summarylogtreecommitdiffstats
diff options
context:
space:
mode:
authorxgjmibzr2021-04-10 15:37:57 -0600
committerxgjmibzr2021-04-10 15:37:57 -0600
commitc0c4423da9b2e7a1b626db55aac9b62b8e3deff9 (patch)
tree0f0bb1fcccb1316b86e7f4637e6c9cf80c156cbe
parent2fa4f2236903e94325f1bfbd7d467b441dfac2ee (diff)
downloadaur-c0c4423da9b2e7a1b626db55aac9b62b8e3deff9.tar.gz
Update to 2.3.0
Diffstat
-rw-r--r--.SRCINFO18
-rw-r--r--PKGBUILD20
-rw-r--r--gnupg2-large-keys.patch18
-rw-r--r--self-sigs-only.patch56
4 files changed, 31 insertions, 81 deletions
diff --git a/.SRCINFO b/.SRCINFO
index 1aec5f38f0db..45e8ab5fdf11 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,6 +1,6 @@
pkgbase = gnupg-largekeys
pkgdesc = Complete and free implementation of the OpenPGP standard
- pkgver = 2.2.21
+ pkgver = 2.3.0
pkgrel = 1
url = https://www.gnupg.org/
install = gnupg.install
@@ -24,25 +24,23 @@ pkgbase = gnupg-largekeys
optdepends = libldap: gpg2keys_ldap
optdepends = libusb-compat: scdaemon
optdepends = pcsclite: scdaemon
- provides = gnupg2=2.2.21
- provides = gnupg=2.2.21
+ provides = gnupg2=2.3.0
+ provides = gnupg=2.3.0
conflicts = gnupg2
conflicts = gnupg
replaces = gnupg2
replaces = gnupg
- source = https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.21.tar.bz2
- source = https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.21.tar.bz2.sig
+ source = https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.3.0.tar.bz2
+ source = https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.3.0.tar.bz2.sig
source = gnupg2-large-keys.patch
- source = self-sigs-only.patch
source = gnupg.install
validpgpkeys = D8692123C4065DEA5E0F3AB5249B39D24F25E3B6
- validpgpkeys = 46CC730865BB5C78EBABADCF04376F3EE0856959
validpgpkeys = 031EC2536E580D8EA286A9F22071B08A33BD3F06
validpgpkeys = 5B80C5754298F0CB55D8ED6ABCEF7E294B092E28
- sha256sums = 61e83278fb5fa7336658a8b73ab26f379d41275bb1c7c6e694dd9f9a6e8e76ec
+ validpgpkeys = 6DAA6E64A76D2840571B4902528897B826403ADA
+ sha256sums = 84c1ef39e8621cfb70f31463a5d1d8edeab44332bc1e0e1af9b78b6f9ed05bb4
sha256sums = SKIP
- sha256sums = 78ff880f5ab363415a4bcdc704c8a4afecc39d6bac37f4ebe53bf2e8354c2d62
- sha256sums = 0130c43321c16f53ab2290833007212f8a26b1b73bd4edc2b2b1c9db2b2d0218
+ sha256sums = fa6a7a3daec793b3c6cd95538eb0bc5682ffb1ad0227b86cf89c8a552a7a7fd3
sha256sums = ab1406c54804692dcc8144fc01a90ffd27250a3b53a89b0ab8a5cb2807fe6423
pkgname = gnupg-largekeys
diff --git a/PKGBUILD b/PKGBUILD
index 83278db4f4a0..0b22c80db88d 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -1,5 +1,6 @@
# $Id$
-# Maintainer: Felix Golatofski <contact@xdfr.de>
+# Maintainer: xgjmibzr <xgjmibzr@gmail.com>
+# Contributer: Felix Golatofski <contact@xdfr.de>
# Contributor: Ido Rosen <ido@kernel.org>
# Contributor: Gaetan Bisson <bisson@archlinux.org>
# Contributor: Tobias Powalowski <tpowa@archlinux.org>
@@ -7,7 +8,7 @@
# Contributor: Judd Vinet <jvinet@zeroflux.org>
pkgname=gnupg-largekeys
-pkgver=2.2.21
+pkgver=2.3.0
pkgrel=1
pkgdesc='Complete and free implementation of the OpenPGP standard'
url='https://www.gnupg.org/'
@@ -21,17 +22,15 @@ optdepends=('libldap: gpg2keys_ldap'
'libusb-compat: scdaemon'
'pcsclite: scdaemon')
validpgpkeys=('D8692123C4065DEA5E0F3AB5249B39D24F25E3B6'
- '46CC730865BB5C78EBABADCF04376F3EE0856959'
'031EC2536E580D8EA286A9F22071B08A33BD3F06'
- '5B80C5754298F0CB55D8ED6ABCEF7E294B092E28')
+ '5B80C5754298F0CB55D8ED6ABCEF7E294B092E28'
+ '6DAA6E64A76D2840571B4902528897B826403ADA')
source=("https://gnupg.org/ftp/gcrypt/${pkgname%%-largekeys}/${pkgname%%-largekeys}-${pkgver}.tar.bz2"{,.sig}
'gnupg2-large-keys.patch'
- 'self-sigs-only.patch'
'gnupg.install')
-sha256sums=('61e83278fb5fa7336658a8b73ab26f379d41275bb1c7c6e694dd9f9a6e8e76ec'
- 'SKIP'
- '78ff880f5ab363415a4bcdc704c8a4afecc39d6bac37f4ebe53bf2e8354c2d62'
