|
@@ -1,9 +1,9 @@
|
|
-%global install_as_gpg2 1
|
|
|
|
|
|
+%global install_as_gpg2 0
|
|
|
|
|
|
Summary: Utility for secure communication and data storage
|
|
Summary: Utility for secure communication and data storage
|
|
Summary(ja): GnuPG2 - 安全なデータ交換と保存のためのユーティリティ
|
|
Summary(ja): GnuPG2 - 安全なデータ交換と保存のためのユーティリティ
|
|
Name: gnupg2
|
|
Name: gnupg2
|
|
-Version: 2.2.41
|
|
|
|
|
|
+Version: 2.4.3
|
|
Release: 1%{?_dist_release}
|
|
Release: 1%{?_dist_release}
|
|
Group: security
|
|
Group: security
|
|
Vendor: Project Vine
|
|
Vendor: Project Vine
|
|
@@ -15,23 +15,28 @@ URL: http://www.gnupg.org/
|
|
Source0: https://gnupg.org/ftp/gcrypt/gnupg/gnupg-%{version}.tar.bz2
|
|
Source0: https://gnupg.org/ftp/gcrypt/gnupg/gnupg-%{version}.tar.bz2
|
|
Source1: https://gnupg.org/ftp/gcrypt/gnupg/gnupg-%{version}.tar.bz2.sig
|
|
Source1: https://gnupg.org/ftp/gcrypt/gnupg/gnupg-%{version}.tar.bz2.sig
|
|
|
|
|
|
-Patch1: gnupg-2.2.23-insttools.patch
|
|
|
|
# needed for compatibility with system FIPS mode
|
|
# needed for compatibility with system FIPS mode
|
|
Patch3: gnupg-2.1.10-secmem.patch
|
|
Patch3: gnupg-2.1.10-secmem.patch
|
|
# non-upstreamable patch adding file-is-digest option needed for Copr
|
|
# non-upstreamable patch adding file-is-digest option needed for Copr
|
|
-Patch4: gnupg-2.2.20-file-is-digest.patch
|
|
|
|
-# fix handling of missing key usage on ocsp replies - upstream T1333
|
|
|
|
-Patch5: gnupg-2.2.16-ocsp-keyusage.patch
|
|
|
|
|
|
+# https://dev.gnupg.org/T1646
|
|
|
|
+Patch4: gnupg-2.4.1-file-is-digest.patch
|
|
Patch6: gnupg-2.1.1-fips-algo.patch
|
|
Patch6: gnupg-2.1.1-fips-algo.patch
|
|
# allow 8192 bit RSA keys in keygen UI with large RSA
|
|
# allow 8192 bit RSA keys in keygen UI with large RSA
|
|
Patch9: gnupg-2.2.23-large-rsa.patch
|
|
Patch9: gnupg-2.2.23-large-rsa.patch
|
|
# fix missing uid on refresh from keys.openpgp.org
|
|
# fix missing uid on refresh from keys.openpgp.org
|
|
# https://salsa.debian.org/debian/gnupg2/commit/f292beac1171c6c77faf41d1f88c2e0942ed4437
|
|
# https://salsa.debian.org/debian/gnupg2/commit/f292beac1171c6c77faf41d1f88c2e0942ed4437
|
|
Patch20: gnupg-2.2.18-tests-add-test-cases-for-import-without-uid.patch
|
|
Patch20: gnupg-2.2.18-tests-add-test-cases-for-import-without-uid.patch
|
|
-Patch21: gnupg-2.2.41-gpg-allow-import-of-previously-known-keys-even-without-UI.patch
|
|
|
|
|
|
+Patch21: gnupg-2.4.0-gpg-allow-import-of-previously-known-keys-even-without-UI.patch
|
|
Patch22: gnupg-2.2.18-gpg-accept-subkeys-with-a-good-revocation-but-no-self-sig.patch
|
|
Patch22: gnupg-2.2.18-gpg-accept-subkeys-with-a-good-revocation-but-no-self-sig.patch
|
|
# Fixes for issues found in Coverity scan - reported upstream
|
|
# Fixes for issues found in Coverity scan - reported upstream
|
|
Patch30: gnupg-2.2.21-coverity.patch
|
|
Patch30: gnupg-2.2.21-coverity.patch
|
|
|
|
+# Revert the introduction of the RFC4880bis draft into defaults
|
|
|
|
+Patch31: gnupg2-revert-rfc4880bis.patch
|
|
|
|
