@ -0,0 +1,45 @@ | |||
pkgbase = gnupg-scdaemon-shared-access | |||
pkgdesc = Complete and free implementation of the OpenPGP standard | |||
pkgver = 2.2.11 | |||
pkgrel = 1 | |||
url = https://www.gnupg.org/ | |||
install = install | |||
arch = x86_64 | |||
license = GPL | |||
checkdepends = openssh | |||
makedepends = libldap | |||
makedepends = libusb-compat | |||
makedepends = pcsclite | |||
depends = npth | |||
depends = libgpg-error | |||
depends = libgcrypt | |||
depends = libksba | |||
depends = libassuan | |||
depends = pinentry | |||
depends = bzip2 | |||
depends = readline | |||
depends = gnutls | |||
depends = sqlite | |||
optdepends = libldap: gpg2keys_ldap | |||
optdepends = libusb-compat: scdaemon | |||
optdepends = pcsclite: scdaemon | |||
provides = gnupg | |||
provides = dirmngr | |||
provides = gnupg=2.2.11 | |||
provides = gnupg2=2.2.11 | |||
conflicts = gnupg | |||
conflicts = dirmngr | |||
conflicts = gnupg2 | |||
source = https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.11.tar.bz2 | |||
source = https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.11.tar.bz2.sig | |||
source = scdaemon_shared-access.patch | |||
validpgpkeys = D8692123C4065DEA5E0F3AB5249B39D24F25E3B6 | |||
validpgpkeys = 46CC730865BB5C78EBABADCF04376F3EE0856959 | |||
validpgpkeys = 031EC2536E580D8EA286A9F22071B08A33BD3F06 | |||
validpgpkeys = D238EA65D64C67ED4C3073F28A861B1C7EFD60D9 | |||
sha256sums = 496c3e123ef53f35436ddccca58e82acaa901ca4e21174e77386c0cea0c49cd9 | |||
sha256sums = SKIP | |||
sha256sums = 877ca0b8abcb6d1263bf40f3e9aa66b754a9957943ae2de591dfa42a1b21b7cf | |||
pkgname = gnupg-scdaemon-shared-access | |||
@ -0,0 +1,3 @@ | |||
pkg | |||
src | |||
*tar* |
@ -0,0 +1,71 @@ | |||
# Maintainer: Arti Zirk <arti.zirk@gmail.com> | |||
# Contributor: Gaetan Bisson <bisson@archlinux.org> | |||
# Contributor: Tobias Powalowski <tpowa@archlinux.org> | |||
# Contributor: Andreas Radke <andyrtr@archlinux.org> | |||
# Contributor: Judd Vinet <jvinet@zeroflux.org> | |||
_pkgname=gnupg | |||
pkgname=gnupg-scdaemon-shared-access | |||
pkgver=2.2.11 | |||
pkgrel=1 | |||
pkgdesc='Complete and free implementation of the OpenPGP standard' | |||
url='https://www.gnupg.org/' | |||
license=('GPL') | |||
arch=('x86_64') | |||
checkdepends=('openssh') | |||
makedepends=('libldap' 'libusb-compat' 'pcsclite') | |||
depends=('npth' 'libgpg-error' 'libgcrypt' 'libksba' 'libassuan' | |||
'pinentry' 'bzip2' 'readline' 'gnutls' 'sqlite') | |||
optdepends=('libldap: gpg2keys_ldap' | |||
'libusb-compat: scdaemon' | |||
'pcsclite: scdaemon') | |||
validpgpkeys=('D8692123C4065DEA5E0F3AB5249B39D24F25E3B6' | |||
'46CC730865BB5C78EBABADCF04376F3EE0856959' | |||
'031EC2536E580D8EA286A9F22071B08A33BD3F06' | |||
'D238EA65D64C67ED4C3073F28A861B1C7EFD60D9') | |||
source=("https://gnupg.org/ftp/gcrypt/${_pkgname}/${_pkgname}-${pkgver}.tar.bz2"{,.sig} | |||
"scdaemon_shared-access.patch") | |||
sha256sums=('496c3e123ef53f35436ddccca58e82acaa901ca4e21174e77386c0cea0c49cd9' | |||
'SKIP' | |||
'877ca0b8abcb6d1263bf40f3e9aa66b754a9957943ae2de591dfa42a1b21b7cf') | |||
install=install | |||
conflicts=('gnupg' 'dirmngr' 'gnupg2') | |||
provides=('gnupg' 'dirmngr' "gnupg=${pkgver}" "gnupg2=${pkgver}") | |||
prepare() { | |||
cd "${srcdir}/${_pkgname}-${pkgver}" | |||
sed '/noinst_SCRIPTS = gpg-zip/c sbin_SCRIPTS += gpg-zip' -i tools/Makefile.in | |||
patch -p1 -t -N < "${srcdir}/scdaemon_shared-access.patch" | |||
} | |||
build() { | |||
cd "${srcdir}/${_pkgname}-${pkgver}" | |||
./configure \ | |||
--prefix=/usr \ | |||
--sysconfdir=/etc \ | |||
--sbindir=/usr/bin \ | |||
--libexecdir=/usr/lib/gnupg \ | |||
--enable-maintainer-mode \ | |||
--enable-symcryptrun \ | |||
make | |||
} | |||
check() { | |||
cd "${srcdir}/${_pkgname}-${pkgver}" | |||
make check | |||
} | |||
package() { | |||
cd "${srcdir}/${_pkgname}-${pkgver}" | |||
make DESTDIR="${pkgdir}" install | |||
ln -s gpg "${pkgdir}"/usr/bin/gpg2 | |||
ln -s gpgv "${pkgdir}"/usr/bin/gpgv2 | |||
cd doc/examples/systemd-user | |||
for i in *.*; do | |||
install -Dm644 "$i" "${pkgdir}/usr/lib/systemd/user/$i" | |||
done | |||
} |
@ -0,0 +1,41 @@ | |||
_global_units() { | |||
_units=(dirmngr.socket gpg-agent.socket gpg-agent-{browser,extra,ssh}.socket) | |||
_dir=/etc/systemd/user/sockets.target.wants | |||
case $1 in | |||
enable) | |||
mkdir -p $_dir | |||
for _u in "${_units[@]}"; do | |||
ln -sf /usr/lib/systemd/user/$_u $_dir/$_u | |||
done | |||
;; | |||
disable) | |||
for _u in "${_units[@]}"; do | |||
rm -f $_dir/$_u | |||
done | |||
rmdir -p --ignore-fail-on-non-empty $_dir | |||
;; | |||
esac | |||
} | |||
post_install() { | |||
# See FS#42798 and FS#47371 | |||
dirmngr </dev/null &>/dev/null | |||
# Let systemd supervise daemons by default | |||
_global_units enable | |||
} | |||
post_upgrade() { | |||
if (( $(vercmp $2 2.1.13-1) < 0 )); then | |||
echo "==> Please kill running gpg-agent and dirmngr processes before using this release." | |||
fi | |||
if (( $(vercmp $2 2.1.21-3) < 0 )); then | |||
_global_units enable | |||
fi | |||
} | |||
pre_remove() { | |||
_global_units disable | |||
} |
@ -0,0 +1,76 @@ | |||
# Patch from GPGTools/MacGPG2 repo | |||
# https://github.com/GPGTools/MacGPG2/blob/dev/patches/gnupg/scdaemon_shared-access.patch | |||
# Add the option "shared-access" to scdaemon. | |||
# If set, pcsc_connect is called with PCSC_SHARE_SHARED instead of PCSC_SHARE_EXCLUSIVE. | |||
--- a/scd/apdu.c | |||
+++ b/scd/apdu.c | |||
@@ -793,7 +793,7 @@ connect_pcsc_card (int slot) | |||
err = pcsc_connect (reader_table[slot].pcsc.context, | |||
reader_table[slot].rdrname, | |||
- PCSC_SHARE_EXCLUSIVE, | |||
+ opt.shared_access ? PCSC_SHARE_SHARED : PCSC_SHARE_EXCLUSIVE, | |||
PCSC_PROTOCOL_T0|PCSC_PROTOCOL_T1, | |||
&reader_table[slot].pcsc.card, | |||
&reader_table[slot].pcsc.protocol); | |||
--- a/scd/scdaemon.c | |||
+++ b/scd/scdaemon.c | |||
@@ -99,6 +99,7 @@ enum cmd_and_opt_values | |||
oDenyAdmin, | |||
oDisableApplication, | |||
oEnablePinpadVarlen, | |||
+ oSharedAccess, | |||
oListenBacklog | |||
}; | |||
@@ -157,6 +158,8 @@ static ARGPARSE_OPTS opts[] = { | |||
N_("use variable length input for pinpad")), | |||
ARGPARSE_s_s (oHomedir, "homedir", "@"), | |||
+ ARGPARSE_s_n (oSharedAccess, "shared-access", N_("use PCSC_SHARE_SHARED for pcsc_connect")), | |||
+ | |||
ARGPARSE_end () | |||
}; | |||
@@ -597,6 +598,8 @@ main (int argc, char **argv ) | |||
case oEnablePinpadVarlen: opt.enable_pinpad_varlen = 1; break; | |||
+ case oSharedAccess: opt.shared_access = 1; break; | |||
+ | |||
default: | |||
pargs.err = configfp? ARGPARSE_PRINT_WARNING:ARGPARSE_PRINT_ERROR; | |||
break; | |||
@@ -695,6 +695,7 @@ main (int argc, char **argv ) | |||
es_printf ("disable-pinpad:%lu:\n", GC_OPT_FLAG_NONE ); | |||
es_printf ("card-timeout:%lu:%d:\n", GC_OPT_FLAG_DEFAULT, 0); | |||
es_printf ("enable-pinpad-varlen:%lu:\n", GC_OPT_FLAG_NONE ); | |||
+ es_printf ("shared-access:%lu:\n", GC_OPT_FLAG_NONE ); | |||
scd_exit (0); | |||
} | |||
--- a/scd/scdaemon.h | |||
+++ b/scd/scdaemon.h | |||
@@ -62,6 +62,8 @@ struct | |||
strlist_t disabled_applications; /* Card applications we do not | |||
want to use. */ | |||
unsigned long card_timeout; /* Disconnect after N seconds of inactivity. */ | |||
+ | |||
+ int shared_access; | |||
} opt; | |||
--- a/tools/gpgconf-comp.c | |||
+++ b/tools/gpgconf-comp.c | |||
@@ -648,6 +648,9 @@ static gc_option_t gc_options_scdaemon[] = | |||
{ "card-timeout", GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME, GC_LEVEL_BASIC, | |||
"gnupg", "|N|disconnect the card after N seconds of inactivity", | |||
GC_ARG_TYPE_UINT32, GC_BACKEND_SCDAEMON }, | |||
+ { "shared-access", GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME, GC_LEVEL_BASIC, | |||
+ "gnupg", "use PCSC_SHARE_SHARED for pcsc_connect", | |||
+ GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON }, | |||
{ "Debug", | |||
GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED, |