From 6a42eb5f3809d5eb3767667c190b395d028886e7 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Tue, 12 Dec 2017 12:46:00 +0100 Subject: [PATCH] Release 1.10.0. Signed-off-by: Werner Koch --- AUTHORS | 4 ++-- NEWS | 26 +++++++++++++++++++++++++- README | 39 ++++++++++++++------------------------- configure.ac | 12 ++++++------ 4 files changed, 47 insertions(+), 34 deletions(-) diff --git a/AUTHORS b/AUTHORS index cdc93a8d..6d2ce673 100644 --- a/AUTHORS +++ b/AUTHORS @@ -1,9 +1,9 @@ Package: gpgme Homepage: https://gnupg.org/related_software/gpgme/ -Download: ftp://ftp.gnupg.org/gcrypt/gpgme/ +Download: https://gnupg.org/ftp/gcrypt/gpgme/ Repository: git://git.gnupg.org/gpgme.git Maintainer: Werner Koch -Bug reports: https://bugs.gnupg.org (use category "gpgme") +Bug reports: https://bugs.gnupg.org Security related bug reports: security@gnupg.org License (software): LGPLv2.1+ License (manual+tools): GPLv3+ diff --git a/NEWS b/NEWS index fd26ad22..879d1af7 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,28 @@ -Noteworthy changes in version 1.10.0 (unreleased) +Noteworthy changes in version 1.10.0 (2017-12-12) ------------------------------------------------- + * Now returns more specific error codes for decryption to distinguish + between bad passphrase, user canceled, and no secret key. + + * Now returns key origin information if available. + + * Added context flag "auto-key-retrieve" to selectively enable the + corresponding gpg option. + + * Added flag is_de_vs to decryption and verify results. + + * py: Use SEEK_SET as default for data.seek. + + * cpp: Various new APIs. + + * Reduced spawn overhead on Linux again. Added new configure option + --disable-linux-getdents to disable this feature for very old + Linux versions. + + * Improved the Python bindings build system. + + * Made the test suite less fragile. + * Interface changes relative to the 1.9.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gpgme_decrypt_result_t EXTENDED: New field 'is_de_vs'. @@ -24,6 +46,8 @@ Noteworthy changes in version 1.10.0 (unreleased) py: Signature EXTENDED: New boolean field 'is_de_vs'. py: GpgError EXTENDED: Partial results in 'results'. + [c=C30/A19/R0 cpp=C11/A5/R0 qt=C10/A3/R0] + Noteworthy changes in version 1.9.0 (2017-03-28) ------------------------------------------------ diff --git a/README b/README index 214ea875..f7b006f1 100644 --- a/README +++ b/README @@ -22,10 +22,10 @@ to public key crypto engines like GnuPG or GpgSM easier for applications. GPGME provides a high-level crypto API for encryption, decryption, signing, signature verification and key management. -GPGME comes with language bindings for Common Lisp, C++, QT, Python2 +GPGME comes with language bindings for Common Lisp, C++, QT, Python2, and Python 3. -GPGME uses GnuPG and GpgSM as its backends to support OpenPGP and the +GPGME uses GnuPG as its backend to support OpenPGP and the Cryptographic Message Syntax (CMS). See the files COPYING, COPYING.LESSER, and each file for copyright and @@ -41,16 +41,14 @@ See the file INSTALL for generic installation instructions. Check that you have unmodified sources. See below on how to do this. Don't skip it - this is an important step! -To build GPGME, you need to install libgpg-error (>= 1.11) and -Libassuan (>= 2.0.2). +To build GPGME, you need to install libgpg-error (>= 1.24) and +Libassuan (>= 2.4.2). -For support of the OpenPGP protocol (default), you should use the -latest version of GnuPG (>= 1.4) , available at: -ftp://ftp.gnupg.org/gcrypt/gnupg/. For support of the CMS -(Cryptographic Message Syntax) protocol and lot of other features, you -need a GnuPG version >= 2.0. +For support of the OpenPGP and the CMS protocols, you should use the +latest version of GnuPG (>= 2.1.18) , available at: +https://gnupg.org/ftp/gcrypt/gnupg/. -For building the GIT version of GPGME please see the file README.GIT +For building the Git version of GPGME please see the file README.GIT for more information. @@ -68,34 +66,25 @@ a) If you have a trusted Version of GnuPG installed, you can simply check This checks that the detached signature gpgme-x.y.z.tar.gz.sig is indeed a a signature of gpgme-x.y.z.tar.gz. The key used to create - this signature is either of: + this signature is at least one of: - rsa2048/4F25E3B6 2011-01-12 [expires: 2019-12-31] + rsa2048 2011-01-12 [expires: 2019-12-31] Key fingerprint = D869 2123 C406 5DEA 5E0F 3AB5 249B 39D2 4F25 E3B6 Werner Koch (dist sig) - rsa2048/E0856959 2014-10-29 [expires: 2019-12-31] + rsa2048 2014-10-29 [expires: 2019-12-31] Key fingerprint = 46CC 7308 65BB 5C78 EBAB ADCF 0437 6F3E E085 6959 David Shaw (GnuPG Release Signing Key) - rsa2048/33BD3F06 2014-10-29 [expires: 2016-10-28] + rsa2048 2014-10-29 [expires: 2020-10-30] Key fingerprint = 031E C253 6E58 0D8E A286 A9F2 2071 B08A 33BD 3F06 NIIBE Yutaka (GnuPG Release Key) - rsa2048/7EFD60D9 2014-10-19 [expires: 2020-12-31] - Key fingerprint = D238 EA65 D64C 67ED 4C30 73F2 8A86 1B1C 7EFD 60D9 - Werner Koch (Release Signing Key) - - rsa3072/4B092E28 2017-03-17 [expires: 2027-03-15] + rsa3072 2017-03-17 [expires: 2027-03-15] Key fingerprint = 5B80 C575 4298 F0CB 55D8 ED6A BCEF 7E29 4B09 2E28 Andre Heinecke (Release Signing Key) - You may retrieve these files from the keyservers using this command - - gpg --recv-keys 249B39D24F25E3B6 04376F3EE0856959 \ - 2071B08A33BD3F06 8A861B1C7EFD60D9 BCEF7E294B092E28 - - The keys are also available at https://gnupg.org/signature_key.html + The keys are available at and in released GnuPG tarballs in the file g10/distsigkey.gpg . You have to make sure that these are really the desired keys and not faked one. You should do this by comparing the fingerprints diff --git a/configure.ac b/configure.ac index bca7bbf2..6ea4bcd1 100644 --- a/configure.ac +++ b/configure.ac @@ -55,19 +55,19 @@ AC_INIT([gpgme],[mym4_full_version],[http://bugs.gnupg.org]) # (Interfaces added: AGE++) # (Interfaces removed/changed: AGE=0) # -LIBGPGME_LT_CURRENT=29 -LIBGPGME_LT_AGE=18 +LIBGPGME_LT_CURRENT=30 +LIBGPGME_LT_AGE=19 LIBGPGME_LT_REVISION=0 # If there is an ABI break in gpgmepp or qgpgme also bump the # version in IMPORTED_LOCATION in the GpgmeppConfig-w32.cmake.in.in -LIBGPGMEPP_LT_CURRENT=10 -LIBGPGMEPP_LT_AGE=4 +LIBGPGMEPP_LT_CURRENT=11 +LIBGPGMEPP_LT_AGE=5 LIBGPGMEPP_LT_REVISION=0 -LIBQGPGME_LT_CURRENT=9 -LIBQGPGME_LT_AGE=2 +LIBQGPGME_LT_CURRENT=10 +LIBQGPGME_LT_AGE=3 LIBQGPGME_LT_REVISION=0 # If the API is changed in an incompatible way: increment the next counter.