Page MenuHome GnuPG
Files F36623075

No OneTemporary
Actions

View Options

This document is not UTF8. It was detected as ISO-8859-1 (Latin 1) and converted to UTF8 for display.
diff --git a/ChangeLog b/ChangeLog
index bd145e902..133da26f4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,1338 +1,1340 @@
2003-11-30 David Shaw <dshaw@jabberwocky.com>
+ * README: Add --with-zlib, --with-bzip2, and --without-bzip2.
+
* README: Update version number. Add BZIP2. Remove Elgamal
sign+encrypt.
2003-11-29 David Shaw <dshaw@jabberwocky.com>
* NEWS: Note that the only thing we will generate with an Elgamal
sign+encrypt key is a revocation.
2003-11-12 David Shaw <dshaw@jabberwocky.com>
* NEWS: Note BZIP2 and --symmetric --encrypt.
2003-10-30 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Locate libbz2 for bzip2 compression support.
2003-10-27 David Shaw <dshaw@jabberwocky.com>
* configure.ac (DLLIBS): Work properly on platforms where dlopen
and friends are in libc instead of libdl.
2003-10-21 Werner Koch <wk@gnupg.org>
* configure.ac (PRINTABLE_OS_NAME): Remove special case for The
Hurd; Robert Millan reported that the uname test is now
sufficient.
2003-09-03 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Check for UINT64_C to go along with uint64_t.
2003-08-21 Werner Koch <wk@gnupg.org>
Released 1.2.3.
2003-08-20 David Shaw <dshaw@jabberwocky.com>
* THANKS: Thank Nelson H. F. Beebe.
2003-07-30 Werner Koch <wk@gnupg.org>
Released 1.2.3rc1.
2003-07-29 David Shaw <dshaw@jabberwocky.com>
* NEWS: Cite DETAILS.
* README: Note problem with gcc < 2.96 and non-gnu as.
2003-07-27 David Shaw <dshaw@jabberwocky.com>
* NEWS: Note %g and %p, the "tru" --with-colons record, and the
REVKEYSIG --status-fd tag.
* README: Add a note about the SunOS symbol underscore problem and
how to fix it.
2003-06-19 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Include wsock32 in W32LIBS. This is different
from NETLIBS so we don't need to force other platforms to pull in
the netlibs when they aren't actually needed.
2003-06-19 Werner Koch <wk@gnupg.org>
Released 1.2.3rc1.
* configure.ac (ALL_LINGUAS): Added Romanian
2003-06-18 David Shaw <dshaw@jabberwocky.com>
* NEWS: Note portability changes.
2003-06-14 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Check for sigset_t and struct sigaction. This is
for Forte c89 on Solaris which seems to define only the function
call half of the two pairs by default.
2003-05-28 David Shaw <dshaw@jabberwocky.com>
* NEWS: Document --gnupg and the deprecation of --no-openpgp and
--no-pgpX.
* configure.ac: Put wsock32 in NETLIBS. Put zlib in ZLIBS. Put
dl in DLLIBS. Check for getopt.h if available. Look for getopt()
in libiberty if libc doesn't have it. Enable GPGKEYS_HKP after
AC_PROG_CC so that any needed extension (i.e. ".exe") is defined.
2003-05-21 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Edit preprocessor instructions in g10defs.h to
remove whitespace before the '#'. This is not required by C89,
but there are some compilers out there that don't like it.
2003-05-09 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Simpler implementation for the 64-bit question -
we don't need to verify compiler support with a test program since
we just cast everything to the proper type. This also means that
cross compiling doesn't become a problem.
* configure.ac: Check for 64-bit types, and how well the compiler
supports them (LL) before enabling TIGER/192, SHA-384, or SHA-512.
2003-05-08 David Shaw <dshaw@jabberwocky.com>
* README: Remove note about HP/UX inline problem since autoconf
now handles this automatically.
* configure.ac: Remove some stuff no longer needed with newer
autoconf. Use AC_GNU_SOURCE instead of defining _GNU_SOURCE
manually. Add check for strchr() for gettext. Add "ngettext"
check for gettext, since that check supposedly implies a check for
bind_textdomain_codeset. Add check for times() for random.c. Fix
URL for EGD.
2003-05-01 Werner Koch <wk@gnupg.org>
Released 1.2.2.
2003-04-30 David Shaw <dshaw@jabberwocky.com>
* NEWS: Note trust bug fix.
2003-04-29 David Shaw <dshaw@jabberwocky.com>
* NEWS: Add note about TIGER being dropped from OpenPGP.
* README: Add note about the HP/UX inline problem. Fix all URLs
to point to the right place in the reorganized gnupg.org web
pages. Some minor language fixes.
2003-04-27 David Shaw <dshaw@jabberwocky.com>
* NEWS: Add sig version, pk algo, hash algo, and sig class to
VALIDSIG.
* BUGS: Fix bug reporting URL.
2003-04-24 Werner Koch <wk@gnupg.org>
* configure.ac (ALL_LINGUAS): Added Hungarian translation by Nagy
Ferenc László.
2003-04-23 David Shaw <dshaw@jabberwocky.com>
* configure.ac: "TIGER" -> "TIGER/192".
* README: Put back proper copyright line.
2003-04-16 Werner Koch <wk@gnupg.org>
Released 1.2.2rc2.
2003-04-15 Werner Koch <wk@gnupg.org>
* configure.ac (ALL_LINGUAS): Add Slovak translation.
* configure.ac (HAVE_DOSISH_SYSTEM): New automake conditional.
* acinclude.m4 (GNUPG_CHECK_ENDIAN): Fixed quoting of r.e. using
quadrigraphs.
2003-04-08 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Big warning that TIGER is being removed from the
standard.
2003-04-08 Werner Koch <wk@gnupg.org>
* Makefile.am (EXTRA_DIST): Add autogen.sh wrapper which is
useful for some cross-compiling targets.
2003-04-07 David Shaw <dshaw@jabberwocky.com>
* acinclude.m4: Fix URL to faqprog.pl.
* README: Add --enable-sha512 switch and update version number and
copyright date.
* NEWS: Add note about SHA-256/384/512.
2003-03-24 Werner Koch <wk@gnupg.org>
* configure.ac: Test for ranlib and ar.
2003-03-12 Werner Koch <wk@gnupg.org>
* acinclude.m4 (GNUPG_CHECK_ENDIAN): When crosscompiling assume
little only for Intel CPUs.
2003-02-19 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Define @CAPLIBS@ to link in -lcap if we are using
capabilities.
2003-02-11 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Add --enable-sha512 switch to add SHA384/512
support.
2003-02-06 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Do not set GNUPG_LIBEXECDIR in ./configure, so
that makefiles can override it.
2003-02-02 David Shaw <dshaw@jabberwocky.com>
* configure.ac (ALL_LINGUAS): Needs to be on one line to avoid
problems during ./configure.
* NEWS: Note new --with-colons disabled key flag and new "revuid"
command.
2003-01-07 Werner Koch <wk@gnupg.org>
Released 1.2.2rc1.
* configure.ac (ALL_LINGUAS): Added fi and zh_TW.
2003-01-06 David Shaw <dshaw@jabberwocky.com>
* NEWS: Add notes about disabled keys and trustdb tweaks.
2002-12-04 David Shaw <dshaw@jabberwocky.com>
* NEWS: Add note about convert-from-106 script.
2002-11-25 David Shaw <dshaw@jabberwocky.com>
* NEWS: Add notes about notation names and '@', the "--trust-model
always" option, and non-optimized memory wiping.
2002-11-09 Werner Koch <wk@gnupg.org>
* configure.ac: Check for ctermid().
2002-10-31 David Shaw <dshaw@jabberwocky.com>
* Makefile.am: Put gnupg.spec in the root directory so rpm -ta
works.
* configure.ac: Add a check for volatile.
2002-10-25 Werner Koch <wk@gnupg.org>
Released 0.2.1.
