Fwd: Re: [Announce] GnuPG 2.1.1 released
Hi Werner, Apologies, I'm an idiot. The option is still there. Optional Features: --disable-option-checking ignore unrecognized --enable/--with options --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) --enable-FEATURE[=ARG] include FEATURE [ARG=yes] --disable-dependency-tracking speeds up one-time build --enable-dependency-tracking do not reject slow dependency extractors --disable-gpg do not build the gpg program --disable-gpgsm do not build the gpgsm program --disable-agent do not build the agent program --disable-scdaemon do not build the scdaemon program --disable-g13 do not build the g13 program --disable-dirmngr do not build the dirmngr program --disable-tools do not build the tools program --disable-doc do not build the doc program --enable-symcryptrunbuild the symcryptrun program --disable-gpgtardo not build the gpgtar program --enable-gpg2-is-gpgSet installed name of gpg2 to gpg Apologies for the false positive before. Cheers, and Happy New Year, Dom Sent from OS X. If you wish to communicate more securely my PGP Public Key is 0x872524db9d74326c. Forwarded Message Subject: Re: [Announce] GnuPG 2.1.1 released Date: Thu, 18 Dec 2014 20:19:56 + From: Dominyk Tiller To: gnupg-users@gnupg.org CC: w...@gnupg.org Apologies, that option is indeed gone. I was trying to pass it anyhow, in order to use an external (but up-to-date) gpg-agent as my agent, because that's how I was configuring the 2.0.x branch, "--disable-agent --with-agent-pgm=/usr/local/opt/gpg-agent/bin/gpg-agent". When I went to build this new release of the 2.1.x branch I just automatically passed those configure options, and when the configure script didn't flag the option as unrecognised I wondered if it was a bug that it was erroring out. I should have probably double-checked to see if I was just being stupid ;). Cheers for the reply, Dom Sent from OS X. If you wish to communicate more securely my PGP Public Key is 0x872524db9d74326c. On 18/12/2014 08:35, Werner Koch wrote: > On Wed, 17 Dec 2014 13:54, dominyktil...@gmail.com said: > >> I'm still hitting a new one though. If you attempt to compile using an >> external gpg-agent, rather than one with the package, you hit this: > > You mean an option --disable-agent? Do we still have this option - it > needs to be removed. gpg-agent is not optional. > > > > Salam-Shalom, > >Werner > signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] GnuPG 2.1.1 released
On 12/19/14 11:28 AM, Ludwig Hügelschäfer wrote: | On 19.12.14 18:09, Doug Barton wrote: | |> Thank you for the time you've spent on this, but a minor quibble if |> you don't mind. Could you please provide signatures for the dmg |> files, | | Open the .dmg and you'll notice the signature of the Installer | (Install.pkg). If you look at (what in my mind are) the parallels in Windows (exes/installers) and Unix (tarballs) I don't have to perform any actions on them at all prior to verifying the signatures. I'd like to have the same luxury for the dmg file. In addition to the above, the 1 signature only covers that 1 item, there are other items in the dmg file. Now that said, perhaps it is my relative unfamiliarity with the dmg format that is causing my concern. It seems to me (on experience and some reading, both limited) that there are "things" that happen when I open one, similar to the autoplay feature for optical discs in Windows. That's part of the reason I'd like to be able to verify the dmg before opening it. If that last concern is misplaced, then I am less hesitant, however it would still seem to be a good operational practice to sign the whole blob. Admittedly that is less tidy, as now you have two files to keep track of instead of one, but since I use all 3 OS', it's not particularly burdensome from my perspective. Doug ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] GnuPG 2.1.1 released
