Remove the obsolete keyserver directory from the repo.

--

We also merge dirmngr/ChangeLog.1 into dirmngr/ChangeLog-2011
and rename keyserver/ChangeLog-2011 to dirmngr/ChangeLog-2011-ks.

4 files changed, 2170 insertions, 808 deletions

diff --git a/dirmngr/ChangeLog-2011 b/dirmngr/ChangeLog-2011
index 84cf55288..a793a33fc 100644
--- a/dirmngr/ChangeLog-2011
+++ b/dirmngr/ChangeLog-2011
@@ -1583,8 +1583,813 @@
 
 	Please note that earlier entries are found in the top level
 	ChangeLog.
-	[Update after merge with GnuPG: see ./ChangeLog.1]
+	[Update after merge with GnuPG: These old ChangeLog entries are
+	found below up to ==END OLDEST CHANGELOG==]
 
+==BEGIN OLDEST CHANGELOG==
+
+2004-10-04  Werner Koch  <[email protected]>
+
+	* src/dirmngr.c: Changed an help entry description.
+
+2004-09-30  Werner Koch  <[email protected]>
+
+	* src/dirmngr.c (i18n_init): Always use LC_ALL.
+
+2004-09-28  Werner Koch  <[email protected]>
+
+	Released 0.5.6.
+
+	* config.guess, config.sub: Updated.
+
+2004-06-21  Werner Koch  <[email protected]>
+
+	* src/crlfetch.c (crl_fetch): Bad hack to use the right attribute.
+
+2004-05-13  Werner Koch  <[email protected]>
+
+        Released 0.5.5.
+
+	* src/ldap.c (start_cert_fetch_ldap, start_cert_fetch_ldap): More
+	detailed error messages.
+
+	* src/crlcache.c (update_dir): Handle i-records properly.
+
+2004-04-29  Werner Koch  <[email protected]>
+
+	Released 0.5.4.
+
+	* src/crlcache.h (crl_cache_result_t): Add CRL_CACHE_CANTUSE.
+	* src/server.c (cmd_isvalid): Handle it here.
+	* src/crlcache.c (crl_cache_isvalid): Issue this code if the CRL
+	cant be used.
+	(open_dir): Parse new fields 8,9 and 10 as well as the invalid flag.
+	(write_dir_line_crl): Write new fields.
+	(get_crl_number, get_auth_key_id): New.
+	(crl_cache_insert): Fill new fields.  Mark the entry invalid if
+	the CRL is too old after an update or an unknown critical
+	extension was seen.
+	(list_one_crl_entry): Print the new fields.
+
+2004-04-28  Werner Koch  <[email protected]>
+
+	* configure.ac: Requires libksba 0.9.6.
+
+	* src/dirmngr.c: New option --ocsp-signer.
+	* src/dirmngr.h (opt): Renamed member OCSP_REPONDERS to
+	OCSP_RESPONDER and made ist a simple string. Add OCSP_SIGNER.
+	* src/ocsp.c (ocsp_isvalid): Changed it accordingly.
+	(ocsp_isvalid): Pass the ocsp_signer to check_signature.
+	(check_signature): New arg SIGNER_FPR.  Use it to retrieve the
+	certificate. Factored out common code to ..
+	(check_signature_core): .. New.
+
+2004-04-27  Werner Koch  <[email protected]>
+
+	* src/server.c (start_command_handler): Keep track of the first
+	connection.
+	(dirmngr_tick): New.
+	* src/ldap.c (attr_fetch_fun_reader): Call it from time to time.
+
+2004-04-23  Werner Koch  <[email protected]>
+
+	* src/dirmngr.c (main): Removed the add-servers option from the
+	gpgconf list.  It is not really useful.
+
+2004-04-02  Thomas Schwinge  <[email protected]>
+
+	* autogen.sh: Added ACLOCAL_FLAGS.
+
+2004-04-13  Werner Koch  <[email protected]>
+
+	* src/crlcache.c (update_dir): Do not double close FPOUT.
+
+2004-04-09  Werner Koch  <[email protected]>
+
+	* src/cdblib.c (cdb_make_start): Wipeout the entire buffer to
+	shutup valgrind.
+	(ewrite): Fixed writing bad data on EINTR.
+
+	* src/ldap.c (get_attr_from_result_ldap): Fixed bad copy and
+	terminate of a string.
+
+	* src/crlfetch.c (crl_fetch): Fixed freeing of VALUE on error.
+
+2004-04-07  Werner Koch  <[email protected]>
+
+	* src/dirmngr.h (server_control_s): Add member force_crl_refresh.
+	* src/server.c (option_handler): New.
+	(start_command_handler): Register option handler
+	* src/crlcache.c (crl_cache_isvalid): Add arg FORCE_REFRESH.
+	(crl_cache_insert): Record last refresh in memory.
+
+	* src/server.c (inquire_cert_and_load_crl): Renamed from
+	inquire_cert.
+
+2004-04-06  Werner Koch  <[email protected]>
+
+	Released 0.5.3
+
+	* doc/dirmngr.texi: Updated.
+	* doc/texinfo.tex: Updated.
+
+2004-04-05  Werner Koch  <[email protected]>
+
+	* src/ocsp.c (ocsp_isvalid): Check THIS_UPDATE.
+
+	* src/misc.c (add_isotime): New.
+	(date2jd, jd2date, days_per_month, days_per_year): New. Taken from
+	my ancient (1988) code used in Wedit (time2.c).
+
+2004-04-02  Werner Koch  <[email protected]>
+
+	* autogen.sh: Check gettext version.
+	* configure.ac: Add AM_GNU_GETTEXT.
+
+2004-04-02  gettextize  <[email protected]>
+
+	* Makefile.am (SUBDIRS): Add intl.
+	(EXTRA_DIST): Add config.rpath.
+	* configure.ac (AC_CONFIG_FILES): Add intl/Makefile,
+
+2004-04-02  Werner Koch  <[email protected]>
+
+	Add i18n at most places.
+
+	* src/dirmngr.c (i18n_init): New.
+	(main): Call it.
+	* src/dirmngr.h: Add i18n stuff.
+
+2004-04-01  Werner Koch  <[email protected]>
+
+	* src/misc.c (get_fingerprint_hexstring): New.
+
+	* src/server.c (dirmngr_status): New.
+
+2004-03-26  Werner Koch  <[email protected]>
+
+	* configure.ac: Add AC_SYS_LARGEFILE.
+
+	* doc/dirmngr.texi: Changed the license to the GPL as per message
+	by Mathhias Kalle Dalheimer of Klaralvdalens-Datakonsult dated
+	Jan 7, 2004.
+	* doc/fdl.texi: Removed.
+
+2004-03-25  Werner Koch  <[email protected]>
+
+	* src/dirmngr.c (main): New command --fetch-crl.
+
+2004-03-23  Werner Koch  <[email protected]>
+
+	* src/dirmngr.c: New option --allow-ocsp.
+	* src/server.c (cmd_isvalid): Make use of allow_ocsp.
+
+2004-03-17  Werner Koch  <[email protected]>
+
+	* src/dirmngr.c (main) <gpgconf>: Fixed default value quoting.
+
+2004-03-16  Werner Koch  <[email protected]>
+
+	* src/dirmngr.c (main): Add ocsp-responder to the gpgconf list.
+	Add option --debug-level.
+	(set_debug): New.
+
+2004-03-15  Werner Koch  <[email protected]>
+
+	* src/misc.c (canon_sexp_to_grcy): New.
+
+2004-03-12  Werner Koch  <[email protected]>
+
+	* src/crlfetch.c (crl_fetch): Hack to substitute http for https.
+
+2004-03-10  Werner Koch  <[email protected]>
+
+	* src/dirmngr.c (parse_ldapserver_file): Don't skip the entire
+	file on errors.
+
+2004-03-09  Werner Koch  <[email protected]>
+
+	* src/dirmngr.c (my_ksba_hash_buffer): New.
+	(main): Initialize the internal libksba hashing.
+
+	* src/server.c (get_issuer_cert_local): Renamed to ...
+	(get_cert_local): ... this.  Changed all callers.  Allow NULL for
+	ISSUER to return the current target cert.
+	(get_issuing_cert_local): New.
+	(do_get_cert_local): Moved common code to here.
+
+2004-03-06  Werner Koch  <[email protected]>
+
+	Released 0.5.2.
+
+	* configure.ac: Fixed last change to check the API version of
+	libgcrypt.
+
+2004-03-05  Werner Koch  <[email protected]>
+
+	* configure.ac: Also check the SONAME of libgcrypt.
+
+2004-03-03  Werner Koch  <[email protected]>
+
+	* src/dirmngr.c: New option --ocsp-responder.
+	* src/dirmngr.h (opt): Add member OCSP_RESPONDERS.
+
+2004-02-26  Steffen Hansen  <[email protected]>
+
+	* src/server.c (start_command_handler): Corrected typo and made
+	dirmngr output it's version in the greeting message.
+
+2004-02-24  Marcus Brinkmann  <[email protected]>
+
+	* src/dirmngr.c (DEFAULT_ADD_SERVERS): Removed.  If this were
+	true, there'd be no way to disable it.
+	(main): Dump options in new gpgconf format.
+
+2004-02-11  Werner Koch  <[email protected]>
+
+	* autogen.sh (check_version): Removed bashism and simplified.
+
+2004-02-06  Moritz Schulte  <[email protected]>
+
+	* src/crlfetch.c (crl_fetch_default): Do not dereference VALUE,
+	when checking for non-zero.
+
+2004-02-01  Marcus Brinkmann  <[email protected]>
+
+	* src/dirmngr.c (DEFAULT_ADD_SERVERS, DEFAULT_MAX_REPLIES)
+	(DEFAULT_LDAP_TIMEOUT): New macros.
+	(main): Use them.
+	(enum cmd_and_opt_values): New command aGPGConfList.
+	(main): Add handler here.
+
+2004-01-17  Werner Koch  <[email protected]>
+
+	* configure.ac: Added AC_CHECK_FUNCS tests again, because the
+	other test occurrences belong to the jnlib tests block.
+
+2004-01-15  Moritz Schulte  <[email protected]>
+
+	* configure.ac: Fixed funopen replacement mechanism; removed
+	unnecessary AC_CHECK_FUNCS calls.
+
+2004-01-14  Werner Koch  <[email protected]>
+
+	* src/crlcache.c (list_one_crl_entry): Don't use putchar.
+
+	* src/server.c (cmd_listcrls): New.
+
+2003-12-23  Werner Koch  <[email protected]>
+
+	Released 0.5.1.
+
+2003-12-17  Werner Koch  <[email protected]>
+
+	* configure.ac (CFLAGS): Add -Wformat-noliteral in gcc +
+	maintainer mode.
+	(NEED_LIBASSUAN_VERSION): Bump up to 0.6.2.
+
+2003-12-16  Werner Koch  <[email protected]>
+
+	* configure.ac: Update the tests for jnlib.
+	* src/dirmngr.c (main): Ignore SIGPIPE in server mode.
+
+2003-12-12  Werner Koch  <[email protected]>
+
+	* src/crlcache.c (hash_dbfile): Also hash version info of the
+	cache file format.
+
+	* src/Makefile.am (dirmngr_SOURCES): Add http.h.
+
+	* configure.ac: Removed checking for DB2. Add checking for mmap.
+	* src/cdb.h, src/cdblib.h: New.  Add a few comments from the
+	original man page and fixed typos.
+	* src/cdblib.c (cdb_findinit, cdb_findnext): Modified to allow
+	walking over all entries.
+	* src/crlcache.h: Removed DB2/4 cruft.
+	(release_one_cache_entry, lock_db_file, crl_parse_insert)
+	(crl_cache_insert, crl_cache_isvalid, list_one_crl_entry): Use the
+	new CDB interface.
+
+	* src/dirmngr.c: Beautified the help messages.
+	(wrong_args): New.
+	(main): new option --force.  Revamped the command handling code.
+	Allow to pass multiple CRLS as well as stdin to --local-crl.
+	* src/crlcache.c (crl_cache_insert): Make --force work.
+
+2003-12-11  Werner Koch  <[email protected]>
+
+	* src/crlfetch.c (crl_fetch): Enhanced to allow fetching binary
+	data using HTTP.
+	* src/http.c, src/http.h: Replaced by the code from gnupg 1.3 and
+	modified acording to our needs.
+	(read_line): New. Based on the code from GnuPG's iobuf_read_line.
+	* configure.ac: Check for getaddrinfo.
+
+	* src/dirmngr.c (parse_ldapserver_file): Close the stream.
+	(main): Free ldapfile.
+
+	* src/ocsp.c, src/ocsp.h: New. Albeit not functionality.
+
+	* src/server.c (inquire_cert): Catch EOF when reading dist points.
+
+	* src/crlcache.c (hash_dbfile, check_dbfile): New.
+	(lock_db_file, crl_cache_insert): Use them here to detect
+	corrupted CRL files.
+	(open_dir): Read the new dbfile hash field.
+
+	* src/crlfetch.c (crl_fetch, crl_fetch_default): Changed to retrun
+	a stream.
+	(fun_reader, fun_closer, setup_funopen): New.
+	* src/server.c (inquire_cert): Changed to use the new stream interface
+	of crlfetch.c.
+
+2003-12-10  Werner Koch  <[email protected]>
+
+	* src/funopen.c: New.
+	* configure.ac (funopen): Add test.
+	* src/Makefile.am (dirmngr_LDADD): Add LIBOBJS.
+
+	* src/crlcache.c (next_line_from_file): Remove the limit on the
+	line length.
+	(crl_cache_new): Removed.
+	(open_dbcontent): New.
+	(crl_cache_init): Use it here.
+	(crl_cache_flush): The DB content fie is now in the cache
+	directory, so we can simplify it.
+	(make_db_file_name, lock_db_file, unlock_db_file): New.
+	(release_cache): Close the cached DB files.
+	(crl_cache_isvalid): Make use of the new lock_db_file.
+	(crl_cache_insert): Changed to take a stream as argument.
+	(crl_parse_insert): Rewritten to use a temporary DB and to avoid
+	using up large amounts of memory.
+	(db_entry_new): Removed.
+	(release_cache,release_one_cache_entry): Splitted up.
+	(find_entry): Take care of the new deleted flag.
+	(crl_cache_load): Simplified becuase we can now pass a FP to the
+	insert code.
+	(save_contents): Removed.
+	(update_dir): New.
+	(open_dbcontent_file): Renamed to open_dir_file.
