commit: eb73332ccf12be2ec981ddb7e27f20790e13a92c
Author: Kristian Fiskerstrand <k_f <AT> gentoo <DOT> org>
AuthorDate: Thu May 19 21:04:12 2016 +0000
Commit: Kristian Fiskerstrand <k_f <AT> gentoo <DOT> org>
CommitDate: Thu May 19 21:06:36 2016 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=eb73332c
app-crypt/gnupg: New upstream version 2.1.12
Fixes;
Gentoo-Bug: 573930
Gentoo-Bug: 575798
Gentoo-Bug: 581966
Package-Manager: portage-2.2.28
app-crypt/gnupg/Manifest | 1 +
.../files/gnupg-2.1-fix-gentoo-dash-issue.patch | 12 ++
.../gnupg-2.1.12-fix-signature-checking.patch | 50 +++++++
app-crypt/gnupg/gnupg-2.1.12.ebuild | 159 +++++++++++++++++++++
4 files changed, 222 insertions(+)
diff --git a/app-crypt/gnupg/Manifest b/app-crypt/gnupg/Manifest
index 1e455b3..3c18723 100644
--- a/app-crypt/gnupg/Manifest
+++ b/app-crypt/gnupg/Manifest
@@ -6,4 +6,5 @@ DIST gnupg-2.0.29.tar.bz2 4416251 SHA256
68ed6b386ba78425b05a60e8ee22785ff0fef19
DIST gnupg-2.0.30.tar.bz2 4414652 SHA256
e329785a4f366ba5d72c2c678a7e388b0892ac8440c2f4e6810042123c235d71 SHA512
e60a57f7dc74b44f884fd50d5a9c51cef7df8c098644ebab9ef7d945a40b0e4a285d0dc80b10fe39d8e4c2cc9d6cbbe800a0ddae54883180dc755fe47ced3314
WHIRLPOOL
007315882becc1204edf6833a13610284ce7e1c73429fc3b4170c35ba61c645299f811f01b1bc0506b1cf94ce0de23af4cea33f51cf97397ec61caa15ce3ac6c
DIST gnupg-2.1.10.tar.bz2 5173253 SHA256
93bd58d81771a4fa488566e5d2e13b1fd7afc86789401eb41731882abfd26cf9 SHA512
ceea93a7e7d30e07839bcc52d4246fd5be1ec81a8c4d4d62059e2b0c0e58fab07a1531016f82bcc506340653d66c73541dd3f5897df7691abeb4068d94957003
WHIRLPOOL
01f92f6020b79b373d4d6879cc39913c575c67a52c1bd425770322de0ce5a9fbd796d800cbb41a15553fd30a6c8f85a794e0b4c09420a2b49f6cb0542cdb52fb
DIST gnupg-2.1.11.tar.bz2 5224007 SHA256
b7b0fb2c8c5d47d7ec916d4a1097c0ddcb94a12bb1c0ac424ad86b1ee316b61a SHA512
b39f3fb461ad879b1909808434c4b03dab4d1d79aa674fbc88e3d50960184c0c25a840206ff32b760672f1b2153253f4d7a88eb726d8662f629fa04b6739ad31
WHIRLPOOL
486d623e73172a6d7dc7a6e4a5b411e70e0002a960f0398833377b8e8d79e5456a73f945db7c8bbca6ff7fd33fbfb49ca587e3a393094ce0a16d86cd906f7f09
+DIST gnupg-2.1.12.tar.bz2 5510723 SHA256
ac34929d2400a58a349963865442ee6cdd75e500a8d5df083d29835e88bfc506 SHA512
fdf24d4980ba4011840fd2316a856db2bf50e531071c2bfb899af2b4f5580a9f2992f85a451670a7121d04b608bfb147cefdca1c6f6eb55bc23ecfe5052639e6
WHIRLPOOL
ee5a748afee3aa4f8318c1bc1bcbd09232a71853291211f3c5cd8cc44fb70d126185ae9c13086247cd22a9b13c2102f4fa0553e25496c5152f2ce34dc2505d10
DIST gnupg-2.1.9.tar.bz2 4925167 SHA256
1cb7633a57190beb66f9249cb7446603229b273d4d89331b75c652fa4a29f7b6 SHA512
c19b8cac42b7060caada230b77f36a0b0ed0a05efd519818c5b4057ef0fcb16602f2f3ade2409de2ef353a9e2acc3e5fa106a4449c6929a36a599a82194c0ee0
WHIRLPOOL
105b83e82330a00084a0e9f3d96c8788ac2c9e7831beea0ea42786df4e378dc9e8f2c1a31f12af9c53d363aa71810cd231afdf8f20eab424fea5f59b103033a9
diff --git a/app-crypt/gnupg/files/gnupg-2.1-fix-gentoo-dash-issue.patch
b/app-crypt/gnupg/files/gnupg-2.1-fix-gentoo-dash-issue.patch
new file mode 100644
index 0000000..6878ef1
--- /dev/null
+++ b/app-crypt/gnupg/files/gnupg-2.1-fix-gentoo-dash-issue.patch
@@ -0,0 +1,12 @@
+diff -Naur tests.old/openpgp/mds.test tests/openpgp/mds.test
