Bug 195459 - security/gnupg missing TLS support after 2.1 update
Summary: security/gnupg missing TLS support after 2.1 update
Status: Closed DUPLICATE of bug 196301
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: Jun Kuriyama
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-11-27 23:36 UTC by Phil Pennock
Modified: 2014-12-27 17:01 UTC (History)
1 user (show)

See Also:
freebsd: maintainer-feedback? (kuriyama)


Attachments
patch gnupg port to enable TLS (1.73 KB, patch)
2014-11-27 23:36 UTC, Phil Pennock
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Phil Pennock 2014-11-27 23:36:54 UTC
Created attachment 149946 [details]
patch gnupg port to enable TLS

With the move of GnuPG to version 2.1, TLS support for key retrieval is no longer coming from libcurl, but instead from direct support in dirmngr.  The codebase supports two TLS provides, "Not Too Bad TLS" (ntbtls) from the GnuPG maintainers, and GnuTLS.

Currently the FreeBSD packaging of 2.1 constitutes a feature regression, as neither of these is enabled, so hkps:// keyserver URLs no longer work.

The attached patch adds a GNUTLS option to the port, sets it on by default, enables the use of pkg-config (so that the presence can be picked up) and adds a comment noting the alternative TLS provider option, suggesting that patches to support that in Ports are welcome -- slightly presumptuous of me, but I decided that it's easy enough to remove whatever of that new text is unwelcome.

I built the resulting port with Poudriere locally and I can now access hkps:// keyservers (after updating ~/.gnupg/dirmngr.conf to set trust anchors).

I took PORTREVISION to 3 because for me, 2 was when I had everything _except_ the USES flag fixed, so still wasn't working; I'm not familiar enough with ports policy to know whether this is okay, or if it will be set to 2 and it's on me to just force-downgrade locally.  No harm in asking for it to be 3.  :^)

Thanks,
-Phil
Comment 1 Bugzilla Automation freebsd_committer 2014-11-27 23:36:54 UTC
Auto-assigned to maintainer kuriyama@FreeBSD.org
Comment 2 Tijl Coosemans freebsd_committer 2014-12-27 17:01:05 UTC
Patch included in bug 196301

*** This bug has been marked as a duplicate of bug 196301 ***