--- /dev/null
--- /dev/null
++gnupg2 (2.2.12-1+deb10u1) buster; urgency=medium
++
++ In this version we adopt GnuPG's upstream approach of making keyserver
++ access default to self-sigs-only. This defends against receiving
++ flooded OpenPGP certificates. To revert to the previous behavior (not
++ recommended!), add the following directive to ~/.gnupg/gpg.conf:
++
++ keyserver-options no-self-sigs-only
++
++ We also adopt keys.openpgp.org as the default keyserver, since it avoids
++ the associated bandwidth waste of fetching third-party certifications
++ that will not be used. To revert to the older SKS keyserver network (not
++ recommended!), add the following directive to ~/.gnupg/dirmngr.conf:
++
++ keyserver hkps://hkps.pool.sks-keyservers.net
++
++ Note: we do *not* adopt upstream's choice of import-clean for the
++ keyserver default, since it can lead to data loss, see
++ https://dev.gnupg.org/T4628 for more details.
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 21 Aug 2019 14:53:47 -0400
++
++gnupg2 (2.1.11-7+exp1) experimental; urgency=medium
++
++ The gnupg package now provides the "modern" version of GnuPG.
++
++ Please read /usr/share/doc/gnupg/README.Debian for details about the
++ transition from "classic" to "modern"
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 30 Mar 2016 09:59:35 -0400
--- /dev/null
--- /dev/null
++# On systems with systemd running, we expect the agent to be launched
++# via systemd's user mode (see
++# /usr/lib/systemd/user/gpg-agent.{socket,service} and
++# systemd.unit(5)). This allows systemd to clean up the agent
++# automatically at logout.
++
++# If systemd is absent from your system, or you do not permit it to
++# run in user mode, then you may need to manually launch gpg-agent
++# from your session initialization with something like "gpgconf
++# --launch gpg-agent"
++
++# Nonetheless, ssh and older versions of gpg require environment
++# variables to be set in order to find the agent, so we will set those
++# here.
++
++agent_sock=$(gpgconf --list-dirs agent-socket)
++export GPG_AGENT_INFO=${agent_sock}:0:1
++if [ -n "$(gpgconf --list-options gpg-agent | \
++ awk -F: '/^enable-ssh-support:/{ print $10 }')" ]; then
++ export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
++fi
++
--- /dev/null
--- /dev/null
++gnupg2 (2.2.12-1+deb10u2) buster-security; urgency=high
++
++ [ Roger Shimizu ]
++ * d/control: Update Build-Depends: libgpg-error-dev (>= 1.35)
++
++ [ Daniel Kahn Gillmor ]
++ * fix broken status line (Closes: #1014157)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 01 Jul 2022 12:06:43 -0400
++
++gnupg2 (2.2.12-1+deb10u1) buster; urgency=medium
++
++ * drop unneeded patch for printing revocation certificates
++ * backport bugfix and stability patches from upstream 2.2.13
++ * backport bugfix and stability patches from upstream 2.2.14
++ * backport documentation, stability, ssh, and WKD patches from upstream 2.2.15
++ * backport documentation and bugfix patches from upstream 2.2.16
++ * import bugfixes and cleanup around secret key handling from 2.2.14
++ * backport bugfixes, documentation, WKD, and keyserver fixes from 2.2.17
++ * import efficiency and security fixes from upstream STABLE-BRANCH-2-2
++ * avoid using SKS pool CA unless the keyserver is hkps.pool.sks-keyservers.net
++ * drop import-clean from default keyserver options, to avoid data loss
++ * use keys.openpgp.org as the default keyserver
++ * enable merging certificate updates even if update has no user ID
++ * update Vcs-Git: to point to debian/buster branch
++ * Adopt migrate-pubring-from-classic-gpg robustness fixes (Closes: #931385)
++ * add new CI test: debian/tests/simple-tests
++ * debian/tests/gpgv-win32: make arch-specific (Closes: #905563)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 22 Aug 2019 15:11:59 -0400
++
++gnupg2 (2.2.12-1) unstable; urgency=medium
++
++ * New upstream release
++ * refresh patches
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 14 Dec 2018 20:17:16 -0500
++
++gnupg2 (2.2.11-1) unstable; urgency=medium
++
++ * new upstream release
++ * refresh patches
++ * refresh upstream/signing-key.asc
++ * deprecate gpg-zip
++ * gnupg-utils: ship gpgtar, since gpg-zip is deprecated
++ * Make gpg-zip use tar from $PATH (Closes: #913582)
++ * fix spelling mistakes in tools documentation
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sun, 18 Nov 2018 17:38:30 -0500
++
++gnupg2 (2.2.10-3) unstable; urgency=medium
++
++ [ Bjarni Ingi Gislason ]
++ * clean up nroff for gpg-check-pattern.1 (Closes: #900247)
++
++ [ Daniel Kahn Gillmor ]
++ * backport fix for subkey binding sigs
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 08 Oct 2018 11:36:01 -0400
++
++gnupg2 (2.2.10-2) unstable; urgency=medium
++
++ * import upstream minor bugfixes
++ * wrap-and-sort -ast
++ * actually ship gpgcompose in gnupg-utils
++ * drop debian/source/options (thanks, Lintian!)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sun, 30 Sep 2018 11:40:42 -0500
++
++gnupg2 (2.2.10-1) unstable; urgency=medium
++
++ * new upstream maintenance release
++ * drop patches already upstream
++ * refresh patches
++ * Standards-Version: bump to 4.2.1 (no changes needed)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 30 Aug 2018 11:57:15 -0400
++
++gnupg2 (2.2.9-2) unstable; urgency=medium
++
++ [ Daniel Kahn Gillmor ]
++ * spell Tor correctly (Closes: #895398)
++ * Standards-Version: bump to 4.2.0 (no changes needed)
++ * corrected license in AppStream file
++ * standardize udev rules for Yubikey USB devices and claim them in AppStream
++ * from upstream: s2k bugfix, support for Trustica Cryptoucan
++ * Claim Trustica Cryptoucan via AppStream
++
++ [ Jiřà Keresteš ]
++ * udev rule for Trustica Cryptoucan
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 24 Aug 2018 09:48:15 -0400
++
++gnupg2 (2.2.9-1) unstable; urgency=medium
++
++ * New upstream release
++ * Standards-Version: bump to 4.1.5 (no changes needed)
++ * drop patches already upstream
++ * refresh patches
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 19 Jul 2018 14:02:31 -0400
++
++gnupg2 (2.2.8-3) unstable; urgency=medium
++
++ * Ensure arch: all gnupg package supports binMNUs
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 21 Jun 2018 12:18:14 -0400
++
++gnupg2 (2.2.8-2) unstable; urgency=medium
++
++ [ Daniel Kahn Gillmor ]
++ * import bugfixes and improvements from upstream/STABLE-BRANCH-2-2
++ * ensure that revocation certificates show up in --show-keys output
++ (see 7c79bf7f71aa594102cb684b0abd8331bdac4608)
++ * try passing not explicit paths to wine for the gpgv-win32 test
++ * d/copyright: clarify debian/* licensing
++ * convert gnupg metapackage to Architecture: all
++
++ [ Giovanni Mascellani ]
++ * avoid parallel tests on riscv64 (Closes: #901646)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 20 Jun 2018 06:56:09 -0400
++
++gnupg2 (2.2.8-1) unstable; urgency=medium
++
++ * New upstream release
++ * refresh patches
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 08 Jun 2018 10:08:36 -0400
++
++gnupg2 (2.2.7-1) unstable; urgency=medium
++
++ * new upstream release
++ * update/refresh patches, improve patch description
++ * bump standards-version to 4.1.4 (no changes needed)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 23 May 2018 11:50:27 -0400
++
++gnupg2 (2.2.5-1) unstable; urgency=medium
++
++ * New upstream release
++ * d/gbp.conf: use DEP-14 branch naming
++ * d/control: declare Rules-Requires-Root: no
++ * drop patches already applied upstream
++ * refresh patches
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 22 Feb 2018 14:20:18 -0800
++
++gnupg2 (2.2.4-3) unstable; urgency=medium
++
++ * version build-deps on mingw library toolchain (Closes: #889921)
++ * drop misbehaving upstream scd patch (Closes: #889751)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 09 Feb 2018 13:51:35 -0500
++
++gnupg2 (2.2.4-2) unstable; urgency=medium
++
++ [ Daniel Kahn Gillmor ]
++ * move to debhelper 11
++ * d/control: move Vcs to salsa
++ * import more bugfixes and hardware from upstream
++
++ [ Helge Deller ]
++ * Fix FTBFS on hppa (Closes: #887843)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 05 Feb 2018 23:07:21 -0500
++
++gnupg2 (2.2.4-1) unstable; urgency=medium
++
++ * New upstream release
++ * do not use uupdate (we use gbp-import-orig)
++ * dirmngr: cannot avoid idling in current arrangement
++ * adjusting fixes to gpgsm defaults
++ * prefer SHA-512 specifically on personal-digest-preferences.
++ * refresh patches
++ * Standards-Version: bump to 4.1.3 (no changes needed)
++ * drop unnecessary lintian override
++ * reflect actual requirement for libassuan
++ * import bugfixes from upstream
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 03 Jan 2018 12:43:40 -0500
++
++gnupg2 (2.2.3-1) unstable; urgency=medium
++
++ * New upstream release
++ * refreshed patches
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 30 Nov 2017 19:06:35 -0500
++
++gnupg2 (2.2.2-1) unstable; urgency=medium
++
++ * new upstream release.
++ * avoid testsuite delays from excess socket waiting
++ * clean up trailing whitespace in debian/{rules,changelog}
++ * drop patches already upstream
++ * refresh remaining patches
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 08 Nov 2017 20:09:33 +0100
++
++gnupg2 (2.2.1-5) unstable; urgency=medium
++
++ * block ptrace on scdaemon as well as gpg-agent (Closes: #878952)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 27 Oct 2017 01:43:20 -0400
++
++gnupg2 (2.2.1-4) unstable; urgency=medium
++
++ * restore lintian override, because ftp-master isn't yet running lintian
++ 2.5.55 (see #877999 for more details)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 19 Oct 2017 02:33:36 -0400
++
++gnupg2 (2.2.1-3) unstable; urgency=medium
++
++ * bugfix for multiple keyrings (Closes: #878812)
++ * drop an unnecessary lintian override
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 19 Oct 2017 00:23:41 -0400
++
++gnupg2 (2.2.1-2) unstable; urgency=medium
++
++ * adopt bugfixes and documentation improvements from upstream
++ * reorganize debian/patches for simpler maintenance
++ * move gnupg-l10n to Section: localization
++ * Standards-Version: bump to 4.1.1 (no changes needed)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 10 Oct 2017 10:05:45 -0400
++
++gnupg2 (2.2.1-1) unstable; urgency=medium
++
++ * New upstream release
++ * drop patches already applied upstream
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 19 Sep 2017 08:26:26 -0400
++
++gnupg2 (2.2.0-3) unstable; urgency=medium
++
++ * avoid FTBFS when TZ=UTC-12 (Closes: #874617)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 08 Sep 2017 02:10:02 -0400
++
++gnupg2 (2.2.0-2) unstable; urgency=medium
++
++ * dirmngr and gpgv-static are Multi-arch: foreign (Closes: #874111)
++ * update to stronger cryptographic defaults.
++ * use upstream gpg-agent-browser.socket systemd user service
++ * publish SSH_AUTH_SOCK for wayland users (Closes: #855868)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 07 Sep 2017 19:20:35 -0400
++
++gnupg2 (2.2.0-1) unstable; urgency=medium
++
++ * New upstream release.
++ * drop patches already upstream
++ * scdaemon: bugfix from upstream for large ECC keys
++ * Standards-Version: bump to 4.1.0 (no changes needed)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 06 Sep 2017 13:10:28 -0400
++
++gnupg2 (2.1.23-2) unstable; urgency=medium
++
++ * add openssh-client to build-deps for testing
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sun, 13 Aug 2017 22:48:23 -0400
++
++gnupg2 (2.1.23-1) unstable; urgency=medium
++
++ * New upstream release
++ * move to unstable
++ * refresh patches
++ * keep default --no-auto-key-retrieve
++ * Standards-Version: 4.0.1 (Priority: extra -> optional)
++ * run tests in parallel
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 11 Aug 2017 09:56:05 -0400
++
++gnupg2 (2.1.22-1) experimental; urgency=medium
++
++ * New upstream release
++ * refreshed patches
++ * pulled a few bugfix patches from upstream
++ * simplify systemd user units
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 07 Aug 2017 01:17:19 -0400
++
++gnupg2 (2.1.21-4) experimental; urgency=medium
++
++ * package reorganization:
++ - new package 'gpg' is just for public key operations
++ - 'gnupg' package is the full suite
++ - 'gnupg-agent' package is renamed to 'gpg-agent'
++ - 'gpgconf' is a base package, other packages depend on it
++ - 'gnupg-utils' are a grab-bag of helper tools that may be useful
++ * scdaemon: add AppStream metainfo about supported smartcards
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 26 Jul 2017 12:50:55 -0400
++
++gnupg2 (2.1.21-3) experimental; urgency=medium
++
++ * include upstream bugfixes and improvements (Closes: #863221)
++ * build gpgcompose, ship new gpgcompose binary package
++ * upgrade to debhelper 10
++ * upgrade to Standards-Version 4.0.0 (no changes needed)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sun, 11 Jun 2017 01:50:30 +0200
++
++gnupg2 (2.1.21-2) experimental; urgency=medium
++
++ [ Stefan Bühler ]
++ * Create WKS server and client packages
++
++ [ Daniel Kahn Gillmor ]
++ * minor packaging cleanups
++ * more upstream bugfix and cleanup patches
++ * rename WKS packages to match the tool names
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 18 May 2017 18:02:46 -0400
++
++gnupg2 (2.1.21-1) experimental; urgency=medium
++
++ * new upstream release
++ * drop patches alread yupstream, refresh patches
++ * import post-release bugfixes from upstream
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 16 May 2017 22:42:20 -0400
++
++gnupg2 (2.1.20-4) experimental; urgency=medium
++
++ * avoid shipping or trying to use .skel files
++ * more bugfixes from upstream
++ * skip missing signing keys (Closes: #834922)
++ * prefer available smartcard
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 10 May 2017 14:59:02 -0400
++
++gnupg2 (2.1.20-3) experimental; urgency=medium
++
++ * more upstream bugfixes (Closes: #858400)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 07 Apr 2017 11:36:51 -0400
++
++gnupg2 (2.1.20-2) experimental; urgency=medium
++
++ * more bugfix patches from upstream
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 06 Apr 2017 11:21:24 -0400
++
++gnupg2 (2.1.20-1) experimental; urgency=medium
++
++ * new upstream release
++ * drop patches already upstream, refresh patches
++ * import post-release bugfixes from upstream
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 05 Apr 2017 11:43:09 -0400
++
++gnupg2 (2.1.19-3) experimental; urgency=medium
++
++ * more patches from usptream
++ - test suite should now use /tmp and not require /run/user/
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 21 Mar 2017 12:34:47 -0400
++
++gnupg2 (2.1.19-2) experimental; urgency=medium
++
++ * more patches from upstream (Closes: #854829)
++ * add verbose=3 to the test suite as requested by upstream
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 20 Mar 2017 14:05:46 -0400
++
++gnupg2 (2.1.19-1) experimental; urgency=medium
++
++ * New upstream release (Closes: #854359)
++ * many post-release bugfixes from upstream
++ * add logcheck filters for gpg-agent (Closes: #856438)
++ * Upload to experimental due to the freeze
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 16 Mar 2017 12:47:40 -0400
++
++gnupg2 (2.1.18-6) unstable; urgency=medium
++
++ [ NIIBE Yutaka ]
++ * scdaemon: Fix duplicated entries (Closes: #855056).
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 13 Feb 2017 19:29:34 -0500
++
++gnupg2 (2.1.18-5) unstable; urgency=medium
++
++ [ Daniel Kahn Gillmor ]
++ * Xsession.d/90gpg-agent: use simpler and more direct gpgconf
++ invocations for socket names.
++
++ [ NIIBE Yutaka ]
++ * scdaemon.udev: Add Yubikey and Nitrokey (Closes: #648331, 734889).
++ * scdaemon fix for PC/SC (Closes: #852702, #854005, #854595, #854616).
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 13 Feb 2017 09:15:07 -0500
++
++gnupg2 (2.1.18-4) unstable; urgency=medium
++
++ [ Daniel Kahn Gillmor ]
++ * document that debian disables --allow-version-check
++ * docs, debugging, and bugfix patches from upstream (Closes: #852979)
++
++ [ NIIBE Yutaka ]
++ * scdaemon bugfixes
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sat, 04 Feb 2017 22:03:26 -0500
++
++gnupg2 (2.1.18-3) unstable; urgency=medium
++
++ * fix searches for keys with raw addr-spec
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 25 Jan 2017 16:58:56 -0500
++
++gnupg2 (2.1.18-2) unstable; urgency=medium
++
++ * pull fixes from upstream (including a double-free in gpg-agent)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 25 Jan 2017 09:29:25 -0500
++
++gnupg2 (2.1.18-1) unstable; urgency=medium
++
++ * New upstream release.
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 23 Jan 2017 23:12:35 -0500
++
++gnupg2 (2.1.17-6) unstable; urgency=medium
++
++ * Upstream patches, fixing unnecessary delay in gpg-agent (Closes: #851298)
++ * gpg-agent: avoid race in shutdown (Closes: #841143)
++ * improve dirmngr, gpg-agent README.Debian (Closes: #850982)
++ * clean up gpg-agent-idling patch
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 18 Jan 2017 14:40:41 -0500
++
++gnupg2 (2.1.17-5) unstable; urgency=medium
++
++ * more fixes from upstream (improving but not yet closing: #849845)
++ * gpg-agent: actively poll when shutdown is pending. Thanks, NIIBE
++ Yutaka! (addresses but does not close #841143)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 11 Jan 2017 15:44:57 -0500
++
++gnupg2 (2.1.17-4) unstable; urgency=medium
++
++ * more patches from upstream, including dirmngr debugging
++ improvements
++ * resolve ambiguity in aliased options and commands (Closes: #850475)
++ * auto-enable gpg-agent and dirmngr for systemd user sessions
++ * enable easy reloads from systemd
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 10 Jan 2017 17:30:08 -0500
++
++gnupg2 (2.1.17-3) unstable; urgency=medium
++
++ * more bugfixes from upstream (improving but not yet closing: #849845)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 03 Jan 2017 15:39:52 -0500
++
++gnupg2 (2.1.17-2) unstable; urgency=medium
++
++ * include patches from upstream to avoid build failures on 32-bit
++ arches.
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sat, 24 Dec 2016 18:11:51 -0500
++
++gnupg2 (2.1.17-1) unstable; urgency=medium
++
++ * new upstream release.
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sat, 24 Dec 2016 15:39:04 -0500
++
++gnupg2 (2.1.16-3) unstable; urgency=medium
++
++ * remove -pie from hppa, kfreebsd-amd64, and x32 builds of
++ gpgv-static (Closes: #846889)
++ * import several upstream bugfix patches (Closes: #846834, #846168)
++ * link gnupg-agent and scdaemon with Enhances/Suggests (Closes: #833518)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 05 Dec 2016 15:34:49 -0500
++
++gnupg2 (2.1.16-2) unstable; urgency=medium
++
++ * avoid using adns, due to lack of security support (Closes: #845078)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 21 Nov 2016 09:57:26 -0500
++
++gnupg2 (2.1.16-1) unstable; urgency=medium
++
++ * New upstream version
++ * dropped many patches already incorporated upstream
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sun, 20 Nov 2016 23:22:49 -0500
++
++gnupg2 (2.1.15-9) unstable; urgency=medium
++
++ * Introduce gpgv-static package (Closes: #806940)
++ * more patches from upstream
++ * use adns for better DNS resolution in dirmngr
++ * add some import-options to
++ migrate-pubring-from-classic-gpg for better migration
++ * reorganize patches to distinguish debian variations from upstream
++ * set simple and easy defaults for keyservers
++ * help dirmngr and gpg-agent idle better in the default case
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 10 Nov 2016 07:28:16 -0800
++
++gnupg2 (2.1.15-8) unstable; urgency=medium
++
++ * rename gpg-agent-restricted.socket to gpg-agent-extra.socket
++ (for symmetry with option names and actual sockets created)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 27 Oct 2016 13:54:53 -0400
++
++gnupg2 (2.1.15-7) unstable; urgency=medium
++
++ * more upstream patches
++ * dirmngr systemd user service is now socket-activated.
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 27 Oct 2016 12:48:15 -0400
++
++gnupg2 (2.1.15-6) unstable; urgency=medium
++
++ * more upstream patches (Closes: #841437, #840680)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 26 Oct 2016 17:44:20 -0400
++
++gnupg2 (2.1.15-5) unstable; urgency=medium
++
++ * added udev rules for Fujitsu Siemens cardreader (Closes: #840312)
++ * mark transitional packages Multi-Arch: Foreign (closes: #840258)
++ * make gnupg2 binNMU-safe
++ * more patches from upstream
++ * track upstream decision-making about gpg-agent socket names
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 25 Oct 2016 21:30:06 -0400
++
++gnupg2 (2.1.15-4) unstable; urgency=medium
++
++ * update debian/tests/gpgv-win32
++ * more patches from upstream (Closes: #838153)
++ * tighten dependencies between gnupg and dirmngr (Closes: #834602)
++ * updated systemd user gpg-agent units for socket activation
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 04 Oct 2016 17:22:30 -0400
++
++gnupg2 (2.1.15-3) unstable; urgency=medium
++
++ * Use upstream fix to avoid touching homedir during test suite
++ * backward compatibility for preset-passphrase and protect-tool
++ * add Breaks: for python3-apt too (thanks, Harald Jenny!)
++ * Avoid network access during tests (Closes: #836259)
++ * more patches from upstream
++ - gpgv --output now works
++ - fingerprint display doesn't vary with --keyid-format
++ - minor cleanup to scdaemon dealing with removed cards
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 14 Sep 2016 17:08:58 -0400
++
++gnupg2 (2.1.15-2) unstable; urgency=medium
++
++ * restore keyid output in gpgv (Closes: #836144)
++ * avoid test suite failures when HOME does not exist
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 31 Aug 2016 12:37:48 -0400
++
++gnupg2 (2.1.15-1) unstable; urgency=medium
++
++ * new upstream release
++ - blocks signals during keyring updates (Closes: #293556)
++ * avoid libusb on hurd. Thanks, Pino Toscano! (Closes: #834533)
++ * permissions on test suite are already fixed
++ * drop patches applied upstream and refresh remaining patches
++ * make gnupg2 reproducible by not regenerating documentation date
++ * make autopkgtest work with modern wine (Closes: #835976)
++ * wrap-and-sort -ast for cleaner diffs
++ * add versioned Breaks: for affected packages (Closes: #835349)
++ - gpgv Breaks: python-debian << 0.1.29 (addresses: #782904)
++ - gnupg Breaks: php-crypt-gpg <= 1.4.1-1 (addresses #835592)
++ - gnupg Breaks: python-apt <= 1.1.0~beta4 (addresses: #835465)
++ - gnupg Breaks: python-gnupg << 0.3.8-3 (addresses: #834514, #834600)
++ - gnupg Breaks: libgnupg-interface-perl << 0.52-3 (addresses: #834281)
++ - gnupg Breaks: libmail-gnupg-perl <= 0.22-1 (addresses: #835075)
++ - gnupg Breaks: libgnupg-perl << 0.19-1 (addresses: #834522)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 30 Aug 2016 13:19:23 -0400
++
++gnupg2 (2.1.14-5) unstable; urgency=medium
++
++ * actually ship /usr/share/doc/gnupg/README.Debian
++ * Release to unstable.
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 12 Aug 2016 16:27:22 -0400
++
++gnupg2 (2.1.14-4) experimental; urgency=medium
++
++ * add ZeitControl card (Closes: #814584)
++ * three more fixes from upstream
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 08 Aug 2016 12:54:21 -0400
++
++gnupg2 (2.1.14-3) experimental; urgency=medium
++
++ * cleanup debian/copyright
++ * update debian/watch
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 03 Aug 2016 11:09:05 -0400
++
++gnupg2 (2.1.14-2) experimental; urgency=medium
++
++ * mark the gpgv binary as Priority: important, since apt depends on it
++ * import a bunch of fixes from upstream
++ * include permissioning on patched-in tests
++ * Breaks: some packages that expect old gpg behavior (Closes: #831500)
++ * remove scdaemon.service; it will be managed by gpg-agent.service
++ * avoid bulleted items in debian/NEWS (thanks, Lintian!)
++ * debian/copyright: cleanup, fix URLs
++ * debian/control: use standard URL for Vcs-Browser
++ * fix spelling and grammar noticed by lintian
++ * avoid lintian notes about a misspelled "written"
++ * clean up gpgv2 Description
++ * break out arch-indep localization files into new gnupg-l10n package
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 01 Aug 2016 17:54:59 -0400
++
++gnupg2 (2.1.14-1) experimental; urgency=medium
++
++ * New upstream release
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 15 Jul 2016 01:39:25 +0200
++
++gnupg2 (2.1.13-5) experimental; urgency=medium
++
++ * dependency cleanup!
++ - make Recommends: strictly versioned between gnupg and {gpg-agent,dirmngr}
++ - make gnupg Provide: gpg and mention it in the package description
++ - drop mention of newpg, which has not been in debian for many releases
++ - gnupg2 2.0.18 predates debian wheezy, which is oldstable; drop mention
++ in debian/control
++ - drop Suggests: gnupg-doc, which does not appear to be maintained
++ - drop all references to gpg-idea, which has not been in debian for
++ several releases
++ - removed dependency on "dpkg (>= 1.15.4) | install-info", since that
++ dpkg version predates oldstable (wheezy)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 04 Jul 2016 10:13:42 -0400
++
++gnupg2 (2.1.13-4) experimental; urgency=medium
++
++ * add binutils-multiarch [!amd64 !i386] to Build-Depends-Indep: so that
++ we can generate win32 packages on non-x86 platforms.
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 01 Jul 2016 11:30:28 -0400
++
++gnupg2 (2.1.13-3) experimental; urgency=medium
++
++ * pull bugfixes from upstream (Closes: #828109, #814584)
++ * should also allow for reproducible builds, with fix to
++ timestamps in tofu.test
++ * provide supervised dirmngr, gpg-agent, and scdaemon services from
++ systemd's user sessioniif the user wants to enable them. These
++ services should terminate at logout (Closes: #825911)
++ * avoid launching gpg-agent from Xsession.d since we have more robust
++ session management available (added NEWS entry about this change)
++ * gnupg-agent now Provides: gpg-agent to mitigate common confusion.
++ * updated dirmngr package description.
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 28 Jun 2016 13:46:36 -0400
++
++gnupg2 (2.1.13-2) experimental; urgency=medium
++
++ * brown paper bag time: fix build-dep from libusb-1.0.0-dev to
++ libusb-1.0-0-dev
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 17 Jun 2016 23:07:43 -0400
++
++gnupg2 (2.1.13-1) experimental; urgency=medium
++
++ * New upstream release
++ - new keyid-format "none", used by default (Closes: #826273)
++ * Build-depend on libusb-1.0.0-dev to ensure smartcards work (Thanks,
++ gniibe!)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 16 Jun 2016 18:30:36 -0400
++
++gnupg2 (2.1.12-1) experimental; urgency=medium
++
++ * New upstream release
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 10 May 2016 20:58:06 -0400
++
++gnupg2 (2.1.11-7+exp1) experimental; urgency=medium
++
++ * switching over binary package names in experimental -- gnupg2 source
++ package now provides gnupg and gpgv
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 18 Apr 2016 19:17:19 -0400
++
++gnupg2 (2.1.11-7) unstable; urgency=medium
++
++ * move to unstable
++ * re-enable test suites on mips and mipsel since #730846 is resolved
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 18 Apr 2016 07:45:16 -0400
++
++gnupg2 (2.1.11-6+exp4) experimental; urgency=medium
++
++ * stop using help2man to fix cross-building
++ * ensure gpgv-win32 is properly stripped
++ * enable autopkgtest to run without root on systems that already have
++ wine32 installed
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 01 Apr 2016 13:08:07 -0300
++
++gnupg2 (2.1.11-6+exp3) experimental; urgency=medium
++
++ * more cleanup on arch-dependent packages.
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 30 Mar 2016 03:36:18 -0400
++
++gnupg2 (2.1.11-6+exp2) experimental; urgency=medium
++
++ * avoid build failures when building only arch-dependent or only
++ arch-independent packages.
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 30 Mar 2016 02:59:18 -0400
++
++gnupg2 (2.1.11-6+exp1) experimental; urgency=medium
++
++ * take over gpgv-win32 from gnupg 1.4 packaging
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 28 Mar 2016 23:27:43 -0400
++
++gnupg2 (2.1.11-6) unstable; urgency=medium
++
++ * avoid FTBFS with patch from upstream (Closes: #814842)
++ * bumped standards-version to 3.9.7 (no changes needed)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 01 Mar 2016 09:36:41 +0100
++
++gnupg2 (2.1.11-5) unstable; urgency=medium
++
++ * taking over gpgv-udeb from gnupg 1.4 packaging
++ * debian/control: use secure transport for Vcs-* and Homepage
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 04 Feb 2016 17:17:47 -0500
++
++gnupg2 (2.1.11-4) unstable; urgency=medium
++
++ * disable gpgtar, since it is causing unpredictable testsuite failures
++ and we don't ship it anyway.
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 03 Feb 2016 11:57:57 -0500
++
++gnupg2 (2.1.11-3) unstable; urgency=medium
++
++ * trying again to get a proper dump of the gpgtar.test.log. sigh.
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 28 Jan 2016 08:34:22 -0500
++
++gnupg2 (2.1.11-2) unstable; urgency=medium
++
++ * added temporary hook to view failing gpgtar test output on build
++ daemons since i can't replicate the failures on my own build systems.
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 28 Jan 2016 00:53:29 -0500
++
++gnupg2 (2.1.11-1) unstable; urgency=medium
++
++ * new upstream release
++ - drops buggy attempt to detect duplicate keys (Closes: #807819)
++ * removed -dbg package, since we have automatic -dbgsym packages now
++ * removed undocumented gpgkey2ssh; use gpg --export-ssh-key instead
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 25 Jan 2016 15:29:25 -0500
++
++gnupg2 (2.1.10-3) unstable; urgency=medium
++
++ * avoid infinite loop when doing --gen-revoke by fingerprint
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sat, 12 Dec 2015 16:53:40 -0500
++
++gnupg2 (2.1.10-2) unstable; urgency=medium
++
++ * actually use sks-keyservers CA by default if the user asks for
++ hkps://hkps.pool.sks-keyservers.net
++ * move ownership of some files in /usr/share/gnupg2/ to more appropriate
++ owners like gpgsm and dirmngr.
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 11 Dec 2015 17:06:10 -0500
++
++gnupg2 (2.1.10-1) unstable; urgency=medium
++
++ * new upstream release
++ * ship sks-keyservers.netCA.pem in dirmngr to make it easier to use hkps.
++ * avoid shipping Changelog-2011, use upstream ChangeLog (Closes:
++ #803225)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 09 Dec 2015 12:05:42 -0500
++
++gnupg2 (2.1.9-1) unstable; urgency=medium
++
++ * New upstream release
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 13 Oct 2015 10:04:33 -0400
++
++gnupg2 (2.1.8-2) UNRELEASED; urgency=medium
++
++ [ NIIBE Yutaka ]
++ * update scdaemon dependencies
++
++ [ Daniel Kahn Gillmor ]
++ * correct ssh fingerprint for ECDSA nistp384 (Closes: #795636)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 17 Sep 2015 00:00:28 -0400
++
++gnupg2 (2.1.8-1) unstable; urgency=medium
++
++ * New upstream release
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 10 Sep 2015 17:00:06 -0400
++
++gnupg2 (2.1.7-2) unstable; urgency=medium
++
++ * upload to unstable
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 11 Aug 2015 21:24:18 -0400
++
++gnupg2 (2.1.7-1) experimental; urgency=medium
++
++ * new upstream release
++ * block ptrace connections to gpg-agent
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 11 Aug 2015 20:05:38 -0400
++
++gnupg2 (2.1.6-1) experimental; urgency=medium
++
++ * new upstream release
++ * drop deprecated gpgsm-gencert.sh
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 07 Jul 2015 14:27:23 -0400
++
++gnupg2 (2.1.5-2) experimental; urgency=medium
++
++ [ Daniel Kahn Gillmor ]
++ * pass DBUS_SESSION_BUS_ADDRESS through to the agent so that
++ pinentry-gnome3 can work across sessions.
++ * ensure that l10n files are rebuilt.
++
++ [ Eric Dorland ]
++ * debian/patches/0003-Include-defs.inc-in-BUILT_SOURCES.patch: Fix for
++ build failure when rebuilding info docs.
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 30 Jun 2015 18:13:58 -0400
++
++gnupg2 (2.1.5-1) experimental; urgency=medium
++
++ * New upstream release
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 11 Jun 2015 13:18:56 -0400
++
++gnupg2 (2.1.4-2) experimental; urgency=medium
++
++ * avoid excess dependencies on headless servers (Closes: #753163)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 03 Jun 2015 14:12:49 -0400
++
++gnupg2 (2.1.4-1) experimental; urgency=medium
++
++ * New upstream release.
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 28 May 2015 00:25:55 -0400
++
++gnupg2 (2.1.3-1) experimental; urgency=medium
++
++ * New upstream version.
++ * Add gnupg2-dbg (Closes: #781631)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 01 Apr 2015 12:10:38 -0400
++
++gnupg2 (2.1.2-2) experimental; urgency=medium
++
++ * Fix segv due to NULL value stored as opaque MPI.
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sat, 21 Feb 2015 10:26:50 -0500
++
++gnupg2 (2.1.2-1) experimental; urgency=medium
++
++ * New upstream version
++ * move from automake1.11 to plain automake (upstream uses 1.14 now)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 12 Feb 2015 20:10:43 -0500
++
++gnupg2 (2.1.1-1) experimental; urgency=medium
++
++ * New upstream version (closes: #772654)
++ * gnupg2 now Breaks: older versions of dirmngr (closes: #769460)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 16 Dec 2014 14:58:06 -0500
++
++gnupg2 (2.1.0-1) experimental; urgency=medium
++
++ * import upstream 2.1.0 release.
++ * drop debian/patches/speed-up-test-suite.patch -- included upstream.
++ * avoid self-reporting as a beta now that this is a release
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 06 Nov 2014 12:31:06 -0500
++
++gnupg2 (2.1.0~beta895-3) experimental; urgency=medium
++
++ * update gnupg-agent.xsession to export ssh-agent where
++ configured. (Closes: #767341)
++ * use cheap/fast entropy for the test suite so that builds on
++ low-entropy machines go faster.
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 30 Oct 2014 13:37:08 -0400
++
++gnupg2 (2.1.0~beta895-2) experimental; urgency=medium
++
++ * added pkg-config to Build-Depends.
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 29 Oct 2014 18:36:27 -0400
++
++gnupg2 (2.1.0~beta895-1) experimental; urgency=medium
++
++ * new upstream version in experimental (Closes: #762844, #751266, #762844)
++ * ship /usr/bin/gpgparsemail (Closes: #760575)
++ * document that doc/OpenPGP is not actually an RFC, but just refers to
++ one (closes: #745410)
++ * Bump Standards-Version to 3.9.6 (no changes needed)
++ * --enable-large-secmem to ensure that gpg2 works with pre-generated
++ oversized RSA keys
++ * updated /etc/X11/Xsession.d/90gpg-agent to export $GPG_AGENT_INFO
++ about the standard socket.
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 29 Oct 2014 17:53:06 -0400
++
++gnupg2 (2.0.28-3) unstable; urgency=medium
++
++ * pass DBUS_SESION_BUS_ADDRESS to the agent for gnome3.
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sat, 04 Jul 2015 14:21:41 -0400
++
++gnupg2 (2.0.28-2) unstable; urgency=medium
++
++ * d/clean: drop stamp-po to rebuild l10n (Closes: #788989)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 30 Jun 2015 17:17:11 -0400
++
++gnupg2 (2.0.28-1) unstable; urgency=medium
++
++ * new upstream release
++ * really address excess dependencies on headless server (thanks Raphaël
++ Halimi for noticing) (Closes: #753163)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 02 Jun 2015 12:16:57 -0400
++
++gnupg2 (2.0.27-2) unstable; urgency=medium
++
++ * import upstream fix to avoid replicating unknown subkey
++ packets. (Closes: #787045) (Thanks, NIIBE Yutaka)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 28 May 2015 00:55:51 -0400
++
++gnupg2 (2.0.27-1) unstable; urgency=medium
++
++ * New upstream release.
++ * Provide a simple way for users to avoid gpg-agent hijacking,
++ working around: #760102 (Closes: #753163)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Fri, 08 May 2015 18:15:15 -0400
++
++gnupg2 (2.0.26-6) unstable; urgency=medium
++
++ * Avoid NULL dereference with opaque MPI.
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sat, 21 Feb 2015 18:01:40 -0500
++
++gnupg2 (2.0.26-5) unstable; urgency=medium
++
++ * import bug-fixes from upstream
++ (Closes: #773415, #773469, #773471, #773472, #773423)
++ * Fixes CVE-2015-1606 "Use after free, resulting from failure to skip
++ invalid packets", CVE-2015-1607 "memcpy with overlapping ranges,
++ resulting from incorrect bitwise left shifts" (Closes: #778577)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 16 Feb 2015 17:45:06 -0500
++
++gnupg2 (2.0.26-4) unstable; urgency=medium
++
++ [ David Prévot ]
++ * Update POT and PO files, and ensure the translations get rebuild
++ * Update French translation (Closes: #769574)
++ * Update Ukrainian translation, thanks to Yuri Chornoivan
++ * Update German translation, thanks to Werner Koch
++ * Update Danish translation, thanks to Joe Hansen
++ * Update Japanese translation, thanks to NIIBE Yutaka
++ * Update Chinese (traditional) translation, thanks to Jedi Lin
++ * Update Russian translation, thanks to Ineiev
++ * Update Polish translation, thanks to Jakub Bogusz
++ * Update Spanish translation, thanks to Manuel "Venturi" Porras Peralta
++ (Closes: #770727)
++ * New Dutch translation, thanks to Frans Spiesschaert (Closes: #770981)
++
++ [ Daniel Kahn Gillmor ]
++ * bugfix and cryptographic safety changes imported from upstream:
++ - Avoid regression when adding subkeys with strong s2k algorithms
++ (Closes: #772780) Thanks, NIIBE Yutaka
++ - Allow french translation to work when prompting for passphrase.
++ - add build and runtime support for larger RSA keys (Closes: #739424)
++ - fix runtime errors on bad input (Closes: #771987)
++ - deprecate insecure one-argument variant for gpg --verify of detached
++ signatures (Closes: #771992)
++ - initialize trustdb before trying to clear it (Closes: #735363)
++ - default to issuing SHA256 signatures for RSA
++ - avoid relying on MD5 signatures
++ - show v3 key fingerprints as all zero (OpenPGPv3 is deprecated)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sun, 04 Jan 2015 17:17:00 -0500
++
++gnupg2 (2.0.26-3) unstable; urgency=medium
++
++ * fix typo in gpg.info (closes: #760273)
++ * drop versioned Build-Conflicts on automake by setting environment
++ variables in debian/rules
++ * ship /usr/bin/gpgparsemail (closes: #760575)
++ * warn but don't fail when scdaemon options are in ~/.gnupg/gpg.conf
++ (closes: #762844)
++ * do not break on --trust-model=always (closes: #751266)
++ * document that doc/OpenPGP is not actually an RFC, but just refers to
++ one (closes: #745410)
++ * Bump Standards-Version to 3.9.6 (no changes needed)
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 30 Sep 2014 23:39:15 -0400
++
++gnupg2 (2.0.26-2) unstable; urgency=medium
++
++ * ignore emacs turds in debian/
++ * update Vcs fields
++ * move package to group maintenance
++ * wrap-and-sort cleanup of debian/*
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 28 Aug 2014 11:42:18 -0700
++
++gnupg2 (2.0.26-1) unstable; urgency=medium
++
++ * New upstream release.
++ * debian/control: Suggest parcimonie. Thanks ilf. (Closes: #752261)
++
++ -- Eric Dorland <eric@debian.org> Tue, 19 Aug 2014 18:09:08 -0400
++
++gnupg2 (2.0.25-2) unstable; urgency=medium
++
++ * debian/control: Switch to libgcrypt20-dev (aka 1.6 release).
++
++ -- Eric Dorland <eric@debian.org> Fri, 08 Aug 2014 14:12:05 -0400
++
++gnupg2 (2.0.25-1) unstable; urgency=medium
++
++ * New upstream release.
++
++ -- Eric Dorland <eric@debian.org> Mon, 30 Jun 2014 13:10:04 -0400
++
++gnupg2 (2.0.24-1) unstable; urgency=high
++
++ * New upstream release. Fixes CVE-2014-4617 "infinite loop when
++ decompressing data packets". (Closes: #752498)
++ * debian/patches/02-gpgv2-dont-link-libassuan.diff: Drop, now
++ upstreamed.
++
++ -- Eric Dorland <eric@debian.org> Wed, 25 Jun 2014 00:11:19 -0400
++
++gnupg2 (2.0.23-1) unstable; urgency=medium
++
++ * New upstream release.
++ * debian/upstream/signing-key.asc: Rename upstream-signing-key.pgp to
++ the new, supported name.
++ * debian/control: Restore versioned conflict against gpg-idea. (Closes:
++ #733984)
++ * debian/control: Add Recommends on dirmngr for gpgsm. (Closes: #683579)
++
++ -- Eric Dorland <eric@debian.org> Sun, 08 Jun 2014 19:20:17 -0400
++
++gnupg2 (2.0.22-3) unstable; urgency=low
++
++ * debian/watch, debian/upstream-signing-key.pgp: Add upstream signing
++ key for uscan verification.
++ * debian/kbxutil.1, debian/rules: Add better description and regenerate
++ the manpage.
++ * debian/control: Remove version on gpg-idea conflict, add missing
++ Breaks for gpgsm and convert Conflicts to Breaks for gpgv2.
++ * debian/control: Move gnupg-agent to Depends for gpgsm instead of
++ Replaces (which in turn should have been Recommends).
++ * debian/control: Standards-Version to 3.9.5.
++ * debian/copyright: Switch to a shiny DEP-5 copyright file.
++
++ -- Eric Dorland <eric@debian.org> Wed, 01 Jan 2014 22:56:56 -0500
++
++gnupg2 (2.0.22-2) unstable; urgency=low
++
++ * debian/control: Fix Build-Conflicts on newer automakes. Thanks Chris
++ Boot. (Closes: #726015)
++ * debian/control: IDEA is no longer patented, drop its metion from the
++ description. Thanks brian m. carlson. (Closes: #726139)
++ * debian/rules: Disable the test suite on mips and mipsel to work around
++ Bug:#730846.
++
++ -- Eric Dorland <eric@debian.org> Sat, 30 Nov 2013 23:47:56 -0500
++
++gnupg2 (2.0.22-1) unstable; urgency=low
++
++ * New upstream version. Fixes CVE-2013-4402 and CVE-2013-4351. (Closes:
++ #725433, #722724)
++ * debian/gnupg2.install: Install gnupg-card-architecture.png for the
++ info file.
++
++ -- Eric Dorland <eric@debian.org> Sat, 05 Oct 2013 17:45:28 -0400
++
++gnupg2 (2.0.21-2) unstable; urgency=low
++
++ * debian/rules, debian/gnupg2.install: Switch libexecdir to
++ /usr/lib/gnupg2 to install helper binaries to a non-multiarch specific
++ location. (Closes: #717303)
++ * debian/control, debian/gpgv2.install: Split out gpgv2 into its own
++ package.
++ * debian/control, debian/gnupg2.install, debian/kbxutil.1: Add rule and
++ manpage for kbxutil using help2man. (Closes: #323494)
++ * debian/patches/02-gpgv2-dont-link-libassuan.diff: Don't link gpgv2
++ against libassuan as it's not used.
++ * debian/rules: Install changelog for gpgv2.
++
++ -- Eric Dorland <eric@debian.org> Sun, 01 Sep 2013 00:42:16 -0400
++
++gnupg2 (2.0.21-1) unstable; urgency=low
++
++ * New upstream release. (Closes: #613465, #720369)
++ * debian/patches/01-gnupg2-rename.diff: Refresh patch.
++ * debian/control: Fix Vcs-Git path.
++ * debian/control: Now depends on libgpg-error >= 1.11.
++ * debian/control: Build-Depends on automake1.11 since the test suite
++ fails on newer versions. (Closes: #713287)
++ * debian/control: Also need a Build-Conflicts on automake (<= 1.12).
++
++ -- Eric Dorland <eric@debian.org> Sat, 24 Aug 2013 20:33:19 -0400
++
++gnupg2 (2.0.20-1) unstable; urgency=low
++
++ * New upstream release. (Closes: #691237, #583893)
++ * debian/patches/02-cve-2012-6085.diff: Remove, merged upstream.
++ * debian/control: Upgrade Standards-Version to 3.9.4.
++ * debian/compat, debian/control: Upgrade to debhelper v9.
++ * debian/control, debian/rules: Drop hardening-wrapper, now that we use
++ debhelper v9.
++ * debian/scdaemon.install: scdaemon has moved under $libexecdir.
++ * debian/control: Tighten dependency on scdaemon.
++ * debian/rules: Turn on all hardening options.
++ * debian/patches/01-gnupg2-rename.diff: Refresh patch.
++ * debian/gnupg-agent.install, debian/gnupg2.install,
++ debian/scdaemon.install: Fix /usr/lib paths for multi-arch.
++ * debian/rules: Pass ${pkglibdir} to --libexecdir since dh v9 passes
++ ${libdir} by default.
++
++ -- Eric Dorland <eric@debian.org> Sat, 11 May 2013 18:28:57 -0400
++
++gnupg2 (2.0.19-2) unstable; urgency=high
++
++ * debian/patches/02-cve-2012-6085.diff: Patch from upstream to fix
++ CVE-2012-6085, "gnupg key import memory corruption". (Closes: #697251)
++ * debian/control: Use canonical addresses for VCS.
++ * debian/control: Fix scdaemon short description.
++
++ -- Eric Dorland <eric@debian.org> Fri, 04 Jan 2013 00:56:52 -0500
++
++gnupg2 (2.0.19-1) unstable; urgency=low
++
++ * New upstream release. (Closes: #666092)
++ * debian/control: Add Multi-Arch: foreign to all packages.
++ * debian/rules: Update ChangeLog locations.
++
++ -- Eric Dorland <eric@debian.org> Sat, 31 Mar 2012 01:06:02 -0400
++
++gnupg2 (2.0.18-2) unstable; urgency=low
++
++ * debian/control, debian/gpgsm.install, debian/scdaemon.install: Add a
++ separate package for the scdaemon. (Closes: #416129)
++ * debian/control, debian/gpgsm.install, debian/gnupg2.install,
++ gnupg-agent.install: Move gpg-preset-passphrase and gpg-protect-tool
++ into the gnupg-agent.
++ * debian/control: Upgrade Standards-Version to 3.9.2.
++ * debian/rules: Install ChangeLog for new scdaemon package.
++
++ -- Eric Dorland <eric@debian.org> Sat, 15 Oct 2011 20:21:35 -0400
++
++gnupg2 (2.0.18-1) unstable; urgency=low
++
++ * New upstream release. (Closes: #635206)
++ * debian/copyright: Update ftp location. (Closes: #624404)
++ * debian/patches/01-gnupg2-rename.diff: Refresh patch.
++
++ -- Eric Dorland <eric@debian.org> Tue, 30 Aug 2011 03:43:20 -0400
++
++gnupg2 (2.0.17-3) unstable; urgency=low
++
++ * debian/rules: Convert the rules file to use the lovely dh format.
++ * debian/gnupg2.dirs, debian/gnupg-agent.dirs, debian/gpgsm.dirs: Remove
++ unless dirs files.
++ * debian/gnupg-agent.lintian-overrides, debian/gnupg2.lintian-overrides,
++ debian/gpgsm.lintian-overrides: Remove unneeded lintian-overrides files.
++
++ -- Eric Dorland <eric@debian.org> Mon, 14 Feb 2011 03:17:39 -0500
++
++gnupg2 (2.0.17-2) unstable; urgency=low
++
++ * debian/control: Add dependency on dpkg (>= 1.15.4) | install-info for
++ info install trigger.
++ * debian/control, debian/rules: Use debian build hardening.
++
++ -- Eric Dorland <eric@debian.org> Sun, 13 Feb 2011 16:33:17 -0500
++
++gnupg2 (2.0.17-1) unstable; urgency=low
++
++ * New upstream release. (Closes: #584316, #603985, #603983, #603984)
++ * debian/patches/02-encode-s2k.diff,
++ debian/patches/03-gpgsm-realloc.diff, debian/patches/series: Drop now
++ unneeded security patches.
++ * debian/rules, debian/patches/01-gnupg2-rename.diff,
++ debian/gnupg2.info, debian/gnupg2.install: No need to rename the info
++ file anymore.
++ * debian/patches/01-gnupg2-rename.diff: Rename the autoconf package for
++ better renaming of pkg directories. (Closes: #579006)
++ * debian/control, debian/compat: Upgrade to debhelper level 8.
++ * debian/control:
++ - Upgrade Standards-Version to 3.9.1.
++ - Update Build-Depends versions for the latest release.
++ * debian/gnupg2.install: Add the applygnupgdefaults command. (Closes:
++ #567537)
++ * debian/gnupg2.docs: doc/faq.html no longer exists.
++
++ -- Eric Dorland <eric@debian.org> Sun, 13 Feb 2011 16:06:41 -0500
++
++gnupg2 (2.0.14-2) unstable; urgency=low
++
++ * debian/*.lintian, debian/*.lintian-overrides, debian/rules: Rename
++ lintian files and use dh_lintian instead of shell snippets.
++ * debian/source/patch-header, debian/source/options: Delete patch header
++ and remove single-debian-patch option.
++ * debian/patches/01-gnupg2-rename.diff: Move patch to do the necessary
++ renaming of gnupg -> gnupg2 in a quilt patch.
++ * debian/patches/02-encode-s2k.diff: Added patch to fix passphrase
++ problem in gpgsm. Thanks Martijn van Brummelen for the NMU to fix this
++ problem in 2.0.14-1.1.
++ * debian/patches/03-gpgsm-realloc.diff: Fix for "Realloc Bug with X.509
++ certificates" for gpgsm. (Closes: #590122)
++ * debian/rules, debian/control: Use dh-autoreconf and autopoint to
++ regenerate autotools files at build time.
++
++ -- Eric Dorland <eric@debian.org> Sun, 25 Jul 2010 02:16:42 -0400
++
++gnupg2 (2.0.14-1) unstable; urgency=low
++
++ * New upstream release.
++ * debian/control: Build depend on libreadline-dev instead of
++ libreadline5-dev, since libreadline6-dev is out. (Closes: #548922)
++ * debian/source/format, debian/source/options,
++ debian/source/patch-header: Convert to v3 quilt format, with
++ single-debian-patch.
++ * debian/control: Tighten dependency on gnupg-agent. (Closes: #551792)
++
++ -- Eric Dorland <eric@debian.org> Sat, 09 Jan 2010 21:15:18 -0500
++
++gnupg2 (2.0.13-1) unstable; urgency=low
++
++ * New upstream release.
++ * debian/control: Depend instead of Recommend gnupg-agent. (Closes:
++ #538947)
++
++ -- Eric Dorland <eric@debian.org> Mon, 07 Sep 2009 20:38:23 -0400
++
++gnupg2 (2.0.12-1) unstable; urgency=low
++
++ * New upstream release. (Closes: #499569, #463270, #446494, #314068,
++ #519375, #514587)
++ * debian/control: Change build dependency on gs to ghoscript, since
++ ghoscript has been replaced.
++ * debian/compat: Use debhelper v7.
++ * debian/control: Update Standards-Version to 3.8.2.
++ * debian/control: Use ${misc:Depends}.
++ * configure.ac: Override pkgdatadir so that it points to
++ /usr/share/gnupg2. (Closes: #528734)
++ * debian/rules: No longer need to specify pkgdatadir at make install
++ time.
++
++ -- Eric Dorland <eric@debian.org> Sun, 23 Aug 2009 20:48:11 -0400
++
++gnupg2 (2.0.11-1) unstable; urgency=low
++
++ * New upstream release. (Closes: #496663)
++ * debian/control: Make the description a little more distinctive than
++ gnupg v1's. Thanks Jari Aalto. (Closes: #496323)
++
++ -- Eric Dorland <eric@debian.org> Sun, 08 Mar 2009 22:46:47 -0400
++
++gnupg2 (2.0.9-3) unstable; urgency=medium
++
++ * Urgency medium to try to beat the release.
++ * tools/gpgkey2ssh.c: Patch from Daniel Kahn Gillmor to fix broken ssh
++ key generation. (Closes: #473841)
++
++ -- Eric Dorland <eric@debian.org> Mon, 21 Jul 2008 03:48:11 -0400
++
++gnupg2 (2.0.9-2) unstable; urgency=low
++
++ * The "I've neglected you too long" release.
++
++ * debian/control:
++ - Add recommends on gnupg-agent for gpgsm and gnupg2, since they need
++ it under most circumstances. (Closes: #459462, #477691)
++ - Depend on pinentry instead of recommend, and move pinentry-gtk2 to the
++ front of the alternatives list. (Closes: #462951)
++ * keyserver/gpgkeys_curl.c, keyserver/gpgkeys_hkp.c: Fix FTBFS with gcc
++ 4.3 strictness on bitfields combined with curl. (Closes: #476999)
++
++ -- Eric Dorland <eric@debian.org> Mon, 28 Apr 2008 03:22:20 -0400
++
++gnupg2 (2.0.9-1) unstable; urgency=low
++
++ * New upstream release. Fixes CVE-2008-1530, Key import memory corruption.
++ (Closes: #472928)
++ * debian/rules: Don't ignore status of make distclean, just check for
++ the existance of the Makefile.
++
++ -- Eric Dorland <eric@debian.org> Sat, 29 Mar 2008 03:21:21 -0400
++
++gnupg2 (2.0.8-1) unstable; urgency=low
++
++ * New upstream release. (Closes: #428635)
++ * debian/watch: Use passive ftp, ftp.gnupg.org doesn't seem happy
++ otherwise. (Closes: #456467)
++ * debian/control:
++ - Requires libassuan >= 1.0.4 now.
++ - Remove the XS- prefix from the Vcs-* headers.
++ - Add Homepage header.
++ - Upgrade Standards-Version to 3.7.3.0.
++ - Make gnupg2 optional rather than extra.
++ - Remove unnecessary conflict on suidmanager.
++
++ -- Eric Dorland <eric@debian.org> Sat, 22 Dec 2007 02:06:42 -0500
++
++gnupg2 (2.0.7-1) unstable; urgency=low
++
++ * New upstream release.
++ * debian/rules:
++ - Remove unnecessary deletion of the .gmo files. (Closes: #442583)
++ - Clean out some old comments
++ * gnupg-agent.xsession: Remove the quotes around --write-env-file
++ argument. Not ideal, but fine for now. Thanks Luis Rodrigo Gallardo
++ Cruz. (Closes: #443580)
++
++ -- Eric Dorland <eric@debian.org> Sun, 30 Sep 2007 02:50:40 -0400
++
++gnupg2 (2.0.6-1) unstable; urgency=low
++
++ * New upstream release. (Closes: #437289)
++ * debian/gnupg-agent.xsession: Run the Xsession under the gpg-agent, so
++ it exits properly when the session dies. (Closes: #401843)
++ * debian/control: Add XS-Vcs headers for its new git home.
++
++ -- Eric Dorland <eric@debian.org> Mon, 03 Sep 2007 23:29:11 -0400
++
++gnupg2 (2.0.5-2) unstable; urgency=low
++
++ * The "Ubuntu, I would have done it had you only asked" release.
++
++ * debian/copyright: Fix download location. Thanks Ubuntu.
++ * debian/README.Debian: Remove, doesn't contain any relevant info.
++ * debian/rules:
++ - Build with --sysconfdir=/etc, thanks Bernhard Herzog. (Closes: #434790)
++ - Run dh_installexamples.
++ - Don't list the docs to install in here.
++ * debian/gnupg2.examples: New file, install gpgconf.conf as an example
++ into /usr/share/doc. Hope this is a good compromise Bernhard. (Closes:
++ #434878)
++ * debian/control:
++ - Remove opensc and pcsc-lite build dependencies, they're not used anymore.
++ - Add libcurl4-gnutls-dev build dep, to use the real curl.
++ * g10/call-agent.c: set DBG_ASSUAN to 0 to suppress a debug
++ message. Thanks Ubuntu.
++ * debian/gnupg2.docs, debian/gpgsm.docs: Move installed docs in here,
++ add some new docs. Thanks Ubuntu.
++ * debian/rules, debian/gnupg-agent.install: Build symcryptrun and install it
++ in the gnupg-agent package. Thanks Bernhard Herzog. (Closes: #434787)
++ * debian/rules, debian/control: Only recommend libldap, don't depend on
++ it.Thanks Riku. (Closes: #435138)
++
++ -- Eric Dorland <eric@debian.org> Thu, 16 Aug 2007 22:24:16 -0400
++
++gnupg2 (2.0.5-1) unstable; urgency=low
++
++ * New upstream release.
++ * debian/watch: Add watch file.
++ * debian/control:
++ - Require libassuan 1.0.2 or greater.
++ - Require libksba 1.0.2 or greater.
++ - Don't recommend plain gpg anymore.
++ * debian/copyright: Update copyright text for GPL v3 relicensing.
++ * docs/scdaemon.texi: Remove old --print-atr documentation. Thanks
++ Ludovic Rousseau. (Closes: #404128)
++
++ -- Eric Dorland <eric@debian.org> Sun, 22 Jul 2007 16:03:32 -0400
++
++gnupg2 (2.0.4-1) unstable; urgency=low
++
++ * New upstream release.
++
++ -- Eric Dorland <eric@debian.org> Fri, 11 May 2007 00:41:01 -0400
++
++gnupg2 (2.0.3-1) unstable; urgency=high
++
++ * New upstream release.
++ - Fixes multoiple messages problem aka CVE-2007-1263.
++
++ -- Eric Dorland <eric@debian.org> Fri, 9 Mar 2007 03:28:53 -0500
++
++gnupg2 (2.0.2-1) unstable; urgency=high
++
++ * New upstream release. (Closes: #409559)
++ * Thanks Andreas Barth for NMUs. (Closes: #400777, #401895, #401913)
++ * debian/gpgsm.install: pcsc-wrapper renamed to gnupg-pcsc-wrapper.
++
++ -- Eric Dorland <eric@debian.org> Mon, 19 Feb 2007 20:34:52 -0500
++
++gnupg2 (2.0.0-5) unstable; urgency=high
++
++ * debian/control: Remove unnecessary dependencies on makedev and
++ udev. Thanks Marco d'Itri.
++ * doc/gnupg.texi, debian/gnupg2.info, debian/rules: Set the output file
++ to gnupg2.info, and use that for the index. (Closes: #398493)
++
++ -- Eric Dorland <eric@debian.org> Fri, 24 Nov 2006 02:23:35 -0500
++
++gnupg2 (2.0.0-4) unstable; urgency=medium
++
++ * debian/control: Update forgotten replaces for pcsc-wrapper move.
++
++ -- Eric Dorland <eric@debian.org> Mon, 20 Nov 2006 23:02:25 -0500
++
++gnupg2 (2.0.0-3) unstable; urgency=medium
++
++ * debian/control: Remove warning about development, thanks Gonzalo
++ HIGUERA DIAZ. (Closes: #399551)
++
++ -- Eric Dorland <eric@debian.org> Mon, 20 Nov 2006 14:32:33 -0500
++
++gnupg2 (2.0.0-2) unstable; urgency=medium
++
++ * All packaging fixes, so urgency medium to beat the freeze.
++ * debian/distfiles, debian/lintian.override, debian/point-to-info.1:
++ Remove unused files.
++ * debian/gnupg2.info, debian/rules, gnupg2.files: Install all the info
++ files properly. (Closes: #398493)
++ * debian/rules:
++ - Remove some unnecessary autotools build rules.
++ - Move some of make install targets more correctly to the
++ configure line.
++ * debian/*.files, debian/rules: Rename *.files to .install and use
++ dh_install nstead of dh_movefiles.
++ * debian/gnupg-agent.xsession: Account for spaces in the configuration
++ file, thanks Artem Zolochevskiy. (Closes: #352326)
++ * debian/control:
++ - Adjust build-dependency versions slightly to match what the
++ configure scipt requires.
++ - Update Standards-Version to 3.7.2.2.
++ * debian/gpgsm.install, debian/gnupg2.install: Install the pcsc-wrapper
++ in gpgsm. (Closes: #353232)
++ * debian/gpgsm.install, debian/rules: Install gpg-protect-tool into
++ /usr/libb/gnupg2.
++
++ -- Eric Dorland <eric@debian.org> Sun, 19 Nov 2006 18:03:39 -0500
++
++gnupg2 (2.0.0-1) unstable; urgency=medium
++
++ * New upstream release. (Closes: #398215)
++ * common/estream.c: #define PTH_SYSCALL_SOFT 0 as suggested by Daniel Hess.
++
++ -- Eric Dorland <eric@debian.org> Sun, 12 Nov 2006 23:52:59 -0500
++
++gnupg2 (1.9.94-1) unstable; urgency=low
++
++ * New upstream release.
++
++ -- Eric Dorland <eric@debian.org> Thu, 2 Nov 2006 16:06:30 -0500
++
++gnupg2 (1.9.93-1) unstable; urgency=medium
++
++ * New upstream release. Urgency medium to try to beat the freeze. Thanks
++ to Andreas Metzler for getting this package into shape.
++
++ -- Eric Dorland <eric@debian.org> Wed, 25 Oct 2006 00:41:15 -0400
++
++gnupg2 (1.9.91-0.1) unstable; urgency=low
++
++ * New upstream version, built against clean upstream tarball.
++ (Closes: #378489,#388257)
++ * bump Build-Depends:
++ - libgpg-error-dev 0.6 -> 1.4
++ - libassuan-dev 0.6.10 -> 0.9.1
++ - libksba-dev 0.9.13 -> 1.0.0 (closes: #368552)
++ * Add libreadline5-dev to Build-Depends.
++ * Pass proper --build and --host args to ./configure.
++ * configure with --mandir='$${prefix}/share/man'.
++ * Add $(LIBINTL) to gpgsplit_LDADD in tools/Makefile.am.
++ * New upstream includes a lot more manpages, ship them.
++ (Closes: #300129,#300677)
++ gpg-agent(1) documents ~/gpg-agent.conf. (Closes: #300676)
++ * Update debian/copyright.
++ * Drop gnupg2.postinst gnupg2.postrm postinst postrm. They all only consited
++ of calls to suidregister for /usr/bin/gpg" or "chmod 4755 /usr/bin/gpg".
++ suidregister has been obsolete for a long time and /usr/bin/gpg is not
++ part of these packages. - If /usr/bin/gpg(v)2 was supposed to be installed
++ suid it should be shipped with these permissions in the deb instead
++ using chmod in postinst anyway.
++ * Drop preinst (ending up as gnupg-agent's preinst), which only showed
++ a warning on upgrades from <<0.3.2-1. - There never was a gnupg-agent
++ 0.3.2-1.
++ * Add (noop) binary-indep target as required by policy 4.9.
++
++ -- Andreas Metzler <ametzler@debian.org> Sun, 8 Oct 2006 07:51:44 +0000
++
++gnupg2 (1.9.20-2) unstable; urgency=high
++
++ * debian/control: Make myself the maintainer with Matthias' permission.
++ * Acknowledge NMU. (Closes: #375053, #376755)
++ * g10/parse-packet.c: Patch from Martin Schulze to backport security fix
++ for CVE-2006-3746, crash when receiving overly long comments.
++
++ -- Eric Dorland <eric@debian.org> Fri, 4 Aug 2006 18:11:43 -0400
++
++gnupg2 (1.9.20-1.1) unstable; urgency=high
++
++ * Non-maintainer upload.
++ * Adapt patch from upstream CVS, fixing buffer overflow leading to remote
++ DoS/crash (CVE-2006-3082). (Closes: #375053)
++
++ -- Steinar H. Gunderson <sesse@debian.org> Tue, 4 Jul 2006 20:37:43 +0200
++
++gnupg2 (1.9.20-1) unstable; urgency=low
++
++ * New Upstream version. Closes:#306890,#344530
++ * Closes:#320490: gpg-protect-tool fails to decrypt PKCS-12 files
++ * Depend on libopensc2-dev, not -1-. Closes:#348106
++
++ -- Matthias Urlichs <smurf@debian.org> Tue, 24 Jan 2006 04:31:42 +0100
++
++gnupg2 (1.9.19-2) unstable; urgency=low
++
++ * Convert debian/changelog to UTF-8.
++ * Put gnupg-agent and gpgsm lintian overrides in the respectively
++ right package. Closes: #335066
++ * Added debhelper tokens to maintainer scripts.
++ * xsession fixes:
++ o Added host name to gpg-agent PID file name. Closes: #312717
++ o Fixed xsession script to be able to run under zsh. Closes: #308516
++ o Don't run gpg-agent if one is already running. Closes: #336480
++ * debian/control:
++ o Fixed package description of gpgsm package. Closes: #299842
++ o Added mention of gpg-agent to description of gnupg-agent package.
++ Closes: #304355
++ * Thanks to Peter Eisentraut <petere@debian.org> for all of the above.
++
++ -- Matthias Urlichs <smurf@debian.org> Thu, 8 Dec 2005 22:13:21 +0100
++
++gnupg2 (1.9.19-1) unstable; urgency=low
++
++ * Merged with 1.9.19.
++ * Re-enable gpgv2 package.
++
++ -- Matthias Urlichs <smurf@debian.org> Sat, 22 Oct 2005 14:33:33 +0200
++
++gnupg2 (1.9.17-1) unstable; urgency=low
++
++ * Merged with Upstream 1.9.17.
++
++ -- Matthias Urlichs <smurf@debian.org> Mon, 4 Jul 2005 01:56:43 +0200
++
++gnupg2 (1.9.15-6) unstable; urgency=high
++
++ * Move gpg-protect-tool to the gpgsm package.
++ Closes: #303492.
++ High urgency because this renders gpgsm unuseable for some people.
++ * gpg-agent: Override max-cache-ttl if a higher default is set.
++ Closes: #302692.
++
++ -- Matthias Urlichs <smurf@debian.org> Thu, 7 Apr 2005 10:13:19 +0200
++
++gnupg2 (1.9.15-5) unstable; urgency=low
++
++ * Add /etc/X11/Xsession.d/90gpg-agent script. Closes: #300128.
++ * Emphasize that gnupg2 is NOT useful at the moment.
++ * Conflict+replace gpg-agent with newpg.
++
++ -- Matthias Urlichs <smurf@debian.org> Thu, 10 Mar 2005 22:46:10 +0100
++
++gnupg2 (1.9.15-4) unstable; urgency=low
++
++ * Incorporated Ubuntu changes from Andreas Mueller.
++
++ -- Matthias Urlichs <smurf@debian.org> Thu, 10 Mar 2005 21:41:59 +0100
++
++gnupg2 (1.9.15-3ubuntu3) hoary; urgency=low
++
++ * removed info file
++
++ -- Andreas Mueller <amu@ubuntu.com> Tue, 8 Mar 2005 01:58:39 +0100
++
++gnupg2 (1.9.15-3ubuntu2) hoary; urgency=low
++
++ * changed rules file, part cp gnupg.info to mv
++ and added dh_installinfo.
++ * changed Standards Version to 3.6.1
++
++ -- Andreas Mueller <amu@ubuntu.com> Tue, 8 Mar 2005 00:53:31 +0100
++
++gnupg2 (1.9.15-3ubuntu1) hoary; urgency=low
++
++ * added missing build depends texinfo
++
++ -- Andreas Mueller <amu@ubuntu.com> Mon, 7 Mar 2005 22:47:56 +0100
++
++gnupg2 (1.9.15-2) hoary; urgency=low
++
++ * Initial checkin
++
++ -- Andreas Mueller <amu@ubuntu.com> Mon, 7 Mar 2005 21:13:32 +0100
++
++gnupg2 (1.9.15-1) experimental; urgency=low
++
++ * New Upstream release.
++ * Removed -doc package:
++ - The package itself is too smal to merit being packaged separately.
++ - Interim solution: Documentation is included in the gnupg2 package.
++ - Goal: ask Upstream to split the .info file.
++ * Removed suidness.
++ * Update debian/copyright.
++ * Require libassuan >= 0.6.9.
++
++ -- Matthias Urlichs <smurf@debian.org> Tue, 25 Jan 2005 08:19:15 +0100
++
++gnupg2 (1.9.11+cvs20040924-5) experimental; urgency=low
++
++ * Rebuild to depend on opensc1.
++ * Split -doc into its own package.
++
++ -- Matthias Urlichs <smurf@debian.org> Thu, 16 Dec 2004 10:30:44 +0100
++
++gnupg2 (1.9.11+cvs20040924-4) experimental; urgency=low
++
++ * Turn on setuid-ness.
++ - Added Lintian overrides.
++ * Install all "standard" message files.
++ - Makefile.in: The package name for gettext is in the macro PACKAGE_GT,
++ not PACKAGE.
++ * Fix shebang line of addgnupghome script.
++ * Install info file in the correct place.
++ * Build cleanups.
++
++ -- Matthias Urlichs <smurf@debian.org> Tue, 5 Oct 2004 10:59:56 +0200
++
++gnupg2 (1.9.11+cvs20040924-3) experimental; urgency=low
++
++ * rename gnupg-agent's changelog file
++ * Fix gnupg-agent's dependencies
++
++ -- Matthias Urlichs <smurf@debian.org> Sun, 3 Oct 2004 20:14:30 +0200
++
++gnupg2 (1.9.11+cvs20040924-2) experimental; urgency=low
++
++ * Shipped a /usr/share/locale.alias file. Ouch.
++ * Split off gpgsm.
++
++ -- Matthias Urlichs <smurf@debian.org> Wed, 29 Sep 2004 10:25:51 +0200
++
++gnupg2 (1.9.11+cvs20040924-1) experimental; urgency=low
++
++ * New Upstream.
++
++ -- Matthias Urlichs <smurf@debian.org> Sat, 25 Sep 2004 11:05:44 +0200
++
++gnupg2 (1.9.10+cvs-1) experimental; urgency=low
++
++ * Packaged latest Upstream version.
++ * Split gpg-agent into its own .deb.
++ * Bit the bullet and started using debhelper.
++
++ -- Matthias Urlichs <smurf@debian.org> Thu, 19 Aug 2004 11:43:34 +0200
++
++gnupg2 (1.9.9-1) experimental; urgency=low
++
++ * Packaged latest Upstream version.
++
++ -- Matthias Urlichs <smurf@debian.org> Mon, 14 Jun 2004 17:18:18 +0200
++
++gnupg2 (1.9.5-1) experimental; urgency=low
++
++ * Packaged Upstream development version.
++ Closes:#187548
++
++ -- Matthias Urlichs <smurf@debian.org> Mon, 8 Mar 2004 05:30:35 +0100
++
++gnupg (1.2.4-4) unstable; urgency=low
++
++ * 12_zero_length_header.dpatch: update patch from David Shaw
++ <dshaw@jabberwocky.com> to fix the fix of crashing on certain
++ keys. Closes: #234289
++
++ -- James Troup <james@nocrew.org> Mon, 23 Feb 2004 18:02:20 +0000
++
++gnupg (1.2.4-3) unstable; urgency=low
++
++ * Move to dpatch; existing non-debian/ change split into
++ 10_hppa_unaligned_constant.dpatch.
++
++ * debian/rules: include /usr/share/dpatch/dpatch.make.
++ * debian/rules (build): depend on patch-stamp.
++ * debian/rules (clean): depend on unpatch. Remove debian/patched.
++ * debian/control (Build-Depends): add dpatch.
++
++ * debian/rules: update version number and use install_foo convenience
++ variables.
++ * debian/rules (clean): remove emacs backup files from any directory.
++
++ * 11_fi_po_update.dpatch: new patch from Tommi Vainikainen
++ <thv+debian@iki.fi> to update Finnish translation as the current one
++ renders gnupg unusable. Closes: #232030, #222951, #192582
++ * debian/rules (clean): remove po/fi.gmo to avoid dpkg-source errors
++ over unrepresentable changes to source.
