From fccc87668732b2e2e87f6c95a98166fef1676d78 Mon Sep 17 00:00:00 2001 From: Arti Zirk Date: Tue, 13 Nov 2018 16:16:43 +0200 Subject: [PATCH] First commit --- .SRCINFO | 45 +++++++++++++++++++++ .gitignore | 3 ++ PKGBUILD | 71 +++++++++++++++++++++++++++++++++ install | 41 +++++++++++++++++++ scdaemon_shared-access.patch | 76 ++++++++++++++++++++++++++++++++++++ 5 files changed, 236 insertions(+) create mode 100644 .SRCINFO create mode 100644 .gitignore create mode 100644 PKGBUILD create mode 100644 install create mode 100644 scdaemon_shared-access.patch diff --git a/.SRCINFO b/.SRCINFO new file mode 100644 index 0000000..fcdc661 --- /dev/null +++ b/.SRCINFO @@ -0,0 +1,45 @@ +pkgbase = gnupg-scdaemon-shared-access + pkgdesc = Complete and free implementation of the OpenPGP standard + pkgver = 2.2.11 + pkgrel = 1 + url = https://www.gnupg.org/ + install = install + arch = x86_64 + license = GPL + checkdepends = openssh + makedepends = libldap + makedepends = libusb-compat + makedepends = pcsclite + depends = npth + depends = libgpg-error + depends = libgcrypt + depends = libksba + depends = libassuan + depends = pinentry + depends = bzip2 + depends = readline + depends = gnutls + depends = sqlite + optdepends = libldap: gpg2keys_ldap + optdepends = libusb-compat: scdaemon + optdepends = pcsclite: scdaemon + provides = gnupg + provides = dirmngr + provides = gnupg=2.2.11 + provides = gnupg2=2.2.11 + conflicts = gnupg + conflicts = dirmngr + conflicts = gnupg2 + source = https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.11.tar.bz2 + source = https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.11.tar.bz2.sig + source = scdaemon_shared-access.patch + validpgpkeys = D8692123C4065DEA5E0F3AB5249B39D24F25E3B6 + validpgpkeys = 46CC730865BB5C78EBABADCF04376F3EE0856959 + validpgpkeys = 031EC2536E580D8EA286A9F22071B08A33BD3F06 + validpgpkeys = D238EA65D64C67ED4C3073F28A861B1C7EFD60D9 + sha256sums = 496c3e123ef53f35436ddccca58e82acaa901ca4e21174e77386c0cea0c49cd9 + sha256sums = SKIP + sha256sums = 877ca0b8abcb6d1263bf40f3e9aa66b754a9957943ae2de591dfa42a1b21b7cf + +pkgname = gnupg-scdaemon-shared-access + diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..40fa6d6 --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +pkg +src +*tar* diff --git a/PKGBUILD b/PKGBUILD new file mode 100644 index 0000000..95542c6 --- /dev/null +++ b/PKGBUILD @@ -0,0 +1,71 @@ +# Maintainer: Arti Zirk +# Contributor: Gaetan Bisson +# Contributor: Tobias Powalowski +# Contributor: Andreas Radke +# Contributor: Judd Vinet + +_pkgname=gnupg +pkgname=gnupg-scdaemon-shared-access +pkgver=2.2.11 +pkgrel=1 +pkgdesc='Complete and free implementation of the OpenPGP standard' +url='https://www.gnupg.org/' +license=('GPL') +arch=('x86_64') +checkdepends=('openssh') +makedepends=('libldap' 'libusb-compat' 'pcsclite') +depends=('npth' 'libgpg-error' 'libgcrypt' 'libksba' 'libassuan' + 'pinentry' 'bzip2' 'readline' 'gnutls' 'sqlite') +optdepends=('libldap: gpg2keys_ldap' + 'libusb-compat: scdaemon' + 'pcsclite: scdaemon') +validpgpkeys=('D8692123C4065DEA5E0F3AB5249B39D24F25E3B6' + '46CC730865BB5C78EBABADCF04376F3EE0856959' + '031EC2536E580D8EA286A9F22071B08A33BD3F06' + 'D238EA65D64C67ED4C3073F28A861B1C7EFD60D9') +source=("https://gnupg.org/ftp/gcrypt/${_pkgname}/${_pkgname}-${pkgver}.tar.bz2"{,.sig} + "scdaemon_shared-access.patch") +sha256sums=('496c3e123ef53f35436ddccca58e82acaa901ca4e21174e77386c0cea0c49cd9' + 'SKIP' + '877ca0b8abcb6d1263bf40f3e9aa66b754a9957943ae2de591dfa42a1b21b7cf') + +install=install + +conflicts=('gnupg' 'dirmngr' 'gnupg2') +provides=('gnupg' 'dirmngr' "gnupg=${pkgver}" "gnupg2=${pkgver}") + +prepare() { + cd "${srcdir}/${_pkgname}-${pkgver}" + sed '/noinst_SCRIPTS = gpg-zip/c sbin_SCRIPTS += gpg-zip' -i tools/Makefile.in + patch -p1 -t -N < "${srcdir}/scdaemon_shared-access.patch" +} + +build() { + cd "${srcdir}/${_pkgname}-${pkgver}" + ./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --sbindir=/usr/bin \ + --libexecdir=/usr/lib/gnupg \ + --enable-maintainer-mode \ + --enable-symcryptrun \ + + make +} + +check() { + cd "${srcdir}/${_pkgname}-${pkgver}" + make check +} + +package() { + cd "${srcdir}/${_pkgname}-${pkgver}" + make DESTDIR="${pkgdir}" install + ln -s gpg "${pkgdir}"/usr/bin/gpg2 + ln -s gpgv "${pkgdir}"/usr/bin/gpgv2 + + cd doc/examples/systemd-user + for i in *.