Up to [cvs.NetBSD.org] / pkgsrc / security / gpgme
Request diff between arbitrary revisions
Keyword substitution: kv
Default branch: MAIN
gpgme: updated to 1.24.1 Noteworthy changes in version 1.24.1 (2024-12-04) * Support the Kyber algorithm in key listings. * Allow building on some older Linux platforms. * Interface changes relative to the 1.24.0 release: GPGME_PK_KYBER NEW enum value.
gpgme: updated to 1.24.0 Noteworthy changes in version 1.24.0 (2024-11-06) * Extended gpgme_op_decrypt* and gpgme_op_verify* to allow writing the output directly to a file. * Extended gpgme_op_encrypt*, gpgme_op_encrypt_sign*, and gpgme_op_sign* to allow reading the input data directly from a file. * Add information about designated revocation keys. * New context flag "import-options". * New context flag "proc-all-sigs". * New context flag "known-notations". * New info flags "beta_compliance". [rM1a7bc88ee7] * New function gpgme_op_setownertrust to make changing the owner trust easier and to allow enabling/disabling of keys (requires GnuPG 2.4.6). * New flag to re-encrypt OpenPGP data (requires GnuPG 2.5.1). * cpp: Provide information about designated revocation keys for a Key. * cpp: Add safer member function returning text describing an error. * cpp: Add support for setting the owner trust of keys and for enabling and disabling keys. * qt: Build QGpgME for Qt 5 and Qt 6 simultaneously. * qt: Install headers for Qt 5 and Qt 6 in separate folders. * qt: Allow reading the data to decrypt/encrypt/sign/verify directly from files. * qt: Allow writing the decrypted/encrypted/signed/verified data directly to files. * qt: Allow specifying import options when importing keys. * qt: Allow appending a detached signature to an existing file. * qt: Add support for enabling and disabling keys. * qt: Add support for new context flag "proc-all-sigs" to the jobs that verify data signatures.
gpgme: updated to 1.23.2 Noteworthy changes in version 1.23.2 (2023-11-28) ------------------------------------------------- * Preserve more specific existing failure code. [T6575] * qt: Start dirmngr with gpgconf to avoid multiple instances. [T6833] * qt: On Windows, use UTF-8 when logging the error text. [T5960] * qt: Remove left-over partial files more persistently. [T6584] * qt: Use a temporary file name when creating signed or encrypted archives. [T6721] * qt: Build Qt 6 bindings with -fPIC if requested or Qt 6 was built with this flag. [T6781]
gpgme: updated to 1.23.1 Noteworthy changes in version 1.23.1 (2023-10-27) ------------------------------------------------- * w32: Change gpgme-w32-spawn to use Unicode arguments.
gpgme: updated to 1.23.0 Noteworthy changes in version 1.23.0 (2023-10-25) ------------------------------------------------- * Support GPGME_ENCRYPT_ALWAYS_TRUST also for S/MIME. [T6559] * New keylist mode GPGME_KEYLIST_MODE_WITH_V5FPR. [T6705] * New key capability flags has_*. [T6748] * gpgme-tool: Support use of Windows HANDLE. [T6634] * qt: Support refreshing keys via WKD. [T6672] * qt: Handle cancel in changeexpiryjob. [T6754] * Interface changes relative to the 1.22.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ GPGME_KEYLIST_MODE_WITH_V5FPR NEW. gpgme_key_t EXTENDED: New field has_encrypt. gpgme_key_t EXTENDED: New field has_sign. gpgme_key_t EXTENDED: New field has_certify. gpgme_key_t EXTENDED: New field has_authenticate. cpp: Key::canCertify NEW. cpp: Key::canSign NEW. cpp: Key::canEncrypt NEW. cpp: Key::canAuthenticate NEW. qt: Protocol::wkdRefreshJob NEW. qt: WKDRefreshJob NEW.
gpgme: updated to 1.22.0 Noteworthy changes in version 1.22.0 (2023-08-21) ------------------------------------------------- * Prevent wrong plaintext when verifying clearsigned signature. [T6622] * Return bad data error instead of general error on unexpected data. [T6617] * Take care of offline mode for all operations of gpgsm engine. [T6648] * Prepare the use of the forthcoming libassuan version 3. * New configure option --with-libtool-modification. [T6619] * cpp: Expose gpgme_decrypt_result_t.is_mime. [T6199] * qt: Clean up after failure or cancel of sign/encrypt archive operation. [T6584] * qt: Add setInputEncoding to QGpgMe::EncryptJob. [T6166] * qt: Make toLogString helper public. [T6584] * Interface changes relative to the 1.21.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ qt: EncryptJob::setInputEncoding NEW. qt: DecryptionResult::isMime NEW. qt: std::string::toLogString NEW.
gpgme: updated to 1.21.0 Noteworthy changes in version 1.21.0 (2023-07-07) ------------------------------------------------- * Extended gpgme_op_encrypt, gpgme_op_encrypt_sign, and gpgme_op_sign to allow writing the output directly to a file. [T6530] * Extended gpgme_op_decrypt and gpgme_op_verify to allow reading the input data directly from files. [T6530] * For key signing and uid revoking allow an empty user id. [rMfbc3963d62] * Pass an input-size-hint also to the gpgsm engine. [T6534] * qt: Allow writing the created archives directly to a file. [T6530] * qt: Allow reading the signed/encrypted archive to decrypt or verify directly from a file. [T6530] * qt: Qt Jobs working with QIODeviceDataProvider now properly handle input-size hints and progress for files larger. 2^32 bytes in 32 bit builds. [T6534] * cpp: Error::isCanceled now also returns true for error code GPG_ERR_FULLY_CANCELED. [T6510] * python: Fix wrong use of write. [T6501]
gpgme: update to 1.20.0. Noteworthy changes in version 1.20.0 (2023-04-20) ------------------------------------------------- * On Windows, the gettext functions provided by gpgrt are switched into utf8 mode, so that all localized texts returned by GpgME or gpgrt, e.g. the texts for error codes are now UTF-8 encoded. [T5960] * Key::canSign now returns false for OpenPGP keys without signing (sub)key. [T6456] * The new macOS Homebrew location is now by default supported. [T6440] * Fix regression in 1.19.0. [rMb608c084b9] * Fix invocation of gpgtar on Windows. [rM0c29119e06]
gpgme: update to 1.19.0. Noteworthy changes in version 1.19.0 (2023-03-17) ------------------------------------------------- * New convenience option --identify for gpgme-json. * New context flag "no-auto-check-trustdb". [T6261] * Optionally, build QGpgME for Qt 6 * Support component "gpgtar-name" in gpgme_get_dirinfo. [T6342] * Extended gpgme_op_encrypt*, gpgme_op_encrypt_sign*, and gpgme_op_sign* to allow creating an encrypted and/or signed archive. [T6342] * Extended gpgme_op_decrypt*, gpgme_op_decrypt_verify*, and gpgme_op_verify* to allow extracting an encrypted and/or signed archive. [T6342] * cpp: Handle error when trying to sign expired keys. [T6155] * cpp: Support encryption flags ThrowKeyIds, EncryptWrap, and WantAddress. [T6359] * cpp, qt: Fix building with C++11. [T6141] * qt: Fix problem with expiration dates after 2038-01-19 on 32-bit systems when adding an existing subkey to another key. [T6137] * cpp: Allow setting the curve to use when generating ECC keys for smart cards. [T4429] * qt: Extend ListAllKeysJob to allow disabling the automatic trust database check when listing all keys. [T6261] * qt: Allow deferred start of import jobs. [T6323] * qt: Support creating and extracting signed and encrypted archives. [T6342]
