by moving the inclusion of buildlink3.mk files outside of the protected
region. This bug would be seen by users that have set PREFER_PKGSRC
or PREFER_NATIVE to non-default values.
BUILDLINK_PACKAGES should be ordered so that for any package in the
list, that package doesn't depend on any packages to the left of it
in the list. This ordering property is used to check for builtin
packages in the correct order. The problem was that including a
buildlink3.mk file for <pkg> correctly ensured that <pkg> was removed
from BUILDLINK_PACKAGES and appended to the end. However, since the
inclusion of any other buildlink3.mk files within that buildlink3.mk
was in a region that was protected against multiple inclusion, those
dependencies weren't also moved to the end of BUILDLINK_PACKAGES.
Noteworthy changes in version 0.4.3 (2003-10-06)
------------------------------------------------
* libgpgme should not be used for threaded programs anymore. This
never worked reliably in all cases, because you had to
be careful about the linking order and libtool wouldn't do that for
you automatically. Instead, now you have to link against
libgpgme-pthread for applications using pthread and libgpgme-pth for
applications using GNU Pth.
The old code for automagically detecting the thread library is
still part of libgpgme, but it is DEPRECATED.
* There are new automake macros AM_PATH_GPGME_PTH and
AM_PATH_GPGME_PTHREAD, which support checking for thread-enabled
versions of GPGME. They define GPGME_PTH_CFLAGS, GPGME_PTH_LIBS,
GPGME_PTHREAD_CFLAGS and GPGME_PTHREAD_LIBS respectively. These
variables of course also include the configuration for the thread
package itself. Alternatively, use libtool.
* gpgme_strerror_r as a thread safe variant of gpgme_strerror was
added.
* gpgme-config doesn't support setting the prefix or exec prefix
anymore. I don't think it ever worked correctly, and it seems to
be pointless.
* gpgme_get_key fails with GPG_ERR_AMBIGUOUS_NAME if the key ID
provided was not unique, instead returning the first matching key.
* gpgme_key_t and gpgme_subkey_t have a new field, can_authenticate,
that indicates if the key can be used for authentication.
* gpgme_signature_t's status field is now correctly set to an error
with error code GPG_ERR_NO_PUBKEY if public key is not found.
* gpgme_new_signature_t's class field is now an unsigned int, rather
than an unsigned long (the old class field is preserved for
backwards compatibility).
* A new function gpgme_set_locale() is provided to allow configuring
the locale for the crypto backend. This is necessary for text
terminals so that programs like the pinentry can be started with
the right locale settings for the terminal the application is running
on, in case the terminal has different settings than the system
default (for example, if it is a remote terminal). You are highly
recommended to call the following functions directly after
gpgme_check_version:
#include <locale.h>
setlocale (LC_ALL, "");
gpgme_set_locale (NULL, LC_CTYPE, setlocale (LC_CTYPE, NULL));
gpgme_set_locale (NULL, LC_MESSAGES, setlocale (LC_MESSAGES, NULL));
GPGME can not do this for you, as setlocale is not thread safe, and
there is no alternative.
* The signal action for SIGPIPE is now set to SIG_IGN by
gpgme_check_version, instead the first time a crypto engine is
started (which is not well defined).
* In the output of gpgme_hash_algo_name, change RMD160 to RIPEMD160,
TIGER to TIGER192, CRC32-RFC1510 to CRC32RFC1510, and CRC24-RFC2440
to CRC24RFC2440. For now, these strings can be used as the MIC
parameter for PGP/MIME (if appropriately modified).
Noteworthy changes in version 0.4.2 (2003-07-30)
------------------------------------------------
* Allow gpg-error to be in non-standard place when linking the test suite.
* Configure will fail now if gpg-error can not be found.
* Fixed initialized memory backed data objects for writing, which
caused the test program to crash (but only on Mac OS, surprisingly).
* Eliminate use of C99 constructs.
* Small improvements to the manual.
