New Package Request: GnuPG 2.2.20 for fixing UID issues with keys.openpgp.org

[dongsupark]

app-crypt/gnupg

At the moment, it is not always possible to receive GPG keys from keys.openpgp.org, if the key does not have UID.

$ gpg --keyserver keys.openpgp.org --receive-keys 84C8E771C0DF83DFBFCAAAF03ADA89DEC2507883
gpg: key E52F0DB391453C45: no user ID
gpg: Total number processed: 1

On the other hand, the original keyserver keys.gnupg.net works fine.

Its reason is, keys.openpgp.org does not provide keys without user ID. More info:
https://dev.gnupg.org/T4393
Long story short, to avoid such an issue, Debian developers wanted to patch GnuPG, but it was rejected by upstream GnuPG maintainers, it is not merged until today.

Flatcar still has gnupg 2.2.7, so we need to first update gnupg to 2.2.20, the latest version. On top of that, we need to backport third-party patches for fixing the UID issues, because upstream Gentoo does not have the patches.

See https://src.fedoraproject.org/rpms/gnupg2/pull-request/5 for example to see what other distros did workaround.

• Package upstream repo: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git

• Gentoo ebuild: https://github.com/gentoo/gentoo/tree/master/app-crypt/gnupg

• The package improves on the following core values:

  • Fix usability issues
  • Always up to date

It is recommended to first update gnupg in Alpha and Edge.

[dongsupark]

Filed PRs:

Alpha:

• app-crypt/gnupg: move gnupg to coreos-overlay for alpha flatcar-archive/portage-stable#73
• app-crypt/gnupg: add patches for accepting without UIDs for alpha flatcar-archive/coreos-overlay#381

Edge:

• app-crypt/gnupg: move gnupg to coreos-overlay for edge flatcar-archive/portage-stable#74
• app-crypt/gnupg: add patches for accepting without UIDs for edge flatcar-archive/coreos-overlay#382

[dongsupark]

Alpha and Beta already have gnupg 2.2.20.
Stable is pending.

[dongsupark]

Stable 2605.5.0 also has gnupg 2.2.20.
All done.