diff options
Diffstat (limited to 'security')
27 files changed, 441 insertions, 198 deletions
diff --git a/security/gnome-gpg/Makefile b/security/gnome-gpg/Makefile index 4eeff95fef14..94dbe31ef2ca 100644 --- a/security/gnome-gpg/Makefile +++ b/security/gnome-gpg/Makefile @@ -7,6 +7,7 @@ PORTNAME= gnome-gpg PORTVERSION= 0.5.0 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_GNOME} MASTER_SITE_SUBDIR= sources/${PORTNAME}/${PORTVERSION:C/^([0-9]+\.[0-9]+).*/\1/} @@ -14,9 +15,9 @@ MASTER_SITE_SUBDIR= sources/${PORTNAME}/${PORTVERSION:C/^([0-9]+\.[0-9]+).*/\1/} MAINTAINER= gnome@FreeBSD.org COMMENT= Simple commandline wrapper around gpg for gnome-keyring -BUILD_DEPENDS= gpg:${PORTSDIR}/security/gnupg +BUILD_DEPENDS= gpg:${PORTSDIR}/security/gnupg1 LIB_DEPENDS= gnome-keyring.0:${PORTSDIR}/security/gnome-keyring -RUN_DEPENDS= gpg:${PORTSDIR}/security/gnupg +RUN_DEPENDS= gpg:${PORTSDIR}/security/gnupg1 USE_BZIP2= yes GNU_CONFIGURE= yes diff --git a/security/gnupg-devel/Makefile b/security/gnupg-devel/Makefile index 63b77aa4d49e..98a59d25f196 100644 --- a/security/gnupg-devel/Makefile +++ b/security/gnupg-devel/Makefile @@ -7,7 +7,7 @@ PORTNAME= gnupg PORTVERSION= 1.9.22 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_GNUPG} MASTER_SITE_SUBDIR= alpha/gnupg @@ -21,7 +21,7 @@ LIB_DEPENDS= gcrypt.13:${PORTSDIR}/security/libgcrypt \ ksba.17:${PORTSDIR}/security/libksba \ pth.20:${PORTSDIR}/devel/pth \ usb-0.1:${PORTSDIR}/devel/libusb -RUN_DEPENDS= gpg:${PORTSDIR}/security/gnupg \ +RUN_DEPENDS= gpg:${PORTSDIR}/security/gnupg1 \ dirmngr:${PORTSDIR}/security/dirmngr USE_BZIP2= yes diff --git a/security/gnupg-idea/Makefile b/security/gnupg-idea/Makefile index fbccd04212c2..d2223231d446 100644 --- a/security/gnupg-idea/Makefile +++ b/security/gnupg-idea/Makefile @@ -7,6 +7,7 @@ PORTNAME= gnupg-idea PORTVERSION= 1.0.6 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_GNUPG} \ ftp://ftp.gnupg.org/gcrypt/%SUBDIR%/ \ @@ -21,7 +22,7 @@ EXTRACT_ONLY= # none MAINTAINER= dinoex@FreeBSD.org COMMENT= IDEA extension module for gnupg (and RSA for demonstration) -RUN_DEPENDS= ${LOCALBASE}/bin/gpg:${PORTSDIR}/security/gnupg +RUN_DEPENDS= ${LOCALBASE}/bin/gpg:${PORTSDIR}/security/gnupg1 EXTRACT_AFTER_ARGS= > ${WRKSRC}/idea.c RESTRICTED= IDEA is Patented in the USA and many European countries diff --git a/security/gnupg/Makefile b/security/gnupg/Makefile index 5c2a0d44cc4f..77aa4f322f89 100644 --- a/security/gnupg/Makefile +++ b/security/gnupg/Makefile @@ -6,8 +6,7 @@ # PORTNAME= gnupg -PORTVERSION= 1.4.6 -PORTREVISION= 2 +PORTVERSION= 2.0.1 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_GNUPG} MASTER_SITE_SUBDIR= gnupg @@ -17,95 +16,76 @@ EXTRACT_ONLY= ${DISTNAME}${EXTRACT_SUFX} MAINTAINER= kuriyama@FreeBSD.org COMMENT= The GNU Privacy Guard +BUILD_DEPENDS= ${LOCALBASE}/lib/libassuan.a:${PORTSDIR}/security/libassuan +LIB_DEPENDS= gcrypt.13:${PORTSDIR}/security/libgcrypt \ + gpg-error:${PORTSDIR}/security/libgpg-error \ + ksba.17:${PORTSDIR}/security/libksba \ + pth.20:${PORTSDIR}/devel/pth +RUN_DEPENDS= dirmngr:${PORTSDIR}/security/dirmngr + USE_BZIP2= YES USE_GMAKE= YES GNU_CONFIGURE= YES -CONFIGURE_TARGET= --build ${MACHINE_ARCH}-portbld-freebsd${OSREL} -CONFIGURE_ARGS= --infodir=${PREFIX}/info --mandir=${PREFIX}/man -.if ${MACHINE_CPU:Mi586} -MACHINE_ARCH= i586 -.endif -CFLAGS:= ${CFLAGS:S/-pipe//g} -MAN1= gpg.1 gpgv.1 gpg.ru.1 -MAN7= gnupg.7 -INFO= gnupg1 - -PORTDOCS= * +USE_ICONV= YES +USE_LDCONFIG= YES +CONFIGURE_TARGET=# empty +CONFIGURE_ARGS+= --infodir=${PREFIX}/info --mandir=${PREFIX}/man \ + --with-libpth-prefix=${LOCALBASE}/lib/pth +MAN1= gpg2.1 gpgsm.1 gpgv2.1 gpg-agent.1 scdaemon.1 watchgnupg.1 \ + gpgconf.1 gpg-preset-passphrase.1 gpg-connect-agent.1 \ + gpgparsemail.1 symcryptrun.1 gpgsm-gencert.sh.1 +MAN8= addgnupghome.8 +INFO= gnupg OPTIONS= LDAP "LDAP keyserver interface" off \ - LIBICONV "use libiconv" off \ - LIBUSB "use libusb" off \ - SUID_GPG "install GPG with suid" off \ NLS "Native Language Support" on \ - CURL "use libcurl for the keyserver interface" on + SCDAEMON "Enable Smartcard daemon (with libusb)" off \ + CURL "Use the real curl library (worked around if no)" on .include <bsd.port.pre.mk> -.if defined(WITH_LIBICONV) -USE_ICONV= yes -.else -CONFIGURE_ARGS+= --without-libiconv-prefix -.endif - -.if defined(WITH_LIBUSB) -CONFIGURE_ARGS+= --with-libusb=${LOCALBASE} -LIB_DEPENDS+= usb-0.1.8:${PORTSDIR}/devel/libusb +.if defined(WITHOUT_NLS) +CONFIGURE_ARGS+=--disable-nls +PLIST_SUB+= NLS="@comment " .else -CONFIGURE_ARGS+= --without-libusb +USE_GETTEXT= YES +PLIST_SUB+= NLS="" .endif .if defined(WITH_LDAP) -USE_OPENLDAP= yes -PLIST_SUB+= WITH_LDAP="" -CONFIGURE_ARGS+= --with-ldap=${LOCALBASE} -#CONFIGURE_ENV+= LDFLAGS="-L/usr/lib" +USE_OPENLDAP= YES +CONFIGURE_ARGS+=--with-ldap=${LOCALBASE} +PLIST_SUB+= LDAP="" .else -PLIST_SUB+= WITH_LDAP="@comment " -CONFIGURE_ARGS+= --disable-ldap +CONFIGURE_ARGS+=--disable-ldap +PLIST_SUB+= LDAP="@comment " .endif -.if !defined(WITHOUT_NLS) -USE_GETTEXT= YES -PLIST_SUB+= NLS="" +.if defined(WITH_SCDAEMON) +CONFIGURE_ARGS+=--enable-scdaemon +LIB_DEPENDS+= usb-0.1:${PORTSDIR}/devel/libusb +PLIST_SUB+= SCDAEMON="" .else -CONFIGURE_ARGS+=--disable-nls -PLIST_SUB+= NLS="@comment " +CONFIGURE_ARGS+=--disable-scdaemon +PLIST_SUB+= SCDAEMON="@comment " .endif -.if !defined(WITHOUT_CURL) +.if defined(WITHOUT_CURL) +CONFIGURE_ARGS+=--without-libcurl +.else LIB_DEPENDS+= curl:${PORTSDIR}/ftp/curl CONFIGURE_ARGS+=--with-libcurl=${LOCALBASE} -# Work around a GnuPG configure buglet -CONFIGURE_ENV+= _libcurl_config=${LOCALBASE}/bin/curl-config -.else -CONFIGURE_ARGS+=--without-libcurl .endif -post-install: -.if !defined(NOPORTDOCS) - ${MKDIR} ${DOCSDIR} -.for i in DETAILS FAQ HACKING OpenPGP - ${INSTALL_DATA} ${WRKSRC}/doc/${i} ${DOCSDIR} -.endfor -.for i in ABOUT-NLS AUTHORS BUGS COPYING INSTALL NEWS PROJECTS \ - README THANKS TODO VERSION - ${INSTALL_DATA} ${WRKSRC}/${i} ${DOCSDIR} -.endfor -.endif -.if defined(WITH_SUID_GPG) - ${CHMOD} u+s ${PREFIX}/bin/gpg -.endif -.if ${OSVERSION} < 500019 - @${CAT} ${PKGMESSAGE} -.else -PKGMESSAGE= /nonexistent -.endif +verify: checksum + gpg2 --verify ${DISTDIR}/${DISTNAME}${EXTRACT_SUFX}.sig -.if ${OSVERSION} < 500000 -CONFIGURE_ARGS+= --without-readline -.endif +pre-configure: + ${REINPLACE_CMD} -e "s@-lpthread@${PTHREAD_LIBS}@g" \ + ${WRKSRC}/acinclude.m4 ${WRKSRC}/aclocal.m4 ${WRKSRC}/configure -check: - (cd ${WRKSRC}; ${MAKE} check) +post-install: + PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL + @${CAT} ${PKGMESSAGE} .include <bsd.port.post.mk> diff --git a/security/gnupg/distinfo b/security/gnupg/distinfo index 3bb0d5afe9de..c46fb4722345 100644 --- a/security/gnupg/distinfo +++ b/security/gnupg/distinfo @@ -1,6 +1,6 @@ -MD5 (gnupg-1.4.6.tar.bz2) = ec8dc6df1bd83c1d7e1a1ea10653f9f4 -SHA256 (gnupg-1.4.6.tar.bz2) = fd5a72418e55669b88076c2a6f11c3a59bf92a2071008567e65ae12b7372008e -SIZE (gnupg-1.4.6.tar.bz2) = 3149454 -MD5 (gnupg-1.4.6.tar.bz2.sig) = 8b905292140d60fe493fab7d5b22c96d -SHA256 (gnupg-1.4.6.tar.bz2.sig) = fb9294762932b34f2fd5a4b168f4c3a248aa7403c2aed8bffa5f67274b1b052d -SIZE (gnupg-1.4.6.tar.bz2.sig) = 158 +MD5 (gnupg-2.0.1.tar.bz2) = eb24e258db73f4cb53a3ce18375efa21 +SHA256 (gnupg-2.0.1.tar.bz2) = 49949762a4e080379dcca23948442d50488f0d74e04bcba87fc49e19a899b01d +SIZE (gnupg-2.0.1.tar.bz2) = 3923924 +MD5 (gnupg-2.0.1.tar.bz2.sig) = 58b1bbc2f34c0882ab1a49542a8ffd45 +SHA256 (gnupg-2.0.1.tar.bz2.sig) = 2e49d6cfcb9ad12bc10e7185435761622c2da12b850c6c31925da3b4c8100628 +SIZE (gnupg-2.0.1.tar.bz2.sig) = 158 diff --git a/security/gnupg/files/patch-CVE-2006-6235 b/security/gnupg/files/patch-CVE-2006-6235 new file mode 100644 index 000000000000..c1692572cafc --- /dev/null +++ b/security/gnupg/files/patch-CVE-2006-6235 @@ -0,0 +1,260 @@ +This is a patch against GnuPG 2.0.1. Change the directory to g10/ and +apply this patch. + +2006-12-02 Werner Koch <wk@g10code.com> + + * encr-data.c: Allocate DFX context on the heap