Commit: 8f8a94d6374936062b9a98287cfa3759c95e5049
Parent: cbb16dba44a1a93699c05a0894127cfd2a6ef3d8
Author: Randy Palamar
Date: Sun, 5 May 2024 20:02:53 -0600
app-crypt/gnupg: bump to 2.4.5
Diffstat:
4 files changed, 172 insertions(+), 375 deletions(-)
diff --git a/app-crypt/gnupg/Manifest b/app-crypt/gnupg/Manifest
@@ -1,2 +1,2 @@
-DIST gnupg-2.4.4.tar.bz2 7886036 BLAKE2B 02661e89f0358be09fa3e71e7235b764a7dbda62a48a0c8c7a4e6c9919c3b37d54ead50b930af58f8f2fdb87861b849d3f3751e95cbedf46bdfd76caa90c4db4 SHA512 3d1a3b08d1ce2319d238d8be96591e418ede1dc0b4ede33a4cc2fe40e9c56d5bbc27b1984736d8a786e7f292ddbc836846a8bdb4bf89f064e953c37cb54b94ef
-DIST gnupg-2.4.4.tar.bz2.sig 237 BLAKE2B 6ee5878c36fbec747a6d84a268903749d862aab50dd7f9a389aabbf7b94dec1c424615f520b5f4a6d44e02093e8d9ad0b08d0c6cf6fd8886d8c174ce9faac99c SHA512 3ae7b6833576df851901a7619459b514bb82faeed350c864a57a782719d21f694d9ced5a3445c81dfa584a0302f87fedc660b08ea97bb8b861e76d7c5b46d07f
+DIST gnupg-2.4.5.tar.bz2 7889060 BLAKE2B a8b80cd4dfbb377066efb5c9f1b6cdc6d0cd1b18358c962781b5c06de1545117b13038a4655ae627c36bfd2e5fee127692df8729d6b23e1b31051ab6d897b733 SHA512 4d54744f09399c5899144d0cb5fdc2756e45b058db41b9ea9df3be03e80b914509e16ef35aa0248e7561185b80f7a5f9fd6afcab8ccff75ff82ed555448a38ff
+DIST gnupg-2.4.5.tar.bz2.sig 119 BLAKE2B f37fb5620bc009a5b935ac75df4235d377da4f052115c3c22c8d0887e9b21df6ea3059ac510eb2b555d825c2294e1c3ee44c86ecb371c6444a4645ca5a5c265a SHA512 53be0db371a98c930cbef9c844adcd06a8049d84dd71508f6f7427fc1736b374912c85ebf3a415748651260f65cf26f633697f4bdae2cc4a8d2c4b522db0bc71
diff --git a/app-crypt/gnupg/files/gnupg-2.4.4-dirmngr-proxy.patch b/app-crypt/gnupg/files/gnupg-2.4.4-dirmngr-proxy.patch
@@ -1,202 +0,0 @@
-https://bugs.gentoo.org/924606
-https://dev.gnupg.org/T6997
-https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=04cbc3074aa98660b513a80f623a7e9f0702c7c9
-https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=848546b05ab0ff6abd47724ecfab73bf32dd4c01
-https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=2810b934647edd483996bee1f5f9256a162b2705
-
-From 6236978d78886cbb476ed9fbc49ff99c7582b2d7 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Thu, 15 Feb 2024 15:38:34 +0900
-Subject: [PATCH 1/3] dirmngr: Fix proxy with TLS.
-
-* dirmngr/http.c (proxy_get_token, run_proxy_connect): Always
-available regardless of USE_TLS.
-(run_proxy_connect): Use log_debug_string.
-(send_request): Remove USE_TLS.
-
---
-
-Since the commit of
-
- 1009e4e5f71347a1fe194e59a9d88c8034a67016
-
-Building with TLS library is mandatory.
