Expiration time works (I hope so)

INSTALL

@@ -34,7 +34,8 @@ Problems
 ========
 
 If you get unresolved externals "gettext" you should run configure again
-with the option "--with-included-gettext".
+with the option "--with-included-gettext"; this is version 0.10.35 which
+is available at alpha.gnu.org.
 
 If you have other compile problems, try the configure options
 "--with-included-zlib" or "--disable-nls" (See ABOUT-NLS)

NEWS

@@ -1,6 +1,10 @@
 This is NOT a released version!
 -------------------------------
 
+    * Fixed the way the key expiration time is stored. If you have
+      an expiration time on your key you should fix it with --edit-key
+      and the command "expire".  I apologize for this inconvenience.
+
     * Add option --charset to support "koi8-r" encoding of user ids.
       (Not yet tested).
 
@@ -14,6 +18,16 @@ This is NOT a released version!
 
     * Spanish translation by Urko Lusa.
 
+    * Patch files are from now on signed.  See the man page
+      for the new option --not-dash-escaped.
+
+    * New syntax: --edit-key <userID> [<commands>]
+      If you run it without --batch the commands are executed and then
+      you are put into normal mode unless you use "quit" or "save" as
+      one of the commands.  When in batch mode, the program quits after
+      the last command, so you have to use "save" if you did some changes.
+      It does not yet work completey, but may be used to list so the
+      keys etc.
 
 
 Noteworthy changes in version 0.4.3

PROJECTS

@@ -1,22 +1,27 @@
 
-  * Urko Lusa <ulusa@lacueva.ddns.org> is working on es.po
-
-
   * Check if an object (a message, detached sign, public key, or whatever)
     is signed by definite user, i.e. define user
     (userid, or any other unique identification) on command line.
 
+    * Change the internal represention of keyid into a struct which
+      can also hold the localid and extend the localid to hold information
+      of the subkey number because two subkeys may have the same keyid.
+
+    * signature verification is done duplicated on import: in import.c and
+      tehn in trustdb.c too.  Maybe we can use a flag to skip the actual
+      verification process (this should work if we use the same keyblock,
+      but I'm not sure how to accomplish that).  Another way is to allow
+      the import of bogus data and let trustdb mark these keys as invalid;
+      I see an advantage in this that it may help to prevent a DoS on a
+      keyserver by sending him a lot of bogus signatures which he has
+      to check - Needs further investigation.
 
   * abstraction of the MPI
 
   * Add a way to override the current cipher/md implementations
     by others (using extensions)
 
-  * add a fast-import command which does not do the signature checks
+  * Not GnuPG replated:  What about option completion in bash?
-    of other keys (processing of the sdir hintlist).  The signatures
-    may then be verified by a maintainence pass.
-
-  * Not GnupG replated:  What about option completion in bash?
     Can "--dump-options" be used for this or should we place the
     options in a special ELF segment?
 

TODO

@@ -6,7 +6,7 @@
 
     * I noticed, that we sometimes have only 3 items in a trustrecord, but
       a next pointer ro more records - check wehther the reuse code really
-      works. Maybe this is the reason for the "Hmmm puiblic key lost"
+      works. Maybe this is the reason for the "Hmmm public key lost"
 
     * Update the keyring at ftp.guug.de
 
@@ -14,9 +14,6 @@
 
     * check support for mpi/powerpc
 
-    * add a note, that gettext 10.35 is needed (for gettext) - and install
-      it on tobold.
-
     * use zlib 1.1.13 to avoid a bug with 13 bit windows
       but there are more problems with large files
 
@@ -24,12 +21,17 @@
 	#define USE_DYNAMIC_LINKING
 	#define HAVE_DL_DLOPEN
 	and the ld option -export-dynamic.
+      Why does autoconf not figure that out?
 
     * clearsig: keep lineendings as they are. Remember that trailings
       blanks are not hashed.
 
     * Check revocation and expire stuff.
 
+    * Always use the latest key signature (import).  This is needed, so
+      that we are able to chnage the expiration time or other info in the
+      selfsignature
+
     * OpenBSD: dynamic loading with dlopen works on OpenBSD, but:
 	OpenBSD binaries are a.out, so every symbol begins with "_"
 
@@ -58,8 +60,6 @@
     * add some sanity checks to read_keyblock, so that we are sure that
      the minimal requirements are met (?)
 
-    * decryption of message with multiple recipients does not work.
-
     * preferences of hash algorithms are not yet used.
 
     * rewrite --list-packets or put it into another tool.
@@ -67,31 +67,19 @@
     * Burn the buffers used by fopen(), or use read(2). Does this
       really make sense?
 
-    * Change the buffering to a mbuf like scheme? Need it for PSST anyway.
+    * Change the buffering to a mbuf like scheme? Need it for PSST anyway;
+      see Michael's proposal.
     * add checking of armor trailers
-    * remove all "Fixmes"
+    * remove all "Fixmes" ;-)
-
-    * Change the internal represention of keyid into a struct which
-      can also hold the localid and extend the localid to hold information
-      of the subkey number because two subkeys may have the same keyid.
 
     * add an option to re-create a public key from a secret key; we
       can do this in trustdb.c:verify_own_keys.
 
-    * signature verification is done duplicated on import: in import.c and
-      tehn in trustdb.c too.  Maybe we can use a flag to skip the actual
-      verification process (this should work if we use the same keyblock,
-      but I'm not sure how to accomplish that).  Another way is to allow
-      the import of bogus data and let trustdb mark these keys as invalid;
-      I see an advantage in this that it may help to prevent a DoS on a
-      keyserver by sending him a lot of bogus signatures which he has
-      to check - Needs further investigation.
-
     * change the fake_data stuff to mpi_set_opaque
 
     * Is it okay to use gettext for the help system?
 
     * Add some stuff for DU cc
 
-    * Use "user ID", "trustdb" and "WARNING".
+    * Use "user ID", "trustdb", "NOTE" and "WARNING".
 

VERSION

@@ -1 +1 @@
-0.4.3b
+0.4.3c

doc/OpenPGP

@@ -1,7 +1,8 @@
 		    GnuPG and OpenPGP
 		    =================
 
-   See RFC2440 for a description of OpenPGP.
+   See RFC2440 for a description of OpenPGP.  I have an annotated version
+   of this RFC online:	http://www.d.shuttle.de/isil/gnupg/rfc2440.html
 
 
 

doc/gpg.1pod

@@ -401,6 +401,16 @@ B<--throw-keyid>
     against traffic analysis.  It may slow down the decryption
     process because all available secret keys are tried.
 
