[Pkg-gnupg-commit] [gnupg2] 01/02: more upstream patches (Closes: #841437, #840680)
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Oct 26 22:00:03 UTC 2016
This is an automated email from the git hooks/post-receive script.
dkg pushed a commit to branch master
in repository gnupg2.
commit 90926d813029ccac71af1ac72599f116fc788aa1
Author: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
Date: Wed Oct 26 17:44:14 2016 -0400
more upstream patches (Closes: #841437, #840680)
---
debian/patches/0097-common-avoid-segfault.patch | 26 +++
.../0098-agent-supervised-mode-improvements.patch | 37 +++++
.../0099-doc-Fix-spelling-of-internal.patch | 23 +++
...ests-Improve-portability-of-fake-pinentry.patch | 178 +++++++++++++++++++++
...GPG_ERR_INV_VALUE-instead-of-GPG_ERR_EINV.patch | 30 ++++
.../0102-agent-Avoid-double-error-message.patch | 42 +++++
...-hang-due-to-deferred-thread-initializati.patch | 84 ++++++++++
debian/patches/series | 7 +
8 files changed, 427 insertions(+)
diff --git a/debian/patches/0097-common-avoid-segfault.patch b/debian/patches/0097-common-avoid-segfault.patch
new file mode 100644
index 0000000..b6e12ec
--- /dev/null
+++ b/debian/patches/0097-common-avoid-segfault.patch
@@ -0,0 +1,26 @@
+From: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
+Date: Tue, 25 Oct 2016 23:55:07 -0400
+Subject: common: avoid segfault
+
+* common/sysutils.c (gnupg_inotify_watch_socket): return EINVAL if
+ socket_name is NULL, rather than segfaulting
+--
+Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
+---
+ common/sysutils.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/common/sysutils.c b/common/sysutils.c
+index 2e663bc..7c44f4a 100644
+--- a/common/sysutils.c
++++ b/common/sysutils.c
+@@ -964,6 +964,9 @@ gnupg_inotify_watch_socket (int *r_fd, const char *socket_name)
+
+ *r_fd = -1;
+
++ if (!socket_name)
++ return gpg_error (GPG_ERR_EINVAL);
++
+ fname = xtrystrdup (socket_name);
+ if (!fname)
+ return my_error_from_syserror ();
diff --git a/debian/patches/0098-agent-supervised-mode-improvements.patch b/debian/patches/0098-agent-supervised-mode-improvements.patch
new file mode 100644
index 0000000..ce339c0
--- /dev/null
+++ b/debian/patches/0098-agent-supervised-mode-improvements.patch
@@ -0,0 +1,37 @@
+From: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
+Date: Tue, 25 Oct 2016 23:55:08 -0400
+Subject: agent: --supervised mode improvements.
+
+* agent/gpg-agent.c (map_supervised_socket): if the agent is running
+ in --supervised mode and is not actually given LISTEN_FDNAMES
+ directives, require at least fd 3 to be open for listening.
+--
+Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
+---
+ agent/gpg-agent.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
+index 0146d85..78c4b02 100644
+--- a/agent/gpg-agent.c
++++ b/agent/gpg-agent.c
+@@ -719,12 +719,19 @@ map_supervised_sockets (gnupg_fd_t *r_fd,
+ /* Assign the descriptors to the return values. */
+ if (!fdnames)
+ {
++ struct stat statbuf;
+ if (fd_count != 1)
+ log_error ("no LISTEN_FDNAMES and LISTEN_FDS (%d) != 1"
+ " in --supervised mode."
+ " (ignoring all sockets but the first one)\n",
+ fd_count);
++ if (fstat (3, &statbuf) == -1 && errno ==EBADF)
++ log_fatal ("file descriptor 3 must be valid in --supervised mode (as the "
++ "agent's standard socket) if LISTEN_FDNAMES is not set\n");
+ *r_fd = 3;
++ socket_name = get_socket_name (3);
++ if (!socket_name)
++ log_error ("cannot learn socket name for fd 3\n");
+ }
+ else if (fd_count != nfdnames)
+ {
diff --git a/debian/patches/0099-doc-Fix-spelling-of-internal.patch b/debian/patches/0099-doc-Fix-spelling-of-internal.patch
new file mode 100644
index 0000000..d37e61a
--- /dev/null
+++ b/debian/patches/0099-doc-Fix-spelling-of-internal.patch
@@ -0,0 +1,23 @@
+From: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
+Date: Tue, 25 Oct 2016 21:43:57 -0400
+Subject: doc: Fix spelling of "internal".
+
+--
+Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
+---
+ doc/dirmngr.texi | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi
+index 43a1d84..41c6b84 100644
+--- a/doc/dirmngr.texi
++++ b/doc/dirmngr.texi
+@@ -492,7 +492,7 @@ Note that for OCSP responses the certificate specified using the option
+
+ @item /etc/gnupg/extra-certs
+ This directory may contain extra certificates which are preloaded
+-into the interal cache on startup. Applications using dirmngr (e.g. gpgsm)
++into the internal cache on startup. Applications using dirmngr (e.g. gpgsm)
+ can request cached certificates to complete a trust chain.
+ This is convenient in cases you have a couple intermediate CA certificates
+ or certificates ususally used to sign OCSP responses.
diff --git a/debian/patches/0100-tests-Improve-portability-of-fake-pinentry.patch b/debian/patches/0100-tests-Improve-portability-of-fake-pinentry.patch
new file mode 100644
index 0000000..9836ac4
--- /dev/null
+++ b/debian/patches/0100-tests-Improve-portability-of-fake-pinentry.patch
@@ -0,0 +1,178 @@
+From: Werner Koch <wk at gnupg.org>
+Date: Wed, 26 Oct 2016 08:34:18 +0200
+Subject: tests: Improve portability of fake-pinentry.
+
+* tests/openpgp/fake-pinentry.c: Make all functions static.
+(get_passphrase): s/unlink/remove/ because that is standard C.
+(spacep): Rename to whitespace and change all callers.
+(main): Move macro out of if-then chain.
+
+Signed-off-by: Werner Koch <wk at gnupg.org>
+---
+ tests/openpgp/fake-pinentry.c | 49 ++++++++++++++++++++++++-------------------
+ 1 file changed, 28 insertions(+), 21 deletions(-)
+
+diff --git a/tests/openpgp/fake-pinentry.c b/tests/openpgp/fake-pinentry.c
+index baa79a8..f3ff5f1 100644
+--- a/tests/openpgp/fake-pinentry.c
++++ b/tests/openpgp/fake-pinentry.c
+@@ -25,9 +25,10 @@
+ #include <stdarg.h>
+ #include <unistd.h>
+
+-FILE *log_stream;
++static FILE *log_stream;
+
+-int
++
++static int
+ reply (const char *fmt, ...)
+ {
+ int result;
+@@ -47,8 +48,9 @@ reply (const char *fmt, ...)
