http://blog.gmane.org/gmane.comp.encryption.gpg.announce hourly 1 1901-01-01T00:00+00:00 http://gmane.org/img/gmane-25t.png http://gmane.org http://permalink.gmane.org/gmane.comp.encryption.gpg.announce/179 <pre>Hi! We are pleased to announce the first tarball release of the New GNU Portable Threads Library: nPth version 0.90. nPth is a non-preemptive threads implementation using an API very similar to the one known from GNU Pth. It has been designed as a replacement of GNU Pth for non-ancient operating systems. In contrast to GNU Pth is is based on the system's standard threads implementation. Thus nPth allows the use of libraries which are not compatible to GNU Pth. GNU Pth is often used to provide a co-routine based framework. GnuPG-2 makes heavy use of this concept for good audibility, general security concerns, and ease of implementation. However, GNU Pth has the drawback that ugly hacks are required to work with libraries which are not GNU Pth aware. The nPth tarball and its signature are available as ftp://ftp.gnupg.org/gcrypt/npth/npth-0.90.tar.bz2 ftp://ftp.gnupg.org/gcrypt/npth/npth-0.90.tar.bz2.sig and at all GnuPG mirrors. See the included README file and the npth.h header for documentation. Bug reports and requests for help should be send to the gnupg-devel mailing list at gnupg.org. nPth is available under the terms of the LGPLv3+ or the GPLv2+. The GIT repository is at git://git.gnupg.org/npth.git . The current development version of GnuPG (2.1) has already been migrated to nPth and thus the next beta release will require it. Obviously we expect to fix some portability problems before we can release 1.0. On common Linux and kFreeBSD systems and even on Android, nPth should build and work fine. Background: When porting GnuPG-2 to Windows in 2004, we had the need for a replacement of GNU Pth, which is not available for native Windows. We came up with an emulation based on the native Windows thread system. Experience since then showed that such an emulation is a solid way to provide a co-routine based framework. Given that thread implementations (in particular pthreads) are now in common use on all platforms, there is not must justification left for not using them: Without considering the GnuPG packages, Debian has only two packages requiring GNU Pth (zhcon and jabberd14 - the latter even seems not in wide use anymore). Many thanks to Ralf S. Engelschall for his excellent GNU PTH library, which served GnuPG very well for many years. Happy hacking, Marcus and Werner </pre> Werner Koch 2012-05-08T10:39:49 http://permalink.gmane.org/gmane.comp.encryption.gpg.announce/178 <pre>Hello! We are pleased to announce the availability of a new stable GnuPG-2 release: Version 2.0.19. The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data, create digital signatures, help authenticating using Secure Shell and to provide a framework for public key cryptography. It includes an advanced key management facility and is compliant with the OpenPGP and S/MIME standards. GnuPG-2 has a different architecture than GnuPG-1 (e.g. 1.4.12) in that it splits up functionality into several modules. However, both versions may be installed alongside without any conflict. In fact, the gpg version from GnuPG-1 is able to make use of the gpg-agent as included in GnuPG-2 and allows for seamless passphrase caching. The advantage of GnuPG-1 is its smaller size and the lack of dependency on other modules at run and build time. We will keep maintaining GnuPG-1 versions because they are very useful for small systems and for server based applications requiring only OpenPGP support. GnuPG is distributed under the terms of the GNU General Public License (GPLv3+). GnuPG-2 works best on GNU/Linux and *BSD systems but is also available for other Unices, Microsoft Windows and Mac OS X. What's New in 2.0.19 ==================== * GPG now accepts a space separated fingerprint as a user ID. This allows to copy and paste the fingerprint from the key listing. * GPG now uses the longest key ID available. Removed support for the original HKP keyserver which is not anymore used by any site. * Rebuild the trustdb after changing the option --min-cert-level. * Ukrainian translation. * Honor option --cert-digest-algo when creating a cert. * Emit a DECRYPTION_INFO status line. * Improved detection of JPEG files. Getting the Software ==================== Please follow the instructions found at http://www.gnupg.org/download/ or read on: GnuPG 2.0.19 may be downloaded from one of the GnuPG mirror sites or direct from ftp://ftp.gnupg.org/gcrypt/gnupg/ . The list of mirrors can be found at http://www.gnupg.org/mirrors.html . Note, that GnuPG is not available at ftp.gnu.org. On the FTP server and its mirrors you should find the following files in the gnupg/ directory: gnupg-2.0.19.tar.bz2 (4089k) gnupg-2.0.19.tar.bz2.sig GnuPG source compressed using BZIP2 and OpenPGP signature. gnupg-2.0.18-2.0.19.diff.bz2 (305k) A patch file to upgrade a 2.0.18 GnuPG source tree. This patch does not include updates of the language files. Note, that we don't distribute gzip compressed tarballs for GnuPG-2. Checking the Integrity ====================== In order to check that the version of GnuPG which you are going to install is an original and unmodified one, you can do it in one of the following ways: * If you already have a trusted version of GnuPG installed, you can simply check the supplied signature. For example to check the signature of the file gnupg-2.0.19.tar.bz2 you would use this command: gpg --verify gnupg-2.0.19.tar.bz2.sig This checks whether the signature file matches the source file. You should see a message indicating that the signature is good and made by that signing key. Make sure that you have the right key, either by checking the fingerprint of that key with other sources or by checking that the key has been signed by a trustworthy other key. Note, that you can retrieve the signing key using the command finger wk ,at' g10code.com or using a keyserver like gpg --keyserver keys.gnupg.net --recv-key 4F25E3B6 The distribution key 4F25E3B6 is signed by the well known key 1E42B367. NEVER USE A GNUPG VERSION YOU JUST DOWNLOADED TO CHECK THE INTEGRITY OF THE SOURCE - USE AN EXISTING GNUPG INSTALLATION! * If you are not able to use an old version of GnuPG, you have to verify the SHA-1 checksum. Assuming you downloaded the file gnupg-2.0.19.tar.bz2, you would run the sha1sum command like this: sha1sum gnupg-2.0.19.tar.bz2 and check that the output matches the first line from the following list: 190c09e6688f688fb0a5cf884d01e240d957ac1f gnupg-2.0.19.tar.bz2 d5e5643dc5ecb4e5296f1a9500f850cfbfd0f8ff gnupg-2.0.18-2.0.19.diff.bz2 Documentation ============= The file gnupg.info has the complete user manual of the system. Separate man pages are included as well; however they have not all the details available in the manual. It is also possible to read the complete manual online in HTML format at http://www.gnupg.org/documentation/manuals/gnupg/ or in Portable Document Format at http://www.gnupg.org/documentation/manuals/gnupg.pdf . The chapters on gpg-agent, gpg and gpgsm include information on how to set up the whole thing. You may also want search the GnuPG mailing list archives or ask on the gnupg-users mailing lists for advise on how to solve problems. Many of the new features are around for several years and thus enough public knowledge is already available. Almost all mail clients support GnuPG-2. Mutt users may want to use the configure option "--enable-gpgme" during build time and put a "set use_crypt_gpgme" in ~/.muttrc to enable S/MIME support along with the reworked OpenPGP support. Support ======= Please consult the archive of the gnupg-users mailing list before reporting a bug &lt;http://gnupg.org/documentation/mailing-lists.html&gt;. We suggest to send bug reports for a new release to this list in favor of filing a bug at &lt;http://bugs.gnupg.org&gt;. We also have a dedicated service directory at: http://www.gnupg.org/service.html Maintaining and improving GnuPG is costly. For more than 10 years now, g10 Code, a German company owned and headed by GnuPG's principal author Werner Koch, is bearing the majority of these costs. To help them carry on this work, they need your support. Please consider to visit the GnuPG donation page at: http://g10code.com/gnupg-donation.html Thanks ====== We have to thank all the people who helped with this release, be it testing, coding, translating, suggesting, auditing, administering the servers, spreading the word or answering questions on the mailing lists. Happy Hacking, The GnuPG Team </pre> Werner Koch 2012-03-27T09:20:14 http://permalink.gmane.org/gmane.comp.encryption.gpg.announce/177 <pre>Hello! We are pleased to announce the availability of a new stable GnuPG-1 release: Version 1.4.12. The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication and data storage. It is a complete and free replacement of PGP and can be used to encrypt data and to create digital signatures. It includes an advanced key management facility, smartcard support and is compliant with the OpenPGP Internet standard as described by RFC-4880. Note that this version is from the GnuPG-1 series and thus smaller than those from the GnuPG-2 series, easier to build and also better portable to ancient platforms. In contrast to GnuPG-2 (e.g version 2.0.18) it comes with no support for S/MIME, Secure Shell, or other tools useful for desktop environments. Fortunately you may install both versions alongside on the same system without any conflict. What's New =========== * GPG now accepts a space separated fingerprint as a user ID. This allows to copy and paste the fingerprint from the key listing. * Removed support for the original HKP keyserver which is not anymore used by any site. * Rebuild the trustdb after changing the option --min-cert-level. * Improved JPEG detection. * Included more VMS patches * Made it easier to create an installer for Windows. * Supports the 32 bit variant of the mingw-w64 toolchain. * Made file locking more portable. * Minor bug fixes. * Ukrainian translation. Getting the Software ==================== First of all, decide whether you really need GnuPG version 1.4.x - most users are better off with the modern GnuPG 2.0.x version. Thene follow the instructions found at http://www.gnupg.org/download/ or read on: GnuPG 1.4.12 may be downloaded from one of the GnuPG mirror sites or direct from ftp://ftp.gnupg.org/gcrypt/ . The list of mirrors can be found at http://www.gnupg.org/mirrors.html . Note, that GnuPG is not available at ftp.gnu.org. On the mirrors you should find the following files in the *gnupg* directory: gnupg-1.4.12.tar.bz2 (3500k) gnupg-1.4.12.tar.bz2.sig GnuPG source compressed using BZIP2 and OpenPGP signature. gnupg-1.4.12.tar.gz (4823k) gnupg-1.4.12.tar.gz.sig GnuPG source compressed using GZIP and OpenPGP signature. gnupg-1.4.11-1.4.12.diff.bz2 (574k) A patch file to upgrade a 1.4.11 GnuPG source tree. This patch does not include updates of the language files. Select one of them. To shorten the download time, you probably want to get the BZIP2 compressed file. Please try another mirror if exceptional your mirror is not yet up to date. In the *binary* directory, you should find these files: gnupg-w32cli-1.4.12.exe (1557k) gnupg-w32cli-1.4.12.exe.sig GnuPG compiled for Microsoft Windows and OpenPGP signature. This is a command line only version; the source files are the same as given above. Note, that this is a minimal installer and unless you are just in need for the gpg binary, you are better off using the full featured installer at http://www.gpg4win.org . Checking the Integrity ====================== In order to check that the version of GnuPG which you are going to install is an original and unmodified one, you can do it in one of the following ways: * If you already have a trusted version of GnuPG installed, you can simply check the supplied signature. For example to check the signature of the file gnupg-1.4.12.tar.bz2 you would use this command: gpg --verify gnupg-1.4.12.tar.bz2.sig This checks whether the signature file matches the source file. You should see a message indicating that the signature is good and made by that signing key. Make sure that you have the right key, either by checking the fingerprint of that key with other sources or by checking that the key has been signed by a trustworthy other key. Note, that you can retrieve the signing key using the command finger wk ,at' g10code.com | gpg --import or using a keyserver like gpg --recv-key 4F25E3B6 The distribution key 1CE0C630 is signed by the well known keys 1E42B367. If you get an key expired message, you should retrieve a fresh copy as the expiration date might have been prolonged. NEVER USE A GNUPG VERSION YOU JUST DOWNLOADED TO CHECK THE INTEGRITY OF THE SOURCE - USE AN EXISTING GNUPG INSTALLATION! * If you are not able to use an old version of GnuPG, you have to verify the SHA-1 checksum. Assuming you downloaded the file gnupg-1.4.12.tar.bz2, you would run the sha1sum command like this: sha1sum gnupg-1.4.12.tar.bz2 and check that the output matches the first line from the following list: 9b78e20328d35525af7b8a9c1cf081396910e937 gnupg-1.4.12.tar.bz2 790587e440ec7d429b120db7a96a237badc638fd gnupg-1.4.12.tar.gz 5ce9105ce6b6c9c38638eead87658f4b735a4a68 gnupg-1.4.11-1.4.12.diff.bz2 