summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--debian/changelog9
-rw-r--r--debian/clean5
-rw-r--r--debian/control1
-rw-r--r--debian/gbp.conf5
-rw-r--r--debian/patches/block-ptrace-on-secret-daemons/Avoid-simple-memory-dumps-via-ptrace.patch8
-rw-r--r--debian/patches/debian-packaging/Always-build-common-status-codes.h-and-common-audit-event.patch34
-rw-r--r--debian/patches/debian-packaging/Build-regexp-against-debian-s-unicode-data-package.patch39
-rw-r--r--debian/patches/dirmngr-idling/dirmngr-Avoid-automatically-checking-upstream-swdb.patch8
-rw-r--r--debian/patches/dirmngr-idling/dirmngr-Avoid-need-for-hkp-housekeeping.patch12
-rw-r--r--debian/patches/from-master/gpg-default-to-3072-bit-keys.patch12
-rw-r--r--debian/patches/gpg-agent-idling/agent-Allow-threads-to-interrupt-main-select-loop-wi.patch14
-rw-r--r--debian/patches/gpg-agent-idling/agent-Avoid-scheduled-checks-on-socket-when-inotify-.patch4
-rw-r--r--debian/patches/gpg-agent-idling/agent-Avoid-tight-timer-tick-when-possible.patch12
-rw-r--r--debian/patches/gpg-agent-idling/agent-Create-framework-of-scheduled-timers.patch20
-rw-r--r--debian/patches/gpg-drop-import-clean-from-default-keyserver-import-optio.patch8
-rw-r--r--debian/patches/import-merge-without-userid/gpg-accept-subkeys-with-a-good-revocation-but-no-self-sig.patch4
-rw-r--r--debian/patches/series2
-rw-r--r--debian/patches/update-defaults/gpg-Prefer-SHA-512-and-SHA-384-in-personal-digest.patch4
-rwxr-xr-xdebian/rules4
19 files changed, 152 insertions, 53 deletions
diff --git a/debian/changelog b/debian/changelog
index e9f59f4..7a5bc49 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+gnupg2 (2.2.43-4) unstable; urgency=medium
+
+ * Stop shipping upstream ChangeLog (/usr/share/doc/*/changelog.gz)
+ * Use debian standard UnicodeData.txt
+ * Refresh patches
+ * Rebuild generated header files in common/
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 16 May 2024 17:23:01 -0400
+
gnupg2 (2.2.43-3~progress7.99u1) graograman-backports; urgency=medium
* Uploading to graograman-backports, remaining changes:
diff --git a/debian/clean b/debian/clean
index 2a2c7cf..d0d7c31 100644
--- a/debian/clean
+++ b/debian/clean
@@ -10,3 +10,8 @@ doc/gnupg.info-2
doc/gnupg.info-3
doc/*.pdf
doc/*.png
+ChangeLog
+regexp/_unicode_mapping.c
+regexp/UnicodeData.txt
+common/audit-events.h
+common/status-codes.h
diff --git a/debian/control b/debian/control
index 1d434da..2ef0254 100644
--- a/debian/control
+++ b/debian/control
@@ -32,6 +32,7 @@ Build-Depends:
libusb-1.0-0-dev [!hurd-any],
openssh-client <!nocheck>,
pkgconf,
+ unicode-data,
texinfo <!nodoc>,
zlib1g-dev | libz-dev,
Build-Depends-Indep:
diff --git a/debian/gbp.conf b/debian/gbp.conf
index dae894c..51eb915 100644
--- a/debian/gbp.conf
+++ b/debian/gbp.conf
@@ -14,6 +14,7 @@ filter = [
'build-aux/missing',
'build-aux/mkinstalldirs',
'build-aux/texinfo.tex',
+ 'ChangeLog',
'config.h.in',
'configure',
'doc/gnupg.info*',
@@ -34,6 +35,10 @@ filter = [
'po/*.gmo',
'po/Makefile.in.in',
'po/stamp-po',
+ 'regexp/_unicode_mapping.c',
+ 'regexp/UnicodeData.txt',
+ 'common/audit-events.h',
+ 'common/status-codes.h',
]
filter-pristine-tar = False
diff --git a/debian/patches/block-ptrace-on-secret-daemons/Avoid-simple-memory-dumps-via-ptrace.patch b/debian/patches/block-ptrace-on-secret-daemons/Avoid-simple-memory-dumps-via-ptrace.patch
index 4f4b07d..5561fae 100644
--- a/debian/patches/block-ptrace-on-secret-daemons/Avoid-simple-memory-dumps-via-ptrace.patch
+++ b/debian/patches/block-ptrace-on-secret-daemons/Avoid-simple-memory-dumps-via-ptrace.patch
@@ -22,7 +22,7 @@ Upstream bug: https://dev.gnupg.org/T1211
3 files changed, 18 insertions(+), 1 deletion(-)
diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
-index 53b86dd..3f7aaae 100644
+index c3b71b0..d747707 100644
--- a/agent/gpg-agent.c
+++ b/agent/gpg-agent.c
@@ -50,6 +50,9 @@
@@ -35,7 +35,7 @@ index 53b86dd..3f7aaae 100644
#define INCLUDED_BY_MAIN_MODULE 1
#define GNUPG_COMMON_NEED_AFLOCAL
-@@ -1078,6 +1081,11 @@ main (int argc, char **argv )
+@@ -1066,6 +1069,11 @@ main (int argc, char **argv )
early_system_init ();
@@ -48,10 +48,10 @@ index 53b86dd..3f7aaae 100644
file descriptors and the signal mask. This info is required to
do the exec call properly. We don't need it on Windows. */
diff --git a/configure.ac b/configure.ac
-index 4638f99..6e44af2 100644
+index 6d1e2ba..6962d20 100644
--- a/configure.ac
+++ b/configure.ac
-@@ -1404,7 +1404,7 @@ AC_CHECK_FUNCS([atexit canonicalize_file_name clock_gettime ctermid \
+@@ -1397,7 +1397,7 @@ AC_CHECK_FUNCS([atexit canonicalize_file_name clock_gettime ctermid \
ftruncate funlockfile getaddrinfo getenv getpagesize \
getpwnam getpwuid getrlimit getrusage gettimeofday \
gmtime_r inet_ntop inet_pton isascii lstat memicmp \
diff --git a/debian/patches/debian-packaging/Always-build-common-status-codes.h-and-common-audit-event.patch b/debian/patches/debian-packaging/Always-build-common-status-codes.h-and-common-audit-event.patch
new file mode 100644
index 0000000..26d4fa9
--- /dev/null
+++ b/debian/patches/debian-packaging/Always-build-common-status-codes.h-and-common-audit-event.patch
@@ -0,0 +1,34 @@
+From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+Date: Thu, 16 May 2024 17:17:50 -0400
+Subject: Always build common/status-codes.h and common/audit-events.h
+
+This reduces our dependence on files injected into the upstream
+tarball.
+
+This addresses part of #1071202
+
+Forwarded: not-needed
+---
+ common/Makefile.am | 2 --
+ 1 file changed, 2 deletions(-)
+
+diff --git a/common/Makefile.am b/common/Makefile.am
+index 65ce35b..3ccc137 100644
+--- a/common/Makefile.am
++++ b/common/Makefile.am
+@@ -140,7 +140,6 @@ endif
+ libgpgrl_a_SOURCES = \
+ gpgrlhelp.c
+
+-if MAINTAINER_MODE
+ # Note: Due to the dependency on Makefile, the file will always be
+ # rebuilt, so we allow this only in maintainer mode.
+
+@@ -159,7 +158,6 @@ status-codes.h: Makefile.am mkstrtable.awk exstatus.awk status.h
+ $(AWK) -f $(srcdir)/exstatus.awk $(srcdir)/status.h \
+ | $(AWK) -f $(srcdir)/mkstrtable.awk -v textidx=3 -v nogettext=1 \
+ -v pkg_namespace=statusstr_ > $(srcdir)/status-codes.h
+-endif
+
+ #
+ # Module tests
diff --git a/debian/patches/debian-packaging/Build-regexp-against-debian-s-unicode-data-package.patch b/debian/patches/debian-packaging/Build-regexp-against-debian-s-unicode-data-package.patch
new file mode 100644
index 0000000..99f93ea
--- /dev/null
+++ b/debian/patches/debian-packaging/Build-regexp-against-debian-s-unicode-data-package.patch
@@ -0,0 +1,39 @@
+From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+Date: Thu, 16 May 2024 17:02:06 -0400
+Subject: Build regexp against debian's unicode-data package
+
+It should be simple enough to auto-generate the regexp table from
+stock UnicodeData.txt. Upstream doesn't seem inclined to keep it
+up-to-date, and using the stock debian package that ships it instead
+of upstream's stale version will take care of new case sensitivity
+issues automatically.
