commit: c8b7f9b5493547c2df4936df7fdab818bb69e1c3
Author: Kristian Fiskerstrand <k_f <AT> gentoo <DOT> org>
AuthorDate: Sat Sep 16 11:12:47 2017 +0000
Commit: Kristian Fiskerstrand <k_f <AT> gentoo <DOT> org>
CommitDate: Sat Sep 16 11:12:58 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c8b7f9b5
app-crypt/gnupg: Cleanup 2.1.23
Package-Manager: Portage-2.3.6, Repoman-2.3.1
app-crypt/gnupg/Manifest | 1 -
....1.23-gpg-default-to-no-auto-key-retrieve.patch | 71 ------------
app-crypt/gnupg/gnupg-2.1.23-r1.ebuild | 124 ---------------------
3 files changed, 196 deletions(-)
diff --git a/app-crypt/gnupg/Manifest b/app-crypt/gnupg/Manifest
index 8243dab73fe..fb6e09fc21f 100644
--- a/app-crypt/gnupg/Manifest
+++ b/app-crypt/gnupg/Manifest
@@ -1,5 +1,4 @@
DIST gnupg-1.4.21.tar.bz2 3689305 SHA256
6b47a3100c857dcab3c60e6152e56a997f2c7862c1b8b2b25adf3884a1ae2276 SHA512
619e0fbc10310c7e55d129027e2945791fe91a0884b1d6f53acb4b2e380d1c6e71d1a516a59876182c5c70a4227d44a74ceda018c343b5291fa9a5d6de77c984
WHIRLPOOL
eb596be347dd90be93d381fe405e50f5808160b546705493bc9d817d521ea236a2374648e6c2cab396f54bba74de4caf2b92e894df3a17aa339f014ef8cc8802
DIST gnupg-2.1.15.tar.bz2 5723689 SHA256
c28c1a208f1b8ad63bdb6b88d252f6734ff4d33de6b54e38494b11d49e00ffdd SHA512
69c943e853e1a37e8b17b3bc34e1503f14bc8f189fa9f3ac6644bcc98ccce6eaef64da20ff9dd1c8de3a7789ea577167984ccf3ac286cac50752e6f7c2f42ab1
WHIRLPOOL
4c5a8cd4e8b7196f4a355ce7739cf6e23c43817414e10bbba219117e4e51c4c618ffb5dbce27cb836a2171eda58e003d5ddf78d4af09a813c2a1729963413151
DIST gnupg-2.1.20.tar.bz2 6456128 SHA256
24cf9a69369be64a9f6f8cc11a1be33ab7780ad77a6a1b93719438f49f69960d SHA512
14a9890bc64e143f87cff121dd298d490d78dbd34e36883e0f25763ff9064e5706a7632893d7c5d0e8e9b8cf9cdb0d378b4ce1715348729f0fc080455b61eca9
WHIRLPOOL
fa6cbd66031cac41db308b10bebec87e37a19d3c63219d22fb874d7d016bcad057b93eeece7a64001718ee1f881199e3d3eebc8ef6625691f553b0d2dbc92624
-DIST gnupg-2.1.23.tar.bz2 6526734 SHA256
a94476391595e9351f219188767a9d6ea128e83be5ed3226a7890f49aa2d0d77 SHA512
8b8be0784129f5aa0ccde32a413a68c36e0e4131abe70c3eb186958c60f3df1023deb2db2db84d63ad30a3408a75c7622b430aff1a524ff28a24be511c952412
WHIRLPOOL
deb4e933108e0a77b941ed95732eab2ee77af175bd776f3f5dbd25bb38b37dcdf09ae8eee7cd39a09883c3757b81688e48b5a07d6f43419a4453d4ba38541c14
DIST gnupg-2.2.0.tar.bz2 6532475 SHA256
d4514a0be0f7a1ff263193330019eb4b53c82f0f5e230af3c14df371271a45e6 SHA512
8ab7c4183d2ec2e6b62066e3cbcba95babaa0ae22da47feab716698792d26495f072d50e8ec612b8d26147636bb316320c78940184373b3f4cb6ec411933361b
WHIRLPOOL
c918b6a7e40ff170e1ff3b77978cb7f0d9298a3410204677955dc167b114a1f85d32deaca4f006c2bd621f532379ca9631b96913bf660394a82ab4ee0bbbaecb
diff --git
a/app-crypt/gnupg/files/gnupg-2.1.23-gpg-default-to-no-auto-key-retrieve.patch
b/app-crypt/gnupg/files/gnupg-2.1.23-gpg-default-to-no-auto-key-retrieve.patch
deleted file mode 100644
index 4cc414d18e3..00000000000
---
a/app-crypt/gnupg/files/gnupg-2.1.23-gpg-default-to-no-auto-key-retrieve.patch
+++ /dev/null
@@ -1,71 +0,0 @@
-From e6f84116abca2ed49bf14b2e28c3c811a3717227 Mon Sep 17 00:00:00 2001
-From: Daniel Kahn Gillmor <d...@fifthhorseman.net>
-Date: Fri, 11 Aug 2017 02:26:52 -0400
-Subject: [PATCH] gpg: default to --no-auto-key-retrieve.
