diff options
| author | V3n3RiX <venerix@koprulu.sector> | 2025-01-26 06:49:21 +0000 |
|---|---|---|
| committer | V3n3RiX <venerix@koprulu.sector> | 2025-01-26 06:49:21 +0000 |
| commit | 3e90fd411cb5f48da3f2487a4ea0efcbee2bfa08 (patch) | |
| tree | 7c9660a764d1acdb90fea6ec5c4f6807eaebaf4c /app-crypt | |
| parent | 4dec849539ecb0ceab14d66af84960f01b9a284c (diff) | |
gentoo auto-resync : 26:01:2025 - 06:49:21
Diffstat (limited to 'app-crypt')
| -rw-r--r-- | app-crypt/Manifest.gz | bin | 25056 -> 25060 bytes | |||
| -rw-r--r-- | app-crypt/gnupg/Manifest | 15 | ||||
| -rw-r--r-- | app-crypt/gnupg/files/gnupg-2.2.42-bug923248-insecure-backup.patch | 292 | ||||
| -rw-r--r-- | app-crypt/gnupg/files/gnupg-2.2.42-dirmngr-proxy.patch | 156 | ||||
| -rw-r--r-- | app-crypt/gnupg/files/gnupg-2.2.42-gpgme-tests.patch | 39 | ||||
| -rw-r--r-- | app-crypt/gnupg/gnupg-2.2.42-r4.ebuild | 184 | ||||
| -rw-r--r-- | app-crypt/gnupg/gnupg-2.2.43-r1.ebuild | 181 | ||||
| -rw-r--r-- | app-crypt/gnupg/gnupg-2.4.5-r1.ebuild | 192 | ||||
| -rw-r--r-- | app-crypt/gnupg/gnupg-2.4.5-r2.ebuild | 197 | ||||
| -rw-r--r-- | app-crypt/gnupg/gnupg-2.4.7.ebuild | 4 |
10 files changed, 3 insertions, 1257 deletions
diff --git a/app-crypt/Manifest.gz b/app-crypt/Manifest.gz Binary files differindex 0e9d71752041..bb76b75c2c34 100644 --- a/app-crypt/Manifest.gz +++ b/app-crypt/Manifest.gz diff --git a/app-crypt/gnupg/Manifest b/app-crypt/gnupg/Manifest index 430666797c51..ef1f491e7979 100644 --- a/app-crypt/gnupg/Manifest +++ b/app-crypt/gnupg/Manifest @@ -2,9 +2,6 @@ AUX README-systemd 2275 BLAKE2B ea3e1bc3f9f0e21c40dbd9b8f4f919b2ff15962145383400 AUX dirmngr.service 212 BLAKE2B 7a3af856305eb4b00929aaf029dd4e5c84376df4f30add76976b9b058addf6fc4d8c39335fc83d11493ea9d8a40f0510dbac8572b99a8c8b9b3a4eca8e585774 SHA512 f0804b1365f1c1a8d9b22a1aaa569145031b4579d1b96ee5964964e08fda73cbcf662cfb64f64c5bafb383a81ed28f158aa60cd997a82ff5117db753c5587a07 AUX dirmngr.socket 204 BLAKE2B 7cf60bfd5eaf1809e0a0eb86efaa8f7f07681e351e9c0cf12127f8b29bd4f989f5fee159e7978343d45112945483b3e7b72ea9c085d00f7ee3bc0480b269b36d SHA512 9495cdc61a9cca3156d4739e5f72c2f7d3a80e45030f1a5ae14cba7f9de98ef7fabd8d40eb18eb8824b792ed03c566e317d36183372cd4245b8bd86b6167d4b5 AUX gnupg-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch 1048 BLAKE2B 36f37b74da309100191f4d8f9c27d08a1b00d2d30fbaf169dbb74ebbe42293357a4fb62332e286fe5725dcfdc30645a602dc2a51c51924b06215b68fd5235658 SHA512 fd12827150e96cd7979ea9611d64ed4ab9e6c61cfecdd697b8fb4d162f20985b734c2bfc365a921809b9029e86a85a9b36c10ec472b3dd49c25ea18f5aef56ce -AUX gnupg-2.2.42-bug923248-insecure-backup.patch 12385 BLAKE2B af374b2038a6d8628922e433f26dee2cc66c9e031d871947e2a44586cf2183d8a7bc365f1f0cc0cde552eb176d5f580b3aaab5e4a551d0652f10096c5150aa43 SHA512 1dc123f120d95ae77b52b3869bf7abfcaf0cfbfe732f691663b472a6e9bdd20502280527585dda81da4bd03e8194bdd5e72cc2111f24ccf2ce9e476fe474d4cf -AUX gnupg-2.2.42-dirmngr-proxy.patch 4882 BLAKE2B 1dbe7221ce82024d93cb7e41cb675cd4f159e34f26126cf7ce56e59115548919c3df4b38ff017540734886af3bc516307f92cb66c3b0aa66ce0181215422e516 SHA512 fa920e0d16da4bb689664a0a7d1e851317be387e9acdc7bf79970195408e498452e8c19eb548e3397aa147a1881af1ad1e9689e40046f3ce3ea81654d6e0d2c7 -AUX gnupg-2.2.42-gpgme-tests.patch 1214 BLAKE2B f83ed690099a7151d9b8144a112c14a809e120309ebb2283bf835e37c91e18566e3d6f1b7f8d6fbd5977424a19110923196a6495f22cddfa5cc6893be6c3b720 SHA512 1fb8767b06ab1d32711275c1efca47b802cc58e7f0b04d754f3b4138e81b4bb011965e9919b3e24d3b20046b31df3f615770054a98bc61971257bd7f77bbc184 AUX gnupg-2.2.45-fix-status-output-LISTTRUSTED.patch 1122 BLAKE2B a906fb9414a7635c44406c0256867e2384f57c58034af0a4bef4035cd11992a0e880e43047fa0f2c3a25ab17de0924f168a99697a1bff255b15264509eba3441 SHA512 a71ea3cd79dc37c0ab3c8e44656d65c463ac817417c93807e76e7a52dfb33cfa61df545aff6104c81549e2570d064df58de2de849a13f8887704adbea8e520b2 AUX gnupg-2.4.5-revert-rfc4880bis.patch 6701 BLAKE2B 10fd21ba49183ffd1cde6d48deeccdfb368bdb8da95c14f5cb64589f5376ad31a43e7f37dfc4ca726ae7939275a06eb5d6082627ca20699a62e1914538adb2e8 SHA512 04b4b235261991f1365772ba9920cc16a3320609162ad81c188cbeb533f1347b8e2e5d67b7a1d87e67b9fbe1fec35524bc030484b87abb1892d135976b1b95fe AUX gnupg-2.4.6-c99.patch 733 BLAKE2B 23ea109c09424f9d44e3ad0957ab080f931ef5345c64403436ceea8d01179c7ef097c915ccfb52d78535f4318d1d868e809bab01fb17056c2bda94d9a1a418ce SHA512 5cd7cf8ac52447abfd01efe1c8898bdec5abff72062feb41c12389e5fc703caaa825c9ea5395e0180b5a57fe5464e4ac79fe80475083b4b91fda5487c63832c9 @@ -13,26 +10,16 @@ AUX gpg-agent-extra.socket 281 BLAKE2B 2b8edd4454fece75535e84a2ee7daffa764395a99 AUX gpg-agent-ssh.socket 308 BLAKE2B bacd09131082ee4bd440568b68065fb148c90a620e6628796bb9f3a2957a13860d15ce548e39ce10bc8749ebeabd7dcd0e893db49df295c9126078fc3de76619 SHA512 202bc5c9c7f9c4e97f53626c906ea455d6d4497cc03272c52f7b653cb5d5dc23850b85f939b88d04bbe70e309ad007415401298c9d04cb9b60329ad9e550e93d AUX gpg-agent.service 223 BLAKE2B ad71d7fab2a92a8da454c34884b5724e94adc0925a7f97f062fb7b78ed3ec87e5babb6383e755c943afd16bf61789ba83455dc2baf82ce248c1c4622ff87e364 SHA512 4a5cde9185fcc34b62880c2e80717075838ef35e63e361d81e329b2b6eb92d69f26f11669722c66653091b36c42bf678abea10e5fc9327ecee2070d0ee51ef25 AUX gpg-agent.socket 234 BLAKE2B 622da5cb56ac2bba99054b9eecefc95aca523074aff24f77d1fb1fcdb94c1ad99c0411375816a0ac1b9f68d172207ed5061bc3afc167d0d1e3e57de1b41f19ee SHA512 551df5183fccc261505983880010c5be7135a9858d74354723f947163b101b2859ebdfd529f8c3746770394256afedc219ea0eb2df5c985be48f5f45430ca541 -DIST gnupg-2.2.42.tar.bz2 7434291 BLAKE2B 5f7f01f31949e5258d638fbff81fa641e5c167e6eaf32c55eb187d4a31b31cd4fe6e51c622e74d8544c4f95c75484e15117f26a8cf26055ff6813d75e54f2b8a SHA512 9c59d034f428d42323b5520e1a8984acc1505ba1d96d90f00e17b24aa91660b2dc64e1a3ceb044c56f39b4c402a77c7e0b226c65218c23c094781b4ef51e2eb5 -DIST gnupg-2.2.42.tar.bz2.sig 238 BLAKE2B 251ad0a832042ceb93b0edfda8652104bfb463e291322f22f0ab0d9b35606c3589be7a6f3e9e2aac8f6ac368a7d11840ab83b29997587dc65685de9f2dec3fee SHA512 7073bfc920c571680a1de57b4e6cd83cde24ccb3b5f592602b0c32fd762eef497027b08745044c9f41130ca99bb7ec77222568c2d0a1099d3c1c15137e0221d7 -DIST gnupg-2.2.43.tar.bz2 7435426 BLAKE2B ddf5c89d317e6ce8d1a5348f0ef81ffa1c61c995ddb312b28410f04502b01eae307cd943bee7182d28d4efccac394c91053f8e33756b00166bf66b2bf4a791a7 SHA512 0d2e733b6659c116c043db5252de4de33d6a70c16172d1fe9b779ba413ba9fcb64bbfdcc4686d0e87904561fc62d1aa765144e0586957a500287c175ee37bd49 -DIST gnupg-2.2.43.tar.bz2.sig 119 BLAKE2B 38fd3790f5065d67d6b5323ef7abbb79facf00e5b9daba98e5078302fc3887423173ba434c7eff1e64faecef88d87aab9c057c570d6e96e8d0808f07f32d8fa1 SHA512 47c5354869b1825e56fa4276826fcde1ee41c70aab9b411686cf2733f4d1df9c006049e49e066b22e475bd37b337f9ffc97f8bbca0c62c0f32296909464a0643 DIST gnupg-2.2.45.tar.bz2 7447141 BLAKE2B 8fe2036325e31332166c0477ce9514152c8417a9f61b3edc43487340d5b52e6a4d4c2b104ca9fe7ce6893e6d2977e2cd9c9ccfb52c0b1ea18dae3304ec6ec7f3 