2002-10-24 Werner Koch <wk@gnupg.org>
* configure.ac (GPGKEYS_LDAP,GPGKEYS_HKP): Add $EXEEXT.
2002-10-21 Werner Koch <wk@gnupg.org>
* configure.ac (try_gettext): Remove special case for cygwin.
This removes all the DOS specific macros and let Cygwin work like
a real OS. Needs a couple of changes elsewhere but after all,
GnuPG presents itself much more like a Posix program and can be
used in a full Cygwin environment; e.g. used along with mutt.
Changes suggested by Volker Quetschke.
* acinclude.m4 (GNUPG_SYS_NM_PARSE): Allow for underscore in test
symbols. Useful for Cygwin builds.
(GNUPG_SYS_SYMBOL_UNDERSCORE): Don't hardwire to yes for Cygwin.
2002-10-17 Werner Koch <wk@gnupg.org>
Released 1.2.1rc1.
* README: Add an installation note for Darwin 6.1.
2002-10-16 David Shaw <dshaw@jabberwocky.com>
* README: Some typo fixes from Florian Weimer, and bump version
number.
2002-10-15 David Shaw <dshaw@jabberwocky.com>
* NEWS: Some 1.2.1 notes.
2002-10-12 Werner Koch <wk@gnupg.org>
* configure.ac (NAME_OF_DEV_URANDOM): Don't use /dev/srandom for
NetBSD. Noted by Christian Biere.
2002-10-07 David Shaw <dshaw@jabberwocky.com>
* configure.ac: OpenLDAP 2.0.27 changed the dependencies again.
Add a "LDAPLIBS" variable so users can try and suggest the right
dependencies for their platform.
2002-10-02 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Make "new" the default for TIGER. Still use
--enable-new-tiger to select new from autoconf.
* configure.ac: Use a new option (--enable-new-tiger) to enable
TIGER with the correct OID.
2002-09-25 David Shaw <dshaw@jabberwocky.com>
* THANKS: Remove duplicate.
* configure.ac: Add NETLIBS to EGDLIBS when using EGD as EGD uses
sockets.
2002-09-21 Werner Koch <wk@gnupg.org>
Released 1.2.0.
* configure.ac: Bumbed version number and set development version
to no.
2002-09-19 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Try linking LDAP as just -lldap as it seems very
recent OpenLDAPs (>=2.0.23) support that.
2002-09-14 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Try linking LDAP without -lresolv first, just in
case the platform has libresolv, but doesn't actually need it to
use LDAP.
2002-09-12 David Shaw <dshaw@jabberwocky.com>
* NEWS: Note that the old IDEA plugin won't work with post-1.1.90
gpg.
2002-09-11 Werner Koch <wk@gnupg.org>
Released 1.1.92.
* configure.ac (random_modules): The default random module for
system lacking a /dev/random is now auto selected at runtime.
2002-09-09 David Shaw <dshaw@jabberwocky.com>
* NEWS: typo.
* configure.ac: Add a link test for LDAP without -lresolv for
HPUX. Remove "hstrerror" test as it is no longer needed.
2002-09-02 Werner Koch <wk@gnupg.org>
* README: Removed the note about a development version so that we
later don't forget this. Minor other changes.
2002-08-29 Werner Koch <wk@gnupg.org>
* configure.ac (random_modules): Reworked the code to select the
random module. Define USE_ALL_RANDOM_MODULES for value all.
2002-08-27 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Check type of mode_t.
* NEWS: Clarify that --libexecdir is a configure option.
* configure.ac: Check for hstrerror.
2002-08-19 David Shaw <dshaw@jabberwocky.com>
* NEWS: Document new ways to enable MDC, and change in automatic
compression disabling.
* configure.ac: No such thing as the "none" random gather any
longer.
2002-08-08 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Add an --enable-tiger.
* NEWS: Clarify new permission checks.
2002-08-07 David Shaw <dshaw@jabberwocky.com>
* configure.ac: If the static IDEA cipher is present, disable
dynamic loading. Also fix backwards grammar of keyserver
exec-path CHECKING message.
2002-08-05 Werner Koch <wk@gnupg.org>
* configure.ac: Bumbed version number.
2002-08-04 Werner Koch <wk@gnupg.org>
Released 1.1.91.
* configure.ac (ALL_LINGUAS): Added Catalan.
2002-08-02 Werner Koch <wk@gnupg.org>
* configure.ac: Removed all extension stuff but keep the tests for
dlopen. We don't need to figure out the flags required. All
stuff is now statically loaded.
2002-07-30 David Shaw <dshaw@jabberwocky.com>
* README, configure.ac: --with-exec-path is now clarified into
--disable-keyserver-path
* NEWS: changes since 1.1.90.
2002-07-24 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Include a GNUPG_LIBEXECDIR in g10defs.h, as well
as a SUBST for Makefiles.
2002-07-22 Timo Schulz <ts@winpt.org>
* configure.ac: Replace the 'c:/' variables with 'c:\' due
to the fact we already use '\' in the remaining code.
2002-07-08 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Add --with-mailprog to override the use of
sendmail with another MTA. We can use anything that follows the
"$MAILPROG -t" convention.
2002-07-04 David Shaw <dshaw@jabberwocky.com>
* configure.ac: --enable-exec-path should be a 'with'. Fix 'no'
cases of --with-exec-path and --with-photo-viewer.
* README: Document --disable-exec, --disable-photo-viewers,
--disable-keyserver-helpers, --enable-exec-path, and
--with-photo-viewer.
* configure.ac: Add --with-photo-viewer to lock the viewer at
compile time and --disable-keyserver-helpers and
--disable-photo-viewers to allow disabling one without disabling
the other.
2002-07-03 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Allow setting USE_EXEC_PATH to lock the exec-path
to a fixed value.
2002-07-01 Werner Koch <wk@gnupg.org>
* configure.ac: Set version number to 1.1.91.
Released 1.1.90.
* INSTALL: Replaced by generic install file.
* README: Marked as development version and moved most stuff of
the old INSTALL file to here.
2002-06-30 Werner Koch <wk@gnupg.org>
* configure.ac: Link W32 version against libwsock32.
2002-06-29 Werner Koch <wk@gnupg.org>
* configure.ac (development_version): New.
(HAVE_DEV_RANDOM_IOCTL): Removed test for it; it was never used.
* BUGS, AUTHORS: Add a note on how to send security related bug
reports.
2002-06-20 David Shaw <dshaw@jabberwocky.com>
* NEWS: changes since 1.0.7.
* configure.ac: Set new version number (1.1.90), and fix Solaris
compiler flags for shared objects.
2002-06-11 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Move -lsocket and -lnsl checks before LDAP link
tests so they work properly on Solaris. Noted by David Champion.
Also, check for the Mozilla LDAP library if the OpenLDAP library
check fails. Put -lsocket and -lnsl in NETLIBS rather than LIBS
so not all programs are forced to link to them.
2002-06-05 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Add a switch for the experimental external HKP
keyserver interface.
2002-05-22 Werner Koch <wk@gnupg.org>
* configure.ac: Check for strcasecmp and strncasecmp. Removed
stricmp and memicmp checks.
2002-05-08 David Shaw <dshaw@jabberwocky.com>
* configure.ac: If LDAP comes up unusable, try #including <lber.h>
before giving up. Old versions of OpenLDAP require that.
2002-05-03 David Shaw <dshaw@jabberwocky.com>
* configure.ac: In g10defs.h, use \ for the directory separator
when HAVE_DOSISH_SYSTEM is on.
* configure.ac: Add --disable-exec flag to disable all remote
program execution. --disable-exec implies --disable-ldap and
--disable-mailto. Also look in /usr/lib for sendmail. If
sendmail is not found, do not default - just fail.
2002-04-30 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Try and link to a sample LDAP program to check if
the LDAP we're about to use is really sane. The most common
problem (using a very old OpenLDAP), could be fixed with an extra
#include, but this would not be very portable to other LDAP
libraries.
2002-04-29 Werner Koch <wk@gnupg.org>
Released 1.0.7.
* README: Fixed some minor things.
2002-04-25 Werner Koch <wk@gnupg.org>
* configure.ac: Check for locale.h and setlocale
2002-04-24 David Shaw <dshaw@jabberwocky.com>
* Update NEWS with recent changes.
2002-04-19 Werner Koch <wk@gnupg.org>
Released 1.0.6e snapshot.
2002-04-12 Werner Koch <wk@gnupg.org>
* configure.ac: Add a warning note to the definition of the
EXTSEP macros.
2002-04-09 Werner Koch <wk@gnupg.org>
* configure.ac (ALL_LINGUAS): Added Czech, Galician and Greek
translations. s/es_ES/es/.
2002-03-06 Werner Koch <wk@gnupg.org>
* configure.ac (ALL_LINGUAS): s/pt_PT/pt/
2002-03-04 David Shaw <dshaw@jabberwocky.com>
* Add a AC_DEFINE(_GNU_SOURCE). Since this is always defined in
config.h, the various autoconf tests should be tested with it
enabled. This also works around a compiler warning caused by a
minor header bug in glibc 2.1 that causes fseeko to be defined
when building gpg, but not when tested for in configure.
2002-03-03 Werner Koch <wk@gnupg.org>
Release 1.0.6d snapshot.
2002-01-04 David Shaw <dshaw@jabberwocky.com>
* NEWS: about symmetric messages and fixed file sizes.
2001-12-22 Werner Koch <wk@gnupg.org>
Released 1.0.6c snapshot.
* configure.ac (AH_BOTTOM): Moved EXEC_TEMPFILE_ONLY to here.
* acconfig.h: Removed, it should no longer be used.
2001-12-21 David Shaw <dshaw@jabberwocky.com>
* Add an acconfig.h to define EXEC_TEMPFILE_ONLY on platforms that
can't do fork/exec.
2001-12-21 Werner Koch <wk@gnupg.org>
* Makefile.am (dist-hook): We should also look in include for
distfiles.
(EXTRA_DIST): Remove VERSION because it is generated by dist-hook.
2001-12-20 David Shaw <dshaw@jabberwocky.com>
* configure.ac: replacement function for mkdtemp()
2001-12-19 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Check for stat()
2001-12-19 Werner Koch <wk@gnupg.org>
* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Support Cygwin target
* configure.ac [CYGWIN32]: Don't build tiger. By Disastry.
2001-12-18 Werner Koch <wk@gnupg.org>
* Makefile.am (SUBDIRS): Add keyserver.
(dist-hook): Only look in mpi and scripts for distfiles; this way
we don't include those of a stale "make dist" directory.
2001-10-23 Werner Koch <wk@gnupg.org>
Released 1.0.6b snapshot.
2001-10-22 Werner Koch <wk@gnupg.org>
* configure.ac: Fixed for automake 1.5
2001-10-17 Werner Koch <wk@gnupg.org>
* README: Removed note on local_ID.
2001-09-28 Werner Koch <wk@gnupg.org>
* configure.ac: From now on add a string "-cvs" to the version to
indicate that this is a pre-release of the given version number.
2001-09-26 Werner Koch <wk@gnupg.org>
* configure.ac [MINGW32]: Switched from wsock.dll to ws2_32.dll.
2001-09-09 Werner Koch <wk@gnupg.org>
* configure.ac: autoconf changed the name of the maintainer mode
flag, so that not all warnings where enabled. Fixed that.
Reported by Dirk Meyer.
2001-09-07 Werner Koch <wk@gnupg.org>
* configure.ac: Test for strsep().
2001-09-03 Werner Koch <wk@gnupg.org>
* configure.ac: Removed GDBM tests.
2001-08-23 Werner Koch <wk@gnupg.org>
* configure.in (AC_FUNC_FSEEKO): Add.
(AC_CHECK_FUNCS): Remove fseeko. By Paul Eggert <eggert@twinsun.com>.
2001-08-22 Werner Koch <wk@gnupg.org>
* configure.ac (gethrtime): Enhanced the test by running a test
program.
* INSTALL: Removed the note about Solaris problems because the
above test should catch this.
2001-08-20 Werner Koch <wk@gnupg.org>
* acinclude.m4: Add check for plock if mlock is broken.
* configure.ac: Use regular tests for -lsocket and -lnsl,
more thorough test for gethrtime, allow specifying the path to
the zlib library if it is not in the default compiler/linker
search path, use ${datadir}. All these test enhancements are by
Albert Chin.
* configure.ac: Set some compiler flags for dec-osf and hpux. By
Tim Mooney.
* configure.ac: Create g10defs.h with EXTSEP_S et al.
2001-08-03 Werner Koch <wk@gnupg.org>
* configure.ac (VERSION,PACKAGE): Fixed quoting.
2001-07-26 Werner Koch <wk@gnupg.org>
* configure.ac: Finally got it running with the new autoconf. Had
to define PACKAGE and VERSION and to add -I.. to each Makefile.am.
2001-07-09 Werner Koch <wk@gnupg.org>
Migrated to autoconf 2.50.
* acinclude.m4: Removed the temporary LFS macros and GNUPG_LINK_FILES.
* acconfig.h: Removed
* configure.in: Replaced by...
* configure.ac: and modified for use with autoconf 2.50, use a
literal string for the version number. Replaced GNUPG_LINK_FILES
with AC_CONFIG_LINKS and moved some informational messages to the end.
* VERSION: Removed.
* Makefile.am (DISTCLEANFILES): gettext is better now; no more
need to remove the libintl.h symlink.
(dist-hook): Create VERSION file.
2001-06-08 Werner Koch <wk@gnupg.org>
* configure.in (DYNLINK_MOD_CFLAGS): Use -shared with dec-osf.
Reported by Chris Adams. Merged some cases.
2001-05-29 Werner Koch <wk@gnupg.org>
Released version 1.0.6.
2001-05-28 Werner Koch <wk@gnupg.org>
* configure.in (BUILD_INCLUDED_LIBINTL): Set to no for W32.
2001-04-29 Werner Koch <wk@gnupg.org>
Released version 1.0.5.
2001-04-28 Werner Koch <wk@gnupg.org>
Updated all copyright notices.
2001-04-27 Werner Koch <wk@gnupg.org>
* README: Removed a few outdated paragraphs.
2001-04-17 Werner Koch <wk@gnupg.org>
* acinclude.m4 (GNUPG_CHECK_DOCBOOK_TO_TEXI): New.
(GNUPG_CHECK_TYPEDEF): Define _GNU_SOURCE because we will use it
anyway.
* configure.in: Use it here.
* configure.in (ALL_LINGUAS): Add Estonian translation by Toomas Soome.
(use_m_debug): Removed --enable-m-debug because it does not work
anymore.
2001-04-06 Werner Koch <wk@gnupg.org>
* configure.in (ALL_LINGUAS): Add Turkish translation. Thanks
to Nilgun Belma Buguner.
2001-03-18 Werner Koch <wk@gnupg.org>
* configure.in: Hardwire the use of -lsocket for some
systems. Thanks to Reinhard Wobst.
2001-03-13 Werner Koch <wk@gnupg.org>
* configure.in: Add copyright notice and -lwsock32.
2001-03-12 Werner Koch <wk@gnupg.org>
* INSTALL: Add a note to VPATH builds.
2001-03-08 Werner Koch <wk@gnupg.org>
* debian/: Applied update from James.
Added copyright and license notices to some more files.
2001-01-18 Werner Koch <wk@gnupg.org>
* configure.in: Removed tool definitions for MingW32
2000-11-17 Werner Koch <wk@gnupg.org>
* acinclude.m4 (GNUPG_CHECK_FAQPROG): Do not prinnt the warning.
2000-11-11 Paul Eggert <eggert@twinsun.com>
Actually Paul's patches are dated 2000-20-17; I applied them today
and merged some ChangeLog entries (wk@gnupg.org).
* configure.in (AC_SYS_LARGEFILE): Add.
