Commit graph

166 commits

Author SHA1 Message Date
Franz Pletz
3d832dee59 gnupg: disable gui/pinentry support by default
This solves the dependency cycle in gcr alternatively so there won't be
two gnupg store paths in a standard NixOS system which has udisks2 enabled
by default.

NixOS users are expected to use the gpg-agent user service to pull in the
appropriate pinentry flavour or install it on their systemPackages and set
it in their local gnupg agent config instead.

Co-authored-by: Florian Klink <flokli@flokli.de>
2019-10-16 20:31:16 -04:00
Nick Spinale
e39d627a12 gnupg: fix cross-compilation 2019-09-16 10:48:24 +00:00
volth
46420bbaa3 treewide: name -> pname (easy cases) (#66585)
treewide replacement of

stdenv.mkDerivation rec {
  name = "*-${version}";
  version = "*";

to pname
2019-08-15 13:41:18 +01:00
gcv
2a2fcbb274 gnupg: Allow GnuPG1 to build on all platforms. 2019-07-31 09:57:02 -07:00
Will Dietz
c793a1d422
gnupg: 2.2.16 -> 2.2.17
https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000439.html
2019-07-09 13:18:34 -05:00
Alyssa Ross
4cab72953c
gnupg: vendor SKS patch
This quickly became a 404 upstream.

Fixes https://github.com/NixOS/nixpkgs/64256.
2019-07-03 16:39:28 +00:00
Alyssa Ross
ba23c14b84
gnupg: apply default server CA verification patch
See discussion at
https://github.com/NixOS/nixpkgs/pull/63952#issuecomment-507048690.

Upstream commit:

commit 1c9cc97e9d47d73763810dcb4a36b6cdf31a2254
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Sun Jun 30 11:54:35 2019 -0400

    dirmngr: Only use SKS pool CA for SKS pool

    * dirmngr/http.c (http_session_new): when checking whether the
    keyserver is the HKPS pool, check specifically against the pool name,
    as ./configure might have been used to select a different default
    keyserver.  It makes no sense to apply Kristian's certificate
    authority to anything other than the literal host
    hkps.pool.sks-keyservers.net.

    Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
    GnuPG-Bug-Id: 4593
2019-06-30 19:06:17 +00:00
Alyssa Ross
c727083e65
gnupg: change default keyserver to non-SKS
See https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f.

The SKS network is vulnerable to certificate poisoning, which can
destroy GnuPG installations. keys.openpgp.org is a new non-SKS keyserver
that is resistant to this type of attack.

With such an attack being possible, it is unsafe to use SKS keyservers
for almost anything, and so we should protect our users from a now
unsafe default. keys.openpgp.org offers some (but not all) functionality
of SKS, and is better than nothing.

This default is only present in gnupg22. gnupg20 and gnupg1orig are not
affected.
2019-06-30 14:09:02 +00:00
Will Dietz
3f7657d7fb
gnupg: 2.2.15 -> 2.2.16
https://dev.gnupg.org/T4509
2019-05-28 21:06:20 -05:00
Peter Simons
806d022395
Merge pull request #58381 from dtzWill/update/gnupg-2.2.15
gnupg: 2.2.14 -> 2.2.15
2019-03-26 20:14:37 +01:00
Will Dietz
4f1d76275e gnupg: 2.2.14 -> 2.2.15
https://dev.gnupg.org/T4434
2019-03-26 11:09:54 -05:00
Peter Simons
98dcfed615
Merge pull request #57818 from illegalprime/fix/gnupg-cross
gnupg: use config flags to find lib prefix instead of their binary tools
2019-03-26 13:57:43 +01:00
Will Dietz
43ed5cb1df gnupg: 2.2.13 -> 2.2.14
https://lists.gnupg.org/pipermail/gnupg-announce/2019q1/000435.html
2019-03-19 07:34:02 -05:00
Michael Eden
268f15915b gnupg: use config flags to find lib prefix instead of their binary tools 2019-03-16 16:29:38 -04:00
Will Dietz
a3db3e5d12 gnupg: 2.2.12 -> 2.2.13
https://dev.gnupg.org/T4290
2019-02-12 12:55:11 -06:00
Jörg Thalheim
b5c1deca8a
treewide: remove wkennington as maintainer
He prefers to contribute to his own nixpkgs fork triton.
Since he is still marked as maintainer in many packages
this leaves the wrong impression he still maintains those.
2019-01-26 10:05:32 +00:00
Will Dietz
19f303a144 gnupg: 2.2.11 -> 2.2.12
https://dev.gnupg.org/T4289
2018-12-19 09:14:43 +01:00
Lancelot SIX
ace631b616
gnupg22: 2.2.10 -> 2.2.11
See http://lists.gnu.org/archive/html/info-gnu/2018-11/msg00003.html for
release information
2018-11-06 15:59:38 +01:00
Charles Duffy
1e23714296
gnupg1compat: reintroduce symlinks, only when actually needed 2018-10-06 14:38:36 -05:00
Charles Duffy
f7cd362ae4
gnupg20: set version variable to fix gnupg1compat
Presently, gnupg1compat only works with gnupg22. Without this change, the error

```
error: attribute 'version' missing, at .../nixpkgs/pkgs/tools/security/gnupg/1compat.nix:4:26
```