SHA512 086bb2a96ff4a681451b357495c8b435229e6526e1121d8faee3cb2ecc9c14965c92c9b1ccbbf3a03f6c59c215cca85a5c4f740f2df7c008a9fa672b370bf33c DIST gnupg-2.2.45.tar.bz2.sig 119 BLAKE2B 6656747b2d640a95c4172a221952fa75f7d03c231b7c6d40ea57b43a5bcfbceb800023ca2f352ca09325aaf186a7bf31fcfe7104129c5d6628f0e1256994df76 SHA512 181195a76eede8113bd8f2a7f5bc20674226f6327cf8263389e3d178c205ed2d817b28f2d3b504dd9f852f22fc283d2c14e809ba1c05cfe88b66103845ff114c -DIST gnupg-2.4.5.tar.bz2 7889060 BLAKE2B a8b80cd4dfbb377066efb5c9f1b6cdc6d0cd1b18358c962781b5c06de1545117b13038a4655ae627c36bfd2e5fee127692df8729d6b23e1b31051ab6d897b733 SHA512 4d54744f09399c5899144d0cb5fdc2756e45b058db41b9ea9df3be03e80b914509e16ef35aa0248e7561185b80f7a5f9fd6afcab8ccff75ff82ed555448a38ff -DIST gnupg-2.4.5.tar.bz2.sig 238 BLAKE2B b236e7d62f49c8385f4fb81389bf10715d9c0a0cb5c0b4c20fb6ff1465d05a3c3657061284db23af988a1ca16c9fa393af3ce5cbd27934501eb41a4f448fff0a SHA512 5a06970e499d1eb5213b142a8a182e46f5f21b7cb32785a9e5069378797c124e151ce74727382003820042d60fd7a2f909143f44aa9ef282605875e1cab04aef DIST gnupg-2.4.6.tar.bz2 8011304 BLAKE2B 3b0deb3da1ec404e8f0aa50c424c7072727f933228de732d661a17ca15785b7430700e7b88afba69538f9794863cb218c90ae3d43469541fb9152fbabd3bc909 SHA512 192ae6cb18547e9c5fc4263dc968b548c1ce563ceb8cc2e651b264d4e5afa1cd99a2c1cdd80906faf5e0b0ca99cef76e003b1f7e73238f311a74a1de6c35b5cb DIST gnupg-2.4.6.tar.bz2.sig 119 BLAKE2B f22b9488a46e585eaa4ed6434c37603756de2a0136a6e8a44d974304d31299f64dee5065a0c1f8ed6aff24555e369ffa213558027698a7e7b2244cef7c9eff76 SHA512 699f99d5aedbb1adef0fc46fbfb4184996ebaeb08e3c5a4d64195cd14e628a17a234ff9d990ad63c32119cbab24bcba802590eaf69f030a0a0addf9928172221 DIST gnupg-2.4.7.tar.bz2 8010244 BLAKE2B 4cdc6be4330b0c8f150d9d1a9ce9c7d34232ecf9b980b15fbd20e96ff6fcd8665688456d66f1c862b816472034eaa0796444357b1f36e75e8520a603a0e6b298 SHA512 3e84f1679904bf0efb789df6466e468bd2be9149d52561f35e2380038133479bebf1c61ee7adf6d3564b370915f32111098c052be6e6acaf3083a807f9f36019 DIST gnupg-2.4.7.tar.bz2.sig 119 BLAKE2B e97012f433c2818dda953ccaa2f5e8e94492b306a7815b16d7a9f8bf165f11972114d94a1aaba6156baed0ee3566ad998ed74a9521c71464268f4c6f8f14306c SHA512 d944a57b21fa7a4058fb4f00e3c164220be038037010a07a43e48c881dd66d901f8ea249f5df183a1c7de811ecc3aa9ed1591c18baf201e338129eb7e28bddc4 DIST gnupg-2.5.1.tar.bz2 8126739 BLAKE2B 46955d2eebe14395adc0fdf81e89a32f3f9baaabfe1eee78f256a1fab25ce6fdb96b873678cfeb5e4abf4894c7ab4908359ed04cc6571ff442dcc5325b3ccd66 SHA512 733a11ff24145e23dd7d34d954a70c25bf70ecb1d517b8e15cc34bf690786c9f7007e4e99cde573500ac012852e91b29568fed00491f8c8254b3fb63ca5777cd DIST gnupg-2.5.1.tar.bz2.sig 238 BLAKE2B cd024a63ecb82a12e92444cbff8dbc9bef6a4e436d59957aae77927cce0baf9e282e63df7a5159a521c7c8694a0dbe96d6537ad3ec5f779c7c0dea8d02b5e70d SHA512 8ffd5cc72a2907972bf1854e804f6c215ff66ba2d6e91952700f49b2b5ba8bab035d0f42efdb0d3c3166301cda6e716394928bdd9c0d0d1e1789a02c7aa1a926 -EBUILD gnupg-2.2.42-r4.ebuild 5703 BLAKE2B e3b01ff2397a38d7062799195fc52c969d0ac117211eb385c13280211a5e0c7467fe158e1fcc958afda9745c0a9b9ef482d21d4d8809de14ebefddcd089fa6ba SHA512 80845654342a6f301d80e7c22e9efd8531fbdc3cb989c99421ccc2bdc532f79983b4d44088558cfbf2a941869f2bd83c587c262d141851be43b5e15e01ddb0d0 -EBUILD gnupg-2.2.43-r1.ebuild 5573 BLAKE2B 2fb3e5977f4f1828ba87b88100622b84e6c48e892e97e49e65456bfe97d9a8b4f19d5c0b53804eaa8f5a2a8cae3a256478c3b509da77aefb0e9835af3871ba30 SHA512 c6e3532520d1945046e08cef686691ae3efc21e9b2e6a7bf3a7c8e0c24d69130fde03ff6c8336ecd92bb7018bcda5555dd0c9f4332efffcfca1200ae9c039936 EBUILD gnupg-2.2.45.ebuild 5637 BLAKE2B 419a69833e7ce217ee88f66ada8d8f1f486300759cb166cd6e9e3c7a86b800929490b17867f99e2abe9fefb26c8fe9843772f6bcef98759d2f0e2b2a5b948b08 SHA512 8a9757b3c5bbd70d1d19cc097aa4e1d3a51a77cbcb73087e5edc1f4d2be55163327fc95fe2ca19fb61cd0201c050f1af32ac8d3f90d27d8c678992ded72e959c -EBUILD gnupg-2.4.5-r1.ebuild 5894 BLAKE2B a235df7b022acf9bc4d11fa566b7edf39f60dd865802685f5bf68e6df76913589691476a2d48a885816e8aecc2112de14508e44882e43dd3bbefdedd54385a14 SHA512 f621e0a6227862acdab31bb5902e235b8fd5c3e3908be747d5680957d0d55ad5b92ba6a7e2436d1902cd304a40a62fdca8236e67563624bce0b4d683c0364d9b -EBUILD gnupg-2.4.5-r2.ebuild 6119 BLAKE2B 2f414a0dfe969c750e09ceacde25805ed8b04cb9ae9630b2731da6473796ca77dbb76bd555198350dd6b837f3cd14f7019a75b63ba05f1f0366dc544747f4ce4 SHA512 04ca8526ddc38c858f50c233568c28111f90c6ae222663eebc5ffcfa3852ee5397eca28fbf73324e771855060dd74792b97eac51c64d79edd2ccb3eb35c3c8f0 EBUILD gnupg-2.4.6-r1.ebuild 6100 BLAKE2B 4677e8ddd1b06ab6bc6e0ed055df9b4b4974981d50ffc696a366333ea78ef4d8bfc4503b1b2b2de2ce810a9c17f92d84adb374741132debc9ccc094e00533e6d SHA512 7d43256d7d0b64742955fa0bdc9200c0262adf37b0bfb403e1c6573d5708402560d41fa4e2c9005f25013421df8a59e20d536c580857bbf4bcd89f0d62503eff -EBUILD gnupg-2.4.7.ebuild 6071 BLAKE2B 60a0f547d426102d9670adfa258aaedf439a5ef5fc1587200c4233df859174959631c964408780ca7791f4421e9a566c08fa18bef6038c76d321ac2f4a5e5082 SHA512 f0cfd30a7c16f40bd83b72d68578a51d578f62eae82b08d4bb7610663a2683ba535a30b7abc576770f5569700d48f5b275a19a4a1fe676c10c22367e5b748782 +EBUILD gnupg-2.4.7.ebuild 6065 BLAKE2B 2402842e58f055c074aac09616d3d6eaad442820fbc1120688a4723661623fbde946183726ee1cbce02f1a7a97368854e2d2f74318063e6c8ef658e86ffc3068 SHA512 3d7ca8e7de8d969c91394a6780e0b3f5c4d8d4d814ad6c638355aaa08a485f3beee6b399757d4d3ecb1e81522283b22f32e8c242c7766c9f454c6468693fd34c EBUILD gnupg-2.5.1.ebuild 6087 BLAKE2B 489d00a348d323809439f838e90e344db63aa5185c089d2ef743469a5867ea06b5ba0ab97005bfef30f5957edb7f213501d2f692774bf9458c3afcbd167a8208 SHA512 e744fe7b322c16c4d842fb553a5129abc482bcb8846121c92be7d3bbc3139ee546dde281fc2645ec6413dd8b9fd0bbb77630f7fa6fe0cd6a2de524195517ac2b MISC metadata.xml 1189 BLAKE2B dae783678abfe0bae095970d96d952f591a569debad411708d29a2f128c6a291b73a33ee0b3491a6a5ec44c11f56d33c1531022e0ef9eaad3326c9cd0f79e3fb SHA512 bc7d6a9ceda213c134d9afc527fe0b0c87a4886a171b7a1e1f662f3978fec5e71323bae4c9f3882e1d763d5738446f161265070a8e513a59fa62ef0f792e9fa5 diff --git a/app-crypt/gnupg/files/gnupg-2.2.42-bug923248-insecure-backup.patch b/app-crypt/gnupg/files/gnupg-2.2.42-bug923248-insecure-backup.patch deleted file mode 100644 index 76d6d94c40b1..000000000000 --- a/app-crypt/gnupg/files/gnupg-2.2.42-bug923248-insecure-backup.patch +++ /dev/null @@ -1,292 +0,0 @@ -https://bugs.gentoo.org/923248 -https://dev.gnupg.org/T6944 -https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=3b69d8bf7146b8d10737d0cfea9c97affc60ad73 - -From 3b69d8bf7146b8d10737d0cfea9c97affc60ad73 Mon Sep 17 00:00:00 2001 -From: Werner Koch <wk@gnupg.org> -Date: Wed, 24 Jan 2024 11:29:24 +0100 -Subject: [PATCH] gpg: Fix leftover unprotected card backup key. - -* agent/command.c (cmd_learn): Add option --reallyforce. -* agent/findkey.c (agent_write_private_key): Implement reallyforce. -Also add arg reallyforce and pass it along the call chain. - -* g10/call-agent.c (agent_scd_learn): Pass --reallyforce