[Pkg-gnupg-commit] [gnupg2] 174/180: refresh patches (dropping those applied upstream already)
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Sat Dec 24 22:29:29 UTC 2016
This is an automated email from the git hooks/post-receive script.
dkg pushed a commit to branch master
in repository gnupg2.
commit e757b288f64b2baff91f44dc71dfad29469b4da9
Author: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
Date: Sat Dec 24 15:42:57 2016 -0500
refresh patches (dropping those applied upstream already)
---
.../0013-agent-Fix-npth-daemon-mode-problem.patch | 31 --
.../0014-doc-Clarify-dirmngr-homedir-option.patch | 29 --
.../patches/0014-scd-Fix-receive-buffer-size.patch | 35 ---
.../0015-scd-Support-OpenPGP-card-V3-for-RSA.patch | 180 -----------
...016-g10-Fix-iteration-over-getkey-results.patch | 28 --
...-dirmngr-Lazily-launch-ldap-reaper-thread.patch | 118 --------
debian/patches/0018-g10-Fix-memory-leak.patch | 46 ---
...e-the-two-versions-of-check_special_filen.patch | 336 ---------------------
...20-gpg-Make-decrypt-with-output-nnnn-work.patch | 48 ---
...-decryption-with-a-card-returning-a-PKCS-.patch | 34 ---
...rmngr-Handle-corner-case-in-shutdown-mode.patch | 80 -----
.../0023-agent-dirmngr-Tiny-restructuring.patch | 90 ------
...y-Dirmngr-decide-whether-CERT-is-supporte.patch | 64 ----
...-Fix-error-code-arg-in-ERRSIG-status-line.patch | 28 --
.../0026-agent-Respect-enable-large-secmem.patch | 31 --
...0002-Avoid-simple-memory-dumps-via-ptrace.patch | 8 +-
.../debian-packaging/0001-avoid-beta-warning.patch | 2 +-
...regenerating-defsincdate-use-shipped-file.patch | 4 +-
...-Avoid-potential-race-condition-when-some.patch | 2 +-
...2-dimrngr-Avoid-need-for-hkp-housekeeping.patch | 26 +-
...void-automatically-checking-upstream-swdb.patch | 6 +-
.../0005-dirmngr-Drop-useless-housekeeping.patch | 33 +-
...gent-Create-framework-of-scheduled-timers.patch | 20 +-
...-threads-to-interrupt-main-select-loop-wi.patch | 18 +-
...gent-Avoid-tight-timer-tick-when-possible.patch | 10 +-
...-scheduled-checks-on-socket-when-inotify-.patch | 4 +-
debian/patches/series | 15 -
27 files changed, 67 insertions(+), 1259 deletions(-)
diff --git a/debian/patches/0013-agent-Fix-npth-daemon-mode-problem.patch b/debian/patches/0013-agent-Fix-npth-daemon-mode-problem.patch
deleted file mode 100644
index 2dad354..0000000
--- a/debian/patches/0013-agent-Fix-npth-daemon-mode-problem.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From: NIIBE Yutaka <gniibe at fsij.org>
-Date: Mon, 21 Nov 2016 11:18:33 +0900
-Subject: agent: Fix npth + daemon mode problem.
-
-* agent/gpg-agent.c (main): Remove duplicated initialization in daemon
-mode.
-
---
-The commit f57dc2b1e6f28d164f882373535dbcb0d632ca17 fixes a part of
-problem (for missing initialization of supervised mode). It was
-actually put in wrong place.
-
-Fixes-commit: 9f92b62a51d2d60f038fdbe01602865c5933fa95
-Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
----
- agent/gpg-agent.c | 2 --
- 1 file changed, 2 deletions(-)
-
-diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
-index 2bc70e3..fa67a3a 100644
---- a/agent/gpg-agent.c
-+++ b/agent/gpg-agent.c
-@@ -1484,8 +1484,6 @@ main (int argc, char **argv )
- pid_t pid;
- #endif
-
-- initialize_modules ();
--
- /* Remove the DISPLAY variable so that a pinentry does not
- default to a specific display. There is still a default
- display when gpg-agent was started using --display or a
diff --git a/debian/patches/0014-doc-Clarify-dirmngr-homedir-option.patch b/debian/patches/0014-doc-Clarify-dirmngr-homedir-option.patch
deleted file mode 100644
index bc04985..0000000
--- a/debian/patches/0014-doc-Clarify-dirmngr-homedir-option.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
-Date: Sun, 20 Nov 2016 21:35:13 -0500
-Subject: doc: Clarify dirmngr --homedir option.
-
---
-
-Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
-(cherry picked from commit 2c97fa84c11f6087872392d83bbf17fbd4f6fb0f)
----
- doc/dirmngr.texi | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi
-index be4e97a..963dff8 100644
---- a/doc/dirmngr.texi
-+++ b/doc/dirmngr.texi
-@@ -142,10 +142,10 @@ per-user configuration file. The default configuration file is named
- @item --homedir @var{dir}
- @opindex options
- Set the name of the home directory to @var{dir}. This option is only
--effective when used on the command line. The default os
-+effective when used on the command line. The default is
- the directory named @file{.gnupg} directly below the home directory
- of the user unless the environment variable @code{GNUPGHOME} has been set
--in which case its value will be used. All kind of data is stored below
-+in which case its value will be used. Many kinds of data are stored within
- this directory.
-
-
diff --git a/debian/patches/0014-scd-Fix-receive-buffer-size.patch b/debian/patches/0014-scd-Fix-receive-buffer-size.patch
deleted file mode 100644
index 552bd54..0000000
--- a/debian/patches/0014-scd-Fix-receive-buffer-size.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From: NIIBE Yutaka <gniibe at fsij.org>
-Date: Tue, 22 Nov 2016 20:53:57 +0900
-Subject: scd: Fix receive buffer size.
-
-* scd/apdu.c (send_le): Fix the size, adding two for status
-bytes to Le.
-
---
-
-This is long standing bug. So far, Le was not exact value.
-Since forthcoming change will introduce exact value of expected length
-of response data, this change is needed.
-
-Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
-(cherry picked from commit 5c2db9dedfe9dbb14ffec24751ca23a69cead94e)
----
- scd/apdu.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/scd/apdu.c b/scd/apdu.c
-index 54f3b30..b32fe80 100644
---- a/scd/apdu.c
-+++ b/scd/apdu.c
-@@ -3757,8 +3757,9 @@ send_le (int slot, int class, int ins, int p0, int p1,
-
- if (use_extended_length && (le > 256 || le < 0))
- {
-- result_buffer_size = le < 0? 4096 : le;
-- result_buffer = xtrymalloc (result_buffer_size + 10);
-+ /* Two more bytes are needed for status bytes. */
-+ result_buffer_size = le < 0? 4096 : (le + 2);
-+ result_buffer = xtrymalloc (result_buffer_size);
- if (!result_buffer)
- {
- xfree (apdu_buffer);
diff --git a/debian/patches/0015-scd-Support-OpenPGP-card-V3-for-RSA.patch b/debian/patches/0015-scd-Support-OpenPGP-card-V3-for-RSA.patch
deleted file mode 100644
index 3759854..0000000
--- a/debian/patches/0015-scd-Support-OpenPGP-card-V3-for-RSA.patch
+++ /dev/null
@@ -1,180 +0,0 @@
-From: NIIBE Yutaka <gniibe at fsij.org>
-Date: Fri, 25 Nov 2016 16:12:26 +0900
-Subject: scd: Support OpenPGP card V3 for RSA.
-
-* scd/app-openpgp.c (struct app_local_s): Remove max_cmd_data and
-max_rsp_data fields as Extended Capabilities bits are different.
-(get_cached_data) Use extcap.max_certlen_3.
-(get_one_do): Don't use exmode=1.
-(determine_rsa_response): New.
-(get_public_key, do_genkey): Call determine_rsa_response.
-(do_sign): Use keyattr[0].rsa.n_bits / 8, instead of max_rsp_data.
-(do_auth): Use keyattr[2].rsa.n_bits / 8, instead of max_rsp_data.
-(do_decipher): Likewise with Use keyattr[1].rsa.n_bits / 8.
-(show_caps): Remove max_cmd_data and max_rsp_data.
-(app_select_openpgp): Likewise.
-
---
-
-OpenPGP card V3 had introduced incompatible change in Extended
-Capabilities bits. We can work around by this change by not
-using those bits.
