From peter at digitalbrains.com Wed Apr 1 13:34:12 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Wed, 01 Apr 2015 13:34:12 +0200 Subject: Instructions for converting keyring for 2.1 In-Reply-To: <87lhichmws.fsf@alice.fifthhorseman.net> References: <55183802.8010306@digitalbrains.com> <87lhichmws.fsf@alice.fifthhorseman.net> Message-ID: <551BD7B4.3030209@digitalbrains.com> On 31/03/15 23:33, Daniel Kahn Gillmor wrote: > This doesn't appear to have been updated upstream yet, but i agree with > Peter Lebbing's suggestion here. Would presenting the patch in some > other way (e.g in git format-patch style?) be helpful? After reading some docs and fiddling with stuff; is this okay? -- >8 -- Subject: [PATCH] 2.1 FAQ: keyring conversion: add import-local-sigs --- web/faq/whats-new-in-2.1.org | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/faq/whats-new-in-2.1.org b/web/faq/whats-new-in-2.1.org index bc312da..1056dd0 100644 --- a/web/faq/whats-new-in-2.1.org +++ b/web/faq/whats-new-in-2.1.org @@ -561,7 +561,7 @@ then run import, and finally restore the ownertrust values: $ cd ~/.gnupg $ gpg --export-ownertrust >otrust.lst $ mv pubring.gpg publickeys -$ gpg2 --import publickeys +$ gpg2 --import-options import-local-sigs --import publickeys $ gpg2 --import-ownertrust otrust.lst #+end_example -- 2.1.4 -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From gniibe at fsij.org Thu Apr 2 04:12:48 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Thu, 02 Apr 2015 11:12:48 +0900 Subject: decrypt luks with gnupg Card: determine if cardreader has pinpad Message-ID: <551CA5A0.6040406@fsij.org> On 03/31/2015 08:25 PM, Jan Kowalsky wrote: > I'd like to use the same script also for cardreaders without pinpad - > but then I have to determine, if a cardreader has one or not. Is their > any possibility for getting this information? You can use the output of lsusb -v. If the card reader has pinpad capability, you can find something like: bPINSupport 3 verification modification > /lib/cryptsetup/scripts/decrypt_gnupg_sc: [...] > # quick hack for starting pcscd > pcscd & Well, I don't think pcscd (and libccid) is required if your gnupg is new enough (2.0.23 or later). -- From gniibe at fsij.org Thu Apr 2 04:40:39 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Thu, 02 Apr 2015 11:40:39 +0900 Subject: What is 'CA fingerprint 1' on Smartcard In-Reply-To: <551AD072.6030808@krebs.uno> References: <551AD072.6030808@krebs.uno> Message-ID: <551CAC27.1040109@fsij.org> On 04/01/2015 01:50 AM, Daniel Krebs wrote: > What is the CA fingerprint on FSFE-Smartcard? > > A gpg2 --car-status gave the information: > CA fingerprint 1 .: C485 A6CD 7EC6 6E9E EC33 65F2 70F2 75E4 C32F 6CA5 Well, I can't find a key with this fingerprint on key servers. > This is a smartcard issued by the FSFE. After reseting the card this > information is gone, so it must be applied by FSFE. I read the > openpgp-card-2.0 specification but I'm still not sure what this CA > data object is used for and what specific CA it points to. Maybe you > can help... It seems that it's intended to be hold a fingerprint of OpenPGP, but it is not clear what/how this fingerprint is used for. >From a view point of scdaemon developer, I don't have any experience using these data objects. Even, I couldn't imagine valid usage of these data objects. Besides, I don't understand the reason why this data object was filled by a specific value when shipped. Sorry for not useful information, but, those are all I could say. Still, it would make sense to share this info. -- From patrick-mailinglists at whonix.org Thu Apr 2 15:29:39 2015 From: patrick-mailinglists at whonix.org (Patrick Schleizer) Date: Thu, 02 Apr 2015 13:29:39 +0000 Subject: gpg-bash-lib - gpg file verification bash library - first public release announcement - 0.5-1 Message-ID: <551D4443.9020808@whonix.org> gpg-bash-lib is a gpg file verification bash library, addresses comprehensive threat model, that covers file name tampering, indefinite freeze, rollback, endless data attacks, etc. https://github.com/Whonix/gpg-bash-lib Why? Writing bash scripts that do file verification using gpg that really is secure and passes a comprehensive threat model, that covers indefinite freeze, rollback, endless data attacks, etc. is hard. gpg-bash-lib's goal is to provide a bash library that we can collaboratively develop, audit and abstract the hard work into reuseable functions. Checking gpg exit codes only is insufficient. Quote Werner Koch [1] (gnupg lead developer): "there is no clear distinction between the codes and for proper error reporting you are advised to use the --status-fd messages." (For a definition of these attacks, see TUF [2] (The Update Framework)'s [3] threat model [4] [5].) Mini Demo: After installation, if you would run the following command. /usr/share/gpg-bash-lib/examples/one You would see the following output. your_script_begin: ... verification: BEGIN verification: END your_script_output: BEGIN gpg_bash_lib_output_failure_status: false gpg_bash_lib_output_gpg_verify_exit_code: 0 gpg_bash_lib_output_goodsig_status: true gpg_bash_lib_output_validsig_status: true gpg_bash_lib_output_fingerprint_in_hex: 5E08605EBEA0FE88695DCB88FD0A8B4171DFE4E4 gpg_bash_lib_output_signed_on_unixtime: 1422049448 gpg_bash_lib_output_signed_on_date: March 01 13:56:27 UTC 2015 gpg_bash_lib_output_notation[$file at name]: test-file gpg_bash_lib_output_file_name_tampering: false gpg_bash_lib_output_freshness_status: true gpg_bash_lib_output_freshness_detail: current gpg_bash_lib_output_freshness_msg: - Freshness: Signature is current. - valid-max: Signatures are valid up to 30 days. - Signature Creation Date: March 01 13:56:27 UTC 2015 - Current System Date : March 02 16:0:55 UTC 2015 - Local System Clock: Your clock seems okay. - Relative Signature Creation Time: According to your system clock, signature was created 2 days 26 minutes 3 seconds ago. gpg_bash_lib_output_alright_status: true your_script_output: END All information (Signature Creation Date, etc.) are easily accessible through separate variables, which are all documented. Documentation: https://github.com/Whonix/gpg-bash-lib/blob/master/README.mediawiki Usage examples: https://github.com/Whonix/gpg-bash-lib/tree/master/usr/share/gpg-bash-lib/examples Main code file: https://github.com/Whonix/gpg-bash-lib/blob/master/usr/lib/gpg-bash-lib/modules.d/50_common Specifically, does the status-fd parsing code look sane? https://github.com/Whonix/gpg-bash-lib/blob/d6cff902f40135c3e100a5bb13a6fe8275a41828/usr/lib/gpg-bash-lib/modules.d/50_common#L350 Could you leave some feedback please? Anyone else interested to contribute? Cheers, Patrick [1] http://lists.gnupg.org/pipermail/gnupg-devel/2005-December/022559.html [2] https://www.updateframework.com/ [3] https://github.com/theupdateframework/tuf [4] https://github.com/theupdateframework/tuf/blob/develop/SECURITY.md [5] http://www.webcitation.org/6F7Io2ncN From mailinglist at krebs.uno Thu Apr 2 16:43:48 2015 From: mailinglist at krebs.uno (Daniel Krebs) Date: Thu, 02 Apr 2015 16:43:48 +0200 Subject: What is 'CA fingerprint 1' on Smartcard In-Reply-To: <551CAC27.1040109@fsij.org> References: <551AD072.6030808@krebs.uno> <551CAC27.1040109@fsij.org> Message-ID: <551D55A4.4070709@krebs.uno> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Am 02.04.2015 um 04:40 schrieb NIIBE Yutaka: > It seems that it's intended to be hold a fingerprint of OpenPGP, > but it is not clear what/how this fingerprint is used for. > > From a view point of scdaemon developer, I don't have any > experience using these data objects. Even, I couldn't imagine > valid usage of these data objects. > > Besides, I don't understand the reason why this data object was > filled by a specific value when shipped. > > Sorry for not useful information, but, those are all I could say. > > Still, it would make sense to share this info. > OK, I will ask on the FSFE mailing list, ask them and post the answer here as soon as i have it. DK -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQIcBAEBCgAGBQJVHVWTAAoJEA7irlPqaBCOf30P/R7OXr6jyTniFeiiv0LYBC9T TyYwvqRyRnvng4VRKdT0Nq3kF/Omj2HIi7KCVZTOgDmmR83IMYyWm4oBFNXrDKzd QO0J8OwUf+/B122vL1yvE3n1/V5rHxTpTl3bvBQG/VgZO9Fiwt1BYwCfF+79VlvR OCnoLdepAHn4ZFT74neq5ZCxbG3UxSOr+9RBlf9gFzs+qNOI8TsqIzF4xueQHe6f Jv7YD6aTqh7z3/d67v5j4ChzRxrghe2+I97QJkB98qvxqNxAVwg9hD64VcvtBNjB O+AR+wbqnztfAa3pnQ4RGHIH1NGfy+v0Tps2tuCn/SucIirwbaIk+jhMHaWZB3Tx 0K7ivxRK4tbpAJyFY8r85XSTAEw4c711rkPbIcpolfw/5upXD/UD2YFCFxlnTaxt xc38nKunoXT2B3LB5mRKnDGL69KZPHv5J+gSvZcP1/k8ItV/OryzSCyiJsGG+WIK ipHvTjmyWs3R3Qnm1B0q3qklaoQGVsw1k6W8Ezafu4Vm84PxdmaE5LBfyH2KJN3h CFQQKeo4Tfb8wRAvZj1VrLo3AqLWdOLioAKXy+xzuPbK87fnMx0tfwn2147PGsNr 008q8Wbj5n4cqTmP1Db4woASvHuTFdwmLm3Kr0yqJnTkZUrme7OyxJ0SAA0qNXdv LPNlpdG/WJPn0IJhI1bM =iGUm -----END PGP SIGNATURE----- From peter at digitalbrains.com Thu Apr 2 18:35:46 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Thu, 02 Apr 2015 18:35:46 +0200 Subject: "g13" tool in GnuPG 2.1 (was: decrypt luks with gnupg Card: determine if cardreader has pinpad) In-Reply-To: References: Message-ID: <551D6FE2.7020305@digitalbrains.com> On 31/03/15 13:25, Jan Kowalsky wrote: > I wrote a howto (in german) in addition to the one from Peter Lebbing > (thanks a lot!): > https://wiki.datenkollektiv.net/public/gnupg/luks_gnupg_card ... in which the following message by Werner from 2009 is linked: [1] >From which I will quote: > Another option would be to wait a while and use the new g13 tool which > is part of the new development branch of GnuPG. It is fully integrated > into GnuPG and provides a platform independent replacement for LUKS. > For now only Encfs is supported but the system is designed to support > all kinds of backends (Even one on top of LUKS is possible). The > advantage of G13 is that you use real public key cryptography and thus > your actual private key never leaves the card - it is only used to > encrypt the bulk encryption key(s). So is G13 ready for use? (note that the LUKS script written by me and modified by Jan also uses real public key cryptography; that remark in the quote refers to a different method of unlocking an encrypted drive using an OpenPGP card). Cheers, Peter. [1] http://lists.gnupg.org/pipermail/gnupg-users/2009-November/037599.html -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From dwalton at stillwatergroup.com Thu Apr 2 19:19:09 2015 From: dwalton at stillwatergroup.com (Dee Walton) Date: Thu, 2 Apr 2015 12:19:09 -0500 Subject: Permissions Issue Executing .bat file to Encrypt File Message-ID: <005501d06d69$21a7e7b0$64f7b710$@com> I have created a VB script to encrypt a file using a recipient key. The file encrypts, when I can execute the VB script manually as Administrator but when scheduling the execution of the VB script (via .bat file) as Administrator, using Scheduled Tasks, the encryption does not occur. Any insight would be appreciated! Dee Walton Stillwater Resource Group -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.gif Type: image/gif Size: 1089 bytes Desc: not available URL: From dwalton at stillwatergroup.com Thu Apr 2 22:32:19 2015 From: dwalton at stillwatergroup.com (Dee Walton) Date: Thu, 2 Apr 2015 15:32:19 -0500 Subject: Permissions Issue Executing .bat file to Encrypt File In-Reply-To: <005501d06d69$21a7e7b0$64f7b710$@com> References: <005501d06d69$21a7e7b0$64f7b710$@com> Message-ID: <00d301d06d84$1e1fb710$5a5f2530$@com> Hello All, I was able to get the scheduled process to work but only as Administrator. This needs to be run as a different user. I know it must be a permissions issue. Thanks in advance. Dee Walton From: Gnupg-users [mailto:gnupg-users-bounces at gnupg.org] On Behalf Of Dee Walton Sent: Thursday, April 02, 2015 12:19 PM To: gnupg-users at gnupg.org Subject: Permissions Issue Executing .bat file to Encrypt File I have created a VB script to encrypt a file using a recipient key. The file encrypts when I can execute the VB script manually as Administrator but when scheduling the execution of the VB script (via .bat file) as Administrator, using Scheduled Tasks, the encryption does not occur. Any insight would be appreciated! Dee Walton Stillwater Resource Group -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.gif Type: image/gif Size: 1089 bytes Desc: not available URL: From gniibe at fsij.org Fri Apr 3 02:10:29 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Fri, 03 Apr 2015 09:10:29 +0900 Subject: Anonymous payment for hardware tokens In-Reply-To: <54D1DEB9.8090909@fsij.org> References: <54D1DEB9.8090909@fsij.org> Message-ID: <551DDA75.4090301@fsij.org> Hello, George, This message is a reply to the your post in February. On 02/04/2015 03:50 PM, georgeorwellhardwired at riseup.net wrote: > Is there anyone that knows where you can buy yubikeys or smartcards > anonymously? On 02/04/2015 05:56 PM, NIIBE Yutaka wrote: > I'm afraid it's not practical for you... > > You can buy Gnuk Token in Maebashi, Gunma, Japan by cash from me. > > Buy FST-01 with Gnuk 1.1.4 (in Japanese): > http://www.gniibe.org/shop/gnuk_1_1_x-on-fst-01.html [...] > In either cases, it is recommended to compile and install Gnuk to your > board by yourself, as there is some risk where some malicious > (possibly middle) person has installed fake firmware already. Just in case if you can visit Boston, FST-01 with NeuG 1.0.1c is now available as GNU Gear: http://shop.fsf.org/product/usb/ It comes with micro SD card which contains the copy of repositories at git.gniibe.org, so that you can access to the source code with no connection of the Internet. Since the firmware installed is NeuG (instead of Gnuk), you need to compile and install Gnuk by yourself, if you want. But, I'm sure that you will also want one with NeuG. I don't know if it is possible to join FSF as an associate member anonymously, but I'm sure you can get it anonymously by cash when you visit the FSF office in Boston. This arrangement is exactly intended for those who care, like you. Although I don't know if it works for you, I hope so. -- From wk at gnupg.org Fri Apr 3 13:14:25 2015 From: wk at gnupg.org (Werner Koch) Date: Fri, 03 Apr 2015 13:14:25 +0200 Subject: What is 'CA fingerprint 1' on Smartcard In-Reply-To: <551AD072.6030808@krebs.uno> (Daniel Krebs's message of "Tue, 31 Mar 2015 18:50:58 +0200") References: <551AD072.6030808@krebs.uno> Message-ID: <87vbhda2ge.fsf@vigenere.g10code.de> On Tue, 31 Mar 2015 18:50, mailinglist at krebs.uno said: > What is the CA fingerprint on FSFE-Smartcard? $ gpg -k 'C485 A6CD 7EC6 6E9E EC33 65F2 70F2 75E4 C32F 6CA5' pub dsa1024/70F275E4C32F6CA5 2005-04-10 [expired: 2009-12-31] uid [ expired] FSFE Fellowship (certification key) Back in 2005 the idea was to setup our own OpenPGP "CA" and the FSFE prepared the cards for this (this is also one of the the reasons for the PIN letter). However, the folks responsible for the fellowship card never came around to setup a process to actually run such a "CA" and thus the whole thing got dusty. I still have the CDROM with the private key but I do not think that this expired key is of any use. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Fri Apr 3 13:35:30 2015 From: wk at gnupg.org (Werner Koch) Date: Fri, 03 Apr 2015 13:35:30 +0200 Subject: Instructions for converting keyring for 2.1 In-Reply-To: <55183802.8010306@digitalbrains.com> (Peter Lebbing's message of "Sun, 29 Mar 2015 19:36:02 +0200") References: <55183802.8010306@digitalbrains.com> Message-ID: <87pp7la1h9.fsf@vigenere.g10code.de> On Sun, 29 Mar 2015 19:36, peter at digitalbrains.com said: > new keybox format. I discovered I needed --import-options import-local-sigs on > the import command to also import my local signatures, which obviously is very Thanks. I just updated the web page. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From ben at adversary.org Sat Apr 4 12:16:34 2015 From: ben at adversary.org (Ben McGinnes) Date: Sat, 04 Apr 2015 21:16:34 +1100 Subject: One alternative to SMTP for email: Confidant Mail In-Reply-To: <5510D9B3.4090809@confidantmail.org> References: <5510D9B3.4090809@confidantmail.org> Message-ID: <551FBA02.1030601@adversary.org> On 24/03/2015 2:27 pm, Mike Ingle wrote: > There has been some discussion on gnupg-users about replacing SMTP for > secure email, and how BitMessage does not scale. > > There is an open source non-SMTP email system called Confidant Mail, > which is based on GnuPG and hash table storage. The protocol conceals > metadata (headers like From and Subject are inside the envelope) and > uses TLS. The client has built-in support for Tor and I2P anonymity. The > system supports unlimited length attachments (over 4GB) using a > torrent-like blocking protocol. Messages are GPG encrypted and signed, > and all messages are acknowledged. Key distribution is built into the > protocol. > It's designed to scale using either DNS or a Kademlia DHT to look up > keys. Servers are paired for high availability. The client can > automatically configure itself from the server. A very interesting project and nicely timed too since the protection of header data will very neatly address a major concern which is now relevant in Australia with the passing of mandatory data retention legislation. Yeah, now officially a police state, within 18 months everyone will be under constant surveillance. The custom and single client, as MFPA pointed out, might be contentious for some users, but there are reasons and clear benefits too. I think the major features I'd request would be: * The ability to load a new message or reply in the editor of your choice from the client when drafting, which ought to cut down on a lot of the UI debate. * A client API so that people can extend it further the way they want, effectively creating multiple clients from the required base. After that, the rest will attend to itself. Regards, Ben -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 630 bytes Desc: OpenPGP digital signature URL: From ben at adversary.org Sat Apr 4 10:46:12 2015 From: ben at adversary.org (Ben McGinnes) Date: Sat, 04 Apr 2015 19:46:12 +1100 Subject: SOLUTION: GPG 2.1.x not compiling on OS X (any version) Message-ID: <551FA4D4.3010900@adversary.org> Hello, A while back, when 2.1.0 was released I and many others encountered a most annoying error when compiling or attempting to compile both pinentry and GnuPG itself. It was a linker error where x86_64 architecture was not recognised. Online searches led to similar problems affecting Qt and the solution for those users had been to specify a different C++ library. This, of course, only led to further confusion here because there isn't any C++ in GPG or its dependencies. So I put the problem aside and turned to other things. With the Enigmail decision to drop support for 1.4.x, however, I decided that it was time to have another crack and this time pursue a different course of action. By this time 2.1.2 had been added to MacPorts and they clearly weren't seeing the same errors. Off to Freenode to track down one of the maintainers and pick brains I went. To cut the entire process somewhat shorter, it apparently does not matter which arguments and flags you pass to configure pointing to the new libiconv library you just installed because OS X will ignore that and use its own (in /usr/lib or wherever it is). The solution is to do a full source install (sudo port -s install [--force] gnupg21) with MacPorts. It may still die in the final part with GPG, but changing to the build directory and running the commands again is fine. If you wanted to tweak something before compiling, this is the time to do it (or use the -k flag to keep the source and then go back and run it manually later). Special thanks go to Ionic, the MacPorts pinentry maintainer, who correctly identified the libiconv fault. Regards, Ben -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 630 bytes Desc: OpenPGP digital signature URL: From ben at adversary.org Sun Apr 5 08:25:40 2015 From: ben at adversary.org (Ben McGinnes) Date: Sun, 05 Apr 2015 16:25:40 +1000 Subject: One alternative to SMTP for email: Confidant Mail In-Reply-To: <55186E6D.20604@confidantmail.org> References: <5510D9B3.4090809@confidantmail.org> <91509341.20150326202754@my_localhost> <55146F7C.4080701@blazrsoft.com> <5514798B.7020402@confidantmail.org> <425213999.20150326232409@my_localhost> <55149CF7.2070400@confidantmail.org> <834239320.20150328145922@my_localhost> <5516DF41.4090805@digitalbrains.com> <1209077951.20150329125351@my_localhost> <55186E6D.20604@confidantmail.org> Message-ID: <5520D564.5080803@adversary.org> On 30/03/2015 8:28 am, Mike Ingle wrote: > >> Why should the user need to delete one, rather than just be told >> there were two and the one with such-and-such a fingerprint (or the >> one highlighted) signed this message? If it is just a string in a >> key UID rather than a functional email address, it will not >> necessarily be unique. > > There should not be two or more keys advertised for one email > address. That creates confusion, requires the recipient to have two > CM accounts, and increases the risk of bogus keys being used. Since > CM keys disappear from the key search results about a month after > the key owner stops advertising them, people should delete old or > bogus keys from their keyrings. Now you're making an assumption that all email addresses are created for individuals. Yet you also see a possible future of businesses use it. So if it is ever used by a team of people who all send email from something like support at acme.com, you will encounter that scenario very quickly. Hence it would be better to simply have warnings of a potential conflict rather than forcing the recipient to only choose one sender. > Once the owner stops advertising the key (by using it in a CM > account), after a month or so the STORUTIL will remove it from the > servers. That depends on how often server operators run STORUTIL to > prune their server directories. Meaning that if you run your own server you don't have to maintain the account too much if it sees very little traffic (initially). Good. >> > Anyone can run a provider and I expect them to range from strictly >> > business to the dodgy darknet variety. > >> Using "darknet" services to enhance privacy does not equate to >> "dodgy". A person's communications are none of anybody else's >> business, apart from whoever they choose to communicate with. > > No offense to the darknet intended. I'm in favor of more widespread > Tor and I2P usage, that's why I built in support for it. Using CM > over hidden services is a good way to avoid social graph building. Not to mention a good way to circumvent mandatory communications surveillance and transnational corporations who believe they should be able to view all your communications to make sure you're not quoting a film without paying a tithe. > An example of a "dodgy darknet provider" would be if one of the > darknet markets decided to run a couple of covert CM servers (having > only Tor hidden service addresses) to facilitate vendor to customer > communication. That would solve the problem of some users not > encrypting their messages, and would allow people to communicate > even if the hidden website server is down. Heh. Yes, it would be a good solution from them, but from what I've seen they're just as lazy as the Stratfor employees (which is why Stratfor got cracked and the others got arrested). > Suppose a reporter on a "strictly business" CM provider wanted to > interview vendors of that darknet market. She could do so using CM > without needing a technical expert to handle the encryption, and > without either party being exposed to any risks. In the past that > has been difficult. > > It is also possible to run mailing lists and file servers over CM. I > am currently running a CM users' mailing list. Cool. There are definitely still aspects of it which need work, mainly on the user interface end from what I can see so far, but it answers so many problems (including Moxie Marlinspike's recent complaint about OpenPGP and forward secrecy) that it could make a real difference for a lot of people. I still think, though, that the better solution for the UI issues is to provide the specifications and an API so people can either adapt their existing favourite clients to support CM or write whole new ones. It's the sort of system which nmh would handle very well, for example. No doubt there would be assorted other types of solutions being adapted to it (I'd expect some people to treat it more like an IM program than an email program too, depending entirely on how they made the UI appear and behave). By all means, use your own client as an example, but if you want wider adoption then take advantage of others wanting to do their own things with it. Regards, Ben -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 630 bytes Desc: OpenPGP digital signature URL: From ben at adversary.org Mon Apr 6 18:04:09 2015 From: ben at adversary.org (Ben McGinnes) Date: Tue, 07 Apr 2015 02:04:09 +1000 Subject: Making the case for smart cards for the average user In-Reply-To: <87lhivpls4.fsf@alice.fifthhorseman.net> References: <277590791.20150317005551@my_localhost> <87lhivpls4.fsf@alice.fifthhorseman.net> Message-ID: <5522AE79.2030208@adversary.org> On 18/03/2015 4:38 am, Daniel Kahn Gillmor wrote: > On Mon 2015-03-16 20:55:51 -0400, MFPA wrote: > >> Although I don't really like email addresses in the UIDs of my keys, I >> quite like the simplicity of your "email address only" simplified UID >> format. However, I would urge you to reconsider your decision to drop >> the angle brackets. At least one MUA (the MUA I am using to write this >> message) sends the email address enclosed in angle brackets as the >> search string for GnuPG to locate the key. No angle brackets around >> the email address means no key found. > > This might be a bug (or at least a well-warranted feature enhancement) > in GnuPG. > > I've just opened https://bugs.g10code.com/gnupg/issue1927 to track it. Great plan ... how does the shell know that the angle brackets are a part of the GPG UID format? If I run these commands currently: gpg -k foo at example.org gpg -k gpg -k "foo at example.org" gpg -k "" The first, third and fourth all work, but the second complains, as it rightly should, because bash uses < and > for other purposes, specifically manipulating STDIN and STDOUT. So I think you might find it to be something that can't be fixed within GPG. Instead the MUA needs to either accept both formats (a bug in The Bat!) or enclose all GPG key UIDs in quotation marks in order to mitigate that (a feature request for The Bat!). Regards, Ben -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 701 bytes Desc: OpenPGP digital signature URL: From masterkorp at masterkorp.net Mon Apr 6 17:16:14 2015 From: masterkorp at masterkorp.net (Alfredo Palhares) Date: Mon, 06 Apr 2015 16:16:14 +0100 Subject: Splitting a GPG private key Message-ID: <1428331419-sup-4941@vegeta> Hello, While looking for a way to store you passwords and share them across the company. We need to control access inside subdirectories and have a master GPG key that gets encrypted with all the other ones. We would like to keep very limited access to this key, and we're thinking on literally splitting the file between different people. What would be the optimal options for that? After a reading on the man pages, the --sk2k-mode and --s2k-count seem the option to go, while on --s2k-cipher-algo --s2k-digest-algo I have no idea what options to use. Also can you recommend the best options to generate this key ? -- Alfredo Palhares GPG/PGP Key Fingerprint 68FC B06A 6C22 8B9B F110 38D6 E8F7 4D1F 0763 CAAD -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: not available URL: From dkg at fifthhorseman.net Mon Apr 6 20:18:38 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Mon, 06 Apr 2015 14:18:38 -0400 Subject: Splitting a GPG private key In-Reply-To: <1428331419-sup-4941@vegeta> References: <1428331419-sup-4941@vegeta> Message-ID: <87lhi56ry9.fsf@alice.fifthhorseman.net> Hi Alfredo, On Mon 2015-04-06 11:16:14 -0400, Alfredo Palhares wrote: > While looking for a way to store you passwords and share them across the > company. > > We need to control access inside subdirectories and have a master GPG key that > gets encrypted with all the other ones. > > We would like to keep very limited access to this key, and we're thinking on > literally splitting the file between different people. It's not clear from this what your goals are. Do you want to require multiple people to come together to use that secret key? or do you want them each to have the ability to use the key independently from each other? The answer about what to do would depend on how you want the key to be used. It's not clear to me that we have a functional workflow to support the first scenario (where multiple people must come together to use the secret key) without a lot of overhead for the users. My understanding is that the Tails community does something like this, but they are a highly-technical group who are willing to custom-build their own tools and to endure quite a bit of tedious and inconvenient process to protect the safety of their users. Consider that anyone who ever has access to the raw secret material of the shared key can effectively make a copy of it and then use it elsewhere in the future. If you can define your desired use cases more clearly, maybe someone on this list can propose an effective workflow for you. > After a reading on the man pages, the --sk2k-mode and --s2k-count seem the > option to go, while on --s2k-cipher-algo --s2k-digest-algo I have no idea what > options to use. I'm not convinced that any of the s2k-* options are relevant to this particular question. I recommend leaving them as the defaults, and thinking more about what properties you really want from your tools and your workflow first. hope this helps, --dkg From CRivard at merkleinc.com Mon Apr 6 21:37:46 2015 From: CRivard at merkleinc.com (Clark Rivard) Date: Mon, 6 Apr 2015 19:37:46 +0000 Subject: GPG 1.4.19 homedir Command Message-ID: <7D23F54FC682AC47A4CDA79EF435336A25A0EE9C@HQITEXCH07.pclc0.merkle.local> Hi I am running GPG 1.4.19 and using the --homedir command and enclosing the home directory name in double-quotes to access a keyring folder that has an embedded space. --homedir "\\folder\Key Ring" I get errors from GPG stating gpg: keyblock resource ' //folder/Key\secring.gpg : file open error gpg: keyblock resource ' //folder/Key\pubring.gpg : file open error usage: gpg [options] [filename] Other commands like --output and --encrypt work just fine when enclosing path in double-quotes. Am I doing something wrong or does GPG --homedir not accept double-quotes and thus embedded spaces in path name? Thanks. -------------- next part -------------- An HTML attachment was scrubbed... URL: From peter at digitalbrains.com Mon Apr 6 21:56:53 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Mon, 06 Apr 2015 21:56:53 +0200 Subject: Making the case for smart cards for the average user In-Reply-To: <5522AE79.2030208@adversary.org> References: <277590791.20150317005551@my_localhost> <87lhivpls4.fsf@alice.fifthhorseman.net> <5522AE79.2030208@adversary.org> Message-ID: <5522E505.6070608@digitalbrains.com> On 06/04/15 18:04, Ben McGinnes wrote: > or enclose all GPG key UIDs in quotation marks in order to mitigate > that (a feature request for The Bat!). I think that would be quite an exploitable bug, passing UIDs to be parsed by a shell... I hope they already don't do that. Is a shell even involved I wonder? Peter. PS: Little Bobby Tables' baby brother has been born, ; rm -rf / ;. He already has an OpenPGP key! Please send him an encrypted birthday card with The Bat! ;P -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From mike at confidantmail.org Mon Apr 6 22:11:28 2015 From: mike at confidantmail.org (Mike Ingle) Date: Mon, 06 Apr 2015 13:11:28 -0700 Subject: GPG 1.4.19 homedir Command In-Reply-To: <7D23F54FC682AC47A4CDA79EF435336A25A0EE9C@HQITEXCH07.pclc0.merkle.local> References: <7D23F54FC682AC47A4CDA79EF435336A25A0EE9C@HQITEXCH07.pclc0.merkle.local> Message-ID: <5522E870.1080205@confidantmail.org> Both of these worked for me. F:\>"c:\Program Files (x86)\GNU\GnuPG\gpg.exe" --homedir "f:\abc def\gpg" --list-keys F:\>"c:\Program Files (x86)\GNU\GnuPG\gpg.exe" --homedir "\abc def\gpg" --list-keys Try dropping the initial double slash. On 4/6/2015 12:37 PM, Clark Rivard wrote: > > Hi > > I am running GPG 1.4.19 and using the --homedir command and enclosing > the home directory name in double-quotes to access a keyring folder > that has an embedded space. > > --homedir ?\\folder\Key Ring? > > I get errors from GPG stating > > gpg: keyblock resource ? //folder/Key\secring.gpg : file open error > > gpg: keyblock resource ? //folder/Key\pubring.gpg : file open error > > usage: gpg [options] [filename] > > Other commands like --output and --encrypt work just fine when > enclosing path in double-quotes. Am I doing something wrong or does > GPG --homedir not accept double-quotes and thus embedded spaces in > path name? > > Thanks. > > ------------------------------------------------------------------------ > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > From robert.deroy at mail.ru Thu Apr 2 16:14:12 2015 From: robert.deroy at mail.ru (=?UTF-8?B?Um9iZXJ0IERlcm95?=) Date: Thu, 02 Apr 2015 17:14:12 +0300 Subject: =?UTF-8?B?Z251cGcgcHJlZmVyZW5jZXM=?= Message-ID: <1427984052.808271583@f430.i.mail.ru> Good Morning, I send you this letter because maybe you can help me about somethings, i know that my english is not perfect at all.. Is it possible to remake an original gpgconf file ? I don't understand how i could use this commands : --default-preference-list string --list-config --gpgconf-list --gpgconf-test And how could i use this one ? : --personal-cipher-preferences string Is it possible to set preferences for the gnupg software globally ? Or maybe it is possible just for a key especially ? Preferences are recorded inside the keys ? Or in the gnupg software ? When we generate a new key, preferences of cipher algo or digest algo are impacting the new key ? I try to set a default user with those commands, but it works not : --default-key -u --local-user --default-recipient --default-recipient-self Is a gnupg portable for linux exist ? Or maybe i should use wine. A lot of question.. Thank you very much for your work, and your answer. Robert Deroy -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: public-key-Robert-Deroy.pgp Type: application/pgp-signature Size: 2211 bytes Desc: not available URL: From ben at adversary.org Mon Apr 6 22:56:48 2015 From: ben at adversary.org (Ben McGinnes) Date: Tue, 07 Apr 2015 06:56:48 +1000 Subject: Making the case for smart cards for the average user In-Reply-To: <5522E505.6070608@digitalbrains.com> References: <277590791.20150317005551@my_localhost> <87lhivpls4.fsf@alice.fifthhorseman.net> <5522AE79.2030208@adversary.org> <5522E505.6070608@digitalbrains.com> Message-ID: <5522F310.2020805@adversary.org> On 7/04/2015 5:56 am, Peter Lebbing wrote: > On 06/04/15 18:04, Ben McGinnes wrote: >> or enclose all GPG key UIDs in quotation marks in order to mitigate >> that (a feature request for The Bat!). > > I think that would be quite an exploitable bug, passing UIDs to be > parsed by a shell... I hope they already don't do that. Is a shell > even involved I wonder? Well, that's the thing, The Bat! is a Windows only MUA, so it never deals with a shell, but treating this as an issue with GPG potentially affects the rest of us on operating systems where that matters. > PS: Little Bobby Tables' baby brother has been born, ; rm -rf / ;. He > already has an OpenPGP key! Please send him an encrypted birthday card > with The Bat! ;P Heheh. :) Regards, Ben -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 630 bytes Desc: OpenPGP digital signature URL: From CRivard at merkleinc.com Mon Apr 6 23:08:47 2015 From: CRivard at merkleinc.com (Clark Rivard) Date: Mon, 6 Apr 2015 21:08:47 +0000 Subject: GPG 1.4.19 homedir Command In-Reply-To: <5522E870.1080205@confidantmail.org> References: <7D23F54FC682AC47A4CDA79EF435336A25A0EE9C@HQITEXCH07.pclc0.merkle.local> <5522E870.1080205@confidantmail.org> Message-ID: <7D23F54FC682AC47A4CDA79EF435336A25A0EF12@HQITEXCH07.pclc0.merkle.local> Mike This worked when I removed the trailing "\" from the --homedir directory I had been using this --homedir "\\folder\Key Ring\" This worked --homedir "\\folder\Key Ring" Thanks. -----Original Message----- From: Mike Ingle [mailto:mike at confidantmail.org] Sent: Monday, April 06, 2015 3:11 PM To: Clark Rivard Cc: gnupg-users Subject: Re: GPG 1.4.19 homedir Command Both of these worked for me. F:\>"c:\Program Files (x86)\GNU\GnuPG\gpg.exe" --homedir "f:\abc def\gpg" --list-keys F:\>"c:\Program Files (x86)\GNU\GnuPG\gpg.exe" --homedir "\abc def\gpg" --list-keys Try dropping the initial double slash. On 4/6/2015 12:37 PM, Clark Rivard wrote: > > Hi > > I am running GPG 1.4.19 and using the --homedir command and enclosing > the home directory name in double-quotes to access a keyring folder > that has an embedded space. > > --homedir "\\folder\Key Ring" > > I get errors from GPG stating > > gpg: keyblock resource ' //folder/Key\secring.gpg : file open error > > gpg: keyblock resource ' //folder/Key\pubring.gpg : file open error > > usage: gpg [options] [filename] > > Other commands like --output and --encrypt work just fine when > enclosing path in double-quotes. Am I doing something wrong or does > GPG --homedir not accept double-quotes and thus embedded spaces in > path name? > > Thanks. > > ---------------------------------------------------------------------- > -- > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > From ben at adversary.org Mon Apr 6 23:51:43 2015 From: ben at adversary.org (Ben McGinnes) Date: Tue, 07 Apr 2015 07:51:43 +1000 Subject: gnupg preferences In-Reply-To: <1427984052.808271583@f430.i.mail.ru> References: <1427984052.808271583@f430.i.mail.ru> Message-ID: <5522FFEF.9010503@adversary.org> On 3/04/2015 1:14 am, Robert Deroy wrote: > > Good Morning, > I send you this letter because maybe you can help me about somethings, > i know that my english is not perfect at all.. > > > Is it possible to remake an original gpgconf file ? There should be a sample gpg.conf file installed to a directory close to the installation directory. The file is called gpg-conf.skel and it is most likely to be in /usr/share/gnupg or /usr/local/share/gnupg. > I don't understand how i could use this commands : > > --default-preference-list string This one sets cipher, hash and compression preferences for a key at the time it is generated. > --list-config > --gpgconf-list > --gpgconf-test I haven't played with these so much, so I'll leave that for someone else to answer. > And how could i use this one ? : > --personal-cipher-preferences string It's related to the first one, but only affects the symmetric cipher used to encrypt files and messages. > Is it possible to set preferences for the gnupg software globally ? It is possible to set a default set of files to be added to a new user's home directory when created, but the recommended method varies by operating system and, in the case of Linux, by distribution. > Or maybe it is possible just for a key especially ? The preferences for any key can be modified by editing the key and updating the algorithms with the setpref command. I am not sure which GUI interfaces permit this, if any, but if that is limited then the most likely one that would allow it is GPA. > Preferences are recorded inside the keys ? Or in the gnupg software ? In the keys, so that GPG can determine which algortithms a recipient can use, though GPG itself needs to have those algorithms included with its installation. For example, the cipher preferences on your key are: Cipher: AES256, AES192, AES, CAST5, 3DES, IDEA On mine they're: Cipher: TWOFISH, CAMELLIA256, AES256, CAMELLIA192, AES192, CAMELLIA128, AES, CAST5, BLOWFISH, IDEA, 3DES If I were to send you an encrypted message, though, GPG would use your preferred cipher, AES256, because that's the first shared preference. > When we generate a new key, preferences of cipher algo or digest > algo are impacting the new key ? Yes, but it can be changed. > I try to set a default user with those commands, but it works not : > --default-key This one is usually best set in a gpg.conf file, often with the --encrypt-to option (to always encrypt messages to your own key). > -u > --local-user These two are interchangable and used to override the default-key for either signing or decryption purposes. > --default-recipient > --default-recipient-self These are alternative methods of always encrypting to a specific key, but are intended for when that key is not the default-key or when the default-key or encrypt-to options are not set. > Is a gnupg portable for linux exist ? There is a GPG4USB project which provides versions for Windows and Linux, but Linux users are much better off using the version which comes with their distribution. > Or maybe i should use wine. No, that adds an additional layer which could very easily be exploited to compromise your information. Regards, Ben -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 630 bytes Desc: OpenPGP digital signature URL: From 2014-667rhzu3dc-lists-groups at riseup.net Tue Apr 7 02:46:05 2015 From: 2014-667rhzu3dc-lists-groups at riseup.net (MFPA) Date: Tue, 7 Apr 2015 01:46:05 +0100 Subject: Making the case for smart cards for the average user In-Reply-To: <5522AE79.2030208@adversary.org> References: <277590791.20150317005551@my_localhost> <87lhivpls4.fsf@alice.fifthhorseman.net> <5522AE79.2030208@adversary.org> Message-ID: <198654088.20150407014605@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi On Monday 6 April 2015 at 5:04:09 PM, in , Ben McGinnes wrote: > Great plan ... how does the shell know that the angle > brackets are a part of the GPG UID format? I was referring to the way the email address is passed by an MUA to GnuPG to search for a key, which I don't imagine involves a shell. Specifically, I asked the OP to reconsider his decision not to include angle brackets around the email address in his "email address only" simplified UID format. He reconsidered and added the angle brackets. DKG has raised a broader issue: keys exist with a UID containing an email address not surrounded by the conventional angle brackets, which causes searching for an exact match on the email address in the way the GnuPG man-page prescribes (by enclosing that email address in angle brackets) to fail. He has simply proposed that the absence of angle brackets in the UID should not cause the email address match to fail. I see that as entirely reasonable. > If I run these commands currently: > gpg -k foo at example.org > gpg -k > gpg -k "foo at example.org" > gpg -k "" > The first, third and fourth all work, but the second > complains, as it rightly should, because bash uses < > and > for other purposes, specifically manipulating > STDIN and STDOUT. Fair enough. But they are not all equivalent. The string being searched for by numbers one and three does not contain opening and closing angle brackets, whereas the string number four is trying to match does include them. And as you say, the second is not valid because < and > are special characters; presumably they should be escaped with a backslash, or the whole string enclosed in quotes as in number four. > So I think you might find it to be > something that can't be fixed within GPG. I think DKG's suggestion will fix it within GPG. - -- Best regards MFPA Puns are bad but poetry is verse. -----BEGIN PGP SIGNATURE----- iQF8BAEBCgBmBQJVIyjaXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2 QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXw52IH/2B73erhCW5PJaXEbFVaiPtm cdAHg4PnwV5U9CVuaPtYgxUYynsV9dhBB9zVBClx2hl8Wpv1nj9llYJPPpeSTFoA b1MnIejNZTjLBrqY0UxYNdXrxeRV8UbG0/ZxCJp1gm1JJzbvbbzFWu6FDgLITi/f wnKWdIEYaV5EkS3M6E6pihtlUbuYvDX1/A86o304W2FZwP4jl18vgP3gYi8syscF 0GIBDdQCNBQTkwU1IBa0xvFf5FwRq4VwmPFDmyBZMQX7+TtWyt6R4XHP/D80Jv5V o9mdrvTjS/Br2fSgp2O6AHlJTkO4GHKNunAlb9bT1JtBFoJo+JAT5G4I9IdvJVWI vgQBFgoAZgUCVSMo4F8UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45Be5AQDng+dfUI0FnZbF1qvimqyPkHJP ZzlS61ubERqgR5LMbQEAcwWGlYEWqu8SvZhAGQK+zS8U4vwuCpKsibZ1qd7CKQg= =UF/3 -----END PGP SIGNATURE----- From ben at adversary.org Tue Apr 7 05:34:05 2015 From: ben at adversary.org (Ben McGinnes) Date: Tue, 07 Apr 2015 13:34:05 +1000 Subject: Making the case for smart cards for the average user In-Reply-To: <198654088.20150407014605@my_localhost> References: <277590791.20150317005551@my_localhost> <87lhivpls4.fsf@alice.fifthhorseman.net> <5522AE79.2030208@adversary.org> <198654088.20150407014605@my_localhost> Message-ID: <5523502D.1060107@adversary.org> On 7/04/2015 10:46 am, MFPA wrote: > > DKG has raised a broader issue: keys exist with a UID containing an > email address not surrounded by the conventional angle brackets, > which causes searching for an exact match on the email address in > the way the GnuPG man-page prescribes (by enclosing that email > address in angle brackets) to fail. He has simply proposed that the > absence of angle brackets in the UID should not cause the email > address match to fail. I see that as entirely reasonable. The function and operation you're after is reasonable, no arguments there, my question is whether this is something which is actually a fault with GPG or if it's your MUA. I strongly suspect the latter and here's why: Using one of the more unique UIDs on my key (the 4th one) if I enter that in the Enigmail Key Management window it returns my current key. The same behaviour is seen with angle brackets at each end. This behaviour is replicated on the command line (bash) by including both variants inside quotation marks, effectively telling bash to treat them as part of a string. It's only when that's not done that a failure is produced. *NOTE*: the 2nd and 3rd UIDs have been removed to make it clearer. Obviously you all know how to see those addresses. bash4-4.3$ gpg -k "ben.mcginnes at pirate.org.au" pub rsa4096/0x321E4E2373590E5D 2012-07-28 uid [ultimate] Ben McGinnes uid [ultimate] Ben McGinnes sub rsa3072/0x7FF2D37135C7553C 2012-07-28 sub elg4096/0xC98BAA1862E4484D 2012-07-28 bash4-4.3$ gpg -k "" pub rsa4096/0x321E4E2373590E5D 2012-07-28 uid [ultimate] Ben McGinnes uid [ultimate] Ben McGinnes sub rsa3072/0x7FF2D37135C7553C 2012-07-28 sub elg4096/0xC98BAA1862E4484D 2012-07-28 bash4-4.3$ gpg -k ben.mcginnes at pirate.org.au pub rsa4096/0x321E4E2373590E5D 2012-07-28 uid [ultimate] Ben McGinnes uid [ultimate] Ben McGinnes sub rsa3072/0x7FF2D37135C7553C 2012-07-28 sub elg4096/0xC98BAA1862E4484D 2012-07-28 bash4-4.3$ gpg -k bash4: syntax error near unexpected token `newline' bash4-4.3$ An alternative character escape method drives this home: bash4-4.3$ gpg -k \ bash4: syntax error near unexpected token `newline' bash4-4.3$ gpg -k bash4: ben.mcginnes at pirate.org.au>: No such file or directory bash4-4.3$ gpg -k \ pub rsa4096/0x321E4E2373590E5D 2012-07-28 uid [ultimate] Ben McGinnes uid [ultimate] Ben McGinnes sub rsa3072/0x7FF2D37135C7553C 2012-07-28 sub elg4096/0xC98BAA1862E4484D 2012-07-28 bash4-4.3$ Furthermore, if I put another string after the line that produced that second error message I'll end up with a text file with that name containing the gpg output with no output to the screen. I'm reasonably sure that if you do the same thing in a DOS terminal you'll get similar or possibly identical results. If so, then chances are pretty good that The Bat! is doing it wrong. > Fair enough. But they are not all equivalent. The string being > searched for by numbers one and three does not contain opening and > closing angle brackets, whereas the string number four is trying to > match does include them. Yes, that's the point, they're the 4 most likely ways a mail client might send a UID to GPG to look for a key, that was intentional. > And as you say, the second is not valid because < and > are special > characters; presumably they should be escaped with a backslash, or the > whole string enclosed in quotes as in number four. Right, so for the MUA to match them as a string they do indeed need to be escaped and it is precisely that behaviour which The Bat! needs to implement for it to just work. The way we know this is by seeing the way Windows represents directory paths with spaces in them; that being to enclose the string in quotation marks. >> So I think you might find it to be something that can't be fixed >> within GPG. > > I think DKG's suggestion will fix it within GPG. I'm happy to be proven wrong on that score, but since The Bat! is the only client this happens with, even on Windows, I'm still fairly confident that it's the cause. Regards, Ben -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 630 bytes Desc: OpenPGP digital signature URL: From gnupgpacker at on.yourweb.de Tue Apr 7 11:27:25 2015 From: gnupgpacker at on.yourweb.de (gnupgpacker) Date: Tue, 7 Apr 2015 11:27:25 +0200 Subject: Global changing of expiration date of mainkey and subkeys possible? Message-ID: <000301d07115$0f85e730$2e91b590$@on.yourweb.de> Hello, is there any way to change the expiration date of mainkey AND ALL attached subkeys by one action only (and not key-by-key)? Source: pub 4096R/00000000 erzeugt: 2014-12-09 verf?llt: 2015-10-04 Aufruf: C Vertrauen: unbekannt G?ltigkeit: unbekannt sub 4096R/F0E6644F erzeugt: 2014-12-09 verf?llt: 2015-07-06 Aufruf: A sub 2048D/4A692C49 erzeugt: 2014-12-09 verf?llt: 2015-06-07 Aufruf: S sub 4096R/CFC3C286 erzeugt: 2014-12-09 verf?llt: 2015-06-07 Aufruf: E sub 4096R/D64D3126 erzeugt: 2014-12-09 verf?llt: 2015-06-07 Aufruf: S [ unbek.] (1). gnupgpacker (testkey) Target: pub 4096R/00000000 erzeugt: 2014-12-09 verf?llt: 2016-11-11 Aufruf: C Vertrauen: unbekannt G?ltigkeit: unbekannt sub 4096R/F0E6644F erzeugt: 2014-12-09 verf?llt: 2016-11-11 Aufruf: A sub 2048D/4A692C49 erzeugt: 2014-12-09 verf?llt: 2016-11-11 Aufruf: S sub 4096R/CFC3C286 erzeugt: 2014-12-09 verf?llt: 2016-11-11 Aufruf: E sub 4096R/D64D3126 erzeugt: 2014-12-09 verf?llt: 2016-11-11 Aufruf: S [ unbek.] (1). gnupgpacker (testkey) Thanks + regards, Chris From peter at digitalbrains.com Tue Apr 7 11:57:21 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Tue, 07 Apr 2015 11:57:21 +0200 Subject: Making the case for smart cards for the average user In-Reply-To: <5523502D.1060107@adversary.org> References: <277590791.20150317005551@my_localhost> <87lhivpls4.fsf@alice.fifthhorseman.net> <5522AE79.2030208@adversary.org> <198654088.20150407014605@my_localhost> <5523502D.1060107@adversary.org> Message-ID: <5523AA01.3000406@digitalbrains.com> The type of UID that proves problematic when you include the angle brackets in your search is this: $ gpg2 -k ceo at example.org pub 2048R/17C05EBD 2014-08-13 [expires: 2015-04-14] uid [ unknown] ceo at example.org $ gpg2 -k "" gpg: error reading key: No public key It's about an UID without angle brackets! Hence, when you search for it including the angle brackets, you don't find it. Your examples all are with an UID that actually does include the angle brackets. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From 2014-667rhzu3dc-lists-groups at riseup.net Tue Apr 7 14:39:57 2015 From: 2014-667rhzu3dc-lists-groups at riseup.net (MFPA) Date: Tue, 7 Apr 2015 13:39:57 +0100 Subject: Making the case for smart cards for the average user In-Reply-To: <5523502D.1060107@adversary.org> References: <277590791.20150317005551@my_localhost> <87lhivpls4.fsf@alice.fifthhorseman.net> <5522AE79.2030208@adversary.org> <198654088.20150407014605@my_localhost> <5523502D.1060107@adversary.org> Message-ID: <79905531.20150407133957@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi On Tuesday 7 April 2015 at 4:34:05 AM, in , Ben McGinnes wrote: > The function and operation you're after is reasonable, > no arguments there, my question is whether this is > something which is actually a fault with GPG or if it's > your MUA. I don't believe it to be a fault with either. > I strongly suspect the latter and here's > why: > Using one of the more unique UIDs on my key (the 4th > one) if I enter that in the Enigmail Key Management > window it returns my current key. We are talking at cross-purposes. When I look at that UID:- Ben McGinnes I see angle brackets around the email address, in the usual way. I was talking about what happens when the angle brackets are not there. If I generate a key with the UID of:- Test20150407 user at example.com and try to encrypt an email to user at example.com it fails. If I add the UID:- Test20150407 and try again, it just works. > bash4-4.3$ gpg -k > bash4: syntax error near unexpected token `newline' > bash4-4.3$ > > An alternative character escape method drives this home: > > bash4-4.3$ gpg -k \ > bash4: syntax error near unexpected token `newline' > bash4-4.3$ gpg -k > bash4: ben.mcginnes at pirate.org.au>: No such file or directory > bash4-4.3$ gpg -k \ > pub rsa4096/0x321E4E2373590E5D 2012-07-28 > uid [ultimate] Ben McGinnes > uid [ultimate] Ben McGinnes > sub rsa3072/0x7FF2D37135C7553C 2012-07-28 > sub elg4096/0xC98BAA1862E4484D 2012-07-28 > Furthermore, if I put another string after the line > that produced that second error message I'll end up > with a text file with that name containing the gpg > output with no output to the screen. I'm reasonably > sure that if you do the same thing in a DOS terminal > you'll get similar or possibly identical results. Out of interest, yes:- C:\TDM-GCC-32>gpg -k The syntax of the command is incorrect. C:\TDM-GCC-32> C:\TDM-GCC-32>gpg -k ^ gpg: using character set 'utf-8' gpg: using PGP trust model gpg: key 0xxxxxxxxxxxxxxxxx: accepted as trusted key Keyring: C:/[...]