++
++ * 12_zero_length_header.dpatch: new patch from David Shaw
++ <dshaw@jabberwocky.com> to fix cases where importing certain keys
++ makes the keyring unuseable. Closes: #232714
++
++ * 13_revoked_keys.dpatch: new patch from David Shaw
++ <dshaw@jabberwocky.com> to list revoked keys as revoked. Closes: #231814
++
++ * 14_getkey_not_found_fix.dpatch: new patch from David Shaw
++ <dshaw@jabberwocky.com> to fix --list-sigs incorrectly claiming "User
++ id not found". Closes: #229549
++
++ -- James Troup <james@nocrew.org> Fri, 20 Feb 2004 16:38:12 +0000
++
++gnupg (1.2.4-2) unstable; urgency=low
++
++ * mpi/hppa1.1/udiv-qrnnd.S: patch from LaMont Jones <lamont@debian.org>
++ to fix unaligned constant. Closes: #228456
++ * debian/copyright: update year and version number.
++
++ -- James Troup <james@nocrew.org> Tue, 20 Jan 2004 17:19:58 +0000
++
++gnupg (1.2.4-1) unstable; urgency=medium
++
++ * New upstream release.
++ * Most support for ElGamal Sign+Encrypt keys has been removed. Closes: #222293
++ * No longer miss-identifies GNU/KFreeBSD as GNU/Hurd. Closes: #216957
++ * Fixes build error on GNU/KFreeBSD (and Glibc-based GNU/KNetBSD). Closes: #221079
++ * Fixes segmentation fault in prime generator. Closes: #213989
++ * Fixes trustdb not updating without ultimately trusted keys. Closes: #222368
++
++ * debian/control (Build-Depends): add libbz2-dev.
++
++ -- James Troup <james@nocrew.org> Wed, 31 Dec 2003 17:57:52 +0000
++
++gnupg (1.2.3-1) unstable; urgency=low
++
++ * New upstream release (Closes: #207340).
++ * gpg no longer kills keyrings by importing broken keys. Closes: #196505
++ * options.skel uses subkeys.pgp.net instead of pgp.mit.edu. Closes: #206092
++ * --import now closes files when it's done. Closes: #196643
++ * A key listing speed regression has been fixed. Closes: #192083
++ * debian/copyright: update URL and date.
++ * debian/rules: update dates and version.
++
++ * debian/control (Standards-Version): bump to 3.6.0.
++
++ * debian/Upgrading_From_PGP.txt: new file from to Richard Braakman
++ <dark@xs4all.nl>. Closes: #173233
++ * debian/rules (binary-arch): install it.
++
++ * debian/rules (build): correct libexecdir passed to configure; patch
++ from Matthias Cramer <cramer@freestone.net>. Fixes invocation of
++ gpgkeys_ldap. Closes: #168486
++
++ -- James Troup <james@nocrew.org> Thu, 28 Aug 2003 14:08:50 +0100
++
++gnupg (1.2.2-1) unstable; urgency=low
++
++ * New upstream release.
++ * debian/control (Standards-Version): bump to 3.5.9.0.
++ * debian/rules (binary-arch): install convert-from-106 as
++ gpg-convert-from-106 and fix the path to gpg.
++ * debian/control: remove trailing full stop from short description.
++ * debian/control: remove out-dated and contradictory information about
++ RSA.
++
++ -- James Troup <james@nocrew.org> Mon, 5 May 2003 03:08:58 +0100
++
++gnupg (1.2.1-2) unstable; urgency=low
++
++ * Update config.guess (to 2002-10-21) and config.sub (to 2002-09-05).
++ Thanks to Ryan Murray. Closes: #166696
++
++ -- James Troup <james@nocrew.org> Mon, 28 Oct 2002 01:47:26 +0000
++
++gnupg (1.2.1-1) unstable; urgency=low
++
++ * New upstream version.
++ * An inifinte loop in --update-trustdb has been fixed. Closes: #162039
++ * The polish translation is now correctly specified as UTF-8. Closes: #162885
++ * --refresh-keys is now documented in the manpage. Closes: #165566
++ * debian/control (Conflicts): add gpg-idea <= 2.2 since gnupg >= 1.2 is
++ incompatible with that version of gpg-idea. Closes: #162314
++
++ -- James Troup <james@nocrew.org> Fri, 25 Oct 2002 18:18:43 +0100
++
++gnupg (1.2.0-1) unstable; urgency=low
++
++ * New upstream version. Closes: #161817.
++ * --options no longer mis-handles a directory as an argument. Closes: #151973
++ * gpg now prompts before sending all keys to the keyserver. Closes: #64607
++ * There is now a gnupg(7) manpage. Closes: #157750
++ * The permission checking has been sanitized and handles non-home-dir
++ keyrings better. Closes: #147760
++ * notation data longer than 5 characters is now handled. Closes: #156871
++ * an abort when setting trust levels in a czech locale has been fixed.
++ Closes: #149212
++ * debian/rules (binary-arch): there are no more modules, adjust
++ accordingly.
++ * debian/postinst, debian/prerm: remove; no longer do /usr/doc symlinks.
++ * debian/rules (binary-arch): don't install obsolete postinst or prerm.
++ * debian/rules (binary-arch): gzip gnupg.7 too.
++ * debian/rules (build): pass --libexecdir=/usr/lib/gnupg to configure.
++ * debian/rules (binary-arch): likewise, pass suitable libexcedir
++ argument to make install.
++ * debian/control (Standards-Version): update to 3.5.7.0.
++ * debian/copyright: update URL and date.
++ * debian/rules: update dates and version.
++
++ -- James Troup <james@nocrew.org> Sun, 22 Sep 2002 22:26:25 +0100
++
++gnupg (1.0.7-2) unstable; urgency=low
++
++ * debian/control (Suggests): add xloadimage since that's what gpg uses
++ by default to view photo IDs. Thanks to Julien Danjou
++ <acid@debian.org> for the suggestion. Closes: #156245
++ * debian/control (Depends): add "hurd" to the alternatives to
++ makedev. Thanks to Michal Suchanek <hramrach_l@centrum.cz> for
++ noticing. Closes: #158492
++ * po/it.po: patch to fix typos from Marco Bodrato
++ <bodrato@gulp.linux.it. Closes: #149462
++ * g10/g10.c (main): remove the bogus undef of USE_SHM_COPROCESSING to
++ match upstream and fix gabber and libgnupg-perl. Closes: #147679, #151969
++
++ -- James Troup <james@nocrew.org> Thu, 29 Aug 2002 01:42:58 +0100
++
++gnupg (1.0.7-1) unstable; urgency=low
++
++ * New upstream version. Closes: #145477.
++ * GDBM support has been removed. Closes: #33009.
++ * Now adds the default keyring when a keyring is specified.
++ Closes: #50616, #65260.
++ * Now does the Right Thing when receiving a key from the keyserver and
++ the key in question is in both a read-only and writable keyring.
++ Closes: #63297.
++ * Automatic key retrieval is now configurable. Closes: #64940.
++ * --no-options supresses ~/.gnupg creation again. Closes: #95486.
++ * duplicate trust entries are no longer treated as an error. Closes: #96480.
++ * There's now no comment line in ascii armours. Closes: #100088.
++ * Handle secret keyring given as keyring better. Closes: #100581, #106670.
++ * It's now documented that --with-colons unconditionally uses UTF8.
++ Closes: #101446, 101454.
++ * s/now/knows/ typo in manpage fixed. Closes: #107471.
++ * There's now support for a primary UID. Closes: #106567, #108155.
++ * Handles errors in uncompression layer beter. Closes: #112392.
++ * Key selection has been entirely revamped. Closes: #136170.
++ * Handles empty encrypt-to. Closes: #138378
++
++ * debian/rules (binary-arch): remove empty /usr/info directory, thanks
++ to Joey Hess <joeyh@debian.org>. Closes: #121864.
++ * debian/control: remove duplicated word from long description, thanks
++ to Nicolas Boulenguez <nicolas.boulenguez@free.fr>. Closes: #144786.
++ * README: correct URL to GPH and other docs, thanks to Mark Brown
++ <broonie@sirena.org.uk>. Closes: #100277.
++ * debian/control (Standards-Version): updated to 3.5.6.1.
++ * debian/rules (binary-arch): only strip ELF binaries. es_ES -> es hack
++ no longer needed as fixed upstream.
++ * debian/control (Build-Depends): remove libgdbmg1-dev; no longer used.
++ * debian/README.Debian: remove note about gdbm support which was finally
++ removed. Update note on old versions of gnupg to reflect the
++ pre-historic nature of those versions.
++ * debian/control (Build-Depends): add libldap2-dev.
++ * debian/rules (binary-arch): call dpkg-shlibdeps for all ELF binaries.
++ * debian/control (Build-Depends): add file.
++ * debian/control (Priority): increase to standard to match overrides.
++
++ -- James Troup <james@nocrew.org> Sat, 11 May 2002 15:08:02 +0100
++
++gnupg (1.0.6-3) unstable; urgency=low
++
++ * moved into main.
++
++ -- James Troup <james@nocrew.org> Tue, 19 Mar 2002 16:17:09 +0000
++
++gnupg (1.0.6-2) unstable; urgency=high
++
++ * debian/rules (binary-arch): remove the erroneous
++ /usr/share/locale/locale.alias that 'make install' adds; closes:
++ #99293.
++
++ -- James Troup <james@nocrew.org> Wed, 30 May 2001 20:40:59 +0100
++
++gnupg (1.0.6-1) unstable; urgency=low
++
++ * New upstream version.
++
++ -- James Troup <james@nocrew.org> Tue, 29 May 2001 20:59:49 +0100
++
++gnupg (1.0.5-4) unstable; urgency=low
++
++ * Patch from Werner.
++
++ -- James Troup <james@nocrew.org> Sun, 27 May 2001 09:34:50 +0100
++
++gnupg (1.0.5-3) unstable; urgency=low
++
++ * Apply patch from Matthew Wilcox <matthew@wil.cx> to fix assembly on
++ hppa.
++
++ -- James Troup <james@nocrew.org> Sun, 13 May 2001 02:36:45 +0100
++
++gnupg (1.0.5-2) unstable; urgency=medium
++
++ * util/http.c: patch from Werner that fixes --send-key, closes: #96277.
++ * debian/control (Depends): accept devfsd in place of makedev, closes:
++ #96307.
++
++ -- James Troup <james@nocrew.org> Mon, 7 May 2001 00:13:51 +0100
++
++gnupg (1.0.5-1) unstable; urgency=low
++
++ * New upstream version.
++ * debian/README.Debian: fix spelling and update URL.
++ * debian/rules (binary): remove the new info files.
++ * scripts/config.{guess,sub}: sync with subversions, closes: #95729.
++
++ -- James Troup <james@nocrew.org> Mon, 30 Apr 2001 02:12:38 +0100
++
++gnupg (1.0.4-4) unstable; urgency=low
++
++ * po/ru.po: patch by Ilya Martynov <m_ilya@agava.com> to replace German
++ entries and add missing translations, closes: #93987.
++ * g10/revoke.c (ask_revocation_reason): typo fix (s/non longer/no
++ longer/g); noticed by Colin Watson <cjw44@flatline.org.uk>, closes:
++ #93664.
++
++ * Deprecated depreciated; noticed by Vincent Broman
++ <broman@spawar.navy.mil>.
++
++ * Following two patches are from Vincent Broman.
++ * g10/mainproc.c (proc_tree): use iobuf_get_real_fname() in preference
++ to iobuf_get_fname().
++ * g10/openfile.c (open_sigfile): handle .sign prefixed files correctly.
++
++ -- James Troup <james@nocrew.org> Fri, 20 Apr 2001 23:32:44 +0100
++
++gnupg (1.0.4-3) unstable; urgency=medium
++
++ * debian/rules (binary): make gpg binary suid, closes: #86433.
++ * debian/postinst: don't use suidregister.
++ * debian/postrm: removed (only called suidunregister).
++ * debian/control: conflict with suidmanager << 0.50.
++ * mpi/longlong.h: apply fix for ARM long long artimetic from Philip
++ Blundell <philb@gnu.org>, closes: #87487.
++ * debian/preinst: the old GnuPG debs have moved to people.debian.org.
++ * cipher/random.c: #include <time.h> as well as <sys/time.h>
++ * g10/misc.c: likewise.
++ * debian/rules: define a strip alias which removes the .comment and
++ .note sections.
++ * debian/rules (binary-arch): use it.
++ * debian/lintian.override: new file; override the SUID warning from
++ lintian.
++ * debian/rules (binary-arch): install it.
++
++ -- James Troup <james@nocrew.org> Sun, 25 Feb 2001 05:24:58 +0000
++
++gnupg (1.0.4-2) stable unstable; urgency=high
++
++ * Apply security fix patch from Werner.
++ * Apply another patch from Werner to fix bogus warning on Rijndael
++ usage.
++ * Change section to 'non-US'.
++
++ -- James Troup <james@nocrew.org> Mon, 12 Feb 2001 07:47:02 +0000
++
++gnupg (1.0.4-1) stable unstable; urgency=high
++
++ * New upstream version.
++ * Fixes a serious bug which could lead to false signature verification
++ results when more than one signature is fed to gpg.
++
++ -- James Troup <james@nocrew.org> Tue, 17 Oct 2000 17:26:17 +0100
++
++gnupg (1.0.3b-1) unstable; urgency=low
++
++ * New upstream snapshot version.
++
++ -- James Troup <james@nocrew.org> Fri, 13 Oct 2000 18:08:14 +0100
++
++gnupg (1.0.3-2) unstable; urgency=low
++
++ * debian/control: Conflict, Replace and Provide gpg-rsa & gpg-rsaref.
++ Fix long description to reflect the fact that RSA is no longer
++ patented and now included. [#72177]
++ * debian/rules: move faq.html to /usr/share/doc/gnupg/ and remove FAQ
++ from /usr/share/gnupg/. Thanks to Robert Luberda
++ <robert@pingu.ii.uj.edu.pl> for noticing. [#72151]
++ * debian/control: Suggest new package gnupg-doc. [#64323, #65560]
++ * utils/secmem.c (lock_pool): don't bomb out if mlock() returns ENOMEM,
++ as Linux will do this if resource limits (or other reasons) prevent
++ memory from being locked, instead treat it like permission was denied
++ and warn but continue. Thanks to Topi Miettinen
++ <Topi.Miettinen@nic.fi>. [#70446]
++ * g10/hkp.c (not_implemented): s/ist/is/ in error message.
++ * debian/README.Debian: add a note about GDBM support and why it is
++ disabled. Upstream already fixed the manpage. [#65913]
++ * debian/rules (binary-arch): fix the Spanish translation to be 'es' not
++ 'es_ES' at Nicolás Lichtmaier <nick@debian.org>'s request. [#57314]
++
++ -- James Troup <james@nocrew.org> Sun, 1 Oct 2000 14:55:03 +0100
++
++gnupg (1.0.3-1) unstable; urgency=low
++
++ * New upstream version.
++
++ -- James Troup <james@nocrew.org> Mon, 18 Sep 2000 15:56:54 +0100
++
++gnupg (1.0.2-1) unstable; urgency=low
++
++ * New upstream version.
++
++ -- James Troup <james@nocrew.org> Thu, 13 Jul 2000 20:26:50 +0100
++
++gnupg (1.0.1-2) unstable; urgency=low
++
++ * debian/control (Build-Depends): added.
++ * debian/copyright: corrected location of copyright file. Removed
++ references to Linux. Removed warnings about beta nature of GnuPG.
++ * debian/rules (binary-arch): install documentation into
++ /usr/share/doc/gnupg/ and pass mandir to make install to ensure the
++ manpages go to /usr/share/man/.
++ * debian/postinst: create /usr/doc/gnupg symlink.
++ * debian/prerm: new file; remove /usr/doc/gnupg symlink.
++ * debian/rules (binary-arch): install prerm.
++ * debian/control (Standards-Version): updated to 3.1.1.1.
++
++ -- James Troup <james@nocrew.org> Thu, 30 Dec 1999 16:16:49 +0000
++
++gnupg (1.0.1-1) unstable; urgency=low
++
++ * New upstream version.
++ * doc/gpg.1: updated to something usable from
++ ftp://ftp.gnupg.org/pub/gcrypt/gnupg/gpg.1.gz.
++
++ -- James Troup <james@nocrew.org> Sun, 19 Dec 1999 23:47:10 +0000
++
++gnupg (1.0.0-3) unstable; urgency=low
++
++ * debian/rules (build): remove the stunningly ill-advised --host option
++ to configure. [#44698, #48212, #48281]
++
++ -- James Troup <james@nocrew.org> Tue, 26 Oct 1999 01:12:59 +0100
++
++gnupg (1.0.0-2) unstable; urgency=low
++
++ * debian/rules (binary-arch): fix the permissions on the
++ modules. [#47280]
++ * debian/postinst, debian/postrm: fix the package name passed to
++ suidregister. [#45013]
++ * debian/control: update long description. [#44636]
++ * debian/rules (build): pass the host explicitly to configure to avoid
++ problems on sparc64. [(Should fix) #44698].
++
++ -- James Troup <james@nocrew.org> Wed, 20 Oct 1999 23:39:05 +0100
++
++gnupg (1.0.0-1) unstable; urgency=low
++
++ * New upstream release. [#44545]
++
++ -- James Troup <james@nocrew.org> Wed, 8 Sep 1999 00:53:02 +0100
++
++gnupg (0.9.10-2) unstable; urgency=low
++
++ * debian/rules (binary-arch): install lspgpot. Requested by Kai
++ Henningsen <kai@khms.westfalen.de>. [#42288]
++ * debian/rules (binary-arch): correct the path where modules are looked
++ for. Reported by Karl M. Hegbloom <karlheg@odin.cc.pdx.edu>. [#40881]
++ * debian/postinst, debian/postrm: under protest, register gpg the
++ package with suidmanager and make it suid by default.
++ [#29780,#32590,#40391]
++
++ -- James Troup <james@nocrew.org> Tue, 10 Aug 1999 00:12:40 +0100
++
++gnupg (0.9.10-1) unstable; urgency=low
++
++ * New upstream version.
++
++ -- James Troup <james@nocrew.org> Fri, 6 Aug 1999 01:16:21 +0100
++
++gnupg (0.9.9-1) unstable; urgency=low
++
++ * New upstream version.
++
++ -- James Troup <james@nocrew.org> Sun, 25 Jul 1999 01:06:31 +0100
++
++gnupg (0.9.8-1) unstable; urgency=low
++
++ * New upstream version.
++ * debian/rules (binary-arch): don't create a gpgm manpage as the binary
++ no longer exists. Noticed by Wichert Akkerman
++ <wichert@cs.leidenuniv.nl>. [#38864]
++
++ -- James Troup <james@nocrew.org> Sun, 27 Jun 1999 01:07:58 +0100
++
++gnupg (0.9.7-1) unstable; urgency=low
++
++ * New upstream version.
++
++ -- James Troup <james@nocrew.org> Tue, 25 May 1999 13:23:24 +0100
++
++gnupg (0.9.6-1) unstable; urgency=low
++
++ * New upstream version.
++ * debian/copyright: update version number, noticed by Lazarus Long
++ <lazarus@frontiernet.net>.
++ * debian/control (Depends): depend on makedev (>= 2.3.1-13) to ensure
++ that /dev/urandom exists; reported by Steffen Markert
++ <smort@rz.tu-ilmenau.de>. [#32076]
++
++ -- James Troup <james@nocrew.org> Tue, 11 May 1999 21:06:27 +0100
++
++gnupg (0.9.5-1) unstable; urgency=low
++
++ * New upstream version.
++ * debian/control (Description): no tabs. [Lintian]
++
++ -- James Troup <james@nocrew.org> Wed, 24 Mar 1999 22:37:40 +0000
++
++gnupg (0.9.4-1) unstable; urgency=low
++
++ * New version.
++ * debian/control: s/GNUPG/GnuPG/
++
++ -- Werner Koch <wk@isil.d.suttle.de> Mon, 8 Mar 1999 19:58:28 +0100
++
++gnupg (0.9.3-1) unstable; urgency=low
++
++ * New upstream version.
++
++ -- James Troup <james@nocrew.org> Mon, 22 Feb 1999 22:55:04 +0000
++
++gnupg (0.9.2-1) unstable; urgency=low
++
++ * New version.
++ * debian/rules (build): Removed CFLAGS as the default is now sufficient.
++ * debian/rules (clean): remove special handling cleanup in intl.
++
++ -- Werner Koch <wk@isil.d.suttle.de> Wed, 20 Jan 1999 21:23:11 +0100
++
++gnupg (0.9.1-1) unstable; urgency=low
++
++ * New upstream version.
++
++ -- James Troup <james@nocrew.org> Sat, 9 Jan 1999 22:29:11 +0000
++
++gnupg (0.9.0-1) unstable; urgency=low
++
++ * New upstream version.
++ * g10/armor.c (armor_filter): add missing new line in comment string; as
++ noticed by Stainless Steel Rat <ratinox@peorth.gweep.net>.
++
++ -- James Troup <james@nocrew.org> Tue, 29 Dec 1998 20:22:43 +0000
++
++gnupg (0.4.5-1) unstable; urgency=low
++
++ * New upstream version.
++ * debian/rules (clean): force removal of intl/libintl.h which the
++ Makefiles fail to remove properly.
++
++ -- James Troup <james@nocrew.org> Tue, 8 Dec 1998 22:40:23 +0000
++
++gnupg (0.4.4-1) unstable; urgency=low
++
++ * New upstream version.
++
++ -- James Troup <james@nocrew.org> Sat, 21 Nov 1998 01:34:29 +0000
++
++gnupg (0.4.3-1) unstable; urgency=low
++
++ * New upstream version.
++ * debian/README.Debian: new file; contains same information as is in the
++ preinst. Suggested by Wichert Akkerman <wichert@cs.leidenuniv.nl>.
++ * debian/rules (binary-arch): install `README.Debian'
++ * debian/control (Standards-Version): updated to 2.5.0.0.
++
++ -- James Troup <james@nocrew.org> Sun, 8 Nov 1998 19:08:12 +0000
++
++gnupg (0.4.2-1) unstable; urgency=low
++
++ * New upstream version.
++ * debian/preinst: improve message about the NEWS file which isn't
++ actually installed when it's referred to, thanks to Martin Mitchell
++ <martin@debian.org>.
++ * debian/rules (binary-arch): don't install the now non-existent `rfcs',
++ but do install `OpenPGP'.
++
++ -- James Troup <james@nocrew.org> Sun, 18 Oct 1998 22:48:34 +0100
++
++gnupg (0.4.1-1) unstable; urgency=low
++
++ * New upstream version.
++ * debian/rules (binary-arch): fix the gpgm manpage symlink now installed
++ by `make install'.
++
++ -- James Troup <james@nocrew.org> Sun, 11 Oct 1998 17:01:21 +0100
++
++gnupg (0.4.0-1) unstable; urgency=high
++
++ * New upstream version. [#26717]
++ * debian/copyright: tone down warning about alpha nature of gnupg.
++ * debian/copyright: new maintainer address.
++ * debian/control: update extended description.
++ * debian/rules (binary-arch): install FAQ and all ChangeLogs.
++ * debian/preinst: new; check for upgrade from (<= 0.3.2-1) and warn about
++ incompatibilities in keyring format and offer to move old copy out of
++ gpg out of the way for transition strategy and inform the user about
++ the old copies of gnupg available on my web page.
++ * debian/rules (binary-arch) install preinst.
++ * debian/rules (binary-arch): don't depend on the test target as it is
++ now partially interactive (tries to generate a key, which requires
++ someone else to be using the computer).
++
++ -- James Troup <james@nocrew.org> Thu, 8 Oct 1998 00:47:07 +0100
++
++gnupg (0.3.2-1) unstable; urgency=low
++
++ * New upstream version.
++ * debian/control (Maintainer): new address.
++ * debian/copyright: updated list of changes.
++
++ -- James Troup <james@nocrew.org> Thu, 9 Jul 1998 21:06:07 +0200
++
++gnupg (0.3.1-1) unstable; urgency=low
++
++ * New upstream version.
++
++ -- James Troup <james@nocrew.org> Tue, 7 Jul 1998 00:26:21 +0200
++
++gnupg (0.3.0-2) unstable; urgency=low
++
++ * Applied bug-fix patch from Werner.
++
++ -- James Troup <jjtroup@comp.brad.ac.uk> Fri, 26 Jun 1998 12:18:29 +0200
++
++gnupg (0.3.0-1) unstable; urgency=low
++
++ * New upstream version.
++ * debian/control: rewrote short and long description.
++ * cipher/Makefile.am: link tiger with -lc.
++ * debian/rules (binary-arch): strip loadable modules.
++ * util/secmem.c (lock_pool): get rid of errant test code; fix from
++ Werner Koch <wk@isil.d.shuttle.de>.
++ * debian/rules (test): new target which runs gnupg's test suite.
++ binary-arch depends on it, to ensure it's run whenever the package is
++ built.
++
++ -- James Troup <jjtroup@comp.brad.ac.uk> Thu, 25 Jun 1998 16:04:57 +0200
++
++gnupg (0.2.19-1) unstable; urgency=low
++
++ * New upstream version.
++ * debian/control: Updated long description.
++
++ -- James Troup <jjtroup@comp.brad.ac.uk> Sat, 30 May 1998 12:12:35 +0200
++
++gnupg (0.2.18-1) unstable; urgency=low
++
++ * New upstream version.
++
++ -- James Troup <J.J.Troup@comp.brad.ac.uk> Sat, 16 May 1998 11:52:47 +0200
++
++gnupg (0.2.17-1) unstable; urgency=high
++
++ * New upstream version.
++ * debian/control (Standards-Version): updated to 2.4.1.0.
++ * debian/control: tone down warning about alpha nature of gnupg, as per
++ README.
++ * debian/copyright: ditto.
++
++ -- James Troup <jjtroup@comp.brad.ac.uk> Mon, 4 May 1998 22:36:51 +0200
++
++gnupg (0.2.15-1) unstable; urgency=high
++
++ * New upstream version.
++
++ -- James Troup <jjtroup@comp.brad.ac.uk> Fri, 10 Apr 1998 01:12:20 +0100
++
++gnupg (0.2.13-1) unstable; urgency=high
++
++ * New upstream version.
++
++ -- James Troup <jjtroup@comp.brad.ac.uk> Wed, 11 Mar 1998 01:52:51 +0000
++
++gnupg (0.2.12-1) unstable; urgency=low
++
++ * New upstream version.
++
++ -- James Troup <jjtroup@comp.brad.ac.uk> Sat, 7 Mar 1998 13:52:40 +0000
++
++gnupg (0.2.11-1) unstable; urgency=low
++
++ * New upstream version.
++
++ -- James Troup <jjtroup@comp.brad.ac.uk> Wed, 4 Mar 1998 01:32:12 +0000
++
++gnupg (0.2.10-1) unstable; urgency=low
++
++ * New upstream version.
++ * Name changed upstream.
++
++ -- James Troup <jjtroup@comp.brad.ac.uk> Mon, 2 Mar 1998 07:32:05 +0000
++
++g10 (0.2.7-1) unstable; urgency=low
++
++ * Initial release.
++
++ -- James Troup <jjtroup@comp.brad.ac.uk> Fri, 20 Feb 1998 02:05:34 +0000
--- /dev/null
--- /dev/null
++po/*.gmo
++po/stamp-po
++build-gpgv-static/
++build-gpgv-udeb/
++build-gpgv-win32/
++build-maintainer/
++doc/gnupg.info
++doc/gnupg.info-1
++doc/gnupg.info-2
--- /dev/null
--- /dev/null
++11
--- /dev/null
--- /dev/null
++Source: gnupg2
++Section: utils
++Priority: optional
++Maintainer: Debian GnuPG Maintainers <pkg-gnupg-maint@lists.alioth.debian.org>
++Uploaders:
++ Eric Dorland <eric@debian.org>,
++ Daniel Kahn Gillmor <dkg@fifthhorseman.net>,
++Standards-Version: 4.2.1
++Build-Depends:
++ automake,
++ autopoint,
++ debhelper (>= 11~),
++ file,
++ gettext,
++ ghostscript,
++ imagemagick,
++ libassuan-dev (>= 2.5.0),
++ libbz2-dev,
++ libcurl4-gnutls-dev,
++ libgcrypt20-dev (>= 1.7.0),
++ libgnutls28-dev (>= 3.0),
++ libgpg-error-dev (>= 1.35),
++ libksba-dev (>= 1.3.4),
++ libldap2-dev,
++ libnpth0-dev (>= 1.2),
++ libreadline-dev,
++ librsvg2-bin,
++ libsqlite3-dev,
++ libusb-1.0-0-dev [!hurd-any],
++ openssh-client <!nocheck>,
++ pkg-config,
++ texinfo,
++ transfig,
++ zlib1g-dev | libz-dev,
++Build-Depends-Indep:
++ binutils-multiarch [!amd64 !i386],
++ libassuan-mingw-w64-dev (>= 2.5.0),
++ libgcrypt-mingw-w64-dev (>= 1.7.0),
++ libgpg-error-mingw-w64-dev (>= 1.26-2~),
++ libksba-mingw-w64-dev (>= 1.3.4),
++ libnpth-mingw-w64-dev (>= 1.2),
++ libz-mingw-w64-dev,
++ mingw-w64,
++Vcs-Git: https://salsa.debian.org/debian/gnupg2.git -b debian/buster
++Vcs-Browser: https://salsa.debian.org/debian/gnupg2
++Homepage: https://www.gnupg.org/
++Rules-Requires-Root: no
++
++Package: gpgconf
++Architecture: any
++Multi-Arch: foreign
++Depends:
++ ${misc:Depends},
++ ${shlibs:Depends},
++Replaces:
++ gnupg (<< 2.1.21-4),
++ gnupg-agent (<< 2.1.21-4),
++Breaks:
++ gnupg (<< 2.1.21-4),
++ gnupg-agent (<< 2.1.21-4),
++Description: GNU privacy guard - core configuration utilities
++ GnuPG is GNU's tool for secure communication and data storage.
++ .
++ This package contains core utilities used by different tools in the
++ suite offered by GnuPG. It can be used to programmatically edit
++ config files for tools in the GnuPG suite, to launch or terminate
++ per-user daemons (if installed), etc.
++
++Package: gnupg-agent
++Architecture: all
++Section: oldlibs
++Multi-Arch: foreign
++Depends:
++ gpg-agent (>= ${source:Version}),
++ ${misc:Depends},
++Description: GNU privacy guard - cryptographic agent (dummy transitional package)
++ GnuPG is GNU's tool for secure communication and data storage.
++ It can be used to encrypt data and to create digital signatures.
++ It includes an advanced key management facility and is compliant
++ with the proposed OpenPGP Internet standard as described in RFC4880.
++ .
++ This is a dummy transitional package; please use gpg-agent instead.
++
++Package: gpg-agent
++Architecture: any
++Multi-Arch: foreign
++Depends:
++ gpgconf (= ${binary:Version}),
++ pinentry-curses | pinentry,
++ ${misc:Depends},
++ ${shlibs:Depends},
++Recommends:
++ gnupg (= ${binary:Version}),
++ ${shlibs:Recommends},
++Suggests:
++ dbus-user-session,
++ libpam-systemd,
++ pinentry-gnome3,
++ scdaemon,
++Replaces:
++ gnupg-agent (<< 2.1.21-4),
++Breaks:
++ gnupg-agent (<< 2.1.21-4),
++Provides:
++ gnupg-agent,
++Description: GNU privacy guard - cryptographic agent
++ GnuPG is GNU's tool for secure communication and data storage.
++ It can be used to encrypt data and to create digital signatures.
++ It includes an advanced key management facility and is compliant
++ with the proposed OpenPGP Internet standard as described in RFC4880.
++ .
++ This package contains the agent program gpg-agent which handles all
++ secret key material for OpenPGP and S/MIME use. The agent also
++ provides a passphrase cache, which is used by pre-2.1 versions of
++ GnuPG for OpenPGP operations. Without this package, trying to do
++ secret-key operations with any part of the modern GnuPG suite will
++ fail.
++
++Package: gpg-wks-server
++Architecture: any
++Multi-Arch: foreign
++Depends:
++ gpg (= ${binary:Version}),
++ gpg-agent (= ${binary:Version}),
++ ${misc:Depends},
++ ${shlibs:Depends},
++Recommends:
++ gnupg (= ${binary:Version}),
++ ${shlibs:Recommends},
++Description: GNU privacy guard - Web Key Service server
++ GnuPG is GNU's tool for secure communication and data storage.
++ It can be used to encrypt data and to create digital signatures.
++ It includes an advanced key management facility and is compliant
++ with the proposed OpenPGP Internet standard as described in RFC4880.
++ .
++ This package provides the GnuPG server for the Web Key Service
++ protocol.
++ .
++ A Web Key Service is a service that allows users to upload keys per
++ mail to be verified over https as described in
++ https://tools.ietf.org/html/draft-koch-openpgp-webkey-service
++ .
++ For more information see: https://wiki.gnupg.org/WKS
++
++Package: gpg-wks-client
++Architecture: any
++Multi-Arch: foreign
++Depends:
++ dirmngr (= ${binary:Version}),
++ gpg (= ${binary:Version}),
++ gpg-agent (= ${binary:Version}),
++ ${misc:Depends},
++ ${shlibs:Depends},
++Recommends:
++ gnupg (= ${binary:Version}),
++ ${shlibs:Recommends},
++Description: GNU privacy guard - Web Key Service client
++ GnuPG is GNU's tool for secure communication and data storage.
++ It can be used to encrypt data and to create digital signatures.
++ It includes an advanced key management facility and is compliant
++ with the proposed OpenPGP Internet standard as described in RFC4880.
++ .
++ This package provides the GnuPG client for the Web Key Service
++ protocol.
++ .
++ A Web Key Service is a service that allows users to upload keys per
++ mail to be verified over https as described in
++ https://tools.ietf.org/html/draft-koch-openpgp-webkey-service
++ .
++ For more information see: https://wiki.gnupg.org/WKS
++
++Package: scdaemon
++Architecture: any
++Multi-Arch: foreign
++Depends:
++ gpg-agent (= ${binary:Version}),
++ ${misc:Depends},
++ ${shlibs:Depends},
++Enhances:
++ gpg-agent,
++Description: GNU privacy guard - smart card support
++ GnuPG is GNU's tool for secure communication and data storage.
++ It can be used to encrypt data and to create digital signatures.
++ It includes an advanced key management facility and is compliant
++ with the proposed OpenPGP Internet standard as described in RFC4880.
++ .
++ This package contains the smart card program scdaemon, which is used
++ by gpg-agent to access OpenPGP smart cards.
++
++Package: gpgsm
++Architecture: any
++Multi-Arch: foreign
++Depends:
++ gpgconf (= ${binary:Version}),
++ ${misc:Depends},
++ ${shlibs:Depends},
++Recommends:
++ gnupg (= ${binary:Version}),
++ ${shlibs:Recommends},
++Breaks:
++ gnupg2 (<< 2.1.10-2),
++Replaces:
++ gnupg2 (<< 2.1.10-2),
++Description: GNU privacy guard - S/MIME version
++ GnuPG is GNU's tool for secure communication and data storage.
++ It can be used to encrypt data and to create digital signatures.
++ It includes an advanced key management facility and is compliant
++ with the proposed OpenPGP Internet standard as described in RFC4880.
++ .
++ This package contains the gpgsm program. gpgsm is a tool to provide
++ digital encryption and signing services on X.509 certificates and the
++ CMS protocol. gpgsm includes complete certificate management.
++
++Package: gpg
++Architecture: any
++Multi-Arch: foreign
++Depends:
++ gpgconf (= ${binary:Version}),
++ ${misc:Depends},
++ ${shlibs:Depends},
++Recommends:
++ gnupg (= ${binary:Version}),
++ ${shlibs:Recommends},
++Breaks:
++ gnupg (<< 2.1.21-4),
++Replaces:
++ gnupg (<< 2.1.21-4),
++Description: GNU Privacy Guard -- minimalist public key operations
++ GnuPG is GNU's tool for secure communication and data storage.
++ It can be used to encrypt data and to create digital signatures.
++ It includes an advanced key management facility and is compliant
++ with the proposed OpenPGP Internet standard as described in RFC4880.
++ .
++ This package contains /usr/bin/gpg itself, and is useful on its own
++ only for public key operations (encryption, signature verification,
++ listing OpenPGP certificates, etc). If you want full capabilities
++ (including secret key operations, network access, etc), please
++ install the "gnupg" package, which pulls in the full suite of tools.
++
++Package: gnupg
++Architecture: all
++Multi-Arch: foreign
++Depends:
++ dirmngr (<< ${source:Version}.1~),
++ dirmngr (>= ${source:Version}),
++ gnupg-l10n (= ${source:Version}),
++ gnupg-utils (<< ${source:Version}.1~),
++ gnupg-utils (>= ${source:Version}),
++ gpg (<< ${source:Version}.1~),
++ gpg (>= ${source:Version}),
++ gpg-agent (<< ${source:Version}.1~),
++ gpg-agent (>= ${source:Version}),
++ gpg-wks-client (<< ${source:Version}.1~),
++ gpg-wks-client (>= ${source:Version}),
++ gpg-wks-server (<< ${source:Version}.1~),
++ gpg-wks-server (>= ${source:Version}),
++ gpgsm (<< ${source:Version}.1~),
++ gpgsm (>= ${source:Version}),
++ gpgv (<< ${source:Version}.1~),
++ gpgv (>= ${source:Version}),
++ ${misc:Depends},
++ ${shlibs:Depends},
++Recommends:
++ ${shlibs:Recommends},
++Suggests:
++ parcimonie,
++ xloadimage,
++Breaks:
++ debsig-verify (<< 0.15),
++ dirmngr (<< ${binary:Version}),
++ gnupg2 (<< 2.1.11-7+exp1),
++ libgnupg-interface-perl (<< 0.52-3),
++ libgnupg-perl (<= 0.19-1),
++ libmail-gnupg-perl (<= 0.22-1),
++ monkeysphere (<< 0.38~),
++ php-crypt-gpg (<= 1.4.1-1),
++ python-apt (<= 1.1.0~beta4),
++ python-gnupg (<< 0.3.8-3),
++ python3-apt (<= 1.1.0~beta4),
++Replaces:
++ gnupg2 (<< 2.1.11-7+exp1),
++Description: GNU privacy guard - a free PGP replacement
++ GnuPG is GNU's tool for secure communication and data storage.
++ It can be used to encrypt data and to create digital signatures.
++ It includes an advanced key management facility and is compliant
++ with the proposed OpenPGP Internet standard as described in RFC4880.
++ .
++ This package contains the full suite of GnuPG tools for cryptographic
++ communications and data storage.
++
++Package: gnupg2
++Architecture: all
++Section: oldlibs
++Multi-Arch: foreign
++Depends:
++ gnupg (>= ${source:Version}),
++ ${misc:Depends},
++Description: GNU privacy guard - a free PGP replacement (dummy transitional package)
++ GnuPG is GNU's tool for secure communication and data storage.
++ It can be used to encrypt data and to create digital signatures.
++ It includes an advanced key management facility and is compliant
++ with the proposed OpenPGP Internet standard as described in RFC4880.
++ .
++ This is a dummy transitional package that provides symlinks from gpg2
++ to gpg.
++
++Package: gpgv
++Architecture: any
++Priority: important
++Multi-Arch: foreign
++Depends:
++ ${misc:Depends},
++ ${shlibs:Depends},
++Breaks:
++ gnupg2 (<< 2.0.21-2),
++ gpgv2 (<< 2.1.11-7+exp1),
++ python-debian (<< 0.1.29),
++Replaces:
++ gnupg2 (<< 2.0.21-2),
++ gpgv2 (<< 2.1.11-7+exp1),
++Suggests:
++ gnupg,
++Description: GNU privacy guard - signature verification tool
++ GnuPG is GNU's tool for secure communication and data storage.
++ .
++ gpgv is actually a stripped-down version of gpg which is only able
++ to check signatures. It is somewhat smaller than the fully-blown gpg
++ and uses a different (and simpler) way to check that the public keys
++ used to make the signature are valid. There are no configuration
++ files and only a few options are implemented.
++
++Package: gpgv2
++Section: oldlibs
++Architecture: all
++Multi-Arch: foreign
++Depends:
++ gpgv (>= ${source:Version}),
++ ${misc:Depends},
++Description: GNU privacy guard - signature verification tool (dummy transitional package)
++ GnuPG is GNU's tool for secure communication and data storage. gpgv
++ is a stripped-down version of gpg which is only able to check
++ signatures.
++ .
++ This is a dummy transitional package that provides symlinks from gpgv2
++ to gpgv.
++
++Package: dirmngr
++Architecture: any
++Multi-Arch: foreign
++Depends:
++ adduser,
++ gpgconf (= ${binary:Version}),
++ lsb-base (>= 3.2-13),
++ ${misc:Depends},
++ ${shlibs:Depends},
++Recommends:
++ gnupg (= ${binary:Version}),
++ ${shlibs:Recommends},
++Enhances:
++ gpg,
++ gpgsm,
++ squid,
++Breaks:
++ gnupg2 (<< 2.1.10-2),
++Replaces:
++ gnupg2 (<< 2.1.10-2),
++Suggests:
++ dbus-user-session,
++ libpam-systemd,
++ pinentry-gnome3,
++ tor,
++Description: GNU privacy guard - network certificate management service
++ dirmngr is a server for managing and downloading OpenPGP and X.509
++ certificates, as well as updates and status signals related to those
++ certificates. For OpenPGP, this means pulling from the public
++ HKP/HKPS keyservers, or from LDAP servers. For X.509 this includes
++ Certificate Revocation Lists (CRLs) and Online Certificate Status
++ Protocol updates (OCSP). It is capable of using Tor for network
++ access.
++ .
++ dirmngr is used for network access by gpg, gpgsm, and dirmngr-client,
++ among other tools. Unless this package is installed, the parts of
++ the GnuPG suite that try to interact with the network will fail.
++
++Package: gpgv-udeb
++Package-Type: udeb
++Section: debian-installer
++Architecture: any
++Depends:
++ ${misc:Depends},
++ ${shlibs:Depends},
++Description: minimal signature verification tool
++ GnuPG is GNU's tool for secure communication and data storage.
++ It can be used to encrypt data and to create digital signatures.
++ It includes an advanced key management facility and is compliant
++ with the proposed OpenPGP Internet standard as described in RFC 4880.
++ .
++ This is GnuPG's signature verification tool, gpgv, packaged in minimal
++ form for use in debian-installer.
++
++Package: gpgv-static
++Architecture: any
++Multi-Arch: foreign
++Depends:
++ ${misc:Depends},
++ ${shlibs:Depends},
++Recommends:
++ debian-archive-keyring,
++ debootstrap,
++Description: minimal signature verification tool (static build)
++ GnuPG is GNU's tool for secure communication and data storage.
++ It can be used to encrypt data and to create digital signatures.
++ It includes an advanced key management facility and is compliant
++ with the proposed OpenPGP Internet standard as described in RFC 4880.
++ .
++ This is GnuPG's signature verification tool, gpgv, built statically
++ so that it can be directly used on any platform that is running on
++ the Linux kernel. Android and ChromeOS are two well known examples,
++ but there are many other platforms that this will work for, like
++ embedded Linux OSes. This gpgv in combination with debootstrap and
++ the Debian archive keyring allows the secure creation of chroot
++ installs on these platforms by using the full Debian signature
++ verification that is present in all official Debian mirrors.
++
++Package: gpgv-win32
++Architecture: all
++Multi-Arch: foreign
++Depends:
++ ${misc:Depends},
++Suggests:
++ wine,
++Description: GNU privacy guard - signature verification tool (win32 build)
++ GnuPG is GNU's tool for secure communication and data storage.
++ .
++ gpgv is a stripped-down version of gnupg which is only able to check
++ signatures. It is smaller than the full-blown gnupg and uses a
++ different (and simpler) way to check that the public keys used to
++ make the signature are trustworthy.
++ .
++ This is a win32 version of gpgv. It's meant to be used by the win32-loader
++ component of Debian-Installer.
++
++Package: gnupg-l10n
++Section: localization
++Architecture: all
++Multi-Arch: foreign
++Depends:
++ ${misc:Depends},
++Enhances:
++ dirmngr,
++ gpg,
++ gpg-agent,
++Breaks:
++ gnupg (<< 2.1.14-2~),
++ gnupg2 (<< 2.1.14-2~),
++Replaces:
++ gnupg (<< 2.1.14-2~),
++ gnupg2 (<< 2.1.14-2~),
++Description: GNU privacy guard - localization files
++ GnuPG is GNU's tool for secure communication and data storage.
++ It can be used to encrypt data and to create digital signatures.
++ It includes an advanced key management facility and is compliant
++ with the proposed OpenPGP Internet standard as described in RFC 4880.
++ .
++ This package contains the translation files for the use of GnuPG in
++ non-English locales.
++
++Package: gnupg-utils
++Architecture: any
++Multi-Arch: foreign
++Replaces:
++ gnupg (<< 2.1.21-4),
++ gnupg-agent (<< 2.1.21-4),
++Breaks:
++ gnupg (<< 2.1.21-4),
++ gnupg-agent (<< 2.1.21-4),
++Depends:
++ ${misc:Depends},
++ ${shlibs:Depends},
++Recommends:
++ gpg,
++ gpg-agent,
++ gpgconf,
++ gpgsm,
++Description: GNU privacy guard - utility programs
++ GnuPG is GNU's tool for secure communication and data storage.
++ .
++ This package contains several useful utilities for manipulating
++ OpenPGP data and other related cryptographic elements. It includes:
++ .
++ * addgnupghome -- create .gnupg home directories
++ * applygnupgdefaults -- run gpgconf --apply-defaults for all users
++ * gpgcompose -- an experimental tool for constructing arbitrary
++ sequences of OpenPGP packets (e.g. for testing)
++ * gpgparsemail -- parse an e-mail message into annotated format
++ * gpgsplit -- split a sequence of OpenPGP packets into files
++ * gpgtar -- encrypt or sign files in an archive
++ * kbxutil -- list, export, import Keybox data
++ * lspgpot -- convert PGP ownertrust values to GnuPG
++ * migrate-pubring-from-classic-gpg -- use only "modern" formats
++ * symcryptrun -- use simple symmetric encryption tool in GnuPG framework
++ * watchgnupg -- watch socket-based logs
--- /dev/null
--- /dev/null
++Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
++Upstream-Name: GnuPG - The GNU Privacy Guard (modern version)
++Upstream-Contact: GnuPG development mailing list <gnupg-devel@gnupg.org>
++Source: https://gnupg.org/download/
++
++Files: *
++Copyright: 1992, 1995-2016, Free Software Foundation, Inc
++License: GPL-3+
++
++Files: agent/command.c
++ agent/command-ssh.c
++ agent/gpg-agent.c
++ common/homedir.c
++ common/sysutils.c
++ g10/mainproc.c
++Copyright: 1998-2007, 2009, 2012, Free Software Foundation, Inc
++ 2013, Werner Koch
++License: GPL-3+
++
++Files: autogen.sh
++Copyright: 2003, g10 Code GmbH
++License: permissive
++
++Files: common/gc-opt-flags.h
++ common/i18n.h
++ tools/clean-sat.c
++ tools/no-libgcrypt.c
++Copyright: 1998-2001, 2003, 2004, 2006, 2007 Free Software Foundation, Inc
++License: permissive
++
++Files: common/localename.c
++Copyright: 1985, 1989-1993, 1995-2003, 2007, 2008 Free Software Foundation, Inc.
++License: LGPL-2.1+
++
++Files: dirmngr/dns.c
++ dirmngr/dns.h
++Copyright: 2008-2010, 2012-2016 William Ahern
++License: Expat
++
++Files: doc/yat2m.c
++ scd/app-geldkarte.c
++Copyright: 2004, 2005, g10 Code GmbH
++ 2006, 2008, 2009, 2011, Free Software Foundation, Inc
++License: GPL-3+
++
++Files: scd/ccid-driver.h
++ scd/ccid-driver.c
++Copyright: 2003-2007, Free Software Foundation, Inc
++License: GPL-3+ or BSD-3-clause
++
++Files: tools/rfc822parse.c
++ tools/rfc822parse.h
++Copyright: 1999-2000, Werner Koch, Duesseldorf
++ 2003-2004, g10 Code GmbH
++License: LGPL-3+
++
++Files: tools/sockprox.c
++Copyright: 2007, g10 Code GmbH
++License: GPL-3+
++
++Files: doc/OpenPGP
++Copyright: 1998-2013 Free Software Foundation, Inc.
++ 1997, 1998, 2013 Werner Koch
++ 1998 The Internet Society
++License: RFC-Reference
++
++Files: tests/gpgscm/*
++Copyright: 2000, Dimitrios Souflis
++ 2016, Justus Winter, Werner Koch
++License: TinySCHEME
++
++Files: debian/*
++Copyright: 1998-2018 Debian GnuPG packagers, including
++ Eric Dorland <eric@debian.org>
++ Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++ NIIBE Yutaka <gniibe@fsij.org>
++License: GPL-3+
++
++Files: debian/org.gnupg.scdaemon.metainfo.xml
++Copyright: 2017 Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Comment: This file is licensed permissively for the sake of AppStream
++License: CC0-1.0
++
++License: TinySCHEME
++ Redistribution and use in source and binary forms, with or without
++ modification, are permitted provided that the following conditions are
++ met:
++ .
++ Redistributions of source code must retain the above copyright notice,
++ this list of conditions and the following disclaimer.
++ .
++ Redistributions in binary form must reproduce the above copyright
++ notice, this list of conditions and the following disclaimer in the
++ documentation and/or other materials provided with the distribution.
++ .
++ Neither the name of Dimitrios Souflis nor the names of the
++ contributors may be used to endorse or promote products derived from
++ this software without specific prior written permission.
++ .
++ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
++ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
++ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
++ A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR
++ CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
++ EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
++ PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
++ PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
++ LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
++ NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
++ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++
++
++License: permissive
++ This file is free software; as a special exception the author gives
++ unlimited permission to copy and/or distribute it, with or without
++ modifications, as long as this notice is preserved.
++ .
++ This file is distributed in the hope that it will be useful, but
++ WITHOUT ANY WARRANTY, to the extent permitted by law; without even
++ the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
++ PURPOSE.
++
++License: RFC-Reference
++ doc/OpenPGP merely cites and references IETF Draft
++ draft-ietf-openpgp-formats-07.txt. This is believed to be fair use;
++ but if not, it's covered by the source document's license under
++ the 'comment on' clause. The license statement follows.
++ .
++ This document and translations of it may be copied and furnished to
++ others, and derivative works that comment on or otherwise explain it
++ or assist in its implementation may be prepared, copied, published
++ and distributed, in whole or in part, without restriction of any
++ kind, provided that the above copyright notice and this paragraph
++ are included on all such copies and derivative works. However, this
++ document itself may not be modified in any way, such as by removing
++ the copyright notice or references to the Internet Society or other
++ Internet organizations, except as needed for the purpose of
++ developing Internet standards in which case the procedures for
++ copyrights defined in the Internet Standards process must be
++ followed, or as required to translate it into languages other than
++ English.
++ .
++ The limited permissions granted above are perpetual and will not be
++ revoked by the Internet Society or its successors or assigns.
++
++
++License: GPL-3+
++ GnuPG is free software; you can redistribute it and/or modify
++ it under the terms of the GNU General Public License as published by
++ the Free Software Foundation; either version 3 of the License, or
++ (at your option) any later version.
++ .
++ GnuPG is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++ GNU General Public License for more details.
++ .
++ You should have received a copy of the GNU General Public License
++ along with this program; if not, see <https://www.gnu.org/licenses/>.
++ .
++ On Debian systems, the full text of the GNU General Public
++ License version 3 can be found in the file
++ `/usr/share/common-licenses/GPL-3'.
++
++License: LGPL-3+
++ This program is free software; you can redistribute it and/or modify it
++ under the terms of the GNU Lesser General Public License as
++ published by the Free Software Foundation; either version 3 of
++ the License, or (at your option) any later version.
++ .
++ This program is distributed in the hope that it will be useful, but
++ WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ Lesser General Public License for more details.
++ .
++ You should have received a copy of the GNU Lesser General Public
++ License along with this program; if not, see <https://www.gnu.org/licenses/>.
++ .
++ On Debian systems, the full text of the GNU Lesser General Public
++ License version 3 can be found in the file
++ `/usr/share/common-licenses/LGPL-3'.
++
++License: LGPL-2.1+
++ This program is free software; you can redistribute it and/or modify it
++ under the terms of the GNU Lesser General Public License as
++ published by the Free Software Foundation; either version 2.1 of
++ the License, or (at your option) any later version.
++ .
++ This program is distributed in the hope that it will be useful, but
++ WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ Lesser General Public License for more details.
++ .
++ You should have received a copy of the GNU Lesser General Public
++ License along with this program; if not, see <https://www.gnu.org/licenses/>.
++ .
++ On Debian systems, the full text of the GNU Lesser General Public
++ License version 2.1 can be found in the file
++ `/usr/share/common-licenses/LGPL-2.1'.
++
++License: BSD-3-clause
++ Redistribution and use in source and binary forms, with or without
++ modification, are permitted provided that the following conditions
++ are met:
++ 1. Redistributions of source code must retain the above copyright
++ notice, and the entire permission notice in its entirety,
++ including the disclaimer of warranties.
++ 2. Redistributions in binary form must reproduce the above copyright
++ notice, this list of conditions and the following disclaimer in the
++ documentation and/or other materials provided with the distribution.
++ 3. The name of the author may not be used to endorse or promote
++ products derived from this software without specific prior
++ written permission.
++ .
++ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
++ WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
++ OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
++ DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
++ INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
++ (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
++ SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
++ HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
++ STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
++ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
++ OF THE POSSIBILITY OF SUCH DAMAGE.
++
++License: Expat
++ Permission is hereby granted, free of charge, to any person obtaining a
++ copy of this software and associated documentation files (the
++ "Software"), to deal in the Software without restriction, including
++ without limitation the rights to use, copy, modify, merge, publish,
++ distribute, sublicense, and/or sell copies of the Software, and to permit
++ persons to whom the Software is furnished to do so, subject to the
++ following conditions:
++ .
++ The above copyright notice and this permission notice shall be included
++ in all copies or substantial portions of the Software.
++ .
++ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
++ OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
++ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
++ NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
++ DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
++ OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
++ USE OR OTHER DEALINGS IN THE SOFTWARE.
++
++License: CC0-1.0
++ To the extent possible under law, the author(s) have dedicated all
++ copyright and related and neighboring rights to this software to the public
++ domain worldwide. This software is distributed without any warranty.
++ .
++ On Debian systems, the complete text of the CC0 license, version 1.0,
++ can be found in /usr/share/common-licenses/CC0-1.0.
--- /dev/null
--- /dev/null
++dirmngr (2.1.18-1) unstable; urgency=medium
++
++ If your machine is configured with system user session management,
++ dirmngr will be managed automatically by systemd's user sessions on
++ machines configured with use systemd. Please consider installing the
++ packages that the dirmngr package Suggests:, and see
++ /usr/share/doc/dirmngr/README.Debian for more details.
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 23 Jan 2017 22:50:34 -0500
++
++dirmngr (2.1.13-3) experimental; urgency=medium
++
++ gpg and most related processes will auto-launch dirmngr if needed.
++
++ Any user who wants to launch dirmngr manually should do so with:
++
++ gpgconf --launch dirmngr
++
++ and may want to terminate dirmngr when their session ends with:
++
++ gpgconf --kill dirmngr
++
++ Users on machines with systemd can ensure that dirmngr is always
++ running for their session (and that it gets terminated at logout)
++ with:
++
++ gpgconf --kill dirmngr
++ systemctl --user enable dirmngr
++ systemctl --user start dirmngr
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 28 Jun 2016 17:55:15 -0400
++
++dirmngr (2.1.0~beta895-1) experimental; urgency=medium
++
++ No more dirmngr system service!
++ ===============================
++
++ As of the 2.1.0 beta series, dirmngr is a local daemon that works
++ closely with gnupg2. It is launched on its own, per-user, and
++ listens on a standard socket (usually ~/.gnupg/S.dirmngr). There is
++ no more system-wide dirmngr process.
++
++ If there is a special case where a dirmngr system process is
++ actually needed, please report a bug in dirmngr, and we can sort out
++ a way to set one up for that case so that everyone with dirmngr
++ installed doesn't need to have it running.
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 07 Oct 2014 10:33:52 -0400
++
--- /dev/null
--- /dev/null
++dirmngr system integration
++==========================
++
++Since 2.1.x, gpg and most related processes will auto-launch dirmngr
++if needed. These auto-launched processes will inherit whatever
++environment they started from, and they will not terminate
++automatically.
++
++systemd
++=======
++
++Since 2.1.17, users on machines with systemd will have a dirmngr
++process launched automatically by systemd's user session, upon first
++access of the standard socket. systemd will also cleanly tear this
++process down at session logout.
++
++Users who don't want systemd to manage their dirmngr in this way for
++all future sessions should do:
++
++ systemctl --user mask --now dirmngr.socket
++
++Doing this means that dirmngr will fall back to its manual mode of
++operation. (This decision can be reversed by the user with "unmask"
++instead of "mask")
++
++See systemctl(1) for more details about managing the dirmngr.socket
++unit.
++
++Manual dirmngr startup and teardown
++===================================
++
++Any user who wants to launch dirmngr manually (e.g., to talk to it
++with a tool from outside the GnuPG suite) and is *not* using systemd
++should first ensure that it is launched with:
++
++ gpgconf --launch dirmngr
++
++If dirmngr is launched manually or automatically (but not supervised
++by systemd), you also probably want to ensure that it terminates when
++your session ends with:
++
++ gpgconf --kill dirmngr
++
++If you're not using systemd, you may wish to add this command to your
++session logout scripts.
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net>, Mon, 23 Jan 2017 22:49:45 -0500
--- /dev/null
--- /dev/null
++AUTHORS
++NEWS
++THANKS
++TODO
++doc/KEYSERVER
--- /dev/null
--- /dev/null
++debian/tmp/usr/bin/dirmngr
++debian/tmp/usr/bin/dirmngr-client
++debian/tmp/usr/lib/gnupg/dirmngr_ldap
++debian/tmp/usr/share/gnupg/sks-keyservers.netCA.pem
++doc/examples/systemd-user/dirmngr.service usr/lib/systemd/user
++doc/examples/systemd-user/dirmngr.socket usr/lib/systemd/user
--- /dev/null
--- /dev/null
++usr/lib/systemd/user/dirmngr.socket /usr/lib/systemd/user/sockets.target.wants/dirmngr.socket
--- /dev/null
--- /dev/null
++rm_conffile /etc/default/dirmngr
++rm_conffile /etc/dirmngr/dirmngr.conf
++rm_conffile /etc/dirmngr/ldapservers.conf
++rm_conffile /etc/init.d/dirmngr
++rm_conffile /etc/logrotate.d/dirmngr
--- /dev/null
--- /dev/null
++debian/tmp/usr/share/man/man1/dirmngr-client.1
++debian/tmp/usr/share/man/man8/dirmngr.8
--- /dev/null
--- /dev/null
++[DEFAULT]
++debian-branch = debian/buster
++pristine-tar = True
++upstream-vcs-tag = gnupg-%(version)s
++
++[import-orig]
++filter = [
++ 'aclocal.m4',
++ 'build-aux/compile',
++ 'build-aux/config.rpath',
++ 'build-aux/depcomp',
++ 'build-aux/install-sh',
++ 'build-aux/missing',
++ 'build-aux/mkinstalldirs',
++ 'build-aux/texinfo.tex',
++ 'config.h.in',
++ 'configure',
++ 'doc/gnupg.info*',
++ 'INSTALL',
++ 'm4/intdiv0.m4',
++ 'm4/intl.m4',
++ 'm4/lock.m4',
++ 'm4/printf-posix.m4',
++ 'm4/size_max.m4',
++ 'm4/uintmax_t.m4',
++ 'm4/wint_t.m4',
++ '*/*/Makefile.in',
++ '*/Makefile.in',
++ 'Makefile.in',
++ 'po/*.gmo',
++ 'po/Makefile.in.in',
++ 'po/stamp-po',
++ ]
++filter-pristine-tar = False
++
++[pq]
++patch-numbers = False
--- /dev/null
--- /dev/null
++debian/tmp/usr/share/gnupg/help.*.txt
++debian/tmp/usr/share/locale
--- /dev/null
--- /dev/null
++build-maintainer/g10/gpgcompose usr/bin
++build/tools/gpg-zip usr/bin
++build/tools/gpgsplit usr/bin
++build/tools/gpgtar usr/bin
++debian/migrate-pubring-from-classic-gpg usr/bin
++debian/tmp/usr/bin/gpgparsemail
++debian/tmp/usr/bin/kbxutil
++debian/tmp/usr/bin/symcryptrun
++debian/tmp/usr/bin/watchgnupg
++debian/tmp/usr/sbin/addgnupghome
++debian/tmp/usr/sbin/applygnupgdefaults
++tools/lspgpot usr/bin
--- /dev/null
--- /dev/null
++debian/gpg-zip.1
++debian/gpgcompose.1
++debian/gpgsplit.1
++debian/kbxutil.1
++debian/lspgpot.1
++debian/migrate-pubring-from-classic-gpg.1
++debian/tmp/usr/share/man/man1/gpgparsemail.1
++debian/tmp/usr/share/man/man1/gpgtar.1
++debian/tmp/usr/share/man/man1/symcryptrun.1
++debian/tmp/usr/share/man/man1/watchgnupg.1
++debian/tmp/usr/share/man/man8/addgnupghome.8
++debian/tmp/usr/share/man/man8/applygnupgdefaults.8
--- /dev/null
--- /dev/null
++Using "Modern" GnuPG
++====================
++
++As of version 2.1.11-7+exp1, the gnupg package is provided by the "modern"
++version of GnuPG.
++
++This means:
++
++ * supporting daemons are auto-launched as needed
++
++ * all access to secret key material is handled by gpg-agent
++
++ * all smartcard access is handled by scdaemon
++
++ * all network access is handled by dirmngr
++
++ * PGPv3 keys are no longer supported
++
++ * secret keys are no longer stored in $GNUPGHOME/secring.gpg, but
++ instead in $GNUPGHOME/private-keys-v1.d/
++
++ * public keyrings are stored in keybox format (~/.gnupg/pubring.kbx) by
++ default for new users. Upgrading users will continue to use
++ pubring.gpg until they decide to explicitly convert.
++
++Converting an existing installation
++-----------------------------------
++
++If you have an existing GnuPG homedir from "classic" GnuPG, secret
++keys should be migrated automatically upon the first run of the
++"modern" version.
++
++If you have any secret keys that are stored only in a smartcard, after
++your first use of "modern" gpg you should insert the card and run:
++
++ gpg --card-status
++
++ (see https://bugs.debian.org/795881)
++
++Public keys will not be automatically migrated from pubring.gpg to
++pubring.kbx, however. If you want to migrate your public keyring, you
++can use a script like /usr/bin/migrate-pubring-from-classic-gpg
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net>, Mon, 18 Apr 2016 19:08:36 -0400
--- /dev/null
--- /dev/null
++NEWS
++README
++THANKS
++TODO
++doc/DETAILS
++doc/FAQ
++doc/HACKING
++doc/OpenPGP
--- /dev/null
--- /dev/null
++debian/tmp/usr/share/info/gnupg.info*
++doc/gnupg-card-architecture.png
++doc/gnupg-module-overview.png
--- /dev/null
--- /dev/null
++usr/bin/gpg usr/bin/gpg2
++usr/share/man/man1/gpg.1.gz usr/share/man/man1/gpg2.1.gz
--- /dev/null
--- /dev/null
++gnupg-agent (2.1.18-1) unstable; urgency=medium
++
++ If your machine is configured with system user session management,
++ gpg-agent will be managed automatically by systemd's user sessions on
++ machines configured with use systemd. Please consider installing the
++ packages that the gnupg-agent package Suggests:, and see
++ /usr/share/doc/gnupg-agent/README.Debian for more details.
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Mon, 23 Jan 2017 22:54:48 -0500
++
++gnupg-agent (2.1.13-3) experimental; urgency=medium
++
++ gpg-agent is no longer auto-launched by
++ /etc/X11/Xsession.d/90gpg-agent. Please read
++ /usr/share/doc/gnupg-agent/README.Debian for details about system
++ integration.
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 28 Jun 2016 17:29:46 -0400
++
--- /dev/null
--- /dev/null
++gpg-agent system integration
++============================
++
++Since 2.1.x, gpg and most related processes will auto-launch gpg-agent
++if needed. These auto-launched processes will inherit whatever
++environment they started from, and they will not terminate
++automatically.
++
++systemd
++=======
++
++Since 2.1.17, users on machines with systemd will have their gpg-agent
++process launched automatically by systemd's user session, upon first
++access of any of the expected gpg-agent sockets (including the ssh
++socket). systemd will also cleanly tear this process down at session
++logout.
++
++If dbus-user-session and pinentry-gnome3 packages are installed, then
++all user interaction with this systemd-managed gpg-agent process
++(e.g. prompting for passwords or confirmations, etc) will take place
++over the d-bus session, for better integration with graphical
++environments like GNOME.
++
++Users who don't want systemd to manage their gpg-agent in this way for
++all future sessions should do:
++
++ systemctl --user mask --now gpg-agent.service gpg-agent.socket gpg-agent-ssh.socket gpg-agent-extra.socket gpg-agent-browser.socket
++
++Doing this means that gpg-agent will fall back to its manual mode of
++operation. (This decision can be reversed by the user with "unmask"
++instead of "mask")
++
++See systemctl(1) for more details about managing the gpg-agent*.socket
++units.
++
++ssh-agent emulation
++===================
++
++gpg-agent offers an ssh-agent emulation which can be achieved by
++setting the environment variable SSH_AUTH_SOCK to:
++
++ /run/user/$(id -u)/gnupg/S.gpg-agent.ssh
++
++(replace $(id -u) with the user's numeric user ID, of course).
++
++But ssh doesn't have a way to tell ssh-agent how to prompt the user
++when necessary; the systemd-managed gpg-agent process will only know
++how to prompt the user if you have dbus-user-session and
++pinentry-gnome3 installed. This is the recommended configuration for
++gpg-agent's ssh-agent emulation on desktop machines running systemd,
++and doesn't need any additional configuration.
++
++However, if dbus-user-session and pinentry-gnome3 are not in use, by
++default the systemd-managed gpg-agent will not know how to get
++feedback from the user when a request is first received by ssh. You
++can give it a hint for all future ssh connections by running:
++
++ gpg-connect-agent updatestartuptty /bye
++
++You may wish to do this in the login scripts for your user session if
++you run systemd without dbus-user-session and pinentry-gnome3, and you
++plan to use gpg-agent's ssh-agent emulation.
++
++Manual gpg-agent startup and teardown
++=====================================
++
++Any user who wants to launch gpg-agent manually (e.g., to talk to it
++with a tool from outside the GnuPG suite) and is *not* using systemd
++should first ensure that it is launched with:
++
++ gpgconf --launch gpg-agent
++
++If gpg-agent is launched manually or automatically (but not supervised
++by systemd), you probably want to ensure that it terminates when your
++session ends with:
++
++ gpgconf --kill gpg-agent
++
++If you're not using systemd, you may wish to add this to your session
++logout scripts.
++
++ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net>, Mon, 23 Jan 2017 22:56:08 -0500
--- /dev/null
--- /dev/null
++doc/examples/pwpattern.list
++doc/examples/trustlist.txt
--- /dev/null
--- /dev/null
++debian/Xsession.d/90gpg-agent etc/X11/Xsession.d
++debian/systemd-environment-generator/90gpg-agent usr/lib/systemd/user-environment-generators
++debian/tmp/usr/bin/gpg-agent
++debian/tmp/usr/lib/gnupg/gpg-check-pattern
++debian/tmp/usr/lib/gnupg/gpg-preset-passphrase
++debian/tmp/usr/lib/gnupg/gpg-protect-tool
++doc/examples/systemd-user/gpg-agent-browser.socket usr/lib/systemd/user
++doc/examples/systemd-user/gpg-agent-extra.socket usr/lib/systemd/user
++doc/examples/systemd-user/gpg-agent-ssh.socket usr/lib/systemd/user
++doc/examples/systemd-user/gpg-agent.service usr/lib/systemd/user
++doc/examples/systemd-user/gpg-agent.socket usr/lib/systemd/user
--- /dev/null
--- /dev/null
++usr/lib/gnupg/gpg-preset-passphrase usr/lib/gnupg2/gpg-preset-passphrase
++usr/lib/gnupg/gpg-protect-tool usr/lib/gnupg2/gpg-protect-tool
++usr/lib/systemd/user/gpg-agent-browser.socket usr/lib/systemd/user/sockets.target.wants/gpg-agent-browser.socket
++usr/lib/systemd/user/gpg-agent-extra.socket usr/lib/systemd/user/sockets.target.wants/gpg-agent-extra.socket
++usr/lib/systemd/user/gpg-agent-ssh.socket usr/lib/systemd/user/sockets.target.wants/gpg-agent-ssh.socket
++usr/lib/systemd/user/gpg-agent.socket usr/lib/systemd/user/sockets.target.wants/gpg-agent.socket
--- /dev/null
--- /dev/null
++^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Listening on GnuPG cryptographic agent and passphrase cache\.$
++^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Listening on GnuPG network certificate management daemon\.$
++^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Listening on GnuPG cryptographic agent and passphrase cache \(restricted\)\.$
++^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Listening on GnuPG cryptographic agent \(access for web browsers\)\.$
++^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Listening on GnuPG cryptographic agent \(ssh-agent emulation\)\.$
++^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Closed GnuPG network certificate management daemon\.$
++^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Closed GnuPG cryptographic agent and passphrase cache\.$
++^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Closed GnuPG cryptographic agent and passphrase cache \(restricted\)\.$
++^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Closed GnuPG cryptographic agent \(ssh-agent emulation\)\.$
++^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ systemd\[[[:digit:]]+\]: Closed GnuPG cryptographic agent \(access for web browsers\)\.$
++
--- /dev/null
--- /dev/null
++debian/gpg-check-pattern.1
++debian/tmp/usr/share/man/man1/gpg-agent.1
++debian/tmp/usr/share/man/man1/gpg-preset-passphrase.1
--- /dev/null
--- /dev/null
++.TH GPG-CHECK-PATTERN "1" "March 2016" "gpg-check-pattern (GnuPG) 2.1.11" "User Commands"
++
++.SH NAME
++gpg-check-pattern \- Check a passphrase on stdin against the patternfile
++
++.SH SYNOPSIS
++.B gpg\-check\-pattern
++.RI [ options ]
++.I patternfile
++
++.SH DESCRIPTION
++.B gpg\-check\-pattern
++checks a passphrase given on stdin against a specified patternfile.
++
++.SH OPTIONS
++.TP
++.BR \-v ", " \-\-verbose
++Produce verbose output
++.TP
++.B \-\-check
++run only a syntax check on the patternfile
++.TP
++.BR \-0 ", " \-\-null
++input is expected to be null delimited
++.PP
++Please report bugs to <https://dev.gnupg.org>.
++
++.SH COPYRIGHT
++Copyright \(co 2016 Free Software Foundation, Inc.
++License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
++
++This is free software: you are free to change and redistribute it.
++There is NO WARRANTY, to the extent permitted by law.
++
++This manpage was written by \fBDaniel Kahn Gillmor\fR for the Debian
++distribution (but may be used by others).
--- /dev/null
--- /dev/null
++.TH GPG\-WKS\-CLIENT "1" "May 2017" "gpg-wks-client (GnuPG) 2.1.20" "User Commands"
++
++.SH NAME
++gpg\-wks\-client \- Client for the Web Key Service
++
++.SH SYNOPSIS
++.B gpg\-wks\-client
++.RB [ COMMAND ]
++.RB [ OPTIONS ]
++.RB [ ARGS ]
++
++.SH DESCRIPTION
++.B gpg\-wks\-client
++is a simple command line client for the Web Key Service. The executable
++is usually located in /usr/lib/gnupg.
++.
++It allows a user to create a publication request and to respond to a
++received confirmation request. Communication with the Web Key Service
++is done via email.
++.
++It also can lookup the fingerprint of a USER\-ID in the Web Key
++Directory.
++
++.SH COMMANDS
++.TP
++.B \-\-supported USER\-ID
++Check whether provider of the given USER\-ID supports the Web Key
++Service protocol, i.e. whether it has a Web Key Directory providing a
++submission address.
++.IP
++Similar to:
++.IP
++.nf
++.RS 12
++gpg\-connect\-agent \-\-dirmngr 'WKD_GET \-\-submission\-address \-\- USER\-ID' /bye
++.RE
++.fi
++.TP
++.B \-\-check USER\-ID
++Check whether a key is available, and whether the listed key is valid
++for the requested USER\-ID.
++.
++You might want to use
++.IP
++.nf
++.RS 12
++gpg \-v \-\-auto\-key\-locate=clear,wkd,nodefault \-\-locate\-key USER\-ID
++.RE
++.fi
++.IP
++instead.
