#
# Conditional build:
-%bcond_without pth # without pth-based based version of gnupg
-%bcond_without tests # testsuite on build
+%bcond_without tests # testsuite on build
+%bcond_without dirmngr # dirmngr packages build
+%bcond_without default_gpg # install as gpg/gpgv instead of gpg2/gpgv2
+%bcond_with gnutls # GnuTLS instead of NTBTLS
+%bcond_with selinux # "SELinux hacks"
#
Summary: GNU Privacy Guard - tool for secure communication and data storage - enhanced version
Summary(pl.UTF-8): GnuPG - narzędzie do bezpiecznej komunikacji i bezpiecznego przechowywania danych - wersja rozszerzona
Name: gnupg2
-Version: 2.0.16
-Release: 1.1
+Version: 2.2.10
+Release: 1
License: GPL v3+
Group: Applications/File
Source0: ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.bz2
-# Source0-md5: 88a4d46deca63d2eca29b2b611304afb
+# Source0-md5: 3ae8bd6246367602e72571f7a6588bcd
Source1: gnupg-agent.sh
Patch0: %{name}-info.patch
-Patch1: %{name}-pth.patch
-# send it upstream after updating!
-Patch2: %{name}-pl.po-update.patch
-Patch3: %{name}-disable_tests.patch
-Patch4: CVE-2010-2547.patch
+Patch1: %{name}-nogit.patch
+Patch2: %{name}-disable_tests.patch
+Patch3: %{name}-pl.po-update.patch
+# Patch3-md5: e7c132eb8e8228ee301bf46af839dfbd
URL: http://www.gnupg.org/
-BuildRequires: adns-devel
BuildRequires: autoconf >= 2.61
-BuildRequires: automake >= 1:1.10
+BuildRequires: automake >= 1:1.14
BuildRequires: bzip2-devel
BuildRequires: curl-devel >= 7.10
-BuildRequires: gettext-devel >= 0.17
-BuildRequires: libassuan-devel >= 1:2.0.0
-BuildRequires: libgcrypt-devel >= 1.4.0
-BuildRequires: libgpg-error-devel >= 1.7
-BuildRequires: libksba-devel >= 1.0.7
-BuildRequires: libusb-compat-devel
-BuildRequires: openldap-devel
-BuildRequires: pcsc-lite-devel
-%{?with_pth:BuildRequires: pth-devel >= 2.0.0}
+BuildRequires: gettext-tools >= 0.17
+%{?with_gnutls:BuildRequires: gnutls-devel >= 3.0}
+BuildRequires: libassuan-devel >= 1:2.5.0
+BuildRequires: libgcrypt-devel >= 1.7.0
+BuildRequires: libgpg-error-devel >= 1.24
+BuildRequires: libksba-devel >= 1.3.4
+BuildRequires: libusb-devel >= 1.0
+BuildRequires: npth-devel >= 1.2
+%{!?with_gnutls:BuildRequires: ntbtls-devel >= 0.1.0}
+%{?with_dirmngr:BuildRequires: openldap-devel >= 2.4.6}
+BuildRequires: pkgconfig
+BuildRequires: readline-devel
BuildRequires: rpmbuild(macros) >= 1.177
+BuildRequires: sqlite3-devel >= 3.7
BuildRequires: texinfo
BuildRequires: zlib-devel
-Suggests: gnupg-agent
Requires: gnupg2-common = %{version}-%{release}
+Requires: sqlite3 >= 3.7
+%if %{with default_gpg}
+Obsoletes: gnupg < 2
+Obsoletes: gnupg-plugin-keys_curl < 2
+Obsoletes: gnupg-plugin-keys_hkp < 2
+Provides: gnupg = %{version}-%{release}
+%endif
+Suggests: gnupg-agent
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
-%define _libexecdir %{_libdir}/gnupg2
+%define pkglibexecdir %{_libexecdir}/gnupg2
%description
GnuPG is GNU's tool for secure communication and data storage. It can
Summary: GnuPG - common files
Summary(pl.UTF-8): GnuPG - pliki wspólne
Group: Applications/File
-Requires: libassuan >= 1:2.0.0
-Requires: libgcrypt >= 1.4.0
-Requires: libgpg-error >= 1.7
-Requires: libksba >= 1.0.7
+Requires: libassuan >= 1:2.5.0
+Requires: libgcrypt >= 1.7.0
+Requires: libgpg-error >= 1.24
+Requires: libksba >= 1.3.4
+Requires: npth >= 1.2
+Obsoletes: gnupg2-plugin-keys_curl
+Obsoletes: gnupg2-plugin-keys_finger
+Obsoletes: gnupg2-plugin-keys_hkp
+Obsoletes: gnupg2-plugin-keys_kdns
+Obsoletes: gnupg2-plugin-keys_ldap
+Conflicts: gnupg < 1.4.18-2
Conflicts: gnupg-agent < 1.9.14-2
%description common
%description common -l pl.UTF-8
Pliki wspólne używane przez różne narzędzia z projektu GnuPG.