/pubring.kbx - -------------------------------------------------------------------------------- - --- pub rsa4096/0x321E4E2373590E5D 2012-07-28 Key fingerprint = DB47 24E6 FA42 86C9 2B4E 55C4 321E 4E23 7359 0E5D uid [ full ] Ben McGinnes uid [ full ] Ben McGinnes (backup email address) uid [ full ] Ben McGinnes uid [ full ] Ben McGinnes sub rsa3072/0x7FF2D37135C7553C 2012-07-28 sub elg4096/0xC98BAA1862E4484D 2012-07-28 C:\TDM-GCC-32>gpg -k ^ The syntax of the command is incorrect. C:\TDM-GCC-32>gpg -k The filename, directory name, or volume label syntax is incorrect. C:\TDM-GCC-32> > If > so, then chances are pretty good that The Bat! is doing > it wrong. I disagree. That is me doing it on the command line. What The Bat! does works, except in the event the email address is stated without the usual angle brackets in the key's UID (or, if the email address is the name on a group line, it appears there without angle brackets). > Yes, that's the point, they're the 4 most likely ways a > mail client might send a UID to GPG to look for a key, > that was intentional. Quotation marks aside, gpg.man says to include the angle brackets to specify a key by an exact match on an email address. But that just seems to be an example of substring match, where you pass the substring, optionally prepended with an asterisk. And, of course, if the first and last characters of the substring passed for matching are not present in the key's UID there is no match. > Right, so for the MUA to match them as a string they do > indeed need to be escaped and it is precisely that > behaviour which The Bat! needs to implement for it to > just work. The issue you refer to with The Bat! is not a difficulty in passing the angle brackets as part of the string to match; that bit works. As evidenced by my need to begin my PGPNET group line with:- group = rather than:- group pgpnet at yahoogroups.com= the issue is an inability to match with something that is not there. Which is not a fault in GnuPG nor in the MUA. - -- Best regards MFPA All generalisations are dangerous, even this one. -----BEGIN PGP SIGNATURE----- iQF8BAEBCgBmBQJVI9A7XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2 QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwt60H/iQj+J9ffLPPOXP/4Msu7tFb mLc2WaatdQ0j7QG9GAkF1BPSY2yf1q/PkvgTfo7NwJV91OM1b3Ap00KftbfE3gJO 5m2HRfVcIyWH71Tz9T7/b4jc688HK7RqdmFKYB6B3Yaf7sK7Lq4vE+ERLETXOeqG /KjP0wHr/1EDCZ4O82rWiRonxJGmQtO620t27iuLtE5A7EZ8AmDtL4iaaEun+p/X rTgKzemVeNo0IQxpkPS6Jh7Vk1jHP34/o8ZIPL2FB+0gNOGLbS7MkaHp2au/wLsk lC8Qopp3Z4hfHahdZLpnd0Gqa+h/c9tZsL6D5Rn5EnkNdRCb774mPET0JVR3aBqI vgQBFgoAZgUCVSPQRV8UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45E1RAQByUOZfxKuMWOd3jkGn6UZzRmvP TfvWGxBi08vBJlMMiQEAkS/BINLexVvOJCgwpALUnYDpviY+TxpiDV2cVWB/+gE= =EpmT -----END PGP SIGNATURE----- From ben at adversary.org Tue Apr 7 14:56:01 2015 From: ben at adversary.org (Ben McGinnes) Date: Tue, 07 Apr 2015 22:56:01 +1000 Subject: Making the case for smart cards for the average user In-Reply-To: <5523AA01.3000406@digitalbrains.com> References: <277590791.20150317005551@my_localhost> <87lhivpls4.fsf@alice.fifthhorseman.net> <5522AE79.2030208@adversary.org> <198654088.20150407014605@my_localhost> <5523502D.1060107@adversary.org> <5523AA01.3000406@digitalbrains.com> Message-ID: <5523D3E1.1000808@adversary.org> On 7/04/2015 7:57 pm, Peter Lebbing wrote: > The type of UID that proves problematic when you include the angle > brackets in your search is this: > > $ gpg2 -k ceo at example.org > pub 2048R/17C05EBD 2014-08-13 [expires: 2015-04-14] > uid [ unknown] ceo at example.org > > $ gpg2 -k "" > gpg: error reading key: No public key > > It's about an UID without angle brackets! Hence, when you search for it > including the angle brackets, you don't find it. Your examples all are > with an UID that actually does include the angle brackets. Let me see if I've got this right ... the issue is one which can only occur when the key owner has deliberately overridden the defaults by using the "allow-freeform-uid" option, allowing them to drop the standard format of "name " and then they're shocked that doing so might produce unintended consequences? Perhaps I'm being unreasonable, but surely if you go out of your way to make sure that a particular pattern does *not* appear in your UID then it is intended that searching on that pattern should not match your UID. Now granted, that intention may have been poorly considered by said key owner, but I'd hardly call it a bug in GPG for not anticipating that. After all, all it is doing is matching the pattern specified by the owner of the key. Regards, Ben -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 630 bytes Desc: OpenPGP digital signature URL: From ben at adversary.org Tue Apr 7 15:10:34 2015 From: ben at adversary.org (Ben McGinnes) Date: Tue, 07 Apr 2015 23:10:34 +1000 Subject: Making the case for smart cards for the average user In-Reply-To: <79905531.20150407133957@my_localhost> References: <277590791.20150317005551@my_localhost> <87lhivpls4.fsf@alice.fifthhorseman.net> <5522AE79.2030208@adversary.org> <198654088.20150407014605@my_localhost> <5523502D.1060107@adversary.org> <79905531.20150407133957@my_localhost> Message-ID: <5523D74A.4010602@adversary.org> On 7/04/2015 10:39 pm, MFPA wrote: > > We are talking at cross-purposes. > > When I look at that UID:- > > Ben McGinnes > > I see angle brackets around the email address, in the usual way. > > I was talking about what happens when the angle brackets are not > there. > > If I generate a key with the UID of:- > > Test20150407 user at example.com > > and try to encrypt an email to user at example.com it fails. > > If I add the UID:- > > Test20150407 > > and try again, it just works. Ah. Alright, fair enough, *that* is a bug. The previous descriptions made it sound like a key with the first of those test UIDs wouldn't show up when searching for "" to which my response was, well yeah. The basis of my concern there being that partial matches on email would have even more unintended consequences when gTLDs matched ccTLDs and the inevitable can of worms that leads to (and certainly has in the past in a more general sense). Regards, Ben -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 630 bytes Desc: OpenPGP digital signature URL: From masterkorp at masterkorp.net Tue Apr 7 15:14:09 2015 From: masterkorp at masterkorp.net (Alfredo Palhares) Date: Tue, 07 Apr 2015 14:14:09 +0100 Subject: Splitting a GPG private key Message-ID: <1428412418-sup-1127@vegeta> Hello Daniel, > Do you want to require multiple people to come together to use that > secret key? or do you want them each to have the ability to use the key > independently from each other? The objective is require multiple people to use that secret key. Yes > The answer about what to do would depend on how you want the key to be > used. Basically this key would a part of the encryption group of all the other credentails. And to be the only key to encrypt extremely sensitive data > It's not clear to me that we have a functional workflow to support the > first scenario (where multiple people must come together to use the > secret key) without a lot of overhead for the users. > My understanding is that the Tails community does something like this, > but they are a highly-technical group who are willing to custom-build > their own tools and to endure quite a bit of tedious and inconvenient > process to protect the safety of their users. Do they have this documented somewhere. > Consider that anyone who ever has access to the raw secret material of > the shared key can effectively make a copy of it and then use it > elsewhere in the future. Yes, the key joining is a whole proccess on an offline machine with the presence of all elements. > If you can define your desired use cases more clearly, maybe someone on > this list can propose an effective workflow for you. I am open to any suggestions. Thank you for you input! -- Alfredo Palhares GPG/PGP Key Fingerprint 68FC B06A 6C22 8B9B F110 38D6 E8F7 4D1F 0763 CAAD -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: not available URL: From dkg at fifthhorseman.net Tue Apr 7 15:14:55 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Tue, 07 Apr 2015 09:14:55 -0400 Subject: Making the case for smart cards for the average user In-Reply-To: <79905531.20150407133957@my_localhost> References: <277590791.20150317005551@my_localhost> <87lhivpls4.fsf@alice.fifthhorseman.net> <5522AE79.2030208@adversary.org> <198654088.20150407014605@my_localhost> <5523502D.1060107@adversary.org> <79905531.20150407133957@my_localhost> Message-ID: <87y4m43ws0.fsf@alice.fifthhorseman.net> On Tue 2015-04-07 08:39:57 -0400, MFPA wrote: > I was talking about what happens when the angle brackets are not > there. > > If I generate a key with the UID of:- > > Test20150407 user at example.com > > and try to encrypt an email to user at example.com it fails. The above is neither an RFC 5322 addr-spec nor an RFC 5322 name-addr. That is, it would not be considered acceptable in the To: line of an e-mail header: https://tools.ietf.org/html/rfc5322#section-3.4 We could invent arbitrary ways to structure a User ID that includes an e-mail address, but writing code to extract the e-mail address from these things seems like a lot of heuristics at best, and there are all kinds of ways that it could fail. We know how to structure a proper name-addr and an addr-spec, and it's not difficult. If you want an e-mail address to be recognizable to automated tools, you should structure it in a recognizable way. The above UID is simply a mistake, and i don't think GnuPG should try to accomodate it. --dkg From peter at digitalbrains.com Tue Apr 7 15:30:40 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Tue, 07 Apr 2015 15:30:40 +0200 Subject: Making the case for smart cards for the average user In-Reply-To: <5523D3E1.1000808@adversary.org> References: <277590791.20150317005551@my_localhost> <87lhivpls4.fsf@alice.fifthhorseman.net> <5522AE79.2030208@adversary.org> <198654088.20150407014605@my_localhost> <5523502D.1060107@adversary.org> <5523AA01.3000406@digitalbrains.com> <5523D3E1.1000808@adversary.org> Message-ID: <5523DC00.7040101@digitalbrains.com> On 07/04/15 14:56, Ben McGinnes wrote: > Let me see if I've got this right ... the issue is one which can > only occur when the key owner has deliberately overridden the > defaults by using the "allow-freeform-uid" option GnuPG implements the OpenPGP standard. What hoops the users need to jump through to get a certain behaviour with GnuPG might not be there in other OpenPGP compliant programs. The OpenPGP standard merely says: > By convention, it includes an RFC 2822 [RFC2822] mail name-addr, but > there are no restrictions on its content. That said, I understand your position. However, the patch to match on bare e-mail addresses as UID even when searching with the angle brackets already went in GnuPG 2.1 [1]. HTH, Peter. [1] https://bugs.g10code.com/gnupg/issue1927 -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From 2014-667rhzu3dc-lists-groups at riseup.net Tue Apr 7 15:49:49 2015 From: 2014-667rhzu3dc-lists-groups at riseup.net (MFPA) Date: Tue, 7 Apr 2015 14:49:49 +0100 Subject: Splitting a GPG private key In-Reply-To: <1428412418-sup-1127@vegeta> References: <1428412418-sup-1127@vegeta> Message-ID: <1397603758.20150407144949@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi On Tuesday 7 April 2015 at 2:14:09 PM, in , Alfredo Palhares wrote: > I am open to any suggestions. Maybe somebody more knowledgeable than me can comment on whether "Shamir's Secret Sharing Scheme" [0] might be something relevant to mention here. I know nothing about it; I previously read the page I an linking to after seeing it mentioned on a discussion group. [0] . - -- Best regards MFPA Lotto: A tax on people who are bad at statistics! -----BEGIN PGP SIGNATURE----- iQF8BAEBCgBmBQJVI+CNXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2 QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwxNQIAIbEvEi5dff72n4qp0v1UrjM dY09bJEidSGoe6XNPalvwkEAAvWvdMLE1MlW9oXQ/NmoiFgKQul0pPcRaEiGj8ht fxdE9EkBvIlatOrXtul45gJtw++teI0sDrRDm9+NdVQLVOVWodJ4yKL+DdirVnWM 8pRgFvjodTJHaK40BSxl9kIH/yzv/t4/MbLnB9lFJWf9haMqoXqUoi0/G6E11Nnl FxRNqZ7GJpl5zvh1Wggf1ZFdt5HXvomVgfq1Y+HvIUtjP4AFdZoT3hyHKzHzVhp3 OzXeA5v7FG/6od2Y3YOMKf2FGlFoyDyC4Ksx2hwHoDlgMkWy762hlTCjk1Mp3MuI vgQBFgoAZgUCVSPgmF8UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45HdVAQDcBKiQEzGVA6CnUpgCCKYp3wwQ bQ5HNKGOFQXkqL7kZwEAo5mwAJf7aJfXFpMqH+ujC/NOYKsAJWlH4nbyxcVGqAE= =m5Ws -----END PGP SIGNATURE----- From dkg at fifthhorseman.net Tue Apr 7 15:58:19 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Tue, 07 Apr 2015 09:58:19 -0400 Subject: Splitting a GPG private key In-Reply-To: <1428412418-sup-1127@vegeta> References: <1428412418-sup-1127@vegeta> Message-ID: <87lhi43uro.fsf@alice.fifthhorseman.net> On Tue 2015-04-07 09:14:09 -0400, Alfredo Palhares wrote: > [dkg wrote:] >> Do you want to require multiple people to come together to use that >> secret key? or do you want them each to have the ability to use the key >> independently from each other? > > The objective is require multiple people to use that secret key. Yes This is still ambiguous to me. I described two distinct cases, and i'm not sure which one you are agreeing to. From the rest of your message, i think you're agreeing to the first question, but not the second. >> The answer about what to do would depend on how you want the key to be >> used. > > Basically this key would a part of the encryption group of all the other > credentails. And to be the only key to encrypt extremely sensitive data I don't know what "the encryption group" means. can you explain further? I think you might mean that everything encrypted to any key will also be encrypted to this key; and that some especially sensitive material will *only* be encrypted to this key. >> My understanding is that the Tails community does something like this, >> but they are a highly-technical group who are willing to custom-build >> their own tools and to endure quite a bit of tedious and inconvenient >> process to protect the safety of their users. > > Do they have this documented somewhere. https://tails.boum.org/news/signing_key_transition/index.en.html#index2h1 says: * Is not owned in a usable format by any single individual. It is split cryptographically using gfshare. gfshare is: http://www.digital-scurf.org/software/libgfshare If you have more questions about how they this, you may wish to ask them to the tails folks themselves: https://tails.boum.org/support/index.en.html I find that their mailing lists and IRC channel (see "Support List" and "Chat" at the bottom of the page) are usually pretty helpful and responsive to well-framed questions. hth, --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 948 bytes Desc: not available URL: From 2014-667rhzu3dc-lists-groups at riseup.net Tue Apr 7 16:04:30 2015 From: 2014-667rhzu3dc-lists-groups at riseup.net (MFPA) Date: Tue, 7 Apr 2015 15:04:30 +0100 Subject: Making the case for smart cards for the average user In-Reply-To: <87y4m43ws0.fsf@alice.fifthhorseman.net> References: <277590791.20150317005551@my_localhost> <87lhivpls4.fsf@alice.fifthhorseman.net> <5522AE79.2030208@adversary.org> <198654088.20150407014605@my_localhost> <5523502D.1060107@adversary.org> <79905531.20150407133957@my_localhost> <87y4m43ws0.fsf@alice.fifthhorseman.net> Message-ID: <1234086321.20150407150430@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi On Tuesday 7 April 2015 at 2:14:55 PM, in , Daniel Kahn Gillmor wrote: > On Tue 2015-04-07 08:39:57 -0400, MFPA wrote: >> I was talking about what happens when the angle brackets are not >> there. >> If I generate a key with the UID of:- >> Test20150407 user at example.com >> and try to encrypt an email to user at example.com it >> fails. > The above is neither an RFC 5322 addr-spec nor an RFC > 5322 name-addr. That is, it would not be considered > acceptable in the To: line of an e-mail header: > https://tools.ietf.org/html/rfc5322#section-3.4 > We could invent arbitrary ways to structure a User ID > that includes an e-mail address, but writing code to > extract the e-mail address from these things seems like > a lot of heuristics at best, and there are all kinds of > ways that it could fail. > We know how to structure a proper name-addr and an > addr-spec, and it's not difficult. If you want an > e-mail address to be recognizable to automated tools, > you should structure it in a recognizable way. > The above UID is simply a mistake, and i don't think > GnuPG should try to accomodate it. Fair enough. That we should try to accommodate:- user at example.com but not:- Test20150407 user at example.com actually makes sense to me. I structured my example UID incorrectly. - -- Best regards MFPA Dogs look up to us. Cats look down on us. Pigs treat us as equals. -----BEGIN PGP SIGNATURE----- iQF8BAEBCgBmBQJVI+PuXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2 QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwSTwH/3RWs2TwjupTuuGt0yZKpAFG MrHLVxNhTLIebfSH8YhsEmYuTNoJD80UG3v7nq/aHUuXtFDaHNjXhCmqDK3zFWSG s//8lFY1rQdSGi1gIY/jFA+kB7avaumHxDb0xOZAKZLqcnauX12ZPSuohb/ryFfY Lkh72WvTKGqG0WW7tvUAlINmQ5aWXcmM03lJ/zYfzpTRLmir3d2qCKIzeImSNhOv 2T1hCbdKtINngMGOoHeNNPI9hnpPiDbUiZ2RDgzYEuQXwDlwokb39pcmEDrTxUhL S3YM/HU8unXcseKrFqDvaXYj048mY7iwg/qn+BkfHSV8yAjtlAFWKgM95VnNaRmI vgQBFgoAZgUCVSPj+V8UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45O8zAQDpcM6LBGVMDhuuhyU8Pvwfaxkj /zqLFiGGhOTGxN6ZogEApRBwR6JzQiWO2XLaWiSPp39eB+hNNqPZ0G/6T1P5xw0= =IHCo -----END PGP SIGNATURE----- From boleslaw.tokarski at gmail.com Tue Apr 7 16:34:47 2015 From: boleslaw.tokarski at gmail.com (=?UTF-8?Q?Boles=C5=82aw_Tokarski?=) Date: Tue, 7 Apr 2015 16:34:47 +0200 Subject: SSH CA and OpenPGP card In-Reply-To: References: <5518A42A.2000906@fsij.org> Message-ID: Hello, FYI: I managed to solve my issue by using pure opensc-pkcs11. OpenPGP cards seem to be supported by opensc. At least, I managed to sign an SSH public key of a server with the key on the card. Best regards, Boles?aw Tokarski -------------- next part -------------- An HTML attachment was scrubbed... URL: From 2014-667rhzu3dc-lists-groups at riseup.net Tue Apr 7 16:41:11 2015 From: 2014-667rhzu3dc-lists-groups at riseup.net (MFPA) Date: Tue, 7 Apr 2015 15:41:11 +0100 Subject: Making the case for smart cards for the average user In-Reply-To: <5523D3E1.1000808@adversary.org> References: <277590791.20150317005551@my_localhost> <87lhivpls4.fsf@alice.fifthhorseman.net> <5522AE79.2030208@adversary.org> <198654088.20150407014605@my_localhost> <5523502D.1060107@adversary.org> <5523AA01.3000406@digitalbrains.com> <5523D3E1.1000808@adversary.org> Message-ID: <1556009343.20150407154111@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi On Tuesday 7 April 2015 at 1:56:01 PM, in , Ben McGinnes wrote: > Let me see if I've got this right ... the issue is one > which can only occur when the key owner has > deliberately overridden the defaults by using the > "allow-freeform-uid" option, Or, indeed, using batch mode. > allowing them to drop the > standard format of "name " and then > they're shocked that doing so might produce unintended > consequences? Don't know about "shocked", but unintended consequences for a non-standard UID scheme was indeed the issue. The OP started this thread with a plug for his version of the GnuPG smart card. Part of his scheme was to generate keys with a simplified UID format that contained just an email address. > Perhaps I'm being unreasonable, but surely if you go > out of your way to make sure that a particular pattern > does *not* appear in your UID then it is intended that > searching on that pattern should not match your UID. > Now granted, that intention may have been poorly > considered by said key owner, I pointed out that at least one MUA sends the email address enclosed in angle brackets as the search string for GnuPG to locate the key. No angle brackets around the email address means no key found. The OP reconsidered his scheme and added the angle brackets. Issue resolved. > but I'd hardly call it a > bug in GPG for not anticipating that. After all, all > it is doing is matching the pattern specified by the > owner of the key. Nor would I. But if somebody creates a key UID with just a bare email address, is it sensible to accept that email address as a match when selecting keys? - -- Best regards MFPA Consistency is the last refuge of the unimaginative -----BEGIN PGP SIGNATURE----- iQF8BAEBCgBmBQJVI+yTXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2 QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXw2HsIAK3/8H1iBC8dLPmusB4lAhSk gRnuqa3f5ZS0BjQ7M5oI1gSirkx9vahIU8SEk2a215kUbr2FL2fw2cwFscVy3Fc1 WiOq4iUqyfrrKhHpnGH+M8mmXpuFwN9MNuL93qnXYwYjTX5ZrcTZ6vSE9EKsX4wh 6pdG0I8DSdngCL+Ss6fVLA2PiEjPeYy0nRXxh7aHT22nuG2pxkgtORMOTz3/PMb8 N0V5HnUP2qt9FGi9cwWBczhpwuWiiYx3DchY7wReMs4MGUCGQwJQoceSfrn4ChvR 7Rtsj4EmieBiVkqBorboc4rcEMEzKyHM6aiqOOs9LHeR4BgzH/hnMsgen57RAaWI vgQBFgoAZgUCVSPsm18UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45BSiAQCBKxOgzME70e56LpzZpaPMFdva dZbfxeT0u86Szpu7fQEAZ7Ruw4P4l6UEiXGGO8gWpPS5JfMIqg4CrlNkuHrLOAk= =AMFq -----END PGP SIGNATURE----- From ben at adversary.org Tue Apr 7 17:07:18 2015 From: ben at adversary.org (Ben McGinnes) Date: Wed, 08 Apr 2015 01:07:18 +1000 Subject: Making the case for smart cards for the average user In-Reply-To: <1556009343.20150407154111@my_localhost> References: <277590791.20150317005551@my_localhost> <87lhivpls4.fsf@alice.fifthhorseman.net> <5522AE79.2030208@adversary.org> <198654088.20150407014605@my_localhost> <5523502D.1060107@adversary.org> <5523AA01.3000406@digitalbrains.com> <5523D3E1.1000808@adversary.org> <1556009343.20150407154111@my_localhost> Message-ID: <5523F2A6.80205@adversary.org> On 8/04/2015 12:41 am, MFPA wrote: > >> allowing them to drop the standard format of "name >> " and then they're shocked that doing so might >> produce unintended consequences? > > Don't know about "shocked", but unintended consequences for a > non-standard UID scheme was indeed the issue. > > The OP started this thread with a plug for his version of the GnuPG > smart card. Part of his scheme was to generate keys with a simplified > UID format that contained just an email address. Said OP needs to spend about a year running an SMTP server before making a design decision like that, but anyway. >> Perhaps I'm being unreasonable, but surely if you go out of your >> way to make sure that a particular pattern does *not* appear in >> your UID then it is intended that searching on that pattern should >> not match your UID. Now granted, that intention may have been >> poorly considered by said key owner, > > I pointed out that at least one MUA sends the email address enclosed > in angle brackets as the search string for GnuPG to locate the key. No > angle brackets around the email address means no key found. The OP > reconsidered his scheme and added the angle brackets. Issue resolved. Good. >> but I'd hardly call it a bug in GPG for not anticipating that. >> After all, all it is doing is matching the pattern specified by the >> owner of the key. > > Nor would I. But if somebody creates a key UID with just a bare email > address, is it sensible to accept that email address as a match when > selecting keys? Ah, but if it is truly just the email address then is it sitting in the email field of the UID or the name field? If it's the latter then you could match any part of it you liked normally. An email client is likely to have a small fit at that point, but the email client is designed to interact with a specific set of transmission protocols, in this case SMTP. So if a GPG user wants a UID that does not meet the criteria for SMTP addressing then the GPG user can't expect it to work automatically. As for a vendor foisting poor configuration on end users ... well, the instinctive reaction is to reach for a LART, but that won't be necessary really because that vendor will be out of business within a year. Regards, Ben -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 630 bytes Desc: OpenPGP digital signature URL: From ben at adversary.org Tue Apr 7 17:26:50 2015 From: ben at adversary.org (Ben McGinnes) Date: Wed, 08 Apr 2015 01:26:50 +1000 Subject: Making the case for smart cards for the average user In-Reply-To: <1234086321.20150407150430@my_localhost> References: <277590791.20150317005551@my_localhost> <87lhivpls4.fsf@alice.fifthhorseman.net> <5522AE79.2030208@adversary.org> <198654088.20150407014605@my_localhost> <5523502D.1060107@adversary.org> <79905531.20150407133957@my_localhost> <87y4m43ws0.fsf@alice.fifthhorseman.net> <1234086321.20150407150430@my_localhost> Message-ID: <5523F73A.5090103@adversary.org> On 8/04/2015 12:04 am, MFPA wrote: > On Tuesday 7 April 2015 at 2:14:55 PM, in > , Daniel Kahn Gillmor > wrote: > >> We know how to structure a proper name-addr and an addr-spec, and >> it's not difficult. If you want an e-mail address to be >> recognizable to automated tools, you should structure it in a >> recognizable way. > >> The above UID is simply a mistake, and i don't think >> GnuPG should try to accomodate it. > > Fair enough. That we should try to accommodate:- > > user at example.com > > but not:- > > Test20150407 user at example.com > > actually makes sense to me. I structured my example UID incorrectly. Yeah, this is fair because the first one is accepted by SMTP in the mail from and rcpt to commands, but the second one wouldn't. bash4-4.3$ telnet seditious 25 Trying 172.17.23.9... Connected to seditious.adversary.org. Escape character is '^]'. 220 seditious.adversary.org ESMTP Postfix helo me 250 seditious.adversary.org mail from: president at whitehouse.gov 250 2.1.0 Ok rcpt to: ben at adversary.org 250 2.1.5 Ok data 354 End data with . From: Bazza To: Benny Subject: The Jets Yo dude, we need those jets! . 250 2.0.0 Ok: queued as E654111C0515 quit 221 2.0.0 Bye Connection closed by foreign host. Compare that to this: Trying 172.17.23.9... Connected to seditious.adversary.org. Escape character is '^]'. 220 seditious.adversary.org ESMTP Postfix helo foo 250 seditious.adversary.org mail from: Bazza president at whitehouse.gov 555 5.5.4 Unsupported option: president at whitehouse.gov quit 221 2.0.0 Bye Connection closed by foreign host. The MUA uses the brackets to work out which bits to use in those two commands. Once the data command has been delivered you can put in whatever you like (hence mail spoofing and spam), but before the data command is delivered the format is explicit. That said, if just the brackets are included it will still behave, in case the MUA extracts them from the From and To fields along with the address: Connected to seditious.adversary.org. Escape character is '^]'. 220 seditious.adversary.org ESMTP Postfix helo snafu 250 seditious.adversary.org mail from: 250 2.1.0 Ok rcpt to: 250 2.1.5 Ok data 354 End data with . From: Bazza To: Benny Subject: Re: The Jets What do you mean you don't believe it was me without a GPG signature? My National Security Advisor said that was bad and the NSA had to tell me what to do. . 250 2.0.0 Ok: queued as 3057A11C0515 quit 221 2.0.0 Bye Connection closed by foreign host. Regards, Ben P.S. The Jets are gone. ;) -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 630 bytes Desc: OpenPGP digital signature URL: From robertc at broadcom.com Tue Apr 7 19:29:59 2015 From: robertc at broadcom.com (Bob (Robert) Cavanaugh) Date: Tue, 7 Apr 2015 17:29:59 +0000 Subject: Splitting a GPG private key In-Reply-To: <1428412418-sup-1127@vegeta> References: <1428412418-sup-1127@vegeta> Message-ID: <8F0B09FC6339FA439524099BFCABC11F2D3EBCC1@IRVEXCHMB11.corp.ad.broadcom.com> Alfredo, I don't have any personal experience with splitting the key. What we do at my employer is split the secret key passphrase. Yes, this is a manual process but very secure. For highly important keys we assign six trusted individuals, three have defined one half of the passphrase and three have defined the other half. The halves are backed up physically and stored securely in two separate locations. No one person knows the entire passphrase ever. When encryption is required, one person from each of the three people physically inputs their half of the passphrase. Decryption happens normally. Obviously this only works if you only encrypt a small amount of secret material or do it infrequently. We have found this to be a very secure method. Thanks, Bob Cavanaugh From wk at gnupg.org Tue Apr 7 19:42:42 2015 From: wk at gnupg.org (Werner Koch) Date: Tue, 07 Apr 2015 19:42:42 +0200 Subject: Global changing of expiration date of mainkey and subkeys possible? In-Reply-To: <000301d07115$0f85e730$2e91b590$@on.yourweb.de> (gnupgpacker@on.yourweb.de's message of "Tue, 7 Apr 2015 11:27:25 +0200") References: <000301d07115$0f85e730$2e91b590$@on.yourweb.de> Message-ID: <877ftn3kdp.fsf@vigenere.g10code.de> On Tue, 7 Apr 2015 11:27, gnupgpacker at on.yourweb.de said: > is there any way to change the expiration date of mainkey AND ALL attached > subkeys by one action only (and not key-by-key)? No. Please file a feature requests at bugs.gnupg.org. if you think this is important. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From brian at minton.name Tue Apr 7 19:54:22 2015 From: brian at minton.name (Brian Minton) Date: Tue, 7 Apr 2015 13:54:22 -0400 Subject: Splitting a GPG private key In-Reply-To: <8F0B09FC6339FA439524099BFCABC11F2D3EBCC1@IRVEXCHMB11.corp.ad.broadcom.com> References: <1428412418-sup-1127@vegeta> <8F0B09FC6339FA439524099BFCABC11F2D3EBCC1@IRVEXCHMB11.corp.ad.broadcom.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 The Debian project solves this by having the secret key shared using SSSS (https://en.wikipedia.org/wiki/Shamir%27s_Secret_Sharing). https://ftp-master.debian.org/keys.html On Tue, Apr 7, 2015 at 1:29 PM, Bob (Robert) Cavanaugh wrote: > Alfredo, > I don't have any personal experience with splitting the key. What we do at my employer is split the secret key passphrase. Yes, this is a manual process but very secure. For highly important keys we assign six trusted individuals, three have defined one half of the passphrase and three have defined the other half. The halves are backed up physically and stored securely in two separate locations. No one person knows the entire passphrase ever. When encryption is required, one person from each of the three people physically inputs their half of the passphrase. Decryption happens normally. Obviously this only works if you only encrypt a small amount of secret material or do it infrequently. We have found this to be a very secure method. > > Thanks, > > Bob Cavanaugh > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iF4EARYIAAYFAlUkGbsACgkQN7lQes/yAW7RhwEAsr+5FMW7NGkCht6NTrkdehav hEFg33E/5qScgfAPanEBAAHd0oMxmyWJf5qsDBUWCFfZp0SKk4qYOmZi4pg2kfUD =iFNV -----END PGP SIGNATURE----- From jan.svensson at hush.com Tue Apr 7 20:15:13 2015 From: jan.svensson at hush.com (jan.svensson at hush.com) Date: Tue, 07 Apr 2015 20:15:13 +0200 Subject: Blind signatures for simple election Message-ID: <20150407181514.336ABE0251@smtp.hushmail.com> Hello, I have been looking around a bit, but couldn't find the answer. I would like to do the following with GPG if possible, thanks in advance: Assume we would like to hold a small election where no one should be able to know which political party anyone have voted for. User A, user B, and user C each have a small text file named "ballot.txt" which contains his/her favorite political party written in clear text, e.g. just the text "D" (for the Democratic Party) or the text "R" (for the Republican Party). Then all of them generates some kind of blinding factor "b" to be used to blind their ballot. Then they blind "ballot.txt" with the blinding factor b: blind(ballot.txt,b) All of them sends their "ballot.txt.blind" to the signer user X who can not see the contents of the file since it is blinded. User X signs all of the files "ballot.txt.blind" with the same signature used only for this election: sign(blind(ballot,b),d) User X now sends "ballot.txt.blind.sign" back to user A, user B, and user C. Each of them now unblinds their file "ballot.txt.blind.sign": unblind(sign(blind(ballot,b),d),b) which can be reduced to sign(ballot,d) Finally, at the day of election, user A, user B, and user C vists an election room and delivers their file "ballot.txt.sign" on a USB memory stick and watches while the trustee stores their ballots "ballot.txt.sign" in some way. This file "ballot.txt.sign" contains their political party written in clear text and also contains a signature made by user X to indicate that the ballot is valid for the election. How can I do all above in some simple way with GPG commands like --gen-key, --sign, --verify etc? Or do I need to apply e.g. some patches to GPG to be able to do this? Thanks alot in advance! Jan -------------- next part -------------- An HTML attachment was scrubbed... URL: From 2014-667rhzu3dc-lists-groups at riseup.net Wed Apr 8 01:10:14 2015 From: 2014-667rhzu3dc-lists-groups at riseup.net (MFPA) Date: Wed, 8 Apr 2015 00:10:14 +0100 Subject: Blind signatures for simple election In-Reply-To: <20150407181514.336ABE0251@smtp.hushmail.com> References: <20150407181514.336ABE0251@smtp.hushmail.com> Message-ID: <1988068134.20150408001014@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi On Tuesday 7 April 2015 at 7:15:13 PM, in , jan.svensson at hush.com wrote: > Hello, > I have been looking around a bit, but couldn't find the > answer. I would like to do the following with GPG if > possible, thanks in advance: > Assume we would like to hold a small election where no > one should be able to know which political party anyone > have voted for. What you went on to describe sounds quite a bit like CryptoBallot [0], [1]. [0] . [1] . - -- Best regards MFPA Those who do not read are no better off than those who cannot. -----BEGIN PGP SIGNATURE----- iQF8BAEBCgBmBQJVJGPdXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2 QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwd/8H+QG0p1/NazZYgbfGVUsVh9Ds C2nF18Z1PqFh+bxwMFVF32cJGqoThh9wl59Cqjd6rwv//B/iM1pu24wnY89/yZ4P fZdudI4cY6SRUAaPfiu+hC9CjgIEOKiPa1lBO4vZEsxnpH9zPPBDMOay6OYA6/3g 5qw5kyWMhbygd+/b//oedpWX5Y96xCec/d//UPAfmxeVG+ouV/Z5n1i2BKw79ise f+/Cpk54ewTClHzXWTiLxR1oj0ntfFvsye6ndsZ7Ea8oMGxyh3zTiWXqyxiI4ilG 5BXVvM6q6XY9y0ee9bYr2bnymItBnbZp9F5MydzGNYGSmMcm0uExQcNJcHI5DXyI vgQBFgoAZgUCVSRj418UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45HB7AQC6XwM40tU807PwdIw+tUVFZ5s2 iDqfWjv+2zPHlTGU/QEAxv6/dr+GDFM52vb+ol7G4Yh6dbod+msTlwbof0N+3Qw= =MDc8 -----END PGP SIGNATURE----- From masterkorp at masterkorp.net Wed Apr 8 13:09:55 2015 From: masterkorp at masterkorp.net (Alfredo Palhares) Date: Wed, 08 Apr 2015 12:09:55 +0100 Subject: Splitting a GPG private key In-Reply-To: <87lhi43uro.fsf@alice.fifthhorseman.net> References: <1428412418-sup-1127@vegeta> <87lhi43uro.fsf@alice.fifthhorseman.net> Message-ID: <1428489613-sup-3501@vegeta> Hello Daniel > This is still ambiguous to me. I described two distinct cases, and i'm > not sure which one you are agreeing to. From the rest of your message, > i think you're agreeing to the first question, but not the second. The objective is to require multiple people in order to use that key, so the quote below is the one I agree it: > Do you want to require multiple people to come together to use that > secret key? > I don't know what "the encryption group" means. can you explain > further? I think you might mean that everything encrypted to any key > will also be encrypted to this key; and that some especially sensitive > material will *only* be encrypted to this key. By encryption group I mean the group of keys that would be used to encrypt a file. Let place an example. I have a git repository with multiple passwords, these password are organized by directories like such: credentials-repository ???? Finance ??? ??? mybank.txt.gpg ??? ??? onlineinvoice-service.txt.gpg ??? ??? stubs.js ??? ??? ticker.js ???? Development ? ??? cloudservice.txt.gpg ? ??? emailserver.txt.gpg ? ??? sshdetails.txt.gpg ??? Operations ??? ssl-root.pem.gpg ??? service2.txt.gpg Now we have a team of 6 people Jim, Bob, Ana, Foo, Bar and Joe: - Jim and Bob are the main starters of the group one is part of the Finance team and another is a part of the development team. - Ana and Foo are members of the finance team - Bar and Joe are members of the development team. Every single member has GPG key with their email. All the files in finance directory are encrypted with Jim, Ana, Foo, and the master GPG key so only these 3 and the master GPG can decrypt its contents. people can access it and the root key. The files in the development directory are encrypted with Bar, Joe and Bob and the root key and only them can decrypt. Now lets say we want to get the ssl root pem this would only be encrypted with this root key, so this would both require Jim and Bob to be present to decrypt its contents. Also if there any other department that they do not belong to. > https://tails.boum.org/news/signing_key_transition/index.en.html#index2h1 > > says: > > * Is not owned in a usable format by any single individual. It is split > cryptographically using gfshare. > > gfshare is: http://www.digital-scurf.org/software/libgfshare > > If you have more questions about how they this, you may wish to ask them > to the tails folks themselves: > > https://tails.boum.org/support/index.en.html > > I find that their mailing lists and IRC channel (see "Support List" and > "Chat" at the bottom of the page) are usually pretty helpful and > responsive to well-framed questions. This seems like a viable option, I will look into it. -- Alfredo Palhares GPG/PGP Key Fingerprint 68FC B06A 6C22 8B9B F110 38D6 E8F7 4D1F 0763 CAAD -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: not available URL: From jan.svensson at hush.com Wed Apr 8 18:43:34 2015 From: jan.svensson at hush.com (Jan Svensson) Date: Wed, 08 Apr 2015 18:43:34 +0200 Subject: Blind signatures for simple election In-Reply-To: <1988068134.20150408001014@my_localhost> References: <20150407181514.336ABE0251@smtp.hushmail.com> <1988068134.20150408001014@my_localhost> Message-ID: <20150408164335.221C9E0549@smtp.hushmail.com> Thank you very much for your answer! I'm sorry that I wasn't clear about it, but I am more interested if it is possible to use GPG to do the basic things here (not necessary for an election), i.e. to have a user blind a small text file with some GPG-command, then if it is possible for the signer to sign the blinded text file with some GPG-command, and finally if the user would be able to unblind this signed text file now also containing a signature from the signer. I guess this is not possible to do with GPG, right? >From what I've read it seems like GPG internally is using blinding to avoid RSA timing attacks, but I guess it is not possible for a user of GPG to use those functions in a similar way as I describe above. I've looked a bit at CryptoBallot and all the crypto stuff seems to be done in the Go language. I've also looked at PseudoID which seems to be coded in Python and JavaScript, i.e. none of CryptoBallot or PseudoID seems to use GPG in any way. Maybe I should try see if I can borrow some code from CryptoBallot or PseudoID to do this, or in best case if someone knows some other project that fits better so I can set up a simple prototype of the system myself? Best regards, Jan On 4/8/2015 at 1:10 AM, "MFPA" wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi On Tuesday 7 April 2015 at 7:15:13 PM, in , jan.svensson at hush.com wrote: > Hello, > I have been looking around a bit, but couldn't find the > answer. I would like to do the following with GPG if > possible, thanks in advance: > Assume we would like to hold a small election where no > one should be able to know which political party anyone > have voted for. What you went on to describe sounds quite a bit like CryptoBallot [0], [1]. [0] . [1] . - -- Best regards MFPA Those who do not read are no better off than those who cannot. -----BEGIN PGP SIGNATURE----- iQF8BAEBCgBmBQJVJGPdXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2 QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwd/8H+QG0p1/NazZYgbfGVUsVh9Ds C2nF18Z1PqFh+bxwMFVF32cJGqoThh9wl59Cqjd6rwv//B/iM1pu24wnY89/yZ4P fZdudI4cY6SRUAaPfiu+hC9CjgIEOKiPa1lBO4vZEsxnpH9zPPBDMOay6OYA6/3g 5qw5kyWMhbygd+/b//oedpWX5Y96xCec/d//UPAfmxeVG+ouV/Z5n1i2BKw79ise f+/Cpk54ewTClHzXWTiLxR1oj0ntfFvsye6ndsZ7Ea8oMGxyh3zTiWXqyxiI4ilG 5BXVvM6q6XY9y0ee9bYr2bnymItBnbZp9F5MydzGNYGSmMcm0uExQcNJcHI5DXyI vgQBFgoAZgUCVSRj418UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45HB7AQC6XwM40tU807PwdIw+tUVFZ5s2 iDqfWjv+2zPHlTGU/QEAxv6/dr+GDFM52vb+ol7G4Yh6dbod+msTlwbof0N+3Qw= =MDc8 -----END PGP SIGNATURE----- -------------- next part -------------- An HTML attachment was scrubbed... URL: From jose.castillo at gmail.com Wed Apr 8 17:50:55 2015 From: jose.castillo at gmail.com (Jose Castillo) Date: Wed, 8 Apr 2015 11:50:55 -0400 Subject: Email-only UIDs In-Reply-To: <5523F2A6.80205@adversary.org> References: <277590791.20150317005551@my_localhost> <87lhivpls4.fsf@alice.fifthhorseman.net> <5522AE79.2030208@adversary.org> <198654088.20150407014605@my_localhost> <5523502D.1060107@adversary.org> <5523AA01.3000406@digitalbrains.com> <5523D3E1.1000808@adversary.org> <1556009343.20150407154111@my_localhost> <5523F2A6.80205@adversary.org> Message-ID: <1672C2C6-450C-436B-ABCF-D33C8CBCA66E@gmail.com> On Apr 7, 2015, at 11:07 AM, Ben McGinnes wrote: > Ah, but if it is truly just the email address then is it sitting in > the email field of the UID or the name field? This has been a very illuminating conversation, and I just want to share something that led me to this confusion initially. When I was considering an email-only UID, I ran up against the issue that in gnupg's default mode of operation, a name is required for a UID, whereas an email address is not. If I try to enter a blank name while generating a key, gnupg issues an error: "Name must be at least 5 characters long". My instinct was thus to specify the email address in the name field. I got it backwards because gnupg treats the name field as mandatory and the email field as optional, which interestingly is the opposite of RFC 5322: Normally, a mailbox is composed of two parts: (1) an optional display name that indicates the name of the recipient... and (2) an addr-spec address enclosed in angle brackets. ("<" and ">"). There is an alternate simple form of a mailbox where the addr-spec address appears alone, without the recipient's name or the angle brackets. I realize now that an email-only UID should include angle brackets ("implementations SHOULD use the full name-addr form of the mailbox"), but I wanted to share the thought process that led me to this mistake in the first place. -- Joey Castillo www.joeycastillo.com From peter at digitalbrains.com Wed Apr 8 20:05:01 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Wed, 08 Apr 2015 20:05:01 +0200 Subject: Blind signatures for simple election In-Reply-To: <20150408164335.221C9E0549@smtp.hushmail.com> References: <20150407181514.336ABE0251@smtp.hushmail.com> <1988068134.20150408001014@my_localhost> <20150408164335.221C9E0549@smtp.hushmail.com> Message-ID: <55256DCD.9070300@digitalbrains.com> On 08/04/15 18:43, Jan Svensson wrote: > From what I've read it seems like GPG internally is using blinding to > avoid RSA timing attacks, but I guess it is not possible for a user of > GPG to use those functions in a similar way as I describe above. Those are two different beasts, by the way. You want to blind the /data/. In OpenPGP, the data that is to be signed is hashed, and only the /hash/ is signed with, e.g., RSA. So it could be said that the hash is blinded[1], but the signed data definitely is not. My gut feeling is that OpenPGP is ill suited for this task, but I haven't thought thorougly about it. HTH, Peter. [1] Not sure if that is proper use of the terminology, I'd usually say the operation is blinded, not the data. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From jan.svensson at hush.com Wed Apr 8 20:57:54 2015 From: jan.svensson at hush.com (Jan Svensson) Date: Wed, 08 Apr 2015 20:57:54 +0200 Subject: Blind signatures for simple election In-Reply-To: <55256DCD.9070300@digitalbrains.com> References: <20150407181514.336ABE0251@smtp.hushmail.com> <1988068134.20150408001014@my_localhost> <20150408164335.221C9E0549@smtp.hushmail.com> <55256DCD.9070300@digitalbrains.com> Message-ID: <20150408185755.22623E0251@smtp.hushmail.com> >> From what I've read it seems like GPG internally is using blinding to >> avoid RSA timing attacks, but I guess it is not possible for a user of >> GPG to use those functions in a similar way as I describe above. > > Those are two different beasts, by the way. You want to blind the > /data/. In OpenPGP, the data that is to be signed is hashed, and only > the /hash/ is signed with, e.g., RSA. So it could be said that the hash > is blinded[1], but the signed data definitely is not. > > My gut feeling is that OpenPGP is ill suited for this task, but I > haven't thought thorougly about it. What do you think about me trying to use Libgcrypt instead? The manual (http://www.gnupg.org/documentation/manuals/gcrypt/gcrypt.pdf) says "By default Libgcrypt uses a blinding technique for RSA decryption to mitigate real world timing attacks over a network: Instead of using the RSA decryption directly, a blinded value y = x r^{e} \bmod n is decrypted and the unblinded value x' = y' r^{-1} \bmod n returned. The blinding value r is a random value with the size of the modulus n and generated with GCRY_WEAK_RANDOM random level." Would it be possible to create three small programs in e.g. C (or some other language if it is more suitable) that uses Libgcrypt: 1. a program "generate_blinding_factor" that generates a blinding factor "b". 2. a program "blind" that takes a message and a blinding factor "b" as input parameters and gives as output the message in blinded format. 3. a program "unblind" that takes a blinded message and a blinding factor as input parameters and gives as output the message in unblinded format. The user would first use "generate_blinding_factor" to generate a blinding factor and then use "blind" to blind a message. The, the user would then send the message to the signer who uses the usual GPG-command "gpg --output blinded_message.sig --sign blinded_message" and then sends it back to the user. Finally, the user would use "unblind" to unblind the signed blinded message to get a file with the message signed by the signer. We can assume that the signer keeps the blinded message so when that signer later gets to see the unblinded message with the signers signature, then the signer cannot link those two messages to each other, i.e. sign(blind(message,b),d) and sign(message,d) cannot be linked. Thanks for any advice here, Jan From wk at gnupg.org Wed Apr 8 21:25:00 2015 From: wk at gnupg.org (Werner Koch) Date: Wed, 08 Apr 2015 21:25:00 +0200 Subject: Email-only UIDs In-Reply-To: <1672C2C6-450C-436B-ABCF-D33C8CBCA66E@gmail.com> (Jose Castillo's message of "Wed, 8 Apr 2015 11:50:55 -0400") References: <277590791.20150317005551@my_localhost> <87lhivpls4.fsf@alice.fifthhorseman.net> <5522AE79.2030208@adversary.org> <198654088.20150407014605@my_localhost> <5523502D.1060107@adversary.org> <5523AA01.3000406@digitalbrains.com> <5523D3E1.1000808@adversary.org> <1556009343.20150407154111@my_localhost> <5523F2A6.80205@adversary.org> <1672C2C6-450C-436B-ABCF-D33C8CBCA66E@gmail.com> Message-ID: <87iod6zalv.fsf@vigenere.g10code.de> On Wed, 8 Apr 2015 17:50, jose.castillo at gmail.com said: > share something that led me to this confusion initially. When I was > considering an email-only UID, I ran up against the issue that in > gnupg's default mode of operation, a name is required for a UID, $ gpg --dump-options | grep free --allow-freeform-uid This options will help you. With the next 2.1 release and if using the keybox format (pubring.kbx) searching for mail addresses without angle brackets will also work as expected. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From dominique.larchey-wendling at loria.fr Fri Apr 10 00:29:00 2015 From: dominique.larchey-wendling at loria.fr (Dominique Larchey-Wendling) Date: Fri, 10 Apr 2015 00:29:00 +0200 (CEST) Subject: JavaCard with OpenPGP applet fails on second decryption attempt In-Reply-To: <628454182.2801067.1428617153434.JavaMail.zimbra@loria.fr> Message-ID: <1347833654.2804007.1428618540723.JavaMail.zimbra@loria.fr> Hi, I am trying to setup a JavaCard (Gemalto IDCore 10 rev C) with an OpenPGP applet. My goal is to obtain an equivalent of the regular OpenPGP Smartcard (from ZeitControl) which I own as well and which works perfectly (so far). 1/ I tried the Java Card OpenPGP Card (from joeridr) but it was impossible to either setup new PINS or verify the default one on that applet. Hopefully uninstalling and reinstalling the applet reinitialized both PINS retry counters to 3 ... At first I was afraid of bricking my JC. Btw the Yubikey Neo OpenPGP is nearly the same applet as the joeridr one ... doesn't even install on the JC. 2/ Then I tried the FluffyPGPApplet (from FluffyKaon) and with that one, I could setup new PIN and even check them ... gpg2 basically worked but then I began to try the cryptographic functions of the card and a strange behavior appeared. Indeed, the first decryption after a PIN check (either on the JC hardware or simulated by edit-card verify) works whereas subsequents decryption attempts fail. Here is a sequence of commands that reproduce the problem. Notice that scdaemon logs are attached below. It seem to me that the apdu sequence sent on subsequent decryption attempts are of the wrong length ... Can anyone give my some hints as to want is going on ? Thx very much in advance, DomLW --------------------- ## JavaCard with Fluffy OpenPGP Applet inserted ## I run gpg -d twice, ## first attempt, I am asked for the PIN (CHV1) and decryption is a success $ gpg2 -d examples.desktop.asc > /dev/null gpg: encrypted with 2048-bit RSA key, ID 04F53C66, created 2015-04-09 "DomLW (test) " ## second attempt, I am NOT asked for the PIN and decryption ends in a failure ## probably because a too short apdu commands is sent to the card (see the logs ## of scdaemon) $ gpg2 -d examples.desktop.asc > /dev/null gpg: encrypted with 2048-bit RSA key, ID 04F53C66, created 2015-04-09 "DomLW (test) " gpg: public key decryption failed: Invalid value gpg: decryption failed: No secret key ## then if I run gpg --card-edit (verify) and after that another decrypt ## first card-edit and verify the PIN, I am NOT asked for the PIN $ gpg2 --card-edit Application ID ...: D2760001240102000000000000000000 Version ..........: 2.0 Manufacturer .....: test card Serial number ....: 00000000 Name of cardholder: Dominique Larchey-Wendling Language prefs ...: fr Sex ..............: male URL of public key : [not set] Login data .......: [not set] Signature PIN ....: not forced Key attributes ...: 2048R 2048R 2048R Max. PIN lengths .: 32 32 32 PIN retry counter : 3 0 3 Signature counter : 3 Signature key ....: 3CB0 9186 9FD6 2670 085A FA64 62FE A0E4 ED4D B6AB created ....: 2015-04-09 09:49:26 Encryption key....: C2B7 66F5 08A4 E8F5 C2B2 40C6 2F46 B077 04F5 3C66 created ....: 2015-04-09 10:03:07 Authentication key: 0C69 4EE0 EB99 336D 75E9 C130 490C 3508 30DA 9738 created ....: 2015-04-09 09:49:26 General key info..: [none] gpg/card> verify ... gpg/card> q ## now I try another decrypt ## this third decrypt does NOT ask for the PIN and succeeds $ gpg2 -d examples.desktop.asc > /dev/null gpg: encrypted with 2048-bit RSA key, ID 04F53C66, created 2015-04-09 "DomLW (test) " ------------ The logs of scdaemon (2048) during the previous sequence of commands are accessible at https://gist.github.com/DmxLarchey/62abeaf53040b8c19cbb -------------- next part -------------- An HTML attachment was scrubbed... URL: From seb at hocquet.org Fri Apr 10 01:27:26 2015 From: seb at hocquet.org (=?UTF-8?B?U8OpYmFzdGllbiBIb2NxdWV0?=) Date: Fri, 10 Apr 2015 01:27:26 +0200 Subject: Using 64-bit gpgme to communicate with 32-bit gpg on Windows ? Message-ID: <55270ADE.10102@hocquet.org> Hi, I'm considering using gpg as the signing and encryption mechanism for a project I'm working on, by interfacing with gpgpme. The project will have to be built as a 64-bit Windows executable. As I understood, gpg is not officially supported on 64-bit Windows. So I thought about using the 32-bit gpg executable provided with gpg4win, compiling my own 64-bit version of gpgme, and linking my project executable with this 64-bit gpgme. (This would avoid me implementing IPC between my executable and gpgme. Besides I understand gpgme already uses IPC to communicate with gpg). I successfully compile 64-bit gpgme, but cannot make it communicate with the 32-bit gpg executable (calling gpgme_set_engine_info fails). How could I do that? I assume that maybe the "gpgme-w32spawn.exe" file provided with 64-bit gpgme is involved, but I don't really understand its usage... Thanks, S?bastien From wk at gnupg.org Fri Apr 10 13:17:51 2015 From: wk at gnupg.org (Werner Koch) Date: Fri, 10 Apr 2015 13:17:51 +0200 Subject: Using 64-bit gpgme to communicate with 32-bit gpg on Windows ? In-Reply-To: <55270ADE.10102@hocquet.org> (=?utf-8?Q?=22S=C3=A9bastien?= Hocquet"'s message of "Fri, 10 Apr 2015 01:27:26 +0200") References: <55270ADE.10102@hocquet.org> Message-ID: <87fv88qlk0.fsf@vigenere.g10code.de> On Fri, 10 Apr 2015 01:27, seb at hocquet.org said: > compiling my own 64-bit version of gpgme, and linking my project > executable with this 64-bit gpgme. (This would avoid me implementing IPC Some parts in particular gpgsm may not yet work. > I successfully compile 64-bit gpgme, but cannot make it communicate with > the 32-bit gpg executable (calling gpgme_set_engine_info fails). How > could I do that? I assume that maybe the "gpgme-w32spawn.exe" file > provided with 64-bit gpgme is involved, but I don't really understand That is quite possible. The helper is required due to the way Windows inherits handles. I can look at this next week Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From seb at hocquet.org Sat Apr 11 16:23:04 2015 From: seb at hocquet.org (=?UTF-8?B?U8OpYmFzdGllbiBIb2NxdWV0?=) Date: Sat, 11 Apr 2015 16:23:04 +0200 Subject: Using 64-bit gpgme to communicate with 32-bit gpg on Windows ? In-Reply-To: <87fv88qlk0.fsf@vigenere.g10code.de> References: <55270ADE.10102@hocquet.org> <87fv88qlk0.fsf@vigenere.g10code.de> Message-ID: <55292E48.90908@hocquet.org> Le 10/04/2015 13:17, Werner Koch a ?crit : > That is quite possible. The helper is required due to the way Windows > inherits handles. > > I can look at this next week > Thank you! By the way, in case it proves useful for anyone, I've just posted the scripts I use to build and test GPGME on various platforms: https://github.com/shocquet/NGpgme/tree/master/gpgme Have a nice week-end, S?bastien From wk at gnupg.org Sat Apr 11 20:34:43 2015 From: wk at gnupg.org (Werner Koch) Date: Sat, 11 Apr 2015 20:34:43 +0200 Subject: [Announce] GnuPG 2.1.3 released Message-ID: <87mw2ems3g.fsf@vigenere.g10code.de> Hello! The GnuPG Project is pleased to announce the availability of the another release of GnuPG modern: Version 2.1.3. The GNU Privacy Guard (GnuPG) is a complete and free implementation of the OpenPGP standard which is commonly abbreviated as PGP. GnuPG allows to encrypt and sign data and communication, features a versatile key management system as well as access modules for public key directories. GnuPG itself is a command line tool with features for easy integration with other applications. A wealth of frontend applications and libraries making use of GnuPG are available. Since version 2 GnuPG provides support for S/MIME and Secure Shell in addition to OpenPGP. GnuPG is Free Software (meaning that it respects your freedom). It can be freely used, modified and distributed under the terms of the GNU General Public License. Three different versions of GnuPG are actively maintained: - GnuPG "modern" (2.1) is the latest development with a lot of new features. This announcement is about the first release of this version. - GnuPG "stable" (2.0) is the current stable version for general use. This is what most users are currently using. - GnuPG "classic" (1.4) is the old standalone version which is most suitable for older or embedded platforms. You may not install "modern" (2.1) and "stable" (2.0) at the same time. However, it is possible to install "classic" (1.4) along with any of the other versions. Noteworthy changes in version 2.1.3 =================================== * gpg: LDAP keyservers are now supported by 2.1. * gpg: New option --with-icao-spelling. * gpg: New option --print-pka-records. Changed the PKA method to use CERT records and hashed names. * gpg: New command --list-gcrypt-config. New parameter "curve" for --list-config. * gpg: Print a NEWSIG status line like gpgsm always did. * gpg: Print MPI values with --list-packets and --verbose. * gpg: Write correct MPI lengths with ECC keys. * gpg: Skip legacy PGP-2 keys while searching. * gpg: Improved searching for mail addresses when using a keybox. * gpgsm: Changed default algos to AES-128 and SHA-256. * gpgtar: Fixed extracting files with sizes of a multiple of 512. * dirmngr: Fixed SNI handling for hkps pools. * dirmngr: extra-certs and trusted-certs are now always loaded from the sysconfig dir instead of the homedir. * Fixed possible problems due to compiler optimization, two minor regressions, and other bugs. A detailed description of the changes found in the 2.1 versions can be found at https://gnupg.org/faq/whats-new-in-2.1.html . Getting the Software ==================== Please follow the instructions found at https://gnupg.org/download/ or read on: GnuPG 2.1.3 may be downloaded from one of the GnuPG mirror sites or direct from its primary FTP server. The list of mirrors can be found at . Note that GnuPG is not available at ftp.gnu.org. On ftp.gnupg.org you find these files: ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-2.1.3.tar.bz2 (4762k) ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-2.1.3.tar.bz2.sig This is the GnuPG source code compressed using BZIP2 and its OpenPGP signature. An experimental Windows installer for this version will be released next week. This version fixes a lot of bugs found after the release of 2.1.2 but there are still known bugs which we are working on. Please check the the bug tracker, https://wiki.gnupg.org, or mailing list archives for known problems and workaround. Checking the Integrity ====================== In order to check that the version of GnuPG which you are going to install is an original and unmodified one, you can do it in one of the following ways: * If you already have a version of GnuPG installed, you can simply verify the supplied signature. For example to verify the signature of the file gnupg-2.1.3.tar.bz2 you would use this command: gpg --verify gnupg-2.1.3.tar.bz2.sig gnupg-2.1.3.tar.bz2 This checks whether the signature file matches the source file. You should see a message indicating that the signature is good and made by one or more of the release signing keys. Make sure that this is a valid key, either by matching the shown fingerprint against a trustworthy list of valid release signing keys or by checking that the key has been signed by trustworthy other keys. See below for information on the signing keys. * If you are not able to use an existing version of GnuPG, you have to verify the SHA-1 checksum. On Unix systems the command to do this is either "sha1sum" or "shasum". Assuming you downloaded the file gnupg-2.1.3.tar.bz2, you would run the command like this: sha1sum gnupg-2.1.3.tar.bz2 and check that the output matches the next line: 091e69ec1ce3f0032e6b135e4da561e8d46d20a7 gnupg-2.1.3.tar.bz2 Release Signing Keys ==================== To guarantee that a downloaded GnuPG version has not been tampered by malicious entities we provide signature files for all tarballs and binary versions. The keys are also signed by the long term keys of their respective owners. Current releases are signed by one or more of these four keys: 2048R/4F25E3B6 2011-01-12 [expires: 2019-12-31] Key fingerprint = D869 2123 C406 5DEA 5E0F 3AB5 249B 39D2 4F25 E3B6 Werner Koch (dist sig) rsa2048/E0856959 2014-10-29 [expires: 2019-12-31] Key fingerprint = 46CC 7308 65BB 5C78 EBAB ADCF 0437 6F3E E085 6959 David Shaw (GnuPG Release Signing Key) rsa2048/33BD3F06 2014-10-29 [expires: 2016-10-28] Key fingerprint = 031E C253 6E58 0D8E A286 A9F2 2071 B08A 33BD 3F06 NIIBE Yutaka (GnuPG Release Key) rsa2048/7EFD60D9 2014-10-19 [expires: 2020-12-31] Key fingerprint = D238 EA65 D64C 67ED 4C30 73F2 8A86 1B1C 7EFD 60D9 Werner Koch (Release Signing Key) You may retrieve these files from a keyserver using this command gpg --keyserver hkp://keys.gnupg.net --recv-keys \ 249B39D24F25E3B6 04376F3EE0856959 \ 2071B08A33BD3F06 8A861B1C7EFD60D9 The keys are also available at https://gnupg.org/signature_key.html and in any recently released GnuPG tarball in the file g10/distsigkey.gpg . Note that this mail has been signed using by a different key. Internationalization ==================== This version of GnuPG has support for 26 languages with Chinese, Czech, French, German, Japanese, Russian, and Ukrainian being almost completely translated (2062 different strings). Documentation ============= If you used GnuPG in the past you should read the description of changes and new features at doc/whats-new-in-2.1.txt or online at https://gnupg.org/faq/whats-new-in-2.1.html The file gnupg.info has the complete user manual of the system. Separate man pages are included as well but they have not all the details available as are the manual. It is also possible to read the complete manual online in HTML format at https://gnupg.org/documentation/manuals/gnupg/ or in Portable Document Format at https://gnupg.org/documentation/manuals/gnupg.pdf . The chapters on gpg-agent, gpg and gpgsm include information on how to set up the whole thing. You may also want search the GnuPG mailing list archives or ask on the gnupg-users mailing lists for advise on how to solve problems. Many of the new features are around for several years and thus enough public knowledge is already available. You may also want to follow postings at https://gnupg.org/blob/. Support ======== Please consult the archive of the gnupg-users mailing list before reporting a bug . We suggest to send bug reports for a new release to this list in favor of filing a bug at . For commercial support requests we keep a list of known service companies at: https://gnupg.org/service.html If you are a developer and you may need a certain feature for your project, please do not hesitate to bring it to the gnupg-devel mailing list for discussion. Thanks ====== We have to thank all the people who helped with this release, be it testing, coding, translating, suggesting, auditing, administering the servers, spreading the word, and answering questions on the mailing lists. Since the start of the funding campaign in December several thousand people have been kind enough to donate a total of 250000 Euro to support this project. In addition the Linux Foundation gave a grant of $ 60000 for 2015, Stripe.com and Facebook.com each pledged $ 50000 per year. I am amazed by this superb and unexpected support for the GnuPG project. This allowed us to continue the project, employ a second full time developer, and gives us the resources to improve things which have been delayed for too long. Thank you all! Salam-Shalom, Werner p.s. This is a announcement only mailing list. Please send replies only to the gnupg-users at gnupg.org mailing lists. -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 180 bytes Desc: not available URL: -------------- next part -------------- _______________________________________________ Gnupg-announce mailing list Gnupg-announce at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce From mike at confidantmail.org Sun Apr 12 00:24:29 2015 From: mike at confidantmail.org (Mike Ingle) Date: Sat, 11 Apr 2015 15:24:29 -0700 Subject: Build script problem with gnupg 2.1.3 Message-ID: <55299F1D.1080903@confidantmail.org> I am building gnupg 2.1.3 to try out, and I ran into a bug in the build script. If you run ./configure --help in libgcrypt-1.6.3, it says: Optional Packages: --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) --with-pic[=PKGS] try to use only PIC/non-PIC objects [default=use both] --with-gnu-ld assume the C compiler uses GNU ld [default=no] --with-sysroot=DIR Search for dependent libraries within DIR (or the compiler's sysroot if not specified). --with-egd-socket=NAME Use NAME for the EGD socket) --with-capabilities Use linux capabilities [default=no] --with-libgpg-error-prefix=PFX prefix where GPG Error is installed (optional) --with-pth-prefix=PFX prefix where GNU Pth is installed (optional) However, the libgpg-error-prefix doesn't actually work. You have to use: --with-gpg-error-prefix= Mike From 2014-667rhzu3dc-lists-groups at riseup.net Sun Apr 12 18:30:35 2015 From: 2014-667rhzu3dc-lists-groups at riseup.net (MFPA) Date: Sun, 12 Apr 2015 17:30:35 +0100 Subject: [Announce] GnuPG 2.1.3 released In-Reply-To: <87mw2ems3g.fsf@vigenere.g10code.de> References: <87mw2ems3g.fsf@vigenere.g10code.de> Message-ID: <1892009497.20150412173035@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On Saturday 11 April 2015 at 7:34:43 PM, in , Werner Koch wrote: > The GnuPG Project is pleased to announce the > availability of the another release of GnuPG modern: > Version 2.1.3. Just spotted the announcement headline on says Version 2.1.4 released, instead of 2.1.3. Might confuse somebody. - -- Best regards MFPA Always borrow money from a pessimist - they don't expect it back -----BEGIN PGP SIGNATURE----- iQF8BAEBCgBmBQJVKp2rXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2 QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwEjUH/2gC9O9DWJkipqTKE9rgEJWf JaFLI2c3+o03YoMmscE5Ubx5nASc03SqPYNT0wmhWE2axg0/i57sUN/xGvLKi/n+ K+tCXefCna9hlNjDpwwu3AAw9ahfuI3e/HC77y+EsYFPJcIrRealmf0Ur4EA9SVN Jy3mqBnLxTFdL0EHSCS3H0NG9Txtar+E33bLCO6+hjRbdvFo3HS15dwGSxxnwY1a 0Zqfr2Lv/QgG73tUnJNEnNUJTAyHfdNPKtnIGNhnhkZvqqdb7BIF3+44g6590IWu 3SIUkQLs+a0Esm1QJe3jugMpmb7OshPiykB0LHEBQPBEP3XWs4SuzaNw0C8McbiI vgQBFgoAZgUCVSqds18UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45CMZAQDYTN9Yjr0W7ERcxoE+QJ6onKDr 0KY6mKt68TuM5KcHLgEAXSOkTcSlXJWS/o+eNIlhZOrVU5ZHpIm0tI9/OO9+9Ao= =MMpG -----END PGP SIGNATURE----- From wk at gnupg.org Sun Apr 12 20:02:51 2015 From: wk at gnupg.org (Werner Koch) Date: Sun, 12 Apr 2015 20:02:51 +0200 Subject: Build script problem with gnupg 2.1.3 In-Reply-To: <55299F1D.1080903@confidantmail.org> (Mike Ingle's message of "Sat, 11 Apr 2015 15:24:29 -0700") References: <55299F1D.1080903@confidantmail.org> Message-ID: <87oamtkywk.fsf@vigenere.g10code.de> On Sun, 12 Apr 2015 00:24, mike at confidantmail.org said: > However, the libgpg-error-prefix doesn't actually work. You have to use: > --with-gpg-error-prefix= Actually both should work. But you are right, this is one of the most durable bugs in GnuPG and Company. The gpg-error.m4 macro is the reason for this and it was indeed not the latest version. I just updated it wich should fix the problem. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From ivansunset at gmail.com Sat Apr 11 23:01:43 2015 From: ivansunset at gmail.com (Ivan Markin) Date: Sun, 12 Apr 2015 00:01:43 +0300 Subject: Unusable secret key (adduid) Message-ID: <55298BB7.5060605@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hello! I'm using OpenPGP card to store my secret keys on it. Now I'm adding a new UID to my key by running gpg2 --edit-key. What I've got is this strange error: gpg (GnuPG) 2.0.25; Copyright (C) 2013 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Secret key is available. gpg: using PGP trust model ... there my keys ... gpg> adduid Real name: GPG User Email address: user at gnupg.org Comment: You selected this USER-ID: "GPG user " Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o gpg: secret key parts are not available gpg: signing failed: Unusable secret key How to solve this? Thank you, Ivan Markin -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJVKYuzAAoJEAkv0TW1VhaDQq8IAOzgRmYYmTwSrMPZuQjwO+O7 u4iVKiaI0Fi0hRd6Rn14HpgXtGPHIEBkIerB709Ztk+MhNwTGyrCPBC8n1SxrZt8 cRev0/Xvwr9IIcd+PTBubxNstnN9Q6fOQNn2GytYdVk5Vafxs11yhZ/uGX8yvuET T6pBcLfs/qQsQVNG6VtMSPhtWAs5ThtV96LJy84X2qj3V/NvGrxVCwdnDq3JxiQx gSk8jMBBFeUv8cbb0DIePJcNcF8it8s7uaKWYpZMnw+HgLH2ChfdoK4Bul+1eoJ6 kcmWFHNMs2iojgWy5u4h2c0DD+LQx930Z3erJB+1mpxhMJkLDCojaU9DIEm4gM0= =ObEv -----END PGP SIGNATURE----- From dominyktiller at gmail.com Sun Apr 12 00:29:56 2015 From: dominyktiller at gmail.com (Dominyk Tiller) Date: Sat, 11 Apr 2015 23:29:56 +0100 Subject: GnuPG 2.1.3 Fails to Compile OS X Message-ID: <5529A064.8050606@gmail.com> Hey Werner, Thanks for the new release! I'm having some issues making it compile on OS X, right across 10.8-10.10.3. Tried both Apple's Clang and GNU's GCC so I'm presuming the error isn't compiler-specific. It's throwing slightly different errors on OS X 10.8 than it is on 10.9 and 10.10. The 10.8 error is: ========================================================= t-stringhelp.c:488:3: error: function definition is not allowed here { ^ t-stringhelp.c:536:4: error: expected ';' at end of declaration } ^ ; 2 errors generated. make[3]: *** [t-stringhelp.o] Error 1 ========================================================= And the 10.9 - 10.10.3 error is just: ========================================================= t-stringhelp.c:488:3: error: function definition is not allowed here { ^ 1 error generated. make[3]: *** [t-stringhelp.o] Error 1 ========================================================= Have attached various compile logs. Cheers, Dom -- Sent from OS X. If you wish to communicate more securely my PGP Public Key is 0x872524db9d74326c. -------------- next part -------------- 2015-04-11 23:23:57 +0100 ./configure --disable-dependency-tracking --disable-silent-rules --prefix=/usr/local/Cellar/gnupg21/2.1.3 --sbindir=/usr/local/Cellar/gnupg21/2.1.3/bin --sysconfdir=/usr/local/etc --enable-symcryptrun checking for a BSD-compatible install... /usr/bin/install -c checking whether build environment is sane... yes checking for a thread-safe mkdir -p... build-aux/install-sh -c -d checking for gawk... no checking for mawk... no checking for nawk... no checking for awk... awk checking whether make sets $(MAKE)... yes checking whether make supports nested variables... yes checking build system type... x86_64-apple-darwin14.3.0 checking host system type... x86_64-apple-darwin14.3.0 configure: autobuild project... gnupg2 configure: autobuild revision... 2.1.3 configure: autobuild hostname... Dominyks-MacBook-Pro.local configure: autobuild timestamp... 20150411-232359 checking for style of include used by make... GNU checking for gcc... clang checking whether the C compiler works... yes checking for C compiler default output file name... a.out checking for suffix of executables... checking whether we are cross compiling... no checking for suffix of object files... o checking whether we are using the GNU C compiler... yes checking whether clang accepts -g... yes checking for clang option to accept ISO C89... none needed checking whether clang understands -c and -o together... yes checking dependency style of clang... none checking how to run the C preprocessor... clang -E checking for grep that handles long lines and -e... /usr/bin/grep checking for egrep... /usr/bin/grep -E checking for ANSI C header files... yes checking for sys/types.h... yes checking for sys/stat.h... yes checking for stdlib.h... yes checking for string.h... yes checking for memory.h... yes checking for strings.h... yes checking for inttypes.h... yes checking for stdint.h... yes checking for unistd.h... yes checking minix/config.h usability... no checking minix/config.h presence... no checking for minix/config.h... no checking whether it is safe to define __EXTENSIONS__... yes checking whether SELinux support is requested... no checking whether to allocate extra secure memory... no checking whether to enable trust models... yes checking whether to enable the RSA public key for gpg... yes checking whether to enable the ECDH public key for gpg... yes checking whether to enable the ECDSA public key for gpg... yes checking whether to enable the EdDSA public key for gpg... yes checking whether to enable the IDEA cipher for gpg... yes checking whether to enable the CAST5 cipher for gpg... yes checking whether to enable the BLOWFISH cipher for gpg... yes checking whether to enable the AES128 cipher for gpg... yes checking whether to enable the AES192 cipher for gpg... yes checking whether to enable the AES256 cipher for gpg... yes checking whether to enable the TWOFISH cipher for gpg... yes checking whether to enable the CAMELLIA128 cipher for gpg... yes checking whether to enable the CAMELLIA192 cipher for gpg... yes checking whether to enable the CAMELLIA256 cipher for gpg... yes checking whether to enable the MD5 hash for gpg... yes checking whether to enable the RIPE-MD160 hash for gpg... yes checking whether to enable the SHA-224 hash for gpg... yes checking whether to enable the SHA-384 hash for gpg... yes checking whether to enable the SHA-512 hash for gpg... yes checking whether to enable the ZIP and ZLIB compression algorithm... yes checking whether to enable the BZIP2 compression algorithm... yes checking whether to enable external program execution... yes checking whether to enable photo ID viewing... yes checking whether to use a fixed photo ID viewer... no checking for the size of the key and uid cache... 4096 checking whether use of capabilities is requested... no checking whether smartcard support is requested... yes checking whether to enable the internal CCID driver... yes checking whether to auto start dirmngr... yes checking whether to enable maintainer-specific portions of Makefiles... no configure: checking for programs checking whether make sets $(MAKE)... (cached) yes checking whether build environment is sane... yes checking whether make supports nested variables... (cached) yes checking for gawk... (cached) awk checking for gcc... (cached) clang checking whether we are using the GNU C compiler... (cached) yes checking whether clang accepts -g... (cached) yes checking for clang option to accept ISO C89... (cached) none needed checking whether clang understands -c and -o together... (cached) yes checking dependency style of clang... (cached) none checking how to run the C preprocessor... clang -E checking whether ln -s works... yes checking for ranlib... ranlib checking for ar... ar checking for perl... /usr/bin/perl checking for windres... no checking for strerror in -lcposix... no checking for special C compiler options needed for large files... no checking for _FILE_OFFSET_BITS value needed for large files... no checking for tar... /usr/bin/tar checking whether /usr/bin/tar speaks USTAR... yes checking for cc for build... clang configure: checking for libraries checking for gpg-error-config... /usr/local/opt/libgpg-error/bin/gpg-error-config checking for GPG Error - version >= 1.16... yes (1.18) configure: WARNING: *** *** The config script /usr/local/opt/libgpg-error/bin/gpg-error-config was *** built for x86_64-apple-darwin14.1.0 and thus may not match the *** used host x86_64-apple-darwin14.3.0. *** You may want to use the configure option --with-gpg-error-prefix *** to specify a matching config script or use $SYSROOT. *** checking for libgcrypt-config... /usr/local/opt/libgcrypt/bin/libgcrypt-config checking for LIBGCRYPT - version >= 1.6.0... yes (1.6.3) checking LIBGCRYPT API version... okay configure: WARNING: *** *** The config script /usr/local/opt/libgcrypt/bin/libgcrypt-config was *** built for x86_64-apple-darwin14.1.0 and thus may not match the *** used host x86_64-apple-darwin14.3.0. *** You may want to use the configure option --with-libgcrypt-prefix *** to specify a matching config script or use $SYSROOT. *** checking for libassuan-config... /usr/local/opt/libassuan/bin/libassuan-config checking for LIBASSUAN - version >= 2.1.0... yes (2.2.0) checking LIBASSUAN API version... okay checking for ksba-config... /usr/local/opt/libksba/bin/ksba-config checking for KSBA - version >= 1.2.0... yes (1.3.2) checking KSBA API version... okay checking for usb_bulk_write in -lusb... yes checking for usb_create_match... no checking for library containing dlopen... none required checking for encfs... /usr/bin/encfs checking for fusermount... /usr/bin/fusermount checking for openpty in -lutil... yes checking for shred... /usr/bin/shred checking for npth-config... /usr/local/opt/npth/bin/npth-config checking for NPTH - version >= 0.91... yes (1.1) checking NPTH API version... okay configure: WARNING: *** *** The config script /usr/local/opt/npth/bin/npth-config was *** built for x86_64-apple-darwin14.1.0 and thus may not match the *** used host x86_64-apple-darwin14.3.0. *** You may want to use the configure option --with-npth-prefix *** to specify a matching config script. *** checking for ntbtls-config... no checking for NTBTLS - version >= 0.1.0... no checking for pkg-config... /usr/local/opt/pkg-config/bin/pkg-config checking pkg-config is at least version 0.9.0... yes checking for LIBGNUTLS... yes configure: checking for networking options checking for gethostbyname... yes checking for setsockopt... yes checking adns.h usability... no checking adns.h presence... no checking for adns.h... no checking for library containing res_query... none required checking for library containing dn_expand... none required checking for library containing dn_skipname... no checking for library containing __dn_skipname... none required checking whether the resolver is usable... no checking whether I can make the resolver usable with BIND_8_COMPAT... yes checking whether LDAP via "-lldap" is present and sane... yes checking for ldap_get_option... yes checking for ldap_set_option... yes checking for ldap_start_tls_s... yes checking for ldap_start_tls_sA... no checking for ber_free in -llber... yes checking for sendmail... /usr/sbin/sendmail checking for ld used by GCC... /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ld checking if the linker (/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ld) is GNU ld... no checking for shared library run path origin... done checking for iconv... yes checking for working iconv... yes checking how to link with libiconv... -liconv checking for iconv declaration... extern size_t iconv (iconv_t cd, char * *inbuf, size_t *inbytesleft, char * *outbuf, size_t *outbytesleft); configure: checking for gettext checking whether NLS is requested... yes checking for msgfmt... /usr/local/opt/gettext/bin/msgfmt checking for gmsgfmt... /usr/local/opt/gettext/bin/msgfmt checking for xgettext... /usr/local/opt/gettext/bin/xgettext checking for msgmerge... /usr/local/opt/gettext/bin/msgmerge checking for CFPreferencesCopyAppValue... yes checking for CFLocaleCopyCurrent... yes checking for GNU gettext in libc... no checking for iconv... (cached) yes checking for working iconv... (cached) yes checking how to link with libiconv... -liconv checking for GNU gettext in libintl... yes checking whether to use NLS... yes checking where the gettext function comes from... external libintl checking how to link with libintl... -lintl -Wl,-framework -Wl,CoreFoundation checking for strchr... yes checking for nl_langinfo and CODESET... yes checking for LC_MESSAGES... yes configure: checking for header files checking for ANSI C header files... (cached) yes checking for string.h... (cached) yes checking for unistd.h... (cached) yes checking langinfo.h usability... yes checking langinfo.h presence... yes checking for langinfo.h... yes checking termio.h usability... no checking termio.h presence... no checking for termio.h... no checking locale.h usability... yes checking locale.h presence... yes checking for locale.h... yes checking getopt.h usability... yes checking getopt.h presence... yes checking for getopt.h... yes checking pty.h usability... no checking pty.h presence... no checking for pty.h... no checking utmp.h usability... yes checking utmp.h presence... yes checking for utmp.h... yes checking pwd.h usability... yes checking pwd.h presence... yes checking for pwd.h... yes checking for inttypes.h... (cached) yes checking signal.h usability... yes checking signal.h presence... yes checking for signal.h... yes checking sys/select.h usability... yes checking sys/select.h presence... yes checking for sys/select.h... yes checking whether time.h and sys/time.h may both be included... yes configure: checking for system characteristics checking for an ANSI C-conforming const... yes checking for inline... inline checking for working volatile... yes checking for size_t... yes checking for mode_t... yes checking return type of signal handlers... void checking whether sys_siglist is declared... yes checking for sys/socket.h... yes checking for socklen_t... yes checking for library containing inet_addr... none required checking endianess... little checking for byte typedef... no checking for ushort typedef... yes checking for ulong typedef... no checking for u16 typedef... no checking for u32 typedef... no checking size of unsigned short... 2 checking size of unsigned int... 4 checking size of unsigned long... 8 checking size of unsigned long long... 8 checking whether time.h and sys/time.h may both be included... (cached) yes checking size of time_t... 8 checking whether time_t is unsigned... no configure: checking for library functions checking whether getpagesize is declared... yes checking for _LARGEFILE_SOURCE value needed for large files... no checking for vprintf... yes checking for _doprnt... no checking for pid_t... yes checking vfork.h usability... no checking vfork.h presence... no checking for vfork.h... no checking for fork... yes checking for vfork... yes checking for working fork... yes checking for working vfork... (cached) yes checking for strerror... yes checking for strlwr... no checking for tcgetattr... yes checking for mmap... yes checking for canonicalize_file_name... no checking for strcasecmp... yes checking for strncasecmp... yes checking for ctermid... yes checking for times... yes checking for gmtime_r... yes checking for strtoull... yes checking for setenv... yes checking for unsetenv... yes checking for fcntl... yes checking for ftruncate... yes checking for inet_ntop... yes checking for canonicalize_file_name... (cached) no checking for gettimeofday... yes checking for getrusage... yes checking for getrlimit... yes checking for setrlimit... yes checking for clock_gettime... no checking for atexit... yes checking for raise... yes checking for getpagesize... yes checking for strftime... yes checking for nl_langinfo... yes checking for setlocale... yes checking for waitpid... yes checking for wait4... yes checking for sigaction... yes checking for sigprocmask... yes checking for pipe... yes checking for getaddrinfo... yes checking for ttyname... yes checking for rand... yes checking for ftello... yes checking for fsync... yes checking for stat... yes checking for lstat... yes checking for struct sigaction... yes checking for sigset_t... yes checking for signal.h... (cached) yes checking for memicmp... no checking for stpcpy... yes checking for strsep... yes checking for strlwr... (cached) no checking for strtoul... yes checking for memmove... yes checking for stricmp... no checking for strtol... yes checking for memrchr... no checking for isascii... yes checking for timegm... yes checking for getrusage... (cached) yes checking for setrlimit... (cached) yes checking for stat... (cached) yes checking for setlocale... (cached) yes checking for flockfile... yes checking for funlockfile... yes checking for fopencookie... no checking for funopen... yes checking for getpwnam... yes checking for getpwuid... yes checking for getenv... yes checking for inet_pton... yes checking for strpbrk... yes checking for sys/stat.h... (cached) yes checking for unistd.h... (cached) yes checking direct.h usability... no checking direct.h presence... no checking for direct.h... no checking if mkdir takes one argument... no checking whether regular expression support is requested... yes checking for library containing regcomp... none required checking for regcomp... yes checking whether your system's regexp library is broken... no checking zlib.h usability... yes checking zlib.h presence... yes checking for zlib.h... yes checking for deflateInit2_ in -lz... yes checking for bzlib.h... yes checking for BZ2_bzCompressInit in -lbz2... yes checking whether readline via "-lreadline" is present and sane... no checking whether readline via "-lreadline -ltermcap" is present and sane... no checking whether readline via "-lreadline -lcurses" is present and sane... no checking whether readline via "-lreadline -lncurses" is present and sane... no configure: checking for cc features checking if gcc ignores unknown -Wno-* options... no checking if gcc supports -Wno-pointer-sign... yes checking if gcc supports -Wpointer-arith... yes checking that generated files are newer than configure... done checking that generated files are newer than configure... done configure: creating ./config.status config.status: creating m4/Makefile config.status: creating Makefile config.status: creating po/Makefile.in config.status: creating common/Makefile config.status: creating common/w32info-rc.h config.status: creating kbx/Makefile config.status: creating g10/Makefile config.status: creating sm/Makefile config.status: creating agent/Makefile config.status: creating scd/Makefile config.status: creating g13/Makefile config.status: creating dirmngr/Makefile config.status: creating tools/gpg-zip config.status: creating tools/Makefile config.status: creating doc/Makefile config.status: creating tests/Makefile config.status: creating tests/openpgp/Makefile config.status: creating tests/pkits/Makefile config.status: creating g10/gpg.w32-manifest config.status: creating config.h config.status: executing depfiles commands config.status: executing po-directories commands config.status: creating po/POTFILES config.status: creating po/Makefile GnuPG v2.1.3 has been configured as follows: Revision: b1e1959 (45537) Platform: Darwin (x86_64-apple-darwin14.3.0) OpenPGP: yes S/MIME: yes Agent: yes Smartcard: yes G13: yes Dirmngr: yes Gpgtar: yes Protect tool: (default) LDAP wrapper: (default) Default agent: (default) Default pinentry: (default) Default scdaemon: (default) Default dirmngr: (default) Dirmngr auto start: yes Readline support: no LDAP support: yes DNS SRV support: yes TLS support: gnutls Warning: Mismatches between the target platform and the to be used libraries have been detected for: libgpg-error libgcrypt Please check above for more warning messages. -------------- next part -------------- 2015-04-11 23:24:49 +0100 make /Applications/Xcode.app/Contents/Developer/usr/bin/make all-recursive Making all in m4 make[2]: Nothing to be done for `all'. Making all in common /Applications/Xcode.app/Contents/Developer/usr/bin/make all-am clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-mapstrings.o `test -f 'mapstrings.c' || echo './'`mapstrings.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-stringhelp.o `test -f 'stringhelp.c' || echo './'`stringhelp.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-strlist.o `test -f 'strlist.c' || echo './'`strlist.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-utf8conv.o `test -f 'utf8conv.c' || echo './'`utf8conv.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-argparse.o `test -f 'argparse.c' || echo './'`argparse.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-logging.o `test -f 'logging.c' || echo './'`logging.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-dotlock.o `test -f 'dotlock.c' || echo './'`dotlock.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-mischelp.o `test -f 'mischelp.c' || echo './'`mischelp.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-i18n.o `test -f 'i18n.c' || echo './'`i18n.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-status.o `test -f 'status.c' || echo './'`status.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-tlv.o `test -f 'tlv.c' || echo './'`tlv.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-init.o `test -f 'init.c' || echo './'`init.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-sexputil.o `test -f 'sexputil.c' || echo './'`sexputil.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-sysutils.o `test -f 'sysutils.c' || echo './'`sysutils.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-homedir.o `test -f 'homedir.c' || echo './'`homedir.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-gettime.o `test -f 'gettime.c' || echo './'`gettime.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-yesno.o `test -f 'yesno.c' || echo './'`yesno.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-b64enc.o `test -f 'b64enc.c' || echo './'`b64enc.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-b64dec.o `test -f 'b64dec.c' || echo './'`b64dec.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-zb32.o `test -f 'zb32.c' || echo './'`zb32.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-convert.o `test -f 'convert.c' || echo './'`convert.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-percent.o `test -f 'percent.c' || echo './'`percent.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-mbox-util.o `test -f 'mbox-util.c' || echo './'`mbox-util.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-miscellaneous.o `test -f 'miscellaneous.c' || echo './'`miscellaneous.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-xasprintf.o `test -f 'xasprintf.c' || echo './'`xasprintf.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-xreadline.o `test -f 'xreadline.c' || echo './'`xreadline.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-membuf.o `test -f 'membuf.c' || echo './'`membuf.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-iobuf.o `test -f 'iobuf.c' || echo './'`iobuf.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-ttyio.o `test -f 'ttyio.c' || echo './'`ttyio.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-asshelp.o `test -f 'asshelp.c' || echo './'`asshelp.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-asshelp2.o `test -f 'asshelp2.c' || echo './'`asshelp2.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-signal.o `test -f 'signal.c' || echo './'`signal.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-audit.o `test -f 'audit.c' || echo './'`audit.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-dns-cert.o `test -f 'dns-cert.c' || echo './'`dns-cert.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-pka.o `test -f 'pka.c' || echo './'`pka.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-localename.o `test -f 'localename.c' || echo './'`localename.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-session-env.o `test -f 'session-env.c' || echo './'`session-env.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-userids.o `test -f 'userids.c' || echo './'`userids.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-openpgp-oid.o `test -f 'openpgp-oid.c' || echo './'`openpgp-oid.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-ssh-utils.o `test -f 'ssh-utils.c' || echo './'`ssh-utils.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-agent-opt.o `test -f 'agent-opt.c' || echo './'`agent-opt.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-helpfile.o `test -f 'helpfile.c' || echo './'`helpfile.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-exechelp-posix.o `test -f 'exechelp-posix.c' || echo './'`exechelp-posix.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-get-passphrase.o `test -f 'get-passphrase.c' || echo './'`get-passphrase.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommon_a-srv.o `test -f 'srv.c' || echo './'`srv.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-mapstrings.o `test -f 'mapstrings.c' || echo './'`mapstrings.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-stringhelp.o `test -f 'stringhelp.c' || echo './'`stringhelp.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-strlist.o `test -f 'strlist.c' || echo './'`strlist.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-utf8conv.o `test -f 'utf8conv.c' || echo './'`utf8conv.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-argparse.o `test -f 'argparse.c' || echo './'`argparse.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-logging.o `test -f 'logging.c' || echo './'`logging.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-dotlock.o `test -f 'dotlock.c' || echo './'`dotlock.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-mischelp.o `test -f 'mischelp.c' || echo './'`mischelp.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-i18n.o `test -f 'i18n.c' || echo './'`i18n.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-status.o `test -f 'status.c' || echo './'`status.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-tlv.o `test -f 'tlv.c' || echo './'`tlv.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-init.o `test -f 'init.c' || echo './'`init.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-sexputil.o `test -f 'sexputil.c' || echo './'`sexputil.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-sysutils.o `test -f 'sysutils.c' || echo './'`sysutils.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-homedir.o `test -f 'homedir.c' || echo './'`homedir.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-gettime.o `test -f 'gettime.c' || echo './'`gettime.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-yesno.o `test -f 'yesno.c' || echo './'`yesno.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-b64enc.o `test -f 'b64enc.c' || echo './'`b64enc.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-b64dec.o `test -f 'b64dec.c' || echo './'`b64dec.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-zb32.o `test -f 'zb32.c' || echo './'`zb32.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-convert.o `test -f 'convert.c' || echo './'`convert.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-percent.o `test -f 'percent.c' || echo './'`percent.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-mbox-util.o `test -f 'mbox-util.c' || echo './'`mbox-util.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-miscellaneous.o `test -f 'miscellaneous.c' || echo './'`miscellaneous.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-xasprintf.o `test -f 'xasprintf.c' || echo './'`xasprintf.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-xreadline.o `test -f 'xreadline.c' || echo './'`xreadline.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-membuf.o `test -f 'membuf.c' || echo './'`membuf.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-iobuf.o `test -f 'iobuf.c' || echo './'`iobuf.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-ttyio.o `test -f 'ttyio.c' || echo './'`ttyio.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-asshelp.o `test -f 'asshelp.c' || echo './'`asshelp.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-asshelp2.o `test -f 'asshelp2.c' || echo './'`asshelp2.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-signal.o `test -f 'signal.c' || echo './'`signal.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-audit.o `test -f 'audit.c' || echo './'`audit.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-dns-cert.o `test -f 'dns-cert.c' || echo './'`dns-cert.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-pka.o `test -f 'pka.c' || echo './'`pka.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-localename.o `test -f 'localename.c' || echo './'`localename.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-session-env.o `test -f 'session-env.c' || echo './'`session-env.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-userids.o `test -f 'userids.c' || echo './'`userids.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-openpgp-oid.o `test -f 'openpgp-oid.c' || echo './'`openpgp-oid.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-ssh-utils.o `test -f 'ssh-utils.c' || echo './'`ssh-utils.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-agent-opt.o `test -f 'agent-opt.c' || echo './'`agent-opt.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-helpfile.o `test -f 'helpfile.c' || echo './'`helpfile.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-exechelp-posix.o `test -f 'exechelp-posix.c' || echo './'`exechelp-posix.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommonpth_a-srv.o `test -f 'srv.c' || echo './'`srv.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o gpgrlhelp.o gpgrlhelp.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libtasn1/4.4/include -I/usr/local/Cellar/nettle/2.7.1/include -I/usr/local/Cellar/gnutls/3.3.14/include -DWITHOUT_NPTH=1 -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommontls_a-http.o `test -f 'http.c' || echo './'`http.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libtasn1/4.4/include -I/usr/local/Cellar/nettle/2.7.1/include -I/usr/local/Cellar/gnutls/3.3.14/include -I/usr/local/Cellar/npth/1.1/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libcommontlsnpth_a-http.o `test -f 'http.c' || echo './'`http.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libsimple_pwquery_a-simple-pwquery.o `test -f 'simple-pwquery.c' || echo './'`simple-pwquery.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o libsimple_pwquery_a-asshelp.o `test -f 'asshelp.c' || echo './'`asshelp.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o t-stringhelp.o t-stringhelp.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o t-support.o t-support.c clang -DHAVE_CONFIG_H -I. -I.. -DLOCALEDIR=\"/usr/local/Cellar/gnupg21/2.1.3/share/locale\" -DGNUPG_BINDIR="\"/usr/local/Cellar/gnupg21/2.1.3/bin\"" -DGNUPG_LIBEXECDIR="\"/usr/local/Cellar/gnupg21/2.1.3/libexec\"" -DGNUPG_LIBDIR="\"/usr/local/Cellar/gnupg21/2.1.3/lib/gnupg\"" -DGNUPG_DATADIR="\"/usr/local/Cellar/gnupg21/2.1.3/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/usr/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/usr/local/Cellar/gnupg21/2.1.3/var\"" -I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include -I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include -I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -c -o t-timestuff.o t-timestuff.c t-stringhelp.c:488:3: error: function definition is not allowed here { ^ 1 error generated. make[3]: *** [t-stringhelp.o] Error 1 make[3]: *** Waiting for unfinished jobs.... make[2]: *** [all] Error 2 make[1]: *** [all-recursive] Error 1 make: *** [all] Error 2 HOMEBREW_VERSION: 0.9.5 ORIGIN: https://github.com/Homebrew/homebrew.git HEAD: 4b54ddb155b0faa537bec6a342d214f4acd63e9d Last commit: 3 hours ago HOMEBREW_PREFIX: /usr/local HOMEBREW_CELLAR: /usr/local/Cellar CPU: quad-core 64-bit ivybridge OS X: 10.10.3-x86_64 Xcode: 6.3 CLT: 6.3.0.0.1.1428348375 GCC-4.2: build 0 Clang: 6.1 build 602 X11: 2.7.8_rc1 => /opt/X11 System Ruby: 2.0.0-p481 Perl: /usr/bin/perl Python: /usr/bin/python Ruby: /usr/bin/ruby Java: 1.8.0_40 HOMEBREW_CC: clang HOMEBREW_CXX: clang++ LDFLAGS: -lresolv MAKEFLAGS: -j4 CMAKE_PREFIX_PATH: /usr/local/opt/gettext:/usr/local CMAKE_INCLUDE_PATH: /usr/include/libxml2:/System/Library/Frameworks/OpenGL.framework/Versions/Current/Headers CMAKE_LIBRARY_PATH: /System/Library/Frameworks/OpenGL.framework/Versions/Current/Libraries PKG_CONFIG_PATH: /usr/local/opt/libtasn1/lib/pkgconfig:/usr/local/opt/nettle/lib/pkgconfig:/usr/local/opt/gnutls/lib/pkgconfig:/usr/local/opt/libusb/lib/pkgconfig:/usr/local/opt/libusb-compat/lib/pkgconfig PKG_CONFIG_LIBDIR: /usr/lib/pkgconfig:/usr/local/Library/ENV/pkgconfig/10.10 ACLOCAL_PATH: /usr/local/opt/gettext/share/aclocal:/usr/local/share/aclocal PATH: /usr/local/Library/ENV/4.3:/usr/local/opt/pkg-config/bin:/usr/local/opt/npth/bin:/usr/local/opt/libtasn1/bin:/usr/local/opt/nettle/bin:/usr/local/opt/gnutls/bin:/usr/local/opt/libgpg-error/bin:/usr/local/opt/libgcrypt/bin:/usr/local/opt/libksba/bin:/usr/local/opt/libassuan/bin:/usr/local/opt/pinentry/bin:/usr/local/opt/libusb-compat/bin:/usr/local/opt/gettext/bin:/usr/bin:/bin:/usr/sbin:/sbin -------------- next part -------------- This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. It was created by gnupg configure 2.1.3, which was generated by GNU Autoconf 2.69. Invocation command line was $ ./configure --disable-dependency-tracking --disable-silent-rules --prefix=/usr/local/Cellar/gnupg21/2.1.3 --sbindir=/usr/local/Cellar/gnupg21/2.1.3/bin --sysconfdir=/usr/local/etc --enable-symcryptrun ## --------- ## ## Platform. ## ## --------- ## hostname = Dominyks-MacBook-Pro.local uname -m = x86_64 uname -r = 14.3.0 uname -s = Darwin uname -v = Darwin Kernel Version 14.3.0: Mon Mar 23 11:59:05 PDT 2015; root:xnu-2782.20.48~5/RELEASE_X86_64 /usr/bin/uname -p = i386 /bin/uname -X = unknown /bin/arch = unknown /usr/bin/arch -k = unknown /usr/convex/getsysinfo = unknown /usr/bin/hostinfo = Mach kernel version: Darwin Kernel Version 14.3.0: Mon Mar 23 11:59:05 PDT 2015; root:xnu-2782.20.48~5/RELEASE_X86_64 Kernel configured for up to 4 processors. 2 processors are physically available. 4 processors are logically available. Processor type: i486 (Intel 80486) Processors active: 0 1 2 3 Primary memory available: 8.00 gigabytes Default processor set: 272 tasks, 1404 threads, 4 processors Load average: 3.22, Mach factor: 1.16 /bin/machine = unknown /usr/bin/oslevel = unknown /bin/universe = unknown PATH: /usr/local/Library/ENV/4.3 PATH: /usr/local/opt/pkg-config/bin PATH: /usr/local/opt/npth/bin PATH: /usr/local/opt/libtasn1/bin PATH: /usr/local/opt/nettle/bin PATH: /usr/local/opt/gnutls/bin PATH: /usr/local/opt/libgpg-error/bin PATH: /usr/local/opt/libgcrypt/bin PATH: /usr/local/opt/libksba/bin PATH: /usr/local/opt/libassuan/bin PATH: /usr/local/opt/pinentry/bin PATH: /usr/local/opt/libusb-compat/bin PATH: /usr/local/opt/gettext/bin PATH: /usr/bin PATH: /bin PATH: /usr/sbin PATH: /sbin ## ----------- ## ## Core tests. ## ## ----------- ## configure:2859: checking for a BSD-compatible install configure:2927: result: /usr/bin/install -c configure:2938: checking whether build environment is sane configure:2993: result: yes configure:3144: checking for a thread-safe mkdir -p configure:3183: result: build-aux/install-sh -c -d configure:3190: checking for gawk configure:3220: result: no configure:3190: checking for mawk configure:3220: result: no configure:3190: checking for nawk configure:3220: result: no configure:3190: checking for awk configure:3206: found /usr/bin/awk configure:3217: result: awk configure:3228: checking whether make sets $(MAKE) configure:3250: result: yes configure:3279: checking whether make supports nested variables configure:3296: result: yes configure:3426: checking build system type configure:3440: result: x86_64-apple-darwin14.3.0 configure:3460: checking host system type configure:3473: result: x86_64-apple-darwin14.3.0 configure:3497: autobuild project... gnupg2 configure:3499: autobuild revision... 2.1.3 configure:3503: autobuild hostname... Dominyks-MacBook-Pro.local configure:3512: autobuild timestamp... 20150411-232359 configure:3529: checking for style of include used by make configure:3557: result: GNU configure:3628: checking for gcc configure:3655: result: clang configure:3884: checking for C compiler version configure:3893: clang --version >&5 Apple LLVM version 6.1.0 (clang-602.0.49) (based on LLVM 3.6.0svn) Target: x86_64-apple-darwin14.3.0 Thread model: posix configure:3904: $? = 0 configure:3893: clang -v >&5 Apple LLVM version 6.1.0 (clang-602.0.49) (based on LLVM 3.6.0svn) Target: x86_64-apple-darwin14.3.0 Thread model: posix configure:3904: $? = 0 configure:3893: clang -V >&5 clang: error: unsupported option '-V -isystem/usr/local/include' configure:3904: $? = 1 configure:3893: clang -qversion >&5 clang: error: unknown argument: '-qversion' configure:3904: $? = 1 configure:3924: checking whether the C compiler works configure:3946: clang -lresolv conftest.c >&5 configure:3950: $? = 0 configure:3998: result: yes configure:4001: checking for C compiler default output file name configure:4003: result: a.out configure:4009: checking for suffix of executables configure:4016: clang -o conftest -lresolv conftest.c >&5 configure:4020: $? = 0 configure:4042: result: configure:4064: checking whether we are cross compiling configure:4072: clang -o conftest -lresolv conftest.c >&5 configure:4076: $? = 0 configure:4083: ./conftest configure:4087: $? = 0 configure:4102: result: no configure:4107: checking for suffix of object files configure:4129: clang -c conftest.c >&5 configure:4133: $? = 0 configure:4154: result: o configure:4158: checking whether we are using the GNU C compiler configure:4177: clang -c conftest.c >&5 configure:4177: $? = 0 configure:4186: result: yes configure:4195: checking whether clang accepts -g configure:4215: clang -c -g conftest.c >&5 configure:4215: $? = 0 configure:4256: result: yes configure:4273: checking for clang option to accept ISO C89 configure:4336: clang -c -g -O2 conftest.c >&5 configure:4336: $? = 0 configure:4349: result: none needed configure:4374: checking whether clang understands -c and -o together configure:4396: clang -c conftest.c -o conftest2.o configure:4399: $? = 0 configure:4396: clang -c conftest.c -o conftest2.o configure:4399: $? = 0 configure:4411: result: yes configure:4430: checking dependency style of clang configure:4541: result: none configure:4562: checking how to run the C preprocessor configure:4593: clang -E conftest.c configure:4593: $? = 0 configure:4607: clang -E conftest.c conftest.c:11:10: fatal error: 'ac_nonexistent.h' file not found #include ^ 1 error generated. configure:4607: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | /* end confdefs.h. */ | #include configure:4632: result: clang -E configure:4652: clang -E conftest.c configure:4652: $? = 0 configure:4666: clang -E conftest.c conftest.c:11:10: fatal error: 'ac_nonexistent.h' file not found #include ^ 1 error generated. configure:4666: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | /* end confdefs.h. */ | #include configure:4695: checking for grep that handles long lines and -e configure:4753: result: /usr/bin/grep configure:4758: checking for egrep configure:4820: result: /usr/bin/grep -E configure:4825: checking for ANSI C header files configure:4845: clang -c -g -O2 conftest.c >&5 configure:4845: $? = 0 configure:4918: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:4918: $? = 0 configure:4918: ./conftest configure:4918: $? = 0 configure:4929: result: yes configure:4942: checking for sys/types.h configure:4942: clang -c -g -O2 conftest.c >&5 configure:4942: $? = 0 configure:4942: result: yes configure:4942: checking for sys/stat.h configure:4942: clang -c -g -O2 conftest.c >&5 configure:4942: $? = 0 configure:4942: result: yes configure:4942: checking for stdlib.h configure:4942: clang -c -g -O2 conftest.c >&5 configure:4942: $? = 0 configure:4942: result: yes configure:4942: checking for string.h configure:4942: clang -c -g -O2 conftest.c >&5 configure:4942: $? = 0 configure:4942: result: yes configure:4942: checking for memory.h configure:4942: clang -c -g -O2 conftest.c >&5 configure:4942: $? = 0 configure:4942: result: yes configure:4942: checking for strings.h configure:4942: clang -c -g -O2 conftest.c >&5 configure:4942: $? = 0 configure:4942: result: yes configure:4942: checking for inttypes.h configure:4942: clang -c -g -O2 conftest.c >&5 configure:4942: $? = 0 configure:4942: result: yes configure:4942: checking for stdint.h configure:4942: clang -c -g -O2 conftest.c >&5 configure:4942: $? = 0 configure:4942: result: yes configure:4942: checking for unistd.h configure:4942: clang -c -g -O2 conftest.c >&5 configure:4942: $? = 0 configure:4942: result: yes configure:4955: checking minix/config.h usability configure:4955: clang -c -g -O2 conftest.c >&5 conftest.c:54:10: fatal error: 'minix/config.h' file not found #include ^ 1 error generated. configure:4955: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | /* end confdefs.h. */ | #include | #ifdef HAVE_SYS_TYPES_H | # include | #endif | #ifdef HAVE_SYS_STAT_H | # include | #endif | #ifdef STDC_HEADERS | # include | # include | #else | # ifdef HAVE_STDLIB_H | # include | # endif | #endif | #ifdef HAVE_STRING_H | # if !defined STDC_HEADERS && defined HAVE_MEMORY_H | # include | # endif | # include | #endif | #ifdef HAVE_STRINGS_H | # include | #endif | #ifdef HAVE_INTTYPES_H | # include | #endif | #ifdef HAVE_STDINT_H | # include | #endif | #ifdef HAVE_UNISTD_H | # include | #endif | #include configure:4955: result: no configure:4955: checking minix/config.h presence configure:4955: clang -E conftest.c conftest.c:21:10: fatal error: 'minix/config.h' file not found #include ^ 1 error generated. configure:4955: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | /* end confdefs.h. */ | #include configure:4955: result: no configure:4955: checking for minix/config.h configure:4955: result: no configure:4976: checking whether it is safe to define __EXTENSIONS__ configure:4994: clang -c -g -O2 conftest.c >&5 configure:4994: $? = 0 configure:5001: result: yes configure:5400: checking whether SELinux support is requested configure:5409: result: no configure:5413: checking whether to allocate extra secure memory configure:5422: result: no configure:5435: checking whether to enable trust models configure:5442: result: yes configure:5455: checking whether to enable the RSA public key for gpg configure:5464: result: yes configure:5474: checking whether to enable the ECDH public key for gpg configure:5483: result: yes configure:5491: checking whether to enable the ECDSA public key for gpg configure:5500: result: yes configure:5508: checking whether to enable the EdDSA public key for gpg configure:5517: result: yes configure:5526: checking whether to enable the IDEA cipher for gpg configure:5535: result: yes configure:5544: checking whether to enable the CAST5 cipher for gpg configure:5553: result: yes configure:5561: checking whether to enable the BLOWFISH cipher for gpg configure:5570: result: yes configure:5578: checking whether to enable the AES128 cipher for gpg configure:5587: result: yes configure:5595: checking whether to enable the AES192 cipher for gpg configure:5604: result: yes configure:5612: checking whether to enable the AES256 cipher for gpg configure:5621: result: yes configure:5629: checking whether to enable the TWOFISH cipher for gpg configure:5638: result: yes configure:5646: checking whether to enable the CAMELLIA128 cipher for gpg configure:5655: result: yes configure:5663: checking whether to enable the CAMELLIA192 cipher for gpg configure:5672: result: yes configure:5680: checking whether to enable the CAMELLIA256 cipher for gpg configure:5689: result: yes configure:5698: checking whether to enable the MD5 hash for gpg configure:5707: result: yes configure:5716: checking whether to enable the RIPE-MD160 hash for gpg configure:5725: result: yes configure:5733: checking whether to enable the SHA-224 hash for gpg configure:5742: result: yes configure:5751: checking whether to enable the SHA-384 hash for gpg configure:5760: result: yes configure:5768: checking whether to enable the SHA-512 hash for gpg configure:5777: result: yes configure:5790: checking whether to enable the ZIP and ZLIB compression algorithm configure:5797: result: yes configure:5802: checking whether to enable the BZIP2 compression algorithm configure:5809: result: yes configure:5814: checking whether to enable external program execution configure:5821: result: yes configure:5830: checking whether to enable photo ID viewing configure:5844: result: yes configure:5848: checking whether to use a fixed photo ID viewer configure:5866: result: no configure:5876: checking for the size of the key and uid cache configure:5894: result: 4096 configure:5907: checking whether use of capabilities is requested configure:5917: result: no configure:5922: checking whether smartcard support is requested configure:5929: result: yes configure:5943: checking whether to enable the internal CCID driver configure:5950: result: yes configure:5953: checking whether to auto start dirmngr configure:5960: result: yes configure:5983: checking whether to enable maintainer-specific portions of Makefiles configure:5992: result: no configure:6008: checking for programs configure:6010: checking whether make sets $(MAKE) configure:6032: result: yes configure:6041: checking whether build environment is sane configure:6096: result: yes configure:6135: checking whether make supports nested variables configure:6152: result: yes configure:6167: checking for gawk configure:6194: result: awk configure:6253: checking for gcc configure:6280: result: clang configure:6509: checking for C compiler version configure:6518: clang --version >&5 Apple LLVM version 6.1.0 (clang-602.0.49) (based on LLVM 3.6.0svn) Target: x86_64-apple-darwin14.3.0 Thread model: posix configure:6529: $? = 0 configure:6518: clang -v >&5 Apple LLVM version 6.1.0 (clang-602.0.49) (based on LLVM 3.6.0svn) Target: x86_64-apple-darwin14.3.0 Thread model: posix configure:6529: $? = 0 configure:6518: clang -V >&5 clang: error: unsupported option '-V -isystem/usr/local/include' configure:6529: $? = 1 configure:6518: clang -qversion >&5 clang: error: unknown argument: '-qversion' configure:6529: $? = 1 configure:6533: checking whether we are using the GNU C compiler configure:6561: result: yes configure:6570: checking whether clang accepts -g configure:6631: result: yes configure:6648: checking for clang option to accept ISO C89 configure:6724: result: none needed configure:6749: checking whether clang understands -c and -o together configure:6786: result: yes configure:6805: checking dependency style of clang configure:6916: result: none configure:6936: checking how to run the C preprocessor configure:7006: result: clang -E configure:7026: clang -E conftest.c configure:7026: $? = 0 configure:7040: clang -E conftest.c conftest.c:57:10: fatal error: 'ac_nonexistent.h' file not found #include ^ 1 error generated. configure:7040: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | /* end confdefs.h. */ | #include configure:7073: checking whether ln -s works configure:7077: result: yes configure:7127: checking for ranlib configure:7143: found /usr/bin/ranlib configure:7154: result: ranlib configure:7219: checking for ar configure:7235: found /usr/bin/ar configure:7246: result: ar configure:7270: checking for perl configure:7288: found /usr/bin/perl configure:7300: result: /usr/bin/perl configure:7351: checking for windres configure:7381: result: no configure:7401: checking for strerror in -lcposix configure:7426: clang -o conftest -g -O2 -lresolv conftest.c -lcposix >&5 conftest.c:64:6: warning: incompatible redeclaration of library function 'strerror' [-Wincompatible-library-redeclaration] char strerror (); ^ conftest.c:64:6: note: 'strerror' is a builtin with type 'char *(int)' 1 warning generated. ld: library not found for -lcposix clang: error: linker command failed with exit code 1 (use -v to see invocation) configure:7426: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | /* end confdefs.h. */ | | /* Override any GCC internal prototype to avoid an error. | Use char because int might match the return type of a GCC | builtin and then its argument prototype would still apply. */ | #ifdef __cplusplus | extern "C" | #endif | char strerror (); | int | main () | { | return strerror (); | ; | return 0; | } configure:7435: result: no configure:7450: checking for special C compiler options needed for large files configure:7495: result: no configure:7501: checking for _FILE_OFFSET_BITS value needed for large files configure:7526: clang -c -g -O2 conftest.c >&5 configure:7526: $? = 0 configure:7558: result: no configure:7656: checking for tar configure:7674: found /usr/bin/tar configure:7686: result: /usr/bin/tar configure:7702: checking whether /usr/bin/tar speaks USTAR configure:7710: result: yes configure:7735: checking for cc for build configure:7742: result: clang configure:7928: checking for libraries configure:7977: checking for gpg-error-config configure:7995: found /usr/local/opt/libgpg-error/bin/gpg-error-config configure:8008: result: /usr/local/opt/libgpg-error/bin/gpg-error-config configure:8017: checking for GPG Error - version >= 1.16 configure:8045: result: yes (1.18) configure:8058: WARNING: *** *** The config script /usr/local/opt/libgpg-error/bin/gpg-error-config was *** built for x86_64-apple-darwin14.1.0 and thus may not match the *** used host x86_64-apple-darwin14.3.0. *** You may want to use the configure option --with-gpg-error-prefix *** to specify a matching config script or use $SYSROOT. *** configure:8120: checking for libgcrypt-config configure:8138: found /usr/local/opt/libgcrypt/bin/libgcrypt-config configure:8151: result: /usr/local/opt/libgcrypt/bin/libgcrypt-config configure:8168: checking for LIBGCRYPT - version >= 1.6.0 configure:8202: result: yes (1.6.3) configure:8214: checking LIBGCRYPT API version configure:8217: result: okay configure:8241: WARNING: *** *** The config script /usr/local/opt/libgcrypt/bin/libgcrypt-config was *** built for x86_64-apple-darwin14.1.0 and thus may not match the *** used host x86_64-apple-darwin14.3.0. *** You may want to use the configure option --with-libgcrypt-prefix *** to specify a matching config script or use $SYSROOT. *** configure:8282: checking for libassuan-config configure:8300: found /usr/local/opt/libassuan/bin/libassuan-config configure:8313: result: /usr/local/opt/libassuan/bin/libassuan-config configure:8341: checking for LIBASSUAN - version >= 2.1.0 configure:8371: result: yes (2.2.0) configure:8382: checking LIBASSUAN API version configure:8385: result: okay configure:8440: checking for ksba-config configure:8458: found /usr/local/opt/libksba/bin/ksba-config configure:8471: result: /usr/local/opt/libksba/bin/ksba-config configure:8488: checking for KSBA - version >= 1.2.0 configure:8522: result: yes (1.3.2) configure:8534: checking KSBA API version configure:8537: result: okay configure:8587: checking for usb_bulk_write in -lusb configure:8612: clang -o conftest -g -O2 -lresolv conftest.c -lusb >&5 configure:8612: $? = 0 configure:8621: result: yes configure:8634: checking for usb_create_match configure:8634: clang -o conftest -g -O2 -lresolv conftest.c >&5 Undefined symbols for architecture x86_64: "_usb_create_match", referenced from: _main in conftest-f54cd0.o ld: symbol(s) not found for architecture x86_64 clang: error: linker command failed with exit code 1 (use -v to see invocation) configure:8634: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | /* end confdefs.h. */ | /* Define usb_create_match to an innocuous variant, in case declares usb_create_match. | For example, HP-UX 11i declares gettimeofday. */ | #define usb_create_match innocuous_usb_create_match | | /* System header to define __stub macros and hopefully few prototypes, | which can conflict with char usb_create_match (); below. | Prefer to if __STDC__ is defined, since | exists even on freestanding compilers. */ | | #ifdef __STDC__ | # include | #else | # include | #endif | | #undef usb_create_match | | /* Override any GCC internal prototype to avoid an error. | Use char because int might match the return type of a GCC | builtin and then its argument prototype would still apply. */ | #ifdef __cplusplus | extern "C" | #endif | char usb_create_match (); | /* The GNU C library defines this for functions which it implements | to always fail with ENOSYS. Some functions are actually named | something starting with __ and the normal name is an alias. */ | #if defined __stub_usb_create_match || defined __stub___usb_create_match | choke me | #endif | | int | main () | { | return usb_create_match (); | ; | return 0; | } configure:8634: result: no configure:8652: checking for library containing dlopen configure:8683: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:8683: $? = 0 configure:8700: result: none required configure:8716: checking for encfs configure:8747: result: /usr/bin/encfs configure:8763: checking for fusermount configure:8794: result: /usr/bin/fusermount configure:8817: checking for openpty in -lutil configure:8842: clang -o conftest -g -O2 -lresolv conftest.c -lutil >&5 configure:8842: $? = 0 configure:8851: result: yes configure:8866: checking for shred configure:8897: result: /usr/bin/shred configure:8928: checking for npth-config configure:8946: found /usr/local/opt/npth/bin/npth-config configure:8959: result: /usr/local/opt/npth/bin/npth-config configure:8985: checking for NPTH - version >= 0.91 configure:9008: result: yes (1.1) configure:9020: checking NPTH API version configure:9023: result: okay configure:9047: WARNING: *** *** The config script /usr/local/opt/npth/bin/npth-config was *** built for x86_64-apple-darwin14.1.0 and thus may not match the *** used host x86_64-apple-darwin14.3.0. *** You may want to use the configure option --with-npth-prefix *** to specify a matching config script. *** configure:9130: checking for ntbtls-config configure:9161: result: no configure:9178: checking for NTBTLS - version >= 0.1.0 configure:9215: result: no configure:9340: checking for pkg-config configure:9358: found /usr/local/opt/pkg-config/bin/pkg-config configure:9370: result: /usr/local/opt/pkg-config/bin/pkg-config configure:9395: checking pkg-config is at least version 0.9.0 configure:9398: result: yes configure:9408: checking for LIBGNUTLS configure:9415: $PKG_CONFIG --exists --print-errors "gnutls >= $NEED_GNUTLS_VERSION" configure:9418: $? = 0 configure:9432: $PKG_CONFIG --exists --print-errors "gnutls >= $NEED_GNUTLS_VERSION" configure:9435: $? = 0 configure:9473: result: yes configure:9501: checking for networking options configure:9510: checking for gethostbyname configure:9510: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:9510: $? = 0 configure:9510: result: yes configure:9556: checking for setsockopt configure:9556: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:9556: $? = 0 configure:9556: result: yes configure:9621: checking adns.h usability configure:9621: clang -c -g -O2 conftest.c >&5 conftest.c:101:10: fatal error: 'adns.h' file not