(try_large_file): Remove. All uses removed.
(AC_CHECK_FUNCS): Remove fopen64 and fstat64.
* acinclude.m4 (AC_SYS_LARGEFILE_TEST_INCLUDES,
AC_SYS_LARGEFILE_MACRO_VALUE, AC_SYS_LARGEFILE): New macros,
taken from GNU tar.
* configure.in (AC_CHECK_FUNCS): Add fseeko.
2000-10-17 Werner Koch <wk@gnupg.org>
* configure.in: Disabled fopen64 checks for Solaris and HPUX.
2000-10-13 Werner Koch <wk@gnupg.org>
* configure.in: Append mpi/mpi-asm-defs.h to g10defs.h
2000-10-09 Werner Koch <wk@gnupg.org>
* acinclude.m4: Changed wording of the faqprog.pl warning.
Wed Oct 4 15:50:18 CEST 2000 Werner Koch <wk@openit.de>
* configure.in: Set DYNLINK_MOD_CFLAGS for Irix. It seems that Irix
needs the -shared flag. In 1.1 we are going to use libtool, so this
module stuff will get redesigned anyway. Suggested by Jeff Long.
Thu Sep 14 14:20:38 CEST 2000 Werner Koch <wk@openit.de>
* acinclude.m4 (GNUPG_CHECK_FAQPROG): New.
* configure.in: Test for this.
* configure.in (DYNLINK_MOD_CFLAGS): Fix by David Champion.
Wed Sep 6 17:55:47 CEST 2000 Werner Koch <wk@openit.de>
* configure.in: Check for fstat64 and fopen64
Wed Sep 6 14:59:09 CEST 2000 Werner Koch <wk@openit.de>
* configure.in (GNUPG_HOMEDIR): New.
Fri Aug 25 16:05:38 CEST 2000 Werner Koch <wk@openit.de>
* configure.in: Changes to allow for Solaris random device.
By Nils Ellmenreich.
(--with-egd-socket): New.
Wed Aug 23 19:52:51 CEST 2000 Werner Koch <wk@openit.de>
* acinclude.m4 (GNUPG_CHECK_MLOCK): Removed that silly mkdir().
Wed Jul 19 11:26:43 CEST 2000 Werner Koch <wk@openit.de>
* configure.in (mingw32): Changes to allow for mingw32msvc
Fri Jul 14 10:17:30 CEST 2000 Werner Koch <wk@openit.de>
* acinclude.m4 (GNUPG_CHECK_MLOCK): Fixed syntax error in C code.
Wed Jul 12 13:32:06 CEST 2000 Werner Koch <wk@openit.de>
Version 1.0.2
Fri Jun 9 10:09:52 CEST 2000 Werner Koch <wk@openit.de>
* configure.in: Add check for termio.h, wait unctiosn and sigaction.
Wed Jun 7 19:19:09 CEST 2000 Werner Koch <wk@openit.de>
* acinclude.m4 (MKDIR_TAKES_ONE_ARG): Check some headers. By Gaël Quéri.
* configure.in (AM_INIT_AUTOMAKE): Use this now. By Gaël.
Mon Jun 5 12:37:43 CEST 2000 Werner Koch <wk@openit.de>
* acnclude.m4 (GNUPG_CHECK_EXPORTDYNAMIC): Replacement for
GNUPG_CHECK_RDYNAMIC which should handle gcc with non GNU ld nicer.
Contributed by Dave Dykstra.
* configure.in (GNYPG_CHECK_RDYNAMIC): Replaced by the new check.
* configure.in (AC_CHECK_AWK): Moved before the first use of AWK. Suggested
by Dave Dykstra.
Tue May 30 16:37:55 CEST 2000 Werner Koch <wk@openit.de>
Version 1.0.1-ePit-1
Sun May 28 13:55:17 CEST 2000 Werner Koch <wk@openit.de>
* acinclude.m4 (GNUPG_SYS_NM_PARSE): Added BSDI support.
(GNUPG_CHECK_RDYNAMIC): Ditto.
Wed Apr 19 10:57:26 CEST 2000 Werner Koch <wk@openit.de>
* acconfig.h (HAVE_MLOCK): Added
Wed Mar 22 13:50:24 CET 2000 Werner Koch <wk@openit.de>
* acinclude.m4 (GNUPG_CHECK_MLOCK): Changed the way to test for
librt. Test suggested by Jeff Long.
Fri Mar 17 17:50:25 CET 2000 Werner Koch <wk@openit.de>
* acinclude.m4 (GNUPG_CHECK_MLOCK): Do librt check only when
we can't link a test program. This way GNU systems don't need
to link against linrt.
(GNUPG_CHECK_IPC): Fixed use of TRY_COMPILE macro. From Tim Mooney.
2000-03-14 12:07:54 Werner Koch (wk@habibti.openit.de)
* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Add support for
DJGPP.
(GNUPG_CHECK_MLOCK): Check whether mlock sits in librt.
* configure.in: Add a test for unisgned long long.
Tue Mar 7 18:45:31 CET 2000 Werner Koch <wk@gnupg.de>
* acinclude.m4 (GNUPG_CHECK_RDYNAMIC): Add NetBSD. By Thomas Klausner.
* configure.in (DYNLINK_MOD_CFLAGS): Set different for NetBSD.
Thu Mar 2 15:37:46 CET 2000 Werner Koch <wk@gnupg.de>
* configure.in: Add check for clock_gettime
Wed Feb 23 10:07:57 CET 2000 Werner Koch <wk@gnupg.de>
* configure.in (ALL_LINGUAS): Add nl.
Wed Feb 16 16:25:09 CET 2000 Werner Koch <wk@gnupg.de>
* configure.in (ALL_LINGUAS): Add Esperanto.
Wed Feb 16 14:09:00 CET 2000 Werner Koch <wk@gnupg.de>
* configure.in (ALL_LINGUAS): Add sv and ja.
* AUTHORS: Converted to a more compact format.
* INSTALL: Wrote a note about a Solaris problem.
Thu Feb 10 17:39:44 CET 2000 Werner Koch <wk@gnupg.de>
* configure.in: Use /usr/local for CFLAGS and LDFLAGS when
target is freebsd. By Rémi.
Thu Jan 13 19:31:58 CET 2000 Werner Koch <wk@gnupg.de>
* configure.in: Do not set development version when the version has
a dash in it. Suggested by Dave Dykstra.
Thu Dec 16 10:07:58 CET 1999 Werner Koch <wk@gnupg.de>
* VERSION: Set to 1.0.1.
* configure.in: Removed substitution for doc/gph/Makefile.
Do all the gcc warning only in maintainer mode.
Thu Dec 9 10:31:05 CET 1999 Werner Koch <wk@gnupg.de>
* INSTALL: Add a hint for AIX. By Jos Backus.
Sat Dec 4 12:30:28 CET 1999 Werner Koch <wk@gnupg.de>
* configure.in (dlopen): Use CHECK_FUNC for a test of dlopen in libc.
Suggested by Alexandre Oliva.
(-Wall): Moved the settting of gcc warning options near to the end
so that tests don't get confused. Suggested by Paul D. Smith.
Mon Nov 22 11:14:53 CET 1999 Werner Koch <wk@gnupg.de>
* BUGS: Replaced content with a link to the online list.
Fri Nov 12 20:33:19 CET 1999 Werner Koch <wk@gnupg.de>
* README: Fixed a type and add a note about the gnupg-i18n ML.
Thu Oct 28 16:08:20 CEST 1999 Werner Koch <wk@gnupg.de>
* acinclude.m4, configure.in (GNUPG_CHECK_GNUMAKE): New.
Sat Oct 9 20:34:41 CEST 1999 Werner Koch <wk@gnupg.de>
* configure.in: Tweaked handling of random modules and removed
dummy support for libgcrypt.
* Makefile.am: Removed libgcrypt support.
* cgrypt/ : Removed.
* Makefile.am: Removed libtool.
