Since we have swap encryption on OpenBSD, only warn about insecure

memory if swap encryption is disabled. (It's enabled by default.)

This supersedes pkg/MESSAGE.

Regen patches with update-patches while I'm here. Bump PKGNAME.

idea and ok espie@

security/gnupg/Makefile

@@ -1,9 +1,9 @@
-# $OpenBSD: Makefile,v 1.53 2005/10/29 14:59:08 sturm Exp $
+# $OpenBSD: Makefile,v 1.54 2006/02/06 21:57:56 bernd Exp $
 
 COMMENT=	"GNU privacy guard - a free PGP replacement"
 
 DISTNAME=	gnupg-1.4.1
-PKGNAME=	${DISTNAME}p1
+PKGNAME=	${DISTNAME}p2
 CATEGORIES=	security
 
 MASTER_SITES=	ftp://ftp.gnupg.org/gcrypt/gnupg/ \

security/gnupg/patches/patch-cipher_Makefile_in

@@ -1,7 +1,7 @@
-$OpenBSD: patch-cipher_Makefile_in,v 1.1 2005/02/19 12:10:03 alek Exp $
---- cipher/Makefile.in.orig	Sat Feb 19 11:14:47 2005
-+++ cipher/Makefile.in	Sat Feb 19 11:14:54 2005
-@@ -261,7 +261,7 @@ sbindir = @sbindir@
+$OpenBSD: patch-cipher_Makefile_in,v 1.2 2006/02/06 21:57:56 bernd Exp $
+--- cipher/Makefile.in.orig	Tue Mar 15 16:52:21 2005
++++ cipher/Makefile.in	Mon Feb  6 16:04:35 2006
+@@ -271,7 +271,7 @@ sbindir = @sbindir@
  sharedstatedir = @sharedstatedir@
  sysconfdir = @sysconfdir@
  target_alias = @target_alias@

security/gnupg/patches/patch-doc_Makefile_in

@@ -1,7 +1,7 @@
-$OpenBSD: patch-doc_Makefile_in,v 1.1 2005/01/29 19:27:18 sturm Exp $
---- doc/Makefile.in.orig	Fri Jan 21 23:26:07 2005
-+++ doc/Makefile.in	Fri Jan 21 23:26:32 2005
-@@ -274,7 +274,7 @@ info_TEXINFOS = gpg.texi gpgv.texi
+$OpenBSD: patch-doc_Makefile_in,v 1.2 2006/02/06 21:57:56 bernd Exp $
+--- doc/Makefile.in.orig	Tue Mar 15 16:52:21 2005
++++ doc/Makefile.in	Mon Feb  6 16:04:35 2006
+@@ -284,7 +284,7 @@ info_TEXINFOS = gpg.texi gpgv.texi
  
  # Need this to avoid building of dvis with automake 1.4
  DVIS = 

security/gnupg/patches/patch-g10_Makefile_in

@@ -1,7 +1,7 @@
-$OpenBSD: patch-g10_Makefile_in,v 1.1 2005/02/19 12:10:03 alek Exp $
---- g10/Makefile.in.orig	Sat Feb 19 11:15:25 2005
-+++ g10/Makefile.in	Sat Feb 19 11:15:31 2005
-@@ -315,7 +315,7 @@ sbindir = @sbindir@
+$OpenBSD: patch-g10_Makefile_in,v 1.2 2006/02/06 21:57:56 bernd Exp $
+--- g10/Makefile.in.orig	Tue Mar 15 16:52:21 2005
++++ g10/Makefile.in	Mon Feb  6 16:04:35 2006
+@@ -325,7 +325,7 @@ sbindir = @sbindir@
  sharedstatedir = @sharedstatedir@
  sysconfdir = @sysconfdir@
  target_alias = @target_alias@

security/gnupg/patches/patch-keyserver_Makefile_in

@@ -1,7 +1,7 @@
-$OpenBSD: patch-keyserver_Makefile_in,v 1.1 2005/02/19 12:10:03 alek Exp $
---- keyserver/Makefile.in.orig	Sat Feb 19 11:15:45 2005
-+++ keyserver/Makefile.in	Sat Feb 19 11:15:51 2005
-@@ -278,7 +278,7 @@ sbindir = @sbindir@
+$OpenBSD: patch-keyserver_Makefile_in,v 1.2 2006/02/06 21:57:56 bernd Exp $
+--- keyserver/Makefile.in.orig	Tue Mar 15 16:52:21 2005
++++ keyserver/Makefile.in	Mon Feb  6 16:04:35 2006
+@@ -300,7 +300,7 @@ sbindir = @sbindir@
  sharedstatedir = @sharedstatedir@
  sysconfdir = @sysconfdir@
  target_alias = @target_alias@