-%package plugin-keys_curl
-Summary: GnuPG 2 plugin for allow talk to a HTTP/FTP keyserver
-Summary(pl.UTF-8): Wtyczka GnuPG 2 pozwalająca komunikować się z serwerem kluczy HTTP/FTP
-Group: Applications/File
-Requires: %{name}-common = %{version}-%{release}
-Requires: curl-libs >= 7.10
-
-%description plugin-keys_curl
-GnuPG 2 plugin for allow talk to a HTTP(S)/FTP(S) keyserver.
-
-%description plugin-keys_curl -l pl.UTF-8
-Wtyczka GnuPG 2 pozwalająca komunikować się z serwerem kluczy
-HTTP(S)/FTP(S).
-
-%package plugin-keys_finger
-Summary: GnuPG 2 plugin for allow talk to a FINGER keyserver
-Summary(pl.UTF-8): Wtyczka GnuPG 2 pozwalająca komunikować się z serwerem kluczy FINGER
-Group: Applications/File
-Requires: %{name}-common = %{version}-%{release}
-
-%description plugin-keys_finger
-GnuPG 2 plugin for allow talk to a FINGER keyserver.
-
-%description plugin-keys_finger -l pl.UTF-8
-Wtyczka 2 GnuPG pozwalająca komunikować się z serwerem kluczy FINGER.
-
-%package plugin-keys_hkp
-Summary: GnuPG 2 plugin for allow talk to a HKP keyserver
-Summary(pl.UTF-8): Wtyczka GnuPG 2 pozwalająca komunikować się z serwerem kluczy HKP
-Group: Applications/File
-Requires: %{name}-common = %{version}-%{release}
-
-%description plugin-keys_hkp
-GnuPG 2 plugin for allow talk to a HKP keyserver.
-
-%description plugin-keys_hkp -l pl.UTF-8
-Wtyczka GnuPG 2 pozwalająca komunikować się z serwerem kluczy HKP.
-
-%package plugin-keys_kdns
-Summary: GnuPG 2 plugin for allow talk to a KDNS keyserver
-Summary(pl.UTF-8): Wtyczka GnuPG 2 pozwalająca komunikować się z serwerem kluczy KDNS
-Group: Applications/File
-Requires: %{name}-common = %{version}-%{release}
-
-%description plugin-keys_kdns
-GnuPG 2 plugin for allow talk to a KDNS keyserver.
-
-%description plugin-keys_kdns -l pl.UTF-8
-Wtyczka GnuPG 2 pozwalająca komunikować się z serwerem kluczy KDNS.
-
-%package plugin-keys_ldap
-Summary: GnuPG 2 plugin for allow talk to a LDAP keyserver
-Summary(pl.UTF-8): Wtyczka GnuPG 2 pozwalająca komunikować się z serwerem kluczy LDAP
-Group: Applications/File
-Requires: %{name}-common = %{version}-%{release}
-
-%description plugin-keys_ldap
-GnuPG 2 plugin for allow talk to a LDAP keyserver.
-
-%description plugin-keys_ldap -l pl.UTF-8
-Wtyczka GnuPG 2 pozwalająca komunikować się z serwerem kluczy LDAP.
-
%package -n gnupg-agent
Summary: GnuPG extension - agent
Summary(pl.UTF-8): Rozszerzenie GnuPG - agent
%description -n gnupg-smime -l pl.UTF-8
Rozszerzenie GnuPG - obsługa S/MIME.
+%package -n dirmngr
+Summary: X509/LDAP certificate and revocation list client
+Summary(pl.UTF-8): Klient certyfikatów i list anulujących X509/LDAP
+Group: Applications
+Requires: %{name}-common = %{version}-%{release}
+
+%description -n dirmngr
+DirMngr is a client for managing and downloading certificate
+revocation lists (CRLs) for X509 certificates and for downloading the
+certificates themselves. DirMngr is usually invoked by gpgsm and in
+general not used directly.
