GNUPG-1-9-BRANCH gnupg (7 files)
cvs user wk
cvs at cvs.gnupg.org
Fri Dec 3 18:37:28 CET 2004
Date: Friday, December 3, 2004 @ 18:44:57
Author: wk
Path: /cvs/gnupg/gnupg
Tag: GNUPG-1-9-BRANCH
Added: build-w32.sh
Modified: ChangeLog NEWS configure.ac po/de.po sm/ChangeLog sm/certchain.c
Preparing 1.9.13
----------------+
ChangeLog | 5 ++-
NEWS | 6 +++
build-w32.sh | 10 ++++++
configure.ac | 2 -
po/de.po | 86 ++++++++++++++++++++++++++-----------------------------
sm/ChangeLog | 6 +++
sm/certchain.c | 21 ++++++++++---
7 files changed, 84 insertions(+), 52 deletions(-)
Index: gnupg/ChangeLog
diff -u gnupg/ChangeLog:1.131.2.58 gnupg/ChangeLog:1.131.2.59
--- gnupg/ChangeLog:1.131.2.58 Thu Dec 2 08:48:09 2004
+++ gnupg/ChangeLog Fri Dec 3 18:44:57 2004
@@ -1,9 +1,12 @@
+2004-12-03 Werner Koch <wk at g10code.com>
+
+ Released 1.9.13.
+
2004-11-26 Werner Koch <wk at g10code.com>
* configure.ac: Replace strsep. Replaced use of "target" by
"host".
-
2004-10-22 Werner Koch <wk at g10code.com>
Released 1.9.12.
Index: gnupg/NEWS
diff -u gnupg/NEWS:1.165.2.57 gnupg/NEWS:1.165.2.58
--- gnupg/NEWS:1.165.2.57 Fri Oct 22 21:57:03 2004
+++ gnupg/NEWS Fri Dec 3 18:44:57 2004
@@ -1,6 +1,10 @@
-Noteworthy changes in version 1.9.13
+Noteworthy changes in version 1.9.13 (2004-12-03)
-------------------------------------------------
+ * [gpgsm] New option --prefer-system-dirmngr.
+
+ * Minor cleanups and debbuging aids.
+
Noteworthy changes in version 1.9.12 (2004-10-22)
-------------------------------------------------
Index: gnupg/build-w32.sh
diff -u /dev/null gnupg/build-w32.sh:1.1.2.1
--- /dev/null Fri Dec 3 18:44:58 2004
+++ gnupg/build-w32.sh Fri Dec 3 18:44:57 2004
@@ -0,0 +1,10 @@
+ ./configure --enable-maintainer-mode --prefix=/home/wk/w32root \
+ --host=i586-mingw32msvc --build=`scripts/config.guess` \
+ --with-gpg-error-prefix=/home/wk/w32root \
+ --with-ksba-prefix=/home/wk/w32root \
+ --with-libgcrypt-prefix=/home/wk/w32root \
+ --with-libassuan-prefix=/home/wk/w32root \
+ --with-zlib=/home/wk/w32root
+
+
+
Index: gnupg/configure.ac
diff -u gnupg/configure.ac:1.36.2.68 gnupg/configure.ac:1.36.2.69
--- gnupg/configure.ac:1.36.2.68 Thu Dec 2 08:48:09 2004
+++ gnupg/configure.ac Fri Dec 3 18:44:57 2004
@@ -24,7 +24,7 @@
# Version number: Remember to change it immediately *after* a release.
# Add a "-cvs" prefix for non-released code.
-AC_INIT(gnupg, 1.9.13-cvs, gnupg-devel at gnupg.org)
+AC_INIT(gnupg, 1.9.13, gnupg-devel at gnupg.org)