+# fix emacs usage etc (see https://dev.gnupg.org/T6481) via upstream patch
|
|
|
|
+# https://dev.gnupg.org/rG2f872fa68c6576724b9dabee9fb0844266f55d0d
|
|
|
|
+# cherry-picked on top of gnupg 2.4.2 + gnupg-2.4.1-file-is-digest.patch
|
|
|
|
+Patch32: gnupg-2.4.2-gpg-Report-BEGIN_-status-before-examining-the-input.patch
|
|
|
|
+
|
|
|
|
|
|
#BuildRequires: automake libtool texinfo transfig
|
|
#BuildRequires: automake libtool texinfo transfig
|
|
BuildRequires: bzip2-devel
|
|
BuildRequires: bzip2-devel
|
|
@@ -51,18 +56,13 @@ BuildRequires: zlib-devel
|
|
BuildRequires: gnutls-devel
|
|
BuildRequires: gnutls-devel
|
|
BuildRequires: sqlite-devel
|
|
BuildRequires: sqlite-devel
|
|
BuildRequires: fuse
|
|
BuildRequires: fuse
|
|
-
|
|
|
|
-Requires: /sbin/install-info
|
|
|
|
-
|
|
|
|
Recommends: pinentry
|
|
Recommends: pinentry
|
|
Recommends: gnupg2-smime
|
|
Recommends: gnupg2-smime
|
|
|
|
|
|
-%if 0%{?rhel} > 5
|
|
|
|
-# pgp-tools, perl-GnuPG-Interface requires 'gpg' (not sure why) -- Rex
|
|
|
|
-Provides: gpg = %{version}-%{release}
|
|
|
|
|
|
+%if !0%{?install_as_gpg2}
|
|
# Obsolete GnuPG-1 package
|
|
# Obsolete GnuPG-1 package
|
|
Provides: gnupg = %{version}-%{release}
|
|
Provides: gnupg = %{version}-%{release}
|
|
-Obsoletes: gnupg <= 1.4.10
|
|
|
|
|
|
+Obsoletes: gnupg < 1.5.0
|
|
%endif
|
|
%endif
|
|
|
|
|
|
Provides: dirmngr = %{version}-%{release}
|
|
Provides: dirmngr = %{version}-%{release}
|
|
@@ -117,10 +117,8 @@ to the base GnuPG package
|
|
%prep
|
|
%prep
|
|
%setup -q -n gnupg-%{version}
|
|
%setup -q -n gnupg-%{version}
|
|
|
|
|
|
-%patch1 -p1 -b .insttools
|
|
|
|
%patch3 -p1 -b .secmem
|
|
%patch3 -p1 -b .secmem
|
|
%patch4 -p1 -b .file-is-digest
|
|
%patch4 -p1 -b .file-is-digest
|
|
-%patch5 -p1 -b .keyusage
|
|
|
|
%patch6 -p1 -b .fips
|
|
%patch6 -p1 -b .fips
|
|
%patch9 -p1 -b .large-rsa
|
|
%patch9 -p1 -b .large-rsa
|
|
|
|
|
|
@@ -129,6 +127,8 @@ to the base GnuPG package
|
|
%patch22 -p1 -b .good_revoc
|
|
%patch22 -p1 -b .good_revoc
|
|
|
|
|
|
%patch30 -p1 -b .coverity
|
|
%patch30 -p1 -b .coverity
|
|
|
|
+%patch31 -p1 -b .revert-rfc4880bis
|
|
|
|
+%patch32 -p1 -b .report-begin
|
|
|
|
|
|
# pcsc-lite library major: 0 in 1.2.0, 1 in 1.2.9+ (dlopen()'d in pcsc-wrapper)
|
|
# pcsc-lite library major: 0 in 1.2.0, 1 in 1.2.9+ (dlopen()'d in pcsc-wrapper)
|
|
# Note: this is just the name of the default shared lib to load in scdaemon,
|
|
# Note: this is just the name of the default shared lib to load in scdaemon,
|
|
@@ -189,11 +189,13 @@ install -m644 -p AUTHORS NEWS THANKS TODO \
|
|
rm -f %{buildroot}%{_infodir}/dir
|
|
rm -f %{buildroot}%{_infodir}/dir
|
|
|
|
|
|
|
|
|
|
|
|
+%ifarch x86_64
|
|
%check
|
|
%check
|
|
# need scratch gpg database for tests
|
|
# need scratch gpg database for tests
|
|
mkdir -p $HOME/.gnupg
|
|
mkdir -p $HOME/.gnupg
|
|
# some gpg2 tests (still) FAIL on non i386 platforms
|
|
# some gpg2 tests (still) FAIL on non i386 platforms
|
|
make -k check
|
|
make -k check
|
|
|
|
+%endif
|
|
|
|
|
|
|
|
|
|
%if !0%{?install_as_gpg2}
|
|
%if !0%{?install_as_gpg2}
|
|
@@ -211,6 +213,15 @@ do
|
|
done
|
|
done
|
|
%endif
|
|
%endif
|
|
|
|
|
|
|
|
+%triggerpreun -- gnupg < 1.5.0
|
|
|
|
+echo | gzip > %{_infodir}/gpg.info.gz ||:
|
|
|
|
+echo | gzip > %{_infodir}/gpgv.info.gz ||:
|
|
|
|
+exit 0
|
|
|
|
+
|
|
|
|
+%triggerpostun -- gnupg < 1.5.0
|
|
|
|
+rm -f %{_infodir}/gpg.info.gz ||:
|
|
|
|
+rm -f %{_infodir}/gpgv.info.gz ||:
|
|
|
|
+
|
|
|
|
|
|
%files -f %{name}.lang
|
|
%files -f %{name}.lang
|
|
%{!?_licensedir:%global license %%doc}
|
|
%{!?_licensedir:%global license %%doc}
|
|
@@ -220,17 +231,16 @@ done
|
|
%dir %{_sysconfdir}/gnupg
|
|
%dir %{_sysconfdir}/gnupg
|
|
%ghost %config(noreplace) %{_sysconfdir}/gnupg/gpgconf.conf
|
|
%ghost %config(noreplace) %{_sysconfdir}/gnupg/gpgconf.conf
|
|
## docs say to install suid root, but fedora/rh security folk say not to
|
|
## docs say to install suid root, but fedora/rh security folk say not to
|
|
-%if %{?install_as_gpg2}
|
|
|
|
-%{_bindir}/gpg2
|
|
|
|
-%{_bindir}/gpgv2
|
|
|
|
-%else
|
|
|
|
|
|
+%if !%{?install_as_gpg2}
|
|
%{_bindir}/gpg
|
|
%{_bindir}/gpg
|
|
%{_bindir}/gpgv
|
|
%{_bindir}/gpgv
|
|
-%{_bindir}/gpg-zip
|
|
|
|
%{_bindir}/gpgsplit
|
|
%{_bindir}/gpgsplit
|
|
%endif
|
|
%endif
|
|
|
|
+%{_bindir}/gpg2
|
|
|
|
+%{_bindir}/gpgv2
|
|
%{_bindir}/gpg-connect-agent
|
|
%{_bindir}/gpg-connect-agent
|
|
%{_bindir}/gpg-agent
|
|
%{_bindir}/gpg-agent
|
|
|
|
+%{_bindir}/gpg-card
|
|
%{_bindir}/gpgconf
|
|
%{_bindir}/gpgconf
|
|
%{_bindir}/gpgparsemail
|
|
%{_bindir}/gpgparsemail
|
|
%{_bindir}/gpgscm
|
|
%{_bindir}/gpgscm
|
|
@@ -239,24 +249,26 @@ done
|
|
%{_bindir}/dirmngr-client
|
|
%{_bindir}/dirmngr-client
|
|
%{_bindir}/watchgnupg
|
|
%{_bindir}/watchgnupg
|
|
%{_bindir}/gpg-wks-server
|
|
%{_bindir}/gpg-wks-server
|
|
|
|
+%{_bindir}/gpg-wks-client
|
|
%{_sbindir}/*
|
|
%{_sbindir}/*
|
|
%{_datadir}/gnupg/
|
|
%{_datadir}/gnupg/
|
|
%{_libexecdir}/*
|
|
%{_libexecdir}/*
|
|
%{_infodir}/*.info*
|
|
%{_infodir}/*.info*
|
|
%{_mandir}/man?/*
|
|
%{_mandir}/man?/*
|
|
%exclude %{_mandir}/man?/gpgsm*
|
|
%exclude %{_mandir}/man?/gpgsm*
|
|
-%exclude %{_mandir}/man?/scdaemon*
|
|
|
|
-%exclude %{_libexecdir}/scdaemon
|
|
|
|
|
|
|
|
%files smime
|
|
%files smime
|
|
%{_bindir}/gpgsm*
|
|
%{_bindir}/gpgsm*
|
|
%{_bindir}/kbxutil
|
|
%{_bindir}/kbxutil
|
|
-%{_libexecdir}/scdaemon
|
|
|
|
%{_mandir}/man?/gpgsm*
|
|
%{_mandir}/man?/gpgsm*
|
|
-%{_mandir}/man?/scdaemon*
|
|
|
|
|
|
|
|
|
|
|
|
%changelog
|
|
%changelog
|
|
|
|
+* Thu Oct 19 2023 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> - 2.4.3-1
|
|
|
|
+- update to 2.4.3.
|
|
|
|
+- re-imported all patches from rawhide.
|
|
|
|
+- Obsoletes:gnupg(1.x).
|
|
|
|
+
|
|
* Thu Jan 05 2023 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> - 2.2.41-1
|
|
* Thu Jan 05 2023 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> - 2.2.41-1
|
|
- update to 2.2.41.
|
|
- update to 2.2.41.
|
|
- updated Patch21.
|
|
- updated Patch21.
|