blob: 9e537cb59a6f71746052aae5f612a68055131abc (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
|
# Contributor: Sören Tempel <soeren+alpine@soeren-tempel.net>
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=gnupg
# Upgrade to LTS versions only.
pkgver=2.2.41
_ver=${pkgver/_beta/-beta}
pkgrel=0
pkgdesc="GNU Privacy Guard 2 - meta package for full GnuPG suite"
url="https://www.gnupg.org/"
arch="all"
license="GPL-3.0-or-later"
depends="gpg=$pkgver-r$pkgrel
gpg-agent=$pkgver-r$pkgrel
gpg-wks-server=$pkgver-r$pkgrel
gpgsm=$pkgver-r$pkgrel
gpgv=$pkgver-r$pkgrel
$pkgname-dirmngr=$pkgver-r$pkgrel
$pkgname-utils=$pkgver-r$pkgrel
$pkgname-wks-client=$pkgver-r$pkgrel
"
makedepends="
autoconf
automake
bzip2-dev
gettext-dev
gnutls-dev
libassuan-dev
libgcrypt-dev
libgpg-error-dev
libksba-dev
libtool
libusb-dev
npth-dev
openldap-dev
pinentry
sqlite-dev
texinfo
zlib-dev
"
install="$pkgname-scdaemon.pre-install"
subpackages="
$pkgname-doc
$pkgname-lang::noarch
$pkgname-dirmngr
$pkgname-gpgconf
$pkgname-scdaemon
$pkgname-wks-client:_wks_client
gpg
gpg-agent:_agent
gpg-wks-server:_wks_server
gpgsm
gpgv
$pkgname-utils
"
source="https://gnupg.org/ftp/gcrypt/gnupg/gnupg-$_ver.tar.bz2
0001-Include-sys-select.h-for-FD_SETSIZE.patch
0010-avoid-beta-warning.patch
0020-avoid-regenerating-defsincdate-use-shipped-file.patch
0110-avoid-simple-memory-dumps-via-ptrace.patch
0210-dirmngr-hkp-avoid-potential-race-condition-when-some-host-die.patch
0220-dirmngr-avoid-need-for-hkp-housekeeping.patch
0230-dirmngr-avoid-automatically-checking-upstream-swdb.patch
0310-gpg-default-to-3072-bit-keys.patch
0320-gpg-default-to-aes256.patch
0330-gpg-default-to-sha512-for-all-signature-types-on-rsa-keys.patch
0340-gpg-prefer-sha512-and-sha384-in-personal-digest.patch
0410-make-gpg-zip-use-tar-from-path.patch
0420-gpg-drop-import-clean-from-default-keyserver-import-options.patch
fix-i18n.patch
60-scdaemon.rules
"
# secfixes:
# 2.2.35-r4:
# - CVE-2022-34903
# 2.2.23-r0:
# - CVE-2020-25125
# 2.2.18-r0:
# - CVE-2019-14855
# 2.2.8-r0:
# - CVE-2018-12020
prepare() {
default_prepare
autoreconf -vif
}
build() {
./configure \
--build=$CBUILD \
--host=$CHOST \
--prefix=/usr \
--sysconfdir=/etc \
--mandir=/usr/share/man \
--infodir=/usr/share/info \
--localstatedir=/var \
--disable-nls \
--enable-bzip2 \
--enable-tofu \
--enable-scdaemon \
--enable-ccid-driver
make
}
check() {
make check
}
package() {
make DESTDIR="$pkgdir" install
install -m755 tools/gpg-zip "$pkgdir"/usr/bin/gpg-zip
install -Dm644 -t "$pkgdir"/lib/udev/rules.d/ "$srcdir"/60-scdaemon.rules
cd "$pkgdir"
# install compat symlink
ln -s gpg usr/bin/gpg2