# Set development_version to yes if the minor number is odd or you
# feel that the default check for a development version is not
# sufficient.
Index: gnupg/po/de.po
diff -u gnupg/po/de.po:1.84.2.14 gnupg/po/de.po:1.84.2.15
--- gnupg/po/de.po:1.84.2.14 Wed Nov 24 15:50:19 2004
+++ gnupg/po/de.po Fri Dec 3 18:44:55 2004
@@ -10,7 +10,7 @@
msgstr ""
"Project-Id-Version: gnupg2 1.9.10\n"
"Report-Msgid-Bugs-To: translations at gnupg.org\n"
-"POT-Creation-Date: 2004-11-24 15:41+0100\n"
+"POT-Creation-Date: 2004-12-03 18:30+0100\n"
"PO-Revision-Date: 2004-11-24 15:43+0100\n"
"Last-Translator: Werner Koch <wk at gnupg.org>\n"
"Language-Team: de\n"
@@ -100,12 +100,12 @@
msgstr "erlaube Aufrufern Schlüssel als \"vertrauenswürdig\" zu markieren"
#: agent/gpg-agent.c:195 agent/protect-tool.c:134 scd/scdaemon.c:168
-#: sm/gpgsm.c:487 tools/gpgconf.c:85
+#: sm/gpgsm.c:491 tools/gpgconf.c:85
msgid "Please report bugs to <"
msgstr "Fehlerberichte bitte an <"
#: agent/gpg-agent.c:195 agent/protect-tool.c:134 scd/scdaemon.c:168
-#: sm/gpgsm.c:487 tools/gpgconf.c:85
+#: sm/gpgsm.c:491 tools/gpgconf.c:85
msgid ">.\n"
msgstr ">.\n"
@@ -121,30 +121,30 @@
"Syntax: gpg-agent [Optionen] [Kommando [Argumente]]\n"
"Verwaltung von geheimen Schlüssel für GnuPG\n"
-#: agent/gpg-agent.c:271 scd/scdaemon.c:242 sm/gpgsm.c:605
+#: agent/gpg-agent.c:271 scd/scdaemon.c:242 sm/gpgsm.c:609
#, c-format
msgid "invalid debug-level `%s' given\n"
msgstr "ungültige Debugebene `%s' angegeben\n"
#: agent/gpg-agent.c:448 agent/protect-tool.c:1050 kbx/kbxutil.c:431
-#: scd/scdaemon.c:357 sm/gpgsm.c:728
+#: scd/scdaemon.c:357 sm/gpgsm.c:730
#, c-format
msgid "libgcrypt is too old (need %s, have %s)\n"
msgstr ""
"Die Bibliothek \"libgcrypt\" is zu alt (benötigt wird %s, vorhanden ist %s)\n"
-#: agent/gpg-agent.c:521 scd/scdaemon.c:437 sm/gpgsm.c:826
+#: agent/gpg-agent.c:521 scd/scdaemon.c:437 sm/gpgsm.c:828
#, c-format
msgid "NOTE: no default option file `%s'\n"
msgstr "Notiz: Voreingestellte Konfigurationsdatei `%s' fehlt\n"
#: agent/gpg-agent.c:526 agent/gpg-agent.c:1000 scd/scdaemon.c:442
-#: sm/gpgsm.c:830
+#: sm/gpgsm.c:832
#, c-format
msgid "option file `%s': %s\n"
msgstr "Konfigurationsdatei `%s': %s\n"
-#: agent/gpg-agent.c:534 scd/scdaemon.c:450 sm/gpgsm.c:837
+#: agent/gpg-agent.c:534 scd/scdaemon.c:450 sm/gpgsm.c:839
#, c-format
msgid "reading options from `%s'\n"
msgstr "Optionen werden aus `%s' gelesen\n"
@@ -163,11 +163,11 @@
msgid "no gpg-agent running in this session\n"
msgstr "Der gpg-agent läuft nicht für diese Session\n"
-#: agent/gpg-agent.c:1257 common/simple-pwquery.c:286 sm/call-agent.c:128
+#: agent/gpg-agent.c:1257 common/simple-pwquery.c:293 sm/call-agent.c:128
msgid "malformed GPG_AGENT_INFO environment variable\n"
msgstr "Die Variable GPG_AGENT_INFO ist fehlerhaft\n"
-#: agent/gpg-agent.c:1269 common/simple-pwquery.c:298 sm/call-agent.c:140
