summaryrefslogtreecommitdiff
path: root/app-crypt/gnupg
diff options
context:
space:
mode:
authorV3n3RiX <venerix@koprulu.sector>2024-03-04 05:43:10 +0000
committerV3n3RiX <venerix@koprulu.sector>2024-03-04 05:43:10 +0000
commit57e2174dcd454b41778b7b437f88d0a9f1a6e428 (patch)
treee6f528c74cef8bdfdf1b07fbba3a70acbae6af25 /app-crypt/gnupg
parent0a648c5255c22a6092b8de20ffba9e235299a293 (diff)
gentoo auto-resync : 04:03:2024 - 05:43:09
Diffstat (limited to 'app-crypt/gnupg')
-rw-r--r--app-crypt/gnupg/Manifest13
-rw-r--r--app-crypt/gnupg/files/gnupg-2.2.42-dirmngr-proxy.patch156
-rw-r--r--app-crypt/gnupg/files/gnupg-2.2.42-gpgme-tests.patch39
-rw-r--r--app-crypt/gnupg/files/gnupg-2.4.2-fix-emacs.patch564
-rw-r--r--app-crypt/gnupg/files/gnupg-2.4.3-no-ldap.patch28
-rw-r--r--app-crypt/gnupg/gnupg-2.2.41.ebuild179
-rw-r--r--app-crypt/gnupg/gnupg-2.2.42-r3.ebuild (renamed from app-crypt/gnupg/gnupg-2.2.42-r1.ebuild)3
-rw-r--r--app-crypt/gnupg/gnupg-2.4.3-r1.ebuild198
-rw-r--r--app-crypt/gnupg/gnupg-2.4.4.ebuild198
9 files changed, 201 insertions, 1177 deletions
diff --git a/app-crypt/gnupg/Manifest b/app-crypt/gnupg/Manifest
index 106d918d3c91..5ecabb303c77 100644
--- a/app-crypt/gnupg/Manifest
+++ b/app-crypt/gnupg/Manifest
@@ -3,26 +3,19 @@ AUX dirmngr.service 212 BLAKE2B 7a3af856305eb4b00929aaf029dd4e5c84376df4f30add76
AUX dirmngr.socket 204 BLAKE2B 7cf60bfd5eaf1809e0a0eb86efaa8f7f07681e351e9c0cf12127f8b29bd4f989f5fee159e7978343d45112945483b3e7b72ea9c085d00f7ee3bc0480b269b36d SHA512 9495cdc61a9cca3156d4739e5f72c2f7d3a80e45030f1a5ae14cba7f9de98ef7fabd8d40eb18eb8824b792ed03c566e317d36183372cd4245b8bd86b6167d4b5
AUX gnupg-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch 1048 BLAKE2B 36f37b74da309100191f4d8f9c27d08a1b00d2d30fbaf169dbb74ebbe42293357a4fb62332e286fe5725dcfdc30645a602dc2a51c51924b06215b68fd5235658 SHA512 fd12827150e96cd7979ea9611d64ed4ab9e6c61cfecdd697b8fb4d162f20985b734c2bfc365a921809b9029e86a85a9b36c10ec472b3dd49c25ea18f5aef56ce
AUX gnupg-2.2.42-bug923248-insecure-backup.patch 12385 BLAKE2B af374b2038a6d8628922e433f26dee2cc66c9e031d871947e2a44586cf2183d8a7bc365f1f0cc0cde552eb176d5f580b3aaab5e4a551d0652f10096c5150aa43 SHA512 1dc123f120d95ae77b52b3869bf7abfcaf0cfbfe732f691663b472a6e9bdd20502280527585dda81da4bd03e8194bdd5e72cc2111f24ccf2ce9e476fe474d4cf
-AUX gnupg-2.4.2-fix-emacs.patch 16897 BLAKE2B 8d810abf26b4fbc3a6119d5b0b3c8048a82262249b2b61fbfaa01792229d4ac6277cb2b20f8e8b2fac36a201d4c0b8980e6f7c63293d2edbdb379b5d1123112e SHA512 1b2d89c5203cabcc7bdce9e4a665e708d9610e7da347a653e8c60e0a95f95605234ea953ca0ba6eb0157743d231ed52c00240f02a181640aee3b87e963e42322
-AUX gnupg-2.4.3-no-ldap.patch 732 BLAKE2B 24ae1b81900dff5b1698dd4260399557e39e68f5ecae5d8012a489a7c63c1d899f586aa0ec19a81464a738fd5362a202423afedad3a9f37ea74819f11eb6f857 SHA512 064e0ea7af889a2c9f7545de21e3999441bc86ad8b01fa092339ea4b5fcffc601b21d37a1d40397afcb21c073f3b075057af2c1fbedd926db3d427acbf8f8657
+AUX gnupg-2.2.42-dirmngr-proxy.patch 4882 BLAKE2B 1dbe7221ce82024d93cb7e41cb675cd4f159e34f26126cf7ce56e59115548919c3df4b38ff017540734886af3bc516307f92cb66c3b0aa66ce0181215422e516 SHA512 fa920e0d16da4bb689664a0a7d1e851317be387e9acdc7bf79970195408e498452e8c19eb548e3397aa147a1881af1ad1e9689e40046f3ce3ea81654d6e0d2c7
+AUX gnupg-2.2.42-gpgme-tests.patch 1214 BLAKE2B f83ed690099a7151d9b8144a112c14a809e120309ebb2283bf835e37c91e18566e3d6f1b7f8d6fbd5977424a19110923196a6495f22cddfa5cc6893be6c3b720 SHA512 1fb8767b06ab1d32711275c1efca47b802cc58e7f0b04d754f3b4138e81b4bb011965e9919b3e24d3b20046b31df3f615770054a98bc61971257bd7f77bbc184
AUX gnupg-2.4.4-dirmngr-proxy.patch 6301 BLAKE2B aa69f47d57569e64a75814c1a20964376c33e3ea2873d76295df5e8303cc0c966cc490fbba4f98a86aa392aeb57905605c1a3c2617992826e30a4450873726b9 SHA512 ee49aa5dd8be2d5b4b46ba26e450c797f65609decbf7cc267e82cf809352694d5358df7ee19752d8a4e2024428578370c7ca983da0eac7787b537c6a8cad854d
AUX gpg-agent-browser.socket 298 BLAKE2B 0b08e5e60ced5e09a485506a52c1da35ed6e557fc36021d0c5f5f1ade19e7dd1d67096110eebe7955246eea53f21b2bdc3ab9f3a660ed8be90ab609ce7126008 SHA512 8dfdd132f991be23aa29ea36d2cfbfd36cdd5c3f7243636fb82ee99e5a427eccbdec69d51732ad78b9592a307eb2a0044c413635e03a6cadc94b7719388b86a7
AUX gpg-agent-extra.socket 281 BLAKE2B 2b8edd4454fece75535e84a2ee7daffa764395a99fbfbcc1d17673220795955b4bd62a447776cbe8a2b1a790da9104465c15f47ae0ea3c5d20514cf93db27922 SHA512 b0bfa5c7ecdb541684c56938f97660fd9efce7df2ec6bdf8de95cca9ed90323a7ca796c3e886fc081b11eeff1c2632e6c20ddcbf23e14286993fa8ff0ba08804
AUX gpg-agent-ssh.socket 308 BLAKE2B bacd09131082ee4bd440568b68065fb148c90a620e6628796bb9f3a2957a13860d15ce548e39ce10bc8749ebeabd7dcd0e893db49df295c9126078fc3de76619 SHA512 202bc5c9c7f9c4e97f53626c906ea455d6d4497cc03272c52f7b653cb5d5dc23850b85f939b88d04bbe70e309ad007415401298c9d04cb9b60329ad9e550e93d
AUX gpg-agent.service 223 BLAKE2B ad71d7fab2a92a8da454c34884b5724e94adc0925a7f97f062fb7b78ed3ec87e5babb6383e755c943afd16bf61789ba83455dc2baf82ce248c1c4622ff87e364 SHA512 4a5cde9185fcc34b62880c2e80717075838ef35e63e361d81e329b2b6eb92d69f26f11669722c66653091b36c42bf678abea10e5fc9327ecee2070d0ee51ef25
AUX gpg-agent.socket 234 BLAKE2B 622da5cb56ac2bba99054b9eecefc95aca523074aff24f77d1fb1fcdb94c1ad99c0411375816a0ac1b9f68d172207ed5061bc3afc167d0d1e3e57de1b41f19ee SHA512 551df5183fccc261505983880010c5be7135a9858d74354723f947163b101b2859ebdfd529f8c3746770394256afedc219ea0eb2df5c985be48f5f45430ca541
-DIST gnupg-2.2.41.tar.bz2 7313746 BLAKE2B 0be2965a646a8636a127f89329030860908b0bbc447381782527459aed85f5276c29e7a2c89f87cb715407d9f1aabbf3ae1765073764d05e422035e8d5962569 SHA512 f472e5058ea9881355f0c754a47acd0b5360c36e8976b8563dbc763a7cef792bf88227cc15fe5172d3e9bb9fc34d8448dd5c183949031e91a1997cc7f0f83b55
