Commit: 68ff6088b3c28be9aecd5ffb2d8e7d35ba9db8bb
Parent: 0cdb72fecdbf1952f8ef452b51d56a8fb48da8b0
Author: Randy Palamar
Date: Tue, 24 Feb 2026 05:39:55 -0700
app-crypt/gnupg: add 2.5.17-r2 lto patches
Diffstat:
5 files changed, 482 insertions(+), 195 deletions(-)
diff --git a/app-crypt/gnupg/files/0001-Fix-stub-functions-to-avoid-LTO-linking-bugs.patch b/app-crypt/gnupg/files/0001-Fix-stub-functions-to-avoid-LTO-linking-bugs.patch
@@ -0,0 +1,200 @@
+https://bugs.gentoo.org/854222
+
+From 81760cc931d69f37cf2a8ad54616a1af590fd2cf Mon Sep 17 00:00:00 2001
+Message-ID: <81760cc931d69f37cf2a8ad54616a1af590fd2cf.1770174575.git.sam@gentoo.org>
+From: Werner Koch <wk@gnupg.org>
+Date: Wed, 28 Jan 2026 13:45:00 +0100
+Subject: [PATCH GnuPG] Fix stub functions to avoid LTO linking bugs.
+
+--
+---
+ g10/gpgv.c | 42 ++++++++++++++++++++++++++++--------------
+ g10/test-stubs.c | 36 +++++++++++++++++++++++-------------
+ 2 files changed, 51 insertions(+), 27 deletions(-)
+
+diff --git a/g10/gpgv.c b/g10/gpgv.c
+index b65dfa66b..23704e21c 100644
+--- a/g10/gpgv.c
++++ b/g10/gpgv.c
+@@ -462,10 +462,13 @@ keyserver_any_configured (ctrl_t ctrl)
+ }
+
+ int
+-keyserver_import_keyid (u32 *keyid, void *dummy, unsigned int flags)
++keyserver_import_keyid (ctrl_t ctrl,
++ u32 *keyid,struct keyserver_spec *keyserver,
++ unsigned int flags)
+ {
++ (void)ctrl;
+ (void)keyid;
+- (void)dummy;
++ (void)keyserver;
+ (void)flags;
+ return -1;
+ }
+@@ -493,9 +496,14 @@ keyserver_import_fpr_ntds (ctrl_t ctrl,
+ }
+
+ int
+-keyserver_import_cert (const char *name)
++keyserver_import_cert (ctrl_t ctrl, const char *name, int dane_mode,
++ unsigned char **fpr,size_t *fpr_len)
+ {
++ (void)ctrl;
+ (void)name;
++ (void)dane_mode;
++ (void)fpr;
++ (void)fpr_len;
+ return -1;
+ }
+
+@@ -511,11 +519,17 @@ keyserver_import_wkd (ctrl_t ctrl, const char *name, unsigned int flags,
+ return GPG_ERR_BUG;
+ }
+
+-int
+-keyserver_import_mbox (const char *name,struct keyserver_spec *spec)
++gpg_error_t
++keyserver_import_mbox (ctrl_t ctrl, const char *mbox,
++ unsigned char **fpr, size_t *fprlen,
++ struct keyserver_spec *keyserver, unsigned int flags)
+ {
+- (void)name;
+- (void)spec;
++ (void)ctrl;
++ (void)mbox;
++ (void)fpr;
++ (void)fprlen;
++ (void)keyserver;
++ (void)flags;
+ return -1;
+ }
+
+@@ -647,14 +661,11 @@ parse_preferred_keyserver(PKT_signature *sig)
+ return NULL;
+ }
+
+-struct keyserver_spec *
+-parse_keyserver_uri (const char *uri, int require_scheme,
+- const char *configname, unsigned int configlineno)
++keyserver_spec_t
++parse_keyserver_uri (const char *string, int require_scheme)
+ {
+- (void)uri;
++ (void)string;
+ (void)require_scheme;
+- (void)configname;
+- (void)configlineno;
+ return NULL;
+ }
+
+@@ -666,11 +677,14 @@ free_keyserver_spec (struct keyserver_spec *keyserver)
+
+ /* Stubs to avoid linking to photoid.c */
+ void
+-show_photos (const struct user_attribute *attrs, int count, PKT_public_key *pk)
++show_photos (ctrl_t ctrl, const struct user_attribute *attrs, int count,
