GnuPG 2.1.0 "modern" released
Michael Felt
aixtools at gmail.com
Sat Nov 22 16:30:42 CET 2014
Hello,
I am looking into packaging gnupg-2.1.0 for AIX, and I know I need to
package the other libraries as well.
However, configure is reporting - in config.log that AIX does not have
libiconv - which it does. So, my question is: to which gnu tool should I
report a bug? This is, I assume, not a problem with gnupg itself, but the
tools it uses to create the configure script.
>From config.log:
configure:11197: checking for iconv
configure:11219: cc -o conftest -O2 -qlanglvl=extc99 -I/opt/include
conftest.c >&5
ld: 0711-317 ERROR: Undefined symbol: .iconv_open
ld: 0711-317 ERROR: Undefined symbol: .iconv
ld: 0711-317 ERROR: Undefined symbol: .iconv_close
ld: 0711-345 Use the -bloadmap or -bnoquiet option to obtain more
information.
configure:11219: $? = 8
configure: failed program was:
...
>From AIX:
root at x064:[/data/prj/gnu/gcrypt/gnupg/gnupg-2.1.0]clear;nm
/usr/lib/libiconv.a | grep iconv
/usr/lib/libiconv.a[shr4.o]:
../../../../../../../src/bos/usr/ccs/lib/libiconv/ascii.c f -
../../../../../../../src/bos/usr/ccs/lib/libiconv/ccsid.c f -
../../../../../../../src/bos/usr/ccs/lib/libiconv/fcs.c f -
../../../../../../../src/bos/usr/ccs/lib/libiconv/hcs.c f -
../../../../../../../src/bos/usr/ccs/lib/libiconv/iconv.c f -
._iconvTable_Lower_exec t 740
._iconvTable_close t 616
._iconvTable_exec t 1480
.iconv T 2032
.iconv_close T 1836
.iconv_open T 2240
_iconvTable_Lower_exec d 40536 12
_iconvTable_Lower_exec d 41680 4
_iconvTable_close d 40560 12
_iconvTable_close d 41688 4
_iconvTable_exec d 40548 12
_iconvTable_exec d 41684 4
_iconv_ct_ett D 37952 812
_iconv_fold7_ett D 37136 812
_iconv_fold8_ett D 856 812
_iconv_host D 38768 432
iconv D 40572 12
iconv_close D 40512 12
iconv_open D 40584 12
/usr/lib/libiconv.a[shr.o]:
../../../../../../../src/bos/usr/ccs/lib/libiconv/ascii.c f -
../../../../../../../src/bos/usr/ccs/lib/libiconv/ccsid.c f -
../../../../../../../src/bos/usr/ccs/lib/libiconv/fcs.c f -
../../../../../../../src/bos/usr/ccs/lib/libiconv/hcs.c f -
.__iconv_open T 0
._iconvTable_Lower_exec t 824
._iconvTable_close t 700
._iconvTable_exec t 1564
.iconv T 2116
.iconv_close T 1920
.iconv_open T 2320
__iconv_open D 40512 12
_iconvTable_Lower_exec d 40536 12
_iconvTable_Lower_exec d 41692 4
_iconvTable_close d 40560 12
_iconvTable_close d 41700 4
_iconvTable_exec d 40548 12
_iconvTable_exec d 41696 4
_iconv_ct_ett D 37952 812
_iconv_fold7_ett D 37136 812
_iconv_fold8_ett D 856 812
_iconv_host D 38768 432
iconv D 40584 12
iconv32.c f -
iconv_close D 40572 12
iconv_open D 40596 12
root at x064:[/data/prj/gnu/gcrypt/gnupg/gnupg-2.1.0]
Thank you for your assistance,
Michael
On Thu, Nov 6, 2014 at 10:01 AM, Werner Koch <wk at gnupg.org> wrote:
> Hello!
>
> The GnuPG Project is pleased to announce the availability of a
> new release: Version 2.1.0.
>
> The GNU Privacy Guard (GnuPG) is a complete and free implementation of
> the OpenPGP standard as defined by RFC-4880 and better known as PGP.
>
> GnuPG, also known as GPG, allows to encrypt and sign data and
> communication, features a versatile key management system as well as
> access modules for public key directories. GnuPG itself is a command
> line tool with features for easy integration with other applications.
> A wealth of frontend applications and libraries making use of GnuPG
> are available. Since version 2 GnuPG provides support for S/MIME and
> Secure Shell in addition to OpenPGP.
>
> GnuPG is Free Software (meaning that it respects your freedom). It can
> be freely used, modified and distributed under the terms of the GNU
> General Public License.