-
-Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
-(cherry picked from commit b89e63e5c326af71470124b410e6429cbd2b5c43)
----
- scd/app-openpgp.c | 61 ++++++++++++++++++++++++++++++++++---------------------
- 1 file changed, 38 insertions(+), 23 deletions(-)
-
-diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c
-index d1c9efe..8de9b80 100644
---- a/scd/app-openpgp.c
-+++ b/scd/app-openpgp.c
-@@ -197,8 +197,6 @@ struct app_local_s {
- unsigned int sm_algo:2; /* Symmetric crypto algo for SM. */
- unsigned int max_certlen_3:16;
- unsigned int max_get_challenge:16; /* Maximum size for get_challenge. */
-- unsigned int max_cmd_data:16; /* Maximum data size for a command. */
-- unsigned int max_rsp_data:16; /* Maximum size of a response. */
- } extcap;
-
- /* Flags used to control the application. */
-@@ -325,7 +323,7 @@ get_cached_data (app_t app, int tag,
- }
-
- if (try_extlen && app->app_local->cardcap.ext_lc_le)
-- exmode = app->app_local->extcap.max_rsp_data;
-+ exmode = app->app_local->extcap.max_certlen_3;
- else
- exmode = 0;
-
-@@ -455,10 +453,7 @@ get_one_do (app_t app, int tag, unsigned char **result, size_t *nbytes,
-
- if (app->card_version > 0x0100 && data_objects[i].get_immediate_in_v11)
- {
-- if (data_objects[i].try_extlen && app->app_local->cardcap.ext_lc_le)
-- exmode = app->app_local->extcap.max_rsp_data;
-- else
-- exmode = 0;
-+ exmode = 0;
- rc = iso7816_get_data (app->slot, exmode, tag, &buffer, &buflen);
- if (rc)
- {
-@@ -922,6 +917,22 @@ send_key_attr (ctrl_t ctrl, app_t app, const char *keyword, int keyno)
- }
-
-
-+#define RSA_SMALL_SIZE_KEY 1952
-+#define RSA_SMALL_SIZE_OP 2048
-+
-+static int
-+determine_rsa_response (app_t app, int keyno)
-+{
-+ int size;
-+
-+ size = 2 + 3 /* header */
-+ + 4 /* tag+len */ + app->app_local->keyattr[keyno].rsa.n_bits/8
-+ + 2 /* tag+len */ + app->app_local->keyattr[keyno].rsa.e_bits/8;
-+
-+ return size;
-+}
-+
-+
- /* Implement the GETATTR command. This is similar to the LEARN
- command but returns just one value via the status interface. */
- static gpg_error_t
-@@ -1531,10 +1542,12 @@ get_public_key (app_t app, int keyno)
- int exmode, le_value;
-
- /* We may simply read the public key out of these cards. */
-- if (app->app_local->cardcap.ext_lc_le)
-+ if (app->app_local->cardcap.ext_lc_le
-+ && app->app_local->keyattr[keyno].key_type == KEY_TYPE_RSA
-+ && app->app_local->keyattr[keyno].rsa.n_bits > RSA_SMALL_SIZE_KEY)
- {
- exmode = 1; /* Use extended length. */
-- le_value = app->app_local->extcap.max_rsp_data;
-+ le_value = determine_rsa_response (app, keyno);
- }
- else
- {
-@@ -3769,12 +3782,11 @@ do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags,
- if (keybits > 4096)
- return gpg_error (GPG_ERR_TOO_LARGE);
-
-- /* Test whether we will need extended length mode. (1900 is an
-- arbitrary length which for sure fits into a short apdu.) */
-- if (app->app_local->cardcap.ext_lc_le && keybits > 1900)
-+ if (app->app_local->cardcap.ext_lc_le && keybits > RSA_SMALL_SIZE_KEY
-+ && app->app_local->keyattr[keyno].key_type == KEY_TYPE_RSA)
- {
- exmode = 1; /* Use extended length w/o a limit. */
-- le_value = app->app_local->extcap.max_rsp_data;
-+ le_value = determine_rsa_response (app, keyno);
- /* No need to check le_value because it comes from a 16 bit
- value and thus can't create an overflow on a 32 bit
- system. */
-@@ -4122,10 +4134,12 @@ do_sign (app_t app, const char *keyidstr, int hashalgo,
- }
-
-
-- if (app->app_local->cardcap.ext_lc_le)
-+ if (app->app_local->cardcap.ext_lc_le
-+ && app->app_local->keyattr[0].key_type == KEY_TYPE_RSA
-+ && app->app_local->keyattr[0].rsa.n_bits > RSA_SMALL_SIZE_OP)
- {
- exmode = 1; /* Use extended length. */
-- le_value = app->app_local->extcap.max_rsp_data;
-+ le_value = app->app_local->keyattr[0].rsa.n_bits / 8;
- }
- else
- {
-@@ -4225,10 +4239,12 @@ do_auth (app_t app, const char *keyidstr,
- {
- int exmode, le_value;
-
-- if (app->app_local->cardcap.ext_lc_le)
-+ if (app->app_local->cardcap.ext_lc_le
-+ && app->app_local->keyattr[2].key_type == KEY_TYPE_RSA
-+ && app->app_local->keyattr[2].rsa.n_bits > RSA_SMALL_SIZE_OP)
- {
- exmode = 1; /* Use extended length. */
-- le_value = app->app_local->extcap.max_rsp_data;
-+ le_value = app->app_local->keyattr[2].rsa.n_bits / 8;
- }
- else
- {
-@@ -4417,10 +4433,13 @@ do_decipher (app_t app, const char *keyidstr,
- else
- return gpg_error (GPG_ERR_INV_VALUE);
-
-- if (app->app_local->cardcap.ext_lc_le && indatalen > 254 )
-+ if (app->app_local->cardcap.ext_lc_le
-+ && (indatalen > 254
-+ || (app->app_local->keyattr[1].key_type == KEY_TYPE_RSA
-+ && app->app_local->keyattr[1].rsa.n_bits > RSA_SMALL_SIZE_OP)))
- {
- exmode = 1; /* Extended length w/o a limit. */
-- le_value = app->app_local->extcap.max_rsp_data;
-+ le_value = app->app_local->keyattr[1].rsa.n_bits / 8;
- }
- else if (app->app_local->cardcap.cmd_chaining && indatalen > 254)
- {
-@@ -4578,8 +4597,6 @@ show_caps (struct app_local_s *s)
- log_printf (" (%s)", s->extcap.sm_algo==2? "3DES":
- (s->extcap.sm_algo==2? "AES-128" : "AES-256"));
- log_info ("Max-Cert3-Len ..: %u\n", s->extcap.max_certlen_3);
-- log_info ("Max-Cmd-Data ...: %u\n", s->extcap.max_cmd_data);
-- log_info ("Max-Rsp-Data ...: %u\n", s->extcap.max_rsp_data);
- log_info ("Cmd-Chaining ...: %s\n", s->cardcap.cmd_chaining?"yes":"no");
- log_info ("Ext-Lc-Le ......: %s\n", s->cardcap.ext_lc_le?"yes":"no");
- log_info ("Status Indicator: %02X\n", s->status_indicator);
-@@ -4883,8 +4900,6 @@ app_select_openpgp (app_t app)
- app->app_local->extcap.max_get_challenge
- = (buffer[2] << 8 | buffer[3]);
- app->app_local->extcap.max_certlen_3 = (buffer[4] << 8 | buffer[5]);
-- app->app_local->extcap.max_cmd_data = (buffer[6] << 8 | buffer[7]);
-- app->app_local->extcap.max_rsp_data = (buffer[8] << 8 | buffer[9]);
- }
- xfree (relptr);
-
diff --git a/debian/patches/0016-g10-Fix-iteration-over-getkey-results.patch b/debian/patches/0016-g10-Fix-iteration-over-getkey-results.patch
deleted file mode 100644
index 7364a15..0000000
--- a/debian/patches/0016-g10-Fix-iteration-over-getkey-results.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From: Justus Winter <justus at g10code.com>
-Date: Mon, 28 Nov 2016 13:36:56 +0100
-Subject: g10: Fix iteration over getkey results.
-
-* g10/getkey.c (getkey_next): Only ask 'lookup' for the exact match if
-our caller requested the key. Fixes a crash in 'lookup'.
-
-GnuPG-bug-id: 2848
-Fixes-commit: 1d03cc77e1706f7da653153ad4b58c61e4fd2573
-Signed-off-by: Justus Winter <justus at g10code.com>
-(cherry picked from commit 4db9a425644dccaf81b51ebc97b32a9cc21941a4)
----
- g10/getkey.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/g10/getkey.c b/g10/getkey.c
-index f0e33c5..30b456f 100644
---- a/g10/getkey.c
-+++ b/g10/getkey.c
-@@ -2178,7 +2178,7 @@ getkey_next (getkey_ctx_t ctx, PKT_public_key *pk, kbnode_t *ret_keyblock)
- if (pk && ret_keyblock == NULL)
- ret_keyblock = &keyblock;
-
-- rc = lookup (ctx, ret_keyblock, &found_key, ctx->want_secret);
-+ rc = lookup (ctx, ret_keyblock, pk ? &found_key : NULL, ctx->want_secret);
- if (!rc && pk)
- {
- log_assert (found_key);
diff --git a/debian/patches/0017-dirmngr-Lazily-launch-ldap-reaper-thread.patch b/debian/patches/0017-dirmngr-Lazily-launch-ldap-reaper-thread.patch
deleted file mode 100644
index db3a9e3..0000000
--- a/debian/patches/0017-dirmngr-Lazily-launch-ldap-reaper-thread.patch
+++ /dev/null
@@ -1,118 +0,0 @@
-From: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
-Date: Mon, 31 Oct 2016 19:52:31 -0400
-Subject: dirmngr: Lazily launch ldap reaper thread.
-
-* dirmngr/dirmngr.c (main): Avoid calling ldap_wrapper_launch_thread()
-Before we need it.
-* dirmngr/ldap-wrapper.c (ldap_wrapper): Call
-ldap_wrapper_launch_thread() just in time (before any attempt to use
-an ldap subprocess).
-
---
-
-A dirmngr process that never looks anything up in LDAP has no need for
-a reaper thread, but one was started automatically. This thread wakes
-up every two seconds to look for ldap processes that might never have
-been running. We won't start more than one reaper thread for any
-given dirmngr due to the static int "done" in
-ldap_wrapper_launch_thread(), so it's safe to call this every time
-there is a use of ldap_wrapper.
-
-If someone wants to do further dirmngr optimizations for ldap users,
-the reaper thread itself could use dynamically-calculated timeouts
-(and probably needs to be alerted dynamically when a new ldap
-subprocess is available so it can re-calculate those timeouts).
-
-Note: It's not clear to me how to test ldap access effectively; i know
-of no public ldap services that i can verify against, and i do not run
-my own ldap servers. If someone has a publicly-available ldap server
-that developers can run tests against, i would be happy to hear about
-it.
-
-Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
-(cherry-picked from f6728d13e8e544dbd4b9351ed981613e5504293f)
----
- dirmngr/dirmngr.c | 18 ------------------
- dirmngr/ldap-wrapper.c | 5 +++--
- 2 files changed, 3 insertions(+), 20 deletions(-)
-
-diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c
-index e46a889..e03aa33 100644
---- a/dirmngr/dirmngr.c
-+++ b/dirmngr/dirmngr.c
-@@ -982,9 +982,6 @@ main (int argc, char **argv)
- thread_init ();
- cert_cache_init ();
- crl_cache_init ();
--#if USE_LDAP
-- ldap_wrapper_launch_thread ();
--#endif /*USE_LDAP*/
- http_register_netactivity_cb (netactivity_action);
- start_command_handler (ASSUAN_INVALID_FD);
- shutdown_reaper ();
-@@ -1020,9 +1017,6 @@ main (int argc, char **argv)
- thread_init ();
- cert_cache_init ();
- crl_cache_init ();
--#if USE_LDAP
-- ldap_wrapper_launch_thread ();
--#endif /*USE_LDAP*/
- http_register_netactivity_cb (netactivity_action);
- handle_connections (3);
- assuan_sock_close (3);
-@@ -1231,9 +1225,6 @@ main (int argc, char **argv)
- thread_init ();
- cert_cache_init ();
- crl_cache_init ();
--#if USE_LDAP
-- ldap_wrapper_launch_thread ();
--#endif /*USE_LDAP*/
- http_register_netactivity_cb (netactivity_action);
- handle_connections (fd);
- assuan_sock_close (fd);
-@@ -1244,9 +1235,6 @@ main (int argc, char **argv)
- /* Just list the CRL cache and exit. */
- if (argc)
- wrong_args ("--list-crls");
--#if USE_LDAP
-- ldap_wrapper_launch_thread ();
--#endif /*USE_LDAP*/
- crl_cache_init ();
- crl_cache_list (es_stdout);
- }
-@@ -1260,9 +1248,6 @@ main (int argc, char **argv)
- thread_init ();
- cert_cache_init ();
- crl_cache_init ();
--#if USE_LDAP
-- ldap_wrapper_launch_thread ();
--#endif /*USE_LDAP*/
- if (!argc)
- rc = crl_cache_load (&ctrlbuf, NULL);
- else
-@@ -1286,9 +1271,6 @@ main (int argc, char **argv)
- thread_init ();
- cert_cache_init ();
- crl_cache_init ();
--#if USE_LDAP
-- ldap_wrapper_launch_thread ();
--#endif /*USE_LDAP*/
- rc = crl_fetch (&ctrlbuf, argv[0], &reader);
- if (rc)
- log_error (_("fetching CRL from '%s' failed: %s\n"),
-diff --git a/dirmngr/ldap-wrapper.c b/dirmngr/ldap-wrapper.c
-index b9931a0..b313848 100644
---- a/dirmngr/ldap-wrapper.c
-+++ b/dirmngr/ldap-wrapper.c
-@@ -654,8 +654,9 @@ ldap_wrapper (ctrl_t ctrl, ksba_reader_t *reader, const char *argv[])
- only viable solutions are either to have another thread
- responsible for logging the messages or to add an option to the
- wrapper module to do the logging on its own. Given that we anyway
-- need a way to rip the child process and this is best done using a
-- general ripping thread, that thread can do the logging too. */
-+ need a way to reap the child process and this is best done using a
-+ general reaping thread, that thread can do the logging too. */
-+ ldap_wrapper_launch_thread ();
-
- *reader = NULL;
-
diff --git a/debian/patches/0018-g10-Fix-memory-leak.patch b/debian/patches/0018-g10-Fix-memory-leak.patch
deleted file mode 100644
index 92f6e92..0000000
--- a/debian/patches/0018-g10-Fix-memory-leak.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-From: Justus Winter <justus at g10code.com>
-Date: Tue, 29 Nov 2016 16:48:35 +0100
-Subject: g10: Fix memory leak.