Fri Oct 8 20:32:01 CEST 1999 Werner Koch <wk@gnupg.de>
* configure.in: Fixed quoting in test for development version.
* THANKS: Add entries for Michael, Brenno and J Horacio who did
very nice Howto documents - I apoligize for forgetting to mention them
earlier.
Tue Sep 28 20:54:37 CEST 1999 Werner Koch <wk@gnupg.de>
* textfilter.c (copy_clearsig_text) [__MINGW32__): Use CR,LF.
Fri Sep 17 12:56:42 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Add "-lcap" when capabilities are requested.
Add the conditional CROSS_COMPILING.
* Makefile.am: Don't use checks when CROSS_COMPILING.
Wed Sep 15 16:22:17 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (ALL_LINGUAS): Add pt_PT.
* configure.in: Some tweaks for cross compiling under MingW32
* acconfig.h (USE_STATIC_RNDW32): New.
Tue Sep 7 17:08:10 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* VERSION: Set to 1.0.0.
Mon Sep 6 19:59:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Create makefile in doc/gph
* acinclude.m4 (GNUPG_FUNC_MKDIR_TAKES_ONE_ARG): New
* configure.in: use the above.
Thu Sep 2 16:40:55 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* VERSION: Set to 0.9.11.
Tue Aug 31 17:20:44 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Minor changes to the OS/2 and Mingw32 system labels.
Add a printable name for Hurd.
Mon Aug 30 20:38:33 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Some support for DJGPP (Mark Elbrecht)
Wed Aug 4 10:34:46 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* VERSION: Set to 0.9.10.
Mon Jul 26 09:34:46 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): remove init of ac_cv_...
* Makefile.am (DISCLEANFILES): New
Fri Jul 23 13:53:03 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* VERSION: Set to 0.9.9.
* configure.in: Print a notice when rndunix is used.
Thu Jul 15 10:15:35 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Fixed last modification.
Wed Jul 7 13:08:40 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* Makefile.am: Support for libtool.
* configure.in: Ditto.
Tue Jun 29 21:44:25 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (use_local_zlib): The lost dollar is back.
* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Add EMX case.
* configure.in: Another variant of the MX vendor string
* configure.in (--with-capabilities): Some test code (Remi).
Sat Jun 26 12:15:59 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_CHECK_RDYNAMIC): Support for HPUX and IRIX.
* configure.in (HAVE_DL_SHL_LOAD): New for HPUX (Dave Dykstra).
* VERSION: Now 0.9.8
Wed Jun 16 20:16:21 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Add test for docbook-to-man
Tue Jun 15 12:21:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_SYS_NM_PARSE): Support for {net,free}bsd,
Thu Jun 10 14:18:23 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (ZLIB,GDBM): Check both, header and lib.
Sat Jun 5 15:30:33 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* pkclist.c (key_present_in_pk_list): New (Michael).
Tue May 25 19:50:32 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (IS_DEVELOPMENT_VERSION): Fixed detection.
Sun May 23 14:20:22 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): assume yes when
cross-compiling.
Mon May 17 21:54:43 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (socket): Fix for Unisys by Katsuhiro Kondou.
Sat May 8 19:28:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* NEWS: Add a marker line which I forgot to do for 0.9.6.
Thu May 6 14:18:17 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* README: Minor updates
* VERSION: Now 0.9.6
Thu Apr 8 09:35:53 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_CHECK_RDYNAMIC): Fix for
amiga-openbsd (Peter Reich)
(GNUPG_PROG_NM): Ditto
Wed Apr 7 20:51:39 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* Makefile.am (g10defs.h): Removed.
* configure.in (AC_OUTPUT_COMMANDS): Create g10defs.h
Sat Mar 20 12:55:33 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* VERSION: Now 0.9.5
Sun Mar 14 19:34:36 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (AM_SYS_SYMBOL_UNDERSCORE): Removed because it is
now in the latest libtool.
Thu Mar 11 16:39:46 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Removed the need for libtool
Mon Mar 8 20:47:17 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (DLSYM_NEEDS_UNDERSCORE): Replaced.
* acinclude.in (AM_SYS_SYMBOL_UNDERSCORE): New.
* VERSION: Now 0.9.4
Sun Feb 28 19:11:00 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (dld): Test disabled.
Fri Feb 26 17:55:41 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* encode.c (encode_simple): temporary fix.
Wed Feb 24 11:07:27 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: New option --enable-static-rnd.
Mon Feb 22 20:04:00 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* BUGS: Now we assign bug numbers.
* OBUGS: New to keep rack o fixed bugs (CVS only)
Fri Feb 19 18:01:54 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* VERSION: Released 0.9.3
Fri Feb 19 15:49:15 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4: Removed gettext macros.
Tue Feb 16 14:10:02 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (socket): Check for -lsocket and -lnsl.
(osf4): Disable all warnings for DEC's cc.
(-Wall): Add more warning options for gcc
Sat Feb 13 12:04:43 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Changed detection of compiler flags.
* intl/ : Removed directory
Wed Feb 10 17:15:39 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_CHECK_RDYNAMIC): Fix for freebsd 2.2
* configure.in: a lot of changes to allow selection of modules.
Add support for OS/2.
* acinclude.m4: add some more caching
* README: Spelling and grammar corrections (John A. Martin)
* INSTALL: Ditto.
Wed Jan 20 21:40:21 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: --enable-m-guard is now default
Wed Jan 13 12:49:36 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* INSTALL: Applied new information how to build rpms by Fabio Coatti
* Makefile.in (gnupg.spec): Changed the names.
Tue Jan 12 11:17:18 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* config.links (m68k-atari-mint): New
Tue Jan 12 09:17:19 CET 1999 Gaël Quéri <gqueri@mail.dotcom.fr>
* all: Fixed typos all over the place
Sat Jan 9 16:02:23 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Add a way to statically link rndunix
Sun Jan 3 15:28:44 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_CHECK_RDYNAMIC): New.
* configure.in (DYNLOAD_CFLAGS): Use result from CHECK_RDYNAMIC
Wed Dec 23 13:18:14 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* README: Replaced the command overview with a short intro.
Sat Dec 12 18:40:32 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* configure.in: Add check for dlopen in libc (Greg Troxel)
and a new define
* acconfig.h (DLSYM_NEEDS_UNDERSCORE): New.
Thu Dec 10 20:15:36 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m (GNUPG_CHECK_PIC): New
* configure.in, acinclude.m4: Renamed all WK_ to GNUPG_
Tue Dec 8 15:09:29 CET 1998 Werner Koch <wk@isil.d.shuttle.de>
* VERSION: Set to 0.4.5
Wed Nov 25 12:38:29 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (USE_RNDLINUX): New.
Fri Nov 20 19:34:57 1998 Werner Koch (wk@isil.d.shuttle.de)
* VERSION: Released 0.4.4
* configure.in (try_asm_modules): For option --disable-asm
Tue Nov 10 19:32:40 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (MPI_SFLAGS): New.
Tue Nov 10 13:44:53 1998 Werner Koch (wk@isil.d.shuttle.de)
* ABOUT-NLS: New
* configure.in (AC_REVISION): New.
Sun Nov 8 18:20:35 1998 Werner Koch (wk@isil.d.shuttle.de)
* VERSION: Set to 0.4.3
Sun Oct 25 19:49:37 1998 Werner Koch (wk@isil.d.shuttle.de)
* Makefile.am (g10defs.h): New macro GNUPG_DATADIR.
Wed Oct 21 17:24:24 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in: Removed gettext kludge
* acinclude.m4: Add patched AM_WITH_NKS macro
Tue Oct 20 19:03:36 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in: Kludge to make AM_GNU_GETTEXT work,
changed some macors to more modern versions. Also
changeg the all makefiles to remove duplicate ../intl.
* acinclude.m4: Removed the gettext stuff, as this
already comes with automake now.
Wed Oct 14 12:11:34 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (NAME_OF_DEV_RANDOM): New.
(DYNLINK_MOD_CFLAGS): New.
