[Pkg-gnupg-commit] [gnupg2] 47/49: drop patches already upstream
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Nov 8 19:31:06 UTC 2017
This is an automated email from the git hooks/post-receive script.
dkg pushed a commit to branch master
in repository gnupg2.
commit 31836d0a80a3c859cbd1c7f1c28af2d763e34353
Author: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
Date: Wed Nov 8 20:06:31 2017 +0100
drop patches already upstream
---
.../doc-Make-check-sigs-more-prominent.patch | 174 ---------------------
...pt-the-Z-suffix-for-yymmddThhmmssZ-format.patch | 44 ------
...-find_and_check_key-for-multiple-keyrings.patch | 59 -------
debian/patches/series | 3 -
4 files changed, 280 deletions(-)
diff --git a/debian/patches/doc-Make-check-sigs-more-prominent.patch b/debian/patches/doc-Make-check-sigs-more-prominent.patch
deleted file mode 100644
index ca88252..0000000
--- a/debian/patches/doc-Make-check-sigs-more-prominent.patch
+++ /dev/null
@@ -1,174 +0,0 @@
-From: Werner Koch <wk at gnupg.org>
-Date: Wed, 27 Sep 2017 17:18:55 +0200
-Subject: doc: Make --check-sigs more prominent.
-
---
-
-It seems people are using --list-sigs instead of --check-sigs and do
-not realize that the signatures are not checked at all. We better
-highlight the use of --check-sigs to avoid this UI problem.
-
-Suggested-by: Andrew Gallagher
-Signed-off-by: Werner Koch <wk at gnupg.org>
-(cherry picked from commit e725c4d65335d18dea6b855726ee7c57afd4a60a)
----
- doc/gpg.texi | 81 +++++++++++++++++++++++++++++++-----------------------------
- 1 file changed, 42 insertions(+), 39 deletions(-)
-
-diff --git a/doc/gpg.texi b/doc/gpg.texi
-index b6a9b2d..b14cb37 100644
---- a/doc/gpg.texi
-+++ b/doc/gpg.texi
-@@ -309,43 +309,36 @@ the key using the command @option{--export-secret-subkeys}). A
- @code{>} after these tags indicate that the key is stored on a
- smartcard. See also @option{--list-keys}.
-
-- at item --list-signatures
-- at opindex list-signatures
-- at itemx --list-sigs
-- at opindex list-sigs
--Same as @option{--list-keys}, but the signatures are listed too.
--This command has the same effect as
--using @option{--list-keys} with @option{--with-sig-list}.
--
--For each signature listed, there are several flags in between the "sig"
--tag and keyid. These flags give additional information about each
--signature. From left to right, they are the numbers 1-3 for certificate
--check level (see @option{--ask-cert-level}), "L" for a local or
--non-exportable signature (see @option{--lsign-key}), "R" for a
--nonRevocable signature (see the @option{--edit-key} command "nrsign"),
--"P" for a signature that contains a policy URL (see
-- at option{--cert-policy-url}), "N" for a signature that contains a
--notation (see @option{--cert-notation}), "X" for an eXpired signature
--(see @option{--ask-cert-expire}), and the numbers 1-9 or "T" for 10 and
--above to indicate trust signature levels (see the @option{--edit-key}
--command "tsign").
--
- @item --check-signatures
- @opindex check-signatures
- @itemx --check-sigs
- @opindex check-sigs
--Same as @option{--list-signatures}, but the signatures are verified. Note
--that for performance reasons the revocation status of a signing key is
--not shown.
--This command has the same effect as
-+Same as @option{--list-keys}, but the key signatures are verified and
-+listed too. Note that for performance reasons the revocation status
-+of a signing key is not shown. This command has the same effect as
- using @option{--list-keys} with @option{--with-sig-check}.
-
--The status of the verification is indicated by a flag directly following
--the "sig" tag (and thus before the flags described above for
-- at option{--list-signatures}). A "!" indicates that the signature has been
--successfully verified, a "-" denotes a bad signature and a "%" is used
--if an error occurred while checking the signature (e.g. a non supported
--algorithm).
