summary refs log tree commit diff
path: root/gnu/packages/gnupg.scm
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/gnupg.scm')
-rw-r--r--gnu/packages/gnupg.scm214
1 files changed, 118 insertions, 96 deletions
diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm
index f397482ab0..42b54c1ea0 100644
--- a/gnu/packages/gnupg.scm
+++ b/gnu/packages/gnupg.scm
@@ -1,6 +1,6 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2018 Ludovic Courtès <ludo@gnu.org>
-;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr>
+;;; Copyright © 2013, 2015, 2018 Andreas Enge <andreas@enge.fr>
 ;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org>
 ;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
 ;;; Copyright © 2015 Paul van der Walt <paul@denknerd.org>
@@ -14,6 +14,7 @@
 ;;; Copyright © 2017 Leo Famulari <leo@famulari.name>
 ;;; Copyright © 2017 Petter <petter@mykolab.ch>
 ;;; Copyright © 2018 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2018 Marius Bakke <mbakke@fastmail.com>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -69,7 +70,7 @@
 (define-public libgpg-error
   (package
     (name "libgpg-error")
-    (version "1.27")
+    (version "1.28")
     (source
      (origin
       (method url-fetch)
@@ -77,7 +78,8 @@
                           version ".tar.bz2"))
       (sha256
        (base32
-        "1li95ni122fzinzlmxbln63nmgij63irxfvi52ws4zfbzv3am4sg"))))
+        "0jfsfnh9bxlxiwxws60yah4ybjw2hshmvqp31pri4m4h8ivrbnry"))
+      (patches (search-patches "libgpg-error-aarch64-logging-fix.patch"))))
     (build-system gnu-build-system)
     (home-page "https://gnupg.org")
     (synopsis "Library of error values for GnuPG components")
@@ -90,17 +92,31 @@ Daemon and possibly more in the future.")
     (properties '((ftp-server . "ftp.gnupg.org")
                   (ftp-directory . "/gcrypt/libgpg-error")))))
 
+;; Some packages (e.g. GPGME) require a newer libgpg-error to deal with
+;; error codes from recent GnuPG.  Remove this in the next rebuild cycle.
+(define-public libgpg-error-1.31
+  (package
+    (inherit libgpg-error)
+    (version "1.31")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "mirror://gnupg/libgpg-error/libgpg-error-"
+                                  version ".tar.bz2"))
+              (sha256
+               (base32
+                "1vx4nw6rxh2biy3h8n96fyr86q29h8gjl6837437i51jr4isil20"))))))
+
 (define-public libgcrypt
   (package
     (name "libgcrypt")
-    (version "1.8.1")
+    (version "1.8.2")
     (source (origin
              (method url-fetch)
              (uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
                                  version ".tar.bz2"))
              (sha256
               (base32
-               "1cvqd9jk5qshbh48yh3ixw4zyr4n5k50r3475rrh20xfn7w7aa3s"))))
+               "01sca9m8hm6b5v8hmqsfdjhyz013869p1f0fxw9ln52qfnp4q1n8"))))
     (build-system gnu-build-system)
     (propagated-inputs
      `(("libgpg-error-host" ,libgpg-error)))
@@ -215,14 +231,14 @@ compatible to GNU Pth.")
 (define-public gnupg
   (package
     (name "gnupg")
-    (version "2.2.6")
+    (version "2.2.8")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnupg/gnupg/gnupg-" version
                                   ".tar.bz2"))
               (sha256
                (base32
-                "110rf476l3cgn52gh9ia5y0y06y2ialq9dqc12jkhnfhl9gqqkg6"))))
+                "1k8dnnfs9888yp713l7kg2jg110lw47s4krx0njna6fjrsw4qyvp"))))
     (build-system gnu-build-system)
     (native-inputs
      `(("pkg-config" ,pkg-config)))
@@ -338,6 +354,7 @@ libskba (working with X.509 certificates and CMS data).")
