notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Want a good monitor light? See my photosAll times are UTC
Ukraine
This referral link gives you 10% off a Fastmail.com account and gives me a discount on my Fastmail account.

Get notified when packages are built

A new feature has been added. FreshPorts already tracks package built by the FreeBSD project. This information is displayed on each port page. You can now get an email when FreshPorts notices a new package is available for something on one of your watch lists. However, you must opt into that. Click on Report Subscriptions on the right, and New Package Notification box, and click on Update.

Finally, under Watch Lists, click on ABI Package Subscriptions to select your ABI (e.g. FreeBSD:14:amd64) & package set (latest/quarterly) combination for a given watch list. This is what FreshPorts will look for.

non port: security/gnupg/Makefile

Number of commits found: 251 (showing only 100 on this page)

1 | 2 | 3  »  

Monday, 8 Jul 2024
05:08 Jason E. Hale (jhale) search for other commits by this committer
*/*: Chase security/libassuan shlib bump
commit hash: c1dda71dec4c52eb208ba425bc89aca3d92e73d2 commit hash: c1dda71dec4c52eb208ba425bc89aca3d92e73d2 commit hash: c1dda71dec4c52eb208ba425bc89aca3d92e73d2 commit hash: c1dda71dec4c52eb208ba425bc89aca3d92e73d2 c1dda71
Tuesday, 14 May 2024
04:26 Yasuhiro Kimura (yasu) search for other commits by this committer
security/gnupg: Update to 2.4.5

ReleaseNotes:	https://lists.gnupg.org/pipermail/gnupg-announce/2024q1/000482.html
PR:		278605
Approved by:	maintainer timeout
commit hash: 2122fe1813fe24f1e79068eccf5f0bb20705cece commit hash: 2122fe1813fe24f1e79068eccf5f0bb20705cece commit hash: 2122fe1813fe24f1e79068eccf5f0bb20705cece commit hash: 2122fe1813fe24f1e79068eccf5f0bb20705cece 2122fe1
Wednesday, 3 Apr 2024
06:22 Gleb Popov (arrowd) search for other commits by this committer
security/gnupg: Fix postexec/postunexec dealing with manpages

Approved by:	portmgr (blanket)
commit hash: c1bc74bfc97dfce5ee95a99f4e26e547913d98f8 commit hash: c1bc74bfc97dfce5ee95a99f4e26e547913d98f8 commit hash: c1bc74bfc97dfce5ee95a99f4e26e547913d98f8 commit hash: c1bc74bfc97dfce5ee95a99f4e26e547913d98f8 c1bc74b
Friday, 9 Feb 2024
21:07 Joseph Mingrone (jrm) search for other commits by this committer
security/gnupg: Update to 2.4.4

Changelog:	https://dev.gnupg.org/T6578
Sponsored by:	The FreeBSD Foundation

Approved by:	adridg (maintainer)
Differential Revision:	https://reviews.freebsd.org/D43787
commit hash: c647d50404c35fa84e347c8ccb06f6bca348db4f commit hash: c647d50404c35fa84e347c8ccb06f6bca348db4f commit hash: c647d50404c35fa84e347c8ccb06f6bca348db4f commit hash: c647d50404c35fa84e347c8ccb06f6bca348db4f c647d50
Saturday, 27 Jan 2024
23:07 Muhammad Moinur Rahman (bofh) search for other commits by this committer
security/gnupg: Moved man to share/man

Approved by:    portmgr (blanket)
commit hash: e81d10224315f03dbff96cd1e91ff9c6b8413b24 commit hash: e81d10224315f03dbff96cd1e91ff9c6b8413b24 commit hash: e81d10224315f03dbff96cd1e91ff9c6b8413b24 commit hash: e81d10224315f03dbff96cd1e91ff9c6b8413b24 e81d102
Friday, 4 Aug 2023
02:21 Yasuhiro Kimura (yasu) search for other commits by this committer
security/gnupg: Fix plist

Reported by:	des
Approved by:	portmgr blanket
Fixes:		06227fb64bf2 security/gnupg: Create symlink for manpage
commit hash: f1692182dde978bb8d908414312900590c518afa commit hash: f1692182dde978bb8d908414312900590c518afa commit hash: f1692182dde978bb8d908414312900590c518afa commit hash: f1692182dde978bb8d908414312900590c518afa f169218
Monday, 31 Jul 2023
23:34 Yasuhiro Kimura (yasu) search for other commits by this committer
security/gnupg: Create symlink for manpage

When security/gnupg1 isn't installed, ${PREFIX}/bin/gpg symlink is
created whose target is 'gpg2'. It means gpg2 can also be invoked as
'gpg'. And under such situation it is convenient for user if gpg2(1)
man page can also be accessed as gpg(1). So create
${PREFIX}/man/man1/gpg.1.gz symlink whose target is 'gpg2.1.gz'.

PR:		272519
Approved by:	maintainer timeout
commit hash: 06227fb64bf2ec95f68889540516922498010903 commit hash: 06227fb64bf2ec95f68889540516922498010903 commit hash: 06227fb64bf2ec95f68889540516922498010903 commit hash: 06227fb64bf2ec95f68889540516922498010903 06227fb
Monday, 17 Jul 2023
19:08 Tijl Coosemans (tijl) search for other commits by this committer
Revert "security/gnupg: Fix dirmngr crash caused by gettext 0.22"

This reverts commit 7fa24cff0d8a99e5d44839d4b358fafaf69cffbe.

The problem has been fixed in libintl in fb889ca82944.

PR:		272472
commit hash: d0cbe7ba85c00f24f4b85a2c6221533e6a4db44d commit hash: d0cbe7ba85c00f24f4b85a2c6221533e6a4db44d commit hash: d0cbe7ba85c00f24f4b85a2c6221533e6a4db44d commit hash: d0cbe7ba85c00f24f4b85a2c6221533e6a4db44d d0cbe7b
Thursday, 13 Jul 2023
12:44 Tijl Coosemans (tijl) search for other commits by this committer
security/gnupg: Fix dirmngr crash caused by gettext 0.22

Link the threading library after libgpg-error (and libgcrypt, which also
links to libgpg-error) so the threading library is initialised before
libgpg-error.  The initialisation function of libgpg-error calls gettext
functions that call threading functions (mutex locking).

PR:		272472
Tested by:	yasu
commit hash: 7fa24cff0d8a99e5d44839d4b358fafaf69cffbe commit hash: 7fa24cff0d8a99e5d44839d4b358fafaf69cffbe commit hash: 7fa24cff0d8a99e5d44839d4b358fafaf69cffbe commit hash: 7fa24cff0d8a99e5d44839d4b358fafaf69cffbe 7fa24cf
Monday, 10 Jul 2023
18:46 Jason E. Hale (jhale) search for other commits by this committer
security/gnupg: Update to 2.4.3

2.4.3: https://dev.gnupg.org/T6509
2.4.2: https://dev.gnupg.org/T6506
2.4.1: https://dev.gnupg.org/T6454
2.4.0: https://dev.gnupg.org/T6303

PR:		272083
Approved by:	maintainer timeout (3 weeks)
commit hash: 29b3afa37e3c6b607e92e45d27b504982775033c commit hash: 29b3afa37e3c6b607e92e45d27b504982775033c commit hash: 29b3afa37e3c6b607e92e45d27b504982775033c commit hash: 29b3afa37e3c6b607e92e45d27b504982775033c 29b3afa
Wednesday, 8 Feb 2023
10:53 Muhammad Moinur Rahman (bofh) search for other commits by this committer
Mk/**ldap.mk: Convert USE_LDAP to USES=ldap

Convert the USE_LDAP=yes to USES=ldap and adds the following features:

- Adds the argument USES=ldap:server to add openldap2{4|5|6}-server as
  RUN_DEPENDS
- Adds the argument USES=ldap<version> and replaces WANT_OPENLDAP_VER
- Adds OPENLDAP versions in bsd.default-versions.mk
- Adds USE_OPENLDAP/WANT_OPENLDAP_VER in Mk/bsd.sanity.mk
- Changes consumers to use the features

Reviewed by:	delphij
Approved by:	portmgr
Differential Revision: https://reviews.freebsd.org/D38233
commit hash: 6e1233be229212a0496f42d611bd40f3e3a628da commit hash: 6e1233be229212a0496f42d611bd40f3e3a628da commit hash: 6e1233be229212a0496f42d611bd40f3e3a628da commit hash: 6e1233be229212a0496f42d611bd40f3e3a628da 6e1233b
Sunday, 6 Nov 2022
10:46 Daniel Engberg (diizzy) search for other commits by this committer Author: Herbert J. Skuhra
security/gnupg: Update to 2.3.8

Changelog:
https://lists.gnupg.org/pipermail/gnupg-announce/2022q4/000476.html

Some additional changes to submitted patch:
- Change PORTVERSION to DISTVERSION
- Generate patch using "make makepatch"
- Remove obsolete configure switch

PR:		267152
Reviewed by:	adridg (maintainer)
Tested by:	Dennis Clarke <dclarke@blastwave.org>
commit hash: 142c06a26e0fb9293c1614890a1bb5fe04072240 commit hash: 142c06a26e0fb9293c1614890a1bb5fe04072240 commit hash: 142c06a26e0fb9293c1614890a1bb5fe04072240 commit hash: 142c06a26e0fb9293c1614890a1bb5fe04072240 142c06a
Wednesday, 7 Sep 2022
21:10 Stefan Eßer (se) search for other commits by this committer
Add WWW entries to port Makefiles

It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.

Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.

There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.

This commit implements such a proposal and moves one of the WWW: entries
of each pkg-descr file into the respective port's Makefile. A heuristic
attempts to identify the most relevant URL in case there is more than
one WWW: entry in some pkg-descr file. URLs that are not moved into the
Makefile are prefixed with "See also:" instead of "WWW:" in the pkg-descr
files in order to preserve them.

There are 1256 ports that had no WWW: entries in pkg-descr files. These
ports will not be touched in this commit.

The portlint port has been adjusted to expect a WWW entry in each port
Makefile, and to flag any remaining "WWW:" lines in pkg-descr files as
deprecated.

Approved by:		portmgr (tcberner)
commit hash: b7f05445c00f2625aa19b4154ebcbce5ed2daa52 commit hash: b7f05445c00f2625aa19b4154ebcbce5ed2daa52 commit hash: b7f05445c00f2625aa19b4154ebcbce5ed2daa52 commit hash: b7f05445c00f2625aa19b4154ebcbce5ed2daa52 b7f0544
Monday, 28 Mar 2022
19:17 Adriaan de Groot (adridg) search for other commits by this committer
security/gnupg: remove unnecessary pkg-message

There were installation instructions that dated from ~2017
which are no longer relevant after a fix was applied upstream.
An IPv4 host connecting to a dual-stack hks server now gets a meaningful
errno and retries the connection (as IPv4 only).