-+The status of the verification is indicated by a flag directly
-+following the "sig" tag (and thus before the flags described below. A
-+"!" indicates that the signature has been successfully verified, a "-"
-+denotes a bad signature and a "%" is used if an error occurred while
-+checking the signature (e.g. a non supported algorithm). Signatures
-+where the public key is not availabale are not listed; to see their
-+keyids the command @option{--list-sigs} can be used.
-+
-+For each signature listed, there are several flags in between the
-+signature status flag and keyid. These flags give additional
-+information about each key signature. From left to right, they are
-+the numbers 1-3 for certificate check level (see
-+ at option{--ask-cert-level}), "L" for a local or non-exportable
-+signature (see @option{--lsign-key}), "R" for a nonRevocable signature
-+(see the @option{--edit-key} command "nrsign"), "P" for a signature
-+that contains a policy URL (see @option{--cert-policy-url}), "N" for a
-+signature that contains a notation (see @option{--cert-notation}), "X"
-+for an eXpired signature (see @option{--ask-cert-expire}), and the
-+numbers 1-9 or "T" for 10 and above to indicate trust signature levels
-+(see the @option{--edit-key} command "tsign").
-+
-
- @item --locate-keys
- @opindex locate-keys
-@@ -360,7 +353,7 @@ be used to locate a key. Only public keys are listed.
- List all keys (or the specified ones) along with their
- fingerprints. This is the same output as @option{--list-keys} but with
- the additional output of a line with the fingerprint. May also be
--combined with @option{--list-signatures} or @option{--check-signatures}. If this
-+combined with @option{--check-signatures}. If this
- command is given twice, the fingerprints of all secondary keys are
- listed too. This command also forces pretty printing of fingerprints
- if the keyid format has been set to "none".
-@@ -1254,7 +1247,7 @@ Assume "no" on most questions.
- @opindex list-options
- This is a space or comma delimited string that gives options used when
- listing keys and signatures (that is, @option{--list-keys},
-- at option{--list-signatures}, @option{--list-public-keys},
-+ at option{--check-signatures}, @option{--list-public-keys},
- @option{--list-secret-keys}, and the @option{--edit-key} functions).
- Options can be prepended with a @option{no-} (after the two dashes) to
- give the opposite meaning. The options are:
-@@ -1263,7 +1256,7 @@ give the opposite meaning. The options are:
-
- @item show-photos
- @opindex list-options:show-photos
-- Causes @option{--list-keys}, @option{--list-signatures},
-+ Causes @option{--list-keys}, @option{--check-signatures},
- @option{--list-public-keys}, and @option{--list-secret-keys} to
- display any photo IDs attached to the key. Defaults to no. See also
- @option{--photo-viewer}. Does not work with @option{--with-colons}:
-@@ -1279,7 +1272,7 @@ give the opposite meaning. The options are:
-
- @item show-policy-urls
- @opindex list-options:show-policy-urls
-- Show policy URLs in the @option{--list-signatures} or @option{--check-signatures}
-+ Show policy URLs in the @option{--check-signatures}
- listings. Defaults to no.
-
- @item show-notations
-@@ -1289,11 +1282,11 @@ give the opposite meaning. The options are:
- @opindex list-options:show-std-notations
- @opindex list-options:show-user-notations
- Show all, IETF standard, or user-defined signature notations in the
-- @option{--list-signatures} or @option{--check-signatures} listings. Defaults to no.
-+ @option{--check-signatures} listings. Defaults to no.
-
- @item show-keyserver-urls
- @opindex list-options:show-keyserver-urls
-- Show any preferred keyserver URL in the @option{--list-signatures} or
-+ Show any preferred keyserver URL in the
- @option{--check-signatures} listings. Defaults to no.
-
- @item show-uid-validity
-@@ -1316,7 +1309,7 @@ give the opposite meaning. The options are:
-
- @item show-sig-expire
- @opindex list-options:show-sig-expire
-- Show signature expiration dates (if any) during @option{--list-signatures} or
-+ Show signature expiration dates (if any) during
- @option{--check-signatures} listings. Defaults to no.
-
- @item show-sig-subpackets
-@@ -1325,7 +1318,7 @@ give the opposite meaning. The options are:
- optional argument list of the subpackets to list. If no argument is
- passed, list all subpackets. Defaults to no. This option is only
- meaningful when using @option{--with-colons} along with
-- @option{--list-signatures} or @option{--check-signatures}.