>
> Three different versions of GnuPG are actively maintained:
>
> - GnuPG "modern" (2.1) is the latest development with a lot of new
> features. This announcement is about the first release of this
> version.
>
> - GnuPG "stable" (2.0) is the current stable version for general use.
> This is what most users are currently using.
>
> - GnuPG "classic" (1.4) is the old standalone version which is most
> suitable for older or embedded platforms.
>
> You may not install "modern" (2.1) and "stable" (2.0) at the same
> time. However, it is possible to install "classic" (1.4) along with
> any of the other versions.
>
>
> What's New in GnuPG-2.1
> =======================
>
> - The file "secring.gpg" is not anymore used to store the secret
> keys. Merging of secret keys is now supported.
>
> - All support for PGP-2 keys has been removed for security reasons.
>
> - The standard key generation interface is now much leaner. This
> will help a new user to quickly generate a suitable key.
>
> - Support for Elliptic Curve Cryptography (ECC) is now available.
>
> - Commands to create and sign keys from the command line without any
> extra prompts are now available.
>
> - The Pinentry may now show the new passphrase entry and the
> passphrase confirmation entry in one dialog.
>
> - There is no more need to manually start the gpg-agent. It is now
> started by any part of GnuPG as needed.
>
> - Problems with importing keys with the same long key id have been
> addressed.
>
> - The Dirmngr is now part of GnuPG proper and also takes care of
> accessing keyserver.
>
> - Keyserver pools are now handled in a smarter way.
>
> - A new format for locally storing the public keys is now used.
> This considerable speeds up operations on large keyrings.
>
> - Revocation certificates are now created by default.
>
> - Card support has been updated, new readers and token types are
> supported.
>
> - The format of the key listing has been changed to better identify
> the properties of a key.
>
> - The gpg-agent may now be used on Windows as a Pageant replacement
> for Putty in the same way it is used for years on Unix as
> ssh-agent replacement.
>
> - Creation of X.509 certificates has been improved. It is now also
> possible to export them directly in PKCS#8 and PEM format for use
> on TLS servers.
>
> A detailed description of the changes can be found at
> https://gnupg.org/faq/whats-new-in-2.1.html .
>
>
> Getting the Software
> ====================
>
> Please follow the instructions found at https://gnupg.org/download/ or
> read on:
>
> GnuPG 2.1.0 may be downloaded from one of the GnuPG mirror sites or
> direct from its primary FTP server. The list of mirrors can be found
> at https://gnupg.org/mirrors.html . Note that GnuPG is not available
> at ftp.gnu.org.
>
> On ftp.gnupg.org you find these files:
>
> ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-2.1.0.tar.bz2 (3039k)
> ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-2.1.0.tar.bz2.sig
>
> This is the GnuPG 2.1 source code compressed using BZIP2 and its
> OpenPGP signature.
>
> ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32-2.1.0_20141105.exe (6225k)
> ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32-2.1.0_20141105.exe.sig
>
> This is an experimental installer for Windows including GPA as
> graphical key manager and GpgEX as an Explorer extension. Please
> de-install an already installed Gpg4win version before trying this
> installer. This binary version has not been tested very well, thus it
> is likely that you will run into problems. The complete source code
> for the software included in this installer is in the same directory;
> use the suffix ".tar.xz" instead of ".exe".
>
> Although several beta versions have been released over the course of
> the last years, no extensive public field test has been done. Thus it
> is likely that bugs will show up. Please check the mailing list
> archives and the new wiki https://wiki.gnupg.org for latest
> information on known problems and workaround.
>
>
> Checking the Integrity
> ======================
>
> In order to check that the version of GnuPG which you are going to
> install is an original and unmodified one, you can do it in one of
> the following ways:
>
> * If you already have a version of GnuPG installed, you can simply
> verify the supplied signature. For example to verify the signature
> of the file gnupg-2.1.0.tar.bz2 you would use this command:
>
> gpg --verify gnupg-2.1.0.tar.bz2.sig
>
> This checks whether the signature file matches the source file.
> You should see a message indicating that the signature is good and
> made by one or more of the release signing keys. Make sure that
> this is a valid key, either by matching the shown fingerprint
> against a trustworthy list of valid release signing keys or by
> checking that the key has been signed by trustworthy other keys.
> See below for information on the signing keys.