found #include ^ 1 error generated. configure:9621: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | /* end confdefs.h. */ | #include | #ifdef HAVE_SYS_TYPES_H | # include | #endif | #ifdef HAVE_SYS_STAT_H | # include | #endif | #ifdef STDC_HEADERS | # include | # include | #else | # ifdef HAVE_STDLIB_H | # include | # endif | #endif | #ifdef HAVE_STRING_H | # if !defined STDC_HEADERS && defined HAVE_MEMORY_H | # include | # endif | # include | #endif | #ifdef HAVE_STRINGS_H | # include | #endif | #ifdef HAVE_INTTYPES_H | # include | #endif | #ifdef HAVE_STDINT_H | # include | #endif | #ifdef HAVE_UNISTD_H | # include | #endif | #include configure:9621: result: no configure:9621: checking adns.h presence configure:9621: clang -E conftest.c conftest.c:68:10: fatal error: 'adns.h' file not found #include ^ 1 error generated. configure:9621: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | /* end confdefs.h. */ | #include configure:9621: result: no configure:9621: checking for adns.h configure:9621: result: no configure:9703: checking for library containing res_query configure:9734: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:9734: $? = 0 configure:9751: result: none required configure:9818: checking for library containing dn_expand configure:9849: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:9849: $? = 0 configure:9866: result: none required configure:9933: checking for library containing dn_skipname configure:9964: clang -o conftest -g -O2 -lresolv conftest.c >&5 Undefined symbols for architecture x86_64: "_dn_skipname", referenced from: _main in conftest-1e7ad6.o ld: symbol(s) not found for architecture x86_64 clang: error: linker command failed with exit code 1 (use -v to see invocation) configure:9964: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | /* end confdefs.h. */ | | /* Override any GCC internal prototype to avoid an error. | Use char because int might match the return type of a GCC | builtin and then its argument prototype would still apply. */ | #ifdef __cplusplus | extern "C" | #endif | char dn_skipname (); | int | main () | { | return dn_skipname (); | ; | return 0; | } configure:9964: clang -o conftest -g -O2 -lresolv conftest.c -lresolv >&5 Undefined symbols for architecture x86_64: "_dn_skipname", referenced from: _main in conftest-3d7408.o ld: symbol(s) not found for architecture x86_64 clang: error: linker command failed with exit code 1 (use -v to see invocation) configure:9964: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | /* end confdefs.h. */ | | /* Override any GCC internal prototype to avoid an error. | Use char because int might match the return type of a GCC | builtin and then its argument prototype would still apply. */ | #ifdef __cplusplus | extern "C" | #endif | char dn_skipname (); | int | main () | { | return dn_skipname (); | ; | return 0; | } configure:9964: clang -o conftest -g -O2 -lresolv conftest.c -lbind >&5 ld: library not found for -lbind clang: error: linker command failed with exit code 1 (use -v to see invocation) configure:9964: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | /* end confdefs.h. */ | | /* Override any GCC internal prototype to avoid an error. | Use char because int might match the return type of a GCC | builtin and then its argument prototype would still apply. */ | #ifdef __cplusplus | extern "C" | #endif | char dn_skipname (); | int | main () | { | return dn_skipname (); | ; | return 0; | } configure:9981: result: no configure:9988: checking for library containing __dn_skipname configure:10019: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:10019: $? = 0 configure:10036: result: none required configure:10057: checking whether the resolver is usable configure:10077: clang -o conftest -g -O2 -lresolv conftest.c >&5 conftest.c:75:22: error: use of undeclared identifier 'PACKETSZ' unsigned char answer[PACKETSZ]; ^ conftest.c:76:23: error: use of undeclared identifier 'C_IN' res_query("foo.bar",C_IN,T_A,answer,PACKETSZ); ^ conftest.c:76:28: error: use of undeclared identifier 'T_A' res_query("foo.bar",C_IN,T_A,answer,PACKETSZ); ^ conftest.c:76:39: error: use of undeclared identifier 'PACKETSZ' res_query("foo.bar",C_IN,T_A,answer,PACKETSZ); ^ 4 errors generated. configure:10077: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | /* end confdefs.h. */ | #include | #include | #include | #include | int | main () | { | unsigned char answer[PACKETSZ]; | res_query("foo.bar",C_IN,T_A,answer,PACKETSZ); | dn_skipname(0,0); | dn_expand(0,0,0,0,0); | | ; | return 0; | } configure:10084: result: no configure:10091: checking whether I can make the resolver usable with BIND_8_COMPAT configure:10111: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:10111: $? = 0 configure:10116: result: yes configure:10225: checking whether LDAP via "-lldap" is present and sane configure:10245: clang -o conftest -g -O2 -lresolv conftest.c -lldap >&5 conftest.c:82:1: warning: 'ldap_open' is deprecated: first deprecated in OS X 10.10 - use ldap_initialize [-Wdeprecated-declarations] ldap_open("foobar",1234); ^ /usr/include/ldap.h:1527:1: note: 'ldap_open' has been explicitly marked deprecated here ldap_open LDAP_P(( /* deprecated, use ldap_create or ldap_initialize */ ^ 1 warning generated. configure:10245: $? = 0 configure:10252: result: yes configure:10296: checking for ldap_get_option configure:10296: clang -o conftest -g -O2 -lresolv conftest.c -lldap >&5 configure:10296: $? = 0 configure:10296: result: yes configure:10296: checking for ldap_set_option configure:10296: clang -o conftest -g -O2 -lresolv conftest.c -lldap >&5 configure:10296: $? = 0 configure:10296: result: yes configure:10310: checking for ldap_start_tls_s configure:10310: clang -o conftest -g -O2 -lresolv conftest.c -lldap >&5 configure:10310: $? = 0 configure:10310: result: yes configure:10310: checking for ldap_start_tls_sA configure:10310: clang -o conftest -g -O2 -lresolv conftest.c -lldap >&5 Undefined symbols for architecture x86_64: "_ldap_start_tls_sA", referenced from: _main in conftest-fe151a.o ld: symbol(s) not found for architecture x86_64 clang: error: linker command failed with exit code 1 (use -v to see invocation) configure:10310: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | /* end confdefs.h. */ | /* Define ldap_start_tls_sA to an innocuous variant, in case declares ldap_start_tls_sA. | For example, HP-UX 11i declares gettimeofday. */ | #define ldap_start_tls_sA innocuous_ldap_start_tls_sA | | /* System header to define __stub macros and hopefully few prototypes, | which can conflict with char ldap_start_tls_sA (); below. | Prefer to if __STDC__ is defined, since | exists even on freestanding compilers. */ | | #ifdef __STDC__ | # include | #else | # include | #endif | | #undef ldap_start_tls_sA | | /* Override any GCC internal prototype to avoid an error. | Use char because int might match the return type of a GCC | builtin and then its argument prototype would still apply. */ | #ifdef __cplusplus | extern "C" | #endif | char ldap_start_tls_sA (); | /* The GNU C library defines this for functions which it implements | to always fail with ENOSYS. Some functions are actually named | something starting with __ and the normal name is an alias. */ | #if defined __stub_ldap_start_tls_sA || defined __stub___ldap_start_tls_sA | choke me | #endif | | int | main () | { | return ldap_start_tls_sA (); | ; | return 0; | } configure:10310: result: no configure:10365: checking for ber_free in -llber configure:10390: clang -o conftest -g -O2 -lresolv conftest.c -llber >&5 configure:10390: $? = 0 configure:10399: result: yes configure:10476: checking for sendmail configure:10495: found /usr/sbin/sendmail configure:10507: result: /usr/sbin/sendmail configure:10603: checking for ld used by GCC configure:10667: result: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ld configure:10674: checking if the linker (/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ld) is GNU ld configure:10687: result: no configure:10694: checking for shared library run path origin configure:10707: result: done configure:11215: checking for iconv configure:11237: clang -o conftest -g -O2 -lresolv conftest.c >&5 Undefined symbols for architecture x86_64: "_iconv", referenced from: _main in conftest-76c6d7.o "_iconv_close", referenced from: _main in conftest-76c6d7.o "_iconv_open", referenced from: _main in conftest-76c6d7.o ld: symbol(s) not found for architecture x86_64 clang: error: linker command failed with exit code 1 (use -v to see invocation) configure:11237: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | /* end confdefs.h. */ | #include | #include | int | main () | { | iconv_t cd = iconv_open("",""); | iconv(cd,NULL,NULL,NULL,NULL); | iconv_close(cd); | ; | return 0; | } configure:11259: clang -o conftest -g -O2 -lresolv conftest.c -liconv >&5 configure:11259: $? = 0 configure:11269: result: yes configure:11272: checking for working iconv configure:11348: clang -o conftest -g -O2 -lresolv conftest.c -liconv >&5 configure:11348: $? = 0 configure:11348: ./conftest configure:11348: $? = 0 configure:11360: result: yes configure:11375: checking how to link with libiconv configure:11377: result: -liconv configure:11388: checking for iconv declaration configure:11417: clang -c -g -O2 conftest.c >&5 configure:11417: $? = 0 configure:11428: result: extern size_t iconv (iconv_t cd, char * *inbuf, size_t *inbytesleft, char * *outbuf, size_t *outbytesleft); configure:11452: checking for gettext configure:11455: checking whether NLS is requested configure:11464: result: yes configure:11505: checking for msgfmt configure: trying /usr/local/opt/gettext/bin/msgfmt... 0 translated messages. configure:11537: result: /usr/local/opt/gettext/bin/msgfmt configure:11546: checking for gmsgfmt configure:11577: result: /usr/local/opt/gettext/bin/msgfmt configure:11628: checking for xgettext configure: trying /usr/local/opt/gettext/bin/xgettext... /usr/local/opt/gettext/bin/xgettext: warning: file '/dev/null' extension '' is unknown; will try C configure:11660: result: /usr/local/opt/gettext/bin/xgettext configure:11706: checking for msgmerge configure: trying /usr/local/opt/gettext/bin/msgmerge... configure:11737: result: /usr/local/opt/gettext/bin/msgmerge configure:11779: checking for CFPreferencesCopyAppValue configure:11797: clang -o conftest -g -O2 -lresolv conftest.c -Wl,-framework -Wl,CoreFoundation >&5 configure:11797: $? = 0 configure:11806: result: yes configure:11813: checking for CFLocaleCopyCurrent configure:11831: clang -o conftest -g -O2 -lresolv conftest.c -Wl,-framework -Wl,CoreFoundation >&5 configure:11831: $? = 0 configure:11840: result: yes configure:11889: checking for GNU gettext in libc configure:11909: clang -o conftest -g -O2 -lresolv conftest.c >&5 Undefined symbols for architecture x86_64: "__nl_domain_bindings", referenced from: _main in conftest-57eb0c.o "__nl_msg_cat_cntr", referenced from: _main in conftest-57eb0c.o "_libintl_bindtextdomain", referenced from: _main in conftest-57eb0c.o "_libintl_gettext", referenced from: _main in conftest-57eb0c.o "_libintl_ngettext", referenced from: _main in conftest-57eb0c.o ld: symbol(s) not found for architecture x86_64 clang: error: linker command failed with exit code 1 (use -v to see invocation) configure:11909: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | /* end confdefs.h. */ | #include | | extern int _nl_msg_cat_cntr; | extern int *_nl_domain_bindings; | int | main () | { | bindtextdomain ("", ""); | return * gettext ("") + * ngettext ("", "", 0) + _nl_msg_cat_cntr + *_nl_domain_bindings | ; | return 0; | } configure:11918: result: no configure:11952: checking for iconv configure:12006: result: yes configure:12009: checking for working iconv configure:12097: result: yes configure:12112: checking how to link with libiconv configure:12114: result: -liconv configure:12560: checking for GNU gettext in libintl configure:12588: clang -o conftest -g -O2 -lresolv conftest.c -lintl >&5 configure:12588: $? = 0 configure:12629: result: yes configure:12664: checking whether to use NLS configure:12666: result: yes configure:12669: checking where the gettext function comes from configure:12680: result: external libintl configure:12688: checking how to link with libintl configure:12690: result: -lintl -Wl,-framework -Wl,CoreFoundation configure:12744: checking for strchr configure:12744: clang -o conftest -g -O2 -lresolv conftest.c >&5 conftest.c:109:6: warning: incompatible redeclaration of library function 'strchr' [-Wincompatible-library-redeclaration] char strchr (); ^ conftest.c:109:6: note: 'strchr' is a builtin with type 'char *(const char *, int)' 1 warning generated. configure:12744: $? = 0 configure:12744: result: yes configure:12766: checking for nl_langinfo and CODESET configure:12782: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:12782: $? = 0 configure:12791: result: yes configure:12802: checking for LC_MESSAGES configure:12818: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:12818: $? = 0 configure:12826: result: yes configure:12849: checking for header files configure:12851: checking for ANSI C header files configure:12955: result: yes configure:12967: checking for string.h configure:12967: result: yes configure:12967: checking for unistd.h configure:12967: result: yes configure:12967: checking langinfo.h usability configure:12967: clang -c -g -O2 conftest.c >&5 configure:12967: $? = 0 configure:12967: result: yes configure:12967: checking langinfo.h presence configure:12967: clang -E conftest.c configure:12967: $? = 0 configure:12967: result: yes configure:12967: checking for langinfo.h configure:12967: result: yes configure:12967: checking termio.h usability configure:12967: clang -c -g -O2 conftest.c >&5 conftest.c:126:10: fatal error: 'termio.h' file not found #include ^ 1 error generated. configure:12967: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | /* end confdefs.h. */ | #include | #ifdef HAVE_SYS_TYPES_H | # include | #endif | #ifdef HAVE_SYS_STAT_H | # include | #endif | #ifdef STDC_HEADERS | # include | # include | #else | # ifdef HAVE_STDLIB_H | # include | # endif | #endif | #ifdef HAVE_STRING_H | # if !defined STDC_HEADERS && defined HAVE_MEMORY_H | # include | # endif | # include | #endif | #ifdef HAVE_STRINGS_H | # include | #endif | #ifdef HAVE_INTTYPES_H | # include | #endif | #ifdef HAVE_STDINT_H | # include | #endif | #ifdef HAVE_UNISTD_H | # include | #endif | #include configure:12967: result: no configure:12967: checking termio.h presence configure:12967: clang -E conftest.c conftest.c:93:10: fatal error: 'termio.h' file not found #include ^ 1 error generated. configure:12967: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | /* end confdefs.h. */ | #include configure:12967: result: no configure:12967: checking for termio.h configure:12967: result: no configure:12967: checking locale.h usability configure:12967: clang -c -g -O2 conftest.c >&5 configure:12967: $? = 0 configure:12967: result: yes configure:12967: checking locale.h presence configure:12967: clang -E conftest.c configure:12967: $? = 0 configure:12967: result: yes configure:12967: checking for locale.h configure:12967: result: yes configure:12967: checking getopt.h usability configure:12967: clang -c -g -O2 conftest.c >&5 configure:12967: $? = 0 configure:12967: result: yes configure:12967: checking getopt.h presence configure:12967: clang -E conftest.c configure:12967: $? = 0 configure:12967: result: yes configure:12967: checking for getopt.h configure:12967: result: yes configure:12967: checking pty.h usability configure:12967: clang -c -g -O2 conftest.c >&5 conftest.c:128:10: fatal error: 'pty.h' file not found #include ^ 1 error generated. configure:12967: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | /* end confdefs.h. */ | #include | #ifdef HAVE_SYS_TYPES_H | # include | #endif | #ifdef HAVE_SYS_STAT_H | # include | #endif | #ifdef STDC_HEADERS | # include | # include | #else | # ifdef HAVE_STDLIB_H | # include | # endif | #endif | #ifdef HAVE_STRING_H | # if !defined STDC_HEADERS && defined HAVE_MEMORY_H | # include | # endif | # include | #endif | #ifdef HAVE_STRINGS_H | # include | #endif | #ifdef HAVE_INTTYPES_H | # include | #endif | #ifdef HAVE_STDINT_H | # include | #endif | #ifdef HAVE_UNISTD_H | # include | #endif | #include configure:12967: result: no configure:12967: checking pty.h presence configure:12967: clang -E conftest.c conftest.c:95:10: fatal error: 'pty.h' file not found #include ^ 1 error generated. configure:12967: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | /* end confdefs.h. */ | #include configure:12967: result: no configure:12967: checking for pty.h configure:12967: result: no configure:12967: checking utmp.h usability configure:12967: clang -c -g -O2 conftest.c >&5 configure:12967: $? = 0 configure:12967: result: yes configure:12967: checking utmp.h presence configure:12967: clang -E conftest.c configure:12967: $? = 0 configure:12967: result: yes configure:12967: checking for utmp.h configure:12967: result: yes configure:12967: checking pwd.h usability configure:12967: clang -c -g -O2 conftest.c >&5 configure:12967: $? = 0 configure:12967: result: yes configure:12967: checking pwd.h presence configure:12967: clang -E conftest.c configure:12967: $? = 0 configure:12967: result: yes configure:12967: checking for pwd.h configure:12967: result: yes configure:12967: checking for inttypes.h configure:12967: result: yes configure:12967: checking signal.h usability configure:12967: clang -c -g -O2 conftest.c >&5 configure:12967: $? = 0 configure:12967: result: yes configure:12967: checking signal.h presence configure:12967: clang -E conftest.c configure:12967: $? = 0 configure:12967: result: yes configure:12967: checking for signal.h configure:12967: result: yes configure:12967: checking sys/select.h usability configure:12967: clang -c -g -O2 conftest.c >&5 configure:12967: $? = 0 configure:12967: result: yes configure:12967: checking sys/select.h presence configure:12967: clang -E conftest.c configure:12967: $? = 0 configure:12967: result: yes configure:12967: checking for sys/select.h configure:12967: result: yes configure:12977: checking whether time.h and sys/time.h may both be included configure:12997: clang -c -g -O2 conftest.c >&5 configure:12997: $? = 0 configure:13004: result: yes configure:13017: checking for system characteristics configure:13019: checking for an ANSI C-conforming const configure:13085: clang -c -g -O2 conftest.c >&5 configure:13085: $? = 0 configure:13092: result: yes configure:13100: checking for inline configure:13116: clang -c -g -O2 conftest.c >&5 configure:13116: $? = 0 configure:13124: result: inline configure:13142: checking for working volatile configure:13161: clang -c -g -O2 conftest.c >&5 configure:13161: $? = 0 configure:13168: result: yes configure:13176: checking for size_t configure:13176: clang -c -g -O2 conftest.c >&5 configure:13176: $? = 0 configure:13176: clang -c -g -O2 conftest.c >&5 conftest.c:137:21: error: expected expression if (sizeof ((size_t))) ^ 1 error generated. configure:13176: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | /* end confdefs.h. */ | #include | #ifdef HAVE_SYS_TYPES_H | # include | #endif | #ifdef HAVE_SYS_STAT_H | # include | #endif | #ifdef STDC_HEADERS | # include | # include | #else | # ifdef HAVE_STDLIB_H | # include | # endif | #endif | #ifdef HAVE_STRING_H | # if !defined STDC_HEADERS && defined HAVE_MEMORY_H | # include | # endif | # include | #endif | #ifdef HAVE_STRINGS_H | # include | #endif | #ifdef HAVE_INTTYPES_H | # include | #endif | #ifdef HAVE_STDINT_H | # include | #endif | #ifdef HAVE_UNISTD_H | # include | #endif | int | main () | { | if (sizeof ((size_t))) | return 0; | ; | return 0; | } configure:13176: result: yes configure:13187: checking for mode_t configure:13187: clang -c -g -O2 conftest.c >&5 configure:13187: $? = 0 configure:13187: clang -c -g -O2 conftest.c >&5 conftest.c:137:21: error: expected expression if (sizeof ((mode_t))) ^ 1 error generated. configure:13187: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | /* end confdefs.h. */ | #include | #ifdef HAVE_SYS_TYPES_H | # include | #endif | #ifdef HAVE_SYS_STAT_H | # include | #endif | #ifdef STDC_HEADERS | # include | # include | #else | # ifdef HAVE_STDLIB_H | # include | # endif | #endif | #ifdef HAVE_STRING_H | # if !defined STDC_HEADERS && defined HAVE_MEMORY_H | # include | # endif | # include | #endif | #ifdef HAVE_STRINGS_H | # include | #endif | #ifdef HAVE_INTTYPES_H | # include | #endif | #ifdef HAVE_STDINT_H | # include | #endif | #ifdef HAVE_UNISTD_H | # include | #endif | int | main () | { | if (sizeof ((mode_t))) | return 0; | ; | return 0; | } configure:13187: result: yes configure:13198: checking return type of signal handlers configure:13216: clang -c -g -O2 conftest.c >&5 conftest.c:107:8: error: indirection requires pointer operand ('void' invalid) return *(signal (0, 0)) (0) == 1; ^~~~~~~~~~~~~~~~~~~~ 1 error generated. configure:13216: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | /* end confdefs.h. */ | #include | #include | | int | main () | { | return *(signal (0, 0)) (0) == 1; | ; | return 0; | } configure:13223: result: void configure:13231: checking whether sys_siglist is declared configure:13231: clang -c -g -O2 conftest.c >&5 configure:13231: $? = 0 configure:13231: result: yes configure:13256: checking for sys/socket.h configure:13256: clang -c -g -O2 conftest.c >&5 configure:13256: $? = 0 configure:13256: result: yes configure:13291: checking for socklen_t configure:13291: clang -c -g -O2 conftest.c >&5 configure:13291: $? = 0 configure:13291: clang -c -g -O2 conftest.c >&5 conftest.c:114:24: error: expected expression if (sizeof ((socklen_t))) ^ 1 error generated. configure:13291: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | #define RETSIGTYPE void | #define HAVE_DECL_SYS_SIGLIST 1 | #define HAVE_SYS_SOCKET_H 1 | /* end confdefs.h. */ | #include | #if HAVE_SYS_SOCKET_H | # include | #elif HAVE_WS2TCPIP_H | # include | #endif | | int | main () | { | if (sizeof ((socklen_t))) | return 0; | ; | return 0; | } configure:13291: result: yes configure:13350: checking for library containing inet_addr configure:13381: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:13381: $? = 0 configure:13398: result: none required configure:13428: checking endianess configure:13450: clang -c -g -O2 conftest.c >&5 configure:13450: $? = 0 configure:13467: clang -c -g -O2 conftest.c >&5 conftest.c:111:10: error: use of undeclared identifier 'not' not big endian ^ 1 error generated. configure:13467: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | #define RETSIGTYPE void | #define HAVE_DECL_SYS_SIGLIST 1 | #define HAVE_SYS_SOCKET_H 1 | /* end confdefs.h. */ | #include | #include | int | main () | { | | #if BYTE_ORDER != BIG_ENDIAN | not big endian | #endif | ; | return 0; | } configure:13507: result: little configure:13522: checking for byte typedef configure:13543: clang -c -g -O2 conftest.c >&5 conftest.c:113:20: error: use of undeclared identifier 'byte' int a = sizeof(byte); ^ 1 error generated. configure:13543: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | #define RETSIGTYPE void | #define HAVE_DECL_SYS_SIGLIST 1 | #define HAVE_SYS_SOCKET_H 1 | #define LITTLE_ENDIAN_HOST 1 | /* end confdefs.h. */ | #define _GNU_SOURCE 1 | #include | #include | int | main () | { | | #undef byte | int a = sizeof(byte); | | ; | return 0; | } configure:13551: result: no configure:13559: checking for ushort typedef configure:13580: clang -c -g -O2 conftest.c >&5 configure:13580: $? = 0 configure:13588: result: yes configure:13596: checking for ulong typedef configure:13617: clang -c -g -O2 conftest.c >&5 conftest.c:114:20: error: use of undeclared identifier 'ulong' int a = sizeof(ulong); ^ 1 error generated. configure:13617: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | #define RETSIGTYPE void | #define HAVE_DECL_SYS_SIGLIST 1 | #define HAVE_SYS_SOCKET_H 1 | #define LITTLE_ENDIAN_HOST 1 | #define HAVE_USHORT_TYPEDEF 1 | /* end confdefs.h. */ | #define _GNU_SOURCE 1 | #include | #include | int | main () | { | | #undef ulong | int a = sizeof(ulong); | | ; | return 0; | } configure:13625: result: no configure:13633: checking for u16 typedef configure:13654: clang -c -g -O2 conftest.c >&5 conftest.c:114:20: error: use of undeclared identifier 'u16' int a = sizeof(u16); ^ 1 error generated. configure:13654: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | #define RETSIGTYPE void | #define HAVE_DECL_SYS_SIGLIST 1 | #define HAVE_SYS_SOCKET_H 1 | #define LITTLE_ENDIAN_HOST 1 | #define HAVE_USHORT_TYPEDEF 1 | /* end confdefs.h. */ | #define _GNU_SOURCE 1 | #include | #include | int | main () | { | | #undef u16 | int a = sizeof(u16); | | ; | return 0; | } configure:13662: result: no configure:13670: checking for u32 typedef configure:13691: clang -c -g -O2 conftest.c >&5 conftest.c:114:20: error: use of undeclared identifier 'u32' int a = sizeof(u32); ^ 1 error generated. configure:13691: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | #define RETSIGTYPE void | #define HAVE_DECL_SYS_SIGLIST 1 | #define HAVE_SYS_SOCKET_H 1 | #define LITTLE_ENDIAN_HOST 1 | #define HAVE_USHORT_TYPEDEF 1 | /* end confdefs.h. */ | #define _GNU_SOURCE 1 | #include | #include | int | main () | { | | #undef u32 | int a = sizeof(u32); | | ; | return 0; | } configure:13699: result: no configure:13712: checking size of unsigned short configure:13717: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:13717: $? = 0 configure:13717: ./conftest configure:13717: $? = 0 configure:13731: result: 2 configure:13745: checking size of unsigned int configure:13750: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:13750: $? = 0 configure:13750: ./conftest configure:13750: $? = 0 configure:13764: result: 4 configure:13778: checking size of unsigned long configure:13783: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:13783: $? = 0 configure:13783: ./conftest configure:13783: $? = 0 configure:13797: result: 8 configure:13811: checking size of unsigned long long configure:13816: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:13816: $? = 0 configure:13816: ./conftest configure:13816: $? = 0 configure:13830: result: 8 configure:13840: checking whether time.h and sys/time.h may both be included configure:13867: result: yes configure:13879: checking size of time_t configure:13884: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:13884: $? = 0 configure:13884: ./conftest configure:13884: $? = 0 configure:13911: result: 8 configure:13921: checking whether time_t is unsigned configure:13951: clang -c -g -O2 conftest.c >&5 configure:13951: $? = 0 configure:13958: result: no configure:13979: checking for library functions configure:13981: checking whether getpagesize is declared configure:13981: clang -c -g -O2 conftest.c >&5 configure:13981: $? = 0 configure:13981: result: yes configure:13992: checking for _LARGEFILE_SOURCE value needed for large files configure:14011: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14011: $? = 0 configure:14039: result: no configure:14062: checking for vprintf configure:14062: clang -o conftest -g -O2 -lresolv conftest.c >&5 conftest.c:137:6: warning: incompatible redeclaration of library function 'vprintf' [-Wincompatible-library-redeclaration] char vprintf (); ^ conftest.c:137:6: note: 'vprintf' is a builtin with type 'int (const char *, __va_list_tag *)' 1 warning generated. configure:14062: $? = 0 configure:14062: result: yes configure:14068: checking for _doprnt configure:14068: clang -o conftest -g -O2 -lresolv conftest.c >&5 Undefined symbols for architecture x86_64: "__doprnt", referenced from: _main in conftest-bbd2ac.o ld: symbol(s) not found for architecture x86_64 clang: error: linker command failed with exit code 1 (use -v to see invocation) configure:14068: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | #define RETSIGTYPE void | #define HAVE_DECL_SYS_SIGLIST 1 | #define HAVE_SYS_SOCKET_H 1 | #define LITTLE_ENDIAN_HOST 1 | #define HAVE_USHORT_TYPEDEF 1 | #define SIZEOF_UNSIGNED_SHORT 2 | #define SIZEOF_UNSIGNED_INT 4 | #define SIZEOF_UNSIGNED_LONG 8 | #define SIZEOF_UNSIGNED_LONG_LONG 8 | #define TIME_WITH_SYS_TIME 1 | #define SIZEOF_TIME_T 8 | #define HAVE_DECL_GETPAGESIZE 1 | #define HAVE_FSEEKO 1 | #define HAVE_VPRINTF 1 | /* end confdefs.h. */ | /* Define _doprnt to an innocuous variant, in case declares _doprnt. | For example, HP-UX 11i declares gettimeofday. */ | #define _doprnt innocuous__doprnt | | /* System header to define __stub macros and hopefully few prototypes, | which can conflict with char _doprnt (); below. | Prefer to if __STDC__ is defined, since | exists even on freestanding compilers. */ | | #ifdef __STDC__ | # include | #else | # include | #endif | | #undef _doprnt | | /* Override any GCC internal prototype to avoid an error. | Use char because int might match the return type of a GCC | builtin and then its argument prototype would still apply. */ | #ifdef __cplusplus | extern "C" | #endif | char _doprnt (); | /* The GNU C library defines this for functions which it implements | to always fail with ENOSYS. Some functions are actually named | something starting with __ and the normal name is an alias. */ | #if defined __stub__doprnt || defined __stub____doprnt | choke me | #endif | | int | main () | { | return _doprnt (); | ; | return 0; | } configure:14068: result: no configure:14079: checking for pid_t configure:14079: clang -c -g -O2 conftest.c >&5 configure:14079: $? = 0 configure:14079: clang -c -g -O2 conftest.c >&5 conftest.c:151:20: error: expected expression if (sizeof ((pid_t))) ^ 1 error generated. configure:14079: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | #define RETSIGTYPE void | #define HAVE_DECL_SYS_SIGLIST 1 | #define HAVE_SYS_SOCKET_H 1 | #define LITTLE_ENDIAN_HOST 1 | #define HAVE_USHORT_TYPEDEF 1 | #define SIZEOF_UNSIGNED_SHORT 2 | #define SIZEOF_UNSIGNED_INT 4 | #define SIZEOF_UNSIGNED_LONG 8 | #define SIZEOF_UNSIGNED_LONG_LONG 8 | #define TIME_WITH_SYS_TIME 1 | #define SIZEOF_TIME_T 8 | #define HAVE_DECL_GETPAGESIZE 1 | #define HAVE_FSEEKO 1 | #define HAVE_VPRINTF 1 | /* end confdefs.h. */ | #include | #ifdef HAVE_SYS_TYPES_H | # include | #endif | #ifdef HAVE_SYS_STAT_H | # include | #endif | #ifdef STDC_HEADERS | # include | # include | #else | # ifdef HAVE_STDLIB_H | # include | # endif | #endif | #ifdef HAVE_STRING_H | # if !defined STDC_HEADERS && defined HAVE_MEMORY_H | # include | # endif | # include | #endif | #ifdef HAVE_STRINGS_H | # include | #endif | #ifdef HAVE_INTTYPES_H | # include | #endif | #ifdef HAVE_STDINT_H | # include | #endif | #ifdef HAVE_UNISTD_H | # include | #endif | int | main () | { | if (sizeof ((pid_t))) | return 0; | ; | return 0; | } configure:14079: result: yes configure:14092: checking vfork.h usability configure:14092: clang -c -g -O2 conftest.c >&5 conftest.c:148:10: fatal error: 'vfork.h' file not found #include ^ 1 error generated. configure:14092: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | #define RETSIGTYPE void | #define HAVE_DECL_SYS_SIGLIST 1 | #define HAVE_SYS_SOCKET_H 1 | #define LITTLE_ENDIAN_HOST 1 | #define HAVE_USHORT_TYPEDEF 1 | #define SIZEOF_UNSIGNED_SHORT 2 | #define SIZEOF_UNSIGNED_INT 4 | #define SIZEOF_UNSIGNED_LONG 8 | #define SIZEOF_UNSIGNED_LONG_LONG 8 | #define TIME_WITH_SYS_TIME 1 | #define SIZEOF_TIME_T 8 | #define HAVE_DECL_GETPAGESIZE 1 | #define HAVE_FSEEKO 1 | #define HAVE_VPRINTF 1 | /* end confdefs.h. */ | #include | #ifdef HAVE_SYS_TYPES_H | # include | #endif | #ifdef HAVE_SYS_STAT_H | # include | #endif | #ifdef STDC_HEADERS | # include | # include | #else | # ifdef HAVE_STDLIB_H | # include | # endif | #endif | #ifdef HAVE_STRING_H | # if !defined STDC_HEADERS && defined HAVE_MEMORY_H | # include | # endif | # include | #endif | #ifdef HAVE_STRINGS_H | # include | #endif | #ifdef HAVE_INTTYPES_H | # include | #endif | #ifdef HAVE_STDINT_H | # include | #endif | #ifdef HAVE_UNISTD_H | # include | #endif | #include configure:14092: result: no configure:14092: checking vfork.h presence configure:14092: clang -E conftest.c conftest.c:115:10: fatal error: 'vfork.h' file not found #include ^ 1 error generated. configure:14092: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | #define RETSIGTYPE void | #define HAVE_DECL_SYS_SIGLIST 1 | #define HAVE_SYS_SOCKET_H 1 | #define LITTLE_ENDIAN_HOST 1 | #define HAVE_USHORT_TYPEDEF 1 | #define SIZEOF_UNSIGNED_SHORT 2 | #define SIZEOF_UNSIGNED_INT 4 | #define SIZEOF_UNSIGNED_LONG 8 | #define SIZEOF_UNSIGNED_LONG_LONG 8 | #define TIME_WITH_SYS_TIME 1 | #define SIZEOF_TIME_T 8 | #define HAVE_DECL_GETPAGESIZE 1 | #define HAVE_FSEEKO 1 | #define HAVE_VPRINTF 1 | /* end confdefs.h. */ | #include configure:14092: result: no configure:14092: checking for vfork.h configure:14092: result: no configure:14105: checking for fork configure:14105: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14105: $? = 0 configure:14105: result: yes configure:14105: checking for vfork configure:14105: clang -o conftest -g -O2 -lresolv conftest.c >&5 conftest.c:139:6: warning: incompatible redeclaration of library function 'vfork' [-Wincompatible-library-redeclaration] char vfork (); ^ conftest.c:139:6: note: 'vfork' is a builtin with type 'int (void)' 1 warning generated. configure:14105: $? = 0 configure:14105: result: yes configure:14115: checking for working fork configure:14137: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14137: $? = 0 configure:14137: ./conftest configure:14137: $? = 0 configure:14147: result: yes configure:14168: checking for working vfork configure:14278: result: yes configure:14306: checking for strerror configure:14306: clang -o conftest -g -O2 -lresolv conftest.c >&5 conftest.c:142:6: warning: incompatible redeclaration of library function 'strerror' [-Wincompatible-library-redeclaration] char strerror (); ^ conftest.c:142:6: note: 'strerror' is a builtin with type 'char *(int)' 1 warning generated. configure:14306: $? = 0 configure:14306: result: yes configure:14306: checking for strlwr configure:14306: clang -o conftest -g -O2 -lresolv conftest.c >&5 Undefined symbols for architecture x86_64: "_strlwr", referenced from: _main in conftest-e6cb99.o ld: symbol(s) not found for architecture x86_64 clang: error: linker command failed with exit code 1 (use -v to see invocation) configure:14306: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | #define RETSIGTYPE void | #define HAVE_DECL_SYS_SIGLIST 1 | #define HAVE_SYS_SOCKET_H 1 | #define LITTLE_ENDIAN_HOST 1 | #define HAVE_USHORT_TYPEDEF 1 | #define SIZEOF_UNSIGNED_SHORT 2 | #define SIZEOF_UNSIGNED_INT 4 | #define SIZEOF_UNSIGNED_LONG 8 | #define SIZEOF_UNSIGNED_LONG_LONG 8 | #define TIME_WITH_SYS_TIME 1 | #define SIZEOF_TIME_T 8 | #define HAVE_DECL_GETPAGESIZE 1 | #define HAVE_FSEEKO 1 | #define HAVE_VPRINTF 1 | #define HAVE_FORK 1 | #define HAVE_VFORK 1 | #define HAVE_WORKING_VFORK 1 | #define HAVE_WORKING_FORK 1 | #define HAVE_STRERROR 1 | /* end confdefs.h. */ | /* Define strlwr to an innocuous variant, in case declares strlwr. | For example, HP-UX 11i declares gettimeofday. */ | #define strlwr innocuous_strlwr | | /* System header to define __stub macros and hopefully few prototypes, | which can conflict with char strlwr (); below. | Prefer to if __STDC__ is defined, since | exists even on freestanding compilers. */ | | #ifdef __STDC__ | # include | #else | # include | #endif | | #undef strlwr | | /* Override any GCC internal prototype to avoid an error. | Use char because int might match the return type of a GCC | builtin and then its argument prototype would still apply. */ | #ifdef __cplusplus | extern "C" | #endif | char strlwr (); | /* The GNU C library defines this for functions which it implements | to always fail with ENOSYS. Some functions are actually named | something starting with __ and the normal name is an alias. */ | #if defined __stub_strlwr || defined __stub___strlwr | choke me | #endif | | int | main () | { | return strlwr (); | ; | return 0; | } configure:14306: result: no configure:14306: checking for tcgetattr configure:14306: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14306: $? = 0 configure:14306: result: yes configure:14306: checking for mmap configure:14306: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14306: $? = 0 configure:14306: result: yes configure:14306: checking for canonicalize_file_name configure:14306: clang -o conftest -g -O2 -lresolv conftest.c >&5 Undefined symbols for architecture x86_64: "_canonicalize_file_name", referenced from: _main in conftest-6f8f92.o ld: symbol(s) not found for architecture x86_64 clang: error: linker command failed with exit code 1 (use -v to see invocation) configure:14306: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | #define RETSIGTYPE void | #define HAVE_DECL_SYS_SIGLIST 1 | #define HAVE_SYS_SOCKET_H 1 | #define LITTLE_ENDIAN_HOST 1 | #define HAVE_USHORT_TYPEDEF 1 | #define SIZEOF_UNSIGNED_SHORT 2 | #define SIZEOF_UNSIGNED_INT 4 | #define SIZEOF_UNSIGNED_LONG 8 | #define SIZEOF_UNSIGNED_LONG_LONG 8 | #define TIME_WITH_SYS_TIME 1 | #define SIZEOF_TIME_T 8 | #define HAVE_DECL_GETPAGESIZE 1 | #define HAVE_FSEEKO 1 | #define HAVE_VPRINTF 1 | #define HAVE_FORK 1 | #define HAVE_VFORK 1 | #define HAVE_WORKING_VFORK 1 | #define HAVE_WORKING_FORK 1 | #define HAVE_STRERROR 1 | #define HAVE_TCGETATTR 1 | #define HAVE_MMAP 1 | /* end confdefs.h. */ | /* Define canonicalize_file_name to an innocuous variant, in case declares canonicalize_file_name. | For example, HP-UX 11i declares gettimeofday. */ | #define canonicalize_file_name innocuous_canonicalize_file_name | | /* System header to define __stub macros and hopefully few prototypes, | which can conflict with char canonicalize_file_name (); below. | Prefer to if __STDC__ is defined, since | exists even on freestanding compilers. */ | | #ifdef __STDC__ | # include | #else | # include | #endif | | #undef canonicalize_file_name | | /* Override any GCC internal prototype to avoid an error. | Use char because int might match the return type of a GCC | builtin and then its argument prototype would still apply. */ | #ifdef __cplusplus | extern "C" | #endif | char canonicalize_file_name (); | /* The GNU C library defines this for functions which it implements | to always fail with ENOSYS. Some functions are actually named | something starting with __ and the normal name is an alias. */ | #if defined __stub_canonicalize_file_name || defined __stub___canonicalize_file_name | choke me | #endif | | int | main () | { | return canonicalize_file_name (); | ; | return 0; | } configure:14306: result: no configure:14318: checking for strcasecmp configure:14318: clang -o conftest -g -O2 -lresolv conftest.c >&5 conftest.c:145:6: warning: incompatible redeclaration of library function 'strcasecmp' [-Wincompatible-library-redeclaration] char strcasecmp (); ^ conftest.c:145:6: note: 'strcasecmp' is a builtin with type 'int (const char *, const char *)' 1 warning generated. configure:14318: $? = 0 configure:14318: result: yes configure:14318: checking for strncasecmp configure:14318: clang -o conftest -g -O2 -lresolv conftest.c >&5 conftest.c:146:6: warning: incompatible redeclaration of library function 'strncasecmp' [-Wincompatible-library-redeclaration] char strncasecmp (); ^ conftest.c:146:6: note: 'strncasecmp' is a builtin with type 'int (const char *, const char *, unsigned long)' 1 warning generated. configure:14318: $? = 0 configure:14318: result: yes configure:14318: checking for ctermid configure:14318: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14318: $? = 0 configure:14318: result: yes configure:14318: checking for times configure:14318: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14318: $? = 0 configure:14318: result: yes configure:14318: checking for gmtime_r configure:14318: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14318: $? = 0 configure:14318: result: yes configure:14318: checking for strtoull configure:14318: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14318: $? = 0 configure:14318: result: yes configure:14330: checking for setenv configure:14330: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14330: $? = 0 configure:14330: result: yes configure:14330: checking for unsetenv configure:14330: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14330: $? = 0 configure:14330: result: yes configure:14330: checking for fcntl configure:14330: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14330: $? = 0 configure:14330: result: yes configure:14330: checking for ftruncate configure:14330: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14330: $? = 0 configure:14330: result: yes configure:14330: checking for inet_ntop configure:14330: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14330: $? = 0 configure:14330: result: yes configure:14341: checking for canonicalize_file_name configure:14341: result: no configure:14353: checking for gettimeofday configure:14353: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14353: $? = 0 configure:14353: result: yes configure:14353: checking for getrusage configure:14353: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14353: $? = 0 configure:14353: result: yes configure:14353: checking for getrlimit configure:14353: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14353: $? = 0 configure:14353: result: yes configure:14353: checking for setrlimit configure:14353: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14353: $? = 0 configure:14353: result: yes configure:14353: checking for clock_gettime configure:14353: clang -o conftest -g -O2 -lresolv conftest.c >&5 Undefined symbols for architecture x86_64: "_clock_gettime", referenced from: _main in conftest-ee072a.o ld: symbol(s) not found for architecture x86_64 clang: error: linker command failed with exit code 1 (use -v to see invocation) configure:14353: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | #define RETSIGTYPE void | #define HAVE_DECL_SYS_SIGLIST 1 | #define HAVE_SYS_SOCKET_H 1 | #define LITTLE_ENDIAN_HOST 1 | #define HAVE_USHORT_TYPEDEF 1 | #define SIZEOF_UNSIGNED_SHORT 2 | #define SIZEOF_UNSIGNED_INT 4 | #define SIZEOF_UNSIGNED_LONG 8 | #define SIZEOF_UNSIGNED_LONG_LONG 8 | #define TIME_WITH_SYS_TIME 1 | #define SIZEOF_TIME_T 8 | #define HAVE_DECL_GETPAGESIZE 1 | #define HAVE_FSEEKO 1 | #define HAVE_VPRINTF 1 | #define HAVE_FORK 1 | #define HAVE_VFORK 1 | #define HAVE_WORKING_VFORK 1 | #define HAVE_WORKING_FORK 1 | #define HAVE_STRERROR 1 | #define HAVE_TCGETATTR 1 | #define HAVE_MMAP 1 | #define HAVE_STRCASECMP 1 | #define HAVE_STRNCASECMP 1 | #define HAVE_CTERMID 1 | #define HAVE_TIMES 1 | #define HAVE_GMTIME_R 1 | #define HAVE_STRTOULL 1 | #define HAVE_SETENV 1 | #define HAVE_UNSETENV 1 | #define HAVE_FCNTL 1 | #define HAVE_FTRUNCATE 1 | #define HAVE_INET_NTOP 1 | #define HAVE_GETTIMEOFDAY 1 | #define HAVE_GETRUSAGE 1 | #define HAVE_GETRLIMIT 1 | #define HAVE_SETRLIMIT 1 | /* end confdefs.h. */ | /* Define clock_gettime to an innocuous variant, in case declares clock_gettime. | For example, HP-UX 11i declares gettimeofday. */ | #define clock_gettime innocuous_clock_gettime | | /* System header to define __stub macros and hopefully few prototypes, | which can conflict with char clock_gettime (); below. | Prefer to if __STDC__ is defined, since | exists even on freestanding compilers. */ | | #ifdef __STDC__ | # include | #else | # include | #endif | | #undef clock_gettime | | /* Override any GCC internal prototype to avoid an error. | Use char because int might match the return type of a GCC | builtin and then its argument prototype would still apply. */ | #ifdef __cplusplus | extern "C" | #endif | char clock_gettime (); | /* The GNU C library defines this for functions which it implements | to always fail with ENOSYS. Some functions are actually named | something starting with __ and the normal name is an alias. */ | #if defined __stub_clock_gettime || defined __stub___clock_gettime | choke me | #endif | | int | main () | { | return clock_gettime (); | ; | return 0; | } configure:14353: result: no configure:14365: checking for atexit configure:14365: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14365: $? = 0 configure:14365: result: yes configure:14365: checking for raise configure:14365: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14365: $? = 0 configure:14365: result: yes configure:14365: checking for getpagesize configure:14365: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14365: $? = 0 configure:14365: result: yes configure:14365: checking for strftime configure:14365: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14365: $? = 0 configure:14365: result: yes configure:14365: checking for nl_langinfo configure:14365: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14365: $? = 0 configure:14365: result: yes configure:14365: checking for setlocale configure:14365: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14365: $? = 0 configure:14365: result: yes configure:14377: checking for waitpid configure:14377: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14377: $? = 0 configure:14377: result: yes configure:14377: checking for wait4 configure:14377: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14377: $? = 0 configure:14377: result: yes configure:14377: checking for sigaction configure:14377: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14377: $? = 0 configure:14377: result: yes configure:14377: checking for sigprocmask configure:14377: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14377: $? = 0 configure:14377: result: yes configure:14377: checking for pipe configure:14377: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14377: $? = 0 configure:14377: result: yes configure:14377: checking for getaddrinfo configure:14377: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14377: $? = 0 configure:14377: result: yes configure:14389: checking for ttyname configure:14389: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14389: $? = 0 configure:14389: result: yes configure:14389: checking for rand configure:14389: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14389: $? = 0 configure:14389: result: yes configure:14389: checking for ftello configure:14389: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14389: $? = 0 configure:14389: result: yes configure:14389: checking for fsync configure:14389: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14389: $? = 0 configure:14389: result: yes configure:14389: checking for stat configure:14389: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14389: $? = 0 configure:14389: result: yes configure:14389: checking for lstat configure:14389: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14389: $? = 0 configure:14389: result: yes configure:14406: checking for struct sigaction configure:14406: clang -c -g -O2 conftest.c >&5 configure:14406: $? = 0 configure:14406: clang -c -g -O2 conftest.c >&5 conftest.c:160:31: error: expected expression if (sizeof ((struct sigaction))) ^ 1 error generated. configure:14406: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | #define RETSIGTYPE void | #define HAVE_DECL_SYS_SIGLIST 1 | #define HAVE_SYS_SOCKET_H 1 | #define LITTLE_ENDIAN_HOST 1 | #define HAVE_USHORT_TYPEDEF 1 | #define SIZEOF_UNSIGNED_SHORT 2 | #define SIZEOF_UNSIGNED_INT 4 | #define SIZEOF_UNSIGNED_LONG 8 | #define SIZEOF_UNSIGNED_LONG_LONG 8 | #define TIME_WITH_SYS_TIME 1 | #define SIZEOF_TIME_T 8 | #define HAVE_DECL_GETPAGESIZE 1 | #define HAVE_FSEEKO 1 | #define HAVE_VPRINTF 1 | #define HAVE_FORK 1 | #define HAVE_VFORK 1 | #define HAVE_WORKING_VFORK 1 | #define HAVE_WORKING_FORK 1 | #define HAVE_STRERROR 1 | #define HAVE_TCGETATTR 1 | #define HAVE_MMAP 1 | #define HAVE_STRCASECMP 1 | #define HAVE_STRNCASECMP 1 | #define HAVE_CTERMID 1 | #define HAVE_TIMES 1 | #define HAVE_GMTIME_R 1 | #define HAVE_STRTOULL 1 | #define HAVE_SETENV 1 | #define HAVE_UNSETENV 1 | #define HAVE_FCNTL 1 | #define HAVE_FTRUNCATE 1 | #define HAVE_INET_NTOP 1 | #define HAVE_GETTIMEOFDAY 1 | #define HAVE_GETRUSAGE 1 | #define HAVE_GETRLIMIT 1 | #define HAVE_SETRLIMIT 1 | #define HAVE_ATEXIT 1 | #define HAVE_RAISE 1 | #define HAVE_GETPAGESIZE 1 | #define HAVE_STRFTIME 1 | #define HAVE_NL_LANGINFO 1 | #define HAVE_SETLOCALE 1 | #define HAVE_WAITPID 1 | #define HAVE_WAIT4 1 | #define HAVE_SIGACTION 1 | #define HAVE_SIGPROCMASK 1 | #define HAVE_PIPE 1 | #define HAVE_GETADDRINFO 1 | #define HAVE_TTYNAME 1 | #define HAVE_RAND 1 | #define HAVE_FTELLO 1 | #define HAVE_FSYNC 1 | #define HAVE_STAT 1 | #define HAVE_LSTAT 1 | /* end confdefs.h. */ | #include | | int | main () | { | if (sizeof ((struct sigaction))) | return 0; | ; | return 0; | } configure:14406: result: yes configure:14416: checking for sigset_t configure:14416: clang -c -g -O2 conftest.c >&5 configure:14416: $? = 0 configure:14416: clang -c -g -O2 conftest.c >&5 conftest.c:161:23: error: expected expression if (sizeof ((sigset_t))) ^ 1 error generated. configure:14416: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | #define RETSIGTYPE void | #define HAVE_DECL_SYS_SIGLIST 1 | #define HAVE_SYS_SOCKET_H 1 | #define LITTLE_ENDIAN_HOST 1 | #define HAVE_USHORT_TYPEDEF 1 | #define SIZEOF_UNSIGNED_SHORT 2 | #define SIZEOF_UNSIGNED_INT 4 | #define SIZEOF_UNSIGNED_LONG 8 | #define SIZEOF_UNSIGNED_LONG_LONG 8 | #define TIME_WITH_SYS_TIME 1 | #define SIZEOF_TIME_T 8 | #define HAVE_DECL_GETPAGESIZE 1 | #define HAVE_FSEEKO 1 | #define HAVE_VPRINTF 1 | #define HAVE_FORK 1 | #define HAVE_VFORK 1 | #define HAVE_WORKING_VFORK 1 | #define HAVE_WORKING_FORK 1 | #define HAVE_STRERROR 1 | #define HAVE_TCGETATTR 1 | #define HAVE_MMAP 1 | #define HAVE_STRCASECMP 1 | #define HAVE_STRNCASECMP 1 | #define HAVE_CTERMID 1 | #define HAVE_TIMES 1 | #define HAVE_GMTIME_R 1 | #define HAVE_STRTOULL 1 | #define HAVE_SETENV 1 | #define HAVE_UNSETENV 1 | #define HAVE_FCNTL 1 | #define HAVE_FTRUNCATE 1 | #define HAVE_INET_NTOP 1 | #define HAVE_GETTIMEOFDAY 1 | #define HAVE_GETRUSAGE 1 | #define HAVE_GETRLIMIT 1 | #define HAVE_SETRLIMIT 1 | #define HAVE_ATEXIT 1 | #define HAVE_RAISE 1 | #define HAVE_GETPAGESIZE 1 | #define HAVE_STRFTIME 1 | #define HAVE_NL_LANGINFO 1 | #define HAVE_SETLOCALE 1 | #define HAVE_WAITPID 1 | #define HAVE_WAIT4 1 | #define HAVE_SIGACTION 1 | #define HAVE_SIGPROCMASK 1 | #define HAVE_PIPE 1 | #define HAVE_GETADDRINFO 1 | #define HAVE_TTYNAME 1 | #define HAVE_RAND 1 | #define HAVE_FTELLO 1 | #define HAVE_FSYNC 1 | #define HAVE_STAT 1 | #define HAVE_LSTAT 1 | #define HAVE_STRUCT_SIGACTION 1 | /* end confdefs.h. */ | #include | | int | main () | { | if (sizeof ((sigset_t))) | return 0; | ; | return 0; | } configure:14416: result: yes configure:14438: checking for signal.h configure:14438: result: yes configure:14454: checking for memicmp configure:14454: clang -o conftest -g -O2 -lresolv conftest.c >&5 Undefined symbols for architecture x86_64: "_memicmp", referenced from: _main in conftest-7409af.o ld: symbol(s) not found for architecture x86_64 clang: error: linker command failed with exit code 1 (use -v to see invocation) configure:14454: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | #define RETSIGTYPE void | #define HAVE_DECL_SYS_SIGLIST 1 | #define HAVE_SYS_SOCKET_H 1 | #define LITTLE_ENDIAN_HOST 1 | #define HAVE_USHORT_TYPEDEF 1 | #define SIZEOF_UNSIGNED_SHORT 2 | #define SIZEOF_UNSIGNED_INT 4 | #define SIZEOF_UNSIGNED_LONG 8 | #define SIZEOF_UNSIGNED_LONG_LONG 8 | #define TIME_WITH_SYS_TIME 1 | #define SIZEOF_TIME_T 8 | #define HAVE_DECL_GETPAGESIZE 1 | #define HAVE_FSEEKO 1 | #define HAVE_VPRINTF 1 | #define HAVE_FORK 1 | #define HAVE_VFORK 1 | #define HAVE_WORKING_VFORK 1 | #define HAVE_WORKING_FORK 1 | #define HAVE_STRERROR 1 | #define HAVE_TCGETATTR 1 | #define HAVE_MMAP 1 | #define HAVE_STRCASECMP 1 | #define HAVE_STRNCASECMP 1 | #define HAVE_CTERMID 1 | #define HAVE_TIMES 1 | #define HAVE_GMTIME_R 1 | #define HAVE_STRTOULL 1 | #define HAVE_SETENV 1 | #define HAVE_UNSETENV 1 | #define HAVE_FCNTL 1 | #define HAVE_FTRUNCATE 1 | #define HAVE_INET_NTOP 1 | #define HAVE_GETTIMEOFDAY 1 | #define HAVE_GETRUSAGE 1 | #define HAVE_GETRLIMIT 1 | #define HAVE_SETRLIMIT 1 | #define HAVE_ATEXIT 1 | #define HAVE_RAISE 1 | #define HAVE_GETPAGESIZE 1 | #define HAVE_STRFTIME 1 | #define HAVE_NL_LANGINFO 1 | #define HAVE_SETLOCALE 1 | #define HAVE_WAITPID 1 | #define HAVE_WAIT4 1 | #define HAVE_SIGACTION 1 | #define HAVE_SIGPROCMASK 1 | #define HAVE_PIPE 1 | #define HAVE_GETADDRINFO 1 | #define HAVE_TTYNAME 1 | #define HAVE_RAND 1 | #define HAVE_FTELLO 1 | #define HAVE_FSYNC 1 | #define HAVE_STAT 1 | #define HAVE_LSTAT 1 | #define HAVE_STRUCT_SIGACTION 1 | #define HAVE_SIGSET_T 1 | #define HAVE_SIGNAL_H 1 | /* end confdefs.h. */ | /* Define memicmp to an innocuous variant, in case declares memicmp. | For example, HP-UX 11i declares gettimeofday. */ | #define memicmp innocuous_memicmp | | /* System header to define __stub macros and hopefully few prototypes, | which can conflict with char memicmp (); below. | Prefer to if __STDC__ is defined, since | exists even on freestanding compilers. */ | | #ifdef __STDC__ | # include | #else | # include | #endif | | #undef memicmp | | /* Override any GCC internal prototype to avoid an error. | Use char because int might match the return type of a GCC | builtin and then its argument prototype would still apply. */ | #ifdef __cplusplus | extern "C" | #endif | char memicmp (); | /* The GNU C library defines this for functions which it implements | to always fail with ENOSYS. Some functions are actually named | something starting with __ and the normal name is an alias. */ | #if defined __stub_memicmp || defined __stub___memicmp | choke me | #endif | | int | main () | { | return memicmp (); | ; | return 0; | } configure:14454: result: no configure:14454: checking for stpcpy configure:14454: clang -o conftest -g -O2 -lresolv conftest.c >&5 conftest.c:181:6: warning: incompatible redeclaration of library function 'stpcpy' [-Wincompatible-library-redeclaration] char stpcpy (); ^ conftest.c:181:6: note: 'stpcpy' is a builtin with type 'char *(char *, const char *)' 1 warning generated. configure:14454: $? = 0 configure:14454: result: yes configure:14454: checking for strsep configure:14454: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14454: $? = 0 configure:14454: result: yes configure:14454: checking for strlwr configure:14454: result: no configure:14454: checking for strtoul configure:14454: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14454: $? = 0 configure:14454: result: yes configure:14454: checking for memmove configure:14454: clang -o conftest -g -O2 -lresolv conftest.c >&5 conftest.c:184:6: warning: incompatible redeclaration of library function 'memmove' [-Wincompatible-library-redeclaration] char memmove (); ^ conftest.c:184:6: note: 'memmove' is a builtin with type 'void *(void *, const void *, unsigned long)' 1 warning generated. configure:14454: $? = 0 configure:14454: result: yes configure:14454: checking for stricmp configure:14454: clang -o conftest -g -O2 -lresolv conftest.c >&5 Undefined symbols for architecture x86_64: "_stricmp", referenced from: _main in conftest-f2e5f5.o ld: symbol(s) not found for architecture x86_64 clang: error: linker command failed with exit code 1 (use -v to see invocation) configure:14454: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | #define RETSIGTYPE void | #define HAVE_DECL_SYS_SIGLIST 1 | #define HAVE_SYS_SOCKET_H 1 | #define LITTLE_ENDIAN_HOST 1 | #define HAVE_USHORT_TYPEDEF 1 | #define SIZEOF_UNSIGNED_SHORT 2 | #define SIZEOF_UNSIGNED_INT 4 | #define SIZEOF_UNSIGNED_LONG 8 | #define SIZEOF_UNSIGNED_LONG_LONG 8 | #define TIME_WITH_SYS_TIME 1 | #define SIZEOF_TIME_T 8 | #define HAVE_DECL_GETPAGESIZE 1 | #define HAVE_FSEEKO 1 | #define HAVE_VPRINTF 1 | #define HAVE_FORK 1 | #define HAVE_VFORK 1 | #define HAVE_WORKING_VFORK 1 | #define HAVE_WORKING_FORK 1 | #define HAVE_STRERROR 1 | #define HAVE_TCGETATTR 1 | #define HAVE_MMAP 1 | #define HAVE_STRCASECMP 1 | #define HAVE_STRNCASECMP 1 | #define HAVE_CTERMID 1 | #define HAVE_TIMES 1 | #define HAVE_GMTIME_R 1 | #define HAVE_STRTOULL 1 | #define HAVE_SETENV 1 | #define HAVE_UNSETENV 1 | #define HAVE_FCNTL 1 | #define HAVE_FTRUNCATE 1 | #define HAVE_INET_NTOP 1 | #define HAVE_GETTIMEOFDAY 1 | #define HAVE_GETRUSAGE 1 | #define HAVE_GETRLIMIT 1 | #define HAVE_SETRLIMIT 1 | #define HAVE_ATEXIT 1 | #define HAVE_RAISE 1 | #define HAVE_GETPAGESIZE 1 | #define HAVE_STRFTIME 1 | #define HAVE_NL_LANGINFO 1 | #define HAVE_SETLOCALE 1 | #define HAVE_WAITPID 1 | #define HAVE_WAIT4 1 | #define HAVE_SIGACTION 1 | #define HAVE_SIGPROCMASK 1 | #define HAVE_PIPE 1 | #define HAVE_GETADDRINFO 1 | #define HAVE_TTYNAME 1 | #define HAVE_RAND 1 | #define HAVE_FTELLO 1 | #define HAVE_FSYNC 1 | #define HAVE_STAT 1 | #define HAVE_LSTAT 1 | #define HAVE_STRUCT_SIGACTION 1 | #define HAVE_SIGSET_T 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_STPCPY 1 | #define HAVE_STRSEP 1 | #define HAVE_STRTOUL 1 | #define HAVE_MEMMOVE 1 | /* end confdefs.h. */ | /* Define stricmp to an innocuous variant, in case declares stricmp. | For example, HP-UX 11i declares gettimeofday. */ | #define stricmp innocuous_stricmp | | /* System header to define __stub macros and hopefully few prototypes, | which can conflict with char stricmp (); below. | Prefer to if __STDC__ is defined, since | exists even on freestanding compilers. */ | | #ifdef __STDC__ | # include | #else | # include | #endif | | #undef stricmp | | /* Override any GCC internal prototype to avoid an error. | Use char because int might match the return type of a GCC | builtin and then its argument prototype would still apply. */ | #ifdef __cplusplus | extern "C" | #endif | char stricmp (); | /* The GNU C library defines this for functions which it implements | to always fail with ENOSYS. Some functions are actually named | something starting with __ and the normal name is an alias. */ | #if defined __stub_stricmp || defined __stub___stricmp | choke me | #endif | | int | main () | { | return stricmp (); | ; | return 0; | } configure:14454: result: no configure:14454: checking for strtol configure:14454: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14454: $? = 0 configure:14454: result: yes configure:14454: checking for memrchr configure:14454: clang -o conftest -g -O2 -lresolv conftest.c >&5 Undefined symbols for architecture x86_64: "_memrchr", referenced from: _main in conftest-142376.o ld: symbol(s) not found for architecture x86_64 clang: error: linker command failed with exit code 1 (use -v to see invocation) configure:14454: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | #define RETSIGTYPE void | #define HAVE_DECL_SYS_SIGLIST 1 | #define HAVE_SYS_SOCKET_H 1 | #define LITTLE_ENDIAN_HOST 1 | #define HAVE_USHORT_TYPEDEF 1 | #define SIZEOF_UNSIGNED_SHORT 2 | #define SIZEOF_UNSIGNED_INT 4 | #define SIZEOF_UNSIGNED_LONG 8 | #define SIZEOF_UNSIGNED_LONG_LONG 8 | #define TIME_WITH_SYS_TIME 1 | #define SIZEOF_TIME_T 8 | #define HAVE_DECL_GETPAGESIZE 1 | #define HAVE_FSEEKO 1 | #define HAVE_VPRINTF 1 | #define HAVE_FORK 1 | #define HAVE_VFORK 1 | #define HAVE_WORKING_VFORK 1 | #define HAVE_WORKING_FORK 1 | #define HAVE_STRERROR 1 | #define HAVE_TCGETATTR 1 | #define HAVE_MMAP 1 | #define HAVE_STRCASECMP 1 | #define HAVE_STRNCASECMP 1 | #define HAVE_CTERMID 1 | #define HAVE_TIMES 1 | #define HAVE_GMTIME_R 1 | #define HAVE_STRTOULL 1 | #define HAVE_SETENV 1 | #define HAVE_UNSETENV 1 | #define HAVE_FCNTL 1 | #define HAVE_FTRUNCATE 1 | #define HAVE_INET_NTOP 1 | #define HAVE_GETTIMEOFDAY 1 | #define HAVE_GETRUSAGE 1 | #define HAVE_GETRLIMIT 1 | #define HAVE_SETRLIMIT 1 | #define HAVE_ATEXIT 1 | #define HAVE_RAISE 1 | #define HAVE_GETPAGESIZE 1 | #define HAVE_STRFTIME 1 | #define HAVE_NL_LANGINFO 1 | #define HAVE_SETLOCALE 1 | #define HAVE_WAITPID 1 | #define HAVE_WAIT4 1 | #define HAVE_SIGACTION 1 | #define HAVE_SIGPROCMASK 1 | #define HAVE_PIPE 1 | #define HAVE_GETADDRINFO 1 | #define HAVE_TTYNAME 1 | #define HAVE_RAND 1 | #define HAVE_FTELLO 1 | #define HAVE_FSYNC 1 | #define HAVE_STAT 1 | #define HAVE_LSTAT 1 | #define HAVE_STRUCT_SIGACTION 1 | #define HAVE_SIGSET_T 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_STPCPY 1 | #define HAVE_STRSEP 1 | #define HAVE_STRTOUL 1 | #define HAVE_MEMMOVE 1 | #define HAVE_STRTOL 1 | /* end confdefs.h. */ | /* Define memrchr to an innocuous variant, in case declares memrchr. | For example, HP-UX 11i declares gettimeofday. */ | #define memrchr innocuous_memrchr | | /* System header to define __stub macros and hopefully few prototypes, | which can conflict with char memrchr (); below. | Prefer to if __STDC__ is defined, since | exists even on freestanding compilers. */ | | #ifdef __STDC__ | # include | #else | # include | #endif | | #undef memrchr | | /* Override any GCC internal prototype to avoid an error. | Use char because int might match the return type of a GCC | builtin and then its argument prototype would still apply. */ | #ifdef __cplusplus | extern "C" | #endif | char memrchr (); | /* The GNU C library defines this for functions which it implements | to always fail with ENOSYS. Some functions are actually named | something starting with __ and the normal name is an alias. */ | #if defined __stub_memrchr || defined __stub___memrchr | choke me | #endif | | int | main () | { | return memrchr (); | ; | return 0; | } configure:14454: result: no configure:14454: checking for isascii configure:14454: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14454: $? = 0 configure:14454: result: yes configure:14454: checking for timegm configure:14454: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14454: $? = 0 configure:14454: result: yes configure:14454: checking for getrusage configure:14454: result: yes configure:14454: checking for setrlimit configure:14454: result: yes configure:14454: checking for stat configure:14454: result: yes configure:14454: checking for setlocale configure:14454: result: yes configure:14454: checking for flockfile configure:14454: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14454: $? = 0 configure:14454: result: yes configure:14454: checking for funlockfile configure:14454: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14454: $? = 0 configure:14454: result: yes configure:14454: checking for fopencookie configure:14454: clang -o conftest -g -O2 -lresolv conftest.c >&5 Undefined symbols for architecture x86_64: "_fopencookie", referenced from: _main in conftest-46ae60.o ld: symbol(s) not found for architecture x86_64 clang: error: linker command failed with exit code 1 (use -v to see invocation) configure:14454: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | #define RETSIGTYPE void | #define HAVE_DECL_SYS_SIGLIST 1 | #define HAVE_SYS_SOCKET_H 1 | #define LITTLE_ENDIAN_HOST 1 | #define HAVE_USHORT_TYPEDEF 1 | #define SIZEOF_UNSIGNED_SHORT 2 | #define SIZEOF_UNSIGNED_INT 4 | #define SIZEOF_UNSIGNED_LONG 8 | #define SIZEOF_UNSIGNED_LONG_LONG 8 | #define TIME_WITH_SYS_TIME 1 | #define SIZEOF_TIME_T 8 | #define HAVE_DECL_GETPAGESIZE 1 | #define HAVE_FSEEKO 1 | #define HAVE_VPRINTF 1 | #define HAVE_FORK 1 | #define HAVE_VFORK 1 | #define HAVE_WORKING_VFORK 1 | #define HAVE_WORKING_FORK 1 | #define HAVE_STRERROR 1 | #define HAVE_TCGETATTR 1 | #define HAVE_MMAP 1 | #define HAVE_STRCASECMP 1 | #define HAVE_STRNCASECMP 1 | #define HAVE_CTERMID 1 | #define HAVE_TIMES 1 | #define HAVE_GMTIME_R 1 | #define HAVE_STRTOULL 1 | #define HAVE_SETENV 1 | #define HAVE_UNSETENV 1 | #define HAVE_FCNTL 1 | #define HAVE_FTRUNCATE 1 | #define HAVE_INET_NTOP 1 | #define HAVE_GETTIMEOFDAY 1 | #define HAVE_GETRUSAGE 1 | #define HAVE_GETRLIMIT 1 | #define HAVE_SETRLIMIT 1 | #define HAVE_ATEXIT 1 | #define HAVE_RAISE 1 | #define HAVE_GETPAGESIZE 1 | #define HAVE_STRFTIME 1 | #define HAVE_NL_LANGINFO 1 | #define HAVE_SETLOCALE 1 | #define HAVE_WAITPID 1 | #define HAVE_WAIT4 1 | #define HAVE_SIGACTION 1 | #define HAVE_SIGPROCMASK 1 | #define HAVE_PIPE 1 | #define HAVE_GETADDRINFO 1 | #define HAVE_TTYNAME 1 | #define HAVE_RAND 1 | #define HAVE_FTELLO 1 | #define HAVE_FSYNC 1 | #define HAVE_STAT 1 | #define HAVE_LSTAT 1 | #define HAVE_STRUCT_SIGACTION 1 | #define HAVE_SIGSET_T 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_STPCPY 1 | #define HAVE_STRSEP 1 | #define HAVE_STRTOUL 1 | #define HAVE_MEMMOVE 1 | #define HAVE_STRTOL 1 | #define HAVE_ISASCII 1 | #define HAVE_TIMEGM 1 | #define HAVE_GETRUSAGE 1 | #define HAVE_SETRLIMIT 1 | #define HAVE_STAT 1 | #define HAVE_SETLOCALE 1 | #define HAVE_FLOCKFILE 1 | #define HAVE_FUNLOCKFILE 1 | /* end confdefs.h. */ | /* Define fopencookie to an innocuous variant, in case declares fopencookie. | For example, HP-UX 11i declares gettimeofday. */ | #define fopencookie innocuous_fopencookie | | /* System header to define __stub macros and hopefully few prototypes, | which can conflict with char fopencookie (); below. | Prefer to if __STDC__ is defined, since | exists even on freestanding compilers. */ | | #ifdef __STDC__ | # include | #else | # include | #endif | | #undef fopencookie | | /* Override any GCC internal prototype to avoid an error. | Use char because int might match the return type of a GCC | builtin and then its argument prototype would still apply. */ | #ifdef __cplusplus | extern "C" | #endif | char fopencookie (); | /* The GNU C library defines this for functions which it implements | to always fail with ENOSYS. Some functions are actually named | something starting with __ and the normal name is an alias. */ | #if defined __stub_fopencookie || defined __stub___fopencookie | choke me | #endif | | int | main () | { | return fopencookie (); | ; | return 0; | } configure:14454: result: no configure:14454: checking for funopen configure:14454: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14454: $? = 0 configure:14454: result: yes configure:14454: checking for getpwnam configure:14454: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14454: $? = 0 configure:14454: result: yes configure:14454: checking for getpwuid configure:14454: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14454: $? = 0 configure:14454: result: yes configure:14454: checking for getenv configure:14454: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14454: $? = 0 configure:14454: result: yes configure:14454: checking for inet_pton configure:14454: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14454: $? = 0 configure:14454: result: yes configure:14454: checking for strpbrk configure:14454: clang -o conftest -g -O2 -lresolv conftest.c >&5 conftest.c:199:6: warning: incompatible redeclaration of library function 'strpbrk' [-Wincompatible-library-redeclaration] char strpbrk (); ^ conftest.c:199:6: note: 'strpbrk' is a builtin with type 'char *(const char *, const char *)' 1 warning generated. configure:14454: $? = 0 configure:14454: result: yes configure:14472: checking for sys/stat.h configure:14472: result: yes configure:14472: checking for unistd.h configure:14472: result: yes configure:14472: checking direct.h usability configure:14472: clang -c -g -O2 conftest.c >&5 conftest.c:212:10: fatal error: 'direct.h' file not found #include ^ 1 error generated. configure:14472: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | #define RETSIGTYPE void | #define HAVE_DECL_SYS_SIGLIST 1 | #define HAVE_SYS_SOCKET_H 1 | #define LITTLE_ENDIAN_HOST 1 | #define HAVE_USHORT_TYPEDEF 1 | #define SIZEOF_UNSIGNED_SHORT 2 | #define SIZEOF_UNSIGNED_INT 4 | #define SIZEOF_UNSIGNED_LONG 8 | #define SIZEOF_UNSIGNED_LONG_LONG 8 | #define TIME_WITH_SYS_TIME 1 | #define SIZEOF_TIME_T 8 | #define HAVE_DECL_GETPAGESIZE 1 | #define HAVE_FSEEKO 1 | #define HAVE_VPRINTF 1 | #define HAVE_FORK 1 | #define HAVE_VFORK 1 | #define HAVE_WORKING_VFORK 1 | #define HAVE_WORKING_FORK 1 | #define HAVE_STRERROR 1 | #define HAVE_TCGETATTR 1 | #define HAVE_MMAP 1 | #define HAVE_STRCASECMP 1 | #define HAVE_STRNCASECMP 1 | #define HAVE_CTERMID 1 | #define HAVE_TIMES 1 | #define HAVE_GMTIME_R 1 | #define HAVE_STRTOULL 1 | #define HAVE_SETENV 1 | #define HAVE_UNSETENV 1 | #define HAVE_FCNTL 1 | #define HAVE_FTRUNCATE 1 | #define HAVE_INET_NTOP 1 | #define HAVE_GETTIMEOFDAY 1 | #define HAVE_GETRUSAGE 1 | #define HAVE_GETRLIMIT 1 | #define HAVE_SETRLIMIT 1 | #define HAVE_ATEXIT 1 | #define HAVE_RAISE 1 | #define HAVE_GETPAGESIZE 1 | #define HAVE_STRFTIME 1 | #define HAVE_NL_LANGINFO 1 | #define HAVE_SETLOCALE 1 | #define HAVE_WAITPID 1 | #define HAVE_WAIT4 1 | #define HAVE_SIGACTION 1 | #define HAVE_SIGPROCMASK 1 | #define HAVE_PIPE 1 | #define HAVE_GETADDRINFO 1 | #define HAVE_TTYNAME 1 | #define HAVE_RAND 1 | #define HAVE_FTELLO 1 | #define HAVE_FSYNC 1 | #define HAVE_STAT 1 | #define HAVE_LSTAT 1 | #define HAVE_STRUCT_SIGACTION 1 | #define HAVE_SIGSET_T 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_STPCPY 1 | #define HAVE_STRSEP 1 | #define HAVE_STRTOUL 1 | #define HAVE_MEMMOVE 1 | #define HAVE_STRTOL 1 | #define HAVE_ISASCII 1 | #define HAVE_TIMEGM 1 | #define HAVE_GETRUSAGE 1 | #define HAVE_SETRLIMIT 1 | #define HAVE_STAT 1 | #define HAVE_SETLOCALE 1 | #define HAVE_FLOCKFILE 1 | #define HAVE_FUNLOCKFILE 1 | #define HAVE_FUNOPEN 1 | #define HAVE_GETPWNAM 1 | #define HAVE_GETPWUID 1 | #define HAVE_GETENV 1 | #define HAVE_INET_PTON 1 | #define HAVE_STRPBRK 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_UNISTD_H 1 | /* end confdefs.h. */ | #include | #ifdef HAVE_SYS_TYPES_H | # include | #endif | #ifdef HAVE_SYS_STAT_H | # include | #endif | #ifdef STDC_HEADERS | # include | # include | #else | # ifdef HAVE_STDLIB_H | # include | # endif | #endif | #ifdef HAVE_STRING_H | # if !defined STDC_HEADERS && defined HAVE_MEMORY_H | # include | # endif | # include | #endif | #ifdef HAVE_STRINGS_H | # include | #endif | #ifdef HAVE_INTTYPES_H | # include | #endif | #ifdef HAVE_STDINT_H | # include | #endif | #ifdef HAVE_UNISTD_H | # include | #endif | #include configure:14472: result: no configure:14472: checking direct.h presence configure:14472: clang -E conftest.c conftest.c:179:10: fatal error: 'direct.h' file not found #include ^ 1 error generated. configure:14472: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | #define RETSIGTYPE void | #define HAVE_DECL_SYS_SIGLIST 1 | #define HAVE_SYS_SOCKET_H 1 | #define LITTLE_ENDIAN_HOST 1 | #define HAVE_USHORT_TYPEDEF 1 | #define SIZEOF_UNSIGNED_SHORT 2 | #define SIZEOF_UNSIGNED_INT 4 | #define SIZEOF_UNSIGNED_LONG 8 | #define SIZEOF_UNSIGNED_LONG_LONG 8 | #define TIME_WITH_SYS_TIME 1 | #define SIZEOF_TIME_T 8 | #define HAVE_DECL_GETPAGESIZE 1 | #define HAVE_FSEEKO 1 | #define HAVE_VPRINTF 1 | #define HAVE_FORK 1 | #define HAVE_VFORK 1 | #define HAVE_WORKING_VFORK 1 | #define HAVE_WORKING_FORK 1 | #define HAVE_STRERROR 1 | #define HAVE_TCGETATTR 1 | #define HAVE_MMAP 1 | #define HAVE_STRCASECMP 1 | #define HAVE_STRNCASECMP 1 | #define HAVE_CTERMID 1 | #define HAVE_TIMES 1 | #define HAVE_GMTIME_R 1 | #define HAVE_STRTOULL 1 | #define HAVE_SETENV 1 | #define HAVE_UNSETENV 1 | #define HAVE_FCNTL 1 | #define HAVE_FTRUNCATE 1 | #define HAVE_INET_NTOP 1 | #define HAVE_GETTIMEOFDAY 1 | #define HAVE_GETRUSAGE 1 | #define HAVE_GETRLIMIT 1 | #define HAVE_SETRLIMIT 1 | #define HAVE_ATEXIT 1 | #define HAVE_RAISE 1 | #define HAVE_GETPAGESIZE 1 | #define HAVE_STRFTIME 1 | #define HAVE_NL_LANGINFO 1 | #define HAVE_SETLOCALE 1 | #define HAVE_WAITPID 1 | #define HAVE_WAIT4 1 | #define HAVE_SIGACTION 1 | #define HAVE_SIGPROCMASK 1 | #define HAVE_PIPE 1 | #define HAVE_GETADDRINFO 1 | #define HAVE_TTYNAME 1 | #define HAVE_RAND 1 | #define HAVE_FTELLO 1 | #define HAVE_FSYNC 1 | #define HAVE_STAT 1 | #define HAVE_LSTAT 1 | #define HAVE_STRUCT_SIGACTION 1 | #define HAVE_SIGSET_T 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_STPCPY 1 | #define HAVE_STRSEP 1 | #define HAVE_STRTOUL 1 | #define HAVE_MEMMOVE 1 | #define HAVE_STRTOL 1 | #define HAVE_ISASCII 1 | #define HAVE_TIMEGM 1 | #define HAVE_GETRUSAGE 1 | #define HAVE_SETRLIMIT 1 | #define HAVE_STAT 1 | #define HAVE_SETLOCALE 1 | #define HAVE_FLOCKFILE 1 | #define HAVE_FUNLOCKFILE 1 | #define HAVE_FUNOPEN 1 | #define HAVE_GETPWNAM 1 | #define HAVE_GETPWUID 1 | #define HAVE_GETENV 1 | #define HAVE_INET_PTON 1 | #define HAVE_STRPBRK 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_UNISTD_H 1 | /* end confdefs.h. */ | #include configure:14472: result: no configure:14472: checking for direct.h configure:14472: result: no configure:14482: checking if mkdir takes one argument configure:14508: clang -c -g -O2 conftest.c >&5 configure:14508: $? = 0 configure:14515: result: no configure:14527: checking whether regular expression support is requested configure:14536: result: yes configure:14557: checking for library containing regcomp configure:14588: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14588: $? = 0 configure:14605: result: none required configure:14613: checking for regcomp configure:14613: clang -o conftest -g -O2 -lresolv conftest.c >&5 configure:14613: $? = 0 configure:14613: result: yes configure:14628: checking whether your system's regexp library is broken configure:14643: clang -o conftest -g -O2 -lresolv conftest.c >&5 conftest.c:182:1: warning: type specifier missing, defaults to 'int' [-Wimplicit-int] main() { regex_t blah ; regmatch_t p; p.rm_eo = p.rm_eo; return regcomp(&blah, "foo.*bar", REG_NOSUB) || regexec (&blah, "foobar", 0, NULL, 0); } ^ 1 warning generated. configure:14643: $? = 0 configure:14643: ./conftest configure:14643: $? = 0 configure:14653: result: no configure:14703: checking zlib.h usability configure:14703: clang -c -g -O2 conftest.c >&5 configure:14703: $? = 0 configure:14703: result: yes configure:14703: checking zlib.h presence configure:14703: clang -E conftest.c configure:14703: $? = 0 configure:14703: result: yes configure:14703: checking for zlib.h configure:14703: result: yes configure:14705: checking for deflateInit2_ in -lz configure:14730: clang -o conftest -g -O2 -lresolv conftest.c -lz >&5 configure:14730: $? = 0 configure:14739: result: yes configure:14784: checking for bzlib.h configure:14784: clang -c -g -O2 conftest.c >&5 configure:14784: $? = 0 configure:14784: result: yes configure:14787: checking for BZ2_bzCompressInit in -lbz2 configure:14812: clang -o conftest -g -O2 -lresolv conftest.c -lbz2 >&5 configure:14812: $? = 0 configure:14821: result: yes configure:14876: checking whether readline via "-lreadline" is present and sane configure:14901: clang -o conftest -g -O2 -lresolv conftest.c -lreadline >&5 conftest.c:190:1: error: unknown type name 'rl_completion_func_t'; did you mean 'rl_compentry_func_t'? rl_completion_func_t *completer; ^~~~~~~~~~~~~~~~~~~~ rl_compentry_func_t /usr/include/readline/history.h:45:19: note: 'rl_compentry_func_t' declared here typedef char *rl_compentry_func_t(const char *, int); ^ conftest.c:192:1: error: use of undeclared identifier 'rl_catch_signals' rl_catch_signals=0; ^ 2 errors generated. configure:14901: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | #define RETSIGTYPE void | #define HAVE_DECL_SYS_SIGLIST 1 | #define HAVE_SYS_SOCKET_H 1 | #define LITTLE_ENDIAN_HOST 1 | #define HAVE_USHORT_TYPEDEF 1 | #define SIZEOF_UNSIGNED_SHORT 2 | #define SIZEOF_UNSIGNED_INT 4 | #define SIZEOF_UNSIGNED_LONG 8 | #define SIZEOF_UNSIGNED_LONG_LONG 8 | #define TIME_WITH_SYS_TIME 1 | #define SIZEOF_TIME_T 8 | #define HAVE_DECL_GETPAGESIZE 1 | #define HAVE_FSEEKO 1 | #define HAVE_VPRINTF 1 | #define HAVE_FORK 1 | #define HAVE_VFORK 1 | #define HAVE_WORKING_VFORK 1 | #define HAVE_WORKING_FORK 1 | #define HAVE_STRERROR 1 | #define HAVE_TCGETATTR 1 | #define HAVE_MMAP 1 | #define HAVE_STRCASECMP 1 | #define HAVE_STRNCASECMP 1 | #define HAVE_CTERMID 1 | #define HAVE_TIMES 1 | #define HAVE_GMTIME_R 1 | #define HAVE_STRTOULL 1 | #define HAVE_SETENV 1 | #define HAVE_UNSETENV 1 | #define HAVE_FCNTL 1 | #define HAVE_FTRUNCATE 1 | #define HAVE_INET_NTOP 1 | #define HAVE_GETTIMEOFDAY 1 | #define HAVE_GETRUSAGE 1 | #define HAVE_GETRLIMIT 1 | #define HAVE_SETRLIMIT 1 | #define HAVE_ATEXIT 1 | #define HAVE_RAISE 1 | #define HAVE_GETPAGESIZE 1 | #define HAVE_STRFTIME 1 | #define HAVE_NL_LANGINFO 1 | #define HAVE_SETLOCALE 1 | #define HAVE_WAITPID 1 | #define HAVE_WAIT4 1 | #define HAVE_SIGACTION 1 | #define HAVE_SIGPROCMASK 1 | #define HAVE_PIPE 1 | #define HAVE_GETADDRINFO 1 | #define HAVE_TTYNAME 1 | #define HAVE_RAND 1 | #define HAVE_FTELLO 1 | #define HAVE_FSYNC 1 | #define HAVE_STAT 1 | #define HAVE_LSTAT 1 | #define HAVE_STRUCT_SIGACTION 1 | #define HAVE_SIGSET_T 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_STPCPY 1 | #define HAVE_STRSEP 1 | #define HAVE_STRTOUL 1 | #define HAVE_MEMMOVE 1 | #define HAVE_STRTOL 1 | #define HAVE_ISASCII 1 | #define HAVE_TIMEGM 1 | #define HAVE_GETRUSAGE 1 | #define HAVE_SETRLIMIT 1 | #define HAVE_STAT 1 | #define HAVE_SETLOCALE 1 | #define HAVE_FLOCKFILE 1 | #define HAVE_FUNLOCKFILE 1 | #define HAVE_FUNOPEN 1 | #define HAVE_GETPWNAM 1 | #define HAVE_GETPWUID 1 | #define HAVE_GETENV 1 | #define HAVE_INET_PTON 1 | #define HAVE_STRPBRK 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_ZIP 1 | #define HAVE_BZIP2 1 | /* end confdefs.h. */ | | #include | #include | #include | | int | main () | { | | rl_completion_func_t *completer; | add_history("foobar"); | rl_catch_signals=0; | rl_inhibit_completion=0; | rl_attempted_completion_function=NULL; | rl_completion_matches(NULL,NULL); | | ; | return 0; | } configure:14909: result: no configure:14876: checking whether readline via "-lreadline -ltermcap" is present and sane configure:14901: clang -o conftest -g -O2 -lresolv conftest.c -lreadline -ltermcap >&5 conftest.c:190:1: error: unknown type name 'rl_completion_func_t'; did you mean 'rl_compentry_func_t'? rl_completion_func_t *completer; ^~~~~~~~~~~~~~~~~~~~ rl_compentry_func_t /usr/include/readline/history.h:45:19: note: 'rl_compentry_func_t' declared here typedef char *rl_compentry_func_t(const char *, int); ^ conftest.c:192:1: error: use of undeclared identifier 'rl_catch_signals' rl_catch_signals=0; ^ 2 errors generated. configure:14901: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | #define RETSIGTYPE void | #define HAVE_DECL_SYS_SIGLIST 1 | #define HAVE_SYS_SOCKET_H 1 | #define LITTLE_ENDIAN_HOST 1 | #define HAVE_USHORT_TYPEDEF 1 | #define SIZEOF_UNSIGNED_SHORT 2 | #define SIZEOF_UNSIGNED_INT 4 | #define SIZEOF_UNSIGNED_LONG 8 | #define SIZEOF_UNSIGNED_LONG_LONG 8 | #define TIME_WITH_SYS_TIME 1 | #define SIZEOF_TIME_T 8 | #define HAVE_DECL_GETPAGESIZE 1 | #define HAVE_FSEEKO 1 | #define HAVE_VPRINTF 1 | #define HAVE_FORK 1 | #define HAVE_VFORK 1 | #define HAVE_WORKING_VFORK 1 | #define HAVE_WORKING_FORK 1 | #define HAVE_STRERROR 1 | #define HAVE_TCGETATTR 1 | #define HAVE_MMAP 1 | #define HAVE_STRCASECMP 1 | #define HAVE_STRNCASECMP 1 | #define HAVE_CTERMID 1 | #define HAVE_TIMES 1 | #define HAVE_GMTIME_R 1 | #define HAVE_STRTOULL 1 | #define HAVE_SETENV 1 | #define HAVE_UNSETENV 1 | #define HAVE_FCNTL 1 | #define HAVE_FTRUNCATE 1 | #define HAVE_INET_NTOP 1 | #define HAVE_GETTIMEOFDAY 1 | #define HAVE_GETRUSAGE 1 | #define HAVE_GETRLIMIT 1 | #define HAVE_SETRLIMIT 1 | #define HAVE_ATEXIT 1 | #define HAVE_RAISE 1 | #define HAVE_GETPAGESIZE 1 | #define HAVE_STRFTIME 1 | #define HAVE_NL_LANGINFO 1 | #define HAVE_SETLOCALE 1 | #define HAVE_WAITPID 1 | #define HAVE_WAIT4 1 | #define HAVE_SIGACTION 1 | #define HAVE_SIGPROCMASK 1 | #define HAVE_PIPE 1 | #define HAVE_GETADDRINFO 1 | #define HAVE_TTYNAME 1 | #define HAVE_RAND 1 | #define HAVE_FTELLO 1 | #define HAVE_FSYNC 1 | #define HAVE_STAT 1 | #define HAVE_LSTAT 1 | #define HAVE_STRUCT_SIGACTION 1 | #define HAVE_SIGSET_T 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_STPCPY 1 | #define HAVE_STRSEP 1 | #define HAVE_STRTOUL 1 | #define HAVE_MEMMOVE 1 | #define HAVE_STRTOL 1 | #define HAVE_ISASCII 1 | #define HAVE_TIMEGM 1 | #define HAVE_GETRUSAGE 1 | #define HAVE_SETRLIMIT 1 | #define HAVE_STAT 1 | #define HAVE_SETLOCALE 1 | #define HAVE_FLOCKFILE 1 | #define HAVE_FUNLOCKFILE 1 | #define HAVE_FUNOPEN 1 | #define HAVE_GETPWNAM 1 | #define HAVE_GETPWUID 1 | #define HAVE_GETENV 1 | #define HAVE_INET_PTON 1 | #define HAVE_STRPBRK 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_ZIP 1 | #define HAVE_BZIP2 1 | /* end confdefs.h. */ | | #include | #include | #include | | int | main () | { | | rl_completion_func_t *completer; | add_history("foobar"); | rl_catch_signals=0; | rl_inhibit_completion=0; | rl_attempted_completion_function=NULL; | rl_completion_matches(NULL,NULL); | | ; | return 0; | } configure:14909: result: no configure:14876: checking whether readline via "-lreadline -lcurses" is present and sane configure:14901: clang -o conftest -g -O2 -lresolv conftest.c -lreadline -lcurses >&5 conftest.c:190:1: error: unknown type name 'rl_completion_func_t'; did you mean 'rl_compentry_func_t'? rl_completion_func_t *completer; ^~~~~~~~~~~~~~~~~~~~ rl_compentry_func_t /usr/include/readline/history.h:45:19: note: 'rl_compentry_func_t' declared here typedef char *rl_compentry_func_t(const char *, int); ^ conftest.c:192:1: error: use of undeclared identifier 'rl_catch_signals' rl_catch_signals=0; ^ 2 errors generated. configure:14901: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | #define RETSIGTYPE void | #define HAVE_DECL_SYS_SIGLIST 1 | #define HAVE_SYS_SOCKET_H 1 | #define LITTLE_ENDIAN_HOST 1 | #define HAVE_USHORT_TYPEDEF 1 | #define SIZEOF_UNSIGNED_SHORT 2 | #define SIZEOF_UNSIGNED_INT 4 | #define SIZEOF_UNSIGNED_LONG 8 | #define SIZEOF_UNSIGNED_LONG_LONG 8 | #define TIME_WITH_SYS_TIME 1 | #define SIZEOF_TIME_T 8 | #define HAVE_DECL_GETPAGESIZE 1 | #define HAVE_FSEEKO 1 | #define HAVE_VPRINTF 1 | #define HAVE_FORK 1 | #define HAVE_VFORK 1 | #define HAVE_WORKING_VFORK 1 | #define HAVE_WORKING_FORK 1 | #define HAVE_STRERROR 1 | #define HAVE_TCGETATTR 1 | #define HAVE_MMAP 1 | #define HAVE_STRCASECMP 1 | #define HAVE_STRNCASECMP 1 | #define HAVE_CTERMID 1 | #define HAVE_TIMES 1 | #define HAVE_GMTIME_R 1 | #define HAVE_STRTOULL 1 | #define HAVE_SETENV 1 | #define HAVE_UNSETENV 1 | #define HAVE_FCNTL 1 | #define HAVE_FTRUNCATE 1 | #define HAVE_INET_NTOP 1 | #define HAVE_GETTIMEOFDAY 1 | #define HAVE_GETRUSAGE 1 | #define HAVE_GETRLIMIT 1 | #define HAVE_SETRLIMIT 1 | #define HAVE_ATEXIT 1 | #define HAVE_RAISE 1 | #define HAVE_GETPAGESIZE 1 | #define HAVE_STRFTIME 1 | #define HAVE_NL_LANGINFO 1 | #define HAVE_SETLOCALE 1 | #define HAVE_WAITPID 1 | #define HAVE_WAIT4 1 | #define HAVE_SIGACTION 1 | #define HAVE_SIGPROCMASK 1 | #define HAVE_PIPE 1 | #define HAVE_GETADDRINFO 1 | #define HAVE_TTYNAME 1 | #define HAVE_RAND 1 | #define HAVE_FTELLO 1 | #define HAVE_FSYNC 1 | #define HAVE_STAT 1 | #define HAVE_LSTAT 1 | #define HAVE_STRUCT_SIGACTION 1 | #define HAVE_SIGSET_T 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_STPCPY 1 | #define HAVE_STRSEP 1 | #define HAVE_STRTOUL 1 | #define HAVE_MEMMOVE 1 | #define HAVE_STRTOL 1 | #define HAVE_ISASCII 1 | #define HAVE_TIMEGM 1 | #define HAVE_GETRUSAGE 1 | #define HAVE_SETRLIMIT 1 | #define HAVE_STAT 1 | #define HAVE_SETLOCALE 1 | #define HAVE_FLOCKFILE 1 | #define HAVE_FUNLOCKFILE 1 | #define HAVE_FUNOPEN 1 | #define HAVE_GETPWNAM 1 | #define HAVE_GETPWUID 1 | #define HAVE_GETENV 1 | #define HAVE_INET_PTON 1 | #define HAVE_STRPBRK 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_ZIP 1 | #define HAVE_BZIP2 1 | /* end confdefs.h. */ | | #include | #include | #include | | int | main () | { | | rl_completion_func_t *completer; | add_history("foobar"); | rl_catch_signals=0; | rl_inhibit_completion=0; | rl_attempted_completion_function=NULL; | rl_completion_matches(NULL,NULL); | | ; | return 0; | } configure:14909: result: no configure:14876: checking whether readline via "-lreadline -lncurses" is present and sane configure:14901: clang -o conftest -g -O2 -lresolv conftest.c -lreadline -lncurses >&5 conftest.c:190:1: error: unknown type name 'rl_completion_func_t'; did you mean 'rl_compentry_func_t'? rl_completion_func_t *completer; ^~~~~~~~~~~~~~~~~~~~ rl_compentry_func_t /usr/include/readline/history.h:45:19: note: 'rl_compentry_func_t' declared here typedef char *rl_compentry_func_t(const char *, int); ^ conftest.c:192:1: error: use of undeclared identifier 'rl_catch_signals' rl_catch_signals=0; ^ 2 errors generated. configure:14901: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | #define RETSIGTYPE void | #define HAVE_DECL_SYS_SIGLIST 1 | #define HAVE_SYS_SOCKET_H 1 | #define LITTLE_ENDIAN_HOST 1 | #define HAVE_USHORT_TYPEDEF 1 | #define SIZEOF_UNSIGNED_SHORT 2 | #define SIZEOF_UNSIGNED_INT 4 | #define SIZEOF_UNSIGNED_LONG 8 | #define SIZEOF_UNSIGNED_LONG_LONG 8 | #define TIME_WITH_SYS_TIME 1 | #define SIZEOF_TIME_T 8 | #define HAVE_DECL_GETPAGESIZE 1 | #define HAVE_FSEEKO 1 | #define HAVE_VPRINTF 1 | #define HAVE_FORK 1 | #define HAVE_VFORK 1 | #define HAVE_WORKING_VFORK 1 | #define HAVE_WORKING_FORK 1 | #define HAVE_STRERROR 1 | #define HAVE_TCGETATTR 1 | #define HAVE_MMAP 1 | #define HAVE_STRCASECMP 1 | #define HAVE_STRNCASECMP 1 | #define HAVE_CTERMID 1 | #define HAVE_TIMES 1 | #define HAVE_GMTIME_R 1 | #define HAVE_STRTOULL 1 | #define HAVE_SETENV 1 | #define HAVE_UNSETENV 1 | #define HAVE_FCNTL 1 | #define HAVE_FTRUNCATE 1 | #define HAVE_INET_NTOP 1 | #define HAVE_GETTIMEOFDAY 1 | #define HAVE_GETRUSAGE 1 | #define HAVE_GETRLIMIT 1 | #define HAVE_SETRLIMIT 1 | #define HAVE_ATEXIT 1 | #define HAVE_RAISE 1 | #define HAVE_GETPAGESIZE 1 | #define HAVE_STRFTIME 1 | #define HAVE_NL_LANGINFO 1 | #define HAVE_SETLOCALE 1 | #define HAVE_WAITPID 1 | #define HAVE_WAIT4 1 | #define HAVE_SIGACTION 1 | #define HAVE_SIGPROCMASK 1 | #define HAVE_PIPE 1 | #define HAVE_GETADDRINFO 1 | #define HAVE_TTYNAME 1 | #define HAVE_RAND 1 | #define HAVE_FTELLO 1 | #define HAVE_FSYNC 1 | #define HAVE_STAT 1 | #define HAVE_LSTAT 1 | #define HAVE_STRUCT_SIGACTION 1 | #define HAVE_SIGSET_T 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_STPCPY 1 | #define HAVE_STRSEP 1 | #define HAVE_STRTOUL 1 | #define HAVE_MEMMOVE 1 | #define HAVE_STRTOL 1 | #define HAVE_ISASCII 1 | #define HAVE_TIMEGM 1 | #define HAVE_GETRUSAGE 1 | #define HAVE_SETRLIMIT 1 | #define HAVE_STAT 1 | #define HAVE_SETLOCALE 1 | #define HAVE_FLOCKFILE 1 | #define HAVE_FUNLOCKFILE 1 | #define HAVE_FUNOPEN 1 | #define HAVE_GETPWNAM 1 | #define HAVE_GETPWUID 1 | #define HAVE_GETENV 1 | #define HAVE_INET_PTON 1 | #define HAVE_STRPBRK 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_ZIP 1 | #define HAVE_BZIP2 1 | /* end confdefs.h. */ | | #include | #include | #include | | int | main () | { | | rl_completion_func_t *completer; | add_history("foobar"); | rl_catch_signals=0; | rl_inhibit_completion=0; | rl_attempted_completion_function=NULL; | rl_completion_matches(NULL,NULL); | | ; | return 0; | } configure:14909: result: no configure:14989: checking for cc features configure:14994: checking if gcc ignores unknown -Wno-* options configure:15010: clang -c -g -O2 conftest.c >&5 conftest.c:183:2: error: invalid preprocessing directive #kickerror ^ 1 error generated. configure:15010: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "gnupg2" | #define PACKAGE_TARNAME "gnupg2" | #define PACKAGE_VERSION "2.1.3" | #define PACKAGE_STRING "gnupg 2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define PACKAGE_URL "" | #define PACKAGE "gnupg" | #define VERSION "2.1.3" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define __EXTENSIONS__ 1 | #define _ALL_SOURCE 1 | #define _GNU_SOURCE 1 | #define _POSIX_PTHREAD_SEMANTICS 1 | #define _TANDEM_SOURCE 1 | #define PACKAGE "gnupg" | #define PACKAGE_GT "gnupg22" | #define VERSION "2.1.3" | #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" | #define NEED_LIBGCRYPT_VERSION "1.6.0" | #define NEED_KSBA_VERSION "1.2.0" | #define NEED_NTBTLS_VERSION "0.1.0" | #define NAME_OF_INSTALLED_GPG "gpg2" | #define SECMEM_BUFFER_SIZE 32768 | #define GPG_USE_RSA 1 | #define GPG_USE_ECDH 1 | #define GPG_USE_ECDSA 1 | #define GPG_USE_EDDSA 1 | #define GPG_USE_IDEA 1 | #define GPG_USE_CAST5 1 | #define GPG_USE_BLOWFISH 1 | #define GPG_USE_AES128 1 | #define GPG_USE_AES192 1 | #define GPG_USE_AES256 1 | #define GPG_USE_TWOFISH 1 | #define GPG_USE_CAMELLIA128 1 | #define GPG_USE_CAMELLIA192 1 | #define GPG_USE_CAMELLIA256 1 | #define GPG_USE_MD5 1 | #define GPG_USE_RMD160 1 | #define GPG_USE_SHA224 1 | #define GPG_USE_SHA384 1 | #define GPG_USE_SHA512 1 | #define PK_UID_CACHE_SIZE 4096 | #define ENABLE_CARD_SUPPORT 1 | #define USE_DIRMNGR_AUTO_START 1 | #define RUN_TESTS 1 | #define EXEEXT "" | #define GNUPG_LIBASSUAN_VERSION "2.2.0" | #define HAVE_LIBUSB 1 | #define ENCFS "/usr/bin/encfs" | #define FUSERMOUNT "/usr/bin/fusermount" | #define HAVE_LIBUTIL 1 | #define SHRED "/usr/bin/shred" | #define HAVE_NPTH 1 | #define USE_NPTH 1 | #define HTTP_USE_GNUTLS 1 | #define USE_DNS_SRV 1 | #define USE_DNS_CERT 1 | #define BIND_8_COMPAT 1 | #define HAVE_LDAP_GET_OPTION 1 | #define HAVE_LDAP_SET_OPTION 1 | #define HAVE_LDAP_START_TLS_S 1 | #define HAVE_LBER 1 | #define USE_LDAP 1 | #define USE_LDAPWRAPPER 1 | #define PRINTABLE_OS_NAME "Darwin" | #define HAVE_ICONV 1 | #define ICONV_CONST | #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 | #define HAVE_CFLOCALECOPYCURRENT 1 | #define HAVE_ICONV 1 | #define ENABLE_NLS 1 | #define HAVE_GETTEXT 1 | #define HAVE_DCGETTEXT 1 | #define HAVE_STRCHR 1 | #define HAVE_LANGINFO_CODESET 1 | #define HAVE_LC_MESSAGES 1 | #define STDC_HEADERS 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_LANGINFO_H 1 | #define HAVE_LOCALE_H 1 | #define HAVE_GETOPT_H 1 | #define HAVE_UTMP_H 1 | #define HAVE_PWD_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_SYS_SELECT_H 1 | #define TIME_WITH_SYS_TIME 1 | #define RETSIGTYPE void | #define HAVE_DECL_SYS_SIGLIST 1 | #define HAVE_SYS_SOCKET_H 1 | #define LITTLE_ENDIAN_HOST 1 | #define HAVE_USHORT_TYPEDEF 1 | #define SIZEOF_UNSIGNED_SHORT 2 | #define SIZEOF_UNSIGNED_INT 4 | #define SIZEOF_UNSIGNED_LONG 8 | #define SIZEOF_UNSIGNED_LONG_LONG 8 | #define TIME_WITH_SYS_TIME 1 | #define SIZEOF_TIME_T 8 | #define HAVE_DECL_GETPAGESIZE 1 | #define HAVE_FSEEKO 1 | #define HAVE_VPRINTF 1 | #define HAVE_FORK 1 | #define HAVE_VFORK 1 | #define HAVE_WORKING_VFORK 1 | #define HAVE_WORKING_FORK 1 | #define HAVE_STRERROR 1 | #define HAVE_TCGETATTR 1 | #define HAVE_MMAP 1 | #define HAVE_STRCASECMP 1 | #define HAVE_STRNCASECMP 1 | #define HAVE_CTERMID 1 | #define HAVE_TIMES 1 | #define HAVE_GMTIME_R 1 | #define HAVE_STRTOULL 1 | #define HAVE_SETENV 1 | #define HAVE_UNSETENV 1 | #define HAVE_FCNTL 1 | #define HAVE_FTRUNCATE 1 | #define HAVE_INET_NTOP 1 | #define HAVE_GETTIMEOFDAY 1 | #define HAVE_GETRUSAGE 1 | #define HAVE_GETRLIMIT 1 | #define HAVE_SETRLIMIT 1 | #define HAVE_ATEXIT 1 | #define HAVE_RAISE 1 | #define HAVE_GETPAGESIZE 1 | #define HAVE_STRFTIME 1 | #define HAVE_NL_LANGINFO 1 | #define HAVE_SETLOCALE 1 | #define HAVE_WAITPID 1 | #define HAVE_WAIT4 1 | #define HAVE_SIGACTION 1 | #define HAVE_SIGPROCMASK 1 | #define HAVE_PIPE 1 | #define HAVE_GETADDRINFO 1 | #define HAVE_TTYNAME 1 | #define HAVE_RAND 1 | #define HAVE_FTELLO 1 | #define HAVE_FSYNC 1 | #define HAVE_STAT 1 | #define HAVE_LSTAT 1 | #define HAVE_STRUCT_SIGACTION 1 | #define HAVE_SIGSET_T 1 | #define HAVE_SIGNAL_H 1 | #define HAVE_STPCPY 1 | #define HAVE_STRSEP 1 | #define HAVE_STRTOUL 1 | #define HAVE_MEMMOVE 1 | #define HAVE_STRTOL 1 | #define HAVE_ISASCII 1 | #define HAVE_TIMEGM 1 | #define HAVE_GETRUSAGE 1 | #define HAVE_SETRLIMIT 1 | #define HAVE_STAT 1 | #define HAVE_SETLOCALE 1 | #define HAVE_FLOCKFILE 1 | #define HAVE_FUNLOCKFILE 1 | #define HAVE_FUNOPEN 1 | #define HAVE_GETPWNAM 1 | #define HAVE_GETPWUID 1 | #define HAVE_GETENV 1 | #define HAVE_INET_PTON 1 | #define HAVE_STRPBRK 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_ZIP 1 | #define HAVE_BZIP2 1 | /* end confdefs.h. */ | | #if __GNUC__ < 4 || (__GNUC__ == 4 && __GNUC_MINOR__ < 6 ) | #kickerror | #endif | int | main () | { | | ; | return 0; | } configure:15016: result: no configure:15091: checking if gcc supports -Wno-pointer-sign configure:15106: clang -c -Wno-pointer-sign conftest.c >&5 configure:15106: $? = 0 configure:15112: result: yes configure:15120: checking if gcc supports -Wpointer-arith configure:15135: clang -c -Wpointer-arith conftest.c >&5 configure:15135: $? = 0 configure:15141: result: yes configure:15735: checking that generated files are newer than configure configure:15741: result: done configure:15787: checking that generated files are newer than configure configure:15793: result: done configure:15908: creating ./config.status ## ---------------------- ## ## Running config.status. ## ## ---------------------- ## This file was extended by gnupg config.status 2.1.3, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = CONFIG_HEADERS = CONFIG_LINKS = CONFIG_COMMANDS = $ ./config.status on Dominyks-MacBook-Pro.local config.status:1225: creating m4/Makefile config.status:1225: creating Makefile config.status:1225: creating po/Makefile.in config.status:1225: creating common/Makefile config.status:1225: creating common/w32info-rc.h config.status:1225: creating kbx/Makefile config.status:1225: creating g10/Makefile config.status:1225: creating sm/Makefile config.status:1225: creating agent/Makefile config.status:1225: creating scd/Makefile config.status:1225: creating g13/Makefile config.status:1225: creating dirmngr/Makefile config.status:1225: creating tools/gpg-zip config.status:1225: creating tools/Makefile config.status:1225: creating doc/Makefile config.status:1225: creating tests/Makefile config.status:1225: creating tests/openpgp/Makefile config.status:1225: creating tests/pkits/Makefile config.status:1225: creating g10/gpg.w32-manifest config.status:1225: creating config.h config.status:1454: executing depfiles commands config.status:1454: executing po-directories commands ## ---------------- ## ## Cache variables. ## ## ---------------- ## ac_cv_build=x86_64-apple-darwin14.3.0 ac_cv_c_compiler_gnu=yes ac_cv_c_const=yes ac_cv_c_inline=inline ac_cv_c_volatile=yes ac_cv_env_CC_FOR_BUILD_set= ac_cv_env_CC_FOR_BUILD_value= ac_cv_env_CC_set=set ac_cv_env_CC_value=clang ac_cv_env_CFLAGS_set= ac_cv_env_CFLAGS_value= ac_cv_env_CPPFLAGS_set= ac_cv_env_CPPFLAGS_value= ac_cv_env_CPP_set= ac_cv_env_CPP_value= ac_cv_env_LDFLAGS_set=set ac_cv_env_LDFLAGS_value=-lresolv ac_cv_env_LIBGNUTLS_CFLAGS_set= ac_cv_env_LIBGNUTLS_CFLAGS_value= ac_cv_env_LIBGNUTLS_LIBS_set= ac_cv_env_LIBGNUTLS_LIBS_value= ac_cv_env_LIBS_set= ac_cv_env_LIBS_value= ac_cv_env_PKG_CONFIG_LIBDIR_set=set ac_cv_env_PKG_CONFIG_LIBDIR_value=/usr/lib/pkgconfig:/usr/local/Library/ENV/pkgconfig/10.10 ac_cv_env_PKG_CONFIG_PATH_set=set ac_cv_env_PKG_CONFIG_PATH_value=/usr/local/opt/libtasn1/lib/pkgconfig:/usr/local/opt/nettle/lib/pkgconfig:/usr/local/opt/gnutls/lib/pkgconfig:/usr/local/opt/libusb/lib/pkgconfig:/usr/local/opt/libusb-compat/lib/pkgconfig ac_cv_env_PKG_CONFIG_set= ac_cv_env_PKG_CONFIG_value= ac_cv_env_SYSROOT_set= ac_cv_env_SYSROOT_value= ac_cv_env_build_alias_set= ac_cv_env_build_alias_value= ac_cv_env_host_alias_set= ac_cv_env_host_alias_value= ac_cv_env_target_alias_set= ac_cv_env_target_alias_value= ac_cv_func__doprnt=no ac_cv_func_atexit=yes ac_cv_func_canonicalize_file_name=no ac_cv_func_clock_gettime=no ac_cv_func_ctermid=yes ac_cv_func_fcntl=yes ac_cv_func_flockfile=yes ac_cv_func_fopencookie=no ac_cv_func_fork=yes ac_cv_func_fork_works=yes ac_cv_func_fsync=yes ac_cv_func_ftello=yes ac_cv_func_ftruncate=yes ac_cv_func_funlockfile=yes ac_cv_func_funopen=yes ac_cv_func_getaddrinfo=yes ac_cv_func_getenv=yes ac_cv_func_gethostbyname=yes ac_cv_func_getpagesize=yes ac_cv_func_getpwnam=yes ac_cv_func_getpwuid=yes ac_cv_func_getrlimit=yes ac_cv_func_getrusage=yes ac_cv_func_gettimeofday=yes ac_cv_func_gmtime_r=yes ac_cv_func_inet_ntop=yes ac_cv_func_inet_pton=yes ac_cv_func_isascii=yes ac_cv_func_ldap_get_option=yes ac_cv_func_ldap_set_option=yes ac_cv_func_ldap_start_tls_s=yes ac_cv_func_ldap_start_tls_sA=no ac_cv_func_lstat=yes ac_cv_func_memicmp=no ac_cv_func_memmove=yes ac_cv_func_memrchr=no ac_cv_func_mmap=yes ac_cv_func_nl_langinfo=yes ac_cv_func_pipe=yes ac_cv_func_raise=yes ac_cv_func_rand=yes ac_cv_func_regcomp=yes ac_cv_func_setenv=yes ac_cv_func_setlocale=yes ac_cv_func_setrlimit=yes ac_cv_func_setsockopt=yes ac_cv_func_sigaction=yes ac_cv_func_sigprocmask=yes ac_cv_func_stat=yes ac_cv_func_stpcpy=yes ac_cv_func_strcasecmp=yes ac_cv_func_strchr=yes ac_cv_func_strerror=yes ac_cv_func_strftime=yes ac_cv_func_stricmp=no ac_cv_func_strlwr=no ac_cv_func_strncasecmp=yes ac_cv_func_strpbrk=yes ac_cv_func_strsep=yes ac_cv_func_strtol=yes ac_cv_func_strtoul=yes ac_cv_func_strtoull=yes ac_cv_func_tcgetattr=yes ac_cv_func_timegm=yes ac_cv_func_times=yes ac_cv_func_ttyname=yes ac_cv_func_unsetenv=yes ac_cv_func_usb_create_match=no ac_cv_func_vfork=yes ac_cv_func_vfork_works=yes ac_cv_func_vprintf=yes ac_cv_func_wait4=yes ac_cv_func_waitpid=yes ac_cv_have_decl_getpagesize=yes ac_cv_have_decl_sys_siglist=yes ac_cv_header_adns_h=no ac_cv_header_bzlib_h=yes ac_cv_header_direct_h=no ac_cv_header_getopt_h=yes ac_cv_header_inttypes_h=yes ac_cv_header_langinfo_h=yes ac_cv_header_locale_h=yes ac_cv_header_memory_h=yes ac_cv_header_minix_config_h=no ac_cv_header_pty_h=no ac_cv_header_pwd_h=yes ac_cv_header_signal_h=yes ac_cv_header_stdc=yes ac_cv_header_stdint_h=yes ac_cv_header_stdlib_h=yes ac_cv_header_string_h=yes ac_cv_header_strings_h=yes ac_cv_header_sys_select_h=yes ac_cv_header_sys_socket_h=yes ac_cv_header_sys_stat_h=yes ac_cv_header_sys_types_h=yes ac_cv_header_termio_h=no ac_cv_header_time=yes ac_cv_header_unistd_h=yes ac_cv_header_utmp_h=yes ac_cv_header_vfork_h=no ac_cv_header_zlib_h=yes ac_cv_host=x86_64-apple-darwin14.3.0 ac_cv_lib_bz2_BZ2_bzCompressInit=yes ac_cv_lib_cposix_strerror=no ac_cv_lib_lber_ber_free=yes ac_cv_lib_usb_usb_bulk_write=yes ac_cv_lib_util_openpty=yes ac_cv_lib_z_deflateInit2_=yes ac_cv_objext=o ac_cv_path_EGREP='/usr/bin/grep -E' ac_cv_path_ENCFS=/usr/bin/encfs ac_cv_path_FUSERMOUNT=/usr/bin/fusermount ac_cv_path_GMSGFMT=/usr/local/opt/gettext/bin/msgfmt ac_cv_path_GPG_ERROR_CONFIG=/usr/local/opt/libgpg-error/bin/gpg-error-config ac_cv_path_GREP=/usr/bin/grep ac_cv_path_KSBA_CONFIG=/usr/local/opt/libksba/bin/ksba-config ac_cv_path_LIBASSUAN_CONFIG=/usr/local/opt/libassuan/bin/libassuan-config ac_cv_path_LIBGCRYPT_CONFIG=/usr/local/opt/libgcrypt/bin/libgcrypt-config ac_cv_path_MSGFMT=/usr/local/opt/gettext/bin/msgfmt ac_cv_path_MSGMERGE=/usr/local/opt/gettext/bin/msgmerge ac_cv_path_NPTH_CONFIG=/usr/local/opt/npth/bin/npth-config ac_cv_path_NTBTLS_CONFIG=no ac_cv_path_PERL=/usr/bin/perl ac_cv_path_SENDMAIL=/usr/sbin/sendmail ac_cv_path_SHRED=/usr/bin/shred ac_cv_path_TAR=/usr/bin/tar ac_cv_path_XGETTEXT=/usr/local/opt/gettext/bin/xgettext ac_cv_path_ac_pt_PKG_CONFIG=/usr/local/opt/pkg-config/bin/pkg-config ac_cv_path_install='/usr/bin/install -c' ac_cv_prog_AWK=awk ac_cv_prog_CPP='clang -E' ac_cv_prog_ac_ct_AR=ar ac_cv_prog_ac_ct_CC=clang ac_cv_prog_ac_ct_RANLIB=ranlib ac_cv_prog_cc_c89= ac_cv_prog_cc_g=yes ac_cv_prog_make_make_set=yes ac_cv_safe_to_define___extensions__=yes ac_cv_search___dn_skipname='none required' ac_cv_search_dlopen='none required' ac_cv_search_dn_expand='none required' ac_cv_search_dn_skipname=no ac_cv_search_inet_addr='none required' ac_cv_search_regcomp='none required' ac_cv_search_res_query='none required' ac_cv_sizeof_time_t=8 ac_cv_sizeof_unsigned_int=4 ac_cv_sizeof_unsigned_long=8 ac_cv_sizeof_unsigned_long_long=8 ac_cv_sizeof_unsigned_short=2 ac_cv_sys_file_offset_bits=no ac_cv_sys_largefile_CC=no ac_cv_sys_largefile_source=no ac_cv_type_mode_t=yes ac_cv_type_pid_t=yes ac_cv_type_signal=void ac_cv_type_sigset_t=yes ac_cv_type_size_t=yes ac_cv_type_socklen_t=yes ac_cv_type_struct_sigaction=yes acl_cv_hardcode_direct=no acl_cv_hardcode_libdir_flag_spec= acl_cv_hardcode_libdir_separator= acl_cv_hardcode_minus_L=no acl_cv_libext=a acl_cv_libname_spec='lib$name' acl_cv_library_names_spec='$libname$shrext' acl_cv_path_LD=/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ld acl_cv_prog_gnu_ld=no acl_cv_rpath=done acl_cv_shlibext=dylib acl_cv_wl=-Wl, am_cv_CC_dependencies_compiler_type=none am_cv_func_iconv=yes am_cv_func_iconv_works=yes am_cv_langinfo_codeset=yes am_cv_lib_iconv=yes am_cv_make_support_nested_variables=yes am_cv_prog_cc_c_o=yes am_cv_proto_iconv='extern size_t iconv (iconv_t cd, char * *inbuf, size_t *inbytesleft, char * *outbuf, size_t *outbytesleft);' am_cv_proto_iconv_arg1= gl_cv_absolute_stdint_h=/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.10.sdk/usr/include/stdint.h gnupg_cv_c_endian=little gnupg_cv_enable_photo_viewers=yes gnupg_cv_func_ldap_init=yes gnupg_cv_have_readline=no gnupg_cv_have_regex=yes gnupg_cv_mkdir_takes_one_arg=no gnupg_cv_regex_broken=no gnupg_cv_time_t_unsigned=no gnupg_cv_typedef_byte=no gnupg_cv_typedef_u16=no gnupg_cv_typedef_u32=no gnupg_cv_typedef_ulong=no gnupg_cv_typedef_ushort=yes gt_cv_func_CFLocaleCopyCurrent=yes gt_cv_func_CFPreferencesCopyAppValue=yes gt_cv_func_gnugettext2_libc=no gt_cv_func_gnugettext2_libintl=yes gt_cv_val_LC_MESSAGES=yes pkg_cv_LIBGNUTLS_CFLAGS='-I/usr/local/Cellar/libtasn1/4.4/include -I/usr/local/Cellar/nettle/2.7.1/include -I/usr/local/Cellar/gnutls/3.3.14/include ' pkg_cv_LIBGNUTLS_LIBS='-L/usr/local/Cellar/gnutls/3.3.14/lib -lgnutls ' ## ----------------- ## ## Output variables. ## ## ----------------- ## ACLOCAL='${SHELL} /private/tmp/gnupg2120150411-125-1ivs8hi/gnupg-2.1.3/build-aux/missing aclocal-1.14' AMDEPBACKSLASH='' AMDEP_FALSE='' AMDEP_TRUE='#' AMTAR='$${TAR-tar}' AM_BACKSLASH='\' AM_DEFAULT_V='$(AM_DEFAULT_VERBOSITY)' AM_DEFAULT_VERBOSITY='1' AM_V='$(V)' AR='ar' AUTOCONF='${SHELL} /private/tmp/gnupg2120150411-125-1ivs8hi/gnupg-2.1.3/build-aux/missing autoconf' AUTOHEADER='${SHELL} /private/tmp/gnupg2120150411-125-1ivs8hi/gnupg-2.1.3/build-aux/missing autoheader' AUTOMAKE='${SHELL} /private/tmp/gnupg2120150411-125-1ivs8hi/gnupg-2.1.3/build-aux/missing automake-1.14' AWK='awk' BUILD_AGENT_FALSE='#' BUILD_AGENT_TRUE='' BUILD_DIRMNGR_FALSE='#' BUILD_DIRMNGR_TRUE='' BUILD_DOC_FALSE='#' BUILD_DOC_TRUE='' BUILD_FILEVERSION='2,1,3,45537' BUILD_G13_FALSE='#' BUILD_G13_TRUE='' BUILD_GPGSM_FALSE='#' BUILD_GPGSM_TRUE='' BUILD_GPGTAR_FALSE='#' BUILD_GPGTAR_TRUE='' BUILD_GPG_FALSE='#' BUILD_GPG_TRUE='' BUILD_HOSTNAME='Dominyks-MacBook-Pro.local' BUILD_INCLUDED_LIBINTL='' BUILD_REVISION='b1e1959' BUILD_SCDAEMON_FALSE='#' BUILD_SCDAEMON_TRUE='' BUILD_SYMCRYPTRUN_FALSE='#' BUILD_SYMCRYPTRUN_TRUE='' BUILD_TIMESTAMP='2015-04-11T22:24+0000' BUILD_TOOLS_FALSE='#' BUILD_TOOLS_TRUE='' BUILD_VERSION='2.1.3.45537' CC='clang' CCDEPMODE='depmode=none' CC_FOR_BUILD='clang' CFLAGS='-g -O2 -Wall -Wno-pointer-sign -Wpointer-arith' CPP='clang -E' CPPFLAGS='' CROSS_COMPILING_FALSE='' CROSS_COMPILING_TRUE='#' CYGPATH_W='echo' DEFS='-DHAVE_CONFIG_H' DEPDIR='.deps' DISABLE_REGEX_FALSE='' DISABLE_REGEX_TRUE='#' DL_LIBS='' DNSLIBS='' ECHO_C='\c' ECHO_N='' ECHO_T='' EGREP='/usr/bin/grep -E' ENABLE_BZIP2_SUPPORT_FALSE='#' ENABLE_BZIP2_SUPPORT_TRUE='' ENABLE_CARD_SUPPORT_FALSE='#' ENABLE_CARD_SUPPORT_TRUE='' ENCFS='/usr/bin/encfs' EXEEXT='' FUSERMOUNT='/usr/bin/fusermount' GETTEXT_MACRO_VERSION='0.17' GMSGFMT='/usr/local/opt/gettext/bin/msgfmt' GMSGFMT_015='/usr/local/opt/gettext/bin/msgfmt' GNUPG_AGENT_PGM='' GNUPG_AGENT_PGM_FALSE='' GNUPG_AGENT_PGM_TRUE='#' GNUPG_DIRMNGR_LDAP_PGM='' GNUPG_DIRMNGR_LDAP_PGM_FALSE='' GNUPG_DIRMNGR_LDAP_PGM_TRUE='#' GNUPG_DIRMNGR_PGM='' GNUPG_DIRMNGR_PGM_FALSE='' GNUPG_DIRMNGR_PGM_TRUE='#' GNUPG_PINENTRY_PGM='' GNUPG_PINENTRY_PGM_FALSE='' GNUPG_PINENTRY_PGM_TRUE='#' GNUPG_PROTECT_TOOL_PGM='' GNUPG_PROTECT_TOOL_PGM_FALSE='' GNUPG_PROTECT_TOOL_PGM_TRUE='#' GNUPG_SCDAEMON_PGM='' GNUPG_SCDAEMON_PGM_FALSE='' GNUPG_SCDAEMON_PGM_TRUE='#' GPGKEYS_LDAP='gpg2keys_ldap' GPG_ERROR_CFLAGS='-I/usr/local/Cellar/libgpg-error/1.18/include' GPG_ERROR_CONFIG='/usr/local/opt/libgpg-error/bin/gpg-error-config' GPG_ERROR_LIBS='-L/usr/local/Cellar/libgpg-error/1.18/lib -lgpg-error' GPG_ERROR_MT_CFLAGS='-I/usr/local/Cellar/libgpg-error/1.18/include' GPG_ERROR_MT_LIBS='-L/usr/local/Cellar/libgpg-error/1.18/lib -lgpg-error -lpthread' GREP='/usr/bin/grep' HAVE_ANDROID_SYSTEM_FALSE='' HAVE_ANDROID_SYSTEM_TRUE='#' HAVE_DOSISH_SYSTEM_FALSE='' HAVE_DOSISH_SYSTEM_TRUE='#' HAVE_USTAR_FALSE='#' HAVE_USTAR_TRUE='' HAVE_W32CE_SYSTEM_FALSE='' HAVE_W32CE_SYSTEM_TRUE='#' HAVE_W32_SYSTEM_FALSE='' HAVE_W32_SYSTEM_TRUE='#' INSTALL_DATA='${INSTALL} -m 644' INSTALL_PROGRAM='${INSTALL}' INSTALL_SCRIPT='${INSTALL}' INSTALL_STRIP_PROGRAM='$(install_sh) -c -s' INTLLIBS='-lintl -Wl,-framework -Wl,CoreFoundation' INTL_MACOSX_LIBS='-Wl,-framework -Wl,CoreFoundation' KSBA_CFLAGS='-I/usr/local/Cellar/libksba/1.3.2/include -I/usr/local/Cellar/libgpg-error/1.17/include' KSBA_CONFIG='/usr/local/opt/libksba/bin/ksba-config' KSBA_LIBS='-L/usr/local/Cellar/libksba/1.3.2/lib -lksba -L/usr/local/Cellar/libgpg-error/1.17/lib -lgpg-error' LBER_LIBS=' -llber' LDAPLIBS=' -lldap' LDAP_CPPFLAGS='' LDFLAGS='-lresolv' LIBASSUAN_CFLAGS='-I/usr/local/Cellar/libassuan/2.2.0/include -I/usr/local/Cellar/libgpg-error/1.17/include' LIBASSUAN_CONFIG='/usr/local/opt/libassuan/bin/libassuan-config' LIBASSUAN_LIBS='-L/usr/local/Cellar/libassuan/2.2.0/lib -lassuan -L/usr/local/Cellar/libgpg-error/1.17/lib -lgpg-error' LIBGCRYPT_CFLAGS='-I/usr/local/Cellar/libgcrypt/1.6.3/include -I/usr/local/Cellar/libgpg-error/1.18/include' LIBGCRYPT_CONFIG='/usr/local/opt/libgcrypt/bin/libgcrypt-config' LIBGCRYPT_LIBS='-L/usr/local/Cellar/libgcrypt/1.6.3/lib -lgcrypt -L/usr/local/Cellar/libgpg-error/1.18/lib -lgpg-error' LIBGNUTLS_CFLAGS='-I/usr/local/Cellar/libtasn1/4.4/include -I/usr/local/Cellar/nettle/2.7.1/include -I/usr/local/Cellar/gnutls/3.3.14/include ' LIBGNUTLS_LIBS='-L/usr/local/Cellar/gnutls/3.3.14/lib -lgnutls ' LIBICONV='-liconv' LIBINTL='-lintl -Wl,-framework -Wl,CoreFoundation' LIBOBJS='' LIBREADLINE='' LIBS='' LIBUSB_LIBS=' -lusb' LIBUTIL_LIBS=' -lutil' LN_S='ln -s' LTLIBICONV='-liconv' LTLIBINTL='-lintl -Wl,-framework -Wl,CoreFoundation' LTLIBOBJS='' MAINT='#' MAINTAINER_MODE_FALSE='' MAINTAINER_MODE_TRUE='#' MAKEINFO='${SHELL} /private/tmp/gnupg2120150411-125-1ivs8hi/gnupg-2.1.3/build-aux/missing makeinfo' MKDIR_P='build-aux/install-sh -c -d' MSGFMT='/usr/local/opt/gettext/bin/msgfmt' MSGFMT_015='/usr/local/opt/gettext/bin/msgfmt' MSGMERGE='/usr/local/opt/gettext/bin/msgmerge' NETLIBS='' NO_TRUST_MODELS_FALSE='' NO_TRUST_MODELS_TRUE='#' NPTH_CFLAGS='-I/usr/local/Cellar/npth/1.1/include' NPTH_CONFIG='/usr/local/opt/npth/bin/npth-config' NPTH_LIBS='-L/usr/local/Cellar/npth/1.1/lib -lnpth' NTBTLS_CFLAGS='' NTBTLS_CONFIG='no' NTBTLS_LIBS='' OBJEXT='o' PACKAGE='gnupg' PACKAGE_BUGREPORT='http://bugs.gnupg.org' PACKAGE_GT='gnupg22' PACKAGE_NAME='gnupg2' PACKAGE_STRING='gnupg 2.1.3' PACKAGE_TARNAME='gnupg2' PACKAGE_URL='' PACKAGE_VERSION='2.1.3' PATH_SEPARATOR=':' PERL='/usr/bin/perl' PKG_CONFIG='/usr/local/opt/pkg-config/bin/pkg-config' PKG_CONFIG_LIBDIR='/usr/lib/pkgconfig:/usr/local/Library/ENV/pkgconfig/10.10' PKG_CONFIG_PATH='/usr/local/opt/libtasn1/lib/pkgconfig:/usr/local/opt/nettle/lib/pkgconfig:/usr/local/opt/gnutls/lib/pkgconfig:/usr/local/opt/libusb/lib/pkgconfig:/usr/local/opt/libusb-compat/lib/pkgconfig' POSUB='po' RANLIB='ranlib' RUN_GPG_TESTS_FALSE='#' RUN_GPG_TESTS_TRUE='' RUN_TESTS_FALSE='#' RUN_TESTS_TRUE='' SENDMAIL='/usr/sbin/sendmail' SET_MAKE='' SHELL='/bin/sh' SHRED='/usr/bin/shred' STRIP='' SYSROOT='' SYS_SOCKET_H='' TAR='/usr/bin/tar' USE_DNS_SRV_FALSE='#' USE_DNS_SRV_TRUE='' USE_INCLUDED_LIBINTL='' USE_LDAPWRAPPER_FALSE='#' USE_LDAPWRAPPER_TRUE='' USE_LDAP_FALSE='#' USE_LDAP_TRUE='' USE_NLS='yes' USE_SIMPLE_GETTEXT_FALSE='' USE_SIMPLE_GETTEXT_TRUE='#' VERSION='2.1.3' W32SOCKLIBS='' WINDRES=':' XGETTEXT='/usr/local/opt/gettext/bin/xgettext' XGETTEXT_015='/usr/local/opt/gettext/bin/xgettext' XGETTEXT_EXTRA_OPTIONS='' ZLIBS='-lz -lbz2' ac_ct_CC='clang' am__EXEEXT_FALSE='' am__EXEEXT_TRUE='#' am__fastdepCC_FALSE='' am__fastdepCC_TRUE='#' am__include='include' am__isrc='' am__leading_dot='.' am__nodep='' am__quote='' am__tar='$${TAR-tar} chof - "$$tardir"' am__untar='$${TAR-tar} xf -' bindir='${exec_prefix}/bin' build='x86_64-apple-darwin14.3.0' build_alias='' build_cpu='x86_64' build_os='darwin14.3.0' build_vendor='apple' datadir='${datarootdir}' datarootdir='${prefix}/share' docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' dvidir='${docdir}' exec_prefix='${prefix}' host='x86_64-apple-darwin14.3.0' host_alias='' host_cpu='x86_64' host_os='darwin14.3.0' host_vendor='apple' htmldir='${docdir}' includedir='${prefix}/include' infodir='${datarootdir}/info' install_sh='${SHELL} /private/tmp/gnupg2120150411-125-1ivs8hi/gnupg-2.1.3/build-aux/install-sh' libdir='${exec_prefix}/lib' libexecdir='${exec_prefix}/libexec' localedir='${datarootdir}/locale' localstatedir='${prefix}/var' mandir='${datarootdir}/man' mkdir_p='$(MKDIR_P)' oldincludedir='/usr/include' pdfdir='${docdir}' prefix='/usr/local/Cellar/gnupg21/2.1.3' program_transform_name='s,x,x,' psdir='${docdir}' sbindir='/usr/local/Cellar/gnupg21/2.1.3/bin' sharedstatedir='${prefix}/com' sysconfdir='/usr/local/etc' target_alias='' ## ----------- ## ## confdefs.h. ## ## ----------- ## /* confdefs.h */ #define PACKAGE_NAME "gnupg2" #define PACKAGE_TARNAME "gnupg2" #define PACKAGE_VERSION "2.1.3" #define PACKAGE_STRING "gnupg 2.1.3" #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" #define PACKAGE_URL "" #define PACKAGE "gnupg" #define VERSION "2.1.3" #define STDC_HEADERS 1 #define HAVE_SYS_TYPES_H 1 #define HAVE_SYS_STAT_H 1 #define HAVE_STDLIB_H 1 #define HAVE_STRING_H 1 #define HAVE_MEMORY_H 1 #define HAVE_STRINGS_H 1 #define HAVE_INTTYPES_H 1 #define HAVE_STDINT_H 1 #define HAVE_UNISTD_H 1 #define __EXTENSIONS__ 1 #define _ALL_SOURCE 1 #define _GNU_SOURCE 1 #define _POSIX_PTHREAD_SEMANTICS 1 #define _TANDEM_SOURCE 1 #define PACKAGE "gnupg" #define PACKAGE_GT "gnupg22" #define VERSION "2.1.3" #define PACKAGE_BUGREPORT "http://bugs.gnupg.org" #define NEED_LIBGCRYPT_VERSION "1.6.0" #define NEED_KSBA_VERSION "1.2.0" #define NEED_NTBTLS_VERSION "0.1.0" #define NAME_OF_INSTALLED_GPG "gpg2" #define SECMEM_BUFFER_SIZE 32768 #define GPG_USE_RSA 1 #define GPG_USE_ECDH 1 #define GPG_USE_ECDSA 1 #define GPG_USE_EDDSA 1 #define GPG_USE_IDEA 1 #define GPG_USE_CAST5 1 #define GPG_USE_BLOWFISH 1 #define GPG_USE_AES128 1 #define GPG_USE_AES192 1 #define GPG_USE_AES256 1 #define GPG_USE_TWOFISH 1 #define GPG_USE_CAMELLIA128 1 #define GPG_USE_CAMELLIA192 1 #define GPG_USE_CAMELLIA256 1 #define GPG_USE_MD5 1 #define GPG_USE_RMD160 1 #define GPG_USE_SHA224 1 #define GPG_USE_SHA384 1 #define GPG_USE_SHA512 1 #define PK_UID_CACHE_SIZE 4096 #define ENABLE_CARD_SUPPORT 1 #define USE_DIRMNGR_AUTO_START 1 #define RUN_TESTS 1 #define EXEEXT "" #define GNUPG_LIBASSUAN_VERSION "2.2.0" #define HAVE_LIBUSB 1 #define ENCFS "/usr/bin/encfs" #define FUSERMOUNT "/usr/bin/fusermount" #define HAVE_LIBUTIL 1 #define SHRED "/usr/bin/shred" #define HAVE_NPTH 1 #define USE_NPTH 1 #define HTTP_USE_GNUTLS 1 #define USE_DNS_SRV 1 #define USE_DNS_CERT 1 #define BIND_8_COMPAT 1 #define HAVE_LDAP_GET_OPTION 1 #define HAVE_LDAP_SET_OPTION 1 #define HAVE_LDAP_START_TLS_S 1 #define HAVE_LBER 1 #define USE_LDAP 1 #define USE_LDAPWRAPPER 1 #define PRINTABLE_OS_NAME "Darwin" #define HAVE_ICONV 1 #define ICONV_CONST #define HAVE_CFPREFERENCESCOPYAPPVALUE 1 #define HAVE_CFLOCALECOPYCURRENT 1 #define HAVE_ICONV 1 #define ENABLE_NLS 1 #define HAVE_GETTEXT 1 #define HAVE_DCGETTEXT 1 #define HAVE_STRCHR 1 #define HAVE_LANGINFO_CODESET 1 #define HAVE_LC_MESSAGES 1 #define STDC_HEADERS 1 #define HAVE_STRING_H 1 #define HAVE_UNISTD_H 1 #define HAVE_LANGINFO_H 1 #define HAVE_LOCALE_H 1 #define HAVE_GETOPT_H 1 #define HAVE_UTMP_H 1 #define HAVE_PWD_H 1 #define HAVE_INTTYPES_H 1 #define HAVE_SIGNAL_H 1 #define HAVE_SYS_SELECT_H 1 #define TIME_WITH_SYS_TIME 1 #define RETSIGTYPE void #define HAVE_DECL_SYS_SIGLIST 1 #define HAVE_SYS_SOCKET_H 1 #define LITTLE_ENDIAN_HOST 1 #define HAVE_USHORT_TYPEDEF 1 #define SIZEOF_UNSIGNED_SHORT 2 #define SIZEOF_UNSIGNED_INT 4 #define SIZEOF_UNSIGNED_LONG 8 #define SIZEOF_UNSIGNED_LONG_LONG 8 #define TIME_WITH_SYS_TIME 1 #define SIZEOF_TIME_T 8 #define HAVE_DECL_GETPAGESIZE 1 #define HAVE_FSEEKO 1 #define HAVE_VPRINTF 1 #define HAVE_FORK 1 #define HAVE_VFORK 1 #define HAVE_WORKING_VFORK 1 #define HAVE_WORKING_FORK 1 #define HAVE_STRERROR 1 #define HAVE_TCGETATTR 1 #define HAVE_MMAP 1 #define HAVE_STRCASECMP 1 #define HAVE_STRNCASECMP 1 #define HAVE_CTERMID 1 #define HAVE_TIMES 1 #define HAVE_GMTIME_R 1 #define HAVE_STRTOULL 1 #define HAVE_SETENV 1 #define HAVE_UNSETENV 1 #define HAVE_FCNTL 1 #define HAVE_FTRUNCATE 1 #define HAVE_INET_NTOP 1 #define HAVE_GETTIMEOFDAY 1 #define HAVE_GETRUSAGE 1 #define HAVE_GETRLIMIT 1 #define HAVE_SETRLIMIT 1 #define HAVE_ATEXIT 1 #define HAVE_RAISE 1 #define HAVE_GETPAGESIZE 1 #define HAVE_STRFTIME 1 #define HAVE_NL_LANGINFO 1 #define HAVE_SETLOCALE 1 #define HAVE_WAITPID 1 #define HAVE_WAIT4 1 #define HAVE_SIGACTION 1 #define HAVE_SIGPROCMASK 1 #define HAVE_PIPE 1 #define HAVE_GETADDRINFO 1 #define HAVE_TTYNAME 1 #define HAVE_RAND 1 #define HAVE_FTELLO 1 #define HAVE_FSYNC 1 #define HAVE_STAT 1 #define HAVE_LSTAT 1 #define HAVE_STRUCT_SIGACTION 1 #define HAVE_SIGSET_T 1 #define HAVE_SIGNAL_H 1 #define HAVE_STPCPY 1 #define HAVE_STRSEP 1 #define HAVE_STRTOUL 1 #define HAVE_MEMMOVE 1 #define HAVE_STRTOL 1 #define HAVE_ISASCII 1 #define HAVE_TIMEGM 1 #define HAVE_GETRUSAGE 1 #define HAVE_SETRLIMIT 1 #define HAVE_STAT 1 #define HAVE_SETLOCALE 1 #define HAVE_FLOCKFILE 1 #define HAVE_FUNLOCKFILE 1 #define HAVE_FUNOPEN 1 #define HAVE_GETPWNAM 1 #define HAVE_GETPWUID 1 #define HAVE_GETENV 1 #define HAVE_INET_PTON 1 #define HAVE_STRPBRK 1 #define HAVE_SYS_STAT_H 1 #define HAVE_UNISTD_H 1 #define HAVE_ZIP 1 #define HAVE_BZIP2 1 #define BUILD_WITH_GPG 1 #define BUILD_WITH_GPGSM 1 #define BUILD_WITH_AGENT 1 #define BUILD_WITH_SCDAEMON 1 #define BUILD_WITH_DIRMNGR 1 #define BUILD_WITH_G13 1 #define GNUPG_NAME "GnuPG" #define GPG_NAME "gpg" #define GPG_DISP_NAME "GnuPG" #define GPGSM_NAME "gpgsm" #define GPGSM_DISP_NAME "GPGSM" #define GPG_AGENT_NAME "gpg-agent" #define GPG_AGENT_DISP_NAME "GPG Agent" #define SCDAEMON_NAME "scdaemon" #define SCDAEMON_DISP_NAME "SCDaemon" #define DIRMNGR_NAME "dirmngr" #define DIRMNGR_DISP_NAME "DirMngr" #define G13_NAME "g13" #define G13_DISP_NAME "G13" #define GPGCONF_NAME "gpgconf" #define GPGCONF_DISP_NAME "GPGConf" #define GPGTAR_NAME "gpgtar" #define GPG_AGENT_SOCK_NAME "S.gpg-agent" #define GPG_AGENT_SSH_SOCK_NAME "S.gpg-agent.ssh" #define DIRMNGR_INFO_NAME "DIRMNGR_INFO" #define SCDAEMON_SOCK_NAME "S.scdaemon" #define DIRMNGR_SOCK_NAME "S.dirmngr" #define GPGEXT_GPG "gpg" #define BUILD_REVISION "b1e1959" #define BUILD_TIMESTAMP "2015-04-11T22:24+0000" configure: exit 0 From ethansherriff at hotmail.co.uk Mon Apr 13 00:00:43 2015 From: ethansherriff at hotmail.co.uk (Ethan Sherriff) Date: Sun, 12 Apr 2015 23:00:43 +0100 Subject: GnuPG 2.1.3 Fails to Compile OS X Message-ID: Sorry didn't see what you said about the error occuring with GNU GCC, what version are you using? On OS X Yosemite 10.10.3 (Latest Public Beta 14D131, XCode 6.3 6D570), with GNU GCC 4.9.2 installed from source, gnupg-2.1.3 builds fine. ________________________________ From: Dominyk Tiller Sent: ?12/?04/?2015 21:01 To: gnupg-users at gnupg.org Subject: GnuPG 2.1.3 Fails to Compile OS X Hey Werner, Thanks for the new release! I'm having some issues making it compile on OS X, right across 10.8-10.10.3. Tried both Apple's Clang and GNU's GCC so I'm presuming the error isn't compiler-specific. It's throwing slightly different errors on OS X 10.8 than it is on 10.9 and 10.10. The 10.8 error is: ========================================================= t-stringhelp.c:488:3: error: function definition is not allowed here { ^ t-stringhelp.c:536:4: error: expected ';' at end of declaration } ^ ; 2 errors generated. make[3]: *** [t-stringhelp.o] Error 1 ========================================================= And the 10.9 - 10.10.3 error is just: ========================================================= t-stringhelp.c:488:3: error: function definition is not allowed here { ^ 1 error generated. make[3]: *** [t-stringhelp.o] Error 1 ========================================================= Have attached various compile logs. Cheers, Dom -- Sent from OS X. If you wish to communicate more securely my PGP Public Key is 0x872524db9d74326c. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- _______________________________________________ Gnupg-users mailing list Gnupg-users at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users From 2014-667rhzu3dc-lists-groups at riseup.net Mon Apr 13 00:43:58 2015 From: 2014-667rhzu3dc-lists-groups at riseup.net (MFPA) Date: Sun, 12 Apr 2015 23:43:58 +0100 Subject: [Announce] GnuPG 2.1.3 released In-Reply-To: <1892009497.20150412173035@my_localhost> References: <87mw2ems3g.fsf@vigenere.g10code.de> <1892009497.20150412173035@my_localhost> Message-ID: <793622611.20150412234358@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On Sunday 12 April 2015 at 5:30:35 PM, in , MFPA wrote: > Just spotted the announcement headline on > says Version 2.1.4 released, > instead of 2.1.3. Might confuse somebody. Now fixed, I see. - -- Best regards MFPA Consistency is the last refuge of the unimaginative -----BEGIN PGP SIGNATURE----- iQF8BAEBCgBmBQJVKvUyXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2 QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXw7UkIAJqvcXi+CJ9X/GAsDd8ANC9Z dimnExyrkYT0kZIY8HTkB4I2oxdm/8zcDEKSuzar6v/3y2oP48z/nKIgnEBcvKpZ CBxxTvC2BjKr/cPnctRpbQYRucPDPY30VrhpGhj/8i48D+WDh0WeoHpACkOMryfq k4c/w7/RC1DZMEX0Ukd/3Rw78utgP9MvGoIQEeK8wWN2Ghdalvj2hScIsttEK3YY QETuDEh6W8HqDFUTaQBaSCOLOu4dZRmh5KM6s3p4z2fQLUlT/TQF2hprdbY3VXhU xuFxUEuFDyENGMHZnrNIiNhXgj2sS+/mKsGtPCPiuiK+OHVPkq/2C6GkGlkqdFOI vgQBFgoAZgUCVSr1TV8UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45L1bAQBR2jg/KKQAkSLezX4hn4k8AG+N N5oT5cLSAoJZZ8/b8QEAQGnc1ZkVy7LyLUMdqmXou/SXk7o6uF+xciHXUxQYOAc= =yafw -----END PGP SIGNATURE----- From jasonzhang2002 at gmail.com Mon Apr 13 04:31:12 2015 From: jasonzhang2002 at gmail.com (jason zhang) Date: Sun, 12 Apr 2015 19:31:12 -0700 Subject: can not decrypt file suddenly Message-ID: I have a encrypted file in Fedora 15 system. I have decrypted the file repeatedly many times for two years. Today, I could not decrypt it suddenly. Here is what a decrypt session looks like ------------------------------------------ /usr/local/bin/gpg j.gpg gpg: CAST5 encrypted data gpg: encrypted with 1 passphrase gpg: decryption failed: bad key ------------------------------------------ I reboot my machine several times. I updated gpg from 1.4.12 to 1.4.19. But I still cann't decrypt my file. Help is really appreciated. This is an important file. That is why I encrypt it. Thanks -- -jiesheng -------------- next part -------------- An HTML attachment was scrubbed... URL: From patrick at enigmail.net Mon Apr 13 08:33:38 2015 From: patrick at enigmail.net (Patrick Brunschwig) Date: Mon, 13 Apr 2015 08:33:38 +0200 Subject: GnuPG 2.1.3 Fails to Compile OS X In-Reply-To: References: Message-ID: <552B6342.8040604@enigmail.net> It's a clang build error (clang-602.0.49). -Patrick On 13.04.15 00:00, Ethan Sherriff wrote: > Sorry didn't see what you said about the error occuring with GNU GCC, > what version are you using? On OS X Yosemite 10.10.3 (Latest Public Beta > 14D131, XCode 6.3 6D570), with GNU GCC 4.9.2 installed from source, > gnupg-2.1.3 builds fine. > ------------------------------------------------------------------------ > From: Dominyk Tiller > Sent: ?12/?04/?2015 21:01 > To: gnupg-users at gnupg.org > Subject: GnuPG 2.1.3 Fails to Compile OS X > > Hey Werner, > > Thanks for the new release! > > I'm having some issues making it compile on OS X, right across > 10.8-10.10.3. Tried both Apple's Clang and GNU's GCC so I'm presuming > the error isn't compiler-specific. > > It's throwing slightly different errors on OS X 10.8 than it is on 10.9 > and 10.10. The 10.8 error is: > > ========================================================= > t-stringhelp.c:488:3: error: function definition is not allowed here > { > ^ > t-stringhelp.c:536:4: error: expected ';' at end of declaration > } > ^ > ; > 2 errors generated. > make[3]: *** [t-stringhelp.o] Error 1 > ========================================================= > > > > And the 10.9 - 10.10.3 error is just: > > ========================================================= > t-stringhelp.c:488:3: error: function definition is not allowed here > { > ^ > 1 error generated. > make[3]: *** [t-stringhelp.o] Error 1 > ========================================================= > > Have attached various compile logs. > > Cheers, > > Dom > > -- > Sent from OS X. If you wish to communicate more securely my PGP Public > Key is 0x872524db9d74326c. > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > From wk at gnupg.org Mon Apr 13 09:59:48 2015 From: wk at gnupg.org (Werner Koch) Date: Mon, 13 Apr 2015 09:59:48 +0200 Subject: GnuPG 2.1.3 Fails to Compile OS X In-Reply-To: <5529A064.8050606@gmail.com> (Dominyk Tiller's message of "Sat, 11 Apr 2015 23:29:56 +0100") References: <5529A064.8050606@gmail.com> Message-ID: <87lhhwjw5n.fsf@vigenere.g10code.de> On Sun, 12 Apr 2015 00:29, dominyktiller at gmail.com said: > ========================================================= > t-stringhelp.c:488:3: error: function definition is not allowed here > { > ^ Oh sorry, I didn't spotted the use of a nested function here. Fix pushed and attsched. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: 0001-common-Do-without-nested-fucntions-to-support-non-gc.patch Type: text/x-diff Size: 3534 bytes Desc: not available URL: From dominyktiller at gmail.com Mon Apr 13 02:16:25 2015 From: dominyktiller at gmail.com (Dominyk Tiller) Date: Mon, 13 Apr 2015 01:16:25 +0100 Subject: GnuPG 2.1.3 Fails to Compile OS X In-Reply-To: References: Message-ID: <552B0AD9.3030000@gmail.com> Hi Ethan, Thanks for the quick replies today, appreciate those. You're correct on GNU's GCC, in that it compiles successfully. It looks like I labelled one of my Clang compiles "GCC_Comp1.txt" last night accidentally and looked for the error rather than double checking the compiler to make sure I'd actually labelled the output correctly. Lesson learned there. The Clang error on all three platforms examined, 10.8, 10.9 & 10.10 remains true. I double checked that just to make sure I wasn't being an idiot there as well. Thanks for the offer of the signed, pre-build tarball. That was kind of you. Sadly in this case it wouldn't have helped because I'm trying to update our Homebrew/Versions GnuPG21 package. I'm still using the 2.0.x branch personally, for now. Is the Clang error something GnuPG can fix in the coming versions or are we going to be waiting on Apple to fix the underlying LLVM issue? Apologies for my mess up on the GCC failure, and Thanks for the help. Appreciated! Dom Sent from OS X. If you wish to communicate more securely my PGP Public Key is 0x872524db9d74326c. On 12/04/2015 23:00, Ethan Sherriff wrote: > Sorry didn't see what you said about the error occuring with GNU GCC, > what version are you using? On OS X Yosemite 10.10.3 (Latest Public Beta > 14D131, XCode 6.3 6D570), with GNU GCC 4.9.2 installed from source, > gnupg-2.1.3 builds fine. > ------------------------------------------------------------------------ > From: Dominyk Tiller > Sent: ?12/?04/?2015 21:01 > To: gnupg-users at gnupg.org > Subject: GnuPG 2.1.3 Fails to Compile OS X > > Hey Werner, > > Thanks for the new release! > > I'm having some issues making it compile on OS X, right across > 10.8-10.10.3. Tried both Apple's Clang and GNU's GCC so I'm presuming > the error isn't compiler-specific. > > It's throwing slightly different errors on OS X 10.8 than it is on 10.9 > and 10.10. The 10.8 error is: > > ========================================================= > t-stringhelp.c:488:3: error: function definition is not allowed here > { > ^ > t-stringhelp.c:536:4: error: expected ';' at end of declaration > } > ^ > ; > 2 errors generated. > make[3]: *** [t-stringhelp.o] Error 1 > ========================================================= > > > > And the 10.9 - 10.10.3 error is just: > > ========================================================= > t-stringhelp.c:488:3: error: function definition is not allowed here > { > ^ > 1 error generated. > make[3]: *** [t-stringhelp.o] Error 1 > ========================================================= > > Have attached various compile logs. > > Cheers, > > Dom > > -- > Sent from OS X. If you wish to communicate more securely my PGP Public > Key is 0x872524db9d74326c. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 801 bytes Desc: OpenPGP digital signature URL: From peter at digitalbrains.com Mon Apr 13 16:20:47 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Mon, 13 Apr 2015 16:20:47 +0200 Subject: Blind signatures for simple election In-Reply-To: <20150408185755.22623E0251@smtp.hushmail.com> References: <20150407181514.336ABE0251@smtp.hushmail.com> <1988068134.20150408001014@my_localhost> <20150408164335.221C9E0549@smtp.hushmail.com> <55256DCD.9070300@digitalbrains.com> <20150408185755.22623E0251@smtp.hushmail.com> Message-ID: <552BD0BF.2000900@digitalbrains.com> On 08/04/15 20:57, Jan Svensson wrote: > What do you think about me trying to use Libgcrypt instead? Personally, if I was actually going to use the program, I wouldn't write it myself. I'd only write it myself if it was purely for the learning experience. I'd look for an existing project that makes me feel confident about it. I'd want the code to have been looked at by as many cryptographers as possible. But it depends on your threat model. It could be enough to merely obscure the data, not protect it against a determined attacker with knowledge of cracking crypto. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From wk at gnupg.org Mon Apr 13 18:37:06 2015 From: wk at gnupg.org (Werner Koch) Date: Mon, 13 Apr 2015 18:37:06 +0200 Subject: Unusable secret key (adduid) In-Reply-To: <55298BB7.5060605@gmail.com> (Ivan Markin's message of "Sun, 12 Apr 2015 00:01:43 +0300") References: <55298BB7.5060605@gmail.com> Message-ID: <87zj6chtn1.fsf@vigenere.g10code.de> On Sat, 11 Apr 2015 23:01, ivansunset at gmail.com said: > Hello! > > I'm using OpenPGP card to store my secret keys on it. Now I'm adding a > new UID to my key by running gpg2 --edit-key. What I've got is this You need to insert your card to create a new UID. > gpg: secret key parts are not available > gpg: signing failed: Unusable secret key > > How to solve this? Insert the card. Check out that the card works by running gpg --card-status Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Mon Apr 13 20:12:52 2015 From: wk at gnupg.org (Werner Koch) Date: Mon, 13 Apr 2015 20:12:52 +0200 Subject: Windows installer for 2.1.3 (was: GnuPG 2.1.3 released) In-Reply-To: <87mw2ems3g.fsf@vigenere.g10code.de> (Werner Koch's message of "Sat, 11 Apr 2015 20:34:43 +0200") References: <87mw2ems3g.fsf@vigenere.g10code.de> Message-ID: <877ftfj3rv.fsf@vigenere.g10code.de> Hi, I just uploaded an _experimental_ Windows installer with GnuPG 2.1.3: ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32-2.1.3_20150413.exe (2539k) ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32-2.1.3_20150413.exe.sig The exe has a SHA-1 checksum of d5630904b3d68eddc2730a00bfc67d52658cbe7e gnupg-w32-2.1.3_20150413.exe I did only some quick tests and some basic stuff worked for me. WARNING: This is a command line only version which does not even provide a Pinentry. Thus it is pretty useless unless you have installed your own Pinentry. A libgpgme is however included so that it can be used for development. A Pinentry is not provided so to avoid dependency problems with the Gtk+ or Qt+ libraries. It would have been possible to include a simple Windows pinentry and thus avoid dependencies on external libraries but the one we have is too horrible for actual use. A statically linked version of a Pinentry is also too large. Salam-Shalom, Werner p.s. The installer has been build using this complete source tarball: ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32-2.1.3_20150413.tar.xz (9013k) ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32-2.1.3_20150413.tar.xz.sig and the command make -f ./build-aux/speedo.mk this-w32-installer You need a complete and working mingw tool chain to do this. You may also prefer not to use the above source tarball but build it directly in the same way I generated the source tarball, namely using make -f ./build-aux/speedo.mk w32-installer make -f ./build-aux/speedo.mk w32-source which downloads all required packages, verifies their checksums, builds the installer, and finally a complete source tarball. -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 180 bytes Desc: not available URL: From ivansunset at gmail.com Mon Apr 13 21:23:13 2015 From: ivansunset at gmail.com (Ivan Markin) Date: Mon, 13 Apr 2015 22:23:13 +0300 Subject: Unusable secret key (adduid) In-Reply-To: <87zj6chtn1.fsf@vigenere.g10code.de> References: <55298BB7.5060605@gmail.com> <87zj6chtn1.fsf@vigenere.g10code.de> Message-ID: <552C17A1.2090006@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 04/13/2015 07:37 PM, Werner Koch wrote:> On Sat, 11 Apr 2015 23:01, ivansunset at gmail.com said: >> Hello! >> >> I'm using OpenPGP card to store my secret keys on it. Now I'm >> adding a new UID to my key by running gpg2 --edit-key. What I've >> got is this > > You need to insert your card to create a new UID. > >> gpg: secret key parts are not available gpg: signing failed: >> Unusable secret key >> >> How to solve this? > > Insert the card. Check out that the card works by running > > gpg --card-status > Thank you for the reply, Werner. Yes, card works perfectly. I've tried gpg2 --card-status. Nothing. It forced me to find my backup key and add a UID with it (works as it should). As you may notice, GPG tells that "Secret key is available." because my card is present. Thanks, Ivan > > > Shalom-Salam, > > Werner > -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJVLBebAAoJEAkv0TW1VhaDmu4IAIPxbvyL/q1HSEnp3YgF4xEk aAqeC5/wQO+pS51vNSJiXHWD+Cu4B5SA8g4MmGvs9uIRPdPAGG5xpSEpcJF82qmg mKYM5EFGZGWX/UUaGSOYt+WA/ghYw0LSSUO+gjPLJLXSkZmH1m7bBjjIyfE19TiC 4bK0Dg6VoGov2RiYoFdV3jjbKXn/osLmYZV4hZP40p+LT1EDhnXHETzMWVAKGIYY KX1dpfrR26TAxAaMHvtJohn3BC1sUNtm/p2DqFeWOEaagltxAhbibS8WEfFHvwI4 PfgLPW76QZ/v36TeclhDyYvfCAhqkvAPpmTj7or4lpM9DCwg4vS2olA8L/s9kCM= =lhgm -----END PGP SIGNATURE----- From jasonzhang2002 at gmail.com Tue Apr 14 00:27:19 2015 From: jasonzhang2002 at gmail.com (jason zhang) Date: Mon, 13 Apr 2015 15:27:19 -0700 Subject: can not decrypt file suddenly Message-ID: Any clue? Where should I start to investigate? I checked another encrypted file. I cloud not decrypt it, either. But I can encrypt /decrypt new file successfully. I remembered my laptop was shut down abruptly due to out of power while I edit the file in email. Could this cause the problem? Thanks On Sun, Apr 12, 2015 at 7:31 PM, jason zhang wrote: > I have a encrypted file in Fedora 15 system. > I have decrypted the file repeatedly many times for two years. > > Today, I could not decrypt it suddenly. > Here is what a decrypt session looks like > ------------------------------------------ > /usr/local/bin/gpg j.gpg > gpg: CAST5 encrypted data > gpg: encrypted with 1 passphrase > gpg: decryption failed: bad key > ------------------------------------------ > > I reboot my machine several times. I updated gpg from 1.4.12 to 1.4.19. > But I still cann't decrypt my file. > > Help is really appreciated. > This is an important file. That is why I encrypt it. > > > Thanks > > -- > -jiesheng > > -- -jiesheng -------------- next part -------------- An HTML attachment was scrubbed... URL: From 2014-667rhzu3dc-lists-groups at riseup.net Tue Apr 14 00:33:40 2015 From: 2014-667rhzu3dc-lists-groups at riseup.net (MFPA) Date: Mon, 13 Apr 2015 23:33:40 +0100 Subject: Windows installer for 2.1.3 (was: GnuPG 2.1.3 released) In-Reply-To: <877ftfj3rv.fsf@vigenere.g10code.de> References: <87mw2ems3g.fsf@vigenere.g10code.de> <877ftfj3rv.fsf@vigenere.g10code.de> Message-ID: <1805411413.20150413233340@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On Monday 13 April 2015 at 7:12:52 PM, in , Werner Koch wrote: > A Pinentry is not provided so to avoid dependency > problems with the Gtk+ or Qt+ libraries. It would have > been possible to include a simple Windows pinentry and > thus avoid dependencies on external libraries but the > one we have is too horrible for actual use. A > statically linked version of a Pinentry is also too > large. I copied pinentry.exe from my existing GnuPG 2.1 install and it works, at least to sign/encrypt/decrypt/verify a file and an email. - -- Best regards MFPA Editing is a rewording activity -----BEGIN PGP SIGNATURE----- iQF8BAEBCgBmBQJVLERPXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2 QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwxWkH/1ouNy6GADAGWmVjLUY4lobP umK1R4cn0YWjEl876jnTTLLl/sbIA2Fqe9Yrhrq56+8nUqSIcvqCfkSoe5PfAVkz k1DCadRBJOPsP/zLnWdtk6h//Zp+4GwjQ7KR7jNvvd3PNKFlqABRhv6IvLx73c/j s1+9773Xf4b1/Uy0B/bR44UFxklr0k+O09tzt7D7DxSv+bSlTkaK38VPdqnFsHud Xo2sbD570KCvveHzgN+xFNAtUMX+/ZpRoqeXzMNMBKIGgEMevH5RIZ+ceUSl6ID2 CFQtjPl4woE8tEo7IAzjgeqvS1XitnVjO3zYUWM/AgjIk+xX8Nng0qTLOCP4qnKI vgQBFgoAZgUCVSxEXV8UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45PmZAQCBt0hySZGBpZDZh8nzmhiLVG8e bI9uRv+mJJpVkg+0CgEAmaTOcjMFzK6jMRYLovMuf+c2MJB10/wm6O6/N9vvZwY= =I0JY -----END PGP SIGNATURE----- From gniibe at fsij.org Tue Apr 14 02:23:12 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Tue, 14 Apr 2015 09:23:12 +0900 Subject: Unusable secret key (adduid) In-Reply-To: <552C17A1.2090006@gmail.com> References: <55298BB7.5060605@gmail.com> <87zj6chtn1.fsf@vigenere.g10code.de> <552C17A1.2090006@gmail.com> Message-ID: <552C5DF0.9080005@fsij.org> On 04/14/2015 04:23 AM, Ivan Markin wrote: > On 04/13/2015 07:37 PM, Werner Koch wrote:> On Sat, 11 Apr 2015 23:01, > ivansunset at gmail.com said: >>> Hello! >>> >>> I'm using OpenPGP card to store my secret keys on it. Now I'm >>> adding a new UID to my key by running gpg2 --edit-key. What I've >>> got is this > >> You need to insert your card to create a new UID. > >>> gpg: secret key parts are not available gpg: signing failed: >>> Unusable secret key >>> >>> How to solve this? > >> Insert the card. Check out that the card works by running > >> gpg --card-status > > > Thank you for the reply, Werner. > Yes, card works perfectly. I've tried gpg2 --card-status. Nothing. I don't understand the reason why you could say "card works perfectly" here. Please give us the output of 'gpg2 --card-status'. If it is nothing, it means that your card **doesn't** work well for GnuPG. Please check your gpg-agent works well not interfered by gnome-keyring. If it's real gpg-agent, you can get the output like: $ gpg-connect-agent "help SCD" /bye # SCD # # This is a general quote command to redirect everything to the # SCdaemon. OK > It forced me to find my backup key and add a UID with it (works as it > should). Sorry, I don't understand this sentence. What's "it"? Could you please elaborate if this matters for your bug report? I think that it would be better to show us bigger picture to share your situation. > As you may notice, GPG tells that "Secret key is available." because > my card is present. Sorry, no, it means that OpenPGP secret block of your private key is available on your host PC. It doesn't mean card is present or secret key is on your smartcard. If possible, please give us complete session log of yours, not removing information by your interpretations (or hope). -- From gniibe at fsij.org Tue Apr 14 03:06:33 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Tue, 14 Apr 2015 10:06:33 +0900 Subject: can not decrypt file suddenly In-Reply-To: References: Message-ID: <552C6819.4040207@fsij.org> On 04/14/2015 07:27 AM, jason zhang wrote: > Any clue? Where should I start to investigate? > > I checked another encrypted file. I cloud not decrypt it, either. > But I can encrypt /decrypt new file successfully. Please let us know your configuration. I think that it's ~/.gnupg/gpg.conf on Fedora. > Today, I could not decrypt it suddenly. > Here is what a decrypt session looks like > ------------------------------------------ > /usr/local/bin/gpg j.gpg > gpg: CAST5 encrypted data > gpg: encrypted with 1 passphrase > gpg: decryption failed: bad key > ------------------------------------------ Please include the version output of gpg --version in your report. Is it complete session log of yours? I mean, GnuPG should ask you passphrase here. Possible case: If you enable gpg-agent by the configuration of use-agent, passphrase handling (and others) is done by gpg-agent. And when your gpg-agent doesn't work and returns "", and it is failed and caused "bad key" error. If so, please try with --no-use-agent. To investigate what's going on with gpg-agent, please also let us know the output of: $ echo $GPG_AGENT_INFO Thanks, -- From jasonzhang2002 at gmail.com Tue Apr 14 05:07:09 2015 From: jasonzhang2002 at gmail.com (jason zhang) Date: Mon, 13 Apr 2015 20:07:09 -0700 Subject: can not decrypt file suddenly In-Reply-To: <552C6819.4040207@fsij.org> References: <552C6819.4040207@fsij.org> Message-ID: Hi NIIBE Thank you very much for the help. Yes, it asked me the passphrase just after "gpg: CAST5 encrypted data" line, and I gave the passphrase. The passphrase is definitely right since I used it very 2 or 3 days. Here is a whole debug session: ---------------------------------------------------- gpg -v --debug-all --no-use-agent j.gpg gpg: NOTE: no default option file `/home/jason/.gnupg/gpg.conf' gpg: DBG: fd_cache_open (j.gpg) not cached gpg: DBG: iobuf-1.0: open `j.gpg' fd=3 gpg: DBG: iobuf-1.0: underflow: req=8192 gpg: DBG: iobuf-1.0: underflow: got=6705 rc=0 gpg: DBG: parse_packet(iob=1): type=3 length=13 (parse.mainproc.c.1261) gpg: CAST5 encrypted data :======================ASK passphrase here gpg: DBG: free_packet() type=3 gpg: DBG: iobuf-1.1: push `block_filter' gpg: DBG: iobuf chain: 1.1 `block_filter' filter_eof=0 start=0 len=0 gpg: DBG: iobuf chain: 1.0 `file_filter(fd)' filter_eof=0 start=17 len=6705 gpg: DBG: init block_filter 0x8a398d0 gpg: DBG: parse_packet(iob=1): type=9 length=0 (new_ctb) (parse.mainproc.c.1261) gpg: encrypted with 1 passphrase gpg: DBG: iobuf-1.1: underflow: req=8192 gpg: DBG: iobuf-1.1: underflow: got=6685 rc=0 gpg: decryption failed: bad key gpg: DBG: free_packet() type=9 gpg: DBG: iobuf-1.1: underflow: req=8192 gpg: DBG: iobuf-1.1: underflow: got=0 rc=-1 gpg: DBG: free block_filter 0x8a398d0 gpg: DBG: iobuf-1.1: pop in underflow (!len) gpg: DBG: iobuf chain: 1.0 `file_filter(fd)' filter_eof=0 start=6705 len=6705 gpg: DBG: iobuf-1.0: underflow: eof gpg: DBG: iobuf-1.0: underflow: req=8192 gpg: DBG: iobuf-1.0: underflow: got=0 rc=-1 gpg: DBG: j.gpg: close fd 3 gpg: DBG: fd_cache_close (j.gpg) new slot created gpg: DBG: iobuf-1.0: underflow: eof gpg: DBG: iobuf-1.0: underflow: eof (due to filter eof) gpg: DBG: iobuf-1.0: close `?' random usage: poolsize=600 mixed=0 polls=0/2 added=10/176 outmix=0 getlvl1=0/0 getlvl2=0/0 secmem usage: 1472/2240 bytes in 3/6 blocks of pool 2240/32768 [jason at f15 ~]$ echo $GPG_AGENT_INFO ================EMPTY GPG_AGENT_INFO. To avoid possible issue from genome, I login in as ssh. my gpg version is 1.4.19 Can I move the encrypted file to another machine? Since I use symmetric encryption, it should not depend on the machine it is on. Right? thanks On Mon, Apr 13, 2015 at 6:06 PM, NIIBE Yutaka wrote: > On 04/14/2015 07:27 AM, jason zhang wrote: > > Any clue? Where should I start to investigate? > > > > I checked another encrypted file. I cloud not decrypt it, either. > > But I can encrypt /decrypt new file successfully. > > Please let us know your configuration. I think that it's > ~/.gnupg/gpg.conf on Fedora. > > > Today, I could not decrypt it suddenly. > > Here is what a decrypt session looks like > > ------------------------------------------ > > /usr/local/bin/gpg j.gpg > > gpg: CAST5 encrypted data > > gpg: encrypted with 1 passphrase > > gpg: decryption failed: bad key > > ------------------------------------------ > > Please include the version output of gpg --version in your report. > > Is it complete session log of yours? I mean, GnuPG should ask you > passphrase here. > > Possible case: If you enable gpg-agent by the configuration of > use-agent, passphrase handling (and others) is done by gpg-agent. And > when your gpg-agent doesn't work and returns "", and it is failed and > caused "bad key" error. If so, please try with --no-use-agent. To > investigate what's going on with gpg-agent, please also let us know > the output of: > > $ echo $GPG_AGENT_INFO > > Thanks, > -- > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > -- -jiesheng -------------- next part -------------- An HTML attachment was scrubbed... URL: From dougb at dougbarton.email Tue Apr 14 05:46:46 2015 From: dougb at dougbarton.email (Doug Barton) Date: Mon, 13 Apr 2015 20:46:46 -0700 Subject: can not decrypt file suddenly In-Reply-To: References: <552C6819.4040207@fsij.org> Message-ID: <552C8DA6.4080102@dougbarton.email> On 4/13/15 8:07 PM, jason zhang wrote: > Hi NIIBE > > Thank you very much for the help. > > Yes, it asked me the passphrase just after "gpg: CAST5 encrypted data" > line, and I gave the passphrase. The passphrase is definitely right > since I used it very 2 or 3 days. You mentioned that you had an unscheduled shutdown recently. Did the problem start shortly thereafter? Do you have an archived version of the file that you can compare this one too? It's not impossible that the encrypted file was corrupted. Doug -- I am conducting an experiment in the efficacy of PGP/MIME signatures. This message should be signed. If it is not, or the signature does not validate, please let me know how you received this message (direct, or to a list) and the mail software you use. Thanks! -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: OpenPGP digital signature URL: From jasonzhang2002 at gmail.com Tue Apr 14 05:56:25 2015 From: jasonzhang2002 at gmail.com (jason zhang) Date: Mon, 13 Apr 2015 20:56:25 -0700 Subject: can not decrypt file suddenly In-Reply-To: <552C8DA6.4080102@dougbarton.email> References: <552C6819.4040207@fsij.org> <552C8DA6.4080102@dougbarton.email> Message-ID: Hi Doug Yes, the problem started after the unscheduled shutdown. Unfortunately, I don't have an archived version. The problem is that another encrypted, which I have not touched for sometime, cann't be opened either. On Mon, Apr 13, 2015 at 8:46 PM, Doug Barton wrote: > On 4/13/15 8:07 PM, jason zhang wrote: > >> Hi NIIBE >> >> Thank you very much for the help. >> >> Yes, it asked me the passphrase just after "gpg: CAST5 encrypted data" >> line, and I gave the passphrase. The passphrase is definitely right >> since I used it very 2 or 3 days. >> > > You mentioned that you had an unscheduled shutdown recently. Did the > problem start shortly thereafter? Do you have an archived version of the > file that you can compare this one too? It's not impossible that the > encrypted file was corrupted. > > Doug > > -- > I am conducting an experiment in the efficacy of PGP/MIME signatures. This > message should be signed. If it is not, or the signature does not validate, > please let me know how you received this message (direct, or to a list) and > the mail software you use. Thanks! > > -- -jiesheng -------------- next part -------------- An HTML attachment was scrubbed... URL: From dougb at dougbarton.email Tue Apr 14 06:02:49 2015 From: dougb at dougbarton.email (Doug Barton) Date: Mon, 13 Apr 2015 21:02:49 -0700 Subject: can not decrypt file suddenly In-Reply-To: References: <552C6819.4040207@fsij.org> <552C8DA6.4080102@dougbarton.email> Message-ID: <552C9169.8000804@dougbarton.email> On 4/13/15 8:56 PM, jason zhang wrote: > Hi Doug > Yes, the problem started after the unscheduled shutdown. Unfortunately, > I don't have an archived version. The problem is that another > encrypted, which I have not touched for sometime, cann't be opened either. Well I'm sorry to say, that sounds like the files are corrupted. Run the following commands on both files (substitute for the actual file names), and report the results: file gpg --list-packets (Yes, the first command above is literally the word "file") Doug -- I am conducting an experiment in the efficacy of PGP/MIME signatures. This message should be signed. If it is not, or the signature does not validate, please let me know how you received this message (direct, or to a list) and the mail software you use. Thanks! -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: OpenPGP digital signature URL: From jasonzhang2002 at gmail.com Tue Apr 14 06:12:18 2015 From: jasonzhang2002 at gmail.com (jason zhang) Date: Mon, 13 Apr 2015 21:12:18 -0700 Subject: can not decrypt file suddenly In-Reply-To: <552C9169.8000804@dougbarton.email> References: <552C6819.4040207@fsij.org> <552C8DA6.4080102@dougbarton.email> <552C9169.8000804@dougbarton.email> Message-ID: Here are the output from "file" and "gpg --list-packets" [jason at f15 ~]$ file .jsbk.gpg .jsbk.gpg: DOS executable (COM) [jason at f15 ~]$ gpg --list-packets .jsbk.gpg :symkey enc packet: version 4, cipher 3, s2k 3, hash 2 salt 51c310499a629643, count 65536 (96) gpg: CAST5 encrypted data :encrypted data packet: length: unknown gpg: encrypted with 1 passphrase gpg: decryption failed: bad key [jason at f15 ~]$ file .pingpin.gpg .pingpin.gpg: DOS executable (COM) [jason at f15 ~]$ gpg --list-packets .pingpin.gpg :symkey enc packet: version 4, cipher 3, s2k 3, hash 2 salt a31c35cff9314421, count 65536 (96) gpg: CAST5 encrypted data :encrypted data packet: length: unknown gpg: encrypted with 1 passphrase gpg: decryption failed: bad key Thanks On Mon, Apr 13, 2015 at 9:02 PM, Doug Barton wrote: > On 4/13/15 8:56 PM, jason zhang wrote: > >> Hi Doug >> Yes, the problem started after the unscheduled shutdown. Unfortunately, >> I don't have an archived version. The problem is that another >> encrypted, which I have not touched for sometime, cann't be opened >> either. >> > > Well I'm sorry to say, that sounds like the files are corrupted. Run the > following commands on both files (substitute for the actual file > names), and report the results: > > file > gpg --list-packets > > (Yes, the first command above is literally the word "file") > > > Doug > > -- > I am conducting an experiment in the efficacy of PGP/MIME signatures. This > message should be signed. If it is not, or the signature does not validate, > please let me know how you received this message (direct, or to a list) and > the mail software you use. Thanks! > > -- -jiesheng -------------- next part -------------- An HTML attachment was scrubbed... URL: From gniibe at fsij.org Tue Apr 14 06:41:23 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Tue, 14 Apr 2015 13:41:23 +0900 Subject: can not decrypt file suddenly In-Reply-To: References: <552C6819.4040207@fsij.org> Message-ID: <552C9A73.7060202@fsij.org> On 04/14/2015 12:07 PM, jason zhang wrote: > Yes, it asked me the passphrase just after "gpg: CAST5 encrypted data" > line, and I gave the passphrase. The passphrase is definitely right since I > used it very 2 or 3 days. I see. > Here is a whole debug session: Thank you for the log. > gpg: DBG: parse_packet(iob=1): type=9 length=0 (new_ctb) Here, it seems for me that your file (j.pgp) is malformed. Type=9 is the encrypted data packet, but its length is 0. Since OpenPGP format for the encrypted data packet begins with a block-size of random bytes. So, length 0 should not be happened. I think that this is the cause of your trouble. Note that the length of the encrypted data packet is data before decryption, passphrase doesn't matter here. > Can I move the encrypted file to another machine? Since I use symmetric > encryption, it should not depend on the machine it is on. Right? Yes. -- From jasonzhang2002 at gmail.com Tue Apr 14 16:53:37 2015 From: jasonzhang2002 at gmail.com (jason zhang) Date: Tue, 14 Apr 2015 07:53:37 -0700 Subject: can not decrypt file suddenly In-Reply-To: <552C9A73.7060202@fsij.org> References: <552C6819.4040207@fsij.org> <552C9A73.7060202@fsij.org> Message-ID: Hi NIIBE what else I can try? Can I feed a guessed length for Type=9 repeatedly from command line? On Mon, Apr 13, 2015 at 9:41 PM, NIIBE Yutaka wrote: > On 04/14/2015 12:07 PM, jason zhang wrote: > > Yes, it asked me the passphrase just after "gpg: CAST5 encrypted data" > > line, and I gave the passphrase. The passphrase is definitely right > since I > > used it very 2 or 3 days. > > I see. > > > Here is a whole debug session: > > Thank you for the log. > > > gpg: DBG: parse_packet(iob=1): type=9 length=0 (new_ctb) > > Here, it seems for me that your file (j.pgp) is malformed. > Type=9 is the encrypted data packet, but its length is 0. > > Since OpenPGP format for the encrypted data packet begins with a > block-size of random bytes. So, length 0 should not be happened. > > I think that this is the cause of your trouble. > > Note that the length of the encrypted data packet is data before > decryption, passphrase doesn't matter here. > > > Can I move the encrypted file to another machine? Since I use symmetric > > encryption, it should not depend on the machine it is on. Right? > > Yes. > -- > -- -jiesheng -------------- next part -------------- An HTML attachment was scrubbed... URL: From gniibe at fsij.org Wed Apr 15 03:58:55 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Wed, 15 Apr 2015 10:58:55 +0900 Subject: can not decrypt file suddenly In-Reply-To: References: <552C6819.4040207@fsij.org> <552C9A73.7060202@fsij.org> Message-ID: <552DC5DF.7090303@fsij.org> On 04/14/2015 11:53 PM, jason zhang wrote: > what else I can try? > Can I feed a guessed length for Type=9 repeatedly from command line? I don't think it's helpful and there's no such command line interface. When a file were corrupted in such a way, blocks (of encrypted content) were gone somewhere in the filesystem (not within a file). You can examine the content of file by gpg --list-packets, or you can see it by the command hd (or od), but I think that all you will get is the wrong information when it's corrupted. For applications (like gnupg), there is no way to recover such a corrupted files. Please fix your file system, by a tool like fsck, or debugfs. -- From actsramana at gmail.com Fri Apr 17 11:14:20 2015 From: actsramana at gmail.com (Venkatramana Parapatla) Date: Fri, 17 Apr 2015 14:44:20 +0530 Subject: How to Know keys expiration date for Already created keys using gpg in command prompt Message-ID: Hi, Could you please help me on below How to Know keys expiration date for Already created keys using gpg in command prompt? How to renwal existing keys? -- *Thanks&Regards* * RAMANA* -------------- next part -------------- An HTML attachment was scrubbed... URL: From htd+ml at fritha.org Fri Apr 17 14:01:40 2015 From: htd+ml at fritha.org (Heinz Diehl) Date: Fri, 17 Apr 2015 14:01:40 +0200 Subject: How to Know keys expiration date for Already created keys using gpg in command prompt In-Reply-To: References: Message-ID: <20150417120140.GA17861@fritha.org> On 17.04.2015, Venkatramana Parapatla wrote: > How to Know keys expiration date for Already created keys using gpg in > command prompt? "gpg --list-keys" will give you an oversight over all keys in your public key ring including their expiry date. > How to renwal existing keys? You can (of course) only change the expiry dato of your own key. "gpg --edit-key " and the "expire" command will let you perform the desired changes. From ben at adversary.org Sat Apr 18 21:35:03 2015 From: ben at adversary.org (Ben McGinnes) Date: Sun, 19 Apr 2015 05:35:03 +1000 Subject: GnuPG 2.1.3 Fails to Compile OS X In-Reply-To: <87lhhwjw5n.fsf@vigenere.g10code.de> References: <5529A064.8050606@gmail.com> <87lhhwjw5n.fsf@vigenere.g10code.de> Message-ID: <5532B1E7.30901@adversary.org> On 13/04/2015 5:59 pm, Werner Koch wrote: > On Sun, 12 Apr 2015 00:29, dominyktiller at gmail.com said: > >> ========================================================= >> t-stringhelp.c:488:3: error: function definition is not allowed here >> { >> ^ > > Oh sorry, I didn't spotted the use of a nested function here. > Fix pushed and attsched. I tested this in anticipation of an update to the MacPorts package so it uses the same configure options as the working port of 2.1.2 and all the same dependencies with the current repo code (commit 2180845959839705200e3172dbafc94b70b9007f). The configuration parameters are: configure --prefix=/opt/local --without-adns --with-pinentry-pgm=/Applications/MacPorts/pinentry-mac.app/Contents/MacOS/pinentry-mac It does seem to mostly compile ... it just hates all the translations: gcc -DHAVE_CONFIG_H -I. -I.. -I../common -DLOCALEDIR=\"/opt/local/share/locale\" -DGNUPG_BINDIR="\"/opt/local/bin\"" -DGNUPG_LIBEXECDIR="\"/opt/local/libexec\"" -DGNUPG_LIBDIR="\"/opt/local/lib/gnupg\"" -DGNUPG_DATADIR="\"/opt/local/share/gnupg\"" -DGNUPG_SYSCONFDIR="\"/opt/local/etc/gnupg\"" -DGNUPG_LOCALSTATEDIR="\"/opt/local/var\"" -DGNUPG_DEFAULT_PINENTRY="\"/Applications/MacPorts/pinentry-mac.app/Contents/MacOS/pinentry-mac\"" -I/opt/local/include -I/usr/local/include -I/opt/local/include -I/opt/local/include -I/usr/local/include -I/opt/local/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -MT gpgsplit.o -MD -MP -MF .deps/gpgsplit.Tpo -c -o gpgsplit.o gpgsplit.c mv -f .deps/gpgsplit.Tpo .deps/gpgsplit.Po gcc -I/usr/local/include -I/opt/local/include -I/opt/local/include -I/usr/local/include -I/opt/local/include -g -O2 -Wall -Wno-pointer-sign -Wpointer-arith -o gpgsplit gpgsplit.o ../common/libcommon.a -L/usr/local/lib -lgcrypt -L/opt/local/lib -lgpg-error -L/opt/local/lib -lgpg-error -lz -lbz2 -L/opt/local/lib -lintl -Wl,-framework -Wl,CoreFoundation -L/opt/local/lib -liconv Making all in po test ! -f ./gnupg2.pot || \ test -z "en at quot.gmo en at boldquot.gmo ca.gmo cs.gmo da.gmo de.gmo eo.gmo el.gmo es.gmo et.gmo fi.gmo fr.gmo gl.gmo hu.gmo id.gmo it.gmo ja.gmo nb.gmo pl.gmo pt.gmo ro.gmo ru.gmo sk.gmo sv.gmo tr.gmo uk.gmo zh_TW.gmo zh_CN.gmo" || /Applications/Xcode.app/Contents/Developer/usr/bin/make en at quot.gmo en at boldquot.gmo ca.gmo cs.gmo da.gmo de.gmo eo.gmo el.gmo es.gmo et.gmo fi.gmo fr.gmo gl.gmo hu.gmo id.gmo it.gmo ja.gmo nb.gmo pl.gmo pt.gmo ro.gmo ru.gmo sk.gmo sv.gmo tr.gmo uk.gmo zh_TW.gmo zh_CN.gmo rm -f en at quot.gmo && /opt/local/bin/msgfmt -c --statistics -o en at quot.gmo en at quot.po en at quot.po:54: 'msgid' and 'msgstr' entries do not both end with '\n' en at quot.po:58: 'msgid' and 'msgstr' entries do not both end with '\n' ... [SNIP] ... en at quot.po:336: 'msgid' and 'msgstr[0]' entries do not both end with '\n' en at quot.po:344: 'msgid' and 'msgstr[0]' entries do not both end with '\n' ... [SNIP] ... en at quot.po:9796: 'msgid' and 'msgstr' entries do not both end with '\n' en at quot.po:9800: 'msgid' and 'msgstr' entries do not both end with '\n' /opt/local/bin/msgfmt: found 792 fatal errors 2062 translated messages. make[3]: *** [en at quot.gmo] Error 1 make[2]: *** [stamp-po] Error 2 make[1]: *** [all-recursive] Error 1 make: *** [all] Error 2 Running make check appears to mostly behave up until that same point. In spite of the number of errors (it's all 2,065 of the msgid lines, but no need to paste them all in); obviously the cause is somewhere in those sed or make rules. I'm just not certain of the right place to insert the fix (or whether the correct course is to append the \n to msgid or remove one from msgstr). Regards, Ben -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 630 bytes Desc: OpenPGP digital signature URL: From awg1 at gmx.com Sun Apr 19 07:42:09 2015 From: awg1 at gmx.com (Adam Gold) Date: Sun, 19 Apr 2015 06:42:09 +0100 Subject: failed decryption Message-ID: <55334031.3090409@gmx.com> I'm attempting to decrypt a symmetrically encrypted tarball appx 25GB in size. It goes as follows: gpg [file].tar.bz2.gpg gpg: AES256 encrypted data gpg: encrypted with 1 passphrase gpg: packet(7) with unknown version 41 gpg: WARNING: encrypted message has been manipulated! gpg: packet(5) with unknown version 241 To my totally untrained eye this seems pretty bad. I also tried the same decryption using the commercial PGP suite and had a similar (although not identical error). Is there anything I can do, further debugging? From mick.crane at gmail.com Sun Apr 19 11:21:35 2015 From: mick.crane at gmail.com (Mick Crane) Date: Sun, 19 Apr 2015 10:21:35 +0100 Subject: failed decryption In-Reply-To: <55334031.3090409@gmx.com> References: <55334031.3090409@gmx.com> Message-ID: <7B8B5401-D236-4753-ADF5-9C0121364798@gmail.com> > On 19 Apr 2015, at 06:42, Adam Gold wrote: > > I'm attempting to decrypt a symmetrically encrypted tarball appx 25GB in > size. It goes as follows: > > gpg [file].tar.bz2.gpg > gpg: AES256 encrypted data > gpg: encrypted with 1 passphrase > gpg: packet(7) with unknown version 41 > gpg: WARNING: encrypted message has been manipulated! > gpg: packet(5) with unknown version 241 > > The problem with encrypting files for storage seems to be that if there is any corruption there is no way to get any of it back. From pete at heypete.com Sun Apr 19 12:08:43 2015 From: pete at heypete.com (Pete Stephenson) Date: Sun, 19 Apr 2015 12:08:43 +0200 Subject: failed decryption In-Reply-To: <7B8B5401-D236-4753-ADF5-9C0121364798@gmail.com> References: <55334031.3090409@gmx.com> <7B8B5401-D236-4753-ADF5-9C0121364798@gmail.com> Message-ID: On Sun, Apr 19, 2015 at 11:21 AM, Mick Crane wrote: > > >> On 19 Apr 2015, at 06:42, Adam Gold wrote: >> >> I'm attempting to decrypt a symmetrically encrypted tarball appx 25GB in >> size. It goes as follows: >> >> gpg [file].tar.bz2.gpg >> gpg: AES256 encrypted data >> gpg: encrypted with 1 passphrase >> gpg: packet(7) with unknown version 41 >> gpg: WARNING: encrypted message has been manipulated! >> gpg: packet(5) with unknown version 241 >> >> > The problem with encrypting files for storage seems to be that if there is any corruption there is no way to get any of it back. In such cases it might be worthwhile to use some sort of error-detection/correction system. Detecting errors is relatively straightforward (you can sign a message and if the signature fails, it's been modified) but correction is slightly more complex. I generate PAR2 error-correction files[1] for important files or archives. It allows one to detect errors and repair/recover any damaged or lost sections up to a user-defined threshold. It uses more disk space, but it can be a life-saver when dealing with critical files on unreliable storage (and all storage is unreliable). Alas, it's not retroactive and can't repair already-damaged data: you need to generate the PAR2 files when the original file is still undamaged and can then use it to recover damaged data later. In the case of sensitive data, one should encrypt the data first and then generate the PAR2 files -- that way no information about the encrypted content can leak. Cheers! -Pete [1] https://en.wikipedia.org/wiki/Parchive -- Pete Stephenson From awg1 at gmx.com Sun Apr 19 15:26:08 2015 From: awg1 at gmx.com (Adam Gold) Date: Sun, 19 Apr 2015 14:26:08 +0100 Subject: failed decryption In-Reply-To: References: <55334031.3090409@gmx.com> <7B8B5401-D236-4753-ADF5-9C0121364798@gmail.com> Message-ID: <5533ACF0.1030408@gmx.com> On 4/19/2015 11:08, Pete Stephenson wrote: > On Sun, Apr 19, 2015 at 11:21 AM, Mick Crane wrote: >> The problem with encrypting files for storage seems to be that if there is any corruption there is no way to get any of it back. > > In such cases it might be worthwhile to use some sort of > error-detection/correction system. Detecting errors is relatively > straightforward (you can sign a message and if the signature fails, > it's been modified) but correction is slightly more complex. > > I generate PAR2 error-correction files[1] for important files or > archives. It allows one to detect errors and repair/recover any > damaged or lost sections up to a user-defined threshold. It uses more > disk space, but it can be a life-saver when dealing with critical > files on unreliable storage (and all storage is unreliable). > > Alas, it's not retroactive and can't repair already-damaged data: you > need to generate the PAR2 files when the original file is still > undamaged and can then use it to recover damaged data later. In the > case of sensitive data, one should encrypt the data first and then > generate the PAR2 files -- that way no information about the encrypted > content can leak. > > Cheers! > -Pete > > [1] https://en.wikipedia.org/wiki/Parchive > Thank you both for the feedback. I guess I will have to put this down as a rather painful learning exercise! I will most certainly look into PAR2 files for the future. From aslam at mythicflow.com Tue Apr 21 02:12:28 2015 From: aslam at mythicflow.com (aslam karachiwala) Date: Mon, 20 Apr 2015 20:12:28 -0400 Subject: Passphrases for SSH connections not accepted via pinentry Message-ID: <553595EC.5030809@mythicflow.com> gpg 2.0.22 pinentry 0.9.0 When attempting to establish an SSH connection, either from the command line or a graphical app like a file manager or an IDE, the pinentry dialog appears. This dialog... 1. does not allow the passphrase to be pasted, and 2. does not accept the correct passphrase that is typed into the field. If done from the command line, the following error is reported: "Agent admitted failure to sign using the key." The gpg-agent log reports: 2015-04-03 22:33:16 gpg-agent[3928] failed to unprotect the secret key: Operation cancelled 2015-04-03 22:33:16 gpg-agent[3928] failed to read the secret key I know the passphrase I enter is correct because it works when entered into the the graphical app's (e.g., Dolphin, Eclipse IDE) prompt which appears after pinentry fails three times. This happens with both pinentry-qt4 and pinentry-gtk-2. I was able to also reproduce it with gpg 2.0.27 & pinentry-0.9.1, which I built from source. This behavior started in early 2015. Before that, pinentry would give a command-line prompt (via pinentry-curses?) if an ssh connection was initiated from the command line. [gpg-agent.conf] ###+++--- GPGConf ---+++### Sun 20 Jul 2014 06:18:30 PM EDT # GPGConf edited this configuration file. # It will disable options before this marked block, but it will # never change anything below these lines. enable-ssh-support use-standard-socket ##### pinentry program to manage gpg keys. ### for KDE: pinentry-program /usr/bin/pinentry-qt4 ### for Cinnamon/GNOME: #pinentry-program /usr/bin/pinentry-gtk-2 keep-tty keep-display verbose min-passphrase-len 16 debug-level advanced log-file /home/aslam/.gnupg/log/gpg-agent.log default-cache-ttl 1800 max-cache-ttl 36000 [/gpg-agent.conf] Any thoughts on what's causing this and how to fix it? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 230 bytes Desc: OpenPGP digital signature URL: From bernhard at intevation.de Tue Apr 21 10:26:19 2015 From: bernhard at intevation.de (Bernhard Reiter) Date: Tue, 21 Apr 2015 10:26:19 +0200 Subject: wiki.gnupg.org theme? Message-ID: <201504211026.21749.bernhard@intevation.de> Hi there, on the OpenPGP Summit last weekend, people suggested to me that we could make the wiki look better. Help with adding or creating a better theme is appreciated, this is something you can do for the GnuPG Community. ;) How do you like any of the 1.9 themes from https://moinmo.in/ThemeMarket ? Best Regards, Bernhard ps.: please discuss on gnupg-users@ and cc me. -- www.intevation.de/~bernhard (CEO) www.fsfe.org (Founding GA Member) Intevation GmbH, Osnabr?ck, Germany; Amtsgericht Osnabr?ck, HRB 18998 Owned and run by Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: This is a digitally signed message part. URL: From neal at walfield.org Tue Apr 21 10:42:24 2015 From: neal at walfield.org (Neal H. Walfield) Date: Tue, 21 Apr 2015 10:42:24 +0200 Subject: wiki.gnupg.org theme? In-Reply-To: <201504211026.21749.bernhard@intevation.de> References: <201504211026.21749.bernhard@intevation.de> Message-ID: <87bnihvpn3.wl-neal@walfield.org> At Tue, 21 Apr 2015 10:26:19 +0200, Bernhard Reiter wrote: > on the OpenPGP Summit last weekend, people suggested to me > that we could make the wiki look better. > > Help with adding or creating a better theme is appreciated, > this is something you can do for the GnuPG Community. ;) > > How do you like any of the 1.9 themes from > https://moinmo.in/ThemeMarket ? I like Solenoid, if only because it appears to impose a maximum width on the main content, which is my main complaint with the current theme. Neal From peter at digitalbrains.com Tue Apr 21 11:34:27 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Tue, 21 Apr 2015 11:34:27 +0200 Subject: Passphrases for SSH connections not accepted via pinentry In-Reply-To: <553595EC.5030809@mythicflow.com> References: <553595EC.5030809@mythicflow.com> Message-ID: <553619A3.3010006@digitalbrains.com> On 21/04/15 02:12, aslam karachiwala wrote: > I know the passphrase I enter is correct because it works when entered > into the the graphical app's (e.g., Dolphin, Eclipse IDE) prompt which > appears after pinentry fails three times. Note that this is not necessarily true: you can configure SSH to accept both public key and passphrase authentication. If you fail to unlock the private key, it could still allow you to login using the passphrase associated with the account. There is no relation between the passphrase protecting the private key and the passphrase associated with the login account. But "Operation cancelled" is not what I'd expect for entering a wrong passphrase; I'm not sure though. It could refer to the whole process of pubkey auth being cancelled as you failed to unlock the private key, in which case it does make sense for a wrong passphrase. Sorry I can't be of more help at this time. Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From wk at gnupg.org Tue Apr 21 11:48:23 2015 From: wk at gnupg.org (Werner Koch) Date: Tue, 21 Apr 2015 11:48:23 +0200 Subject: wiki.gnupg.org theme? In-Reply-To: <201504211026.21749.bernhard@intevation.de> (Bernhard Reiter's message of "Tue, 21 Apr 2015 10:26:19 +0200") References: <201504211026.21749.bernhard@intevation.de> Message-ID: <87vbgpx15k.fsf@vigenere.g10code.de> On Tue, 21 Apr 2015 10:26, bernhard at intevation.de said: > on the OpenPGP Summit last weekend, people suggested to me > that we could make the wiki look better. I'd appreciate if it looks similar to gnupg.org. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From aslam at mythicflow.com Tue Apr 21 15:29:36 2015 From: aslam at mythicflow.com (aslam karachiwala) Date: Tue, 21 Apr 2015 09:29:36 -0400 Subject: Passphrases for SSH connections not accepted via pinentry In-Reply-To: <553619A3.3010006@digitalbrains.com> References: <553595EC.5030809@mythicflow.com> <553619A3.3010006@digitalbrains.com> Message-ID: <553650C0.6070903@mythicflow.com> On 04/21/2015 05:34 AM, Peter Lebbing wrote: > Note that this is not necessarily true: you can configure SSH to > accept both public key and passphrase authentication. If you fail to > unlock the private key, it could still allow you to login using the > passphrase associated with the account. There is no relation between > the passphrase protecting the private key and the passphrase > associated with the login account. If by "passphrase associated with your login account" you mean the system password for my username, then that is not why my SSH connection succeeds when I enter the passphrase in the dialogs presented by graphical apps. My SSH passphrase is not the same as my system password. Secondly, when initiating the SSH connection on the command line, I get a prompt explicitly asking for the password associated with my username after three failed SSH attempts, which is how I have been working around the issue. IOW, the SSH connection is indeed failing. Also, why is the pinentry-qt4/gtk-2 dialog appearing at all when I am SSHing from the command line? Shouldn't I get a command-line prompt? -- aslam PGP key fingerprint: 736C D83E 32DB A2FD 0208 9113 0FC8 BA7D FECF 84FB /Join World Community Grid . Help power cutting-edge research in health, poverty and sustainability./ -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 230 bytes Desc: OpenPGP digital signature URL: From peter at digitalbrains.com Tue Apr 21 15:48:03 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Tue, 21 Apr 2015 15:48:03 +0200 Subject: Passphrases for SSH connections not accepted via pinentry In-Reply-To: <553650C0.6070903@mythicflow.com> References: <553595EC.5030809@mythicflow.com> <553619A3.3010006@digitalbrains.com> <553650C0.6070903@mythicflow.com> Message-ID: <55365513.9030307@digitalbrains.com> On 21/04/15 15:29, aslam karachiwala wrote: > If by "passphrase associated with your login account" you mean the > system password for my username Yes, that is what I mean. So I agree with your analysis then. > Also, why is the pinentry-qt4/gtk-2 dialog appearing at all when I am > SSHing from the command line? Shouldn't I get a command-line prompt? No, if it is able to show the preferred pinentry, it will do that. If that is a graphical pinentry, you'll get a graphical pinentry if possible. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From jose.castillo at gmail.com Tue Apr 21 19:48:14 2015 From: jose.castillo at gmail.com (Jose Castillo) Date: Tue, 21 Apr 2015 13:48:14 -0400 Subject: Yubikey NEO OpenPGP advisory Message-ID: I haven?t seen this posted to the list yet, and thought it would be important for people who use the Yubikey NEO's OpenPGP functionality with GnuPG. It regards a vulnerability in the Yubikey NEO implementation of the OpenPGP smart card application: https://developers.yubico.com/ykneo-openpgp/SecurityAdvisory%202015-04-14.html Yubikeys running the vulnerable software will generate signatures and decrypt session keys unconditionally, i.e. without verifying the user?s PIN. I reported this vulnerability to Yubico on 4/11, and to their credit it was quickly fixed. Still, if you are using a Yubikey that you obtained prior to the fix being issued, you should be aware that this vulnerability could affect your security. This issue also affected the upstream javacardopenpgp project [1], which has been updated with a fix as well. [1]: http://sourceforge.net/projects/javacardopenpgp/ -- Joey Castillo www.joeycastillo.com From Deepak.Saxena at safenet-inc.com Tue Apr 21 18:59:34 2015 From: Deepak.Saxena at safenet-inc.com (Saxena, Deepak) Date: Tue, 21 Apr 2015 22:29:34 +0530 Subject: Unsubscribe Message-ID: <33B1BAEAF9B37A439F73D9BF6B32ED4208826AD0@NOI1EXCH03.apac.sfnt.local> Please tell me how to unsubscribe from your mailing list? -- The information contained in this electronic mail transmission may be privileged and confidential, and therefore, protected from disclosure. If you have received this communication in error, please notify us immediately by replying to this message and deleting it from your computer without copying or disclosing it. -------------- next part -------------- An HTML attachment was scrubbed... URL: From rjh at sixdemonbag.org Tue Apr 21 20:34:56 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Tue, 21 Apr 2015 14:34:56 -0400 Subject: Unsubscribe In-Reply-To: <33B1BAEAF9B37A439F73D9BF6B32ED4208826AD0@NOI1EXCH03.apac.sfnt.local> References: <33B1BAEAF9B37A439F73D9BF6B32ED4208826AD0@NOI1EXCH03.apac.sfnt.local> Message-ID: <55369850.1030703@sixdemonbag.org> > Please tell me how to unsubscribe from your mailing list? It's located right at the end of each message: > Gnupg-users mailing list Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users Visit that web page. At the bottom you'll see, "To unsubscribe from GnuPG-users, get a password reminder, or change your subscription options...". That's what you want to use. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3744 bytes Desc: S/MIME Cryptographic Signature URL: From wjimenez5271 at gmail.com Tue Apr 21 20:02:51 2015 From: wjimenez5271 at gmail.com (William Jimenez) Date: Tue, 21 Apr 2015 11:02:51 -0700 Subject: Unsubscribe In-Reply-To: <33B1BAEAF9B37A439F73D9BF6B32ED4208826AD0@NOI1EXCH03.apac.sfnt.local> References: <33B1BAEAF9B37A439F73D9BF6B32ED4208826AD0@NOI1EXCH03.apac.sfnt.local> Message-ID: You can unsubscribe here: http://lists.gnupg.org/mailman/listinfo/gnupg-users On Tue, Apr 21, 2015 at 9:59 AM, Saxena, Deepak < Deepak.Saxena at safenet-inc.com> wrote: > Please tell me how to unsubscribe from your mailing list? > > The information contained in this electronic mail transmission > may be privileged and confidential, and therefore, protected > from disclosure. If you have received this communication in > error, please notify us immediately by replying to this > message and deleting it from your computer without copying > or disclosing it. > > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users at gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From harningt at gmail.com Tue Apr 21 20:15:25 2015 From: harningt at gmail.com (Thomas Harning Jr.) Date: Tue, 21 Apr 2015 18:15:25 +0000 Subject: Yubikey NEO OpenPGP advisory In-Reply-To: References: Message-ID: On Tue, Apr 21, 2015 at 1:49 PM Jose Castillo wrote: > I haven?t seen this posted to the list yet, and thought it would be > important for people who use the Yubikey NEO's OpenPGP functionality with > GnuPG. It regards a vulnerability in the Yubikey NEO implementation of the > OpenPGP smart card application: > > > https://developers.yubico.com/ykneo-openpgp/SecurityAdvisory%202015-04-14.html > > Yubikeys running the vulnerable software will generate signatures and > decrypt session keys unconditionally, i.e. without verifying the user?s > PIN. I reported this vulnerability to Yubico on 4/11, and to their credit > it was quickly fixed. Still, if you are using a Yubikey that you obtained > prior to the fix being issued, you should be aware that this vulnerability > could affect your security. > > This issue also affected the upstream javacardopenpgp project [1], which > has been updated with a fix as well. > > [1]: http://sourceforge.net/projects/javacardopenpgp/ > > -- > > Joey Castillo > www.joeycastillo.com > Thanks for the notice and the fix! :) -------------- next part -------------- An HTML attachment was scrubbed... URL: From wk at gnupg.org Wed Apr 22 09:22:47 2015 From: wk at gnupg.org (Werner Koch) Date: Wed, 22 Apr 2015 09:22:47 +0200 Subject: GnuPG 2.1.3 Fails to Compile OS X In-Reply-To: <5532B1E7.30901@adversary.org> (Ben McGinnes's message of "Sun, 19 Apr 2015 05:35:03 +1000") References: <5529A064.8050606@gmail.com> <87lhhwjw5n.fsf@vigenere.g10code.de> <5532B1E7.30901@adversary.org> Message-ID: <87egncvd88.fsf@vigenere.g10code.de> On Sat, 18 Apr 2015 21:35, ben at adversary.org said: > en at quot.po:54: 'msgid' and 'msgstr' entries do not both end with '\n' > en at quot.po:58: 'msgid' and 'msgstr' entries do not both end with '\n' > but no need to paste them all in); obviously the cause is somewhere > in those sed or make rules. I'm just not certain of the right place That script (po/quot.po) did not changed for more than a decade. I guess your sed is broken (did you recently update it)? Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From hans at guardianproject.info Wed Apr 22 16:50:09 2015 From: hans at guardianproject.info (Hans-Christoph Steiner) Date: Wed, 22 Apr 2015 10:50:09 -0400 Subject: GnuPG Summit news? Message-ID: <5537B521.5030902@guardianproject.info> Hey all, I was sorry to miss the GnuPG Summit. Now I'm eager to hear any news from it :) .hc -- PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587 374B BE81 https://pgp.mit.edu/pks/lookup?op=vindex&search=0x9F0FE587374BBE81 From andreas.schwier.ml at cardcontact.de Wed Apr 22 18:06:13 2015 From: andreas.schwier.ml at cardcontact.de (Andreas Schwier) Date: Wed, 22 Apr 2015 18:06:13 +0200 Subject: Yubikey NEO OpenPGP advisory In-Reply-To: References: Message-ID: <5537C6F5.4080308@cardcontact.de> Thanks for sharing. I guess this once again shows that writing security sensitive software is not about just hacking some lines of code, it's about putting together a good (or better semi-formal) functional requirements specification and a test framework that validates the correct implementation of the defined mechanisms. With a proper test set-up - which is relatively easy to do for a smart card application - this should not have happened. And contrary to the Yubico position that this is a minor issue, I would call the circumvention of the PIN mechanism a major issue. If you loose the device, then you loose the key. Andreas On 04/21/2015 07:48 PM, Jose Castillo wrote: > I haven?t seen this posted to the list yet, and thought it would be important for people who use the Yubikey NEO's OpenPGP functionality with GnuPG. It regards a vulnerability in the Yubikey NEO implementation of the OpenPGP smart card application: > > https://developers.yubico.com/ykneo-openpgp/SecurityAdvisory%202015-04-14.html > > Yubikeys running the vulnerable software will generate signatures and decrypt session keys unconditionally, i.e. without verifying the user?s PIN. I reported this vulnerability to Yubico on 4/11, and to their credit it was quickly fixed. Still, if you are using a Yubikey that you obtained prior to the fix being issued, you should be aware that this vulnerability could affect your security. > > This issue also affected the upstream javacardopenpgp project [1], which has been updated with a fix as well. > > [1]: http://sourceforge.net/projects/javacardopenpgp/ > -- --------- CardContact Software & System Consulting |.##> <##.| Andreas Schwier |# #| Sch?lerweg 38 |# #| 32429 Minden, Germany |'##> <##'| Phone +49 571 56149 --------- http://www.cardcontact.de http://www.tscons.de http://www.openscdp.org http://www.smartcard-hsm.com From wk at gnupg.org Wed Apr 22 20:00:58 2015 From: wk at gnupg.org (Werner Koch) Date: Wed, 22 Apr 2015 20:00:58 +0200 Subject: GnuPG Summit news? In-Reply-To: <5537B521.5030902@guardianproject.info> (Hans-Christoph Steiner's message of "Wed, 22 Apr 2015 10:50:09 -0400") References: <5537B521.5030902@guardianproject.info> Message-ID: <874mo8t545.fsf@vigenere.g10code.de> On Wed, 22 Apr 2015 16:50, hans at guardianproject.info said: > I was sorry to miss the GnuPG Summit. Now I'm eager to hear any news from it :) Yeah, I should write a few lines about it. However, some interesting other bugs/features were mentioned and was districted by fixing/adding them. In the meantime you may want to read Bjarni's notes: https://www.mailpile.is/blog/2015-04-20_OpenPGP_Email_Summit.html Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Wed Apr 22 20:05:30 2015 From: wk at gnupg.org (Werner Koch) Date: Wed, 22 Apr 2015 20:05:30 +0200 Subject: Yubikey NEO OpenPGP advisory In-Reply-To: <5537C6F5.4080308@cardcontact.de> (Andreas Schwier's message of "Wed, 22 Apr 2015 18:06:13 +0200") References: <5537C6F5.4080308@cardcontact.de> Message-ID: <87zj60rqc5.fsf@vigenere.g10code.de> On Wed, 22 Apr 2015 18:06, andreas.schwier.ml at cardcontact.de said: > And contrary to the Yubico position that this is a minor issue, I would > call the circumvention of the PIN mechanism a major issue. If you loose > the device, then you loose the key. You mean anyone can use the key, right. However, any simple malware can be used to sniff on a user entering the PIN. I doubt that most pinpad readers can protect against this: It is easy to trick most users into entering the PIN using the regular keyboard instead of the pinpad. In fact old version of GnuPG required this in certain cases. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From andreas.schwier.ml at cardcontact.de Wed Apr 22 20:27:26 2015 From: andreas.schwier.ml at cardcontact.de (Andreas Schwier) Date: Wed, 22 Apr 2015 20:27:26 +0200 Subject: Yubikey NEO OpenPGP advisory In-Reply-To: <87zj60rqc5.fsf@vigenere.g10code.de> References: <5537C6F5.4080308@cardcontact.de> <87zj60rqc5.fsf@vigenere.g10code.de> Message-ID: <5537E80E.7010208@cardcontact.de> On 04/22/2015 08:05 PM, Werner Koch wrote: > On Wed, 22 Apr 2015 18:06, andreas.schwier.ml at cardcontact.de said: > >> And contrary to the Yubico position that this is a minor issue, I would >> call the circumvention of the PIN mechanism a major issue. If you loose >> the device, then you loose the key. > > You mean anyone can use the key, right. However, any simple malware can > be used to sniff on a user entering the PIN. I doubt that most pinpad > readers can protect against this: It is easy to trick most users into > entering the PIN using the regular keyboard instead of the pinpad. In > fact old version of GnuPG required this in certain cases. Not sure about that. If I loose my card on the street or someone picks it from my pocket or my PC, than that is different from a malware attack which I can protect myself against. I would consider this a major bug, in particular if I purchase a device to get this specific kind of protection. Imagine a bank, SIM or electronic signature card with a malfunctioning PIN. Would you consider that a minor bug ? I don't see that this is different for an OpenPGP card. > > > Salam-Shalom, > > Werner > -- --------- CardContact Software & System Consulting |.##> <##.| Andreas Schwier |# #| Sch?lerweg 38 |# #| 32429 Minden, Germany |'##> <##'| Phone +49 571 56149 --------- http://www.cardcontact.de http://www.tscons.de http://www.openscdp.org http://www.smartcard-hsm.com From alexnztest at gmail.com Wed Apr 22 13:57:15 2015 From: alexnztest at gmail.com (alexnztest) Date: Wed, 22 Apr 2015 14:57:15 +0300 Subject: Claws Mail & GnuPG Message-ID: <20150422145715.00006add@gmail.com> 1.How to integrate (install) GnuPG and Gpgme with already installed Claws Mail on Windows Vista ? Don't use Gpg4win( https://www.gnupg.org/faq/gnupg-faq.html#email_clients_win32Gpg4win). From peter at digitalbrains.com Wed Apr 22 21:07:59 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Wed, 22 Apr 2015 21:07:59 +0200 Subject: Yubikey NEO OpenPGP advisory In-Reply-To: <5537E80E.7010208@cardcontact.de> References: <5537C6F5.4080308@cardcontact.de> <87zj60rqc5.fsf@vigenere.g10code.de> <5537E80E.7010208@cardcontact.de> Message-ID: <5537F18F.9020800@digitalbrains.com> On 22/04/15 20:27, Andreas Schwier wrote: > I would consider this a major bug, in particular if I purchase a device > to get this specific kind of protection. I think it's a major bug, I'm not completely satisfied with the way they downplay the importance. I kinda agree with them, but it still leaves me feeling a bit dissatisfied. But apropos, what kind of protection did you buy it for then? I'm unsure what you mean by "this specific kind of protection". What does a smartcard protect against? Leaking the private key. It protects against more copies of the private key material existing. Explicitly not /usage/ of the key by unauthorized people; it cannot protect against that. There are many threat models where an attacker gains use of the key. This PIN handling bug still does not allow an attacker to extract secret key material. Furthermore, I see a lot of different scenarios chucked together: malware, actual loss of the smartcard. The discussion quickly becomes weird when everybody keeps on moving the goal posts. Please try to keep this in mind. > Imagine a bank, SIM or electronic signature card with a malfunctioning > PIN. Would you consider that a minor bug ? Bank cards and SIMs each have such a different way of using them than an OpenPGP card (which is an electronic signature card) that I can't compare them. Bank cards only go in terminals at shops or ATM's, not your own PC. They also have a host of issues themselves, which indeed includes complete failure to check the PIN. Yet they are not fixed; it's all just papered over and denied by the banks. At the 31C3 there was a talk about defending yourself when your bank tries to make you pay for misuse of a stolen card. And SIMs just need to hold off access until I've notified my mobile phone provider that my card has been stolen. After that, the SIM is useless. It's all so different that it's useless to compare. Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From wk at gnupg.org Wed Apr 22 21:06:56 2015 From: wk at gnupg.org (Werner Koch) Date: Wed, 22 Apr 2015 21:06:56 +0200 Subject: Yubikey NEO OpenPGP advisory In-Reply-To: <5537E80E.7010208@cardcontact.de> (Andreas Schwier's message of "Wed, 22 Apr 2015 20:27:26 +0200") References: <5537C6F5.4080308@cardcontact.de> <87zj60rqc5.fsf@vigenere.g10code.de> <5537E80E.7010208@cardcontact.de> Message-ID: <87oamgrnhq.fsf@vigenere.g10code.de> On Wed, 22 Apr 2015 20:27, andreas.schwier.ml at cardcontact.de said: > Not sure about that. If I loose my card on the street or someone picks > it from my pocket or my PC, than that is different from a malware attack Given the rare use of smartcards for non-banking I bet malware is more a problems. But well, I agree that this is a severe bug. They probably downplay this bug because of the costs to replace all affected Yubikeys. > Imagine a bank, SIM or electronic signature card with a malfunctioning > PIN. Would you consider that a minor bug ? I don't see that this is Reminds me of the problem with (German) banking cards which had an easily guessable PIN due to broken BCD conversion code for a decade or so. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From ben at adversary.org Wed Apr 22 21:53:17 2015 From: ben at adversary.org (Ben McGinnes) Date: Thu, 23 Apr 2015 05:53:17 +1000 Subject: GnuPG 2.1.3 Fails to Compile OS X In-Reply-To: <87egncvd88.fsf@vigenere.g10code.de> References: <5529A064.8050606@gmail.com> <87lhhwjw5n.fsf@vigenere.g10code.de> <5532B1E7.30901@adversary.org> <87egncvd88.fsf@vigenere.g10code.de> Message-ID: <5537FC2D.9090900@adversary.org> On 22/04/2015 5:22 pm, Werner Koch wrote: > On Sat, 18 Apr 2015 21:35, ben at adversary.org said: > >> en at quot.po:54: 'msgid' and 'msgstr' entries do not both end with '\n' >> en at quot.po:58: 'msgid' and 'msgstr' entries do not both end with '\n' > >> but no need to paste them all in); obviously the cause is somewhere >> in those sed or make rules. I'm just not certain of the right place > > That script (po/quot.po) did not changed for more than a decade. I > guess your sed is broken (did you recently update it)? Nope, there's only one sed on the system, the default one in /usr/bin and that appears to be the semi-standard FreeBSD one compiled for OS X Mach. *Sigh* Now I get why Benno spent all that time trying to port FreeBSD to Apple hardware ... it would be so much easier if we had a FreeBSD kernel to play with and all that under the hood of the OS X interface. But that wouldn't give Apple it's little "walled garden" so here we are. I'm going to assume that MacPorts needs to do weird shit to make things behave in the Apple world and that reconstructing that manually is not as simple as the usual "configure && make && make install" dance, even within their /opt/local environment. Which makes sense because I've never managed to get it to compile at all outside of MacPorts since all library paths pointing to non Apple libs, like libiconv, were ignored by OS X. That being the case I'll wait until the next release or work out how to convert the source into a locally installable package via the MacPorts system and test again. Though whatever MacPorts uses by default does work since it clearly did with 2.1.2. I'm half tempted to setup a dedicated Slackware Linux VM just for email. It would make a lot of things annoying with the lack of integration and the screen size things, but it would work. If exporting X sessions over SSH behaved properly (e.g. like Exceed) on OS X I'd've done that years ago (not with a VM), but of course it doesn't. Regards, Ben -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 630 bytes Desc: OpenPGP digital signature URL: From jose.castillo at gmail.com Thu Apr 23 00:22:02 2015 From: jose.castillo at gmail.com (Jose Castillo) Date: Wed, 22 Apr 2015 18:22:02 -0400 Subject: Yubikey NEO OpenPGP advisory In-Reply-To: <5537F18F.9020800@digitalbrains.com> References: <5537C6F5.4080308@cardcontact.de> <87zj60rqc5.fsf@vigenere.g10code.de> <5537E80E.7010208@cardcontact.de> <5537F18F.9020800@digitalbrains.com> Message-ID: <09E166DF-C1CC-4239-9E33-C27BA3813111@gmail.com> > On Apr 22, 2015, at 3:07 PM, Peter Lebbing wrote: > > What does a smartcard protect against? > > Leaking the private key. It protects against more copies of > the private key material existing. > > Explicitly not /usage/ of the key by unauthorized people; it > cannot protect against that. The smart card offers protection against copying of the key, but it includes the PIN to protect against unauthorized use. While not as absolute as the protection against copying, the PIN is an effective second factor; in the case of NFC, which is a big use case for the Yubikey, an attacker would need to shoulder-surf the PIN, capture it with malware, or get near enough with an NFC sniffer [1] to capture the PIN while the legitimate user is entering it. Removing the PIN from the equation removes the protection from unauthorized use. Obtaining a fraudulent signature is as simple as hovering an NFC smartphone within range of a defective token; it will sign any data transmitted to it. And since the Yubikey is designed to live on a user?s (physical) keychain, it is not at all difficult to imagine a scenario where an attacker could gain this level of proximity without attracting attention. This is before we address the issue of lost or seized devices. Personally, I think that it?s unsafe to have a PGP key on an old Yubikey that exhibits this vulnerability, which is why I submitted it to the list. [1]: http://hydrabus.com/hydranfc-1-0-specifications/ -- Joey Castillo www.joeycastillo.com From gniibe at fsij.org Thu Apr 23 03:39:25 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Thu, 23 Apr 2015 10:39:25 +0900 Subject: GnuPG 2.1.3 Fails to Compile OS X In-Reply-To: <87egncvd88.fsf@vigenere.g10code.de> References: <5529A064.8050606@gmail.com> <87lhhwjw5n.fsf@vigenere.g10code.de> <5532B1E7.30901@adversary.org> <87egncvd88.fsf@vigenere.g10code.de> Message-ID: <55384D4D.9080402@fsij.org> On 04/22/2015 04:22 PM, Werner Koch wrote: > On Sat, 18 Apr 2015 21:35, ben at adversary.org said: > >> en at quot.po:54: 'msgid' and 'msgstr' entries do not both end with '\n' >> en at quot.po:58: 'msgid' and 'msgstr' entries do not both end with '\n' > >> but no need to paste them all in); obviously the cause is somewhere >> in those sed or make rules. I'm just not certain of the right place > > That script (po/quot.po) did not changed for more than a decade. I > guess your sed is broken (did you recently update it)? I think that there is a minor GnuPG problem here (not MacOS). I haven't located the bug yet, but I could see the problem of en at quot.po, when I build with git repo having old en at quot.po. Note that in the release, we have po/en at quot.po which is correctly updated and po/en at quot.gmo which is correctly generated. In the git repo, we have an entry of po/en at quot.po in the .gitignore, so, I think that it is not maintained in the repo. When a developer happens to have old po/en at quot.po, it will be merged by msgmerge and it would result fuzzy entries with mismatches of newline. For me, removing po/en at quot.po (so that it will be rebuild from gnupg2.pot), it works fine. -- From iericf at openmailbox.org Thu Apr 23 03:56:10 2015 From: iericf at openmailbox.org (Eric F) Date: Thu, 23 Apr 2015 03:56:10 +0200 Subject: GnuPG 2.1.3 Fails to Compile OS X In-Reply-To: <5537FC2D.9090900@adversary.org> References: <5529A064.8050606@gmail.com> <87lhhwjw5n.fsf@vigenere.g10code.de> <5532B1E7.30901@adversary.org> <87egncvd88.fsf@vigenere.g10code.de> <5537FC2D.9090900@adversary.org> Message-ID: <5538513A.10401@openmailbox.org> On 4/22/15 21:53 , Ben McGinnes wrote: > On 22/04/2015 5:22 pm, Werner Koch wrote: >> > On Sat, 18 Apr 2015 21:35, ben at adversary.org said: >> > >>> >> en at quot.po:54: 'msgid' and 'msgstr' entries do not both end with '\n' >>> >> en at quot.po:58: 'msgid' and 'msgstr' entries do not both end with '\n' >> > >>> >> but no need to paste them all in); obviously the cause is somewhere >>> >> in those sed or make rules. I'm just not certain of the right place >> > >> > That script (po/quot.po) did not changed for more than a decade. I >> > guess your sed is broken (did you recently update it)? > Nope, there's only one sed on the system, the default one in /usr/bin > and that appears to be the semi-standard FreeBSD one compiled for OS X > Mach. Yes, sed in OS X is a little bit different. ?Sed'ing? an output is fine, but when to change/write something in a file it's different.Example: gnu sed: sed -i 's/foo/bar/g' foobar.txt osx sed: sed -i '' 's/foo/bar/g' foobar.txt I've updated sed to gnu's sed(-4.2 ) and it works fine. (+ an updated libiconv). ./configure --prefix=/usr/local --with-libiconv-prefix=/usr/local (Haven't compiled gnupg though). HTH /Eric -------------- next part -------------- An HTML attachment was scrubbed... URL: From ben at adversary.org Thu Apr 23 04:26:11 2015 From: ben at adversary.org (Ben McGinnes) Date: Thu, 23 Apr 2015 12:26:11 +1000 Subject: GnuPG 2.1.3 Fails to Compile OS X In-Reply-To: <55384D4D.9080402@fsij.org> References: <5529A064.8050606@gmail.com> <87lhhwjw5n.fsf@vigenere.g10code.de> <5532B1E7.30901@adversary.org> <87egncvd88.fsf@vigenere.g10code.de> <55384D4D.9080402@fsij.org> Message-ID: <55385843.8000507@adversary.org> On 23/04/2015 11:39 am, NIIBE Yutaka wrote: > On 04/22/2015 04:22 PM, Werner Koch wrote: >> On Sat, 18 Apr 2015 21:35, ben at adversary.org said: >> >>> en at quot.po:54: 'msgid' and 'msgstr' entries do not both end with '\n' >>> en at quot.po:58: 'msgid' and 'msgstr' entries do not both end with '\n' >> >>> but no need to paste them all in); obviously the cause is somewhere >>> in those sed or make rules. I'm just not certain of the right place >> >> That script (po/quot.po) did not changed for more than a decade. I >> guess your sed is broken (did you recently update it)? > > I think that there is a minor GnuPG problem here (not MacOS). > > I haven't located the bug yet, but I could see the problem of > en at quot.po, when I build with git repo having old en at quot.po. > > Note that in the release, we have po/en at quot.po which is correctly > updated and po/en at quot.gmo which is correctly generated. Ah-ha! :) > In the git repo, we have an entry of po/en at quot.po in the .gitignore, > so, I think that it is not maintained in the repo. When a developer > happens to have old po/en at quot.po, it will be merged by msgmerge and > it would result fuzzy entries with mismatches of newline. > > For me, removing po/en at quot.po (so that it will be rebuild from > gnupg2.pot), it works fine. Cool. Since 2.1 is on a one month cycle, I might just wait for 2.1.4 and try again, that'll give me the changes made from 2.1.3 and not trying to make a release equivalent tarball from the current repo (although if there's a script for that I might do it later today). Regards, Ben -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 630 bytes Desc: OpenPGP digital signature URL: From wk at gnupg.org Thu Apr 23 09:23:20 2015 From: wk at gnupg.org (Werner Koch) Date: Thu, 23 Apr 2015 09:23:20 +0200 Subject: GnuPG 2.1.3 Fails to Compile OS X In-Reply-To: <55384D4D.9080402@fsij.org> (NIIBE Yutaka's message of "Thu, 23 Apr 2015 10:39:25 +0900") References: <5529A064.8050606@gmail.com> <87lhhwjw5n.fsf@vigenere.g10code.de> <5532B1E7.30901@adversary.org> <87egncvd88.fsf@vigenere.g10code.de> <55384D4D.9080402@fsij.org> Message-ID: <878udjs3yv.fsf@vigenere.g10code.de> On Thu, 23 Apr 2015 03:39, gniibe at fsij.org said: > In the git repo, we have an entry of po/en at quot.po in the .gitignore, > so, I think that it is not maintained in the repo. When a developer Right. It was removed in 2004! I expect that bug reports for a certain version a done using freshly untarred and build tarball. Thus no old stuff will be around. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From gniibe at fsij.org Thu Apr 23 09:34:09 2015 From: gniibe at fsij.org (NIIBE Yutaka) Date: Thu, 23 Apr 2015 16:34:09 +0900 Subject: GnuPG 2.1.3 Fails to Compile OS X In-Reply-To: <55385843.8000507@adversary.org> References: <5529A064.8050606@gmail.com> <87lhhwjw5n.fsf@vigenere.g10code.de> <5532B1E7.30901@adversary.org> <87egncvd88.fsf@vigenere.g10code.de> <55384D4D.9080402@fsij.org> <55385843.8000507@adversary.org> Message-ID: <5538A071.2030006@fsij.org> On 04/23/2015 11:26 AM, Ben McGinnes wrote: > Cool. Since 2.1 is on a one month cycle, I might just wait for 2.1.4 > and try again, that'll give me the changes made from 2.1.3 and not > trying to make a release equivalent tarball from the current repo > (although if there's a script for that I might do it later today). In my theory (which might be wrong), the scenario is like this: (1) A developer has his own en at quot.po for his working directory. (2) Werner periodically does POT and PO update (usually before the release) to the repository. (3) A developer pull from the repository. (4) When a developer invokes 'make', it tries to update en at quot.po by msgmerge (although we have a special rule in Rules-quot). Then, updated en at quot.po may have fuzzy entries. If this is correct, I think that following patch fixes the problem. diff --git a/po/Makefile.in.in b/po/Makefile.in.in index eb68ea2..4f2849a 100644 --- a/po/Makefile.in.in +++ b/po/Makefile.in.in @@ -56,8 +56,7 @@ XGETTEXT_ = @XGETTEXT@ XGETTEXT_no = @XGETTEXT@ XGETTEXT_yes = @XGETTEXT_015@ XGETTEXT = $(XGETTEXT_$(USE_MSGCTXT)) -MSGMERGE = msgmerge --previous -MSGMERGE_UPDATE = @MSGMERGE@ --previous --update +MSGMERGE = @MSGMERGE@ --previous MSGINIT = msginit MSGCONV = msgconv MSGFILTER = msgfilter @@ -192,9 +191,7 @@ $(srcdir)/$(DOMAIN).pot: $(POFILES): $(srcdir)/$(DOMAIN).pot @lang=`echo $@ | sed -e 's,.*/,,' -e 's/\.po$$//'`; \ if test -f "$(srcdir)/$${lang}.po"; then \ - test "$(srcdir)" = . && cdcmd="" || cdcmd="cd $(srcdir) && "; \ - echo "$${cdcmd}$(MSGMERGE_UPDATE) $${lang}.po $(DOMAIN).pot"; \ - cd $(srcdir) && $(MSGMERGE_UPDATE) $${lang}.po $(DOMAIN).pot; \ + $(MAKE) $${lang}.po-update; \ else \ $(MAKE) $${lang}.po-create; \ fi -- From peter at digitalbrains.com Thu Apr 23 10:36:47 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Thu, 23 Apr 2015 10:36:47 +0200 Subject: Yubikey NEO OpenPGP advisory In-Reply-To: <87oamgrnhq.fsf@vigenere.g10code.de> References: <5537C6F5.4080308@cardcontact.de> <87zj60rqc5.fsf@vigenere.g10code.de> <5537E80E.7010208@cardcontact.de> <87oamgrnhq.fsf@vigenere.g10code.de> Message-ID: <5538AF1F.6050208@digitalbrains.com> On 22/04/15 21:06, Werner Koch wrote: > They probably downplay this bug because of the costs to replace all > affected Yubikeys. Oh wait... I somewhat assumed the things were field-upgradeable. I thought you could pick the applications to load on a multi-application Yubikey. In that case you can just download a new version of the app on your Yubikey and you're good to go (although it'd lose the keys currently on there). If already deployed Yubikeys are not updatable, that changes things in my eyes. I don't think I'd still use such a device as OpenPGP card. Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From peter at digitalbrains.com Thu Apr 23 11:05:41 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Thu, 23 Apr 2015 11:05:41 +0200 Subject: Yubikey NEO OpenPGP advisory In-Reply-To: <09E166DF-C1CC-4239-9E33-C27BA3813111@gmail.com> References: <5537C6F5.4080308@cardcontact.de> <87zj60rqc5.fsf@vigenere.g10code.de> <5537E80E.7010208@cardcontact.de> <5537F18F.9020800@digitalbrains.com> <09E166DF-C1CC-4239-9E33-C27BA3813111@gmail.com> Message-ID: <5538B5E5.7000902@digitalbrains.com> On 23/04/15 00:22, Jose Castillo wrote: > in the case of NFC, which is a big use case for the Yubikey I hadn't considered NFC at all, it's good you brought it up. In fact, if sniffing reveals the PIN and my threat model includes physically nearby attackers, I wouldn't use it at all, whether it had PIN or not. But I suppose it could work if you only use the NFC functionality when you're in a safe environment such as your own home. It seems a comfortable way of using your crypto hardware. As long as you only worry about attackers that are elsewhere. A similar scenario from real life: Right now, they're rolling out a payment system here in The Netherlands where you only need to tap your bank card to the payment terminal to do small payments. That's all that is needed. Or, since everything is relative, where an employee of the shop you're in only needs to tap the payment terminal to your wallet as they accidentally bumps into you. So I'm still looking for a sturdy yet practical metallic sleeve to put around the bank card as soon as they replace my non-NFC card with an NFC card :). The one I've seen looked to finnicky to remove your bank card from, which you do every time you need to pay in a shop... > Personally, I think that it?s unsafe to have a PGP key on an old > Yubikey that exhibits this vulnerability, which is why I submitted > it to the list. I agree. However, I seem to have been under the wrong impression that it was a matter of a software upgrade, and that we were merely assessing the risk that something had gone wrong before you did the upgrade. Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From wk at gnupg.org Thu Apr 23 16:02:48 2015 From: wk at gnupg.org (Werner Koch) Date: Thu, 23 Apr 2015 16:02:48 +0200 Subject: GnuPG 2.1.3 Fails to Compile OS X In-Reply-To: <5538A071.2030006@fsij.org> (NIIBE Yutaka's message of "Thu, 23 Apr 2015 16:34:09 +0900") References: <5529A064.8050606@gmail.com> <87lhhwjw5n.fsf@vigenere.g10code.de> <5532B1E7.30901@adversary.org> <87egncvd88.fsf@vigenere.g10code.de> <55384D4D.9080402@fsij.org> <55385843.8000507@adversary.org> <5538A071.2030006@fsij.org> Message-ID: <87383rrlh3.fsf@vigenere.g10code.de> On Thu, 23 Apr 2015 09:34, gniibe at fsij.org said: > If this is correct, I think that following patch fixes the problem. I agree that this is could be the cause for the problem. > diff --git a/po/Makefile.in.in b/po/Makefile.in.in Changing that Makefile is not a good idea because it is a standard file from gettext. gnupg is at gettext 0.17 so let me try to update it to 0.19 and see whether the problem still persists. IF so me should take the problem to the gettext developers. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From sbutler at fchn.com Fri Apr 24 23:11:55 2015 From: sbutler at fchn.com (Steve Butler) Date: Fri, 24 Apr 2015 21:11:55 +0000 Subject: Block Filter: 1st byte missing Message-ID: <30c43fc56d7445ceaa0bedc4db614b67@t1l1exchmbs-01.fchn.com> Client with PGP is encrypting files that we can usually decrypt with GnuPG 1.4.16 on an Oracle Enterprise Linux (2.6.8-274.17.1.0.1.e15). Occasionally gpg reports: gpg: block_filter: 1st length byte missing. Client will re-encrypt and resend. That file always (even with different name) is not decrypted with above message. Do a: gpg --no-batch --verbose --verbose --list-packets [filename] :marker packet: PGP :pubkey enc packet: version 3, algo 16, keyid 6BA0BA0A5A2CEA48 data: [2047 bits] data: [2048 bits] gpg: public key is 5A2CEA48 gpg: using subkey 5A2CEA48 instead of primary key 1B32D54B You need a passphrase to unlock the secret key for user: "First Choice Health Network (FCHN) " gpg: using subkey 5A2CEA48 instead of primary key 1B32D54B 2048-bit ELG-E key, ID 5A2CEA48, created 2001-10-16 (main key ID 1B32D54B) gpg: public key encrypted data: good DEK :encrypted data packet: length: unknown gpg: encrypted with 2048-bit ELG-E key, ID 5A2CEA48, created 2001-10-16 "First Choice Health Network (FCHN) " gpg: CAST5 encrypted data gpg: block_filter: 1st length byte missing :compressed packet: algo=1 gpg: decryption okay gpg: WARNING: message was not integrity protected But gpg exits with status 2. The 'gpg: decryption okay' message is not seen unless the 2nd -verbose is listed on the command line. Not conducive to automated processing. Manual inspection of the file with xxd shows it starts with: 0000000: a803 5047 50c1 c14e 03 [my pk sub key id] etc. I believe that third packet starts at hex location 217 in this line: 0000210: 3e65 83a0 73a7 c9ec xxxxxx I believe the c9ec means tag 9 with 4096 packet length. That should take us to locatin 1219 in this line: 0001210: 34ed 52dd 5afb 457a 0c06 xxxx I think 0c is the next packet length of 12 of which the 06 is the first byte. The file ends on the next line: 0001220: 0edb ef22 ac This all looks good to me. Is gpg expecting another packet? Or another length byte? --Steve PS I've been using GnuPG for well over a decade and have run into this problem on occasion. Always a re-encrypt has solved it. With this client that is no longer the case. Stephen M. Butler, PMP, PSM IT Manager - Software Engineering First Choice Health Network Email: sbutler at fchn.com Voice: 206-268-2309 Fax: 206-268-6173 -- CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. -------------- next part -------------- An HTML attachment was scrubbed... URL: From 2014-667rhzu3dc-lists-groups at riseup.net Sat Apr 25 14:33:47 2015 From: 2014-667rhzu3dc-lists-groups at riseup.net (MFPA) Date: Sat, 25 Apr 2015 13:33:47 +0100 Subject: Unsubscribe In-Reply-To: <33B1BAEAF9B37A439F73D9BF6B32ED4208826AD0@NOI1EXCH03.apac.sfnt.local> References: <33B1BAEAF9B37A439F73D9BF6B32ED4208826AD0@NOI1EXCH03.apac.sfnt.local> Message-ID: <692378411.20150425133347@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On Tuesday 21 April 2015 at 5:59:34 PM, in , Saxena, Deepak wrote: > Please tell me how to unsubscribe from your mailing > list? In addition to the route mentioned in the other answers, the "List-Unsubscribe:" message header also gives . - -- Best regards MFPA The greater the power, the more dangerous the abuse. -----BEGIN PGP SIGNATURE----- iQF8BAEBCgBmBQJVO4nDXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2 QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwnnkIAKn7JZtKIA7CuNx02hVy6c7+ opBnRnHdKCc1h/bGQXXOxMi+O+S11Q1Jjud08uY4IsmzQXZxP8+NK4mjNwZxMDf4 p2bk5DF4/9fLZVOxeB8520b5H6RoDNUBkojTFjwbQSnFxXI+UqlSLlqvmA5+D55y yan+xcdarBZGaFGy0A8g46oTU3zHPvivSa2/YWdORqz4SKlB3Vnoe5ueHkU2yhrD QJ7rP0YhcEt3Z5Lks4xxUxWDhcq+bHjNYw9jvFdeKYapx7dtSMOXwDs58xIfOCgW nDytbuFLSjuI0RedNIpQxPUO8kw0JYDE3XWikrosiXJT6Xx2L+sUe87k2tD1dnKI vgQBFgoAZgUCVTuJz18UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45HnbAQCqkdJnRCnV5EuSFB7rcgS+DjX+ lRZXsH/Krwt7xtP/aQEAroB3NsHdP58KE7VSS04Ye5MREAwOzaODsKynQ6dXlwU= =DEhx -----END PGP SIGNATURE----- From wk at gnupg.org Sun Apr 26 20:31:18 2015 From: wk at gnupg.org (Werner Koch) Date: Sun, 26 Apr 2015 20:31:18 +0200 Subject: Notes from the first OpenPGP Summit Message-ID: <87d22qn3m1.fsf@vigenere.g10code.de> Hi! find below a text version of https://gnupg.org/blog/20150426-openpgp-summit.html 1 Notes from the first OpenPGP Summit ????????????????????????????????????? On April 18/19 a bunch of OpenPGP folks met in Dreieich near Frankfurt to get to know themselves better and exchange experience in implementing and deploying OpenPGP based applications. During one of the meetings of our local group of regulars at the [Chaosdorf], I talked with Nico from Enigmail about the idea to get the few GnuPG frontend authors together for an informal meeting. We agreed that this is would be useful and we decided to go for it in spring. Due to the attention GnuPG received during the following [31C3] it turned out that the planned GPG meeting would grow to an OpenPGP summit with about 30 attendees. We even had to reject several requests to join the meeting due to limited space and time constraints to prepare a larger meeting. [Nico] took care of the organization and I am really glad that he kept me clear of this task. Thanks. Our host was [Giegerich & Partner], an IT security company which does a proprietary Outlook plugin based on GnuPG. Their local organization was excellent including snacks, beverages, a great self-made dinner, and shuttle service to the hotel and the airport. Network access also worked flawlessly after having signed that usual German [St?rerhaftung] disclaimer. Thanks guys. After a welcome on Saturday morning from Nico and our host, I quickly explained the planned release schedule for GnuPG and explained a less known feature of GPA and Kleoptra, the [UI-Server]. We then started the presentations of the projects present: [Gpg4win], [Enigmail], Gpg4o, r2mail2, [OpenKeychain,] [GPG Tools], [Pixelated], [Whiteout], [Mailvelope,] [Mailpile], [End-to-end], [CaliOpen], and [Debian]. It was really interesting to learn first hand about the rich environment around the OpenPGP protocol. Although most developers knew about each other it was the first time they all came together to present their projects to their peers. About half of the projects are using GnuPG as their backend engine with the others using one of the Javascript implementations for their OpenPGP core. The presentations answered a lot of questions but raised others which were discussed during the breaks and the wine and beer track in the evening. Important topics were identified and put on the agenda for Sunday. One of these topics was the question whether to use PGP/MIME or to create a new format; with about the half of the group in favor of PGP/MIME. It seems that some often used MUAs (mailers) have somewhat limited support even for regular MIME despite that this is a 22 years old and matured standard. In particular webmail applications are quite limited in their MIME handling. They have the easiest way to roll out fixed versions, though. As usual I got into long debates with Bjarni from Mailpile on this. This discussion was continued on Sunday in working groups on meta data encryption and encrypted search. Another topic was key distribution. I decided not to join the respective working group on Sunday because this will be a too large topic for short working group. During the Saturday presentations it became clear that the more centralized projects, like Whiteout and Google?s end-to-end, can more or less sidestep that problem due to the better control they have on the mail accounts. The presentation from the End-to-end project was nevertheless interesting and probably sparked a few idea. Mobile clients are a primary, or even the only, target for most projects and thus discussions revolved around issues like reducing the amount of data to download from IMAP servers but still be able to show summaries of the mail content after decryption; or on how to efficiently and securely search through encrypted mails stored on a remote site. It would be quite useful to publish the results from the Sunday working groups as well as the group picture. However they have not yet been collected; see below for updates. I appreciated the opportunity to meet the GPG Tools developers, who are very dedicated to make GnuPG working well on OS X. I stressed the importance to actively participate on the GnuPG mailing list to keep information in sync. One example may illustrate this: For years the adaption of GnuPG-2 on GNOME based systems has been hampered by the fact that the gnome-keyring-manager (GKR) tries to emulate gpg-agent and thus inhibits proper working of any advanced function of GnuPG (e.g. smartcards and gpgsm). With Debian?s release of Jessie that problem will even be worse due to other desktop environments now also using GKR. Given that the GKR developers are not willing to change their defaults, Neal, dkg, and me came up with a pragmatic solution for this problem on Saturday morning. Surprisingly we learned in the evening that GPG Tools long ago came up with a very similar solution on how to integrate GnuPG into the OS X keychain. To comply with crypto geek tradition the meeting ended with a key signing party using fingerprints collected in a shared file, comparing its sha1sum ^W sha256sum locally, and publicly confirming the correctness of ones own key. Some had to rush for the airport or train station and thus not all keys could be checked. Overall it was a successful meeting and it should be repeated to extend our discussions on the mailing lists in a conference setting. I do not want end these notes without remarking that I am a bit disappointed that many of the participants favored this closed invitation-only style summit and want the next meeting to happen the same way. I would actually like to have an open OpenPGP meeting with a stronger emphasis on Free Software and a clear anti-surveillance message. [Chaosdorf] https://chaosdorf.de [31C3] https://31c3.de [Nico] http://www.josuttis.de [Giegerich & Partner] https://www.giepa.de/ [St?rerhaftung] http://de.wikipedia.org/wiki/St%C3%B6rerhaftung [UI-Server] https://gnupg.org/documentation/manuals/gpgme/UI-Server-Protocol.html [Gpg4win] http://gpg4win.org [Enigmail] https://enigmail.net [OpenKeychain,] https://openkeychain.org [GPG Tools] https://gpgtools.org [Pixelated] https://pixelated-project.org [Whiteout] https://whiteout.io [Mailvelope,] https://mailvelope.com [Mailpile] https://mailpile.is [End-to-end] https://github.com/google/end-to-end [CaliOpen] https://caliopen.org [Debian] https://debian.org 2 Minutes from the working groups ????????????????????????????????? /[If you have something to publish, please send it to me for publication at this place. CC-by-SA please.]/ -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From bre at pagekite.net Mon Apr 27 01:31:38 2015 From: bre at pagekite.net (Bjarni Runar Einarsson) Date: Sun, 26 Apr 2015 23:31:38 -0000 Subject: Notes from the first OpenPGP Summit In-Reply-To: <87d22qn3m1.fsf@vigenere.g10code.de> References: <87d22qn3m1.fsf@vigenere.g10code.de> Message-ID: <20150426233138-12616-48971-mailpile@slinky> Thanks for the write-up, Werner! :-) Werner Koch wrote: > I do not want end these notes without remarking that I am a bit > disappointed that many of the participants favored this closed > invitation-only style summit and want the next meeting to happen the > same way. I was unable to attend the session where this was discussed, so please forgive me if I'm rehashing something that was already covered. On the one hand, I suspect it would be very hard to maintain the excellent signal/noise ratio we had, in a completely open summit. On the other, I also feel it's really bad for the community if we aren't welcoming and open to new people. The summit attendees were not a very diverse group, to say the least... So I share your concerns, Werner. Was the idea of having a mixed summit discussed? I think there was general consensus that we could probably skip the introductions next time, so perhaps one of the two days could be open and the other day closed for people who want to work together on specific issues? Or the group could fork, with the first day shared for talks and getting to know each other, and the second day forked into non-dev-friendly activities (crypto-parties, keysigning, introductory talks) scheduled for the same time slot as an invite-only tech unconference, with the groups re-merging at the end of the day to present any results. Of course, organizing something like that is even more work, so unless the organizers love the idea and are motivated to do that sort of out-reach, it's might not be a great idea. But we do have a while until the next meetup is planned, so there is time to reconsider and think about whether we can find a way to preserve the focus of the group while still welcoming new people to the community. > I would actually like to have an open OpenPGP meeting with > a stronger emphasis on Free Software and a clear anti-surveillance > message. Although my politics and yours align, I think it might be a strategic mistake to exclude the closed-source folks from these discussions... Cheers, - Bjarni -- Sent using Mailpile, Free Software from www.mailpile.is From mailinglist at krebs.uno Mon Apr 27 11:26:38 2015 From: mailinglist at krebs.uno (Daniel Krebs) Date: Mon, 27 Apr 2015 11:26:38 +0200 Subject: What is 'CA fingerprint 1' on Smartcard In-Reply-To: <87vbhda2ge.fsf@vigenere.g10code.de> References: <551AD072.6030808@krebs.uno> <87vbhda2ge.fsf@vigenere.g10code.de> Message-ID: <553E00CE.3020006@krebs.uno> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Am 03.04.2015 um 13:14 schrieb Werner Koch: > Back in 2005 the idea was to setup our own OpenPGP "CA" and the > FSFE prepared the cards for this (this is also one of the the > reasons for the PIN letter). However, the folks responsible for > the fellowship card never came around to setup a process to > actually run such a "CA" and thus the whole thing got dusty. I > still have the CDROM with the private key but I do not think that > this expired key is of any use. > > > Salam-Shalom, > > Werner Hi Werner, sorry for the late replay, somehow I missed your mail... Was this meant to work kind of like the the CA of the ct's crypto campaign? DK -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQIcBAEBCgAGBQJVPgDCAAoJEA7irlPqaBCOigUQAKsAGEJC9KDqt3vUzAxF+mCN cHb30nS3zLYucum95kG3jWknhFwn4fnXoLDrMEHokg41dI9jIOM6nqA1oPqwtxRz oynEx+xrFWNK4X45Sr8eePmjzm5OmD5YumcbOz8cEIdI+BoR6tuf7gJxOQ5rXGWx 93jG3vJuJHg8xLeosPOiu/fvmD+A1LbwZUKfzmJD/ie8eIfwRYvt/+2eFj3AjzjD jZviztbjVtPWZQ1+urIhoufbWyXFrP60I+sMzYeqWhTIMmipxgsKHDWE8+RKRI9L w1Oyl11sPY01VIXNBf3sYkBTCtnze4MvyF723ZFS7XvmtqajPXlRl09rLOrbZZX5 KFl2AQSeUyv0cB7DiDOfUXxi4+nibNeHLb11DagDr+6ReBCDRr4WKeWzpG2YRuul bfiI7wEsP54DaEjiPPvbeC+0Fv6iBsg4gZYXqYe7r30qfOSmdTcVGorcCGsO/1gu RiJz9wRmanZpZNNx8xAA3ccQf5ftLM9/C57ILTeeTU2FTBD9L0gY25leLjpSAWPZ Ub5FGvP1VIFrAvuneF98wQrmmF9aeJqUekg4zvehmQuH32J5qHxR2hNLrgUlB8Gq VEzke5/rKwksN5etvh9o+kt7w4/OzkPgEjiz/qMUHdLyea2jcFTcfUxc0CRx65aT +oSvKnVfn4Ujnm6DbgxR =+Idr -----END PGP SIGNATURE----- From 2014-667rhzu3dc-lists-groups at riseup.net Mon Apr 27 11:43:02 2015 From: 2014-667rhzu3dc-lists-groups at riseup.net (MFPA) Date: Mon, 27 Apr 2015 10:43:02 +0100 Subject: Yubikey NEO OpenPGP advisory In-Reply-To: <5538B5E5.7000902@digitalbrains.com> References: <5537C6F5.4080308@cardcontact.de> <87zj60rqc5.fsf@vigenere.g10code.de> <5537E80E.7010208@cardcontact.de> <5537F18F.9020800@digitalbrains.com> <09E166DF-C1CC-4239-9E33-C27BA3813111@gmail.com> <5538B5E5.7000902@digitalbrains.com> Message-ID: <136155886.20150427104302@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On Thursday 23 April 2015 at 10:05:41 AM, in , Peter Lebbing wrote: > But I suppose it could work if you only use the NFC > functionality when you're in a safe environment such as > your own home. Presumably that would mean keeping your card in an RFID-proof wallet or tin when out and about. > Right now, they're rolling out a payment system here in > The Netherlands where you only need to tap your bank > card to the payment terminal to do small payments. > That's all that is needed. We have that in the UK already. Payments up to, I think, GBP20 without PIN or signature. Dangerous. > So I'm still looking for a sturdy yet practical > metallic sleeve to put around the bank card as soon as > they replace my non-NFC card with an NFC card :). The > one I've seen looked to finnicky to remove your bank > card from, which you do every time you need to pay in a > shop... Some of the ones brought up by a search on "rfid card wallet " look just like an ordinary wallet. And I'm sure a small metallic business card holder or cigarette case would do the trick. - -- Best regards MFPA To know what we know, and know what we do not know, is wisdom. -----BEGIN PGP SIGNATURE----- iQF8BAEBCgBmBQJVPgSrXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2 QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwrToIAK9CPUVIoeKiGn4ohX4RwLlr cWNw0rfixE+SW2K3h2t7u5acr4hzz9inoATE56KXOVobaYlBJKt3KM5niPuegb1w FiCUr9j2yMauTDSgcmihZ2io6tgtcaCbPtYoG6trxAQSr/P6TtFCc2MyXmCsquKr IWD1wcSVk/WMF0OAyeORiS0YYRbixOq2hJ3ae35J5K9pnqfQGAkJ6WCj6IOdMM+l vRXl6PQ+8s+Nk6Axdwv1m3JnUK810pV+96X1Jg6Dl/rm7+sRwvAI6I+7TUCkGbOR xOLsoQZHV7ITGiXUN5WEOiOotKDTm8o30pXzkpBGmUydLAKpD8J7ha+dyQPbPjiI vgQBFgoAZgUCVT4Eu18UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45CNFAP9EdAkbWAsJ8bxo2S2+jqVlQK2p R15BDzljzod+Gg1IjwD+MvNCqI+DVba0BMgb4Tjgy1HBzDfllGvVq+M9k0d2JQs= =dpuO -----END PGP SIGNATURE----- From mailing-lists at asatiifm.net Mon Apr 27 12:19:55 2015 From: mailing-lists at asatiifm.net (=?windows-1252?Q?Ville_M=E4=E4tt=E4?=) Date: Mon, 27 Apr 2015 13:19:55 +0300 Subject: Yubikey NEO OpenPGP advisory In-Reply-To: <136155886.20150427104302@my_localhost> References: <5537C6F5.4080308@cardcontact.de> <87zj60rqc5.fsf@vigenere.g10code.de> <5537E80E.7010208@cardcontact.de> <5537F18F.9020800@digitalbrains.com> <09E166DF-C1CC-4239-9E33-C27BA3813111@gmail.com> <5538B5E5.7000902@digitalbrains.com> <136155886.20150427104302@my_localhost> Message-ID: <553E0D4B.3080909@asatiifm.net> On 27.04.15 12:43, MFPA wrote: >> Right now, they're rolling out a payment system here in >> > The Netherlands where you only need to tap your bank >> > card to the payment terminal to do small payments. >> > That's all that is needed. > We have that in the UK already. Payments up to, I think, GBP20 > without PIN or signature. Dangerous. Yep, EUR 25 max here in Finland if I recall correctly without PIN and "random PIN check" once in a while? I suppose the banks get a warm and fuzzy "we've done something" feeling from the random checks. Roll-out started about a year ago I think. >> So I'm still looking for a sturdy yet practical >> metallic sleeve to put around the bank card as soon as >> they replace my non-NFC card with an NFC card . The >> one I've seen looked to finnicky to remove your bank >> card from, which you do every time you need to pay in a >> shop... > > Some of the ones brought up by a search on "rfid card wallet " look > just like an ordinary wallet. And I'm sure a small metallic business > card holder or cigarette case would do the trick. I have the basic blocking wallet from ThinkGeek [1] and it's just like a normal wallet. They seem to have a new one as well although both out of stock right now. [1]: https://www.thinkgeek.com/brain/whereisit.cgi?t=rfid+wallet -- Ville -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 648 bytes Desc: OpenPGP digital signature URL: From peter at digitalbrains.com Mon Apr 27 12:33:27 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Mon, 27 Apr 2015 12:33:27 +0200 Subject: Yubikey NEO OpenPGP advisory In-Reply-To: <553E0D4B.3080909@asatiifm.net> References: <5537C6F5.4080308@cardcontact.de> <87zj60rqc5.fsf@vigenere.g10code.de> <5537E80E.7010208@cardcontact.de> <5537F18F.9020800@digitalbrains.com> <09E166DF-C1CC-4239-9E33-C27BA3813111@gmail.com> <5538B5E5.7000902@digitalbrains.com> <136155886.20150427104302@my_localhost> <553E0D4B.3080909@asatiifm.net> Message-ID: <553E1077.5010607@digitalbrains.com> Those NFC pay things you both mention sound a lot like what we have here as well (? 25 maximum, random PIN checks). On 27/04/15 12:19, Ville M??tt? wrote: > I have the basic blocking wallet from ThinkGeek [1] and it's just like a > normal wallet. They seem to have a new one as well although both out of > stock right now. Thanks for the hints, guys. But I'm very happy with my current leather wallet, and the bag I keep the wallet in is almost full. So I'm more looking for something really compact around the card, like a sleeve. getDigital has one: [1]. I just can't judge how sturdy it is; the sleeve I have seen in real life looked like it was quite a hassle to remove your card from because it looked really flimsy. Peter. PS: getDigital has a lot of cool geeky stuff! [1] https://www.getdigital.eu/RFID-Schutzhuelle.html (the 5 euro cover) -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From peter at digitalbrains.com Mon Apr 27 12:36:32 2015 From: peter at digitalbrains.com (Peter Lebbing) Date: Mon, 27 Apr 2015 12:36:32 +0200 Subject: Yubikey NEO OpenPGP advisory In-Reply-To: <136155886.20150427104302@my_localhost> References: <5537C6F5.4080308@cardcontact.de> <87zj60rqc5.fsf@vigenere.g10code.de> <5537E80E.7010208@cardcontact.de> <5537F18F.9020800@digitalbrains.com> <09E166DF-C1CC-4239-9E33-C27BA3813111@gmail.com> <5538B5E5.7000902@digitalbrains.com> <136155886.20150427104302@my_localhost> Message-ID: <553E1130.6070003@digitalbrains.com> On 27/04/15 11:43, MFPA wrote: >> But I suppose it could work if you only use the NFC >> functionality when you're in a safe environment such as >> your own home. > > Presumably that would mean keeping your card in an RFID-proof wallet > or tin when out and about. Well, if the PIN protection actually works (unlike in the affected Yubikeys) and you only enter the PIN in an environment where you're sure nobody is sniffing the over-the-air data, I suppose you could decide to rely on the fact that your PIN is still secret, preventing access to unauthorized people. Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at From 2014-667rhzu3dc-lists-groups at riseup.net Mon Apr 27 13:19:04 2015 From: 2014-667rhzu3dc-lists-groups at riseup.net (MFPA) Date: Mon, 27 Apr 2015 12:19:04 +0100 Subject: Yubikey NEO OpenPGP advisory In-Reply-To: <553E1077.5010607@digitalbrains.com> References: <5537C6F5.4080308@cardcontact.de> <87zj60rqc5.fsf@vigenere.g10code.de> <5537E80E.7010208@cardcontact.de> <5537F18F.9020800@digitalbrains.com> <09E166DF-C1CC-4239-9E33-C27BA3813111@gmail.com> <5538B5E5.7000902@digitalbrains.com> <136155886.20150427104302@my_localhost> <553E0D4B.3080909@asatiifm.net> <553E1077.5010607@digitalbrains.com> Message-ID: <939031690.20150427121904@my_localhost> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On Monday 27 April 2015 at 11:33:27 AM, in , Peter Lebbing wrote: > So I'm more looking for something > really compact around the card, like a sleeve. > getDigital has one: [1]. I just can't judge how sturdy > it is; the sleeve I have seen in real life looked like > it was quite a hassle to remove your card from because > it looked really flimsy. The sleeves I have seen online looked pretty flimsy, and they have to be if they will be small enough to fit in the credit card slots in a wallet. There are also wallet liners, where a sheet of RFID-blocking material goes in the large banknote section(s) of the wallet and is supposed to protect the cards when the wallet is closed' not sure about that idea. - -- Best regards MFPA Working hard. Please interrupt at once. -----BEGIN PGP SIGNATURE----- iQF8BAEBCgBmBQJVPhsrXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCM0FFN0VDQTlBOEM4QjMwMjZBNUEwRjU2 QjdDNzRDRUIzMUYyNUYwAAoJEGt8dM6zHyXwu4gH/2KxZDT+dyQLostUR/32jy9s fdpvHQi2mKoWfp3tO1VKzpekRmglbJlUg9CYPC96N3N96nPVukjQKZ7PRR78UJ0m KTMPoK+BTdn8Nz3SquINKzOhA+PsTv0Tf+WGkBqoNpt8PmUlg1gTTeIHNlOi7WzT AgH//lcR/hyBCaa7+SpQckHRx+ccsRIqS/3s+vLmKVQmshyOQRE+o2bPPzzoGIzT NJfogaJ5eZ2vLVDysc9uR8CT6wpRcxybOf5tdTncS1GniQNo1Jlc/HhVN7XJuVAS fX4w+Gi1tu2RYpJ5AK/xPQzvgJA3W6ecoT3CkQa2QGY89xbesy/5/0l8iUFNh8qI vgQBFgoAZgUCVT4bOF8UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu cGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNBQ0VENEVFOTEzNEVFQkRFNkE4NTA2MTcx MkJDNDYxQUY3NzhFNAAKCRAXErxGGvd45KP7AQDyDaOfSzMh27xMHg/0VR2BLWSB 7fdkUJRQcQ+qjpdmQAD+IOfjDKIpvVJU6ei+15reOWPhQyibBjhBUYtrMTeYkAo= =NeL7 -----END PGP SIGNATURE----- From willy.witfood at mailbox.org Mon Apr 27 13:38:14 2015 From: willy.witfood at mailbox.org (Willy Witfood) Date: Mon, 27 Apr 2015 13:38:14 +0200 Subject: Yubikey NEO OpenPGP advisory In-Reply-To: <553E1130.6070003@digitalbrains.com> References: <5537C6F5.4080308@cardcontact.de> <87zj60rqc5.fsf@vigenere.g10code.de> <5537E80E.7010208@cardcontact.de> <5537F18F.9020800@digitalbrains.com> <09E166DF-C1CC-4239-9E33-C27BA3813111@gmail.com> <5538B5E5.7000902@digitalbrains.com> <136155886.20150427104302@my_localhost> <553E1130.6070003@digitalbrains.com> Message-ID: <553E1FA6.1040402@mailbox.org> On 04/27/2015 12:36 PM, Peter Lebbing wrote: > On 27/04/15 11:43, MFPA wrote: >>> But I suppose it could work if you only use the NFC >>> functionality when you're in a safe environment such as >>> your own home. >> Presumably that would mean keeping your card in an RFID-proof wallet >> or tin when out and about. > Well, if the PIN protection actually works (unlike in the affected > Yubikeys) and you only enter the PIN in an environment where you're sure > nobody is sniffing the over-the-air data, I suppose you could decide to > rely on the fact that your PIN is still secret, preventing access to > unauthorized people. > > Peter. > Hi, whether this is a big or minor issue really depends on the use case. In my opinion the perfect use case for the yubikey NEOs OpenPGP is to respond quickly to confidential but not extremely sensitive email in all environments which includes mobile phones. Here it's still significantly better to use one with the vulnerability then the most common alternatives: storing the key on the phone or using plaintext email. Ideally I would like to have one identity with multiple subkeys which also communicate multiple use cases, say 1) confidential: subkey on a yubikey NEO 2) secret: subkey on a smart-card with an independent card-reader with a pin-pad 3) top secret: offline key Then the sender could select the right one for the message. Willy From dfalko at digiflak.com Mon Apr 27 15:25:00 2015 From: dfalko at digiflak.com (Dmitry Falko) Date: Mon, 27 Apr 2015 16:25:00 +0300 Subject: Certificate server Message-ID: <553E38AC.7020802@digiflak.com> Hello! First of all, sorry for my english. I use gpgsm (x.509 certificates) to encrypt the data and wanted to know whether there is a chance to work through gpgsm with certificates server as GPG works with the key server. I saw that Cleopatra can recieve x.509 certificates from ldap server, but can't find any information about gpgsm. And I am interested in information of configuring gpg certificate server. -- Best Regards, Dmitriy! From jhs at berklix.com Mon Apr 27 16:51:50 2015 From: jhs at berklix.com (Julian H. Stacey) Date: Mon, 27 Apr 2015 16:51:50 +0200 Subject: Yubikey NEO OpenPGP advisory In-Reply-To: Your message "Mon, 27 Apr 2015 12:33:27 +0200." <553E1077.5010607@digitalbrains.com> Message-ID: <201504271452.t3REpoxF019465@fire.js.berklix.net> > Thanks for the hints, guys. But I'm very happy with my current leather > wallet, and the bag I keep the wallet in is almost full. So I'm more > looking for something really compact around the card, like a sleeve. > getDigital has one: [1]. I just can't judge how sturdy it is; the sleeve > I have seen in real life looked like it was quite a hassle to remove > your card from because it looked really flimsy. > > Peter. I make my own RF blockers, though un-tested yet : For maybe 10 years my business cards have been made from 80 gram/ square metre paper, folded once & cut to size, then heat sealed into plastic, hot lamination pouches, using 2 alternate products: Leitz 100x Credit Card Hot seal laminating pouches 125 (250) mic 1 Leitz 33810 bar code 5 411313 338103 Ibico ibi pouches for hot laminating credit card 54 x 86 mm 100 pouches . clear . 5 mil 125 micron permanently sealed & protected http://www.gbceurope.com/gbc/en/gb/v/1997/10/card-laminating-pouches.aspx Years back I realised I could cut some aluminium cooking foil to same size as the paper, & seal that as an RF / microwave test tool, then an RFC card arrived, & I inserted the metal foil `card' behind the NFC credit card, on the outside of the wallet. The metal foil in sealed plastic puch is a much slimmer (0.26 mm) than a credit card (0.8 mm), so fits well in same wallet slot as an NFC enabled credit card (metal foil on outer side of wallet of course. As cards are stacked offset in a wallet I assume it make sense to decide where on the credit card the NFC chip is, for max overlap of the foil. I made a larger foldable excapsulated foil pouch for my brother's wallet, (he had NFC cards before I did). I can't remember what thickness plastic I used + 2 for British passports (some kind of chip). I haven't tested them yet, just use them :-) I recently got an NFC app to convert my Android phone into an NFC reader on USB coupled to a PC, so I will test it some time, but : A) I dont normally carry my NFC card, & B) I haven't looked beyond https://www.freebsd.org/cgi/ports.cgi?query=NFC&stype=all at https://svnweb.freebsd.org/ports/head/devel/libnfc/ If aluminium cooking foil is too thin, some are thicker than others, & I have some thin copper sheet too, but I doubt it will need that. I've long been planning to insert aluminium foil in the new version of my business cards, which BTW look like this http://berklix.com/~jhs/cv/#card I guess computer clubs could create similar cards, with foil blockers. I bought my hot laminator long ago, it does up to A4 size, since then prices for laminators have crashed, & credit card sized ones even cheaper, probably most on this list can with local friends club together & buy/ share a laminator, & make ther own blockers, but we need to check how effective they are :-) Cheers, Julian -- Julian Stacey, BSD Linux Unix C Sys Eng Consultant Munich http://berklix.com Indent previous with "> ". Reply Below as a play script. Send plain text, Not quoted-printable, HTML, or base64. From wk at gnupg.org Mon Apr 27 20:21:54 2015 From: wk at gnupg.org (Werner Koch) Date: Mon, 27 Apr 2015 20:21:54 +0200 Subject: Notes from the first OpenPGP Summit In-Reply-To: <20150426233138-12616-48971-mailpile@slinky> (Bjarni Runar Einarsson's message of "Sun, 26 Apr 2015 23:31:38 -0000") References: <87d22qn3m1.fsf@vigenere.g10code.de> <20150426233138-12616-48971-mailpile@slinky> Message-ID: <87bni9ctz1.fsf@vigenere.g10code.de> On Mon, 27 Apr 2015 01:31, bre at pagekite.net said: > Thanks for the write-up, Werner! :-) Actually you have been much faster with your report https://www.mailpile.is/blog/2015-04-20_OpenPGP_Email_Summit.html >> disappointed that many of the participants favored this closed >> invitation-only style summit and want the next meeting to happen the > On the one hand, I suspect it would be very hard to maintain the > excellent signal/noise ratio we had, in a completely open summit. On Maybe. We are used to work on mailing list and I would bet that in most cases it is easier to ask too noisy participants to behave well during a physical meeting than on mailing lists. The IETF has quite some experience with that and requires physical meetings for important tasks. > Was the idea of having a mixed summit discussed? I think there was > general consensus that we could probably skip the introductions next Not that I know. I left the session at some point, though. > time, so perhaps one of the two days could be open and the other day > closed for people who want to work together on specific issues? As long has all participants may introduce a new attendee I would be fine with such a scheme. No need for strict registration rules. > Or the group could fork, with the first day shared for talks and getting > to know each other, and the second day forked into non-dev-friendly > activities (crypto-parties, keysigning, introductory talks) scheduled The problem is that at least for talks, those speakers would likely also want to participate in the smaller working groups. > out-reach, it's might not be a great idea. But we do have a while until > the next meetup is planned, so there is time to reconsider and think > about whether we can find a way to preserve the focus of the group > while still welcoming new people to the community. Organizing a conference takes some time and thus we would need to start with it soon. In case people would agree to come again to Germany I have an idea whom to ask to run such a conference. > Although my politics and yours align, I think it might be a strategic > mistake to exclude the closed-source folks from these discussions... The GNU towers expect me to talk like this - but I am not always wearing my GNUhat ;-) Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From dkbryant at gmail.com Mon Apr 27 22:07:38 2015 From: dkbryant at gmail.com (Dan Bryant) Date: Mon, 27 Apr 2015 15:07:38 -0500 Subject: Generating GnuPG S/MINE key pair Message-ID: TL;DR: gpgsm import fails with "no issuer found in certificate" I'm trying to generate a key-pair for GnuPG S/MINE strictly for instructional reasons. I'll concede that I'm using a weak CA, but I'm trying to image how the CA maintainers do this task as well. So, for my instruction, I'm trying to do the following: I started off just wanting to create a GnuPG S/MINE key-pair. I soon found out that gpgsm requires key-pars to be externally signed by a CA. So now I'm trying to do the whole process, make-key, sign-key, import-key 1. Create a CA with a new RSA key-pair (openSSL) 2. Generate a new GnuPG S/MINE key-pair (gpgsm) 3. Sign the GnuPG S/MINE key-pair with my fictitious CA above (openssl) 4. Import the now signed GnuPG S/MINE key-pair into my gpgsm key-ring. So I theory I thought this should work, but I've botched it somewhere along the way. Again... this is for INSTRUCTIONAL purposes. I realize a self signed CA is about as secure as a post-it on a monitor. Trying to learn... Here's what I tried (for those unfamiliar with Windows, the '^' is a line continuation). -- gpgsm openssl genrsa -out rootCA.key 2048 openssl req -x509 -new -nodes -key rootCA.key -days 1024 -out rootCA.pem gpgsm --gen-key > unsigned.pem gpg-protect-tool --p12-export ^ %appdata%\gnupg\private-keys-v1.d\{keygrip_from_prev_gen_key_cmd}.key ^ > kgfpgkc.p12 openssl pkcs12 -in kgfpgkc.p12 -nocerts -out kgfpgkc.pem openssl x509 -x509toreq -signkey kgfpgkc.pem ^ -in unsigned.pem -out unsigned.csr openssl x509 -req -CA rootCA.pem -CAkey rootCA.key -CAcreateserial ^ -in unsigned.csr -out signed.pem -days 500 gpgsm --import signed.pem --Output gpgsm: no issuer found in certificate gpgsm: basic certificate checks failed - not imported gpgsm: no issuer found in certificate gpgsm: basic certificate checks failed - not imported gpgsm: ksba_cert_hash failed: No value gpgsm: total number processed: 2 gpgsm: not imported: 2 So... Why did the issuer check fail? Do I need to import my fake CA (tried that). If so, how? Is there an option to provide a PEM to serve as the root CA (like Python)? Also tried coping rootCA.pem to com-certs.pem, but no luck -------------- next part -------------- An HTML attachment was scrubbed... URL: From dkbryant at gmail.com Tue Apr 28 04:22:39 2015 From: dkbryant at gmail.com (Dan Bryant) Date: Mon, 27 Apr 2015 21:22:39 -0500 Subject: Generating GnuPG S/MINE key pair In-Reply-To: References: Message-ID: OK... I found some very old posts about this... don't know how much still holds. -- https://lists.gnupg.org/pipermail/gnupg-devel/2011-June/026126.html This guide says: 1. Convert rootCA.pem to rootCA.der 2. Place rootCA.der in dirmngr\trusted-certs 3. Ensure rootCA.der has revocation URL (??can disable??) 