Noteworthy changes in version 0.4.1 (2003-06-06)
------------------------------------------------
This is the release that 0.4.0 should have been. There are many
interface changes, please see below for the details. The changes are
sometimes the result of new functionality, but more often express a
paradigm shift. Others are an overdue cleanup to get GPGME in line
with the GNU coding standards and to make the interface more
self-consistent. Here is an overview on the changes:
All types have been renamed to conform to the GNU coding standards,
most of the time by keeping the whole name in lowercase and inserting
underscores between words.
All operations consistently only accept input parameters in their
invocation function, and return only an error code directly. Further
information about the result of the operation has to be retrieved
afterwards by calling one of the result functions. This unifies the
synchronous and the asynchronous interface.
The error values have been completely replaced by a more
sophisticated model that allows GPGME to transparently and accurately
report all errors from the other GnuPG components, irregardless of
process boundaries. This is achieved by using the library
libgpg-errors, which is shared by all GnuPG components. This library
is now required for GPGME.
The results of all operations are now provided by pointers to C
structs rather than by XML structs or in other ways.
Objects which used to be opaque (for example a key) are now pointers
to accessible structs, so no accessor functions are necessary.
Backward compatibility is provided where it was possible without too
much effort and did not collide with the overall sanitization effort.
However, this is only for ease of transition. NO DEPRECATED FUNCTION
OR DATA TYPE IS CONSIDERED A PART OF THE API OR ABI AND WILL BE
DROPPED IN THE FUTURE WITHOUT CHANGING THE SONAME OF THE LIBRARY.
Recommendations how to replace deprecated or removed functionality
can be found within the description of each change.
What follows are all changes to the interface and behaviour of GPGME
in detail.
* If gpgme.h is included in sources compiled by GCC 3.1 or later,
deprecated attributes will warn about use of obsolete functions and
type definitions. You can suppress these warnings by passing
-Wno-deprecated-declarations to the gcc command.
* The following types have been renamed. The old types are still
available as aliases, but they are deprecated now:
[complete list in NEWS file]
* gpgme_error_t is now identical to gpg_error_t, the error type
provided by libgpg-error. More about using libgpg-error with GPGME
can be found in the manual. All error symbols have been removed!
* All functions and types in libgpg-error have been wrapped in GPGME.
The new types are gpgme_err_code_t and gpgme_err_source_t. The new
functions are gpgme_err_code, gpgme_err_source, gpgme_error,
gpgme_err_make, gpgme_error_from_errno, gpgme_err_make_from_errno,
gpgme_err_code_from_errno, gpgme_err_code_to_errno,
gpgme_strsource.
* GPGME_ATTR_IS_SECRET is not anymore representable as a string.
* GnuPG 1.2.2 is required. The progress callback is now also invoked
for encrypt, sign, encrypt-sign, decrypt, verify, and
decrypt-verify operations. For verify operations on detached
signatures, the progress callback is invoked for both the detached
signature and the plaintext message, though.
* gpgme_passphrase_cb_t has been changed to not provide a complete
description, but the UID hint, passphrase info and a flag
indicating if this is a repeated attempt individually, so the user
can compose his own description from this information.
The passphrase is not returned as a C string, but must be written
to a file descriptor directly. This allows for secure passphrase
entries.
The return type has been changed to gpgme_error_t value. This
allowed to remove the gpgme_cancel function; just return
the error code GPG_ERR_CANCELED in the passphrase callback directly.
* gpgme_edit_cb_t has been changed to take a file descriptor argument.
The user is expected to write the response to the file descriptor,
followed by a newline.
* The recipients interface has been removed. Instead, you use
NULL-terminated lists of keys for specifying the recipients of an
encryption operation. Use the new encryption flag
GPGME_ENCRYPT_ALWAYS_TRUST if you want to override the validity of
the keys (but note that in general this is not a good idea).
This change has been made to the prototypes of gpgme_op_encrypt,
gpgme_op_encrypt_start, gpgme_op_encrypt_sign and
gpgme_op_encrypt_sign_start.
The export interface has been changed to use pattern strings like
the keylist interface. Thus, new functions gpgme_op_export_ext and
gpgme_op_export_ext_start have been added as well. Now the
prototypes of gpgme_op_export_start and gpgme_op_export finally
make sense.
* gpgme_op_verify and gpgme_op_decrypt_verify don't return a status
summary anymore. Use gpgme_get_sig_status to retrieve the individual
stati.
