From 67e5603b2844a6657dd0438fa26626b013e5567f Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Mon, 24 Jun 2024 00:11:52 +0100 Subject: gentoo auto-resync : 24:06:2024 - 00:11:52 --- app-crypt/gnupg/Manifest | 11 +- .../gnupg/files/gnupg-2.4.4-dirmngr-proxy.patch | 202 --------------------- app-crypt/gnupg/gnupg-2.2.42-r2.ebuild | 182 ------------------- app-crypt/gnupg/gnupg-2.2.42-r3.ebuild | 184 ------------------- app-crypt/gnupg/gnupg-2.2.42-r4.ebuild | 184 +++++++++++++++++++ app-crypt/gnupg/gnupg-2.2.43-r1.ebuild | 181 ++++++++++++++++++ app-crypt/gnupg/gnupg-2.2.43.ebuild | 181 ------------------ app-crypt/gnupg/gnupg-2.4.4-r1.ebuild | 193 -------------------- app-crypt/gnupg/gnupg-2.4.5-r1.ebuild | 192 ++++++++++++++++++++ app-crypt/gnupg/gnupg-2.4.5.ebuild | 192 -------------------- 10 files changed, 560 insertions(+), 1142 deletions(-) delete mode 100644 app-crypt/gnupg/files/gnupg-2.4.4-dirmngr-proxy.patch delete mode 100644 app-crypt/gnupg/gnupg-2.2.42-r2.ebuild delete mode 100644 app-crypt/gnupg/gnupg-2.2.42-r3.ebuild create mode 100644 app-crypt/gnupg/gnupg-2.2.42-r4.ebuild create mode 100644 app-crypt/gnupg/gnupg-2.2.43-r1.ebuild delete mode 100644 app-crypt/gnupg/gnupg-2.2.43.ebuild delete mode 100644 app-crypt/gnupg/gnupg-2.4.4-r1.ebuild create mode 100644 app-crypt/gnupg/gnupg-2.4.5-r1.ebuild delete mode 100644 app-crypt/gnupg/gnupg-2.4.5.ebuild (limited to 'app-crypt/gnupg') diff --git a/app-crypt/gnupg/Manifest b/app-crypt/gnupg/Manifest index b7ea6ac91ed9..832931f915e3 100644 --- a/app-crypt/gnupg/Manifest +++ b/app-crypt/gnupg/Manifest @@ -5,7 +5,6 @@ AUX gnupg-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch 1048 AUX gnupg-2.2.42-bug923248-insecure-backup.patch 12385 BLAKE2B af374b2038a6d8628922e433f26dee2cc66c9e031d871947e2a44586cf2183d8a7bc365f1f0cc0cde552eb176d5f580b3aaab5e4a551d0652f10096c5150aa43 SHA512 1dc123f120d95ae77b52b3869bf7abfcaf0cfbfe732f691663b472a6e9bdd20502280527585dda81da4bd03e8194bdd5e72cc2111f24ccf2ce9e476fe474d4cf AUX gnupg-2.2.42-dirmngr-proxy.patch 4882 BLAKE2B 1dbe7221ce82024d93cb7e41cb675cd4f159e34f26126cf7ce56e59115548919c3df4b38ff017540734886af3bc516307f92cb66c3b0aa66ce0181215422e516 SHA512 fa920e0d16da4bb689664a0a7d1e851317be387e9acdc7bf79970195408e498452e8c19eb548e3397aa147a1881af1ad1e9689e40046f3ce3ea81654d6e0d2c7 AUX gnupg-2.2.42-gpgme-tests.patch 1214 BLAKE2B f83ed690099a7151d9b8144a112c14a809e120309ebb2283bf835e37c91e18566e3d6f1b7f8d6fbd5977424a19110923196a6495f22cddfa5cc6893be6c3b720 SHA512 1fb8767b06ab1d32711275c1efca47b802cc58e7f0b04d754f3b4138e81b4bb011965e9919b3e24d3b20046b31df3f615770054a98bc61971257bd7f77bbc184 -AUX gnupg-2.4.4-dirmngr-proxy.patch 6301 BLAKE2B aa69f47d57569e64a75814c1a20964376c33e3ea2873d76295df5e8303cc0c966cc490fbba4f98a86aa392aeb57905605c1a3c2617992826e30a4450873726b9 SHA512 ee49aa5dd8be2d5b4b46ba26e450c797f65609decbf7cc267e82cf809352694d5358df7ee19752d8a4e2024428578370c7ca983da0eac7787b537c6a8cad854d AUX gpg-agent-browser.socket 298 BLAKE2B 0b08e5e60ced5e09a485506a52c1da35ed6e557fc36021d0c5f5f1ade19e7dd1d67096110eebe7955246eea53f21b2bdc3ab9f3a660ed8be90ab609ce7126008 SHA512 8dfdd132f991be23aa29ea36d2cfbfd36cdd5c3f7243636fb82ee99e5a427eccbdec69d51732ad78b9592a307eb2a0044c413635e03a6cadc94b7719388b86a7 AUX gpg-agent-extra.socket 281 BLAKE2B 2b8edd4454fece75535e84a2ee7daffa764395a99fbfbcc1d17673220795955b4bd62a447776cbe8a2b1a790da9104465c15f47ae0ea3c5d20514cf93db27922 SHA512 b0bfa5c7ecdb541684c56938f97660fd9efce7df2ec6bdf8de95cca9ed90323a7ca796c3e886fc081b11eeff1c2632e6c20ddcbf23e14286993fa8ff0ba08804 AUX gpg-agent-ssh.socket 308 BLAKE2B bacd09131082ee4bd440568b68065fb148c90a620e6628796bb9f3a2957a13860d15ce548e39ce10bc8749ebeabd7dcd0e893db49df295c9126078fc3de76619 SHA512 202bc5c9c7f9c4e97f53626c906ea455d6d4497cc03272c52f7b653cb5d5dc23850b85f939b88d04bbe70e309ad007415401298c9d04cb9b60329ad9e550e93d @@ -15,13 +14,9 @@ DIST gnupg-2.2.42.tar.bz2 7434291 BLAKE2B 5f7f01f31949e5258d638fbff81fa641e5c167 DIST gnupg-2.2.42.tar.bz2.sig 238 BLAKE2B 251ad0a832042ceb93b0edfda8652104bfb463e291322f22f0ab0d9b35606c3589be7a6f3e9e2aac8f6ac368a7d11840ab83b29997587dc65685de9f2dec3fee SHA512 7073bfc920c571680a1de57b4e6cd83cde24ccb3b5f592602b0c32fd762eef497027b08745044c9f41130ca99bb7ec77222568c2d0a1099d3c1c15137e0221d7 DIST gnupg-2.2.43.tar.bz2 7435426 BLAKE2B ddf5c89d317e6ce8d1a5348f0ef81ffa1c61c995ddb312b28410f04502b01eae307cd943bee7182d28d4efccac394c91053f8e33756b00166bf66b2bf4a791a7 SHA512 0d2e733b6659c116c043db5252de4de33d6a70c16172d1fe9b779ba413ba9fcb64bbfdcc4686d0e87904561fc62d1aa765144e0586957a500287c175ee37bd49 DIST gnupg-2.2.43.tar.bz2.sig 119 BLAKE2B 38fd3790f5065d67d6b5323ef7abbb79facf00e5b9daba98e5078302fc3887423173ba434c7eff1e64faecef88d87aab9c057c570d6e96e8d0808f07f32d8fa1 SHA512 47c5354869b1825e56fa4276826fcde1ee41c70aab9b411686cf2733f4d1df9c006049e49e066b22e475bd37b337f9ffc97f8bbca0c62c0f32296909464a0643 -DIST gnupg-2.4.4.tar.bz2 7886036 BLAKE2B 02661e89f0358be09fa3e71e7235b764a7dbda62a48a0c8c7a4e6c9919c3b37d54ead50b930af58f8f2fdb87861b849d3f3751e95cbedf46bdfd76caa90c4db4 SHA512 3d1a3b08d1ce2319d238d8be96591e418ede1dc0b4ede33a4cc2fe40e9c56d5bbc27b1984736d8a786e7f292ddbc836846a8bdb4bf89f064e953c37cb54b94ef -DIST gnupg-2.4.4.tar.bz2.sig 237 BLAKE2B 6ee5878c36fbec747a6d84a268903749d862aab50dd7f9a389aabbf7b94dec1c424615f520b5f4a6d44e02093e8d9ad0b08d0c6cf6fd8886d8c174ce9faac99c SHA512 3ae7b6833576df851901a7619459b514bb82faeed350c864a57a782719d21f694d9ced5a3445c81dfa584a0302f87fedc660b08ea97bb8b861e76d7c5b46d07f DIST gnupg-2.4.5.tar.bz2 7889060 BLAKE2B a8b80cd4dfbb377066efb5c9f1b6cdc6d0cd1b18358c962781b5c06de1545117b13038a4655ae627c36bfd2e5fee127692df8729d6b23e1b31051ab6d897b733 SHA512 4d54744f09399c5899144d0cb5fdc2756e45b058db41b9ea9df3be03e80b914509e16ef35aa0248e7561185b80f7a5f9fd6afcab8ccff75ff82ed555448a38ff DIST gnupg-2.4.5.tar.bz2.sig 119 BLAKE2B f37fb5620bc009a5b935ac75df4235d377da4f052115c3c22c8d0887e9b21df6ea3059ac510eb2b555d825c2294e1c3ee44c86ecb371c6444a4645ca5a5c265a SHA512 53be0db371a98c930cbef9c844adcd06a8049d84dd71508f6f7427fc1736b374912c85ebf3a415748651260f65cf26f633697f4bdae2cc4a8d2c4b522db0bc71 -EBUILD gnupg-2.2.42-r2.ebuild 5637 BLAKE2B 8040078c95ebdd98e40bf2f69690bf9c91e6d87c63093e61b8e69ac88a1c9dc061716b4e28a564481166bc0d81b84fce4ff713c3e2a8b11b86b4fd83feb272b3 SHA512 1e551ca82173852d3a4ca39d932ebb8c7d30d464526f806f3a915953e00d03ea9402c9d7b18c5d40b3d3101d6e4347a6b6afe5f37a8c7c77375071b9cd6eafbb -EBUILD gnupg-2.2.42-r3.ebuild 5707 BLAKE2B 78d291d73fa6119803acedfb24b908fba39a7825dfa10ddf153e3ccd53a68fb675a0331d7267cff5b6ed65c84a10c1f5de673635ec499c98ec733ad582f41020 SHA512 095f04af23fc995ab6989ec0a570b585c5f73ba7f1ab778a6a1103e8f778d6dbedcb757706c43328f7ec645e51b5d004527b8f4e380c904f4eb1c00e3303b257 -EBUILD gnupg-2.2.43.ebuild 5578 BLAKE2B 102d02efd9e38de2d7818dfea965505b533d27daea7ebde258e7773d804912ddf80842e4a9c414f79d7121055e6140aa674e9ef098fb1522f95b40ec9cacd50a SHA512 90dc152863e878e147ace4801822c3d11a5537e66ebe5246ee83ad6a0bec128c8b7582b2aeed9a262e4d364eea7fe83e01ad883b04077083a7292bbf2d8ca8df -EBUILD gnupg-2.4.4-r1.ebuild 5946 BLAKE2B 9fe98a42150476da39b0956d507bb5a3ff77ebd38a654eab1b3162df40097e7f9383eafd80d2f022a22028ca341d2afc2eb90d1d1d8429bb5769168e7c0883de SHA512 ad7bd3c60e85d4d4c8015424708b9a396521ac598dc87f703e036b59462a8b8e57f0aed8e6e7fdeede7383268bda0066e7e002cd04d5e89a9837aefc45596a1c -EBUILD gnupg-2.4.5.ebuild 5898 BLAKE2B 5a9e18e6a538c8f3d302bd819a68abcce88cb588f459e1d2284e5139059ba6836cb82af5575b6e7699320dd9032a36b601d3e07089154dac20a3d1dcb81b988e SHA512 69d8107842e67ffc3be5e59236538b639aa69b1755f1c159e61239116733237fff09339203e3738bcf5dcc92f2eb999c2806fe64547d00b5d27328f3d2e0bc67 +EBUILD gnupg-2.2.42-r4.ebuild 5709 BLAKE2B 9d10f7fd0ee3f8b27d3c8d4b9b1dae6a73bd05f01c162e15f4a542f821080f9b76ad7984f7edaef1fc32fc0e2309909c6872e2c27da6a399e17f7192a171d6a2 SHA512 