From cvs at cvs.gnupg.org Tue Nov 1 12:21:54 2005 From: cvs at cvs.gnupg.org (svn author mo) Date: Tue Nov 1 11:50:51 2005 Subject: [svn] gcry - r1134 - trunk/cipher Message-ID: Author: mo Date: 2005-11-01 12:21:54 +0100 (Tue, 01 Nov 2005) New Revision: 1134 Modified: trunk/cipher/ChangeLog trunk/cipher/pubkey.c Log: ChangeLog: 2005-11-01 Moritz Schulte * pubkey.c (gcry_pk_algo_info): Don't forget to break after switch case. Modified: trunk/cipher/ChangeLog =================================================================== --- trunk/cipher/ChangeLog 2005-10-31 21:36:01 UTC (rev 1133) +++ trunk/cipher/ChangeLog 2005-11-01 11:21:54 UTC (rev 1134) @@ -1,3 +1,8 @@ +2005-11-01 Moritz Schulte + + * pubkey.c (gcry_pk_algo_info): Don't forget to break after switch + case. + 2005-08-22 Werner Koch * primegen.c (check_prime): New arg RM_ROUNDS. Modified: trunk/cipher/pubkey.c =================================================================== --- trunk/cipher/pubkey.c 2005-10-31 21:36:01 UTC (rev 1133) +++ trunk/cipher/pubkey.c 2005-11-01 11:21:54 UTC (rev 1134) @@ -2256,6 +2256,8 @@ /* FIXME? */ *nbytes = use; + + break; } case GCRYCTL_GET_ALGO_NPKEY: From cvs at cvs.gnupg.org Wed Nov 2 06:22:02 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Wed Nov 2 05:52:17 2005 Subject: [svn] GnuPG - r3919 - trunk/g10 Message-ID: Author: dshaw Date: 2005-11-02 06:22:01 +0100 (Wed, 02 Nov 2005) New Revision: 3919 Modified: trunk/g10/ChangeLog trunk/g10/export.c trunk/g10/import.c trunk/g10/trustdb.c Log: * import.c (import_one): Do collapse_uids() before we do any cleaning so keyserver mangled keys with doubled user IDs can be properly cleaned - possibly sigs on the different user IDs cancel each other out. * import.c (parse_import_options), export.c (parse_export_options): List "xxx-clean" before the longer options so we don't end up with a partial match on the longer options. * trustdb.c (clean_uids_from_key): Return proper number of cleaned user IDs. Don't count user IDs as cleaned unless we actually delete something. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-10-27 19:18:05 UTC (rev 3918) +++ trunk/g10/ChangeLog 2005-11-02 05:22:01 UTC (rev 3919) @@ -1,3 +1,18 @@ +2005-11-01 David Shaw + + * import.c (import_one): Do collapse_uids() before we do any + cleaning so keyserver mangled keys with doubled user IDs can be + properly cleaned - possibly sigs on the different user IDs cancel + each other out. + + * import.c (parse_import_options), export.c + (parse_export_options): List "xxx-clean" before the longer options + so we don't end up with a partial match on the longer options. + + * trustdb.c (clean_uids_from_key): Return proper number of cleaned + user IDs. Don't count user IDs as cleaned unless we actually + delete something. + 2005-10-27 David Shaw * keyedit.c (menu_addrevoker), getkey.c (finish_lookup): Fix Modified: trunk/g10/export.c =================================================================== --- trunk/g10/export.c 2005-10-27 19:18:05 UTC (rev 3918) +++ trunk/g10/export.c 2005-11-02 05:22:01 UTC (rev 3919) @@ -64,12 +64,12 @@ N_("export attribute user IDs (generally photo IDs)")}, {"export-sensitive-revkeys",EXPORT_SENSITIVE_REVKEYS,NULL, N_("export revocation keys that are marked as \"sensitive\"")}, + {"export-clean",EXPORT_CLEAN_SIGS|EXPORT_CLEAN_UIDS,NULL, + N_("all export-clean-* options from above")}, {"export-clean-sigs",EXPORT_CLEAN_SIGS,NULL, N_("remove unusable signatures during export")}, {"export-clean-uids",EXPORT_CLEAN_UIDS,NULL, N_("remove unusable user IDs during export")}, - {"export-clean",EXPORT_CLEAN_SIGS|EXPORT_CLEAN_UIDS,NULL, - N_("all export-clean-* options from above")}, {"export-minimal", EXPORT_MINIMAL|EXPORT_CLEAN_SIGS|EXPORT_CLEAN_UIDS,NULL, N_("export the smallest key possible")}, Modified: trunk/g10/import.c =================================================================== --- trunk/g10/import.c 2005-10-27 19:18:05 UTC (rev 3918) +++ trunk/g10/import.c 2005-11-02 05:22:01 UTC (rev 3919) @@ -101,12 +101,12 @@ N_("create a public key when importing a secret key")}, {"merge-only",IMPORT_MERGE_ONLY,NULL, N_("only accept updates to existing keys")}, + {"import-clean",IMPORT_CLEAN_SIGS|IMPORT_CLEAN_UIDS,NULL, + N_("all import-clean-* options from above")}, {"import-clean-sigs",IMPORT_CLEAN_SIGS,NULL, N_("remove unusable signatures after import")}, {"import-clean-uids",IMPORT_CLEAN_UIDS,NULL, N_("remove unusable user IDs after import")}, - {"import-clean",IMPORT_CLEAN_SIGS|IMPORT_CLEAN_UIDS,NULL, - N_("all import-clean-* options from above")}, /* Aliases for backward compatibility */ {"allow-local-sigs",IMPORT_LOCAL_SIGS,NULL,NULL}, {"repair-hkp-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG,NULL,NULL}, @@ -739,6 +739,8 @@ return 0; } + collapse_uids(&keyblock); + /* Clean the key that we're about to import, to cut down on things that we have to clean later. This has no practical impact on the end result, but does result in less logging which might @@ -808,8 +810,6 @@ if( opt.verbose > 1 ) log_info (_("writing to `%s'\n"), keydb_get_resource_name (hd) ); - collapse_uids(&keyblock); - rc = keydb_insert_keyblock (hd, keyblock ); if (rc) log_error (_("error writing keyring `%s': %s\n"), @@ -886,7 +886,6 @@ goto leave; } - collapse_uids( &keyblock ); /* and try to merge the block */ clear_kbnode_flags( keyblock_orig ); clear_kbnode_flags( keyblock ); Modified: trunk/g10/trustdb.c =================================================================== --- trunk/g10/trustdb.c 2005-10-27 19:18:05 UTC (rev 3918) +++ trunk/g10/trustdb.c 2005-11-02 05:22:01 UTC (rev 3919) @@ -1654,7 +1654,7 @@ int clean_uids_from_key(KBNODE keyblock,int noisy) { - int delete_until_next=0,deleted=0; + int delete_until_next=0,deleting=0,deleted=0; KBNODE node,signode=NULL; u32 keyid[2],sigdate=0; @@ -1684,6 +1684,7 @@ else { delete_until_next=1; + deleting=1; if(noisy) { @@ -1722,7 +1723,11 @@ if(delete_until_next && !sig->flags.chosen_selfsig) { delete_kbnode(node); - deleted++; + if(deleting) + { + deleted++; + deleting=0; + } } } } From cvs at cvs.gnupg.org Wed Nov 2 09:05:27 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Wed Nov 2 08:34:03 2005 Subject: [svn] dirmngr - r220 - trunk/po Message-ID: Author: wk Date: 2005-11-02 09:05:21 +0100 (Wed, 02 Nov 2005) New Revision: 220 Modified: trunk/po/ChangeLog trunk/po/de.po Log: Translation updates Modified: trunk/po/ChangeLog =================================================================== --- trunk/po/ChangeLog 2005-10-26 15:01:47 UTC (rev 219) +++ trunk/po/ChangeLog 2005-11-02 08:05:21 UTC (rev 220) @@ -1,3 +1,8 @@ +2005-11-02 Werner Koch + + * de.po: Applied typo fixes from Peter Eisentraut and translated + "cache" everywhere. + 2005-04-21 Werner Koch * de.po: Updated. Modified: trunk/po/de.po =================================================================== --- trunk/po/de.po 2005-10-26 15:01:47 UTC (rev 219) +++ trunk/po/de.po 2005-11-02 08:05:21 UTC (rev 220) @@ -8,7 +8,7 @@ "Project-Id-Version: dirmngr 0.9.2\n" "Report-Msgid-Bugs-To: gpa-dev@gnupg.org\n" "POT-Creation-Date: 2005-09-12 19:45+0200\n" -"PO-Revision-Date: 2005-09-12 19:46+0200\n" +"PO-Revision-Date: 2005-11-02 08:26+0100\n" "Last-Translator: Werner Koch \n" "Language-Team: de\n" "MIME-Version: 1.0\n" @@ -23,22 +23,22 @@ #: src/certcache.c:88 #, c-format msgid "can't acquire read lock on the certificate cache: %s\n" -msgstr "Lesesperre f?r den Zertifikatcache kann nicht gesetzt werden: %s\n" +msgstr "Lesesperre f?r den Zertifikatzwischenspeicher kann nicht gesetzt werden: %s\n" #: src/certcache.c:96 #, c-format msgid "can't acquire write lock on the certificate cache: %s\n" -msgstr "Schreibsperre f?r den Zertifikatcache kann nicht gesetzt werden: %s\n" +msgstr "Schreibsperre f?r den Zertifikatzwischenspeicher kann nicht gesetzt werden: %s\n" #: src/certcache.c:104 #, c-format msgid "can't release lock on the certificate cache: %s\n" -msgstr "Sperre f?r den Zertifikatcache kann nicht freigegeben werden: %s\n" +msgstr "Sperre f?r den Zertifikatzwischenspeicher kann nicht freigegeben werden: %s\n" #: src/certcache.c:231 #, c-format msgid "dropping %u certificates from the cache\n" -msgstr "%u Zertifikate werden aus dem Zertifikat Cache entfernt\n" +msgstr "%u Zertifikate werden aus dem Zertifikatzwischenspeicher entfernt\n" #: src/certcache.c:316 #, c-format @@ -63,7 +63,7 @@ #: src/certcache.c:366 #, c-format msgid "certificate `%s' already cached\n" -msgstr "Zertifikat `%s' ist bereits im Cache\n" +msgstr "Zertifikat `%s' ist bereits im Zwischenspeicher\n" #: src/certcache.c:369 #, c-format @@ -88,20 +88,20 @@ #: src/certcache.c:454 #, c-format msgid " runtime cached certificates: %u\n" -msgstr "zur Laufzeit geladene Zertifikate: %u\n" +msgstr "zur Laufzeit zwischengespeicherte Zertifikate: %u\n" #: src/certcache.c:469 src/dirmngr-client.c:365 msgid "certificate already cached\n" -msgstr "Zertifikat ist bereits im Cache\n" +msgstr "Zertifikat ist bereits im Zwischenspeicher\n" #: src/certcache.c:471 msgid "certificate cached\n" -msgstr "Zertifikat wurde gecachet\n" +msgstr "Zertifikat wurde zwischengespeichert\n" #: src/certcache.c:473 src/dirmngr-client.c:369 #, c-format msgid "error caching certificate: %s\n" -msgstr "Fehler beim Cachen des Zertifikats: %s\n" +msgstr "Fehler beim Zwischenspeichern des Zertifikats: %s\n" #: src/certcache.c:538 #, c-format @@ -130,7 +130,7 @@ #: src/crlcache.c:201 #, c-format msgid "creating directory `%s'\n" -msgstr "Das Verzeichniss `%s' wird erzeugt\n" +msgstr "Das Verzeichnis `%s' wird erzeugt\n" #: src/crlcache.c:205 #, c-format @@ -140,17 +140,17 @@ #: src/crlcache.c:233 #, c-format msgid "ignoring database dir `%s'\n" -msgstr "Das Cache-Verzeichniss `%s' wird ignoriert\n" +msgstr "Das DB-Verzeichnis `%s' wird ignoriert\n" #: src/crlcache.c:242 #, c-format msgid "error reading directory `%s': %s\n" -msgstr "Fehler beim Lesen des Verzeichniss `%s': %s\n" +msgstr "Fehler beim Lesen des Verzeichnis `%s': %s\n" #: src/crlcache.c:263 #, c-format msgid "removing cache file `%s'\n" -msgstr "Die Cache-Datei `%s' wird entfernt\n" +msgstr "Die Zwischenspeicherdatei `%s' wird entfernt\n" #: src/crlcache.c:272 #, c-format @@ -160,37 +160,37 @@ #: src/crlcache.c:341 src/crlcache.c:986 #, c-format msgid "error closing cache file: %s\n" -msgstr "Fehler beim Schliessen der Cache-Datei: %s\n" +msgstr "Fehler beim Schlie?en der Zwischenspeicherdatei: %s\n" #: src/crlcache.c:378 src/crlcache.c:702 #, c-format msgid "failed to open cache dir file `%s': %s\n" -msgstr "Die Cache-Verzeichnissdatei `%s' konnte nicht ge?ffnet werden: %s\n" +msgstr "Die Zwischenspeicherverzeichnisdatei `%s' konnte nicht ge?ffnet werden: %s\n" #: src/crlcache.c:388 #, c-format msgid "error creating new cache dir file `%s': %s\n" -msgstr "Fehler beim Erzeugen der neuen Cache-Verzeichnissdatei `%s': %s\n" +msgstr "Fehler beim Erzeugen der neuen Zwischenspeicherverzeichnisdatei `%s': %s\n" #: src/crlcache.c:395 #, c-format msgid "error writing new cache dir file `%s': %s\n" -msgstr "Fehler beim Schreiben der neuen Cache-Verzeichnissdatei `%s': %s\n" +msgstr "Fehler beim Schreiben der neuen Zwischenspeicherverzeichnisdatei `%s': %s\n" #: src/crlcache.c:402 #, c-format msgid "error closing new cache dir file `%s': %s\n" -msgstr "Fehler beim Schliessen der neuen Cache-Verzeichnissdatei `%s': %s\n" +msgstr "Fehler beim Schlie?en der neuen Zwischenspeicherverzeichnisdatei `%s': %s\n" #: src/crlcache.c:407 #, c-format msgid "new cache dir file `%s' created\n" -msgstr "Neue Cache-Verzeichnissdatei `%s' wurde erzeugt\n" +msgstr "Neue Zwischenspeicherverzeichnisdatei `%s' wurde erzeugt\n" #: src/crlcache.c:412 #, c-format msgid "failed to re-open cache dir file `%s': %s\n" -msgstr "Fehler beim Wieder?ffnen der Cache-Verzeichnissdatei `%s': %s\n" +msgstr "Fehler beim Wieder?ffnen der Zwischenspeicherverzeichnisdatei `%s': %s\n" #: src/crlcache.c:439 #, c-format @@ -199,11 +199,11 @@ #: src/crlcache.c:450 msgid "old version of cache directory - cleaning up\n" -msgstr "Alte Version des Cache-Verzeichnisses - r?ume auf\n" +msgstr "Alte Version des Zwischenspeicherverzeichnisses - r?ume auf\n" #: src/crlcache.c:466 msgid "old version of cache directory - giving up\n" -msgstr "Alte Version des Cache-Verzeichnisses - gebe auf\n" +msgstr "Alte Version des Zwischenspeicherverzeichnisses - gebe auf\n" #: src/crlcache.c:554 #, c-format @@ -238,11 +238,11 @@ #: src/crlcache.c:605 #, c-format msgid "WARNING: invalid cache file hash in `%s' line %u\n" -msgstr "WARNUNG: Ung?ltiger Cache-Datei Hashwert in `%s', Zeile %u\n" +msgstr "WARNUNG: Ung?ltiger Zwischenspeicherdatei Hashwert in `%s', Zeile %u\n" #: src/crlcache.c:611 msgid "detected errors in cache dir file\n" -msgstr "Id der Cache-Verzeichnissdatei wurden Fehler erkannt\n" +msgstr "Id der Zwischenspeicherverzeichnisdatei wurden Fehler erkannt\n" #: src/crlcache.c:612 msgid "please check the reason and manually delete that file\n" @@ -252,8 +252,7 @@ #: src/crlcache.c:735 #, c-format msgid "failed to create temporary cache dir file `%s': %s\n" -msgstr "" -"Die tempor?re Cache-Verzeichnissdatei `%s' konnte nicht erzeugt werden: %s\n" +msgstr "Die tempor?re Zwischenspeicherverzeichnisdatei `%s' konnte nicht erzeugt werden: %s\n" #: src/crlcache.c:808 #, c-format @@ -263,7 +262,7 @@ #: src/crlcache.c:819 #, c-format msgid "error closing `%s': %s\n" -msgstr "Fehler beim Schliessen von `%s': %s\n" +msgstr "Fehler beim Schlie?en von `%s': %s\n" #: src/crlcache.c:827 #, c-format @@ -292,22 +291,22 @@ #: src/crlcache.c:977 msgid "too many open cache files; can't open anymore\n" -msgstr "Zu viele ge?ffnete Cache-Dateien; weitere kann nicht ge?ffnet werden\n" +msgstr "Zu viele ge?ffnete Zwischenspeicherdateien; weitere kann nicht ge?ffnet werden\n" #: src/crlcache.c:994 #, c-format msgid "opening cache file `%s'\n" -msgstr "Die Cache-Datei `%s' wird ge?ffnet\n" +msgstr "Die Zwischenspeicherdatei `%s' wird ge?ffnet\n" #: src/crlcache.c:1013 #, c-format msgid "error opening cache file `%s': %s\n" -msgstr "Fehler beim ?ffnen der Cache-Datei `%s': %s\n" +msgstr "Fehler beim ?ffnen der Zwischenspeicherdatei `%s': %s\n" #: src/crlcache.c:1022 #, c-format msgid "error initializing cache file `%s' for reading: %s\n" -msgstr "Fehler beim Initialisieren der Cache-Datei `%s' zum Lesen: %s\n" +msgstr "Fehler beim Initialisieren der Zwischenspeicherdatei `%s' zum Lesen: %s\n" #: src/crlcache.c:1044 msgid "calling unlock_db_file on a closed file\n" @@ -320,7 +319,7 @@ #: src/crlcache.c:1100 #, c-format msgid "failed to create a new cache object: %s\n" -msgstr "Ein neues Cache-Objekt konnte nciht erzeugt werden: %s\n" +msgstr "Ein neues Zwischenspeicherobjekt konnte nicht erzeugt werden: %s\n" #: src/crlcache.c:1153 #, c-format @@ -331,7 +330,7 @@ #, c-format msgid "cached CRL for issuer id %s too old; update required\n" msgstr "" -"Die zwischengespeicherte CRL f?r den Issuer mit der ID %s is zu alt; ein " +"Die zwischengespeicherte CRL f?r den Issuer mit der ID %s ist zu alt; ein " "Update wird ben?tigt\n" #: src/crlcache.c:1174 @@ -365,12 +364,12 @@ #: src/crlcache.c:1214 msgid "WARNING: invalid cache record length for S/N " -msgstr "WARNUNG: Ung?ltige L?nge des Cache Dateisatzes f?r S/N " +msgstr "WARNUNG: Ung?ltige L?nge des Zwischenspeicherdateisatzes f?r S/N " #: src/crlcache.c:1223 #, c-format msgid "problem reading cache record for S/N %s: %s\n" -msgstr "Problem beim Lesen des Cache Datensatzes f?r S/N %s: %s\n" +msgstr "Problem beim Lesen des Zwischenspeicherdatensatzes f?r S/N %s: %s\n" #: src/crlcache.c:1226 #, c-format @@ -385,7 +384,7 @@ #: src/crlcache.c:1245 #, c-format msgid "error getting data from cache file: %s\n" -msgstr "Fehler beim Holen der Daten aus der Cache-Datei: %s\n" +msgstr "Fehler beim Holen der Daten aus der Zwischenspeicherdatei: %s\n" #: src/crlcache.c:1397 #, c-format @@ -444,7 +443,7 @@ #: src/crlcache.c:1659 #, c-format msgid "error inserting item into temporary cache file: %s\n" -msgstr "Fehler beim Einf?gen eines Items in die tempor?re Cache-Datei: %s\n" +msgstr "Fehler beim Einf?gen eines Items in die tempor?re Zwischenspeicherdatei: %s\n" #: src/crlcache.c:1686 #, c-format @@ -479,17 +478,17 @@ #: src/crlcache.c:1908 #, c-format msgid "removed stale temporary cache file `%s'\n" -msgstr "Die alte tempor?re Cache-Datei `%s' wurde entfernt\n" +msgstr "Die alte tempor?re Zwischenspeicherdatei `%s' wurde entfernt\n" #: src/crlcache.c:1911 #, c-format msgid "problem removing stale temporary cache file `%s': %s\n" -msgstr "Problem beim L?schen der alten tempor?ren Cache-Datei `%s': %s\n" +msgstr "Problem beim L?schen der alten tempor?ren Zwischenspeicherdatei `%s': %s\n" #: src/crlcache.c:1921 #, c-format msgid "error creating temporary cache file `%s': %s\n" -msgstr "Fehler beim Erzeugen der tempor?ren Cache-Datei `%s': %s\n" +msgstr "Fehler beim Erzeugen der tempor?ren Zwischenspeicherdatei `%s': %s\n" #: src/crlcache.c:1931 #, c-format @@ -499,12 +498,12 @@ #: src/crlcache.c:1940 #, c-format msgid "error finishing temporary cache file `%s': %s\n" -msgstr "Fehler beim Fertigstellen der tempor?ren Cache-Datei `%s': %s\n" +msgstr "Fehler beim Fertigstellen der tempor?ren Zwischenspeicherdatei `%s': %s\n" #: src/crlcache.c:1947 #, c-format msgid "error closing temporary cache file `%s': %s\n" -msgstr "Fehler beim Schliessen der tempor?ren Cache-Datei `%s': %s\n" +msgstr "Fehler beim Schlie?en der tempor?ren Zwischenspeicherdatei `%s': %s\n" #: src/crlcache.c:1972 #, c-format @@ -531,7 +530,7 @@ #: src/crlcache.c:2036 #, c-format msgid "creating cache file `%s'\n" -msgstr "Cache-Datei `%s' wird erzeugt\n" +msgstr "Zwischenspeicherdatei `%s' wird erzeugt\n" #: src/crlcache.c:2040 #, c-format @@ -542,9 +541,7 @@ msgid "" "updating the DIR file failed - cache entry will get lost with the next " "program start\n" -msgstr "" -"Update der Cache-Verzeichnissdatei fehlgeschlagen - Cache Eintrag wird mit " -"dem n?chste Programmstart verloren gehen\n" +msgstr "Update der Zwischenspeicherverzeichnisdatei fehlgeschlagen - Zwischenspeichereintrag wird mit dem n?chste Programmstart verloren gehen\n" #: src/crlcache.c:2090 #, c-format @@ -581,22 +578,22 @@ #: src/crlcache.c:2138 msgid " WARNING: invalid cache record length\n" -msgstr " WARNUNG: Ung?ltige L?nge eines Cache-Datensatzes\n" +msgstr " WARNUNG: Ung?ltige L?nge eines Zwischenspeicherdatensatzes\n" #: src/crlcache.c:2145 #, c-format msgid "problem reading cache record: %s\n" -msgstr "Problem beim Lesen eines Cache-Datensatzes: %s\n" +msgstr "Problem beim Lesen eines Zwischenspeicherdatensatzes: %s\n" #: src/crlcache.c:2156 #, c-format msgid "problem reading cache key: %s\n" -msgstr "Problem beim Lesen eines Cache Schl?ssels: %s\n" +msgstr "Problem beim Lesen eines Zwischenspeicherschl?ssels: %s\n" #: src/crlcache.c:2187 #, c-format msgid "error reading cache entry from db: %s\n" -msgstr "Fehler beim Lesen eine Cache Eintrags aus der DB: %s\n" +msgstr "Fehler beim Lesen eine Zwischenspeichereintrags aus der DB: %s\n" #: src/crlcache.c:2190 #, c-format @@ -670,11 +667,11 @@ #: src/dirmngr.c:110 msgid "list the contents of the CRL cache" -msgstr "Den Inhalt des CRL Caches anzeigen" +msgstr "Den Inhalt des CRL Zwischenspeichers anzeigen" #: src/dirmngr.c:111 msgid "|FILE|load CRL from FILE into cache" -msgstr "|DATEI|Lade die CRL aus der DATEI in den Cache" +msgstr "|DATEI|Lade die CRL aus der DATEI in den Zwischenspeicher" #: src/dirmngr.c:112 msgid "|URL|fetch a CRL from URL" @@ -686,7 +683,7 @@ #: src/dirmngr.c:114 msgid "flush the cache" -msgstr "Den Cache l?schen" +msgstr "Den Zwischenspeicher l?schen" #: src/dirmngr.c:117 msgid "" @@ -772,7 +769,7 @@ #: src/dirmngr.c:148 msgid "do not use fallback hosts with --ldap-proxy" -msgstr "Keine Benuztung der R?ckgriffshosts mit --ldap-proxy" +msgstr "Keine Benutzung der R?ckgriffshosts mit --ldap-proxy" #: src/dirmngr.c:151 msgid "|FILE|read LDAP server list from FILE" @@ -956,8 +953,7 @@ #: src/dirmngr.c:1310 msgid "SIGHUP received - re-reading configuration and flushing caches\n" -msgstr "" -"SIGHUP empfangen - lese die Konfiguration erneut und l?sche die Caches\n" +msgstr "SIGHUP empfangen - lese die Konfiguration erneut und l?sche die Zwischenspeicher\n" #: src/dirmngr.c:1324 msgid "SIGUSR2 received - no action defined\n" @@ -1018,7 +1014,7 @@ #: src/http.c:840 src/http.c:871 #, c-format msgid "error creating socket: %s\n" -msgstr "Fehler beim Erzeugen des Scokets: %s\n" +msgstr "Fehler beim Erzeugen des Sockets: %s\n" #: src/http.c:926 #, c-format @@ -1489,7 +1485,7 @@ #: src/dirmngr-client.c:71 msgid "add a certificate to the cache" -msgstr "Ein Zertifikat dem Cache zuf?gen" +msgstr "Ein Zertifikat dem Zwischenspeicher zuf?gen" #: src/dirmngr-client.c:72 msgid "validate a certificate" @@ -1681,7 +1677,7 @@ "Interface and options may change without notice.\n" msgstr "" "Gebrauch: dirmngr_ldap [Optionen] [URL] (-h f?r Hilfe)\n" -"Internes LDAP Hilfprogramm f?r Drimngr.\n" +"Internes LDAP-Hilfsprogramm f?r Dirmngr.\n" "Interface und Optionen k?nnen sich mit jedem Release ?ndern.\n" #: src/dirmngr_ldap.c:249 @@ -1813,7 +1809,7 @@ #~ msgstr "Der Herausgeber wird von einer externen Stelle gesucht\n" #~ msgid "number of issuers matching: %d\n" -#~ msgstr "Anzahl der ?bereinstimmenden Heruasgeber: %d\n" +#~ msgstr "Anzahl der ?bereinstimmenden Herausgeber: %d\n" #~ msgid "certificate has been revoked" #~ msgstr "Das Zertifikat wurde widerrufen" @@ -1826,7 +1822,7 @@ #~ msgid "please make sure that the \"dirmngr\" is properly installed\n" #~ msgstr "" -#~ "Bite vergewissern Sie sich das der \"dirmngr\" richtig installierrt ist\n" +#~ "Bitte vergewissern Sie sich das der \"dirmngr\" richtig installiert ist\n" #~ msgid "checking the CRL failed: %s" #~ msgstr "Die CRL konnte nicht gepr?ft werden: %s" From cvs at cvs.gnupg.org Wed Nov 2 11:10:29 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Wed Nov 2 10:39:03 2005 Subject: [svn] gpg-error - r153 - in trunk: . src Message-ID: Author: wk Date: 2005-11-02 11:10:28 +0100 (Wed, 02 Nov 2005) New Revision: 153 Modified: trunk/ChangeLog trunk/autogen.sh trunk/configure.ac trunk/src/Makefile.am trunk/src/gpg-error.c trunk/src/w32-gettext.c trunk/src/w32-gettext.h Log: Changes for building on W32 without needing libintl. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2005-10-26 10:48:47 UTC (rev 152) +++ trunk/ChangeLog 2005-11-02 10:10:28 UTC (rev 153) @@ -1,3 +1,16 @@ +2005-11-02 Werner Koch + + * src/Makefile.am (gpg_error_SOURCES): Include ARCH_SOURCES. + * src/gpg-error.c [W32]: Include gettext.h instead of libintl.h. + + * configure.ac (AH_BOTTOM): Define ENABLE_NLS for W32 builds. + * src/w32-gettext.h (dgettext): Changed prototype from + libintl_dgettext. + * src/w32-gettext.c: Replaced use of WIN32 by HAVE_W32_SYSTEM on + demand of the holy GNUquisition. + (bindtextdomain, textdomain, dgettext): Need to cast the const way + from the return value. + 2005-10-26 Werner Koch * Makefile.am: Used dist-bzip2 option. Modified: trunk/autogen.sh =================================================================== --- trunk/autogen.sh 2005-10-26 10:48:47 UTC (rev 152) +++ trunk/autogen.sh 2005-11-02 10:10:28 UTC (rev 153) @@ -74,8 +74,7 @@ fi ./configure --enable-maintainer-mode --prefix=${w32root} \ - --host=i586-mingw32msvc --build=${build} \ - --disable-shared + --host=i586-mingw32msvc --build=${build} exit $? fi Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2005-10-26 10:48:47 UTC (rev 152) +++ trunk/configure.ac 2005-11-02 10:10:28 UTC (rev 153) @@ -80,8 +80,15 @@ esac -# Checks for libraries. +AH_BOTTOM([ +/* Force using of NLS for W32 even if no libintl has been found. This is + okay because we have our own gettext implementation for W32. */ +#if defined(HAVE_W32_SYSTEM) && !defined(ENABLE_NLS) +#define ENABLE_NLS 1 +#endif +]) + # Note, that autogen.sh greps for the next line. AM_GNU_GETTEXT_VERSION(0.12.1) AM_GNU_GETTEXT([external]) Modified: trunk/src/Makefile.am =================================================================== --- trunk/src/Makefile.am 2005-10-26 10:48:47 UTC (rev 152) +++ trunk/src/Makefile.am 2005-11-02 10:10:28 UTC (rev 153) @@ -95,7 +95,7 @@ libgpg_error_la_CPPFLAGS = -DLOCALEDIR=\"$(localedir)\" libgpg_error_la_LIBADD = $(intllibs) -gpg_error_SOURCES = strsource-sym.c strerror-sym.c gpg-error.c +gpg_error_SOURCES = strsource-sym.c strerror-sym.c gpg-error.c $(arch_sources) gpg_error_CPPFLAGS = -DLOCALEDIR=\"$(localedir)\" gpg_error_LDADD = ./libgpg-error.la @LTLIBINTL@ Modified: trunk/src/gpg-error.c =================================================================== --- trunk/src/gpg-error.c 2005-10-26 10:48:47 UTC (rev 152) +++ trunk/src/gpg-error.c 2005-11-02 10:10:28 UTC (rev 153) @@ -33,7 +33,11 @@ # include #endif #ifdef ENABLE_NLS +#ifdef HAVE_W32_SYSTEM +# include "gettext.h" +#else # include +#endif # define _(a) gettext (a) # ifdef gettext_noop # define N_(a) gettext_noop (a) Modified: trunk/src/w32-gettext.c =================================================================== --- trunk/src/w32-gettext.c 2005-10-26 10:48:47 UTC (rev 152) +++ trunk/src/w32-gettext.c 2005-11-02 10:10:28 UTC (rev 153) @@ -70,13 +70,7 @@ #include #include -#if defined _WIN32 || defined __WIN32__ -# undef WIN32 /* avoid warning on mingw32 */ -# define WIN32 -#endif - -#ifdef WIN32 -# define WIN32_LEAN_AND_MEAN +#ifdef HAVE_W32_SYSTEM # include /* List of language codes, sorted by value: 0x01 LANG_ARABIC @@ -725,7 +719,7 @@ # ifndef SUBLANG_UZBEK_CYRILLIC # define SUBLANG_UZBEK_CYRILLIC 0x02 # endif -#endif +#endif /* HAVE_W32_SYSTEM */ /* XPG3 defines the result of 'setlocale (category, NULL)' as: "Directs 'setlocale()' to query 'category' and return the current @@ -748,13 +742,13 @@ { const char *retval; -#ifndef WIN32 +#ifndef HAVE_W32_SYSTEM /* Use the POSIX methods of looking to 'LC_ALL', 'LC_xxx', and 'LANG'. On some systems this can be done by the 'setlocale' function itself. */ # if defined HAVE_SETLOCALE && defined HAVE_LC_MESSAGES && defined HAVE_LOCALE_NULL retval = setlocale (category, NULL); -# else +# else /* Setting of LC_ALL overwrites all other. */ retval = getenv ("LC_ALL"); if (retval == NULL || retval[0] == '\0') @@ -775,7 +769,7 @@ return retval; -#else /* WIN32 */ +#else /* HAVE_W32_SYSTEM */ /* Return an XPG style locale name language[_territory][@modifier]. Don't even bother determining the codeset; it's not useful in this @@ -1185,7 +1179,7 @@ default: return "C"; } -#endif +#endif /* HAVE_W32_SYSTEM */ } /* localname.c from gettext END. */ @@ -1617,7 +1611,9 @@ if (the_domain) free_domain (the_domain); the_domain = domain; - return dirname; + + /* For historic reasoins we are not allowed to return a const char*. */ + return (char*)dirname; } @@ -1705,12 +1701,12 @@ textdomain (const char *domainname) { /* For now, support only one domain. */ - return domainname; + return (char*)domainname; } char * dgettext (const char *domainname, const char *msgid) { /* For now, support only one domain. */ - return gettext (msgid); + return (char*)gettext (msgid); } Modified: trunk/src/w32-gettext.h =================================================================== --- trunk/src/w32-gettext.h 2005-10-26 10:48:47 UTC (rev 152) +++ trunk/src/w32-gettext.h 2005-11-02 10:10:28 UTC (rev 153) @@ -49,6 +49,6 @@ char *textdomain (const char *domainname); -char *libintl_dgettext (const char *domainname, const char *msgid); +char *dgettext (const char *domainname, const char *msgid); #endif /* ENABLE_NLS */ From cvs at cvs.gnupg.org Wed Nov 2 17:41:35 2005 From: cvs at cvs.gnupg.org (svn author mo) Date: Wed Nov 2 17:10:02 2005 Subject: [svn] gcry - r1135 - in trunk: . cipher src tests Message-ID: Author: mo Date: 2005-11-02 17:41:33 +0100 (Wed, 02 Nov 2005) New Revision: 1135 Modified: trunk/TODO trunk/cipher/ChangeLog trunk/cipher/cipher.c trunk/cipher/pubkey.c trunk/cipher/random.c trunk/src/ChangeLog trunk/src/gcrypt.h trunk/tests/Makefile.am Log: src/ChangeLog src/gcrypt.h TODO cipher/pubkey.c cipher/cipher.c cipher/ChangeLog Modified: trunk/TODO =================================================================== --- trunk/TODO 2005-11-01 11:21:54 UTC (rev 1134) +++ trunk/TODO 2005-11-02 16:41:33 UTC (rev 1135) @@ -33,3 +33,6 @@ Don't rely on the secure memory based wiping function but add an extra wiping. +* update/improve documentation + - it's outdated for e.g. gcry_pk_algo_info. + - document algorithm capabilities Modified: trunk/cipher/ChangeLog =================================================================== --- trunk/cipher/ChangeLog 2005-11-01 11:21:54 UTC (rev 1134) +++ trunk/cipher/ChangeLog 2005-11-02 16:41:33 UTC (rev 1135) @@ -1,3 +1,9 @@ +2005-11-02 Moritz Schulte + + * pubkey.c (gcry_pk_algo_name): Return "?" instead of NULL for + unknown algorithm IDs. + * cipher.c (cipher_algo_to_string): Likewise. + 2005-11-01 Moritz Schulte * pubkey.c (gcry_pk_algo_info): Don't forget to break after switch Modified: trunk/cipher/cipher.c =================================================================== --- trunk/cipher/cipher.c 2005-11-01 11:21:54 UTC (rev 1134) +++ trunk/cipher/cipher.c 2005-11-02 16:41:33 UTC (rev 1135) @@ -1,5 +1,6 @@ /* cipher.c - cipher dispatcher - * Copyright (C) 1998,1999,2000,2001,2002,2003 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003 + * 2005, Free Software Foundation, Inc. * * This file is part of Libgcrypt. * @@ -378,14 +379,14 @@ } -/* Map the cipher algorithm identifier ALGORITHM to a string - representing this algorithm. This string is the default name as - used by Libgcrypt. NULL is returned for an unknown algorithm. */ +/* Map the cipher algorithm whose ID is contained in ALGORITHM to a + string representation of the algorithm name. For unknown algorithm + IDs this function returns "?". */ static const char * cipher_algo_to_string (int algorithm) { gcry_module_t cipher; - const char *name = NULL; + const char *name; REGISTER_DEFAULT_CIPHERS; @@ -396,6 +397,8 @@ name = ((gcry_cipher_spec_t *) cipher->spec)->name; _gcry_module_release (cipher); } + else + name = "?"; ath_mutex_unlock (&ciphers_registered_lock); return name; Modified: trunk/cipher/pubkey.c =================================================================== --- trunk/cipher/pubkey.c 2005-11-01 11:21:54 UTC (rev 1134) +++ trunk/cipher/pubkey.c 2005-11-02 16:41:33 UTC (rev 1135) @@ -1,5 +1,6 @@ /* pubkey.c - pubkey dispatcher - * Copyright (C) 1998,1999,2000,2002,2003 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2000, 2002, 2003, + * 2005 Free Software Foundation, Inc. * * This file is part of Libgcrypt. * @@ -266,14 +267,14 @@ } -/**************** - * Map a pubkey algo to a string - */ +/* Map the public key algorithm whose ID is contained in ALGORITHM to + a string representation of the algorithm name. For unknown + algorithm IDs this functions returns "?". */ const char * gcry_pk_algo_name (int algorithm) { - const char *name = NULL; gcry_module_t pubkey; + const char *name; REGISTER_DEFAULT_PUBKEYS; @@ -284,6 +285,8 @@ name = ((gcry_pk_spec_t *) pubkey->spec)->name; _gcry_module_release (pubkey); } + else + name = "?"; ath_mutex_unlock (&pubkeys_registered_lock); return name; Modified: trunk/cipher/random.c =================================================================== --- trunk/cipher/random.c 2005-11-01 11:21:54 UTC (rev 1134) +++ trunk/cipher/random.c 2005-11-02 16:41:33 UTC (rev 1135) @@ -208,6 +208,8 @@ void _gcry_random_dump_stats() { + /* FIXME: don't we need proper locking here? -mo */ + log_info ( "random usage: poolsize=%d mixed=%lu polls=%lu/%lu added=%lu/%lu\n" " outmix=%lu getlvl1=%lu/%lu getlvl2=%lu/%lu\n", Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2005-11-01 11:21:54 UTC (rev 1134) +++ trunk/src/ChangeLog 2005-11-02 16:41:33 UTC (rev 1135) @@ -1,3 +1,8 @@ +2005-11-02 Moritz Schulte + + * gcrypt.h: Update comments for functions: gcry_cipher_algo_name, + gcry_pk_algo_name. + 2005-10-31 Moritz Schulte * global.c: Added documentation. Modified: trunk/src/gcrypt.h =================================================================== --- trunk/src/gcrypt.h 2005-11-01 11:21:54 UTC (rev 1134) +++ trunk/src/gcrypt.h 2005-11-02 16:41:33 UTC (rev 1135) @@ -780,10 +780,10 @@ gcry_error_t gcry_cipher_algo_info (int algo, int what, void *buffer, size_t *nbytes); -/* Map the cipher algorithm id ALGO to a string representation of that - algorithm name. For unknown algorithms this functions returns an - empty string. */ -const char *gcry_cipher_algo_name (int algo) _GCRY_GCC_ATTR_PURE; +/* Map the cipher algorithm whose ID is contained in ALGORITHM to a + string representation of the algorithm name. For unknown algorithm + IDs this function returns "?". */ +const char *gcry_cipher_algo_name (int algorithm) _GCRY_GCC_ATTR_PURE; /* Map the algorithm name NAME to an cipher algorithm ID. Return 0 if the algorithm name is not known. */ @@ -908,10 +908,10 @@ gcry_error_t gcry_pk_algo_info (int algo, int what, void *buffer, size_t *nbytes); -/* Map the public key algorithm id ALGO to a string representation of the - algorithm name. For unknown algorithms this functions returns an - empty string. */ -const char *gcry_pk_algo_name (int algo) _GCRY_GCC_ATTR_PURE; +/* Map the public key algorithm whose ID is contained in ALGORITHM to + a string representation of the algorithm name. For unknown + algorithm IDs this functions returns "?". */ +const char *gcry_pk_algo_name (int algorithm) _GCRY_GCC_ATTR_PURE; /* Map the algorithm NAME to a public key algorithm Id. Return 0 if the algorithm name is not known. */ Modified: trunk/tests/Makefile.am =================================================================== --- trunk/tests/Makefile.am 2005-11-01 11:21:54 UTC (rev 1134) +++ trunk/tests/Makefile.am 2005-11-02 16:41:33 UTC (rev 1135) @@ -19,7 +19,8 @@ ## Process this file with automake to produce Makefile.in TESTS = prime register ac ac-schemes ac-data basic \ - tsexp keygen pubkey benchmark pkbench hmac keygrip + tsexp keygen pubkey benchmark pkbench hmac keygrip full \ + mpi-zero mpi-cmp INCLUDES = -I$(top_srcdir)/src LDADD = ../src/libgcrypt.la From cvs at cvs.gnupg.org Wed Nov 2 17:47:04 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Wed Nov 2 17:15:33 2005 Subject: [svn] GnuPG - r3920 - trunk/g10 Message-ID: Author: dshaw Date: 2005-11-02 17:47:02 +0100 (Wed, 02 Nov 2005) New Revision: 3920 Modified: trunk/g10/ChangeLog trunk/g10/trustdb.c Log: * trustdb.c (clean_sigs_from_uid): Include sigs from unavailable keys in the sigs that are cleaned. Suggested by Dirk Traulsen and many others. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-11-02 05:22:01 UTC (rev 3919) +++ trunk/g10/ChangeLog 2005-11-02 16:47:02 UTC (rev 3920) @@ -1,3 +1,9 @@ +2005-11-02 David Shaw + + * trustdb.c (clean_sigs_from_uid): Include sigs from unavailable + keys in the sigs that are cleaned. Suggested by Dirk Traulsen and + many others. + 2005-11-01 David Shaw * import.c (import_one): Do collapse_uids() before we do any Modified: trunk/g10/trustdb.c =================================================================== --- trunk/g10/trustdb.c 2005-11-02 05:22:01 UTC (rev 3919) +++ trunk/g10/trustdb.c 2005-11-02 16:47:02 UTC (rev 3920) @@ -1616,19 +1616,25 @@ continue; /* ... and sigs from unavailable keys. */ - if(node->flag & (1<<12)) + /* disabled for now since more people seem to want sigs from + unavailable keys removed altogether. */ + /* + if(node->flag & (1<<12)) continue; + */ /* Everything else we delete */ - /* if 9 or 10 is set, but we get this far, it's superceded, - otherwise, it's invalid */ + /* At this point, if 12 is set, the signing key was unavailable. + If 9 or 10 is set, it's superceded. Otherwise, it's + invalid. */ if(noisy) - log_info("removing signature from %s on uid \"%s\": %s\n", + log_info("removing signature from key %s on user ID \"%s\": %s\n", keystr(node->pkt->pkt.signature->keyid), uidnode->pkt->pkt.user_id->name, - node->flag&(1<<9)?"superceded":"invalid"); + node->flag&(1<<12)?"key unavailable": + node->flag&(1<<9)?"signature superceded":"invalid signature"); delete_kbnode(node); deleted++; From cvs at cvs.gnupg.org Wed Nov 2 17:51:35 2005 From: cvs at cvs.gnupg.org (svn author mo) Date: Wed Nov 2 17:20:07 2005 Subject: [svn] gcry - r1136 - trunk/tests Message-ID: Author: mo Date: 2005-11-02 17:51:30 +0100 (Wed, 02 Nov 2005) New Revision: 1136 Modified: trunk/tests/Makefile.am Log: Modified: trunk/tests/Makefile.am =================================================================== --- trunk/tests/Makefile.am 2005-11-02 16:41:33 UTC (rev 1135) +++ trunk/tests/Makefile.am 2005-11-02 16:51:30 UTC (rev 1136) @@ -1,4 +1,4 @@ -# Copyright (C) 2001, 2002, 2003 Free Software Foundation, Inc. +# Copyright (C) 2001, 2002, 2003, 2005 Free Software Foundation, Inc. # # This file is part of Libgcrypt. # @@ -19,8 +19,7 @@ ## Process this file with automake to produce Makefile.in TESTS = prime register ac ac-schemes ac-data basic \ - tsexp keygen pubkey benchmark pkbench hmac keygrip full \ - mpi-zero mpi-cmp + tsexp keygen pubkey benchmark pkbench hmac keygrip INCLUDES = -I$(top_srcdir)/src LDADD = ../src/libgcrypt.la From cvs at cvs.gnupg.org Wed Nov 2 17:53:41 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Wed Nov 2 17:22:08 2005 Subject: [svn] GnuPG - r3921 - trunk/doc Message-ID: Author: dshaw Date: 2005-11-02 17:53:40 +0100 (Wed, 02 Nov 2005) New Revision: 3921 Modified: trunk/doc/ChangeLog trunk/doc/gpg.sgml Log: * gpg.sgml: Clarify what is and isn't included in a "clean sigs". Modified: trunk/doc/ChangeLog =================================================================== --- trunk/doc/ChangeLog 2005-11-02 16:47:02 UTC (rev 3920) +++ trunk/doc/ChangeLog 2005-11-02 16:53:40 UTC (rev 3921) @@ -1,3 +1,7 @@ +2005-11-02 David Shaw + + * gpg.sgml: Clarify what is and isn't included in a "clean sigs". + 2005-10-27 David Shaw * gpg.sgml: Document backsign, --require-backsigs, and Modified: trunk/doc/gpg.sgml =================================================================== --- trunk/doc/gpg.sgml 2005-11-02 16:47:02 UTC (rev 3920) +++ trunk/doc/gpg.sgml 2005-11-02 16:53:40 UTC (rev 3921) @@ -548,9 +548,9 @@ sigs Remove any signatures that are not usable by the trust calculations. -For example, this removes any signature that does not validate. It -also removes any signature that is superceded by a later signature, or -signatures that were revoked. +Specifically, this removes any signature that does not validate, any +signature that is superceded by a later signature, revoked signatures, +and signatures issued by keys that are not present on the keyring. @@ -567,7 +567,7 @@ backsign - + Add back signatures to signing subkeys that may not currently have back signatures. Back signatures protect against a subtle attack against signing subkeys. See --require-backsigs. @@ -1402,8 +1402,9 @@ import-clean-sigs After import, remove any signatures from the new key that are not -usable. This is the same as running the --edit-key command "clean -sigs" after import. Defaults to no. +usable. This includes signatures that were issued by keys that are +not present on the keyring. This option is the same as running the +--edit-key command "clean sigs" after import. Defaults to no. @@ -1464,9 +1465,10 @@ export-clean-sigs -Do not export any signatures that are not usable. This is the same as -running the --edit-key command "clean sigs" before export. Defaults -to no. +Do not export any signatures that are not usable. This includes +signatures that were issued by keys that are not present on the +keyring. This option is the same as running the --edit-key command +"clean sigs" before export. Defaults to no. From cvs at cvs.gnupg.org Wed Nov 2 17:54:13 2005 From: cvs at cvs.gnupg.org (svn author mo) Date: Wed Nov 2 17:22:46 2005 Subject: [svn] gcry - r1137 - trunk Message-ID: Author: mo Date: 2005-11-02 17:54:12 +0100 (Wed, 02 Nov 2005) New Revision: 1137 Modified: trunk/ChangeLog trunk/NEWS Log: 2005-11-02 Moritz Schulte * NEWS: Documented minor API changes. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2005-11-02 16:51:30 UTC (rev 1136) +++ trunk/ChangeLog 2005-11-02 16:54:12 UTC (rev 1137) @@ -1,3 +1,7 @@ +2005-11-02 Moritz Schulte + + * NEWS: Documented minor API changes. + 2005-09-15 Moritz Schulte * Makefile.am (EXTRA_DIST): Depend on README.SVN, not on README.CVS. Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2005-11-02 16:51:30 UTC (rev 1136) +++ trunk/NEWS 2005-11-02 16:54:12 UTC (rev 1137) @@ -10,6 +10,8 @@ * Interface changes relative to the 1.2.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gcry_fast_random_poll NEW +gcry_pk_algo_name CHANGED (minor change in respect to return value) +gcry_cipher_algo_name CHANGED (minor change in respect to return value) FIXME: Please add API changes immediatley so that we don't forget about them. From cvs at cvs.gnupg.org Thu Nov 3 05:46:21 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Thu Nov 3 05:14:46 2005 Subject: [svn] GnuPG - r3922 - in trunk: . keyserver util Message-ID: Author: dshaw Date: 2005-11-03 05:46:20 +0100 (Thu, 03 Nov 2005) New Revision: 3922 Modified: trunk/ChangeLog trunk/configure.ac trunk/keyserver/ChangeLog trunk/keyserver/gpgkeys_hkp.c trunk/util/ChangeLog trunk/util/secmem.c Log: Fix various build warnings reported by Joe Vender on MinGW. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2005-11-02 16:53:40 UTC (rev 3921) +++ trunk/ChangeLog 2005-11-03 04:46:20 UTC (rev 3922) @@ -1,3 +1,7 @@ +2005-11-02 David Shaw + + * configure.ac: Check for a getpagesize() declaration. + 2005-10-14 David Shaw * NEWS: Clarify the cURL keyserver changes, and add a note about Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2005-11-02 16:53:40 UTC (rev 3921) +++ trunk/configure.ac 2005-11-03 04:46:20 UTC (rev 3922) @@ -813,6 +813,7 @@ fi dnl Checks for library functions. +AC_CHECK_DECLS(getpagesize) AC_FUNC_FSEEKO AC_FUNC_VPRINTF AC_FUNC_FORK Modified: trunk/keyserver/ChangeLog =================================================================== --- trunk/keyserver/ChangeLog 2005-11-02 16:53:40 UTC (rev 3921) +++ trunk/keyserver/ChangeLog 2005-11-03 04:46:20 UTC (rev 3922) @@ -1,3 +1,8 @@ +2005-11-02 David Shaw + + * gpgkeys_hkp.c (search_key): Fix warning with typecast (though + curl should really have defined that char * as const). + 2005-08-25 David Shaw * ksutil.h, ksutil.c (parse_ks_options): Remove exact-name and Modified: trunk/keyserver/gpgkeys_hkp.c =================================================================== --- trunk/keyserver/gpgkeys_hkp.c 2005-11-02 16:53:40 UTC (rev 3921) +++ trunk/keyserver/gpgkeys_hkp.c 2005-11-03 04:46:20 UTC (rev 3922) @@ -298,7 +298,7 @@ fprintf(console,"gpgkeys: search type is %d, and key is \"%s\"\n", search_type,searchkey); - searchkey_encoded=curl_escape(searchkey,0); + searchkey_encoded=curl_escape((char *)searchkey,0); if(!searchkey_encoded) { fprintf(console,"gpgkeys: out of memory\n"); Modified: trunk/util/ChangeLog =================================================================== --- trunk/util/ChangeLog 2005-11-02 16:53:40 UTC (rev 3921) +++ trunk/util/ChangeLog 2005-11-03 04:46:20 UTC (rev 3922) @@ -1,3 +1,8 @@ +2005-11-02 David Shaw + + * util.c [!HAVE_DECL_GETPAGESIZE]: Prototype getpagesize() if + unistd.h doesn't have it (for MinGW). + 2005-09-22 Werner Koch * iobuf.c (iobuf_get_filelength): New arg OVERFLOW. Modified: trunk/util/secmem.c =================================================================== --- trunk/util/secmem.c 2005-11-02 16:53:40 UTC (rev 3921) +++ trunk/util/secmem.c 2005-11-03 04:46:20 UTC (rev 3922) @@ -43,6 +43,12 @@ #include "util.h" #include "i18n.h" +/* MinGW doesn't seem to prototype getpagesize, though it does have + it. */ +#if !HAVE_DECL_GETPAGESIZE +int getpagesize(void); +#endif + #if defined(MAP_ANON) && !defined(MAP_ANONYMOUS) #define MAP_ANONYMOUS MAP_ANON #endif From cvs at cvs.gnupg.org Sun Nov 6 05:25:53 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Sun Nov 6 04:53:59 2005 Subject: [svn] GnuPG - r3923 - trunk/m4 Message-ID: Author: dshaw Date: 2005-11-06 05:25:52 +0100 (Sun, 06 Nov 2005) New Revision: 3923 Modified: trunk/m4/ChangeLog trunk/m4/libusb.m4 Log: * libusb.m4: Check for libusb-config and if we find it, use --libs and --cflags. This is needed for OS X since libusb brings in dependencies to various Apple libraries. Modified: trunk/m4/ChangeLog =================================================================== --- trunk/m4/ChangeLog 2005-11-03 04:46:20 UTC (rev 3922) +++ trunk/m4/ChangeLog 2005-11-06 04:25:52 UTC (rev 3923) @@ -1,3 +1,9 @@ +2005-11-05 David Shaw + + * libusb.m4: Check for libusb-config and if we find it, use --libs + and --cflags. This is needed for OS X since libusb brings in + dependencies to various Apple libraries. + 2005-10-21 David Shaw * readline.m4: Check for rl_completion_func_t and Modified: trunk/m4/libusb.m4 =================================================================== --- trunk/m4/libusb.m4 2005-11-03 04:46:20 UTC (rev 3922) +++ trunk/m4/libusb.m4 2005-11-06 04:25:52 UTC (rev 3923) @@ -1,5 +1,5 @@ dnl Check for libusb -dnl Copyright (C) 2004 Free Software Foundation, Inc. +dnl Copyright (C) 2004, 2005 Free Software Foundation, Inc. dnl dnl This file is free software, distributed under the terms of the GNU dnl General Public License. As a special exception to the GNU General @@ -22,11 +22,25 @@ if test -d "$withval" ; then CPPFLAGS="${CPPFLAGS} -I$withval/include" LDFLAGS="${LDFLAGS} -L$withval/lib" + AC_PATH_PROG([_usb_config],["$_do_libusb/bin/libusb-config"]) + else + AC_PATH_PROG([_usb_config],[libusb-config]) fi _libusb_save_libs=$LIBS - LIBS="$LIBS -lusb" + _libusb_save_cflags=$CFLAGS + if test x$_usb_config != "x" ; then + _libusb_try_libs=`$LIBS $_usb_config --libs` + _libusb_try_cflags=`$LIBS $_usb_config --cflags` + else + _libusb_try_libs="-lusb" + _libusb_try_cflags="" + fi + + LIBS="$LIBS $_libusb_try_libs" + CFLAGS="$CFLAGS $_libusb_try_cflags" + AC_MSG_CHECKING([whether libusb is present and sane]) AC_LINK_IFELSE(AC_LANG_PROGRAM([#include ],[ @@ -38,13 +52,18 @@ if test $_found_libusb = yes ; then AC_DEFINE(HAVE_LIBUSB,1, [Define to 1 if you have a fully functional libusb library.]) - AC_SUBST(LIBUSB,"-lusb") + AC_SUBST(LIBUSB_CPPFLAGS,$_libusb_try_cflags) + AC_SUBST(LIBUSB,$_libusb_try_libs) AC_CHECK_FUNCS(usb_get_busses) fi LIBS=$_libusb_save_libs + CFLAGS=$_libusb_save_cflags unset _libusb_save_libs + unset _libusb_save_cflags + unset _libusb_try_libs + unset _libusb_try_cflags unset _found_libusb fi ])dnl From cvs at cvs.gnupg.org Sun Nov 6 05:32:56 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Sun Nov 6 05:01:05 2005 Subject: [svn] GnuPG - r3924 - trunk/g10 Message-ID: Author: dshaw Date: 2005-11-06 05:32:54 +0100 (Sun, 06 Nov 2005) New Revision: 3924 Modified: trunk/g10/ChangeLog trunk/g10/Makefile.am trunk/g10/apdu.c trunk/g10/gpg.c Log: * Makefile.am: Include @LIBUSB_CPPFLAGS@ in our CPPFLAGS. Strictly speaking this should be only in gpg_CPPFLAGS, but then we have to compile everything twice for gpg and gpgv. * apdu.c (open_pcsc_reader): Fix double free. * gpg.c (main) [__APPLE__]: Default the PCSC driver to the OS X location. Suggested by Patty A. Hardy. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-11-06 04:25:52 UTC (rev 3923) +++ trunk/g10/ChangeLog 2005-11-06 04:32:54 UTC (rev 3924) @@ -1,3 +1,14 @@ +2005-11-05 David Shaw + + * Makefile.am: Include @LIBUSB_CPPFLAGS@ in our CPPFLAGS. + Strictly speaking this should be only in gpg_CPPFLAGS, but then we + have to compile everything twice for gpg and gpgv. + + * apdu.c (open_pcsc_reader): Fix double free. + + * gpg.c (main) [__APPLE__]: Default the PCSC driver to the OS X + location. Suggested by Patty A. Hardy. + 2005-11-02 David Shaw * trustdb.c (clean_sigs_from_uid): Include sigs from unavailable Modified: trunk/g10/Makefile.am =================================================================== --- trunk/g10/Makefile.am 2005-11-06 04:25:52 UTC (rev 3923) +++ trunk/g10/Makefile.am 2005-11-06 04:32:54 UTC (rev 3924) @@ -19,14 +19,16 @@ ## Process this file with automake to produce Makefile.in -INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/intl +AM_CPPFLAGS = -I$(top_srcdir)/include -I$(top_srcdir)/intl @LIBUSB_CPPFLAGS@ + EXTRA_DIST = options.skel # it seems that we can't use this with automake 1.5 #OMIT_DEPENDENCIES = zlib.h zconf.h if ! HAVE_DOSISH_SYSTEM -AM_CFLAGS = -DGNUPG_LIBEXECDIR="\"$(libexecdir)/@PACKAGE@\"" +AM_CPPFLAGS += -DGNUPG_LIBEXECDIR="\"$(libexecdir)/@PACKAGE@\"" endif + needed_libs = ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a other_libs = $(LIBICONV) $(SRVLIBS) $(LIBINTL) $(CAPLIBS) Modified: trunk/g10/apdu.c =================================================================== --- trunk/g10/apdu.c 2005-11-06 04:25:52 UTC (rev 3923) +++ trunk/g10/apdu.c 2005-11-06 04:32:54 UTC (rev 3924) @@ -1603,7 +1603,6 @@ xfree (reader_table[slot].rdrname); reader_table[slot].rdrname = NULL; reader_table[slot].used = 0; - xfree (list); return -1 /*pcsc_error_to_sw (err)*/; } Modified: trunk/g10/gpg.c =================================================================== --- trunk/g10/gpg.c 2005-11-06 04:25:52 UTC (rev 3923) +++ trunk/g10/gpg.c 2005-11-06 04:32:54 UTC (rev 3924) @@ -1711,7 +1711,9 @@ #ifdef ENABLE_CARD_SUPPORT #if defined(_WIN32) || defined(__CYGWIN__) - opt.pcsc_driver = "winscard.dll"; + opt.pcsc_driver = "winscard.dll"; +#elif defined(__APPLE__) + opt.pcsc_driver = "/System/Library/Frameworks/PCSC.framework/PCSC"; #else opt.pcsc_driver = "libpcsclite.so"; #endif From cvs at cvs.gnupg.org Sun Nov 6 16:45:01 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Sun Nov 6 16:13:07 2005 Subject: [svn] GnuPG - r3925 - trunk/g10 Message-ID: Author: dshaw Date: 2005-11-06 16:45:00 +0100 (Sun, 06 Nov 2005) New Revision: 3925 Modified: trunk/g10/ChangeLog trunk/g10/options.skel Log: * options.skel: Add a section for --encrypt-to. This is Debian bug 336211 by Javier Fern?\195?\161ndez-Sanguino Pe?\195?\177a. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-11-06 04:32:54 UTC (rev 3924) +++ trunk/g10/ChangeLog 2005-11-06 15:45:00 UTC (rev 3925) @@ -1,3 +1,8 @@ +2005-11-06 David Shaw + + * options.skel: Add a section for --encrypt-to. This is Debian + bug 336211 by Javier Fern?ndez-Sanguino Pe?a. + 2005-11-05 David Shaw * Makefile.am: Include @LIBUSB_CPPFLAGS@ in our CPPFLAGS. Modified: trunk/g10/options.skel =================================================================== --- trunk/g10/options.skel 2005-11-06 04:32:54 UTC (rev 3924) +++ trunk/g10/options.skel 2005-11-06 15:45:00 UTC (rev 3925) @@ -39,6 +39,14 @@ #default-recipient some-user-id #default-recipient-self +# Use --encrypt-to to add the specified key as a recipient to all +# messages. This is useful, for example, when sending mail through a +# mail client that does not automatically encrypt mail to your key. +# In the example, this option allows you to read your local copy of +# encrypted mail that you've sent to others. + +#encrypt-to some-key-id + # By default GnuPG creates version 3 signatures for data files. This # is not strictly OpenPGP compliant but PGP 6 and most versions of PGP # 7 require them. To disable this behavior, you may use this option From cvs at cvs.gnupg.org Thu Nov 10 22:18:52 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Thu Nov 10 21:46:32 2005 Subject: [svn] GnuPG - r3926 - trunk/g10 Message-ID: Author: dshaw Date: 2005-11-10 22:18:49 +0100 (Thu, 10 Nov 2005) New Revision: 3926 Modified: trunk/g10/ChangeLog trunk/g10/export.c trunk/g10/import.c trunk/g10/keyedit.c trunk/g10/trustdb.c trunk/g10/trustdb.h Log: * trustdb.h, trustdb.c (clean_sigs_from_uid): Add flag to remove all non-selfsigs from key during cleaning. Change all callers. * export.c (do_export_stream): Use it here so we don't need additional minimize code in the export path. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-11-06 15:45:00 UTC (rev 3925) +++ trunk/g10/ChangeLog 2005-11-10 21:18:49 UTC (rev 3926) @@ -1,3 +1,11 @@ +2005-11-10 David Shaw + + * trustdb.h, trustdb.c (clean_sigs_from_uid): Add flag to remove + all non-selfsigs from key during cleaning. Change all callers. + + * export.c (do_export_stream): Use it here so we don't need + additional minimize code in the export path. + 2005-11-06 David Shaw * options.skel: Add a section for --encrypt-to. This is Debian Modified: trunk/g10/export.c =================================================================== --- trunk/g10/export.c 2005-11-06 15:45:00 UTC (rev 3925) +++ trunk/g10/export.c 2005-11-10 21:18:49 UTC (rev 3926) @@ -293,7 +293,6 @@ subkey_list_t subkey_list = NULL; /* Track alreay processed subkeys. */ KEYDB_HANDLE kdbhd; STRLIST sl; - u32 keyid[2]; *any = 0; init_packet( &pkt ); @@ -383,10 +382,6 @@ else { /* It's a public key export. */ - if((options&EXPORT_MINIMAL) - && (node=find_kbnode(keyblock,PKT_PUBLIC_KEY))) - keyid_from_pk(node->pkt->pkt.public_key,keyid); - if(options&EXPORT_CLEAN_UIDS) clean_uids_from_key(keyblock,opt.verbose); } @@ -460,26 +455,20 @@ } } - if(node->pkt->pkttype==PKT_USER_ID) { /* Run clean_sigs_from_uid against each uid if - export-clean-sigs is on. */ + export-clean-sigs is on. export-minimal causes it + to remove all non-selfsigs as well. Note that + export-minimal only applies to UID sigs (0x10, + 0x11, 0x12, and 0x13). A designated revocation is + not stripped. */ if(options&EXPORT_CLEAN_SIGS) - clean_sigs_from_uid(keyblock,node,opt.verbose); + clean_sigs_from_uid(keyblock,node, + opt.verbose,options&EXPORT_MINIMAL); } else if(node->pkt->pkttype==PKT_SIGNATURE) { - /* If we have export-minimal turned on, do not include - any signature that isn't a selfsig. Note that this - only applies to uid sigs (0x10, 0x11, 0x12, and - 0x13). A designated revocation is not stripped. */ - if((options&EXPORT_MINIMAL) - && IS_UID_SIG(node->pkt->pkt.signature) - && (node->pkt->pkt.signature->keyid[0]!=keyid[0] - || node->pkt->pkt.signature->keyid[1]!=keyid[1])) - continue; - /* do not export packets which are marked as not exportable */ if(!(options&EXPORT_LOCAL_SIGS) Modified: trunk/g10/import.c =================================================================== --- trunk/g10/import.c 2005-11-06 15:45:00 UTC (rev 3925) +++ trunk/g10/import.c 2005-11-10 21:18:49 UTC (rev 3926) @@ -674,7 +674,7 @@ for(uidnode=keyblock->next;uidnode;uidnode=uidnode->next) if(uidnode->pkt->pkttype==PKT_USER_ID) - deleted+=clean_sigs_from_uid(keyblock,uidnode,opt.verbose); + deleted+=clean_sigs_from_uid(keyblock,uidnode,opt.verbose,0); return deleted; } Modified: trunk/g10/keyedit.c =================================================================== --- trunk/g10/keyedit.c 2005-11-06 15:45:00 UTC (rev 3925) +++ trunk/g10/keyedit.c 2005-11-10 21:18:49 UTC (rev 3926) @@ -3199,7 +3199,7 @@ char *user=utf8_to_native(uidnode->pkt->pkt.user_id->name, uidnode->pkt->pkt.user_id->len, 0); - deleted=clean_sigs_from_uid(keyblock,uidnode,opt.verbose); + deleted=clean_sigs_from_uid(keyblock,uidnode,opt.verbose,0); if(deleted) { tty_printf(deleted==1? Modified: trunk/g10/trustdb.c =================================================================== --- trunk/g10/trustdb.c 2005-11-06 15:45:00 UTC (rev 3925) +++ trunk/g10/trustdb.c 2005-11-10 21:18:49 UTC (rev 3926) @@ -1575,13 +1575,16 @@ } int -clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy) +clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy,int self_only) { int deleted=0; KBNODE node; + u32 keyid[2]; assert(keyblock->pkt->pkttype==PKT_PUBLIC_KEY); + keyid_from_pk(keyblock->pkt->pkt.public_key,keyid); + /* Passing in a 0 for current time here means that we'll never weed out an expired sig. This is correct behavior since we want to keep the most recent expired sig in a series. */ @@ -1607,12 +1610,15 @@ node && node->pkt->pkttype==PKT_SIGNATURE; node=node->next) { + int keep=self_only?(node->pkt->pkt.signature->keyid[0]==keyid[0] + && node->pkt->pkt.signature->keyid[1]==keyid[1]):1; + /* Keep usable uid sigs ... */ - if(node->flag & (1<<8)) + if((node->flag & (1<<8)) && keep) continue; /* ... and usable revocations... */ - if(node->flag & (1<<11)) + if((node->flag & (1<<11)) && keep) continue; /* ... and sigs from unavailable keys. */ Modified: trunk/g10/trustdb.h =================================================================== --- trunk/g10/trustdb.h 2005-11-06 15:45:00 UTC (rev 3925) +++ trunk/g10/trustdb.h 2005-11-10 21:18:49 UTC (rev 3926) @@ -82,7 +82,7 @@ void update_ownertrust (PKT_public_key *pk, unsigned int new_trust ); int clear_ownertrusts (PKT_public_key *pk); -int clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy); +int clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy,int self_only); int clean_uids_from_key(KBNODE keyblock,int noisy); /*-- tdbdump.c --*/ From cvs at cvs.gnupg.org Thu Nov 10 22:30:35 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Thu Nov 10 21:58:14 2005 Subject: [svn] GnuPG - r3927 - trunk/g10 Message-ID: Author: dshaw Date: 2005-11-10 22:30:27 +0100 (Thu, 10 Nov 2005) New Revision: 3927 Modified: trunk/g10/ChangeLog trunk/g10/export.c trunk/g10/import.c trunk/g10/options.h Log: * options.h, import.c (parse_import_options, clean_sigs_from_all_uids, import_one): Add import-minimal option. Similar to export-minimal, except it works on the way in. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-11-10 21:18:49 UTC (rev 3926) +++ trunk/g10/ChangeLog 2005-11-10 21:30:27 UTC (rev 3927) @@ -1,5 +1,9 @@ 2005-11-10 David Shaw + * options.h, import.c (parse_import_options, + clean_sigs_from_all_uids, import_one): Add import-minimal option. + Similar to export-minimal, except it works on the way in. + * trustdb.h, trustdb.c (clean_sigs_from_uid): Add flag to remove all non-selfsigs from key during cleaning. Change all callers. Modified: trunk/g10/export.c =================================================================== --- trunk/g10/export.c 2005-11-10 21:18:49 UTC (rev 3926) +++ trunk/g10/export.c 2005-11-10 21:30:27 UTC (rev 3927) @@ -72,7 +72,7 @@ N_("remove unusable user IDs during export")}, {"export-minimal", EXPORT_MINIMAL|EXPORT_CLEAN_SIGS|EXPORT_CLEAN_UIDS,NULL, - N_("export the smallest key possible")}, + N_("remove unusable user IDs and all signatures during export")}, {"export-reset-subkey-passwd",EXPORT_RESET_SUBKEY_PASSWD,NULL, N_("remove the passphrase from exported subkeys")}, /* Aliases for backward compatibility */ Modified: trunk/g10/import.c =================================================================== --- trunk/g10/import.c 2005-11-10 21:18:49 UTC (rev 3926) +++ trunk/g10/import.c 2005-11-10 21:30:27 UTC (rev 3927) @@ -107,6 +107,9 @@ N_("remove unusable signatures after import")}, {"import-clean-uids",IMPORT_CLEAN_UIDS,NULL, N_("remove unusable user IDs after import")}, + {"import-minimal", + IMPORT_MINIMAL|IMPORT_CLEAN_SIGS|IMPORT_CLEAN_UIDS,NULL, + N_("remove unusable user IDs and all signatures after import")}, /* Aliases for backward compatibility */ {"allow-local-sigs",IMPORT_LOCAL_SIGS,NULL,NULL}, {"repair-hkp-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG,NULL,NULL}, @@ -667,14 +670,14 @@ } static int -clean_sigs_from_all_uids(KBNODE keyblock) +clean_sigs_from_all_uids(KBNODE keyblock,int self_only) { KBNODE uidnode; int deleted=0; for(uidnode=keyblock->next;uidnode;uidnode=uidnode->next) if(uidnode->pkt->pkttype==PKT_USER_ID) - deleted+=clean_sigs_from_uid(keyblock,uidnode,opt.verbose,0); + deleted+=clean_sigs_from_uid(keyblock,uidnode,opt.verbose,self_only); return deleted; } @@ -746,7 +749,7 @@ the end result, but does result in less logging which might confuse the user. */ if(options&IMPORT_CLEAN_SIGS) - clean_sigs_from_all_uids(keyblock); + clean_sigs_from_all_uids(keyblock,options&IMPORT_MINIMAL); if(options&IMPORT_CLEAN_UIDS) clean_uids_from_key(keyblock,opt.verbose); @@ -899,7 +902,8 @@ } if(options&IMPORT_CLEAN_SIGS) - n_sigs_cleaned=clean_sigs_from_all_uids(keyblock_orig); + n_sigs_cleaned=clean_sigs_from_all_uids(keyblock_orig, + options&IMPORT_MINIMAL); if(options&IMPORT_CLEAN_UIDS) n_uids_cleaned=clean_uids_from_key(keyblock_orig,opt.verbose); Modified: trunk/g10/options.h =================================================================== --- trunk/g10/options.h 2005-11-10 21:18:49 UTC (rev 3926) +++ trunk/g10/options.h 2005-11-10 21:30:27 UTC (rev 3927) @@ -265,8 +265,9 @@ #define IMPORT_FAST (1<<2) #define IMPORT_SK2PK (1<<3) #define IMPORT_MERGE_ONLY (1<<4) -#define IMPORT_CLEAN_SIGS (1<<5) -#define IMPORT_CLEAN_UIDS (1<<6) +#define IMPORT_MINIMAL (1<<5) +#define IMPORT_CLEAN_SIGS (1<<6) +#define IMPORT_CLEAN_UIDS (1<<7) #define EXPORT_LOCAL_SIGS (1<<0) #define EXPORT_ATTRIBUTES (1<<1) From cvs at cvs.gnupg.org Thu Nov 10 23:50:50 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Thu Nov 10 23:18:30 2005 Subject: [svn] GnuPG - r3928 - trunk/g10 Message-ID: Author: dshaw Date: 2005-11-10 23:50:46 +0100 (Thu, 10 Nov 2005) New Revision: 3928 Modified: trunk/g10/ChangeLog trunk/g10/getkey.c trunk/g10/keyedit.c trunk/g10/keygen.c trunk/g10/packet.h trunk/g10/pkclist.c Log: * packet.h: Move some flags to a bitfield. Change all callers. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-11-10 21:30:27 UTC (rev 3927) +++ trunk/g10/ChangeLog 2005-11-10 22:50:46 UTC (rev 3928) @@ -1,5 +1,7 @@ 2005-11-10 David Shaw + * packet.h: Move some flags to a bitfield. Change all callers. + * options.h, import.c (parse_import_options, clean_sigs_from_all_uids, import_one): Add import-minimal option. Similar to export-minimal, except it works on the way in. Modified: trunk/g10/getkey.c =================================================================== --- trunk/g10/getkey.c 2005-11-10 21:30:27 UTC (rev 3927) +++ trunk/g10/getkey.c 2005-11-10 22:50:46 UTC (rev 3928) @@ -1464,16 +1464,16 @@ } /* see whether we have the MDC feature */ - uid->mdc_feature = 0; + uid->flags.mdc = 0; p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_FEATURES, &n); if (p && n && (p[0] & 0x01)) - uid->mdc_feature = 1; + uid->flags.mdc = 1; /* and the keyserver modify flag */ - uid->ks_modify = 1; + uid->flags.ks_modify = 1; p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KS_FLAGS, &n); if (p && n && (p[0] & 0x80)) - uid->ks_modify = 0; + uid->flags.ks_modify = 0; } static void @@ -2170,7 +2170,7 @@ && !k->pkt->pkt.user_id->attrib_data && k->pkt->pkt.user_id->is_primary) { prefs = k->pkt->pkt.user_id->prefs; - mdc_feature = k->pkt->pkt.user_id->mdc_feature; + mdc_feature = k->pkt->pkt.user_id->flags.mdc; break; } } Modified: trunk/g10/keyedit.c =================================================================== --- trunk/g10/keyedit.c 2005-11-10 21:30:27 UTC (rev 3927) +++ trunk/g10/keyedit.c 2005-11-10 22:50:46 UTC (rev 3928) @@ -2350,17 +2350,17 @@ } tty_printf ("%s",compress_algo_to_string(COMPRESS_ALGO_NONE)); } - if(uid->mdc_feature || !uid->ks_modify) + if(uid->flags.mdc || !uid->flags.ks_modify) { tty_printf ("\n "); tty_printf (_("Features: ")); any=0; - if(uid->mdc_feature) + if(uid->flags.mdc) { tty_printf ("MDC"); any=1; } - if(!uid->ks_modify) + if(!uid->flags.ks_modify) { if(any) tty_printf (", "); @@ -2393,9 +2393,9 @@ prefs[i].type == PREFTYPE_ZIP ? 'Z':'?', prefs[i].value); } - if (uid->mdc_feature) + if (uid->flags.mdc) tty_printf (" [mdc]"); - if (!uid->ks_modify) + if (!uid->flags.ks_modify) tty_printf (" [no-ks-modify]"); tty_printf("\n"); } @@ -2534,9 +2534,9 @@ prefs[j].type == PREFTYPE_ZIP ? 'Z':'?', prefs[j].value); } - if (uid->mdc_feature) + if (uid->flags.mdc) printf (",mdc"); - if (!uid->ks_modify) + if (!uid->flags.ks_modify) printf (",no-ks-modify"); } putchar (':'); Modified: trunk/g10/keygen.c =================================================================== --- trunk/g10/keygen.c 2005-11-10 21:30:27 UTC (rev 3927) +++ trunk/g10/keygen.c 2005-11-10 22:50:46 UTC (rev 3928) @@ -530,8 +530,8 @@ uid->prefs[j].type=PREFTYPE_NONE; uid->prefs[j].value=0; - uid->mdc_feature=mdc_available; - uid->ks_modify=ks_modify; + uid->flags.mdc=mdc_available; + uid->flags.ks_modify=ks_modify; return uid; } Modified: trunk/g10/packet.h =================================================================== --- trunk/g10/packet.h 2005-11-10 21:30:27 UTC (rev 3927) +++ trunk/g10/packet.h 2005-11-10 22:50:46 UTC (rev 3928) @@ -183,28 +183,33 @@ u32 len; }; -typedef struct { - int ref; /* reference counter */ - int len; /* length of the name */ - struct user_attribute *attribs; - int numattribs; - byte *attrib_data; /* if this is not NULL, the packet is an attribute */ - unsigned long attrib_len; - byte *namehash; - int help_key_usage; - u32 help_key_expire; - int help_full_count; - int help_marginal_count; - int is_primary; /* 2 if set via the primary flag, 1 if calculated */ - int is_revoked; - int is_expired; - u32 expiredate; /* expires at this date or 0 if not at all */ - prefitem_t *prefs; /* list of preferences (may be NULL)*/ - int mdc_feature; - int ks_modify; - u32 created; /* according to the self-signature */ - byte selfsigversion; - char name[1]; +typedef struct +{ + int ref; /* reference counter */ + int len; /* length of the name */ + struct user_attribute *attribs; + int numattribs; + byte *attrib_data; /* if this is not NULL, the packet is an attribute */ + unsigned long attrib_len; + byte *namehash; + int help_key_usage; + u32 help_key_expire; + int help_full_count; + int help_marginal_count; + int is_primary; /* 2 if set via the primary flag, 1 if calculated */ + int is_revoked; + int is_expired; + u32 expiredate; /* expires at this date or 0 if not at all */ + prefitem_t *prefs; /* list of preferences (may be NULL)*/ + u32 created; /* according to the self-signature */ + byte selfsigversion; + struct + { + /* TODO: Move more flags here */ + unsigned mdc:1; + unsigned ks_modify:1; + } flags; + char name[1]; } PKT_user_id; struct revoke_info Modified: trunk/g10/pkclist.c =================================================================== --- trunk/g10/pkclist.c 2005-11-10 21:30:27 UTC (rev 3927) +++ trunk/g10/pkclist.c 2005-11-10 22:50:46 UTC (rev 3928) @@ -1421,7 +1421,7 @@ int mdc; if (pkr->pk->user_id) /* selected by user ID */ - mdc = pkr->pk->user_id->mdc_feature; + mdc = pkr->pk->user_id->flags.mdc; else mdc = pkr->pk->mdc_feature; if (!mdc) From cvs at cvs.gnupg.org Fri Nov 11 00:16:37 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Thu Nov 10 23:44:15 2005 Subject: [svn] GnuPG - r3929 - trunk/g10 Message-ID: Author: dshaw Date: 2005-11-11 00:16:34 +0100 (Fri, 11 Nov 2005) New Revision: 3929 Modified: trunk/g10/ChangeLog trunk/g10/keyedit.c trunk/g10/packet.h trunk/g10/trustdb.c Log: * packet.h, keyedit.c (menu_clean_uids_from_key), trustdb.c (clean_uids_from_key): Fix display bug where sigs cleaned for other reasons caused a uid to appear as if it had been compacted. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-11-10 22:50:46 UTC (rev 3928) +++ trunk/g10/ChangeLog 2005-11-10 23:16:34 UTC (rev 3929) @@ -1,5 +1,9 @@ 2005-11-10 David Shaw + * packet.h, keyedit.c (menu_clean_uids_from_key), trustdb.c + (clean_uids_from_key): Fix display bug where sigs cleaned for + other reasons caused a uid to appear as if it had been compacted. + * packet.h: Move some flags to a bitfield. Change all callers. * options.h, import.c (parse_import_options, Modified: trunk/g10/keyedit.c =================================================================== --- trunk/g10/keyedit.c 2005-11-10 22:50:46 UTC (rev 3928) +++ trunk/g10/keyedit.c 2005-11-10 23:16:34 UTC (rev 3929) @@ -3225,30 +3225,26 @@ if(modified) { - KBNODE node,uidnode=NULL; + KBNODE node; for(node=keyblock->next;node;node=node->next) { - if(node->pkt->pkttype==PKT_USER_ID) - uidnode=node; - else if(uidnode && node->pkt->pkttype==PKT_SIGNATURE - && is_deleted_kbnode(node)) + if(node->pkt->pkttype==PKT_USER_ID + && node->pkt->pkt.user_id->flags.compacted) { const char *reason; - char *user=utf8_to_native(uidnode->pkt->pkt.user_id->name, - uidnode->pkt->pkt.user_id->len,0); + char *user=utf8_to_native(node->pkt->pkt.user_id->name, + node->pkt->pkt.user_id->len,0); - if(uidnode->pkt->pkt.user_id->is_revoked) + if(node->pkt->pkt.user_id->is_revoked) reason=_("revoked"); - else if(uidnode->pkt->pkt.user_id->is_expired) + else if(node->pkt->pkt.user_id->is_expired) reason=_("expired"); else reason=_("invalid"); tty_printf("User ID \"%s\" compacted: %s\n",user,reason); - uidnode=NULL; - xfree(user); } } Modified: trunk/g10/packet.h =================================================================== --- trunk/g10/packet.h 2005-11-10 22:50:46 UTC (rev 3928) +++ trunk/g10/packet.h 2005-11-10 23:16:34 UTC (rev 3929) @@ -208,6 +208,7 @@ /* TODO: Move more flags here */ unsigned mdc:1; unsigned ks_modify:1; + unsigned compacted:1; } flags; char name[1]; } PKT_user_id; Modified: trunk/g10/trustdb.c =================================================================== --- trunk/g10/trustdb.c 2005-11-10 22:50:46 UTC (rev 3928) +++ trunk/g10/trustdb.c 2005-11-10 23:16:34 UTC (rev 3929) @@ -1667,8 +1667,9 @@ clean_uids_from_key(KBNODE keyblock,int noisy) { int delete_until_next=0,deleting=0,deleted=0; - KBNODE node,signode=NULL; + KBNODE node; u32 keyid[2],sigdate=0; + PKT_user_id *uid=NULL; assert(keyblock->pkt->pkttype==PKT_PUBLIC_KEY); @@ -1682,10 +1683,8 @@ { if(node->pkt->pkttype==PKT_USER_ID) { - PKT_user_id *uid=node->pkt->pkt.user_id; - + uid=node->pkt->pkt.user_id; sigdate=0; - signode=NULL; /* Skip valid user IDs, and non-self-signed user IDs if --allow-non-selfsigned-uid is set. */ @@ -1718,7 +1717,7 @@ } } } - else if(node->pkt->pkttype==PKT_SIGNATURE) + else if(node->pkt->pkttype==PKT_SIGNATURE && uid) { PKT_signature *sig=node->pkt->pkt.signature; @@ -1727,13 +1726,11 @@ if(IS_UID_SIG(sig) && sig->timestamp>sigdate && keyid[0]==sig->keyid[0] && keyid[1]==sig->keyid[1] && check_key_signature(keyblock,node,NULL)==0) - { - sigdate=sig->timestamp; - signode=node; - } + sigdate=sig->timestamp; if(delete_until_next && !sig->flags.chosen_selfsig) { + uid->flags.compacted=1; delete_kbnode(node); if(deleting) { From cvs at cvs.gnupg.org Fri Nov 11 00:25:23 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Thu Nov 10 23:53:00 2005 Subject: [svn] GnuPG - r3930 - trunk/g10 Message-ID: Author: dshaw Date: 2005-11-11 00:25:20 +0100 (Fri, 11 Nov 2005) New Revision: 3930 Modified: trunk/g10/ChangeLog trunk/g10/keyedit.c trunk/g10/trustdb.c Log: * keyedit.c (keyedit_menu, menu_clean_sigs_from_uids): Add "minimize" command. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-11-10 23:16:34 UTC (rev 3929) +++ trunk/g10/ChangeLog 2005-11-10 23:25:20 UTC (rev 3930) @@ -1,5 +1,8 @@ 2005-11-10 David Shaw + * keyedit.c (keyedit_menu, menu_clean_sigs_from_uids): Add + "minimize" command. + * packet.h, keyedit.c (menu_clean_uids_from_key), trustdb.c (clean_uids_from_key): Fix display bug where sigs cleaned for other reasons caused a uid to appear as if it had been compacted. @@ -13,8 +16,8 @@ * trustdb.h, trustdb.c (clean_sigs_from_uid): Add flag to remove all non-selfsigs from key during cleaning. Change all callers. - * export.c (do_export_stream): Use it here so we don't need - additional minimize code in the export path. + * export.c (do_export_stream): Use it here for export-minimal so + we don't need additional minimize code in the export path. 2005-11-06 David Shaw Modified: trunk/g10/keyedit.c =================================================================== --- trunk/g10/keyedit.c 2005-11-10 23:16:34 UTC (rev 3929) +++ trunk/g10/keyedit.c 2005-11-10 23:25:20 UTC (rev 3930) @@ -57,7 +57,7 @@ int photo, const char *photo_name ); static void menu_deluid( KBNODE pub_keyblock, KBNODE sec_keyblock ); static int menu_delsig( KBNODE pub_keyblock ); -static int menu_clean_sigs_from_uids(KBNODE keyblock); +static int menu_clean_sigs_from_uids(KBNODE keyblock,int self_only); static int menu_clean_uids_from_key(KBNODE keyblock); static void menu_delkey( KBNODE pub_keyblock, KBNODE sec_keyblock ); static int menu_addrevoker( KBNODE pub_keyblock, @@ -1341,7 +1341,7 @@ cmdADDREVOKER, cmdTOGGLE, cmdSELKEY, cmdPASSWD, cmdTRUST, cmdPREF, cmdEXPIRE, cmdBACKSIGN, cmdENABLEKEY, cmdDISABLEKEY, cmdSHOWPREF, cmdSETPREF, cmdPREFKS, cmdINVCMD, cmdSHOWPHOTO, cmdUPDTRUST, cmdCHKTRUST, - cmdADDCARDKEY, cmdKEYTOCARD, cmdBKUPTOCARD, cmdCLEAN, cmdNOP + cmdADDCARDKEY, cmdKEYTOCARD, cmdBKUPTOCARD, cmdCLEAN, cmdMINIMIZE, cmdNOP }; static struct @@ -1443,6 +1443,8 @@ { "showphoto",cmdSHOWPHOTO , 0, N_("show selected photo IDs") }, { "clean", cmdCLEAN , KEYEDIT_NOT_SK, N_("clean unusable parts from key") }, + { "minimize", cmdMINIMIZE , KEYEDIT_NOT_SK, + N_("clean unusable parts from key and remove all signatures") }, { NULL, cmdNONE, 0, NULL } }; @@ -2180,7 +2182,7 @@ || ascii_strcasecmp(arg_string,"signatures")==0 || ascii_strcasecmp(arg_string,"certs")==0 || ascii_strcasecmp(arg_string,"certificates")==0) - modified=menu_clean_sigs_from_uids(keyblock); + modified=menu_clean_sigs_from_uids(keyblock,0); else if(ascii_strcasecmp(arg_string,"uids")==0) redisplay=modified=menu_clean_uids_from_key(keyblock); else @@ -2188,13 +2190,19 @@ } else { - modified=menu_clean_sigs_from_uids(keyblock); + modified=menu_clean_sigs_from_uids(keyblock,0); modified+=menu_clean_uids_from_key(keyblock); redisplay=modified; } } break; + case cmdMINIMIZE: + modified=menu_clean_sigs_from_uids(keyblock,1); + modified+=menu_clean_uids_from_key(keyblock); + redisplay=modified; + break; + case cmdQUIT: if( have_commands ) goto leave; @@ -3184,7 +3192,7 @@ } static int -menu_clean_sigs_from_uids(KBNODE keyblock) +menu_clean_sigs_from_uids(KBNODE keyblock,int self_only) { KBNODE uidnode; int modified=0; @@ -3199,7 +3207,7 @@ char *user=utf8_to_native(uidnode->pkt->pkt.user_id->name, uidnode->pkt->pkt.user_id->len, 0); - deleted=clean_sigs_from_uid(keyblock,uidnode,opt.verbose,0); + deleted=clean_sigs_from_uid(keyblock,uidnode,opt.verbose,self_only); if(deleted) { tty_printf(deleted==1? Modified: trunk/g10/trustdb.c =================================================================== --- trunk/g10/trustdb.c 2005-11-10 23:16:34 UTC (rev 3929) +++ trunk/g10/trustdb.c 2005-11-10 23:25:20 UTC (rev 3930) @@ -1659,8 +1659,6 @@ We don't actually remove the user ID packet itself since it might be ressurected in a later merge. - If this self-sig is a revocation, we also include the most recent - valid regular sig since it is hard to import the user ID otherwise. TODO: change the import code to allow importing a uid with only a revocation if the uid already exists on the keyring. */ int From cvs at cvs.gnupg.org Fri Nov 11 16:32:17 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Fri Nov 11 15:59:52 2005 Subject: [svn] ksba - r228 - in trunk: . doc src Message-ID: Author: wk Date: 2005-11-11 16:32:08 +0100 (Fri, 11 Nov 2005) New Revision: 228 Modified: trunk/NEWS trunk/configure.ac trunk/doc/ksba.texi trunk/src/ChangeLog trunk/src/cert.c trunk/src/cert.h trunk/src/libksba.vers trunk/src/util.c Log: Added user data feature for ksba_cert_t Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2005-09-28 21:37:09 UTC (rev 227) +++ trunk/NEWS 2005-11-11 15:32:08 UTC (rev 228) @@ -1,3 +1,14 @@ +Noteworthy changes in version 0.9.13 +------------------------------------------------- + + * New functions to associate user data with a certificate object. + + * Interface changes relative to the 0.9.12 release: + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + ksba_cert_set_user_data NEW + ksba_cert_get_user_data NEW + + Noteworthy changes in version 0.9.12 (2005-08-01) ------------------------------------------------- Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2005-09-28 21:37:09 UTC (rev 227) +++ trunk/configure.ac 2005-11-11 15:32:08 UTC (rev 228) @@ -23,7 +23,7 @@ # Version number: Remember to change immediately *after* a release. # Append a "-cvs" for non-released versions. -AC_INIT(libksba, 0.9.12, gpa-dev@gnupg.org) +AC_INIT(libksba, 0.9.13-cvs, gpa-dev@gnupg.org) # LT Version numbers: Remember to change them just *before* a release. # (Interfaces removed: CURRENT++, AGE=0, REVISION=0) # (Interfaces added: CURRENT++, AGE++, REVISION=0) Modified: trunk/doc/ksba.texi =================================================================== --- trunk/doc/ksba.texi 2005-09-28 21:37:09 UTC (rev 227) +++ trunk/doc/ksba.texi 2005-11-11 15:32:08 UTC (rev 228) @@ -119,6 +119,7 @@ * Creating certificates:: How to create a certificate object. * Retrieving attributes:: How to get the attributes of a certificate. * Setting attributes:: How to set certicates attributes. +* User data:: How to associate other data with a certificate. Mastering the Cryptographic Message Syntax @@ -170,7 +171,7 @@ General Public License (@pxref{Copying}). @item It hides the low level stuff -`KSBA' a higlevel interface to the implemented protocols and presents +`KSBA' a highlevel interface to the implemented protocols and presents the data in a consistent way. There is no more need to worry about all the nasty details of the protocols. The API gives the C programmer a more usual way of interacting with the data. @@ -316,6 +317,7 @@ * Creating certificates:: How to create a certificate object. * Retrieving attributes:: How to get the attributes of a certificate. * Setting attributes:: How to set certicates attributes. +* User data:: How to associate other data with a certificate. @end menu @@ -657,6 +659,49 @@ [This needs to be written. For example code see newpg/sm/sign.c] +@node User data +@section How to associate other data with a certificate. + +Certificate objects play a central role in many applications and often +it is desirable to associate other data with the certificate to avoid +wrapping the certificate object into an own object. `KSBA' provides a +mechanism for this by means of two functions: + +@deftypefun gpg_error_t ksba_cert_set_user_data (@w{ksba_cert_t @var{cert}, const char *@var{key}, const void *@var{data}, size_t @var{datalen}}) + + +Stores arbitrary data along with a certificate. The data is expected in +the buffer @var{data} of length @var{datalen}. It will be stored under +the string @var{key}. If data is already stored under this key it will +be replaced by the new data. Using @code{NULL} for @var{data} will +effectivly delete the data. + +On error (i.e. out of memory) an already existing data object +stored under @var{key} may get deleted. + +@strong{Caution:} This function is definitely not thread safe because we +don't employ any locking mechanisms. +@end deftypefun + + +@deftypefun gpg_error_t ksba_cert_get_user_data (@w{ksba_cert_t @var{cert},} @w{const char *@var{key},} @w{void *@var{buffer},} @w{size_t @var{bufferlen},} @w{size_t *@var{datalen}}) + +Return user data for certificate @var{cert} stored under the string +@var{key}. The caller needs to provide a suitable large @var{buffer} and +the usable length of this buffer in @var{bufferlen}. If @var{datalen} +is not @code{NULL}, the length of the data stored in @var{buffer} will +be stored there. + +If @var{buffer} is given as @code{NULL}, @var{bufferlen} will be ignored +and the required length of the buffer will be returned at @var{datalen}. + +On success 0 is returned. If no data is stored under thengiven key, +@code{GPG_ERR_NOT_FOUND} is returned. If the provided buffer is too +short and @var{buffer} is not @code{NULL}, +@code{GPG_ERR_BUFFER_TOO_SHORT} will be returned. +@end deftypefun + + @node CMS @chapter Mastering the Cryptographic Message Syntax Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2005-09-28 21:37:09 UTC (rev 227) +++ trunk/src/ChangeLog 2005-11-11 15:32:08 UTC (rev 228) @@ -1,3 +1,11 @@ +2005-11-11 Werner Koch + + * cert.h (struct cert_user_data): New. + (struct ksba_cert_s): New field UDATA. + * cert.c (ksba_cert_release): Release the UDATA list. + (ksba_cert_set_user_data, ksba_cert_get_user_data): New. + * libksba.vers: Add the new functions. + 2005-09-28 Marcus Brinkmann * Makefile.am (AM_CCPFLAGS): Renamed to AM_CPPFLAGS. Modified: trunk/src/cert.c =================================================================== --- trunk/src/cert.c 2005-09-28 21:37:09 UTC (rev 227) +++ trunk/src/cert.c 2005-11-11 15:32:08 UTC (rev 228) @@ -1,4 +1,4 @@ -/* cert.c - main function for the certificate handling +g/* cert.c - main function for the certificate handling * Copyright (C) 2001, 2002, 2003, 2004, 2005 g10 Code GmbH * * This file is part of KSBA. @@ -95,6 +95,21 @@ if (--cert->ref_count) return; + if (cert->udata) + { + struct cert_user_data *ud = cert->udata; + cert->udata = NULL; + do + { + struct cert_user_data *ud2 = ud->next; + if (ud->data && ud->data != ud->databuf) + xfree (ud->data); + xfree (ud); + ud = ud2; + } + while (ud); + } + xfree (cert->cache.digest_algo); if (cert->cache.extns_valid) { @@ -103,11 +118,123 @@ xfree (cert->cache.extns); } + /* FIXME: release cert->root, ->asn_tree */ xfree (cert); } +/* Store arbitrary data along with a certificate. The DATA of length + DATALEN will be stored under the string KEY. If some data is + already stored under this key it will be replaced by the new data. + Using NULL for DATA will effectivly delete the data. + + On error (i.e. out or memory) an already existing data object + stored under KEY may get deleted. + + This function is not thread safe because we don't have employ any + locking. */ +gpg_error_t +ksba_cert_set_user_data (ksba_cert_t cert, + const char *key, const void *data, size_t datalen) +{ + struct cert_user_data *ud; + + if (!cert || !key || !*key) + return gpg_error (GPG_ERR_INV_VALUE); + + for (ud=cert->udata; ud; ud = ud->next) + if (!strcmp (ud->key, key)) + break; + if (ud) /* Update the data stored under this key or reuse this item. */ + { + if (ud->data && ud->data != ud->databuf) + xfree (ud->data); + ud->data = NULL; + if (data && datalen <= sizeof ud->databuf) + { + memcpy (ud->databuf, data, datalen); + ud->data = ud->databuf; + ud->datalen = datalen; + } + else if (data) + { + ud->data = xtrymalloc (datalen); + if (!ud->data) + return gpg_error_from_errno (errno); + memcpy (ud->data, data, datalen); + ud->datalen = datalen; + } + } + else if (data) /* Insert as a new item. */ + { + ud = xtrycalloc (1, sizeof *ud + strlen (key)); + if (!ud->data) + return gpg_error_from_errno (errno); + strcpy (ud->key, key); + if (datalen <= sizeof ud->databuf) + { + memcpy (ud->databuf, data, datalen); + ud->data = ud->databuf; + ud->datalen = datalen; + } + else + { + ud->data = xtrymalloc (datalen); + if (!ud->data) + { + xfree (ud); + return gpg_error_from_errno (errno); + } + memcpy (ud->data, data, datalen); + ud->datalen = datalen; + } + } + + return 0; +} + + + +/* Return user data for certificate CERT stored under the string + KEY. The caller needs to provide a suitable large BUFFER and pass + the usable length of the buffer in BUFFERLEN. If DATALEN is not + NULL, the length of the data stored at BUFFER will be stored there. + + If BUFFER is NULL, BUFFERLEN will be ignored and the required + length of the buffer will be returned at DATALEN. + + On success 0 is returned. If no data is stored under KEY + GPG_ERR_NOT_FOUND is returned. If the provided buffer is too + short, GPG_ERR_BUFFER_TOO_SHORT will be returned (note, that this + is not the case if BUFFER is NULL). +*/ +gpg_error_t +ksba_cert_get_user_data (ksba_cert_t cert, const char *key, + void *buffer, size_t bufferlen, size_t *datalen) +{ + struct cert_user_data *ud; + + if (!cert || !key || !*key) + return gpg_error (GPG_ERR_INV_VALUE); + + for (ud=cert->udata; ud; ud = ud->next) + if (!strcmp (ud->key, key)) + break; + if (!ud || !ud->data) + return gpg_error (GPG_ERR_NOT_FOUND); + if (datalen) + *datalen = ud->datalen; + if (buffer) + { + if (ud->datalen > bufferlen) + return gpg_error (GPG_ERR_BUFFER_TOO_SHORT); + memcpy (buffer, ud->data, ud->datalen); + } + return 0; +} + + /** * ksba_cert_read_der: * @cert: An unitialized certificate object Modified: trunk/src/cert.h =================================================================== --- trunk/src/cert.h 2005-09-28 21:37:09 UTC (rev 227) +++ trunk/src/cert.h 2005-11-11 15:32:08 UTC (rev 228) @@ -23,21 +23,67 @@ #include "asn1-func.h" - -struct cert_extn_info { +/* An object to keep parsed information about an extension. */ +struct cert_extn_info +{ char *oid; int crit; int off, len; }; -struct ksba_cert_s { - int initialized; +/* An object to store user supplied data to be associated with a + certificates. This is implemented as a linked list with the + constrained that a given key may only occur once. */ +struct cert_user_data +{ + struct cert_user_data *next; /* Link to next item. */ + + /* The length of the data store at DATA. */ + size_t datalen; + + /* The stored data. This is either malloced storage or points to + DATABUF below. If it is NULL, no data is actually stored under + the key. */ + void *data; + + /* Often we need to store only a few bytes as data. By providing a + fixed buffer we are able to avoid an extra malloc in this case. */ + char databuf[sizeof (int)]; + + /* The key used to store the data object. Dynamically allocated at + object creation time. */ + char key[1]; +}; + + +/* The internal certificate object. */ +struct ksba_cert_s +{ + /* Certificate objects often play a central role and applications + might want to associate other data with the certificate to avoid + wrapping the certificate object into an own object. This UDATA + linked list provides the means to do that. It gets accessed by + ksba_cert_set_user_data and ksba_cert_get_user_data. */ + struct cert_user_data *udata; + + /* This object has been initialized with an actual certificate. + Note that UDATA may be used even without an initialized + certificate. */ + int initialized; + + /* Because we often need to pass certificate objects to other + functions, we use reference counting to keep resource overhead + low. Note, that this object usually gets only read and not + modified. */ int ref_count; + ksba_asn_tree_t asn_tree; - AsnNode root; /* root of the tree with the values */ + AsnNode root; /* Root of the tree with the values */ + unsigned char *image; size_t imagelen; + gpg_error_t last_error; struct { char *digest_algo; @@ -48,6 +94,8 @@ }; +/*** Internal functions ***/ + int _ksba_cert_cmp (ksba_cert_t a, ksba_cert_t b); gpg_error_t _ksba_cert_get_serial_ptr (ksba_cert_t cert, Modified: trunk/src/libksba.vers =================================================================== --- trunk/src/libksba.vers 2005-09-28 21:37:09 UTC (rev 227) +++ trunk/src/libksba.vers 2005-11-11 15:32:08 UTC (rev 228) @@ -37,6 +37,7 @@ ksba_cert_read_der; ksba_cert_ref; ksba_cert_release; ksba_cert_get_authority_info_access; ksba_cert_get_subject_info_access; ksba_cert_get_subj_key_id; + ksba_cert_set_user_data; ksba_cert_get_user_data; ksba_certreq_add_subject; ksba_certreq_build; ksba_certreq_new; ksba_certreq_release; ksba_certreq_set_hash_function; Modified: trunk/src/util.c =================================================================== --- trunk/src/util.c 2005-09-28 21:37:09 UTC (rev 227) +++ trunk/src/util.c 2005-11-11 15:32:08 UTC (rev 228) @@ -37,6 +37,8 @@ +/* Note, that we expect that the free fucntion does not change + ERRNO. */ void ksba_set_malloc_hooks ( void *(*new_alloc_func)(size_t n), void *(*new_realloc_func)(void *p, size_t n), From cvs at cvs.gnupg.org Sat Nov 12 04:48:03 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Sat Nov 12 04:15:35 2005 Subject: [svn] GnuPG - r3931 - trunk/g10 Message-ID: Author: dshaw Date: 2005-11-12 04:48:02 +0100 (Sat, 12 Nov 2005) New Revision: 3931 Modified: trunk/g10/ChangeLog trunk/g10/trustdb.c Log: * trustdb.c (clean_uid_from_key, clean_uids_from_key): Significantly simpler implementation. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-11-10 23:25:20 UTC (rev 3930) +++ trunk/g10/ChangeLog 2005-11-12 03:48:02 UTC (rev 3931) @@ -1,3 +1,8 @@ +2005-11-11 David Shaw + + * trustdb.c (clean_uid_from_key, clean_uids_from_key): + Significantly simpler implementation. + 2005-11-10 David Shaw * keyedit.c (keyedit_menu, menu_clean_sigs_from_uids): Add Modified: trunk/g10/trustdb.c =================================================================== --- trunk/g10/trustdb.c 2005-11-10 23:25:20 UTC (rev 3930) +++ trunk/g10/trustdb.c 2005-11-12 03:48:02 UTC (rev 3931) @@ -1653,91 +1653,74 @@ have to establish if the uid has a valid self-sig, is not revoked, and is not expired. Note that this does not take into account whether the uid has a trust path to it - just whether the keyholder - themselves has certified the uid. Returns how many user IDs were - removed. To "remove" a user ID, we simply remove ALL signatures + themselves has certified the uid. Returns true if the uid was + compacted. To "compact" a user ID, we simply remove ALL signatures except the self-sig that caused the user ID to be remove-worthy. We don't actually remove the user ID packet itself since it might - be ressurected in a later merge. + be ressurected in a later merge. Note that this function requires + that the caller has already done a merge_keys_and_selfsig(). TODO: change the import code to allow importing a uid with only a revocation if the uid already exists on the keyring. */ -int -clean_uids_from_key(KBNODE keyblock,int noisy) + +static int +clean_uid_from_key(KBNODE keyblock,KBNODE uidnode,int noisy) { - int delete_until_next=0,deleting=0,deleted=0; KBNODE node; - u32 keyid[2],sigdate=0; - PKT_user_id *uid=NULL; + PKT_user_id *uid=uidnode->pkt->pkt.user_id; assert(keyblock->pkt->pkttype==PKT_PUBLIC_KEY); + assert(uidnode->pkt->pkttype==PKT_USER_ID); - keyid_from_pk(keyblock->pkt->pkt.public_key,keyid); + /* Skip valid user IDs, and non-self-signed user IDs if + --allow-non-selfsigned-uid is set. */ + if(uid->created || (!uid->is_expired && !uid->is_revoked + && opt.allow_non_selfsigned_uid)) + return 0; - merge_keys_and_selfsig(keyblock); - - for(node=keyblock->next; - node && node->pkt->pkttype!=PKT_PUBLIC_SUBKEY; + for(node=uidnode->next; + node && node->pkt->pkttype==PKT_SIGNATURE; node=node->next) + if(!node->pkt->pkt.signature->flags.chosen_selfsig) + delete_kbnode(node); + + uid->flags.compacted=1; + + if(noisy) { - if(node->pkt->pkttype==PKT_USER_ID) - { - uid=node->pkt->pkt.user_id; - sigdate=0; + const char *reason; + char *user=utf8_to_native(uid->name,uid->len,0); - /* Skip valid user IDs, and non-self-signed user IDs if - --allow-non-selfsigned-uid is set. */ - if(uid->created - || (!uid->is_expired && !uid->is_revoked - && opt.allow_non_selfsigned_uid)) - delete_until_next=0; - else - { - delete_until_next=1; - deleting=1; + if(uid->is_revoked) + reason=_("revoked"); + else if(uid->is_expired) + reason=_("expired"); + else + reason=_("invalid"); - if(noisy) - { - const char *reason; - char *user=utf8_to_native(uid->name,uid->len,0); + log_info("compacting user ID \"%s\" on key %s: %s\n", + user,keystr_from_pk(keyblock->pkt->pkt.public_key), + reason); - if(uid->is_revoked) - reason=_("revoked"); - else if(uid->is_expired) - reason=_("expired"); - else - reason=_("invalid"); + xfree(user); + } - log_info("compacting user ID \"%s\" on key %s: %s\n", - user,keystr(keyblock->pkt->pkt.public_key->keyid), - reason); + return 1; +} - xfree(user); - } - } - } - else if(node->pkt->pkttype==PKT_SIGNATURE && uid) - { - PKT_signature *sig=node->pkt->pkt.signature; +int +clean_uids_from_key(KBNODE keyblock,int noisy) +{ + KBNODE uidnode; + int deleted=0; - /* This isn't actually slow - the key signature validation - is cached from merge_keys_and_selfsig() */ - if(IS_UID_SIG(sig) && sig->timestamp>sigdate - && keyid[0]==sig->keyid[0] && keyid[1]==sig->keyid[1] - && check_key_signature(keyblock,node,NULL)==0) - sigdate=sig->timestamp; + merge_keys_and_selfsig(keyblock); - if(delete_until_next && !sig->flags.chosen_selfsig) - { - uid->flags.compacted=1; - delete_kbnode(node); - if(deleting) - { - deleted++; - deleting=0; - } - } - } - } + for(uidnode=keyblock->next; + uidnode && uidnode->pkt->pkttype!=PKT_PUBLIC_SUBKEY; + uidnode=uidnode->next) + if(uidnode->pkt->pkttype==PKT_USER_ID) + deleted+=clean_uid_from_key(keyblock,uidnode,noisy); return deleted; } From cvs at cvs.gnupg.org Sat Nov 12 05:53:04 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Sat Nov 12 05:20:36 2005 Subject: [svn] GnuPG - r3932 - trunk/g10 Message-ID: Author: dshaw Date: 2005-11-12 05:53:03 +0100 (Sat, 12 Nov 2005) New Revision: 3932 Modified: trunk/g10/ChangeLog trunk/g10/import.c trunk/g10/options.h trunk/g10/parse-packet.c trunk/g10/trustdb.c trunk/g10/trustdb.h Log: * trustdb.h, trustdb.c (clean_key): New function to handle key cleaning from one convenient place. * options.h, import.c (parse_import_options, clean_sigs_from_all_uids, import_one): Reduce clean options to two: clean and minimize. * parse-packet.c (setup_user_id): Remove. (parse_user_id, parse_attribute): Just use xmalloc_clear instead. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-11-12 03:48:02 UTC (rev 3931) +++ trunk/g10/ChangeLog 2005-11-12 04:53:03 UTC (rev 3932) @@ -1,5 +1,15 @@ 2005-11-11 David Shaw + * trustdb.h, trustdb.c (clean_key): New function to handle key + cleaning from one convenient place. + + * options.h, import.c (parse_import_options, + clean_sigs_from_all_uids, import_one): Reduce clean options to + two: clean and minimize. + + * parse-packet.c (setup_user_id): Remove. + (parse_user_id, parse_attribute): Just use xmalloc_clear instead. + * trustdb.c (clean_uid_from_key, clean_uids_from_key): Significantly simpler implementation. Modified: trunk/g10/import.c =================================================================== --- trunk/g10/import.c 2005-11-12 03:48:02 UTC (rev 3931) +++ trunk/g10/import.c 2005-11-12 04:53:03 UTC (rev 3932) @@ -101,15 +101,14 @@ N_("create a public key when importing a secret key")}, {"merge-only",IMPORT_MERGE_ONLY,NULL, N_("only accept updates to existing keys")}, - {"import-clean",IMPORT_CLEAN_SIGS|IMPORT_CLEAN_UIDS,NULL, - N_("all import-clean-* options from above")}, - {"import-clean-sigs",IMPORT_CLEAN_SIGS,NULL, - N_("remove unusable signatures after import")}, - {"import-clean-uids",IMPORT_CLEAN_UIDS,NULL, - N_("remove unusable user IDs after import")}, - {"import-minimal", - IMPORT_MINIMAL|IMPORT_CLEAN_SIGS|IMPORT_CLEAN_UIDS,NULL, + {"import-clean",IMPORT_CLEAN,NULL, + N_("remove unusable user IDs and signatures after import")}, + {"import-clean-sigs",0,NULL,NULL}, + {"import-clean-uids",0,NULL,NULL}, + {"import-minimal",IMPORT_MINIMAL|IMPORT_CLEAN,NULL, N_("remove unusable user IDs and all signatures after import")}, + /* Alias */ + {"import-minimize",IMPORT_MINIMAL|IMPORT_CLEAN,NULL,NULL}, /* Aliases for backward compatibility */ {"allow-local-sigs",IMPORT_LOCAL_SIGS,NULL,NULL}, {"repair-hkp-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG,NULL,NULL}, @@ -669,20 +668,6 @@ } } -static int -clean_sigs_from_all_uids(KBNODE keyblock,int self_only) -{ - KBNODE uidnode; - int deleted=0; - - for(uidnode=keyblock->next;uidnode;uidnode=uidnode->next) - if(uidnode->pkt->pkttype==PKT_USER_ID) - deleted+=clean_sigs_from_uid(keyblock,uidnode,opt.verbose,self_only); - - return deleted; -} - - /**************** * Try to import one keyblock. Return an error only in serious cases, but * never for an invalid keyblock. It uses log_error to increase the @@ -748,12 +733,9 @@ that we have to clean later. This has no practical impact on the end result, but does result in less logging which might confuse the user. */ - if(options&IMPORT_CLEAN_SIGS) - clean_sigs_from_all_uids(keyblock,options&IMPORT_MINIMAL); + if(options&IMPORT_CLEAN) + clean_key(keyblock,opt.verbose,options&IMPORT_MINIMAL,NULL,NULL); - if(options&IMPORT_CLEAN_UIDS) - clean_uids_from_key(keyblock,opt.verbose); - clear_kbnode_flags( keyblock ); if((options&IMPORT_REPAIR_PKS_SUBKEY_BUG) && fix_pks_corruption(keyblock) @@ -901,13 +883,10 @@ goto leave; } - if(options&IMPORT_CLEAN_SIGS) - n_sigs_cleaned=clean_sigs_from_all_uids(keyblock_orig, - options&IMPORT_MINIMAL); + if(options&IMPORT_CLEAN) + clean_key(keyblock_orig,opt.verbose,options&IMPORT_MINIMAL, + &n_uids_cleaned,&n_sigs_cleaned); - if(options&IMPORT_CLEAN_UIDS) - n_uids_cleaned=clean_uids_from_key(keyblock_orig,opt.verbose); - if( n_uids || n_sigs || n_subk || n_sigs_cleaned || n_uids_cleaned) { mod_key = 1; /* keyblock_orig has been updated; write */ Modified: trunk/g10/options.h =================================================================== --- trunk/g10/options.h 2005-11-12 03:48:02 UTC (rev 3931) +++ trunk/g10/options.h 2005-11-12 04:53:03 UTC (rev 3932) @@ -266,8 +266,7 @@ #define IMPORT_SK2PK (1<<3) #define IMPORT_MERGE_ONLY (1<<4) #define IMPORT_MINIMAL (1<<5) -#define IMPORT_CLEAN_SIGS (1<<6) -#define IMPORT_CLEAN_UIDS (1<<7) +#define IMPORT_CLEAN (1<<6) #define EXPORT_LOCAL_SIGS (1<<0) #define EXPORT_ATTRIBUTES (1<<1) Modified: trunk/g10/parse-packet.c =================================================================== --- trunk/g10/parse-packet.c 2005-11-12 03:48:02 UTC (rev 3931) +++ trunk/g10/parse-packet.c 2005-11-12 04:53:03 UTC (rev 3932) @@ -1966,33 +1966,16 @@ return count; } -static void setup_user_id(PACKET *packet) -{ - packet->pkt.user_id->ref = 1; - packet->pkt.user_id->attribs = NULL; - packet->pkt.user_id->attrib_data = NULL; - packet->pkt.user_id->attrib_len = 0; - packet->pkt.user_id->is_primary = 0; - packet->pkt.user_id->is_revoked = 0; - packet->pkt.user_id->is_expired = 0; - packet->pkt.user_id->expiredate = 0; - packet->pkt.user_id->created = 0; - packet->pkt.user_id->help_key_usage = 0; - packet->pkt.user_id->help_key_expire = 0; - packet->pkt.user_id->prefs = NULL; - packet->pkt.user_id->namehash = NULL; -} static int parse_user_id( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet ) { byte *p; - packet->pkt.user_id = xmalloc(sizeof *packet->pkt.user_id + pktlen); + packet->pkt.user_id = xmalloc_clear(sizeof *packet->pkt.user_id + pktlen); packet->pkt.user_id->len = pktlen; + packet->pkt.user_id->ref=1; - setup_user_id(packet); - p = packet->pkt.user_id->name; for( ; pktlen; pktlen--, p++ ) *p = iobuf_get_noeof(inp); @@ -2052,13 +2035,12 @@ byte *p; #define EXTRA_UID_NAME_SPACE 71 - packet->pkt.user_id = xmalloc(sizeof *packet->pkt.user_id - + EXTRA_UID_NAME_SPACE); - - setup_user_id(packet); - + packet->pkt.user_id = xmalloc_clear(sizeof *packet->pkt.user_id + + EXTRA_UID_NAME_SPACE); + packet->pkt.user_id->ref=1; packet->pkt.user_id->attrib_data = xmalloc(pktlen); packet->pkt.user_id->attrib_len = pktlen; + p = packet->pkt.user_id->attrib_data; for( ; pktlen; pktlen--, p++ ) *p = iobuf_get_noeof(inp); Modified: trunk/g10/trustdb.c =================================================================== --- trunk/g10/trustdb.c 2005-11-12 03:48:02 UTC (rev 3931) +++ trunk/g10/trustdb.c 2005-11-12 04:53:03 UTC (rev 3932) @@ -1668,24 +1668,28 @@ { KBNODE node; PKT_user_id *uid=uidnode->pkt->pkt.user_id; + int deleted=0; assert(keyblock->pkt->pkttype==PKT_PUBLIC_KEY); assert(uidnode->pkt->pkttype==PKT_USER_ID); - /* Skip valid user IDs, and non-self-signed user IDs if - --allow-non-selfsigned-uid is set. */ - if(uid->created || (!uid->is_expired && !uid->is_revoked - && opt.allow_non_selfsigned_uid)) + /* Skip valid user IDs, compacted user IDs, and non-self-signed user + IDs if --allow-non-selfsigned-uid is set. */ + if(uid->created || uid->flags.compacted + || (!uid->is_expired && !uid->is_revoked + && opt.allow_non_selfsigned_uid)) return 0; for(node=uidnode->next; node && node->pkt->pkttype==PKT_SIGNATURE; node=node->next) if(!node->pkt->pkt.signature->flags.chosen_selfsig) - delete_kbnode(node); + { + delete_kbnode(node); + deleted=1; + uidnode->pkt->pkt.user_id->flags.compacted=1; + } - uid->flags.compacted=1; - if(noisy) { const char *reason; @@ -1705,7 +1709,7 @@ xfree(user); } - return 1; + return deleted; } int @@ -1725,6 +1729,34 @@ return deleted; } +void +clean_key(KBNODE keyblock,int noisy,int self_only, + int *uids_cleaned,int *sigs_cleaned) +{ + KBNODE uidnode; + int dummy; + + if(!uids_cleaned) + uids_cleaned=&dummy; + + if(!sigs_cleaned) + sigs_cleaned=&dummy; + + merge_keys_and_selfsig(keyblock); + + for(uidnode=keyblock->next; + uidnode && uidnode->pkt->pkttype!=PKT_PUBLIC_SUBKEY; + uidnode=uidnode->next) + if(uidnode->pkt->pkttype==PKT_USER_ID) + { + /* Do clean_uid_from_key first since if it fires off, we don't + have to bother with the other */ + *uids_cleaned+=clean_uid_from_key(keyblock,uidnode,noisy); + if(!uidnode->pkt->pkt.user_id->flags.compacted) + *sigs_cleaned+=clean_sigs_from_uid(keyblock,uidnode,noisy,self_only); + } +} + /* Used by validate_one_keyblock to confirm a regexp within a trust signature. Returns 1 for match, and 0 for no match or regex error. */ Modified: trunk/g10/trustdb.h =================================================================== --- trunk/g10/trustdb.h 2005-11-12 03:48:02 UTC (rev 3931) +++ trunk/g10/trustdb.h 2005-11-12 04:53:03 UTC (rev 3932) @@ -84,6 +84,8 @@ int clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy,int self_only); int clean_uids_from_key(KBNODE keyblock,int noisy); +void clean_key(KBNODE keyblock,int noisy,int self_only, + int *uids_cleaned,int *sigs_cleaned); /*-- tdbdump.c --*/ void list_trustdb(const char *username); From cvs at cvs.gnupg.org Sun Nov 13 20:05:00 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Sun Nov 13 19:32:35 2005 Subject: [svn] GnuPG - r3933 - branches/GNUPG-1-9-BRANCH/doc Message-ID: Author: wk Date: 2005-11-13 20:05:00 +0100 (Sun, 13 Nov 2005) New Revision: 3933 Added: branches/GNUPG-1-9-BRANCH/doc/qualified.txt Modified: branches/GNUPG-1-9-BRANCH/doc/ChangeLog branches/GNUPG-1-9-BRANCH/doc/Makefile.am branches/GNUPG-1-9-BRANCH/doc/scdaemon.texi Log: NEw file qualified.ttx - not yet ready for distribution Modified: branches/GNUPG-1-9-BRANCH/doc/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/doc/ChangeLog 2005-11-12 04:53:03 UTC (rev 3932) +++ branches/GNUPG-1-9-BRANCH/doc/ChangeLog 2005-11-13 19:05:00 UTC (rev 3933) @@ -1,3 +1,8 @@ +2005-11-13 Werner Koch + + * qualified.txt: New. + * Makefile.am (dist_pkgdata_DATA): New. + 2005-08-16 Werner Koch * gpg-agent.texi (Agent Options): Note default file name for Modified: branches/GNUPG-1-9-BRANCH/doc/Makefile.am =================================================================== --- branches/GNUPG-1-9-BRANCH/doc/Makefile.am 2005-11-12 04:53:03 UTC (rev 3932) +++ branches/GNUPG-1-9-BRANCH/doc/Makefile.am 2005-11-13 19:05:00 UTC (rev 3933) @@ -25,8 +25,8 @@ info_TEXINFOS = gnupg.texi +dist_pkgdata_DATA = qualified.txt - gnupg_TEXINFOS = \ gpg.texi gpgsm.texi gpg-agent.texi scdaemon.texi assuan.texi \ tools.texi debugging.texi glossary.texi contrib.texi gpl.texi \ Added: branches/GNUPG-1-9-BRANCH/doc/qualified.txt =================================================================== --- branches/GNUPG-1-9-BRANCH/doc/qualified.txt 2005-11-12 04:53:03 UTC (rev 3932) +++ branches/GNUPG-1-9-BRANCH/doc/qualified.txt 2005-11-13 19:05:00 UTC (rev 3933) @@ -0,0 +1,17 @@ +# This is the list of root certificates used for qualified +# certificates. They are defined as certificates capable of creating +# legally binding signatures in the same way as a handwritten +# signatures are. Comments like this one and empty lines are allowed +# Lines do have a length limit but this is not a serious limitation as +# the format of the entries is fixed and checked by gpgsm: A +# non-comment line starts with optional white spaces, followed by +# exactly 40 hex character, white space and a lowercased 2 letter +# country code. Additional data delimited with by a white space is +# current ignored but might late be used for other pusposes. + +# CN=Wurzel ZS 3,O=Intevation GmbH,C=DE +A6935DD34EF3087973C706FC311AA2CCF733765B de + +# CN=SPECIMEN Belgium Root CA,C=BE +6A5FFD257E85DC6081828DD169AA304E7E37DD3B be + Modified: branches/GNUPG-1-9-BRANCH/doc/scdaemon.texi =================================================================== --- branches/GNUPG-1-9-BRANCH/doc/scdaemon.texi 2005-11-12 04:53:03 UTC (rev 3932) +++ branches/GNUPG-1-9-BRANCH/doc/scdaemon.texi 2005-11-13 19:05:00 UTC (rev 3933) @@ -229,7 +229,11 @@ a list of available readers. The default is then the first reader found. +@item --disable-keypad +@opindex disable-keypad +Even if a card reader features a keypad, do not try to use it. + @item --allow-admin @itemx --deny-admin @opindex allow-admin From cvs at cvs.gnupg.org Sun Nov 13 20:07:08 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Sun Nov 13 19:34:37 2005 Subject: [svn] GnuPG - r3934 - branches/GNUPG-1-9-BRANCH/sm Message-ID: Author: wk Date: 2005-11-13 20:07:06 +0100 (Sun, 13 Nov 2005) New Revision: 3934 Added: branches/GNUPG-1-9-BRANCH/sm/qualified.c Modified: branches/GNUPG-1-9-BRANCH/sm/ChangeLog branches/GNUPG-1-9-BRANCH/sm/Makefile.am branches/GNUPG-1-9-BRANCH/sm/call-agent.c branches/GNUPG-1-9-BRANCH/sm/call-dirmngr.c branches/GNUPG-1-9-BRANCH/sm/certchain.c branches/GNUPG-1-9-BRANCH/sm/certcheck.c branches/GNUPG-1-9-BRANCH/sm/certdump.c branches/GNUPG-1-9-BRANCH/sm/gpgsm.h branches/GNUPG-1-9-BRANCH/sm/keylist.c branches/GNUPG-1-9-BRANCH/sm/sign.c branches/GNUPG-1-9-BRANCH/sm/verify.c Log: Added qualified signature features. Modified: branches/GNUPG-1-9-BRANCH/sm/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/sm/ChangeLog 2005-11-13 19:05:00 UTC (rev 3933) +++ branches/GNUPG-1-9-BRANCH/sm/ChangeLog 2005-11-13 19:07:06 UTC (rev 3934) @@ -1,3 +1,29 @@ +2005-11-13 Werner Koch + + * call-agent.c (gpgsm_agent_get_confirmation): New. + + * keylist.c (list_cert_std): Print qualified status. + * qualified.c: New. + * certchain.c (gpgsm_validate_chain): Check for qualified + certificates. + + * certchain.c (gpgsm_basic_cert_check): Release keydb handle when + no-chain-validation is used. + +2005-11-11 Werner Koch + + * keylist.c (print_capabilities): Print is_qualified status. + +2005-10-28 Werner Koch + + * certdump.c (pretty_print_sexp): New. + (gpgsm_print_name2): Use it here. This allows proper printing of + DNS names as used with server certificates. + +2005-10-10 Werner Koch + + * keylist.c: Add pkaAdress OID as reference. + 2005-10-08 Marcus Brinkmann * Makefile.am (gpgsm_LDADD): Add ../gl/libgnu.a after @@ -3,4 +29,11 @@ ../common/libcommon.a. +2005-09-13 Werner Koch + + * verify.c (gpgsm_verify): Print a note if the unknown algorithm + is MD2. + * sign.c (gpgsm_sign): Ditto. + * certcheck.c (gpgsm_check_cert_sig): Ditto. + 2005-09-08 Werner Koch Modified: branches/GNUPG-1-9-BRANCH/sm/Makefile.am =================================================================== --- branches/GNUPG-1-9-BRANCH/sm/Makefile.am 2005-11-13 19:05:00 UTC (rev 3933) +++ branches/GNUPG-1-9-BRANCH/sm/Makefile.am 2005-11-13 19:07:06 UTC (rev 3934) @@ -49,7 +49,8 @@ import.c \ export.c \ delete.c \ - certreqgen.c + certreqgen.c \ + qualified.c gpgsm_LDADD = ../jnlib/libjnlib.a ../kbx/libkeybox.a \ Modified: branches/GNUPG-1-9-BRANCH/sm/call-agent.c =================================================================== --- branches/GNUPG-1-9-BRANCH/sm/call-agent.c 2005-11-13 19:05:00 UTC (rev 3933) +++ branches/GNUPG-1-9-BRANCH/sm/call-agent.c 2005-11-13 19:07:06 UTC (rev 3934) @@ -693,3 +693,24 @@ return map_assuan_err (rc); } + + +/* Ask the agent to pop up a confirmation dialog with the text DESC + and an okay and cancel button. */ +gpg_error_t +gpgsm_agent_get_confirmation (ctrl_t ctrl, const char *desc) +{ + int rc; + char *fpr; + char line[ASSUAN_LINELENGTH]; + + rc = start_agent (ctrl); + if (rc) + return rc; + + snprintf (line, DIM(line)-1, "GET_CONFIRMATION %s", desc); + line[DIM(line)-1] = 0; + + rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL); + return map_assuan_err (rc); +} Modified: branches/GNUPG-1-9-BRANCH/sm/call-dirmngr.c =================================================================== --- branches/GNUPG-1-9-BRANCH/sm/call-dirmngr.c 2005-11-13 19:05:00 UTC (rev 3933) +++ branches/GNUPG-1-9-BRANCH/sm/call-dirmngr.c 2005-11-13 19:07:06 UTC (rev 3934) @@ -276,7 +276,7 @@ { size_t n; - /* Send a certificate where a sourceKeyidentifier is included. */ + /* Send a certificate where a sourceKeyIdentifier is included. */ line += 12; while (*line == ' ') line++; Modified: branches/GNUPG-1-9-BRANCH/sm/certchain.c =================================================================== --- branches/GNUPG-1-9-BRANCH/sm/certchain.c 2005-11-13 19:05:00 UTC (rev 3933) +++ branches/GNUPG-1-9-BRANCH/sm/certchain.c 2005-11-13 19:07:06 UTC (rev 3934) @@ -643,6 +643,9 @@ int any_no_crl = 0; int any_crl_too_old = 0; int any_no_policy_match = 0; + int is_qualified = -1; /* Indicates whether the certificate stems + from a qualified root certificate. + -1 = unknown, 0 = no, 1 = yes. */ int lm = listmode; gnupg_get_isotime (current_time); @@ -771,6 +774,53 @@ if (rc) goto leave; + + /* Set the flag for qualified signatures. This flag is + deduced from a list of root certificates allowed for + qualified signatures. */ + if (is_qualified == -1) + { + gpg_error_t err; + size_t buflen; + char buf[1]; + + if (!ksba_cert_get_user_data (cert, "is_qualified", + &buf, sizeof (buf), + &buflen) && buflen) + { + /* We already checked this for this certificate, + thus we simply take it from the user data. */ + is_qualified = !!