++ PKT_public_key *pk, PKT_user_id *uid)
+ {
++ (void)ctrl;
+ (void)attrs;
+ (void)count;
+ (void)pk;
++ (void)uid;
+ }
+
+ int
+diff --git a/g10/test-stubs.c b/g10/test-stubs.c
+index 9b41c8929..16d10972d 100644
+--- a/g10/test-stubs.c
++++ b/g10/test-stubs.c
+@@ -193,10 +193,13 @@ keyserver_any_configured (ctrl_t ctrl)
+ }
+
+ int
+-keyserver_import_keyid (u32 *keyid, void *dummy, unsigned int flags)
++keyserver_import_keyid (ctrl_t ctrl,
++ u32 *keyid,struct keyserver_spec *keyserver,
++ unsigned int flags)
+ {
++ (void)ctrl;
+ (void)keyid;
+- (void)dummy;
++ (void)keyserver;
+ (void)flags;
+ return -1;
+ }
+@@ -224,9 +227,14 @@ keyserver_import_fpr_ntds (ctrl_t ctrl,
+ }
+
+ int
+-keyserver_import_cert (const char *name)
++keyserver_import_cert (ctrl_t ctrl, const char *name, int dane_mode,
++ unsigned char **fpr,size_t *fpr_len)
+ {
++ (void)ctrl;
+ (void)name;
++ (void)dane_mode;
++ (void)fpr;
++ (void)fpr_len;
+ return -1;
+ }
+
+@@ -242,15 +250,17 @@ keyserver_import_wkd (ctrl_t ctrl, const char *name, unsigned int flags,
+ return GPG_ERR_BUG;
+ }
+
+-int
+-keyserver_import_mbox (ctrl_t ctrl, const char *mbox, unsigned char **fpr,
+- size_t *fprlen, struct keyserver_spec *keyserver)
++gpg_error_t
++keyserver_import_mbox (ctrl_t ctrl, const char *mbox,
++ unsigned char **fpr, size_t *fprlen,
++ struct keyserver_spec *keyserver, unsigned int flags)
+ {
+ (void)ctrl;
+ (void)mbox;
+ (void)fpr;
+ (void)fprlen;
+ (void)keyserver;
++ (void)flags;
+ return -1;
+ }
+
+@@ -381,14 +391,11 @@ parse_preferred_keyserver(PKT_signature *sig)
+ return NULL;
+ }
+
+-struct keyserver_spec *
+-parse_keyserver_uri (const char *uri, int require_scheme,
+- const char *configname, unsigned int configlineno)
++keyserver_spec_t
++parse_keyserver_uri (const char *string, int require_scheme)
+ {
+- (void)uri;
++ (void)string;
+ (void)require_scheme;
+- (void)configname;
+- (void)configlineno;
+ return NULL;
+ }
+
+@@ -400,11 +407,14 @@ free_keyserver_spec (struct keyserver_spec *keyserver)
+
+ /* Stubs to avoid linking to photoid.c */
+ void
+-show_photos (const struct user_attribute *attrs, int count, PKT_public_key *pk)
++show_photos (ctrl_t ctrl, const struct user_attribute *attrs, int count,
++ PKT_public_key *pk, PKT_user_id *uid)
+ {
++ (void)ctrl;
+ (void)attrs;
+ (void)count;
+ (void)pk;
++ (void)uid;
+ }
+
+ int
+--
+2.53.0
+
diff --git a/app-crypt/gnupg/files/0002-Fix-stub-functions-to-avoid-LTO-linking-bugs-followup.patch b/app-crypt/gnupg/files/0002-Fix-stub-functions-to-avoid-LTO-linking-bugs-followup.patch
@@ -0,0 +1,47 @@
+https://bugs.gentoo.org/854222
+
+From 40b28085f30f6031bd72ae24d736c9116d70f547 Mon Sep 17 00:00:00 2001
+Message-ID: <40b28085f30f6031bd72ae24d736c9116d70f547.1770174958.git.sam@gentoo.org>
+From: Sam James <sam@gentoo.org>
+Date: Sun, 4 Jan 2026 02:04:39 +0000
+Subject: [PATCH GnuPG] Fix -Wlto-type-mismatch warnings [T4416]
+
+* agent/t-protect.c (convert_from_openpgp_native): Sync stub definition.