+#: agent/gpg-agent.c:1269 common/simple-pwquery.c:305 sm/call-agent.c:140
#, c-format
msgid "gpg-agent protocol version %d is not supported\n"
msgstr "Das gpg-agent Protocol %d wird nicht unterstützt\n"
@@ -302,32 +302,32 @@
msgid "Warning: unsafe permissions on %s \"%s\"\n"
msgstr "WARNUNG: Unsichere Zugriffsrechte für %s \"%s\"\n"
-#: common/simple-pwquery.c:272
+#: common/simple-pwquery.c:279
msgid "gpg-agent is not available in this session\n"
msgstr "Der gpg-agent ist nicht verfügbar\n"
-#: common/simple-pwquery.c:320
+#: common/simple-pwquery.c:327
#, c-format
msgid "can't connect to `%s': %s\n"
msgstr "Verbindung zu `%s' kann nicht aufgebaut werden: %s\n"
-#: common/simple-pwquery.c:331
+#: common/simple-pwquery.c:338
msgid "communication problem with gpg-agent\n"
msgstr "Kommunikationsproblem mit gpg-agent\n"
-#: common/simple-pwquery.c:341
+#: common/simple-pwquery.c:348
msgid "problem setting the gpg-agent options\n"
msgstr "Beim setzen der gpg-agent Optionen ist ein problem aufgetreten\n"
-#: common/simple-pwquery.c:479
+#: common/simple-pwquery.c:487
msgid "canceled by user\n"
msgstr "Vom Benutzer abgebrochen\n"
-#: common/simple-pwquery.c:486
+#: common/simple-pwquery.c:494
msgid "problem with the agent\n"
msgstr "Problem mit dem Agenten\n"
-#: jnlib/logging.c:625
+#: jnlib/logging.c:627
#, c-format
msgid "you found a bug ... (%s:%d)\n"
msgstr "Sie haben einen Bug (Softwarefehler) gefunden ... (%s:%d)\n"
@@ -651,7 +651,7 @@
msgid "number of issuers matching: %d\n"
msgstr "Anzahl der übereinstimmenden Heruasgeber: %d\n"
-#: sm/certchain.c:403 sm/certchain.c:562 sm/certchain.c:922 sm/decrypt.c:260
+#: sm/certchain.c:403 sm/certchain.c:562 sm/certchain.c:931 sm/decrypt.c:260
#: sm/encrypt.c:341 sm/sign.c:324 sm/verify.c:106
msgid "failed to allocated keyDB handle\n"
msgstr "Ein keyDB Handle konnte nicht bereitgestellt werden\n"
@@ -699,43 +699,43 @@
msgid "selfsigned certificate has a BAD signature"
msgstr "Das eigenbeglaubigte Zertifikat hat eine FALSCHE Signatur"
-#: sm/certchain.c:675
+#: sm/certchain.c:679
msgid "root certificate is not marked trusted"
msgstr "Das Wurzelzertifikat ist nicht als vertrauenswürdig markiert"
-#: sm/certchain.c:686
+#: sm/certchain.c:690
#, c-format
msgid "fingerprint=%s\n"
msgstr "Fingerprint=%s\n"
-#: sm/certchain.c:691
+#: sm/certchain.c:695
msgid "root certificate has now been marked as trusted\n"
msgstr "Das Wurzelzertifikat wurde nun als vertrauenswürdig markiert\n"
-#: sm/certchain.c:706
+#: sm/certchain.c:710
#, c-format
msgid "checking the trust list failed: %s\n"
msgstr "Fehler beim Prüfen der vertrauenswürdigen Zertifikate: %s\n"
-#: sm/certchain.c:732 sm/import.c:166
+#: sm/certchain.c:736 sm/import.c:166
msgid "certificate chain too long\n"
msgstr "Der Zertifikatkette ist zu lang\n"
-#: sm/certchain.c:744
+#: sm/certchain.c:748