               (method url-fetch)
               (uri (string-append "mirror://gnupg/gnupg/gnupg-" version
                                   ".tar.bz2"))
+              (patches (search-patches "gnupg-1.4-CVE-2018-12020.patch"))
               (sha256
                (base32
                 "1d1hz4szh1kvwhsw7w2zxa6q5ndrk3qy6hj289l1b8k3xi5s554m"))))
@@ -354,12 +371,13 @@ libskba (working with X.509 certificates and CMS data).")
          (add-after 'unpack 'patch-check-sh
            (lambda _
              (substitute* "checks/Makefile.in"
-               (("/bin/sh") (which "sh"))))))))))
+               (("/bin/sh") (which "sh")))
+             #t)))))))
 
 (define-public gpgme
   (package
     (name "gpgme")
-    (version "1.10.0")
+    (version "1.11.1")
     (source
      (origin
       (method url-fetch)
@@ -367,13 +385,13 @@ libskba (working with X.509 certificates and CMS data).")
                           ".tar.bz2"))
       (sha256
        (base32
-        "14q619lxbk64vz7lih5gjb928qm28jrnn1h3yhsrrff3jw8yv3qs"))))
+        "0vxx5xaag3rhp4g2arp5qm77gvz4kj0m3hnpvhkdvqyjfhbi26rd"))))
     (build-system gnu-build-system)
     (native-inputs
      `(("gnupg" ,gnupg)))
     (propagated-inputs
      ;; Needs to be propagated because gpgme.h includes gpg-error.h.
-     `(("libgpg-error" ,libgpg-error)))
+     `(("libgpg-error" ,libgpg-error-1.31)))
     (inputs
      `(("libassuan" ,libassuan)))
     (home-page "https://www.gnupg.org/related_software/gpgme/")
@@ -575,10 +593,12 @@ signing, decryption, verification, and key-listing parsing.")
                   version "/pius-" version ".tar.bz2"))
             (sha256
              (base32
-              "1893hzpx3zv724drqv48csrn0cm98xw4ymb1zmhs2jvjj1778zfj"))))
+              "1893hzpx3zv724drqv48csrn0cm98xw4ymb1zmhs2jvjj1778zfj"))
+            (patches (search-patches "pius.patch"))))
    (build-system python-build-system)
    (inputs `(("perl" ,perl)                ;for 'pius-party-worksheet'
-             ("gpg" ,gnupg)))
+             ("gpg" ,gnupg)
+             ("python-six" ,python2-six)))
    (arguments
     `(#:tests? #f
       #:python ,python-2                     ;uses the Python 2 'print' syntax
@@ -606,84 +626,87 @@ PGP keysigning parties.")
    (home-page "https://www.phildev.net/pius/index.shtml")))
 
 (define-public signing-party
-  (package
-   (name "signing-party")
-   (version "2.6")
-   (source (origin
-            (method url-fetch)
-            (uri (string-append "mirror://debian/pool/main/s/signing-party/"
-                                "signing-party_" version ".orig.tar.gz"))
-            (sha256 (base32
-                     "1n5bpcfpl9vg1xp6r1jhbyahrgdyxp05b5pria1rh4m0qnv8sifr"))))
-   (build-system gnu-build-system)
-   (native-inputs
-    `(("autoconf" ,autoconf-wrapper)
-      ("automake" ,automake)))
-   (inputs `(("perl" ,perl)
-             ("perl-text-template" ,perl-text-template)
-             ("perl-mime-tools" ,perl-mime-tools)
-             ("perl-gnupg-interface" ,perl-gnupg-interface)
-             ("perl-net-idn-encode" ,perl-net-idn-encode)
-             ("libmd" ,libmd)))
-   (arguments
-    `(#:tests? #f
-      #:phases