+ return result;
+ }
+
++
+ /* Return the first line from FNAME, removing it from the file. */
+-char *
++static char *
+ get_passphrase (const char *fname)
+ {
+ char *passphrase = NULL;
+@@ -110,7 +112,7 @@ get_passphrase (const char *fname)
+
+ fclose (source);
+ fclose (sink);
+- if (unlink (fname))
++ if (remove (fname))
+ {
+ fprintf (stderr, "Failed to remove %s: %s",
+ fname, strerror (errno));
+@@ -127,17 +129,19 @@ get_passphrase (const char *fname)
+ }
+
+
+-#define spacep(p) (*(p) == ' ' || *(p) == '\t' \
+- || *(p) == '\r' || *(p) == '\n')
++#define whitespacep(p) (*(p) == ' ' || *(p) == '\t' \
++ || *(p) == '\r' || *(p) == '\n')
+
+ /* rstrip line. */
+-void
++static void
+ rstrip (char *buffer)
+ {
+ char *p;
++ if (!*buffer)
++ return; /* This is to avoid p = buffer - 1 */
+ for (p = buffer + strlen (buffer) - 1; p >= buffer; p--)
+ {
+- if (! spacep (p))
++ if (! whitespacep (p))
+ break;
+ *p = 0;
+ }
+@@ -154,13 +158,13 @@ rstrip (char *buffer)
+ char *
+ skip_options (const char *line)
+ {
+- while (spacep (line))
++ while (whitespacep (line))
+ line++;
+ while (*line == '-' && line[1] == '-')
+ {
+- while (*line && !spacep (line))
++ while (*line && !whitespacep (line))
+ line++;
+- while (spacep (line))
++ while (whitespacep (line))
+ line++;
+ }
+ return (char*) line;
+@@ -178,12 +182,12 @@ option_value (const char *line, const char *name)
+ s = strstr (line, name);
+ if (s && s >= skip_options (line))
+ return NULL;
+- if (s && (s == line || spacep (s-1))
+- && s[n] && (spacep (s+n) || s[n] == '='))
++ if (s && (s == line || whitespacep (s-1))
++ && s[n] && (whitespacep (s+n) || s[n] == '='))
+ {
+ s += n + 1;
+ s += strspn (s, " ");
+- if (*s && !spacep(s))
++ if (*s && !whitespacep(s))
+ return s;
+ }
+ return NULL;
+@@ -206,7 +210,7 @@ main (int argc, char **argv)
+ setvbuf (stdout, NULL, _IOLBF, BUFSIZ);
+
+ args = getenv ("PINENTRY_USER_DATA");
+- got_environment_user_data = args != NULL;
++ got_environment_user_data = !!args;
+ if (! args)
+ args = "";
+
+@@ -215,7 +219,7 @@ main (int argc, char **argv)
+ if (logfile)
+ {
+ char *p = logfile, more;
+- while (*p && ! spacep (p))
++ while (*p && ! whitespacep (p))
+ p++;
+ more = !! *p;
+ *p = 0;
+@@ -233,7 +237,7 @@ main (int argc, char **argv)
+ if (passphrasefile)
+ {
+ char *p = passphrasefile, more;
+- while (*p && ! spacep (p))
++ while (*p && ! whitespacep (p))
+ p++;
+ more = !! *p;
+ *p = 0;
+@@ -256,13 +260,13 @@ main (int argc, char **argv)
+ passphrase = "no PINENTRY_USER_DATA -- using default passphrase";
+ }
+
+- reply ("# fake-pinentry(%d) started. Passphrase='%s'.\n",
+- getpid (), passphrase);
++ reply ("# fake-pinentry(%u) started. Passphrase='%s'.\n",
++ (unsigned int)getpid (), passphrase);
+ reply ("OK - what's up?\n");
+
+ while (! feof (stdin))
+ {
+- char buffer[1024], *p;
++ char buffer[1024];
+
+ if (fgets (buffer, sizeof buffer, stdin) == NULL)
+ break;
+@@ -272,6 +276,8 @@ main (int argc, char **argv)
+
+ rstrip (buffer);
+
++#define OPT_USER_DATA "OPTION pinentry-user-data="
++
+ if (strncmp (buffer, "GETPIN", 6) == 0)
+ reply ("D %s\n", passphrase);
+ else if (strncmp (buffer, "BYE", 3) == 0)
+@@ -279,7 +285,6 @@ main (int argc, char **argv)
+ reply ("OK\n");
+ break;
+ }
+-#define OPT_USER_DATA "OPTION pinentry-user-data="
+ else if (strncmp (buffer, OPT_USER_DATA, strlen (OPT_USER_DATA)) == 0)
+ {
+ if (got_environment_user_data)
+@@ -299,6 +304,8 @@ main (int argc, char **argv)
+ reply ("OK\n");
+ }
+
++#undef OPT_USER_DATA
++
+ reply ("# Connection terminated.\n");
+ if (log_stream)
+ fclose (log_stream);
diff --git a/debian/patches/0101-common-Use-GPG_ERR_INV_VALUE-instead-of-GPG_ERR_EINV.patch b/debian/patches/0101-common-Use-GPG_ERR_INV_VALUE-instead-of-GPG_ERR_EINV.patch
new file mode 100644
index 0000000..a5e3a3f
--- /dev/null
+++ b/debian/patches/0101-common-Use-GPG_ERR_INV_VALUE-instead-of-GPG_ERR_EINV.patch
@@ -0,0 +1,30 @@
+From: Werner Koch <wk at gnupg.org>
+Date: Wed, 26 Oct 2016 09:02:10 +0200
+Subject: common: Use GPG_ERR_INV_VALUE instead of GPG_ERR_EINVAL.