+	(check_dbcontent_version): Renamed to check_dir_version.
+	(open_dbcontent): Renamed to open_dir.
+
+	* src/dirmngr.c: New option --faked-system-time.
+	* src/misc.c (faked_time_p, set_time, get_time): New.  Taken from GnuPG.
+	(check_isotime): New.
+	(unpercent_string): New.
+
+2003-12-09  Werner Koch  <[email protected]>
+
+	* src/crlcache.h (DBDIR,DBCONTENTFILE): Changed value.
+
+	* autogen.sh: Reworked.
+	* README.CVS: New.
+	* configure.ac: Added min_automake_version.
+
+2003-12-03  Werner Koch  <[email protected]>
+
+	* src/server.c (cmd_lookup): Send an END line after each
+	certificate.
+
+2003-11-28  Werner Koch  <[email protected]>
+
+	* src/Makefile.am (dirmngr_LDADD): Remove DB_LIBS
+	because it never got defined and -ldb{2,4} is implictly set
+	by the AC_CHECK_LIB test in configure.
+
+	* src/crlcache.c (mydbopen): DB4 needs an extra parameter; I
+	wonder who ever tested DB4 support.  Add an error statement in
+	case no DB support is configured.
+
+	* tests/Makefile.am: Don't use AM_CPPFLAGS but AM_CFLAGS, replaced
+	variables by configure templates.
+	* src/Makefile.am: Ditto.
+
+2003-11-19  Werner Koch  <[email protected]>
+
+	* src/crlcache.c (list_one_crl_entry): Define X to nothing for non
+	DB4 systems.  Thanks to Luca M. G. Centamore.
+
+2003-11-17  Werner Koch  <[email protected]>
+
+	Released 0.5.0
+
+	* src/crlcache.c (crl_cache_new): Fixed eof detection.
+
+	* src/server.c (cmd_loadcrl): Do the unescaping.
+
+	* doc/dirmngr.texi: Added a history section for this modified
+	version.
+
+2003-11-14  Werner Koch  <[email protected]>
+
+	* tests/asschk.c: New.  Taken from GnuPG.
+	* tests/Makefile.am: Added asschk.
+
+2003-11-13  Werner Koch  <[email protected]>
+
+	* src/ldap.c (fetch_next_cert_ldap): Get the pattern switching
+	right.
+
+	* tests/test-dirmngr.c: Replaced a couple of deprecated types.
+
+	* configure.ac (GPG_ERR_SOURCE_DEFAULT): Added.
+	(fopencookie, asprintf): Removed unneeded test.
+	(PRINTABLE_OS_NAME): Updated the test from gnupg.
+	(CFLAGS): Do full warnings only in maintainer mode. Add flag
+	--enable gcc-warnings to override it and to enable even more
+	warnings.
+	* acinclude.m4: Removed the libgcrypt test.
+
+	* src/ldap.c (get_attr_from_result_ldap): Simplified the binary
+	hack and return a proper gpg error.
+	(attr_fetch_ldap_internal): Changed error handling.
+	(attr_fetch_ldap): Reworked.  Return configuration error if no
+	servers are configured.
+	(url_fetch_ldap, add_server_to_servers)
+	(url_fetch_ldap_internal): Reworked.
+	(struct cert_fetch_context_s): New to get rid of a global state.
+	(start_cert_fetch_ldap): Allocate context and do a bind with a
+	timeout.  Parse pattern.
+	(end_cert_fetch_ldap): Take context and don't return anything.
+	(find_next_pattern): Removed.
+	(parse_one_pattern): Redone.
+	(get_cert_ldap): Redone.
+	* src/server.c (cmd_lookup): Changed for changed fetch functions.
+
+	* doc/dirmngr.texi: Reworked a bit to get rid of tex errors.
+
+	* configure.ac: Enable makeinfo test.
+
+	* src/crlcache.c (crl_cache_insert): Fixed for latest KSBA API
+	changes.
+	* tests/test-dirmngr.c (main): Ditto.  Also added some more error
+	checking.
+
+2003-11-11  Werner Koch  <[email protected]>
+
+	* src/cert.c (hashify_data, hexify_data, serial_hex)
+	(serial_to_buffer): Moved all to ...
+	* src/misc.c: .. here.
+	* src/Makefile.am (cert.c, cert.h): Removed.
+	* cert.c, cert.h: Removed.
+
+	* m4/: New.
+	* configure.ac, Makefile.am: Include m4 directory support, updated
+	required library versions.
+
+	* src/cert.c (make_cert): Removed.
+
+	* src/ldap.c (fetch_next_cert_ldap): Return a gpg style error.
+
+	* src/misc.h (copy_time): New.
+	* src/misc.c (get_isotime): New.
+	(iso_string2time, iso_time2string): Removed.
+	(unhexify): New.
+
+	* src/crlcache.h (DBCONTENTSVERSION): Bumbed to 0.6.
+	* src/crlcache.c (finish_sig_check): New.  Factored out from
+	crl_parse_insert and entirely redone.
+	(do_encode_md): Removed.
+	(print_time): Removed
+	(crl_cache_isvalid): Reworked.
+
+2003-11-10  Werner Koch  <[email protected]>
+
+	* src/crlcache.c (make_db_val, parse_db_val): Removed.
+
+	* src/cert.c (serial_to_buffer): New.
+
+	* src/server.c (get_issuer_cert_local): Rewritten.
+
+	* src/crlcache.c (crl_parse_insert): Rewritten.  Takes now a CTRL
+	instead of the Assuan context. Changed caller accordingly.
+	(get_issuer_cert): Cleaned up.
+
+	* src/crlfetch.c (crl_fetch): Changed VALUE to unsigned char* for
+	documentation reasons.  Make sure that VALUE is released on error.
+	(crl_fetch_default, ca_cert_fetch): Ditto.
+
+	* src/crlcache.c (release_cache): New.
+	(crl_cache_deinit): Use it here.
+	(crl_cache_flush): Redone.
+	(save_contents): Redone.
+	(crl_cache_list, list_one_crl_entry): Print error messages.
+
+2003-11-06  Werner Koch  <[email protected]>
+
+	* src/crlcache.c (create_directory_if_needed, cleanup_cache_dir):
+	New.  Factored out from crl_cache_new and mostly rewritten.
+	(crl_cache_new): Rewritten.
+	(next_line_from_file): New.
+	(find_entry): Cleaned up.
+	(crl_cache_deinit): Cleaned up.
+
+	* src/dirmngr.c (dirmngr_init_default_ctrl): New stub.
+	* src/dirmngr.h (ctrl_t): New.
+	(DBG_ASSUAN,...): Added the usual debug test macros.
+	* src/server.c: Removed the GET_PTR cruft, replaced it by ctrl_t.
+	Removed the recursion flag.
+	(get_issuer_cert_local): Allow for arbitary large
+	certificates. 4096 is definitely too small.
+	(inquire_cert): Ditto.
+	(start_command_handler): Set a hello line and call the default
+	init function.
+	(cmd_isvalid): Rewritten.
+	(inquire_cert): Removed unused arg LINE. General cleanup.
+	(map_assuan_err,map_to_assuan_status): New.  Taken from gnupg 1.9.
+	(cmd_lookup): Rewritten.
+	(cmd_loadcrl): Started to rewrite it.
+
+2003-10-29  Werner Koch  <[email protected]>
+
+	* src/dirmngr.c (parse_ldapserver_file): Entirely rewritten.
+	(cleanup): New.
+	(main): Cleaned up.
+
+2003-10-28  Werner Koch  <[email protected]>
+
+	* src/dirmngr.h: Renamed dirmngr_opt to opt.
+
+	* src/dirmngr.c (parse_ldapserver_file, free_ldapservers_list):
+	Moved with this file.  Cleaned up.  Replaced too deep recursion in
+	the free function.
+
+2003-10-21  Werner Koch  <[email protected]>
+
+	Changed all occurrences of assuan.h to use use the system provided
+	one.
+	* src/server.c (register_commands): Adjusted for Assuan API change.
+
+2003-08-14  Werner Koch  <[email protected]>
+
+	* src/Makefile.am: s/LIBKSBA_/KSBA_/. Changed for external Assuan lib.
+	* tests/Makefile.am: Ditto.
+
+	* configure.ac: Partly restructured, add standard checks for
+	required libraries, removed included libassuan.
+	* Makefile.am (SUBDIRS): Removed assuan becuase we now use the
+	libassuan package.
+
+	* src/dirmngr.c (main): Properly initialize Libgcrypt and libksba.
+
+2003-08-13  Werner Koch  <[email protected]>
+
+	* src/server.c (get_issuer_cert_local): Print error using
+	assuan_strerror.
+
+	* src/crlcache.c (do_encode_md, start_sig_check): Adjust for
+	changed Libgcrypt API.
+
+2003-06-19  Steffen Hansen  <[email protected]>
+
+	* configure.ac: Upped version to 0.4.7-cvs.
+
+2003-06-19  Steffen Hansen  <[email protected]>
+
+	* configure.ac: Release 0.4.6.
+
+2003-06-17  Bernhard Reiter <[email protected]>
+
+	* src/ldap.c (url_fetch_ldap()):
+	  try other default servers when an url with hostname failed
+	* AUTHORS:  added Steffen and Werner
+	* THANKS: Thanked people in the ChangeLog and the Ägypten-Team
+
+
+2003-06-16  Steffen Hansen  <[email protected]>
+
+	* configure.ac, src/crlcache.h, src/crlcache.c: Added db4 support.
+	* src/Makefile.am, tests/Makefile.am: Removed automake warning.
+	* tests/test-dirmngr.c: Removed a warning.
+
+2003-05-12  Steffen Hansen  <[email protected]>
+
+	* doc/Makefile.am: Added dirmngr.ops to DISTCLEANFILES.
+	* ChangeLog, doc/ChangeLog, src/ChangeLog: Merged dirmngr ChangeLogs
+	into one toplevel file.
+	* acinclude.m4, configure.ac: Renamed PFX to PATH for consistency.
+
+2003-05-12  Steffen Hansen  <[email protected]>
+
+	* src/ldap.c: Fixed end-of-certificates-list indication.
+
+2003-05-08  Steffen Hansen  <[email protected]>
+
+	* src/server.c: Fixed iteration over server list
+
+2003-02-23  Steffen Hansen  <[email protected]>
+
+	* src/crlcache.h, src/crlcache.c, src/dirmngr.c: Implemented --flush command.
+
+2003-02-07  Marcus Brinkmann  <[email protected]>
+
+	* configure.ac: Release 0.4.4.
+
+2003-02-05  Steffen Hansen  <[email protected]>
+
+	* src/ldap.c: Try harder with and without ";binary" in the
+	attribute name when fetching certificates.
+	* src/ldap.c, src/server.c: Support multiple userCertificate attributes
+	per entry.
+
+2003-02-04  Steffen Hansen  <[email protected]>
+
+	* src/ldap.c: Include the sn attribute in the search filter.
+	Better log messages.
+
+2002-11-20  Steffen Hansen  <[email protected]>
+
+	* Doc updates (fixes #1373)
+	* Fix for #1419 (crash in free_ldapservers_list())
+	* Fix for #1375. Dirmngr now asks back with an INQUIRE SENDCERT before
+	  querying the LDAP servers for an issuer certificate to validate a CRL
+
+2002-11-12  Werner Koch  <[email protected]>
+
+	* config.sub, config.guess: Updated from ftp.gnu.org/gnu/config
+	to version 2002-11-08.
+
+2002-11-12  Werner Koch  <[email protected]>
+
+	* dirmngr.c (main) <load_crl_filename>: Better pass NULL instead
+	of an unitialized Assuan context.  Let's hope that the other
+	functions can cope with this.
+
+2002-10-25  Bernhard Reiter <[email protected]>
+
+	* src/ldap.c (get_attr_from_result_ldap()):
+        added value extraction retry for CRLs and Certs without ";binary"
+	* changed version number to reflect cvs status to "0.4.3-cvs"
+
+2002-08-21  Werner Koch  <[email protected]>
+
+	* dirmngr.c (main): Changed default homedir to .gnupg.
+
+2002-08-07  Steffen Hansen  <[email protected]>
+
+	* Added configure check to examine whether db2 cursor() uses 3 or
+	4 parameters.
+
+2002-07-31  Werner Koch  <[email protected]>
+
+	* doc/dirmngr.texi: Fixed the structure and added menu entries
+	for the other nodes.
+
+2002-07-30  Steffen Hansen  <[email protected]>
+
+	* Added doc dir and first steps towards manual.
+
+2002-07-29  Steffen Hansen  <[email protected]>
+
+	* Got rid of the default server for CRL lookup. We now use the
+	same list of servers that we use for cert. lookup.
+
+2002-07-29  Steffen Hansen  <[email protected]>
+
+	* New option --add-servers to allow dirmngr to add LDAP servers
+	found in CRL distribution points to the list of servers it
+	searches. NOTE: The added servers are only active in the currently
+	running dirmngr -- the info isn't written to persistens storage.
+
+2002-07-26  Steffen Hansen  <[email protected]>
+
+	* Default LDAP timeout is 100 seconds now.
+
+	* Use DB2 instead of DB1. Check for libresolv, fixed bug when
+	libldap was found in the default search path.
+
+2002-07-22  Steffen Hansen  <[email protected]>
+
+	* Implemented --load-crl <filename> option. Also available as
+	LOADCRL assuan command when in server mode.
+
+2002-07-22  Steffen Hansen  <[email protected]>
+
+	* Implemented new option --ldaptimeout to specify the number of seconds to
+	wait for an LDAP request before timeout.
+
+	* Added --list-crls option to print the contents of the CRL cache
+	* Added some items to the dbcontents file to make printout nicer
+	  and updated it's version number
+
+2002-07-02  Werner Koch  <[email protected]>
+
+	* crlcache.c (crl_parse_insert): Fixed log_debug format string.
+
+2002-07-02  Steffen Hansen  <[email protected]>
+
+	* configure.ac: Use DB->get() return value correctly.
+
+2002-06-28  Werner Koch  <[email protected]>
+
+	* crlcache.c (crl_parse_insert): Keep track of newly allocated
+	ENTRY so that we don't free existing errors after a bad signature.
+
+	* dirmngr.h: Include prototype for start_command_handler.
+
+	* crlfetch.c, crlcache.c, http.c, cert.c, ldap.c: Include
+	config.h.
+
+	* crlcache.c (crl_parse_insert): Fixed format type specifiers for
+	time_t variables in log_debug.
