security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Activity

bug fix release

This commit is contained in:
Werner Koch 1998-08-11 17:29:34 +00:00
parent 62f550bb0a
commit 3e0e8f884f
43 changed files with 1828 additions and 520 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
NEWS
View File

@ -1,3 +1,11 @@
Noteworthy changes in version 0.3.4
-----------------------------------
* New options --comment and --set-filename; see g10/OPTIONS
* yes/no, y/n localized.
* Fixed some bugs.
Noteworthy changes in version 0.3.3
-----------------------------------
* IMPORTANT: I found yet another bug in the way the secret keys

1
THANKS
View File

@ -4,6 +4,7 @@ code. Here is a list of those people. Help me keep it complete and free of
errors.
Anand Kumria wildfire@progsoc.uts.edu.au
Ariel T Glenn ariel@columbia.edu
Brian Warner warner@lothar.com
Caskey L. Dickson caskey@technocage.com
Charles Levert charles@comm.polymtl.ca

9
TODO
View File

@ -26,9 +26,6 @@
* rewrite --list-packets or put it into another tool.
* add usage arguments to get_key_byname or return a PKC_LIST with
all keys and add a selection.
* Burn the buffers used by fopen(), or use read(2). Does this
really make sense?
@ -51,5 +48,9 @@
* Is it okay to use gettext for the help system???
* There are still problems with old v3 keys after passphrase change.
* configure checks two times for gcc
* update gettext
* Add some stuff for DU cc

2
VERSION
View File

@ -1 +1 @@
0.3.3
0.3.4

4
checks/ChangeLog
View File

@ -1,3 +1,7 @@
Mon Aug 10 21:33:38 1998 Werner Koch (wk@(none))
* genkey1024.test: Ariel fixed this.
Wed Jul 8 10:43:47 1998 Werner Koch (wk@isil.d.shuttle.de)
* seat.test: New.

122
checks/genkey1024.test
View File

@ -2,59 +2,95 @@
. defs.inc || exit 3
info "This expect script does not yet work"
info "Please, all those expect gurus, can you help me with it?"
exit 0
expect - <<EOF
set timeout -1
#set timeout -1
set timeout 5
match_max 100000
spawn ../g10/gpg --no-batch --quick-random --homedir . --gen-key
expect -exact "Please select the algorithm to use:\r
(1) ElGamal is the suggested one.\r
(2) DSA can only be used for signatures.\r
Your selection? (1,2) "
send -- "1\r"
expect -exact "1\r
\r \rAbout to generate a new ElGamal keypair.\r
minimum keysize is 768 bits\r
default keysize is 1024 bits\r
expect {
-exact "Please select what kind of key you want:\r
(1) DSA and ElGamal (default)\r
(2) ElGamal (sign and encrypt)\r
(3) ElGamal (encrypt only)\r
(4) DSA (sign only)\r
(5) ElGamal in a v3 packet\r
Your selection? " { send -- "1\r" }
timeout { exit 1 } }
expect {
-exact "1\r
\r \rDSA keypair will have 1024 bits.\r
About to generate a new ELG-E keypair.\r
minimum keysize is 768 bits\r
default keysize is 1024 bits\r
highest suggested keysize is 2048 bits\r
What keysize do you want? (1024) "
send -- "\r"
expect -exact "\r
\r \rRequested keysize is 1024 bits\r
\r
What keysize do you want? (1024) " { send -- "\r" }
timeout { exit 1 } }
expect {
-exact "\r
\r \rRequested keysize is 1024 bits\r
Please specify how long the key should be valid.\r
0 = key does not expire\r
<n> = key expires in n days\r
<n>w = key expires in n weeks\r
<n>m = key expires in n months\r
<n>y = key expires in n years\r
Key is valid for? (0) " { send -- "1\r" }
timeout { exit 1 } }
expect {
-exact "1\r
\r \rKey expires at " { }
timeout { exit 1 } }
expect {
-re "(.*)\r
" {}
timeout { exit 1 } }
expect {
-exact "Is this correct (y/n)? " { send -- "y\r" }
timeout { exit 1 } }
expect {
-exact "y\r
\r \r\r
You need a User-ID to identify your key; the software constructs the user id\r
from Real Name, Comment and Email Address in this form:\r
\"Heinrich Heine (Der Dichter) <heinrichh@uni-duesseldorf.de>\"\r
\"Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>\"\r
\r
Real name: "
send -- "Harry H.\r"
expect -exact "Harry H.\r
\r \rEmail address: "
send -- "hh@ddorf.de\r"
expect -exact "hh@ddorf.de\r
\r \rComment: "
send -- "a test\r"
expect -exact "a test\r
\r \rYou selected this USER-ID:\r
Real name: " { send -- "Harry H.\r" }
timeout { exit 1 } }
expect {
-exact "Harry H.\r
\r \rEmail address: " { send -- "hh@ddorf.de\r" }
timeout { exit 1 } }
expect {
-exact "hh@ddorf.de\r
\r \rComment: " { send -- "a test\r" }
timeout { exit 1 } }
expect {
-exact "a test\r
\r \rYou selected this USER-ID:\r
\"Harry H. (a test) <hh@ddorf.de> (INSECURE!)\"\r
\r
Edit (N)ame, (C)omment, (E)mail or (O)kay? "
send -- "o\r"
expect -exact "o\r
\r \rYou need a Passphrase to protect your secret key.\r
\r
Enter pass phrase: "
send -- "abc\r"
expect -ex "abc\r\n"
expect -ex "\r \rRepeat pass phrase:\ "
send -- "abc\r"
expect -ex "abc\r\n"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? " { send -- "o\r" }
timeout { exit 1 } }
expect {
-ex "public and secret key created and signed.\r"
eof abort
-exact "o\r
\r \rYou need a Passphrase to protect your secret key.\r
\r
Enter pass phrase: " { sleep 1; send -- "abc\r" }
timeout { exit 1 } }
expect {
-ex "\r \rRepeat pass phrase: " { sleep 1; send -- "abc\r" }
timeout { exit 1 } }
expect {
-ex "\r \rWe need to generate a lot of random bytes. It is a good idea to perform\r
some other action (work in another window, move the mouse, utilize the\r
network and the disks) during the prime generation; this gives the random\r
number generator a better chance to gain enough entropy.\r" {}
timeout { exit 1 } }
set timeout 120
expect {
-ex "public and secret key created and signed.\r" { exit 0 }
eof { exit 1 }
}
exit 1
EOF

2
cipher/random.c
View File

@ -124,6 +124,8 @@ get_random_bits( size_t nbits, int level, int secure )
byte *buf;
size_t nbytes = (nbits+7)/8;
if( quick_test && level > 1 )
level = 1;
MASK_LEVEL(level);
buf = secure && secure_alloc ? m_alloc_secure( nbytes ) : m_alloc( nbytes );
read_pool( buf, nbytes, level );

45
g10/ChangeLog
View File

@ -1,3 +1,48 @@
Tue Aug 11 17:54:50 1998 Werner Koch (wk@(none))
* build-packet.c (do_secret_key): Fixed handling of old keys.
* getkey.c (compare_name): Fixed exact and email matching
* openfile.c (open_outfile): Changed arguments and all callers.
Tue Aug 11 09:14:35 1998 Werner Koch (wk@(none))
* encode.c (encode_simple): Applied option set-filename and comment.
(encode_crypt): Ditto.
* sign.c (sign_file): Ditto.
* armor.c (armor_filter): Applied option comment.
* encode.c (encode_crypt): Moved init_packet to the begin.
(encode_simple): add an init_packet().
* comment (write_comment): Now enforces a hash sign as the 1st byte.
* import.c (import_one): Add explanation for "no user ids".
* compress.c (do_uncompress): Applied Brian Warner's patch to support
zlib 1.1.3 etc.
* trustdb.c (check_trust): Fixed a problem after inserting new keys.
* getkey (lookup): do not return the primary key if usage is given
(lookup_sk): Ditto and take usage into account.
* status.c (cpr_get_answer_is_yes): add display_help.
Mon Aug 10 10:11:28 1998 Werner Koch (wk@(none))
* getkey.c (lookup_sk): Now always returns the primary if arg
primary is true.
(lookup): Likewise.
(get_pubkey_byname): Now returns the primary key
(get_seckey_byname): Ditto.
Mon Aug 10 08:34:03 1998 Werner Koch (wk@(none))
* keyid.c (pubkey_letter): ELG_E is now a small g.
Sat Aug 8 17:26:12 1998 Werner Koch (wk@(none))
* openfile (overwrite_filep): Changed semantics and all callers.

