6 files changed, 58 insertions, 1 deletions

diff --git a/security/Makefile b/security/Makefile
index fff5c54bd2a..6b7cf1c34f3 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.882 2022/11/29 05:59:16 adam Exp $
+# $NetBSD: Makefile,v 1.883 2022/12/05 21:57:57 nikita Exp $
 #
 
 COMMENT=	Security and cryptography tools and libraries
@@ -99,6 +99,7 @@ SUBDIR+=	flawfinder
 SUBDIR+=	fprint-demo
 SUBDIR+=	fsh
 SUBDIR+=	gcr
+SUBDIR+=	git-crypt
 SUBDIR+=	gnome-keyring
 SUBDIR+=	gnu-crypto
 SUBDIR+=	gnu-pw-mgr
diff --git a/security/git-crypt/DESCR b/security/git-crypt/DESCR
new file mode 100644
index 00000000000..88f3551f6f2
--- /dev/null
+++ b/security/git-crypt/DESCR
@@ -0,0 +1,9 @@
+git-crypt enables transparent encryption and decryption of files in a
+git repository.  Files which you choose to protect are encrypted when
+committed, and decrypted when checked out.  git-crypt lets you freely
+share a repository containing a mix of public and private content.
+git-crypt gracefully degrades, so developers without the secret key can
+still clone and commit to a repository with encrypted files.  This lets
+you store your secret material (such as keys or passwords) in the same
+repository as your code, without requiring you to lock down your entire
+repository.
diff --git a/security/git-crypt/Makefile b/security/git-crypt/Makefile
new file mode 100644
index 00000000000..5c40944a0ef
--- /dev/null
+++ b/security/git-crypt/Makefile
@@ -0,0 +1,20 @@
+# $NetBSD: Makefile,v 1.1 2022/12/05 21:57:58 nikita Exp $
+
+DISTNAME=	git-crypt-0.7.0
+CATEGORIES=	security
+MASTER_SITES=	https://www.agwa.name/projects/git-crypt/downloads/
+
+MAINTAINER=	pkgsrc-users@NetBSD.org
+HOMEPAGE=	https://www.agwa.name/projects/git-crypt/
+COMMENT=	Transparent file encryption in git
+LICENSE=	gnu-gpl-v3
+
+USE_LANGUAGES=	c++11
+
+SUBST_CLASSES+=			explicit_memset
+SUBST_STAGE.explicit_memset=	pre-configure
+SUBST_MESSAGE.explicit_memset=	Avoid conflicts with explicit_memset(3)
+SUBST_FILES.explicit_memset=	*.cpp *.hpp
+SUBST_SED.explicit_memset+=	-e 's,explicit_memset,gitcrypt_explicit_memset,g'
+
+.include "../../mk/bsd.pkg.mk"
diff --git a/security/git-crypt/PLIST b/security/git-crypt/PLIST
new file mode 100644
index 00000000000..25ea67785e2
--- /dev/null
+++ b/security/git-crypt/PLIST
@@ -0,0 +1,2 @@
+@comment $NetBSD: PLIST,v 1.1 2022/12/05 21:57:58 nikita Exp $
+bin/git-crypt
diff --git a/security/git-crypt/distinfo b/security/git-crypt/distinfo
new file mode 100644
index 00000000000..b08c65d6fe0
--- /dev/null
+++ b/security/git-crypt/distinfo
@@ -0,0 +1,6 @@
+$NetBSD: distinfo,v 1.1 2022/12/05 21:57:58 nikita Exp $
+
+BLAKE2s (git-crypt-0.7.0.tar.gz) = 742db2743dd7c5daea1658c8028a8024839151eb8a28bb545c6f5e12a5980208
+SHA512 (git-crypt-0.7.0.tar.gz) = 88eb730f0f0b4622c1a3ce64c62fa97a9a4da0716f4cce86fad8d700e2cb248dae8fc9e92996448564903564dbcddaa1f87201cf7ebc77144660f3044ae92904
+Size (git-crypt-0.7.0.tar.gz) = 57621 bytes
+SHA1 (patch-util.cpp) = ed9dee74f7e8d50f72670542323013d0a2d44464
diff --git a/security/git-crypt/patches/patch-util.cpp b/security/git-crypt/patches/patch-util.cpp
new file mode 100644
index 00000000000..1cb8420abc9
--- /dev/null
+++ b/security/git-crypt/patches/patch-util.cpp
@@ -0,0 +1,19 @@
+$NetBSD: patch-util.cpp,v 1.1 2022/12/05 21:57:58 nikita Exp $
+
+Keep the C++ streams synchronized to the standard C streams on NetBSD otherwise
+it is not possible to read via std::cin.
+
+XXX: Why?
+
+--- util.cpp.orig	2017-11-26 18:24:03.000000000 +0000
++++ util.cpp
+@@ -141,7 +141,9 @@ static void	init_std_streams_platform ()
+ void		init_std_streams ()
+ {
+ 	// The following two lines are essential for achieving good performance:
++#ifndef __NetBSD__
+ 	std::ios_base::sync_with_stdio(false);
++#endif
+ 	std::cin.tie(0);
+ 
+ 	std::cin.exceptions(std::ios_base::badbit);