From f2805f293dd95bbc32bd49134263f52d8212508d Mon Sep 17 00:00:00 2001
From: Alexis Hildebrandt <afh@surryhill.net>
Date: Sat, 20 Aug 2022 10:28:03 +0200
Subject: [PATCH] gnupg: Fix regression when using YubiKey devices

as smart cards.
---
 pkgs/tools/security/gnupg/23.nix | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/pkgs/tools/security/gnupg/23.nix b/pkgs/tools/security/gnupg/23.nix
index b93e533e6fd8..af28b4903df2 100644
--- a/pkgs/tools/security/gnupg/23.nix
+++ b/pkgs/tools/security/gnupg/23.nix
@@ -32,6 +32,14 @@ stdenv.mkDerivation rec {
 
     # Patch for DoS vuln from https://seclists.org/oss-sec/2022/q3/27
     ./v3-0001-Disallow-compressed-signatures-and-certificates.patch
+
+    # Fix regression when using YubiKey devices as smart cards.
+    # See https://dev.gnupg.org/T6070 for details.
+    # Committed upstream, remove this patch when updating to the next release.
+    (fetchpatch {
+      url = "https://dev.gnupg.org/rGf34b9147eb3070bce80d53febaa564164cd6c977?diff=1";
+      sha256 = "sha256-J/PLSz8yiEgtGv+r3BTGTHrikV70AbbHQPo9xbjaHFE=";
+    })
   ];
   postPatch = ''
     sed -i 's,\(hkps\|https\)://keyserver.ubuntu.com,hkps://keys.openpgp.org,g' configure configure.ac doc/dirmngr.texi doc/gnupg.info-1