e7d8e48900d35fe407a8d8308b3a02b8de46b2f2 gnupg-w32cli-1.4.12.exe Internationalization ==================== GnuPG comes with support for 29 languages. Due to a lot of new and changed strings some translations are not entirely complete. The Chinese (Simple and Traditional), Czech, Dutch, French, German, Norwegian, Polish, Romanian, Russian, Spanish, Swedish, Ukrainian and Turkish translations are close to be complete. Support ======= A listing with commercial support offers for GnuPG is available at: http://www.gnupg.org/service.html Improving and maintaining GnuPG is costly, but you can help! g10 Code GmbH (http://g10code.com), a Duesseldorf based company owned and headed by GnuPG's principal author, has been funding GnuPG development for more than 10 years now. They are looking for organizations that find GnuPG useful and wish to contribute back by ordering extensions, sign into a support contract, or employ them for other development projects. Thanks ====== We have to thank all the people who helped with this release, be it testing, coding, translating, suggesting, auditing, donating money, spreading the word, or answering questions on the mailing lists. Happy Hacking, The GnuPG Team (David, Werner and the other contributors) </pre> Werner Koch 2012-01-30T16:36:52 http://permalink.gmane.org/gmane.comp.encryption.gpg.announce/176 <pre>Hello! We are pleased to announce the availability of a new stable GnuPG-2 release: Version 2.0.18. The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data, create digital signatures, help authenticating using Secure Shell and to provide a framework for public key cryptography. It includes an advanced key management facility and is compliant with the OpenPGP and S/MIME standards. GnuPG-2 has a different architecture than GnuPG-1 (e.g. 1.4.11) in that it splits up functionality into several modules. However, both versions may be installed alongside without any conflict. In fact, the gpg version from GnuPG-1 is able to make use of the gpg-agent as included in GnuPG-2 and allows for seamless passphrase caching. The advantage of GnuPG-1 is its smaller size and the lack of dependency on other modules at run and build time. We will keep maintaining GnuPG-1 versions because they are very useful for small systems and for server based applications requiring only OpenPGP support. GnuPG is distributed under the terms of the GNU General Public License (GPLv3+). GnuPG-2 works best on GNU/Linux and *BSD systems but is also available for other Unices, Microsoft Windows and Mac OS X. What's New =========== * Bug fix for newer versions of Libgcrypt. * Support the SSH confirm flag and show SSH fingerprints in ssh related pinentries. * Improved dirmngr/gpgsm interaction for OCSP. * Allow generation of card keys up to 4096 bit. Getting the Software ==================== Please follow the instructions found at http://www.gnupg.org/download/ or read on: GnuPG 2.0.18 may be downloaded from one of the GnuPG mirror sites or direct from ftp://ftp.gnupg.org/gcrypt/gnupg/ . The list of mirrors can be found at http://www.gnupg.org/mirrors.html . Note, that GnuPG is not available at ftp.gnu.org. On the FTP server and its mirrors you should find the following files in the gnupg/ directory: gnupg-2.0.18.tar.bz2 (3922k) gnupg-2.0.18.tar.bz2.sig GnuPG source compressed using BZIP2 and OpenPGP signature. gnupg-2.0.17-2.0.18.diff.bz2 (188k) A patch file to upgrade a 2.0.17 GnuPG source tree. This patch does not include updates of the language files. Note, that we don't distribute gzip compressed tarballs for GnuPG-2. Checking the Integrity ====================== In order to check that the version of GnuPG which you are going to install is an original and unmodified one, you can do it in one of the following ways: * If you already have a trusted version of GnuPG installed, you can simply check the supplied signature. For example to check the signature of the file gnupg-2.0.18.tar.bz2 you would use this command: gpg --verify gnupg-2.0.18.tar.bz2.sig This checks whether the signature file matches the source file. You should see a message indicating that the signature is good and made by that signing key. Make sure that you have the right key, either by checking the fingerprint of that key with other sources or by checking that the key has been signed by a trustworthy other key. Note, that you can retrieve the signing key using the command finger wk ,at' g10code.com or using a keyserver like gpg --keyserver keys.gnupg.net --recv-key 4F25E3B6 The distribution key 4F25E3B6 is signed by the well known key 1E42B367. NEVER USE A GNUPG VERSION YOU JUST DOWNLOADED TO CHECK THE INTEGRITY OF THE SOURCE - USE AN EXISTING GNUPG INSTALLATION! * If you are not able to use an old version of GnuPG, you have to verify the SHA-1 checksum. Assuming you downloaded the file gnupg-2.0.18.tar.bz2, you would run the sha1sum command like this: sha1sum gnupg-2.0.17.tar.bz2 and check that the output matches the first line from the following list: 5ec2f718760cc3121970a140aeea004b64545c46 gnupg-2.0.18.tar.bz2 998cde3e4383bea771930e9f4934494fa09ed669 gnupg-2.0.17-2.0.18.diff.bz2 Documentation ============= The gnupg.info file has the complete user manual of the system. Separate man pages are included as well; however they have not all the details available in the manual. It is also possible to read the complete manual online in HTML format at http://www.gnupg.org/documentation/manuals/gnupg/ or in Portable Document Format at http://www.gnupg.org/documentation/manuals/gnupg.pdf . The chapters on gpg-agent, gpg and gpgsm include information on how to set up the whole thing. You may also want search the GnuPG mailing list archives or ask on the gnupg-users mailing lists for advise on how to solve problems. Many of the new features are around for several years and thus enough public knowledge is already available. Almost all mail clients support GnuPG-2. Kmail might be the most prominent user of all GnuPG-2 features. In fact it has been developed in cooperation with the Kmail folks. Mutt users may want to use the configure option "--enable-gpgme" during build time and put a "set use_crypt_gpgme" in ~/.muttrc to enable S/MIME support along with the reworked OpenPGP support. Support ======= Please consult the archive of the gnupg-users mailing list before reporting a bug &lt;http://gnupg.org/documentation/mailing-lists.html&gt;. We suggest to send bug reports for a new release to this list in favor of filing a bug at &lt;http://bugs.gnupg.org&gt;. We also have a dedicated service directory at: http://www.gnupg.org/service.html Maintaining and improving GnuPG is costly. For more than 10 years now, g10 Code, a German company owned and headed by