On 12/04/2014 03:06 PM, Adam D. Barratt wrote: > On Thu, 2014-12-04 at 14:56 -0500, Daniel Kahn Gillmor wrote: >> If you'd prefer, i can produce a 1.4.18-6 with that reverted (i'd >> probably also collapse the documentation cleanup into a single patch as >> well, rather than including the triplet of upstream git commits >> independently). >> >> Shall i do that? > > Yes, please. ok, 1.4.18-6 is built and uploaded. The debdiff between 1.4.18-4 and 1.4.18-6 is attached here. > For the record, I'm okay with the rest of the diff (modulo it needing a > d-i ack due to producing a udeb), although with fingers crossed that the > --verify change doesn't bite us. The --verify change is a little bit worrisome to me too, but leaving it unchanged is even more worrisome. "gpg --verify detached.sig" is a really vulnerable idiom. :( Thanks for your attention to detail here. Regards, --dkg
diff -Nru gnupg-1.4.18/debian/changelog gnupg-1.4.18/debian/changelog
--- gnupg-1.4.18/debian/changelog 2014-09-04 16:28:42.000000000 -0400
+++ gnupg-1.4.18/debian/changelog 2014-12-04 15:58:21.000000000 -0500
@@ -1,3 +1,37 @@
+gnupg (1.4.18-6) unstable; urgency=medium
+
+ * revert to debhelper 7
+ * simplify upstream doc synchronization.
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 04 Dec 2014 15:50:59 -0500
+
+gnupg (1.4.18-5) unstable; urgency=medium
+
+ [ Daniel Kahn Gillmor ]
+ * move to debhelper 9
+ * add build and runtime support for larger RSA keys (Closes: #739424)
+ * fix runtime errors on bad input (Closes: #771987)
+ * deprecate insecure one-argument variant for gpg --verify of detached
+ signatures (Closes: #771992)
+ * sync documentation with upstream.
+ * Standards-Version: bump to 3.9.6 (no changes needed).
+
+ [ David Prévot ]
+ * Update POT and PO files, and ensure the translations get rebuild
+ * Update French translation (Closes: #769571)
+ * Update Danish Translation, thanks to Joe Hansen
+ * Update Ukrainian translation, thanks to Yuri Chornoivan
+ * Update Russian translation, thanks to Ineiev
+ * Update Chinese (traditional) translation, thanks to Jedi Lin
+ * Update Italian translation, thanks to Milo Casagrande
+ * Update Polish translation, thanks to Jakub Bogusz
+ * Update Spanish translation, thanks to Manuel "Venturi" Porras Peralta
+ (Closes: #770726)
+ * Update Dutch translation, thanks to Frans Spiesschaert (Closes: #770816)
+ * Update Czech translation, thanks to Roman Pavlik
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 04 Dec 2014 01:11:22 -0500
+
gnupg (1.4.18-4) unstable; urgency=medium
* Remove Daniel Leidert from Uploaders at his request.
diff -Nru gnupg-1.4.18/debian/clean gnupg-1.4.18/debian/clean
--- gnupg-1.4.18/debian/clean 1969-12-31 19:00:00.000000000 -0500
+++ gnupg-1.4.18/debian/clean 2014-12-04 01:14:38.000000000 -0500
@@ -0,0 +1 @@
+po/*.gmo
diff -Nru gnupg-1.4.18/debian/control gnupg-1.4.18/debian/control
--- gnupg-1.4.18/debian/control 2014-09-02 11:12:13.000000000 -0400
+++ gnupg-1.4.18/debian/control 2014-12-04 15:50:36.000000000 -0500
@@ -6,7 +6,7 @@
Eric Dorland <eric@debian.org>,
Daniel Kahn Gillmor <dkg@fifthhorseman.net>,
Thijs Kinkhorst <thijs@debian.org>
-Standards-Version: 3.9.5
+Standards-Version: 3.9.6
Build-Depends: debhelper (>> 7),
file,
gettext,
diff -Nru gnupg-1.4.18/debian/copyright gnupg-1.4.18/debian/copyright
--- gnupg-1.4.18/debian/copyright 2014-09-02 00:58:08.000000000 -0400
+++ gnupg-1.4.18/debian/copyright 2014-12-04 02:53:59.000000000 -0500
@@ -48,7 +48,10 @@
Copyright: 1998-2013 Free Software Foundation, Inc.
1997, 1998, 2013 Werner Koch
1998 The Internet Society
-License: The file merely cites and references IETF Draft
+License: RFC-Reference
+
+License: RFC-Reference
+ doc/OpenPGP merely cites and references IETF Draft
draft-ietf-openpgp-formats-07.txt. This is believed to be fair use;
but if not, it's covered by the source document's license under
the 'comment on' clause. The license statement follows.
diff -Nru gnupg-1.4.18/debian/gnupg.docs gnupg-1.4.18/debian/gnupg.docs
--- gnupg-1.4.18/debian/gnupg.docs 2014-09-02 00:58:08.000000000 -0400
+++ gnupg-1.4.18/debian/gnupg.docs 2014-12-04 01:10:04.000000000 -0500
@@ -1,3 +1,4 @@
+AUTHORS
README
THANKS
TODO
diff -Nru gnupg-1.4.18/debian/patches/0003-Update-POT-file.patch gnupg-1.4.18/debian/patches/0003-Update-POT-file.patch
diff -Nru gnupg-1.4.18/debian/patches/0004-Update-PO-files.patch gnupg-1.4.18/debian/patches/0004-Update-PO-files.patch
diff -Nru gnupg-1.4.18/debian/patches/0005-Update-French-translation.patch gnupg-1.4.18/debian/patches/0005-Update-French-translation.patch
diff -Nru gnupg-1.4.18/debian/patches/0006-Update-Danish-translation.patch gnupg-1.4.18/debian/patches/0006-Update-Danish-translation.patch
diff -Nru gnupg-1.4.18/debian/patches/0007-mpi-Improve-mpi_invm-to-detect-bad-input.patch gnupg-1.4.18/debian/patches/0007-mpi-Improve-mpi_invm-to-detect-bad-input.patch
--- gnupg-1.4.18/debian/patches/0007-mpi-Improve-mpi_invm-to-detect-bad-input.patch 1969-12-31 19:00:00.000000000 -0500
+++ gnupg-1.4.18/debian/patches/0007-mpi-Improve-mpi_invm-to-detect-bad-input.patch 2014-12-04 02:23:26.000000000 -0500
@@ -0,0 +1,35 @@
+From cd53cdbc3774fb193bdebcdc5d7019ddebc16dbc Mon Sep 17 00:00:00 2001
+From: Werner Koch <wk@gnupg.org>
+Date: Thu, 11 Sep 2014 17:06:16 +0200
+Subject: [PATCH 07/20] mpi: Improve mpi_invm to detect bad input.
+
+* mpi/mpi-inv.c (mpi_invm): Return 0 for bad input.
+--
+
+Without this patch the function may enter an endless loop. This is a
+backport from libgcrypt.
+
+GnuPG-bug-id: 1713
+---
+ mpi/mpi-inv.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/mpi/mpi-inv.c b/mpi/mpi-inv.c
+index b762630..361c57e 100644
+--- a/mpi/mpi-inv.c
++++ b/mpi/mpi-inv.c
+@@ -165,6 +165,11 @@ mpi_invm( MPI x, MPI a, MPI n )
+ int sign;
+ int odd ;
+
++ if (!mpi_cmp_ui (a, 0))
++ return 0; /* Inverse does not exists. */
++ if (!mpi_cmp_ui (n, 1))
++ return 0; /* Inverse does not exists. */
++
+ u = mpi_copy(a);
+ v = mpi_copy(n);
+
+--
+2.1.3
+
diff -Nru gnupg-1.4.18/debian/patches/0007-Update-Ukrainian-translation.patch gnupg-1.4.18/debian/patches/0007-Update-Ukrainian-translation.patch
diff -Nru gnupg-1.4.18/debian/patches/0008-Update-Russian-translation.patch gnupg-1.4.18/debian/patches/0008-Update-Russian-translation.patch
diff -Nru gnupg-1.4.18/debian/patches/0009-Update-Chinese-traditional-translation.patch gnupg-1.4.18/debian/patches/0009-Update-Chinese-traditional-translation.patch
diff -Nru gnupg-1.4.18/debian/patches/0010-Update-Italian-translation.patch gnupg-1.4.18/debian/patches/0010-Update-Italian-translation.patch
diff -Nru gnupg-1.4.18/debian/patches/0011-Update-Polish-translation.patch gnupg-1.4.18/debian/patches/0011-Update-Polish-translation.patch
diff -Nru gnupg-1.4.18/debian/patches/0012-Update-Spanish-translation.patch gnupg-1.4.18/debian/patches/0012-Update-Spanish-translation.patch
diff -Nru gnupg-1.4.18/debian/patches/0013-Update-Dutch-translation.patch gnupg-1.4.18/debian/patches/0013-Update-Dutch-translation.patch
diff -Nru gnupg-1.4.18/debian/patches/0014-Update-Czech-translation.patch gnupg-1.4.18/debian/patches/0014-Update-Czech-translation.patch
diff -Nru gnupg-1.4.18/debian/patches/0015-gpg-Make-the-use-of-verify-FILE-for-detached-sigs-ha.patch gnupg-1.4.18/debian/patches/0015-gpg-Make-the-use-of-verify-FILE-for-detached-sigs-ha.patch
--- gnupg-1.4.18/debian/patches/0015-gpg-Make-the-use-of-verify-FILE-for-detached-sigs-ha.patch 1969-12-31 19:00:00.000000000 -0500
+++ gnupg-1.4.18/debian/patches/0015-gpg-Make-the-use-of-verify-FILE-for-detached-sigs-ha.patch 2014-12-04 02:23:27.000000000 -0500
@@ -0,0 +1,316 @@
+From fbb50867f81d790c4bf819dcadcd14be6c3f957b Mon Sep 17 00:00:00 2001
+From: Werner Koch <wk@gnupg.org>
+Date: Fri, 14 Nov 2014 09:36:19 +0100
+Subject: [PATCH 15/20] gpg: Make the use of "--verify FILE" for detached sigs
+ harder.
