[packages/gnupg2] fix occasional ssh login failures with rsa key; rel 2

atler atler at pld-linux.org
Wed Apr 1 23:52:07 CEST 2026 

commit b21fcba6a1e25bb5c55dbff2f93090ce0da0469c
Author: Jan Palus <atler at pld-linux.org>
Date:   Wed Apr 1 23:42:04 2026 +0200

    fix occasional ssh login failures with rsa key; rel 2
    
    ssh login with gpg-agent acting as ssh-agent using rsa key with sha2
    signatures might fail if signature needs padding. see:
    
    https://dev.gnupg.org/T8202

 gnupg2.spec           |  4 +++-
 rsa-sig-padding.patch | 11 +++++++++++
 2 files changed, 14 insertions(+), 1 deletion(-)
---
diff --git a/gnupg2.spec b/gnupg2.spec
index 81874b2..64175eb 100644
--- a/gnupg2.spec
+++ b/gnupg2.spec
@@ -9,7 +9,7 @@ Summary:	GNU Privacy Guard - tool for secure communication and data storage - en
 Summary(pl.UTF-8):	GnuPG - narzędzie do bezpiecznej komunikacji i bezpiecznego przechowywania danych - wersja rozszerzona
 Name:		gnupg2
 Version:	2.5.18
-Release:	1
+Release:	2
 License:	GPL v3+
 Group:		Applications/File
 Source0:	https://www.gnupg.org/ftp/gcrypt/gnupg/gnupg-%{version}.tar.bz2
@@ -18,6 +18,7 @@ Source1:	gnupg-agent.sh
 Patch0:		%{name}-info.patch
 Patch1:		%{name}-nogit.patch
 Patch2:		%{name}-pl.po-update.patch
+Patch3:		rsa-sig-padding.patch
 URL:		https://www.gnupg.org/
 BuildRequires:	autoconf >= 2.69
 BuildRequires:	automake >= 1:1.16.3
@@ -166,6 +167,7 @@ wywoływany przez gpgsm i nie używany bezpośrednio.
 %patch -P0 -p1
 %patch -P1 -p1
 %patch -P2 -p1
+%patch -P3 -p1
 
 %{__rm} po/stamp-po
 
diff --git a/rsa-sig-padding.patch b/rsa-sig-padding.patch
new file mode 100644
index 0000000..febbb2c
--- /dev/null
+++ b/rsa-sig-padding.patch
@@ -0,0 +1,11 @@
+--- gnupg-2.5.18/agent/command-ssh.c.orig	2025-11-19 16:55:57.000000000 +0100
++++ gnupg-2.5.18/agent/command-ssh.c	2026-04-01 23:30:52.453206379 +0200
+@@ -1481,7 +1481,7 @@
+       err = gcry_mpi_print (GCRYMPI_FMT_USG, data, spec->keysize, &data_n, s);
+       if (data_n < spec->keysize)
+         {
+-          memmove (data, data+spec->keysize-data_n, data_n);
++          memmove (data+spec->keysize-data_n, data, data_n);
+           memset (data, 0, spec->keysize-data_n);
+           data_n = spec->keysize;
+         }
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/gnupg2.git/commitdiff/b21fcba6a1e25bb5c55dbff2f93090ce0da0469c

More information about the pld-cvs-commit mailing list