diff options
19 files changed, 152 insertions, 53 deletions
diff --git a/debian/changelog b/debian/changelog index e9f59f4..7a5bc49 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,12 @@ +gnupg2 (2.2.43-4) unstable; urgency=medium + + * Stop shipping upstream ChangeLog (/usr/share/doc/*/changelog.gz) + * Use debian standard UnicodeData.txt + * Refresh patches + * Rebuild generated header files in common/ + + -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 16 May 2024 17:23:01 -0400 + gnupg2 (2.2.43-3~progress7.99u1) graograman-backports; urgency=medium * Uploading to graograman-backports, remaining changes: diff --git a/debian/clean b/debian/clean index 2a2c7cf..d0d7c31 100644 --- a/debian/clean +++ b/debian/clean @@ -10,3 +10,8 @@ doc/gnupg.info-2 doc/gnupg.info-3 doc/*.pdf doc/*.png +ChangeLog +regexp/_unicode_mapping.c +regexp/UnicodeData.txt +common/audit-events.h +common/status-codes.h diff --git a/debian/control b/debian/control index 1d434da..2ef0254 100644 --- a/debian/control +++ b/debian/control @@ -32,6 +32,7 @@ Build-Depends: libusb-1.0-0-dev [!hurd-any], openssh-client <!nocheck>, pkgconf, + unicode-data, texinfo <!nodoc>, zlib1g-dev | libz-dev, Build-Depends-Indep: diff --git a/debian/gbp.conf b/debian/gbp.conf index dae894c..51eb915 100644 --- a/debian/gbp.conf +++ b/debian/gbp.conf @@ -14,6 +14,7 @@ filter = [ 'build-aux/missing', 'build-aux/mkinstalldirs', 'build-aux/texinfo.tex', + 'ChangeLog', 'config.h.in', 'configure', 'doc/gnupg.info*', @@ -34,6 +35,10 @@ filter = [ 'po/*.gmo', 'po/Makefile.in.in', 'po/stamp-po', + 'regexp/_unicode_mapping.c', + 'regexp/UnicodeData.txt', + 'common/audit-events.h', + 'common/status-codes.h', ] filter-pristine-tar = False diff --git a/debian/patches/block-ptrace-on-secret-daemons/Avoid-simple-memory-dumps-via-ptrace.patch b/debian/patches/block-ptrace-on-secret-daemons/Avoid-simple-memory-dumps-via-ptrace.patch index 4f4b07d..5561fae 100644 --- a/debian/patches/block-ptrace-on-secret-daemons/Avoid-simple-memory-dumps-via-ptrace.patch +++ b/debian/patches/block-ptrace-on-secret-daemons/Avoid-simple-memory-dumps-via-ptrace.patch @@ -22,7 +22,7 @@ Upstream bug: https://dev.gnupg.org/T1211 3 files changed, 18 insertions(+), 1 deletion(-) diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c -index 53b86dd..3f7aaae 100644 +index c3b71b0..d747707 100644 --- a/agent/gpg-agent.c +++ b/agent/gpg-agent.c @@ -50,6 +50,9 @@ @@ -35,7 +35,7 @@ index 53b86dd..3f7aaae 100644 #define INCLUDED_BY_MAIN_MODULE 1 #define GNUPG_COMMON_NEED_AFLOCAL -@@ -1078,6 +1081,11 @@ main (int argc, char **argv ) +@@ -1066,6 +1069,11 @@ main (int argc, char **argv ) early_system_init (); @@ -48,10 +48,10 @@ index 53b86dd..3f7aaae 100644 file descriptors and the signal mask. This info is required to do the exec call properly. We don't need it on Windows. */ diff --git a/configure.ac b/configure.ac -index 4638f99..6e44af2 100644 +index 6d1e2ba..6962d20 100644 --- a/configure.ac +++ b/configure.ac -@@ -1404,7 +1404,7 @@ AC_CHECK_FUNCS([atexit canonicalize_file_name clock_gettime ctermid \ +@@ -1397,7 +1397,7 @@ AC_CHECK_FUNCS([atexit canonicalize_file_name clock_gettime ctermid \ ftruncate funlockfile getaddrinfo getenv getpagesize \ getpwnam getpwuid getrlimit getrusage gettimeofday \ gmtime_r inet_ntop inet_pton isascii lstat memicmp \ diff --git a/debian/patches/debian-packaging/Always-build-common-status-codes.h-and-common-audit-event.patch