+
+* common/sysutils.c (gnupg_inotify_watch_socket): Return
+GPG_ERR_INV_VALUE for a missing socket name and set proper error
+source.
+--
+
+By using a different value we can easier see whether the error is due
+to a system call or from GnuPG code.
+
+Signed-off-by: Werner Koch <wk at gnupg.org>
+---
+ common/sysutils.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/common/sysutils.c b/common/sysutils.c
+index 7c44f4a..6c8bd3b 100644
+--- a/common/sysutils.c
++++ b/common/sysutils.c
+@@ -965,7 +965,7 @@ gnupg_inotify_watch_socket (int *r_fd, const char *socket_name)
+ *r_fd = -1;
+
+ if (!socket_name)
+- return gpg_error (GPG_ERR_EINVAL);
++ return my_error (GPG_ERR_INV_VALUE);
+
+ fname = xtrystrdup (socket_name);
+ if (!fname)
diff --git a/debian/patches/0102-agent-Avoid-double-error-message.patch b/debian/patches/0102-agent-Avoid-double-error-message.patch
new file mode 100644
index 0000000..f9d511f
--- /dev/null
+++ b/debian/patches/0102-agent-Avoid-double-error-message.patch
@@ -0,0 +1,42 @@
+From: Werner Koch <wk at gnupg.org>
+Date: Wed, 26 Oct 2016 09:10:29 +0200
+Subject: agent: Avoid double error message.
+
+* agent/gpg-agent.c (map_supervised_sockets): Shorten error message.
+Remove unneeded diagnostic.
+--
+
+get_socket_name already prints error messages and thus there is not
+need to print another one.
+
+Signed-off-by: Werner Koch <wk at gnupg.org>
+---
+ agent/gpg-agent.c | 7 +++----
+ 1 file changed, 3 insertions(+), 4 deletions(-)
+
+diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
+index 78c4b02..8f4dade 100644
+--- a/agent/gpg-agent.c
++++ b/agent/gpg-agent.c
+@@ -720,18 +720,17 @@ map_supervised_sockets (gnupg_fd_t *r_fd,
+ if (!fdnames)
+ {
+ struct stat statbuf;
++
+ if (fd_count != 1)
+ log_error ("no LISTEN_FDNAMES and LISTEN_FDS (%d) != 1"
+ " in --supervised mode."
+ " (ignoring all sockets but the first one)\n",
+ fd_count);
+ if (fstat (3, &statbuf) == -1 && errno ==EBADF)
+- log_fatal ("file descriptor 3 must be valid in --supervised mode (as the "
+- "agent's standard socket) if LISTEN_FDNAMES is not set\n");
++ log_fatal ("file descriptor 3 must be valid in --supervised mode"
++ " if LISTEN_FDNAMES is not set\n");
+ *r_fd = 3;
+ socket_name = get_socket_name (3);
+- if (!socket_name)
+- log_error ("cannot learn socket name for fd 3\n");
+ }
+ else if (fd_count != nfdnames)
+ {
diff --git a/debian/patches/0103-dirmngr-Fix-hang-due-to-deferred-thread-initializati.patch b/debian/patches/0103-dirmngr-Fix-hang-due-to-deferred-thread-initializati.patch
new file mode 100644
index 0000000..cd53a60
--- /dev/null
+++ b/debian/patches/0103-dirmngr-Fix-hang-due-to-deferred-thread-initializati.patch
@@ -0,0 +1,84 @@
+From: Werner Koch <wk at gnupg.org>
+Date: Wed, 26 Oct 2016 10:24:41 +0200
+Subject: dirmngr: Fix hang due to deferred thread initialization.