+
+* g10/openfile.c (open_sigfile): Factor some code out to ...
+(get_matching_datafile): new function.
+* g10/plaintext.c (hash_datafiles): Do not try to find matching file
+in batch mode.
+* g10/mainproc.c (check_sig_and_print): Print a warning if a possibly
+matching data file is not used by a standard signatures.
+--
+
+Allowing to use the abbreviated form for detached signatures is a long
+standing bug which has only been noticed by the public with the
+release of 2.1.0. :-(
+
+What we do is to remove the ability to check detached signature in
+--batch using the one file abbreviated mode. This should exhibit
+problems in scripts which use this insecure practice. We also print a
+warning if a matching data file exists but was not considered because
+the detached signature was actually a standard signature:
+
+ gpgv: Good signature from "Werner Koch (dist sig)"
+ gpgv: WARNING: not a detached signature; \
+ file 'gnupg-2.1.0.tar.bz2' was NOT verified!
+
+We can only print a warning because it is possible that a standard
+signature is indeed to be verified but by coincidence a file with a
+matching name is stored alongside the standard signature.
+
+Reported-by: Simon Nicolussi (to gnupg-users on Nov 7)
+Signed-off-by: Werner Koch <wk@gnupg.org>
+
+(backported from commit 69384568f66a48eff3968bb1714aa13925580e9f)
+
+Updated doc/gpg.texi.
+---
+ doc/gpg.texi | 27 ++++++++++-------
+ g10/main.h | 1 +
+ g10/mainproc.c | 38 ++++++++++++++++++++++++
+ g10/openfile.c | 91 +++++++++++++++++++++++++++++++++++++--------------------
+ g10/plaintext.c | 21 ++++++++-----
+ 5 files changed, 130 insertions(+), 48 deletions(-)
+
+--- a/doc/gpg.texi
++++ b/doc/gpg.texi
+@@ -241,16 +241,22 @@
+
+ @item --verify
+ @opindex verify
+-Assume that the first argument is a signed file or a detached signature
+-and verify it without generating any output. With no arguments, the
+-signature packet is read from STDIN. If only a sigfile is given, it may
+-be a complete signature or a detached signature, in which case the
+-signed stuff is expected in a file without the ".sig" or ".asc"
+-extension. With more than 1 argument, the first should be a detached
+-signature and the remaining files are the signed stuff. To read the
+-signed stuff from STDIN, use @samp{-} as the second filename. For
+-security reasons a detached signature cannot read the signed material
+-from STDIN without denoting it in the above way.
++Assume that the first argument is a signed file and verify it without
++generating any output. With no arguments, the signature packet is
++read from STDIN. If only a one argument is given, it is expected to
++be a complete signature.
++
++With more than 1 argument, the first should be a detached signature
++and the remaining files ake up the the signed data. To read the signed
++data from STDIN, use @samp{-} as the second filename. For security
++reasons a detached signature cannot read the signed material from
++STDIN without denoting it in the above way.
++
++Note: If the option @option{--batch} is not used, @command{gpg}
++may assume that a single argument is a file with a detached signature
++and it will try to find a matching data file by stripping certain
++suffixes. Using this historical feature to verify a detached
++signature is strongly discouraged; always specify the data file too.
+
+ Note: When verifying a cleartext signature, @command{gpg} verifies
+ only what makes up the cleartext signed data and not any extra data
+@@ -260,6 +266,7 @@
+ format as well. It is suggested to avoid cleartext signatures in
+ favor of detached signatures.
+
++
+ @item --multifile
+ @opindex multifile
+ This modifies certain other commands to accept multiple files for
+--- a/g10/main.h
++++ b/g10/main.h
+@@ -195,6 +195,7 @@
+ char *make_outfile_name( const char *iname );
+ char *ask_outfile_name( const char *name, size_t namelen );
+ int open_outfile( const char *iname, int mode, IOBUF *a );
++char *get_matching_datafile (const char *sigfilename);
+ IOBUF open_sigfile( const char *iname, progress_filter_context_t *pfx );
+ void try_make_homedir( const char *fname );
+
+--- a/g10/mainproc.c
++++ b/g10/mainproc.c
+@@ -1949,6 +1949,44 @@
+ sig->sig_class==0x01?_("textmode"):_("unknown"),
+ digest_algo_to_string(sig->digest_algo));
+
++ if (!rc && !c->signed_data)
++ {
++ /* Signature is basically good but we test whether the
++ deprecated command
++ gpg --verify FILE.sig
++ was used instead of
++ gpg --verify FILE.sig FILE
++ to verify a detached signature. If we figure out that a
++ data file with a matching name exists, we print a warning.
++
++ The problem is that the first form would also verify a
++ standard signature. This behavior could be used to
++ create a made up .sig file for a tarball by creating a
++ standard signature from a valid detached signature packet
++ (for example from a signed git tag). Then replace the
++ sig file on the FTP server along with a changed tarball.
++ Using the first form the verify command would correctly
++ verify the signature but don't even consider the tarball. */
++ kbnode_t n;
++ char *dfile;
++
++ dfile = get_matching_datafile (c->sigfilename);
++ if (dfile)
++ {
++ for (n = c->list; n; n = n->next)
++ if (n->pkt->pkttype != PKT_SIGNATURE)
++ break;
++ if (n)
++ {
++ /* Not only signature packets in the tree thus this
++ is not a detached signature. */
++ log_info (_("WARNING: not a detached signature; "
++ "file '%s' was NOT verified!\n"), dfile);
++ }
++ xfree (dfile);
++ }
++ }
++
+ if( rc )
+ g10_errors_seen = 1;
+ if( opt.batch && rc )
+--- a/g10/openfile.c
++++ b/g10/openfile.c
+@@ -199,7 +199,7 @@
+ else {
+ char *buf = NULL;
+ const char *name;
+-
++
+ if ( opt.dry_run )
+ {
+ #ifdef HAVE_W32_SYSTEM
+@@ -224,12 +224,12 @@
+ char *dot;
+ const char *newsfx = mode==1 ? ".asc" :
+ mode==2 ? ".sig" : ".gpg";
+-
++
+ buf = xmalloc(strlen(iname)+4+1);
+ strcpy(buf,iname);
+ dot = strrchr(buf, '.' );
+ if ( dot && dot > buf && dot[1] && strlen(dot) <= 4
+- && CMP_FILENAME(newsfx, dot)
++ && CMP_FILENAME(newsfx, dot)
+ && !(strchr (dot, '/') || strchr (dot, '\\')))
+ {
+ /* There is a dot, the dot is not the first character,
+@@ -272,7 +272,7 @@
+ xfree (buf);
+ name = buf = tmp;
+ }
+-
++
+ if( !rc )
+ {
+ if (is_secured_filename (name) )
+@@ -300,41 +300,70 @@
+ }
+
+
++/* Find a matching data file for the signature file SIGFILENAME and
++ return it as a malloced string. If no matching data file is found,
++ return NULL. */
++char *
++get_matching_datafile (const char *sigfilename)
++{
++ char *fname = NULL;
++ size_t len;
++
++ if (iobuf_is_pipe_filename (sigfilename))
++ return NULL;
++
++ len = strlen (sigfilename);
++ if (len > 4
++ && (!strcmp (sigfilename + len - 4, EXTSEP_S "sig")
++ || (len > 5 && !strcmp(sigfilename + len - 5, EXTSEP_S "sign"))
++ || !strcmp(sigfilename + len - 4, EXTSEP_S "asc")))
++ {
++
++ fname = xstrdup (sigfilename);
++ fname[len-(fname[len-1]=='n'?5:4)] = 0 ;
++ if (access (fname, R_OK ))
++ {
++ /* Not found or other error. */
++ xfree (fname);
++ fname = NULL;
++ }
++ }
++
++ return fname;
++}
++
++
+ /****************
+ * Try to open a file without the extension ".sig" or ".asc"
+ * Return NULL if such a file is not available.
+ */
+ IOBUF
+-open_sigfile( const char *iname, progress_filter_context_t *pfx )
++open_sigfile (const char *sigfilename, progress_filter_context_t *pfx)
+ {
+- IOBUF a = NULL;
+- size_t len;
++ iobuf_t a = NULL;
++ char *buf;
+
+- if( !iobuf_is_pipe_filename (iname) ) {
+- len = strlen(iname);
+- if( len > 4 && ( !strcmp(iname + len - 4, EXTSEP_S "sig")
+- || ( len > 5 && !strcmp(iname + len - 5, EXTSEP_S "sign") )
+- || !strcmp(iname + len - 4, EXTSEP_S "asc")) ) {
+- char *buf;
+- buf = xstrdup(iname);
+- buf[len-(buf[len-1]=='n'?5:4)] = 0 ;
+- a = iobuf_open( buf );
+- if (a && is_secured_file (iobuf_get_fd (a)))
+- {
+- iobuf_close (a);
+- a = NULL;
+- errno = EPERM;
+- }
+- if( a && opt.verbose )
+- log_info(_("assuming signed data in `%s'\n"), buf );
+- if (a && pfx)
+- handle_progress (pfx, a, buf);
+- xfree(buf);
+- }
++ buf = get_matching_datafile (sigfilename);
++ if (buf)
++ {
++ a = iobuf_open (buf);
++ if (a && is_secured_file (iobuf_get_fd (a)))
++ {
++ iobuf_close (a);
++ a = NULL;
++ errno = EPERM;
++ }
++ if (a)
++ log_info (_("assuming signed data in `%s'\n"), buf);
++ if (a && pfx)
++ handle_progress (pfx, a, buf);
++ xfree (buf);
+ }
+- return a;
++
++ return a;
+ }
+
++
+ /****************
+ * Copy the option file skeleton to the given directory.