b/debian/patches/debian-packaging/Always-build-common-status-codes.h-and-common-audit-event.patch new file mode 100644 index 0000000..26d4fa9 --- /dev/null +++ b/debian/patches/debian-packaging/Always-build-common-status-codes.h-and-common-audit-event.patch @@ -0,0 +1,34 @@ +From: Daniel Kahn Gillmor <dkg@fifthhorseman.net> +Date: Thu, 16 May 2024 17:17:50 -0400 +Subject: Always build common/status-codes.h and common/audit-events.h + +This reduces our dependence on files injected into the upstream +tarball. + +This addresses part of #1071202 + +Forwarded: not-needed +--- + common/Makefile.am | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/common/Makefile.am b/common/Makefile.am +index 65ce35b..3ccc137 100644 +--- a/common/Makefile.am ++++ b/common/Makefile.am +@@ -140,7 +140,6 @@ endif + libgpgrl_a_SOURCES = \ + gpgrlhelp.c + +-if MAINTAINER_MODE + # Note: Due to the dependency on Makefile, the file will always be + # rebuilt, so we allow this only in maintainer mode. + +@@ -159,7 +158,6 @@ status-codes.h: Makefile.am mkstrtable.awk exstatus.awk status.h + $(AWK) -f $(srcdir)/exstatus.awk $(srcdir)/status.h \ + | $(AWK) -f $(srcdir)/mkstrtable.awk -v textidx=3 -v nogettext=1 \ + -v pkg_namespace=statusstr_ > $(srcdir)/status-codes.h +-endif + + # + # Module tests diff --git a/debian/patches/debian-packaging/Build-regexp-against-debian-s-unicode-data-package.patch b/debian/patches/debian-packaging/Build-regexp-against-debian-s-unicode-data-package.patch new file mode 100644 index 0000000..99f93ea --- /dev/null +++ b/debian/patches/debian-packaging/Build-regexp-against-debian-s-unicode-data-package.patch @@ -0,0 +1,39 @@ +From: Daniel Kahn Gillmor <dkg@fifthhorseman.net> +Date: Thu, 16 May 2024 17:02:06 -0400 +Subject: Build regexp against debian's unicode-data package + +It should be simple enough to auto-generate the regexp table from +stock UnicodeData.txt. Upstream doesn't seem inclined to keep it +up-to-date, and using the stock debian package that ships it instead +of upstream's stale version will take care of new case sensitivity +issues automatically. + +This also reduces our dependence on material in the upstream tarball +that differs from what is in upstream revision control. + +This addresses one part of #1071202. +--- + regexp/Makefile.am | 8 +++----- + 1 file changed, 3 insertions(+), 5 deletions(-) + +diff --git a/regexp/Makefile.am b/regexp/Makefile.am +index 307aacf..035858e 100644 +--- a/regexp/Makefile.am ++++ b/regexp/Makefile.am +@@ -27,13 +27,11 @@ AM_CFLAGS = + libregexp_a_SOURCES = jimregexp.h utf8.h jimregexp.c utf8.c + libregexp_a_CFLAGS = $(AM_CFLAGS) + +-EXTRA_DIST = parse-unidata.awk UnicodeData.txt _unicode_mapping.c ++EXTRA_DIST = parse-unidata.awk _unicode_mapping.c + +-if MAINTAINER_MODE + BUILT_SOURCES = _unicode_mapping.c + MAINTAINERCLEANFILES = _unicode_mapping.c + +-_unicode_mapping.c: parse-unidata.awk UnicodeData.txt ++_unicode_mapping.c: parse-unidata.awk + $(AWK) $(AWK_HEX_NUMBER_OPTION) -f $(srcdir)/parse-unidata.awk \ +- $(srcdir)/UnicodeData.txt >$@ +-endif ++ /usr/share/unicode/UnicodeData.txt >$@ diff --git a/debian/patches/dirmngr-idling/dirmngr-Avoid-automatically-checking-upstream-swdb.patch b/debian/patches/dirmngr-idling/dirmngr-Avoid-automatically-checking-upstream-swdb.patch index 3cad551..b6cf8b7 100644 --- a/debian/patches/dirmngr-idling/dirmngr-Avoid-automatically-checking-upstream-swdb.patch +++ b/debian/patches/dirmngr-idling/dirmngr-Avoid-automatically-checking-upstream-swdb.patch @@ -15,10 +15,10 @@ Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c -index c04a287..26d136d 100644 +index 0238359..c50905c 100644 --- a/dirmngr/dirmngr.c +++ b/dirmngr/dirmngr.c -@@ -2051,8 +2051,6 @@ housekeeping_thread (void *arg) +@@ -2091,8 +2091,6 @@ housekeeping_thread (void *arg) if (network_activity_seen) { network_activity_seen = 0; @@ -28,10 +28,10 @@ index c04a287..26d136d 100644 } else diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi -index d6ef375..ab831de 100644 +index f988fe2..39c0c45 100644 --- a/doc/dirmngr.texi +++ b/doc/dirmngr.texi -@@ -294,9 +294,10 @@ Set the size of the queue for pending connections. The default is 64. +@@ -302,9 +302,10 @@ Set the size of the queue for pending connections. The default is 64. @item --allow-version-check @opindex allow-version-check Allow Dirmngr to connect to @code{https://versions.gnupg.org} to get diff --git a/debian/patches/dirmngr-idling/dirmngr-Avoid-need-for-hkp-housekeeping.patch b/debian/patches/dirmngr-idling/dirmngr-Avoid-need-for-hkp-housekeeping.patch index d6df59f..6cd282f 100644 --- a/debian/patches/dirmngr-idling/dirmngr-Avoid-need-for-hkp-housekeeping.patch +++ b/debian/patches/dirmngr-idling/dirmngr-Avoid-need-for-hkp-housekeeping.patch @@ -30,10 +30,10 @@ Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> 3 files changed, 35 insertions(+), 41 deletions(-) diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c -index e287194..c04a287 100644 +index 06ef22b..0238359 100644 --- a/dirmngr/dirmngr.c +++ b/dirmngr/dirmngr.c -@@ -2031,12 +2031,10 @@ static void * +@@ -2071,12 +2071,10 @@ static void * housekeeping_thread (void *arg) { static int sentinel; @@ -46,7 +46,7 @@ index e287194..c04a287 100644 if (sentinel) { log_info ("housekeeping is already going on\n"); -@@ -2050,7 +2048,6 @@ housekeeping_thread (void *arg) +@@ -2090,7 +2088,6 @@ housekeeping_thread (void *arg) dirmngr_init_default_ctrl (&ctrlbuf); dns_stuff_housekeeping (); @@ -55,10 +55,10 @@ index e287194..c04a287 100644 { network_activity_seen = 0; diff --git a/dirmngr/dirmngr.h b/dirmngr/dirmngr.h -index fed4599..0e1fbd9 100644 +index 07f0df8..48f293c 100644 --- a/dirmngr/dirmngr.h +++ b/dirmngr/dirmngr.h -@@ -234,7 +234,6 @@ int dirmngr_use_tor (void); +@@ -250,7 +250,6 @@ int dirmngr_use_tor (void); int dirmngr_never_use_tor_p (void); /*-- Various housekeeping functions. --*/ @@ -67,7 +67,7 @@ index fed4599..0e1fbd9 100644 diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c -index 5793f07..91f1c63 100644 +index bbd5a9d..8a95291 100644 --- a/dirmngr/ks-engine-hkp.c +++ b/dirmngr/ks-engine-hkp.c @@ -218,6 +218,24 @@ host_in_pool_p (hostinfo_t hi, int tblidx) diff --git a/debian/patches/from-master/gpg-default-to-3072-bit-keys.patch b/debian/patches/from-master/gpg-default-to-3072-bit-keys.patch index 59b0b13..e2d6710 100644 --- a/debian/patches/from-master/gpg-default-to-3072-bit-keys.patch +++ b/debian/patches/from-master/gpg-default-to-3072-bit-keys.patch @@ -25,7 +25,7 @@ Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/agent/command.c b/agent/command.c -index b682c55..ea65290 100644 +index 940e017..4b3634f 100644 --- a/agent/command.c +++ b/agent/command.c @@ -843,7 +843,7 @@ static const char hlp_genkey[] = @@ -38,10 +38,10 @@ index b682c55..ea65290 100644 " S: D (public-key\n" " S: D (rsa (n 326487324683264) (e 10001)))\n" diff --git a/doc/wks.texi b/doc/wks.texi -index e398ccb..68ed117 100644 +index e8d026f..11bd1eb 100644 --- a/doc/wks.texi +++ b/doc/wks.texi -@@ -447,10 +447,10 @@ the submission address: +@@ -457,10 +457,10 @@ the submission address: The output of the last command looks similar to this: @example @@ -55,10 +55,10 @@ index e398ccb..68ed117 100644 Take the fingerprint from that output and manually publish the key: diff --git a/g10/keygen.c b/g10/keygen.c -index 80d65c4..5b4a785 100644 +index 52fd97a..1e9249e 100644 --- a/g10/keygen.c +++ b/g10/keygen.c -@@ -1436,7 +1436,7 @@ gen_elg (int algo, unsigned int nbits, KBNODE pub_root, +@@ -1565,7 +1565,7 @@ gen_elg (int algo, unsigned int nbits, KBNODE pub_root, if (nbits < 1024) { @@ -68,7 +68,7 @@ index 80d65c4..5b4a785 100644 } else if (nbits > 4096) diff --git a/g10/keyid.c b/g10/keyid.c -index 69d85da..2987287 100644 +index 7823f0d..f0db298 100644 --- a/g10/keyid.c +++ b/g10/keyid.c @@ -73,7 +73,7 @@ pubkey_letter( int algo ) diff --git a/debian/patches/gpg-agent-idling/agent-Allow-threads-to-interrupt-main-select-loop-wi.patch b/debian/patches/gpg-agent-idling/agent-Allow-threads-to-interrupt-main-select-loop-wi.patch index 2061327..8b9b105 100644 --- a/debian/patches/gpg-agent-idling/agent-Allow-threads-to-interrupt-main-select-loop-wi.patch +++ b/debian/patches/gpg-agent-idling/agent-Allow-threads-to-interrupt-main-select-loop-wi.patch @@ -21,10 +21,10 @@ Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> 2 files changed, 17 insertions(+) diff --git a/agent/agent.h b/agent/agent.h -index 56e13ec..d1abf26 100644 +index d32b892..4195d0c 100644 --- a/agent/agent.h +++ b/agent/agent.h -@@ -391,6 +391,7 @@ void *get_agent_scd_notify_event (void); +@@ -384,6 +384,7 @@ void *get_agent_scd_notify_event (void); #endif void agent_sighup_action (void); int map_pk_openpgp_to_gcry (int openpgp_algo); @@ -33,10 +33,10 @@ index 56e13ec..d1abf26 100644 /*-- command.c --*/ gpg_error_t agent_inq_pinentry_launched (ctrl_t ctrl, unsigned long pid, diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c -index 309e87c..2882767 100644 +index 5002abe..7c26aa6 100644 --- a/agent/gpg-agent.c +++ b/agent/gpg-agent.c -@@ -462,6 +462,9 @@ static int have_homedir_inotify; +@@ -459,6 +459,9 @@ static int have_homedir_inotify; * works reliable. */ static int reliable_homedir_inotify; @@ -46,7 +46,7 @@ index 309e87c..2882767 100644 /* Number of active connections. */ static int active_connections; -@@ -2470,6 +2473,10 @@ handle_signal (int signo) +@@ -2458,6 +2461,10 @@ handle_signal (int signo) agent_sigusr2_action (); break; @@ -57,7 +57,7 @@ index 309e87c..2882767 100644 case SIGTERM: if (!shutdown_pending) log_info ("SIGTERM received - shutting down ...\n"); -@@ -2808,6 +2815,13 @@ start_connection_thread_ssh (void *arg) +@@ -2796,6 +2803,13 @@ start_connection_thread_ssh (void *arg) } @@ -71,7 +71,7 @@ index 309e87c..2882767 100644 /* helper function for readability: test whether a given struct timespec is set to all-zeros */ static inline int -@@ -2877,8 +2891,10 @@ handle_connections (gnupg_fd_t listen_fd, +@@ -2865,8 +2879,10 @@ handle_connections (gnupg_fd_t listen_fd, npth_sigev_add (SIGUSR1); npth_sigev_add (SIGUSR2); npth_sigev_add (SIGINT); diff --git a/debian/patches/gpg-agent-idling/agent-Avoid-scheduled-checks-on-socket-when-inotify-.patch b/debian/patches/gpg-agent-idling/agent-Avoid-scheduled-checks-on-socket-when-inotify-.patch index 34a91c6..bcbe802 100644 --- a/debian/patches/gpg-agent-idling/agent-Avoid-scheduled-checks-on-socket-when-inotify-.patch +++ b/debian/patches/gpg-agent-idling/agent-Avoid-scheduled-checks-on-socket-when-inotify-.patch @@ -12,10 +12,10 @@ Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> 1 file changed, 2 insertions(+) diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c -index 0801449..45d2e87 100644 +index a0d597f..d18b181 100644 --- a/agent/gpg-agent.c +++ b/agent/gpg-agent.c -@@ -3044,6 +3044,8 @@ handle_connections (gnupg_fd_t listen_fd, +@@ -3032,6 +3032,8 @@ handle_connections (gnupg_fd_t listen_fd, /* avoid a fine-grained timer if we don't need one: */ timertbl[0].interval.tv_sec = need_tick () ? TIMERTICK_INTERVAL : 0; diff --git a/debian/patches/gpg-agent-idling/agent-Avoid-tight-timer-tick-when-possible.patch b/debian/patches/gpg-agent-idling/agent-Avoid-tight-timer-tick-when-possible.patch index 5630aa7..7bcac2a 100644 --- a/debian/patches/gpg-agent-idling/agent-Avoid-tight-timer-tick-when-possible.patch +++ b/debian/patches/gpg-agent-idling/agent-Avoid-tight-timer-tick-when-possible.patch @@ -26,7 +26,7 @@ Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> 2 files changed, 29 insertions(+), 2 deletions(-) diff --git a/agent/call-scd.c b/agent/call-scd.c -index c5b95f4..762de82 100644 +index cd66070..c4c4cbe 100644 --- a/agent/call-scd.c +++ b/agent/call-scd.c @@ -414,6 +414,8 @@ start_scd (ctrl_t ctrl) @@ -39,10 +39,10 @@ index c5b95f4..762de82 100644 leave: xfree (abs_homedir); diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c -index 2882767..0801449 100644 +index 7c26aa6..a0d597f 100644 --- a/agent/gpg-agent.c +++ b/agent/gpg-agent.c -@@ -2374,6 +2374,26 @@ create_directories (void) +@@ -2362,6 +2362,26 @@ create_directories (void) } @@ -69,7 +69,7 @@ index 2882767..0801449 100644 /* This is the worker for the ticker. It is called every few seconds and may only do fast operations. */ -@@ -2730,7 +2750,8 @@ do_start_connection_thread (ctrl_t ctrl) +@@ -2718,7 +2738,8 @@ do_start_connection_thread (ctrl_t ctrl) agent_deinit_default_ctrl (ctrl); xfree (ctrl); @@ -79,7 +79,7 @@ index 2882767..0801449 100644 return NULL; } -@@ -2810,7 +2831,8 @@ start_connection_thread_ssh (void *arg) +@@ -2798,7 +2819,8 @@ start_connection_thread_ssh (void *arg) agent_deinit_default_ctrl (ctrl); xfree (ctrl); @@ -89,7 +89,7 @@ index 2882767..0801449 100644 return NULL; } -@@ -3020,6 +3042,9 @@ handle_connections (gnupg_fd_t listen_fd, +@@ -3008,6 +3030,9 @@ handle_connections (gnupg_fd_t listen_fd, thus a simple assignment is fine to copy the entire set. */ read_fdset = fdset; diff --git a/debian/patches/gpg-agent-idling/agent-Create-framework-of-scheduled-timers.patch b/debian/patches/gpg-agent-idling/agent-Create-framework-of-scheduled-timers.patch index 5b6e1ff..317fc82 100644 --- a/debian/patches/gpg-agent-idling/agent-Create-framework-of-scheduled-timers.patch +++ b/debian/patches/gpg-agent-idling/agent-Create-framework-of-scheduled-timers.patch @@ -31,10 +31,10 @@ Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> 1 file changed, 57 insertions(+), 27 deletions(-) diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c -index 3f7aaae..309e87c 100644 +index d747707..5002abe 100644 --- a/agent/gpg-agent.c +++ b/agent/gpg-agent.c -@@ -2377,12 +2377,8 @@ create_directories (void) +@@ -2365,12 +2365,8 @@ create_directories (void) static void handle_tick (void) { @@ -47,7 +47,7 @@ index 3f7aaae..309e87c 100644 /* Check whether the scdaemon has died and cleanup in this case. */ agent_scd_check_aliveness (); -@@ -2402,15 +2398,6 @@ handle_tick (void) +@@ -2390,15 +2386,6 @@ handle_tick (void) } #endif /*HAVE_W32_SYSTEM*/ @@ -63,7 +63,7 @@ index 3f7aaae..309e87c 100644 /* Need to check for expired cache entries. */ agent_cache_housekeeping (); -@@ -2821,6 +2808,15 @@ start_connection_thread_ssh (void *arg) +@@ -2809,6 +2796,15 @@ start_connection_thread_ssh (void *arg) } @@ -79,7 +79,7 @@ index 3f7aaae..309e87c 100644 /* Connection handler loop. Wait for connection requests and spawn a thread after accepting a connection. */ static void -@@ -2838,9 +2834,11 @@ handle_connections (gnupg_fd_t listen_fd, +@@ -2826,9 +2822,11 @@ handle_connections (gnupg_fd_t listen_fd, gnupg_fd_t fd; int nfd; int saved_errno; @@ -91,7 +91,7 @@ index 3f7aaae..309e87c 100644 #ifdef HAVE_W32_SYSTEM HANDLE events[2]; unsigned int events_set; -@@ -2857,6 +2855,14 @@ handle_connections (gnupg_fd_t listen_fd, +@@ -2845,6 +2843,14 @@ handle_connections (gnupg_fd_t listen_fd, { "browser", start_connection_thread_browser }, { "ssh", start_connection_thread_ssh } }; @@ -106,7 +106,7 @@ index 3f7aaae..309e87c 100644 ret = npth_attr_init(&tattr); -@@ -2964,9 +2970,6 @@ handle_connections (gnupg_fd_t listen_fd, +@@ -2952,9 +2958,6 @@ handle_connections (gnupg_fd_t listen_fd, listentbl[2].l_fd = listen_fd_browser; listentbl[3].l_fd = listen_fd_ssh; @@ -116,7 +116,7 @@ index 3f7aaae..309e87c 100644 for (;;) { /* Shutdown test. */ -@@ -3001,18 +3004,46 @@ handle_connections (gnupg_fd_t listen_fd, +@@ -2989,18 +2992,46 @@ handle_connections (gnupg_fd_t listen_fd, thus a simple assignment is fine to copy the entire set. */ read_fdset = fdset; @@ -172,7 +172,7 @@ index 3f7aaae..309e87c 100644 npth_sigev_sigmask ()); saved_errno = errno; -@@ -3022,7 +3053,7 @@ handle_connections (gnupg_fd_t listen_fd, +@@ -3010,7 +3041,7 @@ handle_connections (gnupg_fd_t listen_fd, handle_signal (signo); } #else @@ -181,7 +181,7 @@ index 3f7aaae..309e87c 100644 events, &events_set); saved_errno = errno; -@@ -3067,7 +3098,6 @@ handle_connections (gnupg_fd_t listen_fd, +@@ -3055,7 +3086,6 @@ handle_connections (gnupg_fd_t listen_fd, if (!shutdown_pending) { diff --git a/debian/patches/gpg-drop-import-clean-from-default-keyserver-import-optio.patch b/debian/patches/gpg-drop-import-clean-from-default-keyserver-import-optio.patch index 29667b7..f9fef2c 100644 --- a/debian/patches/gpg-drop-import-clean-from-default-keyserver-import-optio.patch +++ b/debian/patches/gpg-drop-import-clean-from-default-keyserver-import-optio.patch @@ -21,10 +21,10 @@ Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/doc/gpg.texi b/doc/gpg.texi -index 39c996b..fd0baab 100644 +index d1142a3..b658253 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi -@@ -2005,7 +2005,7 @@ are available for all keyserver types, some common options are: +@@ -2048,7 +2048,7 @@ are available for all keyserver types, some common options are: @end table @@ -34,10 +34,10 @@ index 39c996b..fd0baab 100644 honor-pka-record". However, if the actual used source is an LDAP server "no-self-sigs-only" is diff --git a/g10/gpg.c b/g10/gpg.c -index bd65612..d77c757 100644 +index 2296351..a75d0b8 100644 --- a/g10/gpg.c +++ b/g10/gpg.c -@@ -2383,8 +2383,7 @@ main (int argc, char **argv) +@@ -2414,8 +2414,7 @@ main (int argc, char **argv) opt.export_options = EXPORT_ATTRIBUTES; opt.keyserver_options.import_options = (IMPORT_REPAIR_KEYS | IMPORT_REPAIR_PKS_SUBKEY_BUG diff --git a/debian/patches/import-merge-without-userid/gpg-accept-subkeys-with-a-good-revocation-but-no-self-sig.patch b/debian/patches/import-merge-without-userid/gpg-accept-subkeys-with-a-good-revocation-but-no-self-sig.patch index e23ffe6..d0fbbb3 100644 --- a/debian/patches/import-merge-without-userid/gpg-accept-subkeys-with-a-good-revocation-but-no-self-sig.patch +++ b/debian/patches/import-merge-without-userid/gpg-accept-subkeys-with-a-good-revocation-but-no-self-sig.patch @@ -19,10 +19,10 @@ Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> 1 file changed, 1 insertion(+) diff --git a/g10/import.c b/g10/import.c -index 078a78c..c070399 100644 +index 59c83f7..abea0f2 100644 --- a/g10/import.c +++ b/g10/import.c -@@ -3677,6 +3677,7 @@ chk_self_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid, int *non_self) +@@ -3702,6 +3702,7 @@ chk_self_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid, int *non_self) /* It's valid, so is it newer? */ if (sig->timestamp >= rsdate) { diff --git a/debian/patches/series b/debian/patches/series index 817bb72..2624980 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -23,6 +23,8 @@ gpg-drop-import-clean-from-default-keyserver-import-optio.patch from-master/common-Use-gnupg_spawn_process_fd-to-invoke-gpg-agent-dir.patch from-master/common-Fix-the-previous-commit.patch from-master/build-Use-LDAP_DEPRECATED-to-detect-ldap-library.patch +debian-packaging/Build-regexp-against-debian-s-unicode-data-package.patch +debian-packaging/Always-build-common-status-codes.h-and-common-audit-event.patch progress-linux/0001-gpgsm-default-to-4096-bit-keys.patch progress-linux/0002-gpg-default-to-4096-bit-keys.patch progress-linux/0003-gpg-default-key-to-ed25519.patch diff --git a/debian/patches/update-defaults/gpg-Prefer-SHA-512-and-SHA-384-in-personal-digest.patch b/debian/patches/update-defaults/gpg-Prefer-SHA-512-and-SHA-384-in-personal-digest.patch index bdb33f9..d56a65d 100644 --- a/debian/patches/update-defaults/gpg-Prefer-SHA-512-and-SHA-384-in-personal-digest.patch +++ b/debian/patches/update-defaults/gpg-Prefer-SHA-512-and-SHA-384-in-personal-digest.patch @@ -19,10 +19,10 @@ Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/g10/keygen.c b/g10/keygen.c -index 5b4a785..2066bf1 100644 +index 1e9249e..6612352 100644 --- a/g10/keygen.c +++ b/g10/keygen.c -@@ -391,16 +391,16 @@ keygen_set_std_prefs (const char *string,int personal) +@@ -406,16 +406,16 @@ keygen_set_std_prefs (const char *string,int personal) if (personal) { /* The default internal hash algo order is: diff --git a/debian/rules b/debian/rules index bf8fe12..97ce206 100755 --- a/debian/rules +++ b/debian/rules @@ -91,6 +91,7 @@ override_dh_auto_build-indep: cd build-gpgv-win32/common && $(WIN32_FLAGS) $(MAKE) libgpgrl.a cd build-gpgv-win32/common && $(WIN32_FLAGS) $(MAKE) libsimple-pwquery.a cd build-gpgv-win32/kbx && $(WIN32_FLAGS) $(MAKE) libkeybox.a + cd build-gpgv-win32/regexp && $(WIN32_FLAGS) $(MAKE) _unicode_mapping.c cd build-gpgv-win32/regexp && $(WIN32_FLAGS) $(MAKE) libregexp.a cd build-gpgv-win32/g10 && $(WIN32_FLAGS) $(MAKE) gpgv.exe strip build-gpgv-win32/g10/gpgv.exe @@ -104,6 +105,9 @@ override_dh_shlibdeps: dpkg-shlibdeps -Tdebian/dirmngr.substvars -dRecommends debian/dirmngr/usr/lib/gnupg/dirmngr_ldap -dDepends debian/dirmngr/usr/bin/dirmngr* dh_shlibdeps -Ndirmngr +execute_before_dh_autoreconf: + echo "Developer change history can be found in the source tarball. See NEWS for high-level changes." > ChangeLog + # visualizations of package dependencies: debian/%.png: debian/%.dot dot -T png -o $@ $< |