d3fdb9bdb7d5dfa87ab3983bbf9b50baf22a222a261d75f662b1f520b118e0673b181c8435292e46cd57a4f3baa405a27f129309452e96151bb8001879dbf116 +EBUILD gnupg-2.2.43-r1.ebuild 5580 BLAKE2B 3a78ae5c88037985eef8c7a09982d562b1ee620f777b7b27ecf3b2e351e0cd6dbe7e80c0e9644cd9bb0332d83d8aad9d9ef96768dd2ef782cbaa00cf6bcb97e4 SHA512 5ca6eebad3e7f9627c4ff2848514ab7f5b92b411d1e786f53a12d7d81a84145d0f8931baab81f55ef017bf52d9afb0dd04052ace4d2a3473d6b406f23d0c0126 +EBUILD gnupg-2.4.5-r1.ebuild 5900 BLAKE2B e636dbc9da8939b626fd3c579195dba1254bff02cef682cc7acd7d4d8ceaf3810e4ca76d2f7490208336df40f5b4edbfe993b6574578cadb09fbc63d74787ee8 SHA512 ccfb4cb402c492a0fcfcc8f535ea463d848f13ea3ded935149f524d41de419a338ec9a5d3f930ad622106ef2ba8e8b98d924e77a8326291413129651d495fac8 MISC metadata.xml 1189 BLAKE2B dae783678abfe0bae095970d96d952f591a569debad411708d29a2f128c6a291b73a33ee0b3491a6a5ec44c11f56d33c1531022e0ef9eaad3326c9cd0f79e3fb SHA512 bc7d6a9ceda213c134d9afc527fe0b0c87a4886a171b7a1e1f662f3978fec5e71323bae4c9f3882e1d763d5738446f161265070a8e513a59fa62ef0f792e9fa5 diff --git a/app-crypt/gnupg/files/gnupg-2.4.4-dirmngr-proxy.patch b/app-crypt/gnupg/files/gnupg-2.4.4-dirmngr-proxy.patch deleted file mode 100644 index 686a3aadc8dd..000000000000 --- a/app-crypt/gnupg/files/gnupg-2.4.4-dirmngr-proxy.patch +++ /dev/null @@ -1,202 +0,0 @@ -https://bugs.gentoo.org/924606 -https://dev.gnupg.org/T6997 -https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=04cbc3074aa98660b513a80f623a7e9f0702c7c9 -https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=848546b05ab0ff6abd47724ecfab73bf32dd4c01 -https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=2810b934647edd483996bee1f5f9256a162b2705 - -From 6236978d78886cbb476ed9fbc49ff99c7582b2d7 Mon Sep 17 00:00:00 2001 -From: NIIBE Yutaka -Date: Thu, 15 Feb 2024 15:38:34 +0900 -Subject: [PATCH 1/3] dirmngr: Fix proxy with TLS. - -* dirmngr/http.c (proxy_get_token, run_proxy_connect): Always -available regardless of USE_TLS. -(run_proxy_connect): Use log_debug_string. -(send_request): Remove USE_TLS. - --- - -Since the commit of - - 1009e4e5f71347a1fe194e59a9d88c8034a67016 - -Building with TLS library is mandatory. - -GnuPG-bug-id: 6997 -Signed-off-by: NIIBE Yutaka ---- - dirmngr/http.c | 8 +------- - 1 file changed, 1 insertion(+), 7 deletions(-) - -diff --git a/dirmngr/http.c b/dirmngr/http.c -index 4899a5d55..10eecfdb0 100644 ---- a/dirmngr/http.c -+++ b/dirmngr/http.c -@@ -2362,7 +2362,6 @@ run_gnutls_handshake (http_t hd, const char *server) - * NULL, decode the string and use this as input from teh server. On - * success the final output token is stored at PROXY->OUTTOKEN and - * OUTTOKLEN. IF the authentication succeeded OUTTOKLEN is zero. */ --#ifdef USE_TLS - static gpg_error_t - proxy_get_token (proxy_info_t proxy, const char *inputstring) - { -@@ -2530,11 +2529,9 @@ proxy_get_token (proxy_info_t proxy, const char *inputstring) - - #endif /*!HAVE_W32_SYSTEM*/ - } --#endif /*USE_TLS*/ - - - /* Use the CONNECT method to proxy our TLS stream. */ --#ifdef USE_TLS - static gpg_error_t - run_proxy_connect (http_t hd, proxy_info_t proxy, - const char *httphost, const char *server, -@@ -2586,7 +2583,7 @@ run_proxy_connect (http_t hd, proxy_info_t proxy, - hd->keep_alive = !auth_basic; /* We may need to send more requests. */ - - if (opt_debug || (hd->flags & HTTP_FLAG_LOG_RESP)) -- log_debug_with_string (request, "http.c:proxy:request:"); -+ log_debug_string (request, "http.c:proxy:request:"); - - if (!hd->fp_write) - { -@@ -2743,7 +2740,6 @@ run_proxy_connect (http_t hd, proxy_info_t proxy, - xfree (tmpstr); - return err; - } --#endif /*USE_TLS*/ - - - /* Make a request string using a standard proxy. On success the -@@ -2903,7 +2899,6 @@ send_request (ctrl_t ctrl, - goto leave; - } - --#if USE_TLS - if (use_http_proxy && hd->uri->use_tls) - { - err = run_proxy_connect (hd, proxy, httphost, server, port); -@@ -2915,7 +2910,6 @@ send_request (ctrl_t ctrl, - * clear the flag to indicate this. */ - use_http_proxy = 0; - } --#endif /* USE_TLS */ - - #if HTTP_USE_NTBTLS - err = run_ntbtls_handshake (hd); --- -2.43.2 - -From 68650eb6999e674fd2f1c78f47b68d3cd1d37ff0 Mon Sep 17 00:00:00 2001 -From: NIIBE Yutaka -Date: Fri, 16 Feb 2024 11:31:37 +0900 -Subject: [PATCH 2/3] dirmngr: Fix the regression of use of proxy for TLS - connection. - -* dirmngr/http.c (run_proxy_connect): Don't set keep_alive, since it -causes resource leak of FP_WRITE. -Don't try to read response body to fix the hang. - --- - -GnuPG-bug-id: 6997 -Signed-off-by: NIIBE Yutaka ---- - dirmngr/http.c | 14 ++------------ - 1 file changed, 2 insertions(+), 12 deletions(-) - -diff --git a/dirmngr/http.c b/dirmngr/http.c -index 10eecfdb0..7ce01bacd 100644 ---- a/dirmngr/http.c -+++ b/dirmngr/http.c -@@ -2553,6 +2553,7 @@ run_proxy_connect (http_t hd, proxy_info_t proxy, - * RFC-4559 - SPNEGO-based Kerberos and NTLM HTTP Authentication - */ - auth_basic = !!proxy->uri->auth; -+ hd->keep_alive = 0; - - /* For basic authentication we need to send just one request. */ - if (auth_basic -@@ -2574,13 +2575,12 @@ run_proxy_connect (http_t hd, proxy_info_t proxy, - httphost ? httphost : server, - port, - authhdr ? authhdr : "", -- auth_basic? "" : "Connection: keep-alive\r\n"); -+ hd->keep_alive? "Connection: keep-alive\r\n" : ""); - if (!request) - { - err = gpg_error_from_syserror (); - goto leave; - } -- hd->keep_alive = !auth_basic; /* We may need to send more requests. */ - - if (opt_debug || (hd->flags & HTTP_FLAG_LOG_RESP)) - log_debug_string (request, "http.c:proxy:request:"); -@@ -2607,16 +2607,6 @@ run_proxy_connect (http_t hd, proxy_info_t proxy, - if (err) - goto leave; - -- { -- unsigned long count = 0; -- -- while (es_getc (hd->fp_read) != EOF) -- count++; -- if (opt_debug) -- log_debug ("http.c:proxy_connect: skipped %lu bytes of response-body\n", -- count); -- } -- - /* Reset state. */ - es_clearerr (hd->fp_read); - ((cookie_t)(hd->read_cookie))->up_to_empty_line = 1; --- -2.43.2 - -From 7c7cbd94549d08780fc3767d6de8336b3f44e7d7 Mon Sep 17 00:00:00 2001 -From: NIIBE Yutaka -Date: Fri, 16 Feb 2024 16:24:26 +0900 -Subject: [PATCH 3/3] dirmngr: Fix keep-alive flag handling. - -* dirmngr/http.c (run_proxy_connect): Set KEEP_ALIVE if not Basic -Authentication. Fix resource leak of FP_WRITE. - --- - -GnuPG-bug-id: 6997 -Signed-off-by: NIIBE Yutaka ---- - dirmngr/http.c | 10 +++++++++- - 1 file changed, 9 insertions(+), 1 deletion(-) - -diff --git a/dirmngr/http.c b/dirmngr/http.c -index 7ce01bacd..da0c89ae5 100644 ---- a/dirmngr/http.c -+++ b/dirmngr/http.c -@@ -2553,7 +2553,7 @@ run_proxy_connect (http_t hd, proxy_info_t proxy, - * RFC-4559 - SPNEGO-based Kerberos and NTLM HTTP Authentication - */ - auth_basic = !!proxy->uri->auth; -- hd->keep_alive = 0; -+ hd->keep_alive = !auth_basic; /* We may need to send more requests. */ - - /* For basic authentication we need to send just one request. */ - if (auth_basic -@@ -2717,6 +2717,14 @@ run_proxy_connect (http_t hd, proxy_info_t proxy, - } - - leave: -+ if (hd->keep_alive) -+ { -+ es_fclose (hd->fp_write); -+ hd->fp_write = NULL; -+ /* The close has released the cookie and thus we better set it -+ * to NULL. */ -+ hd->write_cookie = NULL; -+ } - /* Restore flags, destroy stream, reset state. */ - hd->flags = saved_flags; - es_fclose (hd->fp_read); --- -2.43.2 - diff --git a/app-crypt/gnupg/gnupg-2.2.42-r2.ebuild b/app-crypt/gnupg/gnupg-2.2.42-r2.ebuild deleted file mode 100644 index 72bb9fe0626a..000000000000 --- a/app-crypt/gnupg/gnupg-2.2.42-r2.ebuild +++ /dev/null @@ -1,182 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -# Maintainers should: -# 1. Join the "Gentoo" project at https://dev.gnupg.org/project/view/27/ -# 2. Subscribe to release tasks like https://dev.gnupg.org/T6159 -# (find the one for the current release then subscribe to it + -# any subsequent ones linked within so you're covered for a while.) - -VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/gnupg.asc -# in-source builds are not supported: https://dev.gnupg.org/T6313#166339 -inherit flag-o-matic out-of-source multiprocessing systemd toolchain-funcs verify-sig - -MY_P="${P/_/-}" - -DESCRIPTION="The GNU Privacy Guard, a GPL OpenPGP implementation" -HOMEPAGE="https://gnupg.org/" -SRC_URI="mirror://gnupg/gnupg/${MY_P}.tar.bz2" -SRC_URI+=" verify-sig? ( mirror://gnupg/gnupg/${P}.tar.bz2.sig )" -S="${WORKDIR}/${MY_P}" - -LICENSE="GPL-3+" -SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" -IUSE="bzip2 doc ldap nls readline selinux +smartcard ssl test tofu tools usb user-socket wks-server" -RESTRICT="!test? ( test )" - -# Existence of executables is checked during configuration. -# Note: On each bump, update dep bounds on each version from configure.ac! -DEPEND=" - >=dev-libs/libassuan-2.5.0 - >=dev-libs/libgcrypt-1.8.0:= - >=dev-libs/libgpg-error-1.38 - >=dev-libs/libksba-1.3.5 - >=dev-libs/npth-1.2 - >=net-misc/curl-7.10 - sys-libs/zlib - bzip2? ( app-arch/bzip2 ) - ldap? ( net-nds/openldap:= ) - readline? ( sys-libs/readline:= ) - smartcard? ( usb? ( virtual/libusb:1 ) ) - ssl? ( >=net-libs/gnutls-3.0:= ) - tofu? ( >=dev-db/sqlite-3.7 ) -" -RDEPEND=" - ${DEPEND} - nls? ( virtual/libintl ) - selinux? ( sec-policy/selinux-gpg ) - wks-server? ( virtual/mta ) -" -PDEPEND=" - app-crypt/pinentry -" -BDEPEND=" - virtual/pkgconfig - doc? ( sys-apps/texinfo ) - nls? ( sys-devel/gettext ) - verify-sig? ( sec-keys/openpgp-keys-gnupg ) -" - -DOCS=( - ChangeLog NEWS README THANKS TODO VERSION - doc/FAQ doc/DETAILS doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER -) - -PATCHES=( - "${FILESDIR}"/${PN}-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch - "${FILESDIR}"/${PN}-2.2.42-bug923248-insecure-backup.patch -) - -src_prepare() { - default - - # Inject SSH_AUTH_SOCK into user's sessions after enabling gpg-agent-ssh.socket in systemctl --user mode, - # idea borrowed from libdbus, see - # https://gitlab.freedesktop.org/dbus/dbus/-/blob/master/bus/systemd-user/dbus.socket.in#L6 - # - # This cannot be upstreamed, as it requires determining the exact prefix of 'systemctl', - # which in turn requires discovery in Autoconf, something that upstream deeply resents. - sed -e "/DirectoryMode=/a ExecStartPost=-${EPREFIX}/bin/systemctl --user set-environment SSH_AUTH_SOCK=%t/gnupg/S.gpg-agent.ssh" \ - -i doc/examples/systemd-user/gpg-agent-ssh.socket || die -} - -my_src_configure() { - # Upstream don't support LTO, bug #854222. - filter-lto - - local myconf=( - $(use_enable bzip2) - $(use_enable nls) - $(use_enable smartcard scdaemon) - $(use_enable ssl gnutls) - $(use_enable test all-tests) - $(use_enable test tests) - $(use_enable tofu) - $(use smartcard && use_enable usb ccid-driver || echo '--disable-ccid-driver') - $(use_enable wks-server wks-tools) - $(use_with ldap) - $(use_with readline) - - # Hardcode mailprog to /usr/libexec/sendmail even if it does not exist. - # As of GnuPG 2.3, the mailprog substitution is used for the binary called - # by wks-client & wks-server; and if it's autodetected but not not exist at - # build time, then then 'gpg-wks-client --send' functionality will not - # work. This has an unwanted side-effect in stage3 builds: there was a - # [R]DEPEND on virtual/mta, which also brought in virtual/logger, bloating - # the build where the install guide previously make the user chose the - # logger & mta early in the install. - --with-mailprog=/usr/libexec/sendmail - - --disable-ntbtls - --enable-gpg - --enable-gpgsm - --enable-large-secmem - - CC_FOR_BUILD="$(tc-getBUILD_CC)" - GPG_ERROR_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-gpg-error-config" - KSBA_CONFIG="${ESYSROOT}/usr/bin/ksba-config" - LIBASSUAN_CONFIG="${ESYSROOT}/usr/bin/libassuan-config" - LIBGCRYPT_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-libgcrypt-config" - NPTH_CONFIG="${ESYSROOT}/usr/bin/npth-config" - - $("${S}/configure" --help | grep -o -- '--without-.*-prefix') - ) - - if use prefix && use usb; then - # bug #649598 - append-cppflags -I"${ESYSROOT}/usr/include/libusb-1.0" - fi - - # bug #663142 - if use user-socket; then - myconf+=( --enable-run-gnupg-user-socket ) - fi - - # glib fails and picks up clang's internal stdint.h causing weird errors - tc-is-clang && export gl_cv_absolute_stdint_h="${ESYSROOT}"/usr/include/stdint.h - - econf "${myconf[@]}" -} - -my_src_compile() { - default - - use doc && emake -C doc html -} - -my_src_test() { - export TESTFLAGS="--parallel=$(makeopts_jobs)" - - default -} - -my_src_install() { - emake DESTDIR="${D}" install - - use tools && dobin \ - tools/{gpg-zip,gpgconf,gpgsplit,gpg-check-pattern} \ - tools/make-dns-cert - - dosym gpg /usr/bin/gpg2 - dosym gpgv /usr/bin/gpgv2 - echo ".so man1/gpg.1" > "${ED}"/usr/share/man/man1/gpg2.1 || die - echo ".so man1/gpgv.1" > "${ED}"/usr/share/man/man1/gpgv2.1 || die - - dodir /etc/env.d - echo "CONFIG_PROTECT=/usr/share/gnupg/qualified.txt" >> "${ED}"/etc/env.d/30gnupg || die - - use doc && dodoc doc/gnupg.html/* -} - -my_src_install_all() { - einstalldocs - - use tools && dobin tools/{convert-from-106,mail-signed-keys,lspgpot} - - use doc && dodoc doc/*.png - - systemd_douserunit doc/examples/systemd-user/*.{service,socket} -} diff --git a/app-crypt/gnupg/gnupg-2.2.42-r3.ebuild b/app-crypt/gnupg/gnupg-2.2.42-r3.ebuild deleted file mode 100644 index d0937a7079a9..000000000000 --- a/app-crypt/gnupg/gnupg-2.2.42-r3.ebuild +++ /dev/null @@ -1,184 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -# Maintainers should: -# 1. Join the "Gentoo" project at https://dev.gnupg.org/project/view/27/ -# 2. Subscribe to release tasks like https://dev.gnupg.org/T6159 -# (find the one for the current release then subscribe to it + -# any subsequent ones linked within so you're covered for a while.) - -VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/gnupg.asc -# in-source builds are not supported: https://dev.gnupg.org/T6313#166339 -inherit flag-o-matic out-of-source multiprocessing systemd toolchain-funcs verify-sig - -MY_P="${P/_/-}" - -DESCRIPTION="The GNU Privacy Guard, a GPL OpenPGP implementation" -HOMEPAGE="https://gnupg.org/" -SRC_URI="mirror://gnupg/gnupg/${MY_P}.tar.bz2" -SRC_URI+=" verify-sig? ( mirror://gnupg/gnupg/${P}.tar.bz2.sig )" -S="${WORKDIR}/${MY_P}" - -LICENSE="GPL-3+" -SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" -IUSE="bzip2 doc ldap nls readline selinux +smartcard ssl test tofu tools usb user-socket wks-server" -RESTRICT="!test? ( test )" - -# Existence of executables is checked during configuration. -# Note: On each bump, update dep bounds on each version from configure.ac! -DEPEND=" - >=dev-libs/libassuan-2.5.0 - >=dev-libs/libgcrypt-1.8.0:= - >=dev-libs/libgpg-error-1.38 - >=dev-libs/libksba-1.3.5 - >=dev-libs/npth-1.2 - >=net-misc/curl-7.10 - sys-libs/zlib - bzip2? ( app-arch/bzip2 ) - ldap? ( net-nds/openldap:= ) - readline? ( sys-libs/readline:= ) - smartcard? ( usb? ( virtual/libusb:1 ) ) - ssl? ( >=net-libs/gnutls-3.0:= ) - tofu? ( >=dev-db/sqlite-3.7 ) -" -RDEPEND=" - ${DEPEND} - nls? ( virtual/libintl ) - selinux? ( sec-policy/selinux-gpg ) - wks-server? ( virtual/mta ) -" -PDEPEND=" - app-crypt/pinentry -" -BDEPEND=" - virtual/pkgconfig - doc? ( sys-apps/texinfo ) - nls? ( sys-devel/gettext ) - verify-sig? ( sec-keys/openpgp-keys-gnupg ) -" - -DOCS=( - ChangeLog NEWS README THANKS TODO VERSION - doc/FAQ doc/DETAILS doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER -) - -PATCHES=( - "${FILESDIR}"/${PN}-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch - "${FILESDIR}"/${P}-bug923248-insecure-backup.patch - "${FILESDIR}"/${P}-dirmngr-proxy.patch - "${FILESDIR}"/${P}-gpgme-tests.patch -) - -src_prepare() { - default - - # Inject SSH_AUTH_SOCK into user's sessions after enabling