From 436c5ffef5d9f6b066d3bcd269e5b0a465ebb9ba Mon Sep 17 00:00:00 2001
From: jakob <jakob@openbsd.org>
Date: Wed, 23 May 2001 15:28:49 +0000
Subject: [PATCH] update to v1.0.5. ok markus@.

---
 security/gnupg/Makefile                       |  12 +-
 security/gnupg/files/md5                      |   6 +-
 security/gnupg/patches/patch-g10_misc.c       |  39 -------
 security/gnupg/patches/patch-g10_openfile.c   |  82 --------------
 security/gnupg/patches/patch-g10_plaintext.c  | 104 ------------------
 .../gnupg/patches/patch-po_Makefile.in.in     |  34 ++++++
 security/gnupg/pkg/PFRAG.idea                 |   2 +
 security/gnupg/pkg/PLIST                      |  20 +++-
 8 files changed, 63 insertions(+), 236 deletions(-)
 delete mode 100644 security/gnupg/patches/patch-g10_misc.c
 delete mode 100644 security/gnupg/patches/patch-g10_openfile.c
 delete mode 100644 security/gnupg/patches/patch-g10_plaintext.c
 create mode 100644 security/gnupg/patches/patch-po_Makefile.in.in
 create mode 100644 security/gnupg/pkg/PFRAG.idea

diff --git a/security/gnupg/Makefile b/security/gnupg/Makefile
index c24b2973181..a71e9ebb806 100644
--- a/security/gnupg/Makefile
+++ b/security/gnupg/Makefile
@@ -1,9 +1,9 @@
-# $OpenBSD: Makefile,v 1.28 2001/04/17 20:53:04 reinhard Exp $
+# $OpenBSD: Makefile,v 1.29 2001/05/23 15:28:49 jakob Exp $
 
 COMMENT=	'GNU privacy guard - a free PGP replacement'
 
-DISTNAME=	gnupg-1.0.4
-PKGNAME=	${DISTNAME}p2
+DISTNAME=	gnupg-1.0.5
+PKGNAME=	${DISTNAME}
 CATEGORIES=	security
 NEED_VERSION=	1.363
 MASTER_SITES=	ftp://ftp.gnupg.org/pub/gcrypt/gnupg/ \
@@ -18,8 +18,8 @@ MASTER_SITES=	ftp://ftp.gnupg.org/pub/gcrypt/gnupg/ \
 		ftp://ftp.net.lut.ac.uk/gcrypt/gnupg/ \
 		ftp://gd.tuwien.ac.at/privacy/gnupg/gnupg/
 MASTER_SITES0=	ftp://ftp.gnupg.org/pub/gcrypt/contrib/ 
-DISTFILES=	gnupg-1.0.4.tar.gz 
-EXTRACT_ONLY=	gnupg-1.0.4.tar.gz 
+DISTFILES=	${DISTNAME}${EXTRACT_SUFX}
+EXTRACT_ONLY=	${DISTNAME}${EXTRACT_SUFX}
 
 HOMEPAGE=	http://www.gnupg.org/
 
@@ -43,9 +43,9 @@ PERMIT_DISTFILES_CDROM=	"a patented algorithm"
 PERMIT_DISTFILES_FTP=	"a patented algorithm"
 # NB: idea.c is found in ${MASTER_SITES0}
 DISTFILES+=	idea.c:0
+PATCH_LIST=	patch-*
 PATCH_LIST+=	${FILESDIR}/patch-cipher_Makefile_am 
 PATCH_LIST+=	${FILESDIR}/patch-cipher_Makefile_in
-SED_PLIST+=	-e 's,^!%%idea%%,lib/gnupg/idea,'
 pre-patch:
 	@cp ${DISTDIR}/idea.c ${WRKSRC}/cipher
 .endif
diff --git a/security/gnupg/files/md5 b/security/gnupg/files/md5
index a74c4d5af76..f2ccf45b0dc 100644
--- a/security/gnupg/files/md5
+++ b/security/gnupg/files/md5
@@ -1,6 +1,6 @@
-MD5 (gnupg-1.0.4.tar.gz) = bef2267bfe9b74a00906a78db34437f9
-RMD160 (gnupg-1.0.4.tar.gz) = 62fd2470c7eefb9e7c80d4e3337cce6547803157
-SHA1 (gnupg-1.0.4.tar.gz) = 7940d42ddf4e992152232b837e25f6b462622df5
+MD5 (gnupg-1.0.5.tar.gz) = 44c71c3f5a9edbf5738cafc37e8359e6
 MD5 (idea.c) = 7d0557459e0a41da099ddbd837d4bd40
+RMD160 (gnupg-1.0.5.tar.gz) = aae6687dac926ee8d423e6d82e86bf27f263175c
 RMD160 (idea.c) = 86ac117facd1fe498a6b964bce9ba1ce6e2ab094
+SHA1 (gnupg-1.0.5.tar.gz) = e30358cae1e1f7aece84b6808b1366f12a1ff527
 SHA1 (idea.c) = 1cbae164674dfb9da624e088fe7d66d7c0d4f17e
diff --git a/security/gnupg/patches/patch-g10_misc.c b/security/gnupg/patches/patch-g10_misc.c
deleted file mode 100644
index 41d4b2032c4..00000000000
--- a/security/gnupg/patches/patch-g10_misc.c
+++ /dev/null
@@ -1,39 +0,0 @@
-From: Werner Koch <wk@gnupg.org>
-To: gnupg-announce@gnupg.org
-Subject: [Announce] Minor gpg fix
-Message-ID: <20001018160137.O15768@gnupg.de>
-
-Hi,
-
-some folks asked what the message
-
-  gpg: this cipher algorithm is depreciated; please use a more standard one!