Thu Oct 8 10:55:15 1998 Werner Koch (wk@isil.d.shuttle.de)
* Makefile.am (g10defs.h): creates include file
* acconfig.h: now includes g10defs.h
* configure.in: Removed G10_LOCALEDIR and GNUPG_LIB
Thu Sep 17 18:49:40 1998 Werner Koch (wk@(none))
* Makefile.am (dist-hook): Now creates RPM file.
* scripts/gnupg.spec: New template file for RPMs
Thu Jul 30 19:17:07 1998 Werner Koch (wk@(none))
* acinclude.h (WK_CHECK_IPC): New
* configure.in : Add checks for SysV IPC
Thu Jun 25 11:18:49 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (--disable-dynload): New.
Wed Jun 10 07:48:59 1998 Werner Koch,mobil,,, (wk@tobold)
* configure.in (GNUPG_LIBDIR): New.
Mon May 25 19:10:59 1998 Werner Koch (wk@isil.d.shuttle.de)
* rand-unix.c (fast_random_poll): fixed syntax bug.
Mon May 11 10:21:31 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (PRINTABLE_OS_NAME): Linux is now GNU/Linux
Tue Apr 14 19:08:05 1998 Werner Koch (wk@isil.d.shuttle.de)
* [all files]: Applied Matthew Skala's typo and grammar fixes.
Wed Mar 4 10:32:40 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (getrusage,gettimeofday): New tests.
Fri Feb 27 13:14:17 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (--disable-m-guard): New.
Thu Feb 26 17:09:27 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in, acinclude.m4, intl/, po/: New macros taken
from GNOME, switched to automake 1.2f
Thu Feb 26 09:05:46 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (doc/Makefile): New
Thu Feb 26 07:40:47 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in: Changed gettext stuff
Wed Feb 25 11:44:10 1998 Werner Koch (wk@isil.d.shuttle.de)
* checks/*test : restructured the directory.
Tue Feb 24 15:59:12 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in: Changed the name of the package to GNUPG and
chnaged several other names too.
Wed Feb 18 17:36:45 1998 Werner Koch (wk@isil.d.shuttle.de)
* Makefile.am (checks): New.
Sat Feb 14 15:37:55 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (mpi_config_done): Removed asm links caching.
Sat Feb 14 14:02:20 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in (PRINTABLE_OS_NAME): New.
* acconfig.h: Likewise.
Fri Feb 13 19:43:41 1998 Werner Koch (wk@isil.d.shuttle.de)
* configure.in : Fixed zlib stuff
* Makefile.am: Likewise
Copyright 1998,1999,2000,2001,2002,2003 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
modifications, as long as this notice is preserved.
This file is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
diff --git a/README b/README
index b59a83a68..686141312 100644
--- a/README
+++ b/README
@@ -1,677 +1,686 @@
GnuPG - The GNU Privacy Guard
-------------------------------
Version 1.2.4
Copyright 1998, 1999, 2000, 2001, 2002, 2003
Free Software Foundation, Inc.
This file is free software; as a special exception the author
gives unlimited permission to copy and/or distribute it, with or
without modifications, as long as this notice is preserved.
This file is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY, to the extent permitted by law; without even
the implied warranty of MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
Intro
-----
GnuPG is GNU's tool for secure communication and data storage.
It can be used to encrypt data and to create digital signatures.
It includes an advanced key management facility and is compliant
with the proposed OpenPGP Internet standard as described in RFC2440.
GnuPG works best on GNU/Linux or *BSD systems. Most other Unices
are also supported but are not as well tested as the Free Unices.
See http://www.gnupg.org/download/supported_systems.html for a
list of systems which are known to work.
See the file COPYING for copyright and warranty information.
Because GnuPG does not use use any patented algorithms it is not
by default fully compatible with PGP 2.x, which uses the patented
IDEA algorithm. See http://www.gnupg.org/why-not-idea.html for
more information on this subject, including what to do if you are
legally entitled to use IDEA.
The default public key algorithms are DSA and ElGamal, but RSA is
also supported. Symmetric algorithms available are AES (with 128,
192, and 256 bit keys), 3DES, Blowfish, CAST5 and Twofish. Digest
algorithms available are MD5, RIPEMD/160, SHA-1, SHA-256, SHA-384,
and SHA-512. Compression algorithms available are ZIP, ZLIB, and
BZIP2 (with libbz2 installed).
Installation
------------
Please read the file INSTALL and the sections in this file
related to the installation. Here is a quick summary:
1) Check that you have unmodified sources. See below on how to do
this. Don't skip it - this is an important step!
2) Unpack the tarball. With GNU tar you can do it this way:
"tar xzvf gnupg-x.y.z.tar.gz"
3) "cd gnupg-x.y.z"
4) "./configure"
5) "make"
6) "make install"
7) You end up with a "gpg" binary in /usr/local/bin.
8) To avoid swapping out of sensitive data, you can install "gpg"
setuid root. If you don't do so, you may want to add the
option "no-secmem-warning" to ~/.gnupg/gpg.conf
How to Verify the Source
------------------------
In order to check that the version of GnuPG which you are going to
install is an original and unmodified one, you can do it in one of
the following ways:
a) If you already have a trusted Version of GnuPG installed, you
can simply check the supplied signature:
$ gpg --verify gnupg-x.y.z.tar.gz.asc
This checks that the detached signature gnupg-x.y.z.tar.gz.asc
is indeed a a signature of gnupg-x.y.z.tar.gz. The key used to
create this signature is:
"pub 1024D/57548DCD 1998-07-07 Werner Koch (gnupg sig) <dd9jn@gnu.org>"
If you do not have this key, you can get it from the source in
the file doc/samplekeys.asc (use "gpg --import doc/samplekeys.asc"
to add it to the keyring) or from any keyserver. You have to
make sure that this is really the key and not a faked one. You
can do this by comparing the output of:
$ gpg --fingerprint 0x57548DCD
with the fingerprint published elsewhere.
Please note, that you have to use an old version of GnuPG to
do all this stuff. *Never* use the version which you are going
to check!
b) If you don't have any of the above programs, you have to verify
the MD5 checksum:
$ md5sum gnupg-x.y.z.tar.gz
This should yield an output _similar_ to this:
fd9351b26b3189c1d577f0970f9dcadc gnupg-x.y.z.tar.gz
Now check that this checksum is _exactly_ the same as the one
published via the announcement list and probably via Usenet.
Documentation
-------------
The manual will be distributed separately under the name "gph".
An online version of the latest manual draft is available at the
GnuPG web pages:
http://www.gnupg.org/documentation/
A list of frequently asked questions is available in the GnuPG
distribution in the file doc/FAQ and online as:
http://www.gnupg.org/documentation/faqs.html
A couple of HOWTO documents are available online; for a listing see:
http://www.gnupg.org/documentation/howtos.html
A man page with a description of all commands and options gets installed
along with the program.
Introduction
------------
Here is a brief overview on how to use GnuPG - it is strongly suggested
that you read the manual and other information about the use of
cryptography. GnuPG is only a tool, secure usage requires that
YOU KNOW WHAT YOU ARE DOING.
The first time you run gpg, it will create a .gnupg directory in
your home directory and populate it with a default configuration
file. Once this is done, you may create a new key, or if you
already have keyrings from PGP, you can import them into GnuPG
with:
gpg --import path/to/pgp/keyring/pubring.pkr
and
gpg --import path/to/pgp/keyring/secring.skr
The normal way to create a key is
gpg --gen-key
This asks some questions and then starts key generation. To create
good random numbers for the key parameters, GnuPG needs to gather
enough noise (entropy) from your system. If you see no progress
during key generation you should start some other activities such
as moving the mouse or hitting the CTRL and SHIFT keys.
Generate a key ONLY on a machine where you have direct physical
access - don't do it over the network or on a machine also used
by others, especially if you have no access to the root account.
