Date: Thu, 2 Jul 2009 06:57:15 -0400 From: "Jason E. Hale" <bsdkaffee@gmail.com> To: Wesley Shields <wxs@freebsd.org> Cc: unixmania@gmail.com, kde@freebsd.org, frank@altpeter.de, lulf@kerneled.org, udo.schweigert@siemens.com, cherry@trombik.org, gnome@freebsd.org, clsung@freebsd.org Subject: Re: Fwd: [PATCH]GPGME 1.2.0 will break crypto in kdepim (Re: ports/135911: [MAINTAINER] security/gpgme: Update to version 1.2.0) Message-ID: <200907020657.16578.bsdkaffee@gmail.com> In-Reply-To: <20090701150704.GA82265@atarininja.org> References: <200906261354.46270.makc@freebsd.org> <20090626155317.GC25377@atarininja.org> <20090701150704.GA82265@atarininja.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--Boundary-00=_MKJTKX5uvm0ZcEB Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline On Wednesday 01 July 2009 11:07:04 Wesley Shields wrote: > Does anyone care to comment on this? If the below text is applicable to > FreeBSD I'd like to know so I can hold off on this update until fixes > are in place. I'd hate to commit this after silence from the lists and > then find out that things are broken. > > -- WXS > After seeing the problem with KDE, I went through the source code of the rest of the ports that use gpgme. The problem is that the new version of gpgme requires that gpgme_check_version() is called before gpgme_new(). I have identified several other ports that do not do this and I have developed patches for them. They are as follows: deskutils/kdepim3 (based on official patch) deskutils/kdepim4 (based on official patch) deskutils/kdepimlibs4 (based on official patch) devel/bazaar finance/qhacc mail/mutt-devel net-im/ayttm net-im/centericq net-im/centerim net-im/centerim-devel security/openvas-libnasl I run tested deskutils/kdepim4 with deskutils/kdepimlibs4, finance/qhacc, net- im/ayttm, and net-im/centerim. The others are a little impractical for me to test right now; perhaps their maintainers can test them (maintainers CC'd). - Jason > On Fri, Jun 26, 2009 at 11:53:17AM -0400, Wesley Shields wrote: > > I have a PR[1] I'm about to start working on that will update gpgme to > > 1.2.0 which, according to the email below, will break some things for > > KDE (and I'm now curious if it will break anything in GNOME). > > > > I don't want to break anything with this update so I'm hoping to get > > confirmation that this won't cause an issue if I commit it. > > > > -- WXS > > > > [1]: http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/135911 > > > > On Fri, Jun 26, 2009 at 01:54:46PM +0400, Max Brazhnikov wrote: > > > FYI, > > > other ports may be affected also > > > > > > Max > > > > > > ---------- Forwarded Message ---------- > > > > > > ????????: [PATCH]GPGME 1.2.0 will break crypto in kdepim > > > ????????: Fri, 26 Jun 2009 11:35:41 +0200 > > > ??????????????????????: Thomas McGuire <mcguire@kde.org> > > > ????????????????????: kde-packager@kde.org > > > > > > Hello Packagers, > > > > > > GPGME introduced an incompatible change that will break all crypto > > > operations in KDEPIM, which means signing, verifying, encrypting and > > > decrypting will not work anymore in KMail and Kleopatra. Instead, you > > > would see a bogus error message saying something like "the backend does > > > not support > > > signing/encryption/verification/decryption". > > > > > > See bug 197458 for further details, > > > https://bugs.kde.org/show_bug.cgi?id=197458. > > > > > > All KDE version are affected, including 4.3.0 RC 1. 4.3.0 Final is not > > > affected. > > > Note that we are not 100% certain that KDE 3 versions are affected, but > > > is is better to play safe here. > > > We have patched the 4.1 branch, the 4.2 branch, the 4.3 branch, the 3.5 > > > branch and the enterprise35 of kdepim and kdepimlibs (kdepimlibs: KDE > > > 4.x only). > > > > > > So please do one of the following: > > > > > > a) Do not update your GPGME package to 1.2.0 > > > b) If you update, update your KDEPIM and KDEPIMLIBS packages as well > > > > > > Although we have patched all branches, I attached the patches to this > > > mail as well for your convenience. > > > > > > Also, in case you need this, here are the revision numbers of the > > > commits that fixed the issues in the various branches: > > > KDE 3.5.x: 986745,987046 > > > KDE 4.1.x: 986493,986500,986474,986477,986990 > > > KDE 4.2.x: 986648,986650,986645,986647 > > > KDE 4.3.x: 986635,986638,986619,986622 > > > enterprise35: 986754,987480 > > > > > > The attached patches are made from exactly the above revisions. > > > > > > Thanks for your help. > > > > > > Regards, > > > Thomas McGuire > > > KMail Maintainer > > > > > > ------------------------------------------------------- --Boundary-00=_MKJTKX5uvm0ZcEB Content-Type: text/x-patch; charset="ISO-8859-1"; name="deskutils.kdepim3.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="deskutils.kdepim3.patch" diff -ruN kdepim3.orig/files/patch-certmanager-lib-backends-qgpgme-qgpgmebackend.cpp kdepim3/files/patch-certmanager-lib-backends-qgpgme-qgpgmebackend.cpp --- kdepim3.orig/files/patch-certmanager-lib-backends-qgpgme-qgpgmebackend.cpp 1969-12-31 19:00:00.000000000 -0500 +++ kdepim3/files/patch-certmanager-lib-backends-qgpgme-qgpgmebackend.cpp 2009-07-01 19:51:10.000000000 -0400 @@ -0,0 +1,11 @@ +--- certmanager/lib/backends/qgpgme/qgpgmebackend.cpp.orig 2009-07-01 19:41:54.000000000 -0400 ++++ certmanager/lib/backends/qgpgme/qgpgmebackend.cpp 2009-07-01 19:42:25.000000000 -0400 +@@ -54,7 +54,7 @@ + mOpenPGPProtocol( 0 ), + mSMIMEProtocol( 0 ) + { +- ++ GpgME::initializeLibrary(); + } + + Kleo::QGpgMEBackend::~QGpgMEBackend() { diff -ruN kdepim3.orig/files/patch-libkdenetwork-gpgmepp-Makefile.in kdepim3/files/patch-libkdenetwork-gpgmepp-Makefile.in --- kdepim3.orig/files/patch-libkdenetwork-gpgmepp-Makefile.in 1969-12-31 19:00:00.000000000 -0500 +++ kdepim3/files/patch-libkdenetwork-gpgmepp-Makefile.in 2009-07-01 19:52:28.000000000 -0400 @@ -0,0 +1,11 @@ +--- libkdenetwork/gpgmepp/Makefile.in.orig 2009-07-01 19:33:31.000000000 -0400 ++++ libkdenetwork/gpgmepp/Makefile.in 2009-07-01 