-
-does mean.  Yes, gpg 1.0.4 should not emit this message.  I forgot
-to put the AES cipher algorithm into the list of "good" algorithms.
-
-Either ignore this message or apply the patch below.
-
-  Werner
-
-
-Index: g10/misc.c
-===================================================================
-RCS file: /home/koch/cvs/gnupg/g10/misc.c,v
-retrieving revision 1.16.2.4
-diff -u -r1.16.2.4 misc.c
---- g10/misc.c	2000/10/13 15:03:48	1.16.2.4
-+++ g10/misc.c	2000/10/18 13:34:01
-@@ -224,6 +224,9 @@
- 	     || algo == CIPHER_ALGO_CAST5
- 	     || algo == CIPHER_ALGO_BLOWFISH
- 	     || algo == CIPHER_ALGO_TWOFISH
-+	     || algo == CIPHER_ALGO_RIJNDAEL
-+	     || algo == CIPHER_ALGO_RIJNDAEL192
-+	     || algo == CIPHER_ALGO_RIJNDAEL256
- 	   )
- 	;
-     else {
-
-
-
diff --git a/security/gnupg/patches/patch-g10_openfile.c b/security/gnupg/patches/patch-g10_openfile.c
deleted file mode 100644
index db37f39fbbd..00000000000
--- a/security/gnupg/patches/patch-g10_openfile.c
+++ /dev/null
@@ -1,82 +0,0 @@
-From ftp://ftp.gnupg.org/pub/gcrypt/gnupg/gnupg-1.0.4.security-patch1.diff
-
-Hi!
-
-It has been pointed out that there is another bug in the signature
-verification code of GnuPG.
-
-         * This can easily lead to false positives *
-
-All versions of GnuPG released before today are vulnerable!
-
-To check a detached singature you normally do this:
-
-  gpg --verify foo.sig foo.txt
-
-The problem here is that someone may replace foo.sig with a standard
-signature containing some arbitrary signed text and its signature,
-and then modify foo.txt - GnuPG does not detect this - Ooops.
-
-The solution for this problem ist not easy and needs a change in the
-semantics of the --verify command: It will not any longer be
-possible to do this:
-
-  gpg --verify foo.sig <foo.txt
-  
-Instead you have to use this
-
-  gpg --verify foo.sig - <foo.txt
-
-The difference here is that gpg sees 2 files on the command lines
-and thereby knows that it should check a detached signature.  We
-really need this information and there is no way to avoid that
-change, sorry.  You should make sure that you never use the first
-form, because this will lead to false positives when foo.sig is not
-a detached signature - gnupg does detect the other case and warns
-you, but this is not sufficient.  If you use GnuPG from other
-applications, please change it.
-
-What to do:
-
-  1. Apply the attached patch to GnuPG 1.0.4
-
-  2. Check all programs which are designed to verify detached
-     signatures, that they don't use the vulnerable way of passing
-     data to GnuPG.
-
-Currently we are reviewing some other minor bug fixes and
-it might take some time to release a fixed version.
-
-I apologize for this bug and have to thank Rene Puls for finding it.
-
-
-  Werner
-
-
-p.s.
-I'd really appreciate if some volunteers can write more regression
-tests; especially those for bugs of this kind.
-Apply the patch using "patch -p1" while in the top directory of the
-GnuPG source.  The patch is against the 1.0.4 release.
