From cvs at cvs.gnupg.org  Mon Oct  2 02:34:54 2006
From: cvs at cvs.gnupg.org (svn author marcus)
Date: Mon Oct  2 01:48:38 2006
Subject: [svn] GnuPG -  r4277 - trunk/scd
Message-ID: <E1GUB2a-00064B-Fx@trithemius.gnupg.org>

Author: marcus
Date: 2006-10-02 02:34:53 +0200 (Mon, 02 Oct 2006)
New Revision: 4277

Modified:
   trunk/scd/ChangeLog
   trunk/scd/command.c
Log:
2006-10-02  Marcus Brinkmann  <marcus@g10code.de>

        * command.c (update_reader_status_file): Increase buffer of
        NUMBUF2 (fixing typo).



Modified: trunk/scd/ChangeLog
===================================================================
--- trunk/scd/ChangeLog	2006-09-28 20:12:32 UTC (rev 4276)
+++ trunk/scd/ChangeLog	2006-10-02 00:34:53 UTC (rev 4277)
@@ -1,3 +1,8 @@
+2006-10-02  Marcus Brinkmann  <marcus@g10code.de>
+
+	* command.c (update_reader_status_file): Increase buffer of
+	NUMBUF2 (fixing typo).
+
 2006-09-24  Marcus Brinkmann  <marcus@g10code.de>
 
 	* app-openpgp.c (do_sign): Advance INDATA by the SHA1 resp. RMD160

Modified: trunk/scd/command.c
===================================================================
--- trunk/scd/command.c	2006-09-28 20:12:32 UTC (rev 4276)
+++ trunk/scd/command.c	2006-10-02 00:34:53 UTC (rev 4277)
@@ -1782,7 +1782,7 @@
           /* If a status script is executable, run it. */
           {
             const char *args[9], *envs[2];
-            char numbuf1[30], numbuf2[3], numbuf3[30];
+            char numbuf1[30], numbuf2[30], numbuf3[30];
             char *homestr, *envstr;
             gpg_error_t err;
             


From cvs at cvs.gnupg.org  Mon Oct  2 12:58:09 2006
From: cvs at cvs.gnupg.org (svn author marcus)
Date: Mon Oct  2 12:11:30 2006
Subject: [svn] GnuPG -  r4278 - trunk/sm
Message-ID: <E1GUKle-0001ls-J0@trithemius.gnupg.org>

Author: marcus
Date: 2006-10-02 12:58:08 +0200 (Mon, 02 Oct 2006)
New Revision: 4278

Modified:
   trunk/sm/ChangeLog
   trunk/sm/server.c
Log:
2006-10-02  Marcus Brinkmann  <marcus@g10code.de>

        * server.c (register_commands): New commands DUMPKEYS and
        DUMPSECRETKEYS.
        (cmd_dumpkeys, cmd_dumpsecretkeys): New functions.
        (option_handler): Support with-key-data option.



Modified: trunk/sm/ChangeLog
===================================================================
--- trunk/sm/ChangeLog	2006-10-02 00:34:53 UTC (rev 4277)
+++ trunk/sm/ChangeLog	2006-10-02 10:58:08 UTC (rev 4278)
@@ -1,3 +1,10 @@
+2006-10-02  Marcus Brinkmann  <marcus@g10code.de>
+
+	* server.c (register_commands): New commands DUMPKEYS and
+	DUMPSECRETKEYS.
+	(cmd_dumpkeys, cmd_dumpsecretkeys): New functions.
+	(option_handler): Support with-key-data option.
+
 2006-09-26  Werner Koch  <wk@g10code.com>
 
 	* certchain.c (gpgsm_validate_chain): More changes for the relax

Modified: trunk/sm/server.c
===================================================================
--- trunk/sm/server.c	2006-10-02 00:34:53 UTC (rev 4277)
+++ trunk/sm/server.c	2006-10-02 10:58:08 UTC (rev 4278)
@@ -182,6 +182,10 @@
       int i = *value? atoi (value) : 0;
       ctrl->with_validation = i;
     }
+  else if (!strcmp (key, "with-key-data"))
+    {
+      opt.with_key_data = 1;
+    }
   else
     return gpg_error (GPG_ERR_UNKNOWN_OPTION);
 
@@ -644,7 +648,9 @@
 }
 
 /* LISTKEYS [<patterns>]
+   DUMPKEYS [<patterns>]
    LISTSECRETKEYS [<patterns>]
+   DUMPSECRETKEYS [<patterns>]
 */
 static int 
 do_listkeys (assuan_context_t ctx, char *line, int mode)
@@ -717,11 +723,23 @@
 }
 
 static int 
+cmd_dumpkeys (assuan_context_t ctx, char *line)
+{
+  return do_listkeys (ctx, line, 259);
+}
+
+static int 
 cmd_listsecretkeys (assuan_context_t ctx, char *line)
 {
   return do_listkeys (ctx, line, 2);
 }
 
+static int 
+cmd_dumpsecretkeys (assuan_context_t ctx, char *line)
+{
+  return do_listkeys (ctx, line, 258);
+}
+
 
 /* GENKEY
 
@@ -780,7 +798,9 @@
     { "OUTPUT",        NULL }, 
     { "MESSAGE",       cmd_message },
     { "LISTKEYS",      cmd_listkeys },
+    { "DUMPKEYS",      cmd_dumpkeys },
     { "LISTSECRETKEYS",cmd_listsecretkeys },
+    { "DUMPSECRETKEYS",cmd_dumpsecretkeys },
     { "GENKEY",        cmd_genkey },
     { "DELKEYS",       cmd_delkeys },
     { NULL }


From cvs at cvs.gnupg.org  Mon Oct  2 15:22:30 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Mon Oct  2 14:41:51 2006
Subject: [svn] GnuPG - r4280 - in branches/STABLE-BRANCH-1-4: . cipher g10 m4
Message-ID: <E1GUN1N-0007sl-4Q@trithemius.gnupg.org>

Author: wk
Date: 2006-10-02 15:22:27 +0200 (Mon, 02 Oct 2006)
New Revision: 4280

Added:
   branches/STABLE-BRANCH-1-4/m4/autobuild.m4
Modified:
   branches/STABLE-BRANCH-1-4/ChangeLog
   branches/STABLE-BRANCH-1-4/NEWS
   branches/STABLE-BRANCH-1-4/README
   branches/STABLE-BRANCH-1-4/cipher/sha256.c
   branches/STABLE-BRANCH-1-4/configure.ac
   branches/STABLE-BRANCH-1-4/g10/ChangeLog
   branches/STABLE-BRANCH-1-4/g10/encr-data.c
   branches/STABLE-BRANCH-1-4/m4/ChangeLog
   branches/STABLE-BRANCH-1-4/m4/Makefile.am
Log:
fix for bug 537 and documentation fixes.


Modified: branches/STABLE-BRANCH-1-4/ChangeLog
===================================================================
--- branches/STABLE-BRANCH-1-4/ChangeLog	2006-10-02 11:54:35 UTC (rev 4279)
+++ branches/STABLE-BRANCH-1-4/ChangeLog	2006-10-02 13:22:27 UTC (rev 4280)
@@ -1,3 +1,9 @@
+2006-10-02  Werner Koch  <wk@g10code.com>
+
+	* README: Add information about the forthcoming GnuPG 2.0.
+
+	* configure.ac (AB_INIT): New.
+
 2006-09-28  David Shaw  <dshaw@jabberwocky.com>
 
 	* configure.ac: Move strsep to AC_REPLACE_FUNCS so it will end up

Modified: branches/STABLE-BRANCH-1-4/NEWS
===================================================================
--- branches/STABLE-BRANCH-1-4/NEWS	2006-10-02 11:54:35 UTC (rev 4279)
+++ branches/STABLE-BRANCH-1-4/NEWS	2006-10-02 13:22:27 UTC (rev 4280)
@@ -1,7 +1,10 @@
 Noteworthy changes in version 1.4.6
 ------------------------------------------------
 
+    * Fixed a bug while decrypting certain compressed and encrypted
+      messages. See http://bugs.gnupg.org/537 .
 
+
 Noteworthy changes in version 1.4.5 (2006-08-01)
 ------------------------------------------------
 

Modified: branches/STABLE-BRANCH-1-4/README
===================================================================
--- branches/STABLE-BRANCH-1-4/README	2006-10-02 11:54:35 UTC (rev 4279)
+++ branches/STABLE-BRANCH-1-4/README	2006-10-02 13:22:27 UTC (rev 4280)
@@ -1,7 +1,7 @@
 
 		    GnuPG - The GNU Privacy Guard
 		   -------------------------------
-			    Version 1.4.5
+			    Version 1.4.6
 
 	 Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004,
 		 2005, 2006 Free Software Foundation, Inc.
@@ -748,17 +748,18 @@
     and BZ2) are universal.
 
 
-    GnuPG 1.4 and GnuPG 1.9
+    GnuPG 1.4 and GnuPG 2.0
     -----------------------
 
-    GnuPG 1.4 is the stable version of GnuPG; GnuPG 1.9 is the
-    development branch.  However, large parts of GnuPG 1.9 are also
-    considered to be stable and useful.  In particular the tools
-    "gpg-agent" (private key operations and passphrase caching) and
-    "gpgsm" (S/MIME cousin of "gpg") are considered stable.  Both
-    packages (1.4.x and 1.9.x) may be installed at the same time and
-    it is actually suggested to do this if you need S/MIME support or
-    want to make use of gpg-agent.
+    GnuPG 2.0 is a newer version of GnuPG with additional support for
+    S/MIME.  It has a different design philosophy that splits
+    functionality up into several modules.  Both versions may be
+    installed simultaneously without any conflict (gpg is called gpg2
+    in GnuPG 2).  In fact, the gpg version from GnuPG 1.4 is able to
+    make use of the gpg-agent as included in GnuPG 2 and allows for
+    seamless passphrase caching.  The advantage of GnupG 1.4 is its
+    smaller size and no dependency on other modules at run and build
+    time.
 
 
     How to Get More Information

Modified: branches/STABLE-BRANCH-1-4/configure.ac
===================================================================
--- branches/STABLE-BRANCH-1-4/configure.ac	2006-10-02 11:54:35 UTC (rev 4279)
+++ branches/STABLE-BRANCH-1-4/configure.ac	2006-10-02 13:22:27 UTC (rev 4280)
@@ -43,6 +43,7 @@
 AC_CONFIG_SRCDIR(g10/gpg.c)
 AC_CANONICAL_HOST
 AM_INIT_AUTOMAKE([std-options])
+AB_INIT
 AM_CONFIG_HEADER(config.h)
 
 AC_GNU_SOURCE

Modified: branches/STABLE-BRANCH-1-4/g10/ChangeLog
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/ChangeLog	2006-10-02 11:54:35 UTC (rev 4279)
+++ branches/STABLE-BRANCH-1-4/g10/ChangeLog	2006-10-02 13:22:27 UTC (rev 4280)
@@ -1,3 +1,8 @@
+2006-10-02  Werner Koch  <wk@g10code.com>
+
+	* encr-data.c (decrypt_data, mdc_decode_filter): Check the MDC
+	right here and don't let parse-packet handle the MDC.
+
 2006-08-21  Werner Koch  <wk@g10code.com>
 
 	* skclist.c (is_insecure): Also test for uppercase version of the

Modified: branches/STABLE-BRANCH-1-4/g10/encr-data.c
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/encr-data.c	2006-10-02 11:54:35 UTC (rev 4279)
+++ branches/STABLE-BRANCH-1-4/g10/encr-data.c	2006-10-02 13:22:27 UTC (rev 4280)
@@ -1,5 +1,6 @@
 /* encr-data.c -  process an encrypted data packet
- * Copyright (C) 1998, 1999, 2000, 2001, 2005 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2005,
+ *               2006  Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -41,7 +42,7 @@
 typedef struct {
     CIPHER_HANDLE cipher_hd;
     MD_HANDLE mdc_hash;
-    char defer[20];
+    char defer[22];
     int  defer_filled;
     int  eof_seen;
 } decode_filter_ctx_t;
@@ -146,12 +147,30 @@
     if( ed->mdc_method && dfx.eof_seen == 2 )
 	rc = G10ERR_INVALID_PACKET;
     else if( ed->mdc_method ) { /* check the mdc */
+        /* We used to let parse-packet.c handle the MDC packet but
+           this turned out to be a problem with compressed packets:
+           With old style packets there is no length information
+           available and the decompressor uses an implicit end.
+           However we can't know this implicit end beforehand (:-) and
+           thus may feed the decompressor with more bytes than
+           actually needed.  It would be possible to unread the extra
+           bytes but due to our weird iobuf system any unread is non
+           reliable due to filters already popped off.  The easy and
+           sane solution is to care about the MDC packet only here and
+           never pass it to the packet parser.  Fortunatley the
+           OpenPGP spec requires a strict format for the MDC packet so
+           that we know that 22 bytes are appended.  */
 	int datalen = md_digest_length( ed->mdc_method );
 
-	cipher_decrypt( dfx.cipher_hd, dfx.defer, dfx.defer, 20);
+	cipher_decrypt( dfx.cipher_hd, dfx.defer, dfx.defer, 22);
+        md_write (dfx.mdc_hash, dfx.defer, 2);
 	md_final( dfx.mdc_hash );
-	if( datalen != 20
-	    || memcmp(md_read( dfx.mdc_hash, 0 ), dfx.defer, datalen) )
+        if (dfx.defer[0] != '\xd3' || dfx.defer[1] != '\x14' ) {
+            log_error("mdc_packet with invalid encoding\n");
+            rc = G10ERR_INVALID_PACKET;
+        }
+	else if ( datalen != 20
+	    || memcmp(md_read( dfx.mdc_hash, 0 ), dfx.defer+2, datalen) )
 	    rc = G10ERR_BAD_SIGN;
 	/*log_hexdump("MDC calculated:", md_read( dfx.mdc_hash, 0), datalen);*/
 	/*log_hexdump("MDC message   :", dfx.defer, 20);*/
@@ -182,23 +201,23 @@
     }
     else if( control == IOBUFCTRL_UNDERFLOW ) {
 	assert(a);
-	assert( size > 40 );
+	assert( size > 44 );
 
 	/* get at least 20 bytes and put it somewhere ahead in the buffer */
-	for(n=20; n < 40 ; n++ ) {
+	for(n=22; n < 44 ; n++ ) {
 	    if( (c = iobuf_get(a)) == -1 )
 		break;
 	    buf[n] = c;
 	}
-	if( n == 40 ) {
+	if( n == 44 ) {
 	    /* we have enough stuff - flush the deferred stuff */
 	    /* (we have asserted that the buffer is large enough) */
 	    if( !dfx->defer_filled ) { /* the first time */
-		memcpy(buf, buf+20, 20 );
-		n = 20;
+		memcpy(buf, buf+22, 22 );
+		n = 22;
 	    }
 	    else {
-		memcpy(buf, dfx->defer, 20 );
+		memcpy(buf, dfx->defer, 22 );
 	    }
 	    /* now fill up */
 	    for(; n < size; n++ ) {
@@ -206,22 +225,22 @@
 		    break;
 		buf[n] = c;
 	    }
-	    /* move the last 20 bytes back to the defer buffer */
-	    /* (okay, we are wasting 20 bytes of supplied buffer) */
-	    n -= 20;
-	    memcpy( dfx->defer, buf+n, 20 );
+	    /* Move the last 22 bytes back to the defer buffer. */
+	    /* (okay, we are wasting 22 bytes of supplied buffer) */
+	    n -= 22;
+	    memcpy( dfx->defer, buf+n, 22 );
 	    dfx->defer_filled = 1;
 	}
 	else if( !dfx->defer_filled ) { /* eof seen buf empty defer */
 	    /* this is bad because there is an incomplete hash */
-	    n -= 20;
-	    memcpy(buf, buf+20, n );
+	    n -= 22;
+	    memcpy(buf, buf+22, n );
 	    dfx->eof_seen = 2; /* eof with incomplete hash */
 	}
 	else { /* eof seen */
-	    memcpy(buf, dfx->defer, 20 );
-	    n -= 20;
-	    memcpy( dfx->defer, buf+n, 20 );
+	    memcpy (buf, dfx->defer, 22 );
+	    n -= 22;
+	    memcpy( dfx->defer, buf+n, 22 );
 	    dfx->eof_seen = 1; /* normal eof */
 	}
 

Modified: branches/STABLE-BRANCH-1-4/m4/ChangeLog
===================================================================
--- branches/STABLE-BRANCH-1-4/m4/ChangeLog	2006-10-02 11:54:35 UTC (rev 4279)
+++ branches/STABLE-BRANCH-1-4/m4/ChangeLog	2006-10-02 13:22:27 UTC (rev 4280)
@@ -1,3 +1,7 @@
+2006-10-02  Werner Koch  <wk@g10code.com>
+
+	* autobuild.m4: New.
+
 2006-07-12  David Shaw  <dshaw@jabberwocky.com>
 
 	* tar-ustar.m4: Use dd instead of strings as it's more likely to

Modified: branches/STABLE-BRANCH-1-4/m4/Makefile.am
===================================================================
--- branches/STABLE-BRANCH-1-4/m4/Makefile.am	2006-10-02 11:54:35 UTC (rev 4279)
+++ branches/STABLE-BRANCH-1-4/m4/Makefile.am	2006-10-02 13:22:27 UTC (rev 4280)
@@ -6,5 +6,6 @@
              po.m4 progtest.m4 stdint_h.m4 uintmax_t.m4 ulonglong.m4 \
              readline.m4 libcurl.m4 libusb.m4 tar-ustar.m4 \
 	     ldap.m4 \
-	     noexecstack.m4
+	     noexecstack.m4 autobuild.m4
 
+

Added: branches/STABLE-BRANCH-1-4/m4/autobuild.m4
===================================================================
--- branches/STABLE-BRANCH-1-4/m4/autobuild.m4	2006-10-02 11:54:35 UTC (rev 4279)
+++ branches/STABLE-BRANCH-1-4/m4/autobuild.m4	2006-10-02 13:22:27 UTC (rev 4280)
@@ -0,0 +1,34 @@
+# autobuild.m4 serial 2 (autobuild-3.3)
+# Copyright (C) 2004 Simon Josefsson
+#
+# This file is free software, distributed under the terms of the GNU
+# General Public License.  As a special exception to the GNU General
+# Public License, this file may be distributed as part of a program
+# that contains a configuration script generated by Autoconf, under
+# the same distribution terms as the rest of that program.
+#
+# This file can can be used in projects which are not available under
+# the GNU General Public License or the GNU Library General Public
+# License but which still want to provide support for Autobuild.
+
+# Usage: AB_INIT([MODE]).
+AC_DEFUN([AB_INIT],
+[
+	AC_REQUIRE([AC_CANONICAL_BUILD])
+	AC_REQUIRE([AC_CANONICAL_HOST])
+
+	AC_MSG_NOTICE([autobuild project... ${PACKAGE_NAME:-$PACKAGE}])
+	AC_MSG_NOTICE([autobuild revision... ${PACKAGE_VERSION:-$VERSION}])
+	hostname=`hostname`
+	if test "$hostname"; then
+	   AC_MSG_NOTICE([autobuild hostname... $hostname])
+	fi
+	ifelse([$1],[],,[AC_MSG_NOTICE([autobuild mode... $1])])
+	date=`date +%Y%m%d-%H%M%S`
+	if test "$?" != 0; then
+	   date=`date`
+	fi
+	if test "$date"; then
+	   AC_MSG_NOTICE([autobuild timestamp... $date])
+	fi
+])


From cvs at cvs.gnupg.org  Mon Oct  2 18:05:36 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Mon Oct  2 17:18:56 2006
Subject: [svn] GnuPG -  r4281 - branches/STABLE-BRANCH-1-4
Message-ID: <E1GUPZ9-0002Pz-Nm@trithemius.gnupg.org>

Author: wk
Date: 2006-10-02 18:05:35 +0200 (Mon, 02 Oct 2006)
New Revision: 4281

Modified:
   branches/STABLE-BRANCH-1-4/ChangeLog
   branches/STABLE-BRANCH-1-4/acinclude.m4
Log:
Fixed bug 518


Modified: branches/STABLE-BRANCH-1-4/ChangeLog
===================================================================
--- branches/STABLE-BRANCH-1-4/ChangeLog	2006-10-02 13:22:27 UTC (rev 4280)
+++ branches/STABLE-BRANCH-1-4/ChangeLog	2006-10-02 16:05:35 UTC (rev 4281)
@@ -1,5 +1,9 @@
 2006-10-02  Werner Koch  <wk@g10code.com>
 
+	* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Add case for mingw32
+	and allow setting the variable on the command line.  Fixes bug 518.
+	Also use HOST instead of TARGET.
+	
 	* README: Add information about the forthcoming GnuPG 2.0.
 
 	* configure.ac (AB_INIT): New.

Modified: branches/STABLE-BRANCH-1-4/acinclude.m4
===================================================================
--- branches/STABLE-BRANCH-1-4/acinclude.m4	2006-10-02 13:22:27 UTC (rev 4280)
+++ branches/STABLE-BRANCH-1-4/acinclude.m4	2006-10-02 16:05:35 UTC (rev 4281)
@@ -668,13 +668,18 @@
 #                              with an underscore?
 AC_DEFUN([GNUPG_SYS_SYMBOL_UNDERSCORE],
 [tmp_do_check="no"
-case "${target}" in
+case "${host}" in
+    *-mingw32msvc*)
+        ac_cv_sys_symbol_underscore=yes
+        ;;
     i386-emx-os2 | i[3456]86-pc-os2*emx | i386-pc-msdosdjgpp)
         ac_cv_sys_symbol_underscore=yes
         ;;
     *)
       if test "$cross_compiling" = yes; then
-         ac_cv_sys_symbol_underscore=yes
+         if test "x$ac_cv_sys_symbol_underscore" = x; then
+            ac_cv_sys_symbol_underscore=yes
+         fi
       else
          tmp_do_check="yes"
       fi


From cvs at cvs.gnupg.org  Tue Oct  3 02:36:19 2006
From: cvs at cvs.gnupg.org (svn author dshaw)
Date: Tue Oct  3 01:49:43 2006
Subject: [svn] GnuPG -  r4282 - branches/STABLE-BRANCH-1-4/util
Message-ID: <E1GUXXR-0005Bn-Bq@trithemius.gnupg.org>

Author: dshaw
Date: 2006-10-03 02:36:18 +0200 (Tue, 03 Oct 2006)
New Revision: 4282

Modified:
   branches/STABLE-BRANCH-1-4/util/ChangeLog
   branches/STABLE-BRANCH-1-4/util/strsep.c
Log:
* strsep.c (strsep): It's strsep, not strsep2 from testing.  (If I had
a dollar for every time I've done that...)


Modified: branches/STABLE-BRANCH-1-4/util/ChangeLog
===================================================================
--- branches/STABLE-BRANCH-1-4/util/ChangeLog	2006-10-02 16:05:35 UTC (rev 4281)
+++ branches/STABLE-BRANCH-1-4/util/ChangeLog	2006-10-03 00:36:18 UTC (rev 4282)
@@ -1,3 +1,8 @@
+2006-10-02  David Shaw  <dshaw@jabberwocky.com>
+
+	* strsep.c (strsep): It's strsep, not strsep2 from testing.  (If I
+	had a dollar for every time I've done that...)
+
 2006-09-28  David Shaw  <dshaw@jabberwocky.com>
 
 	* strgutil.c (strsep): Move to strsep.c for AC_REPLACE_FUNCS.

Modified: branches/STABLE-BRANCH-1-4/util/strsep.c
===================================================================
--- branches/STABLE-BRANCH-1-4/util/strsep.c	2006-10-02 16:05:35 UTC (rev 4281)
+++ branches/STABLE-BRANCH-1-4/util/strsep.c	2006-10-03 00:36:18 UTC (rev 4282)
@@ -3,7 +3,7 @@
 
 /* code taken from glibc-2.2.1/sysdeps/generic/strsep.c */
 char *
-strsep2 (char **stringp, const char *delim)
+strsep (char **stringp, const char *delim)
 {
   char *begin, *end;
 


From cvs at cvs.gnupg.org  Wed Oct  4 11:44:30 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Wed Oct  4 10:57:44 2006
Subject: [svn] assuan - r212 - in trunk: . m4
Message-ID: <E1GV2ZI-0004ic-5f@trithemius.gnupg.org>

Author: wk
Date: 2006-10-04 11:44:29 +0200 (Wed, 04 Oct 2006)
New Revision: 212

Added:
   trunk/m4/autobuild.m4
Modified:
   trunk/ChangeLog
   trunk/NEWS
   trunk/README
   trunk/configure.ac
   trunk/m4/Makefile.am
Log:
Preparing a new release


Modified: trunk/ChangeLog
===================================================================
--- trunk/ChangeLog	2006-09-28 16:27:23 UTC (rev 211)
+++ trunk/ChangeLog	2006-10-04 09:44:29 UTC (rev 212)
@@ -1,3 +1,10 @@
+2006-10-04  Werner Koch  <wk@g10code.com>
+
+	Released 0.9.1.
+	
+	* configure.ac (AB_INIT): New.
+	* m4/autobuild.m4: New.
+
 2006-09-19  Werner Koch  <wk@g10code.com>
 
 	* tests/fdpassing.c: Reverted Marcus changes.

Modified: trunk/NEWS
===================================================================
--- trunk/NEWS	2006-09-28 16:27:23 UTC (rev 211)
+++ trunk/NEWS	2006-10-04 09:44:29 UTC (rev 212)
@@ -1,7 +1,11 @@
-Noteworthy changes in version 0.9.1
+Noteworthy changes in version 0.9.1 (2006-10-04)
 ------------------------------------------------
 
+ * Minor bug fixes
 
+ * Portability fixes.
+
+
 Noteworthy changes in version 0.9.0 (2006-09-14)
 ------------------------------------------------
 

Modified: trunk/README
===================================================================
--- trunk/README	2006-09-28 16:27:23 UTC (rev 211)
+++ trunk/README	2006-10-04 09:44:29 UTC (rev 212)
@@ -1,5 +1,5 @@
-  Libassuan
- ===========
+                              Libassuan
+                             ===========
 
 This is the IPC library used by GnuPG 1.9, GPGME and a few other
 packages.  It used to be included with the latter packages but we

Modified: trunk/configure.ac
===================================================================
--- trunk/configure.ac	2006-09-28 16:27:23 UTC (rev 211)
+++ trunk/configure.ac	2006-10-04 09:44:29 UTC (rev 212)
@@ -25,7 +25,7 @@
 
 # Version number: Remember to change it immediately *after* a release.
 #                 Add a "-cvs" prefix for non-released code.
-AC_INIT(libassuan, 0.9.1-cvs, gnupg-devel@gnupg.org)
+AC_INIT(libassuan, 0.9.1, gnupg-devel@gnupg.org)
 # Note, that this is not yet available as a shared library.
 
 PACKAGE=$PACKAGE_NAME
@@ -35,8 +35,9 @@
 AM_MAINTAINER_MODE
 AC_CONFIG_SRCDIR(src/assuan.h)
 AM_CONFIG_HEADER(config.h)
+AC_CANONICAL_HOST
+AB_INIT
 
-AC_CANONICAL_HOST
 AC_GNU_SOURCE
 
 

Modified: trunk/m4/Makefile.am
===================================================================
--- trunk/m4/Makefile.am	2006-09-28 16:27:23 UTC (rev 211)
+++ trunk/m4/Makefile.am	2006-10-04 09:44:29 UTC (rev 212)
@@ -1 +1 @@
-EXTRA_DIST = socklen.m4 sys_socket_h.m4 onceonly.m4
+EXTRA_DIST = socklen.m4 sys_socket_h.m4 onceonly.m4 autobuild.m4

Added: trunk/m4/autobuild.m4
===================================================================
--- trunk/m4/autobuild.m4	2006-09-28 16:27:23 UTC (rev 211)
+++ trunk/m4/autobuild.m4	2006-10-04 09:44:29 UTC (rev 212)
@@ -0,0 +1,34 @@
+# autobuild.m4 serial 2 (autobuild-3.3)
+# Copyright (C) 2004 Simon Josefsson
+#
+# This file is free software, distributed under the terms of the GNU
+# General Public License.  As a special exception to the GNU General
+# Public License, this file may be distributed as part of a program
+# that contains a configuration script generated by Autoconf, under
+# the same distribution terms as the rest of that program.
+#
+# This file can can be used in projects which are not available under
+# the GNU General Public License or the GNU Library General Public
+# License but which still want to provide support for Autobuild.
+
+# Usage: AB_INIT([MODE]).
+AC_DEFUN([AB_INIT],
+[
+	AC_REQUIRE([AC_CANONICAL_BUILD])
+	AC_REQUIRE([AC_CANONICAL_HOST])
+
+	AC_MSG_NOTICE([autobuild project... ${PACKAGE_NAME:-$PACKAGE}])
+	AC_MSG_NOTICE([autobuild revision... ${PACKAGE_VERSION:-$VERSION}])
+	hostname=`hostname`
+	if test "$hostname"; then
+	   AC_MSG_NOTICE([autobuild hostname... $hostname])
+	fi
+	ifelse([$1],[],,[AC_MSG_NOTICE([autobuild mode... $1])])
+	date=`date +%Y%m%d-%H%M%S`
+	if test "$?" != 0; then
+	   date=`date`
+	fi
+	if test "$date"; then
+	   AC_MSG_NOTICE([autobuild timestamp... $date])
+	fi
+])


From cvs at cvs.gnupg.org  Wed Oct  4 11:47:45 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Wed Oct  4 11:00:49 2006
Subject: [svn] assuan - r213 - tags
Message-ID: <E1GV2cQ-0004um-7K@trithemius.gnupg.org>

Author: wk
Date: 2006-10-04 11:47:45 +0200 (Wed, 04 Oct 2006)
New Revision: 213

Added:
   tags/libassuan-0.9.1/
Log:
Release!


Copied: tags/libassuan-0.9.1 (from rev 212, trunk)


From cvs at cvs.gnupg.org  Wed Oct  4 12:22:58 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Wed Oct  4 11:36:08 2006
Subject: [svn] GnuPG -  r4283 - in trunk: . doc g10
Message-ID: <E1GV3AX-0004bl-Sp@trithemius.gnupg.org>

Author: wk
Date: 2006-10-04 12:22:56 +0200 (Wed, 04 Oct 2006)
New Revision: 4283

Modified:
   trunk/ChangeLog
   trunk/NEWS
   trunk/README
   trunk/configure.ac
   trunk/doc/gpg.texi
   trunk/g10/ChangeLog
   trunk/g10/gpg.c
Log:
Preparing a new release


Modified: trunk/ChangeLog
===================================================================
--- trunk/ChangeLog	2006-10-03 00:36:18 UTC (rev 4282)
+++ trunk/ChangeLog	2006-10-04 10:22:56 UTC (rev 4283)
@@ -1,3 +1,10 @@
+2006-10-04  Werner Koch  <wk@g10code.com>
+
+	Released 1.9.91.
+
+	* configure.ac: Require libassuan 0.9.1 which fixes a problem with
+	gpgsm.
+
 2006-09-27  Werner Koch  <wk@g10code.com>
 
 	* gl/strsep.h, gl/strsep.c, gl/m4/strsep.m4: Removed.

Modified: trunk/NEWS
===================================================================
--- trunk/NEWS	2006-10-03 00:36:18 UTC (rev 4282)
+++ trunk/NEWS	2006-10-04 10:22:56 UTC (rev 4283)
@@ -1,10 +1,15 @@
-Noteworthy changes in version 1.9.91
+Noteworthy changes in version 1.9.91 (2006-10-04)
 -------------------------------------------------
 
  * New "relax" flag for trustlist.txt to allow root CA certificates
    without BasicContraints.
 
+ * [gpg2] Removed the -k PGP 2 compatibility hack.  -k is now an
+   alias for --list-keys.
 
+ * [gpg2] Print a warning if "-sat" is used instead of "--clearsign".
+
+
 Noteworthy changes in version 1.9.90 (2006-09-25)
 -------------------------------------------------
 

Modified: trunk/README
===================================================================
--- trunk/README	2006-10-03 00:36:18 UTC (rev 4282)
+++ trunk/README	2006-10-04 10:22:56 UTC (rev 4283)
@@ -3,15 +3,15 @@
                        Version 1.9.x
 
 
-GnuPG 1.9 is the future version of GnuPG; it is based on some gnupg-1.3
-code and the previous newpg package.  It will eventually lead to a
-GnuPG 2.0 release.  
+GnuPG 1.9 is the future version of GnuPG; it is based on the gnupg-1.4
+code and the previous newpg package.  It will very soon lead to a
+GnuPG 2.0 release.
 
 You should use this GnuPG version if you want to use the gpg-agent or
 gpgsm (the S/MIME variant of gpg).  Note that the gpg-agent is also
-helpful when using the standard gpg versions (1.4.x) the old 1.2.x).
-There are no problems installing 1.4 and 1.9 alongside; in fact we
-suggest to do this.
+helpful when using the standard gpg version (1.4.x).  There are no
+problems installing 1.4 and 1.9 alongside; in fact we suggest to do
+this.
 
 
 BUILD INSTRUCTIONS

Modified: trunk/configure.ac
===================================================================
--- trunk/configure.ac	2006-10-03 00:36:18 UTC (rev 4282)
+++ trunk/configure.ac	2006-10-04 10:22:56 UTC (rev 4283)
@@ -27,7 +27,7 @@
 # Set my_issvn to "yes" for non-released code.  Remember to run an
 # "svn up" and "autogen.sh" right before creating a distribution.
 m4_define([my_version], [1.9.91])
-m4_define([my_issvn], [yes])
+m4_define([my_issvn], [no])
 
 
 m4_define([svn_revision], m4_esyscmd([echo -n $((svn info 2>/dev/null \
@@ -44,7 +44,7 @@
 NEED_LIBGCRYPT_API=1
 NEED_LIBGCRYPT_VERSION=1.1.94
 
-NEED_LIBASSUAN_VERSION=0.9.0
+NEED_LIBASSUAN_VERSION=0.9.1
 
 NEED_KSBA_API=1
 NEED_KSBA_VERSION=1.0.0

Modified: trunk/doc/gpg.texi
===================================================================
--- trunk/doc/gpg.texi	2006-10-03 00:36:18 UTC (rev 4282)
+++ trunk/doc/gpg.texi	2006-10-04 10:22:56 UTC (rev 4283)
@@ -270,7 +270,7 @@
 command line.
 @ifset gpgone
 @option{-k} is slightly different from @option{--list-keys} in that it
-allwos only for one argument and takes the second argument as the
+allows only for one argument and takes the second argument as the
 keyring to search.  This is for command line compatibility with PGP 2
 and has been removed in @command{gpg2}.
 @end ifset
@@ -2271,10 +2271,11 @@
 
 @item --fast-list-mode
 Changes the output of the list commands to work faster; this is achieved
-by leaving some parts empty. Some applications don't need the user ID and
-the trust information given in the listings. By using this options they
-can get a faster listing. The exact behaviour of this option may change
-in future versions.
+by leaving some parts empty. Some applications don't need the user ID
+and the trust information given in the listings. By using this options
+they can get a faster listing. The exact behaviour of this option may
+change in future versions.  If you are missing some information, don't
+use this option.
 
 @item --no-literal
 This is not for normal use. Use the source to see for what it might be useful.

Modified: trunk/g10/ChangeLog
===================================================================
--- trunk/g10/ChangeLog	2006-10-03 00:36:18 UTC (rev 4282)
+++ trunk/g10/ChangeLog	2006-10-04 10:22:56 UTC (rev 4283)
@@ -1,3 +1,9 @@
+2006-10-04  Werner Koch  <wk@g10code.com>
+
+	* gpg.c (main): Print a warning if -sat has been used.
+	(main): Removed the special treatment of the -k option. -k is now
+	an alias for --list-keys.
+
 2006-10-02  Werner Koch  <wk@g10code.com>
 
 	* encr-data.c (decrypt_data, mdc_decode_filter): Check the MDC

Modified: trunk/g10/gpg.c
===================================================================
--- trunk/g10/gpg.c	2006-10-03 00:36:18 UTC (rev 4282)
+++ trunk/g10/gpg.c	2006-10-04 10:22:56 UTC (rev 4283)
@@ -78,7 +78,7 @@
     aDecrypt	  = 'd',
     aEncr	  = 'e',
     oInteractive  = 'i',
-    oKOption	  = 'k',
+    oListKeys	  = 'k',
     oDryRun	  = 'n',
     oOutput	  = 'o',
     oQuiet	  = 'q',
@@ -115,13 +115,10 @@
     aDeleteKeys,
     aDeleteSecretKeys,
     aDeleteSecretAndPublicKeys,
-    aKMode,
-    aKModeC,
     aImport,
     aFastImport,
     aVerify,
     aVerifyFiles,
-    aListKeys,
     aListSigs,
     aSendKeys,
     aRecvKeys,
@@ -562,7 +559,6 @@
     { aListTrustDB, "list-trustdb",0 , "@"},
     /* Not yet used */
     /* { aListTrustPath, "list-trust-path",0, "@"}, */
-    { oKOption, NULL,	 0, "@"},
     { oPasswd, "passphrase",2, "@" },
     { oPasswdFD, "passphrase-fd",1, "@" },
     { oPasswdFile, "passphrase-file",2, "@" },
@@ -1041,8 +1037,6 @@
 	cmd = aEncrSym;
     else if( cmd == aEncr && new_cmd == aSym )
 	cmd = aEncrSym;
-    else if( cmd == aKMode && new_cmd == aSym )
-	cmd = aKModeC;
     else if (cmd == aSignEncr && new_cmd == aSym)
         cmd = aSignEncrSym;
     else if (cmd == aSignSym && new_cmd == aEncr)
@@ -2089,7 +2083,6 @@
 	    opt.list_options|=LIST_SHOW_UNUSABLE_UIDS;
 	    opt.list_options|=LIST_SHOW_UNUSABLE_SUBKEYS;
 	    break;
-	  case oKOption: set_cmd( &cmd, aKMode ); break;
 
 	  case oBatch: opt.batch = 1; nogreeting = 1; break;
           case oUseAgent:
@@ -3155,38 +3148,29 @@
 	set_cmd( &cmd, aListKeys);
     }
 
-    if( cmd == aKMode || cmd == aKModeC ) { /* kludge to be compatible to pgp */
-	if( cmd == aKModeC ) {
-	    opt.fingerprint = 1;
-	    cmd = aKMode;
-	}
-	opt.list_sigs = 0;
-	if( opt.verbose > 2 )
-	    opt.check_sigs++;
-	if( opt.verbose > 1 )
-	    opt.list_sigs++;
-
-	opt.verbose = opt.verbose > 1;
-    }
-
     /* kludge to let -sat generate a clear text signature */
     if( opt.textmode == 2 && !detached_sig && opt.armor && cmd == aSign )
+      {
+        log_info ("compatibility note:\n");
+        log_info ("\"-sat\" won't generate clear signed messages in "
+                  "future versions\n");
+        log_info ("Use \"--clearsign\" instead of \"-sat\"\n");
 	cmd = aClearsign;
+      }
 
     if( opt.verbose > 1 )
 	set_packet_list_mode(1);
 
-    /* Add the keyrings, but not for some special commands and not in
-       case of "-kvv userid keyring".  Also avoid adding the secret
-       keyring for a couple of commands to avoid unneeded access in
-       case the secrings are stored on a floppy.
+    /* Add the keyrings, but not for some special commands.  Also
+       avoid adding the secret keyring for a couple of commands to
+       avoid unneeded access in case the secrings are stored on a
+       floppy.
        
        We always need to add the keyrings if we are running under
        SELinux, this is so that the rings are added to the list of
        secured files. */
     if( ALWAYS_ADD_KEYRINGS 
-        || (cmd != aDeArmor && cmd != aEnArmor
-            && !(cmd == aKMode && argc == 2 )) ) 
+        || (cmd != aDeArmor && cmd != aEnArmor) ) 
       {
         if (ALWAYS_ADD_KEYRINGS
             || (cmd != aCheckKeys && cmd != aListSigs && cmd != aListKeys
@@ -3471,34 +3455,6 @@
 	free_strlist(sl);
 	break;
 
-      case aKMode: /* list keyring -- NOTE: This will be removed soon */
-	if( argc < 2 ) { /* -kv [userid] */
-	    sl = NULL;
-	    if (argc && **argv)
-		add_to_strlist2( &sl, *argv, utf8_strings );
-	    public_key_list( sl );
-	    free_strlist(sl);
-	}
-	else if( argc == 2 ) { /* -kv userid keyring */
-	    if( access( argv[1], R_OK ) ) {
-		log_error(_("can't open `%s': %s\n"),
-			       print_fname_stdin(argv[1]), strerror(errno));
-	    }
-	    else {
-		/* add keyring (default keyrings are not registered in this
-		 * special case */
-		keydb_add_resource( argv[1], 0, 0 );
-		sl = NULL;
-		if (**argv)
-		    add_to_strlist2( &sl, *argv, utf8_strings );
-		public_key_list( sl );
-		free_strlist(sl);
-	    }
-	}
-	else
-	    wrong_args(_("-k[v][v][v][c] [user-id] [keyring]") );
-	break;
-
       case aKeygen: /* generate a key */
 	if( opt.batch ) {
 	    if( argc > 1 )


From cvs at cvs.gnupg.org  Wed Oct  4 19:03:37 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Wed Oct  4 18:16:48 2006
Subject: [svn] assuan - r214 - in trunk: . src
Message-ID: <E1GV9QF-0005Dv-Gv@trithemius.gnupg.org>

Author: wk
Date: 2006-10-04 19:03:36 +0200 (Wed, 04 Oct 2006)
New Revision: 214

Modified:
   trunk/NEWS
   trunk/configure.ac
   trunk/src/ChangeLog
   trunk/src/assuan-client.c
Log:
Littel fix to make Cancel returns from pinnetry work again. 
(At least with the forthcoming gnupg 1.9.91)


Modified: trunk/NEWS
===================================================================
--- trunk/NEWS	2006-10-04 09:47:45 UTC (rev 213)
+++ trunk/NEWS	2006-10-04 17:03:36 UTC (rev 214)
@@ -1,3 +1,7 @@
+Noteworthy changes in version 0.9.2
+------------------------------------------------
+
+
 Noteworthy changes in version 0.9.1 (2006-10-04)
 ------------------------------------------------
 

Modified: trunk/configure.ac
===================================================================
--- trunk/configure.ac	2006-10-04 09:47:45 UTC (rev 213)
+++ trunk/configure.ac	2006-10-04 17:03:36 UTC (rev 214)
@@ -25,7 +25,7 @@
 
 # Version number: Remember to change it immediately *after* a release.
 #                 Add a "-cvs" prefix for non-released code.
-AC_INIT(libassuan, 0.9.1, gnupg-devel@gnupg.org)
+AC_INIT(libassuan, 0.9.2-cvs, gnupg-devel@gnupg.org)
 # Note, that this is not yet available as a shared library.
 
 PACKAGE=$PACKAGE_NAME

Modified: trunk/src/ChangeLog
===================================================================
--- trunk/src/ChangeLog	2006-10-04 09:47:45 UTC (rev 213)
+++ trunk/src/ChangeLog	2006-10-04 17:03:36 UTC (rev 214)
@@ -1,3 +1,8 @@
+2006-10-04  Werner Koch  <wk@g10code.com>
+
+	* assuan-client.c (assuan_transact): Need to map old assuan status
+	codes so that for example CANCELED is correctly mapped.
+
 2006-09-28  Marcus Brinkmann  <marcus@g10code.de>
 
 	* assuan-client.c (assuan_transact): Do not convert error on

Modified: trunk/src/assuan-client.c
===================================================================
--- trunk/src/assuan-client.c	2006-10-04 09:47:45 UTC (rev 213)
+++ trunk/src/assuan-client.c	2006-10-04 17:03:36 UTC (rev 214)
@@ -162,8 +162,10 @@
   if (!okay)
     {
       rc = atoi (line);
-      if (rc < 100)
+      if (rc > 0 && rc < 100)
         rc = _assuan_error (ASSUAN_Server_Fault);
+      else if (rc > 0 && rc <= 128)
+        rc = _assuan_error (rc);
     }
   else if (okay == 2)
     {


From cvs at cvs.gnupg.org  Wed Oct  4 19:42:24 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Wed Oct  4 18:55:28 2006
Subject: [svn] GnuPG -  r4286 - in trunk: po tests/openpgp
Message-ID: <E1GVA1j-0007zG-Pr@trithemius.gnupg.org>

Author: wk
Date: 2006-10-04 19:42:14 +0200 (Wed, 04 Oct 2006)
New Revision: 4286

Modified:
   trunk/po/be.po
   trunk/po/ca.po
   trunk/po/cs.po
   trunk/po/da.po
   trunk/po/de.po
   trunk/po/el.po
   trunk/po/eo.po
   trunk/po/es.po
   trunk/po/et.po
   trunk/po/fi.po
   trunk/po/fr.po
   trunk/po/gl.po
   trunk/po/hu.po
   trunk/po/id.po
   trunk/po/it.po
   trunk/po/ja.po
   trunk/po/nb.po
   trunk/po/pl.po
   trunk/po/pt.po
   trunk/po/pt_BR.po
   trunk/po/ro.po
   trunk/po/ru.po
   trunk/po/sk.po
   trunk/po/sv.po
   trunk/po/tr.po
   trunk/po/zh_CN.po
   trunk/po/zh_TW.po
   trunk/tests/openpgp/ChangeLog
   trunk/tests/openpgp/signencrypt.test
Log:
Fix for make distcheck


Modified: trunk/po/be.po
===================================================================
--- trunk/po/be.po	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/po/be.po	2006-10-04 17:42:14 UTC (rev 4286)
@@ -6,7 +6,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.2.2\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:13+0200\n"
+"POT-Creation-Date: 2006-10-04 18:34+0200\n"
 "PO-Revision-Date: 2003-10-30 16:35+0200\n"
 "Last-Translator: Ales Nyakhaychyk <nab@mail.by>\n"
 "Language-Team: Belarusian <i18n@mova.org>\n"
@@ -4966,12 +4966,12 @@
 msgid "subpacket of type %d has critical bit set\n"
 msgstr ""
 
-#: g10/passphrase.c:280 g10/passphrase.c:549
+#: g10/passphrase.c:310 g10/passphrase.c:585
 #, c-format
 msgid " (main key ID %s)"
 msgstr ""
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:324
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -4982,24 +4982,24 @@
 "\"%.*s\"\n"
 "%u-бітавы %s ключ, ID %08lX, створаны %s%s\n"
 
-#: g10/passphrase.c:319
+#: g10/passphrase.c:349
 msgid "Repeat passphrase\n"
 msgstr "Паўтарыце пароль\n"
 
-#: g10/passphrase.c:321
+#: g10/passphrase.c:351
 msgid "Enter passphrase\n"
 msgstr "Увядзіце пароль\n"
 
-#: g10/passphrase.c:345
+#: g10/passphrase.c:375
 msgid "cancelled by user\n"
 msgstr "скасавана карыстальнікам\n"
 
-#: g10/passphrase.c:350 g10/passphrase.c:406
+#: g10/passphrase.c:380 g10/passphrase.c:436
 #, c-format
 msgid "problem with the agent: %s\n"
 msgstr ""
 
-#: g10/passphrase.c:528
+#: g10/passphrase.c:564
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for\n"
@@ -5009,12 +5009,12 @@
 "Вам неабходна ўвесьці пароль, каб адчыніць сакрэтны ключ для\n"
 "карыстальніка: \""
 
-#: g10/passphrase.c:536
+#: g10/passphrase.c:572
 #, fuzzy, c-format
 msgid "%u-bit %s key, ID %s, created %s"
 msgstr "%u-бітавы %s ключ, ID %08lX, створаны %s"
 
-#: g10/passphrase.c:545
+#: g10/passphrase.c:581
 #, c-format
 msgid "         (subkey on main key ID %s)"
 msgstr ""

Modified: trunk/po/ca.po
===================================================================
--- trunk/po/ca.po	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/po/ca.po	2006-10-04 17:42:14 UTC (rev 4286)
@@ -27,7 +27,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.4.0\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:13+0200\n"
+"POT-Creation-Date: 2006-10-04 18:34+0200\n"
 "PO-Revision-Date: 2005-02-04 02:04+0100\n"
 "Last-Translator: Jordi Mallach <jordi@gnu.org>\n"
 "Language-Team: Catalan <ca@dodds.net>\n"
@@ -5407,7 +5407,7 @@
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "el subpaquet de tipus %d té el bit crític activat\n"
 
-#: g10/passphrase.c:280 g10/passphrase.c:549
+#: g10/passphrase.c:310 g10/passphrase.c:585
 #, fuzzy, c-format
 msgid " (main key ID %s)"
 msgstr " (ID de la clau principal %08lX)"
@@ -5423,7 +5423,7 @@
 # Se't passava l'argument «*».  printf(3), hieroglyph(7).  ivb
 # Ah!  Prova-ho, no casque alguna cosa :P  ivb
 # Ah, ja veig! Moltes gràcies! Aquest msgstr ha quedat curiós :) jm
-#: g10/passphrase.c:294
+#: g10/passphrase.c:324
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -5434,24 +5434,24 @@
 "«%2$.*1$s»\n"
 "clau %4$s de %3$u bits, ID %5$08lX, creada en %6$s%7$s\n"
 
-#: g10/passphrase.c:319
+#: g10/passphrase.c:349
 msgid "Repeat passphrase\n"
 msgstr "Repetiu la contrasenya\n"
 
-#: g10/passphrase.c:321
+#: g10/passphrase.c:351
 msgid "Enter passphrase\n"
 msgstr "Introduïu la contrasenya\n"
 
-#: g10/passphrase.c:345
+#: g10/passphrase.c:375
 msgid "cancelled by user\n"
 msgstr "s'ha cancel·lat per l'usuari\n"
 
-#: g10/passphrase.c:350 g10/passphrase.c:406
+#: g10/passphrase.c:380 g10/passphrase.c:436
 #, fuzzy, c-format
 msgid "problem with the agent: %s\n"
 msgstr "hi ha un problema amb l'agent: l'agent ha tornat 0x%lx\n"
 
-#: g10/passphrase.c:528
+#: g10/passphrase.c:564
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for\n"
@@ -5461,12 +5461,12 @@
 "Necessiteu la contrasenya per desblocar la clau secreta de\n"
 "l'usuari: \""
 
-#: g10/passphrase.c:536
+#: g10/passphrase.c:572
 #, fuzzy, c-format
 msgid "%u-bit %s key, ID %s, created %s"
 msgstr "clau %2$s de %1$u bits, ID %3$08lX, creada en %4$s"
 
-#: g10/passphrase.c:545
+#: g10/passphrase.c:581
 #, c-format
 msgid "         (subkey on main key ID %s)"
 msgstr ""

Modified: trunk/po/cs.po
===================================================================
--- trunk/po/cs.po	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/po/cs.po	2006-10-04 17:42:14 UTC (rev 4286)
@@ -7,7 +7,7 @@
 msgstr ""
 "Project-Id-Version: gnupg-1.3.92\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:13+0200\n"
+"POT-Creation-Date: 2006-10-04 18:34+0200\n"
 "PO-Revision-Date: 2004-11-26 09:12+0200\n"
 "Last-Translator: Roman Pavlik <rp@tns.cz>\n"
 "Language-Team: Czech <translations.cs@gnupg.cz>\n"
@@ -5176,12 +5176,12 @@
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "podpaket typu %d m� nastaven� kritick� bit\n"
 
-#: g10/passphrase.c:280 g10/passphrase.c:549
+#: g10/passphrase.c:310 g10/passphrase.c:585
 #, c-format
 msgid " (main key ID %s)"
 msgstr "(hlavn� ID kl��e %s)"
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:324
 #, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -5192,24 +5192,24 @@
 "\"%.*s\"\n"
 "Kl�� o d�lce %u bit�, typ %s, ID %s, vytvo�en� %s%s\n"
 
-#: g10/passphrase.c:319
+#: g10/passphrase.c:349
 msgid "Repeat passphrase\n"
 msgstr "Opakovat heslo\n"
 
-#: g10/passphrase.c:321
+#: g10/passphrase.c:351
 msgid "Enter passphrase\n"
 msgstr "Vlo�it heslo\n"
 
-#: g10/passphrase.c:345
+#: g10/passphrase.c:375
 msgid "cancelled by user\n"
 msgstr "zru�eno u�ivatelem\n"
 
-#: g10/passphrase.c:350 g10/passphrase.c:406
+#: g10/passphrase.c:380 g10/passphrase.c:436
 #, fuzzy, c-format
 msgid "problem with the agent: %s\n"
 msgstr "probl�m s agentem - pou��v�n� agenta vypnuto\n"
 
-#: g10/passphrase.c:528
+#: g10/passphrase.c:564
 #, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for\n"
@@ -5218,12 +5218,12 @@
 "Mus�te zn�t heslo, abyste odemknul(a) tajn� kl�� pro\n"
 "u�ivatele: \"%s\"\n"
 
-#: g10/passphrase.c:536
+#: g10/passphrase.c:572
 #, c-format
 msgid "%u-bit %s key, ID %s, created %s"
 msgstr "d�lka %u bit�, typ %s, kl�� %s, vytvo�en� %s"
 
-#: g10/passphrase.c:545
+#: g10/passphrase.c:581
 #, c-format
 msgid "         (subkey on main key ID %s)"
 msgstr "         (podkl�� na hlavn�m kl��i ID %s)"

Modified: trunk/po/da.po
===================================================================
--- trunk/po/da.po	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/po/da.po	2006-10-04 17:42:14 UTC (rev 4286)
@@ -8,7 +8,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.0.0h\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:13+0200\n"
+"POT-Creation-Date: 2006-10-04 18:34+0200\n"
 "PO-Revision-Date: 2003-12-03 16:11+0100\n"
 "Last-Translator: Birger Langkjer <birger.langkjer@image.dk>\n"
 "Language-Team: Danish <dansk@klid.dk>\n"
@@ -5081,12 +5081,12 @@
 msgid "subpacket of type %d has critical bit set\n"
 msgstr ""
 
-#: g10/passphrase.c:280 g10/passphrase.c:549
+#: g10/passphrase.c:310 g10/passphrase.c:585
 #, fuzzy, c-format
 msgid " (main key ID %s)"
 msgstr " (hovedn�gle-ID %08lX)"
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:324
 #, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -5094,26 +5094,26 @@
 "%u-bit %s key, ID %s, created %s%s\n"
 msgstr ""
 
-#: g10/passphrase.c:319
+#: g10/passphrase.c:349
 #, fuzzy
 msgid "Repeat passphrase\n"
 msgstr "Gentag kodes�tning: "
 
-#: g10/passphrase.c:321
+#: g10/passphrase.c:351
 #, fuzzy
 msgid "Enter passphrase\n"
 msgstr "Indtast kodes�tning: "
 
-#: g10/passphrase.c:345
+#: g10/passphrase.c:375
 msgid "cancelled by user\n"
 msgstr ""
 
-#: g10/passphrase.c:350 g10/passphrase.c:406
+#: g10/passphrase.c:380 g10/passphrase.c:436
 #, c-format
 msgid "problem with the agent: %s\n"
 msgstr ""
 
-#: g10/passphrase.c:528
+#: g10/passphrase.c:564
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for\n"
@@ -5122,12 +5122,12 @@
 "Du skal bruge en kodes�tning til at beskytte din hemmelige n�gle.\n"
 "\n"
 
-#: g10/passphrase.c:536
+#: g10/passphrase.c:572
 #, c-format
 msgid "%u-bit %s key, ID %s, created %s"
 msgstr ""
 
-#: g10/passphrase.c:545
+#: g10/passphrase.c:581
 #, c-format
 msgid "         (subkey on main key ID %s)"
 msgstr ""

Modified: trunk/po/de.po
===================================================================
--- trunk/po/de.po	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/po/de.po	2006-10-04 17:42:14 UTC (rev 4286)
@@ -8,7 +8,7 @@
 msgstr ""
 "Project-Id-Version: gnupg-1.9.90\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:13+0200\n"
+"POT-Creation-Date: 2006-10-04 18:34+0200\n"
 "PO-Revision-Date: 2006-09-25 09:09+0200\n"
 "Last-Translator: Walter Koch <koch@u32.de>\n"
 "Language-Team: German <de@li.org>\n"
@@ -5304,12 +5304,12 @@
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "Im Unterpaket des Typs %d ist das \"critical bit\" gesetzt\n"
 
-#: g10/passphrase.c:280 g10/passphrase.c:549
+#: g10/passphrase.c:310 g10/passphrase.c:585
 #, fuzzy, c-format
 msgid " (main key ID %s)"
 msgstr " (Hauptschlüssel-ID %08lX)"
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:324
 #, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -5320,24 +5320,24 @@
 "Benutzer: \"%.*s\"\n"
 "%u-bit %s Schlüssel, ID %s, erzeugt %s%s\n"
 
-#: g10/passphrase.c:319
+#: g10/passphrase.c:349
 msgid "Repeat passphrase\n"
 msgstr "Geben Sie die Passphrase nochmal ein\n"
 
-#: g10/passphrase.c:321
+#: g10/passphrase.c:351
 msgid "Enter passphrase\n"
 msgstr "Geben Sie die Passphrase ein\n"
 
-#: g10/passphrase.c:345
+#: g10/passphrase.c:375
 msgid "cancelled by user\n"
 msgstr "Abbruch durch Benutzer\n"
 
-#: g10/passphrase.c:350 g10/passphrase.c:406
+#: g10/passphrase.c:380 g10/passphrase.c:436
 #, fuzzy, c-format
 msgid "problem with the agent: %s\n"
 msgstr "Problem mit dem Agenten\n"
 
-#: g10/passphrase.c:528
+#: g10/passphrase.c:564
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for\n"
@@ -5347,12 +5347,12 @@
 "Sie benötigen eine Passphrase, um den geheimen Schlüssel zu entsperren.\n"
 "Benutzer: \""
 
-#: g10/passphrase.c:536
+#: g10/passphrase.c:572
 #, fuzzy, c-format
 msgid "%u-bit %s key, ID %s, created %s"
 msgstr "%u-Bit %s Schlüssel, ID %08lX, erzeugt %s"
 
-#: g10/passphrase.c:545
+#: g10/passphrase.c:581
 #, c-format
 msgid "         (subkey on main key ID %s)"
 msgstr ""

Modified: trunk/po/el.po
===================================================================
--- trunk/po/el.po	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/po/el.po	2006-10-04 17:42:14 UTC (rev 4286)
@@ -6,7 +6,7 @@
 msgstr ""
 "Project-Id-Version: gnupg-1.1.92\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:13+0200\n"
+"POT-Creation-Date: 2006-10-04 18:34+0200\n"
 "PO-Revision-Date: 2003-06-27 12:00+0200\n"
 "Last-Translator: Dokianakis Theofanis <madf@hellug.gr>\n"
 "Language-Team: Greek <nls@tux.hellug.gr>\n"
@@ -5315,12 +5315,12 @@
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "��������� ����� %d ���� �������� �� ������� bit\n"
 
-#: g10/passphrase.c:280 g10/passphrase.c:549
+#: g10/passphrase.c:310 g10/passphrase.c:585
 #, fuzzy, c-format
 msgid " (main key ID %s)"
 msgstr " (����� ������, ID %08lX)"
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:324
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -5332,24 +5332,24 @@
 "\"%.*s\"\n"
 "%u-bit %s ������, ID %08lX, ���������� %s%s\n"
 
-#: g10/passphrase.c:319
+#: g10/passphrase.c:349
 msgid "Repeat passphrase\n"
 msgstr "����������� �� �����\n"
 
-#: g10/passphrase.c:321
+#: g10/passphrase.c:351
 msgid "Enter passphrase\n"
 msgstr "�������������� �� ����� ������\n"
 
-#: g10/passphrase.c:345
+#: g10/passphrase.c:375
 msgid "cancelled by user\n"
 msgstr "��������� ��� �� ������\n"
 
-#: g10/passphrase.c:350 g10/passphrase.c:406
+#: g10/passphrase.c:380 g10/passphrase.c:436
 #, fuzzy, c-format
 msgid "problem with the agent: %s\n"
 msgstr "�������� �� ��� agent: agent ���������� 0x%lx\n"
 
-#: g10/passphrase.c:528
+#: g10/passphrase.c:564
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for\n"
@@ -5359,12 +5359,12 @@
 "���������� ��� ����� ������ ��� �� ������������ �� ������� ������\n"
 "��� �� ������: \""
 
-#: g10/passphrase.c:536
+#: g10/passphrase.c:572
 #, fuzzy, c-format
 msgid "%u-bit %s key, ID %s, created %s"
 msgstr "%u-bit %s ������, ID %08lX, ���������� %s"
 
-#: g10/passphrase.c:545
+#: g10/passphrase.c:581
 #, c-format
 msgid "         (subkey on main key ID %s)"
 msgstr ""

Modified: trunk/po/eo.po
===================================================================
--- trunk/po/eo.po	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/po/eo.po	2006-10-04 17:42:14 UTC (rev 4286)
@@ -6,7 +6,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.0.6d\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:13+0200\n"
+"POT-Creation-Date: 2006-10-04 18:34+0200\n"
 "PO-Revision-Date: 2002-04-14 14:33+0100\n"
 "Last-Translator: Edmund GRIMLEY EVANS <edmundo@rano.org>\n"
 "Language-Team: Esperanto <translation-team-eo@lists.sourceforge.net>\n"
@@ -5277,12 +5277,12 @@
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "subpaketo de speco %d havas �altitan \"critical bit\"\n"
 
-#: g10/passphrase.c:280 g10/passphrase.c:549
+#: g10/passphrase.c:310 g10/passphrase.c:585
 #, fuzzy, c-format
 msgid " (main key ID %s)"
 msgstr " (�ef�losilo %08lX)"
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:324
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -5293,24 +5293,24 @@
 "\"%.*s\"\n"
 "%u-bita %s �losilo, ID %08lX, kreita je %s%s\n"
 
-#: g10/passphrase.c:319
+#: g10/passphrase.c:349
 msgid "Repeat passphrase\n"
 msgstr "Ripetu pasfrazon\n"
 
-#: g10/passphrase.c:321
+#: g10/passphrase.c:351
 msgid "Enter passphrase\n"
 msgstr "Donu pasfrazon\n"
 
-#: g10/passphrase.c:345
+#: g10/passphrase.c:375
 msgid "cancelled by user\n"
 msgstr "nuligita de uzanto\n"
 
-#: g10/passphrase.c:350 g10/passphrase.c:406
+#: g10/passphrase.c:380 g10/passphrase.c:436
 #, fuzzy, c-format
 msgid "problem with the agent: %s\n"
 msgstr "problemo kun agento: agento redonas 0x%lx\n"
 
-#: g10/passphrase.c:528
+#: g10/passphrase.c:564
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for\n"
@@ -5320,12 +5320,12 @@
 "Vi bezonas pasfrazon por mal�losi la sekretan �losilon\n"
 "por la uzanto: \""
 
-#: g10/passphrase.c:536
+#: g10/passphrase.c:572
 #, fuzzy, c-format
 msgid "%u-bit %s key, ID %s, created %s"
 msgstr "%u-bita %s-�losilo, %08lX, kreita je %s"
 
-#: g10/passphrase.c:545
+#: g10/passphrase.c:581
 #, c-format
 msgid "         (subkey on main key ID %s)"
 msgstr ""

Modified: trunk/po/es.po
===================================================================
--- trunk/po/es.po	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/po/es.po	2006-10-04 17:42:14 UTC (rev 4286)
@@ -10,7 +10,7 @@
 msgstr ""
 "Project-Id-Version: GNU gnupg 1.4.1\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:13+0200\n"
+"POT-Creation-Date: 2006-10-04 18:34+0200\n"
 "PO-Revision-Date: 2005-03-25 16:50+0100\n"
 "Last-Translator: Jaime Su�rez <jsuarez@ono.com>\n"
 "Language-Team: Spanish <es@li.org>\n"
@@ -5198,12 +5198,12 @@
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "el subpaquete de tipo %d tiene el bit cr�tico activado\n"
 
-#: g10/passphrase.c:280 g10/passphrase.c:549
+#: g10/passphrase.c:310 g10/passphrase.c:585
 #, c-format
 msgid " (main key ID %s)"
 msgstr "(ID de clave primaria %s)"
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:324
 #, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -5214,24 +5214,24 @@
 "del usuario: \"%.*s\"\n"
 "%u bits, clave %s, ID %s, creada el %s%s\n"
 
-#: g10/passphrase.c:319
+#: g10/passphrase.c:349
 msgid "Repeat passphrase\n"
 msgstr "Repita frase contrase�a\n"
 
-#: g10/passphrase.c:321
+#: g10/passphrase.c:351
 msgid "Enter passphrase\n"
 msgstr "Introduzca frase contrase�a\n"
 
-#: g10/passphrase.c:345
+#: g10/passphrase.c:375
 msgid "cancelled by user\n"
 msgstr "cancelado por el usuario\n"
 
-#: g10/passphrase.c:350 g10/passphrase.c:406
+#: g10/passphrase.c:380 g10/passphrase.c:436
 #, fuzzy, c-format
 msgid "problem with the agent: %s\n"
 msgstr "problema con el agente: el agente devuelve 0x%lx\n"
 
-#: g10/passphrase.c:528
+#: g10/passphrase.c:564
 #, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for\n"
@@ -5240,12 +5240,12 @@
 "Necesita una frase contrase�a para desbloquear la clave secreta\n"
 "del usuario: \"%s\"\n"
 
-#: g10/passphrase.c:536
+#: g10/passphrase.c:572
 #, c-format
 msgid "%u-bit %s key, ID %s, created %s"
 msgstr "clave %2$s de %1$u bits, ID %3$s, creada el %4$s"
 
-#: g10/passphrase.c:545
+#: g10/passphrase.c:581
 #, c-format
 msgid "         (subkey on main key ID %s)"
 msgstr "         (subclave en clave principal ID %s)"

Modified: trunk/po/et.po
===================================================================
--- trunk/po/et.po	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/po/et.po	2006-10-04 17:42:14 UTC (rev 4286)
@@ -6,7 +6,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.2.2\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:13+0200\n"
+"POT-Creation-Date: 2006-10-04 18:34+0200\n"
 "PO-Revision-Date: 2004-06-17 11:04+0300\n"
 "Last-Translator: Toomas Soome <Toomas.Soome@microlink.ee>\n"
 "Language-Team: Estonian <et@li.org>\n"
@@ -5246,12 +5246,12 @@
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "alampaketil t��biga %d on kriitiline bitt seatud\n"
 
-#: g10/passphrase.c:280 g10/passphrase.c:549
+#: g10/passphrase.c:310 g10/passphrase.c:585
 #, fuzzy, c-format
 msgid " (main key ID %s)"
 msgstr " (peamise v�tme ID %08lX)"
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:324
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -5262,24 +5262,24 @@
 "\"%.*s\"\n"
 "%u-bitti %s v�ti, ID %08lX, loodud %s%s\n"
 
-#: g10/passphrase.c:319
+#: g10/passphrase.c:349
 msgid "Repeat passphrase\n"
 msgstr "Korrake parooli\n"
 
-#: g10/passphrase.c:321
+#: g10/passphrase.c:351
 msgid "Enter passphrase\n"
 msgstr "Sisestage parool\n"
 
-#: g10/passphrase.c:345
+#: g10/passphrase.c:375
 msgid "cancelled by user\n"
 msgstr "katkestatud kasutaja poolt\n"
 
-#: g10/passphrase.c:350 g10/passphrase.c:406
+#: g10/passphrase.c:380 g10/passphrase.c:436
 #, fuzzy, c-format
 msgid "problem with the agent: %s\n"
 msgstr "probleem agendiga: agent tagastas 0x%lx\n"
 
-#: g10/passphrase.c:528
+#: g10/passphrase.c:564
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for\n"
@@ -5289,12 +5289,12 @@
 "Te vajate kasutaja salajase v�tme lahtilukustamiseks\n"
 "parooli: \""
 
-#: g10/passphrase.c:536
+#: g10/passphrase.c:572
 #, fuzzy, c-format
 msgid "%u-bit %s key, ID %s, created %s"
 msgstr "%u-bitine %s v�ti, ID %08lX, loodud %s"
 
-#: g10/passphrase.c:545
+#: g10/passphrase.c:581
 #, c-format
 msgid "         (subkey on main key ID %s)"
 msgstr ""

Modified: trunk/po/fi.po
===================================================================
--- trunk/po/fi.po	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/po/fi.po	2006-10-04 17:42:14 UTC (rev 4286)
@@ -22,7 +22,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.2.2\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:13+0200\n"
+"POT-Creation-Date: 2006-10-04 18:34+0200\n"
 "PO-Revision-Date: 2004-06-16 22:40+0300\n"
 "Last-Translator: Tommi Vainikainen <Tommi.Vainikainen@iki.fi>\n"
 "Language-Team: Finnish <translation-team-fi@lists.sourceforge.net>\n"
@@ -5300,12 +5300,12 @@
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "tyypin %d alipaketilla on kriittinen bitti asetettuna\n"
 
-#: g10/passphrase.c:280 g10/passphrase.c:549
+#: g10/passphrase.c:310 g10/passphrase.c:585
 #, fuzzy, c-format
 msgid " (main key ID %s)"
 msgstr " (pääavaimen tunnus %08lX)"
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:324
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -5316,24 +5316,24 @@
 "\"%.*s\"\n"
 "%u-bittinen %s-avain, tunnus %08lX, luotu %s%s\n"
 
-#: g10/passphrase.c:319
+#: g10/passphrase.c:349
 msgid "Repeat passphrase\n"
 msgstr "Toista salasana\n"
 
-#: g10/passphrase.c:321
+#: g10/passphrase.c:351
 msgid "Enter passphrase\n"
 msgstr "Syötä salasana\n"
 
-#: g10/passphrase.c:345
+#: g10/passphrase.c:375
 msgid "cancelled by user\n"
 msgstr "käyttäjän peruma\n"
 
-#: g10/passphrase.c:350 g10/passphrase.c:406
+#: g10/passphrase.c:380 g10/passphrase.c:436
 #, fuzzy, c-format
 msgid "problem with the agent: %s\n"
 msgstr "agentin käytössä on ongelmia: agentti vastaa 0x%lx\n"
 
-#: g10/passphrase.c:528
+#: g10/passphrase.c:564
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for\n"
@@ -5342,12 +5342,12 @@
 "\n"
 "Tarvitset salasanan avataksesi salaisen avaimen käyttäjälle: \""
 
-#: g10/passphrase.c:536
+#: g10/passphrase.c:572
 #, fuzzy, c-format
 msgid "%u-bit %s key, ID %s, created %s"
 msgstr "%u-bittinen %s-avain, tunnus %08lX, luotu %s"
 
-#: g10/passphrase.c:545
+#: g10/passphrase.c:581
 #, c-format
 msgid "         (subkey on main key ID %s)"
 msgstr ""

Modified: trunk/po/fr.po
===================================================================
--- trunk/po/fr.po	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/po/fr.po	2006-10-04 17:42:14 UTC (rev 4286)
@@ -11,7 +11,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.4.2rc2\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:13+0200\n"
+"POT-Creation-Date: 2006-10-04 18:34+0200\n"
 "PO-Revision-Date: 2005-06-28 00:24+0200\n"
 "Last-Translator: Ga�l Qu�ri <gael@lautre.net>\n"
 "Language-Team: French <traduc@traduc.org>\n"
@@ -5312,12 +5312,12 @@
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "un sous-paquet de type %d poss�de un bit critique\n"
 
-#: g10/passphrase.c:280 g10/passphrase.c:549
+#: g10/passphrase.c:310 g10/passphrase.c:585
 #, c-format
 msgid " (main key ID %s)"
 msgstr " (ID cl� principale %s)"
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:324
 #, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -5329,24 +5329,24 @@
 "\"%.*s\"\n"
 "cl� %u bits %s, ID %s, cr��e %s%s\n"
 
-#: g10/passphrase.c:319
+#: g10/passphrase.c:349
 msgid "Repeat passphrase\n"
 msgstr "R�p�tez la phrase de passe\n"
 
-#: g10/passphrase.c:321
+#: g10/passphrase.c:351
 msgid "Enter passphrase\n"
 msgstr "Entrez la phrase de passe\n"
 
-#: g10/passphrase.c:345
+#: g10/passphrase.c:375
 msgid "cancelled by user\n"
 msgstr "annul� par l'utilisateur\n"
 
-#: g10/passphrase.c:350 g10/passphrase.c:406
+#: g10/passphrase.c:380 g10/passphrase.c:436
 #, fuzzy, c-format
 msgid "problem with the agent: %s\n"
 msgstr "probl�me avec l'agent - arr�t d'utilisation de l'agent\n"
 
-#: g10/passphrase.c:528
+#: g10/passphrase.c:564
 #, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for\n"
@@ -5355,12 +5355,12 @@
 "Vous avez besoin d'une phrase de passe pour d�verrouiller la\n"
 "cl� secr�te pour l'utilisateur: � %s �\n"
 
-#: g10/passphrase.c:536
+#: g10/passphrase.c:572
 #, c-format
 msgid "%u-bit %s key, ID %s, created %s"
 msgstr "cl� de %u bits %s, ID %s, cr��e le %s"
 
-#: g10/passphrase.c:545
+#: g10/passphrase.c:581
 #, c-format
 msgid "         (subkey on main key ID %s)"
 msgstr "        (sous-cl� de la cl� principale ID %s)"

Modified: trunk/po/gl.po
===================================================================
--- trunk/po/gl.po	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/po/gl.po	2006-10-04 17:42:14 UTC (rev 4286)
@@ -6,7 +6,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.2.4\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:13+0200\n"
+"POT-Creation-Date: 2006-10-04 18:34+0200\n"
 "PO-Revision-Date: 2003-12-04 11:39+0100\n"
 "Last-Translator: Jacobo Tarrio <jtarrio@trasno.net>\n"
 "Language-Team: Galician <gpul-traduccion@ceu.fi.udc.es>\n"
@@ -5298,12 +5298,12 @@
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "un subpaquete de tipo %d ten o bit cr�tico posto\n"
 
-#: g10/passphrase.c:280 g10/passphrase.c:549
+#: g10/passphrase.c:310 g10/passphrase.c:585
 #, fuzzy, c-format
 msgid " (main key ID %s)"
 msgstr " (ID principal da chave %08lX)"
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:324
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -5314,24 +5314,24 @@
 "\"%.*s\"\n"
 "Chave de %u bits, %s, ID %08lX, creada o %s%s\n"
 
-#: g10/passphrase.c:319
+#: g10/passphrase.c:349
 msgid "Repeat passphrase\n"
 msgstr "Repita o contrasinal\n"
 
-#: g10/passphrase.c:321
+#: g10/passphrase.c:351
 msgid "Enter passphrase\n"
 msgstr "Introduza o contrasinal\n"
 
-#: g10/passphrase.c:345
+#: g10/passphrase.c:375
 msgid "cancelled by user\n"
 msgstr "cancelado polo usuario\n"
 
-#: g10/passphrase.c:350 g10/passphrase.c:406
+#: g10/passphrase.c:380 g10/passphrase.c:436
 #, fuzzy, c-format
 msgid "problem with the agent: %s\n"
 msgstr "problema co axente: o axente voltou coa resposta 0x%lx\n"
 
-#: g10/passphrase.c:528
+#: g10/passphrase.c:564
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for\n"
@@ -5341,12 +5341,12 @@
 "Necesita un contrasinal para desbloquea-la chave secreta para\n"
 "o usuario \""
 
-#: g10/passphrase.c:536
+#: g10/passphrase.c:572
 #, fuzzy, c-format
 msgid "%u-bit %s key, ID %s, created %s"
 msgstr "%u-bits, chave %s, ID %08lX, creada %s"
 
-#: g10/passphrase.c:545
+#: g10/passphrase.c:581
 #, c-format
 msgid "         (subkey on main key ID %s)"
 msgstr ""

Modified: trunk/po/hu.po
===================================================================
--- trunk/po/hu.po	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/po/hu.po	2006-10-04 17:42:14 UTC (rev 4286)
@@ -6,7 +6,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.2.5\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:13+0200\n"
+"POT-Creation-Date: 2006-10-04 18:34+0200\n"
 "PO-Revision-Date: 2004-06-19 21:53+0200\n"
 "Last-Translator: Nagy Ferenc L�szl� <nfl@nfllab.com>\n"
 "Language-Team: Hungarian <translation-team-hu@lists.sourceforge.net>\n"
@@ -5271,14 +5271,14 @@
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "A %d t�pus� alcsomag kritikus bitje be�ll�tott.\n"
 
-#: g10/passphrase.c:280 g10/passphrase.c:549
+#: g10/passphrase.c:310 g10/passphrase.c:585
 #, fuzzy, c-format
 msgid " (main key ID %s)"
 msgstr ""
 " \n"
 "  (f� kulcsazonos�t�: %08lX)"
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:324
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -5290,24 +5290,24 @@
 "\"%.*s\"\n"
 "%u bites %s key, azonos�t�: %08lX, l�trehozva: %s%s\n"
 
-#: g10/passphrase.c:319
+#: g10/passphrase.c:349
 msgid "Repeat passphrase\n"
 msgstr "Ism�telje meg a jelsz�t!\n"
 
-#: g10/passphrase.c:321
+#: g10/passphrase.c:351
 msgid "Enter passphrase\n"
 msgstr "�rja be a jelsz�t!\n"
 
-#: g10/passphrase.c:345
+#: g10/passphrase.c:375
 msgid "cancelled by user\n"
 msgstr "A felhaszn�l� megszak�totta a m�veletet.\n"
 
-#: g10/passphrase.c:350 g10/passphrase.c:406
+#: g10/passphrase.c:380 g10/passphrase.c:436
 #, fuzzy, c-format
 msgid "problem with the agent: %s\n"
 msgstr "Probl�ma az �gyn�kkel: �gyn�k v�lasza: 0x%lx\n"
 
-#: g10/passphrase.c:528
+#: g10/passphrase.c:564
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for\n"
@@ -5318,12 +5318,12 @@
 "haszn�lat�hoz:\n"
 "\""
 
-#: g10/passphrase.c:536
+#: g10/passphrase.c:572
 #, fuzzy, c-format
 msgid "%u-bit %s key, ID %s, created %s"
 msgstr "%u bites %s kulcs, azonos�t�: %08lX, l�trehozva: %s."
 
-#: g10/passphrase.c:545
+#: g10/passphrase.c:581
 #, c-format
 msgid "         (subkey on main key ID %s)"
 msgstr ""

Modified: trunk/po/id.po
===================================================================
--- trunk/po/id.po	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/po/id.po	2006-10-04 17:42:14 UTC (rev 4286)
@@ -7,7 +7,7 @@
 msgstr ""
 "Project-Id-Version: gnupg-id\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:13+0200\n"
+"POT-Creation-Date: 2006-10-04 18:34+0200\n"
 "PO-Revision-Date: 2004-06-17 16:32+0700\n"
 "Last-Translator: Tedi Heriyanto <tedi_h@gmx.net>\n"
 "Language-Team: Indonesian <translation-team-id@lists.sourceforge.net>\n"
@@ -5278,12 +5278,12 @@
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "subpaket tipe %d memiliki bit kritis terset\n"
 
-#: g10/passphrase.c:280 g10/passphrase.c:549
+#: g10/passphrase.c:310 g10/passphrase.c:585
 #, fuzzy, c-format
 msgid " (main key ID %s)"
 msgstr " (ID kunci utama %08lX)"
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:324
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -5294,24 +5294,24 @@
 "\"%.*s\"\n"
 "%u-bit %s key, ID %08lX, tercipta %s%s\n"
 
-#: g10/passphrase.c:319
+#: g10/passphrase.c:349
 msgid "Repeat passphrase\n"
 msgstr "Ulangi passphrase\n"
 
-#: g10/passphrase.c:321
+#: g10/passphrase.c:351
 msgid "Enter passphrase\n"
 msgstr "Masukkan passphrase\n"
 
-#: g10/passphrase.c:345
+#: g10/passphrase.c:375
 msgid "cancelled by user\n"
 msgstr "dibatalkan oleh user\n"
 
-#: g10/passphrase.c:350 g10/passphrase.c:406
+#: g10/passphrase.c:380 g10/passphrase.c:436
 #, fuzzy, c-format
 msgid "problem with the agent: %s\n"
 msgstr "masalah dengan agen: agen mengembalikan 0x%lx\n"
 
-#: g10/passphrase.c:528
+#: g10/passphrase.c:564
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for\n"
@@ -5321,12 +5321,12 @@
 "Anda perlu passphrase untuk membuka kunci rahasia untuk\n"
 "pemakai: \""
 
-#: g10/passphrase.c:536
+#: g10/passphrase.c:572
 #, fuzzy, c-format
 msgid "%u-bit %s key, ID %s, created %s"
 msgstr "%u-bit kunci %s, ID %08lX, tercipta %s"
 
-#: g10/passphrase.c:545
+#: g10/passphrase.c:581
 #, c-format
 msgid "         (subkey on main key ID %s)"
 msgstr ""

Modified: trunk/po/it.po
===================================================================
--- trunk/po/it.po	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/po/it.po	2006-10-04 17:42:14 UTC (rev 4286)
@@ -6,7 +6,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.1.92\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:13+0200\n"
+"POT-Creation-Date: 2006-10-04 18:34+0200\n"
 "PO-Revision-Date: 2004-06-16 17:01+0200\n"
 "Last-Translator: Marco d'Itri <md@linux.it>\n"
 "Language-Team: Italian <tp@lists.linux.it>\n"
@@ -5304,12 +5304,12 @@
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "il sottopacchetto di tipo %d ha un bit critico impostato\n"
 
-#: g10/passphrase.c:280 g10/passphrase.c:549
+#: g10/passphrase.c:310 g10/passphrase.c:585
 #, fuzzy, c-format
 msgid " (main key ID %s)"
 msgstr " (key ID principale %08lX)"
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:324
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -5320,24 +5320,24 @@
 "\"%.*s\"\n"
 "%u-bit %s key, ID %08lX, created %s%s\n"
 
-#: g10/passphrase.c:319
+#: g10/passphrase.c:349
 msgid "Repeat passphrase\n"
 msgstr "Ripeti la passphrase\n"
 
-#: g10/passphrase.c:321
+#: g10/passphrase.c:351
 msgid "Enter passphrase\n"
 msgstr "Inserisci la passphrase\n"
 
-#: g10/passphrase.c:345
+#: g10/passphrase.c:375
 msgid "cancelled by user\n"
 msgstr "interrotto dall'utente\n"
 
-#: g10/passphrase.c:350 g10/passphrase.c:406
+#: g10/passphrase.c:380 g10/passphrase.c:436
 #, fuzzy, c-format
 msgid "problem with the agent: %s\n"
 msgstr "problema con l'agent: ha restituito 0x%lx\n"
 
-#: g10/passphrase.c:528
+#: g10/passphrase.c:564
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for\n"
@@ -5347,12 +5347,12 @@
 "Ti serve una passphrase per sbloccare la chiave segreta\n"
 "dell'utente: \""
 
-#: g10/passphrase.c:536
+#: g10/passphrase.c:572
 #, fuzzy, c-format
 msgid "%u-bit %s key, ID %s, created %s"
 msgstr "chiave %2$s di %1$u bit, ID %3$08lX, creata il %4$s"
 
-#: g10/passphrase.c:545
+#: g10/passphrase.c:581
 #, c-format
 msgid "         (subkey on main key ID %s)"
 msgstr ""

Modified: trunk/po/ja.po
===================================================================
--- trunk/po/ja.po	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/po/ja.po	2006-10-04 17:42:14 UTC (rev 4286)
@@ -9,7 +9,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.3.92\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:13+0200\n"
+"POT-Creation-Date: 2006-10-04 18:34+0200\n"
 "PO-Revision-Date: 2004-11-23 11:14+0900\n"
 "Last-Translator: IIDA Yosiaki <iida@gnu.org>\n"
 "Language-Team: Japanese <translation-team-ja@lists.sourceforge.net>\n"
@@ -5135,12 +5135,12 @@
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "��%d�β��̥ѥ��åȤ˥���ƥ����롦�ӥåȤ�ȯ��\n"
 
-#: g10/passphrase.c:280 g10/passphrase.c:549
+#: g10/passphrase.c:310 g10/passphrase.c:585
 #, c-format
 msgid " (main key ID %s)"
 msgstr " (�縰ID %s)"
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:324
 #, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -5151,24 +5151,24 @@
 "\"%.*s\"\n"
 "%u�ӥå�%s��, ID %s�������դ�%s%s\n"
 
-#: g10/passphrase.c:319
+#: g10/passphrase.c:349
 msgid "Repeat passphrase\n"
 msgstr "�ѥ��ե졼���������\n"
 
-#: g10/passphrase.c:321
+#: g10/passphrase.c:351
 msgid "Enter passphrase\n"
 msgstr "�ѥ��ե졼��������\n"
 
-#: g10/passphrase.c:345
+#: g10/passphrase.c:375
 msgid "cancelled by user\n"
 msgstr "�桼�����ˤ���ä�\n"
 
-#: g10/passphrase.c:350 g10/passphrase.c:406
+#: g10/passphrase.c:380 g10/passphrase.c:436
 #, fuzzy, c-format
 msgid "problem with the agent: %s\n"
 msgstr "����������Ȥ˾㳲: ����������Ȥ�0x%lx���ֵ�\n"
 
-#: g10/passphrase.c:528
+#: g10/passphrase.c:564
 #, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for\n"
@@ -5177,12 +5177,12 @@
 "���Υ桼��������̩���Υ��å���������ˤ�\n"
 "�ѥ��ե졼��������ޤ�:��%s��\n"
 
-#: g10/passphrase.c:536
+#: g10/passphrase.c:572
 #, c-format
 msgid "%u-bit %s key, ID %s, created %s"
 msgstr "%u�ӥå�%s��, ID %s�������դ�%s"
 
-#: g10/passphrase.c:545
+#: g10/passphrase.c:581
 #, c-format
 msgid "         (subkey on main key ID %s)"
 msgstr "         (�縰ID %s ������)"

Modified: trunk/po/nb.po
===================================================================
--- trunk/po/nb.po	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/po/nb.po	2006-10-04 17:42:14 UTC (rev 4286)
@@ -10,7 +10,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.4.3\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:13+0200\n"
+"POT-Creation-Date: 2006-10-04 18:34+0200\n"
 "PO-Revision-Date: 2006-06-13 20:31+0200\n"
 "Last-Translator: Trond Endrest�l <Trond.Endrestol@fagskolen.gjovik.no>\n"
 "Language-Team: Norwegian Bokm�l <i18n-nb@lister.ping.uio.no>\n"
@@ -5022,12 +5022,12 @@
 msgid "subpacket of type %d has critical bit set\n"
 msgstr ""
 
-#: g10/passphrase.c:280 g10/passphrase.c:549
+#: g10/passphrase.c:310 g10/passphrase.c:585
 #, c-format
 msgid " (main key ID %s)"
 msgstr " (hovedn�kkelid %s)"
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:324
 #, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -5038,24 +5038,24 @@
 "�%.*s�\n"
 "%u-bit %s n�kkel, ID %s, opprettet %s%s\n"
 
-#: g10/passphrase.c:319
+#: g10/passphrase.c:349
 msgid "Repeat passphrase\n"
 msgstr "Gjenta passfrase\n"
 
-#: g10/passphrase.c:321
+#: g10/passphrase.c:351
 msgid "Enter passphrase\n"
 msgstr "Tast inn passfrase\n"
 
-#: g10/passphrase.c:345
+#: g10/passphrase.c:375
 msgid "cancelled by user\n"
 msgstr ""
 
-#: g10/passphrase.c:350 g10/passphrase.c:406
+#: g10/passphrase.c:380 g10/passphrase.c:436
 #, c-format
 msgid "problem with the agent: %s\n"
 msgstr ""
 
-#: g10/passphrase.c:528
+#: g10/passphrase.c:564
 #, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for\n"
@@ -5064,12 +5064,12 @@
 "Du trenger en passfrase for � l�se opp den hemmelige n�kkelen for\n"
 "brukeren: �%s�\n"
 
-#: g10/passphrase.c:536
+#: g10/passphrase.c:572
 #, c-format
 msgid "%u-bit %s key, ID %s, created %s"
 msgstr "%u-bit %s-n�kkel, ID %s, opprettet %s"
 
-#: g10/passphrase.c:545
+#: g10/passphrase.c:581
 #, c-format
 msgid "         (subkey on main key ID %s)"
 msgstr ""

Modified: trunk/po/pl.po
===================================================================
--- trunk/po/pl.po	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/po/pl.po	2006-10-04 17:42:14 UTC (rev 4286)
@@ -8,7 +8,7 @@
 msgstr ""
 "Project-Id-Version: gnupg-1.2.2\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:13+0200\n"
+"POT-Creation-Date: 2006-10-04 18:34+0200\n"
 "PO-Revision-Date: 2004-06-23 15:54+0200\n"
 "Last-Translator: Janusz A. Urbanowicz <alex@bofh.net.pl>\n"
 "Language-Team: Polish <pl@li.org>\n"
@@ -5301,12 +5301,12 @@
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "podpakiet typu %d ma ustawiony krytyczny bit\n"
 
-#: g10/passphrase.c:280 g10/passphrase.c:549
+#: g10/passphrase.c:310 g10/passphrase.c:585
 #, fuzzy, c-format
 msgid " (main key ID %s)"
 msgstr " (podklucz %08lX)"
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:324
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -5317,24 +5317,24 @@
 "\"%.*s\".\n"
 "Klucz o d�ugo�ci %u bit�w, typ %s, numer %08lX, stworzony %s%s\n"
 
-#: g10/passphrase.c:319
+#: g10/passphrase.c:349
 msgid "Repeat passphrase\n"
 msgstr "Powt�rzone has�o\n"
 
-#: g10/passphrase.c:321
+#: g10/passphrase.c:351
 msgid "Enter passphrase\n"
 msgstr "Has�o\n"
 
-#: g10/passphrase.c:345
+#: g10/passphrase.c:375
 msgid "cancelled by user\n"
 msgstr "anulowano przez u�ytkownika\n"
 
-#: g10/passphrase.c:350 g10/passphrase.c:406
+#: g10/passphrase.c:380 g10/passphrase.c:436
 #, fuzzy, c-format
 msgid "problem with the agent: %s\n"
 msgstr "problem agenta: zwr�ci� 0x%lx\n"
 
-#: g10/passphrase.c:528
+#: g10/passphrase.c:564
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for\n"
@@ -5344,12 +5344,12 @@
 "Musisz poda� has�o aby odbezpieczy� klucz prywatny u�ytkownika:\n"
 "\""
 
-#: g10/passphrase.c:536
+#: g10/passphrase.c:572
 #, fuzzy, c-format
 msgid "%u-bit %s key, ID %s, created %s"
 msgstr "d�ugo�� %u bit�w, typ %s, numer %08lX, stworzony %s"
 
-#: g10/passphrase.c:545
+#: g10/passphrase.c:581
 #, c-format
 msgid "         (subkey on main key ID %s)"
 msgstr ""

Modified: trunk/po/pt.po
===================================================================
--- trunk/po/pt.po	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/po/pt.po	2006-10-04 17:42:14 UTC (rev 4286)
@@ -9,7 +9,7 @@
 msgstr ""
 "Project-Id-Version: gnupg\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:13+0200\n"
+"POT-Creation-Date: 2006-10-04 18:34+0200\n"
 "PO-Revision-Date: 2002-09-13 18:26+0100\n"
 "Last-Translator: Pedro Morais <morais@kde.org>\n"
 "Language-Team: pt <morais@kde.org>\n"
@@ -5284,12 +5284,12 @@
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "subpacote do tipo %d tem bit cr�tico ligado\n"
 
-#: g10/passphrase.c:280 g10/passphrase.c:549
+#: g10/passphrase.c:310 g10/passphrase.c:585
 #, fuzzy, c-format
 msgid " (main key ID %s)"
 msgstr " (ID principal da chave %08lX)"
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:324
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -5302,24 +5302,24 @@
 "\"%.*s\"\n"
 "chave %u bits %s, ID %08lx, criada %s%s\n"
 