Hi, On Saturday 20 December 2014 12:21:08 Werner Koch wrote: > Thus I do not think that Authenticate would harm even given that it is > possible to buy the private key for an existing Authenticode certificate. I actually love authenticode. It means that you can do some steps to get to the "Operating System" level of trust. Sure you can buy your way into this but that is the Operating System level of trust that is asserted through HTTPS connections / Windows Update and so on. It is weak, i grant you that, but it is at least _some_ automatic authentication of binaries. I'm playing a game on a Windows Machine currently (Archeage) that requires administrative access for each launch!,.. and they did not even care to sign their binary. This is just security sadism. (I keep my GNU/Linux partitions on which i do any work or store secrets encrypted) In a different project at intevation we signed all binaries in our installer keeping packaging and building on different systems. As we won't expose our private keys to propietary systems that meant running wine to create the nsis uninstaller, Maybe this is also something for the future of gpg4win. (Btw. We use osslsigncode which is a really great tool that allows you to create authenticode PKCS#7 signatures under GNU/Linux.) With regards to the original question. I'd be happy to sign your experimental gnupg only installers with our code signing certificate (and be quick about it) after verifying your signature. Intevation trusts g10code (we heavilly use gnupg internally where the source is verified by Werner) Regards, Andre signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] GnuPG 2.1.1 released
On Fri, 19 Dec 2014 18:22, r...@sixdemonbag.org said: > While we're on the subject -- it might be nice for GnuPG to be able to > issue proper Authenticode-signed Windows binaries. Code signing > certificates are fairly affordable although the paperwork is a headache. Actually we (Intevation in his case) do this for Gpg4win. People seem to like this although I do not see a real security benefit in it. If you look at the download stats for December | Version| tar/exe | sig | % | |+-+--+| | 2.1.0/tar | 837 | 419 | 50 | | 2.0.26/tar |4770 | 1635 | 34 | | 1.4.18/tar |1451 | 429 | 30 | | 1.4.18/exe | 635 | 110 | 17 | (which also include automated downloads from mirrors not using rsync) It shows that less than 20% of the Windows users check the signatures. It might of course be their first gpg download and thus can't make use of the signature anyway. However, given the number of the tarball downloads it is obvious verification of signatures is not a standard procedure. Thus I do not think that Authenticate would harm even given that it is possible to buy the private key for an existing Authenticode certificate. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] GnuPG 2.1.1 released
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 19.12.14 18:09, Doug Barton wrote: > Thank you for the time you've spent on this, but a minor quibble if > you don't mind. Could you please provide signatures for the dmg > files, Open the .dmg and you'll notice the signature of the Installer (Install.pkg). Ludwig -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCgAGBQJUlHxTAAoJEA52XAUJWdLj8noH/i5l4Q89Oq7cnmjoIprVMSY+ fXY8QTwXTckHSNJgHLnqg3go6rKIPaQJozzFPHVeyj+J2NJB6vRlmG5oLQIN1LQI 89LX4o2t7hpF6GfbpdQ3OozaRxb5idHdSVrtelA/NG45U8UNmFgcJNL8aXYvFvLF 6FCzRkWL3Uw7cg5b5jqIISzAiMoAS7tzFYnhKAUjTTIxgR1QRHsfske/OQq7xMce 8Zqo91RiaqvRLfPG4bmpvbgD5gDv5zCqccjJ+s7Pm2xLboDLn7xgT/XoPuLMEh+Y eFxaGGF3GehVSgtduL6dgF3EgeZtZsl2Whap5BmvIeidVN+HMq9x4siZBc3o7VY= =q5dG -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] GnuPG 2.1.1 released
> Thank you for the time you've spent on this, but a minor quibble if you > don't mind. Could you please provide signatures for the dmg files, and > ideally sign the messages you send to the list about them? While we're on the subject -- it might be nice for GnuPG to be able to issue proper Authenticode-signed Windows binaries. Code signing certificates are fairly affordable although the paperwork is a headache. "It might be nice" doesn't mean "we should do this," of course. :) Just it might be nice, and maybe we ought think about it some. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] GnuPG 2.1.1 released
On 12/17/14 9:02 AM, Patrick Brunschwig wrote: I created an installer for GnuPG 2.1.1 on Mac OS X, available from here: http://sourceforge.net/projects/gpgosx/files/ Patrick, Thank you for the time you've spent on this, but a minor quibble if you don't mind. Could you please provide signatures for the dmg files, and ideally sign the messages you send to the list about them? Doug ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] GnuPG 2.1.1 released
