gpg2/gpg2.spec

369 lines
13 KiB
RPMSpec

#
# spec file for package gpg2 (Version 2.0.11)
#
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
# norootforbuild
Name: gpg2
Version: 2.0.11
Release: 3
BuildRequires: expect fdupes pth-devel
BuildRequires: libgpg-error-devel >= 1.4
BuildRequires: libgcrypt-devel >= 1.4.0
BuildRequires: libksba-devel >= 1.0.2
BuildRequires: libassuan-devel >= 1.0.4
BuildRequires: opensc-devel
BuildRequires: libusb-devel
BuildRequires: readline-devel
BuildRequires: zlib-devel
BuildRequires: libadns-devel
BuildRequires: openldap2-devel
BuildRequires: openldap2
Url: http://www.gnupg.org/aegypten2/
License: GPL v2 or later
Group: Productivity/Networking/Security
PreReq: %install_info_prereq
AutoReqProv: on
Requires: pinentry dirmngr %name-lang = %{version}
Provides: newpg gpg = 1.4.9 gnupg = %{version}
Obsoletes: newpg gpg <= 1.4.9
Summary: GnuPG 2
Source: gnupg-%{version}.tar.bz2
Patch5: gnupg-2.0.10-tmpdir.diff
Patch6: gnupg-1.9.22-ccid-driver-fix.diff
Patch7: gnupg-2.0.4-install_tools.diff
Patch9: gnupg-2.0.4-default-tty.diff
Patch10: gnupg-2.0.9-RSA_ES.patch
Patch11: gnupg-2.0.9-langinfo.patch
Patch12: gpg2-fix-rtsignals.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
GnuPG 2 is the successor of "GnuPG" or GPG. It provides: GPGSM,
gpg-agent, and a keybox library.
Authors:
--------
Werner Koch <wk@gnupg.org>
Neal H. Walfield <neal@g10code.de>
%lang_package
%prep
%setup -q -n gnupg-%version
%patch5 -p1
# Patch disabled - it does not apply to 2.0.11 and it is unclear, what it is actually good for
#% patch6
%patch7
%patch9
%patch10 -p1
%patch11
%patch12 -p1
%build
# Required for patch7:
autoreconf -fi
# build PIEs (position independent executables) for address space randomisation:
%ifarch s390x
# s390x needs to use the large PIE model (at least for gpg.c):
CFLAGS="%{optflags} -fPIE" LDFLAGS=-pie \
%else
CFLAGS="%{optflags} -fpie" LDFLAGS=-pie \
%endif
./configure \
--prefix=%{_prefix} \
--sysconfdir=/etc \
--libdir=%{_libdir} \
--infodir=%{_infodir} \
--mandir=%{_mandir} \
--libexecdir=%{_libdir} \
--docdir=%{_docdir}/%{name} \
--with-agent-pgm=%{_prefix}/bin/gpg-agent \
--with-pinentry-pgm=%{_prefix}/bin/pinentry \
--with-dirmngr-pgm=%{_prefix}/bin/dirmngr \
--with-scdaemon-pgm=%{_prefix}/bin/scdaemon \
--enable-ldap \
--enable-external-hkp \
--enable-shared \
--enable-gpgsm=yes \
--enable-gpg \
--enable-static-rnd=linux \
--with-gnu-ld
make
%install
%makeinstall
mkdir -p $RPM_BUILD_ROOT/etc/gnupg/
# bnc#391347
install -m 644 doc/examples/gpgconf.conf $RPM_BUILD_ROOT/etc/gnupg
# delete to prevent fdupes from creating cross-partition hardlink
rm -rf $RPM_BUILD_ROOT/usr/share/doc/packages/gpg2/examples/gpgconf.conf
rm $RPM_BUILD_ROOT/usr/share/info/dir
# compat symlinks
ln -sf gpg2 $RPM_BUILD_ROOT/usr/bin/gpg
ln -sf gpgv2 $RPM_BUILD_ROOT/usr/bin/gpgv
ln -sf gpg2.1 $RPM_BUILD_ROOT/usr/share/man/man1/gpg.1
ln -sf gpgv2.1 $RPM_BUILD_ROOT/usr/share/man/man1/gpgv.1
# fix rpmlint invalid-lc-messages-dir:
rm -rf $RPM_BUILD_ROOT/%_datadir/locale/en@{bold,}quot
# additional files to documentation directory
install -m 644 AUTHORS COPYING ChangeLog NEWS THANKS TODO doc/FAQ doc/faq.html $RPM_BUILD_ROOT/%{_docdir}/%{name}
%find_lang gnupg2
%if 0%{?suse_version} > 1020
%fdupes %buildroot
%endif
%check
make check
$RPM_BUILD_ROOT/usr/bin/gpgsplit -v -p pubsplit- --uncompress <tests/openpgp/pubring.gpg
$RPM_BUILD_ROOT/usr/bin/gpgsplit -v -p secsplit- --secret-to-public --uncompress <tests/openpgp/secring.gpg
%post
%install_info --info-dir=%{_infodir} %{_infodir}/gnupg.info.gz
%postun
%install_info_delete --info-dir=%{_infodir} %{_infodir}/gnupg.info.gz
%files lang -f gnupg2.lang
%files
%defattr(-,root,root)
%doc %{_infodir}/gnupg*
%doc %{_mandir}/*/*.gz
%doc %{_docdir}/%{name}
%{_bindir}/*
%{_libdir}/[^d]*
%{_sbindir}/addgnupghome
%{_sbindir}/applygnupgdefaults
%{_datadir}/gnupg
%dir %{_sysconfdir}/gnupg
%config(noreplace) %{_sysconfdir}/gnupg/gpgconf.conf
%changelog
* Mon Jun 01 2009 puzel@suse.cz
- BuildRequires: pth-devel
* Wed Mar 18 2009 puzel@suse.cz
- add gpg2-fix-rtsignals.patch (bnc#481463)
* Thu Mar 05 2009 puzel@suse.cz
- update to 2.0.11
* Fixed a problem in SCDAEMON which caused unexpected card resets.
* SCDAEMON is now aware of the Geldkarte.
* The SCDAEMON option --allow-admin is now used by default.
* GPGCONF now restarts SCdaemon if necessary.
* The default cipher algorithm in GPGSM is now again 3DES. This is
due to interoperability problems with Outlook 2003 which still
can't cope with AES.
- dropped gnupg-2.0.10-fix-convert.patch (upstream)
- dropped gnupg-2.0.10-fix-missing-option.patch (upstream)
- disabled gnupg-1.9.22-ccid-driver-fix.diff (does not apply and it is
not clear what it is good for)
* Mon Mar 02 2009 puzel@suse.cz
- gnupg-2.0.10-fix-missing-option.patch (bnc#477362)
* Mon Jan 19 2009 puzel@suse.cz
- add gnupg-2.0.10-fix-convert.patch
- fix broken 'make check' on ppc, s390 and s390x
* Tue Jan 13 2009 puzel@suse.cz
- update to 2.0.10
* New keyserver helper gpg2keys_kdns as generic DNS CERT
lookup.
* New mechanisms "local" and "nodefault" for --auto-key-locate.
Fixed a few problems with this option.
* New command --locate-keys.
* New options --with-sig-list and --with-sig-check.
* The option "-sat" is no longer an alias for --clearsign.
* The option --fixed-list-mode is now implicitly used and obsolete.
* New control statement %%ask-passphrase for the unattended key
generation.
* The algorithm to compute the SIG_ID status has been changed.
* [gpgsm] Now uses AES by default.
* [gpgsm] Made --output option work with --export-secret-key-p12.
* [gpg-agent] Terminate process if the own listening socket is not
anymore served by ourself.
* [gpg-connect-agent] Accept commands given as command line arguments.
* The gpg-preset-passphrase mechanism works again. An arbitrary
string may now be used for a custom cache ID.
* Admin PINs are cached again (bug in 2.0.9).
* Support for version 2 OpenPGP cards.
- specfile changes:
* require libadns
* explicit versions for some BuildRequires
* BuildRequires libgpg-error
* changed license to GPL v3
* /etc/gnupg/gnupg.conf is now (noreplace)
* documentation is installed with install
* Wed Jun 11 2008 puzel@suse.cz
- fix [bnc#305725] - UTF-8 problems
* non latin characters displayed incorrectly by pinentry-*
* Wed May 21 2008 puzel@suse.cz
- added missing gpgconf.conf (bnc#391347)
* Fri Mar 28 2008 pcerny@suse.cz
- update to 2.0.9
* fixes CVE-2008-1530 (bnc#374254)
* removing gnupg-2.0.8-from-upstream.diff (included in release)
* removing gnupg-2.0.4-oldkey.diff (accepted by upstream)
* removing gnupg-2.0.8-warningfixes.diff
(also appears in upstream)
- patch gnupg-2.0.9-RSA_ES.patch
* adding back support for deprecated RSA_E, RSA_S algorithms
(bnc#342979)
* Wed Mar 26 2008 coolo@suse.de
- require the split out lang package
* Sun Mar 23 2008 coolo@suse.de
- splitting out a third of the package by using a lang subpack
* Tue Feb 12 2008 bk@suse.de
- install gpg-zip and gpgsplit again and use -pie for randomisation
* Wed Feb 06 2008 bk@suse.de
- add selected upstream fixes and fix gcc and rpmlint warnings
* Tue Jan 08 2008 sassmann@suse.de
- update to GnuPG-2.0.8
- adapted patches to apply properly
* gnupg-1.9.18-tmpdir.diff
* gnupg-2.0.4-install_tools.diff
- gnupg-2.0.5.fixes-from-svn-20070812.diff commented out,
included in upstream 2.0.8
- use optflags during build
* Wed Sep 12 2007 ltinkl@suse.cz
- fix #304749 - gpg2 unable to use old secret key
* Mon Sep 10 2007 ltinkl@suse.cz
- fix gpg2 crash on accessing key (#307666)
- fix gpg doesn't work on the console (#302323)
* Fri Aug 10 2007 bk@suse.de
- update to GnuPG-2.0.5 - requries libassuan-1.0.2!
* Switched license to GPLv3.
* Fixed bug when using the --p12-charset without --armor.
* The command --gen-key may now be used instead of the
gpgsm-gencert.sh script.
* Changed key generation to reveal less information about the
machine. Bug fixes for gpg2's card key generation.
- enable make check to test against build issues in the crypto engine
- cleanup disabled nld patch for linking with -lgpg-error-nld
- use %%find_lang to label the locale files properly with %%lang
- add opensc-devel to BuildRequrires to enanble smartcard support
- del Makefile.in patches where we patch Makefile.am and run automake
- cleanup the standrd GNU INSTALL and the empty VERSION from %%doc
* Thu Jul 26 2007 sbrabec@suse.cz
- Build with libassuan-devel.
