signing-party (2.11-1) unstable; urgency=medium [ Guilhem Moulin ] * d/control, d/install: Apply wrap-and-sort(1). * d/control: Remove useless Build-Depends: python. * d/control, d/rules: Replace dh_python2 with dh_python3. This has AFAICT no impact on the binary packages which have been ported to python3 in 2.8-1. (Closes: #938480.) * Set Rules-Requires-Root: no. * Trim trailing whitespace. * Move source package lintian overrides to debian/source. * Rename debian/NEWS.Debian to debian/NEWS. * Update standards version to 4.5.0, no changes needed. * Bump debhelper from 9 to 13. Remove now useless Build-Depends: autotools-dev. * Set debhelper-compat version in Build-Depends. * Use the dh sequencer in debian/rules. [ Max Harmathy ] * New script gpgparticipants-filter. -- Guilhem Moulin Wed, 08 Jul 2020 18:43:59 +0200 signing-party (2.10-2) unstable; urgency=high * gpg-key2ps: Security fix for CVE-2019-11627: unsafe shell call enabling shell injection via a User ID. Use Perl's (core) module Encode.pm instead of shelling out to `iconv`. (Closes: #928256.) -- Guilhem Moulin Sun, 05 May 2019 15:13:54 +0200 signing-party (2.9-1) unstable; urgency=medium * gpglist: + When --signer's argument is a long keyid or fingerprint, don't require the key to be present in the keyring. This enable filtering on unknown signing keys. + Don't choke on direct-key signatures. (Closes: #921331.) * gpgparticipants: + Improve quoting and replace `echo` with `printf`. + Avoid including subkey fingerprints when gpg.conf contains 'fingerprint'. -- Guilhem Moulin Fri, 01 Mar 2019 15:39:40 +0100 signing-party (2.8-1) unstable; urgency=low [ Guilhem Moulin ] * keyart, gpgparticipants-prefill: port to python3. * keyart: + Don't print ASCII art for subkeys, only the master key. + Pass --no-auto-check-trustdb flag to gpg(1). + Fix crash with non-ASCII UIDs. Patch from Grégoire Detrez. * Fix a couple of spelling errors. Thanks to Edward Betts for the report and patch. (Closes: #882729) * caff: + Add the "only-sign-text-ids" to the list of gpg(1) options imported from ~/.gnupg/gpg.conf. + Ensure the terminal is "sane enough" when asking questions ('echo', 'echok', 'icanon', 'icrnl' settings are all set), and restore original settings when exit()'ing the program. (Closes: #872529) * caff, gpglist, gpgsigs: in `gpg --with-colons` output, allow signature class to be followed with an optional revocation reason. gpg(1) does that since 2.2.9. (Closes: #905097.) * caff, gpg-key2latex, gpg-key2ps, gpglist, gpgsigs, keylookup: Remove references to https://pgp-tools.alioth.debian.org/ . * caff, gpg-key2latex, gpg-key2ps, gpg-mailkeys, gpglist, gpgparticipants, gpgsigs, keylookup: Remove SVN keywords ($Id$, $Rev$, etc.) * debian/control: + Migrate Vcs-Browser and Vcs-Git to https://salsa.debian.org/signing-party-team/signing-party . + Bump Standards-Version to 4.3.0 (no changes necessary). * sig2dot: Don't use the diamond operator. [ Edward Betts] * debian/control: add neomutt as an alternative to mutt -- Guilhem Moulin Mon, 28 Jan 2019 03:05:33 +0100 signing-party (2.7-2) unstable; urgency=low * debian/control: + Migrate Vcs-Browser and Vcs-Git from Alioth to Salsa. (Closes: #898200) + Bump Standards-Version to 4.1.4 (no changes necessary). -- Guilhem Moulin Wed, 09 May 2018 13:05:37 +0200 signing-party (2.7-1) unstable; urgency=low * gpg-key2ps: + Add support for ECDH, ECDSA and EDDSA key types. + Align key type & size listing to the GnuPG 2.1.x output (e.g., "rsa4096/DEADBEEF" instead of "4096R/DEADBEEF"). * gpgsigs: + Set UAT (jpeg photos) density to 90dpi so XeLaTeX doesn't complain that the image is too large. * debian/control: Bump Standards-Version to 4.1.3 + Replace "extra" priority to "optional" * debian/rules: Remove deprecated dh_autotools-dev_updateconfig and dh_autotools-dev_restoreconfig. -- Guilhem Moulin Mon, 29 Jan 2018 11:46:19 +0100 signing-party (2.6-1) unstable; urgency=low * gpgsigs: + Skip undefined UIDs. + Properly handle (skip) unknown attributes. + Allow digest hexadecimal characters to replace multiple '_' in the fill-in forms. (This is not what gpgparticipants(1) produces, but some KSP organizers use other scripts.) * gpglist: New option '--signer' to limit listed signers to the matching keys. * Makefile, debian/rules: Avoid parsing dpkg-parsechangelog(1) output. * debian/control: Bump Standards-Version to 4.0.0 (no changes necessary). -- Guilhem Moulin Fri, 07 Jul 2017 17:05:30 +0200 signing-party (2.5-1) unstable; urgency=low * caff: + Show how to set $ENV{'PERL_MAILERS'} to specify a sendmail binary (or use a sendmail-compatible MTA such as msmtp(1)). Credits to Ryan Kavanagh's blog post. + Fix regression (introduced in 2.4-1) skipping --recv-key when 'keys-from-gnupg' isn't set. (Closes: #837406) + List all UIDs contained in an email when asking whether to send it. * gpg-key2latex: Add an option '--qrcode-data' to specify the data to encode in a QR code (default: "OPENPGP4FPR:%f"). * gpg-key2ps: + Fix revoked UID stroke slant with "-r strike". Thanks to Grégoire Détrez for the patch. + Ensure subkeys are hiden unless '--show-subkeys' is set. (As of GnuPG 2.1.15-3, `gpg --with-colons --list-keys` lists subkeys by