2
0

First commit

This commit is contained in:
Arti Zirk 2018-11-13 16:16:43 +02:00
commit fccc876687
5 changed files with 236 additions and 0 deletions

45
.SRCINFO Normal file
View File

@ -0,0 +1,45 @@
pkgbase = gnupg-scdaemon-shared-access
pkgdesc = Complete and free implementation of the OpenPGP standard
pkgver = 2.2.11
pkgrel = 1
url = https://www.gnupg.org/
install = install
arch = x86_64
license = GPL
checkdepends = openssh
makedepends = libldap
makedepends = libusb-compat
makedepends = pcsclite
depends = npth
depends = libgpg-error
depends = libgcrypt
depends = libksba
depends = libassuan
depends = pinentry
depends = bzip2
depends = readline
depends = gnutls
depends = sqlite
optdepends = libldap: gpg2keys_ldap
optdepends = libusb-compat: scdaemon
optdepends = pcsclite: scdaemon
provides = gnupg
provides = dirmngr
provides = gnupg=2.2.11
provides = gnupg2=2.2.11
conflicts = gnupg
conflicts = dirmngr
conflicts = gnupg2
source = https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.11.tar.bz2
source = https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.11.tar.bz2.sig
source = scdaemon_shared-access.patch
validpgpkeys = D8692123C4065DEA5E0F3AB5249B39D24F25E3B6
validpgpkeys = 46CC730865BB5C78EBABADCF04376F3EE0856959
validpgpkeys = 031EC2536E580D8EA286A9F22071B08A33BD3F06
validpgpkeys = D238EA65D64C67ED4C3073F28A861B1C7EFD60D9
sha256sums = 496c3e123ef53f35436ddccca58e82acaa901ca4e21174e77386c0cea0c49cd9
sha256sums = SKIP
sha256sums = 877ca0b8abcb6d1263bf40f3e9aa66b754a9957943ae2de591dfa42a1b21b7cf
pkgname = gnupg-scdaemon-shared-access

3
.gitignore vendored Normal file
View File

@ -0,0 +1,3 @@
pkg
src
*tar*

71
PKGBUILD Normal file
View File

@ -0,0 +1,71 @@
# Maintainer: Arti Zirk <arti.zirk@gmail.com>
# Contributor: Gaetan Bisson <bisson@archlinux.org>
# Contributor: Tobias Powalowski <tpowa@archlinux.org>
# Contributor: Andreas Radke <andyrtr@archlinux.org>
# Contributor: Judd Vinet <jvinet@zeroflux.org>
_pkgname=gnupg
pkgname=gnupg-scdaemon-shared-access
pkgver=2.2.11
pkgrel=1
pkgdesc='Complete and free implementation of the OpenPGP standard'
url='https://www.gnupg.org/'
license=('GPL')
arch=('x86_64')
checkdepends=('openssh')
makedepends=('libldap' 'libusb-compat' 'pcsclite')
depends=('npth' 'libgpg-error' 'libgcrypt' 'libksba' 'libassuan'
'pinentry' 'bzip2' 'readline' 'gnutls' 'sqlite')
optdepends=('libldap: gpg2keys_ldap'
'libusb-compat: scdaemon'
'pcsclite: scdaemon')
validpgpkeys=('D8692123C4065DEA5E0F3AB5249B39D24F25E3B6'
'46CC730865BB5C78EBABADCF04376F3EE0856959'
'031EC2536E580D8EA286A9F22071B08A33BD3F06'
'D238EA65D64C67ED4C3073F28A861B1C7EFD60D9')
source=("https://gnupg.org/ftp/gcrypt/${_pkgname}/${_pkgname}-${pkgver}.tar.bz2"{,.sig}
"scdaemon_shared-access.patch")
sha256sums=('496c3e123ef53f35436ddccca58e82acaa901ca4e21174e77386c0cea0c49cd9'
'SKIP'
'877ca0b8abcb6d1263bf40f3e9aa66b754a9957943ae2de591dfa42a1b21b7cf')
install=install
conflicts=('gnupg' 'dirmngr' 'gnupg2')
provides=('gnupg' 'dirmngr' "gnupg=${pkgver}" "gnupg2=${pkgver}")
prepare() {
cd "${srcdir}/${_pkgname}-${pkgver}"
sed '/noinst_SCRIPTS = gpg-zip/c sbin_SCRIPTS += gpg-zip' -i tools/Makefile.in
patch -p1 -t -N < "${srcdir}/scdaemon_shared-access.patch"
}
build() {
cd "${srcdir}/${_pkgname}-${pkgver}"
./configure \
--prefix=/usr \
--sysconfdir=/etc \
--sbindir=/usr/bin \
--libexecdir=/usr/lib/gnupg \
--enable-maintainer-mode \
--enable-symcryptrun \
make
}
check() {
cd "${srcdir}/${_pkgname}-${pkgver}"
make check
}
package() {
cd "${srcdir}/${_pkgname}-${pkgver}"
make DESTDIR="${pkgdir}" install
ln -s gpg "${pkgdir}"/usr/bin/gpg2
ln -s gpgv "${pkgdir}"/usr/bin/gpgv2
cd doc/examples/systemd-user
for i in *.*; do
install -Dm644 "$i" "${pkgdir}/usr/lib/systemd/user/$i"
done
}