-
-* g10/decrypt.c (decrypt_messages): Properly decrease the reference
-count of the armor filters after pushing them.
-
-Signed-off-by: Justus Winter <justus at g10code.com>
-(cherry picked from commit 52385a2ba1bf7e53f500ffde5fd34f28e69cf76b)
----
- g10/decrypt.c | 9 +++++----
- 1 file changed, 5 insertions(+), 4 deletions(-)
-
-diff --git a/g10/decrypt.c b/g10/decrypt.c
-index 751b7be..c99f064 100644
---- a/g10/decrypt.c
-+++ b/g10/decrypt.c
-@@ -180,7 +180,6 @@ void
- decrypt_messages (ctrl_t ctrl, int nfiles, char *files[])
- {
- IOBUF fp;
-- armor_filter_context_t *afx = NULL;
- progress_filter_context_t *pfx;
- char *p, *output = NULL;
- int rc=0,use_stdin=0;
-@@ -254,8 +253,11 @@ decrypt_messages (ctrl_t ctrl, int nfiles, char *files[])
- {
- if (use_armor_filter(fp))
- {
-- afx = new_armor_context ();
-- push_armor_filter ( afx, fp );
-+ armor_filter_context_t *afx = new_armor_context ();
-+ rc = push_armor_filter (afx, fp);
-+ if (rc)
-+ log_error("failed to push armor filter");
-+ release_armor_context (afx);
- }
- }
- rc = proc_packets (ctrl,NULL, fp);
-@@ -275,6 +277,5 @@ decrypt_messages (ctrl_t ctrl, int nfiles, char *files[])
- }
-
- set_next_passphrase(NULL);
-- release_armor_context (afx);
- release_progress_context (pfx);
- }
diff --git a/debian/patches/0019-gpg-sm-Merge-the-two-versions-of-check_special_filen.patch b/debian/patches/0019-gpg-sm-Merge-the-two-versions-of-check_special_filen.patch
deleted file mode 100644
index 120745e..0000000
--- a/debian/patches/0019-gpg-sm-Merge-the-two-versions-of-check_special_filen.patch
+++ /dev/null
@@ -1,336 +0,0 @@
-From: Werner Koch <wk at gnupg.org>
-Date: Tue, 29 Nov 2016 16:18:24 +0100
-Subject: gpg,sm: Merge the two versions of check_special_filename.
-
-* sm/gpgsm.c (check_special_filename): Move to ..
-* common/sysutils.c (check_special_filename): here. Add arg
-NOTRANSLATE.
-(allow_special_filenames): New local var.
-(enable_special_filenames): New public functions.
-* sm/gpgsm.c (allow_special_filenames): Remove var.
-(main): Call enable_special_filenames instead of setting the var.
-(open_read, open_es_fread, open_es_fwrite): Call
-check_special_filename with 0 for NOTRANSLATE.
-* common/iobuf.c (special_names_enabled): Remove var.
-(iobuf_enable_special_filenames): Remove func.
-(check_special_filename): Remove func.
-(iobuf_is_pipe_filename): Call new version of the function with
-NOTRANSLATE set.
-(do_open): Ditto.
-* g10/gpg.c (main): Call enable_special_filenames instead of
-iobuf_enable_special_filenames.
-* g10/gpgv.c (main): Ditto.
---
-
-Note that we keep the iobuf.c:translate_file_handle because it is a
-bit different (for whatever reasons) than the translate function from
-sysutils.
-
-Signed-off-by: Werner Koch <wk at gnupg.org>
-(cherry picked from commit 60b4982836a00ef6b2a97d16f735b3f6b74dce62)
----
- common/iobuf.c | 37 ++++---------------------------------
- common/iobuf.h | 8 +-------
- common/sysutils.c | 36 +++++++++++++++++++++++++++++++++++-
- common/sysutils.h | 2 ++
- g10/gpg.c | 4 +++-
- g10/gpgv.c | 2 +-
- sm/gpgsm.c | 33 ++++++---------------------------
- 7 files changed, 52 insertions(+), 70 deletions(-)
-
-diff --git a/common/iobuf.c b/common/iobuf.c
-index ed90bd7..d346027 100644
---- a/common/iobuf.c
-+++ b/common/iobuf.c
-@@ -155,11 +155,6 @@ typedef struct
- block_filter_ctx_t;
-
-
--/* Global flag to tell whether special file names are enabled. See
-- gpg.c for an explanation of these file names. FIXME: This does not
-- belong in the iobuf subsystem. */
--static int special_names_enabled;
--
- /* Local prototypes. */
- static int underflow (iobuf_t a, int clear_pending_eof);
- static int underflow_target (iobuf_t a, int clear_pending_eof, size_t target);
-@@ -1237,41 +1232,16 @@ iobuf_temp_with_content (const char *buffer, size_t length)
- return a;
- }
-
--void
--iobuf_enable_special_filenames (int yes)
--{
-- special_names_enabled = yes;
--}
--
--
--/* See whether the filename has the form "-&nnnn", where n is a
-- non-zero number. Returns this number or -1 if it is not the
-- case. */
--static int
--check_special_filename (const char *fname)
--{
-- if (special_names_enabled && fname && *fname == '-' && fname[1] == '&')
-- {
-- int i;
--
-- fname += 2;
-- for (i = 0; digitp (fname+i); i++)
-- ;
-- if (!fname[i])
-- return atoi (fname);
-- }
-- return -1;
--}
--
-
- int
- iobuf_is_pipe_filename (const char *fname)
- {
- if (!fname || (*fname=='-' && !fname[1]) )
- return 1;
-- return check_special_filename (fname) != -1;
-+ return check_special_filename (fname, 0, 1) != -1;
- }
-
-+
- static iobuf_t
- do_open (const char *fname, int special_filenames,
- int use, const char *opentype, int mode700)
-@@ -1304,7 +1274,8 @@ do_open (const char *fname, int special_filenames,
- }
- else if (!fname)
- return NULL;
-- else if (special_filenames && (fd = check_special_filename (fname)) != -1)
-+ else if (special_filenames
-+ && (fd = check_special_filename (fname, 0, 1)) != -1)
- return iobuf_fdopen (translate_file_handle (fd, use == IOBUF_INPUT ? 0 : 1),
- opentype);
- else
-diff --git a/common/iobuf.h b/common/iobuf.h
-index 4fa5660..22e02da 100644
---- a/common/iobuf.h
-+++ b/common/iobuf.h
-@@ -258,16 +258,10 @@ struct iobuf_struct
- #endif
- EXTERN_UNLESS_MAIN_MODULE int iobuf_debug_mode;
-
--/* Whether iobuf_open, iobuf_create and iobuf_is_pipefilename
-- recognize special filenames. Special filenames are of the form
-- "-&nnnn" where n is a positive integer. The integer corresponds to
-- a file descriptor. Note: these functions always recognize the
-- special filename '-', which corresponds to standard input. */
--void iobuf_enable_special_filenames (int yes);
-
- /* Returns whether the specified filename corresponds to a pipe. In
- particular, this function checks if FNAME is "-" and, if special
-- filenames are enabled (see iobuf_enable_special_filenames), whether
-+ filenames are enabled (see check_special_filename), whether
- FNAME is a special filename. */
- int iobuf_is_pipe_filename (const char *fname);
-
-diff --git a/common/sysutils.c b/common/sysutils.c
-index c7df872..e67420f 100644
---- a/common/sysutils.c
-+++ b/common/sysutils.c
-@@ -1,7 +1,7 @@
- /* sysutils.c - system helpers
- * Copyright (C) 1991-2001, 2003-2004,
- * 2006-2008 Free Software Foundation, Inc.
-- * Copyright (C) 2013-2014 Werner Koch
-+ * Copyright (C) 2013-2016 Werner Koch
- *
- * This file is part of GnuPG.
