svn path=/nixpkgs/branches/stdenv-updates/; revision=10746wip/yesman
parent
0b2d493521
commit
0aa0847307
@ -1,23 +1,20 @@ |
||||
{ |
||||
# Support for the IDEA cipher (used by the old PGP) should only be |
||||
# enabled if it is legal for you to do so. |
||||
ideaSupport ? false |
||||
|
||||
, stdenv, fetchurl, readline |
||||
}: |
||||
args: with args; |
||||
|
||||
stdenv.mkDerivation { |
||||
name = "gnupg-1.4.8"; |
||||
builder = ./builder.sh; |
||||
let |
||||
idea = fetchurl { |
||||
url = http://nix.cs.uu.nl/dist/tarballs/idea.c.gz; |
||||
md5 = "9dc3bc086824a8c7a331f35e09a3e57f"; |
||||
} else null; |
||||
in |
||||
|
||||
stdenv.mkDerivation rec { |
||||
name = "gnupg-" + version; |
||||
src = fetchurl { |
||||
url = ftp://ftp.cert.dfn.de/pub/tools/crypt/gcrypt/gnupg/gnupg-1.4.8.tar.bz2; |
||||
url = "ftp://ftp.cert.dfn.de/pub/tools/crypt/gcrypt/gnupg/${name}.tar.bz2"; |
||||
sha256 = "0v009vqpa4l9zwhcaaagz5sx65fjp8g0alsf8kac5s5gvrs2b78i"; |
||||
}; |
||||
buildInputs = [readline]; |
||||
idea = if ideaSupport then fetchurl { |
||||
url = http://nix.cs.uu.nl/dist/tarballs/idea.c.gz; |
||||
md5 = "9dc3bc086824a8c7a331f35e09a3e57f"; |
||||
} else null; |
||||
preConfigure = if ideaSupport then "gunzip < ${idea} > ./cipher/idea.c" else ""; |
||||
|
||||
meta = { |
||||
description = "A free implementation of the OpenPGP standard for encrypting and signing data"; |
@ -1,16 +1,23 @@ |
||||
args: with args; |
||||
stdenv.mkDerivation { |
||||
name = "gnupg-2.0.8"; |
||||
|
||||
stdenv.mkDerivation rec { |
||||
name = "gnupg-" + version; |
||||
|
||||
src = fetchurl { |
||||
url = ftp://ftp.cert.dfn.de/pub/tools/crypt/gcrypt/gnupg/gnupg-2.0.8.tar.bz2; |
||||
url = "ftp://ftp.cert.dfn.de/pub/tools/crypt/gcrypt/gnupg/${name}.tar.bz2"; |
||||
sha256 = "04v9s92xph1hrhac49yyrgzdwjqshs2zawvjbi3jc2klwjpi1wqn"; |
||||
}; |
||||
|
||||
buildInputs = [ readline openldap bzip2 zlib libgpgerror pth libgcrypt |
||||
libassuan libksba libusb curl ]; |
||||
|
||||
postInstall = "ln -s gpg2 $out/bin/gpg; ln -s gpgv2 $out/bin/gpgv"; |
||||
|
||||
patches = ./idea.patch; |
||||
|
||||
meta = { |
||||
description = "A free implementation of the OpenPGP standard for encrypting |
||||
and signing data, v2"; |
||||
and signing data, v2"; |
||||
homepage = http://www.gnupg.org/; |
||||
}; |
||||
} |
@ -1,10 +0,0 @@ |
||||
source $stdenv/setup |
||||
|
||||
preConfigure=preConfigure |
||||
preConfigure() { |
||||
if test -n "$idea"; then |
||||
gunzip < $idea > ./cipher/idea.c |
||||
fi |
||||
} |
||||
|
||||
genericBuild |
@ -0,0 +1,25 @@ |
||||
|
||||
This is required in order to support IDEA encrypted keys
|
||||
using gnupg-1.4.X. The raw key has two bytes which are part
|
||||
of the checksum but not part of the key.
|
||||
|
||||
This will not get into upstream as upstream does not wish to support
|
||||
IDEA at all even for backward compatibility.
|
||||
|
||||
Signed-off-by: Alon Bar-Lev <alonbl@gentoo.org>
|
||||
|
||||
diff -urNp gnupg-2.0.4.org/g10/seckey-cert.c gnupg-2.0.4/g10/seckey-cert.c
|
||||
--- gnupg-2.0.4.org/g10/seckey-cert.c 2006-11-21 10:26:13.000000000 +0200
|
||||
+++ gnupg-2.0.4/g10/seckey-cert.c 2007-06-22 18:08:48.000000000 +0300
|
||||
@@ -211,6 +211,11 @@ do_check( PKT_secret_key *sk, const char
|
||||
csum += checksum (buffer, ndata);
|
||||
gcry_mpi_release (sk->skey[i]);
|
||||
|
||||
+ if (sk->protect.algo==CIPHER_ALGO_IDEA) {
|
||||
+ buffer[0] = 0;
|
||||
+ buffer[1] = 0;
|
||||
+ }
|
||||
+
|
||||
err = gcry_mpi_scan( &sk->skey[i], GCRYMPI_FMT_USG,
|
||||
buffer, ndata, &ndata );
|
||||
xfree (buffer);
|
Loading…
Reference in new issue