is emitted when evaluating

```
pkgs.gnupg1compat.override { gnupg = pkgs.gnupg20; }'
```
2018-10-06 12:21:05 -05:00
Lancelot SIX
e2d8e06a9f gnupg22: 2.2.9 -> 2.2.10 (#45809)
See https://lists.gnu.org/archive/html/info-gnu/2018-08/msg00010.html
for release information
2018-08-31 08:34:55 +02:00
Lancelot SIX
b9fbcfb487 gnupg: 2.2.8 -> 2.2.9 (#43431)
See https://lists.gnu.org/archive/html/info-gnu/2018-07/msg00003.html
for release information.
2018-08-02 21:39:13 +02:00
volth
52f53c69ce pkgs/*: remove unreferenced function arguments 2018-07-21 02:48:04 +00:00
Jan Tojnar
3784fd5e46
pcsclite: split package 2018-06-29 04:40:54 +02:00
R. RyanTM
f217f0b2ba gnupg1orig: 1.4.22 -> 1.4.23
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.

This update was made based on information from https://repology.org/metapackage/gnupg/versions.

These checks were done:

- built on NixOS
- /nix/store/bxq2w522d82qykwqi8wscm4v105zs2bq-gnupg-1.4.23/bin/gpgsplit passed the binary check.
- /nix/store/bxq2w522d82qykwqi8wscm4v105zs2bq-gnupg-1.4.23/bin/gpg passed the binary check.
- /nix/store/bxq2w522d82qykwqi8wscm4v105zs2bq-gnupg-1.4.23/bin/gpgv passed the binary check.
- /nix/store/bxq2w522d82qykwqi8wscm4v105zs2bq-gnupg-1.4.23/bin/gpg-zip passed the binary check.
- 4 of 4 passed binary check by having a zero exit code.
- 1 of 4 passed binary check by having the new version present in output.
- found 1.4.23 with grep in /nix/store/bxq2w522d82qykwqi8wscm4v105zs2bq-gnupg-1.4.23
- directory tree listing: https://gist.github.com/37dc2e87340f0983866c3c125172de27
- du listing: https://gist.github.com/4a84db46e37bd6d372fe020cc7826838
2018-06-14 07:35:51 -07:00
Andreas Rammhold
1abc0537b6
gnupg: 2.2.7 -> 2.2.8
This addresses CVE-2018-12020. The details can be retrived from the
changelog [1].

[1] https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000425.html
2018-06-10 21:30:52 +02:00
Lancelot SIX
130aee566d
gnupg: 2.2.6 -> 2.2.7
See http://lists.gnu.org/archive/html/info-gnu/2018-05/msg00004.html for
release informations.
2018-05-03 10:34:35 +02:00
Will Dietz
855e0463ab tree-wide: platforms = platforms.gnu; -> platforms = gnu ++ linux
"platforms.gnu" has been linux-only since at least 17.03:

$ nix eval -f channel:nixos-17.03 lib.platforms.gnu
[ "i686-linux" "x86_64-linux" "armv5tel-linux" "armv6l-linux" "armv7l-linux" "aarch64-linux" "mips64el-linux" ]

Unlike platforms.linux, platforms.gnu indicates "must use glibc"
which for the most part is not intended.