19:39:35.000000000 -0400 +@@ -434,7 +434,7 @@ + # (Interfaces added/removed/changed: CURRENT++, REVISION=0) + # (Interfaces added: AGE++) + # (Interfaces removed/changed: AGE=0) +-libgpgme___la_LDFLAGS = -no-undefined -version-info 3:0:3 ++libgpgme___la_LDFLAGS = -no-undefined -version-info 4:0:4 + libgpgme___la_LIBADD = $(GPGME_LIBS) + libgpgme___la_DEPENDENCIES = $(GPGME_LIBS_DEP) + all: all-recursive diff -ruN kdepim3.orig/files/patch-libkdenetwork-gpgmepp-context.cpp kdepim3/files/patch-libkdenetwork-gpgmepp-context.cpp --- kdepim3.orig/files/patch-libkdenetwork-gpgmepp-context.cpp 1969-12-31 19:00:00.000000000 -0500 +++ kdepim3/files/patch-libkdenetwork-gpgmepp-context.cpp 2009-07-01 19:52:05.000000000 -0400 @@ -0,0 +1,13 @@ +--- libkdenetwork/gpgmepp/context.cpp.orig 2009-07-01 19:33:09.000000000 -0400 ++++ libkdenetwork/gpgmepp/context.cpp 2009-07-01 19:35:46.000000000 -0400 +@@ -53,6 +53,10 @@ + + namespace GpgME { + ++ void initializeLibrary() { ++ gpgme_check_version( 0 ); ++ } ++ + const char * Error::source() const { + return gpgme_strsource( (gpgme_error_t)mErr ); + } diff -ruN kdepim3.orig/files/patch-libkdenetwork-gpgmepp-context.h kdepim3/files/patch-libkdenetwork-gpgmepp-context.h --- kdepim3.orig/files/patch-libkdenetwork-gpgmepp-context.h 1969-12-31 19:00:00.000000000 -0500 +++ kdepim3/files/patch-libkdenetwork-gpgmepp-context.h 2009-07-01 19:52:16.000000000 -0400 @@ -0,0 +1,11 @@ +--- libkdenetwork/gpgmepp/context.h.orig 2009-07-01 19:33:50.000000000 -0400 ++++ libkdenetwork/gpgmepp/context.h 2009-07-01 19:36:53.000000000 -0400 +@@ -287,6 +287,8 @@ + // + // + ++ KDE_EXPORT void initializeLibrary(); ++ + KDE_EXPORT GpgME::Error setDefaultLocale( int category, const char * value ); + + KDE_EXPORT Context * wait( GpgME::Error & e, bool hang=true ); --Boundary-00=_MKJTKX5uvm0ZcEB Content-Type: text/x-patch; charset="ISO-8859-1"; name="finance.qhacc.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="finance.qhacc.patch" diff -ruN qhacc.orig/files/patch-plugins::gpg::gpgplugin.cpp qhacc/files/patch-plugins::gpg::gpgplugin.cpp --- qhacc.orig/files/patch-plugins::gpg::gpgplugin.cpp 1969-12-31 19:00:00.000000000 -0500 +++ qhacc/files/patch-plugins::gpg::gpgplugin.cpp 2009-06-30 00:59:43.000000000 -0400 @@ -0,0 +1,10 @@ +--- ./plugins/gpg/gpgplugin.cpp.orig 2009-06-30 00:55:33.000000000 -0400 ++++ ./plugins/gpg/gpgplugin.cpp 2009-06-30 00:59:33.000000000 -0400 +@@ -56,6 +56,7 @@ + const PluginInfo& GPGDBPlugin::info() const { return pinfo; } + + bool GPGDBPlugin::iconnect( QHacc *, const QString&, QString& error ){ ++ gpgme_check_version( NULL ); + madectx=( GPG_ERR_NO_ERROR==gpgme_new( &gpgctx ) ); + if( madectx ){ + gpgme_set_passphrase_cb( gpgctx, GPGDBPlugin::passphrase_cb, --Boundary-00=_MKJTKX5uvm0ZcEB Content-Type: text/x-patch; charset="ISO-8859-1"; name="deskutils.kdepim4.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="deskutils.kdepim4.patch" diff -ruN kdepim4.orig/files/patch-kleopatra-main.cpp kdepim4/files/patch-kleopatra-main.cpp --- kdepim4.orig/files/patch-kleopatra-main.cpp 1969-12-31 19:00:00.000000000 -0500 +++ kdepim4/files/patch-kleopatra-main.cpp 2009-07-01 18:59:31.000000000 -0400 @@ -0,0 +1,20 @@ +--- ../kleopatra/main.cpp.orig 2009-07-01 18:44:25.000000000 -0400 ++++ ../kleopatra/main.cpp 2009-07-01 18:49:26.000000000 -0400 +@@ -75,6 +75,8 @@ + #include <QEventLoop> + #include <QThreadPool> + ++#include <gpgme++/global.h> ++ + #include <boost/shared_ptr.hpp> + + #include <cassert> +@@ -153,6 +155,8 @@ + QTime timer; + timer.start(); + ++ GpgME::initializeLibrary(); ++ + { + const unsigned int threads = QThreadPool::globalInstance()->maxThreadCount(); + QThreadPool::globalInstance()->setMaxThreadCount( qMax( 2U, threads ) ); diff -ruN kdepim4.orig/files/patch-libkleo-backends-qgpgme-qgpgmebackend.cpp kdepim4/files/patch-libkleo-backends-qgpgme-qgpgmebackend.cpp --- kdepim4.orig/files/patch-libkleo-backends-qgpgme-qgpgmebackend.cpp 1969-12-31 19:00:00.000000000 -0500 +++ kdepim4/files/patch-libkleo-backends-qgpgme-qgpgmebackend.cpp 2009-07-01 19:00:16.000000000 -0400 @@ -0,0 +1,11 @@ +--- ../libkleo/backends/qgpgme/qgpgmebackend.cpp.orig 2009-07-01 18:51:09.000000000 -0400 ++++ ../libkleo/backends/qgpgme/qgpgmebackend.cpp 2009-07-01 18:57:10.000000000 -0400 +@@ -280,7 +280,7 @@ + mOpenPGPProtocol( 0 ), + mSMIMEProtocol( 0 ) + { +- ++ GpgME::initializeLibrary(); + } + + Kleo::QGpgMEBackend::~QGpgMEBackend() { --Boundary-00=_MKJTKX5uvm0ZcEB Content-Type: text/x-patch; charset="ISO-8859-1"; name="deskutils.kdepimlibs4.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="deskutils.kdepimlibs4.patch" diff -ruN kdepimlibs4.orig/files/patch-gpgme++-CMakeLists.txt kdepimlibs4/files/patch-gpgme++-CMakeLists.txt --- kdepimlibs4.orig/files/patch-gpgme++-CMakeLists.txt 1969-12-31 19:00:00.000000000 -0500 +++ kdepimlibs4/files/patch-gpgme++-CMakeLists.txt 2009-07-01 18:36:37.000000000 -0400 @@ -0,0 +1,11 @@ +--- ../gpgme++/CMakeLists.txt.orig 2009-07-01 18:28:08.000000000 -0400 ++++ ../gpgme++/CMakeLists.txt 2009-07-01 18:28:36.000000000 -0400 +@@ -32,7 +32,7 @@ + gpgadduserideditinteractor.cpp + ) + +-set( _gpgmepp_version 2.0.2 ) ++set( _gpgmepp_version 2.0.3 ) + set( _gpgmepp_soversion 2 ) + + set( GPGMEPP_INCLUDE ${INCLUDE_INSTALL_DIR} ${GPGME_INCLUDES} ${Boost_INCLUDE_DIR} ) diff -ruN kdepimlibs4.orig/files/patch-gpgme++-context.cpp kdepimlibs4/files/patch-gpgme++-context.cpp --- kdepimlibs4.orig/files/patch-gpgme++-context.cpp 1969-12-31 19:00:00.000000000 -0500 +++ kdepimlibs4/files/patch-gpgme++-context.cpp 2009-07-01 18:37:44.000000000 -0400 @@ -0,0 +1,13 @@ +--- ../gpgme++/context.cpp.orig 2009-07-01 18:28:59.000000000 -0400 ++++ ../gpgme++/context.cpp 2009-07-01 18:30:51.000000000 -0400 +@@ -51,6 +51,10 @@ + #include <cassert> + + namespace GpgME { ++ void initializeLibrary() { ++ gpgme_check_version( 0 ); ++ } ++ + static inline gpgme_error_t makeError( gpg_err_code_t code ) { + return gpg_err_make( (gpg_err_source_t)22, code ); + } diff -ruN kdepimlibs4.orig/files/patch-gpgme++-global.h kdepimlibs4/files/patch-gpgme++-global.h --- kdepimlibs4.orig/files/patch-gpgme++-global.h 1969-12-31 19:00:00.000000000 -0500 +++ kdepimlibs4/files/patch-gpgme++-global.h 2009-07-01 18:38:05.000000000 -0400 @@ -0,0 +1,11 @@ +--- ../gpgme++/global.h.orig 2009-07-01 18:26:50.000000000 -0400 ++++ ../gpgme++/global.h 2009-07-01 18:27:58.000000000 -0400 +@@ -39,6 +39,8 @@ + + namespace GpgME { + ++ GPGMEPP_EXPORT void initializeLibrary(); ++ + enum Protocol { OpenPGP, CMS, UnknownProtocol }; + + enum Engine { GpgEngine, GpgSMEngine, GpgConfEngine, UnknownEngine }; --Boundary-00=_MKJTKX5uvm0ZcEB Content-Type: text/x-patch; charset="ISO-8859-1"; name="devel.bazaar.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="devel.bazaar.patch" diff -ruN bazaar.orig/files/patch-pfs-signatures.c bazaar/files/patch-pfs-signatures.c --- bazaar.orig/files/patch-pfs-signatures.c 2009-07-01 21:01:30.000000000 -0400 +++ bazaar/files/patch-pfs-signatures.c 2009-07-01 21:10:59.000000000 -0400 @@ -9,3 +9,11 @@ #include "libarch/pfs-signatures.h" +@@ -1154,6 +1154,7 @@ + gpgme_ctx_t context; + gpgme_data_t signature_data; + gpgme_data_t signed_content; ++ gpgme_check_version (NULL); + invariant (GPG_ERR_NO_ERROR == gpgme_new (&context)); + invariant (GPG_ERR_NO_ERROR == gpgme_data_new_from_mem (&signature_data, *signed_message, str_length (*signed_message), 0)); + invariant (GPG_ERR_NO_ERROR == gpgme_data_new (&signed_content)); --Boundary-00=_MKJTKX5uvm0ZcEB Content-Type: text/x-patch; charset="ISO-8859-1"; name="mail.mutt-devel.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="mail.mutt-devel.patch" diff -ruN mutt-devel.orig/files/patch-crypt-gpgme.c mutt-devel/files/patch-crypt-gpgme.c --- mutt-devel.orig/files/patch-crypt-gpgme.c 1969-12-31 19:00:00.000000000 -0500 +++ mutt-devel/files/patch-crypt-gpgme.c 2009-07-01 21:33:06.000000000 -0400 @@ -0,0 +1,10 @@ +--- ./crypt-gpgme.c.orig 2009-07-01 21:28:51.000000000 -0400 ++++ ./crypt-gpgme.c 2009-07-01 21:31:52.000000000 -0400 +@@ -342,6 +342,7 @@ + gpgme_error_t err; + gpgme_ctx_t ctx; + ++ gpgme_check_version (NULL); + if (!GpgmeLocaleSet) + { + gpgme_set_locale (NULL, LC_CTYPE, setlocale (LC_CTYPE, NULL)); --Boundary-00=_MKJTKX5uvm0ZcEB Content-Type: text/x-patch; charset="ISO-8859-1"; name="net-im.centericq.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="net-im.centericq.patch" diff -ruN centericq.orig/files/patch-src_impgp.cc centericq/files/patch-src_impgp.cc --- centericq.orig/files/patch-src_impgp.cc 1969-12-31 19:00:00.000000000 -0500 +++ centericq/files/patch-src_impgp.cc 2009-07-01 23:21:51.000000000 -0400 @@ -0,0 +1,10 @@ +--- ./src/impgp.cc.orig 2009-07-01 23:19:00.000000000 -0400 ++++ ./src/impgp.cc 2009-07-01 23:19:29.000000000 -0400 +@@ -12,6 +12,7 @@ + string impgp::passphrase[]; + + impgp::impgp() { ++ gpgme_check_version(NULL); + if(gpgme_new(&ctx)) + ctx = 0; + } --Boundary-00=_MKJTKX5uvm0ZcEB Content-Type: text/x-patch; charset="ISO-8859-1"; name="net-im.ayttm.