Commit graph

32 commits

Author SHA1 Message Date
wiz
5dc23e94da Update to 1.0.5, provided by Mark White in private mail.
Some pkg related changes by me.
Changes since 1.0.4:
* WARNING: The semantics of --verify have changed to address a
  problem with detached signature detection. --verify now ignores
  signed material given on stdin unless this is requested by using
  a "-" as the name for the file with the signed material.  Please
  check all your detached signature handling applications and make
  sure that they don't pipe the signed material to stdin without
  using a filename together with "-" on the the command line.

* WARNING: Corrected hash calculation for input data larger than
  512M - it was just wrong, so you might notice bad signature in
  some very big files.  It may be wise to keep an old copy of
  GnuPG around.

* Secret keys are no longer imported unless you use the new option
  --allow-secret-key-import.  This is a kludge and future versions will
  handle it in another way.

* New command "showpref" in the --edit-key menu to show an easier
  to understand preference listing.

* There is now the notation of a primary user ID.  For example, it
  is printed with a signature verification as the first user ID;
  revoked user IDs are not printed there anymore.  In general the
  primary user ID is the one with the latest self-signature.

* New --charset=utf-8 to bypass all internal conversions.

* Large File Support (LFS) is now working.

* New options: --ignore-crc-error, --no-sig-create-check,
  --no-sig-cache, --fixed_list_mode, --no-expensive-trust-checks,
  --enable-special-filenames and --use-agent.  See man page.

* New command --pipemode, which can be used to run gpg as a
  co-process.  Currently only the verification of detached
  signatures are working.  See doc/DETAILS.

* Rewritten key selection code so that GnuPG can better cope with
  multiple subkeys, expire dates and so.  The drawback is that it
  is slower.

* A whole lot of bug fixes.

* The verification status of self-signatures are now cached. To
  increase the speed of key list operations for existing keys you
  can do the following in your GnuPG homedir (~/.gnupg):
     $ cp pubring.gpg pubring.gpg.save && $ gpg --export-all >x && \
      rm pubring.gpg && gpg --import x
  Only v4 keys (i.e not the old RSA keys) benefit from this caching.

* New translations: Estonian, Turkish.
2001-05-14 13:40:04 +00:00
agc
a35e3d707c Move to sha1 digests, add distfile sizes. 2001-04-19 15:40:29 +00:00
agc
2d6b6a009c + move the distfile digest/checksum value from files/md5 to distinfo
+ move the patch digest/checksum values from files/patch-sum to distinfo
2001-04-17 11:43:32 +00:00
zuntum
ef5ca26635 o Fix/add quoting
o Respect ${CFLAGS}
2001-03-31 11:14:29 +00:00
hubertf
e32afb6fea Change BUILD_DEPENDS semantics:
first component is now a package name+version/pattern, no more
executable/patchname/whatnot.

While there, introduce BUILD_USES_MSGFMT as shorthand to pull in
devel/gettext unless /usr/bin/msgfmt exists (i.e. on post-1.5 -current).

Patch by Alistair Crooks <agc@netbsd.org>
2001-03-27 03:19:43 +00:00
wiz
a87738b456 Update to new COMMENT style: COMMENT var in Makefile instead of pkg/COMMENT. 2001-02-17 17:42:09 +00:00
wiz
75a2b900c3 Update to 1.0.4nb3: incorporate a security fix by the author.
(Which also includes completely unrelated patch-ac.)
Closes pkg/12208.
2001-02-15 12:04:37 +00:00
wiz
73bcd897a6 Update gnupg to 1.0.4nb2:
Fix a bug in ~/.gnupg creation.
Honor USE_IDEA, and add the IDEA extension in that case.
Addresses pkg/11876.
2001-01-29 11:52:59 +00:00
wiz
5018230611 change DEPENDS on gettext to BUILD_DEPENDS on msgfmt 2000-11-30 00:11:26 +00:00
wiz
3266297597 Declare some symbols static in twofish.c (for details see lib/11458).
Patch provided by Olaf Seibert.
Bump version number to 1.0.4nb1.
2000-11-12 14:28:48 +00:00
wiz
2abd8edc01 Update to 1.0.4. Changes since 1.0.3:
* Fixed a serious bug which could lead to false signature verification
  results when more than one signature is fed to gpg.  This is the
  primary reason for releasing this version.
* New utility gpgv which is a stripped down version of gpg to
  be used to verify signatures against a list of trusted keys.
* Rijndael (AES) is now supported and listed with top preference.
* --with-colons now works with --print-md[s].

Based on an update provided by Mipam <mipam@ibb.net>.
2000-11-10 02:35:02 +00:00
itojun
89c7127fec recover DEPENDS 2000-10-11 09:57:45 +00:00
itojun
51223d39cb update to 1.0.3.
Noteworthy changes in version 1.0.3 (2000-09-18)
------------------------------------------------

    * Fixed problems with piping to/from other MS-Windows software

    * Expiration time of the primary key can be changed again.

    * Revoked user IDs are now marked in the output of --list-key

    * New options --show-session-key and --override-session-key
      to help the British folks to somewhat minimize the danger
      of this Orwellian RIP bill.