8
g10/OPTIONS
View File

@ -50,3 +50,11 @@ run-as-shm-coprocess [request-locked-shm-size]
# very special :-)
# You will have to use "--status-fd" too
set-filename <name>
# Set <name> as the filename into the plaintext packet
comment <string>
# Add <string> as comment to the output

21
g10/armor.c
View File

@ -1002,8 +1002,25 @@ armor_filter( void *opaque, int control,
iobuf_writestr(a, "-----\n");
iobuf_writestr(a, "Version: GNUPG v" VERSION " ("
PRINTABLE_OS_NAME ")\n");
iobuf_writestr(a,
"Comment: Get GNUPG from ftp://ftp.guug.de/pub/gcrypt/\n");
if( opt.comment_string ) {
const char *s = opt.comment_string;
iobuf_writestr(a, "Comment: " );
for( ; *s; s++ ) {
if( *s == '\n' )
iobuf_writestr(a, "\\n" );
else if( *s == '\r' )
iobuf_writestr(a, "\\r" );
else if( *s == '\v' )
iobuf_writestr(a, "\\v" );
else
iobuf_put(a, *s );
}
iobuf_put(a, '\n' );
}
else
iobuf_writestr(a,
"Comment: Get GNUPG from ftp://ftp.guug.de/pub/gcrypt/\n");
if( afx->hdrlines )
iobuf_writestr(a, afx->hdrlines);
iobuf_put(a, '\n');

3
g10/build-packet.c
View File

@ -291,7 +291,8 @@ do_secret_key( IOBUF out, int ctb, PKT_secret_key *sk )
for(i=0; i < npkey; i++ )
mpi_write(a, sk->skey[i] );
if( sk->is_protected ) {
if( is_RSA(sk->pubkey_algo) && sk->version < 4 ) {
if( is_RSA(sk->pubkey_algo) && sk->version < 4
&& !sk->protect.s2k.mode ) {
iobuf_put(a, sk->protect.algo );
iobuf_write(a, sk->protect.iv, 8 );
}

14
g10/comment.c
View File

@ -44,9 +44,17 @@ write_comment( IOBUF out, const char *s )
int rc=0;
pkt.pkttype = PKT_COMMENT;
pkt.pkt.comment = m_alloc( sizeof *pkt.pkt.comment + n - 1 );
pkt.pkt.comment->len = n;
strcpy(pkt.pkt.comment->data, s);
if( *s != '#' ) {
pkt.pkt.comment = m_alloc( sizeof *pkt.pkt.comment + n );
pkt.pkt.comment->len = n+1;
*pkt.pkt.comment->data = '#';
strcpy(pkt.pkt.comment->data+1, s);
}
else {
pkt.pkt.comment = m_alloc( sizeof *pkt.pkt.comment + n - 1 );
pkt.pkt.comment->len = n;
strcpy(pkt.pkt.comment->data, s);
}
if( (rc = build_packet( out, &pkt )) )
log_error("build_packet(comment) failed: %s\n", g10_errstr(rc) );
free_packet( &pkt );

8
g10/compress.c
View File

@ -151,19 +151,23 @@ do_uncompress( compress_filter_context_t *zfx, z_stream *zs,
if( DBG_FILTER )
log_debug("call inflate: avail_in=%u, avail_out=%u\n",
(unsigned)zs->avail_in, (unsigned)zs->avail_out);
#ifdef Z_SYNC_FLUSH
zrc = inflate( zs, Z_SYNC_FLUSH );
#else
zrc = inflate( zs, Z_PARTIAL_FLUSH );
#endif
if( DBG_FILTER )
log_debug("inflate returned: avail_in=%u, avail_out=%u, zrc=%d\n",
(unsigned)zs->avail_in, (unsigned)zs->avail_out, zrc);
if( zrc == Z_STREAM_END )
rc = -1; /* eof */
else if( zrc != Z_OK ) {
else if( zrc != Z_OK && zrc != Z_BUF_ERROR ) {
if( zs->msg )
log_fatal("zlib inflate problem: %s\n", zs->msg );
else
log_fatal("zlib inflate problem: rc=%d\n", zrc );
}
} while( zs->avail_out && zrc != Z_STREAM_END );
} while( zs->avail_out && zrc != Z_STREAM_END && zrc != Z_BUF_ERROR );
*ret_len = zfx->outbufsize - zs->avail_out;
if( DBG_FILTER )
log_debug("do_uncompress: returning %u bytes\n", (unsigned)*ret_len );

9
g10/dearmor.c
View File

@ -58,10 +58,9 @@ dearmor_file( const char *fname )
iobuf_push_filter( inp, armor_filter, &afx );
if( !(out = open_outfile( fname, 0 )) ) {
rc = G10ERR_CREATE_FILE;
if( (rc = open_outfile( fname, 0, &out )) )
goto leave;
}
while( (c = iobuf_get(inp)) != -1 )
@ -100,10 +99,8 @@ enarmor_file( const char *fname )
}
if( !(out = open_outfile( fname, 1 )) ) {
rc = G10ERR_CREATE_FILE;
if( (rc = open_outfile( fname, 1, &out )) )
goto leave;
}
afx.what = 4;
afx.hdrlines = "Comment: Use \"gpgm --dearmor\" for unpacking\n";

59
g10/encode.c
View File

@ -80,6 +80,7 @@ encode_simple( const char *filename, int mode )
memset( &cfx, 0, sizeof cfx);
memset( &afx, 0, sizeof afx);
memset( &zfx, 0, sizeof zfx);
init_packet(&pkt);
/* prepare iobufs */
if( !(inp = iobuf_open(filename)) ) {
@ -107,19 +108,21 @@ encode_simple( const char *filename, int mode )
}
}
if( !(out = open_outfile( filename, opt.armor? 1:0 )) ) {
if( (rc = open_outfile( filename, opt.armor? 1:0, &out )) ) {
iobuf_close(inp);
m_free(cfx.dek);
m_free(s2k);
return G10ERR_CREATE_FILE; /* or user said: do not overwrite */
return rc;
}
if( opt.armor )
iobuf_push_filter( out, armor_filter, &afx );
else
else {
write_comment( out, "#created by GNUPG v" VERSION " ("
PRINTABLE_OS_NAME ")");
if( opt.comment_string )
write_comment( out, opt.comment_string );
}
if( s2k && !opt.rfc1991 ) {
PKT_symkey_enc *enc = m_alloc_clear( sizeof *enc );
enc->version = 4;
@ -133,18 +136,22 @@ encode_simple( const char *filename, int mode )
}
/* setup the inner packet */
if( filename ) {
pt = m_alloc( sizeof *pt + strlen(filename) - 1 );
pt->namelen = strlen(filename);
memcpy(pt->name, filename, pt->namelen );
if( !(filesize = iobuf_get_filelength(inp)) )
log_info(_("%s: warning: empty file\n"), filename );
if( filename || opt.set_filename ) {
const char *s = opt.set_filename ? opt.set_filename : filename;
pt = m_alloc( sizeof *pt + strlen(s) - 1 );
pt->namelen = strlen(s);
memcpy(pt->name, s, pt->namelen );
}
else { /* no filename */
pt = m_alloc( sizeof *pt - 1 );
pt->namelen = 0;
filesize = 0; /* stdin */
}
if( filename ) {
if( !(filesize = iobuf_get_filelength(inp)) )
log_info(_("%s: warning: empty file\n"), filename );
}
else
filesize = 0; /* stdin */
pt->timestamp = make_timestamp();
pt->mode = 'b';
pt->len = filesize;
@ -194,6 +201,7 @@ encode_crypt( const char *filename, STRLIST remusr )
memset( &cfx, 0, sizeof cfx);
memset( &afx, 0, sizeof afx);
memset( &zfx, 0, sizeof zfx);
init_packet(&pkt);
if( (rc=build_pk_list( remusr, &pk_list, PUBKEY_USAGE_ENC)) )
return rc;
@ -208,16 +216,18 @@ encode_crypt( const char *filename, STRLIST remusr )
else if( opt.verbose )
log_info(_("reading from '%s'\n"), filename? filename: "[stdin]");
if( !(out = open_outfile( filename, opt.armor? 1:0 )) ) {
rc = G10ERR_CREATE_FILE; /* or user said: do not overwrite */
if( (rc = open_outfile( filename, opt.armor? 1:0, &out )) )
goto leave;
}
if( opt.armor )
iobuf_push_filter( out, armor_filter, &afx );
else
else {
write_comment( out, "#created by GNUPG v" VERSION " ("
PRINTABLE_OS_NAME ")");
if( opt.comment_string )
write_comment( out, opt.comment_string );
}
/* create a session key */
cfx.dek = m_alloc_secure( sizeof *cfx.dek );
@ -237,24 +247,27 @@ encode_crypt( const char *filename, STRLIST remusr )
goto leave;
/* setup the inner packet */
if( filename ) {
pt = m_alloc( sizeof *pt + strlen(filename) - 1 );
pt->namelen = strlen(filename);
memcpy(pt->name, filename, pt->namelen );
if( !(filesize = iobuf_get_filelength(inp)) )
log_info(_("%s: warning: empty file\n"), filename );
if( filename || opt.set_filename ) {
const char *s = opt.set_filename ? opt.set_filename : filename;
pt = m_alloc( sizeof *pt + strlen(s) - 1 );
pt->namelen = strlen(s);
memcpy(pt->name, s, pt->namelen );
}
else { /* no filename */
pt = m_alloc( sizeof *pt - 1 );
pt->namelen = 0;
filesize = 0; /* stdin */
}
if( filename ) {
if( !(filesize = iobuf_get_filelength(inp)) )
log_info(_("%s: warning: empty file\n"), filename );
}
else
filesize = 0; /* stdin */
pt->timestamp = make_timestamp();
pt->mode = 'b';
pt->len = filesize;
pt->new_ctb = !pt->len && !opt.rfc1991;
pt->buf = inp;
init_packet(&pkt);
pkt.pkttype = PKT_PLAINTEXT;
pkt.pkt.plaintext = pt;
cfx.datalen = filesize && !opt.compress? calc_packet_length( &pkt ) : 0;

5
g10/export.c
View File

@ -71,10 +71,9 @@ do_export( STRLIST users, int secret )
memset( &zfx, 0, sizeof zfx);
init_packet( &pkt );
if( !(out = open_outfile( NULL, 0 )) ) {
rc = G10ERR_CREATE_FILE;
if( (rc = open_outfile( NULL, 0, &out )) )
goto leave;
}
if( opt.armor ) {
afx.what = secret?5:1;

137
g10/g10.c
View File

@ -47,18 +47,68 @@
#endif
enum cmd_and_opt_values { aNull = 0,
oArmor = 'a',
aDetachedSign = 'b',
aSym = 'c',
aDecrypt = 'd',
aEncr = 'e',
oKOption = 'k',
oDryRun = 'n',
oOutput = 'o',
oRemote = 'r',
aSign = 's',
oTextmode = 't',
oUser = 'u',
oVerbose = 'v',
oCompress = 'z',
oBatch = 500,
aClearsign = 539,
aStore,
aKeygen,
aSignEncr,
aSignKey,
aListPackets,
aEditKey,
aDeleteKey,
aDeleteSecretKey,
aKMode,
aKModeC,
aImport,
aVerify,
aListKeys,
aListSigs,
aListSecretKeys,
aExport,
aExportSecret,
aCheckKeys,
aGenRevoke,
aPrimegen,
aPrintMD,
aPrintMDs,
aCheckTrustDB,
aListTrustDB,
aListTrustPath,
aExportOwnerTrust,
aImportOwnerTrust,
aDeArmor,
aEnArmor,
aGenRandom,
aTest };
static ARGPARSE_OPTS opts[] = {
{ 300, NULL, 0, N_("@Commands:\n ") },
#ifdef IS_G10
{ 's', "sign", 256, N_("|[file]|make a signature")},
{ 539, "clearsign", 256, N_("|[file]|make a clear text signature") },
{ 'b', "detach-sign", 256, N_("make a detached signature")},
{ 'e', "encrypt", 256, N_("encrypt data")},
{ 'c', "symmetric", 256, N_("encryption only with symmetric cipher")},
{ aSign, "sign", 256, N_("|[file]|make a signature")},
{ aClearsign, "clearsign", 256, N_("|[file]|make a clear text signature") },
{ aDetachedSign, "detach-sign", 256, N_("make a detached signature")},
{ aEncr, "encrypt", 256, N_("encrypt data")},
{ aSym, "symmetric", 256, N_("encryption only with symmetric cipher")},
{ 507, "store", 256, N_("store only")},
{ 'd', "decrypt", 256, N_("decrypt data (default)")},
{ aDecrypt, "decrypt", 256, N_("decrypt data (default)")},
{ 550, "verify" , 256, N_("verify a signature")},
#endif
{ 551, "list-keys", 256, N_("list keys")},
@ -93,17 +143,17 @@ static ARGPARSE_OPTS opts[] = {
{ 301, NULL, 0, N_("@\nOptions:\n ") },
{ 'a', "armor", 0, N_("create ascii armored output")},
{ oArmor, "armor", 0, N_("create ascii armored output")},
#ifdef IS_G10
{ 'u', "local-user",2, N_("use this user-id to sign or decrypt")},
{ 'r', "remote-user", 2, N_("use this user-id for encryption")},
{ 'z', NULL, 1, N_("|N|set compress level N (0 disables)") },
{ 't', "textmode", 0, N_("use canonical text mode")},
{ oUser, "local-user",2, N_("use this user-id to sign or decrypt")},
{ oRemote, "remote-user", 2, N_("use this user-id for encryption")},
{ oCompress, NULL, 1, N_("|N|set compress level N (0 disables)") },
{ oTextmode, "textmode", 0, N_("use canonical text mode")},
#endif
{ 'o', "output", 2, N_("use as output file")},
{ 'v', "verbose", 0, N_("verbose") },
{ 'n', "dry-run", 0, N_("do not make any changes") },
{ 500, "batch", 0, N_("batch mode: never ask")},
{ oOutput, "output", 2, N_("use as output file")},
{ oVerbose, "verbose", 0, N_("verbose") },
/* { oDryRun, "dry-run", 0, N_("do not make any changes") }, */
{ oBatch, "batch", 0, N_("batch mode: never ask")},
{ 501, "yes", 0, N_("assume yes on most questions")},
{ 502, "no", 0, N_("assume no on most questions")},
{ 509, "keyring" ,2, N_("add this keyring to the list of keyrings")},
@ -147,7 +197,7 @@ static ARGPARSE_OPTS opts[] = {
{ 533, "list-trust-path",0, "@"},
#endif
#ifdef IS_G10
{ 'k', NULL, 0, "@"},
{ oKOption, NULL, 0, "@"},
{ 504, "delete-secret-key",0, "@" },
{ 524, "edit-sig" ,0, "@"}, /* alias for edit-key */
{ 523, "passphrase-fd",1, "@" },
@ -173,27 +223,18 @@ static ARGPARSE_OPTS opts[] = {
{ 559, "always-trust", 0, "@"},
{ 562, "emulate-checksum-bug", 0, "@"},
{ 554, "run-as-shm-coprocess", 4, "@" },
/* 568 unused */
{ 568, "set-filename", 2, "@" },
{ 569, "comment", 2, "@" },
{0} };
enum cmd_values { aNull = 0,
aSym, aStore, aEncr, aKeygen, aSign, aSignEncr,
aSignKey, aClearsign, aListPackets, aEditKey, aDeleteKey, aDeleteSecretKey,
aKMode, aKModeC, aImport, aVerify, aDecrypt, aListKeys,
aListSigs, aListSecretKeys, aExport, aExportSecret,
aCheckKeys, aGenRevoke, aPrimegen, aPrintMD, aPrintMDs,
aCheckTrustDB, aListTrustDB, aListTrustPath,
aExportOwnerTrust, aImportOwnerTrust,
aDeArmor, aEnArmor, aGenRandom,
aTest };
static int maybe_setuid = 1;
static char *build_list( const char *text,
const char *(*mapf)(int), int (*chkf)(int) );
static void set_cmd( enum cmd_values *ret_cmd,
enum cmd_values new_cmd );
static void set_cmd( enum cmd_and_opt_values *ret_cmd,
enum cmd_and_opt_values new_cmd );
#ifdef IS_G10MAINT
static void print_hex( byte *p, size_t n );
static void print_mds( const char *fname, int algo );
@ -337,9 +378,9 @@ set_debug(void)
static void
set_cmd( enum cmd_values *ret_cmd, enum cmd_values new_cmd )
set_cmd( enum cmd_and_opt_values *ret_cmd, enum cmd_and_opt_values new_cmd )
{
enum cmd_values cmd = *ret_cmd;
enum cmd_and_opt_values cmd = *ret_cmd;
if( !cmd || cmd == new_cmd )
cmd = new_cmd;
@ -383,7 +424,7 @@ main( int argc, char **argv )
int errors=0;
int default_keyring = 1;
int greeting = 1;
enum cmd_values cmd = 0;
enum cmd_and_opt_values cmd = 0;
const char *trustdb_name = NULL;
char *def_cipher_string = NULL;
char *def_digest_string = NULL;
@ -478,27 +519,27 @@ main( int argc, char **argv )
&pargs, opts) ) {
switch( pargs.r_opt ) {
case 'a': opt.armor = 1; opt.no_armor=0; break;
case oArmor: opt.armor = 1; opt.no_armor=0; break;
#ifdef IS_G10
case 'b': detached_sig = 1; set_cmd( &cmd, aSign ); break;
case 'c': set_cmd( &cmd, aSym); break;
case 'd': set_cmd( &cmd, aDecrypt); break;
case 'e': set_cmd( &cmd, aEncr); break;
case 'r': /* store the remote users */
case aDetachedSign: detached_sig = 1; set_cmd( &cmd, aSign ); break;
case aSym: set_cmd( &cmd, aSym); break;
case aDecrypt: set_cmd( &cmd, aDecrypt); break;
case aEncr: set_cmd( &cmd, aEncr); break;
case oRemote: /* store the remote users */
sl = m_alloc( sizeof *sl + strlen(pargs.r.ret_str));
strcpy(sl->d, pargs.r.ret_str);
sl->next = remusr;
remusr = sl;
break;
case 's': set_cmd( &cmd, aSign ); break;
case 't': opt.textmode=1; break;
case 'u': /* store the local users */
case aSign: set_cmd( &cmd, aSign ); break;
case oTextmode: opt.textmode=1; break;
case oUser: /* store the local users */
sl = m_alloc( sizeof *sl + strlen(pargs.r.ret_str));
strcpy(sl->d, pargs.r.ret_str);
sl->next = locusr;
locusr = sl;
break;
case 'z': opt.compress = pargs.r.ret_int; break;
case oCompress: opt.compress = pargs.r.ret_int; break;
case 503: set_cmd( &cmd, aKeygen); break;
case 504: set_cmd( &cmd, aDeleteSecretKey); break;
case 505: set_cmd( &cmd, aDeleteKey); break;
@ -508,7 +549,7 @@ main( int argc, char **argv )
case 524: set_cmd( &cmd, aEditKey); break;
case 527: def_cipher_string = m_strdup(pargs.r.ret_str); break;
case 529: def_digest_string = m_strdup(pargs.r.ret_str); break;
case 539: set_cmd( &cmd, aClearsign); break;
case aClearsign: set_cmd( &cmd, aClearsign); break;
case 540: secmem_set_flags( secmem_get_flags() | 1 ); break;
case 542: set_cmd( &cmd, aGenRevoke); break;
case 550: set_cmd( &cmd, aVerify); break;
@ -536,12 +577,12 @@ main( int argc, char **argv )
case 525: set_cmd( &cmd, aImportOwnerTrust); break;
#endif /* IS_G10MAINT */
case 'o': opt.outfile = pargs.r.ret_str; break;
case 'v': g10_opt_verbose++;
case oOutput: opt.outfile = pargs.r.ret_str; break;
case oVerbose: g10_opt_verbose++;
opt.verbose++; opt.list_sigs=1; break;
case 'k': set_cmd( &cmd, aKMode ); break;
case oKOption: set_cmd( &cmd, aKMode ); break;
case 500: opt.batch = 1; greeting = 0; break;
case oBatch: opt.batch = 1; greeting = 0; break;
case 501: opt.answer_yes = 1; break;
case 502: opt.answer_no = 1; break;
case 508: set_cmd( &cmd, aCheckKeys); break;
@ -598,6 +639,8 @@ main( int argc, char **argv )
log_error("shared memory coprocessing is not available\n");
#endif
break;
case 568: opt.set_filename = pargs.r.ret_str; break;
case 569: opt.comment_string = pargs.r.ret_str; break;
default : errors++; pargs.err = configfp? 1:2; break;
}
}

72
g10/getkey.c
View File

@ -71,9 +71,9 @@ static int pk_cache_entries; /* number of entries in pk cache */
static int lookup( PKT_public_key *pk,
int mode, u32 *keyid, const char *name,
KBNODE *ret_keyblock );
KBNODE *ret_keyblock, int primary );
static int lookup_sk( PKT_secret_key *sk,
int mode, u32 *keyid, const char *name );
int mode, u32 *keyid, const char *name, int primary );
/* note this function may be called before secure memory is
* available
@ -263,7 +263,7 @@ get_pubkey( PKT_public_key *pk, u32 *keyid )
/* do a lookup */
rc = lookup( pk, 11, keyid, NULL, NULL );
rc = lookup( pk, 11, keyid, NULL, NULL, 0 );
if( !rc )
goto leave;
@ -321,15 +321,13 @@ hextobyte( const byte *s )
* on the length a short or complete one.
* - If the username starts with 32,33,40 or 41 hex-digits (the first one
* must be in the range 0..9), this is considered a fingerprint.
* (Not yet implemented)
* - If the username starts with a left angle, we assume it is a complete
* email address and look only at this part.
* - If the username starts with a '.', we assume it is the ending
* part of an email address
* - If the username starts with an '@', we assume it is a part of an
* email address
* - If the userid start with an '=' an exact compare is done; this may
* also follow the keyid in which case both parts are matched.
* - If the userid start with an '=' an exact compare is done.
* - If the userid starts with a '*' a case insensitive substring search is
* done (This is also the default).
*/
@ -436,16 +434,16 @@ key_byname( int secret,
sk = m_alloc_clear( sizeof *sk );
internal++;
}
rc = mode < 16? lookup_sk( sk, mode, keyid, name )
: lookup_sk( sk, mode, keyid, fprint );
rc = mode < 16? lookup_sk( sk, mode, keyid, s, 1 )
: lookup_sk( sk, mode, keyid, fprint, 1 );
}
else {
if( !pk ) {
pk = m_alloc_clear( sizeof *pk );
internal++;
}
rc = mode < 16? lookup( pk, mode, keyid, name, NULL )
: lookup( pk, mode, keyid, fprint, NULL );
rc = mode < 16? lookup( pk, mode, keyid, s, NULL, 1 )
: lookup( pk, mode, keyid, fprint, NULL, 1 );
}
@ -473,7 +471,7 @@ get_pubkey_byfprint( PKT_public_key *pk, const byte *fprint, size_t fprint_len)
int rc;
if( fprint_len == 20 || fprint_len == 16 )
rc = lookup( pk, fprint_len, NULL, fprint, NULL );
rc = lookup( pk, fprint_len, NULL, fprint, NULL, 0 );
else
rc = G10ERR_GENERAL; /* Oops */
return rc;
@ -491,7 +489,7 @@ get_keyblock_byfprint( KBNODE *ret_keyblock, const byte *fprint,
PKT_public_key *pk = m_alloc_clear( sizeof *pk );
if( fprint_len == 20 || fprint_len == 16 )
rc = lookup( pk, fprint_len, NULL, fprint, ret_keyblock );
rc = lookup( pk, fprint_len, NULL, fprint, ret_keyblock, 0 );
else
rc = G10ERR_GENERAL; /* Oops */
@ -507,7 +505,7 @@ get_seckey( PKT_secret_key *sk, u32 *keyid )
{
int rc;
rc = lookup_sk( sk, 11, keyid, NULL );
rc = lookup_sk( sk, 11, keyid, NULL, 0 );
if( !rc ) {
/* check the secret key (this may prompt for a passprase to
* unlock the secret key
@ -530,7 +528,7 @@ seckey_available( u32 *keyid )
int rc;
sk = m_alloc_clear( sizeof *sk );
rc = lookup_sk( sk, 11, keyid, NULL );
rc = lookup_sk( sk, 11, keyid, NULL, 0 );
free_secret_key( sk );
return rc;
}
@ -549,7 +547,7 @@ get_seckey_byname( PKT_secret_key *sk, const char *name, int unprotect )
if( !name && opt.def_secret_key && *opt.def_secret_key )
rc = key_byname( 1, NULL, sk, opt.def_secret_key );
else if( !name ) /* use the first one as default key */
rc = lookup_sk( sk, 15, NULL, NULL );
rc = lookup_sk( sk, 15, NULL, NULL, 1 );
else
rc = key_byname( 1, NULL, sk, name );
if( !rc && unprotect )
@ -587,7 +585,7 @@ compare_name( const char *uid, size_t uidlen, const char *name, int mode )
if( i < uidlen ) {
i = se - s;
if( mode == 3 ) { /* exact email address */
if( strlen(name) == i && !memicmp( s, name, i) )
if( strlen(name)-2 == i && !memicmp( s, name+1, i) )
return 0;
}
else if( mode == 4 ) { /* email substring */
@ -679,7 +677,7 @@ add_stuff_from_selfsig( KBNODE keyblock, KBNODE knode )
*/
static int
lookup( PKT_public_key *pk, int mode, u32 *keyid,
const char *name, KBNODE *ret_keyblock )
const char *name, KBNODE *ret_keyblock, int primary )
{
int rc;
KBNODE keyblock = NULL;
@ -705,7 +703,7 @@ lookup( PKT_public_key *pk, int mode, u32 *keyid,
&& !compare_name( k->pkt->pkt.user_id->name,
k->pkt->pkt.user_id->len, name, mode)) {
/* we found a matching name, look for the key */
for(kk=keyblock; kk; kk = kk->next )
for(kk=keyblock; kk; kk = kk->next ) {
if( ( kk->pkt->pkttype == PKT_PUBLIC_KEY
|| kk->pkt->pkttype == PKT_PUBLIC_SUBKEY )
&& ( !pk->pubkey_algo
@ -716,7 +714,8 @@ lookup( PKT_public_key *pk, int mode, u32 *keyid,
kk->pkt->pkt.public_key->pubkey_algo,
pk->pubkey_usage ))
)
break;
break;
}
if( kk ) {
u32 aki[2];
keyid_from_pk( kk->pkt->pkt.public_key, aki );
@ -805,9 +804,17 @@ lookup( PKT_public_key *pk, int mode, u32 *keyid,
if( k ) { /* found */
assert( k->pkt->pkttype == PKT_PUBLIC_KEY
|| k->pkt->pkttype == PKT_PUBLIC_SUBKEY );
copy_public_key_new_namehash( pk, k->pkt->pkt.public_key,
use_namehash? namehash:NULL);
add_stuff_from_selfsig( keyblock, k );
assert( keyblock->pkt->pkttype == PKT_PUBLIC_KEY );
if( primary && !pk->pubkey_usage ) {
copy_public_key_new_namehash( pk, keyblock->pkt->pkt.public_key,
use_namehash? namehash:NULL);
add_stuff_from_selfsig( keyblock, keyblock );
}
else {
copy_public_key_new_namehash( pk, k->pkt->pkt.public_key,
use_namehash? namehash:NULL);
add_stuff_from_selfsig( keyblock, k );
}
if( ret_keyblock ) {
*ret_keyblock = keyblock;
keyblock = NULL;
@ -833,7 +840,8 @@ lookup( PKT_public_key *pk, int mode, u32 *keyid,
* Ditto for secret keys
*/
static int
lookup_sk( PKT_secret_key *sk, int mode, u32 *keyid, const char *name )
lookup_sk( PKT_secret_key *sk, int mode, u32 *keyid, const char *name,
int primary )
{
int rc;
KBNODE keyblock = NULL;
@ -857,13 +865,19 @@ lookup_sk( PKT_secret_key *sk, int mode, u32 *keyid, const char *name )
&& !compare_name( k->pkt->pkt.user_id->name,
k->pkt->pkt.user_id->len, name, mode)) {
/* we found a matching name, look for the key */
for(kk=keyblock; kk; kk = kk->next )
for(kk=keyblock; kk; kk = kk->next ) {
if( ( kk->pkt->pkttype == PKT_SECRET_KEY
|| kk->pkt->pkttype == PKT_SECRET_SUBKEY )
&& ( !sk->pubkey_algo
|| sk->pubkey_algo
== kk->pkt->pkt.secret_key->pubkey_algo))
break;
== kk->pkt->pkt.secret_key->pubkey_algo)
&& ( !sk->pubkey_usage
|| !check_pubkey_algo2(
kk->pkt->pkt.secret_key->pubkey_algo,
sk->pubkey_usage ))
)
break;
}
if( kk ) {
u32 aki[2];
keyid_from_sk( kk->pkt->pkt.secret_key, aki );
@ -936,7 +950,11 @@ lookup_sk( PKT_secret_key *sk, int mode, u32 *keyid, const char *name )
if( k ) { /* found */
assert( k->pkt->pkttype == PKT_SECRET_KEY
|| k->pkt->pkttype == PKT_SECRET_SUBKEY );
copy_secret_key( sk, k->pkt->pkt.secret_key );
assert( keyblock->pkt->pkttype == PKT_SECRET_KEY );
if( primary && !sk->pubkey_usage )
copy_secret_key( sk, keyblock->pkt->pkt.secret_key );
else
copy_secret_key( sk, k->pkt->pkt.secret_key );
break; /* enumeration */
}
release_kbnode( keyblock );

9
g10/import.c
View File

@ -246,6 +246,7 @@ import_one( const char *fname, KBNODE keyblock )
KBPOS kbpos;
u32 keyid[2];
int rc = 0;
int new_key = 0;
/* get the key and print some info about it */
node = find_kbnode( keyblock, PKT_PUBLIC_KEY );
@ -279,6 +280,7 @@ import_one( const char *fname, KBNODE keyblock )
if( !delete_inv_parts( fname, keyblock, keyid ) ) {
log_info_f( fname, _("key %08lX: no valid user ids\n"),
(ulong)keyid[1]);
log_info(_("this may be caused by a missing self-signature\n"));
return 0;
}
@ -307,6 +309,7 @@ import_one( const char *fname, KBNODE keyblock )
unlock_keyblock( &kbpos );
/* we are ready */
log_info_f( fname, _("key %08lX: public key imported\n"), (ulong)keyid[1]);
new_key = 1;
}
else { /* merge */
int n_uids, n_sigs, n_subk;
@ -382,11 +385,11 @@ import_one( const char *fname, KBNODE keyblock )
log_info_f(fname, _("key %08lX: not changed\n"), (ulong)keyid[1] );
}
if( !rc ) {
rc = query_trust_record( pk_orig );
rc = query_trust_record( new_key? pk : pk_orig );
if( rc && rc != -1 )
log_error("trustdb error: %s\n", g10_errstr(rc) );
else if( rc == -1 ) {
rc = insert_trust_record( pk_orig );
else if( rc == -1 ) { /* not found trustdb */
rc = insert_trust_record( new_key? pk : pk_orig );
if( rc )
log_error("key %08lX: trustdb insert failed: %s\n",
(ulong)keyid[1], g10_errstr(rc) );

32
g10/keyedit.c
View File

@ -264,15 +264,11 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified )
"with your key: \""));
p = get_user_id( sk_keyid, &n );
tty_print_string( p, n );
m_free(p); p = NULL;
tty_printf("\"\n\n");
m_free(p);
p = cpr_get(N_("sign_uid.okay"), _("Really sign? "));
cpr_kill_prompt();
if( !answer_is_yes(p) ) {
m_free(p);
continue; /* No */
}
m_free(p);
if( !cpr_get_answer_is_yes(N_("sign_uid.okay"), _("Really sign? ")) )
continue;;
/* now we can sign the user ids */
reloop: /* (must use this, because we are modifing the list) */
primary_pk = NULL;
@ -328,6 +324,7 @@ delete_key( const char *username, int secret )
PKT_secret_key *sk = NULL;
u32 keyid[2];
int okay=0;
int yes;
/* search the userid */
rc = secret? find_secret_keyblock_byname( &kbpos, username )
@ -376,11 +373,11 @@ delete_key( const char *username, int secret )
if( rc )
rc = 0;
else if( opt.batch && secret )
log_error(_("can't do that in batch-mode\n"));
log_error(_("can't do that in batchmode\n"));
else if( opt.batch && opt.answer_yes )
okay++;
else if( opt.batch )
log_error(_("can't do that in batch-mode without \"--yes\"\n"));
log_error(_("can't do that in batchmode without \"--yes\"\n"));
else {
char *p;
size_t n;
@ -400,23 +397,20 @@ delete_key( const char *username, int secret )
m_free(p);
tty_printf("\n\n");
p = cpr_get( secret? N_("delete_key.secret.okay")
yes = cpr_get_answer_is_yes( secret? N_("delete_key.secret.okay")
: N_("delete_key.okay"),
_("Delete this key from the keyring? "));
cpr_kill_prompt();
if( !cpr_enabled() && secret && answer_is_yes(p)) {
if( !cpr_enabled() && secret && yes ) {
/* I think it is not required to check a passphrase; if
* the user is so stupid as to let others access his secret keyring
* (and has no backup) - it is up him to read some very
* basic texts about security.
*/
m_free(p);
p = cpr_get(N_("delete_key.secret.okay"),
yes = cpr_get_answer_is_yes(N_("delete_key.secret.okay"),
_("This is a secret key! - really delete? "));
}
if( answer_is_yes(p) )
if( yes )
okay++;
m_free(p);
}
@ -596,7 +590,7 @@ keyedit_menu( const char *username, STRLIST locusr )
if( opt.batch ) {
log_error(_("can't do that in batch-mode\n"));
log_error(_("can't do that in batchmode\n"));
goto leave;
}
@ -735,7 +729,7 @@ keyedit_menu( const char *username, STRLIST locusr )
case cmdSIGN: /* sign (only the public key) */
if( count_uids(keyblock) > 1 && !count_selected_uids(keyblock) ) {
if( !cpr_get_answer_is_yes(N_("keyedit.signall.okay"),
if( !cpr_get_answer_is_yes(N_("keyedit.sign_all.okay"),
_("Really sign all user ids? ")) ) {
tty_printf(_("Hint: Select the user ids to sign\n"));
break;

9
g10/keygen.c
View File

@ -444,8 +444,9 @@ ask_keysize( int algo )
else if( nbits < 768 )
tty_printf(_("keysize too small; 768 is smallest value allowed.\n"));
else if( nbits > 2048 && !cpr_enabled() ) {
tty_printf(_("Keysizes larger than 2048 are not suggested because "
"computations take REALLY long!\n"));
tty_printf(
_("Keysizes larger than 2048 are not suggested because\n"
"computations take REALLY long!\n"));
if( cpr_get_answer_is_yes(N_("keygen.size.huge.okay"),_(
"Are you sure that you want this keysize? ")) ) {
tty_printf(_("Okay, but keep in mind that your monitor "
@ -625,8 +626,10 @@ ask_user_id( int mode )
tty_printf(_("You selected this USER-ID:\n \"%s\"\n\n"), uid);
/* fixme: add a warning if this user-id already exists */
for(;;) {
char *ansstr = N_("NnCcEeOoQq");
char *ansstr = _("NnCcEeOoQq");
if( strlen(ansstr) != 10 )
BUG();
if( cpr_enabled() ) {
answer = m_strdup(ansstr+6);
answer[1] = 0;

2
g10/keyid.c
View File

@ -40,7 +40,7 @@ pubkey_letter( int algo )
case PUBKEY_ALGO_RSA: return 'R' ;
case PUBKEY_ALGO_RSA_E: return 'r' ;
case PUBKEY_ALGO_RSA_S: return 's' ;
case PUBKEY_ALGO_ELGAMAL_E:
case PUBKEY_ALGO_ELGAMAL_E: return 'g';
case PUBKEY_ALGO_ELGAMAL: return 'G' ;
case PUBKEY_ALGO_DSA: return 'D' ;
default: return '?';

3
g10/main.h
View File

@ -82,7 +82,7 @@ int generate_subkeypair( KBNODE pub_keyblock, KBNODE sec_keyblock );
/*-- openfile.c --*/
int overwrite_filep( const char *fname );
IOBUF open_outfile( const char *fname, int mode );
int open_outfile( const char *iname, int mode, IOBUF *a );
IOBUF open_sigfile( const char *iname );
/*-- seskey.c --*/
@ -124,5 +124,6 @@ int hash_datafiles( MD_HANDLE md, STRLIST files, const char *sigfilename,
/*-- signal.c --*/
void init_signals(void);
void pause_on_sigusr( int which );
#endif /*G10_MAIN_H*/

21
g10/openfile.c
View File

@ -65,19 +65,22 @@ overwrite_filep( const char *fname )
/****************
* Make an output filename for the inputfile INAME.
* Returns an IOBUF
* Returns an IOBUF and an errorcode
* Mode 0 = use ".gpg"
* 1 = use ".asc"
* 2 = use ".sig"
*/
IOBUF
open_outfile( const char *iname, int mode )
int
open_outfile( const char *iname, int mode, IOBUF *a )
{
IOBUF a = NULL;
int rc = 0;
*a = NULL;
if( (!iname || (*iname=='-' && !iname[1])) && !opt.outfile ) {
if( !(a = iobuf_create(NULL)) )
if( !(*a = iobuf_create(NULL)) ) {
log_error("can't open [stdout]: %s\n", strerror(errno) );
rc = G10ERR_CREATE_FILE;
}
else if( opt.verbose )
log_info("writing to stdout\n");
}
@ -94,14 +97,18 @@ open_outfile( const char *iname, int mode )
name = buf;
}
if( overwrite_filep( name ) ) {
if( !(a = iobuf_create( name )) )
if( !(*a = iobuf_create( name )) ) {
log_error("can't create %s: %s\n", name, strerror(errno) );
rc = G10ERR_CREATE_FILE;
}
else if( opt.verbose )
log_info("writing to '%s'\n", name );
}
else
rc = G10ERR_FILE_EXISTS;
m_free(buf);
}
return a;
return rc;
}

2
g10/options.h
View File

@ -52,6 +52,8 @@ struct {
int rfc1991;
unsigned emulate_bugs; /* bug emulation flags EMUBUG_xxxx */
int shm_coprocess;
const char *set_filename;
const char *comment_string;
} opt;

7
g10/parse-packet.c
View File

@ -1068,15 +1068,14 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
sk->protect.s2k.count = iobuf_get(inp);
pktlen--;
}
}
else { /* old version; no S2K, so we set mode to 0, hash MD5 */
sk->protect.s2k.mode = 0;
/* We need a kludge to cope with old GNUPG versions */
sk->protect.s2k.hash_algo =
( sk->protect.algo == CIPHER_ALGO_BLOWFISH160
&& algorithm == PUBKEY_ALGO_ELGAMAL_E ) ?
DIGEST_ALGO_RMD160 : DIGEST_ALGO_MD5;
( sk->protect.algo == CIPHER_ALGO_BLOWFISH160
&& algorithm == PUBKEY_ALGO_ELGAMAL_E ) ?
DIGEST_ALGO_RMD160 : DIGEST_ALGO_MD5;
if( list_mode )
printf( "\tprotect algo: %d (hash algo: %d)\n",
sk->protect.algo, sk->protect.s2k.hash_algo );

3
g10/passphrase.c
View File

@ -223,8 +223,9 @@ hash_passphrase( DEK *dek, char *pw, STRING2KEY *s2k, int create )
count -= len2;
}
if( count ) {
if( count < 8 )
if( count < 8 ) {
md_write( md, s2k->salt, count );
}
else {
md_write( md, s2k->salt, 8 );
count -= 8;

15
g10/pkclist.c
View File

@ -81,9 +81,17 @@ edit_ownertrust( ulong lid, int mode )
" 2 = I do NOT trust\n"
" 3 = I trust marginally\n"
" 4 = I trust fully\n"
" s = please show me more information\n\n") );
" s = please show me more information\n") );
if( mode )
tty_printf(_(" m = back to the main menu\n"));
tty_printf("\n");
for(;;) {
/* a string with valid answers */
char *ans = _("sSmM");
if( strlen(ans) != 4 )
BUG();
p = cpr_get(N_("edit_ownertrust.value"),_("Your decision? "));
trim_spaces(p);
cpr_kill_prompt();
@ -102,9 +110,12 @@ edit_ownertrust( ulong lid, int mode )
changed++;
break;
}
else if( *p == 's' || *p == 'S' ) {
else if( *p == ans[0] || *p == ans[1] ) {
tty_printf(_("You will see a list of signators etc. here\n"));
}
else if( mode && (*p == ans[2] || *p == ans[3]) ) {
break ; /* back to the menu */
}
m_free(p); p = NULL;
}
m_free(p);

4
g10/revoke.c
View File

@ -142,10 +142,8 @@ gen_revoke( const char *uname )
if( !opt.armor )
tty_printf("ASCII armored output forced.\n");
if( !(out = open_outfile( NULL, 0 )) ) {
rc = G10ERR_CREATE_FILE;
if( (rc = open_outfile( NULL, 0, &out )) )
goto leave;
}
afx.what = 1;
afx.hdrlines = "Comment: A revocation certificate should follow\n";

25
g10/seckey-cert.c
View File

@ -51,10 +51,12 @@ do_check( PKT_secret_key *sk )
if( sk->protect.algo == CIPHER_ALGO_NONE )
BUG();
if( check_cipher_algo( sk->protect.algo ) )
return G10ERR_CIPHER_ALGO; /* unsupported protection algorithm */
if( cipher_get_blocksize( sk->protect.algo ) != 8 )
return G10ERR_CIPHER_ALGO; /* unsupported protection algorithm */
if( check_cipher_algo( sk->protect.algo )
|| cipher_get_blocksize( sk->protect.algo ) != 8 ) {
log_info(_("protection algorithm %d is not supported\n"),
sk->protect.algo );
return G10ERR_CIPHER_ALGO;
}
keyid_from_sk( sk, keyid );
dek = passphrase_to_dek( keyid, sk->protect.algo,
&sk->protect.s2k, 0 );
@ -164,21 +166,6 @@ check_secret_key( PKT_secret_key *sk )
if( i )
log_error(_("Invalid passphrase; please try again ...\n"));
rc = do_check( sk );
#if 0 /* set to 1 to enable the workaround */
if( rc == G10ERR_BAD_PASS && sk->is_protected
&& sk->protect.algo == CIPHER_ALGO_BLOWFISH
&& sk->pubkey_algo != PUBKEY_ALGO_ELGAMAL ) {
/* Workaround for a bug in 0.2.16 which still used
* a 160 bit key for BLOWFISH. */
log_info("trying workaround for 0.2.16 passphrase bug ...\n");
log_info("If you don't need this, uncomment it in g10/seckey-cert.c\n\n");
sk->protect.algo = CIPHER_ALGO_BLOWFISH160;
rc = do_check( sk );
if( rc )
rc = G10ERR_BAD_PASS;
sk->protect.algo = CIPHER_ALGO_BLOWFISH;
}
#endif
if( get_passphrase_fd() != -1 )
break;
}

32
g10/sign.c
View File

@ -156,6 +156,7 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
int compr_algo = -1; /* unknown */
memset( &afx, 0, sizeof afx);
memset( &zfx, 0, sizeof zfx);
memset( &mfx, 0, sizeof mfx);
@ -203,10 +204,8 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
else if( opt.verbose )
log_info("writing to '%s'\n", outfile );
}
else if( !(out = open_outfile( fname, opt.armor? 1: detached? 2:0 )) ) {
rc = G10ERR_CREATE_FILE;
else if( (rc = open_outfile( fname, opt.armor? 1: detached? 2:0, &out )))
goto leave;
}
/* prepare to calculate the MD over the input */
if( opt.textmode && !outfile )
@ -223,9 +222,12 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
if( opt.armor && !outfile )
iobuf_push_filter( out, armor_filter, &afx );
else
else {
write_comment( out, "#created by GNUPG v" VERSION " ("
PRINTABLE_OS_NAME ")");
if( opt.comment_string )
write_comment( out, opt.comment_string );
}
if( encrypt ) {
efx.pk_list = pk_list;
/* fixme: set efx.cfx.datalen if known */
@ -312,10 +314,17 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
}
}
else {
if( fname || opt.set_filename ) {
const char *s = opt.set_filename ? opt.set_filename : fname;
pt = m_alloc( sizeof *pt + strlen(s) - 1 );
pt->namelen = strlen(s);
memcpy(pt->name, s, pt->namelen );
}
else { /* no filename */
pt = m_alloc( sizeof *pt - 1 );
pt->namelen = 0;
}
if( fname ) {
pt = m_alloc( sizeof *pt + strlen(fname) - 1 );
pt->namelen = strlen(fname);
memcpy(pt->name, fname, pt->namelen );
if( !(filesize = iobuf_get_filelength(inp)) )
log_info("warning: '%s' is an empty file\n", fname );
@ -329,11 +338,8 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
if( opt.textmode && !outfile )
filesize = 0;
}
else { /* no filename */
pt = m_alloc( sizeof *pt - 1 );
pt->namelen = 0;
else
filesize = 0; /* stdin */
}
pt->timestamp = make_timestamp();
pt->mode = opt.textmode && !outfile ? 't':'b';
pt->len = filesize;
@ -533,10 +539,8 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
else if( opt.verbose )
log_info("writing to '%s'\n", outfile );
}
else if( !(out = open_outfile( fname, 1 )) ) {
rc = G10ERR_CREATE_FILE;
else if( (rc = open_outfile( fname, 1, &out )) )
goto leave;
}
iobuf_writestr(out, "-----BEGIN PGP SIGNED MESSAGE-----\n" );

18
g10/status.c
View File

@ -286,10 +286,26 @@ cpr_kill_prompt(void)
int
cpr_get_answer_is_yes( const char *keyword, const char *prompt )
{
int yes;
char *p;
#ifdef USE_SHM_COPROCESSING
if( opt.shm_coprocess )
return !!do_shm_get( keyword, 0, 1 );
#endif
return tty_get_answer_is_yes( prompt );
for(;;) {
p = tty_get( prompt );
trim_spaces(p); /* it is okay to do this here */
if( *p == '?' && !p[1] ) {
m_free(p);
display_help( keyword );
}
else {
tty_kill_prompt();
yes = answer_is_yes(p);
m_free(p);
return yes;
}
}
}

5
g10/trustdb.c
View File

@ -1617,6 +1617,11 @@ check_trust( PKT_public_key *pk, unsigned *r_trustlevel )
}
log_info(_("key %08lX.%lu: inserted into trustdb\n"),
keyid[1], pk->local_id );
/* and re-read the dir record */
if( tdbio_read_record( pk->local_id, &rec, RECTYPE_DIR ) ) {
log_error("check_trust: reread dir record failed\n");
return G10ERR_TRUSTDB;
}
}
}
cur_time = make_timestamp();

1
include/errors.h
View File

@ -61,6 +61,7 @@
#define G10ERR_UNEXPECTED 39
#define G10ERR_TIME_CONFLICT 40
#define G10ERR_WR_PUBKEY_ALGO 41 /* unusabe pubkey algo */
#define G10ERR_FILE_EXISTS 42
#ifndef HAVE_STRERROR

4
po/ChangeLog
View File

@ -1,3 +1,7 @@
Tue Aug 11 12:28:11 1998 Werner Koch (wk@(none))
* it.po: New file from Marco.
Thu Jul 9 21:14:51 1998 Werner Koch (wk@isil.d.shuttle.de)
* de.po: Fixed typos and added new translations.

3
po/POTFILES.in
View File

@ -4,6 +4,7 @@
# utility
util/secmem.c
util/argparse.c
util/miscutil.c
# cipher
cipher/random.c
@ -32,6 +33,6 @@ g10/trustdb.c
g10/verify.c
g10/status.c
g10/pubkey-enc.c
g10/openfile.c
#---end--

58
po/de.po
View File

@ -13,6 +13,15 @@ msgstr ""
"(Um dies zu vermeiden, kann das Programm suid(root) installiert werden;\n"
" bitte wenden Sie sich hierzu an den Systemadministrator.)\n"
#: util/miscutil.c:87
msgid "yes"
msgstr "ja"
#: util/miscutil.c:88
msgid "yY"
msgstr "jJ"
#: cipher/rand-dummy.c:106
msgid "warning: using insecure random number generator!!\n"
msgstr "Der Zufallszahlengenerator erzeugt keine sicheren Zufallszahlen!\n"
@ -467,7 +476,6 @@ msgid ""
" 3 = I trust marginally\n"
" 4 = I trust fully\n"
" s = please show me more information\n"
"\n"
msgstr ""
"\"\n"
"\n"
@ -480,7 +488,14 @@ msgstr ""
" 3 = Ich vertraue ihm normalerweise\n"
" 4 = Ich vertraue ihm immer\n"
" s = Bitte weitere Information anzeigen\n"
"\n"
msgid " m = back to the main menu\n"
msgstr " m = Zurück zum Menü\n"
# valid user replies (not including 1..4)
msgid "sSmM"
msgstr "sSmM"
#: g10/pkclist.c:84
msgid "Your decision? "
@ -517,6 +532,11 @@ msgid ""
"\n"
msgstr "Keine \"Owner trust\" Werte ge\344ndert.\n"
#: g10/pkclist.c:186 g10/pkclist.c:273
msgid "Use this key anyway? "
msgstr "Den Schlüssel trotzdem benutzen?"
#: g10/pkclist.c:268
msgid ""
"It is NOT certain that the key belongs to its owner.\n"
@ -719,7 +739,7 @@ msgstr "Der Schl\374ssel verf\344llt am %s\n"
#: g10/keygen.c:528
msgid "Is this correct (y/n)? "
msgstr "Ist dies richtig? (y/n) "
msgstr "Ist dies richtig? (j/n) "
#: g10/keygen.c:557
msgid ""
@ -923,7 +943,7 @@ msgstr "Sch\374ssel %08lX: \326ffentlicher Schl
#: g10/import.c:317
msgid "key %08lX: doesn't match our copy\n"
msgstr "Sch\374ssel %08lX: Stimmt nicht mit unserer Kopie \374berein"
msgstr "Sch\374ssel %08lX: Stimmt nicht mit unserer Kopie \374berein\n"
#: g10/import.c:330 g10/import.c:501
msgid "key %08lX: can't locate original keyblock: %s\n"
@ -1116,11 +1136,11 @@ msgid "use option \"--delete-secret-key\" to delete it first.\n"
msgstr "Benutzen Sie das Kommando \"--delete-decret-key\", um ihn vorab zu entfernen.\n"
#: g10/keyedit.c:508
msgid "can't do that in batch-mode\n"
msgid "can't do that in batchmode\n"
msgstr "Dies kann im Batchmodus nicht durchgef\374hrt werden.\n"
#: g10/keyedit.c:512
msgid "can't do that in batch-mode without \"--yes\"\n"
msgid "can't do that in batchmode without \"--yes\"\n"
msgstr "Dies kann im Batchmodus ohne \"--yes\" nicht durchgef\374hrt werden.\n"
#: g10/keyedit.c:532
@ -1287,3 +1307,29 @@ msgstr ""
msgid "keyedit.cmd"
msgstr "Geben Sie bitte \"help\" ein."
#: g10/status.c:207
msgid "No help available"
msgstr "Keine Hilfe vorhanden."
#: g10/status.c:213
msgid "No help available for '%s'"
msgstr "Keine Hilfe für '%s' vorhanden."
#: g10/pubkey-enc.c:138
msgid "note: cipher algorithm %d not found in preferences\n"
msgstr ""
"Hinweis: Algorithmus %d ist kein bevorzugtes Verschlüsselungsverfahren\n"
#: g10/openfile.c:58
msgid "File '%s' exists. "
msgstr "Datei '%s' exsitier bereits. "
#: g10/openfile.c:59
msgid "openfile.overwrite.okay"
msgstr "Geben Sie \"ja\" ein, wenn Sie die Datei überschreiben möchten"
#: g10/openfile.c:60
msgid "Overwrite (y/N)? "
msgstr "Überschreiben (j/N)? "

2
po/en.po
View File

@ -104,7 +104,7 @@ msgid "keyedit.cancel.okay"
msgstr ""
#: g10/keyedit.c:738
msgid "keyedit.signall.okay"
msgid "keyedit.sign_all.okay"
msgstr ""
#: g10/keyedit.c:772

1545
po/it.po
View File

File diff suppressed because it is too large Load Diff

4
util/ChangeLog
View File

@ -1,3 +1,7 @@
Tue Aug 11 15:12:35 1998 Werner Koch (wk@(none))
* miscutil.c (answer_is_yes): i18ned
Sat Aug 8 18:35:00 1998 Werner Koch (wk@(none))
* ttyio.c (cleanup): New.

2
util/errors.c
View File

@ -91,7 +91,7 @@ g10_errstr( int err )
X(UNEXPECTED ,"Unexpected data")
X(TIME_CONFLICT ,"Timestamp conflict")
X(WR_PUBKEY_ALGO ,"Unusable pubkey algorithm")
X(FILE_EXISTS ,"File exists")
default: p = buf; sprintf(buf, "g10err=%d", err); break;
}
#undef X

11
util/miscutil.c
View File

@ -25,6 +25,7 @@
#include <ctype.h>
#include "types.h"
#include "util.h"
#include "i18n.h"
u32
make_timestamp()
@ -79,14 +80,16 @@ print_string( FILE *fp, byte *p, size_t n, int delim )
putc(*p, fp);
}
int
answer_is_yes( const char *s )
{
if( !stricmp(s, "yes") )
char *long_yes = _("yes");
char *short_yes = _("yY");
if( !stricmp(s, long_yes ) )
return 1;
if( *s == 'y' && !s[1] )
return 1;
if( *s == 'Y' && !s[1] )
if( strchr( short_yes, *s ) && !s[1] )
return 1;
return 0;
}

2
zlib/Makefile
View File

@ -92,7 +92,7 @@ POSUB = po
RANLIB = ranlib
USE_INCLUDED_LIBINTL = yes
USE_NLS = yes
VERSION = 0.3.3
VERSION = 0.3.4
ZLIBS =
l =