GnuPG's principal author Werner Koch, is bearing the majority of these costs. To help them carry on this work, they need your support. Please consider to visit the GnuPG donation page at: http://g10code.com/gnupg-donation.html Thanks ====== We have to thank all the people who helped with this release, be it testing, coding, translating, suggesting, auditing, administering the servers, spreading the word or answering questions on the mailing lists. Happy Hacking, The GnuPG Team </pre> Werner Koch 2011-08-04T16:16:14 http://permalink.gmane.org/gmane.comp.encryption.gpg.announce/175 <pre>Hi, libassuan 2.0.2 is a minor release of libassuan. It provides a shared library which is a dependency of of the upcoming versions of GPGME, GnupG 2.1.x and others. ftp://ftp.gnupg.org/gcrypt/libassuan/libassuan-2.0.2.tar.bz2 ftp://ftp.gnupg.org/gcrypt/libassuan/libassuan-2.0.2.tar.bz2.sig The sha1sums of these files are: e843fd96b4cb05eb737e465891034229f50469d4 libassuan-2.0.1-2.0.2.diff.bz2 dbcd96e2525d4c3a2da9e8054a06fa517f20a185 libassuan-2.0.2.tar.bz2 74b09f626c67ffe51ba21a38b7bed0ea35112c6b libassuan-2.0.2.tar.bz2.asc Noteworthy changes in version 2.0.2 (2010-06-16) ------------------------------------------------ * A new flag may now be used to convey comments via assuan_transact. * A new flag value may now be used to disable logging. * The gpgcedev.c driver now provides a log device. * It is now possible to overwrite socket and connect functions in struct assuan_system_hooks. * Interface changes relative to the 2.0.1 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ASSUAN_CONVEY_COMMENTS NEW. ASSUAN_NO_LOGGING NEW. assuan_system_hooks_t CHANGED: Added socket and connect members. ASSUAN_SYSTEM_HOOKS_VERSION CHANGED: Bumped to 2. assuan_register_pre_cmd_notify NEW. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ </pre> Marcus Brinkmann 2011-06-16T15:54:38 http://permalink.gmane.org/gmane.comp.encryption.gpg.announce/174 <pre>Hi, We are pleased to announce version 1.3.1 of GnuPG Made Easy, a library designed to make access to GnuPG easier for applications. It may be found in the file ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-1.3.1.tar.bz2 ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-1.3.1.tar.bz2.sig It should soon appear on the mirrors listed at: http://www.gnupg.org/mirrors.html Bug reports and requests for assistance should be sent to: gnupg-devel&lt; at &gt;gnupg.org The sha1sum checksums for this distibution are 7d19a95a2239da13764dad7f97541be884ec5a37 gpgme-1.3.1.tar.bz2 93316a81a8f903c5b604716b6937884ea7b0917a gpgme-1.3.1.tar.bz2.sig Noteworthy changes in version 1.3.1 (2011-06-16) ------------------------------------------------ * Ported to Windows CE. * Detect GPG versions not supporting ---passwd. * Interface changes relative to the 1.3.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ GPGME_EXPORT_MODE_MINIMAL NEW GPGME_STATUS_SUCCESS NEW gpgme_err_code_from_syserror NEW gpgme_err_set_errno NEW gpgme_error_from_errno CHANGED: Return gpgme_error_t (compatible type). gpgme_error_from_syserror NEW ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ </pre> Marcus Brinkmann 2011-06-16T15:56:43 http://permalink.gmane.org/gmane.comp.encryption.gpg.announce/173 <pre>Hi, We are pleased to announce version 1.3.1 of GnuPG Made Easy, a library designed to make access to GnuPG easier for applications. It may be found in the file ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-1.3.1.tar.bz2 ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-1.3.1.tar.bz2.sig It should soon appear on the mirrors listed at: http://www.gnupg.org/mirrors.html Bug reports and requests for assistance should be sent to: gnupg-devel&lt; at &gt;gnupg.org The sha1sum checksums for this distibution are 7d19a95a2239da13764dad7f97541be884ec5a37 gpgme-1.3.1.tar.bz2 93316a81a8f903c5b604716b6937884ea7b0917a gpgme-1.3.1.tar.bz2.sig Noteworthy changes in version 1.3.1 (2011-06-16) ------------------------------------------------ * Ported to Windows CE. * Detect GPG versions not supporting ---passwd. * Interface changes relative to the 1.3.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ GPGME_EXPORT_MODE_MINIMAL NEW GPGME_STATUS_SUCCESS NEW gpgme_err_code_from_syserror NEW gpgme_err_set_errno NEW gpgme_error_from_errno CHANGED: Return gpgme_error_t (compatible type). gpgme_error_from_syserror NEW ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ </pre> Marcus Brinkmann 2011-07-04T17:06:01 http://permalink.gmane.org/gmane.comp.encryption.gpg.announce/172 <pre>Hi, libassuan 2.0.2 is a minor release of libassuan. It provides a shared library which is a dependency of of the upcoming versions of GPGME, GnupG 2.1.x and others. ftp://ftp.gnupg.org/gcrypt/libassuan/libassuan-2.0.2.tar.bz2 ftp://ftp.gnupg.org/gcrypt/libassuan/libassuan-2.0.2.tar.bz2.sig The sha1sums of these files are: e843fd96b4cb05eb737e465891034229f50469d4 libassuan-2.0.1-2.0.2.diff.bz2 dbcd96e2525d4c3a2da9e8054a06fa517f20a185 libassuan-2.0.2.tar.bz2 74b09f626c67ffe51ba21a38b7bed0ea35112c6b libassuan-2.0.2.tar.bz2.asc Noteworthy changes in version 2.0.2 (2010-06-16) ------------------------------------------------ * A new flag may now be used to convey comments via assuan_transact. * A new flag value may now be used to disable logging. * The gpgcedev.c driver now provides a log device. * It is now possible to overwrite socket and connect functions in struct assuan_system_hooks. * Interface changes relative to the 2.0.1 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ASSUAN_CONVEY_COMMENTS NEW. ASSUAN_NO_LOGGING NEW. assuan_system_hooks_t CHANGED: Added socket and connect members. ASSUAN_SYSTEM_HOOKS_VERSION CHANGED: Bumped to 2. assuan_register_pre_cmd_notify NEW. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ </pre> Marcus Brinkmann 2011-07-04T17:05:40 http://permalink.gmane.org/gmane.comp.encryption.gpg.announce/171 <pre>Hello! The GNU project is pleased to announce the availability of Libgcrypt version 1.5.0. This is the new stable version of Libgcrypt and upward compatible with the 1.4 series. The 1.4 series will enter end of life state on 2012-12-31. Libgcrypt is a general purpose library of cryptographic building blocks. It is originally based on code used by GnuPG. It does not provide any implementation of OpenPGP or other protocols. Thorough understanding of applied cryptography is required to use Libgcrypt. Noteworthy changes between version 1.4.6 and 1.5.0: * New function gcry_kdf_derive implementing OpenPGP S2K algorithms and PBKDF2. * Support for WindowsCE. * Support for ECDH. * Support for OAEP and PSS methods as described by RFC-3447. * Fixed PKCS v1.5 code to always return the leading zero. * New format specifiers "%M" and "%u" for gcry_sexp_build. * Support opaque MPIs with "%m" and "%M" in gcry_sexp_build. * New functions gcry_pk_get_curve and gcry_pk_get_param to map ECC parameters to a curve name and to retrieve parameter values. * gcry_mpi_cmp applied to opaque values has a defined semantic now. * Uses the Intel AES-NI instructions if available. * The use of the deprecated Alternative Public Key Interface (gcry_ac_*) will now print compile time warnings. * *The module register subsystem has been deprecated.