head 1.166; access; symbols pkgsrc-2023Q4:1.166.0.2 pkgsrc-2023Q4-base:1.166 pkgsrc-2023Q3:1.164.0.4 pkgsrc-2023Q3-base:1.164 pkgsrc-2023Q2:1.164.0.2 pkgsrc-2023Q2-base:1.164 pkgsrc-2023Q1:1.163.0.4 pkgsrc-2023Q1-base:1.163 pkgsrc-2022Q4:1.163.0.2 pkgsrc-2022Q4-base:1.163 pkgsrc-2022Q3:1.162.0.4 pkgsrc-2022Q3-base:1.162 pkgsrc-2022Q2:1.162.0.2 pkgsrc-2022Q2-base:1.162 pkgsrc-2022Q1:1.161.0.4 pkgsrc-2022Q1-base:1.161 pkgsrc-2021Q4:1.161.0.2 pkgsrc-2021Q4-base:1.161 pkgsrc-2021Q3:1.158.0.4 pkgsrc-2021Q3-base:1.158 pkgsrc-2021Q2:1.158.0.2 pkgsrc-2021Q2-base:1.158 pkgsrc-2021Q1:1.157.0.6 pkgsrc-2021Q1-base:1.157 pkgsrc-2020Q4:1.157.0.4 pkgsrc-2020Q4-base:1.157 pkgsrc-2020Q3:1.157.0.2 pkgsrc-2020Q3-base:1.157 pkgsrc-2020Q2:1.156.0.2 pkgsrc-2020Q2-base:1.156 pkgsrc-2020Q1:1.154.0.2 pkgsrc-2020Q1-base:1.154 pkgsrc-2019Q4:1.150.0.6 pkgsrc-2019Q4-base:1.150 pkgsrc-2019Q3:1.150.0.2 pkgsrc-2019Q3-base:1.150 pkgsrc-2019Q2:1.147.0.6 pkgsrc-2019Q2-base:1.147 pkgsrc-2019Q1:1.147.0.4 pkgsrc-2019Q1-base:1.147 pkgsrc-2018Q4:1.147.0.2 pkgsrc-2018Q4-base:1.147 pkgsrc-2018Q3:1.146.0.2 pkgsrc-2018Q3-base:1.146 pkgsrc-2018Q2:1.145.0.2 pkgsrc-2018Q2-base:1.145 pkgsrc-2018Q1:1.142.0.2 pkgsrc-2018Q1-base:1.142 pkgsrc-2017Q4:1.140.0.6 pkgsrc-2017Q4-base:1.140 pkgsrc-2017Q3:1.140.0.4 pkgsrc-2017Q3-base:1.140 pkgsrc-2017Q2:1.138.0.2 pkgsrc-2017Q2-base:1.138 pkgsrc-2017Q1:1.137.0.2 pkgsrc-2017Q1-base:1.137 pkgsrc-2016Q4:1.135.0.2 pkgsrc-2016Q4-base:1.135 pkgsrc-2016Q3:1.134.0.2 pkgsrc-2016Q3-base:1.134 pkgsrc-2016Q2:1.133.0.4 pkgsrc-2016Q2-base:1.133 pkgsrc-2016Q1:1.133.0.2 pkgsrc-2016Q1-base:1.133 pkgsrc-2015Q4:1.130.0.2 pkgsrc-2015Q4-base:1.130 pkgsrc-2015Q3:1.128.0.6 pkgsrc-2015Q3-base:1.128 pkgsrc-2015Q2:1.128.0.4 pkgsrc-2015Q2-base:1.128 pkgsrc-2015Q1:1.128.0.2 pkgsrc-2015Q1-base:1.128 pkgsrc-2014Q4:1.127.0.2 pkgsrc-2014Q4-base:1.127 pkgsrc-2014Q3:1.126.0.2 pkgsrc-2014Q3-base:1.126 pkgsrc-2014Q2:1.125.0.2 pkgsrc-2014Q2-base:1.125 pkgsrc-2014Q1:1.124.0.2 pkgsrc-2014Q1-base:1.124 pkgsrc-2013Q4:1.123.0.2 pkgsrc-2013Q4-base:1.123 pkgsrc-2013Q3:1.120.0.2 pkgsrc-2013Q3-base:1.120 pkgsrc-2013Q2:1.119.0.2 pkgsrc-2013Q2-base:1.119 pkgsrc-2013Q1:1.118.0.2 pkgsrc-2013Q1-base:1.118 pkgsrc-2012Q4:1.114.0.2 pkgsrc-2012Q4-base:1.114 pkgsrc-2012Q3:1.110.0.6 pkgsrc-2012Q3-base:1.110 pkgsrc-2012Q2:1.110.0.4 pkgsrc-2012Q2-base:1.110 pkgsrc-2012Q1:1.110.0.2 pkgsrc-2012Q1-base:1.110 pkgsrc-2011Q4:1.109.0.2 pkgsrc-2011Q4-base:1.109 pkgsrc-2011Q3:1.108.0.4 pkgsrc-2011Q3-base:1.108 pkgsrc-2011Q2:1.108.0.2 pkgsrc-2011Q2-base:1.108 pkgsrc-2011Q1:1.107.0.4 pkgsrc-2011Q1-base:1.107 pkgsrc-2010Q4:1.107.0.2 pkgsrc-2010Q4-base:1.107 pkgsrc-2010Q3:1.106.0.8 pkgsrc-2010Q3-base:1.106 pkgsrc-2010Q2:1.106.0.6 pkgsrc-2010Q2-base:1.106 pkgsrc-2010Q1:1.106.0.4 pkgsrc-2010Q1-base:1.106 pkgsrc-2009Q4:1.106.0.2 pkgsrc-2009Q4-base:1.106 pkgsrc-2009Q3:1.104.0.2 pkgsrc-2009Q3-base:1.104 pkgsrc-2009Q2:1.102.0.2 pkgsrc-2009Q2-base:1.102 pkgsrc-2009Q1:1.98.0.2 pkgsrc-2009Q1-base:1.98 pkgsrc-2008Q4:1.96.0.12 pkgsrc-2008Q4-base:1.96 pkgsrc-2008Q3:1.96.0.10 pkgsrc-2008Q3-base:1.96 cube-native-xorg:1.96.0.8 cube-native-xorg-base:1.96 pkgsrc-2008Q2:1.96.0.6 pkgsrc-2008Q2-base:1.96 cwrapper:1.96.0.4 pkgsrc-2008Q1:1.96.0.2 pkgsrc-2008Q1-base:1.96 pkgsrc-2007Q4:1.94.0.8 pkgsrc-2007Q4-base:1.94 pkgsrc-2007Q3:1.94.0.6 pkgsrc-2007Q3-base:1.94 pkgsrc-2007Q2:1.94.0.4 pkgsrc-2007Q2-base:1.94 pkgsrc-2007Q1:1.94.0.2 pkgsrc-2007Q1-base:1.94 pkgsrc-2006Q4:1.93.0.2 pkgsrc-2006Q4-base:1.93 pkgsrc-2006Q3:1.90.0.2 pkgsrc-2006Q3-base:1.90 pkgsrc-2006Q2:1.86.0.2 pkgsrc-2006Q2-base:1.86 pkgsrc-2006Q1:1.82.0.2 pkgsrc-2006Q1-base:1.82 pkgsrc-2005Q4:1.79.0.2 pkgsrc-2005Q4-base:1.79 pkgsrc-2005Q3:1.77.0.2 pkgsrc-2005Q3-base:1.77 pkgsrc-2005Q2:1.76.0.2 pkgsrc-2005Q2-base:1.76 pkgsrc-2005Q1:1.73.0.2 pkgsrc-2005Q1-base:1.73 pkgsrc-2004Q4:1.71.0.2 pkgsrc-2004Q4-base:1.71 pkgsrc-2004Q3:1.69.0.2 pkgsrc-2004Q3-base:1.69 pkgsrc-2004Q2:1.66.0.2 pkgsrc-2004Q2-base:1.66 pkgsrc-2004Q1:1.61.0.2 pkgsrc-2004Q1-base:1.61 pkgsrc-2003Q4:1.53.0.2 pkgsrc-2003Q4-base:1.53 netbsd-1-6-1:1.41.0.2 netbsd-1-6-1-base:1.41 netbsd-1-6:1.32.0.6 netbsd-1-6-RELEASE-base:1.32 pkgviews:1.32.0.2 pkgviews-base:1.32 buildlink2:1.31.0.2 buildlink2-base:1.32 netbsd-1-5-PATCH003:1.30 netbsd-1-5-PATCH001:1.24 netbsd-1-5-RELEASE:1.16 netbsd-1-4-PATCH003:1.16 netbsd-1-4-PATCH002:1.6 comdex-fall-1999:1.3 netbsd-1-4-PATCH001:1.3 netbsd-1-4-RELEASE:1.3; locks; strict; comment @# @; 1.166 date 2023.11.08.13.20.45; author wiz; state Exp; branches; next 1.165; commitid PsuHTklAIsF4bOLE; 1.165 date 2023.10.24.22.10.47; author wiz; state Exp; branches; next 1.164; commitid MTsrqKm6aGrQAVJE; 1.164 date 2023.04.19.08.11.21; author adam; state Exp; branches; next 1.163; commitid B8gCWhWtMX9vZGlE; 1.163 date 2022.10.26.10.31.56; author wiz; state Exp; branches; next 1.162; commitid PVFjlIYUKslkpdZD; 1.162 date 2022.05.10.11.50.55; author nia; state Exp; branches; next 1.161; commitid lrJ2MoSx7GyyhvDD; 1.161 date 2021.12.08.16.06.17; author adam; state Exp; branches; next 1.160; commitid 2PyWjHx5T8rqARjD; 1.160 date 2021.09.30.11.17.10; author nia; state Exp; branches; next 1.159; commitid vL1BrfSK2ZxteYaD; 1.159 date 2021.09.29.19.01.16; author adam; state Exp; branches; next 1.158; commitid WsBUbBM52TSePSaD; 1.158 date 2021.04.21.13.25.18; author adam; state Exp; branches; next 1.157; commitid RAyVO2K5RkoQ8aQC; 1.157 date 2020.09.07.13.08.28; author gdt; state Exp; branches; next 1.156; commitid TJP6CyhYsD5Zi7nC; 1.156 date 2020.05.22.10.56.36; author adam; state Exp; branches; next 1.155; commitid m1Z0QPvTTTWz3e9C; 1.155 date 2020.05.06.14.05.00; author adam; state Exp; branches; next 1.154; commitid dLR3o37Fk2B5Cb7C; 1.154 date 2020.03.08.16.51.07; author wiz; state Exp; branches; next 1.153; commitid rcNYzTQo8icypCZB; 1.153 date 2020.01.26.17.32.03; author rillig; state Exp; branches; next 1.152; commitid 4fBBvoSLJaGd0eUB; 1.152 date 2020.01.18.21.50.36; author jperkin; state Exp; branches; next 1.151; commitid JW4hJgY8ZdoTFdTB; 1.151 date 2020.01.12.20.20.41; author ryoon; state Exp; branches; next 1.150; commitid 5tyaDUwPevcZnrSB; 1.150 date 2019.08.22.12.23.44; author ryoon; state Exp; branches; next 1.149; commitid UuiyQ10Dn9Rtl1AB; 1.149 date 2019.07.20.22.46.46; author wiz; state Exp; branches; next 1.148; commitid dMrQLvIeoazTQPvB; 1.148 date 2019.07.01.04.08.45; author ryoon; state Exp; branches; next 1.147; commitid qsMjwmrvOSh6hitB; 1.147 date 2018.12.13.19.52.19; author adam; state Exp; branches; next 1.146; commitid XjJhLcEnCzYFVF3B; 1.146 date 2018.08.16.18.55.09; author adam; state Exp; branches; next 1.145; commitid myXuojHMA7ifrnOA; 1.145 date 2018.06.15.21.51.23; author tez; state Exp; branches; next 1.144; commitid 9QltrhLOkhxxoqGA; 1.144 date 2018.04.29.21.32.02; author adam; state Exp; branches; next 1.143; commitid QKwzJtFzAE0cOnAA; 1.143 date 2018.04.21.13.38.06; author wiz; state Exp; branches; next 1.142; commitid 0QhVHzZeuQ3OrjzA; 1.142 date 2018.01.02.05.37.23; author maya; state Exp; branches; next 1.141; commitid BIollYmonKC1iglA; 1.141 date 2018.01.01.21.18.50; author adam; state Exp; branches; next 1.140; commitid VDVceOVT4khVwdlA; 1.140 date 2017.08.24.20.03.38; author adam; state Exp; branches; next 1.139; commitid SAladHuASDqXhv4A; 1.139 date 2017.08.14.20.12.00; author wiz; state Exp; branches; next 1.138; commitid AhqMi0e9YuXfFd3A; 1.138 date 2017.04.30.01.21.59; author ryoon; state Exp; branches; next 1.137; commitid 1A40BlmMDYkiOuPz; 1.137 date 2017.01.19.18.52.23; author agc; state Exp; branches; next 1.136; commitid ufZDMu4cgHZdRBCz; 1.136 date 2017.01.01.16.06.35; author adam; state Exp; branches; next 1.135; commitid jkBZ9Kd0NEyexhAz; 1.135 date 2016.10.07.18.26.09; author adam; state Exp; branches; next 1.134; commitid WWBLkSP9Isuv4fpz; 1.134 date 2016.08.17.23.05.19; author maya; state Exp; branches; next 1.133; commitid nD1J1T9cwgqWfIiz; 1.133 date 2016.03.05.11.29.20; author jperkin; state Exp; branches 1.133.4.1; next 1.132; commitid 1LoxeQftu903HrXy; 1.132 date 2016.02.24.13.01.21; author wiz; state Exp; branches; next 1.131; commitid ZqeaClQEhxQHxaWy; 1.131 date 2016.01.22.08.39.51; author zafer; state Exp; branches; next 1.130; commitid wAgozgBtEUYC9URy; 1.130 date 2015.12.22.20.55.41; author ryoon; state Exp; branches; next 1.129; commitid 3jIxK4BawMWWdZNy; 1.129 date 2015.11.16.10.33.35; author wiz; state Exp; branches; next 1.128; commitid sKLyDhiyZHfjWiJy; 1.128 date 2015.02.28.00.13.25; author wiz; state Exp; branches; next 1.127; commitid 3qHKCCETwPkHTHby; 1.127 date 2014.10.09.14.06.52; author wiz; state Exp; branches 1.127.2.1; next 1.126; commitid fBDATFVmQ3454xTx; 1.126 date 2014.07.22.11.24.29; author wiz; state Exp; branches; next 1.125; commitid kjOut2hyWGnjImJx; 1.125 date 2014.06.24.07.35.10; author wiz; state Exp; branches; next 1.124; commitid 9I1lHlSAlYUqlKFx; 1.124 date 2014.02.12.23.18.32; author tron; state Exp; branches; next 1.123; commitid dfJj7CwMMWJzNRox; 1.123 date 2013.12.18.18.56.24; author wiz; state Exp; branches; next 1.122; commitid unqjKx8nPmhQ9Ehx; 1.122 date 2013.10.26.23.30.29; author wiz; state Exp; branches; next 1.121; commitid OY93ZirCA7OqnRax; 1.121 date 2013.10.05.13.19.51; author wiz; state Exp; branches; next 1.120; commitid vTSYlZIh2pfRF68x; 1.120 date 2013.07.25.11.50.45; author wiz; state Exp; branches 1.120.2.1; next 1.119; commitid qOt75uyYQN5ttQYw; 1.119 date 2013.05.10.20.18.39; author riastradh; state Exp; branches 1.119.2.1; next 1.118; commitid 5jQdfbviUHruK7Pw; 1.118 date 2013.02.06.23.23.36; author jperkin; state Exp; branches; next 1.117; 1.117 date 2013.01.07.21.53.53; author wiz; state Exp; branches; next 1.116; 1.116 date 2013.01.07.21.47.32; author wiz; state Exp; branches; next 1.115; 1.115 date 2013.01.06.14.50.47; author spz; state Exp; branches; next 1.114; 1.114 date 2012.12.16.01.52.32; author obache; state Exp; branches 1.114.2.1; next 1.113; 1.113 date 2012.11.07.21.07.51; author wiz; state Exp; branches; next 1.112; 1.112 date 2012.11.07.12.24.39; author wiz; state Exp; branches; next 1.111; 1.111 date 2012.10.23.18.16.28; author asau; state Exp; branches; next 1.110; 1.110 date 2012.03.03.00.17.29; author wiz; state Exp; branches; next 1.109; 1.109 date 2011.11.16.08.23.49; author sbd; state Exp; branches; next 1.108; 1.108 date 2011.04.22.13.44.34; author obache; state Exp; branches; next 1.107; 1.107 date 2010.10.21.21.48.12; author wiz; state Exp; branches; next 1.106; 1.106 date 2009.11.03.07.28.17; author adam; state Exp; branches; next 1.105; 1.105 date 2009.10.27.16.25.21; author zafer; state Exp; branches; next 1.104; 1.104 date 2009.09.28.20.15.08; author tnn; state Exp; branches; next 1.103; 1.103 date 2009.09.03.12.05.52; author wiz; state Exp; branches; next 1.102; 1.102 date 2009.06.05.22.47.11; author zafer; state Exp; branches; next 1.101; 1.101 date 2009.05.19.08.59.31; author wiz; state Exp; branches; next 1.100; 1.100 date 2009.05.04.20.39.55; author zafer; state Exp; branches; next 1.99; 1.99 date 2009.05.04.17.19.31; author zafer; state Exp; branches; next 1.98; 1.98 date 2009.03.05.10.46.23; author wiz; state Exp; branches; next 1.97; 1.97 date 2009.02.24.16.18.57; author wiz; state Exp; branches; next 1.96; 1.96 date 2008.03.26.21.20.34; author adrianp; state Exp; branches; next 1.95; 1.95 date 2008.01.13.16.23.55; author wiz; state Exp; branches; next 1.94; 1.94 date 2007.03.07.11.31.24; author drochner; state Exp; branches; next 1.93; 1.93 date 2006.12.06.23.00.46; author wiz; state Exp; branches 1.93.2.1; next 1.92; 1.92 date 2006.11.28.05.39.41; author taca; state Exp; branches; next 1.91; 1.91 date 2006.11.03.07.45.44; author joerg; state Exp; branches; next 1.90; 1.90 date 2006.08.05.03.13.25; author dsainty; state Exp; branches 1.90.2.1; next 1.89; 1.89 date 2006.08.02.10.37.34; author drochner; state Exp; branches; next 1.88; 1.88 date 2006.07.08.21.37.02; author markd; state Exp; branches; next 1.87; 1.87 date 2006.07.03.21.15.14; author wiz; state Exp; branches; next 1.86; 1.86 date 2006.06.24.14.20.29; author salo; state Exp; branches 1.86.2.1; next 1.85; 1.85 date 2006.04.13.18.23.37; author jlam; state Exp; branches; next 1.84; 1.84 date 2006.04.07.15.28.49; author jlam; state Exp; branches; next 1.83; 1.83 date 2006.04.04.21.16.37; author wiz; state Exp; branches; next 1.82; 1.82 date 2006.03.10.15.10.08; author ghen; state Exp; branches 1.82.2.1; next 1.81; 1.81 date 2006.02.15.19.10.20; author drochner; state Exp; branches; next 1.80; 1.80 date 2006.02.05.23.10.43; author joerg; state Exp; branches; next 1.79; 1.79 date 2005.12.05.20.50.56; author rillig; state Exp; branches 1.79.2.1; next 1.78; 1.78 date 2005.10.10.20.45.19; author reed; state Exp; branches; next 1.77; 1.77 date 2005.07.28.15.12.05; author wiz; state Exp; branches; next 1.76; 1.76 date 2005.05.22.20.08.30; author jlam; state Exp; branches; next 1.75; 1.75 date 2005.04.11.21.47.11; author tv; state Exp; branches; next 1.74; 1.74 date 2005.03.22.17.50.55; author wiz; state Exp; branches; next 1.73; 1.73 date 2005.02.09.11.35.50; author markd; state Exp; branches 1.73.2.1; next 1.72; 1.72 date 2004.12.25.02.54.13; author wiz; state Exp; branches; next 1.71; 1.71 date 2004.11.08.21.17.01; author tv; state Exp; branches; next 1.70; 1.70 date 2004.10.03.00.18.08; author tv; state Exp; branches; next 1.69; 1.69 date 2004.08.26.13.19.32; author wiz; state Exp; branches; next 1.68; 1.68 date 2004.07.28.15.55.45; author schmonz; state Exp; branches; next 1.67; 1.67 date 2004.07.28.15.17.42; author wiz; state Exp; branches; next 1.66; 1.66 date 2004.05.07.15.25.13; author cjep; state Exp; branches; next 1.65; 1.65 date 2004.04.09.00.36.06; author reed; state Exp; branches; next 1.64; 1.64 date 2004.04.08.20.58.32; author wiz; state Exp; branches; next 1.63; 1.63 date 2004.03.30.15.13.12; author tv; state Exp; branches; next 1.62; 1.62 date 2004.03.30.09.05.56; author grant; state Exp; branches; next 1.61; 1.61 date 2004.03.01.19.12.25; author wiz; state Exp; branches; next 1.60; 1.60 date 2004.02.08.01.00.13; author kleink; state Exp; branches; next 1.59; 1.59 date 2004.02.02.23.47.15; author xtraeme; state Exp; branches; next 1.58; 1.58 date 2004.02.02.23.41.32; author xtraeme; state Exp; branches; next 1.57; 1.57 date 2004.01.24.15.00.22; author grant; state Exp; branches; next 1.56; 1.56 date 2003.12.25.14.05.02; author wiz; state Exp; branches; next 1.55; 1.55 date 2003.11.27.23.46.36; author heinz; state Exp; branches; next 1.54; 1.54 date 2003.11.27.09.50.12; author tron; state Exp; branches; next 1.53; 1.53 date 2003.10.11.07.18.50; author grant; state Exp; branches 1.53.2.1; next 1.52; 1.52 date 2003.08.25.21.25.24; author itojun; state Exp; branches; next 1.51; 1.51 date 2003.08.15.07.02.22; author itojun; state Exp; branches; next 1.50; 1.50 date 2003.08.09.11.21.55; author seb; state Exp; branches; next 1.49; 1.49 date 2003.08.08.18.57.04; author wiz; state Exp; branches; next 1.48; 1.48 date 2003.08.04.23.12.17; author seb; state Exp; branches; next 1.47; 1.47 date 2003.07.17.22.52.55; author grant; state Exp; branches; next 1.46; 1.46 date 2003.07.13.13.53.10; author wiz; state Exp; branches; next 1.45; 1.45 date 2003.05.06.15.57.03; author tron; state Exp; branches; next 1.44; 1.44 date 2003.05.06.15.48.24; author tron; state Exp; branches; next 1.43; 1.43 date 2003.05.05.16.33.46; author taca; state Exp; branches; next 1.42; 1.42 date 2003.05.02.11.56.16; author wiz; state Exp; branches; next 1.41; 1.41 date 2003.01.10.07.48.48; author cjep; state Exp; branches; next 1.40; 1.40 date 2002.12.12.14.34.49; author abs; state Exp; branches; next 1.39; 1.39 date 2002.11.24.18.47.48; author dillo; state Exp; branches; next 1.38; 1.38 date 2002.11.24.16.52.05; author chris; state Exp; branches; next 1.37; 1.37 date 2002.11.24.12.22.16; author chris; state Exp; branches; next 1.36; 1.36 date 2002.10.27.02.53.02; author chris; state Exp; branches; next 1.35; 1.35 date 2002.10.09.14.16.55; author itojun; state Exp; branches; next 1.34; 1.34 date 2002.10.01.19.53.54; author chris; state Exp; branches; next 1.33; 1.33 date 2002.08.25.21.50.36; author jlam; state Exp; branches; next 1.32; 1.32 date 2002.07.18.20.44.52; author heinz; state Exp; branches; next 1.31; 1.31 date 2002.05.07.18.48.46; author wiz; state Exp; branches 1.31.2.1; next 1.30; 1.30 date 2002.02.18.15.14.39; author seb; state Exp; branches; next 1.29; 1.29 date 2001.10.27.07.00.53; author jlam; state Exp; branches; next 1.28; 1.28 date 2001.06.28.19.13.24; author jlam; state Exp; branches; next 1.27; 1.27 date 2001.06.04.23.41.36; author wiz; state Exp; branches; next 1.26; 1.26 date 2001.05.31.13.30.02; author wiz; state Exp; branches; next 1.25; 1.25 date 2001.05.14.13.40.04; author wiz; state Exp; branches; next 1.24; 1.24 date 2001.03.31.11.14.30; author zuntum; state Exp; branches; next 1.23; 1.23 date 2001.03.27.03.20.15; author hubertf; state Exp; branches; next 1.22; 1.22 date 2001.02.17.17.49.45; author wiz; state Exp; branches; next 1.21; 1.21 date 2001.02.15.12.04.37; author wiz; state Exp; branches; next 1.20; 1.20 date 2001.01.29.11.53.02; author wiz; state Exp; branches; next 1.19; 1.19 date 2000.11.30.00.11.26; author wiz; state Exp; branches; next 1.18; 1.18 date 2000.11.12.14.28.48; author wiz; state Exp; branches; next 1.17; 1.17 date 2000.11.10.02.35.02; author wiz; state Exp; branches; next 1.16; 1.16 date 2000.10.11.09.57.45; author itojun; state Exp; branches; next 1.15; 1.15 date 2000.10.11.09.57.30; author itojun; state Exp; branches; next 1.14; 1.14 date 2000.09.09.19.40.21; author fredb; state Exp; branches; next 1.13; 1.13 date 2000.08.18.22.46.47; author hubertf; state Exp; branches; next 1.12; 1.12 date 2000.07.31.04.14.10; author jlam; state Exp; branches; next 1.11; 1.11 date 2000.07.16.23.05.38; author wiz; state Exp; branches; next 1.10; 1.10 date 2000.07.16.17.10.24; author mason; state Exp; branches; next 1.9; 1.9 date 2000.07.15.11.25.57; author wiz; state Exp; branches; next 1.8; 1.8 date 2000.07.15.11.24.27; author wiz; state Exp; branches; next 1.7; 1.7 date 2000.03.02.08.21.31; author wiz; state Exp; branches; next 1.6; 1.6 date 2000.02.27.04.16.55; author wiz; state Exp; branches; next 1.5; 1.5 date 2000.01.10.19.11.09; author hubertf; state Exp; branches; next 1.4; 1.4 date 99.12.02.15.50.43; author frueauf; state Exp; branches; next 1.3; 1.3 date 99.04.09.09.39.20; author