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="net-im.ayttm.patch" diff -ruN ayttm.orig/files/patch-modules__aycryption__aycryption.c ayttm/files/patch-modules__aycryption__aycryption.c --- ayttm.orig/files/patch-modules__aycryption__aycryption.c 1969-12-31 19:00:00.000000000 -0500 +++ ayttm/files/patch-modules__aycryption__aycryption.c 2009-07-02 05:20:11.000000000 -0400 @@ -0,0 +1,11 @@ +--- ./modules/aycryption/aycryption.c.orig 2008-08-11 00:50:44.000000000 -0400 ++++ ./modules/aycryption/aycryption.c 2009-07-02 04:06:35.000000000 -0400 +@@ -108,6 +108,8 @@ + + static int aycryption_init() + { ++ gpgme_check_version (NULL); ++ + input_list *il = g_new0(input_list, 1); + plugin_info.prefs = il; + --Boundary-00=_MKJTKX5uvm0ZcEB Content-Type: text/x-patch; charset="ISO-8859-1"; name="net-im.centerim-devel.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="net-im.centerim-devel.patch" diff -ruN centerim-devel.orig/files/patch-src__impgp.cc centerim-devel/files/patch-src__impgp.cc --- centerim-devel.orig/files/patch-src__impgp.cc 1969-12-31 19:00:00.000000000 -0500 +++ centerim-devel/files/patch-src__impgp.cc 2009-07-01 23:28:12.000000000 -0400 @@ -0,0 +1,10 @@ +--- ./src/impgp.cc.orig 2009-07-01 23:27:35.000000000 -0400 ++++ ./src/impgp.cc 2009-07-01 23:27:55.000000000 -0400 +@@ -13,6 +13,7 @@ + string impgp::passphrase[]; + + impgp::impgp() { ++ gpgme_check_version(NULL); + if(gpgme_new(&ctx)) + ctx = 0; + } --Boundary-00=_MKJTKX5uvm0ZcEB Content-Type: text/x-patch; charset="ISO-8859-1"; name="net-im.centerim.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="net-im.centerim.patch" diff -ruN centerim.orig/files/patch-src__impgp.cc centerim/files/patch-src__impgp.cc --- centerim.orig/files/patch-src__impgp.cc 1969-12-31 19:00:00.000000000 -0500 +++ centerim/files/patch-src__impgp.cc 2009-07-01 23:25:47.000000000 -0400 @@ -0,0 +1,10 @@ +--- ./src/impgp.cc.orig 2009-07-01 23:25:08.000000000 -0400 ++++ ./src/impgp.cc 2009-07-01 23:25:37.000000000 -0400 +@@ -13,6 +13,7 @@ + string impgp::passphrase[]; + + impgp::impgp() { ++ gpgme_check_version(NULL); + if(gpgme_new(&ctx)) + ctx = 0; + } --Boundary-00=_MKJTKX5uvm0ZcEB Content-Type: text/x-patch; charset="ISO-8859-1"; name="security.openvas-libnasl.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="security.openvas-libnasl.patch" diff -ruN openvas-libnasl.orig/files/patch-nasl__nasl_signature.c openvas-libnasl/files/patch-nasl__nasl_signature.c --- openvas-libnasl.orig/files/patch-nasl__nasl_signature.c 1969-12-31 19:00:00.000000000 -0500 +++ openvas-libnasl/files/patch-nasl__nasl_signature.c 2009-07-01 23:10:14.000000000 -0400 @@ -0,0 +1,11 @@ +--- ./nasl/nasl_signature.c.orig 2009-07-01 23:08:30.000000000 -0400 ++++ ./nasl/nasl_signature.c 2009-07-01 23:09:42.000000000 -0400 +@@ -131,6 +131,8 @@ + gpgme_data_t sig = NULL, text = NULL; + char * gpghome = determine_gpghome(); + ++ gpgme_check_version (NULL); ++ + err = gpgme_engine_check_version(GPGME_PROTOCOL_OpenPGP); + if (err) + { --Boundary-00=_MKJTKX5uvm0ZcEB--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200907020657.16578.bsdkaffee>