[gentoo-commits] repo/gentoo:master commit in: app-crypt/freepg/, app-crypt/freepg/files/

Mon, 27 Oct 2025 22:51:39 -0700 

commit:     6b8cf14b50696f8004605824869d760a2a40cb44
Author:     Michał Górny <mgorny <AT> gentoo <DOT> org>
AuthorDate: Fri Oct 17 15:54:49 2025 +0000
Commit:     Michał Górny <mgorny <AT> gentoo <DOT> org>
CommitDate: Tue Oct 28 05:50:42 2025 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6b8cf14b

app-crypt/freepg: New package, v2.5.12_p1

Initial attempt at packaging the FreePG GnuPG fork.

Closes: https://bugs.gentoo.org/950668
Signed-off-by: Michał Górny <mgorny <AT> gentoo.org>
Part-of: https://github.com/gentoo/gentoo/pull/44224
Signed-off-by: Michał Górny <mgorny <AT> gentoo.org>

 app-crypt/freepg/Manifest                          |   1 +
 ...shorter-socket-path-lengts-to-improve-tes.patch |  33 ++++
 app-crypt/freepg/freepg-2.5.12_p1.ebuild           | 196 +++++++++++++++++++++
 app-crypt/freepg/metadata.xml                      |  36 ++++
 4 files changed, 266 insertions(+)

diff --git a/app-crypt/freepg/Manifest b/app-crypt/freepg/Manifest
new file mode 100644
index 000000000000..e56984d3c962
--- /dev/null
+++ b/app-crypt/freepg/Manifest
@@ -0,0 +1 @@
+DIST gnupg-gnupg-2.5.12-freepg-1.tar.bz2 9743842 BLAKE2B 
98b36ddfdb15c7d8cb32ae701e073a5cb26352614577edfc6dbfdf484fdcf5a0668da1be6b3e8a36a5075ed02e71cfd3270e8542ef2c379494c6875cbe4acc21
 SHA512 
5ff859959f84283912b69cbaac09b591f8dde4a7afd11a51dcda248e4021c6bc6ec105ae03b19b105df42f44f38c0e9ad2cf94df722b67526222b21bdd6a78fe

diff --git 
a/app-crypt/freepg/files/gnupg-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch
 
b/app-crypt/freepg/files/gnupg-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch
new file mode 100644
index 000000000000..dd75e3a5e96c
--- /dev/null
+++ 
b/app-crypt/freepg/files/gnupg-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch
@@ -0,0 +1,33 @@
+From e3bdb7d17264b8d5bd9abab97c96d9c4a50e4f61 Mon Sep 17 00:00:00 2001
+From: Kristian Fiskerstrand <[email protected]>
+Date: Mon, 3 Apr 2017 23:44:56 +0300
+Subject: [PATCH] gpgscm: Use shorter socket path lengts to improve test
+ reliability
+
+--
+As socket lengths are normally restricted to 108 characters
+(UNIX_PATH_MAX variable in /usr/include/linux/un.h), using 42 characters
+by default easily results in errors.
+---
+ tests/gpgscm/tests.scm | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/tests/gpgscm/tests.scm b/tests/gpgscm/tests.scm
+index 592b36f..f54a387 100644
+--- a/tests/gpgscm/tests.scm
++++ b/tests/gpgscm/tests.scm
+@@ -273,9 +273,9 @@
+   (canonical-path (_mkdtemp (if (null? components)
+                               (path-join
+                                (get-temp-path)
+-                               (string-append "gpgscm-" (get-isotime) "-"
++                               (string-append "gscm"
+                                               (basename-suffix *scriptname* 
".scm")
+-                                              "-XXXXXX"))
++                                              "XXXXXX"))
+                               (apply path-join components)))))
+ 
+ ;; Make a temporary directory and remove it at interpreter shutdown.
+-- 
+2.10.2
+