with a -special force value. -* g10/keygen.c (card_store_key_with_backup): Use that force value. --- - -This was a regression in 2.2.42. We took the easy path to fix it by -getting the behaviour back to what we did prior to 2.2.42. With GnuPG -2.4.4 we use an entire different and safer approach by introducing an -ephemeral private key store. - -GnuPG-bug-id: 6944 ---- a/agent/agent.h -+++ b/agent/agent.h -@@ -422,7 +422,8 @@ void start_command_handler_ssh (ctrl_t, gnupg_fd_t); - gpg_error_t agent_modify_description (const char *in, const char *comment, - const gcry_sexp_t key, char **result); - int agent_write_private_key (const unsigned char *grip, -- const void *buffer, size_t length, int force, -+ const void *buffer, size_t length, -+ int force, int reallyforce, - const char *serialno, const char *keyref, - const char *dispserialno, time_t timestamp); - gpg_error_t agent_key_from_file (ctrl_t ctrl, -@@ -548,6 +549,7 @@ gpg_error_t s2k_hash_passphrase (const char *passphrase, int hashalgo, - gpg_error_t agent_write_shadow_key (const unsigned char *grip, - const char *serialno, const char *keyid, - const unsigned char *pkbuf, int force, -+ int reallyforce, - const char *dispserialno); - - -@@ -628,7 +630,8 @@ void agent_card_killscd (void); - - - /*-- learncard.c --*/ --int agent_handle_learn (ctrl_t ctrl, int send, void *assuan_context, int force); -+int agent_handle_learn (ctrl_t ctrl, int send, void *assuan_context, -+ int force, int reallyforce); - - - /*-- cvt-openpgp.c --*/ ---- a/agent/command-ssh.c -+++ b/agent/command-ssh.c -@@ -2499,7 +2499,7 @@ card_key_available (ctrl_t ctrl, gcry_sexp_t *r_pk, char **cardsn) - - /* (Shadow)-key is not available in our key storage. */ - agent_card_getattr (ctrl, "$DISPSERIALNO", &dispserialno); -- err = agent_write_shadow_key (grip, serialno, authkeyid, pkbuf, 0, -+ err = agent_write_shadow_key (grip, serialno, authkeyid, pkbuf, 0, 0, - dispserialno); - xfree (dispserialno); - if (err) -@@ -3159,7 +3159,7 @@ ssh_identity_register (ctrl_t ctrl, ssh_key_type_spec_t *spec, - - /* Store this key to our key storage. We do not store a creation - * timestamp because we simply do not know. */ -- err = agent_write_private_key (key_grip_raw, buffer, buffer_n, 0, -+ err = agent_write_private_key (key_grip_raw, buffer, buffer_n, 0, 0, - NULL, NULL, NULL, 0); - if (err) - goto out; ---- a/agent/command.c -+++ b/agent/command.c -@@ -1042,7 +1042,7 @@ cmd_readkey (assuan_context_t ctx, char *line) - /* Shadow-key is or is not available in our key storage. In - * any case we need to check whether we need to update with - * a new display-s/n or whatever. */ -- rc = agent_write_shadow_key (grip, serialno, keyid, pkbuf, 0, -+ rc = agent_write_shadow_key (grip, serialno, keyid, pkbuf, 0, 0, - dispserialno); - if (rc) - goto leave; -@@ -1855,16 +1855,18 @@ cmd_learn (assuan_context_t ctx, char *line) - { - ctrl_t ctrl = assuan_get_pointer (ctx); - gpg_error_t err; -- int send, sendinfo, force; -+ int send, sendinfo, force, reallyforce; - - send = has_option (line, "--send"); - sendinfo = send? 1 : has_option (line, "--sendinfo"); - force = has_option (line, "--force"); -+ reallyforce = has_option (line, "--reallyforce"); - - if (ctrl->restricted) - return leave_cmd (ctx, gpg_error (GPG_ERR_FORBIDDEN)); - -- err = agent_handle_learn (ctrl, send, sendinfo? ctx : NULL, force); -+ err = agent_handle_learn (ctrl, send, sendinfo? ctx : NULL, -+ force, reallyforce); - return leave_cmd (ctx, err); - } - -@@ -2427,11 +2429,11 @@ cmd_import_key (assuan_context_t ctx, char *line) - err = agent_protect (key, passphrase, &finalkey, &finalkeylen, - ctrl->s2k_count); - if (!err) -- err = agent_write_private_key (grip, finalkey, finalkeylen, force, -+ err = agent_write_private_key (grip, finalkey, finalkeylen, force, 0, - NULL, NULL, NULL, opt_timestamp); - } - else -- err = agent_write_private_key (grip, key, realkeylen, force, -+ err = agent_write_private_key (grip, key, realkeylen, force, 0, - NULL, NULL, NULL, opt_timestamp); - - leave: ---- a/agent/cvt-openpgp.c -+++ b/agent/cvt-openpgp.c -@@ -1070,7 +1070,7 @@ convert_from_openpgp_native (ctrl_t ctrl, - &protectedkey, &protectedkeylen, - ctrl->s2k_count)) - agent_write_private_key (grip, protectedkey, protectedkeylen, -- 1/*force*/, NULL, NULL, NULL, 0); -+ 1/*force*/, 0, NULL, NULL, NULL, 0); - xfree (protectedkey); - } - else -@@ -1079,7 +1079,7 @@ convert_from_openpgp_native (ctrl_t ctrl, - agent_write_private_key (grip, - *r_key, - gcry_sexp_canon_len (*r_key, 0, NULL,NULL), -- 1/*force*/, NULL, NULL, NULL, 0); -+ 1/*force*/, 0, NULL, NULL, NULL, 0); - } - } - ---- a/agent/findkey.c -+++ b/agent/findkey.c -@@ -82,7 +82,8 @@ fname_from_keygrip (const unsigned char *grip, int for_new) - * recorded as creation date. */ - int - agent_write_private_key (const unsigned char *grip, -- const void *buffer, size_t length, int force, -+ const void *buffer, size_t length, -+ int force, int reallyforce, - const char *serialno, const char *keyref, - const char *dispserialno, - time_t timestamp) -@@ -165,10 +166,13 @@ agent_write_private_key (const unsigned char *grip, - /* Check that we do not update a regular key with a shadow key. */ - if (is_regular && gpg_err_code (is_shadowed_key (key)) == GPG_ERR_TRUE) - { -- log_info ("updating regular key file '%s'" -- " by a shadow key inhibited\n", oldfname); -- err = 0; /* Simply ignore the error. */ -- goto leave; -+ if (!reallyforce) -+ { -+ log_info ("updating regular key file '%s'" -+ " by a shadow key inhibited\n", oldfname); -+ err = 0; /* Simply ignore the error. */ -+ goto leave; -+ } - } - /* Check that we update a regular key only in force mode. */ - if (is_regular && !force) -@@ -1704,12 +1708,13 @@ agent_delete_key (ctrl_t ctrl, const char *desc_text, - * Shadow key is created by an S-expression public key in PKBUF and - * card's SERIALNO and the IDSTRING. With FORCE passed as true an - * existing key with the given GRIP will get overwritten. If -- * DISPSERIALNO is not NULL the human readable s/n will also be -- * recorded in the key file. */ -+ * REALLYFORCE is also true, even a private key will be overwritten by -+ * a shadown key. If DISPSERIALNO is not NULL the human readable s/n -+ * will also be recorded in the key file. */ - gpg_error_t - agent_write_shadow_key (const unsigned char *grip, - const char *serialno, const char *keyid, -- const unsigned char *pkbuf, int force, -+ const unsigned char *pkbuf, int force, int reallyforce, - const char *dispserialno) - { - gpg_error_t err; -@@ -1737,7 +1742,7 @@ agent_write_shadow_key (const unsigned char *grip, - } - - len = gcry_sexp_canon_len (shdkey, 0, NULL, NULL); -- err = agent_write_private_key (grip, shdkey, len, force, -+ err = agent_write_private_key (grip, shdkey, len, force, reallyforce, - serialno, keyid, dispserialno, 0); - xfree (shdkey); - if (err) ---- a/agent/genkey.c -+++ b/agent/genkey.c -@@ -69,7 +69,7 @@ store_key (gcry_sexp_t private, const char *passphrase, int force, - buf = p; - } - -- rc = agent_write_private_key (grip, buf, len, force, -+ rc = agent_write_private_key (grip, buf, len, force, 0, - NULL, NULL, NULL, timestamp); - xfree (buf); - return rc; ---- a/agent/learncard.c -+++ b/agent/learncard.c -@@ -297,9 +297,12 @@ send_cert_back (ctrl_t ctrl, const char *id, void *assuan_context) - } - - /* Perform the learn operation. If ASSUAN_CONTEXT is not NULL and -- SEND is true all new certificates are send back via Assuan. */ -+ SEND is true all new certificates are send back via Assuan. If -+ REALLYFORCE is true a private key will be overwritten by a stub -+ key. */ - int --agent_handle_learn (ctrl_t ctrl, int send, void *assuan_context, int force) -+agent_handle_learn (ctrl_t ctrl, int send, void *assuan_context, -+ int force, int reallyforce) - { - int rc; - struct kpinfo_cb_parm_s parm; -@@ -414,7 +417,7 @@ agent_handle_learn (ctrl_t ctrl, int send, void *assuan_context, int force) - - agent_card_getattr (ctrl, "$DISPSERIALNO", &dispserialno); - rc = agent_write_shadow_key (grip, serialno, item->id, pubkey, -- force, dispserialno); -+ force, reallyforce, dispserialno); - xfree (dispserialno); - } - xfree (pubkey); ---- a/agent/protect-tool.c -+++ b/agent/protect-tool.c -@@ -807,13 +807,15 @@ agent_askpin (ctrl_t ctrl, - * to stdout. */ - int - agent_write_private_key (const unsigned char *grip, -- const void *buffer, size_t length, int force, -+ const void *buffer, size_t length, -+ int force, int reallyforce, - const char *serialno, const char *keyref, - const char *dispserialno, time_t timestamp) - { - char hexgrip[40+4+1]; - char *p; - -+ (void)reallyforce; - (void)force; - (void)timestamp; - (void)serialno; ---- a/g10/call-agent.c -+++ b/g10/call-agent.c -@@ -745,6 +745,11 @@ learn_status_cb (void *opaque, const char *line) - * card-util.c - * keyedit_menu - * card_store_key_with_backup (Woth force to remove secret key data) -+ * -+ * If force has the value 2 the --reallyforce option is also used. -+ * This is to make sure the sshadow key overwrites the private key. -+ * Note that this option is gnupg 2.2 specific because since 2.4.4 an -+ * ephemeral private key store is used instead. - */ - int - agent_scd_learn (struct agent_card_info_s *info, int force) -@@ -764,6 +769,7 @@ agent_scd_learn (struct agent_card_info_s *info, int force) - - parm.ctx = agent_ctx; - rc = assuan_transact (agent_ctx, -+ force == 2? "LEARN --sendinfo --force --reallyforce" : - force ? "LEARN --sendinfo --force" : "LEARN --sendinfo", - dummy_data_cb, NULL, default_inq_cb, &parm, - learn_status_cb, info); ---- a/g10/keygen.c -+++ b/g10/keygen.c -@@ -5201,8 +5201,11 @@ card_store_key_with_backup (ctrl_t ctrl, PKT_public_key *sub_psk, - if (err) - log_error ("writing card key to backup file: %s\n", gpg_strerror (err)); - else -- /* Remove secret key data in agent side. */ -- agent_scd_learn (NULL, 1); -+ { -+ /* Remove secret key data in agent side. We use force 2 here to -+ * allow overwriting of the temporary private key. */ -+ agent_scd_learn (NULL, 2); -+ } - - leave: - xfree (ecdh_param_str); --- -2.30.2 diff --git a/app-crypt/gnupg/files/gnupg-2.2.42-dirmngr-proxy.patch b/app-crypt/gnupg/files/gnupg-2.2.42-dirmngr-proxy.patch deleted file mode 100644 index 21be675adef4..000000000000 --- a/app-crypt/gnupg/files/gnupg-2.2.42-dirmngr-proxy.patch +++ /dev/null @@ -1,156 +0,0 @@ -https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=d6c428699db7aa20f8b6ca9fe83197a0314b7e91 -https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=c33c4fdf10b7ed9e03f2afe988d93f3085b727aa -https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=41c022072599bc3f12f659e962653548cd86fa3a - -From d6c428699db7aa20f8b6ca9fe83197a0314b7e91 Mon Sep 17 00:00:00 2001 -From: NIIBE Yutaka <gniibe@fsij.org> -Date: Thu, 15 Feb 2024 15:38:34 +0900 -Subject: [PATCH] dirmngr: Fix proxy with TLS. - -* dirmngr/http.c (proxy_get_token, run_proxy_connect): Always -available regardless of USE_TLS. -(send_request): Remove USE_TLS. - --- - -Since quite some time building w/o TLS won't work. - -GnuPG-bug-id: 6997 ---- a/dirmngr/http.c -+++ b/dirmngr/http.c -@@ -2498,9 +2498,7 @@ proxy_get_token (proxy_info_t proxy, const char *inputstring) - } - - -- - /* Use the CONNECT method to proxy our TLS stream. */ --#ifdef USE_TLS - static gpg_error_t - run_proxy_connect (http_t hd, proxy_info_t proxy, - const char *httphost, const char *server, -@@ -2709,7 +2707,6 @@ run_proxy_connect (http_t hd, proxy_info_t proxy, - xfree (tmpstr); - return err; - } --#endif /*USE_TLS*/ - - - /* Make a request string using a standard proxy. On success the -@@ -2866,7 +2863,6 @@ send_request (http_t hd, const char *httphost, const char *auth, - goto leave; - } - --#if USE_TLS - if (use_http_proxy && hd->uri->use_tls) - { - err = run_proxy_connect (hd, proxy, httphost, server, port); -@@ -2878,7 +2874,6 @@ send_request (http_t hd, const char *httphost, const char *auth, - * clear the flag to indicate this. */ - use_http_proxy = 0; - } --#endif /* USE_TLS */ - - #if HTTP_USE_NTBTLS - err = run_ntbtls_handshake (hd); --- -2.30.2 - -From c33c4fdf10b7ed9e03f2afe988d93f3085b727aa Mon Sep 17 00:00:00 2001 -From: NIIBE Yutaka <gniibe@fsij.org> -Date: Fri, 16 Feb 2024 11:31:37 +0900 -Subject: [PATCH] dirmngr: Fix the regression of use of proxy for TLS - connection. - -* dirmngr/http.c (run_proxy_connect): Don't set keep_alive, since it -causes resource leak of FP_WRITE. -Don't try to read response body to fix the hang. - --- - -GnuPG-bug-id: 6997 -Signed-off-by: NIIBE Yutaka <gniibe@fsij.org> ---- a/dirmngr/http.c -+++ b/dirmngr/http.c -@@ -2520,6 +2520,7 @@ run_proxy_connect (http_t hd, proxy_info_t proxy, - * RFC-4559 - SPNEGO-based Kerberos and NTLM HTTP Authentication - */ - auth_basic = !!proxy->uri->auth; -+ hd->keep_alive = 0; - - /* For basic authentication we need to send just one request. */ - if (auth_basic -@@ -2541,13 +2542,12 @@ run_proxy_connect (http_t hd, proxy_info_t proxy, - httphost ? httphost : server, - port, - authhdr ? authhdr : "", -- auth_basic? "" : "Connection: keep-alive\r\n"); -+ hd->keep_alive? "Connection: keep-alive\r\n" : ""); - if (!request) - { - err = gpg_error_from_syserror (); - goto leave; - } -- hd->keep_alive = !auth_basic; /* We may need to send more requests. */ - - if (opt_debug || (hd->flags & HTTP_FLAG_LOG_RESP)) - log_debug_with_string (request, "http.c:proxy:request:"); -@@ -2574,16 +2574,6 @@ run_proxy_connect (http_t hd, proxy_info_t proxy, - if (err) - goto leave; - -- { -- unsigned long count = 0; -- -- while (es_getc (hd->fp_read) != EOF) -- count++; -- if (opt_debug) -- log_debug ("http.c:proxy_connect: skipped %lu bytes of response-body\n", -- count); -- } -- - /* Reset state. */ - es_clearerr (hd->fp_read); - ((cookie_t)(hd->read_cookie))->up_to_empty_line = 1; --- -2.30.2 - -From 41c022072599bc3f12f659e962653548cd86fa3a Mon Sep 17 00:00:00 2001 -From: NIIBE Yutaka <gniibe@fsij.org> -Date: Fri, 16 Feb 2024 16:24:26 +0900 -Subject: [PATCH] dirmngr: Fix keep-alive flag handling. - -* dirmngr/http.c (run_proxy_connect): Set KEEP_ALIVE if not Basic -Authentication. Fix resource leak of FP_WRITE. - --- - -GnuPG-bug-id: 6997 -Signed-off-by: NIIBE Yutaka <gniibe@fsij.org> ---- a/dirmngr/http.c -+++ b/dirmngr/http.c -@@ -2520,7 +2520,7 @@ run_proxy_connect (http_t hd, proxy_info_t proxy, - * RFC-4559 - SPNEGO-based Kerberos and NTLM HTTP Authentication - */ - auth_basic = !!proxy->uri->auth; -- hd->keep_alive = 0; -+ hd->keep_alive = !auth_basic; /* We may need to send more requests. */ - - /* For basic authentication we need to send just one request. */ - if (auth_basic -@@ -2684,6 +2684,14 @@ run_proxy_connect (http_t hd, proxy_info_t proxy, - } - - leave: -+ if (hd->keep_alive) -+ { -+ es_fclose (hd->fp_write); -+ hd->fp_write = NULL; -+ /* The close has released the cookie and thus we better set it -+ * to NULL. */ -+ hd->write_cookie = NULL; -+ } - /* Restore flags, destroy stream, reset state. */ - hd->flags = saved_flags; - es_fclose (hd->fp_read); --- -2.30.2 diff --git a/app-crypt/gnupg/files/gnupg-2.2.42-gpgme-tests.patch b/app-crypt/gnupg/files/gnupg-2.2.42-gpgme-tests.patch deleted file mode 100644 index f10154b303e5..000000000000 --- a/app-crypt/gnupg/files/gnupg-2.2.42-gpgme-tests.patch +++ /dev/null @@ -1,39 +0,0 @@ -https://bugs.gentoo.org/924386 -https://dev.gnupg.org/T7003 -https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=f50c543326c2eea6b40f548d61cf3a66a077bf54 - -From f50c543326c2eea6b40f548d61cf3a66a077bf54 Mon Sep 17 00:00:00 2001 -From: NIIBE Yutaka <gniibe@fsij.org> -Date: Fri, 1 Mar 2024 13:59:43 +0900 -Subject: [PATCH] agent: Allow simple KEYINFO command when restricted. - -* agent/command.c (cmd_keyinfo): Only forbid list command. - --- - -GnuPG-bug-id: 7003 -Signed-off-by: NIIBE Yutaka <gniibe@fsij.org> ---- a/agent/command.c -+++ b/agent/command.c -@@ -1282,9 +1282,6 @@ cmd_keyinfo (assuan_context_t ctx, char *line) - char hexgrip[41]; - int disabled, ttl, confirm, is_ssh; - -- if (ctrl->restricted) -- return leave_cmd (ctx, gpg_error (GPG_ERR_FORBIDDEN)); -- - if (has_option (line, "--ssh-list")) - list_mode = 2; - else -@@ -1333,6 +1330,9 @@ cmd_keyinfo (assuan_context_t ctx, char *line) - char *dirname; - gnupg_dirent_t dir_entry; - -+ if (ctrl->restricted) -+ return leave_cmd (ctx, gpg_error (GPG_ERR_FORBIDDEN)); -+ - dirname = make_filename_try (gnupg_homedir (), - GNUPG_PRIVATE_KEYS_DIR, NULL); - if (!dirname) --- -2.30.2 diff --git a/app-crypt/gnupg/gnupg-2.2.42-r4.ebuild b/app-crypt/gnupg/gnupg-2.2.42-r4.ebuild deleted file mode 100644 index 06f010973e05..000000000000 --- a/app-crypt/gnupg/gnupg-2.2.42-r4.ebuild +++ /dev/null @@ -1,184 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -# Maintainers should: -# 1. Join the "Gentoo" project at https://dev.gnupg.org/project/view/27/ -# 2. Subscribe to release tasks like https://dev.gnupg.org/T6159 -# (find the one for the current release then subscribe to it + -# any subsequent ones linked within so you're covered for a while.) - -VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/gnupg.asc -# in-source builds are not supported: https://dev.gnupg.org/T6313#166339 -inherit flag-o-matic out-of-source multiprocessing systemd toolchain-funcs verify-sig - -MY_P="${P/_/-}" - -DESCRIPTION="The GNU Privacy Guard, a GPL OpenPGP implementation" -HOMEPAGE="https://gnupg.org/" -SRC_URI="mirror://gnupg/gnupg/${MY_P}.tar.bz2" -SRC_URI+=" verify-sig? ( mirror://gnupg/gnupg/${P}.tar.bz2.sig )" -S="${WORKDIR}/${MY_P}" - -LICENSE="GPL-3+" -SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" -IUSE="bzip2 doc ldap nls readline selinux +smartcard ssl test tofu tools usb user-socket wks-server" -RESTRICT="!test? ( test )" - -# Existence of executables is checked during configuration. -# Note: On each bump, update dep bounds on each version from configure.ac! -DEPEND=" - >=dev-libs/libassuan-2.5.0:= - >=dev-libs/libgcrypt-1.8.0:= - >=dev-libs/libgpg-error-1.38 - >=dev-libs/libksba-1.3.5 - >=dev-libs/npth-1.2 - >=net-misc/curl-7.10 - sys-libs/zlib - bzip2? ( app-arch/bzip2 ) - ldap? ( net-nds/openldap:= ) - readline? ( sys-libs/readline:= ) - smartcard? ( usb? ( virtual/libusb:1 ) ) - ssl? ( >=net-libs/gnutls-3.0:= ) - tofu? ( >=dev-db/sqlite-3.7 ) -" -RDEPEND=" - ${DEPEND} - nls? ( virtual/libintl ) - selinux? ( sec-policy/selinux-gpg ) - wks-server? ( virtual/mta ) -" -PDEPEND=" - app-crypt/pinentry -" -BDEPEND=" - virtual/pkgconfig - doc? ( sys-apps/texinfo ) - nls? ( sys-devel/gettext ) - verify-sig? ( sec-keys/openpgp-keys-gnupg ) -" - -DOCS=( - ChangeLog NEWS README THANKS TODO VERSION - doc/FAQ doc/DETAILS doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER -) - -PATCHES=( - "${FILESDIR}"/${PN}-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch - "${FILESDIR}"/${P}-bug923248-insecure-backup.patch - "${FILESDIR}"/${P}-dirmngr-proxy.patch - "${FILESDIR}"/${P}-gpgme-tests.patch -) - -src_prepare() { - default - - # Inject SSH_AUTH_SOCK into user's sessions after enabling gpg-agent-ssh.socket in systemctl --user mode, - # idea borrowed from libdbus, see - # https://gitlab.freedesktop.org/dbus/dbus/-/blob/master/bus/systemd-user/dbus.socket.in#L6 - # - # This cannot be upstreamed, as it requires determining the exact prefix of 'systemctl', - # which in turn requires discovery in Autoconf, something that upstream deeply resents. - sed -e "/DirectoryMode=/a ExecStartPost=-${EPREFIX}/bin/systemctl --user set-environment SSH_AUTH_SOCK=%t/gnupg/S.gpg-agent.ssh" \ - -i doc/examples/systemd-user/gpg-agent-ssh.socket || die -} - -my_src_configure() { - # Upstream don't support LTO, bug #854222. - filter-lto - - local myconf=( - $(use_enable bzip2) - $(use_enable nls) - $(use_enable smartcard scdaemon) - $(use_enable ssl gnutls) - $(use_enable test all-tests) - $(use_enable test tests) - $(use_enable tofu) - $(use smartcard && use_enable usb ccid-driver || echo '--disable-ccid-driver') - $(use_enable wks-server wks-tools) - $(use_with ldap) - $(use_with readline) - - # Hardcode mailprog to /usr/libexec/sendmail even if it does not exist. - # As of GnuPG 2.3, the mailprog substitution is used for the binary called - # by wks-client & wks-server; and if it's autodetected but not not exist at - # build time, then then 'gpg-wks-client --send' functionality will not - # work. This has an unwanted side-effect in stage3 builds: there was a - # [R]DEPEND on virtual/mta, which also brought in virtual/logger, bloating - # the build where the install guide previously make the user chose the - # logger & mta early in the install. - --with-mailprog=/usr/libexec/sendmail - - --disable-ntbtls - --enable-gpg - --enable-gpgsm - --enable-large-secmem - - CC_FOR_BUILD="$(tc-getBUILD_CC)" - GPG_ERROR_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-gpg-error-config" - KSBA_CONFIG="${ESYSROOT}/usr/bin/ksba-config" - LIBASSUAN_CONFIG="${ESYSROOT}/usr/bin/libassuan-config" - LIBGCRYPT_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-libgcrypt-config" - NPTH_CONFIG="${ESYSROOT}/usr/bin/npth-config" - - $("${S}/configure" --help | grep -o -- '--without-.