* This subsystem is not flexible enough and would always require ABI changes to extend the internal interfaces. It will eventually be removed. Please contact us on the gcrypt-devel mailing list to discuss whether you really need this feature or how it can be replaced by an internal plugin mechanism. * CTR mode may now be used with data chunks of arbitrary length. * Interface changes relative to the 1.4.6 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ GCRY_PK_ECDH NEW. gcry_pk_get_curve NEW. gcry_pk_get_param NEW. GCRYCTL_DISABLE_HWF NEW. gcry_kdf_derive NEW. gcry_pk_encrypt EXTENDED: Support OAEP. gcry_pk_decrypt EXTENDED: Support OAEP. gcry_pk_sign EXTENDED: Support PSS. gcry_pk_verify EXTENDED: Support PSS. gcry_sexp_build EXTENDED: Add format specifiers M and u. Source code is hosted at the GnuPG FTP server and its mirrors as listed at http://www.gnupg.org/download/mirrors.html . On the primary server the source file and its digital signatures is: ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.5.0.tar.bz2 (1400k) ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.5.0.tar.bz2.sig This file is bzip2 compressed. A gzip compressed version is also available: ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.5.0.tar.gz (1698k) ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.5.0.tar.gz.sig Due to a lot of changes regarding white spaces we don't provide a patch file against 1.4.6. The SHA-1 checksums are: e6508315b76eaf3d0df453f67371b106654bd4fe libgcrypt-1.5.0.tar.gz 3e776d44375dc1a710560b98ae8437d5da6e32cf libgcrypt-1.5.0.tar.bz2 For help on developing with Libgcrypt you should read the included manual and optional ask on the gcrypt-devel mailing list [1]. Improving Libgcrypt is costly, but you can help! We are looking for organizations that find Libgcrypt useful and wish to contribute back. You can contribute by reporting bugs, improve the software [2], order extensions or support or more general by donating money to the Free Software movement [3]. Commercial support contracts for Libgcrypt are available [4], and they help finance continued maintenance. g10 Code GmbH, a Duesseldorf based company, is currently funding Libgcrypt development. We are always looking for interesting development projects. Many thanks to all who contributed to Libgcrypt development, be it bug fixes, code, documentation, testing or helping users. Happy hacking, Werner [1] See &lt;http://www.gnupg.org/documentation/mailing-lists.html&gt;. [2] Note that copyright assignments to the FSF are required. [3] For example see &lt;http://fsfe.org/donate/&gt;. [4] See the service directory at &lt;http://gnupg.org/service.html&gt;. </pre> Werner Koch 2011-06-29T10:18:34 http://permalink.gmane.org/gmane.comp.encryption.gpg.announce/170 <pre>Hello! We are pleased to announce version 1.2.0 of Libksba. Libksba is an X.509 and CMS (PKCS#7) library. It is for example required to build the S/MIME part of GnuPG-2 (gpgsm). The only build requirement for Libksba itself is the libgpg-error package. There are no other dependencies; actual cryptographic operations need to be done by the user. Libksba is distributed under the GPLv3+. There are no user tools accompanying this software, thus it is mostly relevant to developers. This release adds features required by the GnuPG 2.1 development version. You may download the library and its OpenPGP signature from: ftp://ftp.gnupg.org/gcrypt/libksba/libksba-1.2.0.tar.bz2 (575k) ftp://ftp.gnupg.org/gcrypt/libksba/libksba-1.2.0.tar.bz2.sig Noteworthy changes in version 1.2.0 (2011-03-01) ------------------------------------------------ * New functions to allow the creation of X.509 certificates. * Interface changes relative to the 1.1.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ksba_certreq_set_serial NEW. ksba_certreq_set_issuer NEW. ksba_certreq_set_validity NEW. ksba_certreq_set_siginfo NEW. Commercial support contracts for Libksba are available, and they help finance continued maintenance. g10 Code, a Duesseldorf based company owned and headed by Libksba's principal author, is currently funding its development. We are always looking for interesting development projects. See also http://www.gnupg.org/service.html . Happy hacking, Werner </pre> Werner Koch 2011-03-01T14:02:32 http://permalink.gmane.org/gmane.comp.encryption.gpg.announce/169 <pre>Hello! We are pleased to announce the availability of a new stable GnuPG-2 release: Version 2.0.17. The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data, create digital signatures, help authenticating using Secure Shell and to provide a framework for public key cryptography. It includes an advanced key management facility and is compliant with the OpenPGP and S/MIME standards. GnuPG-2 has a different architecture than GnuPG-1 (e.g. 1.4.11) in that it splits up functionality into several modules. However, both versions may be installed alongside without any conflict. In fact, the gpg version from GnuPG-1 is able to make use of the gpg-agent as included in GnuPG-2 and allows for seamless passphrase caching. The advantage of GnuPG-1 is its smaller size and the lack of dependency on other modules at run and build time. We will keep maintaining GnuPG-1 versions because they are very useful for small systems and for server based applications requiring only OpenPGP support. GnuPG is distributed under the terms of the GNU General Public License (GPL version 3). GnuPG-2 works best on GNU/Linux or *BSD systems. What's New =========== * Allow more hash algorithms with the OpenPGP v2 card. * The gpg-agent now tests for a new gpg-agent.conf on a HUP. * Fixed output of "gpgconf --check-options". * Fixed a bug where Scdaemon sends a signal to Gpg-agent running in non-daemon mode. * Fixed TTY management for pinentries and session variable update problem. * Minor bug fixes. Getting the Software ==================== Please follow the instructions found at http://www.gnupg.org/download/ or read on: GnuPG 2.0.17 may be downloaded from one of the GnuPG mirror sites or direct from ftp://ftp.gnupg.org/gcrypt/gnupg/ . The list of mirrors can be found at http://www.gnupg.org/mirrors.html . Note, that GnuPG is not available