-DIST gnupg-2.2.41.tar.bz2.sig 238 BLAKE2B 7a4dc8dd4b3da77f6684325f46e3e3b1aeac6fcd8382e3148da1a01a5c5a9e14c1352fb28b61e500388d647e1103b8f78ad49e467e01b732c4a13eb849859b98 SHA512 ac6edd35c6b02a02d6c8a4468332213f20159f972aa2f7fd25c6841c662b3d84db5230330d540e0785ddaff080daf8dd250292104ff47560ad59c11803aabefa
DIST gnupg-2.2.42.tar.bz2 7434291 BLAKE2B 5f7f01f31949e5258d638fbff81fa641e5c167e6eaf32c55eb187d4a31b31cd4fe6e51c622e74d8544c4f95c75484e15117f26a8cf26055ff6813d75e54f2b8a SHA512 9c59d034f428d42323b5520e1a8984acc1505ba1d96d90f00e17b24aa91660b2dc64e1a3ceb044c56f39b4c402a77c7e0b226c65218c23c094781b4ef51e2eb5
DIST gnupg-2.2.42.tar.bz2.sig 238 BLAKE2B 251ad0a832042ceb93b0edfda8652104bfb463e291322f22f0ab0d9b35606c3589be7a6f3e9e2aac8f6ac368a7d11840ab83b29997587dc65685de9f2dec3fee SHA512 7073bfc920c571680a1de57b4e6cd83cde24ccb3b5f592602b0c32fd762eef497027b08745044c9f41130ca99bb7ec77222568c2d0a1099d3c1c15137e0221d7
-DIST gnupg-2.4.3.tar.bz2 7351327 BLAKE2B b7f4f5e548ec6dfc89cf8792f507ee8642e8500692998cf8d2edc9f5d8002904d24a714b9caffabee6094707c4595e0f54197535135622a7a32aa772f5818f28 SHA512 193a9398445272ec3eb5b79e802efb7414f74bcfffc3db0bf72c0056e04228120c419ed91db168e5733a16a33e548bab5368dd9cf11ecd483825bce189341a1e
-DIST gnupg-2.4.3.tar.bz2.sig 119 BLAKE2B 763c0569e5378e132de39e1583c19bae8912455bf7cd5a65bcfc88fa43be99fb6bbf8397192b3086db2f6f0f63fc25789f5e6ce98b2fe63cda3bf673b1c60a20 SHA512 7affff694d194c3befdfc865a7872c0883304ea704e3691eac328d802f12f4f82c2a93eaa1257d3e09b38494b38185f5b8cf35c964f0c3846bbb29b93727ffee
DIST gnupg-2.4.4.tar.bz2 7886036 BLAKE2B 02661e89f0358be09fa3e71e7235b764a7dbda62a48a0c8c7a4e6c9919c3b37d54ead50b930af58f8f2fdb87861b849d3f3751e95cbedf46bdfd76caa90c4db4 SHA512 3d1a3b08d1ce2319d238d8be96591e418ede1dc0b4ede33a4cc2fe40e9c56d5bbc27b1984736d8a786e7f292ddbc836846a8bdb4bf89f064e953c37cb54b94ef
DIST gnupg-2.4.4.tar.bz2.sig 237 BLAKE2B 6ee5878c36fbec747a6d84a268903749d862aab50dd7f9a389aabbf7b94dec1c424615f520b5f4a6d44e02093e8d9ad0b08d0c6cf6fd8886d8c174ce9faac99c SHA512 3ae7b6833576df851901a7619459b514bb82faeed350c864a57a782719d21f694d9ced5a3445c81dfa584a0302f87fedc660b08ea97bb8b861e76d7c5b46d07f
-EBUILD gnupg-2.2.41.ebuild 5565 BLAKE2B fdb0c920af7a13bd25a23e4ed5e0561f385b49520e737cf3d3a8f6a646fd94ae022245772ef8bcfcc86fcb84c381dd51485ec5457abfdda67998586922a13926 SHA512 9070ca445e56d9b61bec036d7d735de5e18f7247fef9904b1ada678150b7eb588dadf2053fceef6eefafa8eb7de7133fdbf3dede5dacdb623d1ba7d8eb78f43f
-EBUILD gnupg-2.2.42-r1.ebuild 5585 BLAKE2B b93ce0f9bd50af4ca60fd022abd469d7e01128893a284e03d4d58ea30c8931b111cd0bc78136033e6a7c92c1e7bf3e958ac246ee91c306462b91337136975041 SHA512 e5f97fa30968480420ba9f5107ed1db8d6e1112886f81e735a382a61a0945ac0529c7cca891d226818cfc2cf3574f042358eb058e55cd2dc064c46ef04e34bb3
EBUILD gnupg-2.2.42-r2.ebuild 5637 BLAKE2B 8040078c95ebdd98e40bf2f69690bf9c91e6d87c63093e61b8e69ac88a1c9dc061716b4e28a564481166bc0d81b84fce4ff713c3e2a8b11b86b4fd83feb272b3 SHA512 1e551ca82173852d3a4ca39d932ebb8c7d30d464526f806f3a915953e00d03ea9402c9d7b18c5d40b3d3101d6e4347a6b6afe5f37a8c7c77375071b9cd6eafbb
-EBUILD gnupg-2.4.3-r1.ebuild 6201 BLAKE2B 24a6e7d1c0bbbb544487e2bd6b30b052a352b16ef7c1bcaa1587964a4eb883407edc393a0548f7fe2b3ee60257b1dc0bd48cd9c4398fdc6ca228521b5fc8bef7 SHA512 5a084293031b6d186fc948001142d72430dbfca819a61e611c8a268dabf4afe15c25c57f7cd2dde506dc4da05dfe482d5a8e180b46556c90d518c097c057be30
+EBUILD gnupg-2.2.42-r3.ebuild 5715 BLAKE2B 8e39ef7bf81af2a76dc90bdac4e5f0d0e30ef4b7efa10eaed85d043f2a92f445ee1dae3f01985ca48e40504b1555803185e1f49d3dc83a18a26594ff70281aaf SHA512 4e3bbb8a58c56b1c5e7023cea998bdd7fe848eb0f8efd83f1793f4f478964c478a6e74cb9d6bd54c26ba0afa935db057731bf8ce1d98421a8e13959a178d0ac7
EBUILD gnupg-2.4.4-r1.ebuild 5947 BLAKE2B ca571e522650a9ece8bf0bbee5c9c2f19984070eb7853c53707e34b37f1f56460f7fb8795f794cf83a3ba605367f02a244cf3e6352af77ec24d6b8bacc3b854f SHA512 f897b70074118c147f21e56bc1bef8ec0a0e82a97f50f49910127e2286d95409b98445126b8d8c002fa901551fd58298414f0b1c338a1b72c8c052c1773e0052
-EBUILD gnupg-2.4.4.ebuild 6210 BLAKE2B 587a3c4651ca0a71988067b0c41e649614de1459bf504f802f613cb40c9e613763286b6f6156fccd365d0013d536b4e450f95a13f61e709d337cd44755be4e8a SHA512 e3534902f01a42e772c60f4f8e0f5b9e80196f49a12b326321c7a4756614a0f1184ddb173a026601c59ca69fecc3c797212c22a512577e92ba28857afd001419
MISC metadata.xml 1189 BLAKE2B dae783678abfe0bae095970d96d952f591a569debad411708d29a2f128c6a291b73a33ee0b3491a6a5ec44c11f56d33c1531022e0ef9eaad3326c9cd0f79e3fb SHA512 bc7d6a9ceda213c134d9afc527fe0b0c87a4886a171b7a1e1f662f3978fec5e71323bae4c9f3882e1d763d5738446f161265070a8e513a59fa62ef0f792e9fa5
diff --git a/app-crypt/gnupg/files/gnupg-2.2.42-dirmngr-proxy.patch b/app-crypt/gnupg/files/gnupg-2.2.42-dirmngr-proxy.patch
new file mode 100644
index 000000000000..21be675adef4
--- /dev/null
+++ b/app-crypt/gnupg/files/gnupg-2.2.42-dirmngr-proxy.patch
@@ -0,0 +1,156 @@
+https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=d6c428699db7aa20f8b6ca9fe83197a0314b7e91
+https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=c33c4fdf10b7ed9e03f2afe988d93f3085b727aa
+https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=41c022072599bc3f12f659e962653548cd86fa3a
+
+From d6c428699db7aa20f8b6ca9fe83197a0314b7e91 Mon Sep 17 00:00:00 2001
+From: NIIBE Yutaka <gniibe@fsij.org>
+Date: Thu, 15 Feb 2024 15:38:34 +0900
+Subject: [PATCH] dirmngr: Fix proxy with TLS.
+
+* dirmngr/http.c (proxy_get_token, run_proxy_connect): Always
+available regardless of USE_TLS.
+(send_request): Remove USE_TLS.