+
+--
+
+GnuPG-bug-id: 4416
+
+When building with GCC -flto, some warnings appear because of
+mismatched definitions in stubs (gpgv or tests). Sync them with the
+real definitions to fix the warnings, as they just drifted over time.
+
+Followup to 81760cc931d69f37cf2a8ad54616a1af590fd2cf.
+
+Signed-off-by: Sam James <sam@gentoo.org>
+---
+ agent/t-protect.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/agent/t-protect.c b/agent/t-protect.c
+index e6edbffba..9508de36a 100644
+--- a/agent/t-protect.c
++++ b/agent/t-protect.c
+@@ -341,9 +341,12 @@ main (int argc, char **argv)
+
+ /* Stub function. */
+ gpg_error_t
+-convert_from_openpgp_native (gcry_sexp_t s_pgp, const char *passphrase,
+- unsigned char **r_key)
++convert_from_openpgp_native (ctrl_t ctrl,
++ gcry_sexp_t s_pgp,
++ const char *passphrase,
++ unsigned char **r_key)
+ {
++ (void)ctrl;
+ (void)s_pgp;
+ (void)passphrase;
+ (void)r_key;
+--
+2.53.0
+
diff --git a/app-crypt/gnupg/files/0003-agent-Fix-the-regression-in-pkdecrypt-with-TPM-RSA.patch b/app-crypt/gnupg/files/0003-agent-Fix-the-regression-in-pkdecrypt-with-TPM-RSA.patch
@@ -0,0 +1,40 @@
+From 6eed3959303c81c9699fe9273030e480732f72be Mon Sep 17 00:00:00 2001
+Message-ID: <6eed3959303c81c9699fe9273030e480732f72be.1771025112.git.sam@gentoo.org>
+From: NIIBE Yutaka <gniibe@fsij.org>
+Date: Thu, 12 Feb 2026 11:51:17 +0900
+Subject: [PATCH GnuPG] agent: Fix the regression in pkdecrypt with TPM RSA.
+
+* agent/divert-tpm2.c (divert_tpm2_pkdecrypt): Care about additional
+0x00.
+
+--
+
+GnuPG-bug-id: 8045
+Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
+---
+ agent/divert-tpm2.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/agent/divert-tpm2.c b/agent/divert-tpm2.c
+index 5500c07f1..839a039bc 100644
+--- a/agent/divert-tpm2.c
++++ b/agent/divert-tpm2.c
+@@ -138,6 +138,15 @@ divert_tpm2_pkdecrypt (ctrl_t ctrl,
+ if (!smatch (&s, n, "a"))
+ return gpg_error (GPG_ERR_UNKNOWN_SEXP);
+ n = snext (&s);
++ /* NOTE: gpg-agent protocol uses signed integer for RSA (%m in
++ * MPI), where 0x00 is added when the MSB is 1. TPM2 uses
++ * unsigned integer. We need to remove this 0x00, or else
++ * it may result GPG_ERR_TOO_LARGE in tpm2daemon. */
++ if (!*s && (n&1))
++ {
++ s++;
++ n--;
++ }
+ }
+ else if (smatch (&s, n, "ecdh"))
+ {
+--
+2.53.0
+
diff --git a/app-crypt/gnupg/gnupg-2.5.17-r2.ebuild b/app-crypt/gnupg/gnupg-2.5.17-r2.ebuild
@@ -0,0 +1,195 @@
+# Copyright 1999-2026 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+# Maintainers should:
+# 1. Join the "Gentoo" project at https://dev.gnupg.org/project/view/27/
+# 2. Subscribe to release tasks like https://dev.gnupg.org/T6159
+# (find the one for the current release then subscribe to it +
+# any subsequent ones linked within so you're covered for a while.)