and not on the + stack. Changes at several places. Fixes CVE-2006-6235. + + +Index: g10/encr-data.c +=================================================================== +--- g10/encr-data.c (revision 4352) ++++ g10/encr-data.c (working copy) +@@ -39,16 +39,37 @@ + static int decode_filter ( void *opaque, int control, IOBUF a, + byte *buf, size_t *ret_len); + +-typedef struct ++typedef struct decode_filter_context_s + { + gcry_cipher_hd_t cipher_hd; + gcry_md_hd_t mdc_hash; + char defer[22]; + int defer_filled; + int eof_seen; +-} decode_filter_ctx_t; ++ int refcount; ++} *decode_filter_ctx_t; + + ++/* Helper to release the decode context. */ ++static void ++release_dfx_context (decode_filter_ctx_t dfx) ++{ ++ if (!dfx) ++ return; ++ ++ assert (dfx->refcount); ++ if ( !--dfx->refcount ) ++ { ++ gcry_cipher_close (dfx->cipher_hd); ++ dfx->cipher_hd = NULL; ++ gcry_md_close (dfx->mdc_hash); ++ dfx->mdc_hash = NULL; ++ xfree (dfx); ++ } ++} ++ ++ ++ + /**************** + * Decrypt the data, specified by ED with the key DEK. + */ +@@ -62,7 +83,11 @@ + unsigned blocksize; + unsigned nprefix; + +- memset( &dfx, 0, sizeof dfx ); ++ dfx = xtrycalloc (1, sizeof *dfx); ++ if (!dfx) ++ return gpg_error_from_syserror (); ++ dfx->refcount = 1; ++ + if ( opt.verbose && !dek->algo_info_printed ) + { + const char *s = gcry_cipher_algo_name (dek->algo); +@@ -77,20 +102,20 @@ + goto leave; + blocksize = gcry_cipher_get_algo_blklen (dek->algo); + if ( !blocksize || blocksize > 16 ) +- log_fatal("unsupported blocksize %u\n", blocksize ); ++ log_fatal ("unsupported blocksize %u\n", blocksize ); + nprefix = blocksize; + if ( ed->len && ed->len < (nprefix+2) ) + BUG(); + + if ( ed->mdc_method ) + { +- if (gcry_md_open (&dfx.mdc_hash, ed->mdc_method, 0 )) ++ if (gcry_md_open (&dfx->mdc_hash, ed->mdc_method, 0 )) + BUG (); + if ( DBG_HASHING ) +- gcry_md_start_debug (dfx.mdc_hash, "checkmdc"); ++ gcry_md_start_debug (dfx->mdc_hash, "checkmdc"); + } + +- rc = gcry_cipher_open (&dfx.cipher_hd, dek->algo, ++ rc = gcry_cipher_open (&dfx->cipher_hd, dek->algo, + GCRY_CIPHER_MODE_CFB, + (GCRY_CIPHER_SECURE + | ((ed->mdc_method || dek->algo >= 100)? +@@ -104,7 +129,7 @@ + + + /* log_hexdump( "thekey", dek->key, dek->keylen );*/ +- rc = gcry_cipher_setkey (dfx.cipher_hd, dek->key, dek->keylen); ++ rc = gcry_cipher_setkey (dfx->cipher_hd, dek->key, dek->keylen); + if ( gpg_err_code (rc) == GPG_ERR_WEAK_KEY ) + { + log_info(_("WARNING: message was encrypted with" +@@ -123,7 +148,7 @@ + goto leave; + } + +- gcry_cipher_setiv (dfx.cipher_hd, NULL, 0); ++ gcry_cipher_setiv (dfx->cipher_hd, NULL, 0); + + if ( ed->len ) + { +@@ -144,8 +169,8 @@ + temp[i] = c; + } + +- gcry_cipher_decrypt (dfx.cipher_hd, temp, nprefix+2, NULL, 0); +- gcry_cipher_sync (dfx.cipher_hd); ++ gcry_cipher_decrypt (dfx->cipher_hd, temp, nprefix+2, NULL, 0); ++ gcry_cipher_sync (dfx->cipher_hd); + p = temp; + /* log_hexdump( "prefix", temp, nprefix+2 ); */ + if (dek->symmetric +@@ -155,17 +180,18 @@ + goto leave; + } + +- if ( dfx.mdc_hash ) +- gcry_md_write (dfx.mdc_hash, temp, nprefix+2); +- ++ if ( dfx->mdc_hash ) ++ gcry_md_write (dfx->mdc_hash, temp, nprefix+2); ++ ++ dfx->refcount++; + if ( ed->mdc_method ) +- iobuf_push_filter( ed->buf, mdc_decode_filter, &dfx ); ++ iobuf_push_filter ( ed->buf, mdc_decode_filter, dfx ); + else +- iobuf_push_filter( ed->buf, decode_filter, &dfx ); ++ iobuf_push_filter ( ed->buf, decode_filter, dfx ); + + proc_packets ( procctx, ed->buf ); + ed->buf = NULL; +- if ( ed->mdc_method && dfx.eof_seen == 2 ) ++ if ( ed->mdc_method && dfx->eof_seen == 2 ) + rc = gpg_error (GPG_ERR_INV_PACKET); + else if ( ed->mdc_method ) + { +@@ -184,26 +210,28 @@ + bytes are appended. */ + int datalen = gcry_md_get_algo_dlen (ed->mdc_method); + +- gcry_cipher_decrypt (dfx.cipher_hd, dfx.defer, 22, NULL, 0); +- gcry_md_write (dfx.mdc_hash, dfx.defer, 2); +- gcry_md_final (dfx.mdc_hash); ++ assert (dfx->cipher_hd); ++ assert (dfx->mdc_hash); ++ gcry_cipher_decrypt (dfx->cipher_hd, dfx->defer, 22, NULL, 0); ++ gcry_md_write (dfx->mdc_hash, dfx->defer, 2); ++ gcry_md_final (dfx->mdc_hash); + +- if (dfx.defer[0] != '\xd3' || dfx.defer[1] != '\x14' ) ++ if (dfx->defer[0] != '\xd3' || dfx->defer[1] != '\x14' ) + { + log_error("mdc_packet with invalid encoding\n"); + rc = gpg_error (GPG_ERR_INV_PACKET); + } + else if (datalen != 20 +- || memcmp (gcry_md_read (dfx.mdc_hash, 0),dfx.defer+2,datalen)) ++ || memcmp (gcry_md_read (dfx->mdc_hash, 0), ++ dfx->defer+2,datalen )) + rc = gpg_error (GPG_ERR_BAD_SIGNATURE); +- /* log_printhex("MDC message:", dfx.defer, 22); */ +- /* log_printhex("MDC calc:", gcry_md_read (dfx.mdc_hash,0), datalen); */ ++ /* log_printhex("MDC message:", dfx->defer, 22); */ ++ /* log_printhex("MDC calc:", gcry_md_read (dfx->mdc_hash,0), datalen); */ + } + + + leave: +- gcry_cipher_close (dfx.cipher_hd); +- gcry_md_close (dfx.mdc_hash); ++ release_dfx_context (dfx); + return rc; + } + +@@ -214,7 +242,7 @@ + mdc_decode_filter (void *opaque, int control, IOBUF a, + byte *buf, size_t *ret_len) + { +- decode_filter_ctx_t *dfx = opaque; ++ decode_filter_ctx_t dfx = opaque; + size_t n, size = *ret_len; + int rc = 0; + int c; +@@ -226,11 +254,11 @@ + } + else if( control == IOBUFCTRL_UNDERFLOW ) + { +- assert(a); +- assert( size > 44 ); ++ assert (a); ++ assert ( size > 44 ); + + /* Get at least 22 bytes and put it somewhere ahead in the buffer. */ +- for(n=22; n < 44 ; n++ ) ++ for (n=22; n < 44 ; n++ ) + { + if( (c = iobuf_get(a)) == -1 ) + break; +@@ -279,8 +307,10 @@ + + if ( n ) + { +- gcry_cipher_decrypt (dfx->cipher_hd, buf, n, NULL, 0); +- gcry_md_write (dfx->mdc_hash, buf, n); ++ if ( dfx->cipher_hd ) ++ gcry_cipher_decrypt (dfx->cipher_hd, buf, n, NULL, 0); ++ if ( dfx->mdc_hash ) ++ gcry_md_write (dfx->mdc_hash, buf, n); + } + else + { +@@ -289,6 +319,10 @@ + } + *ret_len = n; + } ++ else if ( control == IOBUFCTRL_FREE ) ++ { ++ release_dfx_context (dfx); ++ } + else if ( control == IOBUFCTRL_DESC ) + { + *(char**)buf = "mdc_decode_filter"; +@@ -300,7 +334,7 @@ + static int + decode_filter( void *opaque, int control, IOBUF a, byte *buf, size_t *ret_len) + { +- decode_filter_ctx_t *fc = opaque; ++ decode_filter_ctx_t fc = opaque; + size_t n, size = *ret_len; + int rc = 0; + +@@ -311,11 +345,18 @@ + if ( n == -1 ) + n = 0; + if ( n ) +- gcry_cipher_decrypt (fc->cipher_hd, buf, n, NULL, 0); ++ { ++ if (fc->cipher_hd) ++ gcry_cipher_decrypt (fc->cipher_hd, buf, n, NULL, 0); ++ } + else + rc = -1; /* EOF */ + *ret_len = n; + } ++ else if ( control == IOBUFCTRL_FREE ) ++ { ++ release_dfx_context (fc); ++ } + else if ( control == IOBUFCTRL_DESC ) + { + *(char**)buf = "decode_filter"; diff --git a/security/gnupg/files/patch-config.links b/security/gnupg/files/patch-config.links deleted file mode 100644 index 35a0316c8ae9..000000000000 --- a/security/gnupg/files/patch-config.links +++ /dev/null @@ -1,15 +0,0 @@ ---- mpi/config.links.orig Thu Apr 24 20:15:58 2003 -+++ mpi/config.links Sat May 10 16:29:28 2003 -@@ -142,6 +142,12 @@ - echo '/* configured for sparc64-*netbsd */' >>./mpi/asm-syntax.h - path="" - ;; -+ sparc64-*-freebsd*) -+ # There are no sparc64 assembler modules that work, so -+ # just use generic C functions -+ echo '/* configured for sparc64-*freebsd* */' >>./mpi/asm-syntax.h -+ path="" -+ ;; - sparc9*-*-* | \ - sparc64*-*-* | \ - ultrasparc*-*-* ) diff --git a/security/gnupg/files/patch-configure b/security/gnupg/files/patch-configure deleted file mode 100644 index 52fae6b7c7dc..000000000000 --- a/security/gnupg/files/patch-configure +++ /dev/null @@ -1,10 +0,0 @@ ---- configure.orig Fri Dec 8 17:02:30 2006 -+++ configure Fri Dec 8 17:02:52 2006 -@@ -27251,6 +27251,7 @@ - exec_prefix=$exec_prefix - libdir=$libdir - libexecdir=$libexecdir -+datarootdir=$datarootdir - datadir=$datadir - DATADIRNAME=$DATADIRNAME - diff --git a/security/gnupg/pkg-descr b/security/gnupg/pkg-descr index 4ad9fb265d00..6ec531356045 100644 --- a/security/gnupg/pkg-descr +++ b/security/gnupg/pkg-descr @@ -5,5 +5,3 @@ without any restrictions. GnuPG is an RFC2440 (OpenPGP) compliant application. WWW: http://www.gnupg.org/ - -kuriyama@FreeBSD.org diff --git a/security/gnupg/pkg-install b/security/gnupg/pkg-install new file mode 100644 index 000000000000..b2e9e655aa3a --- /dev/null +++ b/security/gnupg/pkg-install @@ -0,0 +1,14 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +if [ "$2" != "POST-INSTALL" ]; then + exit 0 +fi + +if [ -r ${PKG_PREFIX}/bin/gpg ] || [ -L ${PKG_PREFIX}/bin/gpg ]; then + # Skip. +else + ln -s gpg2 ${PKG_PREFIX}/bin/gpg +fi diff --git a/security/gnupg/pkg-message b/security/gnupg/pkg-message index 6123fa32f234..6dcdc858f1d8 100644 --- a/security/gnupg/pkg-message +++ b/security/gnupg/pkg-message @@ -1,5 +1,19 @@ -************************************************************ -TIPS: - o Use rndcontrol(8) if you want more entropy. - See http://people.freebsd.org/~dougb/randomness.html for more details. -************************************************************ + + + +############################################################################### + A T T E N T I O N + +In order to use gpg-agent, you need to install a pinentry dialog. + +The following ports of pinentry dialogs are available: + +security/pinentry-curses (ncurses based dialog) +security/pinentry-gtk (GTK 1.2 based dialog) +security/pinentry-gtk2 (GTK 2.x based dialog) +security/pinentry-qt (QT based dialog) + +############################################################################### + + + diff --git a/security/gnupg/pkg-plist b/security/gnupg/pkg-plist index 5c2eb14f590a..a2258ae63a42 100644 --- a/security/gnupg/pkg-plist +++ b/security/gnupg/pkg-plist @@ -1,64 +1,56 @@ -bin/gpg -bin/gpg-zip -bin/gpgsplit -bin/gpgv -%%WITH_LDAP%%libexec/gnupg/gpgkeys_ldap -libexec/gnupg/gpgkeys_curl -libexec/gnupg/gpgkeys_finger -libexec/gnupg/gpgkeys_hkp -@dirrm libexec/gnupg -%%DATADIR%%/FAQ -%%DATADIR%%/faq.html -%%DATADIR%%/options.skel -%%NLS%%share/locale/be/LC_MESSAGES/gnupg.mo -%%NLS%%share/locale/ca/LC_MESSAGES/gnupg.mo -%%NLS%%share/locale/cs/LC_MESSAGES/gnupg.mo -%%NLS%%share/locale/da/LC_MESSAGES/gnupg.mo -%%NLS%%share/locale/de/LC_MESSAGES/gnupg.mo -%%NLS%%share/locale/el/LC_MESSAGES/gnupg.mo -%%NLS%%share/locale/eo/LC_MESSAGES/gnupg.mo -%%NLS%%share/locale/en@boldquot/LC_MESSAGES/gnupg.mo -%%NLS%%share/locale/en@quot/LC_MESSAGES/gnupg.mo -%%NLS%%share/locale/es/LC_MESSAGES/gnupg.mo -%%NLS%%share/locale/et/LC_MESSAGES/gnupg.mo -%%NLS%%share/locale/fi/LC_MESSAGES/gnupg.mo -%%NLS%%share/locale/fr/LC_MESSAGES/gnupg.mo -%%NLS%%share/locale/gl/LC_MESSAGES/gnupg.mo -%%NLS%%share/locale/hu/LC_MESSAGES/gnupg.mo -%%NLS%%share/locale/id/LC_MESSAGES/gnupg.mo -%%NLS%%share/locale/it/LC_MESSAGES/gnupg.mo -%%NLS%%share/locale/ja/LC_MESSAGES/gnupg.mo -%%NLS%%share/locale/nb/LC_MESSAGES/gnupg.mo -%%NLS%%share/locale/pl/LC_MESSAGES/gnupg.mo -%%NLS%%share/locale/pt/LC_MESSAGES/gnupg.mo -%%NLS%%share/locale/pt_BR/LC_MESSAGES/gnupg.mo -%%NLS%%share/locale/ro/LC_MESSAGES/gnupg.mo -%%NLS%%share/locale/ru/LC_MESSAGES/gnupg.mo -%%NLS%%share/locale/sk/LC_MESSAGES/gnupg.mo -%%NLS%%share/locale/sv/LC_MESSAGES/gnupg.mo -%%NLS%%share/locale/tr/LC_MESSAGES/gnupg.mo -%%NLS%%share/locale/zh_CN/LC_MESSAGES/gnupg.mo -%%NLS%%share/locale/zh_TW/LC_MESSAGES/gnupg.mo -@dirrm %%DATADIR%% -@dirrmtry share/locale/be/LC_MESSAGES -@dirrmtry share/locale/be -@dirrmtry share/locale/ca/LC_MESSAGES -@dirrmtry share/locale/ca -@dirrmtry share/locale/cs/LC_MESSAGES -@dirrmtry share/locale/cs -@dirrmtry share/locale/el/LC_MESSAGES -@dirrmtry share/locale/el -@dirrmtry share/locale/fi/LC_MESSAGES -@dirrmtry share/locale/fi -@dirrmtry share/locale/gl/LC_MESSAGES -@dirrmtry share/locale/gl -@dirrmtry share/locale/pl/LC_MESSAGES -@dirrmtry share/locale/pl -@dirrmtry share/locale/pt/LC_MESSAGES -@dirrmtry share/locale/pt -@dirrmtry share/locale/ro/LC_MESSAGES -@dirrmtry share/locale/ro -@dirrmtry share/locale/sk/LC_MESSAGES -@dirrmtry