gpgme: add patch from upstream to not require C++14
gpgme: update to 1.18.0. Noteworthy changes in version 1.18.0 (2022-08-10) ------------------------------------------------- * New keylist mode to force refresh via external methods. [T5951] * The keylist operations now create an import result to report the result of the locate keylist modes. [T5951] * core: Return BAD_PASSPHRASE error code on symmetric decryption failure. [T5939] * cpp, qt: Do not export internal symbols anymore. [T5906] * cpp, qt: Support revocation of own OpenPGP keys. [T5904] * qt: The file name of (signed and) encrypted data can now be set. [T6056] * cpp, qt: Support setting the primary user ID. [T5938] * python: Fix segv(NULL) when inspecting contect after exeception. [T6060]
gpgme: update to 1.17.1. Noteworthy changes in version 1.17.1 (2022-03-06) ------------------------------------------------- * qt: Fix a bug in the ABI compatibility of 1.17.0. [T5834] Noteworthy changes in version 1.17.0 (2022-02-07) ------------------------------------------------- * New context flag "key-origin". [#5733] * New context flag "import-filter". [#5739] * New export mode to export secret subkeys. [#5757] * Detect errors during the export of secret keys. [#5766] * New function gpgme_op_receive_keys to import keys from a keyserver without first running a key listing. [#5808] * Detect bad passphrase error in certificate import. [T5713] * Allow setting --key-origin when importing keys. [T5733] * Support components "keyboxd", "gpg-agent", "scdaemon", "dirmngr", "pinentry", and "socketdir" in gpgme_get_dirinfo. [T5727,T5613] * Under Unix use poll(2) instead of select(2), when available. [T2385] * Do not use --flat_namespace when linking for macOS. [T5610] * Fix results returned by gpgme_data_* functions. [T5481] * Support closefrom also for glibc. [rM4b64774b6d] * cpp,qt: Add support for export of secret keys and secret subkeys. [#5757] * cpp,qt: Support for adding existing subkeys to other keys. [#5770] * qt: Extend ChangeExpiryJob to change expiration of primary key and of subkeys at the same time. [#4717] * qt: Expect UTF-8 on stderr on Windows. [rM8fe1546282] * qt: Allow retrieving the default value of a config entry. [T5515] Noteworthy changes in version 1.16.0 (2021-06-24) ------------------------------------------------- * New context flag "cert-expire". [#5505] * New data flags "io-buffer-size" and "sensitive". [#5478] * Increase I/O buffer size from 512 to 4k under Windows. * cpp,qt: Add support for trust signatures. [#5421] * qt: Add support for flags in LDAP server options. [#5217] * qt: Fix too high memory consumption due to QProcess. [#5475] * qt: Do not set empty base DN as query of keyserver URL. [#5465] * qt: Extend SignKeyJob to create signatures with expiration date. [5506] * python: New optional parameter filter_signatures for decrypt. [#5292]
security: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes Unfetchable distfiles (fetched conditionally?): ./security/cyrus-sasl/distinfo cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2
security: Remove SHA1 hashes for distfiles
gpgme: updated to 1.15.1 Noteworthy changes in version 1.15.1 (2021-01-08) ------------------------------------------------- * Fix another bug in the secret key export. * Make listing of signatures work if only secret keys are listed. * Fix build problem on FreeBSD. * qt: Avoid empty "rem@gnupg.org" signature notations. * python: Fix key_export functions. Noteworthy changes in version 1.15.0 (2020-11-12) ------------------------------------------------- * New function gpgme_op_setexpire to make changing the expiration easier (requires GnuPG 2.1.22). * New function gpgme_op_revsig to revoke key signatures (requires GnuPG 2.2.24). * Support exporting secret keys. * cpp: Support for set expire operations in the C++ bindings. * cpp: Support for revoking key signatures in the C++ bindings. * qt: Extended ChangeExpiryJob to support changing the expiry of subkeys. * qt: Extended QuickJob to support revoking of key signatures. * qt: Added QDebug stream operator for GpgME::Error. * Require a somewhat newer version of libgpg-error (1.36). * Interface changes relative to the 1.14.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gpgme_op_setexpire_start NEW. gpgme_op_setexpire NEW. gpgme_op_revsig_start NEW. gpgme_op_revsig NEW. GPGME_REVSIG_LFSEP NEW. cpp: Context::setExpire NEW. cpp: Context::startSetExpire NEW. cpp: EngineInfo::Version::operator<= NEW. cpp: EngineInfo::Version::operator>= NEW. cpp: EngineInfo::Version::operator!= NEW. cpp: StatusConsumer NEW. cpp: StatusConsumerAssuanTransaction NEW. cpp: Context::cancelPendingOperationImmediately NEW. cpp: Context::revokeSignature NEW. cpp: Context::startRevokeSignature NEW. cpp: UserID::Signature::operator< NEW. qt: operator<<(QDebug debug, const GpgME::Error &err) NEW. qt: QuickJob::startRevokeSignature NEW. qt: QuickJob::result CHANGED: Made params 'auditLogAsHtml' and 'auditLogError' optional.
On macOS, the build intermittently breaks because tests intermittently give "gpg: can't connect to the agent: File name too long". Make this less annoying by not running tests before 'make test' (and fixing that pkgsrc target).
gpgme: add missing #include
gpgme: updated to 1.14.0 Noteworthy changes in version 1.14.0 ------------------------------------ * New keylist mode to force the engine to return the keygrip. * New export mode to export as OpenSSH public key. * New context flag "extended-edit" to enable expert key edit. * Deprecate the anyway non working trustlist functions. * cpp: Add convenience API to obtain remarks. * cpp: The sign key edit-interactor now supports multiple signatures from the same key. * qt: Extended signkeyjob to handle remarks and multiple signatures. * qt: Added job API for gpg-card. * qt: The logging category has been changed to gpg.qgpgme to be more consistent with other qt logging categories. * Interface changes relative to the 1.13.1 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ GPGME_KEYLIST_MODE_WITH_KEYGRIP NEW. GPGME_EXPORT_MODE_SSH NEW. gpgme_user_id_t EXTENDED: New field 'uidhash'. cpp: UserID::remark NEW. cpp: UserID::remarks NEW. cpp: GpgSignKeyEditInteractor::setDupeOk NEW. cpp: Context::exportPublicKeys EXTENDED: New param 'flags'. cpp: Context::startPublicKeyExport EXTENDED: New param 'flags'. cpp: Context::ExportMode NEW. qt: SignKeyJob::setDupeOk NEW. qt: SignKeyJob::setRemark NEW. qt: GpgCardJob NEW. qt: ExportJob::setExportFlags NEW.
gpgme: updated to 1.13.1 Noteworthy changes in version 1.13.1: * cpp: gpgme_set_global_flag is now wrapped. * w32: Improved handling of unicode install paths. * w32: The gpgme_io_spawn error message is now only shown once. * Fixed a crash introduced in 1.13.0 when working with S/MIME. * w32: Fixed format string errors introduced in 1.13.0 that could cause crashes. * w32: Fixed an error in the new diagnostic gpgsm support introduced in 1.13.0 that caused crashes in low fd scenarios. * python: Fixed a DecryptionError Exception. * python: No longer raises BadSignatures from decrypt(verify=True).