diff --git a/app-crypt/freepg/freepg-2.5.12_p1.ebuild 
b/app-crypt/freepg/freepg-2.5.12_p1.ebuild
new file mode 100644
index 000000000000..c27f3ce8c68f
--- /dev/null
+++ b/app-crypt/freepg/freepg-2.5.12_p1.ebuild
@@ -0,0 +1,196 @@
+# Copyright 1999-2025 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/gnupg.asc
+# in-source builds are not supported: https://dev.gnupg.org/T6313#166339
+inherit autotools flag-o-matic out-of-source multiprocessing systemd 
toolchain-funcs
+
+EGIT_TAG="gnupg-${PV%_p*}-freepg"
+[[ ${PV} == *_p* ]] && EGIT_TAG+="-${PV#*_p}"
+MY_P="gnupg-${EGIT_TAG}"
+
+DESCRIPTION="GnuPG fork with improved RFC9850 compatibility"
+HOMEPAGE="https://gnupg.org/";
+SRC_URI="
+       https://gitlab.com/freepg/gnupg/-/archive/${EGIT_TAG}/${MY_P}.tar.bz2
+"
+S="${WORKDIR}/${MY_P}"
+
+LICENSE="GPL-3+"
+SLOT="0"
+KEYWORDS="~amd64"
+IUSE="bzip2 doc ldap nls readline selinux +smartcard ssl test +tofu tpm tools 
usb user-socket wks-server"
+RESTRICT="!test? ( test )"
+REQUIRED_USE="test? ( tofu )"
+
+# Existence of executables is checked during configuration.
+# Note: On each bump, update dep bounds on each version from configure.ac!
+DEPEND="
+       >=dev-libs/libassuan-3.0.0:=
+       >=dev-libs/libgcrypt-1.11.0:=
+       >=dev-libs/libgpg-error-1.51
+       >=dev-libs/libksba-1.6.3
+       >=dev-libs/npth-1.2
+       sys-libs/zlib
+       bzip2? ( app-arch/bzip2 )
+       ldap? ( net-nds/openldap:= )
+       readline? ( sys-libs/readline:0= )
+       smartcard? ( usb? ( virtual/libusb:1 ) )
+       tofu? ( >=dev-db/sqlite-3.27 )
+       tpm? ( >=app-crypt/tpm2-tss-2.4.0:= )
+       ssl? ( >=net-libs/gnutls-3.2:0= )
+"
+RDEPEND="
+       ${DEPEND}
+       nls? ( virtual/libintl )
+       selinux? ( sec-policy/selinux-gpg )
+       wks-server? ( virtual/mta )
+       !app-crypt/gnupg
+"
+PDEPEND="
+       app-alternatives/gpg[-reference]
+       app-crypt/pinentry
+"
+BDEPEND="
+       virtual/pkgconfig
+       doc? ( sys-apps/texinfo )
+       nls? ( sys-devel/gettext )
+"
+# maintainer mode
+BDEPEND+="
+       media-gfx/fig2dev
+       virtual/imagemagick-tools
+"
+
+DOCS=(
+       ChangeLog NEWS README THANKS TODO VERSION
+       doc/FAQ doc/DETAILS doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER
+)
+
+PATCHES=(
+       
"${FILESDIR}"/gnupg-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch
+)
+
+src_prepare() {
+       default
+       eautoreconf
+}
+
+my_src_configure() {
+       # Upstream don't support LTO, bug #854222.
+       filter-lto
+
+       local myconf=(
+               $(use_enable bzip2)
+               $(use_enable nls)
+               $(use_enable smartcard scdaemon)
+               $(use_enable ssl gnutls)
+               $(use_enable test all-tests)
+               $(use_enable test tests)
+               $(use_enable tofu)
+               $(use_enable tofu keyboxd)
+               $(use_enable tofu sqlite)
+               $(usex tpm '--with-tss=intel' '--disable-tpm2d')
+               $(use smartcard && use_enable usb ccid-driver || echo 
'--disable-ccid-driver')
+               $(use_enable wks-server wks-tools)
+               $(use_with ldap)
+               $(use_with readline)
+
+               # Hardcode mailprog to /usr/libexec/sendmail even if it does 
not exist.
+               # As of GnuPG 2.3, the mailprog substitution is used for the 
binary called
+               # by wks-client & wks-server; and if it's autodetected but not 
not exist at
+               # build time, then then 'gpg-wks-client --send' functionality 
will not
+               # work. This has an unwanted side-effect in stage3 builds: 
there was a
+               # [R]DEPEND on virtual/mta, which also brought in 
virtual/logger, bloating
+               # the build where the install guide previously make the user 
chose the
+               # logger & mta early in the install.
+               --with-mailprog=/usr/libexec/sendmail
+
+               --disable-ntbtls
+               --enable-gpgsm
+               --enable-large-secmem
+
+               # needed from building from git
+               --enable-maintainer-mode
+
+               CC_FOR_BUILD="$(tc-getBUILD_CC)"
+               GPGRT_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-gpgrt-config"
+
+               $("${S}/configure" --help | grep -o -- '--without-.*-prefix')
+       )
+
+       if use prefix && use usb; then
+               # bug #649598
+               append-cppflags -I"${ESYSROOT}/usr/include/libusb-1.0"
+       fi
+
+       if [[ ${CHOST} == *-solaris* ]] ; then
+               # https://dev.gnupg.org/T7368
+               export ac_cv_should_define__xopen_source=yes
+       fi
+
+       # bug #663142
+       if use user-socket; then
+               myconf+=( --enable-run-gnupg-user-socket )
+       fi
+
+       # glib fails and picks up clang's internal stdint.h causing weird errors
+       tc-is-clang && export 
gl_cv_absolute_stdint_h="${ESYSROOT}"/usr/include/stdint.h
+
+       econf "${myconf[@]}"
+}
+
+my_src_compile() {
+       default
+
+       use doc && emake -C doc html
+}
+
+my_src_test() {
+       export TESTFLAGS="--parallel=$(makeopts_jobs)"
+
+       default
+}
+
+my_src_install() {
+       emake DESTDIR="${D}" install
+
+       # rename for app-alternatives/gpg
+       mv "${ED}"/usr/bin/gpg{,-freepg} || die
+       mv "${ED}"/usr/bin/gpgv{,-freepg} || die
+
+       use tools && dobin tools/{gpgconf,gpgsplit,gpg-check-pattern} 
tools/make-dns-cert
+
+       echo ".so man1/gpg.1" > "${ED}"/usr/share/man/man1/gpg2.1 || die
+       echo ".so man1/gpgv.1" > "${ED}"/usr/share/man/man1/gpgv2.1 || die
+
+       dodir /etc/env.d
+       echo "CONFIG_PROTECT=/usr/share/gnupg/qualified.txt" >> 
"${ED}"/etc/env.d/30gnupg || die
+
+       use doc && dodoc doc/gnupg.html/*
+}
+
+my_src_install_all() {
+       einstalldocs
+
+       use tools && dobin tools/{convert-from-106,mail-signed-keys,lspgpot}
+       use doc && dodoc doc/*.png
+       systemd_douserunit doc/examples/systemd-user/*.{service,socket}
+       newdoc doc/examples/systemd-user/README README-systemd
+}
+
+pkg_preinst() {
+       if has_version app-crypt/gnupg; then
+               elog "When switching between GnuPG and FreePG, it is 
recommended to stop all"
+               elog "daemons, using: gpgconf --kill all"
+       fi
+}
+
+pkg_postrm() {
+       if has_version app-crypt/gnupg; then
+               elog "When switching between GnuPG and FreePG, it is 
recommended to stop all"
+               elog "daemons, using: gpgconf --kill all"
+       fi
+}