++.TP
++.B \-\-create FINGERPRINT USER\-ID
++Create a publication request for the USER\-ID in the key with the given
++FINGERPRINT. List all possible keys (including the fingerprint) for a
++USER\-ID with:
++.IP
++.nf
++.RS 12
++gpg --list-key USER\-ID
++.RE
++.fi
++.IP
++By default the publication request will be printed to STDOUT. You can
++also write it to a file using the
++.B \-\-output
++option or send it using sendmail with the
++.B \-\-send
++option.
++.TP
++.B \-\-receive
++Receive a MIME confirmation request on STDIN and acknowledge it.
++.IP
++By default the confirmation response will be printed to STDOUT. You can
++also write it to a file using the
++.B \-\-output
++option or send it using sendmail with the
++.B \-\-send
++option.
++.TP
++.B \-\-read
++Receive a plain text confirmation request. Similar to
++.BR \-\-receive ,
++but takes only the message body on STDIN.
++.TP
++.B \-\-version
++Show program version and some meta information.
++.TP
++.BR \-h ", " \-\-help
++Output a short usage information.
++.TP
++.B \-\-warranty
++Print warranty information.
++.TP
++.B \-\-dump-options
++Dump all available options and commands.
++
++.SH OPTIONS
++.TP
++.BR \-v ", " \-\-verbose
++Enable verbose output.
++.TP
++.BR \-q ", " \-\-quiet
++Be somewhat more quiet.
++.TP
++.B \-\-send
++Send the mail using sendmail.
++.TP
++.BR \-o ", " \-\-output " \fIFILE\fR"
++Write the mail to FILE.
++.TP
++.BI \-\-status\-fd " FD"
++Write status info to this FD.
++.TP
++.B \-\-debug
++Set debugging flags. All flags are or-ed and flags may be given in C
++syntax (e.g. 0x0042) or as a comma separated list of flag names. To get
++a list of all supported flags the single word "help" can be used.
++.TP
++.BI \-\-gpg " GPG"
++Use the specified command instead of
++.BR gpg .
++.TP
++.BI \-\-fake\-submission\-addr " MAILADDR"
++Send mail to MAILADDR instead of the submission address queried through
++Web Key Service.
++
++.SH EXAMPLES
++.SS Send a publication request
++First find the fingerprint (a long string of hex digits) of the key you
++want to publish:
++.P
++.nf
++.RS 4
++gpg \-\-list\-key "Alice <alice@example.com>"
++.RE
++.fi
++.P
++Now create and send the publication request:
++.P
++.nf
++.RS 4
++/usr/lib/gnupg/gpg\-wks\-client \-\-create \-\-send 0123456789ABCDEF0123456789ABCDEF01234567 "Alice <alice@example.com>"
++.RE
++.fi
++.P
++Instead of \fI"Alice <alice@example.com>"\fR you can also just give \fIalice@example.com\fR.
++.P
++.SS Confirm a confirmation request
++Paste the full mail containing the confirmation request (including
++headers) you got from the Web Key Service on STDIN after starting:
++.P
++.nf
++.RS 4
++/usr/lib/gnupg/gpg\-wks\-client \-\-receive \-\-send
++.RE
++.fi
++
++.SH SEE ALSO
++.IP \(em 4
++Latest draft for the protocol:
++<https://tools.ietf.org/html/draft-koch-openpgp-webkey-service>
++.IP \(em 4
++GnuPG on Web Key Service:
++<https://wiki.gnupg.org/WKS>
++
++.SH BUGS
++Please report bugs to <https://dev.gnupg.org>.
++
++.SH COPYRIGHT
++Copyright \(co 2017 Free Software Foundation, Inc.
++License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
++
++This is free software: you are free to change and redistribute it.
++There is NO WARRANTY, to the extent permitted by law.
++
++This manpage was written by \fBStefan Bühler\fR for the Debian
++distribution (but may be used by others).
--- /dev/null
--- /dev/null
++debian/tmp/usr/lib/gnupg/gpg-wks-client
--- /dev/null
--- /dev/null
++debian/gpg-wks-client.1
--- /dev/null
--- /dev/null
++.TH GPG\-WKS\-SERVER "1" "May 2017" "gpg-wks-server (GnuPG) 2.1.20" "User Commands"
++
++.SH NAME
++gpg\-wks\-server \- Server for the Web Key Service
++
++.SH SYNOPSIS
++.B gpg\-wks\-server
++.RB [ COMMAND ]
++.RB [ OPTIONS ]
++.RB [ ARGS ]
++
++.SH DESCRIPTION
++.B gpg\-wks\-server
++is a server for the Web Key Service. It can handle incoming mails with
++the
++.B \-\-receive
++command.
++.P
++See the EXAMPLES section for procmail and crontab configurations.
++.P
++You also need a webserver configured to alias requests to
++.I /.well\-known/openpgp/
++and below to the
++.I /var/lib/gnupg/wks/<wkd-domain>/
++directory.
++
++.SH COMMANDS
++.TP
++.B \-\-receive
++Receive a submission or confirmation.
++.TP
++.B \-\-cron
++Run regular jobs.
++.TP
++.B \-\-list\-domains
++List configured domains, and checks some file and directory permissions.
++.TP
++.B \-\-version
++Show program version and some meta information.
++.TP
++.BR \-h ", " \-\-help
++Output a short usage information.
++.TP
++.B \-\-warranty
++Print warranty information.
++.TP
++.B \-\-dump-options
++Dump all available options and commands.
++
++.SH OPTIONS
++.TP
++.BR \-v ", " \-\-verbose
++Enable verbose output.
++.TP
++.BR \-q ", " \-\-quiet
++Be somewhat more quiet.
++.TP
++.B \-\-send
++Send the mail using sendmail.
++.TP
++.BR \-o ", " \-\-output " \fIFILE\fR"
++Write the mail to FILE.
++.TP
++.BI \-\-from " ADDR"
++Use ADDR as the default sender.
++.TP
++.BI \-\-header " NAME=VALUE"
++Add "NAME: VALUE" as header to all mails.
++.IP
++Can be used to add a header for loop detections, see procmail example.
++.TP
++.B \-\-debug
++Set debugging flags. All flags are or-ed and flags may be given in C
++syntax (e.g. 0x0042) or as a comma separated list of flag names. To get
++a list of all supported flags the single word "help" can be used.
++.TP
++.BI \-\-gpg " GPG"
++Use the specified command instead of
++.BR gpg .
++
++.SH DIRECTORIES
++.TP
++.B /var/lib/gnupg/wks/
++Contains a subdirectory for each domain to run the server for. Each
++subdirectory is supposed to contain what should show up on
++.BR https://.../.well\-known/openpgp/ .
++.IP
++The user running
++.B gpg\-wks\-server
++needs write access to these subdirectories.
++
++.SH EXAMPLES
++.SS ~/.procmailrc
++Store received emails in
++.B ~/Mail/
++(create it manually first), uses \fIFrom: key\-submission@example.com\fR and
++\fIX\-WKS\-Loop: example.com\fR as loop detection:
++.P
++.nf
++.RS 4
++MAILDIR=$HOME/Mail
++LOGFILE=$HOME/Mail/from
++LOCKFILE=$HOME/Mail/.lockmail
++VERBOSE=yes
++
++# filter out FROM_DAEMON mails (bounces, ...) into separate mailbox
++:0
++* ^FROM_DAEMON
++from\-daemon/
++
++# archive (copy!) all "normal" mails
++:0 c
++archive/
++
++# if not in a loop: handle mails with gpg\-wks\-server
++:0 w
++* !^From: key\-submission@example.com
++* !^X\-WKS\-Loop: example.com
++|gpg\-wks\-server \-v \-\-receive \\
++ \-\-header X\-WKS\-Loop=example.com \\
++ \-\-from key\-submission@example.com \-\-send
++
++# if handling failed: store in separate mailbox
++:0 e
++cruft/
++.RE
++.fi
++
++.SS ~/.forward
++In case procmail is not used automatically the following
++.B ~/.forward
++file might be useful:
++.P
++.nf
++.RS 4
++"|exec /usr/bin/procmail || exit 75"
++.RE
++.fi
++.P
++The double quotes are supposed to be included in the file!
++
++.SS crontab
++You should run the
++.B \-\-cron
++command once a day. Edit the crontab with
++.P
++.nf
++.RS 4
++crontab \-e
++.RE
++.fi
++.P
++and append the following line:
++.P
++.nf
++.RS 4
++42 3 * * * gpg\-wks\-server \-\-cron
++.RE
++.fi
++
++.SH SEE ALSO
++.IP \(em 4
++Latest draft for the Web Key Service protocol:
++<https://tools.ietf.org/html/draft-koch-openpgp-webkey-service>
++.IP \(em 4
++GnuPG on Web Key Service:
++<https://wiki.gnupg.org/WKS>
++
++.SH BUGS
++Please report bugs to <https://dev.gnupg.org>.
++
++.SH COPYRIGHT
++Copyright \(co 2017 Free Software Foundation, Inc.
++License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
++
++This is free software: you are free to change and redistribute it.
++There is NO WARRANTY, to the extent permitted by law.
++
++This manpage was written by \fBStefan Bühler\fR for the Debian
++distribution (but may be used by others).
--- /dev/null
--- /dev/null
++debian/tmp/usr/bin/gpg-wks-server
--- /dev/null
--- /dev/null
++debian/gpg-wks-server.1
--- /dev/null
--- /dev/null
++.TH "GPG\-ZIP" 1 "November 2006"
++
++.SH NAME
++gpg\-zip \- encrypt or sign files into an archive
++
++.SH SYNOPSIS
++.B gpg\-zip
++.RB [ OPTIONS ]
++.IR filename1 " [" "filename2, ..." ]
++.IR directory1 " [" "directory2, ..." ]
++
++.SH DESCRIPTION
++This manual page documents briefly the
++.B gpg\-zip
++command.
++.PP
++.B gpg\-zip
++IS DEPRECATED. PLEASE USE gpgtar(1) instead.
++.PP
++.B gpg\-zip
++encrypts or signs files into an archive. It is an gpg-ized tar using the
++same format as PGP's PGP Zip.
++
++.SH OPTIONS
++.TP
++.BR \-e ", " \-\-encrypt
++Encrypt data. This option may be combined with
++.B \-\-symmetric
++(for output that may be decrypted via a secret key or a passphrase).
++.TP
++.BR \-d ", " \-\-decrypt
++Decrypt data.
++.TP
++.BR \-c ", " \-\-symmetric
++Encrypt with a symmetric cipher using a passphrase. The default
++symmetric cipher used is CAST5, but may be chosen with the
++.B \-\-cipher\-algo
++option to
++.BR gpg (1).
++.TP
++.BR \-s ", " \-\-sign
++Make a signature. See
++.BR gpg (1).
++.TP
++.BR \-r ", " \-\-recipient " \fIUSER\fR"
++Encrypt for user id \fIUSER\fR. See
++.BR gpg (1).
++.TP
++.BR \-u ", " \-\-local\-user " \fIUSER\fR"
++Use \fIUSER\fR as the key to sign with. See
++.BR gpg (1).
++.TP
++.B \-\-list\-archive
++List the contents of the specified archive.
++.TP
++.BR \-o ", " \-\-output " " \fIFILE\fR"
++Write output to specified file
++.IR FILE .
++.TP
++.BI \-\-gpg " GPG"
++Use the specified command instead of
++.BR gpg .
++.TP
++.BI \-\-gpg\-args " ARGS"
++Pass the specified options to
++.BR gpg (1).
++.TP
++.BI \-\-tar " TAR"
++Use the specified command instead of
++.BR tar .
++.TP
++.BI \-\-tar\-args " ARGS"
++Pass the specified options to
++.BR tar (1).
++.TP
++.BR \-h ", " \-\-help
++Output a short usage information.
++.TP
++.B \-\-version
++Output the program version.
++
++.SH DIAGNOSTICS
++The program returns \fB0\fR if everything was fine, \fB1\fR otherwise.
++
++.SH EXAMPLES
++Encrypt the contents of directory \fImydocs\fR for user Bob to file \fItest1\fR:
++.IP
++.B gpg\-zip \-\-encrypt \-\-output test1 \-\-gpg-args ""\-r Bob"" mydocs
++.PP
++List the contents of archive \fItest1\fR:
++.IP
++.B gpg\-zip \-\-list\-archive test1
++
++.SH SEE ALSO
++.BR gpg (1),
++.BR gpgtar (1),
++.BR tar (1)
++
++.SH AUTHOR
++Copyright (C) 2005 Free Software Foundation, Inc. Please report bugs to
++<\&bug-gnupg@gnu.org\&>.
++
++This manpage was written by \fBColin Tuckley\fR <\&colin@tuckley.org\&>
++and \fBDaniel Leidert\fR <\&daniel.leidert@wgdd.de\&> for the Debian
++distribution (but may be used by others).
++
--- /dev/null
--- /dev/null
++debian/tmp/usr/bin/gpg
--- /dev/null
--- /dev/null
++debian/tmp/usr/share/man/man1/gpg.1
--- /dev/null
--- /dev/null
++.TH "gpgcompose" 1 "June 2017"
++
++.SH NAME
++gpgcompose \- Generate a stream of OpenPGP packets
++
++.SH SYNOPSIS
++.B gpgcompose
++.RI [[ OPTION
++.RI [ ARGS ]]
++\&... ]
++
++.B gpgcompose --help
++
++.B gpgcompose
++.I OPTION
++.B --help
++
++.SH DESCRIPTION
++.B gpgcompose
++generates a stream of OpenPGP packets, including some which can
++include other nested packets within a layer of encryption. The syntax
++on the command line isn't stable enough to document currently, but
++additional hints and examples can be found from the command line using
++.BR \-\-help .
++
++.SH EXTERNAL DEPENDENCIES
++
++.B gpgcompose
++is not capable of performing secret key operations on its own.
++Creation of any OpenPGP object that requires secret key operations
++(e.g.,
++.BR \-\-signature )
++will need to speak to an already-running
++.BR gpg-agent .
++
++.SH FILES
++
++Occasionally,
++.B gpgcompose
++will need to look up existing public keys for reference (e.g.,
++.BR \-\-public-key ).
++It will do so in
++.BR ~/.gnupg/keyring.kbx,
++or in
++.B $GNUPGHOME/keyring.kbx
++if that variable is set.
++
++.SH SEE ALSO
++
++RFC 4880, gpg(1), gpg-agent(1), gpg-connect-agent(1)
++
++.SH AUTHOR
++gpgcompose is copyright (C) 2016, g10 Code GmbH.
++
++This manpage was written by Daniel Kahn Gillmor <dkg@fifthhorseman.net>.
++
--- /dev/null
--- /dev/null
++doc/examples/gpgconf.conf
--- /dev/null
--- /dev/null
++debian/tmp/usr/bin/gpg-connect-agent
++debian/tmp/usr/bin/gpgconf
++debian/tmp/usr/share/gnupg/distsigkey.gpg
--- /dev/null
--- /dev/null
++debian/tmp/usr/share/man/man1/gpg-connect-agent.1
++debian/tmp/usr/share/man/man1/gpgconf.1
--- /dev/null
--- /dev/null
++debian/tmp/usr/bin/gpgsm
--- /dev/null
--- /dev/null
++debian/tmp/usr/share/man/man1/gpgsm.1
--- /dev/null
--- /dev/null
++.TH "gpgsplit" 1 "December 2005"
++
++.SH NAME
++gpgsplit \- Split an OpenPGP message into packets
++
++.SH SYNOPSIS
++.B gpgsplit
++.RI [ OPTIONS ]
++.RI [ FILES ]
++
++.SH DESCRIPTION
++This manual page documents briefly the
++.B gpgsplit
++command.
++.PP
++.B gpgsplit
++splits an OpenPGP message into packets.
++
++.SH OPTIONS
++.TP
++.BR \-v , \-\-verbose
++Verbose.
++.TP
++.BR \-p , "\-\-prefix " \fISTRING\fR
++Prepend filenames with \fISTRING\fR.
++.TP
++.B \-\-uncompress
++Uncompress a packet.
++.TP
++.B \-\-secret\-to\-public
++Convert secret keys to public keys.
++.TP
++.B \-\-no\-split
++Write to stdout and don't actually split.
++
++.SH AUTHOR
++Copyright (C) 2002 Free Software Foundation, Inc. Please report bugs to
++<bug-gnupg@gnu.org>.
++
++This manpage was written by Francois Wendling <frwendling@free.fr>.
++
--- /dev/null
--- /dev/null
++.TH GPGV-STATIC "1" "November 2016" "GnuPG" "Gnu Privacy Guard 2.1"
++
++.SH NAME
++gpgv-static - Verify OpenPGP signatures (static build)
++
++.SH SYNOPSIS
++.B gpgv-static [\fIoptions\fP] \fIsigned_files\fP
++
++.SH DESCRIPTION
++\fBgpgv\fR is an OpenPGP signature verification tool.
++
++\fBgpgv-static\fR is \fBgpgv\fR built statically so that it can be
++directly used on any platform that is running on the Linux kernel,
++such as Android, ChromeOS, or many embedded Linux systems.
++
++This version of \fBgpgv\fR in combination with \fBdebootstrap\fR and
++the Debian archive keyring allows the secure creation of chroot
++installs on these platforms by using the full Debian signature
++verification that is present in all official Debian mirrors.
++
++You may wish to re-name the binary to plain \fBgpgv\fR when
++transferring it into such a platform to create a chroot.
++
++Please read the documentation for \fBgpgv\fR for more details.
++
++.SH SEE ALSO
++\fBgpg\fR(1)
++
++.SH AUTHOR
++This manual page was written by Daniel Kahn Gillmor
++<dkg@fifthhorseman.net> for the Debian project, but may be used by
++others under the same license as GnuPG itself.
--- /dev/null
--- /dev/null
++build-gpgv-static/g10/gpgv-static usr/bin/
--- /dev/null
--- /dev/null
++# gpgv-static is deliberately built statically. We cannot avoid
++# embedding zlib.
++gpgv-static: embedded-library usr/bin/gpgv-static: zlib
--- /dev/null
--- /dev/null
++debian/gpgv-static.1
--- /dev/null
--- /dev/null
++build-gpgv-udeb/g10/gpgv usr/bin/
--- /dev/null
--- /dev/null
++build-gpgv-win32/g10/gpgv.exe usr/share/win32
--- /dev/null
--- /dev/null
++debian/tmp/usr/bin/gpgv
--- /dev/null
--- /dev/null
++debian/tmp/usr/share/man/man1/gpgv.1
--- /dev/null
--- /dev/null
++usr/bin/gpgv usr/bin/gpgv2
++usr/share/man/man1/gpgv.1.gz usr/share/man/man1/gpgv2.1.gz
--- /dev/null
--- /dev/null
++.TH KBXUTIL "1" "March 2016" "kbxutil (GnuPG) 2.1.11" "User Commands"
++
++.SH NAME
++kbxutil \- List, export, import Keybox data
++
++.SH SYNOPSIS
++.B kbxutil
++.RB [ OPTIONS ]
++.RB [ FILES ]
++
++.SH DESCRIPTION
++List, export, import Keybox data
++
++.SH COMMANDS
++.TP
++.B \-\-stats
++show key statistics
++.TP
++.B \-\-import\-openpgp
++import OpenPGP keyblocks
++.TP
++.B \-\-find\-dups
++find duplicates
++.TP
++.B \-\-cut
++export records
++
++.SH OPTIONS
++.TP
++.BI \-\-from " N"
++first record to export
++.TP
++.BI \-\-to " N"
++last record to export
++.TP
++.BR \-v ", " \-\-verbose
++verbose
++.TP
++.BR \-q ", " \-\-quiet
++be somewhat more quiet
++.TP
++.BR \-n ", " \-\-dry\-run
++do not make any changes
++.TP
++.B \-\-debug
++set debugging flags
++.TP
++.B \-\-debug\-all
++enable full debugging
++
++.SH BUGS
++Please report bugs to <https://dev.gnupg.org>.
++
++.SH COPYRIGHT
++Copyright \(co 2016 Free Software Foundation, Inc.
++License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
++
++This is free software: you are free to change and redistribute it.
++There is NO WARRANTY, to the extent permitted by law.
++
++This manpage was written by \fBDaniel Kahn Gillmor\fR for the Debian
++distribution (but may be used by others).
--- /dev/null
--- /dev/null
++.TH "lspgpot" 1 "December 2005"
++
++.SH NAME
++lspgpot - extracts the ownertrust values from PGP keyrings and list them in
++GnuPG ownertrust format.
++
++
++.SH SYNOPSIS
++.B lspgpot
++
++
++.SH DESCRIPTION
++.B lspgpot
++extracts the ownertrust values from PGP keyrings and list them in
++GnuPG ownertrust format.
++
++.SH AUTHOR
++Copyright (C) 2002 Free Software Foundation, Inc. Please report bugs to
++<bug-gnupg@gnu.org>.
++
++This manpage was written by Francois Wendling <frwendling@free.fr>.
++
--- /dev/null
--- /dev/null
++#!/bin/bash
++
++# script to migrate fully from pubring.gpg to pubring.kbx
++
++# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++# Date: 2016-04-01
++# License: GPLv3+
++
++# This was written for the Debian project
++
++set -e
++
++GPG="${GPG:-gpg}"
++
++# select the default GnuPG home directory to work from:
++GHD=${GNUPGHOME:-${HOME:-$(getent passwd "$(id -u)" | cut -f6 -d:)}/.gnupg}
++
++# Check that this is gnupg 2.1 or 2.2:
++VERSION=$("$GPG" --version | head -n1 | cut -f3 -d\ | cut -f1,2 -d.)
++if [ "$VERSION" != 2.1 ] && [ "$VERSION" != 2.2 ] ; then
++ printf '%s is version %s not version 2.1 or 2.2, this script might be wrong\n' "$GPG" "$VERSION" >&2
++ exit 1
++fi
++
++usage() {
++ printf 'Usage: %s [GPGHOMEDIR|--default]
++\tMigrate public keyring in GPGHOMEDIR from "classic" to "modern" GnuPG
++\tusing %s version %s.
++
++\t--default migrates the GnuPG home directory at "%s"
++' "$0" "$GPG" "$VERSION" "$GHD"
++}
++
++if [ -z "$1" ]; then
++ usage >&2
++ exit 1
++else
++ case "$1" in
++ --help|--usage|-h)
++ usage
++ exit
++ ;;
++ --default)
++ ;;
++ *)
++ GHD="$1"
++ ;;
++ esac
++fi
++
++GPG=("$GPG" --homedir "$GHD" --batch)
++
++# ensure that there is a pubring.gpg to migrate:
++if ! [ -f "$GHD/pubring.gpg" ]; then
++ printf 'There is no %s/pubring.gpg, no need to migrate\n' "$GHD" >&2
++ exit
++fi
++if ! [ -s "$GHD/pubring.gpg" ]; then
++ mv -- "$GHD/pubring.gpg" "$GHD/pubring.gpg.empty"
++ printf '%s/pubring.gpg was empty (and has been moved out of the way), no need to migrate\n' "$GHD" >&2
++ exit
++fi
++
++BACKUP="$(mktemp -d "$GHD/migrate-from-classic-backup.$(date +%F).XXXXXX")"
++printf 'Migrating from:\n%s\n[Backing up to %s]\n' "$(ls -l "$GHD/pubring.gpg")" "$BACKUP" >&2
++
++"${GPG[@]}" --export-ownertrust > "$BACKUP/ownertrust.txt"
++mv "$GHD/pubring.gpg" "$BACKUP/"
++
++revert() {
++ printf >&2 'Restoring pubring.gpg...\n'
++ cp "$BACKUP/pubring.gpg" "$GHD/pubring.gpg"
++}
++
++trap revert EXIT
++
++if ! "${GPG[@]}" --status-file "$BACKUP/import-status" --import-options import-local-sigs,keep-ownertrust,repair-pks-subkey-bug --import < "$BACKUP/pubring.gpg" ; then
++ cat >&2 <<EOF
++Keyring import was not completely successful (see error message above,
++and the LIMITATIONS section of migrate-pubring-from-classic-gpg(1) for
++more details).
++
++If you suspect a bug in the migration script, please use:
++
++ reportbug gnupg-utils --subject='migrate-pubring-from-classic-gpg partial failure'
++
++And include the above output (redacted for privacy as needed) in the
++body of the report.
++
++Continuing with the rest of the migration anyway...
++EOF
++fi
++"${GPG[@]}" --import-ownertrust < "$BACKUP/ownertrust.txt"
++"${GPG[@]}" --check-trustdb
++
++if ! [ -f "$GHD/pubring.kbx" ]; then
++ cat >&2 <<EOF
++No keybox was created at $GHD/pubring.kbx. Something went wrong!
++
++Please report a bug in the migration script, using:
++
++ reportbug gnupg-utils --subject='migrate-pubring-from-classic-gpg no pubring.kbx ($BACKUP)'
++EOF
++ exit 1
++fi
++trap - EXIT
++
++printf 'Migration completed successfully:\n%s\n' "$(ls -l "$GHD/pubring.kbx")" >&2
--- /dev/null
--- /dev/null
++.TH "MIGRATE-PUBRING-FROM-CLASSIC-GPG" 1 "April 2016"
++
++.SH NAME
++migrate\-pubring\-from\-classic\-gpg \- Migrate a public keyring from "classic" to "modern" GnuPG
++
++.SH SYNOPSIS
++.B migrate\-pubring\-from\-classic\-gpg
++.RB "[ " GPGHOMEDIR " | "
++.IR \-\-default " ]"
++
++.SH DESCRIPTION
++
++.B migrate\-pubring\-from\-classic\-gpg
++migrates the public keyring in GnuPG home directory GPGHOMEDIR from
++the "classic" keyring format (pubring.gpg) to the "modern" keybox format using GnuPG
++versions 2.1 or 2.2 (pubring.kbx).
++
++Specifying
++.B \-\-default
++selects the standard GnuPG home directory (looking at $GNUPGHOME
++first, and falling back to ~/.gnupg if unset.
++
++.SH OPTIONS
++.BR \-h ", " \-\-help ", " \-\-usage
++Output a short usage information.
++
++.SH DIAGNOSTICS
++The program sends quite a bit of text (perhaps too much) to stderr.
++
++During a migration, the tool backs up several pieces of data in a
++timestamped subdirectory of the GPGHOMEDIR.
++
++.SH LIMITATIONS
++The keybox format rejects a number of OpenPGP certificates that the
++"classic" keyring format used to accept. These filters are defensive,
++since the certificates rejected are unsafe -- either cryptographically
++unsound, or dangerously non-performant. This means that some
++migrations may produce warning messages about the migration being
++incomplete. This is generally a good thing!
++
++Known limitations:
++
++.B Flooded certificates
++.RS 4
++Some OpenPGP certificates have been flooded with bogus certifications
++as part of an attack on the SKS keyserver network (see
++https://tools.ietf.org/html/draft-dkg-openpgp-abuse-resistant-keystore-03#section-2.1).
++
++The keybox format rejects import of any OpenPGP certificate larger
++than 5MiB. As of GnuPG 2.2.17, if gpg encounters such a flooded
++certificate will retry the import while stripping all third-party
++certifications (see "self-sigs-only" in gpg(1)).
++
++The typical error message when migrating a keyring with a flooded
++certificate will be something like:
++
++.RE
++.RS 8
++error writing keyring 'pubring.kbx': Provided object is too large
++.RE
++
++.B OpenPGPv3 public keys (a.k.a. "PGP-2" keys)
++.RS 4
++Modern OpenPGP implementations use so-called "OpenPGP v4" public keys.
++Older versions of the public key format have serious known problems.
++See https://tools.ietf.org/html/rfc4880#section-5.5.2 for more details
++about and reasons for v3 key deprecation.
++
++The keybox format skips v3 keys entirely during migration, and GnuPG
++will produce a message like:
++
++.RE
++.RS 8
++skipped PGP-2 keys: 1
++.RE
++
++.SH ENVIRONMENT VARIABLES
++
++.B GNUPGHOME
++Selects the GnuPG home directory when set and --default is given.
++
++.B GPG
++The name of the
++.B gpg
++executable (defaults to
++.B gpg
++).
++
++.SH SEE ALSO
++.BR gpg (1)
++
++.SH AUTHOR
++Copyright (C) 2016 Daniel Kahn Gillmor for the Debian project. Please
++report bugs via the Debian BTS.
--- /dev/null
--- /dev/null
++<?xml version="1.0" encoding="UTF-8"?>
++<component>
++ <id>org.gnupg.scdaemon</id>
++ <metadata_license>CC0-1.0</metadata_license>
++ <name>scdaemon</name>
++ <summary>USB SmartCard Readers</summary>
++ <description>
++ <p>
++ GnuPG's scdaemon provides access to USB tokens and smartcard
++ readers that provide cryptographic functionality (e.g. use of
++ protected secret keys).
++ </p>
++ </description>
++ <provides>
++ <modalias>usb:v046Ap0005d*</modalias>
++ <modalias>usb:v046Ap0010d*</modalias>
++ <modalias>usb:v046Ap003Ed*</modalias>
++ <modalias>usb:v04E6p5111d*</modalias>
++ <modalias>usb:v04E6p5115d*</modalias>
++ <modalias>usb:v04E6p5116d*</modalias>
++ <modalias>usb:v04E6p5117d*</modalias>
++ <modalias>usb:v04E6pE001d*</modalias>
++ <modalias>usb:v04E6pE003d*</modalias>
++ <modalias>usb:v076Bp3821d*</modalias>
++ <modalias>usb:v076Bp6622d*</modalias>
++ <modalias>usb:v08E6p3437d*</modalias>
++ <modalias>usb:v08E6p3438d*</modalias>
++ <modalias>usb:v08E6p3478d*</modalias>
++ <modalias>usb:v08E6p34C2d*</modalias>
++ <modalias>usb:v08E6p34ECd*</modalias>
++ <modalias>usb:v0C4Bp0500d*</modalias>
++ <modalias>usb:v0D46p2012d*</modalias>
++ <modalias>usb:v1050p0111d*</modalias>
++ <modalias>usb:v1050p0112d*</modalias>
++ <modalias>usb:v1050p0115d*</modalias>
++ <modalias>usb:v1050p0116d*</modalias>
++ <modalias>usb:v1050p0404d*</modalias>
++ <modalias>usb:v1050p0405d*</modalias>
++ <modalias>usb:v1050p0406d*</modalias>
++ <modalias>usb:v1050p0407d*</modalias>
++ <modalias>usb:v1A44p0920d*</modalias>
++ <modalias>usb:v1FC9p81E6d*</modalias>
++ <modalias>usb:v20A0p4107d*</modalias>
++ <modalias>usb:v20A0p4108d*</modalias>
++ <modalias>usb:v20A0p4109d*</modalias>
++ <modalias>usb:v20A0p4211d*</modalias>
++ <modalias>usb:v234Bp0000d*</modalias>
++ <modalias>usb:v058Fp9540d*</modalias>
++ <modalias>usb:v0BF8p1006d*</modalias>
++ </provides>
++</component>
--- /dev/null
--- /dev/null
++#!/usr/bin/dot
++
++# interrelationships between binary packages produced by gnupg2 source
++# package:
++
++# it would be good to graph the external dependencies as well.
++
++digraph gnupg2 {
++ # odd-duck packages:
++ node [shape=box];
++ gpgv_udeb [label="gpgv-udeb"];
++ gpgv_static [label="gpgv-static"];
++ gpgv_win32 [label="gpgv-win32"];
++
++ # meta-packages, transitional packages:
++ node [shape=diamond];
++ gnupg_agent [label="gnupg-agent"];
++ gnupg;
++ gnupg2;
++ gpgv2;
++
++
++ node [shape=ellipse];
++ gpg_agent [label="gpg-agent"];
++ gpg_wks_server [label="gpg-wks-server"];
++ gpg_wks_client [label="gpg-wks-client"];
++ gnupg_l10n [label="gnupg-l10n"];
++ gnupg_utils [label="gnupg-utils"];
++
++
++ # depends:
++ edge [color=black];
++ gnupg_agent -> gpg_agent;
++ gpg_agent -> gpgconf;
++ gpg_wks_server -> gpg;
++ gpg_wks_server -> gpg_agent;
++ gpg_wks_client -> gpg;
++ gpg_wks_client -> gpg_agent;
++ gpg_wks_client -> dirmngr;
++ scdaemon -> gpg_agent;
++ gpgsm -> gpgconf;
++ gpg -> gpgconf;
++ gnupg -> dirmngr;
++ gnupg -> gnupg_l10n;
++ gnupg -> gnupg_utils;
++ gnupg -> gpg;
++ gnupg -> gpg_agent;
++ gnupg -> gpg_wks_client;
++ gnupg -> gpg_wks_server;
++ gnupg -> gpgsm;
++ gnupg -> gpgv;
++ gnupg2 -> gnupg;
++ gpgv2 -> gpgv;
++ dirmngr -> gpgconf;
++
++
++ # recommends:
++ edge [color=red];
++ gpg_agent -> gnupg;
++ gpg_wks_server -> gnupg;
++ gpg_wks_client -> gnupg;
++ gpgsm -> gnupg;
++ gpg -> gnupg;
++ dirmngr -> gnupg;
++ gnupg_utils -> gpg;
++ gnupg_utils -> gpg_agent;
++ gnupg_utils -> gpgconf;
++ gnupg_utils -> gpgsm;
++
++ # suggests:
++ edge [color=blue];
++ gpgv -> gnupg;
++}
--- /dev/null
--- /dev/null
++From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Date: Sun, 18 Nov 2018 17:29:52 -0500
++Subject: Make gpg-zip use tar from $PATH
++
++Apparently there is no clean way to configure this from ./configure,
++and upstream is deprecating gpg-zip anyway. So just force-set tar to
++be manually "tar" (meaning, that we should look in the $PATH at
++runtime).
++
++See also https://dev.gnupg.org/T4251 and https://bugs.debian.org/913582
++---
++ tools/gpg-zip.in | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/tools/gpg-zip.in b/tools/gpg-zip.in
++index 9047e36..3821f3a 100644
++--- a/tools/gpg-zip.in
+++++ b/tools/gpg-zip.in
++@@ -23,7 +23,7 @@
++ # the GNU or POSIX variant of USTAR.
++
++ VERSION=@VERSION@
++-TAR=@TAR@
+++TAR=tar
++ GPG=gpg
++
++ usage="\
--- /dev/null
--- /dev/null
++From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Date: Tue, 11 Aug 2015 20:28:26 -0400
++Subject: Avoid simple memory dumps via ptrace
++
++This avoids needing to setgid gpg-agent. It probably doesn't defend
++against all possible attacks, but it defends against one specific (and
++easy) one. If there are other protections we should do them too.
++
++This will make it slightly harder to debug the agent because the
++normal user won't be able to attach gdb to it directly while it runs.
++
++The remaining options for debugging are:
++
++ * launch the agent from gdb directly
++ * connect gdb to a running agent as the superuser
++
++Upstream bug: https://dev.gnupg.org/T1211
++---
++ agent/gpg-agent.c | 8 ++++++++
++ configure.ac | 2 +-
++ scd/scdaemon.c | 9 +++++++++
++ 3 files changed, 18 insertions(+), 1 deletion(-)
++
++diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
++index ffd85d1..591f4fd 100644
++--- a/agent/gpg-agent.c
+++++ b/agent/gpg-agent.c
++@@ -48,6 +48,9 @@
++ # include <signal.h>
++ #endif
++ #include <npth.h>
+++#ifdef HAVE_PRCTL
+++# include <sys/prctl.h>
+++#endif
++
++ #define GNUPG_COMMON_NEED_AFLOCAL
++ #include "agent.h"
++@@ -1013,6 +1016,11 @@ main (int argc, char **argv )
++
++ early_system_init ();
++
+++#if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE)
+++ /* Disable ptrace on Linux without sgid bit */
+++ prctl(PR_SET_DUMPABLE, 0);
+++#endif
+++
++ /* Before we do anything else we save the list of currently open
++ file descriptors and the signal mask. This info is required to
++ do the exec call properly. We don't need it on Windows. */
++diff --git a/configure.ac b/configure.ac
++index 919ab31..b5a72e6 100644
++--- a/configure.ac
+++++ b/configure.ac
++@@ -1395,7 +1395,7 @@ AC_CHECK_FUNCS([atexit canonicalize_file_name clock_gettime ctermid \
++ ftruncate funlockfile getaddrinfo getenv getpagesize \
++ getpwnam getpwuid getrlimit getrusage gettimeofday \
++ gmtime_r inet_ntop inet_pton isascii lstat memicmp \
++- memmove memrchr mmap nl_langinfo pipe raise rand \
+++ memmove memrchr mmap nl_langinfo pipe prctl raise rand \
++ setenv setlocale setrlimit sigaction sigprocmask \
++ stat stpcpy strcasecmp strerror strftime stricmp \
++ strlwr strncasecmp strpbrk strsep strtol strtoul \
++diff --git a/scd/scdaemon.c b/scd/scdaemon.c
++index 8f8a026..e427b9e 100644
++--- a/scd/scdaemon.c
+++++ b/scd/scdaemon.c
++@@ -36,6 +36,9 @@
++ #include <unistd.h>
++ #include <signal.h>
++ #include <npth.h>
+++#ifdef HAVE_PRCTL
+++# include <sys/prctl.h>
+++#endif
++
++ #define GNUPG_COMMON_NEED_AFLOCAL
++ #include "scdaemon.h"
++@@ -438,6 +441,12 @@ main (int argc, char **argv )
++ npth_t pipecon_handler;
++
++ early_system_init ();
+++
+++#if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE)
+++ /* Disable ptrace on Linux without sgid bit */
+++ prctl(PR_SET_DUMPABLE, 0);
+++#endif
+++
++ set_strusage (my_strusage);
++ gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN);
++ /* Please note that we may running SUID(ROOT), so be very CAREFUL
--- /dev/null
--- /dev/null
++From: Debian GnuPG Maintainers <pkg-gnupg-maint@lists.alioth.debian.org>
++Date: Tue, 14 Apr 2015 10:02:31 -0400
++Subject: avoid-beta-warning
++
++avoid self-describing as a beta
++
++Using autoreconf against the source as distributed in tarball form
++invariably results in a package that thinks it's a "beta" package,
++which produces the "THIS IS A DEVELOPMENT VERSION" warning string.
++
++since we use dh_autoreconf, i need this patch to avoid producing
++builds that announce themselves as DEVELOPMENT VERSIONs.
++
++See discussion at:
++
++ http://lists.gnupg.org/pipermail/gnupg-devel/2014-November/029065.html
++---
++ autogen.sh | 6 +++---
++ 1 file changed, 3 insertions(+), 3 deletions(-)
++
++diff --git a/autogen.sh b/autogen.sh
++index b238550..9b86d3f 100755
++--- a/autogen.sh
+++++ b/autogen.sh
++@@ -229,7 +229,7 @@ if [ "$myhost" = "find-version" ]; then
++ esac
++
++ beta=no
++- if [ -e .git ]; then
+++ if false; then
++ ingit=yes
++ tmp=$(git describe --match "${matchstr1}" --long 2>/dev/null)
++ tmp=$(echo "$tmp" | sed s/^"$package"//)
++@@ -245,8 +245,8 @@ if [ "$myhost" = "find-version" ]; then
++ rvd=$((0x$(echo ${rev} | dd bs=1 count=4 2>/dev/null)))
++ else
++ ingit=no
++- beta=yes
++- tmp="-unknown"
+++ beta=no
+++ tmp=""
++ rev="0000000"
++ rvd="0"
++ fi
--- /dev/null
--- /dev/null
++From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Date: Mon, 29 Aug 2016 12:34:42 -0400
++Subject: avoid regenerating defsincdate (use shipped file)
++
++upstream ships doc/defsincdate in its tarballs. but doc/Makefile.am
++tries to rewrite doc/defsincdate if it notices that any of the files
++have been modified more recently, and it does so assuming that we're
++running from a git repo.
++
++However, we'd rather ship the documents cleanly without regenerating
++defsincdate -- we don't have a git repo available (debian builds from
++upstream tarballs) and any changes to the texinfo files (e.g. from
++debian/patches/) might result in different dates on the files than we
++expect after they're applied by dpkg or quilt or whatever, which makes
++the datestamp unreproducible.
++---
++ doc/Makefile.am | 7 -------
++ 1 file changed, 7 deletions(-)
++
++diff --git a/doc/Makefile.am b/doc/Makefile.am
++index d47d83e..c0a81b0 100644
++--- a/doc/Makefile.am
+++++ b/doc/Makefile.am
++@@ -177,13 +177,6 @@ $(myman_pages) gnupg.7 : yat2m-stamp defs.inc
++
++ dist-hook: defsincdate
++
++-defsincdate: $(gnupg_TEXINFOS)
++- : >defsincdate ; \
++- if test -e $(top_srcdir)/.git; then \
++- (cd $(srcdir) && git log -1 --format='%ct' \
++- -- $(gnupg_TEXINFOS) 2>/dev/null) >>defsincdate; \
++- fi
++-
++ defs.inc : defsincdate Makefile mkdefsinc
++ incd="`test -f defsincdate || echo '$(srcdir)/'`defsincdate"; \
++ ./mkdefsinc -C $(srcdir) --date "`cat $$incd 2>/dev/null`" \
--- /dev/null
--- /dev/null
++From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Date: Sun, 20 Nov 2016 23:09:24 -0500
++Subject: dirmngr: Avoid automatically checking upstream swdb.
++
++* dirmngr/dirmngr.c (housekeeping_thread): Avoid automatically
++checking upstream's software database. In Debian, software updates
++should be handled by the distro mechanism, and additional upstream
++checks only confuse the user.
++* doc/dirmngr.texi: document that --allow-version-check does nothing.
++
++Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++---
++ dirmngr/dirmngr.c | 2 --
++ doc/dirmngr.texi | 7 ++++---
++ 2 files changed, 4 insertions(+), 5 deletions(-)
++
++diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c
++index a96cdcf..76843bd 100644
++--- a/dirmngr/dirmngr.c
+++++ b/dirmngr/dirmngr.c
++@@ -1957,8 +1957,6 @@ housekeeping_thread (void *arg)
++ if (network_activity_seen)
++ {
++ network_activity_seen = 0;
++- if (opt.allow_version_check)
++- dirmngr_load_swdb (&ctrlbuf, 0);
++ workqueue_run_global_tasks (&ctrlbuf, 1);
++ }
++ else
++diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi
++index 76be528..742658e 100644
++--- a/doc/dirmngr.texi
+++++ b/doc/dirmngr.texi
++@@ -290,9 +290,10 @@ Set the size of the queue for pending connections. The default is 64.
++ @item --allow-version-check
++ @opindex allow-version-check
++ Allow Dirmngr to connect to @code{https://versions.gnupg.org} to get
++-the list of current software versions. If this option is enabled
++-the list is retrieved in case the local
++-copy does not exist or is older than 5 to 7 days. See the option
+++the list of current software versions.
+++On debian-packaged versions, this option does nothing since software
+++updates should be handled by the distribution.
+++See the option
++ @option{--query-swdb} of the command @command{gpgconf} for more
++ details. Note, that regardless of this option a version check can
++ always be triggered using this command:
--- /dev/null
--- /dev/null
++From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Date: Sat, 29 Oct 2016 02:00:50 -0400
++Subject: dirmngr: Avoid need for hkp housekeeping.
++
++* dirmngr/ks-engine-hkp.c (host_is_alive): New function. Test whether
++host is alive and resurrects it if it has been dead long enough.
++(select_random_host, map_host, ks_hkp_mark_host): Use host_is_alive
++instead of testing hostinfo_t->dead directly.
++(ks_hkp_housekeeping): Remove function, no longer needed.
++* dirmngr/dirmngr.c (housekeeping_thread): Remove call to
++ks_hkp_housekeeping.
++
++--
++
++Rather than resurrecting hosts upon scheduled resurrection times, test
++whether hosts should be resurrected as they're inspected for being
++dead. This removes the need for explicit housekeeping, and makes host
++resurrections happen "just in time", rather than being clustered on
++HOUSEKEEPING_INTERVAL seconds.
++
++Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++---
++ dirmngr/dirmngr.c | 3 ---
++ dirmngr/dirmngr.h | 1 -
++ dirmngr/ks-engine-hkp.c | 72 ++++++++++++++++++++++++-------------------------
++ 3 files changed, 35 insertions(+), 41 deletions(-)
++
++diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c
++index 55c7a49..a96cdcf 100644
++--- a/dirmngr/dirmngr.c
+++++ b/dirmngr/dirmngr.c
++@@ -1938,12 +1938,10 @@ static void *
++ housekeeping_thread (void *arg)
++ {
++ static int sentinel;
++- time_t curtime;
++ struct server_control_s ctrlbuf;
++
++ (void)arg;
++
++- curtime = gnupg_get_time ();
++ if (sentinel)
++ {
++ log_info ("housekeeping is already going on\n");
++@@ -1956,7 +1954,6 @@ housekeeping_thread (void *arg)
++ memset (&ctrlbuf, 0, sizeof ctrlbuf);
++ dirmngr_init_default_ctrl (&ctrlbuf);
++
++- ks_hkp_housekeeping (curtime);
++ if (network_activity_seen)
++ {
++ network_activity_seen = 0;
++diff --git a/dirmngr/dirmngr.h b/dirmngr/dirmngr.h
++index 5189f93..c27f837 100644
++--- a/dirmngr/dirmngr.h
+++++ b/dirmngr/dirmngr.h
++@@ -215,7 +215,6 @@ const char* dirmngr_get_current_socket_name (void);
++ int dirmngr_use_tor (void);
++
++ /*-- Various housekeeping functions. --*/
++-void ks_hkp_housekeeping (time_t curtime);
++ void ks_hkp_reload (void);
++
++
++diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c
++index 801e565..68d2064 100644
++--- a/dirmngr/ks-engine-hkp.c
+++++ b/dirmngr/ks-engine-hkp.c
++@@ -214,6 +214,24 @@ host_in_pool_p (hostinfo_t hi, int tblidx)
++ return 0;
++ }
++
+++static int
+++host_is_alive (hostinfo_t hi, time_t curtime)
+++{
+++ if (!hi)
+++ return 0;
+++ if (!hi->dead)
+++ return 1;
+++ if (!hi->died_at)
+++ return 0; /* manually marked dead */
+++ if (hi->died_at + RESURRECT_INTERVAL <= curtime
+++ || hi->died_at > curtime)
+++ {
+++ hi->dead = 0;
+++ log_info ("resurrected host '%s'", hi->name);
+++ return 1;
+++ }
+++ return 0;
+++}
++
++ /* Select a random host. Consult HI->pool which indices into the global
++ hosttable. Returns index into HI->pool or -1 if no host could be
++@@ -224,13 +242,15 @@ select_random_host (hostinfo_t hi)
++ int *tbl = NULL;
++ size_t tblsize = 0;
++ int pidx, idx;
+++ time_t curtime;
++
+++ curtime = gnupg_get_time ();
++ /* We create a new table so that we randomly select only from
++ currently alive hosts. */
++ for (idx = 0;
++ idx < hi->pool_len && (pidx = hi->pool[idx]) != -1;
++ idx++)
++- if (hosttable[pidx] && !hosttable[pidx]->dead)
+++ if (hosttable[pidx] && host_is_alive (hosttable[pidx], curtime))
++ {
++ tblsize++;
++ tbl = xtryrealloc(tbl, tblsize * sizeof *tbl);
++@@ -458,6 +478,7 @@ map_host (ctrl_t ctrl, const char *name, const char *srvtag, int force_reselect,
++ int is_pool;
++ int new_hosts = 0;
++ char *cname;
+++ time_t curtime;
++
++ *r_host = NULL;
++ if (r_httpflags)
++@@ -484,6 +505,7 @@ map_host (ctrl_t ctrl, const char *name, const char *srvtag, int force_reselect,
++ }
++ else
++ hi = hosttable[idx];
+++ curtime = gnupg_get_time ();
++
++ is_pool = hi->pool != NULL;
++
++@@ -590,7 +612,7 @@ map_host (ctrl_t ctrl, const char *name, const char *srvtag, int force_reselect,
++ if (force_reselect)
++ hi->poolidx = -1;
++ else if (hi->poolidx >= 0 && hi->poolidx < hosttable_size
++- && hosttable[hi->poolidx] && hosttable[hi->poolidx]->dead)
+++ && hosttable[hi->poolidx] && !host_is_alive (hosttable[hi->poolidx], curtime))
++ hi->poolidx = -1;
++
++ /* Select a host if needed. */
++@@ -642,7 +664,7 @@ map_host (ctrl_t ctrl, const char *name, const char *srvtag, int force_reselect,
++ free_dns_addrinfo (aibuf);
++ }
++
++- if (hi->dead)
+++ if (!host_is_alive (hi, curtime))
++ {
++ log_error ("host '%s' marked as dead\n", hi->name);
++ if (r_httphost)
++@@ -747,7 +769,8 @@ ks_hkp_mark_host (ctrl_t ctrl, const char *name, int alive)
++ {
++ gpg_error_t err = 0;
++ hostinfo_t hi, hi2;
++- int idx, idx2, idx3, n;
+++ int idx, idx2, idx3, n, is_alive;
+++ time_t curtime;
++
++ if (!name || !*name || !strcmp (name, "localhost"))
++ return 0;
++@@ -756,13 +779,15 @@ ks_hkp_mark_host (ctrl_t ctrl, const char *name, int alive)
++ if (idx == -1)
++ return gpg_error (GPG_ERR_NOT_FOUND);
++
+++ curtime = gnupg_get_time ();
++ hi = hosttable[idx];
++- if (alive && hi->dead)
+++ is_alive = host_is_alive (hi, curtime);
+++ if (alive && !is_alive)
++ {
++ hi->dead = 0;
++ err = ks_printf_help (ctrl, "marking '%s' as alive", name);
++ }
++- else if (!alive && !hi->dead)
+++ else if (!alive && is_alive)
++ {
++ hi->dead = 1;
++ hi->died_at = 0; /* Manually set dead. */
++@@ -796,14 +821,15 @@ ks_hkp_mark_host (ctrl_t ctrl, const char *name, int alive)
++
++ hi2 = hosttable[n];
++ if (!hi2)
++- ;
++- else if (alive && hi2->dead)
+++ continue;
+++ is_alive = host_is_alive (hi2, curtime);
+++ if (alive && !is_alive)
++ {
++ hi2->dead = 0;
++ err = ks_printf_help (ctrl, "marking '%s' as alive",
++ hi2->name);
++ }
++- else if (!alive && !hi2->dead)
+++ else if (!alive && is_alive)
++ {
++ hi2->dead = 1;
++ hi2->died_at = 0; /* Manually set dead. */
++@@ -1089,34 +1115,6 @@ ks_hkp_resolve (ctrl_t ctrl, parsed_uri_t uri)
++ }
++
++
++-/* Housekeeping function called from the housekeeping thread. It is
++- used to mark dead hosts alive so that they may be tried again after
++- some time. */
++-void
++-ks_hkp_housekeeping (time_t curtime)
++-{
++- int idx;
++- hostinfo_t hi;
++-
++- for (idx=0; idx < hosttable_size; idx++)
++- {
++- hi = hosttable[idx];
++- if (!hi)
++- continue;
++- if (!hi->dead)
++- continue;
++- if (!hi->died_at)
++- continue; /* Do not resurrect manually shot hosts. */
++- if (hi->died_at + RESURRECT_INTERVAL <= curtime
++- || hi->died_at > curtime)
++- {
++- hi->dead = 0;
++- log_info ("resurrected host '%s'", hi->name);
++- }
++- }
++-}
++-
++-
++ /* Reload (SIGHUP) action for this module. We mark all host alive
++ * even those which have been manually shot. */
++ void
--- /dev/null
--- /dev/null
++From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Date: Sat, 29 Oct 2016 01:25:05 -0400
++Subject: dirmngr: hkp: Avoid potential race condition when some hosts die.
++
++* dirmngr/ks-engine-hkp.c (select_random_host): Use atomic pass
++through the host table instead of risking out-of-bounds write.
++
++--
++
++Multiple threads may write to hosttable[x]->dead while
++select_random_host() is running. For example, a housekeeping thread
++might clear the ->dead bit on some entries, or another connection to
++dirmngr might manually mark a host as alive.
++
++If one or more hosts are resurrected between the two loops over a
++given table in select_random_host(), then the allocation of tbl might
++not be large enough, resulting in a write past the end of tbl on the
++second loop.
++
++This change collapses the two loops into a single loop to avoid this
++discrepancy: each host's "dead" bit is now only checked once.
++
++As Werner points out, this isn't currently strictly necessary, since
++npth will not switch threads unless a blocking system call is made,
++and no blocking system call is made in these two loops.
++
++However, in a subsequent change in this series, we will call a
++function in this loop, and that function may sometimes write(2), or
++call other functions, which may themselves block. Keeping this as a
++single-pass loop avoids the need to keep track of what might block and
++what might not.
++
++Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++---
++ dirmngr/ks-engine-hkp.c | 23 ++++++++++-------------
++ 1 file changed, 10 insertions(+), 13 deletions(-)
++
++diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c
++index 20d29e9..801e565 100644
++--- a/dirmngr/ks-engine-hkp.c
+++++ b/dirmngr/ks-engine-hkp.c
++@@ -221,29 +221,26 @@ host_in_pool_p (hostinfo_t hi, int tblidx)
++ static int
++ select_random_host (hostinfo_t hi)
++ {
++- int *tbl;
++- size_t tblsize;
+++ int *tbl = NULL;
+++ size_t tblsize = 0;
++ int pidx, idx;
++
++ /* We create a new table so that we randomly select only from
++ currently alive hosts. */
++- for (idx = 0, tblsize = 0;
+++ for (idx = 0;
++ idx < hi->pool_len && (pidx = hi->pool[idx]) != -1;
++ idx++)
++ if (hosttable[pidx] && !hosttable[pidx]->dead)
++- tblsize++;
+++ {
+++ tblsize++;
+++ tbl = xtryrealloc(tbl, tblsize * sizeof *tbl);
+++ if (!tbl)
+++ return -1; /* memory allocation failed! */
+++ tbl[tblsize-1] = pidx;
+++ }
++ if (!tblsize)
++ return -1; /* No hosts. */
++
++- tbl = xtrymalloc (tblsize * sizeof *tbl);
++- if (!tbl)
++- return -1;
++- for (idx = 0, tblsize = 0;
++- idx < hi->pool_len && (pidx = hi->pool[idx]) != -1;
++- idx++)
++- if (hosttable[pidx] && !hosttable[pidx]->dead)
++- tbl[tblsize++] = pidx;
++-
++ if (tblsize == 1) /* Save a get_uint_nonce. */
++ pidx = tbl[0];
++ else
--- /dev/null
--- /dev/null
++From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Date: Sun, 18 Nov 2018 17:33:55 -0500
++Subject: fix spelling
++
++---
++ doc/tools.texi | 6 +++---
++ 1 file changed, 3 insertions(+), 3 deletions(-)
++
++diff --git a/doc/tools.texi b/doc/tools.texi
++index 7becf67..6256c05 100644
++--- a/doc/tools.texi
+++++ b/doc/tools.texi
++@@ -1561,7 +1561,7 @@ string @code{true} or @code{yes}. The evaluation is done by passing
++ /subst
++ /let i 3
++ /while $i
++- /echo loop couter is $i
+++ /echo loop counter is $i
++ /let i $@{- $i 1@}
++ /end
++ @end smallexample
++@@ -1962,7 +1962,7 @@ Extract all files from an encrypted archive.
++
++ @item --sign
++ @itemx -s
++-Make a signed archive from the given files and directories. Thsi can
+++Make a signed archive from the given files and directories. This can
++ be combined with option @option{--encrypt} to create a signed and then
++ encrypted archive.
++
++@@ -2031,7 +2031,7 @@ linefeed to separate file names.
++
++ @item --openpgp
++ @opindex openpgp
++-This option has no effect becuase OpenPGP encryption and signing is
+++This option has no effect because OpenPGP encryption and signing is
++ the default.
++
++ @item --cms
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Mon, 17 Dec 2018 18:46:26 +0100
++Subject: Silence compiler warnings new with gcc 8.
++
++* dirmngr/dns.c: Include gpgrt.h. Silence -Warray-bounds also gcc.
++* tests/gpgscm/scheme.c: Include gpgrt.h.
++(Eval_Cycle): Ignore -Wimplicit-fallthrough.
++--
++
++The funny use of case and labels in the CASE macro seems confuse the
++fallthrough detection.
++
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit 21fc089148678f59edb02e0e16bed65b709fb972)
++---
++ dirmngr/dns.c | 17 ++++++++++++-----
++ tests/gpgscm/scheme.c | 12 ++++++++++++
++ 2 files changed, 24 insertions(+), 5 deletions(-)
++
++diff --git a/dirmngr/dns.c b/dirmngr/dns.c
++index 77f83f4..968fc3d 100644
++--- a/dirmngr/dns.c
+++++ b/dirmngr/dns.c
++@@ -77,6 +77,7 @@ typedef int socket_fd_t;
++ #include <netdb.h> /* struct addrinfo */
++ #endif
++
+++#include "gpgrt.h" /* For GGPRT_GCC_VERSION */
++ #include "dns.h"
++
++
++@@ -7521,9 +7522,13 @@ static unsigned char *dns_so_tcp_recv_buffer(struct dns_socket *so) {
++ }
++
++
++-#if defined __clang__
++-#pragma clang diagnostic push
++-#pragma clang diagnostic ignored "-Warray-bounds"
+++
+++#if GPGRT_GCC_VERSION >= 80000
+++# pragma GCC diagnostic push
+++# pragma GCC diagnostic ignored "-Warray-bounds"
+++#elif defined __clang__
+++# pragma clang diagnostic push
+++# pragma clang diagnostic ignored "-Warray-bounds"
++ #endif
++
++ static int dns_so_tcp_send(struct dns_socket *so) {
++@@ -7589,8 +7594,10 @@ static int dns_so_tcp_recv(struct dns_socket *so) {
++ return 0;
++ } /* dns_so_tcp_recv() */
++
++-#if __clang__
++-#pragma clang diagnostic pop
+++#if GPGRT_GCC_VERSION >= 80000
+++# pragma GCC diagnostic pop
+++#elif __clang__
+++# pragma clang diagnostic pop
++ #endif
++
++
++diff --git a/tests/gpgscm/scheme.c b/tests/gpgscm/scheme.c
++index 4384841..b188e36 100644
++--- a/tests/gpgscm/scheme.c
+++++ b/tests/gpgscm/scheme.c
++@@ -44,6 +44,8 @@
++ # endif
++ #endif
++
+++#include "gpgrt.h" /* For GGPRT_GCC_VERSION */
+++
++ /* Used for documentation purposes, to signal functions in 'interface' */
++ #define INTERFACE
++
++@@ -3438,6 +3440,11 @@ int list_length(scheme *sc, pointer a) {
++
++ \f
++
+++#if GPGRT_GCC_VERSION >= 80000
+++# pragma GCC diagnostic push
+++# pragma GCC diagnostic ignored "-Wimplicit-fallthrough"
+++#endif
+++
++ #define s_retbool(tf) s_return(sc,(tf) ? sc->T : sc->F)
++
++ /* kernel of this interpreter */
++@@ -5323,6 +5330,11 @@ Eval_Cycle(scheme *sc, enum scheme_opcodes op) {
++ }
++ }
++
+++#if GPGRT_GCC_VERSION >= 80000
+++# pragma GCC diagnostic pop
+++#endif
+++
+++
++ typedef int (*test_predicate)(pointer);
++
++ static int is_any(pointer p) {
--- /dev/null
--- /dev/null
++From: NIIBE Yutaka <gniibe@fsij.org>
++Date: Mon, 28 Jan 2019 12:58:13 +0900
++Subject: agent: Clear bogus pinentry cache, when it causes an error.
++
++* agent/agent.h (PINENTRY_STATUS_*): Expose to public.
++(struct pin_entry_info_s): Add status.
++* agent/call-pinentry.c (agent_askpin): Clearing the ->status
++before the loop, let the assuan_transact set ->status. When
++failure with PINENTRY_STATUS_PASSWORD_FROM_CACHE, it returns
++soon.
++* agent/findkey.c (unprotect): Clear the pinentry cache,
++when it causes an error.
++
++--
++
++Cherry-picked from master commit of:
++ 02a2633a7f0b7d91aa48ea615fb3a0edfd6ed6bb
++
++Debian-bug-id: 919856
++GnuPG-bug-id: 4348
++Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
++(cherry picked from commit 9109bb9919f84d5472b7e62e84b961414a79d3c2)
++---
++ agent/agent.h | 11 ++++++++++-
++ agent/call-pinentry.c | 37 ++++++++++++++++++-------------------
++ agent/findkey.c | 12 +++++++++++-
++ 3 files changed, 39 insertions(+), 21 deletions(-)
++
++diff --git a/agent/agent.h b/agent/agent.h
++index 97ac15d..b07ea57 100644
++--- a/agent/agent.h
+++++ b/agent/agent.h
++@@ -265,6 +265,14 @@ struct server_control_s
++ };
++
++
+++/* Status of pinentry. */
+++enum
+++ {
+++ PINENTRY_STATUS_CLOSE_BUTTON = 1 << 0,
+++ PINENTRY_STATUS_PIN_REPEATED = 1 << 8,
+++ PINENTRY_STATUS_PASSWORD_FROM_CACHE = 1 << 9
+++ };
+++
++ /* Information pertaining to pinentry requests. */
++ struct pin_entry_info_s
++ {
++@@ -274,7 +282,8 @@ struct pin_entry_info_s
++ int failed_tries; /* Number of tries so far failed. */
++ int with_qualitybar; /* Set if the quality bar should be displayed. */
++ int with_repeat; /* Request repetition of the passphrase. */
++- int repeat_okay; /* Repetition worked. */
+++ int repeat_okay; /* Repetition worked. */
+++ unsigned int status; /* Status. */
++ gpg_error_t (*check_cb)(struct pin_entry_info_s *); /* CB used to check
++ the PIN */
++ void *check_cb_arg; /* optional argument which might be of use in the CB */
++diff --git a/agent/call-pinentry.c b/agent/call-pinentry.c
++index b68d0a8..1f3bd52 100644
++--- a/agent/call-pinentry.c
+++++ b/agent/call-pinentry.c
++@@ -891,13 +891,6 @@ setup_qualitybar (ctrl_t ctrl)
++ return 0;
++ }
++
++-enum
++- {
++- PINENTRY_STATUS_CLOSE_BUTTON = 1 << 0,
++- PINENTRY_STATUS_PIN_REPEATED = 1 << 8,
++- PINENTRY_STATUS_PASSWORD_FROM_CACHE = 1 << 9
++- };
++-
++ /* Check the button_info line for a close action. Also check for the
++ PIN_REPEATED flag. */
++ static gpg_error_t
++@@ -962,7 +955,6 @@ agent_askpin (ctrl_t ctrl,
++ const char *errtext = NULL;
++ int is_pin = 0;
++ int saveflag;
++- unsigned int pinentry_status;
++
++ if (opt.batch)
++ return 0; /* fixme: we should return BAD PIN */
++@@ -1073,6 +1065,7 @@ agent_askpin (ctrl_t ctrl,
++ pininfo->with_repeat = 0; /* Pinentry does not support it. */
++ }
++ pininfo->repeat_okay = 0;
+++ pininfo->status = 0;
++
++ for (;pininfo->failed_tries < pininfo->max_tries; pininfo->failed_tries++)
++ {
++@@ -1106,10 +1099,9 @@ agent_askpin (ctrl_t ctrl,
++
++ saveflag = assuan_get_flag (entry_ctx, ASSUAN_CONFIDENTIAL);
++ assuan_begin_confidential (entry_ctx);
++- pinentry_status = 0;
++ rc = assuan_transact (entry_ctx, "GETPIN", getpin_cb, &parm,
++ inq_quality, entry_ctx,
++- pinentry_status_cb, &pinentry_status);
+++ pinentry_status_cb, &pininfo->status);
++ assuan_set_flag (entry_ctx, ASSUAN_CONFIDENTIAL, saveflag);
++ /* Most pinentries out in the wild return the old Assuan error code
++ for canceled which gets translated to an assuan Cancel error and
++@@ -1121,7 +1113,7 @@ agent_askpin (ctrl_t ctrl,
++
++ /* Change error code in case the window close button was clicked
++ to cancel the operation. */
++- if ((pinentry_status & PINENTRY_STATUS_CLOSE_BUTTON)
+++ if ((pininfo->status & PINENTRY_STATUS_CLOSE_BUTTON)
++ && gpg_err_code (rc) == GPG_ERR_CANCELED)
++ rc = gpg_err_make (gpg_err_source (rc), GPG_ERR_FULLY_CANCELED);
++
++@@ -1148,12 +1140,19 @@ agent_askpin (ctrl_t ctrl,
++ /* More checks by utilizing the optional callback. */
++ pininfo->cb_errtext = NULL;
++ rc = pininfo->check_cb (pininfo);
++- if (gpg_err_code (rc) == GPG_ERR_BAD_PASSPHRASE
++- && pininfo->cb_errtext)
++- errtext = pininfo->cb_errtext;
++- else if (gpg_err_code (rc) == GPG_ERR_BAD_PASSPHRASE
++- || gpg_err_code (rc) == GPG_ERR_BAD_PIN)
++- errtext = (is_pin? L_("Bad PIN") : L_("Bad Passphrase"));
+++ /* When pinentry cache causes an error, return now. */
+++ if (rc
+++ && (pininfo->status & PINENTRY_STATUS_PASSWORD_FROM_CACHE))
+++ return unlock_pinentry (ctrl, rc);
+++
+++ if (gpg_err_code (rc) == GPG_ERR_BAD_PASSPHRASE)
+++ {
+++ if (pininfo->cb_errtext)
+++ errtext = pininfo->cb_errtext;
+++ else if (gpg_err_code (rc) == GPG_ERR_BAD_PASSPHRASE
+++ || gpg_err_code (rc) == GPG_ERR_BAD_PIN)
+++ errtext = (is_pin? L_("Bad PIN") : L_("Bad Passphrase"));
+++ }
++ else if (rc)
++ return unlock_pinentry (ctrl, rc);
++ }
++@@ -1161,12 +1160,12 @@ agent_askpin (ctrl_t ctrl,
++ if (!errtext)
++ {
++ if (pininfo->with_repeat
++- && (pinentry_status & PINENTRY_STATUS_PIN_REPEATED))
+++ && (pininfo->status & PINENTRY_STATUS_PIN_REPEATED))
++ pininfo->repeat_okay = 1;
++ return unlock_pinentry (ctrl, 0); /* okay, got a PIN or passphrase */
++ }
++
++- if ((pinentry_status & PINENTRY_STATUS_PASSWORD_FROM_CACHE))
+++ if ((pininfo->status & PINENTRY_STATUS_PASSWORD_FROM_CACHE))
++ /* The password was read from the cache. Don't count this
++ against the retry count. */
++ pininfo->failed_tries --;
++diff --git a/agent/findkey.c b/agent/findkey.c
++index 78c3b1a..89a18fa 100644
++--- a/agent/findkey.c
+++++ b/agent/findkey.c
++@@ -632,7 +632,17 @@ unprotect (ctrl_t ctrl, const char *cache_nonce, const char *desc_text,
++ pi->check_cb_arg = &arg;
++
++ rc = agent_askpin (ctrl, desc_text, NULL, NULL, pi, hexgrip, cache_mode);
++- if (!rc)
+++ if (rc)
+++ {
+++ if ((pi->status & PINENTRY_STATUS_PASSWORD_FROM_CACHE))
+++ {
+++ log_error ("Clearing pinentry cache which caused error %s\n",
+++ gpg_strerror (rc));
+++
+++ agent_clear_passphrase (ctrl, hexgrip, cache_mode);
+++ }
+++ }
+++ else
++ {
++ assert (arg.unprotected_key);
++ if (arg.change_required)
--- /dev/null
--- /dev/null
++From: NIIBE Yutaka <gniibe@fsij.org>
++Date: Fri, 25 Jan 2019 10:15:39 +0900
++Subject: dirmngr: Fix initialization of assuan's nPth hook.
++
++* dirmngr/dirmngr.c (main): Move assuan_set_system_hooks to...
++(thread_init): ... here.
++
++--
++
++Cherry picked master commit of:
++ 1f8817475f59ede3f28f57edc10ba56bbdd08b49
++
++Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
++(cherry picked from commit 7f4c3eb0a039621c564b6095ab5f810524843157)
++---
++ dirmngr/dirmngr.c | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c
++index 76843bd..ffbb108 100644
++--- a/dirmngr/dirmngr.c
+++++ b/dirmngr/dirmngr.c
++@@ -802,6 +802,7 @@ static void
++ thread_init (void)
++ {
++ npth_init ();
+++ assuan_set_system_hooks (ASSUAN_SYSTEM_NPTH);
++ gpgrt_set_syscall_clamp (npth_unprotect, npth_protect);
++
++ /* Now with NPth running we can set the logging callback. Our
++@@ -877,7 +878,6 @@ main (int argc, char **argv)
++ assuan_set_malloc_hooks (&malloc_hooks);
++ assuan_set_assuan_log_prefix (log_get_prefix (NULL));
++ assuan_set_gpg_err_source (GPG_ERR_SOURCE_DEFAULT);
++- assuan_set_system_hooks (ASSUAN_SYSTEM_NPTH);
++ assuan_sock_init ();
++ setup_libassuan_logging (&opt.debug, dirmngr_assuan_log_monitor);
++
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Tue, 8 Jan 2019 11:21:07 +0100
++Subject: doc: Mark keyserver-options timeout and http-proxy as obsolete.
++
++--
++
++(cherry picked from commit 6c000d4b78b836686e5a2789cc88a41e465e4400)
++(cherry picked from commit 9fd6ba268f1fdf77cc5baa6e8fd3ab28e432e49b)
++---
++ doc/gpg.texi | 30 +++++-------------------------
++ 1 file changed, 5 insertions(+), 25 deletions(-)
++
++diff --git a/doc/gpg.texi b/doc/gpg.texi
++index 1eed9fa..1597f9e 100644
++--- a/doc/gpg.texi
+++++ b/doc/gpg.texi
++@@ -1895,32 +1895,12 @@ are available for all keyserver types, some common options are:
++ retrieving keys by subkey id.
++
++ @item timeout
++- Tell the keyserver helper program how long (in seconds) to try and
++- perform a keyserver action before giving up. Note that performing
++- multiple actions at the same time uses this timeout value per action.
++- For example, when retrieving multiple keys via @option{--receive-keys}, the
++- timeout applies separately to each key retrieval, and not to the
++- @option{--receive-keys} command as a whole. Defaults to 30 seconds.
++-
++- @item http-proxy=@var{value}
++- This option is deprecated.
++- Set the proxy to use for HTTP and HKP keyservers.
++- This overrides any proxy defined in @file{dirmngr.conf}.
++-
++- @item verbose
++- This option has no more function since GnuPG 2.1. Use the
++- @code{dirmngr} configuration options instead.
++-
++- @item debug
++- This option has no more function since GnuPG 2.1. Use the
++- @code{dirmngr} configuration options instead.
++-
++- @item check-cert
++- This option has no more function since GnuPG 2.1. Use the
++- @code{dirmngr} configuration options instead.
++-
+++ @itemx http-proxy=@var{value}
+++ @itemx verbose
+++ @itemx debug
+++ @itemx check-cert
++ @item ca-cert-file
++- This option has no more function since GnuPG 2.1. Use the
+++ These options have no more function since GnuPG 2.1. Use the
++ @code{dirmngr} configuration options instead.
++
++ @end table
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Wed, 30 Jan 2019 11:28:14 +0100
++Subject: gpg: Allow generating Ed25519 key from an existing key.
++
++* g10/misc.c (map_pk_gcry_to_openpgp): Add EdDSA mapping.
++--
++
++Due to this missing mapping a "gpg --export --full-gen-key" with
++selection "13 - Existing key" did not worked for an ed25519 key.
++
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit 346a98fabe03adf2e202e36fc2aa24b1c2571154)
++(cherry picked from commit 31d2a1eecaee766919b18bc42b918d9168f601f8)
++---
++ g10/misc.c | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/g10/misc.c b/g10/misc.c
++index d9ebf48..8144471 100644
++--- a/g10/misc.c
+++++ b/g10/misc.c
++@@ -508,6 +508,7 @@ map_pk_gcry_to_openpgp (enum gcry_pk_algos algo)
++ {
++ switch (algo)
++ {
+++ case GCRY_PK_EDDSA: return PUBKEY_ALGO_EDDSA;
++ case GCRY_PK_ECDSA: return PUBKEY_ALGO_ECDSA;
++ case GCRY_PK_ECDH: return PUBKEY_ALGO_ECDH;
++ default: return algo < 110 ? (pubkey_algo_t)algo : 0;
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Wed, 30 Jan 2019 14:40:26 +0100
++Subject: gpg: Emit an ERROR status if no key was found with --list-keys.
++
++* g10/keylist.c (list_one): Emit status line.
