diff -u gnupg-1.4.6/debian/changelog gnupg-1.4.6/debian/changelog --- gnupg-1.4.6/debian/changelog +++ gnupg-1.4.6/debian/changelog @@ -1,3 +1,11 @@ +gnupg (1.4.6-1ubuntu2) feisty; urgency=low + + * Add 'debian/patches/50_show_primary_only.dpatch': add + 'show-primary-uid-only' to verify options, to suppress 'aka' output + in key verifications. + + -- Kees Cook Thu, 15 Feb 2007 09:27:56 -0800 + gnupg (1.4.6-1ubuntu1) feisty; urgency=low * Merge from debian unstable, remaining changes: diff -u gnupg-1.4.6/debian/patches/00list gnupg-1.4.6/debian/patches/00list --- gnupg-1.4.6/debian/patches/00list +++ gnupg-1.4.6/debian/patches/00list @@ -4,0 +5 @@ +50_show_primary_only.dpatch only in patch2: unchanged: --- gnupg-1.4.6.orig/debian/patches/50_show_primary_only.dpatch +++ gnupg-1.4.6/debian/patches/50_show_primary_only.dpatch @@ -0,0 +1,70 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 50_show_primary_only.dpatch by Kees Cook +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: Disables the "aka" output in key verifications (off by default). + +@DPATCH@ +diff -urNad gnupg-1.4.6~/doc/gnupg1.info gnupg-1.4.6/doc/gnupg1.info +--- gnupg-1.4.6~/doc/gnupg1.info 2006-12-06 01:13:19.000000000 -0800 ++++ gnupg-1.4.6/doc/gnupg1.info 2007-02-15 09:29:12.583358848 -0800 +@@ -828,6 +828,10 @@ + Show revoked and expired user IDs during signature + verification. Defaults to no. + ++ show-primary-uid-only ++ Show only the primary user ID during signature verification. ++ Defaults to no. ++ + pka-lookups + Enable PKA lookups to verify sender addresses. Note that PKA + is based on DNS, and so enabling this option may disclose +diff -urNad gnupg-1.4.6~/doc/gpg.texi gnupg-1.4.6/doc/gpg.texi +--- gnupg-1.4.6~/doc/gpg.texi 2006-12-04 05:56:28.000000000 -0800 ++++ gnupg-1.4.6/doc/gpg.texi 2007-02-15 09:29:12.587359054 -0800 +@@ -1003,6 +1003,10 @@ + Show revoked and expired user IDs during signature verification. + Defaults to no. + ++@item show-primary-uid-only ++Show only the primary user ID during signature verification. ++Defaults to no. ++ + @item pka-lookups + Enable PKA lookups to verify sender addresses. Note that PKA is based + on DNS, and so enabling this option may disclose information on when +diff -urNad gnupg-1.4.6~/g10/gpg.c gnupg-1.4.6/g10/gpg.c +--- gnupg-1.4.6~/g10/gpg.c 2006-12-03 07:37:45.000000000 -0800 ++++ gnupg-1.4.6/g10/gpg.c 2007-02-15 09:29:12.591359260 -0800 +@@ -2582,6 +2582,8 @@ + N_("show user ID validity during signature verification")}, + {"show-unusable-uids",VERIFY_SHOW_UNUSABLE_UIDS,NULL, + N_("show revoked and expired user IDs in signature verification")}, ++ {"show-primary-uid-only",VERIFY_SHOW_ONLY_PRIMARY_UID,NULL, ++ N_("show only primary user ID in signature verification")}, + {"pka-lookups",VERIFY_PKA_LOOKUPS,NULL, + N_("validate signatures with PKA data")}, + {"pka-trust-increase",VERIFY_PKA_TRUST_INCREASE,NULL, +diff -urNad gnupg-1.4.6~/g10/mainproc.c gnupg-1.4.6/g10/mainproc.c +--- gnupg-1.4.6~/g10/mainproc.c 2006-04-07 17:51:28.000000000 -0700 ++++ gnupg-1.4.6/g10/mainproc.c 2007-02-15 09:29:12.591359260 -0800 +@@ -1737,7 +1737,7 @@ + + /* If we have a good signature and already printed + * the primary user ID, print all the other user IDs */ +- if ( count && !rc ) { ++ if ( count && !rc && !(opt.verify_options&VERIFY_SHOW_ONLY_PRIMARY_UID)) { + char *p; + for( un=keyblock; un; un = un->next ) { + if( un->pkt->pkttype != PKT_USER_ID ) +diff -urNad gnupg-1.4.6~/g10/options.h gnupg-1.4.6/g10/options.h +--- gnupg-1.4.6~/g10/options.h 2006-12-03 07:37:45.000000000 -0800 ++++ gnupg-1.4.6/g10/options.h 2007-02-15 09:29:12.599359672 -0800 +@@ -324,6 +324,7 @@ + #define VERIFY_SHOW_UNUSABLE_UIDS (1<<6) + #define VERIFY_PKA_LOOKUPS (1<<7) + #define VERIFY_PKA_TRUST_INCREASE (1<<8) ++#define VERIFY_SHOW_ONLY_PRIMARY_UID (1<<9) + + #define KEYSERVER_USE_TEMP_FILES (1<<0) + #define KEYSERVER_KEEP_TEMP_FILES (1<<1)