From cvs at cvs.gnupg.org Mon Aug 1 15:17:42 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon Aug 1 14:50:43 2005 Subject: [svn] GnuPG - r3845 - branches/GNUPG-1-9-BRANCH/po Message-ID: Author: wk Date: 2005-08-01 15:17:42 +0200 (Mon, 01 Aug 2005) New Revision: 3845 Modified: branches/GNUPG-1-9-BRANCH/po/ChangeLog branches/GNUPG-1-9-BRANCH/po/de.po Log: Fixed Umlaut problem Modified: branches/GNUPG-1-9-BRANCH/po/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/po/ChangeLog 2005-07-29 07:32:32 UTC (rev 3844) +++ branches/GNUPG-1-9-BRANCH/po/ChangeLog 2005-08-01 13:17:42 UTC (rev 3845) @@ -1,3 +1,7 @@ +2005-08-01 Werner Koch + + * de.po: Converted to utf-8; fixed a few umlaut problems. + 2005-04-21 Werner Koch * de.po: Fixed all fuzzies and untranslated strings. Modified: branches/GNUPG-1-9-BRANCH/po/de.po =================================================================== --- branches/GNUPG-1-9-BRANCH/po/de.po 2005-07-29 07:32:32 UTC (rev 3844) +++ branches/GNUPG-1-9-BRANCH/po/de.po 2005-08-01 13:17:42 UTC (rev 3845) @@ -1,4 +1,4 @@ -# German translation for GnuPG 1.9.x -*-coding: latin-1;-*- +# German translation for GnuPG 1.9.x # Copyright (C) 2002, 2004, 2005 Free Software Foundation, Inc. # Werner Koch , 2002. # @@ -8,14 +8,14 @@ # msgid "" msgstr "" -"Project-Id-Version: gnupg2 1.9.16\n" +"Project-Id-Version: gnupg2 1.9.18\n" "Report-Msgid-Bugs-To: translations@gnupg.org\n" "POT-Creation-Date: 2005-06-16 09:12+0200\n" -"PO-Revision-Date: 2005-06-20 19:12+0200\n" +"PO-Revision-Date: 2005-08-01 14:44+0200\n" "Last-Translator: Werner Koch \n" "Language-Team: de\n" "MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=iso-8859-1\n" +"Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" #: agent/gpg-agent.c:108 agent/protect-tool.c:108 scd/scdaemon.c:99 @@ -28,16 +28,16 @@ #: agent/gpg-agent.c:110 scd/scdaemon.c:101 msgid "run in server mode (foreground)" -msgstr "Im Server Modus ausführen" +msgstr "Im Server Modus ausführen" #: agent/gpg-agent.c:111 scd/scdaemon.c:104 msgid "run in daemon mode (background)" -msgstr "Im Daemon Modus ausführen" +msgstr "Im Daemon Modus ausführen" #: agent/gpg-agent.c:112 kbx/kbxutil.c:81 scd/scdaemon.c:105 sm/gpgsm.c:329 #: tools/gpgconf.c:62 msgid "verbose" -msgstr "ausführlich" +msgstr "ausführlich" #: agent/gpg-agent.c:113 kbx/kbxutil.c:82 scd/scdaemon.c:106 sm/gpgsm.c:330 msgid "be somewhat more quiet" @@ -45,11 +45,11 @@ #: agent/gpg-agent.c:114 scd/scdaemon.c:107 msgid "sh-style command output" -msgstr "Ausgabe für /bin/sh" +msgstr "Ausgabe für /bin/sh" #: agent/gpg-agent.c:115 scd/scdaemon.c:108 msgid "csh-style command output" -msgstr "Ausgabe für /bin/csh" +msgstr "Ausgabe für /bin/csh" #: agent/gpg-agent.c:116 msgid "|FILE|read options from FILE" @@ -69,7 +69,7 @@ #: agent/gpg-agent.c:125 msgid "use a standard location for the socket" -msgstr "Benutze einen Standardnamen für den Socket" +msgstr "Benutze einen Standardnamen für den Socket" #: agent/gpg-agent.c:129 msgid "|PGM|use PGM as the PIN-Entry program" @@ -101,7 +101,7 @@ #: agent/gpg-agent.c:151 msgid "allow clients to mark keys as \"trusted\"" -msgstr "erlaube Aufrufern Schlüssel als \"vertrauenswürdig\" zu markieren" +msgstr "erlaube Aufrufern Schlüssel als \"vertrauenswürdig\" zu markieren" #: agent/gpg-agent.c:153 msgid "allow presetting passphrase" @@ -127,7 +127,7 @@ #: agent/gpg-agent.c:238 msgid "Usage: gpg-agent [options] (-h for help)" -msgstr "Gebrauch: gpg-agent [Optionen] (-h für Hilfe)" +msgstr "Gebrauch: gpg-agent [Optionen] (-h für Hilfe)" #: agent/gpg-agent.c:240 msgid "" @@ -135,19 +135,19 @@ "Secret key management for GnuPG\n" msgstr "" "Syntax: gpg-agent [Optionen] [Kommando [Argumente]]\n" -"Verwaltung von geheimen Schlüssel für GnuPG\n" +"Verwaltung von geheimen Schlüssel für GnuPG\n" #: agent/gpg-agent.c:311 scd/scdaemon.c:257 sm/gpgsm.c:632 #, c-format msgid "invalid debug-level `%s' given\n" -msgstr "ungültige Debugebene `%s' angegeben\n" +msgstr "ungültige Debugebene `%s' angegeben\n" #: agent/gpg-agent.c:482 agent/protect-tool.c:1072 kbx/kbxutil.c:431 #: scd/scdaemon.c:349 sm/gpgsm.c:753 #, c-format msgid "libgcrypt is too old (need %s, have %s)\n" msgstr "" -"Die Bibliothek \"libgcrypt\" is zu alt (benötigt wird %s, vorhanden ist %s)\n" +"Die Bibliothek \"libgcrypt\" is zu alt (benötigt wird %s, vorhanden ist %s)\n" #: agent/gpg-agent.c:574 scd/scdaemon.c:424 sm/gpgsm.c:854 #, c-format @@ -198,7 +198,7 @@ #: agent/gpg-agent.c:1218 scd/scdaemon.c:983 #, c-format msgid "listening on socket `%s'\n" -msgstr "Es wird auf Socket `%s' gehört\n" +msgstr "Es wird auf Socket `%s' gehört\n" #: agent/gpg-agent.c:1246 agent/gpg-agent.c:1288 #, c-format @@ -208,7 +208,7 @@ #: agent/gpg-agent.c:1294 #, c-format msgid "stat() failed for `%s': %s\n" -msgstr "stat() Aufruf für `%s' fehlgeschlagen: %s\n" +msgstr "stat() Aufruf für `%s' fehlgeschlagen: %s\n" #: agent/gpg-agent.c:1298 #, c-format @@ -218,22 +218,22 @@ #: agent/gpg-agent.c:1396 #, c-format msgid "handler 0x%lx for fd %d started\n" -msgstr "Handhabungsroutine 0x%lx für fd %d gestartet\n" +msgstr "Handhabungsroutine 0x%lx für fd %d gestartet\n" #: agent/gpg-agent.c:1406 #, c-format msgid "handler 0x%lx for fd %d terminated\n" -msgstr "Handhabungsroutine 0x%lx für den fd %d beendet\n" +msgstr "Handhabungsroutine 0x%lx für den fd %d beendet\n" #: agent/gpg-agent.c:1420 #, c-format msgid "ssh handler 0x%lx for fd %d started\n" -msgstr "SSH Handhabungsroutine 0x%lx für fd %d gestartet\n" +msgstr "SSH Handhabungsroutine 0x%lx für fd %d gestartet\n" #: agent/gpg-agent.c:1427 #, c-format msgid "ssh handler 0x%lx for fd %d terminated\n" -msgstr "SSH Handhabungsroutine 0x%lx für fd %d beendet\n" +msgstr "SSH Handhabungsroutine 0x%lx für fd %d beendet\n" #: agent/gpg-agent.c:1521 scd/scdaemon.c:1099 #, c-format @@ -256,11 +256,11 @@ #: agent/gpg-agent.c:1648 common/simple-pwquery.c:335 sm/call-agent.c:155 #, c-format msgid "gpg-agent protocol version %d is not supported\n" -msgstr "Das gpg-agent Protocol %d wird nicht unterstützt\n" +msgstr "Das gpg-agent Protocol %d wird nicht unterstützt\n" #: agent/protect-tool.c:145 msgid "Usage: gpg-protect-tool [options] (-h for help)\n" -msgstr "Gebrauch: gpg-protect-tool [Optionen] (-h für Hilfe)\n" +msgstr "Gebrauch: gpg-protect-tool [Optionen] (-h für Hilfe)\n" #: agent/protect-tool.c:147 msgid "" @@ -268,7 +268,7 @@ "Secret key maintenance tool\n" msgstr "" "Syntax: gpg-protect-tool [Optionen] [Argumente]\n" -"Werkzeug zum Bearbeiten von geheimen Schlüsseln\n" +"Werkzeug zum Bearbeiten von geheimen Schlüsseln\n" #: agent/protect-tool.c:1205 msgid "Please enter the passphrase to unprotect the PKCS#12 object." @@ -297,11 +297,11 @@ "needed to complete this operation." msgstr "" "Die Eingabe des Mantras (Passphrase) bzw. der PIN\n" -"wird benötigt um diese Aktion auszuführen." +"wird benötigt um diese Aktion auszuführen." #: agent/protect-tool.c:1220 agent/genkey.c:131 agent/genkey.c:238 msgid "does not match - try again" -msgstr "Keine Übereinstimmung - bitte nochmal versuchen" +msgstr "Keine Ãœbereinstimmung - bitte nochmal versuchen" #: agent/protect-tool.c:1221 msgid "Passphrase:" @@ -337,7 +337,7 @@ #, c-format msgid "Please enter the passphrase to%0Ato protect your new key" msgstr "" -"Bitte geben Sie das Mantra (Passphrase) ein%0Aum Ihren Schlüssel zu schützen" +"Bitte geben Sie das Mantra (Passphrase) ein%0Aum Ihren Schlüssel zu schützen" #: agent/genkey.c:217 msgid "Please enter the new passphrase" @@ -353,7 +353,7 @@ "Please enter your PIN, so that the secret key can be unlocked for this " "session" msgstr "" -"Bitte geben Sie Ihre PIN ein, so daß der geheime Schlüssel benutzt werden " +"Bitte geben Sie Ihre PIN ein, so daß der geheime Schlüssel benutzt werden " "kann" #: agent/query.c:335 @@ -361,7 +361,7 @@ "Please enter your passphrase, so that the secret key can be unlocked for " "this session" msgstr "" -"Bitte geben Sie Ihr Mantra (Passphrase) ein, so daß der geheime Schlüssel " +"Bitte geben Sie Ihr Mantra (Passphrase) ein, so daß der geheime Schlüssel " "benutzt werden kann" #: agent/query.c:393 agent/query.c:405 @@ -374,7 +374,7 @@ #: agent/query.c:402 msgid "Invalid characters in PIN" -msgstr "Ungültige Zeichen in der PIN" +msgstr "Ungültige Zeichen in der PIN" #: agent/query.c:407 msgid "PIN too short" @@ -407,7 +407,7 @@ "Please verify that the certificate identified as:%%0A \"%s\"%%0Ahas the " "fingerprint:%%0A %s" msgstr "" -"Bitte prüfen Sie, daß das Zertifikat mit dem Namen:%%0A \"%s\"%%0Afolgenden " +"Bitte prüfen Sie, daß das Zertifikat mit dem Namen:%%0A \"%s\"%%0Afolgenden " "Fingerabdruck hat:%%0A %s" #. TRANSLATORS: "Correct" is the label of a button and intended to @@ -431,8 +431,8 @@ "Do you ultimately trust%%0A \"%s\"%%0Ato correctly certify user " "certificates?" msgstr "" -"Wenn Sie vollständiges Vertrauen haben, daß%%0A \"%s\"%%" -"0ABenutzerzertifikate verläßlich zertifiziert, so antworten Sie mit \"Ja\"" +"Wenn Sie vollständiges Vertrauen haben, daß%%0A \"%s\"%%" +"0ABenutzerzertifikate verläßlich zertifiziert, so antworten Sie mit \"Ja\"" #: agent/trustlist.c:342 msgid "Yes" @@ -452,16 +452,16 @@ #: common/sysutils.c:182 #, c-format msgid "Warning: unsafe ownership on %s \"%s\"\n" -msgstr "WARNUNG: Unsichere Besitzrechte für %s \"%s\"\n" +msgstr "WARNUNG: Unsichere Besitzrechte für %s \"%s\"\n" #: common/sysutils.c:214 #, c-format msgid "Warning: unsafe permissions on %s \"%s\"\n" -msgstr "WARNUNG: Unsichere Zugriffsrechte für %s \"%s\"\n" +msgstr "WARNUNG: Unsichere Zugriffsrechte für %s \"%s\"\n" #: common/simple-pwquery.c:309 msgid "gpg-agent is not available in this session\n" -msgstr "Der gpg-agent ist nicht verfügbar\n" +msgstr "Der gpg-agent ist nicht verfügbar\n" #: common/simple-pwquery.c:367 #, c-format @@ -509,7 +509,7 @@ #: kbx/kbxutil.c:83 sm/gpgsm.c:337 tools/gpgconf.c:64 msgid "do not make any changes" -msgstr "Keine Änderungen durchführen" +msgstr "Keine Änderungen durchführen" #: kbx/kbxutil.c:85 msgid "set debugging flags" @@ -521,7 +521,7 @@ #: kbx/kbxutil.c:107 msgid "Please report bugs to " -msgstr "Bite richten sie Berichte über Bugs (Softwarefehler) an " +msgstr "Bite richten sie Berichte über Bugs (Softwarefehler) an " #: kbx/kbxutil.c:107 msgid ".\n" @@ -529,7 +529,7 @@ #: kbx/kbxutil.c:111 msgid "Usage: kbxutil [options] [files] (-h for help)" -msgstr "Gebrauch: kbxutil [Optionen] [Dateien] (-h für Hilfe)" +msgstr "Gebrauch: kbxutil [Optionen] [Dateien] (-h für Hilfe)" #: kbx/kbxutil.c:114 msgid "" @@ -541,7 +541,7 @@ #: scd/scdaemon.c:103 msgid "run in multi server mode (foreground)" -msgstr "Im Multiserver Modus ausführen" +msgstr "Im Multiserver Modus ausführen" #: scd/scdaemon.c:109 sm/gpgsm.c:349 msgid "read options from file" @@ -569,7 +569,7 @@ #: scd/scdaemon.c:186 msgid "Usage: scdaemon [options] (-h for help)" -msgstr "Gebrauch: scdaemon [Optionen] (-h für Hilfe)" +msgstr "Gebrauch: scdaemon [Optionen] (-h für Hilfe)" #: scd/scdaemon.c:188 msgid "" @@ -577,23 +577,23 @@ "Smartcard daemon for GnuPG\n" msgstr "" "Synatx: scdaemon [Optionen] [Kommando [Argumente]]\n" -"Smartcard Daemon für GnuPG\n" +"Smartcard Daemon für GnuPG\n" #: scd/scdaemon.c:656 msgid "please use the option `--daemon' to run the program in the background\n" msgstr "" "Bitte die Option `--daemon' nutzen um das Programm im Hintergund " -"auszuführen\n" +"auszuführen\n" #: scd/scdaemon.c:997 #, c-format msgid "handler for fd %d started\n" -msgstr "Handhabungsroutine für fd %d gestartet\n" +msgstr "Handhabungsroutine für fd %d gestartet\n" #: scd/scdaemon.c:1002 #, c-format msgid "handler for fd %d terminated\n" -msgstr "Handhabungsroutine für den fd %d beendet\n" +msgstr "Handhabungsroutine für den fd %d beendet\n" #: scd/app-openpgp.c:595 #, c-format @@ -608,19 +608,19 @@ #: scd/app-openpgp.c:978 #, c-format msgid "reading public key failed: %s\n" -msgstr "Fehler beim Lesen des öffentlichen Schlüssels: %s\n" +msgstr "Fehler beim Lesen des öffentlichen Schlüssels: %s\n" #: scd/app-openpgp.c:986 scd/app-openpgp.c:1910 msgid "response does not contain the public key data\n" -msgstr "Die Antwort enthält keine Public Key Daten\n" +msgstr "Die Antwort enthält keine Public Key Daten\n" #: scd/app-openpgp.c:994 scd/app-openpgp.c:1918 msgid "response does not contain the RSA modulus\n" -msgstr "Die Antwort enthält keinen RSA Modulus\n" +msgstr "Die Antwort enthält keinen RSA Modulus\n" #: scd/app-openpgp.c:1003 scd/app-openpgp.c:1928 msgid "response does not contain the RSA public exponent\n" -msgstr "Die Antwort enthält keinen öffenlichen RSA Exponent\n" +msgstr "Die Antwort enthält keinen öffenlichen RSA Exponent\n" #: scd/app-openpgp.c:1259 scd/app-openpgp.c:1347 scd/app-openpgp.c:2150 #, c-format @@ -630,13 +630,13 @@ #: scd/app-openpgp.c:1265 scd/app-openpgp.c:1353 scd/app-openpgp.c:2156 #, c-format msgid "PIN for CHV%d is too short; minimum length is %d\n" -msgstr "Die PIN für den CHV%d ist zu kurz; Mindestlänge ist %d\n" +msgstr "Die PIN für den CHV%d ist zu kurz; Mindestlänge ist %d\n" #: scd/app-openpgp.c:1274 scd/app-openpgp.c:1288 scd/app-openpgp.c:1363 #: scd/app-openpgp.c:2165 scd/app-openpgp.c:2179 #, c-format msgid "verify CHV%d failed: %s\n" -msgstr "Prüfen von CHV%d fehlgeschlagen: %s\n" +msgstr "Prüfen von CHV%d fehlgeschlagen: %s\n" #: scd/app-openpgp.c:1311 msgid "access to admin commands is not configured\n" @@ -654,7 +654,7 @@ #, c-format msgid "%d Admin PIN attempts remaining before card is permanently locked\n" msgstr "" -"Noch %d Admin PIN Versuche möglich bevor die Karte dauerhaft gesperrt wird\n" +"Noch %d Admin PIN Versuche möglich bevor die Karte dauerhaft gesperrt wird\n" #. TRANSLATORS: Do not translate the "|A|" prefix but #. keep it at the start of the string. We need this elsewhere @@ -689,15 +689,15 @@ #: scd/app-openpgp.c:1563 msgid "key already exists\n" -msgstr "Schlüssel existiert bereits\n" +msgstr "Schlüssel existiert bereits\n" #: scd/app-openpgp.c:1567 msgid "existing key will be replaced\n" -msgstr "Existierender Schlüssel wird ersetzt\n" +msgstr "Existierender Schlüssel wird ersetzt\n" #: scd/app-openpgp.c:1569 msgid "generating new key\n" -msgstr "Neuer Schlüssel wird erzeugt\n" +msgstr "Neuer Schlüssel wird erzeugt\n" #: scd/app-openpgp.c:1736 msgid "creation timestamp missing\n" @@ -711,7 +711,7 @@ #: scd/app-openpgp.c:1750 #, c-format msgid "RSA public exponent missing or larger than %d bits\n" -msgstr "Der öffentliche RSA Exponent fehlt oder ist länger als %d Bits\n" +msgstr "Der öffentliche RSA Exponent fehlt oder ist länger als %d Bits\n" #: scd/app-openpgp.c:1758 scd/app-openpgp.c:1765 #, c-format @@ -721,24 +721,24 @@ #: scd/app-openpgp.c:1828 #, c-format msgid "failed to store the key: %s\n" -msgstr "Fehler beim Speichern des Schlüssels: %s\n" +msgstr "Fehler beim Speichern des Schlüssels: %s\n" #: scd/app-openpgp.c:1887 msgid "please wait while key is being generated ...\n" -msgstr "Bitte warten bis der Schlüssel erzeugt wurde ...\n" +msgstr "Bitte warten bis der Schlüssel erzeugt wurde ...\n" #: scd/app-openpgp.c:1901 msgid "generating key failed\n" -msgstr "Fehler beim Erzeugen des Schlüssels\n" +msgstr "Fehler beim Erzeugen des Schlüssels\n" #: scd/app-openpgp.c:1904 #, c-format msgid "key generation completed (%d seconds)\n" -msgstr "Schlüsselerzeugung vollendet (%d Sekunden)\n" +msgstr "Schlüsselerzeugung vollendet (%d Sekunden)\n" #: scd/app-openpgp.c:1961 msgid "invalid structure of OpenPGP card (DO 0x93)\n" -msgstr "Ungültige Struktur der OpenPGP Karte (DO 0x93)\n" +msgstr "Ungültige Struktur der OpenPGP Karte (DO 0x93)\n" #: scd/app-openpgp.c:2130 #, c-format @@ -754,18 +754,18 @@ msgid "" "verification of Admin PIN is currently prohibited through this command\n" msgstr "" -"Die Überprüfung der Admin PIN is momentan durch ein Kommando verboten " +"Die Ãœberprüfung der Admin PIN is momentan durch ein Kommando verboten " "worden\n" #: scd/app-openpgp.c:2470 scd/app-openpgp.c:2480 #, c-format msgid "can't access %s - invalid OpenPGP card?\n" -msgstr "Zugriff auf %s nicht möglich - ungültige OpenPGP Karte?\n" +msgstr "Zugriff auf %s nicht möglich - ungültige OpenPGP Karte?\n" #: sm/base64.c:317 #, c-format msgid "invalid radix64 character %02x skipped\n" -msgstr "Ungültiges Basis-64 Zeichen %02X wurde übergangen\n" +msgstr "Ungültiges Basis-64 Zeichen %02X wurde übergangen\n" #: sm/call-agent.c:101 msgid "no running gpg-agent - starting one\n" @@ -773,7 +773,7 @@ #: sm/call-agent.c:166 msgid "can't connect to the agent - trying fall back\n" -msgstr "Verbindung zum gpg-agent nicht möglich - Ersatzmethode wird versucht\n" +msgstr "Verbindung zum gpg-agent nicht möglich - Ersatzmethode wird versucht\n" #: sm/call-dirmngr.c:174 msgid "no running dirmngr - starting one\n" @@ -786,7 +786,7 @@ #: sm/call-dirmngr.c:226 #, c-format msgid "dirmngr protocol version %d is not supported\n" -msgstr "Die Dirmngr Protokollversion %d wird nicht unterstützt\n" +msgstr "Die Dirmngr Protokollversion %d wird nicht unterstützt\n" #: sm/call-dirmngr.c:240 msgid "can't connect to the dirmngr - trying fall back\n" @@ -812,11 +812,11 @@ #: sm/certdump.c:514 msgid "[Error - invalid encoding]" -msgstr "[Fehler - Ungültige Kodierung]" +msgstr "[Fehler - Ungültige Kodierung]" #: sm/certdump.c:519 msgid "[Error - invalid DN]" -msgstr "[Fehler - Ungültiger DN]" +msgstr "[Fehler - Ungültiger DN]" #: sm/certdump.c:680 #, c-format @@ -826,7 +826,7 @@ "S/N %s, ID %08lX, created %s" msgstr "" "Bitte geben Sie die Passphrase an, um den \n" -"geheimen Schlüssel von\n" +"geheimen Schlüssel von\n" "\"%s\"\n" "S/N %s, ID %08lX, erzeugt %s\n" "zu entsperren" @@ -834,16 +834,16 @@ #: sm/certlist.c:122 msgid "no key usage specified - assuming all usages\n" msgstr "" -"Schlüsselverwendungszweck nicht vorhanden - für alle Zwecke akzeptiert\n" +"Schlüsselverwendungszweck nicht vorhanden - für alle Zwecke akzeptiert\n" #: sm/certlist.c:132 sm/keylist.c:224 #, c-format msgid "error getting key usage information: %s\n" -msgstr "Fehler beim holen der Schlüsselbenutzungsinformationen: %s\n" +msgstr "Fehler beim holen der Schlüsselbenutzungsinformationen: %s\n" #: sm/certlist.c:142 msgid "certificate should have not been used for certification\n" -msgstr "Das Zertifikat hätte nicht zum Zertifizieren benutzt werden sollen\n" +msgstr "Das Zertifikat hätte nicht zum Zertifizieren benutzt werden sollen\n" #: sm/certlist.c:154 msgid "certificate should have not been used for OCSP response signing\n" @@ -853,7 +853,7 @@ #: sm/certlist.c:165 msgid "certificate should have not been used for encryption\n" -msgstr "Das Zertifikat hätte nicht zum Verschlüsseln benutzt werden sollen\n" +msgstr "Das Zertifikat hätte nicht zum Verschlüsseln benutzt werden sollen\n" #: sm/certlist.c:166 msgid "certificate should have not been used for signing\n" @@ -861,7 +861,7 @@ #: sm/certlist.c:167 msgid "certificate is not usable for encryption\n" -msgstr "Das Zertifikat kann nicht zum Verschlüsseln benutzt werden\n" +msgstr "Das Zertifikat kann nicht zum Verschlüsseln benutzt werden\n" #: sm/certlist.c:168 msgid "certificate is not usable for signing\n" @@ -870,11 +870,11 @@ #: sm/certchain.c:109 #, c-format msgid "critical certificate extension %s is not supported" -msgstr "Die kritische Zertifikaterweiterung %s wird nicht unterstützt" +msgstr "Die kritische Zertifikaterweiterung %s wird nicht unterstützt" #: sm/certchain.c:131 msgid "issuer certificate is not marked as a CA" -msgstr "Das Herausgeberzertifikat ist nicht für eine CA gekennzeichnet" +msgstr "Das Herausgeberzertifikat ist nicht für eine CA gekennzeichnet" #: sm/certchain.c:169 msgid "critical marked policy without configured policies" @@ -883,7 +883,7 @@ #: sm/certchain.c:179 #, c-format msgid "failed to open `%s': %s\n" -msgstr "Datei `%s' kann nicht geöffnet werden: %s\n" +msgstr "Datei `%s' kann nicht geöffnet werden: %s\n" #: sm/certchain.c:186 sm/certchain.c:215 msgid "note: non-critical certificate policy not allowed" @@ -900,7 +900,7 @@ #: sm/certchain.c:350 #, c-format msgid "number of issuers matching: %d\n" -msgstr "Anzahl der übereinstimmenden Heruasgeber: %d\n" +msgstr "Anzahl der übereinstimmenden Heruasgeber: %d\n" #: sm/certchain.c:503 sm/certchain.c:662 sm/certchain.c:1031 sm/decrypt.c:260 #: sm/encrypt.c:341 sm/sign.c:324 sm/verify.c:106 @@ -913,7 +913,7 @@ #: sm/certchain.c:601 msgid "no CRL found for certificate" -msgstr "Keine CRL für das Zertifikat gefunden" +msgstr "Keine CRL für das Zertifikat gefunden" #: sm/certchain.c:605 msgid "the available CRL is too old" @@ -927,7 +927,7 @@ #: sm/certchain.c:612 #, c-format msgid "checking the CRL failed: %s" -msgstr "Die CRL konnte nicht geprüft werden: %s" +msgstr "Die CRL konnte nicht geprüft werden: %s" #: sm/certchain.c:682 msgid "no issuer found in certificate" @@ -936,11 +936,11 @@ #: sm/certchain.c:695 #, c-format msgid "certificate with invalid validity: %s" -msgstr "Zertifikat mit unzulässiger Gültigkeit: %s" +msgstr "Zertifikat mit unzulässiger Gültigkeit: %s" #: sm/certchain.c:711 msgid "certificate not yet valid" -msgstr "Das Zertifikat ist noch nicht gültig" +msgstr "Das Zertifikat ist noch nicht gültig" #: sm/certchain.c:724 msgid "certificate has expired" @@ -952,7 +952,7 @@ #: sm/certchain.c:779 msgid "root certificate is not marked trusted" -msgstr "Das Wurzelzertifikat ist nicht als vertrauenswürdig markiert" +msgstr "Das Wurzelzertifikat ist nicht als vertrauenswürdig markiert" #: sm/certchain.c:790 #, c-format @@ -961,12 +961,12 @@ #: sm/certchain.c:795 msgid "root certificate has now been marked as trusted\n" -msgstr "Das Wurzelzertifikat wurde nun als vertrauenswürdig markiert\n" +msgstr "Das Wurzelzertifikat wurde nun als vertrauenswürdig markiert\n" #: sm/certchain.c:810 #, c-format msgid "checking the trust list failed: %s\n" -msgstr "Fehler beim Prüfen der vertrauenswürdigen Zertifikate: %s\n" +msgstr "Fehler beim Prüfen der vertrauenswürdigen Zertifikate: %s\n" #: sm/certchain.c:836 sm/import.c:157 msgid "certificate chain too long\n" @@ -983,19 +983,19 @@ #: sm/certchain.c:911 msgid "found another possible matching CA certificate - trying again" msgstr "" -"Eine anderes möglicherweise passendes CA-Zertifikat gefunden - versuche " +"Eine anderes möglicherweise passendes CA-Zertifikat gefunden - versuche " "nochmal" #: sm/certchain.c:934 #, c-format msgid "certificate chain longer than allowed by CA (%d)" -msgstr "Die Zertifikatkette ist länger als von der CA erlaubt (%d)" +msgstr "Die Zertifikatkette ist länger als von der CA erlaubt (%d)" #: sm/decrypt.c:127 msgid "" "WARNING: message was encrypted with a weak key in the symmetric cipher.