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 18.12.14 09:58, Werner Koch wrote: > On Wed, 17 Dec 2014 18:02, patr...@enigmail.net said: > >> I created an installer for GnuPG 2.1.1 on Mac OS X, available >> from here: > > Is that one already useful for general public and shall I add it to > the download page? Yes, it is - I'd love to see it on the download page :-) - -Patrick -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJUlFURAAoJEMk25cDiHiw+ObwIAMMjdG1j5i+3imGktJE2Z1ZS Fp7deEyCFGt7eX3GJS5mKOKBUCmEI8uOofcFhp8V9hh41FSNXrXBMIHU13MElQsB 2rx7Kc3HKFge1adJ2GHuXr5KACt7x7XFVWp+Wevpdt+JfFZUZw3NhhUSq/UXQ4uX DZ4MmXcWMpmYCPpJmkF8CMhGAMCqGmSdgrJQ7mHbL+gFIGclrSqtJARsCXa+uN8R HsZB45bzveohzGS7hVk3u9E8d+Urec6RD/o/VxBarIEpAV7boivgegwRwlb4bE1l kWvzc9g2ycYv9oche6F/TS3+5/e+VK0xYWGxb+mlFqo+EMZDOYLZ8dJ74j/I+pc= =K7CN -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] GnuPG 2.1.1 released
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Friday 19 December 2014 at 7:33:35 AM, in , Werner Koch wrote: > I think I fixed this wrong error message yesterday in > the npth library. No new release yet, though. Comparing --photo-viewer gpg.conf lines with Paul Kapaldo on PGPNET, Paul had no quotes around the path and it was working for him. I removed the quotes to test. (I had always had them in because a path with spaces normally needs them.) It seems --photo-viewer works in 2.0.x and 2.1.x without quotes around the path, and errors with the quotes in place. (1.4.x accepts it with or without). - -- Best regards MFPAmailto:2014-667rhzu3dc-lists-gro...@riseup.net The problem is not that we're paranoid; it's that we're not paranoid enough. -BEGIN PGP SIGNATURE- iQF8BAEBCgBmBQJUlFBoXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2 QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwRxsH/20OkR9CGnq6M/Q511hiIN/4 H2WwBLnb/9X5Yzw/kO66XmnlE5p1mO2hH8zFYcOnPJz1P9CMXxzvfDrDGx/naL1r TflZgnVOElMax7MGS+veRP2ITZ9CObvz1QZr79Z/PAgA+Ng3f8Lbs4v0a45c1VQN N32faQJnTKh372EGXlggjRO3pPSIQ2u6/DatrdMfbziYjaofndVM4zatwIZmdgiL JG07Rr2G1e3ZD5USkoYuDYa3x2qST+DSJqkJ+jlgCsfj9fkwVqZ3AnV6slLqzX4K vn6wH4O0GzD52FI+IhbXMs0QXDIWba0tutHo7UpfEmcEz6edtNdyqqC/nRNiiWuI vgQBFgoAZgUCVJRQbV8UgAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45JwHAQA9FeMnnwA+TSSoQUa0ezPtYajM RgCRRcQzNk79I/jcfAEAS+8WkVC6IxhoA/kcxqEDqwcEG6Laz8u39cUxTpqSEQY= =N4ED -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] GnuPG 2.1.1 released
Apologies, that option is indeed gone. I was trying to pass it anyhow, in order to use an external (but up-to-date) gpg-agent as my agent, because that's how I was configuring the 2.0.x branch, "--disable-agent --with-agent-pgm=/usr/local/opt/gpg-agent/bin/gpg-agent". When I went to build this new release of the 2.1.x branch I just automatically passed those configure options, and when the configure script didn't flag the option as unrecognised I wondered if it was a bug that it was erroring out. I should have probably double-checked to see if I was just being stupid ;). Cheers for the reply, Dom Sent from OS X. If you wish to communicate more securely my PGP Public Key is 0x872524db9d74326c. On 18/12/2014 08:35, Werner Koch wrote: > On Wed, 17 Dec 2014 13:54, dominyktil...@gmail.com said: > >> I'm still hitting a new one though. If you attempt to compile using an >> external gpg-agent, rather than one with the package, you hit this: > > You mean an option --disable-agent? Do we still have this option - it > needs to be removed. gpg-agent is not optional. > > > > Salam-Shalom, > >Werner > signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] GnuPG 2.1.1 released
On Thu, 18 Dec 2014 22:50, 2014-667rhzu3dc-lists-gro...@riseup.net said: > gpg: system error while calling external program: Permission denied > gpg: unable to display photo ID! ^ > > instead of:- > > gpg: system error while calling external program: No error > gpg: unable to display photo ID! I think I fixed this wrong error message yesterday in the npth library. No new release yet, though. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] GnuPG 2.1.1 released