+
+This also reduces our dependence on material in the upstream tarball
+that differs from what is in upstream revision control.
+
+This addresses one part of #1071202.
+---
+ regexp/Makefile.am | 8 +++-----
+ 1 file changed, 3 insertions(+), 5 deletions(-)
+
+diff --git a/regexp/Makefile.am b/regexp/Makefile.am
+index 307aacf..035858e 100644
+--- a/regexp/Makefile.am
++++ b/regexp/Makefile.am
+@@ -27,13 +27,11 @@ AM_CFLAGS =
+ libregexp_a_SOURCES = jimregexp.h utf8.h jimregexp.c utf8.c
+ libregexp_a_CFLAGS = $(AM_CFLAGS)
+
+-EXTRA_DIST = parse-unidata.awk UnicodeData.txt _unicode_mapping.c
++EXTRA_DIST = parse-unidata.awk _unicode_mapping.c
+
+-if MAINTAINER_MODE
+ BUILT_SOURCES = _unicode_mapping.c
+ MAINTAINERCLEANFILES = _unicode_mapping.c
+
+-_unicode_mapping.c: parse-unidata.awk UnicodeData.txt
++_unicode_mapping.c: parse-unidata.awk
+ $(AWK) $(AWK_HEX_NUMBER_OPTION) -f $(srcdir)/parse-unidata.awk \
+- $(srcdir)/UnicodeData.txt >$@
+-endif
++ /usr/share/unicode/UnicodeData.txt >$@
diff --git a/debian/patches/dirmngr-idling/dirmngr-Avoid-automatically-checking-upstream-swdb.patch b/debian/patches/dirmngr-idling/dirmngr-Avoid-automatically-checking-upstream-swdb.patch
index 3cad551..b6cf8b7 100644
--- a/debian/patches/dirmngr-idling/dirmngr-Avoid-automatically-checking-upstream-swdb.patch
+++ b/debian/patches/dirmngr-idling/dirmngr-Avoid-automatically-checking-upstream-swdb.patch
@@ -15,10 +15,10 @@ Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 files changed, 4 insertions(+), 5 deletions(-)
diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c
-index c04a287..26d136d 100644
+index 0238359..c50905c 100644
--- a/dirmngr/dirmngr.c
+++ b/dirmngr/dirmngr.c
-@@ -2051,8 +2051,6 @@ housekeeping_thread (void *arg)
+@@ -2091,8 +2091,6 @@ housekeeping_thread (void *arg)
if (network_activity_seen)
{
network_activity_seen = 0;
@@ -28,10 +28,10 @@ index c04a287..26d136d 100644
}
else
diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi
-index d6ef375..ab831de 100644
+index f988fe2..39c0c45 100644
--- a/doc/dirmngr.texi
+++ b/doc/dirmngr.texi
-@@ -294,9 +294,10 @@ Set the size of the queue for pending connections. The default is 64.
+@@ -302,9 +302,10 @@ Set the size of the queue for pending connections. The default is 64.
@item --allow-version-check
@opindex allow-version-check
Allow Dirmngr to connect to @code{https://versions.gnupg.org} to get
diff --git a/debian/patches/dirmngr-idling/dirmngr-Avoid-need-for-hkp-housekeeping.patch b/debian/patches/dirmngr-idling/dirmngr-Avoid-need-for-hkp-housekeeping.patch
index d6df59f..6cd282f 100644
--- a/debian/patches/dirmngr-idling/dirmngr-Avoid-need-for-hkp-housekeeping.patch
+++ b/debian/patches/dirmngr-idling/dirmngr-Avoid-need-for-hkp-housekeeping.patch
@@ -30,10 +30,10 @@ Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
3 files changed, 35 insertions(+), 41 deletions(-)
diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c
-index e287194..c04a287 100644
+index 06ef22b..0238359 100644
--- a/dirmngr/dirmngr.c
+++ b/dirmngr/dirmngr.c
-@@ -2031,12 +2031,10 @@ static void *
+@@ -2071,12 +2071,10 @@ static void *
housekeeping_thread (void *arg)
{
static int sentinel;
@@ -46,7 +46,7 @@ index e287194..c04a287 100644
if (sentinel)
{
log_info ("housekeeping is already going on\n");
-@@ -2050,7 +2048,6 @@ housekeeping_thread (void *arg)
+@@ -2090,7 +2088,6 @@ housekeeping_thread (void *arg)
dirmngr_init_default_ctrl (&ctrlbuf);
dns_stuff_housekeeping ();
@@ -55,10 +55,10 @@ index e287194..c04a287 100644
{
network_activity_seen = 0;
diff --git a/dirmngr/dirmngr.h b/dirmngr/dirmngr.h
-index fed4599..0e1fbd9 100644
+index 07f0df8..48f293c 100644
--- a/dirmngr/dirmngr.h
+++ b/dirmngr/dirmngr.h
-@@ -234,7 +234,6 @@ int dirmngr_use_tor (void);
+@@ -250,7 +250,6 @@ int dirmngr_use_tor (void);
int dirmngr_never_use_tor_p (void);
/*-- Various housekeeping functions. --*/
@@ -67,7 +67,7 @@ index fed4599..0e1fbd9 100644
diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c
-index 5793f07..91f1c63 100644
+index bbd5a9d..8a95291 100644
--- a/dirmngr/ks-engine-hkp.c
+++ b/dirmngr/ks-engine-hkp.c
@@ -218,6 +218,24 @@ host_in_pool_p (hostinfo_t hi, int tblidx)
diff --git a/debian/patches/from-master/gpg-default-to-3072-bit-keys.patch b/debian/patches/from-master/gpg-default-to-3072-bit-keys.patch
index 59b0b13..e2d6710 100644
--- a/debian/patches/from-master/gpg-default-to-3072-bit-keys.patch
+++ b/debian/patches/from-master/gpg-default-to-3072-bit-keys.patch
@@ -25,7 +25,7 @@ Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
4 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/agent/command.c b/agent/command.c
-index b682c55..ea65290 100644
+index 940e017..4b3634f 100644
--- a/agent/command.c
+++ b/agent/command.c
@@ -843,7 +843,7 @@ static const char hlp_genkey[] =
@@ -38,10 +38,10 @@ index b682c55..ea65290 100644
" S: D (public-key\n"
" S: D (rsa (n 326487324683264) (e 10001)))\n"
diff --git a/doc/wks.texi b/doc/wks.texi
-index e398ccb..68ed117 100644
+index e8d026f..11bd1eb 100644
--- a/doc/wks.texi
+++ b/doc/wks.texi
-@@ -447,10 +447,10 @@ the submission address:
+@@ -457,10 +457,10 @@ the submission address:
The output of the last command looks similar to this:
@example
@@ -55,10 +55,10 @@ index e398ccb..68ed117 100644
Take the fingerprint from that output and manually publish the key:
diff --git a/g10/keygen.c b/g10/keygen.c
-index 80d65c4..5b4a785 100644
+index 52fd97a..1e9249e 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
-@@ -1436,7 +1436,7 @@ gen_elg (int algo, unsigned int nbits, KBNODE pub_root,
+@@ -1565,7 +1565,7 @@ gen_elg (int algo, unsigned int nbits, KBNODE pub_root,