\n" msgstr "" -"WARNUNG: Die Nachricht wurde mich einem schwachen Schlüssel (Weak Key) " +"WARNUNG: Die Nachricht wurde mich einem schwachen Schlüssel (Weak Key) " "erzeugt\n" #: sm/decrypt.c:325 @@ -1004,7 +1004,7 @@ #: sm/decrypt.c:327 msgid "(this does not seem to be an encrypted message)\n" -msgstr "(dies is wahrscheinlich keine verschlüsselte Nachricht)\n" +msgstr "(dies is wahrscheinlich keine verschlüsselte Nachricht)\n" #: sm/delete.c:51 sm/delete.c:102 #, c-format @@ -1019,25 +1019,25 @@ #: sm/delete.c:133 #, c-format msgid "duplicated certificate `%s' deleted\n" -msgstr "Doppeltes Zertifikat `%s' gelöscht\n" +msgstr "Doppeltes Zertifikat `%s' gelöscht\n" #: sm/delete.c:135 #, c-format msgid "certificate `%s' deleted\n" -msgstr "Zertifikat `%s' gelöscht\n" +msgstr "Zertifikat `%s' gelöscht\n" #: sm/delete.c:165 #, c-format msgid "deleting certificate \"%s\" failed: %s\n" -msgstr "Fehler beim Löschen des Zertifikats \"%s\": %s\n" +msgstr "Fehler beim Löschen des Zertifikats \"%s\": %s\n" #: sm/encrypt.c:120 msgid "weak key created - retrying\n" -msgstr "Schwacher Schlüssel - es wird erneut versucht\n" +msgstr "Schwacher Schlüssel - es wird erneut versucht\n" #: sm/encrypt.c:332 msgid "no valid recipients given\n" -msgstr "Keine gültigen Empfänger angegeben\n" +msgstr "Keine gültigen Empfänger angegeben\n" #: sm/gpgsm.c:239 msgid "|[FILE]|make a signature" @@ -1053,55 +1053,55 @@ #: sm/gpgsm.c:242 msgid "encrypt data" -msgstr "Verschlüssele die Daten" +msgstr "Verschlüssele die Daten" #: sm/gpgsm.c:243 msgid "encryption only with symmetric cipher" -msgstr "Verschlüsselung nur mit symmetrischem Algrithmus" +msgstr "Verschlüsselung nur mit symmetrischem Algrithmus" #: sm/gpgsm.c:244 msgid "decrypt data (default)" -msgstr "Enschlüssele die Daten" +msgstr "Enschlüssele die Daten" #: sm/gpgsm.c:245 msgid "verify a signature" -msgstr "Überprüfen einer Signatur" +msgstr "Ãœberprüfen einer Signatur" #: sm/gpgsm.c:247 msgid "list keys" -msgstr "Schlüssel anzeigen" +msgstr "Schlüssel anzeigen" #: sm/gpgsm.c:248 msgid "list external keys" -msgstr "Externe Schlüssel anzeigen" +msgstr "Externe Schlüssel anzeigen" #: sm/gpgsm.c:249 msgid "list secret keys" -msgstr "Geheime Schlüssel anzeigen" +msgstr "Geheime Schlüssel anzeigen" #: sm/gpgsm.c:250 msgid "list certificate chain" -msgstr "Schlüssel mit Zertifikatekette anzeigen" +msgstr "Schlüssel mit Zertifikatekette anzeigen" #: sm/gpgsm.c:252 msgid "list keys and fingerprints" -msgstr "Schlüssel und Fingerprint anzeigen" +msgstr "Schlüssel und Fingerprint anzeigen" #: sm/gpgsm.c:253 msgid "generate a new key pair" -msgstr "Neues Schlüsselpaar erzeugen" +msgstr "Neues Schlüsselpaar erzeugen" #: sm/gpgsm.c:254 msgid "remove key from the public keyring" -msgstr "Schlüssel aus dem öffentlichen Schlüsselbund löschen" +msgstr "Schlüssel aus dem öffentlichen Schlüsselbund löschen" #: sm/gpgsm.c:255 msgid "export keys to a key server" -msgstr "Schlüssen an eine Schlüsselserver exportieren" +msgstr "Schlüssen an eine Schlüsselserver exportieren" #: sm/gpgsm.c:256 msgid "import keys from a key server" -msgstr "Schlüssel von einem Schlüsselserver importieren" +msgstr "Schlüssel von einem Schlüsselserver importieren" #: sm/gpgsm.c:257 msgid "import certificates" @@ -1117,7 +1117,7 @@ #: sm/gpgsm.c:260 msgid "run in server mode" -msgstr "Im Server Modus ausführen" +msgstr "Im Server Modus ausführen" #: sm/gpgsm.c:261 msgid "pass a command to the dirmngr" @@ -1129,11 +1129,11 @@ #: sm/gpgsm.c:264 msgid "change a passphrase" -msgstr "Das Mantra (Passphrase) ändern" +msgstr "Das Mantra (Passphrase) ändern" #: sm/gpgsm.c:274 msgid "create ascii armored output" -msgstr "Ausgabe mit ASCII Hülle wird erzeugt" +msgstr "Ausgabe mit ASCII Hülle wird erzeugt" #: sm/gpgsm.c:276 msgid "create base-64 encoded output" @@ -1149,15 +1149,15 @@ #: sm/gpgsm.c:282 msgid "assume input is in binary format" -msgstr "Eingabedaten sind im Binärformat" +msgstr "Eingabedaten sind im Binärformat" #: sm/gpgsm.c:284 msgid "|NAME|encrypt for NAME" -msgstr "|NAME|Verschlüsseln für NAME" +msgstr "|NAME|Verschlüsseln für NAME" #: sm/gpgsm.c:287 msgid "use system's dirmngr if available" -msgstr "Benutze den System Dirmngr when verfügbar" +msgstr "Benutze den System Dirmngr when verfügbar" #: sm/gpgsm.c:288 msgid "never consult a CRL" @@ -1165,7 +1165,7 @@ #: sm/gpgsm.c:295 msgid "check validity using OCSP" -msgstr "Die Gültigkeit mittels OCSP prüfen" +msgstr "Die Gültigkeit mittels OCSP prüfen" #: sm/gpgsm.c:298 msgid "|N|number of certificates to include" @@ -1177,7 +1177,7 @@ #: sm/gpgsm.c:304 msgid "do not check certificate policies" -msgstr "Zertikikatrichtlinien nicht überprüfen" +msgstr "Zertikikatrichtlinien nicht überprüfen" #: sm/gpgsm.c:308 msgid "fetch missing issuer certificates" @@ -1185,15 +1185,15 @@ #: sm/gpgsm.c:312 msgid "|NAME|use NAME as default recipient" -msgstr "|NAME|Benutze NAME als voreingestellten Empfänger" +msgstr "|NAME|Benutze NAME als voreingestellten Empfänger" #: sm/gpgsm.c:314 msgid "use the default key as default recipient" -msgstr "Benuzte voreingestellten Schlüssel als Standardempfänger" +msgstr "Benuzte voreingestellten Schlüssel als Standardempfänger" #: sm/gpgsm.c:320 msgid "use this user-id to sign or decrypt" -msgstr "Benuzte diese Benutzer ID zum Signieren oder Entschlüsseln" +msgstr "Benuzte diese Benutzer ID zum Signieren oder Entschlüsseln" #: sm/gpgsm.c:323 msgid "|N|set compress level N (0 disables)" @@ -1209,7 +1209,7 @@ #: sm/gpgsm.c:331 msgid "don't use the terminal at all" -msgstr "Das Terminal überhaupt nicht benutzen" +msgstr "Das Terminal überhaupt nicht benutzen" #: sm/gpgsm.c:334 msgid "force v3 signatures" @@ -1217,7 +1217,7 @@ #: sm/gpgsm.c:335 msgid "always use a MDC for encryption" -msgstr "Immer das MDC Verfahren zum verschlüsseln mitbenutzen" +msgstr "Immer das MDC Verfahren zum verschlüsseln mitbenutzen" #: sm/gpgsm.c:340 msgid "batch mode: never ask" @@ -1241,15 +1241,15 @@ #: sm/gpgsm.c:346 msgid "|NAME|use NAME as default secret key" -msgstr "|NAME|Benutze NAME als voreingestellten Schlüssel" +msgstr "|NAME|Benutze NAME als voreingestellten Schlüssel" #: sm/gpgsm.c:347 msgid "|HOST|use this keyserver to lookup keys" -msgstr "|HOST|Benutze HOST als Schlüsselserver" +msgstr "|HOST|Benutze HOST als Schlüsselserver" #: sm/gpgsm.c:348 msgid "|NAME|set terminal charset to NAME" -msgstr "|NAME|Den Zeichensatz für das Terminal auf NAME setzen" +msgstr "|NAME|Den Zeichensatz für das Terminal auf NAME setzen" #: sm/gpgsm.c:352 msgid "|LEVEL|set the debugging level to LEVEL" @@ -1265,7 +1265,7 @@ #: sm/gpgsm.c:372 msgid "|NAME|use cipher algorithm NAME" -msgstr "|NAME|Den Verschlüsselungsalgrithmus NAME benutzen" +msgstr "|NAME|Den Verschlüsselungsalgrithmus NAME benutzen" #: sm/gpgsm.c:374 msgid "|NAME|use message digest algorithm NAME" @@ -1297,15 +1297,15 @@ "@\n" "Beispiele:\n" "\n" -" -se -r Bob [Datei] Signieren und verschlüsseln für Benutzer Bob\\n\n" +" -se -r Bob [Datei] Signieren und verschlüsseln für Benutzer Bob\\n\n" " --clearsign [Datei] Eine Klartextsignatur erzeugen\\n\n" " --detach-sign [Datei] Eine abgetrennte Signatur erzeugen\\n\n" -" --list-keys [Namen] Schlüssel anzeigenn\n" -" --fingerprint [Namen] \"Fingerabdrücke\" anzeigen\\n\n" +" --list-keys [Namen] Schlüssel anzeigenn\n" +" --fingerprint [Namen] \"Fingerabdrücke\" anzeigen\\n\n" #: sm/gpgsm.c:506 msgid "Usage: gpgsm [options] [files] (-h for help)" -msgstr "Gebrauch: gpgsm [Optionen] [Dateien] (-h für Hilfe)" +msgstr "Gebrauch: gpgsm [Optionen] [Dateien] (-h für Hilfe)" #: sm/gpgsm.c:509 msgid "" @@ -1314,7 +1314,7 @@ "default operation depends on the input data\n" msgstr "" "Gebrauch: gpgsm [Optionen] [Dateien]\n" -"Signieren, prüfen, ver- und entschlüsseln mittels S/MIME protocol\n" +"Signieren, prüfen, ver- und entschlüsseln mittels S/MIME protocol\n" #: sm/gpgsm.c:516 msgid "" @@ -1322,7 +1322,7 @@ "Supported algorithms:\n" msgstr "" "\n" -"Unterstützte Algorithmen:\n" +"Unterstützte Algorithmen:\n" #: sm/gpgsm.c:603 msgid "usage: gpgsm [options] " @@ -1335,33 +1335,33 @@ #: sm/gpgsm.c:684 #, c-format msgid "can't encrypt to `%s': %s\n" -msgstr "Verschlüsseln für `%s' nicht möglich: %s\n" +msgstr "Verschlüsseln für `%s' nicht möglich: %s\n" #: sm/gpgsm.c:758 #, c-format msgid "libksba is too old (need %s, have %s)\n" -msgstr "Die Bibliothek Libksba is nicht aktuell (benötige %s, habe %s)\n" +msgstr "Die Bibliothek Libksba is nicht aktuell (benötige %s, habe %s)\n" #: sm/gpgsm.c:1215 msgid "WARNING: program may create a core file!\n" -msgstr "WARNUNG: Programm könnte eine core-dump-Datei schreiben!\n" +msgstr "WARNUNG: Programm könnte eine core-dump-Datei schreiben!\n" #: sm/gpgsm.c:1227 msgid "WARNING: running with faked system time: " -msgstr "WARNUNG: Ausführung mit gefälschter Systemzeit: " +msgstr "WARNUNG: Ausführung mit gefälschter Systemzeit: " #: sm/gpgsm.c:1253 msgid "selected cipher algorithm is invalid\n" -msgstr "Das ausgewählte Verschlüsselungsverfahren ist ungültig\n" +msgstr "Das ausgewählte Verschlüsselungsverfahren ist ungültig\n" #: sm/gpgsm.c:1261 msgid "selected digest algorithm is invalid\n" -msgstr "Das ausgewählte Hashverfahren ist ungültig\n" +msgstr "Das ausgewählte Hashverfahren ist ungültig\n" #: sm/gpgsm.c:1291 #, c-format msgid "can't sign using `%s': %s\n" -msgstr "Signieren mit `%s' nicht möglich: %s\n" +msgstr "Signieren mit `%s' nicht möglich: %s\n" #: sm/gpgsm.c:1464 msgid "this command has not yet been implemented\n" @@ -1370,7 +1370,7 @@ #: sm/gpgsm.c:1694 sm/gpgsm.c:1731 #, c-format msgid "can't open `%s': %s\n" -msgstr "Datei `%s' kann nicht geöffnet werden: %s\n" +msgstr "Datei `%s' kann nicht geöffnet werden: %s\n" #: sm/import.c:109 #, c-format @@ -1385,22 +1385,22 @@ #: sm/import.c:116 #, c-format msgid " unchanged: %lu\n" -msgstr " nicht geändert: %lu\n" +msgstr " nicht geändert: %lu\n" #: sm/import.c:118 #, c-format msgid " secret keys read: %lu\n" -msgstr " gelesene private Schlüssel: %lu\n" +msgstr " gelesene private Schlüssel: %lu\n" #: sm/import.c:120 #, c-format msgid " secret keys imported: %lu\n" -msgstr "importierte priv. Schlüssel: %lu\n" +msgstr "importierte priv. Schlüssel: %lu\n" #: sm/import.c:122 #, c-format msgid " secret keys unchanged: %lu\n" -msgstr "ungeänderte priv. Schlüssel: %lu\n" +msgstr "ungeänderte priv. Schlüssel: %lu\n" #: sm/import.c:124 #, c-format @@ -1413,7 +1413,7 @@ #: sm/import.c:234 msgid "basic certificate checks failed - not imported\n" -msgstr "Grundlegende Zertifikatprüfungen fehlgeschlagen - nicht importiert\n" +msgstr "Grundlegende Zertifikatprüfungen fehlgeschlagen - nicht importiert\n" #: sm/import.c:420 sm/import.c:452 #, c-format @@ -1423,12 +1423,12 @@ #: sm/import.c:524 sm/import.c:549 #, c-format msgid "error creating temporary file: %s\n" -msgstr "Fehler beim Erstellen einer temporären Datei: %s\n" +msgstr "Fehler beim Erstellen einer temporären Datei: %s\n" #: sm/import.c:532 #, c-format msgid "error writing to temporary file: %s\n" -msgstr "Fehler beim Schreiben auf eine temporäre Datei: %s\n" +msgstr "Fehler beim Schreiben auf eine temporäre Datei: %s\n" #: sm/import.c:541 #, c-format @@ -1523,7 +1523,7 @@ #: tools/gpgconf.c:57 msgid "|COMPONENT|change options" -msgstr "|KOMPONENTE|Ändere die Optionen" +msgstr "|KOMPONENTE|Ändere die Optionen" #: tools/gpgconf.c:63 msgid "quiet" @@ -1531,11 +1531,11 @@ #: tools/gpgconf.c:65 msgid "activate changes at runtime, if possible" -msgstr "Aktiviere Änderungen zur Laufzeit; falls möglich" +msgstr "Aktiviere Änderungen zur Laufzeit; falls möglich" #: tools/gpgconf.c:88 msgid "Usage: gpgconf [options] (-h for help)" -msgstr "Gebrauch: gpgconf [Optionen] (-h für Hilfe)" +msgstr "Gebrauch: gpgconf [Optionen] (-h für Hilfe)" #: tools/gpgconf.c:91 msgid "" @@ -1543,7 +1543,7 @@ "Manage configuration options for tools of the GnuPG system\n" msgstr "" "Syntax: gpgconf {Optionen]\n" -"Verwalte Konfigurationsoptionen für Programme des GnuPG Systems\n" +"Verwalte Konfigurationsoptionen für Programme des GnuPG Systems\n" #: tools/gpgconf.c:175 msgid "usage: gpgconf [options] " @@ -1551,7 +1551,7 @@ #: tools/gpgconf.c:177 msgid "Need one component argument" -msgstr "Benötige ein Komponenten Argument" +msgstr "Benötige ein Komponenten Argument" #: tools/gpgconf.c:186 msgid "Component not found" @@ -1570,7 +1570,7 @@ #: tools/gpgconf-comp.c:458 tools/gpgconf-comp.c:535 tools/gpgconf-comp.c:584 #: tools/gpgconf-comp.c:640 tools/gpgconf-comp.c:716 msgid "Options useful for debugging" -msgstr "Nützliche Optionen zum Debuggen" +msgstr "Nützliche Optionen zum Debuggen" #: tools/gpgconf-comp.c:463 tools/gpgconf-comp.c:540 tools/gpgconf-comp.c:589 #: tools/gpgconf-comp.c:645 tools/gpgconf-comp.c:724 @@ -1583,11 +1583,11 @@ #: tools/gpgconf-comp.c:597 msgid "Configuration for Keyservers" -msgstr "Konfiguration der Schlüsselserver" +msgstr "Konfiguration der Schlüsselserver" #: tools/gpgconf-comp.c:658 msgid "do not check CRLs for root certificates" -msgstr "CRL bei Wurzelzertifikaten nicht überprüfen" +msgstr "CRL bei Wurzelzertifikaten nicht überprüfen" #: tools/gpgconf-comp.c:699 msgid "Options controlling the format of the output" @@ -1595,11 +1595,11 @@ #: tools/gpgconf-comp.c:735 msgid "Options controlling the interactivity and enforcement" -msgstr "Optionen zur Einstellung der Interaktivität und Geltendmachung" +msgstr "Optionen zur Einstellung der Interaktivität und Geltendmachung" #: tools/gpgconf-comp.c:745 msgid "Configuration for HTTP servers" -msgstr "Konfiguration für HTTP Server" +msgstr "Konfiguration für HTTP Server" #: tools/gpgconf-comp.c:756 msgid "use system's HTTP proxy setting" @@ -1629,7 +1629,7 @@ #~ msgstr "Fehler beim Holen der Seriennummer: %s\n" #~ msgid "reading the key failed\n" -#~ msgstr "Fehler beim Lesen des Schlüssels: %s\n" +#~ msgstr "Fehler beim Lesen des Schlüssels: %s\n" #~ msgid "error creating a pipe: %s\n" #~ msgstr "Fehler beim Erzeugen einer \"Pipe\": %s\n" @@ -1642,13 +1642,13 @@ #~ "Das Warten auf die Beendigung des protect-tools ist fehlgeschlagen: %s\n" #~ msgid "error running `%s': probably not installed\n" -#~ msgstr "Feler bei Ausführung von `%s': wahrscheinlich nicht installiert\n" +#~ msgstr "Feler bei Ausführung von `%s': wahrscheinlich nicht installiert\n" #~ msgid "error running `%s': exit status %d\n" -#~ msgstr "Fehler bei Ausführung von `%s': Endestatus %d\n" +#~ msgstr "Fehler bei Ausführung von `%s': Endestatus %d\n" #~ msgid "Usage: sc-investigate [options] (-h for help)\n" -#~ msgstr "Gebrauch: sc-investigate [Optionen] (-h für Hilfe)\n" +#~ msgstr "Gebrauch: sc-investigate [Optionen] (-h für Hilfe)\n" #~ msgid "" #~ "Syntax: sc-investigate [options] [args]]\n" @@ -1659,7 +1659,7 @@ #~ msgid "can't access Extended Capability Flags - invalid OpenPGP card?\n" #~ msgstr "" -#~ "Zugriff auf die Extended Capability Flags nicht möglich - ungültige " +#~ "Zugriff auf die Extended Capability Flags nicht möglich - ungültige " #~ "OpenPGP Karte?\n" #~ msgid "Enter passphrase:" @@ -1670,5 +1670,5 @@ #~ msgid "no key usage specified - accepted for encryption\n" #~ msgstr "" -#~ "Schlüsselverwendungszweck nicht vorhanden - wird zum Verschlüsseln " +#~ "Schlüsselverwendungszweck nicht vorhanden - wird zum Verschlüsseln " #~ "akzeptiert\n" From cvs at cvs.gnupg.org Mon Aug 1 18:00:48 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon Aug 1 17:33:41 2005 Subject: [svn] ksba - r224 - trunk/tests Message-ID: Author: wk Date: 2005-08-01 18:00:48 +0200 (Mon, 01 Aug 2005) New Revision: 224 Modified: trunk/tests/crl_testpki_testpca.der Log: Removed text file properties Property changes on: trunk/tests/crl_testpki_testpca.der ___________________________________________________________________ Name: svn:keywords - Author Date Id Revision Name: svn:eol-style - native Name: svn:mime-type + application/octet-stream From cvs at cvs.gnupg.org Mon Aug 1 18:04:22 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon Aug 1 17:37:14 2005 Subject: [svn] ksba - r225 - in trunk: . tests Message-ID: Author: wk Date: 2005-08-01 18:04:21 +0200 (Mon, 01 Aug 2005) New Revision: 225 Added: trunk/README.SVN Removed: trunk/README.CVS Modified: trunk/ChangeLog trunk/NEWS trunk/configure.ac trunk/tests/crl_testpki_testpca.der Log: make duistcheck works on the SVN version now. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2005-08-01 16:00:48 UTC (rev 224) +++ trunk/ChangeLog 2005-08-01 16:04:21 UTC (rev 225) @@ -1,6 +1,12 @@ +2005-08-01 Werner Koch + + Released 0.9.12. + + * configure.ac: Bumped LT version to C14/A6/R1. + 2005-06-02 Werner Koch - * gl/, gp/m4/: New. + * gl/, gl/m4/: New. * configure.ac: Add test for gnulib module alloca. * Makefile.am (SUBDIRS): Include gl/ Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2005-08-01 16:00:48 UTC (rev 224) +++ trunk/NEWS 2005-08-01 16:04:21 UTC (rev 225) @@ -1,4 +1,4 @@ -Noteworthy changes in version 0.9.12 +Noteworthy changes in version 0.9.12 (2005-08-01) ------------------------------------------------- * GeneralNames types dNSName and Uri are now supported. Deleted: trunk/README.CVS Copied: trunk/README.SVN (from rev 223, trunk/README.CVS) Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2005-08-01 16:00:48 UTC (rev 224) +++ trunk/configure.ac 2005-08-01 16:04:21 UTC (rev 225) @@ -1,5 +1,5 @@ # configure.ac - for libksba -# Copyright (C) 2001, 2002, 2003, 2004 g10 Code GmbH +# Copyright (C) 2001, 2002, 2003, 2004, 2005 g10 Code GmbH # # This file is part of KSBA # @@ -23,7 +23,7 @@ # Version number: Remember to change immediately *after* a release. # Append a "-cvs" for non-released versions. -AC_INIT(libksba, 0.9.12-cvs, gpa-dev@gnupg.org) +AC_INIT(libksba, 0.9.12, gpa-dev@gnupg.org) # LT Version numbers: Remember to change them just *before* a release. # (Interfaces removed: CURRENT++, AGE=0, REVISION=0) # (Interfaces added: CURRENT++, AGE++, REVISION=0) @@ -31,7 +31,7 @@ # Please remember to document interface changes in the NEWS file. LIBKSBA_LT_CURRENT=14 LIBKSBA_LT_AGE=6 -LIBKSBA_LT_REVISION=0 +LIBKSBA_LT_REVISION=1 #------------------- # fixme: When bouncing this to a newer version, you check whether the Modified: trunk/tests/crl_testpki_testpca.der =================================================================== (Binary files differ) From cvs at cvs.gnupg.org Mon Aug 1 18:51:05 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon Aug 1 18:23:58 2005 Subject: [svn] ksba - r226 - tags Message-ID: Author: wk Date: 2005-08-01 18:50:54 +0200 (Mon, 01 Aug 2005) New Revision: 226 Added: tags/libksba-0-9-12/ Log: Released Copied: tags/libksba-0-9-12 (from rev 225, trunk) From cvs at cvs.gnupg.org Mon Aug 1 18:54:55 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon Aug 1 18:27:52 2005 Subject: [svn] GnuPG - r3846 - in branches/GNUPG-1-9-BRANCH: . agent po tools Message-ID: Author: wk Date: 2005-08-01 18:54:54 +0200 (Mon, 01 Aug 2005) New Revision: 3846 Modified: branches/GNUPG-1-9-BRANCH/ChangeLog branches/GNUPG-1-9-BRANCH/NEWS branches/GNUPG-1-9-BRANCH/agent/t-protect.c branches/GNUPG-1-9-BRANCH/configure.ac branches/GNUPG-1-9-BRANCH/po/de.po branches/GNUPG-1-9-BRANCH/tools/ChangeLog branches/GNUPG-1-9-BRANCH/tools/gpgsm-gencert.sh Log: About to release 1.9.18 Modified: branches/GNUPG-1-9-BRANCH/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/ChangeLog 2005-08-01 13:17:42 UTC (rev 3845) +++ branches/GNUPG-1-9-BRANCH/ChangeLog 2005-08-01 16:54:54 UTC (rev 3846) @@ -1,3 +1,9 @@ +2005-08-01 Werner Koch + + Released 1.9.18. + + * configure.ac: Require libksba 0.9.12 to match new features in gpgsm. + 2005-06-20 Werner Koch Released 1.9.17. Modified: branches/GNUPG-1-9-BRANCH/NEWS =================================================================== --- branches/GNUPG-1-9-BRANCH/NEWS 2005-08-01 13:17:42 UTC (rev 3845) +++ branches/GNUPG-1-9-BRANCH/NEWS 2005-08-01 16:54:54 UTC (rev 3846) @@ -1,11 +1,13 @@ -Noteworthy changes in version 1.9.18 +Noteworthy changes in version 1.9.18 (2005-08-01) ------------------------------------------------- * [gpgsm] Now allows for more than one email address as well as URIs and dnsNames in certificate request generation. A keygrip may be given to create a request from an existing key. + * A couple of minor bug fixes. + Noteworthy changes in version 1.9.17 (2005-06-20) ------------------------------------------------- Modified: branches/GNUPG-1-9-BRANCH/agent/t-protect.c =================================================================== --- branches/GNUPG-1-9-BRANCH/agent/t-protect.c 2005-08-01 13:17:42 UTC (rev 3845) +++ branches/GNUPG-1-9-BRANCH/agent/t-protect.c 2005-08-01 16:54:54 UTC (rev 3846) @@ -72,6 +72,7 @@ static void test_make_shadow_info (void) { +#if 0 static struct { const char *snstr; @@ -96,6 +97,7 @@ /* fixme: Need to compare the result but also need to check proper S-expression syntax. */ } +#endif } Modified: branches/GNUPG-1-9-BRANCH/configure.ac =================================================================== --- branches/GNUPG-1-9-BRANCH/configure.ac 2005-08-01 13:17:42 UTC (rev 3845) +++ branches/GNUPG-1-9-BRANCH/configure.ac 2005-08-01 16:54:54 UTC (rev 3846) @@ -24,7 +24,7 @@ # Version number: Remember to change it immediately *after* a release. # Add a "-cvs" prefix for non-released code. -AC_INIT(gnupg, 1.9.18-cvs, gnupg-devel@gnupg.org) +AC_INIT(gnupg, 1.9.18, gnupg-devel@gnupg.org) # Set development_version to yes if the minor number is odd or you # feel that the default check for a development version is not # sufficient. @@ -36,7 +36,7 @@ NEED_LIBASSUAN_VERSION=0.6.10 -NEED_KSBA_VERSION=0.9.11 +NEED_KSBA_VERSION=0.9.12 PACKAGE=$PACKAGE_NAME Modified: branches/GNUPG-1-9-BRANCH/po/de.po =================================================================== --- branches/GNUPG-1-9-BRANCH/po/de.po 2005-08-01 13:17:42 UTC (rev 3845) +++ branches/GNUPG-1-9-BRANCH/po/de.po 2005-08-01 16:54:54 UTC (rev 3846) @@ -11,7 +11,7 @@ "Project-Id-Version: gnupg2 1.9.18\n" "Report-Msgid-Bugs-To: translations@gnupg.org\n" "POT-Creation-Date: 2005-06-16 09:12+0200\n" -"PO-Revision-Date: 2005-08-01 14:44+0200\n" +"PO-Revision-Date: 2005-08-01 15:09+0200\n" "Last-Translator: Werner Koch \n" "Language-Team: de\n" "MIME-Version: 1.0\n" @@ -521,7 +521,7 @@ #: kbx/kbxutil.c:107 msgid "Please report bugs to " -msgstr "Bite richten sie Berichte ?ber Bugs (Softwarefehler) an " +msgstr "Bitte richten sie Berichte ?ber Bugs (Softwarefehler) an " #: kbx/kbxutil.c:107 msgid ".\n" @@ -921,8 +921,7 @@ #: sm/certchain.c:607 msgid "please make sure that the \"dirmngr\" is properly installed\n" -msgstr "" -"Bite vergewissern Sie sich das der \"dirmngr\" richtig installierrt ist\n" +msgstr "Bitte vergewissern Sie sich das der \"dirmngr\" richtig installierrt ist\n" #: sm/certchain.c:612 #, c-format Modified: branches/GNUPG-1-9-BRANCH/tools/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/tools/ChangeLog 2005-08-01 13:17:42 UTC (rev 3845) +++ branches/GNUPG-1-9-BRANCH/tools/ChangeLog 2005-08-01 16:54:54 UTC (rev 3846) @@ -1,3 +1,8 @@ +2005-08-01 Werner Koch + + * gpgsm-gencert.sh: Allow entering a keygrip to generate a CSR from + an existing key. + 2005-07-21 Werner Koch * gpgsm-gencert.sh: Reworked to allow for multiple email addresses Modified: branches/GNUPG-1-9-BRANCH/tools/gpgsm-gencert.sh =================================================================== --- branches/GNUPG-1-9-BRANCH/tools/gpgsm-gencert.sh 2005-08-01 13:17:42 UTC (rev 3845) +++ branches/GNUPG-1-9-BRANCH/tools/gpgsm-gencert.sh 2005-08-01 16:54:54 UTC (rev 3846) @@ -84,11 +84,20 @@ echo "You selected: $ANSWER" >&2 } -query_user_menu "Key type" "RSA" -KEY_TYPE=$ANSWER +query_user_menu "Key type" "RSA" "existing key" +if [ "$ANSWER" = "existing key" ]; then + # User requested to use an existing key; need to set some dummy defaults + KEY_TYPE=RSA + KEY_LENGTH=1024 + query_user "Keygrip " + KEY_GRIP=$ANSWER +else + KEY_TYPE=$ANSWER + query_user_menu "Key length" "1024" "2048" + KEY_LENGTH=$ANSWER + KEY_GRIP= +fi -query_user_menu "Key length" "1024" "2048" -KEY_LENGTH=$ANSWER query_user_menu "Key usage" "sign, encrypt" "sign" "encrypt" KEY_USAGE=$ANSWER @@ -137,6 +146,7 @@ Key-Usage: $KEY_USAGE Name-DN: $NAME EOF +[ -n "$KEY_GRIP" ] && echo "Key-Grip: $KEY_GRIP" [ -n "$EMAIL_ADDRESSES" ] && echo "$EMAIL_ADDRESSES" [ -n "$DNS_ADDRESSES" ] && echo "$DNS_ADDRESSES" [ -n "$URI_ADDRESSES" ] && echo "$URI_ADDRESSES" @@ -152,7 +162,7 @@ echo -e "$ASSUAN_COMMANDS" | \ - ./gpgsm --no-log-file --debug-level none --debug-none \ + gpgsm --no-log-file --debug-level none --debug-none \ --server 4< "$file_parameter" 5>"$outfile" >/dev/null cat "$outfile" From cvs at cvs.gnupg.org Mon Aug 1 19:03:50 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon Aug 1 18:36:42 2005 Subject: [svn] GnuPG - r3847 - tags Message-ID: Author: wk Date: 2005-08-01 19:03:50 +0200 (Mon, 01 Aug 2005) New Revision: 3847 Added: tags/V1-9-18/ Log: Released 1.9.18 Copied: tags/V1-9-18 (from rev 3846, branches/GNUPG-1-9-BRANCH) From cvs at cvs.gnupg.org Thu Aug 4 05:59:22 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Thu Aug 4 05:32:01 2005 Subject: [svn] GnuPG - r3848 - trunk/keyserver Message-ID: Author: dshaw Date: 2005-08-04 05:59:16 +0200 (Thu, 04 Aug 2005) New Revision: 3848 Modified: trunk/keyserver/ChangeLog trunk/keyserver/curl-shim.h trunk/keyserver/gpgkeys_curl.c trunk/keyserver/gpgkeys_hkp.c Log: * gpgkeys_hkp.c (main), gpgkeys_curl.c (main), curl-shim.h: Show version of curl (or curl-shim) when debug is set. Modified: trunk/keyserver/ChangeLog =================================================================== --- trunk/keyserver/ChangeLog 2005-08-01 17:03:50 UTC (rev 3847) +++ trunk/keyserver/ChangeLog 2005-08-04 03:59:16 UTC (rev 3848) @@ -1,3 +1,8 @@ +2005-08-03 David Shaw + + * gpgkeys_hkp.c (main), gpgkeys_curl.c (main), curl-shim.h: Show + version of curl (or curl-shim) when debug is set. + 2005-07-20 David Shaw * gpgkeys_curl.c (get_key, main): Don't try and be smart about Modified: trunk/keyserver/curl-shim.h =================================================================== --- trunk/keyserver/curl-shim.h 2005-08-01 17:03:50 UTC (rev 3847) +++ trunk/keyserver/curl-shim.h 2005-08-04 03:59:16 UTC (rev 3848) @@ -85,5 +85,6 @@ void curl_easy_cleanup(CURL *curl); char *curl_escape(char *str,int len); void curl_free(char *ptr); +#define curl_version() "GnuPG curl-shim "VERSION #endif /* !