4. Add rootCA.der fingerprint to trustlist.txt 5. Restart dirmngr service and gpg-agent Don't know... you think that will work? BTW.. Here's the versions of the previously mentioned utilities: - OpenSSL 1.0.2a 19 Mar 2015 - gpg-protect-tool (GnuPG) 2.0.27 (Gpg4win 2.2.4) - gpgsm (GnuPG) 2.1.3 On Mon, Apr 27, 2015 at 3:07 PM, Dan Bryant wrote: > TL;DR: gpgsm import fails with "no issuer found in certificate" > > I'm trying to generate a key-pair for GnuPG S/MINE strictly for > instructional reasons. I'll concede that I'm using a weak CA, but I'm > trying to image how the CA maintainers do this task as well. So, for my > instruction, I'm trying to do the following: > > I started off just wanting to create a GnuPG S/MINE key-pair. I soon found > out that gpgsm requires key-pars to be externally signed by a CA. So now > I'm trying to do the whole process, make-key, sign-key, import-key > > 1. Create a CA with a new RSA key-pair (openSSL) > 2. Generate a new GnuPG S/MINE key-pair (gpgsm) > 3. Sign the GnuPG S/MINE key-pair with my fictitious CA above (openssl) > 4. Import the now signed GnuPG S/MINE key-pair into my gpgsm key-ring. > > So I theory I thought this should work, but I've botched it somewhere along > the way. Again... this is for INSTRUCTIONAL purposes. I realize a self > signed CA is about as secure as a post-it on a monitor. Trying to learn... > > Here's what I tried (for those unfamiliar with Windows, the '^' is a line > continuation). > > -- gpgsm > openssl genrsa -out rootCA.key 2048 > openssl req -x509 -new -nodes -key rootCA.key -days 1024 -out rootCA.pem > gpgsm --gen-key > unsigned.pem > gpg-protect-tool --p12-export ^ > %appdata%\gnupg\private-keys-v1.d\{keygrip_from_prev_gen_key_cmd}.key ^ > > kgfpgkc.p12 > openssl pkcs12 -in kgfpgkc.p12 -nocerts -out kgfpgkc.pem > openssl x509 -x509toreq -signkey kgfpgkc.pem ^ > -in unsigned.pem -out unsigned.csr > openssl x509 -req -CA rootCA.pem -CAkey rootCA.key -CAcreateserial ^ > -in unsigned.csr -out signed.pem -days 500 > gpgsm --import signed.pem > --Output > gpgsm: no issuer found in certificate > gpgsm: basic certificate checks failed - not imported > gpgsm: no issuer found in certificate > gpgsm: basic certificate checks failed - not imported > gpgsm: ksba_cert_hash failed: No value > gpgsm: total number processed: 2 > gpgsm: not imported: 2 > > > So... Why did the issuer check fail? Do I need to import my fake CA (tried > that). If so, how? Is there an option to provide a PEM to serve as the > root CA (like Python)? Also tried coping rootCA.pem to com-certs.pem, but > no luck > > From dkbryant at gmail.com Tue Apr 28 06:28:57 2015 From: dkbryant at gmail.com (Dan Bryant) Date: Mon, 27 Apr 2015 23:28:57 -0500 Subject: Generating GnuPG S/MINE key pair In-Reply-To: References: Message-ID: Getting closer... The DirMngr stuff is totally required. Got that out of the way (added rootCA to the right dirmgr stuff). Now I'm scrubbing the logs and it looks like DirMgr is complaining because I didn't timestamp any of my custom certs. Any "--ignore_ts" or similar option to bypass this message? dirmngr[7276] command 'VALIDATE' failed: No value On to http://stackoverflow.com/questions/21297139/how-do-you-sign-certificate-signing-request-with-your-certification-authority although I might have to shelve this for a few days at this point. Call / Text: 281.760.4296 On Mon, Apr 27, 2015 at 9:22 PM, Dan Bryant wrote: > OK... I found some very old posts about this... don't know how much still holds. > -- https://lists.gnupg.org/pipermail/gnupg-devel/2011-June/026126.html > > This guide says: > 1. Convert rootCA.pem to rootCA.der > 2. Place rootCA.der in dirmngr\trusted-certs > 3. Ensure rootCA.der has revocation URL (??can disable??) > 4. Add rootCA.der fingerprint to trustlist.txt > 5. Restart dirmngr service and gpg-agent > > Don't know... you think that will work? > > BTW.. Here's the versions of the previously mentioned utilities: > - OpenSSL 1.0.2a 19 Mar 2015 > - gpg-protect-tool (GnuPG) 2.0.27 (Gpg4win 2.2.4) > - gpgsm (GnuPG) 2.1.3 > > On Mon, Apr 27, 2015 at 3:07 PM, Dan Bryant wrote: >> TL;DR: gpgsm import fails with "no issuer found in certificate" >> >> I'm trying to generate a key-pair for GnuPG S/MINE strictly for >> instructional reasons. I'll concede that I'm using a weak CA, but I'm >> trying to image how the CA maintainers do this task as well. So, for my >> instruction, I'm trying to do the following: >> >> I started off just wanting to create a GnuPG S/MINE key-pair. I soon found >> out that gpgsm requires key-pars to be externally signed by a CA. So now >> I'm trying to do the whole process, make-key, sign-key, import-key >> >> 1. Create a CA with a new RSA key-pair (openSSL) >> 2. Generate a new GnuPG S/MINE key-pair (gpgsm) >> 3. Sign the GnuPG S/MINE key-pair with my fictitious CA above (openssl) >> 4. Import the now signed GnuPG S/MINE key-pair into my gpgsm key-ring. >> >> So I theory I thought this should work, but I've botched it somewhere along >> the way. Again... this is for INSTRUCTIONAL purposes. I realize a self >> signed CA is about as secure as a post-it on a monitor. Trying to learn... >> >> Here's what I tried (for those unfamiliar with Windows, the '^' is a line >> continuation). >> >> -- gpgsm >> openssl genrsa -out rootCA.key 2048 >> openssl req -x509 -new -nodes -key rootCA.key -days 1024 -out rootCA.pem >> gpgsm --gen-key > unsigned.pem >> gpg-protect-tool --p12-export ^ >> %appdata%\gnupg\private-keys-v1.d\{keygrip_from_prev_gen_key_cmd}.key ^ >> > kgfpgkc.p12 >> openssl pkcs12 -in kgfpgkc.p12 -nocerts -out kgfpgkc.pem >> openssl x509 -x509toreq -signkey kgfpgkc.pem ^ >> -in unsigned.pem -out unsigned.csr >> openssl x509 -req -CA rootCA.pem -CAkey rootCA.key -CAcreateserial ^ >> -in unsigned.csr -out signed.pem -days 500 >> gpgsm --import signed.pem >> --Output >> gpgsm: no issuer found in certificate >> gpgsm: basic certificate checks failed - not imported >> gpgsm: no issuer found in certificate >> gpgsm: basic certificate checks failed - not imported >> gpgsm: ksba_cert_hash failed: No value >> gpgsm: total number processed: 2 >> gpgsm: not imported: 2 >> >> >> So... Why did the issuer check fail? Do I need to import my fake CA (tried >> that). If so, how? Is there an option to provide a PEM to serve as the >> root CA (like Python)? Also tried coping rootCA.pem to com-certs.pem, but >> no luck >> >> From wk at gnupg.org Tue Apr 28 09:26:16 2015 From: wk at gnupg.org (Werner Koch) Date: Tue, 28 Apr 2015 09:26:16 +0200 Subject: Generating GnuPG S/MINE key pair In-Reply-To: (Dan Bryant's message of "Mon, 27 Apr 2015 15:07:38 -0500") References: Message-ID: <87d22obtnr.fsf@vigenere.g10code.de> On Mon, 27 Apr 2015 22:07, dkbryant at gmail.com said: > gpgsm: no issuer found in certificate > gpgsm: basic certificate checks failed - not imported Your root certificate is not valid. An Issuer is required and that issuer must match the Subject. Also certain other fields are required for a root certificate. I suggest to use a tool like tinyca2 to create your own CA or use one of the scripts which come with OpenSSL to setup a CA (you need a Unix shell on Windows, though). gpgsm 2.1 has a much improve certifciate generation. You may create a self-signed certificate directly: --8<---------------cut here---------------start------------->8--- $ gpgsm --gen-key Please select what kind of key you want: (1) RSA (2) Existing key (3) Existing key from card Your selection? 1 What keysize do you want? (2048) Requested keysize is 2048 bits Possible actions for a RSA key: (1) sign, encrypt (2) sign (3) encrypt Your selection? 1 Enter the X.509 subject name: CN=test cert Enter email addresses (end with an empty line): > Enter DNS names (optional; end with an empty line): > Enter URIs (optional; end with an empty line): > Create self-signed certificate? (y/N) y These parameters are used: Key-Type: RSA Key-Length: 2048 Key-Usage: sign, encrypt Serial: random Name-DN: CN=test cert Proceed with creation? (y/N) --8<---------------cut here---------------end--------------->8--- This works well on Windows - however the installer for 2.1.3 is a bit experimental. gpgsm --export-secret-key-p8 -a KEYID may then be used to export the private key in PKCS#8 format (what Apache etc requires. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From GBorowiak at advaoptical.com Tue Apr 28 14:32:30 2015 From: GBorowiak at advaoptical.com (Grzegorz Borowiak) Date: Tue, 28 Apr 2015 12:32:30 +0000 Subject: Building libgpg-error for powerpc64-e5500-linux-gnu Message-ID: <1430224350161.98050@advaoptical.com> I'm trying to cross-compile libgpg-error for powerpc64-e5500-linux-gnu and I fail: make[1]: Entering directory '/targ/arch/powerpc64-e5500-linux-gnu/modes/eos/tmp/portage/dev-libs/libgpg-error-1.18/work/libgpg-error-1.18-.default' Making all in m4 make[2]: Entering directory '/targ/arch/powerpc64-e5500-linux-gnu/modes/eos/tmp/portage/dev-libs/libgpg-error-1.18/work/libgpg-error-1.18-.default/m4' make[2]: Nothing to be done for 'all'. make[2]: Leaving directory '/targ/arch/powerpc64-e5500-linux-gnu/modes/eos/tmp/portage/dev-libs/libgpg-error-1.18/work/libgpg-error-1.18-.default/m4' Making all in src make[2]: Entering directory '/targ/arch/powerpc64-e5500-linux-gnu/modes/eos/tmp/portage/dev-libs/libgpg-error-1.18/work/libgpg-error-1.18-.default/src' gawk -f /targ/arch/powerpc64-e5500-linux-gnu/modes/eos/tmp/portage/dev-libs/libgpg-error-1.18/work/libgpg-error-1.18/src/mkerrnos.awk /targ/arch/powerpc64-e5500-linux-gnu/modes/eos/tmp/portage/dev-libs/libgpg-error-1.18/work/libgpg-error-1.18/src/errnos.in >code-to-errno.h gawk -f /targ/arch/powerpc64-e5500-linux-gnu/modes/eos/tmp/portage/dev-libs/libgpg-error-1.18/work/libgpg-error-1.18/src/mkerrcodes1.awk /targ/arch/powerpc64-e5500-linux-gnu/modes/eos/tmp/portage/dev-libs/libgpg-error-1.18/work/libgpg-error-1.18/src/errnos.in >_mkerrcodes.h gawk -f /targ/arch/powerpc64-e5500-linux-gnu/modes/eos/tmp/portage/dev-libs/libgpg-error-1.18/work/libgpg-error-1.18/src/mkstrtable.awk -v textidx=2 -v nogettext=1 \ /targ/arch/powerpc64-e5500-linux-gnu/modes/eos/tmp/portage/dev-libs/libgpg-error-1.18/work/libgpg-error-1.18/src/err-sources.h.in >err-sources-sym.h gawk -f /targ/arch/powerpc64-e5500-linux-gnu/modes/eos/tmp/portage/dev-libs/libgpg-error-1.18/work/libgpg-error-1.18/src/mkstrtable.awk -v textidx=2 -v nogettext=1 \ /targ/arch/powerpc64-e5500-linux-gnu/modes/eos/tmp/portage/dev-libs/libgpg-error-1.18/work/libgpg-error-1.18/src/err-codes.h.in >err-codes-sym.h powerpc64-e5500-linux-gnu-gcc -E _mkerrcodes.h | grep GPG_ERR_ | \ gawk -f /targ/arch/powerpc64-e5500-linux-gnu/modes/eos/tmp/portage/dev-libs/libgpg-error-1.18/work/libgpg-error-1.18/src/mkerrcodes.awk >mkerrcodes.h gawk -f /targ/arch/powerpc64-e5500-linux-gnu/modes/eos/tmp/portage/dev-libs/libgpg-error-1.18/work/libgpg-error-1.18/src/mkstrtable.awk -v textidx=2 -v nogettext=1 \ -v prefix=GPG_ERR_ -v namespace=errnos_ \ /targ/arch/powerpc64-e5500-linux-gnu/modes/eos/tmp/portage/dev-libs/libgpg-error-1.18/work/libgpg-error-1.18/src/errnos.in >errnos-sym.h x86_64-pc-linux-gnu-gcc -g -O0 -I. -I/targ/arch/powerpc64-e5500-linux-gnu/modes/eos/tmp/portage/dev-libs/libgpg-error-1.18/work/libgpg-error-1.18/src -o mkheader /targ/arch/powerpc64-e5500-linux-gnu/modes/eos/tmp/portage/dev-libs/libgpg-error-1.18/work/libgpg-error-1.18/src/mkheader.c cat /targ/arch/powerpc64-e5500-linux-gnu/modes/eos/tmp/portage/dev-libs/libgpg-error-1.18/work/libgpg-error-1.18/src/gpg-error.def.in >_gpg-error.def.h echo "/*dummy*/" > mkw32errmap.map.c powerpc64-e5500-linux-gnu-gcc -E -I. -I/targ/arch/powerpc64-e5500-linux-gnu/modes/eos/tmp/portage/dev-libs/libgpg-error-1.18/work/libgpg-error-1.18/src -I.. _gpg-error.def.h | \ grep -v '^#' >gpg-error.def rm _mkerrcodes.h x86_64-pc-linux-gnu-gcc -I. -I/targ/arch/powerpc64-e5500-linux-gnu/modes/eos/tmp/portage/dev-libs/libgpg-error-1.18/work/libgpg-error-1.18/src -o mkerrcodes /targ/arch/powerpc64-e5500-linux-gnu/modes/eos/tmp/portage/dev-libs/libgpg-error-1.18/work/libgpg-error-1.18/src/mkerrcodes.c rm _gpg-error.def.h rm lock-obj-pub.native.h 2>/dev/null ./mkerrcodes | gawk -f /targ/arch/powerpc64-e5500-linux-gnu/modes/eos/tmp/portage/dev-libs/libgpg-error-1.18/work/libgpg-error-1.18/src/mkerrcodes2.awk >code-from-errno.h Makefile:1282: recipe for target 'gpg-error.h' failed make[2]: [gpg-error.h] Error 1 (ignored) ./mkheader linux-gnu powerpc64-e5500-linux-gnu /targ/arch/powerpc64-e5500-linux-gnu/modes/eos/tmp/portage/dev-libs/libgpg-error-1.18/work/libgpg-error-1.18/src/gpg-error.h.in \ ../config.h 1.18 0x011200 >gpg-error.h /targ/arch/powerpc64-e5500-linux-gnu/modes/eos/tmp/portage/dev-libs/libgpg-error-1.18/work/libgpg-error-1.18/src/gpg-error.h.in:320: error including `/targ/arch/powerpc64-e5500-linux-gnu/modes/eos/tmp/portage/dev-libs/libgpg-error-1.18/work/libgpg-error-1.18/src/syscfg/lock-obj-pub.linux-gnu.h': No such file or directory Makefile:1282: recipe for target 'gpg-error.h' failed make[2]: *** [gpg-error.h] Error 1 make[2]: Leaving directory '/targ/arch/powerpc64-e5500-linux-gnu/modes/eos/tmp/portage/dev-libs/libgpg-error-1.18/work/libgpg-error-1.18-.default/src' Makefile:470: recipe for target 'all-recursive' failed make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory '/targ/arch/powerpc64-e5500-linux-gnu/modes/eos/tmp/portage/dev-libs/libgpg-error-1.18/work/libgpg-error-1.18-.default' Makefile:401: recipe for target 'all' failed make: *** [all] Error 2 I already have done some debugging and it seems that powerpc64-e5500-linux-gnu is not supported, nor is it falling back to powerpc64-unknown-linux-gnu (which is supported). How to cope with situation like that? Can I somehow convince it to recognise powerpc64-e5500-linux-gnu as powerpc64-unknown-linux-gnu? Or is there some way to build it architecture-independently (even if it means decreased performance)? This issue starts with libgpg-error version 1.13. Version 1.12 builds without error. Regards Grzegorz Borowiak -------------- next part -------------- An HTML attachment was scrubbed... URL: From simon at josefsson.org Tue Apr 28 14:45:22 2015 From: simon at josefsson.org (Simon Josefsson) Date: Tue, 28 Apr 2015 14:45:22 +0200 Subject: Notes from the first OpenPGP Summit In-Reply-To: <87d22qn3m1.fsf@vigenere.g10code.de> (Werner Koch's message of "Sun, 26 Apr 2015 20:31:18 +0200") References: <87d22qn3m1.fsf@vigenere.g10code.de> Message-ID: <87mw1ss9p9.fsf@latte.josefsson.org> Werner Koch writes: > I appreciated the opportunity to meet the GPG Tools developers, who > are very dedicated to make GnuPG working well on OS X. I stressed the > importance to actively participate on the GnuPG mailing list to keep > information in sync. One example may illustrate this: For years the > adaption of GnuPG-2 on GNOME based systems has been hampered by the > fact that the gnome-keyring-manager (GKR) tries to emulate gpg-agent > and thus inhibits proper working of any advanced function of GnuPG > (e.g. smartcards and gpgsm). With Debian?s release of Jessie that > problem will even be worse due to other desktop environments now also > using GKR. Given that the GKR developers are not willing to change > their defaults, Neal, dkg, and me came up with a pragmatic solution > for this problem on Saturday morning. What is this solution? I am working around the bug in Jessie [1], but GKR's bug/design is a real pain if you want to convince others to start to use GnuPG with smartcards. I recently noticed that my fix doesn't even work on Ubuntu, so each OS need their own fix... :-( /Simon [1] http://blog.josefsson.org/2015/01/02/openpgp-smartcards-and-gnome/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 472 bytes Desc: not available URL: From neal at walfield.org Tue Apr 28 16:06:59 2015 From: neal at walfield.org (Neal H. Walfield) Date: Tue, 28 Apr 2015 16:06:59 +0200 Subject: Notes from the first OpenPGP Summit In-Reply-To: <87mw1ss9p9.fsf@latte.josefsson.org> References: <87d22qn3m1.fsf@vigenere.g10code.de> <87mw1ss9p9.fsf@latte.josefsson.org> Message-ID: <87mw1sfit8.wl-neal@walfield.org> Hi Simon, We've documented the problem at http://wiki.gnupg.org/GnomeKeyring . At Tue, 28 Apr 2015 14:45:22 +0200, Simon Josefsson wrote: > Werner Koch writes: > > > I appreciated the opportunity to meet the GPG Tools developers, who > > are very dedicated to make GnuPG working well on OS X. I stressed the > > importance to actively participate on the GnuPG mailing list to keep > > information in sync. One example may illustrate this: For years the > > adaption of GnuPG-2 on GNOME based systems has been hampered by the > > fact that the gnome-keyring-manager (GKR) tries to emulate gpg-agent > > and thus inhibits proper working of any advanced function of GnuPG > > (e.g. smartcards and gpgsm). With Debian?s release of Jessie that > > problem will even be worse due to other desktop environments now also > > using GKR. Given that the GKR developers are not willing to change > > their defaults, Neal, dkg, and me came up with a pragmatic solution > > for this problem on Saturday morning. > > What is this solution? > > I am working around the bug in Jessie [1], but GKR's bug/design is a > real pain if you want to convince others to start to use GnuPG with > smartcards. I recently noticed that my fix doesn't even work on Ubuntu, > so each OS need their own fix... :-( The solution is to fix Gnome Keyring :). I've spoken with Stef, the main developer of GKR, and he confirmed that the only reason GKR MITMs GPG Agent is so that it can intercept prompts for the password to supply any cached value. The solution is to enhance pinentry so that if GKR is available it caches the password with GKR. This requires a few modifications to GnuPG proper as well as enhancements to pinentry. I'm working on this and it should be done shortly. The GPG Tools people also need this functionality in GPG 2.0 so it will also be backported. We hope to coordinate with Debian to get the fixed versions of GPG and GKR in the next point release of Jessie. Neal From simon at josefsson.org Tue Apr 28 16:14:06 2015 From: simon at josefsson.org (Simon Josefsson) Date: Tue, 28 Apr 2015 16:14:06 +0200 Subject: Notes from the first OpenPGP Summit In-Reply-To: <87mw1sfit8.wl-neal@walfield.org> (Neal H. Walfield's message of "Tue, 28 Apr 2015 16:06:59 +0200") References: <87d22qn3m1.fsf@vigenere.g10code.de> <87mw1ss9p9.fsf@latte.josefsson.org> <87mw1sfit8.wl-neal@walfield.org> Message-ID: <87r3r4qr0x.fsf@latte.josefsson.org> "Neal H. Walfield" writes: > Hi Simon, > > We've documented the problem at http://wiki.gnupg.org/GnomeKeyring . Thanks -- another workaround, alas. > The solution is to fix Gnome Keyring :). I've spoken with Stef, the > main developer of GKR, and he confirmed that the only reason GKR MITMs > GPG Agent is so that it can intercept prompts for the password to > supply any cached value. The solution is to enhance pinentry so that > if GKR is available it caches the password with GKR. This requires a > few modifications to GnuPG proper as well as enhancements to pinentry. > I'm working on this and it should be done shortly. The GPG Tools > people also need this functionality in GPG 2.0 so it will also be > backported. We hope to coordinate with Debian to get the fixed > versions of GPG and GKR in the next point release of Jessie. Great, I'm really looking forward to a proper fix to this problem. /Simon -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 472 bytes Desc: not available URL: From rjh at sixdemonbag.org Tue Apr 28 16:26:05 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Tue, 28 Apr 2015 10:26:05 -0400 Subject: Notes from the first OpenPGP Summit In-Reply-To: <87mw1sfit8.wl-neal@walfield.org> References: <87d22qn3m1.fsf@vigenere.g10code.de> <87mw1ss9p9.fsf@latte.josefsson.org> <87mw1sfit8.wl-neal@walfield.org> Message-ID: <553F987D.1020500@sixdemonbag.org> > The solution is to fix Gnome Keyring :). I've spoken with Stef, the > main developer of GKR, and he confirmed that the only reason GKR > MITMs GPG Agent is so that it can intercept prompts for the password > to supply any cached value. This doesn't seem like a good reason. It never has. If I configure gpg-agent to cache for 20 minutes, but forget to configure gnome-keyring-daemon, then it's possible that 25 minutes later I'll do something requiring a passphrase, gpg-agent will ask me for my passphrase, but gnome-keyring-daemon will silently intercept it and use the cached value, etc., etc., leaving me wondering why gpg-agent isn't respecting the timeout I've given it. This also means passphrases are cached in two places, not one -- in gpg-agent and in gnome-keyring-daemon. In my day job I work in digital forensics, with a good bit of memory forensics work in my past. Speaking as a forensicist, if you keep two copies of a sensitive passphrase in memory you're making things much easier for me. I don't understand GKD's choices here. I never have. They've always seemed foolish. If GKD wants to implement gpg-agent's protocol and run as a replacement gpg-agent, that's one thing... but the current setup just does not strike me as wise. > The solution is to enhance pinentry so that if GKR is available it > caches the password with GKR. I'm sorry, but I don't think this is a good solution. GNOME is asking for privileges other desktop environments haven't asked for and don't get. KDE doesn't get KDE-specific functionality added to pinentry. Nor does XFCE, nor does Enlightenment. If GNOME gets to have GNOME-specific enhancements folded into GnuPG, then what's to prevent KDE, XFCE, Enlightenment, Windows, OS X, and all other desktop environments from demanding the same? -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3744 bytes Desc: S/MIME Cryptographic Signature URL: From neal at walfield.org Tue Apr 28 17:02:12 2015 From: neal at walfield.org (Neal H. Walfield) Date: Tue, 28 Apr 2015 17:02:12 +0200 Subject: Notes from the first OpenPGP Summit In-Reply-To: <553F987D.1020500@sixdemonbag.org> References: <87d22qn3m1.fsf@vigenere.g10code.de> <87mw1ss9p9.fsf@latte.josefsson.org> <87mw1sfit8.wl-neal@walfield.org> <553F987D.1020500@sixdemonbag.org> Message-ID: <87lhhcfg97.wl-neal@walfield.org> At Tue, 28 Apr 2015 10:26:05 -0400, Robert J. Hansen wrote: > > The solution is to fix Gnome Keyring :). I've spoken with Stef, the > > main developer of GKR, and he confirmed that the only reason GKR > > MITMs GPG Agent is so that it can intercept prompts for the password > > to supply any cached value. > > This doesn't seem like a good reason. It never has. If I configure > gpg-agent to cache for 20 minutes, but forget to configure > gnome-keyring-daemon, then it's possible that 25 minutes later I'll do > something requiring a passphrase, gpg-agent will ask me for my > passphrase, but gnome-keyring-daemon will silently intercept it and use > the cached value, etc., etc., leaving me wondering why gpg-agent isn't > respecting the timeout I've given it. I've added a checkbox to pinentry that asks: "Cache password with GKR" and it is only shown if GKR is present. So it's opt-in. > This also means passphrases are cached in two places, not one -- in > gpg-agent and in gnome-keyring-daemon. In my day job I work in digital > forensics, with a good bit of memory forensics work in my past. > Speaking as a forensicist, if you keep two copies of a sensitive > passphrase in memory you're making things much easier for me. There are so many attack vectors that providing this opt-in hardly seems to make a difference to me. If we actually had process isolation, I might agree with you. But, as things stand, we don't. I wouldn't allow GKR to cache my passphrase either, but other people disagree. In particular, the maintainer of GKR, which is widely used and practically a hard requirement even on Xfce. > I don't understand GKD's choices here. I never have. They've always > seemed foolish. If GKD wants to implement gpg-agent's protocol and run > as a replacement gpg-agent, that's one thing... but the current setup > just does not strike me as wise. I don't understand this "if". GKR is implementing (a subset of) gpg agent's protocol. > I'm sorry, but I don't think this is a good solution. GNOME is asking > for privileges other desktop environments haven't asked for and don't > get. KDE doesn't get KDE-specific functionality added to pinentry. Nor > does XFCE, nor does Enlightenment. If GNOME gets to have GNOME-specific > enhancements folded into GnuPG, then what's to prevent KDE, XFCE, > Enlightenment, Windows, OS X, and all other desktop environments from > demanding the same? Actually, the secrets API is a desktop standard and I was told KWallet speaks it. So, this enhancement will work with KWallet as well. Also, the GPG Tools people (Mac OS) do something similar to GKR (but less invasive) so the modifications to the gpg core will help them as well. Neal From dkg at fifthhorseman.net Tue Apr 28 17:12:32 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Tue, 28 Apr 2015 11:12:32 -0400 Subject: Notes from the first OpenPGP Summit In-Reply-To: <553F987D.1020500@sixdemonbag.org> References: <87d22qn3m1.fsf@vigenere.g10code.de> <87mw1ss9p9.fsf@latte.josefsson.org> <87mw1sfit8.wl-neal@walfield.org> <553F987D.1020500@sixdemonbag.org> Message-ID: <87wq0wmgm7.fsf@alice.fifthhorseman.net> On Tue 2015-04-28 10:26:05 -0400, Robert J. Hansen wrote: > This doesn't seem like a good reason. It never has. If I configure > gpg-agent to cache for 20 minutes, but forget to configure > gnome-keyring-daemon, then it's possible that 25 minutes later I'll do > something requiring a passphrase, gpg-agent will ask me for my > passphrase, but gnome-keyring-daemon will silently intercept it and use > the cached value, etc., etc., leaving me wondering why gpg-agent isn't > respecting the timeout I've given it. agreed, this does seem suboptimal, but it's better than the current case, where things simply don't work at all. > I don't understand GKD's choices here. I never have. They've always > seemed foolish. If GKD wants to implement gpg-agent's protocol and run > as a replacement gpg-agent, that's one thing... but the current setup > just does not strike me as wise. GKD's goal is to provide a smooth user experience, where all the user's passwords are handled as silently as possible, behind the scenes. However, they do not appear to have the resources to track the full functionality of gpg-agent, so they're falling down on that front. tracking the functionality of pinentry should be a simpler task. >> The solution is to enhance pinentry so that if GKR is available it >> caches the password with GKR. > > I'm sorry, but I don't think this is a good solution. GNOME is asking > for privileges other desktop environments haven't asked for and don't > get. KDE doesn't get KDE-specific functionality added to pinentry. Nor > does XFCE, nor does Enlightenment. If GNOME gets to have GNOME-specific > enhancements folded into GnuPG, then what's to prevent KDE, XFCE, > Enlightenment, Windows, OS X, and all other desktop environments from > demanding the same? Every environment is free to implement its own pinentry, and we've never discouraged that (indeed, gnupg upstream ships several pinentry variants). If a pinentry variant chooses to implement its own passphrase cache, that is up to that pinentry variant, no? --dkg From hans at guardianproject.info Tue Apr 28 17:33:31 2015 From: hans at guardianproject.info (Hans-Christoph Steiner) Date: Tue, 28 Apr 2015 11:33:31 -0400 Subject: Notes from the first OpenPGP Summit In-Reply-To: <87bni9ctz1.fsf@vigenere.g10code.de> References: <87d22qn3m1.fsf@vigenere.g10code.de> <20150426233138-12616-48971-mailpile@slinky> <87bni9ctz1.fsf@vigenere.g10code.de> Message-ID: <553FA84B.3090101@guardianproject.info> Werner Koch: > On Mon, 27 Apr 2015 01:31, bre at pagekite.net said: >> Thanks for the write-up, Werner! :-) > > Actually you have been much faster with your report > https://www.mailpile.is/blog/2015-04-20_OpenPGP_Email_Summit.html > >>> disappointed that many of the participants favored this closed >>> invitation-only style summit and want the next meeting to happen the > >> On the one hand, I suspect it would be very hard to maintain the >> excellent signal/noise ratio we had, in a completely open summit. On > > Maybe. We are used to work on mailing list and I would bet that in most > cases it is easier to ask too noisy participants to behave well during a > physical meeting than on mailing lists. The IETF has quite some > experience with that and requires physical meetings for important tasks. In my 20 years of experience attending and organizing all sorts of tech conferences, I find that open conferences tend to better than closed ones. But mostly, the open- or closedness is not the biggest factor in the signal to noise ratio. Instead, it is the level of organization. The best conferences I've been to have been completely open and mostly self-organized (aka Barcamp aka Unconference). But that requires a specific audience that is well practiced in self-organization. I have been to very good conferences that were semi-self-organized, i.e. barcamp-style with some well practiced moderators really guiding the whole process (for example, a "Gunner Event" run by Aspiration Tech). And as Werner says, it is much easier to tell people in person to reduce the noise than it is on all of the various open internet forums we operate on. I really think it is quite important that these summits are open to anyone who wants to attend. I have run a number of barcamps with small groups, so I'm happy to help moderate if I can attend. .hc -- PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587 374B BE81 https://pgp.mit.edu/pks/lookup?op=vindex&search=0x9F0FE587374BBE81 From rjh at sixdemonbag.org Tue Apr 28 17:36:34 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Tue, 28 Apr 2015 11:36:34 -0400 Subject: Notes from the first OpenPGP Summit In-Reply-To: <87wq0wmgm7.fsf@alice.fifthhorseman.net> References: <87d22qn3m1.fsf@vigenere.g10code.de> <87mw1ss9p9.fsf@latte.josefsson.org> <87mw1sfit8.wl-neal@walfield.org> <553F987D.1020500@sixdemonbag.org> <87wq0wmgm7.fsf@alice.fifthhorseman.net> Message-ID: <553FA902.7030406@sixdemonbag.org> > Every environment is free to implement its own pinentry, and we've never > discouraged that (indeed, gnupg upstream ships several pinentry > variants). If a pinentry variant chooses to implement its own > passphrase cache, that is up to that pinentry variant, no? I'm not objecting to the idea of GKD providing its own pinentry: creating a gkd-pinentry sounds like a good idea. I'm objecting to what I read (and possibly misread) as placing GKD hooks into the *GnuPG-distributed* pinentry. I would suggest that in the future we talk about "pinentry" only for GnuPG's pinentry, and "foo-pinentry" to denote a pinentry provided by foo, so as to prevent future misunderstandings. :) -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3744 bytes Desc: S/MIME Cryptographic Signature URL: From wk at gnupg.org Tue Apr 28 17:38:53 2015 From: wk at gnupg.org (Werner Koch) Date: Tue, 28 Apr 2015 17:38:53 +0200 Subject: Notes from the first OpenPGP Summit In-Reply-To: <87lhhcfg97.wl-neal@walfield.org> (Neal H. Walfield's message of "Tue, 28 Apr 2015 17:02:12 +0200") References: <87d22qn3m1.fsf@vigenere.g10code.de> <87mw1ss9p9.fsf@latte.josefsson.org> <87mw1sfit8.wl-neal@walfield.org> <553F987D.1020500@sixdemonbag.org> <87lhhcfg97.wl-neal@walfield.org> Message-ID: <87iocg9saa.fsf@vigenere.g10code.de> On Tue, 28 Apr 2015 17:02, neal at walfield.org said: > I've added a checkbox to pinentry that asks: "Cache password with GKR" > and it is only shown if GKR is present. So it's opt-in. Good. While you are at it: Please also add a checkbox to not hide the passphrase in the entry field. Being able to see what one types is very convenient for long passphrases if you are anyway below a sheet while typing > I don't understand this "if". GKR is implementing (a subset of) gpg > agent's protocol. [ Actually it implements what Robert Bihlmeyer's Quintuple-Agent did in 1999. It completely bypasses the design of gpg-agent where the passphrase caching is just an add-on. ] > Also, the GPG Tools people (Mac OS) do something similar to GKR (but > less invasive) so the modifications to the gpg core will help them as Right, the OS X keychain seems to do the same what GKR does or vice versa. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Tue Apr 28 17:48:34 2015 From: wk at gnupg.org (Werner Koch) Date: Tue, 28 Apr 2015 17:48:34 +0200 Subject: Building libgpg-error for powerpc64-e5500-linux-gnu In-Reply-To: <1430224350161.98050@advaoptical.com> (Grzegorz Borowiak's message of "Tue, 28 Apr 2015 12:32:30 +0000") References: <1430224350161.98050@advaoptical.com> Message-ID: <878udc9ru5.fsf@vigenere.g10code.de> On Tue, 28 Apr 2015 14:32, GBorowiak at advaoptical.com said: > Can I somehow convince it to recognise powerpc64-e5500-linux-gnu as > powerpc64-unknown-linux-gnu? If both systems use the same ABI config.sub should have returned a canonicalized versions. If not we can use a new mechanism available in 1.19. You need to change the code, though: In src/mkheader.c find the function --8<---------------cut here---------------start------------->8--- static char * canon_host_triplet (const char *triplet) { struct { const char *name; const char *alias; } tbl[] = { {"i486-pc-linux-gnu", "i686-pc-linux-gnu" }, {"i586-pc-linux-gnu" }, { NULL } }; --8<---------------cut here---------------end--------------->8--- and add a line {"powerpc64-e5500-linux-gnu", "powerpc64-unknown-linux-gnu" }, before the {NULL} marker. But do that only if you are sure both use the same ABI. Let me know if this works and I'll add it for 1.20. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From GBorowiak at advaoptical.com Tue Apr 28 17:55:48 2015 From: GBorowiak at advaoptical.com (Grzegorz Borowiak) Date: Tue, 28 Apr 2015 15:55:48 +0000 Subject: Building libgpg-error for powerpc64-e5500-linux-gnu In-Reply-To: <878udc9ru5.fsf@vigenere.g10code.de> References: <1430224350161.98050@advaoptical.com>, <878udc9ru5.fsf@vigenere.g10code.de> Message-ID: <1430236548477.30490@advaoptical.com> Thank you for so quick answer. I will try how it works. I'm almost sure the ABI is the same, but I must check. And is there an architecture-independent and ABI-independent way of building libgpg-error? ________________________________________ From: Werner Koch Sent: 28 April 2015 17:48 To: Grzegorz Borowiak Cc: gnupg-users at gnupg.org Subject: Re: Building libgpg-error for powerpc64-e5500-linux-gnu On Tue, 28 Apr 2015 14:32, GBorowiak at advaoptical.com said: > Can I somehow convince it to recognise powerpc64-e5500-linux-gnu as > powerpc64-unknown-linux-gnu? If both systems use the same ABI config.sub should have returned a canonicalized versions. If not we can use a new mechanism available in 1.19. You need to change the code, though: In src/mkheader.c find the function --8<---------------cut here---------------start------------->8--- static char * canon_host_triplet (const char *triplet) { struct { const char *name; const char *alias; } tbl[] = { {"i486-pc-linux-gnu", "i686-pc-linux-gnu" }, {"i586-pc-linux-gnu" }, { NULL } }; --8<---------------cut here---------------end--------------->8--- and add a line {"powerpc64-e5500-linux-gnu", "powerpc64-unknown-linux-gnu" }, before the {NULL} marker. But do that only if you are sure both use the same ABI. Let me know if this works and I'll add it for 1.20. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From dkbryant at gmail.com Tue Apr 28 18:12:18 2015 From: dkbryant at gmail.com (Dan Bryant) Date: Tue, 28 Apr 2015 11:12:18 -0500 Subject: Generating GnuPG S/MINE key pair In-Reply-To: <87d22obtnr.fsf@vigenere.g10code.de> References: <87d22obtnr.fsf@vigenere.g10code.de> Message-ID: OK... I'm apparently suffering from a bad gpgsm setup. According to the 2011 post (https://lists.gnupg.org/pipermail/gnupg-devel/2011-March/025989.html) the following command, should just work: gpgsm --gen-key | gpgsm --import Not for me... I get gpgsm: problem looking for existing certificate: Invalid argument gpgsm: error storing certificate Moreover just trying to dump my keystore with "gpgsm -k" gives errors gpgsm: keydb_search failed: Invalid argument Here's a dump of my failed import attempt. ---- C:\Program Files (x86)\GNU\GnuPG>gpgsm --gen-key | gpgsm --import gpgsm (GnuPG) 2.1.3; Copyright (C) 2015 Free Software Foundation, This is free software: you are free to change and redistribute it There is NO WARRANTY, to the extent permitted by law. Please select what kind of key you want: (1) RSA (2) Existing key (3) Existing key from card Your selection? 1 What keysize do you want? (2048) Requested keysize is 2048 bits Possible actions for a RSA key: (1) sign, encrypt (2) sign (3) encrypt Your selection? 1 Enter the X.509 subject name: CN=test cert Enter email addresses (end with an empty line): > Enter DNS names (optional; end with an empty line): > Enter URIs (optional; end with an empty line): > Create self-signed certificate? (y/N) y These parameters are used: Key-Type: RSA Key-Length: 2048 Key-Usage: sign, encrypt Serial: random Name-DN: CN=test cert Proceed with creation? (y/N) y Now creating self-signed certificate. This may take a while ... gpgsm: about to sign the certificate for key: &77C68CE5AC362254D7 gpgsm: certificate created Ready. gpgsm: problem looking for existing certificate: Invalid argument gpgsm: error storing certificate gpgsm: total number processed: 1 gpgsm: not imported: 1 ---- From dkg at fifthhorseman.net Tue Apr 28 18:17:50 2015 From: dkg at fifthhorseman.net (Daniel Kahn Gillmor) Date: Tue, 28 Apr 2015 12:17:50 -0400 Subject: Notes from the first OpenPGP Summit In-Reply-To: <553FA902.7030406@sixdemonbag.org> References: <87d22qn3m1.fsf@vigenere.g10code.de> <87mw1ss9p9.fsf@latte.josefsson.org> <87mw1sfit8.wl-neal@walfield.org> <553F987D.1020500@sixdemonbag.org> <87wq0wmgm7.fsf@alice.fifthhorseman.net> <553FA902.7030406@sixdemonbag.org> Message-ID: <87h9s0mdld.fsf@alice.fifthhorseman.net> On Tue 2015-04-28 11:36:34 -0400, Robert J. Hansen wrote: > I'm not objecting to the idea of GKD providing its own pinentry: > creating a gkd-pinentry sounds like a good idea. OK, that's good! > I'm objecting to what I read (and possibly misread) as placing GKD hooks > into the *GnuPG-distributed* pinentry. > > I would suggest that in the future we talk about "pinentry" only for > GnuPG's pinentry, and "foo-pinentry" to denote a pinentry provided by > foo, so as to prevent future misunderstandings. :) Well, gnupg currently distributes four different pinentries: pinentry-gtk2 pinentry-qt4 pinentry-curses pinentry-tty :) I'm assuming that Neal is adding this hook to pinentry-gtk2, and not to the others, but i haven't checked. BTW: thanks, Neal! --dkg From rjh at sixdemonbag.org Tue Apr 28 18:42:48 2015 From: rjh at sixdemonbag.org (Robert J. Hansen) Date: Tue, 28 Apr 2015 12:42:48 -0400 Subject: Notes from the first OpenPGP Summit In-Reply-To: <87h9s0mdld.fsf@alice.fifthhorseman.net> References: <87d22qn3m1.fsf@vigenere.g10code.de> <87mw1ss9p9.fsf@latte.josefsson.org> <87mw1sfit8.wl-neal@walfield.org> <553F987D.1020500@sixdemonbag.org> <87wq0wmgm7.fsf@alice.fifthhorseman.net> <553FA902.7030406@sixdemonbag.org> <87h9s0mdld.fsf@alice.fifthhorseman.net> Message-ID: <553FB888.3050008@sixdemonbag.org> > Well, gnupg currently distributes four different pinentries: Point. I still think if GKD wants to hook into a pinentry, they need to distribute their own pinentry instead of modifying one that GnuPG maintains. Given pinentry-gtk2 is FOSS, it shouldn't be too hard for them to fork it, make their changes, and distribute it. I just don't want to see GNOME 3-specific code in a pinentry for GTK+2, as that seems pretty far out of scope. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3744 bytes Desc: S/MIME Cryptographic Signature URL: From wk at gnupg.org Tue Apr 28 18:54:50 2015 From: wk at gnupg.org (Werner Koch) Date: Tue, 28 Apr 2015 18:54:50 +0200 Subject: Notes from the first OpenPGP Summit In-Reply-To: <87h9s0mdld.fsf@alice.fifthhorseman.net> (Daniel Kahn Gillmor's message of "Tue, 28 Apr 2015 12:17:50 -0400") References: <87d22qn3m1.fsf@vigenere.g10code.de> <87mw1ss9p9.fsf@latte.josefsson.org> <87mw1sfit8.wl-neal@walfield.org> <553F987D.1020500@sixdemonbag.org> <87wq0wmgm7.fsf@alice.fifthhorseman.net> <553FA902.7030406@sixdemonbag.org> <87h9s0mdld.fsf@alice.fifthhorseman.net> Message-ID: <87sibk8a79.fsf@vigenere.g10code.de> On Tue, 28 Apr 2015 18:17, dkg at fifthhorseman.net said: > :) I'm assuming that Neal is adding this hook to pinentry-gtk2, and not > to the others, but i haven't checked. Yes, with a configure option so the user/distro can decide. I do not want that for my gtk version. Originally I leaned against the idea of writing such a pinentry and hoped that the GONE folks will do that. But that was no way forward and thus we have to bite the bullet and implement it for them. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From wk at gnupg.org Tue Apr 28 18:58:36 2015 From: wk at gnupg.org (Werner Koch) Date: Tue, 28 Apr 2015 18:58:36 +0200 Subject: Building libgpg-error for powerpc64-e5500-linux-gnu In-Reply-To: <1430236548477.30490@advaoptical.com> (Grzegorz Borowiak's message of "Tue, 28 Apr 2015 15:55:48 +0000") References: <1430224350161.98050@advaoptical.com> <878udc9ru5.fsf@vigenere.g10code.de> <1430236548477.30490@advaoptical.com> Message-ID: <87oam88a0z.fsf@vigenere.g10code.de> On Tue, 28 Apr 2015 17:55, GBorowiak at advaoptical.com said: > And is there an architecture-independent and ABI-independent way of building libgpg-error? No. I know that this change in libgpg-error is annoying but I decided for it so to decouple libgpg-error's API from pthreads. By not using pthread mutexes directly using libgpg-error will be much easier. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From mercuryrising11 at gmail.com Tue Apr 28 18:44:08 2015 From: mercuryrising11 at gmail.com (Mercury Rising) Date: Tue, 28 Apr 2015 09:44:08 -0700 Subject: Help GnuPG install Message-ID: I had Gpg keys only on my Mac w/some old keys in the file. I downloaded the latest version OS GPG Tools. I have the Mavericks Flavor of OS X and I noticed too late it was for Mac Yosemity. Nothing works now. I did off load all the keys into a text file. So what works with Maverics that I can use? I need something easy to use as far as a front end for key management and encrypting and decrypting Gpg and PGP messages. Can GPG/GnuPG encrypt to PGP RSA public Keys? Elwin > -------------- next part -------------- An HTML attachment was scrubbed... URL: From neal at walfield.org Tue Apr 28 21:20:34 2015 From: neal at walfield.org (Neal H. Walfield) Date: Tue, 28 Apr 2015 21:20:34 +0200 Subject: Notes from the first OpenPGP Summit In-Reply-To: <87iocg9saa.fsf@vigenere.g10code.de> References: <87d22qn3m1.fsf@vigenere.g10code.de> <87mw1ss9p9.fsf@latte.josefsson.org> <87mw1sfit8.wl-neal@walfield.org> <553F987D.1020500@sixdemonbag.org> <87lhhcfg97.wl-neal@walfield.org> <87iocg9saa.fsf@vigenere.g10code.de> Message-ID: <87iocgf4al.wl-neal@walfield.org> At Tue, 28 Apr 2015 17:38:53 +0200, Werner Koch wrote: > On Tue, 28 Apr 2015 17:02, neal at walfield.org said: > > > I've added a checkbox to pinentry that asks: "Cache password with GKR" > > and it is only shown if GKR is present. So it's opt-in. > > Good. While you are at it: Please also add a checkbox to not hide the > passphrase in the entry field. Being able to see what one types is very > convenient for long passphrases if you are anyway below a sheet while > typing I can do this. But, I'll do it as a separate patch. Neal From mercuryrising11 at gmail.com Wed Apr 29 05:14:12 2015 From: mercuryrising11 at gmail.com (Mercury Rising) Date: Tue, 28 Apr 2015 20:14:12 -0700 Subject: Help GnuPG install In-Reply-To: References: Message-ID: What is the Best set up of GnuPG on Mac OS X Mavericks ? On Tue, Apr 28, 2015 at 9:44 AM, Mercury Rising wrote: > I had Gpg keys only on my Mac w/some old keys in the file. I downloaded > the latest version OS GPG Tools. I have the Mavericks Flavor of OS X and I > noticed too late it was for Mac Yosemity. Nothing works now. I did off load > all the keys into a text file. So what works with Maverics that I can use? > I need something easy to use as far as a front end for key management and > encrypting and decrypting Gpg and PGP messages. Can GPG/GnuPG encrypt to > PGP RSA public > Keys? > > Elwin > > > > > > > >> -------------- next part -------------- An HTML attachment was scrubbed... URL: From dfalko at digiflak.com Wed Apr 29 10:06:02 2015 From: dfalko at digiflak.com (Dmitry Falko) Date: Wed, 29 Apr 2015 11:06:02 +0300 Subject: Ability to send certificates to public(or private) server Message-ID: <554090EA.10809@digiflak.com> Hello! In GPG we can send or retrieve keys from a public server. GPGSM have commands send-keys and recv-keys, but their not implemented. Do you plan to add this functionality? -- Best Regards! From wk at gnupg.org Wed Apr 29 11:15:09 2015 From: wk at gnupg.org (Werner Koch) Date: Wed, 29 Apr 2015 11:15:09 +0200 Subject: Ability to send certificates to public(or private) server In-Reply-To: <554090EA.10809@digiflak.com> (Dmitry Falko's message of "Wed, 29 Apr 2015 11:06:02 +0300") References: <554090EA.10809@digiflak.com> Message-ID: <87fv7j70te.fsf@vigenere.g10code.de> On Wed, 29 Apr 2015 10:06, dfalko at digiflak.com said: > In GPG we can send or retrieve keys from a public server. GPGSM have > commands send-keys and recv-keys, but their not implemented. Current gpgsm does not have these commands at all. > Do you plan to add this functionality? No, there are no public X.509 servers. You need to configure LDAP servers in dirmngr and use gpgsm --search-external-keys. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From dfalko at digiflak.com Wed Apr 29 11:56:24 2015 From: dfalko at digiflak.com (Dmitry Falko) Date: Wed, 29 Apr 2015 12:56:24 +0300 Subject: Ability to send certificates to public(or private) server In-Reply-To: <87fv7j70te.fsf@vigenere.g10code.de> References: <554090EA.10809@digiflak.com> <87fv7j70te.fsf@vigenere.g10code.de> Message-ID: <5540AAC8.6020707@digiflak.com> Thanks for the reply. > Current gpgsm does not have these commands at all. I check the 2.0.26, in master branch this commands are commented. > No, there are no public X.509 servers. You need to configure LDAP > servers in dirmngr and use gpgsm --search-external-keys. > In truth, I am interested in private certificate server, to auto-retreive certificates from this server and work with gpgsm. I can't find any information about this command in master branch, could you point me where to look. I found list_external_keys and dump_external_keys. -- Best Regards From wk at gnupg.org Wed Apr 29 14:53:17 2015 From: wk at gnupg.org (Werner Koch) Date: Wed, 29 Apr 2015 14:53:17 +0200 Subject: Ability to send certificates to public(or private) server In-Reply-To: <5540AAC8.6020707@digiflak.com> (Dmitry Falko's message of "Wed, 29 Apr 2015 12:56:24 +0300") References: <554090EA.10809@digiflak.com> <87fv7j70te.fsf@vigenere.g10code.de> <5540AAC8.6020707@digiflak.com> Message-ID: <87618f6qpu.fsf@vigenere.g10code.de> On Wed, 29 Apr 2015 11:56, dfalko at digiflak.com said: > I can't find any information about this command in master branch, > could you point me where to look. I found list_external_keys and Right, it is --list-external-keys. --list-external-keys pattern List certificates matching pattern using an external server. This utilizes the dirmngr service. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From dfalko at digiflak.com Wed Apr 29 17:06:26 2015 From: dfalko at digiflak.com (Dmitry Falko) Date: Wed, 29 Apr 2015 18:06:26 +0300 Subject: Ability to send certificates to public(or private) server In-Reply-To: <87618f6qpu.fsf@vigenere.g10code.de> References: <554090EA.10809@digiflak.com> <87fv7j70te.fsf@vigenere.g10code.de> <5540AAC8.6020707@digiflak.com> <87618f6qpu.fsf@vigenere.g10code.de> Message-ID: <5540F372.8080208@digiflak.com> Ok list-external-keys return information about cert, but how can i receive(download) this cert to use it with gpgsm? 29.04.2015 15:53, Werner Koch ?????: > On Wed, 29 Apr 2015 11:56, dfalko at digiflak.com said: > >> I can't find any information about this command in master branch, >> could you point me where to look. I found list_external_keys and > Right, it is --list-external-keys. > > --list-external-keys pattern > > List certificates matching pattern using an external server. > This utilizes the dirmngr service. > > > Salam-Shalom, > > Werner > -- C ?????????, ???????! From wk at gnupg.org Thu Apr 30 09:15:54 2015 From: wk at gnupg.org (Werner Koch) Date: Thu, 30 Apr 2015 09:15:54 +0200 Subject: Ability to send certificates to public(or private) server In-Reply-To: <5540F372.8080208@digiflak.com> (Dmitry Falko's message of "Wed, 29 Apr 2015 18:06:26 +0300") References: <554090EA.10809@digiflak.com> <87fv7j70te.fsf@vigenere.g10code.de> <5540AAC8.6020707@digiflak.com> <87618f6qpu.fsf@vigenere.g10code.de> <5540F372.8080208@digiflak.com> Message-ID: <87ioce5bo5.fsf@vigenere.g10code.de> On Wed, 29 Apr 2015 17:06, dfalko at digiflak.com said: > Ok list-external-keys return information about cert, but how can i > receive(download) this cert to use it with gpgsm? They are already downloaded ;-). You can export and import them to make the visible but you may also use them direct. The Assuan interface for import as an extra option to make this for efficient. To include those keys in a listing you use the option --with-ephemeral-keys. Note that those keys are removed after 3 hours. One of the reasons for this way of importing keys is a requirement from data protection laws which require that a search must not reqyurn too many items. The other is that sometime keys need to be downloaded implicity to verify other keys. gpgsm requires that all keys are in its key storage. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From dfalko at digiflak.com Thu Apr 30 13:21:28 2015 From: dfalko at digiflak.com (Dmitry Falko) Date: Thu, 30 Apr 2015 14:21:28 +0300 Subject: Ability to send certificates to public(or private) server In-Reply-To: <87ioce5bo5.fsf@vigenere.g10code.de> References: <554090EA.10809@digiflak.com> <87fv7j70te.fsf@vigenere.g10code.de> <5540AAC8.6020707@digiflak.com> <87618f6qpu.fsf@vigenere.g10code.de> <5540F372.8080208@digiflak.com> <87ioce5bo5.fsf@vigenere.g10code.de> Message-ID: <55421038.5040902@digiflak.com> Thank you for your help, I appreciate it very much! > You can export and import them to make the visible but you may also use them direct. The Assuan interface for > import as an extra option to make this for efficient. > > I try to use it direct, but can't. gpgsm says: "no public key", but if I import key direct from file it works fine. It is because external key is ephemeral? -- Best Regards! From wk at gnupg.org Thu Apr 30 15:11:34 2015 From: wk at gnupg.org (Werner Koch) Date: Thu, 30 Apr 2015 15:11:34 +0200 Subject: Ability to send certificates to public(or private) server In-Reply-To: <55421038.5040902@digiflak.com> (Dmitry Falko's message of "Thu, 30 Apr 2015 14:21:28 +0300") References: <554090EA.10809@digiflak.com> <87fv7j70te.fsf@vigenere.g10code.de> <5540AAC8.6020707@digiflak.com> <87618f6qpu.fsf@vigenere.g10code.de> <5540F372.8080208@digiflak.com> <87ioce5bo5.fsf@vigenere.g10code.de> <55421038.5040902@digiflak.com> Message-ID: <87twvx4v7d.fsf@vigenere.g10code.de> On Thu, 30 Apr 2015 13:21, dfalko at digiflak.com said: > I try to use it direct, but can't. gpgsm says: "no public key", but if > I import key direct from file it works fine. It is because external > key is ephemeral? Yeah, is is a bit weird. We developed this along with Kleopatra and GPA and thus some parts of the command line interface is not very good. Kleopatra and GPA make use of the Assuan interface via GPGME. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. From dfalko at digiflak.com Thu Apr 30 16:58:23 2015 From: dfalko at digiflak.com (Dmitry Falko) Date: Thu, 30 Apr 2015 17:58:23 +0300 Subject: Ability to send certificates to public(or private) server In-Reply-To: <87twvx4v7d.fsf@vigenere.g10code.de> References: <554090EA.10809@digiflak.com> <87fv7j70te.fsf@vigenere.g10code.de> <5540AAC8.6020707@digiflak.com> <87618f6qpu.fsf@vigenere.g10code.de> <5540F372.8080208@digiflak.com> <87ioce5bo5.fsf@vigenere.g10code.de> <55421038.5040902@digiflak.com> <87twvx4v7d.fsf@vigenere.g10code.de> Message-ID: <5542430F.40706@digiflak.com> > On Thu, 30 Apr 2015 13:21, dfalko at digiflak.com said: > >> I try to use it direct, but can't. gpgsm says: "no public key", but if >> I import key direct from file it works fine. It is because external >> key is ephemeral? > Yeah, is is a bit weird. We developed this along with Kleopatra and GPA > and thus some parts of the command line interface is not very good. > Kleopatra and GPA make use of the Assuan interface via GPGME. > > I tested, cert must be not ephemeral in that case it works perfectly! -- Best Regards! From matt at monaco.cx Thu Apr 30 23:49:28 2015 From: matt at monaco.cx (Matthew Monaco) Date: Thu, 30 Apr 2015 15:49:28 -0600 Subject: Multiple Smartcards - Signing Message-ID: <5542A368.1030104@monaco.cx> gHello, I've been happily using a yubikey neo for a while now, but I'm starting to have two problems with it: 1) I mostly use a desktop, but when I'm on my laptop it comes loose too easily 2) On either desktop or laptop, my now ever-curious 1-year-old can easily grab it. In fact, it's one of his favorite targets. So I bought a neo-n that slips completely into the USB port. I'd like to leave the -n in my desktop and carry the regular one around with me. I'd also like to start experimenting with the NFC interface for signing from k-9 on android. [A] I have a separate auth key for SSH on each smartcard. In fact, I don't even pair these with my OpenPGP master as I don't see an advantage at this time for doing so [E] This I rarely use, but I have the same key on each card because I took a backup before keytocard. (Otherwise, I lose data if I lose the key). [S] This is the sore point. Do I try to keep the same key on both cards? The shadow copy in private-keys-v1.d is tied to a specific card, but it seems easy to update, in fact I think it updates itself. I'd have to generate a new key though because I never took a backup of my signing key as the public portion would always be available for verification in the future. [2] Alternatively, and my preference, I'd like to have separate signing keys for each card. The problem is then I need to start mucking with -u !. My home directory is rsync'd across all my computers and I'd rather not add an exception for .gnupg/gpg.conf because there are other settings in there that I want to replicate. Also -u ! is even more of a pain with Enigmail, where most of my signing takes place. Why isn't gpg smarter about selecting only from the /available/ keys at the time of signing? BTW, I'm using 2.1.3 Thought, comments? Thanks! Matt -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: OpenPGP digital signature URL: