# Maintainer: Alexey Pavlov <alexpux@gmail.com>

pkgname=gnupg
pkgver=2.4.9
pkgrel=1
pkgdesc='Complete and free implementation of the OpenPGP standard'
provides=('dirmngr' "gnupg2=${pkgver}")
url='https://gnupg.org/'
license=('GPL')
arch=('i686' 'x86_64')
msys2_changelog_url='https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=NEWS;hb=HEAD'
msys2_documentation_url='https://www.gnupg.org/documentation'
msys2_repository_url='https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git'
msys2_issue_tracker_url='https://dev.gnupg.org/maniphest'
msys2_pgp_keys_url='https://gnupg.org/signature_key.html'
msys2_references=(
  'cygwin: gnupg2'
  'cpe: cpe:/a:gnupg:gnupg'
)
makedepends=('gettext-devel'
             'libassuan-devel'
             'libbz2-devel'
             'libcurl-devel'
             'libgcrypt-devel'
             'libgnutls-devel'
             'libgpg-error-devel'
             'libiconv-devel'
             'libksba-devel'
             'libnettle-devel'
             'libnpth-devel'
             'libp11-kit-devel'
             'libreadline-devel'
             'libsqlite-devel'
             'libtasn1-devel'
             'libunistring-devel'
             'gcc'
             'nettle'
             'tar'
             'autotools'
             'zlib-devel')
optdepends=('curl: gpg2keys_curl')
depends=('bzip2'
         'libassuan'
         'libbz2'
         'libcurl'
         'libgcrypt'
         'libgpg-error'
         'libgnutls'
         'libiconv'
         'libintl'
         'libksba'
         'libnpth'
         'libreadline'
         'libsqlite'
         'nettle'
         'pinentry'
         'zlib'
        )
source=("https://gnupg.org/ftp/gcrypt/${pkgname}/${pkgname}-${pkgver}.tar.bz2"{,.sig}
        '0001-gnupg-2.2.8-msys2.patch'
        gnupg-2.4-avoid_beta_warning.patch
        # patches maintained by freepg project: https://gitlab.com/freepg/gnupg/-/commits/gnupg-2.4.8-freepg
        0001-gpg-accept-subkeys-with-a-good-revocation-but-no-sel.patch
        0002-gpg-allow-import-of-previously-known-keys-even-witho.patch
        0003-tests-add-test-cases-for-import-without-uid.patch
        0004-gpg-drop-import-clean-from-default-keyserver-import-.patch
        0005-avoid-systemd-deprecation-warning.patch
        0006-Add-systemd-support-for-keyboxd.patch
        0007-Ship-sample-systemd-unit-files.patch
        0008-gpg-default-El-Gamal-to-3072-bit-keys.patch
        0009-gpg-Always-support-and-default-to-using-SHA-512.patch
        0010-gpg-Prefer-SHA-512-and-SHA-384-in-personal-digest-pr.patch
        0012-Disallow-compressed-signatures-and-certificates.patch
        0011-Avoid-simple-memory-dumps-via-ptrace.patch
        0013-ssh-agent-emulation-under-systemd-inject-SSH_AUTH_SO.patch
        0014-gpg-Sync-compliance-mode-cleanup-with-master.patch
        0015-gpg-emit-RSA-pubkey-algorithm-when-in-compatibility-.patch
        0016-gpg-Reintroduce-openpgp-as-distinct-from-rfc4880.patch
        0017-gpg-Emit-LibrePGP-material-only-in-compliance-gnupg.patch
