Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. GnuPG>
  3. gpa
[Announce] Dirmngr 0.9.0 released
wk at gnupg
Dec 17, 2004, 4:27 AM
Post #1 of 4 (2204 views)
Permalink
Hi!

We are pleased to announce the availability of Dirmngr 0.9.0.

Dirmngr is a server for managing and downloading certificate
revocation lists (CRLs) for X.509 certificates and for downloading the
certificates themselves. Dirmngr also handles OCSP requests as an
alternative to CRLs. Dirmngr is either invoked internaly by gpgsm
(from gnupg 1.9) or when running as a system daemon through the
dirmngr-client tool.

Get it from:

ftp://ftp.gnupg.org/gcrypt/alpha/dirmngr/dirmngr-0.9.0.tar.gz (555k)
ftp://ftp.gnupg.org/gcrypt/alpha/dirmngr/dirmngr-0.9.0.tar.gz.sig

or as a patch against the previous version:

ftp://ftp.gnupg.org/gcrypt/alpha/dirmngr/dirmngr-0.5.6-0.9.0.diff.gz (180k)


SHA1 checkums are:

05c8e2664c1d8ffe86270f331961f9a53f06d1e0 dirmngr-0.5.6-0.9.0.diff.gz
46dc0704abb5320465c9176d0dcc5eeafc0880fe dirmngr-0.9.0.tar.gz


Whats new in this release
=========================

* New option --daemon to start dirmngr as a system daemon. This
switches to the use of different directories and also does
CRL signing certificate validation on its own.

* New tool dirmngr-client.

* New options: --ldap-wrapper-program, --http-wrapper-program,
--disable-ldap, --disable-http, --honor-http-proxy, --http-proxy,
--ldap-proxy, --only-ldap-proxy, --ignore-ldap-dp and
--ignore-http-dp.

* Uses an external ldap wrapper to cope with timeouts and general
LDAP problems.

* SIGHUP may be used to reread the configuration and to flush the
certificate cache.

* An authorithyKeyIdentifier in a CRL is now handled correctly.


We have changed quite a lot with this release so if you encounter
build or runtime problems please report. Be sure to have read the
manual before you do so. The LDAP detection code in configure as been
repalced by the one used in GnuPG. Given the larger user base of
GnuPG that code is likely more portable


Happy Hacking,

Werner


--
Werner Koch <wk@gnupg.org>
The GnuPG Experts http://g10code.com
Free Software Foundation Europe http://fsfeurope.org
Re: [Announce] Dirmngr 0.9.0 released [ In reply to ]
michaelnottebrock at gmx
Dec 17, 2004, 6:34 AM
Post #2 of 4 (2146 views)
Permalink
On Friday, 17. December 2004 12:27, Werner Koch wrote:

> Whats new in this release
> =========================
>
> * New option --daemon to start dirmngr as a system daemon. This
> switches to the use of different directories and also does
> CRL signing certificate validation on its own.

N.B.: This introduces a dependency on GNU pth.

> We have changed quite a lot with this release so if you encounter
> build or runtime problems please report.

FreeBSD requires an additional #include in jnlib/logging.c, patch attached.

> The LDAP detection code in configure as been
> repalced by the one used in GnuPG.

The ldap configure check probably should use the contents of --prefix (if
supplied to configure) to guess additional include and library paths for the
test programs (i.e. CFLAGS+=-I/<prefix>/include & LDFLAGS+=-I/<prefix>/lib.

Right now the check will only succeed if the ldap libraries are in the
standard compiler search path or if additional LDFLAGS are supplied via the
environment.

Real world example: libldap.so in /usr/local/lib:

configure:11437: cc -o conftest -O2 -pipe -Wall -I/usr/local/include
conftest.c -lldap >&5
/usr/bin/ld: cannot find -lldap

The additional include path configure already uses here (-I/usr/local/include)
is carried over from the result of the gettext check.

--
,_, | Michael Nottebrock | lofi@freebsd.org
(/^ ^\) | FreeBSD - The Power to Serve | http://www.freebsd.org
\u/ | K Desktop Environment on FreeBSD | http://freebsd.kde.org

Attached Files:

Re: [Announce] Dirmngr 0.9.0 released [ In reply to ]
wk at gnupg
Dec 17, 2004, 7:42 AM
Post #3 of 4 (2152 views)
Permalink
On Fri, 17 Dec 2004 14:34:06 +0100, Michael Nottebrock said:

> N.B.: This introduces a dependency on GNU pth.

Yes, it does.

> FreeBSD requires an additional #include in jnlib/logging.c, patch attached.

Thanks.

> The ldap configure check probably should use the contents of --prefix (if
> supplied to configure) to guess additional include and library paths for the
> test programs (i.e. CFLAGS+=-I/<prefix>/include & LDFLAGS+=-I/<prefix>/lib.

Do you see the same problem for gnupg 1.4 ?


Salam-Shalom,

Werner
Re: [Announce] Dirmngr 0.9.0 released [ In reply to ]
michaelnottebrock at gmx
Dec 17, 2004, 8:08 AM
Post #4 of 4 (2162 views)
Permalink
On Friday, 17. December 2004 15:42, Werner Koch wrote:
> On Fri, 17 Dec 2004 14:34:06 +0100, Michael Nottebrock said:
> > N.B.: This introduces a dependency on GNU pth.
>
> Yes, it does.

Just mentioning. :-) (It would be nice if new dependencies could be mentioned
in release announcements, it makes the lifes of packagers a bit easier).

> > FreeBSD requires an additional #include in jnlib/logging.c, patch
> > attached.
>
> Thanks.
>
> > The ldap configure check probably should use the contents of --prefix (if
> > supplied to configure) to guess additional include and library paths for
> > the test programs (i.e. CFLAGS+=-I/<prefix>/include &
> > LDFLAGS+=-I/<prefix>/lib.
>
> Do you see the same problem for gnupg 1.4 ?

Can't tell, I'm using gnupg-1.2.6.

--
,_, | Michael Nottebrock | lofi@freebsd.org
(/^ ^\) | FreeBSD - The Power to Serve | http://www.freebsd.org
\u/ | K Desktop Environment on FreeBSD | http://freebsd.kde.org

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal