Commit Graph

237 Commits

Author SHA1 Message Date
David Morgan
b42437fd01
[staging] gnupg 2.4.3 -> 2.4.4 2024-01-29 14:04:39 +00:00
Vladimír Čunát
ab8bda5a1b
Merge #265294: gnupg: 2.4.1 -> 2.4.3
...into staging
2024-01-18 13:37:38 +01:00
Stig
1606d72fc3
Merge pull request #262928 from Valodim/gpg-revert-rfc4880bis
[staging] gnupg: revert defaults to openpgp in 2.4 branch
2024-01-01 13:01:54 +01:00
Sergei Trofimovich
2941ce1993 gnupg22: fix tests eval
Without the change `tests` attribute fails to resolve testsuite:

    $ nix build --no-link -f. gnupg22.tests
    error: attribute 'nixosTests' missing
2023-12-28 23:12:55 +00:00
Peder Bergebakken Sundt
f41aba3739 treewide: remove unreferenced patch files
Found with `fd \\.patch$ pkgs/ -x bash -c 'rg -F "{/}" pkgs/ -q || echo {}'`
2023-12-01 06:11:20 +01:00
IogaMaster
84ef5ebe4d gnupg: 2.4.1 -> 2.4.3 2023-11-03 12:33:41 -06:00
Vincent Breitmoser
b8f8c9b413 gnupg: revert defaults to openpgp in 2.4 branch
GnuPG upstream changed some of its behavior on the 2.4 branch to use its
own, non-standardized format for keys and encrypted data by default.
This affects in particular the way that keys are generated, and
algorithm capability flags within now signal the ability to use GnuPG's
own AEAD encryption format.

Notably, these formats are not compatible with other implementations of
OpenPGP. It is based on a draft spec that is specific to GnuPG
(draft-koch-openpgp-2015-rfc4880bis), and not compatible with the format
that is on track to be standardized as upcoming OpenPGP version 6.

The political circumstances that led to this issue are complex (and a
bit dumb), but in the end GnuPG emitting incompatible packets is
certainly in noone's interest. This patch is a revert of a GnuPG
upstream commit as it is applied by Fedora, I suggest we follow suit
until the situation becomes more clear.

See also: https://src.fedoraproject.org/rpms/gnupg2/pull-request/15
2023-10-23 14:44:44 +02:00
David McFarland
dce1a85956
Revert "Revert "gnupg: 2.4.0 -> 2.4.1""
This reverts commit 87681f75eb.
2023-06-29 13:13:26 +02:00
David McFarland
8a74c9bd31
gnupg: remove systemd user config
This was removed upstream in:

eae28f1bd4
2023-06-29 13:13:20 +02:00
Michele Guerini Rocco
547cd96f10
Merge pull request #231108 from corngood/gpg-agent
nixos/gnupg: add systemd configuration
2023-06-26 16:22:41 +02:00
David McFarland
51fd00925f gnupg: fix test attribute key 2023-06-16 08:21:47 -03:00
David McFarland
ffb5d3d105 gnupg: fix tests 2023-05-12 08:04:31 -03:00
Vladimír Čunát
87681f75eb
Revert "gnupg: 2.4.0 -> 2.4.1" 2023-05-10 08:47:55 +02:00
Alexis Hildebrandt
c09feb83e0 gnupg: Add changelog 2023-05-07 23:02:24 +02:00
Alexis Hildebrandt
122e7746ee gnupg: 2.4.0 -> 2.4.1 2023-04-30 21:30:17 +02:00
Alexis Hildebrandt
f35c2b0b92
Apply suggestions from code review
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
2023-04-16 07:27:33 +02:00
Alexis Hildebrandt
f92d7c3a20 gnupg: Remove patch for code that is disabled upstream 2023-04-13 20:29:26 +02:00
Alexis Hildebrandt
6f635e39af gnupg: Add LTS version 2.2.41 2023-04-13 20:29:26 +02:00
Sandro Jäckel
6507c049fd
gnupg: look for system wide config files at /etc/gnupg/* rather than in the nix store 2023-04-11 13:24:30 +02:00
Artturin
f9fdf2d402 treewide: move NIX_CFLAGS_COMPILE to the env attrset
with structuredAttrs lists will be bash arrays which cannot be exported
which will be a issue with some patches and some wrappers like cc-wrapper

this makes it clearer that NIX_CFLAGS_COMPILE must be a string as lists
in env cause a eval failure
2023-02-22 21:23:04 +02:00
Vladimír Čunát
3356399453
Merge branch 'master' into staging-next 2023-02-07 17:36:16 +01:00
rnhmjoj
e375feffbe
gnupg: add NixOS tests to passthru 2023-02-07 08:47:14 +01:00
Vladimír Čunát
770bf7e2de
Merge #207071: gnupg: 2.3.7 -> 2.4.0
...into staging
2023-02-01 10:32:53 +01:00
Doron Behar
d3b076da38 gnupg: 2.3.7 -> 2.4.0 2022-12-24 20:33:26 +02:00
Dan Callahan
973c7b12ca
gnupg: fix smartcards (yubikeys) on Darwin
Since version 2.3, GnuPG no longer falls back to other access methods if
its built-in CCID driver fails to access smartcards, including yubikeys.