if (nbits < 1024)
{
@@ -68,7 +68,7 @@ index 80d65c4..5b4a785 100644
}
else if (nbits > 4096)
diff --git a/g10/keyid.c b/g10/keyid.c
-index 69d85da..2987287 100644
+index 7823f0d..f0db298 100644
--- a/g10/keyid.c
+++ b/g10/keyid.c
@@ -73,7 +73,7 @@ pubkey_letter( int algo )
diff --git a/debian/patches/gpg-agent-idling/agent-Allow-threads-to-interrupt-main-select-loop-wi.patch b/debian/patches/gpg-agent-idling/agent-Allow-threads-to-interrupt-main-select-loop-wi.patch
index 2061327..8b9b105 100644
--- a/debian/patches/gpg-agent-idling/agent-Allow-threads-to-interrupt-main-select-loop-wi.patch
+++ b/debian/patches/gpg-agent-idling/agent-Allow-threads-to-interrupt-main-select-loop-wi.patch
@@ -21,10 +21,10 @@ Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 files changed, 17 insertions(+)
diff --git a/agent/agent.h b/agent/agent.h
-index 56e13ec..d1abf26 100644
+index d32b892..4195d0c 100644
--- a/agent/agent.h
+++ b/agent/agent.h
-@@ -391,6 +391,7 @@ void *get_agent_scd_notify_event (void);
+@@ -384,6 +384,7 @@ void *get_agent_scd_notify_event (void);
#endif
void agent_sighup_action (void);
int map_pk_openpgp_to_gcry (int openpgp_algo);
@@ -33,10 +33,10 @@ index 56e13ec..d1abf26 100644
/*-- command.c --*/
gpg_error_t agent_inq_pinentry_launched (ctrl_t ctrl, unsigned long pid,
diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
-index 309e87c..2882767 100644
+index 5002abe..7c26aa6 100644
--- a/agent/gpg-agent.c
+++ b/agent/gpg-agent.c
-@@ -462,6 +462,9 @@ static int have_homedir_inotify;
+@@ -459,6 +459,9 @@ static int have_homedir_inotify;
* works reliable. */
static int reliable_homedir_inotify;
@@ -46,7 +46,7 @@ index 309e87c..2882767 100644
/* Number of active connections. */
static int active_connections;
-@@ -2470,6 +2473,10 @@ handle_signal (int signo)
+@@ -2458,6 +2461,10 @@ handle_signal (int signo)
agent_sigusr2_action ();
break;
@@ -57,7 +57,7 @@ index 309e87c..2882767 100644
case SIGTERM:
if (!shutdown_pending)
log_info ("SIGTERM received - shutting down ...\n");
-@@ -2808,6 +2815,13 @@ start_connection_thread_ssh (void *arg)
+@@ -2796,6 +2803,13 @@ start_connection_thread_ssh (void *arg)
}
@@ -71,7 +71,7 @@ index 309e87c..2882767 100644
/* helper function for readability: test whether a given struct
timespec is set to all-zeros */
static inline int
-@@ -2877,8 +2891,10 @@ handle_connections (gnupg_fd_t listen_fd,
+@@ -2865,8 +2879,10 @@ handle_connections (gnupg_fd_t listen_fd,
npth_sigev_add (SIGUSR1);
npth_sigev_add (SIGUSR2);
npth_sigev_add (SIGINT);
diff --git a/debian/patches/gpg-agent-idling/agent-Avoid-scheduled-checks-on-socket-when-inotify-.patch b/debian/patches/gpg-agent-idling/agent-Avoid-scheduled-checks-on-socket-when-inotify-.patch
index 34a91c6..bcbe802 100644
--- a/debian/patches/gpg-agent-idling/agent-Avoid-scheduled-checks-on-socket-when-inotify-.patch
+++ b/debian/patches/gpg-agent-idling/agent-Avoid-scheduled-checks-on-socket-when-inotify-.patch
@@ -12,10 +12,10 @@ Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
1 file changed, 2 insertions(+)
diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
-index 0801449..45d2e87 100644
+index a0d597f..d18b181 100644
--- a/agent/gpg-agent.c
+++ b/agent/gpg-agent.c
-@@ -3044,6 +3044,8 @@ handle_connections (gnupg_fd_t listen_fd,
+@@ -3032,6 +3032,8 @@ handle_connections (gnupg_fd_t listen_fd,