_CURL_SHIM_H_ */ Modified: trunk/keyserver/gpgkeys_curl.c =================================================================== --- trunk/keyserver/gpgkeys_curl.c 2005-08-01 17:03:50 UTC (rev 3847) +++ trunk/keyserver/gpgkeys_curl.c 2005-08-04 03:59:16 UTC (rev 3848) @@ -260,6 +260,7 @@ if(opt->debug) { + fprintf(console,"gpgkeys: curl version = %s\n",curl_version()); curl_easy_setopt(curl,CURLOPT_STDERR,console); curl_easy_setopt(curl,CURLOPT_VERBOSE,1); } Modified: trunk/keyserver/gpgkeys_hkp.c =================================================================== --- trunk/keyserver/gpgkeys_hkp.c 2005-08-01 17:03:50 UTC (rev 3847) +++ trunk/keyserver/gpgkeys_hkp.c 2005-08-04 03:59:16 UTC (rev 3848) @@ -533,6 +533,7 @@ if(opt->debug) { + fprintf(console,"gpgkeys: curl version = %s\n",curl_version()); curl_easy_setopt(curl,CURLOPT_STDERR,console); curl_easy_setopt(curl,CURLOPT_VERBOSE,1); } From cvs at cvs.gnupg.org Thu Aug 4 11:53:22 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Thu Aug 4 11:25:58 2005 Subject: [svn] GnuPG - r3849 - trunk/g10 Message-ID: Author: wk Date: 2005-08-04 11:53:21 +0200 (Thu, 04 Aug 2005) New Revision: 3849 Modified: trunk/g10/ChangeLog trunk/g10/cardglue.c trunk/g10/export.c trunk/g10/pkclist.c trunk/g10/revoke.c trunk/g10/seckey-cert.c Log: Fixes pertaining to revocation creation with subkey-only exported card keys Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-08-04 03:59:16 UTC (rev 3848) +++ trunk/g10/ChangeLog 2005-08-04 09:53:21 UTC (rev 3849) @@ -1,3 +1,17 @@ +2005-08-04 Werner Koch + + * export.c (do_export_stream): Skip on-card keys when only subkeys + are to be exported. It does not make sense to replace the on-card + key stub by a no-key stub. + + * revoke.c (gen_revoke): Check for non-online keys. + + * seckey-cert.c (is_secret_key_protected): Return -3 for + non-online key stubs. The old code assumes that a protection + algorithm is still set but in some cases this one is 0 and thus it + won't be possible to decide whether it is unprotected or + protected. + 2005-07-28 Werner Koch * Makefile.am (other_libs): Add SRVLIBS. Modified: trunk/g10/cardglue.c =================================================================== --- trunk/g10/cardglue.c 2005-08-04 03:59:16 UTC (rev 3848) +++ trunk/g10/cardglue.c 2005-08-04 09:53:21 UTC (rev 3849) @@ -533,7 +533,7 @@ const char *s; int ask = 0; int n; - + for (s = serialno, n=0; *s != '/' && hexdigitp (s); s++, n++) ; if (n != 32) Modified: trunk/g10/export.c =================================================================== --- trunk/g10/export.c 2005-08-04 03:59:16 UTC (rev 3848) +++ trunk/g10/export.c 2005-08-04 09:53:21 UTC (rev 3849) @@ -230,6 +230,17 @@ keystr(sk_keyid)); continue; } + + /* It does not make sense to export a key with a primary + key on card using a non-key stub. We simply skip those + keys when used with --export-secret-subkeys. */ + if (secret == 2 && sk->is_protected + && sk->protect.s2k.mode == 1002 ) + { + log_info(_("key %s: key material on-card - skipped\n"), + keystr(sk_keyid)); + continue; + } } else { Modified: trunk/g10/pkclist.c =================================================================== --- trunk/g10/pkclist.c 2005-08-04 03:59:16 UTC (rev 3848) +++ trunk/g10/pkclist.c 2005-08-04 09:53:21 UTC (rev 3849) @@ -540,7 +540,6 @@ size_t fprlen; int okay; - log_info (_("Note: Verified address is `%s'\n"), sig->pka_info->email); primary_pk = xmalloc_clear (sizeof *primary_pk); get_pubkey (primary_pk, pk->main_keyid); @@ -548,9 +547,17 @@ free_public_key (primary_pk); if ( fprlen == 20 && !memcmp (sig->pka_info->fpr, fpr, 20) ) - okay = 1; + { + okay = 1; + log_info (_("Note: Verified signer's address is `%s'\n"), + sig->pka_info->email); + } else - okay = 0; + { + okay = 0; + log_info (_("Note: Signer's address `%s' " + "does not match DNS entry\n"), sig->pka_info->email); + } switch ( (trustlevel & TRUST_MASK) ) { Modified: trunk/g10/revoke.c =================================================================== --- trunk/g10/revoke.c 2005-08-04 03:59:16 UTC (rev 3848) +++ trunk/g10/revoke.c 2005-08-04 09:53:21 UTC (rev 3849) @@ -497,11 +497,15 @@ log_error(_("unknown protection algorithm\n")); rc = G10ERR_PUBKEY_ALGO; break; + case -3: + tty_printf (_("Secret parts of primary key are not available.\n")); + rc = G10ERR_NO_SECKEY; + break; case 0: tty_printf(_("NOTE: This key is not protected!\n")); break; default: - rc = check_secret_key( sk, 0 ); + rc = check_secret_key( sk, 0 ); break; } if( rc ) Modified: trunk/g10/seckey-cert.c =================================================================== --- trunk/g10/seckey-cert.c 2005-08-04 03:59:16 UTC (rev 3848) +++ trunk/g10/seckey-cert.c 2005-08-04 09:53:21 UTC (rev 3849) @@ -289,13 +289,14 @@ * check whether the secret key is protected. * Returns: 0 not protected, -1 on error or the protection algorithm * -2 indicates a card stub. + * -3 indicates a not-online stub. */ int is_secret_key_protected( PKT_secret_key *sk ) { return sk->is_protected? - sk->protect.s2k.mode == 1002? -2 - : sk->protect.algo : 0; + sk->protect.s2k.mode == 1002? -2 : + sk->protect.s2k.mode == 1001? -3 : sk->protect.algo : 0; } From cvs at cvs.gnupg.org Thu Aug 4 20:50:56 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Thu Aug 4 20:23:32 2005 Subject: [svn] GnuPG - r3850 - in trunk: . m4 tools Message-ID: Author: dshaw Date: 2005-08-04 20:50:54 +0200 (Thu, 04 Aug 2005) New Revision: 3850 Added: trunk/m4/tar-ustar.m4 trunk/tools/gpg-zip.in Modified: trunk/ChangeLog trunk/configure.ac trunk/m4/ChangeLog trunk/tools/ChangeLog trunk/tools/Makefile.am Log: Add gpg-zip, a la PGP Zip. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2005-08-04 09:53:21 UTC (rev 3849) +++ trunk/ChangeLog 2005-08-04 18:50:54 UTC (rev 3850) @@ -1,3 +1,7 @@ +2005-08-04 David Shaw + + * configure.ac: Call GNUPG_CHECK_USTAR and generate tools/gpg-zip. + 2005-07-28 Werner Koch * configure.ac (USE_DNS_PKA): Define in addition to USE_DNS_SRV. Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2005-08-04 09:53:21 UTC (rev 3849) +++ trunk/configure.ac 2005-08-04 18:50:54 UTC (rev 3850) @@ -425,7 +425,6 @@ #endif /*GNUPG_CONFIG_H_INCLUDED*/ ]) - AM_MAINTAINER_MODE dnl Checks for programs. @@ -451,6 +450,7 @@ AM_CONDITIONAL(HAVE_DOCBOOK_TO_MAN, test "$ac_cv_prog_DOCBOOK_TO_MAN" = yes) GNUPG_CHECK_FAQPROG GNUPG_CHECK_DOCBOOK_TO_TEXI +GNUPG_CHECK_USTAR MPI_OPT_FLAGS="" @@ -1322,6 +1322,7 @@ keyserver/gpgkeys_test doc/Makefile tools/Makefile +tools/gpg-zip zlib/Makefile checks/Makefile ]) Modified: trunk/m4/ChangeLog =================================================================== --- trunk/m4/ChangeLog 2005-08-04 09:53:21 UTC (rev 3849) +++ trunk/m4/ChangeLog 2005-08-04 18:50:54 UTC (rev 3850) @@ -1,3 +1,8 @@ +2005-08-04 David Shaw + + * tar-ustar.m4: New. Check for a tar that creates USTAR format + tar files. + 2005-07-20 David Shaw * libcurl.m4: Check that our libcurl has Added: trunk/m4/tar-ustar.m4 =================================================================== --- trunk/m4/tar-ustar.m4 2005-08-04 09:53:21 UTC (rev 3849) +++ trunk/m4/tar-ustar.m4 2005-08-04 18:50:54 UTC (rev 3850) @@ -0,0 +1,43 @@ +dnl Check for a tar program that speaks ustar format +dnl Copyright (C) 2005 Free Software Foundation, Inc. +dnl +dnl This file is free software, distributed under the terms of the GNU +dnl General Public License. As a special exception to the GNU General +dnl Public License, this file may be distributed as part of a program +dnl that contains a configuration script generated by Autoconf, under +dnl the same distribution terms as the rest of that program. + +AC_DEFUN([GNUPG_CHECK_USTAR], +[ + AC_ARG_WITH(tar, + AC_HELP_STRING([--with-tar=PATH],[look for a tar program in PATH]), + [_do_tar=$withval]) + + if test x$_do_tar != xno ; then + + if test x$_do_tar = x ; then + AC_PATH_PROG(TAR,"tar") + _mytar=$ac_cv_path_TAR + fi + + # Check if our tar is ustar format. If so, it's good. TODO: Add some + # code to check various options, etc, to try and create ustar + # format. + + if test x$_mytar != x ; then + AC_MSG_CHECKING([whether $_mytar speaks USTAR]) + echo hithere > conftest.txt + $_mytar -cf - conftest.txt | grep -q ustar + _tar_bad=$? + rm conftest.txt + + if test x$_tar_bad = x0 ; then + AC_MSG_RESULT([yes]) + else + AC_MSG_RESULT([no]) + fi + fi + fi + + AM_CONDITIONAL(HAVE_USTAR, test x$_tar_bad = x0) +])dnl Modified: trunk/tools/ChangeLog =================================================================== --- trunk/tools/ChangeLog 2005-08-04 09:53:21 UTC (rev 3849) +++ trunk/tools/ChangeLog 2005-08-04 18:50:54 UTC (rev 3850) @@ -1,3 +1,10 @@ +2005-08-04 David Shaw + + * gpg-zip.in: New. Script wrapper to work with encrypted tar + files, a la PGP Zip. + + * Makefile.am: Use it if we have a USTAR compatible tar. + 2004-12-18 David Shaw * Makefile.am: Link with readline where needed. Modified: trunk/tools/Makefile.am =================================================================== --- trunk/tools/Makefile.am 2005-08-04 09:53:21 UTC (rev 3849) +++ trunk/tools/Makefile.am 2005-08-04 18:50:54 UTC (rev 3850) @@ -27,6 +27,10 @@ bin_PROGRAMS = gpgsplit noinst_PROGRAMS = mpicalc bftest clean-sat mk-tdata shmtest +if HAVE_USTAR +bin_SCRIPTS = gpg-zip +endif + gpgsplit_LDADD = $(needed_libs) $(other_libs) @ZLIBS@ mpicalc_LDADD = $(needed_libs) $(other_libs) @W32LIBS@ bftest_LDADD = $(needed_libs) $(other_libs) @W32LIBS@ @DLLIBS@ @NETLIBS@ @LIBREADLINE@ Added: trunk/tools/gpg-zip.in =================================================================== --- trunk/tools/gpg-zip.in 2005-08-04 09:53:21 UTC (rev 3849) +++ trunk/tools/gpg-zip.in 2005-08-04 18:50:54 UTC (rev 3850) @@ -0,0 +1,128 @@ +#!/bin/sh + +# gpg-archive - gpg-ized tar using the same format as PGP's PGP Zip. +# Copyright (C) 2005 Free Software Foundation, Inc. +# +# This file is part of GnuPG. +# +# GnuPG is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# GnuPG is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + +# Despite the name, PGP Zip format is actually an OpenPGP-wrapped tar +# file. To be compatible with PGP itself, this must be a USTAR format +# tar file. Unclear on whether there is a distinction here between +# the GNU or POSIX variant of USTAR. + +VERSION=@VERSION@ +TAR=@TAR@ +GPG=gpg + +usage="\ +Usage: gpg-zip [--help] [--version] [--encrypt] [--symmetric] + [--list-archive] [--output FILE] [--gpg GPG] [--gpg-args ARGS] + [--tar TAR] [--tar-args ARGS] filename1 [filename2, ...] + directory1 [directory2, ...] + +Encrypt or sign files into an archive." + +while test $# -gt 0 ; do + case $1 in + -h | --help | --h*) + echo "$usage" + exit 0 + ;; + --list-archive) + list=yes + create=no + shift + ;; + --encrypt | -e) + gpg_args="$gpg_args --encrypt" + list=no + create=yes + shift + ;; + --symmetric | -c) + gpg_args="$gpg_args --symmetric" + list=no + create=yes + shift + ;; + --sign | -s) + gpg_args="$gpg_args --sign" + list=no + create=yes + shift + ;; + --recipient | -r) + gpg_args="$gpg_args --recipient $2" + shift + shift + ;; + --local-user | -u) + gpg_args="$gpg_args --local-user $2" + shift + shift + ;; + --output | -o) + gpg_args="$gpg_args --output $2" + shift + shift + ;; + --version) + echo "gpg-zip (GnuPG) $VERSION" + exit 0 + ;; + --gpg) + GPG=$1 + shift + ;; + --gpg-args) + gpg_args="$gpg_args $2" + shift + shift + ;; + --tar) + TAR=$1 + shift + ;; + --tar-args) + tar_args="$tar_args $2" + shift + shift + ;; + --) + shift + break + ;; + -*) + echo "$usage" 1>&2 + exit 1 + ;; + *) + break + ;; + esac +done + +if test x$create = xyes ; then +# echo "$TAR -cf - $* | $GPG --set-filename x.tar $gpg_args" >&2 + $TAR -cf - $* | $GPG --set-filename x.tar $gpg_args +elif test x$list = xyes ; then +# echo "cat $1 | $GPG $gpg_args | $TAR $tar_args -tf -" >&2 + cat $1 | $GPG $gpg_args | $TAR $tar_args -tf - +else + echo "$usage" 1>&2 + exit 1 +fi From cvs at cvs.gnupg.org Thu Aug 4 22:48:19 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Thu Aug 4 22:20:56 2005 Subject: [svn] GnuPG - r3851 - trunk/g10 Message-ID: Author: dshaw Date: 2005-08-04 22:48:13 +0200 (Thu, 04 Aug 2005) New Revision: 3851 Modified: trunk/g10/ChangeLog trunk/g10/keygen.c Log: * keygen.c (start_tree): Need to use an actual packet type (which we can then delete) to start the tree. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-08-04 18:50:54 UTC (rev 3850) +++ trunk/g10/ChangeLog 2005-08-04 20:48:13 UTC (rev 3851) @@ -1,3 +1,8 @@ +2005-08-04 David Shaw + + * keygen.c (start_tree): Need to use an actual packet type (which + we can then delete) to start the tree. + 2005-08-04 Werner Koch * export.c (do_export_stream): Skip on-card keys when only subkeys Modified: trunk/g10/keygen.c =================================================================== --- trunk/g10/keygen.c 2005-08-04 18:50:54 UTC (rev 3850) +++ trunk/g10/keygen.c 2005-08-04 20:48:13 UTC (rev 3851) @@ -2667,7 +2667,14 @@ PACKET *pkt; pkt=xmalloc_clear(sizeof(*pkt)); - pkt->pkttype=PKT_NONE; + + /* We're not acually using a user ID here - this is just an + arbitrary choice. We delete it anyway. */ + + pkt->pkttype=PKT_USER_ID; + pkt->pkt.user_id=xmalloc_clear(sizeof *pkt->pkt.user_id); + pkt->pkt.user_id->ref=1; + *tree=new_kbnode(pkt); delete_kbnode(*tree); } From cvs at cvs.gnupg.org Thu Aug 4 23:39:43 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Thu Aug 4 23:12:17 2005 Subject: [svn] GnuPG - r3852 - trunk/g10 Message-ID: Author: dshaw Date: 2005-08-04 23:39:43 +0200 (Thu, 04 Aug 2005) New Revision: 3852 Modified: trunk/g10/keygen.c Log: Revert bad patch. Modified: trunk/g10/keygen.c =================================================================== --- trunk/g10/keygen.c 2005-08-04 20:48:13 UTC (rev 3851) +++ trunk/g10/keygen.c 2005-08-04 21:39:43 UTC (rev 3852) @@ -2667,14 +2667,7 @@ PACKET *pkt; pkt=xmalloc_clear(sizeof(*pkt)); - - /* We're not acually using a user ID here - this is just an - arbitrary choice. We delete it anyway. */ - - pkt->pkttype=PKT_USER_ID; - pkt->pkt.user_id=xmalloc_clear(sizeof *pkt->pkt.user_id); - pkt->pkt.user_id->ref=1; - + pkt->pkttype=PKT_NONE; *tree=new_kbnode(pkt); delete_kbnode(*tree); } From cvs at cvs.gnupg.org Thu Aug 4 23:41:12 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Thu Aug 4 23:13:44 2005 Subject: [svn] GnuPG - r3853 - trunk/g10 Message-ID: Author: dshaw Date: 2005-08-04 23:41:11 +0200 (Thu, 04 Aug 2005) New Revision: 3853 Modified: trunk/g10/ChangeLog trunk/g10/keygen.c Log: * keygen.c (write_keyblock): Don't try and build deleted kbnodes since we start our tree with one. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-08-04 21:39:43 UTC (rev 3852) +++ trunk/g10/ChangeLog 2005-08-04 21:41:11 UTC (rev 3853) @@ -1,7 +1,7 @@ 2005-08-04 David Shaw - * keygen.c (start_tree): Need to use an actual packet type (which - we can then delete) to start the tree. + * keygen.c (write_keyblock): Don't try and build deleted kbnodes + since we start our tree with one. 2005-08-04 Werner Koch Modified: trunk/g10/keygen.c =================================================================== --- trunk/g10/keygen.c 2005-08-04 21:39:43 UTC (rev 3852) +++ trunk/g10/keygen.c 2005-08-04 21:41:11 UTC (rev 3853) @@ -3222,15 +3222,21 @@ static int write_keyblock( IOBUF out, KBNODE node ) { - for( ; node ; node = node->next ) { - int rc = build_packet( out, node->pkt ); - if( rc ) { - log_error("build_packet(%d) failed: %s\n", + for( ; node ; node = node->next ) + { + if(!is_deleted_kbnode(node)) + { + int rc = build_packet( out, node->pkt ); + if( rc ) + { + log_error("build_packet(%d) failed: %s\n", node->pkt->pkttype, g10_errstr(rc) ); - return G10ERR_WRITE_FILE; + return G10ERR_WRITE_FILE; + } } } - return 0; + + return 0; } From cvs at cvs.gnupg.org Fri Aug 5 04:03:13 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Fri Aug 5 03:35:48 2005 Subject: [svn] GnuPG - r3854 - trunk/g10 Message-ID: Author: dshaw Date: 2005-08-05 04:03:12 +0200 (Fri, 05 Aug 2005) New Revision: 3854 Modified: trunk/g10/ChangeLog trunk/g10/pkclist.c Log: * pkclist.c (do_edit_ownertrust): Don't allow ownertrust level 0. Noted by Michael Schierl. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-08-04 21:41:11 UTC (rev 3853) +++ trunk/g10/ChangeLog 2005-08-05 02:03:12 UTC (rev 3854) @@ -1,5 +1,8 @@ 2005-08-04 David Shaw + * pkclist.c (do_edit_ownertrust): Don't allow ownertrust level 0. + Noted by Michael Schierl. + * keygen.c (write_keyblock): Don't try and build deleted kbnodes since we start our tree with one. Modified: trunk/g10/pkclist.c =================================================================== --- trunk/g10/pkclist.c 2005-08-04 21:41:11 UTC (rev 3853) +++ trunk/g10/pkclist.c 2005-08-05 02:03:12 UTC (rev 3854) @@ -182,7 +182,7 @@ switch(minimum) { - default: min_num=0; break; + default: case TRUST_UNDEFINED: min_num=1; break; case TRUST_NEVER: min_num=2; break; case TRUST_MARGINAL: min_num=3; break; From cvs at cvs.gnupg.org Fri Aug 5 05:30:14 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Fri Aug 5 05:02:46 2005 Subject: [svn] GnuPG - r3855 - trunk/g10 Message-ID: Author: dshaw Date: 2005-08-05 05:30:13 +0200 (Fri, 05 Aug 2005) New Revision: 3855 Modified: trunk/g10/ChangeLog trunk/g10/keygen.c Log: * keygen.c (proc_parameter_file): Sanity check items in keygen batch file. Noted by Michael Schierl. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-08-05 02:03:12 UTC (rev 3854) +++ trunk/g10/ChangeLog 2005-08-05 03:30:13 UTC (rev 3855) @@ -1,5 +1,8 @@ 2005-08-04 David Shaw + * keygen.c (proc_parameter_file): Sanity check items in keygen + batch file. Noted by Michael Schierl. + * pkclist.c (do_edit_ownertrust): Don't allow ownertrust level 0. Noted by Michael Schierl. Modified: trunk/g10/keygen.c =================================================================== --- trunk/g10/keygen.c 2005-08-05 02:03:12 UTC (rev 3854) +++ trunk/g10/keygen.c 2005-08-05 03:30:13 UTC (rev 3855) @@ -2059,122 +2059,144 @@ proc_parameter_file( struct para_data_s *para, const char *fname, struct output_control_s *outctrl, int card ) { - struct para_data_s *r; - const char *s1, *s2, *s3; - size_t n; - char *p; - int i; + struct para_data_s *r; + const char *s1, *s2, *s3; + size_t n; + char *p; + int have_user_id=0; - /* Check that we have all required parameters. */ - assert( get_parameter( para, pKEYTYPE ) ); - i = get_parameter_algo( para, pKEYTYPE ); - if( i < 1 || check_pubkey_algo2( i, PUBKEY_USAGE_SIG ) ) { - r = get_parameter( para, pKEYTYPE ); - log_error("%s:%d: invalid algorithm\n", fname, r->lnr ); - return -1; + /* Check that we have all required parameters. */ + r = get_parameter( para, pKEYTYPE ); + if(r) + { + if(check_pubkey_algo2(get_parameter_algo(para,pKEYTYPE), + PUBKEY_USAGE_SIG)) + { + log_error("%s:%d: invalid algorithm\n", fname, r->lnr ); + return -1; + } } + else + { + log_error("%s: no Key-Type specified\n",fname); + return -1; + } - if (parse_parameter_usage (fname, para, pKEYUSAGE)) - return -1; + if (parse_parameter_usage (fname, para, pKEYUSAGE)) + return -1; - i = get_parameter_algo( para, pSUBKEYTYPE ); - if( i > 0 && check_pubkey_algo( i ) ) { - r = get_parameter( para, pSUBKEYTYPE ); - log_error("%s:%d: invalid algorithm\n", fname, r->lnr ); + r = get_parameter( para, pSUBKEYTYPE ); + if(r) + { + if(check_pubkey_algo( get_parameter_algo( para, pSUBKEYTYPE))) + { + log_error("%s:%d: invalid algorithm\n", fname, r->lnr ); + return -1; + } + + if(parse_parameter_usage (fname, para, pSUBKEYUSAGE)) return -1; } - if (i > 0 && parse_parameter_usage (fname, para, pSUBKEYUSAGE)) - return -1; - - if( !get_parameter_value( para, pUSERID ) ) { - /* create the formatted user ID */ - s1 = get_parameter_value( para, pNAMEREAL ); - s2 = get_parameter_value( para, pNAMECOMMENT ); - s3 = get_parameter_value( para, pNAMEEMAIL ); - if( s1 || s2 || s3 ) { - n = (s1?strlen(s1):0) + (s2?strlen(s2):0) + (s3?strlen(s3):0); - r = xmalloc_clear( sizeof *r + n + 20 ); - r->key = pUSERID; - p = r->u.value; - if( s1 ) - p = stpcpy(p, s1 ); - if( s2 ) - p = stpcpy(stpcpy(stpcpy(p," ("), s2 ),")"); - if( s3 ) - p = stpcpy(stpcpy(stpcpy(p," <"), s3 ),">"); - r->next = para; - para = r; + if( get_parameter_value( para, pUSERID ) ) + have_user_id=1; + else + { + /* create the formatted user ID */ + s1 = get_parameter_value( para, pNAMEREAL ); + s2 = get_parameter_value( para, pNAMECOMMENT ); + s3 = get_parameter_value( para, pNAMEEMAIL ); + if( s1 || s2 || s3 ) + { + n = (s1?strlen(s1):0) + (s2?strlen(s2):0) + (s3?strlen(s3):0); + r = xmalloc_clear( sizeof *r + n + 20 ); + r->key = pUSERID; + p = r->u.value; + if( s1 ) + p = stpcpy(p, s1 ); + if( s2 ) + p = stpcpy(stpcpy(stpcpy(p," ("), s2 ),")"); + if( s3 ) + p = stpcpy(stpcpy(stpcpy(p," <"), s3 ),">"); + r->next = para; + para = r; + have_user_id=1; } } - /* Set preferences, if any. */ - keygen_set_std_prefs(get_parameter_value( para, pPREFERENCES ), 0); - - /* Set revoker, if any. */ - if (parse_revocation_key (fname, para, pREVOKER)) + if(!have_user_id) + { + log_error("%s: no User-ID specified\n",fname); return -1; + } - /* make DEK and S2K from the Passphrase */ - r = get_parameter( para, pPASSPHRASE ); - if( r && *r->u.value ) { - /* we have a plain text passphrase - create a DEK from it. - * It is a little bit ridiculous to keep it ih secure memory - * but becuase we do this alwasy, why not here */ - STRING2KEY *s2k; - DEK *dek; + /* Set preferences, if any. */ + keygen_set_std_prefs(get_parameter_value( para, pPREFERENCES ), 0); - s2k = xmalloc_secure( sizeof *s2k ); - s2k->mode = opt.s2k_mode; - s2k->hash_algo = S2K_DIGEST_ALGO; - set_next_passphrase( r->u.value ); - dek = passphrase_to_dek( NULL, 0, opt.s2k_cipher_algo, s2k, 2, - NULL, NULL); - set_next_passphrase( NULL ); - assert( dek ); - memset( r->u.value, 0, strlen(r->u.value) ); + /* Set revoker, if any. */ + if (parse_revocation_key (fname, para, pREVOKER)) + return -1; - r = xmalloc_clear( sizeof *r ); - r->key = pPASSPHRASE_S2K; - r->u.s2k = s2k; - r->next = para; - para = r; - r = xmalloc_clear( sizeof *r ); - r->key = pPASSPHRASE_DEK; - r->u.dek = dek; - r->next = para; - para = r; - } + /* make DEK and S2K from the Passphrase */ + r = get_parameter( para, pPASSPHRASE ); + if( r && *r->u.value ) { + /* we have a plain text passphrase - create a DEK from it. + * It is a little bit ridiculous to keep it ih secure memory + * but becuase we do this alwasy, why not here */ + STRING2KEY *s2k; + DEK *dek; - /* make KEYEXPIRE from Expire-Date */ - r = get_parameter( para, pEXPIREDATE ); - if( r && *r->u.value ) - { - u32 seconds; + s2k = xmalloc_secure( sizeof *s2k ); + s2k->mode = opt.s2k_mode; + s2k->hash_algo = S2K_DIGEST_ALGO; + set_next_passphrase( r->u.value ); + dek = passphrase_to_dek( NULL, 0, opt.s2k_cipher_algo, s2k, 2, + NULL, NULL); + set_next_passphrase( NULL ); + assert( dek ); + memset( r->u.value, 0, strlen(r->u.value) ); - seconds = parse_expire_string( r->u.value ); - if( seconds == (u32)-1 ) - { - log_error("%s:%d: invalid expire date\n", fname, r->lnr ); - return -1; - } - r->u.expire = seconds; - r->key = pKEYEXPIRE; /* change hat entry */ - /* also set it for the subkey */ - r = xmalloc_clear( sizeof *r + 20 ); - r->key = pSUBKEYEXPIRE; - r->u.expire = seconds; - r->next = para; - para = r; - } + r = xmalloc_clear( sizeof *r ); + r->key = pPASSPHRASE_S2K; + r->u.s2k = s2k; + r->next = para; + para = r; + r = xmalloc_clear( sizeof *r ); + r->key = pPASSPHRASE_DEK; + r->u.dek = dek; + r->next = para; + para = r; + } - if( !!outctrl->pub.newfname ^ !!outctrl->sec.newfname ) { - log_error("%s:%d: only one ring name is set\n", fname, outctrl->lnr ); - return -1; + /* make KEYEXPIRE from Expire-Date */ + r = get_parameter( para, pEXPIREDATE ); + if( r && *r->u.value ) + { + u32 seconds; + + seconds = parse_expire_string( r->u.value ); + if( seconds == (u32)-1 ) + { + log_error("%s:%d: invalid expire date\n", fname, r->lnr ); + return -1; + } + r->u.expire = seconds; + r->key = pKEYEXPIRE; /* change hat entry */ + /* also set it for the subkey */ + r = xmalloc_clear( sizeof *r + 20 ); + r->key = pSUBKEYEXPIRE; + r->u.expire = seconds; + r->next = para; + para = r; } - do_generate_keypair( para, outctrl, card ); - return 0; + if( !!outctrl->pub.newfname ^ !!outctrl->sec.newfname ) { + log_error("%s:%d: only one ring name is set\n", fname, outctrl->lnr ); + return -1; + } + + do_generate_keypair( para, outctrl, card ); + return 0; } From cvs at cvs.gnupg.org Fri Aug 5 15:09:33 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Fri Aug 5 14:42:02 2005 Subject: [svn] GnuPG - r3856 - trunk/tools Message-ID: Author: dshaw Date: 2005-08-05 15:09:32 +0200 (Fri, 05 Aug 2005) New Revision: 3856 Modified: trunk/tools/ChangeLog trunk/tools/gpg-zip.in Log: * gpg-zip.in: Add --decrypt functionality. Fix quoting so filenames with spaces work properly. Modified: trunk/tools/ChangeLog =================================================================== --- trunk/tools/ChangeLog 2005-08-05 03:30:13 UTC (rev 3855) +++ trunk/tools/ChangeLog 2005-08-05 13:09:32 UTC (rev 3856) @@ -1,3 +1,8 @@ +2005-08-05 David Shaw + + * gpg-zip.in: Add --decrypt functionality. Fix quoting so + filenames with spaces work properly. + 2005-08-04 David Shaw * gpg-zip.in: New. Script wrapper to work with encrypted tar Modified: trunk/tools/gpg-zip.in =================================================================== --- trunk/tools/gpg-zip.in 2005-08-05 03:30:13 UTC (rev 3855) +++ trunk/tools/gpg-zip.in 2005-08-05 13:09:32 UTC (rev 3856) @@ -29,7 +29,7 @@ GPG=gpg usage="\ -Usage: gpg-zip [--help] [--version] [--encrypt] [--symmetric] +Usage: gpg-zip [--help] [--version] [--encrypt] [--decrypt] [--symmetric] [--list-archive] [--output FILE] [--gpg GPG] [--gpg-args ARGS] [--tar TAR] [--tar-args ARGS] filename1 [filename2, ...] directory1 [directory2, ...] @@ -45,24 +45,35 @@ --list-archive) list=yes create=no + unpack=no shift ;; --encrypt | -e) gpg_args="$gpg_args --encrypt" list=no create=yes + unpack=no shift ;; + --decrypt | -d) + gpg_args="$gpg_args --decrypt" + list=no + create=no + unpack=yes + shift + ;; --symmetric | -c) gpg_args="$gpg_args --symmetric" list=no create=yes + unpack=no shift ;; --sign | -s) gpg_args="$gpg_args --sign" list=no create=yes + unpack=no shift ;; --recipient | -r) @@ -117,11 +128,14 @@ done if test x$create = xyes ; then -# echo "$TAR -cf - $* | $GPG --set-filename x.tar $gpg_args" >&2 - $TAR -cf - $* | $GPG --set-filename x.tar $gpg_args +# echo "$TAR -cf - "$@" | $GPG --set-filename x.tar $gpg_args" 1>&2 + $TAR -cf - "$@" | $GPG --set-filename x.tar $gpg_args elif test x$list = xyes ; then -# echo "cat $1 | $GPG $gpg_args | $TAR $tar_args -tf -" >&2 - cat $1 | $GPG $gpg_args | $TAR $tar_args -tf - +# echo "cat \"$1\" | $GPG $gpg_args | $TAR $tar_args -tf -" 1>&2 + cat "$1" | $GPG $gpg_args | $TAR $tar_args -tf - +elif test x$unpack = xyes ; then +# echo "cat \"$1\" | $GPG $gpg_args | $TAR $tar_args -xvf -" 1>&2 + cat "$1" | $GPG $gpg_args | $TAR $tar_args -xvf - else echo "$usage" 1>&2 exit 1 From cvs at cvs.gnupg.org Fri Aug 5 16:47:00 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Fri Aug 5 16:19:30 2005 Subject: [svn] GnuPG - r3857 - trunk/g10 Message-ID: Author: wk Date: 2005-08-05 16:46:59 +0200 (Fri, 05 Aug 2005) New Revision: 3857 Modified: trunk/g10/ChangeLog trunk/g10/getkey.c trunk/g10/gpgv.c trunk/g10/keygen.c trunk/g10/keyserver.c trunk/g10/main.h trunk/g10/mainproc.c trunk/g10/misc.c trunk/g10/options.h trunk/g10/pkclist.c Log: auto retrieve keys from PKA. Thsi allows to specify an email address so that gpg can get the key from DNS. This helps with opportunistic encryption. No integration with the trust modell yet. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-08-05 13:09:32 UTC (rev 3856) +++ trunk/g10/ChangeLog 2005-08-05 14:46:59 UTC (rev 3857) @@ -1,3 +1,21 @@ +2005-08-05 Werner Koch + + * gpgv.c (keyserver_import_fprint): New stub. + + * keygen.c (ask_user_id): Moved email checking code out to .. + * misc.c (is_valid_mailbox): .. new. + * mainproc.c (get_pka_address): Use it here. + * getkey.c (get_pubkey_byname): Add falback to auto-retrieve a key + via the PKA mechanism. + + * options.h (KEYSERVER_AUTO_PKA_RETRIEVE): New. + * keyserver.c (keyserver_opts): Ditto. + * mainproc.c (check_sig_and_print): Use it here to retrieve keys + from a PKA DNS record. + + * pkclist.c (build_pk_list): Add comments to this function; + re-indented it. + 2005-08-04 David Shaw * keygen.c (proc_parameter_file): Sanity check items in keygen Modified: trunk/g10/getkey.c =================================================================== --- trunk/g10/getkey.c 2005-08-05 13:09:32 UTC (rev 3856) +++ trunk/g10/getkey.c 2005-08-05 14:46:59 UTC (rev 3857) @@ -35,6 +35,7 @@ #include "main.h" #include "trustdb.h" #include "i18n.h" +#include "keyserver-internal.h" #define MAX_PK_CACHE_ENTRIES PK_UID_CACHE_SIZE #define MAX_UID_CACHE_ENTRIES PK_UID_CACHE_SIZE @@ -886,24 +887,59 @@ return rc; } -/* - * Find a public key from NAME and returh the keyblock or the key. - * If ret_kdb is not NULL, the KEYDB handle used to locate this keyblock is - * returned and the caller is responsible for closing it. - */ + + +/* Find a public key from NAME and return the keyblock or the key. If + ret_kdb is not NULL, the KEYDB handle used to locate this keyblock + is returned and the caller is responsible for closing it. If a key + was not found and NAME is a valid RFC822 mailbox and PKA retrieval + has been enabled, we try to import the pkea via the PKA + mechanism. */ int get_pubkey_byname (PKT_public_key *pk, const char *name, KBNODE *ret_keyblock, KEYDB_HANDLE *ret_kdbhd, int include_unusable ) { - int rc; - STRLIST namelist = NULL; + int rc; + int again = 0; + STRLIST namelist = NULL; - add_to_strlist( &namelist, name ); - rc = key_byname( NULL, namelist, pk, NULL, 0, - include_unusable, ret_keyblock, ret_kdbhd); - free_strlist( namelist ); - return rc; + add_to_strlist( &namelist, name ); + retry: + rc = key_byname( NULL, namelist, pk, NULL, 0, + include_unusable, ret_keyblock, ret_kdbhd); + if (rc == G10ERR_NO_PUBKEY + && !again + && (opt.keyserver_options.options&KEYSERVER_AUTO_PKA_RETRIEVE) + && is_valid_mailbox (name)) + { + /* If the requested name resembles a valid mailbox and + automatic retrieval via PKA records has been enabled, we + try to import the key via the URI and try again. */ + unsigned char fpr[MAX_FINGERPRINT_LEN]; + char *uri; + struct keyserver_spec *spec; + + uri = get_pka_info (name, fpr); + if (uri) + { + spec = parse_keyserver_uri (uri, 0, NULL, 0); + if (spec) + { + glo_ctrl.in_auto_key_retrieve++; + if (!keyserver_import_fprint (fpr, 20, spec)) + again = 1; + glo_ctrl.in_auto_key_retrieve--; + free_keyserver_spec (spec); + } + xfree (uri); + } + if (again) + goto retry; + } + + free_strlist( namelist ); + return rc; } int Modified: trunk/g10/gpgv.c =================================================================== --- trunk/g10/gpgv.c 2005-08-05 13:09:32 UTC (rev 3856) +++ trunk/g10/gpgv.c 2005-08-05 14:46:59 UTC (rev 3857) @@ -281,6 +281,18 @@ } /* Stub: + * Because we only work with trusted keys, it does not make sense to + * get them from a keyserver + */ +int +keyserver_import_fprint (const byte *fprint, size_t fprint_len, + struct keyserver_spec *keyserver) +{ + return -1; +} + + +/* Stub: * No encryption here but mainproc links to these functions. */ int Modified: trunk/g10/keygen.c =================================================================== --- trunk/g10/keygen.c 2005-08-05 13:09:32 UTC (rev 3856) +++ trunk/g10/keygen.c 2005-08-05 14:46:59 UTC (rev 3857) @@ -1655,13 +1655,8 @@ cpr_kill_prompt(); if( !*amail || opt.allow_freeform_uid ) break; /* no email address is okay */ - else if( has_invalid_email_chars(amail) - || string_count_chr(amail,'@') != 1 - || *amail == '@' - || amail[strlen(amail)-1] == '@' - || amail[strlen(amail)-1] == '.' - || strstr(amail, "..") ) - tty_printf(_("Not a valid email address\n")); + else if ( !is_valid_mailbox (amail) ) + tty_printf(_("Not a valid email address\n")); else break; } Modified: trunk/g10/keyserver.c =================================================================== --- trunk/g10/keyserver.c 2005-08-05 13:09:32 UTC (rev 3856) +++ trunk/g10/keyserver.c 2005-08-05 14:46:59 UTC (rev 3857) @@ -69,6 +69,7 @@ {"keep-temp-files",KEYSERVER_KEEP_TEMP_FILES,NULL}, {"refresh-add-fake-v3-keyids",KEYSERVER_ADD_FAKE_V3,NULL}, {"auto-key-retrieve",KEYSERVER_AUTO_KEY_RETRIEVE,NULL}, + {"auto-pka-retrieve",KEYSERVER_AUTO_PKA_RETRIEVE,NULL}, {"try-dns-srv",KEYSERVER_TRY_DNS_SRV,NULL}, {"honor-keyserver-url",KEYSERVER_HONOR_KEYSERVER_URL,NULL}, {NULL,0,NULL} Modified: trunk/g10/main.h =================================================================== --- trunk/g10/main.h 2005-08-05 13:09:32 UTC (rev 3856) +++ trunk/g10/main.h 2005-08-05 14:46:59 UTC (rev 3857) @@ -126,6 +126,7 @@ struct parse_options *opts,int noisy); char *unescape_percent_string (const unsigned char *s); int has_invalid_email_chars (const char *s); +int is_valid_mailbox (const char *name); char *default_homedir (void); const char *get_libexecdir (void); Modified: trunk/g10/mainproc.c =================================================================== --- trunk/g10/mainproc.c 2005-08-05 13:09:32 UTC (rev 3856) +++ trunk/g10/mainproc.c 2005-08-05 14:46:59 UTC (rev 3857) @@ -1334,7 +1334,7 @@ memcpy (pka->email, p, n2); pka->email[n2] = 0; - if (has_invalid_email_chars (pka->email)) + if (!is_valid_mailbox (pka->email)) { /* We don't accept invalid mail addresses. */ xfree (pka); @@ -1502,12 +1502,15 @@ /* If the preferred keyserver thing above didn't work, our second try is to use the URI from a DNS PKA record. */ - if ( rc == G10ERR_NO_PUBKEY ) + if ( rc == G10ERR_NO_PUBKEY + && (opt.keyserver_options.options&KEYSERVER_AUTO_PKA_RETRIEVE)) { const char *uri = pka_uri_from_sig (sig); if (uri) { + /* FIXME: We might want to locate the key using the + fingerprint instead of the keyid. */ int res; struct keyserver_spec *spec; Modified: trunk/g10/misc.c =================================================================== --- trunk/g10/misc.c 2005-08-05 13:09:32 UTC (rev 3856) +++ trunk/g10/misc.c 2005-08-05 14:46:59 UTC (rev 3857) @@ -1088,6 +1088,20 @@ } +/* Check whether NAME represents a valid mailbox according to + RFC822. Returns true if so. */ +int +is_valid_mailbox (const char *name) +{ + return !( !name + || !*name + || has_invalid_email_chars (name) + || string_count_chr (name,'@') != 1 + || *name == '@' + || name[strlen(name)-1] == '@' + || name[strlen(name)-1] == '.' + || strstr (name, "..") ); +} /* This is a helper function to load a Windows function from either of Modified: trunk/g10/options.h =================================================================== --- trunk/g10/options.h 2005-08-05 13:09:32 UTC (rev 3856) +++ trunk/g10/options.h 2005-08-05 14:46:59 UTC (rev 3857) @@ -299,5 +299,6 @@ #define KEYSERVER_AUTO_KEY_RETRIEVE (1<<5) #define KEYSERVER_TRY_DNS_SRV (1<<6) #define KEYSERVER_HONOR_KEYSERVER_URL (1<<7) +#define KEYSERVER_AUTO_PKA_RETRIEVE (1<<8) #endif /*G10_OPTIONS_H*/ Modified: trunk/g10/pkclist.c =================================================================== --- trunk/g10/pkclist.c 2005-08-05 13:09:32 UTC (rev 3856) +++ trunk/g10/pkclist.c 2005-08-05 14:46:59 UTC (rev 3857) @@ -1,6 +1,6 @@ /* pkclist.c * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, - * 2004 Free Software Foundation, Inc. + * 2004, 2005 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -744,326 +744,423 @@ return output; } + +/* This is the central function to collect the keys for recipients. + It is thus used to prepare a public key encryption. encrypt-to + keys, default keys and the keys for the actual recipients are all + collected here. When not in batch mode and no recipient has been + passed on the commandline, the function will also ask for + recipients. + + RCPTS is a string list with the recipients; NULL is an allowed + value but not very useful. Group expansion is done on these names; + they may be in any of the user Id formats we can handle. The flags + bits for each string in the string list are used for: + Bit 0: This is an encrypt-to recipient. + Bit 1: This is a hidden recipient. + + USE is the desired use for the key - usually PUBKEY_USAGE_ENC. + RET_PK_LIST. + + On success a list of keys is stored at the address RET_PK_LIST; the + caller must free this list. On error the value at this address is + not changed. + */ int -build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned use ) +build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned int use ) { - PK_LIST pk_list = NULL; - PKT_public_key *pk=NULL; - int rc=0; - int any_recipients=0; - STRLIST rov,remusr; - char *def_rec = NULL; + PK_LIST pk_list = NULL; + PKT_public_key *pk=NULL; + int rc=0; + int any_recipients=0; + STRLIST rov,remusr; + char *def_rec = NULL; - if(opt.grouplist) - remusr=expand_group(rcpts); - else - remusr=rcpts; + /* Try to expand groups if any have been defined. */ + if (opt.grouplist) + remusr = expand_group (rcpts); + else + remusr = rcpts; - /* check whether there are any recipients in the list and build the - * list of the encrypt-to ones (we always trust them) */ - for( rov = remusr; rov; rov = rov->next ) { - if( !(rov->flags & 1) ) - { - any_recipients = 1; + /* Check whether there are any recipients in the list and build the + * list of the encrypt-to ones (we always trust them). */ + for ( rov = remusr; rov; rov = rov->next ) + { + if ( !(rov->flags & 1) ) + { + /* This is a regular recipient; i.e. not an encrypt-to + one. */ + any_recipients = 1; - if((rov->flags&2) && (PGP2 || PGP6 || PGP7 || PGP8)) - { - log_info(_("you may not use %s while in %s mode\n"), - "--hidden-recipient", - compliance_option_string()); + /* Hidden recipients are not allowed while in PGP mode, + issue a warning and switch into GnuPG mode. */ + if ((rov->flags&2) && (PGP2 || PGP6 || PGP7 || PGP8)) + { + log_info(_("you may not use %s while in %s mode\n"), + "--hidden-recipient", + compliance_option_string()); - compliance_failure(); - } - } - else if( (use & PUBKEY_USAGE_ENC) && !opt.no_encrypt_to ) { - pk = xmalloc_clear( sizeof *pk ); - pk->req_usage = use; - /* We can encrypt-to a disabled key */ - if( (rc = get_pubkey_byname( pk, rov->d, NULL, NULL, 1 )) ) { - free_public_key( pk ); pk = NULL; - log_error(_("%s: skipped: %s\n"), rov->d, g10_errstr(rc) ); - write_status_text_and_buffer (STATUS_INV_RECP, "0 ", - rov->d, strlen (rov->d), -1); - goto fail; + compliance_failure(); } - else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use )) ) { - /* Skip the actual key if the key is already present - * in the list */ - if (key_present_in_pk_list(pk_list, pk) == 0) { - free_public_key(pk); pk = NULL; - log_info(_("%s: skipped: public key already present\n"), - rov->d); - } - else { - PK_LIST r; - r = xmalloc( sizeof *r ); - r->pk = pk; pk = NULL; - r->next = pk_list; - r->flags = (rov->flags&2)?1:0; - pk_list = r; + } + else if ( (use & PUBKEY_USAGE_ENC) && !opt.no_encrypt_to ) + { + /* Encryption has been requested and --encrypt-to has not + been disabled. Check this encrypt-to key. */ + pk = xmalloc_clear( sizeof *pk ); + pk->req_usage = use; - if(r->flags&1 && (PGP2 || PGP6 || PGP7 || PGP8)) - { - log_info(_("you may not use %s while in %s mode\n"), - "--hidden-encrypt-to", - compliance_option_string()); + /* We explicitly allow encrypt-to to an disabled key; thus + we pass 1 as last argument. */ + if ( (rc = get_pubkey_byname ( pk, rov->d, NULL, NULL, 1 )) ) + { + free_public_key ( pk ); pk = NULL; + log_error (_("%s: skipped: %s\n"), rov->d, g10_errstr(rc) ); + write_status_text_and_buffer (STATUS_INV_RECP, "0 ", + rov->d, strlen (rov->d), -1); + goto fail; + } + else if ( !(rc=check_pubkey_algo2 (pk->pubkey_algo, use )) ) + { + /* Skip the actual key if the key is already present + * in the list. Add it to our list if not. */ + if (key_present_in_pk_list(pk_list, pk) == 0) + { + free_public_key (pk); pk = NULL; + log_info (_("%s: skipped: public key already present\n"), + rov->d); + } + else + { + PK_LIST r; + r = xmalloc( sizeof *r ); + r->pk = pk; pk = NULL; + r->next = pk_list; + r->flags = (rov->flags&2)?1:0; + pk_list = r; - compliance_failure(); - } - } - } - else { - free_public_key( pk ); pk = NULL; - log_error(_("%s: skipped: %s\n"), rov->d, g10_errstr(rc) ); - write_status_text_and_buffer (STATUS_INV_RECP, "0 ", - rov->d, strlen (rov->d), -1); - goto fail; - } - } + /* Hidden encrypt-to recipients are not allowed while + in PGP mode, issue a warning and switch into + GnuPG mode. */ + if ((r->flags&1) && (PGP2 || PGP6 || PGP7 || PGP8)) + { + log_info(_("you may not use %s while in %s mode\n"), + "--hidden-encrypt-to", + compliance_option_string()); + + compliance_failure(); + } + } + } + else + { + /* The public key is not usable for encryption or not + available. */ + free_public_key( pk ); pk = NULL; + log_error(_("%s: skipped: %s\n"), rov->d, g10_errstr(rc) ); + write_status_text_and_buffer (STATUS_INV_RECP, "0 ", + rov->d, strlen (rov->d), -1); + goto fail; + } + } } - if( !any_recipients && !opt.batch ) { /* ask */ - int have_def_rec; - char *answer=NULL; - STRLIST backlog=NULL; + /* If we don't have any recipients yet and we are not in batch mode + drop into interactive selection mode. */ + if ( !any_recipients && !opt.batch ) + { + int have_def_rec; + char *answer = NULL; + STRLIST backlog = NULL; - if(pk_list) - any_recipients = 1; - def_rec = default_recipient(); - have_def_rec = !!def_rec; - if( !have_def_rec ) - tty_printf(_( - "You did not specify a user ID. (you may use \"-r\")\n")); - for(;;) { - rc = 0; - xfree(answer); - if( have_def_rec ) { - answer = def_rec; - def_rec = NULL; - } - else if(backlog) { - answer=pop_strlist(&backlog); - } - else - { - PK_LIST iter; + if (pk_list) + any_recipients = 1; + def_rec = default_recipient(); + have_def_rec = !!def_rec; + if ( !have_def_rec ) + tty_printf(_("You did not specify a user ID. (you may use \"-r\")\n")); - tty_printf("\n"); - tty_printf(_("Current recipients:\n")); - for(iter=pk_list;iter;iter=iter->next) - { - u32 keyid[2]; + for (;;) + { + rc = 0; + xfree(answer); + if ( have_def_rec ) + { + /* A default recipient is taken as the first entry. */ + answer = def_rec; + def_rec = NULL; + } + else if (backlog) + { + /* This is part of our trick to expand and display groups. */ + answer = pop_strlist (&backlog); + } + else + { + /* Show the list of already collected recipients and ask + for more. */ + PK_LIST iter; - keyid_from_pk(iter->pk,keyid); - tty_printf("%4u%c/%s %s \"", - nbits_from_pk(iter->pk), - pubkey_letter(iter->pk->pubkey_algo), - keystr(keyid), - datestr_from_pk(iter->pk)); + tty_printf("\n"); + tty_printf(_("Current recipients:\n")); + for (iter=pk_list;iter;iter=iter->next) + { + u32 keyid[2]; - if(iter->pk->user_id) - tty_print_utf8_string(iter->pk->user_id->name, - iter->pk->user_id->len); - else - { - size_t n; - char *p = get_user_id( keyid, &n ); - tty_print_utf8_string( p, n ); - xfree(p); - } - tty_printf("\"\n"); - } + keyid_from_pk(iter->pk,keyid); + tty_printf("%4u%c/%s %s \"", + nbits_from_pk(iter->pk), + pubkey_letter(iter->pk->pubkey_algo), + keystr(keyid), + datestr_from_pk(iter->pk)); - answer = cpr_get_utf8("pklist.user_id.enter", - _("\nEnter the user ID. End with an empty line: ")); - trim_spaces(answer); - cpr_kill_prompt(); - } - if( !answer || !*answer ) { - xfree(answer); - break; - } - if(expand_id(answer,&backlog,0)) - continue; - if( pk ) - free_public_key( pk ); - pk = xmalloc_clear( sizeof *pk ); - pk->req_usage = use; - rc = get_pubkey_byname( pk, answer, NULL, NULL, 0 ); - if( rc ) - tty_printf(_("No such user ID.\n")); - else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use)) ) { - if( have_def_rec ) { - if (key_present_in_pk_list(pk_list, pk) == 0) { - free_public_key(pk); pk = NULL; - log_info(_("skipped: public key " - "already set as default recipient\n") ); - } - else { - PK_LIST r = xmalloc( sizeof *r ); - r->pk = pk; pk = NULL; - r->next = pk_list; - r->flags = 0; /* no throwing default ids */ - pk_list = r; - } - any_recipients = 1; - continue; - } - else { - int trustlevel; + if (iter->pk->user_id) + tty_print_utf8_string(iter->pk->user_id->name, + iter->pk->user_id->len); + else + { + size_t n; + char *p = get_user_id( keyid, &n ); + tty_print_utf8_string( p, n ); + xfree(p); + } + tty_printf("\"\n"); + } + + answer = cpr_get_utf8("pklist.user_id.enter", + _("\nEnter the user ID. " + "End with an empty line: ")); + trim_spaces(answer); + cpr_kill_prompt(); + } + + if ( !answer || !*answer ) + { + xfree(answer); + break; /* No more recipients entered - get out of loop. */ + } + + /* Do group expand here too. The trick here is to continue + the loop if any expansion occured. The code above will + then list all expanded keys. */ + if (expand_id(answer,&backlog,0)) + continue; + + /* Get and check key for the current name. */ + if (pk) + free_public_key (pk); + pk = xmalloc_clear( sizeof *pk ); + pk->req_usage = use; + rc = get_pubkey_byname( pk, answer, NULL, NULL, 0 ); + if (rc) + tty_printf(_("No such user ID.\n")); + else if ( !(rc=check_pubkey_algo2(pk->pubkey_algo, use)) ) + { + if ( have_def_rec ) + { + /* No validation for a default recipient. */ + if (!key_present_in_pk_list(pk_list, pk)) + { + free_public_key (pk); pk = NULL; + log_info (_("skipped: public key " + "already set as default recipient\n") ); + } + else + { + PK_LIST r = xmalloc (sizeof *r); + r->pk = pk; pk = NULL; + r->next = pk_list; + r->flags = 0; /* No throwing default ids. */ + pk_list = r; + } + any_recipients = 1; + continue; + } + else + { /* Check validity of this key. */ + int trustlevel; - trustlevel = get_validity (pk, pk->user_id); - if( (trustlevel & TRUST_FLAG_DISABLED) ) { - tty_printf(_("Public key is disabled.\n") ); - } - else if( do_we_trust_pre( pk, trustlevel ) ) { - /* Skip the actual key if the key is already present - * in the list */ - if (key_present_in_pk_list(pk_list, pk) == 0) { - free_public_key(pk); pk = NULL; - log_info(_("skipped: public key already set\n") ); - } - else { - PK_LIST r; - r = xmalloc( sizeof *r ); - r->pk = pk; pk = NULL; - r->next = pk_list; - r->flags = 0; /* no throwing interactive ids */ - pk_list = r; - } - any_recipients = 1; - continue; - } - } - } - xfree(def_rec); def_rec = NULL; - have_def_rec = 0; - } - if( pk ) { - free_public_key( pk ); - pk = NULL; - } + trustlevel = get_validity (pk, pk->user_id); + if ( (trustlevel & TRUST_FLAG_DISABLED) ) + { + tty_printf (_("Public key is disabled.\n") ); + } + else if ( do_we_trust_pre (pk, trustlevel) ) + { + /* Skip the actual key if the key is already + * present in the list */ + if (!key_present_in_pk_list(pk_list, pk)) + { + free_public_key(pk); pk = NULL; + log_info(_("skipped: public key already set\n") ); + } + else + { + PK_LIST r; + r = xmalloc( sizeof *r ); + r->pk = pk; pk = NULL; + r->next = pk_list; + r->flags = 0; /* No throwing interactive ids. */ + pk_list = r; + } + any_recipients = 1; + continue; + } + } + } + xfree(def_rec); def_rec = NULL; + have_def_rec = 0; + } + if ( pk ) + { + free_public_key( pk ); + pk = NULL; + } } - else if( !any_recipients && (def_rec = default_recipient()) ) { - pk = xmalloc_clear( sizeof *pk ); - pk->req_usage = use; - /* The default recipient may be disabled */ - rc = get_pubkey_byname( pk, def_rec, NULL, NULL, 1 ); - if( rc ) - log_error(_("unknown default recipient \"%s\"\n"), def_rec ); - else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use)) ) { - /* Mark any_recipients here since the default recipient + else if ( !any_recipients && (def_rec = default_recipient()) ) + { + /* We are in batch mode and have only a default recipient. */ + pk = xmalloc_clear( sizeof *pk ); + pk->req_usage = use; + + /* The default recipient is allowed to be disabled; thus pass 1 + as last argument. */ + rc = get_pubkey_byname (pk, def_rec, NULL, NULL, 1); + if (rc) + log_error(_("unknown default recipient \"%s\"\n"), def_rec ); + else if ( !(rc=check_pubkey_algo2(pk->pubkey_algo, use)) ) + { + /* Mark any_recipients here since the default recipient would have been used if it wasn't already there. It doesn't really matter if we got this key from the default recipient or an encrypt-to. */ - any_recipients = 1; - if (key_present_in_pk_list(pk_list, pk) == 0) - log_info(_("skipped: public key already set as default recipient\n")); - else { - PK_LIST r = xmalloc( sizeof *r ); - r->pk = pk; pk = NULL; - r->next = pk_list; - r->flags = 0; /* no throwing default ids */ - pk_list = r; - } - } - if( pk ) { - free_public_key( pk ); - pk = NULL; - } - xfree(def_rec); def_rec = NULL; + any_recipients = 1; + if (!key_present_in_pk_list(pk_list, pk)) + log_info (_("skipped: public key already set " + "as default recipient\n")); + else + { + PK_LIST r = xmalloc( sizeof *r ); + r->pk = pk; pk = NULL; + r->next = pk_list; + r->flags = 0; /* No throwing default ids. */ + pk_list = r; + } + } + if ( pk ) + { + free_public_key( pk ); + pk = NULL; + } + xfree(def_rec); def_rec = NULL; } - else { - any_recipients = 0; - for(; remusr; remusr = remusr->next ) { - if( (remusr->flags & 1) ) - continue; /* encrypt-to keys are already handled */ + else + { + /* General case: Check all keys. */ + any_recipients = 0; + for (; remusr; remusr = remusr->next ) + { + if ( (remusr->flags & 1) ) + continue; /* encrypt-to keys are already handled. */ - pk = xmalloc_clear( sizeof *pk ); - pk->req_usage = use; - if( (rc = get_pubkey_byname( pk, remusr->d, NULL, NULL, 0 )) ) { - free_public_key( pk ); pk = NULL; - log_error(_("%s: skipped: %s\n"), remusr->d, g10_errstr(rc) ); - write_status_text_and_buffer (STATUS_INV_RECP, "0 ", - remusr->d, strlen (remusr->d), - -1); - goto fail; - } - else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use )) ) { - int trustlevel; + pk = xmalloc_clear( sizeof *pk ); + pk->req_usage = use; + if ( (rc = get_pubkey_byname( pk, remusr->d, NULL, NULL, 0 )) ) + { + /* Key not found or other error. */ + free_public_key( pk ); pk = NULL; + log_error(_("%s: skipped: %s\n"), remusr->d, g10_errstr(rc) ); + write_status_text_and_buffer (STATUS_INV_RECP, "0 ", + remusr->d, strlen (remusr->d), + -1); + goto fail; + } + else if ( !