-
-
---- g10/openfile.c.orig	Tue Sep  5 17:31:57 2000
-+++ g10/openfile.c	Sat Dec 23 14:56:19 2000
-@@ -257,7 +257,7 @@ open_sigfile( const char *iname )
- 	    buf = m_strdup(iname);
- 	    buf[len-4] = 0 ;
- 	    a = iobuf_open( buf );
--	    if( opt.verbose )
-+	    if( a && opt.verbose )
- 		log_info(_("assuming signed data in `%s'\n"), buf );
- 	    m_free(buf);
- 	}
-@@ -329,7 +329,7 @@ try_make_homedir( const char *fname )
- 
-     if ( ( *defhome == '~'
-            && ( strlen(fname) >= strlen (defhome+1)
--                && !strcmp(fname+strlen(defhome+1)-strlen(defhome+1),
-+                && !strcmp(fname+strlen(fname)-strlen(defhome+1),
-                            defhome+1 ) ))
-          || ( *defhome != '~'
-               && !compare_filenames( fname, defhome ) )
diff --git a/security/gnupg/patches/patch-g10_plaintext.c b/security/gnupg/patches/patch-g10_plaintext.c
deleted file mode 100644
index 6dd53163245..00000000000
--- a/security/gnupg/patches/patch-g10_plaintext.c
+++ /dev/null
@@ -1,104 +0,0 @@
-From ftp://ftp.gnupg.org/pub/gcrypt/gnupg/gnupg-1.0.4.security-patch1.diff
-
-Hi!
-
-It has been pointed out that there is another bug in the signature
-verification code of GnuPG.
-
-         * This can easily lead to false positives *
-
-All versions of GnuPG released before today are vulnerable!
-
-To check a detached singature you normally do this:
-
-  gpg --verify foo.sig foo.txt
-
-The problem here is that someone may replace foo.sig with a standard
-signature containing some arbitrary signed text and its signature,
-and then modify foo.txt - GnuPG does not detect this - Ooops.
-
-The solution for this problem ist not easy and needs a change in the
-semantics of the --verify command: It will not any longer be
-possible to do this:
-
-  gpg --verify foo.sig <foo.txt
-
-Instead you have to use this
-
-  gpg --verify foo.sig - <foo.txt
-
-The difference here is that gpg sees 2 files on the command lines
-and thereby knows that it should check a detached signature.  We
-really need this information and there is no way to avoid that
-change, sorry.  You should make sure that you never use the first
-form, because this will lead to false positives when foo.sig is not
-a detached signature - gnupg does detect the other case and warns
-you, but this is not sufficient.  If you use GnuPG from other
-applications, please change it.
-
-What to do:
-
-  1. Apply the attached patch to GnuPG 1.0.4
-
-  2. Check all programs which are designed to verify detached
-     signatures, that they don't use the vulnerable way of passing
-     data to GnuPG.
-
-Currently we are reviewing some other minor bug fixes and
-it might take some time to release a fixed version.
-
-I apologize for this bug and have to thank Rene Puls for finding it.
-
-
-  Werner
-
-
-p.s.
-I'd really appreciate if some volunteers can write more regression
-tests; especially those for bugs of this kind.
-Apply the patch using "patch -p1" while in the top directory of the
-GnuPG source.  The patch is against the 1.0.4 release.
-
-
---- g10/plaintext.c.orig	Wed Jul 26 11:21:58 2000
-+++ g10/plaintext.c	Sat Dec 23 14:51:54 2000
-@@ -370,7 +370,7 @@ hash_datafiles( MD_HANDLE md, MD_HANDLE 
- 		const char *sigfilename, int textmode )
- {
-     IOBUF fp;
--    STRLIST sl=NULL;
-+    STRLIST sl;
- 
-     if( !files ) {
- 	/* check whether we can open the signed material */
-@@ -380,27 +380,21 @@ hash_datafiles( MD_HANDLE md, MD_HANDLE 
- 	    iobuf_close(fp);
- 	    return 0;
- 	}
--	/* no we can't (no sigfile) - read signed stuff from stdin */