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Thursday 18 December 2014 at 9:03:45 AM, in , Werner Koch wrote: > I don't see any chnage in this part of the code. Did > it worked in 2.0? I had not used 2.0 much at all because my email app of choice doesn't play nice with it (but is fine with 2.1). I have 2.0.20 and 2.0.26 to hand; I just tested with them and found it didn't work for me. For both of these, the error message was slightly different than I see with 2.1:- gpg: system error while calling external program: Permission denied gpg: unable to display photo ID! ^ instead of:- gpg: system error while calling external program: No error gpg: unable to display photo ID! > Can you test on Unix too? (Debugging there is much > easier for me). The best I can do is try to get my Linux partition working again, if the wife doesn't invent too much that "needs" doing over Christmas. - -- Best regards MFPAmailto:2014-667rhzu3dc-lists-gro...@riseup.net After all is said and done, a lot more will be said than done. -BEGIN PGP SIGNATURE- iQF8BAEBCgBmBQJUk0wwXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2 QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwZc8IAIEkdqDjV5WK7Y6cHZF2Vi54 JCDD0U1set5Cs0nczv7jFTXAI15JIsw5brWRcPlKzDM4uBwNgnhFBC5Arr4f/UHB 2Yd1cmaGFE90ArQ4j9resAZ6Pv0MIvbvL3GwL/kvUAU6gPAqS72PlO9dyafmIbYz id6xDJCwOpJFT5XVYSAThJ2n/+Ao4KuOMsPqt9sU1QdSMNJwKS7MUdFil/85AK1p kIW7I/sIK+sLYwrvDIon3T8V/Za/eMeJVjM8AgD1A7pNbynh161hV9bH+GHXNGxC GkM1Kbj4ufK0dkow9ZEhwKeQnG7wx8Y+bcUoFJ9KNIorfEke/wU+b3ZQP87DrSuI vgQBFgoAZgUCVJNMOF8UgAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45LljAQCATOKlAtFkQd+KRGSeO4QLj/HR PXMd+g/TcollLscJNQEATn+VQZ6opqQZxDvtAewoqSRSYLGBETmzJhKiA0Wjgw8= =GTud -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] GnuPG 2.1.1 released
On Thursday 18 December 2014 10:59:09 Dave Pawson wrote: > Running Fedora 21, 64 bit. > ./configure gave error > missing ksba > Downloaded. > ./configure gave libgpg-error is needed. > > # yum install --disablerepo=Dropbox libgpg-error > Loaded plugins: langpacks > Package libgpg-error-1.13-3.fc21.x86_64 already installed and latest version > Nothing to do > > Circular error? I guess you are lacking the development package of libgpg-error. It's probably called libgpg-error-devel. Whenever you want to build something yourself you have to install the development packages of all dependencies. Normal users don't need them. Therefore they are usually not installed by default. Regards, Ingo signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] GnuPG 2.1.1 released
On Thu, 18 Dec 2014 11:59, dave.paw...@gmail.com said: > ./configure gave libgpg-error is needed. configure shows you which version of which libaries you need. Please install them. The versions which come with your OS are usually too old. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] GnuPG 2.1.1 released
Running Fedora 21, 64 bit. ./configure gave error missing ksba Downloaded. ./configure gave libgpg-error is needed. # yum install --disablerepo=Dropbox libgpg-error Loaded plugins: langpacks Package libgpg-error-1.13-3.fc21.x86_64 already installed and latest version Nothing to do Circular error? regards On 16 December 2014 at 16:36, Werner Koch wrote: > Hello! > > The GnuPG Project is pleased to announce the availability of the > second release of GnuPG modern: Version 2.1.1. > > The GNU Privacy Guard (GnuPG) is a complete and free implementation of > the OpenPGP standard as defined by RFC-4880 and better known as PGP. > > GnuPG, also known as GPG, allows to encrypt and sign data and > communication, features a versatile key management system as well as > access modules for public key directories. GnuPG itself is a command > line tool with features for easy integration with other applications. > A wealth of frontend applications and libraries making use of GnuPG > are available. Since version 2 GnuPG provides support for S/MIME and > Secure Shell in addition to OpenPGP. > > GnuPG is Free Software (meaning that it respects your freedom). It can > be freely used, modified and distributed under the terms of the GNU > General Public License. > > Three different versions of GnuPG are actively maintained: > > - GnuPG "modern" (2.1) is the latest development with a lot of new > features. This announcement is about the first release of this > version. > > - GnuPG "stable" (2.0) is the current stable version for general use. > This is