msgid "issuer certificate not found"
msgstr "Herausgeberzertifikat nicht gefunden"
-#: sm/certchain.c:777
+#: sm/certchain.c:781
msgid "certificate has a BAD signature"
msgstr "Das Zertifikat hat eine FALSCHE Signatur"
-#: sm/certchain.c:800
+#: sm/certchain.c:809
msgid "found another possible matching CA certificate - trying again"
msgstr ""
"Eine anderes möglicherweise passendes CA-Zertifikat gefunden - versuche "
"nochmal"
-#: sm/certchain.c:823
+#: sm/certchain.c:832
#, c-format
msgid "certificate chain longer than allowed by CA (%d)"
msgstr "Die Zertifikatkette ist länger als von der CA erlaubt (%d)"
@@ -1052,11 +1052,11 @@
" --list-keys [Namen] Schlüssel anzeigenn\n"
" --fingerprint [Namen] \"Fingerabdrücke\" anzeigen\\n\n"
-#: sm/gpgsm.c:490
+#: sm/gpgsm.c:494
msgid "Usage: gpgsm [options] [files] (-h for help)"
msgstr "Gebrauch: gpgsm [Optionen] [Dateien] (-h für Hilfe)"
-#: sm/gpgsm.c:493
+#: sm/gpgsm.c:497
msgid ""
"Syntax: gpgsm [options] [files]\n"
"sign, check, encrypt or decrypt using the S/MIME protocol\n"
@@ -1065,7 +1065,7 @@
"Gebrauch: gpgsm [Optionen] [Dateien]\n"
"Signieren, prüfen, ver- und entschlüsseln mittels S/MIME protocol\n"
-#: sm/gpgsm.c:500
+#: sm/gpgsm.c:504
msgid ""
"\n"
"Supported algorithms:\n"
@@ -1073,50 +1073,50 @@
"\n"
"Unterstützte Algorithmen:\n"
-#: sm/gpgsm.c:576
+#: sm/gpgsm.c:580
msgid "usage: gpgsm [options] "
msgstr "Gebrauch: gpgsm [Optionen] "
-#: sm/gpgsm.c:642
+#: sm/gpgsm.c:645
msgid "conflicting commands\n"
msgstr "Widersprechende Kommandos\n"
-#: sm/gpgsm.c:658
+#: sm/gpgsm.c:661
#, c-format
msgid "can't encrypt to `%s': %s\n"
msgstr "Verschlüsseln für `%s' nicht möglich: %s\n"
-#: sm/gpgsm.c:733
+#: sm/gpgsm.c:735
#, c-format
msgid "libksba is too old (need %s, have %s)\n"
msgstr "Die Bibliothek Libksba is nicht aktuell (benötige %s, habe %s)\n"
-#: sm/gpgsm.c:1181
+#: sm/gpgsm.c:1183
msgid "WARNING: program may create a core file!\n"
msgstr "WARNUNG: Programm könnte eine core-dump-Datei schreiben!\n"
-#: sm/gpgsm.c:1193
+#: sm/gpgsm.c:1195
msgid "WARNING: running with faked system time: "
msgstr "WARNUNG: Ausführung mit gefälschter Systemzeit: "
-#: sm/gpgsm.c:1219
+#: sm/gpgsm.c:1221
msgid "selected cipher algorithm is invalid\n"
msgstr "Das ausgewählte Verschlüsselungsverfahren ist ungültig\n"
-#: sm/gpgsm.c:1227
+#: sm/gpgsm.c:1229
msgid "selected digest algorithm is invalid\n"
msgstr "Das ausgewählte Hashverfahren ist ungültig\n"
-#: sm/gpgsm.c:1257
+#: sm/gpgsm.c:1259
#, c-format
msgid "can't sign using `%s': %s\n"
msgstr "Signieren mit `%s' nicht möglich: %s\n"
-#: sm/gpgsm.c:1423
+#: sm/gpgsm.c:1425
msgid "this command has not yet been implemented\n"
msgstr "Diee Kommando wurde noch nicht implementiert\n"
-#: sm/gpgsm.c:1646 sm/gpgsm.c:1679
+#: sm/gpgsm.c:1648 sm/gpgsm.c:1681
#, c-format
msgid "can't open `%s': %s\n"
