Commit: 7c5bc4542354839d4450b2453dca4bb488f4fc96
Parent: 80d0f45c91141d6a108dee36c0950e2a2edeeb95
Author: Randy Palamar
Date: Wed, 25 Jun 2025 09:02:58 -0600
app-crypt/gnupg: bump to 2.4.8
Diffstat:
4 files changed, 176 insertions(+), 373 deletions(-)
diff --git a/app-crypt/gnupg/Manifest b/app-crypt/gnupg/Manifest
@@ -1,2 +1,2 @@
-DIST gnupg-2.4.7.tar.bz2 8010244 BLAKE2B 4cdc6be4330b0c8f150d9d1a9ce9c7d34232ecf9b980b15fbd20e96ff6fcd8665688456d66f1c862b816472034eaa0796444357b1f36e75e8520a603a0e6b298 SHA512 3e84f1679904bf0efb789df6466e468bd2be9149d52561f35e2380038133479bebf1c61ee7adf6d3564b370915f32111098c052be6e6acaf3083a807f9f36019
-DIST gnupg-2.4.7.tar.bz2.sig 119 BLAKE2B e97012f433c2818dda953ccaa2f5e8e94492b306a7815b16d7a9f8bf165f11972114d94a1aaba6156baed0ee3566ad998ed74a9521c71464268f4c6f8f14306c SHA512 d944a57b21fa7a4058fb4f00e3c164220be038037010a07a43e48c881dd66d901f8ea249f5df183a1c7de811ecc3aa9ed1591c18baf201e338129eb7e28bddc4
+DIST gnupg-2.4.8.tar.bz2 8017685 BLAKE2B ab7126aac6c7bf323075c68084c963f75d93c729d8918b6ca10ef0a4466879636433c682a5437776d2ce9f5d432e1f66995dd94a4f44d7f184542f030087dbb2 SHA512 d7f07a258141a583bc8be18c0984d7dfe8508f12c624c053881ee63dfee11adcda8de216bcaaef9f5d24a1e217de70bf69ee2e3cc43b0da66a0e571ce9c4b436
+DIST gnupg-2.4.8.tar.bz2.sig 119 BLAKE2B 4f94b2abc40b17cfab44f28fc2a2ae5246f8356141a3932a92b5adb78002c7064bb132a6529079bc14900036f90d9d318d7d01818999150e2c875b88a3fca265 SHA512 9fb54be4e99ecee6c7b649d6f0ef24a25e81c0af57e07ccdd512a1ea2ebf7558dd25518b7b78347e4a216167849e6285bb91ec23d0968966aba0784d45f02a06
diff --git a/app-crypt/gnupg/files/gnupg-2.4.5-revert-rfc4880bis.patch b/app-crypt/gnupg/files/gnupg-2.4.5-revert-rfc4880bis.patch
@@ -1,196 +0,0 @@
-https://lwn.net/Articles/953797/
-https://security.stackexchange.com/questions/275883/should-one-really-disable-aead-for-recent-gnupg-created-pgp-keys
-https://lists.gnupg.org/pipermail/librepgp-discuss/2023/000001.html
-https://bugs.gentoo.org/926186
-
-From 1e4f1550996334d2a631a5d769e937d29ace47bb Mon Sep 17 00:00:00 2001
-From: Jakub Jelen <jjelen@redhat.com>
-Date: Thu, 9 Feb 2023 16:38:58 +0100
-Subject: [PATCH gnupg] Revert the introduction of the RFC4880bis draft into
- defaults
-
-This reverts commit 4583f4fe2 (gpg: Merge --rfc4880bis features into
---gnupg, 2022-10-31).