agc; state Exp; branches; next 1.2; 1.2 date 99.04.08.15.22.40; author mellon; state Exp; branches; next 1.1; 1.1 date 99.04.07.23.01.27; author mellon; state Exp; branches; next ; 1.133.4.1 date 2016.09.13.18.23.35; author bsiegert; state Exp; branches; next ; commitid ef3uLcbcp5EHP9mz; 1.127.2.1 date 2015.03.09.19.06.32; author tron; state Exp; branches; next ; commitid KliP427w9RGvSXcy; 1.120.2.1 date 2013.10.05.15.51.55; author spz; state Exp; branches; next ; commitid 0SbpNlP8lMO2w78x; 1.119.2.1 date 2013.07.26.09.07.48; author tron; state Exp; branches; next ; commitid EVeKUcnMzr4UyXYw; 1.114.2.1 date 2013.01.07.08.33.09; author tron; state Exp; branches; next 1.114.2.2; 1.114.2.2 date 2013.01.25.10.16.02; author tron; state Exp; branches; next ; 1.93.2.1 date 2007.03.09.16.21.35; author salo; state Exp; branches; next ; 1.90.2.1 date 2006.11.28.08.21.42; author ghen; state Exp; branches; next 1.90.2.2; 1.90.2.2 date 2006.12.07.13.54.38; author ghen; state Exp; branches; next ; 1.86.2.1 date 2006.08.02.14.55.07; author ghen; state Exp; branches; next ; 1.82.2.1 date 2006.06.25.08.58.13; author snj; state Exp; branches; next ; 1.79.2.1 date 2006.02.16.15.00.21; author salo; state Exp; branches; next 1.79.2.2; 1.79.2.2 date 2006.03.11.03.21.36; author snj; state Exp; branches; next ; 1.73.2.1 date 2005.03.26.10.53.35; author snj; state Exp; branches; next ; 1.53.2.1 date 2003.12.08.11.36.12; author agc; state Exp; branches; next ; 1.31.2.1 date 2002.07.01.17.45.08; author jlam; state Exp; branches; next 1.31.2.2; 1.31.2.2 date 2002.08.25.21.21.04; author jlam; state Exp; branches; next ; desc @@ 1.166 log @*: recursive bump for icu 74.1 @ text @# $NetBSD: Makefile,v 1.165 2023/10/24 22:10:47 wiz Exp $ DISTNAME= gnupg-1.4.23 PKGREVISION= 18 CATEGORIES= security MASTER_SITES= ftp://ftp.gnupg.org/gcrypt/gnupg/ MASTER_SITES+= ftp://ftp.ring.gr.jp/pub/net/gnupg/gnupg/ EXTRACT_SUFX= .tar.bz2 MAINTAINER= pkgsrc-users@@NetBSD.org HOMEPAGE= https://www.gnupg.org/ COMMENT= GNU Privacy Guard, public-Key encryption and digital signatures LICENSE= gnu-gpl-v3 GNU_CONFIGURE= yes USE_PKGLOCALEDIR= yes USE_TOOLS+= gmake msgfmt CONFIGURE_ARGS+= --with-mailprog=/usr/sbin/sendmail TEST_TARGET= check INFO_FILES= yes EXTRACT_ONLY= ${DISTNAME}${EXTRACT_SUFX} .include "options.mk" CONFIGURE_ARGS.SunOS+= --disable-gnupg-iconv .if (${OPSYS} == "AIX" || ${OPSYS} == "Darwin" || ${OPSYS} == "SunOS") \ && defined(ABI) && ${ABI} == 64 CONFIGURE_ARGS+= --disable-asm .endif .if ${MACHINE_ARCH} == "i386" && ${PKGSRC_MKPIE:tl} == "yes" CONFIGURE_ARGS+= --disable-asm .endif .if !empty(USE_CROSS_COMPILE:M[yY][eE][sS]) CONFIGURE_ENV+= CC_FOR_BUILD=${NATIVE_CC:Q} .endif post-install: ${INSTALL_DATA} ${WRKSRC}/doc/DETAILS \ ${DESTDIR}${PREFIX}/share/gnupg .include "../../devel/readline/buildlink3.mk" .include "../../converters/libiconv/buildlink3.mk" .include "../../devel/gettext-lib/buildlink3.mk" .include "../../devel/zlib/buildlink3.mk" .include "../../archivers/bzip2/buildlink3.mk" .include "../../mk/bsd.pkg.mk" @ 1.165 log @*: bump for openssl 3 @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.164 2023/04/19 08:11:21 adam Exp $ d4 1 a4 1 PKGREVISION= 17 @ 1.164 log @revbump after textproc/icu update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.163 2022/10/26 10:31:56 wiz Exp $ d4 1 a4 1 PKGREVISION= 16 @ 1.163 log @*: bump PKGREVISION for libunistring shlib major bump @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.162 2022/05/10 11:50:55 nia Exp $ d4 1 a4 1 PKGREVISION= 15 @ 1.162 log @*: Remove dodgy hacks for NetBSD versions older than 5. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.161 2021/12/08 16:06:17 adam Exp $ d4 1 a4 1 PKGREVISION= 14 @ 1.161 log @revbump for icu and libffi @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.160 2021/09/30 11:17:10 nia Exp $ d26 1 a26 3 .if ${OPSYS} == "SunOS" || (${OPSYS} == "NetBSD" && !empty(OS_VERSION:M1.[0-6]*)) CONFIGURE_ARGS+= --disable-gnupg-iconv .endif @ 1.160 log @gnupg: asm is unsafe for MKPIE on i386 @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.159 2021/09/29 19:01:16 adam Exp $ d4 1 a4 1 PKGREVISION= 13 @ 1.159 log @revbump for boost-libs @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.158 2021/04/21 13:25:18 adam Exp $ d35 4 @ 1.158 log @revbump for boost-libs @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.157 2020/09/07 13:08:28 gdt Exp $ d4 1 a4 1 PKGREVISION= 12 @ 1.157 log @devel/gnupg: Stop installing gpgsplit, because it conflicts with gnupg2 gpgsplit has been installed by gnupg(1) since 2002. gpgsplit has also been in tools/ within gnupg-2, but upstream recently moved it from noinst_PROGRAMS to bin_PROGRAMS without noting this in NEWS. Because gnugp2 is normal and gnupg remains for special cases, simply drop gpgsplit from gnupg; we have no intent to save people from installing gnupg2 -- only to continue to allow them to use the old gpg binary for special uses. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.156 2020/05/22 10:56:36 adam Exp $ d4 1 a4 1 PKGREVISION= 11 @ 1.156 log @revbump after updating security/nettle @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.155 2020/05/06 14:05:00 adam Exp $ d4 1 a4 1 PKGREVISION= 10 @ 1.155 log @revbump after boost update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.154 2020/03/08 16:51:07 wiz Exp $ d4 1 a4 1 PKGREVISION= 9 @ 1.154 log @*: recursive bump for libffi @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.153 2020/01/26 17:32:03 rillig Exp $ d4 1 a4 1 PKGREVISION= 8 @ 1.153 log @all: migrate homepages from http to https pkglint -r --network --only "migrate" As a side-effect of migrating the homepages, pkglint also fixed a few indentations in unrelated lines. These and the new homepages have been checked manually. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.152 2020/01/18 21:50:36 jperkin Exp $ d4 1 a4 1 PKGREVISION= 7 @ 1.152 log @*: Recursive revision bump for openssl 1.1.1. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.151 2020/01/12 20:20:41 ryoon Exp $ d11 1 a11 1 HOMEPAGE= http://www.gnupg.org/ @ 1.151 log @*: Recursive revbump from devel/boost-libs @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.150 2019/08/22 12:23:44 ryoon Exp $ d4 1 a4 1 PKGREVISION= 6 @ 1.150 log @Recursive revbump from boost-1.71.0 @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.149 2019/07/20 22:46:46 wiz Exp $ d4 1 a4 1 PKGREVISION= 5 @ 1.149 log @*: recursive bump for nettle 3.5.1 @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.148 2019/07/01 04:08:45 ryoon Exp $ d4 1 a4 1 PKGREVISION= 4 @ 1.148 log @Recursive revbump from boost-1.70.0 @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.147 2018/12/13 19:52:19 adam Exp $ d4 1 a4 1 PKGREVISION= 3 @ 1.147 log @revbump for boost 1.69.0 @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.146 2018/08/16 18:55:09 adam Exp $ d4 1 a4 1 PKGREVISION= 2 @ 1.146 log @revbump after boost-libs update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.145 2018/06/15 21:51:23 tez Exp $ d4 1 a4 1 PKGREVISION= 1 @ 1.145 log @gnupg: update to 1.4.23 Fixes CVE-2017-7526 Updates since 1.4.22: 2018-06-11 Werner Koch Release 1.4.23. + commit 8ae6a246bef5b5eb0684e9fb1c933a4f8441dadd 2018-06-08 Werner Koch gpg: Sanitize diagnostic with the original file name. + commit 2326851c60793653069494379b16d84e4c10a0ac * g10/mainproc.c (proc_plaintext): Sanitize verbose output. 2018-04-13 NIIBE Yutaka g10: Push compress filter only if compressed. + commit 0f8fd95ab32a6d29dac79e19f0850037c7d0c16f * g10/compress.c (handle_compressed): Fix memory leak. 2017-12-18 NIIBE Yutaka po: Update Japanese translation. + commit 1338bce5f66a95b53f18c4b54f0e9ac79604500a * po/ja.po: Fix message with no "%s". 2017-12-04 NIIBE Yutaka Damien Goutte-Gattat g10: Fix regexp sanitization. + commit 9441946e1824eb58249c58432ed1f554d0d8a102 * g10/trustdb.c (sanitize_regexp): Only escape operators. 2017-11-10 Dario Niedermann Do not use C99 feature. + commit 877e3073d731fec55a88673f91ed646a75e786c8 * cipher/rsa.c (secret): Move var decl to the beginning. 2017-09-06 Frans Spiesschaert po: update Dutch translation. + commit aa26eda8ab679a80a7be2c82478cb4440b45ec8c 2017-08-04 Marcus Brinkmann doc: Remove documentation for future option --faked-system-time. + commit eb15d5ed8e4a765998e9de7698bdc65328bcaaa3 doc/gpg.texi: Remove documentation for --faked-system-time. 2017-08-02 Daniel Kahn Gillmor debian: Remove packaging from upstream repository. + commit 9832a4bacfa5232534f2c7fe7655bd0677a41f6e Debian packaging for GnuPG is handled in debian git repositories, and doesn't belong here in the upstream repository. The packaging was significantly out of date anyway. If you're looking for debian packaging for the 1.4 branch of GnuPG, please use the following git remote: https://anonscm.debian.org/git/pkg-gnupg/gnupg1.git 2017-08-02 Joe Hansen po: Update Danish translation. + commit 12afc37a946477692257d725acac513f271c4e9e Originally reported at: http://lists.gnupg.org/pipermail/gnupg-i18n/2014-November/000308.html 2017-08-02 Frans Spiesschaert po: Update Dutch translation. + commit 6d5c5204d79fa9d01981c0076d3acde18534640a Debian-Bug-Id: 845695 2017-08-01 Manuel Venturi Porras Peralta po: Update Spanish translation. + commit 76239356bcb3bfeec5327637ed87429594868fef Debian-Bug-Id: 814541 @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.144 2018/04/29 21:32:02 adam Exp $ d4 1 @ 1.144 log @revbump for boost-libs update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.143 2018/04/21 13:38:06 wiz Exp $ d3 1 a3 2 DISTNAME= gnupg-1.4.22 PKGREVISION= 3 @ 1.143 log @*: gd.tuwien.ac.at/ftp.tuwien.ac.at is gone, remove it from various mastersites @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.142 2018/01/02 05:37:23 maya Exp $ d4 1 a4 1 PKGREVISION= 2 @ 1.142 log @Remove traces of crypto restrictions from packages. ok for idea riastradh. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.141 2018/01/01 21:18:50 adam Exp $ a6 1 MASTER_SITES+= http://gd.tuwien.ac.at/privacy/gnupg/gnupg/ @ 1.141 log @Revbump after boost update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.140 2017/08/24 20:03:38 adam Exp $ a15 1 CRYPTO= yes @ 1.140 log @Revbump for boost update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.139 2017/08/14 20:12:00 wiz Exp $ d4 1 a4 1 PKGREVISION= 1 @ 1.139 log @Updated gnupg to 1.4.22. Noteworthy changes in version 1.4.22 (2017-07-19) ------------------------------------------------- * Mitigate a flush+reload side-channel attack on RSA secret keys dubbed "Sliding right into disaster". For details see . [CVE-2017-7526] * Fix some minor bugs. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.138 2017/04/30 01:21:59 ryoon Exp $ d4 1 @ 1.138 log @Recursive revbump from boost update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.137 2017/01/19 18:52:23 agc Exp $ d3 1 a3 2 DISTNAME= gnupg-1.4.21 PKGREVISION= 3 @ 1.137 log @Convert all occurrences (353 by my count) of MASTER_SITES= site1 \ site2 style continuation lines to be simple repeated MASTER_SITES+= site1 MASTER_SITES+= site2 lines. As previewed on tech-pkg. With thanks to rillig for fixing pkglint accordingly. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.136 2017/01/01 16:06:35 adam Exp $ d4 1 a4 1 PKGREVISION= 2 @ 1.136 log @Revbump after boost update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.135 2016/10/07 18:26:09 adam Exp $ d6 3 a8 3 MASTER_SITES= ftp://ftp.gnupg.org/gcrypt/gnupg/ \ http://gd.tuwien.ac.at/privacy/gnupg/gnupg/ \ ftp://ftp.ring.gr.jp/pub/net/gnupg/gnupg/ @ 1.135 log @Revbump post boost update @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.134 2016/08/17 23:05:19 maya Exp $ d4 1 a4 1 PKGREVISION= 1 @ 1.134 log @Update gnupg to 1.4.21 Changelog: 2016-08-17 Werner Koch Release 1.4.21. gpg: Add dummy option --with-subkey-fingerprint. * g10/gpg.c (opts): Add dummy option. build: Create a swdb file during "make distcheck". * Makefile.am (distcheck-hook): New. 2016-08-17 Ineiev po: Update Russian translation. 2016-08-17 Werner Koch random: Hash continuous areas in the csprng pool. * cipher/random.c (mix_pool): Store the first hash at the end of the pool. cipher: Improve readability by using a macro. * cipher/random.c (mix_pool): Use DIGESTLEN instead of 20. 2016-08-09 Daniel Kahn Gillmor gpg: Avoid publishing the GnuPG version by default. * g10/gpg.c (main): initialize opt.emit_version to 0 * doc/gpg.texi: document different default for --emit-version 2016-08-04 Daniel Kahn Gillmor Clean up "allow to" * README, cipher/cipher.c, cipher/pubkey.c, doc/gpg.texi: replace "allow to" with clearer text In standard English, the normal construction is "${XXX} allows ${YYY} to" -- that is, the subject (${XXX}) of the sentence is allowing the object (${YYY}) to do something. When the object is missing, the phrasing sounds awkward, even if the object is implied by context. There's almost always a better construction that isn't as awkward. These changes should make the language a bit clearer. Fix spelling: "occured" should be "occurred" * checks/armor.test, cipher/des.c, g10/ccid-driver.c, g10/pkclist.c, util/regcomp.c, util/regex_internal.c: correct the spelling of "occured" to "occurred" 2016-08-04 NIIBE Yutaka g10: Fix checking key for signature validation. * g10/sig-check.c (signature_check2): Not only subkey, but also primary key should have flags.valid=1. 2016-08-03 Justus Winter Partially revert "g10: Fix another race condition for trustdb access." This amends db246f8b which accidentally included the compiled translation files. 2016-07-09 NIIBE Yutaka gpgv: Tweak default options for extra security. * g10/gpgv.c (main): Set opt.no_sig _cache, so that it doesn't depend on cached status. Similarly, set opt.flags.require_cross_cert for backsig validation for subkey signature. 2016-07-06 NIIBE Yutaka g10: Fix keysize with --expert. * g10/keygen.c (ask_keysize): It's 768 only for DSA. 2016-06-28 NIIBE Yutaka g10: Fix --list-packets. * g10/gpg.c (main): Call set_packet_list_mode after assignment of opt.list_packets. * g10/mainproc.c (do_proc_packets): Don't stop processing with --list-packets as the comment says. * g10/options.h (list_packets): Fix the comment. * g10/parse-packet.c: Fix the condition for opt.list_packets. 2016-06-15 Niibe Yutaka g10: Fix another race condition for trustdb access. * g10/tdbio.c (create_version_record): Call create_hashtable to always make hashtable, together with the version record. (get_trusthashrec): Remove call to create_hashtable. 2016-02-12 NIIBE Yutaka g10: Make sure to have the directory for trustdb. * g10/tdbio.c (tdbio_set_dbname): Return earlier if !CREATE. Check the directory and create it if none before calling take_write_lock. 2016-02-01 Werner Koch Fix possible sign extension problem with newer compilers. * cipher/des.c (READ_64BIT_DATA): Cast to u32 before shifting by 24. * cipher/blowfish.c (do_encrypt_block): Ditto. (do_decrypt_block): Ditto. * cipher/camellia.c (CAMELLIA_RR8): Ditto. * cipher/cast5.c (do_encrypt_block): Ditto. (do_decrypt_block): Ditto. (do_cast_setkey): Ditto. * cipher/twofish.c (INPACK): Ditto. * util/iobuf.c (block_filter): Ditto. 2016-01-26 NIIBE Yutaka g10: Fix iobuf API of filter function for alignment. * include/iobuf.h (struct iobuf_struct): Remove DESC. * util/iobuf.c (iobuf_desc): New. (print_chain, iobuf_close, iobuf_open, iobuf_fdopen, iobuf_sockopen) (iobuf_create, iobuf_append, iobuf_openrw, iobuf_ioctl) (iobuf_push_filter2, pop_filter, underflow): Use iobuf_desc. (file_filter, sock_filter, block_filter): Fill the description. * g10/armor.c, g10/cipher.c, g10/compress-bz2.c, g10/compress.c, g10/encode.c, g10/encr-data.c, g10/mdfilter.c, g10/pipemode.c, g10/progress.c, g10/textfilter.c: Likewise. 2016-01-15 Werner Koch Fix possible AIX problem with sysconf in rndunix. * cipher/rndunix.c [HAVE_STDINT_H]: Include stdint.h. (start_gatherer): Detect misbehaving sysconf. 2016-01-13 NIIBE Yutaka Fix to support git worktree. * Makefile.am: Use -e for testing .git. 2015-12-21 NIIBE Yutaka po: Update Japanese translation. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.133 2016/03/05 11:29:20 jperkin Exp $ d4 1 @ 1.133 log @Bump PKGREVISION for security/openssl ABI bump. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.132 2016/02/24 13:01:21 wiz Exp $ d3 1 a3 2 DISTNAME= gnupg-1.4.20 PKGREVISION= 1 @ 1.133.4.1 log @Pullup ticket #5100 - requested by maya security/gnupg: security fix security/libgcrypt: security fix, build fix Revisions pulled up: - security/gnupg/Makefile 1.134 - security/gnupg/distinfo 1.70 - security/libgcrypt/Makefile 1.82-1.84 - security/libgcrypt/buildlink3.mk 1.18 - security/libgcrypt/distinfo 1.67-1.68 - security/libgcrypt/patches/patch-aa 1.9 --- Module Name: pkgsrc Committed By: maya Date: Wed Aug 17 23:05:19 UTC 2016 Modified Files: pkgsrc/security/gnupg: Makefile distinfo Log Message: Update gnupg to 1.4.21 Changelog: 2016-08-17 Werner Koch Release 1.4.21. gpg: Add dummy option --with-subkey-fingerprint. * g10/gpg.c (opts): Add dummy option. build: Create a swdb file during "make distcheck". * Makefile.am (distcheck-hook): New. 2016-08-17 Ineiev po: Update Russian translation. 2016-08-17 Werner Koch random: Hash continuous areas in the csprng pool. * cipher/random.c (mix_pool): Store the first hash at the end of the pool. cipher: Improve readability by using a macro. * cipher/random.c (mix_pool): Use DIGESTLEN instead of 20. 2016-08-09 Daniel Kahn Gillmor gpg: Avoid publishing the GnuPG version by default. * g10/gpg.c (main): initialize opt.emit_version to 0 * doc/gpg.texi: document different default for --emit-version 2016-08-04 Daniel Kahn Gillmor Clean up "allow to" * README, cipher/cipher.c, cipher/pubkey.c, doc/gpg.texi: replace "allow to" with clearer text In standard English, the normal construction is "${XXX} allows ${YYY} to" -- that is, the subject (${XXX}) of the sentence is allowing the object (${YYY}) to do something. When the object is missing, the phrasing sounds awkward, even if the object is implied by context. There's almost always a better construction that isn't as awkward. These changes should make the language a bit clearer. Fix spelling: "occured" should be "occurred" * checks/armor.test, cipher/des.c, g10/ccid-driver.c, g10/pkclist.c, util/regcomp.c, util/regex_internal.c: correct the spelling of "occured" to "occurred" 2016-08-04 NIIBE Yutaka g10: Fix checking key for signature validation. * g10/sig-check.c (signature_check2): Not only subkey, but also primary key should have flags.valid=1. 