I recently built and installed GnuPG and required libraries from scratch. What led me down that road was I wanted to update bash on my MacOS 14.7 (Sonoma) machine and needed to verify the download. All of this was done manually from the CLI using configure & make, not a package manager. I had to make two changes to get all the reqs to build, one was a three-line patch to fix environ not being created (I forget which package that was, maybe libgpg-error), and another was to add std=gnu98 to CFLAGS for libassuan to fix a duplicate symbol error. Other than those two changes, everything compiled and installed cleanly and the gpg binary mostly appears to work, but importing keys fails thusly:
$ gpg -v --import ./sign.asc gpg: enabled compatibility flags: gpg: pub rsa3072/BCEF7E294B092E28 2017-03-17 Andre Heinecke (Release Signing Key) dyld[58268]: missing symbol called Abort trap: 6 This happens with 2.5.1 and 2.4.5 when using a file as an arg, redirecting stdin, or c&p the contents of sign.asc directly. sign.asc is the ASCII contents of https://gnupg.org/signature_key.asc. I also tried with the .asc of the bash maintainer and got the same results. If I try to verify a .sig, I get this (I understand this is expected behavior, I’m just showing that the binary I built works in other use cases): $ gpg -dv gnupg-2.5.1.tar.bz2.sig gpg: enabled compatibility flags: gpg: assuming signed data in 'gnupg-2.5.1.tar.bz2' gpg: Signature made Thu Sep 12 05:51:57 2024 EDT gpg: using EDDSA key 6DAA6E64A76D2840571B4902528897B826403ADA gpg: Can't check signature: No public key gpg: Signature made Thu Sep 12 22:55:28 2024 EDT gpg: using EDDSA key AC8E115BF73E2D8D47FA9908E98E9B2D19C6C8BD gpg: Can't check signature: No public key
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