-#: g10/passphrase.c:319
+#: g10/passphrase.c:349
 msgid "Repeat passphrase\n"
 msgstr "Repita a frase secreta\n"
 
-#: g10/passphrase.c:321
+#: g10/passphrase.c:351
 msgid "Enter passphrase\n"
 msgstr "Insira a frase secreta\n"
 
-#: g10/passphrase.c:345
+#: g10/passphrase.c:375
 msgid "cancelled by user\n"
 msgstr "cancelado pelo utilizador\n"
 
-#: g10/passphrase.c:350 g10/passphrase.c:406
+#: g10/passphrase.c:380 g10/passphrase.c:436
 #, fuzzy, c-format
 msgid "problem with the agent: %s\n"
 msgstr "problema com o agente: o agente returnou 0x%lx\n"
 
-#: g10/passphrase.c:528
+#: g10/passphrase.c:564
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for\n"
@@ -5329,12 +5329,12 @@
 "Voc� precisa de uma frase secreta para desbloquear a chave secreta do\n"
 "utilizador: \""
 
-#: g10/passphrase.c:536
+#: g10/passphrase.c:572
 #, fuzzy, c-format
 msgid "%u-bit %s key, ID %s, created %s"
 msgstr "chave de %u-bit/%s, ID %08lX, criada em %s"
 
-#: g10/passphrase.c:545
+#: g10/passphrase.c:581
 #, c-format
 msgid "         (subkey on main key ID %s)"
 msgstr ""

Modified: trunk/po/pt_BR.po
===================================================================
--- trunk/po/pt_BR.po	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/po/pt_BR.po	2006-10-04 17:42:14 UTC (rev 4286)
@@ -13,7 +13,7 @@
 msgstr ""
 "Project-Id-Version: GNU gnupg 1.0\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:13+0200\n"
+"POT-Creation-Date: 2006-10-04 18:34+0200\n"
 "PO-Revision-Date: 1998-11-20 23:46:36-0200\n"
 "Last-Translator:\n"
 "Language-Team: ?\n"
@@ -5230,12 +5230,12 @@
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "subpacote do tipo %d tem bit cr�tico ligado\n"
 
-#: g10/passphrase.c:280 g10/passphrase.c:549
+#: g10/passphrase.c:310 g10/passphrase.c:585
 #, fuzzy, c-format
 msgid " (main key ID %s)"
 msgstr " (ID principal da chave %08lX)"
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:324
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -5247,26 +5247,26 @@
 "usu�rio: \"%.*s\"\n"
 "%u-bit %s chave, ID %08lX, criada %s%s\n"
 
-#: g10/passphrase.c:319
+#: g10/passphrase.c:349
 #, fuzzy
 msgid "Repeat passphrase\n"
 msgstr "Repita a frase secreta: "
 
-#: g10/passphrase.c:321
+#: g10/passphrase.c:351
 #, fuzzy
 msgid "Enter passphrase\n"
 msgstr "Digite a frase secreta: "
 
-#: g10/passphrase.c:345
+#: g10/passphrase.c:375
 msgid "cancelled by user\n"
 msgstr ""
 
-#: g10/passphrase.c:350 g10/passphrase.c:406
+#: g10/passphrase.c:380 g10/passphrase.c:436
 #, c-format
 msgid "problem with the agent: %s\n"
 msgstr ""
 
-#: g10/passphrase.c:528
+#: g10/passphrase.c:564
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for\n"
@@ -5276,12 +5276,12 @@
 "Voc� precisa de uma frase secreta para desbloquear a chave secreta do\n"
 "usu�rio: \""
 
-#: g10/passphrase.c:536
+#: g10/passphrase.c:572
 #, fuzzy, c-format
 msgid "%u-bit %s key, ID %s, created %s"
 msgstr "chave de %u-bit/%s, ID %08lX, criada em %s"
 
-#: g10/passphrase.c:545
+#: g10/passphrase.c:581
 #, c-format
 msgid "         (subkey on main key ID %s)"
 msgstr ""

Modified: trunk/po/ro.po
===================================================================
--- trunk/po/ro.po	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/po/ro.po	2006-10-04 17:42:14 UTC (rev 4286)
@@ -9,7 +9,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.4.2rc1\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:13+0200\n"
+"POT-Creation-Date: 2006-10-04 18:34+0200\n"
 "PO-Revision-Date: 2005-05-31 22:00-0500\n"
 "Last-Translator: Laurentiu Buzdugan <lbuz@rolix.org>\n"
 "Language-Team: Romanian <translation-team-ro@lists.sourceforge.net>\n"
@@ -5202,12 +5202,12 @@
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "subpachetul de tip %d are bitul critic setat\n"
 
-#: g10/passphrase.c:280 g10/passphrase.c:549
+#: g10/passphrase.c:310 g10/passphrase.c:585
 #, c-format
 msgid " (main key ID %s)"
 msgstr " (ID cheie principal� %s)"
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:324
 #, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -5219,24 +5219,24 @@
 "\"%.*s\"\n"
 "cheia %u-bit %s, ID %s, creat� %s%s\n"
 
-#: g10/passphrase.c:319
+#: g10/passphrase.c:349
 msgid "Repeat passphrase\n"
 msgstr "Repeta�i fraza-parol�\n"
 
-#: g10/passphrase.c:321
+#: g10/passphrase.c:351
 msgid "Enter passphrase\n"
 msgstr "Introduce�i fraza-parol�\n"
 
-#: g10/passphrase.c:345
+#: g10/passphrase.c:375
 msgid "cancelled by user\n"
 msgstr "anulat� de utilizator\n"
 
-#: g10/passphrase.c:350 g10/passphrase.c:406
+#: g10/passphrase.c:380 g10/passphrase.c:436
 #, fuzzy, c-format
 msgid "problem with the agent: %s\n"
 msgstr "problem� cu agentul: agentul returneaz� 0x%lx\n"
 
-#: g10/passphrase.c:528
+#: g10/passphrase.c:564
 #, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for\n"
@@ -5245,12 +5245,12 @@
 "Ave�i nevoie de o fraz�-parol� pentru a descuia cheia secret� pentru\n"
 "utilizator: \"%s\"\n"
 
-#: g10/passphrase.c:536
+#: g10/passphrase.c:572
 #, c-format
 msgid "%u-bit %s key, ID %s, created %s"
 msgstr "cheia %u-bit %s, ID %s, creat� %s"
 
-#: g10/passphrase.c:545
+#: g10/passphrase.c:581
 #, c-format
 msgid "         (subkey on main key ID %s)"
 msgstr "         (subcheie pe cheia principal� ID %s)"

Modified: trunk/po/ru.po
===================================================================
--- trunk/po/ru.po	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/po/ru.po	2006-10-04 17:42:14 UTC (rev 4286)
@@ -8,7 +8,7 @@
 msgstr ""
 "Project-Id-Version: GnuPG 1.4.2\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:13+0200\n"
+"POT-Creation-Date: 2006-10-04 18:34+0200\n"
 "PO-Revision-Date: 2005-06-22 02:53+0200\n"
 "Last-Translator: Maxim Britov <maxbritov@tut.by>\n"
 "Language-Team: Russian <gnupg-ru@gnupg.org>\n"
@@ -5157,12 +5157,12 @@
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "подпакет типа %d имеет выставленный критический бит\n"
 
-#: g10/passphrase.c:280 g10/passphrase.c:549
+#: g10/passphrase.c:310 g10/passphrase.c:585
 #, c-format
 msgid " (main key ID %s)"
 msgstr " (главный ключ ID %s)"
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:324
 #, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -5173,36 +5173,36 @@
 "\"%.*s\"\n"
 "%u-бит %s ключ, ID %s, создан %s%s\n"
 
-#: g10/passphrase.c:319
+#: g10/passphrase.c:349
 msgid "Repeat passphrase\n"
 msgstr "Повторите пароль\n"
 
-#: g10/passphrase.c:321
+#: g10/passphrase.c:351
 msgid "Enter passphrase\n"
 msgstr "Введите пароль\n"
 
-#: g10/passphrase.c:345
+#: g10/passphrase.c:375
 msgid "cancelled by user\n"
 msgstr "прервано пользователем\n"
 
-#: g10/passphrase.c:350 g10/passphrase.c:406
+#: g10/passphrase.c:380 g10/passphrase.c:436
 #, fuzzy, c-format
 msgid "problem with the agent: %s\n"
 msgstr "проблема с агентом - использование агента отключено\n"
 
-#: g10/passphrase.c:528
+#: g10/passphrase.c:564
 #, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for\n"
 "user: \"%s\"\n"
 msgstr "Необходим пароль для доступа к секретному ключу пользователя: \"%s\"\n"
 
-#: g10/passphrase.c:536
+#: g10/passphrase.c:572
 #, c-format
 msgid "%u-bit %s key, ID %s, created %s"
 msgstr "%u-бит %s ключ, ID %s, создан %s"
 
-#: g10/passphrase.c:545
+#: g10/passphrase.c:581
 #, c-format
 msgid "         (subkey on main key ID %s)"
 msgstr "         (подключ на главном ключе %s)"

Modified: trunk/po/sk.po
===================================================================
--- trunk/po/sk.po	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/po/sk.po	2006-10-04 17:42:14 UTC (rev 4286)
@@ -5,7 +5,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.2.5\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:13+0200\n"
+"POT-Creation-Date: 2006-10-04 18:34+0200\n"
 "PO-Revision-Date: 2004-07-20 15:52+0200\n"
 "Last-Translator: Michal Majer <mmajer@econ.umb.sk>\n"
 "Language-Team: Slovak <sk-i18n@lists.linux.sk>\n"
@@ -5289,12 +5289,12 @@
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "podpaket typu %d m� nastaven� kritick� bit\n"
 
-#: g10/passphrase.c:280 g10/passphrase.c:549
+#: g10/passphrase.c:310 g10/passphrase.c:585
 #, fuzzy, c-format
 msgid " (main key ID %s)"
 msgstr " (hlavn� ID k���a %08lX)"
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:324
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -5305,24 +5305,24 @@
 "\"%.*s\"\n"
 "k��� s d�kou %u bitov, typ %s, ID %08lX, vytvoren� %s%s\n"
 
-#: g10/passphrase.c:319
+#: g10/passphrase.c:349
 msgid "Repeat passphrase\n"
 msgstr "Opakova� heslo\n"
 
-#: g10/passphrase.c:321
+#: g10/passphrase.c:351
 msgid "Enter passphrase\n"
 msgstr "Vlo�i� heslo\n"
 
-#: g10/passphrase.c:345
+#: g10/passphrase.c:375
 msgid "cancelled by user\n"
 msgstr "zru�en� u��vate�om\n"
 
-#: g10/passphrase.c:350 g10/passphrase.c:406
+#: g10/passphrase.c:380 g10/passphrase.c:436
 #, fuzzy, c-format
 msgid "problem with the agent: %s\n"
 msgstr "probl�m s agentom: agent vracia 0x%lx\n"
 
-#: g10/passphrase.c:528
+#: g10/passphrase.c:564
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for\n"
@@ -5332,12 +5332,12 @@
 "Mus�te pozna� heslo, aby ste odomkli tajn� k��� pre\n"
 "u��vate�a: \""
 
-#: g10/passphrase.c:536
+#: g10/passphrase.c:572
 #, fuzzy, c-format
 msgid "%u-bit %s key, ID %s, created %s"
 msgstr "d�ka %u bitov, typ %s, ID %08lX, vytvoren� %s"
 
-#: g10/passphrase.c:545
+#: g10/passphrase.c:581
 #, c-format
 msgid "         (subkey on main key ID %s)"
 msgstr ""

Modified: trunk/po/sv.po
===================================================================
--- trunk/po/sv.po	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/po/sv.po	2006-10-04 17:42:14 UTC (rev 4286)
@@ -23,7 +23,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.2.6\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:13+0200\n"
+"POT-Creation-Date: 2006-10-04 18:34+0200\n"
 "PO-Revision-Date: 2004-12-01 17:49+0100\n"
 "Last-Translator: Per Tunedal <info@clipanish.com>\n"
 "Language-Team: Swedish <sv@li.org>\n"
@@ -5398,12 +5398,12 @@
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "underpaket av typen %d har den bit satt som markerar den som kritisk\n"
 
-#: g10/passphrase.c:280 g10/passphrase.c:549
+#: g10/passphrase.c:310 g10/passphrase.c:585
 #, fuzzy, c-format
 msgid " (main key ID %s)"
 msgstr " (huvudnyckelns identitet %08lX)"
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:324
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -5414,24 +5414,24 @@
 "användaren: \"%.*s\"\n"
 "%u-bitars %s-nyckel, ID %08lX, skapad %s%s\n"
 
-#: g10/passphrase.c:319
+#: g10/passphrase.c:349
 msgid "Repeat passphrase\n"
 msgstr "Repetera lösenmeningen\n"
 
-#: g10/passphrase.c:321
+#: g10/passphrase.c:351
 msgid "Enter passphrase\n"
 msgstr "Ange lösenmening\n"
 
-#: g10/passphrase.c:345
+#: g10/passphrase.c:375
 msgid "cancelled by user\n"
 msgstr "avbruten av användaren\n"
 
-#: g10/passphrase.c:350 g10/passphrase.c:406
+#: g10/passphrase.c:380 g10/passphrase.c:436
 #, fuzzy, c-format
 msgid "problem with the agent: %s\n"
 msgstr "problem med GPG-Agent: programmet svarar 0x%lx\n"
 
-#: g10/passphrase.c:528
+#: g10/passphrase.c:564
 #, fuzzy, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for\n"
@@ -5441,12 +5441,12 @@
 "Du behöver en lösenmening för att låsa upp den hemliga nyckeln för\n"
 "användaren: \""
 
-#: g10/passphrase.c:536
+#: g10/passphrase.c:572
 #, fuzzy, c-format
 msgid "%u-bit %s key, ID %s, created %s"
 msgstr "%u-bits  %s-nyckel, ID %08lX, skapad %s"
 
-#: g10/passphrase.c:545
+#: g10/passphrase.c:581
 #, c-format
 msgid "         (subkey on main key ID %s)"
 msgstr ""

Modified: trunk/po/tr.po
===================================================================
--- trunk/po/tr.po	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/po/tr.po	2006-10-04 17:42:14 UTC (rev 4286)
@@ -6,7 +6,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.4.1\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:13+0200\n"
+"POT-Creation-Date: 2006-10-04 18:34+0200\n"
 "PO-Revision-Date: 2005-03-16 07:30+0300\n"
 "Last-Translator: Nilgün Belma Bugüner <nilgun@superonline.com>\n"
 "Language-Team: Turkish <gnu-tr-u12a@lists.sourceforge.net>\n"
@@ -5180,12 +5180,12 @@
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "%d tipi alt paket kritik bit kümesine sahip\n"
 
-#: g10/passphrase.c:280 g10/passphrase.c:549
+#: g10/passphrase.c:310 g10/passphrase.c:585
 #, c-format
 msgid " (main key ID %s)"
 msgstr " (asıl anahtar kimliği %s)"
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:324
 #, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -5196,24 +5196,24 @@
 "kullanıcısının gizli anahtarını açacak bir anahtar parolasına ihtiyaç var.\n"
 "%u bitlik %s anahtarı, kimlik %s, oluşturma tarihi %s%s\n"
 
-#: g10/passphrase.c:319
+#: g10/passphrase.c:349
 msgid "Repeat passphrase\n"
 msgstr "Parolayı tekrar yazınız\n"
 
-#: g10/passphrase.c:321
+#: g10/passphrase.c:351
 msgid "Enter passphrase\n"
 msgstr "Anahtar parolasını giriniz\n"
 
-#: g10/passphrase.c:345
+#: g10/passphrase.c:375
 msgid "cancelled by user\n"
 msgstr "kullanıcı tarafından durduruldu\n"
 
-#: g10/passphrase.c:350 g10/passphrase.c:406
+#: g10/passphrase.c:380 g10/passphrase.c:436
 #, fuzzy, c-format
 msgid "problem with the agent: %s\n"
 msgstr "vekil ile sorun var: vekil 0x%lx ile sonuçlandı\n"
 
-#: g10/passphrase.c:528
+#: g10/passphrase.c:564
 #, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for\n"
@@ -5222,12 +5222,12 @@
 "Gizli anahtarın kilidini açmak için bir anahtar parolasına ihtiyacınız var.\n"
 "Anahtarın sahibi: \"%s\"\n"
 
-#: g10/passphrase.c:536
+#: g10/passphrase.c:572
 #, c-format
 msgid "%u-bit %s key, ID %s, created %s"
 msgstr "%u bitlik %s anahtarı, %s kimliği ile %s tarihinde üretilmiş"
 
-#: g10/passphrase.c:545
+#: g10/passphrase.c:581
 #, c-format
 msgid "         (subkey on main key ID %s)"
 msgstr "         (asıl anahtar kimliği %s üzerinde yardımcı anahtar)"

Modified: trunk/po/zh_CN.po
===================================================================
--- trunk/po/zh_CN.po	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/po/zh_CN.po	2006-10-04 17:42:14 UTC (rev 4286)
@@ -7,7 +7,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.4.4\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:13+0200\n"
+"POT-Creation-Date: 2006-10-04 18:34+0200\n"
 "PO-Revision-Date: 2006-07-02 10:58+0800\n"
 "Last-Translator: Meng Jie <zuxyhere@eastday.com>\n"
 "Language-Team: Chinese (simplified) <i18n-translation@lists.linux.net.cn>\n"
@@ -5052,12 +5052,12 @@
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "%d 类别的子包设定了关键位\n"
 
-#: g10/passphrase.c:280 g10/passphrase.c:549
+#: g10/passphrase.c:310 g10/passphrase.c:585
 #, c-format
 msgid " (main key ID %s)"
 msgstr " (主钥匙号 %s)"
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:324
 #, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -5068,36 +5068,36 @@
 "“%.*s”\n"
 "%u 位的 %s 密钥，钥匙号 %s，建立于 %s%s\n"
 
-#: g10/passphrase.c:319
+#: g10/passphrase.c:349
 msgid "Repeat passphrase\n"
 msgstr "请再输入一次密码\n"
 
-#: g10/passphrase.c:321
+#: g10/passphrase.c:351
 msgid "Enter passphrase\n"
 msgstr "请输入密码\n"
 
-#: g10/passphrase.c:345
+#: g10/passphrase.c:375
 msgid "cancelled by user\n"
 msgstr "用户取消\n"
 
-#: g10/passphrase.c:350 g10/passphrase.c:406
+#: g10/passphrase.c:380 g10/passphrase.c:436
 #, fuzzy, c-format
 msgid "problem with the agent: %s\n"
 msgstr "代理程序有问题――正在停用代理程序\n"
 
-#: g10/passphrase.c:528
+#: g10/passphrase.c:564
 #, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for\n"
 "user: \"%s\"\n"
 msgstr "您需要输入密码，才能解开这个用户的私钥：“%s”\n"
 
-#: g10/passphrase.c:536
+#: g10/passphrase.c:572
 #, c-format
 msgid "%u-bit %s key, ID %s, created %s"
 msgstr "%u 位的 %s 密钥，钥匙号 %s，建立于 %s"
 
-#: g10/passphrase.c:545
+#: g10/passphrase.c:581
 #, c-format
 msgid "         (subkey on main key ID %s)"
 msgstr "         (主钥 %s 的子钥)"

Modified: trunk/po/zh_TW.po
===================================================================
--- trunk/po/zh_TW.po	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/po/zh_TW.po	2006-10-04 17:42:14 UTC (rev 4286)
@@ -9,7 +9,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.4.2\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:13+0200\n"
+"POT-Creation-Date: 2006-10-04 18:34+0200\n"
 "PO-Revision-Date: 2005-07-29 09:49+0800\n"
 "Last-Translator: Jedi <Jedi@Jedi.org>\n"
 "Language-Team: Chinese (traditional) <zh-l10n@linux.org.tw>\n"
@@ -5088,12 +5088,12 @@
 msgid "subpacket of type %d has critical bit set\n"
 msgstr "%d 類別的子封包設定了關鍵位元\n"
 
-#: g10/passphrase.c:280 g10/passphrase.c:549
+#: g10/passphrase.c:310 g10/passphrase.c:585
 #, c-format
 msgid " (main key ID %s)"
 msgstr " (主要金鑰 ID %s)"
 
-#: g10/passphrase.c:294
+#: g10/passphrase.c:324
 #, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for user:\n"
@@ -5104,24 +5104,24 @@
 "\"%.*s\"\n"
 "%u 位元長的 %s 金鑰, ID %s, 建立於 %s%s\n"
 
-#: g10/passphrase.c:319
+#: g10/passphrase.c:349
 msgid "Repeat passphrase\n"
 msgstr "請再輸入一次密語\n"
 
-#: g10/passphrase.c:321
+#: g10/passphrase.c:351
 msgid "Enter passphrase\n"
 msgstr "請輸入密語\n"
 
-#: g10/passphrase.c:345
+#: g10/passphrase.c:375
 msgid "cancelled by user\n"
 msgstr "由使用者取消了\n"
 
-#: g10/passphrase.c:350 g10/passphrase.c:406
+#: g10/passphrase.c:380 g10/passphrase.c:436
 #, fuzzy, c-format
 msgid "problem with the agent: %s\n"
 msgstr "代理程式的問題 - 正在停用代理程式\n"
 
-#: g10/passphrase.c:528
+#: g10/passphrase.c:564
 #, c-format
 msgid ""
 "You need a passphrase to unlock the secret key for\n"
@@ -5130,12 +5130,12 @@
 "妳需要用密語來解開下列使用者的\n"
 "私鑰: \"%s\"\n"
 
-#: g10/passphrase.c:536
+#: g10/passphrase.c:572
 #, c-format
 msgid "%u-bit %s key, ID %s, created %s"
 msgstr "%u 位元長的 %s 金鑰, ID %s, 建立於 %s"
 
-#: g10/passphrase.c:545
+#: g10/passphrase.c:581
 #, c-format
 msgid "         (subkey on main key ID %s)"
 msgstr "         (在主鑰 ID %s 上的子鑰)"

Modified: trunk/tests/openpgp/ChangeLog
===================================================================
--- trunk/tests/openpgp/ChangeLog	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/tests/openpgp/ChangeLog	2006-10-04 17:42:14 UTC (rev 4286)
@@ -1,3 +1,7 @@
+2006-10-04  Werner Koch  <wk@g10code.com>
+
+	* signencrypt.test: Need to prepend srcdir to the file name
+
 2006-09-27  Werner Koch  <wk@g10code.com>
 
 	* signencrypt.test: Add a test for bug 537.

Modified: trunk/tests/openpgp/signencrypt.test
===================================================================
--- trunk/tests/openpgp/signencrypt.test	2006-10-04 17:22:24 UTC (rev 4285)
+++ trunk/tests/openpgp/signencrypt.test	2006-10-04 17:42:14 UTC (rev 4286)
@@ -11,7 +11,7 @@
     cmp $i y || error "$i: mismatch"
 done
 
-i=bug537-test.data.asc
+i=$srcdir/bug537-test.data.asc
 info "Checking bug 537: MDC problem with old style compressed packets."
 echo "$usrpass1" | $GPG --passphrase-fd 0 -o y --yes $i
 tmp=`$GPG --with-colons --print-md sha1 <y`


From cvs at cvs.gnupg.org  Wed Oct  4 19:45:48 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Wed Oct  4 18:58:49 2006
Subject: [svn] assuan - r215 - trunk
Message-ID: <E1GVA50-000828-Nt@trithemius.gnupg.org>

Author: wk
Date: 2006-10-04 19:45:47 +0200 (Wed, 04 Oct 2006)
New Revision: 215

Modified:
   trunk/ChangeLog
   trunk/NEWS
   trunk/configure.ac
Log:
The second release of today.


Modified: trunk/ChangeLog
===================================================================
--- trunk/ChangeLog	2006-10-04 17:03:36 UTC (rev 214)
+++ trunk/ChangeLog	2006-10-04 17:45:47 UTC (rev 215)
@@ -1,8 +1,13 @@
 2006-10-04  Werner Koch  <wk@g10code.com>
 
+	Released 0.9.2.
+	
+2006-10-04  Werner Koch  <wk@g10code.com>
+
 	Released 0.9.1.
 	
 	* configure.ac (AB_INIT): New.
+
 	* m4/autobuild.m4: New.
 
 2006-09-19  Werner Koch  <wk@g10code.com>

Modified: trunk/NEWS
===================================================================
--- trunk/NEWS	2006-10-04 17:03:36 UTC (rev 214)
+++ trunk/NEWS	2006-10-04 17:45:47 UTC (rev 215)
@@ -1,7 +1,9 @@
-Noteworthy changes in version 0.9.2
+Noteworthy changes in version 0.9.2 (2006-10-04)
 ------------------------------------------------
 
+ * A fix to make CANCEL work again in Pinentries.
 
+
 Noteworthy changes in version 0.9.1 (2006-10-04)
 ------------------------------------------------
 

Modified: trunk/configure.ac
===================================================================
--- trunk/configure.ac	2006-10-04 17:03:36 UTC (rev 214)
+++ trunk/configure.ac	2006-10-04 17:45:47 UTC (rev 215)
@@ -25,7 +25,7 @@
 
 # Version number: Remember to change it immediately *after* a release.
 #                 Add a "-cvs" prefix for non-released code.
-AC_INIT(libassuan, 0.9.2-cvs, gnupg-devel@gnupg.org)
+AC_INIT(libassuan, 0.9.2, gnupg-devel@gnupg.org)
 # Note, that this is not yet available as a shared library.
 
 PACKAGE=$PACKAGE_NAME


From cvs at cvs.gnupg.org  Wed Oct  4 19:52:08 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Wed Oct  4 19:05:11 2006
Subject: [svn] assuan - r216 - tags
Message-ID: <E1GVAB9-0008Cm-6h@trithemius.gnupg.org>

Author: wk
Date: 2006-10-04 19:52:08 +0200 (Wed, 04 Oct 2006)
New Revision: 216

Added:
   tags/libassuan-0.9.2/
Log:
Another release


Copied: tags/libassuan-0.9.2 (from rev 215, trunk)


From cvs at cvs.gnupg.org  Wed Oct  4 19:53:02 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Wed Oct  4 19:06:03 2006
Subject: [svn] GnuPG -  r4287 - tags
Message-ID: <E1GVAC0-0008EB-No@trithemius.gnupg.org>

Author: wk
Date: 2006-10-04 19:53:02 +0200 (Wed, 04 Oct 2006)
New Revision: 4287

Added:
   tags/gnupg-1.9.91/
Log:


From cvs at cvs.gnupg.org  Wed Oct  4 23:23:48 2006
From: cvs at cvs.gnupg.org (svn author dshaw)
Date: Wed Oct  4 22:36:53 2006
Subject: [svn] GnuPG -  r4288 - trunk/common
Message-ID: <E1GVDTy-00066t-Dc@trithemius.gnupg.org>

Author: dshaw
Date: 2006-10-04 23:23:47 +0200 (Wed, 04 Oct 2006)
New Revision: 4288

Modified:
   trunk/common/ChangeLog
   trunk/common/gpgrlhelp.c
Log:
* gpgrlhelp.c: readline requires stdio.h.


Modified: trunk/common/ChangeLog
===================================================================
--- trunk/common/ChangeLog	2006-10-04 17:53:02 UTC (rev 4287)
+++ trunk/common/ChangeLog	2006-10-04 21:23:47 UTC (rev 4288)
@@ -1,3 +1,7 @@
+2006-10-04  David Shaw  <dshaw@jabberwocky.com>
+
+	* gpgrlhelp.c: readline requires stdio.h.
+
 2006-10-04  Werner Koch  <wk@g10code.com>
 
 	* membuf.c (init_membuf_secure): New.

Modified: trunk/common/gpgrlhelp.c
===================================================================
--- trunk/common/gpgrlhelp.c	2006-10-04 17:53:02 UTC (rev 4287)
+++ trunk/common/gpgrlhelp.c	2006-10-04 21:23:47 UTC (rev 4288)
@@ -31,6 +31,7 @@
 
 #ifdef HAVE_LIBREADLINE
 #define GNUPG_LIBREADLINE_H_INCLUDED
+#include <stdio.h>
 #include <readline/readline.h>
 #include <readline/history.h>
 #endif


From cvs at cvs.gnupg.org  Thu Oct  5 10:01:12 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Thu Oct  5 09:14:13 2006
Subject: [svn] gcry - r1179 - trunk/cipher
Message-ID: <E1GVNQm-0000C8-7t@trithemius.gnupg.org>

Author: wk
Date: 2006-10-05 10:01:11 +0200 (Thu, 05 Oct 2006)
New Revision: 1179

Modified:
   trunk/cipher/ChangeLog
   trunk/cipher/pubkey.c
   trunk/cipher/rndw32.c
   trunk/cipher/tiger.c
Log:
fix gcc4 warning (David) and other collected fixes.


Modified: trunk/cipher/ChangeLog
===================================================================
--- trunk/cipher/ChangeLog	2006-08-29 10:21:09 UTC (rev 1178)
+++ trunk/cipher/ChangeLog	2006-10-05 08:01:11 UTC (rev 1179)
@@ -1,3 +1,19 @@
+2006-10-04  David Shaw  <dshaw@jabberwocky.com>  (wk)
+ 
+	* tiger.c (round): Rename to tiger_round as gcc 4 has a built-in
+	round function that this conflicts with.
+ 
+2006-09-11  Werner Koch  <wk@g10code.com>
+
+	* rndw32.c (slow_gatherer_windowsNT): While adding data use the
+	size of the diskPerformance and not its address. Has been fixed in
+	GnuPG more than a year ago.  Noted by Lee Fisher.
+
+2006-08-30  Werner Koch  <wk@g10code.com>
+
+	* pubkey.c (sexp_data_to_mpi): Need to allow "ripemd160" here as
+	this is the canonical name.
+
 2006-08-29  Hye-Shik Chang <perky@FreeBSD.org>  (wk)
 
 	* seed.c: New.

Modified: trunk/cipher/pubkey.c
===================================================================
--- trunk/cipher/pubkey.c	2006-08-29 10:21:09 UTC (rev 1178)
+++ trunk/cipher/pubkey.c	2006-10-05 08:01:11 UTC (rev 1179)
@@ -1265,8 +1265,9 @@
           static struct { const char *name; int algo; } hashnames[] = 
           { { "sha1",   GCRY_MD_SHA1 },
             { "md5",    GCRY_MD_MD5 },
+            { "sha256", GCRY_MD_SHA256 },
+            { "ripemd160", GCRY_MD_RMD160 },
             { "rmd160", GCRY_MD_RMD160 },
-            { "sha256", GCRY_MD_SHA256 },
             { "sha384", GCRY_MD_SHA384 },
             { "sha512", GCRY_MD_SHA512 },
             { "md2",    GCRY_MD_MD2 },

Modified: trunk/cipher/rndw32.c
===================================================================
--- trunk/cipher/rndw32.c	2006-08-29 10:21:09 UTC (rev 1178)
+++ trunk/cipher/rndw32.c	2006-10-05 08:01:11 UTC (rev 1179)
@@ -398,7 +398,7 @@
 	/* Note: This only works if you have turned on the disk performance
 	 * counters with 'diskperf -y'.  These counters are off by default */
 	if (DeviceIoControl (hDevice, IOCTL_DISK_PERFORMANCE, NULL, 0,
-			     &diskPerformance, SIZEOF_DISK_PERFORMANCE_STRUCT,
+			     diskPerformance, SIZEOF_DISK_PERFORMANCE_STRUCT,
 			     &dwSize, NULL))
 	{
 	    if ( debug_me )

Modified: trunk/cipher/tiger.c
===================================================================
--- trunk/cipher/tiger.c	2006-08-29 10:21:09 UTC (rev 1178)
+++ trunk/cipher/tiger.c	2006-10-05 08:01:11 UTC (rev 1179)
@@ -600,7 +600,7 @@
 }
 
 static void
-round( u64 *ra, u64 *rb, u64 *rc, u64 x, int mul )
+tiger_round( u64 *ra, u64 *rb, u64 *rc, u64 x, int mul )
 {
   u64 a = *ra;
   u64 b = *rb;
@@ -626,14 +626,14 @@
   u64 b = *rb;
   u64 c = *rc;
 
-  round( &a, &b, &c, x[0], mul );
-  round( &b, &c, &a, x[1], mul );
-  round( &c, &a, &b, x[2], mul );
-  round( &a, &b, &c, x[3], mul );
-  round( &b, &c, &a, x[4], mul );
-  round( &c, &a, &b, x[5], mul );
-  round( &a, &b, &c, x[6], mul );
-  round( &b, &c, &a, x[7], mul );
+  tiger_round( &a, &b, &c, x[0], mul );
+  tiger_round( &b, &c, &a, x[1], mul );
+  tiger_round( &c, &a, &b, x[2], mul );
+  tiger_round( &a, &b, &c, x[3], mul );
+  tiger_round( &b, &c, &a, x[4], mul );
+  tiger_round( &c, &a, &b, x[5], mul );
+  tiger_round( &a, &b, &c, x[6], mul );
+  tiger_round( &b, &c, &a, x[7], mul );
 
   *ra = a;
   *rb = b;


From cvs at cvs.gnupg.org  Thu Oct  5 13:06:43 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Thu Oct  5 12:19:43 2006
Subject: [svn] GnuPG -  r4289 - in trunk: . agent doc g10 scd sm
Message-ID: <E1GVQKI-0007jc-R2@trithemius.gnupg.org>

Author: wk
Date: 2006-10-05 13:06:42 +0200 (Thu, 05 Oct 2006)
New Revision: 4289

Modified:
   trunk/NEWS
   trunk/TODO
   trunk/agent/ChangeLog
   trunk/agent/command.c
   trunk/agent/divert-scd.c
   trunk/configure.ac
   trunk/doc/gpg-agent.texi
   trunk/g10/ChangeLog
   trunk/g10/seskey.c
   trunk/g10/status.c
   trunk/scd/app-openpgp.c
   trunk/sm/ChangeLog
   trunk/sm/certcheck.c
Log:
bug fixes


Modified: trunk/NEWS
===================================================================
--- trunk/NEWS	2006-10-04 21:23:47 UTC (rev 4288)
+++ trunk/NEWS	2006-10-05 11:06:42 UTC (rev 4289)
@@ -1,3 +1,7 @@
+Noteworthy changes in version 1.9.92
+-------------------------------------------------
+
+
 Noteworthy changes in version 1.9.91 (2006-10-04)
 -------------------------------------------------
 

Modified: trunk/TODO
===================================================================
--- trunk/TODO	2006-10-04 21:23:47 UTC (rev 4288)
+++ trunk/TODO	2006-10-05 11:06:42 UTC (rev 4289)
@@ -69,12 +69,6 @@
  not a real problem because application will get a card removed status
  and should the send a reset to try solving the problem.
 
-* tests
-** Makefile.am
-  We use printf(1) to setup the library path, this is not portable.
-  Furthermore LD_LIBRARY_PATH is not used on all systems.  It doesn't
-  matter for now, because we use some GNU/*BSDish features anyway.
-
 ** Add a test to check the extkeyusage.
 
 * Windows port
@@ -93,16 +87,20 @@
 
 * g10/
 ** issue a NO_SECKEY xxxx if a -u key was not found.
-** Replace DIGEST_ALGO_SHA224
-   We can't do that right now because it is only defined by newer
-   versions of libgcrypt.  Change this if we require libgcrypt 1.3
-   anyway.
 ** qbits
    We pass a new qbit parameter to genkey - implement this in libgcrypt.
+
+* When switching to libgcrypt 1.3
+** scd#encode_md_for_card, g10#encode_md_value, sm@do_encode_md
+   Remove the extra test for a valid algorithm as libgcrypt will do it
+   then in gcry_md_algo_info.
 ** skclist.c
-   As soon as we switch to libgcrypt 1.3 we should remove the hard
-   coded constant in random_is_faked.
+   Remove the hard coded constant in random_is_faked.
+** g10/ Replace DIGEST_ALGO_SHA224
+   We can't do that right now because it is only defined by newer
+   versions of libgcrypt. 
 
+
 * Extend selinux support to other modules
 
 * Remove -sat PGP2 compatibility hack

Modified: trunk/agent/ChangeLog
===================================================================
--- trunk/agent/ChangeLog	2006-10-04 21:23:47 UTC (rev 4288)
+++ trunk/agent/ChangeLog	2006-10-05 11:06:42 UTC (rev 4289)
@@ -1,3 +1,7 @@
+2006-10-05  Werner Koch  <wk@g10code.com>
+
+	* divert-scd.c (encode_md_for_card): Check that the algo is valid.
+
 2006-10-04  Werner Koch  <wk@g10code.com>
 
 	* call-pinentry.c (agent_get_passphrase): Changed to return the

Modified: trunk/agent/command.c
===================================================================
--- trunk/agent/command.c	2006-10-04 21:23:47 UTC (rev 4288)
+++ trunk/agent/command.c	2006-10-05 11:06:42 UTC (rev 4289)
@@ -470,7 +470,7 @@
   char *endp;
   int algo;
 
-  /* parse the algo number and check it */
+  /* Parse the algo number and check it. */
   algo = (int)strtoul (line, &endp, 10);
   for (line = endp; *line == ' ' || *line == '\t'; line++)
     ;
@@ -478,7 +478,7 @@
     return set_error (GPG_ERR_UNSUPPORTED_ALGORITHM, NULL);
   ctrl->digest.algo = algo;
 
-  /* parse the hash value */
+  /* Parse the hash value. */
   rc = parse_hexstring (ctx, line, &n);
   if (rc)
     return rc;

Modified: trunk/agent/divert-scd.c
===================================================================
--- trunk/agent/divert-scd.c	2006-10-04 21:23:47 UTC (rev 4288)
+++ trunk/agent/divert-scd.c	2006-10-05 11:06:42 UTC (rev 4289)
@@ -148,6 +148,8 @@
   *r_len = 0;
 
   asnlen = DIM(asn);
+  if (!algo || gcry_md_test_algo (algo))
+    return gpg_error (GPG_ERR_DIGEST_ALGO);
   if (gcry_md_algo_info (algo, GCRYCTL_GET_ASNOID, asn, &asnlen))
     {
       log_error ("no object identifier for algo %d\n", algo);

Modified: trunk/configure.ac
===================================================================
--- trunk/configure.ac	2006-10-04 21:23:47 UTC (rev 4288)
+++ trunk/configure.ac	2006-10-05 11:06:42 UTC (rev 4289)
@@ -26,8 +26,8 @@
 # Remember to change the version number immediately *after* a release.
 # Set my_issvn to "yes" for non-released code.  Remember to run an
 # "svn up" and "autogen.sh" right before creating a distribution.
-m4_define([my_version], [1.9.91])
-m4_define([my_issvn], [no])
+m4_define([my_version], [1.9.92])
+m4_define([my_issvn], [yes])
 
 
 m4_define([svn_revision], m4_esyscmd([echo -n $((svn info 2>/dev/null \

Modified: trunk/doc/gpg-agent.texi
===================================================================
--- trunk/doc/gpg-agent.texi	2006-10-04 21:23:47 UTC (rev 4288)
+++ trunk/doc/gpg-agent.texi	2006-10-05 11:06:42 UTC (rev 4289)
@@ -740,11 +740,12 @@
 okay.
 
 @example
-   SETHASH <hexstring>
+   SETHASH <algo> <hexstring>
 @end example
 
-The client can use this command to tell the server about the data
-(which usually is a hash) to be signed.  
+The client can use this command to tell the server about the data <hexstring>
+(which usually is a hash) to be signed. <algo> is the decimal encoded hash
+algorithm number as used by Libgcrypt.
 
 The actual signing is done using
 

Modified: trunk/g10/ChangeLog
===================================================================
--- trunk/g10/ChangeLog	2006-10-04 21:23:47 UTC (rev 4288)
+++ trunk/g10/ChangeLog	2006-10-05 11:06:42 UTC (rev 4289)
@@ -1,3 +1,11 @@
+2006-10-05  Werner Koch  <wk@g10code.com>
+
+	* status.c (progress_cb): Changed to libgcrypt API.
+	(set_status_fd): Register the progress cb.
+
+	* seskey.c (encode_md_value): Check that the hash algo is valid
+	before getting the OID. 
+
 2006-10-04  Werner Koch  <wk@g10code.com>
 
 	* passphrase.c: Allow for a static passphrase in batch mode.

Modified: trunk/g10/seskey.c
===================================================================
--- trunk/g10/seskey.c	2006-10-04 21:23:47 UTC (rev 4288)
+++ trunk/g10/seskey.c	2006-10-05 11:06:42 UTC (rev 4289)
@@ -267,7 +267,9 @@
       byte *asn;
       size_t asnlen;
 
-      rc = gcry_md_algo_info (hash_algo, GCRYCTL_GET_ASNOID, NULL, &asnlen);
+      rc = gcry_md_test_algo (hash_algo);
+      if (!rc)
+        rc = gcry_md_algo_info (hash_algo, GCRYCTL_GET_ASNOID, NULL, &asnlen);
       if (rc)
         log_fatal ("can't get OID of algo %d: %s\n",
                    hash_algo, gpg_strerror (rc));

Modified: trunk/g10/status.c
===================================================================
--- trunk/g10/status.c	2006-10-04 21:23:47 UTC (rev 4288)
+++ trunk/g10/status.c	2006-10-05 11:06:42 UTC (rev 4289)
@@ -45,15 +45,17 @@
 
 
 static void
-progress_cb ( void *ctx, int c )
+progress_cb (void *ctx, const char *what, int printchar,
+             int current, int total)
 {
-    char buf[50];
+  char buf[50];
 
-    if ( c == '\n' )
-	sprintf ( buf, "%.20s X 100 100", (char*)ctx );
-    else
-	sprintf ( buf, "%.20s %c 0 0", (char*)ctx, c );
-    write_status_text ( STATUS_PROGRESS, buf );
+  if ( printchar == '\n' && !strcmp (what, "primegen") )
+    snprintf (buf, sizeof buf -1, "%.20s X 100 100", what );
+  else
+    snprintf (buf, sizeof buf -1, "%.20s %c %d %d",
+              what, printchar=='\n'?'X':printchar, current, total );
+  write_status_text (STATUS_PROGRESS, buf);
 }
 
 static const char *
@@ -209,10 +211,8 @@
                   fd, strerror(errno));
     }
     last_fd = fd;
-#warning Use libgrypt calls for progress indicators
-/*     register_primegen_progress ( progress_cb, "primegen" ); */
-/*     register_pk_dsa_progress ( progress_cb, "pk_dsa" ); */
-/*     register_pk_elg_progress ( progress_cb, "pk_elg" ); */
+
+    gcry_set_progress_handler ( progress_cb, NULL );
 }
 
 int

Modified: trunk/scd/app-openpgp.c
===================================================================
--- trunk/scd/app-openpgp.c	2006-10-04 21:23:47 UTC (rev 4288)
+++ trunk/scd/app-openpgp.c	2006-10-05 11:06:42 UTC (rev 4289)
@@ -1926,7 +1926,7 @@
   start_at = time (NULL);
   rc = iso7816_generate_keypair 
 #else
-#warning key generation temporary replaced by reading an existing key.
+# warning key generation temporary replaced by reading an existing key.
   rc = iso7816_read_public_key
 #endif
     (app->slot, (const unsigned char*)(keyno == 0? "\xB6" :

Modified: trunk/sm/ChangeLog
===================================================================
--- trunk/sm/ChangeLog	2006-10-04 21:23:47 UTC (rev 4288)
+++ trunk/sm/ChangeLog	2006-10-05 11:06:42 UTC (rev 4289)
@@ -1,3 +1,7 @@
+2006-10-05  Werner Koch  <wk@g10code.com>
+
+	* certcheck.c (do_encode_md): Check that the has algo is valid.
+
 2006-10-02  Marcus Brinkmann  <marcus@g10code.de>
 
 	* server.c (register_commands): New commands DUMPKEYS and

Modified: trunk/sm/certcheck.c
===================================================================
--- trunk/sm/certcheck.c	2006-10-04 21:23:47 UTC (rev 4288)
+++ trunk/sm/certcheck.c	2006-10-05 11:06:42 UTC (rev 4289)
@@ -68,6 +68,8 @@
       nframe = (nbits+7) / 8;
 
       asnlen = DIM(asn);
+      if (!algo || gcry_md_test_algo (algo))
+        return gpg_error (GPG_ERR_DIGEST_ALGO);
       if (gcry_md_algo_info (algo, GCRYCTL_GET_ASNOID, asn, &asnlen))
         {
           log_error ("no object identifier for algo %d\n", algo);


From cvs at cvs.gnupg.org  Fri Oct  6 07:46:08 2006
From: cvs at cvs.gnupg.org (svn author dshaw)
Date: Fri Oct  6 06:59:04 2006
Subject: [svn] GnuPG -  r4290 - branches/STABLE-BRANCH-1-4/g10
Message-ID: <E1GVhnX-0005IW-Fn@trithemius.gnupg.org>

Author: dshaw
Date: 2006-10-06 07:46:07 +0200 (Fri, 06 Oct 2006)
New Revision: 4290

Modified:
   branches/STABLE-BRANCH-1-4/g10/ChangeLog
   branches/STABLE-BRANCH-1-4/g10/keyserver.c
Log:
* keyserver.c (keyserver_spawn): Write the 16-digit keyid rather than
whatever key selector the user used on the command line.


Modified: branches/STABLE-BRANCH-1-4/g10/ChangeLog
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/ChangeLog	2006-10-05 11:06:42 UTC (rev 4289)
+++ branches/STABLE-BRANCH-1-4/g10/ChangeLog	2006-10-06 05:46:07 UTC (rev 4290)
@@ -1,3 +1,8 @@
+2006-10-06  David Shaw  <dshaw@jabberwocky.com>
+
+	* keyserver.c (keyserver_spawn): Write the 16-digit keyid rather
+	than whatever key selector the user used on the command line.
+
 2006-10-02  Werner Koch  <wk@g10code.com>
 
 	* encr-data.c (decrypt_data, mdc_decode_filter): Check the MDC
@@ -1792,7 +1797,7 @@
 	(verify_chv3): Removed the CHV status reread logic because we
 	won't cache the C4 DO anymore.
 
-2005-01-21  David Shaw  <dshaw@grover.jabberwocky.com>
+2005-01-21  David Shaw  <dshaw@jabberwocky.com>
 
 	* keyserver.c (free_keyserver_spec): Fix small leak.
 	(keyserver_typemap): Map https if we are supporting it.

Modified: branches/STABLE-BRANCH-1-4/g10/keyserver.c
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/keyserver.c	2006-10-05 11:06:42 UTC (rev 4289)
+++ branches/STABLE-BRANCH-1-4/g10/keyserver.c	2006-10-06 05:46:07 UTC (rev 4290)
@@ -1313,10 +1313,14 @@
 			(ulong)block->pkt->pkt.public_key->keyid[0],
 			(ulong)block->pkt->pkt.public_key->keyid[1]);
 
-		fprintf(spawn->tochild,"KEY %s BEGIN\n",key->d);
+		fprintf(spawn->tochild,"KEY %08lX%08lX BEGIN\n",
+			(ulong)block->pkt->pkt.public_key->keyid[0],
+			(ulong)block->pkt->pkt.public_key->keyid[1]);
 		fwrite(iobuf_get_temp_buffer(buffer),
 		       iobuf_get_temp_length(buffer),1,spawn->tochild);
-		fprintf(spawn->tochild,"KEY %s END\n",key->d);
+		fprintf(spawn->tochild,"KEY %08lX%08lX END\n",
+			(ulong)block->pkt->pkt.public_key->keyid[0],
+			(ulong)block->pkt->pkt.public_key->keyid[1]);
 
 		iobuf_close(buffer);
 


From cvs at cvs.gnupg.org  Fri Oct  6 07:57:53 2006
From: cvs at cvs.gnupg.org (svn author dshaw)
Date: Fri Oct  6 07:10:46 2006
Subject: [svn] GnuPG -  r4291 - trunk/g10
Message-ID: <E1GVhys-0000QQ-OB@trithemius.gnupg.org>

Author: dshaw
Date: 2006-10-06 07:57:52 +0200 (Fri, 06 Oct 2006)
New Revision: 4291

Modified:
   trunk/g10/ChangeLog
   trunk/g10/keyserver.c
Log:
* keyserver.c (keyserver_spawn): Write the 16-digit keyid rather
than whatever key selector the user used on the command line.


Modified: trunk/g10/ChangeLog
===================================================================
--- trunk/g10/ChangeLog	2006-10-06 05:46:07 UTC (rev 4290)
+++ trunk/g10/ChangeLog	2006-10-06 05:57:52 UTC (rev 4291)
@@ -1,3 +1,8 @@
+2006-10-06  David Shaw  <dshaw@jabberwocky.com>
+
+	* keyserver.c (keyserver_spawn): Write the 16-digit keyid rather
+	than whatever key selector the user used on the command line.
+
 2006-10-05  Werner Koch  <wk@g10code.com>
 
 	* status.c (progress_cb): Changed to libgcrypt API.

Modified: trunk/g10/keyserver.c
===================================================================
--- trunk/g10/keyserver.c	2006-10-06 05:46:07 UTC (rev 4290)
+++ trunk/g10/keyserver.c	2006-10-06 05:57:52 UTC (rev 4291)
@@ -1322,10 +1322,14 @@
 			(ulong)block->pkt->pkt.public_key->keyid[0],
 			(ulong)block->pkt->pkt.public_key->keyid[1]);
 
-		fprintf(spawn->tochild,"KEY %s BEGIN\n",key->d);
+		fprintf(spawn->tochild,"KEY %08lX%08lX BEGIN\n",
+			(ulong)block->pkt->pkt.public_key->keyid[0],
+			(ulong)block->pkt->pkt.public_key->keyid[1]);
 		fwrite(iobuf_get_temp_buffer(buffer),
 		       iobuf_get_temp_length(buffer),1,spawn->tochild);
-		fprintf(spawn->tochild,"KEY %s END\n",key->d);
+		fprintf(spawn->tochild,"KEY %08lX%08lX END\n",
+			(ulong)block->pkt->pkt.public_key->keyid[0],
+			(ulong)block->pkt->pkt.public_key->keyid[1]);
 
 		iobuf_close(buffer);
 


From cvs at cvs.gnupg.org  Fri Oct  6 12:58:19 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Fri Oct  6 12:11:16 2006
Subject: [svn] GnuPG -  r4292 - trunk/agent
Message-ID: <E1GVmfd-0006wX-56@trithemius.gnupg.org>

Author: wk
Date: 2006-10-06 12:58:18 +0200 (Fri, 06 Oct 2006)
New Revision: 4292

Modified:
   trunk/agent/ChangeLog
   trunk/agent/agent.h
   trunk/agent/command.c
   trunk/agent/divert-scd.c
   trunk/agent/pksign.c
Log:
Add TLS hash mode


Modified: trunk/agent/ChangeLog
===================================================================
--- trunk/agent/ChangeLog	2006-10-06 05:57:52 UTC (rev 4291)
+++ trunk/agent/ChangeLog	2006-10-06 10:58:18 UTC (rev 4292)
@@ -1,5 +1,12 @@
 2006-10-05  Werner Koch  <wk@g10code.com>
 
+	* command.c (has_option_name): New.
+	(cmd_sethash): New --hash option.
+	* pksign.c (do_encode_raw_pkcs1): New.
+	(agent_pksign_do): Use it here for the TLS algo.
+	* agent.h (GCRY_MD_USER_TLS_MD5SHA1): New.
+	* divert-scd.c (pksign): Add case for tls-md5sha1.
+	
 	* divert-scd.c (encode_md_for_card): Check that the algo is valid.
 
 2006-10-04  Werner Koch  <wk@g10code.com>

Modified: trunk/agent/agent.h
===================================================================
--- trunk/agent/agent.h	2006-10-06 05:57:52 UTC (rev 4291)
+++ trunk/agent/agent.h	2006-10-06 10:58:18 UTC (rev 4292)
@@ -36,8 +36,15 @@
 #include "../common/errors.h"
 #include "membuf.h"
 
+/* To convey some special hash algorithms we use algorithm numbers
+   reserved for application use. */
+#ifndef GCRY_MD_USER
+#define GCRY_MD_USER 1024
+#endif
+#define GCRY_MD_USER_TLS_MD5SHA1 (GCRY_MD_USER+1)
 
-#define MAX_DIGEST_LEN 24 
+/* Maximum length of a digest.  */
+#define MAX_DIGEST_LEN 36
 
 /* A large struct name "opt" to keep global flags */
 struct

Modified: trunk/agent/command.c
===================================================================
--- trunk/agent/command.c	2006-10-06 05:57:52 UTC (rev 4291)
+++ trunk/agent/command.c	2006-10-06 10:58:18 UTC (rev 4292)
@@ -136,6 +136,21 @@
   return (s && (s == line || spacep (s-1)) && (!s[n] || spacep (s+n)));
 }
 
+/* Same as has_option but does only test for the name of the option
+   and ignores an argument, i.e. with NAME being "--hash" it would
+   return true for "--hash" as well as for "--hash=foo". */
+static int
+has_option_name (const char *line, const char *name)
+{
+  const char *s;
+  int n = strlen (name);
+
+  s = strstr (line, name);
+  return (s && (s == line || spacep (s-1))
+          && (!s[n] || spacep (s+n) || s[n] == '='));
+}
+
+
 /* Skip over options.  It is assumed that leading spaces have been
    removed (this is the case for lines passed to a handler from
    assuan).  Bkanls after the options are also removed. */
@@ -455,7 +470,7 @@
 }
 
 
-/* SETHASH <algonumber> <hexstring> 
+/* SETHASH --hash=<name>|<algonumber> <hexstring> 
 
   The client can use this command to tell the server about the data
   (which usually is a hash) to be signed. */
@@ -470,12 +485,37 @@
   char *endp;
   int algo;
 
-  /* Parse the algo number and check it. */
-  algo = (int)strtoul (line, &endp, 10);
-  for (line = endp; *line == ' ' || *line == '\t'; line++)
-    ;
-  if (!algo || gcry_md_test_algo (algo))
-    return set_error (GPG_ERR_UNSUPPORTED_ALGORITHM, NULL);
+  /* Parse the alternative hash options which may be used instead of
+     the algo number.  */
+  if (has_option_name (line, "--hash"))
+    {
+      if (has_option (line, "--hash=sha1"))
+        algo = GCRY_MD_SHA1;
+      else if (has_option (line, "--hash=sha256"))
+        algo = GCRY_MD_SHA256;
+      else if (has_option (line, "--hash=rmd160"))
+        algo = GCRY_MD_RMD160;
+      else if (has_option (line, "--hash=md5"))
+        algo = GCRY_MD_MD5;
+      else if (has_option (line, "--hash=tls-md5sha1"))
+        algo = GCRY_MD_USER_TLS_MD5SHA1;
+      else
+        return set_error (GPG_ERR_ASS_PARAMETER, "invalid hash algorithm");
+    }
+  else
+    algo = 0;
+
+  line = skip_options (line);
+  
+  if (!algo)
+    {
+      /* No hash option has been given: require an algo number instead  */
+      algo = (int)strtoul (line, &endp, 10);
+      for (line = endp; *line == ' ' || *line == '\t'; line++)
+        ;
+      if (!algo || gcry_md_test_algo (algo))
+        return set_error (GPG_ERR_UNSUPPORTED_ALGORITHM, NULL);
+    }
   ctrl->digest.algo = algo;
 
   /* Parse the hash value. */
@@ -483,8 +523,11 @@
   if (rc)
     return rc;
   n /= 2;
-  if (n != 16 && n != 20 && n != 24 && n != 32)
+  if (algo == GCRY_MD_USER_TLS_MD5SHA1 && n == 36)
+    ;
+  else if (n != 16 && n != 20 && n != 24 && n != 32)
     return set_error (GPG_ERR_ASS_PARAMETER, "unsupported length of hash");
+
   if (n > MAX_DIGEST_LEN)
     return set_error (GPG_ERR_ASS_PARAMETER, "hash value to long");
 

Modified: trunk/agent/divert-scd.c
===================================================================
--- trunk/agent/divert-scd.c	2006-10-06 05:57:52 UTC (rev 4291)
+++ trunk/agent/divert-scd.c	2006-10-06 10:58:18 UTC (rev 4292)
@@ -318,26 +318,36 @@
   int rc;
   char *kid;
   size_t siglen;
-  unsigned char *sigval;
-  unsigned char *data;
-  size_t ndata;
+  unsigned char *sigval = NULL;
 
   rc = ask_for_card (ctrl, shadow_info, &kid);
   if (rc)
     return rc;
 
-  rc = encode_md_for_card (digest, digestlen, algo, 
-                           &data, &ndata);
-  if (rc)
-    return rc;
+  if (algo == GCRY_MD_USER_TLS_MD5SHA1)
+    {
+      rc = agent_card_pksign (ctrl, kid, getpin_cb, ctrl,
+                              digest, digestlen, &sigval, &siglen);
+    }
+  else
+    {
+      unsigned char *data;
+      size_t ndata;
 
-  rc = agent_card_pksign (ctrl, kid, getpin_cb, ctrl,
-                          data, ndata, &sigval, &siglen);
+      rc = encode_md_for_card (digest, digestlen, algo, &data, &ndata);
+      if (!rc)
+        {
+          rc = agent_card_pksign (ctrl, kid, getpin_cb, ctrl,
+                                  data, ndata, &sigval, &siglen);
+          xfree (data);
+        }
+    }
+
   if (!rc)
     *r_sig = sigval;
-  xfree (data);
+
   xfree (kid);
-  
+
   return rc;
 }
 

Modified: trunk/agent/pksign.c
===================================================================
--- trunk/agent/pksign.c	2006-10-06 05:57:52 UTC (rev 4291)
+++ trunk/agent/pksign.c	2006-10-06 10:58:18 UTC (rev 4292)
@@ -39,7 +39,7 @@
   gcry_sexp_t hash;
   int rc;
 
-  if (! raw_value)
+  if (!raw_value)
     {
       const char *s;
       char tmp[16+1];
@@ -55,7 +55,7 @@
 
       rc = gcry_sexp_build (&hash, NULL,
 			    "(data (flags pkcs1) (hash %s %b))",
-			    tmp, mdlen, md);
+			    tmp, (int)mdlen, md);
     }
   else
     {
@@ -77,6 +77,55 @@
 }
 
 
+/* Special version of do_encode_md to take care of pckcs#1 padding.
+   For TLS-MD5SHA1 we need to do the padding ourself as Libgrypt does
+   not know about this special scheme.  Fixme: We should have a
+   pkcs1-only-padding flag for Libgcrypt. */
+static int
+do_encode_raw_pkcs1 (const byte *md, size_t mdlen, unsigned int nbits,
+                     gcry_sexp_t *r_hash)
+{
+  int rc;
+  gcry_sexp_t hash;
+  unsigned char *frame;
+  size_t i, n, nframe;
+            
+  nframe = (nbits+7) / 8;
+  if ( !mdlen || mdlen + 8 + 4 > nframe )
+    {
+      /* Can't encode this hash into a frame of size NFRAME. */
+      return gpg_error (GPG_ERR_TOO_SHORT);
+    }
+
+  frame = xtrymalloc (nframe);
+  if (!frame)
+    return gpg_error_from_syserror ();
+  
+  /* Assemble the pkcs#1 block type 1. */
+  n = 0;
+  frame[n++] = 0;
+  frame[n++] = 1; /* Block type. */
+  i = nframe - mdlen - 3 ;
+  assert (i >= 8); /* At least 8 bytes of padding.  */
+  memset (frame+n, 0xff, i );
+  n += i;
+  frame[n++] = 0;
+  memcpy (frame+n, md, mdlen );
+  n += mdlen;
+  assert (n == nframe);
+  
+  /* Create the S-expression.  */
+  rc = gcry_sexp_build (&hash, NULL,
+                        "(data (flags raw) (value %b))",
+                        (int)nframe, frame);
+  xfree (frame);
+
+  *r_hash = hash;
+  return rc;   
+}
+
+
+
 /* SIGN whatever information we have accumulated in CTRL and return
    the signature S-Expression. */
 int
@@ -133,12 +182,18 @@
 
       gcry_sexp_t s_hash = NULL;
 
-      /* put the hash into a sexp */
-      rc = do_encode_md (ctrl->digest.value,
-                         ctrl->digest.valuelen,
-                         ctrl->digest.algo,
-                         &s_hash,
-			 ctrl->digest.raw_value);
+      /* Put the hash into a sexp */
+      if (ctrl->digest.algo == GCRY_MD_USER_TLS_MD5SHA1)
+        rc = do_encode_raw_pkcs1 (ctrl->digest.value,
+                                  ctrl->digest.valuelen,
+                                  gcry_pk_get_nbits (s_skey),
+                                  &s_hash);
+      else
+        rc = do_encode_md (ctrl->digest.value,
+                           ctrl->digest.valuelen,
+                           ctrl->digest.algo,
+                           &s_hash,
+                           ctrl->digest.raw_value);
       if (rc)
         goto leave;
 


From cvs at cvs.gnupg.org  Fri Oct  6 13:06:15 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Fri Oct  6 12:19:06 2006
Subject: [svn] GnuPG -  r4293 - trunk/agent
Message-ID: <E1GVmnH-0000c0-LA@trithemius.gnupg.org>

Author: wk
Date: 2006-10-06 13:06:15 +0200 (Fri, 06 Oct 2006)
New Revision: 4293

Modified:
   trunk/agent/ChangeLog
   trunk/agent/divert-scd.c
Log:
Make it also work for the card.


Modified: trunk/agent/ChangeLog
===================================================================
--- trunk/agent/ChangeLog	2006-10-06 10:58:18 UTC (rev 4292)
+++ trunk/agent/ChangeLog	2006-10-06 11:06:15 UTC (rev 4293)
@@ -1,3 +1,7 @@
+2006-10-06  Werner Koch  <wk@g10code.com>
+
+	* divert-scd.c (divert_pksign): Use PKAUTH for the TLS algo.
+
 2006-10-05  Werner Koch  <wk@g10code.com>
 
 	* command.c (has_option_name): New.

Modified: trunk/agent/divert-scd.c
===================================================================
--- trunk/agent/divert-scd.c	2006-10-06 10:58:18 UTC (rev 4292)
+++ trunk/agent/divert-scd.c	2006-10-06 11:06:15 UTC (rev 4293)
@@ -326,8 +326,11 @@
 
   if (algo == GCRY_MD_USER_TLS_MD5SHA1)
     {
+      int save = ctrl->use_auth_call;
+      ctrl->use_auth_call = 1;
       rc = agent_card_pksign (ctrl, kid, getpin_cb, ctrl,
                               digest, digestlen, &sigval, &siglen);
+      ctrl->use_auth_call = save;
     }
   else
     {


From cvs at cvs.gnupg.org  Mon Oct  9 13:35:36 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Mon Oct  9 13:05:58 2006
Subject: [svn] assuan - r217 - in trunk: . doc m4 src
Message-ID: <E1GWswT-0000l5-LD@trithemius.gnupg.org>

Author: wk
Date: 2006-10-09 13:35:35 +0200 (Mon, 09 Oct 2006)
New Revision: 217

Added:
   trunk/m4/gnupg-pth.m4
   trunk/src/assuan-io-pth.c
Modified:
   trunk/ChangeLog
   trunk/NEWS
   trunk/configure.ac
   trunk/doc/assuan.texi
   trunk/m4/Makefile.am
   trunk/src/ChangeLog
   trunk/src/Makefile.am
   trunk/src/assuan-io.c
   trunk/src/libassuan-config.in
   trunk/src/libassuan.m4
Log:
Splitted up into a standad lib and an pth enabled one.
Also enhanced libassuan-config and libassuan.m4.
Not really tested!


Modified: trunk/ChangeLog
===================================================================
--- trunk/ChangeLog	2006-10-04 17:52:08 UTC (rev 216)
+++ trunk/ChangeLog	2006-10-09 11:35:35 UTC (rev 217)
@@ -1,3 +1,7 @@
+2006-10-09  Werner Koch  <wk@g10code.com>
+
+	* m4/gnupg-pth.m4: New.  Taked from GnuPG.
+
 2006-10-04  Werner Koch  <wk@g10code.com>
 
 	Released 0.9.2.

Modified: trunk/NEWS
===================================================================
--- trunk/NEWS	2006-10-04 17:52:08 UTC (rev 216)
+++ trunk/NEWS	2006-10-09 11:35:35 UTC (rev 217)
@@ -1,3 +1,8 @@
+Noteworthy changes in version 0.9.3
+------------------------------------------------
+
+
+
 Noteworthy changes in version 0.9.2 (2006-10-04)
 ------------------------------------------------
 

Modified: trunk/configure.ac
===================================================================
--- trunk/configure.ac	2006-10-04 17:52:08 UTC (rev 216)
+++ trunk/configure.ac	2006-10-09 11:35:35 UTC (rev 217)
@@ -25,7 +25,7 @@
 
 # Version number: Remember to change it immediately *after* a release.
 #                 Add a "-cvs" prefix for non-released code.
-AC_INIT(libassuan, 0.9.2, gnupg-devel@gnupg.org)
+AC_INIT(libassuan, 0.9.3-cvs, gnupg-devel@gnupg.org)
 # Note, that this is not yet available as a shared library.
 
 PACKAGE=$PACKAGE_NAME
@@ -106,24 +106,39 @@
 fi
 dnl AM_CONDITIONAL(HAVE_W32_SYSTEM, test "$have_w32_system" = yes)
 
+#
+# See whether we can build a Pth enabled version
+#
+GNUPG_PATH_PTH
+AM_CONDITIONAL(HAVE_PTH, test "$have_pth" = "yes")
+
+
 # Check for network libraries.
 NETLIBS=
 AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt,
 	[NETLIBS="-lsocket"]))
 
 # For src/libassuan-config.in
-LIBASSUAN_CONFIG_LIBS="-lassuan"
+LIBASSUAN_CONFIG_LIB="-lassuan"
 LIBASSUAN_CONFIG_CFLAGS=""
+LIBASSUAN_CONFIG_API_VERSION="1"
+LIBASSUAN_CONFIG_THREAD_MODULES=
+if test "$have_pth" = yes; then
+LIBASSUAN_CONFIG_THREAD_MODULES="pth"
+fi
+LIBASSUAN_CONFIG_EXTRA_LIBS=
 if test "$have_w32_system" = yes; then
-  LIBASSUAN_CONFIG_LIBS="$LIBASSUAN_CONFIG_LIBS -lwsock32"
+  LIBASSUAN_CONFIG_EXTRA_LIBS="$LIBASSUAN_CONFIG_EXTRA_LIBS -lwsock32"
 fi
 if test x"$NETLIBS" != x; then
-  LIBASSUAN_CONFIG_LIBS="$LIBASSUAN_CONFIG_LIBS $NETLIBS"
+  LIBASSUAN_CONFIG_EXTRA_LIBS="$LIBASSUAN_CONFIG_EXTRA_LIBS $NETLIBS"
 fi
-AC_SUBST(LIBASSUAN_CONFIG_LIBS)
+AC_SUBST(LIBASSUAN_CONFIG_LIB)
 AC_SUBST(LIBASSUAN_CONFIG_CFLAGS)
+AC_SUBST(LIBASSUAN_CONFIG_API_VERSION)
+AC_SUBST(LIBASSUAN_CONFIG_THREAD_MODULES)
+AC_SUBST(LIBASSUAN_CONFIG_EXTRA_LIBS)
 
-
 # Checks for header files.
 AC_HEADER_STDC
 AC_CHECK_HEADERS([string.h locale.h sys/uio.h])

Modified: trunk/doc/assuan.texi
===================================================================
--- trunk/doc/assuan.texi	2006-10-04 17:52:08 UTC (rev 216)
+++ trunk/doc/assuan.texi	2006-10-09 11:35:35 UTC (rev 217)
@@ -507,6 +507,11 @@
 gcc -o foo foo.c $(libassuan-config --cflags --libs)
 @end example
 
+If your application uses Pth or pthread, you need to pass the option
+@option{--thread=pth} respective @option{--thread=pthread} to the
+invocation of @command{libassuan-config}.
+
+
 @node Automake
 @section Building sources using Automake
 
@@ -534,7 +539,24 @@
 LDADD = $(LIBASSUAN_LIBS)
 @end example
 
+@defmac AM_PATH_LIBASSUAN_PTH (@ovar{minimum-version}, @ovar{action-if-found}, @ovar{action-if-not-found})
+Same as @code{AM_PATH_LIBASSUAN} but checks for the GNU Pth enabled
+version of the library and defines @code{LIBASSUAN_PTH_CFLAGS}
+@code{LIBASSUAN_PTH_LIBS} instead.  Use this is you are using GNU Pth.
+Note that you also need to pass the appropriate options for Pth to the
+compiler and linker.
+@end defmac
 
+@defmac AM_PATH_LIBASSUAN_PTHREAD (@ovar{minimum-version}, @ovar{action-if-found}, @ovar{action-if-not-found})
+Same as @code{AM_PATH_LIBASSUAN} but checks for the pthreads enabled
+version of the library and defines @code{LIBASSUAN_PTHREAD_CFLAGS}
+@code{LIBASSUAN_PTHREAD_LIBS} instead.  Use this is you are using GNU Pth.
+Note that you also need to pass the appropriate options for Pth to the
+compiler and linker.
+@end defmac
+
+
+
 @node Multi Threading
 @section Multi Threading
 

Modified: trunk/m4/Makefile.am
===================================================================
--- trunk/m4/Makefile.am	2006-10-04 17:52:08 UTC (rev 216)
+++ trunk/m4/Makefile.am	2006-10-09 11:35:35 UTC (rev 217)
@@ -1 +1 @@
-EXTRA_DIST = socklen.m4 sys_socket_h.m4 onceonly.m4 autobuild.m4
+EXTRA_DIST = socklen.m4 sys_socket_h.m4 onceonly.m4 autobuild.m4 gnupg-pth.m4

Added: trunk/m4/gnupg-pth.m4
===================================================================
--- trunk/m4/gnupg-pth.m4	2006-10-04 17:52:08 UTC (rev 216)
+++ trunk/m4/gnupg-pth.m4	2006-10-09 11:35:35 UTC (rev 217)
@@ -0,0 +1,114 @@
+dnl GnuPG's check for Pth.
+dnl       Copyright (C) 2003 Free Software Foundation, Inc.
+dnl
+dnl This file is free software; as a special exception the author gives
+dnl unlimited permission to copy and/or distribute it, with or without
+dnl modifications, as long as this notice is preserved.
+dnl
+dnl This file is distributed in the hope that it will be useful, but
+dnl WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+dnl implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+
+# GNUPG_PTH_VERSION_CHECK(REQUIRED)
+# 
+# If the version is sufficient, HAVE_PTH will be set to yes.
+#
+# Taken and modified from the m4 macros which come with Pth.
+AC_DEFUN([GNUPG_PTH_VERSION_CHECK],
+  [
+    _pth_version=`$PTH_CONFIG --version | awk 'NR==1 {print [$]3}'`
+    _req_version="ifelse([$1],,1.2.0,$1)"
+
+    AC_MSG_CHECKING(for PTH - version >= $_req_version)
+    for _var in _pth_version _req_version; do
+        eval "_val=\"\$${_var}\""
+        _major=`echo $_val | sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\([[ab.]]\)\([[0-9]]*\)/\1/'`
+        _minor=`echo $_val | sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\([[ab.]]\)\([[0-9]]*\)/\2/'`
+        _rtype=`echo $_val | sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\([[ab.]]\)\([[0-9]]*\)/\3/'`
+        _micro=`echo $_val | sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\([[ab.]]\)\([[0-9]]*\)/\4/'`
+        case $_rtype in
+            "a" ) _rtype=0 ;;
+            "b" ) _rtype=1 ;;
+            "." ) _rtype=2 ;;
+        esac
+        _hex=`echo dummy | awk '{ printf("%d%02d%1d%02d", major, minor, rtype, micro); }' \
+              "major=$_major" "minor=$_minor" "rtype=$_rtype" "micro=$_micro"`
+        eval "${_var}_hex=\"\$_hex\""
+    done
+    have_pth=no
+    if test ".$_pth_version_hex" != .; then
+        if test ".$_req_version_hex" != .; then
+            if test $_pth_version_hex -ge $_req_version_hex; then
+                have_pth=yes
+            fi
+        fi
+    fi
+    if test $have_pth = yes; then
+       AC_MSG_RESULT(yes)
+       AC_MSG_CHECKING([whether PTH installation is sane])
+       AC_CACHE_VAL(gnupg_cv_pth_is_sane,[
+         _gnupg_pth_save_cflags=$CFLAGS
+         _gnupg_pth_save_ldflags=$LDFLAGS
+         _gnupg_pth_save_libs=$LIBS
+         CFLAGS="$CFLAGS `$PTH_CONFIG --cflags`"
+         LDFLAGS="$LDFLAGS `$PTH_CONFIG --ldflags`"
+         LIBS="$LIBS `$PTH_CONFIG --libs`"
+         AC_LINK_IFELSE([AC_LANG_PROGRAM([#include <pth.h>
+                                         ],
+                                         [[ pth_init ();]])],
+                        gnupg_cv_pth_is_sane=yes,
+                        gnupg_cv_pth_is_sane=no)
+         CFLAGS=$_gnupg_pth_save_cflags
+         LDFLAGS=$_gnupg_pth_save_ldflags
+         LIBS=$_gnupg_pth_save_libs
+       ])
+       if test $gnupg_cv_pth_is_sane != yes; then
+          have_pth=no
+       fi
+       AC_MSG_RESULT($gnupg_cv_pth_is_sane)
+    else
+       AC_MSG_RESULT(no)
+    fi    
+  ])
+
+
+#
+# GNUPG_PATH_PTH([MINIMUM_VERSION])
+#
+# This is a special version of the check whioch assumes that a
+# emulation for W32 systems is available. The test assumes that
+# $have_w32_system has already been set.  On return $have_pth is set
+# as well as HAVE_PTH is defined and PTH_CLFAGS and PTH_LIBS are AS_SUBST.
+#
+AC_DEFUN([GNUPG_PATH_PTH],
+[ AC_ARG_WITH(pth-prefix,
+             AC_HELP_STRING([--with-pth-prefix=PFX],
+                           [prefix where GNU Pth is installed (optional)]),
+     pth_config_prefix="$withval", pth_config_prefix="")
+  if test x$pth_config_prefix != x ; then
+     PTH_CONFIG="$pth_config_prefix/bin/pth-config"
+  fi
+  AC_PATH_PROG(PTH_CONFIG, pth-config, no)
+  tmp=ifelse([$1], ,1.3.7,$1)
+  if test "$have_w32_system" = no; then
+   if test "$PTH_CONFIG" != "no"; then
+    GNUPG_PTH_VERSION_CHECK($tmp)
+    if test $have_pth = yes; then      
+       PTH_CFLAGS=`$PTH_CONFIG --cflags`
+       PTH_LIBS=`$PTH_CONFIG --ldflags`
+       PTH_LIBS="$PTH_LIBS `$PTH_CONFIG --libs --all`"
+       AC_DEFINE(HAVE_PTH, 1,
+                [Defined if the GNU Pth is available])
+    fi
+   fi
+  else 
+   have_pth=yes
+   PTH_CFLAGS=""
+   PTH_LIBS=""
+   AC_DEFINE(HAVE_PTH, 1)
+  fi
+  AC_SUBST(PTH_CFLAGS)
+  AC_SUBST(PTH_LIBS)
+])
+

Modified: trunk/src/ChangeLog
===================================================================
--- trunk/src/ChangeLog	2006-10-04 17:52:08 UTC (rev 216)
+++ trunk/src/ChangeLog	2006-10-09 11:35:35 UTC (rev 217)
@@ -1,3 +1,12 @@
+2006-10-09  Werner Koch  <wk@g10code.com>
+
+	* assuan-io.c: Removed Pth support.
+	* assuan-io-pth.c: New. Based on assuan-io.c
+
+2006-10-06  Werner Koch  <wk@g10code.com>
+
+	* libassuan-config.in: New options --api-version and --thread.
+
 2006-10-04  Werner Koch  <wk@g10code.com>
 
 	* assuan-client.c (assuan_transact): Need to map old assuan status

Modified: trunk/src/Makefile.am
===================================================================
--- trunk/src/Makefile.am	2006-10-04 17:52:08 UTC (rev 216)
+++ trunk/src/Makefile.am	2006-10-09 11:35:35 UTC (rev 217)
@@ -24,15 +24,20 @@
 BUILT_SOURCES = assuan-errors.c
 MOSTLYCLEANFILES = assuan-errors.c
 
+if HAVE_PTH
+libassuan_pth = libassuan-pth.a
+else
+libassuan_pth = 
+endif
+
 bin_SCRIPTS = libassuan-config
 m4datadir = $(datadir)/aclocal
 m4data_DATA = libassuan.m4
-lib_LIBRARIES = libassuan.a
+lib_LIBRARIES = libassuan.a $(libassuan_pth)
 include_HEADERS = assuan.h
 
 
-#libassuan_a_LDFLAGS =
-libassuan_a_SOURCES = \
+common_sources = \
 	assuan-defs.h \
 	assuan-util.c \
 	assuan-errors.c \
@@ -47,11 +52,16 @@
 	assuan-pipe-connect.c \
 	assuan-socket-connect.c \
 	assuan-uds.c \
-	assuan-io.c \
 	assuan-logging.c \
 	assuan-socket.c
 
+libassuan_a_SOURCES = $(common_sources) assuan-io.c
 libassuan_a_LIBADD = @LIBOBJS@
 
+if HAVE_PTH
+libassuan_pth_a_SOURCES = $(common_sources) assuan-io-pth.c
+libassuan_pth_a_LIBADD = @LIBOBJS@
+endif
+
 assuan-errors.c : assuan.h mkerrors
 	$(srcdir)/mkerrors < $(srcdir)/assuan.h > assuan-errors.c

Copied: trunk/src/assuan-io-pth.c (from rev 215, trunk/src/assuan-io.c)
===================================================================
--- trunk/src/assuan-io.c	2006-10-04 17:45:47 UTC (rev 215)
+++ trunk/src/assuan-io-pth.c	2006-10-09 11:35:35 UTC (rev 217)
@@ -0,0 +1,147 @@
+/* assuan-io-pth.c - Pth version of assua-io.c.
+ *	Copyright (C) 2002, 2004, 2006 Free Software Foundation, Inc.
+ *
+ * This file is part of Assuan.
+ *
+ * Assuan is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * Assuan is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
+ * USA. 
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <sys/time.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/wait.h>
+#if HAVE_SYS_UIO_H
+# include <sys/uio.h>
+#endif
+#include <unistd.h>
+#include <errno.h>
+#ifdef HAVE_W32_SYSTEM
+# include <windows.h>
+#else
+# include <sys/wait.h>
+#endif
+#include <pth.h>
+
+#include "assuan-defs.h"
+
+
+
+#ifndef HAVE_W32_SYSTEM
+pid_t 
+_assuan_waitpid (pid_t pid, int *status, int options)
+{
+  return pth_waitpid (pid, status, options);
+}
+#endif
+
+
+ssize_t
+_assuan_simple_read (assuan_context_t ctx, void *buffer, size_t size)
+{
+#ifndef HAVE_W32_SYSTEM
+  return pth_read (ctx->inbound.fd, buffer, size);
+#else
+  return recv (ctx->inbound.fd, buffer, size, 0);
+#endif
+}
+
+ssize_t
+_assuan_simple_write (assuan_context_t ctx, const void *buffer, size_t size)
+{
+#ifndef HAVE_W32_SYSTEM
+  return pth_write (ctx->outbound.fd, buffer, size);
+#else
+  return send (ctx->outbound.fd, buffer, size, 0);
+#endif
+}
+
+
+ssize_t
+_assuan_simple_sendmsg (assuan_context_t ctx, struct msghdr *msg)
+{
+#if defined(HAVE_W32_SYSTEM)
+  return _assuan_error (ASSUAN_Not_Implemented);
+#else
+  /* Pth does not provide a sendmsg function.  Thus we implement it here.  */
+  int ret;
+  int fd = ctx->outbound.fd;
+  int fdmode;
+
+  fdmode = pth_fdmode (fd, PTH_FDMODE_POLL);
+  if (fdmode == PTH_FDMODE_ERROR)
+    {
+      errno = EBADF;
+      return -1;
+    }
+  if (fdmode == PTH_FDMODE_BLOCK)
+    {
+      fd_set fds;
+
+      FD_ZERO (&fds);
+      FD_SET (fd, &fds);
+      while ( (ret = pth_select (fd+1, NULL, &fds, NULL, NULL)) < 0
+              && errno == EINTR)
+        ;
+      if (ret < 0)
+        return -1;
+    }
+
+  while ((ret = sendmsg (fd, msg, 0)) == -1 && errno == EINTR)
+    ;
+  return ret;
+#endif
+}
+
+
+ssize_t
+_assuan_simple_recvmsg (assuan_context_t ctx, struct msghdr *msg)
+{
+#if defined(HAVE_W32_SYSTEM)
+  return _assuan_error (ASSUAN_Not_Implemented);
+#else
+  /* Pth does not provide a recvmsg function.  Thus we implement it here.  */
+  int ret;
+  int fd = ctx->inbound.fd;
+  int fdmode;
+
+  fdmode = pth_fdmode (fd, PTH_FDMODE_POLL);
+  if (fdmode == PTH_FDMODE_ERROR)
+    {
+      errno = EBADF;
+      return -1;
+    }
+  if (fdmode == PTH_FDMODE_BLOCK)
+    {
+      fd_set fds;
+
+      FD_ZERO (&fds);
+      FD_SET (fd, &fds);
+      while ( (ret = pth_select (fd+1, &fds, NULL, NULL, NULL)) < 0
+              && errno == EINTR)
+        ;
+      if (ret < 0)
+        return -1;
+    }
+
+  while ((ret = recvmsg (fd, msg, 0)) == -1 && errno == EINTR)
+    ;
+  return ret;
+#endif
+}

Modified: trunk/src/assuan-io.c
===================================================================
--- trunk/src/assuan-io.c	2006-10-04 17:52:08 UTC (rev 216)
+++ trunk/src/assuan-io.c	2006-10-09 11:35:35 UTC (rev 217)
@@ -23,6 +23,7 @@
 #include <config.h>
 #endif
 
+#include <sys/time.h>
 #include <sys/types.h>
 #include <sys/socket.h>
 #include <sys/wait.h>
@@ -39,65 +40,12 @@
 
 #include "assuan-defs.h"
 
-/* We can't include pth.h and we are not sure whether other headers
-   already included it.  This we define macros with the same
-   values. */
-#define MY_PTH_FDMODE_ERROR    (-1)
-#define MY_PTH_FDMODE_POLL     0
-#define MY_PTH_FDMODE_BLOCK    1
-#define MY_PTH_FDMODE_NONBLOCK 2
 
-
-#ifndef _ASSUAN_NO_PTH
-extern pid_t   pth_waitpid (pid_t pid, int *status, int options);
-extern ssize_t pth_read (int fd, void *buffer, size_t size);
-extern ssize_t pth_write (int fd, const void *buffer, size_t size);
-extern int     pth_fdmode (int, int);
-extern int     pth_select(int, fd_set*, fd_set*, fd_set*, struct timeval*);
-
 #ifndef HAVE_W32_SYSTEM
-#pragma weak pth_waitpid
-#pragma weak pth_read
-#pragma weak pth_write
-#pragma weak pth_fdmode
-#pragma weak pth_select
-#endif
-#endif /*!_ASSUAN_NO_PTH*/
-
-#ifndef _ASSUAN_NO_PTH
-/* Wrapper around pth_fdmode. */
-static int
-my_pth_fdmode (int fd, int mode)
-{
-  if (pth_fdmode)
-    return pth_fdmode (fd, mode);
-  else
-    return MY_PTH_FDMODE_NONBLOCK; /* This is okay, given the way we use it. */
-}
-#endif /*_ASSUAN_NO_PTH*/
-
-#ifndef _ASSUAN_NO_PTH
-/* Wrapper around pth_select. */
-static int 
-my_pth_select (int nfd, fd_set *rfds, fd_set *wfds, fd_set *efds,
-               struct timeval *timeout)
-{
-  if (pth_select)
-    return pth_select (nfd, rfds, wfds, efds, timeout);
-  else
-    return 1; /* Fake one fd ready; this is okay, given the way we use it. */
-}
-#endif /*_ASSUAN_NO_PTH*/
-
-#ifndef HAVE_W32_SYSTEM
 pid_t 
 _assuan_waitpid (pid_t pid, int *status, int options)
 {
-#ifdef _ASSUAN_NO_PTH
   return waitpid (pid, status, options);
-#else
-  return (pth_waitpid ? pth_waitpid : waitpid) (pid, status, options);
-#endif
 }
 #endif
 
@@ -105,72 +53,26 @@
 ssize_t
 _assuan_simple_read (assuan_context_t ctx, void *buffer, size_t size)
 {
-#ifdef _ASSUAN_NO_PTH
   return read (ctx->inbound.fd, buffer, size);
-#else
-# ifndef HAVE_W32_SYSTEM
-  return (pth_read ? pth_read : read) (ctx->inbound.fd, buffer, size);
-# else
-  return pth_read ? pth_read (ctx->inbound.fd, buffer, size)
-                  : recv (ctx->inbound.fd, buffer, size, 0);
-# endif
-#endif
 }
 
 ssize_t
 _assuan_simple_write (assuan_context_t ctx, const void *buffer, size_t size)
 {
-#ifdef _ASSUAN_NO_PTH
   return write (ctx->outbound.fd, buffer, size);
-#else
-# ifndef HAVE_W32_SYSTEM
-  return (pth_write ? pth_write : write) (ctx->outbound.fd, buffer, size);
-# else
-  return pth_write ? pth_write (ctx->outbound.fd, buffer, size)
-                   : send (ctx->outbound.fd, buffer, size, 0);
-# endif
-#endif
 }
 
 
 ssize_t
 _assuan_simple_sendmsg (assuan_context_t ctx, struct msghdr *msg)
 {
-#if defined(HAVE_W32_SYSTEM)
+#ifdef HAVE_W32_SYSTEM
   return _assuan_error (ASSUAN_Not_Implemented);
-#elif defined(_ASSUAN_NO_PTH)
+#else
   int ret;
   while ( (ret = sendmsg (ctx->outbound.fd, msg, 0)) == -1 && errno == EINTR)
     ;
   return ret;
-#else
-  /* Pth does not provide a sendmsg function.  Thus we implement it here.  */
-  int ret;
-  int fd = ctx->outbound.fd;
-  int fdmode;
-
-  fdmode = my_pth_fdmode (fd, MY_PTH_FDMODE_POLL);
-  if (fdmode == MY_PTH_FDMODE_ERROR)
-    {
-      errno = EBADF;
-      return -1;
-    }
-  if (fdmode == MY_PTH_FDMODE_BLOCK)
-    {
-      fd_set fds;
-
-      FD_ZERO (&fds);
-      FD_SET (fd, &fds);
-      while ( (ret = my_pth_select (fd+1, NULL, &fds, NULL, NULL)) < 0
-              && errno == EINTR)
-        ;
-      if (ret < 0)
-        return -1;
-    }
-
-  while ((ret = sendmsg (fd, msg, 0)) == -1 && errno == EINTR)
-    ;
-  return ret;
 #endif
 }
 
@@ -178,40 +80,12 @@
 ssize_t
 _assuan_simple_recvmsg (assuan_context_t ctx, struct msghdr *msg)
 {
-#if defined(HAVE_W32_SYSTEM)
+#ifdef HAVE_W32_SYSTEM
   return _assuan_error (ASSUAN_Not_Implemented);
-#elif defined(_ASSUAN_NO_PTH)
+#else
   int ret;
   while ( (ret = recvmsg (ctx->inbound.fd, msg, 0)) == -1 && errno == EINTR)
     ;
   return ret;
-#else
-  /* Pth does not provide a recvmsg function.  Thus we implement it here.  */
-  int ret;
-  int fd = ctx->inbound.fd;
-  int fdmode;
-
-  fdmode = my_pth_fdmode (fd, MY_PTH_FDMODE_POLL);
-  if (fdmode == MY_PTH_FDMODE_ERROR)
-    {
-      errno = EBADF;
-      return -1;
-    }
-  if (fdmode == MY_PTH_FDMODE_BLOCK)
-    {
-      fd_set fds;
-
-      FD_ZERO (&fds);
-      FD_SET (fd, &fds);
-      while ( (ret = my_pth_select (fd+1, &fds, NULL, NULL, NULL)) < 0
-              && errno == EINTR)
-        ;
-      if (ret < 0)
-        return -1;
-    }
-
-  while ((ret = recvmsg (fd, msg, 0)) == -1 && errno == EINTR)
-    ;
-  return ret;
 #endif
 }

Modified: trunk/src/libassuan-config.in
===================================================================
--- trunk/src/libassuan-config.in	2006-10-04 17:52:08 UTC (rev 216)
+++ trunk/src/libassuan-config.in	2006-10-09 11:35:35 UTC (rev 217)
@@ -10,8 +10,12 @@
 # implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 
 PGM=libassuan-config
-libs="@LIBASSUAN_CONFIG_LIBS@"
+lib="@LIBASSUAN_CONFIG_LIB@"
+extralibs="@LIBASSUAN_CONFIG_EXTRA_LIBS@"
 cflags="@LIBASSUAN_CONFIG_CFLAGS@"
+api_version="@LIBASSUAN_CONFIG_API_VERSION@"
+all_thread_modules="@LIBASSUAN_CONFIG_THREAD_MODULES@"
+thread_module=
 prefix=@prefix@
 exec_prefix=@exec_prefix@
 includes=""
@@ -22,12 +26,18 @@
 echo_prefix=no
 echo_exec_prefix=no
 
+if test x"$all_thread_modules" = x; then
+  all_thread_modules="none pthread"
+else
+  all_thread_modules="none pthread $all_thread_modules"
+fi
 
 usage()
 {
 	cat <<EOF
 Usage: $PGM [OPTIONS]
 Options:
+	[--thread={`echo "${all_thread_modules}" | sed 's/ /|/g'`}]
 	[--prefix[=DIR]]
 	[--exec-prefix[=DIR]]
 	[--version]
@@ -38,7 +48,7 @@
 }
 
 if test $# -eq 0; then
-	usage 1 1>&2
+  usage 1 1>&2
 fi
 
 while test $# -gt 0; do
@@ -64,6 +74,25 @@
       echo "@VERSION@"
       exit 0
       ;;
+    --api-version)
+      echo_api_version=yes
+      ;;
+    --thread=*)
+      for mod in $all_thread_modules; do
+	if test "$mod" = "$optarg"; then
+           thread_module="-$mod"
+	fi
+      done
+      if test "x$thread_module" = "x"; then
+	usage 1 1>&2
+      fi
+      if test "$thread_module" = "-none"; then
+        thread_module=""
+      fi
+      if test "$thread_module" = "-pthread"; then
+        thread_module=""
+      fi
+      ;;
     --cflags)
       echo_cflags=yes
       ;;
@@ -85,6 +114,11 @@
     echo $exec_prefix
 fi
 
+if test "$echo_api_version" = "yes"; then
+    echo $api_version
+fi
+
+
 if test "$echo_cflags" = "yes"; then
     if test "@includedir@" != "/usr/include" ; then
       includes="-I@includedir@"
@@ -100,11 +134,11 @@
 if test "$echo_libs" = "yes"; then
     if test "@libdir@" != "/usr/lib" ; then
       libdirs="-L@libdir@"
-      for i in $libs ; do
+      for i in $lib $extralibs ; do
 	if test "$i" = "-L@libdir@" ; then
 	  libdirs=""
 	fi
       done
     fi
-    echo $libdirs $libs
+    echo $libdirs $lib${thread_module} $extralibs
 fi

Modified: trunk/src/libassuan.m4
===================================================================
--- trunk/src/libassuan.m4	2006-10-04 17:52:08 UTC (rev 216)
+++ trunk/src/libassuan.m4	2006-10-09 11:35:35 UTC (rev 217)
@@ -9,68 +9,152 @@
 dnl WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
 dnl implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 
-
-dnl AM_PATH_LIBASSUAN([MINIMUM-VERSION,
-dnl                   [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND ]]])
-dnl Test for libassuan and define LIBASSUAN_CFLAGS and LIBASSUAN_LIBS
 dnl
-AC_DEFUN([AM_PATH_LIBASSUAN],
+dnl Common code used for libassuan detection [internal]
+dnl Returns ok set to yes or no.
+dnl
+AC_DEFUN([_AM_PATH_LIBASSUAN_COMMON],
 [ AC_ARG_WITH(libassuan-prefix,
-            AC_HELP_STRING([--with-libassuan-prefix=PFX],
-                           [prefix where LIBASSUAN is installed (optional)]),
+              AC_HELP_STRING([--with-libassuan-prefix=PFX],
+                             [prefix where LIBASSUAN is installed (optional)]),
      libassuan_config_prefix="$withval", libassuan_config_prefix="")
   if test x$libassuan_config_prefix != x ; then
-     libassuan_config_args="$libassuan_config_args --prefix=$libassuan_config_prefix"
-     if test x${LIBASSUAN_CONFIG+set} != xset ; then
-        LIBASSUAN_CONFIG=$libassuan_config_prefix/bin/libassuan-config
-     fi
+    libassuan_config_args="$libassuan_config_args --prefix=$libassuan_config_prefix"
+    if test x${LIBASSUAN_CONFIG+set} != xset ; then
+      LIBASSUAN_CONFIG=$libassuan_config_prefix/bin/libassuan-config
+    fi
   fi
+  AC_PATH_PROG(LIBASSUAN_CONFIG, libassuan-config, no)
 
-  AC_PATH_PROG(LIBASSUAN_CONFIG, libassuan-config, no)
-  min_libassuan_version=ifelse([$1], ,0.0.1,$1)
-  AC_MSG_CHECKING(for LIBASSUAN - version >= $min_libassuan_version)
+  tmp=ifelse([$1], ,1:0.9.2,$1)
+  if echo "$tmp" | grep ':' >/dev/null 2>/dev/null ; then
+    req_libassuan_api=`echo "$tmp"     | sed 's/\(.*\):\(.*\)/\1/'`
+    min_libassuan_version=`echo "$tmp" | sed 's/\(.*\):\(.*\)/\2/'`
+  else
+    req_libassuan_api=0
+    min_libassuan_version="$tmp"
+  fi
+
+  if test "$LIBASSUAN_CONFIG" != "no" ; then
+    libassuan_version=`$LIBASSUAN_CONFIG --version`
+  fi
+  libassuan_version_major=`echo $libassuan_version | \
+               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\1/'`
+  libassuan_version_minor=`echo $libassuan_version | \
+               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\2/'`
+  libassuan_version_micro=`echo $libassuan_version | \
+               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\3/'`
+
+  AC_MSG_CHECKING(for LIBASSUAN ifelse([$2], ,,[$2 ])- version >= $min_libassuan_version)
   ok=no
   if test "$LIBASSUAN_CONFIG" != "no" ; then
+    ifelse([$2], ,,[if `$LIBASSUAN_CONFIG --thread=$2 2> /dev/null` ; then])
     req_major=`echo $min_libassuan_version | \
                sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\1/'`
     req_minor=`echo $min_libassuan_version | \
                sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\2/'`
     req_micro=`echo $min_libassuan_version | \
                sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\3/'`
-    libassuan_config_version=`$LIBASSUAN_CONFIG $libassuan_config_args --version`
-    major=`echo $libassuan_config_version | \
-               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\1/'`
-    minor=`echo $libassuan_config_version | \
-               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\2/'`
-    micro=`echo $libassuan_config_version | \
-               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\3/'`
-    if test "$major" -gt "$req_major"; then
+    if test "$libassuan_version_major" -gt "$req_major"; then
         ok=yes
     else 
-        if test "$major" -eq "$req_major"; then
-            if test "$minor" -gt "$req_minor"; then
+        if test "$libassuan_version_major" -eq "$req_major"; then
+            if test "$libassuan_version_minor" -gt "$req_minor"; then
                ok=yes
             else
-               if test "$minor" -eq "$req_minor"; then
-                   if test "$micro" -ge "$req_micro"; then
+               if test "$libassuan_version_minor" -eq "$req_minor"; then
+                   if test "$libassuan_version_micro" -ge "$req_micro"; then
                      ok=yes
                    fi
                fi
             fi
         fi
     fi
+    ifelse([$2], ,,[fi])
   fi
+
   if test $ok = yes; then
+    AC_MSG_RESULT(yes)
+  else
+    AC_MSG_RESULT(no)
+  fi
+
+  if test $ok = yes; then
+    if test "$req_libassuan_api" -gt 0 ; then
+      tmp=`$LIBASSUAN_CONFIG --api-version 2>/dev/null || echo 0`
+      if test "$tmp" -gt 0 ; then
+        AC_MSG_CHECKING([LIBASSUAN ifelse([$2], ,,[$2 ])API version])
+        if test "$req_libassuan_api" -eq "$tmp" ; then
+          AC_MSG_RESULT(okay)
+        else
+          ok=no
+          AC_MSG_RESULT([does not match.  want=$req_libassuan_api got=$tmp.])
+        fi
+      fi
+    fi
+  fi
+
+])
+
+
+
+dnl AM_PATH_LIBASSUAN([MINIMUM-VERSION,
+dnl                   [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND ]]])
+dnl Test for libassuan and define LIBASSUAN_CFLAGS and LIBASSUAN_LIBS
+dnl
+AC_DEFUN([AM_PATH_LIBASSUAN],
+[ _AM_PATH_LIBASSUAN_COMMON($1)
+  if test $ok = yes; then
     LIBASSUAN_CFLAGS=`$LIBASSUAN_CONFIG $libassuan_config_args --cflags`
     LIBASSUAN_LIBS=`$LIBASSUAN_CONFIG $libassuan_config_args --libs`
-    AC_MSG_RESULT(yes)
     ifelse([$2], , :, [$2])
   else
     LIBASSUAN_CFLAGS=""
     LIBASSUAN_LIBS=""
-    AC_MSG_RESULT(no)
     ifelse([$3], , :, [$3])
   fi
   AC_SUBST(LIBASSUAN_CFLAGS)
   AC_SUBST(LIBASSUAN_LIBS)
 ])
+
+
+dnl AM_PATH_LIBASSUAN_PTH([MINIMUM-VERSION,
+dnl                      [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND ]]])
+dnl Test for libassuan and define LIBASSUAN_PTH_CFLAGSand LIBASSUAN_PTH_LIBS
+dnl
+AC_DEFUN([AM_PATH_LIBASSUAN_PTH],
+[ _AM_PATH_LIBASSUAN_COMMON($1,pth)
+  if test $ok = yes; then
+    LIBASSUAN_PTH_CFLAGS=`$LIBASSUAN_CONFIG $libassuan_config_args --cflags`
+    LIBASSUAN_PTH_LIBS=`$LIBASSUAN_CONFIG $libassuan_config_args --libs`
+    ifelse([$2], , :, [$2])
+  else
+    LIBASSUAN_PTH_CFLAGS=""
+    LIBASSUAN_PTH_LIBS=""
+    ifelse([$3], , :, [$3])
+  fi
+  AC_SUBST(LIBASSUAN_PTH_CFLAGS)
+  AC_SUBST(LIBASSUAN_PTH_LIBS)
+])
+
+
+dnl AM_PATH_LIBASSUAN_PTHREAD([MINIMUM-VERSION,
+dnl                           [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND ]]])
+dnl Test for libassuan and define LIBASSUAN_PTHREAD_CFLAGS 
+dnl                           and LIBASSUAN_PTHREAD_LIBS
+dnl
+AC_DEFUN([AM_PATH_LIBASSUAN_PTHREAD],
+[ _AM_PATH_LIBASSUAN_COMMON($1,pth)
+  if test $ok = yes; then
+    LIBASSUAN_PTHREAD_CFLAGS=`$LIBASSUAN_CONFIG $libassuan_config_args --cflags`
+    LIBASSUAN_PTHREAD_LIBS=`$LIBASSUAN_CONFIG $libassuan_config_args --libs`
+    ifelse([$2], , :, [$2])
+  else
+    LIBASSUAN_PTHREAD_CFLAGS=""
+    LIBASSUAN_PTHREAD_LIBS=""
+    ifelse([$3], , :, [$3])
+  fi
+  AC_SUBST(LIBASSUAN_PTHREAD_CFLAGS)
+  AC_SUBST(LIBASSUAN_PTHREAD_LIBS)
+])
+


From cvs at cvs.gnupg.org  Tue Oct 10 12:47:05 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Tue Oct 10 12:16:40 2006
Subject: [svn] assuan - r218 - in trunk: . doc src tests
Message-ID: <E1GXEeu-0002GL-U7@trithemius.gnupg.org>

Author: wk
Date: 2006-10-10 12:47:04 +0200 (Tue, 10 Oct 2006)
New Revision: 218

Modified:
   trunk/ChangeLog
   trunk/NEWS
   trunk/README
   trunk/THANKS
   trunk/configure.ac
   trunk/doc/assuan.texi
   trunk/src/ChangeLog
   trunk/src/assuan-buffer.c
   trunk/src/assuan-defs.h
   trunk/src/assuan-handler.c
   trunk/src/assuan-io.c
   trunk/src/assuan-uds.c
   trunk/tests/Makefile.am
Log:
portability fixes


Modified: trunk/ChangeLog
===================================================================
--- trunk/ChangeLog	2006-10-09 11:35:35 UTC (rev 217)
+++ trunk/ChangeLog	2006-10-10 10:47:04 UTC (rev 218)
@@ -1,3 +1,12 @@
+2006-10-10  Werner Koch  <wk@g10code.com>
+
+	Released 0.9.3.
+
+	* tests/Makefile.am (LDADD): Add NETLIBS.
+
+	* configure.ac: Check for cmsghdr.
+	(USE_DESCRIPTOR_PASSING): Define it then.
+
 2006-10-09  Werner Koch  <wk@g10code.com>
 
 	* m4/gnupg-pth.m4: New.  Taked from GnuPG.

