mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-21 10:09:57 +01:00
indent: Fix spelling
-- These are non-substantive corrections for minor spelling mistakes within the GnuPG codebase. With something like this applied to the codebase, and a judiciously tuned spellchecker integrated as part of a standard test suite, it should be possible to keep a uniform orthography within the project. GnuPG-bug-id: 7116
This commit is contained in:
parent
253a701ed7
commit
42b0e9558a
@ -121,7 +121,7 @@ struct
|
||||
/* Flag disallowing bypassing of the warning. */
|
||||
int enforce_passphrase_constraints;
|
||||
|
||||
/* The require minmum length of a passphrase. */
|
||||
/* The required minimum length of a passphrase. */
|
||||
unsigned int min_passphrase_len;
|
||||
|
||||
/* The minimum number of non-alpha characters in a passphrase. */
|
||||
@ -286,7 +286,7 @@ struct server_control_s
|
||||
int algo;
|
||||
unsigned char value[MAX_DIGEST_LEN];
|
||||
unsigned int raw_value: 1;
|
||||
unsigned int is_pss: 1; /* DATA holds PSS formated data. */
|
||||
unsigned int is_pss: 1; /* DATA holds PSS formatted data. */
|
||||
} digest;
|
||||
unsigned int have_keygrip: 1;
|
||||
unsigned int have_keygrip1: 1;
|
||||
|
@ -884,7 +884,7 @@ struct inq_cb_parm_s
|
||||
};
|
||||
|
||||
|
||||
/* Return true if PIN is indentical to the last generated pin. */
|
||||
/* Return true if PIN is identical to the last generated pin. */
|
||||
static int
|
||||
is_generated_pin (struct inq_cb_parm_s *parm, const char *pin)
|
||||
{
|
||||
|
@ -251,7 +251,7 @@ reset_notify (assuan_context_t ctx, char *line)
|
||||
|
||||
clear_nonce_cache (ctrl);
|
||||
|
||||
/* Note that a RESET does not clear the ephemeral store becuase
|
||||
/* Note that a RESET does not clear the ephemeral store because
|
||||
* clients are used to issue a RESET on a connection. */
|
||||
|
||||
return 0;
|
||||
|
@ -90,7 +90,7 @@ has_percent0A_suffix (const char *string)
|
||||
|
||||
INFO gets displayed as part of a generic string. However if the
|
||||
first character of INFO is a vertical bar all up to the next
|
||||
verical bar are considered flags and only everything after the
|
||||
vertical bar are considered flags and only everything after the
|
||||
second vertical bar gets displayed as the full prompt.
|
||||
|
||||
Flags:
|
||||
|
@ -1550,7 +1550,7 @@ agent_key_from_file (ctrl_t ctrl, const char *cache_nonce,
|
||||
{
|
||||
memcpy (*shadow_info, s, n);
|
||||
/*
|
||||
* When it's a key on card (not on tpm2), maks sure
|
||||
* When it's a key on card (not on tpm2), make sure
|
||||
* it's available.
|
||||
*/
|
||||
if (strcmp (shadow_type, "t1-v1") == 0 && !grip)
|
||||
|
@ -1216,7 +1216,7 @@ main (int argc, char **argv)
|
||||
* Now we are now working under our real uid
|
||||
*/
|
||||
|
||||
/* The configuraton directories for use by gpgrt_argparser. */
|
||||
/* The configuration directories for use by gpgrt_argparser. */
|
||||
gpgrt_set_confdir (GPGRT_CONFDIR_SYS, gnupg_sysconfdir ());
|
||||
gpgrt_set_confdir (GPGRT_CONFDIR_USER, gnupg_homedir ());
|
||||
|
||||
@ -1225,7 +1225,7 @@ main (int argc, char **argv)
|
||||
pargs.argc = &argc;
|
||||
pargs.argv = &argv;
|
||||
/* We are re-using the struct, thus the reset flag. We OR the
|
||||
* flags so that the internal intialized flag won't be cleared. */
|
||||
* flags so that the internal initialized flag won't be cleared. */
|
||||
pargs.flags |= (ARGPARSE_FLAG_RESET
|
||||
| ARGPARSE_FLAG_KEEP
|
||||
| ARGPARSE_FLAG_SYS
|
||||
|
@ -509,7 +509,7 @@ do_encryption (const unsigned char *hashbegin, size_t hashlen,
|
||||
((sha1 salt no_of_iterations) 16byte_iv)
|
||||
encrypted_octet_string)
|
||||
|
||||
in canoncical format of course. We use asprintf and %n modifier
|
||||
in canonical format of course. We use asprintf and %n modifier
|
||||
and dummy values as placeholders. */
|
||||
{
|
||||
char countbuf[35];
|
||||
|
@ -22,7 +22,7 @@
|
||||
#include "../common/sexp-parse.h"
|
||||
|
||||
/*
|
||||
* When it's for ECC, fixup private key part in the cannonical SEXP
|
||||
* When it's for ECC, fixup private key part in the canonical SEXP
|
||||
* representation in BUF. If not ECC, do nothing.
|
||||
*/
|
||||
gpg_error_t
|
||||
|
@ -63,7 +63,7 @@ static const char headerblurb[] =
|
||||
"# well as empty lines are ignored. Lines have a length limit but this\n"
|
||||
"# is not a serious limitation as the format of the entries is fixed and\n"
|
||||
"# checked by gpg-agent. A non-comment line starts with optional white\n"
|
||||
"# space, followed by the SHA-1 fingerpint in hex, followed by a flag\n"
|
||||
"# space, followed by the SHA-1 fingerprint in hex, followed by a flag\n"
|
||||
"# which may be one of 'P', 'S' or '*' and optionally followed by a list of\n"
|
||||
"# other flags. The fingerprint may be prefixed with a '!' to mark the\n"
|
||||
"# key as not trusted. You should give the gpg-agent a HUP or run the\n"
|
||||
@ -736,7 +736,7 @@ agent_marktrusted (ctrl_t ctrl, const char *name, const char *fpr, int flag)
|
||||
insert a line break. The double percent sign is actually
|
||||
needed because it is also a printf format string. If you
|
||||
need to insert a plain % sign, you need to encode it as
|
||||
"%%25". The second "%s" gets replaced by a hexdecimal
|
||||
"%%25". The second "%s" gets replaced by a hexadecimal
|
||||
fingerprint string whereas the first one receives the name
|
||||
as stored in the certificate. */
|
||||
L_("Please verify that the certificate identified as:%%0A"
|
||||
|
@ -188,13 +188,13 @@ MAKE_J=6
|
||||
|
||||
INST_NAME=gnupg-w32
|
||||
|
||||
# Use this to override the installaion directory for native builds.
|
||||
# Use this to override the installation directory for native builds.
|
||||
INSTALL_PREFIX=none
|
||||
|
||||
# Set this to the location of wixtools
|
||||
WIXPREFIX=$(shell readlink -f ~/w32root/wixtools)
|
||||
|
||||
# If patchelf(1) is not availale disable the command.
|
||||
# If patchelf(1) is not available disable the command.
|
||||
PATCHELF := $(shell patchelf --version 2>/dev/null >/dev/null || echo "echo please run: ")patchelf
|
||||
|
||||
# Read signing information from ~/.gnupg-autogen.rc
|
||||
@ -1401,7 +1401,7 @@ endif
|
||||
|
||||
|
||||
#
|
||||
# Check availibility of standard tools and prepare everything.
|
||||
# Check availability of standard tools and prepare everything.
|
||||
#
|
||||
check-tools: $(stampdir)/stamp-directories
|
||||
|
||||
|
@ -60,7 +60,7 @@ Below is the README file as distributed with the GnuPG source.
|
||||
4. Software Versions of the Included Packages
|
||||
=============================================
|
||||
|
||||
GnuPG for Windows depends on several independet developed packages
|
||||
GnuPG for Windows depends on several independent developed packages
|
||||
which are part of the installation. These packages along with their
|
||||
version numbers and the SHA-1 checksums of their compressed tarballs
|
||||
are listed here:
|
||||
|
@ -24,7 +24,7 @@
|
||||
************************************************************
|
||||
* The code for the splash screen has been taken from the Splash
|
||||
* plugin of the NSIS 2.04 distribution. That code comes without
|
||||
* explicit copyright notices in tyhe source files or author names, it
|
||||
* explicit copyright notices in the source files or author names, it
|
||||
* seems that it has been written by Justin Frankel; not sure about
|
||||
* the year, though. [wk 2005-11-28]
|
||||
*
|
||||
|
@ -695,7 +695,7 @@ get_assuan_server_version (assuan_context_t ctx, int mode, char **r_version)
|
||||
|
||||
/* Print a warning if the server's version number is less than our
|
||||
* version number. Returns an error code on a connection problem.
|
||||
* CTX is the Assuan context, SERVERNAME is the name of teh server,
|
||||
* CTX is the Assuan context, SERVERNAME is the name of the server,
|
||||
* STATUS_FUNC and STATUS_FUNC_DATA is a callback to emit status
|
||||
* messages. If PRINT_HINTS is set additional hints are printed. For
|
||||
* MODE see get_assuan_server_version. */
|
||||
|
@ -44,7 +44,7 @@ struct log_item_s
|
||||
gpg_error_t err; /* The logged error code. */
|
||||
int intvalue; /* A logged integer value. */
|
||||
char *string; /* A malloced string or NULL. */
|
||||
ksba_cert_t cert; /* A certifciate or NULL. */
|
||||
ksba_cert_t cert; /* A certificate or NULL. */
|
||||
unsigned int have_err:1;
|
||||
unsigned int have_intvalue:1;
|
||||
};
|
||||
|
@ -76,7 +76,7 @@ typedef enum
|
||||
/* The signature is a detached one. */
|
||||
|
||||
AUDIT_CERT_ONLY_SIG,
|
||||
/* A certifciate only signature has been detected. */
|
||||
/* A certificate only signature has been detected. */
|
||||
|
||||
AUDIT_DATA_HASH_ALGO, /* int */
|
||||
/* The hash algo given as argument is used for the data. This
|
||||
|
@ -42,7 +42,7 @@ static int module;
|
||||
|
||||
/* This value is used by DSA and RSA checks in addition to the hard
|
||||
* coded length checks. It allows one to increase the required key length
|
||||
* using a confue file. */
|
||||
* using a config file. */
|
||||
static unsigned int min_compliant_rsa_length;
|
||||
|
||||
/* Return the address of a compliance cache variable for COMPLIANCE.