++--
++
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit 140fda8c61422ec055c3f7e214cc35706c4320dd)
++(cherry picked from commit 14ea581a1c040b53b0ad4c51136a7948363b1e4b)
++---
++ g10/keylist.c | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/g10/keylist.c b/g10/keylist.c
++index 66b03bb..262ea8d 100644
++--- a/g10/keylist.c
+++++ b/g10/keylist.c
++@@ -610,6 +610,7 @@ list_one (ctrl_t ctrl, strlist_t names, int secret, int mark_secret)
++ {
++ log_error ("error reading key: %s\n", gpg_strerror (rc));
++ getkey_end (ctrl, ctx);
+++ write_status_error ("keylist.getkey", rc);
++ return;
++ }
++
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Tue, 22 Jan 2019 10:06:15 +0100
++Subject: gpg: Stop early when trying to create a primary Elgamal key.
++
++* g10/misc.c (openpgp_pk_test_algo2): Add extra check.
++--
++
++The problem is that --key-gen --batch with a parameter file didn't
++detect that Elgamal is not capable of signing and so an error was only
++triggered at the time the self-signature was created. See the code
++comment for details.
++
++GnuPG-bug-id: 4329
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit f97dc55ff1b041071bc3cbe98aa761bf77bb7ac8)
++(cherry picked from commit f5d3b982e44c5cfc60e9936020102a598b635187)
++---
++ g10/misc.c | 7 +++++++
++ 1 file changed, 7 insertions(+)
++
++diff --git a/g10/misc.c b/g10/misc.c
++index 86baff9..d9ebf48 100644
++--- a/g10/misc.c
+++++ b/g10/misc.c
++@@ -644,6 +644,13 @@ openpgp_pk_test_algo2 (pubkey_algo_t algo, unsigned int use)
++ if (!ga)
++ return gpg_error (GPG_ERR_PUBKEY_ALGO);
++
+++ /* Elgamal in OpenPGP used to support signing and Libgcrypt still
+++ * does. However, we removed the signing capability from gpg ages
+++ * ago. This function should reflect this so that errors are thrown
+++ * early and not only when we try to sign using Elgamal. */
+++ if (ga == GCRY_PK_ELG && (use & (PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG)))
+++ return gpg_error (GPG_ERR_WRONG_PUBKEY_ALGO);
+++
++ /* Now check whether Libgcrypt has support for the algorithm. */
++ return gcry_pk_algo_info (ga, GCRYCTL_TEST_ALGO, NULL, &use_buf);
++ }
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Tue, 18 Dec 2018 08:21:03 +0100
++Subject: wks: Do not use compression for the encrypted data.
++
++* tools/gpg-wks-client.c (encrypt_response): Add arg -z0.
++* tools/gpg-wks-server.c (encrypt_stream): Ditto.
++--
++
++If for example a server was built without the development packages of
++the compression libraries installed, the server will not be able to
++decrypt a request. In theory this can't happen due to the preference
++system but it is just to easy to create the server's key using a
++different version of gpg and then use gpg-wks-server built
++differently.
++
++For the short messages we exchange compression is not really required
++and thus we better do without to make the system more robust.
++
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit 70a8db0333e3c22403b3647f8b5f924f6dace719)
++(cherry picked from commit 16424d8a34c7f6af1071fd19dfc180cb7d17c052)
++---
++ tools/gpg-wks-client.c | 1 +
++ tools/gpg-wks-server.c | 1 +
++ 2 files changed, 2 insertions(+)
++
++diff --git a/tools/gpg-wks-client.c b/tools/gpg-wks-client.c
++index c8ff166..78e4fe4 100644
++--- a/tools/gpg-wks-client.c
+++++ b/tools/gpg-wks-client.c
++@@ -1151,6 +1151,7 @@ encrypt_response (estream_t *r_output, estream_t input, const char *addrspec,
++ ccparray_put (&ccp, "--status-fd=2");
++ ccparray_put (&ccp, "--always-trust");
++ ccparray_put (&ccp, "--armor");
+++ ccparray_put (&ccp, "-z0"); /* No compression for improved robustness. */
++ if (fake_submission_addr)
++ ccparray_put (&ccp, "--auto-key-locate=clear,local");
++ else
++diff --git a/tools/gpg-wks-server.c b/tools/gpg-wks-server.c
++index 1a0ba8f..f83ef65 100644
++--- a/tools/gpg-wks-server.c
+++++ b/tools/gpg-wks-server.c
++@@ -586,6 +586,7 @@ encrypt_stream (estream_t *r_output, estream_t input, const char *keyfile)
++ ccparray_put (&ccp, "--always-trust");
++ ccparray_put (&ccp, "--no-keyring");
++ ccparray_put (&ccp, "--armor");
+++ ccparray_put (&ccp, "-z0"); /* No compression for improved robustness. */
++ ccparray_put (&ccp, "--recipient-file");
++ ccparray_put (&ccp, keyfile);
++ ccparray_put (&ccp, "--encrypt");
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Fri, 22 Feb 2019 14:09:02 +0100
++Subject: agent: Fix for suggested Libgcrypt use.
++
++* agent/divert-scd.c (divert_pkdecrypt): Skip a flags parameter.
++--
++
++The libgcrypt docs say that a "flags" parameter should always be used
++in the input of pkdecrypt. Thus we should allow that parameter also
++when parsing an s-expression to figure out the algorithm for use with
++scdaemon.
++
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit a12c3a566e2e4b10bc02976a2819070877ee895c)
++(cherry picked from commit 0a95b153811f36739d1b20f23920bad0bb07c68b)
++---
++ agent/divert-scd.c | 17 ++++++++++++++++-
++ 1 file changed, 16 insertions(+), 1 deletion(-)
++
++diff --git a/agent/divert-scd.c b/agent/divert-scd.c
++index 88b35cd..aff5055 100644
++--- a/agent/divert-scd.c
+++++ b/agent/divert-scd.c
++@@ -476,6 +476,7 @@ divert_pkdecrypt (ctrl_t ctrl, const char *desc_text,
++ char *kid;
++ const unsigned char *s;
++ size_t n;
+++ int depth;
++ const unsigned char *ciphertext;
++ size_t ciphertextlen;
++ char *plaintext;
++@@ -484,7 +485,6 @@ divert_pkdecrypt (ctrl_t ctrl, const char *desc_text,
++ (void)desc_text;
++
++ *r_padding = -1;
++-
++ s = cipher;
++ if (*s != '(')
++ return gpg_error (GPG_ERR_INV_SEXP);
++@@ -500,6 +500,21 @@ divert_pkdecrypt (ctrl_t ctrl, const char *desc_text,
++ n = snext (&s);
++ if (!n)
++ return gpg_error (GPG_ERR_INV_SEXP);
+++
+++ /* First check whether we have a flags parameter and skip it. */
+++ if (smatch (&s, n, "flags"))
+++ {
+++ depth = 1;
+++ if (sskip (&s, &depth) || depth)
+++ return gpg_error (GPG_ERR_INV_SEXP);
+++ if (*s != '(')
+++ return gpg_error (GPG_ERR_INV_SEXP);
+++ s++;
+++ n = snext (&s);
+++ if (!n)
+++ return gpg_error (GPG_ERR_INV_SEXP);
+++ }
+++
++ if (smatch (&s, n, "rsa"))
++ {
++ if (*s != '(')
--- /dev/null
--- /dev/null
++From: NIIBE Yutaka <gniibe@fsij.org>
++Date: Fri, 25 Jan 2019 12:08:09 +0900
++Subject: agent: Support --mode=ssh option for CLEAR_PASSPHRASE.
++
++* agent/command.c (cmd_clear_passphrase): Add support for SSH.
++
++--
++
++GnuPG-bug-id: 4340
++Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
++(cherry picked from commit ae966bbe9b16ed68a51391afdde615339755e22d)
++(cherry picked from commit 77a285a0a94994ee9b42289897f9bf3075c7192d)
++---
++ agent/command.c | 18 ++++++++++--------
++ 1 file changed, 10 insertions(+), 8 deletions(-)
++
++diff --git a/agent/command.c b/agent/command.c
++index 60eb6ad..50385b8 100644
++--- a/agent/command.c
+++++ b/agent/command.c
++@@ -1568,19 +1568,24 @@ static const char hlp_clear_passphrase[] =
++ "may be used to invalidate the cache entry for a passphrase. The\n"
++ "function returns with OK even when there is no cached passphrase.\n"
++ "The --mode=normal option is used to clear an entry for a cacheid\n"
++- "added by the agent.\n";
+++ "added by the agent. The --mode=ssh option is used for a cacheid\n"
+++ "added for ssh.\n";
++ static gpg_error_t
++ cmd_clear_passphrase (assuan_context_t ctx, char *line)
++ {
++ ctrl_t ctrl = assuan_get_pointer (ctx);
++ char *cacheid = NULL;
++ char *p;
++- int opt_normal;
+++ cache_mode_t cache_mode = CACHE_MODE_USER;
++
++ if (ctrl->restricted)
++ return leave_cmd (ctx, gpg_error (GPG_ERR_FORBIDDEN));
++
++- opt_normal = has_option (line, "--mode=normal");
+++ if (has_option (line, "--mode=normal"))
+++ cache_mode = CACHE_MODE_NORMAL;
+++ else if (has_option (line, "--mode=ssh"))
+++ cache_mode = CACHE_MODE_SSH;
+++
++ line = skip_options (line);
++
++ /* parse the stuff */
++@@ -1593,12 +1598,9 @@ cmd_clear_passphrase (assuan_context_t ctx, char *line)
++ if (!*cacheid || strlen (cacheid) > 50)
++ return set_error (GPG_ERR_ASS_PARAMETER, "invalid length of cacheID");
++
++- agent_put_cache (ctrl, cacheid,
++- opt_normal ? CACHE_MODE_NORMAL : CACHE_MODE_USER,
++- NULL, 0);
+++ agent_put_cache (ctrl, cacheid, cache_mode, NULL, 0);
++
++- agent_clear_passphrase (ctrl, cacheid,
++- opt_normal ? CACHE_MODE_NORMAL : CACHE_MODE_USER);
+++ agent_clear_passphrase (ctrl, cacheid, cache_mode);
++
++ return 0;
++ }
--- /dev/null
--- /dev/null
++From: NIIBE Yutaka <gniibe@fsij.org>
++Date: Tue, 19 Sep 2017 12:28:43 +0900
++Subject: common: Fix gnupg_wait_processes.
++
++* common/exechelp-posix.c (gnupg_wait_processes): Loop for r_exitcodes
++even if we already see an error.
++
++--
++
++The value stored by waitpid for exit code is encoded; It requires
++decoded by WEXITSTATUS macro, regardless of an error.
++
++For example, when one of processes is already exited and another is
++still running, it resulted wrong value of in r_exitcodes[n].
++
++Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
++(cherry picked from commit eeb3da6eb717ed6a1a1069a7611eb37503e8672d)
++---
++ common/exechelp-posix.c | 50 +++++++++++++++++++++++++------------------------
++ 1 file changed, 26 insertions(+), 24 deletions(-)
++
++diff --git a/common/exechelp-posix.c b/common/exechelp-posix.c
++index 7237993..3acf74a 100644
++--- a/common/exechelp-posix.c
+++++ b/common/exechelp-posix.c
++@@ -784,30 +784,32 @@ gnupg_wait_processes (const char **pgmnames, pid_t *pids, size_t count,
++ }
++ }
++
++- if (ec == 0)
++- for (i = 0; i < count; i++)
++- {
++- if (WIFEXITED (r_exitcodes[i]) && WEXITSTATUS (r_exitcodes[i]) == 127)
++- {
++- log_error (_("error running '%s': probably not installed\n"),
++- pgmnames[i]);
++- ec = GPG_ERR_CONFIGURATION;
++- }
++- else if (WIFEXITED (r_exitcodes[i]) && WEXITSTATUS (r_exitcodes[i]))
++- {
++- if (dummy)
++- log_error (_("error running '%s': exit status %d\n"),
++- pgmnames[i], WEXITSTATUS (r_exitcodes[i]));
++- else
++- r_exitcodes[i] = WEXITSTATUS (r_exitcodes[i]);
++- ec = GPG_ERR_GENERAL;
++- }
++- else if (!WIFEXITED (r_exitcodes[i]))
++- {
++- log_error (_("error running '%s': terminated\n"), pgmnames[i]);
++- ec = GPG_ERR_GENERAL;
++- }
++- }
+++ for (i = 0; i < count; i++)
+++ {
+++ if (r_exitcodes[i] == -1)
+++ continue;
+++
+++ if (WIFEXITED (r_exitcodes[i]) && WEXITSTATUS (r_exitcodes[i]) == 127)
+++ {
+++ log_error (_("error running '%s': probably not installed\n"),
+++ pgmnames[i]);
+++ ec = GPG_ERR_CONFIGURATION;
+++ }
+++ else if (WIFEXITED (r_exitcodes[i]) && WEXITSTATUS (r_exitcodes[i]))
+++ {
+++ if (dummy)
+++ log_error (_("error running '%s': exit status %d\n"),
+++ pgmnames[i], WEXITSTATUS (r_exitcodes[i]));
+++ else
+++ r_exitcodes[i] = WEXITSTATUS (r_exitcodes[i]);
+++ ec = GPG_ERR_GENERAL;
+++ }
+++ else if (!WIFEXITED (r_exitcodes[i]))
+++ {
+++ log_error (_("error running '%s': terminated\n"), pgmnames[i]);
+++ ec = GPG_ERR_GENERAL;
+++ }
+++ }
++
++ xfree (dummy);
++ return gpg_err_make (GPG_ERR_SOURCE_DEFAULT, ec);
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Thu, 7 Mar 2019 11:34:03 +0100
++Subject: dirmngr: Add CSRF protection exception for protonmail.
++
++* dirmngr/http.c (same_host_p): Add exception table.
++--
++
++Please: Adding entries to this table shall be an exception and not the
++rule.
++
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit 134c3c16523b1a267ebdd2df6339240fd9e1e3b3)
++(cherry picked from commit 557c721e787e7e6d311ccb48d8aa677123061cf5)
++---
++ dirmngr/http.c | 45 ++++++++++++++++++++++++++++++++++++++++-----
++ 1 file changed, 40 insertions(+), 5 deletions(-)
++
++diff --git a/dirmngr/http.c b/dirmngr/http.c
++index 9f4afc8..7fdd06a 100644
++--- a/dirmngr/http.c
+++++ b/dirmngr/http.c
++@@ -3514,16 +3514,51 @@ uri_query_lookup (parsed_uri_t uri, const char *key)
++ }
++
++
++-/* Return true if both URI point to the same host. */
+++/* Return true if both URI point to the same host for the purpose of
+++ * redirection check. A is the original host and B the host given in
+++ * the Location header. As a temporary workaround a fixed list of
+++ * exceptions is also consulted. */
++ static int
++ same_host_p (parsed_uri_t a, parsed_uri_t b)
++ {
++- return a->host && b->host && !ascii_strcasecmp (a->host, b->host);
+++ static struct
+++ {
+++ const char *from; /* NULL uses the last entry from the table. */
+++ const char *to;
+++ } allow[] =
+++ {
+++ { "protonmail.com", "api.protonmail.com" },
+++ { NULL, "api.protonmail.ch" },
+++ { "protonmail.ch", "api.protonmail.com" },
+++ { NULL, "api.protonmail.ch" }
+++ };
+++ int i;
+++ const char *from;
+++
+++ if (!a->host || !b->host)
+++ return 0;
+++
+++ if (!ascii_strcasecmp (a->host, b->host))
+++ return 1;
+++
+++ from = NULL;
+++ for (i=0; i < DIM (allow); i++)
+++ {
+++ if (allow[i].from)
+++ from = allow[i].from;
+++ if (!from)
+++ continue;
+++ if (!ascii_strcasecmp (from, a->host)
+++ && !ascii_strcasecmp (allow[i].to, b->host))
+++ return 1;
+++ }
+++
+++ return 0;
++ }
++
++
++ /* Prepare a new URL for a HTTP redirect. INFO has flags controlling
++- * the operaion, STATUS_CODE is used for diagnostics, LOCATION is the
+++ * the operation, STATUS_CODE is used for diagnostics, LOCATION is the
++ * value of the "Location" header, and R_URL reveives the new URL on
++ * success or NULL or error. Note that INFO->ORIG_URL is
++ * required. */
++@@ -3594,8 +3629,8 @@ http_prepare_redirect (http_redir_info_t *info, unsigned int status_code,
++ }
++ else if (same_host_p (origuri, locuri))
++ {
++- /* The host is the same and thus we can take the location
++- * verbatim. */
+++ /* The host is the same or on an exception list and thus we can
+++ * take the location verbatim. */
++ http_release_parsed_uri (origuri);
++ http_release_parsed_uri (locuri);
++ newurl = xtrystrdup (location);
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Mon, 18 Mar 2019 13:07:14 +0100
++Subject: gpg: Allow import of PGP desktop exported secret keys.
++
++* g10/import.c (NODE_TRANSFER_SECKEY): New.
++(import): Add attic kludge.
++(transfer_secret_keys): Add arg only_marked.
++(resync_sec_with_pub_keyblock): Return removed seckeys via new arg
++r_removedsecs.
++(import_secret_one): New arg r_secattic. Change to take ownership of
++arg keyblock. Implement extra secret key import logic. Factor some
++code out to ...
++(do_transfer): New.
++(import_matching_seckeys): New.
++--
++
++The PGP desktops exported secret keys are really stupid. And they
++even a have kind of exception in rfc4880 which does not rule that
++out (section 11.2):
++
++ [...] Implementations SHOULD include self-signatures on any user
++ IDs and subkeys, as this allows for a complete public key to be
++ automatically extracted from the transferable secret key.
++ Implementations MAY choose to omit the self-signatures, especially
++ if a transferable public key accompanies the transferable secret
++ key.
++
++Now if they would only put the public key before the secret
++key. Anyway we now have a workaround for that ugliness.
++
++GnuPG-bug-id: 4392
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit 5205512fc092c53c0a52c8379ef2a129ce6e58a9)
++(cherry picked from commit 0e73214dd208fca4df26ac796416c6f25b3ae50d)
++---
++ g10/import.c | 381 ++++++++++++++++++++++++++++++++++++++++++++++------------
++ g10/keyedit.c | 2 +-
++ g10/main.h | 3 +-
++ 3 files changed, 307 insertions(+), 79 deletions(-)
++
++diff --git a/g10/import.c b/g10/import.c
++index 2a01814..f76ca0c 100644
++--- a/g10/import.c
+++++ b/g10/import.c
++@@ -1,6 +1,6 @@
++ /* import.c - import a key into our key storage.
++ * Copyright (C) 1998-2007, 2010-2011 Free Software Foundation, Inc.
++- * Copyright (C) 2014, 2016, 2017 Werner Koch
+++ * Copyright (C) 2014, 2016, 2017, 2019 Werner Koch
++ *
++ * This file is part of GnuPG.
++ *
++@@ -75,6 +75,8 @@ struct import_stats_s
++ #define NODE_DELETION_MARK 4
++ /* A node flag used to temporary mark a node. */
++ #define NODE_FLAG_A 8
+++/* A flag used by transfer_secret_keys. */
+++#define NODE_TRANSFER_SECKEY 16
++
++
++ /* An object and a global instance to store selectors created from
++@@ -110,10 +112,15 @@ static gpg_error_t import_one (ctrl_t ctrl,
++ unsigned int options, int from_sk, int silent,
++ import_screener_t screener, void *screener_arg,
++ int origin, const char *url, int *r_valid);
+++static gpg_error_t import_matching_seckeys (
+++ ctrl_t ctrl, kbnode_t seckeys,
+++ const byte *mainfpr, size_t mainfprlen,
+++ struct import_stats_s *stats, int batch);
++ static gpg_error_t import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
++ struct import_stats_s *stats, int batch,
++ unsigned int options, int for_migration,
++- import_screener_t screener, void *screener_arg);
+++ import_screener_t screener, void *screener_arg,
+++ kbnode_t *r_secattic);
++ static int import_revoke_cert (ctrl_t ctrl, kbnode_t node, unsigned int options,
++ struct import_stats_s *stats);
++ static int chk_self_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid,
++@@ -562,6 +569,7 @@ import (ctrl_t ctrl, IOBUF inp, const char* fname,struct import_stats_s *stats,
++ kbnode_t keyblock = NULL; /* Need to initialize because gcc can't
++ grasp the return semantics of
++ read_block. */
+++ kbnode_t secattic = NULL; /* Kludge for PGP desktop percularity */
++ int rc = 0;
++ int v3keys;
++
++@@ -582,18 +590,63 @@ import (ctrl_t ctrl, IOBUF inp, const char* fname,struct import_stats_s *stats,
++ {
++ stats->v3keys += v3keys;
++ if (keyblock->pkt->pkttype == PKT_PUBLIC_KEY)
++- rc = import_one (ctrl, keyblock,
++- stats, fpr, fpr_len, options, 0, 0,
++- screener, screener_arg, origin, url, NULL);
+++ {
+++ rc = import_one (ctrl, keyblock,
+++ stats, fpr, fpr_len, options, 0, 0,
+++ screener, screener_arg, origin, url, NULL);
+++ if (secattic)
+++ {
+++ byte tmpfpr[MAX_FINGERPRINT_LEN];
+++ size_t tmpfprlen;
+++
+++ if (!rc && !(opt.dry_run || (options & IMPORT_DRY_RUN)))
+++ {
+++ /* Kudge for PGP desktop - see below. */
+++ fingerprint_from_pk (keyblock->pkt->pkt.public_key,
+++ tmpfpr, &tmpfprlen);
+++ rc = import_matching_seckeys (ctrl, secattic,
+++ tmpfpr, tmpfprlen,
+++ stats, opt.batch);
+++ }
+++ release_kbnode (secattic);
+++ secattic = NULL;
+++ }
+++ }
++ else if (keyblock->pkt->pkttype == PKT_SECRET_KEY)
++- rc = import_secret_one (ctrl, keyblock, stats,
++- opt.batch, options, 0,
++- screener, screener_arg);
+++ {
+++ release_kbnode (secattic);
+++ secattic = NULL;
+++ rc = import_secret_one (ctrl, keyblock, stats,
+++ opt.batch, options, 0,
+++ screener, screener_arg, &secattic);
+++ keyblock = NULL; /* Ownership was transferred. */
+++ if (secattic)
+++ {
+++ if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY)
+++ rc = 0; /* Try import after the next pubkey. */
+++
+++ /* The attic is a workaround for the peculiar PGP
+++ * Desktop method of exporting a secret key: The
+++ * exported file is the concatenation of two armored
+++ * keyblocks; first the private one and then the public
+++ * one. The strange thing is that the secret one has no
+++ * binding signatures at all and thus we have not
+++ * imported it. The attic stores that secret keys and
+++ * we try to import it once after the very next public
+++ * keyblock. */
+++ }
+++ }
++ else if (keyblock->pkt->pkttype == PKT_SIGNATURE
++ && IS_KEY_REV (keyblock->pkt->pkt.signature) )
++- rc = import_revoke_cert (ctrl, keyblock, options, stats);
+++ {
+++ release_kbnode (secattic);
+++ secattic = NULL;
+++ rc = import_revoke_cert (ctrl, keyblock, options, stats);
+++ }
++ else
++ {
+++ release_kbnode (secattic);
+++ secattic = NULL;
++ log_info (_("skipping block of type %d\n"), keyblock->pkt->pkttype);
++ }
++ release_kbnode (keyblock);
++@@ -619,6 +672,7 @@ import (ctrl_t ctrl, IOBUF inp, const char* fname,struct import_stats_s *stats,
++ else if (rc && gpg_err_code (rc) != GPG_ERR_INV_KEYRING)
++ log_error (_("error reading '%s': %s\n"), fname, gpg_strerror (rc));
++
+++ release_kbnode (secattic);
++ return rc;
++ }
++
++@@ -655,8 +709,11 @@ import_old_secring (ctrl_t ctrl, const char *fname)
++ while (!(err = read_block (inp, 0, &pending_pkt, &keyblock, &v3keys)))
++ {
++ if (keyblock->pkt->pkttype == PKT_SECRET_KEY)
++- err = import_secret_one (ctrl, keyblock, stats, 1, 0, 1,
++- NULL, NULL);
+++ {
+++ err = import_secret_one (ctrl, keyblock, stats, 1, 0, 1,
+++ NULL, NULL, NULL);
+++ keyblock = NULL; /* Ownership was transferred. */
+++ }
++ release_kbnode (keyblock);
++ if (err)
++ break;
++@@ -2159,12 +2216,15 @@ import_one (ctrl_t ctrl,
++
++
++ /* Transfer all the secret keys in SEC_KEYBLOCK to the gpg-agent. The
++- function prints diagnostics and returns an error code. If BATCH is
++- true the secret keys are stored by gpg-agent in the transfer format
++- (i.e. no re-protection and aksing for passphrases). */
+++ * function prints diagnostics and returns an error code. If BATCH is
+++ * true the secret keys are stored by gpg-agent in the transfer format
+++ * (i.e. no re-protection and aksing for passphrases). If ONLY_MARKED
+++ * is set, only those nodes with flag NODE_TRANSFER_SECKEY are
+++ * processed. */
++ gpg_error_t
++ transfer_secret_keys (ctrl_t ctrl, struct import_stats_s *stats,
++- kbnode_t sec_keyblock, int batch, int force)
+++ kbnode_t sec_keyblock, int batch, int force,
+++ int only_marked)
++ {
++ gpg_error_t err = 0;
++ void *kek = NULL;
++@@ -2205,12 +2265,16 @@ transfer_secret_keys (ctrl_t ctrl, struct import_stats_s *stats,
++ xfree (kek);
++ kek = NULL;
++
+++ /* Note: We need to use walk_kbnode so that we skip nodes which are
+++ * marked as deleted. */
++ main_pk = NULL;
++ while ((node = walk_kbnode (sec_keyblock, &ctx, 0)))
++ {
++ if (node->pkt->pkttype != PKT_SECRET_KEY
++ && node->pkt->pkttype != PKT_SECRET_SUBKEY)
++ continue;
+++ if (only_marked && !(node->flag & NODE_TRANSFER_SECKEY))
+++ continue;
++ pk = node->pkt->pkt.public_key;
++ if (!main_pk)
++ main_pk = pk;
++@@ -2508,12 +2572,15 @@ sec_to_pub_keyblock (kbnode_t sec_keyblock)
++ /* Delete all notes in the keyblock at R_KEYBLOCK which are not in
++ * PUB_KEYBLOCK. Modifies the tags of both keyblock's nodes. */
++ static gpg_error_t
++-resync_sec_with_pub_keyblock (kbnode_t *r_keyblock, kbnode_t pub_keyblock)
+++resync_sec_with_pub_keyblock (kbnode_t *r_keyblock, kbnode_t pub_keyblock,
+++ kbnode_t *r_removedsecs)
++ {
++ kbnode_t sec_keyblock = *r_keyblock;
++- kbnode_t node;
+++ kbnode_t node, prevnode;
++ unsigned int *taglist;
++ unsigned int ntaglist, n;
+++ kbnode_t attic = NULL;
+++ kbnode_t *attic_head = &attic;
++
++ /* Collect all tags in an array for faster searching. */
++ for (ntaglist = 0, node = pub_keyblock; node; node = node->next)
++@@ -2525,40 +2592,188 @@ resync_sec_with_pub_keyblock (kbnode_t *r_keyblock, kbnode_t pub_keyblock)
++ taglist[ntaglist++] = node->tag;
++
++ /* Walks over the secret keyblock and delete all nodes which are not
++- * in the tag list. Those nodes have been delete in the
++- * pub_keyblock. Sequential search is a bit lazt and could be
++- * optimized by sorting and bsearch; however secret key rings are
++- * short and there are easier weaus to DoS gpg. */
++- for (node = sec_keyblock; node; node = node->next)
+++ * in the tag list. Those nodes have been deleted in the
+++ * pub_keyblock. Sequential search is a bit lazy and could be
+++ * optimized by sorting and bsearch; however secret keyrings are
+++ * short and there are easier ways to DoS the import. */
+++ again:
+++ for (prevnode=NULL, node=sec_keyblock; node; prevnode=node, node=node->next)
++ {
++ for (n=0; n < ntaglist; n++)
++ if (taglist[n] == node->tag)
++ break;
++- if (n == ntaglist)
++- delete_kbnode (node);
+++ if (n == ntaglist) /* Not in public keyblock. */
+++ {
+++ if (node->pkt->pkttype == PKT_SECRET_KEY
+++ || node->pkt->pkttype == PKT_SECRET_SUBKEY)
+++ {
+++ if (!prevnode)
+++ sec_keyblock = node->next;
+++ else
+++ prevnode->next = node->next;
+++ node->next = NULL;
+++ *attic_head = node;
+++ attic_head = &node->next;
+++ goto again; /* That's lame; I know. */
+++ }
+++ else
+++ delete_kbnode (node);
+++ }
++ }
++
++ xfree (taglist);
++
++ /* Commit the as deleted marked nodes and return the possibly
++- * modified keyblock. */
+++ * modified keyblock and a list of removed secret key nodes. */
++ commit_kbnode (&sec_keyblock);
++ *r_keyblock = sec_keyblock;
+++ *r_removedsecs = attic;
++ return 0;
++ }
++
++
++-/****************
++- * Ditto for secret keys. Handling is simpler than for public keys.
++- * We allow secret key importing only when allow is true, this is so
++- * that a secret key can not be imported accidentally and thereby tampering
++- * with the trust calculation.
+++/* Helper for import_secret_one. */
+++static gpg_error_t
+++do_transfer (ctrl_t ctrl, kbnode_t keyblock, PKT_public_key *pk,
+++ struct import_stats_s *stats, int batch, int only_marked)
+++
+++{
+++ gpg_error_t err;
+++ struct import_stats_s subkey_stats = {0};
+++
+++ err = transfer_secret_keys (ctrl, &subkey_stats, keyblock,
+++ batch, 0, only_marked);
+++ if (gpg_err_code (err) == GPG_ERR_NOT_PROCESSED)
+++ {
+++ /* TRANSLATORS: For a smartcard, each private key on host has a
+++ * reference (stub) to a smartcard and actual private key data
+++ * is stored on the card. A single smartcard can have up to
+++ * three private key data. Importing private key stub is always
+++ * skipped in 2.1, and it returns GPG_ERR_NOT_PROCESSED.
+++ * Instead, user should be suggested to run 'gpg --card-status',
+++ * then, references to a card will be automatically created
+++ * again. */
+++ log_info (_("To migrate '%s', with each smartcard, "
+++ "run: %s\n"), "secring.gpg", "gpg --card-status");
+++ err = 0;
+++ }
+++
+++ if (!err)
+++ {
+++ int status = 16;
+++
+++ if (!opt.quiet)
+++ log_info (_("key %s: secret key imported\n"), keystr_from_pk (pk));
+++ if (subkey_stats.secret_imported)
+++ {
+++ status |= 1;
+++ stats->secret_imported += 1;
+++ }
+++ if (subkey_stats.secret_dups)
+++ stats->secret_dups += 1;
+++
+++ if (is_status_enabled ())
+++ print_import_ok (pk, status);
+++ }
+++
+++ return err;
+++}
+++
+++
+++/* If the secret keys (main or subkey) in SECKEYS have a corresponding
+++ * public key in the public key described by (FPR,FPRLEN) import these
+++ * parts.
+++ */
+++static gpg_error_t
+++import_matching_seckeys (ctrl_t ctrl, kbnode_t seckeys,
+++ const byte *mainfpr, size_t mainfprlen,
+++ struct import_stats_s *stats, int batch)
+++{
+++ gpg_error_t err;
+++ kbnode_t pub_keyblock = NULL;
+++ kbnode_t node;
+++ struct { byte fpr[MAX_FINGERPRINT_LEN]; size_t fprlen; } *fprlist = NULL;
+++ size_t n, nfprlist;
+++ byte fpr[MAX_FINGERPRINT_LEN];
+++ size_t fprlen;
+++ PKT_public_key *pk;
+++
+++ /* Get the entire public key block from our keystore and put all its
+++ * fingerprints into an array. */
+++ err = get_pubkey_byfprint (ctrl, NULL, &pub_keyblock, mainfpr, mainfprlen);
+++ if (err)
+++ goto leave;
+++ log_assert (pub_keyblock && pub_keyblock->pkt->pkttype == PKT_PUBLIC_KEY);
+++ pk = pub_keyblock->pkt->pkt.public_key;
+++
+++ for (nfprlist = 0, node = pub_keyblock; node; node = node->next)
+++ if (node->pkt->pkttype == PKT_PUBLIC_KEY
+++ || node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
+++ nfprlist++;
+++ log_assert (nfprlist);
+++ fprlist = xtrycalloc (nfprlist, sizeof *fprlist);
+++ if (!fprlist)
+++ {
+++ err = gpg_error_from_syserror ();
+++ goto leave;
+++ }
+++ for (n = 0, node = pub_keyblock; node; node = node->next)
+++ if (node->pkt->pkttype == PKT_PUBLIC_KEY
+++ || node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
+++ {
+++ fingerprint_from_pk (node->pkt->pkt.public_key,
+++ fprlist[n].fpr, &fprlist[n].fprlen);
+++ n++;
+++ }
+++ log_assert (n == nfprlist);
+++
+++ /* for (n=0; n < nfprlist; n++) */
+++ /* log_printhex (fprlist[n].fpr, fprlist[n].fprlen, "pubkey %zu:", n); */
+++
+++ /* Mark all secret keys which have a matching public key part in
+++ * PUB_KEYBLOCK. */
+++ for (node = seckeys; node; node = node->next)
+++ {
+++ if (node->pkt->pkttype != PKT_SECRET_KEY
+++ && node->pkt->pkttype != PKT_SECRET_SUBKEY)
+++ continue; /* Should not happen. */
+++ fingerprint_from_pk (node->pkt->pkt.public_key, fpr, &fprlen);
+++ node->flag &= ~NODE_TRANSFER_SECKEY;
+++ for (n=0; n < nfprlist; n++)
+++ if (fprlist[n].fprlen == fprlen && !memcmp (fprlist[n].fpr,fpr,fprlen))
+++ {
+++ node->flag |= NODE_TRANSFER_SECKEY;
+++ /* log_debug ("found matching seckey\n"); */
+++ break;
+++ }
+++ }
+++
+++ /* Transfer all marked keys. */
+++ err = do_transfer (ctrl, seckeys, pk, stats, batch, 1);
+++
+++ leave:
+++ xfree (fprlist);
+++ release_kbnode (pub_keyblock);
+++ return err;
+++}
+++
+++
+++/* Import function for a single secret keyblock. Handling is simpler
+++ * than for public keys. We allow secret key importing only when
+++ * allow is true, this is so that a secret key can not be imported
+++ * accidentally and thereby tampering with the trust calculation.
+++ *
+++ * Ownership of KEYBLOCK is transferred to this function!
+++ *
+++ * If R_SECATTIC is not null the last special sec_keyblock is stored
+++ * there.
++ */
++ static gpg_error_t
++ import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
++ struct import_stats_s *stats, int batch,
++ unsigned int options, int for_migration,
++- import_screener_t screener, void *screener_arg)
+++ import_screener_t screener, void *screener_arg,
+++ kbnode_t *r_secattic)
++ {
++ PKT_public_key *pk;
++ struct seckey_info *ski;
++@@ -2567,6 +2782,9 @@ import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
++ gpg_error_t err = 0;
++ int nr_prev;
++ kbnode_t pub_keyblock;
+++ kbnode_t attic = NULL;
+++ byte fpr[MAX_FINGERPRINT_LEN];
+++ size_t fprlen;
++ char pkstrbuf[PUBKEY_STRING_SIZE];
++
++ /* Get the key and print some info about it */
++@@ -2576,6 +2794,7 @@ import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
++
++ pk = node->pkt->pkt.public_key;
++
+++ fingerprint_from_pk (pk, fpr, &fprlen);
++ keyid_from_pk (pk, keyid);
++ uidnode = find_next_kbnode (keyblock, PKT_USER_ID);
++
++@@ -2583,6 +2802,7 @@ import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
++ {
++ log_error (_("secret key %s: %s\n"), keystr_from_pk (pk),
++ _("rejected by import screener"));
+++ release_kbnode (keyblock);
++ return 0;
++ }
++
++@@ -2602,6 +2822,7 @@ import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
++ {
++ if (!for_migration)
++ log_error (_("importing secret keys not allowed\n"));
+++ release_kbnode (keyblock);
++ return 0;
++ }
++
++@@ -2609,6 +2830,7 @@ import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
++ {
++ if (!for_migration)
++ log_error( _("key %s: no user ID\n"), keystr_from_pk (pk));
+++ release_kbnode (keyblock);
++ return 0;
++ }
++
++@@ -2617,6 +2839,7 @@ import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
++ {
++ /* Actually an internal error. */
++ log_error ("key %s: secret key info missing\n", keystr_from_pk (pk));
+++ release_kbnode (keyblock);
++ return 0;
++ }
++
++@@ -2627,6 +2850,7 @@ import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
++ if (!for_migration)
++ log_error (_("key %s: secret key with invalid cipher %d"
++ " - skipped\n"), keystr_from_pk (pk), ski->algo);
+++ release_kbnode (keyblock);
++ return 0;
++ }
++
++@@ -2637,6 +2861,7 @@ import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
++ to put a secret key into the keyring and the user might later
++ be tricked into signing stuff with that key. */
++ log_error (_("importing secret keys not allowed\n"));
+++ release_kbnode (keyblock);
++ return 0;
++ }
++ #endif
++@@ -2668,16 +2893,43 @@ import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
++ * the public keyblock. Otherwise we would import just the
++ * secret key without having the public key. That would be
++ * surprising and clutters out private-keys-v1.d. */
++- err = resync_sec_with_pub_keyblock (&keyblock, pub_keyblock);
+++ err = resync_sec_with_pub_keyblock (&keyblock, pub_keyblock, &attic);
++ if (err)
++ goto leave;
++
++ if (!valid)
++ {
++- err = gpg_error (GPG_ERR_NO_SECKEY);
+++ /* If the block was not valid the primary key is left in the
+++ * original keyblock because we require that for the first
+++ * node. Move it to ATTIC. */
+++ if (keyblock && keyblock->pkt->pkttype == PKT_SECRET_KEY)
+++ {
+++ node = keyblock;
+++ keyblock = node->next;
+++ node->next = NULL;
+++ if (attic)
+++ {
+++ node->next = attic;
+++ attic = node;
+++ }
+++ else
+++ attic = node;
+++ }
+++
+++ /* Try to import the secret key iff we have a public key. */
+++ if (attic && !(opt.dry_run || (options & IMPORT_DRY_RUN)))
+++ err = import_matching_seckeys (ctrl, attic, fpr, fprlen,
+++ stats, batch);
+++ else
+++ err = gpg_error (GPG_ERR_NO_SECKEY);
++ goto leave;
++ }
++
+++ /* log_debug ("attic is:\n"); */
+++ /* dump_kbnode (attic); */
+++
+++ /* Proceed with the valid parts of PUBKEYBLOCK. */
+++
++ /* At least we cancel the secret key import when the public key
++ import was skipped due to MERGE_ONLY option and a new
++ key. */
++@@ -2686,62 +2938,37 @@ import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
++ {
++ /* Read the keyblock again to get the effects of a merge for
++ * the public key. */
++- /* Fixme: we should do this based on the fingerprint or
++- even better let import_one return the merged
++- keyblock. */
++- node = get_pubkeyblock (ctrl, keyid);
++- if (!node)
++- log_error ("key %s: failed to re-lookup public key\n",
++- keystr_from_pk (pk));
+++ err = get_pubkey_byfprint (ctrl, NULL, &node, fpr, fprlen);
+++ if (err || !node)
+++ log_error ("key %s: failed to re-lookup public key: %s\n",
+++ keystr_from_pk (pk), gpg_strerror (err));
++ else
++ {
++- /* transfer_secret_keys collects subkey stats. */
++- struct import_stats_s subkey_stats = {0};
+++ err = do_transfer (ctrl, keyblock, pk, stats, batch, 0);
+++ if (!err)
+++ check_prefs (ctrl, node);
+++ release_kbnode (node);
++
++- err = transfer_secret_keys (ctrl, &subkey_stats, keyblock,
++- batch, 0);
++- if (gpg_err_code (err) == GPG_ERR_NOT_PROCESSED)
+++ if (!err && attic)
++ {
++- /* TRANSLATORS: For smartcard, each private key on
++- host has a reference (stub) to a smartcard and
++- actual private key data is stored on the card. A
++- single smartcard can have up to three private key
++- data. Importing private key stub is always
++- skipped in 2.1, and it returns
++- GPG_ERR_NOT_PROCESSED. Instead, user should be
++- suggested to run 'gpg --card-status', then,
++- references to a card will be automatically
++- created again. */
++- log_info (_("To migrate '%s', with each smartcard, "
++- "run: %s\n"), "secring.gpg", "gpg --card-status");
++- err = 0;
+++ /* Try to import invalid subkeys. This can be the
+++ * case if the primary secret key was imported due
+++ * to --allow-non-selfsigned-uid. */
+++ err = import_matching_seckeys (ctrl, attic, fpr, fprlen,
+++ stats, batch);
++ }
++- if (!err)
++- {
++- int status = 16;
++- if (!opt.quiet)
++- log_info (_("key %s: secret key imported\n"),
++- keystr_from_pk (pk));
++- if (subkey_stats.secret_imported)
++- {
++- status |= 1;
++- stats->secret_imported += 1;
++- }
++- if (subkey_stats.secret_dups)
++- stats->secret_dups += 1;
++-
++- if (is_status_enabled ())
++- print_import_ok (pk, status);
++
++- check_prefs (ctrl, node);
++- }
++- release_kbnode (node);
++ }
++ }
++ }
++
++ leave:
+++ release_kbnode (keyblock);
++ release_kbnode (pub_keyblock);
+++ if (r_secattic)
+++ *r_secattic = attic;
+++ else
+++ release_kbnode (attic);
++ return err;
++ }
++
++diff --git a/g10/keyedit.c b/g10/keyedit.c
++index f95f02f..742dfba 100644
++--- a/g10/keyedit.c
+++++ b/g10/keyedit.c
++@@ -1894,7 +1894,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
++ node = new_kbnode (pkt);
++
++ /* Transfer it to gpg-agent which handles secret keys. */
++- err = transfer_secret_keys (ctrl, NULL, node, 1, 1);
+++ err = transfer_secret_keys (ctrl, NULL, node, 1, 1, 0);
++
++ /* Treat the pkt as a public key. */
++ pkt->pkttype = PKT_PUBLIC_KEY;
++diff --git a/g10/main.h b/g10/main.h
++index dcd3767..d3d6060 100644
++--- a/g10/main.h
+++++ b/g10/main.h
++@@ -376,7 +376,8 @@ struct impex_filter_parm_s
++
++ const char *impex_filter_getval (void *cookie, const char *propname);
++ gpg_error_t transfer_secret_keys (ctrl_t ctrl, struct import_stats_s *stats,
++- kbnode_t sec_keyblock, int batch, int force);
+++ kbnode_t sec_keyblock, int batch, int force,
+++ int only_marked);
++
++ int collapse_uids( KBNODE *keyblock );
++
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Fri, 15 Mar 2019 19:50:37 +0100
++Subject: gpg: Avoid importing secret keys if the keyblock is not valid.
++
++* g10/keydb.h (struct kbnode_struct): Replace unused field RECNO by
++new field TAG.
++* g10/kbnode.c (alloc_node): Change accordingly.
++* g10/import.c (import_one): Add arg r_valid.
++(sec_to_pub_keyblock): Set tags.
++(resync_sec_with_pub_keyblock): New.
++(import_secret_one): Change return code to gpg_error_t. Return an
++error code if sec_to_pub_keyblock failed. Resync secret keyblock.
++--
++
++When importing an invalid secret key ring for example without key
++binding signatures or no UIDs, gpg used to let gpg-agent store the
++secret keys anyway. This is clearly a bug because the diagnostics
++before claimed that for example the subkeys have been skipped.
++Importing the secret key parameters then anyway is surprising in
++particular because a gpg -k does not show the key. After importing
++the public key the secret keys suddenly showed up.
++
++This changes the behaviour of
++GnuPG-bug-id: 4392
++to me more consistent but is not a solution to the actual bug.
++
++Caution: The ecc.scm test now fails because two of the sample keys
++ don't have binding signatures.
++
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit f799e9728bcadb3d4148a47848c78c5647860ea4)
++(cherry picked from commit 43b23aa82be7e02414398af506986b812e2b9349)
++---
++ g10/import.c | 122 ++++++++++++++++++++++++++++++++--------
++ g10/kbnode.c | 2 +-
++ g10/keydb.h | 13 +++--
++ tests/openpgp/ecc.scm | 2 +-
++ tests/openpgp/samplekeys/README | 2 +
++ 5 files changed, 111 insertions(+), 30 deletions(-)
++
++diff --git a/g10/import.c b/g10/import.c
++index a5f4f38..2a01814 100644
++--- a/g10/import.c
+++++ b/g10/import.c
++@@ -109,8 +109,8 @@ static gpg_error_t import_one (ctrl_t ctrl,
++ unsigned char **fpr, size_t *fpr_len,
++ unsigned int options, int from_sk, int silent,
++ import_screener_t screener, void *screener_arg,
++- int origin, const char *url);
++-static int import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
+++ int origin, const char *url, int *r_valid);
+++static gpg_error_t import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
++ struct import_stats_s *stats, int batch,
++ unsigned int options, int for_migration,
++ import_screener_t screener, void *screener_arg);
++@@ -584,7 +584,7 @@ import (ctrl_t ctrl, IOBUF inp, const char* fname,struct import_stats_s *stats,
++ if (keyblock->pkt->pkttype == PKT_PUBLIC_KEY)
++ rc = import_one (ctrl, keyblock,
++ stats, fpr, fpr_len, options, 0, 0,
++- screener, screener_arg, origin, url);
+++ screener, screener_arg, origin, url, NULL);
++ else if (keyblock->pkt->pkttype == PKT_SECRET_KEY)
++ rc = import_secret_one (ctrl, keyblock, stats,
++ opt.batch, options, 0,
++@@ -1654,7 +1654,9 @@ update_key_origin (kbnode_t keyblock, u32 curtime, int origin, const char *url)
++ * programs which called gpg. If SILENT is no messages are printed -
++ * even most error messages are suppressed. ORIGIN is the origin of
++ * the key (0 for unknown) and URL the corresponding URL. FROM_SK
++- * indicates that the key has been made from a secret key.
+++ * indicates that the key has been made from a secret key. If R_SAVED
+++ * is not NULL a boolean will be stored indicating whether the keyblock
+++ * has valid parts.
++ */
++ static gpg_error_t
++ import_one (ctrl_t ctrl,
++@@ -1662,7 +1664,7 @@ import_one (ctrl_t ctrl,
++ unsigned char **fpr, size_t *fpr_len, unsigned int options,
++ int from_sk, int silent,
++ import_screener_t screener, void *screener_arg,
++- int origin, const char *url)
+++ int origin, const char *url, int *r_valid)
++ {
++ gpg_error_t err = 0;
++ PKT_public_key *pk;
++@@ -1681,6 +1683,9 @@ import_one (ctrl_t ctrl,
++ int any_filter = 0;
++ KEYDB_HANDLE hd = NULL;
++
+++ if (r_valid)
+++ *r_valid = 0;
+++
++ /* If show-only is active we don't won't any extra output. */
++ if ((options & (IMPORT_SHOW | IMPORT_DRY_RUN)))
++ silent = 1;
++@@ -1701,7 +1706,7 @@ import_one (ctrl_t ctrl,
++ if (opt.verbose && !opt.interactive && !silent && !from_sk)
++ {
++ /* Note that we do not print this info in FROM_SK mode
++- * because import_one already printed that. */
+++ * because import_secret_one already printed that. */
++ log_info ("pub %s/%s %s ",
++ pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
++ keystr_from_pk(pk), datestr_from_pk(pk) );
++@@ -1827,6 +1832,10 @@ import_one (ctrl_t ctrl,
++ return 0;
++ }
++
+++ /* The keyblock is valid and ready for real import. */
+++ if (r_valid)
+++ *r_valid = 1;
+++
++ /* Show the key in the form it is merged or inserted. We skip this
++ * if "import-export" is also active without --armor or the output
++ * file has explicily been given. */
++@@ -2440,14 +2449,21 @@ transfer_secret_keys (ctrl_t ctrl, struct import_stats_s *stats,
++
++
++ /* Walk a secret keyblock and produce a public keyblock out of it.
++- Returns a new node or NULL on error. */
+++ * Returns a new node or NULL on error. Modifies the tag field of the
+++ * nodes. */
++ static kbnode_t
++ sec_to_pub_keyblock (kbnode_t sec_keyblock)
++ {
++ kbnode_t pub_keyblock = NULL;
++ kbnode_t ctx = NULL;
++ kbnode_t secnode, pubnode;
+++ unsigned int tag = 0;
+++
+++ /* Set a tag to all nodes. */
+++ for (secnode = sec_keyblock; secnode; secnode = secnode->next)
+++ secnode->tag = ++tag;
++
+++ /* Copy. */
++ while ((secnode = walk_kbnode (sec_keyblock, &ctx, 0)))
++ {
++ if (secnode->pkt->pkttype == PKT_SECRET_KEY
++@@ -2477,6 +2493,7 @@ sec_to_pub_keyblock (kbnode_t sec_keyblock)
++ {
++ pubnode = clone_kbnode (secnode);
++ }
+++ pubnode->tag = secnode->tag;
++
++ if (!pub_keyblock)
++ pub_keyblock = pubnode;
++@@ -2487,23 +2504,67 @@ sec_to_pub_keyblock (kbnode_t sec_keyblock)
++ return pub_keyblock;
++ }
++
+++
+++/* Delete all notes in the keyblock at R_KEYBLOCK which are not in
+++ * PUB_KEYBLOCK. Modifies the tags of both keyblock's nodes. */
+++static gpg_error_t
+++resync_sec_with_pub_keyblock (kbnode_t *r_keyblock, kbnode_t pub_keyblock)
+++{
+++ kbnode_t sec_keyblock = *r_keyblock;
+++ kbnode_t node;
+++ unsigned int *taglist;
+++ unsigned int ntaglist, n;
+++
+++ /* Collect all tags in an array for faster searching. */
+++ for (ntaglist = 0, node = pub_keyblock; node; node = node->next)
+++ ntaglist++;
+++ taglist = xtrycalloc (ntaglist, sizeof *taglist);
+++ if (!taglist)
+++ return gpg_error_from_syserror ();
+++ for (ntaglist = 0, node = pub_keyblock; node; node = node->next)
+++ taglist[ntaglist++] = node->tag;
+++
+++ /* Walks over the secret keyblock and delete all nodes which are not
+++ * in the tag list. Those nodes have been delete in the
+++ * pub_keyblock. Sequential search is a bit lazt and could be
+++ * optimized by sorting and bsearch; however secret key rings are
+++ * short and there are easier weaus to DoS gpg. */
+++ for (node = sec_keyblock; node; node = node->next)
+++ {
+++ for (n=0; n < ntaglist; n++)
+++ if (taglist[n] == node->tag)
+++ break;
+++ if (n == ntaglist)
+++ delete_kbnode (node);
+++ }
+++
+++ xfree (taglist);
+++
+++ /* Commit the as deleted marked nodes and return the possibly
+++ * modified keyblock. */
+++ commit_kbnode (&sec_keyblock);
+++ *r_keyblock = sec_keyblock;
+++ return 0;
+++}
+++
+++
++ /****************
++ * Ditto for secret keys. Handling is simpler than for public keys.
++ * We allow secret key importing only when allow is true, this is so
++ * that a secret key can not be imported accidentally and thereby tampering
++ * with the trust calculation.
++ */
++-static int
+++static gpg_error_t
++ import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
++- struct import_stats_s *stats, int batch, unsigned int options,
++- int for_migration,
+++ struct import_stats_s *stats, int batch,
+++ unsigned int options, int for_migration,
++ import_screener_t screener, void *screener_arg)
++ {
++ PKT_public_key *pk;
++ struct seckey_info *ski;
++ kbnode_t node, uidnode;
++ u32 keyid[2];
++- int rc = 0;
+++ gpg_error_t err = 0;
++ int nr_prev;
++ kbnode_t pub_keyblock;
++ char pkstrbuf[PUBKEY_STRING_SIZE];
++@@ -2527,7 +2588,7 @@ import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
++
++ if (opt.verbose && !for_migration)
++ {
++- log_info ("sec %s/%s %s ",
+++ log_info ("sec %s/%s %s ",
++ pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
++ keystr_from_pk (pk), datestr_from_pk (pk));
++ if (uidnode)
++@@ -2587,20 +2648,35 @@ import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
++ /* Make a public key out of the key. */
++ pub_keyblock = sec_to_pub_keyblock (keyblock);
++ if (!pub_keyblock)
++- log_error ("key %s: failed to create public key from secret key\n",
++- keystr_from_pk (pk));
+++ {
+++ err = gpg_error_from_syserror ();
+++ log_error ("key %s: failed to create public key from secret key\n",
+++ keystr_from_pk (pk));
+++ }
++ else
++ {
+++ int valid;
+++
++ /* Note that this outputs an IMPORT_OK status message for the
++ public key block, and below we will output another one for
++ the secret keys. FIXME? */
++ import_one (ctrl, pub_keyblock, stats,
++ NULL, NULL, options, 1, for_migration,
++- screener, screener_arg, 0, NULL);
+++ screener, screener_arg, 0, NULL, &valid);
++
++- /* Fixme: We should check for an invalid keyblock and
++- cancel the secret key import in this case. */
++- release_kbnode (pub_keyblock);
+++ /* The secret keyblock may not have nodes which are deleted in
+++ * the public keyblock. Otherwise we would import just the
+++ * secret key without having the public key. That would be
+++ * surprising and clutters out private-keys-v1.d. */
+++ err = resync_sec_with_pub_keyblock (&keyblock, pub_keyblock);
+++ if (err)
+++ goto leave;
+++
+++ if (!valid)
+++ {
+++ err = gpg_error (GPG_ERR_NO_SECKEY);
+++ goto leave;
+++ }
++
++ /* At least we cancel the secret key import when the public key
++ import was skipped due to MERGE_ONLY option and a new
++@@ -2608,7 +2684,8 @@ import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
++ if (!(opt.dry_run || (options & IMPORT_DRY_RUN))
++ && stats->skipped_new_keys <= nr_prev)
++ {
++- /* Read the keyblock again to get the effects of a merge. */
+++ /* Read the keyblock again to get the effects of a merge for
+++ * the public key. */
++ /* Fixme: we should do this based on the fingerprint or
++ even better let import_one return the merged
++ keyblock. */
++@@ -2618,8 +2695,6 @@ import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
++ keystr_from_pk (pk));
++ else
++ {
++- gpg_error_t err;
++-
++ /* transfer_secret_keys collects subkey stats. */
++ struct import_stats_s subkey_stats = {0};
++
++@@ -2657,6 +2732,7 @@ import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
++
++ if (is_status_enabled ())
++ print_import_ok (pk, status);
+++
++ check_prefs (ctrl, node);
++ }
++ release_kbnode (node);
++@@ -2664,7 +2740,9 @@ import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
++ }
++ }
++
++- return rc;
+++ leave:
+++ release_kbnode (pub_keyblock);
+++ return err;
++ }
++
++
++diff --git a/g10/kbnode.c b/g10/kbnode.c
++index c2aaacd..9ed6caf 100644
++--- a/g10/kbnode.c
+++++ b/g10/kbnode.c
++@@ -68,8 +68,8 @@ alloc_node (void)
++ n->next = NULL;
++ n->pkt = NULL;
++ n->flag = 0;
+++ n->tag = 0;
++ n->private_flag=0;
++- n->recno = 0;
++ return n;
++ }
++
++diff --git a/g10/keydb.h b/g10/keydb.h
++index 6fb4e5e..7aa2048 100644
++--- a/g10/keydb.h
+++++ b/g10/keydb.h
++@@ -52,12 +52,13 @@ typedef struct getkey_ctx_s *getkey_ctx_t;
++ * This structure is also used to bind arbitrary packets together.
++ */
++
++-struct kbnode_struct {
++- KBNODE next;
++- PACKET *pkt;
++- int flag;
++- int private_flag;
++- ulong recno; /* used while updating the trustdb */
+++struct kbnode_struct
+++{
+++ kbnode_t next;
+++ PACKET *pkt;
+++ int flag; /* Local use during keyblock processing (not cloned).*/
+++ unsigned int tag; /* Ditto. */
+++ int private_flag;
++ };
++
++ #define is_deleted_kbnode(a) ((a)->private_flag & 1)
++diff --git a/tests/openpgp/ecc.scm b/tests/openpgp/ecc.scm
++index d7c02a5..a63ec45 100755
++--- a/tests/openpgp/ecc.scm
+++++ b/tests/openpgp/ecc.scm
++@@ -175,7 +175,7 @@ Rg==
++ (display "This is one line\n" (fdopen fd "wb")))
++
++ (for-each-p
++- "Checking ECDSA decryption"
+++ "Checking ECDH decryption"
++ (lambda (test)
++ (lettmp (x y)
++ (call-with-output-file
++diff --git a/tests/openpgp/samplekeys/README b/tests/openpgp/samplekeys/README
++index 9f1648b..f8a7e9e 100644
++--- a/tests/openpgp/samplekeys/README
+++++ b/tests/openpgp/samplekeys/README
++@@ -29,3 +29,5 @@ Notes:
++ such a file is created which is then directly followed by a separate
++ armored public key block. To create such a sample concatenate
++ pgp-desktop-skr.asc and E657FB607BB4F21C90BB6651BC067AF28BC90111.asc
+++- ecc-sample-2-sec.asc and ecc-sample-3-sec.asc do not have and
+++ binding signatures either. ecc-sample-1-sec.asc has them, though.
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Mon, 18 Mar 2019 14:10:16 +0100
++Subject: gpg: Do not bail out on v5 keys in the local keyring.
++
++* g10/parse-packet.c (parse_key): Return GPG_ERR_UNKNOWN_VERSION
++instead of invalid packet.
++* g10/keydb.c (parse_keyblock_image): Do not map the unknown version
++error to invalid keyring.
++(keydb_search): Skip unknown version errors simlar to legacy keys.
++* g10/keyring.c (keyring_rebuild_cache): Skip keys with unknown
++versions.
++* g10/import.c (read_block): Handle unknown version.
++--
++
++When using gpg 2.3 the local keyring may contain v5 keys. This patch
++allows the use of such a keyring also with a 2.2 version which does
++not support v5 keys. We will probably need some more tweaking here
++but this covers the most common cases of listing keys and also
++importing v5 keys.
++
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit de70a2f377c1647417fb8a2b6476c3744a901296)
++---
++ g10/import.c | 6 ++++--
++ g10/keydb.c | 13 +++++++++----
++ g10/keylist.c | 2 ++
++ g10/keyring.c | 2 ++
++ g10/parse-packet.c | 2 +-
++ 5 files changed, 18 insertions(+), 7 deletions(-)
++
++diff --git a/g10/import.c b/g10/import.c
++index f76ca0c..aeab4e0 100644
++--- a/g10/import.c
+++++ b/g10/import.c
++@@ -860,12 +860,14 @@ read_block( IOBUF a, int with_meta,
++ skip_sigs = 0;
++ while ((rc=parse_packet (&parsectx, pkt)) != -1)
++ {
++- if (rc && (gpg_err_code (rc) == GPG_ERR_LEGACY_KEY
+++ if (rc && ((gpg_err_code (rc) == GPG_ERR_LEGACY_KEY
+++ || gpg_err_code (rc) == GPG_ERR_UNKNOWN_VERSION)
++ && (pkt->pkttype == PKT_PUBLIC_KEY
++ || pkt->pkttype == PKT_SECRET_KEY)))
++ {
++ in_v3key = 1;
++- ++*r_v3keys;
+++ if (gpg_err_code (rc) != GPG_ERR_UNKNOWN_VERSION)
+++ ++*r_v3keys;
++ free_packet (pkt, &parsectx);
++ init_packet (pkt);
++ continue;
++diff --git a/g10/keydb.c b/g10/keydb.c
++index 03fadfd..0475f85 100644
++--- a/g10/keydb.c
+++++ b/g10/keydb.c
++@@ -1249,9 +1249,12 @@ parse_keyblock_image (iobuf_t iobuf, int pk_no, int uid_no,
++ }
++ if (err)
++ {
++- log_error ("parse_keyblock_image: read error: %s\n",
++- gpg_strerror (err));
++- err = gpg_error (GPG_ERR_INV_KEYRING);
+++ if (gpg_err_code (err) != GPG_ERR_UNKNOWN_VERSION)
+++ {
+++ log_error ("parse_keyblock_image: read error: %s\n",
+++ gpg_strerror (err));
+++ err = gpg_error (GPG_ERR_INV_KEYRING);
+++ }
++ break;
++ }
++
++@@ -1955,7 +1958,9 @@ keydb_search (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc,
++ rc = keybox_search (hd->active[hd->current].u.kb, desc,
++ ndesc, KEYBOX_BLOBTYPE_PGP,
++ descindex, &hd->skipped_long_blobs);
++- while (rc == GPG_ERR_LEGACY_KEY);
+++ while (gpg_err_code (rc) == GPG_ERR_LEGACY_KEY
+++ || gpg_err_code (rc) == GPG_ERR_UNKNOWN_VERSION)
+++ ;
++ break;
++ }
++
++diff --git a/g10/keylist.c b/g10/keylist.c
++index 7b3fde1..85fcdba 100644
++--- a/g10/keylist.c
+++++ b/g10/keylist.c
++@@ -527,6 +527,8 @@ list_all (ctrl_t ctrl, int secret, int mark_secret)
++ {
++ if (gpg_err_code (rc) == GPG_ERR_LEGACY_KEY)
++ continue; /* Skip legacy keys. */
+++ if (gpg_err_code (rc) == GPG_ERR_UNKNOWN_VERSION)
+++ continue; /* Skip keys with unknown versions. */
++ log_error ("keydb_get_keyblock failed: %s\n", gpg_strerror (rc));
++ goto leave;
++ }
++diff --git a/g10/keyring.c b/g10/keyring.c
++index 25ef507..a8dd462 100644
++--- a/g10/keyring.c
+++++ b/g10/keyring.c
++@@ -1476,6 +1476,8 @@ keyring_rebuild_cache (ctrl_t ctrl, void *token, int noisy)
++ {
++ if (gpg_err_code (rc) == GPG_ERR_LEGACY_KEY)
++ continue; /* Skip legacy keys. */
+++ if (gpg_err_code (rc) == GPG_ERR_UNKNOWN_VERSION)
+++ continue; /* Skip keys with unknown version. */
++ log_error ("keyring_get_keyblock failed: %s\n", gpg_strerror (rc));
++ goto leave;
++ }
++diff --git a/g10/parse-packet.c b/g10/parse-packet.c
++index ff348ec..05f63e9 100644
++--- a/g10/parse-packet.c
+++++ b/g10/parse-packet.c
++@@ -2296,7 +2296,7 @@ parse_key (IOBUF inp, int pkttype, unsigned long pktlen,
++ log_error ("packet(%d) with unknown version %d\n", pkttype, version);
++ if (list_mode)
++ es_fputs (":key packet: [unknown version]\n", listfp);
++- err = gpg_error (GPG_ERR_INV_PACKET);
+++ err = gpg_error (GPG_ERR_UNKNOWN_VERSION);
++ goto leave;
++ }
++
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Fri, 15 Mar 2019 19:11:32 +0100
++Subject: gpg: During secret key import print "sec" instead of "pub".
++
++* g10/keyedit.c (show_basic_key_info): New arg 'print_sec'. Remove
++useless code for "sub" and "ssb".
++* g10/import.c (import_one): Pass FROM_SK to show_basic_key_info. Do
++not print the first keyinfo in FROM_SK mode.
++printing.
++--
++
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit f64477db86568bdc28c313bfeb8b95d8edf05a3c)
++(cherry picked from commit db2d75f1ffede2ea77163b487a15e60249daffa0)
++---
++ g10/gpgcompose.c | 5 +++--
++ g10/import.c | 11 +++++++----
++ g10/keyedit.c | 23 ++++++++++++++---------
++ g10/keyedit.h | 2 +-
++ 4 files changed, 25 insertions(+), 16 deletions(-)
++
++diff --git a/g10/gpgcompose.c b/g10/gpgcompose.c
++index 226f793..aec0b4a 100644
++--- a/g10/gpgcompose.c
+++++ b/g10/gpgcompose.c
++@@ -3058,10 +3058,11 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
++ }
++
++ void
++-show_basic_key_info (ctrl_t ctrl, KBNODE keyblock)
+++show_basic_key_info (ctrl_t ctrl, KBNODE keyblock, int made_from_sec)
++ {
++ (void)ctrl;
++- (void) keyblock;
+++ (void)keyblock;
+++ (void)made_from_sec;
++ }
++
++ int
++diff --git a/g10/import.c b/g10/import.c
++index 29de8ff..a5f4f38 100644
++--- a/g10/import.c
+++++ b/g10/import.c
++@@ -1653,7 +1653,8 @@ update_key_origin (kbnode_t keyblock, u32 curtime, int origin, const char *url)
++ * the internal errorcount, so that invalid input can be detected by
++ * programs which called gpg. If SILENT is no messages are printed -
++ * even most error messages are suppressed. ORIGIN is the origin of
++- * the key (0 for unknown) and URL the corresponding URL.
+++ * the key (0 for unknown) and URL the corresponding URL. FROM_SK
+++ * indicates that the key has been made from a secret key.
++ */
++ static gpg_error_t
++ import_one (ctrl_t ctrl,
++@@ -1697,9 +1698,11 @@ import_one (ctrl_t ctrl,
++ keyid_from_pk( pk, keyid );
++ uidnode = find_next_kbnode( keyblock, PKT_USER_ID );
++
++- if (opt.verbose && !opt.interactive && !silent)
+++ if (opt.verbose && !opt.interactive && !silent && !from_sk)
++ {
++- log_info( "pub %s/%s %s ",
+++ /* Note that we do not print this info in FROM_SK mode
+++ * because import_one already printed that. */
+++ log_info ("pub %s/%s %s ",
++ pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
++ keystr_from_pk(pk), datestr_from_pk(pk) );
++ if (uidnode)
++@@ -1730,7 +1733,7 @@ import_one (ctrl_t ctrl,
++ print_import_check (pk, uidnode->pkt->pkt.user_id);
++ merge_keys_and_selfsig (ctrl, keyblock);
++ tty_printf ("\n");
++- show_basic_key_info (ctrl, keyblock);
+++ show_basic_key_info (ctrl, keyblock, from_sk);
++ tty_printf ("\n");
++ if (!cpr_get_answer_is_yes ("import.okay",
++ "Do you want to import this key? (y/N) "))
++diff --git a/g10/keyedit.c b/g10/keyedit.c
++index b717960..f95f02f 100644
++--- a/g10/keyedit.c
+++++ b/g10/keyedit.c
++@@ -3662,13 +3662,14 @@ show_key_with_all_names (ctrl_t ctrl, estream_t fp,
++
++
++ /* Display basic key information. This function is suitable to show
++- information on the key without any dependencies on the trustdb or
++- any other internal GnuPG stuff. KEYBLOCK may either be a public or
++- a secret key. This function may be called with KEYBLOCK containing
++- secret keys and thus the printing of "pub" vs. "sec" does only
++- depend on the packet type and not by checking with gpg-agent. */
+++ * information on the key without any dependencies on the trustdb or
+++ * any other internal GnuPG stuff. KEYBLOCK may either be a public or
+++ * a secret key. This function may be called with KEYBLOCK containing
+++ * secret keys and thus the printing of "pub" vs. "sec" does only
+++ * depend on the packet type and not by checking with gpg-agent. If
+++ * PRINT_SEC ist set "sec" is printed instead of "pub". */
++ void
++-show_basic_key_info (ctrl_t ctrl, kbnode_t keyblock)
+++show_basic_key_info (ctrl_t ctrl, kbnode_t keyblock, int print_sec)
++ {
++ KBNODE node;
++ int i;
++@@ -3681,13 +3682,17 @@ show_basic_key_info (ctrl_t ctrl, kbnode_t keyblock)
++ || node->pkt->pkttype == PKT_SECRET_KEY)
++ {
++ PKT_public_key *pk = node->pkt->pkt.public_key;
+++ const char *tag;
+++
+++ if (node->pkt->pkttype == PKT_SECRET_KEY || print_sec)
+++ tag = "sec";
+++ else
+++ tag = "pub";
++
++ /* Note, we use the same format string as in other show
++ functions to make the translation job easier. */
++ tty_printf ("%s %s/%s ",
++- node->pkt->pkttype == PKT_PUBLIC_KEY ? "pub" :
++- node->pkt->pkttype == PKT_PUBLIC_SUBKEY ? "sub" :
++- node->pkt->pkttype == PKT_SECRET_KEY ? "sec" :"ssb",
+++ tag,
++ pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
++ keystr_from_pk (pk));
++ tty_printf (_("created: %s"), datestr_from_pk (pk));
++diff --git a/g10/keyedit.h b/g10/keyedit.h
++index d1f453a..af5e996 100644
++--- a/g10/keyedit.h
+++++ b/g10/keyedit.h
++@@ -50,7 +50,7 @@ void keyedit_quick_set_expire (ctrl_t ctrl,
++ char **subkeyfprs);
++ void keyedit_quick_set_primary (ctrl_t ctrl, const char *username,
++ const char *primaryuid);
++-void show_basic_key_info (ctrl_t ctrl, kbnode_t keyblock);
+++void show_basic_key_info (ctrl_t ctrl, kbnode_t keyblock, int print_sec);
++ int keyedit_print_one_sig (ctrl_t ctrl, estream_t fp,
++ int rc, kbnode_t keyblock,
++ kbnode_t node, int *inv_sigs, int *no_key,
--- /dev/null
--- /dev/null
++From: "Neal H. Walfield" <neal@g10code.com>
++Date: Fri, 6 Oct 2017 11:51:39 +0200
++Subject: gpg: Fix comparison.
++
++* g10/gpgcompose.c (literal_name): Complain if passed zero arguments,
++not one or fewer.
++
++Signed-off-by: Neal H. Walfield <neal@walfield.org>
++(cherry picked from commit 1ed21eee79749b976b4a935f2279b162634e9c5e)
++---
++ g10/gpgcompose.c | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/g10/gpgcompose.c b/g10/gpgcompose.c
++index 430538e..226f793 100644
++--- a/g10/gpgcompose.c
+++++ b/g10/gpgcompose.c
++@@ -2746,7 +2746,7 @@ literal_name (const char *option, int argc, char *argv[], void *cookie)
++ {
++ struct litinfo *li = cookie;
++
++- if (argc <= 1)
+++ if (argc <= 0)
++ log_fatal ("Usage: %s NAME\n", option);
++
++ if (strlen (argv[0]) > 255)
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Tue, 5 Mar 2019 12:39:11 +0100
++Subject: gpg: Make invalid primary key algos obvious in key listings.
++
++* g10/keylist.c (print_key_line): Print a warning for invalid algos.
++--
++
++Non-OpenPGP compliant keys now show a warning flag on the sec or pub
++line like in:
++
++ gpg: can't encode a 256 bit MD into a 88 bits frame, algo=8
++ sec cv25519 2019-01-30 [INVALID_ALGO]
++ 4239F3D606A19258E7A88C3F9A3F4F909C5034C5
++ uid [ultimate] ffffff
++
++Instead of showing the usage flags "[CE]". Without this patch only
++the error message is printed and the reason for it was not immediately
++obvious (cv25519 is encryption only but we always consider the primary
++key as having the "C" flag).
++
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit db87132b10664718b7db6ec1dad584b54d1fb265)
++(cherry picked from commit d2a7f9078a4673ec53733e4f69fd17a8f1ac962d)
++---
++ g10/keylist.c | 10 +++++++++-
++ 1 file changed, 9 insertions(+), 1 deletion(-)
++
++diff --git a/g10/keylist.c b/g10/keylist.c
++index 262ea8d..7b3fde1 100644
++--- a/g10/keylist.c
+++++ b/g10/keylist.c
++@@ -2059,10 +2059,18 @@ print_key_line (ctrl_t ctrl, estream_t fp, PKT_public_key *pk, int secret)
++ tty_fprintf (fp, "/%s", keystr_from_pk (pk));
++ tty_fprintf (fp, " %s", datestr_from_pk (pk));
++
++- if ((opt.list_options & LIST_SHOW_USAGE))
+++ if (pk->flags.primary
+++ && !(openpgp_pk_algo_usage (pk->pubkey_algo)
+++ & (PUBKEY_USAGE_CERT| PUBKEY_USAGE_SIG|PUBKEY_USAGE_AUTH)))
+++ {
+++ /* A primary key which is really not capable to sign. */
+++ tty_fprintf (fp, " [INVALID_ALGO]");
+++ }
+++ else if ((opt.list_options & LIST_SHOW_USAGE))
++ {
++ tty_fprintf (fp, " [%s]", usagestr_from_pk (pk, 0));
++ }
+++
++ if (pk->flags.revoked)
++ {
++ tty_fprintf (fp, " [");
--- /dev/null
--- /dev/null
++From: NIIBE Yutaka <gniibe@fsij.org>
++Date: Mon, 25 Feb 2019 10:44:16 +0900
++Subject: gpgscm: Build well even if NDEBUG defined.
