File gpg2.spec of Package gpg2.12805

# spec file for package gpg2
# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via

Name:           gpg2
Version:        2.2.5
Release:        0
Summary:        File encryption, decryption, signature creation and verification utility
License:        GPL-3.0+
Group:          Productivity/Networking/Security
Source3:        %{name}.keyring
Source99:       %{name}.changes
Patch4:         gnupg-2.0.9-langinfo.patch
Patch5:         gnupg-2.0.18-files-are-digests.patch
Patch6:         gnupg-dont-fail-with-seahorse-agent.patch
Patch8:         gnupg-set_umask_before_open_outfile.patch
Patch9:         gnupg-detect_FIPS_mode.patch
Patch11:        gnupg-add_legacy_FIPS_mode_option.patch
Patch12:        gnupg-CVE-2018-9234.patch
Patch13:        gnupg-CVE-2018-12020.patch
# PATCH-FIX-UPSTREAM bsc#1120346 CVE-2018-1000858
Patch14:        gnupg-CRL-fetching-via-https.patch
Patch15:        gnupg-Allow-redirection-from-https-to-http-for-CRLs.patch
Patch16:        gnupg-CVE-2018-1000858.patch
# PATCH-FIX-OPENSUSE bsc#1124847
Patch17:        gnupg-gpg-agent-ulimit.patch
# FATCH-FIX-UPSTREAM bsc#1141093 CVE-2019-13050 denial of service attacks via big keys
Patch18:        gnupg-CVE-2019-13050_0_of_5.patch
Patch19:        gnupg-CVE-2019-13050_1_of_5.patch
Patch20:        gnupg-CVE-2019-13050_2_of_5.patch
Patch21:        gnupg-CVE-2019-13050_3_of_5.patch
Patch22:        gnupg-CVE-2019-13050_4_of_5.patch
Patch23:        gnupg-CVE-2019-13050_5_of_5.patch
BuildRequires:  expect
BuildRequires:  fdupes
BuildRequires:  libassuan-devel >= 2.5.0
BuildRequires:  libgcrypt-devel >= 1.7.0
BuildRequires:  libgpg-error-devel >= 1.24
BuildRequires:  libksba-devel >= 1.3.4
BuildRequires:  makeinfo
BuildRequires:  npth-devel >= 1.2
BuildRequires:  openldap2-devel
BuildRequires:  pkgconfig
BuildRequires:  readline-devel
BuildRequires:  pkgconfig(bzip2)
BuildRequires:  pkgconfig(gnutls) >= 3.0
BuildRequires:  pkgconfig(libcurl) >= 7.10
BuildRequires:  pkgconfig(libusb-1.0)
BuildRequires:  pkgconfig(sqlite3) >= 3.7
BuildRequires:  pkgconfig(zlib)
# Add an explicit runtime dependency to match boo#955982
Requires:       libassuan0 >= 2.4.3
# Explicit runtime depencency - runtime version check
Requires:       libgcrypt20 >= 1.7.0
Requires:       libksba >= 1.3.4
Requires:       pinentry
Requires(post): %{install_info_prereq}
Recommends:     %{name}-lang = %{version}
Obsoletes:      dirmngr < 2.1.0
Provides:       dirmngr = %{version}
Provides:       gnupg = %{version}
Provides:       gpg = 1.4.9
Provides:       newpg
# special feature needed for OBS signd
Provides:       gpg2_signd_support
Obsoletes:      gpg < 1.4.9

GnuPG is a hybrid-encryption software program; it uses a combination
of symmetric-key and public-key cryptography to encrypt/decrypt
messages and/or to sign and verify them.

gpg2 provides GPGSM, gpg-agent, and a keybox library.


%setup -q -n gnupg-%{version}
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch8 -p1
%patch9 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1
%patch16 -p1
%patch17 -p1
%patch18 -p1
%patch19 -p1
%patch20 -p1
%patch21 -p1
%patch22 -p1
%patch23 -p1

date=$(date -u +%%Y-%%m-%%dT%%H:%%M+0000 -r %{SOURCE99})
%configure \
    --libexecdir=%{_libdir} \
    --docdir=%{_docdir}/%{name} \
    --with-agent-pgm=%{_bindir}/gpg-agent \
    --with-pinentry-pgm=%{_bindir}/pinentry \
    --with-dirmngr-pgm=%{_bindir}/dirmngr \
    --with-scdaemon-pgm=%{_bindir}/scdaemon \
    --enable-ldap \
    --enable-gpgsm=yes \
    --enable-gpg \
    --enable-gpgtar \
    --enable-g13 \
    --enable-large-secmem \
    --enable-wks-tools \
    --with-gnu-ld \
    --with-default-trust-store-file=%{_sysconfdir}/ssl/ca-bundle.pem \
    --enable-build-timestamp=$date \
    --enable-gpg-is-gpg2 \

make %{?_smp_mflags}

mkdir -p %{buildroot}%{_sysconfdir}/gnupg/
# bnc#391347
install -m 644 doc/examples/gpgconf.conf %{buildroot}%{_sysconfdir}/gnupg
# delete to prevent fdupes from creating cross-partition hardlink
rm -rf %{buildroot}%{_docdir}/gpg2/examples/gpgconf.conf
rm %{buildroot}%{_infodir}/dir
# compat symlinks
ln -sf gpg2 %{buildroot}%{_bindir}/gpg
ln -sf gpgv2 %{buildroot}%{_bindir}/gpgv
ln -sf gpg2.1 %{buildroot}%{_mandir}/man1/gpg.1
ln -sf gpgv2.1 %{buildroot}%{_mandir}/man1/gpgv.1
# fix rpmlint invalid-lc-messages-dir:
rm -rf %{buildroot}/%{_datadir}/locale/en@{bold,}quot
# install scdaemon to %%{_bindir} (bnc#863645)
mv %{buildroot}%{_libdir}/scdaemon %{buildroot}%{_bindir}
mv %{buildroot}%{_libdir}/dirmngr_ldap %{buildroot}%{_bindir}
# install legacy tools
install -m 755 tools/gpg-zip %{buildroot}/%{_bindir}
# install -m 755 tools/gpgsplit %%{buildroot}/%%{_bindir}

%find_lang gnupg2
%fdupes -s %{buildroot}

# Run only localy, fails in OBS
#%%if ! 0%%{?qemu_user_space_build}
#make %%{?_smp_mflags} check

%install_info --info-dir=%{_infodir} %{_infodir}/

%install_info_delete --info-dir=%{_infodir} %{_infodir}/

%files lang -f gnupg2.lang

%license COPYING*
%doc %{_docdir}/%{name}
%dir %{_sysconfdir}/gnupg
%config(noreplace) %{_sysconfdir}/gnupg/gpgconf.conf

openSUSE Build Service is sponsored by