at ftp.gnu.org. On the FTP server and its mirrors you should find the following files in the gnupg/ directory: gnupg-2.0.17.tar.bz2 (3904k) gnupg-2.0.17.tar.bz2.sig GnuPG source compressed using BZIP2 and OpenPGP signature. gnupg-2.0.16-2.0.17.diff.bz2 (75k) A patch file to upgrade a 2.0.16 GnuPG source tree. This patch does not include updates of the language files. Note, that we don't distribute gzip compressed tarballs for GnuPG-2. Checking the Integrity ====================== In order to check that the version of GnuPG which you are going to install is an original and unmodified one, you can do it in one of the following ways: * If you already have a trusted version of GnuPG installed, you can simply check the supplied signature. For example to check the signature of the file gnupg-2.0.17.tar.bz2 you would use this command: gpg --verify gnupg-2.0.17.tar.bz2.sig This checks whether the signature file matches the source file. You should see a message indicating that the signature is good and made by that signing key. Make sure that you have the right key, either by checking the fingerprint of that key with other sources or by checking that the key has been signed by a trustworthy other key. Note, that you can retrieve the signing key using the command finger wk ,at' g10code.com or using a keyserver like gpg --keyserver keys.gnupg.net --recv-key 4F25E3B6 The distribution key 4F25E3B6 is signed by the well known key 1E42B367. NEVER USE A GNUPG VERSION YOU JUST DOWNLOADED TO CHECK THE INTEGRITY OF THE SOURCE - USE AN EXISTING GNUPG INSTALLATION! * If you are not able to use an old version of GnuPG, you have to verify the SHA-1 checksum. Assuming you downloaded the file gnupg-2.0.17.tar.bz2, you would run the sha1sum command like this: sha1sum gnupg-2.0.17.tar.bz2 and check that the output matches the first line from the following list: 41ef5460417ca0a1131fc730849fe3afd49ad2de gnupg-2.0.17.tar.bz2 ba49d5ab2659bfe6403d52df58722f439e393bbb gnupg-2.0.16-2.0.17.diff.bz2 Internationalization ==================== GnuPG comes with support for 27 languages. Due to a lot of new and changed strings many translations are not entirely complete. Jakub Bogusz, Petr Pisar, Jedi and Daniel Nylander have been kind enough to update their translations on short notice. Thus the Chinese, Czech, German, Polish and Swedish translations are complete. Documentation ============= We are currently working on an installation guide to explain in more detail how to configure the new features. As of now the chapters on gpg-agent and gpgsm include brief information on how to set up the whole thing. Please watch the GnuPG website for updates of the documentation. In the meantime you may search the GnuPG mailing list archives or ask on the gnupg-users mailing lists for advise on how to solve problems. Many of the new features are around for several years and thus enough public knowledge is already available. KDE's KMail is the most prominent user of GnuPG-2. In fact it has been developed along with the KMail folks. Mutt users might want to use the configure option "--enable-gpgme" and "set use_crypt_gpgme" in ~/.muttrc to make use of GnuPG-2 to enable S/MIME in addition to a reworked OpenPGP support. The manual is also available online in HTML format at http://www.gnupg.org/documentation/manuals/gnupg/ and in Portable Document Format at http://www.gnupg.org/documentation/manuals/gnupg.pdf . Support ======= Improving GnuPG is costly, but you can help! We are looking for organizations that find GnuPG useful and wish to contribute back. You can contribute by reporting bugs, improve the software, order extensions or support or more general by donating money to the Free Software movement (e.g. http://www.fsfeurope.org/help/donate.en.html). Commercial support contracts for GnuPG are available, and they help finance continued maintenance. g10 Code GmbH, a Duesseldorf based company owned and headed by GnuPG's principal author, is currently funding GnuPG development. We are always looking for interesting development projects. The GnuPG service directory is available at: http://www.gnupg.org/service.html Thanks ====== We have to thank all the people who helped with this release, be it testing, coding, translating, suggesting, auditing, administering the servers, spreading the word or answering questions on the mailing lists. Happy Hacking, The GnuPG Team </pre> Werner Koch 2011-01-13T16:08:57 http://permalink.gmane.org/gmane.comp.encryption.gpg.announce/168 <pre>Hi! The key used to sign GnuPG releases expired at the end of last year. I prolonged the lifetime of that key for another 6 months to avoid the frequently asked question if signatures made in the past by an expired key are now invalid (in short: they are not). I will sign future distributions with this new 2048-bit RSA key which has also been generated on a smartcard: pub 2048R/4F25E3B6 2011-01-12 [expires: 2019-12-31] Key fingerprint = D869 2123 C406 5DEA 5E0F 3AB5 249B 39D2 4F25 E3B6 uid Werner Koch (dist sig) sub 2048R/AC87C71A 2011-01-12 [expires: 2019-12-31] Please get a copy of the key, either from the attachment, a keyserver or using one of these commands: gpg --fetch-key finger:wk 'at' g10code 'dot' com gpg --fetch-key http://werner.eifelkommune.de/mykey.asc [Please replace 'at' and 'dot' as usual and use gpg2 if you like] The key has been signed by my main key 1E42B367. The authentication subkey listed above is currently not used. Note also that my old standard key 5B0358A2 expires in 6 months and won't be prolonged. 1E42B367 is now well connected in the Web of Trust. Shalom-Salam, Werner </pre> Werner Koch 2011-01-12T16:26:08 http://permalink.gmane.org/gmane.comp.encryption.gpg.announce/167 <pre>Hello! We are pleased to announce the availability of a new stable GnuPG-1 release: Version 1.4.11. The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication and data storage. It is a complete and free replacement of PGP and can be used to encrypt data and to create digital signatures. It includes an advanced key management facility, samrtcard support and is compliant with the OpenPGP Internet standard as described by RFC-4880. Note that this version is from the GnuPG-1 series and thus smaller than those from the GnuPG-2 series, easier to build and also better portable. In contrast to GnuPG-2 (e.g version 2.0.16) it comes with no support for S/MIME or other tools useful for desktop environments. Fortunately you may install both versions alongside on the same system without any conflict. What's New =========== * Bug fixes and portability changes. * Minor changes for better interoperability with GnuPG-2. Getting the Software ==================== Please follow the instructions found at http://www.gnupg.org/download/ or read on: GnuPG 1.4.11 may be downloaded from one of the GnuPG mirror sites or direct from ftp://ftp.gnupg.org/gcrypt/ . The list of mirrors can be found at http://www.gnupg.org/mirrors.html . Note, that GnuPG is not available at ftp.gnu.org. On the mirrors you should find the following files in the *gnupg* directory: gnupg-1.4.11.tar.bz2 (3327k) gnupg-1.4.11.tar.bz2.sig GnuPG source compressed using BZIP2 and OpenPGP signature. gnupg-1.4.11.tar.gz (4603k) gnupg-1.4.11.tar.gz.sig GnuPG source compressed using GZIP and OpenPGP signature. gnupg-1.4.10-1.4.11.diff.bz2 (205k) A patch file to upgrade a 1.4.10 GnuPG source tree. This patch does not include updates of the language files. Select one of them. To shorten the download time, you probably want to get the BZIP2 compressed file. Please try another mirror if exceptional your mirror is not yet up to date. In the *binary* directory, you should find these files: gnupg-w32cli-1.4.11.exe (1588k) gnupg-w32cli-1.4.11.exe.sig GnuPG compiled for Microsoft Windows and OpenPGP signature. This is a command line only version; the source files are the same as given above. Note, that this is a minimal installer and unless you are just in need for the gpg binary, you are better off using the full featured installer at http://www.gpg4win.org . Checking the Integrity ====================== In order to check that the version of GnuPG which you are going to install is an original and unmodified one, you can do it in one of the following ways: * If you already have a trusted version of GnuPG installed, you can simply check the supplied signature. For example to check the signature of the file gnupg-1.4.11.tar.bz2 you would use this command: gpg --verify gnupg-1.4.11.tar.bz2.sig This checks whether the signature file matches the source file. You should see a message indicating that the signature is good and made by that signing key. Make sure that you have the right key, either by checking the fingerprint of that key with other sources or by checking that the key has been signed by a trustworthy other key. Note, that you can retrieve the signing key using the command finger wk ,at' g10code.com | gpg --import or using a keyserver like gpg --recv-key 1CE0C630 The distribution key 1CE0C630 is signed by the well known key 5B0358A2. If you get an key expired message, you should retrieve a fresh copy as the expiration date might have been prolonged. NEVER USE A GNUPG VERSION YOU JUST DOWNLOADED TO CHECK THE INTEGRITY OF THE SOURCE - USE AN EXISTING GNUPG INSTALLATION! * If you are not able to use an old version of GnuPG, you have to verify the SHA-1 checksum. Assuming you downloaded the file gnupg-1.4.11.tar.bz2, you would run the sha1sum command like this: sha1sum gnupg-1.4.11.tar.bz2 and check that the output matches the first line from the following list: 78e22f5cca88514ee71034aafff539c33f3c6676 gnupg-1.4.11.tar.bz2 bffb0c60b2e702980f7148ee3a060f29adc82331 gnupg-1.4.11.tar.gz 631b5129f918b7d30247ade8bcc27908951eaea0 gnupg-w32cli-1.4.11.exe f17729146c18d9288005ac0d93489c333c729345 gnupg-1.4.10-1.4.11.diff.bz2 Internationalization ==================== GnuPG comes with support for 28 languages. Due to a lot of new and changed strings some translations are not entirely complete. The Chinese (Simple and Traditional), Czech, Dutch, French, German, Norwegian, Polish, Romanian, Russian, Spanish, Swedish and Turkish translations are close to be complete. Support ======= Improving GnuPG is costly, but you can help! We are looking for organizations that find GnuPG useful and wish to contribute back. You can contribute by reporting bugs, improve the software, order extensions or support or more general by donating money to the Free Software movement (e.g. http://www.fsfeurope.org/help/donate.en.html). Commercial support contracts for GnuPG are available, and they help finance continued maintenance. g10 Code GmbH, a Duesseldorf based company owned and headed by gpg's principal author, is currently funding GnuPG development. We are always looking for interesting development projects. A service directory is available at: http://www.gnupg.org/service.html Thanks ====== We have to thank all the people who helped with this release, be it testing, coding, translating, suggesting, auditing, administering the servers, spreading the word or answering questions on the mailing lists. Happy Hacking, The GnuPG Team (David, Werner and the other contributors) </pre> Werner Koch 2010-10-18T11:33:51 http://permalink.gmane.org/gmane.comp.encryption.gpg.announce/167 <pre>_______________________________________________ Gnupg-announce mailing list Gnupg-announce&lt; at &gt;gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce </pre> Werner Koch 2010-10-18T11:33:51 http://permalink.gmane.org/gmane.comp.encryption.gpg.announce/166 <pre>_______________________________________________ Gnupg-announce mailing list Gnupg-announce&lt; at &gt;gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce </pre> Werner Koch 2010-07-23T12:36:51 http://permalink.gmane.org/gmane.comp.encryption.gpg.announce/165 <pre>_______________________________________________ Gnupg-announce mailing list Gnupg-announce&lt; at &gt;gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce </pre> Werner Koch 2010-07-19T08:39:20 http://permalink.gmane.org/gmane.comp.encryption.gpg.announce/164 <pre>_______________________________________________ Gnupg-announce mailing list Gnupg-announce&lt; at &gt;gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce </pre> Werner Koch 2010-07-13T16:06:27 http://permalink.gmane.org/gmane.comp.encryption.gpg.announce/163 <pre>_______________________________________________ Gnupg-announce mailing list Gnupg-announce&lt; at &gt;gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce </pre> Werner Koch 2010-03-09T10:38:31 http://permalink.gmane.org/gmane.comp.encryption.gpg.announce/162 <pre>Hi, We are pleased to announce version 1.3.0 of GnuPG Made Easy, a library designed to make access to GnuPG easier for applications. It may be found in the file (about 1.2 MB/870 KB compressed) ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-1.3.0.tar.gz ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-1.3.0.tar.bz2 The following files are also available: ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-1.3.0.tar.gz.sig ftp://ftp.gnupg.org/gcrypt/gpgme/gpgme-1.3.0.tar.bz2.sig It should soon appear on the mirrors listed at: http://www.gnupg.org/mirrors.html Bug reports and requests for assistance should be sent to: gnupg-devel&lt; at &gt;gnupg.org The sha1sum checksums for this distibution are 0db69082abfbbbaf86c3ab0906f5137de900da73 gpgme-1.3.0.tar.bz2 5365180827aa67dede556594587ee770536021a2 gpgme-1.3.0.tar.bz2.sig c7d17b6451fb7770bee696a3fe359c7f6c1be12a gpgme-1.3.0.tar.gz 573a099bf996b03d0c91796a6a403133fab7798a gpgme-1.3.0.tar.sig Noteworthy changes in version 1.3.0 (2010-01-11) ------------------------------------------------ * GPGME does not come with an internal libassuan version anymore. The external libassuan 1.1.0 release or later is required. For application programmers on systems that can resolve inter-library dependencies at runtime, this is a transparent change. * New engine GPGME_PROTOCOL_G13 to support the new g13 tool. * New engine GPGME_PROTOCOL_UISERVER to support UI Servers. * New API to change the passpgrase of a key. * Interface changes relative to the 1.2.