---- a/g10/gpg.c
-+++ b/g10/gpg.c
-@@ -247,6 +247,7 @@ enum cmd_and_opt_values
- oGnuPG,
- oRFC2440,
- oRFC4880,
-+ oRFC4880bis,
- oOpenPGP,
- oPGP7,
- oPGP8,
-@@ -636,6 +637,7 @@ static gpgrt_opt_t opts[] = {
- ARGPARSE_s_n (oGnuPG, "no-pgp8", "@"),
- ARGPARSE_s_n (oRFC2440, "rfc2440", "@"),
- ARGPARSE_s_n (oRFC4880, "rfc4880", "@"),
-+ ARGPARSE_s_n (oRFC4880bis, "rfc4880bis", "@"),
- ARGPARSE_s_n (oOpenPGP, "openpgp", N_("use strict OpenPGP behavior")),
- ARGPARSE_s_n (oPGP7, "pgp6", "@"),
- ARGPARSE_s_n (oPGP7, "pgp7", "@"),
-@@ -978,7 +980,6 @@ static gpgrt_opt_t opts[] = {
- ARGPARSE_s_n (oNoop, "no-allow-multiple-messages", "@"),
- ARGPARSE_s_s (oNoop, "aead-algo", "@"),
- ARGPARSE_s_s (oNoop, "personal-aead-preferences","@"),
-- ARGPARSE_s_n (oNoop, "rfc4880bis", "@"),
- ARGPARSE_s_n (oNoop, "override-compliance-check", "@"),
-
-
-@@ -2227,7 +2228,7 @@ static struct gnupg_compliance_option compliance_options[] =
- {
- { "gnupg", oGnuPG },
- { "openpgp", oOpenPGP },
-- { "rfc4880bis", oGnuPG },
-+ { "rfc4880bis", oRFC4880bis },
- { "rfc4880", oRFC4880 },
- { "rfc2440", oRFC2440 },
- { "pgp6", oPGP7 },
-@@ -2243,8 +2244,28 @@ static struct gnupg_compliance_option compliance_options[] =
- static void
- set_compliance_option (enum cmd_and_opt_values option)
- {
-+ opt.flags.rfc4880bis = 0; /* Clear because it is initially set. */
-+
- switch (option)
- {
-+ case oRFC4880bis:
-+ opt.flags.rfc4880bis = 1;
-+ opt.compliance = CO_RFC4880;
-+ opt.flags.dsa2 = 1;
-+ opt.flags.require_cross_cert = 1;
-+ opt.rfc2440_text = 0;
-+ opt.allow_non_selfsigned_uid = 1;
-+ opt.allow_freeform_uid = 1;
-+ opt.escape_from = 1;
-+ opt.not_dash_escaped = 0;
-+ opt.def_cipher_algo = 0;
-+ opt.def_digest_algo = 0;
-+ opt.cert_digest_algo = 0;
-+ opt.compress_algo = -1;
-+ opt.s2k_mode = 3; /* iterated+salted */
-+ opt.s2k_digest_algo = DIGEST_ALGO_SHA256;
-+ opt.s2k_cipher_algo = CIPHER_ALGO_AES256;
-+ break;
- case oOpenPGP:
- case oRFC4880:
- /* This is effectively the same as RFC2440, but with
-@@ -2288,6 +2309,7 @@ set_compliance_option (enum cmd_and_opt_values option)
- case oPGP8: opt.compliance = CO_PGP8; break;
- case oGnuPG:
- opt.compliance = CO_GNUPG;
-+ opt.flags.rfc4880bis = 1;
- break;
-
- case oDE_VS:
-@@ -2491,6 +2513,7 @@ main (int argc, char **argv)
- opt.emit_version = 0;
- opt.weak_digests = NULL;
- opt.compliance = CO_GNUPG;
-+ opt.flags.rfc4880bis = 1;
-
- /* Check special options given on the command line. */
- orig_argc = argc;
-@@ -3033,6 +3056,7 @@ main (int argc, char **argv)
- case oOpenPGP:
- case oRFC2440:
- case oRFC4880:
-+ case oRFC4880bis:
- case oPGP7:
- case oPGP8:
- case oGnuPG:
-@@ -3862,6 +3886,11 @@ main (int argc, char **argv)
- if( may_coredump && !opt.quiet )
- log_info(_("WARNING: program may create a core file!\n"));
-
-+ if (!opt.flags.rfc4880bis)
-+ {
-+ opt.mimemode = 0; /* This will use text mode instead. */
-+ }
-+
- if (eyes_only) {
- if (opt.set_filename)
- log_info(_("WARNING: %s overrides %s\n"),
-@@ -4078,7 +4107,7 @@ main (int argc, char **argv)
- /* Check our chosen algorithms against the list of legal
- algorithms. */
-
-- if(!GNUPG)
-+ if(!GNUPG && !opt.flags.rfc4880bis)
- {
- const char *badalg=NULL;
- preftype_t badtype=PREFTYPE_NONE;
---- a/g10/keygen.c
-+++ b/g10/keygen.c
-@@ -404,7 +404,7 @@ keygen_set_std_prefs (const char *string,int personal)
- strcat(dummy_string,"S7 ");
- strcat(dummy_string,"S2 "); /* 3DES */
-
-- if (!openpgp_aead_test_algo (AEAD_ALGO_OCB))
-+ if (opt.flags.rfc4880bis && !openpgp_aead_test_algo (AEAD_ALGO_OCB))
- strcat(dummy_string,"A2 ");
-
- if (personal)
-@@ -889,7 +889,7 @@ keygen_upd_std_prefs (PKT_signature *sig, void *opaque)
- /* Make sure that the MDC feature flag is set if needed. */
- add_feature_mdc (sig,mdc_available);
- add_feature_aead (sig, aead_available);
-- add_feature_v5 (sig, 1);
-+ add_feature_v5 (sig, opt.flags.rfc4880bis);
- add_keyserver_modify (sig,ks_modify);
- keygen_add_keyserver_url(sig,NULL);
-
-@@ -3382,7 +3382,10 @@ parse_key_parameter_part (ctrl_t ctrl,
- }
- }
- else if (!ascii_strcasecmp (s, "v5"))
-- keyversion = 5;
-+ {
-+ if (opt.flags.rfc4880bis)
-+ keyversion = 5;
-+ }
- else if (!ascii_strcasecmp (s, "v4"))
- keyversion = 4;
- else
-@@ -3641,7 +3644,7 @@ parse_key_parameter_part (ctrl_t ctrl,
- * ecdsa := Use algorithm ECDSA.
- * eddsa := Use algorithm EdDSA.
- * ecdh := Use algorithm ECDH.
-- * v5 := Create version 5 key
-+ * v5 := Create version 5 key (requires option --rfc4880bis)
- *
- * There are several defaults and fallbacks depending on the
- * algorithm. PART can be used to select which part of STRING is
-@@ -4513,9 +4516,9 @@ read_parameter_file (ctrl_t ctrl, const char *fname )
- }
- }
-
-- if ((keywords[i].key == pVERSION
-- || keywords[i].key == pSUBVERSION))
-- ; /* Ignore version. */
-+ if (!opt.flags.rfc4880bis && (keywords[i].key == pVERSION
-+ || keywords[i].key == pSUBVERSION))
-+ ; /* Ignore version unless --rfc4880bis is active. */
- else
- {
- r = xmalloc_clear( sizeof *r + strlen( value ) );
-@@ -4610,11 +4613,14 @@ quickgen_set_para (struct para_data_s *para, int for_subkey,
- para = r;
- }
-
-- r = xmalloc_clear (sizeof *r + 20);
-- r->key = for_subkey? pSUBVERSION : pVERSION;
-- snprintf (r->u.value, 20, "%d", version);
-- r->next = para;
-- para = r;
-+ if (opt.flags.rfc4880bis)
-+ {
-+ r = xmalloc_clear (sizeof *r + 20);
-+ r->key = for_subkey? pSUBVERSION : pVERSION;
-+ snprintf (r->u.value, 20, "%d", version);
-+ r->next = para;
-+ para = r;
-+ }
-
- if (keytime)
- {
diff --git a/app-crypt/gnupg/gnupg-2.4.7-r1.ebuild b/app-crypt/gnupg/gnupg-2.4.7-r1.ebuild
@@ -1,175 +0,0 @@
-# Copyright 1999-2025 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-# Maintainers should:
-# 1. Join the "Gentoo" project at https://dev.gnupg.org/project/view/27/
-# 2. Subscribe to release tasks like https://dev.gnupg.org/T6159
-# (find the one for the current release then subscribe to it +
-# any subsequent ones linked within so you're covered for a while.)
-
-VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/gnupg.asc
-# in-source builds are not supported: https://dev.gnupg.org/T6313#166339
-inherit flag-o-matic out-of-source multiprocessing systemd toolchain-funcs verify-sig
-
-MY_P="${P/_/-}"
-
-DESCRIPTION="The GNU Privacy Guard, a GPL OpenPGP implementation"
-HOMEPAGE="https://gnupg.org/"
-SRC_URI="mirror://gnupg/gnupg/${MY_P}.tar.bz2"
-SRC_URI+=" verify-sig? ( mirror://gnupg/gnupg/${P}.tar.bz2.sig )"
-S="${WORKDIR}/${MY_P}"
-
-LICENSE="GPL-3+"
-SLOT="0"
-KEYWORDS="~alpha amd64 arm arm64 hppa ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
-IUSE="bzip2 doc ldap nls readline selinux +smartcard ssl test +tofu tpm tools usb user-socket wks-server"
-RESTRICT="!test? ( test )"
-REQUIRED_USE="test? ( tofu )"
-
-# Existence of executables is checked during configuration.
-# Note: On each bump, update dep bounds on each version from configure.ac!
-DEPEND="
- >=dev-libs/libassuan-2.5.0:=
- >=dev-libs/libgcrypt-1.9.1:=
- >=dev-libs/libgpg-error-1.46
- >=dev-libs/libksba-1.6.3
- >=dev-libs/npth-1.2
- sys-libs/zlib
- bzip2? ( app-arch/bzip2 )
- ldap? ( net-nds/openldap:= )
- readline? ( sys-libs/readline:0= )
- smartcard? ( usb? ( virtual/libusb:1 ) )
- tofu? ( >=dev-db/sqlite-3.27 )
- tpm? ( >=app-crypt/tpm2-tss-2.4.0:= )
- ssl? ( >=net-libs/gnutls-3.2:0= )
-"
-RDEPEND="
- ${DEPEND}
- nls? ( virtual/libintl )
- selinux? ( sec-policy/selinux-gpg )
- wks-server? ( virtual/mta )
-"
-PDEPEND="
- || (
- app-crypt/pinentry
- app-crypt/pinentry-dmenu
- )
-"
-BDEPEND="
- virtual/pkgconfig
- doc? ( sys-apps/texinfo )
- nls? ( sys-devel/gettext )
- verify-sig? ( sec-keys/openpgp-keys-gnupg )
-"
-
-DOCS=(
- ChangeLog NEWS README THANKS TODO VERSION
- doc/FAQ doc/DETAILS doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER
-)
-
-PATCHES=(
- "${FILESDIR}"/${PN}-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch
- "${FILESDIR}"/${PN}-2.4.5-revert-rfc4880bis.patch # bug #926186
-)
-
-src_prepare() {
- default
-}
-
-my_src_configure() {
- # Upstream don't support LTO, bug #854222.
- filter-lto
-
- local myconf=(
- $(use_enable bzip2)
- $(use_enable nls)
- $(use_enable smartcard scdaemon)
- $(use_enable ssl gnutls)
- $(use_enable test all-tests)
- $(use_enable test tests)
- $(use_enable tofu)
- $(use_enable tofu keyboxd)
- $(use_enable tofu sqlite)
- $(usex tpm '--with-tss=intel' '--disable-tpm2d')
- $(use smartcard && use_enable usb ccid-driver || echo '--disable-ccid-driver')
- $(use_enable wks-server wks-tools)
- $(use_with ldap)
- $(use_with readline)
-
- # Hardcode mailprog to /usr/libexec/sendmail even if it does not exist.
- # As of GnuPG 2.3, the mailprog substitution is used for the binary called
- # by wks-client & wks-server; and if it's autodetected but not not exist at
- # build time, then then 'gpg-wks-client --send' functionality will not
- # work. This has an unwanted side-effect in stage3 builds: there was a
- # [R]DEPEND on virtual/mta, which also brought in virtual/logger, bloating
- # the build where the install guide previously make the user chose the
- # logger & mta early in the install.