* gpgme_io_cb_t changed from a void function to a function returning
a gpgme_error_t value. However, it will always return 0, so you
can safely ignore the return value.
* A new I/O callback event GPGME_EVENT_START has been added. The new
requirement is that you must wait until this event until you are
allowed to call the I/O callback handlers previously registered for
this context operation. Calling I/O callback functions for this
context operation before the start event happened is unsafe because
it can lead to race conditions in a multi-threaded environment.
* The idle function feature has been removed. It was not precisely
defined in a multi-threaded environment and is obsoleted by the
user I/O callback functions. If you still need a simple way to
call something while waiting on one or multiple asynchronous
operations to complete, don't set the HANG flag in gpgme_wait (note
that this will return to your program more often than the idle
function did).
* gpgme_wait can return NULL even if hang is true, if an error
occurs. In that case *status contains the error code.
* gpgme_get_engine_info was radically changed. Instead an XML
string, an info structure of the new type gpgme_engine_info_t is
returned. This makes it easier and more robust to evaluate the
information in an application.
* The new function gpgme_get_protocol_name can be used to convert a
gpgme_protocol_t value into a string.
* The status of a context operation is not checked anymore. Starting
a new operation will silently cancel the previous one. Calling a
function that requires you to have started an operation before without
doing so is undefined.
* The FPR argument to gpgme_op_genkey was removed. Instead, use the
gpgme_op_genkey_result function to retrieve a gpgme_genkey_result_t
pointer to a structure which contains the fingerprint. This also
works with gpgme_op_genkey_start. The structure also provides
other information about the generated keys.
* The new gpgme_op_import_result function provides detailed
information about the result of an import operation in
gpgme_import_result_t and gpgme_import_status_t objects.
Thus, the gpgme_op_import_ext variant is deprecated.
* The new gpgme_op_sign_result function provides detailed information
about the result of a signing operation in gpgme_sign_result_t,
gpgme_invalid_key_t and gpgme_new_signature_t objects.
* The new gpgme_op_encrypt_result function provides detailed
information about the result of an encryption operation in
a GpgmeEncryptResult object.
* The new gpgme_op_decrypt_result function provides detailed
information about the result of a decryption operation in
a GpgmeDecryptResult object.
* The new gpgme_op_verify_result function provides detailed
information about the result of an verify operation in
a GpgmeVerifyResult object. Because of this, the GPGME_SIG_STAT_*
values, gpgme_get_sig_status, gpgme_get_sig_ulong_attr,
gpgme_get_sig_string_attr and gpgme_get_sig_key are now deprecated,
and gpgme_get_notation is removed.
* GpgmeTrustItem objects have now directly accessible data, so the
gpgme_trust_item_get_string_attr and gpgme_trust_item_get_ulong_attr
accessor functions are deprecated. Also, reference counting is
available through gpgme_trust_item_ref and gpgme_trust_item_unref
(the gpgme_trust_item_release alias for the latter is deprecated).
* Keys are not cached internally anymore, so the force_update argument
to gpgme_get_key has been removed.
* GpgmeKey objects have now directly accessible data so the
gpgme_key_get_string_attr, gpgme_key_get_ulong_attr,
gpgme_key_sig_get_string_attr and gpgme_key_sig_get_ulong_attr
functions are deprecated. Also, gpgme_key_release is now
deprecated. The gpgme_key_get_as_xml function has been dropped.
* Because all interfaces using attributes are deprecated, the
GpgmeAttr data type is also deprecated.
* The new gpgme_op_keylist_result function provides detailed
information about the result of a key listing operation in
a GpgmeKeyListResult object.
* Now that each function comes with its own result retrieval
interface, the generic gpgme_get_op_info interface is not useful
anymore and dropped.
* The type and mode of data objects is not available anymore.
Noteworthy changes in version 0.4.0 (2002-12-23)
------------------------------------------------
* Key generation returns the fingerprint of the generated key.
* New convenience function gpgme_get_key.
* Supports signatures of user IDs in keys via the new
GPGME_KEYLIST_MODE_SIGS keylist mode and the
gpgme_key_sig_get_string_attr and gpgme_key_sig_get_ulong_attr
interfaces. The XML info about a key also includes the signatures
if available.