Reported by:	Pau Amma
PR:		262881
commit hash: 6936b345a23fbb37e0986912c25c514a5713eaae commit hash: 6936b345a23fbb37e0986912c25c514a5713eaae commit hash: 6936b345a23fbb37e0986912c25c514a5713eaae commit hash: 6936b345a23fbb37e0986912c25c514a5713eaae 6936b34
Monday, 10 Jan 2022
15:15 Stefan Eßer (se) search for other commits by this committer
Fix CONFLICTS entries of multiple ports

There have been lots of missing CONFLICTS_INSTALL entries, either
because conflicting ports were added without updating existing ports,
due to name changes of generated packages, due to mis-understanding
the format and semantics of the conflicts entries, or just due to
typoes in package names.

This patch is the result of a comparison of all files contained in
the official packages with each other. This comparison was based on
packages built with default options and may therefore have missed
further conflicts with optionally installed files.

Where possible, version numbers in conflicts entries have been
generalized, some times taking advantage of the fact that a port
cannot conflict with itself (due to logic in bsd.port.mk that
supresses the pattern match result in that case).

A few ports that set the conflicts variables depending on complex
conditions (e.g. port options), have been left unmodified, despite
probably containing outdated package names.

These changes should only affect the installation of locally built
ports, not the package building with poudriere. They should give an
early indication of the install conflict in cases where currently
the pkg command aborts an installation when it detects that an
existing file would be overwritten,

Approved by:	portmgr (implicit)
commit hash: bcaf25a8c8046b094f6b5ab5bc258333bc326ee1 commit hash: bcaf25a8c8046b094f6b5ab5bc258333bc326ee1 commit hash: bcaf25a8c8046b094f6b5ab5bc258333bc326ee1 commit hash: bcaf25a8c8046b094f6b5ab5bc258333bc326ee1 bcaf25a
Monday, 22 Nov 2021
09:18 Adriaan de Groot (adridg) search for other commits by this committer
security/gnupg: fix table / enum mismatch

PR259775 reports that (auto)configuration behaves weirdly.
This is caused by a mismatch between an enum in the code
and a table that expects to match the enum values. When
BUILD_WITH_TPM2D is off (the default; I have not looked if
it can even be turned on in ports) one table entry is

Patch also submitted upstream.

PR:		259775
Reported by:	O. Hartmann
MFH:		2021Q3
commit hash: 7f3f8384a66c5e1d9c020e125808f153845807ad commit hash: 7f3f8384a66c5e1d9c020e125808f153845807ad commit hash: 7f3f8384a66c5e1d9c020e125808f153845807ad commit hash: 7f3f8384a66c5e1d9c020e125808f153845807ad 7f3f8384
Thursday, 18 Nov 2021
01:01 Adam Weinberger (adamw) search for other commits by this committer
security/gnupg{,1}: Transfer maintainership to adridg
commit hash: 6f8cfad0ec9539677bf32877047b7a137a89fad6 commit hash: 6f8cfad0ec9539677bf32877047b7a137a89fad6 commit hash: 6f8cfad0ec9539677bf32877047b7a137a89fad6 commit hash: 6f8cfad0ec9539677bf32877047b7a137a89fad6 6f8cfad
Tuesday, 2 Nov 2021
11:22 Adam Weinberger (adamw) search for other commits by this committer Author: FiLiS
sysutils/gnupg: Fix running without procfs
commit hash: 7b6ca19a8048d71d57b04f2f01962a90f90f67c9 commit hash: 7b6ca19a8048d71d57b04f2f01962a90f90f67c9 commit hash: 7b6ca19a8048d71d57b04f2f01962a90f90f67c9 commit hash: 7b6ca19a8048d71d57b04f2f01962a90f90f67c9 7b6ca19
Friday, 29 Oct 2021
09:50 Stefan Eßer (se) search for other commits by this committer
*/*: Remove redundant '-[0-9]*' from CONFLICTS

The conflict checks compare the patterns first against the package
names without version (as reported by "pkg query "%n"), then - if
there was no match - agsinst the full package names including the
version (as reported by "pkg query "%n-%v").

Many CONFLICTS definitions used patterns like "bash-[0-9]*" to filter
for the bash package in any version. But that pattern is functionally
identical with just "bash".

Approved by:	portmgr (blanket)
commit hash: 819f25b36d45b8ac5593ec8e6f470d9ad454b08a commit hash: 819f25b36d45b8ac5593ec8e6f470d9ad454b08a commit hash: 819f25b36d45b8ac5593ec8e6f470d9ad454b08a commit hash: 819f25b36d45b8ac5593ec8e6f470d9ad454b08a 819f25b
Wednesday, 13 Oct 2021
14:55 Adam Weinberger (adamw) search for other commits by this committer
security/gnupg: Update to 2.3.3

Changes:
 * agent: Fix segv in GET_PASSPHRASE (regression).  [#5577]

  * dirmngr: Fix Let's Encrypt certificate chain validation.  [#5639]

  * gpg: Change default and maximum AEAD chunk size to 4 MiB.
    [ad3dabc9fb]

  * gpg: Print a warning when importing a bad cv25519 secret key.
    [#5464]

  * gpg: Fix --list-packets for undecryptable AEAD packets.  [#5584]

  * gpg: Verify backsigs for v5 keys correctly.  [#5628]

  * keyboxd: Fix checksum computation for no UBID entry on disk.
    [#5573]

  * keyboxd: Fix "invalid object" error with cv448 keys.  [#5609]

  * dirmngr: New option --ignore-cert.  [4b3e9a44b5]

  * agent: Fix calibrate_get_time use of clock_gettime.  [#5623]

  * Silence process spawning diagnostics on Windows. [f2b01025c3]

  * Support a gpgconf.ctl file under Unix and use this for the
    regression tests.  [#5999]

  * The Windows installer now also installs the new keyboxd.
    (Put "use-keyboxd" into common.conf to use a fast SQLite
     database instead of the pubring.kbx file.)

  Release-info: https://dev.gnupg.org/T5565
commit hash: b57a65540fdf5e618b006621f2ab6b946ddfe62c commit hash: b57a65540fdf5e618b006621f2ab6b946ddfe62c commit hash: b57a65540fdf5e618b006621f2ab6b946ddfe62c commit hash: b57a65540fdf5e618b006621f2ab6b946ddfe62c b57a655
Tuesday, 24 Aug 2021
18:34 Adam Weinberger (adamw) search for other commits by this committer
security/gnupg: Update to 2.3.2

Changes:
  * gpg: Allow fingerprint based lookup with --locate-external-key.
    [ec36eca08c]

  * gpg: Allow decryption w/o public key but with correct card
    inserted.  [50293ec2eb]

  * gpg: Auto import keys specified with --trusted-keys.  [100037ac0f]

  * gpg: Do not use import-clean for LDAP keyserver imports.  [#5387]

  * gpg: Fix mailbox based search via AKL keyserver method.  [4fcfac6feb]

  * gpg: Fix memory corruption with --clearsign introduced with 2.3.1.
    [#5430]

  * gpg: Use a more descriptive prompt for symmetric decryption.
    [6dfae2f402]

  * gpg: Improve speed of secret key listing.  [40da61b89b]

  * gpg: Support keygrip search with traditional keyring.  [#5469]

  * gpg: Let --fetch-key return an exit code on failure.  [#5376]

  * gpg: Emit the NO_SECKEY status again for decryption.  [#5562]

  * gpgsm: Support decryption of password based encryption (pwri).
    [eeb65d3bbd]

  * gpgsm: Support AES-GCM decryption.  [4980fb3c6d]

  * gpgsm: Let --dump-cert --show-cert also print an OpenPGP
    fingerprint.  [52bbdc731f]

  * gpgsm: Fix finding of issuer in use-keyboxd mode.  [6b76693ff5]

  * gpgsm: New option --ldapserver as an alias for --keyserver.
    [89df86157e]

  * agent: Use SHA-256 for SSH fingerprint by default.  [#5434]

  * agent: Fix calling handle_pincache_put.  [#5436]

  * agent: Fix importing protected secret key.  [#5122]

  * agent: Fix a regression in agent_get_shadow_info_type.  [#5393]

  * agent: Add translatable text for Caps Lock hint.  [#4950]

  * agent: New option --pinentry-formatted-passphrase.  [#5517]

  * agent: Add checkpin inquiry for pinentry.  [#5517,#5532]

  * agent: New option --check-sym-passphrase-pattern.  [#5517]

  * agent: Use the sysconfdir for a pattern file.

  * agent: Make QT_QPA_PATFORMTHEME=qt5ct work for the pinentry.
    [1305baf099]

  * dirmngr: LDAP search by a mailbox now ignores revoked keys.
    [1406f551f1]

  * dirmngr: For KS_SEARCH return the fingerprint also with LDAP.
    [#5441]

  * dirmngr: Allow for non-URL specified ldap keyservers.  [#5405,#5452]

  * dirmngr: New option --ldapserver.  [52cf32ce2f]

  * dirmngr: Fix regression in KS_GET for mail address pattern.
    [#5497]

  * card: New option --shadow for the list command.  [2fce99d73a]

  * tests: Make sure the built keyboxd is used.  [#5406]

  * scd: Fix computing shared secrets for 512 bit curves.
    [9e24f2a45c]

  * scd: Fix unblock PIN by a Reset Code with KDF.  [#5413]

  * scd: Fix PC/SC removed card problem.  [8d81fd7c01]

  * scd: Recover the partial match for PORTSTR for PC/SC.
   [53bdc6288f]

  * scd: Make sure to release the PC/SC context.  [#5416]

  * scd: Fix zero-byte handling in ECC.  [#5163]

  * scd: Fix serial number detection for Yubikey 5.  [#5442]

  * scd: Add basic support for AET JCOP cards.  [544ec7872a]

  * scd: Detect external interference when --pcsc-shared is in use.
    [#5484]

  * scd: Fix access to the list of cards.  [#5524]

  * gpgconf: Do not list a disabled tpm2d.  [#5408]

  * gpgconf: Make runtime changes with different homedir work.
    [31c0aa2ff3]

  * keyboxd: Fix searching for exact mail adddress.  [f79e9540ca]

  * keyboxd: Fix searching with multiple patterns.  [101ba4f18a]

  * gpgtar: Fix file size computation under Windows.  [14e36bdbe1]

  * tools: Extend gpg-check-pattern.  [73c03e0232]