- --with-mailprog=/usr/libexec/sendmail
-
- --disable-ntbtls
- --enable-gpgsm
- --enable-large-secmem
-
- CC_FOR_BUILD="$(tc-getBUILD_CC)"
- GPGRT_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-gpgrt-config"
-
- $("${S}/configure" --help | grep -o -- '--without-.*-prefix')
- )
-
- if use prefix && use usb; then
- # bug #649598
- append-cppflags -I"${ESYSROOT}/usr/include/libusb-1.0"
- fi
-
- if [[ ${CHOST} == *-solaris* ]] ; then
- # https://dev.gnupg.org/T7368
- append-cppflags -D_XOPEN_SOURCE=500
- fi
-
- # bug #663142
- if use user-socket; then
- myconf+=( --enable-run-gnupg-user-socket )
- fi
-
- # glib fails and picks up clang's internal stdint.h causing weird errors
- tc-is-clang && export gl_cv_absolute_stdint_h="${ESYSROOT}"/usr/include/stdint.h
-
- econf "${myconf[@]}"
-}
-
-my_src_compile() {
- default
-
- use doc && emake -C doc html
-}
-
-my_src_test() {
- export TESTFLAGS="--parallel=$(makeopts_jobs)"
-
- default
-}
-
-my_src_install() {
- emake DESTDIR="${D}" install
-
- use tools && dobin tools/{gpgconf,gpgsplit,gpg-check-pattern} tools/make-dns-cert
-
- dosym gpg /usr/bin/gpg2
- dosym gpgv /usr/bin/gpgv2
- echo ".so man1/gpg.1" > "${ED}"/usr/share/man/man1/gpg2.1 || die
- echo ".so man1/gpgv.1" > "${ED}"/usr/share/man/man1/gpgv2.1 || die
-
- dodir /etc/env.d
- echo "CONFIG_PROTECT=/usr/share/gnupg/qualified.txt" >> "${ED}"/etc/env.d/30gnupg || die
-
- use doc && dodoc doc/gnupg.html/*
-}
-
-my_src_install_all() {
- einstalldocs
-
- use tools && dobin tools/{convert-from-106,mail-signed-keys,lspgpot}
- use doc && dodoc doc/*.png
-}
diff --git a/app-crypt/gnupg/gnupg-2.4.8.ebuild b/app-crypt/gnupg/gnupg-2.4.8.ebuild
@@ -0,0 +1,174 @@
+# Copyright 1999-2025 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+# Maintainers should:
+# 1. Join the "Gentoo" project at https://dev.gnupg.org/project/view/27/
+# 2. Subscribe to release tasks like https://dev.gnupg.org/T6159
+# (find the one for the current release then subscribe to it +
+# any subsequent ones linked within so you're covered for a while.)
+
+VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/gnupg.asc
+# in-source builds are not supported: https://dev.gnupg.org/T6313#166339
+inherit flag-o-matic out-of-source multiprocessing systemd toolchain-funcs verify-sig
+
+MY_P="${P/_/-}"
+
+DESCRIPTION="The GNU Privacy Guard, a GPL OpenPGP implementation"
+HOMEPAGE="https://gnupg.org/"
+SRC_URI="mirror://gnupg/gnupg/${MY_P}.tar.bz2"
+SRC_URI+=" verify-sig? ( mirror://gnupg/gnupg/${P}.tar.bz2.sig )"
+S="${WORKDIR}/${MY_P}"
+
+LICENSE="GPL-3+"
+SLOT="0"
+KEYWORDS="~alpha amd64 arm arm64 hppa ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~x64-solaris"
+IUSE="bzip2 doc ldap nls readline selinux +smartcard ssl test +tofu tpm tools usb user-socket wks-server"
+RESTRICT="!test? ( test )"
+REQUIRED_USE="test? ( tofu )"
+
+# Existence of executables is checked during configuration.
+# Note: On each bump, update dep bounds on each version from configure.ac!
+DEPEND="
+ >=dev-libs/libassuan-2.5.0:=
+ >=dev-libs/libgcrypt-1.9.1:=
+ >=dev-libs/libgpg-error-1.46
+ >=dev-libs/libksba-1.6.3
+ >=dev-libs/npth-1.2
+ sys-libs/zlib
+ bzip2? ( app-arch/bzip2 )
+ ldap? ( net-nds/openldap:= )
+ readline? ( sys-libs/readline:0= )
+ smartcard? ( usb? ( virtual/libusb:1 ) )
+ tofu? ( >=dev-db/sqlite-3.27 )
+ tpm? ( >=app-crypt/tpm2-tss-2.4.0:= )
+ ssl? ( >=net-libs/gnutls-3.2:0= )
+"
+RDEPEND="
+ ${DEPEND}
+ nls? ( virtual/libintl )
+ selinux? ( sec-policy/selinux-gpg )
+ wks-server? ( virtual/mta )
+"
+PDEPEND="
+ || (
+ app-crypt/pinentry
+ app-crypt/pinentry-dmenu
+ )
+"
+BDEPEND="
+ virtual/pkgconfig
+ doc? ( sys-apps/texinfo )
+ nls? ( sys-devel/gettext )
+ verify-sig? ( sec-keys/openpgp-keys-gnupg )
+"
+
+DOCS=(
+ ChangeLog NEWS README THANKS TODO VERSION
+ doc/FAQ doc/DETAILS doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER
+)
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch
+)
+
+src_prepare() {
+ default
+}
+
+my_src_configure() {
+ # Upstream don't support LTO, bug #854222.