Modified: trunk/NEWS
===================================================================
--- trunk/NEWS	2006-10-09 11:35:35 UTC (rev 217)
+++ trunk/NEWS	2006-10-10 10:47:04 UTC (rev 218)
@@ -1,8 +1,17 @@
-Noteworthy changes in version 0.9.3
+Noteworthy changes in version 0.9.3 (2006-10-10)
 ------------------------------------------------
 
+ * Portability fixes.
 
+ * Pth is not anymore linked by means of weak symbol tricks.  It is
+   now required to link to the pth version of libassuan.  New aufoconf
+   macros are provided to to check for this.  The pth version is only
+   build if Pth is available.
 
+ * configure does now check that descripotor passing is available.  A
+   way to check at runtime for this is also provided
+
+
 Noteworthy changes in version 0.9.2 (2006-10-04)
 ------------------------------------------------
 

Modified: trunk/README
===================================================================
--- trunk/README	2006-10-09 11:35:35 UTC (rev 217)
+++ trunk/README	2006-10-10 10:47:04 UTC (rev 218)
@@ -13,3 +13,4 @@
 
 
 
+

Modified: trunk/THANKS
===================================================================
--- trunk/THANKS	2006-10-09 11:35:35 UTC (rev 217)
+++ trunk/THANKS	2006-10-10 10:47:04 UTC (rev 218)
@@ -1,7 +1,10 @@
 
+Alain Guibert             alguibert+gpd at free.fr
 Marc Mutz                 mutz at kde.org
 Michael Nottebrock        michaelnottebrock at gmx.net
+Nelson H. F. Beebe        beebe at math dot utah dot edu
 Ville Skytt?              ville.skytta@iki.fi
 
 
 
+

Modified: trunk/configure.ac
===================================================================
--- trunk/configure.ac	2006-10-09 11:35:35 UTC (rev 217)
+++ trunk/configure.ac	2006-10-10 10:47:04 UTC (rev 218)
@@ -25,7 +25,7 @@
 
 # Version number: Remember to change it immediately *after* a release.
 #                 Add a "-cvs" prefix for non-released code.
-AC_INIT(libassuan, 0.9.3-cvs, gnupg-devel@gnupg.org)
+AC_INIT(libassuan, 0.9.3, gnupg-devel@gnupg.org)
 # Note, that this is not yet available as a shared library.
 
 PACKAGE=$PACKAGE_NAME
@@ -113,10 +113,10 @@
 AM_CONDITIONAL(HAVE_PTH, test "$have_pth" = "yes")
 
 
-# Check for network libraries.
-NETLIBS=
+# Check for network libraries.  They are needed for tests.
 AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt,
-	[NETLIBS="-lsocket"]))
+	[NETLIBS="-lsocket $NETLIBS"]))
+AC_SUBST(NETLIBS)
 
 # For src/libassuan-config.in
 LIBASSUAN_CONFIG_LIB="-lassuan"
@@ -152,7 +152,32 @@
 
 gl_TYPE_SOCKLEN_T
 
+AC_CHECK_MEMBER(struct cmsghdr.cmsg_len,
+                [use_descriptor_passing=yes],
+                [use_descriptor_passing=no
+                 AC_MSG_WARN([
+***
+*** Data structure for sending ancillary data missing.
+*** Descriptor passing won't work.
+***])],[
+#include <stdlib.h>
+#include <stddef.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/un.h>
+#if HAVE_SYS_UIO_H
+#include <sys/uio.h>
+#endif
+#include <unistd.h>
+       ])
+if test "$use_descriptor_passing" = "yes"; then
+ AC_DEFINE(USE_DESCRIPTOR_PASSING, 1,
+            [Defined if descriptor passing is supported])
+fi
+AM_CONDITIONAL(USE_DESCRIPTOR_PASSING, test "$use_descriptor_passing" = "yes")
 
+
 # Checks for library functions.
 
 AC_CHECK_FUNCS(flockfile funlockfile)

Modified: trunk/doc/assuan.texi
===================================================================
--- trunk/doc/assuan.texi	2006-10-09 11:35:35 UTC (rev 217)
+++ trunk/doc/assuan.texi	2006-10-10 10:47:04 UTC (rev 218)
@@ -769,6 +769,12 @@
    trigger is sent (normally via assuan_write_line ("INPUT FD")).  */
 @anchor{fun-assuan_sendfd}
 assuan_error_t assuan_sendfd (assuan_context_t ctx, int fd);
+
+Note, that calling this with a @var{ctx} of @code{NULL} and @var{fd} of
+@code{-1} is a valid runtime test to check whether descripor passing is
+available.
+
+@anchor{fun-assuan_receivedfd}
 assuan_error_t assuan_receivefd (assuan_context_t ctx, int *fd);
 
 

Modified: trunk/src/ChangeLog
===================================================================
--- trunk/src/ChangeLog	2006-10-09 11:35:35 UTC (rev 217)
+++ trunk/src/ChangeLog	2006-10-10 10:47:04 UTC (rev 218)
@@ -1,5 +1,17 @@
+2006-10-10  Werner Koch  <wk@g10code.com>
+
+	* assuan-buffer.c (assuan_sendfd): Implement a runtime detection
+	of implemented descripotr passing.
+
+	* assuan-uds.c: Take care of USE_DESCRIPTOR_PASSING.
+
+	* assuan-defs.h: Add missing semicolon.
+
 2006-10-09  Werner Koch  <wk@g10code.com>
 
+	* assuan-handler.c (process_request): Use weak pragma for the sake
+	of old gcc's.  Reported by Alain Guibert.
+
 	* assuan-io.c: Removed Pth support.
 	* assuan-io-pth.c: New. Based on assuan-io.c
 

Modified: trunk/src/assuan-buffer.c
===================================================================
--- trunk/src/assuan-buffer.c	2006-10-09 11:35:35 UTC (rev 217)
+++ trunk/src/assuan-buffer.c	2006-10-10 10:47:04 UTC (rev 218)
@@ -490,6 +490,15 @@
 assuan_error_t
 assuan_sendfd (assuan_context_t ctx, int fd)
 {
+  /* It is explicitly allowed to use (NULL, -1) as a runtime test to
+     check whether descriptor passing is available. */
+  if (!ctx && fd == -1)
+#ifdef USE_DESCRIPTOR_PASSING
+    return 0;
+#else
+    return _assuan_error (ASSUAN_Not_Implemented);
+#endif
+
   if (! ctx->io->sendfd)
     return set_error (ctx, Not_Implemented,
 		      "server does not support sending and receiving "

Modified: trunk/src/assuan-defs.h
===================================================================
--- trunk/src/assuan-defs.h	2006-10-09 11:35:35 UTC (rev 217)
+++ trunk/src/assuan-defs.h	2006-10-10 10:47:04 UTC (rev 218)
@@ -299,7 +299,7 @@
 int setenv (const char *name, const char *value, int replace);
 #endif
 #ifndef HAVE_PUTC_UNLOCKED
-int putc_unlocked (int c, FILE *stream)
+int putc_unlocked (int c, FILE *stream);
 #endif
 
 #define DIM(v)		     (sizeof(v)/sizeof((v)[0]))

Modified: trunk/src/assuan-handler.c
===================================================================
--- trunk/src/assuan-handler.c	2006-10-09 11:35:35 UTC (rev 217)
+++ trunk/src/assuan-handler.c	2006-10-10 10:47:04 UTC (rev 218)
@@ -506,14 +506,20 @@
              problem if they are not available.  We need to make sure
              that we are using ELF because only this guarantees that
              weak symbol support is available in case GNU ld is not
-             used. */
+             used.  It seems that old gcc versions don't implement the
+             weak attribute properly but it works with the weak
+             pragma. */
+
           unsigned int source, code;
 
           int gpg_strerror_r (unsigned int err, char *buf, size_t buflen)
             __attribute__ ((weak));
-
           const char *gpg_strsource (unsigned int err)
             __attribute__ ((weak));
+#if !defined(HAVE_W32_SYSTEM) && __GNUC__ < 3
+#pragma weak gpg_strerror_r
+#pragma weak gpg_strsource
+#endif
 
           source = ((rc >> 24) & 0xff);
           code = (rc & 0x00ffffff);

Modified: trunk/src/assuan-io.c
===================================================================
--- trunk/src/assuan-io.c	2006-10-09 11:35:35 UTC (rev 217)
+++ trunk/src/assuan-io.c	2006-10-10 10:47:04 UTC (rev 218)
@@ -26,10 +26,6 @@
 #include <sys/time.h>
 #include <sys/types.h>
 #include <sys/socket.h>
-#include <sys/wait.h>
-#if HAVE_SYS_UIO_H
-# include <sys/uio.h>
-#endif
 #include <unistd.h>
 #include <errno.h>
 #ifdef HAVE_W32_SYSTEM

Modified: trunk/src/assuan-uds.c
===================================================================
--- trunk/src/assuan-uds.c	2006-10-09 11:35:35 UTC (rev 217)
+++ trunk/src/assuan-uds.c	2006-10-10 10:47:04 UTC (rev 218)
@@ -44,7 +44,27 @@
 
 #include "assuan-defs.h"
 
+#ifdef USE_DESCRIPTOR_PASSING
+/* Provide replacement for missing CMSG maccros.  We assume that
+   size_t matches the alignment requirement. */
+#define MY_ALIGN(n) ((((n))+ sizeof(size_t)-1) & (size_t)~(sizeof(size_t)-1))
+#ifndef CMSG_SPACE
+#define CMSG_SPACE(n) (MY_ALIGN(sizeof(struct cmsghdr)) + MY_ALIGN((n)))
+#endif 
+#ifndef CMSG_LEN
+#define CMSG_LEN(n) (MY_ALIGN(sizeof(struct cmsghdr)) + (n))
+#endif 
+#ifndef CMSG_FIRSTHDR
+#define CMSG_FIRSTHDR(mhdr) \
+  ((size_t)(mhdr)->msg_controllen >= sizeof (struct cmsghdr)		      \
+   ? (struct cmsghdr*) (mhdr)->msg_control : (struct cmsghdr*)NULL)
+#endif
+#ifndef CMSG_DATA
+#define CMSG_DATA(cmsg) ((unsigned char*)((struct cmsghdr*)(cmsg)+1))
+#endif
+#endif /*USE_DESCRIPTOR_PASSING*/
 
+
 /* Read from a unix domain socket using sendmsg. 
 
    FIXME: We don't need the buffering. It is a leftover from the time
@@ -55,7 +75,6 @@
   int len = ctx->uds.buffersize;
 
 #ifndef HAVE_W32_SYSTEM
-
   if (!ctx->uds.bufferallocated)
     {
       ctx->uds.buffer = xtrymalloc (2048);
@@ -68,11 +87,13 @@
     {
       struct msghdr msg;
       struct iovec iovec;
+#ifdef USE_DESCRIPTOR_PASSING
       union {
         struct cmsghdr cm;
         char control[CMSG_SPACE(sizeof (int))];
       } control_u;
       struct cmsghdr *cmptr;
+#endif /*USE_DESCRIPTOR_PASSING*/
 
       memset (&msg, 0, sizeof (msg));
 
@@ -82,8 +103,10 @@
       msg.msg_iovlen = 1;
       iovec.iov_base = ctx->uds.buffer;
       iovec.iov_len = ctx->uds.bufferallocated;
+#ifdef USE_DESCRIPTOR_PASSING
       msg.msg_control = control_u.control;
       msg.msg_controllen = sizeof (control_u.control);
+#endif
 
       len = _assuan_simple_recvmsg (ctx, &msg);
       if (len < 0)
@@ -92,6 +115,7 @@
       ctx->uds.buffersize = len;
       ctx->uds.bufferoffset = 0;
 
+#ifdef USE_DESCRIPTOR_PASSING
       cmptr = CMSG_FIRSTHDR (&msg);
       if (cmptr && cmptr->cmsg_len == CMSG_LEN (sizeof(int)))
         {
@@ -112,9 +136,13 @@
                 ctx->uds.pendingfds[ctx->uds.pendingfdscount++] = fd;
             }
 	}
+#endif /*USE_DESCRIPTOR_PASSING*/
     }
+
 #else /*HAVE_W32_SYSTEM*/
+
   len = recvfrom (ctx->inbound.fd, buf, buflen, 0, NULL, NULL);
+
 #endif /*HAVE_W32_SYSTEM*/
 
   /* Return some data to the user.  */
@@ -149,8 +177,6 @@
   msg.msg_iov = &iovec;
   iovec.iov_base = (void*)buf;
   iovec.iov_len = buflen;
-  msg.msg_control = 0;
-  msg.msg_controllen = 0;
 
   len = _assuan_simple_sendmsg (ctx, &msg);
 #else /*HAVE_W32_SYSTEM*/
@@ -167,7 +193,7 @@
 static assuan_error_t
 uds_sendfd (assuan_context_t ctx, int fd)
 {
-#ifndef HAVE_W32_SYSTEM
+#ifdef USE_DESCRIPTOR_PASSING
   struct msghdr msg;
   struct iovec iovec;
   union {
@@ -217,7 +243,7 @@
 static assuan_error_t
 uds_receivefd (assuan_context_t ctx, int *fd)
 {
-#ifndef HAVE_W32_SYSTEM
+#ifdef USE_DESCRIPTOR_PASSING
   int i;
 
   if (!ctx->uds.pendingfdscount)

Modified: trunk/tests/Makefile.am
===================================================================
--- trunk/tests/Makefile.am	2006-10-09 11:35:35 UTC (rev 217)
+++ trunk/tests/Makefile.am	2006-10-10 10:47:04 UTC (rev 218)
@@ -27,11 +27,15 @@
 BUILT_SOURCES = 
 CLEANFILES = 
 
-TESTS = fdpassing
+TESTS =
 
+if USE_DESCRIPTOR_PASSING
+TESTS += fdpassing
+endif
+
 AM_CFLAGS = # $(GPG_ERROR_CFLAGS)
 
 noinst_HEADERS = common.h
 noinst_PROGRAMS = $(TESTS)
-LDADD =  ../src/libassuan.a  # $(GPG_ERROR_LIBS)
+LDADD =  ../src/libassuan.a  $(NETLIBS) # $(GPG_ERROR_LIBS)
 


From cvs at cvs.gnupg.org  Tue Oct 10 12:53:06 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Tue Oct 10 12:22:27 2006
Subject: [svn] assuan - r219 - tags
Message-ID: <E1GXEkh-0004eH-Uf@trithemius.gnupg.org>

Author: wk
Date: 2006-10-10 12:53:05 +0200 (Tue, 10 Oct 2006)
New Revision: 219

Added:
   tags/libassuan-0.9.3/
Log:


From cvs at cvs.gnupg.org  Tue Oct 10 13:11:20 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Tue Oct 10 12:40:53 2006
Subject: [svn] GnuPG - r4294 - in trunk: . agent common doc g10 m4 po scd sm
	tools
Message-ID: <E1GXF2P-000129-Nu@trithemius.gnupg.org>

Author: wk
Date: 2006-10-10 13:11:04 +0200 (Tue, 10 Oct 2006)
New Revision: 4294

Added:
   trunk/m4/gnupg-pth.m4
Modified:
   trunk/ChangeLog
   trunk/TODO
   trunk/acinclude.m4
   trunk/agent/ChangeLog
   trunk/agent/Makefile.am
   trunk/common/ChangeLog
   trunk/common/Makefile.am
   trunk/common/gpgrlhelp.c
   trunk/common/util.h
   trunk/configure.ac
   trunk/doc/gpg-agent.texi
   trunk/doc/instguide.texi
   trunk/doc/sysnotes.texi
   trunk/g10/ChangeLog
   trunk/g10/Makefile.am
   trunk/g10/gpgv.c
   trunk/g10/keyedit.c
   trunk/m4/ChangeLog
   trunk/m4/Makefile.am
   trunk/m4/libassuan.m4
   trunk/po/be.po
   trunk/po/ca.po
   trunk/po/cs.po
   trunk/po/da.po
   trunk/po/de.po
   trunk/po/el.po
   trunk/po/eo.po
   trunk/po/es.po
   trunk/po/et.po
   trunk/po/fi.po
   trunk/po/fr.po
   trunk/po/gl.po
   trunk/po/hu.po
   trunk/po/id.po
   trunk/po/it.po
   trunk/po/ja.po
   trunk/po/nb.po
   trunk/po/pl.po
   trunk/po/pt.po
   trunk/po/pt_BR.po
   trunk/po/ro.po
   trunk/po/ru.po
   trunk/po/sk.po
   trunk/po/sv.po
   trunk/po/tr.po
   trunk/po/zh_CN.po
   trunk/po/zh_TW.po
   trunk/scd/ChangeLog
   trunk/scd/Makefile.am
   trunk/scd/app-p15.c
   trunk/scd/scdaemon.h
   trunk/sm/ChangeLog
   trunk/sm/Makefile.am
   trunk/tools/ChangeLog
   trunk/tools/Makefile.am
Log:
Various changes


Modified: trunk/ChangeLog
===================================================================
--- trunk/ChangeLog	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/ChangeLog	2006-10-10 11:11:04 UTC (rev 4294)
@@ -1,3 +1,11 @@
+2006-10-09  Werner Koch  <wk@g10code.com>
+
+	* acinclude.m4: Moved pth check to m4/gnupg-pth.m4.
+
+2006-10-06  Werner Koch  <wk@g10code.com>
+
+	* configure.ac: Also check for libassuan's pth version.
+
 2006-10-04  Werner Koch  <wk@g10code.com>
 
 	Released 1.9.91.

Modified: trunk/TODO
===================================================================
--- trunk/TODO	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/TODO	2006-10-10 11:11:04 UTC (rev 4294)
@@ -68,6 +68,10 @@
  Needs to be integrated with the status file update, though.  It is
  not a real problem because application will get a card removed status
  and should the send a reset to try solving the problem.
+** app-p15.c:do_auth
+  We assume SHA1 here.  However we should also allow for TLS-MD5SHA1.
+  To properly inplement this we need to extend the inetrnal API.  A
+  simple workaround by looking at the digest size if possible.
 
 ** Add a test to check the extkeyusage.
 
@@ -99,8 +103,9 @@
 ** g10/ Replace DIGEST_ALGO_SHA224
    We can't do that right now because it is only defined by newer
    versions of libgcrypt. 
+** GCRY_MD_USER
+   Remove these definitions.
 
-
 * Extend selinux support to other modules
 
 * Remove -sat PGP2 compatibility hack

Modified: trunk/acinclude.m4
===================================================================
--- trunk/acinclude.m4	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/acinclude.m4	2006-10-10 11:11:04 UTC (rev 4294)
@@ -186,71 +186,7 @@
 
 
 
-# GNUPG_PTH_VERSION_CHECK(REQUIRED)
-# 
-# If the version is sufficient, HAVE_PTH will be set to yes.
-#
-# Taken form the m4 macros which come with Pth
-AC_DEFUN([GNUPG_PTH_VERSION_CHECK],
-  [
-    _pth_version=`$PTH_CONFIG --version | awk 'NR==1 {print [$]3}'`
-    _req_version="ifelse([$1],,1.2.0,$1)"
 
-    AC_MSG_CHECKING(for PTH - version >= $_req_version)
-    for _var in _pth_version _req_version; do
-        eval "_val=\"\$${_var}\""
-        _major=`echo $_val | sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\([[ab.]]\)\([[0-9]]*\)/\1/'`
-        _minor=`echo $_val | sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\([[ab.]]\)\([[0-9]]*\)/\2/'`
-        _rtype=`echo $_val | sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\([[ab.]]\)\([[0-9]]*\)/\3/'`
-        _micro=`echo $_val | sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\([[ab.]]\)\([[0-9]]*\)/\4/'`
-        case $_rtype in
-            "a" ) _rtype=0 ;;
-            "b" ) _rtype=1 ;;
-            "." ) _rtype=2 ;;
-        esac
-        _hex=`echo dummy | awk '{ printf("%d%02d%1d%02d", major, minor, rtype, micro); }' \
-              "major=$_major" "minor=$_minor" "rtype=$_rtype" "micro=$_micro"`
-        eval "${_var}_hex=\"\$_hex\""
-    done
-    have_pth=no
-    if test ".$_pth_version_hex" != .; then
-        if test ".$_req_version_hex" != .; then
-            if test $_pth_version_hex -ge $_req_version_hex; then
-                have_pth=yes
-            fi
-        fi
-    fi
-    if test $have_pth = yes; then
-       AC_MSG_RESULT(yes)
-       AC_MSG_CHECKING([whether PTH installation is sane])
-       AC_CACHE_VAL(gnupg_cv_pth_is_sane,[
-         _gnupg_pth_save_cflags=$CFLAGS
-         _gnupg_pth_save_ldflags=$LDFLAGS
-         _gnupg_pth_save_libs=$LIBS
-         CFLAGS="$CFLAGS `$PTH_CONFIG --cflags`"
-         LDFLAGS="$LDFLAGS `$PTH_CONFIG --ldflags`"
-         LIBS="$LIBS `$PTH_CONFIG --libs`"
-         AC_LINK_IFELSE([AC_LANG_PROGRAM([#include <pth.h>
-                                         ],
-                                         [[ pth_init ();]])],
-                        gnupg_cv_pth_is_sane=yes,
-                        gnupg_cv_pth_is_sane=no)
-         CFLAGS=$_gnupg_pth_save_cflags
-         LDFLAGS=$_gnupg_pth_save_ldflags
-         LIBS=$_gnupg_pth_save_libs
-       ])
-       if test $gnupg_cv_pth_is_sane != yes; then
-          have_pth=no
-       fi
-       AC_MSG_RESULT($gnupg_cv_pth_is_sane)
-    else
-       AC_MSG_RESULT(no)
-    fi    
-  ])
-
-
-
-
 # Check whether mlock is broken (hpux 10.20 raises a SIGBUS if mlock
 # is not called from uid 0 (not tested whether uid 0 works)
 # For DECs Tru64 we have also to check whether mlock is in librt

Modified: trunk/agent/ChangeLog
===================================================================
--- trunk/agent/ChangeLog	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/agent/ChangeLog	2006-10-10 11:11:04 UTC (rev 4294)
@@ -1,5 +1,8 @@
 2006-10-06  Werner Koch  <wk@g10code.com>
 
+	* Makefile.am (AM_CFLAGS): Use PTH version of libassuan.
+	(gpg_agent_LDADD): Ditto.
+
 	* divert-scd.c (divert_pksign): Use PKAUTH for the TLS algo.
 
 2006-10-05  Werner Koch  <wk@g10code.com>

Modified: trunk/agent/Makefile.am
===================================================================
--- trunk/agent/Makefile.am	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/agent/Makefile.am	2006-10-10 11:11:04 UTC (rev 4294)
@@ -27,8 +27,8 @@
 
 include $(top_srcdir)/am/cmacros.am
 
-AM_CFLAGS = $(LIBGCRYPT_CFLAGS) $(LIBASSUAN_CFLAGS) $(GPG_ERROR_CFLAGS) \
-	$(PTH_CFLAGS)
+AM_CFLAGS = $(LIBGCRYPT_CFLAGS) $(LIBASSUAN_PTH_CFLAGS) $(GPG_ERROR_CFLAGS) \
+	    $(PTH_CFLAGS)
 
 gpg_agent_SOURCES = \
 	gpg-agent.c agent.h \
@@ -51,7 +51,7 @@
 pwquery_libs = ../common/libsimple-pwquery.a
 
 gpg_agent_LDADD = $(common_libs) \
-                $(LIBGCRYPT_LIBS) $(PTH_LIBS) $(LIBASSUAN_LIBS) \
+                $(LIBGCRYPT_LIBS) $(LIBASSUAN_PTH_LIBS) $(PTH_LIBS) \
 	        $(GPG_ERROR_LIBS) $(LIBINTL) $(NETLIBS)
 
 gpg_protect_tool_SOURCES = \

Modified: trunk/common/ChangeLog
===================================================================
--- trunk/common/ChangeLog	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/common/ChangeLog	2006-10-10 11:11:04 UTC (rev 4294)
@@ -1,3 +1,14 @@
+2006-10-08  Werner Koch  <wk@g10code.com>
+
+	* gpgrlhelp.c: Trun all functions into dummies if readline is not
+	available.
+
+2006-10-06  Werner Koch  <wk@g10code.com>
+
+	* Makefile.am (AM_CFLAGS): Use PTH version of libassuan.
+
+	* util.h (GNUPG_GCC_A_SENTINEL): Defined for gcc >= 4.
+
 2006-10-04  David Shaw  <dshaw@jabberwocky.com>
 
 	* gpgrlhelp.c: readline requires stdio.h.

Modified: trunk/common/Makefile.am
===================================================================
--- trunk/common/Makefile.am	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/common/Makefile.am	2006-10-10 11:11:04 UTC (rev 4294)
@@ -26,7 +26,7 @@
 
 AM_CPPFLAGS = -I$(top_srcdir)/gl
 
-AM_CFLAGS = $(LIBGCRYPT_CFLAGS) $(LIBASSUAN_CFLAGS) $(KSBA_CFLAGS) \
+AM_CFLAGS = $(LIBGCRYPT_CFLAGS) $(LIBASSUAN_PTH_CFLAGS) $(KSBA_CFLAGS) \
             $(PTH_CFLAGS)
 
 libcommon_a_SOURCES = \

Modified: trunk/common/gpgrlhelp.c
===================================================================
--- trunk/common/gpgrlhelp.c	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/common/gpgrlhelp.c	2006-10-10 11:11:04 UTC (rev 4294)
@@ -40,6 +40,7 @@
 #include "common-defs.h"
 
 
+#ifdef HAVE_LIBREADLINE
 static void
 set_completer (rl_completion_func_t *completer)
 {
@@ -68,12 +69,15 @@
   rl_inhibit_completion = 1;
 }
 
+#endif /*HAVE_LIBREADLINE*/
 
+
 /* Initialize our readline code.  This should be called as early as
    possible as it is actually a constructur.  */
 void
 gnupg_rl_initialize (void)
 {
+#ifdef HAVE_LIBREADLINE
   tty_private_set_rl_hooks (init_stream,
                             set_completer,
                             inhibit_completion,
@@ -81,7 +85,7 @@
                             readline,
                             add_history);
   rl_readline_name = "GnuPG";
-
+#endif
 }
 
 

Modified: trunk/common/util.h
===================================================================
--- trunk/common/util.h	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/common/util.h	2006-10-10 11:11:04 UTC (rev 4294)
@@ -43,6 +43,13 @@
 #include "../jnlib/dotlock.h"
 #include "../jnlib/utf8conv.h"
 
+#if __GNUC__ >= 4 
+# define GNUPG_GCC_A_SENTINEL(a) __attribute__ ((sentinel(a)))
+#else
+# define GNUPG_GCC_A_SENTINEL(a) 
+#endif
+
+
 /* We need this type even if we are not using libreadline and or we
    did not include libreadline in the current file. */
 #ifndef GNUPG_LIBREADLINE_H_INCLUDED

Modified: trunk/configure.ac
===================================================================
--- trunk/configure.ac	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/configure.ac	2006-10-10 11:11:04 UTC (rev 4294)
@@ -45,6 +45,7 @@
 NEED_LIBGCRYPT_VERSION=1.1.94
 
 NEED_LIBASSUAN_VERSION=0.9.1
+NEED_LIBASSUAN_API=1
 
 NEED_KSBA_API=1
 NEED_KSBA_VERSION=1.0.0
@@ -578,8 +579,13 @@
 #
 # libassuan is used for IPC
 #
-AM_PATH_LIBASSUAN("$NEED_LIBASSUAN_VERSION",
+AM_PATH_LIBASSUAN("$NEED_LIBASSUAN_API:$NEED_LIBASSUAN_VERSION",
                   have_libassuan=yes,have_libassuan=no)
+if test "$have_libassuan" = "yes"; then
+  have_libassuan=no
+  AM_PATH_LIBASSUAN_PTH("$NEED_LIBASSUAN_API:$NEED_LIBASSUAN_VERSION",
+                        have_libassuan=yes,have_libassuan=no)
+fi
 
 
 #
@@ -632,17 +638,12 @@
 # Check whether the GNU Pth library is available
 # Note, that we include a Pth emulation for W32.
 #
-AC_ARG_WITH(pth-prefix,
-            AC_HELP_STRING([--with-pth-prefix=PFX],
-                           [prefix where GNU Pth is installed (optional)]),
-     pth_config_prefix="$withval", pth_config_prefix="")
-if test x$pth_config_prefix != x ; then
-   PTH_CONFIG="$pth_config_prefix/bin/pth-config"
-fi
-AC_PATH_PROG(PTH_CONFIG, pth-config, no)
-if test "$have_w32_system" = no; then
- if test "$PTH_CONFIG" = "no"; then
-    AC_MSG_WARN([[
+GNUPG_PATH_PTH
+if test "$have_pth" = "yes"; then
+  AC_DEFINE(USE_GNU_PTH, 1,
+              [Defined if the GNU Portable Thread Library should be used])
+else
+  AC_MSG_WARN([[
 ***
 *** To support concurrent access to the gpg-agent and the SCdaemon
 *** we need the support of the GNU Portable Threads Library.
@@ -650,29 +651,10 @@
 *** On a Debian GNU/Linux system you might want to try 
 ***   apt-get install libpth-dev
 ***]])
- else
-  GNUPG_PTH_VERSION_CHECK(1.3.7)
-  if test $have_pth = yes; then      
-     PTH_CFLAGS=`$PTH_CONFIG --cflags`
-     PTH_LIBS=`$PTH_CONFIG --ldflags`
-     PTH_LIBS="$PTH_LIBS `$PTH_CONFIG --libs --all`"
-     AC_DEFINE(USE_GNU_PTH, 1,
-              [Defined if the GNU Portable Thread Library should be used])
-     AC_DEFINE(HAVE_PTH, 1,
-              [Defined if the GNU Pth is available])
-  fi
- fi
-else 
- have_pth=yes
- PTH_CFLAGS=""
- PTH_LIBS=""
- AC_DEFINE(USE_GNU_PTH, 1)
- AC_DEFINE(HAVE_PTH, 1)
 fi
-AC_SUBST(PTH_CFLAGS)
-AC_SUBST(PTH_LIBS)
 
 
+
 #
 # Must check for network library requirements before doing link tests
 # for ldap, for example. If ldap libs are static (or dynamic and without
@@ -1262,10 +1244,10 @@
    die=yes
    AC_MSG_NOTICE([[
 ***
-*** You need libassuan to build this program.
+*** You need libassuan with Pth support to build this program.
 *** This library is for example available at
 ***   ftp://ftp.gnupg.org/gcrypt/alpha/libassuan/
-*** (at least version $NEED_LIBASSUAN_VERSION is required).
+*** (at least version $NEED_LIBASSUAN_VERSION (API $NEED_LIBASSUAN_API) is required).
 ***]])
 fi
 if test "$have_ksba" = "no"; then

Modified: trunk/doc/gpg-agent.texi
===================================================================
--- trunk/doc/gpg-agent.texi	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/doc/gpg-agent.texi	2006-10-10 11:11:04 UTC (rev 4294)
@@ -740,13 +740,23 @@
 okay.
 
 @example
-   SETHASH <algo> <hexstring>
+   SETHASH --hash=<name>|<algo> <hexstring>
 @end example
 
 The client can use this command to tell the server about the data <hexstring>
 (which usually is a hash) to be signed. <algo> is the decimal encoded hash
-algorithm number as used by Libgcrypt.
+algorithm number as used by Libgcrypt.  Either <algo> or --hash=<name>
+must be given.  Valid names for <name> are:
 
+@table @code
+@item sha1
+@item sha256
+@item rmd160
+@item md5
+@item tls-md5sha1
+@end table
+
+@noindent
 The actual signing is done using
 
 @example
@@ -754,20 +764,10 @@
 @end example
 
 Options are not yet defined, but my later be used to choosen among
-different algorithms (e.g. pkcs 1.5)
+different algorithms.  The agent does then some checks, asks for the
+passphrase and as a result the server returns the signature as an SPKI
+like S-expression in "D" lines:
 
-The agent does then some checks, asks for the passphrase and
-if SETHASH has not been used asks the client for the data to sign:
-
-@example
-   S: INQUIRE HASHVAL
-   C: D ABCDEF012345678901234
-   C: END
-@end example
-
-As a result the server returns the signature as an SPKI like S-Exp
-in "D" lines:
-
 @example  
      (sig-val   
        (<algo>

Modified: trunk/doc/instguide.texi
===================================================================
--- trunk/doc/instguide.texi	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/doc/instguide.texi	2006-10-10 11:11:04 UTC (rev 4294)
@@ -13,7 +13,11 @@
 
 ** Explain how to setup a root CA key as trusted
 ** Explain how trustlist.txt might be managed.
+** How to get the ssh support running
+   How to use the ssh support.
 
 
+@section Installation Overview 
 
 
+

Modified: trunk/doc/sysnotes.texi
===================================================================
--- trunk/doc/sysnotes.texi	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/doc/sysnotes.texi	2006-10-10 11:11:04 UTC (rev 4294)
@@ -66,6 +66,9 @@
 particular, @strong{using it on a box with more than one user, might
 lead to a key compromise}.
 
+@strong{It is quite possible that the current version does not even
+build.}
+
 @noindent
 Current limitations are:
 

Modified: trunk/g10/ChangeLog
===================================================================
--- trunk/g10/ChangeLog	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/g10/ChangeLog	2006-10-10 11:11:04 UTC (rev 4294)
@@ -1,3 +1,17 @@
+2006-10-08  Werner Koch  <wk@g10code.com>
+
+	* gpgv.c: Remove the tty stubs as we are now required to link to
+	tty anyway (it is included in libcommand and has dependencies to
+	other modules as well).
+
+	* keyedit.c (keyedit_menu): Use keyedit_completion only if
+	readline is available.  It would be better to move this code into
+	gpgrlhelp.c
+
+2006-10-06  Werner Koch  <wk@g10code.com>
+
+	* Makefile.am (AM_CFLAGS): Use PTH version of libassuan.
+
 2006-10-06  David Shaw  <dshaw@jabberwocky.com>
 
 	* keyserver.c (keyserver_spawn): Write the 16-digit keyid rather

Modified: trunk/g10/Makefile.am
===================================================================
--- trunk/g10/Makefile.am	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/g10/Makefile.am	2006-10-10 11:11:04 UTC (rev 4294)
@@ -27,7 +27,7 @@
 
 include $(top_srcdir)/am/cmacros.am
 
-AM_CFLAGS = $(LIBGCRYPT_CFLAGS) $(LIBASSUAN_CFLAGS) $(GPG_ERROR_CFLAGS)
+AM_CFLAGS = $(LIBGCRYPT_CFLAGS) $(LIBASSUAN_PTH_CFLAGS) $(GPG_ERROR_CFLAGS)
 
 needed_libs = ../gl/libgnu.a ../common/libcommon.a ../jnlib/libjnlib.a
 

Modified: trunk/g10/gpgv.c
===================================================================
--- trunk/g10/gpgv.c	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/g10/gpgv.c	2006-10-10 11:11:04 UTC (rev 4294)
@@ -388,22 +388,6 @@
 void cipher_sync( gcry_cipher_hd_t c ) {}
 
 
-/* Stubs to avoid linking to ../util/ttyio.c */
-int tty_batchmode( int onoff ) { return 0; }
-void tty_printf( const char *fmt, ... ) { }
-void tty_fprintf (FILE *fp, const char *fmt, ... ) { }
-void tty_print_string( const byte *p, size_t n ) { }
-void tty_print_utf8_string( const byte *p, size_t n ) {}
-void tty_print_utf8_string2( const byte *p, size_t n, size_t max_n ) {}
-char *tty_get( const char *prompt ) { return NULL;}
-char *tty_get_hidden( const char *prompt ) {return NULL; }
-void tty_kill_prompt(void) {}
-int tty_get_answer_is_yes( const char *prompt ) {return 0;}
-int tty_no_terminal(int onoff) {return 0;}
-#ifdef HAVE_LIBREADLINE
-void tty_enable_completion(rl_completion_func_t *completer) {}
-void tty_disable_completion(void) {}
-#endif
 
 /* We do not do any locking, so use these stubs here */
 void disable_dotlock(void) {}

Modified: trunk/g10/keyedit.c
===================================================================
--- trunk/g10/keyedit.c	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/g10/keyedit.c	2006-10-10 11:11:04 UTC (rev 4294)
@@ -1620,7 +1620,9 @@
 	    }
 	    if( !have_commands )
 	      {
+#ifdef HAVE_LIBREADLINE
 		tty_enable_completion(keyedit_completion);
+#endif
 		answer = cpr_get_no_help("keyedit.prompt", _("Command> "));
 		cpr_kill_prompt();
 		tty_disable_completion();

Modified: trunk/m4/ChangeLog
===================================================================
--- trunk/m4/ChangeLog	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/m4/ChangeLog	2006-10-10 11:11:04 UTC (rev 4294)
@@ -1,3 +1,12 @@
+2006-10-09  Werner Koch  <wk@g10code.com>
+
+	* gnupg-pth.m4: New.  Taken from ../acinclude.m4.
+	(GNUPG_PATH_PTH): New.
+
+2006-10-06  Werner Koch  <wk@g10code.com>
+
+	* libassuan.m4: Updated.
+
 2006-07-27  Werner Koch  <wk@g10code.com>
 
 	* autobuild.m4: New. 

Modified: trunk/m4/Makefile.am
===================================================================
--- trunk/m4/Makefile.am	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/m4/Makefile.am	2006-10-10 11:11:04 UTC (rev 4294)
@@ -2,6 +2,8 @@
 
 EXTRA_DIST += ldap.m4 libcurl.m4 libusb.m4 tar-ustar.m4 readline.m4
 
+EXTRA_DIST += gnupg-pth.m4
+
 EXTRA_DIST += gpg-error.m4 libgcrypt.m4 libassuan.m4 ksba.m4
 
 EXTRA_DIST += autobuild.m4

Added: trunk/m4/gnupg-pth.m4
===================================================================
--- trunk/m4/gnupg-pth.m4	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/m4/gnupg-pth.m4	2006-10-10 11:11:04 UTC (rev 4294)
@@ -0,0 +1,114 @@
+dnl GnuPG's check for Pth.
+dnl       Copyright (C) 2003 Free Software Foundation, Inc.
+dnl
+dnl This file is free software; as a special exception the author gives
+dnl unlimited permission to copy and/or distribute it, with or without
+dnl modifications, as long as this notice is preserved.
+dnl
+dnl This file is distributed in the hope that it will be useful, but
+dnl WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+dnl implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+
+# GNUPG_PTH_VERSION_CHECK(REQUIRED)
+# 
+# If the version is sufficient, HAVE_PTH will be set to yes.
+#
+# Taken and modified from the m4 macros which come with Pth.
+AC_DEFUN([GNUPG_PTH_VERSION_CHECK],
+  [
+    _pth_version=`$PTH_CONFIG --version | awk 'NR==1 {print [$]3}'`
+    _req_version="ifelse([$1],,1.2.0,$1)"
+
+    AC_MSG_CHECKING(for PTH - version >= $_req_version)
+    for _var in _pth_version _req_version; do
+        eval "_val=\"\$${_var}\""
+        _major=`echo $_val | sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\([[ab.]]\)\([[0-9]]*\)/\1/'`
+        _minor=`echo $_val | sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\([[ab.]]\)\([[0-9]]*\)/\2/'`
+        _rtype=`echo $_val | sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\([[ab.]]\)\([[0-9]]*\)/\3/'`
+        _micro=`echo $_val | sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\([[ab.]]\)\([[0-9]]*\)/\4/'`
+        case $_rtype in
+            "a" ) _rtype=0 ;;
+            "b" ) _rtype=1 ;;
+            "." ) _rtype=2 ;;
+        esac
+        _hex=`echo dummy | awk '{ printf("%d%02d%1d%02d", major, minor, rtype, micro); }' \
+              "major=$_major" "minor=$_minor" "rtype=$_rtype" "micro=$_micro"`
+        eval "${_var}_hex=\"\$_hex\""
+    done
+    have_pth=no
+    if test ".$_pth_version_hex" != .; then
+        if test ".$_req_version_hex" != .; then
+            if test $_pth_version_hex -ge $_req_version_hex; then
+                have_pth=yes
+            fi
+        fi
+    fi
+    if test $have_pth = yes; then
+       AC_MSG_RESULT(yes)
+       AC_MSG_CHECKING([whether PTH installation is sane])
+       AC_CACHE_VAL(gnupg_cv_pth_is_sane,[
+         _gnupg_pth_save_cflags=$CFLAGS
+         _gnupg_pth_save_ldflags=$LDFLAGS
+         _gnupg_pth_save_libs=$LIBS
+         CFLAGS="$CFLAGS `$PTH_CONFIG --cflags`"
+         LDFLAGS="$LDFLAGS `$PTH_CONFIG --ldflags`"
+         LIBS="$LIBS `$PTH_CONFIG --libs`"
+         AC_LINK_IFELSE([AC_LANG_PROGRAM([#include <pth.h>
+                                         ],
+                                         [[ pth_init ();]])],
+                        gnupg_cv_pth_is_sane=yes,
+                        gnupg_cv_pth_is_sane=no)
+         CFLAGS=$_gnupg_pth_save_cflags
+         LDFLAGS=$_gnupg_pth_save_ldflags
+         LIBS=$_gnupg_pth_save_libs
+       ])
+       if test $gnupg_cv_pth_is_sane != yes; then
+          have_pth=no
+       fi
+       AC_MSG_RESULT($gnupg_cv_pth_is_sane)
+    else
+       AC_MSG_RESULT(no)
+    fi    
+  ])
+
+
+#
+# GNUPG_PATH_PTH([MINIMUM_VERSION])
+#
+# This is a special version of the check whioch assumes that a
+# emulation for W32 systems is available. The test assumes that
+# $have_w32_system has already been set.  On return $have_pth is set
+# as well as HAVE_PTH is defined and PTH_CLFAGS and PTH_LIBS are AS_SUBST.
+#
+AC_DEFUN([GNUPG_PATH_PTH],
+[ AC_ARG_WITH(pth-prefix,
+             AC_HELP_STRING([--with-pth-prefix=PFX],
+                           [prefix where GNU Pth is installed (optional)]),
+     pth_config_prefix="$withval", pth_config_prefix="")
+  if test x$pth_config_prefix != x ; then
+     PTH_CONFIG="$pth_config_prefix/bin/pth-config"
+  fi
+  AC_PATH_PROG(PTH_CONFIG, pth-config, no)
+  tmp=ifelse([$1], ,1.3.7,$1)
+  if test "$have_w32_system" = no; then
+   if test "$PTH_CONFIG" != "no"; then
+    GNUPG_PTH_VERSION_CHECK($tmp)
+    if test $have_pth = yes; then      
+       PTH_CFLAGS=`$PTH_CONFIG --cflags`
+       PTH_LIBS=`$PTH_CONFIG --ldflags`
+       PTH_LIBS="$PTH_LIBS `$PTH_CONFIG --libs --all`"
+       AC_DEFINE(HAVE_PTH, 1,
+                [Defined if the GNU Pth is available])
+    fi
+   fi
+  else 
+   have_pth=yes
+   PTH_CFLAGS=""
+   PTH_LIBS=""
+   AC_DEFINE(HAVE_PTH, 1)
+  fi
+  AC_SUBST(PTH_CFLAGS)
+  AC_SUBST(PTH_LIBS)
+])
+

Modified: trunk/m4/libassuan.m4
===================================================================
--- trunk/m4/libassuan.m4	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/m4/libassuan.m4	2006-10-10 11:11:04 UTC (rev 4294)
@@ -9,68 +9,152 @@
 dnl WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
 dnl implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 
-
-dnl AM_PATH_LIBASSUAN([MINIMUM-VERSION,
-dnl                   [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND ]]])
-dnl Test for libassuan and define LIBASSUAN_CFLAGS and LIBASSUAN_LIBS
 dnl
-AC_DEFUN([AM_PATH_LIBASSUAN],
+dnl Common code used for libassuan detection [internal]
+dnl Returns ok set to yes or no.
+dnl
+AC_DEFUN([_AM_PATH_LIBASSUAN_COMMON],
 [ AC_ARG_WITH(libassuan-prefix,
-            AC_HELP_STRING([--with-libassuan-prefix=PFX],
-                           [prefix where LIBASSUAN is installed (optional)]),
+              AC_HELP_STRING([--with-libassuan-prefix=PFX],
+                             [prefix where LIBASSUAN is installed (optional)]),
      libassuan_config_prefix="$withval", libassuan_config_prefix="")
   if test x$libassuan_config_prefix != x ; then
-     libassuan_config_args="$libassuan_config_args --prefix=$libassuan_config_prefix"
-     if test x${LIBASSUAN_CONFIG+set} != xset ; then
-        LIBASSUAN_CONFIG=$libassuan_config_prefix/bin/libassuan-config
-     fi
+    libassuan_config_args="$libassuan_config_args --prefix=$libassuan_config_prefix"
+    if test x${LIBASSUAN_CONFIG+set} != xset ; then
+      LIBASSUAN_CONFIG=$libassuan_config_prefix/bin/libassuan-config
+    fi
   fi
+  AC_PATH_PROG(LIBASSUAN_CONFIG, libassuan-config, no)
 
-  AC_PATH_PROG(LIBASSUAN_CONFIG, libassuan-config, no)
-  min_libassuan_version=ifelse([$1], ,0.0.1,$1)
-  AC_MSG_CHECKING(for LIBASSUAN - version >= $min_libassuan_version)
+  tmp=ifelse([$1], ,1:0.9.2,$1)
+  if echo "$tmp" | grep ':' >/dev/null 2>/dev/null ; then
+    req_libassuan_api=`echo "$tmp"     | sed 's/\(.*\):\(.*\)/\1/'`
+    min_libassuan_version=`echo "$tmp" | sed 's/\(.*\):\(.*\)/\2/'`
+  else
+    req_libassuan_api=0
+    min_libassuan_version="$tmp"
+  fi
+
+  if test "$LIBASSUAN_CONFIG" != "no" ; then
+    libassuan_version=`$LIBASSUAN_CONFIG --version`
+  fi
+  libassuan_version_major=`echo $libassuan_version | \
+               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\1/'`
+  libassuan_version_minor=`echo $libassuan_version | \
+               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\2/'`
+  libassuan_version_micro=`echo $libassuan_version | \
+               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\3/'`
+
+  AC_MSG_CHECKING(for LIBASSUAN ifelse([$2], ,,[$2 ])- version >= $min_libassuan_version)
   ok=no
   if test "$LIBASSUAN_CONFIG" != "no" ; then
+    ifelse([$2], ,,[if `$LIBASSUAN_CONFIG --thread=$2 2> /dev/null` ; then])
     req_major=`echo $min_libassuan_version | \
                sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\1/'`
     req_minor=`echo $min_libassuan_version | \
                sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\2/'`
     req_micro=`echo $min_libassuan_version | \
                sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\3/'`
-    libassuan_config_version=`$LIBASSUAN_CONFIG $libassuan_config_args --version`
-    major=`echo $libassuan_config_version | \
-               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\1/'`
-    minor=`echo $libassuan_config_version | \
-               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\2/'`
-    micro=`echo $libassuan_config_version | \
-               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\3/'`
-    if test "$major" -gt "$req_major"; then
+    if test "$libassuan_version_major" -gt "$req_major"; then
         ok=yes
     else 
-        if test "$major" -eq "$req_major"; then
-            if test "$minor" -gt "$req_minor"; then
+        if test "$libassuan_version_major" -eq "$req_major"; then
+            if test "$libassuan_version_minor" -gt "$req_minor"; then
                ok=yes
             else
-               if test "$minor" -eq "$req_minor"; then
-                   if test "$micro" -ge "$req_micro"; then
+               if test "$libassuan_version_minor" -eq "$req_minor"; then
+                   if test "$libassuan_version_micro" -ge "$req_micro"; then
                      ok=yes
                    fi
                fi
             fi
         fi
     fi
+    ifelse([$2], ,,[fi])
   fi
+
   if test $ok = yes; then
+    AC_MSG_RESULT(yes)
+  else
+    AC_MSG_RESULT(no)
+  fi
+
+  if test $ok = yes; then
+    if test "$req_libassuan_api" -gt 0 ; then
+      tmp=`$LIBASSUAN_CONFIG --api-version 2>/dev/null || echo 0`
+      if test "$tmp" -gt 0 ; then
+        AC_MSG_CHECKING([LIBASSUAN ifelse([$2], ,,[$2 ])API version])
+        if test "$req_libassuan_api" -eq "$tmp" ; then
+          AC_MSG_RESULT(okay)
+        else
+          ok=no
+          AC_MSG_RESULT([does not match.  want=$req_libassuan_api got=$tmp.])
+        fi
+      fi
+    fi
+  fi
+
+])
+
+
+
+dnl AM_PATH_LIBASSUAN([MINIMUM-VERSION,
+dnl                   [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND ]]])
+dnl Test for libassuan and define LIBASSUAN_CFLAGS and LIBASSUAN_LIBS
+dnl
+AC_DEFUN([AM_PATH_LIBASSUAN],
+[ _AM_PATH_LIBASSUAN_COMMON($1)
+  if test $ok = yes; then
     LIBASSUAN_CFLAGS=`$LIBASSUAN_CONFIG $libassuan_config_args --cflags`
     LIBASSUAN_LIBS=`$LIBASSUAN_CONFIG $libassuan_config_args --libs`
-    AC_MSG_RESULT(yes)
     ifelse([$2], , :, [$2])
   else
     LIBASSUAN_CFLAGS=""
     LIBASSUAN_LIBS=""
-    AC_MSG_RESULT(no)
     ifelse([$3], , :, [$3])
   fi
   AC_SUBST(LIBASSUAN_CFLAGS)
   AC_SUBST(LIBASSUAN_LIBS)
 ])
+
+
+dnl AM_PATH_LIBASSUAN_PTH([MINIMUM-VERSION,
+dnl                      [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND ]]])
+dnl Test for libassuan and define LIBASSUAN_PTH_CFLAGSand LIBASSUAN_PTH_LIBS
+dnl
+AC_DEFUN([AM_PATH_LIBASSUAN_PTH],
+[ _AM_PATH_LIBASSUAN_COMMON($1,pth)
+  if test $ok = yes; then
+    LIBASSUAN_PTH_CFLAGS=`$LIBASSUAN_CONFIG $libassuan_config_args --thread=pth --cflags`
+    LIBASSUAN_PTH_LIBS=`$LIBASSUAN_CONFIG $libassuan_config_args --thread=pth --libs`
+    ifelse([$2], , :, [$2])
+  else
+    LIBASSUAN_PTH_CFLAGS=""
+    LIBASSUAN_PTH_LIBS=""
+    ifelse([$3], , :, [$3])
+  fi
+  AC_SUBST(LIBASSUAN_PTH_CFLAGS)
+  AC_SUBST(LIBASSUAN_PTH_LIBS)
+])
+
+
+dnl AM_PATH_LIBASSUAN_PTHREAD([MINIMUM-VERSION,
+dnl                           [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND ]]])
+dnl Test for libassuan and define LIBASSUAN_PTHREAD_CFLAGS 
+dnl                           and LIBASSUAN_PTHREAD_LIBS
+dnl
+AC_DEFUN([AM_PATH_LIBASSUAN_PTHREAD],
+[ _AM_PATH_LIBASSUAN_COMMON($1,pth)
+  if test $ok = yes; then
+    LIBASSUAN_PTHREAD_CFLAGS=`$LIBASSUAN_CONFIG $libassuan_config_args --thread=pthread --cflags`
+    LIBASSUAN_PTHREAD_LIBS=`$LIBASSUAN_CONFIG $libassuan_config_args --thread=pthread --libs`
+    ifelse([$2], , :, [$2])
+  else
+    LIBASSUAN_PTHREAD_CFLAGS=""
+    LIBASSUAN_PTHREAD_LIBS=""
+    ifelse([$3], , :, [$3])
+  fi
+  AC_SUBST(LIBASSUAN_PTHREAD_CFLAGS)
+  AC_SUBST(LIBASSUAN_PTHREAD_LIBS)
+])
+

Modified: trunk/po/be.po
===================================================================
--- trunk/po/be.po	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/po/be.po	2006-10-10 11:11:04 UTC (rev 4294)
@@ -6,7 +6,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.2.2\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:34+0200\n"
+"POT-Creation-Date: 2006-10-06 19:14+0200\n"
 "PO-Revision-Date: 2003-10-30 16:35+0200\n"
 "Last-Translator: Ales Nyakhaychyk <nab@mail.by>\n"
 "Language-Team: Belarusian <i18n@mova.org>\n"
@@ -138,20 +138,20 @@
 msgid "failed to create stream from socket: %s\n"
 msgstr "%s: немагчыма стварыць хэш-табліцу: %s\n"
 
-#: agent/divert-scd.c:217
+#: agent/divert-scd.c:219
 msgid "Admin PIN"
 msgstr ""
 
-#: agent/divert-scd.c:275
+#: agent/divert-scd.c:277
 #, fuzzy
 msgid "Repeat this PIN"
 msgstr "Паўтарыце пароль: "
 
-#: agent/divert-scd.c:278
+#: agent/divert-scd.c:280
 msgid "PIN not correctly repeated; try again"
 msgstr ""
 
-#: agent/divert-scd.c:290
+#: agent/divert-scd.c:292
 #, c-format
 msgid "Please enter the PIN%s%s%s to unlock the card"
 msgstr ""
@@ -6479,7 +6479,7 @@
 msgid "DSA requires the use of a 160 bit hash algorithm\n"
 msgstr "DSA патрабуе выкарыстаньня 160-і бітавага хэш-альгарытму\n"
 
-#: sm/certcheck.c:175 sm/sign.c:479 sm/verify.c:189
+#: sm/certcheck.c:177 sm/sign.c:479 sm/verify.c:189
 msgid "(this is the MD2 algorithm)\n"
 msgstr ""
 

Modified: trunk/po/ca.po
===================================================================
--- trunk/po/ca.po	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/po/ca.po	2006-10-10 11:11:04 UTC (rev 4294)
@@ -27,7 +27,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.4.0\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:34+0200\n"
+"POT-Creation-Date: 2006-10-06 19:14+0200\n"
 "PO-Revision-Date: 2005-02-04 02:04+0100\n"
 "Last-Translator: Jordi Mallach <jordi@gnu.org>\n"
 "Language-Team: Catalan <ca@dodds.net>\n"
@@ -160,22 +160,22 @@
 msgid "failed to create stream from socket: %s\n"
 msgstr "%s: no s'ha pogut crear la taula de dispersió: %s\n"
 
-#: agent/divert-scd.c:217
+#: agent/divert-scd.c:219
 #, fuzzy
 msgid "Admin PIN"
 msgstr "Introduïu el nom d'usuari: "
 
-#: agent/divert-scd.c:275
+#: agent/divert-scd.c:277
 #, fuzzy
 msgid "Repeat this PIN"
 msgstr "Repetiu la contrasenya: "
 
-#: agent/divert-scd.c:278
+#: agent/divert-scd.c:280
 #, fuzzy
 msgid "PIN not correctly repeated; try again"
 msgstr "la contrasenya no s'ha repetit correctament; torneu a intentar-ho"
 
-#: agent/divert-scd.c:290
+#: agent/divert-scd.c:292
 #, c-format
 msgid "Please enter the PIN%s%s%s to unlock the card"
 msgstr ""
@@ -7053,7 +7053,7 @@
 msgid "DSA requires the use of a 160 bit hash algorithm\n"
 msgstr "DSA requereix l'ús d'un algoritme de dispersió de 160 bits\n"
 
-#: sm/certcheck.c:175 sm/sign.c:479 sm/verify.c:189
+#: sm/certcheck.c:177 sm/sign.c:479 sm/verify.c:189
 msgid "(this is the MD2 algorithm)\n"
 msgstr ""
 

Modified: trunk/po/cs.po
===================================================================
--- trunk/po/cs.po	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/po/cs.po	2006-10-10 11:11:04 UTC (rev 4294)
@@ -7,7 +7,7 @@
 msgstr ""
 "Project-Id-Version: gnupg-1.3.92\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:34+0200\n"
+"POT-Creation-Date: 2006-10-06 19:14+0200\n"
 "PO-Revision-Date: 2004-11-26 09:12+0200\n"
 "Last-Translator: Roman Pavlik <rp@tns.cz>\n"
 "Language-Team: Czech <translations.cs@gnupg.cz>\n"
@@ -138,21 +138,21 @@
 msgid "failed to create stream from socket: %s\n"
 msgstr "%s: nepoda�ilo se vytvo�it hashovac� tabulku: %s\n"
 
-#: agent/divert-scd.c:217
+#: agent/divert-scd.c:219
 #, fuzzy
 msgid "Admin PIN"
 msgstr "|A|PIN administr�tora"
 
-#: agent/divert-scd.c:275
+#: agent/divert-scd.c:277
 #, fuzzy
 msgid "Repeat this PIN"
 msgstr "Opakujte tento PIN: "
 
-#: agent/divert-scd.c:278
+#: agent/divert-scd.c:280
 msgid "PIN not correctly repeated; try again"
 msgstr "PIN nen� zopakov�n spr�vn�; zkuste to znovu"
 
-#: agent/divert-scd.c:290
+#: agent/divert-scd.c:292
 #, fuzzy, c-format
 msgid "Please enter the PIN%s%s%s to unlock the card"
 msgstr "||Pros�m vlo�te PIN%%0A[podpis hotov: %lu]"
@@ -6744,7 +6744,7 @@
 msgid "DSA requires the use of a 160 bit hash algorithm\n"
 msgstr "DSA po�aduje pou�it� 160-ti bitov�ho hashovac�ho algoritmu\n"
 
-#: sm/certcheck.c:175 sm/sign.c:479 sm/verify.c:189
+#: sm/certcheck.c:177 sm/sign.c:479 sm/verify.c:189
 msgid "(this is the MD2 algorithm)\n"
 msgstr ""
 

Modified: trunk/po/da.po
===================================================================
--- trunk/po/da.po	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/po/da.po	2006-10-10 11:11:04 UTC (rev 4294)
@@ -8,7 +8,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.0.0h\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:34+0200\n"
+"POT-Creation-Date: 2006-10-06 19:14+0200\n"
 "PO-Revision-Date: 2003-12-03 16:11+0100\n"
 "Last-Translator: Birger Langkjer <birger.langkjer@image.dk>\n"
 "Language-Team: Danish <dansk@klid.dk>\n"
@@ -138,22 +138,22 @@
 msgid "failed to create stream from socket: %s\n"
 msgstr "kunne ikke initialisere TillidsDB: %s\n"
 
-#: agent/divert-scd.c:217
+#: agent/divert-scd.c:219
 #, fuzzy
 msgid "Admin PIN"
 msgstr "Indtast bruger-id: "
 
-#: agent/divert-scd.c:275
+#: agent/divert-scd.c:277
 #, fuzzy
 msgid "Repeat this PIN"
 msgstr "Gentag kodes�tning: "
 
-#: agent/divert-scd.c:278
+#: agent/divert-scd.c:280
 #, fuzzy
 msgid "PIN not correctly repeated; try again"
 msgstr "kodes�tningen blev ikke ordentlig gentaget; pr�v igen.\n"
 
-#: agent/divert-scd.c:290
+#: agent/divert-scd.c:292
 #, c-format
 msgid "Please enter the PIN%s%s%s to unlock the card"
 msgstr ""
@@ -6633,7 +6633,7 @@
 msgid "DSA requires the use of a 160 bit hash algorithm\n"
 msgstr ""
 
-#: sm/certcheck.c:175 sm/sign.c:479 sm/verify.c:189
+#: sm/certcheck.c:177 sm/sign.c:479 sm/verify.c:189
 msgid "(this is the MD2 algorithm)\n"
 msgstr ""
 

Modified: trunk/po/de.po
===================================================================
--- trunk/po/de.po	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/po/de.po	2006-10-10 11:11:04 UTC (rev 4294)
@@ -8,7 +8,7 @@
 msgstr ""
 "Project-Id-Version: gnupg-1.9.90\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:34+0200\n"
+"POT-Creation-Date: 2006-10-06 19:14+0200\n"
 "PO-Revision-Date: 2006-09-25 09:09+0200\n"
 "Last-Translator: Walter Koch <koch@u32.de>\n"
 "Language-Team: German <de@li.org>\n"
@@ -141,19 +141,19 @@
 msgid "failed to create stream from socket: %s\n"
 msgstr "Fehler beim Speichern des Schlüssels: %s\n"
 
-#: agent/divert-scd.c:217
+#: agent/divert-scd.c:219
 msgid "Admin PIN"
 msgstr "Admin PIN"
 
-#: agent/divert-scd.c:275
+#: agent/divert-scd.c:277
 msgid "Repeat this PIN"
 msgstr "PIN bitte wiederholen"
 
-#: agent/divert-scd.c:278
+#: agent/divert-scd.c:280
 msgid "PIN not correctly repeated; try again"
 msgstr "PIN wurde nicht richtig wiederholt; noch einmal versuchen"
 
-#: agent/divert-scd.c:290
+#: agent/divert-scd.c:292
 #, c-format
 msgid "Please enter the PIN%s%s%s to unlock the card"
 msgstr "Bitte geben Sie die PIN%s%s%s ein um die Karte zu entsperren"
@@ -6931,7 +6931,7 @@
 msgid "DSA requires the use of a 160 bit hash algorithm\n"
 msgstr "DSA benötigt einen 160-bit Hash Algorithmus\n"
 
-#: sm/certcheck.c:175 sm/sign.c:479 sm/verify.c:189
+#: sm/certcheck.c:177 sm/sign.c:479 sm/verify.c:189
 msgid "(this is the MD2 algorithm)\n"
 msgstr "(Dies ist der MD2 Algorithmus)\n"
 

Modified: trunk/po/el.po
===================================================================
--- trunk/po/el.po	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/po/el.po	2006-10-10 11:11:04 UTC (rev 4294)
@@ -6,7 +6,7 @@
 msgstr ""
 "Project-Id-Version: gnupg-1.1.92\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:34+0200\n"
+"POT-Creation-Date: 2006-10-06 19:14+0200\n"
 "PO-Revision-Date: 2003-06-27 12:00+0200\n"
 "Last-Translator: Dokianakis Theofanis <madf@hellug.gr>\n"
 "Language-Team: Greek <nls@tux.hellug.gr>\n"
@@ -137,21 +137,21 @@
 msgid "failed to create stream from socket: %s\n"
 msgstr "%s: �������� ����������� hashtable: %s\n"
 
-#: agent/divert-scd.c:217
+#: agent/divert-scd.c:219
 msgid "Admin PIN"
 msgstr ""
 
-#: agent/divert-scd.c:275
+#: agent/divert-scd.c:277
 #, fuzzy
 msgid "Repeat this PIN"
 msgstr "����������� �� ����� ������: "
 
-#: agent/divert-scd.c:278
+#: agent/divert-scd.c:280
 #, fuzzy
 msgid "PIN not correctly repeated; try again"
 msgstr "� ����� ������ ��� ������������ �����. ��������� ����"
 
-#: agent/divert-scd.c:290
+#: agent/divert-scd.c:292
 #, c-format
 msgid "Please enter the PIN%s%s%s to unlock the card"
 msgstr ""
@@ -6922,7 +6922,7 @@
 msgid "DSA requires the use of a 160 bit hash algorithm\n"
 msgstr "� DSA ������� �� ����� ���� 160 bit ���������� hash\n"
 
-#: sm/certcheck.c:175 sm/sign.c:479 sm/verify.c:189
+#: sm/certcheck.c:177 sm/sign.c:479 sm/verify.c:189
 msgid "(this is the MD2 algorithm)\n"
 msgstr ""
 

Modified: trunk/po/eo.po
===================================================================
--- trunk/po/eo.po	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/po/eo.po	2006-10-10 11:11:04 UTC (rev 4294)
@@ -6,7 +6,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.0.6d\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:34+0200\n"
+"POT-Creation-Date: 2006-10-06 19:14+0200\n"
 "PO-Revision-Date: 2002-04-14 14:33+0100\n"
 "Last-Translator: Edmund GRIMLEY EVANS <edmundo@rano.org>\n"
 "Language-Team: Esperanto <translation-team-eo@lists.sourceforge.net>\n"
@@ -137,22 +137,22 @@
 msgid "failed to create stream from socket: %s\n"
 msgstr "%s: malsukcesis krei haktabelon: %s\n"
 
-#: agent/divert-scd.c:217
+#: agent/divert-scd.c:219
 #, fuzzy
 msgid "Admin PIN"
 msgstr "Donu la uzantidentigilon: "
 
-#: agent/divert-scd.c:275
+#: agent/divert-scd.c:277
 #, fuzzy
 msgid "Repeat this PIN"
 msgstr "Ripetu pasfrazon: "
 
-#: agent/divert-scd.c:278
+#: agent/divert-scd.c:280
 #, fuzzy
 msgid "PIN not correctly repeated; try again"
 msgstr "la pasfrazo ne estis �uste ripetita; provu denove"
 
-#: agent/divert-scd.c:290
+#: agent/divert-scd.c:292
 #, c-format
 msgid "Please enter the PIN%s%s%s to unlock the card"
 msgstr ""
@@ -6866,7 +6866,7 @@
 msgid "DSA requires the use of a 160 bit hash algorithm\n"
 msgstr ""
 
-#: sm/certcheck.c:175 sm/sign.c:479 sm/verify.c:189
+#: sm/certcheck.c:177 sm/sign.c:479 sm/verify.c:189
 msgid "(this is the MD2 algorithm)\n"
 msgstr ""
 

Modified: trunk/po/es.po
===================================================================
--- trunk/po/es.po	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/po/es.po	2006-10-10 11:11:04 UTC (rev 4294)
@@ -10,7 +10,7 @@
 msgstr ""
 "Project-Id-Version: GNU gnupg 1.4.1\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:34+0200\n"
+"POT-Creation-Date: 2006-10-06 19:14+0200\n"
 "PO-Revision-Date: 2005-03-25 16:50+0100\n"
 "Last-Translator: Jaime Su�rez <jsuarez@ono.com>\n"
 "Language-Team: Spanish <es@li.org>\n"
@@ -159,21 +159,21 @@
 msgid "failed to create stream from socket: %s\n"
 msgstr "%s: fallo en la creaci�n de la tabla hash: %s\n"
 
-#: agent/divert-scd.c:217
+#: agent/divert-scd.c:219
 #, fuzzy
 msgid "Admin PIN"
 msgstr "|A|PIN Administrador"
 
-#: agent/divert-scd.c:275
+#: agent/divert-scd.c:277
 #, fuzzy
 msgid "Repeat this PIN"
 msgstr "Repita este PIN: "
 
-#: agent/divert-scd.c:278
+#: agent/divert-scd.c:280
 msgid "PIN not correctly repeated; try again"
 msgstr "PIN repetido incorrectamente; int�ntelo de nuevo"
 
-#: agent/divert-scd.c:290
+#: agent/divert-scd.c:292
 #, fuzzy, c-format
 msgid "Please enter the PIN%s%s%s to unlock the card"
 msgstr "PIN [firmas hechas: %lu]"
@@ -6785,7 +6785,7 @@
 msgid "DSA requires the use of a 160 bit hash algorithm\n"
 msgstr "DSA necesita un algoritmo de hash de 160 bits.\n"
 
-#: sm/certcheck.c:175 sm/sign.c:479 sm/verify.c:189
+#: sm/certcheck.c:177 sm/sign.c:479 sm/verify.c:189
 msgid "(this is the MD2 algorithm)\n"
 msgstr ""
 

Modified: trunk/po/et.po
===================================================================
--- trunk/po/et.po	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/po/et.po	2006-10-10 11:11:04 UTC (rev 4294)
@@ -6,7 +6,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.2.2\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:34+0200\n"
+"POT-Creation-Date: 2006-10-06 19:14+0200\n"
 "PO-Revision-Date: 2004-06-17 11:04+0300\n"
 "Last-Translator: Toomas Soome <Toomas.Soome@microlink.ee>\n"
 "Language-Team: Estonian <et@li.org>\n"
@@ -137,21 +137,21 @@
 msgid "failed to create stream from socket: %s\n"
 msgstr "%s: paisktabeli loomine eba�nnestus: %s\n"
 
-#: agent/divert-scd.c:217
+#: agent/divert-scd.c:219
 msgid "Admin PIN"
 msgstr ""
 
-#: agent/divert-scd.c:275
+#: agent/divert-scd.c:277
 #, fuzzy
 msgid "Repeat this PIN"
 msgstr "Korrake parooli: "
 
-#: agent/divert-scd.c:278
+#: agent/divert-scd.c:280
 #, fuzzy
 msgid "PIN not correctly repeated; try again"
 msgstr "parooli ei korratud �ieti; proovige uuesti"
 
-#: agent/divert-scd.c:290
+#: agent/divert-scd.c:292
 #, c-format
 msgid "Please enter the PIN%s%s%s to unlock the card"
 msgstr ""
@@ -6826,7 +6826,7 @@
 msgid "DSA requires the use of a 160 bit hash algorithm\n"
 msgstr "DSA n�uab 160 bitist r�sialgoritmi kasutamist\n"
 
-#: sm/certcheck.c:175 sm/sign.c:479 sm/verify.c:189
+#: sm/certcheck.c:177 sm/sign.c:479 sm/verify.c:189
 msgid "(this is the MD2 algorithm)\n"
 msgstr ""
 

Modified: trunk/po/fi.po
===================================================================
--- trunk/po/fi.po	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/po/fi.po	2006-10-10 11:11:04 UTC (rev 4294)
@@ -22,7 +22,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.2.2\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:34+0200\n"
+"POT-Creation-Date: 2006-10-06 19:14+0200\n"
 "PO-Revision-Date: 2004-06-16 22:40+0300\n"
 "Last-Translator: Tommi Vainikainen <Tommi.Vainikainen@iki.fi>\n"
 "Language-Team: Finnish <translation-team-fi@lists.sourceforge.net>\n"
@@ -153,21 +153,21 @@
 msgid "failed to create stream from socket: %s\n"
 msgstr "%s: hajautustaulukon luonti ei onnistu: %s\n"
 
-#: agent/divert-scd.c:217
+#: agent/divert-scd.c:219
 msgid "Admin PIN"
 msgstr ""
 
-#: agent/divert-scd.c:275
+#: agent/divert-scd.c:277
 #, fuzzy
 msgid "Repeat this PIN"
 msgstr "Toista salasana: "
 
-#: agent/divert-scd.c:278
+#: agent/divert-scd.c:280
 #, fuzzy
 msgid "PIN not correctly repeated; try again"
 msgstr "salasanaa ei toistettu oikein, yritä uudestaan."
 
-#: agent/divert-scd.c:290
+#: agent/divert-scd.c:292
 #, c-format
 msgid "Please enter the PIN%s%s%s to unlock the card"
 msgstr ""
@@ -6905,7 +6905,7 @@
 msgid "DSA requires the use of a 160 bit hash algorithm\n"
 msgstr "DSA vaatii 160-bittisen tiivistealgoritmin käyttöä\n"
 
-#: sm/certcheck.c:175 sm/sign.c:479 sm/verify.c:189
+#: sm/certcheck.c:177 sm/sign.c:479 sm/verify.c:189
 msgid "(this is the MD2 algorithm)\n"
 msgstr ""
 

Modified: trunk/po/fr.po
===================================================================
--- trunk/po/fr.po	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/po/fr.po	2006-10-10 11:11:04 UTC (rev 4294)
@@ -11,7 +11,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.4.2rc2\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:34+0200\n"
+"POT-Creation-Date: 2006-10-06 19:14+0200\n"
 "PO-Revision-Date: 2005-06-28 00:24+0200\n"
 "Last-Translator: Ga�l Qu�ri <gael@lautre.net>\n"
 "Language-Team: French <traduc@traduc.org>\n"
@@ -145,21 +145,21 @@
 msgid "failed to create stream from socket: %s\n"
 msgstr "%s: la cr�ation de la table de hachage a �chou�: %s\n"
 
-#: agent/divert-scd.c:217
+#: agent/divert-scd.c:219
 #, fuzzy
 msgid "Admin PIN"
 msgstr "|A|code PIN d'administration"
 
-#: agent/divert-scd.c:275
+#: agent/divert-scd.c:277
 #, fuzzy
 msgid "Repeat this PIN"
 msgstr "R�p�tez ce code PIN: "
 
-#: agent/divert-scd.c:278
+#: agent/divert-scd.c:280
 msgid "PIN not correctly repeated; try again"
 msgstr "le code PIN n'a pas �t� correctement r�p�t� ; recommencez"
 
-#: agent/divert-scd.c:290
+#: agent/divert-scd.c:292
 #, fuzzy, c-format
 msgid "Please enter the PIN%s%s%s to unlock the card"
 msgstr "||Entrez le PIN%%0A[sigs faites: %lu]"
@@ -6935,7 +6935,7 @@
 msgid "DSA requires the use of a 160 bit hash algorithm\n"
 msgstr "DSA n�cessite l'utilisation d'un algorithme de hachage de 160 bits\n"
 
-#: sm/certcheck.c:175 sm/sign.c:479 sm/verify.c:189
+#: sm/certcheck.c:177 sm/sign.c:479 sm/verify.c:189
 msgid "(this is the MD2 algorithm)\n"
 msgstr ""
 

Modified: trunk/po/gl.po
===================================================================
--- trunk/po/gl.po	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/po/gl.po	2006-10-10 11:11:04 UTC (rev 4294)
@@ -6,7 +6,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.2.4\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:34+0200\n"
+"POT-Creation-Date: 2006-10-06 19:14+0200\n"
 "PO-Revision-Date: 2003-12-04 11:39+0100\n"
 "Last-Translator: Jacobo Tarrio <jtarrio@trasno.net>\n"
 "Language-Team: Galician <gpul-traduccion@ceu.fi.udc.es>\n"
@@ -137,22 +137,22 @@
 msgid "failed to create stream from socket: %s\n"
 msgstr "%s: fallo ao crear unha t�boa hash: %s\n"
 
-#: agent/divert-scd.c:217
+#: agent/divert-scd.c:219
 #, fuzzy
 msgid "Admin PIN"
 msgstr "Introduza o ID de usuario: "
 
-#: agent/divert-scd.c:275
+#: agent/divert-scd.c:277
 #, fuzzy
 msgid "Repeat this PIN"
 msgstr "Repita o contrasinal: "
 
-#: agent/divert-scd.c:278
+#: agent/divert-scd.c:280
 #, fuzzy
 msgid "PIN not correctly repeated; try again"
 msgstr "o contrasinal non se repetiu correctamente; t�nteo de novo"
 
-#: agent/divert-scd.c:290
+#: agent/divert-scd.c:292
 #, c-format
 msgid "Please enter the PIN%s%s%s to unlock the card"
 msgstr ""
@@ -6913,7 +6913,7 @@
 msgid "DSA requires the use of a 160 bit hash algorithm\n"
 msgstr "DSA require o emprego dun algoritmo hash de 160 bits\n"
 
-#: sm/certcheck.c:175 sm/sign.c:479 sm/verify.c:189
+#: sm/certcheck.c:177 sm/sign.c:479 sm/verify.c:189
 msgid "(this is the MD2 algorithm)\n"
 msgstr ""
 

Modified: trunk/po/hu.po
===================================================================
--- trunk/po/hu.po	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/po/hu.po	2006-10-10 11:11:04 UTC (rev 4294)
@@ -6,7 +6,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.2.5\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:34+0200\n"
+"POT-Creation-Date: 2006-10-06 19:14+0200\n"
 "PO-Revision-Date: 2004-06-19 21:53+0200\n"
 "Last-Translator: Nagy Ferenc L�szl� <nfl@nfllab.com>\n"
 "Language-Team: Hungarian <translation-team-hu@lists.sourceforge.net>\n"
@@ -137,21 +137,21 @@
 msgid "failed to create stream from socket: %s\n"
 msgstr "%s: Hasht�bla l�trehoz�sa sikertelen: %s.\n"
 
-#: agent/divert-scd.c:217
+#: agent/divert-scd.c:219
 msgid "Admin PIN"
 msgstr ""
 
-#: agent/divert-scd.c:275
+#: agent/divert-scd.c:277
 #, fuzzy
 msgid "Repeat this PIN"
 msgstr "Ism�telje meg a jelsz�t: "
 
-#: agent/divert-scd.c:278
+#: agent/divert-scd.c:280
 #, fuzzy
 msgid "PIN not correctly repeated; try again"
 msgstr "Nem ism�telte meg helyesen a jelsz�t! Pr�b�lja �jra!"
 