/* avoid a fine-grained timer if we don't need one: */
timertbl[0].interval.tv_sec = need_tick () ? TIMERTICK_INTERVAL : 0;
diff --git a/debian/patches/gpg-agent-idling/agent-Avoid-tight-timer-tick-when-possible.patch b/debian/patches/gpg-agent-idling/agent-Avoid-tight-timer-tick-when-possible.patch
index 5630aa7..7bcac2a 100644
--- a/debian/patches/gpg-agent-idling/agent-Avoid-tight-timer-tick-when-possible.patch
+++ b/debian/patches/gpg-agent-idling/agent-Avoid-tight-timer-tick-when-possible.patch
@@ -26,7 +26,7 @@ Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 files changed, 29 insertions(+), 2 deletions(-)
diff --git a/agent/call-scd.c b/agent/call-scd.c
-index c5b95f4..762de82 100644
+index cd66070..c4c4cbe 100644
--- a/agent/call-scd.c
+++ b/agent/call-scd.c
@@ -414,6 +414,8 @@ start_scd (ctrl_t ctrl)
@@ -39,10 +39,10 @@ index c5b95f4..762de82 100644
leave:
xfree (abs_homedir);
diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
-index 2882767..0801449 100644
+index 7c26aa6..a0d597f 100644
--- a/agent/gpg-agent.c
+++ b/agent/gpg-agent.c
-@@ -2374,6 +2374,26 @@ create_directories (void)
+@@ -2362,6 +2362,26 @@ create_directories (void)
}
@@ -69,7 +69,7 @@ index 2882767..0801449 100644
/* This is the worker for the ticker. It is called every few seconds
and may only do fast operations. */
-@@ -2730,7 +2750,8 @@ do_start_connection_thread (ctrl_t ctrl)
+@@ -2718,7 +2738,8 @@ do_start_connection_thread (ctrl_t ctrl)
agent_deinit_default_ctrl (ctrl);
xfree (ctrl);
@@ -79,7 +79,7 @@ index 2882767..0801449 100644
return NULL;
}
-@@ -2810,7 +2831,8 @@ start_connection_thread_ssh (void *arg)
+@@ -2798,7 +2819,8 @@ start_connection_thread_ssh (void *arg)
agent_deinit_default_ctrl (ctrl);
xfree (ctrl);
@@ -89,7 +89,7 @@ index 2882767..0801449 100644
return NULL;
}
-@@ -3020,6 +3042,9 @@ handle_connections (gnupg_fd_t listen_fd,
+@@ -3008,6 +3030,9 @@ handle_connections (gnupg_fd_t listen_fd,
thus a simple assignment is fine to copy the entire set. */
read_fdset = fdset;
diff --git a/debian/patches/gpg-agent-idling/agent-Create-framework-of-scheduled-timers.patch b/debian/patches/gpg-agent-idling/agent-Create-framework-of-scheduled-timers.patch
index 5b6e1ff..317fc82 100644
--- a/debian/patches/gpg-agent-idling/agent-Create-framework-of-scheduled-timers.patch
+++ b/debian/patches/gpg-agent-idling/agent-Create-framework-of-scheduled-timers.patch
@@ -31,10 +31,10 @@ Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
1 file changed, 57 insertions(+), 27 deletions(-)
diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
-index 3f7aaae..309e87c 100644
+index d747707..5002abe 100644
--- a/agent/gpg-agent.c
+++ b/agent/gpg-agent.c
-@@ -2377,12 +2377,8 @@ create_directories (void)
+@@ -2365,12 +2365,8 @@ create_directories (void)
static void
handle_tick (void)
{
@@ -47,7 +47,7 @@ index 3f7aaae..309e87c 100644
/* Check whether the scdaemon has died and cleanup in this case. */
agent_scd_check_aliveness ();
-@@ -2402,15 +2398,6 @@ handle_tick (void)
+@@ -2390,15 +2386,6 @@ handle_tick (void)
}
#endif /*HAVE_W32_SYSTEM*/
@@ -63,7 +63,7 @@ index 3f7aaae..309e87c 100644
/* Need to check for expired cache entries. */
agent_cache_housekeeping ();
-@@ -2821,6 +2808,15 @@ start_connection_thread_ssh (void *arg)
+@@ -2809,6 +2796,15 @@ start_connection_thread_ssh (void *arg)
}
