diff options
| author | wiz <wiz> | 2002-05-07 18:48:46 +0000 |
|---|---|---|
| committer | wiz <wiz> | 2002-05-07 18:48:46 +0000 |
| commit | 12ff324eb921e52b52b1eb8e34bdc92b341c1f5e (patch) | |
| tree | b92cd7ba9a6eaeec46bb634e8e172edd85301833 /security/gnupg | |
| parent | d9f38106ad2af7d3c59c8b9ccd54488411f6db17 (diff) | |
| download | pkgsrc-12ff324eb921e52b52b1eb8e34bdc92b341c1f5e.tar.gz | |
Update to 1.0.7.
* Secret keys are now stored and exported in a new format which
uses SHA-1 for integrity checks. This format renders the
Rosa/Klima attack useless. Other OpenPGP implementations might
not yet support this, so the option --simple-sk-checksum creates
the old vulnerable format.
* The default cipher algorithm for encryption is now CAST5,
default hash algorithm is SHA-1. This will give us better
interoperability with other OpenPGP implementations.
* Symmetric encrypted messages now use a fixed file size if
possible. This is a tradeoff: it breaks PGP 5, but fixes PGP 2,
6, and 7. Note this was only an issue with RFC-1991 style
symmetric messages.
* Photographic user ID support. This uses an external program to
view the images.
* Enhanced keyserver support via keyserver "plugins". GnuPG comes
with plugins for the NAI LDAP keyserver as well as the HKP email
keyserver. It retains internal support for the HKP HTTP
keyserver.
* Nonrevocable signatures are now supported. If a user signs a
key nonrevocably, this signature cannot be taken back so be
careful!
* Multiple signature classes are usable when signing a key to
specify how carefully the key information (fingerprint, photo
ID, etc) was checked.
* --pgp2 mode automatically sets all necessary options to ensure
that the resulting message will be usable by a user of PGP 2.x.
* --pgp6 mode automatically sets all necessary options to ensure
that the resulting message will be usable by a user of PGP 6.x.
* Signatures may now be given an expiration date. When signing a
key with an expiration date, the user is prompted whether they
want their signature to expire at the same time.
* Revocation keys (designated revokers) are now supported if
present. There is currently no way to designate new keys as
designated revokers.
* Permissions on the .gnupg directory and its files are checked
for safety.
* --expert mode enables certain silly things such as signing a
revoked user id, expired key, or revoked key.
* Some fixes to build cleanly under Cygwin32.
* New tool gpgsplit to split OpenPGP data formats into packets.
* New option --preserve-permissions.
* Subkeys created in the future are not used for encryption or
signing unless the new option --ignore-valid-from is used.
* Revoked user-IDs are not listed unless signatures are listed too
or we are in verbose mode.
* There is no default comment string with ascii armors anymore
except for revocation certificates and --enarmor mode.
* The command "primary" in the edit menu can be used to change the
primary UID, "setpref" and "updpref" can be used to change the
preferences.
* Fixed the preference handling; since 1.0.5 they were erroneously
matched against against the latest user ID and not the given one.
* RSA key generation.
* It is now possible to sign and conventional encrypt a message (-cs).
* The MDC feature flag is supported and can be set by using
the "updpref" edit command.
* The status messages GOODSIG and BADSIG are now returning the primary
UID, encoded using %XX escaping (but with spaces left as spaces,
so that it should not break too much)
* Support for GDBM based keyrings has been removed.
* The entire keyring management has been revamped.
* The way signature stati are store has changed so that v3
signatures can be supported. To increase the speed of many
operations for existing keyrings you can use the new
--rebuild-keydb-caches command.
* The entire key validation process (trustdb) has been revamped.
See the man page entries for --update-trustdb, --check-trustdb
and --no-auto-check-trustdb.
* --trusted-keys is again obsolete, --edit can be used to set the
ownertrust of any key to ultimately trusted.
* A subkey is never used to sign keys.
* Read only keyrings are now handled as expected.