  * wkd: Fix client issue with leading or trailing spaces in
    user-ids.  [b4345f7521]

  * Under Windows add a fallback in case the console can't cope with
    Unicode.  [#5491]

  * Under Windows use LOCAL_APPDATA for the socket directory.  [#5537]

  * Pass XDG_SESSION_TYPE and QT_QPA_PLATFORM envvars to Pinentry.
    [#3659]

  * Change the default keyserver to keyserver.ubuntu.com.  This is a
    temporary change due to the shutdown of the SKS keyserver pools.
    [55b5928099]

  Release-info: https://dev.gnupg.org/T5405L
commit hash: c12c1702536793c438e1835b4b56c9b1751fe49e commit hash: c12c1702536793c438e1835b4b56c9b1751fe49e commit hash: c12c1702536793c438e1835b4b56c9b1751fe49e commit hash: c12c1702536793c438e1835b4b56c9b1751fe49e c12c170
Tuesday, 20 Apr 2021
14:15 Adam Weinberger (adamw) search for other commits by this committer
security/gnupg: Update to 2.3.1
commit hash: c260503847e4bc82132a2632f9cf2d23547d8124 commit hash: c260503847e4bc82132a2632f9cf2d23547d8124 commit hash: c260503847e4bc82132a2632f9cf2d23547d8124 commit hash: c260503847e4bc82132a2632f9cf2d23547d8124 c260503
Thursday, 8 Apr 2021
18:45 Adam Weinberger (adamw) search for other commits by this committer
security/gnupg: Update to 2.3.0

Changes:
  * A new experimental key database daemon is provided.  To enable it
    put "use-keyboxd" into gpg.conf and gpgsm.conf.  Keys are stored
    in a SQLite database and make key lookup much faster.

  * New tool gpg-card as a flexible frontend for all types of
    supported smartcards.

  * New option --chuid for gpg, gpgsm, gpgconf, gpg-card, and
    gpg-connect-agent.

  * The gpg-wks-client tool is now installed under bin; a wrapper for
    its old location at libexec is also installed.

  * tpm2d: New daemon to physically bind keys to the local machine.
    See https://gnupg.org/blog/20210315-using-tpm-with-gnupg-2.3.html

  * gpg: Switch to ed25519/cv25519 as default public key algorithms.

  * gpg: Verification results now depend on the --sender option and
    the signer's UID subpacket.  [#4735]

  * gpg: Do not use any 64-bit block size cipher algorithm for
    encryption.  Use AES as last resort cipher preference instead of
    3DES.  This can be reverted using --allow-old-cipher-algos.

  * gpg: Support AEAD encryption mode using OCB or EAX.

  * gpg: Support v5 keys and signatures.

  * gpg: Support curve X448 (ed448, cv448).

  * gpg: Allow use of group names in key listings.  [e825aea2ba]

  * gpg: New option --full-timestrings to print date and time.

  * gpg: New option --force-sign-key.  [#4584]

  * gpg: New option --no-auto-trust-new-key.

  * gpg: The legacy key discovery method PKA is no longer supported.
    The command --print-pka-records and the PKA related import and
    export options have been removed.

  * gpg: Support export of Ed448 Secure Shell keys.

  * gpgsm: Add basic ECC support.

  * gpgsm: Support creation of EdDSA certificates.  [#4888]

  * agent: Allow the use of "Label:" in a key file to customize the
    pinentry prompt.  [5388537806]

  * agent: Support ssh-agent extensions for environment variables.
    With a patched version of OpenSSH this avoids the need for the
    "updatestartuptty" kludge.  [224e26cf7b]

  * scd: Improve support for multiple card readers and tokens.

  * scd: Support PIV cards.

  * scd: Support for Rohde&Schwarz Cybersecurity cards.

  * scd: Support Telesec Signature Cards v2.0

  * scd: Support multiple application on certain smartcard.

  * scd: New option --application-priority.

  * scd: New option --pcsc-shared; see man page for important notes.

  * dirmngr: Support a gpgNtds parameter in LDAP keyserver URLs.

  * The symcryptrun tool, a wrapper for the now obsolete external
    Chiasmus tool, has been removed.

  * Full Unicode support under Windows for the command line.  [#4398]

  Release-info: https://dev.gnupg.org/T5343
commit hash: 433d2e2d0cc31894e2660f4faf87b4cfcd59c08b commit hash: 433d2e2d0cc31894e2660f4faf87b4cfcd59c08b commit hash: 433d2e2d0cc31894e2660f4faf87b4cfcd59c08b commit hash: 433d2e2d0cc31894e2660f4faf87b4cfcd59c08b 433d2e2
Wednesday, 7 Apr 2021
08:09 Mathieu Arnold (mat) search for other commits by this committer
One more small cleanup, forgotten yesterday.
Reported by:	lwhsu
commit hash: cf118ccf875508b9a1c570044c93cfcc82bd455c commit hash: cf118ccf875508b9a1c570044c93cfcc82bd455c commit hash: cf118ccf875508b9a1c570044c93cfcc82bd455c commit hash: cf118ccf875508b9a1c570044c93cfcc82bd455c cf118cc
Tuesday, 6 Apr 2021
14:31 Mathieu Arnold (mat) search for other commits by this committer
Remove # $FreeBSD$ from Makefiles.
commit hash: 305f148f482daf30dcf728039d03d019f88344eb commit hash: 305f148f482daf30dcf728039d03d019f88344eb commit hash: 305f148f482daf30dcf728039d03d019f88344eb commit hash: 305f148f482daf30dcf728039d03d019f88344eb 305f148
Tuesday, 12 Jan 2021
04:50 adamw search for other commits by this committer
security/gnupg: Update to 2.2.27

 * gpg: Fix regression in 2.2.24 for gnupg_remove function under
   Windows.  [#5230]

 * gpgconf: Fix case with neither local nor global gpg.conf.  [9f37d3e6f3]

 * gpgconf: Fix description of two new options.  [#5221]

 * Build Windows installer without timestamps.  Note that the
   Authenticode signatures still carry a timestamp.

  Release-info: https://dev.gnupg.org/T5234
Original commitRevision:561299 
Tuesday, 22 Dec 2020
09:14 adamw search for other commits by this committer
security/gnupg: Update to 2.2.26

Note that this release removes bin/symcryptrun which had essentially no
expected current use-case.

 * gpg: New AKL method "ntds".
 * gpg: Fix --trusted-key with fingerprint arg.
 * scd: Fix writing of ECC keys to an OpenPGP card.  [#5163]
 * scd: Make an USB error fix specific to SPR532 readers.  [#5167]
 * dirmngr: With new LDAP keyservers store the new attributes.  Never
   store the useless pgpSignerID.  Fix a long standing bug storing
   some keys on an ldap server.
 * dirmngr: Support the new Active Direcory LDAP schema for
   keyservers.
 * dirmngr: Allow LDAP OpenPGP searches via fingerprint.
 * dirmngr: Do not block other threads during keyserver LDAP calls.
 * Support global configuration files.  [#4788]
 * Fix the iconv fallback handling to UTF-8.  [#5038]
 Release-info: https://dev.gnupg.org/T5153
Original commitRevision:558894 
Tuesday, 24 Nov 2020
15:55 adamw search for other commits by this committer
security/gnupg: Update to 2.2.25

  * scd: Fix regression in 2.2.24 requiring gpg --card-status before
    signing or decrypting.  [#5065]

  * gpgsm: Using Libksba 1.5.0 signatures with a rarely used
    combination of attributes can now be verified.  [#5146]

  Release-info: https://dev.gnupg.org/T5140
Original commitRevision:556165 
Tuesday, 17 Nov 2020
14:12 adamw search for other commits by this committer
security/gnupg: Update to 2.2.24

  * Allow Unicode file names on Windows almost everywhere.  Note that
    it is still not possible to use Unicode strings on the command
    line.  This change also fixes a regression in 2.2.22 related to
    non-ascii file names.  [#5098]

  * Fix localized time printing on Windows.  [#5073]

  * gpg: New command --quick-revoke-sig.  [#5093]

  * gpg: Do not use weak digest algos if selected by recipient
    preference during sign+encrypt.  [4c181d51a6]

  * gpg: Switch to AES256 for symmetric encryption in de-vs mode.
    [166e779634]

  * gpg: Silence weak digest warnings with --quiet.  [#4893]

  * gpg: Print new status line CANCELED_BY_USER for a cancel during
    symmetric encryption.  [f05d1772c4]

  * gpg: Fix the encrypt+sign hash algo preference selection for
    ECDSA.  This is in particular needed for keys created from
    existing smartcard based keys.  [aeed0b93ff]

  * agent: Fix secret key import of GnuPG 2.3 generated Ed25519 keys.
    [#5114]

  * agent: Keep some permissions of private-keys-v1.d.  [#2312]

  * dirmngr: Align sks-keyservers.netCA.pem use between ntbtls and
    gnutls builds.  [e4f3b74c91]

  * dirmngr: Fix the pool keyserver case for a single host in the
    pool.  [72e04b03b1a7]

  * scd: Fix the use case of verify_chv2 by CHECKPIN.  [61aea64b3c]

  * scd: Various improvements to the ccid-driver.  [#4616,#5065]

  * scd: Minor fixes for Yubikey [25bec16d0b]

  * gpgconf: New option --show-versions.

  * w32: Install gpg-check-pattern and example profiles.  Install
    Windows subsystem variant of gpgconf (gpgconf-w32).

  * i18n: Complete overhaul and completion of the Italian translation.
    Thanks to Denis Renzi.

  * Require Libgcrypt 1.8 because 1.7 has long reached end-of-life.

  Release-info: https://dev.gnupg.org/T5052
Original commitRevision:555559 
Friday, 4 Sep 2020
02:12 adamw search for other commits by this committer
security/gnupg: Update to 2.2.23

Importing an OpenPGP key having a preference list for AEAD algorithms
will lead to an array overflow and thus often to a crash or other
undefined behaviour.

Importing an arbitrary key can often easily be triggered by an attacker
and thus triggering this bug.  Exploiting the bug aside from crashes is
not trivial but likely possible for a dedicated attacker.  The major
hurdle for an attacker is that only every second byte is under their
control with every first byte having a fixed value of 0x04.

Software distribution verification should not be affected by this bug
because such a system uses a curated list of keys.

MFH:		2020Q3
Security:	CVE-2020-25125
Original commitRevision:547499 
Thursday, 27 Aug 2020
19:58 adamw search for other commits by this committer
security/gnupg: Update to 2.2.22

Also, sort plist. The new gpgsplit binary is getting installed as
gpgsplit2 to avoid a conflict with security/gnupg1.