ln -s gpgv usr/bin/gpgv2
# Remove docs for systemd-user
rm -rf usr/share/doc/gnupg/examples/systemd-user
# Remove gpg scheme interpreter - an internal tool used in gpg tests
rm -rf usr/bin/gpgscm
}
_agent() {
pkgdesc="GNU Privacy Guard 2 - cryptographic agent"
depends="$pkgname-gpgconf=$pkgver-r$pkgrel"
replaces="$pkgname" # for backward compatibility
amove usr/bin/gpg-agent
amove usr/libexec/gpg-check-pattern
amove usr/libexec/gpg-preset-passphrase
amove usr/libexec/gpg-protect-tool
amove usr/share/gnupg/help.txt
}
dirmngr() {
pkgdesc="GNU Privacy Guard 2 - network certificate management service"
depends="$pkgname-gpgconf=$pkgver-r$pkgrel"
provides="dirmngr=$pkgver-r$pkgrel" # alternative package name
replaces="$pkgname" # for backward compatibility
amove usr/bin/dirmngr*
amove usr/libexec/dirmngr_ldap
amove usr/share/gnupg/sks-keyservers.netCA.pem
}
gpg() {
pkgdesc="GNU Privacy Guard 2 - public key operations only"
depends="$pkgname-gpgconf=$pkgver-r$pkgrel"
replaces="$pkgname" # for backward compatibility
provider_priority=100 # highest (other provider of cmd:gpg is gnupg1)
amove usr/bin/gpg
amove usr/bin/gpg2
}
gpgconf() {
pkgdesc="GNU Privacy Guard 2 - core configuration utilities"
depends="pinentry"
replaces="$pkgname" # for backward compatibility
provides="gpgconf=$pkgver-r$pkgrel" # alternative package name
amove usr/bin/gpg-connect-agent
amove usr/bin/gpgconf
amove usr/share/gnupg/distsigkey.gpg
}
gpgsm() {
pkgdesc="GNU Privacy Guard 2 - S/MIME version"
depends="$pkgname-gpgconf=$pkgver-r$pkgrel"
replaces="$pkgname" # for backward compatibility
amove usr/bin/gpgsm
}
gpgv() {
pkgdesc="GNU Privacy Guard 2 - signature verification only"
depends=""
replaces="$pkgname" # for backward compatibility
provider_priority=100 # highest (other provider of cmd:gpgv is gnupg1)
amove usr/bin/gpgv
amove usr/bin/gpgv2
}
lang() {
pkgdesc="Languages for package gnupg"
depends=""
install_if="$pkgname=$pkgver-r$pkgrel lang"
replaces="$pkgname" # for backward compatibility
amove usr/share/gnupg/help.*.txt
}
scdaemon() {
pkgdesc="GNU Privacy Guard 2 - smart card support"
depends="gpg-agent=$pkgver-r$pkgrel"
replaces="$pkgname" # for backward compatibility
amove usr/libexec/scdaemon
amove lib/udev/rules.d
}
_wks_client() {
pkgdesc="GNU Privacy Guard 2 - Web Key Service client"
depends="gpg=$pkgver-r$pkgrel gpg-agent=$pkgver-r$pkgrel $pkgname-dirmngr=$pkgver-r$pkgrel"
replaces="$pkgname" # for backward compatibility
amove usr/libexec/gpg-wks-client
}
_wks_server() {
pkgdesc="GNU Privacy Guard 2 - Web Key Service server"
depends="gpg=$pkgver-r$pkgrel gpg-agent=$pkgver-r$pkgrel"