*buf; + } + else + { + /* Need to consult the list of root certificates for + qualified signatures. */ + err = gpgsm_is_in_qualified_list (ctrl, subject_cert); + if (!err) + is_qualified = 1; + else if ( gpg_err_code (err) == GPG_ERR_NOT_FOUND) + is_qualified = 0; + else + log_error ("checking the list of qualified " + "root certificates failed: %s\n", + gpg_strerror (err)); + if ( is_qualified != -1 ) + { + /* Cache the result but don't care toomuch about + an error. */ + buf[0] = !!is_qualified; + err = ksba_cert_set_user_data (subject_cert, + "is_qualified", buf, 1); + if (err) + log_error ("set_user_data(is_qualified) failed: %s\n", + gpg_strerror (err)); + } + } + } + + + /* Check whether we really trust this root certificate. */ rc = gpgsm_agent_istrusted (ctrl, subject_cert); if (!rc) ; @@ -968,7 +1018,7 @@ keydb_search_reset (kh); subject_cert = issuer_cert; issuer_cert = NULL; - } + } /* End chain traversal. */ if (!listmode) { @@ -996,6 +1046,27 @@ } leave: + if (is_qualified != -1) + { + /* We figured something about the qualified signature capability + of the certificate under question. Store the result as user + data in the certificate object. We do this even if the + validation itself failed. */ + /* Fixme: We should set this flag for all certificates in the + chain for optimizing reasons. */ + char buf[1]; + gpg_error_t err; + + buf[0] = !!is_qualified; + err = ksba_cert_set_user_data (cert, "is_qualified", buf, 1); + if (err) + { + log_error ("set_user_data(is_qualified) failed: %s\n", + gpg_strerror (err)); + if (!rc) + rc = err; + } + } if (r_exptime) gnupg_copy_time (r_exptime, exptime); xfree (issuer); @@ -1017,7 +1088,7 @@ int rc = 0; char *issuer = NULL; char *subject = NULL; - KEYDB_HANDLE kh = keydb_new (0); + KEYDB_HANDLE kh; ksba_cert_t issuer_cert = NULL; if (opt.no_chain_validation) @@ -1026,6 +1097,7 @@ return 0; } + kh = keydb_new (0); if (!kh) { log_error (_("failed to allocated keyDB handle\n")); Modified: branches/GNUPG-1-9-BRANCH/sm/certcheck.c =================================================================== --- branches/GNUPG-1-9-BRANCH/sm/certcheck.c 2005-11-13 19:05:00 UTC (rev 3933) +++ branches/GNUPG-1-9-BRANCH/sm/certcheck.c 2005-11-13 19:07:06 UTC (rev 3934) @@ -168,6 +168,10 @@ if (!algo) { log_error ("unknown hash algorithm `%s'\n", algoid? algoid:"?"); + if (algoid + && ( !strcmp (algoid, "1.2.840.113549.1.1.2") + ||!strcmp (algoid, "1.2.840.113549.2.2"))) + log_info (_("(this is the MD2 algorithm)\n")); return gpg_error (GPG_ERR_GENERAL); } rc = gcry_md_open (&md, algo, 0); Modified: branches/GNUPG-1-9-BRANCH/sm/certdump.c =================================================================== --- branches/GNUPG-1-9-BRANCH/sm/certdump.c 2005-11-13 19:05:00 UTC (rev 3933) +++ branches/GNUPG-1-9-BRANCH/sm/certdump.c 2005-11-13 19:07:06 UTC (rev 3934) @@ -484,7 +484,52 @@ } +/* Print the S-Expression in BUF, which has a valid length of BUFLEN, + as a human readable string in one line to FP. */ +static void +pretty_print_sexp (FILE *fp, const unsigned char *buf, size_t buflen) +{ + size_t len; + gcry_sexp_t sexp; + char *result, *p; + if ( gcry_sexp_sscan (&sexp, NULL, (const char*)buf, buflen) ) + { + fputs (_("[Error - invalid encoding]"), fp); + return; + } + len = gcry_sexp_sprint (sexp, GCRYSEXP_FMT_ADVANCED, NULL, 0); + assert (len); + result = xtrymalloc (len); + if (!result) + { + fputs (_("[Error - out of core]"), fp); + gcry_sexp_release (sexp); + return; + } + len = gcry_sexp_sprint (sexp, GCRYSEXP_FMT_ADVANCED, result, len); + assert (len); + for (p = result; len; len--, p++) + { + if (*p == '\n') + { + if (len > 1) /* Avoid printing the trailing LF. */ + fputs ("\\n", fp); + } + else if (*p == '\r') + fputs ("\\r", fp); + else if (*p == '\v') + fputs ("\\v", fp); + else if (*p == '\t') + fputs ("\\t", fp); + else + putc (*p, fp); + } + xfree (result); + gcry_sexp_release (sexp); +} + + void gpgsm_print_name2 (FILE *fp, const char *name, int translate) { @@ -507,7 +552,9 @@ } } else if (*s == '(') - fputs (_("[Error - unknown encoding]"), fp); + { + pretty_print_sexp (fp, s, gcry_sexp_canon_len (s, 0, NULL, NULL)); + } else if (!((*s >= '0' && *s < '9') || (*s >= 'A' && *s <= 'Z') || (*s >= 'a' && *s <= 'z'))) @@ -576,7 +623,7 @@ /* Format NAME which is expected to be in rfc2253 format into a better human readable format. Caller must free the returned string. NULL is returned in case of an error. With TRANSLATE set to true the - name will be translated to the native encodig. Note that NAME is + name will be translated to the native encoding. Note that NAME is internally always UTF-8 encoded. */ char * gpgsm_format_name2 (const char *name, int translate) @@ -658,7 +705,7 @@ #ifdef ENABLE_NLS - /* The Assuan agent protol requires us to transmit utf-8 strings */ + /* The Assuan agent protocol requires us to transmit utf-8 strings */ orig_codeset = bind_textdomain_codeset (PACKAGE_GT, NULL); #ifdef HAVE_LANGINFO_CODESET if (!orig_codeset) Modified: branches/GNUPG-1-9-BRANCH/sm/gpgsm.h =================================================================== --- branches/GNUPG-1-9-BRANCH/sm/gpgsm.h 2005-11-13 19:05:00 UTC (rev 3933) +++ branches/GNUPG-1-9-BRANCH/sm/gpgsm.h 2005-11-13 19:07:06 UTC (rev 3934) @@ -288,6 +288,10 @@ /*-- certreqgen.c --*/ int gpgsm_genkey (ctrl_t ctrl, int in_fd, FILE *out_fp); +/*-- qualified.c --*/ +gpg_error_t gpgsm_is_in_qualified_list (ctrl_t ctrl, ksba_cert_t cert); +gpg_error_t gpgsm_qualified_consent (ctrl_t ctrl, ksba_cert_t cert); + /*-- call-agent.c --*/ int gpgsm_agent_pksign (ctrl_t ctrl, const char *keygrip, const char *desc, unsigned char *digest, @@ -306,6 +310,7 @@ int gpgsm_agent_marktrusted (ctrl_t ctrl, ksba_cert_t cert); int gpgsm_agent_learn (ctrl_t ctrl); int gpgsm_agent_passwd (ctrl_t ctrl, const char *hexkeygrip, const char *desc); +gpg_error_t gpgsm_agent_get_confirmation (ctrl_t ctrl, const char *desc); /*-- call-dirmngr.c --*/ int gpgsm_dirmngr_isvalid (ctrl_t ctrl, Modified: branches/GNUPG-1-9-BRANCH/sm/keylist.c =================================================================== --- branches/GNUPG-1-9-BRANCH/sm/keylist.c 2005-11-13 19:05:00 UTC (rev 3933) +++ branches/GNUPG-1-9-BRANCH/sm/keylist.c 2005-11-13 19:07:06 UTC (rev 3934) @@ -66,6 +66,9 @@ { "1.3.6.1.5.5.7.3.11", "sbgpCertAAServerAuth" }, { "1.3.6.1.5.5.7.3.13", "eapOverPPP" }, { "1.3.6.1.5.5.7.3.14", "wlanSSID" }, + + { "2.16.840.1.113730.4.1", "serverGatedCrypto.ns" }, /* Netscape. */ + { "1.3.6.1.4.1.311.10.3.3", "serverGatedCrypto.ms"}, /* Microsoft. */ { NULL, NULL } }; @@ -160,6 +163,9 @@ { "2.16.840.1.113730.1.12", "netscape-ssl-server-name" }, { "2.16.840.1.113730.1.13", "netscape-comment" }, + /* GnuPG extensions */ + { "1.3.6.1.4.1.11591.2.1.1", "pkaAddress" }, + { NULL } }; @@ -207,7 +213,22 @@ { gpg_error_t err; unsigned int use; + size_t buflen; + char buffer[1]; + err = ksba_cert_get_user_data (cert, "is_qualified", + &buffer, sizeof (buffer), &buflen); + if (!err && buflen) + { + if (*buffer) + putc ('q', fp); + } + else if (gpg_err_code (err) == GPG_ERR_NOT_FOUND) + ; /* Don't know - will not get marked as 'q' */ + else + log_debug ("get_user_data(is_qualified) failed: %s\n", + gpg_strerror (err)); + err = ksba_cert_get_key_usage (cert, &use); if (gpg_err_code (err) == GPG_ERR_NO_DATA) { @@ -1032,9 +1053,28 @@ fprintf (fp, " fingerprint: %s\n", dn?dn:"error"); xfree (dn); + + if (with_validation) { + gpg_error_t tmperr; + size_t buflen; + char buffer[1]; + err = gpgsm_validate_chain (ctrl, cert, NULL, 1, fp, 0); + tmperr = ksba_cert_get_user_data (cert, "is_qualified", + &buffer, sizeof (buffer), &buflen); + if (!tmperr && buflen) + { + if (*buffer) + fputs (" [qualified]\n", fp); + } + else if (gpg_err_code (tmperr) == GPG_ERR_NOT_FOUND) + ; /* Don't know - will not get marked as 'q' */ + else + log_debug ("get_user_data(is_qualified) failed: %s\n", + gpg_strerror (tmperr)); + if (!err) fprintf (fp, " [certificate is good]\n"); else Added: branches/GNUPG-1-9-BRANCH/sm/qualified.c =================================================================== --- branches/GNUPG-1-9-BRANCH/sm/qualified.c 2005-11-13 19:05:00 UTC (rev 3933) +++ branches/GNUPG-1-9-BRANCH/sm/qualified.c 2005-11-13 19:07:06 UTC (rev 3934) @@ -0,0 +1,264 @@ +/* qualified.c - Routines related to qualified signatures + * Copyright (C) 2005 Free Software Foundation, Inc. + * + * This file is part of GnuPG. + * + * GnuPG is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * GnuPG is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +#include +#include +#include +#include +#include +#include +#include +#ifdef HAVE_LOCALE_H +#include +#endif +#ifdef HAVE_LANGINFO_CODESET +#include +#endif + +#include "gpgsm.h" +#include "i18n.h" +#include + + +/* We open the file only once and keep the open file pointer as well + as the name of the file here. Note that, a listname not equal to + NULL indicates that this module has been intialized and if the + LISTFP is also NULL, no list of qualified signatures exists. */ +static char *listname; +static FILE *listfp; + + +/* Read the trustlist and return entry by entry. KEY must point to a + buffer of at least 41 characters. COUNTRY shall be a buffer of at + least 3 characters to receive the country code of that qualified + signature (i.e. "de" for German and "be" for Belgium). + + Reading a valid entry returns 0, EOF is indicated by GPG_ERR_EOF + and any other error condition is indicated by the appropriate error + code. */ +static gpg_error_t +read_list (char *key, char *country, int *lnr) +{ + gpg_error_t err; + int c, i, j; + char *p, line[256]; + + *key = 0; + *country = 0; + + if (!listname) + { + listname = make_filename (GNUPG_DATADIR, "qualified.txt", NULL); + listfp = fopen (listname, "r"); + if (!listfp && errno != ENOENT) + { + err = gpg_error_from_errno (errno); + log_error (_("can't open `%s': %s\n"), listname, gpg_strerror (err)); + return err; + } + } + + if (!listfp) + return gpg_error (GPG_ERR_EOF); + + do + { + if (!fgets (line, DIM(line)-1, listfp) ) + { + if (feof (listfp)) + return gpg_error (GPG_ERR_EOF); + return gpg_error_from_errno (errno); + } + + if (!*line || line[strlen(line)-1] != '\n') + { + /* Eat until end of line. */ + while ( (c=getc (listfp)) != EOF && c != '\n') + ; + return gpg_error (*line? GPG_ERR_LINE_TOO_LONG + : GPG_ERR_INCOMPLETE_LINE); + } + ++*lnr; + + /* Allow for empty lines and spaces */ + for (p=line; spacep (p); p++) + ; + } + while (!*p || *p == '\n' || *p == '#'); + + for (i=j=0; (p[i] == ':' || hexdigitp (p+i)) && j < 40; i++) + if ( p[i] != ':' ) + key[j++] = p[i] >= 'a'? (p[i] & 0xdf): p[i]; + key[j] = 0; + if (j != 40 || !(spacep (p+i) || p[i] == '\n')) + { + log_error (_("invalid formatted fingerprint in `%s', line %d\n"), + listname, *lnr); + return gpg_error (GPG_ERR_BAD_DATA); + } + assert (p[i]); + i++; + while (spacep (p+i)) + i++; + if ( p[i] >= 'a' && p[i] <= 'z' + && p[i+1] >= 'a' && p[i+1] <= 'z' + && (spacep (p+i+2) || p[i+2] == '\n')) + { + country[0] = p[i]; + country[1] = p[i+1]; + country[2] = 0; + } + else + { + log_error (_("invalid country code in `%s', line %d\n"), listname, *lnr); + return gpg_error (GPG_ERR_BAD_DATA); + } + + return 0; +} + + + + +/* Check whether the certificate CERT is included in the list of + qualified certificates. This list is similar to the "trustlist.txt" + as maintained by gpg-agent and includes fingerprints of root + certificates to be used for qualified (legally binding like + handwritten) signatures. We keep this list system wide and not + per user because it is not a decision of the user. + + Returns: 0 if the certificate is included. GPG_ERR_NOT_FOUND if it + is not in the liost or any other error (e.g. if no list of + qualified signatures is available. */ +gpg_error_t +gpgsm_is_in_qualified_list (ctrl_t ctrl, ksba_cert_t cert) +{ + gpg_error_t err; + char *fpr; + char key[41]; + char country[2]; + int lnr = 0; + + fpr = gpgsm_get_fingerprint_hexstring (cert, GCRY_MD_SHA1); + if (!fpr) + return gpg_error (GPG_ERR_GENERAL); + + if (listfp) + rewind (listfp); + while (!(err = read_list (key, country, &lnr))) + { + if (!strcmp (key, fpr)) + break; + } + if (gpg_err_code (err) == GPG_ERR_EOF) + err = gpg_error (GPG_ERR_NOT_FOUND); + + xfree (fpr); + return err; +} + + +/* We know that CERT is a qualified certificate. Ask the user for + consent to actually create a signature using this certificate. + Returns: 0 for yes, GPG_ERR_CANCEL for no or any otehr error + code. */ +gpg_error_t +gpgsm_qualified_consent (ctrl_t ctrl, ksba_cert_t cert) +{ + gpg_error_t err; + char *name, *subject, *buffer, *p; + const char *s; + char *orig_codeset = NULL; + + name = ksba_cert_get_subject (cert, 0); + if (!name) + return gpg_error (GPG_ERR_GENERAL); + subject = gpgsm_format_name2 (name, 0); + ksba_free (name); name = NULL; + +#ifdef ENABLE_NLS + /* The Assuan agent protocol requires us to transmit utf-8 strings */ + orig_codeset = bind_textdomain_codeset (PACKAGE_GT, NULL); +#ifdef HAVE_LANGINFO_CODESET + if (!orig_codeset) + orig_codeset = nl_langinfo (CODESET); +#endif + if (orig_codeset) + { /* We only switch when we are able to restore the codeset later. + Note that bind_textdomain_codeset does only return on memory + errors but not if a codeset is not available. Thus we don't + bother printing a diagnostic here. */ + orig_codeset = xstrdup (orig_codeset); + if (!bind_textdomain_codeset (PACKAGE_GT, "utf-8")) + orig_codeset = NULL; + } +#endif + + if (asprintf (&name, + _("You are about to create a signature using your " + "certificate:\n" + "\"%s\"\n" + "This will create a qualified signature by law " + "equated to a handwritten signature.\n\n" + "Are you really sure that you want to do this?"), + subject? subject:"?" + ) < 0 ) + err = gpg_error_from_errno (errno); + else + err = 0; + +#ifdef ENABLE_NLS + if (orig_codeset) + bind_textdomain_codeset (PACKAGE_GT, orig_codeset); +#endif + xfree (orig_codeset); + xfree (subject); + + if (err) + return err; + + buffer = p = xtrymalloc (strlen (name) * 3 + 1); + if (!buffer) + { + err = gpg_error_from_errno (errno); + free (name); + return err; + } + for (s=name; *s; s++) + { + if (*s < ' ' || *s == '+') + { + sprintf (p, "%%%02X", *(unsigned char *)s); + p += 3; + } + else if (*s == ' ') + *p++ = '+'; + else + *p++ = *s; + } + *p = 0; + free (name); + + + err = gpgsm_agent_get_confirmation (ctrl, buffer); + + xfree (buffer); + return err; +} Modified: branches/GNUPG-1-9-BRANCH/sm/sign.c =================================================================== --- branches/GNUPG-1-9-BRANCH/sm/sign.c 2005-11-13 19:05:00 UTC (rev 3933) +++ branches/GNUPG-1-9-BRANCH/sm/sign.c 2005-11-13 19:07:06 UTC (rev 3934) @@ -426,6 +426,35 @@ goto leave; } } + + + /* Check whether one of the certificates is qualified. Note that we + already validated the certificate and thus the user data stored + flag must be available. */ + for (cl=signerlist; cl; cl = cl->next) + { + size_t buflen; + char buffer[1]; + + err = ksba_cert_get_user_data (cl->cert, "is_qualified", + &buffer, sizeof (buffer), &buflen); + if (err || !buflen) + { + log_error (_("checking for qualified certificate failed: %s\n"), + gpg_strerror (err)); + rc = err; + goto leave; + } + if (*buffer) + { + err = gpgsm_qualified_consent (ctrl, cl->cert); + if (err) + { + rc = err; + goto leave; + } + } + } /* Prepare hashing (actually we are figuring out what we have set above)*/ rc = gcry_md_open (&data_md, 0, 0); @@ -443,6 +472,10 @@ if (!algo) { log_error ("unknown hash algorithm `%s'\n", algoid? algoid:"?"); + if (algoid + && ( !strcmp (algoid, "1.2.840.113549.1.1.2") + ||!strcmp (algoid, "1.2.840.113549.2.2"))) + log_info (_("(this is the MD2 algorithm)\n")); rc = gpg_error (GPG_ERR_BUG); goto leave; } Modified: branches/GNUPG-1-9-BRANCH/sm/verify.c =================================================================== --- branches/GNUPG-1-9-BRANCH/sm/verify.c 2005-11-13 19:05:00 UTC (rev 3933) +++ branches/GNUPG-1-9-BRANCH/sm/verify.c 2005-11-13 19:07:06 UTC (rev 3934) @@ -179,8 +179,14 @@ { algo = gcry_md_map_name (algoid); if (!algo) - log_error ("unknown hash algorithm `%s'\n", - algoid? algoid:"?"); + { + log_error ("unknown hash algorithm `%s'\n", + algoid? algoid:"?"); + if (algoid + && ( !strcmp (algoid, "1.2.840.113549.1.1.2") + ||!strcmp (algoid, "1.2.840.113549.2.2"))) + log_info (_("(this is the MD2 algorithm)\n")); + } else gcry_md_enable (data_md, algo); } From cvs at cvs.gnupg.org Sun Nov 13 20:07:51 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Sun Nov 13 19:47:40 2005 Subject: [svn] ksba - r229 - trunk/src Message-ID: Author: wk Date: 2005-11-13 20:07:51 +0100 (Sun, 13 Nov 2005) New Revision: 229 Modified: trunk/src/ChangeLog trunk/src/cert.c trunk/src/ksba.h Log: Fixes to the last changes. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2005-11-11 15:32:08 UTC (rev 228) +++ trunk/src/ChangeLog 2005-11-13 19:07:51 UTC (rev 229) @@ -1,3 +1,9 @@ +2005-11-13 Werner Koch + + * cert.c (ksba_cert_set_user_data): Fixed. + * ksba.h (ksba_cert_set_user_data, ksba_cert_get_user_data): Add + prototypes. + 2005-11-11 Werner Koch * cert.h (struct cert_user_data): New. Modified: trunk/src/cert.c =================================================================== --- trunk/src/cert.c 2005-11-11 15:32:08 UTC (rev 228) +++ trunk/src/cert.c 2005-11-13 19:07:51 UTC (rev 229) @@ -1,4 +1,4 @@ -g/* cert.c - main function for the certificate handling +/* cert.c - main function for the certificate handling * Copyright (C) 2001, 2002, 2003, 2004, 2005 g10 Code GmbH * * This file is part of KSBA. @@ -169,7 +169,7 @@ else if (data) /* Insert as a new item. */ { ud = xtrycalloc (1, sizeof *ud + strlen (key)); - if (!ud->data) + if (!ud) return gpg_error_from_errno (errno); strcpy (ud->key, key); if (datalen <= sizeof ud->databuf) @@ -189,6 +189,8 @@ memcpy (ud->data, data, datalen); ud->datalen = datalen; } + ud->next = cert->udata; + cert->udata = ud; } return 0; Modified: trunk/src/ksba.h =================================================================== --- trunk/src/ksba.h 2005-11-11 15:32:08 UTC (rev 228) +++ trunk/src/ksba.h 2005-11-13 19:07:51 UTC (rev 229) @@ -48,49 +48,55 @@ typedef gpg_error_t KsbaError _KSBA_DEPRECATED; -typedef enum { - KSBA_CT_NONE = 0, - KSBA_CT_DATA = 1, - KSBA_CT_SIGNED_DATA = 2, - KSBA_CT_ENVELOPED_DATA = 3, - KSBA_CT_DIGESTED_DATA = 4, - KSBA_CT_ENCRYPTED_DATA = 5, - KSBA_CT_AUTH_DATA = 6, - KSBA_CT_PKCS12 = 7 -} ksba_content_type_t; +typedef enum + { + KSBA_CT_NONE = 0, + KSBA_CT_DATA = 1, + KSBA_CT_SIGNED_DATA = 2, + KSBA_CT_ENVELOPED_DATA = 3, + KSBA_CT_DIGESTED_DATA = 4, + KSBA_CT_ENCRYPTED_DATA = 5, + KSBA_CT_AUTH_DATA = 6, + KSBA_CT_PKCS12 = 7 + } +ksba_content_type_t; typedef ksba_content_type_t KsbaContentType _KSBA_DEPRECATED; -typedef enum { - KSBA_SR_NONE = 0, /* Never seen by libksba user. */ - KSBA_SR_RUNNING = 1, /* Never seen by libksba user. */ - KSBA_SR_GOT_CONTENT = 2, - KSBA_SR_NEED_HASH = 3, - KSBA_SR_BEGIN_DATA = 4, - KSBA_SR_END_DATA = 5, - KSBA_SR_READY = 6, - KSBA_SR_NEED_SIG = 7, - KSBA_SR_DETACHED_DATA = 8, - KSBA_SR_BEGIN_ITEMS = 9, - KSBA_SR_GOT_ITEM = 10, - KSBA_SR_END_ITEMS = 11, -} ksba_stop_reason_t; +typedef enum + { + KSBA_SR_NONE = 0, /* Never seen by libksba user. */ + KSBA_SR_RUNNING = 1, /* Never seen by libksba user. */ + KSBA_SR_GOT_CONTENT = 2, + KSBA_SR_NEED_HASH = 3, + KSBA_SR_BEGIN_DATA = 4, + KSBA_SR_END_DATA = 5, + KSBA_SR_READY = 6, + KSBA_SR_NEED_SIG = 7, + KSBA_SR_DETACHED_DATA = 8, + KSBA_SR_BEGIN_ITEMS = 9, + KSBA_SR_GOT_ITEM = 10, + KSBA_SR_END_ITEMS = 11, + } +ksba_stop_reason_t; typedef ksba_stop_reason_t KsbaStopReason _KSBA_DEPRECATED; -typedef enum { - KSBA_CRLREASON_UNSPECIFIED = 1, - KSBA_CRLREASON_KEY_COMPROMISE = 2, - KSBA_CRLREASON_CA_COMPROMISE = 4, - KSBA_CRLREASON_AFFILIATION_CHANGED = 8, - KSBA_CRLREASON_SUPERSEDED = 16, - KSBA_CRLREASON_CESSATION_OF_OPERATION = 32, - KSBA_CRLREASON_CERTIFICATE_HOLD = 64, - KSBA_CRLREASON_REMOVE_FROM_CRL = 256, - KSBA_CRLREASON_PRIVILEGE_WITHDRAWN = 512, - KSBA_CRLREASON_AA_COMPROMISE = 1024, - KSBA_CRLREASON_OTHER = 32768 -} ksba_crl_reason_t; +typedef enum + { + KSBA_CRLREASON_UNSPECIFIED = 1, + KSBA_CRLREASON_KEY_COMPROMISE = 2, + KSBA_CRLREASON_CA_COMPROMISE = 4, + KSBA_CRLREASON_AFFILIATION_CHANGED = 8, + KSBA_CRLREASON_SUPERSEDED = 16, + KSBA_CRLREASON_CESSATION_OF_OPERATION = 32, + KSBA_CRLREASON_CERTIFICATE_HOLD = 64, + KSBA_CRLREASON_REMOVE_FROM_CRL = 256, + KSBA_CRLREASON_PRIVILEGE_WITHDRAWN = 512, + KSBA_CRLREASON_AA_COMPROMISE = 1024, + KSBA_CRLREASON_OTHER = 32768 + } +ksba_crl_reason_t; typedef ksba_crl_reason_t KsbaCRLReason _KSBA_DEPRECATED; typedef enum @@ -117,17 +123,19 @@ ksba_status_t; -typedef enum { - KSBA_KEYUSAGE_DIGITAL_SIGNATURE = 1, - KSBA_KEYUSAGE_NON_REPUDIATION = 2, - KSBA_KEYUSAGE_KEY_ENCIPHERMENT = 4, - KSBA_KEYUSAGE_DATA_ENCIPHERMENT = 8, - KSBA_KEYUSAGE_KEY_AGREEMENT = 16, - KSBA_KEYUSAGE_KEY_CERT_SIGN = 32, - KSBA_KEYUSAGE_CRL_SIGN = 64, - KSBA_KEYUSAGE_ENCIPHER_ONLY = 128, - KSBA_KEYUSAGE_DECIPHER_ONLY = 256 -} ksba_key_usage_t; +typedef enum + { + KSBA_KEYUSAGE_DIGITAL_SIGNATURE = 1, + KSBA_KEYUSAGE_NON_REPUDIATION = 2, + KSBA_KEYUSAGE_KEY_ENCIPHERMENT = 4, + KSBA_KEYUSAGE_DATA_ENCIPHERMENT = 8, + KSBA_KEYUSAGE_KEY_AGREEMENT = 16, + KSBA_KEYUSAGE_KEY_CERT_SIGN = 32, + KSBA_KEYUSAGE_CRL_SIGN = 64, + KSBA_KEYUSAGE_ENCIPHER_ONLY = 128, + KSBA_KEYUSAGE_DECIPHER_ONLY = 256 + } +ksba_key_usage_t; typedef ksba_key_usage_t KsbaKeyUsage _KSBA_DEPRECATED; /* ISO format, e.g. "19610711T172059", assumed to be UTC. */ @@ -200,8 +208,14 @@ /*-- cert.c --*/ gpg_error_t ksba_cert_new (ksba_cert_t *acert); -void ksba_cert_ref (ksba_cert_t cert); +void ksba_cert_ref (ksba_cert_t cert); void ksba_cert_release (ksba_cert_t cert); +gpg_error_t ksba_cert_set_user_data (ksba_cert_t cert, const char *key, + const void *data, size_t datalen); +gpg_error_t ksba_cert_get_user_data (ksba_cert_t cert, const char *key, + void *buffer, size_t bufferlen, + size_t *datalen); + gpg_error_t ksba_cert_read_der (ksba_cert_t cert, ksba_reader_t reader); gpg_error_t ksba_cert_init_from_mem (ksba_cert_t cert, const void *buffer, size_t length); From cvs at cvs.gnupg.org Sun Nov 13 22:48:53 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Sun Nov 13 22:42:20 2005 Subject: [svn] GnuPG - r3935 - trunk/g10 Message-ID: Author: dshaw Date: 2005-11-13 22:48:52 +0100 (Sun, 13 Nov 2005) New Revision: 3935 Modified: trunk/g10/ChangeLog trunk/g10/armor.c Log: * armor.c (parse_header_line): A fussy bit of 2440: header lines are delimited with a colon-space pair. Therefore a line such as "Comment: " is actually legal, albeit not particularly useful. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-11-13 19:07:06 UTC (rev 3934) +++ trunk/g10/ChangeLog 2005-11-13 21:48:52 UTC (rev 3935) @@ -1,3 +1,9 @@ +2005-11-13 David Shaw + + * armor.c (parse_header_line): A fussy bit of 2440: header lines + are delimited with a colon-space pair. Therefore a line such as + "Comment: " is actually legal, albeit not particularly useful. + 2005-11-11 David Shaw * trustdb.h, trustdb.c (clean_key): New function to handle key Modified: trunk/g10/armor.c =================================================================== --- trunk/g10/armor.c 2005-11-13 19:07:06 UTC (rev 3934) +++ trunk/g10/armor.c 2005-11-13 21:48:52 UTC (rev 3935) @@ -339,17 +339,31 @@ afx->buffer_pos = len2; /* (it is not the fine way to do it here) */ return 0; /* WS only: same as empty line */ } - len = len2; - line[len2] = 0; + /* + This is fussy. The spec says that a header line is delimited + with a colon-space pair. This means that a line such as + "Comment: " (with nothing else) is actually legal as an empty + string comment. However, email and cut-and-paste being what it + is, that trailing space may go away. Therefore, we accept empty + headers delimited with only a colon. --rfc2440, as always, + makes this strict and enforces the colon-space pair. -dms + */ + p = strchr( line, ':'); - if( !p || !p[1] ) { + if( !p || (RFC2440 && p[1]!=' ') + || (!RFC2440 && p[1]!=' ' && p[1]!='\n' && p[1]!='\r')) + { log_error(_("invalid armor header: ")); print_string( stderr, line, len, 0 ); putc('\n', stderr); return -1; - } + } + /* Chop off the whitespace we detected before */ + len=len2; + line[len2]='\0'; + if( opt.verbose ) { log_info(_("armor header: ")); print_string( stderr, line, len, 0 ); From cvs at cvs.gnupg.org Mon Nov 14 13:50:59 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon Nov 14 13:18:16 2005 Subject: [svn] GnuPG - r3936 - branches/GNUPG-1-9-BRANCH/doc Message-ID: Author: wk Date: 2005-11-14 13:50:59 +0100 (Mon, 14 Nov 2005) New Revision: 3936 Modified: branches/GNUPG-1-9-BRANCH/doc/ChangeLog branches/GNUPG-1-9-BRANCH/doc/qualified.txt Log: Added real information Modified: branches/GNUPG-1-9-BRANCH/doc/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/doc/ChangeLog 2005-11-13 21:48:52 UTC (rev 3935) +++ branches/GNUPG-1-9-BRANCH/doc/ChangeLog 2005-11-14 12:50:59 UTC (rev 3936) @@ -1,3 +1,7 @@ +2005-11-14 Werner Koch + + * qualified.txt: Added real information. + 2005-11-13 Werner Koch * qualified.txt: New. Modified: branches/GNUPG-1-9-BRANCH/doc/qualified.txt =================================================================== --- branches/GNUPG-1-9-BRANCH/doc/qualified.txt 2005-11-13 21:48:52 UTC (rev 3935) +++ branches/GNUPG-1-9-BRANCH/doc/qualified.txt 2005-11-14 12:50:59 UTC (rev 3936) @@ -8,10 +8,75 @@ # exactly 40 hex character, white space and a lowercased 2 letter # country code. Additional data delimited with by a white space is # current ignored but might late be used for other pusposes. +# +# $Id$ -# CN=Wurzel ZS 3,O=Intevation GmbH,C=DE -A6935DD34EF3087973C706FC311AA2CCF733765B de +#Serial number: 32D18D +# Issuer: /CN=6R-Ca 1:PN/NameDistinguisher=1/O=Regulierungsbeh?orde +# f?ur Telekommunikation und Post/C=DE +# Subject: /CN=6R-Ca 1:PN/NameDistinguisher=1/O=Regulierungsbeh?orde +# f?ur Telekommunikation und Post/C=DE +# validity: 2001-02-01 09:52:17 through 2005-06-01 09:52:17 +# key type: 1024 bit RSA +# key usage: certSign crlSign +EA:8D:99:DD:36:AA:2D:07:1A:3C:7B:69:00:9E:51:B9:4A:2E:E7:60 de -# CN=SPECIMEN Belgium Root CA,C=BE -6A5FFD257E85DC6081828DD169AA304E7E37DD3B be +#Serial number: 00C48C8D +# Issuer: /CN=7R-CA 1:PN/NameDistinguisher=1/O=Regulierungsbeh?orde +# f?ur Telekommunikation und Post/C=DE +# Subject: /CN=7R-CA 1:PN/NameDistinguisher=1/O=Regulierungsbeh?orde +# f?ur Telekommunikation und Post/C=DE +# validity: 2001-10-15 11:15:15 through 2006-02-15 11:15:15 +# key type: 1024 bit RSA +# key usage: certSign crlSign +DB:45:3D:1B:B0:1A:F3:23:10:6B:DE:D0:09:61:57:AA:F4:25:E0:5B de + + +#Serial number: 01 +# Issuer: /CN=8R-CA 1:PN/O=Regulierungsbeh?rde f?r +# Telekommunikation und Post/C=DE +# Subject: /CN=8R-CA 1:PN/O=Regulierungsbeh?rde f?r +# Telekommunikation und Post/C=DE +# validity: 2004-11-25 14:10:37 through 2007-12-31 14:04:03 +# key type: 1024 bit RSA +# key usage: certSign +# policies: 1.3.36.8.1.1:N: +# chain length: unlimited +42:6A:F6:78:30:E9:CE:24:5B:EF:41:A2:C1:A8:51:DA:C5:0A:6D:F5 de + + +#Serial number: 02 +# Issuer: /CN=9R-CA 1:PN/O=Regulierungsbeh?rde f?r +# Telekommunikation und Post/C=DE +# Subject: /CN=9R-CA 1:PN/O=Regulierungsbeh?rde f?r +# Telekommunikation und Post/C=DE +# validity: 2004-11-25 14:59:11 through 2007-12-31 14:56:59 +# key type: 1024 bit RSA +# key usage: certSign +# policies: 1.3.36.8.1.1:N: +# chain length: unlimited +75:9A:4A:CE:7C:DA:7E:89:1B:B2:72:4B:E3:76:EA:47:3A:96:97:24 de + + +#Serial number: 2A +# Issuer: /CN=10R-CA 1:PN/O=Bundesnetzagentur/C=DE +# Subject: /CN=10R-CA 1:PN/O=Bundesnetzagentur/C=DE +# validity: 2005-08-03 15:30:36 through 2007-12-31 15:09:23 +# key type: 1024 bit RSA +# key usage: certSign +# policies: 1.3.36.8.1.1:N: +# chain length: unlimited +31:C9:D2:E6:31:4D:0B:CC:2C:1A:45:00:A6:6B:97:98:27:18:8E:CD de + + +#Serial number: 2D +# Issuer: /CN=11R-CA 1:PN/O=Bundesnetzagentur/C=DE +# Subject: /CN=11R-CA 1:PN/O=Bundesnetzagentur/C=DE +# validity: 2005-08-03 18:09:49 through 2007-12-31 18:04:28 +# key type: 1024 bit RSA +# key usage: certSign +# policies: 1.3.36.8.1.1:N: +# chain length: unlimited +A0:8B:DF:3B:AA:EE:3F:9D:64:6C:47:81:23:21:D4:A6:18:81:67:1D de + Property changes on: branches/GNUPG-1-9-BRANCH/doc/qualified.txt ___________________________________________________________________ Name: svn:keywords + Id From cvs at cvs.gnupg.org Mon Nov 14 13:59:55 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon Nov 14 13:27:12 2005 Subject: [svn] GnuPG - r3937 - branches/GNUPG-1-9-BRANCH/doc Message-ID: Author: wk Date: 2005-11-14 13:59:55 +0100 (Mon, 14 Nov 2005) New Revision: 3937 Modified: branches/GNUPG-1-9-BRANCH/doc/qualified.txt Log: From cvs at cvs.gnupg.org Mon Nov 14 14:03:00 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon Nov 14 13:30:16 2005 Subject: [svn] GnuPG - r3938 - branches/GNUPG-1-9-BRANCH/doc Message-ID: Author: wk Date: 2005-11-14 14:02:59 +0100 (Mon, 14 Nov 2005) New Revision: 3938 Modified: branches/GNUPG-1-9-BRANCH/doc/qualified.txt Log: Added signature property Property changes on: branches/GNUPG-1-9-BRANCH/doc/qualified.txt ___________________________________________________________________ Name: gpg:signature - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3-cvs (GNU/Linux) iEYEABECAAYFAkN4gYwACgkQYHhOlAEKV+04HACfdMJerfDi0L1U7EJBpU5Slsnv mOsAnRa0uDd+xOK0OF/FtNAT743tXt8B =kcka -----END PGP SIGNATURE----- + -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3-cvs (GNU/Linux) iEYEABECAAYFAkN4gmEACgkQYHhOlAEKV+3WUACgiIqfXg7KaKPle1FclIz1VYhW DKYAmwdBnsiksHysMoPc/hSgxfyjcWn3 =sM07 -----END PGP SIGNATURE----- From cvs at cvs.gnupg.org Mon Nov 14 14:11:16 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon Nov 14 13:38:32 2005 Subject: [svn] GnuPG - r3939 - branches/GNUPG-1-9-BRANCH/doc Message-ID: Author: wk Date: 2005-11-14 14:11:15 +0100 (Mon, 14 Nov 2005) New Revision: 3939 Modified: branches/GNUPG-1-9-BRANCH/doc/qualified.txt Log: Don't use keywords for signed files. Modified: branches/GNUPG-1-9-BRANCH/doc/qualified.txt =================================================================== --- branches/GNUPG-1-9-BRANCH/doc/qualified.txt 2005-11-14 13:02:59 UTC (rev 3938) +++ branches/GNUPG-1-9-BRANCH/doc/qualified.txt 2005-11-14 13:11:15 UTC (rev 3939) @@ -7,16 +7,29 @@ # non-comment line starts with optional white spaces, followed by # exactly 40 hex character, white space and a lowercased 2 letter # country code. Additional data delimited with by a white space is -# current ignored but might late be used for other pusposes. +# current ignored but might late be used for other purposes. # -# $Id$ +# Note: The subversion copy of this file carries a gpg:signature +# property with its OpenPGP signature. Check this signature before +# adding entries: +# svn pg gpg:signature qualified.txt | gpg --verify - qualified.txt +#******************************************* +# +# Belgium +# +# Need to figure out a reliable source. +#******************************************* + + #******************************************* # # Germany # +# The information for Germany is available +# at http://www.bundesnetzagentur.de #******************************************* #Serial number: 32D18D @@ -94,3 +107,9 @@ #[checked: 2005-11-14] A0:8B:DF:3B:AA:EE:3F:9D:64:6C:47:81:23:21:D4:A6:18:81:67:1D de + +#******************************************* +# +# End of file +# +#******************************************* Property changes on: branches/GNUPG-1-9-BRANCH/doc/qualified.txt ___________________________________________________________________ Name: svn:keywords - Id Name: gpg:signature - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3-cvs (GNU/Linux) iEYEABECAAYFAkN4gmEACgkQYHhOlAEKV+3WUACgiIqfXg7KaKPle1FclIz1VYhW DKYAmwdBnsiksHysMoPc/hSgxfyjcWn3 =sM07 -----END PGP SIGNATURE----- + -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3-cvs (GNU/Linux) iEYEABECAAYFAkN4hLwACgkQYHhOlAEKV+1BdgCeMPaSzFzhScr1U0Ncmh1mq5Wz 9ekAoIuzRNYyiDwBpq4r2FIVnMg6Ekpo =pwBU -----END PGP SIGNATURE----- From cvs at cvs.gnupg.org Tue Nov 15 17:04:30 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Tue Nov 15 16:31:50 2005 Subject: [svn] gpgme - r1134 - in trunk: . doc gpgme Message-ID: Author: wk Date: 2005-11-15 17:04:28 +0100 (Tue, 15 Nov 2005) New Revision: 1134 Modified: trunk/ChangeLog trunk/autogen.sh trunk/configure.ac trunk/doc/gpgme.texi trunk/gpgme/ChangeLog Log: build static and shared lib by default - required by gpgol. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2005-10-24 09:53:59 UTC (rev 1133) +++ trunk/ChangeLog 2005-11-15 16:04:28 UTC (rev 1134) @@ -1,3 +1,9 @@ +2005-11-15 Werner Koch + + * configure.ac: Create BUILD_FILEVERSION from SVN Revision. + + * autogen.sh [W32]: Build shared and static versions of the library. + 2005-10-20 Marcus Brinkmann * w32-dll/ChangeLog, w32-dll/build-dll, w32-dll/gpgme.def: Remove Modified: trunk/autogen.sh =================================================================== --- trunk/autogen.sh 2005-10-24 09:53:59 UTC (rev 1133) +++ trunk/autogen.sh 2005-11-15 16:04:28 UTC (rev 1134) @@ -75,8 +75,8 @@ ./configure --enable-maintainer-mode --prefix=${w32root} \ --host=i586-mingw32msvc --build=${build} \ - --with-gpg-error-prefix=${w32root} \ - --disable-shared --without-gpgsm + --with-gpg-error-prefix=${w32root} --without-gpgsm \ + --enable-shared --enable-static exit $? fi Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2005-10-24 09:53:59 UTC (rev 1133) +++ trunk/configure.ac 2005-11-15 16:04:28 UTC (rev 1134) @@ -24,6 +24,7 @@ min_automake_version="1.9.3" # Version number: Remember to change it immediately *after* a release. +# Make sure to run "svn up" before a "make dist". AC_INIT(gpgme, 1.2.0-cvs, [bug-gpgme@gnupg.org]) # LT Version numbers, remember to change them just *before* a release. # (Code changed: REVISION++) @@ -446,12 +447,10 @@ BUILD_TIMESTAMP=`date --iso-8601=minutes` changequote(,)dnl BUILD_FILEVERSION=`echo "$VERSION" | sed 's/\([0-9.]*\).*/\1./;s/\./,/g'` + tmp="`echo '$Revision$' | sed 's/[^0-9]//g'`" changequote([,])dnl - case "$VERSION" in - *-cvs) BUILD_FILEVERSION="${BUILD_FILEVERSION}0" ;; - *-rc*) BUILD_FILEVERSION="${BUILD_FILEVERSION}1" ;; - *) BUILD_FILEVERSION="${BUILD_FILEVERSION}2" ;; - esac + test -z "$tmp" && tmp="0" + BUILD_FILEVERSION="${BUILD_FILEVERSION}$tmp" fi AC_SUBST(BUILD_TIMESTAMP) AC_SUBST(BUILD_FILEVERSION) Modified: trunk/doc/gpgme.texi =================================================================== --- trunk/doc/gpgme.texi 2005-10-24 09:53:59 UTC (rev 1133) +++ trunk/doc/gpgme.texi 2005-11-15 16:04:28 UTC (rev 1134) @@ -2154,7 +2154,7 @@ The @code{GPGME_KEYLIST_MODE_VALIDATE} symbol specifies that the backend should do key or certificate validation and not just get the validity information from an internal cache. This might be an -expensive operation and is in general not usefule. Currently only +expensive operation and is in general not useful. Currently only implemented for the S/MIME backend and ignored for other backends. @end table Modified: trunk/gpgme/ChangeLog =================================================================== --- trunk/gpgme/ChangeLog 2005-10-24 09:53:59 UTC (rev 1133) +++ trunk/gpgme/ChangeLog 2005-11-15 16:04:28 UTC (rev 1134) @@ -2,6 +2,10 @@ * w32-io.c (_gpgme_io_spawn): Don't minimize window, hide it. +2005-10-21 Werner Koch + + * Makefile.am: Fixed cut+paste problem + 2005-10-20 Marcus Brinkmann * Makefile.am: Build versioninfo.lo, not versioninfo.o. Also, fix From cvs at cvs.gnupg.org Tue Nov 15 17:06:40 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Tue Nov 15 16:33:50 2005 Subject: [svn] GPGol - r123 - in trunk: . src Message-ID: Author: wk Date: 2005-11-15 17:06:38 +0100 (Tue, 15 Nov 2005) New Revision: 123 Modified: trunk/ChangeLog trunk/NEWS trunk/README trunk/TODO trunk/configure.ac trunk/src/ChangeLog trunk/src/config-dialog.c trunk/src/display.cpp trunk/src/display.h trunk/src/engine-gpgme.c trunk/src/gpgmsg.cpp trunk/src/gpgmsg.hh trunk/src/mymapitags.h trunk/src/olflange.cpp trunk/src/olflange.h Log: Basic HTMl support Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2005-10-22 12:39:27 UTC (rev 122) +++ trunk/ChangeLog 2005-11-15 16:06:38 UTC (rev 123) @@ -1,3 +1,7 @@ +2005-11-15 Werner Koch + + * configure.ac (BUILD_TIMESTAMP): Include SVN revision. + 2005-10-21 Marcus Brinkmann * m4/gpg-error.m4: New file. @@ -3,4 +7,8 @@ * configure.ac: Also check for gpg-error. +2005-10-11 Werner Koch + + * configure.ac: Use MS style bitfields. + 2005-10-06 Marcus Brinkmann Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2005-10-22 12:39:27 UTC (rev 122) +++ trunk/NEWS 2005-11-15 16:06:38 UTC (rev 123) @@ -1,3 +1,7 @@ +Noteworthy changes for version 0.9.4 +================================================= + + Noteworthy changes for version 0.9.3 (2005-09-29) ================================================= Modified: trunk/README =================================================================== --- trunk/README 2005-10-22 12:39:27 UTC (rev 122) +++ trunk/README 2005-11-15 16:06:38 UTC (rev 123) @@ -16,14 +16,6 @@ gpgol.dll" and start Outlook. You should then find a new tab named "GnuPG" in Outlook's option menu. -Note: For building in src/ you need to throw an original mapi32.dll -into this directory. This is due to a bug in the binutils: ld is not -able to properly read a DEF file but will happily use the same -information from an actual DLL. The problem is that symbols like -HrSetOneProp@8 are actually written without the "@8" into the import -table when used with a DEF file and generated import lib. Needs more -debugging - any BFD cracks who can lend me a helping hand? (wk). - Bug reporting: First click on the logo on the GnuPG options tab to check whether a newer version has been released - try this first. If this does not help, check out the mailing lists and also the bug Modified: trunk/TODO =================================================================== --- trunk/TODO 2005-10-22 12:39:27 UTC (rev 122) +++ trunk/TODO 2005-11-15 16:06:38 UTC (rev 123) @@ -18,4 +18,3 @@ * Allow for symmetric encryption. - Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2005-10-22 12:39:27 UTC (rev 122) +++ trunk/configure.ac 2005-11-15 16:06:38 UTC (rev 123) @@ -14,8 +14,9 @@ min_automake_version="1.9.4" # Version number: Remember to change it immediately *after* a release. +# Make sure to run "svn up" before a "make dist". # Add a "-cvs" prefix for non-released code. -AC_INIT(gpgol, 0.9.3-cvs, bug-gpgol@g10code.com) +AC_INIT(gpgol, 0.9.4-cvs, bug-gpgol@g10code.com) NEED_GPGME_API=1 NEED_GPGME_VERSION=1.1.0 @@ -44,11 +45,15 @@ AC_DEFINE_UNQUOTED(NEED_GPGME_VERSION, "$NEED_GPGME_VERSION", [Required version of GPGME]) + BUILD_TIMESTAMP=`date --iso-8601=minutes` AC_SUBST(BUILD_TIMESTAMP) changequote(,)dnl -BUILD_FILEVERSION=`echo "$VERSION" | sed 's/\([0-9.]*\).*/\1.0/;s/\./,/g'` +BUILD_FILEVERSION=`echo "$VERSION" | sed 's/\([0-9.]*\).*/\1./;s/\./,/g'` +tmp="`echo '$Revision$' | sed 's/[^0-9]//g'`" changequote([,])dnl +test -z "$tmp" && tmp="0" +BUILD_FILEVERSION="${BUILD_FILEVERSION}$tmp" AC_SUBST(BUILD_FILEVERSION) @@ -157,14 +162,13 @@ fi if test "$GCC" = yes; then + CFLAGS="$CFLAGS -Wall -mms-bitfields" + CXXFLAGS="$CXXFLAGS -Wall -mms-bitfields" if test "$USE_MAINTAINER_MODE" = "yes"; then - CFLAGS="$CFLAGS -Wall -Wcast-align -Wshadow -Wstrict-prototypes" + CFLAGS="$CFLAGS -Wcast-align -Wshadow -Wstrict-prototypes" CFLAGS="$CFLAGS -Wno-format-y2k -Wformat-security" - CXXFLAGS="$CXXFLAGS -Wall -Wcast-align -Wshadow" + CXXFLAGS="$CXXFLAGS -Wcast-align -Wshadow" CXXFLAGS="$CXXFLAGS -Wno-format-y2k -Wformat-security" - else - CFLAGS="$CFLAGS -Wall" - CXXFLAGS="$CXXFLAGS -Wall" fi fi Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2005-10-22 12:39:27 UTC (rev 122) +++ trunk/src/ChangeLog 2005-11-15 16:06:38 UTC (rev 123) @@ -1,3 +1,24 @@ +2005-11-15 Werner Koch + + * Makefile.am (gpgol_LDADD): Remove -lintl for now. + + * olflange.cpp (OnWriteComplete): Make sure that we don't sent out + unencrypted stuff on error. + * display.cpp (set_message_body): Add arg IS_HTML. + (update_display): Ditto. + + * gpgmsg.cpp (loadBody): New arg WANT_HTML. + (getOrigText): Ditto. + + * olflange.h (class CGPGExchExtMessageEvents): Add M_WANT_HTML. + * olflange.cpp (OnWrite): Set it. + (OnWriteComplete): Pass its value to the encrypt functions. + +2005-11-10 Werner Koch + + * config-dialog.c (start_key_manager): Changed invocation of + default keymanager. + 2005-10-21 Marcus Brinkmann * Makefile.am (libgpgme.a, libgpgme.a): New targets. @@ -13,6 +34,19 @@ (gpgol_LDADD): Replace mapi32.dll with "-L . -lmapi32". (clean-local): New target. +2005-10-19 Werner Koch + + * gpgmsg.cpp (sign, encrypt_and_sign): Don't set the body first to + empty. If this is really required we should do this in + set_message_body. + (sign): Save changes. Set content type to text/plain. + (encrypt_and_sign): Save changes also for empty bodies. + +2005-10-06 Werner Koch + + * gpgmsg.cpp (writeAttestation): Use gpgme_free for BUFFER. + * engine-gpgme.c (data_to_file): Ditto. + 2005-10-06 Marcus Brinkmann * Makefile.am (gpgol_DEPENDENCIES): New variable. Modified: trunk/src/config-dialog.c =================================================================== --- trunk/src/config-dialog.c 2005-10-22 12:39:27 UTC (rev 122) +++ trunk/src/config-dialog.c 2005-11-15 16:06:38 UTC (rev 123) @@ -390,7 +390,7 @@ info = info->next; if (info && info->file_name && *info->file_name) { - keyman = xmalloc (strlen (info->file_name) + 10); + keyman = xmalloc (strlen (info->file_name) + 50); strcpy (keyman, info->file_name); for (p=keyman; *p; p++) if (*p == '/') @@ -401,10 +401,10 @@ xfree (keyman); return -1; } - strcpy (p+1, "winpt.exe"); + strcpy (p+1, "winpt.exe --keymanager"); if (access (keyman, F_OK)) { - strcpy (p+1, "gpa.exe"); + strcpy (p+1, "gpa.exe --keyring"); if (access (keyman, F_OK)) { xfree (keyman); Modified: trunk/src/display.cpp =================================================================== --- trunk/src/display.cpp 2005-10-22 12:39:27 UTC (rev 122) +++ trunk/src/display.cpp 2005-11-15 16:06:38 UTC (rev 123) @@ -131,7 +131,7 @@ /* Update the display using the message MSG. Return 0 on success. */ int -update_display (HWND hwnd, GpgMsg *msg, void *exchange_cb) +update_display (HWND hwnd, GpgMsg *msg, void *exchange_cb, bool is_html) { HWND window; @@ -161,7 +161,7 @@ else if (exchange_cb && !opt.compat.no_oom_write) { log_debug ("updating display using OOM"); - return put_outlook_property (exchange_cb, "Body", + return put_outlook_property (exchange_cb, is_html? "HTMLBody":"Body", msg->getDisplayText ()); } else @@ -176,26 +176,28 @@ /* Set the body of MESSAGE to STRING. Returns 0 on success or an error code otherwise. */ int -set_message_body (LPMESSAGE message, const char *string) +set_message_body (LPMESSAGE message, const char *string, bool is_html) { HRESULT hr; SPropValue prop; - // BOOL dummy_bool; + SPropTagArray proparray; const char *s; + assert (message); + /* Decide whether we need to use the Unicode version. */ for (s=string; *s && !(*s & 0x80); s++) ; if (*s) { - prop.ulPropTag = PR_BODY_W; + prop.ulPropTag = is_html? PR_BODY_HTML_W : PR_BODY_W; prop.Value.lpszW = utf8_to_wchar (string); hr = HrSetOneProp (message, &prop); xfree (prop.Value.lpszW); } else /* Only plain ASCII. */ { - prop.ulPropTag = PR_BODY_A; + prop.ulPropTag = is_html? PR_BODY_HTML_A : PR_BODY_A; prop.Value.lpszA = (CHAR*)string; hr = HrSetOneProp (message, &prop); } @@ -205,13 +207,14 @@ __FILE__, __func__, hr); return gpg_error (GPG_ERR_GENERAL); } -// When enabling the code below the result is that (under OL2003 -// standalone) the message is sent with an empty body. Thus we don't -// do it. Note further that the specs say that when dummy_bool -// returns true, SaveChanges must be called on the message. -// hr = RTFSync (message, RTF_SYNC_BODY_CHANGED, &dummy_bool); -// if (hr != S_OK) -// log_debug ("%s:%s: RTFSync failed: hr=%#lx - error ignored", -// __FILE__, __func__, hr); + + /* Instead of using RTF Sync, we simply delete any RTF property. */ + proparray.cValues = 1; + proparray.aulPropTag[0] = PR_RTF_COMPRESSED; + hr = message->DeleteProps (&proparray, NULL); + if (hr != S_OK) + log_debug ("%s:%s: DeleteProps failed: hr=%#lx\n", __FILE__, __func__, hr); + + return 0; } Modified: trunk/src/display.h =================================================================== --- trunk/src/display.h 2005-10-22 12:39:27 UTC (rev 122) +++ trunk/src/display.h 2005-11-15 16:06:38 UTC (rev 123) @@ -28,9 +28,9 @@ char *add_html_line_endings (const char *body); -int update_display (HWND hwnd, GpgMsg *msg, void *exchange_cb); +int update_display (HWND hwnd, GpgMsg *msg, void *exchange_cb, bool is_html); -int set_message_body (LPMESSAGE message, const char *string); +int set_message_body (LPMESSAGE message, const char *string, bool is_html); /*-- olflange.cpp --*/ Modified: trunk/src/engine-gpgme.c =================================================================== --- trunk/src/engine-gpgme.c 2005-10-22 12:39:27 UTC (rev 122) +++ trunk/src/engine-gpgme.c 2005-11-15 16:06:38 UTC (rev 123) @@ -218,9 +218,10 @@ /* Encrypt the data in INBUF into a newly malloced buffer stored on - success at OUTBUF. The recipients are expected in the NULL - terminated array KEYS. If SIGN_KEY is not NULl, the data will also - be signed using this key. TTL is the time the passphrase should be + success at OUTBUF. The caller should release this buffer using + gpgme_free. The recipients are expected in the NULL terminated + array KEYS. If SIGN_KEY is not NULl, the data will also be signed + using this key. TTL is the time the passphrase should be cached. */ int op_encrypt (const char *inbuf, char **outbuf, gpgme_key_t *keys, @@ -355,7 +356,7 @@ /* Sign and encrypt the data in INBUF into a newly allocated buffer at - OUTBUF. */ + OUTBUF. Caller needs to free the returned buffer using gpgme_free. */ int op_sign (const char *inbuf, char **outbuf, int mode, gpgme_key_t sign_key, int ttl) @@ -477,11 +478,12 @@ -/* Run the decryption. Decrypts INBUF to OUTBUF, caller must xfree - the result at OUTBUF. TTL is the time in seconds to cache a - passphrase. If FILENAME is not NULL it will be displayed along - with status outputs. If ATTESTATION is not NULL a text with the - result of the signature verification will get printed to it. */ +/* Run the decryption. Decrypts INBUF to OUTBUF; caller needs to free + the returned result at OUTBUF using gpgme_free. the result at + OUTBUF. TTL is the time in seconds to cache a passphrase. If + FILENAME is not NULL it will be displayed along with status + outputs. If ATTESTATION is not NULL a text with the result of the + signature verification will get printed to it. */ int op_decrypt (const char *inbuf, char **outbuf, int ttl, const char *filename, gpgme_data_t attestation) @@ -664,7 +666,8 @@ } -/* Decrypt the stream INSTREAM directly to the newly allocated buffer OUTBUF. +/* Decrypt the stream INSTREAM directly to the newly allocated buffer + OUTBUF. Caller needs to free the returned buffer using gpgme_free. Returns 0 on success or an gpgme error code on failure. If FILENAME is not NULL it will be displayed along with status outputs. */ @@ -738,7 +741,8 @@ will show the result of the verification. If FILENAME is not NULL it will be displayed along with status outputs. If ATTESTATION is not NULL a text with the result of the signature verification will - get printed to it. */ + get printed to it. Caller needs to free the returned buffer at + OUTBUF using gpgme_free. */ int op_verify (const char *inbuf, char **outbuf, const char *filename, gpgme_data_t attestation) @@ -1267,7 +1271,7 @@ fwrite (buf, 1, n, out); fclose (out); /* FIXME: We have no error checking above. */ - xfree (buf); + gpgme_free (buf); return 0; } Modified: trunk/src/gpgmsg.cpp =================================================================== --- trunk/src/gpgmsg.cpp 2005-10-22 12:39:27 UTC (rev 122) +++ trunk/src/gpgmsg.cpp 2005-11-15 16:06:38 UTC (rev 123) @@ -169,19 +169,19 @@ openpgp_t getMessageType (void); bool hasAttachments (void); - const char *getOrigText (void); + const char *getOrigText (bool want_html); const char *GpgMsgImpl::getDisplayText (void); const char *getPlainText (void); int decrypt (HWND hwnd); int sign (HWND hwnd); - int encrypt (HWND hwnd) + int encrypt (HWND hwnd, bool want_html) { - return encrypt_and_sign (hwnd, false); + return encrypt_and_sign (hwnd, want_html, false); } - int signEncrypt (HWND hwnd) + int signEncrypt (HWND hwnd, bool want_html) { - return encrypt_and_sign (hwnd, true); + return encrypt_and_sign (hwnd, want_html, true); } int attachPublicKey (const char *keyid); @@ -218,11 +218,11 @@ LPSRowSet rows; /* The retrieved set of rows from the table. */ } attach; - void loadBody (void); + void loadBody (bool want_html); bool isPgpmimeVersionPart (int pos); void writeAttestation (void); attach_info_t gatherAttachmentInfo (void); - int encrypt_and_sign (HWND hwnd, bool sign); + int encrypt_and_sign (HWND hwnd, bool want_html, bool sign); }; @@ -366,7 +366,7 @@ /* Load the body and make it available as an UTF8 string in the instance variable BODY. */ void -GpgMsgImpl::loadBody (void) +GpgMsgImpl::loadBody (bool want_html) { HRESULT hr; LPSPropValue lpspvFEID = NULL; @@ -378,7 +378,8 @@ if (body || !message) return; - hr = HrGetOneProp ((LPMAPIPROP)message, PR_BODY, &lpspvFEID); + hr = HrGetOneProp ((LPMAPIPROP)message, + want_html? PR_BODY_HTML : PR_BODY, &lpspvFEID); if (SUCCEEDED (hr)) { /* Message is small enough to be retrieved this way. */ switch ( PROP_TYPE (lpspvFEID->ulPropTag) ) @@ -402,8 +403,8 @@ } else /* Message is large; Use a stream to read it. */ { - hr = message->OpenProperty (PR_BODY, &IID_IStream, - 0, 0, (LPUNKNOWN*)&stream); + hr = message->OpenProperty (want_html? PR_BODY_HTML : PR_BODY, + &IID_IStream, 0, 0, (LPUNKNOWN*)&stream); if ( hr != S_OK ) { log_debug ("%s:%s: OpenProperty failed: hr=%#lx", @@ -556,7 +557,7 @@ { const char *s; - loadBody (); + loadBody (false); if (!body || !