gpgme: updated to 1.13.0 Noteworthy changes in version 1.13.0: * Support GPGME_AUDITLOG_DIAG for gpgsm. * New context flag "trust-model". * Removed support for WindowsCE and Windows ME. * Aligned the gpgrt-config code with our other libaries. * Auto-check for all installed Python versions. * Fixed generating card key in the C++ bindings. * Fixed a segv due to bad parameters in genkey. * Fixed crash if the plaintext is ignored in a CMS verify. * Fixed memleak on Windows. * Tweaked the Windows I/O code. * Fixed random crashes on Windows due to closing an arbitrary handle. * Fixed a segv on Windows. * Fixed test suite problems related to dtags. * Fixed bunch of python bugs. * Several fixes to the Common Lisp bindings. * Fixed minor bugs in gpgme-json. * Require trace level 8 to dump all I/O data. * The compiler must now support variadic macros.
gpgme: updated to 1.12.0 Noteworthy changes in version 1.12.0 * Enhanced the JSON based interface tool gpgme-json to support Native Messaging as well as new Javascript code to support the browser site. See lang/js/README for details. * Major overhaul of the Python language bindings documentation. * Even for old versions of gpg a missing MDC will now lead to a decryption failure. * Added context flag "auto-key-locate" to control the behavior of GPGME_KEYLIST_MODE_LOCATE. * New data function to create a data object from an estream. * Add more interfaces to the C++ bindings. * Improved error codes on decryption failure. * Lots of minor fixes.
gpgme: updated to 1.11.1 version 1.11.1: * Fixed build problems in the 1.11.0 release. * Added C++ interfaces which were planned for 1.11.0. version 1.11.0: * New encryption API to support direct key specification including hidden recipients option and taking keys from a file. This also allows to enforce the use of a subkey. * New encryption flag for the new API to enforce the use of plain mail addresses (addr-spec). * The import API can now tell whether v3 keys are skipped. These old and basically broken keys are not anymore supported by GnuPG 2.1. * The decrypt and verify API will now return the MIME flag as specified by RFC-4880bis. * The offline mode now has an effect on gpg by disabling all network access. * A failed OpenPGP verification how returns the fingerprint of the intended key if a recent gpg version was used for signature creation. * New tool gpgme-json as native messaging server for web browsers. As of now public key encryption and decryption is supported. Requires Libgpg-error 1.29. * New context flag "request-origin" which has an effect when used with GnuPG 2.2.6 or later. * New context flag "no-symkey-cache" which has an effect when used with GnuPG 2.2.7 or later. * New convenience constant GPGME_KEYLIST_MODE_LOCATE. * Improved the Python documentation. * Fixed a potential regression with GnuPG 2.2.6 or later. * Fixed a crash in the Python bindings on 32 bit platforms. * Various minor fixes.
gpgme: updated to 1.10.0 Noteworthy changes in version 1.10.0: * Now returns more specific error codes for decryption to distinguish between bad passphrase, user canceled, and no secret key. * Now returns key origin information if available. * Added context flag "auto-key-retrieve" to selectively enable the corresponding gpg option. * Added flag is_de_vs to decryption and verify results. * py: Use SEEK_SET as default for data.seek. * cpp: Various new APIs. * Reduced spawn overhead on Linux again. Added new configure option --disable-linux-getdents to disable this feature for very old Linux versions. * Improved the Python bindings build system. * Made the test suite less fragile.
Updated gpgme to 1.9.0. Drop historic patches; adapt one to upstream changes and add bug report URL. Noteworthy changes in version 1.9.0 (2017-03-28) ------------------------------------------------ * Clarified meaning of the 'expire' parameter of gpgme_op_createkey and gpgme_op_createsubkey. New flag to force a key without an expiration date. * New function gpgme_op_keylist_from_data_start to list keys from data objects without importing them. * New function gpgme_op_set_uid_flag to flag a key as primary. * New function gpgme_op_decrypt_ext to run decryption with special flags. This can for example be used to unwrap keys (remove only the encryption layer). * New encryption flags to wrap a key (adding an encryption layer to an OpenPGP message) or to create anonymously encrypted messages. * Support for adduid and revuid operations in the C++ bindings. * Support for smartcard key generation in the C++ bindings. * Several new functions for the Python binding. * Many smaller bug fixes. * Interface changes relative to the 1.8.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gpgme_op_createkey CHANGED: Meaning of 'expire' parameter. gpgme_op_createsubkey CHANGED: Meaning of 'expire' parameter. GPGME_CREATE_NOEXPIRE NEW. gpgme_key_t EXTENDED: New field 'origin'. gpgme_key_t EXTENDED: New field 'last_update'. gpgme_subkey_t EXTENDED: New field 'is_de_vs'. gpgme_user_id_t EXTENDED: New field 'origin'. gpgme_user_id_t EXTENDED: New field 'last_update'. gpgme_op_keylist_from_data_start NEW. gpgme_op_set_uid_flag_start NEW. gpgme_op_set_uid_flag NEW. gpgme_op_decrypt_ext_start NEW. gpgme_op_decrypt_ext NEW. GPGME_ENCRYPT_THROW_KEYIDS NEW. GPGME_ENCRYPT_WRAP NEW. GPGME_DECRYPT_VERIFY NEW. GPGME_DECRYPT_UNWRAP NEW. gpgme_data_rewind UN-DEPRECATE. cpp: Context::revUid(const Key&, const char*) NEW. cpp: Context::startRevUid(const Key&, const char*) NEW. cpp: Context::addUid(const Key&, const char*) NEW. cpp: Context::startAddUid(const Key&, const char*) NEW. cpp: Key::UserID::revoke() NEW. cpp: Key::addUid() NEW. cpp: Key::isDeVs NEW. cpp: GpgGenCardKeyInteractor NEW. cpp: Subkey::keyGrip NEW. cpp: Subkey::isDeVs NEW. cpp: Data::toKeys NEW. cpp: Context::setDecryptFlags NEW. cpp: Context::decrypt EXTENDED: Flags added. cpp: Context::startDecrypt EXTENDED: Flags added. cpp: Context::decryptAndVerify EXTENDED: Flags added. cpp: Context::startCombinedDecryptionAndVerification EXTENDED: Flags. cpp: Context::encryptFlags EXTENDED: New flags. qt: CryptoConfig::stringValueList() NEW. py: Context.__init__ EXTENDED: New keyword arg home_dir. py: Context.home_dir NEW. py: Context.keylist EXTENDED: New keyword arg mode. py: Context.keylist EXTENDED: New keyword arg source. py: Context.create_key NEW. py: Context.create_subkey NEW. py: Context.key_add_uid NEW. py: Context.key_revoke_uid NEW. py: Context.key_sign NEW. py: Context.key_tofu_policy NEW. py: core.pubkey_algo_string NEW. py: core.addrspec_from_uid NEW. [c=C29/A18/R0 cpp=C10/A4/R0 qt=C9/A2/R0]