msgstr "Datei `%s' kann nicht geöffnet werden: %s\n"
@@ -1385,10 +1385,6 @@
msgid "Configuration for OCSP"
msgstr "Konfiguration zu OCSP"
-#, fuzzy
-#~ msgid "passphrase (CHV%d) is too short; minimum length is %d\n"
-#~ msgstr "Die Passphrase (CHV%d) ist zu kurz; Mindestlänge ist %d\n"
-
#~ msgid "Usage: sc-investigate [options] (-h for help)\n"
#~ msgstr "Gebrauch: sc-investigate [Optionen] (-h für Hilfe)\n"
Index: gnupg/sm/ChangeLog
diff -u gnupg/sm/ChangeLog:1.101.2.75 gnupg/sm/ChangeLog:1.101.2.76
--- gnupg/sm/ChangeLog:1.101.2.75 Thu Dec 2 08:48:08 2004
+++ gnupg/sm/ChangeLog Fri Dec 3 18:44:54 2004
@@ -1,3 +1,9 @@
+2004-12-02 Werner Koch <wk at g10code.com>
+
+ * certchain.c (gpgsm_basic_cert_check): Dump certs with bad
+ signature for debugging.
+ (gpgsm_validate_chain): Ditto.
+
2004-11-29 Werner Koch <wk at g10code.com>
* gpgsm.c (set_debug): Changed to use a globals DEBUG_LEVEL and
Index: gnupg/sm/certchain.c
diff -u gnupg/sm/certchain.c:1.32.2.19 gnupg/sm/certchain.c:1.32.2.20
--- gnupg/sm/certchain.c:1.32.2.19 Fri Oct 8 13:10:47 2004
+++ gnupg/sm/certchain.c Fri Dec 3 18:44:54 2004
@@ -292,7 +292,7 @@
keydb_search_reset (kh);
/* In case of an error try the ephemeral DB. We can't do
- that in find-netx mode because we can't keep the search
+ that in find-next mode because we can't keep the search
state then. */
if (rc == -1 && !find_next)
{
@@ -311,7 +311,7 @@
signature because it is not the correct one. */
if (rc == -1)
{
- log_info ("issuer certificate (#");
+ log_info ("%sissuer certificate (#", find_next?"next ":"");
gpgsm_dump_serial (authidno);
log_printf ("/");
gpgsm_dump_string (s);
@@ -565,7 +565,7 @@
}
if (DBG_X509 && !listmode)
- gpgsm_dump_cert ("subject", cert);
+ gpgsm_dump_cert ("target", cert);
subject_cert = cert;
maxdepth = 50;
@@ -659,6 +659,10 @@
{
do_list (1, lm, fp,
_("selfsigned certificate has a BAD signature"));
+ if (DBG_X509)
+ {
+ gpgsm_dump_cert ("self-signing cert", subject_cert);
+ }
rc = gpg_error (depth? GPG_ERR_BAD_CERT_CHAIN
: GPG_ERR_BAD_CERT);
goto leave;
@@ -775,10 +779,15 @@
if (rc)
{
do_list (0, lm, fp, _("certificate has a BAD signature"));
+ if (DBG_X509)
+ {
+ gpgsm_dump_cert ("signing issuer", issuer_cert);
+ gpgsm_dump_cert ("signed subject", subject_cert);
+ }
if (gpg_err_code (rc) == GPG_ERR_BAD_SIGNATURE)
{
/* We now try to find other issuer certificates which
- might have been used. This is rquired because some
+ might have been used. This is required because some
CAs are reusing the issuer and subject DN for new
root certificates. */
rc = find_up (kh, subject_cert, issuer, 1);
@@ -940,6 +949,10 @@
{
log_error ("selfsigned certificate has a BAD signature: %s\n",
gpg_strerror (rc));
+ if (DBG_X509)
+ {
+ gpgsm_dump_cert ("self-signing cert", cert);
+ }
rc = gpg_error (GPG_ERR_BAD_CERT);
goto leave;
}
More information about the Gnupg-commits
mailing list