+
+VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/gnupg.asc
+# in-source builds are not supported: https://dev.gnupg.org/T6313#166339
+inherit flag-o-matic out-of-source multiprocessing systemd toolchain-funcs verify-sig
+
+MY_P="${P/_/-}"
+
+DESCRIPTION="The GNU Privacy Guard, a GPL OpenPGP implementation"
+HOMEPAGE="https://gnupg.org/"
+SRC_URI="mirror://gnupg/gnupg/${MY_P}.tar.bz2"
+SRC_URI+=" verify-sig? ( mirror://gnupg/gnupg/${P}.tar.bz2.sig )"
+S="${WORKDIR}/${MY_P}"
+
+LICENSE="GPL-3+"
+SLOT="0"
+KEYWORDS="~alpha amd64 arm arm64 ~hppa ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sparc x86 ~arm64-macos ~x64-macos ~x64-solaris"
+IUSE="+alternatives bzip2 doc ldap nls readline selinux +smartcard ssl test +tofu tpm tools usb user-socket wks-server"
+RESTRICT="!test? ( test )"
+REQUIRED_USE="test? ( tofu )"
+
+# Existence of executables is checked during configuration.
+# Note: On each bump, update dep bounds on each version from configure.ac!
+DEPEND="
+ >=dev-libs/libassuan-3.0.0-r1:=
+ >=dev-libs/libgcrypt-1.11.0:=
+ >=dev-libs/libgpg-error-1.56
+ >=dev-libs/libksba-1.6.3
+ >=dev-libs/npth-1.2
+ virtual/zlib:=
+ bzip2? ( app-arch/bzip2 )
+ ldap? ( net-nds/openldap:= )
+ readline? ( sys-libs/readline:0= )
+ smartcard? ( usb? ( virtual/libusb:1 ) )
+ tofu? ( >=dev-db/sqlite-3.27 )
+ tpm? ( >=app-crypt/tpm2-tss-2.4.0:= )
+ ssl? ( >=net-libs/gnutls-3.2:0= )
+"
+RDEPEND="
+ ${DEPEND}
+ nls? ( virtual/libintl )
+ selinux? ( sec-policy/selinux-gpg )
+ wks-server? ( virtual/mta )
+"
+PDEPEND="
+ || (
+ app-crypt/pinentry
+ app-crypt/pinentry-dmenu
+ )
+ alternatives? (
+ app-alternatives/gpg[-freepg(-)]
+ )
+"
+BDEPEND="
+ virtual/pkgconfig
+ doc? ( sys-apps/texinfo )
+ nls? ( sys-devel/gettext )
+ verify-sig? ( sec-keys/openpgp-keys-gnupg )
+"
+
+DOCS=(
+ ChangeLog NEWS README THANKS TODO VERSION
+ doc/FAQ doc/DETAILS doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER
+)
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch
+ "${FILESDIR}"/0001-Fix-stub-functions-to-avoid-LTO-linking-bugs.patch
+ "${FILESDIR}"/0002-Fix-stub-functions-to-avoid-LTO-linking-bugs-followup.patch
+ "${FILESDIR}"/0003-agent-Fix-the-regression-in-pkdecrypt-with-TPM-RSA.patch
+)
+
+src_prepare() {
+ default
+}
+
+my_src_configure() {
+ local myconf=(
+ $(use_enable bzip2)
+ $(use_enable nls)
+ $(use_enable smartcard scdaemon)
+ $(use_enable ssl gnutls)
+ $(use_enable test all-tests)
+ $(use_enable test tests)
+ $(use_enable tofu)
+ $(use_enable tofu keyboxd)
+ $(use_enable tofu sqlite)
+ $(usex tpm '--with-tss=intel' '--disable-tpm2d')
+ $(use smartcard && use_enable usb ccid-driver || echo '--disable-ccid-driver')
+ $(use_enable wks-server wks-tools)
+ $(use_with ldap)
+ $(use_with readline)
+
+ # Hardcode mailprog to /usr/libexec/sendmail even if it does not exist.
+ # As of GnuPG 2.3, the mailprog substitution is used for the binary called
+ # by wks-client & wks-server; and if it's autodetected but not not exist at
+ # build time, then then 'gpg-wks-client --send' functionality will not
+ # work. This has an unwanted side-effect in stage3 builds: there was a
+ # [R]DEPEND on virtual/mta, which also brought in virtual/logger, bloating
+ # the build where the install guide previously make the user chose the
+ # logger & mta early in the install.
+ --with-mailprog=/usr/libexec/sendmail
+
+ --disable-ntbtls
+ --enable-gpgsm
+ --enable-large-secmem
+
+ CC_FOR_BUILD="$(tc-getBUILD_CC)"
+ GPGRT_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-gpgrt-config"
+
+ $("${S}/configure" --help | grep -o -- '--without-.*-prefix')
+ )
+
+ if use prefix && use usb; then
+ # bug #649598
+ append-cppflags -I"${ESYSROOT}/usr/include/libusb-1.0"
+ fi
+
+ if [[ ${CHOST} == *-solaris* ]] ; then
+ # these somehow are treated as fatal, but Solaris has different
+ # types for getpeername with socket_t
+ append-flags -Wno-incompatible-pointer-types
+ append-flags -Wno-unused-label
+ fi
+
+ # bug #663142
+ if use user-socket; then
+ myconf+=( --enable-run-gnupg-user-socket )
+ fi
+
+ # glib fails and picks up clang's internal stdint.h causing weird errors
+ tc-is-clang && export gl_cv_absolute_stdint_h="${ESYSROOT}"/usr/include/stdint.h
+
+ econf "${myconf[@]}"
+}
+
+my_src_compile() {
+ default
+
+ use doc && emake -C doc html
+}
+
+my_src_test() {
+ export TESTFLAGS="--parallel=$(makeopts_jobs)"
+
+ default
+}
+
+my_src_install() {
+ emake DESTDIR="${D}" install
+
+ use tools && dobin tools/{gpgconf,gpgsplit,gpg-check-pattern} tools/make-dns-cert
+
+ if use alternatives; then
+ # rename for app-alternatives/gpg
+ mv "${ED}"/usr/bin/gpg{,-reference} || die
+ mv "${ED}"/usr/bin/gpgv{,-reference} || die
+ mv "${ED}"/usr/share/man/man1/gpg{,-reference}.1 || die
+ mv "${ED}"/usr/share/man/man1/gpgv{,-reference}.1 || die
+ else
+ dosym gpg /usr/bin/gpg2
+ dosym gpgv /usr/bin/gpgv2
+ echo ".so man1/gpg.1" > "${ED}"/usr/share/man/man1/gpg2.1 || die
+ echo ".so man1/gpgv.1" > "${ED}"/usr/share/man/man1/gpgv2.1 || die
+ fi
+
+ use doc && dodoc doc/gnupg.html/*
+}
+
+my_src_install_all() {
+ einstalldocs
+
+ use tools && dobin tools/{convert-from-106,mail-signed-keys,lspgpot}
+ use doc && dodoc doc/*.png
+}
+
+pkg_postinst() {
+ # If /usr/bin/gpg and /usr/bin/gpgv do not exist, provide them.