Updated gpgme to 1.8.0. A library was removed; recursive bump will follow soon. Noteworthy changes in version 1.8.0 (2016-11-16) ------------------------------------------------ * The module of the Python bindings has been renamed to 'gpg'. * New interface to query current software versions. * New feature to use gpg's --{show,override}session-key options. * New interface to set the sender of a mail. * qt: Added Distinguished Name parser from libkleo * The --homedir option is now used with recent gpgconf versions. * On 64 bit Windows systems gpgconf is now properly located. * The internal locking functions have been replaced by libgpg-error locking functions. * Interface changes relative to the 1.7.1 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gpgme_set_sender NEW. gpgme_get_sender NEW. gpgme_op_query_swdb NEW. gpgme_op_query_swdb_result NEW. gpgme_query_swdb_result_t NEW. gpgme_get_ctx_flag NEW. gpgme_decrypt_result_t EXTENDED: New field session_key. qt: DN NEW. qt: DN::Attribute NEW. qt: Job::context(Job*) NEW. cpp: EngineInfo::Version::Version(const char*) NEW. cpp: EngineInfo::Version::Version() NEW. cpp: SwdbResult NEW. cpp: Context::setSender(const char*) NEW. cpp: Context::getSender() NEW. [c=C28/A17/R0 cpp=C9/A3/R0 qt=C8/A1/R0] Noteworthy changes in version 1.7.1 (2016-10-18) ------------------------------------------------ * Fixed problems with the new language bindings. * New helper function gpgme_addrspec_from_uid. * Use option --exit-on-status-write-error with newer gpg versions. * qt: Missed API from the Qt Binding inclusion has been added again. * qt: abstractimportjob.h is now installed to that ImportJobs can be used again. * qt: Fixed spelling error in API (startReceive). * Interface changes relative to the 1.7.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gpgme_addrspec_from_uid NEW. qt: WksPublishJob::startRecieve RENAMED to ::startReceive. qt: MultiDeleteJob NEW. qt: AbstractImportJob NEW. qt: SpecialJob NEW. cpp: Signature::key(bool, bool) NEW. cpp: UserID::addrSpecFromString(const char*) NEW. cpp: UserID::addrSpec() NEW. [c=C27/A16/R0 cpp=C8/A2/R0 qt=C7/A0/R0] Noteworthy changes in version 1.7.0 (2016-09-21) ------------------------------------------------ * New language bindings for Python 2 and 3. * New language Bindings for C++ and the Qt-Framework API. * New functions gpgme_op_createkey and gpgme_op_createsubkey to make key creation easier (requires GnuPG 2.1). * New functions gpgme_op_adduid and gpgme_op_revuid to make user id management easier (requires GnuPG 2.1). * New function gpgme_op_keysign to make key signing easier (requires GnuPG 2.1). * New function gpgme_op_interact to replace the now deprecated functions gpgme_op_edit and gpgme_op_card_edit. * New function gpgme_pubkey_algo_string to convert a public key algorithm into a GnuPG 2.1 style string. * Support for GnuPG 2.1's TOFU trust model. * Notation flags are now correctly set on verify. * New global flag "require-gnupg" to set a minimal gnupg version. * More supported items in gpgme_get_dirinfo. * New function gpgme_data_set_flag and flag "size-hint". * New function gpgme_set_ctx_flag and flags "full-status" and "raw-description". * Improved gpgme_data_identify to distinguish more file types. * New flag GPGME_ENCRYPT_SYMMETRIC for gpgme_op_encrypt to allow mixed public key and symmetric encryption. * New field KEYGRIP in gpgme_subkey_t. New fields FPR in gpgme_key_t. * New flag GPGME_DATA_ENCODING_MIME to declare that the encrypted or signed data is a valid MIME part. This is to support future GnuPG versions. * Interface changes relative to the 1.6.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gpgme_pubkey_algo_string NEW. GPGME_PK_EDDSA NEW. gpgme_set_ctx_flag NEW. gpgme_data_set_flag NEW. gpgme_op_createkey NEW. gpgme_op_createkey_start NEW. gpgme_op_createsubkey NEW. gpgme_op_createsubkey_start NEW. gpgme_op_adduid_start NEW. gpgme_op_adduid NEW. gpgme_op_revuid_start NEW. gpgme_op_revuid NEW. gpgme_op_keysign_start NEW. gpgme_op_keysign NEW. gpgme_op_tofu_policy_start NEW. gpgme_op_tofu_policy NEW. gpgme_op_interact_start NEW. gpgme_op_interact NEW. gpgme_interact_cb_t NEW. gpgme_op_edit_start DEPRECATED. gpgme_op_edit DEPRECATED. gpgme_op_card_edit_start DEPRECATED. gpgme_op_card_edit DEPRECATED. gpgme_edit_cb_t DEPRECATED. gpgme_status_code_t DEPRECATED. gpgme_genkey_result_t EXTENDED: New fields pubkey and seckey. gpgme_signature_t EXTENDED: New field key. gpgme_key_t EXTENDED: New field fpr. gpgme_subkey_t EXTENDED: New field keygrip. gpgme_user_id_t EXTENDED: New field tofu. gpgme_tofu_policy_t NEW. gpgme_tofu_info_t NEW. GPGME_STATUS_KEY_CONSIDERED NEW. GPGME_STATUS_TOFU_USER NEW. GPGME_STATUS_TOFU_STATS NEW. GPGME_STATUS_TOFU_STATS_LONG NEW. GPGME_STATUS_NOTATION_FLAGS NEW. GPGME_KEYLIST_MODE_WITH_TOFU NEW. GPGME_DATA_TYPE_PGP_ENCRYPTED NEW. GPGME_DATA_TYPE_PGP_SIGNATURE NEW. GPGME_DATA_ENCODING_MIME NEW. GPGME_ENCRYPT_SYMMETRIC NEW. GPGME_CREATE_SIGN NEW. GPGME_CREATE_ENCR NEW. GPGME_CREATE_CERT NEW. GPGME_CREATE_AUTH NEW. GPGME_CREATE_NOPASSWD NEW. GPGME_CREATE_SELFSIGNED NEW. GPGME_CREATE_NOSTORE NEW. GPGME_CREATE_WANTPUB NEW. GPGME_CREATE_WANTSEC NEW. GPGME_CREATE_FORCE NEW. GPGME_KEYSIGN_LOCAL NEW. GPGME_KEYSIGN_LFSEP NEW. GPGME_INTERACT_CARD NEW.
Add SHA512 digests for distfiles for security category Problems found locating distfiles: Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz Package libidea: missing distfile libidea-0.8.2b.tar.gz Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2 Package uvscan: missing distfile vlp4510e.tar.Z Otherwise, existing SHA1 digests verified and found to be the same on the machine holding the existing distfiles (morden). All existing SHA1 digests retained for now as an audit trail.
Update 1.5.5 to 1.6.0 --------------------- Noteworthy changes in version 1.6.0 (2015-08-26) [C25/A14/R0] ------------------------------------------------ * Added gpgme_set_offline to do a key listinging w/o requiring CRL. * Added gpgme_set_status_cb to allow a user to see some status messages. * Added an export mode for secret keys. * More precise error codes are returned if GnuPG >= 2.1.8 is used. * The passphrase handler for the loopback mode has been improved and may also be used with genkey. * [w32] The standard GnuPG 2.1 install directory is now seached for gpgconf.exe before a registry specified directory and the Gpg4win install directory. * [w32] gpgme-w32spawn.exe will now only be searched in the gpgme DLL directory. * Interface changes relative to the 1.5.1 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gpgme_set_offline NEW. gpgme_get_offline NEW. gpgme_set_status_cb NEW. gpgme_get_status_cb NEW. GPGME_EXPORT_MODE_SECRET NEW GPGME_EXPORT_MODE_RAW NEW. GPGME_EXPORT_MODE_PKCS12 NEW.
Update to 1.5.5: Noteworthy changes in version 1.5.5 (2015-06-08) [C24/A13/R4] ------------------------------------------------ * Fixed crash in key listings for user ids with a backslash. * Fixed regression for GPGSM use with GnuPG < 2.1. * Properly set signature summary for revoked OpenPGP keys. Noteworthy changes in version 1.5.4 (2015-04-13) [C24/A13/R3] ------------------------------------------------ * Fixed a possible crash in the debug code. * Fixed building for Windows with newer versions of Mingw. Noteworthy changes in version 1.5.3 (2014-12-11) [C24/A13/R2] ------------------------------------------------------------- * The export key functions do now return an error if used with the latest GnuPG version. Noteworthy changes in version 1.5.2 (2014-11-21) [C24/A13/R1] ------------------------------------------------------------- * gpgme-tool is now installed. * Fix external listing for modern keyservers. * Minor other fixes.
Update to 1.5.1: Noteworthy changes in version 1.5.1 (2014-07-30) [C24/A13/R0] ------------------------------------------------------------- * Fixed possible overflow in gpgsm and uiserver engines. [CVE-2014-3564] * Added support for GnuPG 2.1's --with-secret option. * Interface changes relative to the 1.5.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ GPGME_KEYLIST_MODE_WITH_SECRET NEW. Noteworthy changes in version 1.5.0 (2014-05-21) [C23/A12/R0] ------------------------------------------------------------- * On Unices the engine file names are not not anymore hardwired but located via the envvar PATH. All options to set the name of the engines for the configure run are removed. * If GPGME finds the gpgconf binary it defaults to using gpg2 or whatever gpgconf tells as name for the OpenPGP engine. If gpgconf is not found, GPGME looks for an engine named "gpg". * New feature to use the gpgme I/O subsystem to run arbitrary commands. * New flag to use encryption without the default compression step. * New function to access "gpg-conf --list-dirs" * New configure option --enable-fixed-path for use by Android. * Support ECC algorithms. * Interface changes relative to the 1.4.3 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gpgme_get_dirinfo NEW. gpgme_op_spawn_start NEW. gpgme_op_spawn NEW. GPGME_PROTOCOL_SPAWN NEW. GPGME_SPAWN_DETACHED NEW. GPGME_SPAWN_ALLOW_SET_FG NEW. GPGME_ENCRYPT_NO_COMPRESS NEW. GPGME_PK_ECC NEW. GPGME_MD_SHA224 NEW. gpgme_subkey_t EXTENDED: New field curve. GPGME_STATUS_PLAINTEXT_LENGTH NEW. GPGME_STATUS_MOUNTPOINT NEW. GPGME_STATUS_PINENTRY_LAUNCHED NEW. GPGME_STATUS_ATTRIBUTE NEW. GPGME_STATUS_BEGIN_SIGNING NEW. GPGME_STATUS_KEY_NOT_CREATED NEW.
Pullup ticket #4479 - requested by wiz security/gpgme: security update Revisions pulled up: - security/gpgme/Makefile 1.73 - security/gpgme/distinfo 1.32 --- Module Name: pkgsrc Committed By: wiz Date: Thu Aug 21 20:40:58 UTC 2014 Modified Files: pkgsrc/security/gpgme: Makefile distinfo Log Message: Update to 1.4.4. Remove obsolete configure args. Noteworthy changes in version 1.4.4 (2014-07-30) [C22/A11/R1] ------------------------------------------------------------- Backported from 1.5.1: * Fixed possible overflow in gpgsm and uiserver engines. [CVE-2014-3564] * Fixed possibled segv in gpgme_op_card_edit. * Fixed minor memleaks and possible zombie processes. * Fixed prototype inconsistencies and void pointer arithmetic. Noteworthy changes in version 1.4.3 (2013-08-12) [C22/A11/R0] ------------------------------------------------------------- * The default engine names are now taken from the output of gpgconf. If gpgconf is not found the use of gpg 1 is assumed. * Under Windows the default engines names are first searched in the installation directory of the gpgme DLL. * New function gpgme_data_identify to detect the type of a message. * Interface changes relative to the 1.4.2 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gpgme_signers_count NEW. gpgme_data_type_t NEW. gpgme_data_identify NEW. Noteworthy changes in version 1.4.2 (2013-05-28) ------------------------------------------------ * Allow symmetric encryption with gpgme_op_encrypt_sign. * Fixed mismatching off_t definitions on Windows. * Interface changes relative to the 1.4.1 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gpgme_off_t NEW. gpgme_size_t NEW. GPGME_PROTOCOL_OPENPGP NEW alias.
Update to 1.4.4. Remove obsolete configure args. Noteworthy changes in version 1.4.4 (2014-07-30) [C22/A11/R1] ------------------------------------------------------------- Backported from 1.5.1: * Fixed possible overflow in gpgsm and uiserver engines. [CVE-2014-3564] * Fixed possibled segv in gpgme_op_card_edit. * Fixed minor memleaks and possible zombie processes. * Fixed prototype inconsistencies and void pointer arithmetic. Noteworthy changes in version 1.4.3 (2013-08-12) [C22/A11/R0] ------------------------------------------------------------- * The default engine names are now taken from the output of gpgconf. If gpgconf is not found the use of gpg 1 is assumed. * Under Windows the default engines names are first searched in the installation directory of the gpgme DLL. * New function gpgme_data_identify to detect the type of a message. * Interface changes relative to the 1.4.2 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gpgme_signers_count NEW. gpgme_data_type_t NEW. gpgme_data_identify NEW. Noteworthy changes in version 1.4.2 (2013-05-28) ------------------------------------------------ * Allow symmetric encryption with gpgme_op_encrypt_sign. * Fixed mismatching off_t definitions on Windows. * Interface changes relative to the 1.4.1 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gpgme_off_t NEW. gpgme_size_t NEW. GPGME_PROTOCOL_OPENPGP NEW alias.
update to 1.4.1 changes: -new APIs added -FD passing enabled by default -bugfixes
Changes 1.3.1: * Ported to Windows CE. * Detect GPG versions not supporting ---passwd.
Use AC_LINK_IFELSE instead of AC_COMPILE_IFELSE for __thread, or unwanted detect of TLS support on NetBSD-5.1.
Changes 1.3.0: * GPGME does not come with an internal libassuan version anymore. The external libassuan 1.1.0 release or later is required. For application programmers on systems that can resolve inter-library dependencies at runtime, this is a transparent change. * New engine GPGME_PROTOCOL_G13 to support the new g13 tool. * New engine GPGME_PROTOCOL_UISERVER to support UI Servers. * New API to change the passpgrase of a key.
update to 1.1.8 changes: -bugfixes -API extensions -documentation improvement -The encoding of gpgme_data_t objects can affect the output encoding of export, sign and encrypt operations now -Using GPGME_KEYLIST_MODE_LOCAL combined with GPGME_KEYLIST_MODE_EXTERN is now supported
Fix build on DragonFly.
update to 1.1.4 this fixes the same problem which was fixed by gpg-1.4.7: depending on use, additional text could get through undetected this gpgme uses gpg in a save way -- since we have gpg-1.4.7 in pkgsrc this is kindo belt-and-suspender, but anyway...
Fix gpgsm option so that it builds and works.