*; do + install -Dm644 "$i" "${pkgdir}/usr/lib/systemd/user/$i" + done +} diff --git a/install b/install new file mode 100644 index 0000000..95cb351 --- /dev/null +++ b/install @@ -0,0 +1,41 @@ +_global_units() { + _units=(dirmngr.socket gpg-agent.socket gpg-agent-{browser,extra,ssh}.socket) + _dir=/etc/systemd/user/sockets.target.wants + + case $1 in + enable) + mkdir -p $_dir + for _u in "${_units[@]}"; do + ln -sf /usr/lib/systemd/user/$_u $_dir/$_u + done + ;; + disable) + for _u in "${_units[@]}"; do + rm -f $_dir/$_u + done + rmdir -p --ignore-fail-on-non-empty $_dir + ;; + esac +} + +post_install() { + # See FS#42798 and FS#47371 + dirmngr /dev/null + + # Let systemd supervise daemons by default + _global_units enable +} + +post_upgrade() { + if (( $(vercmp $2 2.1.13-1) < 0 )); then + echo "==> Please kill running gpg-agent and dirmngr processes before using this release." + fi + + if (( $(vercmp $2 2.1.21-3) < 0 )); then + _global_units enable + fi +} + +pre_remove() { + _global_units disable +} diff --git a/scdaemon_shared-access.patch b/scdaemon_shared-access.patch new file mode 100644 index 0000000..36e772b --- /dev/null +++ b/scdaemon_shared-access.patch @@ -0,0 +1,76 @@ +# Patch from GPGTools/MacGPG2 repo +# https://github.com/GPGTools/MacGPG2/blob/dev/patches/gnupg/scdaemon_shared-access.patch +# Add the option "shared-access" to scdaemon. +# If set, pcsc_connect is called with PCSC_SHARE_SHARED instead of PCSC_SHARE_EXCLUSIVE. + + +--- a/scd/apdu.c ++++ b/scd/apdu.c +@@ -793,7 +793,7 @@ connect_pcsc_card (int slot) + + err = pcsc_connect (reader_table[slot].pcsc.context, + reader_table[slot].rdrname, +- PCSC_SHARE_EXCLUSIVE, ++ opt.shared_access ? PCSC_SHARE_SHARED : PCSC_SHARE_EXCLUSIVE, + PCSC_PROTOCOL_T0|PCSC_PROTOCOL_T1, + &reader_table[slot].pcsc.card, + &reader_table[slot].pcsc.protocol); +--- a/scd/scdaemon.c ++++ b/scd/scdaemon.c +@@ -99,6 +99,7 @@ enum cmd_and_opt_values + oDenyAdmin, + oDisableApplication, + oEnablePinpadVarlen, ++ oSharedAccess, + oListenBacklog + }; + +@@ -157,6 +158,8 @@ static ARGPARSE_OPTS opts[] = { + N_("use variable length input for pinpad")), + ARGPARSE_s_s (oHomedir, "homedir", "@"), + ++ ARGPARSE_s_n (oSharedAccess, "shared-access", N_("use PCSC_SHARE_SHARED for pcsc_connect")), ++ + ARGPARSE_end () + }; + +@@ -597,6 +598,8 @@ main (int argc, char **argv ) + + case oEnablePinpadVarlen: opt.enable_pinpad_varlen = 1; break; + ++ case oSharedAccess: opt.shared_access = 1; break; ++ + default: + pargs.err = configfp? ARGPARSE_PRINT_WARNING:ARGPARSE_PRINT_ERROR; + break; +@@ -695,6 +695,7 @@ main (int argc, char **argv ) + es_printf ("disable-pinpad:%lu:\n", GC_OPT_FLAG_NONE ); + es_printf ("card-timeout:%lu:%d:\n", GC_OPT_FLAG_DEFAULT, 0); + es_printf ("enable-pinpad-varlen:%lu:\n", GC_OPT_FLAG_NONE ); ++ es_printf ("shared-access:%lu:\n", GC_OPT_FLAG_NONE ); + + scd_exit (0); + } +--- a/scd/scdaemon.h ++++ b/scd/scdaemon.h +@@ -62,6 +62,8 @@ struct + strlist_t disabled_applications; /* Card applications we do not + want to use. */ + unsigned long card_timeout; /* Disconnect after N seconds of inactivity. */ ++ ++ int shared_access; + } opt; + + +--- a/tools/gpgconf-comp.c ++++ b/tools/gpgconf-comp.c +@@ -648,6 +648,9 @@ static gc_option_t gc_options_scdaemon[] = + { "card-timeout", GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME, GC_LEVEL_BASIC, + "gnupg", "|N|disconnect the card after N seconds of inactivity", + GC_ARG_TYPE_UINT32, GC_BACKEND_SCDAEMON }, ++ { "shared-access", GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME, GC_LEVEL_BASIC, ++ "gnupg", "use PCSC_SHARE_SHARED for pcsc_connect", ++ GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON }, + + { "Debug", + GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED,