signing-party (2.4-1) unstable; urgency=medium
* caff, gpg-key2latex, gpgsigs: Ignore "KEY_CONSIDERED" status output
emitted by gpg 2.1.13 and later.
* caff, gpgsigs: Allow input produced by gpgparticipants(1) using gpg
2.1.13. With this version, key IDs are not displayed by default and the
"Key fingerprint = " prefix is omitted.
* caff:
+ Fix GnuPG version number comparison.
+ With GnuPG 2.1.13 or later, use gpgconf(1) to determine the socket
paths. (It is not used on earlier gpg since earlier gpgconf do not
support --homedir.) This fixes compatibility with GnuPG 2.1.13.
(Closes: #834984)
+ When ~/.caff/gnupghome/gpg.conf does not exist, instead of creating a
temporary file (as it's done since signing-party 2.3), parse
~/.gnup/gpg.conf and pass the GnuPG options that are known to be safe
(and useful) for caff to gpg(1) using command line options. This soves
the problem of lingering configuration files in case caff is killed.
+ Use full fingerprints internally to avoid collisions. (However
$CONFIG{'keyid'} and $CONFIG{'local-users'} are kept to 64-bits key IDs
as per RFC 4880 full fingerprints are not available in key signatures,
and thus not exposed by `gpg --with-colons --list-sigs`.)
+ Automatically import the $CONFIG{'also-encrypt-to'} from the normal
GnuPGHOME when possible.
* d/source.lintian-overrides: Add 'debian-watch-file-is-missing' as we're
upstream.
* d/control: Remove Franck Joncourt from the Uploaders list per request of
the MIA team. (Closes: #831321)
-- Guilhem Moulin <guilhem@guilhem.org> Mon, 22 Aug 2016 00:19:48 +0200
Problems found locating distfiles:
Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
Package libidea: missing distfile libidea-0.8.2b.tar.gz
Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
Package uvscan: missing distfile vlp4510e.tar.Z
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.
a) refer 'perl' in their Makefile, or
b) have a directory name of p5-*, or
c) have any dependency on any p5-* package
Like last time, where this caused no complaints.
signing-party (1.1.4-1) unstable; urgency=low
.
[ Thijs Kinkhorst ]
* caff:
+ Correct path of ~/.caffrc in informational messages (Closes: #582603).
+ Be more verbose on unexpected key ID (Closes: #645792).
* gpg-key2ps:
+ Apply patch from Uwe Kleine-König to deal with latin1 characters
(Closes: #596377).
.
[ Franck Joncourt ]
* gpg-mailkeys:
+ Correct path of ~/.gpg-mailkeysrc and ~/.signature in manpage.
+ Add new environment variable SENDMAIL_ARGS to allow user to pass
arguments to sendmail (closes: #599409).
* caff:
+ Refactor import of own key and import for keys to sign from keyrings.
+ Also automatically import keys to sign from the user's normal gpg
keyrings.
+ Use --no-auto-check-trustdb when importing keys from files or
the user's normal gpg keyrings (closes: #539643).
.
[ Peter Palfrader ]
* caff:
+ manpage: Refer to all of /usr/share/doc/signing-party/caff/ and not
just to /usr/share/doc/signing-party/caff/caffrc.sample
(closes: #568052).
+ Fix horrible &function calls used because of broken prototypes.
+ Even if all keys to sign were found in the user's normal gpg
keyrings we still need to import them (again) from any keyrings
passed with --key-files - the keys there might be newer, containing
new subkeys (for encryption), uids (for signing) or revocations.
+ Make importing of keys to be signed from the normal gpg optional
(--keys-from-gnupg).
+ refactor copying of command line options into global config variable.
+ Create the mail files in ~/.caff/keys even if mail is not sent
(closes: #590666).
* keylookup:
+ Fixed typo noticed by lintian in manpage keylookup.1.
* caff:
+ Set the Sender header with the email address which is used for the From
header. This overrides the default value which was set by the
MIME::Entity Perl module based on the local hostname. (Closes: #556782)
* gpgsigs:
+ Added patch from Roland Rosenfeld to support RIPEMD160 checksum.
(Closes: #533747).
+ Updated man page to mention support for SHA256 and RIPEMD160 checksum.
+ Made removal of nonexistent photos quiet by the use of the force option.
+ Updated generated tex file in latex mode so that it uses the grffile
package. This allows pdflatex to process our tex file assuming the photos
are previously converted to PDF. (Closes: #542478)
* caff: Updated check for the local-user keyids.
+ Moved the current check to a new function get_local_user_keys().
+ Warned the user if a local-user keyid is not listed as a keyid in
./caffrc. (Closes: #540165).
* gpgdir: New upstream release.
* gpg-mailkeys:
+ The charset for the text of the message is deduced from the charset used
by ~/.gpg-mailkeysrc and ~/.signature.
The text message is encoded in quoted printable and thus it requires a
new dependency on qprint in debian/control. (Closes: #545186)
+ Mentionned both the .gpg-mailkeysrc and .signature files in the manpage.
Ignore temporary build files
make make install install stuff.
Bump NEWS.Debian.
Proposed solution for #462897: unconditionally sync keys between
normal gnupg home and caff gnupg home on startup, to cope with
changed keys.
signing-party (0.4.10-1) unstable; urgency=low
* caff:
+ Fix syntax error in example config variables (Closes: #413020).
+ Fix perl warnings when calling pgp-fixkey with unknown keyid or
with empty signature create date.
* gpg-key2ps:
+ Add '-1' option to only display one column of slips, for extra
wide keys (Closes: #399474).
* keylookup:
+ Fix perl warnings caused by empty lines from gpg output.
* Drop transitional and now obsolete keylookup package.
* Remove no longer needed dependency on mailx.
Changelog:
* caff:
+ Fix a bug with checking if we have exactly one or more keys that failed
downloading.
+ Mention in manpage that keyserver-options is a useful setting in
.caff/gnupghome/gpg.conf (Closes: #392811).
+ q-p-encode From: header (Closes: #366745).
Changelog:
* gpglist: do not die with with-fingerprint (Closes: #382019).
* gpg-key2ps: add --list-key to gpg call (works around #382794).
* caff: when set, use $ENV{'GNUPGHOME'} to find secring.gpg. Suggested by
Gerfried Fuchs.
From debian changelog:
signing-party (0.4.7-1) unstable; urgency=low
* gpg-mailkeys: use right content-type for attached key,
thanks Wesley Landaker
* gpgsigs: recognize rvk (revoker), found in ksp-dc6.txt.
Remove the hostname subst, since it was fixed upstream
Changelog:
caff: - try hostname without -f first to be compatible with BSD
- make local-user a config option, and let it accept a list of keyids
pkg-clean: - add option to allow importing subkeys
Changelog:
* Update FSF addresses.
* caff: tweak documentation.
* caff: note that mailed keys are encrypted (suggested by Sune Vuorela).
* caff: You can now specify additional arguments to pass to the
send method of Mail::Mailer. This allows you to send mails via
SMTP and use authentication for instance. Thanks to Martin von Gagern.
* gpg-key2ps, keylookup: make them less dependent on specific
installation paths and thus better portable outside of Debian
(Closes: #354142).
Let the caff package install other gpg related tools
- pgp-clean: removes all non-self signatures from key
- pgp-fixkey: removes broken packets from keys
- gpg-mailkeys: simply mail out a signed key to its owner
- gpg-key2ps: generate PostScript file with fingerprint paper strips
- gpglist: show who signed which of your UIDs
- gpgsigs: annotates list of GnuPG keys with already done signatures
- keylookup: ncurses wrapper around gpg --search
Fix hardcoded path in man pages
caff is a script that helps you in keysigning. It takes a list of
keyids on the command line, fetches them from a keyserver and calls
GnuPG so that you can sign it. It then mails each key to all its
email addresses - only including the one UID that we send to in each
mail.
Features:
* Easy to setup.
* Attaches only the very UID that we send to in the mail.
* Prunes the key from all signatures that are not self sigs and
not done by you, thereby greatly reducing the size of mails.
* Sends the mail encrypted if possible, will warn before sending
unencrypted mail (sign only keys)
* Creates proper PGP MIME messages.
* Uses separate GNUPGHOME for all its operations.