summaryrefslogtreecommitdiff
path: root/security/gpgme
AgeCommit message (Collapse)AuthorFilesLines
2004-03-18Fix serious bug where BUILDLINK_PACKAGES wasn't being ordered properlyjlam1-3/+2
by moving the inclusion of buildlink3.mk files outside of the protected region. This bug would be seen by users that have set PREFER_PKGSRC or PREFER_NATIVE to non-default values. BUILDLINK_PACKAGES should be ordered so that for any package in the list, that package doesn't depend on any packages to the left of it in the list. This ordering property is used to check for builtin packages in the correct order. The problem was that including a buildlink3.mk file for <pkg> correctly ensured that <pkg> was removed from BUILDLINK_PACKAGES and appended to the end. However, since the inclusion of any other buildlink3.mk files within that buildlink3.mk was in a region that was protected against multiple inclusion, those dependencies weren't also moved to the end of BUILDLINK_PACKAGES.
2004-03-09Remove info files entries from PLIST.seb1-2/+1
2004-03-05Reorder location and setting of BUILDLINK_PACKAGES to match templatejlam1-10/+7
buildlink3.mk file in revision 1.101 of bsd.buildlink3.mk.
2004-02-25Not used any more.minskim1-23/+0
2004-02-14LIBTOOL_OVERRIDE and SHLIBTOOL_OVERRIDE are now lists of shell globsjlam1-4/+2
relative to ${WRKSRC}. Remove redundant LIBTOOL_OVERRIDE settings that are automatically handled by the default setting in bsd.pkg.mk.
2004-02-11bl3ifyxtraeme2-4/+28
2003-12-14Update to 0.4.3 (for gpa-0.7.0):wiz5-17/+38
Noteworthy changes in version 0.4.3 (2003-10-06) ------------------------------------------------ * libgpgme should not be used for threaded programs anymore. This never worked reliably in all cases, because you had to be careful about the linking order and libtool wouldn't do that for you automatically. Instead, now you have to link against libgpgme-pthread for applications using pthread and libgpgme-pth for applications using GNU Pth. The old code for automagically detecting the thread library is still part of libgpgme, but it is DEPRECATED. * There are new automake macros AM_PATH_GPGME_PTH and AM_PATH_GPGME_PTHREAD, which support checking for thread-enabled versions of GPGME. They define GPGME_PTH_CFLAGS, GPGME_PTH_LIBS, GPGME_PTHREAD_CFLAGS and GPGME_PTHREAD_LIBS respectively. These variables of course also include the configuration for the thread package itself. Alternatively, use libtool. * gpgme_strerror_r as a thread safe variant of gpgme_strerror was added. * gpgme-config doesn't support setting the prefix or exec prefix anymore. I don't think it ever worked correctly, and it seems to be pointless. * gpgme_get_key fails with GPG_ERR_AMBIGUOUS_NAME if the key ID provided was not unique, instead returning the first matching key. * gpgme_key_t and gpgme_subkey_t have a new field, can_authenticate, that indicates if the key can be used for authentication. * gpgme_signature_t's status field is now correctly set to an error with error code GPG_ERR_NO_PUBKEY if public key is not found. * gpgme_new_signature_t's class field is now an unsigned int, rather than an unsigned long (the old class field is preserved for backwards compatibility). * A new function gpgme_set_locale() is provided to allow configuring the locale for the crypto backend. This is necessary for text terminals so that programs like the pinentry can be started with the right locale settings for the terminal the application is running on, in case the terminal has different settings than the system default (for example, if it is a remote terminal). You are highly recommended to call the following functions directly after gpgme_check_version: #include <locale.h> setlocale (LC_ALL, ""); gpgme_set_locale (NULL, LC_CTYPE, setlocale (LC_CTYPE, NULL)); gpgme_set_locale (NULL, LC_MESSAGES, setlocale (LC_MESSAGES, NULL)); GPGME can not do this for you, as setlocale is not thread safe, and there is no alternative. * The signal action for SIGPIPE is now set to SIG_IGN by gpgme_check_version, instead the first time a crypto engine is started (which is not well defined). * In the output of gpgme_hash_algo_name, change RMD160 to RIPEMD160, TIGER to TIGER192, CRC32-RFC1510 to CRC32RFC1510, and CRC24-RFC2440 to CRC24RFC2440. For now, these strings can be used as the MIC parameter for PGP/MIME (if appropriately modified). Noteworthy changes in version 0.4.2 (2003-07-30) ------------------------------------------------ * Allow gpg-error to be in non-standard place when linking the test suite. * Configure will fail now if gpg-error can not be found. * Fixed initialized memory backed data objects for writing, which caused the test program to crash (but only on Mac OS, surprisingly). * Eliminate use of C99 constructs. * Small improvements to the manual. Noteworthy changes in version 0.4.1 (2003-06-06) ------------------------------------------------ This is the release that 0.4.0 should have been. There are many interface changes, please see below for the details. The changes are sometimes the result of new functionality, but more often express a paradigm shift. Others are an overdue cleanup to get GPGME in line with the GNU coding standards and to make the interface more self-consistent. Here is an overview on the changes: All types have been renamed to conform to the GNU coding standards, most of the time by keeping the whole name in lowercase and inserting underscores between words. All operations consistently only accept input parameters in their invocation function, and return only an error code directly. Further information about the result of the operation has to be retrieved afterwards by calling one of the result functions. This unifies the synchronous and the asynchronous interface. The error values have been completely replaced by a more sophisticated model that allows GPGME to transparently and accurately report all errors from the other GnuPG components, irregardless of process boundaries. This is achieved by using the library libgpg-errors, which is shared by all GnuPG components. This library is now required for GPGME. The results of all operations are now provided by pointers to C structs rather than by XML structs or in other ways. Objects which used to be opaque (for example a key) are now pointers to accessible structs, so no accessor functions are necessary. Backward compatibility is provided where it was possible without too much effort and did not collide with the overall sanitization effort. However, this is only for ease of transition. NO DEPRECATED FUNCTION OR DATA TYPE IS CONSIDERED A PART OF THE API OR ABI AND WILL BE DROPPED IN THE FUTURE WITHOUT CHANGING THE SONAME OF THE LIBRARY. Recommendations how to replace deprecated or removed functionality can be found within the description of each change. What follows are all changes to the interface and behaviour of GPGME in detail. * If gpgme.h is included in sources compiled by GCC 3.1 or later, deprecated attributes will warn about use of obsolete functions and type definitions. You can suppress these warnings by passing -Wno-deprecated-declarations to the gcc command. * The following types have been renamed. The old types are still available as aliases, but they are deprecated now: [complete list in NEWS file] * gpgme_error_t is now identical to gpg_error_t, the error type provided by libgpg-error. More about using libgpg-error with GPGME can be found in the manual. All error symbols have been removed! * All functions and types in libgpg-error have been wrapped in GPGME. The new types are gpgme_err_code_t and gpgme_err_source_t. The new functions are gpgme_err_code, gpgme_err_source, gpgme_error, gpgme_err_make, gpgme_error_from_errno, gpgme_err_make_from_errno, gpgme_err_code_from_errno, gpgme_err_code_to_errno, gpgme_strsource. * GPGME_ATTR_IS_SECRET is not anymore representable as a string. * GnuPG 1.2.2 is required. The progress callback is now also invoked for encrypt, sign, encrypt-sign, decrypt, verify, and decrypt-verify operations. For verify operations on detached signatures, the progress callback is invoked for both the detached signature and the plaintext message, though. * gpgme_passphrase_cb_t has been changed to not provide a complete description, but the UID hint, passphrase info and a flag indicating if this is a repeated attempt individually, so the user can compose his own description from this information. The passphrase is not returned as a C string, but must be written to a file descriptor directly. This allows for secure passphrase entries. The return type has been changed to gpgme_error_t value. This allowed to remove the gpgme_cancel function; just return the error code GPG_ERR_CANCELED in the passphrase callback directly. * gpgme_edit_cb_t has been changed to take a file descriptor argument. The user is expected to write the response to the file descriptor, followed by a newline. * The recipients interface has been removed. Instead, you use NULL-terminated lists of keys for specifying the recipients of an encryption operation. Use the new encryption flag GPGME_ENCRYPT_ALWAYS_TRUST if you want to override the validity of the keys (but note that in general this is not a good idea). This change has been made to the prototypes of gpgme_op_encrypt, gpgme_op_encrypt_start, gpgme_op_encrypt_sign and gpgme_op_encrypt_sign_start. The export interface has been changed to use pattern strings like the keylist interface. Thus, new functions gpgme_op_export_ext and gpgme_op_export_ext_start have been added as well. Now the prototypes of gpgme_op_export_start and gpgme_op_export finally make sense. * gpgme_op_verify and gpgme_op_decrypt_verify don't return a status summary anymore. Use gpgme_get_sig_status to retrieve the individual stati. * gpgme_io_cb_t changed from a void function to a function returning a gpgme_error_t value. However, it will always return 0, so you can safely ignore the return value. * A new I/O callback event GPGME_EVENT_START has been added. The new requirement is that you must wait until this event until you are allowed to call the