(rc=check_pubkey_algo2(pk->pubkey_algo, use )) ) + { + /* Key found and usable. Check validity. */ + int trustlevel; + + trustlevel = get_validity (pk, pk->user_id); + if ( (trustlevel & TRUST_FLAG_DISABLED) ) + { + /*Key has been disabled. */ + free_public_key(pk); pk = NULL; + log_info(_("%s: skipped: public key is disabled\n"), + remusr->d); + write_status_text_and_buffer (STATUS_INV_RECP, "0 ", + remusr->d, + strlen (remusr->d), + -1); + rc=G10ERR_UNU_PUBKEY; + goto fail; + } + else if ( do_we_trust_pre( pk, trustlevel ) ) + { + /* Note: do_we_trust may have changed the trustlevel */ - trustlevel = get_validity (pk, pk->user_id); - if( (trustlevel & TRUST_FLAG_DISABLED) ) { - free_public_key(pk); pk = NULL; - log_info(_("%s: skipped: public key is disabled\n"), - remusr->d); - write_status_text_and_buffer (STATUS_INV_RECP, "0 ", - remusr->d, - strlen (remusr->d), - -1); - rc=G10ERR_UNU_PUBKEY; - goto fail; - } - else if( do_we_trust_pre( pk, trustlevel ) ) { - /* note: do_we_trust may have changed the trustlevel */ + /* We have at least one valid recipient. It doesn't + * matters if this recipient is already present. */ + any_recipients = 1; - /* We have at least one valid recipient. It doesn't matters - * if this recipient is already present. */ - any_recipients = 1; - - /* Skip the actual key if the key is already present - * in the list */ - if (key_present_in_pk_list(pk_list, pk) == 0) { - free_public_key(pk); pk = NULL; - log_info(_("%s: skipped: public key already present\n"), - remusr->d); - } - else { - PK_LIST r; - r = xmalloc( sizeof *r ); - r->pk = pk; pk = NULL; - r->next = pk_list; - r->flags = (remusr->flags&2)?1:0; - pk_list = r; - } - } - else { /* we don't trust this pk */ - free_public_key( pk ); pk = NULL; - write_status_text_and_buffer (STATUS_INV_RECP, "10 ", - remusr->d, - strlen (remusr->d), - -1); - rc=G10ERR_UNU_PUBKEY; - goto fail; - } - } - else { - free_public_key( pk ); pk = NULL; - write_status_text_and_buffer (STATUS_INV_RECP, "0 ", - remusr->d, - strlen (remusr->d), - -1); - log_error(_("%s: skipped: %s\n"), remusr->d, g10_errstr(rc) ); - goto fail; - } - } + /* Skip the actual key if the key is already present + * in the list */ + if (!key_present_in_pk_list(pk_list, pk)) + { + free_public_key(pk); pk = NULL; + log_info(_("%s: skipped: public key already present\n"), + remusr->d); + } + else + { + PK_LIST r; + r = xmalloc( sizeof *r ); + r->pk = pk; pk = NULL; + r->next = pk_list; + r->flags = (remusr->flags&2)?1:0; + pk_list = r; + } + } + else + { /* We don't trust this key. */ + free_public_key( pk ); pk = NULL; + write_status_text_and_buffer (STATUS_INV_RECP, "10 ", + remusr->d, + strlen (remusr->d), + -1); + rc=G10ERR_UNU_PUBKEY; + goto fail; + } + } + else + { + /* Key found but not usable for us (e.g. sign-only key). */ + free_public_key( pk ); pk = NULL; + write_status_text_and_buffer (STATUS_INV_RECP, "0 ", + remusr->d, + strlen (remusr->d), + -1); + log_error(_("%s: skipped: %s\n"), remusr->d, g10_errstr(rc) ); + goto fail; + } + } } - - if( !rc && !any_recipients ) { - log_error(_("no valid addressees\n")); - write_status_text (STATUS_NO_RECP, "0"); - rc = G10ERR_NO_USER_ID; + + if ( !rc && !any_recipients ) + { + log_error(_("no valid addressees\n")); + write_status_text (STATUS_NO_RECP, "0"); + rc = G10ERR_NO_USER_ID; } - + fail: - if( rc ) - release_pk_list( pk_list ); - else - *ret_pk_list = pk_list; - if(opt.grouplist) - free_strlist(remusr); - return rc; + if ( rc ) + release_pk_list( pk_list ); + else + *ret_pk_list = pk_list; + if (opt.grouplist) + free_strlist(remusr); + return rc; } From cvs at cvs.gnupg.org Fri Aug 5 18:30:18 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Fri Aug 5 18:02:48 2005 Subject: [svn] GnuPG - r3858 - trunk/m4 Message-ID: Author: dshaw Date: 2005-08-05 18:30:12 +0200 (Fri, 05 Aug 2005) New Revision: 3858 Modified: trunk/m4/ChangeLog trunk/m4/Makefile.am trunk/m4/ldap.m4 trunk/m4/libcurl.m4 Log: * ldap.m4: If a PATH is given to --with-ldap, bias directory search towards the given path for includes and libraries. Noted by Jason Harris. * Makefile.am: Distribute tar-ustar.m4. * libcurl.m4: If a PATH is given to --with-libcurl, look for curl-config in that path. Bias directory search towards the given path for includes and libraries. Modified: trunk/m4/ChangeLog =================================================================== --- trunk/m4/ChangeLog 2005-08-05 14:46:59 UTC (rev 3857) +++ trunk/m4/ChangeLog 2005-08-05 16:30:12 UTC (rev 3858) @@ -1,3 +1,15 @@ +2005-08-05 David Shaw + + * ldap.m4: If a PATH is given to --with-ldap, bias directory + search towards the given path for includes and libraries. Noted + by Jason Harris. + + * Makefile.am: Distribute tar-ustar.m4. + + * libcurl.m4: If a PATH is given to --with-libcurl, look for + curl-config in that path. Bias directory search towards the given + path for includes and libraries. + 2005-08-04 David Shaw * tar-ustar.m4: New. Check for a tar that creates USTAR format Modified: trunk/m4/Makefile.am =================================================================== --- trunk/m4/Makefile.am 2005-08-05 14:46:59 UTC (rev 3857) +++ trunk/m4/Makefile.am 2005-08-05 16:30:12 UTC (rev 3858) @@ -1 +1 @@ -EXTRA_DIST = intmax.m4 longdouble.m4 longlong.m4 printf-posix.m4 signed.m4 size_max.m4 wchar_t.m4 wint_t.m4 xsize.m4 codeset.m4 gettext.m4 glibc21.m4 iconv.m4 intdiv0.m4 inttypes.m4 inttypes_h.m4 inttypes-pri.m4 isc-posix.m4 lcmessage.m4 lib-ld.m4 lib-link.m4 lib-prefix.m4 nls.m4 po.m4 progtest.m4 stdint_h.m4 uintmax_t.m4 ulonglong.m4 readline.m4 libcurl.m4 libusb.m4 +EXTRA_DIST = intmax.m4 longdouble.m4 longlong.m4 printf-posix.m4 signed.m4 size_max.m4 wchar_t.m4 wint_t.m4 xsize.m4 codeset.m4 gettext.m4 glibc21.m4 iconv.m4 intdiv0.m4 inttypes.m4 inttypes_h.m4 inttypes-pri.m4 isc-posix.m4 lcmessage.m4 lib-ld.m4 lib-link.m4 lib-prefix.m4 nls.m4 po.m4 progtest.m4 stdint_h.m4 uintmax_t.m4 ulonglong.m4 readline.m4 libcurl.m4 libusb.m4 tar-ustar.m4 Modified: trunk/m4/ldap.m4 =================================================================== --- trunk/m4/ldap.m4 2005-08-05 14:46:59 UTC (rev 3857) +++ trunk/m4/ldap.m4 2005-08-05 16:30:12 UTC (rev 3858) @@ -18,15 +18,22 @@ # If all else fails, the user can play guess-the-dependency by using # something like ./configure LDAPLIBS="-Lfoo -lbar" - AC_ARG_WITH(ldap, - AC_HELP_STRING([--with-ldap=DIR],[look for the LDAP library in DIR]), - [ - if test -d "$withval" ; then - CPPFLAGS="${CPPFLAGS} -I$withval/include" - LDFLAGS="${LDFLAGS} -L$withval/lib" - fi - ]) +AC_ARG_WITH(ldap, + AC_HELP_STRING([--with-ldap=DIR],[look for the LDAP library in DIR]), + [_ldap_with=$withval]) +if test x$_ldap_with != xno ; then + + if test -d "$withval" ; then + LDAP_CPPFLAGS="-I$withval/include" + LDAP_LDFLAGS="-L$withval/lib" + fi + + _ldap_save_cppflags=$CPPFLAGS + CPPFLAGS="${LDAP_CPPFLAGS} ${CPPFLAGS}" + _ldap_save_ldflags=$LDFLAGS + LDFLAGS="${LDAP_LDFLAGS} ${LDFLAGS}" + for MY_LDAPLIBS in ${LDAPLIBS+"$LDAPLIBS"} "-lldap" "-lldap -llber" "-lldap -llber -lresolv" "-lwldap32"; do _ldap_save_libs=$LIBS LIBS="$MY_LDAPLIBS $1 $LIBS" @@ -57,7 +64,7 @@ if test "$gnupg_cv_func_ldap_init" = yes || \ test "$gnupg_cv_func_ldaplber_init" = yes ; then - LDAPLIBS=$MY_LDAPLIBS + LDAPLIBS="$LDAP_LDFLAGS $MY_LDAPLIBS" GPGKEYS_LDAP="gpgkeys_ldap$EXEEXT" AC_CHECK_FUNCS(ldap_get_option ldap_set_option ldap_start_tls_s) @@ -82,4 +89,9 @@ AC_SUBST(GPGKEYS_LDAP) AC_SUBST(LDAPLIBS) + AC_SUBST(LDAP_CPPFLAGS) + + CPPFLAGS=$_ldap_save_cppflags + LDFLAGS=$_ldap_save_ldflags +fi ])dnl Modified: trunk/m4/libcurl.m4 =================================================================== --- trunk/m4/libcurl.m4 2005-08-05 14:46:59 UTC (rev 3857) +++ trunk/m4/libcurl.m4 2005-08-05 16:30:12 UTC (rev 3858) @@ -1,7 +1,7 @@ # LIBCURL_CHECK_CONFIG ([DEFAULT-ACTION], [MINIMUM-VERSION], # [ACTION-IF-YES], [ACTION-IF-NO]) # ---------------------------------------------------------- -# David Shaw Jul-20-2005 +# David Shaw Aug-5-2005 # # Checks for libcurl. DEFAULT-ACTION is the string yes or no to # specify whether to default to --with-libcurl or --without-libcurl. @@ -66,12 +66,13 @@ _libcurl_try_link=yes if test -d "$_libcurl_with" ; then - CPPFLAGS="${CPPFLAGS} -I$withval/include" - LDFLAGS="${LDFLAGS} -L$withval/lib" + LIBCURL_CPPFLAGS="-I$withval/include" + _libcurl_ldflags="-L$withval/lib" + AC_PATH_PROG([_libcurl_config],["$withval/bin/curl-config"]) + else + AC_PATH_PROG([_libcurl_config],[curl-config]) fi - AC_PATH_PROG([_libcurl_config],[curl-config]) - if test x$_libcurl_config != "x" ; then AC_CACHE_CHECK([for the version of libcurl], [libcurl_cv_lib_curl_version], @@ -127,15 +128,15 @@ # we didn't find curl-config, so let's see if the user-supplied # link line (or failing that, "-lcurl") is enough. - LIBCURL=${LIBCURL-"-lcurl"} + LIBCURL=${LIBCURL-"$_libcurl_ldflags -lcurl"} AC_CACHE_CHECK([whether libcurl is usable], [libcurl_cv_lib_curl_usable], [ _libcurl_save_cppflags=$CPPFLAGS - CPPFLAGS="$CPPFLAGS $LIBCURL_CPPFLAGS" + CPPFLAGS="$LIBCURL_CPPFLAGS $CPPFLAGS" _libcurl_save_libs=$LIBS - LIBS="$LIBS $LIBCURL" + LIBS="$LIBCURL $LIBS" AC_LINK_IFELSE(AC_LANG_PROGRAM([#include ],[ /* Try and use a few common options to force a failure if we are @@ -218,6 +219,7 @@ unset _libcurl_protocol unset _libcurl_protocols unset _libcurl_version + unset _libcurl_ldflags fi if test x$_libcurl_with = xno || test x$libcurl_cv_lib_curl_usable != xyes ; then From cvs at cvs.gnupg.org Fri Aug 5 21:54:08 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Fri Aug 5 21:26:36 2005 Subject: [svn] GnuPG - r3859 - trunk/g10 Message-ID: Author: dshaw Date: 2005-08-05 21:54:06 +0200 (Fri, 05 Aug 2005) New Revision: 3859 Modified: trunk/g10/ChangeLog trunk/g10/g10.c trunk/g10/passphrase.c Log: * g10.c (main), passphrase.c (set_passphrase_from_string): New --passphrase command line option. Only useful in very special circumstances. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-08-05 16:30:12 UTC (rev 3858) +++ trunk/g10/ChangeLog 2005-08-05 19:54:06 UTC (rev 3859) @@ -1,3 +1,9 @@ +2005-08-05 David Shaw + + * g10.c (main), passphrase.c (set_passphrase_from_string): New + --passphrase command line option. Only useful in very special + circumstances. + 2005-08-05 Werner Koch * gpgv.c (keyserver_import_fprint): New stub. Modified: trunk/g10/g10.c =================================================================== --- trunk/g10/g10.c 2005-08-05 16:30:12 UTC (rev 3858) +++ trunk/g10/g10.c 2005-08-05 19:54:06 UTC (rev 3859) @@ -211,6 +211,7 @@ oCompressLevel, oBZ2CompressLevel, oBZ2DecompressLowmem, + oPasswd, oPasswdFD, oPasswdFile, oCommandFD, @@ -558,6 +559,7 @@ /* { aListTrustPath, "list-trust-path",0, "@"}, */ { aPipeMode, "pipemode", 0, "@" }, { oKOption, NULL, 0, "@"}, + { oPasswd, "passphrase",2, "@" }, { oPasswdFD, "passphrase-fd",1, "@" }, { oPasswdFile, "passphrase-file",2, "@" }, { oCommandFD, "command-fd",1, "@" }, @@ -2270,6 +2272,9 @@ case oCompressLevel: opt.compress_level = pargs.r.ret_int; break; case oBZ2CompressLevel: opt.bz2_compress_level = pargs.r.ret_int; break; case oBZ2DecompressLowmem: opt.bz2_decompress_lowmem=1; break; + case oPasswd: + set_passphrase_from_string(pargs.r.ret_str); + break; case oPasswdFD: pwfd = iobuf_translate_file_handle (pargs.r.ret_int, 0); opt.use_agent = 0; Modified: trunk/g10/passphrase.c =================================================================== --- trunk/g10/passphrase.c 2005-08-05 16:30:12 UTC (rev 3858) +++ trunk/g10/passphrase.c 2005-08-05 19:54:06 UTC (rev 3859) @@ -115,8 +115,21 @@ return p; } +/* Here's an interesting question: since this passphrase was passed in + on the command line, is there really any point in using secure + memory for it? I'm going with 'yes', since it doesn't hurt, and + might help in some small way (swapping). */ void +set_passphrase_from_string(const char *pass) +{ + xfree( fd_passwd ); + fd_passwd = xmalloc_secure(strlen(pass)+1); + strcpy(fd_passwd,pass); +} + + +void read_passphrase_from_fd( int fd ) { int i, len; From cvs at cvs.gnupg.org Sat Aug 6 23:17:12 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Sat Aug 6 22:49:33 2005 Subject: [svn] GnuPG - r3860 - trunk/g10 Message-ID: Author: dshaw Date: 2005-08-06 23:17:11 +0200 (Sat, 06 Aug 2005) New Revision: 3860 Modified: trunk/g10/keydb.h Log: Missed keydb.h entry for set_passphrase_from_string Modified: trunk/g10/keydb.h =================================================================== --- trunk/g10/keydb.h 2005-08-05 19:54:06 UTC (rev 3859) +++ trunk/g10/keydb.h 2005-08-06 21:17:11 UTC (rev 3860) @@ -198,6 +198,7 @@ typedef void *assuan_context_t; #endif int have_static_passphrase(void); +void set_passphrase_from_string(const char *pass); void read_passphrase_from_fd( int fd ); void passphrase_clear_cache ( u32 *keyid, const char *cacheid, int algo ); char *ask_passphrase (const char *description, From cvs at cvs.gnupg.org Mon Aug 8 19:35:45 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Mon Aug 8 19:08:08 2005 Subject: [svn] GnuPG - r3861 - trunk/keyserver Message-ID: Author: dshaw Date: 2005-08-08 19:35:29 +0200 (Mon, 08 Aug 2005) New Revision: 3861 Modified: trunk/keyserver/ChangeLog trunk/keyserver/Makefile.am Log: * Makefile.am: Include LDAP_CPPFLAGS when building LDAP. Modified: trunk/keyserver/ChangeLog =================================================================== --- trunk/keyserver/ChangeLog 2005-08-06 21:17:11 UTC (rev 3860) +++ trunk/keyserver/ChangeLog 2005-08-08 17:35:29 UTC (rev 3861) @@ -1,3 +1,7 @@ +2005-08-08 David Shaw + + * Makefile.am: Include LDAP_CPPFLAGS when building LDAP. + 2005-08-03 David Shaw * gpgkeys_hkp.c (main), gpgkeys_curl.c (main), curl-shim.h: Show Modified: trunk/keyserver/Makefile.am =================================================================== --- trunk/keyserver/Makefile.am 2005-08-06 21:17:11 UTC (rev 3860) +++ trunk/keyserver/Makefile.am 2005-08-08 17:35:29 UTC (rev 3861) @@ -36,7 +36,9 @@ other_libs = $(LIBICONV) $(LIBINTL) $(CAPLIBS) +gpgkeys_ldap_CPPFLAGS = @LDAP_CPPFLAGS@ gpgkeys_ldap_LDADD = ../util/libutil.a @LDAPLIBS@ @NETLIBS@ $(other_libs) @GETOPT@ @W32LIBS@ + gpgkeys_http_LDADD = ../util/libutil.a @NETLIBS@ @SRVLIBS@ $(other_libs) @GETOPT@ @W32LIBS@ gpgkeys_finger_LDADD = ../util/libutil.a @NETLIBS@ $(other_libs) @GETOPT@ @W32LIBS@ From cvs at cvs.gnupg.org Tue Aug 9 14:49:11 2005 From: cvs at cvs.gnupg.org (cvs user werner) Date: Tue Aug 9 14:49:18 2005 Subject: libassuan (NEWS) Message-ID: Date: Tuesday, August 9, 2005 @ 14:49:11 Author: werner Path: /cvs/gnupg/libassuan Modified: NEWS * mkerrors: Include config.h into assuan-errors.c. This is required so that assuan.h knows about the W32 macro. * assuan.h [_ASSUAN_EXT_SYM_PREFIX]: New. * assuan-io.c [_ASSUAN_NO_PTH]: New. * assuan-pipe-connect.c (fix_signals) [_ASSUAN_NO_FIXED_SIGNALS]: New. (assuan_pipe_connect2) [_ASSUAN_USE_DOUBLE_FORK]: Use double fork. (fix_signals) [_ASSUAN_USE_DOUBLE_FORK]: Do not wait.. ------+ NEWS | 3 +++ 1 files changed, 3 insertions(+) From cvs at cvs.gnupg.org Tue Aug 9 14:49:11 2005 From: cvs at cvs.gnupg.org (cvs user werner) Date: Tue Aug 9 14:49:26 2005 Subject: libassuan/src (5 files) Message-ID: Date: Tuesday, August 9, 2005 @ 14:49:11 Author: werner Path: /cvs/gnupg/libassuan/src Modified: ChangeLog assuan-io.c assuan-pipe-connect.c assuan.h mkerrors * mkerrors: Include config.h into assuan-errors.c. This is required so that assuan.h knows about the W32 macro. * assuan.h [_ASSUAN_EXT_SYM_PREFIX]: New. * assuan-io.c [_ASSUAN_NO_PTH]: New. * assuan-pipe-connect.c (fix_signals) [_ASSUAN_NO_FIXED_SIGNALS]: New. (assuan_pipe_connect2) [_ASSUAN_USE_DOUBLE_FORK]: Use double fork. (fix_signals) [_ASSUAN_USE_DOUBLE_FORK]: Do not wait.. -----------------------+ ChangeLog | 11 ++ assuan-io.c | 24 +++-- assuan-pipe-connect.c | 208 ++++++++++++++++++++++++++---------------------- assuan.h | 127 ++++++++++++++++++++++++++++- mkerrors | 4 5 files changed, 271 insertions(+), 103 deletions(-) From cvs at cvs.gnupg.org Tue Aug 9 15:40:04 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Tue Aug 9 15:12:16 2005 Subject: [svn] GnuPG - r3862 - trunk Message-ID: Author: dshaw Date: 2005-08-09 15:40:04 +0200 (Tue, 09 Aug 2005) New Revision: 3862 Modified: trunk/ChangeLog trunk/configure.ac Log: * configure.ac: Remove hardcoded -I and -L for /usr/local on FreeBSD. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2005-08-08 17:35:29 UTC (rev 3861) +++ trunk/ChangeLog 2005-08-09 13:40:04 UTC (rev 3862) @@ -1,3 +1,8 @@ +2005-08-09 David Shaw + + * configure.ac: Remove hardcoded -I and -L for /usr/local on + FreeBSD. + 2005-08-04 David Shaw * configure.ac: Call GNUPG_CHECK_USTAR and generate tools/gpg-zip. Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2005-08-08 17:35:29 UTC (rev 3861) +++ trunk/configure.ac 2005-08-09 13:40:04 UTC (rev 3862) @@ -495,12 +495,6 @@ agent_support=no ;; - *-*-freebsd*) - # FreeBSD - CPPFLAGS="$CPPFLAGS -I/usr/local/include" - LDFLAGS="$LDFLAGS -L/usr/local/lib" - ;; - *-*-hpux*) if test -z "$GCC" ; then CFLAGS="$CFLAGS -Ae -D_HPUX_SOURCE" From cvs at cvs.gnupg.org Thu Aug 11 18:57:29 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Thu Aug 11 18:29:24 2005 Subject: [svn] GnuPG - r3863 - trunk/cipher Message-ID: Author: wk Date: 2005-08-11 18:57:29 +0200 (Thu, 11 Aug 2005) New Revision: 3863 Modified: trunk/cipher/ChangeLog trunk/cipher/cipher.c trunk/cipher/rijndael.c Log: Experimental code to improve AES performance. Got about 25% on ia32. Modified: trunk/cipher/ChangeLog =================================================================== --- trunk/cipher/ChangeLog 2005-08-09 13:40:04 UTC (rev 3862) +++ trunk/cipher/ChangeLog 2005-08-11 16:57:29 UTC (rev 3863) @@ -1,3 +1,9 @@ +2005-08-11 Werner Koch + + * rijndael.c (rijndael_cfb_encrypt): Experimental code to improve + AES performance. Got about 25% on ia32. + * cipher.c (do_cfb_encrypt): Ditto. + 2005-06-07 David Shaw * random.c: Fix prototype of the fast random gatherer. Noted by Modified: trunk/cipher/cipher.c =================================================================== --- trunk/cipher/cipher.c 2005-08-09 13:40:04 UTC (rev 3862) +++ trunk/cipher/cipher.c 2005-08-11 16:57:29 UTC (rev 3863) @@ -536,7 +536,25 @@ *outbuf++ = (*ivp++ ^= *inbuf++); } - /* now we can process complete blocks */ + /* Now we can process complete blocks. */ +#if 0 + /* Experimental code. We may only use this for standard CFB + because for Phil's mode we need to save the IV of before the + last encryption - we don't want to do this in tghe fasf CFB + encryption routine. */ + if (c->algo == CIPHER_ALGO_AES + && nbytes >= blocksize + && c->mode != CIPHER_MODE_PHILS_CFB) { + size_t n; + + memcpy( c->lastiv, c->iv, blocksize ); + n = (nbytes / blocksize) * blocksize; + rijndael_cfb_encrypt (&c->context.c, c->iv, outbuf, inbuf, n); + inbuf += n; + outbuf += n; + nbytes -= n; + } +#endif while( nbytes >= blocksize ) { int i; /* encrypt the IV (and save the current one) */ Modified: trunk/cipher/rijndael.c =================================================================== --- trunk/cipher/rijndael.c 2005-08-09 13:40:04 UTC (rev 3862) +++ trunk/cipher/rijndael.c 2005-08-11 16:57:29 UTC (rev 3863) @@ -1955,6 +1955,57 @@ burn_stack (16 + 2*sizeof(int)); } +#if 0 +/* Experimental code. Needs to be generalized and we might want to + have variants for all possible sizes of the largest scalar type. + Also need to make sure that INBUF and OUTBUF are properlu + aligned. */ +void +rijndael_cfb_encrypt (void *ctx, byte *iv, + byte *outbuf, const byte *inbuf, size_t nbytes) +{ +/* if ( ((unsigned long)inbuf & 3) || ((unsigned long)outbuf & 3) ) */ +/* { */ + /* Not properly aligned, use the slow version. Actually the + compiler might even optimize it this pretty well if the + target CPU has relaxed alignment requirements. Thus it is + questionable whether we should at all go into the hassles of + doing alignment wise optimizations by ourself. A quick test + with gcc 4.0 on ia32 did showed any advantages. */ + byte *ivp; + int i; + + while (nbytes >= 16) + { + do_encrypt (ctx, iv, iv); + for (i=0, ivp = iv; i < 16; i++) + *outbuf++ = (*ivp++ ^= *inbuf++); + nbytes -= 16; + } +/* } */ +/* else */ +/* { */ +/* u32 *ivp; */ +/* u32 *ob = (u32*)outbuf; */ +/* const u32 *ib = (const u32*)inbuf; */ + +/* while (nbytes >= 16) */ +/* { */ +/* do_encrypt (ctx, iv, iv); */ +/* ivp = iv; */ +/* *ob++ = (*ivp++ ^= *ib++); */ +/* *ob++ = (*ivp++ ^= *ib++); */ +/* *ob++ = (*ivp++ ^= *ib++); */ +/* *ob++ = (*ivp ^= *ib++); */ +/* nbytes -= 16; */ +/* } */ +/* } */ + burn_stack (16 + 2*sizeof(int)); +} +#endif + + + /* Decrypt one block. a and b may be the same. */ static void From cvs at cvs.gnupg.org Tue Aug 16 11:15:09 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Tue Aug 16 10:46:00 2005 Subject: [svn] GnuPG - r3864 - in branches/GNUPG-1-9-BRANCH: . agent Message-ID: Author: wk Date: 2005-08-16 11:15:09 +0200 (Tue, 16 Aug 2005) New Revision: 3864 Modified: branches/GNUPG-1-9-BRANCH/NEWS branches/GNUPG-1-9-BRANCH/agent/ChangeLog branches/GNUPG-1-9-BRANCH/agent/gpg-agent.c Log: Use a default argument for --write-env-file. Modified: branches/GNUPG-1-9-BRANCH/NEWS =================================================================== --- branches/GNUPG-1-9-BRANCH/NEWS 2005-08-11 16:57:29 UTC (rev 3863) +++ branches/GNUPG-1-9-BRANCH/NEWS 2005-08-16 09:15:09 UTC (rev 3864) @@ -1,3 +1,7 @@ +Noteworthy changes in version 1.9.19 +------------------------------------------------- + + Noteworthy changes in version 1.9.18 (2005-08-01) ------------------------------------------------- Modified: branches/GNUPG-1-9-BRANCH/agent/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/agent/ChangeLog 2005-08-11 16:57:29 UTC (rev 3863) +++ branches/GNUPG-1-9-BRANCH/agent/ChangeLog 2005-08-16 09:15:09 UTC (rev 3864) @@ -1,3 +1,7 @@ +2005-08-16 Werner Koch + + * gpg-agent.c (main): Use a default file name for --write-env-file. + 2005-07-25 Werner Koch * findkey.c (agent_public_key_from_file): Fixed array assignment. Modified: branches/GNUPG-1-9-BRANCH/agent/gpg-agent.c =================================================================== --- branches/GNUPG-1-9-BRANCH/agent/gpg-agent.c 2005-08-11 16:57:29 UTC (rev 3863) +++ branches/GNUPG-1-9-BRANCH/agent/gpg-agent.c 2005-08-16 09:15:09 UTC (rev 3864) @@ -152,7 +152,7 @@ { oAllowPresetPassphrase, "allow-preset-passphrase", 0, N_("allow presetting passphrase")}, { oSSHSupport, "enable-ssh-support", 0, N_("enable ssh-agent emulation") }, - { oWriteEnvFile, "write-env-file", 2, + { oWriteEnvFile, "write-env-file", 2|8, N_("|FILE|write environment settings also to FILE")}, {0} }; @@ -633,7 +633,12 @@ case oKeepDISPLAY: opt.keep_display = 1; break; case oSSHSupport: opt.ssh_support = 1; break; - case oWriteEnvFile: env_file_name = pargs.r.ret_str; break; + case oWriteEnvFile: + if (pargs.r_type) + env_file_name = pargs.r.ret_str; + else + env_file_name = make_filename ("~/.gpg-agent-info", NULL); + break; default : pargs.err = configfp? 