1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

Merge branch 'STABLE-BRANCH-2-2' into master

This commit is contained in:
Werner Koch 2017-11-20 14:54:44 +01:00
commit 668f6c3de6
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
4 changed files with 38 additions and 21 deletions

16
README
View File

@ -34,11 +34,11 @@
GnuPG 2.2 depends on the following GnuPG related packages:
npth (ftp://ftp.gnupg.org/gcrypt/npth/)
libgpg-error (ftp://ftp.gnupg.org/gcrypt/libgpg-error/)
libgcrypt (ftp://ftp.gnupg.org/gcrypt/libgcrypt/)
libksba (ftp://ftp.gnupg.org/gcrypt/libksba/)
libassuan (ftp://ftp.gnupg.org/gcrypt/libassuan/)
npth (https://gnupg.org/ftp/gcrypt/npth/)
libgpg-error (https://gnupg.org/ftp/gcrypt/libgpg-error/)
libgcrypt (https://gnupg.org/ftp/gcrypt/libgcrypt/)
libksba (https://gnupg.org/ftp/gcrypt/libksba/)
libassuan (https://gnupg.org/ftp/gcrypt/libassuan/)
You should get the latest versions of course, the GnuPG configure
script complains if a version is not sufficient.
@ -49,7 +49,7 @@
You also need the Pinentry package for most functions of GnuPG;
however it is not a build requirement. Pinentry is available at
ftp://ftp.gnupg.org/gcrypt/pinentry/ .
https://gnupg.org/ftp/gcrypt/pinentry/ .
After building and installing the above packages in the order as
given above, you may continue with GnuPG installation (you may also
@ -229,7 +229,7 @@
You subscribe to one of the list by sending mail with a subject of
"subscribe" to x-request@gnupg.org, where x is the name of the
mailing list (gnupg-announce, gnupg-users, etc.). See
https://www.gnupg.org/documentation/mailing-lists.html for archives
https://gnupg.org/documentation/mailing-lists.html for archives
of the mailing lists.
Please direct bug reports to [[https://bugs.gnupg.org]] or post them
@ -242,7 +242,7 @@
authors and we try to answer questions when time allows us.
Commercial grade support for GnuPG is available; for a listing of
offers see https://www.gnupg.org/service.html . Maintaining and
offers see https://gnupg.org/service.html . Maintaining and
improving GnuPG requires a lot of time. Since 2001, g10 Code GmbH,
a German company owned and headed by GnuPG's principal author Werner
Koch, is bearing the majority of these costs. To keep GnuPG in a

View File

@ -611,8 +611,9 @@ AC_PROG_RANLIB
AC_CHECK_TOOL(AR, ar, :)
AC_PATH_PROG(PERL,"perl")
AC_CHECK_TOOL(WINDRES, windres, :)
AC_PATH_PROG(YAT2M, "yat2m", "./yat2m" )
AC_PATH_PROG(YAT2M, "yat2m")
AC_ARG_VAR(YAT2M, [tool to convert texi to man pages])
AM_CONDITIONAL(HAVE_YAT2M, test -n "$ac_cv_path_YAT2M")
AC_ISC_POSIX
AC_SYS_LARGEFILE
GNUPG_CHECK_USTAR
@ -1620,12 +1621,20 @@ if test "$GCC" = yes; then
mycflags="$mycflags -Wdeclaration-after-statement"
fi
AC_MSG_CHECKING([if gcc supports -Wlogical-op and -Wvla])
CFLAGS="-Wlogical-op -Wvla"
AC_MSG_CHECKING([if gcc supports -Wlogical-op])
CFLAGS="-Wlogical-op -Werror"
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([],[])],_gcc_wopt=yes,_gcc_wopt=no)
AC_MSG_RESULT($_gcc_wopt)
if test x"$_gcc_wopt" = xyes ; then
mycflags="$mycflags -Wlogical-op -Wvla"
mycflags="$mycflags -Wlogical-op"
fi
AC_MSG_CHECKING([if gcc supports -Wvla])
CFLAGS="-Wvla"
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([],[])],_gcc_wopt=yes,_gcc_wopt=no)
AC_MSG_RESULT($_gcc_wopt)
if test x"$_gcc_wopt" = xyes ; then
mycflags="$mycflags -Wvla"
fi
else
@ -1836,7 +1845,7 @@ AC_DEFINE_UNQUOTED(DIRMNGR_DEFAULT_KEYSERVER,
AC_DEFINE_UNQUOTED(GPGEXT_GPG, "gpg", [The standard binary file suffix])
if test "$have_w32_system" = yes; then
AC_DEFINE_UNQUOTED(GNUPG_REGISTRY_DIR, "\\\\Software\\\\GNU\\\\GnuPG",
AC_DEFINE_UNQUOTED(GNUPG_REGISTRY_DIR, "Software\\\\GNU\\\\GnuPG",
[The directory part of the W32 registry keys])
fi

