# Contributor: Sören Tempel # Contributor: Jakub Jirutka # Maintainer: Natanael Copa pkgname=gnupg # Upgrade to LTS versions only. pkgver=2.4.3 _ver=${pkgver/_beta/-beta} pkgrel=1 pkgdesc="GNU Privacy Guard 2 - meta package for full GnuPG suite" url="https://www.gnupg.org/" arch="all" license="GPL-3.0-or-later" depends="gpg=$pkgver-r$pkgrel gpg-agent=$pkgver-r$pkgrel gpg-wks-server=$pkgver-r$pkgrel gpgsm=$pkgver-r$pkgrel gpgv=$pkgver-r$pkgrel $pkgname-dirmngr=$pkgver-r$pkgrel $pkgname-utils=$pkgver-r$pkgrel $pkgname-wks-client=$pkgver-r$pkgrel " makedepends=" autoconf automake bzip2-dev gettext-dev gnutls-dev libassuan-dev libgcrypt-dev libgpg-error-dev libksba-dev libtool libusb-dev npth-dev openldap-dev pinentry sqlite-dev texinfo xz zlib-dev " install="$pkgname-scdaemon.pre-install" subpackages=" $pkgname-doc $pkgname-lang::noarch $pkgname-dirmngr $pkgname-gpgconf $pkgname-scdaemon $pkgname-keyboxd $pkgname-wks-client:_wks_client gpg gpg-agent:_agent gpg-wks-server:_wks_server gpgsm gpgv $pkgname-utils " source="https://gnupg.org/ftp/gcrypt/gnupg/gnupg-$_ver.tar.bz2 0010-avoid-beta-warning.patch 0020-avoid-regenerating-defsincdate-use-shipped-file.patch 0110-avoid-simple-memory-dumps-via-ptrace.patch 0210-dirmngr-hkp-avoid-potential-race-condition-when-some-host-die.patch 0230-dirmngr-avoid-automatically-checking-upstream-swdb.patch 0330-gpg-default-to-sha512-for-all-signature-types-on-rsa-keys.patch 0340-gpg-prefer-sha512-and-sha384-in-personal-digest.patch 0420-gpg-drop-import-clean-from-default-keyserver-import-options.patch emacs-easypg-fix.patch fix-i18n.patch HACK-revert-rfc4880bis-default.patch 60-scdaemon.rules " # secfixes: # 2.2.35-r4: # - CVE-2022-34903 # 2.2.23-r0: # - CVE-2020-25125 # 2.2.18-r0: # - CVE-2019-14855 # 2.2.8-r0: # - CVE-2018-12020 prepare() { default_prepare # tries to mkdir -p setup.scm/tests but this is a file? rm tests/gpgme/setup.scm autoreconf -vif } build() { ./configure \ --build=$CBUILD \ --host=$CHOST \ --prefix=/usr \ --sysconfdir=/etc \ --mandir=/usr/share/man \ --infodir=/usr/share/info \ --localstatedir=/var \ --disable-nls \ --enable-bzip2 \ --enable-tofu \ --enable-scdaemon \ --enable-ccid-driver make } check() { make check } package() { make DESTDIR="$pkgdir" install install -Dm644 -t "$pkgdir"/lib/udev/rules.d/ "$srcdir"/60-scdaemon.rules cd "$pkgdir" # install compat symlink ln -s gpg usr/bin/gpg2 ln -s gpgv usr/bin/gpgv2 # Remove docs for systemd-user rm -rf usr/share/doc/gnupg/examples/systemd-user # Remove gpg scheme interpreter - an internal tool used in gpg tests rm -rf usr/bin/gpgscm } _agent() { pkgdesc="GNU Privacy Guard 2 - cryptographic agent" depends="$pkgname-gpgconf=$pkgver-r$pkgrel" replaces="$pkgname" # for backward compatibility amove usr/bin/gpg-agent amove usr/libexec/gpg-check-pattern amove usr/libexec/gpg-preset-passphrase amove usr/libexec/gpg-protect-tool amove usr/share/gnupg/help.txt } dirmngr() { pkgdesc="GNU Privacy Guard 2 - network certificate management service" depends="$pkgname-gpgconf=$pkgver-r$pkgrel" provides="dirmngr=$pkgver-r$pkgrel" # alternative package name replaces="$pkgname" # for backward compatibility amove usr/bin/dirmngr* amove usr/libexec/dirmngr_ldap amove usr/share/gnupg/sks-keyservers.netCA.pem } gpg() { pkgdesc="GNU Privacy Guard 2 - public key operations only" depends=" $pkgname-dirmngr=$pkgver-r$pkgrel $pkgname-gpgconf=$pkgver-r$pkgrel $pkgname-keyboxd=$pkgver-r$pkgrel " replaces="$pkgname" # for backward compatibility provider_priority=100 # highest (other provider of cmd:gpg is gnupg1) amove usr/bin/gpg amove usr/bin/gpg2 } gpgconf() { pkgdesc="GNU Privacy Guard 2 - core configuration utilities" depends="pinentry" replaces="$pkgname" # for backward compatibility provides="gpgconf=$pkgver-r$pkgrel" # alternative package name amove usr/bin/gpg-connect-agent amove usr/bin/gpgconf amove usr/share/gnupg/distsigkey.gpg } gpgsm() { pkgdesc="GNU Privacy Guard 2 - S/MIME version" depends="$pkgname-gpgconf=$pkgver-r$pkgrel" replaces="$pkgname" # for backward compatibility amove usr/bin/gpgsm } gpgv() { pkgdesc="GNU Privacy Guard 2 - signature verification only" depends="" replaces="$pkgname" # for backward compatibility provider_priority=100 # highest (other provider of cmd:gpgv is gnupg1) amove usr/bin/gpgv amove usr/bin/gpgv2 } lang() { pkgdesc="Languages for package gnupg" depends="" install_if="$pkgname=$pkgver-r$pkgrel lang" replaces="$pkgname" # for backward compatibility amove usr/share/gnupg/help.*.txt } scdaemon() { pkgdesc="GNU Privacy Guard 2 - smart card support daemon" depends="gpg-agent=$pkgver-r$pkgrel" replaces="$pkgname" # for backward compatibility amove usr/libexec/scdaemon amove lib/udev/rules.d } _wks_client() { pkgdesc="GNU Privacy Guard 2 - Web Key Service client" depends="gpg=$pkgver-r$pkgrel gpg-agent=$pkgver-r$pkgrel $pkgname-dirmngr=$pkgver-r$pkgrel" replaces="$pkgname" # for backward compatibility amove usr/bin/gpg-wks-client amove usr/libexec/gpg-wks-client } _wks_server() { pkgdesc="GNU Privacy Guard 2 - Web Key Service server" depends="gpg=$pkgver-r$pkgrel gpg-agent=$pkgver-r$pkgrel" replaces="$pkgname" # for backward compatibility amove usr/bin/gpg-wks-server } keyboxd() { pkgdesc="GNU Privacy Guard 2 - keyboxd manager" depends="" amove usr/libexec/keyboxd } # Must be the last! utils() { pkgdesc="GNU Privacy Guard 2 - utility programs" depends="" replaces="$pkgname" # for backward compatibility provider_priority=100 # highest (other provider of cmd:gpgsplit is gnupg1) amove usr/* } sha512sums=" 193a9398445272ec3eb5b79e802efb7414f74bcfffc3db0bf72c0056e04228120c419ed91db168e5733a16a33e548bab5368dd9cf11ecd483825bce189341a1e gnupg-2.4.3.tar.bz2 0e2aef4ae5c43c43efe2c914534d73f8f7068b49b5826b1f999296c30395497c4af121e4e99152ff7b43dcf56d1792cd46aea5158ca48597d6e0fca6d7358711 0010-avoid-beta-warning.patch 18004e52925b1f03e67a29a3d43b39e8119cf3426cdad4136824b932ad906ac499b4ceb3d7573177a9f16410d3b80c8f0e4bcdc54dd284f3f803a2cef609ad01 0020-avoid-regenerating-defsincdate-use-shipped-file.patch d77a230e099ac26cf70acf4bf5c4a8446460f677857818027c16fd029292c249a24f31f7073e0388757cf567656e416b7f91af3bba62a85a2ffbdcf985c5050c 0110-avoid-simple-memory-dumps-via-ptrace.patch 54d6b805ad89b384df140e1dc7c4ecd6703bf317fb97834026458fab92f3f0f4f426f0da86c0fbfe102bb1304a489d15ea2e728d5f97d4f0c9bf14cc30cb8c23 0210-dirmngr-hkp-avoid-potential-race-condition-when-some-host-die.patch 1c38b039950fa9733e9584ac61d52e12aad56489d7f3aec396b2528d0bf41729971d3fe9b4d04d50595a2a954181892ed1ec93f1b7ade24e4da26744d78598fc 0230-dirmngr-avoid-automatically-checking-upstream-swdb.patch 1afea38e6fe3206be1cc2b2bc1410753aba9bc1e1370da76e711f7107924fc169008e1fba15117e0c5b244d71146e86c49ce0d816ce49a50b2452159144e1893 0330-gpg-default-to-sha512-for-all-signature-types-on-rsa-keys.patch 462af7b1e530e00d3870062666ef427d6df57ee8358b043c06fb8b7b54e50891fc8a49beeaabe45d1822d222ffc47da624798ceb8889a02e38ce85612453bb8b 0340-gpg-prefer-sha512-and-sha384-in-personal-digest.patch 0c1c44932e47ded65d412c48f859f1615a896ae1dd0a9e0e46fd491f3a25adc80e29fe12e329c3f541a60729cdf82330e81ab7bb7cacf1ddc6a9701a38bbbfaf 0420-gpg-drop-import-clean-from-default-keyserver-import-options.patch 1dc8f88db36ff74eb0cf58e2c1b416b3200fae5892903f7dbad665a6b794c27f86959e467174774beebdedc26fb4d30ac2ade92633f7a49388c5aa8d3c9b0c93 emacs-easypg-fix.patch 28cba87121c66b1bbc90bb0f3ca8c69ff19376243854577a4d24afa4a3d4a4b8a952a3a7bbecc200058b6f722cfcd4fc72d5630c822f78ef3fc819f972798e34 fix-i18n.patch eeeab08c22844ee364a64d7b772f0e42e5404428aaf37ef2504f043d7a69d1d3b32a34c680c413756ffb419733f23cea16172a6a611986c70bbffc801d071de8 HACK-revert-rfc4880bis-default.patch 4bfb9742279c2d1c872d63cd4bcb01f6a2a13d94618eff954d3a37451fa870a9bb29687330854ee47e8876d6e60dc81cb2569c3931beaefacda33db23c464402 60-scdaemon.rules "