* Thu Jun 21 2007 ro@suse.de
- install compat symlinks for gpg2 and gpgv2
- install gpg-zip and gpgsplit
- added openldap2 to buildrequires (for gpgkeys_ldap)
- added fPIE/pie to CFLAGS/LDFLAGS for gpgsplit
* Wed May 23 2007 dmueller@suse.de
- add libusb-devel build requires
* Wed May 16 2007 ltinkl@suse.cz
- remove gpg from Require's (#273491)
* Fri May 11 2007 ltinkl@suse.cz
- updated to 2.0.4 stable snapshot
* Wed Apr 04 2007 ltinkl@suse.cz
- update to 2.0.3
- fixed #251605 - VUL-0: signing issues within GNUPG
- removed outdated patches
* Fri Mar 30 2007 ro@suse.de
- added zlib-devel to buildreq
* Wed Feb 14 2007 ltinkl@suse.cz
- fix file conflicts with gpg (#242133)
* Tue Jan 30 2007 ro@suse.de
- fix build (exclude possible debuginfo directory)
* Mon Jan 29 2007 ltinkl@suse.cz
- fix #221212 - gpg2 is not updated and do not contain documentation
- fix #233525 - gpg1/2: bug in vasprintf() implementation
* Thu Nov 30 2006 anicka@suse.cz
- fix overflow in openfile.c (CVE-2006-6169, #224108)
* Mon Sep 11 2006 pnemec@suse.cz
- updated gnupg to new version 1.9.22
Enhanced pkcs#12 support
Support for the CardMan 4040 PCMCIA
Collected bug fixes
- updated pth library to 2.0.7
- changed using pinetry-qt to pinentry
- removed -cfb.diff -signature.patch -cap_large_uid.patch patches
they are no longer needed
- change patch -warnings-fix.diff -ccid-driver-fix.diff
* Thu Aug 17 2006 pnemec@suse.de
- remove unused package in build requires
* Wed Aug 09 2006 pnemec@suse.cz
- fix spec file to build with new gettext 0.15
* Mon Aug 07 2006 pnemec@suse.cz
- fixed security fix with large uid CVE-2006-3746 [#195569]
* Thu Feb 23 2006 pnemec@suse.cz
- fixed signature security problem CVE-2006-0455 (bugzilla#150742)
* Thu Feb 02 2006 pnemec@suse.cz
- fixed install info in spec file
* Thu Jan 26 2006 sbrabec@suse.cz
- Added missing %%install_info.
* Wed Jan 25 2006 mls@suse.de
- converted neededforbuild to BuildRequires
* Fri Aug 05 2005 postadal@suse.cz
- updated to version to 1.9.18
- removed obsoleted gcc patch
- added patch tmpdir.diff for using $TMPDIR by gpg-agent [#bug95732]
* Tue Jul 12 2005 postadal@suse.cz
- updated to version to 1.9.17
- updated pth to version 2.0.4
- removed obsoleted patch agent-cache-fix.diff
- fixed ccid-driver.c
- fixed gcc4
- explicitly enabled gpg building in configure
* Thu Mar 24 2005 postadal@suse.cz
- fixed caching passphrase in gpg-agent [#71975]
* Tue Mar 22 2005 postadal@suse.cz
- fixed on 64bit archs [#72440]
* Wed Feb 23 2005 postadal@suse.cz
- security fix for cfb-cipher issue [#65862]
* Wed Jan 12 2005 postadal@suse.cz
- update to version 1.9.14
- removed obsoleted patch automake-fixes.diff
* Tue Sep 28 2004 adrian@suse.de
- link against libpth staticaly to make S/MIME support in kmail
usable. Hopefully we can convert this to a native thread implementation
later. (#46260)
* Sat Jul 31 2004 adrian@suse.de
- update to version 1.9.10
* Tue Jul 20 2004 adrian@suse.de
- remove openct and opensc packages from nfb
(we will need thread support, when enabling card reader support,
but it isn't anyway implemented yet in gpg2)
* Mon Jul 12 2004 adrian@suse.de
- use GnuPG 2 sources version 1.9.9
- opensc support misses some functions atm, support disabled for now
- threading is disabled, since we do not have a pth package for now
- prepare for nld
* Thu Feb 26 2004 postadal@suse.cz
- adapted some functions to the libgcrypt version 1.1.91 [#34987]
- added libgpg-error to needforbuild flag
* Wed Feb 18 2004 kukuk@suse.de
- Don't build against libpth.
* Tue Feb 10 2004 postadal@suse.cz
- fixed code that broke strict aliasing
* Fri Dec 05 2003 garloff@suse.de
- disable core dumpe in child after forking. [#33499]
* Mon Aug 11 2003 adrian@suse.de
- cleanup #neededforbuild and requires
* Mon Aug 04 2003 ro@suse.de
- added openct to neededforbuild
* Fri Jul 18 2003 mc@suse.de
- build against opensc
* Thu Jun 19 2003 schwab@suse.de
- Add %%install_info.
* Mon Mar 17 2003 adrian@suse.de
- add signal handler to check if the parent is still alive and
exit if not
- use pinentry-qt by default (/usr/bin/pinentry do not exist)
* Tue Feb 11 2003 mc@suse.de
- initial release