On Wed, Dec 12, 2007 at 10:03:56AM -0500, William L. Thomson Jr. wrote: > On Wed, 2007-12-12 at 14:30 +0200, Alon Bar-Lev wrote: > > Slotting makes logic if there is some advantage of having both slots > > installed at the same machine, > Guess it's never been clear to you in upstream announcement that gnupg-1 > BENEFITS from gnupg-2 co-existing. Again go back and read the > announcement. > > as gnupg-2 does all gnupg-1 does, > It does NOT, do a comparison of command line args. See the attached diff between the argument parsing. I warned you last time, that it wasn't commandline argumnents, but configure file arguments. Per bug http://bugs.gentoo.org/show_bug.cgi?id=159505, upstream has decreed that nobody should use 'gpg-agent-info' in the configuration file, and instead, should use either the --gpg-agent-info argument to gpg, or set the GPG_AGENT_INFO environment variable.
Upstream Seahorse did get this resolved, per bug http://bugs.gentoo.org/show_bug.cgi?id=164523, which is why GPG2 can go stable now. Evolution and Thunderbird resolved their issues as well, which were much less of a problem, as they only used GPG - not tried to be a gpg-agent replacement like Seahorse. > > there > > is no point in slotting, forcing users to mess with eselect in order > > to resolve the dependency of other packages with gnupg. > You keep bringing up eselect when there is NO need. Apps that are > designed for gnupg2 call gpg2 or link to the -2 version of the .so. > Done, and NO need for eselect. That BS has flown, been sold, or bought > for over a year now :) That is bull, and as the crypto herd, we raised it before. > Try again with some more BS reasons not to slot :) The most common way for applications to use GPG is via libgpgme http://tinderbox.dev.gentoo.org/misc/rindex/app-crypt/gpgme for the large list, KDE is there, so is GNOME [via seahorse]). It's a sucky library IMO, but it's widely used. The core problem with it, is that it execs the GPG binary, and that the location binary chosen for execution is compiled into the library at build-time. That is, if you have /usr/bin/gpg and /usr/bin/gpg2, you can compile it against exactly one of them. If you have it built against GPG1, and happen to need some functionality that is only present in GPG2 (eg SHA-224 message hashes), you need to recompile gpgme to use gpg2, but then you run into trouble with your complaint. Or you could have an eselect module for each non-root user to choose which GPG they wanted, or you could just avoid the entire issue and recommend that everybody upgrades to GPG2. > > You can always mask >=gnupg-2 if you want the 1.X series on embedded > > devices. > Which I have done for my desktop use for >6 months now. Masking to use a > current version of a package version that will continue to be maintained > in the same slot as a newer version is quite stupid. IMHO. I think that GnuPG is going to end up with the following case: - Pick ANY _one_ supported major version of GnuPG, and stick with it. We used to support 1.2 and 1.4 (not slotted, just one-of). Upstream GnuPG stopped 1.2 support, and now we support 1.4 and 2.0. The attached diff shows the difference in the command-line options supported by GPG-1.4.x vs. GPG-2.0.x. - The smartcard reader stuff CCID/CT/*SC has moved to be external. - The list-ownertrust, pipemode, shm-coproc were 1.2 features, marked as deprecated in 1.4, and removed in 2.0. You'll be fine until some GPG-using package wants a feature specific to GPG2, and then you can either complain at the authors of that app, or suck it up and upgrade. -- Robin Hugh Johnson Gentoo Linux Developer & Infra Guy E-Mail : [EMAIL PROTECTED] GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85
This is a comparision between the commandline arguments supported by GnuPG
v1.4.7 and v2.0.7. It was produced by grabbing the 'ARGPARSE_OPTS opts' block
from the g10/gpg.c file in each tarball, joining lines where a single option
spanned multiple lines, then sorting and diffing.
Created-by: Robin H. Johnson <[EMAIL PROTECTED]>
--- gpg1-opts 2007-12-12 18:38:40.000000000 -0800
+++ gpg2-opts 2007-12-12 18:38:44.000000000 -0800
@@ -50,7 +50,6 @@
{ aListKeys, "list-key", 0, "@" }, /* alias */
{ aListKeys, "list-keys", 256, N_("list keys")},
{ aListKeys, "list-public-keys", 256, "@" },
- { aListOwnerTrust, "list-ownertrust", 256, "@"}, /* deprecated */
{ aListPackets, "list-packets",256, "@"},
{ aListSecretKeys, "list-secret-keys", 256, N_("list secret keys")},
{ aListSigs, "list-sig", 0, "@" }, /* alias */
@@ -58,7 +57,6 @@
{ aListTrustDB, "list-trustdb",0 , "@"},
/* { aListTrustPath, "list-trust-path",0, "@"}, */
{ aLSignKey, "lsign-key" ,256, N_("sign a key locally")},
- { aPipeMode, "pipemode", 0, "@" },
{ aPrimegen, "gen-prime" , 256, "@" },
{ aPrintMD, "print-md" , 256, N_("|algo [files]|print message digests")},
{ aPrintMDs, "print-mds" , 256, "@"}, /* old */
@@ -67,6 +65,7 @@
{ aRefreshKeys, "refresh-keys", 256, N_("update all keys from a
keyserver")},
{ aSearchKeys, "search-keys" , 256, N_("search for keys on a key server")
},
{ aSendKeys, "send-keys" , 256, N_("export keys to a key server") },
+ { aServer, "server", 256, N_("run in server mode")},
{ aSignKey, "sign-key" ,256, N_("sign a key")},
{ aSign, "sign", 256, N_("|[file]|make a signature")},
{ aStore, "store", 256, "@"},
@@ -74,6 +73,7 @@
{ aUpdateTrustDB, "update-trustdb",0 , N_("update the trust database")},
{ aVerifyFiles, "verify-files" , 256, "@" },
{ aVerify, "verify" , 256, N_("verify a signature")},
+ { oAgentProgram, "agent-program", 2 , "@" },
{ oAllowFreeformUID, "allow-freeform-uid", 0, "@" },
{ oAllowMultipleMessages, "allow-multiple-messages", 0, "@"},
{ oAllowMultisigVerification, "allow-multisig-verification", 0, "@"},
@@ -109,10 +109,9 @@
{ oCompressLevel, "compress-level", 1, "@" },
{ oCompress, NULL, 1, N_("|N|set compress level N (0 disables)") },
{ oCompressSigs, "compress-sigs",0, "@"},
- { octapiDriver, "ctapi-driver", 2, "@"},
{ oDebugAll, "debug-all" ,0, "@"},
- { oDebugCCIDDriver, "debug-ccid-driver", 0, "@"},
{ oDebug, "debug" ,4|16, "@"},
+ { oDebugLevel, "debug-level" ,2, "@"},
{ oDefaultComment, "default-comment", 0, "@" },
{ oDefaultKey, "default-key", 2, "@"},
{ oDefaultKeyserverURL, "default-keyserver-url", 2, "@"},
@@ -124,7 +123,6 @@
{ oDefRecipientSelf, "default-recipient-self", 0, "@"},
{ oDefSigExpire, "default-sig-expire", 2, "@"},
{ oDigestAlgo, "digest-algo", 2, "@"},
- { oDisableCCID, "disable-ccid", 0, "@"},
{ oDisableCipherAlgo, "disable-cipher-algo", 2, "@" },
{ oDisableDSA2, "disable-dsa2", 0, "@"},
{ oDisableMDC, "disable-mdc", 0, "@"},
@@ -172,7 +170,6 @@
{ oKeyring, "keyring", 2, "@"},
{ oKeyServer, "keyserver", 2, "@"},
{ oKeyServerOptions, "keyserver-options",2,"@"},
- { oKOption, NULL, 0, "@"},
{ oLCctype, "lc-ctype", 2, "@" },
{ oLCmessages, "lc-messages", 2, "@" },
{ oLimitCardInsertTries, "limit-card-insert-tries", 1, "@"},
@@ -185,7 +182,7 @@
{ oLockNever, "lock-never", 0, "@" },
{ oLockOnce, "lock-once", 0, "@" },
{ oLoggerFD, "logger-fd",1, "@" },
- { oLoggerFile, "logger-file",2, "@" },
+ { oLoggerFile, "log-file",2, "@" },
{ oMangleDosFilenames, "mangle-dos-filenames", 0, "@" },
{ oMarginalsNeeded, "marginals-needed", 1, "@"},
{ oMaxCertDepth, "max-cert-depth", 1, "@" },
@@ -257,7 +254,6 @@
{ oPasswdFile, "passphrase-file",2, "@" },
{ oPasswd, "passphrase",2, "@" },
{ oPasswdRepeat, "passphrase-repeat", 1, "@"},
- { opcscDriver, "pcsc-driver", 2, "@"},
{ oPersonalCipherPreferences, "personal-cipher-preferences", 2, "@"},
{ oPersonalCipherPreferences, "personal-cipher-prefs", 2, "@"},
{ oPersonalCompressPreferences, "personal-compress-preferences", 2, "@"},
@@ -271,9 +267,8 @@
{ oPhotoViewer, "photo-viewer", 2, "@" },
{ oPreservePermissions, "preserve-permissions", 0, "@"},
{ oPrimaryKeyring, "primary-keyring",2, "@" },
- { oQuickRandom, "quick-random", 0, "@"},
+ { oQuickRandom, "debug-quick-random", 0, "@"},
{ oQuiet, "quiet", 0, "@"},
- { oReaderPort, "reader-port", 2, "@"},
{ oRecipient, "recipient", 2, N_("|NAME|encrypt for NAME")},
{ oRecipient, "remote-user", 2, "@"}, /* old option name */
{ oRecipient, "user", 2, "@" },
@@ -283,7 +278,6 @@
{ oRFC1991, "rfc1991", 0, "@"},
{ oRFC2440, "rfc2440", 0, "@" },
{ oRFC2440Text, "rfc2440-text", 0, "@"},
- { oRunAsShmCP, "run-as-shm-coprocess", 4, "@" },
{ oS2KCipher, "s2k-cipher-algo", 2, "@"},
{ oS2KCount, "s2k-count", 1, "@"},
{ oS2KDigest, "s2k-digest-algo", 2, "@"},
pgp6d8HF4EXEm.pgp
Description: PGP signature
