diff options
| author |   Sam James <sam@gentoo.org> | 2024-03-04 03:01:39 +0000 |
|---|---|---|
| committer | Sam James <sam@gentoo.org> | 2024-03-04 03:01:39 +0000 |
| commit | 5e78080cd2080248c2b0bb0492129984edf3870a (patch) | |
| tree | dba5560cd710dc16c461c3dababc9c88701b236c /app-crypt/gnupg | |
| parent | app-crypt/pinentry: drop 1.2.1-r5 (diff) | |
| download | gentoo-5e78080cd2080248c2b0bb0492129984edf3870a.tar.gz gentoo-5e78080cd2080248c2b0bb0492129984edf3870a.tar.bz2 gentoo-5e78080cd2080248c2b0bb0492129984edf3870a.zip | |
app-crypt/gnupg: drop 2.4.3-r1, 2.4.4
Signed-off-by: Sam James <sam@gentoo.org>
Diffstat (limited to 'app-crypt/gnupg')
| -rw-r--r-- | app-crypt/gnupg/Manifest | 2 | ||||
| -rw-r--r-- | app-crypt/gnupg/files/gnupg-2.4.2-fix-emacs.patch | 564 | ||||
| -rw-r--r-- | app-crypt/gnupg/files/gnupg-2.4.3-no-ldap.patch | 28 | ||||
| -rw-r--r-- | app-crypt/gnupg/gnupg-2.4.3-r1.ebuild | 198 | ||||
| -rw-r--r-- | app-crypt/gnupg/gnupg-2.4.4.ebuild | 198 |
5 files changed, 0 insertions, 990 deletions
diff --git a/app-crypt/gnupg/Manifest b/app-crypt/gnupg/Manifest index 8f3cf322eb30..49aeaaea809e 100644 --- a/app-crypt/gnupg/Manifest +++ b/app-crypt/gnupg/Manifest @@ -2,7 +2,5 @@ DIST gnupg-2.2.41.tar.bz2 7313746 BLAKE2B 0be2965a646a8636a127f89329030860908b0b DIST gnupg-2.2.41.tar.bz2.sig 238 BLAKE2B 7a4dc8dd4b3da77f6684325f46e3e3b1aeac6fcd8382e3148da1a01a5c5a9e14c1352fb28b61e500388d647e1103b8f78ad49e467e01b732c4a13eb849859b98 SHA512 ac6edd35c6b02a02d6c8a4468332213f20159f972aa2f7fd25c6841c662b3d84db5230330d540e0785ddaff080daf8dd250292104ff47560ad59c11803aabefa DIST gnupg-2.2.42.tar.bz2 7434291 BLAKE2B 5f7f01f31949e5258d638fbff81fa641e5c167e6eaf32c55eb187d4a31b31cd4fe6e51c622e74d8544c4f95c75484e15117f26a8cf26055ff6813d75e54f2b8a SHA512 9c59d034f428d42323b5520e1a8984acc1505ba1d96d90f00e17b24aa91660b2dc64e1a3ceb044c56f39b4c402a77c7e0b226c65218c23c094781b4ef51e2eb5 DIST gnupg-2.2.42.tar.bz2.sig 238 BLAKE2B 251ad0a832042ceb93b0edfda8652104bfb463e291322f22f0ab0d9b35606c3589be7a6f3e9e2aac8f6ac368a7d11840ab83b29997587dc65685de9f2dec3fee SHA512 7073bfc920c571680a1de57b4e6cd83cde24ccb3b5f592602b0c32fd762eef497027b08745044c9f41130ca99bb7ec77222568c2d0a1099d3c1c15137e0221d7 -DIST gnupg-2.4.3.tar.bz2 7351327 BLAKE2B b7f4f5e548ec6dfc89cf8792f507ee8642e8500692998cf8d2edc9f5d8002904d24a714b9caffabee6094707c4595e0f54197535135622a7a32aa772f5818f28 SHA512 193a9398445272ec3eb5b79e802efb7414f74bcfffc3db0bf72c0056e04228120c419ed91db168e5733a16a33e548bab5368dd9cf11ecd483825bce189341a1e -DIST gnupg-2.4.3.tar.bz2.sig 119 BLAKE2B 763c0569e5378e132de39e1583c19bae8912455bf7cd5a65bcfc88fa43be99fb6bbf8397192b3086db2f6f0f63fc25789f5e6ce98b2fe63cda3bf673b1c60a20 SHA512 7affff694d194c3befdfc865a7872c0883304ea704e3691eac328d802f12f4f82c2a93eaa1257d3e09b38494b38185f5b8cf35c964f0c3846bbb29b93727ffee DIST gnupg-2.4.4.tar.bz2 7886036 BLAKE2B 02661e89f0358be09fa3e71e7235b764a7dbda62a48a0c8c7a4e6c9919c3b37d54ead50b930af58f8f2fdb87861b849d3f3751e95cbedf46bdfd76caa90c4db4 SHA512 3d1a3b08d1ce2319d238d8be96591e418ede1dc0b4ede33a4cc2fe40e9c56d5bbc27b1984736d8a786e7f292ddbc836846a8bdb4bf89f064e953c37cb54b94ef DIST gnupg-2.4.4.tar.bz2.sig 237 BLAKE2B 6ee5878c36fbec747a6d84a268903749d862aab50dd7f9a389aabbf7b94dec1c424615f520b5f4a6d44e02093e8d9ad0b08d0c6cf6fd8886d8c174ce9faac99c SHA512 3ae7b6833576df851901a7619459b514bb82faeed350c864a57a782719d21f694d9ced5a3445c81dfa584a0302f87fedc660b08ea97bb8b861e76d7c5b46d07f diff --git a/app-crypt/gnupg/files/gnupg-2.4.2-fix-emacs.patch b/app-crypt/gnupg/files/gnupg-2.4.2-fix-emacs.patch deleted file mode 100644 index 2e9141ab579b..000000000000 --- a/app-crypt/gnupg/files/gnupg-2.4.2-fix-emacs.patch +++ /dev/null @@ -1,564 +0,0 @@ -https://bugs.gentoo.org/907839 -https://dev.gnupg.org/T6481 -https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=2f872fa68c6576724b9dabee9fb0844266f55d0d - -From 2f872fa68c6576724b9dabee9fb0844266f55d0d Mon Sep 17 00:00:00 2001 -From: NIIBE Yutaka <gniibe@fsij.org> -Date: Wed, 24 May 2023 10:36:04 +0900 -Subject: [PATCH] gpg: Report BEGIN_* status before examining the input. - -* common/miscellaneous.c (is_openpgp_compressed_packet) -(is_file_compressed): Moved to ... -* common/iobuf.c: ... in this file. -(is_file_compressed): Change the argument to INP, the iobuf. -* common/util.h (is_file_compressed): Remove. -* common/iobuf.h (is_file_compressed): Add. -* g10/cipher-aead.c (write_header): Don't call write_status_printf -here. -(cipher_filter_aead): Call write_status_printf when called with -IOBUFCTRL_INIT. -* g10/cipher-cfb.c (write_header): Don't call write_status_printf -here. -(cipher_filter_cfb): Call write_status_printf when called with -IOBUFCTRL_INIT. -* g10/encrypt.c (encrypt_simple): Use new is_file_compressed function, -after call of iobuf_push_filter. -(encrypt_crypt): Likewise. -* g10/sign.c (sign_file): Likewise. - --- - -GnuPG-bug-id: 6481 -Signed-off-by: NIIBE Yutaka <gniibe@fsij.org> ---- a/common/iobuf.c -+++ b/common/iobuf.c -@@ -3057,3 +3057,123 @@ iobuf_skip_rest (iobuf_t a, unsigned long n, int partial) - } - } - } -+ -+ -+/* Check whether (BUF,LEN) is valid header for an OpenPGP compressed -+ * packet. LEN should be at least 6. */ -+static int -+is_openpgp_compressed_packet (const unsigned char *buf, size_t len) -+{ -+ int c, ctb, pkttype; -+ int lenbytes; -+ -+ ctb = *buf++; len--; -+ if (!(ctb & 0x80)) -+ return 0; /* Invalid packet. */ -+ -+ if ((ctb & 0x40)) /* New style (OpenPGP) CTB. */ -+ { -+ pkttype = (ctb & 0x3f); -+ if (!len) -+ return 0; /* Expected first length octet missing. */ -+ c = *buf++; len--; -+ if (c < 192) -+ ; -+ else if (c < 224) -+ { -+ if (!len) -+ return 0; /* Expected second length octet missing. */ -+ } -+ else if (c == 255) -+ { -+ if (len < 4) -+ return 0; /* Expected length octets missing */ -+ } -+ } -+ else /* Old style CTB. */ -+ { -+ pkttype = (ctb>>2)&0xf; -+ lenbytes = ((ctb&3)==3)? 0 : (1<<(ctb & 3)); -+ if (len < lenbytes) -+ return 0; /* Not enough length bytes. */ -+ } -+ -+ return (pkttype == 8); -+} -+ -+ -+/* -+ * Check if the file is compressed, by peeking the iobuf. You need to -+ * pass the iobuf with INP. Returns true if the buffer seems to be -+ * compressed. -+ */ -+int -+is_file_compressed (iobuf_t inp) -+{ -+ int i; -+ char buf[32]; -+ int buflen; -+ -+ struct magic_compress_s -+ { -+ byte len; -+ byte extchk; -+ byte magic[5]; -+ } magic[] = -+ { -+ { 3, 0, { 0x42, 0x5a, 0x68, 0x00 } }, /* bzip2 */ -+ { 3, 0, { 0x1f, 0x8b, 0x08, 0x00 } }, /* gzip */ -+ { 4, 0, { 0x50, 0x4b, 0x03, 0x04 } }, /* (pk)zip */ -+ { 5, 0, { '%', 'P', 'D', 'F', '-'} }, /* PDF */ -+ { 4, 1, { 0xff, 0xd8, 0xff, 0xe0 } }, /* Maybe JFIF */ -+ { 5, 2, { 0x89, 'P','N','G', 0x0d} } /* Likely PNG */ -+ }; -+ -+ if (!inp) -+ return 0; -+ -+ for ( ; inp->chain; inp = inp->chain ) -+ ; -+ -+ buflen = iobuf_ioctl (inp, IOBUF_IOCTL_PEEK, sizeof buf, buf); -+ if (buflen < 0) -+ { -+ buflen = 0; -+ log_debug ("peeking at input failed\n"); -+ } -+ -+ if ( buflen < 6 ) -+ { -+ return 0; /* Too short to check - assume uncompressed. */ -+ } -+ -+ for ( i = 0; i < DIM (magic); i++ ) -+ { -+ if (!memcmp( buf, magic[i].magic, magic[i].len)) -+ { -+ switch (magic[i].extchk) -+ { -+ case 0: -+ return 1; /* Is compressed. */ -+ case 1: -+ if (buflen > 11 && !memcmp (buf + 6, "JFIF", 5)) -+ return 1; /* JFIF: this likely a compressed JPEG. */ -+ break; -+ case 2: -+ if (buflen > 8 -+ && buf[5] == 0x0a && buf[6] == 0x1a && buf[7] == 0x0a) -+ return 1; /* This is a PNG. */ -+ break; -+ default: -+ break; -+ } -+ } -+ } -+ -+ if (buflen >= 6 && is_openpgp_compressed_packet (buf, buflen)) -+ { -+ return 1; /* Already compressed. */ -+ } -+ -+ return 0; /* Not detected as compressed. */ -+} ---- a/common/iobuf.h -+++ b/common/iobuf.h -@@ -629,6 +629,9 @@ void iobuf_set_partial_body_length_mode (iobuf_t a, size_t len); - from the following filter (which may or may not return EOF). */ - void iobuf_skip_rest (iobuf_t a, unsigned long n, int partial); - -+/* Check if the file is compressed, by peeking the iobuf. */ -+int is_file_compressed (iobuf_t inp); -+ - #define iobuf_where(a) "[don't know]" - - /* Each time a filter is allocated (via iobuf_alloc()), a ---- a/common/miscellaneous.c -+++ b/common/miscellaneous.c -@@ -415,112 +415,6 @@ decode_c_string (const char *src) - } - - --/* Check whether (BUF,LEN) is valid header for an OpenPGP compressed -- * packet. LEN should be at least 6. */ --static int --is_openpgp_compressed_packet (const unsigned char *buf, size_t len) --{ -- int c, ctb, pkttype; -- int lenbytes; -- -- ctb = *buf++; len--; -- if (!