41
install Normal file
View File

@ -0,0 +1,41 @@
_global_units() {
_units=(dirmngr.socket gpg-agent.socket gpg-agent-{browser,extra,ssh}.socket)
_dir=/etc/systemd/user/sockets.target.wants
case $1 in
enable)
mkdir -p $_dir
for _u in "${_units[@]}"; do
ln -sf /usr/lib/systemd/user/$_u $_dir/$_u
done
;;
disable)
for _u in "${_units[@]}"; do
rm -f $_dir/$_u
done
rmdir -p --ignore-fail-on-non-empty $_dir
;;
esac
}
post_install() {
# See FS#42798 and FS#47371
dirmngr </dev/null &>/dev/null
# Let systemd supervise daemons by default
_global_units enable
}
post_upgrade() {
if (( $(vercmp $2 2.1.13-1) < 0 )); then
echo "==> Please kill running gpg-agent and dirmngr processes before using this release."
fi
if (( $(vercmp $2 2.1.21-3) < 0 )); then
_global_units enable
fi
}
pre_remove() {
_global_units disable
}

View File

@ -0,0 +1,76 @@
# Patch from GPGTools/MacGPG2 repo
# https://github.com/GPGTools/MacGPG2/blob/dev/patches/gnupg/scdaemon_shared-access.patch
# Add the option "shared-access" to scdaemon.
# If set, pcsc_connect is called with PCSC_SHARE_SHARED instead of PCSC_SHARE_EXCLUSIVE.
--- a/scd/apdu.c
+++ b/scd/apdu.c
@@ -793,7 +793,7 @@ connect_pcsc_card (int slot)
err = pcsc_connect (reader_table[slot].pcsc.context,
reader_table[slot].rdrname,
- PCSC_SHARE_EXCLUSIVE,
+ opt.shared_access ? PCSC_SHARE_SHARED : PCSC_SHARE_EXCLUSIVE,
PCSC_PROTOCOL_T0|PCSC_PROTOCOL_T1,
&reader_table[slot].pcsc.card,
&reader_table[slot].pcsc.protocol);
--- a/scd/scdaemon.c
+++ b/scd/scdaemon.c
@@ -99,6 +99,7 @@ enum cmd_and_opt_values
oDenyAdmin,
oDisableApplication,
oEnablePinpadVarlen,
+ oSharedAccess,
oListenBacklog
};
@@ -157,6 +158,8 @@ static ARGPARSE_OPTS opts[] = {
N_("use variable length input for pinpad")),
ARGPARSE_s_s (oHomedir, "homedir", "@"),
+ ARGPARSE_s_n (oSharedAccess, "shared-access", N_("use PCSC_SHARE_SHARED for pcsc_connect")),
+
ARGPARSE_end ()
};
@@ -597,6 +598,8 @@ main (int argc, char **argv )
case oEnablePinpadVarlen: opt.enable_pinpad_varlen = 1; break;
+ case oSharedAccess: opt.shared_access = 1; break;
+
default:
pargs.err = configfp? ARGPARSE_PRINT_WARNING:ARGPARSE_PRINT_ERROR;
break;
@@ -695,6 +695,7 @@ main (int argc, char **argv )
es_printf ("disable-pinpad:%lu:\n", GC_OPT_FLAG_NONE );
es_printf ("card-timeout:%lu:%d:\n", GC_OPT_FLAG_DEFAULT, 0);
es_printf ("enable-pinpad-varlen:%lu:\n", GC_OPT_FLAG_NONE );
+ es_printf ("shared-access:%lu:\n", GC_OPT_FLAG_NONE );
scd_exit (0);
}
--- a/scd/scdaemon.h
+++ b/scd/scdaemon.h
@@ -62,6 +62,8 @@ struct
strlist_t disabled_applications; /* Card applications we do not
want to use. */
unsigned long card_timeout; /* Disconnect after N seconds of inactivity. */
+
+ int shared_access;
} opt;
--- a/tools/gpgconf-comp.c
+++ b/tools/gpgconf-comp.c
@@ -648,6 +648,9 @@ static gc_option_t gc_options_scdaemon[] =
{ "card-timeout", GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME, GC_LEVEL_BASIC,
"gnupg", "|N|disconnect the card after N seconds of inactivity",
GC_ARG_TYPE_UINT32, GC_BACKEND_SCDAEMON },
+ { "shared-access", GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME, GC_LEVEL_BASIC,
+ "gnupg", "use PCSC_SHARE_SHARED for pcsc_connect",
+ GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON },
{ "Debug",
GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,