-      (modify-phases %standard-phases
-        (add-before 'configure 'change-directory
-          (lambda _
-            ;; The build system in the unpack phase changes to a less useful
-            ;; subdirectory, so move up one level
-            (chdir (dirname (getcwd)))))
-        (replace 'configure
-          (lambda* (#:key outputs #:allow-other-keys)
-            (let ((out (assoc-ref outputs "out")))
-              (substitute* "keyanalyze/Makefile"
-                (("LDLIBS") (string-append "CC=" (which "gcc") "\nLDLIBS")))
-              (substitute* "keyanalyze/Makefile"
-                (("\\./configure") (string-append "./configure --prefix=" out)))
-              (substitute* "gpgwrap/src/Makefile"
-                (("\\} clean")
-                 (string-append "} clean\ninstall:\n\tinstall -D bin/gpgwrap "
-                                out "/bin/gpgwrap\n")))
-              (substitute* '("gpgsigs/Makefile" "keyanalyze/Makefile"
-                             "keylookup/Makefile" "sig2dot/Makefile"
-                             "springgraph/Makefile")
-                (("/usr") out))
-              (setenv "CONFIG_SHELL" (which "sh")))))
-        (replace 'install
-          (lambda* (#:key outputs #:allow-other-keys #:rest args)
-            (let ((out (assoc-ref outputs "out"))
-                  (install (assoc-ref %standard-phases 'install)))
-              (apply install args)
-              (for-each
-                (lambda (dir file)
-                  (copy-file (string-append dir "/" file)
-                             (string-append out "/bin/" file)))
-                '("caff" "caff" "caff" "gpgdir" "gpg-key2ps"
-                  "gpglist" "gpg-mailkeys" "gpgparticipants")
-                '("caff" "pgp-clean" "pgp-fixkey" "gpgdir" "gpg-key2ps"
-                  "gpglist" "gpg-mailkeys" "gpgparticipants"))
-              (for-each
-                (lambda (dir file)
-                  (copy-file (string-append dir "/" file)
-                             (string-append out "/share/man/man1/" file)))
-                '("caff" "caff" "caff" "gpgdir"
-                  "gpg-key2ps" "gpglist" "gpg-mailkeys"
-                  "gpgparticipants" "gpgsigs" "gpgwrap/doc"
-                  "keyanalyze" "keyanalyze/pgpring" "keyanalyze")
-                '("caff.1" "pgp-clean.1" "pgp-fixkey.1" "gpgdir.1"
-                  "gpg-key2ps.1" "gpglist.1" "gpg-mailkeys.1"
-                  "gpgparticipants.1" "gpgsigs.1" "gpgwrap.1"
-                  "process_keys.1" "pgpring.1" "keyanalyze.1")))))
-        (add-after 'install 'wrap-programs
-          (lambda* (#:key outputs #:allow-other-keys)
-            (let* ((out (assoc-ref outputs "out")))
-              (wrap-program
-                  (string-append out "/bin/caff")
-                `("PERL5LIB" ":" prefix (,(getenv "PERL5LIB"))))))))))
-   (synopsis "Collection of scripts for simplifying gnupg key signing")
-   (description
-    "Signing-party is a collection for all kinds of PGP/GnuPG related things,
+  ;; Upstream moved from alioth.debian.org to salsa.debian.org but the
+  ;; automatic svn import did not preserve tags apparently, so there's no real
+  ;; version number.