2016-08-03 Justus Winter Partially revert "g10: Fix another race condition for trustdb access." This amends db246f8b which accidentally included the compiled translation files. 2016-07-09 NIIBE Yutaka gpgv: Tweak default options for extra security. * g10/gpgv.c (main): Set opt.no_sig _cache, so that it doesn't depend on cached status. Similarly, set opt.flags.require_cross_cert for backsig validation for subkey signature. 2016-07-06 NIIBE Yutaka g10: Fix keysize with --expert. * g10/keygen.c (ask_keysize): It's 768 only for DSA. 2016-06-28 NIIBE Yutaka g10: Fix --list-packets. * g10/gpg.c (main): Call set_packet_list_mode after assignment of opt.list_packets. * g10/mainproc.c (do_proc_packets): Don't stop processing with --list-packets as the comment says. * g10/options.h (list_packets): Fix the comment. * g10/parse-packet.c: Fix the condition for opt.list_packets. 2016-06-15 Niibe Yutaka g10: Fix another race condition for trustdb access. * g10/tdbio.c (create_version_record): Call create_hashtable to always make hashtable, together with the version record. (get_trusthashrec): Remove call to create_hashtable. 2016-02-12 NIIBE Yutaka g10: Make sure to have the directory for trustdb. * g10/tdbio.c (tdbio_set_dbname): Return earlier if !CREATE. Check the directory and create it if none before calling take_write_lock. 2016-02-01 Werner Koch Fix possible sign extension problem with newer compilers. * cipher/des.c (READ_64BIT_DATA): Cast to u32 before shifting by 24. * cipher/blowfish.c (do_encrypt_block): Ditto. (do_decrypt_block): Ditto. * cipher/camellia.c (CAMELLIA_RR8): Ditto. * cipher/cast5.c (do_encrypt_block): Ditto. (do_decrypt_block): Ditto. (do_cast_setkey): Ditto. * cipher/twofish.c (INPACK): Ditto. * util/iobuf.c (block_filter): Ditto. 2016-01-26 NIIBE Yutaka g10: Fix iobuf API of filter function for alignment. * include/iobuf.h (struct iobuf_struct): Remove DESC. * util/iobuf.c (iobuf_desc): New. (print_chain, iobuf_close, iobuf_open, iobuf_fdopen, iobuf_sockopen) (iobuf_create, iobuf_append, iobuf_openrw, iobuf_ioctl) (iobuf_push_filter2, pop_filter, underflow): Use iobuf_desc. (file_filter, sock_filter, block_filter): Fill the description. * g10/armor.c, g10/cipher.c, g10/compress-bz2.c, g10/compress.c, g10/encode.c, g10/encr-data.c, g10/mdfilter.c, g10/pipemode.c, g10/progress.c, g10/textfilter.c: Likewise. 2016-01-15 Werner Koch Fix possible AIX problem with sysconf in rndunix. * cipher/rndunix.c [HAVE_STDINT_H]: Include stdint.h. (start_gatherer): Detect misbehaving sysconf. 2016-01-13 NIIBE Yutaka Fix to support git worktree. * Makefile.am: Use -e for testing .git. 2015-12-21 NIIBE Yutaka po: Update Japanese translation. --- Module Name: pkgsrc Committed By: maya Date: Wed Aug 17 23:13:11 UTC 2016 Modified Files: pkgsrc/security/libgcrypt: Makefile buildlink3.mk distinfo Log Message: Update libgcrypt to 1.7.3 Changelog: 2016-08-17 Werner Koch Release 1.7.3. * configure.ac: Set LT version to C21/A1/R3. random: Hash continuous areas in the csprng pool. * random/random-csprng.c (mix_pool): Store the first hash at the end of the pool. random: Improve the diagram showing the random mixing. * random/random-csprng.c (mix_pool): Use DIGESTLEN instead of 20. 2016-07-19 Jussi Kivilinna crc-intel-pclmul: split assembly block to ease register pressure. * cipher/crc-intel-pclmul.c (crc32_less_than_16): Split inline assembly block handling 4 byte input into multiple blocks. rijndael-aesni: split assembly block to ease register pressure. * cipher/rijndael-aesni.c (do_aesni_ctr_4): Use single register constraint for passing 'bige_addb' to assembly block; split first inline assembly block into two parts. 2016-07-14 Jussi Kivilinna Add ARMv8/AArch32 Crypto Extension implementation of AES. * cipher/Makefile.am: Add 'rijndael-armv8-ce.c' and 'rijndael-armv-aarch32-ce.S'. * cipher/rijndael-armv8-aarch32-ce.S: New. * cipher/rijndael-armv8-ce.c: New. * cipher/rijndael-internal.h (USE_ARM_CE): New. (RIJNDAEL_context_s): Add 'use_arm_ce'. * cipher/rijndael.c [USE_ARM_CE] (_gcry_aes_armv8_ce_setkey) (_gcry_aes_armv8_ce_prepare_decryption) (_gcry_aes_armv8_ce_encrypt, _gcry_aes_armv8_ce_decrypt) (_gcry_aes_armv8_ce_cfb_enc, _gcry_aes_armv8_ce_cbc_enc) (_gcry_aes_armv8_ce_ctr_enc, _gcry_aes_armv8_ce_cfb_dec) (_gcry_aes_armv8_ce_cbc_dec, _gcry_aes_armv8_ce_ocb_crypt) (_gcry_aes_armv8_ce_ocb_auth): New. (do_setkey) [USE_ARM_CE]: Add ARM CE/AES HW feature check and key setup for ARM CE. (prepare_decryption, _gcry_aes_cfb_enc, _gcry_aes_cbc_enc) (_gcry_aes_ctr_enc, _gcry_aes_cfb_dec, _gcry_aes_cbc_dec) (_gcry_aes_ocb_crypt, _gcry_aes_ocb_auth) [USE_ARM_CE]: Add ARM CE support. * configure.ac: Add 'rijndael-armv8-ce.lo' and 'rijndael-armv8-aarch32-ce.lo'. Add ARMv8/AArch32 Crypto Extension implementation of GCM. * cipher/Makefile.am: Add 'cipher-gcm-armv8-aarch32-ce.S'. * cipher/cipher-gcm-armv8-aarch32-ce.S: New. * cipher/cipher-gcm.c [GCM_USE_ARM_PMULL] (_gcry_ghash_setup_armv8_ce_pmull, _gcry_ghash_armv8_ce_pmull) (ghash_setup_armv8_ce_pmull, ghash_armv8_ce_pmull): New. (setupM) [GCM_USE_ARM_PMULL]: Enable ARM PMULL implementation if HWF_ARM_PULL HW feature flag is enabled. * cipher/cipher-gcm.h (GCM_USE_ARM_PMULL): New. Add ARMv8/AArch32 Crypto Extension implemenation of SHA-256. * cipher/Makefile.am: Add 'sha256-armv8-aarch32-ce.S'. * cipher/sha256-armv8-aarch32-ce.S: New. * cipher/sha256.c (USE_ARM_CE): New. (sha256_init, sha224_init): Check features for HWF_ARM_SHA1. [USE_ARM_CE] (_gcry_sha256_transform_armv8_ce): New. (transform) [USE_ARM_CE]: Use ARMv8 CE implementation if HW supports. (SHA256_CONTEXT): Add 'use_arm_ce'. * configure.ac: Add 'sha256-armv8-aarch32-ce.lo'. Add ARMv8/AArch32 Crypto Extension implementation of SHA-1. * cipher/Makefile.am: Add 'sha1-armv8-aarch32-ce.S'. * cipher/sha1-armv7-neon.S (_gcry_sha1_transform_armv7_neon): Add missing size. * cipher/sha1-armv8-aarch32-ce.S: New. * cipher/sha1.c (USE_ARM_CE): New. (sha1_init): Check features for HWF_ARM_SHA1. [USE_ARM_CE] (_gcry_sha1_transform_armv8_ce): New. (transform) [USE_ARM_CE]: Use ARMv8 CE implementation if HW supports it. * cipher/sha1.h (SHA1_CONTEXT): Add 'use_arm_ce'. * configure.ac: Add 'sha1-armv8-aarch32-ce.lo'. Add HW feature check for ARMv8 AArch64 and crypto extensions. * configure.ac: Add '--disable-arm-crypto-support'; enable hwf-arm module on 64-bit ARM. (armcryptosupport, gcry_cv_gcc_inline_aarch32_crypto) (gcry_cv_inline_asm_aarch64_neon) (gcry_cv_gcc_inline_asm_aarch64_crypto): New. * src/g10lib.h (HWF_ARM_AES, HWF_ARM_SHA1, HWF_ARM_SHA2) (HWF_ARM_PMULL): New. * src/hwf-arm.c [__aarch64__]: Enable building in AArch64 mode. (feature_map_s): New. [__arm__] (AT_HWCAP, AT_HWCAP2, HWCAP2_AES, HWCAP2_PMULL) (HWCAP2_SHA1, HWCAP2_SHA2, arm_features): New. [__aarch64__] (AT_HWCAP, AT_HWCAP2, HWCAP_ASIMD, HWCAP_AES) (HWCAP_PMULL, HWCAP_SHA1, HWCAP_SHA2, arm_features): New. (get_hwcap): Add reading of 'AT_HWCAP2'; Change auxv use 'unsigned long'. (detect_arm_at_hwcap): Add mapping of HWCAP/HWCAP2 to HWF flags. (detect_arm_proc_cpuinfo): Add mapping of CPU features to HWF flags. (_gcry_hwf_detect_arm): Use __ARM_NEON instead of legacy __ARM_NEON__. * src/hwfeatures.c (hwflist): Add 'arm-aes', 'arm-sha1', 'arm-sha2' and 'arm-pmull'. --- Module Name: pkgsrc Committed By: wiz Date: Sat Aug 20 19:22:37 UTC 2016 Modified Files: pkgsrc/security/libgcrypt: Makefile Log Message: Depends on libgpg-error-1.13. >From David H. Gutteridge in PR 51430. --- Module Name: pkgsrc Committed By: fhajny Date: Thu Sep 1 10:19:30 UTC 2016 Modified Files: pkgsrc/security/libgcrypt: Makefile distinfo pkgsrc/security/libgcrypt/patches: patch-aa Log Message: Use COMPILER_RPATH_FLAG properly. Reconciles libgcrypt-config with Darwin linker. Fixes joyent/pkgsrc#400. Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.133 2016/03/05 11:29:20 jperkin Exp $ d3 2 a4 1 DISTNAME= gnupg-1.4.21 @ 1.132 log @Drop maintainership. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.131 2016/01/22 08:39:51 zafer Exp $ d4 1 @ 1.131 log @remove one dead mirror (not resolved) @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.130 2015/12/22 20:55:41 ryoon Exp $ d10 1 a10 1 MAINTAINER= wiz@@NetBSD.org @ 1.130 log @Update to 1.4.20 Changelog: Noteworthy changes in version 1.4.20 (2015-12-20) ------------------------------------------------- * Reject signatures made using the MD5 hash algorithm unless the new option --allow-weak-digest-algos or --pgp2 are given. * New option --weak-digest to specify hash algorithms which should be considered weak. * Changed default cipher for symmetric-only encryption to AES-128. * Fix for DoS when importing certain garbled secret keys. * Improved error reporting for secret subkey w/o corresponding public subkey. * Improved error reporting in decryption due to wrong algorithm. * Fix cluttering of stdout with trustdb info in double verbose mode. * Pass a DBUS envvar to gpg-agent for use by gnome-keyring. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.129 2015/11/16 10:33:35 wiz Exp $ a6 1 ftp://ftp.jyu.fi/pub/crypt/gcrypt/gnupg/ \ @ 1.129 log @Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.128 2015/02/28 00:13:25 wiz Exp $ d3 1 a3 2 DISTNAME= gnupg-1.4.19 PKGREVISION= 1 @ 1.128 log @Update to 1.4.19: Noteworthy changes in version 1.4.19 (2015-02-27) ------------------------------------------------- * Use ciphertext blinding for Elgamal decryption [CVE-2014-3591]. See http://www.cs.tau.ac.il/~tromer/radioexp/ for details. * Fixed data-dependent timing variations in modular exponentiation [related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks are Practical]. * Detect faulty use of --verify on detached signatures. * Changed the PKA method to use CERT records and hashed names. * New import option "keep-ownertrust". * Support algorithm names when generating keys using the --command-fd method. * Updated many translations. * Updated build system. * Fixed a regression in keyserver import * Fixed argument parsing for option --debug-level. * Fixed DoS based on bogus and overlong key packets. * Fixed bugs related to bogus keyrings. * The usual minor minor bug fixes. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.127 2014/10/09 14:06:52 wiz Exp $ d4 1 @ 1.127 log @Remove pkgviews: don't set PKG_INSTALLATION_TYPES in Makefiles. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.126 2014/07/22 11:24:29 wiz Exp $ d3 1 a3 1 DISTNAME= gnupg-1.4.18 @ 1.127.2.1 log @Pullup ticket #4635 - requested by he security/gnupg: security update Revisions pulled up: - security/gnupg/Makefile 1.128 - security/gnupg/PLIST 1.28 - security/gnupg/distinfo 1.66 --- Module Name: pkgsrc Committed By: wiz Date: Sat Feb 28 00:13:25 UTC 2015 Modified Files: pkgsrc/security/gnupg: Makefile PLIST distinfo Log Message: Update to 1.4.19: Noteworthy changes in version 1.4.19 (2015-02-27) ------------------------------------------------- * Use ciphertext blinding for Elgamal decryption [CVE-2014-3591]. See http://www.cs.tau.ac.il/~tromer/radioexp/ for details. * Fixed data-dependent timing variations in modular exponentiation [related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks are Practical]. * Detect faulty use of --verify on detached signatures. * Changed the PKA method to use CERT records and hashed names. * New import option "keep-ownertrust". * Support algorithm names when generating keys using the --command-fd method. * Updated many translations. * Updated build system. * Fixed a regression in keyserver import * Fixed argument parsing for option --debug-level. * Fixed DoS based on bogus and overlong key packets. * Fixed bugs related to bogus keyrings. * The usual minor minor bug fixes. @ text @d1 1 a1 1 # $NetBSD$ d3 1 a3 1 DISTNAME= gnupg-1.4.19 @ 1.126 log @Update to 1.4.18: Noteworthy changes in version 1.4.18 (2014-06-30) ------------------------------------------------- * Fix a regression in 1.4.17 if more than one keyid is given to --recv-keys et al. * Cap RSA and Elgamal keysize at 4096 bit also for unattended key generation. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.125 2014/06/24 07:35:10 wiz Exp $ a15 2 PKG_INSTALLATION_TYPES= overwrite pkgviews @ 1.125 log @Update to 1.4.17 due to security fix: Noteworthy changes in version 1.4.17 (2014-06-23) ------------------------------------------------- * Avoid DoS due to garbled compressed data packets. * Screen keyserver reponses to avoid import of unwanted keys by rogue servers. * Add hash algorithms to the "sig" records of the colon output. * More specific reason codes for INV_RECP status. * Fixes for PC/SC access on Apple. * Minor bug fixes. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.124 2014/02/12 23:18:32 tron Exp $ d3 1 a3 1 DISTNAME= gnupg-1.4.17 @ 1.124 log @Recursive PKGREVISION bump for OpenSSL API version bump. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.123 2013/12/18 18:56:24 wiz Exp $ d3 1 a3 2 DISTNAME= gnupg-1.4.16 PKGREVISION= 1 @ 1.123 log @Update to 1.4.16: Noteworthy changes in version 1.4.16 (2013-12-18) ------------------------------------------------- * Fixed the RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis attack as described by Genkin, Shamir, and Tromer. See . [CVE-2013-4576] * Put only the major version number by default into armored output. * Do not create a trustdb file if --trust-model=always is used. * Print the keyid for key packets with --list-packets. * Changed modular exponentiation algorithm to recover from a small performance loss due to a change in 1.4.14. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.122 2013/10/26 23:30:29 wiz Exp $ d4 1 @ 1.122 log @Remove obsolete --with-static-rnd=auto as suggested by Andreas Gustafsson in PR 48345. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.121 2013/10/05 13:19:51 wiz Exp $ d3 1 a3 1 DISTNAME= gnupg-1.4.15 @ 1.121 log @Update to 1.4.15: Noteworthy changes in version 1.4.15 (2013-10-04) ------------------------------------------------- * Fixed possible infinite recursion in the compressed packet parser. [CVE-2013-4402] * Protect against rogue keyservers sending secret keys. * Use 2048 bit also as default for batch key generation. * Minor bug fixes. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.120 2013/07/25 11:50:45 wiz Exp $ a21 1 CONFIGURE_ARGS+= --with-static-rnd=auto @ 1.120 log @Update to 1.4.14: Noteworthy changes in version 1.4.14 (2013-07-25) ------------------------------------------------- * Mitigate the Yarom/Falkner flush+reload side-channel attack on RSA secret keys. See . * Fixed IDEA for big-endian CPUs * Improved the diagnostics for failed keyserver lockups. * Minor bug and portability fixes. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.119 2013/05/10 20:18:39 riastradh Exp $ d3 1 a3 1 DISTNAME= gnupg-1.4.14 @ 1.120.2.1 log @Pullup ticket #4238 - requested by wiz security/gnupg: security update Revisions pulled up: - security/gnupg/Makefile 1.121 - security/gnupg/distinfo 1.62 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: wiz Date: Sat Oct 5 13:19:51 UTC 2013 Modified Files: pkgsrc/security/gnupg: Makefile distinfo Log Message: Update to 1.4.15: Noteworthy changes in version 1.4.15 (2013-10-04) ------------------------------------------------- * Fixed possible infinite recursion in the compressed packet parser. [CVE-2013-4402] * Protect against rogue keyservers sending secret keys. * Use 2048 bit also as default for batch key generation. * Minor bug fixes. To generate a diff of this commit: cvs rdiff -u -r1.120 -r1.121 pkgsrc/security/gnupg/Makefile cvs rdiff -u -r1.61 -r1.62 pkgsrc/security/gnupg/distinfo @ text @d1 1 a1 1 # $NetBSD$ d3 1 a3 1 DISTNAME= gnupg-1.4.15 @ 1.119 log @Fix cross-build of gnupg with CC_FOR_BUILD=NATIVE_CC. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.118 2013/02/06 23:23:36 jperkin Exp $ d3 1 a3 2 DISTNAME= gnupg-1.4.13 PKGREVISION= 2 @ 1.119.2.1 log @Pullup ticket #4187 - requested by wiz security/gnupg: security update Revisions pulled up: - security/gnupg/Makefile 1.120 - security/gnupg/distinfo 1.61 - security/gnupg/patches/patch-cipher_idea.c deleted --- Module Name: pkgsrc Committed By: wiz Date: Thu Jul 25 11:50:45 UTC 2013 Modified Files: pkgsrc/security/gnupg: Makefile distinfo Removed Files: pkgsrc/security/gnupg/patches: patch-cipher_idea.c Log Message: Update to 1.4.14: Noteworthy changes in version 1.4.14 (2013-07-25) ------------------------------------------------- * Mitigate the Yarom/Falkner flush+reload side-channel attack on RSA secret keys. See . * Fixed IDEA for big-endian CPUs * Improved the diagnostics for failed keyserver lockups. * Minor bug and portability fixes. @ text @d1 1 a1 1 # $NetBSD$ d3 2 a4 1 DISTNAME= gnupg-1.4.14 @ 1.118 log @PKGREVISION bumps for the security/openssl 1.0.1d update. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.117 2013/01/07 21:53:53 wiz Exp $ d41 4 @ 1.117 log @Fix idea on big-endian hosts. From http://bugs.g10code.com/gnupg/issue1461 Reported by tez. Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.116 2013/01/07 21:47:32 wiz Exp $ d4 1 a4 1 PKGREVISION= 1 @ 1.116 log @Remove obsolete line. Noted by tez. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.115 2013/01/06 14:50:47 spz Exp $ d4 1 @ 1.115 log @update of gnupg Fixes CVE-2012-6085 Upstream Changes: * Add support for the old cipher algorithm IDEA. * Minor bug fixes. * Small changes to better cope with future OpenPGP and GnuPG features. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.114 2012/12/16 01:52:32 obache Exp $ a9 2 # don't remove this -- we may add idea.c.gz to it in options.mk DISTFILES= ${DISTNAME}${EXTRACT_SUFX} @ 1.114 log @recursive bump from cyrus-sasl libsasl2 shlib major bump. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.113 2012/11/07 21:07:51 wiz Exp $ d3 1 a3 2 DISTNAME= gnupg-1.4.12 PKGREVISION= 2 @ 1.114.2.1 log @Pullup ticket #4002 - requested by spz security/gnupg: security update Revisions pulled up: - security/gnupg/Makefile 1.115 - security/gnupg/distinfo 1.56 - security/gnupg/patches/patch-ak deleted - security/gnupg/patches/patch-cipher_idea-stub.c deleted - security/gnupg/patches/patch-mpi_mpi-inline.h deleted --- Module Name: pkgsrc Committed By: spz Date: Sun Jan 6 14:50:48 UTC 2013 Modified Files: pkgsrc/security/gnupg: Makefile distinfo Removed Files: pkgsrc/security/gnupg/patches: patch-ak patch-cipher_idea-stub.c patch-mpi_mpi-inline.h Log Message: update of gnupg Fixes CVE-2012-6085 Upstream Changes: * Add support for the old cipher algorithm IDEA. * Minor bug fixes. * Small changes to better cope with future OpenPGP and GnuPG features. @ text @d1 1 a1 1 # $NetBSD$ d3 2 a4 1 DISTNAME= gnupg-1.4.13 @ 1.114.2.2 log @Pullup ticket #4040 - requested by wiz security/gnupg: bug fix patch Revisions pulled up: - security/gnupg/Makefile 1.116-1.117 - security/gnupg/distinfo 1.58-1.60 - security/gnupg/options.mk 1.16 - security/gnupg/patches/patch-cipher_idea.c 1.1 --- Module Name: pkgsrc Committed By: wiz Date: Mon Jan 7 12:26:56 UTC 2013 Modified Files: pkgsrc/security/gnupg: distinfo options.mk Log Message: Remove idea option -- included in standard distfile now. --- Module Name: pkgsrc Committed By: wiz Date: Mon Jan 7 21:47:01 UTC 2013 Modified Files: pkgsrc/security/gnupg: distinfo Log Message: Remove a superfluous line (hi tron!) --- Module Name: pkgsrc Committed By: wiz Date: Mon Jan 7 21:47:32 UTC 2013 Modified Files: pkgsrc/security/gnupg: Makefile Log Message: Remove obsolete line. Noted by tez. --- Module Name: pkgsrc Committed By: wiz Date: Mon Jan 7 21:53:53 UTC 2013 Modified Files: pkgsrc/security/gnupg: Makefile distinfo Added Files: pkgsrc/security/gnupg/patches: patch-cipher_idea.c Log Message: Fix idea on big-endian hosts. >From http://bugs.g10code.com/gnupg/issue1461 Reported by tez. Bump PKGREVISION. @ text @a3 1 PKGREVISION= 1 d10 2 @ 1.113 log @Bump PKGREVISION for patch replacements. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.112 2012/11/07 12:24:39 wiz Exp $ d4 1 a4 1 PKGREVISION= 1 @ 1.112 log @Remove it-seems-unneeded FreeBSD changes that were long commented out. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.111 2012/10/23 18:16:28 asau Exp $ d4 1 @ 1.111 log @Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.110 2012/03/03 00:17:29 wiz Exp $ a41 11 # XXX: still needed? #.if ${OPSYS} == "FreeBSD" #SUBST_CLASSES+= fixme #SUBST_STAGE.fixme= post-configure #SUBST_FILES.fixme= mpi/i386/mpih-add1.S mpi/i386/mpih-lshift.S \ # mpi/i386/mpih-mul1.S mpi/i386/mpih-mul2.S \ # mpi/i386/mpih-mul3.S mpi/i386/mpih-rshift.S \ # mpi/i386/mpih-sub1.S #SUBST_SED.fixme= -e "s,ALIGN (3),ALIGN (4),g" #.endif @ 1.110 log @Update to 1.4.12: Noteworthy changes in version 1.4.12 (2012-01-30) ------------------------------------------------- * GPG now accepts a space separated fingerprint as a user ID. This allows to copy and paste the fingerprint from the key listing. * Removed support for the original HKP keyserver which is not anymore used by any site. * Rebuild the trustdb after changing the option --min-cert-level. * Improved JPEG detection. * Included more VMS patches * Made it easier to create an installer for Windows. * Supports the 32 bit variant of the mingw-w64 toolchain. * Made file locking more portable. * Minor bug fixes. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.109 2011/11/16 08:23:49 sbd Exp $ a18 1 PKG_DESTDIR_SUPPORT= user-destdir @ 1.109 log @Add missing devel/readline buildlinks. Bump PKGREVISIONs @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.108 2011/04/22 13:44:34 obache Exp $ d3 1 a3 2 DISTNAME= gnupg-1.4.11 PKGREVISION= 2 @ 1.108 log @recursive bump from gettext-lib shlib bump. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.107 2010/10/21 21:48:12 wiz Exp $ d4 1 a4 1 PKGREVISION= 1 d59 1 @ 1.107 log @Update to 1.4.11, add some comments to patches and please pkglint. Noteworthy changes in version 1.4.11 (2010-10-18) ------------------------------------------------- * Bug fixes and portability changes. * Minor changes for better interoperability with GnuPG-2. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.106 2009/11/03 07:28:17 adam Exp $ d4 1 @ 1.106 log @Allow building on 64-bit Darwin @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.105 2009/10/27 16:25:21 zafer Exp $ d3 1 a3 1 DISTNAME= gnupg-1.4.10 d28 1 a28 1 INFO_FILES= # PLIST d44 9 a52 9 .if ${OPSYS} == "FreeBSD" SUBST_CLASSES+= fixme SUBST_STAGE.fixme= post-configure SUBST_FILES.fixme= mpi/i386/mpih-add1.S mpi/i386/mpih-lshift.S \ mpi/i386/mpih-mul1.S mpi/i386/mpih-mul2.S \ mpi/i386/mpih-mul3.S mpi/i386/mpih-rshift.S \ mpi/i386/mpih-sub1.S SUBST_SED.fixme= -e "s,ALIGN (3),ALIGN (4),g" .endif @ 1.105 log @update master_sites. switch to http with gd.tuwien.ac.at @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.104 2009/09/28 20:15:08 tnn Exp $ d38 2 a39 5 .if ${OPSYS} == "SunOS" && defined(ABI) && ${ABI} == 64 CONFIGURE_ARGS+= --disable-asm .endif .if ${OPSYS} == "AIX" && defined(ABI) && ${ABI} == 64 @ 1.104 log @- AIX fixes from Louis Guillaume - kill a trailing whitespace @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.103 2009/09/03 12:05:52 wiz Exp $ d6 1 a6 1 ftp://gd.tuwien.ac.at/privacy/gnupg/gnupg/ \ @ 1.103 log @Update to 1.4.10: Noteworthy changes in version 1.4.10 (2009-09-02) ------------------------------------------------- * 2048 bit RSA keys are now generated by default. The default hash algorithm preferences has changed to prefer SHA-256 over SHA-1. 2048 bit DSA keys are now generated to use a 256 bit hash algorithm * Support v2 OpenPGP cards. * The algorithm to compute the SIG_ID status has been changed to match the one from 2.0.10. * Improved file locking. Implemented it for W32. * Fixed a memory leak which made imports of many keys very slow. * Many smaller bug fixes. * Support for the Camellia cipher (RFC-5581). * Support for HKP keyservers over SSL ("HKPS"). @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.102 2009/06/05 22:47:11 zafer Exp $ d8 1 a8 1 ftp://ftp.ring.gr.jp/pub/net/gnupg/gnupg/ d42 4 @ 1.102 log @update master sites. remove planetmirror (does not resolve). remove dfn. requires active ftp. (renders it useless with PASV). @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.101 2009/05/19 08:59:31 wiz Exp $ d3 1 a3 1 DISTNAME= gnupg-1.4.9 @ 1.101 log @Use standard location for LICENSE line (in MAINTAINER/HOMEPAGE/COMMENT block). Uncomment some commented out LICENSE lines while here. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.100 2009/05/04 20:39:55 zafer Exp $ a5 1 ftp://ftp.planetmirror.com/pub/gnupg/ \ a7 1 ftp://ftp.cert.dfn.de/pub/tools/crypt/gcrypt/gnupg/ \ @ 1.100 log @remove backslash @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.99 2009/05/04 17:19:31 zafer Exp $ d18 1 a30 1 #LICENSE= gnu-gplv3 @ 1.99 log @Remove mirror rediris. It does not provide the distfile. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.98 2009/03/05 10:46:23 wiz Exp $ d10 1 a10 1 ftp://ftp.ring.gr.jp/pub/net/gnupg/gnupg/ \ @ 1.98 log @Pick up maintainership. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.97 2009/02/24 16:18:57 wiz Exp $ a10 1 http://sunsite.rediris.es/mirror/gnupg/gnupg/ @ 1.97 log @Drop maintainership. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.96 2008/03/26 21:20:34 adrianp Exp $ d16 1 a16 1 MAINTAINER= pkgsrc-users@@NetBSD.org @ 1.96 log @Update to gnupg-1.4.9 Addresses a recent security issue that only impacts 1.4.8 and 2.0.8 * Improved AES encryption performance by more than 20% (on ia32). Decryption is also a bit faster. * Fixed possible memory corruption bug in 1.4.8 while importing OpenPGP keys. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.95 2008/01/13 16:23:55 wiz Exp $ d16 1 a16 1 MAINTAINER= wiz@@NetBSD.org @ 1.95 log @Update to 1.4.8: Noteworthy changes in version 1.4.8 (2007-12-20) ------------------------------------------------ ******************************************* * A decade of GnuPG: g10-0.0.0.tar.gz was * * released exactly 10 years ago. * ******************************************* * Changed the license to GPLv3. * Improved detection of keyrings specified multiple times. * Changes to better cope with broken keyservers. * Minor bug fixes. * The new OpenPGP standard is now complete, and has been published as RFC-4880. The GnuPG --openpgp mode (note this is not the default) has been updated to match the new standard. The --rfc2440 option can be used to return to the older RFC-2440 behavior. The main differences between the two are "--enable-dsa2 --no-rfc2440-text --escape-from-lines --require-cross-certification". * By default (i.e. --gnupg mode), --require-cross-certification is now on. --rfc2440-text and --force-v3-sigs are now off. * Allow encryption using legacy Elgamal sign+encrypt keys if option --rfc2440 is used. * Fixed the auto creation of the key stub for smartcards. * Fixed a rare bug in decryption using the OpenPGP card. * Fix RFC-4880 typo in the SHA-224 hash prefix. Old SHA-224 signatures will continue to work. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.94 2007/03/07 11:31:24 drochner Exp $ d3 1 a3 1 DISTNAME= gnupg-1.4.8 @ 1.94 log @update to 1.4.7, from Christian Gall per PR pkg/35940 This fixes a security problem which is rather an application issue: The user wasn't notified about additional text (not covered by the signature) unless the --status-fd flag is used. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.93 2006/12/06 23:00:46 wiz Exp $ d3 1 a3 1 DISTNAME= gnupg-1.4.7 d31 1 @ 1.93 log @Update to 1.4.6: Noteworthy changes in version 1.4.6 (2006-12-06) ------------------------------------------------ * Fixed a serious and exploitable bug in processing encrypted packages. [CVE-2006-6235]. * Fixed a buffer overflow in gpg. [bug#728, CVE-2006-6169] (already fixed in pkgsrc) * Fixed a bug while decrypting certain compressed and encrypted messages. [bug#537] * Added --s2k-count to set the number of times passphrase mangling is repeated. The default is 65536 times. * Added --passphrase-repeat to set the number of times GPG will prompt for a new passphrase to be repeated. This is useful to help memorize a new passphrase. The default is 1 repetition. * Added a GPL license exception to the keyserver helper programs gpgkeys_ldap, gpgkeys_curl, and gpgkeys_hkp, to clarify any potential questions about the ability to distribute binaries that link to the OpenSSL library. GnuPG does not link directly to OpenSSL, but libcurl (used for HKP, HTTP, and FTP) and OpenLDAP (used for LDAP) may. Note that this license exception is considered a bug fix and is intended to forgive any violations pertaining to this issue, including those that may have occurred in the past. * Man pages are now build from the same source as those of GnuPG-2. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.92 2006/11/28 05:39:41 taca Exp $ d3 1 a3 1 DISTNAME= gnupg-1.4.6 @ 1.93.2.1 log @Pullup ticket 2047 - requested by drochner security update for gnupg Revisions pulled up: - pkgsrc/security/gnupg/Makefile 1.94 - pkgsrc/security/gnupg/PLIST 1.21 - pkgsrc/security/gnupg/distinfo 1.46 Module Name: pkgsrc Committed By: drochner Date: Wed Mar 7 11:31:24 UTC 2007 Modified Files: pkgsrc/security/gnupg: Makefile PLIST distinfo Log Message: update to 1.4.7, from Christian Gall per PR pkg/35940 This fixes a security problem which is rather an application issue: The user wasn't notified about additional text (not covered by the signature) unless the --status-fd flag is used. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.94 2007/03/07 11:31:24 drochner Exp $ d3 1 a3 1 DISTNAME= gnupg-1.4.7 @ 1.92 log @Add the same patch as security/gnupg2 package to fix a buffer overflow. While fixing a bug reported by Hugh Warrington, a buffer overflow has been identified in all released GnuPG versions. The current versions 1.4.5 and 2.0.0 are affected. A small patch is provided. ... 2006-11-27 Werner Koch * openfile.c (ask_outfile_name): Fixed buffer overflow occurring if make_printable_string returns a longer string. Fixes bug 728. Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.91 2006/11/03 07:45:44 joerg Exp $ d3 1 a3 2 DISTNAME= gnupg-1.4.5 PKGREVISION= 1 @ 1.91 log @DESTDIR support. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.90 2006/08/05 03:13:25 dsainty Exp $ d4 1 @ 1.90 log @Add an HTTP download location too, as a fallback for when FTP downloads are awkward. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.89 2006/08/02 10:37:34 drochner Exp $ d21 1 d57 1 a57 1 ${PREFIX}/share/gnupg @ 1.90.2.1 log @Pullup ticket 1924 - requested by taca security fix for gnupg - pkgsrc/security/gnupg/Makefile 1.92 - pkgsrc/security/gnupg/distinfo 1.44 - pkgsrc/security/gnupg/patches/patch-al 1.1 Module Name: pkgsrc Committed By: taca Date: Tue Nov 28 05:39:42 UTC 2006 Modified Files: pkgsrc/security/gnupg: Makefile distinfo Added Files: pkgsrc/security/gnupg/patches: patch-al Log Message: Add the same patch as security/gnupg2 package to fix a buffer overflow. While fixing a bug reported by Hugh Warrington, a buffer overflow has been identified in all released GnuPG versions. The current versions 1.4.5 and 2.0.0 are affected. A small patch is provided. ... 2006-11-27 Werner Koch * openfile.c (ask_outfile_name): Fixed buffer overflow occurring if make_printable_string returns a longer string. Fixes bug 728. Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.90 2006/08/05 03:13:25 dsainty Exp $ a3 1 PKGREVISION= 1 @ 1.90.2.2 log @Pullup ticket 1944 - requested by wiz security update for gnupg - pkgsrc/security/gnupg/Makefile 1.93 - pkgsrc/security/gnupg/PLIST 1.20 - pkgsrc/security/gnupg/distinfo 1.45 - pkgsrc/security/gnupg/patches/patch-al removed Module Name: pkgsrc Committed By: wiz Date: Wed Dec 6 23:00:46 UTC 2006 Modified Files: pkgsrc/security/gnupg: Makefile PLIST distinfo Removed Files: pkgsrc/security/gnupg/patches: patch-al Log Message: Update to 1.4.6: Noteworthy changes in version 1.4.6 (2006-12-06) ------------------------------------------------ * Fixed a serious and exploitable bug in processing encrypted packages. [CVE-2006-6235]. * Fixed a buffer overflow in gpg. [bug#728, CVE-2006-6169] (already fixed in pkgsrc) * Fixed a bug while decrypting certain compressed and encrypted messages. [bug#537] * Added --s2k-count to set the number of times passphrase mangling is repeated. The default is 65536 times. * Added --passphrase-repeat to set the number of times GPG will prompt for a new passphrase to be repeated. This is useful to help memorize a new passphrase. The default is 1 repetition. * Added a GPL license exception to the keyserver helper programs gpgkeys_ldap, gpgkeys_curl, and gpgkeys_hkp, to clarify any potential questions about the ability to distribute binaries that link to the OpenSSL library. GnuPG does not link directly to OpenSSL, but libcurl (used for HKP, HTTP, and FTP) and OpenLDAP (used for LDAP) may. Note that this license exception is considered a bug fix and is intended to forgive any violations pertaining to this issue, including those that may have occurred in the past. * Man pages are now build from the same source as those of GnuPG-2. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.90.2.1 2006/11/28 08:21:42 ghen Exp $ d3 2 a4 1 DISTNAME= gnupg-1.4.6 @ 1.89 log @update to 1.4.5 security update, recommended by gnupg.org (fixes CVE-2006-3746) changes: * More DSA2 tweaks. * Fixed a problem uploading certain keys to the smart card. * Fixed 2 more possible memory allocation attacks. * Added Norwegian translation. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.88 2006/07/08 21:37:02 markd Exp $ d10 2 a11 1 ftp://ftp.ring.gr.jp/pub/net/gnupg/gnupg/ @ 1.88 log @Don't try and use assembler when building 64bit on Solaris. It gets it wrong for both amd64 and sparc. Fixes PR pkg/32648 and possibly PR pkg/33030. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.87 2006/07/03 21:15:14 wiz Exp $ d3 1 a3 1 DISTNAME= gnupg-1.4.4 @ 1.87 log @Update to 1.4.4: Noteworthy changes in version 1.4.4 (2006-06-25) ------------------------------------------------ * User IDs are now capped at 2048 byte. This avoids a memory allocation attack (see CVE-2006-3082). [was already fixed in pkgsrc] * Added support for the SHA-224 hash. Like the SHA-384 hash, it is mainly useful when DSS (the US Digital Signature Standard) compatibility is desired. * Added support for the latest update to DSA keys and signatures. This allows for larger keys than 1024 bits and hashes other than SHA-1 and RIPEMD/160. Note that not all OpenPGP implementations can handle these new keys and signatures yet. See "--enable-dsa2" in the manual for more information. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.86 2006/06/24 14:20:29 salo Exp $ d38 4 @ 1.86 log @Security fix for CVE-2006-3082: "parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length, which could lead to an integer overflow, as demonstrated using the --no-armor option." Patch from GnuPG CVS repository. Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.85 2006/04/13 18:23:37 jlam Exp $ d3 1 a3 2 DISTNAME= gnupg-1.4.3 PKGREVISION= 1 @ 1.86.2.1 log @Pullup ticket 1772 - requested by salo security update for gnupg Revisions pulled up: - pkgsrc/security/gnupg/Makefile 1.87-1.89 - pkgsrc/security/gnupg/distinfo 1.41-1.43 - pkgsrc/security/gnupg/PLIST 1.19 - pkgsrc/security/gnupg/patches/patch-ba removed @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.89 2006/08/02 10:37:34 drochner Exp $ d3 2 a4 1 DISTNAME= gnupg-1.4.5 a38 4 .if ${OPSYS} == "SunOS" && defined(ABI) && ${ABI} == 64 CONFIGURE_ARGS+= --disable-asm .endif @ 1.85 log @BUILD_USE_MSGFMT and USE_MSGFMT_PLURALS are obsolete. Replace with USE_TOOLS+=msgfmt. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.84 2006/04/07 15:28:49 jlam Exp $ d4 1 @ 1.84 log @List the info files directly in the PLIST and honor PKG{INFO,MAN}DIR. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.83 2006/04/04 21:16:37 wiz Exp $ a18 2 BUILD_USES_MSGFMT= yes d24 1 a24 1 USE_TOOLS+= gmake @ 1.83 log @Update to 1.4.3: Noteworthy changes in version 1.4.3 (2006-04-03) ------------------------------------------------ * If available, cURL-based keyserver helpers are built that can retrieve keys using HKP or any protocol that cURL supports (HTTP, HTTPS, FTP, FTPS, etc). If cURL is not available, HKP and HTTP are still supported using a built-in cURL emulator. To force building the old pre-cURL keyserver helpers, use the configure option --enable-old-keyserver-helpers. Note that none of this affects finger or LDAP support, which are unchanged. Note also that a future version of GnuPG will remove the old keyserver helpers altogether. * Implemented Public Key Association (PKA) signature verification. This uses special DNS records and notation data to associate a mail address with an OpenPGP key to prove that mail coming from that address is legitimate without the need for a full trust path to the signing key. * When exporting subkeys, those specified with a key ID or fingerpint and the '!' suffix are now merged into one keyblock. * Added "gpg-zip", a program to create encrypted archives that can interoperate with PGP Zip. * Added support for signing subkey cross-certification "back signatures". Requiring cross-certification to be present is currently off by default, but will be changed to on by default in the future, once more keys use it. A new "cross-certify" command in the --edit-key menu can be used to update signing subkeys to have cross-certification. * The key cleaning options for --import-options and --export-options have been further polished. "import-clean" and "export-clean" replace the older import-clean-sigs/import-clean-uids and export-clean-sigs/export-clean-uids option pairs. * New "minimize" command in the --edit-key menu removes everything that can be removed from a key, rendering it as small as possible. There are corresponding "export-minimal" and "import-minimal" commands for --export-options and --import-options. * New --fetch-keys command to retrieve keys by specifying a URI. This allows direct key retrieval from a web page or other location that can be specified in a URI. Available protocols are HTTP and finger, plus anything that cURL supplies, if built with cURL support. * Files containing several signed messages are not allowed any longer as there is no clean way to report the status of such files back to the caller. To partly revert to the old behaviour the new option --allow-multisig-verification may be used. * The keyserver helpers can now handle keys in either ASCII armor or binary format. * New auto-key-locate option that takes an ordered list of methods to locate a key if it is not available at encryption time (-r or --recipient). Possible methods include "cert" (use DNS CERT as per RFC2538bis, "pka" (use DNS PKA), "ldap" (consult the LDAP server for the domain in question), "keyserver" (use the currently defined keyserver), as well as arbitrary keyserver URIs that will be contacted for the key. * Able to retrieve keys using DNS CERT records as per RFC-2538bis (currently in draft): http://www.josefsson.org/rfc2538bis pkgsrc change: make architecture-specific options really architecture-specific. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.82 2006/03/10 15:10:08 ghen Exp $ d30 1 a33 2 INFO_FILES= gpg.info gpgv.info @ 1.82 log @Update gnupg to 1.4.2.2, fixing another vulnerability: * Files containing several signed messages are not allowed any longer as there is no clean way to report the status of such files back to the caller. To partly revert to the old behaviour the new option --allow-multisig-verification may be used. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.81 2006/02/15 19:10:20 drochner Exp $ d3 1 a3 1 DISTNAME= gnupg-1.4.2.2 @ 1.82.2.1 log @Pullup ticket 1709 - requested by salo security update for gnupg Revisions pulled up: - pkgsrc/security/gnupg/Makefile 1.83, 1.86 - pkgsrc/security/gnupg/PLIST 1.16 - pkgsrc/security/gnupg/distinfo 1.39, 1.40 - pkgsrc/security/gnupg/options.mk 1.6, 1.7 - pkgsrc/security/gnupg/patches/patch-aa 1.11 - pkgsrc/security/gnupg/patches/patch-ak 1.3 - pkgsrc/security/gnupg/patches/patch-ba 1.1 Module Name: pkgsrc Committed By: wiz Date: Tue Apr 4 21:16:37 UTC 2006 Modified Files: pkgsrc/security/gnupg: Makefile PLIST distinfo options.mk pkgsrc/security/gnupg/patches: patch-aa patch-ak Log Message: Update to 1.4.3: Noteworthy changes in version 1.4.3 (2006-04-03) ------------------------------------------------ * If available, cURL-based keyserver helpers are built that can retrieve keys using HKP or any protocol that cURL supports (HTTP, HTTPS, FTP, FTPS, etc). If cURL is not available, HKP and HTTP are still supported using a built-in cURL emulator. To force building the old pre-cURL keyserver helpers, use the configure option --enable-old-keyserver-helpers. Note that none of this affects finger or LDAP support, which are unchanged. Note also that a future version of GnuPG will remove the old keyserver helpers altogether. * Implemented Public Key Association (PKA) signature verification. This uses special DNS records and notation data to associate a mail address with an OpenPGP key to prove that mail coming from that address is legitimate without the need for a full trust path to the signing key. * When exporting subkeys, those specified with a key ID or fingerpint and the '!' suffix are now merged into one keyblock. * Added "gpg-zip", a program to create encrypted archives that can interoperate with PGP Zip. * Added support for signing subkey cross-certification "back signatures". Requiring cross-certification to be present is currently off by default, but will be changed to on by default in the future, once more keys use it. A new "cross-certify" command in the --edit-key menu can be used to update signing subkeys to have cross-certification. * The key cleaning options for --import-options and --export-options have been further polished. "import-clean" and "export-clean" replace the older import-clean-sigs/import-clean-uids and export-clean-sigs/export-clean-uids option pairs. * New "minimize" command in the --edit-key menu removes everything that can be removed from a key, rendering it as small as possible. There are corresponding "export-minimal" and "import-minimal" commands for --export-options and --import-options. * New --fetch-keys command to retrieve keys by specifying a URI. This allows direct key retrieval from a web page or other location that can be specified in a URI. Available protocols are HTTP and finger, plus anything that cURL supplies, if built with cURL support. * Files containing several signed messages are not allowed any longer as there is no clean way to report the status of such files back to the caller. To partly revert to the old behaviour the new option --allow-multisig-verification may be used. * The keyserver helpers can now handle keys in either ASCII armor or binary format. * New auto-key-locate option that takes an ordered list of methods to locate a key if it is not available at encryption time (-r or --recipient). Possible methods include "cert" (use DNS CERT as per RFC2538bis, "pka" (use DNS PKA), "ldap" (consult the LDAP server for the domain in question), "keyserver" (use the currently defined keyserver), as well as arbitrary keyserver URIs that will be contacted for the key. * Able to retrieve keys using DNS CERT records as per RFC-2538bis (currently in draft): http://www.josefsson.org/rfc2538bis pkgsrc change: make architecture-specific options really architecture-specific. --- Module Name: pkgsrc Committed By: drochner Date: Wed Apr 5 10:04:12 UTC 2006 Modified Files: pkgsrc/security/gnupg: options.mk Log Message: --with-libcurl is on per default, so revert the logics (no functional change, just more effective because a compile check is skipped) --- Module Name: pkgsrc Committed By: salo Date: Sat Jun 24 14:20:29 UTC 2006 Modified Files: pkgsrc/security/gnupg: Makefile distinfo Added Files: pkgsrc/security/gnupg/patches: patch-ba Log Message: Security fix for CVE-2006-3082: "parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length, which could lead to an integer overflow, as demonstrated using the --no-armor option." Patch from GnuPG CVS repository. Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.86 2006/06/24 14:20:29 salo Exp $ d3 1 a3 2 DISTNAME= gnupg-1.4.3 PKGREVISION= 1 @ 1.81 log @update to 1.4.2.1 this fixes a false positive signature verification if only the exit code of "gpgv" or "gpg --verify" is used @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.80 2006/02/05 23:10:43 joerg Exp $ d3 1 a3 1 DISTNAME= gnupg-1.4.2.1 @ 1.80 log @Recursive revision bump / recommended bump for gettext ABI change. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.79 2005/12/05 20:50:56 rillig Exp $ d3 1 a3 2 DISTNAME= gnupg-1.4.2 PKGREVISION= 1 @ 1.79 log @Fixed pkglint warnings. The warnings are mostly quoting issues, for example MAKE_ENV+=FOO=${BAR} is changed to MAKE_ENV+=FOO=${BAR:Q}. Some other changes are outlined in http://mail-index.netbsd.org/tech-pkg/2005/12/02/0034.html @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.78 2005/10/10 20:45:19 reed Exp $ d4 1 @ 1.79.2.1 log @Pullup ticket 1141 - requested by Matthias Drochner security update for gnupg Revisions pulled up: - pkgsrc/security/gnupg/Makefile 1.81 - pkgsrc/security/gnupg/distinfo 1.36, 1.37 Module Name: pkgsrc Committed By: drochner Date: Wed Feb 15 19:10:20 UTC 2006 Modified Files: pkgsrc/security/gnupg: Makefile distinfo Log Message: update to 1.4.2.1 this fixes a false positive signature verification if only the exit code of "gpgv" or "gpg --verify" is used --- Module Name: pkgsrc Committed By: tron Date: Wed Feb 15 22:26:46 UTC 2006 Modified Files: pkgsrc/security/gnupg: distinfo Log Message: Readd checksum for "idea.c.gz" which got lost during the last update. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.81 2006/02/15 19:10:20 drochner Exp $ d3 1 a3 1 DISTNAME= gnupg-1.4.2.1 @ 1.79.2.2 log @Pullup ticket 1218 - requested by Geert Hendrickx security update for gnupg Changes: - pkgsrc/security/gnupg/Makefile 1.82 - pkgsrc/security/gnupg/distinfo 1.38 Module Name: pkgsrc Committed By: ghen Date: Fri Mar 10 15:10:08 UTC 2006 Modified Files: pkgsrc/security/gnupg: Makefile distinfo Log Message: Update gnupg to 1.4.2.2, fixing another vulnerability: * Files containing several signed messages are not allowed any longer as there is no clean way to report the status of such files back to the caller. To partly revert to the old behaviour the new option --allow-multisig-verification may be used. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.79.2.1 2006/02/16 15:00:21 salo Exp $ d3 1 a3 1 DISTNAME= gnupg-1.4.2.2 @ 1.78 log @Remove the redundant INSTALLATION_DIRS. This already does mkdir or mkinstalldirs for these needed directories. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.77 2005/07/28 15:12:05 wiz Exp $ d43 1 a43 1 SUBST_CLASSES= fixme @ 1.77 log @Update to 1.4.2. Noteworthy changes in version 1.4.2 (2005-07-26) ------------------------------------------------ * New command "verify" in the card-edit menu to display the Private-DO-3. The Admin command has been enhanced to take the optional arguments "on", "off" and "verify". The latter may be used to verify the Admin Pin without modifying data; this allows displaying the Private-DO-4 with the "list" command. * Rewrote large parts of the card code to optionally make use of a running gpg-agent. If --use-agent is being used and a gpg-agent with enabled scdaemon is active, gpg will now divert all card operations to that daemon. This is required because both, scdaemon and gpg require exclusive access to the card reader. By delegating the work to scdaemon, both can peacefully coexist and scdaemon is able to control the use of the reader. Note that this requires at least gnupg 1.9.17. * Fixed a couple of problems with the card reader. * Command completion is now available in the --edit-key and --card-edit menus. Filename completion is available at all filename prompts. Note that completion is only available if the system provides a readline library. * New experimental HKP keyserver helper that uses the cURL library. It is enabled via the configure option --with-libcurl like the other (also experimental) cURL helpers. * New key cleaning options that can be used to remove unusable (expired, revoked) signatures from a key. This is available via the new "clean" command in --edit-key on a key by key basis, as well as via the import-clean-sigs/import-clean-uids and export-clean-sigs/export-clean-uids options for --import-options and --export-options. These are currently off by default, and replace the import-unusable-sigs/export-unusable-sigs options from version 1.4.1. * New export option export-reset-subkey-passwd. * New option --limit-card-insert-tries. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.76 2005/05/22 20:08:30 jlam Exp $ a36 2 INSTALLATION_DIRS= bin libexec/gnupg man/man1 man/man7 share/gnupg @ 1.76 log @Remove USE_GNU_TOOLS and replace with the correct USE_TOOLS definitions: USE_GNU_TOOLS -> USE_TOOLS awk -> gawk m4 -> gm4 make -> gmake sed -> gsed yacc -> bison @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.75 2005/04/11 21:47:11 tv Exp $ d3 1 a3 1 DISTNAME= gnupg-1.4.1 @ 1.75 log @Remove USE_BUILDLINK3 and NO_BUILDLINK; these are no longer used. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.74 2005/03/22 17:50:55 wiz Exp $ d26 1 a26 1 USE_GNU_TOOLS+= make @ 1.74 log @Update to 1.4.1: Noteworthy changes in version 1.4.1 (2005-03-15) ------------------------------------------------ * New --rfc2440-text option which controls how text is handled in signatures. This is in response to some problems seen with certain PGP/MIME mail clients and GnuPG version 1.4.0. More details about this are available at . * New "import-unusable-sigs" and "export-unusable-sigs" tags for --import-options and --export-options. These are off by default, and cause GnuPG to not import or export key signatures that are not usable (e.g. expired signatures). * New experimental HTTP, HTTPS, FTP, and FTPS keyserver helper that uses the cURL library to retrieve keys. This is disabled by default, but may be enabled with the configure option --with-libcurl. Without this option, the existing HTTP code is used for HTTP, and HTTPS, FTP, and FTPS are not supported. [enabled with the "curl" option for the package] * When running a --card-status or --card-edit and a public key is available, missing secret key stubs will be created on the fly. Details of the key are listed too. * The implicit packet dumping in double verbose mode is now sent to stderr and not to stdout. * Added countermeasures against the Mister/Zuccherato CFB attack . * Add new --edit-key command "bkuptocard" to allow restoring a card key from a backup. * The "fetch" command of --card-edit now retrieves the key using the default keyserver if no URL has been stored on the card. * New configure option --enable-noexecstack. Also, gpgkeys_mailto is not installed any longer, dropping the dependency on perl. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.73 2005/02/09 11:35:50 markd Exp $ a24 1 USE_BUILDLINK3= yes @ 1.73 log @Disable gnupg's new iconv code on platforms that have problems with it in the default locale (NetBSD < 2.0 and Solaris). OK'ed by wiz. Fixes PR pkg/28895. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.72 2004/12/25 02:54:13 wiz Exp $ d3 1 a3 1 DISTNAME= gnupg-1.4.0 d19 2 a22 1 BUILD_USES_MSGFMT= yes a62 1 .include "../../lang/perl5/buildlink3.mk" @ 1.73.2.1 log @Pullup ticket 391 - requested by Thomas Klausner security fix for gnupg Revisions pulled up: - pkgsrc/security/gnupg/Makefile 1.74 - pkgsrc/security/gnupg/PLIST 1.15 - pkgsrc/security/gnupg/distinfo 1.34 - pkgsrc/security/gnupg/options.mk 1.2 Module Name: pkgsrc Committed By: wiz Date: Tue Mar 22 17:50:55 UTC 2005 Modified Files: pkgsrc/security/gnupg: Makefile PLIST distinfo options.mk Log Message: Update to 1.4.1: Noteworthy changes in version 1.4.1 (2005-03-15) ------------------------------------------------ * New --rfc2440-text option which controls how text is handled in signatures. This is in response to some problems seen with certain PGP/MIME mail clients and GnuPG version 1.4.0. More details about this are available at . * New "import-unusable-sigs" and "export-unusable-sigs" tags for --import-options and --export-options. These are off by default, and cause GnuPG to not import or export key signatures that are not usable (e.g. expired signatures). * New experimental HTTP, HTTPS, FTP, and FTPS keyserver helper that uses the cURL library to retrieve keys. This is disabled by default, but may be enabled with the configure option --with-libcurl. Without this option, the existing HTTP code is used for HTTP, and HTTPS, FTP, and FTPS are not supported. [enabled with the "curl" option for the package] * When running a --card-status or --card-edit and a public key is available, missing secret key stubs will be created on the fly. Details of the key are listed too. * The implicit packet dumping in double verbose mode is now sent to stderr and not to stdout. * Added countermeasures against the Mister/Zuccherato CFB attack . * Add new --edit-key command "bkuptocard" to allow restoring a card key from a backup. * The "fetch" command of --card-edit now retrieves the key using the default keyserver if no URL has been stored on the card. * New configure option --enable-noexecstack. Also, gpgkeys_mailto is not installed any longer, dropping the dependency on perl. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.73 2005/02/09 11:35:50 markd Exp $ d3 1 a3 1 DISTNAME= gnupg-1.4.1 a18 2 BUILD_USES_MSGFMT= yes d21 1 d62 1 @ 1.72 log @Update to 1.4.0, provided by Stefan Krüger in PR 28738. While here, convert to options.mk. GnuPG 1.4 Highlights ==================== This is a brief overview of the changes between the GnuPG 1.2 series and the new GnuPG 1.4 series. To read the full list of highlights for each revision that led up to 1.4, see the NEWS file in the GnuPG distribution. This document is based on the NEWS file, and is thus the highlights of the highlights. When upgrading, note that RFC-2440, the OpenPGP standard, is currently being revised. Most of the revisions in the latest draft (2440bis-12) have already been incorporated into GnuPG 1.4. Algorithm Changes ----------------- OpenPGP supports many different algorithms for encryption, hashing, and compression, and taking into account the OpenPGP revisions, GnuPG 1.4 supports a slightly different algorithm set than 1.2 did. The SHA256, SHA384, and SHA512 hashes are now supported for read and write. The BZIP2 compression algorithm is now supported for read and write. Due to the recent successful attack on the MD5 hash algorithm (discussed in , among other places), MD5 is deprecated for OpenPGP use. It is still allowed in GnuPG 1.4 for backwards compatibility, but a warning is given when it is used. The TIGER/192 hash is no longer available. This should not be interpreted as a statement as to the quality of TIGER/192 - rather, the revised OpenPGP standard removes support for several unused or mostly unused hashes, and TIGER/192 was one of them. Similarly, Elgamal signatures and the Elgamal signing key type have been removed from the OpenPGP standard, and thus from GnuPG. Please do not confuse Elgamal signatures with DSA or DSS signatures or with Elgamal encryption. Elgamal signatures were very rarely used and were not supported in any product other than GnuPG. Elgamal encryption was and still is part of OpenPGP and GnuPG. Very old (pre-1.0) versions of GnuPG supported a nonstandard (contrary to OpenPGP) Elgamal key type. While no recent version of GnuPG permitted the generation of such keys, GnuPG 1.2 could still use them. GnuPG 1.4 no longer allows the use of these keys or the (also nonstandard) messages generated using them. At build time, it is possible to select which algorithms will be built into GnuPG. This can be used to build a smaller program binary for embedded uses where space is tight. Keyserver Changes ----------------- GnuPG 1.4 does all keyserver operations via plugin or helper applications. This allows the main GnuPG program to be smaller and simpler. People who package GnuPG for various reasons have the flexibility to include or leave out support for any keyserver type as desired. Support for fetching keys via HTTP and finger has been added. This is mainly useful for setting a preferred keyserver URL like "http://www.jabberwocky.com/key.asc". or "finger:wk at g10code.com". The LDAP keyserver helper now supports storing, retrieving, and searching for keys in both the old NAI "LDAP keyserver" as well as the more recent method to store OpenPGP keys in standard LDAP servers. This is compatible with the storage schema that PGP uses, so both products can interoperate with the same LDAP server. The LDAP keyserver helper is compatible with the PGP company's new "Global Directory" service. If the LDAP library you use supports LDAP-over-TLS and LDAPS, then GnuPG detects this and supports them as well. Note that using TLS or LDAPS does not improve the security of GnuPG itself, but may be useful in certain key distribution scenarios. HTTP Basic authentication is now supported for all HKP and HTTP keyserver functions, either through a proxy or via direct access. The HKP keyserver plugin supports the new machine-readable key listing format for those keyservers that provide it. IPv6 is supported for HKP and HTTP keyserver access. When using a HKP keyserver with multiple DNS records (such as subkeys.pgp.net which has the addresses of multiple servers around the world), all DNS address records are tried until one succeeds. This prevents a single down server in the rotation from stopping access. DNS SRV records are used in HKP keyserver lookups to allow administrators to load balance and select keyserver ports automatically. Timeout support has been added to the keyserver plugins. This allows users to set an upper limit on how long to wait for the keyserver before giving up. Preferred Keyserver URL ----------------------- Preferred keyserver support has been added. Users may set a preferred keyserver via the --edit-key command "keyserver". If the --keyserver-option honor-keyserver-url is set (and it is by default), then the preferred keyserver is used when refreshing that key with --refresh-keys. The --sig-keyserver-url option can be used to inform signature recipients where the signing key can be downloaded. When verifying the signature, if the signing key is not present, and the keyserver options honor-keyserver-url and auto-key-retrieve are set, this URL will be used to retrieve the key. Trust Signatures ---------------- GnuPG 1.4 supports OpenPGP trust signatures, which allow a user to specify the trust level and distance from the user along with the signature so users can delegate different levels of certification ability to other users, possibly restricted by a regular expression on the user ID. Trust Models ------------ GnuPG 1.4 supports several ways of looking at trust: Classic - The classic PGP trust model, where people sign each others keys and thus build up an assurance (called "validity") that the key belongs to the right person. This was the default trust model in GnuPG 1.2. Always - Bypass all trust checks, and make all keys fully valid. Direct - Users may set key validity directly. PGP - The PGP 7 and 8 behavior which combines Classic trust with trust signatures overlaid on top. This is the default trust model in GnuPG 1.4. The OpenPGP Smartcard --------------------- GnuPG 1.4 supports the OpenPGP smartcard () Secret keys may be kept fully or partially on the smartcard. The smartcard may be used for primary keys or subkeys. Other Interesting New Features ------------------------------ For those using Security-Enhanced Linux , the configure option --enable-selinux-support prevents GnuPG from processing its own files (i.e. reading the secret keyring for something other than getting a secret key from it). This simplifies writing ACLs for the SELinux kernel. Readline support is now available at all prompts if the system provides a readline library. GnuPG can now create messages that can be decrypted with either a passphrase or a secret key. These messages may be generated with --symmetric --encrypt or --symmetric --sign --encrypt. --list-options and --verify-options allow the user to customize exactly what key listings or signature verifications look like, enabling or disabling things such as photo display, preferred keyserver URL, calculated validity for each user ID, etc. The --primary-keyring option designates the keyring that the user wants new keys imported into. The --hidden-recipient (or -R) command encrypts to a user, but hides the identity of that user. This is the same functionality as --throw-keyid, but can be used on a per-user basis. Full algorithm names (e.g. "3DES", "SHA1", "ZIP") can now be used interchangeably with the short algorithm names (e.g. "S2", "H2", "Z1") anywhere algorithm names are used in GnuPG. The --keyid-format option selects short (99242560), long (DB698D7199242560), 0xshort (0x99242560), or 0xlong (0xDB698D7199242560) key ID displays. This lets users tune the display to what they prefer. While it is not recommended for extended periods, it is possible to run both GnuPG 1.2.x and GnuPG 1.4 during the transition. To aid in this, GnuPG 1.4 tries to load a config file suffixed with its version before it loads the default config file. For example, 1.4 will try for gpg.conf-1.4 and gpg.conf-1 before falling back to the regular gpg.conf file. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.71 2004/11/08 21:17:01 tv Exp $ d39 4 @ 1.71 log @The correct name of this program is "GNU Privacy Guard" (not "Privacy Guard"). @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.70 2004/10/03 00:18:08 tv Exp $ d3 1 a3 2 DISTNAME= gnupg-1.2.6 PKGREVISION= 1 d6 1 a6 1 ftp://ftp.planetmirror.com/pub/gnupg/gnupg/ \ d9 2 a10 1 ftp://ftp.freenet.de/pub/ftp.gnupg.org/gcrypt/gnupg/ d12 1 a12 1 # don't remove this -- we may add idea.c.gz to it below d27 1 a27 1 CONFIGURE_ARGS+= --enable-tiger --with-static-rnd=auto d35 1 a35 22 .include "../../mk/bsd.prefs.mk" BUILD_DEFS+= USE_I586 USE_IDEA USE_OPENLDAP M68060 .if defined(USE_I586) && ${USE_I586} == YES # use assembler routines optimized for i586 ONLY_FOR_PLATFORM= *-*-i386 MACHINE_GNU_ARCH= i586 .endif .if defined(M68060) && ${M68060} == YES # be more efficient on M68060 machines CONFIGURE_ENV+= M68060=${M68060} CFLAGS+= -m68060 .endif .if defined(USE_IDEA) && ${USE_IDEA} == YES # use of IDEA as crypto function LICENCE= fee-based-commercial-use DISTFILES+= idea.c.gz SITES_idea.c.gz=ftp://ftp.gnupg.dk/pub/contrib-dk/ \ http://www.gnupg.dk/contrib-dk/ d39 1 a39 12 pre-configure: ${GZCAT} ${DISTDIR}/idea.c.gz > ${WRKSRC}/cipher/idea.c .endif .if defined(USE_OPENLDAP) && ${USE_OPENLDAP} == YES .include "../../databases/openldap/buildlink3.mk" PLIST_SUBST+= OPENLDAP="" .else CONFIGURE_ARGS+=--disable-ldap PLIST_SUBST+= OPENLDAP="@@comment " .endif a40 1 a47 1 @ 1.70 log @Libtool fix for PR pkg/26633, and other issues. Update libtool to 1.5.10 in the process. (More information on tech-pkg.) Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and installing .la files. Bump PKGREVISION (only) of all packages depending directly on the above via a buildlink3 include. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.69 2004/08/26 13:19:32 wiz Exp $ d17 1 a17 1 COMMENT= Privacy Guard, public-Key encryption and digital signatures @ 1.69 log @Update to 1.2.6: * Updated the included gettext. This also fixes the installation problem from 1.2.5 * Fixed a race condition possibly leading to deleted keys. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.68 2004/07/28 15:55:45 schmonz Exp $ d4 1 @ 1.68 log @Enable pkgviews installation. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.67 2004/07/28 15:17:42 wiz Exp $ d3 1 a3 1 DISTNAME= gnupg-1.2.5 @ 1.67 log @Update to 1.2.5: * New --ask-cert-level/--no-ask-cert-level option to turn on and off the prompt for signature level when signing a key. Defaults to on. * New --min-cert-level option to disregard key signatures that are under a specified level. Defaults to 1 (i.e. don't disregard anything). * New --max-output option to limit the amount of plaintext output generated by GnuPG. This option can be used by programs which call GnuPG to process messages that may result in plaintext larger than the calling program is prepared to handle. This is sometimes called a "Decompression Bomb". * New --list-config command for frontends and other programs that call GnuPG. See doc/DETAILS for the specifics of this. * New --gpgconf-list command for internal use by the gpgconf utility from gnupg 1.9.x. * Some performance improvements with large keyrings. See --enable-key-cache=SIZE in the README file for details. * Some portability fixes for the OpenBSD/i386, HPPA, and AIX platforms. * Simplified Chinese translation. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.66 2004/05/07 15:25:13 cjep Exp $ d18 2 d57 2 @ 1.66 log @whitespace nits @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.65 2004/04/09 00:36:06 reed Exp $ d3 1 a3 2 DISTNAME= gnupg-1.2.4 PKGREVISION= 1 @ 1.65 log @Assume a mail transfer agent (/usr/sbin/sendmail) is installed. This is to make sure that libexec/gnupg/gpgkeys_mailto is installed. (Okay'd by wiz.) This assumes that /usr/sbin/sendmail is sendmail. PKGREVISION is not bumped because package couldn't be made in first place if libexec/gnupg/gpgkeys_mailto was missing. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.64 2004/04/08 20:58:32 wiz Exp $ d43 1 a43 1 .if defined(M68060) && ${M68060} == YES @ 1.64 log @Convert to bl3. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.63 2004/03/30 15:13:12 tv Exp $ d26 1 @ 1.63 log @Apply the patch from PR pkg/21493. This is now submitted to gnupg.org as bug gnupg/293, so grant has blessed it for inclusion in pkgsrc. No more GNU sed build dependency, but the binaries do not change; thus PKGREVISION untouched. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.62 2004/03/30 09:05:56 grant Exp $ d22 1 a22 1 USE_BUILDLINK2= yes d60 1 a60 1 .include "../../databases/openldap/buildlink2.mk" d83 5 a87 5 .include "../../converters/libiconv/buildlink2.mk" .include "../../devel/gettext-lib/buildlink2.mk" .include "../../devel/zlib/buildlink2.mk" .include "../../archivers/bzip2/buildlink2.mk" .include "../../lang/perl5/buildlink2.mk" @ 1.62 log @compress USE_GNU_TOOLS onto one line. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.61 2004/03/01 19:12:25 wiz Exp $ d24 1 a24 1 USE_GNU_TOOLS+= make sed @ 1.61 log @Make build on m68kelf, and honour M68060 variable for quite a bit of speedup on m68060 machines. From S.P. Zeidler in PR 24579. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.60 2004/02/08 01:00:13 kleink Exp $ d24 1 a24 1 USE_GNU_TOOLS+= make a27 2 USE_GNU_TOOLS+= sed @ 1.60 log @Install doc/DETAILS, which conveniently documents --with-colon formatted output, among other things. Bump to 1.2.4nb1. Approved by Thomas Klausner. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.59 2004/02/02 23:47:15 xtraeme Exp $ d36 1 a36 1 BUILD_DEFS+= USE_I586 USE_IDEA USE_OPENLDAP d44 6 @ 1.59 log @Respect whitespaces in SUBST_SED.fixme. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.58 2004/02/02 23:41:32 xtraeme Exp $ d4 1 d75 4 @ 1.58 log @Fix build in FreeBSD, the output was: _mpih-mul1.s:2: Error: alignment not a power of 2 _mpih-mul1.s:20: Error: alignment not a power of 2 So, changing ALIGN (3) to ALIGN (4) fixes these problems. Patch sent by pancake in private email, adapted to use subst.mk framework by me. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.57 2004/01/24 15:00:22 grant Exp $ d70 1 a70 1 SUBST_SED.fixme= -e "s,ALIGN(3),ALIGN(4),g" @ 1.57 log @replace deprecated USE_GMAKE with USE_GNU_TOOLS+=make. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.56 2003/12/25 14:05:02 wiz Exp $ d62 12 @ 1.56 log @Update to 1.2.4: * Added read-only support for BZIP2 compression. This should be considered experimental, and is only available if the libbzip2 library is installed. * Added the ability to handle messages that can be decrypted with either a passphrase or a secret key. * Most support for Elgamal sign+encrypt keys has been removed. Old signatures may still be verified, and existing encrypted messages may still be decrypted, but no new signatures may be issued by, and no new messages will be encrypted to, these keys. Elgamal sign+encrypt keys are not part of the web of trust. The only new message that can be generated by an Elgamal sign+encrypt key is a key revocation. Note that in a future version of GnuPG (currently planned for 1.4), all support for Elgamal sign+encrypt keys will be removed, so take this opportunity to revoke old keys now. * A Russian translation is included again as well as a new Belarusian translation. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.55 2003/11/27 23:46:36 heinz Exp $ d23 1 a23 1 USE_GMAKE= yes @ 1.55 log @Add improved patch for compromised ElGamal signing keys from gnupg-devel at gnupg org. The old patch didn't completely disable usage of the compromised keys. Move the old and new fix to the patches/ directory. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.54 2003/11/27 09:50:12 tron Exp $ d3 1 a3 2 DISTNAME= gnupg-1.2.3 PKGREVISION= 2 d65 1 @ 1.54 log @Apply security patch which disables ElGamal signature keys because they are vulnerable. Bump package revision to reflect this change. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.53 2003/10/11 07:18:50 grant Exp $ d4 1 a4 1 PKGREVISION= 1 a17 4 PATCH_SITES= http://www.heise.de/security/tools/ PATCHFILES= gnupg_patch.diff PATCH_DIST_ARGS= -d ${WRKSRC}/g10 -E ${PATCH_DIST_STRIP} @ 1.53 log @require GNU sed for GNU sed specific expressions. fixes PR pkg/21493. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.52 2003/08/25 21:25:24 itojun Exp $ d4 1 d19 4 a23 1 @ 1.53.2.1 log @Pull up security fixes to the pkgsrc-2003Q4 branch, requested by Alistair Crooks. --------------------- PatchSet 73 Date: 2003/11/27 09:50:12 Author: tron Log: Apply security patch which disables ElGamal signature keys because they are vulnerable. Bump package revision to reflect this change. Members: Makefile:1.53->1.54 distinfo:1.21->1.22 --------------------- PatchSet 74 Date: 2003/11/27 23:46:36 Author: heinz Log: Add improved patch for compromised ElGamal signing keys from gnupg-devel at gnupg org. The old patch didn't completely disable usage of the compromised keys. Move the old and new fix to the patches/ directory. Members: Makefile:1.54->1.55 distinfo:1.22->1.23 patches/patch-ai:INITIAL->1.1 patches/patch-aj:INITIAL->1.1 @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.55 2003/11/27 23:46:36 heinz Exp $ a3 1 PKGREVISION= 2 d19 1 @ 1.52 log @upgrade to 1.2.3. * New "--gnupg" option (set by default) that disables --openpgp, and the various --pgpX emulation options. This replaces --no-openpgp, and --no-pgpX, and also means that GnuPG has finally grown a --gnupg option to make GnuPG act like GnuPG. * A number of portability changes to make building GnuPG on less-common platforms easier. * Romanian translation. * Two new %-expandos for use in notation and policy URLs. "%g" expands to the fingerprint of the key making the signature (which might be a subkey), and "%p" expands to the fingerprint of the primary key that owns the key making the signature. * New "tru" record in --with-colons --list-keys listings. It shows the status of the trust database that was used to calculate the key validity in the listings. See doc/DETAILS for the specifics of this. * New REVKEYSIG status tag for --status-fd. It indicates a valid signature that was issued by a revoked key. See doc/DETAILS for the specifics of this. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.51 2003/08/15 07:02:22 itojun Exp $ d27 2 @ 1.51 log @add IPv6 support. bump PKGREVISION @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.50 2003/08/09 11:21:55 seb Exp $ d3 1 a3 2 DISTNAME= gnupg-1.2.2 PKGREVISION= 2 @ 1.50 log @USE_NEW_TEXINFO is unnecessary now. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.49 2003/08/08 18:57:04 wiz Exp $ d4 1 a4 1 PKGREVISION= 1 @ 1.49 log @Add http master site for idea.c.gz. Addresses PR 22408. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.48 2003/08/04 23:12:17 seb Exp $ a30 1 USE_NEW_TEXINFO= YES @ 1.48 log @Convert to USE_NEW_TEXINFO. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.47 2003/07/17 22:52:55 grant Exp $ d48 2 a49 1 SITES_idea.c.gz=ftp://ftp.gnupg.dk/pub/contrib-dk/ @ 1.47 log @s/netbsd.org/NetBSD.org/ @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.46 2003/07/13 13:53:10 wiz Exp $ d31 1 a66 1 .include "../../mk/texinfo.mk" @ 1.46 log @PKGREVISION bump for libiconv update. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.45 2003/05/06 15:57:03 tron Exp $ d15 1 a15 1 MAINTAINER= wiz@@netbsd.org @ 1.45 log @Remove dead mirrors, add a new one. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.44 2003/05/06 15:48:24 tron Exp $ d4 1 @ 1.44 log @Fix some of the master site URLs so that the "fetch" target works at least particually. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.43 2003/05/05 16:33:46 taca Exp $ a6 1 ftp://ftp.ring.gr.jp/pub/pgp/ \ d9 1 a9 2 ftp://ftp.cert.dfn.de/pub/tools/crypt/gcrypt/ \ ftp://hal.csd.auth.gr/mirrors/gnupg/ @ 1.43 log @Update gnupg package to 1.2.2. Security problem is reported on bugtraq. http://www.securityfocus.com/archive/1/320444/2003-05-02/2003-05-08/0 2003-05-01 Werner Koch Released 1.2.2. 2003-04-30 David Shaw * NEWS: Note trust bug fix. 2003-04-29 David Shaw * NEWS: Add note about TIGER being dropped from OpenPGP. * README: Add note about the HP/UX inline problem. Fix all URLs to point to the right place in the reorganized gnupg.org web pages. Some minor language fixes. 2003-04-27 David Shaw * NEWS: Add sig version, pk algo, hash algo, and sig class to VALIDSIG. * BUGS: Fix bug reporting URL. 2003-04-24 Werner Koch * configure.ac (ALL_LINGUAS): Added Hungarian translation by Nagy Ferenc László. 2003-04-23 David Shaw * configure.ac: "TIGER" -> "TIGER/192". * README: Put back proper copyright line. 2003-04-16 Werner Koch Released 1.2.2rc2. 2003-04-15 Werner Koch * configure.ac (ALL_LINGUAS): Add Slovak translation. * configure.ac (HAVE_DOSISH_SYSTEM): New automake conditional. * acinclude.m4 (GNUPG_CHECK_ENDIAN): Fixed quoting of r.e. using quadrigraphs. 2003-04-08 David Shaw * configure.ac: Big warning that TIGER is being removed from the standard. 2003-04-08 Werner Koch * Makefile.am (EXTRA_DIST): Add autogen.sh wrapper which is useful for some cross-compiling targets. 2003-04-07 David Shaw * acinclude.m4: Fix URL to faqprog.pl. * README: Add --enable-sha512 switch and update version number and copyright date. * NEWS: Add note about SHA-256/384/512. 2003-03-24 Werner Koch * configure.ac: Test for ranlib and ar. 2003-03-12 Werner Koch * acinclude.m4 (GNUPG_CHECK_ENDIAN): When crosscompiling assume little only for Intel CPUs. 2003-02-19 David Shaw * configure.ac: Define @@CAPLIBS@@ to link in -lcap if we are using capabilities. 2003-02-11 David Shaw * configure.ac: Add --enable-sha512 switch to add SHA384/512 support. 2003-02-06 David Shaw * configure.ac: Do not set GNUPG_LIBEXECDIR in ./configure, so that makefiles can override it. 2003-02-02 David Shaw * configure.ac (ALL_LINGUAS): Needs to be on one line to avoid problems during ./configure. * NEWS: Note new --with-colons disabled key flag and new "revuid" command. 2003-01-07 Werner Koch Released 1.2.2rc1. * configure.ac (ALL_LINGUAS): Added fi and zh_TW. 2003-01-06 David Shaw * NEWS: Add notes about disabled keys and trustdb tweaks. 2002-12-04 David Shaw * NEWS: Add note about convert-from-106 script. 2002-11-25 David Shaw * NEWS: Add notes about notation names and '@@', the "--trust-model always" option, and non-optimized memory wiping. 2002-11-09 Werner Koch * configure.ac: Check for ctermid(). 2002-10-31 David Shaw * Makefile.am: Put gnupg.spec in the root directory so rpm -ta works. * configure.ac: Add a check for volatile. @ text @d1 1 a1 2 # $NetBSD: Makefile,v 1.42 2003/05/02 11:56:16 wiz Exp $ # d6 1 a6 1 ftp://ftp.planetmirror.com/pub/gnupg/ \ d8 2 a9 2 ftp://gd.tuwien.ac.at/privacy/gnupg/ \ ftp://ftp.jyu.fi/pub/crypt/gcrypt/ \ @ 1.42 log @Dependency bumps, needed because of devel/pth's major bump, and related dependency bumps. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.41 2003/01/10 07:48:48 cjep Exp $ d4 1 a4 2 DISTNAME= gnupg-1.2.1 PKGREVISION= 2 @ 1.41 log @USE_PKGLOCALEDIR=yes @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.40 2002/12/12 14:34:49 abs Exp $ d5 1 a5 1 PKGREVISION= 1 @ 1.40 log @shorten COMMENT @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.39 2002/11/24 18:47:48 dillo Exp $ d24 7 a30 6 CRYPTO= yes GNU_CONFIGURE= yes USE_BUILDLINK2= yes USE_GMAKE= yes CONFIGURE_ARGS+=--enable-tiger --with-static-rnd=auto TEST_TARGET= check @ 1.39 log @use test target provided by bsd.pkg.mk instead of home grown one. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.38 2002/11/24 16:52:05 chris Exp $ d20 1 a20 1 COMMENT= Privacy Guard, a public-Key encryption and digital signature utility @ 1.38 log @Rename the regress target test. This appears to be the new standard: http://mail-index.netbsd.org/pkgsrc-changes/2002/11/23/0009.html @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.37 2002/11/24 12:22:16 chris Exp $ d29 1 a61 3 test: cd ${WRKSRC} && make check @ 1.37 log @Seems that gnupg now depends on perl being available to create, install and run gpgkeys_mailto Fixes PR pkg/19104 Also bump pkgrevision. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.36 2002/10/27 02:53:02 chris Exp $ d62 1 a62 1 regress: @ 1.36 log @Update gnupg to 1.2.1. Is a bug fix release. Major user visible changes are: * The library dependencies for OpenLDAP seem to change fairly frequently, and GnuPG's configure script cannot guess all the combinations. Use ./configure LDAPLIBS="-L libdir -l libs" to override the script and use the libraries selected. * Secret keys generated with --export-secret-subkeys are now indicated in key listings with a '#' after the "sec", and in --with-colons listings by showing no capabilities (no lowercase characters). * --trusted-key has been un-obsoleted, as it is useful for adding ultimately trusted keys from the config file. It is identical to using --edit and "trust" to change a key to ultimately trusted. * The usual bug fixes as well as fixes to build problems on some systems. Note that patch-aa and patch-ab are no longer needed as was, patch-aa now contains fixes to handle dlsym errors properly. Also now include libiconv/buildlink2.mk as gnupg looks for iconv. Fixes pkg/18221. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.35 2002/10/09 14:16:55 itojun Exp $ d5 1 d68 1 @ 1.35 log @upgrade to 1.2.0, from skrueger@@europe.com 2002-09-21 Werner Koch Released 1.2.0. * configure.ac: Bumbed version number and set development version to no. 2002-09-19 David Shaw * configure.ac: Try linking LDAP as just -lldap as it seems very recent OpenLDAPs (>=2.0.23) support that. 2002-09-14 David Shaw * configure.ac: Try linking LDAP without -lresolv first, just in case the platform has libresolv, but doesn't actually need it to use LDAP. 2002-09-12 David Shaw * NEWS: Note that the old IDEA plugin won't work with post-1.1.90 gpg. 2002-09-11 Werner Koch Released 1.1.92. * configure.ac (random_modules): The default random module for system lacking a /dev/random is now auto selected at runtime. 2002-09-09 David Shaw * NEWS: typo. * configure.ac: Add a link test for LDAP without -lresolv for HPUX. Remove "hstrerror" test as it is no longer needed. 2002-09-02 Werner Koch * README: Removed the note about a development version so that we later don't forget this. Minor other changes. 2002-08-29 Werner Koch * configure.ac (random_modules): Reworked the code to select the random module. Define USE_ALL_RANDOM_MODULES for value all. 2002-08-27 David Shaw * configure.ac: Check type of mode_t. * NEWS: Clarify that --libexecdir is a configure option. * configure.ac: Check for hstrerror. 2002-08-19 David Shaw * NEWS: Document new ways to enable MDC, and change in automatic compression disabling. * configure.ac: No such thing as the "none" random gather any longer. 2002-08-08 David Shaw * configure.ac: Add an --enable-tiger. * NEWS: Clarify new permission checks. 2002-08-07 David Shaw * configure.ac: If the static IDEA cipher is present, disable dynamic loading. Also fix backwards grammar of keyserver exec-path CHECKING message. 2002-08-05 Werner Koch * configure.ac: Bumbed version number. 2002-08-04 Werner Koch Released 1.1.91. * configure.ac (ALL_LINGUAS): Added Catalan. 2002-08-02 Werner Koch * configure.ac: Removed all extension stuff but keep the tests for dlopen. We don't need to figure out the flags required. All stuff is now statically loaded. 2002-07-30 David Shaw * README, configure.ac: --with-exec-path is now clarified into --disable-keyserver-path * NEWS: changes since 1.1.90. 2002-07-24 David Shaw * configure.ac: Include a GNUPG_LIBEXECDIR in g10defs.h, as well as a SUBST for Makefiles. 2002-07-22 Timo Schulz * configure.ac: Replace the 'c:/' variables with 'c:\' due to the fact we already use '\' in the remaining code. 2002-07-08 David Shaw * configure.ac: Add --with-mailprog to override the use of sendmail with another MTA. We can use anything that follows the "$MAILPROG -t" convention. 2002-07-04 David Shaw * configure.ac: --enable-exec-path should be a 'with'. Fix 'no' cases of --with-exec-path and --with-photo-viewer. * README: Document --disable-exec, --disable-photo-viewers, --disable-keyserver-helpers, --enable-exec-path, and --with-photo-viewer. * configure.ac: Add --with-photo-viewer to lock the viewer at compile time and --disable-keyserver-helpers and --disable-photo-viewers to allow disabling one without disabling the other. 2002-07-03 David Shaw * configure.ac: Allow setting USE_EXEC_PATH to lock the exec-path to a fixed value. 2002-07-01 Werner Koch * configure.ac: Set version number to 1.1.91. Released 1.1.90. * INSTALL: Replaced by generic install file. * README: Marked as development version and moved most stuff of the old INSTALL file to here. 2002-06-30 Werner Koch * configure.ac: Link W32 version against libwsock32. 2002-06-29 Werner Koch * configure.ac (development_version): New. (HAVE_DEV_RANDOM_IOCTL): Removed test for it; it was never used. * BUGS, AUTHORS: Add a note on how to send security related bug reports. 2002-06-20 David Shaw * NEWS: changes since 1.0.7. * configure.ac: Set new version number (1.1.90), and fix Solaris compiler flags for shared objects. 2002-06-11 David Shaw * configure.ac: Move -lsocket and -lnsl checks before LDAP link tests so they work properly on Solaris. Noted by David Champion. Also, check for the Mozilla LDAP library if the OpenLDAP library check fails. Put -lsocket and -lnsl in NETLIBS rather than LIBS so not all programs are forced to link to them. 2002-06-05 David Shaw * configure.ac: Add a switch for the experimental external HKP keyserver interface. 2002-05-22 Werner Koch * configure.ac: Check for strcasecmp and strncasecmp. Removed stricmp and memicmp checks. 2002-05-08 David Shaw * configure.ac: If LDAP comes up unusable, try #including before giving up. Old versions of OpenLDAP require that. 2002-05-03 David Shaw * configure.ac: In g10defs.h, use \ for the directory separator when HAVE_DOSISH_SYSTEM is on. * configure.ac: Add --disable-exec flag to disable all remote program execution. --disable-exec implies --disable-ldap and --disable-mailto. Also look in /usr/lib for sendmail. If sendmail is not found, do not default - just fail. 2002-04-30 David Shaw * configure.ac: Try and link to a sample LDAP program to check if the LDAP we're about to use is really sane. The most common problem (using a very old OpenLDAP), could be fixed with an extra #include, but this would not be very portable to other LDAP libraries. @ text @d1 1 a1 1 # $NetBSD$ d4 1 a4 1 DISTNAME= gnupg-1.2.0 d64 1 @ 1.34 log @Belated bump to nb2, following fixes to dlsym return checks to work properly against -current. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.33 2002/08/25 21:50:36 jlam Exp $ d4 1 a4 2 DISTNAME= gnupg-1.0.7 PKGREVISION= 2 d6 9 a14 2 MASTER_SITES= ftp://ftp.gnupg.org/pub/gcrypt/gnupg/ # don't remove this -- we may add idea.c to it below a21 1 USE_BUILDLINK2= yes d25 1 d27 1 d31 1 a31 1 INFO_FILES= gpgv.info d35 7 a41 1 BUILD_DEFS+= USE_IDEA d45 3 a47 5 LICENCE= fee-based-commercial-use MASTER_SITES+= ftp://ftp.gnupg.org/pub/gcrypt/contrib/ DISTFILES+= idea.c.20010605 EXTRACT_ONLY= ${DISTNAME}${EXTRACT_SUFX} PLIST_SUBST+= IDEA="" d49 3 a51 2 post-extract: ${CP} ${_DISTDIR}/idea.c.20010605 ${WRKSRC}/idea.c d53 3 a55 6 post-build: cd ${WRKSRC} && \ ${BUILDLINK_CC} ${CFLAGS} -shared -Wl,-Bshareable -fPIC -o idea idea.c post-install: ${INSTALL_PROGRAM} ${WRKSRC}/idea ${PREFIX}/lib/gnupg d57 2 a58 1 PLIST_SUBST+= IDEA="@@comment " d60 3 @ 1.33 log @Merge packages from the buildlink2 branch back into the main trunk that have been converted to USE_BUILDLINK2. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.31.2.2 2002/08/25 21:21:04 jlam Exp $ d5 1 a5 1 PKGREVISION= 1 @ 1.32 log @Correct wrong detection of /dev/random in GnuPG 1.0.7 on NetBSD. Bumped PKGREVISION to 1, changed PLIST accordingly and added 2 patches for configure and configure.ac. Patches were sent to gnupg-bugs@@gnu.org. Thomas Klausner approved. @ text @d1 1 a1 1 # $NetBSD$ d16 1 a16 1 USE_BUILDLINK_ONLY= yes d39 1 a39 1 ${CP} ${_DISTDIR}/idea.c.20010605 ${WRKSRC}/idea.c d42 2 a43 2 cd ${WRKSRC} && \ ${CC} ${CFLAGS} -shared -Wl,-Bshareable -fPIC -o idea idea.c d46 1 a46 1 ${INSTALL_PROGRAM} ${WRKSRC}/idea ${PREFIX}/lib/gnupg d51 3 a53 2 .include "../../devel/gettext-lib/buildlink.mk" .include "../../devel/zlib/buildlink.mk" @ 1.31 log @Update to 1.0.7. * Secret keys are now stored and exported in a new format which uses SHA-1 for integrity checks. This format renders the Rosa/Klima attack useless. Other OpenPGP implementations might not yet support this, so the option --simple-sk-checksum creates the old vulnerable format. * The default cipher algorithm for encryption is now CAST5, default hash algorithm is SHA-1. This will give us better interoperability with other OpenPGP implementations. * Symmetric encrypted messages now use a fixed file size if possible. This is a tradeoff: it breaks PGP 5, but fixes PGP 2, 6, and 7. Note this was only an issue with RFC-1991 style symmetric messages. * Photographic user ID support. This uses an external program to view the images. * Enhanced keyserver support via keyserver "plugins". GnuPG comes with plugins for the NAI LDAP keyserver as well as the HKP email keyserver. It retains internal support for the HKP HTTP keyserver. * Nonrevocable signatures are now supported. If a user signs a key nonrevocably, this signature cannot be taken back so be careful! * Multiple signature classes are usable when signing a key to specify how carefully the key information (fingerprint, photo ID, etc) was checked. * --pgp2 mode automatically sets all necessary options to ensure that the resulting message will be usable by a user of PGP 2.x. * --pgp6 mode automatically sets all necessary options to ensure that the resulting message will be usable by a user of PGP 6.x. * Signatures may now be given an expiration date. When signing a key with an expiration date, the user is prompted whether they want their signature to expire at the same time. * Revocation keys (designated revokers) are now supported if present. There is currently no way to designate new keys as designated revokers. * Permissions on the .gnupg directory and its files are checked for safety. * --expert mode enables certain silly things such as signing a revoked user id, expired key, or revoked key. * Some fixes to build cleanly under Cygwin32. * New tool gpgsplit to split OpenPGP data formats into packets. * New option --preserve-permissions. * Subkeys created in the future are not used for encryption or signing unless the new option --ignore-valid-from is used. * Revoked user-IDs are not listed unless signatures are listed too or we are in verbose mode. * There is no default comment string with ascii armors anymore except for revocation certificates and --enarmor mode. * The command "primary" in the edit menu can be used to change the primary UID, "setpref" and "updpref" can be used to change the preferences. * Fixed the preference handling; since 1.0.5 they were erroneously matched against against the latest user ID and not the given one. * RSA key generation. * It is now possible to sign and conventional encrypt a message (-cs). * The MDC feature flag is supported and can be set by using the "updpref" edit command. * The status messages GOODSIG and BADSIG are now returning the primary UID, encoded using %XX escaping (but with spaces left as spaces, so that it should not break too much) * Support for GDBM based keyrings has been removed. * The entire keyring management has been revamped. * The way signature stati are store has changed so that v3 signatures can be supported. To increase the speed of many operations for existing keyrings you can use the new --rebuild-keydb-caches command. * The entire key validation process (trustdb) has been revamped. See the man page entries for --update-trustdb, --check-trustdb and --no-auto-check-trustdb. * --trusted-keys is again obsolete, --edit can be used to set the ownertrust of any key to ultimately trusted. * A subkey is never used to sign keys. * Read only keyrings are now handled as expected. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.30 2002/02/18 15:14:39 seb Exp $ d5 1 @ 1.31.2.1 log @Convert from using buildlink1 to using the new buildlink2 framework. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.31 2002/05/07 18:48:46 wiz Exp $ d15 1 a15 1 USE_BUILDLINK2= yes d38 1 a38 1 ${CP} ${_DISTDIR}/idea.c.20010605 ${WRKSRC}/idea.c d41 2 a42 2 cd ${WRKSRC} && \ ${BUILDLINK_CC} ${CFLAGS} -shared -Wl,-Bshareable -fPIC -o idea idea.c d45 1 a45 1 ${INSTALL_PROGRAM} ${WRKSRC}/idea ${PREFIX}/lib/gnupg d50 2 a51 3 .include "../../devel/gettext-lib/buildlink2.mk" .include "../../devel/zlib/buildlink2.mk" @ 1.31.2.2 log @Merge changes in the main trunk into the buildlink2 branch for those packages that have been converted to USE_BUILDLINK2. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.31.2.1 2002/07/01 17:45:08 jlam Exp $ a4 1 PKGREVISION= 1 @ 1.30 log @Introduce new framework for handling info files generation and installation. Summary of changes: - removal of USE_GTEXINFO - addition of mk/texinfo.mk - inclusion of this file in package Makefiles requiring it - `install-info' substituted by `${INSTALL_INFO}' in PLISTs - tuning of mk/bsd.pkg.mk: removal of USE_GTEXINFO INSTALL_INFO added to PLIST_SUBST `${INSTALL_INFO}' replace `install-info' in target rules print-PLIST target now generate `${INSTALL_INFO}' instead of `install-info' - a couple of new patch files added for a handful of packages - setting of the TEXINFO_OVERRIDE "switch" in packages Makefiles requiring it - devel/cssc marked requiring texinfo 4.0 - a couple of packages Makefiles were tuned with respect of INFO_FILES and makeinfo command usage See -newly added by this commit- section 10.24 of Packages.txt for further information. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.29 2001/10/27 07:00:53 jlam Exp $ d4 1 a4 1 DISTNAME= gnupg-1.0.6 d23 1 a23 1 INFO_FILES= gpg.info gpgv.info @ 1.29 log @Remove commented USE_LIBINTL definitions ... we already use the gettext-lib/buildlink.mk file. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.28 2001/06/28 19:13:24 jlam Exp $ d52 1 @ 1.28 log @Convert to use buildlink.mk files and mark as USE_BUILDLINK_ONLY. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.27 2001/06/04 23:41:36 wiz Exp $ a19 1 #USE_LIBINTL= yes @ 1.27 log @Use slightly modified idea.c, which recognizes NetBSD PowerPC machines as big endian. Makes gnupg work with IDEA support on ppc machines. XXX: Probably similar changes needed for some other big-endian platforms. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.26 2001/05/31 13:30:02 wiz Exp $ d15 1 d20 1 a20 1 USE_LIBINTL= yes d51 2 a52 5 .if ${OPSYS} == "SunOS" DEPENDS+= zlib-1.1.3:../../devel/zlib LDFLAGS+= -L${LOCALBASE}/lib .endif @ 1.26 log @Update to 1.0.6, provided by Nathan Ahlstrom in pkg/13069. Changes: Fixed a format string bug which is exploitable if --batch is not used. Checked all translations for format strings bugs. Removed the Russian translation due to too many bugs. Fixed keyserver access and expire time calculation. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.25 2001/05/14 13:40:04 wiz Exp $ d33 1 a33 1 DISTFILES+= idea.c d38 1 a38 1 ${CP} ${_DISTDIR}/idea.c ${WRKSRC} @ 1.25 log @Update to 1.0.5, provided by Mark White in private mail. Some pkg related changes by me. Changes since 1.0.4: * WARNING: The semantics of --verify have changed to address a problem with detached signature detection. --verify now ignores signed material given on stdin unless this is requested by using a "-" as the name for the file with the signed material. Please check all your detached signature handling applications and make sure that they don't pipe the signed material to stdin without using a filename together with "-" on the the command line. * WARNING: Corrected hash calculation for input data larger than 512M - it was just wrong, so you might notice bad signature in some very big files. It may be wise to keep an old copy of GnuPG around. * Secret keys are no longer imported unless you use the new option --allow-secret-key-import. This is a kludge and future versions will handle it in another way. * New command "showpref" in the --edit-key menu to show an easier to understand preference listing. * There is now the notation of a primary user ID. For example, it is printed with a signature verification as the first user ID; revoked user IDs are not printed there anymore. In general the primary user ID is the one with the latest self-signature. * New --charset=utf-8 to bypass all internal conversions. * Large File Support (LFS) is now working. * New options: --ignore-crc-error, --no-sig-create-check, --no-sig-cache, --fixed_list_mode, --no-expensive-trust-checks, --enable-special-filenames and --use-agent. See man page. * New command --pipemode, which can be used to run gpg as a co-process. Currently only the verification of detached signatures are working. See doc/DETAILS. * Rewritten key selection code so that GnuPG can better cope with multiple subkeys, expire dates and so. The drawback is that it is slower. * A whole lot of bug fixes. * The verification status of self-signatures are now cached. To increase the speed of key list operations for existing keys you can do the following in your GnuPG homedir (~/.gnupg): $ cp pubring.gpg pubring.gpg.save && $ gpg --export-all >x && \ rm pubring.gpg && gpg --import x Only v4 keys (i.e not the old RSA keys) benefit from this caching. * New translations: Estonian, Turkish. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.24 2001/03/31 11:14:30 zuntum Exp $ d4 1 a4 1 DISTNAME= gnupg-1.0.5 @ 1.24 log @o Fix/add quoting o Respect ${CFLAGS} @ text @d1 1 a1 2 # $NetBSD: Makefile,v 1.23 2001/03/27 03:20:15 hubertf Exp $ # FreeBSD Id: Makefile,v 1.20 1997/08/27 13:06:01 ache Exp d4 1 a4 2 DISTNAME= gnupg-1.0.4 PKGNAME= ${DISTNAME}nb3 a9 4 PATCHFILES= gnupg-1.0.4.security-patch1.diff PATCH_SITES= ftp://ftp.gnupg.org/pub/gcrypt/gnupg/ PATCH_DIST_STRIP= -p1 d22 2 @ 1.23 log @Change BUILD_DEPENDS semantics: first component is now a package name+version/pattern, no more executable/patchname/whatnot. While there, introduce BUILD_USES_MSGFMT as shorthand to pull in devel/gettext unless /usr/bin/msgfmt exists (i.e. on post-1.5 -current). Patch by Alistair Crooks @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.22 2001/02/17 17:49:45 wiz Exp $ d46 1 a46 1 ${CC} -shared -Wl,-Bshareable -fPIC -o idea idea.c @ 1.22 log @Update to new COMMENT style: COMMENT var in Makefile instead of pkg/COMMENT. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.21 2001/02/15 12:04:37 wiz Exp $ d20 1 a20 1 BUILD_DEPENDS+= msgfmt:../../devel/gettext @ 1.21 log @Update to 1.0.4nb3: incorporate a security fix by the author. (Which also includes completely unrelated patch-ac.) Closes pkg/12208. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.20 2001/01/29 11:53:02 wiz Exp $ d18 1 @ 1.20 log @Update gnupg to 1.0.4nb2: Fix a bug in ~/.gnupg creation. Honor USE_IDEA, and add the IDEA extension in that case. Addresses pkg/11876. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.19 2000/11/30 00:11:26 wiz Exp $ d6 1 a6 1 PKGNAME= ${DISTNAME}nb2 d11 4 @ 1.19 log @change DEPENDS on gettext to BUILD_DEPENDS on msgfmt @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.18 2000/11/12 14:28:48 wiz Exp $ d6 1 a6 1 PKGNAME= ${DISTNAME}nb1 d9 2 d22 2 d26 7 d34 14 @ 1.18 log @Declare some symbols static in twofish.c (for details see lib/11458). Patch provided by Olaf Seibert. Bump version number to 1.0.4nb1. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.17 2000/11/10 02:35:02 wiz Exp $ d13 1 a13 1 DEPENDS+= gettext>=0.10.35nb1:../../devel/gettext @ 1.17 log @Update to 1.0.4. Changes since 1.0.3: * Fixed a serious bug which could lead to false signature verification results when more than one signature is fed to gpg. This is the primary reason for releasing this version. * New utility gpgv which is a stripped down version of gpg to be used to verify signatures against a list of trusted keys. * Rijndael (AES) is now supported and listed with top preference. * --with-colons now works with --print-md[s]. Based on an update provided by Mipam . @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.16 2000/10/11 09:57:45 itojun Exp $ d6 1 @ 1.16 log @recover DEPENDS @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.15 2000/10/11 09:57:30 itojun Exp $ d5 1 a5 1 DISTNAME= gnupg-1.0.3 d17 1 @ 1.15 log @update to 1.0.3. Noteworthy changes in version 1.0.3 (2000-09-18) ------------------------------------------------ * Fixed problems with piping to/from other MS-Windows software * Expiration time of the primary key can be changed again. * Revoked user IDs are now marked in the output of --list-key * New options --show-session-key and --override-session-key to help the British folks to somewhat minimize the danger of this Orwellian RIP bill. * New options --merge-only and --try-all-secrets. * New configuration option --with-egd-socket. * The --trusted-key option is back after it left us with 0.9.5 * RSA is supported. Key generation does not yet work but will come soon. * CAST5 and SHA-1 are now the default algorithms to protect the key and for symmetric-only encryption. This should solve a couple of compatibility problems because the old algorithms are optional according to RFC2440 * Twofish and MDC enhanced encryption is now used. PGP 7 supports this. Older versions of GnuPG don't support it, so they should be upgraded to at least 1.0.2 @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.14 2000/09/09 19:40:21 fredb Exp $ d12 1 a12 1 #DEPENDS+= gettext>=0.10.35nb1:../../devel/gettext @ 1.14 log @Reorganize crypto handling, as discussed on tech-pkg. Remove all RESTRICTED= variables that were predicated on former U.S. export regulations. Add CRYPTO=, as necessary, so it's still possible to exclude all crypto packages from a build by setting MKCRYPTO=no (but "lintpkgsrc -R" will no longer catch them). Specifically, - - All packages which set USE_SSL just lose their RESTRICTED variable, since MKCRYPTO responds to USE_SSL directly. - - realplayer7 and ns-flash keep their RESTRICTED, which is based on license terms, but also gain the CRYPTO variable. - - srp-client is now marked broken, since the distfile is evidently no longer available. On this, we're no worse off than before. [We haven't been mirroring the distfile, or testing the build!] - - isakmpd gets CRYPTO for RESTRICTED, but remains broken. - - crack loses all restrictions, as it does not evidently empower a user to utilize strong encryption (working definition: ability to encode a message that requires a secret key plus big number arithmetic to decode). @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.13 2000/08/18 22:46:47 hubertf Exp $ d5 1 a5 1 DISTNAME= gnupg-1.0.2 d12 1 a12 1 DEPENDS+= gettext>=0.10.35nb1:../../devel/gettext @ 1.13 log @Replace MIRROR_DISTFILES and NO_CDROM with the more descriptive and more fine-grained NO_{BIN,SRC}_ON_{FTP,CDROM} definitions. MIRROR_DISTFILES and NO_CDROM are now dead. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.12 2000/07/31 04:14:10 jlam Exp $ d14 2 a16 6 GNU_CONFIGURE= yes RESTRICTED= "Cryptographic software" NO_SRC_ON_FTP= ${RESTRICTED} MIRROR_DISTFILE=no @ 1.12 log @The gettext package gained a shared library. For all packages which link against libintl.so, update the dependency on gettext to >=0.10.35nb1. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.11 2000/07/16 23:05:38 wiz Exp $ d19 1 @ 1.11 log @Man page is not distributed by itself anymore. (undo last commit, fix it correctly) @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.10 2000/07/16 17:10:24 mason Exp $ d12 1 a12 1 DEPENDS+= gettext-0.10.*:../../devel/gettext @ 1.10 log @Corrected distfile name (two places) so package builds. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.9 2000/07/15 11:25:57 wiz Exp $ a7 1 DISTFILES= ${DISTNAME}${EXTRACT_SUFX} gnupg-1.0.2.tar.gz a28 3 pre-configure: ${GUNZIP_CMD} -c ${DISTDIR}/gnupg-1.0.2.tar.gz > ${WRKSRC}/doc/gpg.1 @ 1.9 log @Set maintainer to wiz@@netbsd.org. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.8 2000/07/15 11:24:27 wiz Exp $ d8 1 a8 1 DISTFILES= ${DISTNAME}${EXTRACT_SUFX} gpg.1.gz d32 1 a32 1 ${GUNZIP_CMD} -c ${DISTDIR}/gpg.1.gz > ${WRKSRC}/doc/gpg.1 @ 1.8 log @Update gnupg to 1.0.2. NetBSD changes had been mailed to author and have been integrated. Relevant Changes: * Fixed expiration handling of encryption keys. * Add an experimental feature to do unattended key generation. * The user is now asked for the reason of revocation as required by the new OpenPGP draft. * There is a ~/.gnupg/random_seed file now which saves the state of the internal RNG and increases system performance somewhat. This way the full entropy source is only used in cases were it is really required. Use the option --no-random-seed-file to disable this feature. * New options --ignore-time-conflict and --lock-never. * Encryption is now much faster: About 2 times for 1k bit keys and 8 times for 4k keys. * New encryption keys are generated in a way which allows a much faster decryption. * New command --export-secret-subkeys which outputs the _primary_ key with it's secret parts deleted. This is useful for automated decryption/signature creation as it allows to keep the real secret primary key offline and thereby protecting the key certificates and allowing to create revocations for the subkeys. See the FAQ for a procedure to install such secret keys. * Keygeneration now writes to the first writeable keyring or as default to the one in the homedirectory. Prior versions ignored all --keyring options. * New option --command-fd to take user input from a file descriptor; to be used with --status-fd by software which uses GnuPG as a backend. * There is a new status PROGRESS which is used to show progress during key generation. * Support for the new MDC encryption packets. To create them either --force-mdc must be use or cipher algorithm with a blocksize other than 64 bits is to be used. --openpgp currently disables MDC packets entirely. This option should not yet be used. * New option --no-auto-key-retrieve to disable retrieving of a missing public key from a keyerver, when a keyerver has been set. * Danish, Esperanto, Japanese, Dutch, and Swedish translations @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.7 2000/03/02 08:21:31 wiz Exp $ d10 1 a10 1 MAINTAINER= packages@@NetBSD.ORG @ 1.7 log @Fetch and install man page, as noted by Markus Kurek in pkg/9519. Also defuzz patches. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.6 2000/02/27 04:16:55 wiz Exp $ d5 1 a5 1 DISTNAME= gnupg-1.0.1 @ 1.6 log @Update gnupg to 1.0.1, as PR'd by Takahiro Kambe in pkg/9477. Changes since 1.0.0: * New command --verify-files. New option --fast-list-mode. * $http_proxy is now used when --honor-http-proxy is set. * Fixed some minor bugs and the problem with conventional encrypted packets which did use the gpg v3 partial length headers. * Add Indonesian and Portugese translations. * Fixed a bug with symmetric-only encryption using the non-default 3DES. The option --emulate-3des-s2k-bug may be used to decrypt documents which have been encrypted this way; this should be done immediately as this workaround will be remove in 1.1 * Can now handle (but not display) PGP's photo IDs. I don't know the format of that packet but after stripping a few bytes from the start it looks like a JPEG (at least my test data). Handling of this package is required because otherwise it would mix up the self signatures and you can't import those keys. * Passing non-ascii user IDs on the commandline should now work in all cases. * New keys are now generated with an additional preference to Blowfish. * Removed the GNU Privacy Handbook from the distribution as it will go into a separate one. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.5 2000/01/10 19:11:09 hubertf Exp $ d8 1 d24 2 d30 3 @ 1.5 log @be consistent on which version to wildcard @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.4 1999/12/02 15:50:43 frueauf Exp $ d5 1 a5 1 DISTNAME= gnupg-1.0.0 @ 1.4 log @Update gnupg to 1.0.0. As sideeffect this fixes pr 8826 and pr 8606. /* XXX someone should test this in i386/aout, maybe that broke in exchange, so someone would need to fix it. I have no system to test on. But since this package was totaly broken, its an improvement... XXX */ Noteworthy changes in version 1.0.0 (1999-09-07) ----------------------------------- * Add a very preliminary version of the GNU Privacy Handbook to the distribution (lynx doc/gph/index.html). * Changed the version number to GnuPG 2001 ;-) Noteworthy changes in version 0.9.11 ------------------------------------ * UTF-8 strings are now correctly printed (if --charset is set correctly). Output of --with-colons remains C-style escaped UTF-8. * Workaround for a problem with PGP 5 detached signature in textmode. * Fixed a problem when importing new subkeys (duplicated signatures). Noteworthy changes in version 0.9.10 ------------------------------------ * Some strange new options to help pgpgpg * Cleaned up the dox a bit. Noteworthy changes in version 0.9.9 ----------------------------------- * New options --[no-]utf8-strings. * New edit-menu commands "enable" and "disable" for entire keys. * You will be asked for a filename if gpg cannot deduce one. * Changes to support libtool which is needed for the development of libgcrypt. * New script tools/lspgpot to help transferring assigned trustvalues from PGP to GnuPG. * New commands --lsign-key and made --sign-key a shortcut for --edit and sign. * New options (#122--126 ;-) --[no-]default-recipient[-self], --disable-{cipher,pubkey}-algo. See the man page. * Enhanced info output in case of multiple recipients and fixed exit code. * New option --allow-non-selfsigned-uid to work around a problem with the German IN way of separating signing and encryption keys. Noteworthy changes in version 0.9.8 ----------------------------------- * New subcommand "delsig" in the edit menu. * The name of the output file is not anymore the one which is embedded in the processed message, but the used filename with the extension stripped. To revert to the old behaviour you can use the option --use-embedded-filename. * Another hack to cope with pgp2 generated detached signatures. * latin-2 character set works (--charset=iso-8859-2). * New option --with-key-data to list the public key parameters. New option -N to insert notations and a --set-policy-url. A couple of other options to allow reseting of options. * Better support for HPUX. Noteworthy changes in version 0.9.7 ----------------------------------- * Add some work arounds for a bugs in pgp 2 which led to bad signatures when used with canonical texts in some cases. * Enhanced some status outputs. Noteworthy changes in version 0.9.6 ----------------------------------- * Twofish is now statically linked by default. The experimental 128 bit version is now disabled. Full support will be available as soon as the OpenPGP WG has decided on an interpretation of rfc2440. * Dropped support for the ancient Blowfish160 which is not OpenPGP. * Merged gpgm and gpg into one binary. * Add "revsig" and "revkey" commands to the edit menu. It is now possible to revoke signature and subkeys. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.3 1999/04/09 09:39:20 agc Exp $ d12 1 a12 1 DEPENDS+= gettext-0.10.35:../../devel/gettext @ 1.3 log @Make this package work on Solaris. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.2 1999/04/08 15:22:40 mellon Exp $ d5 1 a5 1 DISTNAME= gnupg-0.9.5 d7 1 a7 1 MASTER_SITES= ftp://ftp.gnupg.org/pub/gcrypt/ d10 7 a16 1 HOMEPAGE= http://www.gnupg.org a17 1 GNU_CONFIGURE= yes @ 1.2 log @Undo some damage pkglint insisted on. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.1 1999/04/07 23:01:27 mellon Exp $ a11 2 .include "../../mk/bsd.prefs.mk" d15 7 @ 1.1 log @GNU Privacy Guard (a PGP replacement) @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.17 1999/04/05 17:14:13 mycroft Exp $ d12 1 a12 1 .include "../../mk/bsd.pkg.mk" d17 2 @