-+ @option{--check-signatures}.
-
- @end table
-
-@@ -3224,6 +3217,16 @@ verification is not needed.
- Print key listings delimited by colons (like @option{--with-colons}) and
- print the public key data.
-
-+ at item --list-signatures
-+ at opindex list-signatures
-+ at itemx --list-sigs
-+ at opindex list-sigs
-+Same as @option{--list-keys}, but the signatures are listed too. This
-+command has the same effect as using @option{--list-keys} with
-+ at option{--with-sig-list}. Note that in contrast to
-+ at option{--check-signatures} the key signatures are not verified.
-+
-+
- @item --fast-list-mode
- @opindex fast-list-mode
- Changes the output of the list commands to work faster; this is achieved
diff --git a/debian/patches/from-master/common-Accept-the-Z-suffix-for-yymmddThhmmssZ-format.patch b/debian/patches/from-master/common-Accept-the-Z-suffix-for-yymmddThhmmssZ-format.patch
deleted file mode 100644
index 12bcc07..0000000
--- a/debian/patches/from-master/common-Accept-the-Z-suffix-for-yymmddThhmmssZ-format.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-From: NIIBE Yutaka <gniibe at fsij.org>
-Date: Tue, 19 Sep 2017 16:09:05 +0900
-Subject: common: Accept the Z-suffix for yymmddThhmmssZ format.
-
-* common/gettime.c (isotime_p): Accept the Z suffix.
-
---
-
-The intention is use for human interface.
-
-GnuPG-bug-id: 3278
-Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
-(cherry picked from commit ba8afc4966cca1f6aaf9b2a9bfc3220782306c2b)
----
- common/gettime.c | 9 ++++++---
- 1 file changed, 6 insertions(+), 3 deletions(-)
-
-diff --git a/common/gettime.c b/common/gettime.c
-index 3e1ee55..4ad99f5 100644
---- a/common/gettime.c
-+++ b/common/gettime.c
-@@ -222,6 +222,8 @@ isotime_p (const char *string)
- for (s++, i=9; i < 15; i++, s++)
- if (!digitp (s))
- return 0;
-+ if (*s == 'Z')
-+ s++;
- if ( !(!*s || (isascii (*s) && isspace(*s)) || *s == ':' || *s == ','))
- return 0; /* Wrong delimiter. */
-
-@@ -354,9 +356,10 @@ string2isotime (gnupg_isotime_t atime, const char *string)
- }
-
-
--/* Scan an ISO timestamp and return an Epoch based timestamp. The only
-- supported format is "yyyymmddThhmmss" delimited by white space, nul, a
-- colon or a comma. Returns (time_t)(-1) for an invalid string. */
-+/* Scan an ISO timestamp and return an Epoch based timestamp. The
-+ only supported format is "yyyymmddThhmmss[Z]" delimited by white
-+ space, nul, a colon or a comma. Returns (time_t)(-1) for an
-+ invalid string. */
- time_t
- isotime2epoch (const char *string)
- {
diff --git a/debian/patches/from-master/g10-Fix-find_and_check_key-for-multiple-keyrings.patch b/debian/patches/from-master/g10-Fix-find_and_check_key-for-multiple-keyrings.patch
deleted file mode 100644
index 8be38d0..0000000
--- a/debian/patches/from-master/g10-Fix-find_and_check_key-for-multiple-keyrings.patch
+++ /dev/null
@@ -1,59 +0,0 @@
-From: NIIBE Yutaka <gniibe at fsij.org>
-Date: Thu, 19 Oct 2017 11:08:24 +0900
-Subject: g10: Fix find_and_check_key for multiple keyrings.
