From owner-freebsd-ports-bugs@FreeBSD.ORG Thu Nov 27 23:36:55 2014 Return-Path: Delivered-To: freebsd-ports-bugs@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 65D27685 for ; Thu, 27 Nov 2014 23:36:55 +0000 (UTC) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 32B80DE4 for ; Thu, 27 Nov 2014 23:36:55 +0000 (UTC) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.14.9/8.14.9) with ESMTP id sARNatxk004628 for ; Thu, 27 Nov 2014 23:36:55 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 195459] New: security/gnupg missing TLS support after 2.1 update Date: Thu, 27 Nov 2014 23:36:54 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports Tree X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: freebsd@phil.spodhuis.org X-Bugzilla-Status: New X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: kuriyama@FreeBSD.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: maintainer-feedback? X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter flagtypes.name attachments.created Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Nov 2014 23:36:55 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=195459 Bug ID: 195459 Summary: security/gnupg missing TLS support after 2.1 update Product: Ports Tree Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: Individual Port(s) Assignee: kuriyama@FreeBSD.org Reporter: freebsd@phil.spodhuis.org Assignee: kuriyama@FreeBSD.org Flags: maintainer-feedback?(kuriyama@FreeBSD.org) Created attachment 149946 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=149946&action=edit patch gnupg port to enable TLS With the move of GnuPG to version 2.1, TLS support for key retrieval is no longer coming from libcurl, but instead from direct support in dirmngr. The codebase supports two TLS provides, "Not Too Bad TLS" (ntbtls) from the GnuPG maintainers, and GnuTLS. Currently the FreeBSD packaging of 2.1 constitutes a feature regression, as neither of these is enabled, so hkps:// keyserver URLs no longer work. The attached patch adds a GNUTLS option to the port, sets it on by default, enables the use of pkg-config (so that the presence can be picked up) and adds a comment noting the alternative TLS provider option, suggesting that patches to support that in Ports are welcome -- slightly presumptuous of me, but I decided that it's easy enough to remove whatever of that new text is unwelcome. I built the resulting port with Poudriere locally and I can now access hkps:// keyservers (after updating ~/.gnupg/dirmngr.conf to set trust anchors). I took PORTREVISION to 3 because for me, 2 was when I had everything _except_ the USES flag fixed, so still wasn't working; I'm not familiar enough with ports policy to know whether this is okay, or if it will be set to 2 and it's on me to just force-downgrade locally. No harm in asking for it to be 3. :^) Thanks, -Phil --- Comment #1 from Bugzilla Automation --- Auto-assigned to maintainer kuriyama@FreeBSD.org -- You are receiving this mail because: You are the assignee for the bug.