- *
-@@ -83,6 +83,10 @@
-
- #define tohex(n) ((n) < 10 ? ((n) + '0') : (((n) - 10) + 'A'))
-
-+/* Flag to tell whether special file names are enabled. See gpg.c for
-+ * an explanation of these file names. */
-+static int allow_special_filenames;
-+
-
- static GPGRT_INLINE gpg_error_t
- my_error_from_syserror (void)
-@@ -168,6 +172,13 @@ enable_core_dumps (void)
- }
-
-
-+/* Allow the use of special "-&nnn" style file names. */
-+void
-+enable_special_filenames (void)
-+{
-+ allow_special_filenames = 1;
-+}
-+
-
- /* Return a string which is used as a kind of process ID. */
- const byte *
-@@ -402,6 +413,29 @@ translate_sys2libc_fd_int (int fd, int for_write)
- }
-
-
-+/* Check whether FNAME has the form "-&nnnn", where N is a non-zero
-+ * number. Returns this number or -1 if it is not the case. If the
-+ * caller wants to use the file descriptor for writing FOR_WRITE shall
-+ * be set to 1. If NOTRANSLATE is set the Windows spefic mapping is
-+ * not done. */
-+int
-+check_special_filename (const char *fname, int for_write, int notranslate)
-+{
-+ if (allow_special_filenames
-+ && fname && *fname == '-' && fname[1] == '&')
-+ {
-+ int i;
-+
-+ fname += 2;
-+ for (i=0; digitp (fname+i); i++ )
-+ ;
-+ if (!fname[i])
-+ return notranslate? atoi (fname)
-+ /**/ : translate_sys2libc_fd_int (atoi (fname), for_write);
-+ }
-+ return -1;
-+}
-+
-
- /* Replacement for tmpfile(). This is required because the tmpfile
- function of Windows' runtime library is broken, insecure, ignores
-diff --git a/common/sysutils.h b/common/sysutils.h
-index fef6ba1..a9316d7 100644
---- a/common/sysutils.h
-+++ b/common/sysutils.h
-@@ -50,6 +50,7 @@ typedef int gnupg_fd_t;
- void trap_unaligned (void);
- int disable_core_dumps (void);
- int enable_core_dumps (void);
-+void enable_special_filenames (void);
- const unsigned char *get_session_marker (size_t *rlen);
- unsigned int get_uint_nonce (void);
- /*int check_permissions (const char *path,int extension,int checkonly);*/
-@@ -57,6 +58,7 @@ void gnupg_sleep (unsigned int seconds);
- void gnupg_usleep (unsigned int usecs);
- int translate_sys2libc_fd (gnupg_fd_t fd, int for_write);
- int translate_sys2libc_fd_int (int fd, int for_write);
-+int check_special_filename (const char *fname, int for_write, int notranslate);
- FILE *gnupg_tmpfile (void);
- void gnupg_reopen_std (const char *pgmname);
- void gnupg_allow_set_foregound_window (pid_t pid);
-diff --git a/g10/gpg.c b/g10/gpg.c
-index c54facb..caa0653 100644
---- a/g10/gpg.c
-+++ b/g10/gpg.c
-@@ -3304,9 +3304,11 @@ main (int argc, char **argv)
- case oAllowSecretKeyImport: /* obsolete */ break;
- case oTryAllSecrets: opt.try_all_secrets = 1; break;
- case oTrustedKey: register_trusted_key( pargs.r.ret_str ); break;
-+
- case oEnableSpecialFilenames:
-- iobuf_enable_special_filenames (1);
-+ enable_special_filenames ();
- break;
-+
- case oNoExpensiveTrustChecks: opt.no_expensive_trust_checks=1; break;
- case oAutoCheckTrustDB: opt.no_auto_check_trustdb=0; break;
- case oNoAutoCheckTrustDB: opt.no_auto_check_trustdb=1; break;
-diff --git a/g10/gpgv.c b/g10/gpgv.c
-index d9f2898..1e4bb73 100644
---- a/g10/gpgv.c
-+++ b/g10/gpgv.c
-@@ -204,7 +204,7 @@ main( int argc, char **argv )
- break;
- case oIgnoreTimeConflict: opt.ignore_time_conflict = 1; break;
- case oEnableSpecialFilenames:
-- iobuf_enable_special_filenames (1);
-+ enable_special_filenames ();
- break;
- default : pargs.err = ARGPARSE_PRINT_ERROR; break;
- }
-diff --git a/sm/gpgsm.c b/sm/gpgsm.c
-index c4fd1c2..08d4830 100644
---- a/sm/gpgsm.c
-+++ b/sm/gpgsm.c
-@@ -439,9 +439,6 @@ static int maybe_setuid = 1;
- static const char *debug_level;
- static unsigned int debug_value;
-
--/* Option --enable-special-filenames */
--static int allow_special_filenames;
--
- /* Default value for include-certs. We need an extra macro for
- gpgconf-list because the variable will be changed by the command
- line option.
-@@ -468,7 +465,6 @@ static void set_cmd (enum cmd_and_opt_values *ret_cmd,
- enum cmd_and_opt_values new_cmd );
-
- static void emergency_cleanup (void);
--static int check_special_filename (const char *fname, int for_write);
- static int open_read (const char *filename);
- static estream_t open_es_fread (const char *filename, const char *mode);
- static estream_t open_es_fwrite (const char *filename);
-@@ -1420,7 +1416,9 @@ main ( int argc, char **argv)
- case oNoRandomSeedFile: use_random_seed = 0; break;
- case oNoCommonCertsImport: no_common_certs_import = 1; break;
-
-- case oEnableSpecialFilenames: allow_special_filenames =1; break;
-+ case oEnableSpecialFilenames:
-+ enable_special_filenames ();
-+ break;
-
- case oValidationModel: parse_validation_model (pargs.r.ret_str); break;
-
-@@ -2107,25 +2105,6 @@ gpgsm_parse_validation_model (const char *model)
- }
-
-
--/* Check whether the filename has the form "-&nnnn", where n is a
-- non-zero number. Returns this number or -1 if it is not the case. */
--static int
--check_special_filename (const char *fname, int for_write)
--{
-- if (allow_special_filenames
-- && fname && *fname == '-' && fname[1] == '&' ) {
-- int i;
--
-- fname += 2;
-- for (i=0; isdigit (fname[i]); i++ )
-- ;
-- if ( !fname[i] )
-- return translate_sys2libc_fd_int (atoi (fname), for_write);
-- }
-- return -1;
--}
--
--
-
- /* Open the FILENAME for read and return the file descriptor. Stop
- with an error message in case of problems. "-" denotes stdin and
-@@ -2140,7 +2119,7 @@ open_read (const char *filename)
- set_binary (stdin);
- return 0; /* stdin */
- }
-- fd = check_special_filename (filename, 0);
-+ fd = check_special_filename (filename, 0, 0);
- if (fd != -1)
- return fd;
- fd = open (filename, O_RDONLY | O_BINARY);
-@@ -2162,7 +2141,7 @@ open_es_fread (const char *filename, const char *mode)
- if (filename[0] == '-' && !filename[1])
- fd = fileno (stdin);
- else
-- fd = check_special_filename (filename, 0);
-+ fd = check_special_filename (filename, 0, 0);
- if (fd != -1)
- {
- fp = es_fdopen_nc (fd, mode);
-@@ -2200,7 +2179,7 @@ open_es_fwrite (const char *filename)
- return fp;
- }
-
-- fd = check_special_filename (filename, 1);
-+ fd = check_special_filename (filename, 1, 0);
- if (fd != -1)
- {
- fp = es_fdopen_nc (fd, "wb");
diff --git a/debian/patches/0020-gpg-Make-decrypt-with-output-nnnn-work.patch b/debian/patches/0020-gpg-Make-decrypt-with-output-nnnn-work.patch
deleted file mode 100644
index 7e7b091..0000000
--- a/debian/patches/0020-gpg-Make-decrypt-with-output-nnnn-work.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From: Werner Koch <wk at gnupg.org>
-Date: Tue, 29 Nov 2016 16:42:14 +0100
-Subject: gpg: Make --decrypt with output '-&nnnn' work.
-
-* g10/plaintext.c (get_output_file): Check and open special filename
-before falling back to stdout.
---
-
-GnuPG-bug-id: 2677
-Signed-off-by: Werner Koch <wk at gnupg.org>
-(cherry picked from commit a5910e00ace882b8a17169faf4607163ab454af9)
----
- g10/plaintext.c | 22 +++++++++++++++++++---
- 1 file changed, 19 insertions(+), 3 deletions(-)
-
-diff --git a/g10/plaintext.c b/g10/plaintext.c
-index bdf5592..40ce603 100644
---- a/g10/plaintext.c
-+++ b/g10/plaintext.c
-@@ -108,9 +108,25 @@ get_output_file (const byte *embedded_name, int embedded_namelen,
- }
- else if (iobuf_is_pipe_filename (fname) || !*fname)
- {
-- /* No filename or "-" given; write to stdout. */
-- fp = es_stdout;
-- es_set_binary (fp);
-+ /* Special file name, no filename, or "-" given; write to the
-+ * file descriptor or to stdout. */
-+ int fd;
-+ char xname[64];
-+
-+ fd = check_special_filename (fname, 1, 0);
-+ if (fd == -1)
-+ {
-+ /* Not a special filename, thus we want stdout. */
-+ fp = es_stdout;
-+ es_set_binary (fp);
-+ }
-+ else if (!(fp = es_fdopen_nc (fd, "wb")))
-+ {
-+ err = gpg_error_from_syserror ();
-+ snprintf (xname, sizeof xname, "[fd %d]", fd);
-+ log_error (_("can't open '%s': %s\n"), xname, gpg_strerror (err));
-+ goto leave;
-+ }
- }
- else
- {
diff --git a/debian/patches/0021-gpgsm-Allow-decryption-with-a-card-returning-a-PKCS-.patch b/debian/patches/0021-gpgsm-Allow-decryption-with-a-card-returning-a-PKCS-.patch
deleted file mode 100644
index 3a06a7c..0000000
--- a/debian/patches/0021-gpgsm-Allow-decryption-with-a-card-returning-a-PKCS-.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From: Werner Koch <wk at gnupg.org>
-Date: Tue, 29 Nov 2016 19:19:45 +0100
-Subject: gpgsm: Allow decryption with a card returning a PKCS#1 stripped key.
-
-* sm/decrypt.c (prepare_decryption): Handle a 16 byte session key.
---
-
-GnuPG-bug-id: 2230
-Signed-off-by: Werner Koch <wk at gnupg.org>
-(cherry picked from commit 8489b12211098ad58c008cfb74b5cb91849cf68d)
----
- sm/decrypt.c | 8 +++++---
- 1 file changed, 5 insertions(+), 3 deletions(-)
-
-diff --git a/sm/decrypt.c b/sm/decrypt.c
-index 11c1cf8..a2907f6 100644
---- a/sm/decrypt.c
-+++ b/sm/decrypt.c
-@@ -74,10 +74,12 @@ prepare_decryption (ctrl_t ctrl, const char *hexkeygrip, const char *desc,
- log_printhex ("pkcs1 encoded session key:", seskey, seskeylen);
-
- n=0;
-- if (seskeylen == 24)
-+ if (seskeylen == 24 || seskeylen == 16)
- {
-- /* Smells like a 3-des key. This might happen because a SC has
-- already done the unpacking. */
-+ /* Smells like a 3-DES or AES-128 key. This might happen
-+ * because a SC has already done the unpacking. A better
-+ * solution would be to test for this only after we triggered
-+ * the GPG_ERR_INV_SESSION_KEY. */
- }
- else
- {
diff --git a/debian/patches/0022-agent-dirmngr-Handle-corner-case-in-shutdown-mode.patch b/debian/patches/0022-agent-dirmngr-Handle-corner-case-in-shutdown-mode.patch
deleted file mode 100644
index 0351456..0000000
--- a/debian/patches/0022-agent-dirmngr-Handle-corner-case-in-shutdown-mode.patch
+++ /dev/null
@@ -1,80 +0,0 @@
-From: Werner Koch <wk at gnupg.org>
-Date: Tue, 29 Nov 2016 20:15:47 +0100
-Subject: agent,dirmngr: Handle corner case in shutdown mode.