diff --git a/app-crypt/freepg/metadata.xml b/app-crypt/freepg/metadata.xml
new file mode 100644
index 000000000000..874cbd8359f7
--- /dev/null
+++ b/app-crypt/freepg/metadata.xml
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd";>
+<pkgmetadata>
+       <maintainer type="person">
+               <email>[email protected]</email>
+               <name>Michał Górny</name>
+       </maintainer>
+       <use>
+               <flag name="smartcard">
+               Build scdaemon software. Enables usage of OpenPGP cards. For
+               other type of smartcards, try 
<pkg>app-crypt/gnupg-pkcs11-scd</pkg>.
+               Bring in <pkg>dev-libs/libusb</pkg> as a dependency; enable 
scdaemon.
+               </flag>
+               <flag name="usb">
+               Build direct CCID access for scdaemon; requires 
<pkg>dev-libs/libusb</pkg>.
+               </flag>
+               <flag name="user-socket">
+               try a socket directory which is not removed by init manager at 
session end
+               </flag>
+               <flag name="tofu">
+               Enable support for Trust on First use trust model; requires 
<pkg>dev-db/sqlite</pkg>.
+               </flag>
+               <flag name="tools">
+               Install extra tools (including gpgsplit and gpg-zip).
+               </flag>
+               <flag name="tpm">
+               Enable TPM support via <pkg>app-crypt/tpm2-tss</pkg> and build 
tpm2d.
+               </flag>
+               <flag name="wks-server">
+               Install the wks-server
+               </flag>
+       </use>
+       <upstream>
+               <remote-id type="gitlab">freepg/gnupg</remote-id>
+       </upstream>
+</pkgmetadata>

Reply via email to