+
+* dirmngr/dirmngr.c (main): Call ldap_wrapper_launch_thread after
+thread_init.
+--
+
+Fixes-commit: eda17649f8bd3b8ce7bfc00a3c11cbcae63c845d
+Signed-off-by: Werner Koch <wk at gnupg.org>
+---
+ dirmngr/dirmngr.c | 25 ++++++++++++-------------
+ 1 file changed, 12 insertions(+), 13 deletions(-)
+
+diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c
+index ba9f96d..cf5061c 100644
+--- a/dirmngr/dirmngr.c
++++ b/dirmngr/dirmngr.c
+@@ -983,13 +983,13 @@ main (int argc, char **argv)
+ log_debug ("... okay\n");
+ }
+
+-#if USE_LDAP
+- ldap_wrapper_launch_thread ();
+-#endif /*USE_LDAP*/
+
+ thread_init ();
+ cert_cache_init ();
+ crl_cache_init ();
++#if USE_LDAP
++ ldap_wrapper_launch_thread ();
++#endif /*USE_LDAP*/
+ start_command_handler (ASSUAN_INVALID_FD);
+ shutdown_reaper ();
+ }
+@@ -1182,13 +1182,12 @@ main (int argc, char **argv)
+ }
+ #endif
+
+-#if USE_LDAP
+- ldap_wrapper_launch_thread ();
+-#endif /*USE_LDAP*/
+-
+ thread_init ();
+ cert_cache_init ();
+ crl_cache_init ();
++#if USE_LDAP
++ ldap_wrapper_launch_thread ();
++#endif /*USE_LDAP*/
+ handle_connections (fd);
+ assuan_sock_close (fd);
+ shutdown_reaper ();
+@@ -1211,12 +1210,12 @@ main (int argc, char **argv)
+ memset (&ctrlbuf, 0, sizeof ctrlbuf);
+ dirmngr_init_default_ctrl (&ctrlbuf);
+
+-#if USE_LDAP
+- ldap_wrapper_launch_thread ();
+-#endif /*USE_LDAP*/
+ thread_init ();
+ cert_cache_init ();
+ crl_cache_init ();
++#if USE_LDAP
++ ldap_wrapper_launch_thread ();
++#endif /*USE_LDAP*/
+ if (!argc)
+ rc = crl_cache_load (&ctrlbuf, NULL);
+ else
+@@ -1237,12 +1236,12 @@ main (int argc, char **argv)
+ memset (&ctrlbuf, 0, sizeof ctrlbuf);
+ dirmngr_init_default_ctrl (&ctrlbuf);
+
+-#if USE_LDAP
+- ldap_wrapper_launch_thread ();
+-#endif /*USE_LDAP*/
+ thread_init ();
+ cert_cache_init ();
+ crl_cache_init ();
++#if USE_LDAP
++ ldap_wrapper_launch_thread ();
++#endif /*USE_LDAP*/
+ rc = crl_fetch (&ctrlbuf, argv[0], &reader);
+ if (rc)
+ log_error (_("fetching CRL from '%s' failed: %s\n"),
diff --git a/debian/patches/series b/debian/patches/series
index de68121..000b470 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -94,3 +94,10 @@
0094-agent-Minor-cleanup-for-recent-change-in-findkey.c.patch
0095-gpg-Replace-two-sprintf-calls.patch
0096-agent-tests-w32-Fix-relaying-pinentry-user-data-fix-.patch
+0097-common-avoid-segfault.patch
+0098-agent-supervised-mode-improvements.patch
+0099-doc-Fix-spelling-of-internal.patch
+0100-tests-Improve-portability-of-fake-pinentry.patch
+0101-common-Use-GPG_ERR_INV_VALUE-instead-of-GPG_ERR_EINV.patch
+0102-agent-Avoid-double-error-message.patch
+0103-dirmngr-Fix-hang-due-to-deferred-thread-initializati.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git
More information about the Pkg-gnupg-commit
mailing list