--	add_to_strlist( &sl, "-");
-+	log_error (_("no signed data\n"));
-+	return G10ERR_OPEN_FILE;
-     }
--    else
--	sl = files;
- 
--    for( ; sl; sl = sl->next ) {
-+    for (sl=files; sl; sl = sl->next ) {
- 	fp = iobuf_open( sl->d );
- 	if( !fp ) {
- 	    log_error(_("can't open signed data `%s'\n"),
- 						print_fname_stdin(sl->d));
--	    if( !files )
--		free_strlist(sl);
- 	    return G10ERR_OPEN_FILE;
- 	}
- 	do_hash( md, md2, fp, textmode );
- 	iobuf_close(fp);
-     }
- 
--    if( !files )
--	free_strlist(sl);
-     return 0;
- }
- 
diff --git a/security/gnupg/patches/patch-po_Makefile.in.in b/security/gnupg/patches/patch-po_Makefile.in.in
new file mode 100644
index 00000000000..ee0cea98186
--- /dev/null
+++ b/security/gnupg/patches/patch-po_Makefile.in.in
@@ -0,0 +1,34 @@
+$OpenBSD: patch-po_Makefile.in.in,v 1.1 2001/05/23 15:28:50 jakob Exp $
+
+--- po/Makefile.in.in.orig	Wed May 23 16:15:53 2001
++++ po/Makefile.in.in	Wed May 23 16:20:20 2001
+@@ -24,6 +24,8 @@ gnulocaledir = $(prefix)/share/locale
+ gettextsrcdir = $(prefix)/share/gettext/po
+ subdir = po
+ 
++DESTDIR =
++
+ INSTALL = @INSTALL@
+ INSTALL_DATA = @INSTALL_DATA@
+ MKINSTALLDIRS = $(top_srcdir)/@MKINSTALLDIRS@
+@@ -111,16 +113,16 @@ install-data: install-data-@USE_NLS@
+ install-data-no: all
+ install-data-yes: all
+ 	if test -r "$(MKINSTALLDIRS)"; then \
+-	  $(MKINSTALLDIRS) $(datadir); \
++	  $(MKINSTALLDIRS) $(DESTDIR)$(datadir); \
+ 	else \
+-	  $(SHELL) $(top_srcdir)/mkinstalldirs $(datadir); \
++	  $(SHELL) $(top_srcdir)/mkinstalldirs $(DESTDIR)$(datadir); \
+ 	fi
+ 	@catalogs='$(CATALOGS)'; \
+ 	for cat in $$catalogs; do \
+ 	  cat=`basename $$cat`; \
+ 	  case "$$cat" in \
+-	    *.gmo) destdir=$(gnulocaledir);; \
+-	    *)     destdir=$(localedir);; \
++	    *.gmo) destdir=$(DESTDIR)$(gnulocaledir);; \
++	    *)     destdir=$(DESTDIR)$(localedir);; \
+ 	  esac; \
+ 	  lang=`echo $$cat | sed 's/\$(CATOBJEXT)$$//'`; \
+ 	  dir=$$destdir/$$lang/LC_MESSAGES; \
diff --git a/security/gnupg/pkg/PFRAG.idea b/security/gnupg/pkg/PFRAG.idea
new file mode 100644
index 00000000000..adfa43140a7
--- /dev/null
+++ b/security/gnupg/pkg/PFRAG.idea
@@ -0,0 +1,2 @@
+@comment $OpenBSD: PFRAG.idea,v 1.1 2001/05/23 15:28:50 jakob Exp $
+lib/gnupg/idea
diff --git a/security/gnupg/pkg/PLIST b/security/gnupg/pkg/PLIST
index 879afa69f9c..ab9f9c24190 100644
--- a/security/gnupg/pkg/PLIST
+++ b/security/gnupg/pkg/PLIST
@@ -1,10 +1,10 @@
-@comment $OpenBSD: PLIST,v 1.8 2001/03/03 17:17:28 reinhard Exp $
+@comment $OpenBSD: PLIST,v 1.9 2001/05/23 15:28:50 jakob Exp $
 bin/gpg
 bin/gpgv
 lib/gnupg/rndunix
 lib/gnupg/rndegd
 lib/gnupg/tiger
-!%%idea%%
+%%idea%%
 man/man1/gpg.1
 man/man1/gpgv.1
 share/doc/gnupg/README
@@ -19,6 +19,22 @@ share/doc/gnupg/OpenPGP
 share/doc/gnupg/HACKING
 share/doc/gnupg/faq.html
 share/gnupg/options.skel
+share/locale/da/LC_MESSAGES/gnupg.mo
+share/locale/de/LC_MESSAGES/gnupg.mo
+share/locale/eo/LC_MESSAGES/gnupg.mo
+share/locale/es_ES/LC_MESSAGES/gnupg.mo
+share/locale/et/LC_MESSAGES/gnupg.mo
+share/locale/fr/LC_MESSAGES/gnupg.mo
+share/locale/id/LC_MESSAGES/gnupg.mo
+share/locale/it/LC_MESSAGES/gnupg.mo
+share/locale/ja/LC_MESSAGES/gnupg.mo
+share/locale/nl/LC_MESSAGES/gnupg.mo
+share/locale/pl/LC_MESSAGES/gnupg.mo
+share/locale/pt_BR/LC_MESSAGES/gnupg.mo
+share/locale/pt_PT/LC_MESSAGES/gnupg.mo
+share/locale/ru/LC_MESSAGES/gnupg.mo
+share/locale/sv/LC_MESSAGES/gnupg.mo
+share/locale/tr/LC_MESSAGES/gnupg.mo
 @dirrm lib/gnupg
 @dirrm share/doc/gnupg
 @dirrm share/gnupg