@@ -79,7 +79,7 @@ index 3f7aaae..309e87c 100644
/* Connection handler loop. Wait for connection requests and spawn a
thread after accepting a connection. */
static void
-@@ -2838,9 +2834,11 @@ handle_connections (gnupg_fd_t listen_fd,
+@@ -2826,9 +2822,11 @@ handle_connections (gnupg_fd_t listen_fd,
gnupg_fd_t fd;
int nfd;
int saved_errno;
@@ -91,7 +91,7 @@ index 3f7aaae..309e87c 100644
#ifdef HAVE_W32_SYSTEM
HANDLE events[2];
unsigned int events_set;
-@@ -2857,6 +2855,14 @@ handle_connections (gnupg_fd_t listen_fd,
+@@ -2845,6 +2843,14 @@ handle_connections (gnupg_fd_t listen_fd,
{ "browser", start_connection_thread_browser },
{ "ssh", start_connection_thread_ssh }
};
@@ -106,7 +106,7 @@ index 3f7aaae..309e87c 100644
ret = npth_attr_init(&tattr);
-@@ -2964,9 +2970,6 @@ handle_connections (gnupg_fd_t listen_fd,
+@@ -2952,9 +2958,6 @@ handle_connections (gnupg_fd_t listen_fd,
listentbl[2].l_fd = listen_fd_browser;
listentbl[3].l_fd = listen_fd_ssh;
@@ -116,7 +116,7 @@ index 3f7aaae..309e87c 100644
for (;;)
{
/* Shutdown test. */
-@@ -3001,18 +3004,46 @@ handle_connections (gnupg_fd_t listen_fd,
+@@ -2989,18 +2992,46 @@ handle_connections (gnupg_fd_t listen_fd,
thus a simple assignment is fine to copy the entire set. */
read_fdset = fdset;
@@ -172,7 +172,7 @@ index 3f7aaae..309e87c 100644
npth_sigev_sigmask ());
saved_errno = errno;
-@@ -3022,7 +3053,7 @@ handle_connections (gnupg_fd_t listen_fd,
+@@ -3010,7 +3041,7 @@ handle_connections (gnupg_fd_t listen_fd,
handle_signal (signo);
}
#else
@@ -181,7 +181,7 @@ index 3f7aaae..309e87c 100644
events, &events_set);
saved_errno = errno;
-@@ -3067,7 +3098,6 @@ handle_connections (gnupg_fd_t listen_fd,
+@@ -3055,7 +3086,6 @@ handle_connections (gnupg_fd_t listen_fd,
if (!shutdown_pending)
{
diff --git a/debian/patches/gpg-drop-import-clean-from-default-keyserver-import-optio.patch b/debian/patches/gpg-drop-import-clean-from-default-keyserver-import-optio.patch
index 29667b7..f9fef2c 100644
--- a/debian/patches/gpg-drop-import-clean-from-default-keyserver-import-optio.patch
+++ b/debian/patches/gpg-drop-import-clean-from-default-keyserver-import-optio.patch
@@ -21,10 +21,10 @@ Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 files changed, 2 insertions(+), 3 deletions(-)
diff --git a/doc/gpg.texi b/doc/gpg.texi
-index 39c996b..fd0baab 100644
+index d1142a3..b658253 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
-@@ -2005,7 +2005,7 @@ are available for all keyserver types, some common options are:
+@@ -2048,7 +2048,7 @@ are available for all keyserver types, some common options are:
@end table
@@ -34,10 +34,10 @@ index 39c996b..fd0baab 100644
honor-pka-record". However, if
the actual used source is an LDAP server "no-self-sigs-only" is
diff --git a/g10/gpg.c b/g10/gpg.c
-index bd65612..d77c757 100644
+index 2296351..a75d0b8 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
-@@ -2383,8 +2383,7 @@ main (int argc, char **argv)
+@@ -2414,8 +2414,7 @@ main (int argc, char **argv)
opt.export_options = EXPORT_ATTRIBUTES;
opt.keyserver_options.import_options = (IMPORT_REPAIR_KEYS
| IMPORT_REPAIR_PKS_SUBKEY_BUG
diff --git a/debian/patches/import-merge-without-userid/gpg-accept-subkeys-with-a-good-revocation-but-no-self-sig.patch b/debian/patches/import-merge-without-userid/gpg-accept-subkeys-with-a-good-revocation-but-no-self-sig.patch
index e23ffe6..d0fbbb3 100644