-
-GnuPG-bug-id: 6997
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
----
- dirmngr/http.c | 8 +-------
- 1 file changed, 1 insertion(+), 7 deletions(-)
-
-diff --git a/dirmngr/http.c b/dirmngr/http.c
-index 4899a5d55..10eecfdb0 100644
---- a/dirmngr/http.c
-+++ b/dirmngr/http.c
-@@ -2362,7 +2362,6 @@ run_gnutls_handshake (http_t hd, const char *server)
- * NULL, decode the string and use this as input from teh server. On
- * success the final output token is stored at PROXY->OUTTOKEN and
- * OUTTOKLEN. IF the authentication succeeded OUTTOKLEN is zero. */
--#ifdef USE_TLS
- static gpg_error_t
- proxy_get_token (proxy_info_t proxy, const char *inputstring)
- {
-@@ -2530,11 +2529,9 @@ proxy_get_token (proxy_info_t proxy, const char *inputstring)
-
- #endif /*!HAVE_W32_SYSTEM*/
- }
--#endif /*USE_TLS*/
-
-
- /* Use the CONNECT method to proxy our TLS stream. */
--#ifdef USE_TLS
- static gpg_error_t
- run_proxy_connect (http_t hd, proxy_info_t proxy,
- const char *httphost, const char *server,
-@@ -2586,7 +2583,7 @@ run_proxy_connect (http_t hd, proxy_info_t proxy,
- hd->keep_alive = !auth_basic; /* We may need to send more requests. */
-
- if (opt_debug || (hd->flags & HTTP_FLAG_LOG_RESP))
-- log_debug_with_string (request, "http.c:proxy:request:");
-+ log_debug_string (request, "http.c:proxy:request:");
-
- if (!hd->fp_write)
- {
-@@ -2743,7 +2740,6 @@ run_proxy_connect (http_t hd, proxy_info_t proxy,
- xfree (tmpstr);
- return err;
- }
--#endif /*USE_TLS*/
-
-
- /* Make a request string using a standard proxy. On success the
-@@ -2903,7 +2899,6 @@ send_request (ctrl_t ctrl,
- goto leave;
- }
-
--#if USE_TLS
- if (use_http_proxy && hd->uri->use_tls)
- {
- err = run_proxy_connect (hd, proxy, httphost, server, port);
-@@ -2915,7 +2910,6 @@ send_request (ctrl_t ctrl,
- * clear the flag to indicate this. */
- use_http_proxy = 0;
- }
--#endif /* USE_TLS */
-
- #if HTTP_USE_NTBTLS
- err = run_ntbtls_handshake (hd);
---
-2.43.2
-
-From 68650eb6999e674fd2f1c78f47b68d3cd1d37ff0 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Fri, 16 Feb 2024 11:31:37 +0900
-Subject: [PATCH 2/3] dirmngr: Fix the regression of use of proxy for TLS
- connection.
-
-* dirmngr/http.c (run_proxy_connect): Don't set keep_alive, since it
-causes resource leak of FP_WRITE.
-Don't try to read response body to fix the hang.
-
---
-
-GnuPG-bug-id: 6997
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
----
- dirmngr/http.c | 14 ++------------
- 1 file changed, 2 insertions(+), 12 deletions(-)
-
-diff --git a/dirmngr/http.c b/dirmngr/http.c
-index 10eecfdb0..7ce01bacd 100644
---- a/dirmngr/http.c
-+++ b/dirmngr/http.c
-@@ -2553,6 +2553,7 @@ run_proxy_connect (http_t hd, proxy_info_t proxy,
- * RFC-4559 - SPNEGO-based Kerberos and NTLM HTTP Authentication
- */
- auth_basic = !!proxy->uri->auth;
-+ hd->keep_alive = 0;
-
- /* For basic authentication we need to send just one request. */
- if (auth_basic
-@@ -2574,13 +2575,12 @@ run_proxy_connect (http_t hd, proxy_info_t proxy,
- httphost ? httphost : server,
- port,
- authhdr ? authhdr : "",
-- auth_basic? "" : "Connection: keep-alive\r\n");
-+ hd->keep_alive? "Connection: keep-alive\r\n" : "");
- if (!request)
- {
- err = gpg_error_from_syserror ();
- goto leave;
- }
-- hd->keep_alive = !auth_basic; /* We may need to send more requests. */
-
- if (opt_debug || (hd->flags & HTTP_FLAG_LOG_RESP))
- log_debug_string (request, "http.c:proxy:request:");
-@@ -2607,16 +2607,6 @@ run_proxy_connect (http_t hd, proxy_info_t proxy,
- if (err)
- goto leave;
-
-- {
-- unsigned long count = 0;
--
-- while (es_getc (hd->fp_read) != EOF)
-- count++;
-- if (opt_debug)
-- log_debug ("http.c:proxy_connect: skipped %lu bytes of response-body\n",
-- count);
-- }
--
- /* Reset state. */
- es_clearerr (hd->fp_read);
- ((cookie_t)(hd->read_cookie))->up_to_empty_line = 1;
---
-2.43.2
-
-From 7c7cbd94549d08780fc3767d6de8336b3f44e7d7 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Fri, 16 Feb 2024 16:24:26 +0900
-Subject: [PATCH 3/3] dirmngr: Fix keep-alive flag handling.