The built-in CCID driver fails on macOS.

The upstream developers recommend disabling CCID support in this case:

    If it works and the distribution doesn't offer appropriate USB
    configuration, I think that it's good for the distribution to use
    --disable-ccid-driver for building GnuPG.

Cite: https://dev.gnupg.org/T5415
See also: https://dev.gnupg.org/T5409

Fixes #155629
2022-11-15 12:57:42 +00:00
Adam Joseph
51f5c65914 gnupg: unbreak builds without tpm2-tss
Builds without tpm2-tss no longer seem to work after #183753.  This PR fixes
that.
2022-10-01 16:48:49 -07:00
Ben Wolsieffer
d9a9dcca20 gnupg: add withPcsc flag to disable PC/SC support
pcsclite pulls in a lot of dependencies, including spidermonkey, which is
nearly or completely impossible to build on 32-bit architectures. PC/SC support
is not commonly used, so provide a flag to allow users to disable it and
significantly reduce the closure size.
2022-09-16 22:30:14 -04:00
Alexis Hildebrandt
f2805f293d gnupg: Fix regression when using YubiKey devices
as smart cards.
2022-08-20 10:28:03 +02:00
Sandro
056ddc3d3e
Merge pull request #183753 from SuperSandro2000/systemd-gnupg-null 2022-07-30 18:14:02 +02:00
Sandro Jäckel
32904b7870
gnupg: remove ? null from inputs, remove with lib 2022-07-29 20:51:07 +02:00
Stig Palmquist
bf817382e7
gnupg: 2.3.6 -> 2.3.7
- Release announcement: https://dev.gnupg.org/T5947
- Removed CVE-2022-34903 patch which is included in 2.3.7
2022-07-28 01:53:11 +02:00
Stig Palmquist
22e81f39ac gnupg: add patch disallowing compressed signatures and certificates
https://seclists.org/oss-sec/2022/q3/9
https://seclists.org/oss-sec/2022/q3/27
2022-07-06 14:09:39 +02:00
Stig Palmquist
3d0e70ae2a
gnupg: Add patch for CVE-2022-34903
https://www.openwall.com/lists/oss-security/2022/06/30/1
https://dev.gnupg.org/T6027
2022-07-03 03:48:18 +02:00
Stig Palmquist
1b2929cd91 gnupg: 2.3.4 -> 2.3.6 2022-06-06 20:13:07 +02:00
Sergei Trofimovich
1f15388af1 gnupg1orig: add -fcommon workaround
Workaround build failure on -fno-common toolchains like upstream
gcc-10. Otherwise build fails as:

    ld: ../util/libutil.a(estream-printf.o):/build/gnupg-1.4.23/util/../include/memory.h💯 multiple definition of
        `memory_debug_mode'; gpgsplit.o:/build/gnupg-1.4.23/tools/../include/memory.h💯 first defined here
2022-05-14 16:31:03 +01:00
Samuel Gräfenstein
666a90e29d gnupg{,1}: add meta.mainProgram 2022-04-02 02:08:55 +02:00
Stig Palmquist
8c6becd904 gnupg: fix default keyserver patch 2022-02-12 19:22:01 +01:00
Stig Palmquist
5e94b6a1db gnupg: remove unneeded SOURCE_DATE_EPOCH patch 2022-02-12 19:20:02 +01:00
Stig Palmquist
b9597a916a gnupg: remove patch for darwin warnings
Fixed in 2.3.4
2022-02-12 18:47:50 +01:00
Stig Palmquist
99b46757cc gnupg: 2.3.3 -> 2.3.4 2022-02-12 18:47:50 +01:00
Dmitry Kalinkin
82c7f4abd8
gnupg: remove warning printed on systems without procfs 2022-01-19 11:07:24 -05:00
Jiuyang Liu
3d457edf8e
gnupg23: fix on darwin (#151078) 2021-12-18 23:40:23 -05:00
Graham Christensen
7599020b21
Merge pull request #145434 from colemickens/gpg23
gnupg: 2.2.27 -> 2.3.3
2021-12-16 20:05:23 -05:00
Felix Buehler
22dffe27f3 pkgs/tools: use pname&version instead of name 2021-11-30 21:11:29 +01:00
Stig Palmquist
55dc828ef6
gnupg: fix eval by replaced alias 'libgpg-error' 2021-11-10 16:44:06 -08:00
Cole Mickens
1ee8f77132
gnupg: 2.2.27 -> 2.3.3 2021-11-10 15:41:41 -08:00
Felix Buehler
9480444dae treewide: rename name to pname&version 2021-11-09 22:24:57 +01:00
Peter Simons
476635afe1 Drop myself from meta.maintainers for most packages.
I'd like to reduce the number of Github notifications and
review requests I receive.
2021-10-14 11:01:27 +02:00
Ryan Burns
41574158a0 libgpg-error: rename from libgpgerror
Matches pname and upstream project name
2021-10-06 18:23:43 -07:00
Alyssa Ross
1626c49714 gnupg: drop obsolete Emacs syntax highlighting fix
Emacs + nix-mode highlights this file just fine without this comment
for me, so I assume the problem in nix-mode has been fixed in the five
years since this comment was added.
2021-02-07 16:11:22 +00:00