-
-* agent/gpg-agent.c (handle_connections): Keep on selecting on the
-inotify fd even when a shutdown is pending.
-* dirmngr/dirmngr.c (handle_connections): Ditto. Also simplifyy the
-use of the HAVE_INOTIFY_INIT cpp conditional.
---
-
-Without that patch we won't notice a removed socket when a shutdown is
-pending. This is somewhat related to bug report 2849.
-
-Signed-off-by: Werner Koch <wk at gnupg.org>
-(cherry picked from commit 854adc8ae19749e44cb79dfa0c5401f48012b13a)
----
- agent/gpg-agent.c | 6 ++++++
- dirmngr/dirmngr.c | 12 +++++++-----
- 2 files changed, 13 insertions(+), 5 deletions(-)
-
-diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
-index fa67a3a..79d58bd 100644
---- a/agent/gpg-agent.c
-+++ b/agent/gpg-agent.c
-@@ -2872,6 +2872,12 @@ handle_connections (gnupg_fd_t listen_fd,
- /* Do not accept new connections but keep on running the
- loop to cope with the timer events. */
- FD_ZERO (&fdset);
-+ nfd = -1;
-+ if (my_inotify_fd != -1)
-+ {
-+ FD_SET (my_inotify_fd, &fdset);
-+ nfd = my_inotify_fd;
-+ }
- }
-
- /* POSIX says that fd_set should be implemented as a structure,
-diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c
-index e03aa33..21500ec 100644
---- a/dirmngr/dirmngr.c
-+++ b/dirmngr/dirmngr.c
-@@ -1839,9 +1839,7 @@ handle_connections (assuan_fd_t listen_fd)
- int nfd, ret;
- fd_set fdset, read_fdset;
- int saved_errno;
--#ifdef HAVE_INOTIFY_INIT
-- int my_inotify_fd;
--#endif /*HAVE_INOTIFY_INIT*/
-+ int my_inotify_fd = -1;
-
- npth_attr_init (&tattr);
- npth_attr_setdetachstate (&tattr, NPTH_CREATE_DETACHED);
-@@ -1883,14 +1881,12 @@ handle_connections (assuan_fd_t listen_fd)
- FD_ZERO (&fdset);
- FD_SET (FD2INT (listen_fd), &fdset);
- nfd = FD2INT (listen_fd);
--#ifdef HAVE_INOTIFY_INIT
- if (my_inotify_fd != -1)
- {
- FD_SET (my_inotify_fd, &fdset);
- if (my_inotify_fd > nfd)
- nfd = my_inotify_fd;
- }
--#endif /*HAVE_INOTIFY_INIT*/
-
- /* Main loop. */
- for (;;)
-@@ -1904,6 +1900,12 @@ handle_connections (assuan_fd_t listen_fd)
- /* Do not accept new connections but keep on running the
- select loop to wait for signals (e.g. SIGCHLD). */
- FD_ZERO (&fdset);
-+ nfd = -1;
-+ if (my_inotify_fd != -1)
-+ {
-+ FD_SET (my_inotify_fd, &fdset);
-+ nfd = my_inotify_fd;
-+ }
- }
-
- /* Take a copy of the fdset. */
diff --git a/debian/patches/0023-agent-dirmngr-Tiny-restructuring.patch b/debian/patches/0023-agent-dirmngr-Tiny-restructuring.patch
deleted file mode 100644
index 6e77a94..0000000
--- a/debian/patches/0023-agent-dirmngr-Tiny-restructuring.patch
+++ /dev/null
@@ -1,90 +0,0 @@
-From: Werner Koch <wk at gnupg.org>
-Date: Tue, 29 Nov 2016 20:35:10 +0100
-Subject: agent,dirmngr: Tiny restructuring.
-
-* agent/gpg-agent.c (handle_connections): Add a comment.
-* dirmngr/dirmngr.c (main): Move assuan_sock_close of the listening
-socket to ...
-(handle_connections): here. Add a comment why we keep the
-listening socket open during a shutdown.
-
-Signed-off-by: Werner Koch <wk at gnupg.org>
-(cherry picked from commit aa6ab9e0bc67fe9ce5601047e84ea4a875e8eb64)
----
- agent/gpg-agent.c | 7 ++++++-
- dirmngr/dirmngr.c | 16 ++++++++++++----
- 2 files changed, 18 insertions(+), 5 deletions(-)
-
-diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
-index 79d58bd..efef8c1 100644
---- a/agent/gpg-agent.c
-+++ b/agent/gpg-agent.c
-@@ -2870,7 +2870,12 @@ handle_connections (gnupg_fd_t listen_fd,
- break; /* ready */
-
- /* Do not accept new connections but keep on running the
-- loop to cope with the timer events. */
-+ * loop to cope with the timer events.
-+ *
-+ * Note that we do not close the listening socket because a
-+ * client trying to connect to that socket would instead
-+ * restart a new dirmngr instance - which is unlikely the
-+ * intention of a shutdown. */
- FD_ZERO (&fdset);
- nfd = -1;
- if (my_inotify_fd != -1)
-diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c
-index 21500ec..80c556b 100644
---- a/dirmngr/dirmngr.c
-+++ b/dirmngr/dirmngr.c
-@@ -1019,7 +1019,6 @@ main (int argc, char **argv)
- crl_cache_init ();
- http_register_netactivity_cb (netactivity_action);
- handle_connections (3);
-- assuan_sock_close (3);
- shutdown_reaper ();
- }
- #endif /*HAVE_W32_SYSTEM*/
-@@ -1227,7 +1226,6 @@ main (int argc, char **argv)
- crl_cache_init ();
- http_register_netactivity_cb (netactivity_action);
- handle_connections (fd);
-- assuan_sock_close (fd);
- shutdown_reaper ();
- }
- else if (cmd == aListCRLs)
-@@ -1825,7 +1823,8 @@ my_inotify_is_name (int fd, const char *name)
- #endif /*HAVE_INOTIFY_INIT*/
-
-
--/* Main loop in daemon mode. */
-+/* Main loop in daemon mode. Note that LISTEN_FD will be owned by
-+ * this function. */
- static void
- handle_connections (assuan_fd_t listen_fd)
- {
-@@ -1898,7 +1897,14 @@ handle_connections (assuan_fd_t listen_fd)
- break; /* ready */
-
- /* Do not accept new connections but keep on running the
-- select loop to wait for signals (e.g. SIGCHLD). */
-+ * loop to cope with the timer events.
-+ *
-+ * Note that we do not close the listening socket because a
-+ * client trying to connect to that socket would instead
-+ * restart a new dirmngr instance - which is unlikely the
-+ * intention of a shutdown. */
-+ /* assuan_sock_close (listen_fd); */
-+ /* listen_fd = -1; */
- FD_ZERO (&fdset);
- nfd = -1;
- if (my_inotify_fd != -1)
-@@ -1990,6 +1996,8 @@ handle_connections (assuan_fd_t listen_fd)
- close (my_inotify_fd);
- #endif /*HAVE_INOTIFY_INIT*/
- npth_attr_destroy (&tattr);
-+ if (listen_fd != -1)
-+ assuan_sock_close (fd);
- cleanup ();
- log_info ("%s %s stopped\n", strusage(11), strusage(13));
- }
diff --git a/debian/patches/0024-gpg-Let-only-Dirmngr-decide-whether-CERT-is-supporte.patch b/debian/patches/0024-gpg-Let-only-Dirmngr-decide-whether-CERT-is-supporte.patch
deleted file mode 100644
index 22c81c9..0000000
--- a/debian/patches/0024-gpg-Let-only-Dirmngr-decide-whether-CERT-is-supporte.patch
+++ /dev/null
@@ -1,64 +0,0 @@
-From: Werner Koch <wk at gnupg.org>
-Date: Thu, 1 Dec 2016 13:08:02 +0100
-Subject: gpg: Let only Dirmngr decide whether CERT is supported.
-
-* g10/getkey.c (parse_auto_key_locate): Do not build parts depending
-on USE_DNS_CERT.
---
-
-This also removes USE_DNS_SRV from commented code.
-
-Signed-off-by: Werner Koch <wk at gnupg.org>
-(cherry picked from commit 86efc3ee53abaf1e22b53c1b360c51829e476115)
----
- g10/getkey.c | 2 --
- g10/keyserver.c | 4 ----
- 2 files changed, 6 deletions(-)
-
-diff --git a/g10/getkey.c b/g10/getkey.c
-index 30b456f..68b1438 100644
---- a/g10/getkey.c
-+++ b/g10/getkey.c
-@@ -4153,10 +4153,8 @@ parse_auto_key_locate (char *options)
- akl->type = AKL_LDAP;
- else if (ascii_strcasecmp (tok, "keyserver") == 0)
- akl->type = AKL_KEYSERVER;
--#ifdef USE_DNS_CERT
- else if (ascii_strcasecmp (tok, "cert") == 0)
- akl->type = AKL_CERT;
--#endif
- else if (ascii_strcasecmp (tok, "pka") == 0)
- akl->type = AKL_PKA;
- else if (ascii_strcasecmp (tok, "dane") == 0)
-diff --git a/g10/keyserver.c b/g10/keyserver.c
-index 9148e7d..c7363c9 100644
---- a/g10/keyserver.c
-+++ b/g10/keyserver.c
-@@ -2084,11 +2084,9 @@ keyserver_import_ldap (ctrl_t ctrl,
- struct keyserver_spec *keyserver;
- strlist_t list=NULL;
- int rc,hostlen=1;
--#ifdef USE_DNS_SRV
- struct srventry *srvlist=NULL;
- int srvcount,i;
- char srvname[MAXDNAME];
--#endif
-
- /* Parse out the domain */
- domain=strrchr(name,'@');
-@@ -2102,7 +2100,6 @@ keyserver_import_ldap (ctrl_t ctrl,
- keyserver->host=xmalloc(1);
- keyserver->host[0]='\0';
-
--#ifdef USE_DNS_SRV
- snprintf(srvname,MAXDNAME,"_pgpkey-ldap._tcp.%s",domain);
-
- FIXME("network related - move to dirmngr or drop the code");
-@@ -2130,7 +2127,6 @@ keyserver_import_ldap (ctrl_t ctrl,
- }
-
- free(srvlist);
--#endif
-
- /* If all else fails, do the PGP Universal trick of
- ldap://keys.(domain) */
diff --git a/debian/patches/0025-gpg-Fix-error-code-arg-in-ERRSIG-status-line.patch b/debian/patches/0025-gpg-Fix-error-code-arg-in-ERRSIG-status-line.patch
deleted file mode 100644
index d49fc4c..0000000
--- a/debian/patches/0025-gpg-Fix-error-code-arg-in-ERRSIG-status-line.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From: Werner Koch <wk at gnupg.org>
-Date: Sat, 3 Dec 2016 21:35:45 +0100
-Subject: gpg: Fix error code arg in ERRSIG status line.