what most users are currently using. > > - GnuPG "classic" (1.4) is the old standalone version which is most > suitable for older or embedded platforms. > > You may not install "modern" (2.1) and "stable" (2.0) at the same > time. However, it is possible to install "classic" (1.4) along with > any of the other versions. > > > What's New in GnuPG-2.1 > === > > * gpg: Detect faulty use of --verify on detached signatures. > > * gpg: New import option "keep-ownertrust". > > * gpg: New sub-command "factory-reset" for --card-edit. > > * gpg: A stub key for smartcards is now created by --card-status. > > * gpg: Fixed regression in --refresh-keys. > > * gpg: Fixed regresion in %g and %p codes for --sig-notation. > > * gpg: Fixed best matching hash algo detection for ECDSA and EdDSA. > > * gpg: Improved perceived speed of secret key listisngs. > > * gpg: Print number of skipped PGP-2 keys on import. > > * gpg: Removed the option aliases --throw-keyid and --notation-data; >use --throw-keyids and --set-notation instead. > > * gpg: New import option "keep-ownertrust". > > * gpg: Skip too large keys during import. > > * gpg,gpgsm: New option --no-autostart to avoid starting gpg-agent or >dirmngr. > > * gpg-agent: New option --extra-socket to provide a restricted >command set for use with remote clients. > > * gpgconf --kill does not anymore start a service only to kill it. > > * gpg-pconnect-agent: Add convenience option --uiserver. > > * Fixed keyserver access for Windows. > > * Fixed build problems on Mac OS X > > * The Windows installer does now install development files > > * More translations (but most of them are not complete). > > * To support remotely mounted home directories, the IPC sockets may >now be redirected. This feature requires Libassuan 2.2.0. > > * Improved portability and the usual bunch of bug fixes. > > A detailed description of the changes found in 2.1 can be found at > https://gnupg.org/faq/whats-new-in-2.1.html . > > > Getting the Software > > > Please follow the instructions found at https://gnupg.org/download/ or > read on: > > GnuPG 2.1.1 may be downloaded from one of the GnuPG mirror sites or > direct from its primary FTP server. The list of mirrors can be found > at https://gnupg.org/mirrors.html . Note that GnuPG is not available > at ftp.gnu.org. > > On ftp.gnupg.org you find these files: > > ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-2.1.1.tar.bz2 (4689k) > ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-2.1.1.tar.bz2.sig > > This is the GnuPG 2.1 source code compressed using BZIP2 and its > OpenPGP signature. > > ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32-2.1.1_20141216.exe (6364k) > ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32-2.1.1_20141216.exe.sig > > This is an *experimental* installer for Windows including GPA as > graphical key manager and GpgEX as an Explorer extension. Please > de-install an already installed Gpg4win version before trying this > installer. This binary version has not been tested very well, thus it > is likely that you will run into problems. The complete source code > for the software included in this installer is in the same directory > with ".exe" replaced by ".tar.xz". > > This version fixes a lot of bugs found after the release of 2.1.0 but > there are still known bugs which we are working on. Please check the > mailing list archives and
Re: [Announce] GnuPG 2.1.1 released
On Wed, 17 Dec 2014 22:21, 2014-667rhzu3dc-lists-gro...@riseup.net said: > Could there be a similar issue with the %i for --photo-viewer? > > photo-viewer "path\to\gpgview.exe" %i /title 0x%K.%t[%V] I don't see any chnage in this part of the code. Did it worked in 2.0? Can you test on Unix too? (Debugging there is much easier for me). Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] GnuPG 2.1.1 released
On Wed, 17 Dec 2014 18:02, patr...@enigmail.net said: > I created an installer for GnuPG 2.1.1 on Mac OS X, available from here: Is that one already useful for general public and shall I add it to the download page? Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] GnuPG 2.1.1 released