gpg-agent-ssh.socket in systemctl --user mode, - # idea borrowed from libdbus, see - # https://gitlab.freedesktop.org/dbus/dbus/-/blob/master/bus/systemd-user/dbus.socket.in#L6 - # - # This cannot be upstreamed, as it requires determining the exact prefix of 'systemctl', - # which in turn requires discovery in Autoconf, something that upstream deeply resents. - sed -e "/DirectoryMode=/a ExecStartPost=-${EPREFIX}/bin/systemctl --user set-environment SSH_AUTH_SOCK=%t/gnupg/S.gpg-agent.ssh" \ - -i doc/examples/systemd-user/gpg-agent-ssh.socket || die -} - -my_src_configure() { - # Upstream don't support LTO, bug #854222. - filter-lto - - local myconf=( - $(use_enable bzip2) - $(use_enable nls) - $(use_enable smartcard scdaemon) - $(use_enable ssl gnutls) - $(use_enable test all-tests) - $(use_enable test tests) - $(use_enable tofu) - $(use smartcard && use_enable usb ccid-driver || echo '--disable-ccid-driver') - $(use_enable wks-server wks-tools) - $(use_with ldap) - $(use_with readline) - - # Hardcode mailprog to /usr/libexec/sendmail even if it does not exist. - # As of GnuPG 2.3, the mailprog substitution is used for the binary called - # by wks-client & wks-server; and if it's autodetected but not not exist at - # build time, then then 'gpg-wks-client --send' functionality will not - # work. This has an unwanted side-effect in stage3 builds: there was a - # [R]DEPEND on virtual/mta, which also brought in virtual/logger, bloating - # the build where the install guide previously make the user chose the - # logger & mta early in the install. - --with-mailprog=/usr/libexec/sendmail - - --disable-ntbtls - --enable-gpg - --enable-gpgsm - --enable-large-secmem - - CC_FOR_BUILD="$(tc-getBUILD_CC)" - GPG_ERROR_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-gpg-error-config" - KSBA_CONFIG="${ESYSROOT}/usr/bin/ksba-config" - LIBASSUAN_CONFIG="${ESYSROOT}/usr/bin/libassuan-config" - LIBGCRYPT_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-libgcrypt-config" - NPTH_CONFIG="${ESYSROOT}/usr/bin/npth-config" - - $("${S}/configure" --help | grep -o -- '--without-.*-prefix') - ) - - if use prefix && use usb; then - # bug #649598 - append-cppflags -I"${ESYSROOT}/usr/include/libusb-1.0" - fi - - # bug #663142 - if use user-socket; then - myconf+=( --enable-run-gnupg-user-socket ) - fi - - # glib fails and picks up clang's internal stdint.h causing weird errors - tc-is-clang && export gl_cv_absolute_stdint_h="${ESYSROOT}"/usr/include/stdint.h - - econf "${myconf[@]}" -} - -my_src_compile() { - default - - use doc && emake -C doc html -} - -my_src_test() { - export TESTFLAGS="--parallel=$(makeopts_jobs)" - - default -} - -my_src_install() { - emake DESTDIR="${D}" install - - use tools && dobin \ - tools/{gpg-zip,gpgconf,gpgsplit,gpg-check-pattern} \ - tools/make-dns-cert - - dosym gpg /usr/bin/gpg2 - dosym gpgv /usr/bin/gpgv2 - echo ".so man1/gpg.1" > "${ED}"/usr/share/man/man1/gpg2.1 || die - echo ".so man1/gpgv.1" > "${ED}"/usr/share/man/man1/gpgv2.1 || die - - dodir /etc/env.d - echo "CONFIG_PROTECT=/usr/share/gnupg/qualified.txt" >> "${ED}"/etc/env.d/30gnupg || die - - use doc && dodoc doc/gnupg.html/* -} - -my_src_install_all() { - einstalldocs - - use tools && dobin tools/{convert-from-106,mail-signed-keys,lspgpot} - - use doc && dodoc doc/*.png - - systemd_douserunit doc/examples/systemd-user/*.{service,socket} -} diff --git a/app-crypt/gnupg/gnupg-2.2.42-r4.ebuild b/app-crypt/gnupg/gnupg-2.2.42-r4.ebuild new file mode 100644 index 000000000000..94c5b5230669 --- /dev/null +++ b/app-crypt/gnupg/gnupg-2.2.42-r4.ebuild @@ -0,0 +1,184 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +# Maintainers should: +# 1. Join the "Gentoo" project at https://dev.gnupg.org/project/view/27/ +# 2. Subscribe to release tasks like https://dev.gnupg.org/T6159 +# (find the one for the current release then subscribe to it + +# any subsequent ones linked within so you're covered for a while.) + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/gnupg.asc +# in-source builds are not supported: https://dev.gnupg.org/T6313#166339 +inherit flag-o-matic out-of-source multiprocessing systemd toolchain-funcs verify-sig + +MY_P="${P/_/-}" + +DESCRIPTION="The GNU Privacy Guard, a GPL OpenPGP implementation" +HOMEPAGE="https://gnupg.org/" +SRC_URI="mirror://gnupg/gnupg/${MY_P}.tar.bz2" +SRC_URI+=" verify-sig? ( mirror://gnupg/gnupg/${P}.tar.bz2.sig )" +S="${WORKDIR}/${MY_P}" + +LICENSE="GPL-3+" +SLOT="0" +KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +IUSE="bzip2 doc ldap nls readline selinux +smartcard ssl test tofu tools usb user-socket wks-server" +RESTRICT="!test? ( test )" + +# Existence of executables is checked during configuration. +# Note: On each bump, update dep bounds on each version from configure.ac! +DEPEND=" + >=dev-libs/libassuan-2.5.0:= + >=dev-libs/libgcrypt-1.8.0:= + >=dev-libs/libgpg-error-1.38 + >=dev-libs/libksba-1.3.5 + >=dev-libs/npth-1.2 + >=net-misc/curl-7.10 + sys-libs/zlib + bzip2? ( app-arch/bzip2 ) + ldap? ( net-nds/openldap:= ) + readline? ( sys-libs/readline:= ) + smartcard? ( usb? ( virtual/libusb:1 ) ) + ssl? ( >=net-libs/gnutls-3.0:= ) + tofu? ( >=dev-db/sqlite-3.7 ) +" +RDEPEND=" + ${DEPEND} + nls? ( virtual/libintl ) + selinux? ( sec-policy/selinux-gpg ) + wks-server? ( virtual/mta ) +" +PDEPEND=" + app-crypt/pinentry +" +BDEPEND=" + virtual/pkgconfig + doc? ( sys-apps/texinfo ) + nls? ( sys-devel/gettext ) + verify-sig? ( sec-keys/openpgp-keys-gnupg ) +" + +DOCS=( + ChangeLog NEWS README THANKS TODO VERSION + doc/FAQ doc/DETAILS doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER +) + +PATCHES=( + "${FILESDIR}"/${PN}-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch + "${FILESDIR}"/${P}-bug923248-insecure-backup.patch + "${FILESDIR}"/${P}-dirmngr-proxy.patch + "${FILESDIR}"/${P}-gpgme-tests.patch +) + +src_prepare() { + default + + # Inject SSH_AUTH_SOCK into user's sessions after enabling gpg-agent-ssh.socket in systemctl --user mode, + # idea borrowed from libdbus, see + # https://gitlab.freedesktop.org/dbus/dbus/-/blob/master/bus/systemd-user/dbus.socket.in#L6 + # + # This cannot be upstreamed, as it requires determining the exact prefix of 'systemctl', + # which in turn requires discovery in Autoconf, something that upstream deeply resents. + sed -e "/DirectoryMode=/a ExecStartPost=-${EPREFIX}/bin/systemctl --user set-environment SSH_AUTH_SOCK=%t/gnupg/S.gpg-agent.ssh" \ + -i doc/examples/systemd-user/gpg-agent-ssh.socket || die +} + +my_src_configure() { + # Upstream don't support LTO, bug #854222. + filter-lto + + local myconf=( + $(use_enable bzip2) + $(use_enable nls) + $(use_enable smartcard scdaemon) + $(use_enable ssl gnutls) + $(use_enable test all-tests) + $(use_enable test tests) + $(use_enable tofu) + $(use smartcard && use_enable usb ccid-driver || echo '--disable-ccid-driver') + $(use_enable wks-server wks-tools) + $(use_with ldap) + $(use_with readline) + + # Hardcode mailprog to /usr/libexec/sendmail even if it does not exist. + # As of GnuPG 2.3, the mailprog substitution is used for the binary called + # by wks-client & wks-server; and if it's autodetected but not not exist at + # build time, then then 'gpg-wks-client --send' functionality will not + # work. This has an unwanted side-effect in stage3 builds: there was a + # [R]DEPEND on virtual/mta, which also brought in virtual/logger, bloating + # the build where the install guide previously make the user chose the + # logger & mta early in the install. + --with-mailprog=/usr/libexec/sendmail + + --disable-ntbtls + --enable-gpg + --enable-gpgsm + --enable-large-secmem + + CC_FOR_BUILD="$(tc-getBUILD_CC)" + GPG_ERROR_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-gpg-error-config" + KSBA_CONFIG="${ESYSROOT}/usr/bin/ksba-config" + LIBASSUAN_CONFIG="${ESYSROOT}/usr/bin/libassuan-config" + LIBGCRYPT_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-libgcrypt-config" + NPTH_CONFIG="${ESYSROOT}/usr/bin/npth-config" + + $("${S}/configure" --help | grep -o -- '--without-.