From owner-freebsd-ports@freebsd.org  Sun Jan  7 15:57:15 2018
Return-Path: <owner-freebsd-ports@freebsd.org>
Delivered-To: freebsd-ports@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7C5A6E736A1
 for <freebsd-ports@mailman.ysv.freebsd.org>;
 Sun,  7 Jan 2018 15:57:15 +0000 (UTC) (envelope-from adamw@adamw.org)
Received: from apnoea.adamw.org (apnoea.adamw.org [104.225.5.94])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "apnoea.adamw.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id C1E536C1B0
 for <freebsd-ports@freebsd.org>; Sun,  7 Jan 2018 15:57:13 +0000 (UTC)
 (envelope-from adamw@adamw.org)
Received: by apnoea.adamw.org (OpenSMTPD) with ESMTPSA id 793ec0bd
 TLS version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO;
 Sun, 7 Jan 2018 08:57:05 -0700 (MST)
Content-Type: text/plain;
	charset=us-ascii;
	delsp=yes;
	format=flowed
Mime-Version: 1.0 (Mac OS X Mail 11.2 \(3445.5.20\))
Subject: Re: A note on updating security/gnupg20 -> gnupg
From: Adam Weinberger <adamw@adamw.org>
In-Reply-To: <20180107143333.GK1148@albert.catwhisker.org>
Date: Sun, 7 Jan 2018 08:57:04 -0700
Cc: freebsd-ports@freebsd.org
Content-Transfer-Encoding: 7bit
Message-Id: <23465A94-72E2-4298-B0F1-06CF0985CA12@adamw.org>
References: <20180107143333.GK1148@albert.catwhisker.org>
To: David Wolfskill <david@catwhisker.org>
X-Mailer: Apple Mail (2.3445.5.20)
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports/>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Jan 2018 15:57:15 -0000

> On 7 Jan, 2018, at 7:33, David Wolfskill <david@catwhisker.org> wrote:
>
> I had been using security/gnupg20 with mail/mutt, based on a
> misunderstanding on my part (back when the security/gnupg20 port was
> created).
>
> Now that security/gnupg20 has been expired and removed, I had motivation
> to look into the situation in more detail; I found that security/gnupg
> (now at 2.2.4) works fine with mail/mutt -- if I made a change (in
> ~/.muttrc) to the way gpg is invoked.  E.g., I changed:
>
> set pgp_decrypt_command="gpg2 --passphrase-fd 0 --no-verbose --batch  
> --output - %f"
>
> to
>
> pgp_decrypt_command="gpg2 %?p?--passphrase-fd 0 --pinentry-mode=loopback?  
> --no-verbose --batch --output - %f"
>
> The salient differences appear to be the insertion of "%?p?" before
> "--passphrase-fd 0" and the insertion of "--pinentry-mode=loopback?".
>
>
> The changes to ~/.muttrc appear to have been sufficient (in my case) for
> mutt to be able to use security/gnupg (vs. security/gnupg20) for
> encryption and decryption of PGP-compatible email messages.
>
>
> Finally, on the actual replacement: I did this on three systems; on two
> of those, I update ports via portmaster; on the other, I update them
> from a locally-built repository (via "pkg upgrade").
>
> For the systems using portmaster, "portmaster -o security/gnupg
> gnupg20-2.0.30_2" worked well.   (My thanks to Doug Barton and Stefan
> Esser!)
>
> When I ran "pkg upgrade" on the system I update that way, there was
> no indication that the status of security/gnupg* had changed since
> the previous update (one week ago -- shortly before the removal of
> security/gnupg20).  I ended up performing "pkg delete security/gnupg20",
> followed by "pkg install security/gnupg" -- which worked.  (I had
> previously updated the list of packages to build on my build machine,
> to replace security/gnupg20 by security/gnupg.)
>
> My concern about that last point is that if I were only updating ports
> via "pkg upgrade", I would not have known that security/gnupg20 no
> longer existed (well, unless I read the svn-ports-head list, or polled
> the svn log for ports/security/Makefile -- or some other
> similarly-unlikely activity for someone updating via packages only).
>
> Perhaps I'm overlooking something.
>
>
> In any case: If you use mutt with security/gnupg20 and migrate to
> security/gnupg, and find that you cannot decrypt encrypted messages any
> more, you should check your ~/.muttrc: you probably need to change the
> "gpg" (or "gpg2") invocations; in my experience, that is a necessary and
> sufficient change to make encryption and decryption work again.
>
> Peace,
> david

I can't speak much to the pkg upgrade process, but the switch should happen
pretty transparently.

As for the mutt invocation, I've added your muttrc line to ports/UPDATING.
I strongly recommend using security/gpgme instead unless you specifically
need gpg called in a nonstandard way.

# Adam


--
Adam Weinberger
adamw@adamw.org
http://www.adamw.org