-
-* dirmngr/http.c (run_proxy_connect): Set KEEP_ALIVE if not Basic
-Authentication. Fix resource leak of FP_WRITE.
-
---
-
-GnuPG-bug-id: 6997
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
----
- dirmngr/http.c | 10 +++++++++-
- 1 file changed, 9 insertions(+), 1 deletion(-)
-
-diff --git a/dirmngr/http.c b/dirmngr/http.c
-index 7ce01bacd..da0c89ae5 100644
---- a/dirmngr/http.c
-+++ b/dirmngr/http.c
-@@ -2553,7 +2553,7 @@ run_proxy_connect (http_t hd, proxy_info_t proxy,
- * RFC-4559 - SPNEGO-based Kerberos and NTLM HTTP Authentication
- */
- auth_basic = !!proxy->uri->auth;
-- hd->keep_alive = 0;
-+ hd->keep_alive = !auth_basic; /* We may need to send more requests. */
-
- /* For basic authentication we need to send just one request. */
- if (auth_basic
-@@ -2717,6 +2717,14 @@ run_proxy_connect (http_t hd, proxy_info_t proxy,
- }
-
- leave:
-+ if (hd->keep_alive)
-+ {
-+ es_fclose (hd->fp_write);
-+ hd->fp_write = NULL;
-+ /* The close has released the cookie and thus we better set it
-+ * to NULL. */
-+ hd->write_cookie = NULL;
-+ }
- /* Restore flags, destroy stream, reset state. */
- hd->flags = saved_flags;
- es_fclose (hd->fp_read);
---
-2.43.2
-
diff --git a/app-crypt/gnupg/gnupg-2.4.4-r1.ebuild b/app-crypt/gnupg/gnupg-2.4.4-r1.ebuild
@@ -1,171 +0,0 @@
-# Copyright 1999-2024 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-# Maintainers should:
-# 1. Join the "Gentoo" project at https://dev.gnupg.org/project/view/27/
-# 2. Subscribe to release tasks like https://dev.gnupg.org/T6159
-# (find the one for the current release then subscribe to it +
-# any subsequent ones linked within so you're covered for a while.)
-
-VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/gnupg.asc
-# in-source builds are not supported: https://dev.gnupg.org/T6313#166339
-inherit flag-o-matic out-of-source multiprocessing systemd toolchain-funcs verify-sig
-
-MY_P="${P/_/-}"
-
-DESCRIPTION="The GNU Privacy Guard, a GPL OpenPGP implementation"
-HOMEPAGE="https://gnupg.org/"
-SRC_URI="mirror://gnupg/gnupg/${MY_P}.tar.bz2"
-SRC_URI+=" verify-sig? ( mirror://gnupg/gnupg/${P}.tar.bz2.sig )"
-S="${WORKDIR}/${MY_P}"
-
-LICENSE="GPL-3+"
-SLOT="0"
-KEYWORDS="~alpha amd64 arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ppc64 ~riscv ~s390 ~sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
-IUSE="bzip2 doc ldap nls readline selinux +smartcard ssl test +tofu tpm tools usb user-socket wks-server"
-RESTRICT="!test? ( test )"
-REQUIRED_USE="test? ( tofu )"
-
-# Existence of executables is checked during configuration.