*-prefix') - ) - - if use prefix && use usb; then - # bug #649598 - append-cppflags -I"${ESYSROOT}/usr/include/libusb-1.0" - fi - - # bug #663142 - if use user-socket; then - myconf+=( --enable-run-gnupg-user-socket ) - fi - - # glib fails and picks up clang's internal stdint.h causing weird errors - tc-is-clang && export gl_cv_absolute_stdint_h="${ESYSROOT}"/usr/include/stdint.h - - econf "${myconf[@]}" -} - -my_src_compile() { - default - - use doc && emake -C doc html -} - -my_src_test() { - export TESTFLAGS="--parallel=$(makeopts_jobs)" - - default -} - -my_src_install() { - emake DESTDIR="${D}" install - - use tools && dobin \ - tools/{gpg-zip,gpgconf,gpgsplit,gpg-check-pattern} \ - tools/make-dns-cert - - dosym gpg /usr/bin/gpg2 - dosym gpgv /usr/bin/gpgv2 - echo ".so man1/gpg.1" > "${ED}"/usr/share/man/man1/gpg2.1 || die - echo ".so man1/gpgv.1" > "${ED}"/usr/share/man/man1/gpgv2.1 || die - - dodir /etc/env.d - echo "CONFIG_PROTECT=/usr/share/gnupg/qualified.txt" >> "${ED}"/etc/env.d/30gnupg || die - - use doc && dodoc doc/gnupg.html/* -} - -my_src_install_all() { - einstalldocs - - use tools && dobin tools/{convert-from-106,mail-signed-keys,lspgpot} - - use doc && dodoc doc/*.png - - systemd_douserunit doc/examples/systemd-user/*.{service,socket} -} diff --git a/app-crypt/gnupg/gnupg-2.2.43-r1.ebuild b/app-crypt/gnupg/gnupg-2.2.43-r1.ebuild deleted file mode 100644 index 9ccaeb24401c..000000000000 --- a/app-crypt/gnupg/gnupg-2.2.43-r1.ebuild +++ /dev/null @@ -1,181 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -# Maintainers should: -# 1. Join the "Gentoo" project at https://dev.gnupg.org/project/view/27/ -# 2. Subscribe to release tasks like https://dev.gnupg.org/T6159 -# (find the one for the current release then subscribe to it + -# any subsequent ones linked within so you're covered for a while.) - -VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/gnupg.asc -# in-source builds are not supported: https://dev.gnupg.org/T6313#166339 -inherit flag-o-matic out-of-source multiprocessing systemd toolchain-funcs verify-sig - -MY_P="${P/_/-}" - -DESCRIPTION="The GNU Privacy Guard, a GPL OpenPGP implementation" -HOMEPAGE="https://gnupg.org/" -SRC_URI="mirror://gnupg/gnupg/${MY_P}.tar.bz2" -SRC_URI+=" verify-sig? ( mirror://gnupg/gnupg/${P}.tar.bz2.sig )" -S="${WORKDIR}/${MY_P}" - -LICENSE="GPL-3+" -SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" -IUSE="bzip2 doc ldap nls readline selinux +smartcard ssl test tofu tools usb user-socket wks-server" -RESTRICT="!test? ( test )" - -# Existence of executables is checked during configuration. -# Note: On each bump, update dep bounds on each version from configure.ac! -DEPEND=" - >=dev-libs/libassuan-2.5.0:= - >=dev-libs/libgcrypt-1.8.0:= - >=dev-libs/libgpg-error-1.38 - >=dev-libs/libksba-1.4.0 - >=dev-libs/npth-1.2 - >=net-misc/curl-7.10 - sys-libs/zlib - bzip2? ( app-arch/bzip2 ) - ldap? ( net-nds/openldap:= ) - readline? ( sys-libs/readline:= ) - smartcard? ( usb? ( virtual/libusb:1 ) ) - ssl? ( >=net-libs/gnutls-3.0:= ) - tofu? ( >=dev-db/sqlite-3.7 ) -" -RDEPEND=" - ${DEPEND} - nls? ( virtual/libintl ) - selinux? ( sec-policy/selinux-gpg ) - wks-server? ( virtual/mta ) -" -PDEPEND=" - app-crypt/pinentry -" -BDEPEND=" - virtual/pkgconfig - doc? ( sys-apps/texinfo ) - nls? ( sys-devel/gettext ) - verify-sig? ( sec-keys/openpgp-keys-gnupg ) -" - -DOCS=( - ChangeLog NEWS README THANKS TODO VERSION - doc/FAQ doc/DETAILS doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER -) - -PATCHES=( - "${FILESDIR}"/${PN}-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch -) - -src_prepare() { - default - - # Inject SSH_AUTH_SOCK into user's sessions after enabling gpg-agent-ssh.socket in systemctl --user mode, - # idea borrowed from libdbus, see - # https://gitlab.freedesktop.org/dbus/dbus/-/blob/master/bus/systemd-user/dbus.socket.in#L6 - # - # This cannot be upstreamed, as it requires determining the exact prefix of 'systemctl', - # which in turn requires discovery in Autoconf, something that upstream deeply resents. - sed -e "/DirectoryMode=/a ExecStartPost=-${EPREFIX}/bin/systemctl --user set-environment SSH_AUTH_SOCK=%t/gnupg/S.gpg-agent.ssh" \ - -i doc/examples/systemd-user/gpg-agent-ssh.socket || die -} - -my_src_configure() { - # Upstream don't support LTO, bug #854222. - filter-lto - - local myconf=( - $(use_enable bzip2) - $(use_enable nls) - $(use_enable smartcard scdaemon) - $(use_enable ssl gnutls) - $(use_enable test all-tests) - $(use_enable test tests) - $(use_enable tofu) - $(use smartcard && use_enable usb ccid-driver || echo '--disable-ccid-driver') - $(use_enable wks-server wks-tools) - $(use_with ldap) - $(use_with readline) - - # Hardcode mailprog to /usr/libexec/sendmail even if it does not exist. - # As of GnuPG 2.3, the mailprog substitution is used for the binary called - # by wks-client & wks-server; and if it's autodetected but not not exist at - # build time, then then 'gpg-wks-client --send' functionality will not - # work. This has an unwanted side-effect in stage3 builds: there was a - # [R]DEPEND on virtual/mta, which also brought in virtual/logger, bloating - # the build where the install guide previously make the user chose the - # logger & mta early in the install. - --with-mailprog=/usr/libexec/sendmail - - --disable-ntbtls - --enable-gpg - --enable-gpgsm - --enable-large-secmem - - CC_FOR_BUILD="$(tc-getBUILD_CC)" - GPG_ERROR_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-gpg-error-config" - KSBA_CONFIG="${ESYSROOT}/usr/bin/ksba-config" - LIBASSUAN_CONFIG="${ESYSROOT}/usr/bin/libassuan-config" - LIBGCRYPT_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-libgcrypt-config" - NPTH_CONFIG="${ESYSROOT}/usr/bin/npth-config" - - $("${S}/configure" --help | grep -o -- '--without-.*-prefix') - ) - - if use prefix && use usb; then - # bug #649598 - append-cppflags -I"${ESYSROOT}/usr/include/libusb-1.0" - fi - - # bug #663142 - if use user-socket; then - myconf+=( --enable-run-gnupg-user-socket ) - fi - - # glib fails and picks up clang's internal stdint.h causing weird errors - tc-is-clang && export gl_cv_absolute_stdint_h="${ESYSROOT}"/usr/include/stdint.h - - econf "${myconf[@]}" -} - -my_src_compile() { - default - - use doc && emake -C doc html -} - -my_src_test() { - export TESTFLAGS="--parallel=$(makeopts_jobs)" - - default -} - -my_src_install() { - emake DESTDIR="${D}" install - - use tools && dobin \ - tools/{gpg-zip,gpgconf,gpgsplit,gpg-check-pattern} \ - tools/make-dns-cert - - dosym gpg /usr/bin/gpg2 - dosym gpgv /usr/bin/gpgv2 - echo ".so man1/gpg.1" > "${ED}"/usr/share/man/man1/gpg2.1 || die - echo ".so man1/gpgv.1" > "${ED}"/usr/share/man/man1/gpgv2.1 || die - - dodir /etc/env.d - echo "CONFIG_PROTECT=/usr/share/gnupg/qualified.txt" >> "${ED}"/etc/env.d/30gnupg || die - - use doc && dodoc doc/gnupg.html/* -} - -my_src_install_all() { - einstalldocs - - use tools && dobin tools/{convert-from-106,mail-signed-keys,lspgpot} - - use doc && dodoc doc/*.png - - systemd_douserunit doc/examples/systemd-user/*.