On Wed, 17 Dec 2014 13:54, dominyktil...@gmail.com said: > I'm still hitting a new one though. If you attempt to compile using an > external gpg-agent, rather than one with the package, you hit this: You mean an option --disable-agent? Do we still have this option - it needs to be removed. gpg-agent is not optional. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] GnuPG 2.1.1 released
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Tuesday 16 December 2014 at 4:36:19 PM, in , Werner Koch wrote: > * gpg: Fixed regresion in %g and %p codes for > --sig-notation. Could there be a similar issue with the %i for --photo-viewer? photo-viewer "path\to\gpgview.exe" %i /title 0x%K.%t[%V] seems to get me the message:- gpg: system error while calling external program: No error gpg: unable to display photo ID! - -- Best regards MFPAmailto:2014-667rhzu3dc-lists-gro...@riseup.net The secret to creativity is knowing how to hide your sources. -BEGIN PGP SIGNATURE- iQF8BAEBCgBmBQJUkfPlXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2 QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwya0H/jVscH4wzZlQ4EqlhXJHOKvL 9Th8s/FR8SLcVhjJ8lH0FjOJCooq+QquqFrCMj7FZRo6mKmG403zNpSPv202CPke jFKBcuML9Kdxg/sHOQRhTWYuh/dAfbm/RBCJ3+1xx36F0v9pIvaGq0ViS8DwHMsB bYivIfDcvlYl70IS2D5cxMc7TgH6+mNogAmU7Lm8R+u2OpfK0XbWMV9F4Vi93V9M pZ3EffBRwMZqMVjXmdaSCqa9RMIjDqRJJiTOEBl+TsKgztg1sDhijqFIt88EkSXv eieqJx12oYyfa3ri6AyjOpF0VMlTVQVHQ+s0kXxB83WbP2vOg3Summ4fO8TmzNyI vgQBFgoAZgUCVJHz7V8UgAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45O37AQBAm74Ib66ZbTWqSoD7uiPlBIk6 SG5wru7bfpv0ZZcj9QEAVGIhR34UcDoGXaj4NstNHYplD93pzoFqvsCEtnLaHQ0= =tvmk -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [Announce] GnuPG 2.1.1 released
Hi Werner, Thanks for the new release, It solves a lot of the OS X compile problems we were seeing, which is great. I'm still hitting a new one though. If you attempt to compile using an external gpg-agent, rather than one with the package, you hit this: clang -I/usr/local/Cellar/libgcrypt/1.6.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.1.3/include -I/usr/local/Cellar/libgpg-error/1.17/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -lresolv -o gpgsplit gpgsplit.o ../common/libcommon.a -L/usr/local/Cellar/libgcrypt/1.6.2/lib -lgcrypt -L/usr/local/Cellar/libgpg-error/1.17/lib -lgpg-error -L/usr/local/Cellar/libgpg-error/1.17/lib -lgpg-error -lz -lbz2 -lintl -Wl,-framework -Wl,CoreFoundation -liconv Making all in po Making all in doc /Applications/Xcode.app/Contents/Developer/usr/bin/make all-am clang -o yat2m ./yat2m.c for file in gnupg7.texi gpg.texi gpgsm.texi gpg-agent.texi dirmngr.texi scdaemon.texi tools.texi ; do \ ./yat2m -I . -D gpgtwoone --release "GnuPG 2.1.1" --source "GNU Privacy Guard 2.1" --store \ `test -f '$file' || echo './'`$file ; done yat2m: writing 'gnupg.7' yat2m: writing 'gpg2.1' yat2m: writing 'gpgsm.1' yat2m: writing 'gpg-agent.1' yat2m: writing 'dirmngr.8' yat2m: writing 'scdaemon.1' yat2m: writing 'watchgnupg.1' yat2m: writing 'gpgv2.1' yat2m: writing 'addgnupghome.8' yat2m: writing 'gpgconf.1' yat2m: writing 'applygnupgdefaults.8' yat2m: writing 'gpgsm-gencert.sh.1' yat2m: writing 'gpg-preset-passphrase.1' yat2m: writing 'gpg-connect-agent.1' yat2m: writing 'dirmngr-client.1' yat2m: writing 'gpgparsemail.1' yat2m: writing 'symcryptrun.1' yat2m: writing 'gpg-zip.1' Making all in tests Making all in openpgp make[3]: *** No rule to make target `../../agent/gpg-agent', needed by `all-local'. Stop. make[2]: *** [all-recursive] Error 1 make[1]: *** [all-recursive] Error 1 make: *** [all] Error 2 Any ideas? Cheers, Dom Sent from OS X. If you wish to communicate more securely my PGP Public Key is 0x872524db9d74326c. On 16/12/2014 16:36, Werner Koch wrote: > Hello! > > The GnuPG Project is pleased to announce the availability of the > second release of GnuPG modern: Version 2.1.1. > > The GNU Privacy Guard (GnuPG) is a complete and free implementation of > the OpenPGP standard as defined by RFC-4880 and better known as PGP. > > GnuPG, also known as GPG, allows to encrypt and sign data and > communication, features a versatile key management system as well as > access modules for public key directories. GnuPG itself is a command > line tool with features for easy integration with other applications. > A wealth of frontend applications and libraries making use of GnuPG > are available. Since version 2 GnuPG provides support for S/MIME and > Secure Shell in addition