+--- tests.old/openpgp/mds.test 2016-05-03 13:13:11.373313389 +0200
++++ tests/openpgp/mds.test 2016-05-03 13:13:31.886755059 +0200
+@@ -63,7 +63,7 @@
+
+ [ "$failed" != "" ] && error "$failed failed for empty string"
+
+-echo_n "abcdefghijklmnopqrstuvwxyz" | $GPG --with-colons --print-mds >y
++printf "abcdefghijklmnopqrstuvwxyz" | $GPG --with-colons --print-mds >y
+ if have_hash_algo "MD5"; then
+ test_one ":1:" "C3FCD3D76192E4007DFB496CCA67E13B"
+ fi
diff --git a/app-crypt/gnupg/files/gnupg-2.1.12-fix-signature-checking.patch
b/app-crypt/gnupg/files/gnupg-2.1.12-fix-signature-checking.patch
new file mode 100644
index 0000000..debf0bb
--- /dev/null
+++ b/app-crypt/gnupg/files/gnupg-2.1.12-fix-signature-checking.patch
@@ -0,0 +1,50 @@
+From 83a90a916e8e2f8e44c3b11d11e1dd75f65a87fb Mon Sep 17 00:00:00 2001
+From: NIIBE Yutaka <gni...@fsij.org>
+Date: Wed, 11 May 2016 19:27:03 +0900
+Subject: [PATCH 1/1] g10: Fix signature checking.
+
+* g10/sig-check.c (check_signature_over_key_or_uid): Fix call to
+walk_kbnode.
+
+--
+
+Thanks to Vincent Brillault (Feandil).
+
+GnuPG-bug-id: 2351
+Signed-off-by: NIIBE Yutaka <gni...@fsij.org>
+---
+ g10/sig-check.c | 13 +++++++++----
+ 1 file changed, 9 insertions(+), 4 deletions(-)
+
+diff --git a/g10/sig-check.c b/g10/sig-check.c
+index 290f19a..7000b48 100644
+--- a/g10/sig-check.c
++++ b/g10/sig-check.c
+@@ -797,15 +797,20 @@ check_signature_over_key_or_uid (PKT_public_key *signer,
+ *is_selfsig = 1;
+ }
+ else
+- /* See if one of the subkeys was the signer (although this is
+- extremely unlikely). */
+ {
+ kbnode_t ctx = NULL;
+ kbnode_t n;
+
+- while ((n = walk_kbnode (kb, &ctx, PKT_PUBLIC_SUBKEY)))
++ /* See if one of the subkeys was the signer (although this
++ is extremely unlikely). */
++ while ((n = walk_kbnode (kb, &ctx, 0)))
+ {
+- PKT_public_key *subk = n->pkt->pkt.public_key;
++ PKT_public_key *subk;
++
++ if (n->pkt->pkttype != PKT_PUBLIC_SUBKEY)
++ continue;
++
++ subk = n->pkt->pkt.public_key;
+ if (sig->keyid[0] == subk->keyid[0]
+ && sig->keyid[1] == subk->keyid[1])
+ /* Issued by a subkey. */
+--
+2.8.0.rc3
+
diff --git a/app-crypt/gnupg/gnupg-2.1.12.ebuild
b/app-crypt/gnupg/gnupg-2.1.12.ebuild
new file mode 100644
index 0000000..8f95a20
--- /dev/null
+++ b/app-crypt/gnupg/gnupg-2.1.12.ebuild
@@ -0,0 +1,159 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="5"
+
+inherit eutils flag-o-matic toolchain-funcs
+
+DESCRIPTION="The GNU Privacy Guard, a GPL OpenPGP implementation"
+HOMEPAGE="http://www.gnupg.org/";
+MY_P="${P/_/-}"
+SRC_URI="mirror://gnupg/gnupg/${MY_P}.tar.bz2"
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86"
+IUSE="bzip2 doc +gnutls ldap nls readline selinux smartcard tofu tools usb"
+
+COMMON_DEPEND_LIBS="
+ dev-libs/npth
+ >=dev-libs/libassuan-2.4.1
+ >=dev-libs/libgcrypt-1.6.2[threads]
+ >=dev-libs/libgpg-error-1.21
+ >=dev-libs/libksba-1.2.0
+ >=net-misc/curl-7.10
+ gnutls? ( >=net-libs/gnutls-3.0:0= )
+ sys-libs/zlib
+ ldap? ( net-nds/openldap )
+ bzip2? ( app-arch/bzip2 )
+ readline? ( sys-libs/readline:0= )
+ smartcard? ( usb? ( virtual/libusb:0 ) )
+ tofu? ( >=dev-db/sqlite-3.7 )
+ "
+COMMON_DEPEND_BINS="app-crypt/pinentry
+ !app-crypt/dirmngr"
+
+# Existence of executables is checked during configuration.
