missing format string in hkp code, update from cvs.

author: Tavis Ormandy <taviso@gentoo.org> 2003-12-03 18:45:05 +0000
committer: Tavis Ormandy <taviso@gentoo.org> 2003-12-03 18:45:05 +0000
commit: 504aab5e44582c9b0be0f037c52fd85f9a1af0be (patch)
tree: 882e8466b4cea892547239ad923f2780015c2d6e /app-crypt
parent: missing format string in hkp code, update from cvs. (diff)
download: gentoo-2-504aab5e44582c9b0be0f037c52fd85f9a1af0be.tar.gz
gentoo-2-504aab5e44582c9b0be0f037c52fd85f9a1af0be.tar.bz2
gentoo-2-504aab5e44582c9b0be0f037c52fd85f9a1af0be.zip
5 files changed, 162 insertions, 3 deletions
diff --git a/app-crypt/gnupg/ChangeLog b/app-crypt/gnupg/ChangeLog
index e3d39fc65065..51a038f64e4d 100644
--- a/app-crypt/gnupg/ChangeLog
+++ b/app-crypt/gnupg/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for app-crypt/gnupg
 # Copyright 2002-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-crypt/gnupg/ChangeLog,v 1.38 2003/11/29 22:31:11 taviso Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-crypt/gnupg/ChangeLog,v 1.39 2003/12/03 18:45:01 taviso Exp $
+
+*gnupg-1.2.3-r5 (03 Dec 2003)
+
+  03 Dec 2003; Tavis Ormandy <taviso@gentoo.org> gnupg-1.2.3-r5.ebuild,
+  files/gnupg-1.2.3-hkp-format-string.diff:
+  patch from cvs, missing format string in hkp code.
 
 *gnupg-1.2.3-r4 (29 Nov 2003)
 
