
# distributed by www.gpg4win.org.
+Noteworthy changes in version 2.2.3 (unreleased)
+------------------------------------------------
+
+(en) Creation of portable versions with mkportable has been fixed.
+
+(de) Die Erstellung einer portablen Version mit mkportable funktioniert
+ nun wieder.
+
+~~~~~~~~~~~~~~~
+GnuPG: 2.0.26
+Kleopatra: 2.2.0-gitac229d2
+GPA: 0.9.4
+GpgOL: 1.2.1
+GpgEX: 1.0.1
+Claws-Mail: 3.9.1
+Kompendium DE: 3.0.0
+Kompendium EN: 3.0.0
+~~~~~~~~~~~~~~~
+
Noteworthy changes in version 2.2.2 (2014-09-03)
------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
Makefile.am | 5 +-
NEWS | 51 ++++
packages/packages.current | 8 +-
patches/glib-2.34.3/02-no-kill.patch | 69 ------
.../{glib-2.34.3 => glib-2.41.0}/01-socket.patch | 0
patches/glib-2.41.0/03-remove-rand_s.patch | 76 ++++++
.../0004-Make-the-use-of-verifiy-file-harder.patch | 245 ++++++++++++++++++++
...x-gpgtar-8-bit-encoding-handling-on-Win32.patch | 187 +++++++++++++++
src/gpg4win.nsi | 6 +-
9 files changed, 569 insertions(+), 78 deletions(-)
delete mode 100755 patches/glib-2.34.3/02-no-kill.patch
rename patches/{glib-2.34.3 => glib-2.41.0}/01-socket.patch (100%)
create mode 100755 patches/glib-2.41.0/03-remove-rand_s.patch
create mode 100755 patches/gnupg2-2.0.26/0004-Make-the-use-of-verifiy-file-harder.patch
create mode 100755 patches/gnupg2-2.0.26/0005-Fix-gpgtar-8-bit-encoding-handling-on-Win32.patch
hooks/post-receive
--
GnuPG for Windows
http://git.gnupg.org
More information about the Gpg4win-commits
mailing list