|
||||
|
@ -1450,7 +1450,7 @@ dotlock_take_unix (dotlock_t h, long timeout)
|
||||
int wtimereal;
|
||||
|
||||
if (ownerchanged)
|
||||
wtime = 0; /* Reset because owner chnaged. */
|
||||
wtime = 0; /* Reset because owner changed. */
|
||||
|
||||
wtimereal = next_wait_interval (&wtime, &timeout);
|
||||
if (!timeout)
|
||||
|
@ -124,7 +124,7 @@ timegm (struct tm *tm)
|
||||
|
||||
/* Version of the GNU timegm which returns an unsigned 64 bit integer
|
||||
* instead of the usually signed time_t. On error (uint64_t)(-1) is
|
||||
* returned. This function is mostly here becuase on 32 bit Windows
|
||||
* returned. This function is mostly here because on 32 bit Windows
|
||||
* we have an internal API to get the system time even after
|
||||
* 2023-01-19. For 32 bit Unix we need to suffer from the too short
|
||||
* time_t and no system function to construct the time from a tm. */
|
||||
|
@ -1089,7 +1089,7 @@ gnupg_daemon_rootdir (void)
|
||||
|
||||
n = GetSystemDirectoryA (path, sizeof path);
|
||||
if (!n || n >= sizeof path)
|
||||
name = xstrdup ("/"); /* Error - use the curret top dir instead. */
|
||||
name = xstrdup ("/"); /* Error - use the current top dir instead. */
|
||||
else
|
||||
name = xstrdup (path);
|
||||
gpgrt_annotate_leaked_object (name);
|
||||
@ -1306,7 +1306,7 @@ _gnupg_socketdir_internal (int skip_checks, unsigned *r_info)
|
||||
strcat (prefixbuffer, gnupgname);
|
||||
}
|
||||
|
||||
/* Check whether the gnupg sub directory (or the specified diretory)
|
||||
/* Check whether the gnupg sub directory (or the specified directory)
|
||||
* has proper permissions. */
|
||||
if (stat (prefix, &sb))
|
||||
{
|
||||
|
@ -1670,7 +1670,7 @@ iobuf_ioctl (iobuf_t a, iobuf_ioctl_t cmd, int intval, void *ptrval)
|
||||
/* Peek at a justed opened file. Use this only directly after a
|
||||
* file has been opened for reading. Don't use it after you did
|
||||
* a seek. This works only if just file filter has been
|
||||
* pushed. Expects a buffer wit size INTVAL at PTRVAL and returns
|
||||
* pushed. Expects a buffer with size INTVAL at PTRVAL and returns
|
||||
* the number of bytes put into the buffer. */
|
||||
if (DBG_IOBUF)
|
||||
log_debug ("iobuf-%d.%d: ioctl '%s' peek\n",
|
||||
|
@ -204,7 +204,7 @@ struct iobuf_struct
|
||||
byte *buf;
|
||||
} d;
|
||||
|
||||
/* A external drain buffer for reading/writting data skipping internal
|
||||
/* A external drain buffer for reading/writing data skipping internal
|
||||
draint buffer D.BUF. This allows zerocopy operation reducing
|
||||
processing overhead across filter stack.
|
||||
|
||||
|
@ -34,7 +34,7 @@
|
||||
|
||||
/* Create a directory as well as any missing parents.
|
||||
|
||||
The arguments must be NULL termianted. If DIRECTORY_COMPONENTS...
|
||||
The arguments must be NULL terminated. If DIRECTORY_COMPONENTS...
|
||||
consists of two elements, "foo/bar" and "xyzzy", this function will
|
||||
first try to create the directory "foo/bar" and then the directory
|
||||
"foo/bar/xyzzy". On success returns 0, otherwise an error code is
|
||||
|
@ -136,7 +136,7 @@ compute_openpgp_fpr (int keyversion, int pgpalgo, unsigned long timestamp,
|
||||
/* log_printhex (iov[i].data, iov[i].len, "cmpfpr i=%d: ", i); */
|
||||
|
||||
err = gcry_md_hash_buffers (hashalgo, 0, result, iov, iovcnt);
|
||||
/* log_printhex (result, 20, "fingerpint: "); */
|
||||
/* log_printhex (result, 20, "fingerprint: "); */
|
||||
|
||||
/* Better clear the first element because it was set by us. */
|
||||
iov[0].size = 0;
|
||||
|
@ -129,7 +129,7 @@ make_flagged_int (unsigned long value, char *buf, size_t buflen)
|
||||
|
||||
/* fixme: figure out the number of bits in an ulong and start with
|
||||
that value as shift (after making it a multiple of 7) a more
|
||||
straigtforward implementation is to do it in reverse order using
|
||||
straightforward implementation is to do it in reverse order using
|
||||
a temporary buffer - saves a lot of compares */
|
||||
for (more=0, shift=28; shift > 0; shift -= 7)
|
||||
{
|
||||
|
@ -315,7 +315,7 @@ session_env_putenv (session_env_t se, const char *string)
|
||||
}
|
||||
|
||||
|
||||
/* Same as session_env_putenv but with name and value given as distict
|
||||
/* Same as session_env_putenv but with name and value given as distinct
|
||||
values. */
|
||||
gpg_error_t
|
||||
session_env_setenv (session_env_t se, const char *name, const char *value)
|
||||
@ -355,7 +355,7 @@ session_env_getenv (session_env_t se, const char *name)
|
||||
object. The returned value is valid as long as SE is valid and as
|
||||
long it has not been removed or updated by a call to
|
||||
session_env_putenv. If the variable does not exist, the function
|
||||
tries to return the value trough a call to getenv; if that returns
|
||||
tries to return the value through a call to getenv; if that returns
|
||||
a value, this value is recorded and used. If no value could be
|
||||
found, returns NULL. The caller must not change the returned
|
||||
value. */
|
||||
|
@ -104,7 +104,7 @@ smatch (unsigned char const **buf, size_t buflen, const char *token)
|
||||
return 1;
|
||||
}
|
||||
|
||||
/* Format VALUE for use as the length indicatior of an S-expression.
|
||||
/* Format VALUE for use as the length indicator of an S-expression.
|
||||
The caller needs to provide a buffer HELP_BUFFER with a length of
|
||||
HELP_BUFLEN. The return value is a pointer into HELP_BUFFER with
|
||||
the formatted length string. The colon and a trailing nul are
|
||||
|
@ -199,7 +199,7 @@ make_canon_sexp_pad (gcry_sexp_t sexp, int secure,
|
||||
}
|
||||
|
||||
/* Return the so called "keygrip" which is the SHA-1 hash of the
|
||||
public key parameters expressed in a way dependend on the algorithm.
|
||||
public key parameters expressed in a way dependent on the algorithm.
|
||||
|
||||
KEY is expected to be an canonical encoded S-expression with a
|
||||
public or private key. KEYLEN is the length of that buffer.
|
||||
@ -1195,7 +1195,7 @@ cipher_mode_to_string (int mode)
|
||||
}
|
||||
}
|
||||
|
||||
/* Return the cannonical name of the ECC curve in KEY. */
|
||||
/* Return the canonical name of the ECC curve in KEY. */
|
||||
const char *
|
||||
get_ecc_curve_from_key (gcry_sexp_t key)
|
||||
{
|
||||
|
@ -588,7 +588,7 @@ translate_sys2libc_fd_int (int fd, int for_write)
|
||||
/*
|
||||
* Parse the string representation of a file reference (file handle on
|
||||
* Windows or file descriptor on POSIX) in FDSTR. The string
|
||||
* representation may be either of folllowing:
|
||||
* representation may be either of following:
|
||||
|
||||
* (1) 0, 1, or 2 which means stdin, stdout, and stderr, respectively.
|
||||
* (2) Integer representation (by %d of printf).
|
||||
@ -1106,7 +1106,7 @@ modestr_to_mode (const char *modestr, mode_t oldmode)
|
||||
int
|
||||
gnupg_mkdir (const char *name, const char *modestr)
|
||||
{
|
||||
/* Note that gpgrt_mkdir also sets ERRNO in addition to returing an
|
||||
/* Note that gpgrt_mkdir also sets ERRNO in addition to returning an
|
||||
* gpg-error style error code. */
|
||||
return gpgrt_mkdir (name, modestr);
|
||||
}
|
||||
|
@ -29,7 +29,7 @@
|
||||
*/
|
||||
|
||||
/* The whole code here does not very fill into our general test frame
|
||||
* work patter. But let's keep it as it is. */
|
||||
* work pattern. But let's keep it as it is. */
|
||||
|
||||
#include <config.h>
|
||||
#include <stdio.h>
|
||||
|
@ -95,7 +95,7 @@ ensure_space (tlv_builder_t tb)
|
||||
* element is described by CLASS, TAG, VALUE, and VALUEEN. CLASS and
|
||||
* TAG must describe a primitive element and (VALUE,VALUELEN) specify
|
||||
* its value. The value is a pointer and its object must not be
|
||||
* changed as long as the instance TB exists. For a TAG_NULL no vlaue
|
||||
* changed as long as the instance TB exists. For a TAG_NULL no value
|
||||
* is expected. Errors are not returned but recorded for later
|
||||
* retrieval. */
|
||||
void
|
||||
|
@ -42,7 +42,7 @@ struct bufferlist_s
|
||||
/* An object to control the ASN.1 parsing. */
|
||||
struct tlv_parser_s
|
||||
{
|
||||
/* The orginal buffer with the entire pkcs#12 object and its length. */
|
||||
/* The original buffer with the entire pkcs#12 object and its length. */
|
||||
const unsigned char *origbuffer;
|
||||
size_t origbufsize;
|
||||
|
||||
|
@ -141,7 +141,7 @@ void tlv_builder_add_end (tlv_builder_t tb);
|
||||
gpg_error_t tlv_builder_finalize (tlv_builder_t tb,
|
||||
void **r_obj, size_t *r_objlen);
|
||||
|
||||
/* Wite a TLV header to MEMBUF. */
|
||||
/* Write a TLV header to MEMBUF. */
|
||||
void put_tlv_to_membuf (membuf_t *membuf, int class, int tag,
|
||||
int constructed, size_t length);
|
||||
|
||||
|
@ -323,7 +323,7 @@ void setup_libgcrypt_logging (void);
|
||||
/* Print an out of core message and die. */
|
||||
void xoutofcore (void);
|
||||
|
||||
/* Wrapper aroung gpgrt_reallocarray. Uses the gpgrt alloc function
|
||||
/* Wrapper around gpgrt_reallocarray. Uses the gpgrt alloc function
|
||||
* which redirects to the Libgcrypt versions via
|
||||
* init_common_subsystems. Thus this can be used interchangeable with
|
||||
* the other alloc functions. */
|
||||
|
@ -1601,7 +1601,7 @@ if test "$build_tpm2d" = "yes"; then
|
||||
# until version 2.4.0.
|
||||
#
|
||||
# Note: the missing API is fairly serious and is also easily backportable
|
||||
# so keep the check below as is intead of going by library version number.
|
||||
# so keep the check below as is instead of going by library version number.
|
||||
##
|
||||
AC_CHECK_LIB(tss2-esys, Esys_TR_GetTpmHandle, [], [
|
||||
AC_MSG_WARN([Need Esys_TR_GetTpmHandle API (usually requires Intel TSS 2.4.0 or later, disabling TPM support)])
|
||||
@ -1638,7 +1638,7 @@ if test "$GCC" = yes; then
|
||||
mycflags=
|
||||
mycflags_save=$CFLAGS
|
||||
|
||||
# Check whether gcc does not emit a diagnositc for unknown -Wno-*
|
||||
# Check whether gcc does not emit a diagnostic for unknown -Wno-*
|
||||
# options. This is the case for gcc >= 4.6
|
||||
AC_MSG_CHECKING([if gcc ignores unknown -Wno-* options])
|
||||
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
|
||||
|
@ -55,7 +55,7 @@ Noteworthy changes in version 1.0.1 (2007-08-16)
|
||||
Noteworthy changes in version 1.0.0 (2006-11-29)
|
||||
------------------------------------------------
|
||||
|
||||
* Bumbed the version number.
|
||||
* Bumped the version number.
|
||||
|
||||
* Removed included gettext. We now require the system to provide a
|
||||
suitable installation.
|
||||
@ -174,7 +174,7 @@ Noteworthy changes in version 0.5.4 (2004-04-29)
|
||||
------------------------------------------------
|
||||
|
||||
* New commands --ocsp-responder and --ocsp-signer to define a default
|
||||
OCSP reponder if a certificate does not contain an assigned OCSP
|
||||
OCSP responder if a certificate does not contain an assigned OCSP
|
||||
responder.
|
||||
|
||||
|
||||
|
@ -225,7 +225,7 @@ cert_compute_fpr (ksba_cert_t cert, unsigned char *digest)
|
||||
|
||||
|
||||
|
||||
/* Cleanup one slot. This releases all resourses but keeps the actual
|
||||
/* Cleanup one slot. This releases all resources but keeps the actual
|
||||
slot in the cache marked for reuse. */
|
||||
static void
|
||||
clean_cache_slot (cert_item_t ci)
|
||||
|
@ -1104,12 +1104,12 @@ main (int argc, char **argv)
|
||||
|
||||
socket_name = dirmngr_socket_name ();
|
||||
|
||||
/* The configuraton directories for use by gpgrt_argparser. */
|
||||
/* The configuration directories for use by gpgrt_argparser. */
|
||||
gpgrt_set_confdir (GPGRT_CONFDIR_SYS, gnupg_sysconfdir ());
|
||||
gpgrt_set_confdir (GPGRT_CONFDIR_USER, gnupg_homedir ());
|
||||
|
||||
/* We are re-using the struct, thus the reset flag. We OR the
|
||||
* flags so that the internal intialized flag won't be cleared. */
|
||||
* flags so that the internal initialized flag won't be cleared. */
|
||||
argc = orig_argc;
|
||||
argv = orig_argv;
|
||||
pargs.argc = &argc;
|
||||
@ -1748,7 +1748,7 @@ dirmngr_deinit_default_ctrl (ctrl_t ctrl)
|
||||
|
||||
The format of such a file is line oriented where empty lines and
|
||||
lines starting with a hash mark are ignored. All other lines are
|
||||
assumed to be colon seprated with these fields:
|
||||
assumed to be colon separated with these fields:
|
||||
|
||||
1. field: Hostname
|
||||
2. field: Portnumber
|
||||
|
@ -241,7 +241,7 @@ struct server_control_s
|
||||
int audit_events; /* Send audit events to client. */
|
||||
char *http_proxy; /* The used http_proxy or NULL. */
|
||||
|
||||
nvc_t rootdse; /* Container wit the rootDSE properties. */
|
||||
nvc_t rootdse; /* Container with the rootDSE properties. */
|
||||
|
||||
unsigned int timeout; /* Timeout for connect calls in ms. */
|
||||
|
||||
|
@ -9761,7 +9761,7 @@ struct dns_addrinfo *dns_ai_open(const char *host, const char *serv, enum dns_ty
|
||||
/*
|
||||
* FIXME: If an explicit A or AAAA record type conflicts with
|
||||
* .ai_family or with resconf.family (i.e. AAAA specified but
|
||||
* AF_INET6 not in interection of .ai_family and resconf.family),
|
||||
* AF_INET6 not in intersection of .ai_family and resconf.family),
|
||||
* then what?
|
||||
*/
|
||||
switch (ai->qtype) {
|
||||
|
@ -78,7 +78,7 @@ gnupg_http_tls_verify_cb (void *opaque,
|
||||
validate_flags = VALIDATE_FLAG_TLS;
|
||||
|
||||
/* If we are using the standard hkps:// pool use the dedicated root
|
||||
* certificate. Note that this differes from the GnuTLS
|
||||
* certificate. Note that this differs from the GnuTLS
|
||||
* implementation which uses this special certificate only if no
|
||||
* other certificates are configured. */
|
||||
/* Disabled for 2.3.2 to due problems with the standard hkps pool. */
|
||||
|
@ -295,7 +295,7 @@ struct http_session_s
|
||||
} verify;
|
||||
char *servername; /* Malloced server name. */
|
||||
|
||||
/* A callback function to log details of TLS certifciates. */
|
||||
/* A callback function to log details of TLS certificates. */
|
||||
void (*cert_log_cb) (http_session_t, gpg_error_t, const char *,
|
||||
const void **, size_t *);
|
||||
|
||||
@ -2018,7 +2018,7 @@ w32_get_proxy (const char *url)
|
||||
* If OVERRIDE_PROXY is not NULL and not empty, this proxy will be
|
||||
* used instead of any configured or dynamically determined proxy. If
|
||||
* the function runs into an error an error code is returned and NULL
|
||||
* is stored at R_PROXY. If the fucntion was successful and a proxy
|
||||
* is stored at R_PROXY. If the function was successful and a proxy
|
||||
* is to be used, information on the procy is stored at R_PROXY; if no
|
||||
* proxy shall be used R_PROXY is set to NULL. Caller should always
|
||||
* use release_proxy_info on the value stored at R_PROXY. */
|
||||
@ -2358,8 +2358,8 @@ run_gnutls_handshake (http_t hd, const char *server)
|
||||
#endif /*HTTP_USE_GNUTLS*/
|
||||
|
||||
|
||||
/* It INPUTSTRING is NULL get the intial token. If INPUTSTRING is not
|
||||
* NULL, decode the string and use this as input from teh server. On
|
||||
/* It INPUTSTRING is NULL get the initial token. If INPUTSTRING is not
|
||||
* NULL, decode the string and use this as input from the server. On
|
||||
* success the final output token is stored at PROXY->OUTTOKEN and
|
||||
* OUTTOKLEN. IF the authentication succeeded OUTTOKLEN is zero. */
|
||||
static gpg_error_t
|
||||
@ -2379,7 +2379,7 @@ proxy_get_token (proxy_info_t proxy, const char *inputstring)
|
||||
|
||||
if (inputstring)
|
||||
{
|
||||
/* The input is expected in the token parameter but the paremter
|
||||
/* The input is expected in the token parameter but the parameter
|
||||
* name is often forgotten. Thus we simply detect the parameter
|
||||
* name and skip it, assuming no other parameters are given. */
|
||||
if (!strncmp (inputstring, "token=", 6))
|
||||
@ -4424,8 +4424,8 @@ same_host_p (parsed_uri_t a, parsed_uri_t b)
|
||||
|
||||
/* Prepare a new URL for a HTTP redirect. INFO has flags controlling
|
||||
* the operation, STATUS_CODE is used for diagnostics, LOCATION is the
|
||||
* value of the "Location" header, and R_URL reveives the new URL on
|
||||
* success or NULL or error. Note that INFO->ORIG_URL is
|
||||
* value of the "Location" header, and R_URL receives the new URL on
|
||||
* success or NULL on error. Note that INFO->ORIG_URL is
|
||||
* required. */
|
||||
gpg_error_t
|
||||
http_prepare_redirect (http_redir_info_t *info, unsigned int status_code,
|
||||
@ -4596,7 +4596,7 @@ http_status2string (unsigned int status)
|
||||
}
|
||||
|
||||
|
||||
/* Fucntion called on SIGHUP to flush internal variables. */
|
||||
/* Function called on SIGHUP to flush internal variables. */
|
||||
void
|
||||
http_reinitialize (void)
|
||||
{
|
||||
|
@ -53,7 +53,7 @@
|
||||
#define SERVERINFO_PGPKEYV2 2 /* Needs "pgpKeyV2" instead of "pgpKey"*/
|
||||
#define SERVERINFO_SCHEMAV2 4 /* Version 2 of the Schema. */
|
||||
#define SERVERINFO_NTDS 8 /* Server is an Active Directory. */
|
||||
#define SERVERINFO_GENERIC 16 /* Connected in genric mode. */
|
||||
#define SERVERINFO_GENERIC 16 /* Connected in generic mode. */
|
||||
|
||||
|
||||
/* The page size requested from the server. */
|
||||
@ -1257,7 +1257,7 @@ return_all_attributes (LDAP *ld, LDAPMessage *msg, estream_t *fp)
|
||||
}
|
||||
|
||||
/* Always print the DN - note that by using only unbkown attributes
|
||||
* it is pissible to list just the DNs with out addiional
|
||||
* it is possible to list just the DNs with out additional
|
||||
* linefeeds. */
|
||||
es_fprintf (*fp, "Dn: %s\n", mydn? mydn : "[oops DN missing]");
|
||||
|
||||
@ -1307,7 +1307,7 @@ return_all_attributes (LDAP *ld, LDAPMessage *msg, estream_t *fp)
|
||||
len = values[idx]->bv_len;
|
||||
while (len && (s = memchr (val, '\n', len)))
|
||||
{
|
||||
s++; /* We als want to print the LF. */
|
||||
s++; /* We also want to print the LF. */
|
||||
if (es_fwrite (val, s - val, 1, *fp) != 1)
|
||||
goto fwrite_failed;
|
||||
len -= (s-val);
|
||||
@ -2361,7 +2361,7 @@ modlist_free (LDAPMod **modlist)
|
||||
LDAPMod *mod = *ml;
|
||||
char **ptr;
|
||||
|
||||
/* The list of values is a NULL termianted array of pointers.
|
||||
/* The list of values is a NULL terminated array of pointers.
|
||||
If the list is NULL, there are no values. */
|
||||
|
||||
if (mod->mod_values)
|
||||
@ -2460,7 +2460,7 @@ uncescape (char *str)
|
||||
/* Given one line from an info block (`gpg --list-{keys,sigs}
|
||||
--with-colons KEYID'), pull it apart and fill in the modlist with
|
||||
the relevant (for the LDAP schema) attributes. EXTRACT_STATE
|
||||
should initally be set to 0 by the caller. SCHEMAV2 is set if the
|
||||
should initially be set to 0 by the caller. SCHEMAV2 is set if the
|
||||
server supports the version 2 schema. */
|
||||
static void
|
||||
extract_attributes (LDAPMod ***modlist, int *extract_state,
|
||||
@ -2620,7 +2620,7 @@ extract_attributes (LDAPMod ***modlist, int *extract_state,
|
||||
|
||||
memset (&tm, 0, sizeof (tm));
|
||||
|
||||
/* parse_timestamp handles both seconds fromt he epoch and
|
||||
/* parse_timestamp handles both seconds from the epoch and
|
||||
ISO 8601 format. We also need to handle YYYY-MM-DD
|
||||
format (as generated by gpg1 --with-colons --list-key).
|
||||
Check that first and then if it fails, then try
|
||||
@ -2668,7 +2668,7 @@ extract_attributes (LDAPMod ***modlist, int *extract_state,
|
||||
|
||||
memset (&tm, 0, sizeof (tm));
|
||||
|
||||
/* parse_timestamp handles both seconds fromt he epoch and
|
||||
/* parse_timestamp handles both seconds from the epoch and
|
||||
ISO 8601 format. We also need to handle YYYY-MM-DD
|
||||
format (as generated by gpg1 --with-colons --list-key).
|
||||
Check that first and then if it fails, then try
|
||||
|
@ -220,7 +220,7 @@ ldap_to_gpg_err (LDAP *ld)
|
||||
* ^&SCOPE&(objectClasses=*)
|
||||
*
|
||||
* Give a scope and a filter. Note that R_SCOPE is only changed if a
|
||||
* STRING has scope parameter. Setting this initally to -1 allows to
|
||||
* STRING has scope parameter. Setting this initially to -1 allows to
|
||||
* detect this case.
|
||||
*/
|
||||
gpg_error_t
|
||||
|
@ -256,7 +256,7 @@ url_fetch_ldap (ctrl_t ctrl, const char *url, ksba_reader_t *reader)
|
||||
}
|
||||
|
||||
if (ludp->lud_scheme && !strcmp (ludp->lud_scheme, "ldaps"))
|
||||
tls_mode = 2; /* LDAP-over-TLS here becuase we get it from certs. */
|
||||
tls_mode = 2; /* LDAP-over-TLS here because we get it from certs. */
|
||||
else
|
||||
tls_mode = 0;
|
||||
|
||||
@ -524,7 +524,7 @@ make_one_filter (const char *pattern, char **r_result)
|
||||
if (*pattern)
|
||||
{
|
||||
/* We need just the BaseDN. This assumes that the Subject
|
||||
* is correcly stored in the DT. This is however not always
|
||||
* is correctly stored in the DT. This is however not always
|
||||
* the case and the actual DN is different from the
|
||||
* subject. In this case we won't find anything. */
|
||||
if (extfilt_need_escape (pattern)
|
||||
@ -606,7 +606,7 @@ make_one_filter (const char *pattern, char **r_result)
|
||||
/* Prepare an LDAP query to return the cACertificate attribute for DN.
|
||||
* All configured default servers are queried until one responds.
|
||||
* This function returns an error code or 0 and stored a newly
|
||||
* allocated contect object at CONTEXT on success. */
|
||||
* allocated context object at CONTEXT on success. */
|
||||
gpg_error_t
|
||||
start_cacert_fetch_ldap (ctrl_t ctrl, cert_fetch_context_t *r_context,
|
||||
const char *dn)
|
||||
@ -778,7 +778,7 @@ start_cert_fetch_ldap (ctrl_t ctrl, cert_fetch_context_t *r_context,
|
||||
if (argc >= DIM (argv) - 1)
|
||||
{
|
||||
/* Too many patterns. It does not make sense to allow an
|
||||
arbitrary number of patters because the length of the
|
||||
arbitrary number of patterns because the length of the
|
||||
command line is limited anyway. */
|
||||
err = gpg_error (GPG_ERR_RESOURCE_LIMIT);
|
||||
goto leave;
|
||||
|
@ -60,7 +60,7 @@ ldapserver_list_free (ldap_server_t servers)
|
||||
* Flags are:
|
||||
*
|
||||
* starttls := Use STARTTLS with a default port of 389
|
||||
* ldaptls := Tunnel LDAP trough a TLS tunnel with default port 636
|
||||
* ldaptls := Tunnel LDAP through a TLS tunnel with default port 636
|
||||
* plain := Switch to plain unsecured LDAP.
|
||||
* (The last of these 3 flags is the effective one)
|
||||
* ntds := Use Active Directory authentication
|
||||
|
@ -31,7 +31,7 @@
|
||||
#include "certcache.h"
|
||||
#include "ocsp.h"
|
||||
|
||||
/* The maximum size we allow as a response from an OCSP reponder. */
|
||||
/* The maximum size we allow as a response from an OCSP responder. */
|
||||
#define MAX_RESPONSE_SIZE 65536
|
||||
|
||||
|
||||
@ -526,7 +526,7 @@ check_signature_core (ctrl_t ctrl, ksba_cert_t cert, gcry_sexp_t s_sig,
|
||||
/* Check the signature of an OCSP response. OCSP is the context,
|
||||
S_SIG the signature value and MD the handle of the hash we used for
|
||||
the response. This function automagically finds the correct public
|
||||
key. If SIGNER_FPR_LIST is not NULL, the default OCSP reponder has been
|
||||
key. If SIGNER_FPR_LIST is not NULL, the default OCSP responder has been
|
||||
used and thus the certificate is one of those identified by
|
||||
the fingerprints. */
|
||||
static gpg_error_t
|
||||
@ -651,7 +651,7 @@ check_signature (ctrl_t ctrl,
|
||||
or directly through the CERT object is valid by running an OCSP
|
||||
transaction. With FORCE_DEFAULT_RESPONDER set only the configured
|
||||
default responder is used. If R_REVOKED_AT or R_REASON are not
|
||||
NULL and the certificat has been revoked the revocation time and
|
||||
NULL and the certificate has been revoked the revocation time and
|
||||
the reasons are stored there. */
|
||||
gpg_error_t
|
||||
ocsp_isvalid (ctrl_t ctrl, ksba_cert_t cert, const char *cert_fpr,
|
||||
@ -723,7 +723,7 @@ ocsp_isvalid (ctrl_t ctrl, ksba_cert_t cert, const char *cert_fpr,
|
||||
}
|
||||
|
||||
/* Figure out the OCSP responder to use.
|
||||
1. Try to get the reponder from the certificate.
|
||||
1. Try to get the responder from the certificate.
|
||||
We do only take http and https style URIs into account.
|
||||
2. If this fails use the default responder, if any.
|
||||
*/
|
||||
|
@ -932,7 +932,7 @@ proc_wkd_get (ctrl_t ctrl, assuan_context_t ctx, char *line)
|
||||
err = get_dns_srv (ctrl, domain, "openpgpkey", NULL, &srvs, &srvscount);
|
||||
if (err)
|
||||
{
|
||||
/* Ignore server failed becuase there are too many resolvers
|
||||
/* Ignore server failed because there are too many resolvers
|
||||
* which do not work as expected. */
|
||||
if (gpg_err_code (err) == GPG_ERR_SERVER_FAILED)
|
||||
err = 0; /*(srvcount is guaranteed to be 0)*/
|
||||
|
@ -291,7 +291,7 @@ main (int argc, char **argv)
|
||||
}
|
||||
if (argc)
|
||||
{
|
||||
fprintf (stderr, PGM ": no argumenst are expected\n");
|
||||
fprintf (stderr, PGM ": no arguments are expected\n");
|
||||
exit (1);
|
||||
}
|
||||
|
||||
|
@ -42,7 +42,7 @@ enum cert_usage_modes
|
||||
CERT_USAGE_MODE_VRFY, /* Usable for verification. */
|
||||
CERT_USAGE_MODE_DECR, /* Usable for decryption. */
|
||||
CERT_USAGE_MODE_CERT, /* Usable for cert signing. */
|
||||
CERT_USAGE_MODE_OCSP, /* Usable for OCSP respone signing. */
|
||||
CERT_USAGE_MODE_OCSP, /* Usable for OCSP response signing. */
|
||||
CERT_USAGE_MODE_CRL /* Usable for CRL signing. */
|
||||
};
|
||||
|
||||
@ -56,7 +56,7 @@ struct chain_item_s
|
||||
ksba_cert_t cert; /* The certificate. */
|
||||
unsigned char fpr[20]; /* Fingerprint of the certificate. */
|
||||
int is_self_signed; /* This certificate is self-signed. */
|
||||
int is_valid; /* The certifiate is valid except for revocations. */
|
||||
int is_valid; /* The certificate is valid except for revocations. */
|
||||
};
|
||||
typedef struct chain_item_s *chain_item_t;
|
||||
|
||||
@ -173,7 +173,7 @@ check_cert_policy (ksba_cert_t cert)
|
||||
if (err)
|
||||
return err;
|
||||
|
||||
/* STRING is a line delimited list of certifiate policies as stored
|
||||
/* STRING is a line delimited list of certificate policies as stored
|
||||
in the certificate. The line itself is colon delimited where the
|
||||
first field is the OID of the policy and the second field either
|
||||
N or C for normal or critical extension */
|
||||
|
14
doc/DETAILS
14
doc/DETAILS
@ -132,7 +132,7 @@ described here.
|
||||
*** Field 5 - KeyID
|
||||
|
||||
This is the 64 bit keyid as specified by OpenPGP and the last 64
|
||||
bit of the SHA-1 fingerprint of an X.509 certifciate.
|
||||
bit of the SHA-1 fingerprint of an X.509 certificate.
|
||||
|
||||
*** Field 6 - Creation date
|
||||
|
||||
@ -1101,7 +1101,7 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
|
||||
gpg-agent.
|
||||
- keyedit.passwd :: Changing the password failed.
|
||||
- nomdc_with_legacy_cipher :: The message was not MDC protected.
|
||||
Use the command line to lern about a workaround.
|
||||
Use the command line to learn about a workaround.
|
||||
- random-compliance :: The random number generator or the used
|
||||
version of Libgcrypt do not fulfill the requirements of the
|
||||
current compliance setting. The error code is often
|
||||
@ -1179,7 +1179,7 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
|
||||
<total>. For example "B", "KiB", or "MiB".
|
||||
|
||||
*** BACKUP_KEY_CREATED <fingerprint> <fname>
|
||||
A backup of a key identified by <fingerprint> has been writte to
|
||||
A backup of a key identified by <fingerprint> has been written to
|
||||
the file <fname>; <fname> is percent-escaped.
|
||||
|
||||
*** MOUNTPOINT <name>
|
||||
@ -1263,7 +1263,7 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
|
||||
|
||||
*** CERTINFO <certtype> <certref> [<label>]
|
||||
|
||||
This status is emitted for X.509 certifcates.
|
||||
This status is emitted for X.509 certificates.
|
||||
CERTTYPE is a number indicating the type of the certificate:
|
||||
0 := Unknown
|
||||
100 := Regular X.509 cert
|
||||
@ -1274,7 +1274,7 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
|
||||
|
||||
CERTREF identifies the certificate uniquely on the card and may be
|
||||
used to match it with a key's KEYREF. LABEL is an optional human
|
||||
readable decription of the certificate; it won't have any space in
|
||||
readable description of the certificate; it won't have any space in
|
||||
it and is percent encoded.
|
||||
|
||||
*** MANUFACTURER <n> [<string>]
|
||||
@ -1297,7 +1297,7 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
|
||||
*** KEY-ATTR-INFO <keyref> <string>
|
||||
This is the response from scdaemon on GETATTR KEY-ATTR-INFO for
|
||||
OpenPGP cards. <keyref> is the usual keyref (e.g. OPENPGP.1 or
|
||||
OPENPGP.129) and <string> is the algoritm or curve name, which
|
||||
OPENPGP.129) and <string> is the algorithm or curve name, which
|
||||
is available for the key.
|
||||
|
||||
*** KEY-TIME <n> <timestamp>
|
||||
@ -1310,7 +1310,7 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
|
||||
*** KEY-LABEL <keyref> <label>
|
||||
This returns the human readbable label for the keys given by
|
||||
KEYREF. LABEL won't have any space in it and is percent encoded.
|
||||
This info shall only be used for dispaly purposes.
|
||||
This info shall only be used for display purposes.
|
||||
|
||||
* Format of the --attribute-fd output
|
||||
|
||||
|
@ -152,7 +152,7 @@ Note that such a comment will be removed if the git commit option
|
||||
if ( 42 == foo )
|
||||
#+end_src
|
||||
this is harder to read and modern compilers are pretty good in
|
||||
detecing accidental assignments. It is also suggested not to
|
||||
detecting accidental assignments. It is also suggested not to
|
||||
compare to 0 or NULL but to test the value direct or with a '!';
|
||||
this makes it easier to see that a boolean test is done.
|
||||
- We use our own printf style functions like =es_printf=, and
|
||||
@ -244,7 +244,7 @@ subject line; the list is used for several different projects.
|
||||
|
||||
In general you should send patches only for the master branch; we may
|
||||
later decide to backport to another branch. Please ask first before
|
||||
sending pacthes for another branch.
|
||||
sending patches for another branch.
|
||||
|
||||
If you're working from the Git repo, here's a suggested workflow:
|
||||
|
||||
|
@ -1278,7 +1278,7 @@ as a binary blob.
|
||||
@c
|
||||
@c For historical reasons the Assuan command ISVALID is a bit different
|
||||
@c to CHECKCRL but this is mainly due to different calling conventions.
|
||||
@c In the end the same fucntionality is used, albeit hidden by a couple
|
||||
@c In the end the same functionality is used, albeit hidden by a couple
|
||||
@c of indirection and argument and result code mangling. It furthere
|
||||
@c ingetrages OCSP checking depending on options are the way it is
|
||||
@c called. GPGSM still uses this command but might eventually switch over
|
||||
|
@ -10,8 +10,8 @@
|
||||
# and gpgsm.
|
||||
#use-keyboxd
|
||||
|
||||
# For testing ist is somethimes useful to use a different binary
|
||||
# of keybox. This option can be used to speicify this.
|
||||
# For testing it is sometimes useful to use a different binary
|
||||
# of keybox. This option can be used to specify this.
|
||||
#keyboxd-program /foo/bar/keyboxd
|
||||
|
||||
# For the daemons (gpg-agent, scdaemon, dirmngr, keyboxd) it is often
|
||||
|
@ -2,7 +2,7 @@
|
||||
# one, as well as empty lines are ignored. Lines have a length limit
|
||||
# but this is not serious limitation as the format of the entries is
|
||||
# fixed and checked by gpg-agent. A non-comment line starts with
|
||||
# optional white space, followed by the SHA-1 fingerpint in hex,
|
||||
# optional white space, followed by the SHA-1 fingerprint in hex,
|
||||
# optionally followed by a flag character which my either be 'P', 'S'
|
||||
# or '*'. This file will be read by gpg-agent if no local trustlist
|
||||
# is available or if the statement "include-default" is used in the
|
||||
|
@ -19,7 +19,7 @@
|
||||
|
||||
@c Create a separate index for command line options.
|
||||
@defcodeindex op
|
||||
@c Create an index vor environment variables and files.
|
||||
@c Create an index for environment variables and files.
|
||||
@defcodeindex ef
|
||||
|
||||
@c Merge the function index into the concept index.
|
||||
|
@ -281,7 +281,7 @@ removes this data object. GnuPG does not use this info.
|
||||
Change the User Interaction Flag. That flags tells whether the
|
||||
confirmation button of a token shall be used. @var{n} must in the
|
||||
range 1 to 3. "permanent" is the same as "on" but the flag can't be
|
||||
changed anmore.
|
||||
changed anymore.
|
||||
|
||||
@item UNBLOCK
|
||||
@opindex unblock
|
||||
|
@ -1611,7 +1611,7 @@ maintained by the keyboxd process in its own database.
|
||||
|
||||
@item --primary-keyring @var{file}
|
||||
@opindex primary-keyring
|
||||
This is a varian of @option{--keyring} and designates @var{file} as
|
||||
This is a variant of @option{--keyring} and designates @var{file} as
|
||||
the primary public keyring. This means that newly imported keys (via
|
||||
@option{--import} or keyserver @option{--recv-from}) will go to this
|
||||
keyring.
|
||||
@ -1808,7 +1808,7 @@ this option at all (e.g. due to the @option{--no-options} option).
|
||||
@opindex add-desig-revoker
|
||||
Add the key specified by @var{fingerprint} as a designated revoker to
|
||||
newly created keys. If the fingerprint is prefixed with the keyword
|
||||
``sensitive:'' that info is normally not exported wit the key. This
|
||||
``sensitive:'' that info is normally not exported with the key. This
|
||||
option may be given several time to add more than one designated
|
||||
revoker. If the keyword ``clear'' is used instead of a fingerprint,
|
||||
all designated options previously encountered are discarded.
|
||||
@ -2794,7 +2794,7 @@ The available properties are:
|
||||
Key Directory.
|
||||
|
||||
@item url
|
||||
A string with the the URL associated wit the last key lookup.
|
||||
A string with the the URL associated with the last key lookup.
|
||||
|
||||
@end table
|
||||
|
||||
|
@ -117,7 +117,7 @@ disable CRL checking in gpgsm's configuration.
|
||||
|
||||
|
||||
.gpg.edit_ownertrust.value
|
||||
# The help identies prefixed with "gpg." used to be hard coded in gpg
|
||||
# The help entries prefixed with "gpg." used to be hard coded in gpg
|
||||
# but may now be overridden by help texts from this file.
|
||||
It's up to you to assign a value here; this value will never be exported
|
||||
to any 3rd party. We need it to implement the web-of-trust; it has nothing
|
||||
|
@ -291,7 +291,7 @@ olcAccess: {0} to dn.subtree="dc=example,dc=com"
|
||||
|
||||
As usual replace all "dc=example,dc=com" accordingly. Take care not
|
||||
to insert a blank line anywhere. The first line needs to give the DN
|
||||
of the database as determined above. Excute the rules from that file
|
||||
of the database as determined above. Execute the rules from that file
|
||||
using the command:
|
||||
|
||||
: ldapmodify -Q -Y EXTERNAL -H ldapi:/// -f grantaccess.ldif
|
||||
@ -384,7 +384,7 @@ This lists just the DNs. If you need the entire content of the DIT
|
||||
leave out the "dn" argument. The option "-LLL" selects useful
|
||||
formatting options for the output.
|
||||
|
||||
** Insert X.509 Certficate
|
||||
** Insert X.509 Certificate
|
||||
|
||||
If you don't have a handy tool to insert a certificate via LDAP you
|
||||
can do it manually. First put the certificate in binary (DER) format
|
||||
@ -505,7 +505,7 @@ to revert replace "ACL" by "none".
|
||||
** Extending the AD Schema
|
||||
The Active Directory on Windows is actually an LDAP server but
|
||||
configuration differs from OpenLDAP. The used schema is the same but
|
||||
the data objects are slighly different. To extend the schema the
|
||||
the data objects are slightly different. To extend the schema the
|
||||
LDIF format is used but with variants of the files used for OpenLDAP.
|
||||
Thus please download these two files:
|
||||
|
||||
@ -517,7 +517,7 @@ schema. There are *no ways to revert changes* made to a schema. You
|
||||
should also first try this all on a test system and not on a
|
||||
production system.
|
||||
|
||||
To extend the schema become Adminstrator on your Primary Domain
|
||||
To extend the schema become Administrator on your Primary Domain
|
||||
Controller and open a shell (Command Prompt). Copy the above
|
||||
mentioned ldif files to your working directory and run the following
|
||||
command:
|
||||
|
@ -1,6 +1,6 @@
|
||||
# gnupg-ldap-ad-scheme.ldif -*- conf -*-
|
||||
#
|
||||
# Schema for an OpenPGP LDAP keyserver. This is a slighly enhanced
|
||||
# Schema for an OpenPGP LDAP keyserver. This is a slightly enhanced
|
||||
# version of the original LDAP schema used for PGP keyservers as
|
||||
# installed at quite some sites.
|
||||
# Revision: 2021-09-01 v1
|
||||
@ -12,7 +12,7 @@
|
||||
# ldifde -i -v -f gnupg-ldap-ad-schema.ldif
|
||||
# -c "DC=EXAMPLEDC" "#configurationNamingContext"
|
||||
# (the above command is given as one line)
|
||||
# - The schema does not get its own distingished name as done with OpenLDAP.
|
||||
# - The schema does not get its own distinguished name as done with OpenLDAP.
|
||||
# - The first GUID we use is f406e7a5-a5ea-411e-9ddd-2e4e66899800
|
||||
# and incremented for each attribute.
|
||||
#
|
||||
|
@ -1,6 +1,6 @@
|
||||
# gnupg-ldap-scheme.ldif -*- conf -*-
|
||||
#
|
||||
# Schema for an OpenPGP LDAP keyserver. This is a slighly enhanced
|
||||
# Schema for an OpenPGP LDAP keyserver. This is a slightly enhanced
|
||||
# version of the original LDAP schema used for PGP keyservers as
|
||||
# installed at quite some sites.
|
||||
# Revision: 2020-10-07
|
||||
@ -58,7 +58,7 @@ olcAttributeTypes: {5}(
|
||||
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
|
||||
SINGLE-VALUE )
|
||||
# The short key id. This is actually not required and should thus not
|
||||
# be used by cleint software.
|
||||
# be used by client software.
|
||||
olcAttributeTypes: {6}(
|
||||
1.3.6.1.4.1.3401.8.2.14
|
||||
NAME 'pgpKeyID'
|
||||
|
@ -1826,7 +1826,7 @@ Do the check using the OCSP protocol and ignore any CRLs.
|
||||
@item --force-default-responder
|
||||
@opindex force-default-responder
|
||||
When checking using the OCSP protocol, force the use of the default OCSP
|
||||
responder. That is not to use the Reponder as given by the certificate.
|
||||
responder. That is not to use the Responder as given by the certificate.
|
||||
|
||||
@item --ping
|
||||
@opindex ping
|
||||
|
@ -1319,7 +1319,7 @@ armor_filter( void *opaque, int control,
|
||||
*ret_len = n;
|
||||
}
|
||||
else if( control == IOBUFCTRL_UNDERFLOW ) {
|
||||
/* We need some space for the faked packet. The minmum
|
||||
/* We need some space for the faked packet. The minimum
|
||||
* required size is the PARTIAL_CHUNK size plus a byte for the
|
||||
* length itself */
|
||||
if( size < PARTIAL_CHUNK+1 )
|
||||
@ -1495,7 +1495,7 @@ armor_filter( void *opaque, int control,
|
||||
else if( control == IOBUFCTRL_FREE ) {
|
||||
if( afx->cancel )
|
||||
;
|
||||
else if( afx->status ) { /* pad, write cecksum, and bottom line */
|
||||
else if( afx->status ) { /* pad, write checksum, and bottom line */
|
||||
gcry_md_final (afx->crc_md);
|
||||
crc = get_afx_crc (afx);
|
||||
idx = afx->idx;
|
||||
|
@ -791,7 +791,7 @@ learn_status_cb (void *opaque, const char *line)
|
||||
* Used by:
|
||||
* card-util.c
|
||||
* keyedit_menu
|
||||
* card_store_key_with_backup (Woth force to remove secret key data)
|
||||
* card_store_key_with_backup (With force to remove secret key data)
|
||||
*/
|
||||
int
|
||||
agent_scd_learn (struct agent_card_info_s *info, int force)
|
||||
@ -2316,7 +2316,7 @@ agent_probe_secret_key (ctrl_t ctrl, PKT_public_key *pk)
|
||||
else if (!result && result2)
|
||||
return 0; /* Only first key available - return no key. */
|
||||
else if (result && !result2)
|
||||
return 0; /* Only second key not availabale - return no key. */
|
||||
return 0; /* Only second key not available - return no key. */
|
||||
else if (result == 4 || result == 2)
|
||||
return result; /* First key on card - don't care where the second is. */
|
||||
else
|
||||
@ -2345,7 +2345,7 @@ agent_probe_any_secret_key (ctrl_t ctrl, kbnode_t keyblock)
|
||||
return err;
|
||||
|
||||
/* If we have not yet issued a "HAVEKEY --list" do that now. We use
|
||||
* a more or less arbitray limit of 1000 keys. */
|
||||
* a more or less arbitrary limit of 1000 keys. */
|
||||
if (ctrl && !ctrl->secret_keygrips && !ctrl->no_more_secret_keygrips)
|
||||
{
|
||||
membuf_t data;
|
||||
|
@ -390,7 +390,7 @@ ks_status_cb (void *opaque, const char *line)
|
||||
{
|
||||
/* This is an LDAP config entry like
|
||||
* "foo:389:user:pass:base:flags"
|
||||
* we strip off everything beyound the port. */
|
||||
* we strip off everything beyond the port. */
|
||||
if ((p = strchr (p+1, ':')))
|
||||
{
|
||||
if (p[-1] == ':')
|
||||
|
@ -47,7 +47,7 @@
|
||||
|
||||
|
||||
/* Data used to keep track of keybox daemon sessions. This allows us
|
||||
* to use several sessions with the keyboxd and also to re-use already
|
||||
* to use several sessions with the keyboxd and also to reuse already
|
||||
* established sessions. Note that gpg.h defines the type
|
||||
* keyboxd_local_t for this structure. */
|
||||
struct keyboxd_local_s
|
||||
@ -631,7 +631,7 @@ keydb_search_reset (KEYDB_HANDLE hd)
|
||||
|
||||
|
||||
|
||||
/* Status callback for SEARCH and NEXT operaions. */
|
||||
/* Status callback for SEARCH and NEXT operations. */
|
||||
static gpg_error_t
|
||||
search_status_cb (void *opaque, const char *line)
|
||||
{
|
||||
|
@ -1778,7 +1778,7 @@ card_generate_subkey (ctrl_t ctrl, kbnode_t pub_keyblock)
|
||||
/* Store the key at NODE into the smartcard and modify NODE to carry
|
||||
the serialno stuff instead of the actual secret key parameters.
|
||||
USE is the usage for that key; 0 means any usage. If
|
||||
PROCESSED_KEYS is not NULL it is a poiter to an strlist which will
|
||||
PROCESSED_KEYS is not NULL it is a pointer to an strlist which will
|
||||
be filled with the keygrips of successfully stored keys. */
|
||||
int
|
||||
card_store_subkey (KBNODE node, int use, strlist_t *processed_keys)
|
||||
|
@ -68,7 +68,7 @@ encrypt_store (const char *filename)
|
||||
}
|
||||
|
||||
|
||||
/* Create and setup a DEK structure and print approriate warnings.
|
||||
/* Create and setup a DEK structure and print appropriate warnings.
|
||||
* PK_LIST gives the list of public keys. Always returns a DEK. The
|
||||
* actual session needs to be added later. */
|
||||
static DEK *
|
||||
@ -94,7 +94,7 @@ create_dek_with_warnings (pk_list_t pk_list)
|
||||
|
||||
/* In case 3DES has been selected, print a warning if any key
|
||||
* does not have a preference for AES. This should help to
|
||||
* indentify why encrypting to several recipients falls back to
|
||||
* identify why encrypting to several recipients falls back to
|
||||
* 3DES. */
|
||||
if (opt.verbose && dek->algo == CIPHER_ALGO_3DES)
|
||||
warn_missing_aes_from_pklist (pk_list);
|
||||
@ -1128,7 +1128,7 @@ write_pubkey_enc (ctrl_t ctrl,
|
||||
* the structure DEK and want to encode this session key in an
|
||||
* integer value of n bits. pubkey_nbits gives us the number of
|
||||
* bits we have to use. We then encode the session key in some
|
||||
* way and we get it back in the big intger value FRAME. Then
|
||||
* way and we get it back in the big integer value FRAME. Then
|
||||
* we use FRAME, the public key PK->PKEY and the algorithm
|
||||
* number PK->PUBKEY_ALGO and pass it to pubkey_encrypt which
|
||||
* returns the encrypted value in the array ENC->DATA. This
|
||||
|
@ -2134,7 +2134,7 @@ do_export_revocs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid,
|
||||
continue;
|
||||
sig = node->pkt->pkt.signature;
|
||||
|
||||
/* We are only interested in revocation certifcates. */
|
||||
/* We are only interested in revocation certificates. */
|
||||
if (!(IS_KEY_REV (sig) || IS_UID_REV (sig) || IS_SUBKEY_REV (sig)))
|
||||
continue;
|
||||
|
||||
|
@ -446,7 +446,7 @@ leave:
|
||||
|
||||
|
||||
/* Same as get_pubkey but if the key was not found the function tries
|
||||
* to import it from LDAP. FIXME: We should not need this but swicth
|
||||
* to import it from LDAP. FIXME: We should not need this but switch
|
||||
* to a fingerprint lookup. */
|
||||
gpg_error_t
|
||||
get_pubkey_with_ldap_fallback (ctrl_t ctrl, PKT_public_key *pk, u32 *keyid)
|
||||
@ -992,7 +992,7 @@ get_pubkey_byname (ctrl_t ctrl, enum get_pubkey_modes mode,
|
||||
/* If we are called due to --locate-external-key Check whether NAME
|
||||
* is a fingerprint and then try to lookup that key by configured
|
||||
* method which support lookup by fingerprint. FPRBUF carries the
|
||||
* parsed fingerpint iff IS_FPR is true. */
|
||||
* parsed fingerprint iff IS_FPR is true. */
|
||||
is_fpr = 0;
|
||||
if (!is_mbox && mode == GET_PUBKEY_NO_LOCAL)
|
||||
{
|
||||
@ -2525,7 +2525,7 @@ parse_key_usage (PKT_signature * sig)
|
||||
|
||||
/* Apply information from SIGNODE (which is the valid self-signature
|
||||
* associated with that UID) to the UIDNODE:
|
||||
* - wether the UID has been revoked
|
||||
* - whether the UID has been revoked
|
||||
* - assumed creation date of the UID
|
||||
* - temporary store the keyflags here
|
||||
* - temporary store the key expiration time here
|
||||
|
@ -2003,7 +2003,7 @@ gpgconf_list (void)
|
||||
* compliance mode. This does not test all parameters but the basic
|
||||
* conditions like a proper RNG and Libgcrypt. AS of now we always
|
||||
* return 0 because this version of gnupg has not yet received an
|
||||
* appoval. */
|
||||
* approval. */
|
||||
es_printf ("compliance_de_vs:%lu:%d:\n", GC_OPT_FLAG_DEFAULT,
|
||||
0 /*gnupg_rng_is_compliant (CO_DE_VS)*/);
|
||||
|
||||
@ -2609,7 +2609,7 @@ main (int argc, char **argv)
|
||||
pargs.argc = &argc;
|
||||
pargs.argv = &argv;
|
||||
/* We are re-using the struct, thus the reset flag. We OR the
|
||||
* flags so that the internal intialized flag won't be cleared. */
|
||||
* flags so that the internal initialized flag won't be cleared. */
|
||||
pargs.flags |= (ARGPARSE_FLAG_RESET
|
||||
| ARGPARSE_FLAG_KEEP
|
||||
| ARGPARSE_FLAG_SYS
|
||||
@ -2619,7 +2619,7 @@ main (int argc, char **argv)
|
||||
/* By this point we have a homedir, and cannot change it. */
|
||||
check_permissions (gnupg_homedir (), 0);
|
||||
|
||||
/* The configuraton directories for use by gpgrt_argparser. */
|
||||
/* The configuration directories for use by gpgrt_argparser. */
|
||||
gpgrt_set_confdir (GPGRT_CONFDIR_SYS, gnupg_sysconfdir ());
|
||||
gpgrt_set_confdir (GPGRT_CONFDIR_USER, gnupg_homedir ());
|
||||
|
||||
|
@ -231,7 +231,7 @@ parse_import_options(char *str,unsigned int *options,int noisy)
|
||||
int rc;
|
||||
int saved_self_sigs_only, saved_import_clean;
|
||||
|
||||
/* We need to set flags indicating wether the user has set certain
|
||||
/* We need to set flags indicating whether the user has set certain
|
||||
* options or if they came from the default. */
|
||||
saved_self_sigs_only = (*options & IMPORT_SELF_SIGS_ONLY);
|
||||
saved_self_sigs_only &= ~IMPORT_SELF_SIGS_ONLY;
|
||||
|
@ -612,7 +612,7 @@ clean_all_subkeys (ctrl_t ctrl, kbnode_t keyblock, int noisy, int clean_level,
|
||||
/* Do the selected cleaning. */
|
||||
if (clean_level > KEY_CLEAN_NONE)
|
||||
{
|
||||
/* Clean enitre subkeys. */
|
||||
/* Clean entire subkeys. */
|
||||
for (node = first_subkey; node; node = node->next)
|
||||
{
|
||||
if (is_deleted_kbnode (node))
|
||||
|
@ -1445,7 +1445,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
|
||||
inhibits that and flushing the cache right before the stale
|
||||
check is not easy to implement. Thus we take the easy way out
|
||||
and run the stale check as early as possible. Note, that for
|
||||
non- W32 platforms it is run indirectly trough a call to
|
||||
non- W32 platforms it is run indirectly through a call to
|
||||
get_validity (). */
|
||||
check_trustdb_stale (ctrl);
|
||||
#endif
|
||||
@ -2894,7 +2894,7 @@ find_by_primary_fpr (ctrl_t ctrl, const char *fpr,
|
||||
}
|
||||
|
||||
|
||||
/* Unattended key signing function. If the key specifified by FPR is
|
||||
/* Unattended key signing function. If the key specified by FPR is
|
||||
available and FPR is the primary fingerprint all user ids of the
|
||||
key are signed using the default signing key. If UIDS is an empty
|
||||
list all usable UIDs are signed, if it is not empty, only those
|
||||
@ -3153,7 +3153,7 @@ keyedit_quick_revsig (ctrl_t ctrl, const char *username, const char *sigtorev,
|
||||
unsigned int sigcount = 0;
|
||||
kbnode_t *sigarray;
|
||||
|
||||
/* Allocate an array large enogh for all signatures. */
|
||||
/* Allocate an array large enough for all signatures. */
|
||||
for (n=node; n && n->pkt->pkttype == PKT_SIGNATURE; n = n->next)
|
||||
sigcount++;
|
||||
sigarray = xtrycalloc (sigcount, sizeof *sigarray);
|
||||
|
@ -4470,7 +4470,7 @@ parse_parameter_usage (const char *fname,
|
||||
|
||||
/* Parse the revocation key specified by NAME, check that the public
|
||||
* key exists (so that we can get the required public key algorithm),
|
||||
* and return a parameter wit the revocation key information. On
|
||||
* and return a parameter with the revocation key information. On
|
||||
* error print a diagnostic and return NULL. */
|
||||
static struct para_data_s *
|
||||
prepare_desig_revoker (ctrl_t ctrl, const char *name)
|
||||
@ -4790,7 +4790,7 @@ proc_parameter_file (ctrl_t ctrl, struct para_data_s *para, const char *fname,
|
||||
if (parse_revocation_key (fname, para, pREVOKER))
|
||||
return -1;
|
||||
|
||||
/* Check and appened revokers from the config file. */
|
||||
/* Check and append revokers from the config file. */
|
||||
for (sl = opt.desig_revokers; sl; sl = sl->next)
|
||||
{
|
||||
r = prepare_desig_revoker (ctrl, sl->d);
|
||||
|
@ -336,7 +336,7 @@ do_hash_public_key (gcry_md_hd_t md, PKT_public_key *pk, int use_v5)
|
||||
{
|
||||
/* Ugly: We need to re-construct the wire format of the
|
||||
* key parameter. It would be easier to use a second
|
||||
* index for pp and nn which we could bump independet of
|
||||
* index for pp and nn which we could bump independent of
|
||||
* i. */
|
||||
const char *p;
|
||||
|
||||
@ -870,7 +870,7 @@ nbits_from_pk (PKT_public_key *pk)
|
||||
case 800: nbits = 512; break;
|
||||
case 1184: nbits = 768; break;
|
||||
case 1568: nbits = 1024; break;
|
||||
default: nbits = 0; break; /* Unkown version. */
|
||||
default: nbits = 0; break; /* Unknown version. */
|
||||
}
|
||||
return nbits;
|
||||
}
|
||||
@ -1093,7 +1093,7 @@ fingerprint_from_pk (PKT_public_key *pk, byte *array, size_t *ret_len)
|
||||
* Return a byte array with the fingerprint for the given PK/SK The
|
||||
* length of the array is returned in ret_len. Caller must free the
|
||||
* array or provide an array of length MAX_FINGERPRINT_LEN. This
|
||||
* version creates a v5 fingerprint even vor v4 keys.
|
||||
* version creates a v5 fingerprint even for v4 keys.
|
||||
*/
|
||||
byte *
|
||||
v5_fingerprint_from_pk (PKT_public_key *pk, byte *array, size_t *ret_len)
|
||||
|
@ -383,7 +383,7 @@ EXTERN_UNLESS_MAIN_MODULE int memory_stat_debug_mode;
|
||||
#define COMPAT_T7014_OLD 2 /* Use initial T7014 test data. */
|
||||
|
||||
|
||||
/* Compliance test macors. */
|
||||
/* Compliance test macros. */
|
||||
#define GNUPG (opt.compliance==CO_GNUPG || opt.compliance==CO_DE_VS)
|
||||
#define RFC2440 (opt.compliance==CO_RFC2440)
|
||||
#define RFC4880 (opt.compliance==CO_RFC4880)
|
||||
|
@ -251,7 +251,7 @@ typedef struct
|
||||
const byte *trust_regexp;
|
||||
struct revocation_key *revkey;
|
||||
int numrevkeys;
|
||||
int help_counter; /* Used internally bu some functions. */
|
||||
int help_counter; /* Used internally by some functions. */
|
||||
char *signers_uid; /* Malloced value of the SIGNERS_UID
|
||||
* subpacket or NULL. This string has
|
||||
* already been sanitized. */
|
||||
|
@ -618,7 +618,7 @@ check_signatures_trust (ctrl_t ctrl, kbnode_t keyblock, PKT_public_key *pk,
|
||||
targetuid = NULL;
|
||||
if (uidbased)
|
||||
{
|
||||
u32 tmpcreated = 0; /* Helper to find the lates user ID. */
|
||||
u32 tmpcreated = 0; /* Helper to find the latest user ID. */
|
||||
PKT_user_id *tmpuid;
|
||||
|
||||
for (n=keyblock; n; n = n->next)
|
||||
|
@ -486,7 +486,7 @@ do_encrypt_kem (PKT_public_key *pk, gcry_mpi_t data, int seskey_algo,
|
||||
{
|
||||
if (!strcmp (ecc_oid, "1.3.6.1.4.1.3029.1.5.1"))
|
||||
log_info ("Warning: "
|
||||
"legacy OID for cv25519 accepted during develpment\n");
|
||||
"legacy OID for cv25519 accepted during development\n");
|
||||
ecc_pubkey = gcry_mpi_get_opaque (pk->pkey[1], &nbits);
|
||||
ecc_pubkey_len = (nbits+7)/8;
|
||||
if (ecc_pubkey_len == 33 && *ecc_pubkey == 0x40)
|
||||
|
@ -992,7 +992,7 @@ check_signature_over_key_or_uid (ctrl_t ctrl, PKT_public_key *signer,
|
||||
if (ret_pk)
|
||||
{
|
||||
signer = ret_pk;
|
||||
/* FIXME: Using memset here is probematic because it
|
||||
/* FIXME: Using memset here is problematic because it
|
||||
* assumes that there are no allocated fields in
|
||||
* SIGNER. */
|
||||
memset (signer, 0, sizeof (*signer));
|
||||
|
@ -684,7 +684,7 @@ hash_for (PKT_public_key *pk)
|
||||
like a new DSA key that just happens to have a 160-bit q
|
||||
(i.e. allow truncation). If q is not 160, by definition it
|
||||
must be a new DSA key. We ignore the personal_digest_prefs
|
||||
for ECDSA because they should always macth the curve and
|
||||
for ECDSA because they should always match the curve and
|
||||
truncated hashes are not useful either. Even worse,
|
||||
smartcards may reject non matching hash lengths for curves
|
||||
(e.g. using SHA-512 with brainpooolP385r1 on a Yubikey). */
|
||||
@ -1322,7 +1322,7 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr,
|
||||
|
||||
if (opt.verbose)
|
||||
log_info (_("signing:") );
|
||||
/* Must walk reverse trough this list. */
|
||||
/* Must walk reverse through this list. */
|
||||
for (sl = strlist_last(filenames);
|
||||
sl;
|
||||
sl = strlist_prev( filenames, sl))
|
||||
|
@ -3655,7 +3655,7 @@ tofu_wot_trust_combine (int tofu_base, int wot_base)
|
||||
|| wot == TRUST_FULLY
|
||||
|| wot == TRUST_ULTIMATE);
|
||||
|
||||
/* We first consider negative trust policys. These trump positive
|
||||
/* We first consider negative trust policies. These trump positive
|
||||
trust policies. */
|
||||
if (tofu == TRUST_NEVER || wot == TRUST_NEVER)
|
||||
/* TRUST_NEVER trumps everything else. */
|
||||
|
@ -1505,7 +1505,7 @@ list_trust_path( const char *username )
|
||||
/****************
|
||||
* Enumerate all keys, which are needed to build all trust paths for
|
||||
* the given key. This function does not return the key itself or
|
||||
* the ultimate key (the last point in cerificate chain). Only
|
||||
* the ultimate key (the last point in certificate chain). Only
|
||||
* certificate chains which ends up at an ultimately trusted key
|
||||
* are listed. If ownertrust or validity is not NULL, the corresponding
|
||||
* value for the returned LID is also returned in these variable(s).
|
||||
|
@ -314,7 +314,7 @@ main (int argc, char **argv)
|
||||
ctrl.no_server = 1;
|
||||
ctrl.status_fd = -1; /* No status output. */
|
||||
|
||||
/* The configuraton directories for use by gpgrt_argparser. */
|
||||
/* The configuration directories for use by gpgrt_argparser. */
|
||||
gpgrt_set_confdir (GPGRT_CONFDIR_SYS, gnupg_sysconfdir ());
|
||||
gpgrt_set_confdir (GPGRT_CONFDIR_USER, gnupg_homedir ());
|
||||
|
||||
|
@ -443,12 +443,12 @@ main (int argc, char **argv)
|
||||
ctrl.no_server = 1;
|
||||
ctrl.status_fd = -1; /* No status output. */
|
||||
|
||||
/* The configuraton directories for use by gpgrt_argparser. */
|
||||
/* The configuration directories for use by gpgrt_argparser. */
|
||||
gpgrt_set_confdir (GPGRT_CONFDIR_SYS, gnupg_sysconfdir ());
|
||||
gpgrt_set_confdir (GPGRT_CONFDIR_USER, gnupg_homedir ());
|
||||
|
||||
/* We are re-using the struct, thus the reset flag. We OR the
|
||||
* flags so that the internal intialized flag won't be cleared. */
|
||||
* flags so that the internal initialized flag won't be cleared. */
|
||||
argc = orig_argc;
|
||||
argv = orig_argv;
|
||||
pargs.argc = &argc;
|
||||
|
@ -66,7 +66,7 @@
|
||||
#define HEADER_SECTORS (SETUP_AREA_SECTORS * HEADER_SETUP_AREA_COPIES)
|
||||
#define FOOTER_SECTORS (SETUP_AREA_SECTORS * FOOTER_SETUP_AREA_COPIES)
|
||||
|
||||
/* Minimim size of the encrypted space in blocks. This is more or
|
||||
/* Minimum size of the encrypted space in blocks. This is more or
|
||||
less an arbitrary value. */
|
||||
#define MIN_ENCRYPTED_SPACE 32
|
||||
|
||||
|
@ -884,7 +884,7 @@ run_select_statement (ctrl_t ctrl, be_sqlite_local_t ctx,
|
||||
goto leave;
|
||||
}
|
||||
|
||||
/* Check whether we can re-use the current select statement. */
|
||||
/* Check whether we can reuse the current select statement. */
|
||||
if (!ctx->select_stmt)
|
||||
;
|
||||
else if (ctx->select_mode != desc[descidx].mode)
|
||||
|
@ -207,7 +207,7 @@ be_is_x509_blob (const unsigned char *blob, size_t bloblen)
|
||||
* SEQUENCE SEQUENCE [0] INTEGER INTEGER
|
||||
* (tbs) (version) (s/n)
|
||||
*
|
||||
* Note that v0 certificates don't have an explict version number.
|
||||
* Note that v0 certificates don't have an explicit version number.
|
||||
*/
|
||||
|
||||
p = blob;
|
||||
@ -229,7 +229,7 @@ be_is_x509_blob (const unsigned char *blob, size_t bloblen)
|
||||
if (!(class == CLASS_CONTEXT && tag == 0 && cons))
|
||||
{
|
||||
if (class == CLASS_UNIVERSAL && tag == TAG_INTEGER && !cons)
|
||||
return 1; /* Might be a X.509 v0 cert with implict version. */
|
||||
return 1; /* Might be a X.509 v0 cert with implicit version. */
|
||||
return 0; /* No context tag. */
|
||||
}
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* frontend.c - Database fronend code for keyboxd
|
||||
/* frontend.c - Database frontend code for keyboxd
|
||||
* Copyright (C) 2019 g10 Code GmbH
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
|
@ -93,7 +93,7 @@ struct server_local_s
|
||||
* multi_search_desc_len. If a search description has ever been
|
||||
* allocated the allocated size is stored at multi_search_desc_size.
|
||||
* multi_search_store is allocated at the same size as
|
||||
* multi_search_desc and used to provde backing store for the SN and
|
||||
* multi_search_desc and used to provide backing store for the SN and
|
||||
* NAME elements of KEYBOX_SEARCH_DESC. */
|
||||
KEYBOX_SEARCH_DESC search_desc;
|
||||
KEYBOX_SEARCH_DESC *multi_search_desc;
|
||||
|
@ -103,7 +103,7 @@ keybox_is_writable (void *token)
|
||||
}
|
||||
|
||||
|
||||
/* Change the default buffering to KBYTES KiB; using 0 uses the syste
|
||||
/* Change the default buffering to KBYTES KiB; using 0 uses the system
|
||||
* buffers. This function must be called early. */
|
||||
void
|
||||
keybox_set_buffersize (unsigned int kbytes, int reserved)
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* keybox-search-desc.h - Keybox serch description
|
||||
/* keybox-search-desc.h - Keybox search description
|
||||
* Copyright (C) 2001 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
|
@ -529,7 +529,7 @@ main (int argc, char **argv )
|
||||
/* Reset the flags. */
|
||||
pargs.flags &= ~(ARGPARSE_FLAG_KEEP | ARGPARSE_FLAG_NOVERSION);
|
||||
|
||||
/* The configuraton directories for use by gpgrt_argparser. */
|
||||
/* The configuration directories for use by gpgrt_argparser. */
|
||||
gpgrt_set_confdir (GPGRT_CONFDIR_SYS, gnupg_sysconfdir ());
|
||||
gpgrt_set_confdir (GPGRT_CONFDIR_USER, gnupg_homedir ());
|
||||
|
||||
|
@ -145,7 +145,7 @@ dnl [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND ]]])
|
||||
dnl
|
||||
dnl Test for libgpg-error and define GPG_ERROR_CFLAGS, GPG_ERROR_LIBS,
|
||||
dnl GPG_ERROR_MT_CFLAGS, and GPG_ERROR_MT_LIBS. The _MT_ variants are
|
||||
dnl used for programs requireing real multi thread support.
|
||||
dnl used for programs requiring real multi thread support.
|
||||
dnl
|
||||
dnl If a prefix option is not used, the config script is first
|
||||
dnl searched in $SYSROOT/bin and then along $PATH. If the used
|
||||
|
@ -100,9 +100,9 @@ AC_DEFUN([_AM_PATH_GPGRT_CONFIG],[dnl
|
||||
dnl AM_PATH_KSBA([MINIMUM-VERSION,
|
||||
dnl [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND ]]])
|
||||
dnl Test for libksba and define KSBA_CFLAGS and KSBA_LIBS
|
||||
dnl MINIMUN-VERSION is a string with the version number optionalliy prefixed
|
||||
dnl MINIMUM-VERSION is a string with the version number optionally prefixed
|
||||
dnl with the API version to also check the API compatibility. Example:
|
||||
dnl a MINIMUN-VERSION of 1:1.0.7 won't pass the test unless the installed
|
||||
dnl a MINIMUM-VERSION of 1:1.0.7 won't pass the test unless the installed
|
||||
dnl version of libksba is at least 1.0.7 *and* the API number is 1. Using
|
||||
dnl this features allows to prevent build against newer versions of libksba
|
||||
dnl with a changed API.
|
||||
|
@ -16,9 +16,9 @@ dnl AM_PATH_NTBTLS([MINIMUM-VERSION,
|
||||
dnl [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND ]]])
|
||||
dnl
|
||||
dnl Test for NTBTLS and define NTBTLS_CFLAGS and NTBTLS_LIBS.
|
||||
dnl MINIMUN-VERSION is a string with the version number optionalliy prefixed
|
||||
dnl MINIMUM-VERSION is a string with the version number optionally prefixed
|
||||
dnl with the API version to also check the API compatibility. Example:
|
||||
dnl a MINIMUN-VERSION of 1:1.2.5 won't pass the test unless the installed
|
||||
dnl a MINIMUM-VERSION of 1:1.2.5 won't pass the test unless the installed
|
||||
dnl version of libgcrypt is at least 1.2.5 *and* the API number is 1. Using
|
||||
dnl this features allows to prevent build against newer versions of libgcrypt
|
||||
dnl with a changed API.
|
||||
|
@ -1278,7 +1278,7 @@ static int prefix_cmp(const int *prog, int proglen, const char *string, int noca
|
||||
}
|
||||
|
||||
/**
|
||||
* Searchs for 'c' in the range 'range'.
|
||||
* Searches for 'c' in the range 'range'.
|
||||
*
|
||||
* Returns 1 if found, or 0 if not.
|
||||
*/
|
||||
|
@ -2310,7 +2310,7 @@ apdu_open_reader (struct dev_list *dl)
|
||||
/* Open an remote reader and return an internal slot number or -1 on
|
||||
error. This function is an alternative to apdu_open_reader and used
|
||||
with remote readers only. Note that the supplied CLOSEFNC will
|
||||
only be called once and the slot will not be valid afther this.
|
||||
only be called once and the slot will not be valid after this.
|
||||
|
||||
If PORTSTR is NULL we default to the first available port.
|
||||
*/
|
||||
|
@ -528,7 +528,7 @@ find_fid_by_keyref (app_t app, const char *keyref, int *r_idx, int *r_algo)
|
||||
break;
|
||||
if (!filelist[idx].fid)
|
||||
{
|
||||
log_debug ("nks: Ooops: Unkown FID cached!\n");
|
||||
log_debug ("nks: Ooops: Unknown FID cached!\n");
|
||||
err = gpg_error (GPG_ERR_BUG);
|
||||
goto leave;
|
||||
}
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
x
Reference in New Issue
Block a user