*-prefix') + ) + + if use prefix && use usb; then + # bug #649598 + append-cppflags -I"${ESYSROOT}/usr/include/libusb-1.0" + fi + + # bug #663142 + if use user-socket; then + myconf+=( --enable-run-gnupg-user-socket ) + fi + + # glib fails and picks up clang's internal stdint.h causing weird errors + tc-is-clang && export gl_cv_absolute_stdint_h="${ESYSROOT}"/usr/include/stdint.h + + econf "${myconf[@]}" +} + +my_src_compile() { + default + + use doc && emake -C doc html +} + +my_src_test() { + export TESTFLAGS="--parallel=$(makeopts_jobs)" + + default +} + +my_src_install() { + emake DESTDIR="${D}" install + + use tools && dobin \ + tools/{gpg-zip,gpgconf,gpgsplit,gpg-check-pattern} \ + tools/make-dns-cert + + dosym gpg /usr/bin/gpg2 + dosym gpgv /usr/bin/gpgv2 + echo ".so man1/gpg.1" > "${ED}"/usr/share/man/man1/gpg2.1 || die + echo ".so man1/gpgv.1" > "${ED}"/usr/share/man/man1/gpgv2.1 || die + + dodir /etc/env.d + echo "CONFIG_PROTECT=/usr/share/gnupg/qualified.txt" >> "${ED}"/etc/env.d/30gnupg || die + + use doc && dodoc doc/gnupg.html/* +} + +my_src_install_all() { + einstalldocs + + use tools && dobin tools/{convert-from-106,mail-signed-keys,lspgpot} + + use doc && dodoc doc/*.png + + systemd_douserunit doc/examples/systemd-user/*.{service,socket} +} diff --git a/app-crypt/gnupg/gnupg-2.2.43-r1.ebuild b/app-crypt/gnupg/gnupg-2.2.43-r1.ebuild new file mode 100644 index 000000000000..7bd830a04495 --- /dev/null +++ b/app-crypt/gnupg/gnupg-2.2.43-r1.ebuild @@ -0,0 +1,181 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +# Maintainers should: +# 1. Join the "Gentoo" project at https://dev.gnupg.org/project/view/27/ +# 2. Subscribe to release tasks like https://dev.gnupg.org/T6159 +# (find the one for the current release then subscribe to it + +# any subsequent ones linked within so you're covered for a while.) + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/gnupg.asc +# in-source builds are not supported: https://dev.gnupg.org/T6313#166339 +inherit flag-o-matic out-of-source multiprocessing systemd toolchain-funcs verify-sig + +MY_P="${P/_/-}" + +DESCRIPTION="The GNU Privacy Guard, a GPL OpenPGP implementation" +HOMEPAGE="https://gnupg.org/" +SRC_URI="mirror://gnupg/gnupg/${MY_P}.tar.bz2" +SRC_URI+=" verify-sig? ( mirror://gnupg/gnupg/${P}.tar.bz2.sig )" +S="${WORKDIR}/${MY_P}" + +LICENSE="GPL-3+" +SLOT="0" +KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +IUSE="bzip2 doc ldap nls readline selinux +smartcard ssl test tofu tools usb user-socket wks-server" +RESTRICT="!test? ( test )" + +# Existence of executables is checked during configuration. +# Note: On each bump, update dep bounds on each version from configure.ac! +DEPEND=" + >=dev-libs/libassuan-2.5.0:= + >=dev-libs/libgcrypt-1.8.0:= + >=dev-libs/libgpg-error-1.38 + >=dev-libs/libksba-1.4.0 + >=dev-libs/npth-1.2 + >=net-misc/curl-7.10 + sys-libs/zlib + bzip2? ( app-arch/bzip2 ) + ldap? ( net-nds/openldap:= ) + readline? ( sys-libs/readline:= ) + smartcard? ( usb? ( virtual/libusb:1 ) ) + ssl? ( >=net-libs/gnutls-3.0:= ) + tofu? ( >=dev-db/sqlite-3.7 ) +" +RDEPEND=" + ${DEPEND} + nls? ( virtual/libintl ) + selinux? ( sec-policy/selinux-gpg ) + wks-server? ( virtual/mta ) +" +PDEPEND=" + app-crypt/pinentry +" +BDEPEND=" + virtual/pkgconfig + doc? ( sys-apps/texinfo ) + nls? ( sys-devel/gettext ) + verify-sig? ( sec-keys/openpgp-keys-gnupg ) +" + +DOCS=( + ChangeLog NEWS README THANKS TODO VERSION + doc/FAQ doc/DETAILS doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER +) + +PATCHES=( + "${FILESDIR}"/${PN}-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch +) + +src_prepare() { + default + + # Inject SSH_AUTH_SOCK into user's sessions after enabling gpg-agent-ssh.socket in systemctl --user mode, + # idea borrowed from libdbus, see + # https://gitlab.freedesktop.org/dbus/dbus/-/blob/master/bus/systemd-user/dbus.socket.in#L6 + # + # This cannot be upstreamed, as it requires determining the exact prefix of 'systemctl', + # which in turn requires discovery in Autoconf, something that upstream deeply resents. + sed -e "/DirectoryMode=/a ExecStartPost=-${EPREFIX}/bin/systemctl --user set-environment SSH_AUTH_SOCK=%t/gnupg/S.gpg-agent.ssh" \ + -i doc/examples/systemd-user/gpg-agent-ssh.socket || die +} + +my_src_configure() { + # Upstream don't support LTO, bug #854222. + filter-lto + + local myconf=( + $(use_enable bzip2) + $(use_enable nls) + $(use_enable smartcard scdaemon) + $(use_enable ssl gnutls) + $(use_enable test all-tests) + $(use_enable test tests) + $(use_enable tofu) + $(use smartcard && use_enable usb ccid-driver || echo '--disable-ccid-driver') + $(use_enable wks-server wks-tools) + $(use_with ldap) + $(use_with readline) + + # Hardcode mailprog to /usr/libexec/sendmail even if it does not exist. + # As of GnuPG 2.3, the mailprog substitution is used for the binary called + # by wks-client & wks-server; and if it's autodetected but not not exist at + # build time, then then 'gpg-wks-client --send' functionality will not + # work. This has an unwanted side-effect in stage3 builds: there was a + # [R]DEPEND on virtual/mta, which also brought in virtual/logger, bloating + # the build where the install guide previously make the user chose the + # logger & mta early in the install. + --with-mailprog=/usr/libexec/sendmail + + --disable-ntbtls + --enable-gpg + --enable-gpgsm + --enable-large-secmem + + CC_FOR_BUILD="$(tc-getBUILD_CC)" + GPG_ERROR_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-gpg-error-config" + KSBA_CONFIG="${ESYSROOT}/usr/bin/ksba-config" + LIBASSUAN_CONFIG="${ESYSROOT}/usr/bin/libassuan-config" + LIBGCRYPT_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-libgcrypt-config" + NPTH_CONFIG="${ESYSROOT}/usr/bin/npth-config" + + $("${S}/configure" --help | grep -o -- '--without-.*-prefix') + ) + + if use prefix && use usb; then + # bug #649598 + append-cppflags -I"${ESYSROOT}/usr/include/libusb-1.0" + fi + + # bug #663142 + if use user-socket; then + myconf+=( --enable-run-gnupg-user-socket ) + fi + + # glib fails and picks up clang's internal stdint.h causing weird errors + tc-is-clang && export gl_cv_absolute_stdint_h="${ESYSROOT}"/usr/include/stdint.h + + econf "${myconf[@]}" +} + +my_src_compile() { + default + + use doc && emake -C doc html +} + +my_src_test() { + export TESTFLAGS="--parallel=$(makeopts_jobs)" + + default +} + +my_src_install() { + emake DESTDIR="${D}" install + + use tools && dobin \ + tools/{gpg-zip,gpgconf,gpgsplit,gpg-check-pattern} \ + tools/make-dns-cert + + dosym gpg /usr/bin/gpg2 + dosym gpgv /usr/bin/gpgv2 + echo ".so man1/gpg.1" > "${ED}"/usr/share/man/man1/gpg2.1 || die + echo ".so man1/gpgv.1" > "${ED}"/usr/share/man/man1/gpgv2.1 || die + + dodir /etc/env.d + echo "CONFIG_PROTECT=/usr/share/gnupg/qualified.txt" >> "${ED}"/etc/env.d/30gnupg || die + + use doc && dodoc doc/gnupg.html/* +} + +my_src_install_all() { + einstalldocs + + use tools && dobin tools/{convert-from-106,mail-signed-keys,lspgpot} + + use doc && dodoc doc/*.png + + systemd_douserunit doc/examples/systemd-user/*.{service,socket} +} diff --git a/app-crypt/gnupg/gnupg-2.2.43.ebuild b/app-crypt/gnupg/gnupg-2.2.43.ebuild deleted file mode 100644 index 1273cd75d344..000000000000 --- a/app-crypt/gnupg/gnupg-2.2.43.ebuild +++ /dev/null @@ -1,181 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -# Maintainers should: -# 1. Join the "Gentoo" project at https://dev.gnupg.org/project/view/27/ -# 2. Subscribe to release tasks like https://dev.gnupg.org/T6159 -# (find the one for the current release then subscribe to it + -# any subsequent ones linked within so you're covered for a while.) - -VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/gnupg.asc -# in-source builds are not supported: https://dev.gnupg.org/T6313#166339 -inherit flag-o-matic out-of-source multiprocessing systemd toolchain-funcs verify-sig - -MY_P="${P/_/-}" - -DESCRIPTION="The GNU Privacy Guard, a GPL OpenPGP implementation" -HOMEPAGE="https://gnupg.org/" -SRC_URI="mirror://gnupg/gnupg/${MY_P}.tar.bz2" -SRC_URI+=" verify-sig? ( mirror://gnupg/gnupg/${P}.tar.bz2.sig )" -S="${WORKDIR}/${MY_P}" - -LICENSE="GPL-3+" -SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" -IUSE="bzip2 doc ldap nls readline selinux +smartcard ssl test tofu tools usb user-socket wks-server" -RESTRICT="!test? ( test )" - -# Existence of executables is checked during configuration. -# Note: On each bump, update dep bounds on each version from configure.ac! -DEPEND=" - >=dev-libs/libassuan-2.5.0 - >=dev-libs/libgcrypt-1.8.0:= - >=dev-libs/libgpg-error-1.38 - >=dev-libs/libksba-1.4.0 - >=dev-libs/npth-1.2 - >=net-misc/curl-7.10 - sys-libs/zlib - bzip2? ( app-arch/bzip2 ) - ldap? ( net-nds/openldap:= ) - readline? ( sys-libs/readline:= ) - smartcard? ( usb? ( virtual/libusb:1 ) ) - ssl? ( >=net-libs/gnutls-3.0:= ) - tofu? ( >=dev-db/sqlite-3.7 ) -" -RDEPEND=" - ${DEPEND} - nls? ( virtual/libintl ) - selinux? ( sec-policy/selinux-gpg ) - wks-server? ( virtual/mta ) -" -PDEPEND=" - app-crypt/pinentry -" -BDEPEND=" - virtual/pkgconfig - doc? ( sys-apps/texinfo ) - nls? ( sys-devel/gettext ) - verify-sig? ( sec-keys/openpgp-keys-gnupg ) -" - -DOCS=( - ChangeLog NEWS README THANKS TODO VERSION - doc/FAQ doc/DETAILS doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER -) - -PATCHES=( - "${FILESDIR}"/${PN}-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch -) - -src_prepare() { - default - - # Inject SSH_AUTH_SOCK into user's sessions after enabling gpg-agent-ssh.socket in systemctl --user mode, - # idea borrowed from libdbus, see - # https://gitlab.freedesktop.org/dbus/dbus/-/blob/master/bus/systemd-user/dbus.socket.in#L6 - # - # This cannot be upstreamed, as it requires determining the exact prefix of 'systemctl', - # which in turn requires discovery in Autoconf, something that upstream deeply resents. - sed -e "/DirectoryMode=/a ExecStartPost=-${EPREFIX}/bin/systemctl --user set-environment SSH_AUTH_SOCK=%t/gnupg/S.gpg-agent.ssh" \ - -i doc/examples/systemd-user/gpg-agent-ssh.socket || die -} - -my_src_configure() { - # Upstream don't support LTO, bug #854222. - filter-lto - - local myconf=( - $(use_enable bzip2) - $(use_enable nls) - $(use_enable smartcard scdaemon) - $(use_enable ssl gnutls) - $(use_enable test all-tests) - $(use_enable test tests) - $(use_enable tofu) - $(use smartcard && use_enable usb ccid-driver || echo '--disable-ccid-driver') - $(use_enable wks-server wks-tools) - $(use_with ldap) - $(use_with readline) - - # Hardcode mailprog to /usr/libexec/sendmail even if it does not exist. - # As of GnuPG 2.3, the mailprog substitution is used for the binary called - # by wks-client & wks-server; and if it's autodetected but not not exist at - # build time, then then 'gpg-wks-client --send' functionality will not - # work. This has an unwanted side-effect in stage3 builds: there was a - # [R]DEPEND on virtual/mta, which also brought in virtual/logger, bloating - # the build where the install guide previously make the user chose the - # logger & mta early in the install. - --with-mailprog=/usr/libexec/sendmail - - --disable-ntbtls - --enable-gpg - --enable-gpgsm - --enable-large-secmem - - CC_FOR_BUILD="$(tc-getBUILD_CC)" - GPG_ERROR_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-gpg-error-config" - KSBA_CONFIG="${ESYSROOT}/usr/bin/ksba-config" - LIBASSUAN_CONFIG="${ESYSROOT}/usr/bin/libassuan-config" - LIBGCRYPT_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-libgcrypt-config" - NPTH_CONFIG="${ESYSROOT}/usr/bin/npth-config" - - $("${S}/configure" --help | grep -o -- '--without-.*-prefix') - ) - - if use prefix && use usb; then - # bug #649598 - append-cppflags -I"${ESYSROOT}/usr/include/libusb-1.0" - fi - - # bug #663142 - if use user-socket; then - myconf+=( --enable-run-gnupg-user-socket ) - fi - - # glib fails and picks up clang's internal stdint.h causing weird errors - tc-is-clang && export gl_cv_absolute_stdint_h="${ESYSROOT}"/usr/include/stdint.h - - econf "${myconf[@]}" -} - -my_src_compile() { - default - - use doc && emake -C doc html -} - -my_src_test() { - export TESTFLAGS="--parallel=$(makeopts_jobs)" - - default -} - -my_src_install() { - emake DESTDIR="${D}" install - - use tools && dobin \ - tools/{gpg-zip,gpgconf,gpgsplit,gpg-check-pattern} \ - tools/make-dns-cert - - dosym gpg /usr/bin/gpg2 - dosym gpgv /usr/bin/gpgv2 - echo ".so man1/gpg.1" > "${ED}"/usr/share/man/man1/gpg2.1 || die - echo ".so man1/gpgv.1" > "${ED}"/usr/share/man/man1/gpgv2.1 || die - - dodir /etc/env.d - echo "CONFIG_PROTECT=/usr/share/gnupg/qualified.txt" >> "${ED}"/etc/env.d/30gnupg || die - - use doc && dodoc doc/gnupg.html/* -} - -my_src_install_all() { - einstalldocs - - use tools && dobin tools/{convert-from-106,mail-signed-keys,lspgpot} - - use doc && dodoc doc/*.png - - systemd_douserunit doc/examples/systemd-user/*.{service,socket} -} diff --git a/app-crypt/gnupg/gnupg-2.4.4-r1.ebuild b/app-crypt/gnupg/gnupg-2.4.4-r1.ebuild deleted file mode 100644 index c89d22b2c153..000000000000 --- a/app-crypt/gnupg/gnupg-2.4.4-r1.ebuild +++ /dev/null @@ -1,193 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -# Maintainers should: -# 1. Join the "Gentoo" project at https://dev.gnupg.org/project/view/27/ -# 2. Subscribe to release tasks like https://dev.gnupg.org/T6159 -# (find the one for the current release then subscribe to it + -# any subsequent ones linked within so you're covered for a while.) - -VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/gnupg.asc -# in-source builds are not supported: https://dev.gnupg.org/T6313#166339 -inherit flag-o-matic out-of-source multiprocessing systemd toolchain-funcs verify-sig - -MY_P="${P/_/-}" - -DESCRIPTION="The GNU Privacy Guard, a GPL OpenPGP implementation" -HOMEPAGE="https://gnupg.org/" -SRC_URI="mirror://gnupg/gnupg/${MY_P}.tar.bz2" -SRC_URI+=" verify-sig? ( mirror://gnupg/gnupg/${P}.tar.bz2.sig )" -S="${WORKDIR}/${MY_P}" - -LICENSE="GPL-3+" -SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" -IUSE="bzip2 doc ldap nls readline selinux +smartcard ssl test +tofu tpm tools usb user-socket wks-server" -RESTRICT="!test? ( test )" -REQUIRED_USE="test? ( tofu )" - -# Existence of executables is checked during configuration. -# Note: On each bump, update dep bounds on each version from configure.ac! -DEPEND=" - >=dev-libs/libassuan-2.5.0 - >=dev-libs/libgcrypt-1.9.1:= - >=dev-libs/libgpg-error-1.46 - >=dev-libs/libksba-1.6.3 - >=dev-libs/npth-1.2 - >=net-misc/curl-7.10 - sys-libs/zlib - bzip2? ( app-arch/bzip2 ) - ldap? ( net-nds/openldap:= ) - readline? ( sys-libs/readline:0= ) - smartcard? ( usb? ( virtual/libusb:1 ) ) - tofu? ( >=dev-db/sqlite-3.27 ) - tpm? ( >=app-crypt/tpm2-tss-2.4.0:= ) - ssl? ( >=net-libs/gnutls-3.2:0= ) -" -RDEPEND=" - ${DEPEND} - nls? ( virtual/libintl ) - selinux? ( sec-policy/selinux-gpg ) - wks-server? ( virtual/mta ) -" -PDEPEND=" - app-crypt/pinentry -" -BDEPEND=" - virtual/pkgconfig - doc? ( sys-apps/texinfo ) - nls? ( sys-devel/gettext ) - verify-sig? ( sec-keys/openpgp-keys-gnupg ) -" - -DOCS=( - ChangeLog NEWS README THANKS TODO VERSION - doc/FAQ doc/DETAILS doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER -) - -PATCHES=( - "${FILESDIR}"/${PN}-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch - "${FILESDIR}"/${P}-dirmngr-proxy.patch #924606 -) - -src_prepare() { - default - - GNUPG_SYSTEMD_UNITS=( - dirmngr.service - dirmngr.socket - gpg-agent-browser.socket - gpg-agent-extra.socket - gpg-agent.service - gpg-agent.socket - gpg-agent-ssh.socket - ) - - cp "${GNUPG_SYSTEMD_UNITS[@]/#/${FILESDIR}/}" "${T}" || die - - # Inject SSH_AUTH_SOCK into user's sessions after enabling gpg-agent-ssh.socket in systemctl --user mode, - # idea borrowed from libdbus, see - # https://gitlab.freedesktop.org/dbus/dbus/-/blob/master/bus/systemd-user/dbus.socket.in#L6 - # - # This cannot be upstreamed, as it requires determining the exact prefix of 'systemctl', - # which in turn requires discovery in Autoconf, something that upstream deeply resents. - sed -e "/DirectoryMode=/a ExecStartPost=-${EPREFIX}/bin/systemctl --user set-environment SSH_AUTH_SOCK=%t/gnupg/S.gpg-agent.ssh" \ - -i "${T}"/gpg-agent-ssh.socket || die -} - -my_src_configure() { - # Upstream don't support LTO, bug #854222. - filter-lto - - local myconf=( - $(use_enable bzip2) - $(use_enable nls) - $(use_enable smartcard scdaemon) - $(use_enable ssl gnutls) - $(use_enable test all-tests) - $(use_enable test tests) - $(use_enable tofu) - $(use_enable tofu keyboxd) - $(use_enable tofu sqlite) - $(usex tpm '--with-tss=intel' '--disable-tpm2d') - $(use smartcard && use_enable usb ccid-driver || echo '--disable-ccid-driver') - $(use_enable wks-server wks-tools) - $(use_with ldap) - $(use_with readline) - - # Hardcode mailprog to /usr/libexec/sendmail even if it does not exist. - # As of GnuPG 2.3, the mailprog substitution is used for the binary called - # by wks-client & wks-server; and if it's autodetected but not not exist at - # build time, then then 'gpg-wks-client --send' functionality will not - # work. This has an unwanted side-effect in stage3 builds: there was a - # [R]DEPEND on virtual/mta, which also brought in virtual/logger, bloating - # the build where the install guide previously make the user chose the - # logger & mta early in the install. - --with-mailprog=/usr/libexec/sendmail - - --disable-ntbtls - --enable-gpgsm - --enable-large-secmem - - CC_FOR_BUILD="$(tc-getBUILD_CC)" - ac_cv_path_GPGRT_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-gpgrt-config" - - $("${S}/configure" --help | grep -o -- '--without-.*-prefix') - ) - - if use prefix && use usb; then - # bug #649598 - append-cppflags -I"${ESYSROOT}/usr/include/libusb-1.0" - fi - - # bug #663142 - if use user-socket; then - myconf+=( --enable-run-gnupg-user-socket ) - fi - - # glib fails and picks up clang's internal stdint.h causing weird errors - tc-is-clang && export gl_cv_absolute_stdint_h="${ESYSROOT}"/usr/include/stdint.h - - econf "${myconf[@]}" -} - -my_src_compile() { - default - - use doc && emake -C doc html -} - -my_src_test() { - export TESTFLAGS="--parallel=$(makeopts_jobs)" - - default -} - -my_src_install() { - emake DESTDIR="${D}" install - - use tools && dobin tools/{gpgconf,gpgsplit,gpg-check-pattern} tools/make-dns-cert - - dosym gpg /usr/bin/gpg2 - dosym gpgv /usr/bin/gpgv2 - echo ".so man1/gpg.1" > "${ED}"/usr/share/man/man1/gpg2.1 || die - echo ".so man1/gpgv.1" > "${ED}"/usr/share/man/man1/gpgv2.1 || die - - dodir /etc/env.d - echo "CONFIG_PROTECT=/usr/share/gnupg/qualified.txt" >> "${ED}"/etc/env.d/30gnupg || die - - use doc && dodoc doc/gnupg.html/* -} - -my_src_install_all() { - einstalldocs - - use tools && dobin tools/{convert-from-106,mail-signed-keys,lspgpot} - use doc && dodoc doc/*.png - - # Dropped upstream in https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff;h=eae28f1bd4a5632e8f8e85b7248d1c4d4a10a5ed. - dodoc "${FILESDIR}"/README-systemd - systemd_douserunit "${GNUPG_SYSTEMD_UNITS[@]/#/${T}/}" -} diff --git a/app-crypt/gnupg/gnupg-2.4.5-r1.ebuild b/app-crypt/gnupg/gnupg-2.4.5-r1.ebuild new file mode 100644 index 000000000000..cc4974e12dd2 --- /dev/null +++ b/app-crypt/gnupg/gnupg-2.4.5-r1.ebuild @@ -0,0 +1,192 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +# Maintainers should: +# 1. Join the "Gentoo" project at https://dev.gnupg.org/project/view/27/ +# 2. Subscribe to release tasks like https://dev.gnupg.org/T6159 +# (find the one for the current release then subscribe to it + +# any subsequent ones linked within so you're covered for a while.) + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/gnupg.asc +# in-source builds are not supported: https://dev.gnupg.org/T6313#166339 +inherit flag-o-matic out-of-source multiprocessing systemd toolchain-funcs verify-sig + +MY_P="${P/_/-}" + +DESCRIPTION="The GNU Privacy Guard, a GPL OpenPGP implementation" +HOMEPAGE="https://gnupg.org/" +SRC_URI="mirror://gnupg/gnupg/${MY_P}.tar.bz2" +SRC_URI+=" verify-sig? ( mirror://gnupg/gnupg/${P}.tar.bz2.sig )" +S="${WORKDIR}/${MY_P}" + +LICENSE="GPL-3+" +SLOT="0" +KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +IUSE="bzip2 doc ldap nls readline selinux +smartcard ssl test +tofu tpm tools usb user-socket wks-server" +RESTRICT="!test? ( test )" +REQUIRED_USE="test? ( tofu )" + +# Existence of executables is checked during configuration. +# Note: On each bump, update dep bounds on each version from configure.ac! +DEPEND=" + >=dev-libs/libassuan-2.5.0:= + >=dev-libs/libgcrypt-1.9.1:= + >=dev-libs/libgpg-error-1.46 + >=dev-libs/libksba-1.6.3 + >=dev-libs/npth-1.2 + >=net-misc/curl-7.10 + sys-libs/zlib + bzip2? ( app-arch/bzip2 ) + ldap? ( net-nds/openldap:= ) + readline? ( sys-libs/readline:0= ) + smartcard? ( usb? ( virtual/libusb:1 ) ) + tofu? ( >=dev-db/sqlite-3.27 ) + tpm? ( >=app-crypt/tpm2-tss-2.4.0:= ) + ssl? ( >=net-libs/gnutls-3.2:0= ) +" +RDEPEND=" + ${DEPEND} + nls? ( virtual/libintl ) + selinux? ( sec-policy/selinux-gpg ) + wks-server? ( virtual/mta ) +" +PDEPEND=" + app-crypt/pinentry +" +BDEPEND=" + virtual/pkgconfig + doc? ( sys-apps/texinfo ) + nls? ( sys-devel/gettext ) + verify-sig? ( sec-keys/openpgp-keys-gnupg ) +" + +DOCS=( + ChangeLog NEWS README THANKS TODO VERSION + doc/FAQ doc/DETAILS doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER +) + +PATCHES=( + "${FILESDIR}"/${PN}-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch +) + +src_prepare() { + default + + GNUPG_SYSTEMD_UNITS=( + dirmngr.service + dirmngr.socket + gpg-agent-browser.socket + gpg-agent-extra.socket + gpg-agent.service + gpg-agent.socket + gpg-agent-ssh.socket + ) + + cp "${GNUPG_SYSTEMD_UNITS[@]/#/${FILESDIR}/}" "${T}" || die + + # Inject SSH_AUTH_SOCK into user's sessions after enabling gpg-agent-ssh.socket in systemctl --user mode, + # idea borrowed from libdbus, see + # https://gitlab.freedesktop.org/dbus/dbus/-/blob/master/bus/systemd-user/dbus.socket.in#L6 + # + # This cannot be upstreamed, as it requires determining the exact prefix of 'systemctl', + # which in turn requires discovery in Autoconf, something that upstream deeply resents. + sed -e "/DirectoryMode=/a ExecStartPost=-${EPREFIX}/bin/systemctl --user set-environment SSH_AUTH_SOCK=%t/gnupg/S.gpg-agent.ssh" \ + -i "${T}"/gpg-agent-ssh.socket || die +} + +my_src_configure() { + # Upstream don't support LTO, bug #854222. + filter-lto + + local myconf=( + $(use_enable bzip2) + $(use_enable nls) + $(use_enable smartcard scdaemon) + $(use_enable ssl gnutls) + $(use_enable test all-tests) + $(use_enable test tests) + $(use_enable tofu) + $(use_enable tofu keyboxd) + $(use_enable tofu sqlite) + $(usex tpm '--with-tss=intel' '--disable-tpm2d') + $(use smartcard && use_enable usb ccid-driver || echo '--disable-ccid-driver') + $(use_enable wks-server wks-tools) + $(use_with ldap) + $(use_with readline) + + # Hardcode mailprog to /usr/libexec/sendmail even if it does not exist. + # As of GnuPG 2.3, the mailprog substitution is used for the binary called + # by wks-client & wks-server; and if it's autodetected but not not exist at + # build time, then then 'gpg-wks-client --send' functionality will not + # work. This has an unwanted side-effect in stage3 builds: there was a + # [R]DEPEND on virtual/mta, which also brought in virtual/logger, bloating + # the build where the install guide previously make the user chose the + # logger & mta early in the install. + --with-mailprog=/usr/libexec/sendmail + + --disable-ntbtls + --enable-gpgsm + --enable-large-secmem + + CC_FOR_BUILD="$(tc-getBUILD_CC)" + ac_cv_path_GPGRT_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-gpgrt-config" + + $("${S}/configure" --help | grep -o -- '--without-.