Bug 1107529

Summary: Include support for signing file digests (e.g. for obs-sign)
Product: [Fedora] Fedora Reporter: Josef Stribny <jstribny>
Component: gnupg2Assignee: Tomas Mraz <tmraz>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 20CC: bcl, hhorak, jamielinux, msuchy, rdieter, slukasik, tmraz
Target Milestone: ---Keywords: FutureFeature, Patch
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: gnupg2-2.0.25-1.fc20 Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-08-07 15:30:43 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1091303    
Attachments:
Description Flags
add file-is-digest option to gnupg2
none
patch info files none

Description Josef Stribny 2014-06-10 07:00:18 UTC 
Created attachment 907038 [details]
add file-is-digest option to gnupg2

We would like to include a patch for signing file digests from the OBS project
that is used by and required for the signer[1]. We would like to use this in Copr build system as well as for OBS itself (I am trying to package OBS for Fedora).

Attached patch includes also changes to man pages. I also tried to ask upstream to include this patch [2], but it's unresolved so far.

Note: We changed the name of the option from the original patch from
'files-are-digests' to 'file-is-digest' as multiple files are not allowed.

[1] https://github.com/openSUSE/obs-sign
[2] https://bugs.g10code.com/gnupg/issue1646
Comment 1 Josef Stribny 2014-07-03 15:00:26 UTC 
Created attachment 914512 [details]
patch info files
Comment 2 Rex Dieter 2014-07-03 18:06:33 UTC 
may matter, any attempts to upstream this feature yet?
Comment 3 Tomas Mraz 2014-07-04 08:31:15 UTC 
The attempt is the link [2] above.

I'm willing to include it into our package even if upstream completely rejects this feature. What I do not want to is to have a slightly incompatible patch from upstream one (f.e. upstream changing the option name and otherwise accepting the patch).
Comment 4 Josef Stribny 2014-07-04 08:43:55 UTC 
> What I do not want to is to have a slightly incompatible patch from upstream one

Yes, this is a valid reason. Lets wait how the upstream responds although I do not see a high change that it gets accepted.
Comment 5 Josef Stribny 2014-07-29 07:34:10 UTC 
The maintainer of gnupg rejected the patch, could you now merge it? Thank you.
Comment 6 Fedora Update System 2014-08-05 15:31:13 UTC 
gnupg2-2.0.25-1.fc20 has been submitted as an update for Fedora 20.
https://admin.fedoraproject.org/updates/gnupg2-2.0.25-1.fc20
Comment 7 Fedora Update System 2014-08-07 15:30:43 UTC 
gnupg2-2.0.25-1.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.