+ if [[ ! -e ${EROOT}/usr/bin/gpg ]]; then
+ ln -sf -- gpg-reference "${EROOT}"/usr/bin/gpg || die
+ fi
+
+ if [[ ! -e ${EROOT}/usr/bin/gpgv ]]; then
+ ln -sf -- gpgv-reference "${EROOT}"/usr/bin/gpgv || die
+ fi
+}
diff --git a/app-crypt/gnupg/gnupg-2.5.17.ebuild b/app-crypt/gnupg/gnupg-2.5.17.ebuild
@@ -1,195 +0,0 @@
-# Copyright 1999-2026 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-# Maintainers should:
-# 1. Join the "Gentoo" project at https://dev.gnupg.org/project/view/27/
-# 2. Subscribe to release tasks like https://dev.gnupg.org/T6159
-# (find the one for the current release then subscribe to it +
-# any subsequent ones linked within so you're covered for a while.)
-
-VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/gnupg.asc
-# in-source builds are not supported: https://dev.gnupg.org/T6313#166339
-inherit flag-o-matic out-of-source multiprocessing systemd toolchain-funcs verify-sig
-
-MY_P="${P/_/-}"
-
-DESCRIPTION="The GNU Privacy Guard, a GPL OpenPGP implementation"
-HOMEPAGE="https://gnupg.org/"
-SRC_URI="mirror://gnupg/gnupg/${MY_P}.tar.bz2"
-SRC_URI+=" verify-sig? ( mirror://gnupg/gnupg/${P}.tar.bz2.sig )"
-S="${WORKDIR}/${MY_P}"
-
-LICENSE="GPL-3+"
-SLOT="0"
-KEYWORDS="~alpha amd64 arm arm64 ~hppa ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 ~sparc x86 ~arm64-macos ~x64-macos ~x64-solaris"
-IUSE="+alternatives bzip2 doc ldap nls readline selinux +smartcard ssl test +tofu tpm tools usb user-socket wks-server"
-RESTRICT="!test? ( test )"
-REQUIRED_USE="test? ( tofu )"
-
-# Existence of executables is checked during configuration.
-# Note: On each bump, update dep bounds on each version from configure.ac!
-DEPEND="
- >=dev-libs/libassuan-3.0.0-r1:=
- >=dev-libs/libgcrypt-1.11.0:=
- >=dev-libs/libgpg-error-1.56
- >=dev-libs/libksba-1.6.3
- >=dev-libs/npth-1.2
- virtual/zlib:=
- bzip2? ( app-arch/bzip2 )
- ldap? ( net-nds/openldap:= )
- readline? ( sys-libs/readline:0= )
- smartcard? ( usb? ( virtual/libusb:1 ) )
- tofu? ( >=dev-db/sqlite-3.27 )
- tpm? ( >=app-crypt/tpm2-tss-2.4.0:= )
- ssl? ( >=net-libs/gnutls-3.2:0= )
-"
-RDEPEND="
- ${DEPEND}
- nls? ( virtual/libintl )
- selinux? ( sec-policy/selinux-gpg )
- wks-server? ( virtual/mta )
-"
-PDEPEND="
- || (
- app-crypt/pinentry
- app-crypt/pinentry-dmenu
- )
- alternatives? (
- app-alternatives/gpg[-freepg(-)]
- )
-"
-BDEPEND="
- virtual/pkgconfig
- doc? ( sys-apps/texinfo )
- nls? ( sys-devel/gettext )
- verify-sig? ( sec-keys/openpgp-keys-gnupg )
-"
-
-DOCS=(
- ChangeLog NEWS README THANKS TODO VERSION
- doc/FAQ doc/DETAILS doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER
-)
-
-PATCHES=(
- "${FILESDIR}"/${PN}-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch
-)
-
-src_prepare() {
- default
-}
-
-my_src_configure() {
- # Upstream don't support LTO, bug #854222.