-
-* g10/mainproc.c (check_sig_and_print): Use gpg_err_code to return an
-error code in ERRSIG.
---
-
-Debian-bug-id: 846834
-Signed-off-by: Werner Koch <wk at gnupg.org>
-(cherry picked from commit ef10c348bffc7dad19e1832bebc453755d209420)
----
- g10/mainproc.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/g10/mainproc.c b/g10/mainproc.c
-index c1819f0..314d515 100644
---- a/g10/mainproc.c
-+++ b/g10/mainproc.c
-@@ -2218,7 +2218,7 @@ check_sig_and_print (CTX c, kbnode_t node)
- snprintf (buf, sizeof buf, "%08lX%08lX %d %d %02x %lu %d",
- (ulong)sig->keyid[0], (ulong)sig->keyid[1],
- sig->pubkey_algo, sig->digest_algo,
-- sig->sig_class, (ulong)sig->timestamp, rc);
-+ sig->sig_class, (ulong)sig->timestamp, gpg_err_code (rc));
- write_status_text (STATUS_ERRSIG, buf);
- if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY)
- {
diff --git a/debian/patches/0026-agent-Respect-enable-large-secmem.patch b/debian/patches/0026-agent-Respect-enable-large-secmem.patch
deleted file mode 100644
index 121bc0b..0000000
--- a/debian/patches/0026-agent-Respect-enable-large-secmem.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
-Date: Tue, 6 Dec 2016 11:01:22 -0500
-Subject: agent: Respect --enable-large-secmem
-
-* agent/gpg-agent.c (main): Initialize secmem to the configured buffer
-size.
-
---
-
-This patch is a step toward addressing
-GnuPG-bug-id: 2857
-
-Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
-(cherry picked from commit 8636ad5023a1bdc527add40a5508f8c5b7c35221)
----
- agent/gpg-agent.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
-index efef8c1..196d6ac 100644
---- a/agent/gpg-agent.c
-+++ b/agent/gpg-agent.c
-@@ -1066,7 +1066,7 @@ main (int argc, char **argv )
- }
-
- /* Initialize the secure memory. */
-- gcry_control (GCRYCTL_INIT_SECMEM, 32768, 0);
-+ gcry_control (GCRYCTL_INIT_SECMEM, SECMEM_BUFFER_SIZE, 0);
- maybe_setuid = 0;
-
- /*
diff --git a/debian/patches/block-ptrace-on-agent/0002-Avoid-simple-memory-dumps-via-ptrace.patch b/debian/patches/block-ptrace-on-agent/0002-Avoid-simple-memory-dumps-via-ptrace.patch
index 419ddce..50d46f3 100644
--- a/debian/patches/block-ptrace-on-agent/0002-Avoid-simple-memory-dumps-via-ptrace.patch
+++ b/debian/patches/block-ptrace-on-agent/0002-Avoid-simple-memory-dumps-via-ptrace.patch
@@ -21,7 +21,7 @@ Upstream bug: https://bugs.gnupg.org/gnupg/issue1211
2 files changed, 9 insertions(+)
diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
-index 1433f7f..84e6667 100644
+index f4ed6c5c4..f5ecea544 100644
--- a/agent/gpg-agent.c
+++ b/agent/gpg-agent.c
@@ -48,6 +48,9 @@
@@ -34,7 +34,7 @@ index 1433f7f..84e6667 100644
#define GNUPG_COMMON_NEED_AFLOCAL
#include "agent.h"
-@@ -949,6 +952,11 @@ main (int argc, char **argv )
+@@ -947,6 +950,11 @@ main (int argc, char **argv )
early_system_init ();
@@ -47,10 +47,10 @@ index 1433f7f..84e6667 100644
file descriptors and the signal mask. This info is required to
do the exec call properly. */
diff --git a/configure.ac b/configure.ac
-index 1b77a45..22e895f 100644
+index 663061031..932c741ef 100644
--- a/configure.ac
+++ b/configure.ac
-@@ -1378,6 +1378,7 @@ AC_CHECK_FUNCS([strerror strlwr tcgetattr mmap canonicalize_file_name])
+@@ -1335,6 +1335,7 @@ AC_CHECK_FUNCS([strerror strlwr tcgetattr mmap canonicalize_file_name])
AC_CHECK_FUNCS([strcasecmp strncasecmp ctermid times gmtime_r strtoull])
AC_CHECK_FUNCS([setenv unsetenv fcntl ftruncate inet_ntop])
AC_CHECK_FUNCS([canonicalize_file_name])
diff --git a/debian/patches/debian-packaging/0001-avoid-beta-warning.patch b/debian/patches/debian-packaging/0001-avoid-beta-warning.patch
index 5cbecf8..f541c1a 100644
--- a/debian/patches/debian-packaging/0001-avoid-beta-warning.patch
+++ b/debian/patches/debian-packaging/0001-avoid-beta-warning.patch
@@ -19,7 +19,7 @@ See discussion at:
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/autogen.sh b/autogen.sh
-index 92c6df8..6b631a2 100755
+index 92c6df807..6b631a241 100755
--- a/autogen.sh
+++ b/autogen.sh
@@ -214,7 +214,7 @@ if [ "$myhost" = "find-version" ]; then
diff --git a/debian/patches/debian-packaging/0003-avoid-regenerating-defsincdate-use-shipped-file.patch b/debian/patches/debian-packaging/0003-avoid-regenerating-defsincdate-use-shipped-file.patch
index e652eb3..c141e4f 100644
--- a/debian/patches/debian-packaging/0003-avoid-regenerating-defsincdate-use-shipped-file.patch
+++ b/debian/patches/debian-packaging/0003-avoid-regenerating-defsincdate-use-shipped-file.patch
@@ -18,10 +18,10 @@ the datestamp unreproducible.
1 file changed, 7 deletions(-)
diff --git a/doc/Makefile.am b/doc/Makefile.am
-index 53cd639..0ad353e 100644
+index 0c2f2c9dc..65b941ca7 100644
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
-@@ -164,13 +164,6 @@ $(myman_pages) gnupg.7 : yat2m-stamp defs.inc
+@@ -167,13 +167,6 @@ $(myman_pages) gnupg.7 : yat2m-stamp defs.inc
dist-hook: defsincdate
diff --git a/debian/patches/dirmngr-idling/0001-dirmngr-hkp-Avoid-potential-race-condition-when-some.patch b/debian/patches/dirmngr-idling/0001-dirmngr-hkp-Avoid-potential-race-condition-when-some.patch
index 40e1dbf..2020da7 100644
--- a/debian/patches/dirmngr-idling/0001-dirmngr-hkp-Avoid-potential-race-condition-when-some.patch
+++ b/debian/patches/dirmngr-idling/0001-dirmngr-hkp-Avoid-potential-race-condition-when-some.patch
@@ -36,7 +36,7 @@ Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
1 file changed, 10 insertions(+), 11 deletions(-)
diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c
-index 3b5e75d..f17afb5 100644
+index a6c22f8cd..2d1240bb3 100644
--- a/dirmngr/ks-engine-hkp.c
+++ b/dirmngr/ks-engine-hkp.c
@@ -209,25 +209,24 @@ host_in_pool_p (int *pool, int tblidx)
diff --git a/debian/patches/dirmngr-idling/0002-dimrngr-Avoid-need-for-hkp-housekeeping.patch b/debian/patches/dirmngr-idling/0002-dimrngr-Avoid-need-for-hkp-housekeeping.patch
index da9585f..75f4b90 100644
--- a/debian/patches/dirmngr-idling/0002-dimrngr-Avoid-need-for-hkp-housekeeping.patch
+++ b/debian/patches/dirmngr-idling/0002-dimrngr-Avoid-need-for-hkp-housekeeping.patch
@@ -26,10 +26,10 @@ Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
3 files changed, 36 insertions(+), 44 deletions(-)
diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c
-index 7214d49..49a7835 100644
+index 5ee589e93..130f74bc7 100644
--- a/dirmngr/dirmngr.c
+++ b/dirmngr/dirmngr.c
-@@ -1769,12 +1769,10 @@ static void *
+@@ -1773,12 +1773,10 @@ static void *
housekeeping_thread (void *arg)
{
static int sentinel;
@@ -42,7 +42,7 @@ index 7214d49..49a7835 100644
if (sentinel)
{
log_info ("housekeeping is already going on\n");
-@@ -1787,7 +1785,6 @@ housekeeping_thread (void *arg)
+@@ -1791,7 +1789,6 @@ housekeeping_thread (void *arg)
memset (&ctrlbuf, 0, sizeof ctrlbuf);
dirmngr_init_default_ctrl (&ctrlbuf);