+B<--not-dash-escaped>
+    This option changes the behaviour of cleartext signature
+    so that they can be used for patch files. You should not
+    send such an armored file via email because all spaces
+    and line endings are hashed too.  You can not use this
+    option for data which has 5 dashes somewhere at the
+    beginning of a line - patch files don't have this.
+    A special armor header line tells GnuPG about this
+    cleartext signature framework.
+
 B<--passphrase-fd> I<n>
     Read the passphrase from file descriptor I<n>. If you use
     0 for I<n>, the passphrase will be read from stdin.  This

g10/ChangeLog

@@ -1,3 +1,25 @@
+Fri Nov 20 16:54:52 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+	* g10.c (main): New option --not-dash-escaped
+	* sign.c (write_dashed_escaped): Ditto.
+	* armor.c (find_header): Support for NotDashEscaped header.
+
+Thu Nov 19 07:17:31 1998  Werner Koch  <werner.koch@guug.de>
+
+	* parse-packet.c (dump_sig_subpkt): Fixed expire listing
+	* getkey.c (merge_keys_and_selfsig): Fixed expire calculation.
+	(merge_one_pk_and_selfsig): Ditto.
+	* keyedit.c (menu_expire). Ditto.
+	* keygen.c (keygen_add_key_expire): Ditto.
+	(ask_expire_interval): New and changed all local function to use
+	this instead.
+	(keygen_add_key_expire): Opaque should now be a public key;
+	changed all callers.
+
+	* parse.packet.c (parse): use skip_rest to skip packets.
+
+	* keyedit.c (keyedit_menu): New arg for cmdline cmds.
+
 Wed Nov 18 20:33:50 1998  Werner Koch  (wk@isil.d.shuttle.de)
 
 	* trustdb.c (check_trustdb): Now rechecks all gived userids.

g10/armor.c

@@ -1,4 +1,4 @@
-/* armor.c - Armor filter
+/* armor.c - Armor flter
  *	Copyright (C) 1998 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
@@ -74,7 +74,10 @@ typedef enum {
     fhdrENDClearsig,
     fhdrENDClearsigHelp,
     fhdrTESTSpaces,
+    fhdrCLEARSIGSimple,
+    fhdrCLEARSIGSimpleNext,
     fhdrTEXT,
+    fhdrTEXTSimple,
     fhdrERROR,
     fhdrERRORShow,
     fhdrEOF
@@ -110,7 +113,7 @@ static fhdr_state_t find_header( fhdr_state_t state,
 				 byte *buf, size_t *r_buflen,
 				 IOBUF a, size_t n,
 				 unsigned *r_empty, int *r_hashes,
-				 int only_keyblocks );
+				 int only_keyblocks, int *not_dashed );
 
 
 static void
@@ -262,7 +265,7 @@ parse_hash_header( const char *line )
 static fhdr_state_t
 find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
 	     IOBUF a, size_t n, unsigned *r_empty, int *r_hashes,
-	     int only_keyblocks )
+	     int only_keyblocks, int *not_dashed )
 {
     int c=0, i;
     const char *s;
@@ -343,9 +346,16 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
 			    putc('\n', stderr);
 			}
 			if( clearsig && !(hashes=parse_hash_header( buf )) ) {
+			    if( strlen(buf) > 15
+				&& !memcmp( buf, "NotDashEscaped:", 15 ) ) {
+				*not_dashed = 1;
+				state = fhdrWAITHeader;
+			    }
+			    else {
 				log_error(_("invalid clearsig header\n"));
 				state = fhdrERROR;
 			    }
+			}
 			else {
 			    state = fhdrWAITHeader;
 			    if( r_hashes )
@@ -449,6 +459,31 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
 		log_info(_("armor: %s\n"), head_strings[hdr_line]);
 	    break;
 
+	  case fhdrCLEARSIGSimple:
+	    /* we are at the begin of a new line */
+	  case fhdrCLEARSIGSimpleNext:
+	    n = 0;
+	    c = 0;
+	    while( n < buflen && (c=iobuf_get(a)) != -1 ) {
+		buf[n++] = c;
+		if( c == '\n' )
+		    break;
+	    }
+	    buf[n] = 0;
+	    if( c == -1 )
+		state = fhdrEOF;
+	    else if( state == fhdrCLEARSIGSimple
+		     && n > 15 && !memcmp(buf, "-----", 5 ) ) {
+		if( c == '\n' )
+		    buf[n-1] = 0;
+		state = fhdrENDClearsig;
+	    }
+	    else if( c == '\n' )
+		state = fhdrCLEARSIGSimple;
+	    else
+		state = fhdrCLEARSIGSimpleNext;
+	    break;
+
 	  case fhdrCLEARSIG:
 	  case fhdrEMPTYClearsig:
 	  case fhdrREADClearsig:
@@ -472,6 +507,10 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
 	    break;
 
 	  case fhdrCHECKDashEscaped3:
+	    if( *not_dashed ) {
+		state = fhdrTEXTSimple;
+		break;
+	    }
 	    if( !(n > 1 && buf[0] == '-' && buf[1] == ' ' ) ) {
 		state = fhdrTEXT;
 		break;
@@ -501,7 +540,7 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
 	    /* check the clearsig line */
 	    if( n > 15 && !memcmp(buf, "-----", 5 ) )
 		state = fhdrENDClearsig;
-	    else if( buf[0] == '-' && buf[1] == ' ' )
+	    else if( buf[0] == '-' && buf[1] == ' ' && !*not_dashed )
 		state = fhdrCHECKDashEscaped;
 	    else {
 		state = fhdrTESTSpaces;
@@ -512,7 +551,7 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
 	    /* check the clearsig line */
 	    if( n > 15 && !memcmp(buf, "-----", 5 ) )
 		state = fhdrENDClearsig;
-	    else if( buf[0] == '-' && buf[1] == ' ' )
+	    else if( buf[0] == '-' && buf[1] == ' ' && !*not_dashed )
 		state = fhdrCHECKDashEscaped2;
 	    else {
 		state = fhdrREADClearsig;
@@ -591,6 +630,11 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
 