(s = strstr (body, "BEGIN PGP "))) return OPENPGP_NONE; @@ -580,9 +581,9 @@ /* Return the body text as received or composed. This is guaranteed to never return NULL. */ const char * -GpgMsgImpl::getOrigText () +GpgMsgImpl::getOrigText (bool want_html) { - loadBody (); + loadBody (want_html); return body? body : ""; } @@ -593,7 +594,7 @@ const char * GpgMsgImpl::getDisplayText (void) { - loadBody (); + loadBody (false); if (body_plain) return body_plain; @@ -839,7 +840,7 @@ } if (newatt) newatt->Release (); - xfree (buffer); + gpgme_free (buffer); } @@ -905,7 +906,7 @@ { xfree (body_plain); body_plain = xstrdup (s); - update_display (hwnd, this, exchange_cb); + update_display (hwnd, this, exchange_cb, is_html_body (s)); msgcache_unref (refhandle); log_debug ("%s:%s: leave (already decrypted)\n", __FILE__, __func__); } @@ -989,9 +990,9 @@ pgpmime_succeeded = 1; } else if (mtype == OPENPGP_CLEARSIG) - err = op_verify (getOrigText (), NULL, NULL, attestation); - else if (*getOrigText()) - err = op_decrypt (getOrigText (), &plaintext, opt.passwd_ttl, + err = op_verify (getOrigText (false), NULL, NULL, attestation); + else if (*getOrigText(false)) + err = op_decrypt (getOrigText (false), &plaintext, opt.passwd_ttl, NULL, attestation); else err = gpg_error (GPG_ERR_NO_DATA); @@ -1022,7 +1023,7 @@ we will disable it but add a compatibility flag to re-enable it. */ if (opt.compat.old_reply_hack) - set_message_body (message, plaintext); + set_message_body (message, plaintext, is_html); xfree (body_plain); body_plain = plaintext; @@ -1037,10 +1038,10 @@ if (FAILED (hr)) log_debug ("%s:%s: SaveChanges failed: hr=%#lx", __FILE__, __func__, hr); - update_display (hwnd, this, exchange_cb); + update_display (hwnd, this, exchange_cb, is_html); } - else if (!silent && update_display (hwnd, this, exchange_cb)) + else if (!silent && update_display (hwnd, this, exchange_cb, is_html)) { const char s[] = "The message text cannot be displayed.\n" @@ -1128,16 +1129,18 @@ int GpgMsgImpl::sign (HWND hwnd) { + HRESULT hr; const char *plaintext; char *signedtext = NULL; int err = 0; gpgme_key_t sign_key = NULL; + SPropValue prop; log_debug ("%s:%s: enter message=%p\n", __FILE__, __func__, message); /* We don't sign an empty body - a signature on a zero length string is pretty much useless. */ - if (!*(plaintext = getOrigText ()) && !hasAttachments ()) + if (!*(plaintext = getOrigText (false)) && !hasAttachments ()) { log_debug ("%s:%s: leave (empty)", __FILE__, __func__); return 0; @@ -1174,21 +1177,39 @@ failed. */ } - set_x_header (message, "Gpgol-Version", PACKAGE_VERSION); + set_x_header (message, "GPGOL-VERSION", PACKAGE_VERSION); /* Now that we successfully processed the attachments, we can save - the changes to the body. For unknown reasons we need to set it - to empty first. */ + the changes to the body. */ if (*plaintext) { - err = set_message_body (message, ""); - if (!err) - err = set_message_body (message, signedtext); + err = set_message_body (message, signedtext, 0); if (err) goto leave; + + /* In case we don't have attachments, Outlook will really insert + the following content type into the header. We use this to + declare that the encrypted content of the message is utf-8 + encoded. */ + prop.ulPropTag=PR_CONTENT_TYPE_A; + prop.Value.lpszA="text/plain; charset=utf-8"; + hr = HrSetOneProp (message, &prop); + if (hr != S_OK) + { + log_error ("%s:%s: can't set content type: hr=%#lx\n", + __FILE__, __func__, hr); + } } + + hr = message->SaveChanges (KEEP_OPEN_READWRITE|FORCE_SAVE); + if (hr != S_OK) + { + log_error ("%s:%s: SaveChanges(message) failed: hr=%#lx\n", + __FILE__, __func__, hr); + err = gpg_error (GPG_ERR_GENERAL); + goto leave; + } - leave: xfree (signedtext); gpgme_key_release (sign_key); @@ -1198,16 +1219,17 @@ -/* Encrypt and optionally sign (if SIGN_FLAG is true) the entire message - including all attachments. Returns 0 on success. */ +/* Encrypt and optionally sign (if SIGN_FLAG is true) the entire + message including all attachments. If WANT_HTML is true, the text + to encrypt will be taken from the html property. Returns 0 on + success. */ int -GpgMsgImpl::encrypt_and_sign (HWND hwnd, bool sign_flag) +GpgMsgImpl::encrypt_and_sign (HWND hwnd, bool want_html, bool sign_flag) { log_debug ("%s:%s: enter\n", __FILE__, __func__); HRESULT hr; gpgme_key_t *keys = NULL; gpgme_key_t sign_key = NULL; - bool is_html; const char *plaintext; char *ciphertext = NULL; char **recipients = NULL; @@ -1217,7 +1239,7 @@ SPropValue prop; - if (!*(plaintext = getOrigText ()) && !hasAttachments ()) + if (!*(plaintext = getOrigText (want_html)) && !hasAttachments ()) { log_debug ("%s:%s: leave (empty)", __FILE__, __func__); return 0; @@ -1278,8 +1300,6 @@ if (*plaintext) { - is_html = is_html_body (plaintext); - err = op_encrypt (plaintext, &ciphertext, keys, sign_key, opt.passwd_ttl); if (err) @@ -1289,7 +1309,7 @@ goto leave; } - if (is_html) + if (want_html) { char *tmp = add_html_line_endings (ciphertext); xfree (ciphertext); @@ -1329,20 +1349,18 @@ set_x_header (message, "GPGOL-VERSION", PACKAGE_VERSION); /* Now that we successfully processed the attachments, we can save - the changes to the body. For unknown reasons we need to set it - to empty first. */ + the changes to the body. */ if (*plaintext) { - err = set_message_body (message, ""); - if (!err) - err = set_message_body (message, ciphertext); + err = set_message_body (message, ciphertext, want_html); if (err) goto leave; /* In case we don't have attachments, Outlook will really insert the following content type into the header. We use this to declare that the encrypted content of the message is utf-8 - encoded. */ + encoded. Note that we use plain/text even for HTML because + it is base64 encoded. */ prop.ulPropTag=PR_CONTENT_TYPE_A; prop.Value.lpszA="text/plain; charset=utf-8"; hr = HrSetOneProp (message, &prop); @@ -1351,16 +1369,16 @@ log_error ("%s:%s: can't set content type: hr=%#lx\n", __FILE__, __func__, hr); } - - hr = message->SaveChanges (KEEP_OPEN_READWRITE|FORCE_SAVE); - if (hr != S_OK) - { - log_error ("%s:%s: SaveChanges(message) failed: hr=%#lx\n", - __FILE__, __func__, hr); - err = gpg_error (GPG_ERR_GENERAL); - goto leave; - } } + + hr = message->SaveChanges (KEEP_OPEN_READWRITE|FORCE_SAVE); + if (hr != S_OK) + { + log_error ("%s:%s: SaveChanges(message) failed: hr=%#lx\n", + __FILE__, __func__, hr); + err = gpg_error (GPG_ERR_GENERAL); + goto leave; + } leave: /* FIXME: What to do with already encrypted attachments if some of @@ -2214,7 +2232,7 @@ att->Release (); att = NULL; if (message->DeleteAttach (pos, 0, NULL, 0) == S_OK) - log_error ("%s:%s: failed to delete attacghment %d: %s", + log_error ("%s:%s: failed to delete attachment %d: %s", __FILE__, __func__, pos, op_strerror (err)); } Modified: trunk/src/gpgmsg.hh =================================================================== --- trunk/src/gpgmsg.hh 2005-10-22 12:39:27 UTC (rev 122) +++ trunk/src/gpgmsg.hh 2005-11-15 16:06:38 UTC (rev 123) @@ -62,7 +62,7 @@ /* Return the body text as received or composed. This is guaranteed to never return NULL. Usually getMessageType is used to check whether there is a suitable message. */ - virtual const char *getOrigText (void) = 0; + virtual const char *getOrigText (bool want_html) = 0; /* Return the text of the message to be used for the display. The message objects has intrinsic knowledge about the correct @@ -82,11 +82,11 @@ /* Encrypt the entire message including any attachments. Returns 0 on success. */ - virtual int encrypt (HWND hwnd) = 0; + virtual int encrypt (HWND hwnd, bool want_html) = 0; /* Encrypt and sign the entire message including any attachments. Return 0 on success. */ - virtual int signEncrypt (HWND hwnd) = 0; + virtual int signEncrypt (HWND hwnd, bool want_html) = 0; /* Attach the key identified by KEYID to the message. */ virtual int attachPublicKey (const char *keyid) = 0; Modified: trunk/src/mymapitags.h =================================================================== --- trunk/src/mymapitags.h 2005-10-22 12:39:27 UTC (rev 122) +++ trunk/src/mymapitags.h 2005-11-15 16:06:38 UTC (rev 123) @@ -835,6 +835,7 @@ #define PR_YPOS PROP_TAG( PT_LONG, 0x3F06) #define PR_CONTROL_ID PROP_TAG( PT_BINARY, 0x3F07) #define PR_INITIAL_DETAILS_PANE PROP_TAG( PT_LONG, 0x3F08) +#define PR_MSG_EDITOR_FORMAT PROP_TAG( PT_LONG, 0x5903) #define PROP_ID_SECURE_MIN 0x67F0 #define PROP_ID_SECURE_MAX 0x67FF Modified: trunk/src/olflange.cpp =================================================================== --- trunk/src/olflange.cpp 2005-10-22 12:39:27 UTC (rev 122) +++ trunk/src/olflange.cpp 2005-11-15 16:06:38 UTC (rev 123) @@ -641,6 +641,7 @@ m_pExchExt = pParentInterface; m_lRef = 0; m_bOnSubmitActive = FALSE; + m_want_html = FALSE; } @@ -777,7 +778,11 @@ return E_FAIL; } - if (aVariant.intVal != 1) + if (aVariant.intVal == 1) + m_want_html = 0; + else if (aVariant.intVal == 2) + m_want_html = 1; + else { log_debug ("%s:%s: BodyFormat is %d", @@ -786,9 +791,9 @@ if (FAILED(pEECB->GetWindow (&hWnd))) hWnd = NULL; MessageBox (hWnd, - "Sorry, we can only encrypt plain text messages and no\n" - "HTML or RTF messages. Please make sure that only the\n" - "text format has been selected.", + "Sorry, we can only encrypt plain text messages and\n" + "no RTF messages. Please make sure that only the text\n" + "format has been selected.", "GPGol", MB_ICONERROR|MB_OK); m_bWriteFailed = TRUE; @@ -826,7 +831,7 @@ if (lFlags & (EEME_FAILED|EEME_COMPLETE_FAILED)) return S_FALSE; /* We don't need to rollback anything in case - other extensions flagged a failire. */ + other extensions flagged a failure. */ if (!m_bOnSubmitActive) /* The user is just saving the message. */ return S_FALSE; @@ -840,22 +845,48 @@ HRESULT hr = pEECB->GetObject (&pMDB, (LPMAPIPROP *)&msg); if (SUCCEEDED (hr)) { + SPropTagArray proparray; + GpgMsg *m = CreateGpgMsg (msg); m->setExchangeCallback ((void*)pEECB); if (m_pExchExt->m_gpgEncrypt && m_pExchExt->m_gpgSign) - rc = m->signEncrypt (hWnd); + rc = m->signEncrypt (hWnd, m_want_html); if (m_pExchExt->m_gpgEncrypt && !m_pExchExt->m_gpgSign) - rc = m->encrypt (hWnd); + rc = m->encrypt (hWnd, m_want_html); if (!m_pExchExt->m_gpgEncrypt && m_pExchExt->m_gpgSign) rc = m->sign (hWnd); else rc = 0; delete m; + + /* If we are encrypting we need to make sure that the other + format gets deleted and is not actually sent in the clear. */ + if (m_pExchExt->m_gpgEncrypt) + { + proparray.cValues = 1; + proparray.aulPropTag[0] = m_want_html? PR_BODY : PR_BODY_HTML; + msg->DeleteProps (&proparray, NULL); + } if (rc) { hrReturn = E_FAIL; m_bWriteFailed = TRUE; + + /* Due to an error in Outlook the error is ignored and the + message sent out anyway. Thus we better delete the stuff + now. */ + if (m_pExchExt->m_gpgEncrypt) + { + proparray.cValues = 1; + proparray.aulPropTag[0] = m_want_html? PR_BODY_HTML : PR_BODY; + hr = msg->DeleteProps (&proparray, NULL); + if (hr != S_OK) + log_debug ("%s:%s: DeleteProps failed: hr=%#lx\n", + __FILE__, __func__, hr); + /* FIXME: We should delete the atatchments too. */ + } + } } Modified: trunk/src/olflange.h =================================================================== --- trunk/src/olflange.h 2005-10-22 12:39:27 UTC (rev 122) +++ trunk/src/olflange.h 2005-11-15 16:06:38 UTC (rev 123) @@ -84,6 +84,7 @@ BOOL m_bOnSubmitActive; CGPGExchExt* m_pExchExt; BOOL m_bWriteFailed; + BOOL m_want_html; /* Encryption of HTML is desired. */ public: STDMETHODIMP QueryInterface (REFIID riid, LPVOID *ppvObj); From cvs at cvs.gnupg.org Tue Nov 15 17:09:40 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Tue Nov 15 16:36:50 2005 Subject: [svn] GPGol - r124 - trunk Message-ID: Author: wk Date: 2005-11-15 17:09:39 +0100 (Tue, 15 Nov 2005) New Revision: 124 Modified: trunk/configure.ac Log: Need to allow the keyword Property changes on: trunk/configure.ac ___________________________________________________________________ Name: svn:keyword + Revision From cvs at cvs.gnupg.org Tue Nov 15 17:12:52 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Tue Nov 15 16:40:02 2005 Subject: [svn] GPGol - r125 - trunk Message-ID: Author: wk Date: 2005-11-15 17:12:52 +0100 (Tue, 15 Nov 2005) New Revision: 125 Modified: trunk/ChangeLog trunk/configure.ac Log: Fixed automake init Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2005-11-15 16:09:39 UTC (rev 124) +++ trunk/ChangeLog 2005-11-15 16:12:52 UTC (rev 125) @@ -1,6 +1,7 @@ 2005-11-15 Werner Koch * configure.ac (BUILD_TIMESTAMP): Include SVN revision. + (AM_INIT_AUTOMAKE): Fixed invocation. 2005-10-21 Marcus Brinkmann Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2005-11-15 16:09:39 UTC (rev 124) +++ trunk/configure.ac 2005-11-15 16:12:52 UTC (rev 125) @@ -29,7 +29,7 @@ AC_CONFIG_SRCDIR(src/gpgol.def) AM_CONFIG_HEADER(config.h) AC_CANONICAL_TARGET() -AM_INIT_AUTOMAKE($PACKAGE, $VERSION) +AM_INIT_AUTOMAKE AC_GNU_SOURCE From cvs at cvs.gnupg.org Tue Nov 15 17:14:29 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Tue Nov 15 16:41:39 2005 Subject: [svn] GPGol - r126 - trunk Message-ID: Author: wk Date: 2005-11-15 17:14:29 +0100 (Tue, 15 Nov 2005) New Revision: 126 Modified: trunk/configure.ac Log: use the plural form Property changes on: trunk/configure.ac ___________________________________________________________________ Name: svn:keywords + Revision From cvs at cvs.gnupg.org Thu Nov 17 17:12:28 2005 From: cvs at cvs.gnupg.org (svn author marcus) Date: Thu Nov 17 16:39:28 2005 Subject: [svn] gpgme - r1135 - trunk/gpgme Message-ID: Author: marcus Date: 2005-11-17 17:12:27 +0100 (Thu, 17 Nov 2005) New Revision: 1135 Modified: trunk/gpgme/ChangeLog trunk/gpgme/posix-io.c trunk/gpgme/priv-io.h trunk/gpgme/w32-io.c Log: 2005-11-17 Marcus Brinkmann * priv-io.h (_gpgme_io_waitpid, _gpgme_io_kill): Removed. * w32-io.c (_gpgme_io_waitpid, _gpgme_io_kill): Removed. * posix-io.c (_gpgme_io_kill): Removed. (_gpgme_io_waitpid): Declare static. Modified: trunk/gpgme/ChangeLog =================================================================== --- trunk/gpgme/ChangeLog 2005-11-15 16:04:28 UTC (rev 1134) +++ trunk/gpgme/ChangeLog 2005-11-17 16:12:27 UTC (rev 1135) @@ -1,3 +1,10 @@ +2005-11-17 Marcus Brinkmann + + * priv-io.h (_gpgme_io_waitpid, _gpgme_io_kill): Removed. + * w32-io.c (_gpgme_io_waitpid, _gpgme_io_kill): Removed. + * posix-io.c (_gpgme_io_kill): Removed. + (_gpgme_io_waitpid): Declare static. + 2005-10-24 Marcus Brinkmann * w32-io.c (_gpgme_io_spawn): Don't minimize window, hide it. Modified: trunk/gpgme/posix-io.c =================================================================== --- trunk/gpgme/posix-io.c 2005-11-15 16:04:28 UTC (rev 1134) +++ trunk/gpgme/posix-io.c 2005-11-17 16:12:27 UTC (rev 1135) @@ -174,6 +174,30 @@ } +static int +_gpgme_io_waitpid (int pid, int hang, int *r_status, int *r_signal) +{ + int status; + + *r_status = 0; + *r_signal = 0; + if (_gpgme_ath_waitpid (pid, &status, hang? 0 : WNOHANG) == pid) + { + if (WIFSIGNALED (status)) + { + *r_status = 4; /* Need some value here. */ + *r_signal = WTERMSIG (status); + } + else if (WIFEXITED (status)) + *r_status = WEXITSTATUS (status); + else + *r_status = 4; /* Oops. */ + return 1; + } + return 0; +} + + /* Returns 0 on success, -1 on error. */ int _gpgme_io_spawn (const char *path, char **argv, @@ -273,37 +297,6 @@ } -int -_gpgme_io_waitpid (int pid, int hang, int *r_status, int *r_signal) -{ - int status; - - *r_status = 0; - *r_signal = 0; - if (_gpgme_ath_waitpid (pid, &status, hang? 0 : WNOHANG) == pid) - { - if (WIFSIGNALED (status)) - { - *r_status = 4; /* Need some value here. */ - *r_signal = WTERMSIG (status); - } - else if (WIFEXITED (status)) - *r_status = WEXITSTATUS (status); - else - *r_status = 4; /* Oops. */ - return 1; - } - return 0; -} - - -int -_gpgme_io_kill (int pid, int hard) -{ - return kill (pid, hard ? SIGKILL : SIGTERM); -} - - /* * Select on the list of fds. * Returns: -1 = error Modified: trunk/gpgme/priv-io.h =================================================================== --- trunk/gpgme/priv-io.h 2005-11-15 16:04:28 UTC (rev 1134) +++ trunk/gpgme/priv-io.h 2005-11-17 16:12:27 UTC (rev 1135) @@ -57,8 +57,6 @@ int _gpgme_io_spawn (const char *path, char **argv, struct spawn_fd_item_s *fd_child_list, struct spawn_fd_item_s *fd_parent_list); -int _gpgme_io_waitpid (int pid, int hang, int *r_status, int *r_signal); -int _gpgme_io_kill (int pid, int hard); int _gpgme_io_select (struct io_select_fd_s *fds, size_t nfds, int nonblock); #endif /* IO_H */ Modified: trunk/gpgme/w32-io.c =================================================================== --- trunk/gpgme/w32-io.c 2005-11-15 16:04:28 UTC (rev 1134) +++ trunk/gpgme/w32-io.c 2005-11-17 16:12:27 UTC (rev 1135) @@ -942,60 +942,6 @@ } - - -int -_gpgme_io_waitpid ( int pid, int hang, int *r_status, int *r_signal ) -{ - HANDLE proc = fd_to_handle (pid); - int code, ret = 0; - DWORD exc; - - *r_status = 0; - *r_signal = 0; - code = WaitForSingleObject ( proc, hang? INFINITE : 0 ); - switch (code) { - case WAIT_FAILED: - DEBUG2 ("WFSO pid=%d failed: %d\n", (int)pid, (int)GetLastError () ); - break; - - case WAIT_OBJECT_0: - if (!GetExitCodeProcess (proc, &exc)) { - DEBUG2 ("** GECP pid=%d failed: ec=%d\n", - (int)pid, (int)GetLastError () ); - *r_status = 4; - } - else { - DEBUG2 ("GECP pid=%d exit code=%d\n", (int)pid, exc); - *r_status = exc; - } - ret = 1; - break; - - case WAIT_TIMEOUT: - if (hang) - DEBUG1 ("WFSO pid=%d timed out\n", (int)pid); - break; - - default: - DEBUG2 ("WFSO pid=%d returned %d\n", (int)pid, code ); - break; - } - return ret; -} - -int -_gpgme_io_kill ( int pid, int hard ) -{ - HANDLE proc = fd_to_handle (pid); - - #warning I am not sure how to kill a process - /* fixme: figure out how this can be done */ - return 0; -} - - - /* * Select on the list of fds. * Returns: -1 = error From cvs at cvs.gnupg.org Thu Nov 17 19:45:16 2005 From: cvs at cvs.gnupg.org (svn author marcus) Date: Thu Nov 17 19:12:19 2005 Subject: [svn] gpgme - r1136 - in trunk: . gpgme m4 Message-ID: Author: marcus Date: 2005-11-17 19:45:14 +0100 (Thu, 17 Nov 2005) New Revision: 1136 Added: trunk/gpgme/w32-glib-io.c Modified: trunk/ChangeLog trunk/configure.ac trunk/gpgme/ChangeLog trunk/gpgme/Makefile.am trunk/gpgme/gpgme-config.in trunk/gpgme/gpgme.def trunk/gpgme/gpgme.m4 trunk/gpgme/w32-io.c trunk/m4/ChangeLog Log: 2005-11-17 Marcus Brinkmann * configure.ac: Add support for --enable-w32-glib (disabled by default). Invoke AM_PATH_GLIB_2_0. gpgme/ 2005-11-17 Marcus Brinkmann * w32-glib-io.c: New file. * gpgme.def (gpgme_get_giochannel): Add symbol. * Makefile.am (system_components) [HAVE_DOSISH_SYSTEM]: Remove w32-io.c. (ltlib_gpgme_extra): New variable. (lib_LTLIBRARIES): Add $(ltlib_gpgme_extra). (system_components_not_extra): New variable. (libgpgme_la_SOURCES, libgpgme_pthread_la_SOURCES, (libgpgme_pth_la_SOURCES): Add $(system_components_not_extra). (libgpgme_glib_la_LDFLAGS, libgpgme_glib_la_DEPENDENCIES, (libgpgme_glib_la_LIBADD, libgpgme_glib_la_CFLAGS) [BUILD_W32_GLIB]: New variables. * gpgme-config.in (glib): New option. * gpgme.m4 (AM_PATH_GPGME_GLIB): New macro. m4/ 2005-11-17 Marcus Brinkmann * glib-2.0.m4: New file. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2005-11-17 16:12:27 UTC (rev 1135) +++ trunk/ChangeLog 2005-11-17 18:45:14 UTC (rev 1136) @@ -1,3 +1,8 @@ +2005-11-17 Marcus Brinkmann + + * configure.ac: Add support for --enable-w32-glib (disabled by + default). Invoke AM_PATH_GLIB_2_0. + 2005-11-15 Werner Koch * configure.ac: Create BUILD_FILEVERSION from SVN Revision. Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2005-11-17 16:12:27 UTC (rev 1135) +++ trunk/configure.ac 2005-11-17 18:45:14 UTC (rev 1136) @@ -147,6 +147,12 @@ fi AM_CONDITIONAL(HAVE_W32_SYSTEM, test "$have_w32_system" = yes) +build_w32_glib=no +AM_PATH_GLIB_2_0 +AC_ARG_ENABLE(w32-glib, + AC_HELP_STRING([--enable-w32-glib], [build GPGME Glib for W32]), + build_w32_glib=$withval) +AM_CONDITIONAL(BUILD_W32_GLIB, test "$build_w32_glib" = yes) AM_CONDITIONAL(HAVE_PTH, test "$have_pth" = "yes") AM_CONDITIONAL(HAVE_PTHREAD, test "$have_pthread" = "yes") Modified: trunk/gpgme/ChangeLog =================================================================== --- trunk/gpgme/ChangeLog 2005-11-17 16:12:27 UTC (rev 1135) +++ trunk/gpgme/ChangeLog 2005-11-17 18:45:14 UTC (rev 1136) @@ -1,5 +1,22 @@ 2005-11-17 Marcus Brinkmann + * w32-glib-io.c: New file. + * gpgme.def (gpgme_get_giochannel): Add symbol. + * Makefile.am (system_components) [HAVE_DOSISH_SYSTEM]: Remove + w32-io.c. + (ltlib_gpgme_extra): New variable. + (lib_LTLIBRARIES): Add $(ltlib_gpgme_extra). + (system_components_not_extra): New variable. + (libgpgme_la_SOURCES, libgpgme_pthread_la_SOURCES, + (libgpgme_pth_la_SOURCES): Add $(system_components_not_extra). + (libgpgme_glib_la_LDFLAGS, libgpgme_glib_la_DEPENDENCIES, + (libgpgme_glib_la_LIBADD, libgpgme_glib_la_CFLAGS) + [BUILD_W32_GLIB]: New variables. + * gpgme-config.in (glib): New option. + * gpgme.m4 (AM_PATH_GPGME_GLIB): New macro. + +2005-11-17 Marcus Brinkmann + * priv-io.h (_gpgme_io_waitpid, _gpgme_io_kill): Removed. * w32-io.c (_gpgme_io_waitpid, _gpgme_io_kill): Removed. * posix-io.c (_gpgme_io_kill): Removed. Modified: trunk/gpgme/Makefile.am =================================================================== --- trunk/gpgme/Makefile.am 2005-11-17 16:12:27 UTC (rev 1135) +++ trunk/gpgme/Makefile.am 2005-11-17 18:45:14 UTC (rev 1136) @@ -1,4 +1,4 @@ -# Copyright (C) 2000 Werner Koch (dd9jn) + # Copyright (C) 2000 Werner Koch (dd9jn) # Copyright (C) 2001, 2002, 2003, 2004, 2005 g10 Code GmbH # # This file is part of GPGME. @@ -39,8 +39,15 @@ ltlib_gpgme_pth = endif +if BUILD_W32_GLIB +ltlib_gpgme_extra = libgpgme-glib.la +else +ltlib_gpgme_extra = +endif + noinst_LTLIBRARIES = libgpgme-real.la -lib_LTLIBRARIES = libgpgme.la $(ltlib_gpgme_pthread) $(ltlib_gpgme_pth) +lib_LTLIBRARIES = libgpgme.la $(ltlib_gpgme_extra) \ + $(ltlib_gpgme_pthread) $(ltlib_gpgme_pth) if HAVE_LD_VERSION_SCRIPT libgpgme_version_script_cmd = -Wl,--version-script=$(srcdir)/libgpgme.vers @@ -57,9 +64,11 @@ endif if HAVE_DOSISH_SYSTEM -system_components = w32-util.c w32-sema.c w32-io.c +system_components = w32-util.c w32-sema.c +system_components_not_extra = w32-io.c else system_components = ath.h posix-util.c posix-sema.c posix-io.c +system_components_not_extra = endif if HAVE_GPGSM @@ -83,10 +92,15 @@ $(gpgsm_components) sema.h priv-io.h $(system_components) \ debug.c debug.h gpgme.c version.c error.c -libgpgme_la_SOURCES = ath.h ath.c -libgpgme_pthread_la_SOURCES = ath.h ath-pthread.c -libgpgme_pth_la_SOURCES = ath.h ath-pth.c +libgpgme_la_SOURCES = ath.h ath.c $(system_components_not_extra) +libgpgme_pthread_la_SOURCES = \ + ath.h ath-pthread.c $(system_components_not_extra) +libgpgme_pth_la_SOURCES = ath.h ath-pth.c $(system_components_not_extra) +if BUILD_W32_GLIB +libgpgme_glib_la_SOURCES = ath.h ath.c w32-glib-io.c +endif + AM_CPPFLAGS = $(assuan_cppflags) @GPG_ERROR_CFLAGS@ @@ -149,6 +163,17 @@ libgpgme_pth_la_LIBADD = libgpgme-real.la $(assuan_libobjs) @LTLIBOBJS@ \ @PTH_LIBS@ @GPG_ERROR_LIBS@ +if BUILD_W32_GLIB +libgpgme_glib_la_LDFLAGS = $(gpgme_res_ldflag) $(no_undefined) \ + $(export_symbols) $(libgpgme_version_script_cmd) -version-info \ + @LIBGPGME_LT_CURRENT@:@LIBGPGME_LT_REVISION@:@LIBGPGME_LT_AGE@ +libgpgme_glib_la_CFLAGS = $(AM_CFLAGS) @GLIB_CFLAGS@ +libgpgme_glib_la_DEPENDENCIES = libgpgme-real.la $(assuan_libobjs) \ + @LTLIBOBJS@ $(srcdir)/libgpgme.vers $(gpgme_deps) +libgpgme_glib_la_LIBADD = libgpgme-real.la $(assuan_libobjs) @LTLIBOBJS@ \ + @GPG_ERROR_LIBS@ @GLIB_LIBS@ +endif + status-table.h : gpgme.h $(srcdir)/mkstatus < $(srcdir)/gpgme.h > status-table.h Modified: trunk/gpgme/gpgme-config.in =================================================================== --- trunk/gpgme/gpgme-config.in 2005-11-17 16:12:27 UTC (rev 1135) +++ trunk/gpgme/gpgme-config.in 2005-11-17 18:45:14 UTC (rev 1136) @@ -25,9 +25,10 @@ libs_pth="@PTH_LDFLAGS@ @PTH_LIBS@" cflags_pth="@PTH_CFLAGS@" -@HAVE_PTHREAD_TRUE@thread_modules="$thread_modules pthread" -libs_pthread="-lpthread" -cflags_pthread="" +# Configure glib. +libs_glib="@GLIB_LIBS@" +cflags_glib="@GLIB_CFLAGS@" +with_glib= output="" @@ -74,6 +75,9 @@ --exec-prefix) output="$output $exec_prefix" ;; + --glib) + with_glib=yes + ;; --version) echo "@VERSION@" exit 0 @@ -95,6 +99,9 @@ ;; esac output="$output $gpg_error_cflags" + if test "x$with_glib" = "xyes"; then + output="$output $glib_cflags" + fi ;; --libs) if test "x$libdir" != "x/usr/lib" -a "x$libdir" != "x/lib"; then @@ -105,12 +112,20 @@ output="$output -lgpgme-pthread $libs_pthread" ;; pth) - output="$output -lgpgme-pth $libs_pth" + output="$output -lgpgme-pth $libs_pth" ;; *) - output="$output -lgpgme" + if test "x$with_glib" = "xyes"; then + output="$output -lgpgme-glib" + else + output="$output -lgpgme" + fi + ;; esac output="$output $gpg_error_libs" + if test "x$with_glib" = "xyes"; then + output="$output $glib_cflags" + fi ;; --thread=*) for thread_mod in $thread_modules; do Modified: trunk/gpgme/gpgme.def =================================================================== --- trunk/gpgme/gpgme.def 2005-11-17 16:12:27 UTC (rev 1135) +++ trunk/gpgme/gpgme.def 2005-11-17 18:45:14 UTC (rev 1136) @@ -152,5 +152,7 @@ gpgme_sig_notation_get @119 gpgme_free @120 + + gpgme_get_giochannel @121 ; END Modified: trunk/gpgme/gpgme.m4 =================================================================== --- trunk/gpgme/gpgme.m4 2005-11-17 16:12:27 UTC (rev 1135) +++ trunk/gpgme/gpgme.m4 2005-11-17 18:45:14 UTC (rev 1136) @@ -236,3 +236,72 @@ AC_SUBST(GPGME_PTHREAD_CFLAGS) AC_SUBST(GPGME_PTHREAD_LIBS) ]) + + +dnl AM_PATH_GPGME_GLIB([MINIMUM-VERSION, +dnl [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND ]]]) +dnl Test for libgpgme-glib and define GPGME_GLIB_CFLAGS and GPGME_GLIB_LIBS. +dnl +AC_DEFUN([AM_PATH_GPGME_GLIB], +[ AC_REQUIRE([_AM_PATH_GPGME_CONFIG])dnl + tmp=ifelse([$1], ,1:0.4.2,$1) + if echo "$tmp" | grep ':' >/dev/null 2>/dev/null ; then + req_gpgme_api=`echo "$tmp" | sed 's/\(.*\):\(.*\)/\1/'` + min_gpgme_version=`echo "$tmp" | sed 's/\(.*\):\(.*\)/\2/'` + else + req_gpgme_api=0 + min_gpgme_version="$tmp" + fi + + AC_MSG_CHECKING(for GPGME - version >= $min_gpgme_version) + ok=no + if test "$GPGME_CONFIG" != "no" ; then + req_major=`echo $min_gpgme_version | \ + sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\1/'` + req_minor=`echo $min_gpgme_version | \ + sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\2/'` + req_micro=`echo $min_gpgme_version | \ + sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\3/'` + if test "$gpgme_version_major" -gt "$req_major"; then + ok=yes + else + if test "$gpgme_version_major" -eq "$req_major"; then + if test "$gpgme_version_minor" -gt "$req_minor"; then + ok=yes + else + if test "$gpgme_version_minor" -eq "$req_minor"; then + if test "$gpgme_version_micro" -ge "$req_micro"; then + ok=yes + fi + fi + fi + fi + fi + fi + if test $ok = yes; then + # If we have a recent GPGME, we should also check that the + # API is compatible. + if test "$req_gpgme_api" -gt 0 ; then + tmp=`$GPGME_CONFIG --api-version 2>/dev/null || echo 0` + if test "$tmp" -gt 0 ; then + if test "$req_gpgme_api" -ne "$tmp" ; then + ok=no + fi + fi + fi + fi + if test $ok = yes; then + GPGME_GLIB_CFLAGS=`$GPGME_CONFIG --glib --cflags` + GPGME_GLIB_LIBS=`$GPGME_CONFIG --glib --libs` + AC_MSG_RESULT(yes) + ifelse([$2], , :, [$2]) + else + GPGME_GLIB_CFLAGS="" + GPGME_GLIB_LIBS="" + AC_MSG_RESULT(no) + ifelse([$3], , :, [$3]) + fi + AC_SUBST(GPGME_GLIB_CFLAGS) + AC_SUBST(GPGME_GLIB_LIBS) +]) + Added: trunk/gpgme/w32-glib-io.c =================================================================== --- trunk/gpgme/w32-glib-io.c 2005-11-17 16:12:27 UTC (rev 1135) +++ trunk/gpgme/w32-glib-io.c 2005-11-17 18:45:14 UTC (rev 1136) @@ -0,0 +1,502 @@ +/* w32-glib-io.c - W32 Glib I/O functions + Copyright (C) 2000 Werner Koch (dd9jn) + Copyright (C) 2001, 2002, 2004, 2005 g10 Code GmbH + + This file is part of GPGME. + + GPGME is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as + published by the Free Software Foundation; either version 2.1 of + the License, or (at your option) any later version. + + GPGME is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA + 02111-1307, USA. */ + +#ifdef HAVE_CONFIG_H +#include +#endif +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "util.h" +#include "priv-io.h" +#include "sema.h" +#include "debug.h" + +#include + + +static GIOChannel *giochannel_table[256]; + +static HANDLE handle_table[256]; +#define fd_to_handle(x) handle_table[x] + +static GIOChannel * +find_channel (int fd, int create) +{ + if (fd < 0 || fd > (int) DIM (giochannel_table)) + return NULL; + + if (giochannel_table[fd] == NULL && create) + giochannel_table[fd] = g_io_channel_unix_new (fd); + + return giochannel_table[fd]; +} + + +/* Look up the giochannel for file descriptor FD. */ +GIOChannel * +gpgme_get_giochannel (int fd) +{ + return find_channel (fd, 0); +} + + +void +_gpgme_io_subsystem_init (void) +{ +} + + +static struct +{ + void (*handler) (int,void*); + void *value; +} notify_table[256]; + +int +_gpgme_io_read (int fd, void *buffer, size_t count) +{ + int saved_errno = 0; + gsize nread; + GIOChannel *chan; + GIOStatus status; + + DEBUG2 ("fd %d: about to read %d bytes\n", fd, (int) count); + + chan = find_channel (fd, 0); + if (!chan) + { + DEBUG1 ("fd %d: no channel registered\n", fd); + errno = EINVAL; + return -1; + } + + status = g_io_channel_read_chars (chan, (gchar *) buffer, + count, &nread, NULL); + if (status == G_IO_STATUS_EOF) + nread = 0; + else if (status != G_IO_STATUS_NORMAL) + { + nread = -1; + saved_errno = EIO; + } + + DEBUG2 ("fd %d: got %d bytes\n", fd, nread); + if (nread > 0) + _gpgme_debug (2, "fd %d: got `%.*s'\n", fd, nread, buffer); + + errno = saved_errno; + return nread; +} + + +int +_gpgme_io_write (int fd, const void *buffer, size_t count) +{ + int saved_errno = 0; + gsize nwritten; + GIOChannel *chan; + GIOStatus status; + + DEBUG2 ("fd %d: about to write %d bytes\n", fd, (int) count); + _gpgme_debug (2, "fd %d: write `%.*s'\n", fd, (int) count, buffer); + + chan = find_channel (fd, 0); + if (!chan) + { + DEBUG1 ("fd %d: no channel registered\n", fd); + errno = EINVAL; + return -1; + } + + status = g_io_channel_write_chars (chan, (gchar *) buffer, count, + &nwritten, NULL); + if (status != G_IO_STATUS_NORMAL) + { + nwritten = -1; + saved_errno = EIO; + } + DEBUG2 ("fd %d: wrote %d bytes\n", fd, (int) nwritten); + errno = saved_errno; + return nwritten; +} + + +int +_gpgme_io_pipe ( int filedes[2], int inherit_idx ) +{ + HANDLE r, w; + SECURITY_ATTRIBUTES sec_attr; + + memset (&sec_attr, 0, sizeof sec_attr ); + sec_attr.nLength = sizeof sec_attr; + sec_attr.bInheritHandle = FALSE; + +#define PIPEBUF_SIZE 4096 + if (!CreatePipe ( &r, &w, &sec_attr, PIPEBUF_SIZE)) + return -1; + /* Make one end inheritable. */ + if ( inherit_idx == 0 ) { + HANDLE h; + if (!DuplicateHandle( GetCurrentProcess(), r, + GetCurrentProcess(), &h, 0, + TRUE, DUPLICATE_SAME_ACCESS ) ) { + DEBUG1 ("DuplicateHandle failed: ec=%d\n", (int)GetLastError()); + CloseHandle (r); + CloseHandle (w); + return -1; + } + CloseHandle (r); + r = h; + } + else if ( inherit_idx == 1 ) { + HANDLE h; + if (!DuplicateHandle( GetCurrentProcess(), w, + GetCurrentProcess(), &h, 0, + TRUE, DUPLICATE_SAME_ACCESS ) ) { + DEBUG1 ("DuplicateHandle failed: ec=%d\n", (int)GetLastError()); + CloseHandle (r); + CloseHandle (w); + return -1; + } + CloseHandle (w); + w = h; + } + filedes[0] = _open_osfhandle ((long) r, 0 ); + if (filedes[0] == -1) + { + DEBUG1 ("_open_osfhandle failed: ec=%d\n", errno); + CloseHandle (r); + CloseHandle (w); + return -1; + } + filedes[1] = _open_osfhandle ((long) w, 0 ); + { + DEBUG1 ("_open_osfhandle failed: ec=%d\n", errno); + _gpgme_io_close (filedes[0]); + CloseHandle (r); + CloseHandle (w); + return -1; + } + + /* The fd that is not inherited will be used locally. Create a + channel for it. */ + if (inherit_idx == 0) + { + if (!find_channel (filedes[1], 1)) + { + DEBUG1 ("channel creation failed for %d\n", filedes[1]); + _gpgme_io_close (filedes[0]); + _gpgme_io_close (filedes[1]); + CloseHandle (r); + CloseHandle (w); + return -1; + } + } + else + { + if (!find_channel (filedes[0], 1)) + { + DEBUG1 ("channel creation failed for %d\n", filedes[1]); + _gpgme_io_close (filedes[0]); + _gpgme_io_close (filedes[1]); + CloseHandle (r); + CloseHandle (w); + return -1; + } + } + + /* Remember the handles for later. */ + handle_table[filedes[0]] = r; + handle_table[filedes[1]] = w; + + DEBUG5 ("CreatePipe %p %p %d %d inherit=%d\n", r, w, + filedes[0], filedes[1], inherit_idx ); + return 0; +} + + +int +_gpgme_io_close (int fd) +{ + GIOChannel *chan; + + if (fd == -1) + return -1; + + /* First call the notify handler. */ + DEBUG1 ("closing fd %d", fd); + if (fd >= 0 && fd < (int) DIM (notify_table)) + { + if (notify_table[fd].handler) + { + notify_table[fd].handler (fd, notify_table[fd].value); + notify_table[fd].handler = NULL; + notify_table[fd].value = NULL; + } + } + /* Then do the close. */ + chan = find_channel (fd, 0); + if (chan) + { + g_io_channel_shutdown (chan, 1, NULL); + g_io_channel_unref (chan); + giochannel_table[fd] = NULL; + return 0; + } + else + return close (fd); +} + + +int +_gpgme_io_set_close_notify (int fd, void (*handler)(int, void*), void *value) +{ + assert (fd != -1); + + if (fd < 0 || fd >= (int) DIM (notify_table)) + return -1; + DEBUG1 ("set notification for fd %d", fd); + notify_table[fd].handler = handler; + notify_table[fd].value = value; + return 0; +} + + +int +_gpgme_io_set_nonblocking (int fd) +{ + GIOChannel *chan; + GIOStatus status; + + chan = find_channel (fd, 0); + if (!chan) + { + errno = EIO; + return -1; + } + + status = g_io_channel_set_flags (chan, + g_io_channel_get_flags (chan) | + G_IO_FLAG_NONBLOCK, NULL); + if (status != G_IO_STATUS_NORMAL) + { + errno = EIO; + return -1; + } + + return 0; +} + + +static char * +build_commandline ( char **argv ) +{ + int i, n = 0; + char *buf, *p; + + /* FIXME: we have to quote some things because under Windows the + * program parses the commandline and does some unquoting. For now + * we only do very basic quoting to the first argument because this + * one often contains a space (e.g. C:\\Program Files\GNU\GnuPG\gpg.exe) + * and we would produce an invalid line in that case. */ + for (i=0; argv[i]; i++) + n += strlen (argv[i]) + 2 + 1; /* 2 extra bytes for possible quoting */ + buf = p = malloc (n); + if ( !buf ) + return NULL; + *buf = 0; + if ( argv[0] ) + { + if (strpbrk (argv[0], " \t")) + p = stpcpy (stpcpy (stpcpy (p, "\""), argv[0]), "\""); + else + p = stpcpy (p, argv[0]); + for (i = 1; argv[i]; i++) + { + if (!*argv[i]) + p = stpcpy (p, " \"\""); + else + p = stpcpy (stpcpy (p, " "), argv[i]); + } + } + + return buf; +} + + +int +_gpgme_io_spawn ( const char *path, char **argv, + struct spawn_fd_item_s *fd_child_list, + struct spawn_fd_item_s *fd_parent_list ) +{ + SECURITY_ATTRIBUTES sec_attr; + PROCESS_INFORMATION pi = { + NULL, /* returns process handle */ + 0, /* returns primary thread handle */ + 0, /* returns pid */ + 0 /* returns tid */ + }; + STARTUPINFO si; + char *envblock = NULL; + int cr_flags = CREATE_DEFAULT_ERROR_MODE + | GetPriorityClass (GetCurrentProcess ()); + int i; + char *arg_string; + int duped_stdin = 0; + int duped_stderr = 0; + HANDLE hnul = INVALID_HANDLE_VALUE; + /* FIXME. */ + int debug_me = 0; + + memset (&sec_attr, 0, sizeof sec_attr ); + sec_attr.nLength = sizeof sec_attr; + sec_attr.bInheritHandle = FALSE; + + arg_string = build_commandline ( argv ); + if (!arg_string ) + return -1; + + memset (&si, 0, sizeof si); + si.cb = sizeof (si); + si.dwFlags = STARTF_USESTDHANDLES | STARTF_USESHOWWINDOW; + si.wShowWindow = debug_me? SW_SHOW : SW_HIDE; + si.hStdInput = GetStdHandle (STD_INPUT_HANDLE); + si.hStdOutput = GetStdHandle (STD_OUTPUT_HANDLE); + si.hStdError = GetStdHandle (STD_ERROR_HANDLE); + + for (i=0; fd_child_list[i].fd != -1; i++ ) { + if (fd_child_list[i].dup_to == 0 ) { + si.hStdInput = fd_to_handle (fd_child_list[i].fd); + DEBUG1 ("using %d for stdin", fd_child_list[i].fd ); + duped_stdin=1; + } + else if (fd_child_list[i].dup_to == 1 ) { + si.hStdOutput = fd_to_handle (fd_child_list[i].fd); + DEBUG1 ("using %d for stdout", fd_child_list[i].fd ); + } + else if (fd_child_list[i].dup_to == 2 ) { + si.hStdError = fd_to_handle (fd_child_list[i].fd); + DEBUG1 ("using %d for stderr", fd_child_list[i].fd ); + duped_stderr = 1; + } + } + + if( !duped_stdin || !duped_stderr ) { + SECURITY_ATTRIBUTES sa; + + memset (&sa, 0, sizeof sa ); + sa.nLength = sizeof sa; + sa.bInheritHandle = TRUE; + hnul = CreateFile ( "nul", + GENERIC_READ|GENERIC_WRITE, + FILE_SHARE_READ|FILE_SHARE_WRITE, + &sa, + OPEN_EXISTING, + FILE_ATTRIBUTE_NORMAL, + NULL ); + if ( hnul == INVALID_HANDLE_VALUE ) { + DEBUG1 ("can't open `nul': ec=%d\n", (int)GetLastError ()); + free (arg_string); + return -1; + } + /* Make sure that the process has a connected stdin */ + if ( !duped_stdin ) { + si.hStdInput = hnul; + DEBUG1 ("using %d for dummy stdin", (int)hnul ); + } + /* We normally don't want all the normal output */ + if ( !duped_stderr ) { + si.hStdError = hnul; + DEBUG1 ("using %d for dummy stderr", (int)hnul ); + } + } + + DEBUG2 ("CreateProcess, path=`%s' args=`%s'", path, arg_string); + cr_flags |= CREATE_SUSPENDED; + if ( !CreateProcessA (path, + arg_string, + &sec_attr, /* process security attributes */ + &sec_attr, /* thread security attributes */ + TRUE, /* inherit handles */ + cr_flags, /* creation flags */ + envblock, /* environment */ + NULL, /* use current drive/directory */ + &si, /* startup information */ + &pi /* returns process information */ + ) ) { + DEBUG1 ("CreateProcess failed: ec=%d\n", (int) GetLastError ()); + free (arg_string); + return -1; + } + + /* Close the /dev/nul handle if used. */ + if (hnul != INVALID_HANDLE_VALUE ) { + if ( !CloseHandle ( hnul ) ) + DEBUG1 ("CloseHandle(hnul) failed: ec=%d\n", (int)GetLastError()); + } + + /* Close the other ends of the pipes. */ + for (i = 0; fd_parent_list[i].fd != -1; i++) + _gpgme_io_close (fd_parent_list[i].fd); + + DEBUG4 ("CreateProcess ready\n" + "- hProcess=%p hThread=%p\n" + "- dwProcessID=%d dwThreadId=%d\n", + pi.hProcess, pi.hThread, + (int) pi.dwProcessId, (int) pi.dwThreadId); + + if ( ResumeThread ( pi.hThread ) < 0 ) { + DEBUG1 ("ResumeThread failed: ec=%d\n", (int)GetLastError ()); + } + + if ( !CloseHandle (pi.hThread) ) { + DEBUG1 ("CloseHandle of thread failed: ec=%d\n", + (int)GetLastError ()); + } + + return 0; +} + + +/* + * Select on the list of fds. + * Returns: -1 = error + * 0 = timeout or nothing to select + * >0 = number of signaled fds + */ +int +_gpgme_io_select (struct io_select_fd_s *fds, size_t nfds, int nonblock) +{ + assert (!"ARGH! The user of this library MUST define io callbacks!"); + errno = EINVAL; + return -1; +} Modified: trunk/gpgme/w32-io.c =================================================================== --- trunk/gpgme/w32-io.c 2005-11-17 16:12:27 UTC (rev 1135) +++ trunk/gpgme/w32-io.c 2005-11-17 18:45:14 UTC (rev 1136) @@ -1091,4 +1091,13 @@ } + +/* The following interface is only useful for GPGME Glib. */ +/* Look up the giochannel for file descriptor FD. */ +void * +gpgme_get_giochannel (int fd) +{ + return NULL; +} + Modified: trunk/m4/ChangeLog =================================================================== --- trunk/m4/ChangeLog 2005-11-17 16:12:27 UTC (rev 1135) +++ trunk/m4/ChangeLog 2005-11-17 18:45:14 UTC (rev 1136) @@ -1,3 +1,7 @@ +2005-11-17 Marcus Brinkmann + + * glib-2.0.m4: New file. + 2004-12-28 Werner Koch * pth.m4: Changed quoting for use with automake 1.9. From cvs at cvs.gnupg.org Thu Nov 17 19:45:31 2005 From: cvs at cvs.gnupg.org (svn author marcus) Date: Thu Nov 17 19:12:28 2005 Subject: [svn] gpgme - r1137 - trunk/m4 Message-ID: Author: marcus Date: 2005-11-17 19:45:30 +0100 (Thu, 17 Nov 2005) New Revision: 1137 Added: trunk/m4/glib-2.0.m4 Log: 2005-11-17 Marcus Brinkmann * configure.ac: Add support for --enable-w32-glib (disabled by default). Invoke AM_PATH_GLIB_2_0. gpgme/ 2005-11-17 Marcus Brinkmann * w32-glib-io.c: New file. * gpgme.def (gpgme_get_giochannel): Add symbol. * Makefile.am (system_components) [HAVE_DOSISH_SYSTEM]: Remove w32-io.c. (ltlib_gpgme_extra): New variable. (lib_LTLIBRARIES): Add $(ltlib_gpgme_extra). (system_components_not_extra): New variable. (libgpgme_la_SOURCES, libgpgme_pthread_la_SOURCES, (libgpgme_pth_la_SOURCES): Add $(system_components_not_extra). (libgpgme_glib_la_LDFLAGS, libgpgme_glib_la_DEPENDENCIES, (libgpgme_glib_la_LIBADD, libgpgme_glib_la_CFLAGS) [BUILD_W32_GLIB]: New variables. * gpgme-config.in (glib): New option. * gpgme.m4 (AM_PATH_GPGME_GLIB): New macro. m4/ 2005-11-17 Marcus Brinkmann * glib-2.0.m4: New file. Added: trunk/m4/glib-2.0.m4 =================================================================== --- trunk/m4/glib-2.0.m4 2005-11-17 18:45:14 UTC (rev 1136) +++ trunk/m4/glib-2.0.m4 2005-11-17 18:45:30 UTC (rev 1137) @@ -0,0 +1,215 @@ +# Configure paths for GLIB +# Owen Taylor 1997-2001 + +dnl AM_PATH_GLIB_2_0([MINIMUM-VERSION, [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND [, MODULES]]]]) +dnl Test for GLIB, and define GLIB_CFLAGS and GLIB_LIBS, if gmodule, gobject or +dnl gthread is specified in MODULES, pass to pkg-config +dnl +AC_DEFUN([AM_PATH_GLIB_2_0], +[dnl +dnl Get the cflags and libraries from pkg-config +dnl +AC_ARG_ENABLE(glibtest, [ --disable-glibtest do not try to compile and run a test GLIB program], + , enable_glibtest=yes) + + pkg_config_args=glib-2.0 + for module in . $4 + do + case "$module" in + gmodule) + pkg_config_args="$pkg_config_args gmodule-2.0" + ;; + gmodule-no-export) + pkg_config_args="$pkg_config_args gmodule-no-export-2.0" + ;; + gobject) + pkg_config_args="$pkg_config_args gobject-2.0" + ;; + gthread) + pkg_config_args="$pkg_config_args gthread-2.0" + ;; + esac + done + + AC_PATH_PROG(PKG_CONFIG, pkg-config, no) + + no_glib="" + + if test x$PKG_CONFIG != xno ; then + if $PKG_CONFIG --atleast-pkgconfig-version 0.7 ; then + : + else + echo *** pkg-config too old; version 0.7 or better required. + no_glib=yes + PKG_CONFIG=no + fi + else + no_glib=yes + fi + + min_glib_version=ifelse([$1], ,2.0.0,$1) + AC_MSG_CHECKING(for GLIB - version >= $min_glib_version) + + if test x$PKG_CONFIG != xno ; then + ## don't try to run the test against uninstalled libtool libs + if $PKG_CONFIG --uninstalled $pkg_config_args; then + echo "Will use uninstalled version of GLib found in PKG_CONFIG_PATH" + enable_glibtest=no + fi + + if $PKG_CONFIG --atleast-version $min_glib_version $pkg_config_args; then + : + else + no_glib=yes + fi + fi + + if test x"$no_glib" = x ; then + GLIB_GENMARSHAL=`$PKG_CONFIG --variable=glib_genmarshal glib-2.0` + GOBJECT_QUERY=`$PKG_CONFIG --variable=gobject_query glib-2.0` + GLIB_MKENUMS=`$PKG_CONFIG --variable=glib_mkenums glib-2.0` + + GLIB_CFLAGS=`$PKG_CONFIG --cflags $pkg_config_args` + GLIB_LIBS=`$PKG_CONFIG --libs $pkg_config_args` + glib_config_major_version=`$PKG_CONFIG --modversion glib-2.0 | \ + sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\1/'` + glib_config_minor_version=`$PKG_CONFIG --modversion glib-2.0 | \ + sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\2/'` + glib_config_micro_version=`$PKG_CONFIG --modversion glib-2.0 | \ + sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\3/'` + if test "x$enable_glibtest" = "xyes" ; then + ac_save_CFLAGS="$CFLAGS" + ac_save_LIBS="$LIBS" + CFLAGS="$CFLAGS $GLIB_CFLAGS" + LIBS="$GLIB_LIBS $LIBS" +dnl +dnl Now check if the installed GLIB is sufficiently new. (Also sanity +dnl checks the results of pkg-config to some extent) +dnl + rm -f conf.glibtest + AC_TRY_RUN([ +#include +#include +#include + +int +main () +{ + int major, minor, micro; + char *tmp_version; + + system ("touch conf.glibtest"); + + /* HP/UX 9 (%@#!) writes to sscanf strings */ + tmp_version = g_strdup("$min_glib_version"); + if (sscanf(tmp_version, "%d.%d.%d", &major, &minor, µ) != 3) { + printf("%s, bad version string\n", "$min_glib_version"); + exit(1); + } + + if ((glib_major_version != $glib_config_major_version) || + (glib_minor_version != $glib_config_minor_version) || + (glib_micro_version != $glib_config_micro_version)) + { + printf("\n*** 'pkg-config --modversion glib-2.0' returned %d.%d.%d, but GLIB (%d.%d.%d)\n", + $glib_config_major_version, $glib_config_minor_version, $glib_config_micro_version, + glib_major_version, glib_minor_version, glib_micro_version); + printf ("*** was found! If pkg-config was correct, then it is best\n"); + printf ("*** to remove the old version of GLib. You may also be able to fix the error\n"); + printf("*** by modifying your LD_LIBRARY_PATH enviroment variable, or by editing\n"); + printf("*** /etc/ld.so.conf. Make sure you have run ldconfig if that is\n"); + printf("*** required on your system.\n"); + printf("*** If pkg-config was wrong, set the environment variable PKG_CONFIG_PATH\n"); + printf("*** to point to the correct configuration files\n"); + } + else if ((glib_major_version != GLIB_MAJOR_VERSION) || + (glib_minor_version != GLIB_MINOR_VERSION) || + (glib_micro_version != GLIB_MICRO_VERSION)) + { + printf("*** GLIB header files (version %d.%d.%d) do not match\n", + GLIB_MAJOR_VERSION, GLIB_MINOR_VERSION, GLIB_MICRO_VERSION); + printf("*** library (version %d.%d.%d)\n", + glib_major_version, glib_minor_version, glib_micro_version); + } + else + { + if ((glib_major_version > major) || + ((glib_major_version == major) && (glib_minor_version > minor)) || + ((glib_major_version == major) && (glib_minor_version == minor) && (glib_micro_version >= micro))) + { + return 0; + } + else + { + printf("\n*** An old version of GLIB (%d.%d.%d) was found.\n", + glib_major_version, glib_minor_version, glib_micro_version); + printf("*** You need a version of GLIB newer than %d.%d.%d. The latest version of\n", + major, minor, micro); + printf("*** GLIB is always available from ftp://ftp.gtk.org.\n"); + printf("***\n"); + printf("*** If you have already installed a sufficiently new version, this error\n"); + printf("*** probably means that the wrong copy of the pkg-config shell script is\n"); + printf("*** being found. The easiest way to fix this is to remove the old version\n"); + printf("*** of GLIB, but you can also set the PKG_CONFIG environment to point to the\n"); + printf("*** correct copy of pkg-config. (In this case, you will have to\n"); + printf("*** modify your LD_LIBRARY_PATH enviroment variable, or edit /etc/ld.so.conf\n"); + printf("*** so that the correct libraries are found at run-time))\n"); + } + } + return 1; +} +],, no_glib=yes,[echo $ac_n "cross compiling; assumed OK... $ac_c"]) + CFLAGS="$ac_save_CFLAGS" + LIBS="$ac_save_LIBS" + fi + fi + if test "x$no_glib" = x ; then + AC_MSG_RESULT(yes (version $glib_config_major_version.$glib_config_minor_version.$glib_config_micro_version)) + ifelse([$2], , :, [$2]) + else + AC_MSG_RESULT(no) + if test "$PKG_CONFIG" = "no" ; then + echo "*** A new enough version of pkg-config was not found." + echo "*** See http://www.freedesktop.org/software/pkgconfig/" + else + if test -f conf.glibtest ; then + : + else + echo "*** Could not run GLIB test program, checking why..." + ac_save_CFLAGS="$CFLAGS" + ac_save_LIBS="$LIBS" + CFLAGS="$CFLAGS $GLIB_CFLAGS" + LIBS="$LIBS $GLIB_LIBS" + AC_TRY_LINK([ +#include +#include +], [ return ((glib_major_version) || (glib_minor_version) || (glib_micro_version)); ], + [ echo "*** The test program compiled, but did not run. This usually means" + echo "*** that the run-time linker is not finding GLIB or finding the wrong" + echo "*** version of GLIB. If it is not finding GLIB, you'll need to set your" + echo "*** LD_LIBRARY_PATH environment variable, or edit /etc/ld.so.conf to point" + echo "*** to the installed location Also, make sure you have run ldconfig if that" + echo "*** is required on your system" + echo "***" + echo "*** If you have an old version installed, it is best to remove it, although" + echo "*** you may also be able to get things to work by modifying LD_LIBRARY_PATH" ], + [ echo "*** The test program failed to compile or link. See the file config.log for the" + echo "*** exact error that occured. This usually means GLIB is incorrectly installed."]) + CFLAGS="$ac_save_CFLAGS" + LIBS="$ac_save_LIBS" + fi + fi + GLIB_CFLAGS="" + GLIB_LIBS="" + GLIB_GENMARSHAL="" + GOBJECT_QUERY="" + GLIB_MKENUMS="" + ifelse([$3], , :, [$3]) + fi + AC_SUBST(GLIB_CFLAGS) + AC_SUBST(GLIB_LIBS) + AC_SUBST(GLIB_GENMARSHAL) + AC_SUBST(GOBJECT_QUERY) + AC_SUBST(GLIB_MKENUMS) + rm -f conf.glibtest +]) From cvs at cvs.gnupg.org Fri Nov 18 05:25:09 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Fri Nov 18 04:52:04 2005 Subject: [svn] GnuPG - r3940 - trunk/g10 Message-ID: Author: dshaw Date: 2005-11-18 05:25:07 +0100 (Fri, 18 Nov 2005) New Revision: 3940 Modified: trunk/g10/ChangeLog trunk/g10/export.c trunk/g10/import.c trunk/g10/keyedit.c trunk/g10/options.h trunk/g10/trustdb.c trunk/g10/trustdb.h Log: * keyedit.c (keyedit_menu, menu_clean): Simplify clean options to just "clean", and add "minimize". * import.c (parse_import_options): Make help text match the export versions of the options. * options.h, export.c (parse_export_options, do_export_stream): Reduce clean options to two: clean and minimize. * trustdb.h, trustdb.c (clean_one_uid): New function that joins uid and sig cleaning into one for a simple API outside trustdb. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-11-14 13:11:15 UTC (rev 3939) +++ trunk/g10/ChangeLog 2005-11-18 04:25:07 UTC (rev 3940) @@ -1,3 +1,17 @@ +2005-11-17 David Shaw + + * keyedit.c (keyedit_menu, menu_clean): Simplify clean options to + just "clean", and add "minimize". + + * import.c (parse_import_options): Make help text match the export + versions of the options. + + * options.h, export.c (parse_export_options, do_export_stream): + Reduce clean options to two: clean and minimize. + + * trustdb.h, trustdb.c (clean_one_uid): New function that joins + uid and sig cleaning into one for a simple API outside trustdb. + 2005-11-13 David Shaw * armor.c (parse_header_line): A fussy bit of 2440: header lines Modified: trunk/g10/export.c =================================================================== --- trunk/g10/export.c 2005-11-14 13:11:15 UTC (rev 3939) +++ trunk/g10/export.c 2005-11-18 04:25:07 UTC (rev 3940) @@ -47,7 +47,6 @@ typedef struct subkey_list_s *subkey_list_t; - static int do_export( STRLIST users, int secret, unsigned int options ); static int do_export_stream( IOBUF out, STRLIST users, int secret, KBNODE *keyblock_out, unsigned int options, @@ -63,24 +62,21 @@ {"export-attributes",EXPORT_ATTRIBUTES,NULL, N_("export attribute user IDs (generally photo IDs)")}, {"export-sensitive-revkeys",EXPORT_SENSITIVE_REVKEYS,NULL, - N_("export revocation keys that are marked as \"sensitive\"")}, - {"export-clean",EXPORT_CLEAN_SIGS|EXPORT_CLEAN_UIDS,NULL, - N_("all export-clean-* options from above")}, - {"export-clean-sigs",EXPORT_CLEAN_SIGS,NULL, - N_("remove unusable signatures during export")}, - {"export-clean-uids",EXPORT_CLEAN_UIDS,NULL, - N_("remove unusable user IDs during export")}, - {"export-minimal", - EXPORT_MINIMAL|EXPORT_CLEAN_SIGS|EXPORT_CLEAN_UIDS,NULL, - N_("remove unusable user IDs and all signatures during export")}, + N_("export revocation keys marked as \"sensitive\"")}, {"export-reset-subkey-passwd",EXPORT_RESET_SUBKEY_PASSWD,NULL, N_("remove the passphrase from exported subkeys")}, + {"export-clean",EXPORT_CLEAN,NULL, + N_("remove unusable parts from key during export")}, + {"export-minimal",EXPORT_MINIMAL|EXPORT_CLEAN,NULL, + N_("remove as much as possible from key during export")}, /* Aliases for backward compatibility */ {"include-local-sigs",EXPORT_LOCAL_SIGS,NULL,NULL}, {"include-attributes",EXPORT_ATTRIBUTES,NULL,NULL}, {"include-sensitive-revkeys",EXPORT_SENSITIVE_REVKEYS,NULL,NULL}, /* dummy */ {"export-unusable-sigs",0,NULL,NULL}, + {"export-clean-sigs",0,NULL,NULL}, + {"export-clean-uids",0,NULL,NULL}, {NULL,0,NULL,NULL} /* add tags for include revoked and disabled? */ }; @@ -381,9 +377,14 @@ } else { - /* It's a public key export. */ - if(options&EXPORT_CLEAN_UIDS) - clean_uids_from_key(keyblock,opt.verbose); + /* It's a public key export, so do the cleaning if + requested. Note that both export-clean and + export-minimal only apply to UID sigs (0x10, 0x11, + 0x12, and 0x13). A designated revocation is never + stripped, even with export-minimal set. */ + + if(options&EXPORT_CLEAN) + clean_key(keyblock,opt.verbose,options&EXPORT_MINIMAL,NULL,NULL); } /* And write it. */ @@ -455,20 +456,8 @@ } } - if(node->pkt->pkttype==PKT_USER_ID) + if(node->pkt->pkttype==PKT_SIGNATURE) { - /* Run clean_sigs_from_uid against each uid if - export-clean-sigs is on. export-minimal causes it - to remove all non-selfsigs as well. Note that - export-minimal only applies to UID sigs (0x10, - 0x11, 0x12, and 0x13). A designated revocation is - not stripped. */ - if(options&EXPORT_CLEAN_SIGS) - clean_sigs_from_uid(keyblock,node, - opt.verbose,options&EXPORT_MINIMAL); - } - else if(node->pkt->pkttype==PKT_SIGNATURE) - { /* do not export packets which are marked as not exportable */ if(!(options&EXPORT_LOCAL_SIGS) Modified: trunk/g10/import.c =================================================================== --- trunk/g10/import.c 2005-11-14 13:11:15 UTC (rev 3939) +++ trunk/g10/import.c 2005-11-18 04:25:07 UTC (rev 3940) @@ -102,18 +102,16 @@ {"merge-only",IMPORT_MERGE_ONLY,NULL, N_("only accept updates to existing keys")}, {"import-clean",IMPORT_CLEAN,NULL, - N_("remove unusable user IDs and signatures after import")}, - {"import-clean-sigs",0,NULL,NULL}, - {"import-clean-uids",0,NULL,NULL}, + N_("remove unusable parts from key after import")}, {"import-minimal",IMPORT_MINIMAL|IMPORT_CLEAN,NULL, - N_("remove unusable user IDs and all signatures after import")}, - /* Alias */ - {"import-minimize",IMPORT_MINIMAL|IMPORT_CLEAN,NULL,NULL}, + N_("remove as much as possible from key after import")}, /* Aliases for backward compatibility */ {"allow-local-sigs",IMPORT_LOCAL_SIGS,NULL,NULL}, {"repair-hkp-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG,NULL,NULL}, /* dummy */ {"import-unusable-sigs",0,NULL,NULL}, + {"import-clean-sigs",0,NULL,NULL}, + {"import-clean-uids",0,NULL,NULL}, {NULL,0,NULL,NULL} }; Modified: trunk/g10/keyedit.c =================================================================== --- trunk/g10/keyedit.c 2005-11-14 13:11:15 UTC (rev 3939) +++ trunk/g10/keyedit.c 2005-11-18 04:25:07 UTC (rev 3940) @@ -57,8 +57,7 @@ int photo, const char *photo_name ); static void menu_deluid( KBNODE pub_keyblock, KBNODE sec_keyblock ); static int menu_delsig( KBNODE pub_keyblock ); -static int menu_clean_sigs_from_uids(KBNODE keyblock,int self_only); -static int menu_clean_uids_from_key(KBNODE keyblock); +static int menu_clean(KBNODE keyblock,int self_only); static void menu_delkey( KBNODE pub_keyblock, KBNODE sec_keyblock ); static int menu_addrevoker( KBNODE pub_keyblock, KBNODE sec_keyblock, int sensitive ); @@ -1442,13 +1441,12 @@ { "disable" , cmdDISABLEKEY, KEYEDIT_NOT_SK, N_("disable key") }, { "showphoto",cmdSHOWPHOTO , 0, N_("show selected photo IDs") }, { "clean", cmdCLEAN , KEYEDIT_NOT_SK, - N_("clean unusable parts from key") }, + N_("compact unusable user IDs and remove unusable signatures from key")}, { "minimize", cmdMINIMIZE , KEYEDIT_NOT_SK, - N_("clean unusable parts from key and remove all signatures") }, + N_("compact unusable user IDs and remove all signatures from key") }, { NULL, cmdNONE, 0, NULL } }; - #ifdef HAVE_LIBREADLINE /* These two functions are used by readline for command completion. */ @@ -2175,32 +2173,11 @@ break; case cmdCLEAN: - { - if(*arg_string) - { - if(ascii_strcasecmp(arg_string,"sigs")==0 - || ascii_strcasecmp(arg_string,"signatures")==0 - || ascii_strcasecmp(arg_string,"certs")==0 - || ascii_strcasecmp(arg_string,"certificates")==0) - modified=menu_clean_sigs_from_uids(keyblock,0); - else if(ascii_strcasecmp(arg_string,"uids")==0) - redisplay=modified=menu_clean_uids_from_key(keyblock); - else - tty_printf("Unable to clean `%s'\n",arg_string); - } - else - { - modified=menu_clean_sigs_from_uids(keyblock,0); - modified+=menu_clean_uids_from_key(keyblock); - redisplay=modified; - } - } + redisplay=modified=menu_clean(keyblock,0); break; case cmdMINIMIZE: - modified=menu_clean_sigs_from_uids(keyblock,1); - modified+=menu_clean_uids_from_key(keyblock); - redisplay=modified; + redisplay=modified=menu_clean(keyblock,1); break; case cmdQUIT: @@ -3192,73 +3169,54 @@ } static int -menu_clean_sigs_from_uids(KBNODE keyblock,int self_only) +menu_clean(KBNODE keyblock,int self_only) { KBNODE uidnode; - int modified=0; - int select_all=!count_selected_uids(keyblock); + int modified=0,select_all=!count_selected_uids(keyblock); - for(uidnode=keyblock->next;uidnode;uidnode=uidnode->next) + for(uidnode=keyblock->next; + uidnode && uidnode->pkt->pkttype!=PKT_PUBLIC_SUBKEY; + uidnode=uidnode->next) { if(uidnode->pkt->pkttype==PKT_USER_ID && (uidnode->flag&NODFLG_SELUID || select_all)) { - int deleted; + int uids=0,sigs=0; char *user=utf8_to_native(uidnode->pkt->pkt.user_id->name, uidnode->pkt->pkt.user_id->len, 0); - deleted=clean_sigs_from_uid(keyblock,uidnode,opt.verbose,self_only); - if(deleted) - { - tty_printf(deleted==1? - "User ID \"%s\": %d signature removed.\n": - "User ID \"%s\": %d signatures removed.\n", - user,deleted); - modified=1; - } - else - tty_printf(_("User ID \"%s\": already clean.\n"),user); - xfree(user); - } - } - - return modified; -} - -static int -menu_clean_uids_from_key(KBNODE keyblock) -{ - int modified=clean_uids_from_key(keyblock,0); - - if(modified) - { - KBNODE node; - - for(node=keyblock->next;node;node=node->next) - { - if(node->pkt->pkttype==PKT_USER_ID - && node->pkt->pkt.user_id->flags.compacted) + clean_one_uid(keyblock,uidnode,opt.verbose,self_only,&uids,&sigs); + if(uids) { const char *reason; - char *user=utf8_to_native(node->pkt->pkt.user_id->name, - node->pkt->pkt.user_id->len,0); - if(node->pkt->pkt.user_id->is_revoked) + if(uidnode->pkt->pkt.user_id->is_revoked) reason=_("revoked"); - else if(node->pkt->pkt.user_id->is_expired) + else if(uidnode->pkt->pkt.user_id->is_expired) reason=_("expired"); else reason=_("invalid"); tty_printf("User ID \"%s\" compacted: %s\n",user,reason); - xfree(user); + modified=1; } + else if(sigs) + { + tty_printf(sigs==1? + "User ID \"%s\": %d signature removed\n": + "User ID \"%s\": %d signatures removed\n", + user,sigs); + + modified=1; + } + else + tty_printf(_("User ID \"%s\": already clean\n"),user); + + xfree(user); } } - else - tty_printf("No user IDs are compactable.\n"); return modified; } Modified: trunk/g10/options.h =================================================================== --- trunk/g10/options.h 2005-11-14 13:11:15 UTC (rev 3939) +++ trunk/g10/options.h 2005-11-18 04:25:07 UTC (rev 3940) @@ -271,10 +271,9 @@ #define EXPORT_LOCAL_SIGS (1<<0) #define EXPORT_ATTRIBUTES (1<<1) #define EXPORT_SENSITIVE_REVKEYS (1<<2) -#define EXPORT_MINIMAL (1<<3) -#define EXPORT_CLEAN_SIGS (1<<4) -#define EXPORT_CLEAN_UIDS (1<<5) -#define EXPORT_RESET_SUBKEY_PASSWD (1<<6) +#define EXPORT_RESET_SUBKEY_PASSWD (1<<3) +#define EXPORT_MINIMAL (1<<4) +#define EXPORT_CLEAN (1<<5) #define LIST_SHOW_PHOTOS (1<<0) #define LIST_SHOW_POLICY_URLS (1<<1) Modified: trunk/g10/trustdb.c =================================================================== --- trunk/g10/trustdb.c 2005-11-14 13:11:15 UTC (rev 3939) +++ trunk/g10/trustdb.c 2005-11-18 04:25:07 UTC (rev 3940) @@ -1574,7 +1574,7 @@ } } -int +static int clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy,int self_only) { int deleted=0; @@ -1712,21 +1712,27 @@ return deleted; } -int -clean_uids_from_key(KBNODE keyblock,int noisy) +/* Needs to be called after a merge_keys_and_selfsig() */ +void +clean_one_uid(KBNODE keyblock,KBNODE uidnode,int noisy,int self_only, + int *uids_cleaned,int *sigs_cleaned) { - KBNODE uidnode; - int deleted=0; + int dummy; - merge_keys_and_selfsig(keyblock); + assert(keyblock->pkt->pkttype==PKT_PUBLIC_KEY); + assert(uidnode->pkt->pkttype==PKT_USER_ID); - for(uidnode=keyblock->next; - uidnode && uidnode->pkt->pkttype!=PKT_PUBLIC_SUBKEY; - uidnode=uidnode->next) - if(uidnode->pkt->pkttype==PKT_USER_ID) - deleted+=clean_uid_from_key(keyblock,uidnode,noisy); + if(!uids_cleaned) + uids_cleaned=&dummy; - return deleted; + if(!sigs_cleaned) + sigs_cleaned=&dummy; + + /* Do clean_uid_from_key first since if it fires off, we don't + have to bother with the other */ + *uids_cleaned+=clean_uid_from_key(keyblock,uidnode,noisy); + if(!uidnode->pkt->pkt.user_id->flags.compacted) + *sigs_cleaned+=clean_sigs_from_uid(keyblock,uidnode,noisy,self_only); } void @@ -1734,27 +1740,15 @@ int *uids_cleaned,int *sigs_cleaned) { KBNODE uidnode; - int dummy; - if(!uids_cleaned) - uids_cleaned=&dummy; - - if(!sigs_cleaned) - sigs_cleaned=&dummy; - merge_keys_and_selfsig(keyblock); for(uidnode=keyblock->next; uidnode && uidnode->pkt->pkttype!=PKT_PUBLIC_SUBKEY; uidnode=uidnode->next) if(uidnode->pkt->pkttype==PKT_USER_ID) - { - /* Do clean_uid_from_key first since if it fires off, we don't - have to bother with the other */ - *uids_cleaned+=clean_uid_from_key(keyblock,uidnode,noisy); - if(!uidnode->pkt->pkt.user_id->flags.compacted) - *sigs_cleaned+=clean_sigs_from_uid(keyblock,uidnode,noisy,self_only); - } + clean_one_uid(keyblock,uidnode,noisy,self_only, + uids_cleaned,sigs_cleaned); } /* Used by validate_one_keyblock to confirm a regexp within a trust Modified: trunk/g10/trustdb.h =================================================================== --- trunk/g10/trustdb.h 2005-11-14 13:11:15 UTC (rev 3939) +++ trunk/g10/trustdb.h 2005-11-18 04:25:07 UTC (rev 3940) @@ -82,8 +82,8 @@ void update_ownertrust (PKT_public_key *pk, unsigned int new_trust ); int clear_ownertrusts (PKT_public_key *pk); -int clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy,int self_only); -int clean_uids_from_key(KBNODE keyblock,int noisy); +void clean_one_uid(KBNODE keyblock,KBNODE uidnode,int noisy,int self_only, + int *uids_cleaned,int *sigs_cleaned); void clean_key(KBNODE keyblock,int noisy,int self_only, int *uids_cleaned,int *sigs_cleaned); From cvs at cvs.gnupg.org Fri Nov 18 05:37:30 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Fri Nov 18 05:04:26 2005 Subject: [svn] GnuPG - r3941 - trunk Message-ID: Author: dshaw Date: 2005-11-18 05:37:30 +0100 (Fri, 18 Nov 2005) New Revision: 3941 Modified: trunk/ChangeLog trunk/NEWS Log: * NEWS: Note backsigs, the xxxxx-clean options, and the xxxxx-minimal options. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2005-11-18 04:25:07 UTC (rev 3940) +++ trunk/ChangeLog 2005-11-18 04:37:30 UTC (rev 3941) @@ -1,3 +1,8 @@ +2005-11-17 David Shaw + + * NEWS: Note backsigs, the xxxxx-clean options, and the + xxxxx-minimal options. + 2005-11-02 David Shaw * configure.ac: Check for a getpagesize() declaration. Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2005-11-18 04:25:07 UTC (rev 3940) +++ trunk/NEWS 2005-11-18 04:37:30 UTC (rev 3941) @@ -23,7 +23,26 @@ * Added "gpg-zip", a program to create encrypted archives that can interoperate with PGP Zip. + * Added support for signing subkey "back signatures". Requiring + back signatures to be present is currently off by default, but + will be changed to on by default in the future, once more keys + contain the back signature. A new "backsign" command in the + --edit-key menu can be used to update signing subkeys with back + signatures. + * The key cleaning options for --import-options and + --export-options have been further polished. "import-clean" and + "export-clean" replace the older + import-clean-sigs/import-clean-uids and + export-clean-sigs/export-clean-uids option pairs. + + * New "minimize" command in the --edit-key menu removes everything + that can be removed from a key, rendering it as small as + possible. There are corresponding "export-minimal" and + "import-minimal" commands for --export-options and + --import-options. + + Noteworthy changes in version 1.4.2 (2005-07-26) ------------------------------------------------ From cvs at cvs.gnupg.org Fri Nov 18 05:50:16 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Fri Nov 18 05:17:11 2005 Subject: [svn] GnuPG - r3942 - trunk/doc Message-ID: Author: dshaw Date: 2005-11-18 05:50:15 +0100 (Fri, 18 Nov 2005) New Revision: 3942 Modified: trunk/doc/ChangeLog trunk/doc/gpg.sgml Log: * gpg.sgml: Clarify "xxxxx-clean" and "clean". Document "xxxxx-minimal", and "minimize". Modified: trunk/doc/ChangeLog =================================================================== --- trunk/doc/ChangeLog 2005-11-18 04:37:30 UTC (rev 3941) +++ trunk/doc/ChangeLog 2005-11-18 04:50:15 UTC (rev 3942) @@ -1,3 +1,8 @@ +2005-11-17 David Shaw + + * gpg.sgml: Clarify "xxxxx-clean" and "clean". Document + "xxxxx-minimal", and "minimize". + 2005-11-02 David Shaw * gpg.sgml: Clarify what is and isn't included in a "clean sigs". Modified: trunk/doc/gpg.sgml =================================================================== --- trunk/doc/gpg.sgml 2005-11-18 04:37:30 UTC (rev 3941) +++ trunk/doc/gpg.sgml 2005-11-18 04:50:15 UTC (rev 3942) @@ -539,32 +539,21 @@ clean -Cleans keys by removing unusable pieces. This command can be used to -keep keys neat and clean, and it has no effect aside from that. - - - - -sigs - -Remove any signatures that are not usable by the trust calculations. +Compact (by removing all signatures except the selfsig) any user ID +that is no longer usable (e.g. revoked, or expired). Then, remove any +signatures that are not usable by the trust calculations. Specifically, this removes any signature that does not validate, any signature that is superceded by a later signature, revoked signatures, and signatures issued by keys that are not present on the keyring. -uids +minimize -Compact (by removing all signatures except the selfsig) any user ID -that is no longer usable (e.g. revoked, or expired). +Make the key as small as possible. This removes all signatures from +each user ID except for the most recent self-signature. - - -If invoked with no arguments, both `sigs' and `uids' are cleaned. - - backsign @@ -1399,28 +1388,23 @@ -import-clean-sigs +import-clean -After import, remove any signatures from the new key that are not -usable. This includes signatures that were issued by keys that are -not present on the keyring. This option is the same as running the ---edit-key command "clean sigs" after import. Defaults to no. +After import, compact (remove all signatures except the +self-signature) any user IDs from the new key that are not usable. +Then, remove any signatures from the new key that are not usable. +This includes signatures that were issued by keys that are not present +on the keyring. This option is the same as running the --edit-key +command "clean" after import. Defaults to no. -import-clean-uids +import-minimal -After import, compact (remove all signatures from) any user IDs from -the new key that are not usable. This is the same as running the ---edit-key command "clean uids" after import. Defaults to no. +Import the smallest key possible. This removes all signatures except +the most recent self-signature on each user ID. Defaults to no. - -import-clean - -Identical to "import-clean-sigs import-clean-uids". - - @@ -1456,36 +1440,30 @@ -export-minimal +export-reset-subkey-passwd -Export the smallest key possible. Currently this is done by leaving -out any signatures that are not self-signatures. Defaults to no. +When using the "--export-secret-subkeys" command, this option resets +the passphrases for all exported subkeys to empty. This is useful +when the exported subkey is to be used on an unattended machine where +a passphrase doesn't necessarily make sense. Defaults to no. -export-clean-sigs +export-clean -Do not export any signatures that are not usable. This includes -signatures that were issued by keys that are not present on the -keyring. This option is the same as running the --edit-key command -"clean sigs" before export. Defaults to no. - - - -export-clean-uids - Compact (remove all signatures from) user IDs on the key being -exported if the user IDs are not usable. This is the same as running -the --edit-key command "clean uids" before export. Defaults to no. +exported if the user IDs are not usable. Also, do not export any +signatures that are not usable. This includes signatures that were +issued by keys that are not present on the keyring. This option is +the same as running the --edit-key command "clean" before export. +Defaults to no. -export-reset-subkey-passwd +export-minimal -When using the "--export-secret-subkeys" command, this option resets -the passphrases for all exported subkeys to empty. This is useful -when the exported subkey is to be used on an unattended machine where -a passphrase doesn't necessarily make sense. Defaults to no. +Export the smallest key possible. This removes all signatures except +the most recent self-signature on each user ID. Defaults to no. @@ -2713,7 +2691,7 @@ ---override-session-key &ParmString; +--override-session-key &ParmString; Don't use the public key but the session key &ParmString;. The format of this string is the same as the one printed by --show-session-key. This option @@ -2740,7 +2718,9 @@ When making a data signature, prompt for an expiration time. If this option is not specified, the expiration time set via --default-sig-expire is used. --no-ask-sig-expire disables this -option. +option. Note that by default, --force-v3-sigs is set which also +disables this option. If you want signature expiration, you must set +--no-force-v3-sigs as well as turning --ask-sig-expire on. From cvs at cvs.gnupg.org Fri Nov 18 12:18:01 2005 From: cvs at cvs.gnupg.org (svn author marcus) Date: Fri Nov 18 11:44:56 2005 Subject: [svn] gpgme - r1138 - trunk/gpgme Message-ID: Author: marcus Date: 2005-11-18 12:18:01 +0100 (Fri, 18 Nov 2005) New Revision: 1138 Modified: trunk/gpgme/ChangeLog trunk/gpgme/w32-glib-io.c Log: 2005-11-18 Marcus Brinkmann * w32-glib-io.c: Rewrote the file handle code. We don't create system fds for every handle (doesn't work for inherited handles), but we create pseudo fds in a private namespace that designate a handle and potentially a giochannel. Modified: trunk/gpgme/ChangeLog =================================================================== --- trunk/gpgme/ChangeLog 2005-11-17 18:45:30 UTC (rev 1137) +++ trunk/gpgme/ChangeLog 2005-11-18 11:18:01 UTC (rev 1138) @@ -1,3 +1,10 @@ +2005-11-18 Marcus Brinkmann + + * w32-glib-io.c: Rewrote the file handle code. We don't create + system fds for every handle (doesn't work for inherited handles), + but we create pseudo fds in a private namespace that designate a + handle and potentially a giochannel. + 2005-11-17 Marcus Brinkmann * w32-glib-io.c: New file. Modified: trunk/gpgme/w32-glib-io.c =================================================================== --- trunk/gpgme/w32-glib-io.c 2005-11-17 18:45:30 UTC (rev 1137) +++ trunk/gpgme/w32-glib-io.c 2005-11-18 11:18:01 UTC (rev 1138) @@ -43,29 +43,114 @@ #include -static GIOChannel *giochannel_table[256]; +/* This file is an ugly hack to get GPGME working with glib on Windows + targets. On Windows, you can not select() on file descriptors. + The only way to check if there is something to read is to read + something. This means that GPGME can not let glib check for data + without letting glib also handle the data on Windows targets. -static HANDLE handle_table[256]; -#define fd_to_handle(x) handle_table[x] + The ugly consequence is that we need to work on GIOChannels in + GPGME, creating a glib dependency. Also, we need to export an + interface for the application to get at GPGME's GIOChannel. There + is no good way to abstract all this with callbacks, because the + whole thing is also interconnected with the creation of pipes and + child processes. + The following rules apply only to this I/O backend: + + * All "file descriptors" that GPGME gives to the application are + not system file descriptors, but some internal number maintained by + GPGME. I call them "Something like a file descriptor" (SLAFD). + It's an ugly name for an ugly thing. + + * The application can use this "file descriptor" for exactly one + thing: To call gpgme_get_giochannel on it. This returns the + GIOChannel that the application can actually use. The channel can + then be integrated in the event loop. + + * ALL operations must use the user defined event loop. GPGME can + not anymore provide its own event loop. This is mostly a sanity + requirement: Although we have in theory all information we need to + make the GPGME W32 code for select still work, it would be a big + complication and require changes throughout GPGME. + + Eventually, we probably have to bite the bullet and make some + really nice callback interfaces to let the user control all this at + a per-context level. */ + + +/* Something like a file descriptor. We can not use "real" file + descriptors, because for some reason we can't create them from + osfhandles to be inherited. Argh! */ +static struct +{ + /* This is non-null if the entry is used. */ + HANDLE osfhandle; + + /* This is non-null if there is a GIOChannel for this handle. Only + for our end of the pipe. */ + GIOChannel *channel; +} slafd_table[256]; + +#define MAX_SLAFD ((int) DIM (slafd_table)) + +static int +create_slafd (HANDLE handle, int create_channel) +{ + int slafd; + + for (slafd = 0; slafd < MAX_SLAFD; slafd++) + if (slafd_table[slafd].osfhandle == NULL) + break; + + if (slafd == MAX_SLAFD) + return -1; + + if (create_channel) + { + /* FIXME: Do we need to specify the direction, too? */ + // int fd = _open_osfhandle ((long) handle, 0); + // DEBUG2("opened handle %p to %i\n", handle, fd); + slafd_table[slafd].channel = g_io_channel_unix_new ((int)handle); + if (!slafd_table[slafd].channel) + { + errno = EIO; /* XXX */ + return -1; + } + } + else + slafd_table[slafd].channel = NULL; + + slafd_table[slafd].osfhandle = handle; + return slafd; +} + + static GIOChannel * -find_channel (int fd, int create) +find_channel (int fd) { - if (fd < 0 || fd > (int) DIM (giochannel_table)) + if (fd < 0 || fd >= MAX_SLAFD) return NULL; - if (giochannel_table[fd] == NULL && create) - giochannel_table[fd] = g_io_channel_unix_new (fd); + return slafd_table[fd].channel; +} - return giochannel_table[fd]; + +static HANDLE +find_handle (int fd) +{ + if (fd < 0 || fd >= MAX_SLAFD) + return NULL; + + return slafd_table[fd].osfhandle; } -/* Look up the giochannel for file descriptor FD. */ +/* Look up the giochannel for "file descriptor" FD. */ GIOChannel * gpgme_get_giochannel (int fd) { - return find_channel (fd, 0); + return find_channel (fd); } @@ -79,7 +164,7 @@ { void (*handler) (int,void*); void *value; -} notify_table[256]; +} notify_table[MAX_SLAFD]; int _gpgme_io_read (int fd, void *buffer, size_t count) @@ -91,20 +176,31 @@ DEBUG2 ("fd %d: about to read %d bytes\n", fd, (int) count); - chan = find_channel (fd, 0); + chan = find_channel (fd); if (!chan) { DEBUG1 ("fd %d: no channel registered\n", fd); errno = EINVAL; return -1; } + DEBUG2 ("fd %d: channel %p\n", fd, chan); - status = g_io_channel_read_chars (chan, (gchar *) buffer, - count, &nread, NULL); + { + GError *err = NULL; + status = g_io_channel_read_chars (chan, (gchar *) buffer, + count, &nread, &err); + if (err) + { + DEBUG3 ("fd %d: status %i, err %s\n", fd, status, err->message); + g_error_free (err); + } + } + if (status == G_IO_STATUS_EOF) nread = 0; else if (status != G_IO_STATUS_NORMAL) { + DEBUG2 ("fd %d: status %d\n", fd, status); nread = -1; saved_errno = EIO; } @@ -129,7 +225,7 @@ DEBUG2 ("fd %d: about to write %d bytes\n", fd, (int) count); _gpgme_debug (2, "fd %d: write `%.*s'\n", fd, (int) count, buffer); - chan = find_channel (fd, 0); + chan = find_channel (fd); if (!chan) { DEBUG1 ("fd %d: no channel registered\n", fd); @@ -159,6 +255,8 @@ memset (&sec_attr, 0, sizeof sec_attr ); sec_attr.nLength = sizeof sec_attr; sec_attr.bInheritHandle = FALSE; + + DEBUG1("INHERIT: %i\n", inherit_idx); #define PIPEBUF_SIZE 4096 if (!CreatePipe ( &r, &w, &sec_attr, PIPEBUF_SIZE)) @@ -190,54 +288,25 @@ CloseHandle (w); w = h; } - filedes[0] = _open_osfhandle ((long) r, 0 ); + filedes[0] = create_slafd (r, inherit_idx == 1); if (filedes[0] == -1) { - DEBUG1 ("_open_osfhandle failed: ec=%d\n", errno); + DEBUG1 ("create_slafd failed: ec=%d\n", errno); CloseHandle (r); CloseHandle (w); return -1; } - filedes[1] = _open_osfhandle ((long) w, 0 ); + + filedes[1] = create_slafd (w, inherit_idx == 0); + if (filedes[1] == -1) { - DEBUG1 ("_open_osfhandle failed: ec=%d\n", errno); + DEBUG1 ("create_slafd failed: ec=%d\n", errno); _gpgme_io_close (filedes[0]); CloseHandle (r); CloseHandle (w); return -1; } - /* The fd that is not inherited will be used locally. Create a - channel for it. */ - if (inherit_idx == 0) - { - if (!find_channel (filedes[1], 1)) - { - DEBUG1 ("channel creation failed for %d\n", filedes[1]); - _gpgme_io_close (filedes[0]); - _gpgme_io_close (filedes[1]); - CloseHandle (r); - CloseHandle (w); - return -1; - } - } - else - { - if (!find_channel (filedes[0], 1)) - { - DEBUG1 ("channel creation failed for %d\n", filedes[1]); - _gpgme_io_close (filedes[0]); - _gpgme_io_close (filedes[1]); - CloseHandle (r); - CloseHandle (w); - return -1; - } - } - - /* Remember the handles for later. */ - handle_table[filedes[0]] = r; - handle_table[filedes[1]] = w; - DEBUG5 ("CreatePipe %p %p %d %d inherit=%d\n", r, w, filedes[0], filedes[1], inherit_idx ); return 0; @@ -249,31 +318,38 @@ { GIOChannel *chan; - if (fd == -1) - return -1; + if (fd < 0 || fd >= MAX_SLAFD) + { + errno = EBADF; + return -1; + } /* First call the notify handler. */ DEBUG1 ("closing fd %d", fd); - if (fd >= 0 && fd < (int) DIM (notify_table)) + if (notify_table[fd].handler) { - if (notify_table[fd].handler) - { - notify_table[fd].handler (fd, notify_table[fd].value); - notify_table[fd].handler = NULL; - notify_table[fd].value = NULL; - } + notify_table[fd].handler (fd, notify_table[fd].value); + notify_table[fd].handler = NULL; + notify_table[fd].value = NULL; } + /* Then do the close. */ - chan = find_channel (fd, 0); + chan = slafd_table[fd].channel; if (chan) { g_io_channel_shutdown (chan, 1, NULL); g_io_channel_unref (chan); - giochannel_table[fd] = NULL; - return 0; } - else - return close (fd); + + if (!CloseHandle (slafd_table[fd].osfhandle)) + { + DEBUG2 ("CloseHandle for fd %d failed: ec=%d\n", + fd, (int)GetLastError ()); + } + + slafd_table[fd].osfhandle = NULL; + + return 0; } @@ -297,7 +373,7 @@ GIOChannel *chan; GIOStatus status; - chan = find_channel (fd, 0); + chan = find_channel (fd); if (!chan) { errno = EIO; @@ -395,16 +471,18 @@ for (i=0; fd_child_list[i].fd != -1; i++ ) { if (fd_child_list[i].dup_to == 0 ) { - si.hStdInput = fd_to_handle (fd_child_list[i].fd); - DEBUG1 ("using %d for stdin", fd_child_list[i].fd ); + si.hStdInput = find_handle (fd_child_list[i].fd); + DEBUG2 ("using %d (%p) for stdin", fd_child_list[i].fd, + find_handle (fd_child_list[i].fd)); duped_stdin=1; } else if (fd_child_list[i].dup_to == 1 ) { - si.hStdOutput = fd_to_handle (fd_child_list[i].fd); - DEBUG1 ("using %d for stdout", fd_child_list[i].fd ); + si.hStdOutput = find_handle (fd_child_list[i].fd); + DEBUG2 ("using %d (%p) for stdout", fd_child_list[i].fd, + find_handle (fd_child_list[i].fd)); } else if (fd_child_list[i].dup_to == 2 ) { - si.hStdError = fd_to_handle (fd_child_list[i].fd); + si.hStdError = find_handle (fd_child_list[i].fd); DEBUG1 ("using %d for stderr", fd_child_list[i].fd ); duped_stderr = 1; } From cvs at cvs.gnupg.org Fri Nov 18 15:00:51 2005 From: cvs at cvs.gnupg.org (svn author marcus) Date: Fri Nov 18 14:27:45 2005 Subject: [svn] gpgme - r1139 - trunk/gpgme Message-ID: Author: marcus Date: 2005-11-18 15:00:50 +0100 (Fri, 18 Nov 2005) New Revision: 1139 Modified: trunk/gpgme/ChangeLog trunk/gpgme/posix-io.c trunk/gpgme/priv-io.h trunk/gpgme/rungpg.c trunk/gpgme/w32-glib-io.c trunk/gpgme/w32-io.c Log: 2005-11-18 Marcus Brinkmann * priv-io.h (_gpgme_io_fd2str): New prototype. * posix-io.c (_gpgme_io_fd2str): New function. * w32-io.c (_gpgme_io_fd2str): New function. * rungpg.c: Use this new function. * w32-glib-io.c (_gpgme_io_fd2str): Rewrote the file handle code again. Two's company, three's the musketeers. Modified: trunk/gpgme/ChangeLog =================================================================== --- trunk/gpgme/ChangeLog 2005-11-18 11:18:01 UTC (rev 1138) +++ trunk/gpgme/ChangeLog 2005-11-18 14:00:50 UTC (rev 1139) @@ -1,5 +1,12 @@ 2005-11-18 Marcus Brinkmann + * priv-io.h (_gpgme_io_fd2str): New prototype. + * posix-io.c (_gpgme_io_fd2str): New function. + * w32-io.c (_gpgme_io_fd2str): New function. + * rungpg.c: Use this new function. + * w32-glib-io.c (_gpgme_io_fd2str): Rewrote the file handle code + again. Two's company, three's the musketeers. + * w32-glib-io.c: Rewrote the file handle code. We don't create system fds for every handle (doesn't work for inherited handles), but we create pseudo fds in a private namespace that designate a Modified: trunk/gpgme/posix-io.c =================================================================== --- trunk/gpgme/posix-io.c 2005-11-18 11:18:01 UTC (rev 1138) +++ trunk/gpgme/posix-io.c 2005-11-18 14:00:50 UTC (rev 1139) @@ -56,6 +56,16 @@ } } + +/* Write the printable version of FD to the buffer BUF of length + BUFLEN. The printable version is the representation on the command + line that the child process expects. */ +int +_gpgme_io_fd2str (char *buf, int buflen, int fd) +{ + return snprintf (buf, buflen, "%d", fd); +} + static struct { Modified: trunk/gpgme/priv-io.h =================================================================== --- trunk/gpgme/priv-io.h 2005-11-18 11:18:01 UTC (rev 1138) +++ trunk/gpgme/priv-io.h 2005-11-18 14:00:50 UTC (rev 1139) @@ -59,7 +59,9 @@ struct spawn_fd_item_s *fd_parent_list); int _gpgme_io_select (struct io_select_fd_s *fds, size_t nfds, int nonblock); +/* Write the printable version of FD to the buffer BUF of length + BUFLEN. The printable version is the representation on the command + line that the child process expects. */ +int _gpgme_io_fd2str (char *buf, int buflen, int fd); + #endif /* IO_H */ - - - Modified: trunk/gpgme/rungpg.c =================================================================== --- trunk/gpgme/rungpg.c 2005-11-18 11:18:01 UTC (rev 1138) +++ trunk/gpgme/rungpg.c 2005-11-18 14:00:50 UTC (rev 1139) @@ -407,7 +407,7 @@ { char buf[25]; - sprintf (buf, "%d", gpg->status.fd[1]); + _gpgme_io_fd2str (buf, sizeof (buf), gpg->status.fd[1]); rc = add_arg (gpg, buf); if (rc) goto leave; @@ -720,7 +720,10 @@ fd_data_map[datac].dup_to = a->dup_to; if (a->dup_to == -1) { - argv[argc] = malloc (25); + char *ptr; + int buflen = 25; + + argv[argc] = malloc (buflen); if (!argv[argc]) { int saved_errno = errno; @@ -728,9 +731,16 @@ free_argv (argv); return gpg_error_from_errno (saved_errno); } - sprintf (argv[argc], - a->print_fd ? "%d" : "-&%d", - fd_data_map[datac].peer_fd); + + ptr = argv[argc]; + if (!a->print_fd) + { + *(ptr++) = '-'; + *(ptr++) = '&'; + buflen -= 2; + } + + _gpgme_io_fd2str (ptr, buflen, fd_data_map[datac].peer_fd); argc++; } datac++; Modified: trunk/gpgme/w32-glib-io.c =================================================================== --- trunk/gpgme/w32-glib-io.c 2005-11-18 11:18:01 UTC (rev 1138) +++ trunk/gpgme/w32-glib-io.c 2005-11-18 14:00:50 UTC (rev 1139) @@ -56,18 +56,8 @@ whole thing is also interconnected with the creation of pipes and child processes. - The following rules apply only to this I/O backend: + The following rule applies only to this I/O backend: - * All "file descriptors" that GPGME gives to the application are - not system file descriptors, but some internal number maintained by - GPGME. I call them "Something like a file descriptor" (SLAFD). - It's an ugly name for an ugly thing. - - * The application can use this "file descriptor" for exactly one - thing: To call gpgme_get_giochannel on it. This returns the - GIOChannel that the application can actually use. The channel can - then be integrated in the event loop. - * ALL operations must use the user defined event loop. GPGME can not anymore provide its own event loop. This is mostly a sanity requirement: Although we have in theory all information we need to @@ -79,78 +69,41 @@ a per-context level. */ -/* Something like a file descriptor. We can not use "real" file - descriptors, because for some reason we can't create them from - osfhandles to be inherited. Argh! */ -static struct -{ - /* This is non-null if the entry is used. */ - HANDLE osfhandle; +#define MAX_SLAFD 256 - /* This is non-null if there is a GIOChannel for this handle. Only - for our end of the pipe. */ - GIOChannel *channel; -} slafd_table[256]; +GIOChannel *giochannel_table[MAX_SLAFD]; -#define MAX_SLAFD ((int) DIM (slafd_table)) -static int -create_slafd (HANDLE handle, int create_channel) -{ - int slafd; - - for (slafd = 0; slafd < MAX_SLAFD; slafd++) - if (slafd_table[slafd].osfhandle == NULL) - break; - - if (slafd == MAX_SLAFD) - return -1; - - if (create_channel) - { - /* FIXME: Do we need to specify the direction, too? */ - // int fd = _open_osfhandle ((long) handle, 0); - // DEBUG2("opened handle %p to %i\n", handle, fd); - slafd_table[slafd].channel = g_io_channel_unix_new ((int)handle); - if (!slafd_table[slafd].channel) - { - errno = EIO; /* XXX */ - return -1; - } - } - else - slafd_table[slafd].channel = NULL; - - slafd_table[slafd].osfhandle = handle; - return slafd; -} - - static GIOChannel * -find_channel (int fd) +find_channel (int fd, int create) { if (fd < 0 || fd >= MAX_SLAFD) return NULL; - return slafd_table[fd].channel; + if (create && !giochannel_table[fd]) + giochannel_table[fd] = g_io_channel_unix_new (fd); + + return giochannel_table[fd]; } - -static HANDLE -find_handle (int fd) +/* Look up the giochannel for "file descriptor" FD. */ +GIOChannel * +gpgme_get_giochannel (int fd) { - if (fd < 0 || fd >= MAX_SLAFD) - return NULL; - - return slafd_table[fd].osfhandle; + return find_channel (fd, 0); } -/* Look up the giochannel for "file descriptor" FD. */ -GIOChannel * -gpgme_get_giochannel (int fd) +/* Write the printable version of FD to the buffer BUF of length + BUFLEN. The printable version is the representation on the command + line that the child process expects. */ +int +_gpgme_io_fd2str (char *buf, int buflen, int fd) { - return find_channel (fd); + printf ("Converting fd %d to %ld\n", fd, (long) _get_osfhandle (fd)); + printf ("Converting fd %d to %ld\n", fd, (long) _get_osfhandle (fd)); + printf ("Converting fd %d to %ld\n", fd, (long) _get_osfhandle (fd)); + return snprintf (buf, buflen, "%ld", (long) _get_osfhandle (fd)); } @@ -176,7 +129,7 @@ DEBUG2 ("fd %d: about to read %d bytes\n", fd, (int) count); - chan = find_channel (fd); + chan = find_channel (fd, 0); if (!chan) { DEBUG1 ("fd %d: no channel registered\n", fd); @@ -225,7 +178,7 @@ DEBUG2 ("fd %d: about to write %d bytes\n", fd, (int) count); _gpgme_debug (2, "fd %d: write `%.*s'\n", fd, (int) count, buffer); - chan = find_channel (fd); + chan = find_channel (fd, 0); if (!chan) { DEBUG1 ("fd %d: no channel registered\n", fd); @@ -247,69 +200,61 @@ int -_gpgme_io_pipe ( int filedes[2], int inherit_idx ) +_gpgme_io_pipe (int filedes[2], int inherit_idx) { - HANDLE r, w; - SECURITY_ATTRIBUTES sec_attr; + GIOChannel *chan; - memset (&sec_attr, 0, sizeof sec_attr ); - sec_attr.nLength = sizeof sec_attr; - sec_attr.bInheritHandle = FALSE; +#define PIPEBUF_SIZE 4096 + if (_pipe (filedes, PIPEBUF_SIZE, O_NOINHERIT) == -1) + return -1; - DEBUG1("INHERIT: %i\n", inherit_idx); - -#define PIPEBUF_SIZE 4096 - if (!CreatePipe ( &r, &w, &sec_attr, PIPEBUF_SIZE)) - return -1; - /* Make one end inheritable. */ - if ( inherit_idx == 0 ) { - HANDLE h; - if (!DuplicateHandle( GetCurrentProcess(), r, - GetCurrentProcess(), &h, 0, - TRUE, DUPLICATE_SAME_ACCESS ) ) { - DEBUG1 ("DuplicateHandle failed: ec=%d\n", (int)GetLastError()); - CloseHandle (r); - CloseHandle (w); - return -1; - } - CloseHandle (r); - r = h; + /* Make one end inheritable. */ + if (inherit_idx == 0) + { + int new_read; + + new_read = _dup (filedes[0]); + _close (filedes[0]); + filedes[0] = new_read; + + if (new_read < 0) + { + _close (filedes[1]); + return -1; + } } - else if ( inherit_idx == 1 ) { - HANDLE h; - if (!DuplicateHandle( GetCurrentProcess(), w, - GetCurrentProcess(), &h, 0, - TRUE, DUPLICATE_SAME_ACCESS ) ) { - DEBUG1 ("DuplicateHandle failed: ec=%d\n", (int)GetLastError()); - CloseHandle (r); - CloseHandle (w); - return -1; - } - CloseHandle (w); - w = h; + else if (inherit_idx == 1) + { + int new_write; + + new_write = _dup (filedes[1]); + _close (filedes[1]); + filedes[1] = new_write; + + if (new_write < 0) + { + _close (filedes[0]); + return -1; + } } - filedes[0] = create_slafd (r, inherit_idx == 1); - if (filedes[0] == -1) - { - DEBUG1 ("create_slafd failed: ec=%d\n", errno); - CloseHandle (r); - CloseHandle (w); - return -1; - } - filedes[1] = create_slafd (w, inherit_idx == 0); - if (filedes[1] == -1) - { - DEBUG1 ("create_slafd failed: ec=%d\n", errno); - _gpgme_io_close (filedes[0]); - CloseHandle (r); - CloseHandle (w); - return -1; - } + /* Now we have a pipe with the right end inheritable. The other end + should have a giochannel. */ + chan = find_channel (filedes[1 - inherit_idx], 1); + if (!chan) + { + DEBUG2 ("channel creation for %d failed: ec=%d\n", + filedes[1 - inherit_idx], errno); + _close (filedes[0]); + _close (filedes[1]); + return -1; + } - DEBUG5 ("CreatePipe %p %p %d %d inherit=%d\n", r, w, - filedes[0], filedes[1], inherit_idx ); - return 0; + DEBUG5 ("CreatePipe %d (%p) %d (%p) inherit=%p\n", + filedes[0], (HANDLE) _get_osfhandle (filedes[0]), + filedes[1], (HANDLE) _get_osfhandle (filedes[1]), + chan); + return 0; } @@ -334,20 +279,15 @@ } /* Then do the close. */ - chan = slafd_table[fd].channel; + chan = giochannel_table[fd]; if (chan) { g_io_channel_shutdown (chan, 1, NULL); g_io_channel_unref (chan); + giochannel_table[fd] = NULL; } - - if (!CloseHandle (slafd_table[fd].osfhandle)) - { - DEBUG2 ("CloseHandle for fd %d failed: ec=%d\n", - fd, (int)GetLastError ()); - } - slafd_table[fd].osfhandle = NULL; + _close (fd); return 0; } @@ -373,7 +313,7 @@ GIOChannel *chan; GIOStatus status; - chan = find_channel (fd); + chan = find_channel (fd, 0); if (!chan) { errno = EIO; @@ -453,11 +393,11 @@ /* FIXME. */ int debug_me = 0; - memset (&sec_attr, 0, sizeof sec_attr ); + memset (&sec_attr, 0, sizeof sec_attr); sec_attr.nLength = sizeof sec_attr; sec_attr.bInheritHandle = FALSE; - arg_string = build_commandline ( argv ); + arg_string = build_commandline (argv); if (!arg_string ) return -1; @@ -471,19 +411,20 @@ for (i=0; fd_child_list[i].fd != -1; i++ ) { if (fd_child_list[i].dup_to == 0 ) { - si.hStdInput = find_handle (fd_child_list[i].fd); + si.hStdInput = (HANDLE) _get_osfhandle (fd_child_list[i].fd); DEBUG2 ("using %d (%p) for stdin", fd_child_list[i].fd, - find_handle (fd_child_list[i].fd)); + _get_osfhandle (fd_child_list[i].fd)); duped_stdin=1; } else if (fd_child_list[i].dup_to == 1 ) { - si.hStdOutput = find_handle (fd_child_list[i].fd); + si.hStdOutput = (HANDLE) _get_osfhandle (fd_child_list[i].fd); DEBUG2 ("using %d (%p) for stdout", fd_child_list[i].fd, - find_handle (fd_child_list[i].fd)); + _get_osfhandle (fd_child_list[i].fd)); } else if (fd_child_list[i].dup_to == 2 ) { - si.hStdError = find_handle (fd_child_list[i].fd); - DEBUG1 ("using %d for stderr", fd_child_list[i].fd ); + si.hStdError = (HANDLE) _get_osfhandle (fd_child_list[i].fd); + DEBUG2 ("using %d (%p) for stderr", fd_child_list[i].fd, + _get_osfhandle (fd_child_list[i].fd)); duped_stderr = 1; } } @@ -574,7 +515,72 @@ int _gpgme_io_select (struct io_select_fd_s *fds, size_t nfds, int nonblock) { - assert (!"ARGH! The user of this library MUST define io callbacks!"); - errno = EINVAL; - return -1; + int i; + int res = 0; + void *dbg_help = NULL; + + /* Use g_io_channel_get_buffer_condition. This will help with the + _gpgme_io_select uses in rungpg.c and wait.c::_gpgme_run_io_cb, + but not with the global or private event loop. The user still + must define io cbs for all operations. */ + + if (!nonblock) + assert (!"Can not provide blocking select on this target."); + + DEBUG_BEGIN (dbg_help, 3, "gpgme:select on [ "); + for (i = 0; i < nfds; i++) + { + if (fds[i].fd == -1) + continue; + if (fds[i].frozen) + DEBUG_ADD1 (dbg_help, "f%d ", fds[i].fd); + else if (fds[i].for_read) + { + GIOChannel *chan = find_channel (fds[i].fd, 0); + assert (chan); + + DEBUG2("channel %p cond %i\n", + chan, + g_io_channel_get_buffer_condition (chan)); + + if (g_io_channel_get_buffer_condition (chan) & G_IO_IN) + { + fds[i].signaled = 1; + res++; + } + DEBUG_ADD1 (dbg_help, "r%d ", fds[i].fd); + } + else if (fds[i].for_write) + { + GIOChannel *chan = find_channel (fds[i].fd, 0); + assert (chan); + + if (g_io_channel_get_buffer_condition (chan) & G_IO_OUT) + { + fds[i].signaled = 1; + res++; + } + DEBUG_ADD1 (dbg_help, "w%d ", fds[i].fd); + } + else + fds[i].signaled = 0; + } + DEBUG_END (dbg_help, "]"); + + DEBUG_BEGIN (dbg_help, 3, "select OK [ "); + if (DEBUG_ENABLED (dbg_help)) + { + for (i = 0; i <= nfds; i++) + { + if (fds[i].fd == -1 || fds[i].frozen || !fds[i].signaled) + continue; + else if (fds[i].for_read) + DEBUG_ADD1 (dbg_help, "r%d ", i); + else if (fds[i].for_write) + DEBUG_ADD1 (dbg_help, "w%d ", i); + } + DEBUG_END (dbg_help, "]"); + } + + return 1; } Modified: trunk/gpgme/w32-io.c =================================================================== --- trunk/gpgme/w32-io.c 2005-11-18 11:18:01 UTC (rev 1138) +++ trunk/gpgme/w32-io.c 2005-11-18 14:00:50 UTC (rev 1139) @@ -1091,6 +1091,16 @@ } + +/* Write the printable version of FD to the buffer BUF of length + BUFLEN. The printable version is the representation on the command + line that the child process expects. */ +int +_gpgme_io_fd2str (char *buf, int buflen, int fd) +{ + return snprintf (buf, buflen, "%d", fd); +} + /* The following interface is only useful for GPGME Glib. */ From cvs at cvs.gnupg.org Fri Nov 18 17:52:39 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Fri Nov 18 17:19:31 2005 Subject: [svn] gpgme - r1140 - in trunk: . doc gpgme Message-ID: Author: wk Date: 2005-11-18 17:52:38 +0100 (Fri, 18 Nov 2005) New Revision: 1140 Modified: trunk/ChangeLog trunk/autogen.sh trunk/configure.ac trunk/doc/gpgme.texi trunk/gpgme/ChangeLog trunk/gpgme/versioninfo.rc.in trunk/gpgme/w32-glib-io.c Log: GPA does now work with the glib based i/o backend. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2005-11-18 14:00:50 UTC (rev 1139) +++ trunk/ChangeLog 2005-11-18 16:52:38 UTC (rev 1140) @@ -1,3 +1,7 @@ +2005-11-18 Werner Koch + + * configure.ac (BUILD_REVISION): New. + 2005-11-17 Marcus Brinkmann * configure.ac: Add support for --enable-w32-glib (disabled by @@ -3,4 +7,8 @@ default). Invoke AM_PATH_GLIB_2_0. +2005-11-16 Werner Koch + + * configure.ac (CFLAGS) [W32]: Make sure that -mms-bitfields are used. + 2005-11-15 Werner Koch Modified: trunk/autogen.sh =================================================================== --- trunk/autogen.sh 2005-11-18 14:00:50 UTC (rev 1139) +++ trunk/autogen.sh 2005-11-18 16:52:38 UTC (rev 1140) @@ -76,7 +76,8 @@ ./configure --enable-maintainer-mode --prefix=${w32root} \ --host=i586-mingw32msvc --build=${build} \ --with-gpg-error-prefix=${w32root} --without-gpgsm \ - --enable-shared --enable-static + --enable-shared --enable-static --enable-w32-glib \ + PKG_CONFIG_LIBDIR="$w32root/lib/pkgconfig" exit $? fi Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2005-11-18 14:00:50 UTC (rev 1139) +++ trunk/configure.ac 2005-11-18 16:52:38 UTC (rev 1140) @@ -170,6 +170,9 @@ # Checks for compiler features. if test "$GCC" = yes; then CFLAGS="$CFLAGS -Wall -Wcast-align -Wshadow -Wstrict-prototypes" + if test "$have_w32_system" = yes; then + CFLAGS="$CFLAGS -mms-bitfields" + fi fi @@ -449,15 +452,18 @@ GNUPG_FIX_HDR_VERSION(gpgme/gpgme.h, GPGME_VERSION) # Generate values for the DLL version info +changequote(,)dnl +BUILD_REVISION="`echo '$Revision$' | sed 's/[^0-9]//g'`" +changequote([,])dnl +test -z "$BUILD_REVISION" && BUILD_REVISION="0" if test "$have_w32_system" = yes; then BUILD_TIMESTAMP=`date --iso-8601=minutes` changequote(,)dnl BUILD_FILEVERSION=`echo "$VERSION" | sed 's/\([0-9.]*\).*/\1./;s/\./,/g'` - tmp="`echo '$Revision$' | sed 's/[^0-9]//g'`" changequote([,])dnl - test -z "$tmp" && tmp="0" - BUILD_FILEVERSION="${BUILD_FILEVERSION}$tmp" + BUILD_FILEVERSION="${BUILD_FILEVERSION}${BUILD_REVISION}" fi +AC_SUBST(BUILD_REVISION) AC_SUBST(BUILD_TIMESTAMP) AC_SUBST(BUILD_FILEVERSION) Modified: trunk/doc/gpgme.texi =================================================================== --- trunk/doc/gpgme.texi 2005-11-18 14:00:50 UTC (rev 1139) +++ trunk/doc/gpgme.texi 2005-11-18 16:52:38 UTC (rev 1140) @@ -4738,7 +4738,7 @@ callback functions. Usually this is done in an event loop, that also checks for events in other parts of the program. If the callback functions are only called when the file descriptors are ready, -@acronym{GPGME} will never block. This gives the user mroe control +@acronym{GPGME} will never block. This gives the user more control over the program flow, and allows to perform other tasks when @acronym{GPGME} would block otherwise. @@ -4777,7 +4777,7 @@ @deftp {Data type} {gpgme_error_t (*gpgme_register_io_cb_t) (@w{void *@var{data}}, @w{int @var{fd}}, @w{int @var{dir}}, @w{gpgme_io_cb_t @var{fnc}}, @w{void *@var{fnc_data}}, @w{void **@var{tag}})} @tindex gpgme_register_io_cb_t The @code{gpgme_register_io_cb_t} type is the type of functions which can -be called by @acronym{GPGME} to register an I/O callback funtion +be called by @acronym{GPGME} to register an I/O callback function @var{fnc} for the file descriptor @var{fd} with the user. @var{fnc_data} should be passed as the first argument to @var{fnc} when the handler is invoked (the second argument should be @var{fd}). Modified: trunk/gpgme/ChangeLog =================================================================== --- trunk/gpgme/ChangeLog 2005-11-18 14:00:50 UTC (rev 1139) +++ trunk/gpgme/ChangeLog 2005-11-18 16:52:38 UTC (rev 1140) @@ -1,3 +1,12 @@ +2005-11-18 Werner Koch + + * w32-glib-io.c: Include glib.h before windows to avoid a symbol + shadowing warning. + (find_channel): Better use g_io_channel_win32_new_fd instead of + the autodetection function g_io_channel_unix_new. + (_gpgme_io_select): Rewritten. It is now a fully working select + implementation. + 2005-11-18 Marcus Brinkmann * priv-io.h (_gpgme_io_fd2str): New prototype. @@ -12,6 +21,10 @@ but we create pseudo fds in a private namespace that designate a handle and potentially a giochannel. +2005-11-18 Werner Koch + + * versioninfo.rc.in: Set file version to LT-version + Svn-revision. + 2005-11-17 Marcus Brinkmann * w32-glib-io.c: New file. Modified: trunk/gpgme/versioninfo.rc.in =================================================================== --- trunk/gpgme/versioninfo.rc.in 2005-11-18 14:00:50 UTC (rev 1139) +++ trunk/gpgme/versioninfo.rc.in 2005-11-18 16:52:38 UTC (rev 1140) @@ -18,7 +18,7 @@ VS_VERSION_INFO VERSIONINFO - FILEVERSION @BUILD_FILEVERSION@ + FILEVERSION @LIBGPGME_LT_CURRENT@,@LIBGPGME_LT_AGE@,@LIBGPGME_LT_REVISION@,@BUILD_REVISION@ PRODUCTVERSION @BUILD_FILEVERSION@ FILEFLAGSMASK 0x3fL #ifdef _DEBUG @@ -37,7 +37,7 @@ VALUE "Comments", "Provided under the terms of the GNU Lesser General Public License.\0" VALUE "CompanyName", "g10 Code GmbH\0" VALUE "FileDescription", "GPGME - GnuPG Made Easy\0" - VALUE "FileVersion", "@VERSION@\0" + VALUE "FileVersion", "@LIBGPGME_LT_CURRENT@.@LIBGPGME_LT_AGE@.@LIBGPGME_LT_REVISION@.@BUILD_REVISION@\0" VALUE "InternalName", "gpgme\0" VALUE "LegalCopyright", "Copyright © 2005 g10 Code GmbH\0" VALUE "LegalTrademarks", "\0" Modified: trunk/gpgme/w32-glib-io.c =================================================================== --- trunk/gpgme/w32-glib-io.c 2005-11-18 14:00:50 UTC (rev 1139) +++ trunk/gpgme/w32-glib-io.c 2005-11-18 16:52:38 UTC (rev 1140) @@ -32,6 +32,7 @@ #include #include #include +#include #include #include @@ -40,7 +41,6 @@ #include "sema.h" #include "debug.h" -#include /* This file is an ugly hack to get GPGME working with glib on Windows @@ -81,7 +81,7 @@ return NULL; if (create && !giochannel_table[fd]) - giochannel_table[fd] = g_io_channel_unix_new (fd); + giochannel_table[fd] = g_io_channel_win32_new_fd (fd); return giochannel_table[fd]; } @@ -515,72 +515,115 @@ int _gpgme_io_select (struct io_select_fd_s *fds, size_t nfds, int nonblock) { - int i; - int res = 0; + int npollfds; + GPollFD *pollfds; + int *pollfds_map; + int i, j; + int any, n, count; + int timeout = 1000; /* Use a 1s timeout. */ void *dbg_help = NULL; - /* Use g_io_channel_get_buffer_condition. This will help with the - _gpgme_io_select uses in rungpg.c and wait.c::_gpgme_run_io_cb, - but not with the global or private event loop. The user still - must define io cbs for all operations. */ + if (nonblock) + timeout = 0; - if (!nonblock) - assert (!"Can not provide blocking select on this target."); + pollfds = calloc (nfds, sizeof *pollfds); + if (!pollfds) + return -1; + pollfds_map = calloc (nfds, sizeof *pollfds_map); + if (!pollfds_map) + { + free (pollfds); + return -1; + } + npollfds = 0; DEBUG_BEGIN (dbg_help, 3, "gpgme:select on [ "); + any = 0; for (i = 0; i < nfds; i++) { if (fds[i].fd == -1) continue; if (fds[i].frozen) DEBUG_ADD1 (dbg_help, "f%d ", fds[i].fd); - else if (fds[i].for_read) + else if (fds[i].for_read ) { - GIOChannel *chan = find_channel (fds[i].fd, 0); - assert (chan); - - DEBUG2("channel %p cond %i\n", - chan, - g_io_channel_get_buffer_condition (chan)); - - if (g_io_channel_get_buffer_condition (chan) & G_IO_IN) - { - fds[i].signaled = 1; - res++; - } - DEBUG_ADD1 (dbg_help, "r%d ", fds[i].fd); + GIOChannel *chan = find_channel (fds[i].fd, 0); + assert (chan); + g_io_channel_win32_make_pollfd (chan, G_IO_IN, pollfds + npollfds); + pollfds_map[npollfds] = i; + DEBUG_ADD2 (dbg_help, "r%d<%d> ", fds[i].fd, pollfds[npollfds].fd); + npollfds++; + any = 1; } else if (fds[i].for_write) { - GIOChannel *chan = find_channel (fds[i].fd, 0); - assert (chan); - - if (g_io_channel_get_buffer_condition (chan) & G_IO_OUT) - { - fds[i].signaled = 1; - res++; - } - DEBUG_ADD1 (dbg_help, "w%d ", fds[i].fd); + GIOChannel *chan = find_channel (fds[i].fd, 0); + assert (chan); + g_io_channel_win32_make_pollfd (chan, G_IO_OUT, pollfds + npollfds); + pollfds_map[npollfds] = i; + DEBUG_ADD2 (dbg_help, "w%d<%d> ", fds[i].fd, pollfds[npollfds].fd); + npollfds++; + any = 1; } - else - fds[i].signaled = 0; + fds[i].signaled = 0; } DEBUG_END (dbg_help, "]"); + if (!any) + { + count = 0; + goto leave; + } + + count = g_io_channel_win32_poll (pollfds, npollfds, timeout); + if (count < 0) + { + int saved_errno = errno; + DEBUG1 ("_gpgme_io_select failed: %s\n", strerror (errno)); + errno = saved_errno; + goto leave; + } + DEBUG_BEGIN (dbg_help, 3, "select OK [ "); if (DEBUG_ENABLED (dbg_help)) { - for (i = 0; i <= nfds; i++) + for (i = 0; i < npollfds; i++) { - if (fds[i].fd == -1 || fds[i].frozen || !fds[i].signaled) - continue; - else if (fds[i].for_read) + if ((pollfds[i].revents & G_IO_IN)) DEBUG_ADD1 (dbg_help, "r%d ", i); - else if (fds[i].for_write) - DEBUG_ADD1 (dbg_help, "w%d ", i); + if ((pollfds[i].revents & G_IO_OUT)) + DEBUG_ADD1 (dbg_help, "w%d ", i); } DEBUG_END (dbg_help, "]"); } + + /* COUNT is used to stop the lop as soon as possible. */ + for (n = count, i = 0; i < npollfds && n; i++) + { + j = pollfds_map[i]; + assert (j >= 0 && j < nfds); + if (fds[j].fd == -1) + ; + else if (fds[j].for_read) + { + if ((pollfds[i].revents & G_IO_IN)) + { + fds[j].signaled = 1; + n--; + } + } + else if (fds[j].for_write) + { + if ((pollfds[i].revents & G_IO_OUT)) + { + fds[j].signaled = 1; + n--; + } + } + } - return 1; +leave: + free (pollfds); + free (pollfds_map); + return count; } From cvs at cvs.gnupg.org Sat Nov 19 06:55:47 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Sat Nov 19 06:22:37 2005 Subject: [svn] GnuPG - r3943 - trunk/g10 Message-ID: Author: dshaw Date: 2005-11-19 06:55:45 +0100 (Sat, 19 Nov 2005) New Revision: 3943 Modified: trunk/g10/ChangeLog trunk/g10/free-packet.c trunk/g10/gpg.c trunk/g10/main.h trunk/g10/revoke.c Log: * free-packet.c (copy_secret_key): Copy secret key into secure memory since we may unprotect it. * main.h, g10.c (main), revoke.c (gen_desig_revoke): Add local user support so users can use -u with --desig-revoke. This bypasses the interactive walk over the revocation keys. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-11-18 04:50:15 UTC (rev 3942) +++ trunk/g10/ChangeLog 2005-11-19 05:55:45 UTC (rev 3943) @@ -1,3 +1,12 @@ +2005-11-19 David Shaw + + * free-packet.c (copy_secret_key): Copy secret key into secure + memory since we may unprotect it. + + * main.h, g10.c (main), revoke.c (gen_desig_revoke): Add local + user support so users can use -u with --desig-revoke. This + bypasses the interactive walk over the revocation keys. + 2005-11-17 David Shaw * keyedit.c (keyedit_menu, menu_clean): Simplify clean options to @@ -16,7 +25,8 @@ * armor.c (parse_header_line): A fussy bit of 2440: header lines are delimited with a colon-space pair. Therefore a line such as - "Comment: " is actually legal, albeit not particularly useful. + "Comment: " (with a trailing space) is actually legal, albeit not + particularly useful. 2005-11-11 David Shaw Modified: trunk/g10/free-packet.c =================================================================== --- trunk/g10/free-packet.c 2005-11-18 04:50:15 UTC (rev 3942) +++ trunk/g10/free-packet.c 2005-11-19 05:55:45 UTC (rev 3943) @@ -285,7 +285,7 @@ int n, i; if( !d ) - d = xmalloc(sizeof *d); + d = xmalloc_secure(sizeof *d); else release_secret_key_parts (d); memcpy( d, s, sizeof *d ); Modified: trunk/g10/gpg.c =================================================================== --- trunk/g10/gpg.c 2005-11-18 04:50:15 UTC (rev 3942) +++ trunk/g10/gpg.c 2005-11-19 05:55:45 UTC (rev 3943) @@ -3417,7 +3417,7 @@ if( argc != 1 ) wrong_args("--desig-revoke user-id"); username = make_username(*argv); - gen_desig_revoke( username ); + gen_desig_revoke( username, locusr ); xfree( username ); break; Modified: trunk/g10/main.h =================================================================== --- trunk/g10/main.h 2005-11-18 04:50:15 UTC (rev 3942) +++ trunk/g10/main.h 2005-11-19 05:55:45 UTC (rev 3943) @@ -237,7 +237,7 @@ /*-- revoke.c --*/ struct revocation_reason_info; int gen_revoke( const char *uname ); -int gen_desig_revoke( const char *uname ); +int gen_desig_revoke( const char *uname, STRLIST locusr); int revocation_reason_build_cb( PKT_signature *sig, void *opaque ); struct revocation_reason_info * ask_revocation_reason( int key_rev, int cert_rev, int hint ); Modified: trunk/g10/revoke.c =================================================================== --- trunk/g10/revoke.c 2005-11-18 04:50:15 UTC (rev 3942) +++ trunk/g10/revoke.c 2005-11-19 05:55:45 UTC (rev 3943) @@ -197,7 +197,7 @@ * Generate a revocation certificate for UNAME via a designated revoker */ int -gen_desig_revoke( const char *uname ) +gen_desig_revoke( const char *uname, STRLIST locusr ) { int rc = 0; armor_filter_context_t afx; @@ -211,6 +211,7 @@ KBNODE keyblock=NULL,node; u32 keyid[2]; int i,any=0; + SK_LIST sk_list=NULL; if( opt.batch ) { @@ -246,6 +247,13 @@ keyid_from_pk(pk,keyid); + if(locusr) + { + rc=build_sk_list(locusr,&sk_list,0,PUBKEY_USAGE_CERT); + if(rc) + goto leave; + } + /* Are we a designated revoker for this key? */ if(!pk->revkey && pk->numrevkeys) @@ -253,13 +261,40 @@ for(i=0;inumrevkeys;i++) { + SK_LIST list; + if(sk) free_secret_key(sk); - sk=xmalloc_clear(sizeof(*sk)); + if(sk_list) + { + for(list=sk_list;list;list=list->next) + { + byte fpr[MAX_FINGERPRINT_LEN]; + size_t fprlen; - rc=get_seckey_byfprint(sk,pk->revkey[i].fpr,MAX_FINGERPRINT_LEN); + fingerprint_from_sk(list->sk,fpr,&fprlen); + /* Don't get involved with keys that don't have 160 + bit fingerprints */ + if(fprlen!=20) + continue; + + if(memcmp(fpr,pk->revkey[i].fpr,20)==0) + break; + } + + if(list) + sk=copy_secret_key(NULL,list->sk); + else + continue; + } + else + { + sk=xmalloc_secure_clear(sizeof(*sk)); + rc=get_seckey_byfprint(sk,pk->revkey[i].fpr,MAX_FINGERPRINT_LEN); + } + /* We have the revocation key */ if(!rc) { @@ -297,7 +332,8 @@ goto leave; afx.what = 1; - afx.hdrlines = "Comment: A designated revocation certificate should follow\n"; + afx.hdrlines = "Comment: A designated revocation certificate" + " should follow\n"; iobuf_push_filter( out, armor_filter, &afx ); /* create it */ @@ -384,6 +420,8 @@ if( sig ) free_seckey_enc( sig ); + release_sk_list(sk_list); + if( rc ) iobuf_cancel(out); else From cvs at cvs.gnupg.org Sun Nov 20 16:02:04 2005 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Sun Nov 20 15:28:51 2005 Subject: [svn] GnuPG - r3944 - trunk/g10 Message-ID: Author: dshaw Date: 2005-11-20 16:02:03 +0100 (Sun, 20 Nov 2005) New Revision: 3944 Modified: trunk/g10/ChangeLog trunk/g10/keyedit.c trunk/g10/keylist.c trunk/g10/main.h Log: * main.h, keylist.c (print_revokers): New. Print the "rvk" designated revoker record. Moved from keyedit.c:show_key_with_all_names_colon. * keylist.c (list_keyblock_colon): Use it here ... * keyedit.c (show_key_with_all_names_colon): ... and here. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2005-11-19 05:55:45 UTC (rev 3943) +++ trunk/g10/ChangeLog 2005-11-20 15:02:03 UTC (rev 3944) @@ -1,3 +1,13 @@ +2005-11-20 David Shaw + + * main.h, keylist.c (print_revokers): New. Print the "rvk" + designated revoker record. Moved from + keyedit.c:show_key_with_all_names_colon. + + * keylist.c (list_keyblock_colon): Use it here ... + + * keyedit.c (show_key_with_all_names_colon): ... and here. + 2005-11-19 David Shaw * free-packet.c (copy_secret_key): Copy secret key into secure Modified: trunk/g10/keyedit.c =================================================================== --- trunk/g10/keyedit.c 2005-11-19 05:55:45 UTC (rev 3943) +++ trunk/g10/keyedit.c 2005-11-20 15:02:03 UTC (rev 3944) @@ -2442,24 +2442,7 @@ putchar('\n'); print_fingerprint (pk, NULL, 0); - - /* print the revoker record */ - if( !pk->revkey && pk->numrevkeys ) - BUG(); - else - { - for (i=0; i < pk->numrevkeys; i++) - { - byte *p; - - printf ("rvk:::%d::::::", pk->revkey[i].algid); - p = pk->revkey[i].fpr; - for (j=0; j < 20; j++, p++ ) - printf ("%02X", *p); - printf (":%02x%s:\n", pk->revkey[i].class, - (pk->revkey[i].class&0x40)?"s":""); - } - } + print_revokers(pk); } } Modified: trunk/g10/keylist.c =================================================================== --- trunk/g10/keylist.c 2005-11-19 05:55:45 UTC (rev 3943) +++ trunk/g10/keylist.c 2005-11-20 15:02:03 UTC (rev 3944) @@ -1009,7 +1009,30 @@ putchar('\n'); } +void +print_revokers(PKT_public_key *pk) +{ + /* print the revoker record */ + if( !pk->revkey && pk->numrevkeys ) + BUG(); + else + { + int i,j; + for (i=0; i < pk->numrevkeys; i++) + { + byte *p; + + printf ("rvk:::%d::::::", pk->revkey[i].algid); + p = pk->revkey[i].fpr; + for (j=0; j < 20; j++, p++ ) + printf ("%02X", *p); + printf (":%02x%s:\n", pk->revkey[i].class, + (pk->revkey[i].class&0x40)?"s":""); + } + } +} + static void list_keyblock_colon( KBNODE keyblock, int secret, int fpr ) { @@ -1073,7 +1096,7 @@ putchar( get_ownertrust_info(pk) ); putchar(':'); } - + if (opt.fixed_list_mode) { /* do not merge the first uid with the primary key */ putchar(':'); @@ -1094,6 +1117,8 @@ putchar(':'); /* End of field 15. */ } putchar('\n'); + if(pk) + print_revokers(pk); if( fpr ) print_fingerprint( pk, sk, 0 ); if( opt.with_key_data ) @@ -1101,7 +1126,6 @@ any = 1; } - for( kbctx=NULL; (node=walk_kbnode( keyblock, &kbctx, 0)) ; ) { if( node->pkt->pkttype == PKT_USER_ID && !opt.fast_list_mode ) { PKT_user_id *uid=node->pkt->pkt.user_id; Modified: trunk/g10/main.h =================================================================== --- trunk/g10/main.h 2005-11-19 05:55:45 UTC (rev 3943) +++ trunk/g10/main.h 2005-11-20 15:02:03 UTC (rev 3944) @@ -250,6 +250,7 @@ void reorder_keyblock (KBNODE keyblock); void list_keyblock( KBNODE keyblock, int secret, int fpr, void *opaque ); void print_fingerprint (PKT_public_key *pk, PKT_secret_key *sk, int mode); +void print_revokers(PKT_public_key *pk); void show_policy_url(PKT_signature *sig,int indent,int mode); void show_keyserver_url(PKT_signature *sig,int indent,int mode); void show_notation(PKT_signature *sig,int indent,int mode,int which); From cvs at cvs.gnupg.org Wed Nov 23 10:05:46 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Wed Nov 23 09:32:13 2005 Subject: [svn] GnuPG - r3945 - branches/GNUPG-1-9-BRANCH/sm Message-ID: Author: wk Date: 2005-11-23 10:05:45 +0100 (Wed, 23 Nov 2005) New Revision: 3945 Modified: branches/GNUPG-1-9-BRANCH/sm/ChangeLog branches/GNUPG-1-9-BRANCH/sm/call-agent.c branches/GNUPG-1-9-BRANCH/sm/gpgsm.c branches/GNUPG-1-9-BRANCH/sm/gpgsm.h branches/GNUPG-1-9-BRANCH/sm/qualified.c branches/GNUPG-1-9-BRANCH/sm/sign.c Log: Print a note that the software has not been approved for qualified signatures. Modified: branches/GNUPG-1-9-BRANCH/sm/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/sm/ChangeLog 2005-11-20 15:02:03 UTC (rev 3944) +++ branches/GNUPG-1-9-BRANCH/sm/ChangeLog 2005-11-23 09:05:45 UTC (rev 3945) @@ -1,3 +1,14 @@ +2005-11-23 Werner Koch + + * gpgsm.h: New member QUALSIG_APPROVAL. + * sign.c (gpgsm_sign): Print a warning if a certificate is not + qualified. + * qualified.c (gpgsm_qualified_consent): Include a note that this + is not approved software. + (gpgsm_not_qualified_warning): New. + * gpgsm.c (main): Prepared to print a note whether the software + has been approved. + 2005-11-13 Werner Koch * call-agent.c (gpgsm_agent_get_confirmation): New. Modified: branches/GNUPG-1-9-BRANCH/sm/call-agent.c =================================================================== --- branches/GNUPG-1-9-BRANCH/sm/call-agent.c 2005-11-20 15:02:03 UTC (rev 3944) +++ branches/GNUPG-1-9-BRANCH/sm/call-agent.c 2005-11-23 09:05:45 UTC (rev 3945) @@ -701,7 +701,6 @@ gpgsm_agent_get_confirmation (ctrl_t ctrl, const char *desc) { int rc; - char *fpr; char line[ASSUAN_LINELENGTH]; rc = start_agent (ctrl); Modified: branches/GNUPG-1-9-BRANCH/sm/gpgsm.c =================================================================== --- branches/GNUPG-1-9-BRANCH/sm/gpgsm.c 2005-11-20 15:02:03 UTC (rev 3944) +++ branches/GNUPG-1-9-BRANCH/sm/gpgsm.c 2005-11-23 09:05:45 UTC (rev 3945) @@ -1220,6 +1220,11 @@ if (may_coredump && !opt.quiet) log_info (_("WARNING: program may create a core file!\n")); +/* if (opt.qualsig_approval && !opt.quiet) */ +/* log_info (_("This software has offically been approved to " */ +/* "create and verify\n" */ +/* "qualified signatures according to German law.\n")); */ + if (logfile && cmd == aServer) { log_set_file (logfile); Modified: branches/GNUPG-1-9-BRANCH/sm/gpgsm.h =================================================================== --- branches/GNUPG-1-9-BRANCH/sm/gpgsm.h 2005-11-20 15:02:03 UTC (rev 3944) +++ branches/GNUPG-1-9-BRANCH/sm/gpgsm.h 2005-11-23 09:05:45 UTC (rev 3945) @@ -108,6 +108,13 @@ char *fixed_passphrase; /* Passphrase used by regression tests. */ int auto_issuer_key_retrieve; /* try to retrieve a missing issuer key. */ + + int qualsig_approval; /* Set to true if this software has + officially been approved to create an + verify qualified signatures. This is a + runtime option in case we want to check + the integrity of the software at + runtime. */ } opt; @@ -291,6 +298,7 @@ /*-- qualified.c --*/ gpg_error_t gpgsm_is_in_qualified_list (ctrl_t ctrl, ksba_cert_t cert); gpg_error_t gpgsm_qualified_consent (ctrl_t ctrl, ksba_cert_t cert); +gpg_error_t gpgsm_not_qualified_warning (ctrl_t ctrl, ksba_cert_t cert); /*-- call-agent.c --*/ int gpgsm_agent_pksign (ctrl_t ctrl, const char *keygrip, const char *desc, Modified: branches/GNUPG-1-9-BRANCH/sm/qualified.c =================================================================== --- branches/GNUPG-1-9-BRANCH/sm/qualified.c 2005-11-20 15:02:03 UTC (rev 3944) +++ branches/GNUPG-1-9-BRANCH/sm/qualified.c 2005-11-23 09:05:45 UTC (rev 3945) @@ -216,9 +216,14 @@ "certificate:\n" "\"%s\"\n" "This will create a qualified signature by law " - "equated to a handwritten signature.\n\n" + "equated to a handwritten signature.\n\n%s%s" "Are you really sure that you want to do this?"), - subject? subject:"?" + subject? subject:"?", + opt.qualsig_approval? + "": + "Note that this software is not officially approved " + "to create or verify such signatures.\n", + opt.qualsig_approval? "":"\n" ) < 0 ) err = gpg_error_from_errno (errno); else @@ -262,3 +267,93 @@ xfree (buffer); return err; } + + +/* Popup a prompt to inform the user that the signature created is not + a qualified one. This is of course only doen if we know that we + have been approved. */ +gpg_error_t +gpgsm_not_qualified_warning (ctrl_t ctrl, ksba_cert_t cert) +{ + gpg_error_t err; + char *name, *subject, *buffer, *p; + const char *s; + char *orig_codeset = NULL; + + if (!opt.qualsig_approval) + return 0; + + name = ksba_cert_get_subject (cert, 0); + if (!name) + return gpg_error (GPG_ERR_GENERAL); + subject = gpgsm_format_name2 (name, 0); + ksba_free (name); name = NULL; + + +#ifdef ENABLE_NLS + /* The Assuan agent protocol requires us to transmit utf-8 strings */ + orig_codeset = bind_textdomain_codeset (PACKAGE_GT, NULL); +#ifdef HAVE_LANGINFO_CODESET + if (!orig_codeset) + orig_codeset = nl_langinfo (CODESET); +#endif + if (orig_codeset) + { /* We only switch when we are able to restore the codeset later. + Note that bind_textdomain_codeset does only return on memory + errors but not if a codeset is not available. Thus we don't + bother printing a diagnostic here. */ + orig_codeset = xstrdup (orig_codeset); + if (!bind_textdomain_codeset (PACKAGE_GT, "utf-8")) + orig_codeset = NULL; + } +#endif + + if (asprintf (&name, + _("You are about to create a signature using your " + "certificate:\n" + "\"%s\"\n" + "Note, that this certificate will NOT create a " + "qualified signature!"), + subject? subject:"?") < 0 ) + err = gpg_error_from_errno (errno); + else + err = 0; + +#ifdef ENABLE_NLS + if (orig_codeset) + bind_textdomain_codeset (PACKAGE_GT, orig_codeset); +#endif + xfree (orig_codeset); + xfree (subject); + + if (err) + return err; + + buffer = p = xtrymalloc (strlen (name) * 3 + 1); + if (!buffer) + { + err = gpg_error_from_errno (errno); + free (name); + return err; + } + for (s=name; *s; s++) + { + if (*s < ' ' || *s == '+') + { + sprintf (p, "%%%02X", *(unsigned char *)s); + p += 3; + } + else if (*s == ' ') + *p++ = '+'; + else + *p++ = *s; + } + *p = 0; + free (name); + + + err = gpgsm_agent_get_confirmation (ctrl, buffer); + + xfree (buffer); + return err; +} Modified: branches/GNUPG-1-9-BRANCH/sm/sign.c =================================================================== --- branches/GNUPG-1-9-BRANCH/sm/sign.c 2005-11-20 15:02:03 UTC (rev 3944) +++ branches/GNUPG-1-9-BRANCH/sm/sign.c 2005-11-23 09:05:45 UTC (rev 3945) @@ -446,13 +446,13 @@ goto leave; } if (*buffer) + err = gpgsm_qualified_consent (ctrl, cl->cert); + else + err = gpgsm_not_qualified_warning (ctrl, cl->cert); + if (err) { - err = gpgsm_qualified_consent (ctrl, cl->cert); - if (err) - { - rc = err; - goto leave; - } + rc = err; + goto leave; } } From cvs at cvs.gnupg.org Wed Nov 23 13:38:39 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Wed Nov 23 13:05:07 2005 Subject: [svn] GnuPG - r3946 - in branches/GNUPG-1-9-BRANCH: po sm Message-ID: Author: wk Date: 2005-11-23 13:38:38 +0100 (Wed, 23 Nov 2005) New Revision: 3946 Modified: branches/GNUPG-1-9-BRANCH/po/ChangeLog branches/GNUPG-1-9-BRANCH/po/POTFILES.in branches/GNUPG-1-9-BRANCH/po/de.po branches/GNUPG-1-9-BRANCH/sm/qualified.c Log: Add translations Modified: branches/GNUPG-1-9-BRANCH/po/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/po/ChangeLog 2005-11-23 09:05:45 UTC (rev 3945) +++ branches/GNUPG-1-9-BRANCH/po/ChangeLog 2005-11-23 12:38:38 UTC (rev 3946) @@ -1,3 +1,7 @@ +2005-11-23 Werner Koch + + * de.po: Updated. + 2005-08-01 Werner Koch * de.po: Converted to utf-8; fixed a few umlaut problems. Modified: branches/GNUPG-1-9-BRANCH/po/POTFILES.in =================================================================== --- branches/GNUPG-1-9-BRANCH/po/POTFILES.in 2005-11-23 09:05:45 UTC (rev 3945) +++ branches/GNUPG-1-9-BRANCH/po/POTFILES.in 2005-11-23 12:38:38 UTC (rev 3946) @@ -33,6 +33,7 @@ sm/keylist.c sm/sign.c sm/verify.c +sm/qualified.c tools/gpgconf.c tools/gpgconf-comp.c Modified: branches/GNUPG-1-9-BRANCH/po/de.po =================================================================== --- branches/GNUPG-1-9-BRANCH/po/de.po 2005-11-23 09:05:45 UTC (rev 3945) +++ branches/GNUPG-1-9-BRANCH/po/de.po 2005-11-23 12:38:38 UTC (rev 3946) @@ -10,15 +10,15 @@ msgstr "" "Project-Id-Version: gnupg2 1.9.18\n" "Report-Msgid-Bugs-To: translations@gnupg.org\n" -"POT-Creation-Date: 2005-09-09 12:47+0200\n" -"PO-Revision-Date: 2005-08-02 17:02+0200\n" +"POT-Creation-Date: 2005-11-23 13:00+0100\n" +"PO-Revision-Date: 2005-11-23 13:02+0100\n" "Last-Translator: Werner Koch \n" "Language-Team: de\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" -#: agent/gpg-agent.c:108 agent/protect-tool.c:108 scd/scdaemon.c:99 +#: agent/gpg-agent.c:108 agent/protect-tool.c:108 scd/scdaemon.c:100 msgid "" "@Options:\n" " " @@ -26,28 +26,28 @@ "@Optionen:\n" " " -#: agent/gpg-agent.c:110 scd/scdaemon.c:101 +#: agent/gpg-agent.c:110 scd/scdaemon.c:102 msgid "run in server mode (foreground)" msgstr "Im Server Modus ausf?hren" -#: agent/gpg-agent.c:111 scd/scdaemon.c:104 +#: agent/gpg-agent.c:111 scd/scdaemon.c:105 msgid "run in daemon mode (background)" msgstr "Im Daemon Modus ausf?hren" -#: agent/gpg-agent.c:112 kbx/kbxutil.c:81 scd/scdaemon.c:105 sm/gpgsm.c:331 +#: agent/gpg-agent.c:112 kbx/kbxutil.c:81 scd/scdaemon.c:106 sm/gpgsm.c:331 #: tools/gpgconf.c:62 msgid "verbose" msgstr "ausf?hrlich" -#: agent/gpg-agent.c:113 kbx/kbxutil.c:82 scd/scdaemon.c:106 sm/gpgsm.c:332 +#: agent/gpg-agent.c:113 kbx/kbxutil.c:82 scd/scdaemon.c:107 sm/gpgsm.c:332 msgid "be somewhat more quiet" msgstr "Etwas weniger Ausgaben erzeugen" -#: agent/gpg-agent.c:114 scd/scdaemon.c:107 +#: agent/gpg-agent.c:114 scd/scdaemon.c:108 msgid "sh-style command output" msgstr "Ausgabe f?r /bin/sh" -#: agent/gpg-agent.c:115 scd/scdaemon.c:108 +#: agent/gpg-agent.c:115 scd/scdaemon.c:109 msgid "csh-style command output" msgstr "Ausgabe f?r /bin/csh" @@ -55,7 +55,7 @@ msgid "|FILE|read options from FILE" msgstr "|DATEI|Konfigurationsoptionen aus DATEI lesen" -#: agent/gpg-agent.c:121 scd/scdaemon.c:117 +#: agent/gpg-agent.c:121 scd/scdaemon.c:118 msgid "do not detach from the console" msgstr "Im Vordergrund laufen lassen" @@ -63,7 +63,7 @@ msgid "do not grab keyboard and mouse" msgstr "Tastatur und Maus nicht \"grabben\"" -#: agent/gpg-agent.c:123 scd/scdaemon.c:118 sm/gpgsm.c:334 +#: agent/gpg-agent.c:123 scd/scdaemon.c:119 sm/gpgsm.c:334 msgid "use a log file for the server" msgstr "Logausgaben in eine Datei umlenken" @@ -115,12 +115,12 @@ msgid "|FILE|write environment settings also to FILE" msgstr "|DATEI|Schreibe die Umgebungsvariabeln auf DATEI" -#: agent/gpg-agent.c:235 agent/protect-tool.c:142 scd/scdaemon.c:183 +#: agent/gpg-agent.c:235 agent/protect-tool.c:142 scd/scdaemon.c:185 #: sm/gpgsm.c:507 tools/gpgconf.c:85 msgid "Please report bugs to <" msgstr "Fehlerberichte bitte an <" -#: agent/gpg-agent.c:235 agent/protect-tool.c:142 scd/scdaemon.c:183 +#: agent/gpg-agent.c:235 agent/protect-tool.c:142 scd/scdaemon.c:185 #: sm/gpgsm.c:507 tools/gpgconf.c:85 msgid ">.\n" msgstr ">.\n" @@ -137,30 +137,30 @@ "Syntax: gpg-agent [Optionen] [Kommando [Argumente]]\n" "Verwaltung von geheimen Schl?ssel f?r GnuPG\n" -#: agent/gpg-agent.c:311 scd/scdaemon.c:257 sm/gpgsm.c:636 +#: agent/gpg-agent.c:311 scd/scdaemon.c:259 sm/gpgsm.c:636 #, c-format msgid "invalid debug-level `%s' given\n" msgstr "ung?ltige Debugebene `%s' angegeben\n" #: agent/gpg-agent.c:482 agent/protect-tool.c:1072 kbx/kbxutil.c:431 -#: scd/scdaemon.c:349 sm/gpgsm.c:757 +#: scd/scdaemon.c:351 sm/gpgsm.c:757 #, c-format msgid "libgcrypt is too old (need %s, have %s)\n" msgstr "" "Die Bibliothek \"libgcrypt\" is zu alt (ben?tigt wird %s, vorhanden ist %s)\n" -#: agent/gpg-agent.c:574 scd/scdaemon.c:424 sm/gpgsm.c:858 +#: agent/gpg-agent.c:574 scd/scdaemon.c:426 sm/gpgsm.c:858 #, c-format msgid "NOTE: no default option file `%s'\n" msgstr "Notiz: Voreingestellte Konfigurationsdatei `%s' fehlt\n" -#: agent/gpg-agent.c:579 agent/gpg-agent.c:1090 scd/scdaemon.c:429 +#: agent/gpg-agent.c:579 agent/gpg-agent.c:1090 scd/scdaemon.c:431 #: sm/gpgsm.c:862 #, c-format msgid "option file `%s': %s\n" msgstr "Konfigurationsdatei `%s': %s\n" -#: agent/gpg-agent.c:587 scd/scdaemon.c:437 sm/gpgsm.c:869 +#: agent/gpg-agent.c:587 scd/scdaemon.c:439 sm/gpgsm.c:869 #, c-format msgid "reading options from `%s'\n" msgstr "Optionen werden aus `%s' gelesen\n" @@ -171,31 +171,31 @@ msgstr "Fehler beim Erstellen von `%s': %s\n" #: agent/gpg-agent.c:1140 agent/gpg-agent.c:1243 agent/gpg-agent.c:1247 -#: agent/gpg-agent.c:1283 agent/gpg-agent.c:1287 scd/scdaemon.c:902 +#: agent/gpg-agent.c:1283 agent/gpg-agent.c:1287 scd/scdaemon.c:906 #, c-format msgid "can't create directory `%s': %s\n" msgstr "Das Verzeichniss `%s' kann nicht erstellt werden: %s\n" -#: agent/gpg-agent.c:1154 scd/scdaemon.c:916 +#: agent/gpg-agent.c:1154 scd/scdaemon.c:920 msgid "name of socket too long\n" msgstr "Der Name des Sockets ist zu lang\n" -#: agent/gpg-agent.c:1180 scd/scdaemon.c:942 +#: agent/gpg-agent.c:1180 scd/scdaemon.c:946 #, c-format msgid "can't create socket: %s\n" msgstr "Socket kann nicht erzeugt werden: %s\n" -#: agent/gpg-agent.c:1209 scd/scdaemon.c:971 +#: agent/gpg-agent.c:1209 scd/scdaemon.c:975 #, c-format msgid "error binding socket to `%s': %s\n" msgstr "Der Socket kann nicht an `%s' gebunden werden: %s\n" -#: agent/gpg-agent.c:1217 scd/scdaemon.c:979 +#: agent/gpg-agent.c:1217 scd/scdaemon.c:983 #, c-format msgid "listen() failed: %s\n" msgstr "Der listen() Aufruf ist fehlgeschlagen: %s\n" -#: agent/gpg-agent.c:1223 scd/scdaemon.c:985 +#: agent/gpg-agent.c:1223 scd/scdaemon.c:989 #, c-format msgid "listening on socket `%s'\n" msgstr "Es wird auf Socket `%s' geh?rt\n" @@ -235,12 +235,12 @@ msgid "ssh handler 0x%lx for fd %d terminated\n" msgstr "SSH Handhabungsroutine 0x%lx f?r fd %d beendet\n" -#: agent/gpg-agent.c:1526 scd/scdaemon.c:1101 +#: agent/gpg-agent.c:1526 scd/scdaemon.c:1105 #, c-format msgid "pth_select failed: %s - waiting 1s\n" msgstr "pth_select() Aufruf fehlgeschlagen: %s - warte 1s\n" -#: agent/gpg-agent.c:1610 scd/scdaemon.c:1158 +#: agent/gpg-agent.c:1610 scd/scdaemon.c:1162 #, c-format msgid "%s %s stopped\n" msgstr "%s %s angehalten\n" @@ -320,15 +320,15 @@ msgid "Admin PIN" msgstr "Admin PIN" -#: agent/divert-scd.c:257 +#: agent/divert-scd.c:274 msgid "Repeat this PIN" msgstr "PIN bitte wiederholen" -#: agent/divert-scd.c:260 +#: agent/divert-scd.c:277 msgid "PIN not correctly repeated; try again" msgstr "PIN wurde nicht korrekt eingegeben; nochmal versuchen" -#: agent/divert-scd.c:272 +#: agent/divert-scd.c:289 #, c-format msgid "Please enter the PIN%s%s%s to unlock the card" msgstr "Bitte geben Sie die PIN%s%s%s ein um die Karte zu entsperren" @@ -343,12 +343,12 @@ msgid "Please enter the new passphrase" msgstr "Bitte geben Sie das Mantra (Passphrase) ein:" -#: agent/query.c:169 +#: agent/query.c:192 #, c-format msgid "failed to acquire the pinentry lock: %s\n" msgstr "Die Sperre f?r das Pinentry kann nicht gesetzt werden: %s\n" -#: agent/query.c:332 +#: agent/query.c:355 msgid "" "Please enter your PIN, so that the secret key can be unlocked for this " "session" @@ -356,7 +356,7 @@ "Bitte geben Sie Ihre PIN ein, so da? der geheime Schl?ssel benutzt werden " "kann" -#: agent/query.c:335 +#: agent/query.c:358 msgid "" "Please enter your passphrase, so that the secret key can be unlocked for " "this session" @@ -364,31 +364,31 @@ "Bitte geben Sie Ihr Mantra (Passphrase) ein, so da? der geheime Schl?ssel " "benutzt werden kann" -#: agent/query.c:393 agent/query.c:405 +#: agent/query.c:416 agent/query.c:428 msgid "PIN too long" msgstr "Die PIN ist zu lang" -#: agent/query.c:394 +#: agent/query.c:417 msgid "Passphrase too long" msgstr "Das Matra (Passphrase) ist zu lang" -#: agent/query.c:402 +#: agent/query.c:425 msgid "Invalid characters in PIN" msgstr "Ung?ltige Zeichen in der PIN" -#: agent/query.c:407 +#: agent/query.c:430 msgid "PIN too short" msgstr "Die PIN ist zu kurz" -#: agent/query.c:419 +#: agent/query.c:442 msgid "Bad PIN" msgstr "Falsche PIN" -#: agent/query.c:420 +#: agent/query.c:443 msgid "Bad Passphrase" msgstr "Falsches Mantra (Passphrase)" -#: agent/query.c:460 +#: agent/query.c:483 msgid "Passphrase" msgstr "Mantra" @@ -539,39 +539,43 @@ "Syntax: kbxutil [Optionen] [Dateien]\n" "Anlistem exportieren und Importieren von KeyBox Dateien\n" -#: scd/scdaemon.c:103 +#: scd/scdaemon.c:104 msgid "run in multi server mode (foreground)" msgstr "Im Multiserver Modus ausf?hren" -#: scd/scdaemon.c:109 sm/gpgsm.c:352 +#: scd/scdaemon.c:110 sm/gpgsm.c:352 msgid "read options from file" msgstr "Konfigurationsoptionen aus Datei lesen" -#: scd/scdaemon.c:119 +#: scd/scdaemon.c:120 msgid "|N|connect to reader at port N" msgstr "|N|Verbinde mit dem Leser auf Port N" -#: scd/scdaemon.c:120 +#: scd/scdaemon.c:121 msgid "|NAME|use NAME as ct-API driver" msgstr "|NAME|Benutze NAME als CT-API Treiber" -#: scd/scdaemon.c:121 +#: scd/scdaemon.c:122 msgid "|NAME|use NAME as PC/SC driver" msgstr "|NAME|Benutze NAME als PC/SC Treiber" -#: scd/scdaemon.c:124 +#: scd/scdaemon.c:125 msgid "do not use the internal CCID driver" msgstr "Den internen CCID Treiber nicht benutzen" -#: scd/scdaemon.c:129 +#: scd/scdaemon.c:130 +msgid "do not use a reader's keypad" +msgstr "Die Tastatur des Kartenleser nicht benutzen" + +#: scd/scdaemon.c:131 msgid "allow the use of admin card commands" msgstr "Erlaube die Benutzung von \"Admin\" Kommandos" -#: scd/scdaemon.c:186 +#: scd/scdaemon.c:188 msgid "Usage: scdaemon [options] (-h for help)" msgstr "Gebrauch: scdaemon [Optionen] (-h f?r Hilfe)" -#: scd/scdaemon.c:188 +#: scd/scdaemon.c:190 msgid "" "Syntax: scdaemon [options] [command [args]]\n" "Smartcard daemon for GnuPG\n" @@ -579,18 +583,18 @@ "Synatx: scdaemon [Optionen] [Kommando [Argumente]]\n" "Smartcard Daemon f?r GnuPG\n" -#: scd/scdaemon.c:658 +#: scd/scdaemon.c:662 msgid "please use the option `--daemon' to run the program in the background\n" msgstr "" "Bitte die Option `--daemon' nutzen um das Programm im Hintergund " "auszuf?hren\n" -#: scd/scdaemon.c:999 +#: scd/scdaemon.c:1003 #, c-format msgid "handler for fd %d started\n" msgstr "Handhabungsroutine f?r fd %d gestartet\n" -#: scd/scdaemon.c:1004 +#: scd/scdaemon.c:1008 #, c-format msgid "handler for fd %d terminated\n" msgstr "Handhabungsroutine f?r den fd %d beendet\n" @@ -610,47 +614,47 @@ msgid "reading public key failed: %s\n" msgstr "Fehler beim Lesen des ?ffentlichen Schl?ssels: %s\n" -#: scd/app-openpgp.c:1011 scd/app-openpgp.c:1942 +#: scd/app-openpgp.c:1011 scd/app-openpgp.c:1947 msgid "response does not contain the public key data\n" msgstr "Die Antwort enth?lt keine Public Key Daten\n" -#: scd/app-openpgp.c:1019 scd/app-openpgp.c:1950 +#: scd/app-openpgp.c:1019 scd/app-openpgp.c:1955 msgid "response does not contain the RSA modulus\n" msgstr "Die Antwort enth?lt keinen RSA Modulus\n" -#: scd/app-openpgp.c:1028 scd/app-openpgp.c:1960 +#: scd/app-openpgp.c:1028 scd/app-openpgp.c:1965 msgid "response does not contain the RSA public exponent\n" msgstr "Die Antwort enth?lt keinen ?ffenlichen RSA Exponent\n" -#: scd/app-openpgp.c:1291 scd/app-openpgp.c:1379 scd/app-openpgp.c:2182 +#: scd/app-openpgp.c:1296 scd/app-openpgp.c:1384 scd/app-openpgp.c:2187 #, c-format msgid "PIN callback returned error: %s\n" msgstr "Fehler vom PIN \"callback\": %s\n" -#: scd/app-openpgp.c:1297 scd/app-openpgp.c:1385 scd/app-openpgp.c:2188 +#: scd/app-openpgp.c:1302 scd/app-openpgp.c:1390 scd/app-openpgp.c:2193 #, c-format msgid "PIN for CHV%d is too short; minimum length is %d\n" msgstr "Die PIN f?r den CHV%d ist zu kurz; Mindestl?nge ist %d\n" -#: scd/app-openpgp.c:1306 scd/app-openpgp.c:1320 scd/app-openpgp.c:1395 -#: scd/app-openpgp.c:2197 scd/app-openpgp.c:2211 +#: scd/app-openpgp.c:1311 scd/app-openpgp.c:1325 scd/app-openpgp.c:1400 +#: scd/app-openpgp.c:2202 scd/app-openpgp.c:2216 #, c-format msgid "verify CHV%d failed: %s\n" msgstr "Pr?fen von CHV%d fehlgeschlagen: %s\n" -#: scd/app-openpgp.c:1343 +#: scd/app-openpgp.c:1348 msgid "access to admin commands is not configured\n" msgstr "Zugriff auf Admin Kommandos ist nicht konfiguriert\n" -#: scd/app-openpgp.c:1358 scd/app-openpgp.c:2417 +#: scd/app-openpgp.c:1363 scd/app-openpgp.c:2422 msgid "error retrieving CHV status from card\n" msgstr "Fehler beim Holen des CHV Status von der Karte\n" -#: scd/app-openpgp.c:1364 scd/app-openpgp.c:2426 +#: scd/app-openpgp.c:1369 scd/app-openpgp.c:2431 msgid "card is permanently locked!\n" msgstr "Die Karte ist dauerhaft gesperrt!\n" -#: scd/app-openpgp.c:1369 +#: scd/app-openpgp.c:1374 #, c-format msgid "%d Admin PIN attempts remaining before card is permanently locked\n" msgstr "" @@ -659,105 +663,105 @@ #. TRANSLATORS: Do not translate the "|A|" prefix but #. keep it at the start of the string. We need this elsewhere #. to get some infos on the string. -#: scd/app-openpgp.c:1376 +#: scd/app-openpgp.c:1381 msgid "|A|Admin PIN" msgstr "|A|Admin PIN" #. TRANSLATORS: Do not translate the "|*|" prefixes but #. keep it at the start of the string. We need this elsewhere #. to get some infos on the string. -#: scd/app-openpgp.c:1525 +#: scd/app-openpgp.c:1530 msgid "|AN|New Admin PIN" msgstr "|AN|Neue Admin PIN" -#: scd/app-openpgp.c:1525 +#: scd/app-openpgp.c:1530 msgid "|N|New PIN" msgstr "|N|Neue PIN" -#: scd/app-openpgp.c:1529 +#: scd/app-openpgp.c:1534 #, c-format msgid "error getting new PIN: %s\n" msgstr "Fehler beim Holen der neuen PIN: %s\n" -#: scd/app-openpgp.c:1579 scd/app-openpgp.c:2028 +#: scd/app-openpgp.c:1584 scd/app-openpgp.c:2033 msgid "error reading application data\n" msgstr "Fehler beim Lesen der Anwendungsdaten\n" -#: scd/app-openpgp.c:1585 scd/app-openpgp.c:2035 +#: scd/app-openpgp.c:1590 scd/app-openpgp.c:2040 msgid "error reading fingerprint DO\n" msgstr "Fehler beim Lesen des Fingerabdruck Datenobjekts\n" -#: scd/app-openpgp.c:1595 +#: scd/app-openpgp.c:1600 msgid "key already exists\n" msgstr "Schl?ssel existiert bereits\n" -#: scd/app-openpgp.c:1599 +#: scd/app-openpgp.c:1604 msgid "existing key will be replaced\n" msgstr "Existierender Schl?ssel wird ersetzt\n" -#: scd/app-openpgp.c:1601 +#: scd/app-openpgp.c:1606 msgid "generating new key\n" msgstr "Neuer Schl?ssel wird erzeugt\n" -#: scd/app-openpgp.c:1768 +#: scd/app-openpgp.c:1773 msgid "creation timestamp missing\n" msgstr "Erzeugungsdatum fehlt\n" -#: scd/app-openpgp.c:1775 +#: scd/app-openpgp.c:1780 #, c-format msgid "RSA modulus missing or not of size %d bits\n" msgstr "Der RSA Modulus fehlt oder ist nicht %d Bits lang\n" -#: scd/app-openpgp.c:1782 +#: scd/app-openpgp.c:1787 #, c-format msgid "RSA public exponent missing or larger than %d bits\n" msgstr "Der ?ffentliche RSA Exponent fehlt oder ist l?nger als %d Bits\n" -#: scd/app-openpgp.c:1790 scd/app-openpgp.c:1797 +#: scd/app-openpgp.c:1795 scd/app-openpgp.c:1802 #, c-format msgid "RSA prime %s missing or not of size %d bits\n" msgstr "Die RSA Primzahl %s fehlt oder ist nicht %d Bits lang\n" -#: scd/app-openpgp.c:1860 +#: scd/app-openpgp.c:1865 #, c-format msgid "failed to store the key: %s\n" msgstr "Fehler beim Speichern des Schl?ssels: %s\n" -#: scd/app-openpgp.c:1919 +#: scd/app-openpgp.c:1924 msgid "please wait while key is being generated ...\n" msgstr "Bitte warten bis der Schl?ssel erzeugt wurde ...\n" -#: scd/app-openpgp.c:1933 +#: scd/app-openpgp.c:1938 msgid "generating key failed\n" msgstr "Fehler beim Erzeugen des Schl?ssels\n" -#: scd/app-openpgp.c:1936 +#: scd/app-openpgp.c:1941 #, c-format msgid "key generation completed (%d seconds)\n" msgstr "Schl?sselerzeugung vollendet (%d Sekunden)\n" -#: scd/app-openpgp.c:1993 +#: scd/app-openpgp.c:1998 msgid "invalid structure of OpenPGP card (DO 0x93)\n" msgstr "Ung?ltige Struktur der OpenPGP Karte (DO 0x93)\n" -#: scd/app-openpgp.c:2162 +#: scd/app-openpgp.c:2167 #, c-format msgid "signatures created so far: %lu\n" msgstr "Anzahl bereits erzeugter Signaturen: %lu\n" -#: scd/app-openpgp.c:2170 +#: scd/app-openpgp.c:2175 #, c-format msgid "||Please enter the PIN%%0A[sigs done: %lu]" msgstr "||Bitte geben Sie die PIN ein%%0A[Sigs bisher: %lu]" -#: scd/app-openpgp.c:2431 +#: scd/app-openpgp.c:2436 msgid "" "verification of Admin PIN is currently prohibited through this command\n" msgstr "" "Die ?berpr?fung der Admin PIN is momentan durch ein Kommando verboten " "worden\n" -#: scd/app-openpgp.c:2502 scd/app-openpgp.c:2512 +#: scd/app-openpgp.c:2509 scd/app-openpgp.c:2519 #, c-format msgid "can't access %s - invalid OpenPGP card?\n" msgstr "Zugriff auf %s nicht m?glich - ung?ltige OpenPGP Karte?\n" @@ -802,23 +806,23 @@ msgid "[none]" msgstr "[keine]" -#: sm/certdump.c:496 +#: sm/certdump.c:498 sm/certdump.c:561 +msgid "[Error - invalid encoding]" +msgstr "[Fehler - Ung?ltige Kodierung]" + +#: sm/certdump.c:506 +msgid "[Error - out of core]" +msgstr "[Fehler - Nich gen?gend Speicher]" + +#: sm/certdump.c:541 msgid "[Error - No name]" msgstr "[Fehler - Kein Name]" -#: sm/certdump.c:510 -msgid "[Error - unknown encoding]" -msgstr "[Fehler - Unbekannte Kodierung]" - -#: sm/certdump.c:514 -msgid "[Error - invalid encoding]" -msgstr "[Fehler - Ung?ltige Kodierung]" - -#: sm/certdump.c:519 +#: sm/certdump.c:566 msgid "[Error - invalid DN]" msgstr "[Fehler - Ung?ltiger DN]" -#: sm/certdump.c:680 +#: sm/certdump.c:727 #, c-format msgid "" "Please enter the passphrase to unlock the secret key for:\n" @@ -836,7 +840,7 @@ msgstr "" "Schl?sselverwendungszweck nicht vorhanden - f?r alle Zwecke akzeptiert\n" -#: sm/certlist.c:132 sm/keylist.c:224 +#: sm/certlist.c:132 sm/keylist.c:245 #, c-format msgid "error getting key usage information: %s\n" msgstr "Fehler beim holen der Schl?sselbenutzungsinformationen: %s\n" @@ -902,7 +906,7 @@ msgid "number of issuers matching: %d\n" msgstr "Anzahl der ?bereinstimmenden Heruasgeber: %d\n" -#: sm/certchain.c:503 sm/certchain.c:662 sm/certchain.c:1031 sm/decrypt.c:260 +#: sm/certchain.c:503 sm/certchain.c:665 sm/certchain.c:1103 sm/decrypt.c:260 #: sm/encrypt.c:341 sm/sign.c:324 sm/verify.c:106 msgid "failed to allocated keyDB handle\n" msgstr "Ein keyDB Handle konnte nicht bereitgestellt werden\n" @@ -929,64 +933,64 @@ msgid "checking the CRL failed: %s" msgstr "Die CRL konnte nicht gepr?ft werden: %s" -#: sm/certchain.c:682 +#: sm/certchain.c:685 msgid "no issuer found in certificate" msgstr "Im Zertifikat ist kein Herausgeber enthalten" -#: sm/certchain.c:695 +#: sm/certchain.c:698 #, c-format msgid "certificate with invalid validity: %s" msgstr "Zertifikat mit unzul?ssiger G?ltigkeit: %s" -#: sm/certchain.c:711 +#: sm/certchain.c:714 msgid "certificate not yet valid" msgstr "Das Zertifikat ist noch nicht g?ltig" -#: sm/certchain.c:724 +#: sm/certchain.c:727 msgid "certificate has expired" msgstr "Das Zertifikat ist abgelaufen" -#: sm/certchain.c:761 +#: sm/certchain.c:764 msgid "self-signed certificate has a BAD signature" msgstr "Das eigenbeglaubigte Zertifikat hat eine FALSCHE Signatur" -#: sm/certchain.c:779 +#: sm/certchain.c:829 msgid "root certificate is not marked trusted" msgstr "Das Wurzelzertifikat ist nicht als vertrauensw?rdig markiert" -#: sm/certchain.c:790 +#: sm/certchain.c:840 #, c-format msgid "fingerprint=%s\n" msgstr "Fingerprint=%s\n" -#: sm/certchain.c:795 +#: sm/certchain.c:845 msgid "root certificate has now been marked as trusted\n" msgstr "Das Wurzelzertifikat wurde nun als vertrauensw?rdig markiert\n" -#: sm/certchain.c:810 +#: sm/certchain.c:860 #, c-format msgid "checking the trust list failed: %s\n" msgstr "Fehler beim Pr?fen der vertrauensw?rdigen Zertifikate: %s\n" -#: sm/certchain.c:836 sm/import.c:157 +#: sm/certchain.c:886 sm/import.c:157 msgid "certificate chain too long\n" msgstr "Der Zertifikatkette ist zu lang\n" -#: sm/certchain.c:848 +#: sm/certchain.c:898 msgid "issuer certificate not found" msgstr "Herausgeberzertifikat nicht gefunden" -#: sm/certchain.c:881 +#: sm/certchain.c:931 msgid "certificate has a BAD signature" msgstr "Das Zertifikat hat eine FALSCHE Signatur" -#: sm/certchain.c:911 +#: sm/certchain.c:961 msgid "found another possible matching CA certificate - trying again" msgstr "" "Eine anderes m?glicherweise passendes CA-Zertifikat gefunden - versuche " "nochmal" -#: sm/certchain.c:934 +#: sm/certchain.c:984 #, c-format msgid "certificate chain longer than allowed by CA (%d)" msgstr "Die Zertifikatkette ist l?nger als von der CA erlaubt (%d)" @@ -1346,28 +1350,28 @@ msgid "WARNING: program may create a core file!\n" msgstr "WARNUNG: Programm k?nnte eine core-dump-Datei schreiben!\n" -#: sm/gpgsm.c:1233 +#: sm/gpgsm.c:1238 msgid "WARNING: running with faked system time: " msgstr "WARNUNG: Ausf?hrung mit gef?lschter Systemzeit: " -#: sm/gpgsm.c:1259 +#: sm/gpgsm.c:1264 msgid "selected cipher algorithm is invalid\n" msgstr "Das ausgew?hlte Verschl?sselungsverfahren ist ung?ltig\n" -#: sm/gpgsm.c:1267 +#: sm/gpgsm.c:1272 msgid "selected digest algorithm is invalid\n" msgstr "Das ausgew?hlte Hashverfahren ist ung?ltig\n" -#: sm/gpgsm.c:1297 +#: sm/gpgsm.c:1302 #, c-format msgid "can't sign using `%s': %s\n" msgstr "Signieren mit `%s' nicht m?glich: %s\n" -#: sm/gpgsm.c:1470 +#: sm/gpgsm.c:1475 msgid "this command has not yet been implemented\n" msgstr "Diee Kommando wurde noch nicht implementiert\n" -#: sm/gpgsm.c:1700 sm/gpgsm.c:1737 +#: sm/gpgsm.c:1705 sm/gpgsm.c:1742 sm/qualified.c:73 #, c-format msgid "can't open `%s': %s\n" msgstr "Datei `%s' kann nicht ge?ffnet werden: %s\n" @@ -1492,27 +1496,83 @@ msgid "error storing flags: %s\n" msgstr "Fehler beim Speichern der Flags: %s\n" -#: sm/verify.c:381 +#: sm/sign.c:443 +#, c-format +msgid "checking for qualified certificate failed: %s\n" +msgstr "Pr?fung auf ein qualifiziertes Zertifikats fehlgeschlagen: %s\n" + +#: sm/sign.c:478 sm/verify.c:188 +msgid "(this is the MD2 algorithm)\n" +msgstr "(Dies ist der MD2 Algorithmus)\n" + +#: sm/verify.c:387 msgid "Signature made " msgstr "Signatur erzeugt am " -#: sm/verify.c:385 +#: sm/verify.c:391 msgid "[date not given]" msgstr "[Datum nicht vorhanden]" -#: sm/verify.c:386 +#: sm/verify.c:392 #, c-format msgid " using certificate ID %08lX\n" msgstr "mittels Zertifikat ID %08lX\n" -#: sm/verify.c:499 +#: sm/verify.c:505 msgid "Good signature from" msgstr "Korrekte Signatur von" -#: sm/verify.c:500 +#: sm/verify.c:506 msgid " aka" msgstr " alias" +#: sm/qualified.c:112 +#, c-format +msgid "invalid formatted fingerprint in `%s', line %d\n" +msgstr "Der Fingerabdruck in `%s', Zeile %d is fehlerhaft formatiert\n" + +#: sm/qualified.c:130 +#, c-format +msgid "invalid country code in `%s', line %d\n" +msgstr "Ung?ltiger Landescode in `%s', Zeile %d\n" + +#: sm/qualified.c:215 +#, c-format +msgid "" +"You are about to create a signature using your certificate:\n" +"\"%s\"\n" +"This will create a qualified signature by law equated to a handwritten " +"signature.\n" +"\n" +"%s%sAre you really sure that you want to do this?" +msgstr "" +"Sie sind dabei, eine Signatur mit dem Zertifikat:\n" +"\"%s\"\n" +"zu erzeugen. Dies wird einen qualifizierte Signatur erzeugen, \n" +"die gesetzlich einer handgeschriebene gleichgestellt ist.\n" +"\n" +"%s%sSind Sie wirklich sicher, da Sie dies m?chten?" + +#: sm/qualified.c:224 +msgid "" +"Note, that this software is not officially approved to create or verify such " +"signatures.\n" +msgstr "" +"Bitte beachten Sie, da? diese Software nicht offiziell zur Erzeugung\n" +"oder Pr?fung von qualifizierten Signaturen zugelassen ist.\n" + +#: sm/qualified.c:312 +#, c-format +msgid "" +"You are about to create a signature using your certificate:\n" +"\"%s\"\n" +"Note, that this certificate will NOT create a qualified signature!" +msgstr "" +"Sie sind dabei, eine Signatur mit dem Zertifikat:\n" +"\"%s\n" +"zu erzeugen. Bitte beachten Sie, da? dies KEINE qualifizierte\n" +"Signatur erzeugen wird." + #: tools/gpgconf.c:55 msgid "list all components" msgstr "Liste aller Komponenten" @@ -1557,62 +1617,65 @@ msgid "Component not found" msgstr "Komponente nicht gefunden" -#: tools/gpgconf-comp.c:435 tools/gpgconf-comp.c:499 tools/gpgconf-comp.c:564 -#: tools/gpgconf-comp.c:617 tools/gpgconf-comp.c:686 +#: tools/gpgconf-comp.c:435 tools/gpgconf-comp.c:499 tools/gpgconf-comp.c:566 +#: tools/gpgconf-comp.c:619 tools/gpgconf-comp.c:688 msgid "Options controlling the diagnostic output" msgstr "Optionen zur Einstellung Diagnoseausgaben" -#: tools/gpgconf-comp.c:448 tools/gpgconf-comp.c:512 tools/gpgconf-comp.c:577 -#: tools/gpgconf-comp.c:630 tools/gpgconf-comp.c:709 +#: tools/gpgconf-comp.c:448 tools/gpgconf-comp.c:512 tools/gpgconf-comp.c:579 +#: tools/gpgconf-comp.c:632 tools/gpgconf-comp.c:711 msgid "Options controlling the configuration" msgstr "Optionen zur Einstellung der Konfiguration" -#: tools/gpgconf-comp.c:458 tools/gpgconf-comp.c:535 tools/gpgconf-comp.c:584 -#: tools/gpgconf-comp.c:640 tools/gpgconf-comp.c:716 +#: tools/gpgconf-comp.c:458 tools/gpgconf-comp.c:537 tools/gpgconf-comp.c:586 +#: tools/gpgconf-comp.c:642 tools/gpgconf-comp.c:718 msgid "Options useful for debugging" msgstr "N?tzliche Optionen zum Debuggen" -#: tools/gpgconf-comp.c:463 tools/gpgconf-comp.c:540 tools/gpgconf-comp.c:589 -#: tools/gpgconf-comp.c:645 tools/gpgconf-comp.c:724 +#: tools/gpgconf-comp.c:463 tools/gpgconf-comp.c:542 tools/gpgconf-comp.c:591 +#: tools/gpgconf-comp.c:647 tools/gpgconf-comp.c:726 msgid "|FILE|write server mode logs to FILE" msgstr "|DATEI|Schreibe im Servermodus Logs auf DATEI" -#: tools/gpgconf-comp.c:471 tools/gpgconf-comp.c:545 tools/gpgconf-comp.c:653 +#: tools/gpgconf-comp.c:471 tools/gpgconf-comp.c:547 tools/gpgconf-comp.c:655 msgid "Options controlling the security" msgstr "Optionen zur Einstellung der Sicherheit" -#: tools/gpgconf-comp.c:597 +#: tools/gpgconf-comp.c:599 msgid "Configuration for Keyservers" msgstr "Konfiguration der Schl?sselserver" -#: tools/gpgconf-comp.c:658 +#: tools/gpgconf-comp.c:660 msgid "do not check CRLs for root certificates" msgstr "CRL bei Wurzelzertifikaten nicht ?berpr?fen" -#: tools/gpgconf-comp.c:699 +#: tools/gpgconf-comp.c:701 msgid "Options controlling the format of the output" msgstr "Optionen zum Einstellen der Ausgabeformate" -#: tools/gpgconf-comp.c:735 +#: tools/gpgconf-comp.c:737 msgid "Options controlling the interactivity and enforcement" msgstr "Optionen zur Einstellung der Interaktivit?t und Geltendmachung" -#: tools/gpgconf-comp.c:745 +#: tools/gpgconf-comp.c:747 msgid "Configuration for HTTP servers" msgstr "Konfiguration f?r HTTP Server" -#: tools/gpgconf-comp.c:756 +#: tools/gpgconf-comp.c:758 msgid "use system's HTTP proxy setting" msgstr "Einstellungen des System HTTP-Proxy benutzen" -#: tools/gpgconf-comp.c:761 +#: tools/gpgconf-comp.c:763 msgid "Configuration of LDAP servers to use" msgstr "Konfiguration der zu nutzenden LDAP-Server" -#: tools/gpgconf-comp.c:798 +#: tools/gpgconf-comp.c:800 msgid "Configuration for OCSP" msgstr "Konfiguration zu OCSP" +#~ msgid "[Error - unknown encoding]" +#~ msgstr "[Fehler - Unbekannte Kodierung]" + #~ msgid "do not allow multiple connections" #~ msgstr "Nicht mehr als eine Verbindung erlauben" Modified: branches/GNUPG-1-9-BRANCH/sm/qualified.c =================================================================== --- branches/GNUPG-1-9-BRANCH/sm/qualified.c 2005-11-23 09:05:45 UTC (rev 3945) +++ branches/GNUPG-1-9-BRANCH/sm/qualified.c 2005-11-23 12:38:38 UTC (rev 3946) @@ -221,8 +221,8 @@ subject? subject:"?", opt.qualsig_approval? "": - "Note that this software is not officially approved " - "to create or verify such signatures.\n", + _("Note, that this software is not officially approved " + "to create or verify such signatures.\n"), opt.qualsig_approval? "":"\n" ) < 0 ) err = gpg_error_from_errno (errno); From cvs at cvs.gnupg.org Thu Nov 24 09:39:24 2005 From: cvs at cvs.gnupg.org (svn author marcus) Date: Thu Nov 24 09:05:43 2005 Subject: [svn] gpgme - r1141 - trunk/gpgme Message-ID: Author: marcus Date: 2005-11-24 09:39:23 +0100 (Thu, 24 Nov 2005) New Revision: 1141 Modified: trunk/gpgme/ChangeLog trunk/gpgme/w32-glib-io.c Log: 2005-11-24 Marcus Brinkmann * w32-glib-io.c (_gpgme_io_fd2str): Remove debug printf. Modified: trunk/gpgme/ChangeLog =================================================================== --- trunk/gpgme/ChangeLog 2005-11-18 16:52:38 UTC (rev 1140) +++ trunk/gpgme/ChangeLog 2005-11-24 08:39:23 UTC (rev 1141) @@ -1,3 +1,7 @@ +2005-11-24 Marcus Brinkmann + + * w32-glib-io.c (_gpgme_io_fd2str): Remove debug printf. + 2005-11-18 Werner Koch * w32-glib-io.c: Include glib.h before windows to avoid a symbol Modified: trunk/gpgme/w32-glib-io.c =================================================================== --- trunk/gpgme/w32-glib-io.c 2005-11-18 16:52:38 UTC (rev 1140) +++ trunk/gpgme/w32-glib-io.c 2005-11-24 08:39:23 UTC (rev 1141) @@ -100,9 +100,6 @@ int _gpgme_io_fd2str (char *buf, int buflen, int fd) { - printf ("Converting fd %d to %ld\n", fd, (long) _get_osfhandle (fd)); - printf ("Converting fd %d to %ld\n", fd, (long) _get_osfhandle (fd)); - printf ("Converting fd %d to %ld\n", fd, (long) _get_osfhandle (fd)); return snprintf (buf, buflen, "%ld", (long) _get_osfhandle (fd)); } From cvs at cvs.gnupg.org Thu Nov 24 12:22:40 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Thu Nov 24 11:48:58 2005 Subject: [svn] ksba - r230 - trunk Message-ID: Author: wk Date: 2005-11-24 12:22:40 +0100 (Thu, 24 Nov 2005) New Revision: 230 Modified: trunk/ChangeLog trunk/NEWS trunk/configure.ac Log: Ready for another release Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2005-11-13 19:07:51 UTC (rev 229) +++ trunk/ChangeLog 2005-11-24 11:22:40 UTC (rev 230) @@ -1,3 +1,9 @@ +2005-11-24 Werner Koch + + Released 0.9.13. + + * configure.ac: Bumped LT vesion to C15/A7/R0. + 2005-08-01 Werner Koch Released 0.9.12. Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2005-11-13 19:07:51 UTC (rev 229) +++ trunk/NEWS 2005-11-24 11:22:40 UTC (rev 230) @@ -1,4 +1,4 @@ -Noteworthy changes in version 0.9.13 +Noteworthy changes in version 0.9.13 (2005-11-24) ------------------------------------------------- * New functions to associate user data with a certificate object. Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2005-11-13 19:07:51 UTC (rev 229) +++ trunk/configure.ac 2005-11-24 11:22:40 UTC (rev 230) @@ -23,15 +23,15 @@ # Version number: Remember to change immediately *after* a release. # Append a "-cvs" for non-released versions. -AC_INIT(libksba, 0.9.13-cvs, gpa-dev@gnupg.org) +AC_INIT(libksba, 0.9.13, gpa-dev@gnupg.org) # LT Version numbers: Remember to change them just *before* a release. # (Interfaces removed: CURRENT++, AGE=0, REVISION=0) # (Interfaces added: CURRENT++, AGE++, REVISION=0) # (No interfaces changed: REVISION++) # Please remember to document interface changes in the NEWS file. -LIBKSBA_LT_CURRENT=14 -LIBKSBA_LT_AGE=6 -LIBKSBA_LT_REVISION=1 +LIBKSBA_LT_CURRENT=15 +LIBKSBA_LT_AGE=7 +LIBKSBA_LT_REVISION=0 #------------------- # fixme: When bouncing this to a newer version, you check whether the From cvs at cvs.gnupg.org Thu Nov 24 12:50:42 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Thu Nov 24 12:16:59 2005 Subject: [svn] ksba - r231 - tags Message-ID: Author: wk Date: 2005-11-24 12:50:42 +0100 (Thu, 24 Nov 2005) New Revision: 231 Added: tags/libksba-0.9.13/ Log: tagged release Copied: tags/libksba-0.9.13 (from rev 230, trunk) From cvs at cvs.gnupg.org Thu Nov 24 12:56:12 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Thu Nov 24 12:22:30 2005 Subject: [svn] ksba - r232 - trunk Message-ID: Author: wk Date: 2005-11-24 12:56:11 +0100 (Thu, 24 Nov 2005) New Revision: 232 Modified: trunk/NEWS trunk/configure.ac Log: post release version updates Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2005-11-24 11:50:42 UTC (rev 231) +++ trunk/NEWS 2005-11-24 11:56:11 UTC (rev 232) @@ -1,3 +1,7 @@ +Noteworthy changes in version 0.9.14 +------------------------------------------------- + + Noteworthy changes in version 0.9.13 (2005-11-24) ------------------------------------------------- Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2005-11-24 11:50:42 UTC (rev 231) +++ trunk/configure.ac 2005-11-24 11:56:11 UTC (rev 232) @@ -23,7 +23,7 @@ # Version number: Remember to change immediately *after* a release. # Append a "-cvs" for non-released versions. -AC_INIT(libksba, 0.9.13, gpa-dev@gnupg.org) +AC_INIT(libksba, 0.9.14-cvs, gpa-dev@gnupg.org) # LT Version numbers: Remember to change them just *before* a release. # (Interfaces removed: CURRENT++, AGE=0, REVISION=0) # (Interfaces added: CURRENT++, AGE++, REVISION=0) From cvs at cvs.gnupg.org Sat Nov 26 12:52:15 2005 From: cvs at cvs.gnupg.org (svn author mo) Date: Sat Nov 26 12:18:21 2005 Subject: [svn] gcry - r1138 - trunk/doc Message-ID: Author: mo Date: 2005-11-26 12:52:14 +0100 (Sat, 26 Nov 2005) New Revision: 1138 Modified: trunk/doc/ChangeLog trunk/doc/gcrypt.texi Log: 2005-11-12 Moritz Schulte * gcrypt.texi (MPI formats): Document that for gcry_mpi_scan and in the case of GCRYMPI_FMT_HEX, BUFLEN must be zero. Modified: trunk/doc/ChangeLog =================================================================== --- trunk/doc/ChangeLog 2005-11-02 16:54:12 UTC (rev 1137) +++ trunk/doc/ChangeLog 2005-11-26 11:52:14 UTC (rev 1138) @@ -1,3 +1,8 @@ +2005-11-12 Moritz Schulte + + * gcrypt.texi (MPI formats): Document that for gcry_mpi_scan and + in the case of GCRYMPI_FMT_HEX, BUFLEN must be zero. + 2005-10-31 Moritz Schulte * gcrypt.texi: Added more gcry_control related descriptions. Modified: trunk/doc/gcrypt.texi =================================================================== --- trunk/doc/gcrypt.texi 2005-11-02 16:54:12 UTC (rev 1137) +++ trunk/doc/gcrypt.texi 2005-11-26 11:52:14 UTC (rev 1138) @@ -2544,7 +2544,7 @@ @end deftypefun -@deftypefun int gcry_pk_algo_info (@w{int @var{algo}}, @w{int @var{what}}, @w{void *@var{buffer}}, @w{size_t *@var{nbytes}}) +@deftypefun gcry_error_t gcry_pk_algo_info (@w{int @var{algo}}, @w{int @var{what}}, @w{void *@var{buffer}}, @w{size_t *@var{nbytes}}) Depending on the value of @var{what} return various information about the public key algorithm with the id @var{algo}. Note, that the @@ -3669,7 +3669,7 @@ @item GCRYMPI_FMT_HEX Stored as a C style string with each byte of the MPI encoded as 2 hex -digits. +digits. When using this format, @var{buflen} must be zero. @item GCRYMPI_FMT_USG Simple unsigned integer. From cvs at cvs.gnupg.org Sat Nov 26 12:52:57 2005 From: cvs at cvs.gnupg.org (svn author mo) Date: Sat Nov 26 12:19:02 2005 Subject: [svn] gcry - r1139 - trunk/tests Message-ID: Author: mo Date: 2005-11-26 12:52:56 +0100 (Sat, 26 Nov 2005) New Revision: 1139 Modified: trunk/tests/ChangeLog trunk/tests/ac-data.c Log: 2005-11-12 Moritz Schulte * ac-data.c: Added way more test cases. Modified: trunk/tests/ChangeLog =================================================================== --- trunk/tests/ChangeLog 2005-11-26 11:52:14 UTC (rev 1138) +++ trunk/tests/ChangeLog 2005-11-26 11:52:56 UTC (rev 1139) @@ -1,3 +1,7 @@ +2005-11-12 Moritz Schulte + + * ac-data.c: Added way more test cases. + 2005-09-15 Moritz Schulte * Makefile.am (TESTS): Added keygrip. Modified: trunk/tests/ac-data.c =================================================================== --- trunk/tests/ac-data.c 2005-11-26 11:52:14 UTC (rev 1138) +++ trunk/tests/ac-data.c 2005-11-26 11:52:56 UTC (rev 1139) @@ -51,15 +51,8 @@ } static void -check_sexp_conversion (gcry_ac_data_t data) +check_sexp_conversion (gcry_ac_data_t data, const char **identifiers) { - const char *identifiers[] = { "foo", - "bar", - "baz", - "hello", - "somemoretexthere", - "blahblahblah", - NULL }; gcry_ac_data_t data2; gcry_error_t err; gcry_sexp_t sexp; @@ -70,7 +63,7 @@ err = gcry_ac_data_to_sexp (data, &sexp, identifiers); assert_err (err); - + gcry_sexp_dump (sexp); err = gcry_ac_data_from_sexp (&data2, sexp, identifiers); assert_err (err); @@ -95,6 +88,14 @@ void check_run (void) { + const char *identifiers[] = { "foo", + "bar", + "baz", + "hello", + "somemoretexthere", + "blahblahblah", + NULL }; + const char *identifiers_null[] = { NULL }; gcry_ac_data_t data; gcry_error_t err; const char *label0; @@ -103,6 +104,8 @@ gcry_mpi_t mpi1; gcry_mpi_t mpi2; + /* Initialize values. */ + label0 = "thisisreallylonglabelbutsincethereisnolimitationonthelengthoflabelsitshouldworkjustfine"; mpi0 = gcry_mpi_new (0); assert (mpi0); @@ -111,13 +114,20 @@ err = gcry_ac_data_new (&data); assert_err (err); + check_sexp_conversion (data, identifiers); + check_sexp_conversion (data, identifiers_null); + check_sexp_conversion (data, NULL); + err = gcry_ac_data_set (data, 0, label0, mpi0); assert_err (err); err = gcry_ac_data_get_index (data, 0, 0, &label1, &mpi1); assert_err (err); assert (label0 == label1); assert (mpi0 == mpi1); - check_sexp_conversion (data); + check_sexp_conversion (data, identifiers); + check_sexp_conversion (data, identifiers_null); + check_sexp_conversion (data, NULL); + printf ("data-set-test-0 succeeded\n"); gcry_ac_data_clear (data); @@ -136,7 +146,10 @@ err = gcry_ac_data_set (data, GCRY_AC_FLAG_COPY | GCRY_AC_FLAG_DEALLOC, "blah1", mpi0); assert_err (err); - check_sexp_conversion (data); + check_sexp_conversion (data, identifiers); + check_sexp_conversion (data, identifiers_null); + check_sexp_conversion (data, NULL); + err = gcry_ac_data_get_name (data, 0, label0, &mpi1); assert_err (err); assert (mpi0 != mpi1); @@ -153,7 +166,10 @@ gcry_ac_data_clear (data); assert (! gcry_ac_data_length (data)); - check_sexp_conversion (data); + check_sexp_conversion (data, identifiers); + check_sexp_conversion (data, identifiers_null); + check_sexp_conversion (data, NULL); + printf ("data-set-test-2 succeeded\n"); gcry_ac_data_destroy (data); From cvs at cvs.gnupg.org Sat Nov 26 16:58:09 2005 From: cvs at cvs.gnupg.org (svn author mo) Date: Sat Nov 26 16:24:13 2005 Subject: [svn] gcry - r1140 - trunk/doc Message-ID: Author: mo Date: 2005-11-26 16:58:08 +0100 (Sat, 26 Nov 2005) New Revision: 1140 Modified: trunk/doc/ChangeLog trunk/doc/gcrypt.texi Log: 2005-11-26 Moritz Schulte * gcrypt.texi: New chapter: Prime numbers. Modified: trunk/doc/ChangeLog =================================================================== --- trunk/doc/ChangeLog 2005-11-26 11:52:56 UTC (rev 1139) +++ trunk/doc/ChangeLog 2005-11-26 15:58:08 UTC (rev 1140) @@ -1,3 +1,7 @@ +2005-11-26 Moritz Schulte + + * gcrypt.texi: New chapter: Prime numbers. + 2005-11-12 Moritz Schulte * gcrypt.texi (MPI formats): Document that for gcry_mpi_scan and Modified: trunk/doc/gcrypt.texi =================================================================== --- trunk/doc/gcrypt.texi 2005-11-26 11:52:56 UTC (rev 1139) +++ trunk/doc/gcrypt.texi 2005-11-26 15:58:08 UTC (rev 1140) @@ -71,6 +71,7 @@ * Random Numbers:: How to work with random numbers. * S-expressions:: How to manage S-expressions. * MPI library:: How to work with multi-precision-integers. +* Prime numbers:: How to use the Prime number related functions. * Utilities:: Utility functions. Appendices @@ -155,6 +156,10 @@ * Bit manipulations:: How to access single bits of MPI values. * Miscellaneous:: Miscellaneous MPI functions. +Prime numbers +* Generation:: Generation of new prime numbers. +* Checking:: Checking if a given number is prime. + Utilities * Memory allocation:: Functions related with memory allocation. @@ -3914,11 +3919,65 @@ boundary. @end deftypefun +@c ********************************************************** +@c ******************** Prime numbers *********************** +@c ********************************************************** +@node Prime numbers +@chapter Prime numbers + +@menu +* Generation:: Generation of new prime numbers. +* Checking:: Checking if a given number is prime. +@end menu + +@node Generation +@section Generation + +@deftypefun gcry_error_t gcry_prime_generate (gcry_mpi_t *@var{prime}, +unsigned int @var{prime_bits}, unsigned int @var{factor_bits}, +gcry_mpi_t **@var{factors}, gcry_prime_check_func_t @var{cb_func}, +void *@var{cb_arg}, gcry_random_level_t @var{random_level}, +unsigned int @var{flags}) + +Generate a new prime number of @var{prime_bits} bits and store it in +@var{prime}. If @var{factor_bits} is non-zero, one of the prime factors +of (@var{prime} - 1) / 2 must be @var{factor_bits} bits long. If +@var{factors} is non-zero, allocate a new, @code{NULL}-terminated array +holding the prime factors and store it in @var{factors}. @var{flags} +might be used to influence the prime number generation process. +@end deftypefun + +@deftypefun gcry_prime_group_generator (gcry_mpi_t *@var{r_g}, +gcry_mpi_t @var{prime}, gcry_mpi_t *@var{factors}, gcry_mpi_t @var{start_g}) + +Find a generator for @var{prime} where the factorization of (@var{prime} +- 1) is in the @code{NULL} terminated array @var{factors}. Return the +generator as a newly allocated MPI in @var{r_g}. If @var{start_g} is +not NULL, use this as the start for the search. +@end deftypefun + +@deftypefun void gcry_prime_release_factors (gcry_mpi_t *@var{factors}) + +Convenience function to release the @var{factors} array. +@end deftypefun + +@node Checking +@section Checking + +@deftypefun gcry_error_t gcry_prime_check (gcry_mpi_t @var{p}, +unsigned int @var{flags}) + +Check wether the number @var{p} is prime. Returns zero in case @var{p} +is indeed a prime, returns @code{GPG_ERR_NO_PRIME} in case @var{p} is +not a prime and a different error code in case something went horribly +wrong. +@end deftypefun + @node Utilities @chapter Utilities @menu -* Memory allocation:: Functions related with memory allocation. +* Memory allocation:: Functions related with memory allocation. @end menu @node Memory allocation From cvs at cvs.gnupg.org Sun Nov 27 18:11:56 2005 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sun Nov 27 17:37:56 2005 Subject: [svn] gpgme - r1142 - trunk/gpgme Message-ID: Author: marcus Date: 2005-11-27 18:11:55 +0100 (Sun, 27 Nov 2005) New Revision: 1142 Modified: trunk/gpgme/ChangeLog trunk/gpgme/engine.c Log: 2005-11-27 Marcus Brinkmann * engine.c (_gpgme_set_engine_info): Use new_file_name in engine_get_version invocation. Reported by St?\195?\169phane Corth?\195?\169sy. Modified: trunk/gpgme/ChangeLog =================================================================== --- trunk/gpgme/ChangeLog 2005-11-24 08:39:23 UTC (rev 1141) +++ trunk/gpgme/ChangeLog 2005-11-27 17:11:55 UTC (rev 1142) @@ -1,3 +1,8 @@ +2005-11-27 Marcus Brinkmann + + * engine.c (_gpgme_set_engine_info): Use new_file_name in + engine_get_version invocation. Reported by Stéphane Corthésy. + 2005-11-24 Marcus Brinkmann * w32-glib-io.c (_gpgme_io_fd2str): Remove debug printf. Modified: trunk/gpgme/engine.c =================================================================== --- trunk/gpgme/engine.c 2005-11-24 08:39:23 UTC (rev 1141) +++ trunk/gpgme/engine.c 2005-11-27 17:11:55 UTC (rev 1142) @@ -335,7 +335,7 @@ /* Install the new members. */ info->file_name = new_file_name; info->home_dir = new_home_dir; - info->version = engine_get_version (proto, file_name); + info->version = engine_get_version (proto, new_file_name); return 0; } From cvs at cvs.gnupg.org Mon Nov 28 12:52:28 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon Nov 28 12:18:28 2005 Subject: [svn] GnuPG - r3947 - in branches/GNUPG-1-9-BRANCH: . agent am kbx po scd tools Message-ID: Author: wk Date: 2005-11-28 12:52:25 +0100 (Mon, 28 Nov 2005) New Revision: 3947 Modified: branches/GNUPG-1-9-BRANCH/ChangeLog branches/GNUPG-1-9-BRANCH/NEWS branches/GNUPG-1-9-BRANCH/TODO branches/GNUPG-1-9-BRANCH/agent/ChangeLog branches/GNUPG-1-9-BRANCH/agent/agent.h branches/GNUPG-1-9-BRANCH/agent/call-scd.c branches/GNUPG-1-9-BRANCH/agent/command.c branches/GNUPG-1-9-BRANCH/agent/divert-scd.c branches/GNUPG-1-9-BRANCH/agent/minip12.c branches/GNUPG-1-9-BRANCH/agent/query.c branches/GNUPG-1-9-BRANCH/agent/t-protect.c branches/GNUPG-1-9-BRANCH/am/cmacros.am branches/GNUPG-1-9-BRANCH/configure.ac branches/GNUPG-1-9-BRANCH/kbx/keybox-blob.c branches/GNUPG-1-9-BRANCH/po/POTFILES.in branches/GNUPG-1-9-BRANCH/po/de.po branches/GNUPG-1-9-BRANCH/scd/ChangeLog branches/GNUPG-1-9-BRANCH/scd/apdu.c branches/GNUPG-1-9-BRANCH/scd/apdu.h branches/GNUPG-1-9-BRANCH/scd/app-dinsig.c branches/GNUPG-1-9-BRANCH/scd/app-nks.c branches/GNUPG-1-9-BRANCH/scd/app-openpgp.c branches/GNUPG-1-9-BRANCH/scd/app-p15.c branches/GNUPG-1-9-BRANCH/scd/ccid-driver.c branches/GNUPG-1-9-BRANCH/scd/ccid-driver.h branches/GNUPG-1-9-BRANCH/scd/iso7816.c branches/GNUPG-1-9-BRANCH/scd/iso7816.h branches/GNUPG-1-9-BRANCH/scd/scdaemon.c branches/GNUPG-1-9-BRANCH/scd/scdaemon.h branches/GNUPG-1-9-BRANCH/tools/ChangeLog branches/GNUPG-1-9-BRANCH/tools/gpgconf-comp.c branches/GNUPG-1-9-BRANCH/tools/rfc822parse.c Log: Preparing an interim release Modified: branches/GNUPG-1-9-BRANCH/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/ChangeLog 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/ChangeLog 2005-11-28 11:52:25 UTC (rev 3947) @@ -1,3 +1,19 @@ +2005-11-28 Werner Koch + + * configure.ac: Append the revision to the version string. + +2005-11-13 Werner Koch + + * am/cmacros.am (-DGNUPG_SYSCONFDIR): Define it. + +2005-11-11 Werner Koch + + * configure.ac (NEED_KSBA_VERSION: Require 0.9.13. + +2005-09-12 Werner Koch + + Released 1.9.19. + 2005-08-01 Werner Koch Released 1.9.18. Modified: branches/GNUPG-1-9-BRANCH/NEWS =================================================================== --- branches/GNUPG-1-9-BRANCH/NEWS 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/NEWS 2005-11-28 11:52:25 UTC (rev 3947) @@ -1,3 +1,10 @@ +Noteworthy changes in version 1.9.20 +------------------------------------------------- + + * [scdaemon] Support for keypads of some readers. Tested only with + SPR532. New option --disable-keypad. + + Noteworthy changes in version 1.9.19 (2005-09-12) ------------------------------------------------- Modified: branches/GNUPG-1-9-BRANCH/TODO =================================================================== --- branches/GNUPG-1-9-BRANCH/TODO 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/TODO 2005-11-28 11:52:25 UTC (rev 3947) @@ -26,7 +26,6 @@ * sm/gpgsm.c ** Support --output for all commands ** mark all unimplemented commands and options. -** Print a hint when MD2 is the cause for a problem. ** Implement --default-key ** support the anyPolicy semantic ** Check that we are really following the verification procedures in rfc3280. Modified: branches/GNUPG-1-9-BRANCH/agent/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/agent/ChangeLog 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/agent/ChangeLog 2005-11-28 11:52:25 UTC (rev 3947) @@ -1,3 +1,20 @@ +2005-11-24 Werner Koch + + * minip12.c (p12_parse): Fixed for case that the key object comes + prior to the certificate. + +2005-10-19 Werner Koch + + * divert-scd.c (getpin_cb): Hack to use it for a keypad message. + + * call-scd.c (inq_needpin): Reworked to support the new KEYPADINFO. + + * query.c (start_pinentry): Keep track of the owner. + (popup_message_thread, agent_popup_message_start) + (agent_popup_message_stop, agent_reset_query): New. + * command.c (start_command_handler): Make sure a popup window gets + closed. + 2005-10-08 Marcus Brinkmann * Makefile.am (gpg_protect_tool_LDADD): Add ../gl/libgnu.a. Modified: branches/GNUPG-1-9-BRANCH/agent/agent.h =================================================================== --- branches/GNUPG-1-9-BRANCH/agent/agent.h 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/agent/agent.h 2005-11-28 11:52:25 UTC (rev 3947) @@ -133,7 +133,7 @@ int have_keygrip; int use_auth_call; /* Hack to send the PKAUTH command instead of the - PKSIGN command tro scdaemon. */ + PKSIGN command to the scdaemon. */ }; typedef struct server_control_s *CTRL; typedef struct server_control_s *ctrl_t; @@ -200,6 +200,7 @@ /*-- query.c --*/ void initialize_module_query (void); void agent_query_dump_state (void); +void agent_reset_query (ctrl_t ctrl); int agent_askpin (ctrl_t ctrl, const char *desc_text, const char *prompt_text, const char *inital_errtext, @@ -209,7 +210,11 @@ const char *errtext); int agent_get_confirmation (ctrl_t ctrl, const char *desc, const char *ok, const char *cancel); +int agent_popup_message_start (ctrl_t ctrl, const char *desc, + const char *ok_btn, const char *cancel_btn); +void agent_popup_message_stop (ctrl_t ctrl); + /*-- cache.c --*/ void agent_flush_cache (void); int agent_put_cache (const char *key, cache_mode_t cache_mode, Modified: branches/GNUPG-1-9-BRANCH/agent/call-scd.c =================================================================== --- branches/GNUPG-1-9-BRANCH/agent/call-scd.c 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/agent/call-scd.c 2005-11-28 11:52:25 UTC (rev 3947) @@ -633,27 +633,44 @@ size_t pinlen; int rc; - if (!(!strncmp (line, "NEEDPIN", 7) && (line[7] == ' ' || !line[7]))) + if (!strncmp (line, "NEEDPIN", 7) && (line[7] == ' ' || !line[7])) { + line += 7; + while (*line == ' ') + line++; + + pinlen = 90; + pin = gcry_malloc_secure (pinlen); + if (!pin) + return ASSUAN_Out_Of_Core; + + rc = parm->getpin_cb (parm->getpin_cb_arg, line, pin, pinlen); + if (rc) + rc = ASSUAN_Canceled; + if (!rc) + rc = assuan_send_data (parm->ctx, pin, pinlen); + xfree (pin); + } + else if (!strncmp (line, "KEYPADINFO", 10) && (line[10] == ' ' || !line[10])) + { + size_t code; + char *endp; + + code = strtoul (line+10, &endp, 10); + line = endp; + while (*line == ' ') + line++; + + rc = parm->getpin_cb (parm->getpin_cb_arg, line, NULL, code); + if (rc) + rc = ASSUAN_Canceled; + } + else + { log_error ("unsupported inquiry `%s'\n", line); - return ASSUAN_Inquire_Unknown; + rc = ASSUAN_Inquire_Unknown; } - line += 7; - while (*line == ' ') - line++; - pinlen = 90; - pin = gcry_malloc_secure (pinlen); - if (!pin) - return ASSUAN_Out_Of_Core; - - rc = parm->getpin_cb (parm->getpin_cb_arg, line, pin, pinlen); - if (rc) - rc = ASSUAN_Canceled; - if (!rc) - rc = assuan_send_data (parm->ctx, pin, pinlen); - xfree (pin); - return rc; } Modified: branches/GNUPG-1-9-BRANCH/agent/command.c =================================================================== --- branches/GNUPG-1-9-BRANCH/agent/command.c 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/agent/command.c 2005-11-28 11:52:25 UTC (rev 3947) @@ -316,11 +316,11 @@ this command is not used a default text will be used. Note, that this description implictly selects the label used for the entry box; if the string contains the string PIN (which in general will - not be translated), "PIN" is used, other wiese the translation of + not be translated), "PIN" is used, otherwise the translation of 'passphrase" is used. The description string should not contain blanks unless they are percent or '+' escaped. - The descrition is only valid for the next PKSIGN or PKDECRYPT + The description is only valid for the next PKSIGN or PKDECRYPT operation. */ static int @@ -399,7 +399,7 @@ /* PKSIGN Perform the actual sign operation. Neither input nor output are - sensitive to eavesdropping */ + sensitive to eavesdropping. */ static int cmd_pksign (ASSUAN_CONTEXT ctx, char *line) { @@ -1085,6 +1085,9 @@ /* Reset the SCD if needed. */ agent_reset_scd (&ctrl); + /* Reset the pinentry (in case of popup messages). */ + agent_reset_query (&ctrl); + assuan_deinit_server (ctx); if (ctrl.display) free (ctrl.display); Modified: branches/GNUPG-1-9-BRANCH/agent/divert-scd.c =================================================================== --- branches/GNUPG-1-9-BRANCH/agent/divert-scd.c 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/agent/divert-scd.c 2005-11-28 11:52:25 UTC (rev 3947) @@ -204,7 +204,7 @@ const char *again_text = NULL; const char *prompt = "PIN"; - if (maxbuf < 2) + if (buf && maxbuf < 2) return gpg_error (GPG_ERR_INV_VALUE); /* Parse the flags. */ @@ -223,6 +223,23 @@ else if (info && *info == '|') log_debug ("pin_cb called without proper PIN info hack\n"); + /* If BUF has been passed as NULL, we are in keypad mode: The + callback opens the popup and immediatley returns. */ + if (!buf) + { + if (maxbuf == 0) /* Close the pinentry. */ + { + agent_popup_message_stop (ctrl); + rc = 0; + } + else if (maxbuf == 1) /* Open the pinentry. */ + { + rc = agent_popup_message_start (ctrl, info, NULL, NULL); + } + else + rc = gpg_error (GPG_ERR_INV_VALUE); + return rc; + } /* FIXME: keep PI and TRIES in OPAQUE. Frankly this is a whole mess because we should call the card's verify function from the Modified: branches/GNUPG-1-9-BRANCH/agent/minip12.c =================================================================== --- branches/GNUPG-1-9-BRANCH/agent/minip12.c 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/agent/minip12.c 2005-11-28 11:52:25 UTC (rev 3947) @@ -511,7 +511,7 @@ goto bailout; } - /* Loop over all certificates inside the bab. */ + /* Loop over all certificates inside the bag. */ while (n) { int isbag = 0; @@ -860,6 +860,7 @@ size_t n = length; const char *where; int bagseqlength, len; + gcry_mpi_t *result = NULL; where = "pfx"; if (parse_tag (&p, &n, &ti)) @@ -936,10 +937,17 @@ else if (ti.tag == TAG_OBJECT_ID && ti.length == DIM(oid_data) && !memcmp (p, oid_data, DIM(oid_data))) { - p += DIM(oid_data); - n -= DIM(oid_data); - len -= DIM(oid_data); - return parse_bag_data (p, n, (p-buffer), pw); + if (result) + log_info ("already got an data object, skipping next one\n"); + else + { + p += DIM(oid_data); + n -= DIM(oid_data); + len -= DIM(oid_data); + result = parse_bag_data (p, n, (p-buffer), pw); + if (!result) + goto bailout; + } } else log_info ( "unknown bag type - skipped\n"); @@ -950,9 +958,10 @@ n -= len; } - return NULL; + return result; bailout: log_error ("error at \"%s\", offset %u\n", where, (p - buffer)); + /* fixme: need to release RESULT. */ return NULL; } Modified: branches/GNUPG-1-9-BRANCH/agent/query.c =================================================================== --- branches/GNUPG-1-9-BRANCH/agent/query.c 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/agent/query.c 2005-11-28 11:52:25 UTC (rev 3947) @@ -27,9 +27,10 @@ #include #include #include -#ifdef USE_GNU_PTH -# include +#ifndef HAVE_W32_SYSTEM +#include #endif +#include #include "agent.h" #include "i18n.h" @@ -48,14 +49,30 @@ time. */ #define LOCK_TIMEOUT (1*60) +/* The assuan context of the current pinentry. */ +static assuan_context_t entry_ctx; -static assuan_context_t entry_ctx = NULL; -#ifdef USE_GNU_PTH +/* The control variable of the connection owning the current pinentry. + This is only valid if ENTRY_CTX is not NULL. Note, that we care + only about the value of the pointer and that it should never be + dereferenced. */ +static ctrl_t entry_owner; + +/* A mutex used to serialize access to the pinentry. */ static pth_mutex_t entry_lock; -#endif -/* data to be passed to our callbacks */ -struct entry_parm_s { +/* The thread ID of the popup working thread. */ +static pth_t popup_tid; + +/* A flag used in communication between the popup working thread and + its stop function. */ +static int popup_finished; + + + +/* Data to be passed to our callbacks, */ +struct entry_parm_s +{ int lines; size_t size; unsigned char *buffer; @@ -67,17 +84,17 @@ /* This function must be called once to initialize this module. This has to be done before a second thread is spawned. We can't do the static initialization because Pth emulation code might not be able - to do a static init; in particualr, it is not possible for W32. */ + to do a static init; in particular, it is not possible for W32. */ void initialize_module_query (void) { -#ifdef USE_GNU_PTH static int initialized; if (!initialized) - if (pth_mutex_init (&entry_lock)) - initialized = 1; -#endif /*USE_GNU_PTH*/ + { + if (pth_mutex_init (&entry_lock)) + initialized = 1; + } } @@ -102,11 +119,22 @@ log_info ("agent_query_dump_state: entry_lock="); dump_mutex_state (&entry_lock); log_printf ("\n"); - log_info ("agent_query_dump_state: entry_ctx=%p pid=%ld\n", - entry_ctx, (long)assuan_get_pid (entry_ctx)); + log_info ("agent_query_dump_state: entry_ctx=%p pid=%ld popup_tid=%p\n", + entry_ctx, (long)assuan_get_pid (entry_ctx), popup_tid); } +/* Called to make sure that a popup window owned by the current + connection gets closed. */ +void +agent_reset_query (ctrl_t ctrl) +{ + if (entry_ctx && popup_tid && entry_owner == ctrl) + { + agent_popup_message_stop (ctrl); + } +} + /* Unlock the pinentry so that another thread can start one and disconnect that pinentry - we do this after the unlock so that a stalled pinentry does not block other threads. Fixme: We should @@ -117,14 +145,12 @@ assuan_context_t ctx = entry_ctx; entry_ctx = NULL; -#ifdef USE_GNU_PTH if (!pth_mutex_release (&entry_lock)) { log_error ("failed to release the entry lock\n"); if (!rc) rc = gpg_error (GPG_ERR_INTERNAL); } -#endif assuan_disconnect (ctx); return rc; } @@ -145,7 +171,7 @@ pinentry - we will serialize _all_ pinentry calls. */ static int -start_pinentry (CTRL ctrl) +start_pinentry (ctrl_t ctrl) { int rc; const char *pgmname; @@ -153,13 +179,10 @@ const char *argv[5]; int no_close_list[3]; int i; + pth_event_t evt; -#ifdef USE_GNU_PTH - { - pth_event_t evt; - - evt = pth_event (PTH_EVENT_TIME, pth_timeout (LOCK_TIMEOUT, 0)); - if (!pth_mutex_acquire (&entry_lock, 0, evt)) + evt = pth_event (PTH_EVENT_TIME, pth_timeout (LOCK_TIMEOUT, 0)); + if (!pth_mutex_acquire (&entry_lock, 0, evt)) { if (pth_event_occurred (evt)) rc = gpg_error (GPG_ERR_TIMEOUT); @@ -170,10 +193,10 @@ gpg_strerror (rc)); return rc; } - pth_event_free (evt, PTH_FREE_THIS); - } -#endif + pth_event_free (evt, PTH_FREE_THIS); + entry_owner = ctrl; + if (entry_ctx) return 0; @@ -436,7 +459,7 @@ passphrase is returned in RETPASS as an hex encoded string to be freed by the caller */ int -agent_get_passphrase (CTRL ctrl, +agent_get_passphrase (ctrl_t ctrl, char **retpass, const char *desc, const char *prompt, const char *errtext) { @@ -517,11 +540,11 @@ /* Pop up the PIN-entry, display the text and the prompt and ask the - user to confirm this. We return 0 for success, ie. the used + user to confirm this. We return 0 for success, ie. the user confirmed it, GPG_ERR_NOT_CONFIRMED for what the text says or an other error. */ int -agent_get_confirmation (CTRL ctrl, +agent_get_confirmation (ctrl_t ctrl, const char *desc, const char *ok, const char *cancel) { int rc; @@ -562,4 +585,119 @@ } +/* The thread running the popup message. */ +static void * +popup_message_thread (void *arg) +{ + assuan_transact (entry_ctx, "CONFIRM", NULL, NULL, NULL, NULL, NULL, NULL); + popup_finished = 1; + return NULL; +} + +/* Pop up a message window similar to the confirm one but keep it open + until agent_popup_message_stop has been called. It is crucial for + the caller to make sure that the stop function gets called as soon + as the message is not anymore required becuase the message is + system modal and all other attempts to use the pinentry will fail + (after a timeout). */ +int +agent_popup_message_start (ctrl_t ctrl, const char *desc, + const char *ok_btn, const char *cancel_btn) +{ + int rc; + char line[ASSUAN_LINELENGTH]; + pth_attr_t tattr; + + rc = start_pinentry (ctrl); + if (rc) + return rc; + + if (desc) + snprintf (line, DIM(line)-1, "SETDESC %s", desc); + else + snprintf (line, DIM(line)-1, "RESET"); + line[DIM(line)-1] = 0; + rc = assuan_transact (entry_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL); + if (rc) + return unlock_pinentry (map_assuan_err (rc)); + + if (ok_btn) + { + snprintf (line, DIM(line)-1, "SETOK %s", ok_btn); + line[DIM(line)-1] = 0; + rc = assuan_transact (entry_ctx, line, NULL,NULL,NULL,NULL,NULL,NULL); + if (rc) + return unlock_pinentry (map_assuan_err (rc)); + } + if (cancel_btn) + { + snprintf (line, DIM(line)-1, "SETCANCEL %s", cancel_btn); + line[DIM(line)-1] = 0; + rc = assuan_transact (entry_ctx, line, NULL,NULL,NULL,NULL,NULL,NULL); + if (rc) + return unlock_pinentry (map_assuan_err (rc)); + } + + tattr = pth_attr_new(); + pth_attr_set (tattr, PTH_ATTR_JOINABLE, 1); + pth_attr_set (tattr, PTH_ATTR_STACK_SIZE, 256*1024); + pth_attr_set (tattr, PTH_ATTR_NAME, "popup-message"); + + popup_finished = 0; + popup_tid = pth_spawn (tattr, popup_message_thread, NULL); + if (!popup_tid) + { + rc = gpg_error_from_errno (errno); + log_error ("error spawning popup message handler: %s\n", + strerror (errno) ); + pth_attr_destroy (tattr); + return unlock_pinentry (rc); + } + pth_attr_destroy (tattr); + + return 0; +} + +/* Close a popup window. */ +void +agent_popup_message_stop (ctrl_t ctrl) +{ + int rc; + pid_t pid; + + if (!popup_tid || !entry_ctx) + { + log_debug ("agent_popup_message_stop called with no active popup\n"); + return; + } + + pid = assuan_get_pid (entry_ctx); + if (pid == (pid_t)(-1)) + ; /* No pid available can't send a kill. */ + else if (popup_finished) + ; /* Already finished and ready for joining. */ + else if (pid && ((rc=waitpid (pid, NULL, WNOHANG))==-1 || (rc == pid)) ) + { /* The daemon already died. No need to send a kill. However + because we already waited for the process, we need to tell + assuan that it should not wait again (done by + unlock_pinentry). */ + if (rc == pid) + assuan_set_flag (entry_ctx, ASSUAN_NO_WAITPID, 1); + } + else + kill (pid, SIGINT); + + /* Now wait for the thread to terminate. */ + rc = pth_join (popup_tid, NULL); + if (!rc) + log_debug ("agent_popup_message_stop: pth_join failed: %s\n", + strerror (errno)); + popup_tid = NULL; + entry_owner = NULL; + + /* Now we can close the connection. */ + unlock_pinentry (0); +} + + Modified: branches/GNUPG-1-9-BRANCH/agent/t-protect.c =================================================================== --- branches/GNUPG-1-9-BRANCH/agent/t-protect.c 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/agent/t-protect.c 2005-11-28 11:52:25 UTC (rev 3947) @@ -173,7 +173,8 @@ for (i = 0; i < DIM (specs); i++) { - ret = agent_protect (specs[i].key, specs[i].passphrase, + ret = agent_protect ((const unsigned char*)specs[i].key, + specs[i].passphrase, &specs[i].result, &specs[i].resultlen); if (gpg_err_code (ret) != specs[i].ret_expected) { Modified: branches/GNUPG-1-9-BRANCH/am/cmacros.am =================================================================== --- branches/GNUPG-1-9-BRANCH/am/cmacros.am 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/am/cmacros.am 2005-11-28 11:52:25 UTC (rev 3947) @@ -25,7 +25,8 @@ AM_CPPFLAGS += -DGNUPG_BINDIR="\"$(bindir)\"" \ -DGNUPG_LIBEXECDIR="\"$(libexecdir)\"" \ -DGNUPG_LIBDIR="\"$(libdir)/@PACKAGE@\"" \ - -DGNUPG_DATADIR="\"$(datadir)/@PACKAGE@\"" + -DGNUPG_DATADIR="\"$(datadir)/@PACKAGE@\"" \ + -DGNUPG_SYSCONFDIR="\"$(sysconfdir)/@PACKAGE@\"" endif if GNUPG_AGENT_PGM Modified: branches/GNUPG-1-9-BRANCH/configure.ac =================================================================== --- branches/GNUPG-1-9-BRANCH/configure.ac 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/configure.ac 2005-11-28 11:52:25 UTC (rev 3947) @@ -22,9 +22,12 @@ AC_PREREQ(2.52) min_automake_version="1.9.3" -# Version number: Remember to change it immediately *after* a release. -# Add a "-cvs" prefix for non-released code. -AC_INIT(gnupg, 1.9.19, gnupg-devel@gnupg.org) +# Remember to change the version number immediately *after* a release. +# Uncomment the my_iscvs macro for non-released code. +m4_define(my_version, [1.9.20]) +m4_define(my_iscvs, yes) +AC_INIT([gnupg], my_version[]m4_ifdef([my_iscvs], [-cvs[]m4_translit( + [$Revision$],[Ra-z $:])]), [gnupg-devel@gnupg.org]) # Set development_version to yes if the minor number is odd or you # feel that the default check for a development version is not # sufficient. @@ -36,7 +39,7 @@ NEED_LIBASSUAN_VERSION=0.6.10 -NEED_KSBA_VERSION=0.9.12 +NEED_KSBA_VERSION=0.9.13 PACKAGE=$PACKAGE_NAME Modified: branches/GNUPG-1-9-BRANCH/kbx/keybox-blob.c =================================================================== --- branches/GNUPG-1-9-BRANCH/kbx/keybox-blob.c 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/kbx/keybox-blob.c 2005-11-28 11:52:25 UTC (rev 3947) @@ -61,7 +61,7 @@ u32 offset to the n-th key's keyID (a keyID is always 8 byte) or 0 if not known which is the case only for X509. u16 special key flags - bit 0 = + bit 0 = qualified signature (not yet implemented} u16 reserved u16 size of serialnumber(may be zero) n u16 (see above) bytes of serial number Modified: branches/GNUPG-1-9-BRANCH/po/POTFILES.in =================================================================== --- branches/GNUPG-1-9-BRANCH/po/POTFILES.in 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/po/POTFILES.in 2005-11-28 11:52:25 UTC (rev 3947) @@ -17,6 +17,7 @@ scd/scdaemon.c scd/app-openpgp.c +scd/app-nks.c sm/base64.c sm/call-agent.c Modified: branches/GNUPG-1-9-BRANCH/po/de.po =================================================================== --- branches/GNUPG-1-9-BRANCH/po/de.po 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/po/de.po 2005-11-28 11:52:25 UTC (rev 3947) @@ -10,8 +10,8 @@ msgstr "" "Project-Id-Version: gnupg2 1.9.18\n" "Report-Msgid-Bugs-To: translations@gnupg.org\n" -"POT-Creation-Date: 2005-11-23 13:00+0100\n" -"PO-Revision-Date: 2005-11-23 13:02+0100\n" +"POT-Creation-Date: 2005-11-28 12:14+0100\n" +"PO-Revision-Date: 2005-11-28 12:16+0100\n" "Last-Translator: Werner Koch \n" "Language-Team: de\n" "MIME-Version: 1.0\n" @@ -766,6 +766,10 @@ msgid "can't access %s - invalid OpenPGP card?\n" msgstr "Zugriff auf %s nicht m?glich - ung?ltige OpenPGP Karte?\n" +#: scd/app-nks.c:344 +msgid "the NullPIN has not yet been changed\n" +msgstr "Die Nullpin wurde noch nicht ge?ndert\n" + #: sm/base64.c:317 #, c-format msgid "invalid radix64 character %02x skipped\n" @@ -1369,7 +1373,7 @@ #: sm/gpgsm.c:1475 msgid "this command has not yet been implemented\n" -msgstr "Diee Kommando wurde noch nicht implementiert\n" +msgstr "Dieses Kommando wurde noch nicht implementiert\n" #: sm/gpgsm.c:1705 sm/gpgsm.c:1742 sm/qualified.c:73 #, c-format @@ -1548,10 +1552,10 @@ msgstr "" "Sie sind dabei, eine Signatur mit dem Zertifikat:\n" "\"%s\"\n" -"zu erzeugen. Dies wird einen qualifizierte Signatur erzeugen, \n" -"die gesetzlich einer handgeschriebene gleichgestellt ist.\n" +"zu erzeugen. Dies wird eine qualifizierte Signatur erzeugen, \n" +"die gesetzlich einer handgeschriebenen gleichgestellt ist.\n" "\n" -"%s%sSind Sie wirklich sicher, da Sie dies m?chten?" +"%s%sSind Sie wirklich sicher, da? Sie dies m?chten?" #: sm/qualified.c:224 msgid "" Modified: branches/GNUPG-1-9-BRANCH/scd/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/scd/ChangeLog 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/scd/ChangeLog 2005-11-28 11:52:25 UTC (rev 3947) @@ -1,3 +1,46 @@ +2005-11-23 Werner Koch + + * app-nks.c (verify_pin): Give a special error message for a Nullpin. + +2005-10-29 Werner Koch + + * ccid-driver.c (send_escape_cmd): New args RESULT, RESULTLEN and + RESULTMAX. Changed all callers. + (ccid_transceive_escape): New. + +2005-10-27 Werner Koch + + * apdu.c [__CYGWIN__]: Make cygwin environment similar to _WIN32. + Suggested by John P. Clizbe. + * scdaemon.c [__CYGWIN__]: Set default PC/SC driver to winscard.dll. + +2005-10-19 Werner Koch + + * ccid-driver.h (CCID_DRIVER_ERR_NO_KEYPAD): New. + * apdu.h (SW_HOST_NO_KEYPAD): New. + * iso7816.h (struct iso7816_pininfo_s): New. + * iso7816.c (map_sw): Support new code. + (iso7816_check_keypad): New. + (iso7816_verify_kp, iso7816_change_reference_data_kp) + (iso7816_reset_retry_counter_kp): New. Extended versions of the + original functions. + * apdu.c (host_sw_string): Support new code. + (reader_table_s): New field CHECK_KEYPAD. + (new_reader_slot, open_ct_reader, open_pcsc_reader) + (open_ccid_reader, open_rapdu_reader): Initialize it. + (check_ccid_keypad): New. + (apdu_check_keypad): New. + (apdu_send_le): Factored all code out to ... + (send_le): .. new. Takes an additional arg; changed all callers + of the orginal function to use this one with a NULL for the new + arg. + (apdu_send_simple_kp): New. + (ct_send_apdu, pcsc_send_apdu, my_rapdu_send_apdu) + (send_apdu_ccid): New arg PININFO. + (send_apdu_ccid): Use the new arg. + + * scdaemon.c: New option --disable-keypad. + 2005-10-08 Marcus Brinkmann * Makefile.am (scdaemon_LDADD): Add ../gl/libgnu.a after @@ -3,4 +46,16 @@ ../common/libcommon.a. +2005-09-20 Werner Koch + + * app-dinsig.c (verify_pin): Try ISO 9564 BCD encoding. + + * iso7816.c (iso7816_select_application): Add arg FLAGS. Changed + all callers to pass 0. + * app-openpgp.c (app_select_openpgp): But this one requires a + special flag. + + * app-p15.c (app_select_p15): Don't use select application for the + BELPIC. + 2005-09-09 Werner Koch Modified: branches/GNUPG-1-9-BRANCH/scd/apdu.c =================================================================== --- branches/GNUPG-1-9-BRANCH/scd/apdu.c 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/scd/apdu.c 2005-11-28 11:52:25 UTC (rev 3947) @@ -66,10 +66,10 @@ #include "ccid-driver.h" -/* To to conflicting use of threading libraries we usually can't link +/* Due to conflicting use of threading libraries we usually can't link against libpcsclite. Instead we use a wrapper program. */ #ifdef USE_GNU_PTH -#ifndef HAVE_W32_SYSTEM +#if !defined(HAVE_W32_SYSTEM) && !defined(__CYGWIN__) #define NEED_PCSC_WRAPPER 1 #endif #endif @@ -78,7 +78,7 @@ #define MAX_READER 4 /* Number of readers we support concurrently. */ -#ifdef _WIN32 +#if defined(_WIN32) || defined(__CYGWIN__) #define DLSTDCALL __stdcall #else #define DLSTDCALL @@ -90,6 +90,14 @@ #define MAX_OPEN_FDS 20 #endif +/* Helper to pass patrameters related to keypad based operations. */ +struct pininfo_s +{ + int mode; + int minlen; + int maxlen; + int padlen; +}; /* A structure to collect information pertaining to one reader slot. */ @@ -103,7 +111,8 @@ int (*reset_reader)(int); int (*get_status_reader)(int, unsigned int *); int (*send_apdu_reader)(int,unsigned char *,size_t, - unsigned char *, size_t *); + unsigned char *, size_t *, struct pininfo_s *); + int (*check_keypad)(int, int, int, int, int, int); void (*dump_status_reader)(int); struct { @@ -320,6 +329,7 @@ reader_table[reader].reset_reader = NULL; reader_table[reader].get_status_reader = NULL; reader_table[reader].send_apdu_reader = NULL; + reader_table[reader].check_keypad = NULL; reader_table[reader].dump_status_reader = NULL; reader_table[reader].used = 1; @@ -372,6 +382,7 @@ case SW_HOST_GENERAL_ERROR: return "general error"; case SW_HOST_NO_READER: return "no reader"; case SW_HOST_ABORTED: return "aborted"; + case SW_HOST_NO_KEYPAD: return "no keypad"; default: return "unknown host status error"; } } @@ -533,7 +544,7 @@ set to BUFLEN. Returns: CT API error code. */ static int ct_send_apdu (int slot, unsigned char *apdu, size_t apdulen, - unsigned char *buffer, size_t *buflen) + unsigned char *buffer, size_t *buflen, struct pininfo_s *pininfo) { int rc; unsigned char dad[1], sad[1]; @@ -596,6 +607,7 @@ reader_table[reader].reset_reader = reset_ct_reader; reader_table[reader].get_status_reader = ct_get_status; reader_table[reader].send_apdu_reader = ct_send_apdu; + reader_table[reader].check_keypad = NULL; reader_table[reader].dump_status_reader = ct_dump_reader_status; dump_reader_status (reader); @@ -1082,7 +1094,8 @@ set to BUFLEN. Returns: CT API error code. */ static int pcsc_send_apdu (int slot, unsigned char *apdu, size_t apdulen, - unsigned char *buffer, size_t *buflen) + unsigned char *buffer, size_t *buflen, + struct pininfo_s *pininfo) { #ifdef NEED_PCSC_WRAPPER long err; @@ -1479,6 +1492,7 @@ reader_table[slot].reset_reader = reset_pcsc_reader; reader_table[slot].get_status_reader = pcsc_get_status; reader_table[slot].send_apdu_reader = pcsc_send_apdu; + reader_table[slot].check_keypad = NULL; reader_table[slot].dump_status_reader = dump_pcsc_reader_status; /* Read the status so that IS_T0 will be set. */ @@ -1625,6 +1639,7 @@ reader_table[slot].reset_reader = reset_pcsc_reader; reader_table[slot].get_status_reader = pcsc_get_status; reader_table[slot].send_apdu_reader = pcsc_send_apdu; + reader_table[slot].check_keypad = NULL; reader_table[slot].dump_status_reader = dump_pcsc_reader_status; /* log_debug ("state from pcsc_status: 0x%lx\n", card_state); */ @@ -1713,7 +1728,8 @@ set to BUFLEN. Returns: Internal CCID driver error code. */ static int send_apdu_ccid (int slot, unsigned char *apdu, size_t apdulen, - unsigned char *buffer, size_t *buflen) + unsigned char *buffer, size_t *buflen, + struct pininfo_s *pininfo) { long err; size_t maxbuflen; @@ -1727,9 +1743,18 @@ log_printhex (" APDU_data:", apdu, apdulen); maxbuflen = *buflen; - err = ccid_transceive (reader_table[slot].ccid.handle, - apdu, apdulen, - buffer, maxbuflen, buflen); + if (pininfo) + err = ccid_transceive_secure (reader_table[slot].ccid.handle, + apdu, apdulen, + pininfo->mode, + pininfo->minlen, + pininfo->maxlen, + pininfo->padlen, + buffer, maxbuflen, buflen); + else + err = ccid_transceive (reader_table[slot].ccid.handle, + apdu, apdulen, + buffer, maxbuflen, buflen); if (err) log_error ("ccid_transceive failed: (0x%lx)\n", err); @@ -1737,6 +1762,24 @@ return err; } + +/* Check whether the CCID reader supports the ISO command code COMMAND + on the keypad. Return 0 on success. For a description of the pin + parameters, see ccid-driver.c */ +static int +check_ccid_keypad (int slot, int command, int pin_mode, + int pinlen_min, int pinlen_max, int pin_padlen) +{ + unsigned char apdu[] = { 0, 0, 0, 0x81 }; + + apdu[1] = command; + return ccid_transceive_secure (reader_table[slot].ccid.handle, + apdu, sizeof apdu, + pin_mode, pinlen_min, pinlen_max, pin_padlen, + NULL, 0, NULL); +} + + /* Open the reader and try to read an ATR. */ static int open_ccid_reader (const char *portstr) @@ -1776,6 +1819,7 @@ reader_table[slot].reset_reader = reset_ccid_reader; reader_table[slot].get_status_reader = get_status_ccid; reader_table[slot].send_apdu_reader = send_apdu_ccid; + reader_table[slot].check_keypad = check_ccid_keypad; reader_table[slot].dump_status_reader = dump_ccid_reader_status; dump_reader_status (slot); @@ -1932,7 +1976,8 @@ set to BUFLEN. Returns: APDU error code. */ static int my_rapdu_send_apdu (int slot, unsigned char *apdu, size_t apdulen, - unsigned char *buffer, size_t *buflen) + unsigned char *buffer, size_t *buflen, + struct pininfo_s *pininfo) { int err; reader_table_t slotp; @@ -2063,6 +2108,7 @@ reader_table[slot].reset_reader = reset_rapdu_reader; reader_table[slot].get_status_reader = my_rapdu_get_status; reader_table[slot].send_apdu_reader = my_rapdu_send_apdu; + reader_table[slot].check_keypad = NULL; reader_table[slot].dump_status_reader = NULL; dump_reader_status (slot); @@ -2198,28 +2244,28 @@ pcsc_establish_context = dlsym (handle, "SCardEstablishContext"); pcsc_release_context = dlsym (handle, "SCardReleaseContext"); pcsc_list_readers = dlsym (handle, "SCardListReaders"); -#ifdef _WIN32 +#if defined(_WIN32) || defined(__CYGWIN__) if (!pcsc_list_readers) pcsc_list_readers = dlsym (handle, "SCardListReadersA"); #endif pcsc_get_status_change = dlsym (handle, "SCardGetStatusChange"); -#ifdef _WIN32 +#if defined(_WIN32) || defined(__CYGWIN__) if (!pcsc_get_status_change) pcsc_get_status_change = dlsym (handle, "SCardGetStatusChangeA"); #endif pcsc_connect = dlsym (handle, "SCardConnect"); -#ifdef _WIN32 +#if defined(_WIN32) || defined(__CYGWIN__) if (!pcsc_connect) pcsc_connect = dlsym (handle, "SCardConnectA"); #endif pcsc_reconnect = dlsym (handle, "SCardReconnect"); -#ifdef _WIN32 +#if defined(_WIN32) || defined(__CYGWIN__) if (!pcsc_reconnect) pcsc_reconnect = dlsym (handle, "SCardReconnectA"); #endif pcsc_disconnect = dlsym (handle, "SCardDisconnect"); pcsc_status = dlsym (handle, "SCardStatus"); -#ifdef _WIN32 +#if defined(_WIN32) || defined(__CYGWIN__) if (!pcsc_status) pcsc_status = dlsym (handle, "SCardStatusA"); #endif @@ -2492,11 +2538,30 @@ } +/* Check whether the reader supports the ISO command code COMMAND on + the keypad. Return 0 on success. For a description of the pin + parameters, see ccid-driver.c */ +int +apdu_check_keypad (int slot, int command, int pin_mode, + int pinlen_min, int pinlen_max, int pin_padlen) +{ + if (slot < 0 || slot >= MAX_READER || !reader_table[slot].used ) + return SW_HOST_NO_DRIVER; + + if (reader_table[slot].check_keypad) + return reader_table[slot].check_keypad (slot, command, + pin_mode, pinlen_min, pinlen_max, + pin_padlen); + else + return SW_HOST_NOT_SUPPORTED; +} + + /* Dispatcher for the actual send_apdu function. Note, that this function should be called in locked state. */ static int send_apdu (int slot, unsigned char *apdu, size_t apdulen, - unsigned char *buffer, size_t *buflen) + unsigned char *buffer, size_t *buflen, struct pininfo_s *pininfo) { if (slot < 0 || slot >= MAX_READER || !reader_table[slot].used ) return SW_HOST_NO_DRIVER; @@ -2504,24 +2569,20 @@ if (reader_table[slot].send_apdu_reader) return reader_table[slot].send_apdu_reader (slot, apdu, apdulen, - buffer, buflen); + buffer, buflen, pininfo); else return SW_HOST_NOT_SUPPORTED; } -/* Send an APDU to the card in SLOT. The APDU is created from all - given parameters: CLASS, INS, P0, P1, LC, DATA, LE. A value of -1 - for LC won't sent this field and the data field; in this case DATA - must also be passed as NULL. The return value is the status word - or -1 for an invalid SLOT or other non card related error. If - RETBUF is not NULL, it will receive an allocated buffer with the - returned data. The length of that data will be put into - *RETBUFLEN. The caller is reponsible for releasing the buffer even - in case of errors. */ -int -apdu_send_le(int slot, int class, int ins, int p0, int p1, - int lc, const char *data, int le, - unsigned char **retbuf, size_t *retbuflen) + +/* Core APDU trabceiver function. Parameters are described at + apdu_send_le with the exception of PININFO which indicates keypad + related operations if not NULL. */ +static int +send_le (int slot, int class, int ins, int p0, int p1, + int lc, const char *data, int le, + unsigned char **retbuf, size_t *retbuflen, + struct pininfo_s *pininfo) { #define RESULTLEN 256 unsigned char result[RESULTLEN+10]; /* 10 extra in case of bugs in @@ -2570,7 +2631,7 @@ /* As safeguard don't pass any garbage from the stack to the driver. */ memset (apdu+apdulen, 0, sizeof (apdu) - apdulen); resultlen = RESULTLEN; - rc = send_apdu (slot, apdu, apdulen, result, &resultlen); + rc = send_apdu (slot, apdu, apdulen, result, &resultlen, pininfo); if (rc || resultlen < 2) { log_error ("apdu_send_simple(%d) failed: %s\n", @@ -2638,7 +2699,7 @@ apdu[apdulen++] = len; memset (apdu+apdulen, 0, sizeof (apdu) - apdulen); resultlen = RESULTLEN; - rc = send_apdu (slot, apdu, apdulen, result, &resultlen); + rc = send_apdu (slot, apdu, apdulen, result, &resultlen, NULL); if (rc || resultlen < 2) { log_error ("apdu_send_simple(%d) for get response failed: %s\n", @@ -2704,6 +2765,27 @@ } /* Send an APDU to the card in SLOT. The APDU is created from all + given parameters: CLASS, INS, P0, P1, LC, DATA, LE. A value of -1 + for LC won't sent this field and the data field; in this case DATA + must also be passed as NULL. The return value is the status word + or -1 for an invalid SLOT or other non card related error. If + RETBUF is not NULL, it will receive an allocated buffer with the + returned data. The length of that data will be put into + *RETBUFLEN. The caller is reponsible for releasing the buffer even + in case of errors. */ +int +apdu_send_le(int slot, int class, int ins, int p0, int p1, + int lc, const char *data, int le, + unsigned char **retbuf, size_t *retbuflen) +{ + return send_le (slot, class, ins, p0, p1, + lc, data, le, + retbuf, retbuflen, + NULL); +} + + +/* Send an APDU to the card in SLOT. The APDU is created from all given parameters: CLASS, INS, P0, P1, LC, DATA. A value of -1 for LC won't sent this field and the data field; in this case DATA must also be passed as NULL. The return value is the status word or -1 @@ -2716,8 +2798,8 @@ apdu_send (int slot, int class, int ins, int p0, int p1, int lc, const char *data, unsigned char **retbuf, size_t *retbuflen) { - return apdu_send_le (slot, class, ins, p0, p1, lc, data, 256, - retbuf, retbuflen); + return send_le (slot, class, ins, p0, p1, lc, data, 256, + retbuf, retbuflen, NULL); } /* Send an APDU to the card in SLOT. The APDU is created from all @@ -2730,10 +2812,28 @@ apdu_send_simple (int slot, int class, int ins, int p0, int p1, int lc, const char *data) { - return apdu_send_le (slot, class, ins, p0, p1, lc, data, -1, NULL, NULL); + return send_le (slot, class, ins, p0, p1, lc, data, -1, NULL, NULL, NULL); } +/* Same as apdu_send_simple but uses the keypad of the reader. */ +int +apdu_send_simple_kp (int slot, int class, int ins, int p0, int p1, + int lc, const char *data, + int pin_mode, + int pinlen_min, int pinlen_max, int pin_padlen) +{ + struct pininfo_s pininfo; + + pininfo.mode = pin_mode; + pininfo.minlen = pinlen_min; + pininfo.maxlen = pinlen_max; + pininfo.padlen = pin_padlen; + return send_le (slot, class, ins, p0, p1, lc, data, -1, + NULL, NULL, &pininfo); +} + + /* This is a more generic version of the apdu sending routine. It takes an already formatted APDU in APDUDATA or length APDUDATALEN and returns the with the APDU including the status word. With @@ -2771,7 +2871,7 @@ class = apdulen? *apdu : 0; resultlen = RESULTLEN; - rc = send_apdu (slot, apdu, apdulen, result, &resultlen); + rc = send_apdu (slot, apdu, apdulen, result, &resultlen, NULL); if (rc || resultlen < 2) { log_error ("apdu_send_direct(%d) failed: %s\n", @@ -2825,7 +2925,7 @@ apdu[apdulen++] = len; memset (apdu+apdulen, 0, sizeof (apdu) - apdulen); resultlen = RESULTLEN; - rc = send_apdu (slot, apdu, apdulen, result, &resultlen); + rc = send_apdu (slot, apdu, apdulen, result, &resultlen, NULL); if (rc || resultlen < 2) { log_error ("apdu_send_direct(%d) for get response failed: %s\n", Modified: branches/GNUPG-1-9-BRANCH/scd/apdu.h =================================================================== --- branches/GNUPG-1-9-BRANCH/scd/apdu.h 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/scd/apdu.h 2005-11-28 11:52:25 UTC (rev 3947) @@ -63,7 +63,8 @@ SW_HOST_CARD_IO_ERROR = 0x1000a, SW_HOST_GENERAL_ERROR = 0x1000b, SW_HOST_NO_READER = 0x1000c, - SW_HOST_ABORTED = 0x1000d + SW_HOST_ABORTED = 0x1000d, + SW_HOST_NO_KEYPAD = 0x1000e }; @@ -96,8 +97,14 @@ int apdu_reset (int slot); int apdu_get_status (int slot, int hang, unsigned int *status, unsigned int *changed); +int apdu_check_keypad (int slot, int command, int pin_mode, + int pinlen_min, int pinlen_max, int pin_padlen); int apdu_send_simple (int slot, int class, int ins, int p0, int p1, int lc, const char *data); +int apdu_send_simple_kp (int slot, int class, int ins, int p0, int p1, + int lc, const char *data, + int pin_mode, + int pinlen_min, int pinlen_max, int pin_padlen); int apdu_send (int slot, int class, int ins, int p0, int p1, int lc, const char *data, unsigned char **retbuf, size_t *retbuflen); Modified: branches/GNUPG-1-9-BRANCH/scd/app-dinsig.c =================================================================== --- branches/GNUPG-1-9-BRANCH/scd/app-dinsig.c 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/scd/app-dinsig.c 2005-11-28 11:52:25 UTC (rev 3947) @@ -1,5 +1,5 @@ /* app-dinsig.c - The DINSIG (DIN V 66291-1) card application. - * Copyright (C) 2002, 2004 Free Software Foundation, Inc. + * Copyright (C) 2002, 2004, 2005 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -280,10 +280,11 @@ { if (!app->did_chv1 || app->force_chv1 ) { + const char *s; char *pinvalue; int rc; - rc = pincb (pincb_arg, "PIN", &pinvalue); + rc = pincb (pincb_arg, "PIN", &pinvalue); if (rc) { log_info ("PIN callback returned error: %s\n", gpg_strerror (rc)); @@ -291,8 +292,16 @@ } /* We require the PIN to be at least 6 and at max 8 bytes. - According to the specs, this should all be ASCII but we don't - check this. */ + According to the specs, this should all be ASCII. */ + for (s=pinvalue; digitp (s); s++) + ; + if (*s) + { + log_error ("Non-numeric digits found in PIN\n"); + xfree (pinvalue); + return gpg_error (GPG_ERR_BAD_PIN); + } + if (strlen (pinvalue) < 6) { log_error ("PIN is too short; minimum length is 6\n"); @@ -307,6 +316,28 @@ } rc = iso7816_verify (app->slot, 0x81, pinvalue, strlen (pinvalue)); + if (gpg_err_code (rc) == GPG_ERR_INV_VALUE) + { + /* We assume that ISO 9564-1 encoding is used and we failed + because the first nibble we passed was 3 and not 2. DIN + says something about looking up such an encoding in the + SSD but I was not able to find any tag relevant to + this. */ + char paddedpin[8]; + int i, ndigits; + + for (ndigits=0, s=pinvalue; *s; ndigits++, s++) + ; + i = 0; + paddedpin[i++] = 0x20 | (ndigits & 0x0f); + for (s=pinvalue; i < sizeof paddedpin && *s && s[1]; s = s+2 ) + paddedpin[i++] = (((*s - '0') << 4) | ((s[1] - '0') & 0x0f)); + if (i < sizeof paddedpin && *s) + paddedpin[i++] = (((*s - '0') << 4) | 0x0f); + while (i < sizeof paddedpin) + paddedpin[i++] = 0xff; + rc = iso7816_verify (app->slot, 0x81, paddedpin, sizeof paddedpin); + } if (rc) { log_error ("verify PIN failed\n"); @@ -404,7 +435,7 @@ int slot = app->slot; int rc; - rc = iso7816_select_application (slot, aid, sizeof aid); + rc = iso7816_select_application (slot, aid, sizeof aid, 0); if (!rc) { app->apptype = "DINSIG"; Modified: branches/GNUPG-1-9-BRANCH/scd/app-nks.c =================================================================== --- branches/GNUPG-1-9-BRANCH/scd/app-nks.c 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/scd/app-nks.c 2005-11-28 11:52:25 UTC (rev 3947) @@ -27,7 +27,7 @@ #include #include "scdaemon.h" - +#include "i18n.h" #include "iso7816.h" #include "app-common.h" #include "tlv.h" @@ -320,7 +320,7 @@ return rc; } - /* The follwoing limits are due to TCOS but also defined in the + /* The following limits are due to TCOS but also defined in the NKS specs. */ if (strlen (pinvalue) < 6) { @@ -340,7 +340,10 @@ rc = iso7816_verify (app->slot, 0, pinvalue, strlen (pinvalue)); if (rc) { - log_error ("verify PIN failed\n"); + if ( gpg_error (rc) == GPG_ERR_USE_CONDITIONS ) + log_error (_("the NullPIN has not yet been changed\n")); + else + log_error ("verify PIN failed\n"); xfree (pinvalue); return rc; } @@ -492,7 +495,7 @@ int slot = app->slot; int rc; - rc = iso7816_select_application (slot, aid, sizeof aid); + rc = iso7816_select_application (slot, aid, sizeof aid, 0); if (!rc) { app->apptype = "NKS"; Modified: branches/GNUPG-1-9-BRANCH/scd/app-openpgp.c =================================================================== --- branches/GNUPG-1-9-BRANCH/scd/app-openpgp.c 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/scd/app-openpgp.c 2005-11-28 11:52:25 UTC (rev 3947) @@ -1284,7 +1284,12 @@ if (!app->did_chv2) { char *pinvalue; + iso7816_pininfo_t pininfo; + memset (&pininfo, 0, sizeof pininfo); + pininfo.mode = 1; + pininfo.minlen = 6; + rc = pincb (pincb_arg, "PIN", &pinvalue); if (rc) { @@ -2455,7 +2460,9 @@ size_t buflen; void *relptr; - rc = iso7816_select_application (slot, aid, sizeof aid); + /* Note that the card can't cope with P2=0xCO, thus we need to pass a + special flag value. */ + rc = iso7816_select_application (slot, aid, sizeof aid, 0x0001); if (!rc) { unsigned int manufacturer; Modified: branches/GNUPG-1-9-BRANCH/scd/app-p15.c =================================================================== --- branches/GNUPG-1-9-BRANCH/scd/app-p15.c 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/scd/app-p15.c 2005-11-28 11:52:25 UTC (rev 3947) @@ -3268,18 +3268,15 @@ int direct = 0; int is_belpic = 0; - rc = iso7816_select_application (slot, pkcs15_aid, sizeof pkcs15_aid); + rc = iso7816_select_application (slot, pkcs15_aid, sizeof pkcs15_aid, 0); if (rc) - { - rc = iso7816_select_application (slot, pkcs15be_aid,sizeof pkcs15be_aid); - if (!rc) - is_belpic = 1; - } - if (rc) { /* Not found: Try to locate it from 2F00. We use direct path selection here because it seems that the Belgian eID card does only allow for that. Many other cards supports this - selection method too. */ + selection method too. Note, that we don't use + select_application above for the Belgian card - the call + works but it seems that it did not switch to the correct DF. + Using the 2f02 just works. */ unsigned short path[1] = { 0x2f00 }; rc = iso7816_select_path (app->slot, path, 1, NULL, NULL); Modified: branches/GNUPG-1-9-BRANCH/scd/ccid-driver.c =================================================================== --- branches/GNUPG-1-9-BRANCH/scd/ccid-driver.c 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/scd/ccid-driver.c 2005-11-28 11:52:25 UTC (rev 3947) @@ -1240,7 +1240,9 @@ if (CCID_COMMAND_FAILED (buffer)) print_command_failed (buffer); - /* Check whether a card is at all available. */ + /* Check whether a card is at all available. Note: If you add new + error codes here, check whether they need to be ignored in + send_escape_cmd. */ switch ((buffer[7] & 0x03)) { case 0: /* no error */ break; @@ -1253,16 +1255,23 @@ /* Note that this function won't return the error codes NO_CARD or - CARD_INACTIVE */ + CARD_INACTIVE. IF RESULT is not NULL, the result from the + operation will get returned in RESULT and its length in RESULTLEN. + If the response is larger than RESULTMAX, an error is returned and + the required buffer length returned in RESULTLEN. */ static int send_escape_cmd (ccid_driver_t handle, - const unsigned char *data, size_t datalen) + const unsigned char *data, size_t datalen, + unsigned char *result, size_t resultmax, size_t *resultlen) { int i, rc; unsigned char msg[100]; size_t msglen; unsigned char seqno; + if (resultlen) + *resultlen = 0; + if (datalen > sizeof msg - 10) return CCID_DRIVER_ERR_INV_VALUE; /* Escape data too large. */ @@ -1285,11 +1294,42 @@ return rc; rc = bulk_in (handle, msg, sizeof msg, &msglen, RDR_to_PC_Escape, seqno, 5000, 0); - + if (result) + switch (rc) + { + /* We need to ignore certain errorcode here. */ + case 0: + case CCID_DRIVER_ERR_CARD_INACTIVE: + case CCID_DRIVER_ERR_NO_CARD: + { + if (msglen > resultmax) + rc = CCID_DRIVER_ERR_INV_VALUE; /* Response too large. */ + else + { + memcpy (result, msg, msglen); + *resultlen = msglen; + } + rc = 0; + } + break; + default: + break; + } + return rc; } +int +ccid_transceive_escape (ccid_driver_t handle, + const unsigned char *data, size_t datalen, + unsigned char *resp, size_t maxresplen, size_t *nresp) +{ + return send_escape_cmd (handle, data, datalen, resp, maxresplen, nresp); +} + + + /* experimental */ int ccid_poll (ccid_driver_t handle) @@ -1445,7 +1485,8 @@ { tried_iso = 1; /* Try switching to ISO mode. */ - if (!send_escape_cmd (handle, (const unsigned char*)"\xF1\x01", 2)) + if (!send_escape_cmd (handle, (const unsigned char*)"\xF1\x01", 2, + NULL, 0, NULL)) goto again; } else if (CCID_COMMAND_FAILED (msg)) @@ -1957,14 +1998,16 @@ } -/* Send the CCID Secure command to the reader. APDU_BUF should contain the APDU template. PIN_MODE defines now the pin gets formatted: +/* Send the CCID Secure command to the reader. APDU_BUF should + contain the APDU template. PIN_MODE defines how the pin gets + formatted: 1 := The PIN is ASCII encoded and of variable length. The length of the PIN entered will be put into Lc by the reader. The APDU should me made up of 4 bytes without Lc. PINLEN_MIN and PINLEN_MAX define the limits for the pin length. 0 - may be used t enable usbale defaults. PIN_PADLEN should be 0 + may be used t enable reasonable defaults. PIN_PADLEN should be 0. When called with RESP and NRESP set to NULL, the function will merely check whether the reader supports the secure command for the @@ -1996,7 +2039,7 @@ else if (apdu_buflen >= 4 && apdu_buf[1] == 0x24 && (handle->has_pinpad & 2)) return CCID_DRIVER_ERR_NOT_SUPPORTED; /* Not yet by our code. */ else - return CCID_DRIVER_ERR_NOT_SUPPORTED; + return CCID_DRIVER_ERR_NO_KEYPAD; if (pin_mode != 1) return CCID_DRIVER_ERR_NOT_SUPPORTED; @@ -2027,7 +2070,8 @@ if (handle->id_vendor == VENDOR_SCM) { DEBUGOUT ("sending escape sequence to switch to a case 1 APDU\n"); - rc = send_escape_cmd (handle, (const unsigned char*)"\x80\x02\x00", 3); + rc = send_escape_cmd (handle, (const unsigned char*)"\x80\x02\x00", 3, + NULL, 0, NULL); if (rc) return rc; } @@ -2044,7 +2088,7 @@ if (handle->id_vendor == VENDOR_SCM) { /* For the SPR532 the next 2 bytes need to be zero. We do this - for all SCM product. Kudos to to Martin Paljak for this + for all SCM product. Kudos to Martin Paljak for this hint. */ msg[13] = msg[14] = 0; } Modified: branches/GNUPG-1-9-BRANCH/scd/ccid-driver.h =================================================================== --- branches/GNUPG-1-9-BRANCH/scd/ccid-driver.h 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/scd/ccid-driver.h 2005-11-28 11:52:25 UTC (rev 3947) @@ -58,7 +58,7 @@ #ifndef CCID_DRIVER_H #define CCID_DRIVER_H -/* The CID driver returns the same error codes as the statsu words +/* The CID driver returns the same error codes as the status words used by GnuPG's apdu.h. For ease of maintenance they should always match. */ #define CCID_DRIVER_ERR_OUT_OF_CORE 0x10001 @@ -74,6 +74,7 @@ #define CCID_DRIVER_ERR_GENERAL_ERROR 0x1000b #define CCID_DRIVER_ERR_NO_READER 0x1000c #define CCID_DRIVER_ERR_ABORTED 0x1000d +#define CCID_DRIVER_ERR_NO_KEYPAD 0x1000e struct ccid_driver_s; typedef struct ccid_driver_s *ccid_driver_t; @@ -94,6 +95,10 @@ int pin_mode, int pinlen_min, int pinlen_max, int pin_padlen, unsigned char *resp, size_t maxresplen, size_t *nresp); +int ccid_transceive_escape (ccid_driver_t handle, + const unsigned char *data, size_t datalen, + unsigned char *resp, size_t maxresplen, + size_t *nresp); Modified: branches/GNUPG-1-9-BRANCH/scd/iso7816.c =================================================================== --- branches/GNUPG-1-9-BRANCH/scd/iso7816.c 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/scd/iso7816.c 2005-11-28 11:52:25 UTC (rev 3947) @@ -47,9 +47,9 @@ #define CMD_SELECT_FILE 0xA4 -#define CMD_VERIFY 0x20 -#define CMD_CHANGE_REFERENCE_DATA 0x24 -#define CMD_RESET_RETRY_COUNTER 0x2C +#define CMD_VERIFY ISO7816_VERIFY +#define CMD_CHANGE_REFERENCE_DATA ISO7816_CHANGE_REFERENCE_DATA +#define CMD_RESET_RETRY_COUNTER ISO7816_RESET_RETRY_COUNTER #define CMD_GET_DATA 0xCA #define CMD_PUT_DATA 0xDA #define CMD_MSE 0x22 @@ -95,6 +95,7 @@ case SW_HOST_GENERAL_ERROR: ec = GPG_ERR_GENERAL; break; case SW_HOST_NO_READER: ec = GPG_ERR_ENODEV; break; case SW_HOST_ABORTED: ec = GPG_ERR_CANCELED; break; + case SW_HOST_NO_KEYPAD: ec = GPG_ERR_NOT_SUPPORTED; break; default: if ((sw & 0x010000)) @@ -124,12 +125,15 @@ requested application ID. The function can't be used to enumerate AIDs and won't return the AID on success. The return value is 0 for okay or a GPG error code. Note that ISO error codes are - internally mapped. */ + internally mapped. Bit 0 of FLAGS should be set if the card does + not understand P2=0xC0. */ gpg_error_t -iso7816_select_application (int slot, const char *aid, size_t aidlen) +iso7816_select_application (int slot, const char *aid, size_t aidlen, + unsigned int flags) { int sw; - sw = apdu_send_simple (slot, 0x00, CMD_SELECT_FILE, 4, 0, aidlen, aid); + sw = apdu_send_simple (slot, 0x00, CMD_SELECT_FILE, 4, + (flags&1)? 0 :0x0c, aidlen, aid); return map_sw (sw); } @@ -221,27 +225,59 @@ } +/* Check whether the reader supports the ISO command code COMMAND on + the keypad. Returns 0 on success. */ +gpg_error_t +iso7816_check_keypad (int slot, int command, iso7816_pininfo_t *pininfo) +{ + int sw; + sw = apdu_check_keypad (slot, command, + pininfo->mode, pininfo->minlen, pininfo->maxlen, + pininfo->padlen); + return map_sw (sw); +} + + /* Perform a VERIFY command on SLOT using the card holder verification - vector CHVNO with a CHV of lenght CHVLEN. Returns 0 on success. */ + vector CHVNO with a CHV of lenght CHVLEN. With PININFO non-NULL + the keypad of the reader will be used. Returns 0 on success. */ gpg_error_t -iso7816_verify (int slot, int chvno, const char *chv, size_t chvlen) +iso7816_verify_kp (int slot, int chvno, const char *chv, size_t chvlen, + iso7816_pininfo_t *pininfo) { int sw; - sw = apdu_send_simple (slot, 0x00, CMD_VERIFY, 0, chvno, chvlen, chv); + if (pininfo && pininfo->mode) + sw = apdu_send_simple_kp (slot, 0x00, CMD_VERIFY, 0, chvno, chvlen, chv, + pininfo->mode, + pininfo->minlen, + pininfo->maxlen, + pininfo->padlen); + else + sw = apdu_send_simple (slot, 0x00, CMD_VERIFY, 0, chvno, chvlen, chv); return map_sw (sw); } +/* Perform a VERIFY command on SLOT using the card holder verification + vector CHVNO with a CHV of lenght CHVLEN. Returns 0 on success. */ +gpg_error_t +iso7816_verify (int slot, int chvno, const char *chv, size_t chvlen) +{ + return iso7816_verify_kp (slot, chvno, chv, chvlen, NULL); +} + /* Perform a CHANGE_REFERENCE_DATA command on SLOT for the card holder verification vector CHVNO. If the OLDCHV is NULL (and OLDCHVLEN 0), a "change reference data" is done, otherwise an "exchange reference data". The new reference data is expected in NEWCHV of - length NEWCHVLEN. */ + length NEWCHVLEN. With PININFO non-NULL the keypad of the reader + will be used. */ gpg_error_t -iso7816_change_reference_data (int slot, int chvno, - const char *oldchv, size_t oldchvlen, - const char *newchv, size_t newchvlen) +iso7816_change_reference_data_kp (int slot, int chvno, + const char *oldchv, size_t oldchvlen, + const char *newchv, size_t newchvlen, + iso7816_pininfo_t *pininfo) { int sw; char *buf; @@ -258,28 +294,69 @@ memcpy (buf, oldchv, oldchvlen); memcpy (buf+oldchvlen, newchv, newchvlen); - sw = apdu_send_simple (slot, 0x00, CMD_CHANGE_REFERENCE_DATA, - oldchvlen? 0 : 1, chvno, oldchvlen+newchvlen, buf); + if (pininfo && pininfo->mode) + sw = apdu_send_simple_kp (slot, 0x00, CMD_CHANGE_REFERENCE_DATA, + oldchvlen? 0 : 1, chvno, oldchvlen+newchvlen, buf, + pininfo->mode, + pininfo->minlen, + pininfo->maxlen, + pininfo->padlen); + else + sw = apdu_send_simple (slot, 0x00, CMD_CHANGE_REFERENCE_DATA, + oldchvlen? 0 : 1, chvno, oldchvlen+newchvlen, buf); xfree (buf); return map_sw (sw); } +/* Perform a CHANGE_REFERENCE_DATA command on SLOT for the card holder + verification vector CHVNO. If the OLDCHV is NULL (and OLDCHVLEN + 0), a "change reference data" is done, otherwise an "exchange + reference data". The new reference data is expected in NEWCHV of + length NEWCHVLEN. */ gpg_error_t -iso7816_reset_retry_counter (int slot, int chvno, - const char *newchv, size_t newchvlen) +iso7816_change_reference_data (int slot, int chvno, + const char *oldchv, size_t oldchvlen, + const char *newchv, size_t newchvlen) { + return iso7816_change_reference_data_kp (slot, chvno, oldchv, oldchvlen, + newchv, newchvlen, NULL); +} + + +gpg_error_t +iso7816_reset_retry_counter_kp (int slot, int chvno, + const char *newchv, size_t newchvlen, + iso7816_pininfo_t *pininfo) +{ int sw; if (!newchv || !newchvlen ) return gpg_error (GPG_ERR_INV_VALUE); - sw = apdu_send_simple (slot, 0x00, CMD_RESET_RETRY_COUNTER, - 2, chvno, newchvlen, newchv); + if (pininfo && pininfo->mode) + sw = apdu_send_simple_kp (slot, 0x00, CMD_RESET_RETRY_COUNTER, + 2, chvno, newchvlen, newchv, + pininfo->mode, + pininfo->minlen, + pininfo->maxlen, + pininfo->padlen); + else + sw = apdu_send_simple (slot, 0x00, CMD_RESET_RETRY_COUNTER, + 2, chvno, newchvlen, newchv); return map_sw (sw); } +gpg_error_t +iso7816_reset_retry_counter (int slot, int chvno, + const char *newchv, size_t newchvlen) +{ + return iso7816_reset_retry_counter_kp (slot, chvno, newchv, newchvlen, NULL); +} + + + /* Perform a GET DATA command requesting TAG and storing the result in a newly allocated buffer at the address passed by RESULT. Return the length of this data at the address of RESULTLEN. */ Modified: branches/GNUPG-1-9-BRANCH/scd/iso7816.h =================================================================== --- branches/GNUPG-1-9-BRANCH/scd/iso7816.h 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/scd/iso7816.h 2005-11-28 11:52:25 UTC (rev 3947) @@ -28,10 +28,30 @@ #include "cardglue.h" #endif +/* Command codes used by iso7816_check_keypad. */ +#define ISO7816_VERIFY 0x20 +#define ISO7816_CHANGE_REFERENCE_DATA 0x24 +#define ISO7816_RESET_RETRY_COUNTER 0x2C + + +/* Information to be passed to keypad equipped readers. See + ccid-driver.c for details. */ +struct iso7816_pininfo_s +{ + int mode; /* A mode of 0 means: Do not use the keypad. */ + int minlen; + int maxlen; + int padlen; + int padchar; +}; +typedef struct iso7816_pininfo_s iso7816_pininfo_t; + + gpg_error_t iso7816_map_sw (int sw); gpg_error_t iso7816_select_application (int slot, - const char *aid, size_t aidlen); + const char *aid, size_t aidlen, + unsigned int flags); gpg_error_t iso7816_select_file (int slot, int tag, int is_dir, unsigned char **result, size_t *resultlen); gpg_error_t iso7816_select_path (int slot, @@ -39,13 +59,26 @@ unsigned char **result, size_t *resultlen); gpg_error_t iso7816_list_directory (int slot, int list_dirs, unsigned char **result, size_t *resultlen); +gpg_error_t iso7816_check_keypad (int slot, int command, + iso7816_pininfo_t *pininfo); gpg_error_t iso7816_verify (int slot, int chvno, const char *chv, size_t chvlen); +gpg_error_t iso7816_verify_kp (int slot, + int chvno, const char *chv, size_t chvlen, + iso7816_pininfo_t *pininfo); gpg_error_t iso7816_change_reference_data (int slot, int chvno, const char *oldchv, size_t oldchvlen, const char *newchv, size_t newchvlen); +gpg_error_t iso7816_change_reference_data_kp (int slot, int chvno, + const char *oldchv, size_t oldchvlen, + const char *newchv, size_t newchvlen, + iso7816_pininfo_t *pininfo); gpg_error_t iso7816_reset_retry_counter (int slot, int chvno, const char *newchv, size_t newchvlen); +gpg_error_t iso7816_reset_retry_counter_kp (int slot, int chvno, + const char *newchv, + size_t newchvlen, + iso7816_pininfo_t *pininfo); gpg_error_t iso7816_get_data (int slot, int tag, unsigned char **result, size_t *resultlen); gpg_error_t iso7816_put_data (int slot, int tag, Modified: branches/GNUPG-1-9-BRANCH/scd/scdaemon.c =================================================================== --- branches/GNUPG-1-9-BRANCH/scd/scdaemon.c 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/scd/scdaemon.c 2005-11-28 11:52:25 UTC (rev 3947) @@ -84,6 +84,7 @@ opcscDriver, oDisableCCID, oDisableOpenSC, + oDisableKeypad, oAllowAdmin, oDenyAdmin, oDisableApplication, @@ -126,6 +127,7 @@ "@" #endif /* end --disable-ccid */}, + { oDisableKeypad, "disable-keypad", 0, N_("do not use a reader's keypad")}, { oAllowAdmin, "allow-admin", 0, N_("allow the use of admin card commands")}, { oDenyAdmin, "deny-admin", 0, "@" }, { oDisableApplication, "disable-application", 2, "@"}, @@ -135,7 +137,7 @@ /* The card dirver we use by default for PC/SC. */ -#ifdef HAVE_W32_SYSTEM +#if defined(HAVE_W32_SYSTEM) || defined(__CYGWIN__) #define DEFAULT_PCSC_DRIVER "winscard.dll" #else #define DEFAULT_PCSC_DRIVER "libpcsclite.so" @@ -489,6 +491,8 @@ case oDisableCCID: opt.disable_ccid = 1; break; case oDisableOpenSC: break; + case oDisableKeypad: opt.disable_keypad = 1; break; + case oAllowAdmin: opt.allow_admin = 1; break; case oDenyAdmin: opt.allow_admin = 0; break; Modified: branches/GNUPG-1-9-BRANCH/scd/scdaemon.h =================================================================== --- branches/GNUPG-1-9-BRANCH/scd/scdaemon.h 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/scd/scdaemon.h 2005-11-28 11:52:25 UTC (rev 3947) @@ -39,21 +39,22 @@ #define MAX_DIGEST_LEN 24 -/* A large struct name "opt" to keep global flags */ +/* A large struct name "opt" to keep global flags. */ struct { - unsigned int debug; /* debug flags (DBG_foo_VALUE) */ - int verbose; /* verbosity level */ - int quiet; /* be as quiet as possible */ - int dry_run; /* don't change any persistent data */ - int batch; /* batch mode */ - const char *homedir; /* configuration directory name */ + unsigned int debug; /* Debug flags (DBG_foo_VALUE). */ + int verbose; /* Verbosity level. */ + int quiet; /* Be as quiet as possible. */ + int dry_run; /* Don't change any persistent data. */ + int batch; /* Batch mode. */ + const char *homedir; /* Configuration directory name. */ const char *ctapi_driver; /* Library to access the ctAPI. */ const char *pcsc_driver; /* Library to access the PC/SC system. */ const char *reader_port; /* NULL or reder port to use. */ int disable_ccid; /* Disable the use of the internal CCID driver. */ + int disable_keypad; /* Do not use a keypad. */ int allow_admin; /* Allow the use of admin commands for certain cards. */ - strlist_t disabled_applications; /* card applications we do not + strlist_t disabled_applications; /* Card applications we do not want to use. */ } opt; Modified: branches/GNUPG-1-9-BRANCH/tools/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/tools/ChangeLog 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/tools/ChangeLog 2005-11-28 11:52:25 UTC (rev 3947) @@ -1,3 +1,11 @@ +2005-10-19 Werner Koch + + * gpgconf-comp.c (gc_options_scdaemon): New option --disable-keypad. + +2005-09-22 Werner Koch + + * rfc822parse.c (parse_field): Tread Content-Disposition special. + 2005-10-08 Marcus Brinkmann * Makefile.am (watchgnupg_LDADD): New variable. Modified: branches/GNUPG-1-9-BRANCH/tools/gpgconf-comp.c =================================================================== --- branches/GNUPG-1-9-BRANCH/tools/gpgconf-comp.c 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/tools/gpgconf-comp.c 2005-11-28 11:52:25 UTC (rev 3947) @@ -528,8 +528,10 @@ { "disable-ccid", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT, "gnupg", "do not use the internal CCID driver", GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON }, + { "disable-keypad", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED, + "gnupg", "do not use a reader's keypad", + GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON }, - { "Debug", GC_OPT_FLAG_GROUP, GC_LEVEL_ADVANCED, "gnupg", N_("Options useful for debugging") }, @@ -2447,7 +2449,8 @@ { #ifdef HAVE_W32_SYSTEM /* FIXME: Won't work becuase W32 doesn't silently - overwrite. */ + overwrite. Fix it by creating a backup copy and + deliting the orginal file first. */ err = rename (src_pathname[i], dest_pathname[i]); #else /*!HAVE_W32_SYSTEM*/ /* This is a bit safer than rename() because we Modified: branches/GNUPG-1-9-BRANCH/tools/rfc822parse.c =================================================================== --- branches/GNUPG-1-9-BRANCH/tools/rfc822parse.c 2005-11-23 12:38:38 UTC (rev 3946) +++ branches/GNUPG-1-9-BRANCH/tools/rfc822parse.c 2005-11-28 11:52:25 UTC (rev 3947) @@ -766,6 +766,7 @@ } tspecial_header[] = { { "Content-Type", 12}, { "Content-Transfer-Encoding", 25}, + { "Content-Disposition", 19}, { NULL, 0} }; const char *delimiters; From cvs at cvs.gnupg.org Wed Nov 30 17:47:27 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Wed Nov 30 17:13:09 2005 Subject: [svn] GPGol - r128 - in trunk: . po src Message-ID: Author: wk Date: 2005-11-30 17:47:27 +0100 (Wed, 30 Nov 2005) New Revision: 128 Modified: trunk/ChangeLog trunk/po/de.po trunk/src/ChangeLog trunk/src/gpgmsg.cpp trunk/src/gpgol-rsrcs.rc trunk/src/olflange-ids.h trunk/src/olflange-rsrcs.rc trunk/src/olflange.cpp trunk/src/passphrase-dialog.c trunk/src/pgpmime.c trunk/src/recipient-dialog.c trunk/src/verify-dialog.c Log: More translations Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2005-11-30 14:31:38 UTC (rev 127) +++ trunk/ChangeLog 2005-11-30 16:47:27 UTC (rev 128) @@ -1,5 +1,7 @@ 2005-11-30 Werner Koch + * po/de.po: New. + * po/: New; created by autopoint. * po/Makevars: New. * m4/Makefile.am: Add new m4 files. Modified: trunk/po/de.po =================================================================== --- trunk/po/de.po 2005-11-30 14:31:38 UTC (rev 127) +++ trunk/po/de.po 2005-11-30 16:47:27 UTC (rev 128) @@ -7,8 +7,8 @@ msgstr "" "Project-Id-Version: GPGol 0.9.4\n" "Report-Msgid-Bugs-To: bug-gpgol@g10code.com\n" -"POT-Creation-Date: 2005-11-30 12:02+0100\n" -"PO-Revision-Date: 2005-11-30 12:55+0100\n" +"POT-Creation-Date: 2005-11-30 17:02+0100\n" +"PO-Revision-Date: 2005-11-30 17:06+0100\n" "Last-Translator: Werner Koch \n" "Language-Team: de\n" "MIME-Version: 1.0\n" @@ -37,11 +37,13 @@ #: src/engine-gpgme.c:955 msgid "Warning: The key used to create the signature expired at: " -msgstr "Warnung: Der Schl?ssel mit der diese Unterschrift erzeugt wurde verfiel am: " +msgstr "" +"Warnung: Der Schl?ssel mit der diese Unterschrift erzeugt wurde verfiel am: " #: src/engine-gpgme.c:961 msgid "Warning: At least one certification key has expired\n" -msgstr "Warnung: Mindestens einer der Zertifizierungsschl?ssel ist abgelaufen\n" +msgstr "" +"Warnung: Mindestens einer der Zertifizierungsschl?ssel ist abgelaufen\n" #: src/engine-gpgme.c:967 msgid "Warning: The signature expired at: " @@ -49,7 +51,8 @@ #: src/engine-gpgme.c:973 msgid "Can't verify due to a missing key or certificate\n" -msgstr "Aufrund eines fehlenden Schl?ssels ist eine ?berpr?fung nicht m?glich\n" +msgstr "" +"Aufrund eines fehlenden Schl?ssels ist eine ?berpr?fung nicht m?glich\n" #: src/engine-gpgme.c:977 msgid "The CRL is not available\n" @@ -71,17 +74,22 @@ msgid "" "WARNING: We have NO indication whether the key belongs to the person named " "as shown above\n" -msgstr "WARNUNG: Es gibt keinen Hinweis darauf, ob der Schl?ssel wirklich der Person geh?rt, die oben angezeigt ist\n" +msgstr "" +"WARNUNG: Es gibt keinen Hinweis darauf, ob der Schl?ssel wirklich der Person " +"geh?rt, die oben angezeigt ist\n" #: src/engine-gpgme.c:1038 msgid "WARNING: The key does NOT BELONG to the person named as shown above\n" -msgstr "WARNUNG: Der Schl?ssel geh?rt NICHT der Person die oben angezeigt ist\n" +msgstr "" +"WARNUNG: Der Schl?ssel geh?rt NICHT der Person die oben angezeigt ist\n" #: src/engine-gpgme.c:1042 msgid "" "WARNING: It is NOT certain that the key belongs to the person named as shown " "above\n" -msgstr "WARNING: Es ist nicht sicher, da? der Schl?ssel der Person geh?rt, die oben angezeigt ist\n" +msgstr "" +"WARNING: Es ist nicht sicher, da? der Schl?ssel der Person geh?rt, die oben " +"angezeigt ist\n" #: src/engine-gpgme.c:1075 msgid "Verification started at: " @@ -125,8 +133,167 @@ #: src/gpgmsg.cpp:804 msgid "[No attestation computed (e.g. messages was not signed)" -msgstr "[Kein Testat berechnet (z.B. da die Nachricht nicht unterschrieben war)" +msgstr "" +"[Kein Testat berechnet (z.B. da die Nachricht nicht unterschrieben war)" +#: src/gpgmsg.cpp:926 +msgid "No valid OpenPGP data found." +msgstr "Keine g?ltigen OpenPGP Daten gefunden" + +#: src/gpgmsg.cpp:927 src/gpgmsg.cpp:962 src/gpgmsg.cpp:974 src/gpgmsg.cpp:988 +#: src/gpgmsg.cpp:1064 +msgid "Decryption" +msgstr "Entschl?sselung" + +#: src/gpgmsg.cpp:961 src/gpgmsg.cpp:973 src/gpgmsg.cpp:987 +msgid "Problem decrypting PGP/MIME message" +msgstr "Problem bei Entschl?sseln einer PGP/MIME Nachricht" + +#: src/gpgmsg.cpp:1016 +msgid "Verification Failure" +msgstr "?berpr?fungsfehler" + +#: src/gpgmsg.cpp:1019 +msgid "Decryption Failure" +msgstr "Entschl?sselungsfehler" + +#: src/gpgmsg.cpp:1058 +msgid "" +"The message text cannot be displayed.\n" +"You have to save the decrypted message to view it.\n" +"Then you need to re-open the message.\n" +"\n" +"Do you want to save the decrypted message?" +msgstr "" +"Der Text der Nachricht kann nicht angezeigt werden.\n" +"Sie sollten die entschl?sselte Nachricht abspeichern und\n" +"sie dann wieder zum Betrachten ?ffnen.\n" +"\n" +"M?chten Sie die entschl?sselte Nachricht abspeichern?" + +#. TRANSLATORS: Keep the @LIST@ verbatim on a separate line; it +#. will be expanded to a list of atatchment names. +#: src/gpgmsg.cpp:1085 +msgid "" +"Signed attachments found.\n" +"\n" +"@LIST@\n" +"Do you want to verify the signatures?" +msgstr "" +"Es wurden unterschriebene Anh?nge gefunden.\n" +"\n" +"@LIST@\n" +"M?chten Sie diese Unterschriften ?berpr?fen?" + +#: src/gpgmsg.cpp:1093 +msgid "Attachment Verification" +msgstr "?berpr?fung der Anh?nge" + +#. TRANSLATORS: Keep the @LIST@ verbatim on a separate line; it +#. will be expanded to a list of atatchment names. +#: src/gpgmsg.cpp:1111 +msgid "" +"Encrypted attachments found.\n" +"\n" +"@LIST@\n" +"Do you want to decrypt and save them?" +msgstr "" +"Es wurde verschl?sselte Anhange gefunden.\n" +"\n" +"@LIST@\n" +"M?chten Sie diese entschl?sseln und abspeichern?" + +#: src/gpgmsg.cpp:1118 +msgid "Attachment Decryption" +msgstr "Entschl?sselung eines Anhangs" + +#: src/gpgmsg.cpp:1176 +msgid "Signing Failure" +msgstr "Unterschrifterstellungsfehler" + +#: src/gpgmsg.cpp:1321 +msgid "Encryption Failure" +msgstr "Verschl?sselungsfehler" + +#: src/gpgmsg.cpp:1357 src/gpgmsg.cpp:2651 +msgid "Attachment Encryption Failure" +msgstr "Verschl?sselungsfehler eines Anhangs" + +#: src/gpgmsg.cpp:2058 +msgid "Attachment Verification Failure" +msgstr "?berpr?fungsfehler eines Anhangs" + +#: src/gpgmsg.cpp:2241 src/gpgmsg.cpp:2290 +msgid "Attachment Decryption Failure" +msgstr "Entschl?sselungsfehler eines Anhangs" + +#: src/gpgmsg.cpp:2460 +msgid "Attachment Signing Failure" +msgstr "Unterschrifterstellungsfehler eines Anhangs" + +#: src/olflange.cpp:883 +msgid "" +"Sorry, we can only encrypt plain text messages and\n" +"no RTF messages. Please make sure that only the text\n" +"format has been selected." +msgstr "" +"Leider ist es nur m?glich reine Textnachrichten aber keine\n" +"Nachrichten im RTF Format zu verschl?sseln. Bitte stellen \n" +"Sie sicher, da? lediglich das Text Format ausgew?hlt wurde.\n" +"(In der Men?leiste: \"Format\" => \"Nur Text\")" + +#: src/olflange.cpp:1268 +msgid "&Decrypt and verify message" +msgstr "Entschl?sseln/Pr?fen der Nachricht" + +#: src/olflange.cpp:1306 +msgid "GPG &encrypt message" +msgstr "Mit GPG &verschl?sseln" + +#: src/olflange.cpp:1312 +msgid "GPG &sign message" +msgstr "Mit GPG unter&schreiben" + +#: src/olflange.cpp:1358 +msgid "GPG Key &Manager" +msgstr "GPG Schl?ssel&verwaltung" + +#: src/olflange.cpp:1491 +msgid "Could not start Key-Manager" +msgstr "Dei Schl?sselverwaltung konnte nicht aufgerufen werden" + +#: src/olflange.cpp:1537 +msgid "Decrypt and verify the message." +msgstr "Entschl?sseln und Pr?fen der Nachricht." + +#: src/olflange.cpp:1545 +msgid "Select this option to encrypt the message." +msgstr "W?hlen Sie diese Option zum Verschl?sseln der Nachricht." + +#: src/olflange.cpp:1551 +msgid "Select this option to sign the message." +msgstr "W?hlen Sie diese Option zum Unterschreiben der Nachricht." + +#: src/olflange.cpp:1560 src/olflange.cpp:1621 src/olflange.cpp:1703 +msgid "Open GPG Key Manager" +msgstr "Die GPG Schl?sselverwaltung ?ffnen" + +#: src/olflange.cpp:1590 src/olflange.cpp:1654 +msgid "Decrypt message and verify signature" +msgstr "Nachricht entschl?sseln und Unterschrift pr?fen" + +#: src/olflange.cpp:1601 src/olflange.cpp:1672 +msgid "Encrypt message with GPG" +msgstr "Nachricht mit GPG verschl?sseln" + +#: src/olflange.cpp:1610 src/olflange.cpp:1687 +msgid "Sign message with GPG" +msgstr "Nachricht mit GPG unterschreiben" + +#: src/passphrase-dialog.c:83 +msgid "No key hint given." +msgstr "Kein Hinweis auf den Schl?ssel" + #: src/passphrase-dialog.c:322 src/passphrase-dialog.c:464 msgid "Invalid passphrase; please try again..." msgstr "Ung?ltige Passphrase; bitte nochmal versuchen..." @@ -137,7 +304,8 @@ "\n" "Do you really want to cancel?" msgstr "" -"Wenn Sie diesen Dialog abbrechen, wird die Nachricht im Klartext ausgesendet!\n" +"Wenn Sie diesen Dialog abbrechen, wird die Nachricht im Klartext " +"ausgesendet!\n" "\n" "M?chten Sie wirklich abbrechen?" @@ -147,29 +315,64 @@ "\n" "Do you really want to cancel?" msgstr "" -"Wenn Sie diesen Dialog abbrechen, so wird die Nachricht ohne Unterschrift versendet.\n" +"Wenn Sie diesen Dialog abbrechen, so wird die Nachricht ohne Unterschrift " +"versendet.\n" "\n" "M?chten Sie wirklich abbrechen?" +#: src/passphrase-dialog.c:419 src/passphrase-dialog.c:538 +msgid "Secret Key Dialog" +msgstr "Auswahl des geheimen Schl?ssels" + #: src/passphrase-dialog.c:529 msgid "" "If you cancel this dialog, the message will be sent without signing.\n" "Do you really want to cancel?" msgstr "" -"Wenn Sie diesen Dialog abbrechen, so wird die Nachricht ohne Unterschrift versendet.\n" +"Wenn Sie diesen Dialog abbrechen, so wird die Nachricht ohne Unterschrift " +"versendet.\n" "\n" "M?chten Sie wirklich abbrechen?" +#: src/pgpmime.c:418 +msgid "" +"Error creating file\n" +"Please select another one" +msgstr "" +"Fehler bei der Erstellung der Datei.\n" +"Bitte w?hlen Sie eine anderen Namen." + +#: src/pgpmime.c:420 src/pgpmime.c:553 +msgid "I/O-Error" +msgstr "Ein-/Ausgabefehler" + +#: src/pgpmime.c:552 +msgid "Error writing file" +msgstr "Dateischreibfehler" + +#: src/pgpmime.c:607 +msgid "[PGP/MIME message]" +msgstr "[PGP/MIME Nachricht]" + +#: src/pgpmime.c:623 +msgid "[PGP/MIME message without plain text body]" +msgstr "[PGP/MIME Nachricht ohne reinen Textk?rper]" + #: src/recipient-dialog.c:459 msgid "" "If you cancel this dialog, the message will be sent in cleartext.\n" "\n" "Do you really want to cancel?" msgstr "" -"Wenn Sie diesen Dialog abbrechen, so wird die NAchricht im Klartext versendet!\n" +"Wenn Sie diesen Dialog abbrechen, so wird die NAchricht im Klartext " +"versendet!\n" "\n" "M?chten Sie wirklich abbrechen?" +#: src/recipient-dialog.c:462 +msgid "Recipient Dialog" +msgstr "Auswahl des Empf?ngerschl?ssels" + #: src/recipient-dialog.c:531 src/verify-dialog.c:152 msgid "User-ID not found" msgstr "User-ID nicht gefunden" @@ -202,3 +405,19 @@ msgid "Verification error" msgstr "?berpr?fungsfehler" +#: src/verify-dialog.c:164 +#, c-format +msgid "Signature expired on %s" +msgstr "Unterschrift abgelaufen am %s" + +#: src/verify-dialog.c:176 +msgid "Signature issued by a key we do NOT trust." +msgstr "Die Unterschrift stammt von einem Schl?ssel dem wir NICHT vertrauen." + +#: src/verify-dialog.c:183 +msgid "Signature issued by a non-valid key." +msgstr "Die Unterschrift stammt von einem ung?ltigen Schl?ssel." + +#: src/verify-dialog.c:205 +msgid "Verification Result" +msgstr "Pr?fungsresultat" Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2005-11-30 14:31:38 UTC (rev 127) +++ trunk/src/ChangeLog 2005-11-30 16:47:27 UTC (rev 128) @@ -1,5 +1,10 @@ 2005-11-30 Werner Koch + * gpgmsg.cpp: Made more strings translatable. + * olflange.cpp: Replaced all LoadStrings by gettext calls. + * olflange-ids.h: Removed the IDS_ constants. + * olflange-rsrcs.rc: Removed the stringtables. + * common.c (get_root_key, read_w32_registry_string): New. Taken for libgpg-error. * main.c (i18n_init): New. Modified: trunk/src/gpgmsg.cpp =================================================================== --- trunk/src/gpgmsg.cpp 2005-11-30 14:31:38 UTC (rev 127) +++ trunk/src/gpgmsg.cpp 2005-11-30 16:47:27 UTC (rev 128) @@ -923,8 +923,8 @@ } else { - MessageBox (hwnd, "No valid OpenPGP data found.", - "GPG Decryption", MB_ICONWARNING|MB_OK); + MessageBox (hwnd, _("No valid OpenPGP data found."), + _("Decryption"), MB_ICONWARNING|MB_OK); log_debug ("%s:%s: leave (no OpenPGP data)\n", SRCNAME, __func__); } @@ -958,8 +958,8 @@ { log_error ("%s:%s: can't open PGP/MIME attachment 2: hr=%#lx", SRCNAME, __func__, hr); - MessageBox (hwnd, "Problem decrypting PGP/MIME message", - "GPG Decryption", MB_ICONERROR|MB_OK); + MessageBox (hwnd, _("Problem decrypting PGP/MIME message"), + _("Decryption"), MB_ICONERROR|MB_OK); log_debug ("%s:%s: leave (PGP/MIME problem)\n", SRCNAME, __func__); release_attach_info (table); return gpg_error (GPG_ERR_GENERAL); @@ -970,8 +970,8 @@ { log_error ("%s:%s: unsupported method %d for PGP/MIME attachment 2", SRCNAME, __func__, method); - MessageBox (hwnd, "Problem decrypting PGP/MIME message", - "GPG Decryption", MB_ICONERROR|MB_OK); + MessageBox (hwnd, _("Problem decrypting PGP/MIME message"), + _("Decryption"), MB_ICONERROR|MB_OK); log_debug ("%s:%s: leave (bad PGP/MIME method)\n",SRCNAME,__func__); att->Release (); release_attach_info (table); @@ -984,8 +984,8 @@ { log_error ("%s:%s: can't open data of attachment 2: hr=%#lx", SRCNAME, __func__, hr); - MessageBox (hwnd, "Problem decrypting PGP/MIME message", - "GPG Decryption", MB_ICONERROR|MB_OK); + MessageBox (hwnd, _("Problem decrypting PGP/MIME message"), + _("Decryption"), MB_ICONERROR|MB_OK); log_debug ("%s:%s: leave (OpenProperty failed)\n",SRCNAME,__func__); att->Release (); release_attach_info (table); @@ -1013,10 +1013,10 @@ ; else if (mtype == OPENPGP_CLEARSIG) MessageBox (hwnd, op_strerror (err), - "GPG verification failed", MB_ICONERROR|MB_OK); + _("Verification Failure"), MB_ICONERROR|MB_OK); else MessageBox (hwnd, op_strerror (err), - "GPG decryption failed", MB_ICONERROR|MB_OK); + _("Decryption Failure"), MB_ICONERROR|MB_OK); } else if (plaintext && *plaintext) { @@ -1054,14 +1054,14 @@ } else if (!silent && update_display (hwnd, this, exchange_cb, is_html)) { - const char s[] = - "The message text cannot be displayed.\n" - "You have to save the decrypted message to view it.\n" - "Then you need to re-open the message.\n\n" - "Do you want to save the decrypted message?"; + const char *s = + _("The message text cannot be displayed.\n" + "You have to save the decrypted message to view it.\n" + "Then you need to re-open the message.\n\n" + "Do you want to save the decrypted message?"); int what; - what = MessageBox (hwnd, s, "GPG Decryption", + what = MessageBox (hwnd, s, _("Decryption"), MB_YESNO|MB_ICONWARNING); if (what == IDYES) { @@ -1080,16 +1080,17 @@ verification might take long. */ if (!silent && n_signed && !pgpmime_succeeded) { - const char s[] = - "Signed attachments found.\n\n" - "@LIST@\n" - "Do you want to verify the signatures?"; + /* TRANSLATORS: Keep the @LIST@ verbatim on a separate line; it + will be expanded to a list of atatchment names. */ + const char *s = _("Signed attachments found.\n\n" + "@LIST@\n" + "Do you want to verify the signatures?"); int what; char *text; text = text_from_attach_info (table, s, 2); - what = MessageBox (hwnd, text, "Attachment Verification", + what = MessageBox (hwnd, text, _("Attachment Verification"), MB_YESNO|MB_ICONINFORMATION); xfree (text); if (what == IDYES) @@ -1105,15 +1106,16 @@ if (!silent && n_encrypted && !pgpmime_succeeded) { - const char s[] = - "Encrypted attachments found.\n\n" - "@LIST@\n" - "Do you want to decrypt and save them?"; + /* TRANSLATORS: Keep the @LIST@ verbatim on a separate line; it + will be expanded to a list of atatchment names. */ + const char *s = _("Encrypted attachments found.\n\n" + "@LIST@\n" + "Do you want to decrypt and save them?"); int what; char *text; text = text_from_attach_info (table, s, 4); - what = MessageBox (hwnd, text, "Attachment Decryption", + what = MessageBox (hwnd, text, _("Attachment Decryption"), MB_YESNO|MB_ICONINFORMATION); xfree (text); if (what == IDYES) @@ -1171,7 +1173,7 @@ if (err) { MessageBox (hwnd, op_strerror (err), - "GPG Sign", MB_ICONERROR|MB_OK); + _("Signing Failure"), MB_ICONERROR|MB_OK); goto leave; } } @@ -1316,7 +1318,7 @@ if (err) { MessageBox (hwnd, op_strerror (err), - "GPG Encryption", MB_ICONERROR|MB_OK); + _("Encryption Failure"), MB_ICONERROR|MB_OK); goto leave; } @@ -1352,7 +1354,7 @@ if (err) { MessageBox (hwnd, op_strerror (err), - "GPG Attachment Encryption", MB_ICONERROR|MB_OK); + _("Attachment Encryption Failure"), MB_ICONERROR|MB_OK); goto leave; } } @@ -2053,7 +2055,8 @@ log_debug ("%s:%s: verify detached signature failed: %s", SRCNAME, __func__, op_strerror (err)); MessageBox (hwnd, op_strerror (err), - "GPG Attachment Verification", MB_ICONERROR|MB_OK); + _("Attachment Verification Failure"), + MB_ICONERROR|MB_OK); } stream->Release (); } @@ -2235,7 +2238,8 @@ to->Release (); from->Release (); MessageBox (hwnd, op_strerror (err), - "GPG Attachment Decryption", MB_ICONERROR|MB_OK); + _("Attachment Decryption Failure"), + MB_ICONERROR|MB_OK); goto leave; } @@ -2283,7 +2287,8 @@ to->Release (); from->Release (); MessageBox (hwnd, op_strerror (err), - "GPG Attachment Decryption", MB_ICONERROR|MB_OK); + _("Attachment Decryption Failure"), + MB_ICONERROR|MB_OK); /* FIXME: We might need to delete outname now. However a sensible implementation of the stream object should have done it through the Revert call. */ @@ -2452,7 +2457,7 @@ SRCNAME, __func__, op_strerror (err)); to->Revert (); MessageBox (hwnd, op_strerror (err), - "GPG Attachment Signing", MB_ICONERROR|MB_OK); + _("Attachment Signing Failure"), MB_ICONERROR|MB_OK); goto leave; } from->Release (); @@ -2643,7 +2648,7 @@ SRCNAME, __func__, op_strerror (err)); to->Revert (); MessageBox (hwnd, op_strerror (err), - "GPG Attachment Encryption", MB_ICONERROR|MB_OK); + _("Attachment Encryption Failure"), MB_ICONERROR|MB_OK); goto leave; } from->Release (); Modified: trunk/src/gpgol-rsrcs.rc =================================================================== --- trunk/src/gpgol-rsrcs.rc 2005-11-30 14:31:38 UTC (rev 127) +++ trunk/src/gpgol-rsrcs.rc 2005-11-30 16:47:27 UTC (rev 128) @@ -1,4 +1,4 @@ -/* gpgol-rsrcs.rc - Main resources for this DLL +/* gpgol-rsrcs.rc - Main resources for this DLL -*- c -*- * Copyright (C) 2004, 2005 g10 Code GmbH * * This file is part of GPGol. Modified: trunk/src/olflange-ids.h =================================================================== --- trunk/src/olflange-ids.h 2005-11-30 14:31:38 UTC (rev 127) +++ trunk/src/olflange-ids.h 2005-11-30 16:47:27 UTC (rev 128) @@ -6,42 +6,6 @@ #ifndef OLFLANGE_IDS_H #define OLFLANGE_IDS_H -#define IDS_DECRYPT_MENU_ITEM 1 -#define IDS_DECRYPT_HELP 2 -#define IDS_APP_NAME 3 -#define IDS_DECRYPT_STATUSBAR 4 -#define IDS_DECRYPT_TOOLTIP 5 -#define IDS_ENCRYPT_MENU_ITEM 6 -#define IDS_SIGN_MENU_ITEM 7 -#define IDS_ENCRYPT_HELP 8 -#define IDS_SIGN_HELP 9 -#define IDS_SIGN_STATUSBAR 10 -#define IDS_SIGN_TOOLTIP 11 -#define IDS_ENCRYPT_STATUSBAR 12 -#define IDS_ENCRYPT_TOOLTIP 13 -#define IDS_ADD_KEYS_MENU_ITEM 14 -#define IDS_ADD_KEYS_HELP 15 -#define IDS_ADD_KEYS_STATUSBAR 16 -#define IDS_ADD_KEYS_TOOLTIP 17 -#define IDS_KEY_MANAGER 18 -#define IDS_KEY_MANAGER_HELP 19 -#define IDS_KEY_MANAGER_STATUSBAR 20 -#define IDS_KEY_MANAGER_TOOLTIP 21 -#define IDS_ADD_STANDARD_KEY 22 -#define IDS_ADD_STANDARD_KEY_HELP 23 -#define IDS_ADD_STANDARD_KEY_STATUSBAR 24 -#define IDS_IMPORT_X_KEYS 25 -#define IDS_IMPORT_NO_NEW_OR_CHANGED_KEYS 26 -#define IDS_IMPORT_NO_KEYS 27 -#define IDS_ERR_REPLACE_TEXT 28 -#define IDS_ERR_EXPORT_KEY 29 -#define IDS_ATT_DECRYPT_AND_SAVE 30 -#define IDS_SAVE_ATT_TITLE 31 -#define IDS_SAVE_ATT_FILTER 32 -#define IDS_ERR_REPLACE_TEXT_ASK_SAVE 33 -#define IDS_ERR_ENCRYPT_ATTACHMENTS 34 -#define IDS_COPY_KEY_TO_CLIPBOARD 35 -#define IDS_ERR_ENCRYPT_EMBEDDED_OLE 36 #define IDB_DECRYPT 4000 #define IDC_TIME_PHRASES 4000 #define IDB_ENCRYPT 4001 Modified: trunk/src/olflange-rsrcs.rc =================================================================== --- trunk/src/olflange-rsrcs.rc 2005-11-30 14:31:38 UTC (rev 127) +++ trunk/src/olflange-rsrcs.rc 2005-11-30 16:47:27 UTC (rev 128) @@ -1,4 +1,4 @@ -/* olflange-rsrcs.rc - Olflange specific resource. +/* olflange-rsrcs.rc - Olflange specific resource. -*- c -*- * Copyright (C) 2004, 2005 g10 Code GmbH * * This file is part of GPGol. @@ -107,53 +107,6 @@ #endif // APSTUDIO_INVOKED -///////////////////////////////////////////////////////////////////////////// -// -// String Table -// - -STRINGTABLE DISCARDABLE -BEGIN - IDS_DECRYPT_MENU_ITEM "&Decrypt and verify message" - IDS_DECRYPT_HELP "Decrypt and verify the message." - IDS_APP_NAME "GnuPG" - IDS_DECRYPT_STATUSBAR "." - IDS_DECRYPT_TOOLTIP "Decrypt message and verify signature" - IDS_ENCRYPT_MENU_ITEM "GPG &encrypt message" - IDS_SIGN_MENU_ITEM "GPG &sign message" - IDS_ENCRYPT_HELP "Select this option to encrypt the message." - IDS_SIGN_HELP "Select this option to sign the message." - IDS_SIGN_STATUSBAR "." - IDS_SIGN_TOOLTIP "Sign message with GPG" - IDS_ENCRYPT_STATUSBAR "." - IDS_ENCRYPT_TOOLTIP "Encrypt message with GPG" -END - -STRINGTABLE DISCARDABLE -BEGIN - IDS_KEY_MANAGER "GnuPG Key &Manager" - IDS_KEY_MANAGER_HELP "Open GnuPG Key Manager" - IDS_KEY_MANAGER_STATUSBAR "." - IDS_KEY_MANAGER_TOOLTIP "Open GnuPG Key Manager" - IDS_ERR_REPLACE_TEXT "The message text could not be refreshed.\nPlease close the message and open it again." - IDS_ATT_DECRYPT_AND_SAVE - "Please close the message and open it again, to open the encrypted attachments or to save them." - IDS_SAVE_ATT_TITLE "Save decrypted attachment" -END - -STRINGTABLE DISCARDABLE -BEGIN - IDS_SAVE_ATT_FILTER "All Files (*.*)|*.*||" - IDS_ERR_REPLACE_TEXT_ASK_SAVE - "The message text could not be refreshed. You can only read the message, when you save the decrypted message. Then you need to close it and open it again.\n\nShould the decrypted message be saved?" - IDS_ERR_ENCRYPT_ATTACHMENTS - "An error occured during the encryption of the attachments. The message cannot be sent." - IDS_COPY_KEY_TO_CLIPBOARD - "The key was written to the clipboard. Please add it to the message." - IDS_ERR_ENCRYPT_EMBEDDED_OLE - "Messaged with embedded OLE-objects cannot be encrypted." -END - #endif // Deutsch (Deutschland) resources ///////////////////////////////////////////////////////////////////////////// Modified: trunk/src/olflange.cpp =================================================================== --- trunk/src/olflange.cpp 2005-11-30 14:31:38 UTC (rev 127) +++ trunk/src/olflange.cpp 2005-11-30 16:47:27 UTC (rev 128) @@ -880,9 +880,9 @@ if (FAILED(pEECB->GetWindow (&hWnd))) hWnd = NULL; MessageBox (hWnd, - "Sorry, we can only encrypt plain text messages and\n" + _("Sorry, we can only encrypt plain text messages and\n" "no RTF messages. Please make sure that only the text\n" - "format has been selected.", + "format has been selected."), "GPGol", MB_ICONERROR|MB_OK); m_bWriteFailed = TRUE; @@ -1257,7 +1257,6 @@ { int nTBIndex; HWND hwndToolbar = NULL; - CHAR szBuffer[128]; if (opt.compat.auto_decrypt) watcher_set_callback_ctx ((void *)pEECB); @@ -1265,9 +1264,8 @@ NULL, NULL, 0); AppendMenu (hMenuTools, MF_SEPARATOR, 0, NULL); - LoadString (glob_hinst, IDS_DECRYPT_MENU_ITEM, szBuffer, 128); AppendMenu (hMenuTools, MF_BYPOSITION | MF_STRING, - *pnCommandIDBase, szBuffer); + *pnCommandIDBase, _("&Decrypt and verify message")); m_nCmdEncrypt = *pnCommandIDBase; (*pnCommandIDBase)++; @@ -1297,7 +1295,6 @@ if (m_lContext == EECONTEXT_SENDNOTEMESSAGE) { - CHAR szBuffer[128]; int nTBIndex; HWND hwndToolbar = NULL; @@ -1305,16 +1302,14 @@ NULL, NULL, 0); AppendMenu(hMenuTools, MF_SEPARATOR, 0, NULL); - LoadString(glob_hinst, IDS_ENCRYPT_MENU_ITEM, szBuffer, 128); AppendMenu(hMenuTools, MF_STRING, - *pnCommandIDBase, szBuffer); + *pnCommandIDBase, _("GPG &encrypt message")); m_nCmdEncrypt = *pnCommandIDBase; (*pnCommandIDBase)++; - LoadString(glob_hinst, IDS_SIGN_MENU_ITEM, szBuffer, 128); AppendMenu(hMenuTools, MF_STRING, - *pnCommandIDBase, szBuffer); + *pnCommandIDBase, _("GPG &sign message")); m_nCmdSign = *pnCommandIDBase; (*pnCommandIDBase)++; @@ -1352,7 +1347,6 @@ if (m_lContext == EECONTEXT_VIEWER) { - CHAR szBuffer[128]; int nTBIndex; HWND hwndToolbar = NULL; @@ -1360,9 +1354,8 @@ NULL, NULL, 0); AppendMenu (hMenuTools, MF_SEPARATOR, 0, NULL); - LoadString (glob_hinst, IDS_KEY_MANAGER, szBuffer, 128); AppendMenu (hMenuTools, MF_BYPOSITION | MF_STRING, - *pnCommandIDBase, szBuffer); + *pnCommandIDBase, _("GPG Key &Manager")); m_nCmdEncrypt = *pnCommandIDBase; (*pnCommandIDBase)++; @@ -1495,7 +1488,7 @@ else if (m_lContext == EECONTEXT_VIEWER) { if (start_key_manager ()) - MessageBox (NULL, "Could not start Key-Manager", + MessageBox (NULL, _("Could not start Key-Manager"), "GPGol", MB_ICONERROR|MB_OK); } @@ -1540,41 +1533,32 @@ { if (m_lContext == EECONTEXT_READNOTEMESSAGE) { if (nCommandID == m_nCmdEncrypt) { - CHAR szBuffer[512]; - CHAR szAppName[128]; - - LoadString (glob_hinst, IDS_DECRYPT_HELP, szBuffer, 511); - LoadString (glob_hinst, IDS_APP_NAME, szAppName, 127); - MessageBox (m_hWnd, szBuffer, szAppName, MB_OK); + MessageBox (m_hWnd, + _("Decrypt and verify the message."), + "GPGol", MB_OK); return S_OK; } } if (m_lContext == EECONTEXT_SENDNOTEMESSAGE) { if (nCommandID == m_nCmdEncrypt) { - CHAR szBuffer[512]; - CHAR szAppName[128]; - LoadString(glob_hinst, IDS_ENCRYPT_HELP, szBuffer, 511); - LoadString(glob_hinst, IDS_APP_NAME, szAppName, 127); - MessageBox(m_hWnd, szBuffer, szAppName, MB_OK); + MessageBox(m_hWnd, + _("Select this option to encrypt the message."), + "GPGol", MB_OK); return S_OK; } - if (nCommandID == m_nCmdSign) { - CHAR szBuffer[512]; - CHAR szAppName[128]; - LoadString(glob_hinst, IDS_SIGN_HELP, szBuffer, 511); - LoadString(glob_hinst, IDS_APP_NAME, szAppName, 127); - MessageBox(m_hWnd, szBuffer, szAppName, MB_OK); + else if (nCommandID == m_nCmdSign) { + MessageBox(m_hWnd, + _("Select this option to sign the message."), + "GPGol", MB_OK); return S_OK; } } if (m_lContext == EECONTEXT_VIEWER) { if (nCommandID == m_nCmdEncrypt) { - CHAR szBuffer[512]; - CHAR szAppName[128]; - LoadString(glob_hinst, IDS_KEY_MANAGER_HELP, szBuffer, 511); - LoadString(glob_hinst, IDS_APP_NAME, szAppName, 127); - MessageBox(m_hWnd, szBuffer, szAppName, MB_OK); + MessageBox(m_hWnd, + _("Open GPG Key Manager"), + "GPGol", MB_OK); return S_OK; } } @@ -1600,40 +1584,42 @@ if (m_lContext == EECONTEXT_READNOTEMESSAGE) { if (nCommandID == m_nCmdEncrypt) { if (lFlags == EECQHT_STATUS) - LoadString (glob_hinst, IDS_DECRYPT_STATUSBAR, - pszText, nCharCnt); + lstrcpyn (pszText, ".", nCharCnt); if (lFlags == EECQHT_TOOLTIP) - LoadString (glob_hinst, IDS_DECRYPT_TOOLTIP, - pszText, nCharCnt); + lstrcpyn (pszText, + _("Decrypt message and verify signature"), + nCharCnt); return S_OK; } } if (m_lContext == EECONTEXT_SENDNOTEMESSAGE) { if (nCommandID == m_nCmdEncrypt) { if (lFlags == EECQHT_STATUS) - LoadString (glob_hinst, IDS_ENCRYPT_STATUSBAR, - pszText, nCharCnt); + lstrcpyn (pszText, ".", nCharCnt); if (lFlags == EECQHT_TOOLTIP) - LoadString (glob_hinst, IDS_ENCRYPT_TOOLTIP, - pszText, nCharCnt); + lstrcpyn (pszText, + _("Encrypt message with GPG"), + nCharCnt); return S_OK; } if (nCommandID == m_nCmdSign) { if (lFlags == EECQHT_STATUS) - LoadString (glob_hinst, IDS_SIGN_STATUSBAR, pszText, nCharCnt); + lstrcpyn (pszText, ".", nCharCnt); if (lFlags == EECQHT_TOOLTIP) - LoadString (glob_hinst, IDS_SIGN_TOOLTIP, pszText, nCharCnt); + lstrcpyn (pszText, + _("Sign message with GPG"), + nCharCnt); return S_OK; } } if (m_lContext == EECONTEXT_VIEWER) { if (nCommandID == m_nCmdEncrypt) { if (lFlags == EECQHT_STATUS) - LoadString (glob_hinst, IDS_KEY_MANAGER_STATUSBAR, - pszText, nCharCnt); + lstrcpyn (pszText, ".", nCharCnt); if (lFlags == EECQHT_TOOLTIP) - LoadString (glob_hinst, IDS_KEY_MANAGER_TOOLTIP, - pszText, nCharCnt); + lstrcpyn (pszText, + _("Open GPG Key Manager"), + nCharCnt); return S_OK; } } @@ -1664,8 +1650,9 @@ pTBB->fsStyle = TBSTYLE_BUTTON; pTBB->dwData = 0; pTBB->iString = -1; - LoadString(glob_hinst, IDS_DECRYPT_TOOLTIP, - lpszDescription, nCharCnt); + lstrcpyn (lpszDescription, + _("Decrypt message and verify signature"), + nCharCnt); return S_OK; } } @@ -1681,8 +1668,9 @@ pTBB->fsStyle = TBSTYLE_BUTTON | TBSTYLE_CHECK; pTBB->dwData = 0; pTBB->iString = -1; - LoadString(glob_hinst, IDS_ENCRYPT_TOOLTIP, - lpszDescription, nCharCnt); + lstrcpyn (lpszDescription, + _("Encrypt message with GPG"), + nCharCnt); return S_OK; } if (nToolbarButtonID == m_nToolbarButtonID2) @@ -1695,8 +1683,9 @@ pTBB->fsStyle = TBSTYLE_BUTTON | TBSTYLE_CHECK; pTBB->dwData = 0; pTBB->iString = -1; - LoadString(glob_hinst, IDS_SIGN_TOOLTIP, - lpszDescription, nCharCnt); + lstrcpyn (lpszDescription, + _("Sign message with GPG"), + nCharCnt); return S_OK; } } @@ -1710,8 +1699,9 @@ pTBB->fsStyle = TBSTYLE_BUTTON; pTBB->dwData = 0; pTBB->iString = -1; - LoadString(glob_hinst, IDS_KEY_MANAGER_TOOLTIP, - lpszDescription, nCharCnt); + lstrcpyn (lpszDescription, + _("Open GPG Key Manager"), + nCharCnt); return S_OK; } } Modified: trunk/src/passphrase-dialog.c =================================================================== --- trunk/src/passphrase-dialog.c 2005-11-30 14:31:38 UTC (rev 127) +++ trunk/src/passphrase-dialog.c 2005-11-30 16:47:27 UTC (rev 128) @@ -80,7 +80,7 @@ key_hint[i] = 0; } else - key_hint = xstrdup ("No key hint given."); + key_hint = xstrdup (_("No key hint given.")); SendDlgItemMessage (dlg, ctrlid, CB_ADDSTRING, 0, (LPARAM)(const char *)key_hint); SendDlgItemMessage (dlg, ctrlid, CB_SETCURSEL, 0, 0); @@ -416,7 +416,7 @@ if (warn) { - n = MessageBox (dlg, warn, "Secret Key Dialog", + n = MessageBox (dlg, warn, _("Secret Key Dialog"), MB_ICONWARNING|MB_YESNO); if (n == IDNO) return FALSE; @@ -535,7 +535,7 @@ if (warn) { - n = MessageBox (dlg, warn, "Secret Key Dialog", + n = MessageBox (dlg, warn, _("Secret Key Dialog"), MB_ICONWARNING|MB_YESNO); if (n == IDNO) return FALSE; Modified: trunk/src/pgpmime.c =================================================================== --- trunk/src/pgpmime.c 2005-11-30 14:31:38 UTC (rev 127) +++ trunk/src/pgpmime.c 2005-11-30 16:47:27 UTC (rev 128) @@ -415,9 +415,9 @@ { log_error ("%s:%s: can't create file `%s': hr=%#lx\n", SRCNAME, __func__, ctx->filename, hr); - MessageBox (ctx->hwnd, "Error creating file\n" - "Please select anther one", - "I/O-Error", MB_ICONERROR|MB_OK); + MessageBox (ctx->hwnd, _("Error creating file\n" + "Please select another one"), + _("I/O-Error"), MB_ICONERROR|MB_OK); goto tryagain; } log_debug ("%s:%s: writing attachment to `%s'\n", @@ -549,8 +549,8 @@ { log_debug ("%s:%s: Write failed: hr=%#lx", SRCNAME, __func__, hr); - MessageBox (ctx->hwnd, "Error writing file", - "I/O-Error", MB_ICONERROR|MB_OK); + MessageBox (ctx->hwnd, _("Error writing file"), + _("I/O-Error"), MB_ICONERROR|MB_OK); ctx->parser_error = 1; return 0; /* Error. */ } @@ -604,7 +604,7 @@ goto leave; err = op_decrypt_stream_to_gpgme (instream, plaintext, ttl, - "[PGP/MIME message]", attestation); + _("[PGP/MIME message]"), attestation); if (!err && (ctx->parser_error || ctx->line_too_long)) err = gpg_error (GPG_ERR_GENERAL); @@ -620,7 +620,7 @@ } } else - *body = xstrdup ("[PGP/MIME message without plain text body]"); + *body = xstrdup (_("[PGP/MIME message without plain text body]")); } leave: Modified: trunk/src/recipient-dialog.c =================================================================== --- trunk/src/recipient-dialog.c 2005-11-30 14:31:38 UTC (rev 127) +++ trunk/src/recipient-dialog.c 2005-11-30 16:47:27 UTC (rev 128) @@ -459,7 +459,7 @@ warn = _("If you cancel this dialog, the message will be sent" " in cleartext.\n\n" "Do you really want to cancel?"); - i = MessageBox (dlg, warn, "Recipient Dialog", + i = MessageBox (dlg, warn, _("Recipient Dialog"), MB_ICONWARNING|MB_YESNO); if (i != IDNO) { Modified: trunk/src/verify-dialog.c =================================================================== --- trunk/src/verify-dialog.c 2005-11-30 14:31:38 UTC (rev 127) +++ trunk/src/verify-dialog.c 2005-11-30 16:47:27 UTC (rev 128) @@ -159,9 +159,9 @@ valid = ctx->signatures->validity; if (stat & GPGME_SIGSUM_SIG_EXPIRED) { - char *fmt; + const char *fmt; - fmt = "Signature expired on %s"; + fmt = _("Signature expired on %s"); s = get_timestamp (ctx->signatures->exp_timestamp); p = xmalloc (strlen (s)+1+strlen (fmt)+2); sprintf (p, fmt, s); @@ -173,14 +173,14 @@ switch (valid) { case GPGME_VALIDITY_NEVER: - s = "Signature issued by a key we do NOT trust."; + s = _("Signature issued by a key we do NOT trust."); break; default: if (no_key) s = ""; else - s = "Signature issued by a non-valid key."; + s = _("Signature issued by a non-valid key."); break; } SetDlgItemText (dlg, IDC_VRY_HINT, s); @@ -195,15 +195,18 @@ switch (msg) { case WM_INITDIALOG: + ctx = (struct dialog_context *)lparam; load_sigbox (dlg, ctx->res); center_window (dlg, NULL); SetForegroundWindow (dlg); if (ctx->filename) { - char *tmp = xmalloc (strlen (ctx->filename) + 100); - strcpy (stpcpy (stpcpy (tmp, "Verification Result ("), - ctx->filename), ")"); + const char *s = _("Verification Result"); + char *tmp = xmalloc (strlen (ctx->filename) + + strlen (s) + 100); + strcpy (stpcpy (stpcpy (stpcpy (tmp, s), + " ("), ctx->filename), ")"); SetWindowText (dlg, tmp); xfree (tmp); }