        0018-gpg-gpgconf-list-report-actual-compliance-mode.patch
        0019-gpg-Default-to-compliance-openpgp.patch
        0020-gpg-Fix-newlines-in-Cleartext-Signature-Framework-CS.patch
        0021-Add-keyboxd-systemd-support.patch
        0022-Support-large-RSA-keygen-in-non-batch-mode.patch
        0023-gpg-Verify-Text-mode-Signatures-over-binary-Literal-.patch
        0024-gpg-Do-not-use-a-default-when-asking-for-another-out.patch)
sha256sums=('dd17ab2e9a04fd79d39d853f599cbc852062ddb9ab52a4ddeb4176fd8b302964'
            'SKIP'
            '902563c91c72ed9222343de3482f4ca7b141775235625af5ad790f3d86419370'
            '243c3a79295519b3931f9d846cf2af5caa064a78de812ee336dc786c1567b4d0'
            '28ab30a6d4318db5fd43e0023dff4c1e14b52dc0d1a61e0f2fc2de580a5c2ed4'
            'af0dc5a99b692f702c1394939aced1b395074cfb77e85abc1d43427189c18d0b'
            '1ec1f49b7a268e632025ef8e19ba2ad9eddec8422e82fdff6c538166729b5383'
            'c7c2f274843ef4d2fedf8e2e11b3d48c12068763f382ee109f8f891bb77882e3'
            '1dafb121d03722b20ab11890c6fc21f3e17130ca7671ae1832e6c08fa79bfdd7'
            '66aeae7536a9ac665b4ffd4a5a8139c9f5d0937c0a36bdc2be1a78618d6778a8'
            'a6666def2d2d097466b06588c11f8284356427fc97a221a931c1660d6bfdd995'
            '6d394da4bed0775e4be2b491afefa12a6fd0c1aa728ffbab84478d81c82413db'
            'ee26d07ccbc3de76f864e0a1b2abc08a099a870325608a3f3d6bf27c48ee5e52'
            'c49eab41a56f51d95c874eaaf84fe8a813960063eee1b5d306ea3bc79bc3376e'
            '0bba286b75af29767a399ac42de7063d188a1c6ee1e7bb98156618b58561c8d0'
            '8bac80ddcfbd3462b308c8fcab285f38e321612723f63d176a8c7cba4c094400'
            'e661cbe070cc532fb4f030b3f7212b837b600202b8e87d5e8e6e07719f762438'
            '05650d9b8821f24ab24d6bf0e8b548015c8682dd3426a664e62b7d257fb1a1ca'
            '0ab309c49275b1752d8a9357e3aa99d0ce390cea719352459ba15f0ba7ad36cd'
            'd6e18412d04bb7a3c5c67ee0b58dec10d99ad7bed088d79a90087207bd42f918'
            '6933f46233134c20a9b2b157228075bd1e1dd7ff5dc4827fe69b6b1950f0e9f8'
            '1cede22601b8889a9c03b074a3672119ffd22584c7ad41fa770680bcfbf8f6f8'
            '94ca8efe9772985114bcffe3ca9518b414db5ee9e3336d61167f4f0481192a72'
            '843f5d2f0de250a594dd1be50aecd5dd0e86aae87bb0a12b043251beb7b0fcfd'
            '8a7737be5bc092b5034ca91a213946b1a3af0ff2c083b829eba751f0e4d1ad1f'
            'b81fd496950e26908cf6c2c2d91c80a486866180aef1432efdd244dfa3c76fc2'
            '741bb77575765aac6728f12b2ba83ded281ae5a591cc531054fe29a0b691e7f2'
            'a4fe401b274d22bbbea8c48caf40cee8e0a361b1bdb94019803120b4a9feeecd')
validpgpkeys=(
  '5B80C5754298F0CB55D8ED6ABCEF7E294B092E28' # Andre Heinecke (Release Signing Key)
  '6DAA6E64A76D2840571B4902528897B826403ADA' # Werner Koch (dist signing 2020)
  'AC8E115BF73E2D8D47FA9908E98E9B2D19C6C8BD' # Niibe Yutaka (GnuPG Release Key)
  '02F38DFF731FF97CB039A1DA549E695E905BA208' # GnuPG.com (Release Signing Key 2021)
)
install=${pkgname}.install

prepare() {
  cd "${srcdir}/${pkgname}-${pkgver}"