-#: agent/divert-scd.c:290
+#: agent/divert-scd.c:292
 #, c-format
 msgid "Please enter the PIN%s%s%s to unlock the card"
 msgstr ""
@@ -6866,7 +6866,7 @@
 msgid "DSA requires the use of a 160 bit hash algorithm\n"
 msgstr "A DSA 160 bites hash (kivonatol�) algoritmust ig�nyel.\n"
 
-#: sm/certcheck.c:175 sm/sign.c:479 sm/verify.c:189
+#: sm/certcheck.c:177 sm/sign.c:479 sm/verify.c:189
 msgid "(this is the MD2 algorithm)\n"
 msgstr ""
 

Modified: trunk/po/id.po
===================================================================
--- trunk/po/id.po	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/po/id.po	2006-10-10 11:11:04 UTC (rev 4294)
@@ -7,7 +7,7 @@
 msgstr ""
 "Project-Id-Version: gnupg-id\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:34+0200\n"
+"POT-Creation-Date: 2006-10-06 19:14+0200\n"
 "PO-Revision-Date: 2004-06-17 16:32+0700\n"
 "Last-Translator: Tedi Heriyanto <tedi_h@gmx.net>\n"
 "Language-Team: Indonesian <translation-team-id@lists.sourceforge.net>\n"
@@ -139,21 +139,21 @@
 msgid "failed to create stream from socket: %s\n"
 msgstr "%s: gagal membuat hashtable: %s\n"
 
-#: agent/divert-scd.c:217
+#: agent/divert-scd.c:219
 msgid "Admin PIN"
 msgstr ""
 
-#: agent/divert-scd.c:275
+#: agent/divert-scd.c:277
 #, fuzzy
 msgid "Repeat this PIN"
 msgstr "Ulangi passphrase: "
 
-#: agent/divert-scd.c:278
+#: agent/divert-scd.c:280
 #, fuzzy
 msgid "PIN not correctly repeated; try again"
 msgstr "passphrase tidak diulang dengan benar; coba lagi"
 
-#: agent/divert-scd.c:290
+#: agent/divert-scd.c:292
 #, c-format
 msgid "Please enter the PIN%s%s%s to unlock the card"
 msgstr ""
@@ -6869,7 +6869,7 @@
 msgid "DSA requires the use of a 160 bit hash algorithm\n"
 msgstr "DSA butuh penggunaan algoritma hash 160 bit\n"
 
-#: sm/certcheck.c:175 sm/sign.c:479 sm/verify.c:189
+#: sm/certcheck.c:177 sm/sign.c:479 sm/verify.c:189
 msgid "(this is the MD2 algorithm)\n"
 msgstr ""
 

Modified: trunk/po/it.po
===================================================================
--- trunk/po/it.po	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/po/it.po	2006-10-10 11:11:04 UTC (rev 4294)
@@ -6,7 +6,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.1.92\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:34+0200\n"
+"POT-Creation-Date: 2006-10-06 19:14+0200\n"
 "PO-Revision-Date: 2004-06-16 17:01+0200\n"
 "Last-Translator: Marco d'Itri <md@linux.it>\n"
 "Language-Team: Italian <tp@lists.linux.it>\n"
@@ -137,21 +137,21 @@
 msgid "failed to create stream from socket: %s\n"
 msgstr "%s: creazione della tabella hash fallita: %s\n"
 
-#: agent/divert-scd.c:217
+#: agent/divert-scd.c:219
 msgid "Admin PIN"
 msgstr ""
 
-#: agent/divert-scd.c:275
+#: agent/divert-scd.c:277
 #, fuzzy
 msgid "Repeat this PIN"
 msgstr "Ripeti la passphrase: "
 
-#: agent/divert-scd.c:278
+#: agent/divert-scd.c:280
 #, fuzzy
 msgid "PIN not correctly repeated; try again"
 msgstr "passphrase non ripetuta correttamente; prova ancora"
 
-#: agent/divert-scd.c:290
+#: agent/divert-scd.c:292
 #, c-format
 msgid "Please enter the PIN%s%s%s to unlock the card"
 msgstr ""
@@ -6917,7 +6917,7 @@
 msgid "DSA requires the use of a 160 bit hash algorithm\n"
 msgstr "DSA richiede l'uso di un algoritmo di hashing con almeno 160 bit\n"
 
-#: sm/certcheck.c:175 sm/sign.c:479 sm/verify.c:189
+#: sm/certcheck.c:177 sm/sign.c:479 sm/verify.c:189
 msgid "(this is the MD2 algorithm)\n"
 msgstr ""
 

Modified: trunk/po/ja.po
===================================================================
--- trunk/po/ja.po	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/po/ja.po	2006-10-10 11:11:04 UTC (rev 4294)
@@ -9,7 +9,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.3.92\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:34+0200\n"
+"POT-Creation-Date: 2006-10-06 19:14+0200\n"
 "PO-Revision-Date: 2004-11-23 11:14+0900\n"
 "Last-Translator: IIDA Yosiaki <iida@gnu.org>\n"
 "Language-Team: Japanese <translation-team-ja@lists.sourceforge.net>\n"
@@ -140,21 +140,21 @@
 msgid "failed to create stream from socket: %s\n"
 msgstr "%s: �ϥå���ɽ�κ����˼��Ԥ��ޤ���: %s\n"
 
-#: agent/divert-scd.c:217
+#: agent/divert-scd.c:219
 #, fuzzy
 msgid "Admin PIN"
 msgstr "|A|Admin PIN"
 
-#: agent/divert-scd.c:275
+#: agent/divert-scd.c:277
 #, fuzzy
 msgid "Repeat this PIN"
 msgstr "PIN�������: "
 
-#: agent/divert-scd.c:278
+#: agent/divert-scd.c:280
 msgid "PIN not correctly repeated; try again"
 msgstr "PIN������ȷ����֤��Ƥ��ޤ��󡣺����Ϥ��Ƥ�������"
 
-#: agent/divert-scd.c:290
+#: agent/divert-scd.c:292
 #, fuzzy, c-format
 msgid "Please enter the PIN%s%s%s to unlock the card"
 msgstr "PIN [��̾��: %lu]"
@@ -6674,7 +6674,7 @@
 msgid "DSA requires the use of a 160 bit hash algorithm\n"
 msgstr "DSA�Ǥ�160�ӥåȤΥϥå��塦���르�ꥺ��λ��Ѥ�ɬ�פǤ�\n"
 
-#: sm/certcheck.c:175 sm/sign.c:479 sm/verify.c:189
+#: sm/certcheck.c:177 sm/sign.c:479 sm/verify.c:189
 msgid "(this is the MD2 algorithm)\n"
 msgstr ""
 

Modified: trunk/po/nb.po
===================================================================
--- trunk/po/nb.po	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/po/nb.po	2006-10-10 11:11:04 UTC (rev 4294)
@@ -10,7 +10,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.4.3\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:34+0200\n"
+"POT-Creation-Date: 2006-10-06 19:14+0200\n"
 "PO-Revision-Date: 2006-06-13 20:31+0200\n"
 "Last-Translator: Trond Endrest�l <Trond.Endrestol@fagskolen.gjovik.no>\n"
 "Language-Team: Norwegian Bokm�l <i18n-nb@lister.ping.uio.no>\n"
@@ -140,21 +140,21 @@
 msgid "failed to create stream from socket: %s\n"
 msgstr "klarte ikke � lagre n�kkelen: %s\n"
 
-#: agent/divert-scd.c:217
+#: agent/divert-scd.c:219
 #, fuzzy
 msgid "Admin PIN"
 msgstr "|A|Admin PIN"
 
-#: agent/divert-scd.c:275
+#: agent/divert-scd.c:277
 #, fuzzy
 msgid "Repeat this PIN"
 msgstr "Gjenta denne PIN: "
 
-#: agent/divert-scd.c:278
+#: agent/divert-scd.c:280
 msgid "PIN not correctly repeated; try again"
 msgstr "PIN ble ikke gjentatt korrekt; pr�v igjen"
 
-#: agent/divert-scd.c:290
+#: agent/divert-scd.c:292
 #, fuzzy, c-format
 msgid "Please enter the PIN%s%s%s to unlock the card"
 msgstr "||Vennligst tast inn PIN%%0A[signaturer utf�rt: %lu]"
@@ -6549,7 +6549,7 @@
 msgid "DSA requires the use of a 160 bit hash algorithm\n"
 msgstr "DSA krever bruk av en 160-bit hashalgoritme\n"
 
-#: sm/certcheck.c:175 sm/sign.c:479 sm/verify.c:189
+#: sm/certcheck.c:177 sm/sign.c:479 sm/verify.c:189
 msgid "(this is the MD2 algorithm)\n"
 msgstr ""
 

Modified: trunk/po/pl.po
===================================================================
--- trunk/po/pl.po	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/po/pl.po	2006-10-10 11:11:04 UTC (rev 4294)
@@ -8,7 +8,7 @@
 msgstr ""
 "Project-Id-Version: gnupg-1.2.2\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:34+0200\n"
+"POT-Creation-Date: 2006-10-06 19:14+0200\n"
 "PO-Revision-Date: 2004-06-23 15:54+0200\n"
 "Last-Translator: Janusz A. Urbanowicz <alex@bofh.net.pl>\n"
 "Language-Team: Polish <pl@li.org>\n"
@@ -147,22 +147,22 @@
 msgid "failed to create stream from socket: %s\n"
 msgstr "%s: tworzenie tablicy skr�t�w nie powiod�o si�: %s\n"
 
-#: agent/divert-scd.c:217
+#: agent/divert-scd.c:219
 #, fuzzy
 msgid "Admin PIN"
 msgstr "Podaj identyfikator u�ytkownika (user ID): "
 
-#: agent/divert-scd.c:275
+#: agent/divert-scd.c:277
 #, fuzzy
 msgid "Repeat this PIN"
 msgstr "Powt�rz has�o: "
 
-#: agent/divert-scd.c:278
+#: agent/divert-scd.c:280
 #, fuzzy
 msgid "PIN not correctly repeated; try again"
 msgstr "has�o nie zosta�o poprawnie powt�rzone; jeszcze jedna pr�ba"
 
-#: agent/divert-scd.c:290
+#: agent/divert-scd.c:292
 #, c-format
 msgid "Please enter the PIN%s%s%s to unlock the card"
 msgstr ""
@@ -6911,7 +6911,7 @@
 msgstr ""
 "Algorytm DSA wymaga u�ycia algorytmu skr�tu daj�cego 160-bitowy wynik.\n"
 
-#: sm/certcheck.c:175 sm/sign.c:479 sm/verify.c:189
+#: sm/certcheck.c:177 sm/sign.c:479 sm/verify.c:189
 msgid "(this is the MD2 algorithm)\n"
 msgstr ""
 

Modified: trunk/po/pt.po
===================================================================
--- trunk/po/pt.po	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/po/pt.po	2006-10-10 11:11:04 UTC (rev 4294)
@@ -9,7 +9,7 @@
 msgstr ""
 "Project-Id-Version: gnupg\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:34+0200\n"
+"POT-Creation-Date: 2006-10-06 19:14+0200\n"
 "PO-Revision-Date: 2002-09-13 18:26+0100\n"
 "Last-Translator: Pedro Morais <morais@kde.org>\n"
 "Language-Team: pt <morais@kde.org>\n"
@@ -140,21 +140,21 @@
 msgid "failed to create stream from socket: %s\n"
 msgstr "%s: falha ao criar tabela de dispers�o: %s\n"
 
-#: agent/divert-scd.c:217
+#: agent/divert-scd.c:219
 msgid "Admin PIN"
 msgstr ""
 
-#: agent/divert-scd.c:275
+#: agent/divert-scd.c:277
 #, fuzzy
 msgid "Repeat this PIN"
 msgstr "Repita a frase secreta: "
 
-#: agent/divert-scd.c:278
+#: agent/divert-scd.c:280
 #, fuzzy
 msgid "PIN not correctly repeated; try again"
 msgstr "a frase secreta n�o foi repetida corretamente; tente outra vez"
 
-#: agent/divert-scd.c:290
+#: agent/divert-scd.c:292
 #, c-format
 msgid "Please enter the PIN%s%s%s to unlock the card"
 msgstr ""
@@ -6877,7 +6877,7 @@
 msgid "DSA requires the use of a 160 bit hash algorithm\n"
 msgstr "DSA necessita de utiliza��o de uma algoritmo de dispers�o de 160 bit\n"
 
-#: sm/certcheck.c:175 sm/sign.c:479 sm/verify.c:189
+#: sm/certcheck.c:177 sm/sign.c:479 sm/verify.c:189
 msgid "(this is the MD2 algorithm)\n"
 msgstr ""
 

Modified: trunk/po/pt_BR.po
===================================================================
--- trunk/po/pt_BR.po	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/po/pt_BR.po	2006-10-10 11:11:04 UTC (rev 4294)
@@ -13,7 +13,7 @@
 msgstr ""
 "Project-Id-Version: GNU gnupg 1.0\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:34+0200\n"
+"POT-Creation-Date: 2006-10-06 19:14+0200\n"
 "PO-Revision-Date: 1998-11-20 23:46:36-0200\n"
 "Last-Translator:\n"
 "Language-Team: ?\n"
@@ -144,22 +144,22 @@
 msgid "failed to create stream from socket: %s\n"
 msgstr "%s: falha ao criar tabela de \"hash\": %s\n"
 
-#: agent/divert-scd.c:217
+#: agent/divert-scd.c:219
 #, fuzzy
 msgid "Admin PIN"
 msgstr "Digite o identificador de usu�rio: "
 
-#: agent/divert-scd.c:275
+#: agent/divert-scd.c:277
 #, fuzzy
 msgid "Repeat this PIN"
 msgstr "Repita a frase secreta: "
 
-#: agent/divert-scd.c:278
+#: agent/divert-scd.c:280
 #, fuzzy
 msgid "PIN not correctly repeated; try again"
 msgstr "A frase secreta n�o foi repetida corretamente; tente outra vez.\n"
 
-#: agent/divert-scd.c:290
+#: agent/divert-scd.c:292
 #, c-format
 msgid "Please enter the PIN%s%s%s to unlock the card"
 msgstr ""
@@ -6825,7 +6825,7 @@
 msgid "DSA requires the use of a 160 bit hash algorithm\n"
 msgstr ""
 
-#: sm/certcheck.c:175 sm/sign.c:479 sm/verify.c:189
+#: sm/certcheck.c:177 sm/sign.c:479 sm/verify.c:189
 msgid "(this is the MD2 algorithm)\n"
 msgstr ""
 

Modified: trunk/po/ro.po
===================================================================
--- trunk/po/ro.po	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/po/ro.po	2006-10-10 11:11:04 UTC (rev 4294)
@@ -9,7 +9,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.4.2rc1\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:34+0200\n"
+"POT-Creation-Date: 2006-10-06 19:14+0200\n"
 "PO-Revision-Date: 2005-05-31 22:00-0500\n"
 "Last-Translator: Laurentiu Buzdugan <lbuz@rolix.org>\n"
 "Language-Team: Romanian <translation-team-ro@lists.sourceforge.net>\n"
@@ -143,21 +143,21 @@
 msgid "failed to create stream from socket: %s\n"
 msgstr "%s: am e�uat s� creez hashtable: %s\n"
 
-#: agent/divert-scd.c:217
+#: agent/divert-scd.c:219
 #, fuzzy
 msgid "Admin PIN"
 msgstr "|A|PIN Admin"
 
-#: agent/divert-scd.c:275
+#: agent/divert-scd.c:277
 #, fuzzy
 msgid "Repeat this PIN"
 msgstr "Repeta�i acest PIN: "
 
-#: agent/divert-scd.c:278
+#: agent/divert-scd.c:280
 msgid "PIN not correctly repeated; try again"
 msgstr "PIN-ul nu a fost repetat corect; mai �ncerca�i o dat�"
 
-#: agent/divert-scd.c:290
+#: agent/divert-scd.c:292
 #, fuzzy, c-format
 msgid "Please enter the PIN%s%s%s to unlock the card"
 msgstr "||V� rug�m introduce�i PIN%%0A[semn�turi f�cute: %lu]"
@@ -6777,7 +6777,7 @@
 msgid "DSA requires the use of a 160 bit hash algorithm\n"
 msgstr "DSA necesit� folosirea unui algoritm cu hash de 160 bi�i\n"
 
-#: sm/certcheck.c:175 sm/sign.c:479 sm/verify.c:189
+#: sm/certcheck.c:177 sm/sign.c:479 sm/verify.c:189
 msgid "(this is the MD2 algorithm)\n"
 msgstr ""
 

Modified: trunk/po/ru.po
===================================================================
--- trunk/po/ru.po	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/po/ru.po	2006-10-10 11:11:04 UTC (rev 4294)
@@ -8,7 +8,7 @@
 msgstr ""
 "Project-Id-Version: GnuPG 1.4.2\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:34+0200\n"
+"POT-Creation-Date: 2006-10-06 19:14+0200\n"
 "PO-Revision-Date: 2005-06-22 02:53+0200\n"
 "Last-Translator: Maxim Britov <maxbritov@tut.by>\n"
 "Language-Team: Russian <gnupg-ru@gnupg.org>\n"
@@ -139,21 +139,21 @@
 msgid "failed to create stream from socket: %s\n"
 msgstr "%s: сбой создания таблицы хэшей: %s\n"
 
-#: agent/divert-scd.c:217
+#: agent/divert-scd.c:219
 #, fuzzy
 msgid "Admin PIN"
 msgstr "|A|Административный PID"
 
-#: agent/divert-scd.c:275
+#: agent/divert-scd.c:277
 #, fuzzy
 msgid "Repeat this PIN"
 msgstr "Повторите ввод PIN: "
 
-#: agent/divert-scd.c:278
+#: agent/divert-scd.c:280
 msgid "PIN not correctly repeated; try again"
 msgstr "повторный ввод PIN некорректен; попробуйте еще раз"
 
-#: agent/divert-scd.c:290
+#: agent/divert-scd.c:292
 #, fuzzy, c-format
 msgid "Please enter the PIN%s%s%s to unlock the card"
 msgstr "||Введите PIN%%0A[подписей: %lu]"
@@ -6725,7 +6725,7 @@
 msgid "DSA requires the use of a 160 bit hash algorithm\n"
 msgstr "DSA требует использования 160 битной хэш-функции\n"
 
-#: sm/certcheck.c:175 sm/sign.c:479 sm/verify.c:189
+#: sm/certcheck.c:177 sm/sign.c:479 sm/verify.c:189
 msgid "(this is the MD2 algorithm)\n"
 msgstr ""
 

Modified: trunk/po/sk.po
===================================================================
--- trunk/po/sk.po	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/po/sk.po	2006-10-10 11:11:04 UTC (rev 4294)
@@ -5,7 +5,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.2.5\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:34+0200\n"
+"POT-Creation-Date: 2006-10-06 19:14+0200\n"
 "PO-Revision-Date: 2004-07-20 15:52+0200\n"
 "Last-Translator: Michal Majer <mmajer@econ.umb.sk>\n"
 "Language-Team: Slovak <sk-i18n@lists.linux.sk>\n"
@@ -136,21 +136,21 @@
 msgid "failed to create stream from socket: %s\n"
 msgstr "%s: nepodarilo sa vytvori� hashovaciu tabu�ku: %s\n"
 
-#: agent/divert-scd.c:217
+#: agent/divert-scd.c:219
 msgid "Admin PIN"
 msgstr ""
 
-#: agent/divert-scd.c:275
+#: agent/divert-scd.c:277
 #, fuzzy
 msgid "Repeat this PIN"
 msgstr "Opakujte heslo: "
 
-#: agent/divert-scd.c:278
+#: agent/divert-scd.c:280
 #, fuzzy
 msgid "PIN not correctly repeated; try again"
 msgstr "heslo nie je zopakovan� spr�vne; sk�ste to znovu"
 
-#: agent/divert-scd.c:290
+#: agent/divert-scd.c:292
 #, c-format
 msgid "Please enter the PIN%s%s%s to unlock the card"
 msgstr ""
@@ -6883,7 +6883,7 @@
 msgid "DSA requires the use of a 160 bit hash algorithm\n"
 msgstr "DSA po�aduje pou�itie 160 bitov�ho hashovacieho algoritmu\n"
 
-#: sm/certcheck.c:175 sm/sign.c:479 sm/verify.c:189
+#: sm/certcheck.c:177 sm/sign.c:479 sm/verify.c:189
 msgid "(this is the MD2 algorithm)\n"
 msgstr ""
 

Modified: trunk/po/sv.po
===================================================================
--- trunk/po/sv.po	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/po/sv.po	2006-10-10 11:11:04 UTC (rev 4294)
@@ -23,7 +23,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.2.6\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:34+0200\n"
+"POT-Creation-Date: 2006-10-06 19:14+0200\n"
 "PO-Revision-Date: 2004-12-01 17:49+0100\n"
 "Last-Translator: Per Tunedal <info@clipanish.com>\n"
 "Language-Team: Swedish <sv@li.org>\n"
@@ -157,21 +157,21 @@
 msgid "failed to create stream from socket: %s\n"
 msgstr "%s: misslyckades med att skapa kontrollsummetabell: %s\n"
 
-#: agent/divert-scd.c:217
+#: agent/divert-scd.c:219
 msgid "Admin PIN"
 msgstr ""
 
-#: agent/divert-scd.c:275
+#: agent/divert-scd.c:277
 #, fuzzy
 msgid "Repeat this PIN"
 msgstr "Repetera lösenmeningen: "
 
-#: agent/divert-scd.c:278
+#: agent/divert-scd.c:280
 #, fuzzy
 msgid "PIN not correctly repeated; try again"
 msgstr "lösenmeningen upprepades inte korrekt; försök igen."
 
-#: agent/divert-scd.c:290
+#: agent/divert-scd.c:292
 #, c-format
 msgid "Please enter the PIN%s%s%s to unlock the card"
 msgstr ""
@@ -7038,7 +7038,7 @@
 msgid "DSA requires the use of a 160 bit hash algorithm\n"
 msgstr "DSA kräver att du använder en 160-bitars kontrollsummealgoritm\n"
 
-#: sm/certcheck.c:175 sm/sign.c:479 sm/verify.c:189
+#: sm/certcheck.c:177 sm/sign.c:479 sm/verify.c:189
 msgid "(this is the MD2 algorithm)\n"
 msgstr ""
 

Modified: trunk/po/tr.po
===================================================================
--- trunk/po/tr.po	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/po/tr.po	2006-10-10 11:11:04 UTC (rev 4294)
@@ -6,7 +6,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.4.1\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:34+0200\n"
+"POT-Creation-Date: 2006-10-06 19:14+0200\n"
 "PO-Revision-Date: 2005-03-16 07:30+0300\n"
 "Last-Translator: Nilgün Belma Bugüner <nilgun@superonline.com>\n"
 "Language-Team: Turkish <gnu-tr-u12a@lists.sourceforge.net>\n"
@@ -138,21 +138,21 @@
 msgid "failed to create stream from socket: %s\n"
 msgstr "%s: nitelemeli tablo oluşturulamadı: %s\n"
 
-#: agent/divert-scd.c:217
+#: agent/divert-scd.c:219
 #, fuzzy
 msgid "Admin PIN"
 msgstr "|A|Yönetici PIN'i"
 
-#: agent/divert-scd.c:275
+#: agent/divert-scd.c:277
 #, fuzzy
 msgid "Repeat this PIN"
 msgstr "Bu PIN'i tekrarlayın: "
 
-#: agent/divert-scd.c:278
+#: agent/divert-scd.c:280
 msgid "PIN not correctly repeated; try again"
 msgstr "PIN doğru tekrarlanmadı; tekrar deneyin"
 
-#: agent/divert-scd.c:290
+#: agent/divert-scd.c:292
 #, fuzzy, c-format
 msgid "Please enter the PIN%s%s%s to unlock the card"
 msgstr "PIN [yapılan imza: %lu]"
@@ -6760,7 +6760,7 @@
 msgid "DSA requires the use of a 160 bit hash algorithm\n"
 msgstr "DSA, 160 bitlik bir hash algoritması kullanılmasını gerektiriyor\n"
 
-#: sm/certcheck.c:175 sm/sign.c:479 sm/verify.c:189
+#: sm/certcheck.c:177 sm/sign.c:479 sm/verify.c:189
 msgid "(this is the MD2 algorithm)\n"
 msgstr ""
 

Modified: trunk/po/zh_CN.po
===================================================================
--- trunk/po/zh_CN.po	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/po/zh_CN.po	2006-10-10 11:11:04 UTC (rev 4294)
@@ -7,7 +7,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.4.4\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:34+0200\n"
+"POT-Creation-Date: 2006-10-06 19:14+0200\n"
 "PO-Revision-Date: 2006-07-02 10:58+0800\n"
 "Last-Translator: Meng Jie <zuxyhere@eastday.com>\n"
 "Language-Team: Chinese (simplified) <i18n-translation@lists.linux.net.cn>\n"
@@ -142,21 +142,21 @@
 msgid "failed to create stream from socket: %s\n"
 msgstr "%s：建立散列表失败：%s\n"
 
-#: agent/divert-scd.c:217
+#: agent/divert-scd.c:219
 #, fuzzy
 msgid "Admin PIN"
 msgstr "|A|管理员 PIN"
 
-#: agent/divert-scd.c:275
+#: agent/divert-scd.c:277
 #, fuzzy
 msgid "Repeat this PIN"
 msgstr "再次输入此 PIN："
 
-#: agent/divert-scd.c:278
+#: agent/divert-scd.c:280
 msgid "PIN not correctly repeated; try again"
 msgstr "PIN 再次输入时与首次输入不符；请再试一次"
 
-#: agent/divert-scd.c:290
+#: agent/divert-scd.c:292
 #, fuzzy, c-format
 msgid "Please enter the PIN%s%s%s to unlock the card"
 msgstr "||请输入 PIN%%0A[完成的签字：%lu]"
@@ -6578,7 +6578,7 @@
 msgid "DSA requires the use of a 160 bit hash algorithm\n"
 msgstr "DSA 要求使用 160 位的散列算法\n"
 
-#: sm/certcheck.c:175 sm/sign.c:479 sm/verify.c:189
+#: sm/certcheck.c:177 sm/sign.c:479 sm/verify.c:189
 msgid "(this is the MD2 algorithm)\n"
 msgstr ""
 

Modified: trunk/po/zh_TW.po
===================================================================
--- trunk/po/zh_TW.po	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/po/zh_TW.po	2006-10-10 11:11:04 UTC (rev 4294)
@@ -9,7 +9,7 @@
 msgstr ""
 "Project-Id-Version: gnupg 1.4.2\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"POT-Creation-Date: 2006-10-04 18:34+0200\n"
+"POT-Creation-Date: 2006-10-06 19:14+0200\n"
 "PO-Revision-Date: 2005-07-29 09:49+0800\n"
 "Last-Translator: Jedi <Jedi@Jedi.org>\n"
 "Language-Team: Chinese (traditional) <zh-l10n@linux.org.tw>\n"
@@ -140,21 +140,21 @@
 msgid "failed to create stream from socket: %s\n"
 msgstr "%s: 建立雜湊表失敗: %s\n"
 
-#: agent/divert-scd.c:217
+#: agent/divert-scd.c:219
 #, fuzzy
 msgid "Admin PIN"
 msgstr "|A|Admin PIN"
 
-#: agent/divert-scd.c:275
+#: agent/divert-scd.c:277
 #, fuzzy
 msgid "Repeat this PIN"
 msgstr "請再次輸入個人識別碼 (PIN): "
 
-#: agent/divert-scd.c:278
+#: agent/divert-scd.c:280
 msgid "PIN not correctly repeated; try again"
 msgstr "個人識別碼 (PIN) 再次輸入時沒有正確重複; 請再試一次"
 
-#: agent/divert-scd.c:290
+#: agent/divert-scd.c:292
 #, fuzzy, c-format
 msgid "Please enter the PIN%s%s%s to unlock the card"
 msgstr "||請輸入 PIN%%0A[簽署完成: %lu]"
@@ -6618,7 +6618,7 @@
 msgid "DSA requires the use of a 160 bit hash algorithm\n"
 msgstr "DSA 要求使用 160 位元的雜湊演算法\n"
 
-#: sm/certcheck.c:175 sm/sign.c:479 sm/verify.c:189
+#: sm/certcheck.c:177 sm/sign.c:479 sm/verify.c:189
 msgid "(this is the MD2 algorithm)\n"
 msgstr ""
 

Modified: trunk/scd/ChangeLog
===================================================================
--- trunk/scd/ChangeLog	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/scd/ChangeLog	2006-10-10 11:11:04 UTC (rev 4294)
@@ -1,3 +1,10 @@
+2006-10-06  Werner Koch  <wk@g10code.com>
+
+	* Makefile.am (AM_CFLAGS): Use PTH version of libassuan.
+	(scdaemon_LDADD): Ditto.
+
+	* scdaemon.h (send_status_info): Mark with sentinel attribute.
+
 2006-10-02  Marcus Brinkmann  <marcus@g10code.de>
 
 	* command.c (update_reader_status_file): Increase buffer of

Modified: trunk/scd/Makefile.am
===================================================================
--- trunk/scd/Makefile.am	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/scd/Makefile.am	2006-10-10 11:11:04 UTC (rev 4294)
@@ -29,7 +29,7 @@
 include $(top_srcdir)/am/cmacros.am
 
 AM_CFLAGS =  $(LIBGCRYPT_CFLAGS) \
-	     $(KSBA_CFLAGS) $(LIBASSUAN_CFLAGS) $(PTH_CFLAGS)
+	     $(KSBA_CFLAGS) $(LIBASSUAN_PTH_CFLAGS) $(PTH_CFLAGS)
 
 
 card_apps = app-openpgp.c app-nks.c app-dinsig.c app-p15.c
@@ -45,7 +45,7 @@
 
 
 scdaemon_LDADD = ../jnlib/libjnlib.a ../common/libcommon.a ../gl/libgnu.a \
-	$(LIBGCRYPT_LIBS) $(KSBA_LIBS) $(PTH_LIBS) $(LIBASSUAN_LIBS) \
+	$(LIBGCRYPT_LIBS) $(KSBA_LIBS) $(LIBASSUAN_PTH_LIBS) $(PTH_LIBS) \
 	$(LIBUSB_LIBS) -lgpg-error $(LIBINTL) $(DL_LIBS) $(NETLIBS)
 
 # Removed for now: We need to decide whether it makes sense to
@@ -63,7 +63,7 @@
 #sc_copykeys_LDADD = \
 #	../jnlib/libjnlib.a ../common/libcommon.a \
 #	../common/libsimple-pwquery.a \
-#	$(LIBGCRYPT_LIBS) $(PTH_LIBS) $(KSBA_LIBS) $(LIBASSUAN_LIBS) \
+#	$(LIBGCRYPT_LIBS) $(KSBA_LIBS) $(LIBASSUAN_PTH_LIBS) $(PTH_LIBS) \
 #	 $(LIBUSB_LIBS) \
 #        -lgpg-error @LIBINTL@ @DL_LIBS@
 #

Modified: trunk/scd/app-p15.c
===================================================================
--- trunk/scd/app-p15.c	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/scd/app-p15.c	2006-10-10 11:11:04 UTC (rev 4294)
@@ -3187,7 +3187,7 @@
 
 /* Handler for the PKAUTH command. 
 
-   This is basically the same as the PKSIGN command but we firstcheck
+   This is basically the same as the PKSIGN command but we first check
    that the requested key is suitable for authentication; that is, it
    must match the criteria used for the attribute $AUTHKEYID.  See
    do_sign for calling conventions; there is no HASHALGO, though. */

Modified: trunk/scd/scdaemon.h
===================================================================
--- trunk/scd/scdaemon.h	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/scd/scdaemon.h	2006-10-10 11:11:04 UTC (rev 4294)
@@ -110,7 +110,8 @@
 
 /*-- command.c --*/
 void scd_command_handler (int);
-void send_status_info (ctrl_t ctrl, const char *keyword, ...);
+void send_status_info (ctrl_t ctrl, const char *keyword, ...)
+     GNUPG_GCC_A_SENTINEL(1);
 void scd_update_reader_status_file (void);
 
 

Modified: trunk/sm/ChangeLog
===================================================================
--- trunk/sm/ChangeLog	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/sm/ChangeLog	2006-10-10 11:11:04 UTC (rev 4294)
@@ -1,3 +1,8 @@
+2006-10-06  Werner Koch  <wk@g10code.com>
+
+	* Makefile.am (AM_CFLAGS): Use PTH version of libassuan.
+	(gpgsm_LDADD): Ditto.
+
 2006-10-05  Werner Koch  <wk@g10code.com>
 
 	* certcheck.c (do_encode_md): Check that the has algo is valid.

Modified: trunk/sm/Makefile.am
===================================================================
--- trunk/sm/Makefile.am	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/sm/Makefile.am	2006-10-10 11:11:04 UTC (rev 4294)
@@ -22,7 +22,7 @@
 
 bin_PROGRAMS = gpgsm
 
-AM_CFLAGS = $(LIBGCRYPT_CFLAGS) $(LIBASSUAN_CFLAGS) $(KSBA_CFLAGS) \
+AM_CFLAGS = $(LIBGCRYPT_CFLAGS) $(LIBASSUAN_PTH_CFLAGS) $(KSBA_CFLAGS) \
             $(PTH_CFLAGS)
 
 AM_CPPFLAGS = -I$(top_srcdir)/gl -I$(top_srcdir)/common -I$(top_srcdir)/intl 
@@ -58,8 +58,8 @@
               ../common/libcommon.a ../gl/libgnu.a
 
 gpgsm_LDADD = $(common_libs) \
-              $(LIBGCRYPT_LIBS)  $(KSBA_LIBS) $(LIBASSUAN_LIBS) -lgpg-error \
-	      $(LIBINTL) $(PTH_LIBS) $(ZLIBS)
+              $(LIBGCRYPT_LIBS) $(KSBA_LIBS) $(LIBASSUAN_PTH_LIBS) \
+               -lgpg-error  $(LIBINTL) $(PTH_LIBS) $(ZLIBS)
 
 # Make sure that all libs are build before we use them.  This is
 # important for things like make -j2.

Modified: trunk/tools/ChangeLog
===================================================================
--- trunk/tools/ChangeLog	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/tools/ChangeLog	2006-10-10 11:11:04 UTC (rev 4294)
@@ -1,3 +1,8 @@
+2006-10-08  Werner Koch  <wk@g10code.com>
+
+	* Makefile.am (gpgkey2ssh_LDADD): Add LIBINTL. Suggested by
+	Andreas Metzler.
+
 2006-09-22  Werner Koch  <wk@g10code.com>
 
 	* no-libgcrypt.c: Changed license to a simple all permissive one.

Modified: trunk/tools/Makefile.am
===================================================================
--- trunk/tools/Makefile.am	2006-10-06 11:06:15 UTC (rev 4293)
+++ trunk/tools/Makefile.am	2006-10-10 11:11:04 UTC (rev 4294)
@@ -79,8 +79,8 @@
 gpgkey2ssh_CFLAGS = $(LIBGCRYPT_CFLAGS) $(GPG_ERROR_CFLAGS)
 # common sucks in jnlib, via use of BUG() in an inline function, which
 # some compilers do not eliminate.
-gpgkey2ssh_LDADD = ../jnlib/libjnlib.a ../common/libcommon.a ../gl/libgnu.a \
-                   $(LIBGCRYPT_LIBS) $(GPG_ERROR_LIBS)
+gpgkey2ssh_LDADD = $(common_libs) \
+                   $(LIBGCRYPT_LIBS) $(GPG_ERROR_LIBS) $(LIBINTL)
 
 
 # Make sure that all libs are build before we use them.  This is


From cvs at cvs.gnupg.org  Tue Oct 10 20:27:30 2006
From: cvs at cvs.gnupg.org (svn author marcus)
Date: Tue Oct 10 19:56:55 2006
Subject: [svn] gcry - r1180 - in trunk: . m4 src
Message-ID: <E1GXLqR-0008CJ-9f@trithemius.gnupg.org>

Author: marcus
Date: 2006-10-10 20:27:28 +0200 (Tue, 10 Oct 2006)
New Revision: 1180

Added:
   trunk/m4/fallback.m4
   trunk/src/gcrypt.h.in
Removed:
   trunk/src/gcrypt.h
Modified:
   trunk/ChangeLog
   trunk/configure.ac
   trunk/m4/ChangeLog
   trunk/src/ChangeLog
   trunk/src/Makefile.am
Log:
2006-10-10  Marcus Brinkmann  <marcus@g10code.de>

        * configure.ac: Invoke AC_CHECK_SOCKLEN_TYPE.
        (AC_CONFIG_FILES): Add src/gcrypt.h.
        (AC_CONFIG_SRCDIR): Change to src/libgcrypt.vers.

m4/
2006-10-10  Marcus Brinkmann  <marcus@g10code.de>

        * fallback.m4: New file from Pth.

src/
2006-10-10  Marcus Brinkmann  <marcus@g10code.de>

        * gcrypt.h: Add fallback type for socklen_t.  Move to ...
        * gcrypt.h.in: ... this file.
        * Makefile.am (EXTRA_DIST): Add gcrypt.h.in.



Modified: trunk/ChangeLog
===================================================================
--- trunk/ChangeLog	2006-10-05 08:01:11 UTC (rev 1179)
+++ trunk/ChangeLog	2006-10-10 18:27:28 UTC (rev 1180)
@@ -1,3 +1,9 @@
+2006-10-10  Marcus Brinkmann  <marcus@g10code.de>
+
+	* configure.ac: Invoke AC_CHECK_SOCKLEN_TYPE.
+	(AC_CONFIG_FILES): Add src/gcrypt.h.
+	(AC_CONFIG_SRCDIR): Change to src/libgcrypt.vers.
+
 2006-08-29  Werner Koch  <wk@g10code.com>
 
 	* configure.ac (USE_SEED): New.

Modified: trunk/configure.ac
===================================================================
--- trunk/configure.ac	2006-10-05 08:01:11 UTC (rev 1179)
+++ trunk/configure.ac	2006-10-10 18:27:28 UTC (rev 1180)
@@ -46,7 +46,7 @@
 PACKAGE=$PACKAGE_NAME
 VERSION=$PACKAGE_VERSION
 
-AC_CONFIG_SRCDIR([src/gcrypt.h])
+AC_CONFIG_SRCDIR([src/libgcrypt.vers])
 AC_CANONICAL_TARGET()
 AM_INIT_AUTOMAKE($PACKAGE, $VERSION)
 AM_CONFIG_HEADER(config.h)
@@ -851,12 +851,25 @@
 AC_SUBST(LIBGCRYPT_PUBKEY_CIPHERS, $enabled_pubkey_ciphers)
 AC_SUBST(LIBGCRYPT_DIGESTS, $enabled_digests)
 
+dnl # Fallback definitions for gcrypt.h:
+dnl #
+dnl # check for network/socket size type
+AC_CHECK_SOCKLENTYPE([
+FALLBACK_SOCKLEN_T="typedef ${ac_type} socklen_t;"
+if test ".$ac_type" = ".socklen_t"; then
+    FALLBACK_SOCKLEN_T="/* $FALLBACK_SOCKLEN_T */"
+fi
+AC_SUBST(FALLBACK_SOCKLEN_T)
+])
+
+
 AC_CONFIG_FILES([
 Makefile
 mpi/Makefile
 cipher/Makefile
 doc/Makefile
 src/Makefile
+src/gcrypt.h
 src/libgcrypt-config
 tests/Makefile
 w32-dll/Makefile

Modified: trunk/m4/ChangeLog
===================================================================
--- trunk/m4/ChangeLog	2006-10-05 08:01:11 UTC (rev 1179)
+++ trunk/m4/ChangeLog	2006-10-10 18:27:28 UTC (rev 1180)
@@ -1,3 +1,7 @@
+2006-10-10  Marcus Brinkmann  <marcus@g10code.de>
+
+	* fallback.m4: New file from Pth.
+
 2006-07-04  Marcus Brinkmann  <marcus@g10code.de>
 
 	* sys_socket_h.m4, socklen.m4, onceonly.m4: New files from gnulib.

Added: trunk/m4/fallback.m4
===================================================================
--- trunk/m4/fallback.m4	2006-10-05 08:01:11 UTC (rev 1179)
+++ trunk/m4/fallback.m4	2006-10-10 18:27:28 UTC (rev 1180)
@@ -0,0 +1,180 @@
+dnl ##
+dnl ##  GNU Pth - The GNU Portable Threads
+dnl ##  Copyright (c) 1999-2004 Ralf S. Engelschall <rse@engelschall.com>
+dnl ##
+dnl ##  This file is part of GNU Pth, a non-preemptive thread scheduling
+dnl ##  library which can be found at http://www.gnu.org/software/pth/.
+dnl ##
+dnl ##  This library is free software; you can redistribute it and/or
+dnl ##  modify it under the terms of the GNU Lesser General Public
+dnl ##  License as published by the Free Software Foundation; either
+dnl ##  version 2.1 of the License, or (at your option) any later version.
+dnl ##
+dnl ##  This library is distributed in the hope that it will be useful,
+dnl ##  but WITHOUT ANY WARRANTY; without even the implied warranty of
+dnl ##  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+dnl ##  Lesser General Public License for more details.
+dnl ##
+dnl ##  You should have received a copy of the GNU Lesser General Public
+dnl ##  License along with this library; if not, write to the Free Software
+dnl ##  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+dnl ##  USA, or contact Ralf S. Engelschall <rse@engelschall.com>.
+dnl ##
+dnl ##  aclocal.m4: Pth Autoconf macros
+dnl ##
+                        dnl # ``"Reuse an expert's code" is the right
+                        dnl #   advice for most people. But it's a useless
+                        dnl #   advice for the experts writing the code
+                        dnl #   in the first place.'
+                        dnl #               -- Dan J. Bernstein
+
+dnl ##
+dnl ##  Check for socket/network size type
+dnl ##
+dnl ##  configure.ac:
+dnl ##    AC_CHECK_SOCKLENTYPE(<action-with-${ac_type}>)
+dnl ##
+
+
+dnl ##
+dnl ##  Check for an ANSI C typedef in a header
+dnl ##
+dnl ##  configure.ac:
+dnl ##    AC_CHECK_TYPEDEF(<typedef>, <header>)
+dnl ##  acconfig.h:
+dnl ##    #undef HAVE_<typedef>
+dnl ##
+
+AC_DEFUN(AC_CHECK_TYPEDEF,[dnl
+AC_REQUIRE([AC_HEADER_STDC])dnl
+AC_MSG_CHECKING(for typedef $1)
+AC_CACHE_VAL(ac_cv_typedef_$1,
+[AC_EGREP_CPP(dnl
+changequote(<<,>>)dnl
+<<(^|[^a-zA-Z_0-9])$1[^a-zA-Z_0-9]>>dnl
+changequote([,]), [
+#include <$2>
+], ac_cv_typedef_$1=yes, ac_cv_typedef_$1=no)])dnl
+AC_MSG_RESULT($ac_cv_typedef_$1)
+if test $ac_cv_typedef_$1 = yes; then
+    AC_DEFINE(HAVE_[]translit($1, [a-z], [A-Z]), 1,
+              [define if typedef $1 exists in header $2])
+fi
+])
+
+
+dnl ##
+dnl ##  Check for argument type of a function
+dnl ##
+dnl ##  configure.ac:
+dnl ##    AC_CHECK_ARGTYPE(<header> [...], <func>, <arg-number>,
+dnl ##                     <max-arg-number>, <action-with-${ac_type}>)
+dnl ##
+
+AC_DEFUN(AC_CHECK_ARGTYPE,[dnl
+AC_REQUIRE_CPP()dnl
+AC_MSG_CHECKING([for type of argument $3 for $2()])
+AC_CACHE_VAL([ac_cv_argtype_$2$3],[
+cat >conftest.$ac_ext <<EOF
+[#]line __oline__ "configure"
+#include "confdefs.h"
+EOF
+for ifile in $1; do
+    echo "#include <$ifile>" >>conftest.$ac_ext
+done
+gpat=''
+spat=''
+i=1
+changequote(, )dnl
+while test $i -le $4; do
+    gpat="$gpat[^,]*"
+    if test $i -eq $3; then
+        spat="$spat\\([^,]*\\)"
+    else
+        spat="$spat[^,]*"
+    fi
+    if test $i -lt $4; then
+        gpat="$gpat,"
+        spat="$spat,"
+    fi
+    i=`expr $i + 1`
+done
+changequote([, ])dnl
+(eval "$ac_cpp conftest.$ac_ext") 2>&AC_FD_CC |\
+changequote(, )dnl
+sed -e ':join' \
+    -e '/,[ 	]*$/N' \
+    -e 's/,[ 	]*\n[ 	]*/, /' \
+    -e 'tjoin' |\
+egrep "[^a-zA-Z0-9_]$2[ 	]*\\($gpat\\)" | head -1 |\
+sed -e "s/.*[^a-zA-Z0-9_]$2[ 	]*($spat).*/\\1/" \
+    -e 's/(\*[a-zA-Z_][a-zA-Z_0-9]*)/(*)/' \
+    -e 's/^[ 	]*//' -e 's/[ 	]*$//' \
+    -e 's/^/arg:/' \
+    -e 's/^arg:\([^ 	]*\)$/type:\1/' \
+    -e 's/^arg:\(.*_t\)*$/type:\1/' \
+    -e 's/^arg:\(.*\*\)$/type:\1/' \
+    -e 's/^arg:\(.*[ 	]\*\)[_a-zA-Z][_a-zA-Z0-9]*$/type:\1/' \
+    -e 's/^arg:\(.*[ 	]char\)$/type:\1/' \
+    -e 's/^arg:\(.*[ 	]short\)$/type:\1/' \
+    -e 's/^arg:\(.*[ 	]int\)$/type:\1/' \
+    -e 's/^arg:\(.*[ 	]long\)$/type:\1/' \
+    -e 's/^arg:\(.*[ 	]float\)$/type:\1/' \
+    -e 's/^arg:\(.*[ 	]double\)$/type:\1/' \
+    -e 's/^arg:\(.*[ 	]unsigned\)$/type:\1/' \
+    -e 's/^arg:\(.*[ 	]signed\)$/type:\1/' \
+    -e 's/^arg:\(.*struct[ 	][_a-zA-Z][_a-zA-Z0-9]*\)$/type:\1/' \
+    -e 's/^arg:\(.*\)[ 	]_[_a-zA-Z0-9]*$/type:\1/' \
+    -e 's/^arg:\(.*\)[ 	]\([^ 	]*\)$/type:\1/' \
+    -e 's/^type://' >conftest.output
+ac_cv_argtype_$2$3=`cat conftest.output`
+changequote([, ])dnl
+rm -f conftest*
+])
+AC_MSG_RESULT([$ac_cv_argtype_$2$3])
+ac_type="$ac_cv_argtype_$2$3"
+[$5]
+])
+
+
+dnl #   Background:
+dnl #   this exists because of shortsightedness on the POSIX committee.
+dnl #   BSD systems used "int *" as the parameter to accept(2),
+dnl #   getsockname(2), getpeername(2) et al. Consequently many Unix
+dnl #   flavors took an "int *" for that parameter. The POSIX committee
+dnl #   decided that "int" was just too generic and had to be replaced
+dnl #   with "size_t" almost everywhere. There's no problem with that
+dnl #   when you're passing by value. But when you're passing by
+dnl #   reference (as it is the case for accept(2) and friends) this
+dnl #   creates a gross source incompatibility with existing programs.
+dnl #   On 32-bit architectures it creates only a warning. On 64-bit
+dnl #   architectures it creates broken code -- because "int *" is a
+dnl #   pointer to a 64-bit quantity and "size_t *" is usually a pointer
+dnl #   to a 32-bit quantity. Some Unix flavors adopted "size_t *" for
+dnl #   the sake of POSIX compliance. Others ignored it because it was
+dnl #   such a broken interface. Chaos ensued. POSIX finally woke up
+dnl #   and decided that it was wrong and created a new type socklen_t.
+dnl #   The only useful value for socklen_t is "int", and that's how
+dnl #   everyone who has a clue implements it. It is almost always the
+dnl #   case that this type should be defined to be an "int", unless the
+dnl #   system being compiled for was created in the window of POSIX
+dnl #   madness.
+
+AC_DEFUN(AC_CHECK_SOCKLENTYPE,[dnl
+AC_CHECK_TYPEDEF(socklen_t, sys/socket.h)
+AC_CHECK_ARGTYPE(sys/types.h sys/socket.h, accept, 3, 3, [:])
+AC_MSG_CHECKING(for fallback socklen_t)
+AC_CACHE_VAL(ac_cv_check_socklentype, [
+if test ".$ac_cv_typedef_socklen_t" = .yes; then
+    ac_cv_check_socklentype='socklen_t'
+elif test ".$ac_type" != .; then
+    ac_cv_check_socklentype=`echo "$ac_type" | sed -e 's/[ 	]*\*$//'`
+else
+    ac_cv_check_socklentype='int'
+fi
+])
+AC_MSG_RESULT([$ac_cv_check_socklentype])
+ac_type="$ac_cv_check_socklentype"
+ifelse([$1], , :, [$1])
+])
+

Modified: trunk/src/ChangeLog
===================================================================
--- trunk/src/ChangeLog	2006-10-05 08:01:11 UTC (rev 1179)
+++ trunk/src/ChangeLog	2006-10-10 18:27:28 UTC (rev 1180)
@@ -1,3 +1,9 @@
+2006-10-10  Marcus Brinkmann  <marcus@g10code.de>
+
+	* gcrypt.h: Add fallback type for socklen_t.  Move to ...
+	* gcrypt.h.in: ... this file.
+	* Makefile.am (EXTRA_DIST): Add gcrypt.h.in.
+
 2006-08-29  Werner Koch  <wk@g10code.com>
 
 	* gcrypt.h (GCRY_CIPHER_SEED): New.

Modified: trunk/src/Makefile.am
===================================================================
--- trunk/src/Makefile.am	2006-10-05 08:01:11 UTC (rev 1179)
+++ trunk/src/Makefile.am	2006-10-10 18:27:28 UTC (rev 1180)
@@ -18,7 +18,8 @@
 
 ## Process this file with automake to produce Makefile.in
 
-EXTRA_DIST = Manifest libgcrypt-config.in libgcrypt.m4 libgcrypt.vers
+EXTRA_DIST = Manifest libgcrypt-config.in libgcrypt.m4 libgcrypt.vers \
+	gcrypt.h.in
 bin_SCRIPTS = libgcrypt-config
 m4datadir = $(datadir)/aclocal
 m4data_DATA = libgcrypt.m4

Deleted: trunk/src/gcrypt.h

Copied: trunk/src/gcrypt.h.in (from rev 1179, trunk/src/gcrypt.h)
===================================================================
--- trunk/src/gcrypt.h	2006-10-05 08:01:11 UTC (rev 1179)
+++ trunk/src/gcrypt.h.in	2006-10-10 18:27:28 UTC (rev 1180)
@@ -0,0 +1,1729 @@
+/* gcrypt.h -  GNU cryptographic library interface
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003,
+ *               2004, 2006  Free Software Foundation, Inc.
+ *
+ * This file is part of Libgcrypt.
+ *
+ * Libgcrypt is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * Libgcrypt is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+#ifndef _GCRYPT_H
+#define _GCRYPT_H
+
+#include <stdarg.h>
+#include <string.h>
+
+#include <gpg-error.h>
+
+#include <sys/types.h>
+
+@FALLBACK_SOCKLEN_T@
+
+#if defined _WIN32 || defined __WIN32__
+# include <winsock2.h>
+# include <ws2tcpip.h>
+#else
+# include <sys/socket.h>
+#endif /*!_WIN32*/
+
+#include <sys/time.h>
+
+/* This is required for error code compatibility. */
+#define _GCRY_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_GCRYPT
+
+#ifdef __cplusplus
+extern "C" {
+#if 0 /* keep Emacsens' auto-indent happy */
+}
+#endif
+#endif
+
+/* The version of this header should match the one of the library. It
+   should not be used by a program because gcry_check_version() should
+   return the same version.  The purpose of this macro is to let
+   autoconf (using the AM_PATH_GCRYPT macro) check that this header
+   matches the installed library.  Note: Do not edit the next line as
+   configure may fix the string here.  */
+#define GCRYPT_VERSION "1.3.0-cvs"
+
+/* Internal: We can't use the convenience macros for the multi
+   precision integer functions when building this library. */
+#ifdef _GCRYPT_IN_LIBGCRYPT
+#ifndef GCRYPT_NO_MPI_MACROS
+#define GCRYPT_NO_MPI_MACROS 1
+#endif
+#endif
+
+/* We want to use gcc attributes when possible.  Warning: Don't use
+   these macros in your programs: As indicated by the leading
+   underscore they are subject to change without notice. */
+#ifdef __GNUC__
+
+#define _GCRY_GCC_VERSION (__GNUC__ * 10000 \
+                             + __GNUC_MINOR__ * 100 \
+                             + __GNUC_PATCHLEVEL__)
+
+#if _GCRY_GCC_VERSION >= 30100
+#define _GCRY_GCC_ATTR_DEPRECATED __attribute__ ((__deprecated__))
+#endif
+
+#if _GCRY_GCC_VERSION >= 29600
+#define _GCRY_GCC_ATTR_PURE  __attribute__ ((__pure__))
+#endif
+
+#if _GCRY_GCC_VERSION >= 300200
+#define _GCRY_GCC_ATTR_MALLOC  __attribute__ ((__malloc__))
+#endif
+
+#endif /*__GNUC__*/
+
+#ifndef _GCRY_GCC_ATTR_DEPRECATED
+#define _GCRY_GCC_ATTR_DEPRECATED
+#endif
+#ifndef _GCRY_GCC_ATTR_PURE
+#define _GCRY_GCC_ATTR_PURE
+#endif
+#ifndef _GCRY_GCC_ATTR_MALLOC
+#define _GCRY_GCC_ATTR_MALLOC
+#endif
+
+/* Wrappers for the libgpg-error library.  */
+
+typedef gpg_error_t gcry_error_t;
+typedef gpg_err_code_t gcry_err_code_t;
+typedef gpg_err_source_t gcry_err_source_t;
+
+static GPG_ERR_INLINE gcry_error_t
+gcry_err_make (gcry_err_source_t source, gcry_err_code_t code)
+{
+  return gpg_err_make (source, code);
+}
+
+/* The user can define GPG_ERR_SOURCE_DEFAULT before including this
+   file to specify a default source for gpg_error.  */
+#ifndef GCRY_ERR_SOURCE_DEFAULT
+#define GCRY_ERR_SOURCE_DEFAULT  GPG_ERR_SOURCE_USER_1
+#endif
+
+static GPG_ERR_INLINE gcry_error_t
+gcry_error (gcry_err_code_t code)
+{
+  return gcry_err_make (GCRY_ERR_SOURCE_DEFAULT, code);
+}
+
+static GPG_ERR_INLINE gcry_err_code_t
+gcry_err_code (gcry_error_t err)
+{
+  return gpg_err_code (err);
+}
+
+
+static GPG_ERR_INLINE gcry_err_source_t
+gcry_err_source (gcry_error_t err)
+{
+  return gpg_err_source (err);
+}
+
+/* Return a pointer to a string containing a description of the error
+   code in the error value ERR.  */
+const char *gcry_strerror (gcry_error_t err);
+
+/* Return a pointer to a string containing a description of the error
+   source in the error value ERR.  */
+const char *gcry_strsource (gcry_error_t err);
+
+/* Retrieve the error code for the system error ERR.  This returns
+   GPG_ERR_UNKNOWN_ERRNO if the system error is not mapped (report
+   this).  */
+gcry_err_code_t gcry_err_code_from_errno (int err);
+
+/* Retrieve the system error for the error code CODE.  This returns 0
+   if CODE is not a system error code.  */
+int gcry_err_code_to_errno (gcry_err_code_t code);
+
+/* Return an error value with the error source SOURCE and the system
+   error ERR.  */
+gcry_error_t gcry_err_make_from_errno (gcry_err_source_t source, int err);
+
+/* Return an error value with the system error ERR.  */
+gcry_err_code_t gcry_error_from_errno (int err);
+
+
+enum gcry_thread_option
+  {
+    GCRY_THREAD_OPTION_DEFAULT = 0,
+    GCRY_THREAD_OPTION_USER = 1,
+    GCRY_THREAD_OPTION_PTH = 2,
+    GCRY_THREAD_OPTION_PTHREAD = 3
+  };
+
+/* Wrapper for struct ath_ops.  */
+struct gcry_thread_cbs
+{
+  enum gcry_thread_option option;
+  int (*init) (void);
+  int (*mutex_init) (void **priv);
+  int (*mutex_destroy) (void **priv);
+  int (*mutex_lock) (void **priv);
+  int (*mutex_unlock) (void **priv);
+  ssize_t (*read) (int fd, void *buf, size_t nbytes);
+  ssize_t (*write) (int fd, const void *buf, size_t nbytes);
+#ifdef _WIN32
+  ssize_t (*select) (int nfd, void *rset, void *wset, void *eset,
+		     struct timeval *timeout);
+  ssize_t (*waitpid) (pid_t pid, int *status, int options);
+  int (*accept) (int s, void  *addr, int *length_ptr);
+  int (*connect) (int s, void *addr, socklen_t length);
+  int (*sendmsg) (int s, const void *msg, int flags);
+  int (*recvmsg) (int s, void *msg, int flags);
+#else
+  ssize_t (*select) (int nfd, fd_set *rset, fd_set *wset, fd_set *eset,
+		     struct timeval *timeout);
+  ssize_t (*waitpid) (pid_t pid, int *status, int options);
+  int (*accept) (int s, struct sockaddr *addr, socklen_t *length_ptr);
+  int (*connect) (int s, struct sockaddr *addr, socklen_t length);
+  int (*sendmsg) (int s, const struct msghdr *msg, int flags);
+  int (*recvmsg) (int s, struct msghdr *msg, int flags);
+#endif
+};
+
+#define GCRY_THREAD_OPTION_PTH_IMPL					      \
+static int gcry_pth_init (void)						      \
+{ return (pth_init () == FALSE) ? errno : 0; }				      \
+static int gcry_pth_mutex_init (void **priv)				      \
+{									      \
+  int err = 0;								      \
+  pth_mutex_t *lock = malloc (sizeof (pth_mutex_t));			      \
+									      \
+  if (!lock)								      \
+    err = ENOMEM;							      \
+  if (!err)								      \
+    {									      \
+      err = pth_mutex_init (lock);					      \
+      if (err == FALSE)							      \
+	err = errno;							      \
+      else								      \
+	err = 0;							      \
+      if (err)								      \
+	free (lock);							      \
+      else								      \
+	*priv = lock;							      \
+    }									      \
+  return err;								      \
+}									      \
+static int gcry_pth_mutex_destroy (void **lock)				      \
+  { /* GNU Pth has no destructor function.  */ free (*lock); return 0; }      \
+static int gcry_pth_mutex_lock (void **lock)				      \
+  { return ((pth_mutex_acquire (*lock, 0, NULL)) == FALSE)		      \
+      ? errno : 0; }							      \
+static int gcry_pth_mutex_unlock (void **lock)				      \
+  { return ((pth_mutex_release (*lock)) == FALSE)			      \
+      ? errno : 0; }							      \
+static ssize_t gcry_pth_read (int fd, void *buf, size_t nbytes)		      \
+  { return pth_read (fd, buf, nbytes); }				      \
+static ssize_t gcry_pth_write (int fd, const void *buf, size_t nbytes)	      \
+  { return pth_write (fd, buf, nbytes); }				      \
+static ssize_t gcry_pth_select (int nfd, fd_set *rset, fd_set *wset,	      \
+				fd_set *eset, struct timeval *timeout)	      \
+  { return pth_select (nfd, rset, wset, eset, timeout); }		      \
+static ssize_t gcry_pth_waitpid (pid_t pid, int *status, int options)	      \
+  { return pth_waitpid (pid, status, options); }			      \
+static int gcry_pth_accept (int s, struct sockaddr *addr,		      \
+			    socklen_t *length_ptr)			      \
+  { return pth_accept (s, addr, length_ptr); }				      \
+static int gcry_pth_connect (int s, struct sockaddr *addr, socklen_t length)  \
+  { return pth_connect (s, addr, length); }				      \
+									      \
+/* FIXME: GNU Pth is missing pth_sendmsg and pth_recvmsg.  */		      \
+static struct gcry_thread_cbs gcry_threads_pth = { GCRY_THREAD_OPTION_PTH,    \
+  gcry_pth_init, gcry_pth_mutex_init, gcry_pth_mutex_destroy,		      \
+  gcry_pth_mutex_lock, gcry_pth_mutex_unlock, gcry_pth_read, gcry_pth_write,  \
+  gcry_pth_select, gcry_pth_waitpid, gcry_pth_accept, gcry_pth_connect,       \
+  NULL, NULL }
+
+#define GCRY_THREAD_OPTION_PTHREAD_IMPL					      \
+static int gcry_pthread_mutex_init (void **priv)			      \
+{									      \
+  int err = 0;								      \
+  pthread_mutex_t *lock = malloc (sizeof (pthread_mutex_t));		      \
+									      \
+  if (!lock)								      \
+    err = ENOMEM;							      \
+  if (!err)								      \
+    {									      \
+      err = pthread_mutex_init (lock, NULL);				      \
+      if (err)								      \
+	free (lock);							      \
+      else								      \
+	*priv = lock;							      \
+    }									      \
+  return err;								      \
+}									      \
+static int gcry_pthread_mutex_destroy (void **lock)			      \
+  { int err = pthread_mutex_destroy (*lock);  free (*lock); return err; }     \
+static int gcry_pthread_mutex_lock (void **lock)			      \
+  { return pthread_mutex_lock (*lock); }				      \
+static int gcry_pthread_mutex_unlock (void **lock)			      \
+  { return pthread_mutex_unlock (*lock); }				      \
+									      \
+static struct gcry_thread_cbs gcry_threads_pthread =			      \
+{ GCRY_THREAD_OPTION_PTHREAD, NULL,					      \
+  gcry_pthread_mutex_init, gcry_pthread_mutex_destroy,			      \
+  gcry_pthread_mutex_lock, gcry_pthread_mutex_unlock,                         \
+  NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL }
+
+
+/* The data object used to hold a multi precision integer.  */
+struct gcry_mpi;
+typedef struct gcry_mpi *gcry_mpi_t;
+
+typedef struct gcry_mpi *GCRY_MPI _GCRY_GCC_ATTR_DEPRECATED;
+typedef struct gcry_mpi *GcryMPI _GCRY_GCC_ATTR_DEPRECATED;
+
+
+
+/* Check that the library fulfills the version requirement.  */
+const char *gcry_check_version (const char *req_version);
+
+/* Codes for function dispatchers.  */
+
+/* Codes used with the gcry_control function. */
+enum gcry_ctl_cmds 
+  {
+    GCRYCTL_SET_KEY  = 1,
+    GCRYCTL_SET_IV   = 2,
+    GCRYCTL_CFB_SYNC = 3,
+    GCRYCTL_RESET    = 4,   /* e.g. for MDs */
+    GCRYCTL_FINALIZE = 5,
+    GCRYCTL_GET_KEYLEN = 6,
+    GCRYCTL_GET_BLKLEN = 7,
+    GCRYCTL_TEST_ALGO = 8,
+    GCRYCTL_IS_SECURE = 9,
+    GCRYCTL_GET_ASNOID = 10,
+    GCRYCTL_ENABLE_ALGO = 11,
+    GCRYCTL_DISABLE_ALGO = 12,
+    GCRYCTL_DUMP_RANDOM_STATS = 13,
+    GCRYCTL_DUMP_SECMEM_STATS = 14,
+    GCRYCTL_GET_ALGO_NPKEY    = 15,
+    GCRYCTL_GET_ALGO_NSKEY    = 16,
+    GCRYCTL_GET_ALGO_NSIGN    = 17,
+    GCRYCTL_GET_ALGO_NENCR    = 18,
+    GCRYCTL_SET_VERBOSITY     = 19,
+    GCRYCTL_SET_DEBUG_FLAGS   = 20,
+    GCRYCTL_CLEAR_DEBUG_FLAGS = 21,
+    GCRYCTL_USE_SECURE_RNDPOOL= 22,
+    GCRYCTL_DUMP_MEMORY_STATS = 23,
+    GCRYCTL_INIT_SECMEM       = 24,
+    GCRYCTL_TERM_SECMEM       = 25,
+    GCRYCTL_DISABLE_SECMEM_WARN = 27,
+    GCRYCTL_SUSPEND_SECMEM_WARN = 28,
+    GCRYCTL_RESUME_SECMEM_WARN  = 29,
+    GCRYCTL_DROP_PRIVS          = 30,
+    GCRYCTL_ENABLE_M_GUARD      = 31,
+    GCRYCTL_START_DUMP          = 32,
+    GCRYCTL_STOP_DUMP           = 33,
+    GCRYCTL_GET_ALGO_USAGE      = 34,
+    GCRYCTL_IS_ALGO_ENABLED     = 35,
+    GCRYCTL_DISABLE_INTERNAL_LOCKING = 36,
+    GCRYCTL_DISABLE_SECMEM      = 37,
+    GCRYCTL_INITIALIZATION_FINISHED = 38,
+    GCRYCTL_INITIALIZATION_FINISHED_P = 39,
+    GCRYCTL_ANY_INITIALIZATION_P = 40,
+    GCRYCTL_SET_CBC_CTS = 41,
+    GCRYCTL_SET_CBC_MAC = 42,
+    GCRYCTL_SET_CTR = 43,
+    GCRYCTL_ENABLE_QUICK_RANDOM = 44,
+    GCRYCTL_SET_RANDOM_SEED_FILE = 45,
+    GCRYCTL_UPDATE_RANDOM_SEED_FILE = 46,
+    GCRYCTL_SET_THREAD_CBS = 47,
+    GCRYCTL_FAST_POLL = 48,
+    GCRYCTL_SET_RANDOM_DAEMON_SOCKET = 49,
+    GCRYCTL_USE_RANDOM_DAEMON = 50,
+    GCRYCTL_FAKED_RANDOM_P = 51
+  };
+
+/* Perform various operations defined by CMD. */
+gcry_error_t gcry_control (enum gcry_ctl_cmds CMD, ...);
+
+
+/* S-expression management. */ 
+
+/* The object to represent an S-expression as used with the public key
+   functions.  */
+struct gcry_sexp;
+typedef struct gcry_sexp *gcry_sexp_t;
+
+typedef struct gcry_sexp *GCRY_SEXP _GCRY_GCC_ATTR_DEPRECATED;
+typedef struct gcry_sexp *GcrySexp _GCRY_GCC_ATTR_DEPRECATED;
+
+/* The possible values for the S-expression format. */
+enum gcry_sexp_format
+  {
+    GCRYSEXP_FMT_DEFAULT   = 0,
+    GCRYSEXP_FMT_CANON     = 1,
+    GCRYSEXP_FMT_BASE64    = 2,
+    GCRYSEXP_FMT_ADVANCED  = 3
+  };
+
+/* Create an new S-expression object from BUFFER of size LENGTH and
+   return it in RETSEXP.  With AUTODETECT set to 0 the data in BUFFER
+   is expected to be in canonized format.  */
+gcry_error_t gcry_sexp_new (gcry_sexp_t *retsexp,
+                            const void *buffer, size_t length,
+                            int autodetect);
+
+ /* Same as gcry_sexp_new but allows to pass a FREEFNC which has the
+    effect to transfer ownership of BUFFER to the created object.  */
+gcry_error_t gcry_sexp_create (gcry_sexp_t *retsexp,
+                               void *buffer, size_t length,
+                               int autodetect, void (*freefnc) (void *));
+
+/* Scan BUFFER and return a new S-expression object in RETSEXP.  This
+   function expects a printf like string in BUFFER.  */
+gcry_error_t gcry_sexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
+                              const char *buffer, size_t length);
+
+/* Same as gcry_sexp_sscan but expects a string in FORMAT and can thus
+   only be used for certain encodings.  */
+gcry_error_t gcry_sexp_build (gcry_sexp_t *retsexp, size_t *erroff,
+                              const char *format, ...);
+
+/* Like gcry_sexp_build, but uses an array instead of variable
+   function arguments.  */
+gcry_error_t gcry_sexp_build_array (gcry_sexp_t *retsexp, size_t *erroff,
+				    const char *format, void **arg_list);
+
+/* Release the S-expression object SEXP */
+void gcry_sexp_release (gcry_sexp_t sexp);
+
+/* Calculate the length of an canonized S-expresion in BUFFER and
+   check for a valid encoding. */
+size_t gcry_sexp_canon_len (const unsigned char *buffer, size_t length, 
+                            size_t *erroff, gcry_error_t *errcode);
+
+/* Copies the S-expression object SEXP into BUFFER using the format
+   specified in MODE.  */
+size_t gcry_sexp_sprint (gcry_sexp_t sexp, int mode, char *buffer,
+                         size_t maxlength);
+
+/* Dumps the S-expression object A in a aformat suitable for debugging
+   to Libgcrypt's logging stream.  */
+void gcry_sexp_dump (const gcry_sexp_t a);
+
+gcry_sexp_t gcry_sexp_cons (const gcry_sexp_t a, const gcry_sexp_t b);
+gcry_sexp_t gcry_sexp_alist (const gcry_sexp_t *array);
+gcry_sexp_t gcry_sexp_vlist (const gcry_sexp_t a, ...);
+gcry_sexp_t gcry_sexp_append (const gcry_sexp_t a, const gcry_sexp_t n);
+gcry_sexp_t gcry_sexp_prepend (const gcry_sexp_t a, const gcry_sexp_t n);
+
+/* Scan the S-expression for a sublist with a type (the car of the
+   list) matching the string TOKEN.  If TOKLEN is not 0, the token is
+   assumed to be raw memory of this length.  The function returns a
+   newly allocated S-expression consisting of the found sublist or
+   `NULL' when not found.  */
+gcry_sexp_t gcry_sexp_find_token (gcry_sexp_t list,
+                                const char *tok, size_t toklen);
+/* Return the length of the LIST.  For a valid S-expression this
+   should be at least 1.  */
+int gcry_sexp_length (const gcry_sexp_t list);
+
+/* Create and return a new S-expression from the element with index
+   NUMBER in LIST.  Note that the first element has the index 0.  If
+   there is no such element, `NULL' is returned.  */
+gcry_sexp_t gcry_sexp_nth (const gcry_sexp_t list, int number);
+
+/* Create and return a new S-expression from the first element in
+   LIST; this called the "type" and should always exist and be a
+   string. `NULL' is returned in case of a problem.  */
+gcry_sexp_t gcry_sexp_car (const gcry_sexp_t list);
+
+/* Create and return a new list form all elements except for the first
+   one.  Note, that this function may return an invalid S-expression
+   because it is not guaranteed, that the type exists and is a string.
+   However, for parsing a complex S-expression it might be useful for
+   intermediate lists.  Returns `NULL' on error.  */
+gcry_sexp_t gcry_sexp_cdr (const gcry_sexp_t list);
+
+gcry_sexp_t gcry_sexp_cadr (const gcry_sexp_t list);
+
+
+/* This function is used to get data from a LIST.  A pointer to the
+   actual data with index NUMBER is returned and the length of this
+   data will be stored to DATALEN.  If there is no data at the given
+   index or the index represents another list, `NULL' is returned.
+   *Note:* The returned pointer is valid as long as LIST is not
+   modified or released.  */
+const char *gcry_sexp_nth_data (const gcry_sexp_t list, int number,
+                                size_t *datalen);
+
+/* This function is used to get and convert data from a LIST. This
+   data is assumed to be an MPI stored in the format described by
+   MPIFMT and returned as a standard Libgcrypt MPI.  The caller must
+   release this returned value using `gcry_mpi_release'.  If there is
+   no data at the given index, the index represents a list or the
+   value can't be converted to an MPI, `NULL' is returned.  */
+gcry_mpi_t gcry_sexp_nth_mpi (gcry_sexp_t list, int number, int mpifmt);
+
+
+
+/*******************************************
+ *                                         *
+ *  multi precision integer functions      *
+ *                                         *
+ *******************************************/
+
+/* Different formats of external big integer representation. */
+enum gcry_mpi_format 
+  {
+    GCRYMPI_FMT_NONE= 0,
+    GCRYMPI_FMT_STD = 1,    /* twos complement stored without length */
+    GCRYMPI_FMT_PGP = 2,    /* As used by OpenPGP (only defined as unsigned)*/
+    GCRYMPI_FMT_SSH = 3,    /* As used by SSH (same as 1 but with length)*/
+    GCRYMPI_FMT_HEX = 4,    /* hex format */
+    GCRYMPI_FMT_USG = 5     /* like STD but this is an unsigned one */
+  };
+
+/* Flags used for creating big integers.  */
+enum gcry_mpi_flag 
+  {
+    GCRYMPI_FLAG_SECURE = 1,  /* Allocate the number in "secure" memory. */
+    GCRYMPI_FLAG_OPAQUE = 2   /* The number is not a real one but just a
+                               way to store some bytes.  This is
+                               useful for encrypted big integers. */
+  };
+
+
+/* Allocate a new big integer object, initialize it with 0 and
+   initially allocate memory for a number of at least NBITS. */
+gcry_mpi_t gcry_mpi_new (unsigned int nbits);
+
+/* Same as gcry_mpi_new() but allocate in "secure" memory. */
+gcry_mpi_t gcry_mpi_snew (unsigned int nbits);
+
+/* Release the number A and free all associated resources. */
+void gcry_mpi_release (gcry_mpi_t a);
+
+/* Create a new number with the same value as A. */
+gcry_mpi_t gcry_mpi_copy (const gcry_mpi_t a);
+
+/* Store the big integer value U in W. */
+gcry_mpi_t gcry_mpi_set (gcry_mpi_t w, const gcry_mpi_t u);
+
+/* Store the unsigned integer value U in W. */
+gcry_mpi_t gcry_mpi_set_ui (gcry_mpi_t w, unsigned long u);
+
+/* Swap the values of A and B. */
+void gcry_mpi_swap (gcry_mpi_t a, gcry_mpi_t b);
+
+/* Compare the big integer number U and V returning 0 for equality, a
+   positive value for U > V and a negative for U < V. */
+int gcry_mpi_cmp (const gcry_mpi_t u, const gcry_mpi_t v);
+
+/* Compare the big integer number U with the unsigned integer V
+   returning 0 for equality, a positive value for U > V and a negative
+   for U < V. */
+int gcry_mpi_cmp_ui (const gcry_mpi_t u, unsigned long v);
+
+/* Convert the external representation of an integer stored in BUFFER
+   with a length of BUFLEN into a newly create MPI returned in
+   RET_MPI.  If NSCANNED is not NULL, it will receive the number of
+   bytes actually scanned after a successful operation. */
+gcry_error_t gcry_mpi_scan (gcry_mpi_t *ret_mpi, enum gcry_mpi_format format,
+                            const void *buffer, size_t buflen, 
+                            size_t *nscanned);
+
+/* Convert the big integer A into the external representation
+   described by FORMAT and store it in the provided BUFFER which has
+   been allocated by the user with a size of BUFLEN bytes.  NWRITTEN
+   receives the actual length of the external representation unless it
+   has been passed as NULL. */
+gcry_error_t gcry_mpi_print (enum gcry_mpi_format format,
+                             unsigned char *buffer, size_t buflen,
+                             size_t *nwritten,
+                             const gcry_mpi_t a);
+
+/* Convert the big integer A int the external representation described
+   by FORMAT and store it in a newly allocated buffer which address
+   will be put into BUFFER.  NWRITTEN receives the actual lengths of the
+   external representation. */
+gcry_error_t gcry_mpi_aprint (enum gcry_mpi_format format,
+                              unsigned char **buffer, size_t *nwritten,
+                              const gcry_mpi_t a);
+
+/* Dump the value of A in a format suitable for debugging to
+   Libgcrypt's logging stream.  Note that one leading space but no
+   trailing space or linefeed will be printed.  It is okay to pass
+   NULL for A. */
+void gcry_mpi_dump (const gcry_mpi_t a);
+
+
+/* W = U + V.  */
+void gcry_mpi_add (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v);
+
+/* W = U + V.  V is an unsigned integer. */
+void gcry_mpi_add_ui (gcry_mpi_t w, gcry_mpi_t u, unsigned long v);
+
+/* W = U + V mod M. */
+void gcry_mpi_addm (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m);
+
+/* W = U - V. */
+void gcry_mpi_sub (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v);
+
+/* W = U - V.  V is an unsigned integer. */
+void gcry_mpi_sub_ui (gcry_mpi_t w, gcry_mpi_t u, unsigned long v );
+
+/* W = U - V mod M */
+void gcry_mpi_subm (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m);
+
+/* W = U * V. */
+void gcry_mpi_mul (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v);
+
+/* W = U * V.  V is an unsigned integer. */
+void gcry_mpi_mul_ui (gcry_mpi_t w, gcry_mpi_t u, unsigned long v );
+
+/* W = U * V mod M. */
+void gcry_mpi_mulm (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m);
+
+/* W = U * (2 ^ CNT). */
+void gcry_mpi_mul_2exp (gcry_mpi_t w, gcry_mpi_t u, unsigned long cnt);
+
+/* Q = DIVIDEND / DIVISOR, R = DIVIDEND % DIVISOR,
+   Q or R may be passed as NULL.  ROUND should be negative or 0. */
+void gcry_mpi_div (gcry_mpi_t q, gcry_mpi_t r,
+                   gcry_mpi_t dividend, gcry_mpi_t divisor, int round);
+
+/* R = DIVIDEND % DIVISOR */
+void gcry_mpi_mod (gcry_mpi_t r, gcry_mpi_t dividend, gcry_mpi_t divisor);
+
+/* W = B ^ E mod M. */
+void gcry_mpi_powm (gcry_mpi_t w,
+                    const gcry_mpi_t b, const gcry_mpi_t e,
+                    const gcry_mpi_t m);
+
+/* Set G to the greatest common divisor of A and B.  
+   Return true if the G is 1. */
+int gcry_mpi_gcd (gcry_mpi_t g, gcry_mpi_t a, gcry_mpi_t b);
+
+/* Set X to the multiplicative inverse of A mod M.
+   Return true if the value exists. */
+int gcry_mpi_invm (gcry_mpi_t x, gcry_mpi_t a, gcry_mpi_t m);
+
+
+/* Return the number of bits required to represent A. */
+unsigned int gcry_mpi_get_nbits (gcry_mpi_t a);
+
+/* Return true when bit number N (counting from 0) is set in A. */
+int      gcry_mpi_test_bit (gcry_mpi_t a, unsigned int n);
+
+/* Set bit number N in A. */
+void     gcry_mpi_set_bit (gcry_mpi_t a, unsigned int n);
+
+/* Clear bit number N in A. */
+void     gcry_mpi_clear_bit (gcry_mpi_t a, unsigned int n);
+
+/* Set bit number N in A and clear all bits greater than N. */
+void     gcry_mpi_set_highbit (gcry_mpi_t a, unsigned int n);
+
+/* Clear bit number N in A and all bits greater than N. */
+void     gcry_mpi_clear_highbit (gcry_mpi_t a, unsigned int n);
+
+/* Shift the value of A by N bits to the right and store the result in X. */
+void     gcry_mpi_rshift (gcry_mpi_t x, gcry_mpi_t a, unsigned int n);
+
+/* Store NBITS of the value P points to in A and mark A as an opaque
+   value.  WARNING: Never use an opaque MPI for anything thing else then 
+   gcry_mpi_release, gcry_mpi_get_opaque. */
+gcry_mpi_t gcry_mpi_set_opaque (gcry_mpi_t a, void *p, unsigned int nbits);
+
+/* Return a pointer to an opaque value stored in A and return its size
+   in NBITS.  Note that the returned pointer is still owned by A and
+   that the function should never be used for an non-opaque MPI. */
+void *gcry_mpi_get_opaque (gcry_mpi_t a, unsigned int *nbits);
+
+/* Set the FLAG for the big integer A.  Currently only the flag
+   GCRYMPI_FLAG_SECURE is allowed to convert A into an big intger
+   stored in "secure" memory. */
+void gcry_mpi_set_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
+
+/* Clear FLAG for the big integer A.  Note that this function is
+   currently useless as no flags are allowed. */
+void gcry_mpi_clear_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
+
+/* Return true when the FLAG is set for A. */
+int gcry_mpi_get_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
+
+/* Unless the GCRYPT_NO_MPI_MACROS is used, provide a couple of
+   convenience macors for the big integer functions. */
+#ifndef GCRYPT_NO_MPI_MACROS
+#define mpi_new(n)          gcry_mpi_new( (n) )
+#define mpi_secure_new( n ) gcry_mpi_snew( (n) )
+#define mpi_release(a)      \
+  do \
+    { \
+      gcry_mpi_release ((a)); \
+      (a) = NULL; \
+    } \
+  while (0)
+
+#define mpi_copy( a )       gcry_mpi_copy( (a) )
+#define mpi_set( w, u)      gcry_mpi_set( (w), (u) )
+#define mpi_set_ui( w, u)   gcry_mpi_set_ui( (w), (u) )
+#define mpi_cmp( u, v )     gcry_mpi_cmp( (u), (v) )
+#define mpi_cmp_ui( u, v )  gcry_mpi_cmp_ui( (u), (v) )
+
+#define mpi_add_ui(w,u,v)   gcry_mpi_add_ui((w),(u),(v))
+#define mpi_add(w,u,v)      gcry_mpi_add ((w),(u),(v))
+#define mpi_addm(w,u,v,m)   gcry_mpi_addm ((w),(u),(v),(m))
+#define mpi_sub_ui(w,u,v)   gcry_mpi_sub_ui ((w),(u),(v))
+#define mpi_sub(w,u,v)      gcry_mpi_sub ((w),(u),(v))
+#define mpi_subm(w,u,v,m)   gcry_mpi_subm ((w),(u),(v),(m))
+#define mpi_mul_ui(w,u,v)   gcry_mpi_mul_ui ((w),(u),(v))
+#define mpi_mul_2exp(w,u,v) gcry_mpi_mul_2exp ((w),(u),(v))
+#define mpi_mul(w,u,v)      gcry_mpi_mul ((w),(u),(v))
+#define mpi_mulm(w,u,v,m)   gcry_mpi_mulm ((w),(u),(v),(m))
+#define mpi_powm(w,b,e,m)   gcry_mpi_powm ( (w), (b), (e), (m) )
+#define mpi_tdiv(q,r,a,m)   gcry_mpi_div ( (q), (r), (a), (m), 0)
+#define mpi_fdiv(q,r,a,m)   gcry_mpi_div ( (q), (r), (a), (m), -1)
+#define mpi_mod(r,a,m)      gcry_mpi_mod ((r), (a), (m))
+#define mpi_gcd(g,a,b)      gcry_mpi_gcd ( (g), (a), (b) )
+#define mpi_invm(g,a,b)     gcry_mpi_invm ( (g), (a), (b) )
+
+#define mpi_get_nbits(a)       gcry_mpi_get_nbits ((a))
+#define mpi_test_bit(a,b)      gcry_mpi_test_bit ((a),(b))
+#define mpi_set_bit(a,b)       gcry_mpi_set_bit ((a),(b))
+#define mpi_set_highbit(a,b)   gcry_mpi_set_highbit ((a),(b))
+#define mpi_clear_bit(a,b)     gcry_mpi_clear_bit ((a),(b))
+#define mpi_clear_highbit(a,b) gcry_mpi_clear_highbit ((a),(b))
+#define mpi_rshift(a,b,c)      gcry_mpi_rshift ((a),(b),(c))
+
+#define mpi_set_opaque(a,b,c) gcry_mpi_set_opaque( (a), (b), (c) )
+#define mpi_get_opaque(a,b)   gcry_mpi_get_opaque( (a), (b) )
+#endif /* GCRYPT_NO_MPI_MACROS */
+
+
+
+/************************************
+ *                                  *
+ *   symmetric cipher functions     *
+ *                                  *
+ ************************************/
+
+/* The data object used to hold a handle to an encryption object.  */
+struct gcry_cipher_handle;
+typedef struct gcry_cipher_handle *gcry_cipher_hd_t;
+
+typedef struct gcry_cipher_handle *GCRY_CIPHER_HD _GCRY_GCC_ATTR_DEPRECATED;
+typedef struct gcry_cipher_handle *GcryCipherHd _GCRY_GCC_ATTR_DEPRECATED;
+
+/* All symmetric encryption algorithms are identified by their IDs.
+   More IDs may be registered at runtime. */
+enum gcry_cipher_algos
+  {
+    GCRY_CIPHER_NONE        = 0,
+    GCRY_CIPHER_IDEA        = 1,
+    GCRY_CIPHER_3DES        = 2,
+    GCRY_CIPHER_CAST5       = 3,
+    GCRY_CIPHER_BLOWFISH    = 4,
+    GCRY_CIPHER_SAFER_SK128 = 5,
+    GCRY_CIPHER_DES_SK      = 6,
+    GCRY_CIPHER_AES         = 7,
+    GCRY_CIPHER_AES192      = 8,
+    GCRY_CIPHER_AES256      = 9,
+    GCRY_CIPHER_TWOFISH     = 10,
+
+    /* Other cipher numbers are above 300 for OpenPGP reasons. */
+    GCRY_CIPHER_ARCFOUR     = 301,  /* Fully compatible with RSA's RC4 (tm). */
+    GCRY_CIPHER_DES         = 302,  /* Yes, this is single key 56 bit DES. */
+    GCRY_CIPHER_TWOFISH128  = 303,
+    GCRY_CIPHER_SERPENT128  = 304,
+    GCRY_CIPHER_SERPENT192  = 305,
+    GCRY_CIPHER_SERPENT256  = 306,
+    GCRY_CIPHER_RFC2268_40  = 307,  /* Ron's Cipher 2 (40 bit). */
+    GCRY_CIPHER_RFC2268_128 = 308,  /* Ron's Cipher 2 (128 bit). */
+    GCRY_CIPHER_SEED        = 309   /* 128 bit cipher described in RFC4269. */
+  };
+
+/* The Rijndael algorithm is basically AES, so provide some macros. */
+#define GCRY_CIPHER_AES128      GCRY_CIPHER_AES    
+#define GCRY_CIPHER_RIJNDAEL    GCRY_CIPHER_AES    
+#define GCRY_CIPHER_RIJNDAEL128 GCRY_CIPHER_AES128 
+#define GCRY_CIPHER_RIJNDAEL192 GCRY_CIPHER_AES192 
+#define GCRY_CIPHER_RIJNDAEL256 GCRY_CIPHER_AES256 
+
+/* The supported encryption modes.  Note that not all of them are
+   supported for each algorithm. */
+enum gcry_cipher_modes 
+  {
+    GCRY_CIPHER_MODE_NONE   = 0,  /* Not yet specified. */
+    GCRY_CIPHER_MODE_ECB    = 1,  /* Electronic codebook. */
+    GCRY_CIPHER_MODE_CFB    = 2,  /* Cipher feedback. */
+    GCRY_CIPHER_MODE_CBC    = 3,  /* Cipher block chaining. */
+    GCRY_CIPHER_MODE_STREAM = 4,  /* Used with stream ciphers. */
+    GCRY_CIPHER_MODE_OFB    = 5,  /* Outer feedback. */
+    GCRY_CIPHER_MODE_CTR    = 6   /* Counter. */
+  };
+
+/* Flags used with the open function. */ 
+enum gcry_cipher_flags
+  {
+    GCRY_CIPHER_SECURE      = 1,  /* Allocate in secure memory. */
+    GCRY_CIPHER_ENABLE_SYNC = 2,  /* Enable CFB sync mode. */
+    GCRY_CIPHER_CBC_CTS     = 4,  /* Enable CBC cipher text stealing (CTS). */
+    GCRY_CIPHER_CBC_MAC     = 8   /* Enable CBC message auth. code (MAC). */
+  };
+
+
+/* Create a handle for algorithm ALGO to be used in MODE.  FLAGS may
+   be given as an bitwise OR of the gcry_cipher_flags values. */
+gcry_error_t gcry_cipher_open (gcry_cipher_hd_t *handle,
+                              int algo, int mode, unsigned int flags);
+
+/* Close the cioher handle H and release all resource. */
+void gcry_cipher_close (gcry_cipher_hd_t h);
+
+/* Perform various operations on the cipher object H. */
+gcry_error_t gcry_cipher_ctl (gcry_cipher_hd_t h, int cmd, void *buffer,
+                             size_t buflen);
+
+/* Retrieve various information about the cipher object H. */
+gcry_error_t gcry_cipher_info (gcry_cipher_hd_t h, int what, void *buffer,
+                              size_t *nbytes);
+
+/* Retrieve various information about the cipher algorithm ALGO. */
+gcry_error_t gcry_cipher_algo_info (int algo, int what, void *buffer,
+                                   size_t *nbytes);
+
+/* Map the cipher algorithm whose ID is contained in ALGORITHM to a
+   string representation of the algorithm name.  For unknown algorithm
+   IDs this function returns "?".  */
+const char *gcry_cipher_algo_name (int algorithm) _GCRY_GCC_ATTR_PURE;
+
+/* Map the algorithm name NAME to an cipher algorithm ID.  Return 0 if
+   the algorithm name is not known. */
+int gcry_cipher_map_name (const char *name) _GCRY_GCC_ATTR_PURE;
+
+/* Given an ASN.1 object identifier in standard IETF dotted decimal
+   format in STRING, return the encryption mode associated with that
+   OID or 0 if not known or applicable. */
+int gcry_cipher_mode_from_oid (const char *string) _GCRY_GCC_ATTR_PURE;
+
+/* Encrypt the plaintext of size INLEN in IN using the cipher handle H
+   into the buffer OUT which has an allocated length of OUTSIZE.  For
+   most algorithms it is possible to pass NULL for in and 0 for INLEN
+   and do a in-place decryption of the data provided in OUT.  */
+gcry_error_t gcry_cipher_encrypt (gcry_cipher_hd_t h,
+                                 unsigned char *out, size_t outsize,
+                                 const unsigned char *in, size_t inlen);
+
+/* The counterpart to gcry_cipher_encrypt.  */
+gcry_error_t gcry_cipher_decrypt (gcry_cipher_hd_t h,
+                                 unsigned char *out, size_t outsize,
+                                 const unsigned char *in, size_t inlen);
+
+/* Set key K of length L for the cipher handle H.  (We have to cast
+   away a const char* here - this catch-all ctl function was probably
+   not the best choice) */
+#define gcry_cipher_setkey(h,k,l)  gcry_cipher_ctl( (h), GCRYCTL_SET_KEY, \
+                                                         (char*)(k), (l) )
+
+/* Set initialization vector K of length L for the cipher handle H. */
+#define gcry_cipher_setiv(h,k,l)  gcry_cipher_ctl( (h), GCRYCTL_SET_IV, \
+                                                         (char*)(k), (l) )
+
+/* Reset the handle to the state after open.  */
+#define gcry_cipher_reset(h)  gcry_cipher_ctl ((h), GCRYCTL_RESET, NULL, 0)
+
+/* Perform the the OpenPGP sync operation if this is enabled for the
+   cipher handle H. */
+#define gcry_cipher_sync(h)  gcry_cipher_ctl( (h), GCRYCTL_CFB_SYNC, \
+                                                                   NULL, 0 )
+
+/* Enable or disable CTS in future calls to gcry_encrypt(). CBC mode only. */
+#define gcry_cipher_cts(h,on)  gcry_cipher_ctl( (h), GCRYCTL_SET_CBC_CTS, \
+                                                                   NULL, on )
+
+/* Set counter for CTR mode.  (K,L) must denote a buffer of block size
+   length, or (NULL,0) to set the CTR to the all-zero block. */
+#define gcry_cipher_setctr(h,k,l)  gcry_cipher_ctl( (h), GCRYCTL_SET_CTR, \
+                                                    (char*)(k), (l) )
+
+/* Retrieved the key length used with algorithm A. */
+size_t gcry_cipher_get_algo_keylen (int algo);
+
+/* Retrieve the block length used with algorithm A. */
+size_t gcry_cipher_get_algo_blklen (int algo);
+
+/* Return 0 if the algorithm A is available for use. */
+#define gcry_cipher_test_algo(a) \
+            gcry_cipher_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
+
+/* Get a list consisting of the IDs of the loaded cipher modules.  If
+   LIST is zero, write the number of loaded cipher modules to
+   LIST_LENGTH and return.  If LIST is non-zero, the first
+   *LIST_LENGTH algorithm IDs are stored in LIST, which must be of
+   according size.  In case there are less cipher modules than
+   *LIST_LENGTH, *LIST_LENGTH is updated to the correct number.  */
+gcry_error_t gcry_cipher_list (int *list, int *list_length);
+
+
+/************************************
+ *                                  *
+ *    asymmetric cipher functions   *
+ *                                  *
+ ************************************/
+
+/* The algorithms and their IDs we support. */
+enum gcry_pk_algos 
+  {
+    GCRY_PK_RSA = 1,
+    GCRY_PK_RSA_E = 2,      /* deprecated */
+    GCRY_PK_RSA_S = 3,      /* deprecated */
+    GCRY_PK_ELG_E = 16,     /* use only for OpenPGP */
+    GCRY_PK_DSA   = 17,
+    GCRY_PK_ELG   = 20
+  };
+
+/* Flags describing usage capabilities of a PK algorithm. */
+#define GCRY_PK_USAGE_SIGN 1   /* Good for signatures. */            
+#define GCRY_PK_USAGE_ENCR 2   /* Good for encryption. */            
+#define GCRY_PK_USAGE_CERT 4   /* Good to certify other keys. */
+#define GCRY_PK_USAGE_AUTH 8   /* Good for authentication. */        
+#define GCRY_PK_USAGE_UNKN 128 /* Unknown usage flag. */          
+
+/* Encrypt the DATA using the public key PKEY and store the result as
+   a newly created S-expression at RESULT. */
+gcry_error_t gcry_pk_encrypt (gcry_sexp_t *result,
+                              gcry_sexp_t data, gcry_sexp_t pkey);
+
+/* Decrypt the DATA using the private key SKEY and store the result as
+   a newly created S-expression at RESULT. */
+gcry_error_t gcry_pk_decrypt (gcry_sexp_t *result,
+                              gcry_sexp_t data, gcry_sexp_t skey);
+
+/* Sign the DATA using the private key SKEY and store the result as
+   a newly created S-expression at RESULT. */
+gcry_error_t gcry_pk_sign (gcry_sexp_t *result,
+                           gcry_sexp_t data, gcry_sexp_t skey);
+
+/* Check the signature SIGVAL on DATA using the public key PKEY. */
+gcry_error_t gcry_pk_verify (gcry_sexp_t sigval,
+                             gcry_sexp_t data, gcry_sexp_t pkey);
+
+/* Check that private KEY is sane. */
+gcry_error_t gcry_pk_testkey (gcry_sexp_t key);
+
+/* Generate a new key pair according to the parameters given in
+   S_PARMS.  The new key pair is returned in as an S-expression in
+   R_KEY. */
+gcry_error_t gcry_pk_genkey (gcry_sexp_t *r_key, gcry_sexp_t s_parms);
+
+/* Catch all function for miscellaneous operations. */
+gcry_error_t gcry_pk_ctl (int cmd, void *buffer, size_t buflen);
+
+/* Retrieve information about the public key algorithm ALGO. */
+gcry_error_t gcry_pk_algo_info (int algo, int what,
+                                void *buffer, size_t *nbytes);
+
+/* Map the public key algorithm whose ID is contained in ALGORITHM to
+   a string representation of the algorithm name.  For unknown
+   algorithm IDs this functions returns "?". */
+const char *gcry_pk_algo_name (int algorithm) _GCRY_GCC_ATTR_PURE;
+
+/* Map the algorithm NAME to a public key algorithm Id.  Return 0 if
+   the algorithm name is not known. */
+int gcry_pk_map_name (const char* name) _GCRY_GCC_ATTR_PURE;
+
+/* Return what is commonly referred as the key length for the given
+   public or private KEY.  */
+unsigned int gcry_pk_get_nbits (gcry_sexp_t key) _GCRY_GCC_ATTR_PURE;
+
+/* Please note that keygrip is still experimental and should not be
+   used without contacting the author. */
+unsigned char *gcry_pk_get_keygrip (gcry_sexp_t key, unsigned char *array);
+
+/* Return 0 if the public key algorithm A is available for use. */
+#define gcry_pk_test_algo(a) \
+            gcry_pk_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
+
+/* Get a list consisting of the IDs of the loaded pubkey modules.  If
+   LIST is zero, write the number of loaded pubkey modules to
+   LIST_LENGTH and return.  If LIST is non-zero, the first
+   *LIST_LENGTH algorithm IDs are stored in LIST, which must be of
+   according size.  In case there are less pubkey modules than
+   *LIST_LENGTH, *LIST_LENGTH is updated to the correct number.  */
+gcry_error_t gcry_pk_list (int *list, int *list_length);
+
+
+
+/************************************
+ *                                  *
+ *   cryptograhic hash functions    *
+ *                                  *
+ ************************************/
+
+/* Algorithm IDs for the hash functions we know about. Not all of them
+   are implemnted. */
+enum gcry_md_algos
+  {
+    GCRY_MD_NONE    = 0,  
+    GCRY_MD_MD5     = 1,
+    GCRY_MD_SHA1    = 2,
+    GCRY_MD_RMD160  = 3,
+    GCRY_MD_MD2     = 5,
+    GCRY_MD_TIGER   = 6,   /* TIGER/192. */
+    GCRY_MD_HAVAL   = 7,   /* HAVAL, 5 pass, 160 bit. */
+    GCRY_MD_SHA256  = 8,
+    GCRY_MD_SHA384  = 9,
+    GCRY_MD_SHA512  = 10,
+    GCRY_MD_SHA224  = 11,
+    GCRY_MD_MD4     = 301,
+    GCRY_MD_CRC32               = 302,
+    GCRY_MD_CRC32_RFC1510       = 303,
+    GCRY_MD_CRC24_RFC2440       = 304,
+    GCRY_MD_WHIRLPOOL = 305
+  };
+
+/* Flags used with the open function.  */
+enum gcry_md_flags
+  {
+    GCRY_MD_FLAG_SECURE = 1,  /* Allocate all buffers in "secure"
+                                 memory.  */
+    GCRY_MD_FLAG_HMAC   = 2   /* Make an HMAC out of this
+                                 algorithm.  */
+  };
+
+/* Forward declaration.  */
+struct gcry_md_context;
+
+/* This object is used to hold a handle to a message digest object.
+   This structure is private - only to be used by the public gcry_md_*
+   macros.  */
+typedef struct gcry_md_handle 
+{
+  /* Actual context.  */
+  struct gcry_md_context *ctx;
+  
+  /* Buffer management.  */
+  int  bufpos;
+  int  bufsize;
+  unsigned char buf[1];
+} *gcry_md_hd_t;
+
+/* Compatibility types, do not use them.  */
+typedef struct gcry_md_handle *GCRY_MD_HD _GCRY_GCC_ATTR_DEPRECATED;
+typedef struct gcry_md_handle *GcryMDHd _GCRY_GCC_ATTR_DEPRECATED;
+
+/* Create a message digest object for algorithm ALGO.  FLAGS may be
+   given as an bitwise OR of the gcry_md_flags values.  ALGO may be
+   given as 0 if the algorithms to be used are later set using
+   gcry_md_enable.  */
+gcry_error_t gcry_md_open (gcry_md_hd_t *h, int algo, unsigned int flags);
+
+/* Release the message digest object HD.  */
+void gcry_md_close (gcry_md_hd_t hd);
+
+/* Add the message digest algorithm ALGO to the digest object HD.  */
+gcry_error_t gcry_md_enable (gcry_md_hd_t hd, int algo);
+
+/* Create a new digest object as an exact copy of the object HD.  */
+gcry_error_t gcry_md_copy (gcry_md_hd_t *bhd, gcry_md_hd_t ahd);
+
+/* Reset the digest object HD to its initial state.  */
+void gcry_md_reset (gcry_md_hd_t hd);
+
+/* Perform various operations on the digets object HD. */
+gcry_error_t gcry_md_ctl (gcry_md_hd_t hd, int cmd, unsigned char *buffer,
+                         size_t buflen);
+
+/* Pass LENGTH bytes of data in BUFFER to the digest object HD so that
+   it can update the digest values.  This is the actual hash
+   function. */
+void gcry_md_write (gcry_md_hd_t hd, const void *buffer, size_t length);
+
+/* Read out the final digest from HD return the digest value for
+   algorithm ALGO. */
+unsigned char *gcry_md_read (gcry_md_hd_t hd, int algo);
+
+/* Convenience function to calculate the hash from the data in BUFFER
+   of size LENGTH using the algorithm ALGO avoiding the creating of a
+   hash object.  The hash is returned in the caller provided buffer
+   DIGEST which must be large enough to hold the digest of the given
+   algorithm. */
+void gcry_md_hash_buffer (int algo, void *digest,
+                          const void *buffer, size_t length);
+
+/* Retrieve the algorithm used with HD.  This does not work reliable
+   if more than one algorithm is enabled in HD. */
+int gcry_md_get_algo (gcry_md_hd_t hd);
+
+/* Retrieve the length in bytes of the digest yielded by algorithm
+   ALGO. */
+unsigned int gcry_md_get_algo_dlen (int algo);
+
+/* Return true if the the algorithm ALGO is enabled in the digest
+   object A. */
+int gcry_md_is_enabled (gcry_md_hd_t a, int algo);
+
+/* Return true if the digest object A is allocated in "secure" memory. */
+int gcry_md_is_secure (gcry_md_hd_t a);
+
+/* Retrieve various information about the object H.  */
+gcry_error_t gcry_md_info (gcry_md_hd_t h, int what, void *buffer,
+                          size_t *nbytes);
+
+/* Retrieve various information about the algorithm ALGO.  */
+gcry_error_t gcry_md_algo_info (int algo, int what, void *buffer,
+                               size_t *nbytes);
+
+/* Map the digest algorithm id ALGO to a string representation of the
+   algorithm name.  For unknown algorithms this functions returns an
+   empty string. */
+const char *gcry_md_algo_name (int algo) _GCRY_GCC_ATTR_PURE;
+
+/* Map the algorithm NAME to a digest algorithm Id.  Return 0 if
+   the algorithm name is not known. */
+int gcry_md_map_name (const char* name) _GCRY_GCC_ATTR_PURE;
+
+/* For use with the HMAC feature, the set MAC key to the KEY of
+   KEYLEN. */
+gcry_error_t gcry_md_setkey (gcry_md_hd_t hd, const void *key, size_t keylen);
+
+/* Update the hash(s) of H with the character C.  This is a buffered
+   version of the gcry_md_write function. */
+#define gcry_md_putc(h,c)  \
+            do {                                          \
+                gcry_md_hd_t h__ = (h);                   \
+                if( (h__)->bufpos == (h__)->bufsize )     \
+                    gcry_md_write( (h__), NULL, 0 );      \
+                (h__)->buf[(h__)->bufpos++] = (c) & 0xff; \
+            } while(0)
+
+/* Finalize the digest calculation.  This is not really needed because
+   gcry_md_read() does this implicitly. */
+#define gcry_md_final(a) \
+            gcry_md_ctl ((a), GCRYCTL_FINALIZE, NULL, 0)
+
+/* Return 0 if the algorithm A is available for use. */
+#define gcry_md_test_algo(a) \
+            gcry_md_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
+
+/* Return an DER encoded ASN.1 OID for the algorithm A in buffer B. N
+   must point to size_t variable with the available size of buffer B.
+   After return it will receive the actual size of the returned
+   OID. */
+#define gcry_md_get_asnoid(a,b,n) \
+            gcry_md_algo_info((a), GCRYCTL_GET_ASNOID, (b), (n))
+
+/* Enable debugging for digets object A; i.e. create files named
+   dbgmd-<n>.<string> while hashing.  B is a string used as the suffix
+   for the filename. */
+#define gcry_md_start_debug(a,b) \
+            gcry_md_ctl( (a), GCRYCTL_START_DUMP, (b), 0 )
+
+/* Disable the debugging of A. */
+#define gcry_md_stop_debug(a,b) \
+            gcry_md_ctl( (a), GCRYCTL_STOP_DUMP, (b), 0 )
+
+/* Get a list consisting of the IDs of the loaded message digest
+   modules.  If LIST is zero, write the number of loaded message
+   digest modules to LIST_LENGTH and return.  If LIST is non-zero, the
+   first *LIST_LENGTH algorithm IDs are stored in LIST, which must be
+   of according size.  In case there are less message digest modules
+   than *LIST_LENGTH, *LIST_LENGTH is updated to the correct
+   number.  */
+gcry_error_t gcry_md_list (int *list, int *list_length);
+
+
+
+/* Alternative interface for asymetric cryptography.  */
+
+/* The algorithm IDs. */
+typedef enum gcry_ac_id
+  {
+    GCRY_AC_RSA = 1,
+    GCRY_AC_DSA = 17,
+    GCRY_AC_ELG = 20,
+    GCRY_AC_ELG_E = 16
+  }
+gcry_ac_id_t;
+
+/* Key types.  */
+typedef enum gcry_ac_key_type
+  {
+    GCRY_AC_KEY_SECRET,
+    GCRY_AC_KEY_PUBLIC
+  }
+gcry_ac_key_type_t;
+
+/* Encoding methods.  */
+typedef enum gcry_ac_em
+  {
+    GCRY_AC_EME_PKCS_V1_5,
+    GCRY_AC_EMSA_PKCS_V1_5,
+  }
+gcry_ac_em_t;
+
+/* Encryption and Signature schemes.  */
+typedef enum gcry_ac_scheme
+  {
+    GCRY_AC_ES_PKCS_V1_5,
+    GCRY_AC_SSA_PKCS_V1_5,
+  }
+gcry_ac_scheme_t;
+
+/* AC data.  */
+#define GCRY_AC_FLAG_DEALLOC     (1 << 0)
+#define GCRY_AC_FLAG_COPY        (1 << 1)
+#define GCRY_AC_FLAG_NO_BLINDING (1 << 2)
+
+/* This type represents a `data set'.  */
+typedef struct gcry_ac_data *gcry_ac_data_t;
+
+/* This type represents a single `key', either a secret one or a
+   public one.  */
+typedef struct gcry_ac_key *gcry_ac_key_t;
+
+/* This type represents a `key pair' containing a secret and a public
+   key.  */
+typedef struct gcry_ac_key_pair *gcry_ac_key_pair_t;
+
+/* This type represents a `handle' that is needed by functions
+   performing cryptographic operations.  */
+typedef struct gcry_ac_handle *gcry_ac_handle_t;
+
+typedef gpg_error_t (*gcry_ac_data_read_cb_t) (void *opaque,
+					       unsigned char *buffer,
+					       size_t *buffer_n);
+
+typedef gpg_error_t (*gcry_ac_data_write_cb_t) (void *opaque,
+						unsigned char *buffer,
+						size_t buffer_n);
+
+typedef enum
+  {
+    GCRY_AC_IO_READABLE,
+    GCRY_AC_IO_WRITABLE
+  }
+gcry_ac_io_mode_t;
+
+typedef enum
+  {
+    GCRY_AC_IO_STRING,
+    GCRY_AC_IO_CALLBACK
+  }
+gcry_ac_io_type_t;
+
+typedef struct gcry_ac_io
+{
+  /* This is an INTERNAL structure, do NOT use manually.  */
+  gcry_ac_io_mode_t mode;
+  gcry_ac_io_type_t type;
+  union
+  {
+    union
+    {
+      struct
+      {
+	gcry_ac_data_read_cb_t cb;
+	void *opaque;
+      } callback;
+      struct
+      {
+	unsigned char *data;
+	size_t data_n;
+      } string;
+      void *opaque;
+    } readable;
+    union
+    {
+      struct
+      {
+	gcry_ac_data_write_cb_t cb;
+	void *opaque;
+      } callback;
+      struct
+      {
+	unsigned char **data;
+	size_t *data_n;
+      } string;
+      void *opaque;
+    } writable;
+  };
+}
+gcry_ac_io_t;
+
+/* The caller of gcry_ac_key_pair_generate can provide one of these
+   structures in order to influence the key generation process in an
+   algorithm-specific way.  */
+typedef struct gcry_ac_key_spec_rsa
+{
+  gcry_mpi_t e;                 /* E to use.  */
+} gcry_ac_key_spec_rsa_t;
+
+/* Structure used for passing data to the implementation of the
+   `EME-PKCS-V1_5' encoding method.  */
+typedef struct gcry_ac_eme_pkcs_v1_5
+{
+  size_t key_size;
+} gcry_ac_eme_pkcs_v1_5_t;
+
+typedef enum gcry_md_algos gcry_md_algo_t;
+
+/* Structure used for passing data to the implementation of the
+   `EMSA-PKCS-V1_5' encoding method.  */
+typedef struct gcry_ac_emsa_pkcs_v1_5
+{
+  gcry_md_algo_t md;
+  size_t em_n;
+} gcry_ac_emsa_pkcs_v1_5_t;
+
+/* Structure used for passing data to the implementation of the
+   `SSA-PKCS-V1_5' signature scheme.  */
+typedef struct gcry_ac_ssa_pkcs_v1_5
+{
+  gcry_md_algo_t md;
+} gcry_ac_ssa_pkcs_v1_5_t;
+
+/* Returns a new, empty data set in DATA.  */
+gcry_error_t gcry_ac_data_new (gcry_ac_data_t *data);
+
+/* Destroy the data set DATA.  */
+void gcry_ac_data_destroy (gcry_ac_data_t data);
+
+/* Create a copy of the data set DATA and store it in DATA_CP.  */
+gcry_error_t gcry_ac_data_copy (gcry_ac_data_t *data_cp,
+                               gcry_ac_data_t data);
+
+/* Return the number of named MPI values inside of the data set
+   DATA.  */
+unsigned int gcry_ac_data_length (gcry_ac_data_t data);
+
+/* Destroy any values contained in the data set DATA.  */
+void gcry_ac_data_clear (gcry_ac_data_t data);
+
+/* Add the value MPI to DATA with the label NAME.  If FLAGS contains
+   GCRY_AC_FLAG_DATA_COPY, the data set will contain copies of NAME
+   and MPI.  If FLAGS contains GCRY_AC_FLAG_DATA_DEALLOC or
+   GCRY_AC_FLAG_DATA_COPY, the values contained in the data set will
+   be deallocated when they are to be removed from the data set.  */
+gcry_error_t gcry_ac_data_set (gcry_ac_data_t data, unsigned int flags,
+                               const char *name, gcry_mpi_t mpi);
+
+/* Store the value labelled with NAME found in DATA in MPI.  If FLAGS
+   contains GCRY_AC_FLAG_COPY, store a copy of the MPI value contained
+   in the data set.  MPI may be NULL.  */
+gcry_error_t gcry_ac_data_get_name (gcry_ac_data_t data, unsigned int flags,
+                                    const char *name, gcry_mpi_t *mpi);
+
+/* Stores in NAME and MPI the named MPI value contained in the data
+   set DATA with the index IDX.  If FLAGS contains GCRY_AC_FLAG_COPY,
+   store copies of the values contained in the data set. NAME or MPI
+   may be NULL.  */
+gcry_error_t gcry_ac_data_get_index (gcry_ac_data_t data, unsigned int flags,
+                                     unsigned int idx,
+                                     const char **name, gcry_mpi_t *mpi);
+
+/* Convert the data set DATA into a new S-Expression, which is to be
+   stored in SEXP, according to the identifiers contained in
+   IDENTIFIERS.  */
+gcry_error_t gcry_ac_data_to_sexp (gcry_ac_data_t data, gcry_sexp_t *sexp,
+				   const char **identifiers);
+
+/* Create a new data set, which is to be stored in DATA_SET, from the
+   S-Expression SEXP, according to the identifiers contained in
+   IDENTIFIERS.  */
+gcry_error_t gcry_ac_data_from_sexp (gcry_ac_data_t *data, gcry_sexp_t sexp,
+				     const char **identifiers);
+
+/* Initialize AC_IO according to MODE, TYPE and the variable list of
+   arguments.  The list of variable arguments to specify depends on
+   the given TYPE.  */
+void gcry_ac_io_init (gcry_ac_io_t *ac_io, gcry_ac_io_mode_t mode,
+		      gcry_ac_io_type_t type, ...);
+
+/* Initialize AC_IO according to MODE, TYPE and the variable list of
+   arguments AP.  The list of variable arguments to specify depends on
+   the given TYPE.  */
+void gcry_ac_io_init_va (gcry_ac_io_t *ac_io, gcry_ac_io_mode_t mode,
+			 gcry_ac_io_type_t type, va_list ap);
+
+/* Create a new ac handle.  */
+gcry_error_t gcry_ac_open (gcry_ac_handle_t *handle,
+                           gcry_ac_id_t algorithm, unsigned int flags);
+
+/* Destroy an ac handle.  */
+void gcry_ac_close (gcry_ac_handle_t handle);
+
+/* Initialize a key from a given data set.  */
+gcry_error_t gcry_ac_key_init (gcry_ac_key_t *key, gcry_ac_handle_t handle,
+                               gcry_ac_key_type_t type, gcry_ac_data_t data);
+
+/* Generates a new key pair via the handle HANDLE of NBITS bits and
+   stores it in KEY_PAIR.  In case non-standard settings are wanted, a
+   pointer to a structure of type gcry_ac_key_spec_<algorithm>_t,
+   matching the selected algorithm, can be given as KEY_SPEC.
+   MISC_DATA is not used yet.  */
+gcry_error_t gcry_ac_key_pair_generate (gcry_ac_handle_t handle,
+                                        unsigned int nbits, void *spec,
+                                        gcry_ac_key_pair_t *key_pair,
+                                        gcry_mpi_t **misc_data);
+
+/* Returns the key of type WHICH out of the key pair KEY_PAIR.  */
+gcry_ac_key_t gcry_ac_key_pair_extract (gcry_ac_key_pair_t key_pair,
+                                        gcry_ac_key_type_t which);
+
+/* Returns the data set contained in the key KEY.  */
+gcry_ac_data_t gcry_ac_key_data_get (gcry_ac_key_t key);
+
+/* Verifies that the key KEY is sane via HANDLE.  */
+gcry_error_t gcry_ac_key_test (gcry_ac_handle_t handle, gcry_ac_key_t key);
+
+/* Stores the number of bits of the key KEY in NBITS via HANDLE.  */
+gcry_error_t gcry_ac_key_get_nbits (gcry_ac_handle_t handle,
+                                    gcry_ac_key_t key, unsigned int *nbits);
+
+/* Writes the 20 byte long key grip of the key KEY to KEY_GRIP via
+   HANDLE.  */
+gcry_error_t gcry_ac_key_get_grip (gcry_ac_handle_t handle, gcry_ac_key_t key,
+                                   unsigned char *key_grip);
+
+/* Destroy a key.  */
+void gcry_ac_key_destroy (gcry_ac_key_t key);
+
+/* Destroy a key pair.  */
+void gcry_ac_key_pair_destroy (gcry_ac_key_pair_t key_pair);
+
+/* Encodes a message according to the encoding method METHOD.  OPTIONS
+   must be a pointer to a method-specific structure
+   (gcry_ac_em*_t).  */
+gcry_error_t gcry_ac_data_encode (gcry_ac_em_t method,
+				  unsigned int flags, void *options,
+				  gcry_ac_io_t *io_read,
+				  gcry_ac_io_t *io_write);
+
+/* Decodes a message according to the encoding method METHOD.  OPTIONS
+   must be a pointer to a method-specific structure
+   (gcry_ac_em*_t).  */
+gcry_error_t gcry_ac_data_decode (gcry_ac_em_t method,
+				  unsigned int flags, void *options,
+				  gcry_ac_io_t *io_read,
+				  gcry_ac_io_t *io_write);
+
+/* Encrypt the plain text MPI value DATA_PLAIN with the key KEY under
+   the control of the flags FLAGS and store the resulting data set
+   into DATA_ENCRYPTED.  */
+gcry_error_t gcry_ac_data_encrypt (gcry_ac_handle_t handle,
+                                   unsigned int flags,
+                                   gcry_ac_key_t key,
+                                   gcry_mpi_t data_plain,
+                                   gcry_ac_data_t *data_encrypted);
+
+/* Decrypt the decrypted data contained in the data set DATA_ENCRYPTED
+   with the key KEY under the control of the flags FLAGS and store the
+   resulting plain text MPI value in DATA_PLAIN.  */
+gcry_error_t gcry_ac_data_decrypt (gcry_ac_handle_t handle,
+                                   unsigned int flags,
+                                   gcry_ac_key_t key,
+                                   gcry_mpi_t *data_plain,
+                                   gcry_ac_data_t data_encrypted);
+
+/* Sign the data contained in DATA with the key KEY and store the
+   resulting signature in the data set DATA_SIGNATURE.  */
+gcry_error_t gcry_ac_data_sign (gcry_ac_handle_t handle,
+                                gcry_ac_key_t key,
+                                gcry_mpi_t data,
+                                gcry_ac_data_t *data_signature);
+
+/* Verify that the signature contained in the data set DATA_SIGNATURE
+   is indeed the result of signing the data contained in DATA with the
+   secret key belonging to the public key KEY.  */
+gcry_error_t gcry_ac_data_verify (gcry_ac_handle_t handle,
+                                  gcry_ac_key_t key,
+                                  gcry_mpi_t data,
+                                  gcry_ac_data_t data_signature);
+
+/* Encrypts the plain text readable from IO_MESSAGE through HANDLE
+   with the public key KEY according to SCHEME, FLAGS and OPTS.  If
+   OPTS is not NULL, it has to be a pointer to a structure specific to
+   the chosen scheme (gcry_ac_es_*_t).  The encrypted message is
+   written to IO_CIPHER. */
+gcry_error_t gcry_ac_data_encrypt_scheme (gcry_ac_handle_t handle,
+					  gcry_ac_scheme_t scheme,
+					  unsigned int flags, void *opts,
+					  gcry_ac_key_t key,
+					  gcry_ac_io_t *io_message,
+					  gcry_ac_io_t *io_cipher);
+
+/* Decrypts the cipher text readable from IO_CIPHER through HANDLE
+   with the secret key KEY according to SCHEME, @var{flags} and OPTS.
+   If OPTS is not NULL, it has to be a pointer to a structure specific
+   to the chosen scheme (gcry_ac_es_*_t).  The decrypted message is
+   written to IO_MESSAGE.  */
+gcry_error_t gcry_ac_data_decrypt_scheme (gcry_ac_handle_t handle,
+					  gcry_ac_scheme_t scheme,
+					  unsigned int flags, void *opts,
+					  gcry_ac_key_t key,
+					  gcry_ac_io_t *io_cipher,
+					  gcry_ac_io_t *io_message);
+
+/* Signs the message readable from IO_MESSAGE through HANDLE with the
+   secret key KEY according to SCHEME, FLAGS and OPTS.  If OPTS is not
+   NULL, it has to be a pointer to a structure specific to the chosen
+   scheme (gcry_ac_ssa_*_t).  The signature is written to
+   IO_SIGNATURE.  */
+gcry_error_t gcry_ac_data_sign_scheme (gcry_ac_handle_t handle,
+				       gcry_ac_scheme_t scheme,
+				       unsigned int flags, void *opts,
+				       gcry_ac_key_t key,
+				       gcry_ac_io_t *io_message,
+				       gcry_ac_io_t *io_signature);
+
+/* Verifies through HANDLE that the signature readable from
+   IO_SIGNATURE is indeed the result of signing the message readable
+   from IO_MESSAGE with the secret key belonging to the public key KEY
+   according to SCHEME and OPTS.  If OPTS is not NULL, it has to be an
+   anonymous structure (gcry_ac_ssa_*_t) specific to the chosen
+   scheme.  */
+gcry_error_t gcry_ac_data_verify_scheme (gcry_ac_handle_t handle,
+					 gcry_ac_scheme_t scheme,
+					 unsigned int flags, void *opts,
+					 gcry_ac_key_t key,
+					 gcry_ac_io_t *io_message,
+					 gcry_ac_io_t *io_signature);
+
+/* Store the textual representation of the algorithm whose id is given
+   in ALGORITHM in NAME.  */
+gcry_error_t gcry_ac_id_to_name (gcry_ac_id_t algorithm,
+                                const char **name);
+
+/* Store the numeric ID of the algorithm whose textual representation
+   is contained in NAME in ALGORITHM.  */
+gcry_error_t gcry_ac_name_to_id (const char *name,
+                                gcry_ac_id_t *algorithm);
+
+
+
+/************************************
+ *                                  *
+ *   random generating functions    *
+ *                                  *
+ ************************************/
+
+/* The possible values for the random quality.  The rule of thumb is
+   to use STRONG for session keys and VERY_STRONG for key material.
+   WEAK is currently an alias for STRONG and should not be used
+   anymore - use gcry_create_nonce instead. */
+typedef enum gcry_random_level
+  {
+    GCRY_WEAK_RANDOM = 0,
+    GCRY_STRONG_RANDOM = 1,
+    GCRY_VERY_STRONG_RANDOM = 2
+  }
+gcry_random_level_t;
+
+/* Fill BUFFER with LENGTH bytes of random, using random numbers of
+   quality LEVEL. */
+void gcry_randomize (unsigned char *buffer, size_t length,
+                     enum gcry_random_level level);
+
+/* Add the external random from BUFFER with LENGTH bytes into the
+   pool. QUALITY should either be -1 for unknown or in the range of 0
+   to 100 */
+gcry_error_t gcry_random_add_bytes (const void *buffer, size_t length,
+                                   int quality);
+
+/* If random numbers are used in an application, this macro should be
+   called from time to time so that new stuff gets added to the
+   internal pool of the RNG.  */
+#define gcry_fast_random_poll()  gcry_control (GCRYCTL_FAST_POLL, NULL)
+
+
+/* Return NBYTES of allocated random using a random numbers of quality
+   LEVEL. */
+void *gcry_random_bytes (size_t nbytes, enum gcry_random_level level)
+                         _GCRY_GCC_ATTR_MALLOC;
+
+/* Return NBYTES of allocated random using a random numbers of quality
+   LEVEL.  The random numbers are created returned in "secure"
+   memory. */
+void *gcry_random_bytes_secure (size_t nbytes, enum gcry_random_level level)
+                                _GCRY_GCC_ATTR_MALLOC;
+
+
+/* Set the big integer W to a random value of NBITS using a random
+   generator with quality LEVEL. */
+void gcry_mpi_randomize (gcry_mpi_t w,
+                         unsigned int nbits, enum gcry_random_level level);
+
+
+/* Create an unpredicable nonce of LENGTH bytes in BUFFER. */
+void gcry_create_nonce (unsigned char *buffer, size_t length);
+
+
+
+
+/* Prime interface.  */
+
+/* Mode values passed to a gcry_prime_check_func_t. */
+#define GCRY_PRIME_CHECK_AT_FINISH      0
+#define GCRY_PRIME_CHECK_AT_GOT_PRIME   1
+#define GCRY_PRIME_CHECK_AT_MAYBE_PRIME 2
+
+/* The function should return 1 if the operation shall continue, 0 to
+   reject the prime candidate. */
+typedef int (*gcry_prime_check_func_t) (void *arg, int mode,
+                                        gcry_mpi_t candidate);
+
+/* Flags for gcry_prime_generate():  */
+
+/* Allocate prime numbers and factors in secure memory.  */
+#define GCRY_PRIME_FLAG_SECRET         (1 << 0)
+
+/* Make sure that at least one prime factor is of size
+   `FACTOR_BITS'.  */
+#define GCRY_PRIME_FLAG_SPECIAL_FACTOR (1 << 1)
+
+/* Generate a new prime number of PRIME_BITS bits and store it in
+   PRIME.  If FACTOR_BITS is non-zero, one of the prime factors of
+   (prime - 1) / 2 must be FACTOR_BITS bits long.  If FACTORS is
+   non-zero, allocate a new, NULL-terminated array holding the prime
+   factors and store it in FACTORS.  FLAGS might be used to influence
+   the prime number generation process.  */
+gcry_error_t gcry_prime_generate (gcry_mpi_t *prime,
+                                  unsigned int prime_bits,
+                                  unsigned int factor_bits,
+                                  gcry_mpi_t **factors,
+                                  gcry_prime_check_func_t cb_func,
+                                  void *cb_arg,
+                                  gcry_random_level_t random_level,
+                                  unsigned int flags);
+
+/* Find a generator for PRIME where the factorization of (prime-1) is
+   in the NULL terminated array FACTORS. Return the generator as a
+   newly allocated MPI in R_G.  If START_G is not NULL, use this as
+   teh start for the search. */
+gcry_error_t gcry_prime_group_generator (gcry_mpi_t *r_g,
+                                         gcry_mpi_t prime, gcry_mpi_t *factors,
+                                         gcry_mpi_t start_g);
+
+
+/* Convenience function to release the FACTORS array. */
+void gcry_prime_release_factors (gcry_mpi_t *factors);
+
+
+/* Check wether the number X is prime.  */
+gcry_error_t gcry_prime_check (gcry_mpi_t x, unsigned int flags);
+
+
+
+/************************************
+ *                                  *
+ *     miscellaneous stuff          *
+ *                                  *
+ ************************************/
+
+/* Log levels used by the internal logging facility. */
+enum gcry_log_levels 
+  {
+    GCRY_LOG_CONT   = 0,    /* continue the last log line */
+    GCRY_LOG_INFO   = 10,
+    GCRY_LOG_WARN   = 20,
+    GCRY_LOG_ERROR  = 30,
+    GCRY_LOG_FATAL  = 40,
+    GCRY_LOG_BUG    = 50,
+    GCRY_LOG_DEBUG  = 100
+  };
+
+/* Type for progress handlers.  */
+typedef void (*gcry_handler_progress_t) (void *, const char *, int, int, int);
+
+/* Type for memory allocation handlers.  */
+typedef void *(*gcry_handler_alloc_t) (size_t n);
+
+/* Type for secure memory check handlers.  */
+typedef int (*gcry_handler_secure_check_t) (const void *);
+
+/* Type for memory reallocation handlers.  */
+typedef void *(*gcry_handler_realloc_t) (void *p, size_t n);
+
+/* Type for memory free handlers.  */
+typedef void (*gcry_handler_free_t) (void *);
+
+/* Type for out-of-memory handlers.  */
+typedef int (*gcry_handler_no_mem_t) (void *, size_t, unsigned int);
+
+/* Type for fatal error handlers.  */
+typedef void (*gcry_handler_error_t) (void *, int, const char *);
+
+/* Type for logging handlers.  */
+typedef void (*gcry_handler_log_t) (void *, int, const char *, va_list);
+
+/* Certain operations can provide progress information.  This function
+   is used to register a handler for retrieving these information. */
+void gcry_set_progress_handler (gcry_handler_progress_t cb, void *cb_data);
+
+
+/* Register a custom memory allocation functions. */
+void gcry_set_allocation_handler (
+                             gcry_handler_alloc_t func_alloc,
+                             gcry_handler_alloc_t func_alloc_secure,
+                             gcry_handler_secure_check_t func_secure_check,
+                             gcry_handler_realloc_t func_realloc,
+                             gcry_handler_free_t func_free);
+
+/* Register a function used instead of the internal out of memory
+   handler. */
+void gcry_set_outofcore_handler (gcry_handler_no_mem_t h, void *opaque);
+
+/* Register a function used instead of the internal fatal error
+   handler. */
+void gcry_set_fatalerror_handler (gcry_handler_error_t fnc, void *opaque);
+
+/* Register a function used instead of the internal logging
+   facility. */
+void gcry_set_log_handler (gcry_handler_log_t f, void *opaque);
+
+/* Reserved for future use. */
+void gcry_set_gettext_handler (const char *(*f)(const char*));
+
+/* Libgcrypt uses its own memory allocation.  It is important to use
+   gcry_free () to release memory allocated by libgcrypt. */
+void *gcry_malloc (size_t n) _GCRY_GCC_ATTR_MALLOC;
+void *gcry_calloc (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC;
+void *gcry_malloc_secure (size_t n) _GCRY_GCC_ATTR_MALLOC;
+void *gcry_calloc_secure (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC;
+void *gcry_realloc (void *a, size_t n);
+char *gcry_strdup (const char *string) _GCRY_GCC_ATTR_MALLOC;
+void *gcry_xmalloc (size_t n) _GCRY_GCC_ATTR_MALLOC;
+void *gcry_xcalloc (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC;
+void *gcry_xmalloc_secure (size_t n) _GCRY_GCC_ATTR_MALLOC;
+void *gcry_xcalloc_secure (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC;
+void *gcry_xrealloc (void *a, size_t n);
+char *gcry_xstrdup (const char * a) _GCRY_GCC_ATTR_MALLOC;
+void  gcry_free (void *a);
+
+/* Return true if A is allocated in "secure" memory. */
+int gcry_is_secure (const void *a) _GCRY_GCC_ATTR_PURE;
+
+/* Include support for Libgcrypt modules.  */
+#include <gcrypt-module.h>
+
+#if 0 /* keep Emacsens' auto-indent happy */
+{
+#endif
+#ifdef __cplusplus
+}
+#endif
+#endif /* _GCRYPT_H */


From cvs at cvs.gnupg.org  Wed Oct 11 12:18:38 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Wed Oct 11 11:47:54 2006
Subject: [svn] GnuPG -  r4296 - tags
Message-ID: <E1GXago-0000oL-S1@trithemius.gnupg.org>

Author: wk
Date: 2006-10-11 12:18:38 +0200 (Wed, 11 Oct 2006)
New Revision: 4296

Added:
   tags/gnupg-1.9.92/
Log:


From cvs at cvs.gnupg.org  Wed Oct 11 14:01:19 2006
From: cvs at cvs.gnupg.org (svn author marcus)
Date: Wed Oct 11 13:30:40 2006
Subject: [svn] gcry - r1181 - in trunk: . src
Message-ID: <E1GXcIB-0000G3-QG@trithemius.gnupg.org>

Author: marcus
Date: 2006-10-11 14:01:17 +0200 (Wed, 11 Oct 2006)
New Revision: 1181

Modified:
   trunk/ChangeLog
   trunk/acinclude.m4
   trunk/configure.ac
   trunk/src/ChangeLog
   trunk/src/gcrypt.h.in
Log:
2006-10-11  Marcus Brinkmann  <marcus@g10code.de>

	* acinclude.m4 (GNUPG_FIX_HDR_VERSION): Removed.
	* configure.ac: Do not call GNUPG_FIX_HDR_VERSION.

src/
2006-10-11  Marcus Brinkmann  <marcus@g10code.de>

	* gcrypt.h.in: Replace version by @VERSION@.


Modified: trunk/ChangeLog
===================================================================
--- trunk/ChangeLog	2006-10-10 18:27:28 UTC (rev 1180)
+++ trunk/ChangeLog	2006-10-11 12:01:17 UTC (rev 1181)
@@ -1,3 +1,8 @@
+2006-10-11  Marcus Brinkmann  <marcus@g10code.de>
+
+	* acinclude.m4 (GNUPG_FIX_HDR_VERSION): Removed.
+	* configure.ac: Do not call GNUPG_FIX_HDR_VERSION.
+
 2006-10-10  Marcus Brinkmann  <marcus@g10code.de>
 
 	* configure.ac: Invoke AC_CHECK_SOCKLEN_TYPE.

Modified: trunk/acinclude.m4
===================================================================
--- trunk/acinclude.m4	2006-10-10 18:27:28 UTC (rev 1180)
+++ trunk/acinclude.m4	2006-10-11 12:01:17 UTC (rev 1181)
@@ -44,32 +44,6 @@
   ])
 
 
-dnl GNUPG_FIX_HDR_VERSION(FILE, NAME)
-dnl Make the version number in gcrypt/gcrypt.h the same as the one here.
-dnl (this is easier than to have a .in file just for one substitution)
-dnl We must use a temp file in the current directory because make distcheck 
-dnl install all sourcefiles RO.
-dnl
-AC_DEFUN([GNUPG_FIX_HDR_VERSION],
-  [ sed "s/^#define $2 \".*/#define $2 \"$VERSION\"/" $srcdir/$1 > fixhdr.tmp
-    if cmp -s $srcdir/$1 fixhdr.tmp 2>/dev/null; then
-        rm -f fixhdr.tmp
-    else
-        rm -f $srcdir/$1
-        if mv fixhdr.tmp $srcdir/$1 ; then
-            :
-        else
-            AC_MSG_ERROR([[
-***
-*** Failed to fix the version string macro $2 in $1.
-*** The old file has been saved as fixhdr.tmp
-***]])
-        fi
-        AC_MSG_WARN([fixed the $2 macro in $1])
-    fi
-  ])
-
-
 dnl GNUPG_CHECK_GNUMAKE
 dnl
 AC_DEFUN([GNUPG_CHECK_GNUMAKE],

Modified: trunk/configure.ac
===================================================================
--- trunk/configure.ac	2006-10-10 18:27:28 UTC (rev 1180)
+++ trunk/configure.ac	2006-10-11 12:01:17 UTC (rev 1181)
@@ -689,12 +689,6 @@
 fi
 AC_SUBST(NOEXECSTACK_FLAGS)
 
-#
-# Make the version number in src/gcrypt.h the same as the one here.
-# (this is easier than to have a *.in file just for one substitution)
-#
-GNUPG_FIX_HDR_VERSION([src/gcrypt.h], GCRYPT_VERSION)
-
 AC_SUBST(LIBGCRYPT_CONFIG_API_VERSION)
 AC_SUBST(LIBGCRYPT_CONFIG_LIBS)
 AC_SUBST(LIBGCRYPT_CONFIG_CFLAGS)

Modified: trunk/src/ChangeLog
===================================================================
--- trunk/src/ChangeLog	2006-10-10 18:27:28 UTC (rev 1180)
+++ trunk/src/ChangeLog	2006-10-11 12:01:17 UTC (rev 1181)
@@ -1,3 +1,7 @@
+2006-10-11  Marcus Brinkmann  <marcus@g10code.de>
+
+	* gcrypt.h.in: Replace version by @VERSION@.
+
 2006-10-10  Marcus Brinkmann  <marcus@g10code.de>
 
 	* gcrypt.h: Add fallback type for socklen_t.  Move to ...

Modified: trunk/src/gcrypt.h.in
===================================================================
--- trunk/src/gcrypt.h.in	2006-10-10 18:27:28 UTC (rev 1180)
+++ trunk/src/gcrypt.h.in	2006-10-11 12:01:17 UTC (rev 1181)
@@ -54,9 +54,8 @@
    should not be used by a program because gcry_check_version() should
    return the same version.  The purpose of this macro is to let
    autoconf (using the AM_PATH_GCRYPT macro) check that this header
-   matches the installed library.  Note: Do not edit the next line as
-   configure may fix the string here.  */
-#define GCRYPT_VERSION "1.3.0-cvs"
+   matches the installed library.  */
+#define GCRYPT_VERSION "@VERSION@"
 
 /* Internal: We can't use the convenience macros for the multi
    precision integer functions when building this library. */


From cvs at cvs.gnupg.org  Wed Oct 11 14:25:50 2006
From: cvs at cvs.gnupg.org (svn author marcus)
Date: Wed Oct 11 13:55:29 2006
Subject: [svn] gcry - r1182 - in trunk: . m4
Message-ID: <E1GXcfu-00060U-Ed@trithemius.gnupg.org>

Author: marcus
Date: 2006-10-11 14:25:50 +0200 (Wed, 11 Oct 2006)
New Revision: 1182

Removed:
   trunk/m4/fallback.m4
Modified:
   trunk/ChangeLog
   trunk/configure.ac
   trunk/m4/ChangeLog
Log:
2006-10-11  Marcus Brinkmann  <marcus@g10code.de>

	* configure.ac (FALLBACK_SOCKLEN_T): Rewrite in terms of
	socklen.m4.

m4/
2006-10-11  Marcus Brinkmann  <marcus@g10code.de>

	* fallback.m4: Removed again.


Modified: trunk/ChangeLog
===================================================================
--- trunk/ChangeLog	2006-10-11 12:01:17 UTC (rev 1181)
+++ trunk/ChangeLog	2006-10-11 12:25:50 UTC (rev 1182)
@@ -1,5 +1,10 @@
 2006-10-11  Marcus Brinkmann  <marcus@g10code.de>
 
+	* configure.ac (FALLBACK_SOCKLEN_T): Rewrite in terms of
+	socklen.m4.
+
+2006-10-11  Marcus Brinkmann  <marcus@g10code.de>
+
 	* acinclude.m4 (GNUPG_FIX_HDR_VERSION): Removed.
 	* configure.ac: Do not call GNUPG_FIX_HDR_VERSION.
 

Modified: trunk/configure.ac
===================================================================
--- trunk/configure.ac	2006-10-11 12:01:17 UTC (rev 1181)
+++ trunk/configure.ac	2006-10-11 12:25:50 UTC (rev 1182)
@@ -521,7 +521,14 @@
 GNUPG_CHECK_TYPEDEF(u32, HAVE_U32_TYPEDEF)
 
 gl_TYPE_SOCKLEN_T
+if test ".$gl_cv_socklen_t_equiv" = "."; then
+  FALLBACK_SOCKLEN_T="/* typedef socklen_t socklen_t; */"
+else
+  FALLBACK_SOCKLEN_T="typedef ${gl_cv_socklen_t_equiv} socklen_t;"
+fi
+AC_SUBST(FALLBACK_SOCKLEN_T)
 
+
 #######################################
 #### Checks for library functions. ####
 #######################################
@@ -845,18 +852,7 @@
 AC_SUBST(LIBGCRYPT_PUBKEY_CIPHERS, $enabled_pubkey_ciphers)
 AC_SUBST(LIBGCRYPT_DIGESTS, $enabled_digests)
 
-dnl # Fallback definitions for gcrypt.h:
-dnl #
-dnl # check for network/socket size type
-AC_CHECK_SOCKLENTYPE([
-FALLBACK_SOCKLEN_T="typedef ${ac_type} socklen_t;"
-if test ".$ac_type" = ".socklen_t"; then
-    FALLBACK_SOCKLEN_T="/* $FALLBACK_SOCKLEN_T */"
-fi
-AC_SUBST(FALLBACK_SOCKLEN_T)
-])
 
-
 AC_CONFIG_FILES([
 Makefile
 mpi/Makefile

Modified: trunk/m4/ChangeLog
===================================================================
--- trunk/m4/ChangeLog	2006-10-11 12:01:17 UTC (rev 1181)
+++ trunk/m4/ChangeLog	2006-10-11 12:25:50 UTC (rev 1182)
@@ -1,3 +1,7 @@
+2006-10-11  Marcus Brinkmann  <marcus@g10code.de>
+
+	* fallback.m4: Removed again.
+
 2006-10-10  Marcus Brinkmann  <marcus@g10code.de>
 
 	* fallback.m4: New file from Pth.

Deleted: trunk/m4/fallback.m4


From cvs at cvs.gnupg.org  Wed Oct 11 19:52:17 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Wed Oct 11 19:21:33 2006
Subject: [svn] GnuPG -  r4297 - in trunk: . agent scd sm tools
Message-ID: <E1GXhlo-0005Ac-7V@trithemius.gnupg.org>

Author: wk
Date: 2006-10-11 19:52:15 +0200 (Wed, 11 Oct 2006)
New Revision: 4297

Modified:
   trunk/NEWS
   trunk/agent/command.c
   trunk/configure.ac
   trunk/scd/ChangeLog
   trunk/scd/app-openpgp.c
   trunk/sm/ChangeLog
   trunk/sm/call-agent.c
   trunk/sm/certreqgen.c
   trunk/sm/gpgsm.h
   trunk/tools/ChangeLog
   trunk/tools/gpgsm-gencert.sh
Log:
Allow pkcs#10 creation directkly from a smart card


Modified: trunk/NEWS
===================================================================
--- trunk/NEWS	2006-10-11 10:18:38 UTC (rev 4296)
+++ trunk/NEWS	2006-10-11 17:52:15 UTC (rev 4297)
@@ -1,3 +1,7 @@
+Noteworthy changes in version 1.9.93
+-------------------------------------------------
+
+
 Noteworthy changes in version 1.9.92 (2006-10-11)
 -------------------------------------------------
 

Modified: trunk/agent/command.c
===================================================================
--- trunk/agent/command.c	2006-10-11 10:18:38 UTC (rev 4296)
+++ trunk/agent/command.c	2006-10-11 17:52:15 UTC (rev 4297)
@@ -236,7 +236,7 @@
 }
 
 /* Parse the keygrip in STRING into the provided buffer BUF.  BUF must
-   provide space for 20 bytes. BUF is not changed if the fucntions
+   provide space for 20 bytes. BUF is not changed if the function
    returns an error. */
 static int
 parse_keygrip (assuan_context_t ctx, const char *string, unsigned char *buf)

Modified: trunk/configure.ac
===================================================================
--- trunk/configure.ac	2006-10-11 10:18:38 UTC (rev 4296)
+++ trunk/configure.ac	2006-10-11 17:52:15 UTC (rev 4297)
@@ -26,8 +26,8 @@
 # Remember to change the version number immediately *after* a release.
 # Set my_issvn to "yes" for non-released code.  Remember to run an
 # "svn up" and "autogen.sh" right before creating a distribution.
-m4_define([my_version], [1.9.92])
-m4_define([my_issvn], [no])
+m4_define([my_version], [1.9.93])
+m4_define([my_issvn], [yes])
 
 
 m4_define([svn_revision], m4_esyscmd([echo -n $((svn info 2>/dev/null \

Modified: trunk/scd/ChangeLog
===================================================================
--- trunk/scd/ChangeLog	2006-10-11 10:18:38 UTC (rev 4296)
+++ trunk/scd/ChangeLog	2006-10-11 17:52:15 UTC (rev 4297)
@@ -1,3 +1,7 @@
+2006-10-11  Werner Koch  <wk@g10code.com>
+
+	* app-openpgp.c (do_sign): Redirect to do_auth for OpenPGP.3.
+
 2006-10-06  Werner Koch  <wk@g10code.com>
 
 	* Makefile.am (AM_CFLAGS): Use PTH version of libassuan.

Modified: trunk/scd/app-openpgp.c
===================================================================
--- trunk/scd/app-openpgp.c	2006-10-11 10:18:38 UTC (rev 4296)
+++ trunk/scd/app-openpgp.c	2006-10-11 17:52:15 UTC (rev 4297)
@@ -142,6 +142,11 @@
 static unsigned long convert_sig_counter_value (const unsigned char *value,
                                                 size_t valuelen);
 static unsigned long get_sig_counter (app_t app);
+static gpg_error_t do_auth (app_t app, const char *keyidstr,
+                            gpg_error_t (*pincb)(void*, const char *, char **),
+                            void *pincb_arg,
+                            const void *indata, size_t indatalen,
+                            unsigned char **outdata, size_t *outdatalen);
 
 
 
@@ -2088,7 +2093,11 @@
    Note that this function may return the error code
    GPG_ERR_WRONG_CARD to indicate that the card currently present does
    not match the one required for the requested action (e.g. the
-   serial number does not match). */
+   serial number does not match). 
+   
+   As a special feature a KEYIDSTR of "OPENPGP.3" redirects the
+   operation to the auth command.
+*/
 static gpg_error_t 
 do_sign (app_t app, const char *keyidstr, int hashalgo,
          gpg_error_t (*pincb)(void*, const char *, char **),
@@ -2109,6 +2118,7 @@
   int n;
   const char *fpr = NULL;
   unsigned long sigcount;
+  int use_auth = 0;
 
   if (!keyidstr || !*keyidstr)
     return gpg_error (GPG_ERR_INV_VALUE);
@@ -2136,6 +2146,8 @@
   /* Check whether an OpenPGP card of any version has been requested. */
   if (!strcmp (keyidstr, "OPENPGP.1"))
     ;
+  else if (!strcmp (keyidstr, "OPENPGP.3"))
+    use_auth = 1;
   else if (strlen (keyidstr) < 32 || strncmp (keyidstr, "D27600012401", 12))
     return gpg_error (GPG_ERR_INV_ID);
   else
@@ -2178,6 +2190,14 @@
     return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
   memcpy (data+15, indata, indatalen);
 
+  if (use_auth)
+    {
+      /* This is a hack to redirect to the internal authenticate command.  */
+      return do_auth (app, "OPENPGP.3", pincb, pincb_arg,
+                      data, 35,
+                      outdata, outdatalen);
+    }
+
   sigcount = get_sig_counter (app);
   log_info (_("signatures created so far: %lu\n"), sigcount);
 

Modified: trunk/sm/ChangeLog
===================================================================
--- trunk/sm/ChangeLog	2006-10-11 10:18:38 UTC (rev 4296)
+++ trunk/sm/ChangeLog	2006-10-11 17:52:15 UTC (rev 4297)
@@ -1,3 +1,10 @@
+2006-10-11  Werner Koch  <wk@g10code.com>
+
+	* certreqgen.c (proc_parameters, create_request): Allow for
+	creation directly from a card.
+	* call-agent.c (gpgsm_agent_readkey): New arg FROMCARD.
+	(gpgsm_scd_pksign): New.
+
 2006-10-06  Werner Koch  <wk@g10code.com>
 
 	* Makefile.am (AM_CFLAGS): Use PTH version of libassuan.

Modified: trunk/sm/call-agent.c
===================================================================
--- trunk/sm/call-agent.c	2006-10-11 10:18:38 UTC (rev 4296)
+++ trunk/sm/call-agent.c	2006-10-11 17:52:15 UTC (rev 4297)
@@ -271,7 +271,85 @@
 }
 
 
+/* Call the scdaemon to do a sign operation using the key identified by
+   the hex string KEYID. */
+int
+gpgsm_scd_pksign (ctrl_t ctrl, const char *keyid, const char *desc,
+                  unsigned char *digest, size_t digestlen, int digestalgo,
+                  unsigned char **r_buf, size_t *r_buflen )
+{
+  int rc, i;
+  char *p, line[ASSUAN_LINELENGTH];
+  membuf_t data;
+  size_t len;
+  const char *hashopt;
+  unsigned char *sigbuf;
+  size_t sigbuflen;
 
+  *r_buf = NULL;
+
+  switch(digestalgo)
+    {
+    case GCRY_MD_SHA1:  hashopt = "--hash=sha1"; break;
+    case GCRY_MD_RMD160:hashopt = "--hash=rmd160"; break;
+    case GCRY_MD_MD5:   hashopt = "--hash=md5"; break;
+    case GCRY_MD_SHA256:hashopt = "--hash=sha256"; break;
+    default: 
+      return gpg_error (GPG_ERR_DIGEST_ALGO);
+    }
+
+  rc = start_agent (ctrl);
+  if (rc)
+    return rc;
+
+  if (digestlen*2 + 50 > DIM(line))
+    return gpg_error (GPG_ERR_GENERAL);
+
+  p = stpcpy (line, "SCD SETDATA " );
+  for (i=0; i < digestlen ; i++, p += 2 )
+    sprintf (p, "%02X", digest[i]);
+  rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
+  if (rc)
+    return rc;
+
+  init_membuf (&data, 1024);
+
+  snprintf (line, DIM(line)-1, "SCD PKSIGN %s %s", hashopt, keyid);
+  line[DIM(line)-1] = 0;
+  rc = assuan_transact (agent_ctx, line,
+                        membuf_data_cb, &data, NULL, NULL, NULL, NULL);
+  if (rc)
+    {
+      xfree (get_membuf (&data, &len));
+      return rc;
+    }
+  sigbuf = get_membuf (&data, &sigbuflen);
+
+  /* Create an S-expression from it which is formatted like this:
+     "(7:sig-val(3:rsa(1:sSIGBUFLEN:SIGBUF)))" Fixme: If a card ever
+     creates non-RSA keys we need to change things. */
+  *r_buflen = 21 + 11 + sigbuflen + 4;
+  p = xtrymalloc (*r_buflen);
+  *r_buf = (unsigned char*)p;
+  if (!p)
+    {
+      xfree (sigbuf);
+      return 0;
+    }
+  p = stpcpy (p, "(7:sig-val(3:rsa(1:s" );
+  sprintf (p, "%u:", (unsigned int)sigbuflen);
+  p += strlen (p);
+  memcpy (p, sigbuf, sigbuflen);
+  p += sigbuflen;
+  strcpy (p, ")))");
+  xfree (sigbuf);
+
+  assert (gcry_sexp_canon_len (*r_buf, *r_buflen, NULL, NULL));
+  return  0;
+}
+
+
+
 
 /* Handle a CIPHERTEXT inquiry.  Note, we only send the data,
    assuan_transact talkes care of flushing and writing the end */
@@ -449,9 +527,12 @@
 }
 
 
-/* Call the agent to read the public key part for a given keygrip.  */
+/* Call the agent to read the public key part for a given keygrip.  If
+   FROMCARD is true, the key is directly read from the current
+   smartcard. In this case HEXKEYGRIP should be the keyID
+   (e.g. OPENPGP.3). */
 int
-gpgsm_agent_readkey (ctrl_t ctrl, const char *hexkeygrip,
+gpgsm_agent_readkey (ctrl_t ctrl, int fromcard, const char *hexkeygrip,
                      ksba_sexp_t *r_pubkey)
 {
   int rc;
@@ -469,7 +550,8 @@
   if (rc)
     return rc;
 
-  snprintf (line, DIM(line)-1, "READKEY %s", hexkeygrip);
+  snprintf (line, DIM(line)-1, "%sREADKEY %s",
+            fromcard? "SCD ":"", hexkeygrip);
   line[DIM(line)-1] = 0;
 
   init_membuf (&data, 1024);

Modified: trunk/sm/certreqgen.c
===================================================================
--- trunk/sm/certreqgen.c	2006-10-11 10:18:38 UTC (rev 4296)
+++ trunk/sm/certreqgen.c	2006-10-11 17:52:15 UTC (rev 4297)
@@ -148,6 +148,7 @@
                             struct reqgen_ctrl_s *outctrl);
 static int create_request (ctrl_t ctrl,
                            struct para_data_s *para,
+                           const char *carddirect,
                            ksba_const_sexp_t public,
                            struct reqgen_ctrl_s *outctrl);
 
@@ -452,16 +453,25 @@
   ksba_sexp_t public;
   int seq;
   size_t erroff, errlen;
+  char *cardkeyid = NULL;
 
   /* Check that we have all required parameters; */
   assert (get_parameter (para, pKEYTYPE, 0));
 
-  /* We can only use RSA for now.  There is a with pkcs-10 on how to
-     use ElGamal because it is expected that a PK algorithm can always
-     be used for signing. */
+  /* We can only use RSA for now.  There is a problem with pkcs-10 on
+     how to use ElGamal because it is expected that a PK algorithm can
+     always be used for signing. Another problem is that on-card
+     generated encryption keys may not be used for signing.  */
   i = get_parameter_algo (para, pKEYTYPE);
-  if (i < 1 || i != GCRY_PK_RSA )
+  if (!i && (s = get_parameter_value (para, pKEYTYPE, 0)) && *s)
     {
+      /* Hack to allow creation of certificates directly from a smart
+         card.  For example: "Key-Type: card:OPENPGP.3".  */
+      if (!strncmp (s, "card:", 5) && s[5])
+        cardkeyid = xtrystrdup (s+5);
+    }
+  if ( (i < 1 || i != GCRY_PK_RSA) && !cardkeyid )
+    {
       r = get_parameter (para, pKEYTYPE, 0);
       log_error (_("line %d: invalid algorithm\n"), r->lnr);
       return gpg_error (GPG_ERR_INV_PARAMETER);
@@ -472,18 +482,22 @@
     nbits = 1024;
   else
     nbits = get_parameter_uint (para, pKEYLENGTH);
-  if (nbits < 1024 || nbits > 4096)
+  if ((nbits < 1024 || nbits > 4096) && !cardkeyid)
     {
       /* The BSI specs dated 2002-11-25 don't allow lengths below 1024. */
       r = get_parameter (para, pKEYLENGTH, 0);
       log_error (_("line %d: invalid key length %u (valid are %d to %d)\n"),
                  r->lnr, nbits, 1024, 4096);
+      xfree (cardkeyid);
       return gpg_error (GPG_ERR_INV_PARAMETER);
     }
     
   /* Check the usage. */
   if (parse_parameter_usage (para, pKEYUSAGE))
-    return gpg_error (GPG_ERR_INV_PARAMETER);
+    {
+      xfree (cardkeyid);
+      return gpg_error (GPG_ERR_INV_PARAMETER);
+    }
 
   /* Check that there is a subject name and that this DN fits our
      requirements. */
@@ -491,6 +505,7 @@
     {
       r = get_parameter (para, pNAMEDN, 0);
       log_error (_("line %d: no subject name given\n"), r->lnr);
+      xfree (cardkeyid);
       return gpg_error (GPG_ERR_INV_PARAMETER);
     }
   err = ksba_dn_teststr (s, 0, &erroff, &errlen);
@@ -504,6 +519,7 @@
         log_error (_("line %d: invalid subject name `%s' at pos %d\n"),
                    r->lnr, s, erroff);
 
+      xfree (cardkeyid);
       return gpg_error (GPG_ERR_INV_PARAMETER);
     }
 
@@ -518,19 +534,32 @@
         {
           r = get_parameter (para, pNAMEEMAIL, seq);
           log_error (_("line %d: not a valid email address\n"), r->lnr);
+          xfree (cardkeyid);
           return gpg_error (GPG_ERR_INV_PARAMETER);
         }
     }
 
-  s = get_parameter_value (para, pKEYGRIP, 0);
-  if (s) /* Use existing key.  */
+  if (cardkeyid) /* Take the key from the current smart card. */
     {
-      rc = gpgsm_agent_readkey (ctrl, s, &public);
+      rc = gpgsm_agent_readkey (ctrl, 1, cardkeyid, &public);
       if (rc)
         {
           r = get_parameter (para, pKEYTYPE, 0);
+          log_error (_("line %d: error reading key `%s' from card: %s\n"),
+                     r->lnr, cardkeyid, gpg_strerror (rc));
+          xfree (cardkeyid);
+          return rc;
+        }
+    }
+  else if ((s=get_parameter_value (para, pKEYGRIP, 0))) /* Use existing key.*/
+    {
+      rc = gpgsm_agent_readkey (ctrl, 0, s, &public);
+      if (rc)
+        {
+          r = get_parameter (para, pKEYTYPE, 0);
           log_error (_("line %d: error getting key by keygrip `%s': %s\n"),
                      r->lnr, s, gpg_strerror (rc));
+          xfree (cardkeyid);
           return rc;
         }
     }
@@ -546,12 +575,14 @@
           r = get_parameter (para, pKEYTYPE, 0);
           log_error (_("line %d: key generation failed: %s\n"),
                      r->lnr, gpg_strerror (rc));
+          xfree (cardkeyid);
           return rc;
         }
     }
 
-  rc = create_request (ctrl, para, public, outctrl);
+  rc = create_request (ctrl, para, cardkeyid, public, outctrl);
   xfree (public);
+  xfree (cardkeyid);
 
   return rc;
 }
@@ -560,8 +591,10 @@
 /* Parameters are checked, the key pair has been created.  Now
    generate the request and write it out */
 static int
-create_request (ctrl_t ctrl,
-                struct para_data_s *para, ksba_const_sexp_t public,
+create_request (ctrl_t ctrl, 
+                struct para_data_s *para, 
+                const char *carddirect,
+                ksba_const_sexp_t public,
                 struct reqgen_ctrl_s *outctrl)
 {
   ksba_certreq_t cr;
@@ -758,11 +791,18 @@
           for (n=0; n < 20; n++)
             sprintf (hexgrip+n*2, "%02X", grip[n]);
 
-          rc = gpgsm_agent_pksign (ctrl, hexgrip, NULL,
-                                   gcry_md_read(md, GCRY_MD_SHA1), 
-                                   gcry_md_get_algo_dlen (GCRY_MD_SHA1),
-                                   GCRY_MD_SHA1,
-                                   &sigval, &siglen);
+          if (carddirect)
+            rc = gpgsm_scd_pksign (ctrl, carddirect, NULL,
+                                     gcry_md_read(md, GCRY_MD_SHA1), 
+                                     gcry_md_get_algo_dlen (GCRY_MD_SHA1),
+                                     GCRY_MD_SHA1,
+                                     &sigval, &siglen);
+          else
+            rc = gpgsm_agent_pksign (ctrl, hexgrip, NULL,
+                                     gcry_md_read(md, GCRY_MD_SHA1), 
+                                     gcry_md_get_algo_dlen (GCRY_MD_SHA1),
+                                     GCRY_MD_SHA1,
+                                     &sigval, &siglen);
           if (rc)
             {
               log_error ("signing failed: %s\n", gpg_strerror (rc));

Modified: trunk/sm/gpgsm.h
===================================================================
--- trunk/sm/gpgsm.h	2006-10-11 10:18:38 UTC (rev 4296)
+++ trunk/sm/gpgsm.h	2006-10-11 17:52:15 UTC (rev 4297)
@@ -322,12 +322,15 @@
                         size_t digestlen,
                         int digestalgo,
                         unsigned char **r_buf, size_t *r_buflen);
+int gpgsm_scd_pksign (ctrl_t ctrl, const char *keyid, const char *desc,
+                      unsigned char *digest, size_t digestlen, int digestalgo,
+                      unsigned char **r_buf, size_t *r_buflen);
 int gpgsm_agent_pkdecrypt (ctrl_t ctrl, const char *keygrip, const char *desc,
                            ksba_const_sexp_t ciphertext, 
                            char **r_buf, size_t *r_buflen);
 int gpgsm_agent_genkey (ctrl_t ctrl,
                         ksba_const_sexp_t keyparms, ksba_sexp_t *r_pubkey);
-int gpgsm_agent_readkey (ctrl_t ctrl, const char *hexkeygrip,
+int gpgsm_agent_readkey (ctrl_t ctrl, int fromcard, const char *hexkeygrip,
                          ksba_sexp_t *r_pubkey);
 int gpgsm_agent_istrusted (ctrl_t ctrl, ksba_cert_t cert,
                            struct rootca_flags_s *rootca_flags);

Modified: trunk/tools/ChangeLog
===================================================================
--- trunk/tools/ChangeLog	2006-10-11 10:18:38 UTC (rev 4296)
+++ trunk/tools/ChangeLog	2006-10-11 17:52:15 UTC (rev 4297)
@@ -1,3 +1,7 @@
+2006-10-11  Werner Koch  <wk@g10code.com>
+
+	* gpgsm-gencert.sh: Allow generation of card keys.
+
 2006-10-08  Werner Koch  <wk@g10code.com>
 
 	* Makefile.am (gpgkey2ssh_LDADD): Add LIBINTL. Suggested by

Modified: trunk/tools/gpgsm-gencert.sh
===================================================================
--- trunk/tools/gpgsm-gencert.sh	2006-10-11 10:18:38 UTC (rev 4296)
+++ trunk/tools/gpgsm-gencert.sh	2006-10-11 17:52:15 UTC (rev 4297)
@@ -84,19 +84,27 @@
     echo "You selected: $ANSWER" >&2
 }
 
-query_user_menu "Key type" "RSA" "existing key"
-if [ "$ANSWER" = "existing key" ]; then
-  # User requested to use an existing key; need to set some dummy defaults
-  KEY_TYPE=RSA 
-  KEY_LENGTH=1024
-  query_user "Keygrip "
-  KEY_GRIP=$ANSWER
-else
-  KEY_TYPE=$ANSWER
-  query_user_menu "Key length" "1024" "2048"
-  KEY_LENGTH=$ANSWER
-  KEY_GRIP=
-fi
+query_user_menu "Key type" "RSA" "existing key" "OPENPGP.1" "OPENPGP.3"
+case "$ANSWER" in
+  RSA)
+    KEY_TYPE=$ANSWER
+    query_user_menu "Key length" "1024" "2048"
+    KEY_LENGTH=$ANSWER
+    KEY_GRIP=
+    ;;
+  existing*)
+    # User requested to use an existing key; need to set some dummy defaults
+    KEY_TYPE=RSA 
+    KEY_LENGTH=1024
+    query_user "Keygrip "
+    KEY_GRIP=$ANSWER
+    ;;
+  *) 
+    KEY_TYPE="card:$ANSWER"
+    KEY_LENGTH=
+    KEY_GRIP=
+    ;;
+esac
 
 
 query_user_menu "Key usage" "sign, encrypt" "sign" "encrypt"
@@ -162,7 +170,7 @@
     
 
 echo -e "$ASSUAN_COMMANDS" | \
-    gpgsm --no-log-file --debug-level none --debug-none \
+     gpgsm --no-log-file --debug-level none --debug-none \
            --server 4< "$file_parameter" 5>"$outfile" >/dev/null
 
 cat "$outfile"


From cvs at cvs.gnupg.org  Thu Oct 12 23:08:42 2006
From: cvs at cvs.gnupg.org (svn author marcus)
Date: Thu Oct 12 22:37:51 2006
Subject: [svn] gcry - r1183 - in trunk: . src
Message-ID: <E1GY7JK-0000ks-G8@trithemius.gnupg.org>

Author: marcus
Date: 2006-10-12 23:08:41 +0200 (Thu, 12 Oct 2006)
New Revision: 1183

Modified:
   trunk/ChangeLog
   trunk/configure.ac
   trunk/src/ChangeLog
   trunk/src/gcrypt.h.in
Log:
2006-10-12  Marcus Brinkmann  <marcus@g10code.de>

        * configure.ac (FALLBACK_SOCKLEN_T): Third time is a charm.
        Define gcry_socklen_t, to avoid conflicts with socklen_t
        definitions by autoconf.

src/
2006-10-12  Marcus Brinkmann  <marcus@g10code.de>

        * gcrypt.h.in: Replace socklen_t with gcry_socklen_t.



Modified: trunk/ChangeLog
===================================================================
--- trunk/ChangeLog	2006-10-11 12:25:50 UTC (rev 1182)
+++ trunk/ChangeLog	2006-10-12 21:08:41 UTC (rev 1183)
@@ -1,3 +1,9 @@
+2006-10-12  Marcus Brinkmann  <marcus@g10code.de>
+
+	* configure.ac (FALLBACK_SOCKLEN_T): Third time is a charm.
+	Define gcry_socklen_t, to avoid conflicts with socklen_t
+	definitions by autoconf.
+
 2006-10-11  Marcus Brinkmann  <marcus@g10code.de>
 
 	* configure.ac (FALLBACK_SOCKLEN_T): Rewrite in terms of

Modified: trunk/configure.ac
===================================================================
--- trunk/configure.ac	2006-10-11 12:25:50 UTC (rev 1182)
+++ trunk/configure.ac	2006-10-12 21:08:41 UTC (rev 1183)
@@ -522,9 +522,9 @@
 
 gl_TYPE_SOCKLEN_T
 if test ".$gl_cv_socklen_t_equiv" = "."; then
-  FALLBACK_SOCKLEN_T="/* typedef socklen_t socklen_t; */"
+  FALLBACK_SOCKLEN_T="typedef socklen_t gcry_socklen_t; */"
 else
-  FALLBACK_SOCKLEN_T="typedef ${gl_cv_socklen_t_equiv} socklen_t;"
+  FALLBACK_SOCKLEN_T="typedef ${gl_cv_socklen_t_equiv} gcry_socklen_t;"
 fi
 AC_SUBST(FALLBACK_SOCKLEN_T)
 

Modified: trunk/src/ChangeLog
===================================================================
--- trunk/src/ChangeLog	2006-10-11 12:25:50 UTC (rev 1182)
+++ trunk/src/ChangeLog	2006-10-12 21:08:41 UTC (rev 1183)
@@ -1,3 +1,7 @@
+2006-10-12  Marcus Brinkmann  <marcus@g10code.de>
+
+	* gcrypt.h.in: Replace socklen_t with gcry_socklen_t.
+
 2006-10-11  Marcus Brinkmann  <marcus@g10code.de>
 
 	* gcrypt.h.in: Replace version by @VERSION@.

Modified: trunk/src/gcrypt.h.in
===================================================================
--- trunk/src/gcrypt.h.in	2006-10-11 12:25:50 UTC (rev 1182)
+++ trunk/src/gcrypt.h.in	2006-10-12 21:08:41 UTC (rev 1183)
@@ -184,15 +184,15 @@
 		     struct timeval *timeout);
   ssize_t (*waitpid) (pid_t pid, int *status, int options);
   int (*accept) (int s, void  *addr, int *length_ptr);
-  int (*connect) (int s, void *addr, socklen_t length);
+  int (*connect) (int s, void *addr, gcry_socklen_t length);
   int (*sendmsg) (int s, const void *msg, int flags);
   int (*recvmsg) (int s, void *msg, int flags);
 #else
   ssize_t (*select) (int nfd, fd_set *rset, fd_set *wset, fd_set *eset,
 		     struct timeval *timeout);
   ssize_t (*waitpid) (pid_t pid, int *status, int options);
-  int (*accept) (int s, struct sockaddr *addr, socklen_t *length_ptr);
-  int (*connect) (int s, struct sockaddr *addr, socklen_t length);
+  int (*accept) (int s, struct sockaddr *addr, gcry_socklen_t *length_ptr);
+  int (*connect) (int s, struct sockaddr *addr, gcry_socklen_t length);
   int (*sendmsg) (int s, const struct msghdr *msg, int flags);
   int (*recvmsg) (int s, struct msghdr *msg, int flags);
 #endif
@@ -240,9 +240,10 @@
 static ssize_t gcry_pth_waitpid (pid_t pid, int *status, int options)	      \
   { return pth_waitpid (pid, status, options); }			      \
 static int gcry_pth_accept (int s, struct sockaddr *addr,		      \
-			    socklen_t *length_ptr)			      \
+			    gcry_socklen_t *length_ptr)			      \
   { return pth_accept (s, addr, length_ptr); }				      \
-static int gcry_pth_connect (int s, struct sockaddr *addr, socklen_t length)  \
+static int gcry_pth_connect (int s, struct sockaddr *addr,		      \
+			     gcry_socklen_t length)			      \
   { return pth_connect (s, addr, length); }				      \
 									      \
 /* FIXME: GNU Pth is missing pth_sendmsg and pth_recvmsg.  */		      \


From cvs at cvs.gnupg.org  Thu Oct 12 23:22:35 2006
From: cvs at cvs.gnupg.org (svn author marcus)
Date: Thu Oct 12 22:51:44 2006
Subject: [svn] gcry - r1184 - in trunk: . src
Message-ID: <E1GY7Wl-0003Ly-Bi@trithemius.gnupg.org>

Author: marcus
Date: 2006-10-12 23:22:35 +0200 (Thu, 12 Oct 2006)
New Revision: 1184

Modified:
   trunk/configure.ac
   trunk/src/gcrypt.h.in
Log:
Fix small typos that I should have fixed before committing the last 
change.


Modified: trunk/configure.ac
===================================================================
--- trunk/configure.ac	2006-10-12 21:08:41 UTC (rev 1183)
+++ trunk/configure.ac	2006-10-12 21:22:35 UTC (rev 1184)
@@ -522,7 +522,7 @@
 
 gl_TYPE_SOCKLEN_T
 if test ".$gl_cv_socklen_t_equiv" = "."; then
-  FALLBACK_SOCKLEN_T="typedef socklen_t gcry_socklen_t; */"
+  FALLBACK_SOCKLEN_T="typedef socklen_t gcry_socklen_t;"
 else
   FALLBACK_SOCKLEN_T="typedef ${gl_cv_socklen_t_equiv} gcry_socklen_t;"
 fi

Modified: trunk/src/gcrypt.h.in
===================================================================
--- trunk/src/gcrypt.h.in	2006-10-12 21:08:41 UTC (rev 1183)
+++ trunk/src/gcrypt.h.in	2006-10-12 21:22:35 UTC (rev 1184)
@@ -29,8 +29,6 @@
 
 #include <sys/types.h>
 
-@FALLBACK_SOCKLEN_T@
-
 #if defined _WIN32 || defined __WIN32__
 # include <winsock2.h>
 # include <ws2tcpip.h>
@@ -38,6 +36,8 @@
 # include <sys/socket.h>
 #endif /*!_WIN32*/
 
+@FALLBACK_SOCKLEN_T@
+
 #include <sys/time.h>
 
 /* This is required for error code compatibility. */


From cvs at cvs.gnupg.org  Fri Oct 13 05:44:36 2006
From: cvs at cvs.gnupg.org (svn author dshaw)
Date: Fri Oct 13 05:13:51 2006
Subject: [svn] GnuPG -  r4298 - branches/STABLE-BRANCH-1-4/g10
Message-ID: <E1GYDUR-0005o2-6o@trithemius.gnupg.org>

Author: dshaw
Date: 2006-10-13 05:44:34 +0200 (Fri, 13 Oct 2006)
New Revision: 4298

Modified:
   branches/STABLE-BRANCH-1-4/g10/gpg.c
   branches/STABLE-BRANCH-1-4/g10/main.h
   branches/STABLE-BRANCH-1-4/g10/options.h
   branches/STABLE-BRANCH-1-4/g10/parse-packet.c
   branches/STABLE-BRANCH-1-4/g10/passphrase.c
Log:
* parse-packet.c (parse_symkeyenc): Show the unpacked as well as the
packed s2k iteration count.
	
* main.h, options.h, gpg.c (encode_s2k_iterations, main), passphrase.c
(hash_passphrase): Add --s2k-count option to specify the number of s2k
hash iterations.


Modified: branches/STABLE-BRANCH-1-4/g10/gpg.c
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/gpg.c	2006-10-11 17:52:15 UTC (rev 4297)
+++ branches/STABLE-BRANCH-1-4/g10/gpg.c	2006-10-13 03:44:34 UTC (rev 4298)
@@ -274,6 +274,7 @@
     oS2KMode,
     oS2KDigest,
     oS2KCipher,
+    oS2KCount,
     oSimpleSKChecksum,                          
     oDisplayCharset,
     oNotDashEscaped,
@@ -534,6 +535,7 @@
     { oS2KMode, "s2k-mode", 1, "@"},
     { oS2KDigest, "s2k-digest-algo", 2, "@"},
     { oS2KCipher, "s2k-cipher-algo", 2, "@"},
+    { oS2KCount, "s2k-count", 1, "@"},
     { oSimpleSKChecksum, "simple-sk-checksum", 0, "@"},
     { oCipherAlgo, "cipher-algo", 2, "@"},
     { oDigestAlgo, "digest-algo", 2, "@"},
@@ -1688,6 +1690,32 @@
 #endif /* HAVE_STAT && !HAVE_W32_SYSTEM */
 }
 
+/* Pack an s2k iteration count into the form specified in 2440.  If
+   we're in between valid values, round up. */
+static unsigned char
+encode_s2k_iterations(int iterations)
+{
+  unsigned char c=0,result;
+  unsigned int count;
+
+  if(iterations<=1024)
+    return 0;
+
+  if(iterations>=65011712)
+    return 255;
+
+  /* Need count to be in the range 16-31 */
+  for(count=iterations>>6;count>=32;count>>=1)
+    c++;
+
+  result=(c<<4)|(count-16);
+
+  if(S2K_DECODE_COUNT(result)<iterations)
+    result++;
+
+  return result;
+}
+
 int
 main (int argc, char **argv )
 {
@@ -1760,6 +1788,7 @@
     opt.cert_digest_algo = 0;
     opt.compress_algo = -1; /* defaults to DEFAULT_COMPRESS_ALGO */
     opt.s2k_mode = 3; /* iterated+salted */
+    opt.s2k_count = 96; /* 65536 iterations */
 #ifdef USE_CAST5
     opt.s2k_cipher_algo = CIPHER_ALGO_CAST5;
 #else
@@ -2333,6 +2362,9 @@
 	  case oS2KMode:   opt.s2k_mode = pargs.r.ret_int; break;
 	  case oS2KDigest: s2k_digest_string = xstrdup(pargs.r.ret_str); break;
 	  case oS2KCipher: s2k_cipher_string = xstrdup(pargs.r.ret_str); break;
+	  case oS2KCount:
+	    opt.s2k_count=encode_s2k_iterations(pargs.r.ret_int);
+	    break;
           case oSimpleSKChecksum: opt.simple_sk_checksum = 1; break;
 	  case oNoEncryptTo: opt.no_encrypt_to = 1; break;
 	  case oEncryptTo: /* store the recipient in the second list */

Modified: branches/STABLE-BRANCH-1-4/g10/main.h
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/main.h	2006-10-11 17:52:15 UTC (rev 4297)
+++ branches/STABLE-BRANCH-1-4/g10/main.h	2006-10-13 03:44:34 UTC (rev 4298)
@@ -295,4 +295,6 @@
 int  card_store_subkey (KBNODE node, int use);
 #endif
 
+#define S2K_DECODE_COUNT(_val) ((16ul + ((_val) & 15)) << (((_val) >> 4) + 6))
+
 #endif /*G10_MAIN_H*/

Modified: branches/STABLE-BRANCH-1-4/g10/options.h
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/options.h	2006-10-11 17:52:15 UTC (rev 4297)
+++ branches/STABLE-BRANCH-1-4/g10/options.h	2006-10-13 03:44:34 UTC (rev 4298)
@@ -120,8 +120,10 @@
   int s2k_mode;
   int s2k_digest_algo;
   int s2k_cipher_algo;
-  int simple_sk_checksum; /* create the deprecated rfc2440 secret
-			     key protection*/
+  unsigned char s2k_count; /* This is the encoded form, not the raw
+			      count */
+  int simple_sk_checksum; /* create the deprecated rfc2440 secret key
+			     protection */
   int not_dash_escaped;
   int escape_from;
   int lock_once;

Modified: branches/STABLE-BRANCH-1-4/g10/parse-packet.c
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/parse-packet.c	2006-10-11 17:52:15 UTC (rev 4297)
+++ branches/STABLE-BRANCH-1-4/g10/parse-packet.c	2006-10-13 03:44:34 UTC (rev 4298)
@@ -721,7 +721,9 @@
 	    for(i=0; i < 8; i++ )
 		fprintf (listfp, "%02x", k->s2k.salt[i]);
 	    if( s2kmode == 3 )
-		fprintf (listfp, ", count %lu", (ulong)k->s2k.count );
+		fprintf (listfp, ", count %lu (%lu)",
+			 S2K_DECODE_COUNT((ulong)k->s2k.count),
+			 (ulong)k->s2k.count );
 	    fprintf (listfp, "\n");
 	}
     }

Modified: branches/STABLE-BRANCH-1-4/g10/passphrase.c
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/passphrase.c	2006-10-11 17:52:15 UTC (rev 4297)
+++ branches/STABLE-BRANCH-1-4/g10/passphrase.c	2006-10-13 03:44:34 UTC (rev 4298)
@@ -1036,11 +1036,11 @@
 	    if( create && !pass ) {
 		randomize_buffer(s2k->salt, 8, 1);
 		if( s2k->mode == 3 )
-		    s2k->count = 96; /* 65536 iterations */
+		    s2k->count = opt.s2k_count;
 	    }
 
 	    if( s2k->mode == 3 ) {
-		count = (16ul + (s2k->count & 15)) << ((s2k->count >> 4) + 6);
+		count = S2K_DECODE_COUNT(s2k->count);
 		if( count < len2 )
 		    count = len2;
 	    }


From cvs at cvs.gnupg.org  Fri Oct 13 06:06:25 2006
From: cvs at cvs.gnupg.org (svn author dshaw)
Date: Fri Oct 13 05:35:32 2006
Subject: [svn] GnuPG -  r4299 - trunk/g10
Message-ID: <E1GYDpY-0007JI-3r@trithemius.gnupg.org>

Author: dshaw
Date: 2006-10-13 06:06:24 +0200 (Fri, 13 Oct 2006)
New Revision: 4299

Modified:
   trunk/g10/ChangeLog
   trunk/g10/gpg.c
   trunk/g10/main.h
   trunk/g10/options.h
   trunk/g10/parse-packet.c
   trunk/g10/passphrase.c
Log:
* parse-packet.c (parse_symkeyenc): Show the unpacked as well as the
packed s2k iteration count.

* main.h, options.h, gpg.c (encode_s2k_iterations, main), passphrase.c
(hash_passphrase): Add --s2k-count option to specify the number of s2k
hash iterations.


Modified: trunk/g10/ChangeLog
===================================================================
--- trunk/g10/ChangeLog	2006-10-13 03:44:34 UTC (rev 4298)
+++ trunk/g10/ChangeLog	2006-10-13 04:06:24 UTC (rev 4299)
@@ -1,3 +1,12 @@
+2006-10-12  David Shaw  <dshaw@jabberwocky.com>
+
+	* parse-packet.c (parse_symkeyenc): Show the unpacked as well as
+	the packed s2k iteration count.
+
+	* main.h, options.h, gpg.c (encode_s2k_iterations, main),
+	passphrase.c (hash_passphrase): Add --s2k-count option to specify
+	the number of s2k hash iterations.
+
 2006-10-08  Werner Koch  <wk@g10code.com>
 
 	* gpgv.c: Remove the tty stubs as we are now required to link to

Modified: trunk/g10/gpg.c
===================================================================
--- trunk/g10/gpg.c	2006-10-13 03:44:34 UTC (rev 4298)
+++ trunk/g10/gpg.c	2006-10-13 04:06:24 UTC (rev 4299)
@@ -265,6 +265,7 @@
     oS2KMode,
     oS2KDigest,
     oS2KCipher,
+    oS2KCount,
     oSimpleSKChecksum,                          
     oDisplayCharset,
     oNotDashEscaped,
@@ -523,6 +524,7 @@
     { oS2KMode, "s2k-mode", 1, "@"},
     { oS2KDigest, "s2k-digest-algo", 2, "@"},
     { oS2KCipher, "s2k-cipher-algo", 2, "@"},
+    { oS2KCount, "s2k-count", 1, "@"},
     { oSimpleSKChecksum, "simple-sk-checksum", 0, "@"},
     { oCipherAlgo, "cipher-algo", 2, "@"},
     { oDigestAlgo, "digest-algo", 2, "@"},
@@ -1708,7 +1710,32 @@
 #endif /* HAVE_STAT && !HAVE_W32_SYSTEM */
 }
 
+/* Pack an s2k iteration count into the form specified in 2440.  If
+   we're in between valid values, round up. */
+static unsigned char
+encode_s2k_iterations(int iterations)
+{
+  unsigned char c=0,result;
+  unsigned int count;
 
+  if(iterations<=1024)
+    return 0;
+
+  if(iterations>=65011712)
+    return 255;
+
+  /* Need count to be in the range 16-31 */
+  for(count=iterations>>6;count>=32;count>>=1)
+    c++;
+
+  result=(c<<4)|(count-16);
+
+  if(S2K_DECODE_COUNT(result)<iterations)
+    result++;
+
+  return result;
+}
+
 int
 main (int argc, char **argv )
 {
@@ -1800,6 +1827,7 @@
     opt.cert_digest_algo = 0;
     opt.compress_algo = -1; /* defaults to DEFAULT_COMPRESS_ALGO */
     opt.s2k_mode = 3; /* iterated+salted */
+    opt.s2k_count = 96; /* 65536 iterations */
 #ifdef USE_CAST5
     opt.s2k_cipher_algo = CIPHER_ALGO_CAST5;
 #else
@@ -2315,6 +2343,9 @@
 	  case oS2KMode:   opt.s2k_mode = pargs.r.ret_int; break;
 	  case oS2KDigest: s2k_digest_string = xstrdup(pargs.r.ret_str); break;
 	  case oS2KCipher: s2k_cipher_string = xstrdup(pargs.r.ret_str); break;
+	  case oS2KCount:
+	    opt.s2k_count=encode_s2k_iterations(pargs.r.ret_int);
+	    break;
           case oSimpleSKChecksum: opt.simple_sk_checksum = 1; break;
 	  case oNoEncryptTo: opt.no_encrypt_to = 1; break;
 	  case oEncryptTo: /* store the recipient in the second list */

Modified: trunk/g10/main.h
===================================================================
--- trunk/g10/main.h	2006-10-13 03:44:34 UTC (rev 4298)
+++ trunk/g10/main.h	2006-10-13 04:06:24 UTC (rev 4299)
@@ -304,4 +304,6 @@
 int  card_store_subkey (KBNODE node, int use);
 #endif
 
+#define S2K_DECODE_COUNT(_val) ((16ul + ((_val) & 15)) << (((_val) >> 4) + 6))
+
 #endif /*G10_MAIN_H*/

Modified: trunk/g10/options.h
===================================================================
--- trunk/g10/options.h	2006-10-13 03:44:34 UTC (rev 4298)
+++ trunk/g10/options.h	2006-10-13 04:06:24 UTC (rev 4299)
@@ -120,8 +120,10 @@
   int s2k_mode;
   int s2k_digest_algo;
   int s2k_cipher_algo;
-  int simple_sk_checksum; /* create the deprecated rfc2440 secret
-			     key protection*/
+  unsigned char s2k_count; /* This is the encoded form, not the raw
+			      count */
+  int simple_sk_checksum; /* create the deprecated rfc2440 secret key
+			     protection */
   int not_dash_escaped;
   int escape_from;
   int lock_once;

Modified: trunk/g10/parse-packet.c
===================================================================
--- trunk/g10/parse-packet.c	2006-10-13 03:44:34 UTC (rev 4298)
+++ trunk/g10/parse-packet.c	2006-10-13 04:06:24 UTC (rev 4299)
@@ -775,7 +775,9 @@
 	    for(i=0; i < 8; i++ )
 		fprintf (listfp, "%02x", k->s2k.salt[i]);
 	    if( s2kmode == 3 )
-		fprintf (listfp, ", count %lu", (ulong)k->s2k.count );
+		fprintf (listfp, ", count %lu (%lu)",
+			 S2K_DECODE_COUNT((ulong)k->s2k.count),
+			 (ulong)k->s2k.count );
 	    fprintf (listfp, "\n");
 	}
     }

Modified: trunk/g10/passphrase.c
===================================================================
--- trunk/g10/passphrase.c	2006-10-13 03:44:34 UTC (rev 4298)
+++ trunk/g10/passphrase.c	2006-10-13 04:06:24 UTC (rev 4299)
@@ -88,12 +88,12 @@
             {
               gcry_randomize (s2k->salt, 8, GCRY_STRONG_RANDOM);
               if ( s2k->mode == 3 )
-                s2k->count = 96; /* 65536 iterations. */
+                s2k->count = opt.s2k_count;
 	    }
 
           if ( s2k->mode == 3 )
             {
-              count = (16ul + (s2k->count & 15)) << ((s2k->count >> 4) + 6);
+              count = S2K_DECODE_COUNT(s2k->count);
               if ( count < len2 )
                 count = len2;
 	    }


From cvs at cvs.gnupg.org  Fri Oct 13 06:09:56 2006
From: cvs at cvs.gnupg.org (svn author dshaw)
Date: Fri Oct 13 05:39:00 2006
Subject: [svn] GnuPG -  r4300 - trunk/doc
Message-ID: <E1GYDsw-00083X-Au@trithemius.gnupg.org>

Author: dshaw
Date: 2006-10-13 06:09:56 +0200 (Fri, 13 Oct 2006)
New Revision: 4300

Modified:
   trunk/doc/ChangeLog
   trunk/doc/gpg.texi
Log:
* gpg.texi: Document --s2k-count.


Modified: trunk/doc/ChangeLog
===================================================================
--- trunk/doc/ChangeLog	2006-10-13 04:06:24 UTC (rev 4299)
+++ trunk/doc/ChangeLog	2006-10-13 04:09:56 UTC (rev 4300)
@@ -1,3 +1,7 @@
+2006-10-12  David Shaw  <dshaw@jabberwocky.com>
+
+	* gpg.texi: Document --s2k-count.
+
 2006-09-25  Werner Koch  <wk@g10code.com>
 
 	* gpg.texi (GPG Examples): Add markup to all options.  This is

Modified: trunk/doc/gpg.texi
===================================================================
--- trunk/doc/gpg.texi	2006-10-13 04:06:24 UTC (rev 4299)
+++ trunk/doc/gpg.texi	2006-10-13 04:09:56 UTC (rev 4300)
@@ -1866,6 +1866,13 @@
 couple of times. Unless @option{--rfc1991} is used, this mode is also used for
 conventional encryption.
 
+@item --s2k-count @code{n}
+Specify how many times the passphrase mangling is repeated.  This
+value may range between 1024 and 65011712 inclusive, and the default
+is 65536.  Note that not all values in the 1024-65011712 range are
+legal and if an illegal value is selected, GnuPG will round up to the
+nearest legal value.  This option is only meaningful if
+@option{--s2k-mode} is 3.
 
 
 @end table


From cvs at cvs.gnupg.org  Fri Oct 13 09:18:31 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Fri Oct 13 08:47:49 2006
Subject: [svn] GPGol - r163 - in trunk: . po
Message-ID: <E1GYGpR-0007cI-EK@trithemius.gnupg.org>

Author: wk
Date: 2006-10-13 09:18:30 +0200 (Fri, 13 Oct 2006)
New Revision: 163

Modified:
   trunk/ChangeLog
   trunk/NEWS
   trunk/configure.ac
   trunk/po/de.po
Log:
Fixed a crash.


Modified: trunk/ChangeLog
===================================================================
--- trunk/ChangeLog	2006-09-06 11:28:22 UTC (rev 162)
+++ trunk/ChangeLog	2006-10-13 07:18:30 UTC (rev 163)
@@ -1,3 +1,7 @@
+2006-10-13  Werner Koch  <wk@g10code.com>
+
+	Released 0.9.91.
+
 2006-08-28  Werner Koch  <wk@g10code.com>
 
 	Released 0.9.90.

Modified: trunk/NEWS
===================================================================
--- trunk/NEWS	2006-09-06 11:28:22 UTC (rev 162)
+++ trunk/NEWS	2006-10-13 07:18:30 UTC (rev 163)
@@ -1,3 +1,9 @@
+Noteworthy changes for version 0.9.91 (2006-10-13)
+==================================================
+
+* Fixed a crash in the recipients dialog.
+
+
 Noteworthy changes for version 0.9.90 (2006-08-28)
 ==================================================
 

Modified: trunk/configure.ac
===================================================================
--- trunk/configure.ac	2006-09-06 11:28:22 UTC (rev 162)
+++ trunk/configure.ac	2006-10-13 07:18:30 UTC (rev 163)
@@ -16,7 +16,7 @@
 # Remember to change the version number immediately *after* a release.
 # Set my_issvn to "yes" for non-released code.  Remember to run an
 # "svn up" and "autogen.sh" right before creating a distribution.
-m4_define([my_version], [0.9.90])
+m4_define([my_version], [0.9.91])
 m4_define([my_issvn], [no])
 
 m4_define([svn_revision], m4_esyscmd([echo -n $((svn info 2>/dev/null \

Modified: trunk/po/de.po
===================================================================
--- trunk/po/de.po	2006-09-06 11:28:22 UTC (rev 162)
+++ trunk/po/de.po	2006-10-13 07:18:30 UTC (rev 163)
@@ -7,7 +7,7 @@
 msgstr ""
 "Project-Id-Version: GPGol 0.9.4\n"
 "Report-Msgid-Bugs-To: bug-gpgol@g10code.com\n"
-"POT-Creation-Date: 2006-04-25 17:46+0200\n"
+"POT-Creation-Date: 2006-08-28 15:44+0200\n"
 "PO-Revision-Date: 2006-04-24 16:41+0200\n"
 "Last-Translator: Werner Koch <wk@gnupg.org>\n"
 "Language-Team: de\n"
@@ -23,62 +23,62 @@
 msgid "Select GPG Key Manager"
 msgstr "Das Schl?sselverwaltungsprogramm festlegen"
 
-#: src/engine-gpgme.c:978
+#: src/engine-gpgme.c:979
 msgid "Fingerprint: "
 msgstr "Fingerabdruck: "
 
-#: src/engine-gpgme.c:1035
+#: src/engine-gpgme.c:1036
 msgid "This signature is valid\n"
 msgstr "Diese Unterschrift ist korrekt\n"
 
-#: src/engine-gpgme.c:1037
+#: src/engine-gpgme.c:1038
 msgid "signature state is \"green\"\n"
 msgstr "Status der Unterschrift ist \"gr?n\"\n"
 
-#: src/engine-gpgme.c:1039
+#: src/engine-gpgme.c:1040
 msgid "signature state is \"red\"\n"
 msgstr "Status der Unterschrift ist \"rot\"\n"
 
-#: src/engine-gpgme.c:1043
+#: src/engine-gpgme.c:1044
 msgid "Warning: One of the keys has been revoked\n"
 msgstr "Warnung: Einer der Schl?ssel wurde widerrufen\n"
 
-#: src/engine-gpgme.c:1053
+#: src/engine-gpgme.c:1054
 msgid "Warning: The key used to create the signature expired at: "
 msgstr ""
 "Warnung: Der Schl?ssel mit der diese Unterschrift erzeugt wurde verfiel am: "
 
-#: src/engine-gpgme.c:1059
+#: src/engine-gpgme.c:1060
 msgid "Warning: At least one certification key has expired\n"
 msgstr ""
 "Warnung: Mindestens einer der Zertifizierungsschl?ssel ist abgelaufen\n"
 
-#: src/engine-gpgme.c:1065
+#: src/engine-gpgme.c:1066
 msgid "Warning: The signature expired at: "
 msgstr "Die Unterschrift verfiel am: "
 
-#: src/engine-gpgme.c:1071
+#: src/engine-gpgme.c:1072
 msgid "Can't verify due to a missing key or certificate\n"
 msgstr ""
 "Aufrund eines fehlenden Schl?ssels ist eine ?berpr?fung nicht m?glich\n"
 
-#: src/engine-gpgme.c:1075
+#: src/engine-gpgme.c:1076
 msgid "The CRL is not available\n"
 msgstr "Die CRL ist nicht verf?gbar\n"
 
-#: src/engine-gpgme.c:1081
+#: src/engine-gpgme.c:1082
 msgid "Available CRL is too old\n"
 msgstr "Die vorhandene CRL ist zu alt\n"
 
-#: src/engine-gpgme.c:1086
+#: src/engine-gpgme.c:1087
 msgid "A policy requirement was not met\n"
 msgstr "Eine Richtlinie wurde nicht erf?llt\n"
 
-#: src/engine-gpgme.c:1092
+#: src/engine-gpgme.c:1093
 msgid "A system error occured"
 msgstr "Ein Systemfehler ist aufgetreten"
 
-#: src/engine-gpgme.c:1129
+#: src/engine-gpgme.c:1130
 msgid ""
 "WARNING: We have NO indication whether the key belongs to the person named "
 "as shown above\n"
@@ -86,12 +86,12 @@
 "WARNUNG: Es gibt keinen Hinweis darauf, ob der Schl?ssel wirklich der Person "
 "geh?rt, die oben angezeigt ist\n"
 
-#: src/engine-gpgme.c:1136
+#: src/engine-gpgme.c:1137
 msgid "WARNING: The key does NOT BELONG to the person named as shown above\n"
 msgstr ""
 "WARNUNG: Der Schl?ssel geh?rt NICHT der Person die oben angezeigt ist\n"
 
-#: src/engine-gpgme.c:1140
+#: src/engine-gpgme.c:1141
 msgid ""
 "WARNING: It is NOT certain that the key belongs to the person named as shown "
 "above\n"
@@ -99,43 +99,43 @@
 "WARNING: Es ist nicht sicher, da? der Schl?ssel der Person geh?rt, die oben "
 "angezeigt ist\n"
 
-#: src/engine-gpgme.c:1173
+#: src/engine-gpgme.c:1174
 msgid "Verification started at: "
 msgstr "?berpr?fung begann am: "
 
-#: src/engine-gpgme.c:1178
+#: src/engine-gpgme.c:1179
 msgid "Verification result for: "
 msgstr "Pr?fungsresultat f?r: "
 
-#: src/engine-gpgme.c:1179
+#: src/engine-gpgme.c:1180
 msgid "[unnamed part]"
 msgstr "[Unbenannter Teil]"
 
-#: src/engine-gpgme.c:1197 src/engine-gpgme.c:1227
+#: src/engine-gpgme.c:1198 src/engine-gpgme.c:1228
 msgid "Good signature from: "
 msgstr "Korrekte Unterschrift von: "
 
-#: src/engine-gpgme.c:1204
+#: src/engine-gpgme.c:1205
 msgid "                aka: "
 msgstr "                    alias: "
 
-#: src/engine-gpgme.c:1208 src/engine-gpgme.c:1230
+#: src/engine-gpgme.c:1209 src/engine-gpgme.c:1231
 msgid "            created: "
 msgstr "                  erzeugt: "
 
-#: src/engine-gpgme.c:1217
+#: src/engine-gpgme.c:1218
 msgid "*BAD* signature claimed to be from: "
 msgstr "*FALSCHE* Unterschrift, vorgeblich von: "
 
-#: src/engine-gpgme.c:1240
+#: src/engine-gpgme.c:1241
 msgid "Error checking signature"
 msgstr "Fehler beim Pr?fen der Unterschrift"
 
-#: src/engine-gpgme.c:1256
+#: src/engine-gpgme.c:1257
 msgid "*** Begin Notation (signature by: "
 msgstr "*** Anfang Notation (Unterschrift von: "
 
-#: src/engine-gpgme.c:1276
+#: src/engine-gpgme.c:1277
 msgid "*** End Notation ***\n"
 msgstr "*** Ende Notation ***\n"
 
@@ -315,102 +315,66 @@
 "Sie sicher, da? lediglich das Text Format ausgew?hlt wurde.\n"
 "(In der Men?leiste: \"Format\" => \"Nur Text\")"
 
-#: src/olflange.cpp:1336
+#: src/olflange.cpp:1337
 msgid "&Decrypt and verify message"
 msgstr "Entschl?sseln/Pr?fen der Nachricht"
 
-#: src/olflange.cpp:1374
+#: src/olflange.cpp:1375
 msgid "GPG &encrypt message"
 msgstr "Mit GPG &verschl?sseln"
 
-#: src/olflange.cpp:1380
+#: src/olflange.cpp:1381
 msgid "GPG &sign message"
 msgstr "Mit GPG unter&schreiben"
 
-#: src/olflange.cpp:1426
+#: src/olflange.cpp:1427
 msgid "GPG Key &Manager"
 msgstr "GPG Schl?ssel&verwaltung"
 
-#: src/olflange.cpp:1558
+#: src/olflange.cpp:1559
 msgid "Could not start Key-Manager"
 msgstr "Dei Schl?sselverwaltung konnte nicht aufgerufen werden"
 
-#: src/olflange.cpp:1604
+#: src/olflange.cpp:1605
 msgid "Decrypt and verify the message."
 msgstr "Entschl?sseln und Pr?fen der Nachricht."
 