*-prefix') + ) + + if use prefix && use usb; then + # bug #649598 + append-cppflags -I"${ESYSROOT}/usr/include/libusb-1.0" + fi + + # bug #663142 + if use user-socket; then + myconf+=( --enable-run-gnupg-user-socket ) + fi + + # glib fails and picks up clang's internal stdint.h causing weird errors + tc-is-clang && export gl_cv_absolute_stdint_h="${ESYSROOT}"/usr/include/stdint.h + + econf "${myconf[@]}" +} + +my_src_compile() { + default + + use doc && emake -C doc html +} + +my_src_test() { + export TESTFLAGS="--parallel=$(makeopts_jobs)" + + default +} + +my_src_install() { + emake DESTDIR="${D}" install + + use tools && dobin tools/{gpgconf,gpgsplit,gpg-check-pattern} tools/make-dns-cert + + dosym gpg /usr/bin/gpg2 + dosym gpgv /usr/bin/gpgv2 + echo ".so man1/gpg.1" > "${ED}"/usr/share/man/man1/gpg2.1 || die + echo ".so man1/gpgv.1" > "${ED}"/usr/share/man/man1/gpgv2.1 || die + + dodir /etc/env.d + echo "CONFIG_PROTECT=/usr/share/gnupg/qualified.txt" >> "${ED}"/etc/env.d/30gnupg || die + + use doc && dodoc doc/gnupg.html/* +} + +my_src_install_all() { + einstalldocs + + use tools && dobin tools/{convert-from-106,mail-signed-keys,lspgpot} + use doc && dodoc doc/*.png + + # Dropped upstream in https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff;h=eae28f1bd4a5632e8f8e85b7248d1c4d4a10a5ed. + dodoc "${FILESDIR}"/README-systemd + systemd_douserunit "${GNUPG_SYSTEMD_UNITS[@]/#/${T}/}" +} diff --git a/app-crypt/gnupg/gnupg-2.4.5.ebuild b/app-crypt/gnupg/gnupg-2.4.5.ebuild deleted file mode 100644 index 2620bc583810..000000000000 --- a/app-crypt/gnupg/gnupg-2.4.5.ebuild +++ /dev/null @@ -1,192 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -# Maintainers should: -# 1. Join the "Gentoo" project at https://dev.gnupg.org/project/view/27/ -# 2. Subscribe to release tasks like https://dev.gnupg.org/T6159 -# (find the one for the current release then subscribe to it + -# any subsequent ones linked within so you're covered for a while.) - -VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/gnupg.asc -# in-source builds are not supported: https://dev.gnupg.org/T6313#166339 -inherit flag-o-matic out-of-source multiprocessing systemd toolchain-funcs verify-sig - -MY_P="${P/_/-}" - -DESCRIPTION="The GNU Privacy Guard, a GPL OpenPGP implementation" -HOMEPAGE="https://gnupg.org/" -SRC_URI="mirror://gnupg/gnupg/${MY_P}.tar.bz2" -SRC_URI+=" verify-sig? ( mirror://gnupg/gnupg/${P}.tar.bz2.sig )" -S="${WORKDIR}/${MY_P}" - -LICENSE="GPL-3+" -SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" -IUSE="bzip2 doc ldap nls readline selinux +smartcard ssl test +tofu tpm tools usb user-socket wks-server" -RESTRICT="!test? ( test )" -REQUIRED_USE="test? ( tofu )" - -# Existence of executables is checked during configuration. -# Note: On each bump, update dep bounds on each version from configure.ac! -DEPEND=" - >=dev-libs/libassuan-2.5.0 - >=dev-libs/libgcrypt-1.9.1:= - >=dev-libs/libgpg-error-1.46 - >=dev-libs/libksba-1.6.3 - >=dev-libs/npth-1.2 - >=net-misc/curl-7.10 - sys-libs/zlib - bzip2? ( app-arch/bzip2 ) - ldap? ( net-nds/openldap:= ) - readline? ( sys-libs/readline:0= ) - smartcard? ( usb? ( virtual/libusb:1 ) ) - tofu? ( >=dev-db/sqlite-3.27 ) - tpm? ( >=app-crypt/tpm2-tss-2.4.0:= ) - ssl? ( >=net-libs/gnutls-3.2:0= ) -" -RDEPEND=" - ${DEPEND} - nls? ( virtual/libintl ) - selinux? ( sec-policy/selinux-gpg ) - wks-server? ( virtual/mta ) -" -PDEPEND=" - app-crypt/pinentry -" -BDEPEND=" - virtual/pkgconfig - doc? ( sys-apps/texinfo ) - nls? ( sys-devel/gettext ) - verify-sig? ( sec-keys/openpgp-keys-gnupg ) -" - -DOCS=( - ChangeLog NEWS README THANKS TODO VERSION - doc/FAQ doc/DETAILS doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER -) - -PATCHES=( - "${FILESDIR}"/${PN}-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch -) - -src_prepare() { - default - - GNUPG_SYSTEMD_UNITS=( - dirmngr.service - dirmngr.socket - gpg-agent-browser.socket - gpg-agent-extra.socket - gpg-agent.service - gpg-agent.socket - gpg-agent-ssh.socket - ) - - cp "${GNUPG_SYSTEMD_UNITS[@]/#/${FILESDIR}/}" "${T}" || die - - # Inject SSH_AUTH_SOCK into user's sessions after enabling gpg-agent-ssh.socket in systemctl --user mode, - # idea borrowed from libdbus, see - # https://gitlab.freedesktop.org/dbus/dbus/-/blob/master/bus/systemd-user/dbus.socket.in#L6 - # - # This cannot be upstreamed, as it requires determining the exact prefix of 'systemctl', - # which in turn requires discovery in Autoconf, something that upstream deeply resents. - sed -e "/DirectoryMode=/a ExecStartPost=-${EPREFIX}/bin/systemctl --user set-environment SSH_AUTH_SOCK=%t/gnupg/S.gpg-agent.ssh" \ - -i "${T}"/gpg-agent-ssh.socket || die -} - -my_src_configure() { - # Upstream don't support LTO, bug #854222. - filter-lto - - local myconf=( - $(use_enable bzip2) - $(use_enable nls) - $(use_enable smartcard scdaemon) - $(use_enable ssl gnutls) - $(use_enable test all-tests) - $(use_enable test tests) - $(use_enable tofu) - $(use_enable tofu keyboxd) - $(use_enable tofu sqlite) - $(usex tpm '--with-tss=intel' '--disable-tpm2d') - $(use smartcard && use_enable usb ccid-driver || echo '--disable-ccid-driver') - $(use_enable wks-server wks-tools) - $(use_with ldap) - $(use_with readline) - - # Hardcode mailprog to /usr/libexec/sendmail even if it does not exist. - # As of GnuPG 2.3, the mailprog substitution is used for the binary called - # by wks-client & wks-server; and if it's autodetected but not not exist at - # build time, then then 'gpg-wks-client --send' functionality will not - # work. This has an unwanted side-effect in stage3 builds: there was a - # [R]DEPEND on virtual/mta, which also brought in virtual/logger, bloating - # the build where the install guide previously make the user chose the - # logger & mta early in the install. - --with-mailprog=/usr/libexec/sendmail - - --disable-ntbtls - --enable-gpgsm - --enable-large-secmem - - CC_FOR_BUILD="$(tc-getBUILD_CC)" - ac_cv_path_GPGRT_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-gpgrt-config" - - $("${S}/configure" --help | grep -o -- '--without-.*-prefix') - ) - - if use prefix && use usb; then - # bug #649598 - append-cppflags -I"${ESYSROOT}/usr/include/libusb-1.0" - fi - - # bug #663142 - if use user-socket; then - myconf+=( --enable-run-gnupg-user-socket ) - fi - - # glib fails and picks up clang's internal stdint.h causing weird errors - tc-is-clang && export gl_cv_absolute_stdint_h="${ESYSROOT}"/usr/include/stdint.h - - econf "${myconf[@]}" -} - -my_src_compile() { - default - - use doc && emake -C doc html -} - -my_src_test() { - export TESTFLAGS="--parallel=$(makeopts_jobs)" - - default -} - -my_src_install() { - emake DESTDIR="${D}" install - - use tools && dobin tools/{gpgconf,gpgsplit,gpg-check-pattern} tools/make-dns-cert - - dosym gpg /usr/bin/gpg2 - dosym gpgv /usr/bin/gpgv2 - echo ".so man1/gpg.1" > "${ED}"/usr/share/man/man1/gpg2.1 || die - echo ".so man1/gpgv.1" > "${ED}"/usr/share/man/man1/gpgv2.1 || die - - dodir /etc/env.d - echo "CONFIG_PROTECT=/usr/share/gnupg/qualified.txt" >> "${ED}"/etc/env.d/30gnupg || die - - use doc && dodoc doc/gnupg.html/* -} - -my_src_install_all() { - einstalldocs - - use tools && dobin tools/{convert-from-106,mail-signed-keys,lspgpot} - use doc && dodoc doc/*.png - - # Dropped upstream in https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff;h=eae28f1bd4a5632e8f8e85b7248d1c4d4a10a5ed. - dodoc "${FILESDIR}"/README-systemd - systemd_douserunit "${GNUPG_SYSTEMD_UNITS[@]/#/${T}/}" -} -- cgit v1.2.3