{service,socket} -} diff --git a/app-crypt/gnupg/gnupg-2.4.5-r1.ebuild b/app-crypt/gnupg/gnupg-2.4.5-r1.ebuild deleted file mode 100644 index 9a5e81d91c5e..000000000000 --- a/app-crypt/gnupg/gnupg-2.4.5-r1.ebuild +++ /dev/null @@ -1,192 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -# Maintainers should: -# 1. Join the "Gentoo" project at https://dev.gnupg.org/project/view/27/ -# 2. Subscribe to release tasks like https://dev.gnupg.org/T6159 -# (find the one for the current release then subscribe to it + -# any subsequent ones linked within so you're covered for a while.) - -VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/gnupg.asc -# in-source builds are not supported: https://dev.gnupg.org/T6313#166339 -inherit flag-o-matic out-of-source multiprocessing systemd toolchain-funcs verify-sig - -MY_P="${P/_/-}" - -DESCRIPTION="The GNU Privacy Guard, a GPL OpenPGP implementation" -HOMEPAGE="https://gnupg.org/" -SRC_URI="mirror://gnupg/gnupg/${MY_P}.tar.bz2" -SRC_URI+=" verify-sig? ( mirror://gnupg/gnupg/${P}.tar.bz2.sig )" -S="${WORKDIR}/${MY_P}" - -LICENSE="GPL-3+" -SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" -IUSE="bzip2 doc ldap nls readline selinux +smartcard ssl test +tofu tpm tools usb user-socket wks-server" -RESTRICT="!test? ( test )" -REQUIRED_USE="test? ( tofu )" - -# Existence of executables is checked during configuration. -# Note: On each bump, update dep bounds on each version from configure.ac! -DEPEND=" - >=dev-libs/libassuan-2.5.0:= - >=dev-libs/libgcrypt-1.9.1:= - >=dev-libs/libgpg-error-1.46 - >=dev-libs/libksba-1.6.3 - >=dev-libs/npth-1.2 - >=net-misc/curl-7.10 - sys-libs/zlib - bzip2? ( app-arch/bzip2 ) - ldap? ( net-nds/openldap:= ) - readline? ( sys-libs/readline:0= ) - smartcard? ( usb? ( virtual/libusb:1 ) ) - tofu? ( >=dev-db/sqlite-3.27 ) - tpm? ( >=app-crypt/tpm2-tss-2.4.0:= ) - ssl? ( >=net-libs/gnutls-3.2:0= ) -" -RDEPEND=" - ${DEPEND} - nls? ( virtual/libintl ) - selinux? ( sec-policy/selinux-gpg ) - wks-server? ( virtual/mta ) -" -PDEPEND=" - app-crypt/pinentry -" -BDEPEND=" - virtual/pkgconfig - doc? ( sys-apps/texinfo ) - nls? ( sys-devel/gettext ) - verify-sig? ( sec-keys/openpgp-keys-gnupg ) -" - -DOCS=( - ChangeLog NEWS README THANKS TODO VERSION - doc/FAQ doc/DETAILS doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER -) - -PATCHES=( - "${FILESDIR}"/${PN}-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch -) - -src_prepare() { - default - - GNUPG_SYSTEMD_UNITS=( - dirmngr.service - dirmngr.socket - gpg-agent-browser.socket - gpg-agent-extra.socket - gpg-agent.service - gpg-agent.socket - gpg-agent-ssh.socket - ) - - cp "${GNUPG_SYSTEMD_UNITS[@]/#/${FILESDIR}/}" "${T}" || die - - # Inject SSH_AUTH_SOCK into user's sessions after enabling gpg-agent-ssh.socket in systemctl --user mode, - # idea borrowed from libdbus, see - # https://gitlab.freedesktop.org/dbus/dbus/-/blob/master/bus/systemd-user/dbus.socket.in#L6 - # - # This cannot be upstreamed, as it requires determining the exact prefix of 'systemctl', - # which in turn requires discovery in Autoconf, something that upstream deeply resents. - sed -e "/DirectoryMode=/a ExecStartPost=-${EPREFIX}/bin/systemctl --user set-environment SSH_AUTH_SOCK=%t/gnupg/S.gpg-agent.ssh" \ - -i "${T}"/gpg-agent-ssh.socket || die -} - -my_src_configure() { - # Upstream don't support LTO, bug #854222. - filter-lto - - local myconf=( - $(use_enable bzip2) - $(use_enable nls) - $(use_enable smartcard scdaemon) - $(use_enable ssl gnutls) - $(use_enable test all-tests) - $(use_enable test tests) - $(use_enable tofu) - $(use_enable tofu keyboxd) - $(use_enable tofu sqlite) - $(usex tpm '--with-tss=intel' '--disable-tpm2d') - $(use smartcard && use_enable usb ccid-driver || echo '--disable-ccid-driver') - $(use_enable wks-server wks-tools) - $(use_with ldap) - $(use_with readline) - - # Hardcode mailprog to /usr/libexec/sendmail even if it does not exist. - # As of GnuPG 2.3, the mailprog substitution is used for the binary called - # by wks-client & wks-server; and if it's autodetected but not not exist at - # build time, then then 'gpg-wks-client --send' functionality will not - # work. This has an unwanted side-effect in stage3 builds: there was a - # [R]DEPEND on virtual/mta, which also brought in virtual/logger, bloating - # the build where the install guide previously make the user chose the - # logger & mta early in the install. - --with-mailprog=/usr/libexec/sendmail - - --disable-ntbtls - --enable-gpgsm - --enable-large-secmem - - CC_FOR_BUILD="$(tc-getBUILD_CC)" - ac_cv_path_GPGRT_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-gpgrt-config" - - $("${S}/configure" --help | grep -o -- '--without-.*-prefix') - ) - - if use prefix && use usb; then - # bug #649598 - append-cppflags -I"${ESYSROOT}/usr/include/libusb-1.0" - fi - - # bug #663142 - if use user-socket; then - myconf+=( --enable-run-gnupg-user-socket ) - fi - - # glib fails and picks up clang's internal stdint.h causing weird errors - tc-is-clang && export gl_cv_absolute_stdint_h="${ESYSROOT}"/usr/include/stdint.h - - econf "${myconf[@]}" -} - -my_src_compile() { - default - - use doc && emake -C doc html -} - -my_src_test() { - export TESTFLAGS="--parallel=$(makeopts_jobs)" - - default -} - -my_src_install() { - emake DESTDIR="${D}" install - - use tools && dobin tools/{gpgconf,gpgsplit,gpg-check-pattern} tools/make-dns-cert - - dosym gpg /usr/bin/gpg2 - dosym gpgv /usr/bin/gpgv2 - echo ".so man1/gpg.1" > "${ED}"/usr/share/man/man1/gpg2.1 || die - echo ".so man1/gpgv.1" > "${ED}"/usr/share/man/man1/gpgv2.1 || die - - dodir /etc/env.d - echo "CONFIG_PROTECT=/usr/share/gnupg/qualified.txt" >> "${ED}"/etc/env.d/30gnupg || die - - use doc && dodoc doc/gnupg.html/* -} - -my_src_install_all() { - einstalldocs - - use tools && dobin tools/{convert-from-106,mail-signed-keys,lspgpot} - use doc && dodoc doc/*.png - - # Dropped upstream in https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff;h=eae28f1bd4a5632e8f8e85b7248d1c4d4a10a5ed. - dodoc "${FILESDIR}"/README-systemd - systemd_douserunit "${GNUPG_SYSTEMD_UNITS[@]/#/${T}/}" -} diff --git a/app-crypt/gnupg/gnupg-2.4.5-r2.ebuild b/app-crypt/gnupg/gnupg-2.4.5-r2.ebuild deleted file mode 100644 index b39c186864ac..000000000000 --- a/app-crypt/gnupg/gnupg-2.4.5-r2.ebuild +++ /dev/null @@ -1,197 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -# Maintainers should: -# 1. Join the "Gentoo" project at https://dev.gnupg.org/project/view/27/ -# 2. Subscribe to release tasks like https://dev.gnupg.org/T6159 -# (find the one for the current release then subscribe to it + -# any subsequent ones linked within so you're covered for a while.) - -VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/gnupg.asc -# in-source builds are not supported: https://dev.gnupg.org/T6313#166339 -inherit flag-o-matic out-of-source multiprocessing systemd toolchain-funcs verify-sig - -MY_P="${P/_/-}" - -DESCRIPTION="The GNU Privacy Guard, a GPL OpenPGP implementation" -HOMEPAGE="https://gnupg.org/" -SRC_URI="mirror://gnupg/gnupg/${MY_P}.tar.bz2" -SRC_URI+=" verify-sig? ( mirror://gnupg/gnupg/${P}.tar.bz2.sig )" -S="${WORKDIR}/${MY_P}" - -LICENSE="GPL-3+" -SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" -IUSE="bzip2 doc ldap nls readline selinux +smartcard ssl test +tofu tpm tools usb user-socket wks-server" -RESTRICT="!test? ( test )" -REQUIRED_USE="test? ( tofu )" - -# Existence of executables is checked during configuration. -# Note: On each bump, update dep bounds on each version from configure.ac! -DEPEND=" - >=dev-libs/libassuan-2.5.0:= - >=dev-libs/libgcrypt-1.9.1:= - >=dev-libs/libgpg-error-1.46 - >=dev-libs/libksba-1.6.3 - >=dev-libs/npth-1.2 - >=net-misc/curl-7.10 - sys-libs/zlib - bzip2? ( app-arch/bzip2 ) - ldap? ( net-nds/openldap:= ) - readline? ( sys-libs/readline:0= ) - smartcard? ( usb? ( virtual/libusb:1 ) ) - tofu? ( >=dev-db/sqlite-3.27 ) - tpm? ( >=app-crypt/tpm2-tss-2.4.0:= ) - ssl? ( >=net-libs/gnutls-3.2:0= ) -" -RDEPEND=" - ${DEPEND} - nls? ( virtual/libintl ) - selinux? ( sec-policy/selinux-gpg ) - wks-server? ( virtual/mta ) -" -PDEPEND=" - app-crypt/pinentry -" -BDEPEND=" - virtual/pkgconfig - doc? ( sys-apps/texinfo ) - nls? ( sys-devel/gettext ) - verify-sig? ( sec-keys/openpgp-keys-gnupg ) -" - -DOCS=( - ChangeLog NEWS README THANKS TODO VERSION - doc/FAQ doc/DETAILS doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER -) - -PATCHES=( - "${FILESDIR}"/${PN}-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch - "${FILESDIR}"/${PN}-2.4.5-revert-rfc4880bis.patch # bug #926186 -) - -src_prepare() { - default - - GNUPG_SYSTEMD_UNITS=( - dirmngr.service - dirmngr.socket - gpg-agent-browser.socket - gpg-agent-extra.socket - gpg-agent.service - gpg-agent.socket - gpg-agent-ssh.socket - ) - - cp "${GNUPG_SYSTEMD_UNITS[@]/#/${FILESDIR}/}" "${T}" || die - - # Inject SSH_AUTH_SOCK into user's sessions after enabling gpg-agent-ssh.socket in systemctl --user mode, - # idea borrowed from libdbus, see - # https://gitlab.freedesktop.org/dbus/dbus/-/blob/master/bus/systemd-user/dbus.socket.in#L6 - # - # This cannot be upstreamed, as it requires determining the exact prefix of 'systemctl', - # which in turn requires discovery in Autoconf, something that upstream deeply resents. - sed -e "/DirectoryMode=/a ExecStartPost=-${EPREFIX}/bin/systemctl --user set-environment SSH_AUTH_SOCK=%t/gnupg/S.gpg-agent.ssh" \ - -i "${T}"/gpg-agent-ssh.socket || die - - # definition of getpeername etc uses different things like socket_fd_t - [[ ${CHOST} == *-solaris* ]] && - append-cflags $(test-flags-CC -Wno-incompatible-pointer-types) -} - -my_src_configure() { - # Upstream don't support LTO, bug #854222. - filter-lto - - local myconf=( - $(use_enable bzip2) - $(use_enable nls) - $(use_enable smartcard scdaemon) - $(use_enable ssl gnutls) - $(use_enable test all-tests) - $(use_enable test tests) - $(use_enable tofu) - $(use_enable tofu keyboxd) - $(use_enable tofu sqlite) - $(usex tpm '--with-tss=intel' '--disable-tpm2d') - $(use smartcard && use_enable usb ccid-driver || echo '--disable-ccid-driver') - $(use_enable wks-server wks-tools) - $(use_with ldap) - $(use_with readline) - - # Hardcode mailprog to /usr/libexec/sendmail even if it does not exist. - # As of GnuPG 2.3, the mailprog substitution is used for the binary called - # by wks-client & wks-server; and if it's autodetected but not not exist at - # build time, then then 'gpg-wks-client --send' functionality will not - # work. This has an unwanted side-effect in stage3 builds: there was a - # [R]DEPEND on virtual/mta, which also brought in virtual/logger, bloating - # the build where the install guide previously make the user chose the - # logger & mta early in the install. - --with-mailprog=/usr/libexec/sendmail - - --disable-ntbtls - --enable-gpgsm - --enable-large-secmem - - CC_FOR_BUILD="$(tc-getBUILD_CC)" - GPGRT_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-gpgrt-config" - - $("${S}/configure" --help | grep -o -- '--without-.*-prefix') - ) - - if use prefix && use usb; then - # bug #649598 - append-cppflags -I"${ESYSROOT}/usr/include/libusb-1.0" - fi - - # bug #663142 - if use user-socket; then - myconf+=( --enable-run-gnupg-user-socket ) - fi - - # glib fails and picks up clang's internal stdint.h causing weird errors - tc-is-clang && export gl_cv_absolute_stdint_h="${ESYSROOT}"/usr/include/stdint.h - - econf "${myconf[@]}" -} - -my_src_compile() { - default - - use doc && emake -C doc html -} - -my_src_test() { - export TESTFLAGS="--parallel=$(makeopts_jobs)" - - default -} - -my_src_install() { - emake DESTDIR="${D}" install - - use tools && dobin tools/{gpgconf,gpgsplit,gpg-check-pattern} tools/make-dns-cert - - dosym gpg /usr/bin/gpg2 - dosym gpgv /usr/bin/gpgv2 - echo ".so man1/gpg.1" > "${ED}"/usr/share/man/man1/gpg2.1 || die - echo ".so man1/gpgv.1" > "${ED}"/usr/share/man/man1/gpgv2.1 || die - - dodir /etc/env.d - echo "CONFIG_PROTECT=/usr/share/gnupg/qualified.txt" >> "${ED}"/etc/env.d/30gnupg || die - - use doc && dodoc doc/gnupg.html/* -} - -my_src_install_all() { - einstalldocs - - use tools && dobin tools/{convert-from-106,mail-signed-keys,lspgpot} - use doc && dodoc doc/*.png - - # Dropped upstream in https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff;h=eae28f1bd4a5632e8f8e85b7248d1c4d4a10a5ed. - dodoc "${FILESDIR}"/README-systemd - systemd_douserunit "${GNUPG_SYSTEMD_UNITS[@]/#/${T}/}" -} diff --git a/app-crypt/gnupg/gnupg-2.4.7.ebuild b/app-crypt/gnupg/gnupg-2.4.7.ebuild index 53572e307e0d..1c146f45be44 100644 --- a/app-crypt/gnupg/gnupg-2.4.7.ebuild +++ b/app-crypt/gnupg/gnupg-2.4.7.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2024 Gentoo Authors +# Copyright 1999-2025 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=8 @@ -23,7 +23,7 @@ S="${WORKDIR}/${MY_P}" LICENSE="GPL-3+" SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" +KEYWORDS="~alpha amd64 arm arm64 ~hppa ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" IUSE="bzip2 doc ldap nls readline selinux +smartcard ssl test +tofu tpm tools usb user-socket wks-server" RESTRICT="!test? ( test )" REQUIRED_USE="test? ( tofu )" |