Update to 1.1.0, based on patches provided by George Michaelson in PR 32761. Noteworthy changes in version 1.1.0 (2005-10-01) ------------------------------------------------ * You can now configure the backend engine file name and home directory to be used, as default and per context. * Information about the recipients of an encrypted text is now available at decryption time. * New status GPGME_STATUS_PLAINTEXT. This is analyzed by the decrypt and verify handlers, the information about the plaintext filename, if available is made available in the new field file_name of the respective result structure. * The code for "automagically detecting the thread library" has been removed from libgpgme. It is deprecated since version 0.4.3. Since then, you had to link against libgpgme-pthread for applications using pthread and libgpgme-pth for applications using GNU Pth. The code was removed because it caused compilation problems on systems where the pthread.h header from GNU Pth is available in addition to the system header (FreeBSD 6 and later for example). * There is a new flag for keys and subkeys, is_qualified, which indicates if a key can be used for qualified signatures according to local government regulations. * You can associate a filename with a data object using the new function gpgme_data_set_file_name(). This filename will be stored in the output when encrypting or signing the data and will be returned when decrypting or verifying the output data. * You can now set notation data at signature creation with the new function gpgme_sig_notation_add(). * Interface changes relative to the 1.0.3 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gpgme_set_engine_info NEW gpgme_ctx_get_engine_info NEW gpgme_ctx_set_engine_info NEW gpgme_recipient_t NEW gpgme_decrypt_result_t EXTENDED: New field recipients. gpgme_verify_result_t EXTENDED: New fields pubkey_algo, hash_algo. gpgme_decrypt_result_t EXTENDED: New field plaintext_filename. gpgme_verify_result_t EXTENDED: New field plaintext_filename. GPGME_STATUS_PLAINTEXT NEW gpgme_key_t EXTENDED: New field is_qualified. gpgme_subkey_t EXTENDED: New field is_qualified. gpgme_data_get_file_name NEW gpgme_data_set_file_name NEW gpgme_sig_notation_flags_t NEW GPGME_SIG_NOTATION_HUMAN_READABLE NEW GPGME_SIG_NOTATAION_CRITICAL NEW gpgme_sig_notation_clear NEW gpgme_sig_notation_add NEW gpgme_sig_notation_get NEW
resolve confusion about different behaviour of getenv_r in librfuncs and NetBSD-current which caused serius lossage: depend on librfuncs>=1.0.7nb1 which implements NetBSD-current's behaviour, change the patch to _gpgme_getenv() accordingly, and bump PKGREVISION
Don't hard-wire -lpthread into gpgme-config, it breaks e.g. mail/balsa2 on DragonFly. Bump revision.
Don't depend on -lpthread as name of the thread library, check in configure using PTHREAD_LIBS / PTHREAD_LDFLAGS and use them to link libgpgme_thread as well.
update to 1.0.3 changes: -license changed to LGPL -changed default for "include certs" to use the backend's setting -bugfixes
Update to 1.0.2: Noteworthy changes in version 1.0.2 (2004-12-28) ------------------------------------------------ * Changed the license of the library to the GNU Lesser General Public License (LGPL), version 2.1 or later.
Add RMD160 digests.
Ew... also let this work if getenv_r returns no errors...
Now that librfuncs' getenv_r returns ENOENT when the variable is not defined in the environment, we can handle this case properly from here. I.e., treat ENOENT as if no error happened, and return NULL in the 'value' parameter (as the function documentation says). Finally fixes PR pkg/27884. Bump PKGREVISION to 2.
Let this build if gnupg 1.2.x is not installed (i.e., gnupg-devel exists). A test program was trying to run 'gpg', bypassing the binary name given through the --with-gpg flag to configure. XXX This still has a chance to break. If gnupg-devel is built w/o the gpgsm option and gpgme is being built w/ it, no gpg binary will be found. This is one of the those damages produced by build options...
1) Revised gpg_strerror_r to match comments in using strerror_r 2) Revised configure to perform header check for rfuncs.h 3) Revised files referencing getenv_r, strerror_r and ttyname_r to include <rfuncs.h> if HAVE_RFUNCS_H
Add missing blank line after the NetBSD CVS tag in patch-ab.
1) Updated to gpgme-1.0.1. This is a bug fix release. 2) Added optional support for OpenPGP/MIME and SMIME via gnupg-devel as described here: http://www.gnupg.org/aegypten2/
Update to 1.0.0: * Version 1.0.0! We are proud to present you with a thoroughly tested and stable version of the GPGME library. A big Thank You! to all the people who made this possible. The development will be branched into a stable 1.x.y series and the head. * The gpgme.m4 macro supports checking the API version. Just prepend it to the required version string, separated by a colon. For example, this release has the version "1:1.0.0". The last release to which this version is (mostly) ABI compatible is "1:0.4.2", which is the default required version.
update to gpgme-0.9.0 Noteworthy changes in version 0.9.0 (unreleased) ------------------------------------------------ * The type gpgme_key_t has now a new field keylist_mode that contains the keylist mode that was active at the time the key was retrieved. * The type gpgme_decrypt_result_t has a new field "wrong_key_usage" that contains a flag indicating that the key should not have been used for encryption. * Verifying a signature of a revoked key gives the correct result now (GPG_ERR_CERT_REVOKED error code). * Clarified that the error code GPG_ERR_NO_DATA from the decrypt & verify operations still allows you to look at the signature verification result. * Clarified that patterns in keylisting operations have an upper limit, and thus are not suited to list many keys at once by their fingerprint. Also improve the error message if the pattern is too long for the CMS protocol to handle. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gpgme_key_t EXTENDED: New field keylist_mode. gpgme_decrypt_result_t EXTENDED: New field wrong_key_usage. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Set the 0.9.0 versions as BUILDLINK_DEPENDS in the buildlink3.mk for the library major version changes.
Update to 0.4.7. Noteworthy changes in version 0.4.7 (2004-04-29) ------------------------------------------------ * Correctly initialize the fields expired, revoked, invalid, and disabled in the gpgme_key_t structures. * A bug fix: The flag wrong_key_usage of gpgme_signature_t was accidently of type int instead unsigned int. Noteworthy changes in version 0.4.6 (2004-04-06) ------------------------------------------------ * Bug fixes Noteworthy changes in version 0.4.5 (2004-03-07) ------------------------------------------------ * GPGME is now compiled with LFS (large file support) by default. * New key listing mode GPGME_KEYLIST_MODE_VALIDATE for validation of the listed keys. * New interface gpgme_cancel() that can be used to cancel asynchronous operations. Noteworthy changes in version 0.4.4 (2004-01-12) ------------------------------------------------ * The member "class" in gpgme_key_sig_t and gpgme_new_signature_t has been renamed to "sig_class", to avoid clash with C++ compilers. In the C API, the old name "class" has been preserved for backwards compatibility, but is deprecated.
Update to 0.4.3 (for gpa-0.7.0): Noteworthy changes in version 0.4.3 (2003-10-06) ------------------------------------------------ * libgpgme should not be used for threaded programs anymore. This never worked reliably in all cases, because you had to be careful about the linking order and libtool wouldn't do that for you automatically. Instead, now you have to link against libgpgme-pthread for applications using pthread and libgpgme-pth for applications using GNU Pth. The old code for automagically detecting the thread library is still part of libgpgme, but it is DEPRECATED. * There are new automake macros AM_PATH_GPGME_PTH and AM_PATH_GPGME_PTHREAD, which support checking for thread-enabled versions of GPGME. They define GPGME_PTH_CFLAGS, GPGME_PTH_LIBS, GPGME_PTHREAD_CFLAGS and GPGME_PTHREAD_LIBS respectively. These variables of course also include the configuration for the thread package itself. Alternatively, use libtool. * gpgme_strerror_r as a thread safe variant of gpgme_strerror was added. * gpgme-config doesn't support setting the prefix or exec prefix anymore. I don't think it ever worked correctly, and it seems to be pointless. * gpgme_get_key fails with GPG_ERR_AMBIGUOUS_NAME if the key ID provided was not unique, instead returning the first matching key. * gpgme_key_t and gpgme_subkey_t have a new field, can_authenticate, that indicates if the key can be used for authentication. * gpgme_signature_t's status field is now correctly set to an error with error code GPG_ERR_NO_PUBKEY if public key is not found. * gpgme_new_signature_t's class field is now an unsigned int, rather than an unsigned long (the old class field is preserved for backwards compatibility). * A new function gpgme_set_locale() is provided to allow configuring the locale for the crypto backend. This is necessary for text terminals so that programs like the pinentry can be started with the right locale settings for the terminal the application is running on, in case the terminal has different settings than the system default (for example, if it is a remote terminal). You are highly recommended to call the following functions directly after gpgme_check_version: #include <locale.h> setlocale (LC_ALL, ""); gpgme_set_locale (NULL, LC_CTYPE, setlocale (LC_CTYPE, NULL)); gpgme_set_locale (NULL, LC_MESSAGES, setlocale (LC_MESSAGES, NULL)); GPGME can not do this for you, as setlocale is not thread safe, and there is no alternative. * The signal action for SIGPIPE is now set to SIG_IGN by gpgme_check_version, instead the first time a crypto engine is started (which is not well defined). * In the output of gpgme_hash_algo_name, change RMD160 to RIPEMD160, TIGER to TIGER192, CRC32-RFC1510 to CRC32RFC1510, and CRC24-RFC2440 to CRC24RFC2440. For now, these strings can be used as the MIC parameter for PGP/MIME (if appropriately modified). Noteworthy changes in version 0.4.2 (2003-07-30) ------------------------------------------------ * Allow gpg-error to be in non-standard place when linking the test suite. * Configure will fail now if gpg-error can not be found. * Fixed initialized memory backed data objects for writing, which caused the test program to crash (but only on Mac OS, surprisingly). * Eliminate use of C99 constructs. * Small improvements to the manual. Noteworthy changes in version 0.4.1 (2003-06-06) ------------------------------------------------ This is the release that 0.4.0 should have been. There are many interface changes, please see below for the details. The changes are sometimes the result of new functionality, but more often express a paradigm shift. Others are an overdue cleanup to get GPGME in line with the GNU coding standards and to make the interface more self-consistent. Here is an overview on the changes: All types have been renamed to conform to the GNU coding standards, most of the time by keeping the whole name in lowercase and inserting underscores between words. All operations consistently only accept input parameters in their invocation function, and return only an error code directly. Further information about the result of the operation has to be retrieved afterwards by calling one of the result functions. This unifies the synchronous and the asynchronous interface. The error values have been completely replaced by a more sophisticated model that allows GPGME to transparently and accurately report all errors from the other GnuPG components, irregardless of process boundaries. This is achieved by using the library libgpg-errors, which is shared by all GnuPG components. This library is now required for GPGME. The results of all operations are now provided by pointers to C structs rather than by XML structs or in other ways. Objects which used to be opaque (for example a key) are now pointers to accessible structs, so no accessor functions are necessary. Backward compatibility is provided where it was possible without too much effort and did not collide with the overall sanitization effort. However, this is only for ease of transition. NO DEPRECATED FUNCTION OR DATA TYPE IS CONSIDERED A PART OF THE API OR ABI AND WILL BE DROPPED IN THE FUTURE WITHOUT CHANGING THE SONAME OF THE LIBRARY. Recommendations how to replace deprecated or removed functionality can be found within the description of each change. What follows are all changes to the interface and behaviour of GPGME in detail. * If gpgme.h is included in sources compiled by GCC 3.1 or later, deprecated attributes will warn about use of obsolete functions and type definitions. You can suppress these warnings by passing -Wno-deprecated-declarations to the gcc command. * The following types have been renamed. The old types are still available as aliases, but they are deprecated now: [complete list in NEWS file] * gpgme_error_t is now identical to gpg_error_t, the error type provided by libgpg-error. More about using libgpg-error with GPGME can be found in the manual. All error symbols have been removed! * All functions and types in libgpg-error have been wrapped in GPGME. The new types are gpgme_err_code_t and gpgme_err_source_t. The new functions are gpgme_err_code, gpgme_err_source, gpgme_error, gpgme_err_make, gpgme_error_from_errno, gpgme_err_make_from_errno, gpgme_err_code_from_errno, gpgme_err_code_to_errno, gpgme_strsource. * GPGME_ATTR_IS_SECRET is not anymore representable as a string. * GnuPG 1.2.2 is required. The progress callback is now also invoked for encrypt, sign, encrypt-sign, decrypt, verify, and decrypt-verify operations. For verify operations on detached signatures, the progress callback is invoked for both the detached signature and the plaintext message, though. * gpgme_passphrase_cb_t has been changed to not provide a complete description, but the UID hint, passphrase info and a flag indicating if this is a repeated attempt individually, so the user can compose his own description from this information. The passphrase is not returned as a C string, but must be written to a file descriptor directly. This allows for secure passphrase entries. The return type has been changed to gpgme_error_t value. This allowed to remove the gpgme_cancel function; just return the error code GPG_ERR_CANCELED in the passphrase callback directly. * gpgme_edit_cb_t has been changed to take a file descriptor argument. The user is expected to write the response to the file descriptor, followed by a newline. * The recipients interface has been removed. Instead, you use NULL-terminated lists of keys for specifying the recipients of an encryption operation. Use the new encryption flag GPGME_ENCRYPT_ALWAYS_TRUST if you want to override the validity of the keys (but note that in general this is not a good idea). This change has been made to the prototypes of gpgme_op_encrypt, gpgme_op_encrypt_start, gpgme_op_encrypt_sign and gpgme_op_encrypt_sign_start. The export interface has been changed to use pattern strings like the keylist interface. Thus, new functions gpgme_op_export_ext and gpgme_op_export_ext_start have been added as well. Now the prototypes of gpgme_op_export_start and gpgme_op_export finally make sense. * gpgme_op_verify and gpgme_op_decrypt_verify don't return a status summary anymore. Use gpgme_get_sig_status to retrieve the individual stati. * gpgme_io_cb_t changed from a void function to a function returning a gpgme_error_t value. However, it will always return 0, so you can safely ignore the return value. * A new I/O callback event GPGME_EVENT_START has been added. The new requirement is that you must wait until this event until you are allowed to call the I/O callback handlers previously registered for this context operation. Calling I/O callback functions for this context operation before the start event happened is unsafe because it can lead to race conditions in a multi-threaded environment. * The idle function feature has been removed. It was not precisely defined in a multi-threaded environment and is obsoleted by the user I/O callback functions. If you still need a simple way to call something while waiting on one or multiple asynchronous operations to complete, don't set the HANG flag in gpgme_wait (note that this will return to your program more often than the idle function did). * gpgme_wait can return NULL even if hang is true, if an error occurs. In that case *status contains the error code. * gpgme_get_engine_info was radically changed. Instead an XML string, an info structure of the new type gpgme_engine_info_t is returned. This makes it easier and more robust to evaluate the information in an application. * The new function gpgme_get_protocol_name can be used to convert a gpgme_protocol_t value into a string. * The status of a context operation is not checked anymore. Starting a new operation will silently cancel the previous one. Calling a function that requires you to have started an operation before without doing so is undefined. * The FPR argument to gpgme_op_genkey was removed. Instead, use the gpgme_op_genkey_result function to retrieve a gpgme_genkey_result_t pointer to a structure which contains the fingerprint. This also works with gpgme_op_genkey_start. The structure also provides other information about the generated keys. * The new gpgme_op_import_result function provides detailed information about the result of an import operation in gpgme_import_result_t and gpgme_import_status_t objects. Thus, the gpgme_op_import_ext variant is deprecated. * The new gpgme_op_sign_result function provides detailed information about the result of a signing operation in gpgme_sign_result_t, gpgme_invalid_key_t and gpgme_new_signature_t objects. * The new gpgme_op_encrypt_result function provides detailed information about the result of an encryption operation in a GpgmeEncryptResult object. * The new gpgme_op_decrypt_result function provides detailed information about the result of a decryption operation in a GpgmeDecryptResult object. * The new gpgme_op_verify_result function provides detailed information about the result of an verify operation in a GpgmeVerifyResult object. Because of this, the GPGME_SIG_STAT_* values, gpgme_get_sig_status, gpgme_get_sig_ulong_attr, gpgme_get_sig_string_attr and gpgme_get_sig_key are now deprecated, and gpgme_get_notation is removed. * GpgmeTrustItem objects have now directly accessible data, so the gpgme_trust_item_get_string_attr and gpgme_trust_item_get_ulong_attr accessor functions are deprecated. Also, reference counting is available through gpgme_trust_item_ref and gpgme_trust_item_unref (the gpgme_trust_item_release alias for the latter is deprecated). * Keys are not cached internally anymore, so the force_update argument to gpgme_get_key has been removed. * GpgmeKey objects have now directly accessible data so the gpgme_key_get_string_attr, gpgme_key_get_ulong_attr, gpgme_key_sig_get_string_attr and gpgme_key_sig_get_ulong_attr functions are deprecated. Also, gpgme_key_release is now deprecated. The gpgme_key_get_as_xml function has been dropped. * Because all interfaces using attributes are deprecated, the GpgmeAttr data type is also deprecated. * The new gpgme_op_keylist_result function provides detailed information about the result of a key listing operation in a GpgmeKeyListResult object. * Now that each function comes with its own result retrieval interface, the generic gpgme_get_op_info interface is not useful anymore and dropped. * The type and mode of data objects is not available anymore. Noteworthy changes in version 0.4.0 (2002-12-23) ------------------------------------------------ * Key generation returns the fingerprint of the generated key. * New convenience function gpgme_get_key. * Supports signatures of user IDs in keys via the new GPGME_KEYLIST_MODE_SIGS keylist mode and the gpgme_key_sig_get_string_attr and gpgme_key_sig_get_ulong_attr interfaces. The XML info about a key also includes the signatures if available. * New data object interface, which is more flexible and transparent. Lots of interface changes, for details see the included NEWS file.
Updated to latest stable version 0.3.15. Changes: - The progress status is sent via the progress callbacks in gpgme_op_edit. - Bug fix for signing operations with explicit signer settings for the CMS protocol.
Update gpgme to 0.3.14. From NEWS file: Noteworthy changes in version 0.3.14 (2002-12-04) ------------------------------------------------- * GPGME-Plug is now in its own package "cryptplug". * Workaround for a setlocale problem. Fixed a segv related to not correctly as closed marked file descriptors. For full list of changes see ChangeLog. (distfile checked against .sig file)
Update gpgme to 0.3.13. Only change (other than version) is: * config.sub, config.guess: Updated from ftp.gnu.org/gnu/config to version 2002-11-08.
Update gpgme to 0.3.12. Again mostly bug fixes. Now depends on gpg 1.2.0. Don't seem to need patch-ba. Also fix .info file handling.
Update to 0.3.9 * An experimental interface to GnuPG's --edit-key functionality is introduced, see gpgme_op_edit. * The new gpgme_import_ext function provides a convenient access to the number of processed keys. * It is possible to use an outside event loop for the I/O to the crypto engine by setting the I/O callbacks with gpgme_set_io_cbs. * GPGME_ATTR_OTRUST is implemented now. * A first step toward thread safeness has been achieved, see the documentation for details. Supported thread libraries are pthread and Pth. * All error output of the gpgsm backend is send to the bit bucket. * The signature verification functions are extended. Instead of always returning GPGME_SIG_STATUS_GOOD, the functions new codes for expired signatures. * The current passphrase callback and progress meter callback can be retrieved with the new functions gpgme_get_passphrase_cb and gpgme_get_progress_cb respectively. * gpgme_op_encrypt can be called with RECIPIENTS being 0. In this case, symmetric encryption is performed. Note that this requires a passphrase from the user. * More information is returned for X.509 certificates. * Interface changes relative to the 0.3.4 release: * gpgme_op_encrypt does now fail with GPGME_Invalid_Recipients if some recipients have been invalid, whereas earlier versions succeeded in this case. * gpgme_op_verify now allows to pass an uninitialized data object as its plaintext argument to check for normal and cleartext signatures. The plaintext is then returned in the data object. * New interfaces gpgme_set_include_certs and gpgme_get_include_certs to set and get the number of certifications to include in S/MIME signed messages. * New interfaces gpgme_op_encrypt_sign and gpgme_op_encrypt_sign_start to encrypt and sign a message in a combined operation. * New interface gpgme_op_keylist_ext_start to search for multiple patterns. * gpgme_key_get_ulong_attr supports the GPGME_ATTR_EXPIRE attribute. * Interface changes relative to the 0.3.3 release: * Fix the Makefile in jnlib. * Fix the test suite (hopefully). It should clean up all its state with `make check' now. * Remove erroneous dependency on libgcrypt in jnlib. * There is a Texinfo manual documenting the API. * The gpgme_set_keylist_mode function returns an error, and changed its meaning. It is no longer usable to select between normal and fast mode (newer versions of GnuPG will always be fast), but selects between local keyring, remote keyserver, or both. For this, two new macros are defined, GPGME_KEYLIST_MODE_LOCAL and GPGME_KEYLIST_MODE_EXTERN. To make it possible to modify the current setting, a fucntion gpgme_get_keylist_mode was added to retrieve the current mode. * gpgme_wait accepts a new argument STATUS to return the error status of the operation on the context. Its definition is closer to waitpid() now than before. * The LENGTH argument to gpgme_data_new_from_filepart changed its type from off_t to the unsigned size_t. * The R_HD argument to the GpgmePassphraseCb type changed its type from void* to void**. * New interface gpgme_op_trustlist_end() to match gpgme_op_keylist_end(). * The CryptPlug modules have been renamed to gpgme-openpgp and gpgme-smime, and they are installed in pkglibdir by `make install'. * An idle function can be registered with gpgme_register_idle(). * The GpgSM backend supports key generation with gpgme_op_genkey().
Initial import of GPGME 0.3.0. From DESCR: GnuPG Made Easy (GPGME) is a library designed to make access to GnuPG easier for applications. It provides a High-Level Crypto API for encryption, decryption, signing, signature verification and key management.
Initial revision