+
+--
+
+Since quite some time building w/o TLS won't work.
+
+GnuPG-bug-id: 6997
+--- a/dirmngr/http.c
++++ b/dirmngr/http.c
+@@ -2498,9 +2498,7 @@ proxy_get_token (proxy_info_t proxy, const char *inputstring)
+ }
+
+
+-
+ /* Use the CONNECT method to proxy our TLS stream. */
+-#ifdef USE_TLS
+ static gpg_error_t
+ run_proxy_connect (http_t hd, proxy_info_t proxy,
+ const char *httphost, const char *server,
+@@ -2709,7 +2707,6 @@ run_proxy_connect (http_t hd, proxy_info_t proxy,
+ xfree (tmpstr);
+ return err;
+ }
+-#endif /*USE_TLS*/
+
+
+ /* Make a request string using a standard proxy. On success the
+@@ -2866,7 +2863,6 @@ send_request (http_t hd, const char *httphost, const char *auth,
+ goto leave;
+ }
+
+-#if USE_TLS
+ if (use_http_proxy && hd->uri->use_tls)
+ {
+ err = run_proxy_connect (hd, proxy, httphost, server, port);
+@@ -2878,7 +2874,6 @@ send_request (http_t hd, const char *httphost, const char *auth,
+ * clear the flag to indicate this. */
+ use_http_proxy = 0;
+ }
+-#endif /* USE_TLS */
+
+ #if HTTP_USE_NTBTLS
+ err = run_ntbtls_handshake (hd);
+--
+2.30.2
+
+From c33c4fdf10b7ed9e03f2afe988d93f3085b727aa Mon Sep 17 00:00:00 2001
+From: NIIBE Yutaka <gniibe@fsij.org>
+Date: Fri, 16 Feb 2024 11:31:37 +0900
+Subject: [PATCH] dirmngr: Fix the regression of use of proxy for TLS
+ connection.
+
+* dirmngr/http.c (run_proxy_connect): Don't set keep_alive, since it
+causes resource leak of FP_WRITE.
+Don't try to read response body to fix the hang.
+
+--
+
+GnuPG-bug-id: 6997
+Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
+--- a/dirmngr/http.c
++++ b/dirmngr/http.c
+@@ -2520,6 +2520,7 @@ run_proxy_connect (http_t hd, proxy_info_t proxy,
+ * RFC-4559 - SPNEGO-based Kerberos and NTLM HTTP Authentication
+ */
+ auth_basic = !!proxy->uri->auth;
++ hd->keep_alive = 0;
+
+ /* For basic authentication we need to send just one request. */
+ if (auth_basic
+@@ -2541,13 +2542,12 @@ run_proxy_connect (http_t hd, proxy_info_t proxy,
+ httphost ? httphost : server,
+ port,
+ authhdr ? authhdr : "",
+- auth_basic? "" : "Connection: keep-alive\r\n");
++ hd->keep_alive? "Connection: keep-alive\r\n" : "");
+ if (!request)
+ {
+ err = gpg_error_from_syserror ();
+ goto leave;
+ }
+- hd->keep_alive = !auth_basic; /* We may need to send more requests. */
+
+ if (opt_debug || (hd->flags & HTTP_FLAG_LOG_RESP))
+ log_debug_with_string (request, "http.c:proxy:request:");
+@@ -2574,16 +2574,6 @@ run_proxy_connect (http_t hd, proxy_info_t proxy,
+ if (err)
+ goto leave;
+
+- {
+- unsigned long count = 0;
+-
+- while (es_getc (hd->fp_read) != EOF)
+- count++;
+- if (opt_debug)
+- log_debug ("http.c:proxy_connect: skipped %lu bytes of response-body\n",
+- count);
+- }
+-
+ /* Reset state. */
+ es_clearerr (hd->fp_read);
+ ((cookie_t)(hd->read_cookie))->up_to_empty_line = 1;
+--
+2.30.2
+
+From 41c022072599bc3f12f659e962653548cd86fa3a Mon Sep 17 00:00:00 2001
+From: NIIBE Yutaka <gniibe@fsij.org>
+Date: Fri, 16 Feb 2024 16:24:26 +0900
+Subject: [PATCH] dirmngr: Fix keep-alive flag handling.
+
+* dirmngr/http.c (run_proxy_connect): Set KEEP_ALIVE if not Basic
+Authentication. Fix resource leak of FP_WRITE.
+
+--
+
+GnuPG-bug-id: 6997
+Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
+--- a/dirmngr/http.c
++++ b/dirmngr/http.c
+@@ -2520,7 +2520,7 @@ run_proxy_connect (http_t hd, proxy_info_t proxy,
+ * RFC-4559 - SPNEGO-based Kerberos and NTLM HTTP Authentication
+ */
+ auth_basic = !!proxy->uri->auth;
+- hd->keep_alive = 0;
++ hd->keep_alive = !auth_basic; /* We may need to send more requests. */
+
+ /* For basic authentication we need to send just one request. */
+ if (auth_basic
+@@ -2684,6 +2684,14 @@ run_proxy_connect (http_t hd, proxy_info_t proxy,
+ }
+
+ leave:
++ if (hd->keep_alive)
++ {
++ es_fclose (hd->fp_write);
++ hd->fp_write = NULL;
++ /* The close has released the cookie and thus we better set it
++ * to NULL. */
++ hd->write_cookie = NULL;
++ }
+ /* Restore flags, destroy stream, reset state. */
+ hd->flags = saved_flags;
+ es_fclose (hd->fp_read);
+--
+2.30.2
diff --git a/app-crypt/gnupg/files/gnupg-2.2.42-gpgme-tests.patch b/app-crypt/gnupg/files/gnupg-2.2.42-gpgme-tests.patch
new file mode 100644
index 000000000000..f10154b303e5
--- /dev/null
+++ b/app-crypt/gnupg/files/gnupg-2.2.42-gpgme-tests.patch
@@ -0,0 +1,39 @@
+https://bugs.gentoo.org/924386
+https://dev.gnupg.org/T7003
+https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=f50c543326c2eea6b40f548d61cf3a66a077bf54
+
+From f50c543326c2eea6b40f548d61cf3a66a077bf54 Mon Sep 17 00:00:00 2001
+From: NIIBE Yutaka <gniibe@fsij.org>
+Date: Fri, 1 Mar 2024 13:59:43 +0900
+Subject: [PATCH] agent: Allow simple KEYINFO command when restricted.
+
+* agent/command.c (cmd_keyinfo): Only forbid list command.
+
+--
+
+GnuPG-bug-id: 7003
+Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
+--- a/agent/command.c
++++ b/agent/command.c
+@@ -1282,9 +1282,6 @@ cmd_keyinfo (assuan_context_t ctx, char *line)
+ char hexgrip[41];
+ int disabled, ttl, confirm, is_ssh;
+
+- if (ctrl->restricted)
+- return leave_cmd (ctx, gpg_error (GPG_ERR_FORBIDDEN));
+-
+ if (has_option (line, "--ssh-list"))
+ list_mode = 2;
+ else
+@@ -1333,6 +1330,9 @@ cmd_keyinfo (assuan_context_t ctx, char *line)
+ char *dirname;
+ gnupg_dirent_t dir_entry;
+
++ if (ctrl->restricted)
++ return leave_cmd (ctx, gpg_error (GPG_ERR_FORBIDDEN));
++
+ dirname = make_filename_try (gnupg_homedir (),
+ GNUPG_PRIVATE_KEYS_DIR, NULL);
+ if (!dirname)
+--
+2.30.2
diff --git a/app-crypt/gnupg/files/gnupg-2.4.2-fix-emacs.patch b/app-crypt/gnupg/files/gnupg-2.4.2-fix-emacs.patch
deleted file mode 100644
index 2e9141ab579b..000000000000
--- a/app-crypt/gnupg/files/gnupg-2.4.2-fix-emacs.patch
+++ /dev/null
@@ -1,564 +0,0 @@
-https://bugs.gentoo.org/907839
-https://dev.gnupg.org/T6481
-https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=2f872fa68c6576724b9dabee9fb0844266f55d0d
-
-From 2f872fa68c6576724b9dabee9fb0844266f55d0d Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Wed, 24 May 2023 10:36:04 +0900
-Subject: [PATCH] gpg: Report BEGIN_* status before examining the input.
-
-* common/miscellaneous.c (is_openpgp_compressed_packet)
-(is_file_compressed): Moved to ...
-* common/iobuf.c: ... in this file.
-(is_file_compressed): Change the argument to INP, the iobuf.
-* common/util.h (is_file_compressed): Remove.
-* common/iobuf.h (is_file_compressed): Add.
-* g10/cipher-aead.c (write_header): Don't call write_status_printf
-here.
-(cipher_filter_aead): Call write_status_printf when called with
-IOBUFCTRL_INIT.
-* g10/cipher-cfb.c (write_header): Don't call write_status_printf
-here.
-(cipher_filter_cfb): Call write_status_printf when called with
-IOBUFCTRL_INIT.
-* g10/encrypt.c (encrypt_simple): Use new is_file_compressed function,
-after call of iobuf_push_filter.