- filter-lto
-
- local myconf=(
- $(use_enable bzip2)
- $(use_enable nls)
- $(use_enable smartcard scdaemon)
- $(use_enable ssl gnutls)
- $(use_enable test all-tests)
- $(use_enable test tests)
- $(use_enable tofu)
- $(use_enable tofu keyboxd)
- $(use_enable tofu sqlite)
- $(usex tpm '--with-tss=intel' '--disable-tpm2d')
- $(use smartcard && use_enable usb ccid-driver || echo '--disable-ccid-driver')
- $(use_enable wks-server wks-tools)
- $(use_with ldap)
- $(use_with readline)
-
- # Hardcode mailprog to /usr/libexec/sendmail even if it does not exist.
- # As of GnuPG 2.3, the mailprog substitution is used for the binary called
- # by wks-client & wks-server; and if it's autodetected but not not exist at
- # build time, then then 'gpg-wks-client --send' functionality will not
- # work. This has an unwanted side-effect in stage3 builds: there was a
- # [R]DEPEND on virtual/mta, which also brought in virtual/logger, bloating
- # the build where the install guide previously make the user chose the
- # logger & mta early in the install.
- --with-mailprog=/usr/libexec/sendmail
-
- --disable-ntbtls
- --enable-gpgsm
- --enable-large-secmem
-
- CC_FOR_BUILD="$(tc-getBUILD_CC)"
- GPGRT_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-gpgrt-config"
-
- $("${S}/configure" --help | grep -o -- '--without-.*-prefix')
- )
-
- if use prefix && use usb; then
- # bug #649598
- append-cppflags -I"${ESYSROOT}/usr/include/libusb-1.0"
- fi
-
- if [[ ${CHOST} == *-solaris* ]] ; then
- # these somehow are treated as fatal, but Solaris has different
- # types for getpeername with socket_t
- append-flags -Wno-incompatible-pointer-types
- append-flags -Wno-unused-label
- fi
-
- # bug #663142
- if use user-socket; then
- myconf+=( --enable-run-gnupg-user-socket )
- fi
-
- # glib fails and picks up clang's internal stdint.h causing weird errors
- tc-is-clang && export gl_cv_absolute_stdint_h="${ESYSROOT}"/usr/include/stdint.h
-
- econf "${myconf[@]}"
-}
-
-my_src_compile() {
- default
-
- use doc && emake -C doc html
-}
-
-my_src_test() {
- export TESTFLAGS="--parallel=$(makeopts_jobs)"
-
- default
-}
-
-my_src_install() {
- emake DESTDIR="${D}" install
-
- use tools && dobin tools/{gpgconf,gpgsplit,gpg-check-pattern} tools/make-dns-cert
-
- if use alternatives; then
- # rename for app-alternatives/gpg
- mv "${ED}"/usr/bin/gpg{,-reference} || die
- mv "${ED}"/usr/bin/gpgv{,-reference} || die
- mv "${ED}"/usr/share/man/man1/gpg{,-reference}.1 || die
- mv "${ED}"/usr/share/man/man1/gpgv{,-reference}.1 || die
- else
- dosym gpg /usr/bin/gpg2
- dosym gpgv /usr/bin/gpgv2
- echo ".so man1/gpg.1" > "${ED}"/usr/share/man/man1/gpg2.1 || die
- echo ".so man1/gpgv.1" > "${ED}"/usr/share/man/man1/gpgv2.1 || die
- fi
-
- use doc && dodoc doc/gnupg.html/*
-}
-
-my_src_install_all() {
- einstalldocs
-
- use tools && dobin tools/{convert-from-106,mail-signed-keys,lspgpot}
- use doc && dodoc doc/*.png
-}
-
-pkg_postinst() {
- # If /usr/bin/gpg and /usr/bin/gpgv do not exist, provide them.
- if [[ ! -e ${EROOT}/usr/bin/gpg ]]; then
- ln -sf -- gpg-reference "${EROOT}"/usr/bin/gpg || die
- fi
-
- if [[ ! -e ${EROOT}/usr/bin/gpgv ]]; then
- ln -sf -- gpgv-reference "${EROOT}"/usr/bin/gpgv || die
- fi
-}