From a12f7eafa84c6cb0cf6d643c55ef027f33b8147e Mon Sep 17 00:00:00 2001
From: Kristian Fiskerstrand <k_f@gentoo.org>
Date: Fri, 11 Aug 2017 18:15:46 +0200
Subject: app-crypt/gnupg: New upstream version 2.1.23

Reverting to default of no --auto-key-retrieve as this has information
leak potential that should not be enabled in default configuration. The
change is also reverted upstream

Package-Manager: Portage-2.3.6, Repoman-2.3.1
---
 app-crypt/gnupg/Manifest                           |   1 +
 ....1.23-gpg-default-to-no-auto-key-retrieve.patch |  71 ++++++++++++
 app-crypt/gnupg/gnupg-2.1.23.ebuild                | 124 +++++++++++++++++++++
 3 files changed, 196 insertions(+)
 create mode 100644 app-crypt/gnupg/files/gnupg-2.1.23-gpg-default-to-no-auto-key-retrieve.patch
 create mode 100644 app-crypt/gnupg/gnupg-2.1.23.ebuild

diff --git a/app-crypt/gnupg/Manifest b/app-crypt/gnupg/Manifest
index 77cdbd2968f4..07c1872aeaf2 100644
--- a/app-crypt/gnupg/Manifest
+++ b/app-crypt/gnupg/Manifest
@@ -2,3 +2,4 @@ DIST gnupg-1.4.21.tar.bz2 3689305 SHA256 6b47a3100c857dcab3c60e6152e56a997f2c786
 DIST gnupg-2.1.15.tar.bz2 5723689 SHA256 c28c1a208f1b8ad63bdb6b88d252f6734ff4d33de6b54e38494b11d49e00ffdd SHA512 69c943e853e1a37e8b17b3bc34e1503f14bc8f189fa9f3ac6644bcc98ccce6eaef64da20ff9dd1c8de3a7789ea577167984ccf3ac286cac50752e6f7c2f42ab1 WHIRLPOOL 4c5a8cd4e8b7196f4a355ce7739cf6e23c43817414e10bbba219117e4e51c4c618ffb5dbce27cb836a2171eda58e003d5ddf78d4af09a813c2a1729963413151
 DIST gnupg-2.1.20.tar.bz2 6456128 SHA256 24cf9a69369be64a9f6f8cc11a1be33ab7780ad77a6a1b93719438f49f69960d SHA512 14a9890bc64e143f87cff121dd298d490d78dbd34e36883e0f25763ff9064e5706a7632893d7c5d0e8e9b8cf9cdb0d378b4ce1715348729f0fc080455b61eca9 WHIRLPOOL fa6cbd66031cac41db308b10bebec87e37a19d3c63219d22fb874d7d016bcad057b93eeece7a64001718ee1f881199e3d3eebc8ef6625691f553b0d2dbc92624
 DIST gnupg-2.1.22.tar.bz2 6530433 SHA256 46716faf9e1b92cfca86609f3bfffbf5bb4b6804df90dc853ff7061cfcfb4ad7 SHA512 d2ccbf32716a701df9e4ad5c19b682daf1a02b0bf8a1751a32af6db0c9284a4ee7df91310bed1a2087911a9964cb7b7f2ca9dad32a880ed1e1465d8048605e16 WHIRLPOOL 3a87914898e2f164f7effa67e0e8f5ccb48aed0e9e4d65559d73783478ee509f7876ef7ef77ec9c43de2611a8a2ecdcbfbd443ab5de119203b20e316473e4e75
+DIST gnupg-2.1.23.tar.bz2 6526734 SHA256 a94476391595e9351f219188767a9d6ea128e83be5ed3226a7890f49aa2d0d77 SHA512 8b8be0784129f5aa0ccde32a413a68c36e0e4131abe70c3eb186958c60f3df1023deb2db2db84d63ad30a3408a75c7622b430aff1a524ff28a24be511c952412 WHIRLPOOL deb4e933108e0a77b941ed95732eab2ee77af175bd776f3f5dbd25bb38b37dcdf09ae8eee7cd39a09883c3757b81688e48b5a07d6f43419a4453d4ba38541c14
diff --git a/app-crypt/gnupg/files/gnupg-2.1.23-gpg-default-to-no-auto-key-retrieve.patch b/app-crypt/gnupg/files/gnupg-2.1.23-gpg-default-to-no-auto-key-retrieve.patch
new file mode 100644
index 000000000000..4cc414d18e31
--- /dev/null
+++ b/app-crypt/gnupg/files/gnupg-2.1.23-gpg-default-to-no-auto-key-retrieve.patch
@@ -0,0 +1,71 @@
+From e6f84116abca2ed49bf14b2e28c3c811a3717227 Mon Sep 17 00:00:00 2001
+From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+Date: Fri, 11 Aug 2017 02:26:52 -0400
+Subject: [PATCH] gpg: default to --no-auto-key-retrieve.