(ctb & 0x80)) -- return 0; /* Invalid packet. */ -- -- if ((ctb & 0x40)) /* New style (OpenPGP) CTB. */ -- { -- pkttype = (ctb & 0x3f); -- if (!len) -- return 0; /* Expected first length octet missing. */ -- c = *buf++; len--; -- if (c < 192) -- ; -- else if (c < 224) -- { -- if (!len) -- return 0; /* Expected second length octet missing. */ -- } -- else if (c == 255) -- { -- if (len < 4) -- return 0; /* Expected length octets missing */ -- } -- } -- else /* Old style CTB. */ -- { -- pkttype = (ctb>>2)&0xf; -- lenbytes = ((ctb&3)==3)? 0 : (1<<(ctb & 3)); -- if (len < lenbytes) -- return 0; /* Not enough length bytes. */ -- } -- -- return (pkttype == 8); --} -- -- -- --/* -- * Check if the file is compressed. You need to pass the first bytes -- * of the file as (BUF,BUFLEN). Returns true if the buffer seems to -- * be compressed. -- */ --int --is_file_compressed (const byte *buf, unsigned int buflen) --{ -- int i; -- -- struct magic_compress_s -- { -- byte len; -- byte extchk; -- byte magic[5]; -- } magic[] = -- { -- { 3, 0, { 0x42, 0x5a, 0x68, 0x00 } }, /* bzip2 */ -- { 3, 0, { 0x1f, 0x8b, 0x08, 0x00 } }, /* gzip */ -- { 4, 0, { 0x50, 0x4b, 0x03, 0x04 } }, /* (pk)zip */ -- { 5, 0, { '%', 'P', 'D', 'F', '-'} }, /* PDF */ -- { 4, 1, { 0xff, 0xd8, 0xff, 0xe0 } }, /* Maybe JFIF */ -- { 5, 2, { 0x89, 'P','N','G', 0x0d} } /* Likely PNG */ -- }; -- -- if ( buflen < 6 ) -- { -- return 0; /* Too short to check - assume uncompressed. */ -- } -- -- for ( i = 0; i < DIM (magic); i++ ) -- { -- if (!memcmp( buf, magic[i].magic, magic[i].len)) -- { -- switch (magic[i].extchk) -- { -- case 0: -- return 1; /* Is compressed. */ -- case 1: -- if (buflen > 11 && !memcmp (buf + 6, "JFIF", 5)) -- return 1; /* JFIF: this likely a compressed JPEG. */ -- break; -- case 2: -- if (buflen > 8 -- && buf[5] == 0x0a && buf[6] == 0x1a && buf[7] == 0x0a) -- return 1; /* This is a PNG. */ -- break; -- default: -- break; -- } -- } -- } -- -- if (buflen >= 6 && is_openpgp_compressed_packet (buf, buflen)) -- { -- return 1; /* Already compressed. */ -- } -- -- return 0; /* Not detected as compressed. */ --} -- -- - /* Try match against each substring of multistr, delimited by | */ - int - match_multistr (const char *multistr,const char *match) ---- a/common/util.h -+++ b/common/util.h -@@ -360,8 +360,6 @@ char *try_make_printable_string (const void *p, size_t n, int delim); - char *make_printable_string (const void *p, size_t n, int delim); - char *decode_c_string (const char *src); - --int is_file_compressed (const byte *buf, unsigned int buflen); -- - int match_multistr (const char *multistr,const char *match); - - int gnupg_compare_version (const char *a, const char *b); ---- a/g10/cipher-aead.c -+++ b/g10/cipher-aead.c -@@ -174,8 +174,6 @@ write_header (cipher_filter_context_t *cfx, iobuf_t a) - log_debug ("aead packet: len=%lu extralen=%d\n", - (unsigned long)ed.len, ed.extralen); - -- write_status_printf (STATUS_BEGIN_ENCRYPTION, "0 %d %d", -- cfx->dek->algo, ed.aead_algo); - print_cipher_algo_note (cfx->dek->algo); - - if (build_packet( a, &pkt)) -@@ -488,6 +486,11 @@ cipher_filter_aead (void *opaque, int control, - { - mem2str (buf, "cipher_filter_aead", *ret_len); - } -+ else if (control == IOBUFCTRL_INIT) -+ { -+ write_status_printf (STATUS_BEGIN_ENCRYPTION, "0 %d %d", -+ cfx->dek->algo, cfx->dek->use_aead); -+ } - - return rc; - } ---- a/g10/cipher-cfb.c -+++ b/g10/cipher-cfb.c -@@ -72,9 +72,6 @@ write_header (cipher_filter_context_t *cfx, iobuf_t a) - log_info (_("Hint: Do not use option %s\n"), "--rfc2440"); - } - -- write_status_printf (STATUS_BEGIN_ENCRYPTION, "%d %d", -- ed.mdc_method, cfx->dek->algo); -- - init_packet (&pkt); - pkt.pkttype = cfx->dek->use_mdc? PKT_ENCRYPTED_MDC : PKT_ENCRYPTED; - pkt.pkt.encrypted = &ed; -@@ -182,6 +179,12 @@ cipher_filter_cfb (void *opaque, int control, - { - mem2str (buf, "cipher_filter_cfb", *ret_len); - } -+ else if (control == IOBUFCTRL_INIT) -+ { -+ write_status_printf (STATUS_BEGIN_ENCRYPTION, "%d %d", -+ cfx->dek->use_mdc ? DIGEST_ALGO_SHA1 : 0, -+ cfx->dek->algo); -+ } - - return rc; - } ---- a/g10/encrypt.c -+++ b/g10/encrypt.c -@@ -410,8 +410,6 @@ encrypt_simple (const char *filename, int mode, int use_seskey) - text_filter_context_t tfx; - progress_filter_context_t *pfx; - int do_compress = !!default_compress_algo(); -- char peekbuf[32]; -- int peekbuflen; - - if (!gnupg_rng_is_compliant (opt.compliance)) - { -@@ -448,14 +446,6 @@ encrypt_simple (const char *filename, int mode, int use_seskey) - return rc; - } - -- peekbuflen = iobuf_ioctl (inp, IOBUF_IOCTL_PEEK, sizeof peekbuf, peekbuf); -- if (peekbuflen < 0) -- { -- peekbuflen = 0; -- if (DBG_FILTER) -- log_debug ("peeking at input failed\n"); -- } -- - handle_progress (pfx, inp, filename); - - if (opt.textmode) -@@ -517,17 +507,6 @@ encrypt_simple (const char *filename, int mode, int use_seskey) - /**/ : "CFB"); - } - -- if (do_compress -- && cfx.dek -- && (cfx.dek->use_mdc || cfx.dek->use_aead) -- && !opt.explicit_compress_option -- && is_file_compressed (peekbuf, peekbuflen)) -- { -- if (opt.verbose) -- log_info(_("'%s' already compressed\n"), filename? filename: "[stdin]"); -- do_compress = 0; -- } -- - if ( rc || (rc = open_outfile (-1, filename, opt.armor? 1:0, 0, &out ))) - { - iobuf_cancel (inp); -@@ -598,6 +577,24 @@ encrypt_simple (const char *filename, int mode, int use_seskey) - else - filesize = opt.set_filesize ? opt.set_filesize : 0; /* stdin */ - -+ /* Register the cipher filter. */ -+ if (mode) -+ iobuf_push_filter (out, -+ cfx.dek->use_aead? cipher_filter_aead -+ /**/ : cipher_filter_cfb, -+ &cfx ); -+ -+ if (do_compress -+ && cfx.dek -+ && (cfx.dek->use_mdc || cfx.dek->use_aead) -+ && !opt.explicit_compress_option -+ && is_file_compressed (inp)) -+ { -+ if (opt.verbose) -+ log_info(_("'%s' already compressed\n"), filename? filename: "[stdin]"); -+ do_compress = 0; -+ } -+ - if (!opt.no_literal) - { - /* Note that PT has been initialized above in !no_literal mode. */ -@@ -617,13 +614,6 @@ encrypt_simple (const char *filename, int mode, int use_seskey) - pkt.pkt.generic = NULL; - } - -- /* Register the cipher filter. */ -- if (mode) -- iobuf_push_filter (out, -- cfx.dek->use_aead? cipher_filter_aead -- /**/ : cipher_filter_cfb, -- &cfx ); -- - /* Register the compress filter. */ - if ( do_compress ) - { -@@ -783,7 +773,7 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename, - PKT_plaintext *pt = NULL; - DEK *symkey_dek = NULL; - STRING2KEY *symkey_s2k = NULL; -- int rc = 0, rc2 = 0; -+ int rc = 0; - u32 filesize; - cipher_filter_context_t cfx; - armor_filter_context_t *afx = NULL; -@@ -792,8 +782,6 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename, - progress_filter_context_t *pfx; - PK_LIST pk_list; - int do_compress; -- char peekbuf[32]; -- int peekbuflen; - - if (filefd != -1 && filename) - return gpg_error (GPG_ERR_INV_ARG); /* Both given. */ -@@ -866,14 +854,6 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename, - if (opt.verbose) - log_info (_("reading from '%s'\n"), iobuf_get_fname_nonnull (inp)); - -- peekbuflen = iobuf_ioctl (inp, IOBUF_IOCTL_PEEK, sizeof peekbuf, peekbuf); -- if (peekbuflen < 0) -- { -- peekbuflen = 0; -- if (DBG_FILTER) -- log_debug ("peeking at input failed\n"); -- } -- - handle_progress (pfx, inp, filename); - - if (opt.textmode) -@@ -900,25 +880,6 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename, - if (!cfx.dek->use_aead) - cfx.dek->use_mdc = !!use_mdc (pk_list, cfx.dek->algo); - -- /* Only do the is-file-already-compressed check if we are using a -- * MDC or AEAD. This forces compressed files to be re-compressed if -- * we do not have a MDC to give some protection against chosen -- * ciphertext attacks. */ -- if (do_compress -- && (cfx.dek->use_mdc || cfx.dek->use_aead) -- && !opt.explicit_compress_option -- && is_file_compressed (peekbuf, peekbuflen)) -- { -- if (opt.verbose) -- log_info(_("'%s' already compressed\n"), filename? filename: "[stdin]"); -- do_compress = 0; -- } -- if (rc2) -- { -- rc = rc2; -- goto leave; -- } -- - make_session_key (cfx.dek); - if (DBG_CRYPTO) - log_printhex (cfx.dek->key, cfx.dek->keylen, "DEK is: "); -@@ -960,6 +921,26 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename, - else - filesize = opt.set_filesize ? opt.set_filesize : 0; /* stdin */ - -+ /* Register the cipher filter. */ -+ iobuf_push_filter (out, -+ cfx.dek->use_aead? cipher_filter_aead -+ /**/ : cipher_filter_cfb, -+ &cfx); -+ -+ /* Only do the is-file-already-compressed check if we are using a -+ * MDC or AEAD. This forces compressed files to be re-compressed if -+ * we do not have a MDC to give some protection against chosen -+ * ciphertext attacks. */ -+ if (do_compress -+ && (cfx.dek->use_mdc || cfx.dek->use_aead) -+ && !opt.explicit_compress_option -+ && is_file_compressed (inp)) -+ { -+ if (opt.verbose) -+ log_info(_("'%s' already compressed\n"), filename? filename: "[stdin]"); -+ do_compress = 0; -+ } -+ - if (!opt.no_literal) - { - pt->timestamp = make_timestamp(); -@@ -974,12 +955,6 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename, - else - cfx.datalen = filesize && !do_compress ? filesize : 0; - -- /* Register the cipher filter. */ -- iobuf_push_filter (out, -- cfx.dek->use_aead? cipher_filter_aead -- /**/ : cipher_filter_cfb, -- &cfx); -- - /* Register the compress filter. */ - if (do_compress) - { ---- a/g10/sign.c -+++ b/g10/sign.c -@@ -1035,9 +1035,6 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr, - int multifile = 0; - u32 duration=0; - pt_extra_hash_data_t extrahash = NULL; -- char peekbuf[32]; -- int peekbuflen = 0; -- - - pfx = new_progress_context (); - afx = new_armor_context (); -@@ -1096,14 +1093,6 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr, - goto leave; - } - -- peekbuflen = iobuf_ioctl (inp, IOBUF_IOCTL_PEEK, sizeof peekbuf, peekbuf); -- if (peekbuflen < 0) -- { -- peekbuflen = 0; -- if (DBG_FILTER) -- log_debug ("peeking at input failed\n"); -- } -- - handle_progress (pfx, inp, fname); - } - -@@ -1261,7 +1250,7 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr, - int compr_algo = opt.compress_algo; - - if (!opt.explicit_compress_option -- && is_file_compressed (peekbuf, peekbuflen)) -+ && is_file_compressed (inp)) - { - if (opt.verbose) - log_info(_("'%s' already compressed\n"), fname? fname: "[stdin]"); --- -2.11.0 diff --git a/app-crypt/gnupg/files/gnupg-2.4.3-no-ldap.patch b/app-crypt/gnupg/files/gnupg-2.4.3-no-ldap.patch deleted file mode 100644 index 06d4221488e9..000000000000 --- a/app-crypt/gnupg/files/gnupg-2.4.3-no-ldap.patch +++ /dev/null @@ -1,28 +0,0 @@ -https://dev.gnupg.org/T6579 -https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=dc13361524c1477b2106c7385f2059f9ea111b84 - -From dc13361524c1477b2106c7385f2059f9ea111b84 Mon Sep 17 00:00:00 2001 -From: NIIBE Yutaka <gniibe@fsij.org> -Date: Wed, 5 Jul 2023 09:29:54 +0900 -Subject: [PATCH] dirmngr: Enable the call of ks_ldap_help_variables when - USE_LDAP. - -* dirmngr/server.c [USE_LDAP] (cmd_ad_query): Conditionalize. - --- - -Signed-off-by: NIIBE Yutaka <gniibe@fsij.org> ---- a/dirmngr/server.c -+++ b/dirmngr/server.c -@@ -2776,7 +2776,9 @@ cmd_ad_query (assuan_context_t ctx, char *line) - - if (opt_help) - { -+#if USE_LDAP - ks_ldap_help_variables (ctrl); -+#endif - err = 0; - goto leave; - } --- -2.11.0 diff --git a/app-crypt/gnupg/gnupg-2.4.3-r1.ebuild b/app-crypt/gnupg/gnupg-2.4.3-r1.ebuild deleted file mode 100644 index 48e3b7e762e4..000000000000 --- a/app-crypt/gnupg/gnupg-2.4.3-r1.ebuild +++ /dev/null @@ -1,198 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -# Maintainers should: -# 1. Join the "Gentoo" project at https://dev.gnupg.org/project/view/27/ -# 2. Subscribe to release tasks like https://dev.gnupg.org/T6159 -# (find the one for the current release then subscribe to it + -# any subsequent ones linked within so you're