+
+	* error.h: Use log_debug instead of dirmngr_debug.  Changed all
+	callers.
+	* Makefile.am (dirmngr_SOURCES): Removed error.c
+
+	* dirmngr.c (main): Register gcrypt malloc functions with ksba so
+	that we don't run into problems by using the wrong free function.
+	The gcrypt malloc function have the additional benefit of a
+	providing allocation sanity checks when compiled with that
+	feature.
+
+	* crlcache.c (get_issuer_cert): Use xfree instead of ksba_free.
+
+
+2002-06-27  Steffen Hansen  <[email protected]>
+
+	* ldap.c: Look for both userCertificate and caCertificate
+
+2002-06-26  Steffen Hansen  <[email protected]>
+
+	* configure.ac: Upped version number to 0.3.1
+
+2002-06-25  Werner Koch  <[email protected]>
+
+	* server.c (cmd_lookup): Use assuan_write_status which ensures a
+	correct syntax.
+
+2002-06-20  Werner Koch  <[email protected]>
+
+	* crlcache.c (crl_cache_isvalid): Started with some nicer logging.
+	However, this will need a lot more work.
+	(get_issuer_cert): Ditto.
+
+	* dirmngr.c (main): Changed required libgcrypt version and don't
+	print the prefix when using a logfile.
+
+2002-06-20  Werner Koch  <[email protected]>
+
+	* tests/Makefile.am (TESTS): Removed test-dirmngr because it
+	is not a proper test program.
+	(EXTRA_DIST): Removed the non-existent test certificate.
+
+2002-05-21  Werner Koch  <[email protected]>
+
+	* server.c (start_command_handler): Enable assuan debugging.
+
+2002-05-08  Steffen Hansen  <[email protected]>
+
+	* Replaced gdbm check with db1 check
+
+2002-05-08  Steffen Hansen  <[email protected]>
+
+	* Replaced gdbm with db1, updated file format version
+
+2002-03-01  Steffen Hansen  <[email protected]>
+
+	* Added gdbm configure check
+
+2002-01-23  Steffen Hansen  <[email protected]>
+
+	* Return ASSUAN_CRL_Too_Old if the CRL is too old
+
+
+2002-01-17  Steffen Hansen  <[email protected]>
+
+	Added commandline options --ldapserver <host> --ldapport <port>
+	--ldapuser <user> --ldappassword <passwd>.
+
+	Cleaned up CRL parsing, signature evaluation a bit, changed
+	datetime format in config file to ISO, added version string to
+	contents format and cache file clean up code in case of mismatch.
+
+2002-01-14  Steffen Hansen  <[email protected]>
+
+	* Use dirmngr_opt.homedir for storing the db. Added Makefile.am to
+	tests, bugfixes.
+
+	* First code.
+	  Things that work:
+		Loading/saving database (paths hardcoded)
+		Fetching CRL from hardcoded server, parsing and inserting in database
+		Answer ISVALID xxx.yyy requests
+
+	  Things that are missing:
+		Some error-checking/handling
+		Proper autoconf handling of gdbm and OpenLDAP
+		Signature checking downloaded CRLs
+		Answer LOOKUP requests
+		...
+
+	  How to test:
+		cd tests
+		ldapsearch -v -x -h www.trustcenter.de -b '<some-users-DN>' userCertificate -t
+		cp /tmp/<cert-file> testcert.der
+		./test-dirmngr
+
+==END OLDEST CHANGELOG==
 
  Copyright 2004, 2005, 2006, 2007, 2008, 2009, 2010,
 	   2011 Free Software Foundation, Inc.
diff --git a/dirmngr/ChangeLog-2011-ks b/dirmngr/ChangeLog-2011-ks
new file mode 100644
index 000000000..b41955e7e
--- /dev/null
+++ b/dirmngr/ChangeLog-2011-ks
@@ -0,0 +1,1363 @@
+[ This is the ChangeLog from the former keyserver/ directory which
+  kept the old gpgkeys_* keyserver access helpers.  We keep it here
+  to document the history of certain keyserver relates features.  ]
+
+2011-12-01  Werner Koch  <[email protected]>
+
+	NB: ChangeLog files are no longer manually maintained.  Starting
+	on December 1st, 2011 we put change information only in the GIT
+	commit log, and generate a top-level ChangeLog file from logs at
+	"make dist".  See doc/HACKING for details.
+
+2011-01-20  Werner Koch  <[email protected]>
+
+	* gpgkeys_hkp.c (get_name): Remove test for KS_GETNAME.  It is
+	always true.
+	(search_key): Remove test for KS_GETNAME.  It is always false.
+
+2009-08-26  Werner Koch  <[email protected]>
+
+	* gpgkeys_hkp.c: Include util.h.
+	(send_key): Use strconcat to build KEY.
+	(appendable_path): New.
+	(get_name): Use strconcat to build REQUEST.
+	(search_key): Ditto.
+
+	* ksutil.c: Include util.h.
+	(parse_ks_options): Use make_filename_try for the ca-cert-file arg.
+
+2009-07-06  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c (main, srv_replace): Minor tweaks to use the
+	DNS-SD names ("pgpkey-http" and "pgpkey-https") in SRV lookups
+	instead of "hkp" and "hkps".
+
+2009-06-24  Werner Koch  <[email protected]>
+
+	* gpgkeys_ldap.c (send_key): Do not deep free a NULL modlist.
+	Reported by Fabian Keil.
+
+2009-05-28  David Shaw  <[email protected]>
+
+	From 1.4:
+
+	* curl-shim.c (curl_slist_append, curl_slist_free_all): New.
+	Simple wrappers around strlist_t to emulate the curl way of doing
+	string lists.
+	(curl_easy_setopt): Handle the curl HTTPHEADER option.
+
+	* gpgkeys_curl.c, gpgkeys_hkp.c (main): Avoid caches to get the
+	most recent copy of the key.  This is bug #1061.
+
+2009-05-27  David Shaw  <[email protected]>
+
+	From 1.4:
+
+	* gpgkeys_hkp.c (srv_replace): New function to transform a SRV
+	hostname to a real hostname.
+	(main): Call it from here for the HAVE_LIBCURL case (without
+	libcurl is handled via the curl-shim).
+
+	* curl-shim.h, curl-shim.c (curl_easy_setopt, curl_easy_perform):
+	Add a CURLOPT_SRVTAG_GPG_HACK (passed through the the http
+	engine).
+
+2009-05-10  David Shaw  <[email protected]>
+
+	From 1.4:
+
+	* gpgkeys_hkp.c (send_key, get_key, get_name, search_key, main):
+	Add support for SSLized HKP.
+
+	* curl-shim.h (curl_version): No need to provide a version for
+	curl-shim as it always matches the GnuPG version.
+
+	* gpgkeys_curl.c, gpgkeys_hkp.c (main): Show which version of curl
+	we're using as part of --version.
+
+	* gpgkeys_curl.c, gpgkeys_finger.c, gpgkeys_hkp.c,
+	gpgkeys_ldap.c (show_help): Document --version.
+
+2009-05-04  David Shaw  <[email protected]>
+
+	* gpgkeys_mailto.in: Set 'mail-from' as a keyserver-option, rather
+	than the ugly ?from= syntax.
+
+2009-01-22  Werner Koch  <[email protected]>
+
+	* Makefile.am (gpg2keys_curl_LDADD, gpg2keys_hkp_LDADD): Add all
+	standard libs.
+
+2008-10-20  Werner Koch  <[email protected]>
+
+	* curl-shim.c (curl_global_init): Mark usused arg.
+	(curl_version_info): Ditto.
+
+2008-08-29  Werner Koch  <[email protected]>
+
+	* gpgkeys_kdns.c: Changed copyright notice to the FSF.
+
+2008-04-21  Werner Koch  <[email protected]>
+
+	* ksutil.c (w32_init_sockets) [HAVE_W32_SYSTEM]: New.
+	* curl-shim.c (curl_easy_init) [HAVE_W32_SYSTEM]: Call it.
+	* gpgkeys_finger.c: s/_WIN32/HAVE_W32_SYSTEM/.
+	(init_sockets): Remove.
+	(connect_server) [HAVE_W32_SYSTEM]: Call new function.
+
+2008-04-14  David Shaw  <[email protected]>
+
+	* gpgkeys_curl.c (main), gpgkeys_hkp.c (main): Make sure all
+	libcurl number options are passed as long.
+
+	* curl-shim.c (curl_easy_setopt): Minor tweak to match the real
+	curl better - libcurl uses 'long', not 'unsigned int'.
+
+2008-04-07  Werner Koch  <[email protected]>
+
+	* gpgkeys_kdns.c: New.
+	* Makefile.am: Support kdns.
+
+	* no-libgcrypt.c (gcry_strdup): Fix.  It was not used.
+
+2008-03-25  Werner Koch  <[email protected]>
+
+	* gpgkeys_ldap.c (build_attrs): Take care of char defaulting to
+	unsigned when using hextobyte.
+
+2007-10-25  David Shaw  <[email protected]>  (wk)
+
+	From 1.4 (July):
+
+	* gpgkeys_ldap.c (main): Fix bug in setting up whether to verify
+	peer SSL cert.  This used to work with older OpenLDAP, but is now
+	more strictly handled.
+
+	* gpgkeys_ldap.c (search_key, main): Fix bug where searching for
+	foo bar (no quotes) on the command line resulted in searching for
+	"foo\2Abar" due to LDAP quoting.  The proper search is "foo*bar".
+
+2007-06-11  Werner Koch  <[email protected]>
+
+	* gpgkeys_hkp.c (send_key): Rename eof to r_eof as some Windows
+	header defines such a symbol.
+	(main): Likewise.
+
+2007-06-06  Werner Koch  <[email protected]>
+
+	* gpgkeys_ldap.c (send_key, send_key_keyserver): Rename eof to
+	r_eof as some Windows file has such a symbol.
+	(main): Likewise.
+
+2007-05-07  Werner Koch  <[email protected]>
+
+	* Makefile.am (gpg2keys_ldap_LDADD): Add GPG_ERROR_LIBS.
+
+2007-05-04  Werner Koch  <[email protected]>
+
+	* gpgkeys_test.in: Rename to ..
+	* gpg2keys_test.in: .. this.
+	* gpgkeys_mailto.in: Rename to ..
+	* gpg2keys_mailto.in: .. this
+	* Makefile.am: Likewise
+
+2007-03-13  David Shaw  <[email protected]>
+
+	From STABLE-BRANCH-1-4
+
+	* gpgkeys_curl.c (main): Use curl_version_info to verify that the
+	protocol we're about to use is actually available.
+
+	* curl-shim.h, curl-shim.c (curl_free): Make into a macro.
+	(curl_version_info): New.  Only advertises "http" for our shim, of
+	course.
+
+2007-03-09  David Shaw  <[email protected]>
+
+	From STABLE-BRANCH-1-4
+
+	* gpgkeys_ldap.c (send_key): Missing a free().
+
+	* curl-shim.c (curl_easy_perform): Some debugging items that may
+	be handy.
+
+2006-12-03  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c (search_key): HKP keyservers like the 0x to be
+	present when searching by keyID.
+
+2006-11-22  Werner Koch  <[email protected]>
+
+	* Makefile.am (gpg2keys_ldap_LDADD): Add jnlib.  This is needed
+	for some replacement functions.
+
+2006-11-21  Werner Koch  <[email protected]>
+
+	* curl-shim.c (curl_easy_perform): Made BUFLEN and MAXLNE a size_t.
+
+2006-11-05  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c (curl_mrindex_writer): Revert previous change.
+	Key-not-found still has a HTML response.
+
+2006-10-24  Marcus Brinkmann  <[email protected]>
+
+	* Makefile.am (gpg2keys_ldap_CPPFLAGS): Rename second instance to ...
+	(gpg2keys_finger_CPPFLAGS): ... this.
+
+2006-10-20  Werner Koch  <[email protected]>
+
+	* Makefile.am: Reporder macros for better readability.
+	(gpg2keys_finger_LDADD): Add GPG_ERROR_LIBS.
+
+2006-10-19  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c (curl_mrindex_writer): Print a warning if we see
+	HTML coming back from a MR hkp query.
+
+2006-10-17  Werner Koch  <[email protected]>
+
+	* Makefile.am: Removed W32LIBS as they are included in NETLIBS.
+	Removed PTH_LIBS.
+
+2006-09-26  Werner Koch  <[email protected]>
+
+	* curl-shim.c: Adjusted for changes in http.c.
+	(curl_easy_perform): Changed LINE from unsigned char* to char*.
+
+	* Makefile.am (gpg2keys_curl_LDADD, gpg2keys_hkp_LDADD)
+	[FAKE_CURL]: Need to link against common_libs and pth.
+
+	* curl-shim.h, curl-shim.c: Removed license exception as not
+	needed here.
+
+2006-09-22  Werner Koch  <[email protected]>
+
+	* gpgkeys_curl.c, gpgkeys_hkp.c, gpgkeys_ldap.c, curl-shim.c:
+	* curl-shim.h, ksutil.c, ksutil.h: Add special license exception
+	for OpenSSL.  This helps to avoid license conflicts if OpenLDAP or
+	cURL is linked against OpenSSL and we would thus indirectly link
+	to OpenSSL.  This is considered a bug fix and forgives all
+	possible violations, pertaining to this issue, possibly occured in
+	the past.
+
+	* no-libgcrypt.c: Changed license to a simple all permissive one.
+
+	* Makefile.am (gpg2keys_ldap_LDADD): For license reasons do not
+	link against common_libs.
+	(gpg2keys_curl_LDADD, gpg2keys_hkp_LDADD): Ditto.
+	* ksutil.c (ks_hextobyte, ks_toupper, ks_strcasecmp): New.
+	Identical to the ascii_foo versions from jnlib.
+	* gpgkeys_ldap.c: Include assert.h.
+	(main): Replace BUG by assert.
+	(build_attrs): Use ks_hextobyte and ks_strcasecmp.
+
+	* gpgkeys_finger.c (get_key): Resolved signed/unisgned char
+	mismatch.
+
+2006-09-19  Werner Koch  <[email protected]>
+
+	* no-libgcrypt.c: New. Taken from ../tools.
+	* Makefile.am: Add no-libgcrypt to all sources.
+
+2006-09-06  Marcus Brinkmann  <[email protected]>
+
+	* Makefile.am (AM_CFLAGS): Add $(GPG_ERROR_CFLAGS).
+
+2006-08-16  Werner Koch  <[email protected]>
+
+	* Makefile.am: Renamed all binaries to gpg2keys_*.
+	(gpg2keys_ldap_CPPFLAGS): Add AM_CPPFLAGS.
+
+2006-08-15  Werner Koch  <[email protected]>
+
+	* Makefile.am: Adjusted to the gnupg2 framework.
+
+2006-08-14  Werner Koch  <[email protected]>
+
+	* curl-shil.c, curl-shim.h: Changed to make use of the new http.c
+	API.
+
+	* curl-shim.c (curl_easy_perform): Add missing http_close to the
+	POST case.
+
+2006-07-24  David Shaw  <[email protected]>  (wk)
+
+	* curl-shim.c (curl_easy_perform): Minor cleanup of proxy code.
+
+	* gpgkeys_hkp.c (send_key)
+	* gpgkeys_ldap.c (send_key, send_key_keyserver): Fix string
+	matching problem when the ascii armored form of the key happens to
+	match "KEY" at the beginning of the line.
+
+2006-04-26  David Shaw  <[email protected]>
+
+	* gpgkeys_http.c, gpgkeys_oldhkp.c: Removed.
+
+	* Makefile.am: Don't build gpgkeys_http or gpgkeys_(old)hkp any
+	longer as this is done via curl or fake-curl.
+
+	* ksutil.h, ksutil.c, gpgkeys_hkp.c, gpgkeys_curl.c: Minor
+	#include tweaks as FAKE_CURL is no longer meaningful.
+
+2006-04-10  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (ldap_quote, get_name, search_key): LDAP-quote
+	directly into place rather than mallocing temporary buffers.
+
+	* gpgkeys_ldap.c (get_name): Build strings with strcat rather than
+	using sprintf which is harder to read and modify.
+
+	* ksutil.h, ksutil.c (classify_ks_search): Add
+	KS_SEARCH_KEYID_SHORT and KS_SEARCH_KEYID_LONG to search for a key
+	ID.
+
+	* gpgkeys_ldap.c (search_key): Use it here to flip from pgpUserID
+	searches to pgpKeyID or pgpCertID.
+
+2006-03-27  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c: #define LDAP_DEPRECATED for newer OpenLDAPs so
+	they use the regular old API that is compatible with other LDAP
+	libraries.
+
+2006-03-03  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (main): Fix build problem with non-OpenLDAP LDAP
+	libraries that have TLS.
+
+2006-02-23  David Shaw  <[email protected]>
+
+	* ksutil.c (init_ks_options): Default include-revoked and
+	include-subkeys to on, as gpg isn't doing this any longer.
+
+2006-02-22  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c (get_name): A GETNAME query turns exact=on to cut
+	down on odd matches.
+
+2006-02-21  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (make_one_attr, build_attrs, send_key): Don't
+	allow duplicate attributes as OpenLDAP is now enforcing this.
+
+	* gpgkeys_ldap.c (main): Add binddn and bindpw so users can pass
+	credentials to a remote LDAP server.
+
+	* curl-shim.h, curl-shim.c (curl_easy_init, curl_easy_setopt,
+	curl_easy_perform): Mingw has 'stderr' as a macro?
+
+	* curl-shim.h, curl-shim.c (curl_easy_init, curl_easy_setopt,
+	curl_easy_perform): Add CURLOPT_VERBOSE and CURLOPT_STDERR for
+	easier debugging.
+
+2006-01-16  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c (send_key): Do not escape the '=' in the HTTP POST
+	when uploading a key.
+
+2005-12-23  David Shaw  <[email protected]>
+
+	* ksutil.h, ksutil.c (parse_ks_options): New keyserver command
+	"getname".
+
+	* gpgkeys_hkp.c (main, get_name), gpgkeys_ldap.c (main, get_name):
+	Use it here to do direct name (rather than key ID) fetches.
+
+2005-12-19  David Shaw  <[email protected]>
+
+	* ksutil.h, ksutil.c (curl_armor_writer, curl_writer,
+	curl_writer_finalize): New functionality to handle binary format
+	keys by armoring them for input to GPG.
+
+	* gpgkeys_curl.c (get_key), gpgkeys_hkp.c (get_key): Call it here.
+
+2005-12-07  David Shaw  <[email protected]>
+
+	* gpgkeys_finger.c (get_key), gpgkeys_curl.c (get_key): Better
+	language for the key-not-found error.
+
+	* ksutil.c (curl_err_to_gpg_err): Add CURLE_OK and
+	CURLE_COULDNT_CONNECT.
+
+	* gpgkeys_curl.c (get_key): Give key-not-found error if no data is
+	found (or file itself is not found) during a fetch.
+
+2005-12-06  David Shaw  <[email protected]>
+
+	* curl-shim.c (curl_easy_perform): Fix build warning (code before
+	declaration).
+
+2005-11-02  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c (search_key): Fix warning with typecast (though
+	curl should really have defined that char * as const).
+
+2005-08-25  David Shaw  <[email protected]>
+
+	* ksutil.h, ksutil.c (parse_ks_options): Remove exact-name and
+	exact-email.
+	(classify_ks_search): Mimic the gpg search modes instead with *,
+	=, <, and @.
+
+	* gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Call
+	them here.  Suggested by Jason Harris.
+
+2005-08-18  David Shaw  <[email protected]>
+
+	* ksutil.h, ksutil.c (parse_ks_options): New keyserver-option
+	exact-name.  The last of exact-name and exact-email overrides the
+	earlier.
+
+	* gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Use it
+	here to do a name-only search.
+
+	* gpgkeys_ldap.c (ldap_quote): \-quote a string for LDAP.
+
+	* gpgkeys_ldap.c (search_key): Use it here to escape reserved
+	characters in searches.
+
+2005-08-17  David Shaw  <[email protected]>
+
+	* ksutil.h, ksutil.c (parse_ks_options): New keyserver-option
+	exact-email.
+
+	* gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Use it
+	here to do an email-only search.
+
+2005-08-08  David Shaw  <[email protected]>
+
+	* Makefile.am: Include LDAP_CPPFLAGS when building LDAP.
+
+2005-08-03  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c (main), gpgkeys_curl.c (main), curl-shim.h: Show
+	version of curl (or curl-shim) when debug is set.
+
+2005-07-20  David Shaw  <[email protected]>
+
+	* gpgkeys_curl.c (get_key, main): Don't try and be smart about
+	what protocols we handle.  Directly pass them to curl or fake-curl
+	and see if an error comes back.
+
+	* curl-shim.h, curl-shim.c (handle_error), ksutil.c
+	(curl_err_to_gpg_err): Add support for CURLE_UNSUPPORTED_PROTOCOL
+	in fake curl.
+
+	* Makefile.am: Don't need -DFAKE_CURL any longer since it's in
+	config.h.
+
+2005-06-23  David Shaw  <[email protected]>
+
+	* gpgkeys_mailto.in, gpgkeys_test.in: Use @VERSION@ so version
+	string stays up to date.
+
+	* gpgkeys_http.c: Don't need to define HTTP_PROXY_ENV here since
+	it's in ksutil.h.
+
+	* gpgkeys_curl.c (get_key, main), gpgkeys_hkp.c (main): Pass AUTH
+	values to curl or curl-shim.
+
+	* curl-shim.c (curl_easy_perform), gpgkeys_curl.c (main),
+	gpgkeys_hkp.c (main): Use curl-style proxy semantics.
+
+	* curl-shim.h, curl-shim.c (curl_easy_setopt, curl_easy_perform):
+	Add CURLOPT_USERPWD option for HTTP auth.
+
+	* gpgkeys_http.c (get_key), gpgkeys_oldhkp (send_key, get_key,
+	search_key): No longer need to pass a proxyauth.
+
+	* gpgkeys_http.c (get_key): Pass auth outside of the URL.
+
+2005-06-21  David Shaw  <[email protected]>
+
+	* gpgkeys_http.c (get_key), gpgkeys_oldhkp.c (send_key, get_key,
+	search_key): Fix http_open/http_open_document calls to pass NULL
+	for auth and proxyauth since these programs pass them in the URL.
+
+2005-06-20  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c (append_path, send_key, get_key, search_key,
+	main), gpgkeys_oldhkp.c (main): Properly handle double slashes in
+	paths.
+
+2005-06-05  David Shaw  <[email protected]>
+
+	* ksutil.c (init_ks_options, parse_ks_options): Provide a default
+	"/" path unless overridden by the config.  Allow config to specify
+	items multiple times and take the last specified item.
+
+2005-06-04  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c, gpgkeys_oldhkp.c: Add support for HKP servers
+	that aren't at the root path.  Suggested by Jack Bates.
+
+2005-06-01  David Shaw  <[email protected]>
+
+	* ksutil.c [HAVE_DOSISH_SYSTEM]: Fix warnings on mingw32.  Noted
+	by Joe Vender.
+
+2005-05-04  David Shaw  <[email protected]>
+
+	* ksutil.h, ksutil.c: #ifdef so we can build without libcurl or
+	fake-curl.
+
+2005-05-03  David Shaw  <[email protected]>
+
+	* gpgkeys_http.c: Need GET defined.
+
+2005-05-01  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c, gpgkeys_oldhkp.c, ksutil.h: Some minor cleanup
+	and comments as to the size of MAX_LINE and MAX_URL.
+
+2005-04-16  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c: New hkp handler that uses curl or curl-shim.
+
+	* Makefile.am: Build new gpgkeys_hkp.
+
+	* curl-shim.c (curl_easy_perform): Cleanup.
+
+	* ksutil.h, ksutil.c (curl_writer), gpgkeys_curl.c (get_key): Pass
+	a context to curl_writer so we can support multiple fetches in a
+	single session.
+
+	* curl-shim.h, curl-shim.c (handle_error, curl_easy_setopt,
+	curl_easy_perform): Add POST functionality to the curl shim.
+
+	* curl-shim.h, curl-shim.c (curl_escape, curl_free): Emulate
+	curl_escape and curl_free.
+
+	* gpgkeys_curl.c (main): If the http-proxy option is given without
+	any arguments, try to get the proxy from the environment.
+
+	* ksutil.h, ksutil.c (curl_err_to_gpg_err, curl_writer): Copy from
+	gpgkeys_curl.c.
+
+	* gpgkeys_oldhkp.c: Copy from gpgkeys_hkp.c.
+
+2005-03-22  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c, ksutil.h, ksutil.c (print_nocr): Moved from
+	gpgkeys_ldap.c.  Print a string, but strip out any CRs.
+
+	* gpgkeys_finger.c (get_key), gpgkeys_hkp.c (get_key),
+	gpgkeys_http.c (get_key): Use it here when outputting key material
+	to canonicalize line endings.
+
+2005-03-19  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (main): Fix three wrong calls to fail_all().
+	Noted by Stefan Bellon.
+
+2005-03-17  David Shaw  <[email protected]>
+
+	* ksutil.c (parse_ks_options): Handle verbose=nnn.
+
+	* Makefile.am: Calculate GNUPG_LIBEXECDIR directly.  Do not
+	redefine $libexecdir.
+
+	* gpgkeys_curl.c, gpgkeys_finger.c, gpgkeys_ldap.c: Start using
+	parse_ks_options and remove a lot of common code.
+
+	* ksutil.h, ksutil.c (parse_ks_options): Parse OPAQUE, and default
+	debug with no arguments to 1.
+
+2005-03-16  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c: Include lber.h if configure determines we need
+	it.
+
+	* ksutil.h, ksutil.c (ks_action_to_string): New.
+	(free_ks_options): Only free if options exist.
+
+	* ksutil.h, ksutil.c (init_ks_options, free_ks_options,
+	parse_ks_options): Pull a lot of duplicated code into a single
+	options parser for all keyserver helpers.
+
+2005-02-11  David Shaw  <[email protected]>
+
+	* curl-shim.c (curl_easy_perform): Fix compile warning.
+
+	* curl-shim.h, gpgkeys_curl.c (main), gpgkeys_ldap.c (main): Add
+	ca-cert-file option, to pass in the SSL cert.
+
+	* curl-shim.h, curl-shim.c: New.  This is code to fake the curl
+	API in terms of the current HTTP iobuf API.
+
+	* gpgkeys_curl.c [FAKE_CURL], Makefile.am: If FAKE_CURL is set,
+	link with the iobuf code rather than libcurl.
+
+2005-02-05  David Shaw  <[email protected]>
+
+	* gpgkeys_finger.c (main), gpgkeys_hkp.c (main): Fix --version
+	output.
+
+	* gpgkeys_curl.c (main): Make sure the curl handle is cleaned up
+	on failure.
+
+2005-02-01  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c (get_key), gpgkeys_http.c (get_key): Fix missing
+	http_close() calls.  Noted by Phil Pennock.
+
+	* ksutil.h: Up the default timeout to two minutes.
+
+2005-01-24  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (print_nocr): New.
+	(get_key): Call it here to canonicalize line endings.
+
+	* gpgkeys_curl.c (writer): Discard everything outside the BEGIN
+	and END lines when retrieving keys.  Canonicalize line endings.
+	(main): Accept FTPS.
+
+2005-01-21  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (main): Add "check-cert" option to disable SSL
+	certificate checking (which is on by default).
+
+	* gpgkeys_curl.c (main): Add "debug" option to match the LDAP
+	helper.  Add "check-cert" option to disable SSL certificate
+	checking (which is on by default).
+
+2005-01-18  David Shaw  <[email protected]>
+
+	* gpgkeys_curl.c: Fix typo.
+
+2005-01-18  Werner Koch  <[email protected]>
+
+	* gpgkeys_curl.c: s/MAX_PATH/URLMAX_PATH/g to avoid a clash with
+	the W32 defined macro.  Removed unneeded initialization of static
+	variables.
+	* gpgkeys_http.c: Ditto.
+	* ksutil.h: s/MAX_PATH/URLMAX_PATH/.
+
+2005-01-17  David Shaw  <[email protected]>
+
+	* gpgkeys_curl.c (main): Only allow specified protocols to use the
+	curl handler.
+
+	* Makefile.am: Use LIBCURL_CPPFLAGS instead of LIBCURL_INCLUDES.
+
+2005-01-13  David Shaw  <[email protected]>
+
+	* ksutil.h, gpgkeys_curl.c, gpgkeys_hkp.c, gpgkeys_ldap.c,
+	gpgkeys_finger.c, gpgkeys_http.c: Part 2 of the cleanup.  Move all
+	the various defines to ksutil.h.
+
+	* gpgkeys_finger.c, gpgkeys_hkp.c, gpgkeys_http.c, gpgkeys_ldap.c:
+	Part 1 of a minor cleanup to use #defines instead of hard-coded
+	sizes.
+
+	* gpgkeys_finger.c (connect_server): Use INADDR_NONE instead of
+	SOCKET_ERROR.  Noted by Timo.
+
+2005-01-09  David Shaw  <[email protected]>
+
+	* gpgkeys_curl.c (get_key): Newer versions of libcurl don't define
+	TRUE.
+
+2004-12-24  David Shaw  <[email protected]>
+
+	* gpgkeys_curl.c (main): Use new defines for opting out of certain
+	transfer protocols.  Allow setting HTTP proxy via "http-proxy=foo"
+	option (there is natural support in libcurl for the http_proxy
+	environment variable).
+
+	* Makefile.am: Remove the conditional since this is all handled in
+	autoconf now.
+
+2004-12-22  David Shaw  <[email protected]>
+
+	* gpgkeys_curl.c (main): New "follow-redirects" option.  Takes an
+	optional numeric value for the maximum number of redirects to
+	allow.  Defaults to 5.
+
+	* gpgkeys_curl.c (main), gpgkeys_finger.c (main), gpgkeys_hkp.c
+	(main), gpgkeys_http.c (main), gpgkeys_ldap.c (main): Make sure
+	that a "timeout" option passed with no arguments is properly
+	handled.
+
+	* gpgkeys_curl.c (get_key, writer): New function to wrap around
+	fwrite to avoid DLL access problem on win32.
+
+	* gpgkeys_http.c (main, get_key): Properly pass authentication
+	info through to the http library.
+
+	* Makefile.am: Build gpgkeys_http or gpgkeys_curl as needed.
+
+	* gpgkeys_curl.c (main, get_key): Minor tweaks to work with either
+	FTP or HTTP.
+
+	* gpgkeys_ftp.c: renamed to gpgkeys_curl.c.
+
+	* gpgkeys_ftp.c (main, get_key): Use auth data as passed by gpg.
+	Use CURLOPT_FILE instead of CURLOPT_WRITEDATA (same option, but
+	backwards compatible).
+
+2004-12-21  David Shaw  <[email protected]>
+
+	* gpgkeys_ftp.c: New.
+
+	* Makefile.am: Build it if requested.
+
+2004-12-14  Werner Koch  <[email protected]>
+
+	* Makefile.am (install-exec-hook, uninstall-hook): Removed.  For
+	Windows reasons we can't use the symlink trick.
+
+2004-12-03  David Shaw  <[email protected]>
+
+	* Makefile.am: The harmless "ignored error" on gpgkeys_ldap
+	install on top of an existing install is bound to confuse people.
+	Use ln -s -f to force the overwrite.
+
+2004-10-28  David Shaw  <[email protected]>
+
+	* gpgkeys_finger.c [_WIN32] (connect_server): Fix typo.
+
+2004-10-28  Werner Koch  <[email protected]>
+
+	* Makefile.am (other_libs): New.  Also include LIBICONV.  Noted by
+	Tim Mooney.
+
+2004-10-28  Werner Koch  <[email protected]>
+
+	* Makefile.am (other_libs):
+
+2004-10-18  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c (send_key, get_key, search_key): Use "hkp" instead
+	of "x-hkp" so it can be used as a SRV tag.
+
+2004-10-16  David Shaw  <[email protected]>
+
+	* gpgkeys_finger.c [_WIN32] (connect_server): Fix typo.
+
+2004-10-15  Werner Koch  <[email protected]>
+
+	* gpgkeys_ldap.c (main, show_help): Kludge to implement standard
+	GNU options. Factored help printing out.
+	* gpgkeys_finger.c (main, show_help): Ditto.
+	* gpgkeys_hkp.c (main, show_help): Ditto.
+	* gpgkeys_http.c (main, show_help): Ditto.
+	* gpgkeys_test.in, gpgkeys_mailto.in: Implement --version and --help.
+
+	* Makefile.am: Add ksutil.h.
+
+2004-10-14  David Shaw  <[email protected]>
+
+	* gpgkeys_finger.c (main): We do not support relay fingering
+	(i.e. "finger://relayhost/[email protected]"), but finger URLs are
+	occasionally miswritten that way.  Give an error in this case.
+
+2004-10-14  Werner Koch  <[email protected]>
+
+	* gpgkeys_finger.c (get_key): s/unsigned char/byte/ due
+	to a strange typedef for RISC OS.  Noted by Stefan.
+
+2004-10-13  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (main), gpgkeys_hkp.c (main), gpgkeys_http.c
+	(main), gpgkeys_finger.c (main): Call timeout functions before
+	performing an action that could block for a long time.
+
+	* ksutil.h, ksutil.c: New.  Right now just contains timeout
+	functions.
+
+2004-10-11  David Shaw  <[email protected]>
+
+	* gpgkeys_finger.c, gpgkeys_hkp.c, gpgkeys_http.c, gpgkeys_ldap.c:
+	Fix a few occurances of "filename" to `filename'.
+
+2004-10-11  Werner Koch  <[email protected]>
+
+	* gpgkeys_finger.c: New.
+
+2004-08-27  Stefan Bellon  <[email protected]>
+
+	* gpgkeys_hkp.c (search_key): Fix the prior faulty fix by
+	introducing a cast but leaving skey unsigned.
+
+	* gpgkeys_hkp.c (search_key): Change type of variable skey from
+	unsigned char* to char* to fix type incompatibility.
+
+2004-08-23  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (get_key, search_key), gpgkeys_hkp.c (get_key,
+	search_key), gpgkeys_http.c (get_key): Do not give informational
+	logs since this is now done inside gpg.
+
+	* gpgkeys_hkp.c (dehtmlize): Understand the quote character
+	(i.e. "&quot;") in HTML responses.
+	(search_key): Search key must be unsigned for url encoder to work
+	properly for 8-bit values.
+
+	* gpgkeys_ldap.c (get_key): Factor out informational display into
+	new function build_info().
+
+	* gpgkeys_ldap.c (build_attrs): Properly terminate user ID strings
+	that got shrunk due to encoding.
+
+2004-08-22  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (find_basekeyspacedn): Use LDAP_SCOPE_BASE along
+	with a full DN rather than LDAP_SCOPE_ONELEVEL plus a filter to
+	find the pgpServerInfo object.  Some LDAP setups don't like the
+	search.
+	(main): Stop binding to the server since it seems no server really
+	requires it, and some require it not be there.
+
+2004-07-29  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (main): Add "debug" option.  This is only really
+	useful with OpenLDAP, but it's practically vital to debug SSL and
+	TLS setups.  Add "basedn" option.  This allows users to override
+	the autodetection for base DN.  SSL overrides TLS, so TLS will not
+	be started on SSL connections (starting an already started car).
+
+2004-07-28  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (build_attrs): Add "pgpKeySize" and "pgpSubKeyID"
+	attributes so we can do subkey searches.
+
+	* gpgkeys_ldap.c (main): Under certain error conditions, we might
+	try and unbind twice.  Don't.
+
+	* gpgkeys_ldap.c (join_two_modlists): New.
+	(send_key): Use new function so we can try a modify operation
+	first, and fail over to an add if that fails.  Add cannot cope
+	with the NULLs at the head of the modify request, so we jump into
+	the list in the middle.
+
+2004-07-27  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (main): Don't try and error out before making a
+	ldaps connection to the NAI keyserver since we cannot tell if it
+	is a NAI keyserver until we connect.  Fail if we cannot find a
+	base keyspace DN.  Fix a false success message for TLS being
+	enabled.
+
+2004-07-20  Werner Koch  <[email protected]>
+
+	* gpgkeys_ldap.c [_WIN32]: Include Windows specific header files.
+	Suggested by Brian Gladman.
+
+2004-05-26  David Shaw  <[email protected]>
+
+	* gpgkeys_http.c: General polish and removal of leftover stuff
+	from gpgkeys_hkp.c.
+
+2004-05-21  David Shaw  <[email protected]>
+
+	* gpgkeys_http.c (get_key): Cosmetic fix - make sure that URLs
+	with no path use a path of "/".
+
+	* gpgkeys_ldap.c (ldap2epochtime): We can always rely on timegm()
+	being available now, since it's a replacement function.
+
+2004-05-20  David Shaw  <[email protected]>
+
+	* gpgkeys_http.c: New program to do a simple HTTP file fetch using
+	the keyserver interface.
+
+	* Makefile.am: Build it.
+
+2004-02-28  David Shaw  <[email protected]>
+
+	* Makefile.am: Don't split LDADD across two lines since some make
+	programs can't handle blank lines after a \ continuation.  Noted
+	by Christoph Moench-Tegeder.
+
+2004-02-25  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (send_key): List pgpCertID as one of the deleted
+	attributes.  This guarantees that if something goes wrong, we
+	won't be able to complete the transaction, thus leaving any key
+	already existing on the server intact.
+
+2004-02-23  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (delete_one_attr): Removed.
+	(make_one_attr): Delete functionality added.  Optional deduping
+	functionality added (currently only used for pgpSignerID).
+	(build_attrs): Translate sig entries into pgpSignerID.  Properly
+	build the timestamp for pgpKeyCreateTime and pgpKeyExpireTime.
+
+2004-02-22  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (delete_one_attr): New function to replace
+	attributes with NULL (a "delete" that works even for nonexistant
+	attributes).
+	(send_key): Use it here to remove attributes so a modify operation
+	starts with a clean playing field.  Bias sends to modify before
+	add, since (I suspect) people update their existing keys more
+	often than they make and send new keys to the server.
+
+2004-02-21  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (epoch2ldaptime): New.  Converse of
+	ldap2epochtime.
+	(make_one_attr): New. Build a modification list in memory to send
+	to the LDAP server.
+	(build_attrs): New. Parse INFO lines sent over by gpg.
+	(free_mod_values): New.  Unwinds a modification list.
+	(send_key_keyserver): Renamed from old send_key().
+	(send_key): New function to send a key to a LDAP server.
+	(main): Use send_key() for real LDAP servers, send_key_keyserver()
+	otherwise.
+
+2004-02-20  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c: Replacement prototypes for setenv and unsetenv.
+	(search_key): Catch a SIZELIMIT_EXCEEDED error and show the user
+	whatever the server did give us.
+	(find_basekeyspacedn): There is no guarantee that namingContexts
+	will be readable.
+
+	* Makefile.am: Link gpgkeys_ldap with libutil.a to get the
+	replacement functions (and eventually translations, etc).
+
+2004-02-19  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (ldap2epochtime): LDAP timestamps are UTC, so do
+	not correct for timezones.
+	(main): Find the basekeyspacedn before we try to start TLS, so we
+	can give a better error message when a user tries to use TLS with
+	a LDAP keyserver.
+
+	* Makefile.am: Add automake conditionals to symlink gpgkeys_ldaps
+	to gpgkeys_ldap when needed.
+
+	* gpgkeys_ldap.c (main): Add support for LDAPS and TLS
+	connections.  These are only useful and usable when talking to
+	real LDAP keyservers.  Add new "tls" option to tune TLS use from
+	off, to try quietly, to try loudly, or to require TLS.
+
+	* gpgkeys_ldap.c (find_basekeyspacedn): New function to figure out
+	what kind of LDAP server we're talking to (either real LDAP or the
+	LDAP keyserver), and return the baseKeySpaceDN to find keys under.
+	(main): Call it from here, and remove the old code that only
+	handled the LDAP keyserver.
+
+2004-02-18  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (ldap_to_gpg_err): Make sure that
+	LDAP_OPT_ERROR_NUMBER is defined before we use it.
+
+	* gpgkeys_mailto.in: Fix VERSION number.
+
+2004-01-13  Werner Koch  <[email protected]>
+
+	* gpgkeys_hkp.c (send_key): Add a content type.
+
+2004-01-11  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c (search_key): Catch a mangled input file (useful
+	if something other than GnuPG is calling the program).
+	(main): Avoid possible pre-string write.  Noted by Christian
+	Biere.
+
+	* gpgkeys_ldap.c (main): Avoid possible pre-string write.
+
+2003-12-28  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c (send_key, get_key, main): Work with new HTTP code
+	that passes the proxy in from the outside.  If the command file
+	sends a proxy, use it.  If it sends "http-proxy" with no
+	arguments, use $http_proxy from the environment.  Suggested by
+	Christian Biere.
+
+2003-12-28  Stefan Bellon  <[email protected]>
+
+	* gpgkeys_hkp.c, gpgkeys_ldap.c [__riscos__]: Removal of
+	unnecessary #ifdef __riscos__ sections.
+
+2003-11-27  Werner Koch  <[email protected]>
+
+	* gpgkeys_hkp.c (get_key): Fixed invalid use of fprintf without
+	format string.
+
+2003-10-25  Werner Koch  <[email protected]>
+
+	* Makefile.am (gpgkeys_hkp_LDADD): Replaced INTLLIBS by LIBINTL.
+
+2003-07-10  David Shaw  <[email protected]>
+
+	* Makefile.am: Use W32LIBS where appropriate.
+
+2003-05-30  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c, gpgkeys_ldap.c: #include <getopt.h> if it is
+	available.  Also include extern references for optarg and optind
+	since there is no guarantee that any header file will include
+	them.  Standards?  We don't need no stinkin' standards.
+
+	* Makefile.am: Use @GETOPT@ to pull in libiberty on those
+	platforms that need it.
+
+2003-04-08  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c (dehtmlize, parse_hkp_index): Fix memory
+	corruption bug on some platforms.
+
+2003-03-11  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c (get_key): Properly handle CRLF line endings in
+	the armored key.
+	(main): Accept "try-dns-srv" option.
+
+	* Makefile.am: Use @CAPLIBS@ to link in -lcap if we are using
+	capabilities.  Use @SRVLIBS@ to link in the resolver if we are
+	using DNS SRV.
+
+2003-02-11  David Shaw  <[email protected]>
+
+	* Makefile.am: Use a local copy of libexecdir along with @PACKAGE@
+	so it can be easily overridden at make time.
+
+2003-01-29  David Shaw  <[email protected]>
+
+	* gpgkeys_mailto.in: Fix regexp to work properly if the "keyid" is
+	not a keyid, but rather a text string from the user ID.
+
+2003-01-06  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c (get_key): Use options=mr when getting a key so
+	keyserver doesn't attach the HTML header which we will just have
+	to discard.
+
+2002-11-17  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (main), gpgkeys_hkp.c (main): Use new keyserver
+	protocol version.
+
+2002-11-14  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (get_key): The deduping code requires
+	"pgpcertid", but that was not available when running without
+	verbose on.  Noted by Stefan.
+
+2002-11-10  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (get_key): Fix typo in deduping code.
+
+2002-11-05  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (key_in_keylist, add_key_to_keylist,
+	free_keylist, get_key, search_key): The LDAP keyserver doesn't
+	remove duplicates, so remove them locally.  Do not include the key
+	modification time in the search response.
+
+2002-11-04  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c (send_key), gpgkeys_ldap.c (send_key): Properly
+	handle an input file that does not include any key data at all.
+
+2002-10-24  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c (main), gpgkeys_ldap.c (main): Add -V flag to
+	output protocol and program version.
+
+2002-10-21  David Shaw  <[email protected]>
+
+	* Makefile.am: Anything linking with libutil.a needs INTLLIBS as
+	well on platforms where INTLLIBS is set.
+
+2002-10-14  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c (write_quoted): Use %-encoding instead of
+	\-encoding.
+	(parse_hkp_index): Use new keyserver key listing format, and add
+	support for disabled keys via include-disabled.
+
+	* gpgkeys_ldap.c (get_key): Don't print keysize unless it's >0.
+	(printquoted): Use %-encoding instead of \-encoding.
+	(search_key): Use new keyserver key listing format.
+
+2002-10-08  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (search_key, main): Make sure LDAP values are
+	freed in case of error.
+
+	* gpgkeys_ldap.c (fail_all): New function to unwind a keylist and
+	error each item.
+	(main): Call fail_all from here, as needed.  Also add a NO_MEMORY
+	error in an appropriate place and fix error return code.
+	(ldap_err_to_gpg_err): Add KEYSERVER_UNREACHABLE.
+
+	* gpgkeys_hkp.c (fail_all): New function to unwind a keylist and
+	error each item.
+	(main): Call fail_all from here.  Also add a NO_MEMORY error in an
+	appropriate place.
+	(get_key): Use new UNREACHABLE error for network errors.
+
+2002-09-26  Werner Koch  <[email protected]>
+
+	* gpgkeys_ldap.c (send_key): Removed non-constant initializers.
+
+2002-09-24  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (ldap_err_to_gpg_err, ldap_to_gpg_err, send_key,
+	get_key, search_key, main): Some minor error reporting
+	enhancements for use with GPA (show reasons for KEY FAILED).
+
+	* gpgkeys_hkp.c (send_key, get_key, search_key, main): Some minor
+	error reporting enhancements for use with GPA (show reasons for
+	KEY FAILED).
+
+2002-09-20  Werner Koch  <[email protected]>
+
+	* gpgkeys_hkp.c (handle_old_hkp_index): s/input/inp/ to avoid
+	shadowing warning.
+
+2002-09-19  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c (get_key, handle_old_hkp_index, search_key):
+	Properly handle line truncation.
+
+2002-09-16  David Shaw  <[email protected]>
+
+	* gpgkeys_mailto.in: Add quasi-RFC-2368 mailto:email@addr?from=
+	syntax so people can set their own email address to respond to.
+
+	* gpgkeys_hkp.c (get_key): Properly respond with KEY FAILED (to
+	gpg) and "key not found" (to user) on failure.
+
+2002-09-13  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c: (search_key, handle_old_hkp_index): Try and
+	request a machine-readable key index.  If the server supports
+	this, pass it through.  If the server does not support it, parse
+	the "index" page.
+
+2002-09-12  Stefan Bellon  <[email protected]>
+
+	* gpgkeys_hkp.c: Tidied up RISC OS initializations.
+
+2002-09-12  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c (main): Remove warning - this is no longer
+	experimental code.
+
+2002-09-09  Werner Koch  <[email protected]>
+
+	* gpgkeys_hkp.c (send_key, get_key, search_key): Check return
+	value of malloc.
+	(dehtmlize): Use ascii_tolower to protect against weird locales.
+	Cast the argument for isspace for the sake of broken HP/UXes.
+	(search_key): Check return value of realloc.
+
+2002-09-09  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (get_key): Some compilers (RISC OS, HPUX c89)
+	don't like using variables as array initializers.
+
+	* gpgkeys_hkp.c (send_key): Use CRLF in headers.
+
+2002-08-28  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c (parse_hkp_index): Use same types on all
+	platforms.  This was probably leftover from earlier code where the
+	typing mattered.
+
+	* gpgkeys_hkp.c: Overall cleanup from iobuf conversion.  Be
+	consistent in m_alloc and malloc usage.  Remove include-disabled
+	(meaningless on HKP).  RISC OS tweak.
+
+2002-08-27  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c, Makefile.am: Convert over to using iobufs.
+
+	* gpgkeys_hkp.c (http_get, http_post): Use CRLF for line endings.
+
+	* gpgkeys_hkp.c: Include util.h on RISC OS as per Stefan.  Include
+	a replacement for hstrerror() for those platforms (such as RISC
+	OS) that don't have it.
+
+2002-08-26  David Shaw  <[email protected]>
+
+	* Makefile.am: May as well include gpgkeys_hkp.c in the
+	distribution now.  It works well enough without proxies, and isn't
+	built by default.  It would be good to get some test experience
+	with it.
+
+	* gpgkeys_hkp.c (main): Don't warn about include-subkeys - it
+	isn't unsupported, it's actually non-meaningful in the context of
+	HKP (yet).
+
+	* gpgkeys_hkp.c (parse_hkp_index, dehtmlize): Move HTML
+	functionality into new "dehtmlize" function.  Remove HTML before
+	trying to parse each line from the keyserver.  If the keyserver
+	provides key type information in the listing, use it.  (Copy over
+	from g10/hkp.c).
+
+2002-08-19  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c (get_key, parse_hkp_index): Bring over latest code
+	from g10/hkp.c.
+
+	* gpgkeys_ldap.c (get_key): Fix cosmetic URL display problem
+	(extra ":" at the end).
+
+2002-08-03  Stefan Bellon  <[email protected]>
+
+	* gpgkeys_ldap.c: Tidied up RISC OS initializations.
+
+2002-07-25  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c: "Warning" -> "WARNING"
+
+2002-07-24  David Shaw  <[email protected]>
+
+	* Makefile.am: Install keyserver helpers in @GNUPG_LIBEXECDIR@
+
+2002-07-15  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (send_key, get_key, main): Consult the server
+	version string to determine whether to use pgpKey or pgpKeyV2.
+
+2002-07-09  David Shaw  <[email protected]>
+
+	* gpgkeys_mailto.in: Use new OPAQUE tag for non net-path URIs.
+	Fail more elegantly if there is no email address to send to.  Show
+	the GnuPG version in the message body.
+
+2002-07-04  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (get_key), gpgkeys_hkp.c (get_key): Display
+	keyserver URI as a URI, but only if verbose.
+
+2002-07-01  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c (parse_hkp_index): Error if the keyserver returns
+	an unparseable HKP response.
+
+	* gpgkeys_hkp.c (main): Warn on honor-http-proxy,
+	broken-http-proxy, and include-subkeys (not supported yet).
+
+	* gpgkeys_ldap.c (main), gpgkeys_hkp.c (http_connect, main): Fix
+	some shadowing warnings.
+
+2002-06-11  David Shaw  <[email protected]>
+
+	* Makefile.am: Don't hard-code the LDAP libraries - get them from
+	LDAPLIBS via configure.  Also, gpgkeys_hkp is a program, not a
+	script.
+
+2002-06-10  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (include_subkeys): Default "include-subkeys" to
+	off, since GnuPG now defaults it to on.
+
+2002-06-06  David Shaw  <[email protected]>
+
+	* gpgkeys_hkp.c (parse_hkp_index): Type tweaks.
+
+	* gpgkeys_hkp.c (main): Add experimental code warning.
+
+2002-06-05  David Shaw  <[email protected]>
+
+	* Makefile.am, gpgkeys_hkp.c (new): Experimental HKP keyserver
+	interface.
+
+2002-05-08  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c: Include <lber.h> if we absolutely must.  This
+	helps when compiling against a very old OpenLDAP.
+
+2002-04-29  David Shaw  <[email protected]>
+
+	* gpgkeys_mailto.in: Properly handle key requests in full
+	fingerprint form.
+
+2002-03-29  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (printquoted): Quote backslashes within keyserver
+	search responses.
+
+2002-02-25  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap (get_key): LDAP keyservers do not support v3
+	fingerprints, so error out if someone tries.  Actually, they don't
+	support any fingerprints, but at least we can calculate a keyid
+	from a v4 fingerprint.
+
+2002-02-23  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap: Clarify the notion of a partial failure.  This is
+	possible if more than one key is being handled in a batch, and one
+	fails while the other succeeds.  Note that a search that comes up
+	with no results is not a failure - that is a valid response of "no
+	answer".
+
+	* gpgkeys_ldap.c (get_key): Allow GnuPG to send us full v4
+	fingerprints, long key ids, or short key ids while fetching.
+	Since the LDAP server doesn't actually handle fingerprints, chop
+	them down to long key ids for actual use.
+
+	* gpgkeys_ldap.c (main, get_key): When searching for a keyid,
+	search for subkeys as well as primary keys.  This is mostly
+	significant when automatically fetching the key based on the id in
+	a header (i.e. "signature made by....").  "no-include-subkeys"
+	disables.
+
+2002-02-14  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c: Fix compiler warning.
+
+	* gpgkeys_ldap.c: Be much more robust with mangled input files.
+
+2001-12-28  David Shaw  <[email protected]>
+
+	* gpgkeys_mailto.in: Use the new OUTOFBAND indicator so gpg knows
+	not to try and import anything.  Also turn on perl -w for
+	warnings.
+
+	* gpgkeys_ldap.c (main): If we're using temp files (rather than
+	stdin/stdout), make sure the file is closed when we're done.
+
+2001-12-20  David Shaw  <[email protected]>
+
+	* Properly free the LDAP response when we're done with it.
+
+	* Now that we handle multiple keys, we must remove duplicates as
+	the LDAP keyserver returns keys with multiple user IDs multiple
+	times.
+
+	* Properly handle multiple keys with the same key ID (it's really
+	rare, so fetch "0xDEADBEEF" to test this).
+
+2001-12-17  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c, gpgkeys_mailto.in: Fix GNU capitalization
+	issues.  Prefix log messages with "gpgkeys" to clarify which
+	program is generating them.
+
+2001-12-14  David Shaw  <[email protected]>
+
+	* gpgkeys_ldap.c (search_key): Use unsigned int rather than uint
+	for portability.
+
+2001-12-04  David Shaw  <[email protected]>
+
+	* Initial version of gpgkeys_ldap (LDAP keyserver helper) and
+	gpgkeys_mailto (email keyserver helper)
+
+
+ Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006,
+	   2007 Free Software Foundation, Inc.
+
+ This file is free software; as a special exception the author gives
+ unlimited permission to copy and/or distribute it, with or without
+ modifications, as long as this notice is preserved.
+
+ This file is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+ implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+Local Variables:
+buffer-read-only: t
+End:
diff --git a/dirmngr/ChangeLog.1 b/dirmngr/ChangeLog.1
deleted file mode 100644
index f7b50c7a1..000000000
--- a/dirmngr/ChangeLog.1
+++ /dev/null
@@ -1,806 +0,0 @@
-There are old Dirmngr ChangeLog entries.
-
-2004-10-04  Werner Koch  <[email protected]>
-
-	* src/dirmngr.c: Changed an help entry description.
-
-2004-09-30  Werner Koch  <[email protected]>
-
-	* src/dirmngr.c (i18n_init): Always use LC_ALL.
-
-2004-09-28  Werner Koch  <[email protected]>
-
-	Released 0.5.6.
-
-	* config.guess, config.sub: Updated.
-
-2004-06-21  Werner Koch  <[email protected]>
-
-	* src/crlfetch.c (crl_fetch): Bad hack to use the right attribute.
-
-2004-05-13  Werner Koch  <[email protected]>
-
-        Released 0.5.5.
-
-	* src/ldap.c (start_cert_fetch_ldap, start_cert_fetch_ldap): More
-	detailed error messages.
-
-	* src/crlcache.c (update_dir): Handle i-records properly.
-
-2004-04-29  Werner Koch  <[email protected]>
-
-	Released 0.5.4.
-
-	* src/crlcache.h (crl_cache_result_t): Add CRL_CACHE_CANTUSE.
-	* src/server.c (cmd_isvalid): Handle it here.
-	* src/crlcache.c (crl_cache_isvalid): Issue this code if the CRL
-	cant be used.
-	(open_dir): Parse new fields 8,9 and 10 as well as the invalid flag.
-	(write_dir_line_crl): Write new fields.
-	(get_crl_number, get_auth_key_id): New.
-	(crl_cache_insert): Fill new fields.  Mark the entry invalid if
-	the CRL is too old after an update or an unknown critical
-	extension was seen.
-	(list_one_crl_entry): Print the new fields.
-
-2004-04-28  Werner Koch  <[email protected]>
-
-	* configure.ac: Requires libksba 0.9.6.
-
-	* src/dirmngr.c: New option --ocsp-signer.
-	* src/dirmngr.h (opt): Renamed member OCSP_REPONDERS to
-	OCSP_RESPONDER and made ist a simple string. Add OCSP_SIGNER.
-	* src/ocsp.c (ocsp_isvalid): Changed it accordingly.
-	(ocsp_isvalid): Pass the ocsp_signer to check_signature.
-	(check_signature): New arg SIGNER_FPR.  Use it to retrieve the
-	certificate. Factored out common code to ..
-	(check_signature_core): .. New.
-
-2004-04-27  Werner Koch  <[email protected]>
-
-	* src/server.c (start_command_handler): Keep track of the first
-	connection.
-	(dirmngr_tick): New.
-	* src/ldap.c (attr_fetch_fun_reader): Call it from time to time.
-
-2004-04-23  Werner Koch  <[email protected]>
-
-	* src/dirmngr.c (main): Removed the add-servers option from the
-	gpgconf list.  It is not really useful.
-
-2004-04-02  Thomas Schwinge  <[email protected]>
-
-	* autogen.sh: Added ACLOCAL_FLAGS.
-
-2004-04-13  Werner Koch  <[email protected]>
-
-	* src/crlcache.c (update_dir): Do not double close FPOUT.
-
-2004-04-09  Werner Koch  <[email protected]>
-
-	* src/cdblib.c (cdb_make_start): Wipeout the entire buffer to
-	shutup valgrind.
-	(ewrite): Fixed writing bad data on EINTR.
-
-	* src/ldap.c (get_attr_from_result_ldap): Fixed bad copy and
-	terminate of a string.
-
-	* src/crlfetch.c (crl_fetch): Fixed freeing of VALUE on error.
-
-2004-04-07  Werner Koch  <[email protected]>
-
-	* src/dirmngr.h (server_control_s): Add member force_crl_refresh.
-	* src/server.c (option_handler): New.
-	(start_command_handler): Register option handler
-	* src/crlcache.c (crl_cache_isvalid): Add arg FORCE_REFRESH.
-	(crl_cache_insert): Record last refresh in memory.
-
-	* src/server.c (inquire_cert_and_load_crl): Renamed from
-	inquire_cert.
-
-2004-04-06  Werner Koch  <[email protected]>
-
-	Released 0.5.3
-
-	* doc/dirmngr.texi: Updated.
-	* doc/texinfo.tex: Updated.
-
-2004-04-05  Werner Koch  <[email protected]>
-
-	* src/ocsp.c (ocsp_isvalid): Check THIS_UPDATE.
-
-	* src/misc.c (add_isotime): New.
-	(date2jd, jd2date, days_per_month, days_per_year): New. Taken from
-	my ancient (1988) code used in Wedit (time2.c).
-
-2004-04-02  Werner Koch  <[email protected]>
-
-	* autogen.sh: Check gettext version.
-	* configure.ac: Add AM_GNU_GETTEXT.
-
-2004-04-02  gettextize  <[email protected]>
-
-	* Makefile.am (SUBDIRS): Add intl.
-	(EXTRA_DIST): Add config.rpath.
-	* configure.ac (AC_CONFIG_FILES): Add intl/Makefile,
-
-2004-04-02  Werner Koch  <[email protected]>
-
-	Add i18n at most places.
-
-	* src/dirmngr.c (i18n_init): New.
-	(main): Call it.
-	* src/dirmngr.h: Add i18n stuff.
-
-2004-04-01  Werner Koch  <[email protected]>
-
-	* src/misc.c (get_fingerprint_hexstring): New.
-
-	* src/server.c (dirmngr_status): New.
-
-2004-03-26  Werner Koch  <[email protected]>
-
-	* configure.ac: Add AC_SYS_LARGEFILE.
-
-	* doc/dirmngr.texi: Changed the license to the GPL as per message
-	by Mathhias Kalle Dalheimer of Klaralvdalens-Datakonsult dated
-	Jan 7, 2004.
-	* doc/fdl.texi: Removed.
-
-2004-03-25  Werner Koch  <[email protected]>
-
-	* src/dirmngr.c (main): New command --fetch-crl.
-
-2004-03-23  Werner Koch  <[email protected]>
-
-	* src/dirmngr.c: New option --allow-ocsp.
-	* src/server.c (cmd_isvalid): Make use of allow_ocsp.
-
-2004-03-17  Werner Koch  <[email protected]>
-
-	* src/dirmngr.c (main) <gpgconf>: Fixed default value quoting.
-
-2004-03-16  Werner Koch  <[email protected]>
-
-	* src/dirmngr.c (main): Add ocsp-responder to the gpgconf list.
-	Add option --debug-level.
-	(set_debug): New.
-
-2004-03-15  Werner Koch  <[email protected]>
-
-	* src/misc.c (canon_sexp_to_grcy): New.
-
-2004-03-12  Werner Koch  <[email protected]>
-
-	* src/crlfetch.c (crl_fetch): Hack to substitute http for https.
-
-2004-03-10  Werner Koch  <[email protected]>
-
-	* src/dirmngr.c (parse_ldapserver_file): Don't skip the entire
-	file on errors.
-
-2004-03-09  Werner Koch  <[email protected]>
-
-	* src/dirmngr.c (my_ksba_hash_buffer): New.
-	(main): Initialize the internal libksba hashing.
-
-	* src/server.c (get_issuer_cert_local): Renamed to ...
-	(get_cert_local): ... this.  Changed all callers.  Allow NULL for
-	ISSUER to return the current target cert.
-	(get_issuing_cert_local): New.
-	(do_get_cert_local): Moved common code to here.
-
-2004-03-06  Werner Koch  <[email protected]>
-
-	Released 0.5.2.
-
-	* configure.ac: Fixed last change to check the API version of
-	libgcrypt.
-
-2004-03-05  Werner Koch  <[email protected]>
-
-	* configure.ac: Also check the SONAME of libgcrypt.
-
-2004-03-03  Werner Koch  <[email protected]>
-
-	* src/dirmngr.c: New option --ocsp-responder.
-	* src/dirmngr.h (opt): Add member OCSP_RESPONDERS.
-
-2004-02-26  Steffen Hansen  <[email protected]>
-
-	* src/server.c (start_command_handler): Corrected typo and made
-	dirmngr output it's version in the greeting message.
-
-2004-02-24  Marcus Brinkmann  <[email protected]>
-
-	* src/dirmngr.c (DEFAULT_ADD_SERVERS): Removed.  If this were
-	true, there'd be no way to disable it.
-	(main): Dump options in new gpgconf format.
-
-2004-02-11  Werner Koch  <[email protected]>
-
-	* autogen.sh (check_version): Removed bashism and simplified.
-
-2004-02-06  Moritz Schulte  <[email protected]>
-
-	* src/crlfetch.c (crl_fetch_default): Do not dereference VALUE,
-	when checking for non-zero.
-
-2004-02-01  Marcus Brinkmann  <[email protected]>
-
-	* src/dirmngr.c (DEFAULT_ADD_SERVERS, DEFAULT_MAX_REPLIES)
-	(DEFAULT_LDAP_TIMEOUT): New macros.
-	(main): Use them.
-	(enum cmd_and_opt_values): New command aGPGConfList.
-	(main): Add handler here.
-
-2004-01-17  Werner Koch  <[email protected]>
-
-	* configure.ac: Added AC_CHECK_FUNCS tests again, because the
-	other test occurrences belong to the jnlib tests block.
-
-2004-01-15  Moritz Schulte  <[email protected]>
-
-	* configure.ac: Fixed funopen replacement mechanism; removed
-	unnecessary AC_CHECK_FUNCS calls.
-
-2004-01-14  Werner Koch  <[email protected]>
-
-	* src/crlcache.c (list_one_crl_entry): Don't use putchar.
-
-	* src/server.c (cmd_listcrls): New.
-
-2003-12-23  Werner Koch  <[email protected]>
-
-	Released 0.5.1.
-
-2003-12-17  Werner Koch  <[email protected]>
-
-	* configure.ac (CFLAGS): Add -Wformat-noliteral in gcc +
-	maintainer mode.
-	(NEED_LIBASSUAN_VERSION): Bump up to 0.6.2.
-
-2003-12-16  Werner Koch  <[email protected]>
-
-	* configure.ac: Update the tests for jnlib.
-	* src/dirmngr.c (main): Ignore SIGPIPE in server mode.
-
-2003-12-12  Werner Koch  <[email protected]>
-
-	* src/crlcache.c (hash_dbfile): Also hash version info of the
-	cache file format.
-
-	* src/Makefile.am (dirmngr_SOURCES): Add http.h.
-
-	* configure.ac: Removed checking for DB2. Add checking for mmap.
-	* src/cdb.h, src/cdblib.h: New.  Add a few comments from the
-	original man page and fixed typos.
-	* src/cdblib.c (cdb_findinit, cdb_findnext): Modified to allow
-	walking over all entries.
-	* src/crlcache.h: Removed DB2/4 cruft.
-	(release_one_cache_entry, lock_db_file, crl_parse_insert)
-	(crl_cache_insert, crl_cache_isvalid, list_one_crl_entry): Use the
-	new CDB interface.
-
-	* src/dirmngr.c: Beautified the help messages.
-	(wrong_args): New.
-	(main): new option --force.  Revamped the command handling code.
-	Allow to pass multiple CRLS as well as stdin to --local-crl.
-	* src/crlcache.c (crl_cache_insert): Make --force work.
-
-2003-12-11  Werner Koch  <[email protected]>
-
-	* src/crlfetch.c (crl_fetch): Enhanced to allow fetching binary
-	data using HTTP.
-	* src/http.c, src/http.h: Replaced by the code from gnupg 1.3 and
-	modified acording to our needs.
-	(read_line): New. Based on the code from GnuPG's iobuf_read_line.
-	* configure.ac: Check for getaddrinfo.
-
-	* src/dirmngr.c (parse_ldapserver_file): Close the stream.
-	(main): Free ldapfile.
-
-	* src/ocsp.c, src/ocsp.h: New. Albeit not functionality.
-
-	* src/server.c (inquire_cert): Catch EOF when reading dist points.
-
-	* src/crlcache.c (hash_dbfile, check_dbfile): New.
-	(lock_db_file, crl_cache_insert): Use them here to detect
-	corrupted CRL files.
-	(open_dir): Read the new dbfile hash field.
-
-	* src/crlfetch.c (crl_fetch, crl_fetch_default): Changed to retrun
-	a stream.
-	(fun_reader, fun_closer, setup_funopen): New.
-	* src/server.c (inquire_cert): Changed to use the new stream interface
-	of crlfetch.c.
-
-2003-12-10  Werner Koch  <[email protected]>
-
-	* src/funopen.c: New.
-	* configure.ac (funopen): Add test.
-	* src/Makefile.am (dirmngr_LDADD): Add LIBOBJS.
-
-	* src/crlcache.c (next_line_from_file): Remove the limit on the
-	line length.
-	(crl_cache_new): Removed.
-	(open_dbcontent): New.
-	(crl_cache_init): Use it here.
-	(crl_cache_flush): The DB content fie is now in the cache
-	directory, so we can simplify it.
-	(make_db_file_name, lock_db_file, unlock_db_file): New.
-	(release_cache): Close the cached DB files.
-	(crl_cache_isvalid): Make use of the new lock_db_file.
-	(crl_cache_insert): Changed to take a stream as argument.
-	(crl_parse_insert): Rewritten to use a temporary DB and to avoid
-	using up large amounts of memory.
-	(db_entry_new): Removed.
-	(release_cache,release_one_cache_entry): Splitted up.
-	(find_entry): Take care of the new deleted flag.
-	(crl_cache_load): Simplified becuase we can now pass a FP to the
-	insert code.
-	(save_contents): Removed.
-	(update_dir): New.
-	(open_dbcontent_file): Renamed to open_dir_file.
-	(check_dbcontent_version): Renamed to check_dir_version.
-	(open_dbcontent): Renamed to open_dir.
-
-	* src/dirmngr.c: New option --faked-system-time.
-	* src/misc.c (faked_time_p, set_time, get_time): New.  Taken from GnuPG.
-	(check_isotime): New.
-	(unpercent_string): New.
-
-2003-12-09  Werner Koch  <[email protected]>
-
-	* src/crlcache.h (DBDIR,DBCONTENTFILE): Changed value.
-
-	* autogen.sh: Reworked.
-	* README.CVS: New.
-	* configure.ac: Added min_automake_version.
-
-2003-12-03  Werner Koch  <[email protected]>
-
-	* src/server.c (cmd_lookup): Send an END line after each
-	certificate.
-
-2003-11-28  Werner Koch  <[email protected]>
-
-	* src/Makefile.am (dirmngr_LDADD): Remove DB_LIBS
-	because it never got defined and -ldb{2,4} is implictly set
-	by the AC_CHECK_LIB test in configure.
-
-	* src/crlcache.c (mydbopen): DB4 needs an extra parameter; I
-	wonder who ever tested DB4 support.  Add an error statement in
-	case no DB support is configured.
-
-	* tests/Makefile.am: Don't use AM_CPPFLAGS but AM_CFLAGS, replaced
-	variables by configure templates.
-	* src/Makefile.am: Ditto.
-
-2003-11-19  Werner Koch  <[email protected]>
-
-	* src/crlcache.c (list_one_crl_entry): Define X to nothing for non
-	DB4 systems.  Thanks to Luca M. G. Centamore.
-
-2003-11-17  Werner Koch  <[email protected]>
-
-	Released 0.5.0
-
-	* src/crlcache.c (crl_cache_new): Fixed eof detection.
-
-	* src/server.c (cmd_loadcrl): Do the unescaping.
-
-	* doc/dirmngr.texi: Added a history section for this modified
-	version.
-
-2003-11-14  Werner Koch  <[email protected]>
-
-	* tests/asschk.c: New.  Taken from GnuPG.
-	* tests/Makefile.am: Added asschk.
-
-2003-11-13  Werner Koch  <[email protected]>
-
-	* src/ldap.c (fetch_next_cert_ldap): Get the pattern switching
-	right.
-
-	* tests/test-dirmngr.c: Replaced a couple of deprecated types.
-
-	* configure.ac (GPG_ERR_SOURCE_DEFAULT): Added.
-	(fopencookie, asprintf): Removed unneeded test.
-	(PRINTABLE_OS_NAME): Updated the test from gnupg.
-	(CFLAGS): Do full warnings only in maintainer mode. Add flag
-	--enable gcc-warnings to override it and to enable even more
-	warnings.
-	* acinclude.m4: Removed the libgcrypt test.
-
-	* src/ldap.c (get_attr_from_result_ldap): Simplified the binary
-	hack and return a proper gpg error.
-	(attr_fetch_ldap_internal): Changed error handling.
-	(attr_fetch_ldap): Reworked.  Return configuration error if no
-	servers are configured.
-	(url_fetch_ldap, add_server_to_servers)
-	(url_fetch_ldap_internal): Reworked.
-	(struct cert_fetch_context_s): New to get rid of a global state.
-	(start_cert_fetch_ldap): Allocate context and do a bind with a
-	timeout.  Parse pattern.
-	(end_cert_fetch_ldap): Take context and don't return anything.
-	(find_next_pattern): Removed.
-	(parse_one_pattern): Redone.
-	(get_cert_ldap): Redone.
-	* src/server.c (cmd_lookup): Changed for changed fetch functions.
-
-	* doc/dirmngr.texi: Reworked a bit to get rid of tex errors.
-
-	* configure.ac: Enable makeinfo test.
-
-	* src/crlcache.c (crl_cache_insert): Fixed for latest KSBA API
-	changes.
-	* tests/test-dirmngr.c (main): Ditto.  Also added some more error
-	checking.
-
-2003-11-11  Werner Koch  <[email protected]>
-
-	* src/cert.c (hashify_data, hexify_data, serial_hex)
-	(serial_to_buffer): Moved all to ...
-	* src/misc.c: .. here.
-	* src/Makefile.am (cert.c, cert.h): Removed.
-	* cert.c, cert.h: Removed.
-
-	* m4/: New.
-	* configure.ac, Makefile.am: Include m4 directory support, updated
-	required library versions.
-
-	* src/cert.c (make_cert): Removed.
-
-	* src/ldap.c (fetch_next_cert_ldap): Return a gpg style error.
-
-	* src/misc.h (copy_time): New.
-	* src/misc.c (get_isotime): New.
-	(iso_string2time, iso_time2string): Removed.
-	(unhexify): New.
-
-	* src/crlcache.h (DBCONTENTSVERSION): Bumbed to 0.6.
-	* src/crlcache.c (finish_sig_check): New.  Factored out from
-	crl_parse_insert and entirely redone.
-	(do_encode_md): Removed.
-	(print_time): Removed
-	(crl_cache_isvalid): Reworked.
-
-2003-11-10  Werner Koch  <[email protected]>
-
-	* src/crlcache.c (make_db_val, parse_db_val): Removed.
-
-	* src/cert.c (serial_to_buffer): New.
-
-	* src/server.c (get_issuer_cert_local): Rewritten.
-
-	* src/crlcache.c (crl_parse_insert): Rewritten.  Takes now a CTRL
-	instead of the Assuan context. Changed caller accordingly.
-	(get_issuer_cert): Cleaned up.
-
-	* src/crlfetch.c (crl_fetch): Changed VALUE to unsigned char* for
-	documentation reasons.  Make sure that VALUE is released on error.
-	(crl_fetch_default, ca_cert_fetch): Ditto.
-
-	* src/crlcache.c (release_cache): New.
-	(crl_cache_deinit): Use it here.
-	(crl_cache_flush): Redone.
-	(save_contents): Redone.
-	(crl_cache_list, list_one_crl_entry): Print error messages.
-
-2003-11-06  Werner Koch  <[email protected]>
-
-	* src/crlcache.c (create_directory_if_needed, cleanup_cache_dir):
-	New.  Factored out from crl_cache_new and mostly rewritten.
-	(crl_cache_new): Rewritten.
-	(next_line_from_file): New.
-	(find_entry): Cleaned up.
-	(crl_cache_deinit): Cleaned up.
-
-	* src/dirmngr.c (dirmngr_init_default_ctrl): New stub.
-	* src/dirmngr.h (ctrl_t): New.
-	(DBG_ASSUAN,...): Added the usual debug test macros.
-	* src/server.c: Removed the GET_PTR cruft, replaced it by ctrl_t.
-	Removed the recursion flag.
-	(get_issuer_cert_local): Allow for arbitary large
-	certificates. 4096 is definitely too small.
-	(inquire_cert): Ditto.
-	(start_command_handler): Set a hello line and call the default
-	init function.
-	(cmd_isvalid): Rewritten.
-	(inquire_cert): Removed unused arg LINE. General cleanup.
-	(map_assuan_err,map_to_assuan_status): New.  Taken from gnupg 1.9.
-	(cmd_lookup): Rewritten.
-	(cmd_loadcrl): Started to rewrite it.
-
-2003-10-29  Werner Koch  <[email protected]>
-
-	* src/dirmngr.c (parse_ldapserver_file): Entirely rewritten.
-	(cleanup): New.
-	(main): Cleaned up.
-
-2003-10-28  Werner Koch  <[email protected]>
-
-	* src/dirmngr.h: Renamed dirmngr_opt to opt.
-
-	* src/dirmngr.c (parse_ldapserver_file, free_ldapservers_list):
-	Moved with this file.  Cleaned up.  Replaced too deep recursion in
-	the free function.
-
-2003-10-21  Werner Koch  <[email protected]>
-
-	Changed all occurrences of assuan.h to use use the system provided
-	one.
-	* src/server.c (register_commands): Adjusted for Assuan API change.
-
-2003-08-14  Werner Koch  <[email protected]>
-
-	* src/Makefile.am: s/LIBKSBA_/KSBA_/. Changed for external Assuan lib.
-	* tests/Makefile.am: Ditto.
-
-	* configure.ac: Partly restructured, add standard checks for
-	required libraries, removed included libassuan.
-	* Makefile.am (SUBDIRS): Removed assuan becuase we now use the
-	libassuan package.
-
-	* src/dirmngr.c (main): Properly initialize Libgcrypt and libksba.
-
-2003-08-13  Werner Koch  <[email protected]>
-
-	* src/server.c (get_issuer_cert_local): Print error using
-	assuan_strerror.
-
-	* src/crlcache.c (do_encode_md, start_sig_check): Adjust for
-	changed Libgcrypt API.
-
-2003-06-19  Steffen Hansen  <[email protected]>
-
-	* configure.ac: Upped version to 0.4.7-cvs.
-
-2003-06-19  Steffen Hansen  <[email protected]>
-
-	* configure.ac: Release 0.4.6.
-
-2003-06-17  Bernhard Reiter <[email protected]>
-
-	* src/ldap.c (url_fetch_ldap()):
-	  try other default servers when an url with hostname failed
-	* AUTHORS:  added Steffen and Werner
-	* THANKS: Thanked people in the ChangeLog and the Ägypten-Team
-
-
-2003-06-16  Steffen Hansen  <[email protected]>
-
-	* configure.ac, src/crlcache.h, src/crlcache.c: Added db4 support.
-	* src/Makefile.am, tests/Makefile.am: Removed automake warning.
-	* tests/test-dirmngr.c: Removed a warning.
-
-2003-05-12  Steffen Hansen  <[email protected]>
-
-	* doc/Makefile.am: Added dirmngr.ops to DISTCLEANFILES.
-	* ChangeLog, doc/ChangeLog, src/ChangeLog: Merged dirmngr ChangeLogs
-	into one toplevel file.
-	* acinclude.m4, configure.ac: Renamed PFX to PATH for consistency.
-
-2003-05-12  Steffen Hansen  <[email protected]>
-
-	* src/ldap.c: Fixed end-of-certificates-list indication.
-
-2003-05-08  Steffen Hansen  <[email protected]>
-
-	* src/server.c: Fixed iteration over server list
-
-2003-02-23  Steffen Hansen  <[email protected]>
-
-	* src/crlcache.h, src/crlcache.c, src/dirmngr.c: Implemented --flush command.
-
-2003-02-07  Marcus Brinkmann  <[email protected]>
-
-	* configure.ac: Release 0.4.4.
-
-2003-02-05  Steffen Hansen  <[email protected]>
-
-	* src/ldap.c: Try harder with and without ";binary" in the
-	attribute name when fetching certificates.
-	* src/ldap.c, src/server.c: Support multiple userCertificate attributes
-	per entry.
-
-2003-02-04  Steffen Hansen  <[email protected]>
-
-	* src/ldap.c: Include the sn attribute in the search filter.
-	Better log messages.
-
-2002-11-20  Steffen Hansen  <[email protected]>
-
-	* Doc updates (fixes #1373)
-	* Fix for #1419 (crash in free_ldapservers_list())
-	* Fix for #1375. Dirmngr now asks back with an INQUIRE SENDCERT before
-	  querying the LDAP servers for an issuer certificate to validate a CRL
-
-2002-11-12  Werner Koch  <[email protected]>
-
-	* config.sub, config.guess: Updated from ftp.gnu.org/gnu/config
-	to version 2002-11-08.
-
-2002-11-12  Werner Koch  <[email protected]>
-
-	* dirmngr.c (main) <load_crl_filename>: Better pass NULL instead
-	of an unitialized Assuan context.  Let's hope that the other
-	functions can cope with this.
-
-2002-10-25  Bernhard Reiter <[email protected]>
-
-	* src/ldap.c (get_attr_from_result_ldap()):
-        added value extraction retry for CRLs and Certs without ";binary"
-	* changed version number to reflect cvs status to "0.4.3-cvs"
-
-2002-08-21  Werner Koch  <[email protected]>
-
-	* dirmngr.c (main): Changed default homedir to .gnupg.
-
-2002-08-07  Steffen Hansen  <[email protected]>
-
-	* Added configure check to examine whether db2 cursor() uses 3 or
-	4 parameters.
-
-2002-07-31  Werner Koch  <[email protected]>
-
-	* doc/dirmngr.texi: Fixed the structure and added menu entries
-	for the other nodes.
-
-2002-07-30  Steffen Hansen  <[email protected]>
-
-	* Added doc dir and first steps towards manual.
-
-2002-07-29  Steffen Hansen  <[email protected]>
-
-	* Got rid of the default server for CRL lookup. We now use the
-	same list of servers that we use for cert. lookup.
-
-2002-07-29  Steffen Hansen  <[email protected]>
-
-	* New option --add-servers to allow dirmngr to add LDAP servers
-	found in CRL distribution points to the list of servers it
-	searches. NOTE: The added servers are only active in the currently
-	running dirmngr -- the info isn't written to persistens storage.
-
-2002-07-26  Steffen Hansen  <[email protected]>
-
-	* Default LDAP timeout is 100 seconds now.
-
-	* Use DB2 instead of DB1. Check for libresolv, fixed bug when
-	libldap was found in the default search path.
-
-2002-07-22  Steffen Hansen  <[email protected]>
-
-	* Implemented --load-crl <filename> option. Also available as
-	LOADCRL assuan command when in server mode.
-
-2002-07-22  Steffen Hansen  <[email protected]>
-
-	* Implemented new option --ldaptimeout to specify the number of seconds to
-	wait for an LDAP request before timeout.
-
-	* Added --list-crls option to print the contents of the CRL cache
-	* Added some items to the dbcontents file to make printout nicer
-	  and updated it's version number
-
-2002-07-02  Werner Koch  <[email protected]>
-
-	* crlcache.c (crl_parse_insert): Fixed log_debug format string.
-
-2002-07-02  Steffen Hansen  <[email protected]>
-
-	* configure.ac: Use DB->get() return value correctly.
-
-2002-06-28  Werner Koch  <[email protected]>
-
-	* crlcache.c (crl_parse_insert): Keep track of newly allocated
-	ENTRY so that we don't free existing errors after a bad signature.
-
-	* dirmngr.h: Include prototype for start_command_handler.
-
-	* crlfetch.c, crlcache.c, http.c, cert.c, ldap.c: Include
-	config.h.
-
-	* crlcache.c (crl_parse_insert): Fixed format type specifiers for
-	time_t variables in log_debug.
-
-	* error.h: Use log_debug instead of dirmngr_debug.  Changed all
-	callers.
-	* Makefile.am (dirmngr_SOURCES): Removed error.c
-
-	* dirmngr.c (main): Register gcrypt malloc functions with ksba so
-	that we don't run into problems by using the wrong free function.
-	The gcrypt malloc function have the additional benefit of a
-	providing allocation sanity checks when compiled with that
-	feature.
-
-	* crlcache.c (get_issuer_cert): Use xfree instead of ksba_free.
-
-
-2002-06-27  Steffen Hansen  <[email protected]>
-
-	* ldap.c: Look for both userCertificate and caCertificate
-
-2002-06-26  Steffen Hansen  <[email protected]>
-
-	* configure.ac: Upped version number to 0.3.1
-
-2002-06-25  Werner Koch  <[email protected]>
-
-	* server.c (cmd_lookup): Use assuan_write_status which ensures a
-	correct syntax.
-
-2002-06-20  Werner Koch  <[email protected]>
-
-	* crlcache.c (crl_cache_isvalid): Started with some nicer logging.
-	However, this will need a lot more work.
-	(get_issuer_cert): Ditto.
-
-	* dirmngr.c (main): Changed required libgcrypt version and don't
-	print the prefix when using a logfile.
-
-2002-06-20  Werner Koch  <[email protected]>
-
-	* tests/Makefile.am (TESTS): Removed test-dirmngr because it
-	is not a proper test program.
-	(EXTRA_DIST): Removed the non-existent test certificate.
-
-2002-05-21  Werner Koch  <[email protected]>
-
-	* server.c (start_command_handler): Enable assuan debugging.
-
-2002-05-08  Steffen Hansen  <[email protected]>
-
-	* Replaced gdbm check with db1 check
-
-2002-05-08  Steffen Hansen  <[email protected]>
-
-	* Replaced gdbm with db1, updated file format version
-
-2002-03-01  Steffen Hansen  <[email protected]>
-
-	* Added gdbm configure check
-
-2002-01-23  Steffen Hansen  <[email protected]>
-
-	* Return ASSUAN_CRL_Too_Old if the CRL is too old
-
-
-2002-01-17  Steffen Hansen  <[email protected]>
-
-	Added commandline options --ldapserver <host> --ldapport <port>
-	--ldapuser <user> --ldappassword <passwd>.
-
-	Cleaned up CRL parsing, signature evaluation a bit, changed
-	datetime format in config file to ISO, added version string to
-	contents format and cache file clean up code in case of mismatch.
-
-2002-01-14  Steffen Hansen  <[email protected]>
-
-	* Use dirmngr_opt.homedir for storing the db. Added Makefile.am to
-	tests, bugfixes.
-
-	* First code.
-	  Things that work:
-		Loading/saving database (paths hardcoded)
-		Fetching CRL from hardcoded server, parsing and inserting in database
-		Answer ISVALID xxx.yyy requests
-
-	  Things that are missing:
-		Some error-checking/handling
-		Proper autoconf handling of gdbm and OpenLDAP
-		Signature checking downloaded CRLs
-		Answer LOOKUP requests
-		...
-
-	  How to test:
-		cd tests
-		ldapsearch -v -x -h www.trustcenter.de -b '<some-users-DN>' userCertificate -t
-		cp /tmp/<cert-file> testcert.der
-		./test-dirmngr
-
-Local Variables:
-buffer-read-only: t
-End:
diff --git a/dirmngr/Makefile.am b/dirmngr/Makefile.am
index c5713a773..906fe37eb 100644
--- a/dirmngr/Makefile.am
+++ b/dirmngr/Makefile.am
@@ -19,7 +19,7 @@
 
 ## Process this file with automake to produce Makefile.in
 
-EXTRA_DIST = OAUTHORS ONEWS ChangeLog.1 ChangeLog-2011
+EXTRA_DIST = OAUTHORS ONEWS ChangeLog-2011
 
 bin_PROGRAMS = dirmngr dirmngr-client