-MIME-Version: 1.0
-Content-Type: text/plain; charset="utf-8"
-Content-Transfer-Encoding: base64
-
-KiBnMTAvcGtjbGlzdC5jIChmaW5kX2FuZF9jaGVja19rZXkpOiBDYWxsIGdldF92YWxpZGl0eSBv
-biBhIHNwZWNpZmljCmtleWJsb2NrLgoKLS0KCldoZW4gd2UgaGF2ZSBtdWx0aXBsZSBrZXlyaW5n
-cywgZ2V0X3ZhbGlkaXR5IGFmdGVyCmdldF9iZXN0X3B1YmtleV9ieW5hbWUgc2hvdWxkIGFjY2Vz
-cyBzYW1lIGtleXJpbmcuICBPciBlbHNlLCB0aGUKc2l0dWF0aW9uIG9mIGFuIGV4cGlyZWQga2V5
-IGluIGtleXJpbmcgQSBidXQgdmFsaWQga2V5IGluIGtleXJpbmcgQgpjYXVzZXMgU0VHVi4KClRo
-YW5rcyB0byBHdWlkbyBHw7xudGhlciBmb3IgdGhlIHVzZSBjYXNlIGFuZCB0aGUgbG9nLgoKRGVi
-aWFuLWJ1Zy1pZDogODc4ODEyClNpZ25lZC1vZmYtYnk6IE5JSUJFIFl1dGFrYSA8Z25paWJlQGZz
-aWoub3JnPgooY2hlcnJ5IHBpY2tlZCBmcm9tIGNvbW1pdCA5OTVjNDZlYTc3Y2ZmNWI5OWIyZmNh
-MTdiNTQ3ZDY1MjVhNGYyMjdlKQo=
----
- g10/pkclist.c | 7 +++++--
- 1 file changed, 5 insertions(+), 2 deletions(-)
-
-diff --git a/g10/pkclist.c b/g10/pkclist.c
-index 67d932e..220936c 100644
---- a/g10/pkclist.c
-+++ b/g10/pkclist.c
-@@ -826,6 +826,7 @@ find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use,
- {
- int rc;
- PKT_public_key *pk;
-+ KBNODE keyblock = NULL;
-
- if (!name || !*name)
- return gpg_error (GPG_ERR_INV_USER_ID);
-@@ -838,7 +839,7 @@ find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use,
- if (from_file)
- rc = get_pubkey_fromfile (ctrl, pk, name);
- else
-- rc = get_best_pubkey_byname (ctrl, NULL, pk, name, NULL, 0, 0);
-+ rc = get_best_pubkey_byname (ctrl, NULL, pk, name, &keyblock, 0, 0);
- if (rc)
- {
- int code;
-@@ -861,6 +862,7 @@ find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use,
- if (rc)
- {
- /* Key found but not usable for us (e.g. sign-only key). */
-+ release_kbnode (keyblock);
- send_status_inv_recp (3, name); /* Wrong key usage */
- log_error (_("%s: skipped: %s\n"), name, gpg_strerror (rc) );
- free_public_key (pk);
-@@ -872,7 +874,8 @@ find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use,
- {
- int trustlevel;
-
-- trustlevel = get_validity (ctrl, NULL, pk, pk->user_id, NULL, 1);
-+ trustlevel = get_validity (ctrl, keyblock, pk, pk->user_id, NULL, 1);
-+ release_kbnode (keyblock);
- if ( (trustlevel & TRUST_FLAG_DISABLED) )
- {
- /* Key has been disabled. */
diff --git a/debian/patches/series b/debian/patches/series
index 1390e78..619b3e7 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -14,14 +14,11 @@ from-master/gpg-default-to-3072-bit-RSA-keys.patch
from-master/gpg-default-to-AES-256.patch
from-master/agent-compile-time-configuration-of-s2k-calibration.patch
from-master/common-Fix-gnupg_wait_processes.patch
-from-master/common-Accept-the-Z-suffix-for-yymmddThhmmssZ-format.patch
from-master/scd-Distinguish-cancel-by-user-and-protocol-error.patch
from-master/agent-Fix-cancellation-handling-for-scdaemon.patch
from-master/g10-Select-a-secret-key-by-checking-availability-und.patch
update-defaults/gpg-Default-to-SHA-512-for-all-signature-types-on-RS.patch
update-defaults/gpg-Prefer-SHA-512-and-SHA-384-in-default-preference.patch
from-master/gpg-Fix-comparison.patch
-doc-Make-check-sigs-more-prominent.patch
-from-master/g10-Fix-find_and_check_key-for-multiple-keyrings.patch
from-master/assuan-Reorganize-waiting-for-socket.patch
from-master/assuan-Use-exponential-decay-for-first-1s-of-spinlock.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git
More information about the Pkg-gnupg-commit
mailing list