1:2; break; } From cvs at cvs.gnupg.org Thu Aug 18 06:17:27 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Thu Aug 18 05:53:32 2005 Subject: [svn] GnuPG - r3865 - trunk/keyserver Message-ID: Author: dshaw Date: 2005-08-18 06:17:20 +0200 (Thu, 18 Aug 2005) New Revision: 3865 Modified: trunk/keyserver/ChangeLog trunk/keyserver/gpgkeys_hkp.c trunk/keyserver/gpgkeys_ldap.c trunk/keyserver/ksutil.c trunk/keyserver/ksutil.h Log: * ksutil.h, ksutil.c (parse_ks_options): New keyserver-option exact-email. * gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Use it here to do an email-only search. Modified: trunk/keyserver/ChangeLog =================================================================== --- trunk/keyserver/ChangeLog 2005-08-16 09:15:09 UTC (rev 3864) +++ trunk/keyserver/ChangeLog 2005-08-18 04:17:20 UTC (rev 3865) @@ -1,3 +1,11 @@ +2005-08-17 David Shaw + + * ksutil.h, ksutil.c (parse_ks_options): New keyserver-option + exact-email. + + * gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Use it + here to do an email-only search. + 2005-08-08 David Shaw * Makefile.am: Include LDAP_CPPFLAGS when building LDAP. Modified: trunk/keyserver/gpgkeys_hkp.c =================================================================== --- trunk/keyserver/gpgkeys_hkp.c 2005-08-16 09:15:09 UTC (rev 3864) +++ trunk/keyserver/gpgkeys_hkp.c 2005-08-18 04:17:20 UTC (rev 3865) @@ -287,13 +287,40 @@ search_key(char *searchkey) { CURLcode res; - char *request; - char *searchkey_encoded; + char *request=NULL; + char *searchkey_encoded=NULL; int ret=KEYSERVER_INTERNAL_ERROR; - searchkey_encoded=curl_escape(searchkey,0); + if(opt->flags.exact_email) + { + char *bracketed; - request=malloc(MAX_URL+50+strlen(searchkey_encoded)); + bracketed=malloc(1+strlen(searchkey)+1+1); + if(!bracketed) + { + fprintf(console,"gpgkeys: out of memory\n"); + ret=KEYSERVER_NO_MEMORY; + goto fail; + } + + strcpy(bracketed,"<"); + strcat(bracketed,searchkey); + strcat(bracketed,">"); + + searchkey_encoded=curl_escape(bracketed,0); + free(bracketed); + } + else + searchkey_encoded=curl_escape(searchkey,0); + + if(!searchkey_encoded) + { + fprintf(console,"gpgkeys: out of memory\n"); + ret=KEYSERVER_NO_MEMORY; + goto fail; + } + + request=malloc(MAX_URL+60+strlen(searchkey_encoded)); if(!request) { fprintf(console,"gpgkeys: out of memory\n"); @@ -314,6 +341,9 @@ append_path(request,"/pks/lookup?op=index&options=mr&search="); strcat(request,searchkey_encoded); + if(opt->flags.exact_email) + strcat(request,"&exact=on"); + if(opt->verbose>2) fprintf(console,"gpgkeys: HTTP URL is `%s'\n",request); Modified: trunk/keyserver/gpgkeys_ldap.c =================================================================== --- trunk/keyserver/gpgkeys_ldap.c 2005-08-16 09:15:09 UTC (rev 3864) +++ trunk/keyserver/gpgkeys_ldap.c 2005-08-18 04:17:20 UTC (rev 3865) @@ -1141,7 +1141,7 @@ struct keylist *dupelist=NULL; /* The maximum size of the search, including the optional stuff and the trailing \0 */ - char search[2+12+MAX_LINE+2+15+14+1+1]; + char search[2+12+1+MAX_LINE+1+2+15+14+1+1]; char *attrs[]={"pgpcertid","pgpuserid","pgprevoked","pgpdisabled", "pgpkeycreatetime","pgpkeyexpiretime","modifytimestamp", "pgpkeysize","pgpkeytype",NULL}; @@ -1150,9 +1150,11 @@ /* Build the search string */ - sprintf(search,"%s(pgpuserid=*%s*)%s%s%s", + sprintf(search,"%s(pgpuserid=*%s%s%s*)%s%s%s", (!(opt->flags.include_disabled&&opt->flags.include_revoked))?"(&":"", + opt->flags.exact_email?"<":"", searchkey, + opt->flags.exact_email?">":"", opt->flags.include_disabled?"":"(pgpdisabled=0)", opt->flags.include_revoked?"":"(pgprevoked=0)", !(opt->flags.include_disabled&&opt->flags.include_revoked)?")":""); @@ -1198,7 +1200,12 @@ } if(err==LDAP_SIZELIMIT_EXCEEDED) - fprintf(console,"gpgkeys: search results exceeded server limit. First %d results shown.\n",count); + { + if(count==1) + fprintf(console,"gpgkeys: search results exceeded server limit. First %d result shown.\n",count); + else + fprintf(console,"gpgkeys: search results exceeded server limit. First %d results shown.\n",count); + } free_keylist(dupelist); dupelist=NULL; Modified: trunk/keyserver/ksutil.c =================================================================== --- trunk/keyserver/ksutil.c 2005-08-16 09:15:09 UTC (rev 3864) +++ trunk/keyserver/ksutil.c 2005-08-18 04:17:20 UTC (rev 3865) @@ -298,6 +298,14 @@ return KEYSERVER_NO_MEMORY; } } + else if(strcasecmp(start,"exact-email")==0 + || strcasecmp(start,"exact-mail")==0) + { + if(no) + opt->flags.exact_email=0; + else + opt->flags.exact_email=1; + } } return -1; Modified: trunk/keyserver/ksutil.h =================================================================== --- trunk/keyserver/ksutil.h 2005-08-16 09:15:09 UTC (rev 3864) +++ trunk/keyserver/ksutil.h 2005-08-18 04:17:20 UTC (rev 3865) @@ -89,6 +89,7 @@ unsigned int include_revoked:1; unsigned int include_subkeys:1; unsigned int check_cert:1; + unsigned int exact_email:1; } flags; unsigned int verbose; unsigned int debug; From cvs at cvs.gnupg.org Thu Aug 18 08:54:06 2005 From: cvs at cvs.gnupg.org (cvs user werner) Date: Thu Aug 18 08:54:16 2005 Subject: gsti/src (auth.c gsti.h gsti.m4) Message-ID: Date: Thursday, August 18, 2005 @ 08:54:06 Author: werner Path: /cvs/wk/gsti/src Modified: auth.c gsti.h gsti.m4 preparing release 0.3.0 ---------+ auth.c | 9 +++++---- gsti.h | 20 +++++++------------- gsti.m4 | 3 +-- 3 files changed, 13 insertions(+), 19 deletions(-) From cvs at cvs.gnupg.org Thu Aug 18 08:54:06 2005 From: cvs at cvs.gnupg.org (cvs user werner) Date: Thu Aug 18 08:54:22 2005 Subject: gsti/m4 (gpg-error.m4 libgcrypt.m4) Message-ID: Date: Thursday, August 18, 2005 @ 08:54:06 Author: werner Path: /cvs/wk/gsti/m4 Modified: gpg-error.m4 libgcrypt.m4 preparing release 0.3.0 --------------+ gpg-error.m4 | 13 +++++++++++-- libgcrypt.m4 | 2 +- 2 files changed, 12 insertions(+), 3 deletions(-) From cvs at cvs.gnupg.org Thu Aug 18 08:54:07 2005 From: cvs at cvs.gnupg.org (cvs user werner) Date: Thu Aug 18 08:54:29 2005 Subject: gsti/doc (Makefile.am) Message-ID: Date: Thursday, August 18, 2005 @ 08:54:07 Author: werner Path: /cvs/wk/gsti/doc Modified: Makefile.am preparing release 0.3.0 -------------+ Makefile.am | 6 +++++- 1 files changed, 5 insertions(+), 1 deletion(-) From cvs at cvs.gnupg.org Thu Aug 18 08:54:07 2005 From: cvs at cvs.gnupg.org (cvs user werner) Date: Thu Aug 18 08:54:37 2005 Subject: gsti (14 files) Message-ID: Date: Thursday, August 18, 2005 @ 08:54:07 Author: werner Path: /cvs/wk/gsti Modified: ChangeLog INSTALL Makefile.am NEWS TODO acinclude.m4 config.guess config.sub configure.ac depcomp install-sh ltmain.sh missing mkinstalldirs preparing release 0.3.0 ---------------+ ChangeLog | 4 INSTALL | 52 ++-- Makefile.am | 4 NEWS | 2 TODO | 18 - acinclude.m4 | 2 config.guess | 587 +++++++++++++++++++++++++++++++------------------------- config.sub | 105 ++++++---- configure.ac | 10 depcomp | 75 +++++-- install-sh | 471 +++++++++++++++++++++++--------------------- ltmain.sh | 569 ++++++++++++++++++++++++++++-------------------------- missing | 127 ++++++------ mkinstalldirs | 69 +++++- 14 files changed, 1180 insertions(+), 915 deletions(-) From cvs at cvs.gnupg.org Thu Aug 18 18:05:23 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Thu Aug 18 17:41:25 2005 Subject: [svn] gcry - r1100 - trunk/tests Message-ID: Author: wk Date: 2005-08-18 18:05:22 +0200 (Thu, 18 Aug 2005) New Revision: 1100 Added: trunk/tests/hmac.c Modified: trunk/tests/ChangeLog trunk/tests/Makefile.am Log: Added hmac test Modified: trunk/tests/ChangeLog =================================================================== --- trunk/tests/ChangeLog 2005-07-29 14:09:19 UTC (rev 1099) +++ trunk/tests/ChangeLog 2005-08-18 16:05:22 UTC (rev 1100) @@ -1,3 +1,7 @@ +2005-08-18 Werner Koch + + * hmac.c: New. + 2005-04-22 Moritz Schulte * tsexp.c: Include in case HAVE_CONFIG_H is defined; Modified: trunk/tests/Makefile.am =================================================================== --- trunk/tests/Makefile.am 2005-07-29 14:09:19 UTC (rev 1099) +++ trunk/tests/Makefile.am 2005-08-18 16:05:22 UTC (rev 1100) @@ -18,7 +18,8 @@ ## Process this file with automake to produce Makefile.in -TESTS = prime register ac ac-schemes ac-data basic tsexp keygen pubkey benchmark pkbench +TESTS = prime register ac ac-schemes ac-data basic \ + tsexp keygen pubkey benchmark pkbench hmac INCLUDES = -I$(top_srcdir)/src LDADD = ../src/libgcrypt.la Added: trunk/tests/hmac.c =================================================================== --- trunk/tests/hmac.c 2005-07-29 14:09:19 UTC (rev 1099) +++ trunk/tests/hmac.c 2005-08-18 16:05:22 UTC (rev 1100) @@ -0,0 +1,153 @@ +/* hmac.c - HMAC regression tests + * Copyright (C) 2005 Free Software Foundation, Inc. + * + * This file is part of Libgcrypt. + * + * Libgcrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Libgcrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +#ifdef HAVE_CONFIG_H +#include +#endif +#include +#include +#include +#include + +#include "../src/gcrypt.h" + +static int verbose; +static int error_count; + +static void +fail (const char *format, ...) +{ + va_list arg_ptr; + + va_start (arg_ptr, format); + vfprintf (stderr, format, arg_ptr); + va_end (arg_ptr); + error_count++; +} + +static void +die (const char *format, ...) +{ + va_list arg_ptr; + + va_start (arg_ptr, format); + vfprintf (stderr, format, arg_ptr); + va_end (arg_ptr); + exit (1); +} + + + +static void +check_one_mac (int algo, + void *key, size_t keylen, + void *data, size_t datalen, + char *expect) +{ + gcry_md_hd_t hd; + char *p; + int mdlen; + int i; + gcry_error_t err = 0; + + err = gcry_md_open (&hd, algo, GCRY_MD_FLAG_HMAC); + if (err) + { + fail ("algo %d, grcy_md_open failed: %s\n", algo, gpg_strerror (err)); + return; + } + + mdlen = gcry_md_get_algo_dlen (algo); + if (mdlen < 1 || mdlen > 500) + { + fail ("algo %d, grcy_md_get_algo_dlen failed: %d\n", algo, mdlen); + return; + } + + err = gcry_md_setkey (hd, key, keylen); + if (err) + { + fail ("algo %d, grcy_md_setkey failed: %s\n", algo, gpg_strerror (err)); + return; + } + + gcry_md_write (hd, data, datalen); + + p = gcry_md_read (hd, 0); + + if (memcmp (p, expect, mdlen)) + { + printf ("computed: "); + for (i = 0; i < mdlen; i++) + printf ("%02x ", p[i] & 0xFF); + printf ("\nexpected: "); + for (i = 0; i < mdlen; i++) + printf ("%02x ", expect[i] & 0xFF); + printf ("\n"); + + fail ("algo %d, MAC does not match\n", algo); + } + + gcry_md_close (hd); +} + +static void +check_hmac (void) +{ + unsigned char key[64]; + int i, j; + + /* FIPS 198a, A.1 */ + for (i=0; i < 64; i++) + key[i] = i; + check_one_mac (GCRY_MD_SHA1, key, 64, "Sample #1", 9, + "\x4f\x4c\xa3\xd5\xd6\x8b\xa7\xcc\x0a\x12" + "\x08\xc9\xc6\x1e\x9c\x5d\xa0\x40\x3c\x0a"); + + /* FIPS 198a, A.2 */ + for (i=0, j=0x30; i < 20; i++) + key[i] = j++; + check_one_mac (GCRY_MD_SHA1, key, 20, "Sample #2", 9, + "\x09\x22\xd3\x40\x5f\xaa\x3d\x19\x4f\x82" + "\xa4\x58\x30\x73\x7d\x5c\xc6\xc7\x5d\x24"); + +} + +int +main (int argc, char **argv) +{ + int debug = 0; + + if (argc > 1 && !strcmp (argv[1], "--verbose")) + verbose = 1; + else if (argc > 1 && !strcmp (argv[1], "--debug")) + verbose = debug = 1; + + if (!gcry_check_version (GCRYPT_VERSION)) + die ("version mismatch\n"); + + gcry_control (GCRYCTL_DISABLE_SECMEM, 0); + gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0); + if (debug) + gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u, 0); + check_hmac (); + + return error_count ? 1 : 0; +} From cvs at cvs.gnupg.org Thu Aug 18 19:40:04 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Thu Aug 18 19:16:05 2005 Subject: [svn] GnuPG - r3866 - trunk/keyserver Message-ID: Author: dshaw Date: 2005-08-18 19:40:04 +0200 (Thu, 18 Aug 2005) New Revision: 3866 Modified: trunk/keyserver/ChangeLog trunk/keyserver/gpgkeys_ldap.c Log: * gpgkeys_ldap.c (ldap_quote): \-quote a string for LDAP. * gpgkeys_ldap.c (search_key): Use it here to escape reserved characters in searches. Modified: trunk/keyserver/ChangeLog =================================================================== --- trunk/keyserver/ChangeLog 2005-08-18 04:17:20 UTC (rev 3865) +++ trunk/keyserver/ChangeLog 2005-08-18 17:40:04 UTC (rev 3866) @@ -1,3 +1,10 @@ +2005-08-18 David Shaw + + * gpgkeys_ldap.c (ldap_quote): \-quote a string for LDAP. + + * gpgkeys_ldap.c (search_key): Use it here to escape reserved + characters in searches. + 2005-08-17 David Shaw * ksutil.h, ksutil.c (parse_ks_options): New keyserver-option Modified: trunk/keyserver/gpgkeys_ldap.c =================================================================== --- trunk/keyserver/gpgkeys_ldap.c 2005-08-18 04:17:20 UTC (rev 3865) +++ trunk/keyserver/gpgkeys_ldap.c 2005-08-18 17:40:04 UTC (rev 3866) @@ -1130,6 +1130,37 @@ } } +#define LDAP_ESCAPE_CHARS "*()\\" + +static int +ldap_quote(char *buffer,const char *string) +{ + int count=0; + + for(;*string;string++) + { + if(strchr(LDAP_ESCAPE_CHARS,*string)) + { + if(buffer) + { + sprintf(buffer,"\\%02X",*string); + buffer+=3; + } + + count+=3; + } + else + { + if(buffer) + *buffer++=*string; + + count++; + } + } + + return count; +} + /* Returns 0 on success and -1 on error. Note that key-not-found is not an error! */ static int @@ -1141,6 +1172,7 @@ struct keylist *dupelist=NULL; /* The maximum size of the search, including the optional stuff and the trailing \0 */ + char *expanded_search; char search[2+12+1+MAX_LINE+1+2+15+14+1+1]; char *attrs[]={"pgpcertid","pgpuserid","pgprevoked","pgpdisabled", "pgpkeycreatetime","pgpkeyexpiretime","modifytimestamp", @@ -1148,17 +1180,29 @@ fprintf(output,"SEARCH %s BEGIN\n",searchkey); + expanded_search=malloc(ldap_quote(NULL,searchkey)+1); + if(!expanded_search) + { + fprintf(output,"SEARCH %s FAILED %d\n",searchkey,KEYSERVER_NO_MEMORY); + fprintf(console,"Out of memory when quoting LDAP search string\n"); + return KEYSERVER_NO_MEMORY; + } + + ldap_quote(expanded_search,searchkey); + /* Build the search string */ sprintf(search,"%s(pgpuserid=*%s%s%s*)%s%s%s", (!(opt->flags.include_disabled&&opt->flags.include_revoked))?"(&":"", opt->flags.exact_email?"<":"", - searchkey, + expanded_search, opt->flags.exact_email?">":"", opt->flags.include_disabled?"":"(pgpdisabled=0)", opt->flags.include_revoked?"":"(pgprevoked=0)", !(opt->flags.include_disabled&&opt->flags.include_revoked)?")":""); + free(expanded_search); + if(opt->verbose>2) fprintf(console,"gpgkeys: LDAP search for: %s\n",search); @@ -1202,9 +1246,11 @@ if(err==LDAP_SIZELIMIT_EXCEEDED) { if(count==1) - fprintf(console,"gpgkeys: search results exceeded server limit. First %d result shown.\n",count); + fprintf(console,"gpgkeys: search results exceeded server limit." + " First %d result shown.\n",count); else - fprintf(console,"gpgkeys: search results exceeded server limit. First %d results shown.\n",count); + fprintf(console,"gpgkeys: search results exceeded server limit." + " First %d results shown.\n",count); } free_keylist(dupelist); From cvs at cvs.gnupg.org Thu Aug 18 23:14:17 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Thu Aug 18 22:50:18 2005 Subject: [svn] GnuPG - r3867 - trunk/keyserver Message-ID: Author: dshaw Date: 2005-08-18 23:14:16 +0200 (Thu, 18 Aug 2005) New Revision: 3867 Modified: trunk/keyserver/ChangeLog trunk/keyserver/gpgkeys_hkp.c trunk/keyserver/gpgkeys_ldap.c trunk/keyserver/ksutil.c trunk/keyserver/ksutil.h Log: * ksutil.h, ksutil.c (parse_ks_options): New keyserver-option exact-name. The last of exact-name and exact-email overrides the earlier. * gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Use it here to do a name-only search. Modified: trunk/keyserver/ChangeLog =================================================================== --- trunk/keyserver/ChangeLog 2005-08-18 17:40:04 UTC (rev 3866) +++ trunk/keyserver/ChangeLog 2005-08-18 21:14:16 UTC (rev 3867) @@ -1,5 +1,12 @@ 2005-08-18 David Shaw + * ksutil.h, ksutil.c (parse_ks_options): New keyserver-option + exact-name. The last of exact-name and exact-email overrides the + earlier. + + * gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Use it + here to do a name-only search. + * gpgkeys_ldap.c (ldap_quote): \-quote a string for LDAP. * gpgkeys_ldap.c (search_key): Use it here to escape reserved Modified: trunk/keyserver/gpgkeys_hkp.c =================================================================== --- trunk/keyserver/gpgkeys_hkp.c 2005-08-18 17:40:04 UTC (rev 3866) +++ trunk/keyserver/gpgkeys_hkp.c 2005-08-18 21:14:16 UTC (rev 3867) @@ -291,10 +291,28 @@ char *searchkey_encoded=NULL; int ret=KEYSERVER_INTERNAL_ERROR; - if(opt->flags.exact_email) + if(opt->flags.exact_name) { char *bracketed; + bracketed=malloc(strlen(searchkey)+2+1); + if(!bracketed) + { + fprintf(console,"gpgkeys: out of memory\n"); + ret=KEYSERVER_NO_MEMORY; + goto fail; + } + + strcpy(bracketed,searchkey); + strcat(bracketed," <"); + + searchkey_encoded=curl_escape(bracketed,0); + free(bracketed); + } + else if(opt->flags.exact_email) + { + char *bracketed; + bracketed=malloc(1+strlen(searchkey)+1+1); if(!bracketed) { @@ -341,7 +359,7 @@ append_path(request,"/pks/lookup?op=index&options=mr&search="); strcat(request,searchkey_encoded); - if(opt->flags.exact_email) + if(opt->flags.exact_name || opt->flags.exact_email) strcat(request,"&exact=on"); if(opt->verbose>2) Modified: trunk/keyserver/gpgkeys_ldap.c =================================================================== --- trunk/keyserver/gpgkeys_ldap.c 2005-08-18 17:40:04 UTC (rev 3866) +++ trunk/keyserver/gpgkeys_ldap.c 2005-08-18 21:14:16 UTC (rev 3867) @@ -1158,6 +1158,9 @@ } } + if(buffer) + *buffer='\0'; + return count; } @@ -1173,7 +1176,7 @@ /* The maximum size of the search, including the optional stuff and the trailing \0 */ char *expanded_search; - char search[2+12+1+MAX_LINE+1+2+15+14+1+1]; + char search[2+12+1+1+MAX_LINE+1+2+2+15+14+1+1]; char *attrs[]={"pgpcertid","pgpuserid","pgprevoked","pgpdisabled", "pgpkeycreatetime","pgpkeyexpiretime","modifytimestamp", "pgpkeysize","pgpkeytype",NULL}; @@ -1192,11 +1195,13 @@ /* Build the search string */ - sprintf(search,"%s(pgpuserid=*%s%s%s*)%s%s%s", + sprintf(search,"%s(pgpuserid=%s%s%s%s%s*)%s%s%s", (!(opt->flags.include_disabled&&opt->flags.include_revoked))?"(&":"", + opt->flags.exact_name?"":"*", opt->flags.exact_email?"<":"", expanded_search, opt->flags.exact_email?">":"", + opt->flags.exact_name?" <":"", opt->flags.include_disabled?"":"(pgpdisabled=0)", opt->flags.include_revoked?"":"(pgprevoked=0)", !(opt->flags.include_disabled&&opt->flags.include_revoked)?")":""); Modified: trunk/keyserver/ksutil.c =================================================================== --- trunk/keyserver/ksutil.c 2005-08-18 17:40:04 UTC (rev 3866) +++ trunk/keyserver/ksutil.c 2005-08-18 21:14:16 UTC (rev 3867) @@ -304,8 +304,21 @@ if(no) opt->flags.exact_email=0; else - opt->flags.exact_email=1; + { + opt->flags.exact_email=1; + opt->flags.exact_name=0; + } } + else if(strcasecmp(start,"exact-name")==0) + { + if(no) + opt->flags.exact_name=0; + else + { + opt->flags.exact_name=1; + opt->flags.exact_email=0; + } + } } return -1; Modified: trunk/keyserver/ksutil.h =================================================================== --- trunk/keyserver/ksutil.h 2005-08-18 17:40:04 UTC (rev 3866) +++ trunk/keyserver/ksutil.h 2005-08-18 21:14:16 UTC (rev 3867) @@ -89,6 +89,7 @@ unsigned int include_revoked:1; unsigned int include_subkeys:1; unsigned int check_cert:1; + unsigned int exact_name:1; unsigned int exact_email:1; } flags; unsigned int verbose; From cvs at cvs.gnupg.org Fri Aug 19 09:58:27 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Fri Aug 19 09:34:26 2005 Subject: [svn] gcry - r1101 - trunk/tests Message-ID: Author: wk Date: 2005-08-19 09:58:27 +0200 (Fri, 19 Aug 2005) New Revision: 1101 Modified: trunk/tests/ChangeLog trunk/tests/hmac.c Log: added remaining 2 tests. Modified: trunk/tests/ChangeLog =================================================================== --- trunk/tests/ChangeLog 2005-08-18 16:05:22 UTC (rev 1100) +++ trunk/tests/ChangeLog 2005-08-19 07:58:27 UTC (rev 1101) @@ -1,3 +1,7 @@ +2005-08-19 Werner Koch + + * hmac.c (main): Added all FIPS tests. + 2005-08-18 Werner Koch * hmac.c: New. Modified: trunk/tests/hmac.c =================================================================== --- trunk/tests/hmac.c 2005-08-18 16:05:22 UTC (rev 1100) +++ trunk/tests/hmac.c 2005-08-19 07:58:27 UTC (rev 1101) @@ -111,23 +111,41 @@ static void check_hmac (void) { - unsigned char key[64]; + unsigned char key[128]; int i, j; - /* FIPS 198a, A.1 */ + if (verbose) + fprintf (stderr, "checking FIPS-198a, A.1\n"); for (i=0; i < 64; i++) key[i] = i; check_one_mac (GCRY_MD_SHA1, key, 64, "Sample #1", 9, "\x4f\x4c\xa3\xd5\xd6\x8b\xa7\xcc\x0a\x12" "\x08\xc9\xc6\x1e\x9c\x5d\xa0\x40\x3c\x0a"); - /* FIPS 198a, A.2 */ + if (verbose) + fprintf (stderr, "checking FIPS-198a, A.2\n"); for (i=0, j=0x30; i < 20; i++) key[i] = j++; check_one_mac (GCRY_MD_SHA1, key, 20, "Sample #2", 9, "\x09\x22\xd3\x40\x5f\xaa\x3d\x19\x4f\x82" "\xa4\x58\x30\x73\x7d\x5c\xc6\xc7\x5d\x24"); + if (verbose) + fprintf (stderr, "checking FIPS-198a, A.3\n"); + for (i=0, j=0x50; i < 100; i++) + key[i] = j++; + check_one_mac (GCRY_MD_SHA1, key, 100, "Sample #3", 9, + "\xbc\xf4\x1e\xab\x8b\xb2\xd8\x02\xf3\xd0" + "\x5c\xaf\x7c\xb0\x92\xec\xf8\xd1\xa3\xaa"); + + if (verbose) + fprintf (stderr, "checking FIPS-198a, A.4\n"); + for (i=0, j=0x70; i < 49; i++) + key[i] = j++; + check_one_mac (GCRY_MD_SHA1, key, 49, "Sample #4", 9, + "\x9e\xa8\x86\xef\xe2\x68\xdb\xec\xce\x42" + "\x0c\x75\x24\xdf\x32\xe0\x75\x1a\x2a\x26"); + } int From cvs at cvs.gnupg.org Fri Aug 19 15:37:52 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Fri Aug 19 15:13:49 2005 Subject: [svn] GnuPG - r3868 - trunk/g10 Message-ID: Author: dshaw Date: 2005-08-19 15:37:47 +0200 (Fri, 19 Aug 2005) New Revision: 3868 Modified: trunk/g10/ChangeLog trunk/g10/getkey.c trunk/g10/options.skel Log: * options.skel: Remove the surfnet LDAP keyserver from the list of samples since it is being shut down. * getkey.c (classify_user_id): Disable the '.' and '+' search modes since they aren't supported yet. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-08-18 21:14:16 UTC (rev 3867) +++ trunk/g10/ChangeLog 2005-08-19 13:37:47 UTC (rev 3868) @@ -1,3 +1,11 @@ +2005-08-19 David Shaw + + * options.skel: Remove the surfnet LDAP keyserver from the list of + samples since it is being shut down. + + * getkey.c (classify_user_id): Disable the '.' and '+' search + modes since they aren't supported yet. + 2005-08-05 David Shaw * g10.c (main), passphrase.c (set_passphrase_from_string): New Modified: trunk/g10/getkey.c =================================================================== --- trunk/g10/getkey.c 2005-08-18 21:14:16 UTC (rev 3867) +++ trunk/g10/getkey.c 2005-08-19 13:37:47 UTC (rev 3868) @@ -590,11 +590,13 @@ case 0: /* empty string is an error */ return 0; +#if 0 case '.': /* an email address, compare from end */ mode = KEYDB_SEARCH_MODE_MAILEND; s++; desc->u.name = s; break; +#endif case '<': /* an email address */ mode = KEYDB_SEARCH_MODE_MAIL; @@ -619,11 +621,13 @@ desc->u.name = s; break; +#if 0 case '+': /* compare individual words */ mode = KEYDB_SEARCH_MODE_WORDS; s++; desc->u.name = s; break; +#endif case '#': /* local user id */ return 0; /* This is now obsolete and van't not be used anymore*/ Modified: trunk/g10/options.skel =================================================================== --- trunk/g10/options.skel 2005-08-18 21:14:16 UTC (rev 3867) +++ trunk/g10/options.skel 2005-08-19 13:37:47 UTC (rev 3868) @@ -92,7 +92,6 @@ # mailto:pgp-public-keys@keys.pgp.net # # Example LDAP keyservers: -# ldap://pgp.surfnet.nl:11370 # ldap://keyserver.pgp.com # # Regular URL syntax applies, and you can set an alternate port @@ -114,7 +113,6 @@ keyserver hkp://subkeys.pgp.net #keyserver mailto:pgp-public-keys@keys.nl.pgp.net -#keyserver ldap://pgp.surfnet.nl:11370 #keyserver ldap://keyserver.pgp.com # Common options for keyserver functions: From cvs at cvs.gnupg.org Fri Aug 19 15:48:49 2005 From: cvs at cvs.gnupg.org (cvs user werner) Date: Fri Aug 19 15:48:59 2005 Subject: libgpg-error (12 files) Message-ID: Date: Friday, August 19, 2005 @ 15:48:49 Author: werner Path: /cvs/gnupg/libgpg-error Modified: ChangeLog INSTALL NEWS autogen.sh config.guess config.sub configure.ac depcomp install-sh ltmain.sh missing mkinstalldirs Does now allow to build a W32 DLL. ---------------+ ChangeLog | 7 INSTALL | 52 NEWS | 5 autogen.sh | 2 config.guess | 382 ++++--- config.sub | 277 +++-- configure.ac | 42 depcomp | 104 + install-sh | 471 ++++---- ltmain.sh | 3051 ++++++++++++++++++++++++++++++++++++++++---------------- missing | 131 +- mkinstalldirs | 69 - 12 files changed, 3169 insertions(+), 1424 deletions(-) From cvs at cvs.gnupg.org Fri Aug 19 15:48:50 2005 From: cvs at cvs.gnupg.org (cvs user werner) Date: Fri Aug 19 15:49:09 2005 Subject: libgpg-error/po (ro.po) Message-ID: Date: Friday, August 19, 2005 @ 15:48:50 Author: werner Path: /cvs/gnupg/libgpg-error/po Modified: ro.po Does now allow to build a W32 DLL. -------+ ro.po | 81 +++++++++++++++++++++++++++++++++++++--------------------------- 1 files changed, 48 insertions(+), 33 deletions(-) From cvs at cvs.gnupg.org Fri Aug 19 15:48:51 2005 From: cvs at cvs.gnupg.org (cvs user werner) Date: Fri Aug 19 15:49:17 2005 Subject: libgpg-error/src (4 files) Message-ID: Date: Friday, August 19, 2005 @ 15:48:51 Author: werner Path: /cvs/gnupg/libgpg-error/src Added: gpg-error.def versioninfo.rc.in Modified: Makefile.am gpg-error.h.in Does now allow to build a W32 DLL. -------------------+ Makefile.am | 53 ++++++++++++++++++++++++++++++++++++++++------------ gpg-error.def | 8 +++++++ gpg-error.h.in | 1 versioninfo.rc.in | 52 +++++++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 102 insertions(+), 12 deletions(-) From cvs at cvs.gnupg.org Fri Aug 19 17:48:55 2005 From: cvs at cvs.gnupg.org (cvs user werner) Date: Fri Aug 19 17:49:04 2005 Subject: libgpg-error (configure.ac) Message-ID: Date: Friday, August 19, 2005 @ 17:48:55 Author: werner Path: /cvs/gnupg/libgpg-error Modified: configure.ac Final changes for building a DLL. --------------+ configure.ac | 10 ++++++---- 1 files changed, 6 insertions(+), 4 deletions(-) From cvs at cvs.gnupg.org Fri Aug 19 17:48:56 2005 From: cvs at cvs.gnupg.org (cvs user werner) Date: Fri Aug 19 17:49:12 2005 Subject: libgpg-error/src (Makefile.am versioninfo.rc.in) Message-ID: Date: Friday, August 19, 2005 @ 17:48:56 Author: werner Path: /cvs/gnupg/libgpg-error/src Modified: Makefile.am versioninfo.rc.in Final changes for building a DLL. -------------------+ Makefile.am | 10 +++++----- versioninfo.rc.in | 4 ++-- 2 files changed, 7 insertions(+), 7 deletions(-) From cvs at cvs.gnupg.org Sat Aug 20 21:38:46 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Sat Aug 20 21:14:43 2005 Subject: [svn] GnuPG - r3869 - trunk/g10 Message-ID: Author: dshaw Date: 2005-08-20 21:38:45 +0200 (Sat, 20 Aug 2005) New Revision: 3869 Modified: trunk/g10/ChangeLog trunk/g10/g10.c Log: * g10.c (main): Add aliases sign-with->local-user and user->recipient to make switching from PGP command line to GPG easier. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-08-19 13:37:47 UTC (rev 3868) +++ trunk/g10/ChangeLog 2005-08-20 19:38:45 UTC (rev 3869) @@ -1,3 +1,9 @@ +2005-08-20 David Shaw + + * g10.c (main): Add aliases sign-with->local-user and + user->recipient to make switching from PGP command line to GPG + easier. + 2005-08-19 David Shaw * options.skel: Remove the surfnet LDAP keyserver from the list of Modified: trunk/g10/g10.c =================================================================== --- trunk/g10/g10.c 2005-08-19 13:37:47 UTC (rev 3868) +++ trunk/g10/g10.c 2005-08-20 19:38:45 UTC (rev 3869) @@ -87,7 +87,7 @@ oHiddenRecipient = 'R', aSign = 's', oTextmodeShort= 't', - oUser = 'u', + oLocalUser = 'u', oVerbose = 'v', oCompress = 'z', oSetNotation = 'N', @@ -437,7 +437,7 @@ { oEncryptTo, "encrypt-to", 2, "@" }, { oHiddenEncryptTo, "hidden-encrypt-to", 2, "@" }, { oNoEncryptTo, "no-encrypt-to", 0, "@" }, - { oUser, "local-user",2, N_("use this user-id to sign or decrypt")}, + { oLocalUser, "local-user",2, N_("use this user-id to sign or decrypt")}, { oCompress, NULL, 1, N_("|N|set compress level N (0 disables)") }, { oCompressLevel, "compress-level", 1, "@" }, { oBZ2CompressLevel, "bzip2-compress-level", 1, "@" }, @@ -689,7 +689,12 @@ #if defined(ENABLE_CARD_SUPPORT) && defined(HAVE_LIBUSB) { oDebugCCIDDriver, "debug-ccid-driver", 0, "@"}, #endif - + /* These are aliases to help users of the PGP command line product + use gpg with minimal pain. Many commands are common already as + they seem to have borrowed commands from us. Now I'm returning + the favor. */ + { oLocalUser, "sign-with", 2, "@" }, + { oRecipient, "user", 2, "@" }, {0,NULL,0,NULL} }; @@ -2262,7 +2267,7 @@ case oMinCertLevel: opt.min_cert_level=pargs.r.ret_int; break; case oAskCertLevel: opt.ask_cert_level = 1; break; case oNoAskCertLevel: opt.ask_cert_level = 0; break; - case oUser: /* store the local users */ + case oLocalUser: /* store the local users */ add_to_strlist2( &locusr, pargs.r.ret_str, utf8_strings ); break; case oCompress: From cvs at cvs.gnupg.org Sun Aug 21 16:20:33 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Sun Aug 21 15:56:21 2005 Subject: [svn] GnuPG - r3870 - trunk/g10 Message-ID: Author: dshaw Date: 2005-08-21 16:20:27 +0200 (Sun, 21 Aug 2005) New Revision: 3870 Modified: trunk/g10/ChangeLog trunk/g10/exec.c trunk/g10/exec.h Log: * exec.h, exec.c (make_tempdir, expand_args, exec_write, exec_read): Minor cleanup to use bitfield flags instead of a bunch of integers. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-08-20 19:38:45 UTC (rev 3869) +++ trunk/g10/ChangeLog 2005-08-21 14:20:27 UTC (rev 3870) @@ -1,3 +1,9 @@ +2005-08-21 David Shaw + + * exec.h, exec.c (make_tempdir, expand_args, exec_write, + exec_read): Minor cleanup to use bitfield flags instead of a bunch + of integers. + 2005-08-20 David Shaw * g10.c (main): Add aliases sign-with->local-user and Modified: trunk/g10/exec.c =================================================================== --- trunk/g10/exec.c 2005-08-20 19:38:45 UTC (rev 3869) +++ trunk/g10/exec.c 2005-08-21 14:20:27 UTC (rev 3870) @@ -120,9 +120,9 @@ char *tmp=opt.temp_dir,*namein=info->name,*nameout; if(!namein) - namein=info->binary?"tempin" EXTSEP_S "bin":"tempin" EXTSEP_S "txt"; + namein=info->flags.binary?"tempin" EXTSEP_S "bin":"tempin" EXTSEP_S "txt"; - nameout=info->binary?"tempout" EXTSEP_S "bin":"tempout" EXTSEP_S "txt"; + nameout=info->flags.binary?"tempout" EXTSEP_S "bin":"tempout" EXTSEP_S "txt"; /* Make up the temp dir and files in case we need them */ @@ -174,13 +174,13 @@ info->tempdir,strerror(errno)); else { - info->madedir=1; + info->flags.madedir=1; info->tempfile_in=xmalloc(strlen(info->tempdir)+ strlen(DIRSEP_S)+strlen(namein)+1); sprintf(info->tempfile_in,"%s" DIRSEP_S "%s",info->tempdir,namein); - if(!info->writeonly) + if(!info->flags.writeonly) { info->tempfile_out=xmalloc(strlen(info->tempdir)+ strlen(DIRSEP_S)+strlen(nameout)+1); @@ -188,7 +188,7 @@ } } - return info->madedir?0:G10ERR_GENERAL; + return info->flags.madedir?0:G10ERR_GENERAL; } /* Expands %i and %o in the args to the full temp files within the @@ -198,8 +198,8 @@ const char *ch=args_in; unsigned int size,len; - info->use_temp_files=0; - info->keep_temp_files=0; + info->flags.use_temp_files=0; + info->flags.keep_temp_files=0; if(DBG_EXTPROG) log_debug("expanding string \"%s\"\n",args_in); @@ -220,31 +220,31 @@ switch(*ch) { case 'O': - info->keep_temp_files=1; + info->flags.keep_temp_files=1; /* fall through */ case 'o': /* out */ - if(!info->madedir) + if(!info->flags.madedir) { if(make_tempdir(info)) goto fail; } append=info->tempfile_out; - info->use_temp_files=1; + info->flags.use_temp_files=1; break; case 'I': - info->keep_temp_files=1; + info->flags.keep_temp_files=1; /* fall through */ case 'i': /* in */ - if(!info->madedir) + if(!info->flags.madedir) { if(make_tempdir(info)) goto fail; } append=info->tempfile_in; - info->use_temp_files=1; + info->flags.use_temp_files=1; break; case '%': @@ -285,8 +285,8 @@ } if(DBG_EXTPROG) - log_debug("args expanded to \"%s\", use %d, keep %d\n", - info->command,info->use_temp_files,info->keep_temp_files); + log_debug("args expanded to \"%s\", use %u, keep %u\n",info->command, + info->flags.use_temp_files,info->flags.keep_temp_files); return 0; @@ -331,15 +331,15 @@ if(name) (*info)->name=xstrdup(name); - (*info)->binary=binary; - (*info)->writeonly=writeonly; + (*info)->flags.binary=binary; + (*info)->flags.writeonly=writeonly; /* Expand the args, if any */ if(args_in && expand_args(*info,args_in)) goto fail; #ifdef EXEC_TEMPFILE_ONLY - if(!(*info)->use_temp_files) + if(!(*info)->flags.use_temp_files) { log_error(_("this platform requires temporary files when calling" " external programs\n")); @@ -350,7 +350,7 @@ /* If there are no args, or there are args, but no temp files, we can use fork/exec/pipe */ - if(args_in==NULL || (*info)->use_temp_files==0) + if(args_in==NULL || (*info)->flags.use_temp_files==0) { int to[2],from[2]; @@ -384,7 +384,7 @@ /* If the program isn't going to respond back, they get to keep their stdout/stderr */ - if(!(*info)->writeonly) + if(!(*info)->flags.writeonly) { /* implied close of STDERR */ if(dup2(STDOUT_FILENO,STDERR_FILENO)==-1) @@ -494,7 +494,7 @@ fclose(info->tochild); info->tochild=NULL; - if(info->use_temp_files) + if(info->flags.use_temp_files) { if(DBG_EXTPROG) log_debug("system() command is %s\n",info->command); @@ -537,7 +537,7 @@ goto fail; } - if(!info->writeonly) + if(!info->flags.writeonly) { info->fromchild=iobuf_open(info->tempfile_out); if (info->fromchild @@ -590,7 +590,7 @@ } #endif - if(info->madedir && !info->keep_temp_files) + if(info->flags.madedir && !info->flags.keep_temp_files) { if(info->tempfile_in) { Modified: trunk/g10/exec.h =================================================================== --- trunk/g10/exec.h 2005-08-20 19:38:45 UTC (rev 3869) +++ trunk/g10/exec.h 2005-08-21 14:20:27 UTC (rev 3870) @@ -28,7 +28,15 @@ struct exec_info { - int progreturn,binary,writeonly,madedir,use_temp_files,keep_temp_files; + int progreturn; + struct + { + unsigned int binary:1; + unsigned int writeonly:1; + unsigned int madedir:1; + unsigned int use_temp_files:1; + unsigned int keep_temp_files:1; + } flags; pid_t child; FILE *tochild; IOBUF fromchild; From cvs at cvs.gnupg.org Sun Aug 21 22:58:48 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Sun Aug 21 22:34:31 2005 Subject: [svn] GnuPG - r3871 - trunk/g10 Message-ID: Author: dshaw Date: 2005-08-21 22:58:46 +0200 (Sun, 21 Aug 2005) New Revision: 3871 Modified: trunk/g10/ChangeLog trunk/g10/Makefile.am trunk/g10/keyserver.c trunk/g10/main.h trunk/g10/misc.c Log: * Makefile.am: No need to link with curl any longer. * main.h, misc.c (path_access): New. Same as access() but does a PATH search like execlp. * keyserver.c (curl_can_handle): Removed. Replaced by... (curl_cant_handle): We are now relying on curl as the handler of last resort. This is necessary because PGP LDAP and curl LDAP are apples and oranges. (keyserver_typemap): Only test for ldap and ldaps. (keyserver_spawn): If a given handler is unusable (as determined by path_access()) then try gpgkeys_curl. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-08-21 14:20:27 UTC (rev 3870) +++ trunk/g10/ChangeLog 2005-08-21 20:58:46 UTC (rev 3871) @@ -1,5 +1,18 @@ 2005-08-21 David Shaw + * Makefile.am: No need to link with curl any longer. + + * main.h, misc.c (path_access): New. Same as access() but does a + PATH search like execlp. + + * keyserver.c (curl_can_handle): Removed. Replaced by... + (curl_cant_handle): We are now relying on curl as the handler of + last resort. This is necessary because PGP LDAP and curl LDAP are + apples and oranges. + (keyserver_typemap): Only test for ldap and ldaps. + (keyserver_spawn): If a given handler is unusable (as determined + by path_access()) then try gpgkeys_curl. + * exec.h, exec.c (make_tempdir, expand_args, exec_write, exec_read): Minor cleanup to use bitfield flags instead of a bunch of integers. Modified: trunk/g10/Makefile.am =================================================================== --- trunk/g10/Makefile.am 2005-08-21 14:20:27 UTC (rev 3870) +++ trunk/g10/Makefile.am 2005-08-21 20:58:46 UTC (rev 3871) @@ -124,8 +124,7 @@ verify.c LDADD = $(needed_libs) $(other_libs) @ZLIBS@ @W32LIBS@ @LIBREADLINE@ -gpg_LDADD = $(LDADD) @DLLIBS@ @NETLIBS@ @LIBUSB@ @LIBCURL@ -##gpg_CPPFLAGS = @LIBCURL_CPPFLAGS@ +gpg_LDADD = $(LDADD) @DLLIBS@ @NETLIBS@ @LIBUSB@ $(PROGRAMS): $(needed_libs) Modified: trunk/g10/keyserver.c =================================================================== --- trunk/g10/keyserver.c 2005-08-21 14:20:27 UTC (rev 3870) +++ trunk/g10/keyserver.c 2005-08-21 20:58:46 UTC (rev 3871) @@ -49,6 +49,16 @@ #define GPGKEYS_PREFIX "gpgkeys_" +#if defined(HAVE_LIBCURL) || defined(FAKE_CURL) +#define GPGKEYS_CURL "gpgkeys_curl" +#endif + +#ifdef GPGKEYS_CURL +#define GPGKEYS_PREFIX_LEN (strlen(GPGKEYS_PREFIX)+strlen(GPGKEYS_CURL)) +#else +#define GPGKEYS_PREFIX_LEN (strlen(GPGKEYS_PREFIX)) +#endif + struct keyrec { KEYDB_SEARCH_DESC desc; @@ -830,47 +840,29 @@ xfree(line); } -static int -curl_can_handle(const char *scheme) -{ -#if defined(HAVE_LIBCURL) - - const char * const *proto; - curl_version_info_data *data=curl_version_info(CURLVERSION_NOW); - - assert(data); - - for(proto=data->protocols;*proto;proto++) - if(strcasecmp(*proto,scheme)==0) - return 1; - -#elif defined(FAKE_CURL) - - /* If we're faking curl, then we only support HTTP */ - if(strcasecmp(scheme,"http")==0) - return 1; - -#endif - - return 0; -} - /* We sometimes want to use a different gpgkeys_xxx for a given protocol (for example, ldaps is handled by gpgkeys_ldap). Map these here. */ static const char * keyserver_typemap(const char *type) { - if(strcmp(type,"ldap")==0) + if(strcmp(type,"ldaps")==0) return "ldap"; - else if(strcmp(type,"ldaps")==0) - return "ldap"; - else if(curl_can_handle(type)) - return "curl"; else return type; } +#ifdef GPGKEYS_CURL +static int +curl_cant_handle(const char *scheme) +{ + if(strcmp(scheme,"ldap")==0 || strcmp(scheme,"ldaps")==0) + return 1; + + return 0; +} +#endif + #define KEYSERVER_ARGS_KEEP " -o \"%O\" \"%I\"" #define KEYSERVER_ARGS_NOKEEP " -o \"%o\" \"%i\"" @@ -881,7 +873,7 @@ int ret=0,i,gotversion=0,outofband=0; STRLIST temp; unsigned int maxlen,buflen; - char *command,*searchstr=NULL; + char *command,*end,*searchstr=NULL; byte *line=NULL; struct parse_options *kopts; struct exec_info *spawn; @@ -923,7 +915,7 @@ /* If exec-path was set, and DISABLE_KEYSERVER_PATH is undefined, then don't specify a full path to gpgkeys_foo, so that the PATH can work. */ - command=xmalloc(strlen(GPGKEYS_PREFIX)+strlen(scheme)+1); + command=xmalloc(GPGKEYS_PREFIX_LEN+strlen(scheme)+1); command[0]='\0'; } else @@ -931,14 +923,21 @@ { /* Specify a full path to gpgkeys_foo. */ command=xmalloc(strlen(libexecdir)+strlen(DIRSEP_S)+ - strlen(GPGKEYS_PREFIX)+strlen(scheme)+1); + GPGKEYS_PREFIX_LEN+strlen(scheme)+1); strcpy(command,libexecdir); strcat(command,DIRSEP_S); } + end=command+strlen(command); + strcat(command,GPGKEYS_PREFIX); strcat(command,scheme); +#ifdef GPGKEYS_CURL + if(!curl_cant_handle(scheme) && path_access(command,X_OK)!=0) + strcpy(end,GPGKEYS_CURL); +#endif + if(opt.keyserver_options.options&KEYSERVER_USE_TEMP_FILES) { if(opt.keyserver_options.options&KEYSERVER_KEEP_TEMP_FILES) Modified: trunk/g10/main.h =================================================================== --- trunk/g10/main.h 2005-08-21 14:20:27 UTC (rev 3870) +++ trunk/g10/main.h 2005-08-21 20:58:46 UTC (rev 3871) @@ -129,8 +129,8 @@ int is_valid_mailbox (const char *name); char *default_homedir (void); const char *get_libexecdir (void); +int path_access(const char *file,int mode); - /*-- helptext.c --*/ void display_online_help( const char *keyword ); Modified: trunk/g10/misc.c =================================================================== --- trunk/g10/misc.c 2005-08-21 14:20:27 UTC (rev 3870) +++ trunk/g10/misc.c 2005-08-21 20:58:46 UTC (rev 3871) @@ -1,6 +1,6 @@ /* misc.c - miscellaneous functions - * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, - * 2004, 2005 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, + * 2005 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -1223,3 +1223,38 @@ return GNUPG_LIBEXECDIR; } + +int +path_access(const char *file,int mode) +{ + char *envpath; + int ret=-1; + + envpath=getenv("PATH"); + + if(file[0]=='/' || !envpath) + return access(file,mode); + else + { + /* At least as large as, but most often larger than we need. */ + char *buffer=xmalloc(strlen(envpath)+1+strlen(file)+1); + char *split,*item,*path=xstrdup(envpath); + + split=path; + + while((item=strsep(&split,PATHSEP_S))) + { + strcpy(buffer,item); + strcat(buffer,"/"); + strcat(buffer,file); + ret=access(buffer,mode); + if(ret==0) + break; + } + + xfree(path); + xfree(buffer); + } + + return ret; +} From cvs at cvs.gnupg.org Mon Aug 22 04:26:57 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Mon Aug 22 04:02:49 2005 Subject: [svn] GnuPG - r3872 - trunk/scripts Message-ID: Author: dshaw Date: 2005-08-22 04:26:57 +0200 (Mon, 22 Aug 2005) New Revision: 3872 Modified: trunk/scripts/ChangeLog trunk/scripts/gnupg.spec.in Log: * gnupg.spec.in: Distribute gpg-zip. Modified: trunk/scripts/ChangeLog =================================================================== --- trunk/scripts/ChangeLog 2005-08-21 20:58:46 UTC (rev 3871) +++ trunk/scripts/ChangeLog 2005-08-22 02:26:57 UTC (rev 3872) @@ -1,3 +1,7 @@ +2005-08-21 David Shaw + + * gnupg.spec.in: Distribute gpg-zip. + 2005-05-31 Werner Koch * config.guess, config.sub, config.rpath: Updated from todays Modified: trunk/scripts/gnupg.spec.in =================================================================== --- trunk/scripts/gnupg.spec.in 2005-08-21 20:58:46 UTC (rev 3871) +++ trunk/scripts/gnupg.spec.in 2005-08-22 02:26:57 UTC (rev 3872) @@ -25,6 +25,9 @@ BuildRoot: %{_tmppath}/rpmbuild_%{name}-%{version} %changelog +* Sun Aug 21 2005 David Shaw +- Distribute gpg-zip. + * Fri Apr 22 2005 David Shaw - No longer any need to override libexecdir. The makefiles now calculate this correctly internally. @@ -189,6 +192,7 @@ %attr (4755,root,root) %{_bindir}/gpg %attr (0755,root,root) %{_bindir}/gpgv %attr (0755,root,root) %{_bindir}/gpgsplit +%attr (0755,root,root) %{_bindir}/gpg-zip %attr (0755,root,root) %{_libexecdir}/gnupg/* %post From cvs at cvs.gnupg.org Mon Aug 22 11:30:27 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon Aug 22 11:06:12 2005 Subject: [svn] gcry - r1102 - trunk/cipher Message-ID: Author: wk Date: 2005-08-22 11:30:25 +0200 (Mon, 22 Aug 2005) New Revision: 1102 Modified: trunk/cipher/ChangeLog trunk/cipher/primegen.c Log: Made gcry_prime_check more robust (and slower). Modified: trunk/cipher/ChangeLog =================================================================== --- trunk/cipher/ChangeLog 2005-08-19 07:58:27 UTC (rev 1101) +++ trunk/cipher/ChangeLog 2005-08-22 09:30:25 UTC (rev 1102) @@ -1,3 +1,11 @@ +2005-08-22 Werner Koch + + * primegen.c (check_prime): New arg RM_ROUNDS. + (prime_generate_internal): Call it here with 5 rounds as used + before. + (gcry_prime_check): But here with 64 rounds. + (is_prime): Make sure never to use less than 5 rounds. + 2005-04-16 Moritz Schulte * ac.c (_gcry_ac_init): New function. Modified: trunk/cipher/primegen.c =================================================================== --- trunk/cipher/primegen.c 2005-08-19 07:58:27 UTC (rev 1101) +++ trunk/cipher/primegen.c 2005-08-22 09:30:25 UTC (rev 1102) @@ -39,7 +39,7 @@ static gcry_mpi_t gen_prime (unsigned int nbits, int secret, int randomlevel, int (*extra_check)(void *, gcry_mpi_t), void *extra_check_arg); -static int check_prime( gcry_mpi_t prime, gcry_mpi_t val_2, +static int check_prime( gcry_mpi_t prime, gcry_mpi_t val_2, int rm_rounds, gcry_prime_check_func_t cb_func, void *cb_arg ); static int is_prime( gcry_mpi_t n, int steps, int *count ); static void m_out_of_n( char *array, int m, int n ); @@ -372,7 +372,8 @@ else count2 = 0; } - while (! ((nprime == pbits) && check_prime (prime, val_2, cb_func, cb_arg))); + while (! ((nprime == pbits) && check_prime (prime, val_2, 5, + cb_func, cb_arg))); if (DBG_CIPHER) { @@ -637,9 +638,10 @@ /**************** * Returns: true if this may be a prime + * RM_ROUNDS gives the number of Rabin-Miller tests to run. */ static int -check_prime( gcry_mpi_t prime, gcry_mpi_t val_2, +check_prime( gcry_mpi_t prime, gcry_mpi_t val_2, int rm_rounds, gcry_prime_check_func_t cb_func, void *cb_arg) { int i; @@ -673,7 +675,7 @@ if (!cb_func || cb_func (cb_arg, GCRY_PRIME_CHECK_AT_MAYBE_PRIME, prime)) { /* Perform stronger tests. */ - if ( is_prime( prime, 5, &count ) ) + if ( is_prime( prime, rm_rounds, &count ) ) { if (!cb_func || cb_func (cb_arg, GCRY_PRIME_CHECK_AT_GOT_PRIME, prime)) @@ -701,6 +703,9 @@ int rc = 0; unsigned nbits = mpi_get_nbits( n ); + if (steps < 5) /* Make sure that we do at least 5 rounds. */ + steps = 5; + mpi_sub_ui( nminus1, n, 1 ); /* Find q and k, so that n = 1 + 2^k * q . */ @@ -935,7 +940,9 @@ gcry_err_code_t err = GPG_ERR_NO_ERROR; gcry_mpi_t val_2 = mpi_alloc_set_ui (2); /* Used by the Fermat test. */ - if (! check_prime (x, val_2, NULL, NULL)) + /* We use 64 rounds because the prime we are going to test is not + guaranteed to be a random one. */ + if (! check_prime (x, val_2, 64, NULL, NULL)) err = GPG_ERR_NO_PRIME; mpi_free (val_2); From cvs at cvs.gnupg.org Tue Aug 23 06:42:26 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Tue Aug 23 06:18:04 2005 Subject: [svn] GnuPG - r3873 - trunk/doc Message-ID: Author: dshaw Date: 2005-08-23 06:42:25 +0200 (Tue, 23 Aug 2005) New Revision: 3873 Modified: trunk/doc/ChangeLog trunk/doc/gpg.sgml Log: * gpg.sgml: Fix documentation for setpref/updpref, document import-clean, --status-file, --logger-file, --attribute-file, --passphrase-file, --passphrase, and --command-file. Comment out the "+word match" selection syntax since it isn't supported. Modified: trunk/doc/ChangeLog =================================================================== --- trunk/doc/ChangeLog 2005-08-22 02:26:57 UTC (rev 3872) +++ trunk/doc/ChangeLog 2005-08-23 04:42:25 UTC (rev 3873) @@ -1,3 +1,10 @@ +2005-08-23 David Shaw + + * gpg.sgml: Fix documentation for setpref/updpref, document + import-clean, --status-file, --logger-file, --attribute-file, + --passphrase-file, --passphrase, and --command-file. Comment out + the "+word match" selection syntax since it isn't supported. + 2005-07-22 Werner Koch * gpg.sgml: Removed entry for --no-interactive-selection. Modified: trunk/doc/gpg.sgml =================================================================== --- trunk/doc/gpg.sgml 2005-08-22 02:26:57 UTC (rev 3872) +++ trunk/doc/gpg.sgml 2005-08-23 04:42:25 UTC (rev 3873) @@ -511,25 +511,17 @@ setpref &ParmString; -Set the list of user ID preferences to &ParmString;, this should be a -string similar to the one printed by "pref". Using an empty string -will set the default preference string, using "none" will remove the -preferences. Use "gpg --version" to get a list of available -algorithms. This command just initializes an internal list and does -not change anything unless another command (such as "updpref") which -changes the self-signatures is used. +Set the list of user ID preferences to &ParmString; for all (or just +the selected) user IDs. Calling setpref with no arguments sets the +preference list to the default (either built-in or set via +--default-preference-list), and calling setpref with "none" as the +argument sets an empty preference list. Use "gpg --version" to get a +list of available algorithms. Note that while you can change the +preferences on an attribute user ID (aka "photo ID"), GnuPG does not +select keys via attribute user IDs so these preferences will not be +used by GnuPG. - updpref - -Change the preferences of all user IDs (or just of the selected ones -to the current list of preferences. The timestamp of all affected -self-signatures will be advanced by one second. Note that while you -can change the preferences on an attribute user ID (aka "photo ID"), -GnuPG does not select keys via attribute user IDs so these preferences -will not be used by GnuPG. - - keyserver Set a preferred keyserver for the specified user ID(s). This allows @@ -1410,6 +1402,12 @@ --edit-key command "clean uids" after import. Defaults to no. + +import-clean + +Identical to "import-clean-sigs import-clean-uids". + + @@ -1864,6 +1862,12 @@ See the file DETAILS in the documentation for a listing of them. + +--status-file &ParmFile; + +Same as --status-fd, except the status data is written to file +&ParmFile;. + --logger-fd &ParmN; @@ -1871,6 +1875,12 @@ Write log output to file descriptor &ParmN; and not to stderr. + +--logger-file &ParmFile; + +Same as --logger-fd, except the logger data is written to file +&ParmFile;. + --attribute-fd &ParmN; @@ -1881,7 +1891,14 @@ delivered to the file descriptor. + +--attribute-file &ParmFile; + +Same as --attribute-fd, except the attribute data is written to file +&ParmFile;. + + --comment &ParmString; --no-comments @@ -2231,6 +2248,23 @@ +--passphrase-file &ParmFile; + +Read the passphrase from file &ParmFile;. This can only be used if +only one passphrase is supplied. Obviously, a