defaults.) Thanks to Grégoire Détrez for the patch. -- Guilhem Moulin Thu, 06 Oct 2016 14:59:44 +0200 signing-party (2.4-1) unstable; urgency=medium * caff, gpg-key2latex, gpgsigs: Ignore "KEY_CONSIDERED" status output emitted by gpg 2.1.13 and later. * caff, gpgsigs: Allow input produced by gpgparticipants(1) using gpg 2.1.13. With this version, key IDs are not displayed by default and the "Key fingerprint = " prefix is omitted. * caff: + Fix GnuPG version number comparison. + With GnuPG 2.1.13 or later, use gpgconf(1) to determine the socket paths. (It is not used on earlier gpg since earlier gpgconf do not support --homedir.) This fixes compatibility with GnuPG 2.1.13. (Closes: #834984) + When ~/.caff/gnupghome/gpg.conf does not exist, instead of creating a temporary file (as it's done since signing-party 2.3), parse ~/.gnup/gpg.conf and pass the GnuPG options that are known to be safe (and useful) for caff to gpg(1) using command line options. This soves the problem of lingering configuration files in case caff is killed. + Use full fingerprints internally to avoid collisions. (However $CONFIG{'keyid'} and $CONFIG{'local-users'} are kept to 64-bits key IDs as per RFC 4880 full fingerprints are not available in key signatures, and thus not exposed by `gpg --with-colons --list-sigs`.) + Automatically import the $CONFIG{'also-encrypt-to'} from the normal GnuPGHOME when possible. * d/source.lintian-overrides: Add 'debian-watch-file-is-missing' as we're upstream. * d/control: Remove Franck Joncourt from the Uploaders list per request of the MIA team. (Closes: #831321) -- Guilhem Moulin Mon, 22 Aug 2016 00:19:48 +0200 signing-party (2.3-1) unstable; urgency=low * debian.control: + Replace "Suggests: fonts-droid" by "Suggests: fonts-noto-mono, fonts-noto-cjk". (Closes: #804689) + Replace "http://" with "https://" in the Homepage and Vcs-Browser fields. + Bump Standards-Version to 3.9.8 (no changes necessary). * debian.rules: + Add 'hardening=+pie' to DEB_BUILD_MAINT_OPTIONS to compile ELF executables as PIEs. * caff: + Replace a hash slice with a reverse map for compatibility with Perl older than 5.20. Patch from Gregor Jasny. (Closes: #813469) + Deprecate $CONFIG{'keyserver'}. Users of GnuPG <2.1 should put the option in caff's GnuPG configuration file (~/.caff/gnupghome/gpg.conf by default) instead. GnuPG 2.1 delegates network access to another process (dirmngr), hence for 2.1 the keyserver should be set in ~/.gnupg/dirmngr.conf instead. + When caff's own GnuPG configuration file (~/.caff/gnupghome/gpg.conf) does not exist, automatically generate it with the GnuPG options found in ~/.gnup/gpg.conf that are known to be safe (and useful) for caff. This includes "keyserver", "keyserver-options", "ask-cert-level" and "cert-digest-algo" (among many others). Hence in the absence of its own GnuPG configuration file caff now uses the certification options from the user's GnuPG configuration file. * gpgsigs, gpg-key2latex: + Use "Noto Mono" as default font when compiling with XeLaTeX or LuaLaTeX; and "Noto Sans Mono CJK" as CJK font when compiling with XeLaTeX. * gpg-key2latex: + Don't show capabilities of the entire key when --show-subkeys is set. (Instead, the capabilities of the master key and each subkey are shown independently in uppercase.) + Enclose (sub)key capabilities in square brackets, to match GnuPG 2.1.11+'s output. + For ECDH, ECDSA, EDDSA (sub)keys, show the curve name instead of the public key algorithm and length. This matches GnuPG 2.1.x's output. + The master key's fingerprint was incorrectly set to the last unusable (eg, expired or revoked) subkey fingerprint, if any. (Closes: #815721) * keyart: + Print the public key algorithm and length as shown by GnuPG 2.1 (e.g., "rsa4096" instead of "4096R"); for ECDH, ECDSA and EDDSA keys, show the curve name instead. * keyanalyze: + Remove autogenerated files from the repository, so that they do not clutter it, and do not generated useless diffs. Patch from Guillem Jover. + Switch to use system libmd; this removes the embedded SHA-1 code. Patch from Guillem Jover. (Closes: #816851) -- Guilhem Moulin Tue, 26 Apr 2016 00:04:47 +0200 signing-party (2.2-1) unstable; urgency=low * caff: + "gpgparticipants"-formated input: accept key blocks not starting with a number such as [x] Fingerprint(s) OK [x] ID OK This makes caff able to process the Debconf 15 KSP file. (Closes: #797714) * gpglist: + Don't prune revoked UIDs with a subsequent selfsig. (Closes: #796664) + Add an option '--show-revoked' to show revoked UIDs. Thanks Tomasz Buchert for the patch. + Mention in the manpage that the path to the gpg binary is taken from the GNUPGBIN environment variable, if defined. -- Guilhem Moulin Tue, 15 Dec 2015 03:10:43 +0100 signing-party (2.1-1) unstable; urgency=low * caff: + Only consider non-expired/invalid/revoked keys and UIDs when generating the caffrc. + Proper RFC 5322 validation of email addresses. Currently gpg(1) only accepts a subset of RFC 5322-valid addresses (unless --allow-freeform-uid is set). caff is now able to extract the email address from any UID of the form "addr-spec" or "[phrase] " with a RFC 5322-valid addr-spec. + Prefix the signature by "-- \n" in the email template. + Automatically mkdir ~/.caff if it doesn't exit. Regression introduced in r776. (Closes: #786933) -- Guilhem Moulin Sat, 08 Aug 2015 16:34:16 +0200 signing-party (2.0-1) unstable; urgency=low * caff: + Fix broken compatibility with GnuPG 2.1 (2.1.3 and later only; earlier 2.1.x versions remain unsuported), due to --secret-keyring being ignored by the most recent gpg(1). On those we automaticalyl symlink the S.gpg-agent (unless 'no-sign') and S.dirmngr (unless 'no-download') sockets to avoid spawning new agents in caff's GNUPGHOME. This require an extra call to gpg(1) at the beginning to determine the version. (Closes: #771857) + Default $CONFIG{'local-user'} to $CONFIG{'keyid'} rather than importing the public part of *all* keys found in the secret keyring. (When not pruning the good keys with -u, gpg(1) croaks with exit status 2 when there are secret keys without public part.) + Print {error,warnings,notice,info} lines on STDERR. + Add a --debug flag to enable debug messages. + Deprecate $CONFIG{'gpg-sign'} and $CONFIG{'gpg-delsig'}. + Never redirect STDERR. Send the logger output to /dev/null instead (unless in debug mode). (Closes: #775702) + Send attachements and non RFC 2822 UIDs to *all* signed addresses, not only those for which the UID is exported. This is useful when the signee has some already signed RFC 2822 UIDs and a freshly added attribute, for instance. + Use Term::ANSIColor to produce fancy colored output. Can be configured by setting $CONFIG{colors} to a suitable hash; in particular setting $CONFIG{colors} = {} reverts to the old uncolored output. + Prune keys with import-{clean,minimal} not export-{clean,minimal}. + Fix $CONFIG{'also-lsign-in-gnupghome'}: local signatures are directly imported from caff's GNUPGHOME to our own; in auto-lsign'ing mode, lsign UID for which we have an exportable signature (preserving the signer and cert level). + Pass the 'keyserver-options' specified in ~/.gnupg/gpg.conf to $CONFIG{keyserver} when it is left unset. (Closes: #780836) * gpgsigs: + Add a legend with the different signature types. + Mark local signatures as 'L' (formerly they were marked as 'S'), and expiring -- but not expired -- signatures as 'x'. * caff, pgp-clean, pgp-fixkey, gpg-key2latex, gpg-key2ps, gpg-mailkeys, gpgdir, gpgparticipants, gpgsigs, keyart, keylookup: + Add the possibility to choose the gpg binary via the "GNUPGBIN" environment variable. (Default: "gpg".) -- Guilhem Moulin Tue, 14 Apr 2015 20:02:36 +0200 signing-party (1.1.12-1) unstable; urgency=low * debian.control: + Remove useless Build-Conflicts autoconf2.13 and automake1.4. + Suggest texlive-latex-extra due to gpg-key2latex using adjustbox.sty. (Closes: #769956) + Add dh-python to Build-Depends. * caff: + Don't consider KEYEXPIRED and SIGEXPIRED as unknown reply from gpg when downloading a key containing a revoked subkey or UID from a keyserver. (Closes: #769892) + Import the public part of *all* keys found in the secret keyring, not only those in @{$CONFIG{keyid}}. Otherwise gpg(1) croaks with exit status 2 when there are secret keys without public part. + Add a configuration option 'mail-subject' to set the "Subject:" header field. (Closes: #771436) * keyart: + Replace shebang by /usr/bin/python. * gpg-key2latex: + Add a fixed 4 module wide quiet zone around QR codes as specified in the standard. (Closes: #772854) + Generate QR codes with (M)edium error correction level. * gpgsigs: + Add --no-auto-check-trustdb to the gpg options (ownertrust values are irrelevant here). * gpglist: + Add --no-auto-check-trustdb to the gpg options (ownertrust values are irrelevant here). -- Guilhem Moulin Fri, 02 Jan 2015 19:45:29 +0100 signing-party (1.1.11-1) unstable; urgency=medium [ Thijs Kinkhorst ] * Remove self from from uploaders. [ Guilhem Moulin ] * caff: + Fix RCF 2822 violation: Never localize the "Date" header, regarless of the LC_ALL, LC_TIME and LANG in use. Regression introduced in r698. (Closes: #767371) + Regression fix: allow 8-digits keyid to be passed for annotation. (Closes: #768342) * gpg-key2latex: new script to generate a LaTeX file with fingerprint paper slips. (Closes: #316131, #412512) -- Guilhem Moulin Fri, 14 Nov 2014 01:16:49 +0100 signing-party (1.1.10-1) unstable; urgency=low * debian.compat: + Upgrade packaging to debhelper level 9. * debian.control: + Upgrade Standards-Version to 3.9.6. * caff: + Add a "Date" email header. Patch from Clint Adams. (Closes: #760316) + Fix edge-case RFC 2822 violation in "From" and "Sender" email headers. + Use gpg's --textmode to normalize the line separators to the standard CRLF. + Unescape escaped characters in gpg --with-colons's output (eg, ':'). + Fix encoding on non-UTF8 charsets. + Improve key ID validation. -- Guilhem Moulin Sat, 11 Oct 2014 22:48:53 +0200 signing-party (1.1.9-1) unstable; urgency=low [ Guilhem Moulin ] * debian.copyright: + Upgragrade to the new, machine-readable, format. * caff: + Fix regression introduced in r518 when removing the 'defined' in 'defined @array'. (Closes: #756459) * gpg-key2ps: + Replace ',' with '.' in paperconf's output, which is localized while Postscript understands only '.' as decimal mark. (Closes: #758991) * gpgsigs: + Use Perl's "Encode" core module for charset conversion. Also, change the default 'from' charset to be the locale in use, as it was the case for 'to'. (Use -f/-t to select alternative from/to charsets.) -- Guilhem Moulin Mon, 25 Aug 2014 21:50:04 +0200 signing-party (1.1.8-1) unstable; urgency=low [ Guilhem Moulin ] * caff: + Improve the documentation of gpgparticipants annotations. + When clean-exporting a key (aka pruning), don't ignore signatures just because their certification level in under 'min-cert-level' (which defaults to 2). (Closes: #751252) * gpgwrap: + Import the default Debian CFLAGS defined by dpkg-buildflags, which makes the Buildd Log Scanner stop emitting 'W-dpkg-buildflags-missing CFLAGS'. * keyanalyze: + Import the default Debian CFLAGS defined by dpkg-buildflags, which makes the Buildd Log Scanner stop emitting 'W-dpkg-buildflags-missing CFLAGS'. * sig2dot: + Apply -d on OpenPGP signatures and revocation certificates only. (LP: #393242) * springgraph: + Avoid 'illegal division by zero' errors when dealing with isolated nodes and/or degenerated cylinders. (LP: #1267981) + Add an option -f to set the (TrueType) font, style and size to use on labels. This allows proper displaying of non-ASCII labels (provided the chosen font covers all the glyphs). * debian.control, debian.rules: + Update the config files before building the package. Patch from Breno Leitao. (Closes: #748977) [ Aaron Toponce ] * keyart: new script to dislay an ASCII art representation of OpenPGP key files. -- Guilhem Moulin Sat, 21 Jun 2014 17:32:13 +0200 signing-party (1.1.7-1) unstable; urgency=low [ Guilhem Moulin ] * caff: + Give an example of 'mailer-send' with a custom envelope sender address. + Document a possible workflow in README.many-keys, when working with an annotated gpgparticipants(1) list. + Document a possible workflow for offline signing. * gpgparticipants: + Escape hyphen-minuses (-) in the documentation, as groff may interpret them as hyphens (U+2010). + Use gpg's --display-charset to force the output to be UTF-8 encoded, as the C.UTF-8 locale isn't installed on all platforms. Patch from Stefan Huber. (Closes: #747296). + Prefix gpg with LANGUAGE=en to force the output to be in English. (Other tools in signing-party parse this output.) + Prefix date(1) with LC_ALL=C to prevent its output to be localized. * gpgwrap: + Import the default Debian CPPFLAGS defined by dpkg-buildflags, which makes lintian stop emitting the 'hardening-no-fortify-functions' tag. * debian.control: + Update the Vcs-Svn and Vcs-Browser to canonical URIs. [ Peter Palfrader ] * gpgparticipants-prefill: + add --max-length and --prefix options. -- Guilhem Moulin Sun, 11 May 2014 14:49:43 +0200 signing-party (1.1.6-1) unstable; urgency=low [ Guilhem Moulin ] * Avoid unnecessary forks and calls to the command shell. * caff: + Properly MIME-Q encode e-mail headers. (Closes: #659971) + Convert internationalized addresses to ASCII in e-mail envelopes and headers. (Closes: #637222) + Adapt patch from Julius Seemayer to reopen STDIN as a TTY. (Closes: #723024) + Allow local and owner keyids to be specified as fingerprints. (Closes: #635359) + Don't redirect gpg's STDERR when importing the keys. (Closes: #612178) + Create the mail files in ~/.caff/keys when mail=no. (Closes: #652686) + Add an option 'mail-cant-encrypt' for special treatment of keys without encryption capability. (Closes: #622790) + Adapt patch from oli and add an option 'gpg-sign-type' for custom signature types. (Closes: #679951) + Add an option 'also-lsign-in-gnupghome' to add non-exportable signatures on the user's GnuPGHOME. (Closes: #680136) + Accept gpgparticipants formatted content on STDIN. (Closes: #622560) + Prefer the keyserver defined in ~/.gnupg/gpg.conf if found. (Closes: #720413) + Abort upon gpg failure. + Create temporary directories in $TMPDIR. (Closes: #735384) + Significant performance boost when importing and pruning. + Adapt patch from Gaudenz Steinlin and add an option 'show-photos' to view photos before signing. (Closes: #594252) + Ignore expired / invalid / revoked UIDs when pruning and exporting. * gpgsigs: + Allow long keyids and key fingerprints (preferred). (Closes: #736963) + Wrap long UIDs (when used with --latex) and digest lines. (Closes: #738718) + Make --latex produce a {pdf,lua,Xe}LaTeX-compatible output. (Closes: #618781) + Allow any checksum algorithm supported by gpg. + Don't identify two UATs that have the same size (use the packet hash to distinguish them). + Mark expired or revoked signatures as such. + Display the correct size of UATs. + Don't use a helper --photo-viewer to store the UATs; instead use --attribute-file and split the output. (Closes: #693906) + Add a dependency to GnuPG::Interface to separate the status output from STDOUT. * gpg-mailkeys: + Apply patch from Stefan Huber to check for empty FROM. (Closes: #727000) + Adapt patch from Stefan Huber to make sendmail's path configurable. (Closes: #727001) * gpgparticipants: + Adapt patch from Tanguy Ortolo to output to STDOUT. (Closes: #694465) + Adapt patch from Tanguy Ortolo to output to accept any digest algorithm supported