++
++* gpgscm/scheme.c (gc_reservation_failure): Fix adding ";".
++[!NDEBUG] (scheme_init_custom_alloc): Don't init seserved_lineno.
++
++--
++
++Cherry icked from master commit of:
++ e140c6d4f581be1a60a34b67b16430452f3987e8
++
++In some build environment, NDEBUG is defined (although it's
++bad practice). This change supports such a situation.
++
++GnuPG-bug-id: 3959
++Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
++(cherry picked from commit 8161afb9dddaba839be92fbe9d85c05235eda825)
++---
++ tests/gpgscm/scheme.c | 4 +++-
++ 1 file changed, 3 insertions(+), 1 deletion(-)
++
++diff --git a/tests/gpgscm/scheme.c b/tests/gpgscm/scheme.c
++index b188e36..b4960b0 100644
++--- a/tests/gpgscm/scheme.c
+++++ b/tests/gpgscm/scheme.c
++@@ -874,7 +874,7 @@ gc_reservation_failure(struct scheme *sc)
++ {
++ #ifdef NDEBUG
++ fprintf(stderr,
++- "insufficient reservation\n")
+++ "insufficient reservation\n");
++ #else
++ fprintf(stderr,
++ "insufficient %s reservation in line %d\n",
++@@ -5627,7 +5627,9 @@ int scheme_init_custom_alloc(scheme *sc, func_alloc malloc, func_dealloc free) {
++ sc->fcells = 0;
++ sc->inhibit_gc = GC_ENABLED;
++ sc->reserved_cells = 0;
+++#ifndef NDEBUG
++ sc->reserved_lineno = 0;
+++#endif
++ sc->no_memory=0;
++ sc->inport=sc->NIL;
++ sc->outport=sc->NIL;
--- /dev/null
--- /dev/null
++From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Date: Thu, 7 Sep 2017 18:39:37 -0400
++Subject: gpgsm: default to 3072-bit keys.
++
++* doc/gpgsm.texi, doc/howto-create-a-server-cert.texi: : update
++default to 3072 bits.
++* sm/certreqgen-ui.c (gpgsm_gencertreq_tty): update default to
++3072 bits.
++* sm/certreqgen.c (proc_parameters): update default to 3072 bits.
++* sm/gpgsm.c (main): print correct default_pubkey_algo.
++
++--
++
++3072-bit RSA is widely considered to be 128-bit-equivalent security.
++This is a sensible default in 2017.
++
++Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++
++(cherry picked from commit 7955262151a5c755814dd23414e6804f79125355)
++(cherry picked from commit 121286d9d1506dbaad9ba33bae2e459814fe5849)
++---
++ doc/gpgsm.texi | 2 +-
++ doc/howto-create-a-server-cert.texi | 14 +++++++-------
++ sm/certreqgen-ui.c | 2 +-
++ sm/certreqgen.c | 4 ++--
++ sm/gpgsm.c | 2 +-
++ 5 files changed, 12 insertions(+), 12 deletions(-)
++
++diff --git a/doc/gpgsm.texi b/doc/gpgsm.texi
++index ebe58bc..eb30368 100644
++--- a/doc/gpgsm.texi
+++++ b/doc/gpgsm.texi
++@@ -1082,7 +1082,7 @@ key. The algorithm must be capable of signing. This is a required
++ parameter. The only supported value for @var{algo} is @samp{rsa}.
++
++ @item Key-Length: @var{nbits}
++-The requested length of a generated key in bits. Defaults to 2048.
+++The requested length of a generated key in bits. Defaults to 3072.
++
++ @item Key-Grip: @var{hexstring}
++ This is optional and used to generate a CSR or certificate for an
++diff --git a/doc/howto-create-a-server-cert.texi b/doc/howto-create-a-server-cert.texi
++index 55f1a91..30e28bd 100644
++--- a/doc/howto-create-a-server-cert.texi
+++++ b/doc/howto-create-a-server-cert.texi
++@@ -31,14 +31,14 @@ Let's continue:
++
++ @cartouche
++ @example
++- What keysize do you want? (2048)
++- Requested keysize is 2048 bits
+++ What keysize do you want? (3072)
+++ Requested keysize is 3072 bits
++ @end example
++ @end cartouche
++
++-Hitting enter chooses the default RSA key size of 2048 bits. Smaller
++-keys are too weak on the modern Internet. If you choose a larger
++-(stronger) key, your server will need to do more work.
+++Hitting enter chooses the default RSA key size of 3072 bits. Keys
+++smaller than 2048 bits are too weak on the modern Internet. If you
+++choose a larger (stronger) key, your server will need to do more work.
++
++ @cartouche
++ @example
++@@ -124,7 +124,7 @@ request:
++ @example
++ These parameters are used:
++ Key-Type: RSA
++- Key-Length: 2048
+++ Key-Length: 3072
++ Key-Usage: sign, encrypt
++ Name-DN: CN=example.com
++ Name-DNS: example.com
++@@ -224,7 +224,7 @@ To see the content of your certificate, you may now enter:
++ aka: (dns-name example.com)
++ aka: (dns-name www.example.com)
++ validity: 2015-07-01 16:20:51 through 2016-07-01 16:20:51
++- key type: 2048 bit RSA
+++ key type: 3072 bit RSA
++ key usage: digitalSignature keyEncipherment
++ ext key usage: clientAuth (suggested), serverAuth (suggested), [...]
++ fingerprint: 0F:9C:27:B2:DA:05:5F:CB:33:D8:19:E9:65:B9:4F:BD:B1:98:CC:57
++diff --git a/sm/certreqgen-ui.c b/sm/certreqgen-ui.c
++index 9772a3b..4f8a1ac 100644
++--- a/sm/certreqgen-ui.c
+++++ b/sm/certreqgen-ui.c
++@@ -138,7 +138,7 @@ gpgsm_gencertreq_tty (ctrl_t ctrl, estream_t output_stream)
++ unsigned int nbits;
++ int minbits = 1024;
++ int maxbits = 4096;
++- int defbits = 2048;
+++ int defbits = 3072;
++ const char *keyusage;
++ char *subject_name;
++ membuf_t mb_email, mb_dns, mb_uri, mb_result;
++diff --git a/sm/certreqgen.c b/sm/certreqgen.c
++index 4431870..1d610c1 100644
++--- a/sm/certreqgen.c
+++++ b/sm/certreqgen.c
++@@ -26,7 +26,7 @@
++ $ cat >foo <<EOF
++ %echo Generating a standard key
++ Key-Type: RSA
++- Key-Length: 2048
+++ Key-Length: 3072
++ Name-DN: CN=test cert 1,OU=Aegypten Project,O=g10 Code GmbH,L=Ddorf,C=DE
++ Name-Email: joe@foo.bar
++ # Do a commit here, so that we can later print a "done"
++@@ -468,7 +468,7 @@ proc_parameters (ctrl_t ctrl, struct para_data_s *para,
++ /* Check the keylength. NOTE: If you change this make sure that it
++ macthes the gpgconflist item in gpgsm.c */
++ if (!get_parameter (para, pKEYLENGTH, 0))
++- nbits = 2048;
+++ nbits = 3072;
++ else
++ nbits = get_parameter_uint (para, pKEYLENGTH);
++ if ((nbits < 1024 || nbits > 4096) && !cardkeyid)
++diff --git a/sm/gpgsm.c b/sm/gpgsm.c
++index defc698..52f26e2 100644
++--- a/sm/gpgsm.c
+++++ b/sm/gpgsm.c
++@@ -1800,7 +1800,7 @@ main ( int argc, char **argv)
++ /* The next one is an info only item and should match what
++ proc_parameters actually implements. */
++ es_printf ("default_pubkey_algo:%lu:\"%s:\n", GC_OPT_FLAG_DEFAULT,
++- "RSA-2048");
+++ "RSA-3072");
++ es_printf ("compliance:%lu:\"%s:\n", GC_OPT_FLAG_DEFAULT, "gnupg");
++
++ }
--- /dev/null
--- /dev/null
++From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Date: Sun, 3 Mar 2019 10:22:34 -0500
++Subject: gpgv: Improve documentation for keyring choices
++
++* doc/gpgv.texi: Improve documentation for keyring choices
++
++--
++
++From the existing documentation, it's not clear whether the default
++keyring will always be mixed into the set of keyrings, or whether it
++will be skipped if a --keyring is present. The updated text here
++attempts to describe the keyring selection logic more completely.
++
++Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++(cherry picked from commit a7b2a87f940dba078867c44f1f50d46211d51719)
++---
++ doc/gpgv.texi | 15 ++++++++-------
++ 1 file changed, 8 insertions(+), 7 deletions(-)
++
++diff --git a/doc/gpgv.texi b/doc/gpgv.texi
++index a052861..2dd9576 100644
++--- a/doc/gpgv.texi
+++++ b/doc/gpgv.texi
++@@ -59,13 +59,14 @@ no configuration files and only a few options are implemented.
++ That does also mean that it does not check for expired or revoked
++ keys.
++
++-By default a keyring named @file{trustedkeys.kbx} is used; if that
++-does not exist a keyring named @file{trustedkeys.gpg} is used. The
++-default keyring is assumed to be in the home directory of GnuPG,
++-either the default home directory or the one set by an option or an
++-environment variable. The option @code{--keyring} may be used to
++-specify a different keyring or even multiple keyrings.
++-
+++If no @code{--keyring} option is given, @code{gpgv} looks for a
+++``default'' keyring named @file{trustedkeys.kbx} (preferred) or
+++@file{trustedkeys.gpg} in the home directory of GnuPG, either the
+++default home directory or the one set by the @code{--homedir} option
+++or the @code{GNUPGHOME} environment variable. If any @code{--keyring}
+++option is used, @code{gpgv} will not look for the default keyring. The
+++@code{--keyring} option may be used multiple times and all specified
+++keyrings will be used together.
++
++ @noindent
++ @mansect options
--- /dev/null
--- /dev/null
++From: NIIBE Yutaka <gniibe@fsij.org>
++Date: Wed, 20 Sep 2017 10:06:43 +0900
++Subject: scd: Distinguish cancel by user and protocol error.
++
++* scd/apdu.h (SW_HOST_CANCELLED): New.
++* scd/apdu.c (host_sw_string): Support SW_HOST_CANCELLED.
++(pcsc_error_to_sw): Return SW_HOST_CANCELLED for PCSC_E_CANCELLED.
++* scd/iso7816.c (map_sw): Return GPG_ERR_INV_RESPONSE for
++SW_HOST_ABORTED and GPG_ERR_CANCELED for SW_HOST_CANCELLED.
++
++Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
++(cherry picked from commit 2396055c096884d521c26b76f26263a146207c24)
++---
++ scd/apdu.c | 3 ++-
++ scd/apdu.h | 3 ++-
++ scd/iso7816.c | 3 ++-
++ 3 files changed, 6 insertions(+), 3 deletions(-)
++
++diff --git a/scd/apdu.c b/scd/apdu.c
++index 9e3594b..1a5e371 100644
++--- a/scd/apdu.c
+++++ b/scd/apdu.c
++@@ -499,6 +499,7 @@ host_sw_string (long err)
++ case SW_HOST_ABORTED: return "aborted";
++ case SW_HOST_NO_PINPAD: return "no pinpad";
++ case SW_HOST_ALREADY_CONNECTED: return "already connected";
+++ case SW_HOST_CANCELLED: return "cancelled";
++ default: return "unknown host status error";
++ }
++ }
++@@ -605,7 +606,7 @@ pcsc_error_to_sw (long ec)
++ {
++ case 0: rc = 0; break;
++
++- case PCSC_E_CANCELLED: rc = SW_HOST_ABORTED; break;
+++ case PCSC_E_CANCELLED: rc = SW_HOST_CANCELLED; break;
++ case PCSC_E_NO_MEMORY: rc = SW_HOST_OUT_OF_CORE; break;
++ case PCSC_E_TIMEOUT: rc = SW_HOST_CARD_IO_ERROR; break;
++ case PCSC_E_NO_SERVICE:
++diff --git a/scd/apdu.h b/scd/apdu.h
++index 6751e8c..8a0d4bd 100644
++--- a/scd/apdu.h
+++++ b/scd/apdu.h
++@@ -71,7 +71,8 @@ enum {
++ SW_HOST_NO_READER = 0x1000c,
++ SW_HOST_ABORTED = 0x1000d,
++ SW_HOST_NO_PINPAD = 0x1000e,
++- SW_HOST_ALREADY_CONNECTED = 0x1000f
+++ SW_HOST_ALREADY_CONNECTED = 0x1000f,
+++ SW_HOST_CANCELLED = 0x10010
++ };
++
++ struct dev_list;
++diff --git a/scd/iso7816.c b/scd/iso7816.c
++index 081b080..29208c2 100644
++--- a/scd/iso7816.c
+++++ b/scd/iso7816.c
++@@ -93,8 +93,9 @@ map_sw (int sw)
++ case SW_HOST_CARD_IO_ERROR: ec = GPG_ERR_EIO; break;
++ case SW_HOST_GENERAL_ERROR: ec = GPG_ERR_GENERAL; break;
++ case SW_HOST_NO_READER: ec = GPG_ERR_ENODEV; break;
++- case SW_HOST_ABORTED: ec = GPG_ERR_CANCELED; break;
+++ case SW_HOST_ABORTED: ec = GPG_ERR_INV_RESPONSE; break;
++ case SW_HOST_NO_PINPAD: ec = GPG_ERR_NOT_SUPPORTED; break;
+++ case SW_HOST_CANCELLED: ec = GPG_ERR_CANCELED; break;
++
++ default:
++ if ((sw & 0x010000))
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Thu, 28 Feb 2019 14:43:42 +0100
++Subject: sm: Don't mark a cert as de-vs compliant if it leads to SHA-1 sigs.
++
++* sm/keylist.c (print_compliance_flags): Also check the digest_algo.
++Add new arg 'cert'.
++--
++
++A certificate with algorithm sha1WithRSAEncryption can be de-vs
++compliant (e.g. if the next in the chain used sha256WithRSAEncryption
++to sign it and RSA is long enough) but flagging it as such is useless
++because that certificate can't be used because it will create
++signatures using the non-compliant SHA-1 algorithm.
++
++Well, it could be used for encryption. But also evaluating the
++key-usage flags here would make it harder for the user to understand
++why certain certificates are listed as de-vs compliant and others are
++not.
++
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit 2c75af9f65d15653ed1bc191f1098ae316607041)
++
++Reworked to also pass the CERT. Note that 2.2 won't get the PK
++Screening feature.
++
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit be69bf0cbd11cb8c0d452e07066669aacc6caafa)
++---
++ sm/keylist.c | 15 ++++++++++++---
++ 1 file changed, 12 insertions(+), 3 deletions(-)
++
++diff --git a/sm/keylist.c b/sm/keylist.c
++index 9997da8..3fe75a1 100644
++--- a/sm/keylist.c
+++++ b/sm/keylist.c
++@@ -348,10 +348,19 @@ email_kludge (const char *name)
++ /* Print the compliance flags to field 18. ALGO is the gcrypt algo
++ * number. NBITS is the length of the key in bits. */
++ static void
++-print_compliance_flags (int algo, unsigned int nbits, estream_t fp)
+++print_compliance_flags (ksba_cert_t cert, int algo, unsigned int nbits,
+++ estream_t fp)
++ {
+++ int hashalgo;
+++
++ if (gnupg_pk_is_compliant (CO_DE_VS, algo, NULL, nbits, NULL))
++- es_fputs (gnupg_status_compliance_flag (CO_DE_VS), fp);
+++ {
+++ hashalgo = gcry_md_map_name (ksba_cert_get_digest_algo (cert));
+++ if (gnupg_digest_is_compliant (CO_DE_VS, hashalgo))
+++ {
+++ es_fputs (gnupg_status_compliance_flag (CO_DE_VS), fp);
+++ }
+++ }
++ }
++
++
++@@ -526,7 +535,7 @@ list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity,
++ es_putc (':', fp); /* End of field 15. */
++ es_putc (':', fp); /* End of field 16. */
++ es_putc (':', fp); /* End of field 17. */
++- print_compliance_flags (algo, nbits, fp);
+++ print_compliance_flags (cert, algo, nbits, fp);
++ es_putc (':', fp); /* End of field 18. */
++ es_putc ('\n', fp);
++
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Fri, 1 Mar 2019 15:23:49 +0100
++Subject: sm: Print Yubikey attestation extensions with --dump-cert.
++
++* sm/keylist.c (oidtranstbl): Add Yubikey OIDs.
++(OID_FLAG_HEX): New.
++(print_hex_extn): New.
++(list_cert_raw): Make use of that flag.
++
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit 86c241a8c9a952ea8007066b70b04f435e2e483e)
++(cherry picked from commit b3c8ce9e4343f1b68b9ba94bdd71b7d8e13b139a)
++---
++ sm/keylist.c | 40 +++++++++++++++++++++++++++++++++++++---
++ 1 file changed, 37 insertions(+), 3 deletions(-)
++
++diff --git a/sm/keylist.c b/sm/keylist.c
++index 3fe75a1..6efc6bd 100644
++--- a/sm/keylist.c
+++++ b/sm/keylist.c
++@@ -84,6 +84,8 @@ struct
++ #define OID_FLAG_SKIP 1
++ /* The extension is a simple UTF8String and should be printed. */
++ #define OID_FLAG_UTF8 2
+++/* The extension can be trnted as a hex string. */
+++#define OID_FLAG_HEX 4
++
++ /* A table mapping OIDs to a descriptive string. */
++ static struct
++@@ -193,6 +195,12 @@ static struct
++ /* Extensions used by the Bundesnetzagentur. */
++ { "1.3.6.1.4.1.8301.3.5", "validityModel" },
++
+++ /* Yubikey extensions for attestation certificates. */
+++ { "1.3.6.1.4.1.41482.3.3", "yubikey-firmware-version", OID_FLAG_HEX },
+++ { "1.3.6.1.4.1.41482.3.7", "yubikey-serial-number", OID_FLAG_HEX },
+++ { "1.3.6.1.4.1.41482.3.8", "yubikey-pin-touch-policy", OID_FLAG_HEX },
+++ { "1.3.6.1.4.1.41482.3.9", "yubikey-formfactor", OID_FLAG_HEX },
+++
++ { NULL }
++ };
++
++@@ -685,6 +693,21 @@ print_utf8_extn (estream_t fp, int indent,
++ }
++
++
+++/* Print the extension described by (DER,DERLEN) in hex. */
+++static void
+++print_hex_extn (estream_t fp, int indent,
+++ const unsigned char *der, size_t derlen)
+++{
+++ if (indent < 0)
+++ indent = - indent;
+++
+++ es_fprintf (fp, "%*s(", indent, "");
+++ for (; derlen; der++, derlen--)
+++ es_fprintf (fp, "%02X%s", *der, derlen > 1? " ":"");
+++ es_fprintf (fp, ")\n");
+++}
+++
+++
++ /* List one certificate in raw mode useful to have a closer look at
++ the certificate. This one does no beautification and only minimal
++ output sanitation. It is mainly useful for debugging. */
++@@ -1022,16 +1045,27 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd,
++ if ((flag & OID_FLAG_SKIP))
++ continue;
++
++- es_fprintf (fp, " %s: %s%s%s%s [%d octets]\n",
+++ es_fprintf (fp, " %s: %s%s%s%s",
++ i? "critExtn":" extn",
++- oid, s?" (":"", s?s:"", s?")":"", (int)len);
+++ oid, s?" (":"", s?s:"", s?")":"");
++ if ((flag & OID_FLAG_UTF8))
++ {
++ if (!cert_der)
++ cert_der = ksba_cert_get_image (cert, NULL);
++- assert (cert_der);
+++ log_assert (cert_der);
+++ es_fprintf (fp, "\n");
++ print_utf8_extn_raw (fp, -15, cert_der+off, len);
++ }
+++ else if ((flag & OID_FLAG_HEX))
+++ {
+++ if (!cert_der)
+++ cert_der = ksba_cert_get_image (cert, NULL);
+++ log_assert (cert_der);
+++ es_fprintf (fp, "\n");
+++ print_hex_extn (fp, -15, cert_der+off, len);
+++ }
+++ else
+++ es_fprintf (fp, " [%d octets]\n", (int)len);
++ }
++
++
--- /dev/null
--- /dev/null
++From: NIIBE Yutaka <gniibe@fsij.org>
++Date: Thu, 21 Feb 2019 12:26:09 +0900
++Subject: tests: Add "disable-scdaemon" in gpg-agent.conf.
++
++* tests/openpgp/defs.scm: Add "disable-scdaemon". Remove
++ "scdaemon-program".
++* tests/gpgme/gpgme-defs.scm, tests/gpgsm/gpgsm-defs.scm: Likewise.
++* tests/inittests, tests/pkits/inittests: Add "disable-scdaemon"
++
++--
++
++Before this change, running "make check" accesses USB device by
++scdaemon on host computer. If there is any smartcard/token available,
++it may affect test results. Because default key choice depends on
++smartcard/token availability now and existing tests have nothing about
++testing smartcard/token, disabling scdaemon is good.
++
++Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
++(cherry picked from commit 64b7c6fd1945bc206cf56979633dfca8a7494374)
++(cherry picked from commit 150d5452318eafa6aa800ff3b87f8f8eb35ed203)
++---
++ tests/gpgme/gpgme-defs.scm | 3 +--
++ tests/gpgsm/gpgsm-defs.scm | 5 +----
++ tests/inittests | 1 +
++ tests/openpgp/defs.scm | 5 +----
++ tests/pkits/inittests | 1 +
++ 5 files changed, 5 insertions(+), 10 deletions(-)
++
++diff --git a/tests/gpgme/gpgme-defs.scm b/tests/gpgme/gpgme-defs.scm
++index 0de589f..bc40b3c 100644
++--- a/tests/gpgme/gpgme-defs.scm
+++++ b/tests/gpgme/gpgme-defs.scm
++@@ -67,8 +67,7 @@
++ (create-file
++ "gpg-agent.conf"
++ (string-append "pinentry-program " (tool 'pinentry))
++- (string-append "scdaemon-program " (tool 'scdaemon))
++- )
+++ "disable-scdaemon")
++
++ (start-agent)
++
++diff --git a/tests/gpgsm/gpgsm-defs.scm b/tests/gpgsm/gpgsm-defs.scm
++index f118642..848bc75 100644
++--- a/tests/gpgsm/gpgsm-defs.scm
+++++ b/tests/gpgsm/gpgsm-defs.scm
++@@ -67,10 +67,7 @@
++ "faked-system-time 1008241200")
++ (create-file "gpg-agent.conf"
++ (string-append "pinentry-program " (tool 'pinentry))
++- (if (assoc "scdaemon" gpg-components)
++- (string-append "scdaemon-program " (tool 'scdaemon))
++- "# No scdaemon available")
++- )
+++ "disable-scdaemon")
++ (start-agent)
++ (create-file
++ "trustlist.txt"
++diff --git a/tests/inittests b/tests/inittests
++index 6fbccfb..9090674 100755
++--- a/tests/inittests
+++++ b/tests/inittests
++@@ -85,6 +85,7 @@ EOF
++ cat > gpg-agent.conf <<EOF
++ no-grab
++ pinentry-program /home/wk/work/pinentry/gtk/pinentry-gtk
+++disable-scdaemon
++ EOF
++
++ cat > trustlist.txt <<EOF
++diff --git a/tests/openpgp/defs.scm b/tests/openpgp/defs.scm
++index 7e41d19..94c5beb 100644
++--- a/tests/openpgp/defs.scm
+++++ b/tests/openpgp/defs.scm
++@@ -355,10 +355,7 @@
++ (if (flag "--extended-key-format" *args*)
++ "enable-extended-key-format" "#enable-extended-key-format")
++ (string-append "pinentry-program " (tool 'pinentry))
++- (if (assoc "scdaemon" gpg-components)
++- (string-append "scdaemon-program " (tool 'scdaemon))
++- "# No scdaemon available")
++- ))
+++ "disable-scdaemon"))
++
++ ;; Initialize the test environment, install appropriate configuration
++ ;; and start the agent, without any keys.
++diff --git a/tests/pkits/inittests b/tests/pkits/inittests
++index 4bff0a8..deb1854 100755
++--- a/tests/pkits/inittests
+++++ b/tests/pkits/inittests
++@@ -94,6 +94,7 @@ EOF
++ # Fixme: we need to write a dummy pinentry program
++ cat > gpg-agent.conf <<EOF
++ no-grab
+++disable-scdaemon
++ EOF
++
++ # Mark the root CA trusted
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Fri, 15 Mar 2019 19:40:02 +0100
++Subject: tests: Add sample secret key w/o binding signatures.
++
++--
++
++GnuPG-bug-id: 4392
++(cherry picked from commit 8c20a363c221438373439cde8c242e04c1bd925e)
++(cherry picked from commit 61fc831885b0860e2143587b614c5a57f8c3f45f)
++---
++ tests/openpgp/samplekeys/README | 10 +++++
++ tests/openpgp/samplekeys/pgp-desktop-skr.asc | 56 ++++++++++++++++++++++++++++
++ 2 files changed, 66 insertions(+)
++ create mode 100644 tests/openpgp/samplekeys/pgp-desktop-skr.asc
++
++diff --git a/tests/openpgp/samplekeys/README b/tests/openpgp/samplekeys/README
++index 6f2399f..9f1648b 100644
++--- a/tests/openpgp/samplekeys/README
+++++ b/tests/openpgp/samplekeys/README
++@@ -14,8 +14,18 @@ whats-new-in-2.1.asc Collection of sample keys.
++ e2e-p256-1-clr.asc Google End-end-End test key (no protection)
++ e2e-p256-1-prt.asc Ditto, but protected with passphrase "a".
++ E657FB607BB4F21C90BB6651BC067AF28BC90111.asc Key with subkeys (no protection)
+++pgp-desktop-skr.asc Secret key with subkeys w/o signatures
++ rsa-rsa-sample-1.asc RSA+RSA sample key (no passphrase)
++ ed25519-cv25519-sample-1.asc Ed25519+CV25519 sample key (no passphrase)
++ silent-running.asc Collection of sample secret keys (no passphrases)
++ rsa-primary-auth-only.pub.asc rsa2408 primary only, usage: cert,auth
++ rsa-primary-auth-only.sec.asc Ditto but the secret keyblock.
+++
+++
+++Notes:
+++
+++- pgp-desktop-skr.asc is a secret keyblock without the uid and subkey
+++ binding signatures. When exporting a secret key from PGP desktop
+++ such a file is created which is then directly followed by a separate
+++ armored public key block. To create such a sample concatenate
+++ pgp-desktop-skr.asc and E657FB607BB4F21C90BB6651BC067AF28BC90111.asc
++diff --git a/tests/openpgp/samplekeys/pgp-desktop-skr.asc b/tests/openpgp/samplekeys/pgp-desktop-skr.asc
++new file mode 100644
++index 0000000..58f384c
++--- /dev/null
+++++ b/tests/openpgp/samplekeys/pgp-desktop-skr.asc
++@@ -0,0 +1,56 @@
+++-----BEGIN PGP PRIVATE KEY BLOCK-----
+++Version: Made up as if from PGP Encryption Desktop 10.3.2
+++
+++lQHYBFZfWcgBBAC+RQIbTFhpMiRmJPB3XAJQXxpDb5h2sEaNJ/MLIHwPNs+jNgDb
+++144BrIOD1G56xAYhKYVDphFIg2wCiB019mYq7yNUyn/aZFBHqd5xbg4qR212cAjw
+++HpBqP9yUEm333RFqFdytcbXd9rSfvZOlFvGZRSxjgpGlsJGbjitH0ABY+wARAQAB
+++AAP+IvI/yc3C60dXYh9kvzd6AVMGWt5zTVFhE+oDfMaxooW5q0tu6vHzViFeYmcx
+++B4FbctnSbTNiN0RUIT7oxpGEAAumKRejGAaMwiKZz3bMV05l0LI0Yn10GzXsLtRx
++++iKzpUxThZETRU43BJeMqP5/rVqdQAu47pClgTwQWn6bXNkCANe2+XwJgMv9D72p
+++kMLIi0TmPtfjBFV6f3f190N6m5gCCwstzvKqcNQ7NqNdbLHo/HKCmdGzlzCajbNu
+++1nLJYoUCAOHNiNhWU/IEC5fRNyxfE5AQAmc7Bm/7d5gVIWDUjWe1ukfwJGQESyNy
+++GTraOcYQa8X0GskSEktjwZN/dM9yZX8B/02prLprc1+8GjTM7q7ePJJbiOWcvYrB
+++qcHhqadU/uC/g4lzDAG4RVutIHaqqOPr85J9jPzP/AT6ygsNU5Q5902gYbQjQmFy
+++cmV0dCBCcm93biA8YmFycmV0dEBleGFtcGxlLm9yZz6dAdgEVl9ZyAEEAMfR5EvR
+++HsEQXjKwf+LvMD2qXZerKRJYv+Ok6O1nJgYZrxGSXRtGUGrWDb4JERKjmnbIHePa
+++J42GgpAUibaya0lDkvjKOehX/+dno06Bcn7mbOistFBpvbbyhCcN2mYhjQGeT8r6
+++fiX/sSw8L49MRxwI/JRBITkqyKxr6uMsf/p1ABEBAAEAA/wN9hFQZs0SSjV6rzBQ
+++R8wEEvo1FaVp/b9yhVws8i8K8BJ2VNaiiDgoLsqJA5MozTuGnxbPi7eFwOcwb+7r
+++T+4E8c8cJlOFiWkYtUyFDAjjo1m0xxFI0GnWuEnl238URxIW+x4k6Bx7g8P/3psH
+++f5x1ue8pxYzudxEuPTBV8HMp4QIA2p74/ZJafVJAIDcEcbMDoIhTpRgbMyeHaQmR
+++81gwo2FHd3hlonspwJ37r3LRk2jMgecU+0cK7p7W4HkYD6Xo2QIA6fv/DFn2WVRA
+++ODQVQQGGxsvO2cM847IFJu96BbbxOLaZJ536RE980c2a9q/9B4hOYzKV4B4NI03u
+++5/BqoOY8/QH/ZIvWN1fksXhQMypVTLg8R81igqS3GXKmQ+KrVEfTIHnXKxH7tyfD
+++eJSS6nfpfARhAe2mP3TIrbjX+9PR+Qmkg6GqnQHYBFZfWusBBACoJjGH5zSYYpWQ
+++1EuJJ7X2tJs6AtUlwvp0fUSdrA7qSXLKkhusOibsM01OWntMyXBD5SwpuZPyPCRT
+++Tz9rCDpb1arksIAFRK1itVzAkmV/eniUGu7QFJGVoq4iyWmTk+jB+PaU9dfqjV5E
+++eyfGT0VMP4wZxaSF8v0cX5Gry89yJwARAQABAAP+NPUmd199hJrT8TOzgIRlvkfe
+++dZRLziNM3yBO2nvEjMxKH3uJxKHh/VUg/VLo72On/HIyiQeeDVYcuLJGTm7edegk
+++/9C85hT5K4VUF9+LXXDX1Vz/jQdZxq+JwUE/AdlAEC9fkFQzc0ftI832mgjROASw
+++MVphqYUQERz00ve+NDUCAMmgeUzmQB+ZDcdCzKQfZChafEDqZNpqIKfhcg8SytcK
+++LA5uLBYGPcj7DY5NZuh3PFaV3EGxpjJUIzdspHp6V0UCANV+jbkookz+pUHAKp6D
+++wt+yxOj1HqKIRdOYVaEaLTpvv7CHL3u2a4FQbxCxK6umVPH1HglEKDHNs7UBB8gv
+++tHsB/Rzk2o5+LyWT18v6ubDVoUO6WQx3iXJakorJrSML7gld8DAEDCFK/jlk5Rhz
+++gmGvBZwZ+z2xOk3rxnQxBPAkHHyb8p0B2ARWX1uVAQQA5Hj2C3jzD8OGtLaw7+P2
+++gYdAfR4s4YS3/AK+kYYtbm5EX4srysyUbylbQDQXUvRzw4FPkjXbboF6KjHw8icN
+++WHCazwSfPTfCDvi0JIildkfNqwBzCmNDRn++X8rvAeDCEJ/BtfcgfgmDTElSJOd+
+++3B4XwnmtnBW54KlR42PLobsAEQEAAQAD+gJL6SGioplwMH9xtZtZ5fixAynaOeYK
+++LK8vF06EGpL3Xl8lHqwpKZU0tbmsfLJjkFL6yD2L750Ge0vcLj5YtxVh+pfzvtgo
+++HbYvfcU0j3iUQXgrn9r792wILv9LcgfDGYEUTPY+TSQnhju6OA8EYFJC1l9vkeae
+++HWiNi0VH5leBAgDr3h6mXHrLT4qSNexzz8BAvK/PlHMAMAJcy76lXSkl92+c4Bcp
+++jFDr5Vpaq/VXoLC4L/IlnEEqY967pAycdLH7AgD3+UB/qEnh0dDq7HkEfwMiarY6
+++Nb6wre0jPN/p+lWQ+MO6o5iJ2b44vZIUIlrKZJZ1WraBBhuRx1Fd0YpUlYNBAf41
+++4cEsS5z9Vf6HeJ87WPIyWH72dmwcuRDNTKLYeetcnbbhyO+BzfXbC+0FAxTIsBFa
+++4S4xUwDBah+Nf4ZlcvPSop+dAdgEVl9unAEEAOnl30hwc47rLL9QH6g0TX1BEPdW
+++MV4Ou6+rQOErIMAr1AOlUzpjwJllvQqf2OHnQWaTr9kbNLn7XUEUhjkH3uHDYMHM
+++dyAb7YJrk3ECDqnmr34VV/F/H5BH7D6AiFktl1SpUTczPxBxvPNlJ4joPmTm+ahf
+++g+zL+4pVu6tIhM0LABEBAAEAA/9fHMTxVhkHswZdPZ3B7pLcLktR6NDmaKNVyhP1
+++/G2y95+dY+s2QT4eosp+uYWeR0XHCqNla7TDND41qrzyEAtHiAF3OoydMK4lb0lq
+++fKORRI4tr017wgMxRBLs82Gk5ehtI7AwSca7WvaoAJwKZp42th4MOeykeGRRMagJ
+++I420QQIA8zdj89HUQ9tIRyhenoqgGWGmYZgO6SlrloxwlVzvbOsxn59A7PpE0CZb
+++TsVPwFCwEzf3316k7V0oqa8TVL8J2wIA9jEY4AFhxY6kmffl5KiKwHThC06BPk6k
+++CX90tt5on5iH0q2tjrAt/+ZfTcWAT5huQh9OZ4Hq0N/hFhtcJjIokQH+OcGoGiG3
+++pNBeU0bZqnVZNcHhJP9F13chv5jSAOJf6rfyx3HbgTeOqh2BCpyocgzAgQ8JUkX+
+++OeRRvDotcfiTGKBc
+++=VlTT
+++-----END PGP PRIVATE KEY BLOCK-----
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Tue, 26 Mar 2019 09:02:19 +0100
++Subject: agent: Allow other ssh fingerprint algos in KEYINFO.
++
++* agent/command.c (cmd_keyinfo): Allow for --ssh-fpr=ALGO. Default to
++the standard algo.
++
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit 1c2fa8b6d747aa171bfef35a50754893aa80a562)
++---
++ agent/command.c | 24 ++++++++++++++++++++----
++ 1 file changed, 20 insertions(+), 4 deletions(-)
++
++diff --git a/agent/command.c b/agent/command.c
++index 50385b8..41fb394 100644
++--- a/agent/command.c
+++++ b/agent/command.c
++@@ -1048,7 +1048,7 @@ cmd_readkey (assuan_context_t ctx, char *line)
++
++ \f
++ static const char hlp_keyinfo[] =
++- "KEYINFO [--[ssh-]list] [--data] [--ssh-fpr] [--with-ssh] <keygrip>\n"
+++ "KEYINFO [--[ssh-]list] [--data] [--ssh-fpr[=algo]] [--with-ssh] <keygrip>\n"
++ "\n"
++ "Return information about the key specified by the KEYGRIP. If the\n"
++ "key is not available GPG_ERR_NOT_FOUND is returned. If the option\n"
++@@ -1084,7 +1084,9 @@ static const char hlp_keyinfo[] =
++ " '-' - Unknown protection.\n"
++ "\n"
++ "FPR returns the formatted ssh-style fingerprint of the key. It is only\n"
++- " printed if the option --ssh-fpr has been used. It defaults to '-'.\n"
+++ " printed if the option --ssh-fpr has been used. If ALGO is not given\n"
+++ " to that option the default ssh fingerprint algo is used. Without the\n"
+++ " option a '-' is printed.\n"
++ "\n"
++ "TTL is the TTL in seconds for that key or '-' if n/a.\n"
++ "\n"
++@@ -1171,7 +1173,7 @@ do_one_keyinfo (ctrl_t ctrl, const unsigned char *grip, assuan_context_t ctx,
++
++ if (!agent_raw_key_from_file (ctrl, grip, &key))
++ {
++- ssh_get_fingerprint_string (key, GCRY_MD_MD5, &fpr);
+++ ssh_get_fingerprint_string (key, with_ssh_fpr, &fpr);
++ gcry_sexp_release (key);
++ }
++ }
++@@ -1252,7 +1254,21 @@ cmd_keyinfo (assuan_context_t ctx, char *line)
++ else
++ list_mode = has_option (line, "--list");
++ opt_data = has_option (line, "--data");
++- opt_ssh_fpr = has_option (line, "--ssh-fpr");
+++
+++ if (has_option_name (line, "--ssh-fpr"))
+++ {
+++ if (has_option (line, "--ssh-fpr=md5"))
+++ opt_ssh_fpr = GCRY_MD_MD5;
+++ else if (has_option (line, "--ssh-fpr=sha1"))
+++ opt_ssh_fpr = GCRY_MD_SHA1;
+++ else if (has_option (line, "--ssh-fpr=sha256"))
+++ opt_ssh_fpr = GCRY_MD_SHA256;
+++ else
+++ opt_ssh_fpr = opt.ssh_fingerprint_digest;
+++ }
+++ else
+++ opt_ssh_fpr = 0;
+++
++ opt_with_ssh = has_option (line, "--with-ssh");
++ line = skip_options (line);
++
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Mon, 25 Mar 2019 14:47:31 +0100
++Subject: doc: Clarify option --no-keyring.
++
++--
++GnuPG-bug-id: 4424
++
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit 7a38af6a1015a7a0b47502850cf3bfd60d61ee56)
++---
++ doc/gpg.texi | 3 ++-
++ 1 file changed, 2 insertions(+), 1 deletion(-)
++
++diff --git a/doc/gpg.texi b/doc/gpg.texi
++index b6eda9d..22813c7 100644
++--- a/doc/gpg.texi
+++++ b/doc/gpg.texi
++@@ -3230,7 +3230,8 @@ secret keyrings.
++
++ @item --no-keyring
++ @opindex no-keyring
++-Do not add use any keyrings even if specified as options.
+++Do not use any keyring at all. This overrides the default and all
+++options which specify keyrings.
++
++ @item --skip-verify
++ @opindex skip-verify
--- /dev/null
--- /dev/null
++From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Date: Fri, 22 Mar 2019 23:49:03 +0100
++Subject: doc: fix formatting error
++
++Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++(cherry picked from commit 93782de23fe45e7f7f86140fda6de39395c3a9d8)
++---
++ doc/gpg.texi | 3 ++-
++ 1 file changed, 2 insertions(+), 1 deletion(-)
++
++diff --git a/doc/gpg.texi b/doc/gpg.texi
++index 1597f9e..b6eda9d 100644
++--- a/doc/gpg.texi
+++++ b/doc/gpg.texi
++@@ -2320,7 +2320,8 @@ opposite meaning. The options are:
++ on the keyring. This option is the same as running the @option{--edit-key}
++ command "clean" after import. Defaults to no.
++
++- @item repair-keys. After import, fix various problems with the
+++ @item repair-keys
+++ After import, fix various problems with the
++ keys. For example, this reorders signatures, and strips duplicate
++ signatures. Defaults to yes.
++
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Tue, 26 Mar 2019 13:31:06 +0100
++Subject: sm: Allow decryption even if expired other keys are configured.
++
++* sm/gpgsm.c (main): Add special handling for bad keys in decrypt
++mode.
++--
++
++The problem can easily be tested by adding --encrypt-to EXPIRED_KEY to
++a decryption command. With that patch the errors are printed but
++decryption continues and the process returns success unless other
++errors occur.
++
++GnuPG-bug-id: 4431
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit 30972d21824264aef2088d30b4f2e5ce3aca889e)
++---
++ sm/gpgsm.c | 11 +++++++++++
++ 1 file changed, 11 insertions(+)
++
++diff --git a/sm/gpgsm.c b/sm/gpgsm.c
++index 52f26e2..598caa2 100644
++--- a/sm/gpgsm.c
+++++ b/sm/gpgsm.c
++@@ -1732,6 +1732,8 @@ main ( int argc, char **argv)
++
++ if (!do_not_setup_keys)
++ {
+++ int errcount = log_get_errorcount (0);
+++
++ for (sl = locusr; sl ; sl = sl->next)
++ {
++ int rc = gpgsm_add_to_certlist (&ctrl, sl->d, 1, &signerlist, 0);
++@@ -1760,6 +1762,15 @@ main ( int argc, char **argv)
++ if ((sl->flags & 1))
++ do_add_recipient (&ctrl, sl->d, &recplist, 1, recp_required);
++ }
+++
+++ /* We do not require a recipient for decryption but because
+++ * recipients and signers are always checked and log_error is
+++ * sometimes used (for failed signing keys or due to a failed
+++ * CRL checking) that would have bumbed up the error counter.
+++ * We clear the counter in the decryption case because there is
+++ * no reason to force decryption to fail. */
+++ if (cmd == aDecrypt && !errcount)
+++ log_get_errorcount (1); /* clear counter */
++ }
++
++ if (log_get_errorcount(0))
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Fri, 22 Mar 2019 11:40:01 +0100
++Subject: wkd: New command --print-wkd-hash for gpg-wks-client.
++
++* tools/gpg-wks-client.c (aPrintWKDHash): New.
++(opts) : Add "--print-wkd-hash".
++(main): Implement that command.
++(proc_userid_from_stdin): New.
++* tools/wks-util.c (wks_fname_from_userid): Add option HASH_ONLY.
++(wks_cmd_print_wkd_hash): New.
++--
++
++GnuPG-bug-id: 4418
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit 64621f1f40c31c7f453da98efb860ff8cf11edbc)
++---
++ doc/wks.texi | 4 +++
++ tools/gpg-wks-client.c | 85 ++++++++++++++++++++++++++++++++++++++++++++++++--
++ tools/gpg-wks-server.c | 2 +-
++ tools/gpg-wks.h | 3 +-
++ tools/wks-util.c | 47 +++++++++++++++++++++++-----
++ 5 files changed, 129 insertions(+), 12 deletions(-)
++
++diff --git a/doc/wks.texi b/doc/wks.texi
++index 5fe2a33..0c8a59a 100644
++--- a/doc/wks.texi
+++++ b/doc/wks.texi
++@@ -101,6 +101,10 @@ fingerprint and the mailbox separated by a space. The command
++ @option{--remove-key} removes a key from that directory, its only
++ argument is a user-id.
++
+++The command @option{--print-wkd-hash} prints a WKD user id identifier
+++and the corresponding mailbox from the user-ids given on the command
+++line or via stdin (one user-id per line).
+++
++ @command{gpg-wks-client} is not commonly invoked directly and thus it
++ is not installed in the bin directory. Here is an example how it can
++ be invoked manually to check for a Web Key Directory entry for
++diff --git a/tools/gpg-wks-client.c b/tools/gpg-wks-client.c
++index 78e4fe4..f1750bf 100644
++--- a/tools/gpg-wks-client.c
+++++ b/tools/gpg-wks-client.c
++@@ -61,6 +61,7 @@ enum cmd_and_opt_values
++ aRead,
++ aInstallKey,
++ aRemoveKey,
+++ aPrintWKDHash,
++
++ oGpgProgram,
++ oSend,
++@@ -90,6 +91,8 @@ static ARGPARSE_OPTS opts[] = {
++ "install a key into a directory"),
++ ARGPARSE_c (aRemoveKey, "remove-key",
++ "remove a key from a directory"),
+++ ARGPARSE_c (aPrintWKDHash, "print-wkd-hash",
+++ "Print the WKD identifier for the given user ids"),
++
++ ARGPARSE_group (301, ("@\nOptions:\n ")),
++
++@@ -129,6 +132,8 @@ const char *fake_submission_addr;
++
++
++ static void wrong_args (const char *text) GPGRT_ATTR_NORETURN;
+++static gpg_error_t proc_userid_from_stdin (gpg_error_t (*func)(const char *),
+++ const char *text);
++ static gpg_error_t command_supported (char *userid);
++ static gpg_error_t command_check (char *userid);
++ static gpg_error_t command_send (const char *fingerprint, const char *userid);
++@@ -230,6 +235,7 @@ parse_arguments (ARGPARSE_ARGS *pargs, ARGPARSE_OPTS *popts)
++ case aCheck:
++ case aInstallKey:
++ case aRemoveKey:
+++ case aPrintWKDHash:
++ cmd = pargs->r_opt;
++ break;
++
++@@ -246,7 +252,7 @@ parse_arguments (ARGPARSE_ARGS *pargs, ARGPARSE_OPTS *popts)
++ int
++ main (int argc, char **argv)
++ {
++- gpg_error_t err;
+++ gpg_error_t err, delayed_err;
++ ARGPARSE_ARGS pargs;
++ enum cmd_and_opt_values cmd;
++
++@@ -377,6 +383,28 @@ main (int argc, char **argv)
++ err = wks_cmd_remove_key (*argv);
++ break;
++
+++ case aPrintWKDHash:
+++ if (!argc)
+++ err = proc_userid_from_stdin (wks_cmd_print_wkd_hash, "printing hash");
+++ else
+++ {
+++ for (err = delayed_err = 0; !err && argc; argc--, argv++)
+++ {
+++ err = wks_cmd_print_wkd_hash (*argv);
+++ if (gpg_err_code (err) == GPG_ERR_INV_USER_ID)
+++ {
+++ /* Diagnostic already printed. */
+++ delayed_err = err;
+++ err = 0;
+++ }
+++ else if (err)
+++ log_error ("printing hash failed: %s\n", gpg_strerror (err));
+++ }
+++ if (!err)
+++ err = delayed_err;
+++ }
+++ break;
+++
++ default:
++ usage (1);
++ err = 0;
++@@ -390,10 +418,63 @@ main (int argc, char **argv)
++ wks_write_status (STATUS_FAILURE, "- %u", GPG_ERR_GENERAL);
++ else
++ wks_write_status (STATUS_SUCCESS, NULL);
++- return log_get_errorcount (0)? 1:0;
+++ return (err || log_get_errorcount (0))? 1:0;
++ }
++
++
+++/* Read user ids from stdin and call FUNC for each user id. TEXT is
+++ * used for error messages. */
+++static gpg_error_t
+++proc_userid_from_stdin (gpg_error_t (*func)(const char *), const char *text)
+++{
+++ gpg_error_t err = 0;
+++ gpg_error_t delayed_err = 0;
+++ char line[2048];
+++ size_t n = 0;
+++
+++ /* If we are on a terminal disable buffering to get direct response. */
+++ if (gnupg_isatty (es_fileno (es_stdin))
+++ && gnupg_isatty (es_fileno (es_stdout)))
+++ {
+++ es_setvbuf (es_stdin, NULL, _IONBF, 0);
+++ es_setvbuf (es_stdout, NULL, _IOLBF, 0);
+++ }
+++
+++ while (es_fgets (line, sizeof line - 1, es_stdin))
+++ {
+++ n = strlen (line);
+++ if (!n || line[n-1] != '\n')
+++ {
+++ err = gpg_error (*line? GPG_ERR_LINE_TOO_LONG
+++ : GPG_ERR_INCOMPLETE_LINE);
+++ log_error ("error reading stdin: %s\n", gpg_strerror (err));
+++ break;
+++ }
+++ trim_spaces (line);
+++ err = func (line);
+++ if (gpg_err_code (err) == GPG_ERR_INV_USER_ID)
+++ {
+++ delayed_err = err;
+++ err = 0;
+++ }
+++ else if (err)
+++ log_error ("%s failed: %s\n", text, gpg_strerror (err));
+++ }
+++ if (es_ferror (es_stdin))
+++ {
+++ err = gpg_error_from_syserror ();
+++ log_error ("error reading stdin: %s\n", gpg_strerror (err));
+++ goto leave;
+++ }
+++
+++ leave:
+++ if (!err)
+++ err = delayed_err;
+++ return err;
+++}
+++
+++
+++
++ \f
++ /* Add the user id UID to the key identified by FINGERPRINT. */
++ static gpg_error_t
++diff --git a/tools/gpg-wks-server.c b/tools/gpg-wks-server.c
++index f83ef65..2082fb8 100644
++--- a/tools/gpg-wks-server.c
+++++ b/tools/gpg-wks-server.c
++@@ -1939,7 +1939,7 @@ command_check_key (const char *userid)
++ char *addrspec = NULL;
++ char *fname = NULL;
++
++- err = wks_fname_from_userid (userid, &fname, &addrspec);
+++ err = wks_fname_from_userid (userid, 0, &fname, &addrspec);
++ if (err)
++ goto leave;
++
++diff --git a/tools/gpg-wks.h b/tools/gpg-wks.h
++index e369430..99969c1 100644
++--- a/tools/gpg-wks.h
+++++ b/tools/gpg-wks.h
++@@ -98,11 +98,12 @@ gpg_error_t wks_parse_policy (policy_flags_t flags, estream_t stream,
++ int ignore_unknown);
++ void wks_free_policy (policy_flags_t policy);
++
++-gpg_error_t wks_fname_from_userid (const char *userid,
+++gpg_error_t wks_fname_from_userid (const char *userid, int hash_only,
++ char **r_fname, char **r_addrspec);
++ gpg_error_t wks_compute_hu_fname (char **r_fname, const char *addrspec);
++ gpg_error_t wks_cmd_install_key (const char *fname, const char *userid);
++ gpg_error_t wks_cmd_remove_key (const char *userid);
+++gpg_error_t wks_cmd_print_wkd_hash (const char *userid);
++
++
++ /*-- wks-receive.c --*/
++diff --git a/tools/wks-util.c b/tools/wks-util.c
++index 3e48709..fee46d6 100644
++--- a/tools/wks-util.c
+++++ b/tools/wks-util.c
++@@ -749,9 +749,12 @@ write_to_file (estream_t src, const char *fname)
++
++
++ /* Return the filename and optionally the addrspec for USERID at
++- * R_FNAME and R_ADDRSPEC. R_ADDRSPEC might also be set on error. */
+++ * R_FNAME and R_ADDRSPEC. R_ADDRSPEC might also be set on error. If
+++ * HASH_ONLY is set only the has is returned at R_FNAME and no file is
+++ * created. */
++ gpg_error_t
++-wks_fname_from_userid (const char *userid, char **r_fname, char **r_addrspec)
+++wks_fname_from_userid (const char *userid, int hash_only,
+++ char **r_fname, char **r_addrspec)
++ {
++ gpg_error_t err;
++ char *addrspec = NULL;
++@@ -767,7 +770,7 @@ wks_fname_from_userid (const char *userid, char **r_fname, char **r_addrspec)
++ addrspec = mailbox_from_userid (userid);
++ if (!addrspec)
++ {
++- if (opt.verbose)
+++ if (opt.verbose || hash_only)
++ log_info ("\"%s\" is not a proper mail address\n", userid);
++ err = gpg_error (GPG_ERR_INV_USER_ID);
++ goto leave;
++@@ -788,11 +791,20 @@ wks_fname_from_userid (const char *userid, char **r_fname, char **r_addrspec)
++ goto leave;
++ }
++
++- *r_fname = make_filename_try (opt.directory, domain, "hu", hash, NULL);
++- if (!*r_fname)
++- err = gpg_error_from_syserror ();
+++ if (hash_only)
+++ {
+++ *r_fname = hash;
+++ hash = NULL;
+++ err = 0;
+++ }
++ else
++- err = 0;
+++ {
+++ *r_fname = make_filename_try (opt.directory, domain, "hu", hash, NULL);
+++ if (!*r_fname)
+++ err = gpg_error_from_syserror ();
+++ else
+++ err = 0;
+++ }
++
++ leave:
++ if (r_addrspec && addrspec)
++@@ -1062,7 +1074,7 @@ wks_cmd_remove_key (const char *userid)
++ char *addrspec = NULL;
++ char *fname = NULL;
++
++- err = wks_fname_from_userid (userid, &fname, &addrspec);
+++ err = wks_fname_from_userid (userid, 0, &fname, &addrspec);
++ if (err)
++ goto leave;
++
++@@ -1090,3 +1102,22 @@ wks_cmd_remove_key (const char *userid)
++ xfree (addrspec);
++ return err;
++ }
+++
+++
+++/* Print the WKD hash for the user ids to stdout. */
+++gpg_error_t
+++wks_cmd_print_wkd_hash (const char *userid)
+++{
+++ gpg_error_t err;
+++ char *addrspec, *fname;
+++
+++ err = wks_fname_from_userid (userid, 1, &fname, &addrspec);
+++ if (err)
+++ return err;
+++
+++ es_printf ("%s %s\n", fname, addrspec);
+++
+++ xfree (fname);
+++ xfree (addrspec);
+++ return err;
+++}
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Mon, 25 Mar 2019 15:13:59 +0100
++Subject: wkd: New command --print-wkd-url for gpg-wks-client.
++
++* tools/gpg-wks-client.c (aPrintWKDURL): New.
++(opts): Add option.
++(main): Implement.
++* tools/wks-util.c (wks_cmd_print_wkd_url): New.
++
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit 2f3eebf1865a85f8c09a1c052513260ed55acec6)
++---
++ doc/wks.texi | 8 ++++++--
++ tools/gpg-wks-client.c | 19 +++++++++++++++++--
++ tools/gpg-wks.h | 1 +
++ tools/wks-util.c | 27 ++++++++++++++++++++++++++-
++ 4 files changed, 50 insertions(+), 5 deletions(-)
++
++diff --git a/doc/wks.texi b/doc/wks.texi
++index 0c8a59a..ced418a 100644
++--- a/doc/wks.texi
+++++ b/doc/wks.texi
++@@ -101,10 +101,14 @@ fingerprint and the mailbox separated by a space. The command
++ @option{--remove-key} removes a key from that directory, its only
++ argument is a user-id.
++
++-The command @option{--print-wkd-hash} prints a WKD user id identifier
++-and the corresponding mailbox from the user-ids given on the command
+++The command @option{--print-wkd-hash} prints the WKD user-id identifiers
+++and the corresponding mailboxes from the user-ids given on the command
++ line or via stdin (one user-id per line).
++
+++The command @option{--print-wkd-url} prints the URLs used to fetch the
+++key for the given user-ids from WKD. The meanwhile preferred format
+++with sub-domains is used here.
+++
++ @command{gpg-wks-client} is not commonly invoked directly and thus it
++ is not installed in the bin directory. Here is an example how it can
++ be invoked manually to check for a Web Key Directory entry for
++diff --git a/tools/gpg-wks-client.c b/tools/gpg-wks-client.c
++index f1750bf..050c8aa 100644
++--- a/tools/gpg-wks-client.c
+++++ b/tools/gpg-wks-client.c
++@@ -62,6 +62,7 @@ enum cmd_and_opt_values
++ aInstallKey,
++ aRemoveKey,
++ aPrintWKDHash,
+++ aPrintWKDURL,
++
++ oGpgProgram,
++ oSend,
++@@ -93,6 +94,8 @@ static ARGPARSE_OPTS opts[] = {
++ "remove a key from a directory"),
++ ARGPARSE_c (aPrintWKDHash, "print-wkd-hash",
++ "Print the WKD identifier for the given user ids"),
+++ ARGPARSE_c (aPrintWKDURL, "print-wkd-url",
+++ "Print the WKD URL for the given user id"),
++
++ ARGPARSE_group (301, ("@\nOptions:\n ")),
++
++@@ -236,6 +239,7 @@ parse_arguments (ARGPARSE_ARGS *pargs, ARGPARSE_OPTS *popts)
++ case aInstallKey:
++ case aRemoveKey:
++ case aPrintWKDHash:
+++ case aPrintWKDURL:
++ cmd = pargs->r_opt;
++ break;
++
++@@ -384,13 +388,24 @@ main (int argc, char **argv)
++ break;
++
++ case aPrintWKDHash:
+++ case aPrintWKDURL:
++ if (!argc)
++- err = proc_userid_from_stdin (wks_cmd_print_wkd_hash, "printing hash");
+++ {
+++ if (cmd == aPrintWKDHash)
+++ err = proc_userid_from_stdin (wks_cmd_print_wkd_hash,
+++ "printing WKD hash");
+++ else
+++ err = proc_userid_from_stdin (wks_cmd_print_wkd_url,
+++ "printing WKD URL");
+++ }
++ else
++ {
++ for (err = delayed_err = 0; !err && argc; argc--, argv++)
++ {
++- err = wks_cmd_print_wkd_hash (*argv);
+++ if (cmd == aPrintWKDHash)
+++ err = wks_cmd_print_wkd_hash (*argv);
+++ else
+++ err = wks_cmd_print_wkd_url (*argv);
++ if (gpg_err_code (err) == GPG_ERR_INV_USER_ID)
++ {
++ /* Diagnostic already printed. */
++diff --git a/tools/gpg-wks.h b/tools/gpg-wks.h
++index 99969c1..9acd7c3 100644
++--- a/tools/gpg-wks.h
+++++ b/tools/gpg-wks.h
++@@ -104,6 +104,7 @@ gpg_error_t wks_compute_hu_fname (char **r_fname, const char *addrspec);
++ gpg_error_t wks_cmd_install_key (const char *fname, const char *userid);
++ gpg_error_t wks_cmd_remove_key (const char *userid);
++ gpg_error_t wks_cmd_print_wkd_hash (const char *userid);
+++gpg_error_t wks_cmd_print_wkd_url (const char *userid);
++
++
++ /*-- wks-receive.c --*/
++diff --git a/tools/wks-util.c b/tools/wks-util.c
++index fee46d6..29e9248 100644
++--- a/tools/wks-util.c
+++++ b/tools/wks-util.c
++@@ -1104,7 +1104,7 @@ wks_cmd_remove_key (const char *userid)
++ }
++
++
++-/* Print the WKD hash for the user ids to stdout. */
+++/* Print the WKD hash for the user id to stdout. */
++ gpg_error_t
++ wks_cmd_print_wkd_hash (const char *userid)
++ {
++@@ -1121,3 +1121,28 @@ wks_cmd_print_wkd_hash (const char *userid)
++ xfree (addrspec);
++ return err;
++ }
+++
+++
+++/* Print the WKD URL for the user id to stdout. */
+++gpg_error_t
+++wks_cmd_print_wkd_url (const char *userid)
+++{
+++ gpg_error_t err;
+++ char *addrspec, *fname;
+++ char *domain;
+++
+++ err = wks_fname_from_userid (userid, 1, &fname, &addrspec);
+++ if (err)
+++ return err;
+++
+++ domain = strchr (addrspec, '@');
+++ if (domain)
+++ *domain++ = 0;
+++
+++ es_printf ("https://openpgpkey.%s/.well-known/openpgpkey/%s/hu/%s?l=%s\n",
+++ domain, domain, fname, addrspec);
+++
+++ xfree (fname);
+++ xfree (addrspec);
+++ return err;
+++}
--- /dev/null
--- /dev/null
++From: NIIBE Yutaka <gniibe@fsij.org>
++Date: Tue, 21 May 2019 15:50:28 +0900
++Subject: agent: For SSH key, don't put NUL-byte at the end.
++
++* agent/command-ssh.c (ssh_key_to_protected_buffer): Update
++the length by the second call of gcry_sexp_sprint.
++
++--
++
++GnuPG-bug-id: 4502
++Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
++(cherry picked from commit 6e39541f4f488fe59eac399bad18c465f373a784)
++---
++ agent/command-ssh.c | 4 ++--
++ 1 file changed, 2 insertions(+), 2 deletions(-)
++
++diff --git a/agent/command-ssh.c b/agent/command-ssh.c
++index 9255830..ce621f7 100644
++--- a/agent/command-ssh.c
+++++ b/agent/command-ssh.c
++@@ -3033,8 +3033,8 @@ ssh_key_to_protected_buffer (gcry_sexp_t key, const char *passphrase,
++ goto out;
++ }
++
++- gcry_sexp_sprint (key, GCRYSEXP_FMT_CANON, buffer_new, buffer_new_n);
++- /* FIXME: guarantee? */
+++ buffer_new_n = gcry_sexp_sprint (key, GCRYSEXP_FMT_CANON,
+++ buffer_new, buffer_new_n);
++
++ if (*passphrase)
++ err = agent_protect (buffer_new, passphrase, buffer, buffer_n, 0, -1);
--- /dev/null
--- /dev/null
++From: NIIBE Yutaka <gniibe@fsij.org>
++Date: Thu, 23 May 2019 10:15:18 +0900
++Subject: agent: Stop scdaemon after reload when disable_scdaemon.
++
++* agent/call-scd.c (agent_card_killscd): New.
++* agent/gpg-agent.c (agent_sighup_action): Call agent_card_killscd.
++
++--
++
++GnuPG-bug-id: 4326
++Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
++(cherry picked from commit 9ccdd59e4e1e0b0e3b03b288f52f3c71e86a04dd)
++---
++ agent/agent.h | 1 +
++ agent/call-scd.c | 9 +++++++++
++ agent/gpg-agent.c | 3 +++
++ 3 files changed, 13 insertions(+)
++
++diff --git a/agent/agent.h b/agent/agent.h
++index b07ea57..f047757 100644
++--- a/agent/agent.h
+++++ b/agent/agent.h
++@@ -598,6 +598,7 @@ int agent_card_scd (ctrl_t ctrl, const char *cmdline,
++ int (*getpin_cb)(void *, const char *,
++ const char *, char*, size_t),
++ void *getpin_cb_arg, void *assuan_context);
+++void agent_card_killscd (void);
++
++
++ /*-- learncard.c --*/
++diff --git a/agent/call-scd.c b/agent/call-scd.c
++index e852c0d..ee69bb4 100644
++--- a/agent/call-scd.c
+++++ b/agent/call-scd.c
++@@ -1326,3 +1326,12 @@ agent_card_scd (ctrl_t ctrl, const char *cmdline,
++
++ return unlock_scd (ctrl, 0);
++ }
+++
+++void
+++agent_card_killscd (void)
+++{
+++ if (primary_scd_ctx == NULL)
+++ return;
+++ assuan_transact (primary_scd_ctx, "KILLSCD",
+++ NULL, NULL, NULL, NULL, NULL, NULL);
+++}
++diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
++index d68b5ad..16aa0d4 100644
++--- a/agent/gpg-agent.c
+++++ b/agent/gpg-agent.c
++@@ -2452,6 +2452,9 @@ agent_sighup_action (void)
++ "pinentry" binary that one can be used in case the
++ "pinentry-basic" fallback was in use. */
++ gnupg_module_name_flush_some ();
+++
+++ if (opt.disable_scdaemon)
+++ agent_card_killscd ();
++ }
++
++
--- /dev/null
--- /dev/null
++From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Date: Tue, 14 May 2019 00:05:42 -0400
++Subject: agent: correct length for uri and comment on 64-bit big-endian
++ platforms
++
++* agent/findkey.c (agent_public_key_from_file): pass size_t as int to
++gcry_sexp_build_array's %b.
++
++--
++
++This is only a problem on big-endian systems where size_t is not the
++same size as an int. It was causing failures on debian's s390x,
++powerpc64, and sparc64 platforms.
++
++There may well be other failures with %b on those platforms in the
++codebase, and it probably needs an audit.
++
++Once you have a key in private-keys-v1.d/$KEYGRIP.key with a comment
++or a uri of reasonable length associated with it, this fix can be
++tested with:
++
++ gpg-agent --server <<<"READKEY $KEYGRIP"
++
++On the failing platforms, the printed comment will be of length 0.
++
++Gnupg-bug-id: 4501
++Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++(cherry picked from commit 110932925ba8e0169da18d7774440f8d1fd8a344)
++---
++ agent/findkey.c | 7 +++++--
++ 1 file changed, 5 insertions(+), 2 deletions(-)
++
++diff --git a/agent/findkey.c b/agent/findkey.c
++index 89a18fa..bdb6ab4 100644
++--- a/agent/findkey.c
+++++ b/agent/findkey.c
++@@ -1230,6 +1230,7 @@ agent_public_key_from_file (ctrl_t ctrl,
++ gcry_sexp_t uri_sexp, comment_sexp;
++ const char *uri, *comment;
++ size_t uri_length, comment_length;
+++ int uri_intlen, comment_intlen;
++ char *format, *p;
++ void *args[2+7+2+2+1]; /* Size is 2 + max. # of elements + 2 for uri + 2
++ for comment + end-of-list. */
++@@ -1311,14 +1312,16 @@ agent_public_key_from_file (ctrl_t ctrl,
++ {
++ p = stpcpy (p, "(uri %b)");
++ assert (argidx+1 < DIM (args));
++- args[argidx++] = (void *)&uri_length;
+++ uri_intlen = (int)uri_length;
+++ args[argidx++] = (void *)&uri_intlen;
++ args[argidx++] = (void *)&uri;
++ }
++ if (comment)
++ {
++ p = stpcpy (p, "(comment %b)");
++ assert (argidx+1 < DIM (args));
++- args[argidx++] = (void *)&comment_length;
+++ comment_intlen = (int)comment_length;
+++ args[argidx++] = (void *)&comment_intlen;
++ args[argidx++] = (void*)&comment;
++ }
++ *p++ = ')';
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Thu, 9 May 2019 14:49:59 +0200
++Subject: dirmngr: Add a CSRF expection for pm.me
++
++--
++
++Also comment typo fix.
++
++(cherry picked from commit 7c4029110ab45d02e746ddcc13a87952ca0099f5)
++---
++ agent/command.c | 4 ++--
++ dirmngr/http.c | 3 ++-
++ 2 files changed, 4 insertions(+), 3 deletions(-)
++
++diff --git a/agent/command.c b/agent/command.c
++index 41fb394..cf8a2e4 100644
++--- a/agent/command.c
+++++ b/agent/command.c
++@@ -1231,8 +1231,8 @@ do_one_keyinfo (ctrl_t ctrl, const unsigned char *grip, assuan_context_t ctx,
++ }
++
++
++-/* Entry int for the command KEYINFO. This function handles the
++- command option processing. For details see hlp_keyinfo above. */
+++/* Entry into the command KEYINFO. This function handles the
+++ * command option processing. For details see hlp_keyinfo above. */
++ static gpg_error_t
++ cmd_keyinfo (assuan_context_t ctx, char *line)
++ {
++diff --git a/dirmngr/http.c b/dirmngr/http.c
++index 7fdd06a..384f256 100644
++--- a/dirmngr/http.c
+++++ b/dirmngr/http.c
++@@ -3530,7 +3530,8 @@ same_host_p (parsed_uri_t a, parsed_uri_t b)
++ { "protonmail.com", "api.protonmail.com" },
++ { NULL, "api.protonmail.ch" },
++ { "protonmail.ch", "api.protonmail.com" },
++- { NULL, "api.protonmail.ch" }
+++ { NULL, "api.protonmail.ch" },
+++ { "pm.me", "api.protonmail.ch" }
++ };
++ int i;
++ const char *from;
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Tue, 28 May 2019 12:27:00 +0200
++Subject: dirmngr: Allow for other hash algorithms than SHA-1 in OCSP.
++
++* dirmngr/ocsp.c (do_ocsp_request): Remove arg md. Add args r_sigval,
++r_produced_at, and r_md. Get the hash algo from the signature and
++create the context here.
++(check_signature): Allow any hash algo. Print a diagnostic if the
++signature does not verify.
++--
++
++GnuPG-bug-id: 3966
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit 5281ecbe3ae8364407d9831243b81d664b040805)
++---
++ dirmngr/ocsp.c | 105 +++++++++++++++++++++++++++++++++++++++++++--------------
++ 1 file changed, 80 insertions(+), 25 deletions(-)
++
++diff --git a/dirmngr/ocsp.c b/dirmngr/ocsp.c
++index 7edac80..13e6120 100644
++--- a/dirmngr/ocsp.c
+++++ b/dirmngr/ocsp.c
++@@ -116,10 +116,15 @@ read_response (estream_t fp, unsigned char **r_buffer, size_t *r_buflen)
++
++ /* Construct an OCSP request, send it to the configured OCSP responder
++ and parse the response. On success the OCSP context may be used to
++- further process the response. */
+++ further process the response. The signature value and the
+++ production date are returned at R_SIGVAL and R_PRODUCED_AT; they
+++ may be NULL or an empty string if not available. A new hash
+++ context is returned at R_MD. */
++ static gpg_error_t
++-do_ocsp_request (ctrl_t ctrl, ksba_ocsp_t ocsp, gcry_md_hd_t md,
++- const char *url, ksba_cert_t cert, ksba_cert_t issuer_cert)
+++do_ocsp_request (ctrl_t ctrl, ksba_ocsp_t ocsp,
+++ const char *url, ksba_cert_t cert, ksba_cert_t issuer_cert,
+++ ksba_sexp_t *r_sigval, ksba_isotime_t r_produced_at,
+++ gcry_md_hd_t *r_md)
++ {
++ gpg_error_t err;
++ unsigned char *request, *response;
++@@ -132,6 +137,10 @@ do_ocsp_request (ctrl_t ctrl, ksba_ocsp_t ocsp, gcry_md_hd_t md,
++
++ (void)ctrl;
++
+++ *r_sigval = NULL;
+++ *r_produced_at = 0;
+++ *r_md = NULL;
+++
++ if (dirmngr_use_tor ())
++ {
++ /* For now we do not allow OCSP via Tor due to possible privacy
++@@ -263,6 +272,7 @@ do_ocsp_request (ctrl_t ctrl, ksba_ocsp_t ocsp, gcry_md_hd_t md,
++ xfree (free_this);
++ return err;
++ }
+++ /* log_printhex (response, responselen, "ocsp response"); */
++
++ err = ksba_ocsp_parse_response (ocsp, response, responselen,
++ &response_status);
++@@ -290,11 +300,34 @@ do_ocsp_request (ctrl_t ctrl, ksba_ocsp_t ocsp, gcry_md_hd_t md,
++ }
++ if (response_status == KSBA_OCSP_RSPSTATUS_SUCCESS)
++ {
+++ int hash_algo;
+++
++ if (opt.verbose)
++ log_info (_("OCSP responder at '%s' status: %s\n"), url, t);
++
+++ /* Get the signature value now because we can all this fucntion
+++ * only once. */
+++ *r_sigval = ksba_ocsp_get_sig_val (ocsp, r_produced_at);
+++
+++ hash_algo = hash_algo_from_sigval (*r_sigval);
+++ if (!hash_algo)
+++ {
+++ if (opt.verbose)
+++ log_info ("ocsp: using SHA-256 as fallback hash algo.\n");
+++ hash_algo = GCRY_MD_SHA256;
+++ }
+++ err = gcry_md_open (r_md, hash_algo, 0);
+++ if (err)
+++ {
+++ log_error (_("failed to establish a hashing context for OCSP: %s\n"),
+++ gpg_strerror (err));
+++ goto leave;
+++ }
+++ if (DBG_HASHING)
+++ gcry_md_debug (*r_md, "ocsp");
+++
++ err = ksba_ocsp_hash_response (ocsp, response, responselen,
++- HASH_FNC, md);
+++ HASH_FNC, *r_md);
++ if (err)
++ log_error (_("hashing the OCSP response for '%s' failed: %s\n"),
++ url, gpg_strerror (err));
++@@ -305,8 +338,17 @@ do_ocsp_request (ctrl_t ctrl, ksba_ocsp_t ocsp, gcry_md_hd_t md,
++ err = gpg_error (GPG_ERR_GENERAL);
++ }
++
+++ leave:
++ xfree (response);
++ xfree (free_this);
+++ if (err)
+++ {
+++ xfree (*r_sigval);
+++ *r_sigval = NULL;
+++ *r_produced_at = 0;
+++ gcry_md_close (*r_md);
+++ *r_md = NULL;
+++ }
++ return err;
++ }
++
++@@ -391,7 +433,7 @@ check_signature_core (ctrl_t ctrl, ksba_cert_t cert, gcry_sexp_t s_sig,
++
++ /* We simply ignore all errors. */
++ gcry_sexp_release (s_pkey);
++- return -1;
+++ return err;
++ }
++
++
++@@ -410,18 +452,27 @@ check_signature (ctrl_t ctrl,
++ int algo, cert_idx;
++ gcry_sexp_t s_hash;
++ ksba_cert_t cert;
+++ const char *s;
++
++ /* Create a suitable S-expression with the hash value of our response. */
++ gcry_md_final (md);
++ algo = gcry_md_get_algo (md);
++- if (algo != GCRY_MD_SHA1 )
+++ s = gcry_md_algo_name (algo);
+++ if (algo && s && strlen (s) < 16)
++ {
++- log_error (_("only SHA-1 is supported for OCSP responses\n"));
++- return gpg_error (GPG_ERR_DIGEST_ALGO);
+++ char hashalgostr[16+1];
+++ int i;
+++
+++ for (i=0; s[i]; i++)
+++ hashalgostr[i] = ascii_tolower (s[i]);
+++ hashalgostr[i] = 0;
+++ err = gcry_sexp_build (&s_hash, NULL, "(data(flags pkcs1)(hash %s %b))",
+++ hashalgostr,
+++ (int)gcry_md_get_algo_dlen (algo),
+++ gcry_md_read (md, algo));
++ }
++- err = gcry_sexp_build (&s_hash, NULL, "(data(flags pkcs1)(hash sha1 %b))",
++- gcry_md_get_algo_dlen (algo),
++- gcry_md_read (md, algo));
+++ else
+++ err = gpg_error (GPG_ERR_DIGEST_ALGO);
++ if (err)
++ {
++ log_error (_("creating S-expression failed: %s\n"), gcry_strerror (err));
++@@ -465,6 +516,7 @@ check_signature (ctrl_t ctrl,
++ {
++ cert_ref_t cref;
++
+++ /* dump_cert ("from ocsp response", cert); */
++ cref = xtrymalloc (sizeof *cref);
++ if (!cref)
++ log_error (_("allocating list item failed: %s\n"),
++@@ -500,8 +552,6 @@ check_signature (ctrl_t ctrl,
++ }
++ log_printf ("not found\n");
++ }
++- ksba_free (name);
++- ksba_free (keyid);
++
++ if (cert)
++ {
++@@ -510,10 +560,24 @@ check_signature (ctrl_t ctrl,
++ ksba_cert_release (cert);
++ if (!err)
++ {
+++ ksba_free (name);
+++ ksba_free (keyid);
++ gcry_sexp_release (s_hash);
++ return 0; /* Successfully verified the signature. */
++ }
+++ log_error ("responder certificate ");
+++ if (name)
+++ log_printf ("'/%s' ", name);
+++ if (keyid)
+++ {
+++ log_printf ("{");
+++ dump_serial (keyid);
+++ log_printf ("} ");
+++ }
+++ log_printf ("did not verify: %s\n", gpg_strerror (err));
++ }
+++ ksba_free (name);
+++ ksba_free (keyid);
++ }
++
++ gcry_sexp_release (s_hash);
++@@ -588,8 +652,6 @@ ocsp_isvalid (ctrl_t ctrl, ksba_cert_t cert, const char *cert_fpr,
++ goto leave;
++ }
++
++-
++-
++ /* Figure out the OCSP responder to use.