to OpenPGP. > > GnuPG is Free Software (meaning that it respects your freedom). It can > be freely used, modified and distributed under the terms of the GNU > General Public License. > > Three different versions of GnuPG are actively maintained: > > - GnuPG "modern" (2.1) is the latest development with a lot of new > features. This announcement is about the first release of this > version. > > - GnuPG "stable" (2.0) is the current stable version for general use. > This is what most users are currently using. > > - GnuPG "classic" (1.4) is the old standalone version which is most > suitable for older or embedded platforms. > > You may not install "modern" (2.1) and "stable" (2.0) at the same > time. However, it is possible to install "classic" (1.4) along with > any of the other versions. > > > What's New in GnuPG-2.1 > === > > * gpg: Detect faulty use of --verify on detached signatures. > > * gpg: New import option "keep-ownertrust". > > * gpg: New sub-command "factory-reset" for --card-edit. > > * gpg: A stub key for smartcards is now created by --card-status. > > * gpg: Fixed regression in --refresh-keys. > > * gpg: Fixed regresion in %g and %p codes for --sig-notation. > > * gpg: Fixed best matching hash algo detection for ECDSA and EdDSA. > > * gpg: Improved perceived speed of secret key listisngs. > > * gpg: Print number of skipped PGP-2 keys on import. > > * gpg: Removed the option aliases --throw-keyid and --notation-data; >use --throw-keyids and --set-notation instead. > > * gpg: New import option "keep-ownertrust". > > * gpg: Skip too large keys during import. > > * gpg,gpgsm: New option --no-autostart to avoid starting gpg-agent or >dirmngr. > > * gpg-agent: New option --extra-socket to provide a restricted >command set for use with remote clients. > > * gpgconf --kill does not anymore start a service only to kill it. > > * gpg-pconnect-agent: Add conv
Re: [Announce] GnuPG 2.1.1 released
On 16.12.14 17:36, Werner Koch wrote: > Hello! > > The GnuPG Project is pleased to announce the availability of the > second release of GnuPG modern: Version 2.1.1. > > The GNU Privacy Guard (GnuPG) is a complete and free implementation of > the OpenPGP standard as defined by RFC-4880 and better known as PGP. > > GnuPG, also known as GPG, allows to encrypt and sign data and > communication, features a versatile key management system as well as > access modules for public key directories. GnuPG itself is a command > line tool with features for easy integration with other applications. > A wealth of frontend applications and libraries making use of GnuPG > are available. Since version 2 GnuPG provides support for S/MIME and > Secure Shell in addition to OpenPGP. > > GnuPG is Free Software (meaning that it respects your freedom). It can > be freely used, modified and distributed under the terms of the GNU > General Public License. > > Three different versions of GnuPG are actively maintained: > > - GnuPG "modern" (2.1) is the latest development with a lot of new > features. This announcement is about the first release of this > version. > > - GnuPG "stable" (2.0) is the current stable version for general use. > This is what most users are currently using. > > - GnuPG "classic" (1.4) is the old standalone version which is most > suitable for older or embedded platforms. > > You may not install "modern" (2.1) and "stable" (2.0) at the same > time. However, it is possible to install "classic" (1.4) along with > any of the other versions. I created an installer for GnuPG 2.1.1 on Mac OS X, available from here: http://sourceforge.net/projects/gpgosx/files/GnuPG-2.1.1.dmg/download -Patrick ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
[Announce] GnuPG 2.1.1 released