When you are asked for a passphrase use a good one which you can
easily remember. Don't make the passphrase too long because you
have to type it for every decryption or signing; but, - AND THIS
IS VERY IMPORTANT - use a good one that is not easily to guess
because the security of the whole system relies on your secret key
and the passphrase that protects it when someone gains access to
your secret keyring. One good way to select a passphrase is to
figure out a short nonsense sentence which makes some sense for
you and modify it by inserting extra spaces, non-letters and
changing the case of some characters - this is really easy to
remember especially if you associate some pictures with it.
Next, you should create a revocation certificate in case someone
gets knowledge of your secret key or you forgot your passphrase
gpg --gen-revoke your_user_id
Run this command and store the revocation certificate away. The output
is always ASCII armored, so that you can print it and (hopefully
never) re-create it if your electronic media fails.
Now you can use your key to create digital signatures
gpg -s file
This creates a file "file.gpg" which is compressed and has a
signature attached.
gpg -sa file
Same as above, but creates a file "file.asc" which is ASCII armored
and and ready for sending by mail. It is better to use your
mailers features to create signatures (The mailer uses GnuPG to do
this) because the mailer has the ability to MIME encode such
signatures - but this is not a security issue.
gpg -s -o out file
Creates a signature of "file", but writes the output to the file
"out".
Everyone who knows your public key (you can and should publish
your key by putting it on a key server, a web page or in your .plan
file) is now able to check whether you really signed this text
gpg --verify file
GnuPG now checks whether the signature is valid and prints an
appropriate message. If the signature is good, you know at least
that the person (or machine) has access to the secret key which
corresponds to the published public key.
If you run gpg without an option it will verify the signature and
create a new file that is identical to the original. gpg can also
run as a filter, so that you can pipe data to verify trough it
cat signed-file | gpg | wc -l
which will check the signature of signed-file and then display the
number of lines in the original file.
To send a message encrypted to someone you can use
gpg -e -r heine file
This encrypts "file" with the public key of the user "heine" and
writes it to "file.gpg"
echo "hello" | gpg -ea -r heine | mail heine
Ditto, but encrypts "hello\n" and mails it as ASCII armored message
to the user with the mail address heine.
gpg -se -r heine file
This encrypts "file" with the public key of "heine" and writes it
to "file.gpg" after signing it with your user id.
gpg -se -r heine -u Suttner file
Ditto, but sign the file with your alternative user id "Suttner"
GnuPG has some options to help you publish public keys. This is
called "exporting" a key, thus
gpg --export >all-my-keys
exports all the keys in the keyring and writes them (in a binary
format) to "all-my-keys". You may then mail "all-my-keys" as an
MIME attachment to someone else or put it on an FTP server. To
export only some user IDs, you give them as arguments on the command
line.
To mail a public key or put it on a web page you have to create
the key in ASCII armored format
gpg --export --armor | mail panther@tiger.int
This will send all your public keys to your friend panther.
If you have received a key from someone else you can put it
into your public keyring. This is called "importing"
gpg --import [filenames]
New keys are appended to your keyring and already existing
keys are updated. Note that GnuPG does not import keys that
are not self-signed.
Because anyone can claim that a public key belongs to her
we must have some way to check that a public key really belongs
to the owner. This can be achieved by comparing the key during
a phone call. Sure, it is not very easy to compare a binary file
by reading the complete hex dump of the file - GnuPG (and nearly
every other program used for management of cryptographic keys)
provides other solutions.
gpg --fingerprint <username>
prints the so called "fingerprint" of the given username which
is a sequence of hex bytes (which you may have noticed in mail
sigs or on business cards) that uniquely identifies the public
key - different keys will always have different fingerprints.
It is easy to compare fingerprints by phone and I suggest
that you print your fingerprint on the back of your business
card. To see the fingerprints of the secondary keys, you can
give the command twice; but this is normally not needed.
If you don't know the owner of the public key you are in trouble.
Suppose however that friend of yours knows someone who knows someone
who has met the owner of the public key at some computer conference.
Suppose that all the people between you and the public key holder
may now act as introducers to you. Introducers signing keys thereby
certify that they know the owner of the keys they sign. If you then
trust all the introducers to have correctly signed other keys, you
can be be sure that the other key really belongs to the one who
claims to own it..
There are 2 steps to validate a key:
1. First check that there is a complete chain
of signed keys from the public key you want to use
and your key and verify each signature.
2. Make sure that you have full trust in the certificates
of all the introduces between the public key holder and
you.
Step 2 is the more complicated part because there is no easy way
for a computer to decide who is trustworthy and who is not. GnuPG
leaves this decision to you and will ask you for a trust value
(here also referenced as the owner-trust of a key) for every key
needed to check the chain of certificates. You may choose from:
a) "I don't know" - then it is not possible to use any
of the chains of certificates, in which this key is used
as an introducer, to validate the target key. Use this if
you don't know the introducer.
b) "I do not trust" - Use this if you know that the introducer
does not do a good job in certifying other keys. The effect
is the same as with a) but for a) you may later want to
change the value because you got new information about this
introducer.
c) "I trust marginally" - Use this if you assume that the
introducer knows what he is doing. Together with some
other marginally trusted keys, GnuPG validates the target
key then as good.
d) "I fully trust" - Use this if you really know that this
introducer does a good job when certifying other keys.
If all the introducer are of this trust value, GnuPG
normally needs only one chain of signatures to validate
a target key okay. (But this may be adjusted with the help
of some options).
This information is confidential because it gives your personal
opinion on the trustworthiness of someone else. Therefore this data
is not stored in the keyring but in the "trustdb"
(~/.gnupg/trustdb.gpg). Do not assign a high trust value just
because the introducer is a friend of yours - decide how well she
understands the implications of key signatures and you may want to
tell her more about public key cryptography so you can later change
the trust value you assigned.
Okay, here is how GnuPG helps you with key management. Most stuff
is done with the --edit-key command
gpg --edit-key <keyid or username>
GnuPG displays some information about the key and then prompts
for a command (enter "help" to see a list of commands and see
the man page for a more detailed explanation). To sign a key
you select the user ID you want to sign by entering the number
that is displayed in the leftmost column (or do nothing if the
key has only one user ID) and then enter the command "sign" and
follow all the prompts. When you are ready, give the command
"save" (or use "quit" to cancel your actions).
If you want to sign the key with another of your user IDs, you
must give an "-u" option on the command line together with the
"--edit-key".
Normally you want to sign only one user ID because GnuPG
uses only one and this keeps the public key certificate
small. Because such key signatures are very important you
should make sure that the signatories of your key sign a user ID
which is very likely to stay for a long time - choose one with an
email address you have full control of or do not enter an email
address at all. In future GnuPG will have a way to tell which
user ID is the one with an email address you prefer - because
you have no signatures on this email address it is easy to change
this address. Remember, your signatories sign your public key (the
primary one) together with one of your user IDs - so it is not possible
to change the user ID later without voiding all the signatures.
Tip: If you hear about a key signing party on a computer conference
join it because this is a very convenient way to get your key
certified (But remember that signatures have nothing to to with the
trust you assign to a key).
8 Ways to Specify a User ID
--------------------------
There are several ways to specify a user ID, here are some examples.
* Only by the short keyid (prepend a zero if it begins with A..F):
"234567C4"
"0F34E556E"
"01347A56A"
"0xAB123456
* By a complete keyid:
"234AABBCC34567C4"
"0F323456784E56EAB"
"01AB3FED1347A5612"
"0x234AABBCC34567C4"
* By a fingerprint:
"1234343434343434C434343434343434"
"123434343434343C3434343434343734349A3434"
"0E12343434343434343434EAB3484343434343434"
The first one is MD5 the others are ripemd160 or sha1.
* By an exact string:
"=Heinrich Heine <heinrichh@uni-duesseldorf.de>"
* By an email address:
"<heinrichh@uni-duesseldorf.de>"
* By word match
"+Heinrich Heine duesseldorf"
All words must match exactly (not case sensitive) and appear in
any order in the user ID. Words are any sequences of letters,
digits, the underscore and characters with bit 7 set.