+ */
+@@ -398,7 +427,7 @@
+ ;
+ else if (c == '#')
+ esc = 2;
+- else
++ else
+ any_option = 1;
+ }
+ }
+--- a/g10/plaintext.c
++++ b/g10/plaintext.c
+@@ -538,13 +538,20 @@
+ STRLIST sl;
+
+ if( !files ) {
+- /* check whether we can open the signed material */
+- fp = open_sigfile( sigfilename, &pfx );
+- if( fp ) {
+- do_hash( md, md2, fp, textmode );
+- iobuf_close(fp);
+- return 0;
+- }
++ /* Check whether we can open the signed material. We avoid
++ trying to open a file if run in batch mode. This assumed
++ data file for a sig file feature is just a convenience thing
++ for the command line and the user needs to read possible
++ warning messages. */
++ if (!opt.batch) {
++ fp = open_sigfile( sigfilename, &pfx );
++ if( fp ) {
++ do_hash( md, md2, fp, textmode );
++ iobuf_close(fp);
++ return 0;
++ }
++ }
++
+ log_error (_("no signed data\n"));
+ return G10ERR_OPEN_FILE;
+ }
diff -Nru gnupg-1.4.18/debian/patches/0016-gpg-Fix-a-NULL-deref-for-invalid-input-data.patch gnupg-1.4.18/debian/patches/0016-gpg-Fix-a-NULL-deref-for-invalid-input-data.patch
--- gnupg-1.4.18/debian/patches/0016-gpg-Fix-a-NULL-deref-for-invalid-input-data.patch 1969-12-31 19:00:00.000000000 -0500
+++ gnupg-1.4.18/debian/patches/0016-gpg-Fix-a-NULL-deref-for-invalid-input-data.patch 2014-12-04 02:23:26.000000000 -0500
@@ -0,0 +1,50 @@
+From 69767ccf4218d0dc5ef2d7e141be0f14c88fea59 Mon Sep 17 00:00:00 2001
+From: Werner Koch <wk@gnupg.org>
+Date: Mon, 24 Nov 2014 19:32:47 +0100
+Subject: [PATCH 16/20] gpg: Fix a NULL-deref for invalid input data.
+
+* g10/mainproc.c (proc_encrypted): Take care of canceled passpharse
+entry.
+--
+
+GnuPG-bug-id: 1761
+Signed-off-by: Werner Koch <wk@gnupg.org>
+
+(backported from commit 32e85668b82f6fbcb824eea9548970804fb41d9e)
+---
+ g10/mainproc.c | 10 ++++++++--
+ 1 file changed, 8 insertions(+), 2 deletions(-)
+
+diff --git a/g10/mainproc.c b/g10/mainproc.c
+index d355a21..15baefe 100644
+--- a/g10/mainproc.c
++++ b/g10/mainproc.c
+@@ -540,7 +540,9 @@ proc_encrypted( CTX c, PACKET *pkt )
+ result = -1;
+ else if( !c->dek && !c->last_was_session_key ) {
+ int algo;
+- STRING2KEY s2kbuf, *s2k = NULL;
++ STRING2KEY s2kbuf;
++ STRING2KEY *s2k = NULL;
++ int canceled;
+
+ if(opt.override_session_key)
+ {
+@@ -580,9 +582,13 @@ proc_encrypted( CTX c, PACKET *pkt )
+ log_info (_("assuming %s encrypted data\n"), "IDEA");
+ }
+
+- c->dek = passphrase_to_dek ( NULL, 0, algo, s2k, 0, NULL, NULL );
++ c->dek = passphrase_to_dek ( NULL, 0, algo, s2k, 0, NULL,&canceled);
+ if (c->dek)
+ c->dek->algo_info_printed = 1;
++ else if (canceled)
++ result = G10ERR_CANCELED;
++ else
++ result = G10ERR_PASSPHRASE;
+ }
+ }
+ else if( !c->dek )
+--
+2.1.3
+
diff -Nru gnupg-1.4.18/debian/patches/0017-gpg-Fix-off-by-one-read-in-the-attribute-subpacket-p.patch gnupg-1.4.18/debian/patches/0017-gpg-Fix-off-by-one-read-in-the-attribute-subpacket-p.patch
--- gnupg-1.4.18/debian/patches/0017-gpg-Fix-off-by-one-read-in-the-attribute-subpacket-p.patch 1969-12-31 19:00:00.000000000 -0500
+++ gnupg-1.4.18/debian/patches/0017-gpg-Fix-off-by-one-read-in-the-attribute-subpacket-p.patch 2014-12-04 02:23:26.000000000 -0500
@@ -0,0 +1,43 @@
+From 2b4809406b6536cbb67a2282bf855710b8454dc2 Mon Sep 17 00:00:00 2001
+From: Werner Koch <wk@gnupg.org>
+Date: Mon, 24 Nov 2014 19:38:04 +0100
+Subject: [PATCH 17/20] gpg: Fix off-by-one read in the attribute subpacket
+ parser.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+* g10/parse-packet.c (parse_attribute_subpkts): Check that the
+attribute packet is large enough for the subpacket type.
+--
+
+Reported-by: Hanno Böck
+Signed-off-by: Werner Koch <wk@gnupg.org>
+
+(backported from commit 0988764397f99db4efef1eabcdb8072d6159af76)
+---
+ g10/parse-packet.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/g10/parse-packet.c b/g10/parse-packet.c
+index dcda8ef..db1702f 100644
+--- a/g10/parse-packet.c
++++ b/g10/parse-packet.c
+@@ -2026,6 +2026,14 @@ parse_attribute_subpkts(PKT_user_id *uid)
+ if( buflen < n )
+ goto too_short;
+
++ if (!n)
++ {
++ /* Too short to encode the subpacket type. */
++ if (opt.verbose)
++ log_info ("attribute subpacket too short\n");
++ break;
++ }
++
+ attribs=xrealloc(attribs,(count+1)*sizeof(struct user_attribute));
+ memset(&attribs[count],0,sizeof(struct user_attribute));
+
+--
+2.1.3
+
diff -Nru gnupg-1.4.18/debian/patches/0018-gpg-Fix-use-of-uninit.value-in-listing-sig-subpkts.patch gnupg-1.4.18/debian/patches/0018-gpg-Fix-use-of-uninit.value-in-listing-sig-subpkts.patch
--- gnupg-1.4.18/debian/patches/0018-gpg-Fix-use-of-uninit.value-in-listing-sig-subpkts.patch 1969-12-31 19:00:00.000000000 -0500
+++ gnupg-1.4.18/debian/patches/0018-gpg-Fix-use-of-uninit.value-in-listing-sig-subpkts.patch 2014-12-04 02:23:26.000000000 -0500
@@ -0,0 +1,52 @@
+From 2d359681f08999686734421228cb69893d8a0060 Mon Sep 17 00:00:00 2001
+From: Werner Koch <wk@gnupg.org>
+Date: Mon, 24 Nov 2014 19:41:46 +0100
+Subject: [PATCH 18/20] gpg: Fix use of uninit.value in listing sig subpkts.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+* g10/parse-packet.c (dump_sig_subpkt): Print regex subpacket
+sanitized.
+--
+
+We may not use "%s" to print an arbitrary buffer. At least "%.*s"
+should have been used. However, it is in general preferable to escape
+control characters while printf user data.
+
+Reported-by: Hanno Böck
+Signed-off-by: Werner Koch <wk@gnupg.org>
+
+(backported from commit 596ae9f5433ca3b0e01f7acbe06fd2e424c42ae8)
+---
+ g10/parse-packet.c | 9 +++++++--
+ 1 file changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/g10/parse-packet.c b/g10/parse-packet.c
+index db1702f..01600e4 100644
+--- a/g10/parse-packet.c
++++ b/g10/parse-packet.c
+@@ -892,13 +892,18 @@ dump_sig_subpkt( int hashed, int type, int critical,
+ if(length!=2)
+ p="[invalid trust subpacket]";
+ else
+- fprintf (listfp, "trust signature of depth %d, value %d",buffer[0],buffer[1]);
++ fprintf (listfp, "trust signature of depth %d, value %d",
++ buffer[0],buffer[1]);
+ break;
+ case SIGSUBPKT_REGEXP:
+ if(!length)
+ p="[invalid regexp subpacket]";
+ else
+- fprintf (listfp, "regular expression: \"%s\"",buffer);
++ {
++ fprintf (listfp, "regular expression: \"");
++ print_string (listfp, buffer, length, '\"');
++ p = "\"";
++ }
+ break;
+ case SIGSUBPKT_REVOCABLE:
+ if( length )
+--
+2.1.3
+
diff -Nru gnupg-1.4.18/debian/patches/Add-build-and-runtime-support-for-larger-RSA-key.patch gnupg-1.4.18/debian/patches/Add-build-and-runtime-support-for-larger-RSA-key.patch
--- gnupg-1.4.18/debian/patches/Add-build-and-runtime-support-for-larger-RSA-key.patch 1969-12-31 19:00:00.000000000 -0500
+++ gnupg-1.4.18/debian/patches/Add-build-and-runtime-support-for-larger-RSA-key.patch 2014-12-04 02:41:01.000000000 -0500
@@ -0,0 +1,254 @@
+From 534e2876acc05f9f8d9b54c18511fe768d77dfb5 Mon Sep 17 00:00:00 2001
+From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+Date: Fri, 3 Oct 2014 12:01:11 -0400
+Subject: [PATCH] gpg: Add build and runtime support for larger RSA keys
+
+* configure.ac: Added --enable-large-secmem option.
+* g10/options.h: Add opt.flags.large_rsa.
+* g10/gpg.c: Contingent on configure option: adjust secmem size,
+add gpg --enable-large-rsa, bound to opt.flags.large_rsa.
+* g10/keygen.c: Adjust max RSA size based on opt.flags.large_rsa
+* doc/gpg.texi: Document --enable-large-rsa.