@@ -51,10 +51,10 @@ index 7214d49..49a7835 100644
{
network_activity_seen = 0;
diff --git a/dirmngr/dirmngr.h b/dirmngr/dirmngr.h
-index da1c4be..e556bb6 100644
+index 9a8787842..0469d55bc 100644
--- a/dirmngr/dirmngr.h
+++ b/dirmngr/dirmngr.h
-@@ -188,10 +188,6 @@ void dirmngr_sighup_action (void);
+@@ -192,10 +192,6 @@ void dirmngr_sighup_action (void);
const char* dirmngr_get_current_socket_name (void);
@@ -66,7 +66,7 @@ index da1c4be..e556bb6 100644
ldap_server_t get_ldapservers_from_ctrl (ctrl_t ctrl);
ksba_cert_t get_cert_local (ctrl_t ctrl, const char *issuer);
diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c
-index f17afb5..98de1ee 100644
+index 2d1240bb3..6f1c2e8e0 100644
--- a/dirmngr/ks-engine-hkp.c
+++ b/dirmngr/ks-engine-hkp.c
@@ -203,6 +203,25 @@ host_in_pool_p (int *pool, int tblidx)
@@ -118,7 +118,7 @@ index f17afb5..98de1ee 100644
*r_host = NULL;
if (r_httpflags)
-@@ -543,6 +565,7 @@ map_host (ctrl_t ctrl, const char *name, int force_reselect,
+@@ -538,6 +560,7 @@ map_host (ctrl_t ctrl, const char *name, int force_reselect,
xfree (reftbl);
}
@@ -126,7 +126,7 @@ index f17afb5..98de1ee 100644
hi = hosttable[idx];
if (hi->pool)
{
-@@ -559,7 +582,7 @@ map_host (ctrl_t ctrl, const char *name, int force_reselect,
+@@ -554,7 +577,7 @@ map_host (ctrl_t ctrl, const char *name, int force_reselect,
if (force_reselect)
hi->poolidx = -1;
else if (hi->poolidx >= 0 && hi->poolidx < hosttable_size
@@ -135,7 +135,7 @@ index f17afb5..98de1ee 100644
hi->poolidx = -1;
/* Select a host if needed. */
-@@ -583,7 +606,7 @@ map_host (ctrl_t ctrl, const char *name, int force_reselect,
+@@ -578,7 +601,7 @@ map_host (ctrl_t ctrl, const char *name, int force_reselect,
assert (hi);
}
@@ -144,7 +144,7 @@ index f17afb5..98de1ee 100644
{
log_error ("host '%s' marked as dead\n", hi->name);
if (r_poolname)
-@@ -688,7 +711,8 @@ ks_hkp_mark_host (ctrl_t ctrl, const char *name, int alive)
+@@ -683,7 +706,8 @@ ks_hkp_mark_host (ctrl_t ctrl, const char *name, int alive)
{
gpg_error_t err = 0;
hostinfo_t hi, hi2;
@@ -154,7 +154,7 @@ index f17afb5..98de1ee 100644
if (!name || !*name || !strcmp (name, "localhost"))
return 0;
-@@ -697,13 +721,15 @@ ks_hkp_mark_host (ctrl_t ctrl, const char *name, int alive)
+@@ -692,13 +716,15 @@ ks_hkp_mark_host (ctrl_t ctrl, const char *name, int alive)
if (idx == -1)
return gpg_error (GPG_ERR_NOT_FOUND);
@@ -172,7 +172,7 @@ index f17afb5..98de1ee 100644
{
hi->dead = 1;
hi->died_at = 0; /* Manually set dead. */
-@@ -735,14 +761,15 @@ ks_hkp_mark_host (ctrl_t ctrl, const char *name, int alive)
+@@ -730,14 +756,15 @@ ks_hkp_mark_host (ctrl_t ctrl, const char *name, int alive)
hi2 = hosttable[n];
if (!hi2)
@@ -191,7 +191,7 @@ index f17afb5..98de1ee 100644
{
hi2->dead = 1;
hi2->died_at = 0; /* Manually set dead. */
-@@ -944,34 +971,6 @@ ks_hkp_resolve (ctrl_t ctrl, parsed_uri_t uri)
+@@ -939,34 +966,6 @@ ks_hkp_resolve (ctrl_t ctrl, parsed_uri_t uri)
}
diff --git a/debian/patches/dirmngr-idling/0004-dirmngr-Avoid-automatically-checking-upstream-swdb.patch b/debian/patches/dirmngr-idling/0004-dirmngr-Avoid-automatically-checking-upstream-swdb.patch
index 879e7c7..0851a62 100644
--- a/debian/patches/dirmngr-idling/0004-dirmngr-Avoid-automatically-checking-upstream-swdb.patch
+++ b/debian/patches/dirmngr-idling/0004-dirmngr-Avoid-automatically-checking-upstream-swdb.patch
@@ -13,10 +13,10 @@ Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
1 file changed, 13 deletions(-)
diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c
-index 49a7835..f54d3ab 100644
+index 130f74bc7..58a424e8c 100644
--- a/dirmngr/dirmngr.c
+++ b/dirmngr/dirmngr.c
-@@ -1769,7 +1769,6 @@ static void *
+@@ -1773,7 +1773,6 @@ static void *
housekeeping_thread (void *arg)
{
static int sentinel;
@@ -24,7 +24,7 @@ index 49a7835..f54d3ab 100644
(void)arg;
-@@ -1782,18 +1781,6 @@ housekeeping_thread (void *arg)
+@@ -1786,18 +1785,6 @@ housekeeping_thread (void *arg)
if (opt.verbose > 1)
log_info ("starting housekeeping\n");
diff --git a/debian/patches/dirmngr-idling/0005-dirmngr-Drop-useless-housekeeping.patch b/debian/patches/dirmngr-idling/0005-dirmngr-Drop-useless-housekeeping.patch
index 8f77f9b..affb982 100644
--- a/debian/patches/dirmngr-idling/0005-dirmngr-Drop-useless-housekeeping.patch
+++ b/debian/patches/dirmngr-idling/0005-dirmngr-Drop-useless-housekeeping.patch
@@ -19,10 +19,10 @@ Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
1 file changed, 5 insertions(+), 108 deletions(-)
diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c
-index f54d3ab..e46a889 100644
+index 58a424e8c..0b8bb02e6 100644
--- a/dirmngr/dirmngr.c
+++ b/dirmngr/dirmngr.c
-@@ -296,13 +296,6 @@ static int active_connections;
+@@ -304,13 +304,6 @@ static int active_connections;
* thread to run background network tasks. */
static int network_activity_seen;
@@ -36,7 +36,7 @@ index f54d3ab..e46a889 100644
/* This union is used to avoid compiler warnings in case a pointer is
64 bit and an int 32 bit. We store an integer in a pointer and get
it back later (npth_getspecific et al.). */
-@@ -1764,83 +1757,6 @@ handle_signal (int signo)
+@@ -1768,83 +1761,6 @@ handle_signal (int signo)
#endif /*!HAVE_W32_SYSTEM*/
@@ -120,7 +120,7 @@ index f54d3ab..e46a889 100644
/* Check the nonce on a new connection. This is a NOP unless we are
using our Unix domain socket emulation under Windows. */
static int
-@@ -1940,9 +1856,6 @@ handle_connections (assuan_fd_t listen_fd)
+@@ -1945,9 +1861,6 @@ handle_connections (assuan_fd_t listen_fd)
gnupg_fd_t fd;
int nfd, ret;
fd_set fdset, read_fdset;
@@ -128,9 +128,9 @@ index f54d3ab..e46a889 100644
- struct timespec curtime;
- struct timespec timeout;
int saved_errno;
- #ifdef HAVE_INOTIFY_INIT
- int my_inotify_fd;
-@@ -1984,9 +1897,7 @@ handle_connections (assuan_fd_t listen_fd)
+ int my_inotify_fd = -1;
+
+@@ -1987,9 +1900,7 @@ handle_connections (assuan_fd_t listen_fd)
#endif /*HAVE_INOTIFY_INIT*/
@@ -141,9 +141,9 @@ index f54d3ab..e46a889 100644
FD_ZERO (&fdset);
FD_SET (FD2INT (listen_fd), &fdset);
nfd = FD2INT (listen_fd);
-@@ -1999,9 +1910,6 @@ handle_connections (assuan_fd_t listen_fd)
+@@ -2000,9 +1911,6 @@ handle_connections (assuan_fd_t listen_fd)
+ nfd = my_inotify_fd;
}
- #endif /*HAVE_INOTIFY_INIT*/
- npth_clock_gettime (&abstime);
- abstime.tv_sec += TIMERTICK_INTERVAL;
@@ -151,15 +151,16 @@ index f54d3ab..e46a889 100644
/* Main loop. */
for (;;)
{
-@@ -2012,31 +1920,21 @@ handle_connections (assuan_fd_t listen_fd)
+@@ -2013,7 +1921,7 @@ handle_connections (assuan_fd_t listen_fd)
break; /* ready */
/* Do not accept new connections but keep on running the
-- loop to cope with the timer events. */
-+ select loop to wait for signals (e.g. SIGCHLD). */
- FD_ZERO (&fdset);
- }
-
+- * loop to cope with the timer events.
++ * select loop to wait for signals (e.g. SIGCHLD).
