added gnupg-1.x compatibility symlinks to gnupg-2.x, removed gnupg2 attr

svn path=/nixpkgs/branches/stdenv-updates/; revision=10746

6 files changed, 54 insertions, 38 deletions

diff --git a/pkgs/development/libraries/gpgme/default.nix b/pkgs/development/libraries/gpgme/default.nix
index 64f1a746b03..09ffde4512a 100644
--- a/pkgs/development/libraries/gpgme/default.nix
+++ b/pkgs/development/libraries/gpgme/default.nix
@@ -6,5 +6,5 @@ stdenv.mkDerivation {
     url = ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-1.1.4.tar.bz2;
     sha256 = "0ncrv7p33rjq1avkxpp9x0gz6wna9y3b3dmw6nv366n5mgvxmpg8";
   };
-  buildInputs = [libgpgerror gnupg gnupg2 pkgconfig glib pth];
+  buildInputs = [libgpgerror gnupg pkgconfig glib pth];
 }
diff --git a/pkgs/tools/security/gnupg/default.nix b/pkgs/tools/security/gnupg/1.4.8.nix
index 16c86fbe804..d712f8da84a 100644
--- a/pkgs/tools/security/gnupg/default.nix
+++ b/pkgs/tools/security/gnupg/1.4.8.nix
@@ -1,23 +1,20 @@
-{
-  # Support for the IDEA cipher (used by the old PGP) should only be
-  # enabled if it is legal for you to do so.
-  ideaSupport ? false
-  
-, stdenv, fetchurl, readline
-}:
+args: with args;
 
-stdenv.mkDerivation {
-  name = "gnupg-1.4.8";
-  builder = ./builder.sh;
+let
+  idea = fetchurl {
+    url = http://nix.cs.uu.nl/dist/tarballs/idea.c.gz;
+    md5 = "9dc3bc086824a8c7a331f35e09a3e57f";
+  } else null;
+in
+
+stdenv.mkDerivation rec {
+  name = "gnupg-" + version;
   src = fetchurl {
-    url = ftp://ftp.cert.dfn.de/pub/tools/crypt/gcrypt/gnupg/gnupg-1.4.8.tar.bz2;
+    url = "ftp://ftp.cert.dfn.de/pub/tools/crypt/gcrypt/gnupg/${name}.tar.bz2";
     sha256 = "0v009vqpa4l9zwhcaaagz5sx65fjp8g0alsf8kac5s5gvrs2b78i";
   };
   buildInputs = [readline];
-  idea = if ideaSupport then fetchurl {
-    url = http://nix.cs.uu.nl/dist/tarballs/idea.c.gz;
-    md5 = "9dc3bc086824a8c7a331f35e09a3e57f";
-  } else null;
+  preConfigure = if ideaSupport then "gunzip < ${idea} > ./cipher/idea.c" else "";
 
   meta = {
     description = "A free implementation of the OpenPGP standard for encrypting and signing data";
diff --git a/pkgs/tools/security/gnupg2/default.nix b/pkgs/tools/security/gnupg/2.0.8.nix
index f6e22bec51d..05022e53c30 100644
--- a/pkgs/tools/security/gnupg2/default.nix
+++ b/pkgs/tools/security/gnupg/2.0.8.nix
@@ -1,16 +1,23 @@
 args: with args;
-stdenv.mkDerivation {
-  name = "gnupg-2.0.8";
+
+stdenv.mkDerivation rec {
+  name = "gnupg-" + version;
+
   src = fetchurl {
-    url = ftp://ftp.cert.dfn.de/pub/tools/crypt/gcrypt/gnupg/gnupg-2.0.8.tar.bz2;
+    url = "ftp://ftp.cert.dfn.de/pub/tools/crypt/gcrypt/gnupg/${name}.tar.bz2";
     sha256 = "04v9s92xph1hrhac49yyrgzdwjqshs2zawvjbi3jc2klwjpi1wqn";
   };
+
   buildInputs = [ readline openldap bzip2 zlib libgpgerror pth libgcrypt
     libassuan libksba libusb curl ];
 