+
+--
+
+Some older implementations built and used RSA keys up to 16Kib, but
+the larger secret keys now fail when used by more recent GnuPG, due to
+secure memory limitations.
+
+Building with ./configure --enable-large-secmem will make gpg
+capable of working with those secret keys, as well as permitting the
+use of a new gpg option --enable-large-rsa, which let gpg generate RSA
+keys up to 8Kib when used with --batch --gen-key.
+
+Debian-bug-id: 739424
+
+Minor edits by wk.
+
+GnuPG-bug-id: 1732
+---
+ configure.ac | 16 ++++++++++++++++
+ doc/gpg.texi | 9 +++++++++
+ g10/gpg.c | 22 +++++++++++++++++++++-
+ g10/keygen.c | 5 +++--
+ g10/options.h | 1 +
+ 5 files changed, 50 insertions(+), 3 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index ae63a4a..1fd6253 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -158,6 +158,7 @@ use_exec=yes
+ card_support=yes
+ agent_support=yes
+ disable_keyserver_path=no
++large_secmem=no
+
+ AC_ARG_ENABLE(minimal,
+ AC_HELP_STRING([--enable-minimal],[build the smallest gpg binary possible]),
+@@ -177,6 +178,21 @@ AC_ARG_ENABLE(minimal,
+ agent_support=no)
+
+
++AC_MSG_CHECKING([whether to allocate extra secure memory])
++AC_ARG_ENABLE(large-secmem,
++ AC_HELP_STRING([--enable-large-secmem],
++ [allocate extra secure memory]),
++ large_secmem=$enableval, large_secmem=no)
++AC_MSG_RESULT($large_secmem)
++if test "$large_secmem" = yes ; then
++ SECMEM_BUFFER_SIZE=65536
++else
++ SECMEM_BUFFER_SIZE=32768
++fi
++AC_DEFINE_UNQUOTED(SECMEM_BUFFER_SIZE,$SECMEM_BUFFER_SIZE,
++ [Size of secure memory buffer])
++
++
+ AC_MSG_CHECKING([whether OpenPGP card support is requested])
+ AC_ARG_ENABLE(card-support,
+ AC_HELP_STRING([--disable-card-support],
+diff --git a/doc/gpg.texi b/doc/gpg.texi
+index ded69ce..ae86809 100644
+--- a/doc/gpg.texi
++++ b/doc/gpg.texi
+@@ -1104,6 +1104,15 @@ the opposite meaning. The options are:
+ validation. This option is only meaningful if pka-lookups is set.
+ @end table
+
++@item --enable-large-rsa
++@itemx --disable-large-rsa
++@opindex enable-large-rsa
++@opindex disable-large-rsa
++With --gen-key and --batch, enable the creation of larger RSA secret
++keys than is generally recommended (up to 8192 bits). These large
++keys are more expensive to use, and their signatures and
++certifications are also larger.
++
+ @item --enable-dsa2
+ @itemx --disable-dsa2
+ @opindex enable-dsa2
+diff --git a/g10/gpg.c b/g10/gpg.c
+index 1b0a364..6dc15fa 100644
+--- a/g10/gpg.c
++++ b/g10/gpg.c
+@@ -372,6 +372,8 @@ enum cmd_and_opt_values
+ oAutoKeyLocate,
+ oNoAutoKeyLocate,
+ oAllowMultisigVerification,
++ oEnableLargeRSA,
++ oDisableLargeRSA,
+ oEnableDSA2,
+ oDisableDSA2,
+ oAllowMultipleMessages,
+@@ -719,6 +721,8 @@ static ARGPARSE_OPTS opts[] = {
+ { oDebugCCIDDriver, "debug-ccid-driver", 0, "@"},
+ #endif
+ { oAllowMultisigVerification, "allow-multisig-verification", 0, "@"},
++ { oEnableLargeRSA, "enable-large-rsa", 0, "@"},
++ { oDisableLargeRSA, "disable-large-rsa", 0, "@"},
+ { oEnableDSA2, "enable-dsa2", 0, "@"},
+ { oDisableDSA2, "disable-dsa2", 0, "@"},
+ { oAllowMultipleMessages, "allow-multiple-messages", 0, "@"},
+@@ -1995,7 +1999,7 @@ main (int argc, char **argv )
+ }
+ #endif
+ /* initialize the secure memory. */
+- got_secmem=secmem_init( 32768 );
++ got_secmem=secmem_init( SECMEM_BUFFER_SIZE );
+ maybe_setuid = 0;
+ /* Okay, we are now working under our real uid */
+
+@@ -2851,6 +2855,22 @@ main (int argc, char **argv )
+ release_akl();
+ break;
+
++ case oEnableLargeRSA:
++#if SECMEM_BUFFER_SIZE >= 65536
++ opt.flags.large_rsa=1;
++#else
++ if (configname)
++ log_info("%s:%d: WARNING: gpg not built with large secure "
++ "memory buffer. Ignoring enable-large-rsa\n",
++ configname,configlineno);
++ else
++ log_info("WARNING: gpg not built with large secure "
++ "memory buffer. Ignoring --enable-large-rsa\n");
++#endif /* SECMEM_BUFFER_SIZE >= 65536 */
++ break;
++ case oDisableLargeRSA: opt.flags.large_rsa=0;
++ break;
++
+ case oEnableDSA2: opt.flags.dsa2=1; break;
+ case oDisableDSA2: opt.flags.dsa2=0; break;
+
+diff --git a/g10/keygen.c b/g10/keygen.c
+index 84f852f..9020908 100644
+--- a/g10/keygen.c
++++ b/g10/keygen.c
+@@ -1253,6 +1253,7 @@ gen_rsa(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
+ PKT_public_key *pk;
+ MPI skey[6];
+ MPI *factors;
++ const unsigned maxsize = (opt.flags.large_rsa ? 8192 : 4096);
+
+ assert( is_RSA(algo) );
+
+@@ -1260,8 +1261,8 @@ gen_rsa(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
+ nbits = 2048;
+ log_info(_("keysize invalid; using %u bits\n"), nbits );
+ }
+- else if (nbits > 4096) {
+- nbits = 4096;
++ else if (nbits > maxsize) {
++ nbits = maxsize;
+ log_info(_("keysize invalid; using %u bits\n"), nbits );
+ }
+
+diff --git a/g10/options.h b/g10/options.h
+index d6326d8..670cf64 100644
+--- a/g10/options.h
++++ b/g10/options.h
+@@ -231,6 +231,7 @@ struct
+ unsigned int utf8_filename:1;
+ unsigned int dsa2:1;
+ unsigned int allow_multiple_messages:1;
++ unsigned int large_rsa:1;
+ } flags;
+
+ /* Linked list of ways to find a key if the key isn't on the local
+--
+2.1.1
+
+diff --git a/config.h.in b/config.h.in
+index 379ca1e..f21b779 100644
+--- a/config.h.in
++++ b/config.h.in
+@@ -690,6 +690,9 @@
+ /* Define as the return type of signal handlers (`int' or `void'). */
+ #undef RETSIGTYPE
+
++/* Size of secure memory buffer */
++#undef SECMEM_BUFFER_SIZE
++
+ /* The size of `time_t', as computed by sizeof. */
+ #undef SIZEOF_TIME_T
+
+diff --git a/configure b/configure
+index 203794c..07639ab 100755
+--- a/configure
++++ b/configure
+@@ -856,6 +856,7 @@ enable_asm
+ enable_selinux_support
+ enable_gnupg_iconv
+ enable_minimal
++enable_large_secmem
+ enable_card_support
+ enable_agent_support
+ enable_rsa
+@@ -1548,6 +1549,7 @@ Optional Features:
+ enable SELinux support
+ --disable-gnupg-iconv disable the new iconv code
+ --enable-minimal build the smallest gpg binary possible
++ --enable-large-secmem allocate extra secure memory
+ --disable-card-support disable OpenPGP card support
+ --disable-agent-support disable gpg-agent support
+ --disable-rsa disable the RSA public key algorithm
+@@ -4869,6 +4871,7 @@ use_exec=yes
+ card_support=yes
+ agent_support=yes
+ disable_keyserver_path=no
++large_secmem=no
+
+ # Check whether --enable-minimal was given.
+ if test "${enable_minimal+set}" = set; then :
+@@ -4890,6 +4893,29 @@ fi
+
+
+
++{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to allocate extra secure memory" >&5
++$as_echo_n "checking whether to allocate extra secure memory... " >&6; }
++# Check whether --enable-large-secmem was given.