covered for a while.) - -VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/gnupg.asc -# in-source builds are not supported: https://dev.gnupg.org/T6313#166339 -inherit flag-o-matic out-of-source multiprocessing systemd toolchain-funcs verify-sig - -MY_P="${P/_/-}" - -DESCRIPTION="The GNU Privacy Guard, a GPL OpenPGP implementation" -HOMEPAGE="https://gnupg.org/" -SRC_URI="mirror://gnupg/gnupg/${MY_P}.tar.bz2" -SRC_URI+=" verify-sig? ( mirror://gnupg/gnupg/${P}.tar.bz2.sig )" -S="${WORKDIR}/${MY_P}" - -LICENSE="GPL-3+" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" -IUSE="bzip2 doc ldap nls readline selinux +smartcard ssl test +tofu tpm tools usb user-socket wks-server" -RESTRICT="!test? ( test )" -REQUIRED_USE="test? ( tofu )" - -# Existence of executables is checked during configuration. -# Note: On each bump, update dep bounds on each version from configure.ac! -DEPEND=" - >=dev-libs/libassuan-2.5.0 - >=dev-libs/libgcrypt-1.9.1:= - >=dev-libs/libgpg-error-1.46 - >=dev-libs/libksba-1.6.3 - >=dev-libs/npth-1.2 - >=net-misc/curl-7.10 - sys-libs/zlib - bzip2? ( app-arch/bzip2 ) - ldap? ( net-nds/openldap:= ) - readline? ( sys-libs/readline:0= ) - smartcard? ( usb? ( virtual/libusb:1 ) ) - tofu? ( >=dev-db/sqlite-3.27 ) - tpm? ( >=app-crypt/tpm2-tss-2.4.0:= ) - ssl? ( >=net-libs/gnutls-3.0:0= ) -" -RDEPEND=" - ${DEPEND} - nls? ( virtual/libintl ) - selinux? ( sec-policy/selinux-gpg ) - wks-server? ( virtual/mta ) -" -PDEPEND=" - app-crypt/pinentry -" -BDEPEND=" - virtual/pkgconfig - doc? ( sys-apps/texinfo ) - nls? ( sys-devel/gettext ) - verify-sig? ( sec-keys/openpgp-keys-gnupg ) -" - -DOCS=( - ChangeLog NEWS README THANKS TODO VERSION - doc/FAQ doc/DETAILS doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER -) - -PATCHES=( - "${FILESDIR}"/${PN}-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch - "${FILESDIR}"/${PN}-2.4.2-fix-emacs.patch - "${FILESDIR}"/${P}-no-ldap.patch -) - -src_prepare() { - default - - GNUPG_SYSTEMD_UNITS=( - dirmngr.service - dirmngr.socket - gpg-agent-browser.socket - gpg-agent-extra.socket - gpg-agent.service - gpg-agent.socket - gpg-agent-ssh.socket - ) - - cp "${GNUPG_SYSTEMD_UNITS[@]/#/${FILESDIR}/}" "${T}" || die - - # Inject SSH_AUTH_SOCK into user's sessions after enabling gpg-agent-ssh.socket in systemctl --user mode, - # idea borrowed from libdbus, see - # https://gitlab.freedesktop.org/dbus/dbus/-/blob/master/bus/systemd-user/dbus.socket.in#L6 - # - # This cannot be upstreamed, as it requires determining the exact prefix of 'systemctl', - # which in turn requires discovery in Autoconf, something that upstream deeply resents. - sed -e "/DirectoryMode=/a ExecStartPost=-${EPREFIX}/bin/systemctl --user set-environment SSH_AUTH_SOCK=%t/gnupg/S.gpg-agent.ssh" \ - -i "${T}"/gpg-agent-ssh.socket || die -} - -my_src_configure() { - # Upstream don't support LTO, bug #854222. - filter-lto - - local myconf=( - $(use_enable bzip2) - $(use_enable nls) - $(use_enable smartcard scdaemon) - $(use_enable ssl gnutls) - $(use_enable test all-tests) - $(use_enable test tests) - $(use_enable tofu) - $(use_enable tofu keyboxd) - $(use_enable tofu sqlite) - $(usex tpm '--with-tss=intel' '--disable-tpm2d') - $(use smartcard && use_enable usb ccid-driver || echo '--disable-ccid-driver') - $(use_enable wks-server wks-tools) - $(use_with ldap) - $(use_with readline) - - # Hardcode mailprog to /usr/libexec/sendmail even if it does not exist. - # As of GnuPG 2.3, the mailprog substitution is used for the binary called - # by wks-client & wks-server; and if it's autodetected but not not exist at - # build time, then then 'gpg-wks-client --send' functionality will not - # work. This has an unwanted side-effect in stage3 builds: there was a - # [R]DEPEND on virtual/mta, which also brought in virtual/logger, bloating - # the build where the install guide previously make the user chose the - # logger & mta early in the install. - --with-mailprog=/usr/libexec/sendmail - - --disable-ntbtls - --enable-gpgsm - --enable-large-secmem - - CC_FOR_BUILD="$(tc-getBUILD_CC)" - GPG_ERROR_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-gpg-error-config" - KSBA_CONFIG="${ESYSROOT}/usr/bin/ksba-config" - LIBASSUAN_CONFIG="${ESYSROOT}/usr/bin/libassuan-config" - LIBGCRYPT_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-libgcrypt-config" - NPTH_CONFIG="${ESYSROOT}/usr/bin/npth-config" - - $("${S}/configure" --help | grep -o -- '--without-.