    * New options --merge-only and --try-all-secrets.

    * New configuration option --with-egd-socket.

    * The --trusted-key option is back after it left us with 0.9.5

    * RSA is supported. Key generation does not yet work but will come
      soon.

    * CAST5 and SHA-1 are now the default algorithms to protect the key
      and for symmetric-only encryption. This should solve a couple
      of compatibility problems because the old algorithms are optional
      according to RFC2440

    * Twofish and MDC enhanced encryption is now used.  PGP 7 supports
      this.  Older versions of GnuPG don't support it, so they should be
      upgraded to at least 1.0.2
2000-10-11 09:57:30 +00:00
fredb
0c6b58570c Reorganize crypto handling, as discussed on tech-pkg. Remove all
RESTRICTED= variables that were predicated on former U.S. export
regulations. Add CRYPTO=, as necessary, so it's still possible to
exclude all crypto packages from a build by setting MKCRYPTO=no
(but "lintpkgsrc -R" will no longer catch them).

Specifically,

- - All packages which set USE_SSL just lose their RESTRICTED
    variable, since MKCRYPTO responds to USE_SSL directly.
- - realplayer7 and ns-flash keep their RESTRICTED, which is based
    on license terms, but also gain the CRYPTO variable.
- - srp-client is now marked broken, since the distfile is evidently
    no longer available. On this, we're no worse off than before.
    [We haven't been mirroring the distfile, or testing the build!]
- - isakmpd gets CRYPTO for RESTRICTED, but remains broken.
- - crack loses all restrictions, as it does not evidently empower
    a user to utilize strong encryption (working definition: ability
    to encode a message that requires a secret key plus big number
    arithmetic to decode).
2000-09-09 19:40:14 +00:00
hubertf
402899809a Replace MIRROR_DISTFILES and NO_CDROM with the more descriptive and
more fine-grained NO_{BIN,SRC}_ON_{FTP,CDROM} definitions.

MIRROR_DISTFILES and NO_CDROM are now dead.
2000-08-18 22:46:29 +00:00
jlam
d0d079e75e The gettext package gained a shared library. For all packages which
link against libintl.so, update the dependency on gettext to >=0.10.35nb1.
2000-07-31 04:14:04 +00:00
wiz
db2c0b92d1 Add patch to make gnupg work on macppc/ELF.
Patch provided by Gabriel Rosenkoetter <gr@eclipsed.net>.
2000-07-17 23:44:52 +00:00
wiz
61933dcd35 Man page is not distributed by itself anymore. (undo last commit, fix it
correctly)
2000-07-16 23:05:38 +00:00
mason
dd77c814d2 Corrected distfile name (two places) so package builds. 2000-07-16 17:10:24 +00:00
wiz
fdff5a791b Set maintainer to wiz@netbsd.org. 2000-07-15 11:25:57 +00:00
wiz
35eb63b670 Update gnupg to 1.0.2. NetBSD changes had been mailed to author and
have been integrated.
Relevant Changes:
* Fixed expiration handling of encryption keys.
* Add an experimental feature to do unattended key generation.
* The user is now asked for the reason of revocation as required by
  the new OpenPGP draft.
* There is a ~/.gnupg/random_seed file now which saves the state of
  the internal RNG and increases system performance somewhat.  This
  way the full entropy source is only used in cases were it is really
  required. Use the option --no-random-seed-file to disable this
  feature.
* New options --ignore-time-conflict and --lock-never.
* Encryption is now much faster: About 2 times for 1k bit keys and 8
  times for 4k keys.
* New encryption keys are generated in a way which allows a much
  faster decryption.
* New command --export-secret-subkeys which outputs the _primary_
  key with it's secret parts deleted.  This is useful for automated
  decryption/signature creation as it allows to keep the real secret
  primary key offline and thereby protecting the key certificates and
  allowing to create revocations for the subkeys.  See the FAQ for a
  procedure to install such secret keys.
* Keygeneration now writes to the first writeable keyring or as
  default to the one in the homedirectory.  Prior versions ignored all
  --keyring options.
* New option --command-fd to take user input from a file descriptor;
  to be used with --status-fd by software which uses GnuPG as a
  backend.
* There is a new status PROGRESS which is used to show progress during
  key generation.
* Support for the new MDC encryption packets.  To create them either
  --force-mdc must be use or cipher algorithm with a blocksize other
  than 64 bits is to be used.  --openpgp currently disables MDC
  packets entirely.  This option should not yet be used.
* New option --no-auto-key-retrieve to disable retrieving of a missing
  public key from a keyerver, when a keyerver has been set.
* Danish, Esperanto, Japanese, Dutch, and Swedish translations
2000-07-15 11:24:27 +00:00
dmcmahill
eb8dcd1ace change -fpic to -fPIC. Thats what sparcs need now. 2000-06-23 14:32:10 +00:00
wiz
2f39c2de1b find /dev/random, and use it 2000-05-19 23:13:52 +00:00
wiz
9282fa6139 Fetch and install man page, as noted by Markus Kurek
<kurek@uni-duisburg.de> in pkg/9519. Also defuzz patches.
2000-03-02 08:21:31 +00:00
wiz
8e2d11d620 Update gnupg to 1.0.1, as PR'd by
Takahiro Kambe <taca@sky.yamashina.kyoto.jp> in pkg/9477.

