gnupg: Fix regression when using YubiKey devices

as smart cards.
author: Alexis Hildebrandt <afh@surryhill.net> 2022-08-20 10:28:03 +0200
committer: Alexis Hildebrandt <afh@surryhill.net> 2022-08-20 10:28:03 +0200
commit: f2805f293dd95bbc32bd49134263f52d8212508d (patch)
tree: d5a72facbecfc044aa5f05c8d7d04b5fc7ff61c1 /pkgs/tools/security/gnupg
parent: 1319727ba189afe8fc66e23afaf780d52b38a543 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/pkgs/tools/security/gnupg/23.nix b/pkgs/tools/security/gnupg/23.nix
index b93e533e6fd82..af28b4903df25 100644
--- a/pkgs/tools/security/gnupg/23.nix
+++ b/pkgs/tools/security/gnupg/23.nix
@@ -32,6 +32,14 @@ stdenv.mkDerivation rec {
 
     # Patch for DoS vuln from https://seclists.org/oss-sec/2022/q3/27
     ./v3-0001-Disallow-compressed-signatures-and-certificates.patch
+
+    # Fix regression when using YubiKey devices as smart cards.
+    # See https://dev.gnupg.org/T6070 for details.
+    # Committed upstream, remove this patch when updating to the next release.
+    (fetchpatch {
+      url = "https://dev.gnupg.org/rGf34b9147eb3070bce80d53febaa564164cd6c977?diff=1";
+      sha256 = "sha256-J/PLSz8yiEgtGv+r3BTGTHrikV70AbbHQPo9xbjaHFE=";
+    })
   ];
   postPatch = ''
     sed -i 's,\(hkps\|https\)://keyserver.ubuntu.com,hkps://keys.openpgp.org,g' configure configure.ac doc/dirmngr.texi doc/gnupg.info-1
author	Alexis Hildebrandt <afh@surryhill.net>	2022-08-20 10:28:03 +0200
committer	Alexis Hildebrandt <afh@surryhill.net>	2022-08-20 10:28:03 +0200
commit	f2805f293dd95bbc32bd49134263f52d8212508d (patch)
tree	d5a72facbecfc044aa5f05c8d7d04b5fc7ff61c1 /pkgs/tools/security/gnupg
parent	1319727ba189afe8fc66e23afaf780d52b38a543 (diff)