Age | Commit message (Collapse) | Author | Files | Lines |
|
Since version 2.3, GnuPG no longer falls back to other access methods if
its built-in CCID driver fails to access smartcards, including yubikeys.
The built-in CCID driver fails on macOS.
The upstream developers recommend disabling CCID support in this case:
If it works and the distribution doesn't offer appropriate USB
configuration, I think that it's good for the distribution to use
--disable-ccid-driver for building GnuPG.
Cite: https://dev.gnupg.org/T5415
See also: https://dev.gnupg.org/T5409
Fixes #155629
|
|
Builds without tpm2-tss no longer seem to work after #183753. This PR fixes
that.
|
|
pcsclite pulls in a lot of dependencies, including spidermonkey, which is
nearly or completely impossible to build on 32-bit architectures. PC/SC support
is not commonly used, so provide a flag to allow users to disable it and
significantly reduce the closure size.
|
|
as smart cards.
|
|
|
|
|
|
- Release announcement: https://dev.gnupg.org/T5947
- Removed CVE-2022-34903 patch which is included in 2.3.7
|
|
https://seclists.org/oss-sec/2022/q3/9
https://seclists.org/oss-sec/2022/q3/27
|
|
https://www.openwall.com/lists/oss-security/2022/06/30/1
https://dev.gnupg.org/T6027
|
|
|
|
Workaround build failure on -fno-common toolchains like upstream
gcc-10. Otherwise build fails as:
ld: ../util/libutil.a(estream-printf.o):/build/gnupg-1.4.23/util/../include/memory.h:100: multiple definition of
`memory_debug_mode'; gpgsplit.o:/build/gnupg-1.4.23/tools/../include/memory.h:100: first defined here
|
|
|
|
|
|
|
|
Fixed in 2.3.4
|
|
|
|
|
|
|
|
gnupg: 2.2.27 -> 2.3.3
|
|
|
|
|
|
|
|
|
|
I'd like to reduce the number of Github notifications and
review requests I receive.
|
|
Matches pname and upstream project name
|
|
Emacs + nix-mode highlights this file just fine without this comment
for me, so I assume the problem in nix-mode has been fixed in the five
years since this comment was added.
|
|
|
|
|
|
Announcement: https://lists.gnupg.org/pipermail/gnupg-announce/2021q1/000452.html
Luckily this fixes a regression from GnuPG 2.2.26 that broke the build
of libsForQt5.qgpgme (a test failed). Fix #109009.
|
|
Part of: https://github.com/NixOS/nixpkgs/issues/108938
meta = with stdenv.lib;
is a widely used pattern. We want to slowly remove
the `stdenv.lib` indirection and encourage people
to use `lib` directly. Thus let’s start with the meta
field.
This used a rewriting script to mostly automatically
replace all occurances of this pattern, and add the
`lib` argument to the package header if it doesn’t
exist yet.
The script in its current form is available at
https://cs.tvl.fyi/depot@2f807d7f141068d2d60676a89213eaa5353ca6e0/-/blob/users/Profpatsch/nixpkgs-rewriter/default.nix
|
|
|
|
|
|
|
|
gnupg: put libexec tools (eg. gpg-preset-passphrase) in PATH
|
|
|
|
|
|
|
|
Fix reproducibility by fixing SOURCE_DATE_EPOCH usage
|
|
has been EOL since 2017-12-31
|
|
|
|
* gnupg: use libusb1
This fixes scdaemon's direct ccid support.
* systemd: fix gnupg-minimal
|
|
|
|
See https://lists.gnu.org/archive/html/info-gnu/2020-03/msg00008.html
for release information.
|
|
This adds a patch series which allows GnuPG to import updates
(revocations and subkeys) from certificates that contain no user ids.
This is relevant for refreshing keys from the default keyserver
keys.openpgp.org, where only user ids that contain verified email
addresses will be distributed, and revoked keys never contain any user
ids.
This patch series was originally authored and submitted to upstream half
a year ago (by me), but now comes from Debian packaging where it's been
included since then.
Relates to the following upstream issue: https://dev.gnupg.org/T4393
|
|
See https://lists.gnu.org/archive/html/info-gnu/2019-12/msg00001.html
for release information.
|
|
See https://lists.gnu.org/archive/html/info-gnu/2019-11/msg00010.html
for release information
|
|
Basically a flavour of gnugpg, which solely containts `bin/gnupg`.
|
|
This solves the dependency cycle in gcr alternatively so there won't be
two gnupg store paths in a standard NixOS system which has udisks2 enabled
by default.
NixOS users are expected to use the gpg-agent user service to pull in the
appropriate pinentry flavour or install it on their systemPackages and set
it in their local gnupg agent config instead.
Co-authored-by: Florian Klink <flokli@flokli.de>
|
|
|
|
treewide replacement of
stdenv.mkDerivation rec {
name = "*-${version}";
version = "*";
to pname
|