++ 1. Try to get the reponder from the certificate.
++ We do only take http and https style URIs into account.
++@@ -646,14 +708,8 @@ ocsp_isvalid (ctrl_t ctrl, ksba_cert_t cert, const char *cert_fpr,
++ }
++
++ /* Ask the OCSP responder. */
++- err = gcry_md_open (&md, GCRY_MD_SHA1, 0);
++- if (err)
++- {
++- log_error (_("failed to establish a hashing context for OCSP: %s\n"),
++- gpg_strerror (err));
++- goto leave;
++- }
++- err = do_ocsp_request (ctrl, ocsp, md, url, cert, issuer_cert);
+++ err = do_ocsp_request (ctrl, ocsp, url, cert, issuer_cert,
+++ &sigval, produced_at, &md);
++ if (err)
++ goto leave;
++
++@@ -685,8 +741,7 @@ ocsp_isvalid (ctrl_t ctrl, ksba_cert_t cert, const char *cert_fpr,
++ }
++
++ /* We got a useful answer, check that the answer has a valid signature. */
++- sigval = ksba_ocsp_get_sig_val (ocsp, produced_at);
++- if (!sigval || !*produced_at)
+++ if (!sigval || !*produced_at || !md)
++ {
++ err = gpg_error (GPG_ERR_INV_OBJ);
++ goto leave;
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Fri, 29 Mar 2019 14:20:47 +0100
++Subject: dirmngr: Better error code for http status 413.
++
++* dirmngr/ks-engine-hkp.c (send_request): New case for 413.
++* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto.
++* dirmngr/ocsp.c (do_ocsp_request): Ditto.
++--
++
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit 0a30ce036a615bc95382e0640d185b031f8c6a63)
++---
++ dirmngr/ks-engine-hkp.c | 4 ++++
++ dirmngr/ks-engine-http.c | 4 ++++
++ dirmngr/ocsp.c | 4 ++++
++ 3 files changed, 12 insertions(+)
++
++diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c
++index 68d2064..8754a6b 100644
++--- a/dirmngr/ks-engine-hkp.c
+++++ b/dirmngr/ks-engine-hkp.c
++@@ -1266,6 +1266,10 @@ send_request (ctrl_t ctrl, const char *request, const char *hostportstr,
++ err = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
++ goto leave;
++
+++ case 413: /* Payload too large */
+++ err = gpg_error (GPG_ERR_TOO_LARGE);
+++ goto leave;
+++
++ default:
++ log_error (_("error accessing '%s': http status %u\n"),
++ request, http_get_status_code (http));
++diff --git a/dirmngr/ks-engine-http.c b/dirmngr/ks-engine-http.c
++index 1abb350..a9600db 100644
++--- a/dirmngr/ks-engine-http.c
+++++ b/dirmngr/ks-engine-http.c
++@@ -174,6 +174,10 @@ ks_http_fetch (ctrl_t ctrl, const char *url, unsigned int flags,
++ }
++ goto once_more;
++
+++ case 413: /* Payload too large */
+++ err = gpg_error (GPG_ERR_TOO_LARGE);
+++ goto leave;
+++
++ default:
++ log_error (_("error accessing '%s': http status %u\n"),
++ url, http_get_status_code (http));
++diff --git a/dirmngr/ocsp.c b/dirmngr/ocsp.c
++index 2067b7b..7edac80 100644
++--- a/dirmngr/ocsp.c
+++++ b/dirmngr/ocsp.c
++@@ -238,6 +238,10 @@ do_ocsp_request (ctrl_t ctrl, ksba_ocsp_t ocsp, gcry_md_hd_t md,
++ }
++ break;
++
+++ case 413: /* Payload too large */
+++ err = gpg_error (GPG_ERR_TOO_LARGE);
+++ break;
+++
++ default:
++ log_error (_("error accessing '%s': http status %u\n"),
++ url, http_get_status_code (http));
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Wed, 15 May 2019 09:18:28 +0200
++Subject: doc: Do not mention gpg's deprecated --keyserver option.
++
++--
++GnuPG-bug-id: 4466
++
++(cherry picked from commit 0d669a360c6e6729e2423534847a5ad47830bb9a)
++---
++ doc/gpg.texi | 34 +++++++++++++++-------------------
++ 1 file changed, 15 insertions(+), 19 deletions(-)
++
++diff --git a/doc/gpg.texi b/doc/gpg.texi
++index e3efb3d..7858baf 100644
++--- a/doc/gpg.texi
+++++ b/doc/gpg.texi
++@@ -434,9 +434,8 @@ file given with option @option{--output}. Use together with
++ @item --send-keys @var{keyIDs}
++ @opindex send-keys
++ Similar to @option{--export} but sends the keys to a keyserver.
++-Fingerprints may be used instead of key IDs. Option
++-@option{--keyserver} must be used to give the name of this
++-keyserver. Don't send your complete keyring to a keyserver --- select
+++Fingerprints may be used instead of key IDs.
+++Don't send your complete keyring to a keyserver --- select
++ only those keys which are new or changed by you. If no @var{keyIDs}
++ are given, @command{@gpgname} does nothing.
++
++@@ -491,27 +490,25 @@ signatures, user-IDs and subkeys.
++ @opindex receive-keys
++ @itemx --recv-keys @var{keyIDs}
++ @opindex recv-keys
++-Import the keys with the given @var{keyIDs} from a keyserver. Option
++-@option{--keyserver} must be used to give the name of this keyserver.
+++Import the keys with the given @var{keyIDs} from a keyserver.
++
++ @item --refresh-keys
++ @opindex refresh-keys
++ Request updates from a keyserver for keys that already exist on the
++ local keyring. This is useful for updating a key with the latest
++ signatures, user IDs, etc. Calling this with no arguments will refresh
++-the entire keyring. Option @option{--keyserver} must be used to give the
++-name of the keyserver for all keys that do not have preferred keyservers
++-set (see @option{--keyserver-options honor-keyserver-url}).
+++the entire keyring.
++
++ @item --search-keys @var{names}
++ @opindex search-keys
++-Search the keyserver for the given @var{names}. Multiple names given here will
++-be joined together to create the search string for the keyserver.
++-Option @option{--keyserver} must be used to give the name of this
++-keyserver. Keyservers that support different search methods allow using
++-the syntax specified in "How to specify a user ID" below. Note that
++-different keyserver types support different search methods. Currently
++-only LDAP supports them all.
+++Search the keyserver for the given @var{names}. Multiple names given
+++here will be joined together to create the search string for the
+++keyserver. Note that keyservers search for @var{names} in a different
+++and simpler way than gpg does. The best choice is to use a mail
+++address. Due to data privacy reasons keyservers may even not even
+++allow searching by user id or mail address and thus may only return
+++results when being used with the @option{--recv-key} command to
+++search by key fingerprint or keyid.
++
++ @item --fetch-keys @var{URIs}
++ @opindex fetch-keys
++@@ -1766,12 +1763,11 @@ list. The default is "local,wkd".
++ PGP Universal method of checking @samp{ldap://keys.(thedomain)}.
++
++ @item keyserver
++- Locate a key using whatever keyserver is defined using the
++- @option{--keyserver} option.
+++ Locate a key using a keyserver.
++
++ @item keyserver-URL
++- In addition, a keyserver URL as used in the @option{--keyserver} option
++- may be used here to query that particular keyserver.
+++ In addition, a keyserver URL as used in the @command{dirmngr}
+++ configuration may be used here to query that particular keyserver.
++
++ @item local
++ Locate the key using the local keyrings. This mechanism allows the user to
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Fri, 3 May 2019 16:15:04 +0200
++Subject: doc: Minor doc fix to dirmngr.
++
++--
++
++Reported-by: dkg
++(cherry picked from commit 781d2c5c8995b92e58fcf344fa8931523583f537)
++---
++ doc/dirmngr.texi | 4 +---
++ 1 file changed, 1 insertion(+), 3 deletions(-)
++
++diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi
++index 742658e..8e6cbc6 100644
++--- a/doc/dirmngr.texi
+++++ b/doc/dirmngr.texi
++@@ -251,7 +251,7 @@ The option @option{--use-tor} switches Dirmngr and thus GnuPG into
++ ``Tor mode'' to route all network access via Tor (an anonymity
++ network). Certain other features are disabled in this mode. The
++ effect of @option{--use-tor} cannot be overridden by any other command
++-or even be reloading gpg-agent. The use of @option{--no-use-tor}
+++or even by reloading dirmngr. The use of @option{--no-use-tor}
++ disables the use of Tor. The default is to use Tor if it is available
++ on startup or after reloading dirmngr.
++
++@@ -1179,5 +1179,3 @@ as a binary blob.
++ @c used for this. The first one starts a search and the second one is
++ @c used to retrieve certificate after certificate.
++ @c
++-
++-
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Tue, 14 May 2019 10:07:06 +0200
++Subject: doc: Minor edit for a gpg option.
++
++--
++GnuPG-bug-id: 4507
++
++(cherry picked from commit 49a679eb3596ef273afacb49ef9044c4a063694b)
++---
++ doc/gpg.texi | 4 ++--
++ 1 file changed, 2 insertions(+), 2 deletions(-)
++
++diff --git a/doc/gpg.texi b/doc/gpg.texi
++index 22813c7..e3efb3d 100644
++--- a/doc/gpg.texi
+++++ b/doc/gpg.texi
++@@ -1330,8 +1330,8 @@ give the opposite meaning. The options are:
++
++ @item show-only-fpr-mbox
++ @opindex list-options:show-only-fpr-mbox
++- For each valid user-id which also has a valid mail address print
++- only the fingerprint and the mail address.
+++ For each user-id which has a valid mail address print
+++ only the fingerprint followed by the mail address.
++ @end table
++
++ @item --verify-options @var{parameters}
--- /dev/null
--- /dev/null
++From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Date: Fri, 10 May 2019 12:39:45 -0400
++Subject: doc: correct documentation for gpgconf --kill
++
++* doc/tools.texi(gpgconf): Correct documentation for gpgconf --kill.
++
++Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++(cherry picked from commit 9662538be6afc8beee0f2654f9a8f234c5dac016)
++(cherry picked from commit be116f871dbf14dd44d3a7909c2a052f8979c480)
++---
++ doc/tools.texi | 11 ++++++-----
++ 1 file changed, 6 insertions(+), 5 deletions(-)
++
++diff --git a/doc/tools.texi b/doc/tools.texi
++index 6256c05..b1e8b0b 100644
++--- a/doc/tools.texi
+++++ b/doc/tools.texi
++@@ -352,11 +352,12 @@ may use this command to ensure that they are started. Using "all" for
++
++ @item --kill [@var{component}]
++ @opindex kill
++-Kill the given component. Components which support killing are
++-@command{gpg-agent} and @command{scdaemon}. Components which don't
++-support reloading are ignored. Using "all" for @var{component} kills
++-all components running as daemons. Note that as of now reload and
++-kill have the same effect for @command{scdaemon}.
+++Kill the given component that runs as a daemon, including
+++@command{gpg-agent}, @command{dirmngr}, and @command{scdaemon}. A
+++@command{component} which does not run as a daemon will be ignored.
+++Using "all" for @var{component} kills all components running as
+++daemons. Note that as of now reload and kill have the same effect for
+++@command{scdaemon}.
++
++ @item --create-socketdir
++ @opindex create-socketdir
--- /dev/null
--- /dev/null
++From: Andre Heinecke <aheinecke@intevation.de>
++Date: Thu, 18 Apr 2019 13:19:05 +0200
++Subject: g10: Fix double free when locating by mbox
++
++* g10/getkey.c (get_best_pubkey_byname): Set new.uid always
++to NULL after use.
++
++--
++pubkey_cmp is not guranteed to set new.uid.
++So if the diff < 0 case is reached best is set to new.
++
++If then diff > 0 is reached without modifying new.uid
++e.g. if the key has no matching mboxes. new.uid is
++free'd even though the uid is still referenced in
++best.
++
++GnuPG-Bug-Id: T4462
++(cherry picked from commit e57954ed278cb5e6e725005b1ecaf7ce70006ce0)
++(cherry picked from commit 35899dc2903b118620e6f9f0fa6b21c8568abbf1)
++---
++ g10/getkey.c | 3 +--
++ 1 file changed, 1 insertion(+), 2 deletions(-)
++
++diff --git a/g10/getkey.c b/g10/getkey.c
++index c4afe45..1b699a4 100644
++--- a/g10/getkey.c
+++++ b/g10/getkey.c
++@@ -1495,15 +1495,14 @@ get_best_pubkey_byname (ctrl_t ctrl, GETKEY_CTX *retctx, PKT_public_key *pk,
++ /* Old key is better. */
++ release_public_key_parts (&new.key);
++ free_user_id (new.uid);
++- new.uid = NULL;
++ }
++ else
++ {
++ /* A tie. Keep the old key. */
++ release_public_key_parts (&new.key);
++ free_user_id (new.uid);
++- new.uid = NULL;
++ }
+++ new.uid = NULL;
++ }
++ getkey_end (ctrl, ctx);
++ ctx = NULL;
--- /dev/null
--- /dev/null
++From: NIIBE Yutaka <gniibe@fsij.org>
++Date: Tue, 14 May 2019 11:20:07 +0900
++Subject: g10: Fix possible null dereference.
++
++* g10/armor.c (armor_filter): Access ->d in the internal loop.
++
++--
++
++Cherry-picked master commit of:
++ 802a2aa300bad3d4385d17a2deeb0966da4e737d
++
++GnuPG-bug-id: 4494
++Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
++(cherry picked from commit 5b22d2c400890fc366ccb7ca74ee886d9cef22a3)
++---
++ g10/armor.c | 4 ++--
++ 1 file changed, 2 insertions(+), 2 deletions(-)
++
++diff --git a/g10/armor.c b/g10/armor.c
++index cc80968..36215a3 100644
++--- a/g10/armor.c
+++++ b/g10/armor.c
++@@ -1156,10 +1156,10 @@ armor_filter( void *opaque, int control,
++ }
++
++ /* write the comment strings */
++- for(s=comment->d;comment;comment=comment->next,s=comment->d)
+++ for(;comment;comment=comment->next)
++ {
++ iobuf_writestr(a, "Comment: " );
++- for( ; *s; s++ )
+++ for( s=comment->d; *s; s++ )
++ {
++ if( *s == '\n' )
++ iobuf_writestr(a, "\\n" );
--- /dev/null
--- /dev/null
++From: NIIBE Yutaka <gniibe@fsij.org>
++Date: Wed, 13 Mar 2019 09:12:14 +0900
++Subject: g10: Fix symmetric cipher algo constant for ECDH.
++
++* g10/ecdh.c (kek_params_table): Use CIPHER_ALGO_AES192 for
++ECC strength 384, according to RFC-6637.
++
++--
++
++Reported-by: Trevor Bentley
++Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
++(cherry picked from commit af3efd149f555d36a455cb2ea311ff81caf5124c)
++(cherry picked from commit 38c2a9a644e0bc1e2594ea437a5930982f7b8c4e)
++---
++ g10/ecdh.c | 2 +-
++ scd/app-openpgp.c | 4 ++--
++ 2 files changed, 3 insertions(+), 3 deletions(-)
++
++diff --git a/g10/ecdh.c b/g10/ecdh.c
++index 6c2a56b..dcb3cde 100644
++--- a/g10/ecdh.c
+++++ b/g10/ecdh.c
++@@ -39,7 +39,7 @@ static const struct
++ /* Note: Must be sorted by ascending values for QBITS. */
++ {
++ { 256, DIGEST_ALGO_SHA256, CIPHER_ALGO_AES },
++- { 384, DIGEST_ALGO_SHA384, CIPHER_ALGO_AES256 },
+++ { 384, DIGEST_ALGO_SHA384, CIPHER_ALGO_AES192 },
++
++ /* Note: 528 is 521 rounded to the 8 bit boundary */
++ { 528, DIGEST_ALGO_SHA512, CIPHER_ALGO_AES256 }
++diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c
++index fa23fbe..e4a1fba 100644
++--- a/scd/app-openpgp.c
+++++ b/scd/app-openpgp.c
++@@ -1442,8 +1442,8 @@ ecdh_params (const char *curve)
++ /* See RFC-6637 for those constants.
++ 0x03: Number of bytes
++ 0x01: Version for this parameter format
++- KDF algo
++- KEK algo
+++ KDF hash algo
+++ KEK symmetric cipher algo
++ */
++ if (nbits <= 256)
++ return (const unsigned char*)"\x03\x01\x08\x07";
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Thu, 11 Apr 2019 09:54:28 +0200
++Subject: gpg: Accept also armored data from the WKD.
++
++* g10/keyserver.c (keyserver_import_wkd): Clear NO_ARMOR.
++--
++
++We may even adjust the specs to allow that. It should not be a
++problem for any OpenPGP implementation because armored keys are very
++common and de-armoring code is de-facto a mandatory feature.
++
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit dc4c7f65e32a0cddc075d06fa0132e099bcb6455)
++---
++ g10/keyserver.c | 5 +++--
++ 1 file changed, 3 insertions(+), 2 deletions(-)
++
++diff --git a/g10/keyserver.c b/g10/keyserver.c
++index 8509d83..865e1e9 100644
++--- a/g10/keyserver.c
+++++ b/g10/keyserver.c
++@@ -2072,8 +2072,9 @@ keyserver_import_wkd (ctrl_t ctrl, const char *name, int quick,
++ int armor_status = opt.no_armor;
++ import_filter_t save_filt;
++
++- /* Keys returned via WKD are in binary format. */
++- opt.no_armor = 1;
+++ /* Keys returned via WKD are in binary format. However, we
+++ * relax that requirement and allow also for armored data. */
+++ opt.no_armor = 0;
++ save_filt = save_and_clear_import_filter ();
++ if (!save_filt)
++ err = gpg_error_from_syserror ();
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Mon, 27 May 2019 10:40:38 +0200
++Subject: gpg: Allow deletion of subkeys with --delete-[secret-]key.
++
++* common/userids.c (classify_user_id): Do not set the EXACT flag in
++the default case.
++* g10/export.c (exact_subkey_match_p): Make static,
++* g10/delkey.c (do_delete_key): Implement subkey only deleting.
++--
++
++GnuPG-bug-id: 4457
++(cherry picked from commit d9b31d3a20b89a5ad7e9a2158b6da63a9a37fa8a)
++---
++ common/userids.c | 7 ++--
++ doc/gpg.texi | 10 ++++--
++ g10/delkey.c | 103 +++++++++++++++++++++++++++++++++++++++++++++++++++----
++ g10/export.c | 4 +--
++ g10/main.h | 2 ++
++ 5 files changed, 113 insertions(+), 13 deletions(-)
++
++diff --git a/common/userids.c b/common/userids.c
++index 01f2cd8..00f26b7 100644
++--- a/common/userids.c
+++++ b/common/userids.c
++@@ -351,8 +351,10 @@ classify_user_id (const char *name, KEYDB_SEARCH_DESC *desc, int openpgp_hack)
++ }
++ else if (!hexprefix)
++ {
++- /* The fingerprint in an X.509 listing is often delimited by
++- colons, so we try to single this case out. */
+++ /* The fingerprint of an X.509 listing is often delimited by
+++ * colons, so we try to single this case out. Note that the
+++ * OpenPGP bang suffix is not supported here. */
+++ desc->exact = 0;
++ mode = 0;
++ hexlength = strspn (s, ":0123456789abcdefABCDEF");
++ if (hexlength == 59 && (!s[hexlength] || spacep (s+hexlength)))
++@@ -414,7 +416,6 @@ classify_user_id (const char *name, KEYDB_SEARCH_DESC *desc, int openpgp_hack)
++ }
++ if (!mode) /* Default to substring search. */
++ {
++- desc->exact = 0;
++ desc->u.name = s;
++ mode = KEYDB_SEARCH_MODE_SUBSTR;
++ }
++diff --git a/doc/gpg.texi b/doc/gpg.texi
++index 7858baf..9853f69 100644
++--- a/doc/gpg.texi
+++++ b/doc/gpg.texi
++@@ -404,7 +404,10 @@ functionality is also available as the subcommand "passwd" with the
++ @opindex delete-keys
++ Remove key from the public keyring. In batch mode either @option{--yes} is
++ required or the key must be specified by fingerprint. This is a
++-safeguard against accidental deletion of multiple keys.
+++safeguard against accidental deletion of multiple keys. If the
+++exclamation mark syntax is used with the fingerprint of a subkey only
+++that subkey is deleted; if the exclamation mark is used with the
+++fingerprint of the primary key the entire public key is deleted.
++
++ @item --delete-secret-keys @var{name}
++ @opindex delete-secret-keys
++@@ -413,7 +416,10 @@ specified by fingerprint. The option @option{--yes} can be used to
++ advice gpg-agent not to request a confirmation. This extra
++ pre-caution is done because @command{@gpgname} can't be sure that the
++ secret key (as controlled by gpg-agent) is only used for the given
++-OpenPGP public key.
+++OpenPGP public key. If the exclamation mark syntax is used with the
+++fingerprint of a subkey only the secret part of that subkey is
+++deleted; if the exclamation mark is used with the fingerprint of the
+++primary key only the secret part of the primary key is deleted.
++
++
++ @item --delete-secret-and-public-key @var{name}
++diff --git a/g10/delkey.c b/g10/delkey.c
++index 461a2c8..e91acb0 100644
++--- a/g10/delkey.c
+++++ b/g10/delkey.c
++@@ -1,7 +1,7 @@
++ /* delkey.c - delete keys
++ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2004,
++ * 2005, 2006 Free Software Foundation, Inc.
++- * Copyright (C) 2014 Werner Koch
+++ * Copyright (C) 2014, 2019 Werner Koch
++ *
++ * This file is part of GnuPG.
++ *
++@@ -53,13 +53,15 @@ do_delete_key (ctrl_t ctrl, const char *username, int secret, int force,
++ gpg_error_t err;
++ kbnode_t keyblock = NULL;
++ kbnode_t node, kbctx;
+++ kbnode_t targetnode;
++ KEYDB_HANDLE hd;
++ PKT_public_key *pk = NULL;
++ u32 keyid[2];
++ int okay=0;
++ int yes;
++ KEYDB_SEARCH_DESC desc;
++- int exactmatch;
+++ int exactmatch; /* True if key was found by fingerprint. */
+++ int thiskeyonly; /* 0 = false, 1 = is primary key, 2 = is a subkey. */
++
++ *r_sec_avail = 0;
++
++@@ -72,6 +74,7 @@ do_delete_key (ctrl_t ctrl, const char *username, int secret, int force,
++ exactmatch = (desc.mode == KEYDB_SEARCH_MODE_FPR
++ || desc.mode == KEYDB_SEARCH_MODE_FPR16
++ || desc.mode == KEYDB_SEARCH_MODE_FPR20);
+++ thiskeyonly = desc.exact;
++ if (!err)
++ err = keydb_search (hd, &desc, 1, NULL);
++ if (err)
++@@ -97,7 +100,35 @@ do_delete_key (ctrl_t ctrl, const char *username, int secret, int force,
++ err = gpg_error (GPG_ERR_GENERAL);
++ goto leave;
++ }
++- pk = node->pkt->pkt.public_key;
+++
+++ /* If an operation only on a subkey is requested, find that subkey
+++ * now. */
+++ if (thiskeyonly)
+++ {
+++ kbnode_t tmpnode;
+++
+++ for (kbctx=NULL; (tmpnode = walk_kbnode (keyblock, &kbctx, 0)); )
+++ {
+++ if (!(tmpnode->pkt->pkttype == PKT_PUBLIC_KEY
+++ || tmpnode->pkt->pkttype == PKT_PUBLIC_SUBKEY))
+++ continue;
+++ if (exact_subkey_match_p (&desc, tmpnode))
+++ break;
+++ }
+++ if (!tmpnode)
+++ {
+++ log_error ("Oops; requested subkey not found anymore!\n");
+++ err = gpg_error (GPG_ERR_GENERAL);
+++ goto leave;
+++ }
+++ /* Set NODE to this specific subkey or primary key. */
+++ thiskeyonly = node == tmpnode? 1 : 2;
+++ targetnode = tmpnode;
+++ }
+++ else
+++ targetnode = node;
+++
+++ pk = targetnode->pkt->pkt.public_key;
++ keyid_from_pk (pk, keyid);
++
++ if (!secret && !force)
++@@ -143,6 +174,32 @@ do_delete_key (ctrl_t ctrl, const char *username, int secret, int force,
++ print_pubkey_info (ctrl, NULL, pk );
++ tty_printf( "\n" );
++
+++ if (thiskeyonly == 1 && !secret)
+++ {
+++ /* We need to delete the entire public key despite the use
+++ * of the thiskeyonly request. */
+++ tty_printf (_("Note: The public primary key and all its subkeys"
+++ " will be deleted.\n"));
+++ }
+++ else if (thiskeyonly == 2 && !secret)
+++ {
+++ tty_printf (_("Note: Only the shown public subkey"
+++ " will be deleted.\n"));
+++ }
+++ if (thiskeyonly == 1 && secret)
+++ {
+++ tty_printf (_("Note: Only the secret part of the shown primary"
+++ " key will be deleted.\n"));
+++ }
+++ else if (thiskeyonly == 2 && secret)
+++ {
+++ tty_printf (_("Note: Only the secret part of the shown subkey"
+++ " will be deleted.\n"));
+++ }
+++
+++ if (thiskeyonly)
+++ tty_printf ("\n");
+++
++ yes = cpr_get_answer_is_yes
++ (secret? "delete_key.secret.okay": "delete_key.okay",
++ _("Delete this key from the keyring? (y/N) "));
++@@ -178,6 +235,9 @@ do_delete_key (ctrl_t ctrl, const char *username, int secret, int force,
++ || node->pkt->pkttype == PKT_PUBLIC_SUBKEY))
++ continue;
++
+++ if (thiskeyonly && targetnode != node)
+++ continue;
+++
++ if (agent_probe_secret_key (NULL, node->pkt->pkt.public_key))
++ continue; /* No secret key for that public (sub)key. */
++
++@@ -219,9 +279,38 @@ do_delete_key (ctrl_t ctrl, const char *username, int secret, int force,
++ if (firsterr)
++ goto leave;
++ }
+++ else if (thiskeyonly == 2)
+++ {
+++ int selected = 0;
+++
+++ /* Delete the specified public subkey. */
+++ for (kbctx=NULL; (node = walk_kbnode (keyblock, &kbctx, 0)); )
+++ {
+++ if (thiskeyonly && targetnode != node)
+++ continue;
+++
+++ if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
+++ {
+++ selected = targetnode == node;
+++ if (selected)
+++ delete_kbnode (node);
+++ }
+++ else if (selected && node->pkt->pkttype == PKT_SIGNATURE)
+++ delete_kbnode (node);
+++ else
+++ selected = 0;
+++ }
+++ commit_kbnode (&keyblock);
+++ err = keydb_update_keyblock (ctrl, hd, keyblock);
+++ if (err)
+++ {
+++ log_error (_("update failed: %s\n"), gpg_strerror (err));
+++ goto leave;
+++ }
+++ }
++ else
++ {
++- err = opt.dry_run? 0 : keydb_delete_keyblock (hd);
+++ err = keydb_delete_keyblock (hd);
++ if (err)
++ {
++ log_error (_("deleting keyblock failed: %s\n"),
++@@ -234,7 +323,8 @@ do_delete_key (ctrl_t ctrl, const char *username, int secret, int force,
++ revalidation_mark(). This makes sense - only deleting keys
++ that have ownertrust set should trigger this. */
++
++- if (!secret && pk && !opt.dry_run && clear_ownertrusts (ctrl, pk))
+++ if (!secret && pk && !opt.dry_run && thiskeyonly != 2
+++ && clear_ownertrusts (ctrl, pk))
++ {
++ if (opt.verbose)
++ log_info (_("ownertrust information cleared\n"));
++@@ -247,7 +337,8 @@ do_delete_key (ctrl_t ctrl, const char *username, int secret, int force,
++ return err;
++ }
++
++-/****************
+++
+++/*
++ * Delete a public or secret key from a keyring.
++ */
++ gpg_error_t
++diff --git a/g10/export.c b/g10/export.c
++index 70f5261..4216a24 100644
++--- a/g10/export.c
+++++ b/g10/export.c
++@@ -428,8 +428,8 @@ new_subkey_list_item (KBNODE node)
++ (keyID or fingerprint) and does match the one at NODE. It is
++ assumed that the packet at NODE is either a public or secret
++ subkey. */
++-static int
++-exact_subkey_match_p (KEYDB_SEARCH_DESC *desc, KBNODE node)
+++int
+++exact_subkey_match_p (KEYDB_SEARCH_DESC *desc, kbnode_t node)
++ {
++ u32 kid[2];
++ byte fpr[MAX_FINGERPRINT_LEN];
++diff --git a/g10/main.h b/g10/main.h
++index d3d6060..e14fcbb 100644
++--- a/g10/main.h
+++++ b/g10/main.h
++@@ -396,6 +396,8 @@ void export_print_stats (export_stats_t stats);
++ int parse_export_options(char *str,unsigned int *options,int noisy);
++ gpg_error_t parse_and_set_export_filter (const char *string);
++
+++int exact_subkey_match_p (KEYDB_SEARCH_DESC *desc, kbnode_t node);
+++
++ int export_pubkeys (ctrl_t ctrl, strlist_t users, unsigned int options,
++ export_stats_t stats);
++ int export_seckeys (ctrl_t ctrl, strlist_t users, unsigned int options,
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Mon, 13 May 2019 19:01:28 +0200
++Subject: gpg: Change update_keysig_packet to replace SHA-1 by SHA-256.
++
++* g10/sign.c (update_keysig_packet): Convert digest algo when needed.
++--
++
++Several gpg commands try to keep most properties of a key signature
++when updating (i.e. creating a new version of a key signature). This
++included the use of the current hash-algorithm. This patch changes
++this so that SHA-1 or RMD160 are replaced by SHA-256 if
++possible (i.e. for RSA signatures). Affected commands are for example
++--quick-set-expire and --quick-set-primary-uid.
++
++GnuPG-bug-id: 4508
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit c1dc7a832921fdf5686d377f33db78707c0345e2)
++---
++ g10/sign.c | 7 +++++++
++ 1 file changed, 7 insertions(+)
++
++diff --git a/g10/sign.c b/g10/sign.c
++index 095fa11..92ff361 100644
++--- a/g10/sign.c
+++++ b/g10/sign.c
++@@ -1593,6 +1593,13 @@ update_keysig_packet (ctrl_t ctrl,
++
++ if ( opt.cert_digest_algo )
++ digest_algo = opt.cert_digest_algo;
+++ else if (pksk->pubkey_algo == PUBKEY_ALGO_DSA
+++ || pksk->pubkey_algo == PUBKEY_ALGO_ECDSA
+++ || pksk->pubkey_algo == PUBKEY_ALGO_EDDSA)
+++ digest_algo = orig_sig->digest_algo;
+++ else if (orig_sig->digest_algo == DIGEST_ALGO_SHA1
+++ || orig_sig->digest_algo == DIGEST_ALGO_RMD160)
+++ digest_algo = DEFAULT_DIGEST_ALGO;
++ else
++ digest_algo = orig_sig->digest_algo;
++
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Tue, 21 May 2019 16:25:56 +0200
++Subject: gpg: Do not allow creation of user ids larger than our parser
++ allows.
++
++* g10/parse-packet.c: Move max packet lengths constants to ...
++* g10/packet.h: ... here.
++* g10/build-packet.c (do_user_id): Return an error if too data is too
++large.
++* g10/keygen.c (write_uid): Return an error for too large data.
++--
++
++This can lead to keyring corruption becuase we expect that our parser
++is abale to parse packts created by us. Test case is
++
++ gpg --batch --passphrase 'abc' -v \
++ --quick-gen-key $(yes 'a'| head -4000|tr -d '\n')
++
++GnuPG-bug-id: 4532
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit d32963eeb33fd3053d40a4e7071fb0e8b28a8651)
++---
++ g10/build-packet.c | 8 +++++++-
++ g10/keygen.c | 35 ++++++++++++++++++++---------------
++ g10/packet.h | 5 +++++
++ g10/parse-packet.c | 6 ------
++ 4 files changed, 32 insertions(+), 22 deletions(-)
++
++diff --git a/g10/build-packet.c b/g10/build-packet.c
++index b83ea84..14e40a1 100644
++--- a/g10/build-packet.c
+++++ b/g10/build-packet.c
++@@ -424,15 +424,21 @@ do_user_id( IOBUF out, int ctb, PKT_user_id *uid )
++ * Without forcing HDRLEN to 2 in this case an indeterminate length
++ * packet would be written which is not allowed. Note that we are
++ * always called with a CTB indicating an old packet header format,
++- * so that forcing a 2 octet header works. */
+++ * so that forcing a 2 octet header works. We also check for the
+++ * maximum allowed packet size by the parser using an arbitrary
+++ * extra 10 bytes for header data. */
++ if (uid->attrib_data)
++ {
+++ if (uid->attrib_len > MAX_ATTR_PACKET_LENGTH - 10)
+++ return gpg_error (GPG_ERR_TOO_LARGE);
++ hdrlen = uid->attrib_len? 0 : 2;
++ write_header2 (out, ctb, uid->attrib_len, hdrlen);
++ rc = iobuf_write( out, uid->attrib_data, uid->attrib_len );
++ }
++ else
++ {
+++ if (uid->len > MAX_UID_PACKET_LENGTH - 10)
+++ return gpg_error (GPG_ERR_TOO_LARGE);
++ hdrlen = uid->len? 0 : 2;
++ write_header2 (out, ctb, uid->len, hdrlen);
++ rc = iobuf_write( out, uid->name, uid->len );
++diff --git a/g10/keygen.c b/g10/keygen.c
++index 9edbdff..28ef898 100644
++--- a/g10/keygen.c
+++++ b/g10/keygen.c
++@@ -217,18 +217,22 @@ print_status_key_not_created (const char *handle)
++
++
++
++-static void
++-write_uid( KBNODE root, const char *s )
+++static gpg_error_t
+++write_uid (kbnode_t root, const char *s)
++ {
++- PACKET *pkt = xmalloc_clear(sizeof *pkt );
++- size_t n = strlen(s);
++-
++- pkt->pkttype = PKT_USER_ID;
++- pkt->pkt.user_id = xmalloc_clear (sizeof *pkt->pkt.user_id + n);
++- pkt->pkt.user_id->len = n;
++- pkt->pkt.user_id->ref = 1;
++- strcpy(pkt->pkt.user_id->name, s);
++- add_kbnode( root, new_kbnode( pkt ) );
+++ PACKET *pkt = xmalloc_clear (sizeof *pkt);
+++ size_t n = strlen (s);
+++
+++ if (n > MAX_UID_PACKET_LENGTH - 10)
+++ return gpg_error (GPG_ERR_INV_USER_ID);
+++
+++ pkt->pkttype = PKT_USER_ID;
+++ pkt->pkt.user_id = xmalloc_clear (sizeof *pkt->pkt.user_id + n);
+++ pkt->pkt.user_id->len = n;
+++ pkt->pkt.user_id->ref = 1;
+++ strcpy (pkt->pkt.user_id->name, s);
+++ add_kbnode (root, new_kbnode (pkt));
+++ return 0;
++ }
++
++ static void
++@@ -4750,10 +4754,11 @@ do_generate_keypair (ctrl_t ctrl, struct para_data_s *para,
++
++ if (!err && (s = get_parameter_value (para, pUSERID)))
++ {
++- write_uid (pub_root, s );
++- err = write_selfsigs (ctrl, pub_root, pri_psk,
++- get_parameter_uint (para, pKEYUSAGE), timestamp,
++- cache_nonce);
+++ err = write_uid (pub_root, s );
+++ if (!err)
+++ err = write_selfsigs (ctrl, pub_root, pri_psk,
+++ get_parameter_uint (para, pKEYUSAGE), timestamp,
+++ cache_nonce);
++ }
++
++ /* Write the auth key to the card before the encryption key. This
++diff --git a/g10/packet.h b/g10/packet.h
++index 6d01b10..6e326b5 100644
++--- a/g10/packet.h
+++++ b/g10/packet.h
++@@ -33,6 +33,11 @@
++
++ #define DEBUG_PARSE_PACKET 1
++
+++/* Maximum length of packets to avoid excessive memory allocation. */
+++#define MAX_KEY_PACKET_LENGTH (256 * 1024)
+++#define MAX_UID_PACKET_LENGTH ( 2 * 1024)
+++#define MAX_COMMENT_PACKET_LENGTH ( 64 * 1024)
+++#define MAX_ATTR_PACKET_LENGTH ( 16 * 1024*1024)
++
++ /* Constants to allocate static MPI arrays. */
++ #define PUBKEY_MAX_NPKEY 5
++diff --git a/g10/parse-packet.c b/g10/parse-packet.c
++index 3aa11a4..2d6ec92 100644
++--- a/g10/parse-packet.c
+++++ b/g10/parse-packet.c
++@@ -38,12 +38,6 @@
++ #include "../common/mbox-util.h"
++
++
++-/* Maximum length of packets to avoid excessive memory allocation. */
++-#define MAX_KEY_PACKET_LENGTH (256 * 1024)
++-#define MAX_UID_PACKET_LENGTH ( 2 * 1024)
++-#define MAX_COMMENT_PACKET_LENGTH ( 64 * 1024)
++-#define MAX_ATTR_PACKET_LENGTH ( 16 * 1024*1024)
++-
++ static int mpi_print_mode;
++ static int list_mode;
++ static estream_t listfp;
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Tue, 21 May 2019 17:27:42 +0200
++Subject: gpg: Do not bail on an invalid packet in the local keyring.
++
++* g10/keydb.c (parse_keyblock_image): Treat invalid packet special.
++--
++
++This is in particular useful to run --list-keys on a keyring with
++corrupted packets. The extra flush is to keep the diagnostic close to
++the regular --list-key output.
++
++Signed-off-by: Werner Koch <wk@gnupg.org>
++
++This is a backport from master with support for the unsupported v5 key
++handling.
++
++(cherry picked from commit 30f44957ccd1433846709911798af3da4e437900)
++---
++ g10/keydb.c | 15 +++++++++++----
++ 1 file changed, 11 insertions(+), 4 deletions(-)
++
++diff --git a/g10/keydb.c b/g10/keydb.c
++index 0475f85..670a8a1 100644
++--- a/g10/keydb.c
+++++ b/g10/keydb.c
++@@ -1249,12 +1249,19 @@ parse_keyblock_image (iobuf_t iobuf, int pk_no, int uid_no,
++ }
++ if (err)
++ {
++- if (gpg_err_code (err) != GPG_ERR_UNKNOWN_VERSION)
+++ es_fflush (es_stdout);
+++ log_error ("parse_keyblock_image: read error: %s\n",
+++ gpg_strerror (err));
+++ if (gpg_err_code (err) == GPG_ERR_INV_PACKET)
++ {
++- log_error ("parse_keyblock_image: read error: %s\n",
++- gpg_strerror (err));
++- err = gpg_error (GPG_ERR_INV_KEYRING);
+++ free_packet (pkt, &parsectx);
+++ init_packet (pkt);
+++ continue;
++ }
+++ /* Unknown version maybe due to v5 keys - we treat this
+++ * error different. */
+++ if (gpg_err_code (err) != GPG_ERR_UNKNOWN_VERSION)
+++ err = gpg_error (GPG_ERR_INV_KEYRING);
++ break;
++ }
++
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Mon, 20 May 2019 12:31:55 +0200
++Subject: gpg: Do not delete any keys if --dry-run is passed.
++
++* g10/delkey.c (do_delete_key): Don't delete the keyblock on dry runs.
++Do not clear the ownertrust. Do not let the agent delete the key.
++--
++
++Co-authored-by: Matheus Afonso Martins Moreira
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit 5c46c5f74540ad753b925b74593332ca92de47fa)
++---
++ g10/delkey.c | 6 +++---
++ 1 file changed, 3 insertions(+), 3 deletions(-)
++
++diff --git a/g10/delkey.c b/g10/delkey.c
++index bf8c4e9..461a2c8 100644
++--- a/g10/delkey.c
+++++ b/g10/delkey.c
++@@ -190,7 +190,7 @@ do_delete_key (ctrl_t ctrl, const char *username, int secret, int force,
++ * pre-caution is that since 2.1 the secret key may also
++ * be used for other protocols and thus deleting it from
++ * the gpg would also delete the key for other tools. */
++- if (!err)
+++ if (!err && !opt.dry_run)
++ err = agent_delete_key (NULL, hexgrip, prompt,
++ opt.answer_yes);
++ xfree (prompt);
++@@ -221,7 +221,7 @@ do_delete_key (ctrl_t ctrl, const char *username, int secret, int force,
++ }
++ else
++ {
++- err = keydb_delete_keyblock (hd);
+++ err = opt.dry_run? 0 : keydb_delete_keyblock (hd);
++ if (err)
++ {
++ log_error (_("deleting keyblock failed: %s\n"),
++@@ -234,7 +234,7 @@ do_delete_key (ctrl_t ctrl, const char *username, int secret, int force,
++ revalidation_mark(). This makes sense - only deleting keys
++ that have ownertrust set should trigger this. */
++
++- if (!secret && pk && clear_ownertrusts (ctrl, pk))
+++ if (!secret && pk && !opt.dry_run && clear_ownertrusts (ctrl, pk))
++ {
++ if (opt.verbose)
++ log_info (_("ownertrust information cleared\n"));
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Tue, 14 May 2019 07:56:10 +0200
++Subject: gpg: Do not print a hint to use the deprecated --keyserver option.
++
++* g10/keyserver.c (keyserver_search): Remove a specialized error
++message.
++--
++
++Dirmngr comes with a default keyserver and the suggestion to use
++gpg --keyserver
++is not good because that option is deprecated. An error message
++"No keyserver available" is sufficient.
++
++GnuPG-bug-id: 4512
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit 8d645f1d1f2b0f4e2d3b72f2a585acac4bdd8846)
++---
++ g10/keyserver.c | 4 +---
++ 1 file changed, 1 insertion(+), 3 deletions(-)
++
++diff --git a/g10/keyserver.c b/g10/keyserver.c
++index 865e1e9..cadb71f 100644
++--- a/g10/keyserver.c
+++++ b/g10/keyserver.c
++@@ -1537,9 +1537,7 @@ keyserver_search (ctrl_t ctrl, strlist_t tokens)
++ log_info (_("key not found on keyserver\n"));
++ }
++
++- if (gpg_err_code (err) == GPG_ERR_NO_KEYSERVER)
++- log_error (_("no keyserver known (use option --keyserver)\n"));
++- else if (gpg_err_code (err) == GPG_ERR_NO_DATA)
+++ if (gpg_err_code (err) == GPG_ERR_NO_DATA)
++ err = gpg_error (GPG_ERR_NOT_FOUND);
++ else if (err)
++ log_error ("error searching keyserver: %s\n", gpg_strerror (err));
--- /dev/null
--- /dev/null
++From: Trevor Bentley <trevor@yubico.com>
++Date: Mon, 25 Mar 2019 15:19:47 +0100
++Subject: gpg: Don't use EdDSA algo ID for ECDSA curves.
++
++* g10/keygen.c (ask_curve): Change algo ID to ECDSA if it changed from
++an EdDSA curve.
++
++--
++
++(cherry picked from commit 4324560b2c0bb76a1769535c383424a042e505ae)
++
++This change matters when it is called from ask_card_keyattr.
++
++Some-comments-by: NIIBE Yutaka <gniibe@fsij.org>
++(cherry picked from commit 2f455d18ab99a1d94029d3f607ae918bd5c9fecf)
++---
++ g10/keygen.c | 25 ++++++++++++++++++-------
++ 1 file changed, 18 insertions(+), 7 deletions(-)
++
++diff --git a/g10/keygen.c b/g10/keygen.c
++index a8333b0..9edbdff 100644
++--- a/g10/keygen.c
+++++ b/g10/keygen.c
++@@ -2355,14 +2355,25 @@ ask_curve (int *algo, int *subkey_algo, const char *current)
++ else
++ {
++ /* If the user selected a signing algorithm and Curve25519
++- we need to set the algo to EdDSA and update the curve name. */
++- if ((*algo == PUBKEY_ALGO_ECDSA || *algo == PUBKEY_ALGO_EDDSA)
++- && curves[idx].eddsa_curve)
+++ we need to set the algo to EdDSA and update the curve name.
+++ If switching away from EdDSA, we need to set the algo back
+++ to ECDSA. */
+++ if (*algo == PUBKEY_ALGO_ECDSA || *algo == PUBKEY_ALGO_EDDSA)
++ {
++- if (subkey_algo && *subkey_algo == PUBKEY_ALGO_ECDSA)
++- *subkey_algo = PUBKEY_ALGO_EDDSA;
++- *algo = PUBKEY_ALGO_EDDSA;
++- result = curves[idx].eddsa_curve;
+++ if (curves[idx].eddsa_curve)
+++ {
+++ if (subkey_algo && *subkey_algo == PUBKEY_ALGO_ECDSA)
+++ *subkey_algo = PUBKEY_ALGO_EDDSA;
+++ *algo = PUBKEY_ALGO_EDDSA;
+++ result = curves[idx].eddsa_curve;
+++ }
+++ else
+++ {
+++ if (subkey_algo && *subkey_algo == PUBKEY_ALGO_EDDSA)
+++ *subkey_algo = PUBKEY_ALGO_ECDSA;
+++ *algo = PUBKEY_ALGO_ECDSA;
+++ result = curves[idx].name;
+++ }
++ }
++ else
++ result = curves[idx].name;
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Thu, 11 Apr 2019 09:43:33 +0200
++Subject: gpg: Set a limit of 5 to the number of keys imported from the WKD.
++
++* g10/import.c (import): Limit the number of considered keys to 5.
++(import_one): Return the first fingerprint in case of WKD.
++--
++
++The Web Key Directory should carry only one key. However, some
++providers like to put old or expired keys also into the WKD. I don't
++thunk that this is a good idea but I heard claims that this is needed
++for them to migrate existing key data bases.
++
++This patch puts a limit on 5 on it (we had none right now) and also
++fixes the issue that gpg could not work immediately with the requested
++key because the code uses the fingerprint of the key to use the
++imported key. Now the first key is used. On a second try (w/o
++accessing the WKD) the regular key selection mechanism would be in
++effect. I think this is the most conservative approach. Let's see
++whether it helps.
++
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit e9fcb0361ab4ef1f6fb0ea235f1b15667932aba2)
++---
++ g10/import.c | 25 +++++++++++++++++++++----
++ 1 file changed, 21 insertions(+), 4 deletions(-)
++
++diff --git a/g10/import.c b/g10/import.c
++index aeab4e0..3c8d0fe 100644
++--- a/g10/import.c
+++++ b/g10/import.c
++@@ -665,6 +665,18 @@ import (ctrl_t ctrl, IOBUF inp, const char* fname,struct import_stats_s *stats,
++
++ if (!(++stats->count % 100) && !opt.quiet)
++ log_info (_("%lu keys processed so far\n"), stats->count );
+++
+++ if (origin == KEYORG_WKD && stats->count >= 5)
+++ {
+++ /* We limit the number of keys _received_ from the WKD to 5.
+++ * In fact there should be only one key but some sites want
+++ * to store a few expired keys there also. gpg's key
+++ * selection will later figure out which key to use. Note
+++ * that for WKD we always return the fingerprint of the
+++ * first imported key. */
+++ log_info ("import from WKD stopped after %d keys\n", 5);
+++ break;
+++ }
++ }
++ stats->v3keys += v3keys;
++ if (rc == -1)
++@@ -2183,14 +2195,19 @@ import_one (ctrl_t ctrl,
++ fingerprint of the key in all cases. */
++ if (fpr)
++ {
++- xfree (*fpr);
++ /* Note that we need to compare against 0 here because
++ COUNT gets only incremented after returning from this
++ function. */
++ if (!stats->count)
++- *fpr = fingerprint_from_pk (pk, NULL, fpr_len);
++- else
++- *fpr = NULL;
+++ {
+++ xfree (*fpr);
+++ *fpr = fingerprint_from_pk (pk, NULL, fpr_len);
+++ }
+++ else if (origin != KEYORG_WKD)
+++ {
+++ xfree (*fpr);
+++ *fpr = NULL;
+++ }
++ }
++ }
++
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Fri, 3 May 2019 10:53:34 +0200
++Subject: gpg: Use just the addrspec from the Signer's UID.
++
++* g10/parse-packet.c (parse_signature): Take only the addrspec from a
++Signer's UID subpacket.
++--
++
++This is to address a problem in the currentr OpenKeychain which put
++the entire UID into the subpacket. For example our Tofu code can only
++use the addrspec and not the entire UID.
++
++Reported-by: Wiktor Kwapisiewicz <wiktor@metacode.biz>
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit 05204b72497db093f5d2da4a2446c0264a946296)
++---
++ g10/parse-packet.c | 9 +++++++++
++ 1 file changed, 9 insertions(+)
++
++diff --git a/g10/parse-packet.c b/g10/parse-packet.c
++index 05f63e9..3aa11a4 100644
++--- a/g10/parse-packet.c
+++++ b/g10/parse-packet.c
++@@ -35,6 +35,7 @@
++ #include "main.h"
++ #include "../common/i18n.h"
++ #include "../common/host2net.h"
+++#include "../common/mbox-util.h"
++
++
++ /* Maximum length of packets to avoid excessive memory allocation. */
++@@ -2064,12 +2065,20 @@ parse_signature (IOBUF inp, int pkttype, unsigned long pktlen,
++ p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_SIGNERS_UID, &len);
++ if (p && len)
++ {
+++ char *mbox;
+++
++ sig->signers_uid = try_make_printable_string (p, len, 0);
++ if (!sig->signers_uid)
++ {
++ rc = gpg_error_from_syserror ();
++ goto leave;
++ }
+++ mbox = mailbox_from_userid (sig->signers_uid);
+++ if (mbox)
+++ {
+++ xfree (sig->signers_uid);
+++ sig->signers_uid = mbox;
+++ }
++ }
++
++ p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_NOTATION, NULL);
--- /dev/null
--- /dev/null
++From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Date: Mon, 13 May 2019 21:22:38 -0400
++Subject: gpg: enable OpenPGP export of cleartext keys with comments
++
++* g10/export.c (cleartext_secret_key_to_openpgp): ignore trailing
++sublists in private-key S-expression.
++
++--
++
++When gpg-agent learns about a private key from its ssh-agent
++interface, it stores its S-expression with the comment attached. The
++export mechanism for OpenPGP keys already in cleartext was too brittle
++because it would choke on these comments. This change lets it ignore
++any additional trailing sublists.
++
++Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Gnupg-Bug-Id: 4490
++(cherry picked from commit 9c704d9d46338769a66bfc6c378efeda3c4bd9ec)
++---
++ g10/export.c | 5 ++++-
++ 1 file changed, 4 insertions(+), 1 deletion(-)
++
++diff --git a/g10/export.c b/g10/export.c
++index e94e959..70f5261 100644
++--- a/g10/export.c
+++++ b/g10/export.c
++@@ -596,7 +596,10 @@ cleartext_secret_key_to_openpgp (gcry_sexp_t s_key, PKT_public_key *pk)
++ top_list = gcry_sexp_find_token (s_key, "private-key", 0);
++ if (!top_list)
++ goto bad_seckey;
++- if (gcry_sexp_length(top_list) != 2)
+++
+++ /* ignore all S-expression after the first sublist -- we assume that
+++ they are comments or otherwise irrelevant to OpenPGP */
+++ if (gcry_sexp_length(top_list) < 2)
++ goto bad_seckey;
++ key = gcry_sexp_nth (top_list, 1);
++ if (!key)
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Thu, 16 May 2019 12:24:08 +0200
++Subject: gpgconf: Before --launch check that the config file is fine.
++
++* tools/gpgconf-comp.c (gc_component_launch): Check the conf file.
++* tools/gpgconf.c (gpgconf_failure): Call log_flush.
++--
++GnuPG-bug-id: 4497
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit 3a28706cfd960ff84dda9a22aa2f160b4c2efbb5)
++---
++ tools/gpgconf-comp.c | 18 ++++++++++++++----
++ tools/gpgconf.c | 1 +
++ 2 files changed, 15 insertions(+), 4 deletions(-)
++
++diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c
++index adecfde..7f7440b 100644
++--- a/tools/gpgconf-comp.c
+++++ b/tools/gpgconf-comp.c
++@@ -1297,8 +1297,17 @@ gc_component_launch (int component)
++ if (!(component == GC_COMPONENT_GPG_AGENT
++ || component == GC_COMPONENT_DIRMNGR))
++ {
++- es_fputs (_("Component not suitable for launching"), es_stderr);
++- es_putc ('\n', es_stderr);
+++ log_error ("%s\n", _("Component not suitable for launching"));
+++ gpgconf_failure (0);
+++ }
+++
+++ if (gc_component_check_options (component, NULL, NULL))
+++ {
+++ log_error (_("Configuration file of component %s is broken\n"),
+++ gc_component[component].name);
+++ if (!opt.quiet)
+++ log_info (_("Note: Use the command \"%s%s\" to get details.\n"),
+++ "gpgconf --check-options ", gc_component[component].name);
++ gpgconf_failure (0);
++ }
++
++@@ -1709,8 +1718,9 @@ collect_error_output (estream_t fp, const char *tag)
++ }
++
++
++-/* Check the options of a single component. Returns 0 if everything
++- is OK. */
+++/* Check the options of a single component. If CONF_FILE is NULL the
+++ * standard config file is used. If OUT is not NULL the output is
+++ * written to that stream. Returns 0 if everything is OK. */
++ int
++ gc_component_check_options (int component, estream_t out, const char *conf_file)
++ {
++diff --git a/tools/gpgconf.c b/tools/gpgconf.c
++index 59085d8..bca6efb 100644
++--- a/tools/gpgconf.c
+++++ b/tools/gpgconf.c
++@@ -881,6 +881,7 @@ main (int argc, char **argv)
++ void
++ gpgconf_failure (gpg_error_t err)
++ {
+++ log_flush ();
++ if (!err)
++ err = gpg_error (GPG_ERR_GENERAL);
++ gpgconf_write_status
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Wed, 15 May 2019 08:50:15 +0200
++Subject: gpgconf: Support --homedir for --launch.
++
++* tools/gpgconf-comp.c (gpg_agent_runtime_change): Simplify because
++gnupg_homedir already returns abd absolute name.
++(scdaemon_runtime_change): Ditto.
++(dirmngr_runtime_change): Ditto.
++(gc_component_launch): Support --homedir.
++--
++
++GnuPG-bug-id: 4496
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit 31e26037bd727a6ee9c96ba168a55c4f9def43b6)
++---
++ doc/tools.texi | 2 ++
++ tools/gpgconf-comp.c | 25 +++++++++----------------
++ 2 files changed, 11 insertions(+), 16 deletions(-)
++
++diff --git a/doc/tools.texi b/doc/tools.texi
++index b1e8b0b..467fcdc 100644
++--- a/doc/tools.texi
+++++ b/doc/tools.texi
++@@ -393,6 +393,8 @@ extends numerical field values by human-readable descriptions.
++ @opindex quiet
++ Try to be as quiet as possible.
++
+++@include opt-homedir.texi
+++
++ @item -n
++ @itemx --dry-run
++ Do not actually change anything. This is currently only implemented
++diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c
++index b10b146..adecfde 100644
++--- a/tools/gpgconf-comp.c
+++++ b/tools/gpgconf-comp.c
++@@ -1180,12 +1180,8 @@ gpg_agent_runtime_change (int killflag)
++ pgmname = gnupg_module_name (GNUPG_MODULE_NAME_CONNECT_AGENT);
++ if (!gnupg_default_homedir_p ())
++ {
++- abs_homedir = make_absfilename_try (gnupg_homedir (), NULL);
++- if (!abs_homedir)
++- err = gpg_error_from_syserror ();
++-
++ argv[i++] = "--homedir";
++- argv[i++] = abs_homedir;
+++ argv[i++] = gnupg_homedir ();
++ }
++ argv[i++] = "--no-autostart";
++ argv[i++] = killflag? "KILLAGENT" : "RELOADAGENT";
++@@ -1223,12 +1219,8 @@ scdaemon_runtime_change (int killflag)
++ pgmname = gnupg_module_name (GNUPG_MODULE_NAME_CONNECT_AGENT);
++ if (!gnupg_default_homedir_p ())
++ {
++- abs_homedir = make_absfilename_try (gnupg_homedir (), NULL);
++- if (!abs_homedir)
++- err = gpg_error_from_syserror ();
++-
++ argv[i++] = "--homedir";
++- argv[i++] = abs_homedir;
+++ argv[i++] = gnupg_homedir ();
++ }
++ argv[i++] = "-s";
++ argv[i++] = "--no-autostart";
++@@ -1267,12 +1259,8 @@ dirmngr_runtime_change (int killflag)
++ argv[3] = NULL;
++ else
++ {
++- abs_homedir = make_absfilename_try (gnupg_homedir (), NULL);
++- if (!abs_homedir)
++- err = gpg_error_from_syserror ();
++-
++ argv[3] = "--homedir";
++- argv[4] = abs_homedir;
+++ argv[4] = gnupg_homedir ();
++ argv[5] = NULL;
++ }
++
++@@ -1294,7 +1282,7 @@ gc_component_launch (int component)
++ {
++ gpg_error_t err;
++ const char *pgmname;
++- const char *argv[3];
+++ const char *argv[5];
++ int i;
++ pid_t pid;
++
++@@ -1316,6 +1304,11 @@ gc_component_launch (int component)
++
++ pgmname = gnupg_module_name (GNUPG_MODULE_NAME_CONNECT_AGENT);
++ i = 0;
+++ if (!gnupg_default_homedir_p ())
+++ {
+++ argv[i++] = "--homedir";
+++ argv[i++] = gnupg_homedir ();
+++ }
++ if (component == GC_COMPONENT_DIRMNGR)
++ argv[i++] = "--dirmngr";
++ argv[i++] = "NOP";
--- /dev/null
--- /dev/null
++From: Peter Lebbing <peter@digitalbrains.com>
++Date: Tue, 2 Jul 2019 10:28:56 +0200
++Subject: Mention --sender in documentation
++
++(cherry picked from commit 37b549dfe0acd362399debd7c93794eb75937402)
++---
++ doc/gpg.texi | 10 +++++-----
++ 1 file changed, 5 insertions(+), 5 deletions(-)
++
++diff --git a/doc/gpg.texi b/doc/gpg.texi
++index ff2c0cf..5c3bd48 100644
++--- a/doc/gpg.texi
+++++ b/doc/gpg.texi
++@@ -2609,11 +2609,11 @@ allows for this.
++
++ @item --disable-signer-uid
++ @opindex disable-signer-uid
++-By default the user ID of the signing key is embedded in the data
++-signature. As of now this is only done if the signing key has been
++-specified with @option{local-user} using a mail address. This
++-information can be helpful for verifier to locate the key; see
++-option @option{--auto-key-retrieve}.
+++By default the user ID of the signing key is embedded in the data signature.
+++As of now this is only done if the signing key has been specified with
+++@option{local-user} using a mail address, or with @option{sender}. This
+++information can be helpful for verifier to locate the key; see option
+++@option{--auto-key-retrieve}.
++
++ @item --personal-cipher-preferences @var{string}
++ @opindex personal-cipher-preferences
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Mon, 3 Jun 2019 16:31:58 +0200
++Subject: Return better error code for some getinfo IPC commands.
++
++* agent/command.c (cmd_getinfo): Return GPG_ERR_FALSE as boolean False.
++* g13/server.c (cmd_getinfo): Ditto.
++* sm/server.c (cmd_getinfo): Ditto.
++--
++
++GPG_ERR_FALSE was introduced with libgpg-error 1.21 and we now require
++a later version for gnupg 2. Thus we can switch to this more
++descriptive code.
++
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit f3251023750d6bd9023dbb8373c804d7d4540a56)
++---
++ agent/command.c | 6 +++---
++ g13/server.c | 2 +-
++ sm/server.c | 4 ++--
++ 3 files changed, 6 insertions(+), 6 deletions(-)
++
++diff --git a/agent/command.c b/agent/command.c
++index cf8a2e4..72b5973 100644
++--- a/agent/command.c
+++++ b/agent/command.c
++@@ -2887,7 +2887,7 @@ cmd_getinfo (assuan_context_t ctx, char *line)
++ {
++ cmdopt = line;
++ if (!command_has_option (cmd, cmdopt))
++- rc = gpg_error (GPG_ERR_GENERAL);
+++ rc = gpg_error (GPG_ERR_FALSE);
++ }
++ }
++ }
++@@ -2901,7 +2901,7 @@ cmd_getinfo (assuan_context_t ctx, char *line)
++ }
++ else if (!strcmp (line, "restricted"))
++ {
++- rc = ctrl->restricted? 0 : gpg_error (GPG_ERR_GENERAL);
+++ rc = ctrl->restricted? 0 : gpg_error (GPG_ERR_FALSE);
++ }
++ else if (ctrl->restricted)
++ {
++@@ -2935,7 +2935,7 @@ cmd_getinfo (assuan_context_t ctx, char *line)
++ }
++ else if (!strcmp (line, "scd_running"))
++ {
++- rc = agent_scd_check_running ()? 0 : gpg_error (GPG_ERR_GENERAL);
+++ rc = agent_scd_check_running ()? 0 : gpg_error (GPG_ERR_FALSE);
++ }
++ else if (!strcmp (line, "std_env_names"))
++ {
++diff --git a/g13/server.c b/g13/server.c
++index defde6c..7802952 100644
++--- a/g13/server.c
+++++ b/g13/server.c
++@@ -530,7 +530,7 @@ cmd_getinfo (assuan_context_t ctx, char *line)
++ {
++ cmdopt = line;
++ if (!command_has_option (cmd, cmdopt))
++- err = gpg_error (GPG_ERR_GENERAL);
+++ err = gpg_error (GPG_ERR_FALSE);
++ }
++ }
++ }
++diff --git a/sm/server.c b/sm/server.c
++index 98505e2..77ec07f 100644
++--- a/sm/server.c
+++++ b/sm/server.c
++@@ -1162,14 +1162,14 @@ cmd_getinfo (assuan_context_t ctx, char *line)
++ {
++ cmdopt = line;
++ if (!command_has_option (cmd, cmdopt))
++- rc = gpg_error (GPG_ERR_GENERAL);
+++ rc = gpg_error (GPG_ERR_FALSE);
++ }
++ }
++ }
++ }
++ else if (!strcmp (line, "offline"))
++ {
++- rc = ctrl->offline? 0 : gpg_error (GPG_ERR_GENERAL);
+++ rc = ctrl->offline? 0 : gpg_error (GPG_ERR_FALSE);
++ }
++ else
++ rc = set_error (GPG_ERR_ASS_PARAMETER, "unknown value for WHAT");
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Wed, 3 Jul 2019 17:39:53 +0200
++Subject: dirmngr: Avoid endless loop in case of HTTP error 503.
++
++* dirmngr/ks-engine-hkp.c (SEND_REQUEST_EXTRA_RETRIES): New.
++(handle_send_request_error): Use it for 503 and 504.
++(ks_hkp_search, ks_hkp_get, ks_hkp_put): Pass a new var for
++extra_tries.
++--
++
++This is a pretty stupid fix but one which works without much risk of
++regressions. We could have used the existing TRIES but in that case
++the fallback to other host would have been too limited. With the used
++value we can have several fallbacks to other hosts. Note that the
++TRIES is still cumulative and not per host.
++
++GnuPG-bug-id: 4600
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit 8b113bb148f273524682252233b3c65954e1419e)
++(cherry picked from commit d2e8d71251813e61b15a07637497fabe823b822c)
++---
++ dirmngr/ks-engine-hkp.c | 43 +++++++++++++++++++++++++++++++++----------
++ 1 file changed, 33 insertions(+), 10 deletions(-)
++
++diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c
++index 8754a6b..3ebd651 100644
++--- a/dirmngr/ks-engine-hkp.c
+++++ b/dirmngr/ks-engine-hkp.c
++@@ -67,6 +67,10 @@
++ /* Number of retries done for a dead host etc. */
++ #define SEND_REQUEST_RETRIES 3
++
+++/* Number of retries done in case of transient errors. */
+++#define SEND_REQUEST_EXTRA_RETRIES 5
+++
+++
++ enum ks_protocol { KS_PROTOCOL_HKP, KS_PROTOCOL_HKPS, KS_PROTOCOL_MAX };
++
++ /* Objects used to maintain information about hosts. */
++@@ -1306,10 +1310,12 @@ send_request (ctrl_t ctrl, const char *request, const char *hostportstr,
++ with REQUEST. The function returns true if the caller shall try
++ again. TRIES_LEFT points to a variable to track the number of
++ retries; this function decrements it and won't return true if it is
++- down to zero. */
+++ down to zero. EXTRA_TRIES_LEFT does the same but only for
+++ transient http status codes. */
++ static int
++ handle_send_request_error (ctrl_t ctrl, gpg_error_t err, const char *request,
++- unsigned int http_status, unsigned int *tries_left)
+++ unsigned int http_status, unsigned int *tries_left,
+++ unsigned int *extra_tries_left)
++ {
++ int retry = 0;
++
++@@ -1365,9 +1371,12 @@ handle_send_request_error (ctrl_t ctrl, gpg_error_t err, const char *request,
++
++ case 503: /* Service Unavailable */
++ case 504: /* Gateway Timeout */
++- log_info ("selecting a different host due to a %u (%s)",
++- http_status, http_status2string (http_status));
++- retry = 1;
+++ if (*extra_tries_left)
+++ {
+++ log_info ("selecting a different host due to a %u (%s)",
+++ http_status, http_status2string (http_status));
+++ retry = 2;
+++ }
++ break;
++ }
++ }
++@@ -1377,8 +1386,16 @@ handle_send_request_error (ctrl_t ctrl, gpg_error_t err, const char *request,
++ break;
++ }
++
++- if (*tries_left)
++- --*tries_left;
+++ if (retry == 2)
+++ {
+++ if (*extra_tries_left)
+++ --*extra_tries_left;
+++ }
+++ else
+++ {
+++ if (*tries_left)
+++ --*tries_left;
+++ }
++
++ return retry;
++ }
++@@ -1403,6 +1420,7 @@ ks_hkp_search (ctrl_t ctrl, parsed_uri_t uri, const char *pattern,
++ char *httphost = NULL;
++ unsigned int http_status;
++ unsigned int tries = SEND_REQUEST_RETRIES;
+++ unsigned int extra_tries = SEND_REQUEST_EXTRA_RETRIES;
++
++ *r_fp = NULL;
++
++@@ -1484,7 +1502,8 @@ ks_hkp_search (ctrl_t ctrl, parsed_uri_t uri, const char *pattern,
++ /* Send the request. */
++ err = send_request (ctrl, request, hostport, httphost, httpflags,
++ NULL, NULL, &fp, &http_status);
++- if (handle_send_request_error (ctrl, err, request, http_status, &tries))
+++ if (handle_send_request_error (ctrl, err, request, http_status,
+++ &tries, &extra_tries))
++ {
++ reselect = 1;
++ goto again;
++@@ -1554,6 +1573,7 @@ ks_hkp_get (ctrl_t ctrl, parsed_uri_t uri, const char *keyspec, estream_t *r_fp)
++ unsigned int httpflags;
++ unsigned int http_status;
++ unsigned int tries = SEND_REQUEST_RETRIES;
+++ unsigned int extra_tries = SEND_REQUEST_EXTRA_RETRIES;
++
++ *r_fp = NULL;
++
++@@ -1626,7 +1646,8 @@ ks_hkp_get (ctrl_t ctrl, parsed_uri_t uri, const char *keyspec, estream_t *r_fp)
++ /* Send the request. */
++ err = send_request (ctrl, request, hostport, httphost, httpflags,
++ NULL, NULL, &fp, &http_status);
++- if (handle_send_request_error (ctrl, err, request, http_status, &tries))
+++ if (handle_send_request_error (ctrl, err, request, http_status,
+++ &tries, &extra_tries))
++ {
++ reselect = 1;
++ goto again;
++@@ -1702,6 +1723,7 @@ ks_hkp_put (ctrl_t ctrl, parsed_uri_t uri, const void *data, size_t datalen)
++ unsigned int httpflags;
++ unsigned int http_status;
++ unsigned int tries = SEND_REQUEST_RETRIES;
+++ unsigned int extra_tries = SEND_REQUEST_EXTRA_RETRIES;
++
++ parm.datastring = NULL;
++
++@@ -1740,7 +1762,8 @@ ks_hkp_put (ctrl_t ctrl, parsed_uri_t uri, const void *data, size_t datalen)
++ /* Send the request. */
++ err = send_request (ctrl, request, hostport, httphost, 0,
++ put_post_cb, &parm, &fp, &http_status);
++- if (handle_send_request_error (ctrl, err, request, http_status, &tries))
+++ if (handle_send_request_error (ctrl, err, request, http_status,
+++ &tries, &extra_tries))
++ {
++ reselect = 1;
++ goto again;
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Wed, 3 Jul 2019 16:20:00 +0200
++Subject: dirmngr: Do not rewrite the redirection for the "openpgpkey"
++ subdomain.
++
++* dirmngr/http.c (same_host_p): Consider certain subdomains to be the
++same.