     if( clearsig && state == fhdrTEXT )
 	state = fhdrCLEARSIG;
+    else if( clearsig && state == fhdrTEXTSimple ) {
+	state = fhdrCLEARSIGSimple;
+	buf[n] = '\n';
+	n++;
+    }
 
     if( state == fhdrCLEARSIG || state == fhdrREADClearsig ) {
 	/* append CR,LF after removing trailing wspaces */
@@ -631,7 +675,7 @@ check_input( armor_filter_context_t *afx, IOBUF a )
     n = DIM(afx->helpbuf);
     state = find_header( state, afx->helpbuf, &n, a,
 				afx->helplen, &emplines, &afx->hashes,
-				afx->only_keyblocks );
+				afx->only_keyblocks, &afx->not_dash_escaped );
     switch( state ) {
       case fhdrNOArmor:
 	afx->inp_checked = 1;
@@ -649,6 +693,8 @@ check_input( armor_filter_context_t *afx, IOBUF a )
 
       case fhdrNullClearsig:
       case fhdrCLEARSIG: /* start fake package mode (for clear signatures) */
+      case fhdrCLEARSIGSimple:
+      case fhdrCLEARSIGSimpleNext:
 	afx->helplen = n;
 	afx->helpidx = 0;
 	afx->faked = 1;
@@ -718,7 +764,8 @@ fake_packet( armor_filter_context_t *afx, IOBUF a,
 	state = find_header( state, afx->helpbuf, &n, a,
 			      state == fhdrNullClearsig? afx->helplen:0,
 						&emplines, &afx->hashes,
-						afx->only_keyblocks );
+						afx->only_keyblocks,
+						&afx->not_dash_escaped );
 	switch( state) {
 	  case fhdrERROR:
 	    invalid_armor();
@@ -733,6 +780,8 @@ fake_packet( armor_filter_context_t *afx, IOBUF a,
 
 	  case fhdrREADClearsig:
 	  case fhdrREADClearsigNext:
+	  case fhdrCLEARSIGSimple:
+	  case fhdrCLEARSIGSimpleNext:
 	    afx->helplen = n;
 	    break;
 

g10/filter.h

@@ -45,6 +45,7 @@ typedef struct {
     int inp_bypass;    /* set if the input is not armored */
     int any_data;
     const char *hdrlines;
+    int not_dash_escaped;
 } armor_filter_context_t;
 
 

g10/g10.c

@@ -146,6 +146,7 @@ enum cmd_and_opt_values { aNull = 0,
     oS2KDigest,
     oS2KCipher,
     oCharset,
+    oNotDashEscaped,
 aTest };
 
 
@@ -294,6 +295,7 @@ static ARGPARSE_OPTS opts[] = {
     { oRunAsShmCP, "run-as-shm-coprocess", 4, "@" },
     { oSetFilename, "set-filename", 2, "@" },
     { oComment, "comment", 2, "@" },
+    { oNotDashEscaped, "not-dash-escaped", 0, "@" },
 {0} };
 
 
@@ -767,6 +769,7 @@ main( int argc, char **argv )
 		log_error(_("%s is not a valid character set\n"),
 						    pargs.r.ret_str);
 	    break;
+	  case oNotDashEscaped: opt.not_dash_escaped = 1; break;
 
 	  default : pargs.err = configfp? 1:2; break;
 	}
@@ -988,9 +991,17 @@ main( int argc, char **argv )
 
       case aSignKey: /* sign the key given as argument */
       case aEditKey: /* Edit a key signature */
-	if( argc != 1 )
+	if( !argc )
-	    wrong_args(_("--edit-key username"));
+	    wrong_args(_("--edit-key username [commands]"));
-	keyedit_menu(fname, locusr );
+	if( argc > 1 ) {
+	    sl = NULL;
+	    for( argc--, argv++ ; argc; argc--, argv++ )
+		append_to_strlist( &sl, *argv );
+	    keyedit_menu( fname, locusr, sl );
+	    free_strlist(sl);
+	}
+	else
+	    keyedit_menu(fname, locusr, NULL );
 	break;
 
       #endif /* IS_G10 */

g10/getkey.c

@@ -721,7 +721,7 @@ merge_one_pk_and_selfsig( KBNODE keyblock, KBNODE knode )
 	     */
 	    const byte *p;
 	    p = parse_sig_subpkt( sig->hashed_data, SIGSUBPKT_KEY_EXPIRE, NULL );
-	    pk->expiredate = p? buffer_to_u32(p):0;
+	    pk->expiredate = p? pk->timestamp + buffer_to_u32(p):0;
 	    /* fixme: add usage etc. to pk */
 	    break;
 	}
@@ -739,7 +739,7 @@ merge_keys_and_selfsig( KBNODE keyblock )
     PKT_secret_key *sk = NULL;
     PKT_signature *sig;
     KBNODE k;
-    u32 kid[2];
+    u32 kid[2] = { 0, 0 };
 
     for(k=keyblock; k; k = k->next ) {
 	if( k->pkt->pkttype == PKT_PUBLIC_KEY
@@ -747,7 +747,7 @@ merge_keys_and_selfsig( KBNODE keyblock )
 	    pk = k->pkt->pkt.public_key; sk = NULL;
 	    if( pk->version < 4 )
 		pk = NULL; /* not needed for old keys */
-	    else
+	    else if( k->pkt->pkttype == PKT_PUBLIC_KEY )
 		keyid_from_pk( pk, kid );
 	}
 	else if( k->pkt->pkttype == PKT_SECRET_KEY
@@ -755,7 +755,7 @@ merge_keys_and_selfsig( KBNODE keyblock )
 	    pk = NULL; sk = k->pkt->pkt.secret_key;
 	    if( sk->version < 4 )
 		sk = NULL;
-	    else
+	    else if( k->pkt->pkttype == PKT_SECRET_KEY )
 		keyid_from_sk( sk, kid );
 	}
 	else if( (pk || sk ) && k->pkt->pkttype == PKT_SIGNATURE
@@ -770,12 +770,12 @@ merge_keys_and_selfsig( KBNODE keyblock )
 	    const byte *p;
 	    p = parse_sig_subpkt( sig->hashed_data, SIGSUBPKT_KEY_EXPIRE, NULL );
 	    if( pk ) {
-		pk->expiredate = p? buffer_to_u32(p):0;
+		pk->expiredate = p? pk->timestamp + buffer_to_u32(p):0;
 		/* fixme: add usage etc. */
 		pk = NULL; /* use only the first self signature */
 	    }
 	    else {
-		sk->expiredate = p? buffer_to_u32(p):0;
+		sk->expiredate = p? sk->timestamp + buffer_to_u32(p):0;
 		sk = NULL; /* use only the first self signature */
 	    }
 	}