Diffstat (limited to 'security/gnupg')
| -rw-r--r-- | security/gnupg/Makefile | 6 | ||||
| -rw-r--r-- | security/gnupg/PLIST | 16 | ||||
| -rw-r--r-- | security/gnupg/distinfo | 10 | ||||
| -rw-r--r-- | security/gnupg/patches/patch-ab | 14 | ||||
| -rw-r--r-- | security/gnupg/patches/patch-ac | 22 |
5 files changed, 35 insertions, 33 deletions
diff --git a/security/gnupg/Makefile b/security/gnupg/Makefile index 9f0376ea1c0..4b86afa3d60 100644 --- a/security/gnupg/Makefile +++ b/security/gnupg/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.30 2002/02/18 15:14:39 seb Exp $ +# $NetBSD: Makefile,v 1.31 2002/05/07 18:48:46 wiz Exp $ # -DISTNAME= gnupg-1.0.6 +DISTNAME= gnupg-1.0.7 CATEGORIES= security MASTER_SITES= ftp://ftp.gnupg.org/pub/gcrypt/gnupg/ # don't remove this -- we may add idea.c to it below @@ -20,7 +20,7 @@ USE_GMAKE= yes EXTRACT_ONLY= ${DISTNAME}${EXTRACT_SUFX} -INFO_FILES= gpg.info gpgv.info +INFO_FILES= gpgv.info .include "../../mk/bsd.prefs.mk" diff --git a/security/gnupg/PLIST b/security/gnupg/PLIST index 06e28f3b1d7..2ab812a61e8 100644 --- a/security/gnupg/PLIST +++ b/security/gnupg/PLIST @@ -1,34 +1,36 @@ -@comment $NetBSD: PLIST,v 1.2 2002/02/18 15:14:39 seb Exp $ +@comment $NetBSD: PLIST,v 1.3 2002/05/07 18:48:46 wiz Exp $ bin/gpg +bin/gpgkeys_mailto +bin/gpgsplit bin/gpgv -@unexec ${INSTALL_INFO} --delete --info-dir=%D/info %D/info/gpg.info @unexec ${INSTALL_INFO} --delete --info-dir=%D/info %D/info/gpgv.info -info/gpg.info info/gpgv.info -@exec ${INSTALL_INFO} --info-dir=%D/info %D/info/gpg.info @exec ${INSTALL_INFO} --info-dir=%D/info %D/info/gpgv.info ${IDEA}lib/gnupg/idea lib/gnupg/rndegd -lib/gnupg/rndunix +lib/gnupg/rndlinux lib/gnupg/tiger man/man1/gpg.1 man/man1/gpgv.1 share/gnupg/FAQ share/gnupg/faq.html share/gnupg/options.skel +${PKGLOCALEDIR}/locale/cs/LC_MESSAGES/gnupg.mo ${PKGLOCALEDIR}/locale/da/LC_MESSAGES/gnupg.mo ${PKGLOCALEDIR}/locale/de/LC_MESSAGES/gnupg.mo +${PKGLOCALEDIR}/locale/el/LC_MESSAGES/gnupg.mo ${PKGLOCALEDIR}/locale/eo/LC_MESSAGES/gnupg.mo -${PKGLOCALEDIR}/locale/es_ES/LC_MESSAGES/gnupg.mo +${PKGLOCALEDIR}/locale/es/LC_MESSAGES/gnupg.mo ${PKGLOCALEDIR}/locale/et/LC_MESSAGES/gnupg.mo ${PKGLOCALEDIR}/locale/fr/LC_MESSAGES/gnupg.mo +${PKGLOCALEDIR}/locale/gl/LC_MESSAGES/gnupg.mo ${PKGLOCALEDIR}/locale/id/LC_MESSAGES/gnupg.mo ${PKGLOCALEDIR}/locale/it/LC_MESSAGES/gnupg.mo ${PKGLOCALEDIR}/locale/ja/LC_MESSAGES/gnupg.mo ${PKGLOCALEDIR}/locale/nl/LC_MESSAGES/gnupg.mo ${PKGLOCALEDIR}/locale/pl/LC_MESSAGES/gnupg.mo +${PKGLOCALEDIR}/locale/pt/LC_MESSAGES/gnupg.mo ${PKGLOCALEDIR}/locale/pt_BR/LC_MESSAGES/gnupg.mo -${PKGLOCALEDIR}/locale/pt_PT/LC_MESSAGES/gnupg.mo ${PKGLOCALEDIR}/locale/sv/LC_MESSAGES/gnupg.mo ${PKGLOCALEDIR}/locale/tr/LC_MESSAGES/gnupg.mo @dirrm share/gnupg diff --git a/security/gnupg/distinfo b/security/gnupg/distinfo index e01655ea10a..a81e8e0cf70 100644 --- a/security/gnupg/distinfo +++ b/security/gnupg/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.7 2002/01/07 21:29:34 wiz Exp $ +$NetBSD: distinfo,v 1.8 2002/05/07 18:48:46 wiz Exp $ -SHA1 (gnupg-1.0.6.tar.gz) = 3d5f0b6c123916aebd64fcbf34117019642dde98 -Size (gnupg-1.0.6.tar.gz) = 1941676 bytes +SHA1 (gnupg-1.0.7.tar.gz) = 46da038c60143fa49abae2fae6fcbd0f58f7a46e +Size (gnupg-1.0.7.tar.gz) = 2399025 bytes SHA1 (idea.c.20010605) = f6e237b84285964f09b3806b91170b6523384a48 Size (idea.c.20010605) = 15480 bytes SHA1 (patch-aa) = fffd3e55792bb27df002bacbc5d8bf9096d5dd64 -SHA1 (patch-ab) = 26938c9933564f263a02ac3c01b47fa185142f28 -SHA1 (patch-ac) = 1d191cdabab38afa537b26dbf340aede0c79748c +SHA1 (patch-ab) = ce3b5ff0331e51ca6cd11b969e8df3719ca5d547 +SHA1 (patch-ac) = 9e3d0c6a7b828e52f5a773591f87e4a9072ad698 diff --git a/security/gnupg/patches/patch-ab b/security/gnupg/patches/patch-ab index 078c6d62126..3bc581e00e3 100644 --- a/security/gnupg/patches/patch-ab +++ b/security/gnupg/patches/patch-ab @@ -1,13 +1,13 @@ -$NetBSD: patch-ab,v 1.12 2001/05/23 15:35:01 wiz Exp $ +$NetBSD: patch-ab,v 1.13 2002/05/07 18:48:47 wiz Exp $ ---- cipher/Makefile.in.orig Sun Apr 29 16:39:07 2001 +--- cipher/Makefile.in.orig Mon Apr 29 17:06:11 2002 +++ cipher/Makefile.in -@@ -142,7 +142,7 @@ - @ENABLE_GNUPG_EXTENSIONS_TRUE@pkglib_PROGRAMS = @DYNAMIC_CIPHER_MODS@ - @ENABLE_GNUPG_EXTENSIONS_FALSE@pkglib_PROGRAMS = +@@ -129,7 +129,7 @@ + am__quote = @am__quote@ + install_sh = @install_sh@ -DYNLINK_MOD_CFLAGS = -DIS_MODULE @DYNLINK_MOD_CFLAGS@ +DYNLINK_MOD_CFLAGS = -DIS_MODULE -fPIC @DYNLINK_MOD_CFLAGS@ - #libcipher_a_LDFLAGS = - libcipher_a_SOURCES = cipher.c pubkey.c md.c dynload.c dynload.h bithelp.h des.c des.h twofish.c blowfish.c blowfish.h cast5.c cast5.h rijndael.c elgamal.c elgamal.h rsa.c rsa.h primegen.c random.h random.c rand-internal.h rmd.h dsa.h dsa.c g10c.c smallprime.c construct.c + INCLUDES = -I.. -I$(top_srcdir)/include -I$(top_srcdir)/intl + diff --git a/security/gnupg/patches/patch-ac b/security/gnupg/patches/patch-ac index 7506939ba8d..5e24c169a30 100644 --- a/security/gnupg/patches/patch-ac +++ b/security/gnupg/patches/patch-ac @@ -1,17 +1,17 @@ -$NetBSD: patch-ac,v 1.10 2002/01/07 21:29:35 wiz Exp $ +$NetBSD: patch-ac,v 1.11 2002/05/07 18:48:47 wiz Exp $ ---- mpi/config.links.orig Sun Apr 29 13:36:18 2001 +--- mpi/config.links.orig Thu Apr 18 12:10:40 2002 +++ mpi/config.links @@ -119,6 +119,12 @@ path="sparc32v8 sparc32" mpi_extra_modules="udiv" ;; -+ sparc64-*-netbsd) -+ # There are no sparc64 assembler modules that work, so -+ # just use generic C functions -+ echo '/* configured for sparc64-*-netbsd */' >>./mpi/asm-syntax.h -+ path="" -+ ;; - sparc9*-*-* | \ - sparc64*-*-* | \ - ultrasparc*-*-* ) ++ sparc64-*-netbsd) ++ # There are no sparc64 assembler modules that work, so ++ # just use generic C functions ++ echo '/* configured for sparc64-*-netbsd */' >>./mpi/asm-syntax.h ++ path="" ++ ;; + sparc64-sun-solaris2*) + # Got a report that udiv is missing, so we try this one + echo '/* configured for sparc64-sun-solaris2 */' >>./mpi/asm-syntax.h |