+  postInstall = "ln -s gpg2 $out/bin/gpg; ln -s gpgv2 $out/bin/gpgv";
+
+  patches = ./idea.patch;
+
   meta = {
     description = "A free implementation of the OpenPGP standard for encrypting
-	and signing data, v2";
+    and signing data, v2";
     homepage = http://www.gnupg.org/;
   };
 }
diff --git a/pkgs/tools/security/gnupg/builder.sh b/pkgs/tools/security/gnupg/builder.sh
deleted file mode 100644
index c5545c7456c..00000000000
--- a/pkgs/tools/security/gnupg/builder.sh
+++ /dev/null
@@ -1,10 +0,0 @@
-source $stdenv/setup
-
-preConfigure=preConfigure
-preConfigure() {
-    if test -n "$idea"; then
-        gunzip < $idea > ./cipher/idea.c
-    fi
-}
-
-genericBuild
diff --git a/pkgs/tools/security/gnupg/idea.patch b/pkgs/tools/security/gnupg/idea.patch
new file mode 100644
index 00000000000..aa65cc9f7ac
--- /dev/null
+++ b/pkgs/tools/security/gnupg/idea.patch
@@ -0,0 +1,25 @@
+
+This is required in order to support IDEA encrypted keys
+using gnupg-1.4.X. The raw key has two bytes which are part
+of the checksum but not part of the key.
+
+This will not get into upstream as upstream does not wish to support
+IDEA at all even for backward compatibility.
+
+Signed-off-by: Alon Bar-Lev <alonbl@gentoo.org>
+
+diff -urNp gnupg-2.0.4.org/g10/seckey-cert.c gnupg-2.0.4/g10/seckey-cert.c
+--- gnupg-2.0.4.org/g10/seckey-cert.c	2006-11-21 10:26:13.000000000 +0200
++++ gnupg-2.0.4/g10/seckey-cert.c	2007-06-22 18:08:48.000000000 +0300
+@@ -211,6 +211,11 @@ do_check( PKT_secret_key *sk, const char
+                 csum += checksum (buffer, ndata);
+                 gcry_mpi_release (sk->skey[i]);
+ 
++		if (sk->protect.algo==CIPHER_ALGO_IDEA) {
++			buffer[0] = 0;
++			buffer[1] = 0;
++		}
++
+ 		err = gcry_mpi_scan( &sk->skey[i], GCRYMPI_FMT_USG,
+ 				     buffer, ndata, &ndata );
+ 		xfree (buffer);
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index de817774068..3c75c550743 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -512,14 +512,11 @@ rec {
     inherit fetchurl stdenv;
   });
 
-  gnupg = import ../tools/security/gnupg {
-    inherit fetchurl stdenv readline;
-    ideaSupport = getConfig [ "gnupg" "idea" ] false; # enable for IDEA crypto support
-  };
-
-  gnupg2 = import ../tools/security/gnupg2 {
+  gnupg = selectVersion ../tools/security/gnupg "2.0.8" {
 	  inherit fetchurl stdenv readline openldap bzip2 zlib libgpgerror pth
 	    libgcrypt libassuan libksba libusb curl;
+    # enable for IDEA crypto support in  gnupg 1.4.x
+    ideaSupport = getConfig [ "gnupg" "idea" ] false;
   };
 
   gnuplot = import ../tools/graphics/gnuplot {
@@ -2036,8 +2033,8 @@ rec {
   };
 
   gpgme = import ../development/libraries/gpgme {
-    inherit fetchurl stdenv libgpgerror pkgconfig pth gnupg gnupg2;
-	inherit (gtkLibs) glib;
+    inherit fetchurl stdenv libgpgerror pkgconfig pth gnupg;
+    inherit (gtkLibs) glib;
   };
 
   # gnu scientific library