-#: src/olflange.cpp:1612
+#: src/olflange.cpp:1613
 msgid "Select this option to encrypt the message."
 msgstr "W?hlen Sie diese Option zum Verschl?sseln der Nachricht."
 
-#: src/olflange.cpp:1618
+#: src/olflange.cpp:1619
 msgid "Select this option to sign the message."
 msgstr "W?hlen Sie diese Option zum Unterschreiben der Nachricht."
 
-#: src/olflange.cpp:1627 src/olflange.cpp:1688 src/olflange.cpp:1770
+#: src/olflange.cpp:1628 src/olflange.cpp:1689 src/olflange.cpp:1771
 msgid "Open GPG Key Manager"
 msgstr "Die GPG Schl?sselverwaltung ?ffnen"
 
-#: src/olflange.cpp:1657 src/olflange.cpp:1721
+#: src/olflange.cpp:1658 src/olflange.cpp:1722
 msgid "Decrypt message and verify signature"
 msgstr "Nachricht entschl?sseln und Unterschrift pr?fen"
 
-#: src/olflange.cpp:1668 src/olflange.cpp:1739
+#: src/olflange.cpp:1669 src/olflange.cpp:1740
 msgid "Encrypt message with GPG"
 msgstr "Nachricht mit GPG verschl?sseln"
 
-#: src/olflange.cpp:1677 src/olflange.cpp:1754
+#: src/olflange.cpp:1678 src/olflange.cpp:1755
 msgid "Sign message with GPG"
 msgstr "Nachricht mit GPG unterschreiben"
 
-#: src/passphrase-dialog.c:83
+#: src/passphrase-dialog.c:85
 msgid "No key hint given."
 msgstr "Kein Hinweis auf den Schl?ssel"
 
-#: src/passphrase-dialog.c:329 src/passphrase-dialog.c:473
+#: src/passphrase-dialog.c:330 src/passphrase-dialog.c:458
 msgid "Invalid passphrase; please try again..."
 msgstr "Ung?ltige Passphrase; bitte nochmal versuchen..."
 
-#: src/passphrase-dialog.c:346
+#: src/passphrase-dialog.c:357
 msgid "Select Signing Key"
 msgstr "Signaturschl?ssel ausw?hlen"
 
-#: src/passphrase-dialog.c:413 src/passphrase-dialog.c:532
-msgid ""
-"If you cancel this dialog, the message will be sent in cleartext!\n"
-"\n"
-"Do you really want to cancel?"
-msgstr ""
-"Wenn Sie diesen Dialog abbrechen, wird die Nachricht im Klartext "
-"ausgesendet!\n"
-"\n"
-"M?chten Sie wirklich abbrechen?"
-
-#: src/passphrase-dialog.c:419
-msgid ""
-"If you cancel this dialog, the message will be sent without signing.\n"
-"\n"
-"Do you really want to cancel?"
-msgstr ""
-"Wenn Sie diesen Dialog abbrechen, so wird die Nachricht ohne Unterschrift "
-"versendet.\n"
-"\n"
-"M?chten Sie wirklich abbrechen?"
-
-#: src/passphrase-dialog.c:428 src/passphrase-dialog.c:547
-msgid "Secret Key Dialog"
-msgstr "Auswahl des geheimen Schl?ssels"
-
-#: src/passphrase-dialog.c:538
-msgid ""
-"If you cancel this dialog, the message will be sent without signing.\n"
-"Do you really want to cancel?"
-msgstr ""
-"Wenn Sie diesen Dialog abbrechen, so wird die Nachricht ohne Unterschrift "
-"versendet.\n"
-"\n"
-"M?chten Sie wirklich abbrechen?"
-
 #: src/pgpmime.c:485
 msgid ""
 "Error creating file\n"
@@ -443,37 +407,22 @@
 msgid "[PGP/MIME signature]"
 msgstr "[PGP/MIME Signatur]"
 
-#: src/recipient-dialog.c:423
+#: src/recipient-dialog.c:410
 msgid "Please select at least one recipient key."
 msgstr "Bitte w?hlen Sie mindestens einen Empf?ngerschl?ssel."
 
-#: src/recipient-dialog.c:424 src/recipient-dialog.c:485
+#: src/recipient-dialog.c:411
 msgid "Recipient Dialog"
 msgstr "Auswahl des Empf?ngerschl?ssels"
 
-#: src/recipient-dialog.c:482
-msgid ""
-"If you cancel this dialog, the message will be sent in cleartext.\n"
-"\n"
-"Do you really want to cancel?"
-msgstr ""
-"Wenn Sie diesen Dialog abbrechen, so wird die NAchricht im Klartext "
-"versendet!\n"
-"\n"
-"M?chten Sie wirklich abbrechen?"
-
-#: src/recipient-dialog.c:560 src/verify-dialog.c:157
-msgid "User-ID not found"
-msgstr "User-ID nicht gefunden"
-
 #: src/verify-dialog.c:125
-msgid "Good signature"
-msgstr "Korrekte Unterschrift"
-
-#: src/verify-dialog.c:127
 msgid "BAD signature!"
 msgstr "FALSCHE Unterschrift!"
 
+#: src/verify-dialog.c:127
+msgid "Good signature"
+msgstr "Korrekte Unterschrift"
+
 #: src/verify-dialog.c:129
 msgid "Good signature from revoked key"
 msgstr "Korrekte Unterschrift; aber Schl?ssel wurde widerrufen"
@@ -494,6 +443,10 @@
 msgid "Verification error"
 msgstr "?berpr?fungsfehler"
 
+#: src/verify-dialog.c:157
+msgid "User-ID not found"
+msgstr "User-ID nicht gefunden"
+
 #: src/verify-dialog.c:169
 msgid "This may be due to a wrong option setting"
 msgstr "M?glicherweise durch falsche Einstellungen verursacht"
@@ -515,6 +468,48 @@
 msgid "Verification Result"
 msgstr "Pr?fungsresultat"
 
+#~ msgid ""
+#~ "If you cancel this dialog, the message will be sent in cleartext!\n"
+#~ "\n"
+#~ "Do you really want to cancel?"
+#~ msgstr ""
+#~ "Wenn Sie diesen Dialog abbrechen, wird die Nachricht im Klartext "
+#~ "ausgesendet!\n"
+#~ "\n"
+#~ "M?chten Sie wirklich abbrechen?"
+
+#~ msgid ""
+#~ "If you cancel this dialog, the message will be sent without signing.\n"
+#~ "\n"
+#~ "Do you really want to cancel?"
+#~ msgstr ""
+#~ "Wenn Sie diesen Dialog abbrechen, so wird die Nachricht ohne Unterschrift "
+#~ "versendet.\n"
+#~ "\n"
+#~ "M?chten Sie wirklich abbrechen?"
+
+#~ msgid "Secret Key Dialog"
+#~ msgstr "Auswahl des geheimen Schl?ssels"
+
+#~ msgid ""
+#~ "If you cancel this dialog, the message will be sent without signing.\n"
+#~ "Do you really want to cancel?"
+#~ msgstr ""
+#~ "Wenn Sie diesen Dialog abbrechen, so wird die Nachricht ohne Unterschrift "
+#~ "versendet.\n"
+#~ "\n"
+#~ "M?chten Sie wirklich abbrechen?"
+
+#~ msgid ""
+#~ "If you cancel this dialog, the message will be sent in cleartext.\n"
+#~ "\n"
+#~ "Do you really want to cancel?"
+#~ msgstr ""
+#~ "Wenn Sie diesen Dialog abbrechen, so wird die NAchricht im Klartext "
+#~ "versendet!\n"
+#~ "\n"
+#~ "M?chten Sie wirklich abbrechen?"
+
 #~ msgid "[No attestation computed (e.g. messages was not signed)"
 #~ msgstr ""
 #~ "[Kein Testat berechnet (z.B. da die Nachricht nicht unterschrieben war)"


From cvs at cvs.gnupg.org  Fri Oct 13 09:21:00 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Fri Oct 13 08:50:03 2006
Subject: [svn] GPGol - r164 - tags
Message-ID: <E1GYGrp-0008OB-6s@trithemius.gnupg.org>

Author: wk
Date: 2006-10-13 09:21:00 +0200 (Fri, 13 Oct 2006)
New Revision: 164

Added:
   tags/gpgol-0.9.91/
Log:


From cvs at cvs.gnupg.org  Mon Oct 16 18:00:24 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Mon Oct 16 17:29:12 2006
Subject: [svn] dirmngr - r237 - trunk/doc
Message-ID: <E1GZUOn-0004ja-VD@trithemius.gnupg.org>

Author: wk
Date: 2006-10-16 18:00:23 +0200 (Mon, 16 Oct 2006)
New Revision: 237

Modified:
   trunk/doc/Makefile.am
   trunk/doc/dirmngr.texi
Log:
Final fix to aegypten bug 354


Modified: trunk/doc/Makefile.am
===================================================================
--- trunk/doc/Makefile.am	2006-09-11 13:14:42 UTC (rev 236)
+++ trunk/doc/Makefile.am	2006-10-16 16:00:23 UTC (rev 237)
@@ -23,6 +23,8 @@
 
 noinst_PROGRAMS = yat2m
 
+AM_MAKEFINFOFLAGS = -I $(srcdir) --css-include=/dev/null
+
 YAT2M_OPTIONS = -I $(srcdir) \
         --release "Dirmngr @PACKAGE_VERSION@" --source "GNU Privacy Guard"
 
@@ -62,3 +64,12 @@
                fi; \
              fi
 
+
+online: dirmngr.html dirmngr.pdf
+	set -e; \
+	echo "Uploading current manuals to www.gnupg.org ..."; \
+        user=werner ; \
+	(cd dirmngr.html && rsync -vr --exclude='.svn' .  \
+	  $${user}@cvs.gnupg.org:webspace/manuals/dirmngr/ ); \
+        rsync -v dirmngr.pdf $${user}@cvs.gnupg.org:webspace/manuals/
+

Modified: trunk/doc/dirmngr.texi
===================================================================
--- trunk/doc/dirmngr.texi	2006-09-11 13:14:42 UTC (rev 236)
+++ trunk/doc/dirmngr.texi	2006-10-16 16:00:23 UTC (rev 237)
@@ -460,6 +460,15 @@
 
 Lines starting with a  @samp{#} are comments.
 
+Note that as usual all strings entered are expected to be UTF_8 encoded.
+Obviously this will lead to problems if the password has orginally been
+encoded as Latin-1.  tehre isno solutionhere than to put such a password
+in the binary encoding into the file (i.e. non-ascii characters won't
+show up readable).@footnote{The @command{gpgconf} tool might be helpful
+for frontends as it allows to edit this configuration file suing percent
+escaped strings.}
+
+
 @item --ldaptimeout @var{secs}
 @opindex ldaptimeout
 Specify the number of seconds to wait for an LDAP query before timing


From cvs at cvs.gnupg.org  Mon Oct 16 19:33:03 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Mon Oct 16 19:01:50 2006
Subject: [svn] GnuPG -  r4301 - trunk/sm
Message-ID: <E1GZVqS-0004bc-9f@trithemius.gnupg.org>

Author: wk
Date: 2006-10-16 19:33:03 +0200 (Mon, 16 Oct 2006)
New Revision: 4301

Modified:
   trunk/sm/ChangeLog
   trunk/sm/certchain.c
Log:
Fixed aegypten bug 299


Modified: trunk/sm/ChangeLog
===================================================================
--- trunk/sm/ChangeLog	2006-10-13 04:09:56 UTC (rev 4300)
+++ trunk/sm/ChangeLog	2006-10-16 17:33:03 UTC (rev 4301)
@@ -1,3 +1,10 @@
+2006-10-16  Werner Koch  <wk@g10code.com>
+
+	* certchain.c (already_asked_marktrusted) 
+	(set_already_asked_marktrusted): New.
+	(gpgsm_validate_chain) <not trusted>: Keep track of certificates
+	we already asked for.
+
 2006-10-11  Werner Koch  <wk@g10code.com>
 
 	* certreqgen.c (proc_parameters, create_request): Allow for

Modified: trunk/sm/certchain.c
===================================================================
--- trunk/sm/certchain.c	2006-10-13 04:09:56 UTC (rev 4300)
+++ trunk/sm/certchain.c	2006-10-16 17:33:03 UTC (rev 4301)
@@ -41,10 +41,54 @@
 #include "i18n.h"
 
 
+/* Object to keep track of certain root certificates. */
+struct marktrusted_info_s
+{
+  struct marktrusted_info_s *next;
+  unsigned char fpr[20];
+};
+static struct marktrusted_info_s *marktrusted_info;
+
+
 static int get_regtp_ca_info (ksba_cert_t cert, int *chainlen);
 
 
+/* This function returns true if we already asked during this session
+   whether the root certificate CERT shall be marked as trusted.  */
+static int
+already_asked_marktrusted (ksba_cert_t cert)
+{
+  unsigned char fpr[20];
+  struct marktrusted_info_s *r;
 
+  gpgsm_get_fingerprint (cert, GCRY_MD_SHA1, fpr, NULL);
+  /* No context switches in the loop! */
+  for (r=marktrusted_info; r; r= r->next)
+    if (!memcmp (r->fpr, fpr, 20))
+      return 1;
+  return 0;
+}
+
+/* Flag certificate CERT as already asked whether it shall be marked
+   as trusted.  */
+static void
+set_already_asked_marktrusted (ksba_cert_t cert)
+{
+ unsigned char fpr[20];
+ struct marktrusted_info_s *r;
+
+ gpgsm_get_fingerprint (cert, GCRY_MD_SHA1, fpr, NULL);
+ for (r=marktrusted_info; r; r= r->next)
+   if (!memcmp (r->fpr, fpr, 20))
+     return; /* Already marked. */
+ r = xtrycalloc (1, sizeof *r);
+ if (!r)
+   return;
+ memcpy (r->fpr, fpr, 20);
+ r->next = marktrusted_info;
+ marktrusted_info = r;
+}
+
 /* If LISTMODE is true, print FORMAT using LISTMODE to FP.  If
    LISTMODE is false, use the string to print an log_info or, if
    IS_ERROR is true, and log_error. */
@@ -883,28 +927,51 @@
                  expired it does not make much sense to ask the user
                  whether we wants to trust the root certificate.  He
                  should do this only if the certificate under question
-                 will then be usable. */
-              if (!lm && !any_expired)
+                 will then be usable.  We also check whether the agent
+                 is at all enabled to allo marktrusted and don't call
+                 it in this session again if it is not. */
+              if ( !any_expired
+                   && (!lm || !already_asked_marktrusted (subject_cert)))
                 {
+                  static int no_more_questions; /* during this session. */
                   int rc2;
                   char *fpr = gpgsm_get_fingerprint_string (subject_cert,
                                                             GCRY_MD_SHA1);
                   log_info (_("fingerprint=%s\n"), fpr? fpr : "?");
                   xfree (fpr);
-                  rc2 = gpgsm_agent_marktrusted (ctrl, subject_cert);
+                  if (no_more_questions)
+                    rc2 = gpg_error (GPG_ERR_NOT_SUPPORTED);
+                  else
+                    rc2 = gpgsm_agent_marktrusted (ctrl, subject_cert);
                   if (!rc2)
                     {
                       log_info (_("root certificate has now"
                                   " been marked as trusted\n"));
                       rc = 0;
                     }
-                  else 
+                  else if (!lm)
                     {
                       gpgsm_dump_cert ("issuer", subject_cert);
                       log_info ("after checking the fingerprint, you may want "
                                 "to add it manually to the list of trusted "
                                 "certificates.\n");
                     }
+
+                  if (gpg_err_code (rc2) == GPG_ERR_NOT_SUPPORTED)
+                    {
+                      if (!no_more_questions)
+                        log_info (_("interactive marking as trusted "
+                                    "not enabled in gpg-agent\n"));
+                      no_more_questions = 1;
+                    }
+                  else if (gpg_err_code (rc2) == GPG_ERR_CANCELED)
+                    {
+                      log_info (_("interactive marking as trusted "
+                                  "disabled for this session\n"));
+                      no_more_questions = 1;
+                    }
+                  else
+                    set_already_asked_marktrusted (subject_cert);
                 }
             }
           else 


From cvs at cvs.gnupg.org  Mon Oct 16 19:35:28 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Mon Oct 16 19:04:11 2006
Subject: [svn] assuan - r220 - in trunk: . src
Message-ID: <E1GZVsm-0004fq-LZ@trithemius.gnupg.org>

Author: wk
Date: 2006-10-16 19:35:28 +0200 (Mon, 16 Oct 2006)
New Revision: 220

Modified:
   trunk/NEWS
   trunk/configure.ac
   trunk/src/ChangeLog
   trunk/src/assuan.h
   trunk/src/libassuan.m4
   trunk/src/mkerrors
Log:
Mapped another error.


Modified: trunk/NEWS
===================================================================
--- trunk/NEWS	2006-10-10 10:53:05 UTC (rev 219)
+++ trunk/NEWS	2006-10-16 17:35:28 UTC (rev 220)
@@ -1,3 +1,7 @@
+Noteworthy changes in version 0.9.4
+------------------------------------------------
+
+
 Noteworthy changes in version 0.9.3 (2006-10-10)
 ------------------------------------------------
 

Modified: trunk/configure.ac
===================================================================
--- trunk/configure.ac	2006-10-10 10:53:05 UTC (rev 219)
+++ trunk/configure.ac	2006-10-16 17:35:28 UTC (rev 220)
@@ -25,7 +25,7 @@
 
 # Version number: Remember to change it immediately *after* a release.
 #                 Add a "-cvs" prefix for non-released code.
-AC_INIT(libassuan, 0.9.3, gnupg-devel@gnupg.org)
+AC_INIT(libassuan, 0.9.4-cvs, gnupg-devel@gnupg.org)
 # Note, that this is not yet available as a shared library.
 
 PACKAGE=$PACKAGE_NAME

Modified: trunk/src/ChangeLog
===================================================================
--- trunk/src/ChangeLog	2006-10-10 10:53:05 UTC (rev 219)
+++ trunk/src/ChangeLog	2006-10-16 17:35:28 UTC (rev 220)
@@ -1,5 +1,12 @@
+2006-10-16  Werner Koch  <wk@g10code.com>
+
+	* mkerrors: Map ASSUAN_Not_Confirmed.
+
 2006-10-10  Werner Koch  <wk@g10code.com>
 
+	* libassuan.m4 (AM_PATH_LIBASSUAN_PTH)
+	(AM_PATH_LIBASSUAN_PTHREAD): Fixed.
+
 	* assuan-buffer.c (assuan_sendfd): Implement a runtime detection
 	of implemented descripotr passing.
 

Modified: trunk/src/assuan.h
===================================================================
--- trunk/src/assuan.h	2006-10-10 10:53:05 UTC (rev 219)
+++ trunk/src/assuan.h	2006-10-16 17:35:28 UTC (rev 220)
@@ -249,9 +249,11 @@
 #define  ASSUAN_Unexpected_Data 125
 #define  ASSUAN_Invalid_Status 126
 #define  ASSUAN_Locale_Problem 127
+#endif
 #define  ASSUAN_Not_Confirmed 128
 
   /* Warning: Don't use the Error codes, below they are deprecated. */
+#ifndef _ASSUAN_IN_LIBASSUAN
 #define  ASSUAN_Bad_Certificate 201
 #define  ASSUAN_Bad_Certificate_Chain 202
 #define  ASSUAN_Missing_Certificate 203

Modified: trunk/src/libassuan.m4
===================================================================
--- trunk/src/libassuan.m4	2006-10-10 10:53:05 UTC (rev 219)
+++ trunk/src/libassuan.m4	2006-10-16 17:35:28 UTC (rev 220)
@@ -125,8 +125,8 @@
 AC_DEFUN([AM_PATH_LIBASSUAN_PTH],
 [ _AM_PATH_LIBASSUAN_COMMON($1,pth)
   if test $ok = yes; then
-    LIBASSUAN_PTH_CFLAGS=`$LIBASSUAN_CONFIG $libassuan_config_args --cflags`
-    LIBASSUAN_PTH_LIBS=`$LIBASSUAN_CONFIG $libassuan_config_args --libs`
+    LIBASSUAN_PTH_CFLAGS=`$LIBASSUAN_CONFIG $libassuan_config_args --thread=pth --cflags`
+    LIBASSUAN_PTH_LIBS=`$LIBASSUAN_CONFIG $libassuan_config_args --thread=pth --libs`
     ifelse([$2], , :, [$2])
   else
     LIBASSUAN_PTH_CFLAGS=""
@@ -146,8 +146,8 @@
 AC_DEFUN([AM_PATH_LIBASSUAN_PTHREAD],
 [ _AM_PATH_LIBASSUAN_COMMON($1,pth)
   if test $ok = yes; then
-    LIBASSUAN_PTHREAD_CFLAGS=`$LIBASSUAN_CONFIG $libassuan_config_args --cflags`
-    LIBASSUAN_PTHREAD_LIBS=`$LIBASSUAN_CONFIG $libassuan_config_args --libs`
+    LIBASSUAN_PTHREAD_CFLAGS=`$LIBASSUAN_CONFIG $libassuan_config_args --thread=pthread --cflags`
+    LIBASSUAN_PTHREAD_LIBS=`$LIBASSUAN_CONFIG $libassuan_config_args --thread=pthread --libs`
     ifelse([$2], , :, [$2])
   else
     LIBASSUAN_PTHREAD_CFLAGS=""

Modified: trunk/src/mkerrors
===================================================================
--- trunk/src/mkerrors	2006-10-10 10:53:05 UTC (rev 219)
+++ trunk/src/mkerrors	2006-10-16 17:35:28 UTC (rev 220)
@@ -84,6 +84,7 @@
     case ASSUAN_Unknown_Command:         n = 275; break;
     case ASSUAN_Canceled:                n = 277; break;
     case ASSUAN_No_Secret_Key:           n =  17; break;
+    case ASSUAN_Not_Confirmed:           n = 114; break;
 
     case ASSUAN_Read_Error:
       switch (errno)
@@ -200,6 +201,7 @@
               case 274: n = ASSUAN_Unexpected_Command     ; break;
               case 275: n = ASSUAN_Unknown_Command        ; break;
               case 277: n = ASSUAN_Canceled               ; break;
+              case 114: n = ASSUAN_Not_Confirmed          ; break;
               case ((1<<15)|86): n = ASSUAN_Out_Of_Core   ; break;
               default:  n = 0; break;
               }


From cvs at cvs.gnupg.org  Mon Oct 16 19:36:45 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Mon Oct 16 19:05:29 2006
Subject: [svn] GnuPG -  r4302 - trunk/agent
Message-ID: <E1GZVu1-0004jI-PW@trithemius.gnupg.org>

Author: wk
Date: 2006-10-16 19:36:44 +0200 (Mon, 16 Oct 2006)
New Revision: 4302

Modified:
   trunk/agent/ChangeLog
   trunk/agent/call-pinentry.c
   trunk/agent/protect-tool.c
   trunk/agent/trustlist.c
Log:
Allow to cancel marktrusted.


Modified: trunk/agent/ChangeLog
===================================================================
--- trunk/agent/ChangeLog	2006-10-16 17:33:03 UTC (rev 4301)
+++ trunk/agent/ChangeLog	2006-10-16 17:36:44 UTC (rev 4302)
@@ -1,3 +1,13 @@
+2006-10-16  Werner Koch  <wk@g10code.com>
+
+	* call-pinentry.c (agent_get_confirmation): Map Cancel code here too.
+	* trustlist.c (agent_marktrusted): Return Cancel instead of
+	Not_Confirmed for the first question.
+
+2006-10-12  Werner Koch  <wk@g10code.com>
+
+	* protect-tool.c (get_passphrase): Fix if !HAVE_LANGINFO_CODESET.
+
 2006-10-06  Werner Koch  <wk@g10code.com>
 
 	* Makefile.am (AM_CFLAGS): Use PTH version of libassuan.

Modified: trunk/agent/call-pinentry.c
===================================================================
--- trunk/agent/call-pinentry.c	2006-10-16 17:33:03 UTC (rev 4301)
+++ trunk/agent/call-pinentry.c	2006-10-16 17:36:44 UTC (rev 4302)
@@ -582,6 +582,9 @@
     }
 
   rc = assuan_transact (entry_ctx, "CONFIRM", NULL, NULL, NULL, NULL, NULL, NULL);
+  if (rc && gpg_err_source (rc) && gpg_err_code (rc) == GPG_ERR_ASS_CANCELED)
+    rc = gpg_err_make (gpg_err_source (rc), GPG_ERR_CANCELED);
+
   return unlock_pinentry (rc);
 }
 

Modified: trunk/agent/protect-tool.c
===================================================================
--- trunk/agent/protect-tool.c	2006-10-16 17:33:03 UTC (rev 4301)
+++ trunk/agent/protect-tool.c	2006-10-16 17:36:44 UTC (rev 4302)
@@ -1170,7 +1170,7 @@
   char *pw;
   int err;
   const char *desc;
-#ifdef HAVE_LANGINFO_CODESET
+#ifdef ENABLE_NLS
   char *orig_codeset = NULL;
 #endif
   int error_msgno;

Modified: trunk/agent/trustlist.c
===================================================================
--- trunk/agent/trustlist.c	2006-10-16 17:33:03 UTC (rev 4301)
+++ trunk/agent/trustlist.c	2006-10-16 17:36:44 UTC (rev 4302)
@@ -479,9 +479,15 @@
      button is "the default "Cancel" of the Pinentry. */
   err = agent_get_confirmation (ctrl, desc, _("Correct"), NULL);
   free (desc);
+  /* If the user did not confirmed this, we return cancel here so that
+     gpgsm may stop asking further questions.  We won't do this for
+     the second question of course. */
   if (err)
-    return err;
+    return (gpg_err_code (err) == GPG_ERR_NOT_CONFIRMED ? 
+            gpg_err_make (gpg_err_source (err), GPG_ERR_CANCELED) : err);
 
+
+
   if (asprintf (&desc,
                 /* TRANSLATORS: This prompt is shown by the Pinentry
                    and has one special property: A "%%0A" is used by


From cvs at cvs.gnupg.org  Tue Oct 17 09:39:21 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Tue Oct 17 09:08:08 2006
Subject: [svn] GnuPG -  r4303 - trunk/sm
Message-ID: <E1GZj3P-0006RF-2B@trithemius.gnupg.org>

Author: wk
Date: 2006-10-17 09:39:21 +0200 (Tue, 17 Oct 2006)
New Revision: 4303

Modified:
   trunk/sm/ChangeLog
   trunk/sm/sign.c
Log:
Fixed aegypten bug 372


Modified: trunk/sm/ChangeLog
===================================================================
--- trunk/sm/ChangeLog	2006-10-16 17:36:44 UTC (rev 4302)
+++ trunk/sm/ChangeLog	2006-10-17 07:39:21 UTC (rev 4303)
@@ -1,3 +1,8 @@
+2006-10-17  Werner Koch  <wk@g10code.com>
+
+	* sign.c (gpgsm_get_default_cert): Changed to return only
+	certificates usable for signing.
+
 2006-10-16  Werner Koch  <wk@g10code.com>
 
 	* certchain.c (already_asked_marktrusted) 

Modified: trunk/sm/sign.c
===================================================================
--- trunk/sm/sign.c	2006-10-16 17:36:44 UTC (rev 4302)
+++ trunk/sm/sign.c	2006-10-17 07:39:21 UTC (rev 4303)
@@ -124,8 +124,8 @@
 }
 
 
-/* Get the default certificate which is defined as the first one our
-   keyDB returns and has a secret key available. */
+/* Get the default certificate which is defined as the first cabable
+   of signing our keyDB returns and has a secret key available. */
 int
 gpgsm_get_default_cert (ctrl_t ctrl, ksba_cert_t *r_cert)
 {
@@ -153,20 +153,23 @@
           keydb_release (hd);
           return rc;
         }
-      
-      p = gpgsm_get_keygrip_hexstring (cert);
-      if (p)
+
+      if (!gpgsm_cert_use_sign_p (cert))
         {
-          if (!gpgsm_agent_havekey (ctrl, p))
+          p = gpgsm_get_keygrip_hexstring (cert);
+          if (p)
             {
+              if (!gpgsm_agent_havekey (ctrl, p))
+                {
+                  xfree (p);
+                  keydb_release (hd);
+                  *r_cert = cert;
+                  return 0; /* got it */
+                }
               xfree (p);
-              keydb_release (hd);
-              *r_cert = cert;
-              return 0; /* got it */
             }
-          xfree (p);
         }
-    
+
       ksba_cert_release (cert); 
       cert = NULL;
     }


From cvs at cvs.gnupg.org  Tue Oct 17 19:44:53 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Tue Oct 17 19:13:36 2006
Subject: [svn] gcry - r1185 - in trunk: . cipher doc src tests
Message-ID: <E1GZsVQ-0003ni-UN@trithemius.gnupg.org>

Author: wk
Date: 2006-10-17 19:44:49 +0200 (Tue, 17 Oct 2006)
New Revision: 1185

Modified:
   trunk/AUTHORS
   trunk/ChangeLog
   trunk/NEWS
   trunk/THANKS
   trunk/TODO
   trunk/acinclude.m4
   trunk/cipher/ChangeLog
   trunk/cipher/dsa.c
   trunk/cipher/md.c
   trunk/cipher/pubkey.c
   trunk/doc/ChangeLog
   trunk/doc/Makefile.am
   trunk/doc/gcrypt.texi
   trunk/src/ChangeLog
   trunk/src/cipher.h
   trunk/src/global.c
   trunk/src/libgcrypt.m4
   trunk/src/module.c
   trunk/src/sexp.c
   trunk/tests/ChangeLog
   trunk/tests/keygen.c
   trunk/tests/tsexp.c
Log:
Various minor changes.
Support for DSA2.


Modified: trunk/AUTHORS
===================================================================
--- trunk/AUTHORS	2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/AUTHORS	2006-10-17 17:44:49 UTC (rev 1185)
@@ -74,9 +74,9 @@
  added SHA-224, changed cipher/sha256.c, added HMAC tests.)
 
 
-Hye-Shik Chang  <perky@FreeBSD.org>
-Wrote SEED cipher and put it into the Public domain.  See mail to
-gcrypt-devel@gnupg.org on 2006-07-12 <20060712143738.GA54909@FreeBSD.org>.
+LIBGCRYPT       Hye-Shik Chang   2006-09-07
+Assigns Past and Future Changes
+perky@freebsd.org
 (SEED cipher)
 
 

Modified: trunk/ChangeLog
===================================================================
--- trunk/ChangeLog	2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/ChangeLog	2006-10-17 17:44:49 UTC (rev 1185)
@@ -20,6 +20,12 @@
 	(AC_CONFIG_FILES): Add src/gcrypt.h.
 	(AC_CONFIG_SRCDIR): Change to src/libgcrypt.vers.
 
+2006-10-02  Werner Koch  <wk@g10code.com>
+
+	* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Test on HOST and not
+	TARGET.  Hardwire for mingw32. Allow setting via command line when
+	cross compiling.
+
 2006-08-29  Werner Koch  <wk@g10code.com>
 
 	* configure.ac (USE_SEED): New.

Modified: trunk/NEWS
===================================================================
--- trunk/NEWS	2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/NEWS	2006-10-17 17:44:49 UTC (rev 1185)
@@ -16,6 +16,10 @@
 
  * gcry_mpi_rshift does not anymore truncate the shift count.
 
+ * Reserved algorithm ranges for use by applications.
+
+ * Support for DSA2.
+
  * Interface changes relative to the 1.2.0 release:
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  gcry_fast_random_poll	 NEW

Modified: trunk/THANKS
===================================================================
--- trunk/THANKS	2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/THANKS	2006-10-17 17:44:49 UTC (rev 1185)
@@ -60,6 +60,7 @@
 Katsuhiro Kondou	   kondou@nec.co.jp
 Kazu Yamamoto		   kazu@iijlab.net
 Lars Kellogg-Stedman	   lars@bu.edu
+Lee Fisher                 blibbet at gmail dot com
 Marco d'Itri               md@linux.it
 Mark Adler		   madler@alumni.caltech.edu
 Mark Elbrecht		   snowball3@bigfoot.com

Modified: trunk/TODO
===================================================================
--- trunk/TODO	2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/TODO	2006-10-17 17:44:49 UTC (rev 1185)
@@ -64,5 +64,6 @@
 
 * gry_mpi_lshift is missing
 
+* Add OAEP
 
 

Modified: trunk/acinclude.m4
===================================================================
--- trunk/acinclude.m4	2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/acinclude.m4	2006-10-17 17:44:49 UTC (rev 1185)
@@ -69,13 +69,18 @@
 # Taken from GnuPG 1.2 and modified to use the libtool macros.
 AC_DEFUN([GNUPG_SYS_SYMBOL_UNDERSCORE],
 [tmp_do_check="no"
-case "${target}" in
+case "${host}" in
+    *-mingw32msvc*)
+        ac_cv_sys_symbol_underscore=yes
+        ;;
     i386-emx-os2 | i[3456]86-pc-os2*emx | i386-pc-msdosdjgpp)
         ac_cv_sys_symbol_underscore=yes
         ;;
     *)
       if test "$cross_compiling" = yes; then
-         ac_cv_sys_symbol_underscore=yes
+        if test "x$ac_cv_sys_symbol_underscore" = x ; then
+           ac_cv_sys_symbol_underscore=yes
+        fi
       else
          tmp_do_check="yes"
       fi

Modified: trunk/cipher/ChangeLog
===================================================================
--- trunk/cipher/ChangeLog	2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/cipher/ChangeLog	2006-10-17 17:44:49 UTC (rev 1185)
@@ -1,3 +1,16 @@
+2006-10-17  Werner Koch  <wk@g10code.com>
+
+	* dsa.c (_gcry_dsa_generate2): New.
+	(generate): New arg QBITS.  Add sanity checks for reasonable qbits
+	and nbits.
+	* pubkey.c (gcry_pk_genkey): Parse an qbits element.
+	(pubkey_generate): New arg QBITS.  Pass it to the DSA generation.
+
+2006-10-05  Werner Koch  <wk@g10code.com>
+
+	* md.c (gcry_md_algo_info) <get_asnoid>: Check that the algo is
+	available.
+
 2006-10-04  David Shaw  <dshaw@jabberwocky.com>  (wk)
  
 	* tiger.c (round): Rename to tiger_round as gcc 4 has a built-in

Modified: trunk/cipher/dsa.c
===================================================================
--- trunk/cipher/dsa.c	2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/cipher/dsa.c	2006-10-17 17:44:49 UTC (rev 1185)
@@ -1,5 +1,6 @@
 /* dsa.c  -  DSA signature scheme
- * Copyright (C) 1998, 2000, 2001, 2002, 2003 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 2000, 2001, 2002, 2003,
+ *               2006  Free Software Foundation, Inc.
  *
  * This file is part of Libgcrypt.
  *
@@ -50,7 +51,9 @@
 static gcry_mpi_t gen_k (gcry_mpi_t q);
 static void test_keys (DSA_secret_key *sk, unsigned qbits);
 static int check_secret_key (DSA_secret_key *sk);
-static gpg_err_code_t generate (DSA_secret_key *sk, unsigned nbits,
+static gpg_err_code_t generate (DSA_secret_key *sk,
+                                unsigned int nbits,
+                                unsigned int qbits,
                                 gcry_mpi_t **ret_factors);
 static void sign (gcry_mpi_t r, gcry_mpi_t s, gcry_mpi_t input,
                   DSA_secret_key *skey);
@@ -173,7 +176,8 @@
  	    and an array with the n-1 factors of (p-1)
  */
 static gpg_err_code_t
-generate( DSA_secret_key *sk, unsigned nbits, gcry_mpi_t **ret_factors )
+generate (DSA_secret_key *sk, unsigned int nbits, unsigned int qbits,
+          gcry_mpi_t **ret_factors )
 {
   gcry_mpi_t p;    /* the prime */
   gcry_mpi_t q;    /* the 160 bit prime factor */
@@ -181,22 +185,28 @@
   gcry_mpi_t y;    /* g^x mod p */
   gcry_mpi_t x;    /* the secret exponent */
   gcry_mpi_t h, e;  /* helper */
-  unsigned qbits;
   unsigned char *rndbuf;
 
-  if ( nbits >= 512 && nbits <= 1024 )
+  if (qbits)
+    ; /* Caller supplied qbits.  Use this value.  */
+  else if ( nbits >= 512 && nbits <= 1024 )
     qbits = 160;
   else if ( nbits == 2048 )
     qbits = 224;
   else if ( nbits == 3072 )
     qbits = 256;
-/*   else if ( nbits == 7680 ) */
-/*     qbits = 384; */
-/*   else if ( nbits == 15360 ) */
-/*     qbits = 512; */
+  else if ( nbits == 7680 )
+    qbits = 384;
+  else if ( nbits == 15360 )
+    qbits = 512;
   else
     return GPG_ERR_INV_VALUE;
 
+  if (qbits < 160 || qbits > 512 || (qbits%8) )
+    return GPG_ERR_INV_VALUE;
+  if (nbits < 2*qbits || nbits > 15360)
+    return GPG_ERR_INV_VALUE;
+
   p = _gcry_generate_elg_prime( 1, nbits, qbits, NULL, ret_factors );
   /* get q out of factors */
   q = mpi_copy((*ret_factors)[0]);
@@ -382,13 +392,13 @@
  *********************************************/
 
 gcry_err_code_t
-_gcry_dsa_generate (int algo, unsigned nbits, unsigned long dummy,
+_gcry_dsa_generate (int algo, unsigned int nbits, unsigned long dummy,
                     gcry_mpi_t *skey, gcry_mpi_t **retfactors)
 {
   gpg_err_code_t err;
   DSA_secret_key sk;
 
-  err = generate (&sk, nbits, retfactors);
+  err = generate (&sk, nbits, 0, retfactors);
   if (!err)
     {
       skey[0] = sk.p;
@@ -402,7 +412,34 @@
 }
 
 
+/* We don't want to break our API.  Thus we use a hack in pubkey.c to
+   link directly to this function.  Note that we can't reuse the dummy
+   parameter because we can't be sure that applicaions accidently pass
+   a USE_E (that is for what dummy is used with RSA) to a DSA
+   generation. */
 gcry_err_code_t
+_gcry_dsa_generate2 (int algo, unsigned int nbits, unsigned int qbits,
+                     unsigned long dummy,
+                     gcry_mpi_t *skey, gcry_mpi_t **retfactors)
+{
+  gpg_err_code_t err;
+  DSA_secret_key sk;
+
+  err = generate (&sk, nbits, qbits, retfactors);
+  if (!err)
+    {
+      skey[0] = sk.p;
+      skey[1] = sk.q;
+      skey[2] = sk.g;
+      skey[3] = sk.y;
+      skey[4] = sk.x;
+    }
+
+  return err;
+}
+
+
+gcry_err_code_t
 _gcry_dsa_check_secret_key (int algo, gcry_mpi_t *skey)
 {
   gcry_err_code_t err = GPG_ERR_NO_ERROR;

Modified: trunk/cipher/md.c
===================================================================
--- trunk/cipher/md.c	2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/cipher/md.c	2006-10-17 17:44:49 UTC (rev 1185)
@@ -1101,27 +1101,31 @@
       break;
 
     case GCRYCTL_GET_ASNOID:
-      {
-	const char unsigned *asn;
-	size_t asnlen;
-
-	asn = md_asn_oid (algo, &asnlen, NULL);
-	if (buffer && (*nbytes >= asnlen))
+      /* We need to check that the algo is available because
+         md_asn_oid would otherwise raise an assertion. */
+      err = check_digest_algo (algo);
+      if (!err)
+        {
+          const char unsigned *asn;
+          size_t asnlen;
+          
+          asn = md_asn_oid (algo, &asnlen, NULL);
+          if (buffer && (*nbytes >= asnlen))
 	  {
 	    memcpy (buffer, asn, asnlen);
 	    *nbytes = asnlen;
 	  }
-	else if ((! buffer) && nbytes)
-	  *nbytes = asnlen;
-	else
-	  {
-	    if (buffer)
-	      err = GPG_ERR_TOO_SHORT;
-	    else
-	      err = GPG_ERR_INV_ARG;
-	  }
-	break;
-      }
+          else if ((! buffer) && nbytes)
+            *nbytes = asnlen;
+          else
+            {
+              if (buffer)
+                err = GPG_ERR_TOO_SHORT;
+              else
+                err = GPG_ERR_INV_ARG;
+            }
+        }
+      break;
 
   default:
     err = GPG_ERR_INV_OP;

Modified: trunk/cipher/pubkey.c
===================================================================
--- trunk/cipher/pubkey.c	2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/cipher/pubkey.c	2006-10-17 17:44:49 UTC (rev 1185)
@@ -467,7 +467,8 @@
 
 
 static gcry_err_code_t
-pubkey_generate (int algorithm, unsigned int nbits, unsigned long use_e,
+pubkey_generate (int algorithm, unsigned int nbits, unsigned int qbits,
+                 unsigned long use_e,
                  gcry_mpi_t *skey, gcry_mpi_t **retfactors)
 {
   gcry_err_code_t err = GPG_ERR_PUBKEY_ALGO;
@@ -479,8 +480,13 @@
   pubkey = _gcry_module_lookup_id (pubkeys_registered, algorithm);
   if (pubkey)
     {
-      err = ((gcry_pk_spec_t *) pubkey->spec)->generate 
-        (algorithm, nbits, use_e, skey, retfactors);
+      /* Hack to pass QBITS to the DSA generation.  */
+      if (qbits && pubkey->spec == &_gcry_pubkey_spec_dsa)
+        err = _gcry_dsa_generate2
+          (algorithm, nbits, qbits, 0, skey, retfactors);
+      else
+        err = ((gcry_pk_spec_t *) pubkey->spec)->generate 
+          (algorithm, nbits, use_e, skey, retfactors);
       _gcry_module_release (pubkey);
     }
   ath_mutex_unlock (&pubkeys_registered_lock);
@@ -1862,6 +1868,7 @@
   gcry_mpi_t skey[10], *factors = NULL;
   unsigned int nbits = 0;
   unsigned long use_e = 0;
+  unsigned int qbits;
   char *name_terminated;
 
   REGISTER_DEFAULT_PUBKEYS;
@@ -1941,6 +1948,28 @@
   else
     use_e = 65537; /* Not given, use the value generated by old versions. */
 
+  /* Handle the optional qbits element. */
+  l2 = gcry_sexp_find_token (list, "qbits", 0);
+  if (l2)
+    {
+      char buf[50];
+
+      name = gcry_sexp_nth_data (l2, 1, &n);
+      if ((! name) || (n >= DIM (buf) - 1))
+        {
+          rc = GPG_ERR_INV_OBJ; /* No value or value too large. */
+          goto leave;
+        }
+      memcpy (buf, name, n);
+      buf[n] = 0;
+      qbits = (unsigned int)strtoul (buf, NULL, 0);
+      gcry_sexp_release (l2);
+      l2 = NULL;
+    }
+  else
+    qbits = 0;
+
+  /* Now parse the required nbits element. */
   l2 = gcry_sexp_find_token (list, "nbits", 0);
   gcry_sexp_release (list);
   list = l2;
@@ -1970,7 +1999,7 @@
   nbits = (unsigned int) strtoul (name_terminated, NULL, 0);
   gcry_free (name_terminated);
 
-  rc = pubkey_generate (module->mod_id, nbits, use_e, skey, &factors);
+  rc = pubkey_generate (module->mod_id, nbits, qbits, use_e, skey, &factors);
   if (rc)
     goto leave;
 

Modified: trunk/doc/ChangeLog
===================================================================
--- trunk/doc/ChangeLog	2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/doc/ChangeLog	2006-10-17 17:44:49 UTC (rev 1185)
@@ -1,3 +1,7 @@
+2006-09-19  Werner Koch  <wk@g10code.com>
+
+	* Makefile.am (online): New target.
+
 2006-08-29  Werner Koch  <wk@g10code.com>
 
 	* gcrypt.texi (Available ciphers): Add missing ciphers.

Modified: trunk/doc/Makefile.am
===================================================================
--- trunk/doc/Makefile.am	2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/doc/Makefile.am	2006-10-17 17:44:49 UTC (rev 1185)
@@ -22,3 +22,12 @@
 info_TEXINFOS = gcrypt.texi
 gcrypt_TEXINFOS = lgpl.texi gpl.texi
 
+
+online: gcrypt.html gcrypt.pdf
+	set -e; \
+	echo "Uploading current manuals to www.gnupg.org ..."; \
+        user=werner ; \
+	(cd gcrypt.html && rsync -vr --exclude='.svn' .  \
+	  $${user}@cvs.gnupg.org:webspace/manuals/gcrypt/ ); \
+        rsync -v gcrypt.pdf $${user}@cvs.gnupg.org:webspace/manuals/
+

Modified: trunk/doc/gcrypt.texi
===================================================================
--- trunk/doc/gcrypt.texi	2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/doc/gcrypt.texi	2006-10-17 17:44:49 UTC (rev 1185)
@@ -2326,7 +2326,7 @@
 influence the operation.  These flags have to be listed in a
 sub-S-expression named `flags'; the following flags are known:
 
-@table @var
+@table @code
 @item pkcs1
 Use PKCS#1 block type 2 padding.
 @item no-blinding
@@ -2694,7 +2694,8 @@
 @table @code
 @item nbits
 This is always required to specify the length of the key.  The argument
-is a string with a number in C-notation.
+is a string with a number in C-notation.  The value should be a multiple
+of 8.
 
 @item rsa-use-e
 This is only used with RSA to give a hint for the public exponent. The
@@ -2715,7 +2716,27 @@
 If this parameter is not used, @acronym{Libgcrypt} uses for historic reasons
 65537.
 
+@item qbits
+This is only meanigful for DSA keys.  If it is given the DSA key is
+generated with a Q parameyer of this size.  If it is not given or zero 
+Q is deduced from NBITS in this way:
+@table @samp
+@item 512 <= N <= 1024
+Q = 160
+@item N = 2048
+Q = 224
+@item N = 3072
+Q = 256
+@item N = 7680
+Q = 384
+w@item N = 15360
+Q = 512
 @end table
+Note, that in this case only the values for N, as given in the table,
+are allowed.  When specifying Q all values of N in the range 512 to
+15680 are valid as long as they are multiples of 8.
+
+@end table
 @c end table of parameters
 
 @noindent

Modified: trunk/src/ChangeLog
===================================================================
--- trunk/src/ChangeLog	2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/src/ChangeLog	2006-10-17 17:44:49 UTC (rev 1185)
@@ -1,3 +1,11 @@
+2006-10-05  Werner Koch  <wk@g10code.com>
+
+	* module.c (_gcry_module_id_new): Don't assign modules in the range
+	the range of 1024..4096.
+	* gcrypt.h (GCRY_MD_USER, GCRY_MD_USER_LAST): New
+	(GCRY_PK_USER, GCRY_PK_USER_LAST): New.
+	(GCRY_CIPHER_USER, GCRY_CIPHER_USER_LAST): New.
+
 2006-10-12  Marcus Brinkmann  <marcus@g10code.de>
 
 	* gcrypt.h.in: Replace socklen_t with gcry_socklen_t.
@@ -12,8 +20,14 @@
 	* gcrypt.h.in: ... this file.
 	* Makefile.am (EXTRA_DIST): Add gcrypt.h.in.
 
+2006-09-04  Werner Koch  <wk@g10code.com>
+
+	* gcrypt.h: Removed some trailing comma in enums.
+
 2006-08-29  Werner Koch  <wk@g10code.com>
 
+	* global.c (gcry_xrealloc): Pass secure flag to outofcore handler.
+
 	* gcrypt.h (GCRY_CIPHER_SEED): New.
 
 2006-08-21  Werner Koch  <wk@g10code.com>

Modified: trunk/src/cipher.h
===================================================================
--- trunk/src/cipher.h	2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/src/cipher.h	2006-10-17 17:44:49 UTC (rev 1185)
@@ -35,6 +35,12 @@
 
 /*-- dsa.c --*/
 void _gcry_register_pk_dsa_progress (gcry_handler_progress_t cbc, void *cb_data);
+gcry_err_code_t _gcry_dsa_generate2 (int algo, unsigned int nbits,
+                                     unsigned int qbits,
+                                     unsigned long dummy,
+                                     gcry_mpi_t *skey,
+                                     gcry_mpi_t **retfactors);
+
 /*-- elgamal.c --*/
 void _gcry_register_pk_elg_progress (gcry_handler_progress_t cb, void *cb_data);
 /*-- primegen.c --*/

Modified: trunk/src/global.c
===================================================================
--- trunk/src/global.c	2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/src/global.c	2006-10-17 17:44:49 UTC (rev 1185)
@@ -644,7 +644,8 @@
 
     while ( !(p = gcry_realloc( a, n )) ) {
 	if( !outofcore_handler
-	    || !outofcore_handler( outofcore_handler_value, n, 2 ) ) {
+	    || !outofcore_handler( outofcore_handler_value, n,
+                                   gcry_is_secure(a)? 3:2 ) ) {
 	    _gcry_fatal_error(gpg_err_code_from_errno (errno), NULL );
 	}
     }

Modified: trunk/src/libgcrypt.m4
===================================================================
--- trunk/src/libgcrypt.m4	2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/src/libgcrypt.m4	2006-10-17 17:44:49 UTC (rev 1185)
@@ -89,7 +89,7 @@
              AC_MSG_RESULT(okay)
            else
              ok=no
-             AC_MSG_RESULT([does not match (want=$req_libgcrypt_api got=$tmp)])
+             AC_MSG_RESULT([does not match. want=$req_libgcrypt_api got=$tmp])
            fi
         fi
      fi

Modified: trunk/src/module.c
===================================================================
--- trunk/src/module.c	2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/src/module.c	2006-10-17 17:44:49 UTC (rev 1185)
@@ -22,23 +22,36 @@
 #include <errno.h>
 #include "g10lib.h"
 
+/* Please match these numbers with the allocated algorithm
+   numbers.  */
 #define MODULE_ID_MIN 600
+#define MODULE_ID_LAST 65500
+#define MODULE_ID_USER 1024
+#define MODULE_ID_USER_LAST 4095
 
+#if MODULE_ID_MIN >= MODULE_ID_USER
+#error Need to implement a different search strategy
+#endif
+
 /* Internal function.  Generate a new, unique module ID for a module
    that should be inserted into the module chain starting at
    MODULES.  */
 static gcry_err_code_t
 _gcry_module_id_new (gcry_module_t modules, unsigned int *id_new)
 {
-  /* FIXME, what should be the ID of the first module registered by
-     the user?  */
-  unsigned int id_min = MODULE_ID_MIN, id_max = (unsigned int) -1, mod_id;
+  unsigned int mod_id;
   gcry_err_code_t err = GPG_ERR_NO_ERROR;
   gcry_module_t module;
 
   /* Search for unused ID.  */
-  for (mod_id = id_min; mod_id < id_max; mod_id++)
+  for (mod_id = MODULE_ID_MIN; mod_id < MODULE_ID_LAST; mod_id++)
     {
+      if (mod_id == MODULE_ID_USER)
+        {
+          mod_id = MODULE_ID_USER_LAST;
+          continue;
+        }
+
       /* Search for a module with the current ID.  */
       for (module = modules; module; module = module->next)
 	if (mod_id == module->mod_id)
@@ -49,7 +62,7 @@
 	break;
     }
 
-  if (mod_id < id_max)
+  if (mod_id < MODULE_ID_LAST)
     /* Done.  */
     *id_new = mod_id;
   else

Modified: trunk/src/sexp.c
===================================================================
--- trunk/src/sexp.c	2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/src/sexp.c	2006-10-17 17:44:49 UTC (rev 1185)
@@ -190,7 +190,7 @@
 /* Create a new S-expression object by reading LENGTH bytes from
    BUFFER, assuming it is canonilized encoded or autodetected encoding
    when AUTODETECT is set to 1.  With FREEFNC not NULL, ownership of
-   the buffer is transferred to tyhe newle created object.  FREEFNC
+   the buffer is transferred to the newly created object.  FREEFNC
    should be the freefnc used to release BUFFER; there is no guarantee
    at which point this function is called; most likey you want to use
    free() or gcry_free(). 
@@ -239,7 +239,7 @@
          have changed the internal represenation of S-expression to
          the canoncial format - which has the advantage of faster
          parsing - we will use this function as a closure in our
-         GCRYSEXP object and use the BUFFER directly */
+         GCRYSEXP object and use the BUFFER directly.  */
       freefnc (buffer);
     }
   return gcry_error (GPG_ERR_NO_ERROR);

Modified: trunk/tests/ChangeLog
===================================================================
--- trunk/tests/ChangeLog	2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/tests/ChangeLog	2006-10-17 17:44:49 UTC (rev 1185)
@@ -1,3 +1,7 @@
+2006-10-17  Werner Koch  <wk@g10code.com>
+
+	* keygen.c (check_rsa_keys): Also create an 1536 bit DSA key.
+
 2006-08-03  Werner Koch  <wk@g10code.com>
 
 	* t-mpi-bit.c: New.

Modified: trunk/tests/keygen.c
===================================================================
--- trunk/tests/keygen.c	2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/tests/keygen.c	2006-10-17 17:44:49 UTC (rev 1185)
@@ -123,12 +123,15 @@
   gcry_sexp_t keyparm, key;
   int rc;
 
+  /* Check that DSA generation works and that it can grok the qbits
+     argument. */
   if (verbose)
-    fprintf (stderr, "creating 2048 bit DSA key using old interface\n");
+    fprintf (stderr, "creating 1536 bit DSA key using old interface\n");
   rc = gcry_sexp_new (&keyparm, 
                       "(genkey\n"
                       " (dsa\n"
-                      "  (nbits 4:2048)\n"
+                      "  (nbits 4:1536)\n"
+                      "  (qbits 3:224)\n"
                       " ))", 0, 1);
   if (rc)
     die ("error creating S-expression: %s\n", gpg_strerror (rc));
@@ -144,7 +147,6 @@
               "=============================\n", buffer);
   }
   gcry_sexp_release (key);
-  exit (0);
 
   if (verbose)
     fprintf (stderr, "creating 1024 bit RSA key using old interface\n");

Modified: trunk/tests/tsexp.c
===================================================================
--- trunk/tests/tsexp.c	2006-10-12 21:22:35 UTC (rev 1184)
+++ trunk/tests/tsexp.c	2006-10-17 17:44:49 UTC (rev 1185)
@@ -304,6 +304,32 @@
       return;
     }
   gcry_sexp_release (se1);
+
+  /* Again but with memory checking. */
+  p1 = gcry_xmalloc (n1+2);
+  *p1 = '\x55';
+  p1[n1+1] = '\xaa';
+  n = gcry_sexp_sprint (se, GCRYSEXP_FMT_CANON, p1+1, n1);
+  if (n1 != n+1) /* sprints adds an extra 0 but does not return it */
+    {
+      fail ("baf %d: length mismatch for canon\n", testno);
+      return;
+    }
+  if (*p1 != '\x55' || p1[n1+1] != '\xaa')
+    fail ("baf %d: memory corrupted (1)\n", testno);
+  rc = gcry_sexp_create (&se1, p1+1, n, 0, NULL);
+  if (rc)
+    {
+      fail ("baf %d: gcry_sexp_create failed: %s\n",
+            testno, gpg_strerror (rc));
+      return;
+    }
+  if (*p1 != '\x55' || p1[n1+1] != '\xaa')
+    fail ("baf %d: memory corrupted (2)\n", testno);
+  gcry_sexp_release (se1);
+  if (*p1 != '\x55' || p1[n1+1] != '\xaa')
+    fail ("baf %d: memory corrupted (3)\n", testno);
+  gcry_free (p1);
   
   /* FIXME: we need a lot more tests */
 
@@ -318,6 +344,18 @@
   static struct { char *buf; int len; } tests[] = {
     { "(7:g34:fgh1::2:())", 0 },
     { "(7:g34:fgh1::2:())", 18 },
+    {
+"(protected-private-key \n"
+" (rsa \n"
+"  (n #00BE8A536204687149A48FF9F1715FF3530AD9A836D62102BF4065E5CF5953236DB94F1DF2FF4D525CD4CE7966DDC3C839968E8BAC2948934DF047CC65287CD79F6C23C93E55D7F9231E3942BD496DE383469977635A51ADF4AF747DB958CA02E9940DFC1DC0FC7FC755E7EB6618FEE6DA54B8A06E0CBF9D9257443F9992261435#)\n"
+"  (e #010001#)\n"
+"  (protected openpgp-s2k3-sha1-aes-cbc \n"
+"   (\n"
+"    (sha1 #C2A5673BD3882405# \"96\")\n"
+"    #8D08AAF6A9209ED69D71EB7E64D78715#)\n"
+"   #F7B0B535F8F8E22F4F3DA031224070303F82F9207D42952F1ACF21A4AB1C50304EBB25527992C7B265A9E9FF702826FB88759BDD55E4759E9FCA6C879538C9D043A9C60A326CB6681090BAA731289BD880A7D5774D9999F026E5E7963BFC8C0BDC9F061393CB734B4F259725C0A0A0B15BA39C39146EF6A1B3DC4DF30A22EBE09FD05AE6CB0C8C6532951A925F354F4E26A51964F5BBA50081690C421C8385C4074E9BAB9297D081B857756607EAE652415275A741C89E815558A50AC638EDC5F5030210B4395E3E1A40FF38DCCCB333A19EA88EFE7E4D51B54128C6DF27395646836679AC21B1B25C1DA6F0A7CE9F9BE078EFC7934FA9AE202CBB0AA06C20DFAF9A66FAB7E9073FBE96B9A7F25C3BA45EC3EECA65796AEE313BA148DE5314F30345B452B50B17C4D841A7F27397126E8C10BD0CE3B50A82C0425AAEE7798031671407B681F52916256F78CAF92A477AC27BCBE26DAFD1BCE386A853E2A036F8314BB2E8E5BB1F196434232EFB0288331C2AB16DBC5457CC295EB966CAC5CE73D5DA5D566E469F0EFA82F9A12B8693E0#)\n"
+"  )\n"
+" )\n", 0 },
     { NULL, 0 }
   };
   int idx;
@@ -390,9 +428,3 @@
   
   return error_count? 1:0;
 }
-
-
-
-
-
-


From cvs at cvs.gnupg.org  Wed Oct 18 16:28:53 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Wed Oct 18 15:57:33 2006
Subject: [svn] GnuPG -  r4305 - trunk/g10
Message-ID: <E1GaBvE-00019b-JO@trithemius.gnupg.org>

Author: wk
Date: 2006-10-18 16:28:52 +0200 (Wed, 18 Oct 2006)
New Revision: 4305

Modified:
   trunk/g10/ChangeLog
   trunk/g10/build-packet.c
   trunk/g10/import.c
Log:
Fixed a bug with very long keys.


Modified: trunk/g10/ChangeLog
===================================================================
--- trunk/g10/ChangeLog	2006-10-17 14:34:42 UTC (rev 4304)
+++ trunk/g10/ChangeLog	2006-10-18 14:28:52 UTC (rev 4305)
@@ -1,3 +1,11 @@
+2006-10-18  Werner Koch  <wk@g10code.com>
+
+	* import.c (import_print_stats): Use log_printf.
+
+	* build-packet.c (do_public_key): Care about mpi_write errors.
+	(do_secret_key, do_pubkey_enc, do_signature): Ditto. 
+	(mpi_write): Print an extra warning on error.
+
 2006-10-17  Werner Koch  <wk@g10code.com>
 
 	* Makefile.am (LDADD): Replaced W32LIBS by NETLIBS.

Modified: trunk/g10/build-packet.c
===================================================================
--- trunk/g10/build-packet.c	2006-10-17 14:34:42 UTC (rev 4304)
+++ trunk/g10/build-packet.c	2006-10-18 14:28:52 UTC (rev 4305)
@@ -161,11 +161,17 @@
   size_t nbytes;
   int rc;
 
-  nbytes = (MAX_EXTERN_MPI_BITS+7)/8;
+  nbytes = (MAX_EXTERN_MPI_BITS+7)/8 + 2; /* 2 is for the mpi length. */
   rc = gcry_mpi_print (GCRYMPI_FMT_PGP, buffer, nbytes, &nbytes, a );
   if( !rc )
     rc = iobuf_write( out, buffer, nbytes );
-  
+  else if (gpg_err_code(rc) == GPG_ERR_TOO_SHORT )
+    {
+      log_info ("mpi too large (%u bits)\n", gcry_mpi_get_nbits (a));
+      /* The buffer was too small. We better tell the user about the MPI. */
+      rc = gpg_error (GPG_ERR_TOO_LARGE);
+    }
+
   return rc;
 }
 
@@ -241,171 +247,195 @@
 static int
 do_public_key( IOBUF out, int ctb, PKT_public_key *pk )
 {
-    int rc = 0;
-    int n, i;
-    IOBUF a = iobuf_temp();
+  int rc = 0;
+  int n, i;
+  IOBUF a = iobuf_temp();
+  
+  if ( !pk->version )
+    iobuf_put( a, 3 );
+  else
+    iobuf_put( a, pk->version );
+  write_32(a, pk->timestamp );
+  if ( pk->version < 4 ) 
+    {
+      u16 ndays;
+      if ( pk->expiredate )
+        ndays = (u16)((pk->expiredate - pk->timestamp) / 86400L);
+      else
+        ndays = 0;
+      write_16(a, ndays );
+    }
+  iobuf_put (a, pk->pubkey_algo );
+  n = pubkey_get_npkey ( pk->pubkey_algo );
+  if ( !n )
+    write_fake_data( a, pk->pkey[0] );
+  for (i=0; i < n && !rc ; i++ )
+    rc = mpi_write(a, pk->pkey[i] );
 
-    if( !pk->version )
-	iobuf_put( a, 3 );
-    else
-	iobuf_put( a, pk->version );
-    write_32(a, pk->timestamp );
-    if( pk->version < 4 ) {
-	u16 ndays;
-	if( pk->expiredate )
-	    ndays = (u16)((pk->expiredate - pk->timestamp) / 86400L);
-	else
-	    ndays = 0;
-	write_16(a, ndays );
+  if (!rc)
+    {
+      write_header2 (out, ctb, iobuf_get_temp_length(a), pk->hdrbytes);
+      rc = iobuf_write_temp ( out, a );
     }
-    iobuf_put(a, pk->pubkey_algo );
-    n = pubkey_get_npkey( pk->pubkey_algo );
-    if( !n )
-	write_fake_data( a, pk->pkey[0] );
-    for(i=0; i < n; i++ )
-	mpi_write(a, pk->pkey[i] );
 
-    write_header2(out, ctb, iobuf_get_temp_length(a), pk->hdrbytes);
-    rc = iobuf_write_temp( out, a );
-
-    iobuf_close(a);
-    return rc;
+  iobuf_close(a);
+  return rc;
 }
 
 
 static int
 do_secret_key( IOBUF out, int ctb, PKT_secret_key *sk )
 {
-    int rc = 0;
-    int i, nskey, npkey;
-    IOBUF a = iobuf_temp(); /* build in a self-enlarging buffer */
+  int rc = 0;
+  int i, nskey, npkey;
+  IOBUF a = iobuf_temp(); /* Build in a self-enlarging buffer.  */
 
-    /* Write the version number - if none is specified, use 3 */
-    if( !sk->version )
-	iobuf_put( a, 3 );
-    else
-	iobuf_put( a, sk->version );
-    write_32(a, sk->timestamp );
+  /* Write the version number - if none is specified, use 3 */
+  if ( !sk->version )
+    iobuf_put ( a, 3 );
+  else
+    iobuf_put ( a, sk->version );
+  write_32 (a, sk->timestamp );
 
-    /* v3  needs the expiration time */
-    if( sk->version < 4 ) {
-	u16 ndays;
-	if( sk->expiredate )
-	    ndays = (u16)((sk->expiredate - sk->timestamp) / 86400L);
-	else
-	    ndays = 0;
-	write_16(a, ndays);
+  /* v3 needs the expiration time. */
+  if ( sk->version < 4 )
+    {
+      u16 ndays;
+      if ( sk->expiredate )
+        ndays = (u16)((sk->expiredate - sk->timestamp) / 86400L);
+      else
+        ndays = 0;
+      write_16(a, ndays);
     }
-
-    iobuf_put(a, sk->pubkey_algo );
-
-    /* get number of secret and public parameters.  They are held in
-       one array first the public ones, then the secret ones */
-    nskey = pubkey_get_nskey( sk->pubkey_algo );
-    npkey = pubkey_get_npkey( sk->pubkey_algo );
-
-    /* If we don't have any public parameters - which is the case if
-       we don't know the algorithm used - the parameters are stored as
-       one blob in a faked (opaque) MPI */
-    if( !npkey ) {
-	write_fake_data( a, sk->skey[0] );
-	goto leave;
+  
+  iobuf_put (a, sk->pubkey_algo );
+  
+  /* Get number of secret and public parameters.  They are held in one
+     array first the public ones, then the secret ones.  */
+  nskey = pubkey_get_nskey ( sk->pubkey_algo );
+  npkey = pubkey_get_npkey ( sk->pubkey_algo );
+  
+  /* If we don't have any public parameters - which is the case if we
+     don't know the algorithm used - the parameters are stored as one
+     blob in a faked (opaque) MPI. */
+  if ( !npkey ) 
+    {
+      write_fake_data( a, sk->skey[0] );
+      goto leave;
     }
-    assert( npkey < nskey );
+  assert ( npkey < nskey );
 
-    /* Writing the public parameters is easy */
-    for(i=0; i < npkey; i++ )
-	mpi_write(a, sk->skey[i] );
-
-    /* build the header for protected (encrypted) secret parameters */
-    if( sk->is_protected ) {
-	if( is_RSA(sk->pubkey_algo) && sk->version < 4
-				    && !sk->protect.s2k.mode ) {
-            /* the simple rfc1991 (v3) way */
-	    iobuf_put(a, sk->protect.algo );
-	    iobuf_write(a, sk->protect.iv, sk->protect.ivlen );
+  /* Writing the public parameters is easy. */
+  for (i=0; i < npkey; i++ )
+    if ((rc = mpi_write (a, sk->skey[i])))
+      goto leave;
+  
+  /* Build the header for protected (encrypted) secret parameters.  */
+  if ( sk->is_protected ) 
+    {
+      if ( is_RSA(sk->pubkey_algo) 
+           && sk->version < 4
+           && !sk->protect.s2k.mode )
+        {
+          /* The simple rfc1991 (v3) way. */
+          iobuf_put (a, sk->protect.algo );
+          iobuf_write (a, sk->protect.iv, sk->protect.ivlen );
 	}
-	else {
-          /* OpenPGP protection according to rfc2440 */
-	    iobuf_put(a, sk->protect.sha1chk? 0xfe : 0xff );
-	    iobuf_put(a, sk->protect.algo );
-	    if( sk->protect.s2k.mode >= 1000 ) {
-                /* These modes are not possible in OpenPGP, we use them
-                   to implement our extensions, 101 can be seen as a
-                   private/experimental extension (this is not
-                   specified in rfc2440 but the same scheme is used
-                   for all other algorithm identifiers) */
-		iobuf_put(a, 101 ); 
-		iobuf_put(a, sk->protect.s2k.hash_algo );
-		iobuf_write(a, "GNU", 3 );
-		iobuf_put(a, sk->protect.s2k.mode - 1000 );
+      else
+        {
+          /* OpenPGP protection according to rfc2440. */
+          iobuf_put(a, sk->protect.sha1chk? 0xfe : 0xff );
+          iobuf_put(a, sk->protect.algo );
+          if ( sk->protect.s2k.mode >= 1000 )
+            {
+              /* These modes are not possible in OpenPGP, we use them
+                 to implement our extensions, 101 can be seen as a
+                 private/experimental extension (this is not specified
+                 in rfc2440 but the same scheme is used for all other
+                 algorithm identifiers) */
+              iobuf_put(a, 101 ); 
+              iobuf_put(a, sk->protect.s2k.hash_algo );
+              iobuf_write(a, "GNU", 3 );
+              iobuf_put(a, sk->protect.s2k.mode - 1000 );
 	    }
-	    else {
-		iobuf_put(a, sk->protect.s2k.mode );
-		iobuf_put(a, sk->protect.s2k.hash_algo );
+          else 
+            {
+              iobuf_put(a, sk->protect.s2k.mode );
+              iobuf_put(a, sk->protect.s2k.hash_algo );
 	    }
-	    if( sk->protect.s2k.mode == 1
-		|| sk->protect.s2k.mode == 3 )
-		iobuf_write(a, sk->protect.s2k.salt, 8 );
-	    if( sk->protect.s2k.mode == 3 )
-		iobuf_put(a, sk->protect.s2k.count ); 
+          if ( sk->protect.s2k.mode == 1
+               || sk->protect.s2k.mode == 3 )
+            iobuf_write (a, sk->protect.s2k.salt, 8 );
 
-            /* For out special modes 1001, 1002 we do not need an IV */
-	    if( sk->protect.s2k.mode != 1001 
-              && sk->protect.s2k.mode != 1002 )
-		iobuf_write(a, sk->protect.iv, sk->protect.ivlen );
+          if ( sk->protect.s2k.mode == 3 )
+            iobuf_put (a, sk->protect.s2k.count ); 
+
+          /* For our special modes 1001, 1002 we do not need an IV. */
+          if ( sk->protect.s2k.mode != 1001 
+               && sk->protect.s2k.mode != 1002 )
+            iobuf_write (a, sk->protect.iv, sk->protect.ivlen );
 	}
     }
-    else
-	iobuf_put(a, 0 );
+  else
+    iobuf_put (a, 0 );
 
-    if( sk->protect.s2k.mode == 1001 )
-        ; /* GnuPG extension - don't write a secret key at all */ 
-    else if( sk->protect.s2k.mode == 1002 )
-      {  /* GnuPG extension - divert to OpenPGP smartcard. */ 
-	iobuf_put(a, sk->protect.ivlen ); /* length of the serial
-                                             number or 0 for no serial
-                                             number. */
-        /* The serial number gets stored in the IV field. */
-        iobuf_write(a, sk->protect.iv, sk->protect.ivlen);
-      }
-    else if( sk->is_protected && sk->version >= 4 ) {
-        /* The secret key is protected - write it out as it is */
-	byte *p;
-	unsigned int ndatabits;
-
-	assert (gcry_mpi_get_flag (sk->skey[npkey], GCRYMPI_FLAG_OPAQUE));
-	p = gcry_mpi_get_opaque (sk->skey[npkey], &ndatabits );
-	iobuf_write (a, p, (ndatabits+7)/8 );
+  if ( sk->protect.s2k.mode == 1001 )
+    ; /* GnuPG extension - don't write a secret key at all. */ 
+  else if ( sk->protect.s2k.mode == 1002 )
+    { 
+      /* GnuPG extension - divert to OpenPGP smartcard. */ 
+      iobuf_put(a, sk->protect.ivlen ); /* Length of the serial number
+                                           or 0 for no serial
+                                           number. */
+      /* The serial number gets stored in the IV field. */
+      iobuf_write(a, sk->protect.iv, sk->protect.ivlen);
     }
-    else if( sk->is_protected ) {
-        /* The secret key is protected te old v4 way. */
-	for(   ; i < nskey; i++ ) {
-            byte *p;
-            unsigned int ndatabits;
-
-            assert (gcry_mpi_get_flag (sk->skey[i], GCRYMPI_FLAG_OPAQUE));
-            p = gcry_mpi_get_opaque (sk->skey[i], &ndatabits);
-            iobuf_write (a, p, (ndatabits+7)/8);
+  else if ( sk->is_protected && sk->version >= 4 )
+    {
+      /* The secret key is protected - write it out as it is.  */
+      byte *p;
+      unsigned int ndatabits;
+      
+      assert (gcry_mpi_get_flag (sk->skey[npkey], GCRYMPI_FLAG_OPAQUE));
+      p = gcry_mpi_get_opaque (sk->skey[npkey], &ndatabits );
+      iobuf_write (a, p, (ndatabits+7)/8 );
+    }
+  else if ( sk->is_protected ) 
+    {
+      /* The secret key is protected the old v4 way. */
+      for ( ; i < nskey; i++ ) 
+        {
+          byte *p;
+          unsigned int ndatabits;
+          
+          assert (gcry_mpi_get_flag (sk->skey[i], GCRYMPI_FLAG_OPAQUE));
+          p = gcry_mpi_get_opaque (sk->skey[i], &ndatabits);
+          iobuf_write (a, p, (ndatabits+7)/8);
         }
-	write_16(a, sk->csum );
+      write_16(a, sk->csum );
     }
-    else {
-        /* non-protected key */
-	for(   ; i < nskey; i++ )
-	    mpi_write(a, sk->skey[i] );
-	write_16(a, sk->csum );
+  else
+    {
+      /* Non-protected key. */
+      for ( ; i < nskey; i++ )
+        if ( (rc = mpi_write (a, sk->skey[i])))
+          goto leave;
+      write_16 (a, sk->csum );
     }
 
-  leave:
-    /* Build the header of the packet - which we must do after writing all
-       the other stuff, so that we know the length of the packet */
-    write_header2(out, ctb, iobuf_get_temp_length(a), sk->hdrbytes);
-    /* And finally write it out the real stream */
-    rc = iobuf_write_temp( out, a );
+ leave:
+  if (!rc)
+    {
+      /* Build the header of the packet - which we must do after
+         writing all the other stuff, so that we know the length of
+         the packet */
+      write_header2(out, ctb, iobuf_get_temp_length(a), sk->hdrbytes);
+      /* And finally write it out the real stream */
+      rc = iobuf_write_temp( out, a );
+    }
 
-    iobuf_close(a); /* close the remporary buffer */
-    return rc;
+  iobuf_close(a); /* Close the remporary buffer */
+  return rc;
 }
 
 static int
@@ -442,31 +472,35 @@
 static int
 do_pubkey_enc( IOBUF out, int ctb, PKT_pubkey_enc *enc )
 {
-    int rc = 0;
-    int n, i;
-    IOBUF a = iobuf_temp();
-
-    write_version( a, ctb );
-    if( enc->throw_keyid ) {
-	write_32(a, 0 );  /* don't tell Eve who can decrypt the message */
-	write_32(a, 0 );
+  int rc = 0;
+  int n, i;
+  IOBUF a = iobuf_temp();
+  
+  write_version( a, ctb );
+  if ( enc->throw_keyid ) 
+    {
+      write_32(a, 0 );  /* Don't tell Eve who can decrypt the message.  */
+      write_32(a, 0 );
     }
-    else {
-	write_32(a, enc->keyid[0] );
-	write_32(a, enc->keyid[1] );
+  else
+    {
+      write_32(a, enc->keyid[0] );
+      write_32(a, enc->keyid[1] );
     }
-    iobuf_put(a,enc->pubkey_algo );
-    n = pubkey_get_nenc( enc->pubkey_algo );
-    if( !n )
-	write_fake_data( a, enc->data[0] );
-    for(i=0; i < n; i++ )
-	mpi_write(a, enc->data[i] );
+  iobuf_put(a,enc->pubkey_algo );
+  n = pubkey_get_nenc( enc->pubkey_algo );
+  if ( !n )
+    write_fake_data( a, enc->data[0] );
+  for (i=0; i < n && !rc ; i++ )
+    rc = mpi_write(a, enc->data[i] );
 
-    write_header(out, ctb, iobuf_get_temp_length(a) );
-    rc = iobuf_write_temp( out, a );
-
-    iobuf_close(a);
-    return rc;
+  if (!rc)
+    {
+      write_header(out, ctb, iobuf_get_temp_length(a) );
+      rc = iobuf_write_temp( out, a );
+    }
+  iobuf_close(a);
+  return rc;
 }
 
 
@@ -1076,54 +1110,59 @@
 static int
 do_signature( IOBUF out, int ctb, PKT_signature *sig )
 {
-    int rc = 0;
-    int n, i;
-    IOBUF a = iobuf_temp();
+  int rc = 0;
+  int n, i;
+  IOBUF a = iobuf_temp();
 
-    if( !sig->version )
-	iobuf_put( a, 3 );
-    else
-	iobuf_put( a, sig->version );
-    if( sig->version < 4 )
-	iobuf_put(a, 5 ); /* constant */
-    iobuf_put(a, sig->sig_class );
-    if( sig->version < 4 ) {
-	write_32(a, sig->timestamp );
-	write_32(a, sig->keyid[0] );
-	write_32(a, sig->keyid[1] );
+  if ( !sig->version )
+    iobuf_put( a, 3 );
+  else
+    iobuf_put( a, sig->version );
+  if ( sig->version < 4 )
+    iobuf_put (a, 5 ); /* Constant */
+  iobuf_put (a, sig->sig_class );
+  if ( sig->version < 4 ) 
+    {
+      write_32(a, sig->timestamp );
+      write_32(a, sig->keyid[0] );
+      write_32(a, sig->keyid[1] );
     }
-    iobuf_put(a, sig->pubkey_algo );
-    iobuf_put(a, sig->digest_algo );
-    if( sig->version >= 4 ) {
-	size_t nn;
-	/* timestamp and keyid must have been packed into the
-	 * subpackets prior to the call of this function, because
-	 * these subpackets are hashed */
-	nn = sig->hashed? sig->hashed->len : 0;
-	write_16(a, nn);
-	if( nn )
-	    iobuf_write( a, sig->hashed->data, nn );
-	nn = sig->unhashed? sig->unhashed->len : 0;
-	write_16(a, nn);
-	if( nn )
-	    iobuf_write( a, sig->unhashed->data, nn );
+  iobuf_put(a, sig->pubkey_algo );
+  iobuf_put(a, sig->digest_algo );
+  if ( sig->version >= 4 ) 
+    {
+      size_t nn;
+      /* Timestamp and keyid must have been packed into the subpackets
+	 prior to the call of this function, because these subpackets
+	 are hashed. */
+      nn = sig->hashed? sig->hashed->len : 0;
+      write_16(a, nn);
+      if (nn)
+        iobuf_write( a, sig->hashed->data, nn );
+      nn = sig->unhashed? sig->unhashed->len : 0;
+      write_16(a, nn);
+      if (nn)
+        iobuf_write( a, sig->unhashed->data, nn );
     }
-    iobuf_put(a, sig->digest_start[0] );
-    iobuf_put(a, sig->digest_start[1] );
-    n = pubkey_get_nsig( sig->pubkey_algo );
-    if( !n )
-	write_fake_data( a, sig->data[0] );
-    for(i=0; i < n; i++ )
-	mpi_write(a, sig->data[i] );
+  iobuf_put(a, sig->digest_start[0] );
+  iobuf_put(a, sig->digest_start[1] );
+  n = pubkey_get_nsig( sig->pubkey_algo );
+  if ( !n )
+    write_fake_data( a, sig->data[0] );
+  for (i=0; i < n && !rc ; i++ )
+    rc = mpi_write(a, sig->data[i] );
 
-    if( is_RSA(sig->pubkey_algo) && sig->version < 4 )
-	write_sign_packet_header(out, ctb, iobuf_get_temp_length(a) );
-    else
-	write_header(out, ctb, iobuf_get_temp_length(a) );
-    rc = iobuf_write_temp( out, a );
+  if (!rc)
+    {
+      if ( is_RSA(sig->pubkey_algo) && sig->version < 4 )
+        write_sign_packet_header(out, ctb, iobuf_get_temp_length(a) );
+      else
+        write_header(out, ctb, iobuf_get_temp_length(a) );
+      rc = iobuf_write_temp( out, a );
+    }
 
-    iobuf_close(a);
-    return rc;
+  iobuf_close(a);
+  return rc;
 }
 
 

Modified: trunk/g10/import.c
===================================================================
--- trunk/g10/import.c	2006-10-17 14:34:42 UTC (rev 4304)
+++ trunk/g10/import.c	2006-10-18 14:28:52 UTC (rev 4305)
@@ -299,9 +299,9 @@
 	    log_info(_("          w/o user IDs: %lu\n"), stats->no_user_id );
 	if( stats->imported || stats->imported_rsa ) {
 	    log_info(_("              imported: %lu"), stats->imported );
-	    if( stats->imported_rsa )
-		fprintf(stderr, "  (RSA: %lu)", stats->imported_rsa );
-	    putc('\n', stderr);
+	    if (stats->imported_rsa)
+              log_printf ("  (RSA: %lu)", stats->imported_rsa );
+	    log_printf ("\n");
 	}
 	if( stats->unchanged )
 	    log_info(_("             unchanged: %lu\n"), stats->unchanged );
@@ -711,7 +711,7 @@
 	if( uidnode )
 	  print_utf8_string( stderr, uidnode->pkt->pkt.user_id->name,
 			     uidnode->pkt->pkt.user_id->len );
-	putc('\n', stderr);
+	log_printf ("\n");
       }
 
     if( !uidnode )
@@ -1108,7 +1108,7 @@
 	if( uidnode )
 	  print_utf8_string( stderr, uidnode->pkt->pkt.user_id->name,
 			     uidnode->pkt->pkt.user_id->len );
-	putc('\n', stderr);
+	log_printf ("\n");
       }
     stats->secret_read++;
 


From cvs at cvs.gnupg.org  Wed Oct 18 17:34:55 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Wed Oct 18 17:03:27 2006
Subject: [svn] GnuPG -  r4306 - trunk/g10
Message-ID: <E1GaCx2-0002X8-UH@trithemius.gnupg.org>

Author: wk
Date: 2006-10-18 17:34:54 +0200 (Wed, 18 Oct 2006)
New Revision: 4306

Modified:
   trunk/g10/ChangeLog
   trunk/g10/keyid.c
Log:
Fixed v3 keyids.


Modified: trunk/g10/ChangeLog
===================================================================
--- trunk/g10/ChangeLog	2006-10-18 14:28:52 UTC (rev 4305)
+++ trunk/g10/ChangeLog	2006-10-18 15:34:54 UTC (rev 4306)
@@ -1,5 +1,8 @@
 2006-10-18  Werner Koch  <wk@g10code.com>
 
+	* keyid.c (v3_keyid): Don't use mempcy as we need to hold the
+	keyids in the native endian format.
+
 	* import.c (import_print_stats): Use log_printf.
 
 	* build-packet.c (do_public_key): Care about mpi_write errors.

Modified: trunk/g10/keyid.c
===================================================================
--- trunk/g10/keyid.c	2006-10-18 14:28:52 UTC (rev 4305)
+++ trunk/g10/keyid.c	2006-10-18 15:34:54 UTC (rev 4306)
@@ -159,7 +159,7 @@
 u32
 v3_keyid (gcry_mpi_t a, u32 *ki)
 {
-  byte *buffer;
+  byte *buffer, *p;
   size_t nbytes;
 
   if (gcry_mpi_print (GCRYMPI_FMT_USG, NULL, 0, &nbytes, a ))
@@ -172,8 +172,10 @@
     ki[0] = ki[1] = 0;
   else 
     {
-      memcpy (ki+0, buffer+nbytes-8, 4);
-      memcpy (ki+1, buffer+nbytes-4, 4);
+      p = buffer + nbytes - 8;
+      ki[0] = (p[0] << 24) | (p[1] <<16) | (p[2] << 8) | p[3];
+      p += 4;
+      ki[1] = (p[0] << 24) | (p[1] <<16) | (p[2] << 8) | p[3];
     }
   xfree (buffer);
   return ki[1];


From cvs at cvs.gnupg.org  Wed Oct 18 18:19:50 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Wed Oct 18 17:48:24 2006
Subject: [svn] assuan - r221 - in trunk: . src
Message-ID: <E1GaDeV-00027q-D3@trithemius.gnupg.org>

Author: wk
Date: 2006-10-18 18:19:49 +0200 (Wed, 18 Oct 2006)
New Revision: 221

Modified:
   trunk/THANKS
   trunk/src/ChangeLog
   trunk/src/libassuan.m4
Log:
Fix for pthread


Modified: trunk/THANKS
===================================================================
--- trunk/THANKS	2006-10-16 17:35:28 UTC (rev 220)
+++ trunk/THANKS	2006-10-18 16:19:49 UTC (rev 221)
@@ -3,6 +3,7 @@
 Marc Mutz                 mutz at kde.org
 Michael Nottebrock        michaelnottebrock at gmx.net
 Nelson H. F. Beebe        beebe at math dot utah dot edu
+Rex Dieter                rdieter at math dot unl dot edu
 Ville Skytt?              ville.skytta@iki.fi
 
 

Modified: trunk/src/ChangeLog
===================================================================
--- trunk/src/ChangeLog	2006-10-16 17:35:28 UTC (rev 220)
+++ trunk/src/ChangeLog	2006-10-18 16:19:49 UTC (rev 221)
@@ -1,3 +1,8 @@
+2006-10-18  Werner Koch  <wk@g10code.com>
+
+	* libassuan.m4: Pass "pthread" to the common macro.  Reported by
+	Rex Dieter.
+
 2006-10-16  Werner Koch  <wk@g10code.com>
 
 	* mkerrors: Map ASSUAN_Not_Confirmed.

Modified: trunk/src/libassuan.m4
===================================================================
--- trunk/src/libassuan.m4	2006-10-16 17:35:28 UTC (rev 220)
+++ trunk/src/libassuan.m4	2006-10-18 16:19:49 UTC (rev 221)
@@ -120,7 +120,7 @@
 
 dnl AM_PATH_LIBASSUAN_PTH([MINIMUM-VERSION,
 dnl                      [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND ]]])
-dnl Test for libassuan and define LIBASSUAN_PTH_CFLAGSand LIBASSUAN_PTH_LIBS
+dnl Test for libassuan and define LIBASSUAN_PTH_CFLAGS and LIBASSUAN_PTH_LIBS
 dnl
 AC_DEFUN([AM_PATH_LIBASSUAN_PTH],
 [ _AM_PATH_LIBASSUAN_COMMON($1,pth)
@@ -144,7 +144,7 @@
 dnl                           and LIBASSUAN_PTHREAD_LIBS
 dnl
 AC_DEFUN([AM_PATH_LIBASSUAN_PTHREAD],
-[ _AM_PATH_LIBASSUAN_COMMON($1,pth)
+[ _AM_PATH_LIBASSUAN_COMMON($1,pthread)
   if test $ok = yes; then
     LIBASSUAN_PTHREAD_CFLAGS=`$LIBASSUAN_CONFIG $libassuan_config_args --thread=pthread --cflags`
     LIBASSUAN_PTHREAD_LIBS=`$LIBASSUAN_CONFIG $libassuan_config_args --thread=pthread --libs`


From cvs at cvs.gnupg.org  Wed Oct 18 19:19:09 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Wed Oct 18 18:47:44 2006
Subject: [svn] GnuPG -  r4307 - in trunk: . sm
Message-ID: <E1GaEZv-00055i-KQ@trithemius.gnupg.org>

Author: wk
Date: 2006-10-18 19:19:08 +0200 (Wed, 18 Oct 2006)
New Revision: 4307

Modified:
   trunk/ChangeLog
   trunk/NEWS
   trunk/TODO
   trunk/configure.ac
   trunk/sm/ChangeLog
   trunk/sm/certchain.c
   trunk/sm/certlist.c
   trunk/sm/keylist.c
Log:
Preparing a release


Modified: trunk/ChangeLog
===================================================================
--- trunk/ChangeLog	2006-10-18 15:34:54 UTC (rev 4306)
+++ trunk/ChangeLog	2006-10-18 17:19:08 UTC (rev 4307)
@@ -1,3 +1,7 @@
+2006-10-18  Werner Koch  <wk@g10code.com>
+
+	Released 1.9.93.
+
 2006-10-17  Werner Koch  <wk@g10code.com>
 
 	* autogen.sh <--build-w32>: Test also for a host "mingw32".