g10/keyedit.c

@@ -475,7 +475,7 @@ fix_keyblock( KBNODE keyblock )
  */
 
 void
-keyedit_menu( const char *username, STRLIST locusr )
+keyedit_menu( const char *username, STRLIST locusr, STRLIST commands )
 {
     enum cmdids { cmdNONE = 0,
 	   cmdQUIT, cmdHELP, cmdFPR, cmdLIST, cmdSELUID, cmdCHECK, cmdSIGN,
@@ -527,9 +527,10 @@ keyedit_menu( const char *username, STRLIST locusr )
     int modified = 0;
     int sec_modified = 0;
     int toggle;
+    int have_commands = !!commands;
 
 
-    if( opt.batch ) {
+    if( opt.batch && !have_commands ) {
 	log_error(_("can't do that in batchmode\n"));
 	goto leave;
     }
@@ -574,8 +575,21 @@ keyedit_menu( const char *username, STRLIST locusr )
 	}
 	do {
 	    m_free(answer);
+	    if( have_commands ) {
+		if( commands ) {
+		    answer = m_strdup( commands->d );
+		    commands = commands->next;
+		}
+		else if( opt.batch ) {
+		    answer = m_strdup("quit");
+		}
+		else
+		    have_commands = 0;
+	    }
+	    if( !have_commands ) {
 		answer = cpr_get(N_("keyedit.cmd"), _("Command> "));
 		cpr_kill_prompt();
+	    }
 	    trim_spaces(answer);
 	} while( *answer == '#' );
 
@@ -617,6 +631,8 @@ keyedit_menu( const char *username, STRLIST locusr )
 	    break;
 
 	  case cmdQUIT:
+	    if( have_commands )
+		goto leave;
 	    if( !modified && !sec_modified )
 		goto leave;
 	    if( !cpr_get_answer_is_yes(N_("keyedit.save.okay"),
@@ -1023,7 +1039,7 @@ menu_adduid( KBNODE pub_keyblock, KBNODE sec_keyblock )
     assert(pk && sk );
 
     rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x13, 0,
-			     keygen_add_std_prefs, sk );
+			     keygen_add_std_prefs, pk );
     free_secret_key( sk );
     if( rc ) {
 	log_error("signing failed: %s\n", g10_errstr(rc) );
@@ -1168,7 +1184,7 @@ menu_delkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
 static int
 menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock )
 {
-    int n1, rc;
+    int n1, signumber, rc;
     u32 expiredate;
     int mainkey=0;
     PKT_secret_key *sk;    /* copy of the main sk */
@@ -1195,26 +1211,24 @@ menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock )
     }
 
     expiredate = ask_expiredate();
-    /* fixme: check that expiredate is > key creation date */
-
-    /* get the secret key , make a copy and set the expiration time into
-     * that key (because keygen_add-key-expire expects it there)
-     */
     node = find_kbnode( sec_keyblock, PKT_SECRET_KEY );
     sk = copy_secret_key( NULL, node->pkt->pkt.secret_key);
-    sk->expiredate = expiredate;
 
     /* Now we can actually change the self signature(s) */
     main_pk = sub_pk = NULL;
     uid = NULL;
+    signumber = 0;
     for( node=pub_keyblock; node; node = node->next ) {
 	if( node->pkt->pkttype == PKT_PUBLIC_KEY ) {
 	    main_pk = node->pkt->pkt.public_key;
 	    keyid_from_pk( main_pk, keyid );
+	    main_pk->expiredate = expiredate;
 	}
 	else if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY
-		 && (node->flag & NODFLG_SELKEY ) )
+		 && (node->flag & NODFLG_SELKEY ) ) {
 	    sub_pk = node->pkt->pkt.public_key;
+	    sub_pk->expiredate = expiredate;
+	}
 	else if( node->pkt->pkttype == PKT_USER_ID )
 	    uid = node->pkt->pkt.user_id;
 	else if( main_pk && node->pkt->pkttype == PKT_SIGNATURE ) {
@@ -1222,17 +1236,32 @@ menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock )
 	    if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
 		&& (	(mainkey && uid && (sig->sig_class&~3) == 0x10)
 		     || (!mainkey && sig->sig_class == 0x18)  ) ) {
-		/* this is a selfsignature which should be replaced */
+		/* this is a selfsignature which is to be replaced */
 		PKT_signature *newsig;
 		PACKET *newpkt;
 		KBNODE sn;
+		int signumber2 = 0;
+
+		signumber++;
+
+		if( (mainkey && main_pk->version < 4)
+		    || (!mainkey && sub_pk->version < 4 ) ) {
+		    log_info(_(
+			"You can't change the expiration date of a v3 key\n"));
+		    free_secret_key( sk );
+		    return 0;
+		}
 
 		/* find the corresponding secret self-signature */
 		for( sn=sec_keyblock; sn; sn = sn->next ) {
-		    if( sn->pkt->pkttype == PKT_SIGNATURE
+		    if( sn->pkt->pkttype == PKT_SIGNATURE ) {
-			&& !cmp_signatures( sn->pkt->pkt.signature, sig ) )
+			PKT_signature *b = sn->pkt->pkt.signature;
+			if( keyid[0] == b->keyid[0] && keyid[1] == b->keyid[1]
+			    && sig->sig_class == b->sig_class
+			    && ++signumber2 == signumber )
 			    break;
 		    }
+		}
 		if( !sn )
 		    log_info(_("No corresponding signature in secret ring\n"));
 