* New data object interface, which is more flexible and transparent.
Lots of interface changes, for details see the included
NEWS file.
Changes:
- The progress status is sent via the progress callbacks in
gpgme_op_edit.
- Bug fix for signing operations with explicit signer settings
for the CMS protocol.
From NEWS file:
Noteworthy changes in version 0.3.14 (2002-12-04)
-------------------------------------------------
* GPGME-Plug is now in its own package "cryptplug".
* Workaround for a setlocale problem. Fixed a segv related to not
correctly as closed marked file descriptors.
For full list of changes see ChangeLog.
(distfile checked against .sig file)
* An experimental interface to GnuPG's --edit-key functionality is
introduced, see gpgme_op_edit.
* The new gpgme_import_ext function provides a convenient access to
the number of processed keys.
* It is possible to use an outside event loop for the I/O to the
crypto engine by setting the I/O callbacks with gpgme_set_io_cbs.
* GPGME_ATTR_OTRUST is implemented now.
* A first step toward thread safeness has been achieved, see the
documentation for details. Supported thread libraries are pthread
and Pth.
* All error output of the gpgsm backend is send to the bit bucket.
* The signature verification functions are extended. Instead of
always returning GPGME_SIG_STATUS_GOOD, the functions new codes for
expired signatures.
* The current passphrase callback and progress meter callback can be
retrieved with the new functions gpgme_get_passphrase_cb and
gpgme_get_progress_cb respectively.
* gpgme_op_encrypt can be called with RECIPIENTS being 0. In this
case, symmetric encryption is performed. Note that this requires a
passphrase from the user.
* More information is returned for X.509 certificates.
* Interface changes relative to the 0.3.4 release:
* gpgme_op_encrypt does now fail with GPGME_Invalid_Recipients if
some recipients have been invalid, whereas earlier versions
succeeded in this case.
* gpgme_op_verify now allows to pass an uninitialized data object as
its plaintext argument to check for normal and cleartext
signatures. The plaintext is then returned in the data object.
* New interfaces gpgme_set_include_certs and gpgme_get_include_certs
to set and get the number of certifications to include in S/MIME
signed messages.
* New interfaces gpgme_op_encrypt_sign and gpgme_op_encrypt_sign_start
to encrypt and sign a message in a combined operation.
* New interface gpgme_op_keylist_ext_start to search for multiple patterns.
* gpgme_key_get_ulong_attr supports the GPGME_ATTR_EXPIRE attribute.
* Interface changes relative to the 0.3.3 release:
* Fix the Makefile in jnlib.
* Fix the test suite (hopefully). It should clean up all its state
with `make check' now.
* Remove erroneous dependency on libgcrypt in jnlib.
* There is a Texinfo manual documenting the API.
* The gpgme_set_keylist_mode function returns an error, and changed
its meaning. It is no longer usable to select between normal and
fast mode (newer versions of GnuPG will always be fast), but
selects between local keyring, remote keyserver, or both.
For this, two new macros are defined, GPGME_KEYLIST_MODE_LOCAL
and GPGME_KEYLIST_MODE_EXTERN. To make it possible to modify the
current setting, a fucntion gpgme_get_keylist_mode was added to
retrieve the current mode.
* gpgme_wait accepts a new argument STATUS to return the error status
of the operation on the context. Its definition is closer to
waitpid() now than before.
* The LENGTH argument to gpgme_data_new_from_filepart changed its
type from off_t to the unsigned size_t.
* The R_HD argument to the GpgmePassphraseCb type changed its type
from void* to void**.
* New interface gpgme_op_trustlist_end() to match
gpgme_op_keylist_end().
* The CryptPlug modules have been renamed to gpgme-openpgp and
gpgme-smime, and they are installed in pkglibdir by `make install'.
* An idle function can be registered with gpgme_register_idle().
* The GpgSM backend supports key generation with gpgme_op_genkey().
From DESCR:
GnuPG Made Easy (GPGME) is a library designed to make access to GnuPG
easier for applications. It provides a High-Level Crypto API for
encryption, decryption, signing, signature verification and key
management.