security/gnupg/patches/patch-tools_Makefile_in

@@ -1,7 +1,7 @@
-$OpenBSD: patch-tools_Makefile_in,v 1.1 2005/02/19 12:10:03 alek Exp $
---- tools/Makefile.in.orig	Sat Feb 19 11:15:06 2005
-+++ tools/Makefile.in	Sat Feb 19 11:15:13 2005
-@@ -281,7 +281,7 @@ sharedstatedir = @sharedstatedir@
+$OpenBSD: patch-tools_Makefile_in,v 1.2 2006/02/06 21:57:56 bernd Exp $
+--- tools/Makefile.in.orig	Tue Mar 15 16:52:22 2005
++++ tools/Makefile.in	Mon Feb  6 16:04:35 2006
+@@ -292,7 +292,7 @@ sharedstatedir = @sharedstatedir@
  sysconfdir = @sysconfdir@
  target_alias = @target_alias@
  EXTRA_DIST = lspgpot ring-a-party mail-signed-keys convert-from-106

security/gnupg/patches/patch-util_Makefile_in

@@ -1,7 +1,7 @@
-$OpenBSD: patch-util_Makefile_in,v 1.1 2005/02/19 12:10:03 alek Exp $
---- util/Makefile.in.orig	Sat Feb 19 11:14:27 2005
-+++ util/Makefile.in	Sat Feb 19 11:14:34 2005
-@@ -260,7 +260,7 @@ sbindir = @sbindir@
+$OpenBSD: patch-util_Makefile_in,v 1.2 2006/02/06 21:57:56 bernd Exp $
+--- util/Makefile.in.orig	Tue Mar 15 16:52:22 2005
++++ util/Makefile.in	Mon Feb  6 16:04:35 2006
+@@ -270,7 +270,7 @@ sbindir = @sbindir@
  sharedstatedir = @sharedstatedir@
  sysconfdir = @sysconfdir@
  target_alias = @target_alias@

security/gnupg/patches/patch-util_secmem_c

@@ -0,0 +1,41 @@
+$OpenBSD: patch-util_secmem_c,v 1.1 2006/02/06 21:57:56 bernd Exp $
+--- util/secmem.c.orig	Thu Mar 10 10:42:06 2005
++++ util/secmem.c	Mon Feb  6 20:35:32 2006
+@@ -36,6 +36,9 @@
+ #include <sys/lock.h>
+ #endif
+ #endif
++#include <sys/param.h>
++#include <sys/sysctl.h>
++#include <uvm/uvm_swap_encrypt.h>
+ 
+ #include "types.h"
+ #include "memory.h"
+@@ -85,11 +88,23 @@ static int suspend_warning;
+ static void
+ print_warn(void)
+ {
+-  if (!no_warning)
++  int	 mib[3], swapencrypt = 0;
++  size_t len;
++
++  mib[0] = CTL_VM;
++  mib[1] = VM_SWAPENCRYPT;
++  mib[2] = SWPENC_ENABLE;
++
++  len = sizeof(swapencrypt);
++
++  if (sysctl(mib, 3, &swapencrypt, &len, NULL, 0) == -1)
++    log_info("WARNING: Can't receive vm.swapencrypt.enable sysctl value\n");
++
++  if (!no_warning && !swapencrypt)
+     {
+-      log_info(_("WARNING: using insecure memory!\n"));
+-      log_info(_("please see http://www.gnupg.org/faq.html"
+-		 " for more information\n"));
++      log_info("WARNING: Using insecure memory!\n");
++      log_info("Please enable swap encryption via"
++		 " 'sysctl vm.swapencrypt.enable=1'.\n");
+     }
+ }
+ 

security/gnupg/pkg/MESSAGE

@@ -1,7 +0,0 @@
-The manpage of GnuPG mentions the need for memory page locking.
-In fact this is not needed as OpenBSD enables swap file encryption
-by default.
-
-However you might want to get rid of the misleading 'using insecure
-memory' warning. Just put 'no-secmem-warning' into your ~/.gnupg/gpg.conf
-file or use gpg with the --no-secmem-warning switch.