-
-* g10/gpg.c (main): remove KEYSERVER_AUTO_KEY_RETRIEVE from the
-default keyserver options.
-* doc/gpg.texi: document this change.
---
-
-This is a partial reversion of
-7e1fe791d188b078398bf83c9af992cb1bd2a4b3. Werner and i discussed it
-earlier today, and came to the conclusion that:
-
- * the risk of metadata leakage represented by a default
- --auto-key-retrieve, both in e-mail (as a "web bug") and in other
- contexts where GnuPG is used to verified signatures, is quite high.
-
- * the advantages of --auto-key-retrieve (in terms of signature
- verification) can sometimes be achieved in other ways, such as when
- a signed message includes a copy of its own key.
-
- * when those other ways are not useful, a graphical, user-facing
- application can still offer the user the opportunity to choose to
- fetch the key; or it can apply its own policy about when to set
- --auto-key-retrieve, without needing to affect the defaults.
-
-Note that --auto-key-retrieve is specifically about signature
-verification. Decisions about how and whether to look up a key during
-message encryption are governed by --auto-key-locate. This change
-does not touch the --auto-key-locate default of "local,wkd". The user
-deliberately asking gpg to encrypt to an e-mail address is a different
-scenario than having an incoming e-mail trigger a potentially unique
-network request.
-
-Signed-off-by: Daniel Kahn Gillmor <d...@fifthhorseman.net>
----
- doc/gpg.texi | 2 +-
- g10/gpg.c | 3 +--
- 2 files changed, 2 insertions(+), 3 deletions(-)
-
-diff --git a/doc/gpg.texi b/doc/gpg.texi
-index c71126a97..b6a9b2d70 100644
---- a/doc/gpg.texi
-+++ b/doc/gpg.texi
-@@ -1792,7 +1792,7 @@ list. The default is "local,wkd".
- @opindex no-auto-key-retrieve
- These options enable or disable the automatic retrieving of keys from
- a keyserver when verifying signatures made by keys that are not on the
--local keyring. The default is @option{--auto-key-retrieve}.
-+local keyring. The default is @option{--no-auto-key-retrieve}.
-
- If the method "wkd" is included in the list of methods given to
- @option{auto-key-locate}, the signer's user ID is part of the
-diff --git a/g10/gpg.c b/g10/gpg.c
-index c721cdc4a..c9fa7ae5b 100644
---- a/g10/gpg.c
-+++ b/g10/gpg.c
-@@ -2366,8 +2366,7 @@ main (int argc, char **argv)
- opt.keyserver_options.import_options = (IMPORT_REPAIR_KEYS
- | IMPORT_REPAIR_PKS_SUBKEY_BUG);
- opt.keyserver_options.export_options = EXPORT_ATTRIBUTES;
-- opt.keyserver_options.options = (KEYSERVER_HONOR_PKA_RECORD
-- | KEYSERVER_AUTO_KEY_RETRIEVE);
-+ opt.keyserver_options.options = KEYSERVER_HONOR_PKA_RECORD;
- opt.verify_options = (LIST_SHOW_UID_VALIDITY
- | VERIFY_SHOW_POLICY_URLS
- | VERIFY_SHOW_STD_NOTATIONS
---
-2.13.0
-
diff --git a/app-crypt/gnupg/gnupg-2.1.23-r1.ebuild
b/app-crypt/gnupg/gnupg-2.1.23-r1.ebuild
deleted file mode 100644
index 48711663f92..00000000000
--- a/app-crypt/gnupg/gnupg-2.1.23-r1.ebuild
+++ /dev/null
@@ -1,124 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="6"
-
-inherit systemd toolchain-funcs
-
-MY_P="${P/_/-}"