-(encrypt_crypt): Likewise.
-* g10/sign.c (sign_file): Likewise.
-
---
-
-GnuPG-bug-id: 6481
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
---- a/common/iobuf.c
-+++ b/common/iobuf.c
-@@ -3057,3 +3057,123 @@ iobuf_skip_rest (iobuf_t a, unsigned long n, int partial)
- }
- }
- }
-+
-+
-+/* Check whether (BUF,LEN) is valid header for an OpenPGP compressed
-+ * packet. LEN should be at least 6. */
-+static int
-+is_openpgp_compressed_packet (const unsigned char *buf, size_t len)
-+{
-+ int c, ctb, pkttype;
-+ int lenbytes;
-+
-+ ctb = *buf++; len--;
-+ if (!(ctb & 0x80))
-+ return 0; /* Invalid packet. */
-+
-+ if ((ctb & 0x40)) /* New style (OpenPGP) CTB. */
-+ {
-+ pkttype = (ctb & 0x3f);
-+ if (!len)
-+ return 0; /* Expected first length octet missing. */
-+ c = *buf++; len--;
-+ if (c < 192)
-+ ;
-+ else if (c < 224)
-+ {
-+ if (!len)
-+ return 0; /* Expected second length octet missing. */
-+ }
-+ else if (c == 255)
-+ {
-+ if (len < 4)
-+ return 0; /* Expected length octets missing */
-+ }
-+ }
-+ else /* Old style CTB. */
-+ {
-+ pkttype = (ctb>>2)&0xf;
-+ lenbytes = ((ctb&3)==3)? 0 : (1<<(ctb & 3));
-+ if (len < lenbytes)
-+ return 0; /* Not enough length bytes. */
-+ }
-+
-+ return (pkttype == 8);
-+}
-+
-+
-+/*
-+ * Check if the file is compressed, by peeking the iobuf. You need to
-+ * pass the iobuf with INP. Returns true if the buffer seems to be
-+ * compressed.
-+ */
-+int
-+is_file_compressed (iobuf_t inp)
-+{
-+ int i;
-+ char buf[32];
-+ int buflen;
-+
-+ struct magic_compress_s
-+ {
-+ byte len;
-+ byte extchk;
-+ byte magic[5];
-+ } magic[] =
-+ {
-+ { 3, 0, { 0x42, 0x5a, 0x68, 0x00 } }, /* bzip2 */
-+ { 3, 0, { 0x1f, 0x8b, 0x08, 0x00 } }, /* gzip */
-+ { 4, 0, { 0x50, 0x4b, 0x03, 0x04 } }, /* (pk)zip */
-+ { 5, 0, { '%', 'P', 'D', 'F', '-'} }, /* PDF */
-+ { 4, 1, { 0xff, 0xd8, 0xff, 0xe0 } }, /* Maybe JFIF */
-+ { 5, 2, { 0x89, 'P','N','G', 0x0d} } /* Likely PNG */
-+ };
-+
-+ if (!inp)
-+ return 0;
-+
-+ for ( ; inp->chain; inp = inp->chain )
-+ ;
-+
-+ buflen = iobuf_ioctl (inp, IOBUF_IOCTL_PEEK, sizeof buf, buf);
-+ if (buflen < 0)
-+ {
-+ buflen = 0;
-+ log_debug ("peeking at input failed\n");
-+ }
-+
-+ if ( buflen < 6 )
-+ {
-+ return 0; /* Too short to check - assume uncompressed. */
-+ }
-+
-+ for ( i = 0; i < DIM (magic); i++ )
-+ {
-+ if (!memcmp( buf, magic[i].magic, magic[i].len))
-+ {
-+ switch (magic[i].extchk)
-+ {
-+ case 0:
-+ return 1; /* Is compressed. */
-+ case 1:
-+ if (buflen > 11 && !memcmp (buf + 6, "JFIF", 5))
-+ return 1; /* JFIF: this likely a compressed JPEG. */
-+ break;
-+ case 2:
-+ if (buflen > 8
-+ && buf[5] == 0x0a && buf[6] == 0x1a && buf[7] == 0x0a)
-+ return 1; /* This is a PNG. */
-+ break;
-+ default:
-+ break;
-+ }
-+ }
-+ }
-+
-+ if (buflen >= 6 && is_openpgp_compressed_packet (buf, buflen))
-+ {
-+ return 1; /* Already compressed. */
-+ }
-+
-+ return 0; /* Not detected as compressed. */
-+}
---- a/common/iobuf.h
-+++ b/common/iobuf.h
-@@ -629,6 +629,9 @@ void iobuf_set_partial_body_length_mode (iobuf_t a, size_t len);
- from the following filter (which may or may not return EOF). */
- void iobuf_skip_rest (iobuf_t a, unsigned long n, int partial);
-
-+/* Check if the file is compressed, by peeking the iobuf. */
-+int is_file_compressed (iobuf_t inp);
-+
- #define iobuf_where(a) "[don't know]"
-
- /* Each time a filter is allocated (via iobuf_alloc()), a
---- a/common/miscellaneous.c
-+++ b/common/miscellaneous.c
-@@ -415,112 +415,6 @@ decode_c_string (const char *src)
- }
-
-
--/* Check whether (BUF,LEN) is valid header for an OpenPGP compressed
-- * packet. LEN should be at least 6. */
--static int
--is_openpgp_compressed_packet (const unsigned char *buf, size_t len)
--{
-- int c, ctb, pkttype;
-- int lenbytes;
--
-- ctb = *buf++; len--;
-- if (!(ctb & 0x80))
-- return 0; /* Invalid packet. */
--
-- if ((ctb & 0x40)) /* New style (OpenPGP) CTB. */
-- {
-- pkttype = (ctb & 0x3f);
-- if (!len)
-- return 0; /* Expected first length octet missing. */
-- c = *buf++; len--;
-- if (c < 192)
-- ;
-- else if (c < 224)
-- {
-- if (!len)
-- return 0; /* Expected second length octet missing. */
-- }
-- else if (c == 255)
-- {
-- if (len < 4)
-- return 0; /* Expected length octets missing */
-- }
-- }
-- else /* Old style CTB. */
-- {
-- pkttype = (ctb>>2)&0xf;
-- lenbytes = ((ctb&3)==3)? 0 : (1<<(ctb & 3));
-- if (len < lenbytes)
-- return 0; /* Not enough length bytes. */
-- }
--
-- return (pkttype == 8);
--}
--
--
--
--/*
-- * Check if the file is compressed. You need to pass the first bytes
-- * of the file as (BUF,BUFLEN). Returns true if the buffer seems to
-- * be compressed.
-- */
--int
--is_file_compressed (const byte *buf, unsigned int buflen)
--{
-- int i;
--
-- struct magic_compress_s
-- {
-- byte len;
-- byte extchk;
-- byte magic[5];
-- } magic[] =
-- {
-- { 3, 0, { 0x42, 0x5a, 0x68, 0x00 } }, /* bzip2 */
-- { 3, 0, { 0x1f, 0x8b, 0x08, 0x00 } }, /* gzip */
-- { 4, 0, { 0x50, 0x4b, 0x03, 0x04 } }, /* (pk)zip */
-- { 5, 0, { '%', 'P', 'D', 'F', '-'} }, /* PDF */
-- { 4, 1, { 0xff, 0xd8, 0xff, 0xe0 } }, /* Maybe JFIF */
-- { 5, 2, { 0x89, 'P','N','G', 0x0d} } /* Likely PNG */
-- };
--
-- if ( buflen < 6 )
-- {
-- return 0; /* Too short to check - assume uncompressed. */
-- }
--
-- for ( i = 0; i < DIM (magic); i++ )
-- {
-- if (!memcmp( buf, magic[i].magic, magic[i].len))
-- {
-- switch (magic[i].extchk)
-- {
-- case 0:
-- return 1; /* Is compressed. */
-- case 1:
-- if (buflen > 11 && !memcmp (buf + 6, "JFIF", 5))
-- return 1; /* JFIF: this likely a compressed JPEG. */
-- break;
-- case 2:
-- if (buflen > 8
-- && buf[5] == 0x0a && buf[6] == 0x1a && buf[7] == 0x0a)
-- return 1; /* This is a PNG. */
-- break;
-- default:
-- break;
-- }
-- }
-- }
--
-- if (buflen >= 6 && is_openpgp_compressed_packet (buf, buflen))
-- {
-- return 1; /* Already compressed. */
-- }
--
-- return 0; /* Not detected as compressed. */
--}
--
--
- /* Try match against each substring of multistr, delimited by | */
- int
- match_multistr (const char *multistr,const char *match)
---- a/common/util.h
-+++ b/common/util.h
-@@ -360,8 +360,6 @@ char *try_make_printable_string (const void *p, size_t n, int delim);
- char *make_printable_string (const void *p, size_t n, int delim);
- char *decode_c_string (const char *src);
-
--int is_file_compressed (const byte *buf, unsigned int buflen);
--
- int match_multistr (const char *multistr,const char *match);
-
- int gnupg_compare_version (const char *a, const char *b);
---- a/g10/cipher-aead.c
-+++ b/g10/cipher-aead.c
-@@ -174,8 +174,6 @@ write_header (cipher_filter_context_t *cfx, iobuf_t a)
- log_debug ("aead packet: len=%lu extralen=%d\n",
- (unsigned long)ed.len, ed.extralen);
-
-- write_status_printf (STATUS_BEGIN_ENCRYPTION, "0 %d %d",
-- cfx->dek->algo, ed.aead_algo);
- print_cipher_algo_note (cfx->dek->algo);
-
- if (build_packet( a, &pkt))
-@@ -488,6 +486,11 @@ cipher_filter_aead (void *opaque, int control,
- {
- mem2str (buf, "cipher_filter_aead", *ret_len);
- }
-+ else if (control == IOBUFCTRL_INIT)
-+ {
-+ write_status_printf (STATUS_BEGIN_ENCRYPTION, "0 %d %d",
-+ cfx->dek->algo, cfx->dek->use_aead);
-+ }
-
- return rc;
- }
---- a/g10/cipher-cfb.c
-+++ b/g10/cipher-cfb.c
-@@ -72,9 +72,6 @@ write_header (cipher_filter_context_t *cfx, iobuf_t a)
- log_info (_("Hint: Do not use option %s\n"), "--rfc2440");
- }
-
-- write_status_printf (STATUS_BEGIN_ENCRYPTION, "%d %d",
-- ed.mdc_method, cfx->dek->algo);
--
- init_packet (&pkt);
- pkt.pkttype = cfx->dek->use_mdc? PKT_ENCRYPTED_MDC : PKT_ENCRYPTED;
- pkt.pkt.encrypted = &ed;
-@@ -182,6 +179,12 @@ cipher_filter_cfb (void *opaque, int control,
- {
- mem2str (buf, "cipher_filter_cfb", *ret_len);
- }
-+ else if (control == IOBUFCTRL_INIT)
-+ {
-+ write_status_printf (STATUS_BEGIN_ENCRYPTION, "%d %d",
-+ cfx->dek->use_mdc ? DIGEST_ALGO_SHA1 : 0,
-+ cfx->dek->algo);
-+ }
-
- return rc;
- }
---- a/g10/encrypt.c
-+++ b/g10/encrypt.c
-@@ -410,8 +410,6 @@ encrypt_simple (const char *filename, int mode, int use_seskey)
- text_filter_context_t tfx;
- progress_filter_context_t *pfx;
- int do_compress = !!default_compress_algo();
-- char peekbuf[32];
-- int peekbuflen;
-
- if (!gnupg_rng_is_compliant (opt.compliance))
- {
-@@ -448,14 +446,6 @@ encrypt_simple (const char *filename, int mode, int use_seskey)
- return rc;
- }
-
-- peekbuflen = iobuf_ioctl (inp, IOBUF_IOCTL_PEEK, sizeof peekbuf, peekbuf);
-- if (peekbuflen < 0)
-- {
-- peekbuflen = 0;
-- if (DBG_FILTER)
-- log_debug ("peeking at input failed\n");
-- }
--
- handle_progress (pfx, inp, filename);
-
- if (opt.textmode)
-@@ -517,17 +507,6 @@ encrypt_simple (const char *filename, int mode, int use_seskey)
- /**/ : "CFB");
- }
-
-- if (do_compress
-- && cfx.dek
-- && (cfx.dek->use_mdc || cfx.dek->use_aead)
-- && !opt.explicit_compress_option
-- && is_file_compressed (peekbuf, peekbuflen))
-- {
-- if (opt.verbose)
-- log_info(_("'%s' already compressed\n"), filename? filename: "[stdin]");
-- do_compress = 0;
-- }
--
- if ( rc || (rc = open_outfile (-1, filename, opt.armor? 1:0, 0, &out )))
- {
- iobuf_cancel (inp);
-@@ -598,6 +577,24 @@ encrypt_simple (const char *filename, int mode, int use_seskey)
- else
- filesize = opt.set_filesize ? opt.set_filesize : 0; /* stdin */
-
-+ /* Register the cipher filter. */
-+ if (mode)
-+ iobuf_push_filter (out,
-+ cfx.dek->use_aead? cipher_filter_aead
-+ /**/ : cipher_filter_cfb,
-+ &cfx );
-+
-+ if (do_compress
-+ && cfx.dek
-+ && (cfx.dek->use_mdc || cfx.dek->use_aead)
-+ && !opt.explicit_compress_option
-+ && is_file_compressed (inp))
-+ {
-+ if (opt.verbose)
-+ log_info(_("'%s' already compressed\n"), filename? filename: "[stdin]");
-+ do_compress = 0;
-+ }
-+
- if (!opt.no_literal)
- {
- /* Note that PT has been initialized above in !no_literal mode. */
-@@ -617,13 +614,6 @@ encrypt_simple (const char *filename, int mode, int use_seskey)
- pkt.pkt.generic = NULL;
- }
-
-- /* Register the cipher filter. */
-- if (mode)
-- iobuf_push_filter (out,
-- cfx.dek->use_aead? cipher_filter_aead
-- /**/ : cipher_filter_cfb,
-- &cfx );
--
- /* Register the compress filter. */
- if ( do_compress )
- {
-@@ -783,7 +773,7 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
- PKT_plaintext *pt = NULL;
- DEK *symkey_dek = NULL;
- STRING2KEY *symkey_s2k = NULL;
-- int rc = 0, rc2 = 0;
-+ int rc = 0;
- u32 filesize;
- cipher_filter_context_t cfx;
- armor_filter_context_t *afx = NULL;
-@@ -792,8 +782,6 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
- progress_filter_context_t *pfx;
- PK_LIST pk_list;
- int do_compress;
-- char peekbuf[32];
-- int peekbuflen;
-
- if (filefd != -1 && filename)
- return gpg_error (GPG_ERR_INV_ARG); /* Both given. */
-@@ -866,14 +854,6 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
- if (opt.verbose)
- log_info (_("reading from '%s'\n"), iobuf_get_fname_nonnull (inp));
-
-- peekbuflen = iobuf_ioctl (inp, IOBUF_IOCTL_PEEK, sizeof peekbuf, peekbuf);
-- if (peekbuflen < 0)
-- {
-- peekbuflen = 0;
-- if (DBG_FILTER)
-- log_debug ("peeking at input failed\n");
-- }
--
- handle_progress (pfx, inp, filename);
-
- if (opt.textmode)
-@@ -900,25 +880,6 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
- if (!cfx.dek->use_aead)
- cfx.dek->use_mdc = !!use_mdc (pk_list, cfx.dek->algo);
-
-- /* Only do the is-file-already-compressed check if we are using a
-- * MDC or AEAD. This forces compressed files to be re-compressed if
-- * we do not have a MDC to give some protection against chosen
-- * ciphertext attacks. */
-- if (do_compress
-- && (cfx.dek->use_mdc || cfx.dek->use_aead)
-- && !opt.explicit_compress_option
-- && is_file_compressed (peekbuf, peekbuflen))
-- {
-- if (opt.verbose)
-- log_info(_("'%s' already compressed\n"), filename? filename: "[stdin]");
-- do_compress = 0;
-- }
-- if (rc2)
-- {
-- rc = rc2;
-- goto leave;
-- }
--
- make_session_key (cfx.dek);
- if (DBG_CRYPTO)
- log_printhex (cfx.dek->key, cfx.dek->keylen, "DEK is: ");
-@@ -960,6 +921,26 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
- else
- filesize = opt.set_filesize ? opt.set_filesize : 0; /* stdin */
-
-+ /* Register the cipher filter. */
-+ iobuf_push_filter (out,
-+ cfx.dek->use_aead? cipher_filter_aead
-+ /**/ : cipher_filter_cfb,
-+ &cfx);
-+
-+ /* Only do the is-file-already-compressed check if we are using a
-+ * MDC or AEAD. This forces compressed files to be re-compressed if
-+ * we do not have a MDC to give some protection against chosen
-+ * ciphertext attacks. */
-+ if (do_compress
-+ && (cfx.dek->use_mdc || cfx.dek->use_aead)
-+ && !opt.explicit_compress_option
-+ && is_file_compressed (inp))
-+ {
-+ if (opt.verbose)
-+ log_info(_("'%s' already compressed\n"), filename? filename: "[stdin]");
-+ do_compress = 0;
-+ }
-+
- if (!opt.no_literal)
- {
- pt->timestamp = make_timestamp();
-@@ -974,12 +955,6 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
- else
- cfx.datalen = filesize && !do_compress ? filesize : 0;
-
-- /* Register the cipher filter. */
-- iobuf_push_filter (out,
-- cfx.dek->use_aead? cipher_filter_aead
-- /**/ : cipher_filter_cfb,
-- &cfx);
--
- /* Register the compress filter. */
- if (do_compress)
- {
---- a/g10/sign.c
-+++ b/g10/sign.c
-@@ -1035,9 +1035,6 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr,
- int multifile = 0;
- u32 duration=0;
- pt_extra_hash_data_t extrahash = NULL;
-- char peekbuf[32];
-- int peekbuflen = 0;
--
-
- pfx = new_progress_context ();
- afx = new_armor_context ();
-@@ -1096,14 +1093,6 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr,
- goto leave;
- }
-
-- peekbuflen = iobuf_ioctl (inp, IOBUF_IOCTL_PEEK, sizeof peekbuf, peekbuf);
-- if (peekbuflen < 0)
-- {
-- peekbuflen = 0;
-- if (DBG_FILTER)
-- log_debug ("peeking at input failed\n");
-- }
--
- handle_progress (pfx, inp, fname);
- }
-
-@@ -1261,7 +1250,7 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr,
- int compr_algo = opt.compress_algo;
-
- if (!opt.explicit_compress_option
-- && is_file_compressed (peekbuf, peekbuflen))
-+ && is_file_compressed (inp))
- {
- if (opt.verbose)
- log_info(_("'%s' already compressed\n"), fname? fname: "[stdin]");
---
-2.11.0
diff --git a/app-crypt/gnupg/files/gnupg-2.4.3-no-ldap.patch b/app-crypt/gnupg/files/gnupg-2.4.3-no-ldap.patch
deleted file mode 100644
index 06d4221488e9..000000000000
--- a/app-crypt/gnupg/files/gnupg-2.4.3-no-ldap.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-https://dev.gnupg.org/T6579
-https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=dc13361524c1477b2106c7385f2059f9ea111b84
-
-From dc13361524c1477b2106c7385f2059f9ea111b84 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Wed, 5 Jul 2023 09:29:54 +0900
-Subject: [PATCH] dirmngr: Enable the call of ks_ldap_help_variables when
- USE_LDAP.