Replacing platforms.gnu with platforms.linux would be the same "today"
but let's err on preserving existing behavior and be optimistic
about platforms these packages work on.
2018-04-30 18:08:48 -05:00
Lancelot SIX
ecc5a2bc15
gnupg: 2.2.5 -> 2.2.6
See http://lists.gnu.org/archive/html/info-gnu/2018-04/msg00005.html for
release information
2018-04-16 12:17:24 +02:00
Matthew Bauer
ed2a9cf65f treewide: remove libintl hacks 2018-03-22 16:50:11 -05:00
Lancelot SIX
0b455cec93 gnupg: 2.2.4 -> 2.2.5
See http://lists.gnu.org/archive/html/info-gnu/2018-02/msg00005.html
for release information
2018-03-05 15:12:52 +01:00
Franz Pletz
aba04db683
gnupg1orig: 1.4.21 -> 1.4.22 2018-01-28 18:52:29 +01:00
Lancelot SIX
2beb8389df
gnupg: 2.2.3 -> 2.2.4
See http://lists.gnu.org/archive/html/info-gnu/2017-12/msg00013.html
for release information
2017-12-21 11:57:54 +01:00
Lancelot SIX
5f5d8e67a7
gnupg: 2.2.2 -> 2.2.3
This is a maintenance release.
See http://lists.gnu.org/archive/html/info-gnu/2017-11/msg00008.html
for release information
2017-11-21 17:58:29 +01:00
Lancelot SIX
44b319156f gnupg: 2.2.1 -> 2.2.2
This is a maintenance release.
See http://lists.gnu.org/archive/html/info-gnu/2017-11/msg00001.html
for release information
2017-11-15 10:42:11 -05:00
John Ericson
f037625f87 Merge remote-tracking branch 'upstream/staging' into deps-reorg 2017-09-28 12:32:57 -04:00
John Ericson
ed14223f8c treewide: Manual fix more pkg-config build-inputs 2017-09-21 15:49:54 -04:00
Lancelot SIX
4935d5f376 gnupg: 2.2.0 -> 2.2.1
See http://lists.gnu.org/archive/html/info-gnu/2017-09/msg00010.html
for release information
2017-09-20 10:01:28 +02:00
Rob Vermaas
5dcf5d6d05
gnupg: add gnupg2 alias/symlink for 2.2. Otherwise signing commits with git break.
(cherry picked from commit c651a0ccbf5b17739390b56f91b656a7b920f643)
2017-09-10 09:15:59 +00:00
Lancelot SIX
1e5b5bd719
gnupg: 2.1.23 -> 2.2.0
See http://lists.gnu.org/archive/html/info-gnu/2017-08/msg00012.html
for release information
2017-08-30 09:15:02 +02:00
Lancelot SIX
e34ce9d1c5 gnupg: 2.1.22 -> 2.1.23
This release in a RC for gnupg-2.2. The main difference as far as
nixpkgs is concerned is that the binary `gpg2` is now called `gpg` and
`gpgv2` is called `gpgv`.

This update fixed all explicit use of `gpg2` and `gpgv2` across nixpkgs,
but there might be some packaged software that internally use `gpg2`
not handeled by this commit.

See http://lists.gnu.org/archive/html/info-gnu/2017-08/msg00001.html
for full release information
2017-08-11 19:24:06 +02:00
Silvan Mosberger
f5fa5fa4d6 pkgs: refactor needless quoting of homepage meta attribute (#27809)
* pkgs: refactor needless quoting of homepage meta attribute

A lot of packages are needlessly quoting the homepage meta attribute
(about 1400, 22%), this commit refactors all of those instances.

* pkgs: Fixing some links that were wrongfully unquoted in the previous
commit

* Fixed some instances
2017-08-01 22:03:30 +02:00
Martin Wohlert
c40ac69ec3 gnupg: 2.1.21 -> 2.1.22
https://lists.gnupg.org/pipermail/gnupg-announce/2017q3/000411.html
2017-07-31 11:44:18 +02:00
Martin Wohlert
b15baed9e7 gnupg: 2.1.20 -> 2.1.21 2017-05-19 19:38:33 +02:00
Lancelot SIX
637770f699 gnupg21: 2.1.19 -> 2.1.20
See http://lists.gnu.org/archive/html/info-gnu/2017-04/msg00002.html
for release information
2017-04-05 15:24:05 +02:00
Eelco Dolstra
e410c78cd5
gnupg: Give the 1compat package a higher priority
This resolves collision warnings with the regular gnupg packages.
2017-04-04 16:40:06 +02:00
Michael Weiss
c9ecc70880 gnupg*: Improve the meta set
And use version from gnupg21 for gnupg1compat.
2017-03-28 22:19:12 +02:00
Vladimír Čunát
96d41e393d
treewide: purge maintainers.urkud
It's sad, but he's been inactive for the last five years.
Keeping such people in meta.maintainers is counter-productive.
2017-03-27 19:52:29 +02:00
Lancelot SIX
ade2357c65
gnupg21: 2.1.18 -> 2.1.19
See http://lists.gnu.org/archive/html/info-gnu/2017-03/msg00000.html
for release information
2017-03-02 10:10:02 +01:00
Daniel Fullmer
a8c738713b gnupg21: Fix scdaemon for usb smartcards (#22891)
The use of smartcard functionality for yubikeys (and presumably other
usb smartcards) was broken in gnupg 2.1.18.  This has apparently already
been fixed in gnupg master, and debian backports the included patches
for 2.1.18.

See also:
https://bugs.gnupg.org/gnupg/issue2933
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852702
https://github.com/NixOS/nixpkgs/pull/21991
2017-02-20 04:30:01 +01:00