+ *
+ * Note that we do not close the listening socket because a
+ * client trying to connect to that socket would instead
+@@ -2033,24 +1941,14 @@ handle_connections (assuan_fd_t listen_fd)
/* Take a copy of the fdset. */
read_fdset = fdset;
@@ -186,7 +187,7 @@ index f54d3ab..e46a889 100644
saved_errno = errno;
#endif
-@@ -2050,8 +1948,7 @@ handle_connections (assuan_fd_t listen_fd)
+@@ -2064,8 +1962,7 @@ handle_connections (assuan_fd_t listen_fd)
if (ret <= 0)
{
diff --git a/debian/patches/gpg-agent-idling/0001-agent-Create-framework-of-scheduled-timers.patch b/debian/patches/gpg-agent-idling/0001-agent-Create-framework-of-scheduled-timers.patch
index 2807fcd..b758117 100644
--- a/debian/patches/gpg-agent-idling/0001-agent-Create-framework-of-scheduled-timers.patch
+++ b/debian/patches/gpg-agent-idling/0001-agent-Create-framework-of-scheduled-timers.patch
@@ -31,10 +31,10 @@ Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
1 file changed, 58 insertions(+), 29 deletions(-)
diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
-index 84e6667..c014289 100644
+index f5ecea544..82c8ae062 100644
--- a/agent/gpg-agent.c
+++ b/agent/gpg-agent.c
-@@ -2269,11 +2269,6 @@ create_directories (void)
+@@ -2270,11 +2270,6 @@ create_directories (void)
static void
handle_tick (void)
{
@@ -46,7 +46,7 @@ index 84e6667..c014289 100644
/* Check whether the scdaemon has died and cleanup in this case. */
agent_scd_check_aliveness ();
-@@ -2292,16 +2287,6 @@ handle_tick (void)
+@@ -2293,16 +2288,6 @@ handle_tick (void)
}
}
#endif /*HAVE_W32_SYSTEM*/
@@ -63,7 +63,7 @@ index 84e6667..c014289 100644
}
-@@ -2698,6 +2683,15 @@ start_connection_thread_ssh (void *arg)
+@@ -2699,6 +2684,15 @@ start_connection_thread_ssh (void *arg)
}
@@ -79,7 +79,7 @@ index 84e6667..c014289 100644
/* Connection handler loop. Wait for connection requests and spawn a
thread after accepting a connection. */
static void
-@@ -2715,9 +2709,11 @@ handle_connections (gnupg_fd_t listen_fd,
+@@ -2716,9 +2710,11 @@ handle_connections (gnupg_fd_t listen_fd,
gnupg_fd_t fd;
int nfd;
int saved_errno;
@@ -91,7 +91,7 @@ index 84e6667..c014289 100644
#ifdef HAVE_W32_SYSTEM
HANDLE events[2];
unsigned int events_set;
-@@ -2733,6 +2729,14 @@ handle_connections (gnupg_fd_t listen_fd,
+@@ -2734,6 +2730,14 @@ handle_connections (gnupg_fd_t listen_fd,
{ "browser", start_connection_thread_browser },
{ "ssh", start_connection_thread_ssh }
};
@@ -106,7 +106,7 @@ index 84e6667..c014289 100644
ret = npth_attr_init(&tattr);
-@@ -2822,9 +2826,6 @@ handle_connections (gnupg_fd_t listen_fd,
+@@ -2823,9 +2827,6 @@ handle_connections (gnupg_fd_t listen_fd,
listentbl[2].l_fd = listen_fd_browser;
listentbl[3].l_fd = listen_fd_ssh;
@@ -116,7 +116,7 @@ index 84e6667..c014289 100644
for (;;)
{
/* Shutdown test. */
-@@ -2842,18 +2843,47 @@ handle_connections (gnupg_fd_t listen_fd,
+@@ -2854,18 +2855,47 @@ handle_connections (gnupg_fd_t listen_fd,
thus a simple assignment is fine to copy the entire set. */
read_fdset = fdset;
@@ -173,7 +173,7 @@ index 84e6667..c014289 100644
npth_sigev_sigmask ());
saved_errno = errno;
-@@ -2863,7 +2893,7 @@ handle_connections (gnupg_fd_t listen_fd,
+@@ -2875,7 +2905,7 @@ handle_connections (gnupg_fd_t listen_fd,
handle_signal (signo);
}
#else
@@ -182,7 +182,7 @@ index 84e6667..c014289 100644
events, &events_set);
saved_errno = errno;
-@@ -2886,7 +2916,6 @@ handle_connections (gnupg_fd_t listen_fd,
+@@ -2898,7 +2928,6 @@ handle_connections (gnupg_fd_t listen_fd,
if (!shutdown_pending)
{
diff --git a/debian/patches/gpg-agent-idling/0002-agent-Allow-threads-to-interrupt-main-select-loop-wi.patch b/debian/patches/gpg-agent-idling/0002-agent-Allow-threads-to-interrupt-main-select-loop-wi.patch
index fad6d17..6d294d3 100644
--- a/debian/patches/gpg-agent-idling/0002-agent-Allow-threads-to-interrupt-main-select-loop-wi.patch
+++ b/debian/patches/gpg-agent-idling/0002-agent-Allow-threads-to-interrupt-main-select-loop-wi.patch
@@ -21,10 +21,10 @@ Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
2 files changed, 19 insertions(+), 1 deletion(-)
diff --git a/agent/agent.h b/agent/agent.h
-index 2dfbf5c..42fcd89 100644
+index 89dc46d05..147d242ec 100644
--- a/agent/agent.h
+++ b/agent/agent.h
-@@ -347,6 +347,7 @@ void *get_agent_scd_notify_event (void);
+@@ -345,6 +345,7 @@ void *get_agent_scd_notify_event (void);
#endif
void agent_sighup_action (void);
int map_pk_openpgp_to_gcry (int openpgp_algo);
@@ -33,10 +33,10 @@ index 2dfbf5c..42fcd89 100644
/*-- command.c --*/
gpg_error_t agent_inq_pinentry_launched (ctrl_t ctrl, unsigned long pid,
diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
-index c014289..28d24eb 100644
+index 82c8ae062..04a775c9b 100644
--- a/agent/gpg-agent.c
+++ b/agent/gpg-agent.c
-@@ -383,6 +383,9 @@ static char *current_logfile;
+@@ -382,6 +382,9 @@ static char *current_logfile;
watched. */
static pid_t parent_pid = (pid_t)(-1);
@@ -46,7 +46,7 @@ index c014289..28d24eb 100644
/* Number of active connections. */
static int active_connections;
-@@ -2019,7 +2022,7 @@ get_agent_scd_notify_event (void)
+@@ -2020,7 +2023,7 @@ get_agent_scd_notify_event (void)
GetCurrentProcess(), &h2,
EVENT_MODIFY_STATE|SYNCHRONIZE, TRUE, 0))
{
@@ -55,7 +55,7 @@ index c014289..28d24eb 100644
w32_strerror (-1) );
CloseHandle (h);
}
-@@ -2345,6 +2348,10 @@ handle_signal (int signo)
+@@ -2346,6 +2349,10 @@ handle_signal (int signo)
agent_sigusr2_action ();
break;
@@ -66,7 +66,7 @@ index c014289..28d24eb 100644
case SIGTERM:
if (!shutdown_pending)
log_info ("SIGTERM received - shutting down ...\n");
-@@ -2683,6 +2690,13 @@ start_connection_thread_ssh (void *arg)
+@@ -2684,6 +2691,13 @@ start_connection_thread_ssh (void *arg)
}
@@ -80,7 +80,7 @@ index c014289..28d24eb 100644
/* helper function for readability: test whether a given struct
timespec is set to all-zeros */
static inline int
-@@ -2751,8 +2765,10 @@ handle_connections (gnupg_fd_t listen_fd,
+@@ -2752,8 +2766,10 @@ handle_connections (gnupg_fd_t listen_fd,
npth_sigev_add (SIGUSR1);
npth_sigev_add (SIGUSR2);
npth_sigev_add (SIGINT);
@@ -91,7 +91,7 @@ index c014289..28d24eb 100644
#else
# ifdef HAVE_W32CE_SYSTEM
/* Use a dummy event. */
-@@ -2764,6 +2780,7 @@ handle_connections (gnupg_fd_t listen_fd,
+@@ -2765,6 +2781,7 @@ handle_connections (gnupg_fd_t listen_fd,
# endif
#endif
diff --git a/debian/patches/gpg-agent-idling/0003-agent-Avoid-tight-timer-tick-when-possible.patch b/debian/patches/gpg-agent-idling/0003-agent-Avoid-tight-timer-tick-when-possible.patch
index 6f2b199..c1d8ee0 100644
--- a/debian/patches/gpg-agent-idling/0003-agent-Avoid-tight-timer-tick-when-possible.patch
+++ b/debian/patches/gpg-agent-idling/0003-agent-Avoid-tight-timer-tick-when-possible.patch
@@ -21,7 +21,7 @@ Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
2 files changed, 27 insertions(+), 2 deletions(-)
diff --git a/agent/call-scd.c b/agent/call-scd.c
-index ba59c18..1ac0f6b 100644
+index ba59c1825..1ac0f6ba5 100644
--- a/agent/call-scd.c
+++ b/agent/call-scd.c
@@ -407,7 +407,9 @@ start_scd (ctrl_t ctrl)
@@ -36,10 +36,10 @@ index ba59c18..1ac0f6b 100644
xfree (abs_homedir);
if (err)
diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
-index 28d24eb..4a3ee28 100644
+index 04a775c9b..1bfe0f3ae 100644
--- a/agent/gpg-agent.c
+++ b/agent/gpg-agent.c
-@@ -2266,6 +2266,26 @@ create_directories (void)
+@@ -2267,6 +2267,26 @@ create_directories (void)
}
@@ -66,7 +66,7 @@ index 28d24eb..4a3ee28 100644
/* This is the worker for the ticker. It is called every few seconds
and may only do fast operations. */
-@@ -2324,7 +2344,7 @@ agent_sigusr2_action (void)
+@@ -2325,7 +2345,7 @@ agent_sigusr2_action (void)
#ifndef HAVE_W32_SYSTEM
/* The signal handler for this program. It is expected to be run in
@@ -75,7 +75,7 @@ index 28d24eb..4a3ee28 100644
static void
handle_signal (int signo)
{
-@@ -2860,6 +2880,9 @@ handle_connections (gnupg_fd_t listen_fd,
+@@ -2872,6 +2892,9 @@ handle_connections (gnupg_fd_t listen_fd,
thus a simple assignment is fine to copy the entire set. */
read_fdset = fdset;
diff --git a/debian/patches/gpg-agent-idling/0004-agent-Avoid-scheduled-checks-on-socket-when-inotify-.patch b/debian/patches/gpg-agent-idling/0004-agent-Avoid-scheduled-checks-on-socket-when-inotify-.patch
index e8b57e7..6a565ea 100644
--- a/debian/patches/gpg-agent-idling/0004-agent-Avoid-scheduled-checks-on-socket-when-inotify-.patch
+++ b/debian/patches/gpg-agent-idling/0004-agent-Avoid-scheduled-checks-on-socket-when-inotify-.patch
@@ -12,10 +12,10 @@ Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
1 file changed, 2 insertions(+)
diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
-index 4a3ee28..2bc70e3 100644
+index 1bfe0f3ae..0e5354947 100644
--- a/agent/gpg-agent.c
+++ b/agent/gpg-agent.c
-@@ -2882,6 +2882,8 @@ handle_connections (gnupg_fd_t listen_fd,
+@@ -2894,6 +2894,8 @@ handle_connections (gnupg_fd_t listen_fd,
/* avoid a fine-grained timer if we don't need one: */
timertbl[0].interval.tv_sec = need_tick () ? TIMERTICK_INTERVAL : 0;
diff --git a/debian/patches/series b/debian/patches/series
index c00a636..a43241d 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -9,18 +9,3 @@ gpg-agent-idling/0001-agent-Create-framework-of-scheduled-timers.patch
gpg-agent-idling/0002-agent-Allow-threads-to-interrupt-main-select-loop-wi.patch
gpg-agent-idling/0003-agent-Avoid-tight-timer-tick-when-possible.patch
gpg-agent-idling/0004-agent-Avoid-scheduled-checks-on-socket-when-inotify-.patch
-0013-agent-Fix-npth-daemon-mode-problem.patch
-0014-doc-Clarify-dirmngr-homedir-option.patch
-0014-scd-Fix-receive-buffer-size.patch
-0015-scd-Support-OpenPGP-card-V3-for-RSA.patch
-0016-g10-Fix-iteration-over-getkey-results.patch
-0017-dirmngr-Lazily-launch-ldap-reaper-thread.patch
-0018-g10-Fix-memory-leak.patch
-0019-gpg-sm-Merge-the-two-versions-of-check_special_filen.patch
-0020-gpg-Make-decrypt-with-output-nnnn-work.patch
-0021-gpgsm-Allow-decryption-with-a-card-returning-a-PKCS-.patch
-0022-agent-dirmngr-Handle-corner-case-in-shutdown-mode.patch
-0023-agent-dirmngr-Tiny-restructuring.patch
-0024-gpg-Let-only-Dirmngr-decide-whether-CERT-is-supporte.patch
-0025-gpg-Fix-error-code-arg-in-ERRSIG-status-line.patch
-0026-agent-Respect-enable-large-secmem.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git
More information about the Pkg-gnupg-commit
mailing list