-# Note: On each bump, update dep bounds on each version from configure.ac!
-DEPEND="
- >=dev-libs/libassuan-2.5.0
- >=dev-libs/libgcrypt-1.9.1:=
- >=dev-libs/libgpg-error-1.46
- >=dev-libs/libksba-1.6.3
- >=dev-libs/npth-1.2
- >=net-misc/curl-7.10
- sys-libs/zlib
- bzip2? ( app-arch/bzip2 )
- ldap? ( net-nds/openldap:= )
- readline? ( sys-libs/readline:0= )
- smartcard? ( usb? ( virtual/libusb:1 ) )
- tofu? ( >=dev-db/sqlite-3.27 )
- tpm? ( >=app-crypt/tpm2-tss-2.4.0:= )
- ssl? ( >=net-libs/gnutls-3.2:0= )
-"
-RDEPEND="
- ${DEPEND}
- nls? ( virtual/libintl )
- selinux? ( sec-policy/selinux-gpg )
- wks-server? ( virtual/mta )
-"
-PDEPEND="
- || (
- app-crypt/pinentry
- app-crypt/pinentry-dmenu
- )
-"
-BDEPEND="
- virtual/pkgconfig
- doc? ( sys-apps/texinfo )
- nls? ( sys-devel/gettext )
- verify-sig? ( sec-keys/openpgp-keys-gnupg )
-"
-
-DOCS=(
- ChangeLog NEWS README THANKS TODO VERSION
- doc/FAQ doc/DETAILS doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER
-)
-
-PATCHES=(
- "${FILESDIR}"/${PN}-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch
- "${FILESDIR}"/${P}-dirmngr-proxy.patch #924606
-)
-
-src_prepare() {
- default
-}
-
-my_src_configure() {
- # Upstream don't support LTO, bug #854222.
- filter-lto
-
- local myconf=(
- $(use_enable bzip2)
- $(use_enable nls)
- $(use_enable smartcard scdaemon)
- $(use_enable ssl gnutls)
- $(use_enable test all-tests)
- $(use_enable test tests)
- $(use_enable tofu)
- $(use_enable tofu keyboxd)
- $(use_enable tofu sqlite)
- $(usex tpm '--with-tss=intel' '--disable-tpm2d')
- $(use smartcard && use_enable usb ccid-driver || echo '--disable-ccid-driver')
- $(use_enable wks-server wks-tools)
- $(use_with ldap)
- $(use_with readline)
-
- # Hardcode mailprog to /usr/libexec/sendmail even if it does not exist.
- # As of GnuPG 2.3, the mailprog substitution is used for the binary called
- # by wks-client & wks-server; and if it's autodetected but not not exist at
- # build time, then then 'gpg-wks-client --send' functionality will not
- # work. This has an unwanted side-effect in stage3 builds: there was a
- # [R]DEPEND on virtual/mta, which also brought in virtual/logger, bloating
- # the build where the install guide previously make the user chose the
- # logger & mta early in the install.