+
+%description -n dirmngr -l pl.UTF-8
+DirMngr to klient do zarządzania i pobierania list anulujących
+certyfikaty (CRLs - certificate revocation lists) dla certyfikatów
+X509 oraz do pobierania samych certyfikatów. DirMngr jest zwykle
+wywoływany przez gpgsm i nie używany bezpośrednio.
+
%prep
%setup -q -n gnupg-%{version}
%patch0 -p1
%patch1 -p1
-%patch2 -p1
-%{!?with_tests:%patch3 -p1}
-%patch4 -p1
+%{!?with_tests:%patch2 -p1}
+%patch3 -p1
-rm -f po/stamp-po
+%{__rm} po/stamp-po
%build
%{__gettextize}
-%{__aclocal} -I m4 -I gl/m4
+%{__aclocal} -I m4
%{__autoconf}
%{__autoheader}
%{__automake}
+if (grep -q ^development_version=yes configure); then
+ echo "configure incorrectly rebuild with messed up development status and likely version and revision." >&2
+ echo "Consider fixing nogit.patch" >&2
+ exit 1
+fi
+
%configure \
- %{!?with_pth:--disable-threads} \
- --enable-gpg \
+ --libexecdir=%{pkglibexecdir} \
+ %{!?with_dirmngr:--disable-dirmngr} \
+ --enable-g13 \
+ %{!?with_default_gpg:--enable-gpg-is-gpg2} \
+ %{?with_gnutls:--disable-ntbtls} \
+ %{?with_selinux:--enable-selinux-support} \
--enable-symcryptrun \
+ --enable-wks-tools \
--with-capabilities \
--with-pinentry-pgm=%{_bindir}/pinentry \
--with-mailprog=/usr/lib/sendmail
+# required for info rebuild
+%{__make} -C doc defs.inc
+
%{__make}
%install
install -D %{SOURCE1} $RPM_BUILD_ROOT/etc/profile.d/gnupg-agent.sh
install -D %{SOURCE1} $RPM_BUILD_ROOT/etc/X11/xinit/xinitrc.d/gnupg-agent.sh
-mv ChangeLog main-ChangeLog || :
-find -name ChangeLog | awk '{src=$0; dst=$0;sub("^./","",dst);gsub("/","-",dst); print "cp " src " " dst}' | sh
+%if %{without dirmngr}
+%{__rm} $RPM_BUILD_ROOT%{_mandir}/{man1/dirmngr-client.1,man8/dirmngr.8}
+%endif
+
+%{__rm} -f $RPM_BUILD_ROOT%{_datadir}/info/dir
+
+# files useful for users packaged as %doc
+%{__rm} -r $RPM_BUILD_ROOT%{_docdir}/gnupg
%find_lang gnupg2
-rm -f $RPM_BUILD_ROOT%{_datadir}/info/dir
%clean
rm -rf $RPM_BUILD_ROOT
-%post -p /sbin/postshell
+%post common -p /sbin/postshell
-/usr/sbin/fix-info-dir -c %{_infodir}
-%postun -p /sbin/postshell
+%postun common -p /sbin/postshell
-/usr/sbin/fix-info-dir -c %{_infodir}
%triggerpostun -n gnupg-agent -- gnupg-agent < 1.9.16-2
%files
%defattr(644,root,root,755)
-%doc g10-ChangeLog g10/options.skel
+%if %{with default_gpg}
+%attr(755,root,root) %{_bindir}/gpg
+%attr(755,root,root) %{_bindir}/gpgv
+%{_mandir}/man1/gpg.1*
+%{_mandir}/man1/gpgv.1*
+%else
%attr(755,root,root) %{_bindir}/gpg2
%attr(755,root,root) %{_bindir}/gpgv2
%{_mandir}/man1/gpg2.1*
%{_mandir}/man1/gpgv2.1*
+%endif
%files common -f gnupg2.lang
%defattr(644,root,root,755)
-%doc AUTHORS main-ChangeLog NEWS README THANKS TODO
-%doc jnlib-ChangeLog m4-ChangeLog po-ChangeLog scripts-ChangeLog common-ChangeLog kbx-ChangeLog tools-ChangeLog doc-ChangeLog
+%doc AUTHORS ChangeLog ChangeLog-2011 NEWS README THANKS TODO doc/{DETAILS,FAQ,KEYSERVER,OpenPGP} doc/examples
+%attr(755,root,root) %{_bindir}/g13