++if test "${enable_large_secmem+set}" = set; then :
++ enableval=$enable_large_secmem; large_secmem=$enableval
++else
++ large_secmem=no
++fi
++
++{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $large_secmem" >&5
++$as_echo "$large_secmem" >&6; }
++if test "$large_secmem" = yes ; then
++ SECMEM_BUFFER_SIZE=65536
++else
++ SECMEM_BUFFER_SIZE=32768
++fi
++
++cat >>confdefs.h <<_ACEOF
++#define SECMEM_BUFFER_SIZE $SECMEM_BUFFER_SIZE
++_ACEOF
++
++
++
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether OpenPGP card support is requested" >&5
+ $as_echo_n "checking whether OpenPGP card support is requested... " >&6; }
+ # Check whether --enable-card-support was given.
diff -Nru gnupg-1.4.18/debian/patches/series gnupg-1.4.18/debian/patches/series
--- gnupg-1.4.18/debian/patches/series 2014-09-02 10:44:23.000000000 -0400
+++ gnupg-1.4.18/debian/patches/series 2014-12-04 15:55:41.000000000 -0500
@@ -1,2 +1,21 @@
fix_760273.patch
fix_import_filter_regression.patch
+Add-build-and-runtime-support-for-larger-RSA-key.patch
+0003-Update-POT-file.patch
+0004-Update-PO-files.patch
+0005-Update-French-translation.patch
+0006-Update-Danish-translation.patch
+0007-Update-Ukrainian-translation.patch
+0008-Update-Russian-translation.patch
+0009-Update-Chinese-traditional-translation.patch
+0010-Update-Italian-translation.patch
+0011-Update-Polish-translation.patch
+0012-Update-Spanish-translation.patch
+0013-Update-Dutch-translation.patch
+0014-Update-Czech-translation.patch
+0007-mpi-Improve-mpi_invm-to-detect-bad-input.patch
+0016-gpg-Fix-a-NULL-deref-for-invalid-input-data.patch
+0017-gpg-Fix-off-by-one-read-in-the-attribute-subpacket-p.patch
+0018-gpg-Fix-use-of-uninit.value-in-listing-sig-subpkts.patch
+0015-gpg-Make-the-use-of-verify-FILE-for-detached-sigs-ha.patch
+sync-docs-with-upstream.patch
diff -Nru gnupg-1.4.18/debian/patches/sync-docs-with-upstream.patch gnupg-1.4.18/debian/patches/sync-docs-with-upstream.patch
--- gnupg-1.4.18/debian/patches/sync-docs-with-upstream.patch 1969-12-31 19:00:00.000000000 -0500
+++ gnupg-1.4.18/debian/patches/sync-docs-with-upstream.patch 2014-12-04 15:57:29.000000000 -0500
@@ -0,0 +1,975 @@
+Synchronizing documentation with upstream
+
+ Makefile.am | 16 --
+ gpg.texi | 384 ++++++++++++------------------------------------------------
+ yat2m.c | 102 +++++++++++++++
+ 3 files changed, 182 insertions(+), 320 deletions(-)
+
+--- a/doc/Makefile.am
++++ b/doc/Makefile.am
+@@ -26,10 +26,6 @@
+ myman_sources = gpg.texi gpgv.texi
+ myman_pages = gpg.1 gpgv.1
+
+-
+-sources_from_trunk = $(myman_sources) \
+- opt-homedir.texi specify-user-id.texi see-also-note.texi
+-
+ info_TEXINFOS = gnupg1.texi
+
+ man_MANS = $(myman_pages) gnupg.7 gpg-zip.1
+@@ -50,7 +46,7 @@
+ AM_MAKEINFOFLAGS = -I $(srcdir) --css-include=$(srcdir)/texi.css -D gpgone
+
+ YAT2M_OPTIONS = -I $(srcdir) -D gpgone \
+- --release "GnuPG @PACKAGE_VERSION@" --source "GNU Privacy Guard"
++ --release "GnuPG @PACKAGE_VERSION@" --source "GNU Privacy Guard 1.4"
+
+ yat2m: Makefile yat2m.c
+ $(CC_FOR_BUILD) -o $@ $(srcdir)/yat2m.c
+@@ -83,12 +79,6 @@
+ @if test "`wc -c < gpg.1`" -lt 200; then \
+ echo 'ERROR: dummy man page'; false; fi
+
+-# Copy shared files from the master branch. We keep the texinfo files
+-# all in master so that we need to modify only one source. Macros are
+-# used to customize them for a specific version.
+ update-source:
+- @set -e; cd $(srcdir); \
+- for i in $(sources_from_trunk) yat2m.c ; do \
+- echo "updating from master:doc/$$i" >&2 ; \
+- git show master:doc/$$i >$$i ; \
+- done
++ @echo Not anymore used - we now keep docs for 1.x separate
++ @echo from GnuPG-2.
+--- a/doc/gpg.texi
++++ b/doc/gpg.texi
+@@ -1,21 +1,21 @@
+-@c Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
++ @c Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
+ @c 2008, 2009, 2010 Free Software Foundation, Inc.
+ @c This is part of the GnuPG manual.
+ @c For copying conditions, see the file gnupg.texi.
+
+-@c Note that we use this texinfo file for all versions of GnuPG: 1.4.x,
+-@c 2.0 and 2.1. The macro "gpgone" controls parts which are only valid
+-@c for GnuPG 1.4, the macro "gpgtwoone" controls parts which are only
+-@c valid for GnupG 2.1 and later.
+-
+ @node Invoking GPG
+ @chapter Invoking GPG
+ @cindex GPG command options
+ @cindex command options
+ @cindex options, GPG command
+
+-@c Begin GnuPG 1.x specific stuff
+-@ifset gpgone
++@c Begin algorithm defaults
++
++@set DEFSYMENCALGO CAST5
++
++@c End algorithm defaults
++
++
+ @macro gpgname
+ gpg
+ @end macro
+@@ -36,63 +36,20 @@
+ .I command
+ .RI [ args ]
+ @end ifset
+-@end ifset
+-@c End GnuPG 1.x specific stuff
+-
+-@c Begin GnuPG 2 specific stuff
+-@ifclear gpgone
+-@macro gpgname
+-gpg2
+-@end macro
+-@manpage gpg2.1
+-@ifset manverb
+-.B gpg2
+-\- OpenPGP encryption and signing tool
+-@end ifset
+-
+-@mansect synopsis
+-@ifset manverb
+-.B gpg2
+-.RB [ \-\-homedir
+-.IR dir ]
+-.RB [ \-\-options
+-.IR file ]
+-.RI [ options ]
+-.I command
+-.RI [ args ]
+-@end ifset
+-@end ifclear
+-@c Begin GnuPG 2 specific stuff
+
+ @mansect description
+-@command{@gpgname} is the OpenPGP part of the GNU Privacy Guard (GnuPG). It
+-is a tool to provide digital encryption and signing services using the
+-OpenPGP standard. @command{@gpgname} features complete key management and
+-all bells and whistles you can expect from a decent OpenPGP
+-implementation.
++@command{@gpgname} is the OpenPGP only version of the GNU Privacy
++Guard (GnuPG). It is a tool to provide digital encryption and signing
++services using the OpenPGP standard. @command{@gpgname} features
++complete key management and all bells and whistles you can expect from
++a decent OpenPGP implementation.
+
+-@ifset gpgone
+ This is the standalone version of @command{gpg}. For desktop use you
+-should consider using @command{gpg2} @footnote{On some platforms gpg2 is
+-installed under the name @command{gpg}}.
+-@end ifset
+-
+-@ifclear gpgone
+-In contrast to the standalone version @command{gpg}, which is more
+-suited for server and embedded platforms, this version is commonly
+-installed under the name @command{gpg2} and more targeted to the desktop
+-as it requires several other modules to be installed. The standalone
+-version will be kept maintained and it is possible to install both
+-versions on the same system. If you need to use different configuration
+-files, you should make use of something like @file{gpg.conf-2} instead
+-of just @file{gpg.conf}.
+-@end ifclear
++should consider using @command{gpg2} from the GnuPG-2 package
++@footnote{On some platforms gpg2 is installed under the name
++@command{gpg}}.
+
+ @manpause
+-@ifclear gpgone
+-Documentation for the old standard @command{gpg} is available as a man
+-page and at @inforef{Top,GnuPG 1,gpg}.
+-@end ifclear
+
+ @xref{Option Index}, for an index to @command{@gpgname}'s commands and options.
+ @mancont
+@@ -217,7 +174,7 @@
+ @itemx -c
+ @opindex symmetric
+ Encrypt with a symmetric cipher using a passphrase. The default
+-symmetric cipher used is CAST5, but may be chosen with the
++symmetric cipher used is @value{DEFSYMENCALGO}, but may be chosen with the
+ @option{--cipher-algo} option. This option may be combined with
+ @option{--sign} (for a signed and symmetrically encrypted message),
+ @option{--encrypt} (for a message that may be decrypted via a secret key
+@@ -294,12 +251,11 @@
+ @opindex list-keys
+ List all keys from the public keyrings, or just the keys given on the
+ command line.
+-@ifset gpgone
++
+ @option{-k} is slightly different from @option{--list-keys} in that it
+ allows only for one argument and takes the second argument as the
+ keyring to search. This is for command line compatibility with PGP 2
+ and has been removed in @command{gpg2}.
+-@end ifset
+
+ Avoid using the output of this command in scripts or other programs as
+ it is likely to change as GnuPG changes. See @option{--with-colons} for a
+@@ -317,10 +273,6 @@
+ @item --list-sigs
+ @opindex list-sigs
+ Same as @option{--list-keys}, but the signatures are listed too.
+-@ifclear gpgone
+-This command has the same effect as
+-using @option{--list-keys} with @option{--with-sig-list}.
+-@end ifclear
+
+ For each signature listed, there are several flags in between the "sig"
+ tag and keyid. These flags give additional information about each
+@@ -340,10 +292,6 @@
+ Same as @option{--list-sigs}, but the signatures are verified. Note
+ that for performance reasons the revocation status of a signing key is
+ not shown.
+-@ifclear gpgone
+-This command has the same effect as
+-using @option{--list-keys} with @option{--with-sig-check}.
+-@end ifclear
+
+ The status of the verification is indicated by a flag directly following
+ the "sig" tag (and thus before the flags described above for
+@@ -352,16 +300,6 @@
+ if an error occurred while checking the signature (e.g. a non supported
+ algorithm).
+
+-@ifclear gpgone
+-@item --locate-keys
+-@opindex locate-keys
+-Locate the keys given as arguments. This command basically uses the
+-same algorithm as used when locating keys for encryption or signing and
+-may thus be used to see what keys @command{@gpgname} might use. In
+-particular external methods as defined by @option{--auto-key-locate} may
+-be used to locate a key. Only public keys are listed.
+-@end ifclear
+-
+
+ @item --fingerprint
+ @opindex fingerprint
+@@ -415,8 +353,8 @@
+ @opindex export
+ Either export all keys from all keyrings (default keyrings and those
+ registered via option @option{--keyring}), or if at least one name is given,
+-those of the given name. The new keyring is written to STDOUT or to the
+-file given with option @option{--output}. Use together with
++those of the given name. The exported keys are written to STDOUT or to the
++file given with option @option{--output}. Use together with
+ @option{--armor} to mail those keys.
+
+ @item --send-keys @code{key IDs}
+@@ -431,15 +369,24 @@
+ @itemx --export-secret-subkeys
+ @opindex export-secret-keys
+ @opindex export-secret-subkeys
+-Same as @option{--export}, but exports the secret keys instead. This is
+-normally not very useful and a security risk. The second form of the
+-command has the special property to render the secret part of the
+-primary key useless; this is a GNU extension to OpenPGP and other
+-implementations can not be expected to successfully import such a key.
+-@ifclear gpgtwoone
+-See the option @option{--simple-sk-checksum} if you want to import such
+-an exported key with an older OpenPGP implementation.
+-@end ifclear
++Same as @option{--export}, but exports the secret keys instead. The
++exported keys are written to STDOUT or to the file given with option
++@option{--output}. This command is often used along with the option
++@option{--armor} to allow easy printing of the key for paper backup;
++however the external tool @command{paperkey} does a better job for
++creating backups on paper. Note that exporting a secret key can be a
++security risk if the exported keys are send over an insecure channel.
++
++The second form of the command has the special property to render the
++secret part of the primary key useless; this is a GNU extension to
++OpenPGP and other implementations can not be expected to successfully
++import such a key. Its intended use is to generated a full key with
++an additional signing subkey on a dedicated machine and then using
++this command to export the key without the primary key to the main
++machine.
++
++See the option @option{--simple-sk-checksum} if you want to import an
++exported secret key into ancient OpenPGP implementations.
+
+ @item --import
+ @itemx --fast-import
+@@ -585,12 +532,12 @@
+
+ @item --gen-key
+ @opindex gen-key
+-Generate a new key pair. This command is normally only used
+-interactively.
++Generate a new key pair using teh current default parameters. This is
++the standard command to create a new key.
+
+-There is an experimental feature which allows you to create keys in
+-batch mode. See the file @file{doc/DETAILS} in the source distribution
+-on how to use this.
++There is also a feature which allows you to create keys in batch
++mode. See the the manual section ``Unattended key generation'' on how
++to use this.
+
+ @item --gen-revoke @code{name}
+ @opindex gen-revoke
+@@ -913,32 +860,6 @@
+ non-exportable. This is a shortcut version of the subcommand "lsign"
+ from @option{--edit-key}.
+
+-@ifset gpgtwoone
+-@item --quick-sign-key @code{fpr} [@code{names}]
+-@itemx --quick-lsign-key @code{name}
+-@opindex quick-sign-key
+-@opindex quick-lsign-key
+-Directly sign a key from the passphrase without any further user
+-interaction. The @code{fpr} must be the verified primary fingerprint
+-of a key in the local keyring. If no @code{names} are given, all
+-useful user ids are signed; with given [@code{names}] only useful user
+-ids matching one of theses names are signed. The command
+-@option{--quick-lsign-key} marks the signatures as non-exportable.
+-
+-This command uses reasonable defaults and thus does not provide the
+-full flexibility of the "sign" subcommand from @option{--edit-key}.
+-Its intended use to help unattended signing using a list of verified
+-fingerprints.
+-@end ifset
+-
+-@ifclear gpgone
+-@item --passwd @var{user_id}
+-@opindex passwd
+-Change the passphrase of the secret key belonging to the certificate
+-specified as @var{user_id}. This is a shortcut for the sub-command
+-@code{passwd} of the edit key menu.
+-@end ifclear
+-
+ @end table
+
+
+@@ -1070,6 +991,13 @@
+ see @option{--attribute-fd} for the appropriate way to get photo data
+ for scripts and other frontends.
+
++ @item show-usage
++ @opindex list-options:show-usage
++ Show usage information for keys and subkeys in the standard key
++ listing. This is a list of letters indicating the allowed usage for a
++ key (@code{E}=encryption, @code{S}=signing, @code{C}=certification,
++ @code{A}=authentication). Defaults to no.
++
+ @item show-policy-urls
+ @opindex list-options:show-policy-urls
+ Show policy URLs in the @option{--list-sigs} or @option{--check-sigs}
+@@ -1258,31 +1186,24 @@
+ home directory (@file{~/.gnupg} if @option{--homedir} or $GNUPGHOME is
+ not used).
+
+-@ifset gpgone
+ @anchor{option --homedir}
+-@end ifset
+ @include opt-homedir.texi
+
+
+-@ifset gpgone
+ @item --pcsc-driver @code{file}
+ @opindex pcsc-driver
+ Use @code{file} to access the smartcard reader. The current default is
+ `libpcsclite.so.1' for GLIBC based systems,
+ `/System/Library/Frameworks/PCSC.framework/PCSC' for MAC OS X,
+ `winscard.dll' for Windows and `libpcsclite.so' for other systems.
+-@end ifset
+
+-@ifset gpgone
+ @item --disable-ccid
+ @opindex disable-ccid
+ Disable the integrated support for CCID compliant readers. This
+ allows to fall back to one of the other drivers even if the internal
+ CCID driver can handle the reader. Note, that CCID support is only
+ available if libusb was available at build time.
+-@end ifset
+
+-@ifset gpgone
+ @item --reader-port @code{number_or_string}
+ @opindex reader-port
+ This option may be used to specify the port of the card terminal. A
+@@ -1291,7 +1212,6 @@
+ readers might need a string here; run the program in verbose mode to get
+ a list of available readers. The default is then the first reader
+ found.
+-@end ifset
+
+ @item --display-charset @code{name}
+ @opindex display-charset
+@@ -1452,7 +1372,7 @@
+
+ @item classic
+ @opindex trust-mode:classic
+- This is the standard Web of Trust as used in PGP 2.x and earlier.
++ This is the standard Web of Trust as introduced by PGP 2.
+
+ @item direct
+ @opindex trust-mode:direct
+@@ -1462,7 +1382,7 @@
+ @item always
+ @opindex trust-mode:always
+ Skip key validation and assume that used keys are always fully
+- trusted. You generally won't use this unless you are using some
++ valid. You generally won't use this unless you are using some
+ external validation scheme. This option also suppresses the
+ "[uncertain]" tag printed with signature checks when there is no
+ evidence that the user ID is bound to the key. Note that this
+@@ -1633,11 +1553,9 @@
+ "http_proxy" environment variable, if any.
+
+
+-@ifclear gpgtwoone
+ @item max-cert-size
+ When retrieving a key via DNS CERT, only accept keys up to this size.
+ Defaults to 16384 bytes.
+-@end ifclear
+
+ @item debug
+ Turn on debug output in the keyserver helper program. Note that the
+@@ -1646,28 +1564,16 @@
+ program uses internally (libcurl, openldap, etc).
+
+ @item check-cert
+-@ifset gpgtwoone
+- This option has no more function since GnuPG 2.1. Use the
+- @code{dirmngr} configuration options instead.
+-@end ifset
+-@ifclear gpgtwoone
+ Enable certificate checking if the keyserver presents one (for hkps or
+ ldaps). Defaults to on.
+-@end ifclear
+
+ @item ca-cert-file
+-@ifset gpgtwoone
+- This option has no more function since GnuPG 2.1. Use the
+- @code{dirmngr} configuration options instead.
+-@end ifset
+-@ifclear gpgtwoone
+ Provide a certificate store to override the system default. Only
+ necessary if check-cert is enabled, and the keyserver is using a
+ certificate that is not present in a system default certificate list.
+
+ Note that depending on the SSL library that the keyserver helper is
+ built with, this may actually be a directory or a file.
+-@end ifclear
+
+ @end table
+
+@@ -1685,7 +1591,6 @@
+ @opindex max-cert-depth
+ Maximum depth of a certification chain (default is 5).
+
+-@ifclear gpgtwoone
+ @item --simple-sk-checksum
+ @opindex simple-sk-checksum
+ Secret keys are integrity protected by using a SHA-1 checksum. This
+@@ -1697,7 +1602,6 @@
+ the secret key is encrypted - the simplest way to make this happen is
+ to change the passphrase on the key (even changing it to the same
+ value is acceptable).
+-@end ifclear
+
+ @item --no-sig-cache
+ @opindex no-sig-cache
+@@ -1728,46 +1632,18 @@
+ @item --use-agent
+ @itemx --no-use-agent
+ @opindex use-agent
+-@ifclear gpgone
+-This is dummy option. @command{@gpgname} always requires the agent.
+-@end ifclear
+-@ifset gpgone
+ Try to use the GnuPG-Agent. With this option, GnuPG first tries to
+ connect to the agent before it asks for a
+ passphrase. @option{--no-use-agent} disables this option.
+-@end ifset
+
+ @item --gpg-agent-info
+ @opindex gpg-agent-info
+-@ifclear gpgone
+-This is dummy option. It has no effect when used with @command{gpg2}.
+-@end ifclear
+-@ifset gpgone
+ Override the value of the environment variable
+ @samp{GPG_AGENT_INFO}. This is only used when @option{--use-agent} has
+ been given. Given that this option is not anymore used by
+ @command{gpg2}, it should be avoided if possible.
+-@end ifset
+
+
+-@ifclear gpgone
+-@item --agent-program @var{file}
+-@opindex agent-program
+-Specify an agent program to be used for secret key operations. The
+-default value is the @file{/usr/bin/gpg-agent}. This is only used
+-as a fallback when the environment variable @code{GPG_AGENT_INFO} is not
+-set or a running agent cannot be connected.
+-@end ifclear
+-
+-@ifset gpgtwoone
+-@item --dirmngr-program @var{file}
+-@opindex dirmngr-program
+-Specify a dirmngr program to be used for keyserver access. The
+-default value is @file{/usr/sbin/dirmngr}. This is only used as a
+-fallback when the environment variable @code{DIRMNGR_INFO} is not set or
+-a running dirmngr cannot be connected.
+-@end ifset
+-
+ @item --lock-once
+ @opindex lock-once
+ Lock the databases the first time a lock is requested
+@@ -1947,20 +1823,6 @@
+ Use @var{name} as the key to sign with. Note that this option overrides
+ @option{--default-key}.
+
+-@ifset gpgtwoone
+-@item --try-secret-key @var{name}
+-@opindex try-secret-key
+-For hidden recipients GPG needs to know the keys to use for trial
+-decryption. The key set with @option{--default-key} is always tried
+-first, but this is often not sufficient. This option allows to set more
+-keys to be used for trial decryption. Although any valid user-id
+-specification may be used for @var{name} it makes sense to use at least
+-the long keyid to avoid ambiguities. Note that gpg-agent might pop up a
+-pinentry for a lot keys to do the trial decryption. If you want to stop
+-all further trial decryption you may use close-window button instead of
+-the cancel button.
+-@end ifset
+-
+ @item --try-all-secrets
+ @opindex try-all-secrets
+ Don't look at the key ID as stored in the message but try all secret
+@@ -2079,17 +1941,11 @@
+ Include designated revoker information that was marked as
+ "sensitive". Defaults to no.
+
+- @c Since GnuPG 2.1 gpg-agent manages the secret key and thus the
+- @c export-reset-subkey-passwd hack is not anymore justified. Such use
+- @c cases need to be implemented using a specialized secret key export
+- @c tool.
+-@ifclear gpgtwoone
+ @item export-reset-subkey-passwd
+ When using the @option{--export-secret-subkeys} command, this option resets
+ the passphrases for all exported subkeys to empty. This is useful
+ when the exported subkey is to be used on an unattended machine where
+ a passphrase doesn't necessarily make sense. Defaults to no.
+-@end ifclear
+
+ @item export-clean
+ Compact (remove all signatures from) user IDs on the key being
+@@ -2120,37 +1976,12 @@
+ @opindex fixed-list-mode
+ Do not merge primary user ID and primary key in @option{--with-colon}
+ listing mode and print all timestamps as seconds since 1970-01-01.
+-@ifclear gpgone
+-Since GnuPG 2.0.10, this mode is always used and thus this option is
+-obsolete; it does not harm to use it though.
+-@end ifclear
+-
+-@ifset gpgtwoone
+-@item --legacy-list-mode
+-@opindex legacy-list-mode
+-Revert to the pre-2.1 public key list mode. This only affects the
+-human readable output and not the machine interface
+-(i.e. @code{--with-colons}). Note that the legacy format does not
+-allow to convey suitable information for elliptic curves.
+-@end ifset
+
+ @item --with-fingerprint
+ @opindex with-fingerprint
+ Same as the command @option{--fingerprint} but changes only the format
+ of the output and may be used together with another command.
+
+-@ifset gpgtwoone
+-@item --with-keygrip
+-@opindex with-keygrip
+-Include the keygrip in the key listings.
+-
+-@item --with-secret
+-@opindex with-secret
+-Include info about the presence of a secret key in public key listings
+-done with @code{--with-colons}.
+-
+-@end ifset
+-
+ @end table
+
+ @c *******************************************
+@@ -2173,13 +2004,11 @@
+ Mac to Windows, etc). @option{--no-textmode} disables this option, and
+ is the default.
+
+-@ifset gpgone
+ If @option{-t} (but not @option{--textmode}) is used together with
+ armoring and signing, this enables clearsigned messages. This kludge is
+ needed for command-line compatibility with command-line versions of PGP;
+ normally you would use @option{--sign} or @option{--clearsign} to select
+ the type of the signature.
+-@end ifset
+
+ @item --force-v3-sigs
+ @itemx --no-force-v3-sigs
+@@ -2248,7 +2077,7 @@
+ @item --s2k-cipher-algo @code{name}
+ @opindex s2k-cipher-algo
+ Use @code{name} as the cipher algorithm used to protect secret keys.
+-The default cipher is CAST5. This cipher is also used for
++The default cipher is @value{DEFSYMENCALGO}. This cipher is also used for
+ conventional encryption if @option{--personal-cipher-preferences} and
+ @option{--cipher-algo} is not given.
+
+@@ -2318,9 +2147,11 @@
+ Reset all packet, cipher and digest options to strict RFC-2440
+ behavior.
+
++@ifclear gpgtowone
+ @item --rfc1991
+ @opindex rfc1991
+-Try to be more RFC-1991 (PGP 2.x) compliant.
++Try to be more RFC-1991 (PGP 2.x) compliant. This option is
++deprecated will be removed in GnuPG 2.1.
+
+ @item --pgp2
+ @opindex pgp2
+@@ -2330,14 +2161,17 @@
+ 2.x' here means `MIT PGP 2.6.2'. There are other versions of PGP 2.x
+ available, but the MIT release is a good common baseline.
+
+-This option implies @option{--rfc1991 --disable-mdc
+---no-force-v4-certs --escape-from-lines --force-v3-sigs
+-@ifclear gpgone
+---allow-weak-digest-algos
++This option implies
++@option{--rfc1991 --disable-mdc --no-force-v4-certs
++ --escape-from-lines --force-v3-sigs
++ --cipher-algo IDEA --digest-algo MD5 --compress-algo ZIP}.
++It also disables @option{--textmode} when encrypting.
++
++This option is deprecated will be removed in GnuPG 2.1. The reason
++for dropping PGP-2 support is that the PGP 2 format is not anymore
++considered safe (for example due to the use of the broken MD5 algorithm).
++Note that the decryption of PGP-2 created messages will continue to work.
+ @end ifclear
+---cipher-algo IDEA --digest-algo
+-MD5--compress-algo ZIP}. It also disables @option{--textmode} when
+-encrypting.
+
+ @item --pgp6
+ @opindex pgp6
+@@ -2431,12 +2265,10 @@
+ @opindex debug-all
+ Set all useful debugging flags.
+
+-@ifset gpgone
+ @item --debug-ccid-driver
+ @opindex debug-ccid-driver
+ Enable debug output from the included CCID driver for smartcards.
+ Note that this option is only available on some system.
+-@end ifset
+
+ @item --faked-system-time @var{epoch}
+ @opindex faked-system-time
+@@ -2687,10 +2519,6 @@
+ will be read from file descriptor @code{n}. If you use 0 for @code{n},
+ the passphrase will be read from STDIN. This can only be used if only
+ one passphrase is supplied.
+-@ifclear gpgone
+-Note that this passphrase is only used if the option @option{--batch}
+-has also been given. This is different from @command{gpg}.
+-@end ifclear
+
+ @item --passphrase-file @code{file}
+ @opindex passphrase-file
+@@ -2699,10 +2527,6 @@
+ passphrase is supplied. Obviously, a passphrase stored in a file is
+ of questionable security if other users can read this file. Don't use
+ this option if you can avoid it.
+-@ifclear gpgone
+-Note that this passphrase is only used if the option @option{--batch}
+-has also been given. This is different from @command{gpg}.
+-@end ifclear
+
+ @item --passphrase @code{string}
+ @opindex passphrase
+@@ -2710,30 +2534,6 @@
+ passphrase is supplied. Obviously, this is of very questionable
+ security on a multi-user system. Don't use this option if you can
+ avoid it.
+-@ifclear gpgone
+-Note that this passphrase is only used if the option @option{--batch}
+-has also been given. This is different from @command{gpg}.
+-@end ifclear
+-
+-@ifset gpgtwoone
+-@item --pinentry-mode @code{mode}
+-@opindex pinentry-mode
+-Set the pinentry mode to @code{mode}. Allowed values for @code{mode}
+-are:
+-@table @asis
+- @item default
+- Use the default of the agent, which is @code{ask}.
+- @item ask
+- Force the use of the Pinentry.
+- @item cancel
+- Emulate use of Pinentry's cancel button.
+- @item error
+- Return a Pinentry error (``No Pinentry'').
+- @item loopback
+- Redirect Pinentry queries to the caller. Note that in contrast to
+- Pinentry the user is not prompted again if he enters a bad password.
+-@end table
+-@end ifset
+
+ @item --command-fd @code{n}
+ @opindex command-fd
+@@ -2793,14 +2593,6 @@
+ However, be aware that a MDC protection failure may also mean that the
+ message was tampered with intentionally by an attacker.
+
+-@ifclear gpgone
+-@item --allow-weak-digest-algos
+-@opindex allow-weak-digest-algos
+-Signatures made with the broken MD5 algorithm are normally rejected
+-with an ``invalid digest algorithm'' message. This option allows the
+-verification of signatures made with such weak algorithms.
+-@end ifclear
+-
+ @item --no-default-keyring
+ @opindex no-default-keyring
+ Do not add the default keyrings to the list of keyrings. Note that
+@@ -2964,14 +2756,12 @@
+
+ @table @gnupgtabopt
+
+-@ifset gpgone
+ @item --load-extension @code{name}
+ @opindex load-extension
+ Load an extension module. If @code{name} does not contain a slash it is
+ searched for in the directory configured when GnuPG was built
+ (generally "/usr/local/lib/gnupg"). Extensions are not generally
+ useful anymore, and the use of this option is deprecated.
+-@end ifset
+
+ @item --show-photos
+ @itemx --no-show-photos
+@@ -2989,13 +2779,11 @@
+ keyring a given key resides on. This option is deprecated: use
+ @option{--list-options [no-]show-keyring} instead.
+
+-@ifset gpgone
+ @item --ctapi-driver @code{file}
+ @opindex ctapi-driver
+ Use @code{file} to access the smartcard reader. The current default
+ is `libtowitoko.so'. Note that the use of this interface is
+ deprecated; it may be removed in future releases.
+-@end ifset
+
+ @item --always-trust
+ @opindex always-trust
+@@ -3051,10 +2839,6 @@
+ Note that on larger installations, it is useful to put predefined files
+ into the directory @file{/etc/skel/.gnupg/} so that newly created users
+ start up with a working configuration.
+-@ifclear gpgone
+-For existing users the a small
+-helper script is provided to create these files (@pxref{addgnupghome}).
+-@end ifclear
+
+ For internal purposes @command{@gpgname} creates and maintains a few other
+ files; They all live in in the current home directory (@pxref{option
+@@ -3068,26 +2852,13 @@
+ @item ~/.gnupg/pubring.gpg.lock
+ The lock file for the public keyring.
+
+-@ifset gpgtwoone
+ @item ~/.gnupg/pubring.kbx
+- The public keyring using a different format. This file is sharred
+- with @command{gpgsm}. You should backup this file.
+-
+- @item ~/.gnupg/pubring.kbx.lock
+- The lock file for @file{pubring.kbx}.
+-@end ifset
++ @itemx ~/.gnupg/pubring.kbx.lock
++ A public keyring and its lock file used by GnuPG versions >= 2.
++ It is ignored by GnuPG 1.x
+
+ @item ~/.gnupg/secring.gpg
+-@ifclear gpgtwoone
+ The secret keyring. You should backup this file.
+-@end ifclear
+-@ifset gpgtwoone
+- A secret keyring as used by GnuPG versions before 2.1. It is not
+- used by GnuPG 2.1 and later.
+-
+- @item ~/.gnupg/.gpg-v21-migrated
+- File indicating that a migration to GnuPG 2.1 has taken place.
+-@end ifset
+
+ @item ~/.gnupg/trustdb.gpg
+ The trust database. There is no need to backup this file; it is better
+@@ -3102,6 +2873,16 @@
+ @item ~/.gnupg/secring.gpg.lock
+ The lock file for the secret keyring.
+
++ @item ~/.gnupg/openpgp-revocs.d/
++ This is the directory where gpg stores pre-generated revocation
++ certificates. The file name corresponds to the OpenPGP fingerprint of
++ the respective key. It is suggested to backup those certificates and
++ if the primary private key is not stored on the disk to move them to
++ an external storage device. Anyone who can access theses files is
++ able to revoke the corresponding key. You may want to print them out.
++ You should backup all files in this directory and take care to keep
++ this backup closed away.
++
+ @item /usr[/local]/share/gnupg/options.skel
+ The skeleton options file.
+
+@@ -3123,9 +2904,8 @@
+
+ @item GPG_AGENT_INFO
+ Used to locate the gpg-agent.
+-@ifset gpgone
+ This is only honored when @option{--use-agent} is set.
+-@end ifset
++
+ The value consists of 3 colon delimited fields: The first is the path
+ to the Unix Domain Socket, the second the PID of the gpg-agent and the
+ protocol version which should be set to 1. When starting the gpg-agent
+@@ -3539,9 +3319,5 @@
+ @mansect see also
+ @ifset isman
+ @command{gpgv}(1),
+-@ifclear gpgone
+-@command{gpgsm}(1),
+-@command{gpg-agent}(1)
+-@end ifclear
+ @end ifset
+ @include see-also-note.texi
+--- a/doc/yat2m.c
++++ b/doc/yat2m.c
+@@ -87,6 +87,10 @@
+ detects the number of white spaces in front of an @item and remove
+ this number of spaces from all following lines until a new @item
+ is found or there are less spaces than for the last @item.
++
++ Note that @* does only work correctly if used at the end of an
++ input line.
++
+ */
+
+ #include <stdio.h>
+@@ -136,6 +140,9 @@
+ /* List of all defined macros. */
+ static macro_t macrolist;
+
++/* List of variables set by @set. */
++static macro_t variablelist;
++
+ /* List of global macro names. The value part is not used. */
+ static macro_t predefinedmacrolist;
+
+@@ -375,8 +382,44 @@
+ }
+
+
+-/* Return true if the macro NAME is set, i.e. not the empty string and
+- not evaluating to 0. */
++/* Create or update a variable with name and value given in NAMEANDVALUE. */
++static void
++set_variable (char *nameandvalue)
++{
++ macro_t m;
++ const char *value;
++ char *p;
++
++ for (p = nameandvalue; *p && *p != ' ' && *p != '\t'; p++)
++ ;
++ if (!*p)
++ value = "";
++ else
++ {
++ *p++ = 0;
++ while (*p == ' ' || *p == '\t')
++ p++;
++ value = p;
++ }
++
++ for (m=variablelist; m; m = m->next)
++ if (!strcmp (m->name, nameandvalue))
++ break;
++ if (m)
++ free (m->value);
++ else
++ {
++ m = xcalloc (1, sizeof *m + strlen (nameandvalue));
++ strcpy (m->name, nameandvalue);
++ m->next = variablelist;
++ variablelist = m;
++ }
++ m->value = xstrdup (value);
++}
++
++
++/* Return true if the macro or variable NAME is set, i.e. not the
++ empty string and not evaluating to 0. */
+ static int
+ macro_set_p (const char *name)
+ {
+@@ -385,6 +428,10 @@
+ for (m = macrolist; m ; m = m->next)
+ if (!strcmp (m->name, name))
+ break;
++ if (!m)
++ for (m = variablelist; m ; m = m->next)
++ if (!strcmp (m->name, name))
++ break;
+ if (!m || !m->value || !*m->value)
+ return 0;
+ if ((*m->value & 0x80) || !isdigit (*m->value))
+@@ -664,8 +711,11 @@
+ { "table", 3 },
+ { "itemize", 3 },
+ { "bullet", 0, "* " },
++ { "*", 0, "\n.br"},
++ { "/", 0 },
+ { "end", 4 },
+ { "quotation",1, ".RS\n\\fB" },
++ { "value", 8 },
+ { NULL }
+ };
+ size_t n;
+@@ -741,11 +791,46 @@
+ case 7:
+ ignore_args = 1;
+ break;
++ case 8:
++ ignore_args = 1;
++ if (*rest != '{')
++ {
++ err ("opening brace for command '%s' missing", command);
++ return len;
++ }
++ else
++ {
++ /* Find closing brace. */
++ for (s=rest+1, n=1; *s && n < len; s++, n++)
++ if (*s == '}')
++ break;
++ if (*s != '}')
++ {
++ err ("closing brace for command '%s' not found", command);
++ return len;
++ }
++ else
++ {
++ size_t len = s - (rest + 1);
++ macro_t m;
++
++ for (m = variablelist; m; m = m->next)
++ if (strlen (m->name) == len
++ &&!strncmp (m->name, rest+1, len))
++ break;
++ if (m)
++ fputs (m->value, fp);
++ else
++ inf ("texinfo variable '%.*s' is not set",
++ (int)len, rest+1);
++ }
++ }
++ break;
+ default:
+ break;
+ }
+ }
+- else
++ else /* macro */
+ {
+ macro_t m;
+
+@@ -1215,6 +1300,10 @@
+ macrovalue = xmalloc ((macrovaluesize = 1024));
+ macrovalueused = 0;
+ }
++ else if (n == 4 && !memcmp (line, "@set", 4))
++ {
++ set_variable (p);
++ }
+ else if (n == 8 && !memcmp (line, "@manpage", 8))
+ {
+ free (*section_name);
+@@ -1325,6 +1414,13 @@
+ free (macrolist);
+ macrolist = next;
+ }
++ while (variablelist)
++ {
++ macro_t next = variablelist->next;
++ free (variablelist->value);
++ free (variablelist);
++ variablelist = next;
++ }
+ for (m=predefinedmacrolist; m; m = m->next)
+ set_macro (m->name, xstrdup ("1"));
+ cond_is_active = 1;
diff -Nru gnupg-1.4.18/debian/rules gnupg-1.4.18/debian/rules
--- gnupg-1.4.18/debian/rules 2014-09-02 00:58:08.000000000 -0400
+++ gnupg-1.4.18/debian/rules 2014-12-04 01:10:04.000000000 -0500
@@ -21,7 +21,7 @@
CONFARGS = --prefix=/usr --libexecdir=/usr/lib/ \
--enable-noexecstack
-CONFARGS_FULL = --enable-mailto --with-mailprog=/usr/sbin/sendmail
+CONFARGS_FULL = --enable-mailto --with-mailprog=/usr/sbin/sendmail --enable-large-secmem
CONFARGS_MINIMAL = --enable-minimal --enable-rsa --disable-nls --disable-regex --disable-gnupg-iconv --disable-gettext --without-iconv --without-readline --without-zlib --enable-sha256
ifneq ($(DEB_BUILD_GNU_TYPE),$(DEB_HOST_GNU_TYPE))
diff -Nru gnupg-1.4.18/debian/source/lintian-overrides gnupg-1.4.18/debian/source/lintian-overrides
--- gnupg-1.4.18/debian/source/lintian-overrides 1969-12-31 19:00:00.000000000 -0500
+++ gnupg-1.4.18/debian/source/lintian-overrides 2014-12-04 02:54:24.000000000 -0500
@@ -0,0 +1,5 @@
+gnupg source: binaries-have-file-conflict gnupg gnupg-curl usr/lib/gnupg/gpgkeys_curl
+gnupg source: binaries-have-file-conflict gnupg gnupg-curl usr/lib/gnupg/gpgkeys_hkp
+# doc merely references / cites IETF RFC:
+gnupg source: license-problem-non-free-RFC doc/OpenPGP
+gnupg source: license-problem-non-free-RFC debian/copyright
diff -Nru gnupg-1.4.18/debian/source.lintian-overrides gnupg-1.4.18/debian/source.lintian-overrides
--- gnupg-1.4.18/debian/source.lintian-overrides 2014-09-02 00:58:08.000000000 -0400
+++ gnupg-1.4.18/debian/source.lintian-overrides 1969-12-31 19:00:00.000000000 -0500
@@ -1,4 +0,0 @@
-gnupg source: binaries-have-file-conflict gnupg gnupg-curl usr/lib/gnupg/gpgkeys_curl
-gnupg source: binaries-have-file-conflict gnupg gnupg-curl usr/lib/gnupg/gpgkeys_hkp
-# doc merely references / cites IETF RFC:
-gnupg source: license-problem-non-free-RFC doc/OpenPGP
Attachment:
signature.asc
Description: OpenPGP digital signature