[Pkg-gnupg-commit] [gnupg2] 25/30: drop patches already upstream

Wed Sep 6 21:57:35 UTC 2017

This is an automated email from the git hooks/post-receive script.

dkg pushed a commit to branch master
in repository gnupg2.

commit 6611ab5a5a03522ec201d998f7ebf10d24774512
Author: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
Date:   Wed Sep 6 12:56:32 2017 -0400

    drop patches already upstream
---
 .../0013-gpg-default-to-no-auto-key-retrieve.patch | 68 ----------------------
 ...status-error-on-error-of-quick-revoke-uid.patch | 30 ----------
 debian/patches/series                              |  2 -
 3 files changed, 100 deletions(-)

diff --git a/debian/patches/0013-gpg-default-to-no-auto-key-retrieve.patch b/debian/patches/0013-gpg-default-to-no-auto-key-retrieve.patch
deleted file mode 100644
index df977fd..0000000
--- a/debian/patches/0013-gpg-default-to-no-auto-key-retrieve.patch
+++ /dev/null
@@ -1,68 +0,0 @@
-From: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
-Date: Fri, 11 Aug 2017 02:26:52 -0400
-Subject: gpg: default to --no-auto-key-retrieve.
-
-* g10/gpg.c (main): remove KEYSERVER_AUTO_KEY_RETRIEVE from the
-default keyserver options.
-* doc/gpg.texi: document this change.
---
-
-This is a partial reversion of
-7e1fe791d188b078398bf83c9af992cb1bd2a4b3.  Werner and i discussed it
-earlier today, and came to the conclusion that:
-
- * the risk of metadata leakage represented by a default
-   --auto-key-retrieve, both in e-mail (as a "web bug") and in other
-   contexts where GnuPG is used to verified signatures, is quite high.
-
- * the advantages of --auto-key-retrieve (in terms of signature
-   verification) can sometimes be achieved in other ways, such as when
-   a signed message includes a copy of its own key.
-
- * when those other ways are not useful, a graphical, user-facing
-   application can still offer the user the opportunity to choose to
-   fetch the key; or it can apply its own policy about when to set
-   --auto-key-retrieve, without needing to affect the defaults.
-
-Note that --auto-key-retrieve is specifically about signature
-verification.  Decisions about how and whether to look up a key during
-message encryption are governed by --auto-key-locate.  This change
-does not touch the --auto-key-locate default of "local,wkd".  The user
-deliberately asking gpg to encrypt to an e-mail address is a different
-scenario than having an incoming e-mail trigger a potentially unique
-network request.
-
-Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
-(cherry picked from commit e6f84116abca2ed49bf14b2e28c3c811a3717227)
----
- doc/gpg.texi | 2 +-
- g10/gpg.c    | 3 +--
- 2 files changed, 2 insertions(+), 3 deletions(-)
-
-diff --git a/doc/gpg.texi b/doc/gpg.texi
-index c71126a..b6a9b2d 100644
---- a/doc/gpg.texi
-+++ b/doc/gpg.texi
-@@ -1792,7 +1792,7 @@ list.  The default is "local,wkd".
- @opindex no-auto-key-retrieve
- These options enable or disable the automatic retrieving of keys from
- a keyserver when verifying signatures made by keys that are not on the
--local keyring.  The default is @option{--auto-key-retrieve}.
-+local keyring.  The default is @option{--no-auto-key-retrieve}.
- 
- If the method "wkd" is included in the list of methods given to
- @option{auto-key-locate}, the signer's user ID is part of the
-diff --git a/g10/gpg.c b/g10/gpg.c
-index c721cdc..c9fa7ae 100644
---- a/g10/gpg.c
-+++ b/g10/gpg.c
-@@ -2366,8 +2366,7 @@ main (int argc, char **argv)
-     opt.keyserver_options.import_options = (IMPORT_REPAIR_KEYS
- 					    | IMPORT_REPAIR_PKS_SUBKEY_BUG);
-     opt.keyserver_options.export_options = EXPORT_ATTRIBUTES;
--    opt.keyserver_options.options = (KEYSERVER_HONOR_PKA_RECORD
--                                     | KEYSERVER_AUTO_KEY_RETRIEVE);
-+    opt.keyserver_options.options = KEYSERVER_HONOR_PKA_RECORD;
-     opt.verify_options = (LIST_SHOW_UID_VALIDITY
-                           | VERIFY_SHOW_POLICY_URLS
-                           | VERIFY_SHOW_STD_NOTATIONS
diff --git a/debian/patches/0014-g10-Write-status-error-on-error-of-quick-revoke-uid.patch b/debian/patches/0014-g10-Write-status-error-on-error-of-quick-revoke-uid.patch
deleted file mode 100644
index 9d5ecbb..0000000
--- a/debian/patches/0014-g10-Write-status-error-on-error-of-quick-revoke-uid.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From: Marcus Brinkmann <marcus.brinkmann at ruhr-uni-bochum.de>
-Date: Wed, 9 Aug 2017 18:35:56 +0200
-Subject: =?utf-8?q?g10=3A=C2=A0Write_status_error_on_error_of_--quick-revo?=
- =?utf-8?q?ke-uid=2E?=
-
-* g10/keyedit.c (keyedit_quick_revuid): Write status error on error.
-
-Signed-off-by: Marcus Brinkmann <mb at g10code.com>
-GnuPG-bug-id: 2963
-(cherry picked from commit 977fc5f0eb9fdee19e66bea8cd2eb5414789b485)
----
- g10/keyedit.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/g10/keyedit.c b/g10/keyedit.c
-index e221b32..38cdbce 100644
---- a/g10/keyedit.c
-+++ b/g10/keyedit.c
-@@ -2455,7 +2455,10 @@ keyedit_quick_revuid (ctrl_t ctrl, const char *username, const char *uidtorev)
- 
-  leave:
-   if (err)
--    log_error (_("revoking the user ID failed: %s\n"), gpg_strerror (err));
-+    {
-+      log_error (_("revoking the user ID failed: %s\n"), gpg_strerror (err));
-+      write_status_error ("keyedit.revoke.uid", err);
-+    }
-   release_kbnode (keyblock);
-   keydb_release (kdbhd);
- }
diff --git a/debian/patches/series b/debian/patches/series
index 0bc329a..ea6811b 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -10,5 +10,3 @@ gpg-agent-idling/0009-agent-Allow-threads-to-interrupt-main-select-loop-wi.patch
 gpg-agent-idling/0010-agent-Avoid-tight-timer-tick-when-possible.patch
 gpg-agent-idling/0011-agent-Avoid-scheduled-checks-on-socket-when-inotify-.patch
 skip-missing-signing-keys/0013-g10-Skip-signing-keys-where-no-secret-key-is-availab.patch
-0013-gpg-default-to-no-auto-key-retrieve.patch
-0014-g10-Write-status-error-on-error-of-quick-revoke-uid.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git