View File

@ -1562,7 +1562,7 @@ start_sig_check (ksba_crl_t crl, gcry_md_hd_t *md, int *algo)
should return 0 on a good signature, GPG_ERR_BAD_SIGNATURE if the
signature does not verify or any other error code. CRL is the CRL
object we are working on, MD the hash context and ISSUER_CERT the
certificate of the CRL issuer. This function closes MD. */
certificate of the CRL issuer. This function takes ownership of MD. */
static gpg_error_t
finish_sig_check (ksba_crl_t crl, gcry_md_hd_t md, int algo,
ksba_cert_t issuer_cert)
@ -1646,11 +1646,12 @@ finish_sig_check (ksba_crl_t crl, gcry_md_hd_t md, int algo,
/* Call this to match a start_sig_check that can not be completed
normally. */
normally. Takes ownership of MD if MD is not NULL. */
static void
abort_sig_check (ksba_crl_t crl, gcry_md_hd_t md)
{
(void)crl;
if (md)
gcry_md_close (md);
}
@ -1842,13 +1843,13 @@ crl_parse_insert (ctrl_t ctrl, ksba_crl_t crl,
}
err = finish_sig_check (crl, md, algo, crlissuer_cert);
md = NULL; /* Closed. */
if (err)
{
log_error (_("CRL signature verification failed: %s\n"),
gpg_strerror (err));
goto failure;
}
md = NULL;
err = validate_cert_chain (ctrl, crlissuer_cert, NULL,
(VALIDATE_FLAG_TRUST_CONFIG
@ -1877,7 +1878,6 @@ crl_parse_insert (ctrl_t ctrl, ksba_crl_t crl,
failure:
if (md)
abort_sig_check (crl, md);
ksba_cert_release (crlissuer_cert);
return err;

View File

@ -112,8 +112,16 @@ DISTCLEANFILES = gnupg.tmp gnupg.ops yat2m-stamp.tmp yat2m-stamp \
gnupg-module-overview.eps \
$(myman_pages) gnupg.7
if HAVE_YAT2M
YAT2M_CMD = $(YAT2M)
YAT2M_DEP = $(YAT2M)
else
YAT2M_CMD = ./yat2m
YAT2M_DEP = yat2m
yat2m: yat2m.c
$(CC_FOR_BUILD) -o $@ $(srcdir)/yat2m.c
endif
mkdefsinc: mkdefsinc.c Makefile ../config.h
$(CC_FOR_BUILD) -I. -I.. -I$(srcdir) $(AM_CPPFLAGS) \
@ -146,12 +154,12 @@ yat2m-stamp: $(myman_sources) defs.inc
@touch yat2m-stamp.tmp
incd="`test -f defsincdate || echo '$(srcdir)/'`defsincdate"; \
for file in $(myman_sources) ; do \
$(YAT2M) $(YAT2M_OPTIONS) --store \
$(YAT2M_CMD) $(YAT2M_OPTIONS) --store \
--date "`cat $$incd 2>/dev/null`" \
`test -f '$$file' || echo '$(srcdir)/'`$$file ; done
@mv -f yat2m-stamp.tmp $@
yat2m-stamp: $(YAT2M)
yat2m-stamp: $(YAT2M_DEP)
$(myman_pages) gnupg.7 : yat2m-stamp defs.inc
@if test -f $@; then :; else \