++--
++
++GnuPG-bug-id: 4603
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit 37f0c55c7be3fc4912237f2bc72466aef6f8aa36)
++(cherry picked from commit c9b133a54e93b7f2365b5d6b1c39ec2cc6dac8f9)
++---
++ dirmngr/http.c | 20 ++++++++++++++++++++
++ 1 file changed, 20 insertions(+)
++
++diff --git a/dirmngr/http.c b/dirmngr/http.c
++index 384f256..d2456c6 100644
++--- a/dirmngr/http.c
+++++ b/dirmngr/http.c
++@@ -3533,6 +3533,10 @@ same_host_p (parsed_uri_t a, parsed_uri_t b)
++ { NULL, "api.protonmail.ch" },
++ { "pm.me", "api.protonmail.ch" }
++ };
+++ static const char *subdomains[] =
+++ {
+++ "openpgpkey."
+++ };
++ int i;
++ const char *from;
++
++@@ -3554,6 +3558,22 @@ same_host_p (parsed_uri_t a, parsed_uri_t b)
++ return 1;
++ }
++
+++ /* Also consider hosts the same if they differ only in a subdomain;
+++ * in both direction. This allows to have redirection between the
+++ * WKD advanced and direct lookup methods. */
+++ for (i=0; i < DIM (subdomains); i++)
+++ {
+++ const char *subdom = subdomains[i];
+++ size_t subdomlen = strlen (subdom);
+++
+++ if (!ascii_strncasecmp (a->host, subdom, subdomlen)
+++ && !ascii_strcasecmp (a->host + subdomlen, b->host))
+++ return 1;
+++ if (!ascii_strncasecmp (b->host, subdom, subdomlen)
+++ && !ascii_strcasecmp (b->host + subdomlen, a->host))
+++ return 1;
+++ }
+++
++ return 0;
++ }
++
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Wed, 3 Jul 2019 15:29:41 +0200
++Subject: dirmngr: Support the new WKD draft with the openpgpkey subdomain.
++
++* dirmngr/server.c (proc_wkd_get): Implement new openpgpkey subdomain
++method.
++
++--
++Also includes actual backport fix from
++2c6d94702a676de9fadaaf003b9c80dc76c02f92
++
++GnuPG-bug-id: 4590
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit 914fa3be22bf8848a97a7dd405a040d6ef31e2fd)
++(cherry picked from commit 458973f502b9a43ecf29e804a2c0c86e78f5927a)
++---
++ dirmngr/server.c | 64 +++++++++++++++++++++++++++++++++++++++++++++++++-------
++ 1 file changed, 56 insertions(+), 8 deletions(-)
++
++diff --git a/dirmngr/server.c b/dirmngr/server.c
++index 272b95a..5e8ea5e 100644
++--- a/dirmngr/server.c
+++++ b/dirmngr/server.c
++@@ -837,8 +837,11 @@ proc_wkd_get (ctrl_t ctrl, assuan_context_t ctx, char *line)
++ gpg_error_t err = 0;
++ char *mbox = NULL;
++ char *domainbuf = NULL;
++- char *domain; /* Points to mbox or domainbuf. */
++- char *domain_orig;/* Points to mbox. */
+++ char *domain; /* Points to mbox or domainbuf. This is used to
+++ * connect to the host. */
+++ char *domain_orig;/* Points to mbox. This is the used for the
+++ * query; i.e. the domain part of the
+++ * addrspec. */
++ char sha1buf[20];
++ char *uri = NULL;
++ char *encodedhash = NULL;
++@@ -847,6 +850,7 @@ proc_wkd_get (ctrl_t ctrl, assuan_context_t ctx, char *line)
++ int is_wkd_query; /* True if this is a real WKD query. */
++ int no_log = 0;
++ char portstr[20] = { 0 };
+++ int subdomain_mode = 0;
++
++ opt_submission_addr = has_option (line, "--submission-address");
++ opt_policy_flags = has_option (line, "--policy-flags");
++@@ -864,7 +868,8 @@ proc_wkd_get (ctrl_t ctrl, assuan_context_t ctx, char *line)
++ *domain++ = 0;
++ domain_orig = domain;
++
++- /* First check whether we already know that the domain does not
+++
+++ /* Let's check whether we already know that the domain does not
++ * support WKD. */
++ if (is_wkd_query)
++ {
++@@ -875,8 +880,41 @@ proc_wkd_get (ctrl_t ctrl, assuan_context_t ctx, char *line)
++ }
++ }
++
++- /* Check for SRV records. */
++- if (1)
+++
+++ /* First try the new "openpgp" subdomain. We check that the domain
+++ * is valid because it is later used as an unescaped filename part
+++ * of the URI. */
+++ if (is_valid_domain_name (domain_orig))
+++ {
+++ dns_addrinfo_t aibuf;
+++
+++ domainbuf = strconcat ( "openpgpkey.", domain_orig, NULL);
+++ if (!domainbuf)
+++ {
+++ err = gpg_error_from_syserror ();
+++ goto leave;
+++ }
+++
+++ /* FIXME: We should put a cache into dns-stuff because the same
+++ * query (with a different port and socket type, though) will be
+++ * done later by http function. */
+++ err = resolve_dns_name (domainbuf, 0, 0, 0, &aibuf, NULL);
+++ if (err)
+++ {
+++ err = 0;
+++ xfree (domainbuf);
+++ domainbuf = NULL;
+++ }
+++ else /* Got a subdomain. */
+++ {
+++ free_dns_addrinfo (aibuf);
+++ subdomain_mode = 1;
+++ domain = domainbuf;
+++ }
+++ }
+++
+++ /* Check for SRV records unless we have a subdomain. */
+++ if (!subdomain_mode)
++ {
++ struct srventry *srvs;
++ unsigned int srvscount;
++@@ -931,6 +969,7 @@ proc_wkd_get (ctrl_t ctrl, assuan_context_t ctx, char *line)
++ xfree (srvs);
++ }
++
+++ /* Prepare the hash of the local part. */
++ gcry_md_hash_buffer (GCRY_MD_SHA1, sha1buf, mbox, strlen (mbox));
++ encodedhash = zb32_encode (sha1buf, 8*20);
++ if (!encodedhash)
++@@ -944,7 +983,10 @@ proc_wkd_get (ctrl_t ctrl, assuan_context_t ctx, char *line)
++ uri = strconcat ("https://",
++ domain,
++ portstr,
++- "/.well-known/openpgpkey/submission-address",
+++ "/.well-known/openpgpkey/",
+++ subdomain_mode? domain_orig : "",
+++ subdomain_mode? "/" : "",
+++ "submission-address",
++ NULL);
++ }
++ else if (opt_policy_flags)
++@@ -952,7 +994,10 @@ proc_wkd_get (ctrl_t ctrl, assuan_context_t ctx, char *line)
++ uri = strconcat ("https://",
++ domain,
++ portstr,
++- "/.well-known/openpgpkey/policy",
+++ "/.well-known/openpgpkey/",
+++ subdomain_mode? domain_orig : "",
+++ subdomain_mode? "/" : "",
+++ "policy",
++ NULL);
++ }
++ else
++@@ -965,7 +1010,10 @@ proc_wkd_get (ctrl_t ctrl, assuan_context_t ctx, char *line)
++ uri = strconcat ("https://",
++ domain,
++ portstr,
++- "/.well-known/openpgpkey/hu/",
+++ "/.well-known/openpgpkey/",
+++ subdomain_mode? domain_orig : "",
+++ subdomain_mode? "/" : "",
+++ "hu/",
++ encodedhash,
++ "?l=",
++ escapedmbox,
--- /dev/null
--- /dev/null
++From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Date: Tue, 11 Jun 2019 08:25:46 +0100
++Subject: dirmngr: fix handling of HTTPS redirections during HKP
++
++* dirmngr/ks-engine-hkp.c (send_request): Reinitialize HTTP session when
++following a HTTP redirection.
++
++--
++inspired by patch from Damien Goutte-Gattat <dgouttegattat@incenp.org>
++
++GnuPG-Bug_id: 4566
++Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++(cherry picked from commit efb6e08ea2ca1cf2d39135d94195802cd69b9ea6)
++---
++ dirmngr/ks-engine-hkp.c | 4 +++-
++ 1 file changed, 3 insertions(+), 1 deletion(-)
++
++diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c
++index 3ebd651..9ca1cae 100644
++--- a/dirmngr/ks-engine-hkp.c
+++++ b/dirmngr/ks-engine-hkp.c
++@@ -1174,6 +1174,7 @@ send_request (ctrl_t ctrl, const char *request, const char *hostportstr,
++ /* FIXME: I am not sure whey we allow a downgrade for hkp requests.
++ * Needs at least an explanation here.. */
++
+++ once_more:
++ err = http_session_new (&session, httphost,
++ ((ctrl->http_no_crl? HTTP_FLAG_NO_CRL : 0)
++ | HTTP_FLAG_TRUST_DEF),
++@@ -1183,7 +1184,6 @@ send_request (ctrl_t ctrl, const char *request, const char *hostportstr,
++ http_session_set_log_cb (session, cert_log_cb);
++ http_session_set_timeout (session, ctrl->timeout);
++
++- once_more:
++ err = http_open (&http,
++ post_cb? HTTP_REQ_POST : HTTP_REQ_GET,
++ request,
++@@ -1263,6 +1263,8 @@ send_request (ctrl_t ctrl, const char *request, const char *hostportstr,
++ request = request_buffer;
++ http_close (http, 0);
++ http = NULL;
+++ http_session_release (session);
+++ session = NULL;
++ }
++ goto once_more;
++
--- /dev/null
--- /dev/null
++From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Date: Tue, 28 May 2019 21:09:13 -0400
++Subject: doc/wks.texi: fix typo
++
++Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++(cherry picked from commit 175d194b5d6063895ecfcfed6ed2154e4a0d1421)
++---
++ doc/wks.texi | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/doc/wks.texi b/doc/wks.texi
++index ced418a..536f1fe 100644
++--- a/doc/wks.texi
+++++ b/doc/wks.texi
++@@ -61,7 +61,7 @@ Service provider. This is usuallay done to upload a key into a Web
++ Key Directory.
++
++ With the @option{--supported} command the caller can test whether a
++-site supports the Web Key Service. The argument is an arbitray
+++site supports the Web Key Service. The argument is an arbitrary
++ address in the to be tested domain. For example
++ @file{foo@@example.net}. The command returns success if the Web Key
++ Service is supported. The operation is silent; to get diagnostic
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Thu, 4 Jul 2019 15:45:39 +0200
++Subject: gpg: Add "self-sigs-only" and "import-clean" to the keyserver
++ options.
++
++* g10/gpg.c (main): Change default.
++--
++
++Due to the DoS attack on the keyeservers we do not anymore default to
++import key signatures. That makes the keyserver unsuable for getting
++keys for the WoT but it still allows to retriev keys - even if that
++takes long to download the large keyblocks.
++
++To revert to the old behavior add
++
++ keyserver-optiions no-self-sigs-only,no-import-clean
++
++to gpg.conf.
++
++GnuPG-bug-id: 4607
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit 23c978640812d123eaffd4108744bdfcf48f7c93)
++(cherry picked from commit 2b7151b0a57f5fe7d67fd76dfa1ba7a8731642c6)
++---
++ doc/gpg.texi | 5 +++++
++ g10/gpg.c | 4 +++-
++ 2 files changed, 8 insertions(+), 1 deletion(-)
++
++diff --git a/doc/gpg.texi b/doc/gpg.texi
++index 5c3bd48..c8fb241 100644
++--- a/doc/gpg.texi
+++++ b/doc/gpg.texi
++@@ -1907,6 +1907,11 @@ are available for all keyserver types, some common options are:
++
++ @end table
++
+++The default list of options is: "self-sigs-only, import-clean,
+++repair-keys, repair-pks-subkey-bug, export-attributes,
+++honor-pka-record".
+++
+++
++ @item --completes-needed @var{n}
++ @opindex compliant-needed
++ Number of completely trusted users to introduce a new
++diff --git a/g10/gpg.c b/g10/gpg.c
++index 0e98c1a..6e5e901 100644
++--- a/g10/gpg.c
+++++ b/g10/gpg.c
++@@ -2373,7 +2373,9 @@ main (int argc, char **argv)
++ opt.import_options = IMPORT_REPAIR_KEYS;
++ opt.export_options = EXPORT_ATTRIBUTES;
++ opt.keyserver_options.import_options = (IMPORT_REPAIR_KEYS
++- | IMPORT_REPAIR_PKS_SUBKEY_BUG);
+++ | IMPORT_REPAIR_PKS_SUBKEY_BUG
+++ | IMPORT_SELF_SIGS_ONLY
+++ | IMPORT_CLEAN);
++ opt.keyserver_options.export_options = EXPORT_ATTRIBUTES;
++ opt.keyserver_options.options = KEYSERVER_HONOR_PKA_RECORD;
++ opt.verify_options = (LIST_SHOW_UID_VALIDITY
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Tue, 9 Jul 2019 11:13:51 +0200
++Subject: gpg: Do not try the import fallback if the options are already used.
++
++* g10/import.c (import_one): Check options.
++
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit 3c2cf5ea952015a441ee5701c41dadc63be60d87)
++---
++ g10/import.c | 4 +++-
++ 1 file changed, 3 insertions(+), 1 deletion(-)
++
++diff --git a/g10/import.c b/g10/import.c
++index d509c8c..12f8f28 100644
++--- a/g10/import.c
+++++ b/g10/import.c
++@@ -2310,7 +2310,9 @@ import_one (ctrl_t ctrl,
++ from_sk, silent, screener, screener_arg,
++ origin, url, r_valid);
++ if (gpg_err_code (err) == GPG_ERR_TOO_LARGE
++- && gpg_err_source (err) == GPG_ERR_SOURCE_KEYBOX)
+++ && gpg_err_source (err) == GPG_ERR_SOURCE_KEYBOX
+++ && ((options & (IMPORT_SELF_SIGS_ONLY | IMPORT_CLEAN))
+++ != (IMPORT_SELF_SIGS_ONLY | IMPORT_CLEAN)))
++ {
++ /* We hit the maximum image length. Ask the wrapper to do
++ * everything again but this time with some extra options. */
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Mon, 1 Jul 2019 21:53:55 +0200
++Subject: gpg: Fallback to import with self-sigs-only on too large keyblocks.
++
++* g10/import.c (import_one): Rename to ...
++(import_one_real): this. Do not print and update stats on keyring
++write errors.
++(import_one): New. Add fallback code.
++--
++
++GnuPG-bug-id: 4591
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit 3a403ab04eeb45f12b34f9d9c421dac93eaf2160)
++(cherry picked from commit a1f2f38dfb2ba5ed66d3aef66fc3be9b67f9b800)
++---
++ g10/import.c | 124 ++++++++++++++++++++++++++++++++++++++++++++++++-----------
++ 1 file changed, 102 insertions(+), 22 deletions(-)
++
++diff --git a/g10/import.c b/g10/import.c
++index a5b68e9..91222d2 100644
++--- a/g10/import.c
+++++ b/g10/import.c
++@@ -128,6 +128,7 @@ static int chk_self_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid,
++ static int delete_inv_parts (ctrl_t ctrl, kbnode_t keyblock,
++ u32 *keyid, unsigned int options);
++ static int any_uid_left (kbnode_t keyblock);
+++static void remove_all_non_self_sigs (kbnode_t *keyblock, u32 *keyid);
++ static int merge_blocks (ctrl_t ctrl, unsigned int options,
++ kbnode_t keyblock_orig,
++ kbnode_t keyblock, u32 *keyid,
++@@ -1765,12 +1766,12 @@ update_key_origin (kbnode_t keyblock, u32 curtime, int origin, const char *url)
++ * has valid parts.
++ */
++ static gpg_error_t
++-import_one (ctrl_t ctrl,
++- kbnode_t keyblock, struct import_stats_s *stats,
++- unsigned char **fpr, size_t *fpr_len, unsigned int options,
++- int from_sk, int silent,
++- import_screener_t screener, void *screener_arg,
++- int origin, const char *url, int *r_valid)
+++import_one_real (ctrl_t ctrl,
+++ kbnode_t keyblock, struct import_stats_s *stats,
+++ unsigned char **fpr, size_t *fpr_len, unsigned int options,
+++ int from_sk, int silent,
+++ import_screener_t screener, void *screener_arg,
+++ int origin, const char *url, int *r_valid)
++ {
++ gpg_error_t err = 0;
++ PKT_public_key *pk;
++@@ -1851,6 +1852,13 @@ import_one (ctrl_t ctrl,
++ return 0;
++ }
++
+++ /* Remove all non-self-sigs if requested. Noe that this is a NOP if
+++ * that option has been globally set but we may also be called
+++ * latter with the already parsed keyblock and a locally changed
+++ * option. This is why we need to remove them here as well. */
+++ if ((options & IMPORT_SELF_SIGS_ONLY))
+++ remove_all_non_self_sigs (&keyblock, keyid);
+++
++ collapse_uids(&keyblock);
++
++ /* Clean the key that we're about to import, to cut down on things
++@@ -2053,22 +2061,25 @@ import_one (ctrl_t ctrl,
++ hd = NULL;
++
++ /* We are ready. */
++- if (!opt.quiet && !silent)
+++ if (!err && !opt.quiet && !silent)
++ {
++ char *p = get_user_id_byfpr_native (ctrl, fpr2);
++ log_info (_("key %s: public key \"%s\" imported\n"),
++ keystr(keyid), p);
++ xfree(p);
++ }
++- if (is_status_enabled())
+++ if (!err && is_status_enabled())
++ {
++ char *us = get_long_user_id_string (ctrl, keyid);
++ write_status_text( STATUS_IMPORTED, us );
++ xfree(us);
++ print_import_ok (pk, 1);
++ }
++- stats->imported++;
++- new_key = 1;
+++ if (!err)
+++ {
+++ stats->imported++;
+++ new_key = 1;
+++ }
++ }
++ else /* Key already exists - merge. */
++ {
++@@ -2138,8 +2149,10 @@ import_one (ctrl_t ctrl,
++ keydb_release (hd);
++ hd = NULL;
++
++- /* We are ready. */
++- if (!opt.quiet && !silent)
+++ /* We are ready. Print and update stats if we got no error.
+++ * An error here comes from writing the keyblock and thus
+++ * very likely means that no update happened. */
+++ if (!err && !opt.quiet && !silent)
++ {
++ char *p = get_user_id_byfpr_native (ctrl, fpr2);
++ if (n_uids == 1 )
++@@ -2175,14 +2188,17 @@ import_one (ctrl_t ctrl,
++ xfree(p);
++ }
++
++- stats->n_uids +=n_uids;
++- stats->n_sigs +=n_sigs;
++- stats->n_subk +=n_subk;
++- stats->n_sigs_cleaned +=n_sigs_cleaned;
++- stats->n_uids_cleaned +=n_uids_cleaned;
++-
++- if (is_status_enabled () && !silent)
++- print_import_ok (pk, ((n_uids?2:0)|(n_sigs?4:0)|(n_subk?8:0)));
+++ if (!err)
+++ {
+++ stats->n_uids +=n_uids;
+++ stats->n_sigs +=n_sigs;
+++ stats->n_subk +=n_subk;
+++ stats->n_sigs_cleaned +=n_sigs_cleaned;
+++ stats->n_uids_cleaned +=n_uids_cleaned;
+++
+++ if (is_status_enabled () && !silent)
+++ print_import_ok (pk, ((n_uids?2:0)|(n_sigs?4:0)|(n_subk?8:0)));
+++ }
++ }
++ else
++ {
++@@ -2269,6 +2285,39 @@ import_one (ctrl_t ctrl,
++ }
++
++
+++/* Wrapper around import_one_real to retry the import in some cases. */
+++static gpg_error_t
+++import_one (ctrl_t ctrl,
+++ kbnode_t keyblock, struct import_stats_s *stats,
+++ unsigned char **fpr, size_t *fpr_len, unsigned int options,
+++ int from_sk, int silent,
+++ import_screener_t screener, void *screener_arg,
+++ int origin, const char *url, int *r_valid)
+++{
+++ gpg_error_t err;
+++
+++ err = import_one_real (ctrl, keyblock, stats, fpr, fpr_len, options,
+++ from_sk, silent, screener, screener_arg,
+++ origin, url, r_valid);
+++ if (gpg_err_code (err) == GPG_ERR_TOO_LARGE
+++ && gpg_err_source (err) == GPG_ERR_SOURCE_KEYBOX)
+++ {
+++ /* We hit the maximum image length. Ask the wrapper to do
+++ * everything again but this time with some extra options. */
+++ u32 keyid[2];
+++
+++ keyid_from_pk (keyblock->pkt->pkt.public_key, keyid);
+++ log_info ("key %s: keyblock too large, retrying with self-sigs-only\n",
+++ keystr (keyid));
+++ options |= IMPORT_SELF_SIGS_ONLY | IMPORT_CLEAN;
+++ err = import_one_real (ctrl, keyblock, stats, fpr, fpr_len, options,
+++ from_sk, silent, screener, screener_arg,
+++ origin, url, r_valid);
+++ }
+++ return err;
+++}
+++
+++
++ /* Transfer all the secret keys in SEC_KEYBLOCK to the gpg-agent. The
++ * function prints diagnostics and returns an error code. If BATCH is
++ * true the secret keys are stored by gpg-agent in the transfer format
++@@ -2946,7 +2995,7 @@ import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
++ /* The secret keyblock may not have nodes which are deleted in
++ * the public keyblock. Otherwise we would import just the
++ * secret key without having the public key. That would be
++- * surprising and clutters out private-keys-v1.d. */
+++ * surprising and clutters our private-keys-v1.d. */
++ err = resync_sec_with_pub_keyblock (&keyblock, pub_keyblock, &attic);
++ if (err)
++ goto leave;
++@@ -3759,8 +3808,39 @@ any_uid_left (kbnode_t keyblock)
++ }
++
++
+++/* Delete all non-self-sigs from KEYBLOCK.
+++ * Returns: True if the keyblock has changed. */
+++static void
+++remove_all_non_self_sigs (kbnode_t *keyblock, u32 *keyid)
+++{
+++ kbnode_t node;
+++ unsigned int dropped = 0;
++
++-/****************
+++ for (node = *keyblock; node; node = node->next)
+++ {
+++ if (is_deleted_kbnode (node))
+++ continue;
+++
+++ if (node->pkt->pkttype != PKT_SIGNATURE)
+++ continue;
+++
+++ if (node->pkt->pkt.signature->keyid[0] == keyid[0]
+++ && node->pkt->pkt.signature->keyid[1] == keyid[1])
+++ continue;
+++ delete_kbnode (node);
+++ dropped++;
+++ }
+++
+++ if (dropped)
+++ commit_kbnode (keyblock);
+++
+++ if (dropped && opt.verbose)
+++ log_info ("key %s: number of dropped non-self-signatures: %u\n",
+++ keystr (keyid), dropped);
+++}
+++
+++
+++/*
++ * It may happen that the imported keyblock has duplicated user IDs.
++ * We check this here and collapse those user IDs together with their
++ * sigs into one.
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Tue, 9 Jul 2019 11:07:35 +0200
++Subject: gpg: Fix regression in option "self-sigs-only".
++
++* g10/import.c (read_block): Make sure KEYID is availabale also on a
++pending packet.
++--
++
++Reported-by: Phil Pennock
++Fixes-commit: adb120e663fc5e78f714976c6e42ae233c1990b0
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit b6effaf4669b2c3707932e3c5f2f57df886d759e)
++---
++ g10/import.c | 12 +++++++++++-
++ 1 file changed, 11 insertions(+), 1 deletion(-)
++
++diff --git a/g10/import.c b/g10/import.c
++index 91222d2..d509c8c 100644
++--- a/g10/import.c
+++++ b/g10/import.c
++@@ -855,6 +855,7 @@ read_block( IOBUF a, unsigned int options,
++ kbnode_t root = NULL;
++ int in_cert, in_v3key, skip_sigs;
++ u32 keyid[2];
+++ int got_keyid = 0;
++ unsigned int dropped_nonselfsigs = 0;
++
++ *r_v3keys = 0;
++@@ -863,7 +864,11 @@ read_block( IOBUF a, unsigned int options,
++ {
++ root = new_kbnode( *pending_pkt );
++ *pending_pkt = NULL;
+++ log_assert (root->pkt->pkttype == PKT_PUBLIC_KEY
+++ || root->pkt->pkttype == PKT_SECRET_KEY);
++ in_cert = 1;
+++ keyid_from_pk (root->pkt->pkt.public_key, keyid);
+++ got_keyid = 1;
++ }
++ else
++ in_cert = 0;
++@@ -985,6 +990,7 @@ read_block( IOBUF a, unsigned int options,
++ goto x_default;
++ if (!(options & IMPORT_SELF_SIGS_ONLY))
++ goto x_default;
+++ log_assert (got_keyid);
++ if (pkt->pkt.signature->keyid[0] == keyid[0]
++ && pkt->pkt.signature->keyid[1] == keyid[1])
++ { /* This is likely a self-signature. We import this one.
++@@ -1007,6 +1013,11 @@ read_block( IOBUF a, unsigned int options,
++
++ case PKT_PUBLIC_KEY:
++ case PKT_SECRET_KEY:
+++ if (!got_keyid)
+++ {
+++ keyid_from_pk (pkt->pkt.public_key, keyid);
+++ got_keyid = 1;
+++ }
++ if (in_cert) /* Store this packet. */
++ {
++ *pending_pkt = pkt;
++@@ -1014,7 +1025,6 @@ read_block( IOBUF a, unsigned int options,
++ goto ready;
++ }
++ in_cert = 1;
++- keyid_from_pk (pkt->pkt.public_key, keyid);
++ goto x_default;
++
++ default:
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Mon, 1 Jul 2019 14:01:08 +0200
++Subject: gpg: Make read_block in import.c more flexible.
++
++* g10/import.c: Change arg 'with_meta' to 'options'. Change callers.
++--
++
++This chnage allows to pass more options to read_block.
++
++Signed-off-by: Werner Koch <wk@gnupg.org>
++(cherry picked from commit 15a425a1dfe60bd976b17671aa8e3d9aed12e1c0)
++---
++ g10/import.c | 23 +++++++++++------------
++ 1 file changed, 11 insertions(+), 12 deletions(-)
++
++diff --git a/g10/import.c b/g10/import.c
++index 3c8d0fe..6215d2b 100644
++--- a/g10/import.c
+++++ b/g10/import.c
++@@ -102,7 +102,7 @@ static int import (ctrl_t ctrl,
++ unsigned char **fpr, size_t *fpr_len, unsigned int options,
++ import_screener_t screener, void *screener_arg,
++ int origin, const char *url);
++-static int read_block (IOBUF a, int with_meta,
+++static int read_block (IOBUF a, unsigned int options,
++ PACKET **pending_pkt, kbnode_t *ret_root, int *r_v3keys);
++ static void revocation_present (ctrl_t ctrl, kbnode_t keyblock);
++ static gpg_error_t import_one (ctrl_t ctrl,
++@@ -585,8 +585,7 @@ import (ctrl_t ctrl, IOBUF inp, const char* fname,struct import_stats_s *stats,
++ release_armor_context (afx);
++ }
++
++- while (!(rc = read_block (inp, !!(options & IMPORT_RESTORE),
++- &pending_pkt, &keyblock, &v3keys)))
+++ while (!(rc = read_block (inp, options, &pending_pkt, &keyblock, &v3keys)))
++ {
++ stats->v3keys += v3keys;
++ if (keyblock->pkt->pkttype == PKT_PUBLIC_KEY)
++@@ -834,16 +833,16 @@ valid_keyblock_packet (int pkttype)
++ }
++
++
++-/****************
++- * Read the next keyblock from stream A.
++- * Meta data (ring trust packets) are only considered of WITH_META is set.
++- * PENDING_PKT should be initialized to NULL and not changed by the caller.
++- * Return: 0 = okay, -1 no more blocks or another errorcode.
++- * The int at R_V3KEY counts the number of unsupported v3
++- * keyblocks.
+++/* Read the next keyblock from stream A. Meta data (ring trust
+++ * packets) are only considered if OPTIONS has the IMPORT_RESTORE flag
+++ * set. PENDING_PKT should be initialized to NULL and not changed by
+++ * the caller.
+++ *
+++ * Returns 0 for okay, -1 no more blocks, or any other errorcode. The
+++ * integer at R_V3KEY counts the number of unsupported v3 keyblocks.
++ */
++ static int
++-read_block( IOBUF a, int with_meta,
+++read_block( IOBUF a, unsigned int options,
++ PACKET **pending_pkt, kbnode_t *ret_root, int *r_v3keys)
++ {
++ int rc;
++@@ -866,7 +865,7 @@ read_block( IOBUF a, int with_meta,
++ pkt = xmalloc (sizeof *pkt);
++ init_packet (pkt);
++ init_parse_packet (&parsectx, a);
++- if (!with_meta)
+++ if (!(options & IMPORT_RESTORE))
++ parsectx.skip_meta = 1;
++ in_v3key = 0;
++ skip_sigs = 0;
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Mon, 1 Jul 2019 15:14:59 +0200
++Subject: gpg: New import and keyserver option "self-sigs-only"
++
++* g10/options.h (IMPORT_SELF_SIGS_ONLY): New.
++* g10/import.c (parse_import_options): Add option "self-sigs-only".
++(read_block): Handle that option.
++--
++
++This option is intended to help against importing keys with many bogus
++key-signatures. It has obvious drawbacks and is not a bullet-proof
++solution because a self-signature can also be faked and would be
++detected only later.
++
++GnuPG-bug-id: 4591
++Signed-off-by: Werner Koch <wk@gnupg.org>
++
++(cherry picked from commit 15a425a1dfe60bd976b17671aa8e3d9aed12e1c0)
++(cherry picked from commit adb120e663fc5e78f714976c6e42ae233c1990b0)
++---
++ doc/gpg.texi | 8 ++++++++
++ g10/import.c | 40 ++++++++++++++++++++++++++++++++++++++--
++ g10/options.h | 1 +
++ 3 files changed, 47 insertions(+), 2 deletions(-)
++
++diff --git a/doc/gpg.texi b/doc/gpg.texi
++index 9853f69..ff2c0cf 100644
++--- a/doc/gpg.texi
+++++ b/doc/gpg.texi
++@@ -2322,6 +2322,14 @@ opposite meaning. The options are:
++ on the keyring. This option is the same as running the @option{--edit-key}
++ command "clean" after import. Defaults to no.
++
+++ @item self-sigs-only
+++ Accept only self-signatures while importing a key. All other
+++ key-signatures are skipped at an early import stage. This option
+++ can be used with @code{keyserver-options} to mitigate attempts to
+++ flood a key with bogus signatures from a keyserver. The drawback is
+++ that all other valid key-signatures, as required by the Web of Trust
+++ are also not imported.
+++
++ @item repair-keys
++ After import, fix various problems with the
++ keys. For example, this reorders signatures, and strips duplicate
++diff --git a/g10/import.c b/g10/import.c
++index 6215d2b..a5b68e9 100644
++--- a/g10/import.c
+++++ b/g10/import.c
++@@ -188,6 +188,9 @@ parse_import_options(char *str,unsigned int *options,int noisy)
++ {"import-minimal",IMPORT_MINIMAL|IMPORT_CLEAN,NULL,
++ N_("remove as much as possible from key after import")},
++
+++ {"self-sigs-only", IMPORT_SELF_SIGS_ONLY, NULL,
+++ N_("ignore key-signatures which are not self-signatures")},
+++
++ {"import-export", IMPORT_EXPORT, NULL,
++ N_("run import filters and export key immediately")},
++
++@@ -850,6 +853,8 @@ read_block( IOBUF a, unsigned int options,
++ PACKET *pkt;
++ kbnode_t root = NULL;
++ int in_cert, in_v3key, skip_sigs;
+++ u32 keyid[2];
+++ unsigned int dropped_nonselfsigs = 0;
++
++ *r_v3keys = 0;
++
++@@ -974,16 +979,43 @@ read_block( IOBUF a, unsigned int options,
++ init_packet(pkt);
++ break;
++
+++ case PKT_SIGNATURE:
+++ if (!in_cert)
+++ goto x_default;
+++ if (!(options & IMPORT_SELF_SIGS_ONLY))
+++ goto x_default;
+++ if (pkt->pkt.signature->keyid[0] == keyid[0]
+++ && pkt->pkt.signature->keyid[1] == keyid[1])
+++ { /* This is likely a self-signature. We import this one.
+++ * Eventually we should use the ISSUER_FPR to compare
+++ * self-signatures, but that will work only for v5 keys
+++ * which are currently not even deployed.
+++ * Note that we do not do any crypto verify here because
+++ * that would defeat this very mitigation of DoS by
+++ * importing a key with a huge amount of faked
+++ * key-signatures. A verification will be done later in
+++ * the processing anyway. Here we want a cheap an early
+++ * way to drop non-self-signatures. */
+++ goto x_default;
+++ }
+++ /* Skip this signature. */
+++ dropped_nonselfsigs++;
+++ free_packet (pkt, &parsectx);
+++ init_packet(pkt);
+++ break;
+++
++ case PKT_PUBLIC_KEY:
++ case PKT_SECRET_KEY:
++- if (in_cert ) /* Store this packet. */
+++ if (in_cert) /* Store this packet. */
++ {
++ *pending_pkt = pkt;
++ pkt = NULL;
++ goto ready;
++ }
++ in_cert = 1;
++- /* fall through */
+++ keyid_from_pk (pkt->pkt.public_key, keyid);
+++ goto x_default;
+++
++ default:
++ x_default:
++ if (in_cert && valid_keyblock_packet (pkt->pkttype))
++@@ -1012,6 +1044,10 @@ read_block( IOBUF a, unsigned int options,
++ free_packet (pkt, &parsectx);
++ deinit_parse_packet (&parsectx);
++ xfree( pkt );
+++ if (!rc && dropped_nonselfsigs && opt.verbose)
+++ log_info ("key %s: number of dropped non-self-signatures: %u\n",
+++ keystr (keyid), dropped_nonselfsigs);
+++
++ return rc;
++ }
++
++diff --git a/g10/options.h b/g10/options.h
++index 782c0cb..4877a71 100644
++--- a/g10/options.h
+++++ b/g10/options.h
++@@ -354,6 +354,7 @@ EXTERN_UNLESS_MAIN_MODULE int memory_stat_debug_mode;
++ #define IMPORT_RESTORE (1<<10)
++ #define IMPORT_REPAIR_KEYS (1<<11)
++ #define IMPORT_DRY_RUN (1<<12)
+++#define IMPORT_SELF_SIGS_ONLY (1<<14)
++
++ #define EXPORT_LOCAL_SIGS (1<<0)
++ #define EXPORT_ATTRIBUTES (1<<1)
--- /dev/null
--- /dev/null
++From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Date: Sun, 23 Jun 2019 20:17:05 -0400
++Subject: spelling: Fix "synchronize"
++
++Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++(cherry picked from commit 520f5d70e4128b61c30da2a463f6c34ca24b628e)
++---
++ NEWS | 2 +-
++ g10/cpr.c | 2 +-
++ kbx/keybox-blob.c | 4 ++--
++ scd/app-openpgp.c | 2 +-
++ scd/ccid-driver.c | 2 +-
++ 5 files changed, 6 insertions(+), 6 deletions(-)
++
++diff --git a/NEWS b/NEWS
++index 294709d..5728cdd 100644
++--- a/NEWS
+++++ b/NEWS
++@@ -2487,7 +2487,7 @@ Noteworthy changes in version 1.9.2 (2003-11-17)
++ command but from the menu provided by the new --card-edit command.
++
++ * PINs are now properly cached and there are only 2 PINs visible.
++- The 3rd PIN (CHV2) is internally syncronized with the regular PIN.
+++ The 3rd PIN (CHV2) is internally synchronized with the regular PIN.
++
++ * All kind of other internal stuff.
++
++diff --git a/g10/cpr.c b/g10/cpr.c
++index 4354426..d40e0a7 100644
++--- a/g10/cpr.c
+++++ b/g10/cpr.c
++@@ -62,7 +62,7 @@ progress_cb (void *ctx, const char *what, int printchar,
++
++
++ /* Return true if the status message NO may currently be issued. We
++- need this to avoid syncronisation problem while auto retrieving a
+++ need this to avoid synchronization problem while auto retrieving a
++ key. There it may happen that a status NODATA is issued for a non
++ available key and the user may falsely interpret this has a missing
++ signature. */
++diff --git a/kbx/keybox-blob.c b/kbx/keybox-blob.c
++index 6874212..ac259ea 100644
++--- a/kbx/keybox-blob.c
+++++ b/kbx/keybox-blob.c
++@@ -116,7 +116,7 @@
++ Note that this value matches TRUST_FLAG_REVOKED
++ - u16 RFU
++ - u32 Recheck_after
++- - u32 Latest timestamp in the keyblock (useful for KS syncronsiation?)
+++ - u32 Latest timestamp in the keyblock (useful for KS synchronization?)
++ - u32 Blob created at
++ - u32 [NRES] Size of reserved space (not including this field)
++ - bN Reserved space of size NRES for future use.
++@@ -126,7 +126,7 @@
++ - bN Space for the keyblock or certificate.
++ - bN RFU. This is the remaining space after keyblock and before
++ the checksum. It is not covered by the checksum.
++- - b20 SHA-1 checksum (useful for KS syncronisation?)
+++ - b20 SHA-1 checksum (useful for KS synchronization?)
++ Note, that KBX versions before GnuPG 2.1 used an MD5
++ checksum. However it was only created but never checked.
++ Thus we do not expect problems if we switch to SHA-1. If
++diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c
++index e4a1fba..a1f8603 100644
++--- a/scd/app-openpgp.c
+++++ b/scd/app-openpgp.c
++@@ -640,7 +640,7 @@ count_bits (const unsigned char *a, size_t len)
++ Where FLAGS is a plain hexadecimal number representing flag values.
++ The lsb is here the rightmost bit. Defined flags bits are:
++
++- Bit 0 = CHV1 and CHV2 are not syncronized
+++ Bit 0 = CHV1 and CHV2 are not synchronized
++ Bit 1 = CHV2 has been set to the default PIN of "123456"
++ (this implies that bit 0 is also set).
++
++diff --git a/scd/ccid-driver.c b/scd/ccid-driver.c
++index ae40f01..94cd8c2 100644
++--- a/scd/ccid-driver.c
+++++ b/scd/ccid-driver.c
++@@ -2952,7 +2952,7 @@ ccid_transceive_apdu_level (ccid_driver_t handle,
++ bit 7 1
++ bit 6 1
++ bit 5 clear=request,set=response
++- bit 4..0 0 = resyncronisation request
+++ bit 4..0 0 = resynchronization request
++ 1 = information field size request
++ 2 = abort request
++ 3 = extension of BWT request
--- /dev/null
--- /dev/null
++From: NIIBE Yutaka <gniibe@fsij.org>
++Date: Mon, 1 Jul 2019 13:07:22 +0900
++Subject: tools: gpgconf: Killing order is children-first.
++
++* tools/gpgconf-comp.c (gc_component_kill): Reverse the order.
++
++--
++
++Cherry-picked from master commit:
++ 7c877f942a344e7778005840ed7f3e20ace12f4a
++
++The order matters in a corner case; On a busy machine, there was a
++race condition between gpg-agent's running KILLAGENT command and its
++accepting incoming request on the socket. If a request by
++gpg-connect-agent was accepted, it resulted an error by sudden
++shutdown. This change of the order can remove such a race.
++
++Here, we know backend=0 is none.
++
++GnuPG-bug-id: 4577
++Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
++(cherry picked from commit 526714806da4e50c8e683b25d76460916d58ff41)
++---
++ tools/gpgconf-comp.c | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c
++index 7f7440b..2875c92 100644
++--- a/tools/gpgconf-comp.c
+++++ b/tools/gpgconf-comp.c
++@@ -1367,7 +1367,7 @@ gc_component_kill (int component)
++ }
++
++ /* Do the restart for the selected backends. */
++- for (backend = 0; backend < GC_BACKEND_NR; backend++)
+++ for (backend = GC_BACKEND_NR-1; backend; backend--)
++ {
++ if (runtime[backend] && gc_backend[backend].runtime_change)
++ (*gc_backend[backend].runtime_change) (1);
--- /dev/null
--- /dev/null
++From: NIIBE Yutaka <gniibe@fsij.org>
++Date: Tue, 16 Jul 2019 10:10:52 +0900
++Subject: dirmngr: Don't add system CAs for SKS HKPS pool.
++
++* dirmngr/http.c [HTTP_USE_GNUTLS] (http_session_new): Clear
++add_system_cas.
++
++--
++
++Cherry-picking the master commit of:
++ 75e0ec65170b7053743406e3f3b605febcf7312a
++
++GnuPG-bug-id: 4594
++Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
++(cherry picked from commit 58e234fbeb6cc5908b69a73e50428f02e584e504)
++---
++ dirmngr/http.c | 2 ++
++ 1 file changed, 2 insertions(+)
++
++diff --git a/dirmngr/http.c b/dirmngr/http.c
++index d2456c6..1ba8e79 100644
++--- a/dirmngr/http.c
+++++ b/dirmngr/http.c
++@@ -791,6 +791,8 @@ http_session_new (http_session_t *r_session,
++ pemname, gnutls_strerror (rc));
++ xfree (pemname);
++ }
+++
+++ add_system_cas = 0;
++ }
++
++ /* Add configured certificates to the session. */
--- /dev/null
--- /dev/null
++From: NIIBE Yutaka <gniibe@fsij.org>
++Date: Wed, 10 Jul 2019 15:06:54 +0900
++Subject: gpg: Fix keyring retrieval.
++
++* g10/keyring.c (keyring_get_keyblock): Avoid O(N^2) append.
++
++--
++
++Cherry-picking the master commit of:
++ a7a043e82555a9da984c6fb01bfec4990d904690
++
++GnuPG-bug-id: 4592
++Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
++(cherry picked from commit b7df72d3074b72cf8b537ac87416b6b719c1b1b7)
++---
++ g10/keyring.c | 9 ++++++---
++ 1 file changed, 6 insertions(+), 3 deletions(-)
++
++diff --git a/g10/keyring.c b/g10/keyring.c
++index a8dd462..f424f94 100644
++--- a/g10/keyring.c
+++++ b/g10/keyring.c
++@@ -473,11 +473,14 @@ keyring_get_keyblock (KEYRING_HANDLE hd, KBNODE *ret_kb)
++ }
++
++ in_cert = 1;
++- node = lastnode = new_kbnode (pkt);
+++ node = new_kbnode (pkt);
++ if (!keyblock)
++- keyblock = node;
+++ keyblock = lastnode = node;
++ else
++- add_kbnode (keyblock, node);
+++ {
+++ lastnode->next = node;
+++ lastnode = node;
+++ }
++ switch (pkt->pkttype)
++ {
++ case PKT_PUBLIC_KEY:
--- /dev/null
--- /dev/null
++From: NIIBE Yutaka <gniibe@fsij.org>
++Date: Wed, 10 Jul 2019 15:42:07 +0900
++Subject: gpg: Improve import slowness.
++
++* g10/import.c (read_block): Avoid O(N^2) append.
++(sec_to_pub_keyblock): Likewise.
++
++--
++
++Cherry-picking the master commit of:
++ 33c17a8008c3ba3bb740069f9f97c7467f156b54
++
++Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
++(cherry picked from commit eb00a14f6d2de7c53487f39494c5cb9c0598fc96)
++---
++ g10/import.c | 18 +++++++++++++-----
++ 1 file changed, 13 insertions(+), 5 deletions(-)
++
++diff --git a/g10/import.c b/g10/import.c
++index 12f8f28..0a72a76 100644
++--- a/g10/import.c
+++++ b/g10/import.c
++@@ -853,6 +853,7 @@ read_block( IOBUF a, unsigned int options,
++ struct parse_packet_ctx_s parsectx;
++ PACKET *pkt;
++ kbnode_t root = NULL;
+++ kbnode_t lastnode = NULL;
++ int in_cert, in_v3key, skip_sigs;
++ u32 keyid[2];
++ int got_keyid = 0;
++@@ -862,7 +863,7 @@ read_block( IOBUF a, unsigned int options,
++
++ if (*pending_pkt)
++ {
++- root = new_kbnode( *pending_pkt );
+++ root = lastnode = new_kbnode( *pending_pkt );
++ *pending_pkt = NULL;
++ log_assert (root->pkt->pkttype == PKT_PUBLIC_KEY
++ || root->pkt->pkttype == PKT_SECRET_KEY);
++@@ -1032,9 +1033,12 @@ read_block( IOBUF a, unsigned int options,
++ if (in_cert && valid_keyblock_packet (pkt->pkttype))
++ {
++ if (!root )
++- root = new_kbnode (pkt);
+++ root = lastnode = new_kbnode (pkt);
++ else
++- add_kbnode (root, new_kbnode (pkt));
+++ {
+++ lastnode->next = new_kbnode (pkt);
+++ lastnode = lastnode->next;
+++ }
++ pkt = xmalloc (sizeof *pkt);
++ }
++ else
++@@ -2636,6 +2640,7 @@ sec_to_pub_keyblock (kbnode_t sec_keyblock)
++ kbnode_t pub_keyblock = NULL;
++ kbnode_t ctx = NULL;
++ kbnode_t secnode, pubnode;
+++ kbnode_t lastnode = NULL;
++ unsigned int tag = 0;
++
++ /* Set a tag to all nodes. */
++@@ -2675,9 +2680,12 @@ sec_to_pub_keyblock (kbnode_t sec_keyblock)
++ pubnode->tag = secnode->tag;
++
++ if (!pub_keyblock)
++- pub_keyblock = pubnode;
+++ pub_keyblock = lastnode = pubnode;
++ else
++- add_kbnode (pub_keyblock, pubnode);
+++ {
+++ lastnode->next = pubnode;
+++ lastnode = pubnode;
+++ }
++ }
++
++ return pub_keyblock;
--- /dev/null
--- /dev/null
++From: NIIBE Yutaka <gniibe@fsij.org>
++Date: Wed, 20 Sep 2017 10:42:28 +0900
++Subject: agent: Fix cancellation handling for scdaemon.
++
++* agent/call-scd.c (cancel_inquire): Remove.
++(agent_card_pksign, agent_card_pkdecrypt, agent_card_writekey)
++(agent_card_scd): Don't call cancel_inquire.
++
++--
++
++Since libassuan 2.1.0, cancellation command "CAN" is handled within
++the library, by assuan_transact. So, cancel_inquire just caused
++spurious "CAN" command to scdaemon which resulted an error.
++
++Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
++(cherry picked from commit 9f5e50e7c85aa8b847d38010241ed570ac114fc3)
++---
++ agent/call-scd.c | 41 -----------------------------------------
++ 1 file changed, 41 deletions(-)
++
++diff --git a/agent/call-scd.c b/agent/call-scd.c
++index bf7732b..e852c0d 100644
++--- a/agent/call-scd.c
+++++ b/agent/call-scd.c
++@@ -89,7 +89,6 @@ struct inq_needpin_parm_s
++ const char *getpin_cb_desc;
++ assuan_context_t passthru; /* If not NULL, pass unknown inquiries
++ up to the caller. */
++- int any_inq_seen;
++
++ /* The next fields are used by inq_writekey_parm. */
++ const unsigned char *keydata;
++@@ -729,7 +728,6 @@ inq_needpin (void *opaque, const char *line)
++ size_t pinlen;
++ int rc;
++
++- parm->any_inq_seen = 1;
++ if ((s = has_leading_keyword (line, "NEEDPIN")))
++ {
++ line = s;
++@@ -813,30 +811,6 @@ hash_algo_option (int algo)
++ }
++
++
++-static gpg_error_t
++-cancel_inquire (ctrl_t ctrl, gpg_error_t rc)
++-{
++- gpg_error_t oldrc = rc;
++-
++- /* The inquire callback was called and transact returned a
++- cancel error. We assume that the inquired process sent a
++- CANCEL. The passthrough code is not able to pass on the
++- CANCEL and thus scdaemon would stuck on this. As a
++- workaround we send a CANCEL now. */
++- rc = assuan_write_line (ctrl->scd_local->ctx, "CAN");
++- if (!rc) {
++- char *line;
++- size_t len;
++-
++- rc = assuan_read_line (ctrl->scd_local->ctx, &line, &len);
++- if (!rc)
++- rc = oldrc;
++- }
++-
++- return rc;
++-}
++-
++-
++ /* Create a signature using the current card. MDALGO is either 0 or
++ * gives the digest algorithm. DESC_TEXT is an additional parameter
++ * passed to GETPIN_CB. */
++@@ -877,7 +851,6 @@ agent_card_pksign (ctrl_t ctrl,
++ inqparm.getpin_cb_arg = getpin_cb_arg;
++ inqparm.getpin_cb_desc = desc_text;
++ inqparm.passthru = 0;
++- inqparm.any_inq_seen = 0;
++ inqparm.keydata = NULL;
++ inqparm.keydatalen = 0;
++
++@@ -890,9 +863,6 @@ agent_card_pksign (ctrl_t ctrl,
++ put_membuf_cb, &data,
++ inq_needpin, &inqparm,
++ NULL, NULL);
++- if (inqparm.any_inq_seen && (gpg_err_code(rc) == GPG_ERR_CANCELED ||
++- gpg_err_code(rc) == GPG_ERR_ASS_CANCELED))
++- rc = cancel_inquire (ctrl, rc);
++
++ if (rc)
++ {
++@@ -976,7 +946,6 @@ agent_card_pkdecrypt (ctrl_t ctrl,
++ inqparm.getpin_cb_arg = getpin_cb_arg;
++ inqparm.getpin_cb_desc = desc_text;
++ inqparm.passthru = 0;
++- inqparm.any_inq_seen = 0;
++ inqparm.keydata = NULL;
++ inqparm.keydatalen = 0;
++ snprintf (line, DIM(line), "PKDECRYPT %s", keyid);
++@@ -984,9 +953,6 @@ agent_card_pkdecrypt (ctrl_t ctrl,
++ put_membuf_cb, &data,
++ inq_needpin, &inqparm,
++ padding_info_cb, r_padding);
++- if (inqparm.any_inq_seen && (gpg_err_code(rc) == GPG_ERR_CANCELED ||
++- gpg_err_code(rc) == GPG_ERR_ASS_CANCELED))
++- rc = cancel_inquire (ctrl, rc);
++
++ if (rc)
++ {
++@@ -1113,15 +1079,11 @@ agent_card_writekey (ctrl_t ctrl, int force, const char *serialno,
++ parms.getpin_cb_arg = getpin_cb_arg;
++ parms.getpin_cb_desc= NULL;
++ parms.passthru = 0;
++- parms.any_inq_seen = 0;
++ parms.keydata = keydata;
++ parms.keydatalen = keydatalen;
++
++ rc = assuan_transact (ctrl->scd_local->ctx, line, NULL, NULL,
++ inq_writekey_parms, &parms, NULL, NULL);
++- if (parms.any_inq_seen && (gpg_err_code(rc) == GPG_ERR_CANCELED ||
++- gpg_err_code(rc) == GPG_ERR_ASS_CANCELED))
++- rc = cancel_inquire (ctrl, rc);
++ return unlock_scd (ctrl, rc);
++ }
++
++@@ -1346,7 +1308,6 @@ agent_card_scd (ctrl_t ctrl, const char *cmdline,
++ inqparm.getpin_cb_arg = getpin_cb_arg;
++ inqparm.getpin_cb_desc = NULL;
++ inqparm.passthru = assuan_context;
++- inqparm.any_inq_seen = 0;
++ inqparm.keydata = NULL;
++ inqparm.keydatalen = 0;
++
++@@ -1356,8 +1317,6 @@ agent_card_scd (ctrl_t ctrl, const char *cmdline,
++ pass_data_thru, assuan_context,
++ inq_needpin, &inqparm,
++ pass_status_thru, assuan_context);
++- if (inqparm.any_inq_seen && gpg_err_code(rc) == GPG_ERR_ASS_CANCELED)
++- rc = cancel_inquire (ctrl, rc);
++
++ assuan_set_flag (ctrl->scd_local->ctx, ASSUAN_CONVEY_COMMENTS, saveflag);
++ if (rc)
--- /dev/null
--- /dev/null
++From: Werner Koch <wk@gnupg.org>
++Date: Tue, 14 Jun 2022 11:33:27 +0200
++Subject: g10: Fix garbled status messages in NOTATION_DATA
++
++* g10/cpr.c (write_status_text_and_buffer): Fix off-by-one
++--
++
++Depending on the escaping and line wrapping the computed remaining
++buffer length could be wrong. Fixed by always using a break to
++terminate the escape detection loop. Might have happened for all
++status lines which may wrap.
++
++GnuPG-bug-id: T6027
++(cherry picked from commit 34c649b3601383cd11dbc76221747ec16fd68e1b)
++---
++ g10/cpr.c | 13 ++++---------
++ 1 file changed, 4 insertions(+), 9 deletions(-)
++
++diff --git a/g10/cpr.c b/g10/cpr.c
++index d40e0a7..6a88e9d 100644
++--- a/g10/cpr.c
+++++ b/g10/cpr.c
++@@ -304,20 +304,15 @@ write_status_text_and_buffer (int no, const char *string,
++ }
++ first = 0;
++ }
++- for (esc=0, s=buffer, n=len; n && !esc; s++, n--)
+++ for (esc=0, s=buffer, n=len; n; s++, n--)
++ {
++ if (*s == '%' || *(const byte*)s <= lower_limit
++ || *(const byte*)s == 127 )
++ esc = 1;
++ if (wrap && ++count > wrap)
++- {
++- dowrap=1;
++- break;
++- }
++- }
++- if (esc)
++- {
++- s--; n++;
+++ dowrap=1;
+++ if (esc || dowrap)
+++ break;
++ }
++ if (s != buffer)
++ es_fwrite (buffer, s-buffer, 1, statusfp);
--- /dev/null
--- /dev/null
++From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Date: Thu, 7 Sep 2017 18:41:10 -0400
++Subject: gpg: default to 3072-bit RSA keys.
++
++* agent/command.c (hlp_genkey): update help text to suggest the use of
++3072 bits.
++* doc/wks.texi: Make example match default generation.
++* g10/keygen.c (DEFAULT_STD_KEY_PARAM): update to
++rsa3072/cert,sign+rsa3072/encr, and fix neighboring comment,
++(gen_rsa, get_keysize_range): update default from 2048 to 3072).
++* g10/keyid.c (pubkey_string): update comment so that first example
++is the default 3072-bit RSA.
++
++--
++
++3072-bit RSA is widely considered to be 128-bit-equivalent security.
++This is a sensible default in 2017.
++
++Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++
++(cherry picked from commit 909fbca19678e6e36968607e8a2348381da39d8c)
++---
++ agent/command.c | 2 +-
++ doc/wks.texi | 4 ++--
++ g10/keygen.c | 9 ++++-----
++ g10/keyid.c | 4 ++--
++ 4 files changed, 9 insertions(+), 10 deletions(-)
++
++diff --git a/agent/command.c b/agent/command.c
++index adb2c00..60eb6ad 100644
++--- a/agent/command.c
+++++ b/agent/command.c
++@@ -843,7 +843,7 @@ static const char hlp_genkey[] =
++ "\n"
++ " C: GENKEY\n"
++ " S: INQUIRE KEYPARAM\n"
++- " C: D (genkey (rsa (nbits 2048)))\n"
+++ " C: D (genkey (rsa (nbits 3072)))\n"
++ " C: END\n"
++ " S: D (public-key\n"
++ " S: D (rsa (n 326487324683264) (e 10001)))\n"
++diff --git a/doc/wks.texi b/doc/wks.texi
++index d6798b1..5fe2a33 100644
++--- a/doc/wks.texi
+++++ b/doc/wks.texi
++@@ -404,10 +404,10 @@ the submission address:
++ The output of the last command looks similar to this:
++
++ @example
++- sec rsa2048 2016-08-30 [SC]
+++ sec rsa3072 2016-08-30 [SC]
++ C0FCF8642D830C53246211400346653590B3795B
++ uid [ultimate] key-submission@@example.net
++- ssb rsa2048 2016-08-30 [E]
+++ ssb rsa3072 2016-08-30 [E]
++ @end example
++
++ Take the fingerprint from that output and manually publish the key:
++diff --git a/g10/keygen.c b/g10/keygen.c
++index ed57d5d..492c65f 100644
++--- a/g10/keygen.c
+++++ b/g10/keygen.c
++@@ -46,11 +46,10 @@
++ #include "../common/mbox-util.h"
++
++
++-/* The default algorithms. If you change them remember to change them
++- also in gpg.c:gpgconf_list. You should also check that the value
+++/* The default algorithms. If you change them, you should ensure the value
++ is inside the bounds enforced by ask_keysize and gen_xxx. See also
++ get_keysize_range which encodes the allowed ranges. */
++-#define DEFAULT_STD_KEY_PARAM "rsa2048/cert,sign+rsa2048/encr"
+++#define DEFAULT_STD_KEY_PARAM "rsa3072/cert,sign+rsa3072/encr"
++ #define FUTURE_STD_KEY_PARAM "ed25519/cert,sign+cv25519/encr"
++
++ /* When generating keys using the streamlined key generation dialog,
++@@ -1648,7 +1647,7 @@ gen_rsa (int algo, unsigned int nbits, KBNODE pub_root,
++
++ if (nbits < 1024)
++ {
++- nbits = 2048;
+++ nbits = 3072;
++ log_info (_("keysize invalid; using %u bits\n"), nbits );
++ }
++ else if (nbits > maxsize)
++@@ -2117,7 +2116,7 @@ get_keysize_range (int algo, unsigned int *min, unsigned int *max)
++ default:
++ *min = opt.compliance == CO_DE_VS ? 2048: 1024;
++ *max = 4096;
++- def = 2048;
+++ def = 3072;
++ break;
++ }
++
++diff --git a/g10/keyid.c b/g10/keyid.c
++index 5b868cd..af9be07 100644
++--- a/g10/keyid.c
+++++ b/g10/keyid.c
++@@ -73,7 +73,7 @@ pubkey_letter( int algo )
++ is copied to the supplied buffer up a length of BUFSIZE-1.
++ Examples for the output are:
++
++- "rsa2048" - RSA with 2048 bit
+++ "rsa3072" - RSA with 3072 bit
++ "elg1024" - Elgamal with 1024 bit
++ "ed25519" - ECC using the curve Ed25519.
++ "E_1.2.3.4" - ECC using the unsupported curve with OID "1.2.3.4".
++@@ -83,7 +83,7 @@ pubkey_letter( int algo )
++ If the option --legacy-list-mode is active, the output use the
++ legacy format:
++
++- "2048R" - RSA with 2048 bit
+++ "3072R" - RSA with 3072 bit
++ "1024g" - Elgamal with 1024 bit
++ "256E" - ECDSA using a curve with 256 bit
++
--- /dev/null
--- /dev/null
++From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Date: Thu, 7 Sep 2017 19:04:00 -0400
++Subject: gpg: default to AES-256.
++
++* g10/main.h (DEFAULT_CIPHER_ALGO): Prefer AES256 by default.
++
++--
++
++It's 2017, and pretty much everyone has AES-256 available. Symmetric
++crypto is also rarely the bottleneck (asymmetric crypto is much more
++expensive). AES-256 provides some level of protection against
++large-scale decryption efforts, and longer key lengths provide a hedge
++against unforseen cryptanalysis.
++
++Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++(cherry picked from commit 73ff075204df09db5248170a049f06498cdbb7aa)
++---
++ g10/main.h | 4 +++-
++ 1 file changed, 3 insertions(+), 1 deletion(-)
++
++diff --git a/g10/main.h b/g10/main.h
++index 389a557..6f93de9 100644
++--- a/g10/main.h
+++++ b/g10/main.h
++@@ -31,7 +31,9 @@
++ (i.e. uncompressed) rather than 1 (zip). However, the real world
++ issues of speed and size come into play here. */
++
++-#if GPG_USE_AES128
+++#if GPG_USE_AES256
+++# define DEFAULT_CIPHER_ALGO CIPHER_ALGO_AES256
+++#elif GPG_USE_AES128
++ # define DEFAULT_CIPHER_ALGO CIPHER_ALGO_AES
++ #elif GPG_USE_CAST5
++ # define DEFAULT_CIPHER_ALGO CIPHER_ALGO_CAST5
--- /dev/null
--- /dev/null
++From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Date: Tue, 1 Nov 2016 00:45:23 -0400
++Subject: agent: Allow threads to interrupt main select loop with SIGCONT.
++
++* agent/gpg-agent.c (interrupt_main_thread_loop): New function on
++non-windows platforms, allows other threads to interrupt the main loop
++if there's something that the main loop might be interested in.
++
++--
++
++For example, the main loop might be interested in changes in program
++state that affect the timers it expects to see.
++
++I don't know how to do this on Windows platforms, but i welcome any
++proposed improvements.
++
++Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++---
++ agent/agent.h | 1 +
++ agent/gpg-agent.c | 18 +++++++++++++++++-
++ 2 files changed, 18 insertions(+), 1 deletion(-)
++
++diff --git a/agent/agent.h b/agent/agent.h
++index 2b045f8..97ac15d 100644
++--- a/agent/agent.h
+++++ b/agent/agent.h
++@@ -361,6 +361,7 @@ void *get_agent_scd_notify_event (void);
++ #endif
++ void agent_sighup_action (void);
++ int map_pk_openpgp_to_gcry (int openpgp_algo);
+++void interrupt_main_thread_loop (void);
++
++ /*-- command.c --*/
++ gpg_error_t agent_inq_pinentry_launched (ctrl_t ctrl, unsigned long pid,
++diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
++index f9c0163..b2ce51f 100644
++--- a/agent/gpg-agent.c
+++++ b/agent/gpg-agent.c
++@@ -417,6 +417,9 @@ static int have_homedir_inotify;
++ * works reliable. */
++ static int reliable_homedir_inotify;
++
+++/* Record the pid of the main thread, for easier signalling */
+++static pid_t main_thread_pid = (pid_t)(-1);
+++
++ /* Number of active connections. */
++ static int active_connections;
++
++@@ -2123,7 +2126,7 @@ get_agent_scd_notify_event (void)
++ GetCurrentProcess(), &h2,
++ EVENT_MODIFY_STATE|SYNCHRONIZE, TRUE, 0))
++ {
++- log_error ("setting syncronize for scd notify event failed: %s\n",
+++ log_error ("setting synchronize for scd notify event failed: %s\n",
++ w32_strerror (-1) );
++ CloseHandle (h);
++ }
++@@ -2469,6 +2472,10 @@ handle_signal (int signo)
++ agent_sigusr2_action ();
++ break;
++
+++ /* nothing to do here, just take an extra cycle on the select loop */
+++ case SIGCONT:
+++ break;
+++
++ case SIGTERM:
++ if (!shutdown_pending)
++ log_info ("SIGTERM received - shutting down ...\n");
++@@ -2807,6 +2814,13 @@ start_connection_thread_ssh (void *arg)
++ }
++
++
+++void interrupt_main_thread_loop (void)
+++{
+++#ifndef HAVE_W32_SYSTEM
+++ kill (main_thread_pid, SIGCONT);
+++#endif
+++}
+++
++ /* helper function for readability: test whether a given struct
++ timespec is set to all-zeros */
++ static inline int
++@@ -2876,8 +2890,10 @@ handle_connections (gnupg_fd_t listen_fd,
++ npth_sigev_add (SIGUSR1);
++ npth_sigev_add (SIGUSR2);
++ npth_sigev_add (SIGINT);
+++ npth_sigev_add (SIGCONT);
++ npth_sigev_add (SIGTERM);
++ npth_sigev_fini ();
+++ main_thread_pid = getpid ();
++ #else
++ # ifdef HAVE_W32CE_SYSTEM
++ /* Use a dummy event. */
--- /dev/null
--- /dev/null
++From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Date: Tue, 1 Nov 2016 00:57:44 -0400
++Subject: agent: Avoid scheduled checks on socket when inotify is working.
++
++* agent/gpg-agent.c (handle_connections): When inotify is working, we
++do not need to schedule a timer to evaluate whether we control our own
++socket or not.
++
++Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++---
++ agent/gpg-agent.c | 2 ++
++ 1 file changed, 2 insertions(+)
++
++diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
++index 5bdbbbe..d68b5ad 100644
++--- a/agent/gpg-agent.c
+++++ b/agent/gpg-agent.c
++@@ -3043,6 +3043,8 @@ handle_connections (gnupg_fd_t listen_fd,
++
++ /* avoid a fine-grained timer if we don't need one: */
++ timertbl[0].interval.tv_sec = need_tick () ? TIMERTICK_INTERVAL : 0;
+++ /* avoid waking up to check sockets if we can count on inotify */
+++ timertbl[1].interval.tv_sec = (sock_inotify_fd == -1) ? CHECK_OWN_SOCKET_INTERVAL : 0;
++
++ /* loop through all timers, fire any registered functions, and
++ plan next timer to trigger */
--- /dev/null
--- /dev/null
++From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Date: Tue, 1 Nov 2016 00:14:10 -0400
++Subject: agent: Avoid tight timer tick when possible.
++
++* agent/gpg-agent.c (need_tick): Evaluate whether the short-phase
++handle_tick() is needed.
++(handle_connections): On each cycle of the select loop, adjust whether
++we should call handle_tick() or not.
++(start_connection_thread_ssh, do_start_connection_thread): Signal the
++main loop when the child terminates.
++* agent/call-scd.c (start_scd): Call interrupt_main_thread_loop() once
++the scdaemon thread context has started up.
++
++--
++
++With this change, an idle gpg-agent that has no scdaemon running only
++wakes up once a minute (to check_own_socket).
++
++Thanks to Ian Jackson and NIIBE Yutaka who helped me improve some of
++the blocking and corner cases.
++
++Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++---
++ agent/call-scd.c | 2 ++
++ agent/gpg-agent.c | 29 +++++++++++++++++++++++++++--
++ 2 files changed, 29 insertions(+), 2 deletions(-)
++
++diff --git a/agent/call-scd.c b/agent/call-scd.c
++index 16139fd..bf7732b 100644
++--- a/agent/call-scd.c
+++++ b/agent/call-scd.c
++@@ -415,6 +415,8 @@ start_scd (ctrl_t ctrl)
++
++ primary_scd_ctx = ctx;
++ primary_scd_ctx_reusable = 0;
+++ /* notify the main loop that something has changed */
+++ interrupt_main_thread_loop ();
++
++ leave:
++ xfree (abs_homedir);
++diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
++index b2ce51f..5bdbbbe 100644
++--- a/agent/gpg-agent.c
+++++ b/agent/gpg-agent.c
++@@ -2376,6 +2376,26 @@ create_directories (void)
++ }
++
++
+++static int
+++need_tick (void)
+++{
+++#ifdef HAVE_W32_SYSTEM
+++ /* We do not know how to interrupt the select loop on Windows, so we
+++ always need a short tick there. */
+++ return 1;
+++#else
+++ /* if we were invoked like "gpg-agent cmd arg1 arg2" then we need to
+++ watch our parent. */
+++ if (parent_pid != (pid_t)(-1))
+++ return 1;
+++ /* if scdaemon is running, we need to check that it's alive */
+++ if (agent_scd_check_running ())
+++ return 1;
+++ /* otherwise, nothing fine-grained to do. */
+++ return 0;
+++#endif /*HAVE_W32_SYSTEM*/
+++}
+++
++
++ /* This is the worker for the ticker. It is called every few seconds
++ and may only do fast operations. */
++@@ -2729,7 +2749,8 @@ do_start_connection_thread (ctrl_t ctrl)
++
++ agent_deinit_default_ctrl (ctrl);
++ xfree (ctrl);
++- active_connections--;
+++ if (--active_connections == 0)
+++ interrupt_main_thread_loop();
++ return NULL;
++ }
++
++@@ -2809,7 +2830,8 @@ start_connection_thread_ssh (void *arg)
++
++ agent_deinit_default_ctrl (ctrl);
++ xfree (ctrl);
++- active_connections--;
+++ if (--active_connections == 0)
+++ interrupt_main_thread_loop();
++ return NULL;
++ }
++
++@@ -3019,6 +3041,9 @@ handle_connections (gnupg_fd_t listen_fd,
++ thus a simple assignment is fine to copy the entire set. */
++ read_fdset = fdset;
++
+++ /* avoid a fine-grained timer if we don't need one: */
+++ timertbl[0].interval.tv_sec = need_tick () ? TIMERTICK_INTERVAL : 0;
+++
++ /* loop through all timers, fire any registered functions, and
++ plan next timer to trigger */
++ npth_clock_gettime (&curtime);
--- /dev/null
--- /dev/null
++From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Date: Mon, 31 Oct 2016 21:27:36 -0400
++Subject: agent: Create framework of scheduled timers.
++
++agent/gpg-agent.c (handle_tick): Remove intermittent call to
++check_own_socket.
++(tv_is_set): Add inline helper function for readability.
++(handle_connections) Create general table of pending scheduled
++timeouts.
++
++--
++
++handle_tick() does fine-grained, rapid activity. check_own_socket()
++is supposed to happen at a different interval.
++
++Mixing the two of them makes it a requirement that one interval be a
++multiple of the other, which isn't ideal if there are different delay
++strategies that we might want in the future.
++
++Creating an extensible regular timer framework in handle_connections
++should make it possible to have any number of cadenced timers fire
++regularly, without requiring that they happen in cadences related to
++each other.
++
++It should also make it possible to dynamically change the cadence of
++any regularly-scheduled timeout.
++
++Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++---
++ agent/gpg-agent.c | 84 +++++++++++++++++++++++++++++++++++++------------------
++ 1 file changed, 57 insertions(+), 27 deletions(-)
++
++diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
++index 591f4fd..f9c0163 100644
++--- a/agent/gpg-agent.c
+++++ b/agent/gpg-agent.c
++@@ -2379,12 +2379,8 @@ create_directories (void)
++ static void
++ handle_tick (void)
++ {
++- static time_t last_minute;
++ struct stat statbuf;
++
++- if (!last_minute)
++- last_minute = time (NULL);
++-
++ /* Check whether the scdaemon has died and cleanup in this case. */
++ agent_scd_check_aliveness ();
++
++@@ -2404,15 +2400,6 @@ handle_tick (void)
++ }
++ #endif /*HAVE_W32_SYSTEM*/
++
++- /* Code to be run from time to time. */
++-#if CHECK_OWN_SOCKET_INTERVAL > 0
++- if (last_minute + CHECK_OWN_SOCKET_INTERVAL <= time (NULL))
++- {
++- check_own_socket ();
++- last_minute = time (NULL);
++- }
++-#endif
++-
++ /* Need to check for expired cache entries. */
++ agent_cache_housekeeping ();
++
++@@ -2820,6 +2807,15 @@ start_connection_thread_ssh (void *arg)
++ }
++
++
+++/* helper function for readability: test whether a given struct
+++ timespec is set to all-zeros */
+++static inline int
+++tv_is_set (struct timespec tv)
+++{
+++ return tv.tv_sec || tv.tv_nsec;
+++}
+++
+++
++ /* Connection handler loop. Wait for connection requests and spawn a
++ thread after accepting a connection. */
++ static void
++@@ -2837,9 +2833,11 @@ handle_connections (gnupg_fd_t listen_fd,
++ gnupg_fd_t fd;
++ int nfd;
++ int saved_errno;
+++ int idx;
++ struct timespec abstime;
++ struct timespec curtime;
++ struct timespec timeout;
+++ struct timespec *select_timeout;
++ #ifdef HAVE_W32_SYSTEM
++ HANDLE events[2];
++ unsigned int events_set;
++@@ -2856,6 +2854,14 @@ handle_connections (gnupg_fd_t listen_fd,
++ { "browser", start_connection_thread_browser },
++ { "ssh", start_connection_thread_ssh }
++ };
+++ struct {
+++ struct timespec interval;
+++ void (*func) (void);
+++ struct timespec next;
+++ } timertbl[] = {
+++ { { TIMERTICK_INTERVAL, 0 }, handle_tick },
+++ { { CHECK_OWN_SOCKET_INTERVAL, 0 }, check_own_socket }
+++ };
++
++
++ ret = npth_attr_init(&tattr);
++@@ -2963,9 +2969,6 @@ handle_connections (gnupg_fd_t listen_fd,
++ listentbl[2].l_fd = listen_fd_browser;
++ listentbl[3].l_fd = listen_fd_ssh;
++
++- npth_clock_gettime (&abstime);
++- abstime.tv_sec += TIMERTICK_INTERVAL;
++-
++ for (;;)
++ {
++ /* Shutdown test. */
++@@ -3000,18 +3003,46 @@ handle_connections (gnupg_fd_t listen_fd,
++ thus a simple assignment is fine to copy the entire set. */
++ read_fdset = fdset;
++
+++ /* loop through all timers, fire any registered functions, and
+++ plan next timer to trigger */
++ npth_clock_gettime (&curtime);
++- if (!(npth_timercmp (&curtime, &abstime, <)))
++- {
++- /* Timeout. */
++- handle_tick ();
++- npth_clock_gettime (&abstime);
++- abstime.tv_sec += TIMERTICK_INTERVAL;
++- }
++- npth_timersub (&abstime, &curtime, &timeout);
+++ abstime.tv_sec = abstime.tv_nsec = 0;
+++ for (idx=0; idx < DIM(timertbl); idx++)
+++ {
+++ /* schedule any unscheduled timers */
+++ if ((!tv_is_set (timertbl[idx].next)) && tv_is_set (timertbl[idx].interval))
+++ npth_timeradd (&timertbl[idx].interval, &curtime, &timertbl[idx].next);
+++ /* if a timer is due, fire it ... */
+++ if (tv_is_set (timertbl[idx].next))
+++ {
+++ if (!(npth_timercmp (&curtime, &timertbl[idx].next, <)))
+++ {
+++ timertbl[idx].func ();
+++ npth_clock_gettime (&curtime);
+++ /* ...and reschedule it, if desired: */
+++ if (tv_is_set (timertbl[idx].interval))
+++ npth_timeradd (&timertbl[idx].interval, &curtime, &timertbl[idx].next);
+++ else
+++ timertbl[idx].next.tv_sec = timertbl[idx].next.tv_nsec = 0;
+++ }
+++ }
+++ /* accumulate next timer to come due in abstime: */
+++ if (tv_is_set (timertbl[idx].next) &&
+++ ((!tv_is_set (abstime)) ||
+++ (npth_timercmp (&abstime, &timertbl[idx].next, >))))
+++ abstime = timertbl[idx].next;
+++ }
+++ /* choose a timeout for the select loop: */
+++ if (tv_is_set (abstime))
+++ {
+++ npth_timersub (&abstime, &curtime, &timeout);
+++ select_timeout = &timeout;
+++ }
+++ else
+++ select_timeout = NULL;
++
++ #ifndef HAVE_W32_SYSTEM
++- ret = npth_pselect (nfd+1, &read_fdset, NULL, NULL, &timeout,
+++ ret = npth_pselect (nfd+1, &read_fdset, NULL, NULL, select_timeout,
++ npth_sigev_sigmask ());
++ saved_errno = errno;
++
++@@ -3021,7 +3052,7 @@ handle_connections (gnupg_fd_t listen_fd,
++ handle_signal (signo);
++ }
++ #else
++- ret = npth_eselect (nfd+1, &read_fdset, NULL, NULL, &timeout,
+++ ret = npth_eselect (nfd+1, &read_fdset, NULL, NULL, select_timeout,
++ events, &events_set);
++ saved_errno = errno;
++
++@@ -3066,7 +3097,6 @@ handle_connections (gnupg_fd_t listen_fd,
++
++ if (!shutdown_pending)
++ {
++- int idx;
++ ctrl_t ctrl;
++ npth_t thread;
++
--- /dev/null
--- /dev/null
++From: Vincent Breitmoser <look@my.amazin.horse>
++Date: Thu, 13 Jun 2019 21:27:43 +0200
++Subject: gpg: accept subkeys with a good revocation but no self-sig during
++ import
++
++* g10/import.c (chk_self_sigs): Set the NODE_GOOD_SELFSIG flag when we
++encounter a valid revocation signature. This allows import of subkey
++revocation signatures, even in the absence of a corresponding subkey
++binding signature.