%attr(755,root,root) %{_bindir}/gpg-connect-agent
%attr(755,root,root) %{_bindir}/gpgconf
-%attr(755,root,root) %{_bindir}/gpgkey2ssh
%attr(755,root,root) %{_bindir}/gpgparsemail
+%attr(755,root,root) %{_bindir}/gpgscm
+%attr(755,root,root) %{_bindir}/gpgtar
%attr(755,root,root) %{_bindir}/kbxutil
%attr(755,root,root) %{_bindir}/watchgnupg
%attr(755,root,root) %{_sbindir}/addgnupghome
%attr(755,root,root) %{_sbindir}/applygnupgdefaults
-%dir %{_libexecdir}
+%attr(755,root,root) %{_sbindir}/g13-syshelp
+%dir %{pkglibexecdir}
+
%{_datadir}/gnupg
%{_mandir}/man1/gpg-connect-agent.1*
%{_mandir}/man1/gpgconf.1*
%{_mandir}/man1/gpgparsemail.1*
+%{_mandir}/man1/gpgtar.1*
%{_mandir}/man1/watchgnupg.1*
+%{_mandir}/man7/gnupg.7*
%{_mandir}/man8/addgnupghome.8*
%{_mandir}/man8/applygnupgdefaults.8*
%{_infodir}/gnupg.info*
-%files plugin-keys_curl
-%defattr(644,root,root,755)
-%attr(755,root,root) %{_libexecdir}/gpg2keys_curl
-
-%files plugin-keys_finger
-%defattr(644,root,root,755)
-%attr(755,root,root) %{_libexecdir}/gpg2keys_finger
-
-%files plugin-keys_hkp
-%defattr(644,root,root,755)
-%attr(755,root,root) %{_libexecdir}/gpg2keys_hkp
-
-%files plugin-keys_kdns
-%defattr(644,root,root,755)
-%attr(755,root,root) %{_libexecdir}/gpg2keys_kdns
-
-%files plugin-keys_ldap
-%defattr(644,root,root,755)
-%attr(755,root,root) %{_libexecdir}/gpg2keys_ldap
-
%files -n gnupg-smime
%defattr(644,root,root,755)
-%doc sm-ChangeLog
%attr(755,root,root) %{_bindir}/gpgsm
-%attr(755,root,root) %{_bindir}/gpgsm-gencert.sh
%{_mandir}/man1/gpgsm.1*
-%{_mandir}/man1/gpgsm-gencert.sh.1*
%files -n gnupg-agent
%defattr(644,root,root,755)
-%doc agent-ChangeLog scd-ChangeLog
%attr(755,root,root) %{_bindir}/gpg-agent
-%attr(755,root,root) %{_bindir}/scdaemon
+%attr(755,root,root) %{_bindir}/gpg-wks-server
%attr(755,root,root) %{_bindir}/symcryptrun
-%attr(755,root,root) %{_libexecdir}/gnupg-pcsc-wrapper
-%attr(755,root,root) %{_libexecdir}/gpg-check-pattern
-%attr(755,root,root) %{_libexecdir}/gpg-protect-tool
-%attr(755,root,root) %{_libexecdir}/gpg-preset-passphrase
+%attr(755,root,root) %{pkglibexecdir}/gpg-check-pattern
+%attr(755,root,root) %{pkglibexecdir}/gpg-protect-tool
+%attr(755,root,root) %{pkglibexecdir}/gpg-preset-passphrase
+%attr(755,root,root) %{pkglibexecdir}/gpg-wks-client
+%attr(755,root,root) %{pkglibexecdir}/scdaemon
%{_mandir}/man1/gpg-agent.1*
%{_mandir}/man1/gpg-preset-passphrase.1*
+%{_mandir}/man1/gpg-wks-client.1*
+%{_mandir}/man1/gpg-wks-server.1*
%{_mandir}/man1/scdaemon.1*
%{_mandir}/man1/symcryptrun.1*
%files -n gnupg-agent-xinitrc
%defattr(644,root,root,755)
%attr(755,root,root) /etc/X11/xinit/xinitrc.d/gnupg-agent.sh
+
+%if %{with dirmngr}
+%files -n dirmngr
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_bindir}/dirmngr
+%attr(755,root,root) %{_bindir}/dirmngr-client
+%attr(755,root,root) %{pkglibexecdir}/dirmngr_ldap
+%{_mandir}/man1/dirmngr-client.1*
+%{_mandir}/man8/dirmngr.8*
+%endif