Hello! The GnuPG Project is pleased to announce the availability of the second release of GnuPG modern: Version 2.1.1. The GNU Privacy Guard (GnuPG) is a complete and free implementation of the OpenPGP standard as defined by RFC-4880 and better known as PGP. GnuPG, also known as GPG, allows to encrypt and sign data and communication, features a versatile key management system as well as access modules for public key directories. GnuPG itself is a command line tool with features for easy integration with other applications. A wealth of frontend applications and libraries making use of GnuPG are available. Since version 2 GnuPG provides support for S/MIME and Secure Shell in addition to OpenPGP. GnuPG is Free Software (meaning that it respects your freedom). It can be freely used, modified and distributed under the terms of the GNU General Public License. Three different versions of GnuPG are actively maintained: - GnuPG "modern" (2.1) is the latest development with a lot of new features. This announcement is about the first release of this version. - GnuPG "stable" (2.0) is the current stable version for general use. This is what most users are currently using. - GnuPG "classic" (1.4) is the old standalone version which is most suitable for older or embedded platforms. You may not install "modern" (2.1) and "stable" (2.0) at the same time. However, it is possible to install "classic" (1.4) along with any of the other versions. What's New in GnuPG-2.1 === * gpg: Detect faulty use of --verify on detached signatures. * gpg: New import option "keep-ownertrust". * gpg: New sub-command "factory-reset" for --card-edit. * gpg: A stub key for smartcards is now created by --card-status. * gpg: Fixed regression in --refresh-keys. * gpg: Fixed regresion in %g and %p codes for --sig-notation. * gpg: Fixed best matching hash algo detection for ECDSA and EdDSA. * gpg: Improved perceived speed of secret key listisngs. * gpg: Print number of skipped PGP-2 keys on import. * gpg: Removed the option aliases --throw-keyid and --notation-data; use --throw-keyids and --set-notation instead. * gpg: New import option "keep-ownertrust". * gpg: Skip too large keys during import. * gpg,gpgsm: New option --no-autostart to avoid starting gpg-agent or dirmngr. * gpg-agent: New option --extra-socket to provide a restricted command set for use with remote clients. * gpgconf --kill does not anymore start a service only to kill it. * gpg-pconnect-agent: Add convenience option --uiserver. * Fixed keyserver access for Windows. * Fixed build problems on Mac OS X * The Windows installer does now install development files * More translations (but most of them are not complete). * To support remotely mounted home directories, the IPC sockets may now be redirected. This feature requires Libassuan 2.2.0. * Improved portability and the usual bunch of bug fixes. A detailed description of the changes found in 2.1 can be found at https://gnupg.org/faq/whats-new-in-2.1.html . Getting the Software Please follow the instructions found at https://gnupg.org/download/ or read on: GnuPG 2.1.1 may be downloaded from one of the GnuPG mirror sites or direct from its primary FTP server. The list of mirrors can be found at https://gnupg.org/mirrors.html . Note that GnuPG is not available at ftp.gnu.org. On ftp.gnupg.org you find these files: ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-2.1.1.tar.bz2 (4689k) ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-2.1.1.tar.bz2.sig This is the GnuPG 2.1 source code compressed using BZIP2 and its OpenPGP signature. ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32-2.1.1_20141216.exe (6364k) ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32-2.1.1_20141216.exe.sig This is an *experimental* installer for Windows including GPA as graphical key manager and GpgEX as an Explorer extension. Please de-install an already installed Gpg4win version before trying this installer. This binary version has not been tested very well, thus it is likely that you will run into problems. The complete source code for the software included in this installer is in the same directory with ".exe" replaced by ".tar.xz". This version fixes a lot of bugs found after the release of 2.1.0 but there are still known bugs which we are working on. Please check the mailing list archives and https://wiki.gnupg.org for known problems and workaround. Checking the Integrity == In order to check that the version of GnuPG which you are going to install is an original and unmodified one, you can do it in one of the following ways: * If you already have a version of GnuPG installed, you can simply verify the supplied signature. For example to verify the signature of the file gnupg-2.1.1.tar.bz2 you would use this command: gpg --verify gnupg-2.1.1.tar.bz2.sig gnupg-2.1.1.tar.bz2 This checks whether the signature fi