replaces="$pkgname" # for backward compatibility
amove usr/bin/gpg-wks-server
}
# Must be the last!
utils() {
pkgdesc="GNU Privacy Guard 2 - utility programs"
depends=""
replaces="$pkgname" # for backward compatibility
provider_priority=100 # highest (other provider of cmd:gpg-zip cmd:gpgsplit is gnupg1)
amove usr/*
}
sha512sums="
f472e5058ea9881355f0c754a47acd0b5360c36e8976b8563dbc763a7cef792bf88227cc15fe5172d3e9bb9fc34d8448dd5c183949031e91a1997cc7f0f83b55 gnupg-2.2.41.tar.bz2
c6cc4595081c5b025913fa3ebecf0dff87a84f3c669e3fef106e4fa040f1d4314ee52dd4c0e0002b213034fb0810221cfdd0033eae5349b6e3978f05d08bcac7 0001-Include-sys-select.h-for-FD_SETSIZE.patch
0e2aef4ae5c43c43efe2c914534d73f8f7068b49b5826b1f999296c30395497c4af121e4e99152ff7b43dcf56d1792cd46aea5158ca48597d6e0fca6d7358711 0010-avoid-beta-warning.patch
18004e52925b1f03e67a29a3d43b39e8119cf3426cdad4136824b932ad906ac499b4ceb3d7573177a9f16410d3b80c8f0e4bcdc54dd284f3f803a2cef609ad01 0020-avoid-regenerating-defsincdate-use-shipped-file.patch
7c9f38ce480c5f6d06330c9b1fcfe9b32cac2b0b28695beec4e94e48508cf45a4f56ce406abfee795de11ed973598e8544440c3dfc0670cdeb37e27ca1e6caf0 0110-avoid-simple-memory-dumps-via-ptrace.patch
6bc5ac393a72432ef09a31f524db973677fd730166457b881b88e6fad7536ac4fe8cceeed324b578125b9fd4d871645ae9c43c01b3563e00a146e8f835336ac3 0210-dirmngr-hkp-avoid-potential-race-condition-when-some-host-die.patch
f4778aa2ec8a971ee700114b43b0446425b86459e4b21fd9b534f51de46a7ac9cfd21d79470b422a385e2a0244c54a5fb482ab76b4861f101745f77646f6f483 0220-dirmngr-avoid-need-for-hkp-housekeeping.patch
1c38b039950fa9733e9584ac61d52e12aad56489d7f3aec396b2528d0bf41729971d3fe9b4d04d50595a2a954181892ed1ec93f1b7ade24e4da26744d78598fc 0230-dirmngr-avoid-automatically-checking-upstream-swdb.patch
c4488de65913167a77fbc1c8d3a8867d15171c6021490e443ca0faddcb2109fff23f7f49c9a8922d1acd1e435530fc8a4bafb71f441d3cdf38618d3a113cf7e8 0310-gpg-default-to-3072-bit-keys.patch
00dac445ba9f1c4c7e6078a8068e62e13e05c5b22e1d84b915f6f353eba55c4b172c6ea735f3bb551af0d6073652d3b6f0cafdfb1d6afb309626a7642775416f 0320-gpg-default-to-aes256.patch
9e6c109f6617b4abb7a9d8abd4c8d128247dd21915bf7a75bb6a9f5b6da2a9d4dcee27147db3f88de79e4cb2621222ae62d95c0ce115658ef39bcd01587b5f82 0330-gpg-default-to-sha512-for-all-signature-types-on-rsa-keys.patch
462af7b1e530e00d3870062666ef427d6df57ee8358b043c06fb8b7b54e50891fc8a49beeaabe45d1822d222ffc47da624798ceb8889a02e38ce85612453bb8b 0340-gpg-prefer-sha512-and-sha384-in-personal-digest.patch
0e4d5d29de5279bda4e8b69334c664068404e697ad9e62868389ef1d97bc1a18d80e834d2d2e8147e0f537a81e6f3b360f18e1a958304a2cc2659c29e68c517a 0410-make-gpg-zip-use-tar-from-path.patch
ac2199f2b49af1c0211ff6f7e441f0f7779d6101c2136f2d7cab0001d260598e4f2f07111aa478dd210a05385daa1f6aec77d9b0de3e379371433b0c82035855 0420-gpg-drop-import-clean-from-default-keyserver-import-options.patch
28cba87121c66b1bbc90bb0f3ca8c69ff19376243854577a4d24afa4a3d4a4b8a952a3a7bbecc200058b6f722cfcd4fc72d5630c822f78ef3fc819f972798e34 fix-i18n.patch
4bfb9742279c2d1c872d63cd4bcb01f6a2a13d94618eff954d3a37451fa870a9bb29687330854ee47e8876d6e60dc81cb2569c3931beaefacda33db23c464402 60-scdaemon.rules
"
|