diff --git a/app-crypt/gnupg/Manifest b/app-crypt/gnupg/Manifest
index 40f561f58bc8..2a23c9bd0ed2 100644
--- a/app-crypt/gnupg/Manifest
+++ b/app-crypt/gnupg/Manifest
@@ -1,8 +1,8 @@
-MD5 b9f8d0eccfcd61c1b2ae0f539d7a5b67 gnupg-1.2.3-r5.ebuild 3296
+MD5 f1c8c882151fca30554753bd5017ceb5 gnupg-1.2.3-r5.ebuild 3296
 MD5 b1b8b51a3ba07896162db22ca158d07d gnupg-1.2.3-r2.ebuild 1638
 MD5 0fba217c4581fac9583ee1aefdf301ae gnupg-1.2.3-r4.ebuild 3052
 MD5 6f0148d960aaa3208aa4c74705805277 gnupg-1.2.3-r3.ebuild 2656
-MD5 3e68fd3de3d757f4ffc40b766a7f40a7 ChangeLog 6178
+MD5 6babdc655b31771149314d2488b4874b ChangeLog 6379
 MD5 5ffa87354a03beae320d15a7be997529 gnupg-1.2.2-r1.ebuild 1629
 MD5 773ecd19392b8f793d7626c9814e1e0b files/digest-gnupg-1.2.2-r1 65
 MD5 eecb1b58574b61ddac7c3d12b0143b7d files/digest-gnupg-1.2.3-r2 65
diff --git a/app-crypt/gnupg/files/digest-gnupg-1.2.3-r5 b/app-crypt/gnupg/files/digest-gnupg-1.2.3-r5
new file mode 100644
index 000000000000..f63dbab6d49f
--- /dev/null
+++ b/app-crypt/gnupg/files/digest-gnupg-1.2.3-r5
@@ -0,0 +1 @@
+MD5 cdca1282d7901f9ddb52f9725b001af2 gnupg-1.2.3.tar.bz2 2294773
diff --git a/app-crypt/gnupg/files/gnupg-1.2.3-hkp-format-string.diff b/app-crypt/gnupg/files/gnupg-1.2.3-hkp-format-string.diff
new file mode 100644
index 000000000000..efb98bf6a680
--- /dev/null
+++ b/app-crypt/gnupg/files/gnupg-1.2.3-hkp-format-string.diff
@@ -0,0 +1,30 @@
+#########################
+# http://cvs.gnupg.org/cgi-bin/viewcvs.cgi/gnupg/keyserver/gpgkeys_hkp.c.diff?r1=text&tr1=1.15.2.7&r2=text&tr2=1.15.2.8&diff_format=u
+#
+# - taviso@gentoo.org 03/12/2003.
+#
+###################################
+===================================================================
+RCS file: /cvs/gnupg/gnupg/keyserver/gpgkeys_hkp.c,v
+retrieving revision 1.15.2.7
+retrieving revision 1.15.2.8
+diff -u -r1.15.2.7 -r1.15.2.8
+--- gnupg/keyserver/gpgkeys_hkp.c	2003/05/30 04:00:26	1.15.2.7
++++ gnupg/keyserver/gpgkeys_hkp.c	2003/11/27 12:18:20	1.15.2.8
+@@ -268,14 +268,14 @@
+ 
+ 	  if(gotit)
+ 	    {
+-	      fprintf(output,line);
++	      fputs (line, output);
+ 	      if(strcmp(line,"-----END PGP PUBLIC KEY BLOCK-----\n")==0)
+ 		break;
+ 	    }
+ 	  else
+ 	    if(strcmp(line,"-----BEGIN PGP PUBLIC KEY BLOCK-----\n")==0)
+ 	      {
+-		fprintf(output,line);
++		fputs (line, output);
+ 		gotit=1;
+ 	      }
+ 	}
diff --git a/app-crypt/gnupg/gnupg-1.2.3-r5.ebuild b/app-crypt/gnupg/gnupg-1.2.3-r5.ebuild
new file mode 100644
index 000000000000..b269070e5c62
--- /dev/null
+++ b/app-crypt/gnupg/gnupg-1.2.3-r5.ebuild
@@ -0,0 +1,122 @@
+# Copyright 1999-2003 Gentoo Technologies, Inc.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-crypt/gnupg/gnupg-1.2.3-r5.ebuild,v 1.1 2003/12/03 18:45:01 taviso Exp $
+
+inherit eutils
+
+DESCRIPTION="The GNU Privacy Guard, a GPL pgp replacement"
+HOMEPAGE="http://www.gnupg.org/"
+SRC_URI="ftp://ftp.gnupg.org/gcrypt/gnupg/${P}.tar.bz2"
+SLOT="0"
+LICENSE="GPL-2"
+KEYWORDS="~x86 ~alpha ~sparc ~hppa ~ia64"
+IUSE="X ldap nls static caps"
+
+RDEPEND="!static? ( ldap? ( net-nds/openldap )
+		caps? ( sys-libs/libcap )
+		sys-libs/zlib )
+	X? ( x11-misc/xloadimage )
+	nls? ( sys-devel/gettext )
+	virtual/glibc
+	dev-lang/perl
+	virtual/mta"
+
+# XXX: libpcap earlier than 1.10-r3 did not provide libcap.a
+#	DEPEND="caps? ( static? ( >=sys-libs/libcap-1.10-r3 )
+#				!static? ( sys-libs/libcap ) )
+DEPEND="caps? ( sys-libs/libcap )
+	ldap? ( net-nds/openldap )
+	nls? ( sys-devel/gettext )
+	!static? ( sys-libs/zlib )
+	virtual/glibc
+	dev-lang/perl"
+
+src_unpack() {
+	unpack ${A}
+
+	# disable the ability to create signatures using the 
+	# ElGamal sign+encrypt (type 20) keys as well as to remove 
+	# the option to create such keys.
+	#
+	# http://lists.gnupg.org/pipermail/gnupg-announce/2003q4/000277.html
+	cd ${S}/g10; epatch ${FILESDIR}/${P}-disable-elgamal.diff
+
+	# format string error in the hkp code could lead to arbritrary code
+	# execution by malicious keyserver. This update from CVS.
+	#
+	# http://www.s-quadra.com/advisories/Adv-20031203.txt
+	cd ${S}; epatch ${FILESDIR}/${P}-hkp-format-string.diff
+}
+
+src_compile() {
+	# support for external HKP keyservers requested in #16457.
+	# gpg faq entry 3.3 reccommends using --enable-static-rnd=linux 
+	# whenever possible.
+	local myconf="--enable-external-hkp --enable-static-rnd=linux --libexecdir=/usr/lib"
+
+	if ! use nls; then
+		myconf="${myconf} --disable-nls"
+	fi
+
+	if use ldap; then
+		myconf="${myconf} --enable-ldap"
+	else
+		myconf="${myconf} --disable-ldap"
+	fi
+
+	if use X; then
+		myconf="${myconf} --enable-photo-viewers"
+	else
+		myconf="${myconf} --disable-photo-viewers"
+	fi
+
+	# `USE=static` support was requested in #29299
+	if use static; then
+		myconf="${myconf} --with-included-zlib"
+		export LDFLAGS="${LDFLAGS} -static"
+	else
+		myconf="${myconf} --without-included-zlib"
+	fi
+
+	if use caps; then
+		myconf="${myconf} --with-capabilities"
+	fi
+
+	# Still needed?
+	# Bug #6387, --enable-m-guard causes bus error on sparcs
+	if ! use sparc; then
+		myconf="${myconf} --enable-m-guard"
+	fi
+
+	econf ${myconf} || die
+	emake || die
+}
+
+src_install() {
+	einstall libexecdir="${D}/usr/lib/gnupg"
+
+	# keep the documentation in /usr/share/doc/...
+	rm -rf "${D}/usr/share/gnupg/FAQ" "${D}/usr/share/gnupg/faq.html"
+
+	dodoc ABOUT-NLS AUTHORS BUGS COPYING ChangeLog INSTALL NEWS PROJECTS \
+	README THANKS TODO VERSION doc/{FAQ,HACKING,DETAILS,ChangeLog,OpenPGP,faq.raw}
+
+	newdoc ${FILESDIR}/${P}-disable-elgamal.diff README.elgamal
+
+	docinto sgml
+	dodoc doc/*.sgml
+
+	dohtml doc/faq.html
+
+	if ! use caps; then
+		chmod u+s "${D}/usr/bin/gpg"
+	fi
+}
+
+pkg_postinst() {
+	if ! use caps; then
+		einfo "gpg is installed suid root to make use of protected memory space"
+		einfo "This is needed in order to have a secure place to store your"
+		einfo "passphrases, etc. at runtime but may make some sysadmins nervous."
+	fi
+}
author	Tavis Ormandy <taviso@gentoo.org>	2003-12-03 18:45:05 +0000
committer	Tavis Ormandy <taviso@gentoo.org>	2003-12-03 18:45:05 +0000
commit	504aab5e44582c9b0be0f037c52fd85f9a1af0be (patch)
tree	882e8466b4cea892547239ad923f2780015c2d6e /app-crypt
parent	missing format string in hkp code, update from cvs. (diff)
download	gentoo-2-504aab5e44582c9b0be0f037c52fd85f9a1af0be.tar.gz gentoo-2-504aab5e44582c9b0be0f037c52fd85f9a1af0be.tar.bz2 gentoo-2-504aab5e44582c9b0be0f037c52fd85f9a1af0be.zip