>
> * If you are not able to use an existing version of GnuPG, you have
> to verify the SHA-1 checksum. On Unix systems the command to do
> this is either "sha1sum" or "shasum". Assuming you downloaded the
> file gnupg-2.1.0.tar.bz2, you would run the command like this:
>
> sha1sum gnupg-2.1.0.tar.bz2
>
> and check that the output matches the first line from the
> following list:
>
> 2fcd0ca6889ef6cb59e3275e8411f8b7778c2f33 gnupg-2.1.0.tar.bz2
> 9907cb6509a0e63331b27a92e25c1ef956caaf3b gnupg-w32-2.1.0_20141105.exe
> 28dc1365292c61fbb2bbae730d4158f425463c91 gnupg-w32-2.1.0_20141105.tar.xz
>
>
> Release Signing Keys
> ====================
>
> To guarantee that a downloaded GnuPG version has not been tampered by
> malicious entities we provide signature files for all tarballs and
> binary versions. The keys are also signed by the long term keys of
> their respective owners. Current releases are signed by one or more
> of these four keys:
>
> 2048R/4F25E3B6 2011-01-12
> Key fingerprint = D869 2123 C406 5DEA 5E0F 3AB5 249B 39D2 4F25 E3B6
> Werner Koch (dist sig)
>
> rsa2048/E0856959 2014-10-29
> Key fingerprint = 46CC 7308 65BB 5C78 EBAB ADCF 0437 6F3E E085 6959
> David Shaw (GnuPG Release Signing Key) <dshaw 'at' jabberwocky.com>
>
> rsa2048/33BD3F06 2014-10-29
> Key fingerprint = 031E C253 6E58 0D8E A286 A9F2 2071 B08A 33BD 3F06
> NIIBE Yutaka (GnuPG Release Key) <gniibe 'at' fsij.org>
>
> rsa2048/7EFD60D9 2014-10-19
> Key fingerprint = D238 EA65 D64C 67ED 4C30 73F2 8A86 1B1C 7EFD 60D9
> Werner Koch (Release Signing Key)
>
> You may retrieve these files from the keyservers using this command
>
> gpg --recv-keys 249B39D24F25E3B6 04376F3EE0856959 \
> 2071B08A33BD3F06 8A861B1C7EFD60D9
>
> The keys are also available at https://gnupg.org/signature_key.html
> and in the released GnuPG tarball in the file g10/distsigkey.gpg .
> Note that this mail has been signed using my standard PGP key.
>
>
> Internationalization
> ====================
>
> This new branch of GnuPG has support for 4 languages: French, German,
> Japanese, and Ukrainian. More translations can be expected with the
> next point releases.
>
>
> Documentation
> =============
>
> If you used GnuPG in the past you should read the description of
> changes and new features at doc/whats-new-in-2.1.txt or online at
>
> https://gnupg.org/faq/whats-new-in-2.1.html
>
> The file gnupg.info has the complete user manual of the system.
> Separate man pages are included as well but they have not all the
> details available in the manual. It is also possible to read the
> complete manual online in HTML format at
>
> https://gnupg.org/documentation/manuals/gnupg/
>
> or in Portable Document Format at
>
> https://gnupg.org/documentation/manuals/gnupg.pdf .
>
> The chapters on gpg-agent, gpg and gpgsm include information on how
> to set up the whole thing. You may also want search the GnuPG mailing
> list archives or ask on the gnupg-users mailing lists for advise on
> how to solve problems. Many of the new features are around for
> several years and thus enough public knowledge is already available.
>
>
> Support
> =======
>
> Please consult the archive of the gnupg-users mailing list before
> reporting a bug <https://gnupg.org/documentation/mailing-lists.html>.
> We suggest to send bug reports for a new release to this list in favor
> of filing a bug at <https://bugs.gnupg.org>. For commercial support
> requests we keep a list of known service companies at:
>
> https://gnupg.org/service.html
>
> The driving force behind the development of GnuPG is the company of
> its principal author, Werner Koch. Maintenance and improvement of
> GnuPG and related software takes up most of their resources. To allow
> him to continue this work he kindly asks to either purchase a support
> contract, engage g10 Code for custom enhancements, or to donate money:
>
> https://gnupg.org/donate/
>
>
> Thanks
> ======
>
> We have to thank all the people who helped with this release, be it
> testing, coding, translating, suggesting, auditing, administering the
> servers, spreading the word, and answering questions on the mailing
> lists. A final big Thank You goes to Hal Finney, who too early passed
> away this year. Hal worked on PGP and helped to make OpenPGP a great
> standard; it has been a pleasure having worked with him.
>
>
> --
> Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
>
> _______________________________________________
> GNU Announcement mailing list <info-gnu at gnu.org>
> https://lists.gnu.org/mailman/listinfo/info-gnu
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20141122/641b6aa2/attachment-0001.html>
More information about the Gnupg-users
mailing list