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ GPGME_STATUS_INV_SGNR NEW. GPGME_STATUS_NO_SGNR NEW. GPGME_PROTOCOL_G13 NEW. gpgme_op_g13_mount NEW. gpgme_g13_result_t NEW. GPGME_PK_ECDSA NEW. GPGME_PK_ECDH NEW. gpgme_op_passwd_start NEW. gpgme_op_passwd NEW. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Marcus Brinkmann mb&lt; at &gt;g10code.de -- g10 Code GmbH http://g10code.com AmtsGer. Wuppertal HRB 14459 Hüttenstr. 61 Geschäftsführung Werner Koch D-40699 Erkrath -=- The GnuPG Experts -=- USt-Id DE215605608 </pre> Marcus Brinkmann 2010-01-11T11:22:54 http://permalink.gmane.org/gmane.comp.encryption.gpg.announce/161 <pre>Hi, libassuan 2.0.0 is a new branch of libassuan development. It provides a shared library which is a dependency of of the upcoming versions of GPGME, GnupG 2.1.x and others. Note that this version of libassuan is incompatible with previous versions of libassuan, and can not be installed side-by-side with libassuan 1.0.x. ftp://ftp.gnupg.org/gcrypt/libassuan/libassuan-2.0.0.tar.bz2 ftp://ftp.gnupg.org/gcrypt/libassuan/libassuan-2.0.0.tar.bz2.sig The sha1sums of these files are: b03c586a4eefdfc0bb1ec65ecf958b9890d429f7 libassuan-2.0.0.tar.bz2 6880f16b5e3af442b457a86637caa6411b73b677 libassuan-2.0.0.tar.bz2.sig Because this is the first version of libassuan providing a shared library, a lot of effort was spent into making the API/ABI of libassuan extensible and future-proof. Please see below, the file NEWS and the file doc/README.apichanges for details. Noteworthy changes in version 2.0.0 (2009-01-08) ------------------------------------------------ * Now using libtool and builds a DSO. * Lots of interface cleanups. See below for details of the most important changes. Here is a quick note on how to upgrade: For each invocation of the connect or server functions, allocate a context with assuan_new and use that. Instead of assuan_disconnect or assuan_deinit_server, call assuan_release. Use assuan_set_gpg_err_source instead of assuan_set_assuan_err_source. If you use assuan_pipe_connect with NAME of NULL, you have to provide a non-NULL ARGV argument and check that against "server" or "client" to determine which end you got after fork(). If you use the assuan sock interface, you must call assuan_sock_init after setting global context defaults. Add a NULL as the last arg to assuan_register_command. * Pth support has changed. This now follows the same style as libgcrypt by setting system hook callbacks. * Interface changes relative to the 1.0.5 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ _ASSUAN_ONLY_GPG_ERRORS REMOVED assuan_set_assuan_err_source REMOVED: Use assuan_set_gpg_err_source. assuan_set_gpg_err_source NEW assuan_get_gpg_err_source NEW assuan_strerror REMOVED ASSUAN_* Error values removed. assuan_error_t REMOVED AssuanError REMOVED assuan_init_connected_socket_server REMOVED assuan_pipe_connect2 REMOVED AssuanCommand REMOVED assuan_flag_t CHANGED: From enum to unsigned int. ASSUAN_CONTENT REMOVED assuan_disconnect REMOVED: Use assuan_release. assuan_deinit_server REMOVED: Use assuan_release. assuan_get_malloc_hooks NEW assuan_set_log_cb NEW assuan_get_log_cb NEW assuan_new_ext NEW assuan_new NEW assuan_release NEW assuan_init_socket_server CHANGED: Take ctx arg instead of pointer to ctx. CHANGED: As assuan_init_socket_server_ext was. assuan_init_socket_server_ext REMOVED assuan_socket_connect CHANGED: Take ctx arg instead of pointer to ctx. CHANGED: Is what assuan_socket_connect_ext was. assuan_socket_connect_ext REMOVED assuan_pipe_connect CHANGED: Take ctx arg instead of pointer to ctx. If NAME is NULL, ARGV will contain fork result. CHANGED: Is now what assuan_pipe_connect_ext was. CHANGED: Child fds are now assuan_fd_t. assuan_pipe_connect_ext REMOVED assuan_init_pipe_server CHANGED: Take ctx arg instead of pointer to ctx. CHANGED: Swallows fds (are closed at end). CHANGED: Take assuan_fd_t. assuan_fdopen NEW assuan_set_io_hooks REMOVED: Use assuan_system_hooks interface. assuan_io_hooks_t REMOVED: Use assuan_system_hooks interface. assuan_io_monitor_t CHANGED: Add a hook data argument. assuan_get_command_name NEW assuan_msghdr_t NEW ASSUAN_INVALID_PID NEW ASSUAN_NO_FIXSIGNALS NEW ASSUAN_SYSTEM_HOOKS_VERSION NEW assuan_system_hooks_t NEW assuan_set_system_hooks NEW assuan_ctx_set_system_hooks NEW ASSUAN_SYSTEM_PTH_IMPL NEW ASSUAN_SYSTEM_PTH_DECL NEW ASSUAN_SYSTEM_PTH NEW assuan_sock_init NEW assuan_sock_deinit NEW assuan_handler_t NEW assuan_register_command CHANGED: Add arg HELP_STRING. assuan_register_bye_notify CHANGED: Handler gets line and returns err now. assuan_register_reset_notify CHANGED: Handler gets line and returns err now. assuan_register_cancel_notify CHANGED: Handler gets line and returns err now. assuan_register_input_notify CHANGED: Handler returns error now. assuan_register_output_notify CHANGED: Handler returns error now. assuan_process_next CHANGED: New DONE argument instead EOF return. ASSUAN_PIPE_CONNECT_FDPASSING NEW ASSUAN_PIPE_CONNECT_DETACHED NEW ASSUAN_SOCKET_SERVER_FDPASSING NEW ASSUAN_SOCKET_SERVER_ACCEPTED NEW ASSUAN_SOCKET_CONNECT_FDPASSING NEW assuan_peercred_t NEW assuan_get_peercred CHANGED: Return assuan_peercred_t. assuan_client_read_response NEW assuan_client_parse_response NEW assuan_fd_from_posix_fd NEW ASSUAN_SPAWN_DETACHED NEW ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -- g10 Code GmbH http://g10code.com AmtsGer. Wuppertal HRB 14459 Hüttenstr. 61 Geschäftsführung Werner Koch D-40699 Erkrath -=- The GnuPG Experts -=- USt-Id DE215605608 </pre> Marcus Brinkmann 2010-01-08T01:44:50 http://permalink.gmane.org/gmane.comp.encryption.gpg.announce/160 <pre>_______________________________________________ Gnupg-announce mailing list Gnupg-announce&lt; at &gt;gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce </pre> Werner Koch 2009-12-21T17:58:19 Search the mailing list at Gmane query http://search.gmane.org/?group=$group=gmane.comp.encryption.gpg.announce