--- a/debian/patches/import-merge-without-userid/gpg-accept-subkeys-with-a-good-revocation-but-no-self-sig.patch
+++ b/debian/patches/import-merge-without-userid/gpg-accept-subkeys-with-a-good-revocation-but-no-self-sig.patch
@@ -19,10 +19,10 @@ Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
1 file changed, 1 insertion(+)
diff --git a/g10/import.c b/g10/import.c
-index 078a78c..c070399 100644
+index 59c83f7..abea0f2 100644
--- a/g10/import.c
+++ b/g10/import.c
-@@ -3677,6 +3677,7 @@ chk_self_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid, int *non_self)
+@@ -3702,6 +3702,7 @@ chk_self_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid, int *non_self)
/* It's valid, so is it newer? */
if (sig->timestamp >= rsdate)
{
diff --git a/debian/patches/series b/debian/patches/series
index 817bb72..2624980 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -23,6 +23,8 @@ gpg-drop-import-clean-from-default-keyserver-import-optio.patch
from-master/common-Use-gnupg_spawn_process_fd-to-invoke-gpg-agent-dir.patch
from-master/common-Fix-the-previous-commit.patch
from-master/build-Use-LDAP_DEPRECATED-to-detect-ldap-library.patch
+debian-packaging/Build-regexp-against-debian-s-unicode-data-package.patch
+debian-packaging/Always-build-common-status-codes.h-and-common-audit-event.patch
progress-linux/0001-gpgsm-default-to-4096-bit-keys.patch
progress-linux/0002-gpg-default-to-4096-bit-keys.patch
progress-linux/0003-gpg-default-key-to-ed25519.patch
diff --git a/debian/patches/update-defaults/gpg-Prefer-SHA-512-and-SHA-384-in-personal-digest.patch b/debian/patches/update-defaults/gpg-Prefer-SHA-512-and-SHA-384-in-personal-digest.patch
index bdb33f9..d56a65d 100644
--- a/debian/patches/update-defaults/gpg-Prefer-SHA-512-and-SHA-384-in-personal-digest.patch
+++ b/debian/patches/update-defaults/gpg-Prefer-SHA-512-and-SHA-384-in-personal-digest.patch
@@ -19,10 +19,10 @@ Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/g10/keygen.c b/g10/keygen.c
-index 5b4a785..2066bf1 100644
+index 1e9249e..6612352 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
-@@ -391,16 +391,16 @@ keygen_set_std_prefs (const char *string,int personal)
+@@ -406,16 +406,16 @@ keygen_set_std_prefs (const char *string,int personal)
if (personal)
{
/* The default internal hash algo order is:
diff --git a/debian/rules b/debian/rules
index bf8fe12..97ce206 100755
--- a/debian/rules
+++ b/debian/rules
@@ -91,6 +91,7 @@ override_dh_auto_build-indep:
cd build-gpgv-win32/common && $(WIN32_FLAGS) $(MAKE) libgpgrl.a
cd build-gpgv-win32/common && $(WIN32_FLAGS) $(MAKE) libsimple-pwquery.a
cd build-gpgv-win32/kbx && $(WIN32_FLAGS) $(MAKE) libkeybox.a
+ cd build-gpgv-win32/regexp && $(WIN32_FLAGS) $(MAKE) _unicode_mapping.c
cd build-gpgv-win32/regexp && $(WIN32_FLAGS) $(MAKE) libregexp.a
cd build-gpgv-win32/g10 && $(WIN32_FLAGS) $(MAKE) gpgv.exe
strip build-gpgv-win32/g10/gpgv.exe
@@ -104,6 +105,9 @@ override_dh_shlibdeps:
dpkg-shlibdeps -Tdebian/dirmngr.substvars -dRecommends debian/dirmngr/usr/lib/gnupg/dirmngr_ldap -dDepends debian/dirmngr/usr/bin/dirmngr*
dh_shlibdeps -Ndirmngr
+execute_before_dh_autoreconf:
+ echo "Developer change history can be found in the source tarball. See NEWS for high-level changes." > ChangeLog
+
# visualizations of package dependencies:
debian/%.png: debian/%.dot
dot -T png -o $@ $<