-
-DESCRIPTION="The GNU Privacy Guard, a GPL OpenPGP implementation"
-HOMEPAGE="http://www.gnupg.org/";
-SRC_URI="mirror://gnupg/gnupg/${MY_P}.tar.bz2"
-
-LICENSE="GPL-3"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390
~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~x86-fbsd ~amd64-linux
~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris
~sparc64-solaris ~x64-solaris ~x86-solaris"
-IUSE="bzip2 doc +gnutls ldap nls readline selinux +smartcard tofu tools usb
wks-server"
-
-COMMON_DEPEND_LIBS="
- >=dev-libs/npth-1.2
- >=dev-libs/libassuan-2.4.3
- >=dev-libs/libgcrypt-1.7.3
- >=dev-libs/libgpg-error-1.24
- >=dev-libs/libksba-1.3.4
- >=net-misc/curl-7.10
- gnutls? ( >=net-libs/gnutls-3.0:0= )
- sys-libs/zlib
- ldap? ( net-nds/openldap )
- bzip2? ( app-arch/bzip2 )
- readline? ( sys-libs/readline:0= )
- smartcard? ( usb? ( virtual/libusb:0 ) )
- tofu? ( >=dev-db/sqlite-3.7 )
- "
-COMMON_DEPEND_BINS="app-crypt/pinentry
- !app-crypt/dirmngr"
-
-# Existence of executables is checked during configuration.
-DEPEND="${COMMON_DEPEND_LIBS}
- ${COMMON_DEPEND_BINS}
- nls? ( sys-devel/gettext )
- doc? ( sys-apps/texinfo )"
-
-RDEPEND="${COMMON_DEPEND_LIBS}
- ${COMMON_DEPEND_BINS}
- selinux? ( sec-policy/selinux-gpg )
- nls? ( virtual/libintl )"
-
-S="${WORKDIR}/${MY_P}"
-
-DOCS=(
- ChangeLog NEWS README THANKS TODO VERSION
- doc/FAQ doc/DETAILS doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER
-)
-
-PATCHES=(
-
"${FILESDIR}/${PN}-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch"
- "${FILESDIR}/${P}-gpg-default-to-no-auto-key-retrieve.patch"
-)
-
-src_configure() {
- local myconf=()
-
- if use smartcard; then
- myconf+=(
- --enable-scdaemon
- $(use_enable usb ccid-driver)
- )
- else
- myconf+=( --disable-scdaemon )
- fi
-
- if use elibc_SunOS || use elibc_AIX; then
- myconf+=( --disable-symcryptrun )
- else
- myconf+=( --enable-symcryptrun )
- fi
-
- # glib fails and picks up clang's internal stdint.h causing weird errors
- [[ ${CC} == *clang ]] && \
- export gl_cv_absolute_stdint_h=/usr/include/stdint.h
-
- econf \
- "${myconf[@]}" \
- $(use_enable bzip2) \
- $(use_enable gnutls) \
- $(use_enable nls) \
- $(use_enable tofu) \
- $(use_enable wks-server wks-tools) \
- $(use_with ldap) \
- $(use_with readline) \
- --enable-gpg \
- --enable-gpgsm \
- --enable-large-secmem \
- --enable-all-tests \
- CC_FOR_BUILD="$(tc-getBUILD_CC)"
-}
-
-src_compile() {
- default
-
- use doc && emake -C doc html
-}
-
-src_install() {
- default
-
- use tools &&
- dobin \
- tools/{convert-from-106,gpg-check-pattern} \
-
tools/{gpg-zip,gpgconf,gpgsplit,lspgpot,mail-signed-keys} \
- tools/make-dns-cert
-
- dosym gpg /usr/bin/gpg2
- dosym gpgv /usr/bin/gpgv2
- echo ".so man1/gpg.1" > "${ED}"/usr/share/man/man1/gpg2.1 || die
- echo ".so man1/gpgv.1" > "${ED}"/usr/share/man/man1/gpgv2.1 || die
-
- dodir /etc/env.d
- echo "CONFIG_PROTECT=/usr/share/gnupg/qualified.txt" >>
"${ED}"/etc/env.d/30gnupg || die
-
- use doc && dodoc doc/gnupg.html/* doc/*.png
-
- systemd_douserunit doc/examples/systemd-user/*.{service,socket}
-}
