A new bunch of Aegypten tarballs

Werner Koch wk at gnupg.org
Tue Dec 23 14:36:24 CET 2003


Over the last weeks we worked on the Aegypten backend code and did
some cleanups and bug fixes. It is now easier to build the whole stuff
From CVS (as long as you don't try to use automake 1.8) but building
From tarballs is still easier, thus I have released a new set of
tarballs.  The software should still be considered Beta or course.

All tarballs are accompanied by a *.sig signature file- use GnuPG 1.2
or 1.3 to check them.  For some packages patch files are available
(*.diff.gz).  Note that http://www.gnupg.org/download/ has pointers to
all these packages.

Please build the packages in the order given below:

1. Shared error codes for all packages


 [This package didn't change since the last release announcement on

2. The general crypto library


 * Code cleanups and minor bug fixes.

3. Our IPC library


 * New function assuan_set_assuan_log_prefix to store a log prefix to
   be used when no context is available. The existing function
   assuan_get_assuan_log_context is not anymore declared as user

 * Documentation cleanups. 

4. Our CMS/X.509 library


 * Support for OCSP (rfc2560).

 * The new function ksba_set_hash_buffer_function may be used during
   intialization to register a simple hash fucntion for internal use
   by libksba.

 * Changed the license of the manual to GPL.

5. The GnuPG branch with gpgsm and gpg-agent


 * New gpgsm options --{enable,disable}-ocsp to validate keys using
   OCSP. This option requires a not yet released DirMngr version.
   Default is disabled.

 * The --log-file option may now be used to print logs to a socket.
   Prefix the socket name with "socket://" to enable this.  This does
   not work on all systems and falls back to stderr if there is a
   problem with the socket.

 * The options --encrypt-to and --no-encrypt-to now work the same in
   gpgsm as in gpg.  Note, they are also used in server mode.

 * Duplicated recipients are now silently removed in gpgsm.

6. Dirmngr, the CRL management daemon


 * New options --faked-system-time and --force.
 * Changed the name of the cache directory to $HOMEDIR/dirmngr-cache.d
   and renamed the dbcontents file.  You may delete the now obsolete
   cache/ directory and the dbcontents file.
 * Dropped DB2 or DB4 use.  There is no need for it because a constant
   database fits our needs far better.
 * Experimental support for retrieving CRLs via http.
 * The --log-file option may now be used to print logs to a socket.
   Prefix the socket name with "socket://" to enable this.  This does
   not work on all systems and falls back to stderr if there is a
   problem with the socket.
7. Pinentry


 * Make UTF8 description (prompt, error message, button texts) work.

 * Make sure that secmem_term is called before program termination.

 * Make assuan in Gtk and Curses pinentry use secure memory for

 * Fixed a bug that would occur if a canceled GETPIN was immediately
   followed by a CONFIRM.

 * Disabled undo/redo in Qt pinentry.

 * Print diagnostics for locale problems and return a new error code
   in that case.

 Kudos to Marcus for rewriting most of the Qt version.

Bug reports please to the gpa-dev at gnupg.org list.  Please consider to
buy maintenance points to help with the development; see
http://www.g10code.com/products.html#maintpoints .

Merry Christmas and happy New Year,


Werner Koch                                      <wk at gnupg.org>
The GnuPG Experts                                http://g10code.com
Free Software Foundation Europe                  http://fsfeurope.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 188 bytes
Desc: not available
Url : /pipermail/attachments/20031223/7d1fb415/attachment.bin

More information about the Gpa-dev mailing list