*-prefix') - ) - - if use prefix && use usb; then - # bug #649598 - append-cppflags -I"${ESYSROOT}/usr/include/libusb-1.0" - fi - - # bug #663142 - if use user-socket; then - myconf+=( --enable-run-gnupg-user-socket ) - fi - - # glib fails and picks up clang's internal stdint.h causing weird errors - tc-is-clang && export gl_cv_absolute_stdint_h="${ESYSROOT}"/usr/include/stdint.h - - econf "${myconf[@]}" -} - -my_src_compile() { - default - - use doc && emake -C doc html -} - -my_src_test() { - export TESTFLAGS="--parallel=$(makeopts_jobs)" - - default -} - -my_src_install() { - emake DESTDIR="${D}" install - - use tools && dobin tools/{gpgconf,gpgsplit,gpg-check-pattern} tools/make-dns-cert - - dosym gpg /usr/bin/gpg2 - dosym gpgv /usr/bin/gpgv2 - echo ".so man1/gpg.1" > "${ED}"/usr/share/man/man1/gpg2.1 || die - echo ".so man1/gpgv.1" > "${ED}"/usr/share/man/man1/gpgv2.1 || die - - dodir /etc/env.d - echo "CONFIG_PROTECT=/usr/share/gnupg/qualified.txt" >> "${ED}"/etc/env.d/30gnupg || die - - use doc && dodoc doc/gnupg.html/* -} - -my_src_install_all() { - einstalldocs - - use tools && dobin tools/{convert-from-106,mail-signed-keys,lspgpot} - use doc && dodoc doc/*.png - - # Dropped upstream in https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff;h=eae28f1bd4a5632e8f8e85b7248d1c4d4a10a5ed. - dodoc "${FILESDIR}"/README-systemd - systemd_douserunit "${GNUPG_SYSTEMD_UNITS[@]/#/${T}/}" -} diff --git a/app-crypt/gnupg/gnupg-2.4.4.ebuild b/app-crypt/gnupg/gnupg-2.4.4.ebuild deleted file mode 100644 index f01cb0b88152..000000000000 --- a/app-crypt/gnupg/gnupg-2.4.4.ebuild +++ /dev/null @@ -1,198 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -# Maintainers should: -# 1. Join the "Gentoo" project at https://dev.gnupg.org/project/view/27/ -# 2. Subscribe to release tasks like https://dev.gnupg.org/T6159 -# (find the one for the current release then subscribe to it + -# any subsequent ones linked within so you're covered for a while.) - -VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/gnupg.asc -# in-source builds are not supported: https://dev.gnupg.org/T6313#166339 -inherit flag-o-matic out-of-source multiprocessing systemd toolchain-funcs verify-sig - -MY_P="${P/_/-}" - -DESCRIPTION="The GNU Privacy Guard, a GPL OpenPGP implementation" -HOMEPAGE="https://gnupg.org/" -SRC_URI="mirror://gnupg/gnupg/${MY_P}.tar.bz2" -SRC_URI+=" verify-sig? ( mirror://gnupg/gnupg/${P}.tar.bz2.sig )" -S="${WORKDIR}/${MY_P}" - -LICENSE="GPL-3+" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris" -IUSE="bzip2 doc ldap nls readline selinux +smartcard ssl test +tofu tpm tools usb user-socket wks-server" -RESTRICT="!test? ( test )" -REQUIRED_USE="test? ( tofu )" - -# Existence of executables is checked during configuration. -# Note: On each bump, update dep bounds on each version from configure.ac! -DEPEND=" - >=dev-libs/libassuan-2.5.0 - >=dev-libs/libgcrypt-1.9.1:= - >=dev-libs/libgpg-error-1.46 - >=dev-libs/libksba-1.6.3 - >=dev-libs/npth-1.2 - >=net-misc/curl-7.10 - sys-libs/zlib - bzip2? ( app-arch/bzip2 ) - ldap? ( net-nds/openldap:= ) - readline? ( sys-libs/readline:0= ) - smartcard? ( usb? ( virtual/libusb:1 ) ) - tofu? ( >=dev-db/sqlite-3.27 ) - tpm? ( >=app-crypt/tpm2-tss-2.4.0:= ) - ssl? ( >=net-libs/gnutls-3.2:0= ) -" -RDEPEND=" - ${DEPEND} - nls? ( virtual/libintl ) - selinux? ( sec-policy/selinux-gpg ) - wks-server? ( virtual/mta ) -" -PDEPEND=" - app-crypt/pinentry -" -BDEPEND=" - virtual/pkgconfig - doc? ( sys-apps/texinfo ) - nls? ( sys-devel/gettext ) - verify-sig? ( sec-keys/openpgp-keys-gnupg ) -" - -DOCS=( - ChangeLog NEWS README THANKS TODO VERSION - doc/FAQ doc/DETAILS doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER -) - -PATCHES=( - "${FILESDIR}"/${PN}-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch - #"${FILESDIR}"/${PN}-2.4.2-fix-emacs.patch - #"${FILESDIR}"/${PN}-2.4.3-no-ldap.patch -) - -src_prepare() { - default - - GNUPG_SYSTEMD_UNITS=( - dirmngr.service - dirmngr.socket - gpg-agent-browser.socket - gpg-agent-extra.socket - gpg-agent.service - gpg-agent.socket - gpg-agent-ssh.socket - ) - - cp "${GNUPG_SYSTEMD_UNITS[@]/#/${FILESDIR}/}" "${T}" || die - - # Inject SSH_AUTH_SOCK into user's sessions after enabling gpg-agent-ssh.socket in systemctl --user mode, - # idea borrowed from libdbus, see - # https://gitlab.freedesktop.org/dbus/dbus/-/blob/master/bus/systemd-user/dbus.socket.in#L6 - # - # This cannot be upstreamed, as it requires determining the exact prefix of 'systemctl', - # which in turn requires discovery in Autoconf, something that upstream deeply resents. - sed -e "/DirectoryMode=/a ExecStartPost=-${EPREFIX}/bin/systemctl --user set-environment SSH_AUTH_SOCK=%t/gnupg/S.gpg-agent.ssh" \ - -i "${T}"/gpg-agent-ssh.socket || die -} - -my_src_configure() { - # Upstream don't support LTO, bug #854222. - filter-lto - - local myconf=( - $(use_enable bzip2) - $(use_enable nls) - $(use_enable smartcard scdaemon) - $(use_enable ssl gnutls) - $(use_enable test all-tests) - $(use_enable test tests) - $(use_enable tofu) - $(use_enable tofu keyboxd) - $(use_enable tofu sqlite) - $(usex tpm '--with-tss=intel' '--disable-tpm2d') - $(use smartcard && use_enable usb ccid-driver || echo '--disable-ccid-driver') - $(use_enable wks-server wks-tools) - $(use_with ldap) - $(use_with readline) - - # Hardcode mailprog to /usr/libexec/sendmail even if it does not exist. - # As of GnuPG 2.3, the mailprog substitution is used for the binary called - # by wks-client & wks-server; and if it's autodetected but not not exist at - # build time, then then 'gpg-wks-client --send' functionality will not - # work. This has an unwanted side-effect in stage3 builds: there was a - # [R]DEPEND on virtual/mta, which also brought in virtual/logger, bloating - # the build where the install guide previously make the user chose the - # logger & mta early in the install. - --with-mailprog=/usr/libexec/sendmail - - --disable-ntbtls - --enable-gpgsm - --enable-large-secmem - - CC_FOR_BUILD="$(tc-getBUILD_CC)" - GPG_ERROR_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-gpg-error-config" - KSBA_CONFIG="${ESYSROOT}/usr/bin/ksba-config" - LIBASSUAN_CONFIG="${ESYSROOT}/usr/bin/libassuan-config" - LIBGCRYPT_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-libgcrypt-config" - NPTH_CONFIG="${ESYSROOT}/usr/bin/npth-config" - - $("${S}/configure" --help | grep -o -- '--without-.*-prefix') - ) - - if use prefix && use usb; then - # bug #649598 - append-cppflags -I"${ESYSROOT}/usr/include/libusb-1.0" - fi - - # bug #663142 - if use user-socket; then - myconf+=( --enable-run-gnupg-user-socket ) - fi - - # glib fails and picks up clang's internal stdint.h causing weird errors - tc-is-clang && export gl_cv_absolute_stdint_h="${ESYSROOT}"/usr/include/stdint.h - - econf "${myconf[@]}" -} - -my_src_compile() { - default - - use doc && emake -C doc html -} - -my_src_test() { - export TESTFLAGS="--parallel=$(makeopts_jobs)" - - default -} - -my_src_install() { - emake DESTDIR="${D}" install - - use tools && dobin tools/{gpgconf,gpgsplit,gpg-check-pattern} tools/make-dns-cert - - dosym gpg /usr/bin/gpg2 - dosym gpgv /usr/bin/gpgv2 - echo ".so man1/gpg.1" > "${ED}"/usr/share/man/man1/gpg2.1 || die - echo ".so man1/gpgv.1" > "${ED}"/usr/share/man/man1/gpgv2.1 || die - - dodir /etc/env.d - echo "CONFIG_PROTECT=/usr/share/gnupg/qualified.txt" >> "${ED}"/etc/env.d/30gnupg || die - - use doc && dodoc doc/gnupg.html/* -} - -my_src_install_all() { - einstalldocs - - use tools && dobin tools/{convert-from-106,mail-signed-keys,lspgpot} - use doc && dodoc doc/*.png - - # Dropped upstream in https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff;h=eae28f1bd4a5632e8f8e85b7248d1c4d4a10a5ed. - dodoc "${FILESDIR}"/README-systemd - systemd_douserunit "${GNUPG_SYSTEMD_UNITS[@]/#/${T}/}" -} |