Noteworthy changes in version 2.2.22
====================================

  * gpg: Change the default key algorithm to rsa3072.

  * gpg: Add regular expression support for Trust Signatures on all
    platforms.  [#4843]

  * gpg: Fix regression in 2.2.21 with non-default --passphrase-repeat
    option.  [#4991]

  * gpg: Ignore --personal-digest-prefs for ECDSA keys.  [#5021]

  * gpgsm: Make rsaPSS a de-vs compliant scheme.

  * gpgsm: Show also the SHA256 fingerprint in key listings.

  * gpgsm: Do not require a default keyring for --gpgconf-list.  [#4867]

  * gpg-agent: Default to extended key format and record the creation
    time of keys.  Add new option --disable-extended-key-format.

  * gpg-agent: Support the WAYLAND_DISPLAY envvar.  [#5016]

  * gpg-agent: Allow using --gpgconf-list even if HOME does not
    exist.  [#4866]

  * gpg-agent: Make the Pinentry work even if the envvar TERM is set
    to the empty string.  [#4137]

  * scdaemon: Add a workaround for Gnuk tokens <= 2.15 which wrongly
    incremented the error counter when using the "verify" command of
    "gpg --edit-key" with only the signature key being present.

  * dirmngr: Better handle systems with disabled IPv6.  [#4977]

  * gpgpslit: Install tool.  It was not installed in the past to avoid
    conflicts with the version installed by GnuPG 1.4.  [#5023]
    (We're installing it as gpgsplit2 to avoid conflict with security/gnupg1)

  * gpgtar: Handle Unicode file names on Windows correctly (requires
    libgpg-error 1.39).  [#4083]

  * gpgtar: Make --files-from and --null work as documented.  [#5027]

  * Build the Windows installer with the new Ntbtls 0.2.0 so that TLS
    connections succeed for servers demanding GCM.

  Release-info: https://dev.gnupg.org/T5030
Original commitRevision:546681 
Wednesday, 15 Jul 2020
07:28 adamw search for other commits by this committer
Unmute some build commands
Original commitRevision:542249 
Thursday, 9 Jul 2020
13:27 adamw search for other commits by this committer
gnupg: Update to 2.2.21

 * gpg: Improve symmetric decryption speed by about 25%.
   See commit 144b95cc9d.

 * gpg: Support decryption of AEAD encrypted data packets.

 * gpg: Add option --no-include-key-block. [#4856]

 * gpg: Allow for extra padding in ECDH.  [#4908]

 * gpg: Only a single pinentry is shown for symmetric encryption if
   the pinentry supports this.  [#4971]

 * gpg: Print a note if no keys are given to --delete-key.  [#4959]

 * gpg,gpgsm: The ridiculous passphrase quality bar is not anymore
   shown.  [#2103]

 * gpgsm: Certificates without a CRL distribution point are now
   considered valid without looking up a CRL.  The new option
   --enable-issuer-based-crl-check can be used to revert to the
   former behaviour.

 * gpgsm: Support rsaPSS signature verification.  [#4538]

 * gpgsm: Unless CRL checking is disabled lookup a missing issuer
   certificate using the certificate's authorityInfoAccess.  [#4898]

 * gpgsm: Print the certificate's serial number also in decimal
   notation.

 * gpgsm: Fix possible NULL-deref in messages of --gen-key.  [#4895]

 * scd: Support the CardOS 5 based D-Trust Card 3.1.

 * dirmngr: Allow http URLs with "LOOKUP --url".

 * wkd: Take name of sendmail from configure.  Fixes an OpenBSD
   specific bug.  [#4886]

 Release-info: https://dev.gnupg.org/T4897
Original commitRevision:541749 
Friday, 20 Mar 2020
18:51 adamw search for other commits by this committer
gnupg: Update to 2.2.20

Noteworthy changes in version 2.2.20
====================================

  * Protect the error counter against overflow to guarantee that the
    tools can't be tricked into returning success after an error.

  * gpg: Make really sure that --verify-files always returns an error.

  * gpg: Fix key listing --with-secret if a pattern is given.  [#4061]

  * gpg: Fix detection of certain keys used as default-key.  [#4810]

  * gpg: Fix default-key selection when a card is available.  [#4850]

  * gpg: Fix key expiration and key usage for keys created with a
    creation date of zero.  [#4670]

  * gpgsm: Fix import of some CR,LF terminated certificates.  [#4847]

  * gpg: New options --include-key-block and --auto-key-import to
    allow encrypted replies after an initial signed message.  [#4856]

  * gpg: Allow the use of a fingerprint with --trusted-key. [#4855]

  * gpg: New property "fpr" for use by --export-filter.

  * scdaemon: Disable the pinpad if a KDF DO is used.  [#4832]

  * dirmngr: Improve finding OCSP certificates.  [#4536]

  * Avoid build problems with LTO or gcc-10. [#4831]

Release-info: https://dev.gnupg.org/T4860
Original commitRevision:528793 
Saturday, 7 Dec 2019
17:14 adamw search for other commits by this committer
gnupg: Update to 2.2.19

  * gpg: Fix double free when decrypting for hidden recipients.
    Regression in 2.2.18.  [#4762].

  * gpg: Use auto-key-locate for encryption even for mail addressed
    given with angle brackets.  [#4726]

  * gpgsm: Add special case for certain expired intermediate
    certificates.  [#4696]

  Release-info: https://dev.gnupg.org/T4768
Original commitRevision:519219 
Tuesday, 26 Nov 2019
03:21 adamw search for other commits by this committer
gnupg: Update to 2.2.18

  * gpg: Changed the way keys are detected on a smartcards; this
    allows the use of non-OpenPGP cards.  In the case of a not very
    likely regression the new option --use-only-openpgp-card is
    available.  [#4681]

  * gpg: The commands --full-gen-key and --quick-gen-key now allow
    direct key generation from supported cards.  [#4681]

  * gpg: Prepare against chosen-prefix SHA-1 collisions in key
    signatures.  This change removes all SHA-1 based key signature
    newer than 2019-01-19 from the web-of-trust.  Note that this
    includes all key signature created with dsa1024 keys.  The new
    option --allow-weak-key-signatues can be used to override the new
    and safer behaviour.  [#4755,CVE-2019-14855]

  * gpg: Improve performance for import of large keyblocks.  [#4592]

  * gpg: Implement a keybox compression run.  [#4644]

  * gpg: Show warnings from dirmngr about redirect and certificate
    problems (details require --verbose as usual).

  * gpg: Allow to pass the empty string for the passphrase if the
    '--passphase=' syntax is used.  [#4633]

  * gpg: Fix printing of the KDF object attributes.

  * gpg: Avoid surprises with --locate-external-key and certain
    --auto-key-locate settings.  [#4662]

  * gpg: Improve selection of best matching key.  [#4713]

  * gpg: Delete key binding signature when deletring a subkey.
    [#4665,#4457]

  * gpg: Fix a potential loss of key sigantures during import with
    self-sigs-only active.  [#4628]

  * gpg: Silence "marked as ultimately trusted" diagnostics if
    option --quiet is used.  [#4634]

  * gpg: Silence some diagnostics during in key listsing even with
    option --verbose.  [#4627]

  * gpg, gpgsm: Change parsing of agent's pkdecrypt results.  [#4652]

  * gpgsm: Support AES-256 keys.

  * gpgsm: Fix a bug in triggering a keybox compression run if
    --faked-system-time is used.

  * dirmngr: System CA certificates are no longer used for the SKS
    pool if GNUTLS instead of NTBTLS is used as TLS library.  [#4594]

  * dirmngr: On Windows detect usability of IPv4 and IPv6 interfaces
    to avoid long timeouts.  [#4165]

  * scd: Fix BWI value for APDU level transfers to make Gemalto Ezio
    Shield and Trustica Cryptoucan work.  [#4654,#4566]

  * wkd: gpg-wks-client --install-key now installs the required policy
    file.

  Release-info: https://dev.gnupg.org/T4684
Original commitRevision:518443 
Monday, 25 Nov 2019
23:49 asomers search for other commits by this committer
security/gnupg: add the --shared-access option to scdaemon

gnupg's scdaemon opens smart cards in exclusive mode, which prevents other
applications (such as PKCS#11 libraries) from concurrently accessing the
card). Upstream refuses to fix the problem. This commit adds a
--shared-access option to scdaemon. When enabled, scdaemon will access the
smart card in shared mode, playing nicely with other applications. The
default behavior is unchanged.

See Also:
https://github.com/GPGTools/MacGPG2/commit/d6cb8039a0cdc74b9bdd89a3dfa93248aa2c4100
https://dev.gnupg.org/T3267
https://dev.gnupg.org/D320
https://github.com/OpenSC/OpenSC/issues/953

Reviewed by:	adamw
Approved by:	adamw (maintainer)
Obtained-from:	GPGTools
Sponsored by:	Axcient
Differential Revision:	https://reviews.freebsd.org/D22473
Original commitRevision:518435 
Friday, 22 Nov 2019
03:46 adamw search for other commits by this committer
gnupg: Fix building on 11.3

Submitted by:	asomers
Differential Revision:	https://reviews.freebsd.org/D22492
Original commitRevision:518122 
Thursday, 21 Nov 2019
09:32 gahr search for other commits by this committer
security/gnupg: fix build, texinfo is required for man pages too
Original commitRevision:518086 
01:49 asomers search for other commits by this committer
security/gnupg: rebuild man pages on every build

gnupg ships its man pages as texinfo files, precompiled into info files.
This change causes make to rebuild them every time.  There are two reasons:

* Rebuilding them automatically corrects several Linuxisms in paths (e.g.
  /etc => /usr/local/etc).

* Rebuilding them is a neccessary precondition for making any local changes
  that will affect the content of the man pages, which I intend to do in a
  future commit.

Reviewed by:	adamw
Approved by:	adamw (maintainer)
Sponsored by:	Axcient
Differential Revision:	https://reviews.freebsd.org/D22471
Original commitRevision:518074 
Monday, 26 Aug 2019
15:06 adamw search for other commits by this committer
gnupg: Spell "_DESC" correctly. It was missing 5 characters.
Original commitRevision:509954 
15:01 adamw search for other commits by this committer
gnupg: Add WKS_SERVER option

Requested by:	koobs
Original commitRevision:509952 
14:41 adamw search for other commits by this committer
gnupg: enable the WKS server

Cristoph Lukas asked me why the WKS server was disabled, and I have
no idea. It was added r462573, and that commit message and associated
bug report don't list why --disable-wks-tools was added. (Folks,
please use commit messages for writing, you know, messages.)