@@ -1240,11 +1269,11 @@ menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock )
 		if( mainkey )
 		    rc = make_keysig_packet( &newsig, main_pk, uid, NULL,
 					     sk, 0x13, 0,
-					     keygen_add_std_prefs, sk );
+					     keygen_add_std_prefs, main_pk );
 		else
 		    rc = make_keysig_packet( &newsig, main_pk, NULL, sub_pk,
 					     sk, 0x18, 0,
-					     keygen_add_key_expire, sk );
+					     keygen_add_key_expire, sub_pk );
 		if( rc ) {
 		    log_error("make_keysig_packet failed: %s\n",
 						    g10_errstr(rc));

g10/keygen.c

@@ -54,12 +54,13 @@ write_uid( KBNODE root, const char *s )
 int
 keygen_add_key_expire( PKT_signature *sig, void *opaque )
 {
-    PKT_secret_key *sk = opaque;
+    PKT_public_key *pk = opaque;
     byte buf[8];
     u32  u;
 
-    if( sk->expiredate ) {
+    if( pk->expiredate ) {
-	u = sk->expiredate;
+	u = pk->expiredate > pk->timestamp? pk->expiredate - pk->timestamp
+					  : pk->timestamp;
 	buf[0] = (u >> 24) & 0xff;
 	buf[1] = (u >> 16) & 0xff;
 	buf[2] = (u >>	8) & 0xff;
@@ -135,7 +136,7 @@ write_selfsig( KBNODE root, KBNODE pub_root, PKT_secret_key *sk )
 
     /* and make the signature */
     rc = make_keysig_packet( &sig, pk, uid, NULL, sk, 0x13, 0,
-			     keygen_add_std_prefs, sk );
+			     keygen_add_std_prefs, pk );
     if( rc ) {
 	log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );
 	return rc;
@@ -176,7 +177,7 @@ write_keybinding( KBNODE root, KBNODE pub_root, PKT_secret_key *sk )
 
     /* and make the signature */
     rc = make_keysig_packet( &sig, pk, NULL, subpk, sk, 0x18, 0,
-				    keygen_add_key_expire, sk );
+				    keygen_add_key_expire, subpk );
     if( rc ) {
 	log_error("make_keysig_packet failed: %s\n", g10_errstr(rc) );
 	return rc;
@@ -192,7 +193,7 @@ write_keybinding( KBNODE root, KBNODE pub_root, PKT_secret_key *sk )
 
 static int
 gen_elg(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
-	STRING2KEY *s2k, PKT_secret_key **ret_sk, u32 expiredate,
+	STRING2KEY *s2k, PKT_secret_key **ret_sk, u32 expireval,
 							int version )
 {
     int rc;
@@ -214,9 +215,9 @@ gen_elg(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
     pk = m_alloc_clear( sizeof *pk );
     sk->timestamp = pk->timestamp = make_timestamp();
     sk->version = pk->version = version;
-    if( expiredate && expiredate < sk->timestamp )
+    if( expireval ) {
-	expiredate = sk->timestamp; /* key generatio may take long */
+	sk->expiredate = pk->expiredate = sk->timestamp + expireval;
-    sk->expiredate = pk->expiredate = expiredate;
+    }
     sk->pubkey_algo = pk->pubkey_algo = algo;
 		       pk->pkey[0] = mpi_copy( skey[0] );
 		       pk->pkey[1] = mpi_copy( skey[1] );
@@ -268,7 +269,7 @@ gen_elg(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
  */
 static int
 gen_dsa(unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
-	    STRING2KEY *s2k, PKT_secret_key **ret_sk, u32 expiredate )
+	    STRING2KEY *s2k, PKT_secret_key **ret_sk, u32 expireval )
 {
     int rc;
     int i;
@@ -291,9 +292,9 @@ gen_dsa(unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
     pk = m_alloc_clear( sizeof *pk );
     sk->timestamp = pk->timestamp = make_timestamp();
     sk->version = pk->version = 4;
-    if( expiredate && expiredate < pk->timestamp )
+    if( expireval ) {
-	expiredate = pk->timestamp; /* key generation may take long */
+	sk->expiredate = pk->expiredate = sk->timestamp + expireval;
-    sk->expiredate = pk->expiredate = expiredate;
+    }
     sk->pubkey_algo = pk->pubkey_algo = PUBKEY_ALGO_DSA;
 		       pk->pkey[0] = mpi_copy( skey[0] );
 		       pk->pkey[1] = mpi_copy( skey[1] );
@@ -481,12 +482,12 @@ ask_keysize( int algo )
 }
 
 
-u32
+static u32
-ask_expiredate()
+ask_expire_interval()
 {
     char *answer;
     int valid_days=0;
-    u32 expiredate = 0;
+    u32 interval = 0;
 
     tty_printf(_("Please specify how long the key should be valid.\n"
 		 "         0 = key does not expire\n"
@@ -494,7 +495,7 @@ ask_expiredate()
 		 "      <n>w = key expires in n weeks\n"
 		 "      <n>m = key expires in n months\n"
 		 "      <n>y = key expires in n years\n"));
-    /* Note: The elgamal subkey for DSA has no exiration date because
+    /* Note: The elgamal subkey for DSA has no expiration date because
      * it must be signed with the DSA key and this one has the expiration
      * date */
 
@@ -520,12 +521,13 @@ ask_expiredate()
 
 	if( !valid_days ) {
 	    tty_printf(_("Key does not expire at all\n"));
-	    expiredate = 0;
+	    interval = 0;
 	}
 	else {
-	    expiredate = make_timestamp() + valid_days * 86400L;
+	    interval = valid_days * 86400L;
 	    /* print the date when the key expires */
-	    tty_printf(_("Key expires at %s\n"), asctimestamp(expiredate) );
+	    tty_printf(_("Key expires at %s\n"),
+			asctimestamp(make_timestamp() + interval ) );
 	}
 
 	if( !cpr_enabled()
@@ -534,9 +536,15 @@ ask_expiredate()
 	    break;
     }
     m_free(answer);
-    return expiredate;
+    return interval;
 }
 
+u32
+ask_expiredate()
+{
+    u32 x = ask_expire_interval();
+    return x? make_timestamp() + x : 0;
+}
 
 static int
 has_invalid_email_chars( const char *s )
@@ -804,7 +812,7 @@ generate_keypair()
     STRING2KEY *s2k;
     int rc;
     int algo;
-    u32 expiredate;
+    u32 expire;
     int v4;
     int both = 0;
 
@@ -820,7 +828,7 @@ generate_keypair()
 	tty_printf(_("DSA keypair will have 1024 bits.\n"));
     }
     nbits = ask_keysize( algo );
-    expiredate = ask_expiredate();
+    expire = ask_expire_interval();
     uid = ask_user_id(0);
     if( !uid ) {
 	log_error(_("Key generation cancelled.\n"));
@@ -847,10 +855,10 @@ generate_keypair()
 
     if( both )
 	rc = do_create( PUBKEY_ALGO_DSA, 1024, pub_root, sec_root,
-					       dek, s2k, &sk, expiredate, 1);
+					       dek, s2k, &sk, expire, 1);
     else
 	rc = do_create( algo,		nbits, pub_root, sec_root,
-					       dek, s2k, &sk, expiredate, v4);
+					       dek, s2k, &sk, expire, v4);
     if( !rc )
 	write_uid(pub_root, uid );
     if( !rc )
@@ -862,7 +870,7 @@ generate_keypair()
 
     if( both ) {
 	rc = do_create( algo, nbits, pub_root, sec_root,
-					  dek, s2k, NULL, expiredate, 1 );
+					  dek, s2k, NULL, expire, 1 );
 	if( !rc )
 	    rc = write_keybinding(pub_root, pub_root, sk);
 	if( !rc )
@@ -951,7 +959,7 @@ generate_subkeypair( KBNODE pub_keyblock, KBNODE sec_keyblock )
     KBNODE node;
     PKT_secret_key *sk = NULL; /* this is the primary sk */
     int v4, algo;
-    u32 expiredate;
+    u32 expire;
     unsigned nbits;
     char *passphrase = NULL;
     DEK *dek = NULL;
@@ -988,7 +996,7 @@ generate_subkeypair( KBNODE pub_keyblock, KBNODE sec_keyblock )
     algo = ask_algo( &v4, 1 );
     assert(algo);
     nbits = ask_keysize( algo );
-    expiredate = ask_expiredate();
+    expire = ask_expire_interval();
     if( !cpr_enabled() && !cpr_get_answer_is_yes(N_("keygen.sub.okay"),
 						  _("Really create? ") ) )
 	goto leave;
@@ -1002,7 +1010,7 @@ generate_subkeypair( KBNODE pub_keyblock, KBNODE sec_keyblock )
     }
 
     rc = do_create( algo, nbits, pub_keyblock, sec_keyblock,
-				      dek, s2k, NULL, expiredate, v4 );
+				      dek, s2k, NULL, expire, v4 );
     if( !rc )
 	rc = write_keybinding(pub_keyblock, pub_keyblock, sk);
     if( !rc )

g10/main.h

@@ -77,7 +77,7 @@ int check_key_signature( KBNODE root, KBNODE node, int *is_selfsig );
 int delete_key( const char *username, int secure );
 
 /*-- keyedit.c --*/
-void keyedit_menu( const char *username, STRLIST locusr );
+void keyedit_menu( const char *username, STRLIST locusr, STRLIST cmds );
 
 /*-- keygen.c --*/
 u32 ask_expiredate(void);

g10/mainproc.c

@@ -278,13 +278,7 @@ proc_plaintext( CTX c, PACKET *pkt )
 	md_enable( c->mfx.md, DIGEST_ALGO_SHA1 );
 	md_enable( c->mfx.md, DIGEST_ALGO_MD5 );
     }
-  #if 0
+
-    if( c->mfx.md ) {
-	m_check(c->mfx.md);
-	if( c->mfx.md->list )
-	    m_check( c->mfx.md->list );
-    }
-  #endif
     rc = handle_plaintext( pt, &c->mfx, c->sigs_only, clearsig );
     if( rc == G10ERR_CREATE_FILE && !c->sigs_only) {
 	/* can't write output but we hash it anyway to

g10/options.h

@@ -64,6 +64,7 @@ struct {
     int s2k_mode;
     int s2k_digest_algo;
     int s2k_cipher_algo;
+    int not_dash_escaped;
 } opt;
 
 

g10/parse-packet.c

@@ -288,7 +288,7 @@ parse( IOBUF inp, PACKET *pkt, int reqtype, ulong *retpos,
     }
 
     if( do_skip || !pkttype || (reqtype && pkttype != reqtype) ) {
-	skip_packet(inp, pkttype, pktlen);
+	skip_rest(inp, pktlen);
 	*skip = 1;
 	rc = 0;
 	goto leave;
@@ -636,7 +636,8 @@ dump_sig_subpkt( int hashed, int type, int critical,
 	break;
       case SIGSUBPKT_SIG_EXPIRE:
 	if( length >= 4 )
-	    printf("sig expires %s", strtimestamp( buffer_to_u32(buffer) ) );
+	    printf("sig expires after %s",
+				     strtimevalue( buffer_to_u32(buffer) ) );
 	break;
       case SIGSUBPKT_EXPORTABLE:
 	if( length )
@@ -653,7 +654,8 @@ dump_sig_subpkt( int hashed, int type, int critical,
 	break;
       case SIGSUBPKT_KEY_EXPIRE:
 	if( length >= 4 )
-	    printf("key expires %s", strtimestamp( buffer_to_u32(buffer) ) );
+	    printf("key expires after %s",
+				    strtimevalue( buffer_to_u32(buffer) ) );
 	break;
       case SIGSUBPKT_ARR:
 	p = "additional recipient request";

g10/pubring.asc

@@ -1,18 +1,19 @@
 
 pub  1024D/57548DCD 1998-07-07 Werner Koch (gnupg sig) <dd9jn@gnu.org>
      Key fingerprint = 6BD9 050F D8FC 941B 4341  2DCC 68B7 AB89 5754 8DCD
+
 pub  1024D/621CC013 1998-07-07 Werner Koch <werner.koch@guug.de>
      Key fingerprint = ECAF 7590 EB34 43B5 C7CF  3ACB 6C7E E1B8 621C C013
-sub  1536G/B5A18FF4 1998-07-07
+
 pub   768R/0C9857A5 1995-09-30 Werner Koch <werner.koch@guug.de>
      Key fingerprint = 62 9E 97 C0 D5 55 76 3B	90 5A FA E9 81 1C 64 09
-uid			       Werner Koch (mein alter key) <wk@computer.org>
+
 pub   768g/E1D81275 1998-02-09 werner <dd9jn@amsat.org>
      Key fingerprint = 86E2 6681 6C0B 6DD5 4C06  BA6C E113 9763 E1D8 1275
 
 
 -----BEGIN PGP PUBLIC KEY BLOCK-----
-Version: GNUPG v0.4.3b (GNU/Linux)
+Version: GnuPG v0.4.3c (GNU/Linux)
 Comment: For info finger gcrypt@ftp.guug.de
 
 mQGiBDWiHh4RBAD+l0rg5p9rW4M3sKvmeyzhs2mDxhRKDTVVUnTwpMIR2kIA9pT4
@@ -24,9 +25,9 @@ TR641BceGHNdYiR/PiDBJsGQ3ac7n7pwhV4qex3IViRDJWz5Dzr88x+Oju63KtxY
 urUIBACi7d1rUlHr4ok7iBRlWHYXU2hpUIQ8C+UOE1XXT+HB7mZLSRONQnWMyXnq
 bAAW+EUUX2xpb54CevAg4eOilt0es8GZMmU6c0wdUsnMWWqOKHBFFlDIvyI27aZ9
 quf0yvby63kFCanQKc0QnqGXQKzuXbFqBYW2UQrYgjXji8rd8bQnV2VybmVyIEtv
-Y2ggKGdudXBnIHNpZykgPGRkOWpuQGdudS5vcmc+iF0EExECAB0FAjYp/BsFCTns
+Y2ggKGdudXBnIHNpZykgPGRkOWpuQGdudS5vcmc+iF0EExECAB0FAjZVoKYFCQht
-YxYDCwQDBRUDAgYBAxYCAQIXgAAKCRBot6uJV1SNzUUWAJ452cFtgpR+KSYpF7xI
+DIgDCwQDBRUDAgYBAxYCAQIXgAAKCRBot6uJV1SNzS4+AKCHdeYHMmKQV9mC7REE
-uTv/g2jE/QCfbggYOCUK9h4d6JNOuuI2ptbeUl6JAV8DBRA1oh5DA28RuP8+qgsQ
+5Vz6d5rRBgCfVMcyRP7dxBwhytmwCDpAcCFvCLSJAV8DBRA1oh5DA28RuP8+qgsQ
 A2MyBR0eiPUovYMz0DUXBbNs5606eaVeTJOn9WqkYGcS9xOKlGd8Xj0IcAKN30st
 5AsC5hRqr82rrUjB5/CuVdbvk+Qkh6ixWCqo+RRrbgf8cKCg1x+lDj9PpeSD/B9U
 U45ntxYamoXnPszxtzU+e73Nkbtrej5rgMK8tgTLkhTAbO8M15Mgtw2yOeDFfiCj
@@ -45,8 +46,8 @@ eUQrRDD9MTQ+XxcvEN0IpAj4kBJe9bR6HzAD/iecCmGwSlHUZZrgqWzv78o79XxD
 dcuLdl4i2fL7kwEOf9jsDe7hGs27yrdJEmAG9QF9TOF9LJFmE1CqkgW+EpKxsY01
 Wjm0BFJB1R7iPUaUtFRZxYqfgXarmPjql2iBi+cVjLzGu+4BSojVAPgP/hhcnIow
 f4M4edPiICMP1GVjtCFXZXJuZXIgS29jaCA8d2VybmVyLmtvY2hAZ3V1Zy5kZT6I
-XQQTEQIAHQUCNin7pQUJO82WDAMLBAMFFQMCBgEDFgIBAheAAAoJEGx+4bhiHMAT
+XQQTEQIAHQUCNlWgGQUJCDhNJgMLBAMFFQMCBgEDFgIBAheAAAoJEGx+4bhiHMAT
-k1QAn1vonMj+ydyZK020qCf40h6Ig2MTAJ9LehZbevQB1mZJud2MnXqiNxs65IkA
+vRgAoJc50QYEJmqS7No1oKy1s1g2XuY3AJ9QekKaTlaTdxcrNRMb7tGFiLc//YkA
 dQMFEDWjdxQdGfTBDJhXpQEBPfMC/0cxo+4xYVAplFO0nIYyjQgP7D8O0ufzPsIw
 F3kvb7b5FNNjfp+DAhN6G0HOIgkL3GsWtCfH5UHali+mtNFIKDpTtr+F/lPpZP3O
 PzzsLZS4hYTqmMs1O/ACq8axKgAilYkBXwMFEDWiJw4DbxG4/z6qCxADB9wFH0i6
@@ -184,6 +185,6 @@ o/ZDQfya+BlmbUbjNaEp0qr2BR4ypoz5jQSiQPUFN3I0RLRzR6bS+a1pUVucNMXQ
 uu5GsvJpQW47DznFDDteZcpf+QaiKKcMfpUtbWOIIlWhMAtIAodBJxCqrgGWbVGE
 kGtcrK7IW8NUDfpe/+KLcFzvx2XPo8+RHWrTlgf1RhEXdNx2up7gbuiHf+CD8kAB
 zkINfmdYizmD1/JE8+DO8gCMopcY2hYmStG4E2lUCq79qCCBeORg5A==
-=ahHm
+=7eJ9
 -----END PGP PUBLIC KEY BLOCK-----
 

g10/sign.c

@@ -458,6 +458,22 @@ write_dash_escaped( IOBUF inp, IOBUF out, MD_HANDLE md )
     int lastlf = 1;
     int state = 0;
 
+    if( opt.not_dash_escaped ) {
+	lastlf = 0;
+	while( (c = iobuf_get(inp)) != -1 ) {
+	    md_putc(md, c );
+	    iobuf_put( out, c );
+	    lastlf = c;
+	}
+	if( lastlf != '\n' ) {
+	    /* add a missing trailing LF */
+	    md_putc(md, '\n' );
+	    iobuf_put( out, '\n' );
+	}
+
+	return 0;
+    }
+
     while( (c = iobuf_get(inp)) != -1 ) {
 	/* Note: We don't escape "From " because the MUA should cope with it */
 	if( lastlf ) {
@@ -579,7 +595,11 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
 	    }
 	}
 	assert(any);
-	iobuf_writestr(out, "\n\n" );
+	iobuf_writestr(out, "\n" );
+	if( opt.not_dash_escaped )
+	    iobuf_writestr( out,
+		"NotDashEscaped: You need GnuPG to verify this message\n" );
+	iobuf_writestr(out, "\n" );
     }
 
 
@@ -588,6 +608,7 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
 	PKT_secret_key *sk = sk_rover->sk;
 	md_enable(textmd, hash_for(sk->pubkey_algo));
     }
+    if( !opt.not_dash_escaped )
 	iobuf_push_filter( inp, text_filter, &tfx );
     rc = write_dash_escaped( inp, out, textmd );
     if( rc )

include/util.h

@@ -137,6 +137,7 @@ const char *print_fname_stdout( const char *s );
 /*-- miscutil.c --*/
 u32 make_timestamp(void);
 u32 add_days_to_timestamp( u32 stamp, u16 days );
+const char *strtimevalue( u32 stamp );
 const char *strtimestamp( u32 stamp ); /* GMT */
 const char *asctimestamp( u32 stamp ); /* localized */
 void print_string( FILE *fp, byte *p, size_t n, int delim );

po/ChangeLog

@@ -1,3 +1,8 @@
+Fri Nov 20 11:46:22 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+	* de.po: Imported new version
+	* de.glo: Glossary used for de.po.
+
 Sat Nov 14 10:16:59 1998  Werner Koch  (wk@isil.d.shuttle.de)
 
 	* es_ES.po: New translation by Urko Lusa.

po/Makefile.in.in

@@ -44,7 +44,7 @@ INCLUDES = -I.. -I$(top_srcdir)/intl
 
 COMPILE = $(CC) -c $(DEFS) $(INCLUDES) $(CPPFLAGS) $(CFLAGS) $(XCFLAGS)
 
-SOURCES = cat-id-tbl.c
+SOURCES = cat-id-tbl.c	de.glo
 POFILES = @POFILES@
 GMOFILES = @GMOFILES@
 DISTFILES = ChangeLog Makefile.in.in POTFILES.in $(PACKAGE).pot \

po/de.glo

@@ -0,0 +1,51 @@
+
+algorithm		Verfahren
+anonymous		ungenannter
+armor			ASCII-Hülle
+bug			Wanze (Programmfehler)
+certificate		Zertifikat
+checksum		Prüfsumme
+cipher algorithm	Verschlüsselungsverfahren
+compress algorithm	Komprimierverfahren
+corrupted		beschädigter
+digest algorithm	Hashmethode
+expire date		Verfallsdatum
+generated		erzeugter
+Good certificate	Korrektes Zertifikat
+hint			Tip
+key-ID			Schlüssel-ID
+keyring 		Schlüsselring -> Schlüsselbund
+malformed		Ungünstig aufgebaute
+message 		Botschaft
+note			Hinweis
+ownertrust		\"Owner trust\"
+packet			Paket
+packet type		Pakettyp
+passphrase		\"Passphrase\"
+preferences		bevorzugt
+primary keys		Hauptschlüssel
+protection algorithm	Schutzmethode
+pubkey algorithm	Public-Key Verfahren	 (*1)
+public key		öffentlicher Schüssel
+........		Authentisierung
+retry			????
+revo... 		Widerruf
+secondary key		Zweitschlüssel
+secret key		geheimer Schlüssel
+self-signature		Eigensignatur
+sender			Absender
+sign user id		User-ID beglaubigen
+throw			verwerfe
+Timestamp conflict	Zeitangaben differieren
+Trust-DB		'Trust'-Datenbank
+trying			Versuch
+update
+user ID 		User-ID
+user IDs		User-IDs
+weak key		unsicherer Schlüssel
+
+(*1) Uneinheitlich verwendet
+--
+Walter Koch			    Hochdahl am Neandertal
+walterk@mail.dip.de		    ham:dg9ep@db0iz
+http://home.pages.de/~dg9ep/	    qrv:db0iz-9

scripts/ChangeLog

@@ -1,3 +1,7 @@
+Fri Nov 20 12:01:57 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+	* mkdiff: signs the pacth file
+
 Sat Oct 17 16:10:16 1998  Werner Koch  (wk@isil.d.shuttle.de)
 
 	* autogen.sh: New.

scripts/mkdiff

@@ -33,6 +33,10 @@ cat <<EOF > $diff_name
 
 This is a patch file against $prev_ver.
 
+Please check the signature of this patch file:
+
+    zcat somepath/gnupg-$curr_ver.diff.gz | gpg --verify
+
 Change to directory gnupg-$prev_ver (or however you renamed it)
 and give this command:
 
@@ -52,8 +56,9 @@ sed -e '/^diff.*VERSION/,/^+[0-9][0-9]*/ d'  $tmp_name >> $diff_name
 
 rm $tmp_name
 
-echo "Compressing patch file"
+echo "Signing and compressing patch file"
-gzip -9 $diff_name
+../gnupg/g10/gpg --clearsign --not-dash-escaped -u "(gnupg sig)" \
+    < $diff_name | gzip --best > $diff_name.gz
 
 echo "Checking patch file"
 cd gnupg-$prev_ver
@@ -66,6 +71,10 @@ if ! diff -urN "gnupg-$prev_ver/" "gnupg-$curr_ver/" >/dev/null ; then
    exit 1
 fi
 
+if ! zcat $diff_name.gz | ../gnupg/g10/gpg --batch --verify ; then
+    exit 1
+fi
+
 
 echo "cleaning up"
 

util/ChangeLog

@@ -1,3 +1,7 @@
+Thu Nov 19 07:09:55 1998  Werner Koch  <werner.koch@guug.de>
+
+	* miscutil.c (strtimevalue): New.
+
 Tue Nov 10 10:01:53 1998  Werner Koch  (wk@isil.d.shuttle.de)
 
 	* strgutil.c (set_native_charset): New.

util/miscutil.c

@@ -39,6 +39,35 @@ add_days_to_timestamp( u32 stamp, u16 days )
     return stamp + days*86400L;
 }
 
+
+/****************
+ * Return a string with a time value in the form: x Y, n D, n H
+ */
+
+const char *
+strtimevalue( u32 value )
+{
+    static char buffer[30];
+    unsigned int years, days, hours, minutes;
+
+    value /= 60;
+    minutes = value % 60;
+    value /= 60;
+    hours = value % 24;
+    value /= 24;
+    days = value % 365;
+    value /= 365;
+    years = value;
+
+    sprintf(buffer,"%uy%ud%uh%um", years, days, hours, minutes );
+    if( years )
+	return buffer;
+    if( days )
+	return strchr( buffer, 'y' ) + 1;
+    return strchr( buffer, 'd' ) + 1;
+}
+
+
 /****************
  * Note: this function returns GMT
  */