Modified: trunk/NEWS
===================================================================
--- trunk/NEWS	2006-10-18 15:34:54 UTC (rev 4306)
+++ trunk/NEWS	2006-10-18 17:19:08 UTC (rev 4307)
@@ -1,4 +1,4 @@
-Noteworthy changes in version 1.9.93
+Noteworthy changes in version 1.9.93 (2006-10-18)
 -------------------------------------------------
 
  * In --with-validation mode gpgsm will now also ask whether a root
@@ -6,7 +6,14 @@
 
  * Link to Pth only if really necessary.
 
+ * Fixed a pubring corruption bug in gpg2 occurring when importing
+   signatures or keys with insane lengths.
 
+ * Fixed v3 keyID calculation bug in gpg2.
+
+ * More tweaks for certificates without extensions.
+
+
 Noteworthy changes in version 1.9.92 (2006-10-11)
 -------------------------------------------------
 

Modified: trunk/TODO
===================================================================
--- trunk/TODO	2006-10-18 15:34:54 UTC (rev 4306)
+++ trunk/TODO	2006-10-18 17:19:08 UTC (rev 4307)
@@ -91,9 +91,12 @@
 
 * g10/
 ** issue a NO_SECKEY xxxx if a -u key was not found.
-** qbits
-   We pass a new qbit parameter to genkey - implement this in libgcrypt.
 
+
+* When requiring libksba 1.0.1
+** Remove the extra GPG_ERR_NO_VALUE tests 
+   They have need added on 2006-10-18 to fix a libksba problem.
+
 * When switching to libgcrypt 1.3
 ** scd#encode_md_for_card, g10#encode_md_value, sm@do_encode_md
    Remove the extra test for a valid algorithm as libgcrypt will do it

Modified: trunk/configure.ac
===================================================================
--- trunk/configure.ac	2006-10-18 15:34:54 UTC (rev 4306)
+++ trunk/configure.ac	2006-10-18 17:19:08 UTC (rev 4307)
@@ -27,7 +27,7 @@
 # Set my_issvn to "yes" for non-released code.  Remember to run an
 # "svn up" and "autogen.sh" right before creating a distribution.
 m4_define([my_version], [1.9.93])
-m4_define([my_issvn], [yes])
+m4_define([my_issvn], [no])
 
 
 m4_define([svn_revision], m4_esyscmd([echo -n $((svn info 2>/dev/null \

Modified: trunk/sm/ChangeLog
===================================================================
--- trunk/sm/ChangeLog	2006-10-18 15:34:54 UTC (rev 4306)
+++ trunk/sm/ChangeLog	2006-10-18 17:19:08 UTC (rev 4307)
@@ -1,3 +1,13 @@
+2006-10-18  Werner Koch  <wk@g10code.com>
+
+	* keylist.c (list_cert_raw): Also test for GPG_ERR_NO_VALUE when
+	testing for GPG_ERR_NO_DATA.
+	* certlist.c (cert_usage_p, gpgsm_find_cert): Ditto.
+	* certchain.c (check_cert_policy): Ditto.
+
+	* keylist.c (list_cert_std, list_cert_raw): Print "none" for no
+	chain length available.
+
 2006-10-17  Werner Koch  <wk@g10code.com>
 
 	* gpgsm.c: No need for pth.h.  

Modified: trunk/sm/certchain.c
===================================================================
--- trunk/sm/certchain.c	2006-10-18 15:34:54 UTC (rev 4306)
+++ trunk/sm/certchain.c	2006-10-18 17:19:08 UTC (rev 4307)
@@ -210,8 +210,9 @@
   int any_critical;
 
   err = ksba_cert_get_cert_policies (cert, &policies);
-  if (gpg_err_code (err) == GPG_ERR_NO_DATA)
-    return 0; /* no policy given */
+  if (gpg_err_code (err) == GPG_ERR_NO_DATA 
+      || gpg_err_code (err) == GPG_ERR_NO_VALUE)
+    return 0; /* No policy given. */
   if (err)
     return err;
 

Modified: trunk/sm/certlist.c
===================================================================
--- trunk/sm/certlist.c	2006-10-18 15:34:54 UTC (rev 4306)
+++ trunk/sm/certlist.c	2006-10-18 17:19:08 UTC (rev 4307)
@@ -57,7 +57,8 @@
   int have_ocsp_signing = 0;
 
   err = ksba_cert_get_ext_key_usages (cert, &extkeyusages);
-  if (gpg_err_code (err) == GPG_ERR_NO_DATA)
+  if (gpg_err_code (err) == GPG_ERR_NO_DATA
+      || gpg_err_code (err) == GPG_ERR_NO_VALUE)
     err = 0; /* no policy given */
   if (!err)
     {
@@ -116,7 +117,8 @@
 
 
       err = ksba_cert_get_key_usage (cert, &use);
-      if (gpg_err_code (err) == GPG_ERR_NO_DATA)
+      if (gpg_err_code (err) == GPG_ERR_NO_DATA
+          || gpg_err_code (err) == GPG_ERR_NO_VALUE)
         {
           err = 0;
           if (opt.verbose && mode < 2)
@@ -454,7 +456,8 @@
                          subjectKeyIdentifier matches the requested
                          one. */
                     }
-                  else if (gpg_err_code (rc) == GPG_ERR_NO_DATA)
+                  else if (gpg_err_code (rc) == GPG_ERR_NO_DATA
+                           || gpg_err_code (rc) == GPG_ERR_NO_VALUE)
                     goto nextone;
                 }
             }

Modified: trunk/sm/keylist.c
===================================================================
--- trunk/sm/keylist.c	2006-10-18 15:34:54 UTC (rev 4306)
+++ trunk/sm/keylist.c	2006-10-18 17:19:08 UTC (rev 4307)
@@ -239,7 +239,8 @@
                gpg_strerror (err)); 
 
   err = ksba_cert_get_key_usage (cert, &use);
-  if (gpg_err_code (err) == GPG_ERR_NO_DATA)
+  if (gpg_err_code (err) == GPG_ERR_NO_DATA
+      || gpg_err_code (err) == GPG_ERR_NO_VALUE)
     {
       putc ('e', fp);
       putc ('s', fp);
@@ -641,9 +642,11 @@
   /* subjectKeyIdentifier */
   fputs ("    subjKeyId: ", fp);
   err = ksba_cert_get_subj_key_id (cert, NULL, &keyid);
-  if (!err || gpg_err_code (err) == GPG_ERR_NO_DATA)
+  if (!err || gpg_err_code (err) == GPG_ERR_NO_DATA
+      || gpg_err_code (err) == GPG_ERR_NO_VALUE)
     {
-      if (gpg_err_code (err) == GPG_ERR_NO_DATA)
+      if (gpg_err_code (err) == GPG_ERR_NO_DATA
+          || gpg_err_code (err) == GPG_ERR_NO_VALUE)
         fputs ("[none]\n", fp);
       else
         {
@@ -659,9 +662,11 @@
   /* authorityKeyIdentifier */
   fputs ("    authKeyId: ", fp);
   err = ksba_cert_get_auth_key_id (cert, &keyid, &name, &sexp);
-  if (!err || gpg_err_code (err) == GPG_ERR_NO_DATA)
+  if (!err || gpg_err_code (err) == GPG_ERR_NO_DATA
+      || gpg_err_code (err) == GPG_ERR_NO_VALUE)
     {
-      if (gpg_err_code (err) == GPG_ERR_NO_DATA || !name)
+      if (gpg_err_code (err) == GPG_ERR_NO_DATA || !name
+          || gpg_err_code (err) == GPG_ERR_NO_VALUE)
         fputs ("[none]\n", fp);
       else
         {
@@ -684,7 +689,8 @@
 
   fputs ("     keyUsage:", fp);
   err = ksba_cert_get_key_usage (cert, &kusage);
-  if (gpg_err_code (err) != GPG_ERR_NO_DATA)
+  if (gpg_err_code (err) != GPG_ERR_NO_DATA
+      && gpg_err_code (err) != GPG_ERR_NO_VALUE)
     {
       if (err)
         fprintf (fp, " [error: %s]", gpg_strerror (err));
@@ -712,11 +718,12 @@
       putc ('\n', fp);
     }
   else
-    fputs ("[none]\n", fp);
+    fputs (" [none]\n", fp);
 
   fputs ("  extKeyUsage: ", fp);
   err = ksba_cert_get_ext_key_usages (cert, &string);
-  if (gpg_err_code (err) != GPG_ERR_NO_DATA)
+  if (gpg_err_code (err) != GPG_ERR_NO_DATA
+      && gpg_err_code (err) != GPG_ERR_NO_VALUE)
     { 
       if (err)
         fprintf (fp, "[error: %s]", gpg_strerror (err));
@@ -749,7 +756,8 @@
 
   fputs ("     policies: ", fp);
   err = ksba_cert_get_cert_policies (cert, &string);
-  if (gpg_err_code (err) != GPG_ERR_NO_DATA)
+  if (gpg_err_code (err) != GPG_ERR_NO_DATA
+      && gpg_err_code (err) != GPG_ERR_NO_VALUE)
     {
       if (err)
         fprintf (fp, "[error: %s]", gpg_strerror (err));
@@ -783,7 +791,9 @@
   err = ksba_cert_is_ca (cert, &is_ca, &chainlen);
   if (err || is_ca)
     {
-      if (err)
+      if (gpg_err_code (err) == GPG_ERR_NO_VALUE )
+        fprintf (fp, "[none]");
+      else if (err)
         fprintf (fp, "[error: %s]", gpg_strerror (err));
       else if (chainlen == -1)
         fputs ("unlimited", fp);
@@ -825,7 +835,8 @@
       ksba_name_release (name);
       ksba_name_release (name2);
     }
-  if (err && gpg_err_code (err) != GPG_ERR_EOF)
+  if (err && gpg_err_code (err) != GPG_ERR_EOF
+      && gpg_err_code (err) != GPG_ERR_NO_VALUE)
     fputs ("        crlDP: [error]\n", fp);
   else if (!idx)
     fputs ("        crlDP: [none]\n", fp);
@@ -842,7 +853,8 @@
       ksba_name_release (name);
       ksba_free (string);
     }
-  if (err && gpg_err_code (err) != GPG_ERR_EOF)
+  if (err && gpg_err_code (err) != GPG_ERR_EOF
+      && gpg_err_code (err) != GPG_ERR_NO_VALUE)
     fputs ("     authInfo: [error]\n", fp);
   else if (!idx)
     fputs ("     authInfo: [none]\n", fp);
@@ -858,7 +870,8 @@
       ksba_name_release (name);
       ksba_free (string);
     }
-  if (err && gpg_err_code (err) != GPG_ERR_EOF)
+  if (err && gpg_err_code (err) != GPG_ERR_EOF
+      && gpg_err_code (err) != GPG_ERR_NO_VALUE)
     fputs ("     subjInfo: [error]\n", fp);
   else if (!idx)
     fputs ("     subjInfo: [none]\n", fp);
@@ -968,7 +981,8 @@
 
 
   err = ksba_cert_get_key_usage (cert, &kusage);
-  if (gpg_err_code (err) != GPG_ERR_NO_DATA)
+  if (gpg_err_code (err) != GPG_ERR_NO_DATA
+      && gpg_err_code (err) != GPG_ERR_NO_VALUE)
     {
       fputs ("    key usage:", fp);
       if (err)
@@ -998,7 +1012,8 @@
     }
 
   err = ksba_cert_get_ext_key_usages (cert, &string);
-  if (gpg_err_code (err) != GPG_ERR_NO_DATA)
+  if (gpg_err_code (err) != GPG_ERR_NO_DATA
+      && gpg_err_code (err) != GPG_ERR_NO_VALUE)
     { 
       fputs ("ext key usage: ", fp);
       if (err)
@@ -1028,7 +1043,8 @@
     }
 
   err = ksba_cert_get_cert_policies (cert, &string);
-  if (gpg_err_code (err) != GPG_ERR_NO_DATA)
+  if (gpg_err_code (err) != GPG_ERR_NO_DATA
+      && gpg_err_code (err) != GPG_ERR_NO_VALUE)
     {
       fputs ("     policies: ", fp);
       if (err)
@@ -1050,7 +1066,9 @@
   if (err || is_ca)
     {
       fputs (" chain length: ", fp);
-      if (err)
+      if (gpg_err_code (err) == GPG_ERR_NO_VALUE )
+        fprintf (fp, "none");
+      else if (err)
         fprintf (fp, "[error: %s]", gpg_strerror (err));
       else if (chainlen == -1)
         fputs ("unlimited", fp);


From cvs at cvs.gnupg.org  Wed Oct 18 19:39:42 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Wed Oct 18 19:08:17 2006
Subject: [svn] GnuPG -  r4308 - tags
Message-ID: <E1GaEto-0001an-V1@trithemius.gnupg.org>

Author: wk
Date: 2006-10-18 19:39:41 +0200 (Wed, 18 Oct 2006)
New Revision: 4308

Added:
   tags/gnupg-1.9.93/
Log:
Released 1.9.93


Copied: tags/gnupg-1.9.93 (from rev 4307, trunk)


From cvs at cvs.gnupg.org  Thu Oct 19 12:34:46 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Thu Oct 19 12:03:16 2006
Subject: [svn] gcry - r1186 - trunk/src
Message-ID: <E1GaUk3-0000V9-CL@trithemius.gnupg.org>

Author: wk
Date: 2006-10-19 12:34:46 +0200 (Thu, 19 Oct 2006)
New Revision: 1186

Modified:
   trunk/src/ChangeLog
   trunk/src/global.c
   trunk/src/secmem.c
   trunk/src/secmem.h
Log:
Let secmem init return an error if the memeory could not be locked.


Modified: trunk/src/ChangeLog
===================================================================
--- trunk/src/ChangeLog	2006-10-17 17:44:49 UTC (rev 1185)
+++ trunk/src/ChangeLog	2006-10-19 10:34:46 UTC (rev 1186)
@@ -1,3 +1,11 @@
+2006-10-19  Werner Koch  <wk@g10code.com>
+
+	* global.c (gcry_control) <GCRYCTL_INIT_SECMEM>: Return an error
+	if the memory could not be locked.
+	* secmem.c (not_locked): New.
+	(_gcry_secmem_get_flags): Return that flag.
+	* secmem.h (GCRY_SECMEM_FLAG_NOT_LOCKED): New.
+
 2006-10-05  Werner Koch  <wk@g10code.com>
 
 	* module.c (_gcry_module_id_new): Don't assign modules in the range

Modified: trunk/src/global.c
===================================================================
--- trunk/src/global.c	2006-10-17 17:44:49 UTC (rev 1185)
+++ trunk/src/global.c	2006-10-19 10:34:46 UTC (rev 1186)
@@ -251,6 +251,8 @@
     case GCRYCTL_INIT_SECMEM:
       global_init ();
       _gcry_secmem_init (va_arg (arg_ptr, unsigned int));
+      if ((_gcry_secmem_get_flags () & GCRY_SECMEM_FLAG_NOT_LOCKED))
+        err = GPG_ERR_GENERAL;
       break;
 
     case GCRYCTL_TERM_SECMEM:

Modified: trunk/src/secmem.c
===================================================================
--- trunk/src/secmem.c	2006-10-17 17:44:49 UTC (rev 1185)
+++ trunk/src/secmem.c	2006-10-19 10:34:46 UTC (rev 1186)
@@ -75,6 +75,7 @@
 /* FIXME?  */
 static int disable_secmem;
 static int show_warning;
+static int not_locked;
 static int no_warning;
 static int suspend_warning;
 
@@ -246,6 +247,7 @@
 	  )
 	log_error ("can't lock memory: %s\n", strerror (err));
       show_warning = 1;
+      not_locked = 1;
     }
 
 #elif defined(HAVE_MLOCK)
@@ -299,6 +301,7 @@
 	  )
 	log_error ("can't lock memory: %s\n", strerror (err));
       show_warning = 1;
+      not_locked = 1;
     }
 
 #elif defined ( __QNX__ )
@@ -417,6 +420,7 @@
 
   flags = no_warning ? GCRY_SECMEM_FLAG_NO_WARNING : 0;
   flags |= suspend_warning ? GCRY_SECMEM_FLAG_SUSPEND_WARNING : 0;
+  flags |= not_locked ? GCRY_SECMEM_FLAG_NOT_LOCKED : 0;
 
   SECMEM_UNLOCK;
 

Modified: trunk/src/secmem.h
===================================================================
--- trunk/src/secmem.h	2006-10-17 17:44:49 UTC (rev 1185)
+++ trunk/src/secmem.h	2006-10-19 10:34:46 UTC (rev 1186)
@@ -34,5 +34,6 @@
 /* Flags for _gcry_secmem_{set,get}_flags.  */
 #define GCRY_SECMEM_FLAG_NO_WARNING      (1 << 0)
 #define GCRY_SECMEM_FLAG_SUSPEND_WARNING (1 << 1)
+#define GCRY_SECMEM_FLAG_NOT_LOCKED      (1 << 2)
 
 #endif /* G10_SECMEM_H */


From cvs at cvs.gnupg.org  Thu Oct 19 12:38:32 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Thu Oct 19 12:07:00 2006
Subject: [svn] gcry - r1187 - in branches/LIBGCRYPT-1-2-BRANCH: . cipher mpi
	src
Message-ID: <E1GaUng-0001cw-Nl@trithemius.gnupg.org>

Author: wk
Date: 2006-10-19 12:38:30 +0200 (Thu, 19 Oct 2006)
New Revision: 1187

Modified:
   branches/LIBGCRYPT-1-2-BRANCH/NEWS
   branches/LIBGCRYPT-1-2-BRANCH/TODO
   branches/LIBGCRYPT-1-2-BRANCH/cipher/ChangeLog
   branches/LIBGCRYPT-1-2-BRANCH/cipher/pubkey.c
   branches/LIBGCRYPT-1-2-BRANCH/cipher/rndw32.c
   branches/LIBGCRYPT-1-2-BRANCH/mpi/ChangeLog
   branches/LIBGCRYPT-1-2-BRANCH/mpi/mpi-pow.c
   branches/LIBGCRYPT-1-2-BRANCH/mpi/mpiutil.c
   branches/LIBGCRYPT-1-2-BRANCH/src/ChangeLog
   branches/LIBGCRYPT-1-2-BRANCH/src/global.c
   branches/LIBGCRYPT-1-2-BRANCH/src/secmem.c
   branches/LIBGCRYPT-1-2-BRANCH/src/secmem.h
Log:
Various minor fixes.


Modified: branches/LIBGCRYPT-1-2-BRANCH/NEWS
===================================================================
--- branches/LIBGCRYPT-1-2-BRANCH/NEWS	2006-10-19 10:34:46 UTC (rev 1186)
+++ branches/LIBGCRYPT-1-2-BRANCH/NEWS	2006-10-19 10:38:30 UTC (rev 1187)
@@ -1,7 +1,9 @@
 Noteworthy changes in version 1.2.4
 ------------------------------------------------
 
+ * Minor bug fixes.
 
+
 Noteworthy changes in version 1.2.3 (2006-08-28)
 ------------------------------------------------
 

Modified: branches/LIBGCRYPT-1-2-BRANCH/TODO
===================================================================
--- branches/LIBGCRYPT-1-2-BRANCH/TODO	2006-10-19 10:34:46 UTC (rev 1186)
+++ branches/LIBGCRYPT-1-2-BRANCH/TODO	2006-10-19 10:38:30 UTC (rev 1187)
@@ -35,3 +35,6 @@
   Don't rely on the secure memory based wiping function but add an
   extra wiping.
   
+* We need to figure out at comile time whether socklen_t is defined.
+  On IRIX 6.5 it seems not to be defined and thus gcrypt.h fails.
+

Modified: branches/LIBGCRYPT-1-2-BRANCH/cipher/ChangeLog
===================================================================
--- branches/LIBGCRYPT-1-2-BRANCH/cipher/ChangeLog	2006-10-19 10:34:46 UTC (rev 1186)
+++ branches/LIBGCRYPT-1-2-BRANCH/cipher/ChangeLog	2006-10-19 10:38:30 UTC (rev 1187)
@@ -1,3 +1,14 @@
+2006-09-11  Werner Koch  <wk@g10code.com>
+
+	* rndw32.c (slow_gatherer_windowsNT): While adding data use the
+	size of the diskPerformance and not its address. Has been fixed in
+	GnuPG more than a year ago.  Noted by Lee Fisher.
+
+2006-08-30  Werner Koch  <wk@g10code.com>
+
+	* pubkey.c (sexp_data_to_mpi): Need to allow "ripemd160" here as
+	this is the canonical name.
+
 2006-07-26  Werner Koch  <wk@g10code.com>
 
 	* random.c (gcry_create_nonce): Update the pid after a fork.

Modified: branches/LIBGCRYPT-1-2-BRANCH/cipher/pubkey.c
===================================================================
--- branches/LIBGCRYPT-1-2-BRANCH/cipher/pubkey.c	2006-10-19 10:34:46 UTC (rev 1186)
+++ branches/LIBGCRYPT-1-2-BRANCH/cipher/pubkey.c	2006-10-19 10:38:30 UTC (rev 1187)
@@ -1244,8 +1244,9 @@
           static struct { const char *name; int algo; } hashnames[] = 
           { { "sha1",   GCRY_MD_SHA1 },
             { "md5",    GCRY_MD_MD5 },
+            { "sha256", GCRY_MD_SHA256 },
+            { "ripemd160", GCRY_MD_RMD160 },
             { "rmd160", GCRY_MD_RMD160 },
-            { "sha256", GCRY_MD_SHA256 },
             { "sha384", GCRY_MD_SHA384 },
             { "sha512", GCRY_MD_SHA512 },
             { "md2",    GCRY_MD_MD2 },

Modified: branches/LIBGCRYPT-1-2-BRANCH/cipher/rndw32.c
===================================================================
--- branches/LIBGCRYPT-1-2-BRANCH/cipher/rndw32.c	2006-10-19 10:34:46 UTC (rev 1186)
+++ branches/LIBGCRYPT-1-2-BRANCH/cipher/rndw32.c	2006-10-19 10:38:30 UTC (rev 1187)
@@ -398,7 +398,7 @@
 	/* Note: This only works if you have turned on the disk performance
 	 * counters with 'diskperf -y'.  These counters are off by default */
 	if (DeviceIoControl (hDevice, IOCTL_DISK_PERFORMANCE, NULL, 0,
-			     &diskPerformance, SIZEOF_DISK_PERFORMANCE_STRUCT,
+			     diskPerformance, SIZEOF_DISK_PERFORMANCE_STRUCT,
 			     &dwSize, NULL))
 	{
 	    if ( debug_me )

Modified: branches/LIBGCRYPT-1-2-BRANCH/mpi/ChangeLog
===================================================================
--- branches/LIBGCRYPT-1-2-BRANCH/mpi/ChangeLog	2006-10-19 10:34:46 UTC (rev 1186)
+++ branches/LIBGCRYPT-1-2-BRANCH/mpi/ChangeLog	2006-10-19 10:38:30 UTC (rev 1187)
@@ -1,3 +1,10 @@
+2006-08-29  Werner Koch  <wk@g10code.com>
+
+	* mpiutil.c (gcry_mpi_get_flag): Let it return a value to silent
+	MIPSpro cc warning.
+
+	* mpi-pow.c (gcry_mpi_powm): Removed unused variable ESIGN.
+
 2006-08-28  Werner Koch  <wk@g10code.com>
 
 	* mpiutil.c (_gcry_mpi_resize): Clear the new part of the resized

Modified: branches/LIBGCRYPT-1-2-BRANCH/mpi/mpi-pow.c
===================================================================
--- branches/LIBGCRYPT-1-2-BRANCH/mpi/mpi-pow.c	2006-10-19 10:34:46 UTC (rev 1186)
+++ branches/LIBGCRYPT-1-2-BRANCH/mpi/mpi-pow.c	2006-10-19 10:38:30 UTC (rev 1187)
@@ -1,5 +1,6 @@
 /* mpi-pow.c  -  MPI functions
- * Copyright (C) 1994, 1996, 1998, 2000, 2002, 2003 Free Software Foundation, Inc.
+ * Copyright (C) 1994, 1996, 1998, 2000, 2002,
+ *               2003 Free Software Foundation, Inc.
  *
  * This file is part of Libgcrypt.
  *
@@ -41,7 +42,7 @@
 {
     mpi_ptr_t  rp, ep, mp, bp;
     mpi_size_t esize, msize, bsize, rsize;
-    int        esign, msign, bsign, rsign;
+    int               msign, bsign, rsign;
     int        esec,  msec,  bsec,  rsec;
     mpi_size_t size;
     int mod_shift_cnt;
@@ -58,7 +59,6 @@
     esize = expo->nlimbs;
     msize = mod->nlimbs;
     size = 2 * msize;
-    esign = expo->sign;
     msign = mod->sign;
 
     esec = mpi_is_secure(expo);

Modified: branches/LIBGCRYPT-1-2-BRANCH/mpi/mpiutil.c
===================================================================
--- branches/LIBGCRYPT-1-2-BRANCH/mpi/mpiutil.c	2006-10-19 10:34:46 UTC (rev 1186)
+++ branches/LIBGCRYPT-1-2-BRANCH/mpi/mpiutil.c	2006-10-19 10:38:30 UTC (rev 1187)
@@ -436,5 +436,7 @@
       case GCRYMPI_FLAG_OPAQUE: return (a->flags & 4);
       default: log_bug("invalid flag value\n");
     }
+    /*NOTREACHED*/
+    return 0;
 }
 

Modified: branches/LIBGCRYPT-1-2-BRANCH/src/ChangeLog
===================================================================
--- branches/LIBGCRYPT-1-2-BRANCH/src/ChangeLog	2006-10-19 10:34:46 UTC (rev 1186)
+++ branches/LIBGCRYPT-1-2-BRANCH/src/ChangeLog	2006-10-19 10:38:30 UTC (rev 1187)
@@ -1,3 +1,16 @@
+2006-10-19  Werner Koch  <wk@g10code.com>
+
+	* global.c (gcry_control) <GCRYCTL_INIT_SECMEM>: Return an error
+	if the memory could not be locked.
+	* secmem.c (not_locked): New.
+	(_gcry_secmem_get_flags): Return that flag.
+	* secmem.h (GCRY_SECMEM_FLAG_NOT_LOCKED): New.
+
+2006-08-29  Werner Koch  <wk@g10code.com>
+
+	* global.c (gcry_xrealloc): Set secure flag when calling out of
+	core handler.
+
 2006-08-28  Werner Koch  <wk@g10code.com>
 
 	* global.c (gcry_control): Clandestine API change for

Modified: branches/LIBGCRYPT-1-2-BRANCH/src/global.c
===================================================================
--- branches/LIBGCRYPT-1-2-BRANCH/src/global.c	2006-10-19 10:34:46 UTC (rev 1186)
+++ branches/LIBGCRYPT-1-2-BRANCH/src/global.c	2006-10-19 10:38:30 UTC (rev 1187)
@@ -209,6 +209,8 @@
     case GCRYCTL_INIT_SECMEM:
       global_init ();
       _gcry_secmem_init (va_arg (arg_ptr, unsigned int));
+      if ((_gcry_secmem_get_flags () & GCRY_SECMEM_FLAG_NOT_LOCKED))
+        err = GPG_ERR_GENERAL;
       break;
 
     case GCRYCTL_TERM_SECMEM:
@@ -587,7 +589,8 @@
 
     while ( !(p = gcry_realloc( a, n )) ) {
 	if( !outofcore_handler
-	    || !outofcore_handler( outofcore_handler_value, n, 2 ) ) {
+	    || !outofcore_handler( outofcore_handler_value, n, 
+                                   gcry_is_secure(a)? 3:2 ) ) {
 	    _gcry_fatal_error(gpg_err_code_from_errno (errno), NULL );
 	}
     }

Modified: branches/LIBGCRYPT-1-2-BRANCH/src/secmem.c
===================================================================
--- branches/LIBGCRYPT-1-2-BRANCH/src/secmem.c	2006-10-19 10:34:46 UTC (rev 1186)
+++ branches/LIBGCRYPT-1-2-BRANCH/src/secmem.c	2006-10-19 10:38:30 UTC (rev 1187)
@@ -75,6 +75,7 @@
 /* FIXME?  */
 static int disable_secmem;
 static int show_warning;
+static int not_locked;
 static int no_warning;
 static int suspend_warning;
 
@@ -246,6 +247,7 @@
 	  )
 	log_error ("can't lock memory: %s\n", strerror (err));
       show_warning = 1;
+      not_locked = 1;
     }
 
 #elif defined(HAVE_MLOCK)
@@ -299,6 +301,7 @@
 	  )
 	log_error ("can't lock memory: %s\n", strerror (err));
       show_warning = 1;
+      not_locked = 1;
     }
 
 #elif defined ( __QNX__ )
@@ -407,7 +410,7 @@
   SECMEM_UNLOCK;
 }
 
-unsigned
+unsigned int
 _gcry_secmem_get_flags (void)
 {
   unsigned flags;
@@ -416,6 +419,7 @@
 
   flags = no_warning ? GCRY_SECMEM_FLAG_NO_WARNING : 0;
   flags |= suspend_warning ? GCRY_SECMEM_FLAG_SUSPEND_WARNING : 0;
+  flags |= not_locked ? GCRY_SECMEM_FLAG_NOT_LOCKED : 0;
 
   SECMEM_UNLOCK;
 
@@ -619,6 +623,7 @@
   pool = NULL;
   pool_okay = 0;
   pool_size = 0;
+  not_locked = 0;
 }
 
 

Modified: branches/LIBGCRYPT-1-2-BRANCH/src/secmem.h
===================================================================
--- branches/LIBGCRYPT-1-2-BRANCH/src/secmem.h	2006-10-19 10:34:46 UTC (rev 1186)
+++ branches/LIBGCRYPT-1-2-BRANCH/src/secmem.h	2006-10-19 10:38:30 UTC (rev 1187)
@@ -32,7 +32,8 @@
 int _gcry_private_is_secure (const void *p) GCC_ATTR_PURE;
 
 /* Flags for _gcry_secmem_{set,get}_flags.  */
-#define GCRY_SECMEM_FLAG_NO_WARNING      1 << 0
-#define GCRY_SECMEM_FLAG_SUSPEND_WARNING 1 << 1
+#define GCRY_SECMEM_FLAG_NO_WARNING      (1 << 0)
+#define GCRY_SECMEM_FLAG_SUSPEND_WARNING (1 << 1)
+#define GCRY_SECMEM_FLAG_NOT_LOCKED      (1 << 2)
 
 #endif /* G10_SECMEM_H */


From cvs at cvs.gnupg.org  Fri Oct 20 05:56:18 2006
From: cvs at cvs.gnupg.org (svn author dshaw)
Date: Fri Oct 20 05:24:43 2006
Subject: [svn] GnuPG -  r4310 - branches/STABLE-BRANCH-1-4/keyserver
Message-ID: <E1Gakzu-0004K8-U7@trithemius.gnupg.org>

Author: dshaw
Date: 2006-10-20 05:56:17 +0200 (Fri, 20 Oct 2006)
New Revision: 4310

Modified:
   branches/STABLE-BRANCH-1-4/keyserver/ChangeLog
   branches/STABLE-BRANCH-1-4/keyserver/gpgkeys_hkp.c
Log:
* gpgkeys_hkp.c (curl_mrindex_writer): Print a warning if we see HTML
coming back from a MR hkp query.


Modified: branches/STABLE-BRANCH-1-4/keyserver/ChangeLog
===================================================================
--- branches/STABLE-BRANCH-1-4/keyserver/ChangeLog	2006-10-19 14:22:06 UTC (rev 4309)
+++ branches/STABLE-BRANCH-1-4/keyserver/ChangeLog	2006-10-20 03:56:17 UTC (rev 4310)
@@ -1,3 +1,8 @@
+2006-10-19  David Shaw  <dshaw@jabberwocky.com>
+
+	* gpgkeys_hkp.c (curl_mrindex_writer): Print a warning if we see
+	HTML coming back from a MR hkp query.
+
 2006-09-28  David Shaw  <dshaw@jabberwocky.com>
 
 	* Makefile.am: Link gpgkeys_ldap to libcompat.a.

Modified: branches/STABLE-BRANCH-1-4/keyserver/gpgkeys_hkp.c
===================================================================
--- branches/STABLE-BRANCH-1-4/keyserver/gpgkeys_hkp.c	2006-10-19 14:22:06 UTC (rev 4309)
+++ branches/STABLE-BRANCH-1-4/keyserver/gpgkeys_hkp.c	2006-10-20 03:56:17 UTC (rev 4310)
@@ -68,7 +68,10 @@
 	 with it on this side of the pipe.  */
       const char *buf=ptr;
       if(buf[0]=='<')
-	swallow=1;
+	{
+	  fprintf(console,"gpgkeys: unsupported response from keyserver\n");
+	  swallow=1;
+	}
 
       checked=1;
     }


From cvs at cvs.gnupg.org  Fri Oct 20 06:00:20 2006
From: cvs at cvs.gnupg.org (svn author dshaw)
Date: Fri Oct 20 05:28:41 2006
Subject: [svn] GnuPG -  r4311 - trunk/keyserver
Message-ID: <E1Gal3n-0006RA-Cp@trithemius.gnupg.org>

Author: dshaw
Date: 2006-10-20 06:00:19 +0200 (Fri, 20 Oct 2006)
New Revision: 4311

Modified:
   trunk/keyserver/ChangeLog
   trunk/keyserver/gpgkeys_hkp.c
Log:
* gpgkeys_hkp.c (curl_mrindex_writer): Print a warning if we see HTML
coming back from a MR hkp query.


Modified: trunk/keyserver/ChangeLog
===================================================================
--- trunk/keyserver/ChangeLog	2006-10-20 03:56:17 UTC (rev 4310)
+++ trunk/keyserver/ChangeLog	2006-10-20 04:00:19 UTC (rev 4311)
@@ -1,3 +1,8 @@
+2006-10-19  David Shaw  <dshaw@jabberwocky.com>
+
+	* gpgkeys_hkp.c (curl_mrindex_writer): Print a warning if we see
+	HTML coming back from a MR hkp query.
+
 2006-10-17  Werner Koch  <wk@g10code.com>
 
 	* Makefile.am: Removed W32LIBS as they are included in NETLIBS.

Modified: trunk/keyserver/gpgkeys_hkp.c
===================================================================
--- trunk/keyserver/gpgkeys_hkp.c	2006-10-20 03:56:17 UTC (rev 4310)
+++ trunk/keyserver/gpgkeys_hkp.c	2006-10-20 04:00:19 UTC (rev 4311)
@@ -68,7 +68,10 @@
 	 with it on this side of the pipe.  */
       const char *buf=ptr;
       if(buf[0]=='<')
-	swallow=1;
+	{
+	  fprintf(console,"gpgkeys: unsupported response from keyserver\n");
+	  swallow=1;
+	}
 
       checked=1;
     }


From cvs at cvs.gnupg.org  Fri Oct 20 13:38:50 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Fri Oct 20 13:07:28 2006
Subject: [svn] GnuPG -  r4312 - in trunk: . common doc g10 kbx sm
Message-ID: <E1GasDW-0007if-TV@trithemius.gnupg.org>

Author: wk
Date: 2006-10-20 13:38:48 +0200 (Fri, 20 Oct 2006)
New Revision: 4312

Modified:
   trunk/NEWS
   trunk/common/ChangeLog
   trunk/common/convert.c
   trunk/common/t-convert.c
   trunk/common/util.h
   trunk/doc/specify-user-id.texi
   trunk/g10/ChangeLog
   trunk/g10/getkey.c
   trunk/kbx/ChangeLog
   trunk/kbx/keybox-search-desc.h
   trunk/kbx/keybox-search.c
   trunk/sm/ChangeLog
   trunk/sm/keydb.c
Log:
Allow to select X.509 certificates using the keygrip.


Modified: trunk/NEWS
===================================================================
--- trunk/NEWS	2006-10-20 04:00:19 UTC (rev 4311)
+++ trunk/NEWS	2006-10-20 11:38:48 UTC (rev 4312)
@@ -1,7 +1,10 @@
 Noteworthy changes in version 1.9.94
 -------------------------------------------------
 
+ * Keys for gpgsm may now be specified using a keygrip.  A keygrip is
+   indicated by a prefixing it with an ampersand.
 
+
 Noteworthy changes in version 1.9.93 (2006-10-18)
 -------------------------------------------------
 

Modified: trunk/common/ChangeLog
===================================================================
--- trunk/common/ChangeLog	2006-10-20 04:00:19 UTC (rev 4311)
+++ trunk/common/ChangeLog	2006-10-20 11:38:48 UTC (rev 4312)
@@ -1,3 +1,7 @@
+2006-10-20  Werner Koch  <wk@g10code.com>
+
+	* convert.c (hex2bin): New.
+
 2006-10-17  Werner Koch  <wk@g10code.com>
 
 	* estream.c (struct estream_internal, es_initialize) 

Modified: trunk/common/convert.c
===================================================================
--- trunk/common/convert.c	2006-10-20 04:00:19 UTC (rev 4311)
+++ trunk/common/convert.c	2006-10-20 11:38:48 UTC (rev 4312)
@@ -30,6 +30,35 @@
 #define tohex(n) ((n) < 10 ? ((n) + '0') : (((n) - 10) + 'A'))
 
 
+/* Convert STRING consisting of hex characters into its binary
+   representation and store that at BUFFER.  BUFFER needs to be of
+   LENGTH bytes.  The function check that the STRING will convert
+   exactly to LENGTH bytes. The string is delimited by either end of
+   string or a white space character.  The function returns -1 on
+   error or the length of the parsed string.  */
+int
+hex2bin (const char *string, void *buffer, size_t length)
+{
+  int i;
+  const char *s = string;
+
+  for (i=0; i < length; )
+    {
+      if (!hexdigitp (s) || !hexdigitp (s+1))
+        return -1;           /* Invalid hex digits. */
+      ((unsigned char*)buffer)[i++] = xtoi_2 (s);
+      s += 2;
+    }
+  if (*s && (!isascii (*s) || !isspace (*s)) )
+    return -1;             /* Not followed by Nul or white space.  */
+  if (i != length)
+    return -1;             /* Not of expected length.  */
+  if (*s)
+    s++; /* Skip the delimiter. */
+  return s - string;
+}
+
+
 /* Convert STRING consisting of hex characters into its binary representation
    and store that at BUFFER.  BUFFER needs to be of LENGTH bytes.  The
    function check that the STRING will convert exactly to LENGTH
@@ -73,7 +102,6 @@
 }
 
 
-
 static char *
 do_bin2hex (const void *buffer, size_t length, char *stringbuf, int with_colon)
 {

Modified: trunk/common/t-convert.c
===================================================================
--- trunk/common/t-convert.c	2006-10-20 04:00:19 UTC (rev 4311)
+++ trunk/common/t-convert.c	2006-10-20 11:38:48 UTC (rev 4312)
@@ -33,6 +33,93 @@
 
 
 static void
+test_hex2bin (void)
+{
+  static const char *valid[] = {
+    "00112233445566778899aabbccddeeff11223344",
+    "00112233445566778899AABBCCDDEEFF11223344",
+    "00112233445566778899AABBCCDDEEFF11223344 blah",
+    "00112233445566778899AABBCCDDEEFF11223344\tblah",
+    "00112233445566778899AABBCCDDEEFF11223344\nblah",
+    NULL
+  };
+  static const char *invalid[] = {
+    "00112233445566778899aabbccddeeff1122334",
+    "00112233445566778899AABBCCDDEEFF1122334",
+    "00112233445566778899AABBCCDDEEFG11223344",
+    "00 112233445566778899aabbccddeeff11223344",
+    "00:112233445566778899aabbccddeeff11223344",
+    ":00112233445566778899aabbccddeeff11223344",
+    "0:0112233445566778899aabbccddeeff11223344",
+    "00112233445566778899aabbccddeeff11223344:",
+    "00112233445566778899aabbccddeeff112233445",
+    "00112233445566778899aabbccddeeff1122334455",
+    "00112233445566778899aabbccddeeff11223344blah",
+    NULL
+  };
+  static const char *valid2[] = {
+    "00",
+    "00 x",
+    NULL
+  };
+  static const char *invalid2[] = {
+    "",
+    "0",
+    "00:",
+    "00x",
+    " 00",
+    NULL
+  };
+  unsigned char buffer[20];
+  int len;
+  int i;
+  
+  
+  for (i=0; valid[i]; i++)
+    {
+      len = hex2bin (valid[i], buffer, sizeof buffer);
+      if (len < 0)
+        fail (i);
+      if (memcmp (buffer, ("\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa"
+                           "\xbb\xcc\xdd\xee\xff\x11\x22\x33\x44"), 20))
+          fail (i);
+    }
+  if (hex2bin (valid[0], buffer, sizeof buffer) != 40)
+    fail (0);
+  if (hex2bin (valid[2], buffer, sizeof buffer) != 41)
+    fail (0);
+  
+  for (i=0; invalid[i]; i++)
+    {
+      len = hex2bin (invalid[i], buffer, sizeof buffer);
+      if (!(len < 0))
+        fail (i);
+    }
+
+  for (i=0; valid2[i]; i++)
+    {
+      len = hex2bin (valid2[i], buffer, 1);
+      if (len < 0)
+        fail (i);
+      if (memcmp (buffer, "\x00", 1))
+        fail (i);
+    }
+  if (hex2bin (valid2[0], buffer, 1) != 2)
+    fail (0);
+  if (hex2bin (valid2[1], buffer, 1) != 3)
+    fail (0);
+  
+  for (i=0; invalid2[i]; i++)
+    {
+      len = hex2bin (invalid2[i], buffer, 1);
+      if (!(len < 0))
+        fail (i);
+    }
+}
+
+
+
+static void
 test_hexcolon2bin (void)
 {
   static const char *valid[] = {
@@ -195,6 +282,7 @@
 main (int argc, char **argv)
 {
   
+  test_hex2bin ();
   test_hexcolon2bin ();
   test_bin2hex ();
   test_bin2hexcolon ();

Modified: trunk/common/util.h
===================================================================
--- trunk/common/util.h	2006-10-20 04:00:19 UTC (rev 4311)
+++ trunk/common/util.h	2006-10-20 11:38:48 UTC (rev 4312)
@@ -157,6 +157,7 @@
                                              size_t *nscanned);
 
 /*-- convert.c --*/
+int hex2bin (const char *string, void *buffer, size_t length);
 int hexcolon2bin (const char *string, void *buffer, size_t length);
 char *bin2hex (const void *buffer, size_t length, char *stringbuf);
 char *bin2hexcolon (const void *buffer, size_t length, char *stringbuf);

Modified: trunk/doc/specify-user-id.texi
===================================================================
--- trunk/doc/specify-user-id.texi	2006-10-20 04:00:19 UTC (rev 4311)
+++ trunk/doc/specify-user-id.texi	2006-10-20 11:38:48 UTC (rev 4312)
@@ -131,7 +131,18 @@
 @end example
 @end cartouche
 
+@item By keygrip
+This is indicated by an ampersand followed by the 40 hex digits of a
+keygrip.  @command{gpgsm} prints the keygrip when using the command
+@option{--dump-cert}.  It does not yet work for OpenPGP keys.
 
+@cartouche
+@example
+&D75F22C3F86E355877348498CDC92BD21010A480
+@end example
+@end cartouche
+
+
 @item By substring match.
 This is the default mode but applications may want to explicitly
 indicate this by putting the asterisk in front.  Match is not case

Modified: trunk/g10/ChangeLog
===================================================================
--- trunk/g10/ChangeLog	2006-10-20 04:00:19 UTC (rev 4311)
+++ trunk/g10/ChangeLog	2006-10-20 11:38:48 UTC (rev 4312)
@@ -1,3 +1,7 @@
+2006-10-20  Werner Koch  <wk@g10code.com>
+
+	* getkey.c (classify_user_id): Reserve '&' for search by keygrip.
+
 2006-10-19  Werner Koch  <wk@g10code.com>
 
 	* keygen.c (get_parameter_algo): Add special case for ELG_E which

Modified: trunk/g10/getkey.c
===================================================================
--- trunk/g10/getkey.c	2006-10-20 04:00:19 UTC (rev 4311)
+++ trunk/g10/getkey.c	2006-10-20 11:38:48 UTC (rev 4312)
@@ -578,6 +578,7 @@
  *   Words are delimited by white space or "()<>[]{}.@-+_,;/&!"
  *   (note that you can't search for these characters). Compare
  *   is not case sensitive.
+ * - If the userid starts with a '&' a 40 hex digits keygrip is expected.
  */
 
 int
@@ -644,7 +645,7 @@
 #endif
 
 	case '#':  /* local user id */
-            return 0; /* This is now obsolete and van't not be used anymore*/
+            return 0; /* This is now obsolete and can't not be used anymore*/
         
         case ':': /*Unified fingerprint */
             {  
@@ -669,6 +670,9 @@
             } 
             break;
            
+	case '&':  /* keygrip */
+          return 0; /* Not yet implememted. */
+
 	default:
 	    if (s[0] == '0' && s[1] == 'x') {
 		hexprefix = 1;

Modified: trunk/kbx/ChangeLog
===================================================================
--- trunk/kbx/ChangeLog	2006-10-20 04:00:19 UTC (rev 4311)
+++ trunk/kbx/ChangeLog	2006-10-20 11:38:48 UTC (rev 4312)
@@ -1,3 +1,10 @@
+2006-10-20  Werner Koch  <wk@g10code.com>
+
+	* keybox-search.c (blob_x509_has_grip, has_keygrip): New.
+	(keybox_search): Implement new search mode.
+	* keybox-search-desc.h (KEYDB_SEARCH_MODE_KEYGRIP): New.
+	(keydb_search_desc): New member GRIP.
+
 2006-09-20  Werner Koch  <wk@g10code.com>
 
 	* Makefile.am ($(PROGRAMS): New.

Modified: trunk/kbx/keybox-search-desc.h
===================================================================
--- trunk/kbx/keybox-search-desc.h	2006-10-20 04:00:19 UTC (rev 4311)
+++ trunk/kbx/keybox-search-desc.h	2006-10-20 11:38:48 UTC (rev 4312)
@@ -45,6 +45,7 @@
   KEYDB_SEARCH_MODE_ISSUER_SN,
   KEYDB_SEARCH_MODE_SN,
   KEYDB_SEARCH_MODE_SUBJECT,
+  KEYDB_SEARCH_MODE_KEYGRIP,
   KEYDB_SEARCH_MODE_FIRST,
   KEYDB_SEARCH_MODE_NEXT
 } KeydbSearchMode;
@@ -59,6 +60,7 @@
     const char *name;
     unsigned char fpr[24];
     unsigned char kid[8]; 
+    unsigned char grip[20];
   } u;
 };
 

Modified: trunk/kbx/keybox-search.c
===================================================================
--- trunk/kbx/keybox-search.c	2006-10-20 04:00:19 UTC (rev 4311)
+++ trunk/kbx/keybox-search.c	2006-10-20 11:38:48 UTC (rev 4312)
@@ -29,6 +29,7 @@
 #include "../jnlib/stringhelp.h" /* ascii_xxxx() */
 
 #include "keybox-defs.h"
+#include <gcrypt.h>
 
 
 #define xtoi_1(p)   (*(p) <= '9'? (*(p)- '0'): \
@@ -456,7 +457,76 @@
 }
 
 
+#ifdef KEYBOX_WITH_X509
+/* Return true if the key in BLOB matches the 20 bytes keygrip GRIP.
+   We don't have the keygrips as meta data, thus wen need to parse the
+   certificate. Fixme: We might wat to return proper error codes
+   instead of failing a search for invalid certificates etc.  */
+static int
+blob_x509_has_grip (KEYBOXBLOB blob, const unsigned char *grip)
+{
+  int rc;
+  const unsigned char *buffer;
+  size_t length;
+  size_t cert_off, cert_len;
+  ksba_reader_t reader = NULL;
+  ksba_cert_t cert = NULL;
+  ksba_sexp_t p = NULL;
+  gcry_sexp_t s_pkey;
+  unsigned char array[20];
+  unsigned char *rcp;
+  size_t n;
+  
+  buffer = _keybox_get_blob_image (blob, &length);
+  if (length < 40)
+    return 0; /* Too short. */
+  cert_off = get32 (buffer+8);
+  cert_len = get32 (buffer+12);
+  if (cert_off+cert_len > length)
+    return 0; /* Too short.  */
 
+  rc = ksba_reader_new (&reader);
+  if (rc)
+    return 0; /* Problem with ksba. */
+  rc = ksba_reader_set_mem (reader, buffer+cert_off, cert_len);
+  if (rc)
+    goto failed;
+  rc = ksba_cert_new (&cert);
+  if (rc)
+    goto failed;
+  rc = ksba_cert_read_der (cert, reader);
+  if (rc)
+    goto failed;
+  p = ksba_cert_get_public_key (cert);
+  if (!p)
+    goto failed;
+  n = gcry_sexp_canon_len (p, 0, NULL, NULL);
+  if (!n)
+    goto failed;
+  rc = gcry_sexp_sscan (&s_pkey, NULL, (char*)p, n);
+  if (rc)
+    {
+      gcry_sexp_release (s_pkey);
+      goto failed;
+    }
+  rcp = gcry_pk_get_keygrip (s_pkey, array);
+  gcry_sexp_release (s_pkey);
+  if (!rcp)
+    goto failed; /* Can't calculate keygrip. */
+
+  xfree (p);
+  ksba_cert_release (cert);
+  ksba_reader_release (reader);
+  return !memcmp (array, grip, 20);
+ failed:
+  xfree (p);
+  ksba_cert_release (cert);
+  ksba_reader_release (reader);
+  return 0;
+}
+#endif /*KEYBOX_WITH_X509*/
+
+
 
 /*
   The has_foo functions are used as helpers for search 
@@ -479,7 +549,17 @@
   return blob_cmp_fpr (blob, fpr);
 }
 
+static inline int
+has_keygrip (KEYBOXBLOB blob, const unsigned char *grip)
+{
+#ifdef KEYBOX_WITH_X509
+  if (blob_get_type (blob) == BLOBTYPE_X509)
+    return blob_x509_has_grip (blob, grip);
+#endif
+  return 0;
+}
 
+
 static inline int
 has_issuer (KEYBOXBLOB blob, const char *name)
 {
@@ -809,6 +889,10 @@
               if (has_fingerprint (blob, desc[n].u.fpr))
                 goto found;
               break;
+            case KEYDB_SEARCH_MODE_KEYGRIP:
+              if (has_keygrip (blob, desc[n].u.grip))
+                goto found;
+              break;
             case KEYDB_SEARCH_MODE_FIRST: 
               goto found;
               break;

Modified: trunk/sm/ChangeLog
===================================================================
--- trunk/sm/ChangeLog	2006-10-20 04:00:19 UTC (rev 4311)
+++ trunk/sm/ChangeLog	2006-10-20 11:38:48 UTC (rev 4312)
@@ -1,3 +1,7 @@
+2006-10-20  Werner Koch  <wk@g10code.com>
+
+	* keydb.c (classify_user_id): Parse keygrip for the '&' identifier.
+
 2006-10-18  Werner Koch  <wk@g10code.com>
 
 	* keylist.c (list_cert_raw): Also test for GPG_ERR_NO_VALUE when

Modified: trunk/sm/keydb.c
===================================================================
--- trunk/sm/keydb.c	2006-10-20 04:00:19 UTC (rev 4311)
+++ trunk/sm/keydb.c	2006-10-20 11:38:48 UTC (rev 4312)
@@ -1140,7 +1140,15 @@
         mode = KEYDB_SEARCH_MODE_FPR;
       } 
       break;
-           
+
+    case '&': /* Keygrip*/
+      {  
+        if (hex2bin (s+1, desc->u.grip, 20) < 0)
+          return 0; /* Invalid. */
+        mode = KEYDB_SEARCH_MODE_KEYGRIP;
+      } 
+      break;
+
     default:
       if (s[0] == '0' && s[1] == 'x')
         {


From cvs at cvs.gnupg.org  Sat Oct 21 20:39:07 2006
From: cvs at cvs.gnupg.org (svn author twoaday)
Date: Sat Oct 21 20:07:30 2006
Subject: [svn] GPGol - r165 - trunk/src
Message-ID: <E1GbLFe-0005cE-Ew@trithemius.gnupg.org>

Author: twoaday
Date: 2006-10-21 20:39:06 +0200 (Sat, 21 Oct 2006)
New Revision: 165

Modified:
   trunk/src/ChangeLog
   trunk/src/olflange.cpp
   trunk/src/recipient-dialog.c
Log:
2006-10-14  Timo Schulz  <ts@g10code.de>

        * recipient-dialog.c (lv_get_item_param): New.
        (copy_item): Use it here to copy the opaque param.
        (recipient_dlg_proc): And here to avoid the hidden column.
        (initialize_rsetbox): Localize column names.

        * olflange.cpp (get_outlook_property): Free returned BSTR.
        (InstallCommands): Likewise.




Modified: trunk/src/ChangeLog
===================================================================
--- trunk/src/ChangeLog	2006-10-13 07:21:00 UTC (rev 164)
+++ trunk/src/ChangeLog	2006-10-21 18:39:06 UTC (rev 165)
@@ -1,3 +1,13 @@
+2006-10-14  Timo Schulz  <ts@g10code.de>
+
+	* recipient-dialog.c (lv_get_item_param): New.
+	(copy_item): Use it here to copy the opaque param.
+	(recipient_dlg_proc): And here to avoid the hidden column.
+	(initialize_rsetbox): Localize column names.
+
+	* olflange.cpp (get_outlook_property): Free returned BSTR.
+	(InstallCommands): Likewise.
+	
 2009-09-06  Timo Schulz  <ts@g10code.de>
 
 	* recipient-dialog.c (recipient_dialog2): Do not free

Modified: trunk/src/olflange.cpp
===================================================================
--- trunk/src/olflange.cpp	2006-10-13 07:21:00 UTC (rev 164)
+++ trunk/src/olflange.cpp	2006-10-21 18:39:06 UTC (rev 165)
@@ -530,7 +530,8 @@
       result = wchar_to_utf8 (aVariant.bstrVal);
       log_debug ("%s:%s: `%s' is `%s'",
                  SRCNAME, __func__, key, result);
-      /* FIXME: Do we need to free the string returned in  AVARIANT? */
+      /* From MSDN (Invoke): It is up to the caller to free the return value.*/
+      SysFreeString (aVariant.bstrVal);
     }
 
   pDisp->Release();
@@ -1240,7 +1241,7 @@
       hr = pEECB->GetObject (&pMDB, (LPMAPIPROP *)&pMessage);
       if (FAILED(hr))
         log_debug ("%s:%s: getObject failed: hr=%#lx\n", SRCNAME,__func__,hr);
-      else if ( !opt.compat.no_msgcache)
+      else if (!opt.compat.no_msgcache)
         {
           const char *body;
           char *key = NULL;
@@ -1273,8 +1274,7 @@
                   for (keylen=0,p=key; hexdigitp(p) && hexdigitp(p+1); p += 2)
                     ((unsigned char*)key)[keylen++] = xtoi_2 (p);
                   
-                  /* FIXME: Do we need to free the string returned in
-                     AVARIANT?  Check at other places too. */
+		  SysFreeString (aVariant.bstrVal);
                 }
 
               pDisp->Release();

Modified: trunk/src/recipient-dialog.c
===================================================================
--- trunk/src/recipient-dialog.c	2006-10-13 07:21:00 UTC (rev 164)
+++ trunk/src/recipient-dialog.c	2006-10-21 18:39:06 UTC (rev 165)
@@ -72,50 +72,46 @@
   KL_COL_INFO = 2,
   KL_COL_KEYID = 3,
   KL_COL_VALID = 4,
-  KL_COL_INDEX = 5,
   /* number of columns. */
-  KL_COL_N = 6
+  KL_COL_N = 5
 };
 
 /* Insert the columns, needed to display keys, into the list view HWND. */
 static void
 initialize_rsetbox (HWND hwnd)
 {
-    LVCOLUMN col;
+  LVCOLUMN col;
 
-    memset (&col, 0, sizeof (col));
-    col.mask = LVCF_TEXT | LVCF_WIDTH | LVCF_SUBITEM;
-    col.pszText = "Name";
-    col.cx = 100;
-    col.iSubItem = KL_COL_NAME;
-    ListView_InsertColumn (hwnd, KL_COL_NAME, &col);
-
-    col.pszText = "E-Mail";
-    col.cx = 100;
-    col.iSubItem = KL_COL_EMAIL;
-    ListView_InsertColumn (hwnd, KL_COL_EMAIL, &col);
-
-    col.pszText = "Key-Info";
-    col.cx = 100;
-    col.iSubItem = KL_COL_INFO;
-    ListView_InsertColumn (hwnd, KL_COL_INFO, &col);
-
-    col.pszText = "Key ID";
-    col.cx = 80;
-    col.iSubItem = KL_COL_KEYID;
-    ListView_InsertColumn (hwnd, KL_COL_KEYID, &col);
-
-    col.pszText = "Validity";
-    col.cx = 70;
-    col.iSubItem = KL_COL_VALID;
-    ListView_InsertColumn (hwnd, KL_COL_VALID, &col);
-
-    col.pszText = "Index";
-    col.cx = 0;  /* Hide it. */
-    col.iSubItem = KL_COL_INDEX;
-    ListView_InsertColumn (hwnd, KL_COL_INDEX, &col);
-
-    ListView_SetExtendedListViewStyleEx (hwnd, 0, LVS_EX_FULLROWSELECT);
+  /* We cannot avoid the casting here because gettext always returns
+     a constant string but the listview interface needs char*. */
+  memset (&col, 0, sizeof (col));
+  col.mask = LVCF_TEXT | LVCF_WIDTH | LVCF_SUBITEM;
+  col.pszText = (char*)_("Name");
+  col.cx = 100;
+  col.iSubItem = KL_COL_NAME;
+  ListView_InsertColumn (hwnd, KL_COL_NAME, &col);
+  
+  col.pszText = (char*)_("E-Mail");
+  col.cx = 100;
+  col.iSubItem = KL_COL_EMAIL;
+  ListView_InsertColumn (hwnd, KL_COL_EMAIL, &col);
+  
+  col.pszText = (char*)_("Key-Info");
+  col.cx = 100;
+  col.iSubItem = KL_COL_INFO;
+  ListView_InsertColumn (hwnd, KL_COL_INFO, &col);
+  
+  col.pszText = (char*)_("Key ID");
+  col.cx = 80;
+  col.iSubItem = KL_COL_KEYID;
+  ListView_InsertColumn (hwnd, KL_COL_KEYID, &col);
+  
+  col.pszText = (char*)_("Validity");
+  col.cx = 70;
+  col.iSubItem = KL_COL_VALID;
+  ListView_InsertColumn (hwnd, KL_COL_VALID, &col);
+  
+  ListView_SetExtendedListViewStyleEx (hwnd, 0, LVS_EX_FULLROWSELECT);
 }
 
 
@@ -141,7 +137,7 @@
       "Full",
       "Ultimate"
     };
-  enum {COL_NAME, COL_EMAIL, COL_KEYINF, COL_KEYID, COL_TRUST, COL_IDX};
+  enum {COL_NAME, COL_EMAIL, COL_KEYINF, COL_KEYID, COL_TRUST};
   DWORD val;
 
   memset (&lvi, 0, sizeof (lvi));
@@ -185,6 +181,9 @@
           continue;
         }
 
+      /* Store the position in the opaque param. */
+      lvi.mask = LVIF_PARAM;
+      lvi.lParam = (LPARAM)pos;
       ListView_InsertItem (hwnd, &lvi);
       
       s = utf8_to_native (key->uids->name);
@@ -216,7 +215,7 @@
       s = keybuf;
       ListView_SetItemText (hwnd, 0, COL_KEYINF, s);
       
-      if (key->subkeys->keyid  && strlen (key->subkeys->keyid) > 8) 
+      if (key->subkeys->keyid && strlen (key->subkeys->keyid) > 8) 
 	{
 	  _snprintf (keybuf, sizeof (keybuf)-1, "0x%s", key->subkeys->keyid+8);
 	  ListView_SetItemText (hwnd, 0, COL_KEYID, keybuf);
@@ -229,15 +228,6 @@
       s = keybuf;
       ListView_SetItemText (hwnd, 0, COL_TRUST, s);
 
-      /* I'd like to use SetItemData but that one is only available as
-         a member function of CListCtrl; I haved not figured out how
-         the vtable is made up.  Thus we use a string with the index. */
-      /* ts: this can be done via the lParam (LVIF_PARAM) item in LVITEM.
-             I will implement this ASAP. */
-      sprintf (keybuf, "%u", (unsigned int)pos);
-      s = keybuf;
-      ListView_SetItemText (hwnd, 0, COL_IDX, s);
-
       if (pos >= keyarray_size)
         {
           gpgme_key_t *tmparr;
@@ -276,8 +266,24 @@
 }
 
 
+/* Default maximal text size for a column. */
 #define ITEMSIZE 200
 
+/* Return the opaque param of the item with the index IDX.
+   If the function call failed, return -1. */
+static LPARAM
+lv_get_item_param (HWND hwnd, int idx)
+{
+  LVITEM lv;
+  
+  memset (&lv, 0, sizeof (lv));
+  lv.mask = LVIF_PARAM;
+  lv.iItem = idx;
+  if (!ListView_GetItem (hwnd, &lv))
+    return (LPARAM)-1;
+  return lv.lParam;
+}
+
 /* Copy one list view item from one view to another. */
 static void
 copy_item (HWND dlg, int id_from, int pos)
@@ -286,6 +292,7 @@
   LVITEM lvi;
   char item[KL_COL_N][ITEMSIZE];
   int idx = pos, i;
+  int lparam;
   
   src = GetDlgItem (dlg, id_from);
   dst = GetDlgItem (dlg, id_from==IDC_ENC_RSET1 ?
@@ -300,10 +307,18 @@
   
   for (i=0; i < KL_COL_N; i++)
     ListView_GetItemText (src, idx, i, item[i], ITEMSIZE-1);
+
+  /* Before we delete the item, we backup the lparam which
+     holds the position to copy it to the new item. */
+  lparam = (int)lv_get_item_param (src, idx);
   ListView_DeleteItem (src, idx);
   
+  /* Add the lparam value from the source item. */
   memset (&lvi, 0, sizeof (lvi));
+  lvi.mask = LVIF_PARAM;
+  lvi.lParam = lparam;
   ListView_InsertItem (dst, &lvi);
+  
   for (i=0; i < KL_COL_N; i++)
     ListView_SetItemText (dst, 0, i, item[i]);
 }
@@ -314,16 +329,16 @@
 static int
 find_item (HWND hwnd, const char *str)
 {
-    LVFINDINFO fnd;
-    int pos;
-
-    memset (&fnd, 0, sizeof (fnd));
-    fnd.flags = LVFI_STRING|LVFI_PARTIAL;;
-    fnd.psz = str;
-    pos = ListView_FindItem (hwnd, -1, &fnd);
-    if (pos != -1)
-	return pos;
-    return -1;
+  LVFINDINFO fnd;
+  int pos;
+  
+  memset (&fnd, 0, sizeof (fnd));
+  fnd.flags = LVFI_STRING|LVFI_PARTIAL;;
+  fnd.psz = str;
+  pos = ListView_FindItem (hwnd, -1, &fnd);
+  if (pos != -1)
+    return pos;
+  return -1;
 }
 
 
@@ -342,28 +357,28 @@
                      (LPARAM)(const char *)cb->unknown_keys[i]);
     }
 
-  /* copy all requested keys into the second recipient listview
+  if (!cb->fnd_keys)
+    return;
+  
+  /* Copy all requested keys into the second recipient listview
      to indicate that these key were automatically picked via
      the 'From' mailing header. */
-  if (cb->fnd_keys)
+  for (i=0; cb->fnd_keys[i]; i++) 
     {
-      for (i=0; cb->fnd_keys[i]; i++) 
-        {
-	  char *uid = utf8_to_native (cb->fnd_keys[i]->uids->name);
-
-          n = find_item (rset, uid);
-          if (n != -1)
-            copy_item (dlg, IDC_ENC_RSET1, n);
-	  xfree (uid);
-        }
-    }
+      char *uid = utf8_to_native (cb->fnd_keys[i]->uids->name);
+      
+      n = find_item (rset, uid);
+      if (n != -1)
+	copy_item (dlg, IDC_ENC_RSET1, n);
+      xfree (uid);
+    }  
 }
 
 
 BOOL CALLBACK
 recipient_dlg_proc (HWND dlg, UINT msg, WPARAM wparam, LPARAM lparam)
 {
-  static struct recipient_cb_s * rset_cb;
+  static struct recipient_cb_s *rset_cb;
   NMHDR *notify;
   HWND hrset;
   size_t pos;
@@ -383,7 +398,7 @@
         initialize_keybox (dlg, rset_cb);
       else
         {
-          /* No unknown keys - hide the not required windows. */
+          /* No unknown keys and thus we need unwanted dialog windows. */
           ShowWindow (GetDlgItem (dlg, IDC_ENC_INFO), SW_HIDE);
           ShowWindow (GetDlgItem (dlg, IDC_ENC_NOTFOUND), SW_HIDE);
 	}
@@ -409,7 +424,7 @@
             {
               MessageBox (dlg, _("Please select at least one recipient key."),
                           _("Recipient Dialog"), MB_ICONINFORMATION|MB_OK);
-              return FALSE;
+              return TRUE;
 	    }
 
           for (j=0; rset_cb->fnd_keys && rset_cb->fnd_keys[j]; j++)
@@ -422,12 +437,9 @@
           for (i=0, pos=0; i < rset_cb->selected_keys_count; i++) 
             {
               gpgme_key_t key;
-              int idata;
-              char tmpbuf[30];
-
-              *tmpbuf = 0;
-              ListView_GetItemText (hrset, i, 5, tmpbuf, sizeof tmpbuf - 1);
-              idata = *tmpbuf? strtol (tmpbuf, NULL, 10) : -1;
+	      int idata;
+	      
+	      idata = (int)lv_get_item_param (hrset, i);
               if (idata >= 0 && idata < rset_cb->keyarray_count)
                 {
                   key = rset_cb->keyarray[idata];


From cvs at cvs.gnupg.org  Mon Oct 23 11:14:17 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Mon Oct 23 10:42:23 2006
Subject: [svn] gcry - r1188 - in trunk: . mpi src
Message-ID: <E1GbvNy-0004Fq-Fb@trithemius.gnupg.org>

Author: wk
Date: 2006-10-23 11:14:16 +0200 (Mon, 23 Oct 2006)
New Revision: 1188

Modified:
   trunk/ChangeLog
   trunk/Makefile.am
   trunk/mpi/ChangeLog
   trunk/mpi/config.links
   trunk/src/ChangeLog
   trunk/src/gcrypt.h.in
Log:
Applied two simple patches.


Modified: trunk/ChangeLog
===================================================================
--- trunk/ChangeLog	2006-10-19 10:38:30 UTC (rev 1187)
+++ trunk/ChangeLog	2006-10-23 09:14:16 UTC (rev 1188)
@@ -1,3 +1,7 @@
+2006-10-20  Werner Koch  <wk@g10code.com>
+
+	* Makefile.am (stowinstall): New convenience target.
+
 2006-10-12  Marcus Brinkmann  <marcus@g10code.de>
 
 	* configure.ac (FALLBACK_SOCKLEN_T): Third time is a charm.

Modified: trunk/Makefile.am
===================================================================
--- trunk/Makefile.am	2006-10-19 10:38:30 UTC (rev 1187)
+++ trunk/Makefile.am	2006-10-23 09:14:16 UTC (rev 1188)
@@ -42,7 +42,10 @@
 	@set -e; \
 	echo "$(VERSION)" > $(distdir)/VERSION
 
+stowinstall: 
+	$(MAKE) $(AM_MAKEFLAGS) install prefix=/usr/local/stow/libgcrypt
 
 
 
 
+

Modified: trunk/mpi/ChangeLog
===================================================================
--- trunk/mpi/ChangeLog	2006-10-19 10:38:30 UTC (rev 1187)
+++ trunk/mpi/ChangeLog	2006-10-23 09:14:16 UTC (rev 1188)
@@ -1,3 +1,9 @@
+2006-10-23  Werner Koch  <wk@g10code.com>
+
+	* config.links (mpi_optional_modules): Make sure that powerpc64 is
+	matched before a generic powerpc.  Reported by Andreas Metzler.
+	Should fix Debian bug 284609.
+
 2006-08-25  Werner Koch  <wk@g10code.com>
 
 	* mpi-bit.c (gcry_mpi_rshift): Don't shift if N == 0 but do a

Modified: trunk/mpi/config.links
===================================================================
--- trunk/mpi/config.links	2006-10-19 10:38:30 UTC (rev 1187)
+++ trunk/mpi/config.links	2006-10-23 09:14:16 UTC (rev 1188)
@@ -221,13 +221,6 @@
 	path="m68k/mc68020 m68k"
 	;;
 
-    powerpc*-*-linux*)
-	echo '/* configured for powerpc/ELF */' >>./mpi/asm-syntax.h
-	echo '#define ELF_SYNTAX'               >>./mpi/asm-syntax.h
-	cat   $srcdir/mpi/powerpc32/syntax.h	>>./mpi/asm-syntax.h
-	path="powerpc32"
-	;;
-
     powerpc*-*-netbsd* | powerpc*-*-openbsd*)
        echo '/* configured {Open,Net}BSD on powerpc */' >>./mpi/asm-syntax.h
        echo '#define ELF_SYNTAX'                 >>./mpi/asm-syntax.h
@@ -236,6 +229,18 @@
        path="powerpc32"
        ;;
 
+    ppc620-*-*	    | \
+    powerpc64*-*-*)
+	mpi_sflags="-Wa,-mppc"
+	path="powerpc64"
+	;;
+    powerpc*-*-linux*)
+	echo '/* configured for powerpc/ELF */' >>./mpi/asm-syntax.h
+	echo '#define ELF_SYNTAX'               >>./mpi/asm-syntax.h
+	cat   $srcdir/mpi/powerpc32/syntax.h	>>./mpi/asm-syntax.h
+	path="powerpc32"
+	;;
+
     rs6000-*-aix[456789]*    | \
     rs6000-*-aix3.2.[456789])
 	mpi_sflags="-Wa,-mpwr"
@@ -264,11 +269,6 @@
 	mpi_sflags="-Wa,-mppc"
 	path="powerpc32"
 	;;
-    ppc620-*-*	    | \
-    powerpc64*-*-*)
-	mpi_sflags="-Wa,-mppc"
-	path="powerpc64"
-	;;
     powerpc*-*-*)
 	mpi_sflags="-Wa,-mppc"
 	path="powerpc32"

Modified: trunk/src/ChangeLog
===================================================================
--- trunk/src/ChangeLog	2006-10-19 10:38:30 UTC (rev 1187)
+++ trunk/src/ChangeLog	2006-10-23 09:14:16 UTC (rev 1188)
@@ -1,3 +1,9 @@
+2006-10-23  Werner Koch  <wk@g10code.com>
+
+	* gcrypt.h.in (GCRY_THREAD_OPTION_PTHREAD_IMPL): Add some cast for
+	use by C-doubleplus.  In general I don't like this but due to
+	public demand I give up ;-)
+
 2006-10-19  Werner Koch  <wk@g10code.com>
 
 	* global.c (gcry_control) <GCRYCTL_INIT_SECMEM>: Return an error

Modified: trunk/src/gcrypt.h.in
===================================================================
--- trunk/src/gcrypt.h.in	2006-10-19 10:38:30 UTC (rev 1187)
+++ trunk/src/gcrypt.h.in	2006-10-23 09:14:16 UTC (rev 1188)
@@ -257,7 +257,7 @@
 static int gcry_pthread_mutex_init (void **priv)			      \
 {									      \
   int err = 0;								      \
-  pthread_mutex_t *lock = malloc (sizeof (pthread_mutex_t));		      \
+  pthread_mutex_t *lock = (pthread_mutex_t*)malloc (sizeof (pthread_mutex_t));\
 									      \
   if (!lock)								      \
     err = ENOMEM;							      \
@@ -272,11 +272,12 @@
   return err;								      \
 }									      \
 static int gcry_pthread_mutex_destroy (void **lock)			      \
-  { int err = pthread_mutex_destroy (*lock);  free (*lock); return err; }     \
+  { int err = pthread_mutex_destroy ((phread_mutex_t*)*lock);                 \
+    free (*lock); return err; }                                               \
 static int gcry_pthread_mutex_lock (void **lock)			      \
-  { return pthread_mutex_lock (*lock); }				      \
+  { return pthread_mutex_lock ((phread_mutex_t*)*lock); }		      \
 static int gcry_pthread_mutex_unlock (void **lock)			      \
-  { return pthread_mutex_unlock (*lock); }				      \
+  { return pthread_mutex_unlock ((phread_mutex_t*)*lock); }		      \
 									      \
 static struct gcry_thread_cbs gcry_threads_pthread =			      \
 { GCRY_THREAD_OPTION_PTHREAD, NULL,					      \


From cvs at cvs.gnupg.org  Mon Oct 23 12:52:24 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Mon Oct 23 12:20:29 2006
Subject: [svn] GnuPG -  r4313 - trunk/agent
Message-ID: <E1Gbwuu-000682-A6@trithemius.gnupg.org>

Author: wk
Date: 2006-10-23 12:52:23 +0200 (Mon, 23 Oct 2006)
New Revision: 4313

Modified:
   trunk/agent/ChangeLog
   trunk/agent/Makefile.am
   trunk/agent/minip12.c
Log:
Allow importing of web.de generated p12 files


Modified: trunk/agent/ChangeLog
===================================================================
--- trunk/agent/ChangeLog	2006-10-20 11:38:48 UTC (rev 4312)
+++ trunk/agent/ChangeLog	2006-10-23 10:52:23 UTC (rev 4313)
@@ -1,3 +1,12 @@
+2006-10-23  Werner Koch  <wk@g10code.com>
+
+	* minip12.c (parse_bag_encrypted_data, parse_bag_data): Allow for
+	a salt of 20 bytes.
+
+2006-10-20  Werner Koch  <wk@g10code.com>
+
+	* Makefile.am (t_common_ldadd): Use GPG_ERROR_LIBS instead -o just -l
+
 2006-10-19  Werner Koch  <wk@g10code.com>
 
 	* findkey.c (unprotect): Use it to avoid unnecessary calls to

Modified: trunk/agent/Makefile.am
===================================================================
--- trunk/agent/Makefile.am	2006-10-20 11:38:48 UTC (rev 4312)
+++ trunk/agent/Makefile.am	2006-10-23 10:52:23 UTC (rev 4313)
@@ -83,7 +83,7 @@
 TESTS = t-protect
 
 t_common_ldadd = $(common_libs) \
-                 $(LIBGCRYPT_LIBS) -lgpg-error $(LIBINTL)
+                 $(LIBGCRYPT_LIBS) $(GPG_ERROR_LIBS) $(LIBINTL)
 
 t_protect_SOURCES = t-protect.c protect.c 
 t_protect_LDADD = $(t_common_ldadd)

Modified: trunk/agent/minip12.c
===================================================================
--- trunk/agent/minip12.c	2006-10-20 11:38:48 UTC (rev 4312)
+++ trunk/agent/minip12.c	2006-10-23 10:52:23 UTC (rev 4313)
@@ -497,7 +497,7 @@
   const unsigned char *p_start = buffer;
   size_t n = length;
   const char *where;
-  char salt[16];
+  char salt[20];
   size_t saltlen;
   unsigned int iter;
   unsigned char *plain = NULL;
@@ -575,7 +575,7 @@
   if (parse_tag (&p, &n, &ti))
     goto bailout;
   if (ti.class || ti.tag != TAG_OCTET_STRING
-      || ti.length < 8 || ti.length > 16 )
+      || ti.length < 8 || ti.length > 20 )
     goto bailout;
   saltlen = ti.length;
   memcpy (salt, p, saltlen);
@@ -909,7 +909,7 @@
   const unsigned char *p_start = buffer;
   size_t n = length;
   const char *where;
-  char salt[16];
+  char salt[20];
   size_t saltlen;
   unsigned int iter;
   int len;
@@ -997,7 +997,7 @@
   if (parse_tag (&p, &n, &ti))
     goto bailout;
   if (ti.class || ti.tag != TAG_OCTET_STRING
-      || ti.length < 8 || ti.length > 16)
+      || ti.length < 8 || ti.length > 20)
     goto bailout;
   saltlen = ti.length;
   memcpy (salt, p, saltlen);


From cvs at cvs.gnupg.org  Mon Oct 23 16:02:18 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Mon Oct 23 15:30:24 2006
Subject: [svn] GnuPG - r4314 - in trunk: . agent doc g10 keyserver scd sm
	tests tools
Message-ID: <E1Gbzsh-0007By-Ak@trithemius.gnupg.org>

Author: wk
Date: 2006-10-23 16:02:13 +0200 (Mon, 23 Oct 2006)
New Revision: 4314

Added:
   trunk/tests/smime/
Modified:
   trunk/ChangeLog
   trunk/Makefile.am
   trunk/NEWS
   trunk/agent/ChangeLog
   trunk/agent/gpg-agent.c
   trunk/doc/gpg.texi
   trunk/doc/gpgsm.texi
   trunk/g10/ChangeLog
   trunk/g10/Makefile.am
   trunk/g10/gpg.c
   trunk/keyserver/ChangeLog
   trunk/keyserver/Makefile.am
   trunk/scd/ChangeLog
   trunk/scd/app-p15.c
   trunk/scd/scdaemon.c
   trunk/sm/ChangeLog
   trunk/sm/gpgsm.c
   trunk/tools/ChangeLog
   trunk/tools/gpgconf-comp.c
   trunk/tools/gpgsm-gencert.sh
Log:


From cvs at cvs.gnupg.org  Mon Oct 23 16:21:42 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Mon Oct 23 15:49:46 2006
Subject: [svn] GnuPG - r4315 - in branches/STABLE-BRANCH-1-4: . g10 scripts
Message-ID: <E1Gc0BS-0003my-3q@trithemius.gnupg.org>

Author: wk
Date: 2006-10-23 16:21:41 +0200 (Mon, 23 Oct 2006)
New Revision: 4315

Modified:
   branches/STABLE-BRANCH-1-4/TODO
   branches/STABLE-BRANCH-1-4/g10/ChangeLog
   branches/STABLE-BRANCH-1-4/g10/gpg.c
   branches/STABLE-BRANCH-1-4/scripts/ChangeLog
   branches/STABLE-BRANCH-1-4/scripts/w32installer.nsi
Log:
New command --gpgconf-test.


Modified: branches/STABLE-BRANCH-1-4/TODO
===================================================================
--- branches/STABLE-BRANCH-1-4/TODO	2006-10-23 14:02:13 UTC (rev 4314)
+++ branches/STABLE-BRANCH-1-4/TODO	2006-10-23 14:21:41 UTC (rev 4315)
@@ -70,3 +70,5 @@
     no way to issue a cancel when unsing the CLI - this would however
     be a Good Thing when used with mixed symkey/pubkey encrypted
     messages. See comment in mainproc.c:proc_symkey_enc. 
+
+  * Copy the manual from trunk and update the Makefile.
\ No newline at end of file

Modified: branches/STABLE-BRANCH-1-4/g10/ChangeLog
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/ChangeLog	2006-10-23 14:02:13 UTC (rev 4314)
+++ branches/STABLE-BRANCH-1-4/g10/ChangeLog	2006-10-23 14:21:41 UTC (rev 4315)
@@ -1,3 +1,7 @@
+2006-10-23  Werner Koch  <wk@g10code.com>
+
+	* gpg.c (main): New command --gpgconf-list.
+
 2006-10-06  David Shaw  <dshaw@jabberwocky.com>
 
 	* keyserver.c (keyserver_spawn): Write the 16-digit keyid rather

Modified: branches/STABLE-BRANCH-1-4/g10/gpg.c
===================================================================
--- branches/STABLE-BRANCH-1-4/g10/gpg.c	2006-10-23 14:02:13 UTC (rev 4314)
+++ branches/STABLE-BRANCH-1-4/g10/gpg.c	2006-10-23 14:21:41 UTC (rev 4315)
@@ -114,6 +114,7 @@
     aLSignKey,
     aListConfig,
     aGPGConfList,
+    aGPGConfTest,
     aListPackets,
     aEditKey,
     aDeleteKeys,
@@ -420,6 +421,7 @@
 #endif
     { aListConfig, "list-config", 256, "@"},
     { aGPGConfList, "gpgconf-list", 256, "@" },
+    { aGPGConfTest, "gpgconf-test", 256, "@" },
     { aListPackets, "list-packets",256, "@"},
     { aExportOwnerTrust, "export-ownertrust", 256, "@"},
     { aImportOwnerTrust, "import-ownertrust", 256, "@"},
@@ -2011,6 +2013,7 @@
 	  case aCheckKeys: 
 	  case aListConfig:
           case aGPGConfList:
+          case aGPGConfTest:
 	  case aListPackets:
 	  case aImport: 
 	  case aFastImport: 
@@ -3185,6 +3188,9 @@
     if( opt.verbose > 1 )
 	set_packet_list_mode(1);
 
+    if (cmd == aGPGConfTest)
+      g10_exit(0);
+
     /* Add the keyrings, but not for some special commands and not in
        case of "-kvv userid keyring".  Also avoid adding the secret
        keyring for a couple of commands to avoid unneeded access in

Modified: branches/STABLE-BRANCH-1-4/scripts/ChangeLog
===================================================================
--- branches/STABLE-BRANCH-1-4/scripts/ChangeLog	2006-10-23 14:02:13 UTC (rev 4314)
+++ branches/STABLE-BRANCH-1-4/scripts/ChangeLog	2006-10-23 14:21:41 UTC (rev 4315)
@@ -1,3 +1,8 @@
+2006-10-02  Werner Koch  <wk@g10code.com>
+
+	* w32installer.nsi: Don't uninstall winpt if the installer comes
+	without it.  I fixed it despite of what I said in bug 521.
+
 2006-09-13  Werner Koch  <wk@g10code.com>
 
 	* autogen.sh: Better detection of the cross compiler.

Modified: branches/STABLE-BRANCH-1-4/scripts/w32installer.nsi
===================================================================
--- branches/STABLE-BRANCH-1-4/scripts/w32installer.nsi	2006-10-23 14:02:13 UTC (rev 4314)
+++ branches/STABLE-BRANCH-1-4/scripts/w32installer.nsi	2006-10-23 14:21:41 UTC (rev 4315)
@@ -385,11 +385,14 @@
 
   Delete "$INSTDIR\gpgsplit.exe"
   Delete "$INSTDIR\gpgv.exe"
+
+!ifdef WITH_WINPT
   Delete "$INSTDIR\WinPT.exe"
   Delete "$INSTDIR\PTD.dll"
   Delete "$INSTDIR\Doc\README.winpt.txt"
   Delete "$INSTDIR\Doc\NEWS.winpt.txt"
   Delete "$INSTDIR\Doc\keyserver.conf"
+!endif
 
   Delete "$INSTDIR\Doc\gnupg.man"
   Delete "$INSTDIR\Doc\gpg.man"


From cvs at cvs.gnupg.org  Mon Oct 23 19:17:26 2006
From: cvs at cvs.gnupg.org (svn author marcus)
Date: Mon Oct 23 18:45:28 2006
Subject: [svn] gpgme - r1183 - trunk/gpgme
Message-ID: <E1Gc2vW-0006Lt-80@trithemius.gnupg.org>

Author: marcus
Date: 2006-10-23 19:17:25 +0200 (Mon, 23 Oct 2006)
New Revision: 1183

Modified:
   trunk/gpgme/ChangeLog
   trunk/gpgme/keylist.c
Log:
2006-10-23  Marcus Brinkmann  <marcus@g10code.de>

	* keylist.c (gpgme_op_keylist_next): Return error if OPD is NULL.


Modified: trunk/gpgme/ChangeLog
===================================================================
--- trunk/gpgme/ChangeLog	2006-09-25 14:57:00 UTC (rev 1182)
+++ trunk/gpgme/ChangeLog	2006-10-23 17:17:25 UTC (rev 1183)
@@ -1,3 +1,7 @@
+2006-10-23  Marcus Brinkmann  <marcus@g10code.de>
+
+	* keylist.c (gpgme_op_keylist_next): Return error if OPD is NULL.
+
 2006-09-25  Marcus Brinkmann  <marcus@g10code.de>
 
 	* data-mem.c (gpgme_data_release_and_get_mem): Release the data

Modified: trunk/gpgme/keylist.c
===================================================================
--- trunk/gpgme/keylist.c	2006-09-25 14:57:00 UTC (rev 1182)
+++ trunk/gpgme/keylist.c	2006-10-23 17:17:25 UTC (rev 1183)
@@ -883,6 +883,8 @@
   opd = hook;
   if (err)
     return err;
+  if (opd == NULL)
+    return gpg_error (GPG_ERR_INV_VALUE);
 
   if (!opd->key_queue)
     {


From cvs at cvs.gnupg.org  Mon Oct 23 20:52:15 2006
From: cvs at cvs.gnupg.org (svn author marcus)
Date: Mon Oct 23 20:20:17 2006
Subject: [svn] gpgme - r1184 - trunk/gpgme
Message-ID: <E1Gc4PF-0003bL-C0@trithemius.gnupg.org>

Author: marcus
Date: 2006-10-23 20:52:14 +0200 (Mon, 23 Oct 2006)
New Revision: 1184

Modified:
   trunk/gpgme/ChangeLog
   trunk/gpgme/wait-global.c
Log:
2006-10-23  Marcus Brinkmann  <marcus@g10code.de>

	* wait-global.c (gpgme_wait): Unlock CTX_LIST_LOCK while calling
	_gpgme_engine_io_event().


Modified: trunk/gpgme/ChangeLog
===================================================================
--- trunk/gpgme/ChangeLog	2006-10-23 17:17:25 UTC (rev 1183)
+++ trunk/gpgme/ChangeLog	2006-10-23 18:52:14 UTC (rev 1184)
@@ -1,5 +1,8 @@
 2006-10-23  Marcus Brinkmann  <marcus@g10code.de>
 
+	* wait-global.c (gpgme_wait): Unlock CTX_LIST_LOCK while calling
+	_gpgme_engine_io_event().
+
 	* keylist.c (gpgme_op_keylist_next): Return error if OPD is NULL.
 
 2006-09-25  Marcus Brinkmann  <marcus@g10code.de>

Modified: trunk/gpgme/wait-global.c
===================================================================
--- trunk/gpgme/wait-global.c	2006-10-23 17:17:25 UTC (rev 1183)
+++ trunk/gpgme/wait-global.c	2006-10-23 18:52:14 UTC (rev 1184)
@@ -334,6 +334,7 @@
 
       /* Now some contexts might have finished successfully.  */
       LOCK (ctx_list_lock);
+    retry:
       for (li = ctx_active_list; li; li = li->next)
 	{
 	  gpgme_ctx_t actx = li->ctx;
@@ -344,7 +345,19 @@
 	  if (i == actx->fdt.size)
 	    {
 	      gpgme_error_t err = 0;
+
+	      /* FIXME: This does not perform too well.  We have to
+		 release the lock because the I/O event handler
+		 acquires it to remove the context from the active
+		 list.  Two alternative strategies are worth
+		 considering: Either implement the DONE event handler
+		 here in a lock-free manner, or save a list of all
+		 contexts to be released and call the DONE events
+		 afterwards.  */
+	      UNLOCK (ctx_list_lock);
 	      _gpgme_engine_io_event (actx->engine, GPGME_EVENT_DONE, &err);
+	      LOCK (ctx_list_lock);
+	      goto retry;
 	    }
 	}
       UNLOCK (ctx_list_lock);


From cvs at cvs.gnupg.org  Tue Oct 24 11:22:34 2006
From: cvs at cvs.gnupg.org (svn author marcus)
Date: Tue Oct 24 10:50:51 2006
Subject: [svn] gpgme - r1185 - trunk/gpgme
Message-ID: <E1GcHzS-0002ay-RZ@trithemius.gnupg.org>

Author: marcus
Date: 2006-10-24 11:22:33 +0200 (Tue, 24 Oct 2006)
New Revision: 1185

Modified:
   trunk/gpgme/ChangeLog
   trunk/gpgme/trustlist.c
Log:
2006-10-24  Marcus Brinkmann  <marcus@g10code.de>

	* trustlist.c (gpgme_op_trustlist_next): Return error if OPD is
	NULL.


Modified: trunk/gpgme/ChangeLog
===================================================================
--- trunk/gpgme/ChangeLog	2006-10-23 18:52:14 UTC (rev 1184)
+++ trunk/gpgme/ChangeLog	2006-10-24 09:22:33 UTC (rev 1185)
@@ -1,3 +1,8 @@
+2006-10-24  Marcus Brinkmann  <marcus@g10code.de>
+
+	* trustlist.c (gpgme_op_trustlist_next): Return error if OPD is
+	NULL.
+
 2006-10-23  Marcus Brinkmann  <marcus@g10code.de>
 
 	* wait-global.c (gpgme_wait): Unlock CTX_LIST_LOCK while calling

Modified: trunk/gpgme/trustlist.c
===================================================================
--- trunk/gpgme/trustlist.c	2006-10-23 18:52:14 UTC (rev 1184)
+++ trunk/gpgme/trustlist.c	2006-10-24 09:22:33 UTC (rev 1185)
@@ -215,6 +215,8 @@
   opd = hook;
   if (err)
     return err;
+  if (opd == NULL)
+    return gpg_error (GPG_ERR_INV_VALUE);
 
   if (!opd->trust_queue)
     {


From cvs at cvs.gnupg.org  Tue Oct 24 16:28:01 2006
From: cvs at cvs.gnupg.org (svn author marcus)
Date: Tue Oct 24 15:56:01 2006
Subject: [svn] GnuPG -  r4316 - trunk/keyserver
Message-ID: <E1GcMl1-0003Qh-6a@trithemius.gnupg.org>

Author: marcus
Date: 2006-10-24 16:28:01 +0200 (Tue, 24 Oct 2006)
New Revision: 4316

Modified:
   trunk/keyserver/ChangeLog
   trunk/keyserver/Makefile.am
Log:
2006-10-24  Marcus Brinkmann  <marcus@g10code.de>

	* Makefile.am (gpg2keys_ldap_CPPFLAGS): Rename second instance to ...
	(gpg2keys_finger_CPPFLAGS): ... this.


Modified: trunk/keyserver/ChangeLog
===================================================================
--- trunk/keyserver/ChangeLog	2006-10-23 14:21:41 UTC (rev 4315)
+++ trunk/keyserver/ChangeLog	2006-10-24 14:28:01 UTC (rev 4316)
@@ -1,3 +1,8 @@
+2006-10-24  Marcus Brinkmann  <marcus@g10code.de>
+
+	* Makefile.am (gpg2keys_ldap_CPPFLAGS): Rename second instance to ...
+	(gpg2keys_finger_CPPFLAGS): ... this.
+
 2006-10-20  Werner Koch  <wk@g10code.com>
 
 	* Makefile.am: Reporder macros for better readability.

Modified: trunk/keyserver/Makefile.am
===================================================================
--- trunk/keyserver/Makefile.am	2006-10-23 14:21:41 UTC (rev 4315)
+++ trunk/keyserver/Makefile.am	2006-10-24 14:28:01 UTC (rev 4316)
@@ -44,7 +44,7 @@
 gpg2keys_ldap_LDADD = $(LDAPLIBS) $(NETLIBS) $(other_libs)
 
 gpg2keys_finger_SOURCES = gpgkeys_finger.c ksutil.c ksutil.h no-libgcrypt.c
-gpg2keys_ldap_CPPFLAGS = $(AM_CPPFLAGS)
+gpg2keys_finger_CPPFLAGS = $(AM_CPPFLAGS)
 gpg2keys_finger_LDADD = $(common_libs) $(GPG_ERROR_LIBS) \
                         $(NETLIBS) $(other_libs)
 


From cvs at cvs.gnupg.org  Tue Oct 24 16:45:35 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Tue Oct 24 16:13:32 2006
Subject: [svn] GnuPG -  r4317 - in trunk: . doc scd
Message-ID: <E1GcN21-0002Lj-5q@trithemius.gnupg.org>

Author: wk
Date: 2006-10-24 16:45:34 +0200 (Tue, 24 Oct 2006)
New Revision: 4317

Modified:
   trunk/ChangeLog
   trunk/NEWS
   trunk/TODO
   trunk/configure.ac
   trunk/doc/gpg.texi
   trunk/scd/ChangeLog
   trunk/scd/app-p15.c
   trunk/scd/scdaemon.h
Log:
Preparing another release


Modified: trunk/ChangeLog
===================================================================
--- trunk/ChangeLog	2006-10-24 14:28:01 UTC (rev 4316)
+++ trunk/ChangeLog	2006-10-24 14:45:34 UTC (rev 4317)
@@ -1,3 +1,7 @@
+2006-10-24  Werner Koch  <wk@g10code.com>
+
+	Released 1.9.94.
+
 2006-10-20  Werner Koch  <wk@g10code.com>
 
 	* Makefile.am (stowinstall): Add convenience target.

Modified: trunk/NEWS
===================================================================
--- trunk/NEWS	2006-10-24 14:28:01 UTC (rev 4316)
+++ trunk/NEWS	2006-10-24 14:45:34 UTC (rev 4317)
@@ -1,4 +1,4 @@
-Noteworthy changes in version 1.9.94
+Noteworthy changes in version 1.9.94 (2006-10-24)
 -------------------------------------------------
 
  * Keys for gpgsm may now be specified using a keygrip.  A keygrip is

Modified: trunk/TODO
===================================================================
--- trunk/TODO	2006-10-24 14:28:01 UTC (rev 4316)
+++ trunk/TODO	2006-10-24 14:45:34 UTC (rev 4317)
@@ -2,14 +2,14 @@
 
 * src/base64
 ** Make parsing more robust
-Currently we don't cope with overlong lines in the best way.
+   Currently we don't cope with overlong lines in the best way.
 ** Check that we really release the ksba reader/writer objects.
 
 * sm/call-agent.c
 ** Some code should go into import.c
 ** When we allow concurrent service request in gpgsm, we
-might want to have an agent context for each service request
-(i.e. Assuan context).
+   might want to have an agent context for each service request
+   (i.e. Assuan context).
 
 * sm/certchain.c
 ** When a certificate chain was sucessfully verified, make ephemeral certs used  in this chain permanent.
@@ -53,7 +53,7 @@
 ** Return an error code or a status info per user ID.
 
 * scd/tlv.c
-  The parse_sexp fucntion should not go into this file.  Check whether
+  The parse_sexp function should not go into this file.  Check whether
   we can change all S-expression handling code to make use of this
   function.
 
@@ -64,14 +64,10 @@
   would be better to do this just at one place. First we need to see
   how we can support cards with multiple applications.
 ** Detecting a removed card works only after the ticker detected it.
- We should check the card status in open-card to make this smoother.
- Needs to be integrated with the status file update, though.  It is
- not a real problem because application will get a card removed status
- and should the send a reset to try solving the problem.
-** app-p15.c:do_auth
-  We assume SHA1 here.  However we should also allow for TLS-MD5SHA1.
-  To properly inplement this we need to extend the inetrnal API.  A
-  simple workaround by looking at the digest size if possible.
+  We should check the card status in open-card to make this smoother.
+  Needs to be integrated with the status file update, though.  It is
+  not a real problem because application will get a card removed
+  status and should the send a reset to try solving the problem.
 
 ** Add a test to check the extkeyusage.
 

Modified: trunk/configure.ac
===================================================================
--- trunk/configure.ac	2006-10-24 14:28:01 UTC (rev 4316)
+++ trunk/configure.ac	2006-10-24 14:45:34 UTC (rev 4317)
@@ -27,7 +27,7 @@
 # Set my_issvn to "yes" for non-released code.  Remember to run an
 # "svn up" and "autogen.sh" right before creating a distribution.
 m4_define([my_version], [1.9.94])
-m4_define([my_issvn], [yes])
+m4_define([my_issvn], [no])
 
 
 m4_define([svn_revision], m4_esyscmd([echo -n $( (svn info 2>/dev/null \

Modified: trunk/doc/gpg.texi
===================================================================
--- trunk/doc/gpg.texi	2006-10-24 14:28:01 UTC (rev 4316)
+++ trunk/doc/gpg.texi	2006-10-24 14:45:34 UTC (rev 4317)
@@ -2394,6 +2394,18 @@
 listed. @option{--list-config} is only usable with
 @option{--with-colons} set.
 
+@item --gpgconf-list
+@opindex gpgconf-list
+This command is simliar to @option{--list-config} but in general only
+internally used by the @command{gpgconf} tool.
+
+@item --gpgconf-test
+@opindex gpgconf-test
+This is more or less dummy action.  However it parses the configuration
+file and returns with failure if the configuraion file would prevent
+@command{gpg} from startup.  Thus it may be used to run a syntax check
+on the configuration file.
+
 @end table
 
 @c *******************************

Modified: trunk/scd/ChangeLog
===================================================================
--- trunk/scd/ChangeLog	2006-10-24 14:28:01 UTC (rev 4316)
+++ trunk/scd/ChangeLog	2006-10-24 14:45:34 UTC (rev 4317)
@@ -1,3 +1,11 @@
+2006-10-24  Werner Koch  <wk@g10code.com>
+
+	* scdaemon.h (GCRY_MD_USER_TLS_MD5SHA1): New.
+	(MAX_DIGEST_LEN): Increased to 36.
+	* app-p15.c (do_sign): Support for TLS_MD5SHA1.
+	(do_auth): Detect TLS_MD5SHA1.
+	(do_sign): Tweaks for that digest.
+
 2006-10-23  Werner Koch  <wk@g10code.com>
 
 	* scdaemon.c (main): New command --gpgconf-test.

Modified: trunk/scd/app-p15.c
===================================================================
--- trunk/scd/app-p15.c	2006-10-24 14:28:01 UTC (rev 4316)
+++ trunk/scd/app-p15.c	2006-10-24 14:45:34 UTC (rev 4317)
@@ -2868,8 +2868,9 @@
 
   gpg_error_t err;
   int i;
-  unsigned char data[35];   /* Must be large enough for a SHA-1 digest
-                               + the largest OID prefix above. */
+  unsigned char data[36];   /* Must be large enough for a SHA-1 digest
+                               + the largest OID prefix above and also
+                               fit the 36 bytes of md5sha1.  */
   prkdf_object_t prkdf;    /* The private key object. */
   aodf_object_t aodf;      /* The associated authentication object. */
   int no_data_padding = 0; /* True if the card want the data without padding.*/
@@ -2877,7 +2878,7 @@
 
   if (!keyidstr || !*keyidstr)
     return gpg_error (GPG_ERR_INV_VALUE);
-  if (indatalen != 20 && indatalen != 16 && indatalen != 35)
+  if (indatalen != 20 && indatalen != 16 && indatalen != 35 && indatalen != 36)
     return gpg_error (GPG_ERR_INV_VALUE);
 
   err = prkdf_object_from_keyidstr (app, keyidstr, &prkdf);
@@ -2948,7 +2949,10 @@
       
       mse[0] = 4;    /* Length of the template. */
       mse[1] = 0x80; /* Algorithm reference tag. */
-      mse[2] = 0x02; /* Algorithm: RSASSA-PKCS1-v1.5 using SHA1. */
+      if (hashalgo == GCRY_MD_USER_TLS_MD5SHA1)
+        mse[2] = 0x01; /* Let card do pkcs#1 0xFF padding. */
+      else
+        mse[2] = 0x02; /* RSASSA-PKCS1-v1.5 using SHA1. */
       mse[3] = 0x84; /* Private key reference tag. */
       mse[4] = prkdf->key_reference_valid? prkdf->key_reference : 0x82;
 
@@ -3118,8 +3122,15 @@
     }
 
   /* Prepare the DER object from INDATA. */
-  if (indatalen == 35)
+  if (indatalen == 36)
     {
+      /* No ASN.1 container used. */
+      if (hashalgo != GCRY_MD_USER_TLS_MD5SHA1)
+        return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
+      memcpy (data, indata, indatalen);
+    }
+  else if (indatalen == 35)
+    {
       /* Alright, the caller was so kind to send us an already
          prepared DER object.  Check that it is what we want and that
          it matches the hash algorithm. */
@@ -3177,7 +3188,9 @@
       return err;
     }
 
-  if (no_data_padding)
+  if (hashalgo == GCRY_MD_USER_TLS_MD5SHA1)
+    err = iso7816_compute_ds (app->slot, data, 36, outdata, outdatalen);
+  else if (no_data_padding)
     err = iso7816_compute_ds (app->slot, data+15, 20, outdata, outdatalen);
   else
     err = iso7816_compute_ds (app->slot, data, 35, outdata, outdatalen);
@@ -3200,6 +3213,7 @@
 {
   gpg_error_t err;
   prkdf_object_t prkdf;
+  int algo;
 
   if (!keyidstr || !*keyidstr)
     return gpg_error (GPG_ERR_INV_VALUE);
@@ -3212,7 +3226,9 @@
       log_error ("key %s may not be used for authentication\n", keyidstr);
       return gpg_error (GPG_ERR_WRONG_KEY_USAGE);
     }
-  return do_sign (app, keyidstr, GCRY_MD_SHA1, pincb, pincb_arg, 
+
+  algo = indatalen == 36? GCRY_MD_USER_TLS_MD5SHA1 : GCRY_MD_SHA1;
+  return do_sign (app, keyidstr, algo, pincb, pincb_arg, 
                   indata, indatalen, outdata, outdatalen);
 }
 

Modified: trunk/scd/scdaemon.h
===================================================================
--- trunk/scd/scdaemon.h	2006-10-24 14:28:01 UTC (rev 4316)
+++ trunk/scd/scdaemon.h	2006-10-24 14:45:34 UTC (rev 4317)
@@ -34,8 +34,18 @@
 #include "../common/errors.h"
 
 
-#define MAX_DIGEST_LEN 24 
+/* To convey some special hash algorithms we use algorithm numbers
+   reserved for application use. */
+#ifndef GCRY_MD_USER
+#define GCRY_MD_USER 1024
+#endif
+#define GCRY_MD_USER_TLS_MD5SHA1 (GCRY_MD_USER+1)
 
+/* Maximum length of a digest.  */
+#define MAX_DIGEST_LEN 36
+
+
+
 /* A large struct name "opt" to keep global flags. */
 struct
 {


From cvs at cvs.gnupg.org  Tue Oct 24 16:48:02 2006
From: cvs at cvs.gnupg.org (svn author marcus)
Date: Tue Oct 24 16:15:58 2006
Subject: [svn] GnuPG -  r4318 - trunk/common
Message-ID: <E1GcN4N-0003Fi-Br@trithemius.gnupg.org>

Author: marcus
Date: 2006-10-24 16:48:02 +0200 (Tue, 24 Oct 2006)
New Revision: 4318

Modified:
   trunk/common/ChangeLog
   trunk/common/Makefile.am
Log:
2006-10-24  Marcus Brinkmann  <marcus@g10code.de>

	* Makefile.am (libcommon_a_CFLAGS): Add $(LIBASSUAN_CFLAGS).
	(libsimple_pwquery_a_CFLAGS): New variable.


Modified: trunk/common/ChangeLog
===================================================================
--- trunk/common/ChangeLog	2006-10-24 14:45:34 UTC (rev 4317)
+++ trunk/common/ChangeLog	2006-10-24 14:48:02 UTC (rev 4318)
@@ -1,3 +1,8 @@
+2006-10-24  Marcus Brinkmann  <marcus@g10code.de>
+
+	* Makefile.am (libcommon_a_CFLAGS): Add $(LIBASSUAN_CFLAGS).
+	(libsimple_pwquery_a_CFLAGS): New variable.
+
 2006-10-20  Werner Koch  <wk@g10code.com>
 
 	* convert.c (hex2bin): New.

Modified: trunk/common/Makefile.am
===================================================================
--- trunk/common/Makefile.am	2006-10-24 14:45:34 UTC (rev 4317)
+++ trunk/common/Makefile.am	2006-10-24 14:48:02 UTC (rev 4318)
@@ -61,13 +61,14 @@
 	http.c http.h 
 
 libcommon_a_SOURCES = $(common_sources)
-libcommon_a_CFLAGS = $(AM_CFLAGS) -DWITHOUT_GNU_PTH=1
+libcommon_a_CFLAGS = $(AM_CFLAGS) $(LIBASSUAN_CFLAGS) -DWITHOUT_GNU_PTH=1
 
 libcommonpth_a_SOURCES = $(common_sources)
 libcommonpth_a_CFLAGS = $(AM_CFLAGS) $(LIBASSUAN_PTH_CFLAGS) $(PTH_CFLAGS)
 
 libsimple_pwquery_a_SOURCES = \
 	simple-pwquery.c simple-pwquery.h asshelp.c asshelp.h
+libsimple_pwquery_a_CFLAGS = $(AM_CFLAGS) $(LIBASSUAN_CFLAGS)
 
 libgpgrl_a_SOURCES = \
         gpgrlhelp.c


From cvs at cvs.gnupg.org  Tue Oct 24 16:51:40 2006
From: cvs at cvs.gnupg.org (svn author marcus)
Date: Tue Oct 24 16:19:36 2006
Subject: [svn] GnuPG -  r4319 - trunk/g10
Message-ID: <E1GcN7t-0004Mg-9F@trithemius.gnupg.org>

Author: marcus
Date: 2006-10-24 16:51:39 +0200 (Tue, 24 Oct 2006)
New Revision: 4319

Modified:
   trunk/g10/ChangeLog
   trunk/g10/Makefile.am
Log:
2006-10-24  Marcus Brinkmann  <marcus@g10code.de>

	* Makefile.am (AM_CFLAGS): Add $(LIBASSUAN_CFLAGS).


Modified: trunk/g10/ChangeLog
===================================================================
--- trunk/g10/ChangeLog	2006-10-24 14:48:02 UTC (rev 4318)
+++ trunk/g10/ChangeLog	2006-10-24 14:51:39 UTC (rev 4319)
@@ -1,3 +1,7 @@
+2006-10-24  Marcus Brinkmann  <marcus@g10code.de>
+
+	* Makefile.am (AM_CFLAGS): Add $(LIBASSUAN_CFLAGS).
+
 2006-10-23  Werner Koch  <wk@g10code.com>
 
 	* gpg.c (main): New command --gpgconf-test.

Modified: trunk/g10/Makefile.am
===================================================================
--- trunk/g10/Makefile.am	2006-10-24 14:48:02 UTC (rev 4318)
+++ trunk/g10/Makefile.am	2006-10-24 14:51:39 UTC (rev 4319)
@@ -27,7 +27,7 @@
 
 include $(top_srcdir)/am/cmacros.am
 
-AM_CFLAGS = $(LIBGCRYPT_CFLAGS) $(GPG_ERROR_CFLAGS)
+AM_CFLAGS = $(LIBGCRYPT_CFLAGS) $(LIBASSUAN_CFLAGS) $(GPG_ERROR_CFLAGS)
 
 needed_libs = ../gl/libgnu.a ../common/libcommon.a ../jnlib/libjnlib.a
 


From cvs at cvs.gnupg.org  Tue Oct 24 16:55:59 2006
From: cvs at cvs.gnupg.org (svn author marcus)
Date: Tue Oct 24 16:23:56 2006
Subject: [svn] GnuPG -  r4320 - trunk/sm
Message-ID: <E1GcNC3-0005OJ-Rx@trithemius.gnupg.org>

Author: marcus
Date: 2006-10-24 16:55:58 +0200 (Tue, 24 Oct 2006)
New Revision: 4320

Modified:
   trunk/sm/ChangeLog
   trunk/sm/Makefile.am
Log:
2006-10-24  Marcus Brinkmann  <marcus@g10code.de>

	* Makefile.am (AM_CFLAGS): Add $(LIBASSUAN_CFLAGS).


Modified: trunk/sm/ChangeLog
===================================================================
--- trunk/sm/ChangeLog	2006-10-24 14:51:39 UTC (rev 4319)
+++ trunk/sm/ChangeLog	2006-10-24 14:55:58 UTC (rev 4320)
@@ -1,3 +1,7 @@
+2006-10-24  Marcus Brinkmann  <marcus@g10code.de>
+
+	* Makefile.am (AM_CFLAGS): Add $(LIBASSUAN_CFLAGS).
+
 2006-10-23  Werner Koch  <wk@g10code.com>
 
 	* gpgsm.c (main): Remap common cipher algo names to their OIDs.

Modified: trunk/sm/Makefile.am
===================================================================
--- trunk/sm/Makefile.am	2006-10-24 14:51:39 UTC (rev 4319)
+++ trunk/sm/Makefile.am	2006-10-24 14:55:58 UTC (rev 4320)
@@ -22,7 +22,7 @@
 
 bin_PROGRAMS = gpgsm
 
-AM_CFLAGS = $(LIBGCRYPT_CFLAGS) $(KSBA_CFLAGS) 
+AM_CFLAGS = $(LIBGCRYPT_CFLAGS) $(KSBA_CFLAGS) $(LIBASSUAN_CFLAGS) 
 
 AM_CPPFLAGS = -I$(top_srcdir)/gl -I$(top_srcdir)/common -I$(top_srcdir)/intl 
 include $(top_srcdir)/am/cmacros.am


From cvs at cvs.gnupg.org  Tue Oct 24 16:57:34 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Tue Oct 24 16:25:30 2006
Subject: [svn] GnuPG -  r4321 - tags
Message-ID: <E1GcNDa-0006m2-U2@trithemius.gnupg.org>

Author: wk
Date: 2006-10-24 16:57:33 +0200 (Tue, 24 Oct 2006)
New Revision: 4321

Added:
   tags/gnupg-1.9.94/
Log:


From cvs at cvs.gnupg.org  Wed Oct 25 20:28:50 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Wed Oct 25 19:56:43 2006
Subject: [svn] gcry - r1189 - trunk/cipher
Message-ID: <E1GcmzU-00020R-Aw@trithemius.gnupg.org>

Author: wk
Date: 2006-10-25 20:28:49 +0200 (Wed, 25 Oct 2006)
New Revision: 1189

Modified:
   trunk/cipher/ChangeLog
   trunk/cipher/ac.c
   trunk/cipher/primegen.c
   trunk/cipher/pubkey.c
Log:
See ChangeLog.  There are still problems in ac.c.


Modified: trunk/cipher/ChangeLog
===================================================================
--- trunk/cipher/ChangeLog	2006-10-23 09:14:16 UTC (rev 1188)
+++ trunk/cipher/ChangeLog	2006-10-25 18:28:49 UTC (rev 1189)
@@ -1,3 +1,19 @@
+2006-10-25  Werner Koch  <wk@g10code.com>
+
+	* primegen.c (prime_generate_internal): Tweaked use of secure
+	memory and entropy use. Safe unused primes from the pool. Allocate
+	at least a pool of 30.
+	(save_pool_prime, get_pool_prime): New.
+
+2006-10-23  Werner Koch  <wk@g10code.com>
+
+	* ac.c (_gcry_ac_data_from_sexp): Reset sexp_tmp for failsafe
+	means.  Release sexp_cur if needed.  Reported by Dirk Stoecker.
+
+	* pubkey.c (pubkeys_registered_lock): Intialized it.  It is not
+	 realy needed because this is a mere initialization to 0 anyway.
+	 Noted by Victor Stinner.
+
 2006-10-17  Werner Koch  <wk@g10code.com>
 
 	* dsa.c (_gcry_dsa_generate2): New.
@@ -50,7 +66,7 @@
 	* blowfish.c (selftest): Cast string to usnigned char*.
 
 	* primegen.c (prime_generate_internal): Cast unsigned/char*
-	mismatch in calling m_out_od_n.
+	mismatch in calling m_out_of_n.
 	(is_prime): Changed COUNT to unsigned int *.
 
 	* ac.c (_gcry_ac_data_copy): Initialize DATA_MPIS.
@@ -3052,7 +3068,7 @@
 
 Mon Mar  2 19:21:46 1998  Werner Koch  (wk@isil.d.shuttle.de)
 
-	* gost.c, gost.h: Removed because they did only conatin trash.
+	* gost.c, gost.h: Removed because they did only contain trash.
 
 Sun Mar  1 16:42:29 1998  Werner Koch  (wk@isil.d.shuttle.de)
 

Modified: trunk/cipher/ac.c
===================================================================
--- trunk/cipher/ac.c	2006-10-23 09:14:16 UTC (rev 1188)
+++ trunk/cipher/ac.c	2006-10-25 18:28:49 UTC (rev 1189)
@@ -743,28 +743,32 @@
 
 	      /* Release old SEXP_CUR, in case it is not equal to the
 		 original SEXP.  */
-
 	      if (sexp_cur != sexp)
 		gcry_sexp_release (sexp_cur);
 
 	      /* Make SEXP_CUR point to the new current sublist.  */
 	      sexp_cur = sexp_tmp;
+              sexp_tmp = NULL;
 	    }
 	}
       if (err)
 	goto out;
 
       if (i)
-	/* We have at least one identifier in the list, this means the
-	   the list of named MPI values is prefixed, this means that
-	   we need to skip the first item (the list name), when
-	   processing the MPI values.  */
-	skip_name = 1;
+        {
+          /* We have at least one identifier in the list, this means
+             the the list of named MPI values is prefixed, this means
+             that we need to skip the first item (the list name), when
+             processing the MPI values.  */
+          skip_name = 1;
+        }
       else
-	/* Since there is no identifiers list, the list of named MPI
-	   values is not prefixed with a list name, therefore the
-	   offset to use is zero.  */
-	skip_name = 0;
+        {
+          /* Since there is no identifiers list, the list of named MPI
+             values is not prefixed with a list name, therefore the
+             offset to use is zero.  */
+          skip_name = 0;
+        }
     }
   else
     /* Since there is no identifiers list, the list of named MPI
@@ -821,7 +825,9 @@
       if (err)
 	break;
 
+/*       gcry_free (string); */
       string = NULL;
+/*       gcry_mpi_release (mpi); */
       mpi = NULL;
 
       gcry_sexp_release (sexp_tmp);
@@ -834,6 +840,8 @@
 
  out:
 
+  if (sexp_cur != sexp)
+    gcry_sexp_release (sexp_cur);
   gcry_sexp_release (sexp_tmp);
   gcry_mpi_release (mpi);
   gcry_free (string);

Modified: trunk/cipher/primegen.c
===================================================================
--- trunk/cipher/primegen.c	2006-10-23 09:14:16 UTC (rev 1188)
+++ trunk/cipher/primegen.c	2006-10-25 18:28:49 UTC (rev 1189)
@@ -17,11 +17,6 @@
  * You should have received a copy of the GNU Lesser General Public
  * License along with this program; if not, write to the Free Software
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
- *
- * ***********************************************************************
- * The algorithm used to generate practically save primes is due to
- * Lim and Lee as described in the CRYPTO '97 proceedings (ISBN3540633847)
- * page 260.
  */
 
 #include <config.h>
@@ -35,6 +30,7 @@
 #include "g10lib.h"
 #include "mpi.h"
 #include "cipher.h"
+#include "ath.h"
 
 static gcry_mpi_t gen_prime (unsigned int nbits, int secret, int randomlevel, 
                              int (*extra_check)(void *, gcry_mpi_t),
@@ -133,6 +129,96 @@
 };
 static int no_of_small_prime_numbers = DIM (small_prime_numbers) - 1;
 
+
+
+/* An object and a list to build up a global pool of primes.  See
+   save_pool_prime and get_pool_prime. */
+struct primepool_s 
+{
+  struct primepool_s *next;
+  gcry_mpi_t prime;      /* If this is NULL the entry is not used. */
+  unsigned int nbits;
+  gcry_random_level_t randomlevel;
+};
+struct primepool_s *primepool;
+/* Mutex used to protect access to the primepool.  */
+static ath_mutex_t primepool_lock = ATH_MUTEX_INITIALIZER;
+
+
+
+/* Save PRIME which has been generated at RANDOMLEVEL for later
+   use. Needs to be called while primepool_lock is being hold.  Note
+   that PRIME should be considered released after calling this
+   function. */
+static void
+save_pool_prime (gcry_mpi_t prime, gcry_random_level_t randomlevel)
+{
+  struct primepool_s *item, *item2;
+  size_t n;
+
+  for (n=0, item = primepool; item; item = item->next, n++)
+    if (!item->prime)
+      break;
+  if (!item && n > 100)
+    {
+      /* Remove some of the entries.  Our strategy is removing
+         the last third from the list. */
+      int i;
+      
+      for (i=0, item2 = primepool; item2; item2 = item2->next)
+        {
+          if (i >= n/3*2)
+            {
+              gcry_mpi_release (item2->prime);
+              item2->prime = NULL;
+              if (!item)
+                item = item2;
+            }
+        }
+    }
+  if (!item)
+    {
+      item = gcry_calloc (1, sizeof *item);
+      if (!item)
+        {
+          /* Out of memory.  Silently giving up. */
+          gcry_mpi_release (prime);
+          return; 
+        }
+      item->next = primepool;
+      primepool = item;
+    }
+  item->prime = prime;
+  item->nbits = mpi_get_nbits (prime);
+  item->randomlevel = randomlevel;
+}
+
+
+/* Return a prime for the prime pool or NULL if none has been found.
+   The prime needs to match NBITS and randomlevel. This function needs
+   to be called why the primepool_look is being hold. */
+static gcry_mpi_t
+get_pool_prime (unsigned int nbits, gcry_random_level_t randomlevel)
+{
+  struct primepool_s *item;
+
+  for (item = primepool; item; item = item->next)
+    if (item->prime
+        && item->nbits == nbits && item->randomlevel == randomlevel)
+      {
+        gcry_mpi_t prime = item->prime;
+        item->prime = NULL;
+        assert (nbits == mpi_get_nbits (prime));
+        return prime;
+      }
+  return NULL;
+}
+
+
+
+
+
+
 void
 _gcry_register_primegen_progress ( void (*cb)(void *,const char*,int,int,int),
                                    void *cb_data )
@@ -178,18 +264,30 @@
 }
 
 
-/****************
- * We do not need to use the strongest RNG because we gain no extra
- * security from it - The prime number is public and we could also
- * offer the factors for those who are willing to check that it is
- * indeed a strong prime.  With ALL_FACTORS set to true all afcors of
- * prime-1 are returned in FACTORS.
- *
- * mode 0: Standard
- *	1: Make sure that at least one factor is of size qbits.
+/* Core prime generation function.  The algorithm used to generate
+   practically save primes is due to Lim and Lee as described in the
+   CRYPTO '97 proceedings (ISBN3540633847) page 260.
+
+   NEED_Q_FACTOR: If true make sure that at least one factor is of
+                  size qbits.  This is for example required for DSA.
+   PRIME_GENERATED: Adresss of a variable where the resulting prime
+                    number will be stored.
+   PBITS: Requested size of the prime number.  At least 48.
+   QBITS: One factor of the prime needs to be of this size.  Maybe 0
+          if this is not required.  See also MODE.
+   G: If not NULL an MPI which will receive a generator for the prime
+      for use with Elgamal.
+   RET_FACTORS: if not NULL, an array with all factors are stored at
+                that address.
+   ALL_FACTORS: If set to true all factors of prime-1 are returned.
+   RANDOMLEVEL:  How strong should the random numers be.
+   FLAGS: Prime generation bit flags. Currently supported:
+          GCRY_PRIME_FLAG_SECRET - The prime needs to be kept secret.
+   CB_FUNC, CB_ARG:  Callback to be used for extra checks.
+
  */
 static gcry_err_code_t
-prime_generate_internal (int mode,
+prime_generate_internal (int need_q_factor,
 			 gcry_mpi_t *prime_generated, unsigned int pbits,
 			 unsigned int qbits, gcry_mpi_t g,
 			 gcry_mpi_t **ret_factors,
@@ -201,7 +299,9 @@
   gcry_mpi_t *factors_new = NULL; /* Factors to return to the
 				     caller.  */
   gcry_mpi_t *factors = NULL;	/* Current factors.  */
+  gcry_random_level_t poolrandomlevel; /* Random level used for pool primes. */
   gcry_mpi_t *pool = NULL;	/* Pool of primes.  */
+  int *pool_in_use = NULL;      /* Array with currently used POOL elements. */
   unsigned char *perms = NULL;	/* Permutations of POOL.  */
   gcry_mpi_t q_factor = NULL;	/* Used if QBITS is non-zero.  */
   unsigned int fbits = 0;	/* Length of prime factors.  */
@@ -212,6 +312,7 @@
   unsigned int nprime = 0;	/* Bits of PRIME.  */
   unsigned int req_qbits;       /* The original QBITS value.  */
   gcry_mpi_t val_2;             /* For check_prime().  */
+  int is_locked = 0;            /* Flag to help unlocking the primepool. */
   unsigned int is_secret = (flags & GCRY_PRIME_FLAG_SECRET);
   unsigned int count1 = 0, count2 = 0;
   unsigned int i = 0, j = 0;
@@ -219,28 +320,33 @@
   if (pbits < 48)
     return GPG_ERR_INV_ARG;
 
+  /* We won't use a too strong random elvel for the pooled subprimes. */
+  poolrandomlevel = (randomlevel > GCRY_STRONG_RANDOM?
+                     GCRY_STRONG_RANDOM : randomlevel);
+
+
   /* If QBITS is not given, assume a reasonable value. */
   if (!qbits)
     qbits = pbits / 3;
 
   req_qbits = qbits;
 
-  /* Find number of needed prime factors.  */
+  /* Find number of needed prime factors N.  */
   for (n = 1; (pbits - qbits - 1) / n  >= qbits; n++)
     ;
   n--;
 
   val_2 = mpi_alloc_set_ui (2);
 
-  if ((! n) || ((mode == 1) && (n < 2)))
+  if ((! n) || ((need_q_factor) && (n < 2)))
     {
       err = GPG_ERR_INV_ARG;
       goto leave;
     }
 
-  if (mode == 1)
+  if (need_q_factor)
     {
-      n--;
+      n--;  /* Need one factor less because we want a specific Q-FACTOR. */
       fbits = (pbits - 2 * req_qbits -1) / n;
       qbits =  pbits - req_qbits - n * fbits;
     }
@@ -254,28 +360,45 @@
     log_debug ("gen prime: pbits=%u qbits=%u fbits=%u/%u n=%d\n",
                pbits, req_qbits, qbits, fbits, n);
 
+  /* Allocate an integer to old the new prime. */
   prime = gcry_mpi_new (pbits);
 
   /* Generate first prime factor.  */
   q = gen_prime (qbits, is_secret, randomlevel, NULL, NULL);
-  
-  if (mode == 1)
+
+  /* Generate a specific Q-Factor if requested. */
+  if (need_q_factor)
     q_factor = gen_prime (req_qbits, is_secret, randomlevel, NULL, NULL);
   
-  /* Allocate an array to hold the factors + 2 for later usage.  */
+  /* Allocate an array to hold all factors + 2 for later usage.  */
   factors = gcry_calloc (n + 2, sizeof (*factors));
   if (!factors)
     {
       err = gpg_err_code_from_errno (errno);
       goto leave;
     }
+
+  /* Allocate an array to track pool usage. */
+  pool_in_use = gcry_malloc (n * sizeof *pool_in_use);
+  if (!pool_in_use)
+    {
+      err = gpg_err_code_from_errno (errno);
+      goto leave;
+    }
+  for (i=0; i < n; i++)
+    pool_in_use[i] = -1;
       
-  /* Make a pool of 3n+5 primes (this is an arbitrary value).  */
+  /* Make a pool of 3n+5 primes (this is an arbitrary value).  We
+     require at least 30 primes for are useful selection process. 
+     
+     FIXME: We need to do some reseacrh on the best formula for sizing
+     the pool.
+  */
   m = n * 3 + 5;
-  if (mode == 1) /* Need some more (for e.g. DSA).  */
+  if (need_q_factor) /* Need some more in this case. */
     m += 5;
-  if (m < 25)
-    m = 25;
+  if (m < 30)
+    m = 30;
   pool = gcry_calloc (m , sizeof (*pool));
   if (! pool)
     {
@@ -283,14 +406,19 @@
       goto leave;
     }
 
-  /* Permutate over the pool of primes.  */
+  /* Permutate over the pool of primes until we find a prime of the
+     requested length.  */
   do
     {
     next_try:
-      if (! perms)
+      for (i=0; i < n; i++)
+        pool_in_use[i] = -1;
+
+      if (!perms)
         {
-          /* Allocate new primes.  */
-          for(i = 0; i < m; i++)
+          /* Allocate new primes.  This is done right at the beginning
+             of the loop and if we have later run out of primes. */
+          for (i = 0; i < m; i++)
             {
               mpi_free (pool[i]);
               pool[i] = NULL;
@@ -298,44 +426,110 @@
 
           /* Init m_out_of_n().  */
           perms = gcry_calloc (1, m);
-          if (! perms)
+          if (!perms)
             {
               err = gpg_err_code_from_errno (errno);
               goto leave;
             }
-          for(i = 0; i < n; i++)
+
+          if (ath_mutex_lock (&primepool_lock))
             {
-              perms[i] = 1;
-              pool[i] = gen_prime (fbits, is_secret,
-                                   randomlevel, NULL, NULL);
+              err = GPG_ERR_INTERNAL;
+              goto leave;
+            }
+          is_locked = 1;
+          for (i = 0; i < n; i++)
+            {
+              perms[i] = 1; 
+              /* At a maximum we use strong random for the factors.
+                 This saves us a lot of entropy. Given that Q and
+                 possible Q-factor are also used in the final prime
+                 this should be acceptable.  We also don't allocate in
+                 secure memory to save on that scare resource too.  If
+                 Q has been allocated in secure memory, the final
+                 prime will be saved there anyway.  This is because
+                 our MPI routines take care of that.  GnuPG has worked
+                 this way ever since.  */
+              pool[i] = NULL;
+              if (is_locked)
+                {
+                  pool[i] = get_pool_prime (fbits, poolrandomlevel);
+                  if (!pool[i])
+                    {
+                      if (ath_mutex_unlock (&primepool_lock))
+                        {
+                          err = GPG_ERR_INTERNAL;
+                          goto leave;
+                        }
+                      is_locked = 0;
+                    }
+                }
+              if (!pool[i])
+                pool[i] = gen_prime (fbits, 0, poolrandomlevel, NULL, NULL);
+              pool_in_use[i] = i;
               factors[i] = pool[i];
             }
+          if (is_locked && ath_mutex_unlock (&primepool_lock))
+            {
+              err = GPG_ERR_INTERNAL;
+              goto leave;
+            }
+          is_locked = 0;
         }
       else
         {
+          /* Get next permutation. */
           m_out_of_n ( (char*)perms, n, m);
+          if (ath_mutex_lock (&primepool_lock))
+            {
+              err = GPG_ERR_INTERNAL;
+              goto leave;
+            }
+          is_locked = 1;
           for (i = j = 0; (i < m) && (j < n); i++)
             if (perms[i])
               {
-                if(! pool[i])
-                  pool[i] = gen_prime (fbits, 0, 1, NULL, NULL);
+                /* If the subprime has not yet beed generated do it now. */
+                if (!pool[i] && is_locked)
+                  {
+                    pool[i] = get_pool_prime (fbits, poolrandomlevel);
+                    if (!pool[i])
+                      {
+                        if (ath_mutex_unlock (&primepool_lock))
+                          {
+                            err = GPG_ERR_INTERNAL;
+                            goto leave;
+                          }
+                        is_locked = 0;
+                      }
+                  }
+                if (!pool[i])
+                  pool[i] = gen_prime (fbits, 0, poolrandomlevel, NULL, NULL);
+                pool_in_use[j] = i;
                 factors[j++] = pool[i];
               }
+          if (is_locked && ath_mutex_unlock (&primepool_lock))
+            {
+              err = GPG_ERR_INTERNAL;
+              goto leave;
+            }
+          is_locked = 0;
           if (i == n)
             {
+              /* Ran out of permutations: Allocate new primes.  */
               gcry_free (perms);
               perms = NULL;
               progress ('!');
-              goto next_try;	/* Allocate new primes.  */
+              goto next_try;	
             }
         }
 
 	/* Generate next prime candidate:
 	   p = 2 * q [ * q_factor] * factor_0 * factor_1 * ... * factor_n + 1. 
-        */
+         */
 	mpi_set (prime, q);
 	mpi_mul_ui (prime, prime, 2);
-	if (mode == 1)
+	if (need_q_factor)
 	  mpi_mul (prime, prime, q_factor);
 	for(i = 0; i < n; i++)
 	  mpi_mul (prime, prime, factors[i]);
@@ -350,7 +544,7 @@
 		qbits++;
 		progress('>');
 		mpi_free (q);
-		q = gen_prime (qbits, 0, 0, NULL, NULL);
+		q = gen_prime (qbits, is_secret, randomlevel, NULL, NULL);
 		goto next_try;
 	      }
 	  }
@@ -365,7 +559,7 @@
 		qbits--;
 		progress('<');
 		mpi_free (q);
-		q = gen_prime (qbits, 0, 0, NULL, NULL);
+		q = gen_prime (qbits, is_secret, randomlevel, NULL, NULL);
 		goto next_try;
 	      }
 	  }
@@ -380,13 +574,13 @@
       progress ('\n');
       log_mpidump ("prime    : ", prime);
       log_mpidump ("factor  q: ", q);
-      if (mode == 1)
+      if (need_q_factor)
         log_mpidump ("factor q0: ", q_factor);
       for (i = 0; i < n; i++)
         log_mpidump ("factor pi: ", factors[i]);
       log_debug ("bit sizes: prime=%u, q=%u",
                  mpi_get_nbits (prime), mpi_get_nbits (q));
-      if (mode == 1)
+      if (need_q_factor)
         log_debug (", q0=%u", mpi_get_nbits (q_factor));
       for (i = 0; i < n; i++)
         log_debug (", p%d=%u", i, mpi_get_nbits (factors[i]));
@@ -408,7 +602,7 @@
           i = 0;
           factors_new[i++] = gcry_mpi_set_ui (NULL, 2);
           factors_new[i++] = mpi_copy (q);
-          if (mode == 1)
+          if (need_q_factor)
             factors_new[i++] = mpi_copy (q_factor);
           for(j=0; j < n; j++)
             factors_new[i++] = mpi_copy (factors[j]);
@@ -416,7 +610,7 @@
       else
         {
           i = 0;
-          if (mode == 1)
+          if (need_q_factor)
             {
               factors_new[i++] = mpi_copy (q_factor);
               for (; i <= n; i++)
@@ -435,7 +629,7 @@
       gcry_mpi_t b = mpi_alloc (mpi_get_nlimbs (prime));
       gcry_mpi_t pmin1 = mpi_alloc (mpi_get_nlimbs (prime));
       
-      if (mode == 1)
+      if (need_q_factor)
         err = GPG_ERR_NOT_IMPLEMENTED;
       else
         {
@@ -482,10 +676,29 @@
  leave:
   if (pool)
     {
+      is_locked = !ath_mutex_lock (&primepool_lock);
       for(i = 0; i < m; i++)
-	mpi_free (pool[i]);
+        {
+          if (pool[i])
+            {
+              for (j=0; j < n; j++)
+                if (pool_in_use[j] == i)
+                  break;
+              if (j == n && is_locked)
+                {
+                  /* This pooled subprime has not been used. */
+                  save_pool_prime (pool[i], poolrandomlevel);
+                }
+              else
+                mpi_free (pool[i]);
+            }
+        }
+      if (is_locked && ath_mutex_unlock (&primepool_lock))
+        err = GPG_ERR_INTERNAL;
+      is_locked = 0;
       gcry_free (pool);
     }
+  gcry_free (pool_in_use);
   if (factors)
     gcry_free (factors);  /* Factors are shallow copies.  */
   if (perms)
@@ -515,6 +728,8 @@
   return err;
 }
 
+
+
 gcry_mpi_t
 _gcry_generate_elg_prime (int mode, unsigned pbits, unsigned qbits,
 			  gcry_mpi_t g, gcry_mpi_t **ret_factors)
@@ -522,7 +737,7 @@
   gcry_err_code_t err = GPG_ERR_NO_ERROR;
   gcry_mpi_t prime = NULL;
   
-  err = prime_generate_internal (mode, &prime, pbits, qbits, g,
+  err = prime_generate_internal ((mode == 1), &prime, pbits, qbits, g,
 				 ret_factors, GCRY_WEAK_RANDOM, 0, 0,
                                  NULL, NULL);
 
@@ -765,6 +980,21 @@
 }
 
 
+/* Given ARRAY of size N with M elements set to true produce a
+   modified array with the next permutation of M elements.  Note, that
+   ARRAY is used in a one-bit-per-byte approach.  To detected the last
+   permutation it is useful to intialize the array with the first M
+   element set to true and use this test:
+       m_out_of_n (array, m, n);
+       for (i = j = 0; i < n && j < m; i++)
+         if (array[i])
+           j++;
+       if (j == m)
+         goto ready;
+     
+   This code is based on the algorithm 452 from the "Collected
+   Algorithms From ACM, Volume II" by C. N. Liu and D. T. Tang.
+*/
 static void
 m_out_of_n ( char *array, int m, int n )
 {
@@ -773,12 +1003,12 @@
   if( !m || m >= n )
     return;
 
+  /* Need to handle this simple case separately. */
   if( m == 1 )
     { 
-      /* Special case. */
       for (i=0; i < n; i++ )
         {
-          if( array[i] )
+          if ( array[i] )
             {
               array[i++] = 0;
               if( i >= n )
@@ -790,6 +1020,7 @@
       BUG();
     }
 
+
   for (j=1; j < n; j++ )
     {
       if ( array[n-1] == array[n-j-1])
@@ -866,6 +1097,7 @@
       k2 = n + 1 - m;
     }
  leave:
+  /* Now complement the two selected bits. */
   array[k1-1] = !array[k1-1];
   array[k2-1] = !array[k2-1];
 }
@@ -897,7 +1129,7 @@
     mode = 1;
 
   /* Generate.  */
-  err = prime_generate_internal (mode, &prime_generated, prime_bits,
+  err = prime_generate_internal ((mode==1), &prime_generated, prime_bits,
 				 factor_bits, NULL,
                                  factors? &factors_generated : NULL,
 				 random_level, flags, 1,

Modified: trunk/cipher/pubkey.c
===================================================================
--- trunk/cipher/pubkey.c	2006-10-23 09:14:16 UTC (rev 1188)
+++ trunk/cipher/pubkey.c	2006-10-25 18:28:49 UTC (rev 1189)
@@ -66,7 +66,7 @@
 static gcry_module_t pubkeys_registered;
 
 /* This is the lock protecting PUBKEYS_REGISTERED.  */
-static ath_mutex_t pubkeys_registered_lock;
+static ath_mutex_t pubkeys_registered_lock = ATH_MUTEX_INITIALIZER;;
 
 /* Flag to check wether the default pubkeys have already been
    registered.  */


From cvs at cvs.gnupg.org  Tue Oct 31 20:53:53 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Tue Oct 31 20:21:18 2006
Subject: [svn] assuan - r222 - in trunk: . doc
Message-ID: <E1GezAV-00080D-B8@trithemius.gnupg.org>

Author: wk
Date: 2006-10-31 20:53:52 +0100 (Tue, 31 Oct 2006)
New Revision: 222

Modified:
   trunk/ChangeLog
   trunk/Makefile.am
   trunk/NEWS
   trunk/README
   trunk/TODO
   trunk/doc/ChangeLog
   trunk/doc/assuan.texi
Log:
Preparing the 1.0.0 release.


Modified: trunk/ChangeLog
===================================================================
--- trunk/ChangeLog	2006-10-18 16:19:49 UTC (rev 221)
+++ trunk/ChangeLog	2006-10-31 19:53:52 UTC (rev 222)
@@ -1,3 +1,11 @@
+2006-10-31  Werner Koch  <wk@g10code.com>
+
+	Released 1.0.0.
+
+2006-10-20  Werner Koch  <wk@g10code.com>
+
+	* Makefile.am (stowinstall): New convenience target.
+
 2006-10-10  Werner Koch  <wk@g10code.com>
 
 	Released 0.9.3.

Modified: trunk/Makefile.am
===================================================================
--- trunk/Makefile.am	2006-10-18 16:19:49 UTC (rev 221)
+++ trunk/Makefile.am	2006-10-31 19:53:52 UTC (rev 222)
@@ -10,3 +10,6 @@
 dist-hook:
 	echo "$(VERSION)" > $(distdir)/VERSION
 
+
+stowinstall: 
+	$(MAKE) $(AM_MAKEFLAGS) install prefix=/usr/local/stow/libassuan

Modified: trunk/NEWS
===================================================================
--- trunk/NEWS	2006-10-18 16:19:49 UTC (rev 221)
+++ trunk/NEWS	2006-10-31 19:53:52 UTC (rev 222)
@@ -1,14 +1,16 @@
-Noteworthy changes in version 0.9.4
+Noteworthy changes in version 1.0.0 (2006-10-31)
 ------------------------------------------------
 
+ * Finished the manual.
 
+
 Noteworthy changes in version 0.9.3 (2006-10-10)
 ------------------------------------------------
 
  * Portability fixes.
 
  * Pth is not anymore linked by means of weak symbol tricks.  It is
-   now required to link to the pth version of libassuan.  New aufoconf
+   now required to link to the pth version of libassuan.  New autoconf
    macros are provided to to check for this.  The pth version is only
    build if Pth is available.
 
@@ -141,7 +143,7 @@
  * Initial release as a standalone library.
 
 
- Copyright 2003, 2004 Free Software Foundation, Inc.
+ Copyright 2003, 2004, 2006 Free Software Foundation, Inc.
 
  This file is free software; as a special exception the author gives
  unlimited permission to copy and/or distribute it, with or without

Modified: trunk/README
===================================================================
--- trunk/README	2006-10-18 16:19:49 UTC (rev 221)
+++ trunk/README	2006-10-31 19:53:52 UTC (rev 222)
@@ -3,14 +3,19 @@
 
 This is the IPC library used by GnuPG 1.9, GPGME and a few other
 packages.  It used to be included with the latter packages but we
-decided to make your life not too easy and separated it out to a
-stand alone library.
+decided to make your life not too easy and separated it out to a stand
+alone library.
 
 It is currently not intended to be used as a shared library.
 
-See COPYING.LESSER on how to share, modify and distribute the
-software itself and COPYING for the documentation.
+See COPYING.LESSER on how to share, modify and distribute the software
+itself and COPYING for the documentation.
 
+Please send bug report to the gnupg-devel mailing list or enter them
+into the gnupg bug tracker at http://bugs.g10code.com using the
+category "libassuan".
 
+The primary FTP site is ftp://ftp.gnupg.org/gcrypt/libassuan.
 
 
+

Modified: trunk/TODO
===================================================================
--- trunk/TODO	2006-10-18 16:19:49 UTC (rev 221)
+++ trunk/TODO	2006-10-31 19:53:52 UTC (rev 222)
@@ -2,7 +2,6 @@
 * Check that we have Pth-ed all blocking fucntions.
 * When turning libassuan into a shared library, provide a general
   version as well as a Pth-enabled one.
-* Need API documentation.
 * assuan_transact returns immediately on an error in the callback
   function.  It might be better to return the error to the caller. As
   an example see dirmngr-client, where we need to send empty responses

Modified: trunk/doc/ChangeLog
===================================================================
--- trunk/doc/ChangeLog	2006-10-18 16:19:49 UTC (rev 221)
+++ trunk/doc/ChangeLog	2006-10-31 19:53:52 UTC (rev 222)
@@ -1,3 +1,7 @@
+2006-10-31  Werner Koch  <wk@g10code.com>
+
+	* assuan.texi: Finished.
+
 2003-12-18  Werner Koch  <wk@gnupg.org>
 
 	* assuan.texi: Changed copyright to GPL because this is not a book

Modified: trunk/doc/assuan.texi
===================================================================
--- trunk/doc/assuan.texi	2006-10-18 16:19:49 UTC (rev 221)
+++ trunk/doc/assuan.texi	2006-10-31 19:53:52 UTC (rev 222)
@@ -139,7 +139,7 @@
 In an ideal world, Assuan is irrelevant.  Assuan's primary use is to
 allow a client to interact with a non-persistent server.  Using
 Assuan, this is accomplished by forking a subprocess and communicating
-with it via, for example, a pipe or unix domain socket.  This method
+with it via, for example, a pipe or Unix domain socket.  This method
 is neither elegant nor efficient especially when there is a lot of
 data spread across several transactions: not only is there a penalty
 for an increased number of context switches, but also a significant
@@ -208,7 +208,7 @@
 @chapter Implementation
 
 The implementation is line based with a maximum line size of 1000
-octects.  The default IPC mechanism are Unix Domain Sockets.
+octets.  The default IPC mechanism are Unix Domain Sockets.
 
 On a connect request the server responds either with an okay or an error
 status.  For authentication check the server may send an Inquiry
@@ -237,7 +237,7 @@
 @section Server responses
 
 @table @code
-@item OK  [<arbitary debugging information>]
+@item OK  [<arbitrary debugging information>]
 Request was successful.
 
 @item ERR @var{errorcode} [<human readable error description>]
@@ -259,7 +259,7 @@
 stream up to the OK or ERR response.  Status and Inquiry Responses
 may be mixed with the Data lines.
 
-@item INQUIRE @var{keyword}> <parameters>
+@item INQUIRE @var{keyword} <parameters>
 Server needs further information from the client.  The client should
 answer with a command which is allowed after an inquiry.  Note that the
 server does not confirm that client command but either continues
@@ -326,8 +326,7 @@
 
 @table @code
 @item CANCEL
-This command is used for future extenxions.  It may today be used to
-cancel outstanding requests in an asynchronous protocol.
+This command is used for future extensions.  
 
 @item BYE
 Close the connect, the server will reply with an @code{OK}.
@@ -351,80 +350,29 @@
 @item QUIT
 Reserved for future extensions.
 
+@item OPTION
+Set options for the connection.  The syntax of such a line is
+@display
+  OPTION @var{name} [ [=] @var{value} ]
+@end display
+Leading and trailing spaces around @var{name} and @var{value} are
+allowed but should be ignored.  For compatibility reasons, @var{name}
+may be prefixed with two dashes.  The use of the equal sign is optional
+but suggested if @var{value} is given.
 @end table
 
 
 @node Error codes
 @section Error codes
 
-Here we keep a list of error codes used in any Assuan based
-protocol.  The format is the string @code{ERR}, white space, the error
-number, white space, a textual description of the error.
+In general Libassuan should be used with gpg-error style error codes.
+For compatibility reasons and for applications not wanting to use these
+error codes, the old Assuan error codes may still be used.  In fact they
+are used by default.  To switch to gpg-error style error codes,
+applications should call the @ref{function assuan_set_assuan_err_source}
+right after startup.
 
-General error codes pertaining to the actual Assuan operations:
 
-@table @code
-@item 0  Success
-@item 1  General error
-@item 2  Out of core
-@item 3  Invalid value
-@item 4  Timeout
-@item 5  Read error
-@item 6  Write error
-@item 7  Problem starting server
-@item 8  Not a server
-@item 9  Not a client
-@item 10 Nested commands
-@item 11 Invalid response
-@item 12 No data callback
-@item 13 No inquire callback
-@item 14 Connect failed
-@item 15 Accept failed
-@end table
-
-Error codes used as status codes in the Assuan protocol:
-
-@table @code
-@item 100 Not implemented
-@item 101 Server fault (catch all error code)
-@item 102 Invalid command
-@item 103 Unknown command
-@item 104 Syntax error
-@item 105 Parameter error
-@item 106 Parameter conflict
-@item 107 Line too long
-@item 108 Line not terminated
-@item 109 No input
-@item 110 No output
-@item 111 Canceled
-@item 112 Unsupported algorithm
-@item 113 Server resource problem
-@item 114 Server I/O error
-@item 115 Server bug
-@item 116 No data available
-@item 117 Invalid data
-@item 118 Unexpected command
-@item 119 Too much data
-@item 120 Inquire unknown
-@item 121 Inquire error
-@item 122 Invalid option
-@item 123 Invalid index
-@item 124 Unexpected status
-@item 125 Unexpected data
-@item 126 Invalid status
-@item 128 Not confirmed
-@end table
-
-For historical reasons a few more error codes are defined in
-@file{assuan.h}; they should not be used by new applications.
-
-Errror codes in the range @var{ASSUAN_USER_ERROR_FIRST} to
-@var{ASSUAN_USER_ERROR_LAST} may be used at the applications own
-discretion. Error codes greater than 65535 are not defined by Assuan
-and may also be used by applications --- note that the GnuPG system
-maps libgpg-error codes into this range.
-
-
 @c 
 @c           P R E P A R A T I O N
 @c
@@ -592,7 +540,7 @@
 data type is used all over the place:
 
 @deftp {Data type} assuan_context_t
-The @code{assuan_context_t} type is a pointer to an object mainted
+The @code{assuan_context_t} type is a pointer to an object maintained
 internally by the library.  Certain Assuan functions allocate such a
 context and return it to the caller using this data type. Other
 functions take this data type to access the state created by these
@@ -604,7 +552,7 @@
 type for error return values exists:
 
 @deftp {Data type} assuan_error_t
-This has orginally been an @code{enum} but applications should either
+This has originally been an @code{enum} but applications should either
 view it as an @code{int} or if possible use the @code{gpg_error_t} data
 type as defined by the @sc{libgpg-error} package.
 @end deftp
@@ -614,7 +562,7 @@
 @section Initializing the library
 
 In general the library requires no initialization.  There are however
-some initialization hooks provided which aren often useful.  These
+some initialization hooks provided which are often useful.  These
 should be called as early as possible and in a multi-threaded
 application before a second thread is created. 
 
@@ -626,7 +574,7 @@
 You need to provide all three functions.  Those functions need to behave
 exactly as their standard counterparts (@code{malloc}, @code{realloc}
 and @code{free}).  If you write your own functions please take care to
-set @code{errno} whenever an error has occured.
+set @code{errno} whenever an error has occurred.
 @end deftypefun
 
 @noindent
@@ -639,7 +587,7 @@
 to @code{stderr}.  This default value is also changed by using
 @code{assuan_set_log_stream} (to set a logging stream for a specific
 context) unless this function has been used.  Obviously this is not
-thread-asfe and thus it is highly recommended to use this function to
+thread-safe and thus it is highly recommended to use this function to
 setup a proper default.
 @end deftypefun
 
@@ -652,9 +600,10 @@
 @sc{libgpg-error} it is recommended to switch @sc{libassuan} into a mode
 which directly makes use of error codes provided by @sc{libgpg-error}.
 Because the Assuan error codes and those of gpg-error overlap, it is
-required to explictly request this.  You do this by calling the function
+required to explicitly request this.  You do this by calling the function
 
-@deftypefun void assuan_set_assuan_err_source (int @var{errsource})
+@anchor{function assuan_set_assuan_err_source}
+@deftypefun void assuan_set_assuan_err_source (@w{int @var{errsource}})
 Enable gpg-error style error codes.  @var{errsource} is one of the
 gpg-error sources.  Switching back to the old style mode is not
 possible.  The usual way to call this function is
@@ -668,7 +617,7 @@
 
 What would be a IPC library without the ability to read and write data?
 Not very useful.  Libassuan has high level functions to take care of of
-the more boring stuff but eventully actually data needs to be written.
+the more boring stuff but eventfully actually data needs to be written.
 
 @noindent
 The basic read and write functions are:
@@ -679,7 +628,7 @@
 buffer holding that line at the address @var{line}.  The valid length of
 the lines is stored at the address of @var{linelen}. This buffer is
 valid until the next read operation on the same context @var{ctx}.  You
-may modify the contet of this buffer.  The buffer is invalid (i.e. must
+may modify the context of this buffer.  The buffer is invalid (i.e. must
 not be used) if an error is returned.  This function returns @code{0} on
 success or an error code.
 @end deftypefun
@@ -688,8 +637,8 @@
 
 Write the string @var{line} to the other end.  This string needs to be a
 proper formatted Assuan protocol line and should not include a linefeed.
-Sending linefeed or Nul characters is not possible and not alowed by the
-assuan protocol.  This fucntion shall not be used for sendind data (D)
+Sending linefeed or Nul characters is not possible and not allowed by the
+assuan protocol.  This function shall not be used for sending data (D)
 lines.  This function returns @code{0} on success or an error code.
 @end deftypefun
 
@@ -706,7 +655,7 @@
 
 When used by a client this flush operation does also send the
 terminating @code{END} command to terminate the response on an
-``INQUIRE'' response.  Note, that the fucntion @code{assuan_transact}
+``INQUIRE'' response.  Note, that the function @code{assuan_transact}
 takes care of sending this @code{END} itself.
 
 @noindent
@@ -722,167 +671,612 @@
 @node Client code
 @chapter How to develop an Assuan client
 
+Depending on the type of the server you want to connect you need to use
+different functions.
 
+For a pipe based server you fork and exec yourself, you use:
 
+@deftypefun assuan_error_t assuan_pipe_connect (@w{assuan_context_t *@var{ctx}},@w{const char *@var{name}}, @w{const char *const @var{argv}[]}, @w{int *@var{fd_child_list}})
 
-assuan_error_t assuan_pipe_connect (assuan_context_t *ctx,
-                                    const char *name,
-				    const char *const argv[],
-				    int *fd_child_list);
-assuan_error_t assuan_pipe_connect2 (assuan_context_t *ctx,
-                                     const char *name,
-                                     const char *const argv[],
-				     int *fd_child_list,
-                                     void (*atfork) (void*, int),
-                                     void *atforkvalue);
-assuan_error_t assuan_pipe_connect_ext (assuan_context_t *ctx, 
-                                        const char *name,
-                                        const char *const argv[],
-                                        int *fd_child_list,
-                                        void (*atfork) (void *, int),
-                                        void *atforkvalue,
-                                        unsigned int flags);
+A call to this functions forks the current process and executes the
+program @var{name}, passing the arguments given in the NULL-terminated
+list @var{argv}.  A list of file descriptors not to be closed may be
+given using the @code{-1} terminated array @var{fd_child_list}.
 
-assuan_error_t assuan_socket_connect (assuan_context_t *ctx, 
-                                      const char *name,
-                                      pid_t server_pid);
-assuan_error_t assuan_socket_connect_ext (assuan_context_t *ctx,
-                                          const char *name,
-                                          pid_t server_pid,
-                                          unsigned int flags);
+On success a new assuan context is returned at @var{ctx}.
 
-void assuan_disconnect (assuan_context_t ctx);
+@end deftypefun
 
-assuan_error_t 
-assuan_transact (assuan_context_t ctx,
-                 const char *command,
-                 int (*data_cb)(void *, const void *, size_t),
-                 void *data_cb_arg,
-                 int (*inquire_cb)(void*, const char *),
-                 void *inquire_cb_arg,
-                 int (*status_cb)(void*, const char *),
-                 void *status_cb_arg);
+If it is not a simple pipe server but one using full-duplex sockets, the
+full-fledged variant of the above function should be used:
 
+@deftypefun assuan_error_t assuan_pipe_connect_ext (@w{assuan_context_t *@var{ctx}},@w{const char *@var{name}}, @w{const char *const @var{argv}[]}, @w{int *@var{fd_child_list}}, @w{void (*@var{atfork}) (void *, int)}, @w{void *@var{atforkvalue}}, @w{unsigned int @var{flags}})
 
-/* The file descriptor must be pending before assuan_receivefd is
-   called.  This means that assuan_sendfd should be called *before* the
-   trigger is sent (normally via assuan_write_line ("INPUT FD")).  */
-@anchor{fun-assuan_sendfd}
-assuan_error_t assuan_sendfd (assuan_context_t ctx, int fd);
+A call to this functions forks the current process and executes the
+program @var{name}, passing the arguments given in the NULL-terminated
+list @var{argv}.  A list of file descriptors not to be closed may be
+given using the @code{-1} terminated array @var{fd_child_list}.
 
-Note, that calling this with a @var{ctx} of @code{NULL} and @var{fd} of
-@code{-1} is a valid runtime test to check whether descripor passing is
-available.
+If @var{name} as well as @var{argv} are given as @code{NULL}, only a
+fork but no exec is done.  Thus the child continues to run.  However all
+file descriptors are closed and some special environment variables are
+set. To let the caller detect whether the child or the parent continues,
+the child returns with a @var{ctx} set to @code{NULL}.
 
+If @var{atfork} is not NULL, this function is called in the child right
+after the fork and the value @var{atforkvalue} is passed as the first
+argument.  That function should only act if the second argument it
+received is @code{0}.  Such a fork callback is useful to releases
+additional resources not to be used by the child.
+
+@var{flags} controls how the function acts: With a value of @code{0} it
+expects a simple pipe based server and is in that identical to
+@code{assuan_pipe_connect}.  With a value of @code{1} a sever based on
+full-duplex pipes is expected.  Such pipes are usually created using the
+@code{socketpair} function.  It also enables features only available
+with such servers.
+
+@end deftypefun
+
+If you are using a long running server listening either on a TCP or a
+Unix domain socket, the following function is used to connect to the server:
+
+@deftypefun assuan_error_t assuan_socket_connect_ext (@w{assuan_context_t *@var{ctx}}, @w{const char *@var{name}}, @w{pid_t @var{server_pid}}, @w{unsigned int @var{flags}})
+
+Make a connection to the Unix domain socket @var{name} and return a new
+Assuan context at @var{ctx}.  @var{server_pid} is currently not used but
+may become handy in the future; if you don't know the server's pid, pass
+@code{-1}.  With @var{flags} set to @code{1} the @code{sendmsg} and
+@code{recvmesg} are used for input and output and thereby enabling the
+the use of descriptor passing.
+
+Connecting a TCP server is not yet implemented.  Standard URL schemes
+are reserved for @var{name} specifying a TCP server.
+
+@end deftypefun
+
+@deftypefun assuan_error_t assuan_socket_connect (@w{assuan_context_t *@var{ctx}}, @w{const char *@var{name}}, @w{pid_t @var{server_pid}})
+
+Same as above but no way to specify flags.
+@end deftypefun
+
+Finally, after using the Assuan connection, the resources should be
+deallocated:
+
+@deftypefun void assuan_disconnect (@w{assuan_context_t @var{ctx}})
+
+Close the connection described by the Assuan context @var{ctx} and
+release all resources.  This function also tries to send the BYE command
+to the server but won't fail on error. It is explicitly allowed to pass
+@code{NULL} for @var{ctx}, in which case the function does nothing.
+@end deftypefun
+
+Now that we have a connection to the server all work may be conveniently
+done using a couple of callbacks and the transact function:
+
+@deftypefun assuan_error_t assuan_transact (@w{assuan_context_t @var{ctx}}, @w{const char *@var{command}}, @w{int (*@var{data_cb})(void *, const void *, size_t)}, @w{void *@var{data_cb_arg}}, @w{int (*@var{inquire_cb})(void*, const char *)}, @w{void *@var{inquire_cb_arg}}, @w{int (*@var{status_cb})(void*, const char *)}, @w{void *@var{status_cb_arg}})
+
+Here @var{ctx} is the Assuan context opened by one of the connect call.
+@var{command} is the actual one liner Assuan command.  It shall not end
+with a line feed and its length is limited to @code{ASSUAN_LINELENGTH}
+(~1000 bytes)
+
+@var{data_cb} is called by Libassuan for data lines; @var{data_cb_arg}
+is passed to it along with the data and the length.  [fixme: needs more
+documentation].
+
+@var{inquire_cb} is called by Libassuan when the server requests
+additional information from the client during the processing of a
+request.  This callback shall check the provided inquriy name and send
+the data as requested back using the @code{assuan_write_data}.  The server
+passed @var{inquriy_cb_arg} along with the inquiry name to the callback.
+
+@var{status_cb} is called by Libassuan for each status line it receives
+from the server. @var{status_cb_arg} is passed along with the status
+line to the callback.
+
+The function returns @code{0} success or an error code.  The error code
+may be the one one returned by the server in error lines or one
+generated by the callback functions.
+
+@end deftypefun
+
+Libassuan supports descriptor passing on some platforms.  The next two
+functions are used with this feature:
+
+@anchor{function assuan_sendfd}
+@deftypefun assuan_error_t assuan_sendfd (@w{assuan_context_t @var{ctx}}, @w{int @var{fd}})
+
+Send the descriptor @var{fd} to the peer using the context @var{ctx}.
+Note, that calling this function with a @var{ctx} of @code{NULL} and
+@var{fd} of @code{-1} is a valid runtime test to check whether
+descriptor passing is available on the platform.
+
+@end deftypefun
+
 @anchor{fun-assuan_receivedfd}
-assuan_error_t assuan_receivefd (assuan_context_t ctx, int *fd);
+@deftypefun assuan_error_t assuan_receivefd (@w{assuan_context_t @var{ctx}}, @w{int *@var{fd}})
 
+Receive a descriptor pending for the context @var{ctx} from the peer.
+This descriptor must be pending before this function is called.  To
+accomplish this the peer needs to use @code{assuan_sendfd} before the
+trigger is sent (e.g. using @code{assuan_write_line ("INPUT FD")}.
+@end deftypefun
 
+
 @c 
 @c     S E R V E R   C O D E
 @c
 @node Server code
 @chapter How to develop an Assuan server
 
-bar
-int assuan_register_command (assuan_context_t ctx,
-                             const char *cmd_string,
-                             int (*handler)(assuan_context_t, char *));
-int assuan_register_bye_notify (assuan_context_t ctx,
-                                void (*fnc)(assuan_context_t));
-int assuan_register_reset_notify (assuan_context_t ctx,
-                                  void (*fnc)(assuan_context_t));
-int assuan_register_cancel_notify (assuan_context_t ctx,
-                                   void (*fnc)(assuan_context_t));
-int assuan_register_input_notify (assuan_context_t ctx,
-                                  void (*fnc)(assuan_context_t, const char *));
-int assuan_register_output_notify (assuan_context_t ctx,
-                                  void (*fnc)(assuan_context_t, const char *));
+Implementing a server for Assuan is a bit more complex than a
+client. However it is a straightforward task we are going to explain
+using a commented example.
 
-int assuan_register_option_handler (assuan_context_t ctx,
-                                    int (*fnc)(assuan_context_t,
-                                               const char*, const char*));
+@noindent
+The list of the implemented server commands is defined by a table like:
 
-int assuan_process (assuan_context_t ctx);
-int assuan_process_next (assuan_context_t ctx);
+@smallexample
+  static struct @{ 
+    const char *name;
+    int (*handler)(assuan_context_t, char *line);
+  @} command_table[] = @{
+    @{ "FOO",          cmd_foo @},
+    @{ "BAR",          cmd_bar @},
+    @{ "INPUT",        NULL    @}, 
+    @{ "OUTPUT",       NULL    @}, 
+    @{ NULL                    @}@};
+@end smallexample
 
-FILE *assuan_get_data_fp (assuan_context_t ctx);
-assuan_error_t assuan_set_okay_line (assuan_context_t ctx, const char *line);
-assuan_error_t assuan_write_status (assuan_context_t ctx,
-                                    const char *keyword, const char *text);
+For convenience this table is usually put after the actual command
+handlers (cmd_foo, cmd_bar) or even put inside the the command_handler.
+Note that commands with the name ``INPUT'' and ``OUTPUT'' do not require
+a handler because Libassuan provides a default handler for them.  It is
+however possible to assign a custom handler. 
 
-/* Negotiate a file descriptor.  If LINE contains "FD=N", returns N
-   assuming a local file descriptor.  If LINE contains "FD" reads a
-   file descriptor via CTX and stores it in *RDF (the CTX must be
-   capable of passing file descriptors).  */
-assuan_error_t assuan_command_parse_fd (assuan_context_t ctx, char *line,
-                                        int *rfd);
+A prerequisite for this example code is that a client has already
+connected to the server.  Often there are two modes combined in one
+program: A pipe based server, where a client has forked the server
+process or a Unix domain socket based server that is listening on the
+socket.
 
-assuan_error_t assuan_set_hello_line (assuan_context_t ctx, const char *line);
-assuan_error_t assuan_accept (assuan_context_t ctx);
-int assuan_get_input_fd (assuan_context_t ctx);
-int assuan_get_output_fd (assuan_context_t ctx);
-assuan_error_t assuan_close_input_fd (assuan_context_t ctx);
-assuan_error_t assuan_close_output_fd (assuan_context_t ctx);
+@example
+void
+command_handler (int fd)
+@{
+  int i, rc;
+  assuan_context_t ctx;
 
-int assuan_init_pipe_server (assuan_context_t *r_ctx, int filedes[2]);
-void assuan_deinit_server (assuan_context_t ctx);
+  if (fd == -1)
+    @{
+      int filedes[2];
 
-int assuan_init_socket_server (assuan_context_t *r_ctx, int listen_fd);
-int assuan_init_connected_socket_server (assuan_context_t *r_ctx, int fd);
-int assuan_init_socket_server_ext (assuan_context_t *r_ctx, int fd,
-                                   unsigned int flags);
+      filedes[0] = 0;
+      filedes[1] = 1;
+      rc = assuan_init_pipe_server (&ctx, filedes);
+    @}
+  else
+    rc = assuan_init_socket_server_ext (&ctx, fd, 2);
+  if (rc)
+    @{
+      fprintf (stderr, "server init failed: %s\n", gpg_strerror(rc));
+      return;
+    @}
+@end example
 
-assuan_error_t assuan_inquire (assuan_context_t ctx, const char *keyword,
-                               unsigned char **r_buffer, size_t *r_length,
-                               size_t maxlen);
+@noindent
+This is the first part of the command hander.  In case this is called as
+a pipe based server @var{fd} will be based as @code{fd} and the code
+assumes that the server's stdin and stdout are connected to a pipe.  The
+initialization is thus done using
 
+@deftypefun assuan_error_t assuan_init_pipe_server (@w{assuan_context_t *@var{r_ctx}}, @w{int @var{filedes}[2]})
 
+The function takes the two file descriptors from @var{filedes} and
+returns a new Assuan context at @var{r_ctx}.  As usual a return value of
+@code{0} indicates success and a failure is indicated by a returning an
+error code.  In case of error @code{NULL} will be stored at @var{r_ctx}.
 
+In case that the server has been called using a bi-directional pipe
+(socketpair), @var{filedes} is ignored and the file descriptor is taken
+from the environment variable @env{_assuan_connection_fd}.  You won't
+need to know that because @code{assuan_pipe_connect_ext}, used by the
+client to connect to such a server, automagically sets this variable.
+@end deftypefun
+
+@noindent
+If a file descriptor has been passed a the assuan context gets initialized
+by
+
+@deftypefun assuan_error_t assuan_init_socket_server_ext (@w{assuan_context_t *@var{r_ctx}}, @w{int @var{fd}}, @w{unsigned int @var{flags}})
+
+The function takes the file descriptor @var{fd} which is expected to be
+associated with a socket and returns a new Assuan context at
+@var{r_ctx}. The following bits are currently defined for @var{flags}:
+
+@table @code
+@item Bit 0
+When set @code{sendmsg} and @code{recvmesg} are used for input and
+output and thus enabling the use of descriptor passing.
+@item Bit 1
+When set @var{fd} refers to an already accepted socket.  That is,
+Libassuan won't call @var{accept} for it.  It is suggested to set this
+bit as it allows better control of the connection state.
+@end table
+
+As usual a return value of @code{0} indicates success and a failure is
+indicated by a returning an error code.  In case of error @code{NULL}
+will be stored at @var{r_ctx}.
+@end deftypefun
+
+@noindent
+After error checking, the implemented assuan commands are registered with
+the server.  
+
+@example
+  for (i=0; command_table[i].name; i++)
+    @{
+      rc = assuan_register_command (ctx,
+                                    command_table[i].name,
+                                    command_table[i].handler);
+      if (rc)
+        @{
+          fprintf (stderr, "register failed: %s\n", gpg_strerror(rc));
+          assuan_deinit_server (ctx);
+          return;
+        @}
+    @} 
+@end example
+
+@deftypefun assuan_error_t assuan_register_command (@w{assuan_context_t @var{ctx}}, @w{const char *@var{cmd_string}}, @w{int (*@var{handler}) (assuan_context_t, char *)})
+
+This registers the command named @var{cmd_string} with the Assuan
+context @var{ctx}.  @var{handler} is the function called by Libassuan if
+this command is received from the client.  @var{NULL} may be used
+@var{handler} to use a default handler (this only works with a few
+pre-defined commands).  Note, that several default handlers have already
+been registered when the context has been created: ``NOP'', ``CANCEL'',
+``OPTION'', ``BYE'', ``AUTH'', ``RESET'' and ``END''.  Although
+possible, these commands should better not be overridden by the
+application.  Instead special functions should be used to get hold of
+these commands.
+@end deftypefun
+
+@deftypefun assuan_error_t assuan_register_bye_notify (@w{assuan_context_t @var{ctx}}, @w{void (*@var{fnc})(assuan_context_t)})
+
+Register function @var{fnc} with context @var{ctx} to be called right
+before the standard handler for the ``BYE'' command is being called.
+@end deftypefun
+
+@deftypefun assuan_error_t assuan_register_reset_notify (@w{assuan_context_t @var{ctx}}, @w{void (*@var{fnc})(assuan_context_t)})
+
+Register function @var{fnc} with context @var{ctx} to be called right
+before the standard handler for the ``RESET'' command is being called.
+@end deftypefun
+
+@deftypefun assuan_error_t assuan_register_cancel_notify (@w{assuan_context_t @var{ctx}}, @w{void (*@var{fnc})(assuan_context_t)})
+
+Register function @var{fnc} with context @var{ctx} to be called right
+before the standard handler for the ``RESET'' command is being called.
+@end deftypefun
+
+@deftypefun assuan_error_t assuan_register_option_handler (@w{assuan_context_t @var{ctx}}, @w{int (*@var{fnc})(assuan_context_t, const char*, const char*)})
+
+Register function @var{fnc} with context @var{ctx} for processing of
+options.  That function is being called with the context, the name and
+the value of the option.  Leading and trailing spaces are removed from
+the name and the value.  The optional leading two dashes of the name are
+removed as well.  If no value has been given, an empty string is passed.
+The function needs to return @code{0} on success or an error code.
+
+@end deftypefun
+
+@deftypefun assuan_error_t assuan_register_input_notify (@w{assuan_context_t @var{ctx}}, @w{void (*@var{fnc})(assuan_context_t, const char*)})
+
+Although the input function may be overridden with a custom handler, it
+is often more convenient to use the default handler and to know whether
+an ``INPUT'' command has been seen and successfully parsed.  The second
+argument passed to that function is the entire line.  Because that line
+has already been parsed when the function gets called, a file descriptor
+set with the ``INPUT'' command may already be used.  That file
+descriptor is available by calling @code{assuan_get_input_fd}.
+@end deftypefun
+
+@deftypefun assuan_error_t assuan_register_output_notify (@w{assuan_context_t @var{ctx}}, @w{void (*@var{fnc})(assuan_context_t, const char*)})
+
+Although the output function may be overridden with a custom handler, it
+is often more convenient to use the default handler and to know whether
+an ``OUTPUT'' command has been seen and successfully parsed.  The second
+argument passed to that function is the entire line.  Because that line
+has already been parsed when the function gets called, a file descriptor
+set with the ``OUTPUT'' command may already be used.  That file
+descriptor is available by calling @code{assuan_get_output_fd}.
+@end deftypefun
+
+@deftypefun assuan_error_t assuan_set_hello_line (@w{assuan_context_t @var{ctx}}, @w{const char *@var{line}})
+
+This is not actually a register function but may be called also after
+registering commands. It changes the ``Hello'' line, send by the server
+to the client as a first response, from a default string to the string
+@var{line}.  For logging purposes, it is often useful to use such a
+custom hello line which may tell version numbers and such.  Linefeeds
+are allowed in this string, however, each line needs to be shorter than
+the Assuan line length limit.
+
+@end deftypefun
+
+@noindent
+As a last initialization step debugging may be enabled for the current
+connection.  This is done using
+
+@deftypefun void assuan_set_log_stream (@w{assuan_context_t @var{ctx}}, @w{FILE *@var{fp}})
+
+Enable debugging for the context @var{ctx} and write all debugging
+output to the stdio stream @var{fp}.  If the default log stream (used
+for non-context specific events) has not yet been set, a call to this
+functions implicitly sets this stream also to @var{fp}.
+@end deftypefun
+
+@noindent
+Now that everything has been setup, we can start to process our
+clients requests.
+
+@example
+  for (;;)
+    @{
+      rc = assuan_accept (ctx);
+      if (rc == -1)
+        break;
+      else if (rc)
+        @{
+          fprintf (stderr, "accept problem: %s\n", gpg_strerror (rc));
+          break;
+        @}
+      
+      rc = assuan_process (ctx);
+      if (rc)
+        @{
+          fprintf (stderr, "processing failed: %s\n", gpg_strerror (rc));
+          continue;
+        @}
+    @}
+  assuan_deinit_server (ctx);
+@}
+@end example
+
+@noindent
+For future extensibility and to properly detect the end of the
+connection the core of the server should loop over the
+accept and process calls.
+
+@deftypefun assuan_error_t assuan_accept (@w{assuan_context_t @var{ctx}})
+
+A call to this function cancel any existing connection and waits for a
+connection from a client (that might be skipped, depending on the type
+of the server).  The initial handshake is performed which may include an
+initial authentication or encryption negotiation.  On success @code{0}
+is returned.  An error code will be returned if the connection could for
+some reason not be established.  An error code of @code{-1} indicates
+the end of the connection.
+@end deftypefun
+
+@deftypefun assuan_error_t assuan_process (@w{assuan_context_t @var{ctx}})
+
+This function is used to handle the Assuan protocol after a connection
+has been established using @code{assuan_accept}.  It is the main
+protocol handler responsible for reading the client commands and calling
+the appropriate handlers.  The function returns @code{0} on success or
+an error code if something went seriously wrong.  Error codes from the
+individual command handlers, i.e. operational error, are not seen here.
+@end deftypefun
+
+
+@deftypefun assuan_error_t assuan_process_next (@w{assuan_context_t @var{ctx}})
+
+This is the same as @code{assuan_process} but the caller has to provide
+the outer loop.  He should loop as long as the return code is zero and
+stop otherwise; @code{-1} or @code{GPG_ERR_EOF} indicate a regular end.
+@end deftypefun
+
+@noindent
+After the loop has terminated, the Assuan context needs to be released:
+
+@deftypefun void assuan_deinit_server (@w{assuan_context_t @var{ctx}})
+
+Releases the resources described by the Assuan context @var{ctx} It is
+explicitly allowed to pass @code{NULL} for @var{ctx}, in which case the
+function does nothing.
+@end deftypefun
+
+@noindent
+That is all needed for the server code.  You only need to come up with
+the code for the individual command handlers.  Take care that the line
+passed to the command handlers is allocated statically within the
+context and calls to Assuan functions may modify that line.  You are
+also allowed to modify that line which makes parsing much easier.
+
+
+
 @c
 @c     U T I L I T I E S
 @c
 @node Utilities
 @chapter Utility functions
 
+@noindent
+There are a lot of helper functions to make writing Assuan code easier.
+Some of these functions provide information not available with the
+general functions.
 
-void assuan_set_log_stream (assuan_context_t ctx, FILE *fp);
-int assuan_set_error (assuan_context_t ctx, int err, const char *text);
-void assuan_set_pointer (assuan_context_t ctx, void *pointer);
-void *assuan_get_pointer (assuan_context_t ctx);
 
-void assuan_begin_confidential (assuan_context_t ctx);
-void assuan_end_confidential (assuan_context_t ctx);
 
-/* For context CTX, set the flag FLAG to VALUE.  Values for flags
-   are usually 1 or 0 but certain flags might allow for other values;
-   see the description of the type assuan_flag_t for details. */
-void assuan_set_flag (assuan_context_t ctx, assuan_flag_t flag, int value);
+@deftypefun void assuan_set_pointer (@w{assuan_context_t @var{ctx}}, @w{void *@var{pointer}})
 
-typedef enum
-    /* When using a pipe server, by default Assuan will wait for the
-       forked process to die in assuan_disconnect.  In certain cases
-       this is not desirable.  By setting this flag, the waitpid will
-       be skipped and the caller is responsible to cleanup a forked
-       process. */
-    ASSUAN_NO_WAITPID = 1
-assuan_flag_t;
+Store the arbitrary pointer value @var{pointer} into the context
+@var{ctx}.  This is useful to provide command handlers with additional
+application context.
+@end deftypefun
 
+@deftypefun void* assuan_get_pointer (@w{assuan_context_t @var{ctx}})
 
+This returns the pointer for context @var{ctx} which has been set using
+the above function.  A common way to use it is by setting the pointer
+before starting the processing loop and to retrieve it right at the
+start of a command handler:
+@smallexample
+static int
+cmd_foo (assuan_context_t ctx, char *line)
+@{
+  ctrl_t ctrl = assuan_get_pointer (ctx);
+  ...
+@}
+@end smallexample
+@end deftypefun
 
-/* Return the VALUE of FLAG in context CTX. */ 
-int  assuan_get_flag (assuan_context_t ctx, assuan_flag_t flag);
 
 
-const char *assuan_strerror (assuan_error_t err);
+@deftypefun assuan_error_t assuan_write_status (@w{assuan_context_t @var{ctx}}, @w{const char *@var{keyword}}, @w{const char *@var{text}})
 
+This is a convenience function for a server to send a status line.  You
+need to pass it the @var{keyword} and the content of the status line in
+@var{text}.
+@end deftypefun
 
+
+@deftypefun assuan_error_t assuan_inquire (@w{assuan_context_t @var{ctx}}, @w{const char *@var{keyword}}, @w{unsigned char **@var{r_buffer}}, @w{size_t *@var{r_length}}, @w{size_t @var{maxlen}})
+
+A server may use this function to inquire data from a client.  It sends
+an ``INQUIRE'' command back to the server and returns the response
+conveniently in a newly allocated buffer.  You need to pass at least the
+server's context @var{ctx} and the @var{keyword} describing the
+requested data.  All other parameters may be @code{NULL} or @code{0},
+although this is rarely useful.
+
+On success the result is stored in a newly allocated buffer stored at
+@var{r_buffer}. The length of the data is stored at @var{r_length}.  If
+@var{maxlen} has not been given as @code{0}, it describes an upper size
+limited of the expected data.  If the client returns too much data the
+function fails and the error code @code{GPG_ERR_ASS_TOO_MUCH_DATA} will
+be returned.
+@end deftypefun
+
+
+@deftypefun FILE* assuan_get_data_fp (@w{assuan_context_t @var{ctx}})
+
+Return a stdio stream for the Assuan context @var{ctx}.  This stream may
+then be used for data output (assuan_write_data).  The stream is valid
+until the end of the current handler.  Calling @code{fclose} for that stream is
+not required.  Assuan does all the buffering needed to insert the status
+line as well as the required line wrapping and quoting for data lines.
+
+This function is only available on systems supporting either
+@code{funopen} or @code{fopencookie}. If it is not supported @code{NULL}
+is returned and @code{errno} is set to @code{ENOSYS}.
+@end deftypefun
+
+
+@deftypefun assuan_error_t assuan_set_okay_line (@w{assuan_context_t @var{ctx}}, @w{const char *@var{line}})
+
+Set the text used for the next ``OK'' response to @var{line}.  This is
+sometimes useful to send additional human readable information along
+with the OK line.  The string is automatically reset at the end of the
+current handler.
+@end deftypefun
+
+
+@deftypefun assuan_error_t assuan_command_parse_fd (@w{assuan_context_t @var{ctx}}, @w{char *@var{line}}, @w{int *@var{rfd}})
+
+This is the core of the default ``INPUT'' and ``OUTPUT'' handler.  It
+may be used in custom commands as well to negotiate a file descriptor.
+If @var{line} contains @code{FD=@var{n}}, it returns @var{n} assuming a
+local file descriptor.  If @var{line} contains just @code{FD} it returns
+a file descriptor at @var{rdf}; this file descriptor needs to have been
+sent by the client right before using @code{assuan_sendfd}.
+@end deftypefun
+
+@deftypefun int assuan_get_input_fd (@w{assuan_context_t @var{ctx}})
+
+Return the file descriptor send by the client using the last ``INPUT''
+command.  Returns @code{-1} if no file descriptor is available.
+@end deftypefun
+
+@deftypefun int assuan_get_output_fd (@w{assuan_context_t @var{ctx}})
+
+Return the file descriptor send by the client using the last ``OUTPUT''
+command.  Returns @code{-1} if no file descriptor is available.
+@end deftypefun
+
+@deftypefun assuan_error_t assuan_close_input_fd (@w{assuan_context_t @var{ctx}})
+
+Close the file descriptor set by the last ``INPUT'' command.  This
+function has the advantage over a simple @code{close} that it can do
+some sanity checks and make sure that a following
+@code{assuan_get_input_fd} won't return an already closed descriptor.
+@end deftypefun
+
+@deftypefun assuan_error_t assuan_close_output_fd (@w{assuan_context_t @var{ctx}})
+
+Close the file descriptor set by the last ``OUTPUT'' command.  This
+function has the advantage over a simple @code{close} that it can do
+some sanity checks and make sure that a following
+@code{assuan_get_input_fd} won't return an already closed descriptor.
+@end deftypefun
+
+@deftypefun int assuan_set_error (@w{assuan_context_t @var{ctx}}, @w{int @var{err}}, @w{const char *@var{text}})
+
+This is a helper to provide a more descriptive error text with ``ERR''
+lines.  For this to work the text needs to be stored in the context
+@var{ctx} while still being in the command handler.  This function is
+commonly called this way
+@smallexample
+  return assuan_set_error (ctx, err, "commands needs 5 arguments");
+@end smallexample
+@var{err} is passed through and thus the return value of the command
+handler.  The provided text further explains that error code to humans.
+@end deftypefun
+
+
+@deftypefun void assuan_set_flag (@w{assuan_context_t @var{ctx}}, @w{assuan_flag_t @var{flag}}, @w{int @var{value}})
+
+Set the the @var{flag} for context @var{ctx} to @var{value}.  Values for
+flags are usually 1 or 0 but certain flags might need other values.
+
+@deftp {Data type} assuan_flag_t
+The flags are all named and collected in an @code{enum} for better readability.
+Currently only one flag is defined:
+
+@table @code
+@item ASSUAN_NO_WAITPID 
+When using a pipe server, by default Libassuan will wait for the forked
+process to die in @code{assuan_disconnect}.  In certain cases this is
+not desirable.  By setting this flag, a call to @code{waitpid} will be
+suppressed and the caller is responsible to cleanup the child process.
+@end table
+@end deftp
+
+@end deftypefun
+
+@deftypefun int assuan_get_flag (@w{assuan_context_t @var{ctx}}, @w{assuan_flag_t @var{flag}})
+Return the value of @var{flag} in context @var{ctx}. 
+@end deftypefun 
+
+@deftypefun @w{const char*} assuan_strerror (@w{assuan_error_t @var{err}})
+
+This function returns a textual representation of the given error code
+@var{err}. If this is an unknown value, a string with the value is
+returned. (Beware: it is hold in a static buffer).  It is suggested that
+gpg-error style error numbers should be used and thus
+@code{gpg_strerror} be called. @xref{function
+assuan_set_assuan_err_source}, on how to enable these error codes.
+@end deftypefun
+
 @deftypefun pid_t assuan_get_pid (@w{assuan_context_t @var{ctx}})
 
 This function returns the pid of the connected connected peer.  If that
 pid is not known @code{-1} is returned.  Note that it is not always
 possible to learn the pid of the other process. For a pipe based server
-the client knows it instantly and a mechnism is in palce to let the
+the client knows it instantly and a mechanism is in place to let the
 server learn it.  For socket based servers the pid is only available on
 systems providing the ``SO_PEERCRED'' socket option @footnote{to our
 knowledge only the Linux kernel has this feature}.
@@ -903,20 +1297,55 @@
 @end deftypefun
 
 
-int assuan_get_active_fds (assuan_context_t ctx, int what,
-                           int *fdarray, int fdarraysize);
+@deftypefun int assuan_get_active_fds (@w{assuan_context_t @var{ctx}}, @w{int @var{what}}, @w{int *@var{fdarray}}, @w{int @var{fdarraysize}})
 
-int assuan_pending_line (assuan_context_t ctx);
+Return all active file descriptors for the context @var{ctx}.  This
+function can be used to select on the file descriptors and to call
+@code{assuan_process_next} if there is an active one.  The first
+descriptor in the array is the one used for the command connection.
+Currently @var{what} needs to be @code{0} to return descriptors used for
+reading, @code{1} will eventually be used to return descriptors used for
+writing.  @var{fdarray} is an array of integers provided by the caller;
+@var{fdarraysize} gives the size of that array.
 
-/* Return the stream which is currently being using for global logging.  */
-FILE *assuan_get_assuan_log_stream (void);
+On success the number of active descriptors are returned.  These active
+descriptors are then stored in @var{fdarray}.  On error @code{-1} is
+returned; the most likely reason for this is a too small @var{fdarray}.
+@end deftypefun
 
-/* Return a prefix to be used at the start of a line emitted by assuan
-   on the log stream.  The default implementation returns the empty
-   string, i.e. ""  */
-const char *assuan_get_assuan_log_prefix (void);
 
+@deftypefun int assuan_pending_line (@w{assuan_context_t @var{ctx}})
+A call to this function return true if a full line has been buffered and
+thus an entire assuan line may be read without triggering any actual
+I/O.
+@end deftypefun
 
+
+@deftypefun void assuan_begin_confidential (@w{assuan_context_t @var{ctx}})
+
+Put the logging feature into confidential mode.  This is to avoid
+logging of sensitive data.
+@end deftypefun
+
+@deftypefun void assuan_end_confidential (@w{assuan_context_t @var{ctx}})
+
+Get the logging feature out of confidential mode.  All data will be
+logged again (if logging is enabled).
+@end deftypefun
+
+@deftypefun FILE* assuan_get_assuan_log_stream (void)
+
+Return the stream which is currently being using for global logging.
+@end deftypefun
+
+@deftypefun @w{const char*} assuan_get_assuan_log_prefix (void)
+
+Return the prefix to be used at the start of a line emitted by assuan
+on the log stream.  The default implementation returns the empty
+string.
+@end deftypefun
+
+
 @c ---------------------------------------------------------------------
 @c Legal BS
 @c ---------------------------------------------------------------------


From cvs at cvs.gnupg.org  Tue Oct 31 21:04:11 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Tue Oct 31 20:31:23 2006
Subject: [svn] assuan - r223 - tags
Message-ID: <E1GezKS-00089m-IR@trithemius.gnupg.org>

Author: wk
Date: 2006-10-31 21:04:11 +0100 (Tue, 31 Oct 2006)
New Revision: 223

Added:
   tags/libassuan-1.0.0/
Log:
Released 1.0.0


Copied: tags/libassuan-1.0.0 (from rev 222, trunk)


From cvs at cvs.gnupg.org  Tue Oct 31 21:10:36 2006
From: cvs at cvs.gnupg.org (svn author wk)
Date: Tue Oct 31 20:57:11 2006
Subject: [svn] assuan - r224 - trunk
Message-ID: <E1GezQg-0001VO-Vr@trithemius.gnupg.org>

Author: wk
Date: 2006-10-31 21:10:36 +0100 (Tue, 31 Oct 2006)
New Revision: 224

Modified:
   trunk/NEWS
   trunk/configure.ac
Log:
Post release updates


Modified: trunk/NEWS
===================================================================
--- trunk/NEWS	2006-10-31 20:04:11 UTC (rev 223)
+++ trunk/NEWS	2006-10-31 20:10:36 UTC (rev 224)
@@ -1,3 +1,7 @@
+Noteworthy changes in version 1.0.1
+------------------------------------------------
+
+
 Noteworthy changes in version 1.0.0 (2006-10-31)
 ------------------------------------------------
 

Modified: trunk/configure.ac
===================================================================
--- trunk/configure.ac	2006-10-31 20:04:11 UTC (rev 223)
+++ trunk/configure.ac	2006-10-31 20:10:36 UTC (rev 224)
@@ -25,7 +25,7 @@
 
 # Version number: Remember to change it immediately *after* a release.
 #                 Add a "-cvs" prefix for non-released code.
-AC_INIT(libassuan, 0.9.4-cvs, gnupg-devel@gnupg.org)
+AC_INIT(libassuan, 1.0.1-cvs, bug-libassuan@gnupg.org)
 # Note, that this is not yet available as a shared library.
 
 PACKAGE=$PACKAGE_NAME