I/O callback handlers previously registered for this context operation. Calling I/O callback functions for this context operation before the start event happened is unsafe because it can lead to race conditions in a multi-threaded environment. * The idle function feature has been removed. It was not precisely defined in a multi-threaded environment and is obsoleted by the user I/O callback functions. If you still need a simple way to call something while waiting on one or multiple asynchronous operations to complete, don't set the HANG flag in gpgme_wait (note that this will return to your program more often than the idle function did). * gpgme_wait can return NULL even if hang is true, if an error occurs. In that case *status contains the error code. * gpgme_get_engine_info was radically changed. Instead an XML string, an info structure of the new type gpgme_engine_info_t is returned. This makes it easier and more robust to evaluate the information in an application. * The new function gpgme_get_protocol_name can be used to convert a gpgme_protocol_t value into a string. * The status of a context operation is not checked anymore. Starting a new operation will silently cancel the previous one. Calling a function that requires you to have started an operation before without doing so is undefined. * The FPR argument to gpgme_op_genkey was removed. Instead, use the gpgme_op_genkey_result function to retrieve a gpgme_genkey_result_t pointer to a structure which contains the fingerprint. This also works with gpgme_op_genkey_start. The structure also provides other information about the generated keys. * The new gpgme_op_import_result function provides detailed information about the result of an import operation in gpgme_import_result_t and gpgme_import_status_t objects. Thus, the gpgme_op_import_ext variant is deprecated. * The new gpgme_op_sign_result function provides detailed information about the result of a signing operation in gpgme_sign_result_t, gpgme_invalid_key_t and gpgme_new_signature_t objects. * The new gpgme_op_encrypt_result function provides detailed information about the result of an encryption operation in a GpgmeEncryptResult object. * The new gpgme_op_decrypt_result function provides detailed information about the result of a decryption operation in a GpgmeDecryptResult object. * The new gpgme_op_verify_result function provides detailed information about the result of an verify operation in a GpgmeVerifyResult object. Because of this, the GPGME_SIG_STAT_* values, gpgme_get_sig_status, gpgme_get_sig_ulong_attr, gpgme_get_sig_string_attr and gpgme_get_sig_key are now deprecated, and gpgme_get_notation is removed. * GpgmeTrustItem objects have now directly accessible data, so the gpgme_trust_item_get_string_attr and gpgme_trust_item_get_ulong_attr accessor functions are deprecated. Also, reference counting is available through gpgme_trust_item_ref and gpgme_trust_item_unref (the gpgme_trust_item_release alias for the latter is deprecated). * Keys are not cached internally anymore, so the force_update argument to gpgme_get_key has been removed. * GpgmeKey objects have now directly accessible data so the gpgme_key_get_string_attr, gpgme_key_get_ulong_attr, gpgme_key_sig_get_string_attr and gpgme_key_sig_get_ulong_attr functions are deprecated. Also, gpgme_key_release is now deprecated. The gpgme_key_get_as_xml function has been dropped. * Because all interfaces using attributes are deprecated, the GpgmeAttr data type is also deprecated. * The new gpgme_op_keylist_result function provides detailed information about the result of a key listing operation in a GpgmeKeyListResult object. * Now that each function comes with its own result retrieval interface, the generic gpgme_get_op_info interface is not useful anymore and dropped. * The type and mode of data objects is not available anymore. Noteworthy changes in version 0.4.0 (2002-12-23) ------------------------------------------------ * Key generation returns the fingerprint of the generated key. * New convenience function gpgme_get_key. * Supports signatures of user IDs in keys via the new GPGME_KEYLIST_MODE_SIGS keylist mode and the gpgme_key_sig_get_string_attr and gpgme_key_sig_get_ulong_attr interfaces. The XML info about a key also includes the signatures if available. * New data object interface, which is more flexible and transparent. Lots of interface changes, for details see the included NEWS file.
2003-08-09USE_NEW_TEXINFO is unnecessary now.seb1-2/+1
2003-08-05Convert to USE_NEW_TEXINFO.seb2-6/+4
2003-07-25With native threads, explicitely disable any GNU pth checking.drochner1-2/+7
Otherwise it gets confused about the library hidden by buildlink.
2003-05-02Dependency bumps, needed because of devel/pth's major bump, and relatedwiz2-3/+4
dependency bumps.
2003-03-11Updated to latest stable version 0.3.15.salo4-9/+11
Changes: - The progress status is sent via the progress callbacks in gpgme_op_edit. - Bug fix for signing operations with explicit signer settings for the CMS protocol.