++
++--
++
++This fixes the remaining test in import-incomplete.scm.
++
++GnuPG-Bug-id: 4393
++Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++---
++ g10/import.c | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/g10/import.c b/g10/import.c
++index cddb7c2..cf978e8 100644
++--- a/g10/import.c
+++++ b/g10/import.c
++@@ -3619,6 +3619,7 @@ chk_self_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid, int *non_self)
++ /* It's valid, so is it newer? */
++ if (sig->timestamp >= rsdate)
++ {
+++ knode->flag |= NODE_GOOD_SELFSIG; /* Subkey is valid. */
++ if (rsnode)
++ {
++ /* Delete the last revocation sig since
--- /dev/null
--- /dev/null
++From: Vincent Breitmoser <look@my.amazin.horse>
++Date: Thu, 13 Jun 2019 21:27:42 +0200
++Subject: gpg: allow import of previously known keys, even without UIDs
++
++* g10/import.c (import_one): Accept an incoming OpenPGP certificate that
++has no user id, as long as we already have a local variant of the cert
++that matches the primary key.
++
++--
++
++This fixes two of the three broken tests in import-incomplete.scm.
++
++GnuPG-Bug-id: 4393
++Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++---
++ g10/import.c | 44 +++++++++++---------------------------------
++ 1 file changed, 11 insertions(+), 33 deletions(-)
++
++diff --git a/g10/import.c b/g10/import.c
++index 0a72a76..cddb7c2 100644
++--- a/g10/import.c
+++++ b/g10/import.c
++@@ -1801,7 +1801,6 @@ import_one_real (ctrl_t ctrl,
++ size_t an;
++ char pkstrbuf[PUBKEY_STRING_SIZE];
++ int merge_keys_done = 0;
++- int any_filter = 0;
++ KEYDB_HANDLE hd = NULL;
++
++ if (r_valid)
++@@ -1838,14 +1837,6 @@ import_one_real (ctrl_t ctrl,
++ log_printf ("\n");
++ }
++
++-
++- if (!uidnode )
++- {
++- if (!silent)
++- log_error( _("key %s: no user ID\n"), keystr_from_pk(pk));
++- return 0;
++- }
++-
++ if (screener && screener (keyblock, screener_arg))
++ {
++ log_error (_("key %s: %s\n"), keystr_from_pk (pk),
++@@ -1920,17 +1911,10 @@ import_one_real (ctrl_t ctrl,
++ }
++ }
++
++- if (!delete_inv_parts (ctrl, keyblock, keyid, options ) )
++- {
++- if (!silent)
++- {
++- log_error( _("key %s: no valid user IDs\n"), keystr_from_pk(pk));
++- if (!opt.quiet )
++- log_info(_("this may be caused by a missing self-signature\n"));
++- }
++- stats->no_user_id++;
++- return 0;
++- }
+++ /* Delete invalid parts, and note if we have any valid ones left.
+++ * We will later abort import if this key is new but contains
+++ * no valid uids. */
+++ delete_inv_parts (ctrl, keyblock, keyid, options);
++
++ /* Get rid of deleted nodes. */
++ commit_kbnode (&keyblock);
++@@ -1940,24 +1924,11 @@ import_one_real (ctrl_t ctrl,
++ {
++ apply_keep_uid_filter (ctrl, keyblock, import_filter.keep_uid);
++ commit_kbnode (&keyblock);
++- any_filter = 1;
++ }
++ if (import_filter.drop_sig)
++ {
++ apply_drop_sig_filter (ctrl, keyblock, import_filter.drop_sig);
++ commit_kbnode (&keyblock);
++- any_filter = 1;
++- }
++-
++- /* If we ran any filter we need to check that at least one user id
++- * is left in the keyring. Note that we do not use log_error in
++- * this case. */
++- if (any_filter && !any_uid_left (keyblock))
++- {
++- if (!opt.quiet )
++- log_info ( _("key %s: no valid user IDs\n"), keystr_from_pk (pk));
++- stats->no_user_id++;
++- return 0;
++ }
++
++ /* The keyblock is valid and ready for real import. */
++@@ -2015,6 +1986,13 @@ import_one_real (ctrl_t ctrl,
++ err = 0;
++ stats->skipped_new_keys++;
++ }
+++ else if (err && !any_uid_left (keyblock))
+++ {
+++ if (!silent)
+++ log_info( _("key %s: new key but contains no user ID - skipped\n"), keystr(keyid));
+++ err = 0;
+++ stats->no_user_id++;
+++ }
++ else if (err) /* Insert this key. */
++ {
++ /* Note: ERR can only be NO_PUBKEY or UNUSABLE_PUBKEY. */
--- /dev/null
--- /dev/null
++From: Vincent Breitmoser <look@my.amazin.horse>
++Date: Thu, 13 Jun 2019 21:27:41 +0200
++Subject: tests: add test cases for import without uid
++
++This commit adds a test case that does the following, in order:
++- Import of a primary key plus user id
++- Check that import of a subkey works, without a user id present in the
++imported key
++- Check that import of a subkey revocation works, without a user id or
++subkey binding signature present in the imported key
++- Check that import of a primary key revocation works, without a user id
++present in the imported key
++
++--
++
++Note that this test currently fails. The following changesets will
++fix gpg so that the tests pass.
++
++GnuPG-Bug-id: 4393
++Signed-Off-By: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++---
++ tests/openpgp/Makefile.am | 1 +
++ tests/openpgp/import-incomplete.scm | 68 ++++++++++++++++++++++
++ .../import-incomplete/primary+revocation.asc | 9 +++
++ .../primary+subkey+sub-revocation.asc | 10 ++++
++ .../import-incomplete/primary+subkey+sub-sig.asc | 10 ++++
++ .../openpgp/import-incomplete/primary+uid-sig.asc | 10 ++++
++ tests/openpgp/import-incomplete/primary+uid.asc | 10 ++++
++ 7 files changed, 118 insertions(+)
++ create mode 100755 tests/openpgp/import-incomplete.scm
++ create mode 100644 tests/openpgp/import-incomplete/primary+revocation.asc
++ create mode 100644 tests/openpgp/import-incomplete/primary+subkey+sub-revocation.asc
++ create mode 100644 tests/openpgp/import-incomplete/primary+subkey+sub-sig.asc
++ create mode 100644 tests/openpgp/import-incomplete/primary+uid-sig.asc
++ create mode 100644 tests/openpgp/import-incomplete/primary+uid.asc
++
++diff --git a/tests/openpgp/Makefile.am b/tests/openpgp/Makefile.am
++index f6014c9..6423da1 100644
++--- a/tests/openpgp/Makefile.am
+++++ b/tests/openpgp/Makefile.am
++@@ -78,6 +78,7 @@ XTESTS = \
++ gpgv-forged-keyring.scm \
++ armor.scm \
++ import.scm \
+++ import-incomplete.scm \
++ import-revocation-certificate.scm \
++ ecc.scm \
++ 4gb-packet.scm \
++diff --git a/tests/openpgp/import-incomplete.scm b/tests/openpgp/import-incomplete.scm
++new file mode 100755
++index 0000000..727a027
++--- /dev/null
+++++ b/tests/openpgp/import-incomplete.scm
++@@ -0,0 +1,68 @@
+++#!/usr/bin/env gpgscm
+++
+++;; Copyright (C) 2016 g10 Code GmbH
+++;;
+++;; This file is part of GnuPG.
+++;;
+++;; GnuPG is free software; you can redistribute it and/or modify
+++;; it under the terms of the GNU General Public License as published by
+++;; the Free Software Foundation; either version 3 of the License, or
+++;; (at your option) any later version.
+++;;
+++;; GnuPG is distributed in the hope that it will be useful,
+++;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+++;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+++;; GNU General Public License for more details.
+++;;
+++;; You should have received a copy of the GNU General Public License
+++;; along with this program; if not, see <http://www.gnu.org/licenses/>.
+++
+++(load (in-srcdir "tests" "openpgp" "defs.scm"))
+++(setup-environment)
+++
+++(call-check `(,(tool 'gpg) --import ,(in-srcdir "tests" "openpgp" "import-incomplete" "primary+uid.asc")))
+++
+++(info "Test import of new subkey, from a certificate without uid")
+++(define keyid "573EA710367356BB")
+++(call-check `(,(tool 'gpg) --import ,(in-srcdir "tests" "openpgp" "import-incomplete" "primary+subkey+sub-sig.asc")))
+++(tr:do
+++ (tr:pipe-do
+++ (pipe:gpg `(--list-keys --with-colons ,keyid)))
+++ (tr:call-with-content
+++ (lambda (c)
+++ ;; XXX we do not have a regexp library
+++ (unless (any (lambda (line)
+++ (and (string-prefix? line "sub:")
+++ (string-contains? line "573EA710367356BB")))
+++ (string-split-newlines c))
+++ (exit 1)))))
+++
+++(info "Test import of a subkey revocation, from a certificate without uid")
+++(define keyid "573EA710367356BB")
+++(call-check `(,(tool 'gpg) --import ,(in-srcdir "tests" "openpgp" "import-incomplete" "primary+subkey+sub-revocation.asc")))
+++(tr:do
+++ (tr:pipe-do
+++ (pipe:gpg `(--list-keys --with-colons ,keyid)))
+++ (tr:call-with-content
+++ (lambda (c)
+++ ;; XXX we do not have a regexp library
+++ (unless (any (lambda (line)
+++ (and (string-prefix? line "sub:r:")
+++ (string-contains? line "573EA710367356BB")))
+++ (string-split-newlines c))
+++ (exit 1)))))
+++
+++(info "Test import of revocation, from a certificate without uid")
+++(call-check `(,(tool 'gpg) --import ,(in-srcdir "tests" "openpgp" "import-incomplete" "primary+revocation.asc")))
+++(tr:do
+++ (tr:pipe-do
+++ (pipe:gpg `(--list-keys --with-colons ,keyid)))
+++ (tr:call-with-content
+++ (lambda (c)
+++ ;; XXX we do not have a regexp library
+++ (unless (any (lambda (line)
+++ (and (string-prefix? line "pub:r:")
+++ (string-contains? line "0843DA969AA8DAFB")))
+++ (string-split-newlines c))
+++ (exit 1)))))
+++
++diff --git a/tests/openpgp/import-incomplete/primary+revocation.asc b/tests/openpgp/import-incomplete/primary+revocation.asc
++new file mode 100644
++index 0000000..6b7b608
++--- /dev/null
+++++ b/tests/openpgp/import-incomplete/primary+revocation.asc
++@@ -0,0 +1,9 @@
+++-----BEGIN PGP PUBLIC KEY BLOCK-----
+++Comment: [E] primary key, revocation signature over primary (no user ID)
+++
+++mDMEXNmUGRYJKwYBBAHaRw8BAQdA75R8VlchvmEd2Iz/8l07RoKUaUPDB71Ao1zZ
+++631VAN2IeAQgFggAIBYhBLRpj5W82H/gSMzKKQhD2paaqNr7BQJc2ZQZAh0AAAoJ
+++EAhD2paaqNr7qAwA/2jBUpnN0BxwRO/4CrxvrLIsL+C9aSXJUOTv8XkP4lvtAQD3
+++XsDFfFNgEueiTfF7HtOGt5LPmRqVvUpQSMVgJJW6CQ==
+++=tM90
+++-----END PGP PUBLIC KEY BLOCK-----
++diff --git a/tests/openpgp/import-incomplete/primary+subkey+sub-revocation.asc b/tests/openpgp/import-incomplete/primary+subkey+sub-revocation.asc
++new file mode 100644
++index 0000000..83a51a5
++--- /dev/null
+++++ b/tests/openpgp/import-incomplete/primary+subkey+sub-revocation.asc
++@@ -0,0 +1,10 @@
+++-----BEGIN PGP PUBLIC KEY BLOCK-----
+++Comment: [D] primary key, subkey, subkey revocation (no user ID)
+++
+++mDMEXNmUGRYJKwYBBAHaRw8BAQdA75R8VlchvmEd2Iz/8l07RoKUaUPDB71Ao1zZ
+++631VAN24OARc2ZQhEgorBgEEAZdVAQUBAQdABsd5ha0AWXdXcSmfeiWIfrNcGqQK
+++j++lwwWDAOlkVicDAQgHiHgEKBYIACAWIQS0aY+VvNh/4EjMyikIQ9qWmqja+wUC
+++XNmnkAIdAgAKCRAIQ9qWmqja+ylaAQDmIKf86BJEq4OpDqU+V9D+wn2cyuxbyWVQ
+++3r9LiL9qNwD/QAjyrhSN8L3Mfq+wdTHo5i0yB9ZCCpHLXSbhCqfWZwQ=
+++=dwx2
+++-----END PGP PUBLIC KEY BLOCK-----
++diff --git a/tests/openpgp/import-incomplete/primary+subkey+sub-sig.asc b/tests/openpgp/import-incomplete/primary+subkey+sub-sig.asc
++new file mode 100644
++index 0000000..dc47a02
++--- /dev/null
+++++ b/tests/openpgp/import-incomplete/primary+subkey+sub-sig.asc
++@@ -0,0 +1,10 @@
+++-----BEGIN PGP PUBLIC KEY BLOCK-----
+++Comment: [B] primary key, subkey, subkey binding sig (no user ID)
+++
+++mDMEXNmUGRYJKwYBBAHaRw8BAQdA75R8VlchvmEd2Iz/8l07RoKUaUPDB71Ao1zZ
+++631VAN24OARc2ZQhEgorBgEEAZdVAQUBAQdABsd5ha0AWXdXcSmfeiWIfrNcGqQK
+++j++lwwWDAOlkVicDAQgHiHgEGBYIACAWIQS0aY+VvNh/4EjMyikIQ9qWmqja+wUC
+++XNmUIQIbDAAKCRAIQ9qWmqja++vFAP98G1L+1/rWTGbsnxOAV2RocBYIroAvsbkR
+++Ly6FdP8YNwEA7jOgT05CoKIe37MstpOz23mM80AK369Ca3JMmKKCQgg=
+++=xuDu
+++-----END PGP PUBLIC KEY BLOCK-----
++diff --git a/tests/openpgp/import-incomplete/primary+uid-sig.asc b/tests/openpgp/import-incomplete/primary+uid-sig.asc
++new file mode 100644
++index 0000000..134607d
++--- /dev/null
+++++ b/tests/openpgp/import-incomplete/primary+uid-sig.asc
++@@ -0,0 +1,10 @@
+++-----BEGIN PGP PUBLIC KEY BLOCK-----
+++Comment: [C] primary key and self-sig expiring in 2024 (no user ID)
+++
+++mDMEXNmUGRYJKwYBBAHaRw8BAQdA75R8VlchvmEd2Iz/8l07RoKUaUPDB71Ao1zZ
+++631VAN2IlgQTFggAPgIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBLRpj5W8
+++2H/gSMzKKQhD2paaqNr7BQJc2ZR1BQkJZgHcAAoJEAhD2paaqNr79soA/0lWkUsu
+++3NLwgbni6EzJxnTzgeNMpljqNpipHAwfix9hAP93AVtFdC8g7hdUZxawobl9lnSN
+++9ohXOEBWvdJgVv2YAg==
+++=KWIK
+++-----END PGP PUBLIC KEY BLOCK-----
++diff --git a/tests/openpgp/import-incomplete/primary+uid.asc b/tests/openpgp/import-incomplete/primary+uid.asc
++new file mode 100644
++index 0000000..055f300
++--- /dev/null
+++++ b/tests/openpgp/import-incomplete/primary+uid.asc
++@@ -0,0 +1,10 @@
+++-----BEGIN PGP PUBLIC KEY BLOCK-----
+++Comment: [A] primary key, user ID, and self-sig expiring in 2021
+++
+++mDMEXNmUGRYJKwYBBAHaRw8BAQdA75R8VlchvmEd2Iz/8l07RoKUaUPDB71Ao1zZ
+++631VAN20CHRlc3Qga2V5iJYEExYIAD4WIQS0aY+VvNh/4EjMyikIQ9qWmqja+wUC
+++XNmUGQIbAwUJA8JnAAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRAIQ9qWmqja
++++0G1AQDdQiwhXxjXLMqoth+D4SigVHTJK8ORwifzsy3UE7mPGwD/aZ67XbAF/lgI
+++kv2O1Jo0u9BL9RNNF+L0DM7rAFbfMAs=
+++=1eII
+++-----END PGP PUBLIC KEY BLOCK-----
--- /dev/null
--- /dev/null
++From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Date: Thu, 11 Jul 2019 21:52:11 -0400
++Subject: Use hkps://keys.openpgp.org as the default keyserver
++
++As of 2.2.17, GnuPG will refuse to accept any third-party
++certifications from OpenPGP certificates pulled from the keyserver
++network.
++
++The SKS keyserver network currently has at least a dozen popular
++certificates which are flooded with enough unusable third-party
++certifications that they cannot be retrieved in any reasonable amount
++of time.
++
++The hkps://keys.openpgp.org keyserver installation offers HKPS,
++performs cryptographic validation, and by policy does not distribute
++third-party certifications anyway.
++
++It is not distributed or federated yet, unfortunately, but it is
++functional, which is more than can be said for the dying SKS pool.
++And given that GnuPG is going to reject all the third-party
++certifications anyway, there is no clear "web of trust" rationale for
++relying on the SKS pool.
++
++One sticking point is that keys.openpgp.org does not distribute user
++IDs unless the user has proven control of the associated e-mail
++address. This means that on standard upstream GnuPG, retrieving
++revocations or subkey updates of those certificates will fail, because
++upstream GnuPG ignores any incoming certificate without a user ID,
++even if it knows a user ID in the local copy of the certificate (see
++https://dev.gnupg.org/T4393).
++
++However, we have three patches in
++debian/patches/import-merge-without-userid/ that together fix that
++bug.
++
++Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++
++(cherry picked from commit 59e8aac9d6f2ee322a753373013032bbb13e3eb3)
++---
++ configure.ac | 2 +-
++ doc/dirmngr.texi | 2 +-
++ 2 files changed, 2 insertions(+), 2 deletions(-)
++
++diff --git a/configure.ac b/configure.ac
++index 8c68cb8..d601356 100644
++--- a/configure.ac
+++++ b/configure.ac
++@@ -1870,7 +1870,7 @@ AC_DEFINE_UNQUOTED(SCDAEMON_SOCK_NAME, "S.scdaemon",
++ AC_DEFINE_UNQUOTED(DIRMNGR_SOCK_NAME, "S.dirmngr",
++ [The name of the dirmngr socket])
++ AC_DEFINE_UNQUOTED(DIRMNGR_DEFAULT_KEYSERVER,
++- "hkps://hkps.pool.sks-keyservers.net",
+++ "hkps://keys.openpgp.org",
++ [The default keyserver for dirmngr to use, if none is explicitly given])
++
++ AC_DEFINE_UNQUOTED(GPGEXT_GPG, "gpg", [The standard binary file suffix])
++diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi
++index 8e6cbc6..d79447f 100644
++--- a/doc/dirmngr.texi
+++++ b/doc/dirmngr.texi
++@@ -328,7 +328,7 @@ whether Tor is locally running or not. The check for a running Tor is
++ done for each new connection.
++
++ If no keyserver is explicitly configured, dirmngr will use the
++-built-in default of hkps://hkps.pool.sks-keyservers.net.
+++built-in default of hkps://keys.openpgp.org.
++
++ @item --nameserver @var{ipaddr}
++ @opindex nameserver
--- /dev/null
--- /dev/null
++From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Date: Sun, 30 Jun 2019 11:54:35 -0400
++Subject: dirmngr: Only use SKS pool CA for SKS pool
++
++* dirmngr/http.c (http_session_new): when checking whether the
++keyserver is the HKPS pool, check specifically against the pool name,
++as ./configure might have been used to select a different default
++keyserver. It makes no sense to apply Kristian's certificate
++authority to anything other than the literal host
++hkps.pool.sks-keyservers.net.
++
++Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++
++(cherry picked from commit 3233382068b7c477907daac697164b81ae45a7f4)
++---
++ dirmngr/http.c | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/dirmngr/http.c b/dirmngr/http.c
++index 1ba8e79..869e146 100644
++--- a/dirmngr/http.c
+++++ b/dirmngr/http.c
++@@ -767,7 +767,7 @@ http_session_new (http_session_t *r_session,
++
++ is_hkps_pool = (intended_hostname
++ && !ascii_strcasecmp (intended_hostname,
++- get_default_keyserver (1)));
+++ "hkps.pool.sks-keyservers.net"));
++
++ /* If the user has not specified a CA list, and they are looking
++ * for the hkps pool from sks-keyservers.net, then default to
--- /dev/null
--- /dev/null
++From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Date: Mon, 15 Jul 2019 16:24:35 -0400
++Subject: gpg: drop import-clean from default keyserver import options
++
++* g10/gpg.c (main): drop IMPORT_CLEAN from the
++default opt.keyserver_options.import_options
++* doc/gpg.texi: reflect this change in the documentation
++
++Given that SELF_SIGS_ONLY is already set, it's not clear what
++additional benefit IMPORT_CLEAN provides. Furthermore, IMPORT_CLEAN
++means that receiving an OpenPGP certificate from a keyserver will
++potentially delete data that is otherwise held in the local keyring,
++which is surprising to users who expect retrieval from the keyservers
++to be purely additive.
++
++GnuPG-Bug-Id: 4628
++Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++
++(cherry picked from commit 84bce011aaa2db19f10c1f763110e840c7b7019f)
++---
++ doc/gpg.texi | 2 +-
++ g10/gpg.c | 3 +--
++ 2 files changed, 2 insertions(+), 3 deletions(-)
++
++diff --git a/doc/gpg.texi b/doc/gpg.texi
++index c8fb241..0f13589 100644
++--- a/doc/gpg.texi
+++++ b/doc/gpg.texi
++@@ -1907,7 +1907,7 @@ are available for all keyserver types, some common options are:
++
++ @end table
++
++-The default list of options is: "self-sigs-only, import-clean,
+++The default list of options is: "self-sigs-only,
++ repair-keys, repair-pks-subkey-bug, export-attributes,
++ honor-pka-record".
++
++diff --git a/g10/gpg.c b/g10/gpg.c
++index 6e5e901..f05a493 100644
++--- a/g10/gpg.c
+++++ b/g10/gpg.c
++@@ -2374,8 +2374,7 @@ main (int argc, char **argv)
++ opt.export_options = EXPORT_ATTRIBUTES;
++ opt.keyserver_options.import_options = (IMPORT_REPAIR_KEYS
++ | IMPORT_REPAIR_PKS_SUBKEY_BUG
++- | IMPORT_SELF_SIGS_ONLY
++- | IMPORT_CLEAN);
+++ | IMPORT_SELF_SIGS_ONLY);
++ opt.keyserver_options.export_options = EXPORT_ATTRIBUTES;
++ opt.keyserver_options.options = KEYSERVER_HONOR_PKA_RECORD;
++ opt.verify_options = (LIST_SHOW_UID_VALIDITY
--- /dev/null
--- /dev/null
++debian-packaging/avoid-beta-warning.patch
++debian-packaging/avoid-regenerating-defsincdate-use-shipped-file.patch
++block-ptrace-on-secret-daemons/Avoid-simple-memory-dumps-via-ptrace.patch
++dirmngr-idling/dirmngr-hkp-Avoid-potential-race-condition-when-some.patch
++dirmngr-idling/dirmngr-Avoid-need-for-hkp-housekeeping.patch
++dirmngr-idling/dirmngr-Avoid-automatically-checking-upstream-swdb.patch
++gpg-agent-idling/agent-Create-framework-of-scheduled-timers.patch
++gpg-agent-idling/agent-Allow-threads-to-interrupt-main-select-loop-wi.patch
++gpg-agent-idling/agent-Avoid-tight-timer-tick-when-possible.patch
++gpg-agent-idling/agent-Avoid-scheduled-checks-on-socket-when-inotify-.patch
++from-master/gpg-default-to-3072-bit-RSA-keys.patch
++from-master/gpg-default-to-AES-256.patch
++from-master/agent-Fix-cancellation-handling-for-scdaemon.patch
++update-defaults/gpg-Default-to-SHA-512-for-all-signature-types-on-RS.patch
++update-defaults/gpg-Prefer-SHA-512-and-SHA-384-in-personal-digest.patch
++Make-gpg-zip-use-tar-from-PATH.patch
++fix-spelling.patch
++from-2.2.13/wks-Do-not-use-compression-for-the-encrypted-data.patch
++from-2.2.13/Silence-compiler-warnings-new-with-gcc-8.patch
++from-2.2.13/gpg-Stop-early-when-trying-to-create-a-primary-Elgamal-ke.patch
++from-2.2.13/doc-Mark-keyserver-options-timeout-and-http-proxy-as-obso.patch
++from-2.2.13/gpg-Allow-generating-Ed25519-key-from-an-existing-key.patch
++from-2.2.13/dirmngr-Fix-initialization-of-assuan-s-nPth-hook.patch
++from-2.2.13/agent-Clear-bogus-pinentry-cache-when-it-causes-an-error.patch
++from-2.2.13/gpg-Emit-an-ERROR-status-if-no-key-was-found-with-list-ke.patch
++from-2.2.14/common-Fix-gnupg_wait_processes.patch
++from-2.2.14/scd-Distinguish-cancel-by-user-and-protocol-error.patch
++from-2.2.14/gpg-Fix-comparison.patch
++from-2.2.14/gpgscm-Build-well-even-if-NDEBUG-defined.patch
++from-2.2.14/agent-Fix-for-suggested-Libgcrypt-use.patch
++from-2.2.14/gpgsm-default-to-3072-bit-keys.patch
++from-2.2.14/sm-Don-t-mark-a-cert-as-de-vs-compliant-if-it-leads-to-SH.patch
++from-2.2.14/gpgv-Improve-documentation-for-keyring-choices.patch
++from-2.2.14/agent-Support-mode-ssh-option-for-CLEAR_PASSPHRASE.patch
++from-2.2.14/tests-Add-disable-scdaemon-in-gpg-agent.conf.patch
++from-2.2.14/sm-Print-Yubikey-attestation-extensions-with-dump-cert.patch
++from-2.2.14/gpg-Make-invalid-primary-key-algos-obvious-in-key-listing.patch
++from-2.2.14/dirmngr-Add-CSRF-protection-exception-for-protonmail.patch
++from-2.2.14/gpg-During-secret-key-import-print-sec-instead-of-pub.patch
++from-2.2.14/tests-Add-sample-secret-key-w-o-binding-signatures.patch
++from-2.2.14/gpg-Avoid-importing-secret-keys-if-the-keyblock-is-not-va.patch
++from-2.2.14/gpg-Allow-import-of-PGP-desktop-exported-secret-keys.patch
++from-2.2.14/gpg-Do-not-bail-out-on-v5-keys-in-the-local-keyring.patch
++from-2.2.15/doc-fix-formatting-error.patch
++from-2.2.15/wkd-New-command-print-wkd-hash-for-gpg-wks-client.patch
++from-2.2.15/doc-Clarify-option-no-keyring.patch
++from-2.2.15/wkd-New-command-print-wkd-url-for-gpg-wks-client.patch
++from-2.2.15/agent-Allow-other-ssh-fingerprint-algos-in-KEYINFO.patch
++from-2.2.15/sm-Allow-decryption-even-if-expired-other-keys-are-config.patch
++from-2.2.16/gpg-Don-t-use-EdDSA-algo-ID-for-ECDSA-curves.patch
++from-2.2.16/g10-Fix-symmetric-cipher-algo-constant-for-ECDH.patch
++from-2.2.16/dirmngr-Better-error-code-for-http-status-413.patch
++from-2.2.16/gpg-Set-a-limit-of-5-to-the-number-of-keys-imported-from-.patch
++from-2.2.16/gpg-Accept-also-armored-data-from-the-WKD.patch
++from-2.2.16/g10-Fix-double-free-when-locating-by-mbox.patch
++from-2.2.16/gpg-Use-just-the-addrspec-from-the-Signer-s-UID.patch
++from-2.2.16/doc-Minor-doc-fix-to-dirmngr.patch
++from-2.2.16/dirmngr-Add-a-CSRF-expection-for-pm.me.patch
++from-2.2.16/doc-correct-documentation-for-gpgconf-kill.patch
++from-2.2.16/gpg-Change-update_keysig_packet-to-replace-SHA-1-by-SHA-2.patch
++from-2.2.16/g10-Fix-possible-null-dereference.patch
++from-2.2.16/gpg-Do-not-print-a-hint-to-use-the-deprecated-keyserver-o.patch
++from-2.2.16/doc-Minor-edit-for-a-gpg-option.patch
++from-2.2.16/agent-correct-length-for-uri-and-comment-on-64-bit-big-en.patch
++from-2.2.16/gpgconf-Support-homedir-for-launch.patch
++from-2.2.16/gpg-enable-OpenPGP-export-of-cleartext-keys-with-comments.patch
++from-2.2.16/doc-Do-not-mention-gpg-s-deprecated-keyserver-option.patch
++from-2.2.16/gpgconf-Before-launch-check-that-the-config-file-is-fine.patch
++from-2.2.16/gpg-Do-not-delete-any-keys-if-dry-run-is-passed.patch
++from-2.2.16/agent-For-SSH-key-don-t-put-NUL-byte-at-the-end.patch
++from-2.2.16/gpg-Do-not-allow-creation-of-user-ids-larger-than-our-par.patch
++from-2.2.16/gpg-Do-not-bail-on-an-invalid-packet-in-the-local-keyring.patch
++from-2.2.16/agent-Stop-scdaemon-after-reload-when-disable_scdaemon.patch
++from-2.2.16/gpg-Allow-deletion-of-subkeys-with-delete-secret-key.patch
++from-2.2.16/dirmngr-Allow-for-other-hash-algorithms-than-SHA-1-in-OCS.patch
++from-2.2.17/doc-wks.texi-fix-typo.patch
++from-2.2.17/Return-better-error-code-for-some-getinfo-IPC-commands.patch
++from-2.2.17/spelling-Fix-synchronize.patch
++from-2.2.17/tools-gpgconf-Killing-order-is-children-first.patch
++from-2.2.17/gpg-Make-read_block-in-import.c-more-flexible.patch
++from-2.2.17/gpg-New-import-and-keyserver-option-self-sigs-only.patch
++from-2.2.17/gpg-Fallback-to-import-with-self-sigs-only-on-too-large-k.patch
++from-2.2.17/dirmngr-Support-the-new-WKD-draft-with-the-openpgpkey-sub.patch
++from-2.2.17/Mention-sender-in-documentation.patch
++from-2.2.17/dirmngr-Do-not-rewrite-the-redirection-for-the-openpgpkey.patch
++from-2.2.17/dirmngr-Avoid-endless-loop-in-case-of-HTTP-error-503.patch
++from-2.2.17/gpg-Add-self-sigs-only-and-import-clean-to-the-keyserver-.patch
++from-2.2.17/dirmngr-fix-handling-of-HTTPS-redirections-during-HKP.patch
++from-2.2.17/gpg-Fix-regression-in-option-self-sigs-only.patch
++from-2.2.17/gpg-Do-not-try-the-import-fallback-if-the-options-are-alr.patch
++from-2.2.18-prerelease/gpg-Fix-keyring-retrieval.patch
++from-2.2.18-prerelease/gpg-Improve-import-slowness.patch
++from-2.2.18-prerelease/dirmngr-Don-t-add-system-CAs-for-SKS-HKPS-pool.patch
++keyserver-cleanup/dirmngr-Only-use-SKS-pool-CA-for-SKS-pool.patch
++keyserver-cleanup/gpg-drop-import-clean-from-default-keyserver-import-optio.patch
++keyserver-cleanup/Use-hkps-keys.openpgp.org-as-the-default-keyserver.patch
++import-merge-without-userid/tests-add-test-cases-for-import-without-uid.patch
++import-merge-without-userid/gpg-allow-import-of-previously-known-keys-even-without-UI.patch
++import-merge-without-userid/gpg-accept-subkeys-with-a-good-revocation-but-no-self-sig.patch
++from-master/g10-Fix-garbled-status-messages-in-NOTATION_DATA.patch
--- /dev/null
--- /dev/null
++From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Date: Thu, 7 Sep 2017 18:49:35 -0400
++Subject: gpg: Default to SHA-512 for all signature types on RSA keys.
++
++* g10/main.h (DEFAULT_DIGEST_ALGO): Use SHA512 instead of SHA256 in
++--gnupg mode (leave strict RFC and PGP modes alone).
++* configure.ac: Do not allow disabling sha512.
++* g10/misc.c (map_md_openpgp_to_gcry): Always support SHA512.
++
++--
++
++SHA512 is more performant on most 64-bit platforms than SHA256, and
++offers a better security margin. It is also widely implemented.
++
++Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++---
++ configure.ac | 2 +-
++ g10/main.h | 2 +-
++ g10/misc.c | 5 +----
++ 3 files changed, 3 insertions(+), 6 deletions(-)
++
++diff --git a/configure.ac b/configure.ac
++index b5a72e6..8c68cb8 100644
++--- a/configure.ac
+++++ b/configure.ac
++@@ -317,7 +317,7 @@ GNUPG_GPG_DISABLE_ALGO([rmd160],[RIPE-MD160 hash])
++ GNUPG_GPG_DISABLE_ALGO([sha224],[SHA-224 hash])
++ # SHA256 is a MUST algorithm for GnuPG.
++ GNUPG_GPG_DISABLE_ALGO([sha384],[SHA-384 hash])
++-GNUPG_GPG_DISABLE_ALGO([sha512],[SHA-512 hash])
+++# SHA512 is a MUST algorithm for GnuPG.
++
++
++ # Allow disabling of zip support.
++diff --git a/g10/main.h b/g10/main.h
++index 6f93de9..dcd3767 100644
++--- a/g10/main.h
+++++ b/g10/main.h
++@@ -41,7 +41,7 @@
++ # define DEFAULT_CIPHER_ALGO CIPHER_ALGO_3DES
++ #endif
++
++-#define DEFAULT_DIGEST_ALGO ((GNUPG)? DIGEST_ALGO_SHA256:DIGEST_ALGO_SHA1)
+++#define DEFAULT_DIGEST_ALGO ((GNUPG)? DIGEST_ALGO_SHA512:DIGEST_ALGO_SHA1)
++ #define DEFAULT_S2K_DIGEST_ALGO DIGEST_ALGO_SHA1
++ #ifdef HAVE_ZIP
++ # define DEFAULT_COMPRESS_ALGO COMPRESS_ALGO_ZIP
++diff --git a/g10/misc.c b/g10/misc.c
++index 9780969..86baff9 100644
++--- a/g10/misc.c
+++++ b/g10/misc.c
++@@ -743,11 +743,8 @@ map_md_openpgp_to_gcry (digest_algo_t algo)
++ case DIGEST_ALGO_SHA384: return 0;
++ #endif
++
++-#ifdef GPG_USE_SHA512
++ case DIGEST_ALGO_SHA512: return GCRY_MD_SHA512;
++-#else
++- case DIGEST_ALGO_SHA512: return 0;
++-#endif
+++
++ default: return 0;
++ }
++ }
--- /dev/null
--- /dev/null
++From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++Date: Wed, 3 Jan 2018 12:34:26 -0500
++Subject: gpg: Prefer SHA-512 and SHA-384 in personal-digest-preferences.
++
++* g10/keygen.c (keygen_set_std_prefs): prefer SHA-512
++and SHA-384 by default.
++
++--
++
++In 8ede3ae29a39641a2f98ad9a4cf61ea99085a892, upstream changed the
++defaults for --default-preference-list to advertise a preference for
++SHA-512, without touching --personal-digest-preferences. This makes
++the same change for --personal-digest-preferences, since every modern
++OpenPGP library supports them all.
++
++Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
++---
++ g10/keygen.c | 10 +++++-----
++ 1 file changed, 5 insertions(+), 5 deletions(-)
++
++diff --git a/g10/keygen.c b/g10/keygen.c
++index 492c65f..a8333b0 100644
++--- a/g10/keygen.c
+++++ b/g10/keygen.c
++@@ -386,16 +386,16 @@ keygen_set_std_prefs (const char *string,int personal)
++ if (personal)
++ {
++ /* The default internal hash algo order is:
++- * SHA-256, SHA-384, SHA-512, SHA-224, SHA-1.
+++ * SHA-512, SHA-384, SHA-256, SHA-224, SHA-1.
++ */
++- if (!openpgp_md_test_algo (DIGEST_ALGO_SHA256))
++- strcat (dummy_string, "H8 ");
+++ if (!openpgp_md_test_algo (DIGEST_ALGO_SHA512))
+++ strcat (dummy_string, "H10 ");
++
++ if (!openpgp_md_test_algo (DIGEST_ALGO_SHA384))
++ strcat (dummy_string, "H9 ");
++
++- if (!openpgp_md_test_algo (DIGEST_ALGO_SHA512))
++- strcat (dummy_string, "H10 ");
+++ if (!openpgp_md_test_algo (DIGEST_ALGO_SHA256))
+++ strcat (dummy_string, "H8 ");
++ }
++ else
++ {
--- /dev/null
--- /dev/null
++#!/usr/bin/make -f
++# debian/rules file - for GnuPG
++# Copyright 1994,1995 by Ian Jackson.
++# Copyright 1998-2003 by James Troup.
++# Copyright 2003-2004 by Matthias Urlichs.
++#
++# I hereby give you perpetual unlimited permission to copy,
++# modify and relicense this file, provided that you do not remove
++# my name from the file itself. (I assert my moral right of
++# paternity under the Copyright, Designs and Patents Act 1988.)
++# This file may have to be extensively modified
++
++include /usr/share/dpkg/architecture.mk
++
++export DEB_BUILD_MAINT_OPTIONS = hardening=+all
++
++# avoid -pie for gpgv-static on kfreebsd-amd64, and x32
++# platforms, which cannot support it by default:
++ifeq (,$(filter $(DEB_HOST_ARCH), kfreebsd-amd64 x32))
++GPGV_STATIC_HARDENING = "-pie"
++else
++GPGV_STATIC_HARDENING = ""
++endif
++
++# Avoid parallel tests on hppa and riscv64 architecture.
++# Parallel tests generates high load on machine which causes timeouts and thus
++# triggers unexpected failures.
++ifeq (,$(filter $(DEB_HOST_ARCH), hppa riscv64))
++AUTOTEST_FLAGS = "--parallel"
++else
++AUTOTEST_FLAGS = "--no-parallel"
++endif
++
++%:
++ dh $@ --with=autoreconf --builddirectory=build
++
++GPGV_UDEB_UNNEEDED = gpgtar bzip2 gpgsm scdaemon dirmngr doc tofu exec ldap gnutls sqlite libdns
++
++WIN32_FLAGS=LDFLAGS="-Xlinker --no-insert-timestamp -static" CFLAGS="-g -Os" CPPFLAGS=
++
++override_dh_auto_configure:
++ dh_auto_configure --builddirectory=build-gpgv-udeb -- \
++ $(foreach x, $(GPGV_UDEB_UNNEEDED), --disable-$(x))
++ dh_auto_configure --builddirectory=build-maintainer -- \
++ --enable-maintainer-mode \
++ $(foreach x, $(GPGV_UDEB_UNNEEDED), --disable-$(x))
++ dh_auto_configure --builddirectory=build -- --libexecdir=\$${prefix}/lib/gnupg \
++ --enable-wks-tools \
++ --enable-all-tests \
++ --with-agent-s2k-calibration=300 \
++ --enable-symcryptrun --enable-large-secmem
++
++override_dh_auto_build-arch:
++ dh_auto_build --builddirectory=build-gpgv-udeb
++ dh_auto_build --builddirectory=build
++ dh_auto_build --builddirectory=build-maintainer
++ cp -a build-gpgv-udeb build-gpgv-static
++ rm -f build-gpgv-static/g10/gpgv
++ cd build-gpgv-static/g10 && $(MAKE) LDFLAGS="$$LDFLAGS $(GPGV_STATIC_HARDENING) -static" gpgv
++ mv build-gpgv-static/g10/gpgv build-gpgv-static/g10/gpgv-static
++
++override_dh_auto_build-indep:
++ mkdir -p build-gpgv-win32
++ cd build-gpgv-win32 && $(WIN32_FLAGS) ../configure \
++ $(foreach x, $(GPGV_UDEB_UNNEEDED), --disable-$(x)) \
++ $(foreach x, libgpg-error libgcrypt libassuan ksba npth, --with-$x-prefix=/usr/i686-w64-mingw32) \
++ --enable-gpg2-is-gpg \
++ --with-zlib=/usr/i686-w64-mingw \
++ --prefix=/usr/i686-w64-mingw32 \
++ --host i686-w64-mingw32
++ cd build-gpgv-win32/common && $(WIN32_FLAGS) $(MAKE) libcommon.a
++ cd build-gpgv-win32/common && $(WIN32_FLAGS) $(MAKE) libgpgrl.a
++ cd build-gpgv-win32/common && $(WIN32_FLAGS) $(MAKE) libsimple-pwquery.a
++ cd build-gpgv-win32/kbx && $(WIN32_FLAGS) $(MAKE) libkeybox.a
++ cd build-gpgv-win32/g10 && $(WIN32_FLAGS) $(MAKE) gpgv.exe
++ strip build-gpgv-win32/g10/gpgv.exe
++
++
++override_dh_auto_test:
++ dh_auto_test --builddirectory=build -- verbose=3 TESTFLAGS=$(AUTOTEST_FLAGS)
++
++override_dh_shlibdeps:
++# Make ldap a recommends rather than a hard dependency.
++ dpkg-shlibdeps -Tdebian/dirmngr.substvars -dRecommends debian/dirmngr/usr/lib/gnupg/dirmngr_ldap -dDepends debian/dirmngr/usr/bin/dirmngr*
++ dh_shlibdeps -Ndirmngr
++
++# visualizations of package dependencies:
++debian/%.png: debian/%.dot
++ dot -T png -o $@ $<
--- /dev/null
--- /dev/null
++doc/examples/scd-event
--- /dev/null
--- /dev/null
++debian/org.gnupg.scdaemon.metainfo.xml usr/share/metainfo
++debian/tmp/usr/lib/gnupg/scdaemon
--- /dev/null
--- /dev/null
++debian/tmp/usr/share/man/man1/scdaemon.1
--- /dev/null
--- /dev/null
++# do not edit this file, it will be overwritten on update
++
++SUBSYSTEM!="usb", GOTO="gnupg_rules_end"
++ACTION!="add", GOTO="gnupg_rules_end"
++
++# USB SmartCard Readers
++## Cherry GmbH (XX33, ST2000)
++SUBSYSTEM=="usb", ATTR{idVendor}=="046a", ATTR{idProduct}=="0005", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++SUBSYSTEM=="usb", ATTR{idVendor}=="046a", ATTR{idProduct}=="0010", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++SUBSYSTEM=="usb", ATTR{idVendor}=="046a", ATTR{idProduct}=="003e", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++## SCM Microsystems, Inc (SCR331-DI, SCR335, SCR3320, SCR331, SCR3310 and SPR532)
++SUBSYSTEM=="usb", ATTR{idVendor}=="04e6", ATTR{idProduct}=="5111", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++SUBSYSTEM=="usb", ATTR{idVendor}=="04e6", ATTR{idProduct}=="5115", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++SUBSYSTEM=="usb", ATTR{idVendor}=="04e6", ATTR{idProduct}=="5116", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++SUBSYSTEM=="usb", ATTR{idVendor}=="04e6", ATTR{idProduct}=="5117", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++SUBSYSTEM=="usb", ATTR{idVendor}=="04e6", ATTR{idProduct}=="e001", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++SUBSYSTEM=="usb", ATTR{idVendor}=="04e6", ATTR{idProduct}=="e003", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++## Omnikey AG (CardMan 3821, CardMan 6121)
++SUBSYSTEM=="usb", ATTR{idVendor}=="076b", ATTR{idProduct}=="3821", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++SUBSYSTEM=="usb", ATTR{idVendor}=="076b", ATTR{idProduct}=="6622", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++## Gemalto
++SUBSYSTEM=="usb", ATTR{idVendor}=="08e6", ATTR{idProduct}=="3437", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++SUBSYSTEM=="usb", ATTR{idVendor}=="08e6", ATTR{idProduct}=="3438", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++SUBSYSTEM=="usb", ATTR{idVendor}=="08e6", ATTR{idProduct}=="3478", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++SUBSYSTEM=="usb", ATTR{idVendor}=="08e6", ATTR{idProduct}=="34c2", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++SUBSYSTEM=="usb", ATTR{idVendor}=="08e6", ATTR{idProduct}=="34ec", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++## Reiner (SCT cyberJack)
++SUBSYSTEM=="usb", ATTR{idVendor}=="0c4b", ATTR{idProduct}=="0500", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++## Kobil (KAAN)
++SUBSYSTEM=="usb", ATTR{idVendor}=="0d46", ATTR{idProduct}=="2012", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++## VASCO (DIGIPASS 920)
++SUBSYSTEM=="usb", ATTR{idVendor}=="1a44", ATTR{idProduct}=="0920", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++## Crypto Stick
++SUBSYSTEM=="usb", ATTR{idVendor}=="20a0", ATTR{idProduct}=="4107", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++## Nitrokey
++SUBSYSTEM=="usb", ATTR{idVendor}=="20a0", ATTR{idProduct}=="4108", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++SUBSYSTEM=="usb", ATTR{idVendor}=="20a0", ATTR{idProduct}=="4109", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++SUBSYSTEM=="usb", ATTR{idVendor}=="20a0", ATTR{idProduct}=="4211", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++## Gnuk Token
++SUBSYSTEM=="usb", ATTR{idVendor}=="234b", ATTR{idProduct}=="0000", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++## Alcor Micro Corp cardreader (in ThinkPad X250)
++SUBSYSTEM=="usb", ATTR{idVendor}=="058f", ATTR{idProduct}=="9540", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++## Fujitsu Siemens
++SUBSYSTEM=="usb", ATTR{idVendor}=="0bf8", ATTR{idProduct}=="1006", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++## Yubico
++# Yubikey NEO OTP+CCID
++SUBSYSTEM=="usb", ATTR{idVendor}=="1050", ATTR{idProduct}=="0111", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++# Yubikey NEO CCID
++SUBSYSTEM=="usb", ATTR{idVendor}=="1050", ATTR{idProduct}=="0112", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++# Yubikey NEO U2F+CCID
++SUBSYSTEM=="usb", ATTR{idVendor}=="1050", ATTR{idProduct}=="0115", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++# Yubikey NEO OTP+U2F+CCID
++SUBSYSTEM=="usb", ATTR{idVendor}=="1050", ATTR{idProduct}=="0116", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++# Yubikey 4 CCID
++SUBSYSTEM=="usb", ATTR{idVendor}=="1050", ATTR{idProduct}=="0404", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++# Yubikey 4 OTP+CCID
++SUBSYSTEM=="usb", ATTR{idVendor}=="1050", ATTR{idProduct}=="0405", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++# Yubikey 4 U2F+CCID
++SUBSYSTEM=="usb", ATTR{idVendor}=="1050", ATTR{idProduct}=="0406", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++# Yubikey 4 OTP+U2F+CCID
++SUBSYSTEM=="usb", ATTR{idVendor}=="1050", ATTR{idProduct}=="0407", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++## Trustica Cryptoucan
++SUBSYSTEM=="usb", ATTR{idVendor}=="1fc9", ATTR{idProduct}=="81e6", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg"
++
++LABEL="gnupg_rules_end"
--- /dev/null
--- /dev/null
++#!/usr/bin/dot
++
++# interrelationships between binary packages produced by gnupg2 source
++# package, if we were to move to the simplified package structure:
++
++# it would be good to graph the external dependencies as well.
++
++digraph gnupg2 {
++ # odd-duck packages:
++ node [shape=box];
++ gpgv_udeb [label="gpgv-udeb"];
++ gpgv_static [label="gpgv-static"];
++ gpgv_win32 [label="gpgv-win32"];
++
++ # meta-packages, transitional packages:
++ node [shape=diamond];
++ gnupg_agent [label="gnupg-agent"];
++ gnupg2;
++ gpgv2;
++ gpgsm;
++ dirmngr;
++
++ node [shape=ellipse];
++ gnupg_l10n [label="gnupg-l10n"];
++
++ # depends:
++ edge [color=black];
++ scdaemon -> gnupg;
++ gnupg2 -> gnupg;
++ gnupg_agent -> gnupg;
++ gpgsm -> gnupg;
++ dirmngr -> gnupg;
++ gpgv2 -> gpgv;
++
++ # recommends:
++ edge [color=red];
++ gnupg -> gnupg_l10n;
++ gnupg -> gpgv;
++
++ # suggests:
++ edge [color=blue];
++ gpgv -> gnupg;
++}
--- /dev/null
--- /dev/null
++3.0 (quilt)
--- /dev/null
--- /dev/null
++# doc merely references / cites IETF RFC:
++gnupg2 source: license-problem-non-free-RFC doc/OpenPGP
--- /dev/null
--- /dev/null
++#!/bin/bash
++
++# Author: rufo <rufo@rufoa.com>
++# See https://bugs.debian.org/855868
++
++if [ -n "$(gpgconf --list-options gpg-agent | \
++ awk -F: '/^enable-ssh-support:/{ print $10 }')" ]; then
++ echo SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
++ echo GSM_SKIP_SSH_AGENT_WORKAROUND=true
++fi
--- /dev/null
--- /dev/null
++Tests: gpgv-win32
++Depends: gpgv-win32, gnupg2, gpgv2, wine32, diffutils
++Restrictions: allow-stderr, skip-not-installable
++
++Tests: simple-tests
++Depends: gnupg2, gpgv2
++Restrictions: allow-stderr
++
++Tests: migration
++Depends: gpg, gnupg1, gnupg-utils, debian-archive-keyring, diffutils
++Restrictions: allow-stderr
--- /dev/null
--- /dev/null
++#!/bin/bash
++
++set -e
++
++export GNUPGHOME=$(mktemp -d)
++gpgargs=(--batch --quiet --pinentry-mode=loopback --passphrase '' --with-colons)
++
++# Generate a minimal signing key:
++gpg "${gpgargs[@]}" --quick-gen-key 'Test key for gpgv-win32 <test-key@example.com>'
++
++gpg "${gpgargs[@]}" -o "$GNUPGHOME/key.gpg" --export test-key@example.com
++
++# Sign this very script
++rm -f "${0}.gpg"
++gpg "${gpgargs[@]}" --output "${0}.gpg" --detach-sign "${0}"
++
++# Verify using gpgv
++gpgv --quiet --status-fd 3 3> native.status --keyring "$GNUPGHOME/key.gpg" "${0}.gpg" "${0}"
++
++WINE=/usr/lib/wine/wine
++export WINESERVER=/usr/lib/wine/wineserver32
++
++# Verify using gpgv.exe (using --status-fd 1 because i don't know how
++# to pass a non-standard file descriptor into wine)
++"$WINE" /usr/share/win32/gpgv.exe --quiet --status-fd 1 > win32.status --keyring "Z://${GNUPGHOME}/key.gpg" "${0}.gpg" "${0}"
++
++# convert to unix newlines if necessary:
++sed -i 's/\r$//' win32.status
++
++diff -u native.status win32.status
++
++head -v win32.status
++
++rm -rf "$GNUPGHOME"
--- /dev/null
--- /dev/null
++#!/bin/bash
++
++set -e
++set -x
++
++DIR=$(mktemp -d)
++GPG_HOME="$DIR/gnupg"
++gpg=(gpg --homedir "$GPG_HOME" --batch --quiet --with-colons)
++gpg1=(gpg1 --homedir "$GPG_HOME" --batch --quiet --with-colons)
++
++mkdir "$GPG_HOME"
++chmod 700 "$GPG_HOME"
++
++cat /usr/share/keyrings/debian-archive-*.gpg | "${gpg1[@]}" --import
++"${gpg1[@]}" --list-keys
++"${gpg[@]}" --list-keys > "$DIR/key.list.before"
++migrate-pubring-from-classic-gpg "$GPG_HOME"
++"${gpg[@]}" --list-keys > "$DIR/key.list.after"
++
++diff -u "$DIR/key.list.before" "$DIR/key.list.after"
--- /dev/null
--- /dev/null
++#!/bin/sh
++
++set -e
++set -x
++
++DIR=$(mktemp -d)
++GPG_HOME=$DIR/gnupg
++gpg="gpg --homedir $GPG_HOME"
++
++mkdir $GPG_HOME
++chmod 700 $GPG_HOME
++
++#trap "cd $HOME && rm -rf $DIR" EXIT
++
++cd $DIR
++
++cat > key-batch << EOF
++Key-Type: default
++Subkey-Type: default
++Name-Real: test case
++Name-Email: example@example.com
++Expire-Date: 0
++%no-protection
++%commit
++EOF
++
++$gpg --batch --generate-key key-batch
++$gpg -abs < $GPG_HOME/pubring.kbx > pubring.kbx.asc
++$gpg --verify pubring.kbx.asc $GPG_HOME/pubring.kbx
++gpgv --keyring $GPG_HOME/pubring.kbx pubring.kbx.asc $GPG_HOME/pubring.kbx
++
++# Encrypt
++$gpg -e -r example@example.com < $GPG_HOME/pubring.kbx > pubring.kbx.gpg
++$gpg -d -r example@example.com < pubring.kbx.gpg > pubring.kbx.gpg.dec
--- /dev/null
--- /dev/null
++-----BEGIN PGP PUBLIC KEY BLOCK-----
++
++mQENBE0ti4EBCACqGtKlX9jI/enhlBdy2cyQP6Q7JoyxtaG6/ckAKWHYrqFTQk3I
++Ue8TuDrGT742XFncG9PoMBfJDUNltIPgKFn8E9tYQqAOlpSA25bOb30cA2ADkrjg
++jvDAH8cZ+fkIayWtObTxwqLfPivjFxEM//IdShFFVQj+QHmXYBJggWyEIil8Bje7
++KRw6B5ucs4qSzp5VH4CqDr9PDnLD8lBGHk0x8jpwh4V/yEODJKATY0Vj00793L8u
++qA35ZiyczUvvJSLYvf7STO943GswkxdAfqxXbYifiK2gjE/7SAmB+2jFxsonUDOB
++1BAY5s3FKqrkaxZr3BBjeuGGoCuiSX/cXRIhABEBAAG0Fldlcm5lciBLb2NoIChk
++aXN0IHNpZymJAT4EEwECACgFAk0ti4ECGwMFCRDdnwIGCwkIBwMCBhUIAgkKCwQW
++AgMBAh4BAheAAAoJECSbOdJPJeO2PlMIAJxPtFXf5yozPpFjRbSkSdjsk9eru05s
++hKZOAKw3RUePTU80SRLPdg4AH+vkm1JMWFFpwvHlgfxqnE9rp13o7L/4UwNUwqH8
++5zCwu7SHz9cX3d4UUwzcP6qQP4BQEH9/xlpQS9eTK9b2RMyggqwd/J8mxjvoWzL8
++Klf/wl6jXHn/yP92xG9/YA86lNOL1N3/PhlZzLuJ6bdD9WzsEp/+kh3UDfjkIrOc
++WkqwupB+d01R4bHPu9tvXy8Xut8Sok2zku2xVkEOsV2TXHbwuHO2AGC5pWDX6wgC
++E4F5XeCB/0ovao2/bk22w1TxzP6PMxo6sLkmaF6D0frhM2bl4C/uSsq5AQ0ETS2L
++gQEIAKHwucgbaRj0V7Ht0FnM6RmbqwZ7IFV2lR+YN1gkZaWRRCaJoPEZFKhhPEBX
++1bDVwr/iTPaPPEtpi7oQoHk65yeLrhtOmXXpNVkV/5WQjAJIrWn+JQ3z/ZejxHUL
++hzKsGg5FC6pRYcEyzRXHtv4BO9kBIKNVirZjEkQG4BnIrQgl6e2YFa47GNMqcQH7
++nJdwG1cGQOZOIDQQM41gBzwoSrStMA6DjHkukFegKfcSbSLArBtYNAwTwmW7RqOM
++EJwlo0+NYx2Yn75x66bYwdlsP0FLOgez/O/IxoPRxXr0l4e+uj6dFHqvBi04dx6J
++sPmXEyeAyLiCWSh7Rwq8uIhBUBUAEQEAAYkBJQQYAQIADwUCTS2LgQIbIAUJEN2f
++AgAKCRAkmznSTyXjtrsSCACRNgfGkD0OqOiwYo1/+KyWnrQLusVvSYOw8hN66geU
++3BO8iQ0Koy+m0QKY1kWjaHwewpg8ZebY4E2sHbNIC9Spyiyz29sAJ2invf4/4Mep
++TgpxNiw4+XmykCkN1AfVhvMTQXMzRbO5ZwRtPpjsMr1j5vX1s6U3/RxSAItpAkCu
++1GGTTOH0r12Ochc/um+QGAyO6WUj/IiZ1MX7toXW0SCo8DSl8z5Q7KmJWF6TQLK1
++Lku4bIVG1Huwo1/0WHc2vCad5BxHjgoy8TsKLTmvYQZWtnjWvQGV2UOABYWcacut
++ZXQQ2PPCIY7LlpuS/45CXWbT5Y+mxY3y7dbz4aF+8uyCmQENBFRQXwcBCACHWajy
++v6RVZVM2w2XK6uba11kqJBt15WCkGBwOeojd8BXnwLecLwNW4rmpUZk8H+Nu7jaN
++zwFcY/WXpQ/7nXktAvkalO1XSlFZQ7TZY65MtkFVByrne/NuDXFWjfWtZX3qaoYA
+++zyUZQKbT1+m6JUpCiM7r8iGSDv9ufN5JtxfleT14ouHIHu2dqS5gl5FibhuOz5g
++MCkrwgVDJ69gXymNNxstNI0k9b1YsKyjOzLXWvjF19FxNaMBFXPlXNOdD4/Hxi2y
++eNDerA0kGmyowsJ0M3tgaGH+aXA+OB2r9QV/n5tjp/d7DS+yEGoicFDJwFKZjKhf
++Rh7ewBL85Hie7llpABEBAAG0PkRhdmlkIFNoYXcgKEdudVBHIFJlbGVhc2UgU2ln
++bmluZyBLZXkpIDxkc2hhd0BqYWJiZXJ3b2NreS5jb20+iQEfBDABAgAJBQJYn3pR
++Ah0gAAoJEAQ3bz7ghWlZdmsH/ApwZWbcBg2zYE3+psWhZpiVNyTbePiglJlhjbUf
++77cCfFsVhim5WG+YrTu8hcaf5/G9kZrsb4SvyMnqR2RXierKS6rBrE6TZHixb3Kh
++6z2QqkC5ftGo/7lruMnW61cmDvt4sEUuUJviSTxTTBvnw0ct1zfgLvRWVzWdqQXU
++w82oM8AOg0zQ0Ix/LoxwoX2hFNNThxLQHyitYdHlMdPhkO8/k92cei+n2fWbwtb5
++VOxXhoCWYAxOmr0JSiqYJhzBYakLhkqcPS8s8uAbt+jEaYot0NdQemUeJPJIy/rl
++LWYdPNnPf9Ma5pGlNVDIQ9A6iC5JniFnmrmyI6McqdtQAui0JkRhdmlkIFNoYXcg
++KEdudVBHIFJlbGVhc2UgU2lnbmluZyBLZXkpiQE+BBMBAgAoBQJYn3oyAhsDBQkJ
++unbuBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRAEN28+4IVpWcUJB/46snb+
+++ypPIhQjUPHVHb9U8r92QSh/XLi6xxJcqokzpif7fCvh+DrenlLOQznwB1PDPBmT
++lffv2p7XvEAPMoaEOA/i67phDzsjaUrHkevsv0fAIqX8yHmVKQ773hhD+VbuO29o
++J7h7LIQ5yrJScpmNmE2FjnjcHGHnr9UaoU4RQVqA9jyHEVt+aRvKvQEzMtFlSIkn
++6rBNeU5HHh6oHhlzkNUP9hExRPBorodWEH0r7E2C+CORloR9ZG/EK4rU+Fkp1mdV
++Stt2maNfG5QxaFgseT9X+QMeD7ktht5I/t05coSL/1dKyUjiHp84K8uZIfi09LPI
++2dT9ikq5JHN8zHXZuQENBFRQXwcBCACh1PSJ34Lo8xXsLwnETw84a9fbADpAvDb0
++RI7Razz4mr0Q9DfXXiYf6wL6QOzB4IMzJpjfiLyC+HqFbEb0l9mZKRFS/RBfbO+V
++zCvxI5n11fOtXuKn5CCnM7bZ5hGcf9EH4pZ8XOpKinnWx3VSWzjWoqmEMSb9kCed
++PDFhZfqMSU4Kki56ZMCJLGmq2M9dV+1yFITLTr9sNEW4LgV699TlpZODcVJkRmmT
++QoXlFkF3O859f0/Ad/YXGGBC0uQCx2+9bMNOhgPSo55wz8wa3V2ivIGjwiQCIcn5
++NE3JWLr98Cr+uKDdusXkRMY3tbkhFEagt61j77hg77WBjsRr7W1nABEBAAGJASUE
++GAECAA8FAlRQXwcCGyAFCQm6du4ACgkQBDdvPuCFaVno8Af+JMwLn4f9iePsbUo6
++OHKi58+gz6P6DgRzxGYQDq9g5YiLwXgBTzqJLpKrYeRldIrEuABhta6x4UdLpAD+
++pk8M90i/xNx4TeMxbdkSaaacKxLpyaRCGmNEIq5YZ9o7JkgRXYFPoSt74xTmNT7B
++GqRskaTUFLybJAeRlE3/l2B+jmzIVgpjhPrhnsO+VtAXvRwIBGWwjCTiU3pAn+Kp
++odH1zaxa3Md/EC91y0Cl2DnDwZFwSl0MyJ56OFr+UExFNhVZjW+sSD76aSSG8I6Q
++GKUMUUJWiM6dJ1MnLt01mOIGUQXCWZyMur3zgLkVHCPn543QF6/mFmxahst5Gq3x
++A4YyUbkBDQRUUF8HAQgArhuRQ9LFKWYTwYcAjgU1AMD5BnMi8s+l/WnkmoVQukl5
++6XB9W1uPqo588rBdW9qbTIc6LKsyd992Vn/r5BeM/rrlF1uw/MQM/EIf3vZ4aZ3D
++zJX3nCY8JVqjIFMf1cENNfbnaHS8+OBxts4tS9S5gFXwLviKvoRKgDbSD+uNgQaM
++n9QC2AEYh8yjRWTZBzr/vDEzeM0/FRz/qHmiKCBSSB1sVyDMLaw4BSPecnQJLTV0
++08m4CUY9GOKD2jrX8+K6ZI5XL3x58B62yMstLTTKwCaPGPt4W7Gd/vdMk7IAi0pk
+++/eLsrgsiAxlfAvvU7HTTNR3Obof78miZKiuq0uU5QARAQABiQElBBgBAgAPBQJU
++UF8HAhsMBQkJunbuAAoJEAQ3bz7ghWlZuTEH/RrOy+kD14k+vqg27cjDhoK8tCL0
++jaOh0Zemw2DcY34BOnc8oyLbUqyd6qRhfPDFj7bscDA1JASYx7I6HfueQ9ckyUGA
++nT5pXsnacCPdqzfXSCdXeRgh3w1e8uL5gueCp9PJCnF50OEF5LJNgsA/3qYO1S4Y
++VD39NYEXTCNmQGoWWWeyaZQKz2UyZ1oVSTVxPX9HW/CIbPWYBpTPI/Y01SdeygTb
++lOR5eD4p/3lCTFLQLcL1L5wDiMIIdcS4YXEx7j7ohu5uxV6khQWuXNtRpilgHyXA
++VC62hInWotzaMVxbTRDLZnZI5VgnmjIyFk16LRkWyBD22nY+G0gKObkl+8+ZAQ0E
++VEOpUgEIALSTx5koOY2p2ZrA6Un+brYvaDy5dP/7+8AQZvXJqJvT3Ejq18ZfNuqU
++PCsshlwmxIhP+e39qMmchVtzfXfu9rhdvAzOwOkAwfiaaJOiqT6LMQKEabaSfOsv
++CGh+VHxoawovflChlP96t2N+A94JEu9/bl8ew3YlvRYgzMLnpWQx4WjNr70dnmGu
++R6aab6A+8i+ERSinELI5LyYrlaMHjPMh3IMl+SpWke9p80/Q3gsix50p3IdyP8re
++Rjgp6OX30ZbXPWycGA9qag3b97nY9/opPDYWOxIZnvahqVyuQFHjBpxSLMbEpxEP
++ZjpdrSD2bBOhZ00FAIggj65PM7OrUQMAEQEAAbQhV2VybmVyIEtvY2ggKFJlbGVh
++c2UgU2lnbmluZyBLZXkpiQE9BBMBCAAnBQJUQ6lSAhsDBQkLqgX1BQsJCAcCBhUI
++CQoLAgQWAgMBAh4BAheAAAoJEIqGGxx+/WDZofsH/AhbqZWZObNbbFzWrUxR2ywT
++FAGER442ttYn8eIZk/8xppuBD/7Bm5OFMDB8YznMVAE6+sE4ZRGEg1TqVhCVw6tW
++j5XxnWY1AoVZorElpjkq7VsHU65f0UcsSIyJuiAe7l+MkhcETxeue+556PIVDmD+
++5fbFwaAJaUx7j2xHcr6USXef3fFOZI2E/navSBOMyNuopYpRogYnk5xZKu9rB1+o
++teTFHymGrYCUccR/Glxmw6n2ZmKtZhDmNyAaAU/QthdTD9GfEWk5yuPjmq5+bIQv
++1AkqMFXlFocluq6R5/BQic9C1VSYg2pDHO1KHlDFA/a2xQ8h4SLlECgLAslqbzOZ
++AQ0EVFA7IwEIAOYQcDfRdzqin/vZlwl1AyuJW+cDI3bYvesRtOIAJ+8FqOzp+nOZ
++7a4mULkXUeRh3HcO91wughXoR3qP3klWIlqgTQQHxPVM25BEvnGPuMA86lWnKoSs
++Xe9F5h0IMiu6aURvzMJC9VMgKwhhgCjejFf9n8zuiBkMN457Ubnt/9jxhpxmorDQ
++Cpb7bR1mfdbsuCmOXwTNfbkAoGXceL/P6z9PskKrFk8CVCr8pseRiHzWgib4Bfr/
++mj68LKcQTH/Y6R16g154eC6PAvxrEDA+hgpVX0I7L781Byh9nqC+KDX5LvlGuQbg
++B2IvrgLs6lfU3aRfTwqUDMj37rmXJTDy3TMAEQEAAbQyTklJQkUgWXV0YWthIChH
++bnVQRyBSZWxlYXNlIEtleSkgPGduaWliZUBmc2lqLm9yZz6JATwEEwEIACYCGwMF
++CwcICQMEFQgJCgUWAgMBAAIeAQIXgAUCWA8UWQUJC0uQNgAKCRAgcbCKM70/Brxv
++CADASJRs/b6GHEklwHUDrr89oDNpDo7zB8zelZUvVT9OiI5089g53oxWcC5sScPH
++vJmY1KNI8NtrqNR0REIQ653t0tSGszzHk1AlDc6VhTMVzXOkgMq8PWqVmvIKLhlF
++ib9xzsFbPBBQNhPVHbQydrhuzGP/nguSv2njgMrnWRG70vK4GcqUxawbQXDSlFmY
++c+xUZ+tx8RJmCxN6eiNfWQ163NVk2sxdqM9fM8punLlEa+sGkW3UnplE7IaS5ygg
++WV8yfNm1wYFzZ33ZnN4LUtuGZjN2Xyv62M7RA5Ik5LNkdYMA8H+UbQ6Wn+Sw9rnx
++EnWy7k/vG5QJbHG4GCwXMA6ruQENBFRQOyMBCAC94CWuMHLmP1B7oFxU0FjKv3D6
++RTpLSLqC/nqRWeKVdlSddR4LnO/r9ahRsGgekAEVyeD04SKAD7g3OWMhWvEsK6aY
++gmzc0cLJCJRTsLW+X7kRWo33KUAKIpKYO8VF8iErWejajvo5UgN3y1V/anqlBU45
++DalLk/mu6JXOr6t7u83+IscTrFQTkW17wOxoc6i9zDOU1FoWZFyNU+hxpPCGndfn
++S25qzaEpb1qzxYoHpyttCkGX4R3siX6gAkRLIPhsYK4sZihBZhTBgHdAVYSYkCrK
++hRNWoSb3XpUhdT5l88uPozwxXruXmzk6WCv6ZdCJ+0rGShwJjU1j6g+Fksk9ABEB
++AAGJASUEGAEIAA8CGwwFAlgPFEYFCQtLkCMACgkQIHGwijO9PwYKDQf9HXQ1Rb4n
++eC/s//vRfwqpEsYTqGLgd/O8d/0BrHojE1d6iyidZIGX40Sgmq1OPUZE9GtW5l2W
++uwjychrIySR8NnQ8h9cN0agYjLfp+3sJFGYRGsL2J7EmJVPUd6+gHcq2L5+zhm3e
++98aaSxMlS5QGcE9IyDtdNeTUBya3kg6ltazSo9ztzGV6n585P2UiSQnL1fsvik5i
++QkD8k6DcygmhBnxfbny5jPaV7PTcpxwY8k6jHIL8Z144GYHZYbuHMQuwH357vRgv
++q0epdh+7JxJmtDtS8gpnR/U2kVhogSwPQnB06ztcPvXnwZznYGrw+Z3a57w+ef2M
++Z4bi8gOtEd0zhw==
++=3t3v
++-----END PGP PUBLIC KEY BLOCK-----
--- /dev/null
--- /dev/null
++version=4
++
++opts=pgpsigurlmangle=s/$/.sig/ \
++ https://gnupg.org/ftp/gcrypt/gnupg/gnupg@ANY_VERSION@@ARCHIVE_EXT@ \
++ debian
projects / gnupg2.git / commitdiff