- --with-mailprog=/usr/libexec/sendmail
-
- --disable-ntbtls
- --enable-gpgsm
- --enable-large-secmem
-
- CC_FOR_BUILD="$(tc-getBUILD_CC)"
- ac_cv_path_GPGRT_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-gpgrt-config"
-
- $("${S}/configure" --help | grep -o -- '--without-.*-prefix')
- )
-
- if use prefix && use usb; then
- # bug #649598
- append-cppflags -I"${ESYSROOT}/usr/include/libusb-1.0"
- fi
-
- # bug #663142
- if use user-socket; then
- myconf+=( --enable-run-gnupg-user-socket )
- fi
-
- # glib fails and picks up clang's internal stdint.h causing weird errors
- tc-is-clang && export gl_cv_absolute_stdint_h="${ESYSROOT}"/usr/include/stdint.h
-
- econf "${myconf[@]}"
-}
-
-my_src_compile() {
- default
-
- use doc && emake -C doc html
-}
-
-my_src_test() {
- export TESTFLAGS="--parallel=$(makeopts_jobs)"
-
- default
-}
-
-my_src_install() {
- emake DESTDIR="${D}" install
-
- use tools && dobin tools/{gpgconf,gpgsplit,gpg-check-pattern} tools/make-dns-cert
-
- dosym gpg /usr/bin/gpg2
- dosym gpgv /usr/bin/gpgv2
- echo ".so man1/gpg.1" > "${ED}"/usr/share/man/man1/gpg2.1 || die
- echo ".so man1/gpgv.1" > "${ED}"/usr/share/man/man1/gpgv2.1 || die
-
- dodir /etc/env.d
- echo "CONFIG_PROTECT=/usr/share/gnupg/qualified.txt" >> "${ED}"/etc/env.d/30gnupg || die
-
- use doc && dodoc doc/gnupg.html/*
-}
-
-my_src_install_all() {
- einstalldocs
-
- use tools && dobin tools/{convert-from-106,mail-signed-keys,lspgpot}
- use doc && dodoc doc/*.png
-}
diff --git a/app-crypt/gnupg/gnupg-2.4.5.ebuild b/app-crypt/gnupg/gnupg-2.4.5.ebuild
@@ -0,0 +1,170 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+# Maintainers should:
+# 1. Join the "Gentoo" project at https://dev.gnupg.org/project/view/27/
+# 2. Subscribe to release tasks like https://dev.gnupg.org/T6159
+# (find the one for the current release then subscribe to it +
+# any subsequent ones linked within so you're covered for a while.)
+
+VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/gnupg.asc
+# in-source builds are not supported: https://dev.gnupg.org/T6313#166339
+inherit flag-o-matic out-of-source multiprocessing systemd toolchain-funcs verify-sig
+
+MY_P="${P/_/-}"
+
+DESCRIPTION="The GNU Privacy Guard, a GPL OpenPGP implementation"
+HOMEPAGE="https://gnupg.org/"
+SRC_URI="mirror://gnupg/gnupg/${MY_P}.tar.bz2"
+SRC_URI+=" verify-sig? ( mirror://gnupg/gnupg/${P}.tar.bz2.sig )"
+S="${WORKDIR}/${MY_P}"
+
+LICENSE="GPL-3+"
+SLOT="0"
+KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
+IUSE="bzip2 doc ldap nls readline selinux +smartcard ssl test +tofu tpm tools usb user-socket wks-server"
+RESTRICT="!test? ( test )"
+REQUIRED_USE="test? ( tofu )"
+
+# Existence of executables is checked during configuration.
+# Note: On each bump, update dep bounds on each version from configure.ac!
+DEPEND="
+ >=dev-libs/libassuan-2.5.0
+ >=dev-libs/libgcrypt-1.9.1:=
+ >=dev-libs/libgpg-error-1.46
+ >=dev-libs/libksba-1.6.3
+ >=dev-libs/npth-1.2
+ >=net-misc/curl-7.10
+ sys-libs/zlib
+ bzip2? ( app-arch/bzip2 )
+ ldap? ( net-nds/openldap:= )
+ readline? ( sys-libs/readline:0= )
+ smartcard? ( usb? ( virtual/libusb:1 ) )
+ tofu? ( >=dev-db/sqlite-3.27 )
+ tpm? ( >=app-crypt/tpm2-tss-2.4.0:= )
+ ssl? ( >=net-libs/gnutls-3.2:0= )
+"
+RDEPEND="
+ ${DEPEND}
+ nls? ( virtual/libintl )
+ selinux? ( sec-policy/selinux-gpg )
+ wks-server? ( virtual/mta )
+"
+PDEPEND="
+ || (
+ app-crypt/pinentry
+ app-crypt/pinentry-dmenu
+ )
+"
+BDEPEND="
+ virtual/pkgconfig
+ doc? ( sys-apps/texinfo )
+ nls? ( sys-devel/gettext )
+ verify-sig? ( sec-keys/openpgp-keys-gnupg )
+"
+
+DOCS=(
+ ChangeLog NEWS README THANKS TODO VERSION
+ doc/FAQ doc/DETAILS doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER
+)
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch
+)
+
+src_prepare() {
+ default
+}
+
+my_src_configure() {
+ # Upstream don't support LTO, bug #854222.