passphrase stored in a +file is of questionable security. Don't use this option if you can +avoid it. + + + +--passphrase &ParmString; + +Use &ParmString; as the passphrase. This can only be used if only one +passphrase is supplied. Obviously, this is of very questionable +security. Don't use this option if you can avoid it. + + + --command-fd &ParmN; This is a replacement for the deprecated shared-memory IPC mode. @@ -2241,6 +2275,13 @@ +--command-file &ParmFile; + +Same as --command-fd, except the commands are read out of file +&ParmFile; + + + --use-agent --no-use-agent @@ -2821,10 +2862,9 @@ --default-preference-list &ParmString; -Set the list of default preferences to &ParmString;, this list should -be a string similar to the one printed by the command "pref" in the -edit menu. This affects both key generation and "updpref" in the edit -menu. +Set the list of default preferences to &ParmString;. This preference +list is used for new keys and becomes the default for "setpref" in the +edit menu. @@ -2903,6 +2943,7 @@ + Heine From cvs at cvs.gnupg.org Fri Aug 26 06:24:47 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Fri Aug 26 06:00:07 2005 Subject: [svn] GnuPG - r3874 - trunk/keyserver Message-ID: Author: dshaw Date: 2005-08-26 06:24:46 +0200 (Fri, 26 Aug 2005) New Revision: 3874 Modified: trunk/keyserver/ChangeLog trunk/keyserver/gpgkeys_hkp.c trunk/keyserver/gpgkeys_ldap.c trunk/keyserver/ksutil.c trunk/keyserver/ksutil.h Log: * ksutil.h, ksutil.c (parse_ks_options): Remove exact-name and exact-email. (classify_ks_search): Mimic the gpg search modes instead with *, =, <, and @. * gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Call them here. Suggested by Jason Harris. Modified: trunk/keyserver/ChangeLog =================================================================== --- trunk/keyserver/ChangeLog 2005-08-23 04:42:25 UTC (rev 3873) +++ trunk/keyserver/ChangeLog 2005-08-26 04:24:46 UTC (rev 3874) @@ -1,3 +1,13 @@ +2005-08-25 David Shaw + + * ksutil.h, ksutil.c (parse_ks_options): Remove exact-name and + exact-email. + (classify_ks_search): Mimic the gpg search modes instead with *, + =, <, and @. + + * gpgkeys_ldap.c (search_key), gpgkeys_hkp.c (search_key): Call + them here. Suggested by Jason Harris. + 2005-08-18 David Shaw * ksutil.h, ksutil.c (parse_ks_options): New keyserver-option Modified: trunk/keyserver/gpgkeys_hkp.c =================================================================== --- trunk/keyserver/gpgkeys_hkp.c 2005-08-23 04:42:25 UTC (rev 3873) +++ trunk/keyserver/gpgkeys_hkp.c 2005-08-26 04:24:46 UTC (rev 3874) @@ -283,54 +283,22 @@ return KEYSERVER_OK; } -int -search_key(char *searchkey) +static int +search_key(const char *searchkey) { CURLcode res; char *request=NULL; char *searchkey_encoded=NULL; int ret=KEYSERVER_INTERNAL_ERROR; + enum ks_search_type search_type; - if(opt->flags.exact_name) - { - char *bracketed; + search_type=classify_ks_search(&searchkey); - bracketed=malloc(strlen(searchkey)+2+1); - if(!bracketed) - { - fprintf(console,"gpgkeys: out of memory\n"); - ret=KEYSERVER_NO_MEMORY; - goto fail; - } + if(opt->debug) + fprintf(console,"gpgkeys: search type is %d, and key is \"%s\"\n", + search_type,searchkey); - strcpy(bracketed,searchkey); - strcat(bracketed," <"); - - searchkey_encoded=curl_escape(bracketed,0); - free(bracketed); - } - else if(opt->flags.exact_email) - { - char *bracketed; - - bracketed=malloc(1+strlen(searchkey)+1+1); - if(!bracketed) - { - fprintf(console,"gpgkeys: out of memory\n"); - ret=KEYSERVER_NO_MEMORY; - goto fail; - } - - strcpy(bracketed,"<"); - strcat(bracketed,searchkey); - strcat(bracketed,">"); - - searchkey_encoded=curl_escape(bracketed,0); - free(bracketed); - } - else - searchkey_encoded=curl_escape(searchkey,0); - + searchkey_encoded=curl_escape(searchkey,0); if(!searchkey_encoded) { fprintf(console,"gpgkeys: out of memory\n"); @@ -359,7 +327,7 @@ append_path(request,"/pks/lookup?op=index&options=mr&search="); strcat(request,searchkey_encoded); - if(opt->flags.exact_name || opt->flags.exact_email) + if(search_type!=KS_SEARCH_SUBSTR) strcat(request,"&exact=on"); if(opt->verbose>2) Modified: trunk/keyserver/gpgkeys_ldap.c =================================================================== --- trunk/keyserver/gpgkeys_ldap.c 2005-08-23 04:42:25 UTC (rev 3873) +++ trunk/keyserver/gpgkeys_ldap.c 2005-08-26 04:24:46 UTC (rev 3874) @@ -1167,7 +1167,7 @@ /* Returns 0 on success and -1 on error. Note that key-not-found is not an error! */ static int -search_key(char *searchkey) +search_key(const char *searchkey) { char **vals; LDAPMessage *res,*each; @@ -1176,13 +1176,20 @@ /* The maximum size of the search, including the optional stuff and the trailing \0 */ char *expanded_search; - char search[2+12+1+1+MAX_LINE+1+2+2+15+14+1+1]; + char search[2+11+3+MAX_LINE+2+15+14+1+1+20]; char *attrs[]={"pgpcertid","pgpuserid","pgprevoked","pgpdisabled", "pgpkeycreatetime","pgpkeyexpiretime","modifytimestamp", "pgpkeysize","pgpkeytype",NULL}; + enum ks_search_type search_type; fprintf(output,"SEARCH %s BEGIN\n",searchkey); + search_type=classify_ks_search(&searchkey); + + if(opt->debug) + fprintf(console,"search type is %d, and key is \"%s\"\n", + search_type,searchkey); + expanded_search=malloc(ldap_quote(NULL,searchkey)+1); if(!expanded_search) { @@ -1190,18 +1197,19 @@ fprintf(console,"Out of memory when quoting LDAP search string\n"); return KEYSERVER_NO_MEMORY; } - + ldap_quote(expanded_search,searchkey); /* Build the search string */ - sprintf(search,"%s(pgpuserid=%s%s%s%s%s*)%s%s%s", + sprintf(search,"%s(pgpuserid=%s%s%s)%s%s%s", (!(opt->flags.include_disabled&&opt->flags.include_revoked))?"(&":"", - opt->flags.exact_name?"":"*", - opt->flags.exact_email?"<":"", + (search_type==KS_SEARCH_EXACT)?"": + (search_type==KS_SEARCH_MAILSUB)?"*<*":"*", expanded_search, - opt->flags.exact_email?">":"", - opt->flags.exact_name?" <":"", + (search_type==KS_SEARCH_EXACT + || search_type==KS_SEARCH_MAIL)?"": + (search_type==KS_SEARCH_MAILSUB)?"*>":"*", opt->flags.include_disabled?"":"(pgpdisabled=0)", opt->flags.include_revoked?"":"(pgprevoked=0)", !(opt->flags.include_disabled&&opt->flags.include_revoked)?")":""); Modified: trunk/keyserver/ksutil.c =================================================================== --- trunk/keyserver/ksutil.c 2005-08-23 04:42:25 UTC (rev 3873) +++ trunk/keyserver/ksutil.c 2005-08-26 04:24:46 UTC (rev 3874) @@ -298,27 +298,6 @@ return KEYSERVER_NO_MEMORY; } } - else if(strcasecmp(start,"exact-email")==0 - || strcasecmp(start,"exact-mail")==0) - { - if(no) - opt->flags.exact_email=0; - else - { - opt->flags.exact_email=1; - opt->flags.exact_name=0; - } - } - else if(strcasecmp(start,"exact-name")==0) - { - if(no) - opt->flags.exact_name=0; - else - { - opt->flags.exact_name=1; - opt->flags.exact_email=0; - } - } } return -1; @@ -356,6 +335,27 @@ } } +enum ks_search_type +classify_ks_search(const char **search) +{ + switch(**search) + { + default: + return KS_SEARCH_SUBSTR; + case '*': + (*search)++; + return KS_SEARCH_SUBSTR; + case '=': + (*search)++; + return KS_SEARCH_EXACT; + case '<': + return KS_SEARCH_MAIL; + case '@': + (*search)++; + return KS_SEARCH_MAILSUB; + } +} + #if defined (HAVE_LIBCURL) || defined (FAKE_CURL) int curl_err_to_gpg_err(CURLcode error) Modified: trunk/keyserver/ksutil.h =================================================================== --- trunk/keyserver/ksutil.h 2005-08-23 04:42:25 UTC (rev 3873) +++ trunk/keyserver/ksutil.h 2005-08-26 04:24:46 UTC (rev 3874) @@ -74,6 +74,9 @@ enum ks_action {KS_UNKNOWN=0,KS_GET,KS_SEND,KS_SEARCH}; +enum ks_search_type {KS_SEARCH_SUBSTR,KS_SEARCH_EXACT, + KS_SEARCH_MAIL,KS_SEARCH_MAILSUB}; + struct ks_options { enum ks_action action; @@ -89,8 +92,6 @@ unsigned int include_revoked:1; unsigned int include_subkeys:1; unsigned int check_cert:1; - unsigned int exact_name:1; - unsigned int exact_email:1; } flags; unsigned int verbose; unsigned int debug; @@ -103,6 +104,7 @@ int parse_ks_options(char *line,struct ks_options *opt); const char *ks_action_to_string(enum ks_action action); void print_nocr(FILE *stream,const char *str); +enum ks_search_type classify_ks_search(const char **search); #if defined (HAVE_LIBCURL) || defined (FAKE_CURL) int curl_err_to_gpg_err(CURLcode error); From cvs at cvs.gnupg.org Sat Aug 27 04:56:52 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Sat Aug 27 04:32:05 2005 Subject: [svn] GnuPG - r3875 - trunk/g10 Message-ID: Author: dshaw Date: 2005-08-27 04:56:51 +0200 (Sat, 27 Aug 2005) New Revision: 3875 Modified: trunk/g10/ChangeLog trunk/g10/keyedit.c Log: * keyedit.c (ask_revoke_sig): Add a revsig --with-colons mode. Suggested by Michael Schierl. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-08-26 04:24:46 UTC (rev 3874) +++ trunk/g10/ChangeLog 2005-08-27 02:56:51 UTC (rev 3875) @@ -1,3 +1,8 @@ +2005-08-26 David Shaw + + * keyedit.c (ask_revoke_sig): Add a revsig --with-colons mode. + Suggested by Michael Schierl. + 2005-08-21 David Shaw * Makefile.am: No need to link with curl any longer. Modified: trunk/g10/keyedit.c =================================================================== --- trunk/g10/keyedit.c 2005-08-26 04:24:46 UTC (rev 3874) +++ trunk/g10/keyedit.c 2005-08-27 02:56:51 UTC (rev 3875) @@ -2377,7 +2377,6 @@ } } - /* This is the version of show_key_with_all_names used when opt.with_colons is used. It prints all available data in a easy to parse format and does not translate utf8 */ @@ -4189,7 +4188,7 @@ ask_revoke_sig( KBNODE keyblock, KBNODE node ) { int doit=0; - char *p; + PKT_user_id *uid; PKT_signature *sig = node->pkt->pkt.signature; KBNODE unode = find_prev_kbnode( keyblock, node, PKT_USER_ID ); @@ -4198,15 +4197,33 @@ return; } - p=utf8_to_native(unode->pkt->pkt.user_id->name, - unode->pkt->pkt.user_id->len,0); - tty_printf(_("user ID: \"%s\"\n"),p); - xfree(p); + uid=unode->pkt->pkt.user_id; - tty_printf(_("signed by your key %s on %s%s%s\n"), - keystr(sig->keyid),datestr_from_sig(sig), - sig->flags.exportable?"":_(" (non-exportable)"),""); + if(opt.with_colons) + { + if(uid->attrib_data) + printf("uat:::::::::%u %lu",uid->numattribs,uid->attrib_len); + else + { + printf("uid:::::::::"); + print_string (stdout, uid->name, uid->len, ':'); + } + printf("\n"); + + print_and_check_one_sig_colon(keyblock,node,NULL,NULL,NULL,NULL,1); + } + else + { + char *p=utf8_to_native(unode->pkt->pkt.user_id->name, + unode->pkt->pkt.user_id->len,0); + tty_printf(_("user ID: \"%s\"\n"),p); + xfree(p); + + tty_printf(_("signed by your key %s on %s%s%s\n"), + keystr(sig->keyid),datestr_from_sig(sig), + sig->flags.exportable?"":_(" (non-exportable)"),""); + } if(sig->flags.expired) { tty_printf(_("This signature expired on %s.\n"), From cvs at cvs.gnupg.org Sat Aug 27 05:09:42 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Sat Aug 27 04:44:54 2005 Subject: [svn] GnuPG - r3876 - trunk/g10 Message-ID: Author: dshaw Date: 2005-08-27 05:09:40 +0200 (Sat, 27 Aug 2005) New Revision: 3876 Modified: trunk/g10/ChangeLog trunk/g10/getkey.c trunk/g10/keyedit.c trunk/g10/keygen.c trunk/g10/keyid.c trunk/g10/keyserver.c trunk/g10/misc.c Log: * misc.c (openpgp_pk_algo_usage): Default to allowing CERT for signing algorithms. * keyedit.c (sign_uids): Don't request a signing key to make a certification. * keygen.c (do_add_key_flags): Force the certify flag on for all primary keys, as the spec requires primary keys must be able to certify (if nothing else, which key is going to issue the user ID signature?) (print_key_flags): Show certify flag. (ask_key_flags, ask_algo): Don't allow setting the C flag for subkeys. * keyid.c (usagestr_from_pk), getkey.c (parse_key_usage): Distinguish between a sign/certify key and a certify-only key. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-08-27 02:56:51 UTC (rev 3875) +++ trunk/g10/ChangeLog 2005-08-27 03:09:40 UTC (rev 3876) @@ -1,5 +1,22 @@ 2005-08-26 David Shaw + * misc.c (openpgp_pk_algo_usage): Default to allowing CERT for + signing algorithms. + + * keyedit.c (sign_uids): Don't request a signing key to make a + certification. + + * keygen.c (do_add_key_flags): Force the certify flag on for all + primary keys, as the spec requires primary keys must be able to + certify (if nothing else, which key is going to issue the user ID + signature?) + (print_key_flags): Show certify flag. + (ask_key_flags, ask_algo): Don't allow setting the C flag for + subkeys. + + * keyid.c (usagestr_from_pk), getkey.c (parse_key_usage): + Distinguish between a sign/certify key and a certify-only key. + * keyedit.c (ask_revoke_sig): Add a revsig --with-colons mode. Suggested by Michael Schierl. Modified: trunk/g10/getkey.c =================================================================== --- trunk/g10/getkey.c 2005-08-27 02:56:51 UTC (rev 3875) +++ trunk/g10/getkey.c 2005-08-27 03:09:40 UTC (rev 3876) @@ -1331,16 +1331,24 @@ /* first octet of the keyflags */ flags=*p; - if(flags & 3) + if(flags & 1) { + key_usage |= PUBKEY_USAGE_CERT; + flags&=~1; + } + + if(flags & 2) + { key_usage |= PUBKEY_USAGE_SIG; - flags&=~3; + flags&=~2; } - if(flags & 12) + /* We do not distinguish between encrypting communications and + encrypting storage. */ + if(flags & (0x04|0x08)) { key_usage |= PUBKEY_USAGE_ENC; - flags&=~12; + flags&=~(0x04|0x08); } if(flags & 0x20) Modified: trunk/g10/keyedit.c =================================================================== --- trunk/g10/keyedit.c 2005-08-27 02:56:51 UTC (rev 3875) +++ trunk/g10/keyedit.c 2005-08-27 03:09:40 UTC (rev 3876) @@ -529,8 +529,8 @@ * be one which is capable of signing keys. I can't see a reason * why to sign keys using a subkey. Implementation of USAGE_CERT * is just a hack in getkey.c and does not mean that a subkey - * marked as certification capable will be used */ - rc=build_sk_list( locusr, &sk_list, 0, PUBKEY_USAGE_SIG|PUBKEY_USAGE_CERT); + * marked as certification capable will be used. */ + rc=build_sk_list( locusr, &sk_list, 0, PUBKEY_USAGE_CERT); if( rc ) goto leave; Modified: trunk/g10/keygen.c =================================================================== --- trunk/g10/keygen.c 2005-08-27 02:56:51 UTC (rev 3875) +++ trunk/g10/keygen.c 2005-08-27 03:09:40 UTC (rev 3876) @@ -190,9 +190,6 @@ { byte buf[1]; - if (!use) - return; - buf[0] = 0; /* The spec says that all primary keys MUST be able to certify. */ @@ -205,6 +202,10 @@ buf[0] |= 0x04 | 0x08; if (use & PUBKEY_USAGE_AUTH) buf[0] |= 0x20; + + if (!buf[0]) + return; + build_sig_subpkt (sig, SIGSUBPKT_KEY_FLAGS, buf, 1); } @@ -1238,6 +1239,9 @@ if(flags&PUBKEY_USAGE_SIG) tty_printf("%s ",_("Sign")); + if(flags&PUBKEY_USAGE_CERT) + tty_printf("%s ",_("Certify")); + if(flags&PUBKEY_USAGE_ENC) tty_printf("%s ",_("Encrypt")); @@ -1248,7 +1252,7 @@ /* Returns the key flags */ static unsigned int -ask_key_flags(int algo) +ask_key_flags(int algo,int subkey) { const char *togglers=_("SsEeAaQq"); char *answer=NULL; @@ -1258,6 +1262,10 @@ if(strlen(togglers)!=8) BUG(); + /* Only primary keys may certify. */ + if(subkey) + possible&=~PUBKEY_USAGE_CERT; + /* Preload the current set with the possible set, minus authentication, since nobody really uses auth yet. */ current=possible&~PUBKEY_USAGE_AUTH; @@ -1291,7 +1299,7 @@ cpr_kill_prompt(); if(strlen(answer)>1) - continue; + tty_printf(_("Invalid selection.\n")); else if(*answer=='\0' || *answer==togglers[6] || *answer==togglers[7]) break; else if((*answer==togglers[0] || *answer==togglers[1]) @@ -1318,6 +1326,8 @@ else current|=PUBKEY_USAGE_AUTH; } + else + tty_printf(_("Invalid selection.\n")); } xfree(answer); @@ -1362,7 +1372,7 @@ } else if( algo == 7 && opt.expert ) { algo = PUBKEY_ALGO_RSA; - *r_usage=ask_key_flags(algo); + *r_usage=ask_key_flags(algo,addmode); break; } else if( algo == 6 && addmode ) { @@ -1382,7 +1392,7 @@ } else if( algo == 3 && opt.expert ) { algo = PUBKEY_ALGO_DSA; - *r_usage=ask_key_flags(algo); + *r_usage=ask_key_flags(algo,addmode); break; } else if( algo == 2 ) { Modified: trunk/g10/keyid.c =================================================================== --- trunk/g10/keyid.c 2005-08-27 02:56:51 UTC (rev 3875) +++ trunk/g10/keyid.c 2005-08-27 03:09:40 UTC (rev 3876) @@ -547,10 +547,13 @@ if ( use & PUBKEY_USAGE_SIG ) { if (pk->is_primary) - buffer[i++] = 'C'; + use|=PUBKEY_USAGE_CERT; buffer[i++] = 'S'; } + if ( use & PUBKEY_USAGE_CERT ) + buffer[i++] = 'C'; + if ( use & PUBKEY_USAGE_ENC ) buffer[i++] = 'E'; Modified: trunk/g10/keyserver.c =================================================================== --- trunk/g10/keyserver.c 2005-08-27 02:56:51 UTC (rev 3875) +++ trunk/g10/keyserver.c 2005-08-27 03:09:40 UTC (rev 3876) @@ -853,6 +853,8 @@ } #ifdef GPGKEYS_CURL +/* The PGP LDAP and the curl fetch-a-LDAP-object methodologies are + sufficiently different that we can't use curl to do LDAP. */ static int curl_cant_handle(const char *scheme) { Modified: trunk/g10/misc.c =================================================================== --- trunk/g10/misc.c 2005-08-27 02:56:51 UTC (rev 3875) +++ trunk/g10/misc.c 2005-08-27 03:09:40 UTC (rev 3876) @@ -407,19 +407,19 @@ /* they are hardwired in gpg 1.0 */ switch ( algo ) { case PUBKEY_ALGO_RSA: - use = PUBKEY_USAGE_SIG | PUBKEY_USAGE_ENC | PUBKEY_USAGE_AUTH; + use = PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG | PUBKEY_USAGE_ENC | PUBKEY_USAGE_AUTH; break; case PUBKEY_ALGO_RSA_E: use = PUBKEY_USAGE_ENC; break; case PUBKEY_ALGO_RSA_S: - use = PUBKEY_USAGE_SIG; + use = PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG; break; case PUBKEY_ALGO_ELGAMAL_E: use = PUBKEY_USAGE_ENC; break; case PUBKEY_ALGO_DSA: - use = PUBKEY_USAGE_SIG | PUBKEY_USAGE_AUTH; + use = PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG | PUBKEY_USAGE_AUTH; break; default: break; @@ -1224,6 +1224,7 @@ return GNUPG_LIBEXECDIR; } +/* Similar to access(2), but uses PATH to find the file. */ int path_access(const char *file,int mode) { From cvs at cvs.gnupg.org Wed Aug 31 17:36:53 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Wed Aug 31 17:11:53 2005 Subject: [svn] GnuPG - r3877 - in trunk: . util Message-ID: Author: dshaw Date: 2005-08-31 17:36:50 +0200 (Wed, 31 Aug 2005) New Revision: 3877 Modified: trunk/ChangeLog trunk/configure.ac trunk/util/ChangeLog trunk/util/fileutil.c Log: * fileutil.c (untilde): New. Expand ~/foo and ~username/foo filenames into full paths using $HOME if possible, or getpwuid/getpwnam if necessary. (make_filename): Use it here. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2005-08-27 03:09:40 UTC (rev 3876) +++ trunk/ChangeLog 2005-08-31 15:36:50 UTC (rev 3877) @@ -1,3 +1,7 @@ +2005-08-31 David Shaw + + * configure.ac: Check for getpwnam, getpwuid, and pwd.h. + 2005-08-09 David Shaw * configure.ac: Remove hardcoded -I and -L for /usr/local on Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2005-08-27 03:09:40 UTC (rev 3876) +++ trunk/configure.ac 2005-08-31 15:36:50 UTC (rev 3877) @@ -765,7 +765,7 @@ dnl Checks for header files. AC_HEADER_STDC -AC_CHECK_HEADERS([unistd.h langinfo.h termio.h locale.h getopt.h]) +AC_CHECK_HEADERS([unistd.h langinfo.h termio.h locale.h getopt.h pwd.h]) # Note that we do not check for iconv here because this is done anyway # by the gettext checks and thus it allows us to disable the use of @@ -827,7 +827,7 @@ AC_FUNC_VPRINTF AC_FUNC_FORK AC_CHECK_FUNCS(strerror stpcpy strsep strlwr tcgetattr strtoul mmap) -AC_CHECK_FUNCS(strcasecmp strncasecmp ctermid times unsetenv) +AC_CHECK_FUNCS(strcasecmp strncasecmp ctermid times unsetenv getpwnam getpwuid) AC_CHECK_FUNCS(memmove gettimeofday getrusage setrlimit clock_gettime) AC_CHECK_FUNCS(atexit raise getpagesize strftime nl_langinfo setlocale) AC_CHECK_FUNCS(waitpid wait4 sigaction sigprocmask rand pipe stat getaddrinfo) Modified: trunk/util/ChangeLog =================================================================== --- trunk/util/ChangeLog 2005-08-27 03:09:40 UTC (rev 3876) +++ trunk/util/ChangeLog 2005-08-31 15:36:50 UTC (rev 3877) @@ -1,3 +1,10 @@ +2005-08-31 David Shaw + + * fileutil.c (untilde): New. Expand ~/foo and ~username/foo + filenames into full paths using $HOME if possible, or + getpwuid/getpwnam if necessary. + (make_filename): Use it here. + 2005-07-28 Werner Koch * pka.c: New. Modified: trunk/util/fileutil.c =================================================================== --- trunk/util/fileutil.c 2005-08-27 03:09:40 UTC (rev 3876) +++ trunk/util/fileutil.c 2005-08-31 15:36:50 UTC (rev 3877) @@ -1,5 +1,5 @@ /* fileutil.c - file utilities - * Copyright (C) 1998, 2003 Free Software Foundation, Inc. + * Copyright (C) 1998, 2003, 2005 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -26,6 +26,10 @@ #include #include #include +#include +#ifdef HAVE_PWD_H +#include +#endif #include "util.h" #include "memory.h" #include "ttyio.h" @@ -88,8 +92,63 @@ return dirname; } +/* Expand tildes. Handles both the ~/foo and ~username/foo cases. + Returns what the tilde expands to. *name is advanced to be past + the tilde expansion. */ +static char * +untilde(const char **name) +{ + char *home=NULL; + assert((*name)[0]=='~'); + if((*name)[1]==DIRSEP_C || (*name)[1]=='\0') + { + /* This is the "~/foo" or "~" case. */ + char *tmp=getenv("HOME"); + if(tmp) + home=xstrdup(tmp); + +#ifdef HAVE_GETPWUID + if(!home) + { + struct passwd *pwd; + + pwd=getpwuid(getuid()); + if(pwd) + home=xstrdup(pwd->pw_dir); + } +#endif + if(home) + (*name)++; + } +#ifdef HAVE_GETPWNAM + else + { + /* This is the "~username" case. */ + char *user,*sep; + struct passwd *pwd; + + user=xstrdup((*name)+1); + + sep=strchr(user,DIRSEP_C); + if(sep) + *sep='\0'; + + pwd=getpwnam(user); + if(pwd) + { + home=xstrdup(pwd->pw_dir); + (*name)+=1+strlen(user); + } + + xfree(user); + } +#endif + + return home; +} + /* Construct a filename from the NULL terminated list of parts. Tilde expansion is done here. Note that FIRST_PART must never be NULL and @@ -100,7 +159,7 @@ va_list arg_ptr ; size_t n; const char *s; - char *name, *home, *p; + char *name, *p, *home=NULL; va_start( arg_ptr, first_part ) ; n = strlen(first_part)+1; @@ -108,19 +167,22 @@ n += strlen(s) + 1; va_end(arg_ptr); - home = NULL; #ifndef __riscos__ - if( *first_part == '~' && first_part[1] == DIRSEP_C - && (home = getenv("HOME")) && *home ) - n += strlen(home); + if(*first_part=='~') + { + home=untilde(&first_part); + if(home) + n+=strlen(home); + } #endif name = xmalloc(n); - p = home ? stpcpy(stpcpy(name,home), first_part+1) + p = home ? stpcpy(stpcpy(name,home), first_part) : stpcpy(name, first_part); va_start( arg_ptr, first_part ) ; while( (s=va_arg(arg_ptr, const char *)) ) p = stpcpy(stpcpy(p, DIRSEP_S), s); va_end(arg_ptr); + xfree(home); #ifndef __riscos__ return name; From cvs at cvs.gnupg.org Wed Aug 31 20:40:41 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Wed Aug 31 20:15:25 2005 Subject: [svn] GnuPG - r3878 - trunk/g10 Message-ID: Author: dshaw Date: 2005-08-31 20:40:39 +0200 (Wed, 31 Aug 2005) New Revision: 3878 Modified: trunk/g10/ChangeLog trunk/g10/photoid.c Log: * photoid.c (generate_photo_id): Enable readline completion and tilde expansion for the JPEG prompt. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-08-31 15:36:50 UTC (rev 3877) +++ trunk/g10/ChangeLog 2005-08-31 18:40:39 UTC (rev 3878) @@ -1,3 +1,8 @@ +2005-08-31 David Shaw + + * photoid.c (generate_photo_id): Enable readline completion and + tilde expansion for the JPEG prompt. + 2005-08-26 David Shaw * misc.c (openpgp_pk_algo_usage): Default to allowing CERT for Modified: trunk/g10/photoid.c =================================================================== --- trunk/g10/photoid.c 2005-08-31 15:36:50 UTC (rev 3877) +++ trunk/g10/photoid.c 2005-08-31 18:40:39 UTC (rev 3878) @@ -1,5 +1,5 @@ /* photoid.c - photo ID handling code - * Copyright (C) 2001, 2002 Free Software Foundation, Inc. + * Copyright (C) 2001, 2002, 2005 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -43,7 +43,8 @@ #include "ttyio.h" /* Generate a new photo id packet, or return NULL if canceled */ -PKT_user_id *generate_photo_id(PKT_public_key *pk) +PKT_user_id * +generate_photo_id(PKT_public_key *pk) { PKT_user_id *uid; int error=1,i; @@ -73,13 +74,23 @@ while(photo==NULL) { + char *tempname; + tty_printf("\n"); xfree(filename); - filename=cpr_get("photoid.jpeg.add", + tty_enable_completion(NULL); + + tempname=cpr_get("photoid.jpeg.add", _("Enter JPEG filename for photo ID: ")); + tty_disable_completion(); + + filename=make_filename(tempname,(void *)NULL); + + xfree(tempname); + if(strlen(filename)==0) goto scram;