-
-* dirmngr/server.c [USE_LDAP] (cmd_ad_query): Conditionalize.
-
---
-
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
---- a/dirmngr/server.c
-+++ b/dirmngr/server.c
-@@ -2776,7 +2776,9 @@ cmd_ad_query (assuan_context_t ctx, char *line)
-
- if (opt_help)
- {
-+#if USE_LDAP
- ks_ldap_help_variables (ctrl);
-+#endif
- err = 0;
- goto leave;
- }
---
-2.11.0
diff --git a/app-crypt/gnupg/gnupg-2.2.41.ebuild b/app-crypt/gnupg/gnupg-2.2.41.ebuild
deleted file mode 100644
index 423a1aa2bb01..000000000000
--- a/app-crypt/gnupg/gnupg-2.2.41.ebuild
+++ /dev/null
@@ -1,179 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-# Maintainers should:
-# 1. Join the "Gentoo" project at https://dev.gnupg.org/project/view/27/
-# 2. Subscribe to release tasks like https://dev.gnupg.org/T6159
-# (find the one for the current release then subscribe to it +
-# any subsequent ones linked within so you're covered for a while.)
-
-VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/gnupg.asc
-# in-source builds are not supported: https://dev.gnupg.org/T6313#166339
-inherit flag-o-matic out-of-source multiprocessing systemd toolchain-funcs verify-sig
-
-MY_P="${P/_/-}"
-
-DESCRIPTION="The GNU Privacy Guard, a GPL OpenPGP implementation"
-HOMEPAGE="https://gnupg.org/"
-SRC_URI="mirror://gnupg/gnupg/${MY_P}.tar.bz2"
-SRC_URI+=" verify-sig? ( mirror://gnupg/gnupg/${P}.tar.bz2.sig )"
-S="${WORKDIR}/${MY_P}"
-
-LICENSE="GPL-3+"
-SLOT="0"
-KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
-IUSE="bzip2 doc ldap nls readline selinux +smartcard ssl test tofu tools usb user-socket wks-server"
-RESTRICT="!test? ( test )"
-
-# Existence of executables is checked during configuration.
-# Note: On each bump, update dep bounds on each version from configure.ac!
-DEPEND="
- >=dev-libs/libassuan-2.5.0
- >=dev-libs/libgcrypt-1.8.0:=
- >=dev-libs/libgpg-error-1.38
- >=dev-libs/libksba-1.3.5
- >=dev-libs/npth-1.2
- >=net-misc/curl-7.10
- sys-libs/zlib
- bzip2? ( app-arch/bzip2 )
- ldap? ( net-nds/openldap:= )
- readline? ( sys-libs/readline:= )
- smartcard? ( usb? ( virtual/libusb:1 ) )
- ssl? ( >=net-libs/gnutls-3.0:= )
- tofu? ( >=dev-db/sqlite-3.7 )
-"
-RDEPEND="
- ${DEPEND}
- app-crypt/pinentry
- nls? ( virtual/libintl )
- selinux? ( sec-policy/selinux-gpg )
- wks-server? ( virtual/mta )
-"
-BDEPEND="
- virtual/pkgconfig
- doc? ( sys-apps/texinfo )
- nls? ( sys-devel/gettext )
- verify-sig? ( sec-keys/openpgp-keys-gnupg )
-"
-
-DOCS=(
- ChangeLog NEWS README THANKS TODO VERSION
- doc/FAQ doc/DETAILS doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER
-)
-
-PATCHES=(
- "${FILESDIR}"/${PN}-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch
-)
-
-src_prepare() {
- default
-
- # Inject SSH_AUTH_SOCK into user's sessions after enabling gpg-agent-ssh.socket in systemctl --user mode,
- # idea borrowed from libdbus, see
- # https://gitlab.freedesktop.org/dbus/dbus/-/blob/master/bus/systemd-user/dbus.socket.in#L6
- #
- # This cannot be upstreamed, as it requires determining the exact prefix of 'systemctl',
- # which in turn requires discovery in Autoconf, something that upstream deeply resents.
- sed -e "/DirectoryMode=/a ExecStartPost=-${EPREFIX}/bin/systemctl --user set-environment SSH_AUTH_SOCK=%t/gnupg/S.gpg-agent.ssh" \
- -i doc/examples/systemd-user/gpg-agent-ssh.socket || die
-}
-
-my_src_configure() {
- # Upstream don't support LTO, bug #854222.
- filter-lto
-
- local myconf=(
- $(use_enable bzip2)
- $(use_enable nls)
- $(use_enable smartcard scdaemon)
- $(use_enable ssl gnutls)
- $(use_enable test all-tests)
- $(use_enable test tests)
- $(use_enable tofu)
- $(use smartcard && use_enable usb ccid-driver || echo '--disable-ccid-driver')
- $(use_enable wks-server wks-tools)
- $(use_with ldap)
- $(use_with readline)
-
- # Hardcode mailprog to /usr/libexec/sendmail even if it does not exist.
- # As of GnuPG 2.3, the mailprog substitution is used for the binary called
- # by wks-client & wks-server; and if it's autodetected but not not exist at
- # build time, then then 'gpg-wks-client --send' functionality will not
- # work. This has an unwanted side-effect in stage3 builds: there was a
- # [R]DEPEND on virtual/mta, which also brought in virtual/logger, bloating
- # the build where the install guide previously make the user chose the
- # logger & mta early in the install.
- --with-mailprog=/usr/libexec/sendmail
-
- --disable-ntbtls
- --enable-gpg
- --enable-gpgsm
- --enable-large-secmem
-
- CC_FOR_BUILD="$(tc-getBUILD_CC)"
- GPG_ERROR_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-gpg-error-config"
- KSBA_CONFIG="${ESYSROOT}/usr/bin/ksba-config"
- LIBASSUAN_CONFIG="${ESYSROOT}/usr/bin/libassuan-config"
- LIBGCRYPT_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-libgcrypt-config"
- NPTH_CONFIG="${ESYSROOT}/usr/bin/npth-config"
-
- $("${S}/configure" --help | grep -o -- '--without-.*-prefix')
- )
-
- if use prefix && use usb; then
- # bug #649598
- append-cppflags -I"${ESYSROOT}/usr/include/libusb-1.0"
- fi
-
- # bug #663142
- if use user-socket; then
- myconf+=( --enable-run-gnupg-user-socket )
- fi
-
- # glib fails and picks up clang's internal stdint.h causing weird errors
- tc-is-clang && export gl_cv_absolute_stdint_h="${ESYSROOT}"/usr/include/stdint.h
-
- econf "${myconf[@]}"
-}
-
-my_src_compile() {
- default
-
- use doc && emake -C doc html
-}
-
-my_src_test() {
- export TESTFLAGS="--parallel=$(makeopts_jobs)"
-
- default
-}
-
-my_src_install() {
- emake DESTDIR="${D}" install
-
- use tools && dobin \
- tools/{gpg-zip,gpgconf,gpgsplit,gpg-check-pattern} \
- tools/make-dns-cert
-
- dosym gpg /usr/bin/gpg2
- dosym gpgv /usr/bin/gpgv2
- echo ".so man1/gpg.1" > "${ED}"/usr/share/man/man1/gpg2.1 || die
- echo ".so man1/gpgv.1" > "${ED}"/usr/share/man/man1/gpgv2.1 || die
-
- dodir /etc/env.d
- echo "CONFIG_PROTECT=/usr/share/gnupg/qualified.txt" >> "${ED}"/etc/env.d/30gnupg || die
-
- use doc && dodoc doc/gnupg.html/*
-}
-
-my_src_install_all() {
- einstalldocs
-
- use tools && dobin tools/{convert-from-106,mail-signed-keys,lspgpot}
-
- use doc && dodoc doc/*.png
-
- systemd_douserunit doc/examples/systemd-user/*.{service,socket}
-}
diff --git a/app-crypt/gnupg/gnupg-2.2.42-r1.ebuild b/app-crypt/gnupg/gnupg-2.2.42-r3.ebuild
index 2038d73aa7f2..dcb738d1d5ba 100644
--- a/app-crypt/gnupg/gnupg-2.2.42-r1.ebuild
+++ b/app-crypt/gnupg/gnupg-2.2.42-r3.ebuild
@@ -67,6 +67,9 @@ DOCS=(
PATCHES=(
"${FILESDIR}"/${PN}-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch
+ "${FILESDIR}"/${P}-bug923248-insecure-backup.patch
+ "${FILESDIR}"/${P}-dirmngr-proxy.patch
+ "${FILESDIR}"/${P}-gpgme-tests.patch
)
src_prepare() {
diff --git a/app-crypt/gnupg/gnupg-2.4.3-r1.ebuild b/app-crypt/gnupg/gnupg-2.4.3-r1.ebuild
deleted file mode 100644
index 48e3b7e762e4..000000000000
--- a/app-crypt/gnupg/gnupg-2.4.3-r1.ebuild
+++ /dev/null
@@ -1,198 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-# Maintainers should:
-# 1. Join the "Gentoo" project at https://dev.gnupg.org/project/view/27/
-# 2. Subscribe to release tasks like https://dev.gnupg.org/T6159
-# (find the one for the current release then subscribe to it +
-# any subsequent ones linked within so you're covered for a while.)
-
-VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/gnupg.asc
-# in-source builds are not supported: https://dev.gnupg.org/T6313#166339
-inherit flag-o-matic out-of-source multiprocessing systemd toolchain-funcs verify-sig
-
-MY_P="${P/_/-}"
-
-DESCRIPTION="The GNU Privacy Guard, a GPL OpenPGP implementation"
-HOMEPAGE="https://gnupg.org/"
-SRC_URI="mirror://gnupg/gnupg/${MY_P}.tar.bz2"
-SRC_URI+=" verify-sig? ( mirror://gnupg/gnupg/${P}.tar.bz2.sig )"
-S="${WORKDIR}/${MY_P}"
-
-LICENSE="GPL-3+"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
-IUSE="bzip2 doc ldap nls readline selinux +smartcard ssl test +tofu tpm tools usb user-socket wks-server"
-RESTRICT="!test? ( test )"
-REQUIRED_USE="test? ( tofu )"
-
-# Existence of executables is checked during configuration.
-# Note: On each bump, update dep bounds on each version from configure.ac!
-DEPEND="
- >=dev-libs/libassuan-2.5.0
- >=dev-libs/libgcrypt-1.9.1:=
- >=dev-libs/libgpg-error-1.46
- >=dev-libs/libksba-1.6.3
- >=dev-libs/npth-1.2
- >=net-misc/curl-7.10
- sys-libs/zlib
- bzip2? ( app-arch/bzip2 )
- ldap? ( net-nds/openldap:= )
- readline? ( sys-libs/readline:0= )
- smartcard? ( usb? ( virtual/libusb:1 ) )
- tofu? ( >=dev-db/sqlite-3.27 )
- tpm? ( >=app-crypt/tpm2-tss-2.4.0:= )
- ssl? ( >=net-libs/gnutls-3.0:0= )
-"
-RDEPEND="
- ${DEPEND}
- nls? ( virtual/libintl )
- selinux? ( sec-policy/selinux-gpg )
- wks-server? ( virtual/mta )
-"
-PDEPEND="
- app-crypt/pinentry
-"
-BDEPEND="
- virtual/pkgconfig
- doc? ( sys-apps/texinfo )
- nls? ( sys-devel/gettext )
- verify-sig? ( sec-keys/openpgp-keys-gnupg )
-"
-
-DOCS=(
- ChangeLog NEWS README THANKS TODO VERSION
- doc/FAQ doc/DETAILS doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER
-)
-
-PATCHES=(
- "${FILESDIR}"/${PN}-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch
- "${FILESDIR}"/${PN}-2.4.2-fix-emacs.patch
- "${FILESDIR}"/${P}-no-ldap.patch
-)
-
-src_prepare() {
- default
-
- GNUPG_SYSTEMD_UNITS=(
- dirmngr.service
- dirmngr.socket
- gpg-agent-browser.socket
- gpg-agent-extra.socket
- gpg-agent.service
- gpg-agent.socket
- gpg-agent-ssh.socket
- )
-
- cp "${GNUPG_SYSTEMD_UNITS[@]/#/${FILESDIR}/}" "${T}" || die
-
- # Inject SSH_AUTH_SOCK into user's sessions after enabling gpg-agent-ssh.socket in systemctl --user mode,
- # idea borrowed from libdbus, see
- # https://gitlab.freedesktop.org/dbus/dbus/-/blob/master/bus/systemd-user/dbus.socket.in#L6
- #
- # This cannot be upstreamed, as it requires determining the exact prefix of 'systemctl',
- # which in turn requires discovery in Autoconf, something that upstream deeply resents.
- sed -e "/DirectoryMode=/a ExecStartPost=-${EPREFIX}/bin/systemctl --user set-environment SSH_AUTH_SOCK=%t/gnupg/S.gpg-agent.ssh" \
- -i "${T}"/gpg-agent-ssh.socket || die
-}
-
-my_src_configure() {
- # Upstream don't support LTO, bug #854222.
- filter-lto
-
- local myconf=(
- $(use_enable bzip2)
- $(use_enable nls)
- $(use_enable smartcard scdaemon)
- $(use_enable ssl gnutls)
- $(use_enable test all-tests)
- $(use_enable test tests)
- $(use_enable tofu)
- $(use_enable tofu keyboxd)
- $(use_enable tofu sqlite)
- $(usex tpm '--with-tss=intel' '--disable-tpm2d')
- $(use smartcard && use_enable usb ccid-driver || echo '--disable-ccid-driver')
- $(use_enable wks-server wks-tools)
- $(use_with ldap)
- $(use_with readline)
-
- # Hardcode mailprog to /usr/libexec/sendmail even if it does not exist.
- # As of GnuPG 2.3, the mailprog substitution is used for the binary called
- # by wks-client & wks-server; and if it's autodetected but not not exist at
- # build time, then then 'gpg-wks-client --send' functionality will not
- # work. This has an unwanted side-effect in stage3 builds: there was a
- # [R]DEPEND on virtual/mta, which also brought in virtual/logger, bloating
- # the build where the install guide previously make the user chose the
- # logger & mta early in the install.
- --with-mailprog=/usr/libexec/sendmail
-
- --disable-ntbtls
- --enable-gpgsm
- --enable-large-secmem
-
- CC_FOR_BUILD="$(tc-getBUILD_CC)"
- GPG_ERROR_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-gpg-error-config"
- KSBA_CONFIG="${ESYSROOT}/usr/bin/ksba-config"
- LIBASSUAN_CONFIG="${ESYSROOT}/usr/bin/libassuan-config"
- LIBGCRYPT_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-libgcrypt-config"
- NPTH_CONFIG="${ESYSROOT}/usr/bin/npth-config"
-
- $("${S}/configure" --help | grep -o -- '--without-.*-prefix')
- )
-
- if use prefix && use usb; then
- # bug #649598
- append-cppflags -I"${ESYSROOT}/usr/include/libusb-1.0"
- fi
-
- # bug #663142
- if use user-socket; then
- myconf+=( --enable-run-gnupg-user-socket )
- fi
-
- # glib fails and picks up clang's internal stdint.h causing weird errors
- tc-is-clang && export gl_cv_absolute_stdint_h="${ESYSROOT}"/usr/include/stdint.h
-
- econf "${myconf[@]}"
-}
-
-my_src_compile() {
- default
-
- use doc && emake -C doc html
-}
-
-my_src_test() {
- export TESTFLAGS="--parallel=$(makeopts_jobs)"
-
- default
-}
-
-my_src_install() {
- emake DESTDIR="${D}" install
-
- use tools && dobin tools/{gpgconf,gpgsplit,gpg-check-pattern} tools/make-dns-cert
-
- dosym gpg /usr/bin/gpg2
- dosym gpgv /usr/bin/gpgv2
- echo ".so man1/gpg.1" > "${ED}"/usr/share/man/man1/gpg2.1 || die
- echo ".so man1/gpgv.1" > "${ED}"/usr/share/man/man1/gpgv2.1 || die
-
- dodir /etc/env.d
- echo "CONFIG_PROTECT=/usr/share/gnupg/qualified.txt" >> "${ED}"/etc/env.d/30gnupg || die
-
- use doc && dodoc doc/gnupg.html/*
-}
-
-my_src_install_all() {
- einstalldocs
-
- use tools && dobin tools/{convert-from-106,mail-signed-keys,lspgpot}
- use doc && dodoc doc/*.png
-
- # Dropped upstream in https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff;h=eae28f1bd4a5632e8f8e85b7248d1c4d4a10a5ed.