- '0130c43321c16f53ab2290833007212f8a26b1b73bd4edc2b2b1c9db2b2d0218'
+sha256sums=('84c1ef39e8621cfb70f31463a5d1d8edeab44332bc1e0e1af9b78b6f9ed05bb4'
+ 'SKIP'
+ 'fa6a7a3daec793b3c6cd95538eb0bc5682ffb1ad0227b86cf89c8a552a7a7fd3'
'ab1406c54804692dcc8144fc01a90ffd27250a3b53a89b0ab8a5cb2807fe6423')
install=gnupg.install
@@ -43,7 +42,6 @@ replaces=('gnupg2' 'gnupg')
prepare() {
cd "${srcdir}/${pkgname%%-largekeys}-${pkgver}"
sed '/noinst_SCRIPTS = gpg-zip/c sbin_SCRIPTS += gpg-zip' -i tools/Makefile.in
- patch -R -p1 -i ../self-sigs-only.patch
patch -p1 -i ../gnupg2-large-keys.patch
}
@@ -58,7 +56,7 @@ build() {
--enable-standard-socket \
--enable-symcryptrun \
--enable-gpgtar \
- --enable-large-secmem \
+ --enable-large-secmem
make
}
diff --git a/gnupg2-large-keys.patch b/gnupg2-large-keys.patch
index b96da7fe12e8..97059f211507 100644
--- a/gnupg2-large-keys.patch
+++ b/gnupg2-large-keys.patch
@@ -1,12 +1,22 @@
diff --git a/g10/keygen.c b/g10/keygen.c
-index 560480d..7a89c05 100644
+index a4117cdd0..638a19cb2 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
-@@ -1644,7 +1644,7 @@
+@@ -1819,7 +1819,7 @@ gen_rsa (int algo, unsigned int nbits, KBNODE pub_root,
int err;
char *keyparms;
char nbitsstr[35];
- const unsigned maxsize = (opt.flags.large_rsa ? 8192 : 4096);
-+ const unsigned maxsize = (opt.flags.large_rsa ? 65535 : 4096);
-
++ const unsigned maxsize = (opt.flags.large_rsa ? 16384 : 4096);
+
log_assert (is_RSA(algo));
+
+@@ -2473,7 +2473,7 @@ get_keysize_range (int algo, unsigned int *min, unsigned int *max)
+
+ default:
+ *min = opt.compliance == CO_DE_VS ? 2048: 1024;
+- *max = 4096;
++ *max = 16384;
+ def = 3072;
+ break;
+ }
diff --git a/self-sigs-only.patch b/self-sigs-only.patch
deleted file mode 100644
index 3d7406301474..000000000000
--- a/self-sigs-only.patch
+++ /dev/null
@@ -1,56 +0,0 @@
-From: Werner Koch <wk@gnupg.org>
-Date: Thu, 4 Jul 2019 13:45:39 +0000 (+0200)
-Subject: gpg: Add "self-sigs-only" and "import-clean" to the keyserver options.
-X-Git-Url: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff_plain;h=23c978640812d123eaffd4108744bdfcf48f7c93
-
-gpg: Add "self-sigs-only" and "import-clean" to the keyserver options.
-
-* g10/gpg.c (main): Change default.
---
-
-Due to the DoS attack on the keyeservers we do not anymore default to
-import key signatures. That makes the keyserver unsuable for getting
-keys for the WoT but it still allows to retriev keys - even if that
-takes long to download the large keyblocks.
-
-To revert to the old behavior add
-
- keyserver-optiions no-self-sigs-only,no-import-clean
-
-to gpg.conf.
-
-GnuPG-bug-id: 4607
-Signed-off-by: Werner Koch <wk@gnupg.org>
----
-
-diff --git a/doc/gpg.texi b/doc/gpg.texi
-index 8feab8218..9513a4e0f 100644
---- a/doc/gpg.texi
-+++ b/doc/gpg.texi
-@@ -1917,6 +1917,11 @@ are available for all keyserver types, some common options are:
-
- @end table
-
-+The default list of options is: "self-sigs-only, import-clean,
-+repair-keys, repair-pks-subkey-bug, export-attributes,
-+honor-pka-record".
-+
-+
- @item --completes-needed @var{n}
- @opindex compliant-needed
- Number of completely trusted users to introduce a new
-diff --git a/g10/gpg.c b/g10/gpg.c
-index 66e47dde5..0bbe72394 100644
---- a/g10/gpg.c
-+++ b/g10/gpg.c
-@@ -2424,7 +2424,9 @@ main (int argc, char **argv)
- opt.import_options = IMPORT_REPAIR_KEYS;
- opt.export_options = EXPORT_ATTRIBUTES;
- opt.keyserver_options.import_options = (IMPORT_REPAIR_KEYS
-- | IMPORT_REPAIR_PKS_SUBKEY_BUG);
-+ | IMPORT_REPAIR_PKS_SUBKEY_BUG
-+ | IMPORT_SELF_SIGS_ONLY
-+ | IMPORT_CLEAN);
- opt.keyserver_options.export_options = EXPORT_ATTRIBUTES;
- opt.keyserver_options.options = KEYSERVER_HONOR_PKA_RECORD;
- opt.verify_options = (LIST_SHOW_UID_VALIDITY