+DEPEND="${COMMON_DEPEND_LIBS}
+ ${COMMON_DEPEND_BINS}
+ nls? ( sys-devel/gettext )
+ doc? ( sys-apps/texinfo )"
+
+RDEPEND="${COMMON_DEPEND_LIBS}
+ ${COMMON_DEPEND_BINS}
+ selinux? ( sec-policy/selinux-gpg )
+ nls? ( virtual/libintl )"
+
+S="${WORKDIR}/${MY_P}"
+
+src_prepare() {
+ epatch "${FILESDIR}/${P}-fix-signature-checking.patch" \
+ "${FILESDIR}/${PN}-2.1-fix-gentoo-dash-issue.patch"
+ epatch_user
+}
+
+src_configure() {
+ local myconf=()
+
+ if use smartcard; then
+ myconf+=(
+ --enable-scdaemon
+ $(use_enable usb ccid-driver)
+ )
+ else
+ myconf+=( --disable-scdaemon )
+ fi
+
+ if use elibc_SunOS || use elibc_AIX; then
+ myconf+=( --disable-symcryptrun )
+ else
+ myconf+=( --enable-symcryptrun )
+ fi
+
+ # glib fails and picks up clang's internal stdint.h causing weird errors
+ [[ ${CC} == *clang ]] && \
+ export gl_cv_absolute_stdint_h=/usr/include/stdint.h
+
+ econf \
+ --docdir="${EPREFIX}/usr/share/doc/${PF}" \
+ --enable-gpg \
+ --enable-gpgsm \
+ --enable-large-secmem \
+ --without-adns \
+ "${myconf[@]}" \
+ $(use_enable bzip2) \
+ $(use_enable gnutls) \
+ $(use_with ldap) \
+ $(use_enable nls) \
+ $(use_with readline) \
+ $(use_enable tofu) \
+ CC_FOR_BUILD="$(tc-getBUILD_CC)"
+}
+
+src_compile() {
+ default
+
+ if use doc; then
+ cd doc
+ emake html
+ fi
+}
+
+src_install() {
+ default
+
+ use tools && dobin tools/{convert-from-106,gpg-check-pattern} \
+
tools/{gpg-zip,gpgconf,gpgsplit,lspgpot,mail-signed-keys,make-dns-cert}
+
+ emake DESTDIR="${D}" -f doc/Makefile uninstall-nobase_dist_docDATA
+ # The help*txt files are read from the datadir by GnuPG directly.
+ # They do not work if compressed or moved!
+ #rm "${ED}"/usr/share/gnupg/help* || die
+
+ dodoc ChangeLog NEWS README THANKS TODO VERSION doc/FAQ doc/DETAILS \
+ doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER doc/help*
+
+ dosym gpg2 /usr/bin/gpg
+ dosym gpgv2 /usr/bin/gpgv
+ echo ".so man1/gpg2.1" > "${ED}"/usr/share/man/man1/gpg.1
+ echo ".so man1/gpgv2.1" > "${ED}"/usr/share/man/man1/gpgv.1
+
+ dodir /etc/env.d
+ echo "CONFIG_PROTECT=/usr/share/gnupg/qualified.txt" >>
"${ED}"/etc/env.d/30gnupg
+
+ if use doc; then
+ dohtml doc/gnupg.html/* doc/*.png
+ fi
+}
+
+pkg_postinst() {
+ elog "If you wish to view images emerge:"
+ elog "media-gfx/xloadimage, media-gfx/xli or any other viewer"
+ elog "Remember to use photo-viewer option in configuration file to
activate"
+ elog "the right viewer."
+ elog
+
+ if use smartcard; then
+ elog "To use your OpenPGP smartcard (or token) with GnuPG you
need one of"
+ use usb && elog " - a CCID-compatible reader, used directly
through libusb;"
+ elog " - sys-apps/pcsc-lite and a compatible reader device;"
+ elog " - dev-libs/openct and a compatible reader device;"
+ elog " - a reader device and drivers exporting either PC/SC or
CT-API interfaces."
+ elog ""
+ elog "General hint: you probably want to try installing
sys-apps/pcsc-lite and"
+ elog "app-crypt/ccid first."
+ fi
+
+ ewarn "Please remember to restart gpg-agent if a different version"
+ ewarn "of the agent is currently used. If you are unsure of the gpg"
+ ewarn "agent you are using please run 'killall gpg-agent',"
+ ewarn "and to start a fresh daemon just run 'gpg-agent --daemon'."
+
+ if [[ -n ${REPLACING_VERSIONS} ]]; then
+ elog "If upgrading from a version prior than 2.1 you might have
to re-import"
+ elog "secret keys after restarting the gpg-agent as the new
version is using"
+ elog "a new storage mechanism."
+ elog "You can migrate the keys using gpg --import
\$HOME/.gnupg/secring.gpg"
+ fi
+}