+
+* g10/gpg.c (main): remove KEYSERVER_AUTO_KEY_RETRIEVE from the
+default keyserver options.
+* doc/gpg.texi: document this change.
+--
+
+This is a partial reversion of
+7e1fe791d188b078398bf83c9af992cb1bd2a4b3.  Werner and i discussed it
+earlier today, and came to the conclusion that:
+
+ * the risk of metadata leakage represented by a default
+   --auto-key-retrieve, both in e-mail (as a "web bug") and in other
+   contexts where GnuPG is used to verified signatures, is quite high.
+
+ * the advantages of --auto-key-retrieve (in terms of signature
+   verification) can sometimes be achieved in other ways, such as when
+   a signed message includes a copy of its own key.
+
+ * when those other ways are not useful, a graphical, user-facing
+   application can still offer the user the opportunity to choose to
+   fetch the key; or it can apply its own policy about when to set
+   --auto-key-retrieve, without needing to affect the defaults.
+
+Note that --auto-key-retrieve is specifically about signature
+verification.  Decisions about how and whether to look up a key during
+message encryption are governed by --auto-key-locate.  This change
+does not touch the --auto-key-locate default of "local,wkd".  The user
+deliberately asking gpg to encrypt to an e-mail address is a different
+scenario than having an incoming e-mail trigger a potentially unique
+network request.
+
+Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+---
+ doc/gpg.texi | 2 +-
+ g10/gpg.c    | 3 +--
+ 2 files changed, 2 insertions(+), 3 deletions(-)
+
+diff --git a/doc/gpg.texi b/doc/gpg.texi
+index c71126a97..b6a9b2d70 100644
+--- a/doc/gpg.texi
++++ b/doc/gpg.texi
+@@ -1792,7 +1792,7 @@ list.  The default is "local,wkd".
+ @opindex no-auto-key-retrieve
+ These options enable or disable the automatic retrieving of keys from
+ a keyserver when verifying signatures made by keys that are not on the
+-local keyring.  The default is @option{--auto-key-retrieve}.
++local keyring.  The default is @option{--no-auto-key-retrieve}.
+ 
+ If the method "wkd" is included in the list of methods given to
+ @option{auto-key-locate}, the signer's user ID is part of the
+diff --git a/g10/gpg.c b/g10/gpg.c
+index c721cdc4a..c9fa7ae5b 100644
+--- a/g10/gpg.c
++++ b/g10/gpg.c
+@@ -2366,8 +2366,7 @@ main (int argc, char **argv)
+     opt.keyserver_options.import_options = (IMPORT_REPAIR_KEYS
+ 					    | IMPORT_REPAIR_PKS_SUBKEY_BUG);
+     opt.keyserver_options.export_options = EXPORT_ATTRIBUTES;
+-    opt.keyserver_options.options = (KEYSERVER_HONOR_PKA_RECORD
+-                                     | KEYSERVER_AUTO_KEY_RETRIEVE);
++    opt.keyserver_options.options = KEYSERVER_HONOR_PKA_RECORD;
+     opt.verify_options = (LIST_SHOW_UID_VALIDITY
+                           | VERIFY_SHOW_POLICY_URLS
+                           | VERIFY_SHOW_STD_NOTATIONS
+-- 
+2.13.0
+
diff --git a/app-crypt/gnupg/gnupg-2.1.23.ebuild b/app-crypt/gnupg/gnupg-2.1.23.ebuild
new file mode 100644
index 000000000000..9564b859cdf2
--- /dev/null
+++ b/app-crypt/gnupg/gnupg-2.1.23.ebuild
@@ -0,0 +1,124 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+
+inherit systemd toolchain-funcs
+
+MY_P="${P/_/-}"
+
+DESCRIPTION="The GNU Privacy Guard, a GPL OpenPGP implementation"
+HOMEPAGE="http://www.gnupg.org/"
+SRC_URI="mirror://gnupg/gnupg/${MY_P}.tar.bz2"
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+IUSE="bzip2 doc +gnutls ldap nls readline selinux +smartcard tofu tools usb wks-server"
+
+COMMON_DEPEND_LIBS="
+	>=dev-libs/npth-1.2
+	>=dev-libs/libassuan-2.4.3
+	>=dev-libs/libgcrypt-1.7.3
+	>=dev-libs/libgpg-error-1.24
+	>=dev-libs/libksba-1.3.4
+	>=net-misc/curl-7.10
+	gnutls? ( >=net-libs/gnutls-3.0:0= )
+	sys-libs/zlib
+	ldap? ( net-nds/openldap )
+	bzip2? ( app-arch/bzip2 )
+	readline? ( sys-libs/readline:0= )
+	smartcard? ( usb? ( virtual/libusb:0 ) )
+	tofu? ( >=dev-db/sqlite-3.7 )
+	"
+COMMON_DEPEND_BINS="app-crypt/pinentry
+	!app-crypt/dirmngr"
+
+# Existence of executables is checked during configuration.
+DEPEND="${COMMON_DEPEND_LIBS}
+	${COMMON_DEPEND_BINS}
+	nls? ( sys-devel/gettext )
+	doc? ( sys-apps/texinfo )"
+
+RDEPEND="${COMMON_DEPEND_LIBS}
+	${COMMON_DEPEND_BINS}
+	selinux? ( sec-policy/selinux-gpg )
+	nls? ( virtual/libintl )"
+
+S="${WORKDIR}/${MY_P}"
+
+DOCS=(
+	ChangeLog NEWS README THANKS TODO VERSION
+	doc/FAQ doc/DETAILS doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER
+)
+
+PATCHES=(
+	"${FILESDIR}/${PN}-2.1.20-gpgscm-Use-shorter-socket-path-lengts-to-improve-tes.patch"
+	"${FILESDIR}/${P}-gpg-default-to-no-auto-key-retrieve.patch"
+)
+
+src_configure() {
+	local myconf=()
+
+	if use smartcard; then
+		myconf+=(
+			--enable-scdaemon
+			$(use_enable usb ccid-driver)
+		)
+	else
+		myconf+=( --disable-scdaemon )
+	fi
+
+	if use elibc_SunOS || use elibc_AIX; then
+		myconf+=( --disable-symcryptrun )
+	else
+		myconf+=( --enable-symcryptrun )
+	fi
+
+	# glib fails and picks up clang's internal stdint.h causing weird errors
+	[[ ${CC} == *clang ]] && \
+		export gl_cv_absolute_stdint_h=/usr/include/stdint.h
+
+	econf \
+		"${myconf[@]}" \
+		$(use_enable bzip2) \
+		$(use_enable gnutls) \
+		$(use_enable nls) \
+		$(use_enable tofu) \
+		$(use_enable wks-server wks-tools) \
+		$(use_with ldap) \
+		$(use_with readline) \
+		--enable-gpg \
+		--enable-gpgsm \
+		--enable-large-secmem \
+		--enable-all-tests \
+		CC_FOR_BUILD="$(tc-getBUILD_CC)"
+}
+
+src_compile() {
+	default
+
+	use doc && emake -C doc html
+}
+
+src_install() {
+	default
+
+	use tools &&
+		dobin \
+			tools/{convert-from-106,gpg-check-pattern} \
+			tools/{gpg-zip,gpgconf,gpgsplit,lspgpot,mail-signed-keys} \
+			tools/make-dns-cert
+
+	dosym gpg /usr/bin/gpg2
+	dosym gpgv /usr/bin/gpgv2
+	echo ".so man1/gpg2.1" > "${ED}"/usr/share/man/man1/gpg.1 || die
+	echo ".so man1/gpgv2.1" > "${ED}"/usr/share/man/man1/gpgv.1 || die
+
+	dodir /etc/env.d
+	echo "CONFIG_PROTECT=/usr/share/gnupg/qualified.txt" >> "${ED}"/etc/env.d/30gnupg || die
+
+	use doc && dodoc doc/gnupg.html/* doc/*.png
+
+	systemd_douserunit doc/examples/systemd-user/*.{service,socket}
+}
-- 
cgit v1.2.3-65-gdbad