2002-12-22Update gpgme to 0.3.14.chris3-7/+7
From NEWS file: Noteworthy changes in version 0.3.14 (2002-12-04) ------------------------------------------------- * GPGME-Plug is now in its own package "cryptplug". * Workaround for a setlocale problem. Fixed a segv related to not correctly as closed marked file descriptors. For full list of changes see ChangeLog. (distfile checked against .sig file)
2002-11-29Belated bump libgpgme.so from 9.3 to 9.4.chris1-2/+2
Next time something says just updated a couple of scripts, I won't believe it. Thanks to skrueger for pointing this out 8)
2002-11-24Update gpgme to 0.3.13.chris2-6/+6
Only change (other than version) is: * config.sub, config.guess: Updated from ftp.gnu.org/gnu/config to version 2002-11-08.
2002-10-27Update gpgme to 0.3.12. Again mostly bug fixes. Now depends on gpg 1.2.0.chris4-40/+13
Don't seem to need patch-ba. Also fix .info file handling.
2002-10-09Unused.wiz1-47/+0
2002-09-24buildlink1 -> buildlink2jlam1-6/+8
2002-09-01Fix whitespace in PLIST. Closes pkg/18137 by Katsuhiko Fujii.wiz1-2/+2
2002-08-26Update to 0.3.9mjl5-22/+50
* An experimental interface to GnuPG's --edit-key functionality is introduced, see gpgme_op_edit. * The new gpgme_import_ext function provides a convenient access to the number of processed keys. * It is possible to use an outside event loop for the I/O to the crypto engine by setting the I/O callbacks with gpgme_set_io_cbs. * GPGME_ATTR_OTRUST is implemented now. * A first step toward thread safeness has been achieved, see the documentation for details. Supported thread libraries are pthread and Pth. * All error output of the gpgsm backend is send to the bit bucket. * The signature verification functions are extended. Instead of always returning GPGME_SIG_STATUS_GOOD, the functions new codes for expired signatures. * The current passphrase callback and progress meter callback can be retrieved with the new functions gpgme_get_passphrase_cb and gpgme_get_progress_cb respectively. * gpgme_op_encrypt can be called with RECIPIENTS being 0. In this case, symmetric encryption is performed. Note that this requires a passphrase from the user. * More information is returned for X.509 certificates. * Interface changes relative to the 0.3.4 release: * gpgme_op_encrypt does now fail with GPGME_Invalid_Recipients if some recipients have been invalid, whereas earlier versions succeeded in this case. * gpgme_op_verify now allows to pass an uninitialized data object as its plaintext argument to check for normal and cleartext signatures. The plaintext is then returned in the data object. * New interfaces gpgme_set_include_certs and gpgme_get_include_certs to set and get the number of certifications to include in S/MIME signed messages. * New interfaces gpgme_op_encrypt_sign and gpgme_op_encrypt_sign_start to encrypt and sign a message in a combined operation. * New interface gpgme_op_keylist_ext_start to search for multiple patterns. * gpgme_key_get_ulong_attr supports the GPGME_ATTR_EXPIRE attribute. * Interface changes relative to the 0.3.3 release: * Fix the Makefile in jnlib. * Fix the test suite (hopefully). It should clean up all its state with `make check' now. * Remove erroneous dependency on libgcrypt in jnlib. * There is a Texinfo manual documenting the API. * The gpgme_set_keylist_mode function returns an error, and changed its meaning. It is no longer usable to select between normal and fast mode (newer versions of GnuPG will always be fast), but selects between local keyring, remote keyserver, or both. For this, two new macros are defined, GPGME_KEYLIST_MODE_LOCAL and GPGME_KEYLIST_MODE_EXTERN. To make it possible to modify the current setting, a fucntion gpgme_get_keylist_mode was added to retrieve the current mode. * gpgme_wait accepts a new argument STATUS to return the error status of the operation on the context. Its definition is closer to waitpid() now than before. * The LENGTH argument to gpgme_data_new_from_filepart changed its type from off_t to the unsigned size_t. * The R_HD argument to the GpgmePassphraseCb type changed its type from void* to void**. * New interface gpgme_op_trustlist_end() to match gpgme_op_keylist_end(). * The CryptPlug modules have been renamed to gpgme-openpgp and gpgme-smime, and they are installed in pkglibdir by `make install'. * An idle function can be registered with gpgme_register_idle(). * The GpgSM backend supports key generation with gpgme_op_genkey().
2002-08-25Merge changes in packages from the buildlink2 branch that havejlam2-1/+20
buildlink2.mk files back into the main trunk.
2002-05-11Wildcard gnupg dependency.wiz1-2/+2
2002-03-17Add buildlink.mk (which is shamelessly copied from another one).uebayasi1-0/+47
2002-03-17Initial import of GPGME 0.3.0.uebayasi6-0/+60
From DESCR: GnuPG Made Easy (GPGME) is a library designed to make access to GnuPG easier for applications. It provides a High-Level Crypto API for encryption, decryption, signing, signature verification and key management.