Changes since 1.0.0:
    * New command --verify-files.  New option --fast-list-mode.
    * $http_proxy is now used when --honor-http-proxy is set.
    * Fixed some minor bugs and the problem with conventional encrypted
      packets which did use the gpg v3 partial length headers.
    * Add Indonesian and Portugese translations.
    * Fixed a bug with symmetric-only encryption using the non-default 3DES.
      The option --emulate-3des-s2k-bug may be used to decrypt documents
      which have been encrypted this way; this should be done immediately
      as this workaround will be remove in 1.1
    * Can now handle (but not display) PGP's photo IDs. I don't know the
      format of that packet but after stripping a few bytes from the start
      it looks like a JPEG (at least my test data).  Handling of this
      package is required because otherwise it would mix up the
      self signatures and you can't import those keys.
    * Passing non-ascii user IDs on the commandline should now work in all
      cases.
    * New keys are now generated with an additional preference to Blowfish.
    * Removed the GNU Privacy Handbook from the distribution as it will go
      into a separate one.
2000-02-27 04:16:55 +00:00
hubertf
3bbeeaa440 be consistent on which version to wildcard 2000-01-10 19:11:07 +00:00
frueauf
b33124eb5c Update gnupg to 1.0.0. As sideeffect this fixes pr 8826 and pr 8606.
/* XXX someone should test this in i386/aout, maybe that broke
       in exchange, so someone would need to fix it. I have no system
       to test on. But since this package was totaly broken, its an
       improvement...							XXX */

Noteworthy changes in version 1.0.0 (1999-09-07)
-----------------------------------

    * Add a very preliminary version of the GNU Privacy Handbook to
      the distribution (lynx doc/gph/index.html).

    * Changed the version number to GnuPG 2001 ;-)


Noteworthy changes in version 0.9.11
------------------------------------

    * UTF-8 strings are now correctly printed (if --charset is set correctly).
      Output of --with-colons remains C-style escaped UTF-8.

    * Workaround for a problem with PGP 5 detached signature in textmode.

    * Fixed a problem when importing new subkeys (duplicated signatures).

Noteworthy changes in version 0.9.10
------------------------------------

    * Some strange new options to help pgpgpg

    * Cleaned up the dox a bit.


Noteworthy changes in version 0.9.9
-----------------------------------

    * New options --[no-]utf8-strings.

    * New edit-menu commands "enable" and "disable" for entire keys.

    * You will be asked for a filename if gpg cannot deduce one.

    * Changes to support libtool which is needed for the development
      of libgcrypt.

    * New script tools/lspgpot to help transferring assigned
      trustvalues from PGP to GnuPG.

    * New commands --lsign-key and made --sign-key a shortcut for --edit
      and sign.

    * New options (#122--126 ;-) --[no-]default-recipient[-self],
      --disable-{cipher,pubkey}-algo. See the man page.

    * Enhanced info output in case of multiple recipients and fixed exit code.

    * New option --allow-non-selfsigned-uid to work around a problem with
      the German IN way of separating signing and encryption keys.


Noteworthy changes in version 0.9.8
-----------------------------------

    * New subcommand "delsig" in the edit menu.

    * The name of the output file is not anymore the one which is
      embedded in the processed message, but the used filename with
      the extension stripped.  To revert to the old behaviour you can
      use the option --use-embedded-filename.

    * Another hack to cope with pgp2 generated detached signatures.

    * latin-2 character set works (--charset=iso-8859-2).

    * New option --with-key-data to list the public key parameters.
      New option -N to insert notations and a --set-policy-url.
      A couple of other options to allow reseting of options.

    * Better support for HPUX.


Noteworthy changes in version 0.9.7
-----------------------------------

    * Add some work arounds for a bugs in pgp 2 which led to bad signatures
      when used with canonical texts in some cases.

    * Enhanced some status outputs.

Noteworthy changes in version 0.9.6
-----------------------------------

    * Twofish is now statically linked by default. The experimental 128 bit
      version is now disabled.  Full support will be available as soon as
      the OpenPGP WG has decided on an interpretation of rfc2440.

    * Dropped support for the ancient Blowfish160 which is not OpenPGP.

    * Merged gpgm and gpg into one binary.

    * Add "revsig" and "revkey" commands to the edit menu.  It is now
      possible to revoke signature and subkeys.
1999-12-02 15:50:43 +00:00
agc
00a16e3008 Add package patch checksum files. 1999-07-09 14:22:59 +00:00
agc
c6068e98ff Make this package work on Solaris. 1999-04-09 09:39:20 +00:00
mellon
9fbb6462e8 Undo some damage pkglint insisted on. 1999-04-08 15:22:40 +00:00
mellon
b2607dd81e Oops, fix paths. 1999-04-08 15:17:27 +00:00
mellon
33b0a3ca1b GNU Privacy Guard (a PGP replacement) 1999-04-07 23:01:27 +00:00