share/locale/sk -@dirrmtry share/locale/zh_TW/LC_MESSAGES -@dirrmtry share/locale/zh_TW +bin/gpg-agent +bin/gpg-connect-agent +bin/gpg2 +bin/gpgconf +bin/gpgkey2ssh +bin/gpgparsemail +bin/gpgsm +bin/gpgsm-gencert.sh +bin/gpgv2 +bin/kbxutil +%%SCDAEMON%%bin/scdaemon +bin/watchgnupg +%%SCDAEMON%%libexec/gnupg-pcsc-wrapper +libexec/gpg-preset-passphrase +libexec/gpg-protect-tool +libexec/gpg2keys_curl +libexec/gpg2keys_finger +libexec/gpg2keys_hkp +%%LDAP%%libexec/gpg2keys_ldap +sbin/addgnupghome +share/gnupg/FAQ +share/gnupg/com-certs.pem +share/gnupg/faq.html +share/gnupg/gpg-conf.skel +share/gnupg/qualified.txt +%%NLS%%share/locale/da/LC_MESSAGES/gnupg2.mo +%%NLS%%share/locale/de/LC_MESSAGES/gnupg2.mo +%%NLS%%share/locale/eo/LC_MESSAGES/gnupg2.mo +%%NLS%%share/locale/es/LC_MESSAGES/gnupg2.mo +%%NLS%%share/locale/et/LC_MESSAGES/gnupg2.mo +%%NLS%%share/locale/fr/LC_MESSAGES/gnupg2.mo +%%NLS%%share/locale/hu/LC_MESSAGES/gnupg2.mo +%%NLS%%share/locale/id/LC_MESSAGES/gnupg2.mo +%%NLS%%share/locale/it/LC_MESSAGES/gnupg2.mo +%%NLS%%share/locale/ja/LC_MESSAGES/gnupg2.mo +%%NLS%%share/locale/nb/LC_MESSAGES/gnupg2.mo +%%NLS%%share/locale/pt_BR/LC_MESSAGES/gnupg2.mo +%%NLS%%share/locale/ru/LC_MESSAGES/gnupg2.mo +%%NLS%%share/locale/sv/LC_MESSAGES/gnupg2.mo +%%NLS%%share/locale/tr/LC_MESSAGES/gnupg2.mo +%%NLS%%share/locale/be/LC_MESSAGES/gnupg2.mo +%%NLS%%share/locale/ca/LC_MESSAGES/gnupg2.mo +%%NLS%%share/locale/cs/LC_MESSAGES/gnupg2.mo +%%NLS%%share/locale/el/LC_MESSAGES/gnupg2.mo +%%NLS%%share/locale/fi/LC_MESSAGES/gnupg2.mo +%%NLS%%share/locale/gl/LC_MESSAGES/gnupg2.mo +%%NLS%%share/locale/pl/LC_MESSAGES/gnupg2.mo +%%NLS%%share/locale/pt/LC_MESSAGES/gnupg2.mo +%%NLS%%share/locale/ro/LC_MESSAGES/gnupg2.mo +%%NLS%%share/locale/sk/LC_MESSAGES/gnupg2.mo +%%NLS%%share/locale/zh_CN/LC_MESSAGES/gnupg2.mo +%%NLS%%share/locale/zh_TW/LC_MESSAGES/gnupg2.mo +%%NLS%%share/locale/en@quot/LC_MESSAGES/gnupg2.mo +%%NLS%%share/locale/en@boldquot/LC_MESSAGES/gnupg2.mo +@dirrmtry share/gnupg +@unexec [ -L %D/bin/gpg ] && rm -f %D/bin/gpg || true diff --git a/security/gpa/Makefile b/security/gpa/Makefile index 2b6b58baa391..e5d75c9dd683 100644 --- a/security/gpa/Makefile +++ b/security/gpa/Makefile @@ -7,6 +7,7 @@ PORTNAME= gpa PORTVERSION= 0.7.4 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= http://wald.intevation.org/frs/download.php/241/ @@ -14,8 +15,8 @@ MAINTAINER= ports@FreeBSD.org COMMENT= A graphical frontend for the GNU Privacy Guard LIB_DEPENDS= gpgme:${PORTSDIR}/security/gpgme -BUILD_DEPENDS= gpg:${PORTSDIR}/security/gnupg -RUN_DEPENDS= gpg:${PORTSDIR}/security/gnupg +BUILD_DEPENDS= gpg:${PORTSDIR}/security/gnupg1 +RUN_DEPENDS= gpg:${PORTSDIR}/security/gnupg1 USE_BZIP2= yes USE_GMAKE= yes diff --git a/security/gpgme/Makefile b/security/gpgme/Makefile index c0c43825bf85..d58e2d5525d0 100644 --- a/security/gpgme/Makefile +++ b/security/gpgme/Makefile @@ -7,7 +7,7 @@ PORTNAME= gpgme PORTVERSION= 1.1.2 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_GNUPG} MASTER_SITE_SUBDIR= gpgme @@ -15,7 +15,7 @@ MASTER_SITE_SUBDIR= gpgme MAINTAINER= lofi@FreeBSD.org COMMENT= A library to make access to GnuPG easier -BUILD_DEPENDS= gpg:${PORTSDIR}/security/gnupg \ +BUILD_DEPENDS= gpg:${PORTSDIR}/security/gnupg1 \ gpgsm:${PORTSDIR}/security/gnupg-devel LIB_DEPENDS= gpg-error.3:${PORTSDIR}/security/libgpg-error diff --git a/security/gpgme03/Makefile b/security/gpgme03/Makefile index c534be358793..58334cbea63c 100644 --- a/security/gpgme03/Makefile +++ b/security/gpgme03/Makefile @@ -7,7 +7,7 @@ PORTNAME= gpgme PORTVERSION= 0.3.16 -PORTREVISION= 3 +PORTREVISION= 4 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_GNUPG} MASTER_SITE_SUBDIR= gpgme @@ -15,7 +15,7 @@ MASTER_SITE_SUBDIR= gpgme MAINTAINER= markun@onohara.to COMMENT= A library to make access to GnuPG easier -BUILD_DEPENDS= gpg:${PORTSDIR}/security/gnupg +BUILD_DEPENDS= gpg:${PORTSDIR}/security/gnupg1 LIB_DEPENDS= pth.20:${PORTSDIR}/devel/pth LATEST_LINK= gpgme03 diff --git a/security/gtkpasman/Makefile b/security/gtkpasman/Makefile index 299e82cc75a6..a406bb94cce7 100644 --- a/security/gtkpasman/Makefile +++ b/security/gtkpasman/Makefile @@ -7,6 +7,7 @@ PORTNAME= gtkpasman PORTVERSION= 0.8 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} MASTER_SITE_SUBDIR= ${PORTNAME} @@ -14,7 +15,7 @@ MASTER_SITE_SUBDIR= ${PORTNAME} MAINTAINER= phil@teaser.fr COMMENT= A GTK+ passwords manager for system and network administrators -RUN_DEPENDS+= gpg:${PORTSDIR}/security/gnupg +RUN_DEPENDS+= gpg:${PORTSDIR}/security/gnupg1 BUILD_DEPENDS+= gdk-pixbuf-config:${PORTSDIR}/graphics/gdk-pixbuf USE_X_PREFIX= yes diff --git a/security/kgpg-kde4/Makefile b/security/kgpg-kde4/Makefile index 4eda395c36d9..48d491e234e6 100644 --- a/security/kgpg-kde4/Makefile +++ b/security/kgpg-kde4/Makefile @@ -7,6 +7,7 @@ PORTNAME= kdeutils PORTVERSION= ${KDE_VERSION} +PORTREVISION= 1 CATEGORIES?= misc kde MASTER_SITES= ${MASTER_SITE_KDE} MASTER_SITE_SUBDIR= stable/${PORTVERSION:S/.0//}/src @@ -17,7 +18,7 @@ COMMENT= Utilities for the KDE integrated X11 desktop LIB_DEPENDS= gmp.7:${PORTSDIR}/math/libgmp4 \ netsnmp:${PORTSDIR}/net-mgmt/net-snmp -RUN_DEPENDS= gpg:${PORTSDIR}/security/gnupg +RUN_DEPENDS= gpg:${PORTSDIR}/security/gnupg1 CONFLICTS= kgpg-[0-9]* superkaramba-[0-9]* diff --git a/security/kgpg/Makefile b/security/kgpg/Makefile index 264cd04644db..96705226e5f4 100644 --- a/security/kgpg/Makefile +++ b/security/kgpg/Makefile @@ -7,14 +7,14 @@ PORTNAME= kgpg PORTVERSION= 1.0.0 -PORTREVISION= 4 +PORTREVISION= 5 CATEGORIES= security kde MASTER_SITES= http://developer.kde.org/~kgpg/src/ MAINTAINER= rick@rptn.net COMMENT= A simple KDE frontend for GnuPG -RUN_DEPENDS= gpg:${PORTSDIR}/security/gnupg +RUN_DEPENDS= gpg:${PORTSDIR}/security/gnupg1 CONFLICTS= kdeutils-3.[2-4].* diff --git a/security/kwallet/Makefile b/security/kwallet/Makefile index 4eda395c36d9..48d491e234e6 100644 --- a/security/kwallet/Makefile +++ b/security/kwallet/Makefile @@ -7,6 +7,7 @@ PORTNAME= kdeutils PORTVERSION= ${KDE_VERSION} +PORTREVISION= 1 CATEGORIES?= misc kde MASTER_SITES= ${MASTER_SITE_KDE} MASTER_SITE_SUBDIR= stable/${PORTVERSION:S/.0//}/src @@ -17,7 +18,7 @@ COMMENT= Utilities for the KDE integrated X11 desktop LIB_DEPENDS= gmp.7:${PORTSDIR}/math/libgmp4 \ netsnmp:${PORTSDIR}/net-mgmt/net-snmp -RUN_DEPENDS= gpg:${PORTSDIR}/security/gnupg +RUN_DEPENDS= gpg:${PORTSDIR}/security/gnupg1 CONFLICTS= kgpg-[0-9]* superkaramba-[0-9]* diff --git a/security/nofgpg/Makefile b/security/nofgpg/Makefile index 1ccff747e6f3..cb2eb8f08e06 100644 --- a/security/nofgpg/Makefile +++ b/security/nofgpg/Makefile @@ -8,14 +8,14 @@ PORTNAME= nofgpg PORTVERSION= 0.5.1 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security python MASTER_SITES= http://www.cgabriel.org/download/nofgpg/ MAINTAINER= ports@FreeBSD.org COMMENT= No One Fears GPG -RUN_DEPENDS= gpg:${PORTSDIR}/security/gnupg \ +RUN_DEPENDS= gpg:${PORTSDIR}/security/gnupg1 \ ${PYTHON_SITELIBDIR}/gtk-1.2/gnome/ui.py:${PORTSDIR}/x11-toolkits/py-gnome USE_PYTHON= yes diff --git a/security/p5-GnuPG-Interface/Makefile b/security/p5-GnuPG-Interface/Makefile index 1dde98ddd93a..bf149bf13430 100644 --- a/security/p5-GnuPG-Interface/Makefile +++ b/security/p5-GnuPG-Interface/Makefile @@ -7,6 +7,7 @@ PORTNAME= GnuPG-Interface PORTVERSION= 0.34 +PORTREVISION= 2 CATEGORIES= security perl5 MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} MASTER_SITE_SUBDIR= gnupg-interface @@ -17,7 +18,7 @@ COMMENT= Perl module for interfacing with GnuPG BUILD_DEPENDS= ${SITE_PERL}/${PERL_ARCH}/Class/MethodMaker.pm:${PORTSDIR}/devel/p5-Class-MethodMaker \ ${RUN_DEPENDS} -RUN_DEPENDS= gpg:${PORTSDIR}/security/gnupg +RUN_DEPENDS= gpg:${PORTSDIR}/security/gnupg1 PERL_CONFIGURE= yes diff --git a/security/p5-Module-Signature/Makefile b/security/p5-Module-Signature/Makefile index 230264fe458f..79503c7e536e 100644 --- a/security/p5-Module-Signature/Makefile +++ b/security/p5-Module-Signature/Makefile @@ -7,6 +7,7 @@ PORTNAME= Module-Signature PORTVERSION= 0.55 +PORTREVISION= 1 CATEGORIES= security perl5 MASTER_SITES= ${MASTER_SITE_PERL_CPAN} MASTER_SITE_SUBDIR= Module @@ -17,7 +18,7 @@ COMMENT= Module signature file manipulation BUILD_DEPENDS= ${SITE_PERL}/${PERL_ARCH}/Digest/SHA.pm:${PORTSDIR}/security/p5-Digest-SHA \ ${SITE_PERL}/PAR/Dist.pm:${PORTSDIR}/devel/p5-PAR-Dist \ - ${LOCALBASE}/bin/gpg:${PORTSDIR}/security/gnupg + ${LOCALBASE}/bin/gpg:${PORTSDIR}/security/gnupg1 RUN_DEPENDS= ${BUILD_DEPENDS} PERL_CONFIGURE= yes diff --git a/security/pgpgpg/Makefile b/security/pgpgpg/Makefile index 4133a78de1a8..2cd505ee3549 100644 --- a/security/pgpgpg/Makefile +++ b/security/pgpgpg/Makefile @@ -7,7 +7,7 @@ PORTNAME= pgpgpg PORTVERSION= 0.13 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_PACKETSTORM} \ ftp://ftp.gnupg.org/gcrypt/historic/ \ @@ -21,8 +21,8 @@ COMMENT= Wrapper for GnuPG to simulate PGP 2.6.x # if it can't find gpg. RUN_DEPENDS is necessary to make the package # dependency register correctly. Hence the apparent redundancy. -BUILD_DEPENDS= ${PREFIX}/bin/gpg:${PORTSDIR}/security/gnupg -RUN_DEPENDS= ${PREFIX}/bin/gpg:${PORTSDIR}/security/gnupg +BUILD_DEPENDS= ${PREFIX}/bin/gpg:${PORTSDIR}/security/gnupg1 +RUN_DEPENDS= ${PREFIX}/bin/gpg:${PORTSDIR}/security/gnupg1 GNU_CONFIGURE= yes CONFIGURE_ARGS= --with-gpg-path=${PREFIX}/bin/gpg diff --git a/security/pwman/Makefile b/security/pwman/Makefile index 30b98291e307..4f041c2f8332 100644 --- a/security/pwman/Makefile +++ b/security/pwman/Makefile @@ -7,7 +7,7 @@ PORTNAME= pwman PORTVERSION= 0.3.2 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} MASTER_SITE_SUBDIR= ${PORTNAME} @@ -16,7 +16,7 @@ MAINTAINER= anders@FreeBSD.org COMMENT= Console password management application based on gpg(me) LIB_DEPENDS= xml2.5:${PORTSDIR}/textproc/libxml2 -RUN_DEPENDS= gpg:${PORTSDIR}/security/gnupg +RUN_DEPENDS= gpg:${PORTSDIR}/security/gnupg1 GNU_CONFIGURE= yes diff --git a/security/seahorse/Makefile b/security/seahorse/Makefile index ce0e158e664b..eab0499a2cbf 100644 --- a/security/seahorse/Makefile +++ b/security/seahorse/Makefile @@ -8,7 +8,7 @@ PORTNAME= seahorse PORTVERSION= 0.8.2 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_GNOME} MASTER_SITE_SUBDIR=sources/${PORTNAME}/0.8 @@ -17,7 +17,7 @@ DIST_SUBDIR= gnome2 MAINTAINER= gnome@FreeBSD.org COMMENT= A front end for GnuPG -BUILD_DEPENDS= gpg:${PORTSDIR}/security/gnupg +BUILD_DEPENDS= gpg:${PORTSDIR}/security/gnupg1 RUN_DEPENDS= ${BUILD_DEPENDS} LIB_DEPENDS= gpgme.17:${PORTSDIR}/security/gpgme diff --git a/security/sguil-client/Makefile b/security/sguil-client/Makefile index 3cbace35940c..57ce339ab830 100644 --- a/security/sguil-client/Makefile +++ b/security/sguil-client/Makefile @@ -7,6 +7,7 @@ PORTNAME= sguil-client PORTVERSION= 0.6.1 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} MASTER_SITE_SUBDIR= sguil @@ -15,7 +16,7 @@ MAINTAINER= pauls@utdallas.edu COMMENT= Sguil is a network security monitoring program RUN_DEPENDS= dtplite:${PORTSDIR}/devel/tcllib \ - gpg:${PORTSDIR}/security/gnupg \ + gpg:${PORTSDIR}/security/gnupg1 \ ${LOCALBASE}/lib/tclx8.4/tclx.tcl:${PORTSDIR}/lang/tclX \ ${LOCALBASE}/lib/iwidgets/iwidgets.tcl:${PORTSDIR}/x11-toolkits/iwidgets diff --git a/security/signing-party/Makefile b/security/signing-party/Makefile index 5c4bea10095f..02e29dd4259c 100644 --- a/security/signing-party/Makefile +++ b/security/signing-party/Makefile @@ -7,6 +7,7 @@ PORTNAME= signing-party PORTVERSION= 0.4.9.1 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_DEBIAN} MASTER_SITE_SUBDIR= pool/main/s/signing-party @@ -20,7 +21,7 @@ PATCH_DIST_STRIP= -p1 MAINTAINER= johans@stack.nl COMMENT= Various OpenPGP related tools -RUN_DEPENDS= gpg:${PORTSDIR}/security/gnupg \ +RUN_DEPENDS= gpg:${PORTSDIR}/security/gnupg1 \ ${SITE_PERL}/GnuPG/Interface.pm:${PORTSDIR}/security/p5-GnuPG-Interface \ ${SITE_PERL}/Mail/Util.pm:${PORTSDIR}/mail/p5-Mail-Tools \ ${SITE_PERL}/MIME/Tools.pm:${PORTSDIR}/mail/p5-MIME-Tools \ |