+ filter-lto
+
+ local myconf=(
+ $(use_enable bzip2)
+ $(use_enable nls)
+ $(use_enable smartcard scdaemon)
+ $(use_enable ssl gnutls)
+ $(use_enable test all-tests)
+ $(use_enable test tests)
+ $(use_enable tofu)
+ $(use_enable tofu keyboxd)
+ $(use_enable tofu sqlite)
+ $(usex tpm '--with-tss=intel' '--disable-tpm2d')
+ $(use smartcard && use_enable usb ccid-driver || echo '--disable-ccid-driver')
+ $(use_enable wks-server wks-tools)
+ $(use_with ldap)
+ $(use_with readline)
+
+ # Hardcode mailprog to /usr/libexec/sendmail even if it does not exist.
+ # As of GnuPG 2.3, the mailprog substitution is used for the binary called
+ # by wks-client & wks-server; and if it's autodetected but not not exist at
+ # build time, then then 'gpg-wks-client --send' functionality will not
+ # work. This has an unwanted side-effect in stage3 builds: there was a
+ # [R]DEPEND on virtual/mta, which also brought in virtual/logger, bloating
+ # the build where the install guide previously make the user chose the
+ # logger & mta early in the install.
+ --with-mailprog=/usr/libexec/sendmail
+
+ --disable-ntbtls
+ --enable-gpgsm
+ --enable-large-secmem
+
+ CC_FOR_BUILD="$(tc-getBUILD_CC)"
+ ac_cv_path_GPGRT_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-gpgrt-config"
+
+ $("${S}/configure" --help | grep -o -- '--without-.*-prefix')
+ )
+
+ if use prefix && use usb; then
+ # bug #649598
+ append-cppflags -I"${ESYSROOT}/usr/include/libusb-1.0"
+ fi
+
+ # bug #663142
+ if use user-socket; then
+ myconf+=( --enable-run-gnupg-user-socket )
+ fi
+
+ # glib fails and picks up clang's internal stdint.h causing weird errors
+ tc-is-clang && export gl_cv_absolute_stdint_h="${ESYSROOT}"/usr/include/stdint.h
+
+ econf "${myconf[@]}"
+}
+
+my_src_compile() {
+ default
+
+ use doc && emake -C doc html
+}
+
+my_src_test() {
+ export TESTFLAGS="--parallel=$(makeopts_jobs)"
+
+ default
+}
+
+my_src_install() {
+ emake DESTDIR="${D}" install
+
+ use tools && dobin tools/{gpgconf,gpgsplit,gpg-check-pattern} tools/make-dns-cert
+
+ dosym gpg /usr/bin/gpg2
+ dosym gpgv /usr/bin/gpgv2
+ echo ".so man1/gpg.1" > "${ED}"/usr/share/man/man1/gpg2.1 || die
+ echo ".so man1/gpgv.1" > "${ED}"/usr/share/man/man1/gpgv2.1 || die
+
+ dodir /etc/env.d
+ echo "CONFIG_PROTECT=/usr/share/gnupg/qualified.txt" >> "${ED}"/etc/env.d/30gnupg || die
+
+ use doc && dodoc doc/gnupg.html/*
+}
+
+my_src_install_all() {
+ einstalldocs
+
+ use tools && dobin tools/{convert-from-106,mail-signed-keys,lspgpot}
+ use doc && dodoc doc/*.png
+}