+ filter-lto
+
+ local myconf=(
+ $(use_enable bzip2)
+ $(use_enable nls)
+ $(use_enable smartcard scdaemon)
+ $(use_enable ssl gnutls)
+ $(use_enable test all-tests)
+ $(use_enable test tests)
+ $(use_enable tofu)
+ $(use_enable tofu keyboxd)
+ $(use_enable tofu sqlite)
+ $(usex tpm '--with-tss=intel' '--disable-tpm2d')
+ $(use smartcard && use_enable usb ccid-driver || echo '--disable-ccid-driver')
+ $(use_enable wks-server wks-tools)
+ $(use_with ldap)
+ $(use_with readline)
+
+ # Hardcode mailprog to /usr/libexec/sendmail even if it does not exist.
+ # As of GnuPG 2.3, the mailprog substitution is used for the binary called
+ # by wks-client & wks-server; and if it's autodetected but not not exist at
+ # build time, then then 'gpg-wks-client --send' functionality will not
+ # work. This has an unwanted side-effect in stage3 builds: there was a
+ # [R]DEPEND on virtual/mta, which also brought in virtual/logger, bloating
+ # the build where the install guide previously make the user chose the
+ # logger & mta early in the install.
+ --with-mailprog=/usr/libexec/sendmail
+
+ --disable-ntbtls
+ --enable-gpgsm
+ --enable-large-secmem
+
+ CC_FOR_BUILD="$(tc-getBUILD_CC)"
+ GPGRT_CONFIG="${ESYSROOT}/usr/bin/${CHOST}-gpgrt-config"
+
+ $("${S}/configure" --help | grep -o -- '--without-.*-prefix')
+ )
+
+ if use prefix && use usb; then
+ # bug #649598
+ append-cppflags -I"${ESYSROOT}/usr/include/libusb-1.0"
+ fi
+
+ if [[ ${CHOST} == *-solaris* ]] ; then
+ # https://dev.gnupg.org/T7368
+ append-cppflags -D_XOPEN_SOURCE=500
+ fi
+
+ # bug #663142
+ if use user-socket; then
+ myconf+=( --enable-run-gnupg-user-socket )
+ fi
+
+ # glib fails and picks up clang's internal stdint.h causing weird errors
+ tc-is-clang && export gl_cv_absolute_stdint_h="${ESYSROOT}"/usr/include/stdint.h
+
+ econf "${myconf[@]}"
+}
+
+my_src_compile() {
+ default
+
+ use doc && emake -C doc html
+}
+
+my_src_test() {
+ export TESTFLAGS="--parallel=$(makeopts_jobs)"
+
+ default
+}
+
+my_src_install() {
+ emake DESTDIR="${D}" install
+
+ use tools && dobin tools/{gpgconf,gpgsplit,gpg-check-pattern} tools/make-dns-cert
+
+ dosym gpg /usr/bin/gpg2
+ dosym gpgv /usr/bin/gpgv2
+ echo ".so man1/gpg.1" > "${ED}"/usr/share/man/man1/gpg2.1 || die
+ echo ".so man1/gpgv.1" > "${ED}"/usr/share/man/man1/gpgv2.1 || die
+
+ dodir /etc/env.d
+ echo "CONFIG_PROTECT=/usr/share/gnupg/qualified.txt" >> "${ED}"/etc/env.d/30gnupg || die
+
+ use doc && dodoc doc/gnupg.html/*
+}
+
+my_src_install_all() {
+ einstalldocs
+
+ use tools && dobin tools/{convert-from-106,mail-signed-keys,lspgpot}
+ use doc && dodoc doc/*.png
+}