* Or by the usual substring:
"Heine"
"*Heine"
The '*' indicates substring search explicitly.
Batch mode
----------
If you use the option "--batch", GnuPG runs in non-interactive mode and
never prompts for input data. This does not even allow entering the
passphrase. Until we have a better solution (something like ssh-agent),
you can use the option "--passphrase-fd n", which works like PGP's
PGPPASSFD.
Batch mode also causes GnuPG to terminate as soon as a BAD signature is
detected.
Exit status
-----------
GnuPG returns with an exit status of 1 if in batch mode and a bad signature
has been detected or 2 or higher for all other errors. You should parse
stderr or, better, the output of the fd specified with --status-fd to get
detailed information about the errors.
Configure options
-----------------
Here is a list of configure options which are sometime useful
for installation.
--enable-static-rnd=<name>
Force the use of the random byte gathering
module <name>. Default is either to use /dev/random
or the auto mode. Value for name:
egd - Use the module which accesses the
Entropy Gathering Daemon. See the webpages
for more information about it.
unix - Use the standard Unix module which does not
have a very good performance.
linux - Use the module which accesses /dev/random.
This is the first choice and the default one
for GNU/Linux or *BSD.
auto - Compile linux, egd and unix in and
automagically select at runtime.
--with-egd-socket=<name>
This is only used when EGD is used as random
gatherer. GnuPG uses by default "~/.gnupg/entropy"
as the socket to connect EGD. Using this option the
socket name can be changed. You may use any filename
here with 2 exceptions: a filename starting with
"~/" uses the socket in the home directory of the user
and one starting with a "=" uses a socket in the
GnuPG home directory which is "~/.gnupg" by default.
--with-included-zlib
Forces usage of the local zlib sources. Default is
to use the (shared) library of the system.
+ --with-zlib=<DIR>
+ Look for the system zlib in DIR.
+
+ --with-bzip2=<DIR>
+ Look for the system libbz2 in DIR.
+
+ --without-bzip2
+ Disable the BZIP2 compression algorithm.
+
--with-included-gettext
Forces usage of the local gettext sources instead of
the one provided by your system.
--disable-nls
Disable NLS support (See the file ABOUT-NLS)
--enable-m-guard
Enable the integrated malloc checking code. Please
note that this feature does not work on all CPUs
(e.g. SunOS 5.7 on UltraSparc-2) and might give
you a bus error.
--disable-dynload
If you have problems with dynamic loading, this
option disables all dynamic loading stuff. Note
that the use of dynamic linking is very limited.
--disable-asm
Do not use assembler modules. It is not possible
to use this on some CPU types.
--disable-exec
Disable all remote program execution. This
disables photo ID viewing as well as all keyserver
types aside from HKP.
--disable-photo-viewers
Disable only photo ID viewing.
--disable-keyserver-helpers
Disable only keyserver helpers (not including
HKP).
--disable-keyserver-path
Disables the user's ability to use the exec-path
feature to add additional search directories when
executing a keyserver helper.
--with-photo-viewer=FIXED_VIEWER
Force the photo viewer to be FIXED_VIEWER and
disable any ability for the user to change it in
their options file.
--enable-sha512
Enable read-only SHA-384 and SHA-512 digest
support.
Installation Problems
---------------------
If you get unresolved externals "gettext" you should run configure
again with the option "--with-included-gettext"; this is version
0.10.40 which is available at ftp.gnu.org.
If you have other compile problems, try the configure options
"--with-included-zlib" or "--disable-nls" (See ABOUT-NLS) or
--disable-dynload.
We can't check all assembler files, so if you have problems
assembling them (or the program crashes) use --disable-asm with
./configure. If you opt to delete individual replacement files in
hopes of using the remaining ones, be aware that the configure
scripts may consider several subdirectories to get all available
assembler files; be sure to delete the correct ones. The assembler
replacements are in C and in mpi/generic; never delete
udiv-qrnnd.S in any CPU directory, because there may be no C
substitute. Don't forget to delete "config.cache" and run
"./config.status --recheck". We have also heard reports of
problems when using versions of gcc earlier than 2.96 along with a
non-GNU assembler (as). If this applies to your platform, you can
either upgrade gcc to a more recent version, or use the GNU
assembler.
Some make tools are broken - the best solution is to use GNU's
make. Try gmake or grab the sources from a GNU archive and
install them.
On some OSF systems you may get unresolved externals. This is a
libtool problem and the workaround is to manually remove all the
"-lc -lz" but the last one from the linker line and execute them
manually.
On some architectures you see warnings like:
longlong.h:175: warning: function declaration isn't a prototype
or
http.c:647: warning: cast increases required alignment of target type
This doesn't matter and we know about it (actually it is due to
some warning options which we have enabled for gcc)
Specific problems on some machines
----------------------------------
* Apple Darwin 6.1:
./configure --with-libiconv-prefix=/sw
* Compaq C V6.2 for alpha:
You may want to use the option "-msg-disable ptrmismatch1"
to get rid of the sign/unsigned char mismatch warnings.
* IBM RS/6000 running AIX:
Due to a change in gcc (since version 2.8) the MPI stuff may
not build. In this case try to run configure using:
CFLAGS="-g -O2 -mcpu=powerpc" ./configure
* SVR4.2 (ESIX V4.2 cc)
Due to problems with the ESIX as, you probably want to do
CFLAGS="-O -K pentium" ./configure --disable-asm
* SunOS 4.1.4
./configure ac_cv_sys_symbol_underscore=yes
The Random Device
-----------------
Random devices are available in Linux, FreeBSD and OpenBSD.
Operating systems without a random devices must use another
entropy collector.
This collector works by running a lot of commands that yield more
or less unpredictable output and feds this as entropy into the
random generator - It should work reliably but you should check
whether it produces good output for your version of Unix. There
are some debug options to help you (see cipher/rndunix.c).
Creating an RPM package
-----------------------
The file scripts/gnupg.spec is used to build a RPM package (both
binary and src):
1. copy the spec file into /usr/src/redhat/SPECS
2. copy the tar file into /usr/src/redhat/SOURCES
3. type: rpm -ba SPECS/gnupg.spec
Or use the -t (--tarbuild) option of rpm:
1. rpm -ta gnupg-x.x.x.tar.gz
The binary rpm file can now be found in /usr/src/redhat/RPMS, source
rpm in /usr/src/redhat/SRPMS
How to Get More Information
---------------------------
The primary WWW page is "http://www.gnupg.org"
The primary FTP site is "ftp://ftp.gnupg.org/gcrypt/"
See http://www.gnupg.org/download/mirrors.html for a list of
mirrors and use them if possible. You may also find GnuPG
mirrored on some of the regular GNU mirrors.
We have some mailing lists dedicated to GnuPG:
gnupg-announce@gnupg.org For important announcements like
new versions and such stuff.
This is a moderated list and has
very low traffic.
gnupg-users@gnupg.org For general user discussion and
help.
gnupg-devel@gnupg.org GnuPG developers main forum.
You subscribe to one of the list by sending mail with a subject
of "subscribe" to x-request@gnupg.org, where x is the name of the
mailing list (gnupg-announce, gnupg-users, etc.). An archive of
the mailing lists are available at
http://www.gnupg.org/documentation/mailing-lists.html
Please direct bug reports to http://bugs.gnupg.org or post
them direct to the mailing list <gnupg-devel@gnupg.org>.
Please direct questions about GnuPG to the users mailing list or
one of the pgp newsgroups; please do not direct questions to one
of the authors directly as we are busy working on improvements
and bug fixes. Both mailing lists are watched by the authors
and we try to answer questions when time allows us to do so.
Commercial grade support for GnuPG is available; please see
the GNU service directory or search other resources.

File Metadata

Mime Type
text/x-diff
Expires
Thu, Feb 26, 6:40 PM (6 h, 33 m)
Storage Engine
local-disk
Storage Format
Raw Data
Storage Handle
34/26/0a40c7c0b4100aa0df69d52b08ce

Event Timeline