+  (let ((commit "d6f2296325605ee96ddf9f5b156e5e3f667a6df3")
+        (revision "0"))
+    (package
+      (name "signing-party")
+      (version (git-version "2.6" revision commit))
+      (home-page "https://salsa.debian.org/stappers/pgp-tools")
+      (source (origin
+                (method git-fetch)
+                (uri (git-reference
+                      (url home-page)
+                      (commit commit)))
+                (sha256
+                 (base32
+                  "00f7zasbwcbjzd92br2j10pyjxv0aw1qb4540qfz2dxzxgmdscrz"))))
+      (build-system gnu-build-system)
+      (native-inputs
+       `(("autoconf" ,autoconf-wrapper)
+         ("automake" ,automake)))
+      (inputs `(("perl" ,perl)
+                ("perl-text-template" ,perl-text-template)
+                ("perl-mime-tools" ,perl-mime-tools)
+                ("perl-gnupg-interface" ,perl-gnupg-interface)
+                ("perl-net-idn-encode" ,perl-net-idn-encode)
+                ("libmd" ,libmd)))
+      (arguments
+       `(#:tests? #f
+         #:phases
+         (modify-phases %standard-phases
+           (replace 'configure
+             (lambda* (#:key outputs #:allow-other-keys)
+               (let ((out (assoc-ref outputs "out")))
+                 (substitute* "keyanalyze/Makefile"
+                   (("LDLIBS") (string-append "CC=" (which "gcc") "\nLDLIBS")))
+                 (substitute* "keyanalyze/Makefile"
+                   (("\\./configure") (string-append "./configure --prefix=" out)))
+                 (substitute* "gpgwrap/Makefile"
+                   (("\\} clean")
+                    (string-append "} clean\ninstall:\n\tinstall -D bin/gpgwrap "
+                                   out "/bin/gpgwrap\n")))
+                 (substitute* '("gpgsigs/Makefile" "keyanalyze/Makefile"
+                                "keylookup/Makefile" "sig2dot/Makefile"
+                                "springgraph/Makefile")
+                   (("/usr") out))
+                 (setenv "CONFIG_SHELL" (which "sh")))))
+           (replace 'install
+             (lambda* (#:key outputs #:allow-other-keys #:rest args)
+               (let ((out (assoc-ref outputs "out"))
+                     (install (assoc-ref %standard-phases 'install)))
+                 (apply install args)
+                 (for-each
+                  (lambda (dir file)
+                    (copy-file (string-append dir "/" file)
+                               (string-append out "/bin/" file)))
+                  '("caff" "caff" "caff" "gpgdir" "gpg-key2ps"
+                    "gpglist" "gpg-mailkeys" "gpgparticipants")
+                  '("caff" "pgp-clean" "pgp-fixkey" "gpgdir" "gpg-key2ps"
+                    "gpglist" "gpg-mailkeys" "gpgparticipants"))
+                 (for-each
+                  (lambda (dir file)
+                    (copy-file (string-append dir "/" file)
+                               (string-append out "/share/man/man1/" file)))
+                  '("caff" "caff" "caff" "gpgdir"
+                    "gpg-key2ps" "gpglist" "gpg-mailkeys"
+                    "gpgparticipants" "gpgsigs" "gpgwrap/doc"
+                    "keyanalyze" "keyanalyze/pgpring" "keyanalyze")
+                  '("caff.1" "pgp-clean.1" "pgp-fixkey.1" "gpgdir.1"
+                    "gpg-key2ps.1" "gpglist.1" "gpg-mailkeys.1"
+                    "gpgparticipants.1" "gpgsigs.1" "gpgwrap.1"
+                    "process_keys.1" "pgpring.1" "keyanalyze.1")))))
+           (add-after 'install 'wrap-programs
+             (lambda* (#:key outputs #:allow-other-keys)
+               (let* ((out (assoc-ref outputs "out")))
+                 (wrap-program
+                     (string-append out "/bin/caff")
+                   `("PERL5LIB" ":" prefix (,(getenv "PERL5LIB"))))))))))
+      (synopsis "Collection of scripts for simplifying gnupg key signing")
+      (description
+       "Signing-party is a collection for all kinds of PGP/GnuPG related things,
 including tools for signing keys, keyring analysis, and party preparation.
 @enumerate
 @item caff: CA - Fire and Forget signs and mails a key
@@ -701,11 +724,10 @@ including tools for signing keys, keyring analysis, and party preparation.
 @item sig2dot: converts a list of GnuPG signatures to a .dot file
 @item springgraph: creates a graph from a .dot file
 @end enumerate")
-   ;; gpl2+ for almost all programs, except for keyanalyze: gpl2
-   ;; and caff and gpgsigs: bsd-3, see
-   ;; http://packages.debian.org/changelogs/pool/main/s/signing-party/current/copyright
-   (license license:gpl2)
-   (home-page "https://pgp-tools.alioth.debian.org/")))
+      ;; gpl2+ for almost all programs, except for keyanalyze: gpl2
+      ;; and caff and gpgsigs: bsd-3, see
+      ;; http://packages.debian.org/changelogs/pool/main/s/signing-party/current/copyright
+      (license license:gpl2))))
 
 (define-public pinentry-tty
   (package