- dodoc "${FILESDIR}"/README-systemd
- systemd_douserunit "${GNUPG_SYSTEMD_UNITS[@]/#/${T}/}"
-}
diff --git a/app-crypt/gnupg/gnupg-2.4.4.ebuild b/app-crypt/gnupg/gnupg-2.4.4.ebuild
deleted file mode 100644
index f01cb0b88152..000000000000
--- a/app-crypt/gnupg/gnupg-2.4.4.ebuild
+++ /dev/null
@@ -1,198 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-# Maintainers should:
-# 1. Join the "Gentoo" project at https://dev.gnupg.org/project/view/27/
-# 2. Subscribe to release tasks like https://dev.gnupg.org/T6159
-# (find the one for the current release then subscribe to it +
-# any subsequent ones linked within so you're covered for a while.)
-
-VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/gnupg.asc
-# in-source builds are not supported: https://dev.gnupg.org/T6313#166339
-inherit flag-o-matic out-of-source multiprocessing systemd toolchain-funcs verify-sig
-
-MY_P="${P/_/-}"
-
-DESCRIPTION="The GNU Privacy Guard, a GPL OpenPGP implementation"
-HOMEPAGE="https://gnupg.org/"
-SRC_URI="mirror://gnupg/gnupg/${MY_P}.tar.bz2"
-SRC_URI+=" verify-sig? ( mirror://gnupg/gnupg/${P}.tar.bz2.sig )"
-S="${WORKDIR}/${MY_P}"
-
-LICENSE="GPL-3+"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
-IUSE="bzip2 doc ldap nls readline selinux +smartcard ssl test +tofu tpm tools usb user-socket wks-server"
-RESTRICT="!test? ( test )"
-REQUIRED_USE="test? ( tofu )"
-
-# Existence of executables is checked during configuration.
-# Note: On each bump, update dep bounds on each version from configure.ac!
-DEPEND="
- >=dev-libs/libassuan-2.5.0
- >=dev-libs/libgcrypt-1.9.1:=
- >=dev-libs/libgpg-error-1.46
- >=dev-libs/libksba-1.6.3
- >=dev-libs/npth-1.2
- >=net-misc/curl-7.10
- sys-libs/zlib
- bzip2? ( app-arch/bzip2 )
- ldap? ( net-nds/openldap:= )
- readline? ( sys-libs/readline:0= )
- smartcard? ( usb? ( virtual/libusb:1 ) )
- tofu? ( >=dev-db/sqlite-3.27 )
- tpm? ( >=app-crypt/tpm2-tss-2.4.0:= )
- ssl? ( >=net-libs/gnutls-3.2:0= )
-"
-RDEPEND="
- ${DEPEND}
- nls? ( virtual/libintl )
- selinux? ( sec-policy/selinux-gpg )
- wks-server? ( virtual/mta )
-"
-PDEPEND="
- app-crypt/pinentry
-"
-BDEPEND="
- virtual/pkgconfig
- doc? ( sys-apps/texinfo )
- nls? ( sys-devel/gettext )
- verify-sig? ( sec-keys/openpgp-keys-gnupg )
-"
-
-DOCS=(
- ChangeLog NEWS README THANKS TODO VERSION
- doc/FAQ doc/DETAILS doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER
-)
-
-PATCHES=(
- "${FILESDIR}"/${PN}-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch
- #"${FILESDIR}"/${PN}-2.4.2-fix-emacs.patch
- #"${FILESDIR}"/${PN}-2.4.3-no-ldap.patch
-)
-
-src_prepare() {
- default
-
- GNUPG_SYSTEMD_UNITS=(
- dirmngr.service
- dirmngr.socket
- gpg-agent-browser.socket
- gpg-agent-extra.socket
- gpg-agent.service
- gpg-agent.socket
- gpg-agent-ssh.socket
- )
-
- cp "${GNUPG_SYSTEMD_UNITS[@]/#/${FILESDIR}/}" "${T}" || die
-
- # Inject SSH_AUTH_SOCK into user's sessions after enabling gpg-agent-ssh.socket in systemctl --user mode,
- # idea borrowed from libdbus, see
- # https://gitlab.freedesktop.org/dbus/dbus/-/blob/master/bus/systemd-user/dbus.socket.in#L6
- #
- # This cannot be upstreamed, as it requires determining the exact prefix of 'systemctl',
- # which in turn requires discovery in Autoconf, something that upstream deeply resents.
- sed -e "/DirectoryMode=/a ExecStartPost=-${EPREFIX}/bin/systemctl --user set-environment SSH_AUTH_SOCK=%t/gnupg/S.gpg-agent.ssh" \
- -i "${T}"/gpg-agent-ssh.socket || die
-}
-
-my_src_configure() {
- # Upstream don't support LTO, bug #854222.
- filter-lto
-
- local myconf=(
- $(use_enable bzip2)
- $(use_enable nls)
- $(use_enable smartcard scdaemon)
- $(use_enable ssl gnutls)
- $(use_enable test all-tests)
- $(use_enable test tests)
- $(use_enable tofu)
- $(use_enable tofu keyboxd)
- $(use_enable tofu sqlite)
- $(usex tpm '--with-tss=intel' '--disable-tpm2d')
- $(use smartcard && use_enable usb ccid-driver || echo '--disable-ccid-driver')
- $(use_enable wks-server wks-tools)
- $(use_with ldap)
- $(use_with readline)
-
- # Hardcode mailprog to /usr/libexec/sendmail even if it does not exist.
- # As of GnuPG 2.3, the mailprog substitution is used for the binary called
- # by wks-client & wks-server; and if it's autodetected but not not exist at
- # build time, then then 'gpg-wks-client --send' functionality will not
- # work. This has an unwanted side-effect in stage3 builds: there was a
- # [R]DEPEND on virtual/mta, which also brought in virtual/logger, bloating
- # the build where the install guide previously make the user chose the
- # logger & mta early in the install.
- --with-mailprog=/usr/libexec/sendmail
-
- --disable-ntbtls
- --enable-gpgsm
- --enable-large-secmem
-
- CC_FOR_BUILD="$(tc-getBUILD_CC)"
- GPG_ERROR_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-gpg-error-config"
- KSBA_CONFIG="${ESYSROOT}/usr/bin/ksba-config"
- LIBASSUAN_CONFIG="${ESYSROOT}/usr/bin/libassuan-config"
- LIBGCRYPT_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-libgcrypt-config"
- NPTH_CONFIG="${ESYSROOT}/usr/bin/npth-config"
-
- $("${S}/configure" --help | grep -o -- '--without-.*-prefix')
- )
-
- if use prefix && use usb; then
- # bug #649598
- append-cppflags -I"${ESYSROOT}/usr/include/libusb-1.0"
- fi
-
- # bug #663142
- if use user-socket; then
- myconf+=( --enable-run-gnupg-user-socket )
- fi
-
- # glib fails and picks up clang's internal stdint.h causing weird errors
- tc-is-clang && export gl_cv_absolute_stdint_h="${ESYSROOT}"/usr/include/stdint.h
-
- econf "${myconf[@]}"
-}
-
-my_src_compile() {
- default
-
- use doc && emake -C doc html
-}
-
-my_src_test() {
- export TESTFLAGS="--parallel=$(makeopts_jobs)"
-
- default
-}
-
-my_src_install() {
- emake DESTDIR="${D}" install
-
- use tools && dobin tools/{gpgconf,gpgsplit,gpg-check-pattern} tools/make-dns-cert
-
- dosym gpg /usr/bin/gpg2
- dosym gpgv /usr/bin/gpgv2
- echo ".so man1/gpg.1" > "${ED}"/usr/share/man/man1/gpg2.1 || die
- echo ".so man1/gpgv.1" > "${ED}"/usr/share/man/man1/gpgv2.1 || die
-
- dodir /etc/env.d
- echo "CONFIG_PROTECT=/usr/share/gnupg/qualified.txt" >> "${ED}"/etc/env.d/30gnupg || die
-
- use doc && dodoc doc/gnupg.html/*
-}
-
-my_src_install_all() {
- einstalldocs
-
- use tools && dobin tools/{convert-from-106,mail-signed-keys,lspgpot}
- use doc && dodoc doc/*.png
-
- # Dropped upstream in https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff;h=eae28f1bd4a5632e8f8e85b7248d1c4d4a10a5ed.
- dodoc "${FILESDIR}"/README-systemd
- systemd_douserunit "${GNUPG_SYSTEMD_UNITS[@]/#/${T}/}"
-}