by gpg (default: SHA256,RIPEMD160). (Closes: #659990) * gpglist: + Handle time-limited signatures (don't list them). + Don't mark a signature as revoked if another signature was created after the revocation certificate (cf. RFC 4880 section 5.2.1, signature type 0x30), or if the signature was non-revokable. + Don't identify two UATs that have the same size (use the packet hash to distinguish them). * pgpring: + Apply patch from Fabrizio Tarizzo to display the correct key length for DSA and Elgamal keys. (Closes: #602284) + Apply patch from Fabrizio Tarizzo to show creation date on signatures and, when present, expiration date on keys and signatures. Also, add options -E and -e to respectively exclude expired keys and signatures from the listing. (Closes: #603257) + Upgrade aclocal.m4 to autoconf 2.69. + Don't checkout unsafe symlink depcomp (automatically created by 'automake --add-missing') and other files automatically generated by automake or autoconf. * gpgwrap: + Link with "read-only relocation" flag set. * debian.control: + Add libnet-idn-encode-perl as Depends for gpgsigs. + Add texlive-xetex and fonts-droid as Suggests for gpgsigs. + Bump Standards-Version up to 3.9.5 (no changes). + Add autotools-dev as Build-Depends for keyanalyze. + Add ${python:Depends} as Depends and python as Build-Depends for gpgparticipants-prefill. + Add autoconf and automake1.11 as Build-Depends for keyanalyze. * Don't checkout empty directories, as git-svn(1) doesn't like them. [ Thijs Kinkhorst ] * Remove Peter Palfrader and Christoph Berg from uploaders, as per their request. -- Guilhem Moulin Sat, 22 Mar 2014 20:09:26 +0100 signing-party (1.1.5-1) unstable; urgency=medium [ Thijs Kinkhorst ] * caff: correct man page for keys-from-gnupg (closes: #652683) * caff: fix infinite loop after signing a key with newer gpg. Thanks Bernd Zeimetz for the patch. (closes: #722206, #735536) * Drop keyanalyze transitional package, present since 2009. [ Stefan Huber ] * gpgparticipants: Use more modern hashes than md5. [ Peter Palfrader ] * Add gpgparticipants-prefill by Stefan Huber. * Fix comment about keyids in caffrc.sample. -- Thijs Kinkhorst Thu, 30 Jan 2014 14:28:08 +0100 signing-party (1.1.4-1) unstable; urgency=low [ Thijs Kinkhorst ] * caff: + Correct path of ~/.caffrc in informational messages (Closes: #582603). + Be more verbose on unexpected key ID (Closes: #645792). * gpg-key2ps: + Apply patch from Uwe Kleine-König to deal with latin1 characters (Closes: #596377). * Debian package: + Import dpkg build flags, plus small cleanups. [ Franck Joncourt ] * Debian package: + Switch to dpkg-source 3.0 (quilt) format. - Removed README.source which was needed only for documentation purpose. - Removed quilt framework in d.rules. - Removed BD on quilt. - Added source/format file. + Depend on "default-mta | mail-transport-agent" rather than the old "exim4 | mail-transport-agent". + Bumped Standards-Version up to 3.9.0 (no changes). * gpg-mailkeys: + Correct path of ~/.gpg-mailkeysrc and ~/.signature in manpage. + Add new environment variable SENDMAIL_ARGS to allow user to pass arguments to sendmail (closes: #599409). * caff: + Refactor import of own key and import for keys to sign from keyrings. + Also automatically import keys to sign from the user's normal gpg keyrings. + Use --no-auto-check-trustdb when importing keys from files or the user's normal gpg keyrings (closes: #539643). [ Peter Palfrader ] * caff: + manpage: Refer to all of /usr/share/doc/signing-party/caff/ and not just to /usr/share/doc/signing-party/caff/caffrc.sample (closes: #568052). + Fix horrible &function calls used because of broken prototypes. + Even if all keys to sign were found in the user's normal gpg keyrings we still need to import them (again) from any keyrings passed with --key-files - the keys there might be newer, containing new subkeys (for encryption), uids (for signing) or revocations. + Make importing of keys to be signed from the normal gpg optional (--keys-from-gnupg). + refactor copying of command line options into global config variable. + Create the mail files in ~/.caff/keys even if mail is not sent (closes: #590666). -- Thijs Kinkhorst Wed, 02 Nov 2011 18:17:25 +0100 signing-party (1.1.3-1) unstable; urgency=low [ Franck Joncourt ] * Debian package: + Updated my email address in d.control. + Added myself as contributor in d.copyright * keylookup: + Fixed typo noticed by lintian in manpage keylookup.1. * caff: + Set the Sender header with the email address which is used for the From header. This overrides the default value which was set by the MIME::Entity Perl module based on the local hostname. (Closes: #556782) [ Thijs Kinkhorst ] * Bumped Standards-Version up to 3.8.4 (no changes). -- Thijs Kinkhorst Wed, 03 Feb 2010 22:03:41 +0100 signing-party (1.1.2-1) unstable; urgency=low * gpgsigs: + Added patch from Roland Rosenfeld to support RIPEMD160 checksum. (Closes: #533747). + Updated man page to mention support for SHA256 and RIPEMD160 checksum. + Made removal of nonexistent photos quiet by the use of the force option. + Updated generated tex file in latex mode so that it uses the grffile package. This allows pdflatex to process our tex file assuming the photos are previously converted to PDF. (Closes: #542478) + Added texlive-latex-recommended as a suggested package in debian/control. It contains the grffile latex package. * caff: Updated check for the local-user keyids. + Moved the current check to a new function get_local_user_keys(). + Warned the user if a local-user keyid is not listed as a keyid in ~/.caffrc. (Closes: #540165). * gpgdir: New upstream release. * gpg-mailkeys: + The charset for the text of the message is deduced from the charset used by ~/.gpg-mailkeysrc and ~/.signature. The text message is encoded in quoted printable and thus it requires a new dependency on qprint in debian/control. (Closes: #545186) + Mentionned both the .gpg-mailkeysrc and .signature files in the manpage. * debian.control: added ${misc:Depends} as Depends for the keyanalyze package. * Bumped Standards-Version up to 3.8.3 (no changes). -- Franck Joncourt Thu, 24 Sep 2009 19:29:07 +0200 signing-party (1.1.1-1) unstable; urgency=low [ Christoph Berg ] * gpg-key2ps: assume gpg output to be in utf-8, instead of depending on the current locale. [ Franck Joncourt ] * caff: + Take the CONFIG{'mail'} variable from .caffrc into count. (Closes: #520387) + Update caff's manpage to mention a keyid specified with -u requires to be listed in the configuration file through the keyid variable. Add a note in caffrc.sample about using the -u option to select which keyid from the CONFIG{'keyid'} as to be used for signing. (Closes: #482693) * keyanalyze/top50.pl: Fix the error message when a line from stdin does not match. * keyanalyze/analyze.sh: + Make the entries in the msd-sorted.txt file sorted. + Used msd.txt file as input for top50.pl. The current pattern in top50.pl does not match data from the msd-sorted.txt file. + Allowed the top1000 report to report the first 1000 ranks by passing *-n 1000* to top50.pl. Set to 50 by default. [ Thijs Kinkhorst ] * Make pool.sks-keyservers.net the default keyserver (closes: #527941). * Checked for policy 3.8.1, no changes necessary. -- Thijs Kinkhorst Fri, 12 Jun 2009 08:50:33 +0200 signing-party (1.1-2) unstable; urgency=low * Fix build error when only building the binary package by fixing the build-arch target (Closes: #516804). -- Thijs Kinkhorst Mon, 23 Feb 2009 21:37:20 +0100 signing-party (1.1-1) unstable; urgency=low [ Franck Joncourt ] * Imported gpgdir. (Closes: #498167) * Imported gpgwrap. (Closes: #454074) Added Quilt framework/README.source to handle gpgwrap. * Refreshed debian/control and README files with the new descriptions. * Added new dependencies required by gpgdir: libterm-readkey-perl, libclass-methodmaker-perl * Added wipe as suggested package (useful with gpgdir). [ Thijs Kinkhorst ] * Checked for policy 3.8.0, no changes. * caff: Fix pod syntax problems (Closes: #485653). * gpg-key2ps: no longer waste paper on the subkey information by default. It's not relevant to the keysigning process, but added option to enable if you want it. * Remove obsolete transitional packages sig2dot, springgraph. * Upgrade packaging to debhelper level 7. [ Christoph Berg ] * Import keyanalyze into signing-party. Thanks to Matthew Wilcox for the permission. Provide a transitional package. + Add patch to flatten output structure for small keyrings. (Closes: #309101) + Update config.{sub,guess}. (Closes: #365148) + Add patch by Stephan Beyer to improve process_keys' input parsing, remedying the need of weird grep and sed commands. (Closes: #370571) + Add -h option to keyanalyze, and update manpage. (Closes: #370570) * Put examples in .../examples/$prog, not the other way round. * Use dh_lintian. -- Thijs Kinkhorst Sun, 22 Feb 2009 17:58:09 +0100 signing-party (1.0-2) unstable; urgency=low * gpg-mailkeys: Fix parameter escaping of printf, thanks Olivier Tetard (Closes: #478151). * springgraph: clarify help text (Closes: 474351). * Switch dependency libmime-perl to libmime-tools-perl (renamed). * Put springgraph and sig2dot in section graphics. -- Thijs Kinkhorst Tue, 20 May 2008 12:23:52 +0200 signing-party (1.0-1) unstable; urgency=low * The 1.0 release. [ Christoph Berg ] * gpglist: Do not barf on revokers (rvk). Thanks to Faidon Liambotis for spotting. * sig2dot, springgraph: new scripts joining the family, no longer provided as separate packages. We shamelessly bump our version number to something greater, and build transitional packages. * gpg-key2ps: also handle revoked subkeys (Closes: #467001). * gpgsigs: correctly handle keys with several photo ids via a helper script in /usr/share/signing-party/ (Closes: #453840). * Start moving the installation machinery from debian/* to Makefiles. [ Thijs Kinkhorst ] * keylookup: cope with 16 or 40 nibble keyids, thanks Philippe Teuwen (Closes: #466716). * gpg-key2ps: also accept revoked-style long option, thanks Luca Capello (Closes: #466993). * gpgparticipants: new script to create a participant list useful for party organisers using the Zimmermann-Sassaman key-signing protocol. Thanks Philippe Teuwen (Closes: #467338). * caff: always update the user's key from their GnuPG home, to adequately cope with changed keys (Closes: #462897). -- Christoph Berg Sun, 16 Mar 2008 20:58:50 +0100 signing-party (0.4.13-1) unstable; urgency=low [ Christoph Berg ] * gpgsigs: Implement support for LaTeX output and photo ids. (Closes: #412433, #430607) * gpg-key2ps: Mention http://www.debian.org/events/materials/business-cards/ as an alternative. (Closes: #439510) [ Thijs Kinkhorst ] * Move Homepage to control field. -- Christoph Berg Sun, 18 Nov 2007 21:02:49 +0100 signing-party (0.4.12-1) unstable; urgency=low [ Christoph Berg ] * caff: + Allow spaces in keyids/fingerprints for easier cut-and-paste. * Replaces: keylookup. [ Peter Palfrader ] * caff: + Fix a warning message when encrypting fails. + Try to handle expired keys specified in also-encrypt-to better. [ Thijs Kinkhorst ] * caff: + Add filename to one of the MIME parts as its absence breaks certain virus scanners. + Make -m (mail options) a yes/no/ask-yes/ask-no option, based on a suggestion by Gerfried Fuchs (Closes: #383423). * gpg-mailkeys: + Resolve bashisms in gpg-mailkeys. * Cleanup package dependencies. -- Thijs Kinkhorst Thu, 23 Aug 2007 12:09:43 +0200 signing-party (0.4.11-1) unstable; urgency=low The "Debconf 7" release. * gpgsigs: Apply patch by Joachim Breitner to also show incoming signatures and support sha256 checksum (Closes: #428538). -- Christoph Berg Sun, 17 Jun 2007 12:32:21 +0200 signing-party (0.4.10-1) unstable; urgency=low * caff: + Fix syntax error in example config variables (Closes: #413020). + Fix perl warnings when calling pgp-fixkey with unknown keyid or with empty signature create date. * gpg-key2ps: + Add '-1' option to only display one column of slips, for extra wide keys (Closes: #399474). * keylookup: + Fix perl warnings caused by empty lines from gpg output. * Drop transitional and now obsolete keylookup package. * Remove no longer needed dependency on mailx. -- Thijs Kinkhorst Tue, 22 May 2007 11:41:32 +0200 signing-party (0.4.9-1) unstable; urgency=low * caff: + Fix a bug with checking if we have exactly one or more keys that failed downloading. + Mention in manpage that keyserver-options is a useful setting in .caff/gnupghome/gpg.conf (Closes: #392811). + q-p-encode From: header (Closes: #366745). -- Christoph Berg Sun, 29 Oct 2006 21:02:56 +0100 signing-party (0.4.8-1) unstable; urgency=low * gpglist: do not die with with-fingerprint (Closes: #382019). * gpg-key2ps: add --list-key to gpg call (works around #382794). * caff: when set, use $ENV{'GNUPGHOME'} to find secring.gpg. Suggested by Gerfried Fuchs. -- Christoph Berg Sun, 8 Oct 2006 01:29:59 +0200 signing-party (0.4.7-1) unstable; urgency=low * Update my maintainer address. * gpg-mailkeys: use right content-type for attached key, thanks Wesley Landaker (Closes: #370566). -- Thijs Kinkhorst Tue, 4 Jul 2006 15:33:53 +0200 signing-party (0.4.6-2) unstable; urgency=low * gpgsigs: recognize rvk (revoker), found in ksp-dc6.txt. * Bump Standards-Version to 3.7.2, no changes. -- Christoph Berg Fri, 12 May 2006 13:40:37 -0500 signing-party (0.4.6-1) unstable; urgency=low * caff: + Try hostname without -f first to be compatible with BSD (Closes: #356830). + Make local-user a config option, thanks to Michael C. Toren for the patch (Closes: #361316). + Make local-user accept a list of keyids (Closes: #333832). + Make also-encrypt-to a list, add a commented stanza to the default config file (Closes: #325163). + Include mail-template in default config file, some minor syntax fixes. + Bump copyright, use URL in User-Agent header. * pgp-clean: + Import caff's getopt handling. + Add option to allow exporting subkeys (Closes: #359698). * Bump Standards-Version, no change. -- Christoph Berg Wed, 3 May 2006 23:43:44 +0200 signing-party (0.4.5-1) unstable; urgency=low * Upgrade debhelper compatibility to the recommended level 5. * Update FSF addresses. * caff: tweak documentation. * caff: note that mailed keys are encrypted (suggested by Sune Vuorela). * caff: You can now specify additional arguments to pass to the send method of Mail::Mailer. This allows you to send mails via SMTP and use authentication for instance. Thanks to Martin von Gagern. * gpg-key2ps, keylookup: make them less dependent on specific installation paths and thus better portable outside of Debian (Closes: #354142). -- Christoph Berg Sun, 12 Mar 2006 13:34:20 +0100 signing-party (0.4.4-2) unstable; urgency=low * Fix path in caff(1) (Closes: #327556, thanks Axel Beckert). -- Christoph Berg Sun, 11 Sep 2005 23:55:27 +0200 signing-party (0.4.4-1) unstable; urgency=low * caff: + When building a ~/.caffrc when there is none we would fail if we cannot find a key or an email address for the current user. Change this to produce something sensible in that case as well (closes: #325156). -- Christoph Berg Sun, 11 Sep 2005 02:01:50 +0200 signing-party (0.4.3-1) unstable; urgency=low * gpg-key2ps: + handle revoked uids in perl to get linecount right (Closes: #320785). * Debian package: + gpgsigs: install example files. + Install caff's pgp-fixkey. + Make the version of the empty keylookup package grow too. + Install keylookup's old Debian changelog as changelog.keylookup.gz. + Make some lintian overrides. + Slightly change keylookup's long description. + Update signing-party's short description. -- Peter Palfrader Tue, 23 Aug 2005 01:51:16 +0200 signing-party (0.4.2-1) unstable; urgency=low * New upstream release. * debian/control: move libpaper-utils to Recommends, remove redundant perl dependency. * Do not ship useless README file in the binary package. It's more or less the same as the long description * caff: + create configfile on first use (Closes: #316611). + note use of ~/.caff/gnupghome/gpg.conf in manpage (Closes: #321235). + allow adding a Reply-To: header (Closes: #321007, thanks to Joost van Baal for the patch). + parse IMPORT_OK correctly (Closes: #321496). + be more verbose when user tries to sign obsolete v3 crap. + install README.*. * gpglist: added new script, thanks to Uli Martens. * gpg-key2ps: + use Getopt::Long, general code cleanup. + gpg-key2ps "my name" works now. + Convert from shell script to perl. + Fix too few slips on a page (Closes: #320785). * Add keylookup: ncurses wrapper around gpg --search + keylookup now calls gpg to search for keys instead of connecting to the keyserver itself. Therefore there is no need to parse ~/.gnupg/gpg.conf anymore (Closes: #164750). + Recommend dialog | whiptail -- Peter Palfrader Wed, 17 Aug 2005 23:06:15 +0200 signing-party (0.4.1-1) unstable; urgency=low * New upstream release. Lots of fixes and enhancements, including: gpg-key2ps: + handles revoked subkeys, thanks Christof Douma (Closes: #311990). gpg-mailkeys: + add -i switch to sendmail to prevent lines with a dot causing unexpected behaviour, thanks Stephen Gran (Closes: #319762). caff: + now handles attribute UIDs (Closes: #316278). + now detects all invalid keyids (Closes: #317754). + allows to BCC the signer, thanks Joost van Baal (Closes: #316176). + new option to pause before continuing to the signing step, thanks Christof Douma (Closes: #316129). + create unique attachment filenames, thanks Robin H. Johnson (Closes: #318469). + let caff import keys from file, thanks Jon Åslund (Closes: #318744). + Improve diagnosis if caff can't read answers from STDIN, like when people use xargs (Closes: #319519). * Depend on libtext-template-perl as caff needs it. * Update to Standards-Version 3.6.2, no changes necessary. * Add gpglist to distribution. -- Peter Palfrader Sun, 7 Aug 2005 21:32:23 +0200 signing-party (0.4.0-1) unstable; urgency=low * Merging signing-party with pgp-tools, now contains caff and gpgsigs as well. * Update gpg-mailkeys man page to list environment vars introduced in 0.3.0 (Closes: #310418). -- Thijs Kinkhorst Wed, 8 Jun 2005 19:49:11 +0200 signing-party (0.3.0-1) unstable; urgency=low * New maintainer, Simon is moving to co-maintenance. * New upstream release: + Fix missing section number from manpages. (fixes Lintian warnings) + Add more documentation (README, and in gpg-mailkeys). + In gpg-key2ps: - Add handling for 'tru' and 'uat' packets. (Closes: #222664) - Change env.var PAPERCONF to PAPERSIZE due to changed behaviour since libpaper-1.1.13. (Closes: #172698) - Truncate too long UIDs so they don't mess up the keys next to them. (Closes: #171846) + In gpg-mailkeys: - Send the key as an attachment. (Closes: #176245) - Make gpg-mailkeys messages more customizable. (Closes: #200070) - By default, let sendmail determine the From-line (more reliable). * Update to Standards-Version 3.6.1 (no changes necessary). * Depend on libpaper-utils >= 1.1.13. * Clarify copyright / maintainer documentation. -- Thijs Kinkhorst Sat, 5 Mar 2005 14:39:24 +0100 keyanalyze (0.0.200204-1) unstable; urgency=low * Initial release (Closes: #238140) * pgpring: - Fixed key ID generation for ElGamal primary keys - Enabled -W -Wall -g -O2 CFLAGS - Fixed type-punning problems - Fixed implicit declaration of exit() - Wrote manpage * process_keys: - Deleted two unused variables - Wrote manpage * keyanalyze: - Rewrote list handling to solve off-by-one problems - Used an array of structs instead of a lot of arrays - Made it accept -i and -o arguments to override the input and output names. - Wrote manpage -- Matthew Wilcox Sat, 19 Jun 2004 13:07:48 -0400 signing-party (0.2.3-2) unstable; urgency=low * Added handling for 'tru' packets -- Simon Richter Mon, 8 Dec 2003 21:54:50 +0100 signing-party (0.2.3-1) unstable; urgency=low * New upstream release (Closes: #180455) -- Simon Richter Sat, 15 Feb 2003 16:09:27 +0100 signing-party (0.2.2.1-1) unstable; urgency=low * Upstream bugfix release (some changes from 0.2 to 0.2.1 dropped out of 0.2.2 again) -- Simon Richter Fri, 1 Nov 2002 12:15:15 +0100 signing-party (0.2.2-1) unstable; urgency=low * Fixed manpage bug (Closes: #137924, #137937) * Upstream changelog now contains data (Closes: #158854) * Finally wrote a real description -- Simon Richter Fri, 4 Oct 2002 22:41:50 +0200 signing-party (0.2.1-1) unstable; urgency=low * New release -- Simon Richter Thu, 29 Aug 2002 17:12:29 +0200 signing-party (0.2-1) unstable; urgency=low * New release * Can now print multiple keys * Supports alternate paper sizes (Closes: #134975) * New script: gpg-mailkeys -- Simon Richter Thu, 21 Feb 2002 22:24:09 +0100 signing-party (0.1-1) unstable; urgency=low * Initial Release (Closes: #117977). -- Simon Richter Fri, 2 Nov 2001 19:33:42 +0100