  # MSYS2 patches
  patch -p1 -i ${srcdir}/0001-gnupg-2.2.8-msys2.patch

  # Arch Linux/freepg patches
  patch -p1 -i ${srcdir}/gnupg-2.4-avoid_beta_warning.patch
  patch -p1 -i ${srcdir}/0001-gpg-accept-subkeys-with-a-good-revocation-but-no-sel.patch
  patch -p1 -i ${srcdir}/0002-gpg-allow-import-of-previously-known-keys-even-witho.patch
  patch -p1 -i ${srcdir}/0003-tests-add-test-cases-for-import-without-uid.patch
  patch -p1 -i ${srcdir}/0004-gpg-drop-import-clean-from-default-keyserver-import-.patch
  patch -p1 -i ${srcdir}/0005-avoid-systemd-deprecation-warning.patch
  patch -p1 -i ${srcdir}/0006-Add-systemd-support-for-keyboxd.patch
  patch -p1 -i ${srcdir}/0007-Ship-sample-systemd-unit-files.patch
  patch -p1 -i ${srcdir}/0008-gpg-default-El-Gamal-to-3072-bit-keys.patch
  patch -p1 -i ${srcdir}/0009-gpg-Always-support-and-default-to-using-SHA-512.patch
  patch -p1 -i ${srcdir}/0010-gpg-Prefer-SHA-512-and-SHA-384-in-personal-digest-pr.patch
  patch -p1 -i ${srcdir}/0012-Disallow-compressed-signatures-and-certificates.patch
  patch -p1 -i ${srcdir}/0011-Avoid-simple-memory-dumps-via-ptrace.patch
  patch -p1 -i ${srcdir}/0013-ssh-agent-emulation-under-systemd-inject-SSH_AUTH_SO.patch
  patch -p1 -i ${srcdir}/0014-gpg-Sync-compliance-mode-cleanup-with-master.patch
  patch -p1 -i ${srcdir}/0015-gpg-emit-RSA-pubkey-algorithm-when-in-compatibility-.patch
  patch -p1 -i ${srcdir}/0016-gpg-Reintroduce-openpgp-as-distinct-from-rfc4880.patch
  patch -p1 -i ${srcdir}/0017-gpg-Emit-LibrePGP-material-only-in-compliance-gnupg.patch
  patch -p1 -i ${srcdir}/0018-gpg-gpgconf-list-report-actual-compliance-mode.patch
  patch -p1 -i ${srcdir}/0019-gpg-Default-to-compliance-openpgp.patch
  patch -p1 -i ${srcdir}/0020-gpg-Fix-newlines-in-Cleartext-Signature-Framework-CS.patch
  patch -p1 -i ${srcdir}/0021-Add-keyboxd-systemd-support.patch
  patch -p1 -i ${srcdir}/0022-Support-large-RSA-keygen-in-non-batch-mode.patch
  patch -p1 -i ${srcdir}/0023-gpg-Verify-Text-mode-Signatures-over-binary-Literal-.patch
  patch -p1 -i ${srcdir}/0024-gpg-Do-not-use-a-default-when-asking-for-another-out.patch

  ./autogen.sh --force
}

build() {
  cd "${srcdir}/${pkgname}-${pkgver}"

  ./configure \
    --build=${CHOST} \
    --prefix=/usr \
    --sysconfdir=/etc \
    --localstatedir=/var \
    --sbindir=/usr/bin \
    --libexecdir=/usr/lib/gnupg \
    --disable-libdns \
    --enable-large-secmem \
    --enable-maintainer-mode

  make
}

check() {
  cd "${srcdir}/${pkgname}-${pkgver}"
  make check
}

package() {
  cd "${srcdir}/${pkgname}-${pkgver}"
  make DESTDIR="${pkgdir}" install
}