We've been installing the gpg-wks-server manpage, so this commit
enables the WKS server and installs the binary, and bumps PORTREVISION
for it.

While here, sort the plist.
Original commitRevision:509948 
Friday, 26 Jul 2019
20:46 gerald search for other commits by this committer
Bump PORTREVISION for ports depending on the canonical version of GCC
as defined in Mk/bsd.default-versions.mk which has moved from GCC 8.3
to GCC 9.1 under most circumstances now after revision 507371.

This includes ports
 - with USE_GCC=yes or USE_GCC=any,
 - with USES=fortran,
 - using Mk/bsd.octave.mk which in turn features USES=fortran, and
 - with USES=compiler specifying openmp, nestedfct, c11, c++0x, c++11-lang,
   c++11-lib, c++14-lang, c++17-lang, or gcc-c++11-lib
plus, everything INDEX-11 shows with a dependency on lang/gcc9 now.

PR:		238330
Original commitRevision:507372 
Tuesday, 9 Jul 2019
15:54 adamw search for other commits by this committer
gnupg: Update to 2.2.17, with security fixes

 * gpg: Ignore all key-signatures received from keyservers.  This
   change is required to mitigate a DoS due to keys flooded with
   faked key-signatures.  The old behaviour can be achieved by adding
     keyserver-options no-self-sigs-only,no-import-clean
   to your gpg.conf.  [#4607]

 * gpg: If an imported keyblocks is too large to be stored in the
   keybox (pubring.kbx) do not error out but fallback to an import
   using the options "self-sigs-only,import-clean".  [#4591]

 * gpg: New command --locate-external-key which can be used to
   refresh keys from the Web Key Directory or via other methods
   configured with --auto-key-locate.

 * gpg: New import option "self-sigs-only".

 * gpg: In --auto-key-retrieve prefer WKD over keyservers.  [#4595]

 * dirmngr: Support the "openpgpkey" subdomain feature from
   draft-koch-openpgp-webkey-service-07. [#4590].

 * dirmngr: Add an exception for the "openpgpkey" subdomain to the
   CSRF protection.  [#4603]

 * dirmngr: Fix endless loop due to http errors 503 and 504.  [#4600]

 * dirmngr: Fix TLS bug during redirection of HKP requests.  [#4566]

 * gpgconf: Fix a race condition when killing components.  [#4577]

 Release-info: https://dev.gnupg.org/T4606

MFH:		2019Q3
Original commitRevision:506281 
Wednesday, 29 May 2019
14:43 adamw search for other commits by this committer
Update gnupg to 2.2.16
Original commitRevision:502962 
Tuesday, 9 Apr 2019
14:04 sunpoet search for other commits by this committer
Update devel/readline to 8.0

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://tiswww.case.edu/php/chet/readline/CHANGES
PR:		236156
Exp-run by:	antoine
Original commitRevision:498476 
Wednesday, 27 Mar 2019
02:18 adamw search for other commits by this committer
Update gnupg to 2.2.15

  * sm: Fix --logger-fd and --status-fd on Windows for non-standard
    file descriptors.

  * sm: Allow decryption even if expired keys are configured.  [#4431]

  * agent: Change command KEYINFO to print ssh fingerprints with other
    hash algos.

  * dirmngr: Fix build problems on Solaris due to the use of reserved
    symbol names.  [#4420]

  * wkd: New commands --print-wkd-hash and --print-wkd-url for
    gpg-wks-client.

  Release-info: https://dev.gnupg.org/T4434
Original commitRevision:496934 
Tuesday, 26 Mar 2019
00:05 adamw search for other commits by this committer
Update gnupg to 2.2.14, pet portlint, and remove a redundant readline
dependency.

  * gpg: Allow import of PGP desktop exported secret keys.  Also avoid
   importing secret keys if the secret keyblock is not valid.  [#4392]

  * gpg: Do not error out on version 5 keys in the local keyring.

  * gpg: Make invalid primary key algo obvious in key listings.

  * sm: Do not mark a certificate in a key listing as de-vs compliant
    if its use for a signature will not be possible.

  * sm: Fix certificate creation with key on card.

  * sm: Create rsa3072 bit certificates by default.

  * sm: Print Yubikey attestation extensions with --dump-cert.

  * agent: Fix cancellation handling for scdaemon.

  * agent: Support --mode=ssh option for CLEAR_PASSPHRASE.  [#4340]

  * scd: Fix flushing of the CA-FPR DOs in app-openpgp.

  * scd: Avoid a conflict error with the "undefined" app.

  * dirmngr: Add CSRF protection exception for protonmail.

  * dirmngr: Fix build problems with gcc 9 in libdns.

  * gpgconf: New option --show-socket for use wity --launch.

  * gpgtar: Make option -C work for archive creation.

  Release-info: https://dev.gnupg.org/T4412

PR:		236777
Submitted by:	Yasuhiro Kimura
Original commitRevision:496862 
Wednesday, 13 Feb 2019
02:37 adamw search for other commits by this committer
Update gnupg to 2.2.13

  * gpg: Implement key lookup via keygrip (using the & prefix).

  * gpg: Allow generating Ed25519 key from existing key.

  * gpg: Emit an ERROR status line if no key was found with -k.

  * gpg: Stop early when trying to create a primary Elgamal key.  [#4329]

  * gpgsm: Print the card's key algorithms along with their keygrips
    in interactive key generation.

  * agent: Clear bogus pinentry cache in the error case.  [#4348]

  * scd: Support "acknowledge button" feature.

  * scd: Fix for USB INTERRUPT transfer.  [#4308]

  * wks: Do no use compression for the the encrypted challenge and
    response.

  Release-info: https://dev.gnupg.org/T4290
Original commitRevision:492823 
Friday, 14 Dec 2018
20:01 adamw search for other commits by this committer
Update gnupg to 2.2.12

 * tools: New commands --install-key and --remove-key for
    gpg-wks-client.  This allows to prepare a Web Key Directory on a
    local file system for later upload to a web server.

  * gpg: New --list-option "show-only-fpr-mbox".  This makes the use
    of the new gpg-wks-client --install-key command easier on Windows.

  * gpg: Improve processing speed when --skip-verify is used.

  * gpg: Fix a bug where a LF was accidentally written to the console.

  * gpg: --card-status now shwos whether a card has the new KDF
    feature enabled.

  * agent: New runtime option --s2k-calibration=MSEC.  New configure
    option --with-agent-s2k-calibration=MSEC.
    [https://dev.gnupg.org/T3399]

  * dirmngr: Try another keyserver from the pool on receiving a 502,
    503, or 504 error.  [https://dev.gnupg.org/T4175]

  * dirmngr: Avoid possible CSRF attacks via http redirects.  A HTTP
    query will not anymore follow a 3xx redirect unless the Location
    header gives the same host.  If the host is different only the
    host and port is taken from the Location header and the original
    path and query parts are kept.

  * dirmngr: New command FLUSHCRL to flush all CRLS from disk and
    memory.  [https://dev.gnupg.org/T3967]

  * New simplified Chinese translation (zh_CN).

  Release-info: https://dev.gnupg.org/T4289
Original commitRevision:487464 
Wednesday, 12 Dec 2018
01:35 gerald search for other commits by this committer
Bump PORTREVISION for ports depending on the canonical version of GCC
defined via Mk/bsd.default-versions.mk which has moved from GCC 7.4 t
GCC 8.2 under most circumstances.

This includes ports
 - with USE_GCC=yes or USE_GCC=any,
 - with USES=fortran,
 - using Mk/bsd.octave.mk which in turn features USES=fortran, and
 - with USES=compiler specifying openmp, nestedfct, c11, c++0x, c++11-lang,
   c++11-lib, c++14-lang, c++17-lang, or gcc-c++11-lib
plus, as a double check, everything INDEX-11 showed depending on lang/gcc7.

PR:		231590
Original commitRevision:487272 
Saturday, 10 Nov 2018
18:12 bapt search for other commits by this committer
Install texinfo files (GNU info) into ${PREFIX}/share/info

After a discussion on the mailing list on moving manpages to
${PREFIX}/share/man for consistency with base where it is
installed in usr/share/man, it appeared the same should happen
to GNU info files which were installed under share in base and
not in ports.

Now texinfo is not in base on any of the supported version of FreeBSD
it is possible to proceed to this move and it is easier to do than
the manpage change.

Other benefit than consistency are less patching: all build tools but
cmake are expecting info files to be under share/info and cmake (patched here)
was having an exception for BSD so the patch makes FreeBSD case less
specific for them

Bump revision of all impacted ports

PR:		232907
exp-run by:	antoine
Differential Revision:	https://reviews.freebsd.org/D17816
Original commitRevision:484628 
Wednesday, 7 Nov 2018
04:30 adamw search for other commits by this committer
Update gnupg to 2.2.11

  * gpgsm: Fix CRL loading when intermediate certicates are not yet
    trusted.

  * gpgsm: Fix an error message about the digest algo.  [#4219]

  * gpg: Fix a wrong warning due to new sign usage check introduced
    with 2.2.9.  [#4014]

  * gpg: Print the "data source" even for an unsuccessful keyserver
    query.

  * gpg: Do not store the TOFU trust model in the trustdb.  This
    allows to enable or disable a TOFO model without triggering a
    trustdb rebuild.  [#4134]

  * scd: Fix cases of "Bad PIN" after using "forcesig".  [#4177]

  * agent: Fix possible hang in the ssh handler.  [#4221]

  * dirmngr: Tack the unmodified mail address to a WKD request.  See
    commit a2bd4a64e5b057f291a60a9499f881dd47745e2f for details.

  * dirmngr: Tweak diagnostic about missing LDAP server file.

  * dirmngr: In verbose mode print the OCSP responder id.

  * dirmngr: Fix parsing of the LDAP port.  [#4230]

  * wks: Add option --directory/-C to the server.  Always build the
    server on Unix systems.

  * wks: Add option --with-colons to the client.  Support sites which
    use the policy file instead of the submission-address file.

  * Fix EBADF when gpg et al. are called by broken CGI scripts.

  * Fix some minor memory leaks and bugs.

  Release-info: https://dev.gnupg.org/T4233
Original commitRevision:484383 
Saturday, 8 Sep 2018
00:05 jrm search for other commits by this committer
security/gnupg: Add pkg-message about potential connectivity issues

GnuPG, when run on hosts without IPv6 connectivity, may fail to connect to
dual-stack hkp servers [1].  Describe a workaround in pkg-message.

[1] https://dev.gnupg.org/rGecfc4db3a2f8bc2652ba4ac4de5ca1cd13bfcbec

Approved by:	adamw (maintainer)
Differential Revision:	https://reviews.freebsd.org/D17071
Original commitRevision:479210 
Thursday, 30 Aug 2018
14:45 adamw search for other commits by this committer
Update gnupg to 2.2.10 and add LARGE_RSA option

The LARGE_RSA option [1] enables 8192-bit keys, though GnuPG's lead
author does not recommend using it routinely.

Also, sort OPTIONS, and move an explanation of the SUID option from
the Makefile into pkg-help, where it belongs.

Major changes:
  gpg: Refresh expired keys originating from the WKD.
  gpg: Use a 256 KiB limit for a WKD imported key.
  gpg: New option --known-notation.
  scd: Add support for the Trustica Cryptoucan reader.
  agent: Speed up starting during on-demand launching.
  dirmngr: Validate SRV records in WKD queries.
  Release-info: https://dev.gnupg.org/T4112

PR:		230610 [1]
Submitted by:	Dmitri Goutnik
Reported by:	p5B2E9A8F t online de
Original commitRevision:478464 
Sunday, 29 Jul 2018
22:18 gerald search for other commits by this committer
Bump PORTREVISION for ports depending on the canonical version of GCC
in the ports tree (via Mk/bsd.default-versions.mk and lang/gcc) which
has now moved from GCC 6 to GCC 7 by default.

This includes ports
 - featuring USE_GCC=yes or USE_GCC=any,
 - featuring USES=fortran,
 - using Mk/bsd.octave.mk which in turn features USES=fortran, and those
 - with USES=compiler specifying one of openmp, nestedfct, c11, c++0x,
   c++11-lib, c++11-lang, c++14-lang, c++17-lang, or gcc-c++11-lib.

PR:		222542
Original commitRevision:475857 
Thursday, 12 Jul 2018
17:34 adamw search for other commits by this committer
Update gnupg to 2.2.9

  * dirmngr: Fix recursive resolver mode and other bugs in the libdns
    code.  [#3374,#3803,#3610]

  * dirmngr: When using libgpg-error 1.32 or later a GnuPG build with
    NTBTLS support (e.g. the standard Windows installer) does not
    anymore block for dozens of seconds before returning data.  If you
    still have problems on Windows, please consider to use one of the
    options disable-ipv4 or disable-ipv6.

  * gpg: Fix bug in --show-keys which actually imported revocation
    certificates.  [#4017]

  * gpg: Ignore too long user-ID and comment packets.  [#4022]

  * gpg: Fix crash due to bad German translation.  Improved printf
    format compile time check.

  * gpg: Handle missing ISSUER sub packet gracefully in the presence of
    the new ISSUER_FPR.  [#4046]

  * gpg: Allow decryption using several passphrases in most cases.
    [#3795,#4050]

  * gpg: Command --show-keys now enables the list options
    show-unusable-uids, show-unusable-subkeys, show-notations and
    show-policy-urls by default.

  * gpg: Command --show-keys now prints revocation certificates. [#4018]

  * gpg: Add revocation reason to the "rev" and "rvs" records of the
    option --with-colons.  [#1173]

  * gpg: Export option export-clean does now remove certain expired
    subkeys; export-minimal removes all expired subkeys.  [#3622]

  * gpg: New "usage" property for the drop-subkey filters.  [#4019]

MFH:		2018Q3
Original commitRevision:474528 
Friday, 8 Jun 2018
14:18 adamw search for other commits by this committer
Update gnupg to 2.2.8 (security release)

CVE-2018-12020:
The OpenPGP protocol allows to include the file name of the original
input file into a signed or encrypted message.  During decryption and
verification the GPG tool can display a notice with that file name.  The
displayed file name is not sanitized and as such may include line feeds
or other control characters.  This can be used inject terminal control
sequences into the out and, worse, to fake the so-called status
messages.  These status messages are parsed by programs to get
information from gpg about the validity of a signature and an other
parameters.  Status messages are created with the option "--status-fd N"
where N is a file descriptor.  Now if N is 2 the status messages and the
regular diagnostic messages share the stderr output channel.  By using a
made up file name in the message it is possible to fake status messages.
Using this technique it is for example possible to fake the verification
status of a signed mail.

Also:
  * gpg: Decryption of messages not using the MDC mode will now lead
    to a hard failure even if a legacy cipher algorithm was used.  The
    option --ignore-mdc-error can be used to turn this failure into a
    warning.  Take care: Never use that option unconditionally or
    without a prior warning.

  * gpg: The MDC encryption mode is now always used regardless of the
    cipher algorithm or any preferences.  For testing --rfc2440 can be
    used to create a message without an MDC.

  * gpg: Sanitize the diagnostic output of the original file name in
    verbose mode.  [#4012,CVE-2018-12020]

  * gpg: Detect suspicious multiple plaintext packets in a more
    reliable way.  [#4000]

  * gpg: Fix the duplicate key signature detection code.  [#3994]

  * gpg: The options --no-mdc-warn, --force-mdc, --no-force-mdc,
    --disable-mdc and --no-disable-mdc have no more effect.

  * agent: Add DBUS_SESSION_BUS_ADDRESS and a few other envvars to the
    list of startup environment variables.  [#3947]

MFH:		2018Q2
Security:	CVE-2018-12020
Original commitRevision:472003 
Friday, 4 May 2018
12:31 adamw search for other commits by this committer
Update gnupg to 2.2.7

Also, remove unnecessary USE_LDCONFIG.

  * gpg: New option --no-symkey-cache to disable the passphrase cache
    for symmetrical en- and decryption.

  * gpg: The ERRSIG status now prints the fingerprint if that is part
    of the signature.

  * gpg: Relax emitting of FAILURE status lines

  * gpg: Add a status flag to "sig" lines printed with --list-sigs.

  * gpg: Fix "Too many open files" when using --multifile.  [#3951]

  * ssh: Return an error for unknown ssh-agent flags.  [#3880]

  * dirmngr: Fix a regression since 2.1.16 which caused corrupted CRL
    caches under Windows.  [#2448,#3923]

  * dirmngr: Fix a CNAME problem with pools and TLS.  Also use a fixed
    mapping of keys.gnupg.net to sks-keyservers.net.  [#3755]

  * dirmngr: Try resurrecting dead hosts earlier (from 3 to 1.5 hours).

  * dirmngr: Fallback to CRL if no default OCSP responder is configured.

  * dirmngr: Implement CRL fetching via https.  Here a redirection to
    http is explictly allowed.

  * dirmngr: Make LDAP searching and CRL fetching work under Windows.
    This stopped working with 2.1.  [#3937]

  * agent,dirmngr: New sub-command "getenv" for "getinfo" to ease
    debugging.
Original commitRevision:469025 
Wednesday, 11 Apr 2018
00:56 adamw search for other commits by this committer
Update gnupg to 2.2.6

  * gpg,gpgsm: New option --request-origin to pretend requests coming
    from a browser or a remote site.

  * gpg: Fix race condition on trustdb.gpg updates due to too early
    released lock.  [#3839]

  * gpg: Emit FAILURE status lines in almost all cases.  [#3872]

  * gpg: Implement --dry-run for --passwd to make checking a key's
    passphrase straightforward.

  * gpg: Make sure to only accept a certification capable key for key
    signatures.  [#3844]

  * gpg: Better user interaction in --card-edit for the factory-reset
    sub-command.

  * gpg: Improve changing key attributes in --card-edit by adding an
    explicit "key-attr" sub-command.  [#3781]

  * gpg: Print the keygrips in the --card-status.

  * scd: Support KDF DO setup.  [#3823]

  * scd: Fix some issues with PC/SC on Windows.  [#3825]

  * scd: Fix suspend/resume handling in the CCID driver.

  * agent: Evict cached passphrases also via a timer.  [#3829]

  * agent: Use separate passphrase caches depending on the request
    origin.  [#3858]

  * ssh: Support signature flags.  [#3880]

  * dirmngr: Handle failures related to missing IPv6 support
    gracefully.  [#3331]

  * Fix corner cases related to specified home directory with
    drive letter on Windows.  [#3720]

  * Allow the use of UNC directory names as homedir.  [#3818]
Original commitRevision:467022 
Friday, 23 Feb 2018
14:24 adamw search for other commits by this committer
Update gnupg to 2.2.5

Changes: https://lists.gnupg.org/pipermail/gnupg-announce/2018q1/000420.html
Original commitRevision:462700 
Thursday, 21 Dec 2017
01:16 adamw search for other commits by this committer
Update gnupg to 2.2.4. Bump the libassuan requirement to 2.5.1.

  * gpg: Change default preferences to prefer SHA512.

  * gpg: Print a warning when more than 150 MiB are encrypted using a
    cipher with 64 bit block size.

  * gpg: Print a warning if the MDC feature has not been used for a
    message.

  * gpg: Fix regular expression of domain addresses in trust
    signatures. [#2923]

  * agent: New option --auto-expand-secmem to help with high numbers
    of concurrent connections.  Requires libgcrypt 1.8.2 for having
    an effect.  [#3530]

  * dirmngr: Cache responses of WKD queries.

  * gpgconf: Add option --status-fd.

  * wks: Add commands --check and --remove-key to gpg-wks-server.

  * Increase the backlog parameter of the daemons to 64 and add
    option --listen-backlog.

  * New configure option --enable-run-gnupg-user-socket to first try a
    socket directory which is not removed by systemd at session end.
Original commitRevision:456878 
Wednesday, 22 Nov 2017
02:04 adamw search for other commits by this committer
Update to 2.2.3

 * gpgsm: Fix initial keybox creation on Windows. [#3507]

 * dirmngr: Fix crash in case of a CRL loading error. [#3510]

 * Fix the name of the Windows registry key. [Git#4f5afaf1fd]

 * gpgtar: Fix wrong behaviour of --set-filename. [#3500]

 * gpg: Silence AKL retrieval messages. [#3504]

 * agent: Use clock or clock_gettime for calibration. [#3056]

 * agent: Improve robustness of the shutdown pending
   state. [Git#7ffedfab89]
Original commitRevision:454661 
Thursday, 9 Nov 2017
17:03 adamw search for other commits by this committer
Update to 2.2.2

Also, improve COMMENT, which conflicted with the pkg-descr.

 * gpg: Avoid duplicate key imports by concurrently running gpg
   processes. [#3446]

 * gpg: Fix creating on-disk subkey with on-card primary key. [#3280]

 * gpg: Fix validity retrieval for multiple keyrings. [Debian#878812]

 * gpg: Fix --dry-run and import option show-only for secret keys.

 * gpg: Print "sec" or "sbb" for secret keys with import option
   import-show. [#3431]

 * gpg: Make import less verbose. [#3397]

 * gpg: Add alias "Key-Grip" for parameter "Keygrip" and new
   parameter "Subkey-Grip" to unattended key generation.  [#3478]

 * gpg: Improve "factory-reset" command for OpenPGP cards.  [#3286]

 * gpg: Ease switching Gnuk tokens into ECC mode by using the magic
   keysize value 25519.

 * gpgsm: Fix --with-colon listing in crt records for fields > 12.

 * gpgsm: Do not expect X.509 keyids to be unique.  [#1644]

 * agent: Fix stucked Pinentry when using --max-passphrase-days. [#3190]

 * agent: New option --s2k-count.  [#3276 (workaround)]

 * dirmngr: Do not follow https-to-http redirects. [#3436]

 * dirmngr: Reduce default LDAP timeout from 100 to 15 seconds. [#3487]

 * gpgconf: Ignore non-installed components for commands
   --apply-profile and --apply-defaults. [#3313]

 * Add configure option --enable-werror.  [#2423]
Original commitRevision:453850 
Tuesday, 19 Sep 2017
18:31 adamw search for other commits by this committer
Update gnupg to 2.2.1, and remove the security/gnupg22 port

I misjudged the timeline for 2.3, and had not processed that the
intent of 2.3 is different from 2.1. Rather than 2.3 being a "modern"
branch and 2.2 being purely "stable," 2.3 will be development and
users are encouraged to remain on 2.2. Furthermore, upstream doesn't
expent a 2.3 release for a year or so.

Accordingly, I'm removing the gnupg22 port and updating security/gnupg
to be 2.2. gnugp20 is still scheduled for deletion at the end of the
year.
Original commitRevision:450153 
Sunday, 10 Sep 2017
20:55 gerald search for other commits by this committer
Bump PORTREVISION for ports depending on the canonical version of GCC
(via Mk/bsd.default-versions.mk and lang/gcc) which has moved from
GCC 5.4 to GCC 6.4 under most circumstances.

This includes ports
 - with USE_GCC=yes or USE_GCC=any,
 - with USES=fortran,
 - using Mk/bsd.octave.mk which in turn features USES=fortran, and
 - with USES=compiler specifying openmp, nestedfct, c++11-lib, c++11-lang,
   c++14-lang, c++0x, c11, or gcc-c++11-lib.

PR:		219275
Original commitRevision:449591 
Monday, 28 Aug 2017
13:02 adamw search for other commits by this committer
Add gnupg22 port. GnuPG 2.2 is the new LTS stable version. gnupg20 is
now marked for deprecation at the end of the year (when upstream support
for it will end). Users of gnupg20 should migrate to gnupg22.

The gnupg port is remaining at 2.1.x for now, as it's essentially the
same thing as 2.2.0. It will become 2.3 soon-ish.
Original commitRevision:448867 
Thursday, 10 Aug 2017
01:31 adamw search for other commits by this committer
Update to 2.1.23, and use the correct TEST_TARGET.


 * gpg: Options --auto-key-retrieve and --auto-key-locate "local,wkd"
   are now used by default.  Note: this enables keyserver and Web Key
   Directory operators to notice when a signature from a locally
   non-available key is being verified for the first time or when
   you intend to encrypt to a mail address without having the key
   locally.  This new behaviour will eventually make key discovery
   much easier and mostly automatic.  Disable this by adding
     no-auto-key-retrieve
     auto-key-locate local
   to your gpg.conf.

 * agent: Option --no-grab is now the default.  The new option --grab
   allows to revert this.

 * gpg: New import option "show-only".

 * gpg: New option --disable-dirmngr to entirely disable network
   access for gpg.

 * gpg,gpgsm: Tweaked DE-VS compliance behaviour.

 * New configure flag --enable-all-tests to run more extensive tests
   during "make check".

 * gpgsm: The keygrip is now always printed in colon mode as
   documented in the man page.
Original commitRevision:447661 
Saturday, 5 Aug 2017
17:32 adamw search for other commits by this committer
Update to 2.1.22.

Noteworthy changes in version 2.1.22
====================================

 * gpg: Extend command --quick-set-expire to allow for setting the
   expiration time of subkeys.

 * gpg: By default try to repair keys during import.  New sub-option
   no-repair-keys for --import-options.

 * gpg,gpgsm: Improved checking and reporting of DE-VS compliance.

 * gpg: New options --key-origin and --with-key-origin.  Store the
   time of the last key update from keyservers, WKD, or DANE.

 * agent: New option --ssh-fingerprint-digest.

 * dimngr: Lower timeouts on keyserver connection attempts and made
   it configurable.

 * dirmngr: Tor will now automatically be detected and used.  The
   option --no-use-tor disables Tor detection.

 * dirmngr: Now detects a changed /etc/resolv.conf.

 * agent,dirmngr: Initiate shutdown on removal of the GnuPG home
   directory.

 * gpg: Avoid caching passphrase for failed symmetric encryption.

 * agent: Support for unprotected ssh keys.

 * dirmngr: Fixed name resolving on systems using only v6
   nameservers.

 * dirmngr: Allow the use of TLS over http proxies.

 * w32: Change directory of the daemons after startup.

 * wks: New man pages for client and server.

A detailed description of the changes found in this 2.1 branch can be
found at <https://gnupg.org/faq/whats-new-in-2.1.html>.
Original commitRevision:447409 
Tuesday, 27 Jun 2017
13:46 sunpoet search for other commits by this committer
Update devel/readline to 7.0 patch 3

- Bump PORTREVISION for shlib change

Changes:	https://cnswww.cns.cwru.edu/php/chet/readline/CHANGES
		https://lists.gnu.org/archive/html/bug-bash/2016-09/msg00107.html
		https://lists.gnu.org/archive/html/bug-readline/2017-01/msg00002.html
Differential Revision:	https://reviews.freebsd.org/D11172
PR:		219947
Exp-run by:	antoine
Original commitRevision:444463 
Friday, 19 May 2017
17:05 adamw search for other commits by this committer
Ignore errors about missing smartcard daemon.

It's an OPTION on FreeBSD, but 2.1.21 treated missing scdaemon as an
error.

PR:		219400
Submitted by:	Philip Jocks
Obtained from:	https://dev.gnupg.org/rGa8dd96826f8484c0ae93c954035b95c2a75c80f2
See also:	https://lists.gnupg.org/pipermail/gnupg-users/2017-May/058233.html
MFH:		2017Q2
Original commitRevision:441252 
Monday, 15 May 2017
22:24 adamw search for other commits by this committer
Update to 2.1.21, which in particular fixes a keyring corruption bug.


  * gpg,gpgsm: Fix corruption of old style keyring.gpg files.  This
    bug was introduced with version 2.1.20.  Note that the default
    pubring.kbx format was not affected.

  * gpg,dirmngr: Removed the skeleton config file support.  The
    system's standard methods for providing default configuration
    files should be used instead.

  * w32: The Windows installer now allows installion of GnuPG without
    Administrator permissions.

  * gpg: Fixed import filter property match bug.

  * scd: Removed Linux support for Cardman 4040 PCMCIA reader.

  * scd: Fixed some corner case bugs in resume/suspend handling.

  * Many minor bug fixes and code cleanup.

MFH:		2017Q2
Original commitRevision:440980 
Monday, 3 Apr 2017
20:53 adamw search for other commits by this committer
Update to 2.1.20.

 * gpg: New properties 'expired', 'revoked', and 'disabled' for the
   import and export filters.

 * gpg: New command --quick-set-primary-uid.

 * gpg: New compliance field for the --with-colon key listing.

 * gpg: Changed the key parser to generalize the processing of local
   meta data packets.

 * gpg: Fixed assertion failure in the TOFU trust model.

 * gpg: Fixed exporting of zero length user ID packets.

 * scd: Improved support for multiple readers.

 * scd: Fixed timeout handling for key generation.

 * agent: New option --enable-extended-key-format.

 * dirmngr: Do not add a keyserver to a new dirmngr.conf.  Dirmngr
   uses a default keyserver.

 * dimngr: Do not treat TLS warning alerts as severe error when
   building with GNUTLS.

 * dirmngr: Actually take /etc/hosts in account.

 * wks: Fixed client problems on Windows.  Published keys are now set
   to world-readable.

 * tests: Fixed creation of temporary directories.

 * A socket directory for a non standard GNUGHOME is now created on
   the fly under /run/user.  Thus "gpgconf --create-socketdir" is now
   optional.  The use of "gpgconf --remove-socketdir" to clean up
   obsolete socket directories is however recommended to avoid
   cluttering /run/user with useless directories.

 * Fixed build problems on some platforms.
Original commitRevision:437674 
Saturday, 1 Apr 2017
15:23 gerald search for other commits by this committer
Bump PORTREVISIONs for ports depending on the canonical version of GCC and
lang/gcc which have moved from GCC 4.9.4 to GCC 5.4 (at least under some
circumstances such as versions of FreeBSD or platforms).

This includes ports
 - with USE_GCC=yes or USE_GCC=any,
 - with USES=fortran,
 - using using Mk/bsd.octave.mk which in turn has USES=fortran, and
 - with USES=compiler specifying openmp, nestedfct, c++11-lib, c++14-lang,
   c++11-lang, c++0x, c11, or gcc-c++11-lib.

PR:		216707
Original commitRevision:437439 
Friday, 3 Mar 2017
03:43 adamw search for other commits by this committer
Update to 2.1.19.

Noteworthy changes in version 2.1.19
====================================

  * gpg: Print a warning if Tor mode is requested but the Tor daemon
    is not running.

  * gpg: New status code DECRYPTION_KEY to print the actual private
    key used for decryption.

  * gpgv: New options --log-file and --debug.

  * gpg-agent: Revamp the prompts to ask for card PINs.

  * scd: Support for multiple card readers.

  * scd: Removed option --debug-disable-ticker.  Ticker is used
    only when it is required to watch removal of device/card.

  * scd: Improved detection of card inserting and removal.

  * dirmngr: New option --disable-ipv4.

  * dirmngr: New option --no-use-tor to explicitly disable the use of
    Tor.

  * dirmngr: The option --allow-version-check is now required even if
    the option --use-tor is also used.

  * dirmngr: Handle a missing nsswitch.conf gracefully.

  * dirmngr: Avoid PTR lookups for keyserver pools.  The are only done
    for the debug command "keyserver --hosttable".

  * dirmngr: Rework the internal certificate cache to support classes
    of certificates.  Load system provided certificates on startup.
    Add options --tls, --no-crl, and --systrust to the "VALIDATE"
    command.

  * dirmngr: Add support for the ntbtls library.

  * wks: Create mails with a "WKS-Phase" header.  Fix detection of
    Draft-2 mode.

  * The Windows installer is now build with limited TLS support.

  * Many other bug fixes and new regression tests.

A detailed description of the changes found in this 2.1 branch can be
found at <https://gnupg.org/faq/whats-new-in-2.1.html>.
Original commitRevision:435304 
Monday, 23 Jan 2017
23:01 adamw search for other commits by this committer
Update to 2.1.18

Noteworthy changes in version 2.1.18
====================================

 * gpg: Remove bogus subkey signature while cleaning a key (with
   export-clean, import-clean, or --edit-key's sub-command clean)

 * gpg: Allow freezing the clock with --faked-system-time.

 * gpg: New --export-option flag "backup", new --import-option flag
   "restore".

 * gpg-agent: Fixed long delay due to a regression in the progress
   callback code.

 * scd: Lots of code cleanup and internal changes.

 * scd: Improved the internal CCID driver.

 * dirmngr: Fixed problem with the DNS glue code (removal of the
   trailing dot in domain names).

 * dirmngr: Make sure that Tor is actually enabled after changing the
   conf file and sending SIGHUP or "gpgconf --reload dirmngr".

 * dirmngr: Fixed Tor access to IPv6 addresses.  Note that current
   versions of Tor may require that the flag "IPv6Traffic" is used
   with the option "SocksPort" in torrc to actually allow IPv6
   traffic.

 * dirmngr: Fixed HKP for literally given IPv6 addresses.

 * dirmngr: Enabled reverse DNS lookups via Tor.

 * dirmngr: Added experimental SRV record lookup for WKD.
   See commit 88dc3af3d4ae1afe1d5e136bc4c38bc4e7d4cd10 for details.

 * dirmngr: For HKP use "pgpkey-hkps" and "pgpkey-hkp" in SRV record
   lookups.  Avoid SRV record lookup when a port is explicitly
   specified.  This fixes a regression from the 1.4 and 2.0 behavior.

 * dirmngr: Gracefully handle a missing /etc/nsswitch.conf.  Ignore
   negation terms (e.g. "[!UNAVAIL=return]" instead of bailing out.

 * dirmngr: Better debug output for flags "dns" and "network".

 * dirmngr: On reload mark all known HKP servers alive.

 * gpgconf: Allow keyword "all" for --launch, --kill, and --reload.

 * tools: gpg-wks-client now ignores a missing policy file on the
   server.

 * Avoid unnecessary ambiguity error message in the option parsing.

 * Further improvements of the regression test suite.

 * Fixed building with --disable-libdns configure option.

 * Fixed a crash running the tests on 32 bit architectures.

 * Fixed spurious failures on BSD system in the spawn functions.
   This affected for example gpg-wks-client and gpgconf.
Original commitRevision:432305 
Wednesday, 18 Jan 2017
15:44 adamw search for other commits by this committer
Enable the SCDAEMON option by default.

Requested by:	Dave Horn
Original commitRevision:431813 
Saturday, 14 Jan 2017
23:46 adamw search for other commits by this committer
Update GnuPG to 2.1.17 which resolves the following error that resulted when
attempting to use the --export-ssh-key option.

gpg: Ohhhh jeeee: Assertion "ret_found_key == NULL || ret_keyblock != NULL" in
lookup failed (getkey.c:3677)

The KDNS option is removed with this update because upstream dropped use of
adns in favor of a bundled libdns which is used by default. Also, removed an
obsolete patch.

PR:		216057
Submitted by:	Matthew Rezny
Original commitRevision:431502 
Tuesday, 10 Jan 2017
15:52 tijl search for other commits by this committer
Use the -f flag when creating the gpg -> gpg2 link because test -e returns
false for dead links and ln should be allowed to replace them.
Simplify removal of the link on uninstall.

Approved by:	adamw (maintainer)
Original commitRevision:431097 
02:38 adamw search for other commits by this committer
A little more detail into COMMENT, reflow the pkg-descr, and use pro mode
for the plist.
Original commitRevision:431053 
02:06 adamw search for other commits by this committer
Simplify, reformat, and modernize.

The user-facing changes, some of which required a PORTREVISION bump:

* Don't make everybody download the signature file
* Add USES=readline, rather than making assumptions about it being in
  /usr. A side effect of this was that gnupg was being built with
  readline support on 10 but not 11, except when LDAP was enabled which
  brought it in as a side effect
* Don't make manpages dependent upon the DOCS option. As a side effect,
  everybody now gets the info files. Also, put the help files into
  DOCSDIR instead of DATADIR; best as I can tell they aren't being
  called from within gpg
* Reword the pkg-descr to describe what gpg is, rather than making a
  frightening-sounding statement about patents and unrestricted use
* Handle the gpg symlink in the plist, and be a little looser about
  creating it and tighter about removing it
* Remove the pkg-message. The pinentry dependency installs a pinentry
  dialogue already
Original commitRevision:431046 
00:42 adamw search for other commits by this committer
Take maintainership of the rest of the gnupg* ports from kuriyama, who
is slimming his portfolio. He created the gnupg ports over 18 years ago
and he has looked after them this whole time. Deepest thanks to him
for the incredible amount of work and time that's gone into these ports!
Original commitRevision:431044 
Sunday, 20 Nov 2016
13:40 novel search for other commits by this committer
security/gnupg: fix build on 9.x

gnupg fails to build on 9.x with:

  mime-parser.h:53: error: redefinition of typedef 'rfc822parse_t'
  rfc822parse.h:23: error: previous declaration of 'rfc822parse_t' was here

Add compiler:c11 to USES to fix that.

Reported by:	antoine
Original commitRevision:426589 
12:18 novel search for other commits by this committer
security/gnupg: update to 2.1.16

This release fixes an issue that the previous gnupg release (2.1.15)
was incompatible with libgpg-error 1.25 that caused gpg-agent failing
to start.

PR:		214568
Submitted by:	cmt
Tested by:	cmt
Reported by:	many
Original commitRevision:426573 
Tuesday, 18 Oct 2016
18:45 cmt search for other commits by this committer
update gnupg to 2.1.15

PR:		212355
Approved by:	rene (mentor)
Approved by:	maintainer timeout
Original commitRevision:424203 
Monday, 20 Jun 2016
10:49 kuriyama search for other commits by this committer
- Upgrade to 2.1.13 (minor bugfixes).
Original commitRevision:417149 
Friday, 6 May 2016
15:48 kuriyama search for other commits by this committer
- Upgrade to 2.1.12 (bugfixes).
Original commitRevision:414711 
Friday, 1 Apr 2016
14:25 mat search for other commits by this committer
Remove ${PORTSDIR}/ from dependencies, categories r, s, t, and u.

With hat:	portmgr
Sponsored by:	Absolight
Original commitRevision:412349 
Sunday, 27 Mar 2016
14:58 tijl search for other commits by this committer
- Update security/gnutls to 3.4.10.
- Rename the LIBDANE option DANE because that's the name of the protocol
  supported by libgnutls-dane and gnutls-cli.  Also clarify the option
  description.
- Add an IDN option.
- libgnutls-openssl has been removed in 3.4.  Some ports used this library
  in their LIB_DEPENDS but no port actually required it.
- Some old API functions have been removed.  Ports that used these have been
  updated or patched to use the new API.
- Add a patch to print/cups to prevent overlinking of libgnutls.so.
- Bump PORTREVISION on dependent ports.

net-im/jabber: This port used the old API to give users fine grained
control over which crypto algorithms were used via a configuration file.
It's not immediately obvious how to port this to the new API so the port
always uses the defaults now.

www/hydra: Mark BROKEN.  This uses more removed calls than the other ports,
is said to be alpha quality and not fully functional and has been abandoned
10 years ago.

PR:		207768
Exp-run by:	antoine
Approved by:	portmgr (antoine)
Original commitRevision:411990 
Friday, 19 Feb 2016
16:38 gahr search for other commits by this committer
security/gnupg: fix build when NLS is disabled
Original commitRevision:409190 
06:25 kuriyama search for other commits by this committer
Update to 2.1.11 (minor fixes, with upstream patch).
Original commitRevision:409152 
Monday, 14 Sep 2015
00:27 kuriyama search for other commits by this committer
- Upgrade to 2.1.8 (minor bugfixes).
Original commitRevision:396876 
Tuesday, 11 Aug 2015
22:50 kuriyama search for other commits by this committer
- Upgrade to 2.1.7 (minor fixes).
Original commitRevision:393983 
Thursday, 2 Jul 2015
14:10 kuriyama search for other commits by this committer
- Upgrade to 2.1.6 (minor bugfixes).

Announce:	https://lists.gnupg.org/pipermail/gnupg-announce/2015q3/000370.html
Original commitRevision:391147 
Saturday, 13 Jun 2015
07:34 kuriyama search for other commits by this committer
- Upgrade to 2.1.5 (bugfixes, minor enhancements).
Original commitRevision:389326 
Tuesday, 19 May 2015
14:16 kuriyama search for other commits by this committer
Upgrade to 2.1.4 (bugfixes since 2.1.2).
Original commitRevision:386777 
Thursday, 14 May 2015
10:15 mat search for other commits by this committer
MASTER_SITES cleanup.

- Replace ${MASTER_SITE_FOO} with FOO.
- Merge MASTER_SITE_SUBDIR into MASTER_SITES when possible. (This means 99.9%
  of the time.)
- Remove occurrences of MASTER_SITE_LOCAL when no subdirectory was present and
  no hint of what it should be was present.
- Fix some logic.
- And generally, make things more simple and easy to understand.

While there, add magic values to the FESTIVAL, GENTOO, GIMP, GNUPG, QT and
SAMBA macros.

Also, replace some EXTRACT_SUFX occurences with USES=tar:*.

Checked by:	make fetch-urlall-list
With hat:	portmgr
Sponsored by:	Absolight
Original commitRevision:386312 
Monday, 13 Apr 2015
02:55 kuriyama search for other commits by this committer
- Add CPE information [1].
- Fix accidentally linking devel/readline if installed [2].

# I'm working on 2.1.3 update, but it requires LDAP header even if
# disabled.  Stay tuned (or patches are welcome).

PR:		ports/198849 [1], ports/198036 and ports/198354 [2]
Submitted by:	shun.fbsd.pr@dropcut.net [1], amdmi3 and jf@fahrner.name [2]
Original commitRevision:383891 
Wednesday, 18 Feb 2015
22:31 kuriyama search for other commits by this committer
- Upgrade to 2.1.2 (bugfixes).
Original commitRevision:379323 

Number of commits found: 251 (showing only 100 on this page)

1 | 2 | 3  »