fixed clearsig stuff

TODO

@@ -1,7 +1,7 @@
 
     * add option --restore-ownertrust
 
-    * add options: --default-signature-user, --default-encryption-user
+    * always put key signatures before the first subkey.
 
     * Change the formatting of log_xxxx to GNU standards
       ("name:filename:line: text")

VERSION

@@ -1 +1 @@
-0.3.1
+0.3.1a

checks/ChangeLog

@@ -1,3 +1,7 @@
+Wed Jul  8 10:43:47 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+	* seat.test: New.
+
 Mon May 18 15:40:02 1998  Werner Koch  (wk@isil.d.shuttle.de)
 
 	* Makefile.am: Now uses mk-tdata to produce random test data.

checks/Makefile.am

@@ -4,7 +4,7 @@ TESTS = version.test mds.test \
 	decrypt.test decrypt-dsa.test \
 	sigs.test sigs-dsa.test \
 	encrypt.test encrypt-dsa.test  \
-	clearsig.test encryptp.test detach.test \
+	seat.test clearsig.test encryptp.test detach.test \
 	armsigs.test armencrypt.test armencryptp.test \
 	signencrypt.test signencrypt-dsa.test \
 	armsignencrypt.test armdetach.test \

checks/clearsig.test

@@ -2,19 +2,17 @@
 
 . defs.inc || exit 3
 
-#info Checking cleartext signatures
+# I can't compare the out because plain-3 has no LF as last charcater
-# There is a minor glitch, which appends an lf to the cleartext.
+# but the output has always one.  I do not thinkl this is a bug, because
-# I do not consider that a bug, but I have to use the head .. mimic.
+# it is clear text and not binary text.
-# It is not clear what should happen to leading LFs, we must
-# change the defintion of cleartext, so that only 1 empty line
-# must follow the headers, but some specs say: any number of empty lines ..
-# clean-sat removes leading LFs
-# I know that this does not work for random data files (due to large lines
-# or what ever) - I hope we can live with it.
 for i in $plain_files; do
     echo "$usrpass1" | ./run-gpg --passphrase-fd 0 -sat -o x --yes $i
-    ./run-gpg -o y --yes x
+    ./run-gpg --verify x
-    ../tools/clean-sat < $i > z
+done
-    head -c $[ $(cat y | wc -c) - 1 ] y | diff - z || error "$i: mismatch"
+# and once more to check rfc1991
+for i in $plain_files; do
+    echo "$usrpass1" | ./run-gpg --passphrase-fd 0 \
+			 --rfc1991 --digest-algo md5 -sat -o x --yes $i
+    ./run-gpg --verify x
 done
 

checks/defs.inc

@@ -21,9 +21,8 @@ dsa_usrname2="0xCB879DE9"
 dsa_keyrings="--keyring ./pubring.pkr --secret-keyring ./secring.skr"
 
 
-#plain_files="plain-1 plain-2 plain-3"
+plain_files="plain-1 plain-2 plain-3"
 #data_files="data-500 data-9000 data-32000 data-80000"
-plain_files="plain-1 plain-2"
 data_files="data-500 data-9000"
 exp_files=""
 

checks/seat.test

@@ -0,0 +1,10 @@
+#!/bin/sh
+
+. defs.inc || exit 3
+
+for i in $plain_files ; do
+    echo "$usrpass1" | ./run-gpg --passphrase-fd 0 -seat -r two -o x --yes $i
+    ./run-gpg -o y --yes x
+    cmp $i y || error "$i: mismatch"
+done
+

doc/gpg.1pod

@@ -61,7 +61,7 @@ B<--verify> [[I<sigfile>] {I<signed-files>}]
 
 B<-k> [I<username>] [I<keyring>]
     Kludge to be somewhat compatible with PGP.
-    Without arguments, all public key-rings are listed.
+    Without arguments, all public keyrings are listed.
     With one argument, only I<keyring> is listed.
     Special combinations are also allowed, but it may
     give strange results when combined with more options.
@@ -129,8 +129,8 @@ B<--gen-revoke>
     Generate a revocation certificate.
 
 B<--export> [I<names>]
-    Either export all keys from all key-rings (default
+    Either export all keys from all keyrings (default
-    key-rings and those registered via option B<--keyring>),
+    keyrings and those registered via option B<--keyring>),
     or if at least one name is given, those of the given
     name. The new keyring is written to F<stdout> or to
     the file given with option "output".  Use together
@@ -165,6 +165,11 @@ B<-u> I<name>, B<--local-user> I<name>
     This option is silently ignored for the list commands,
     so that it can be used in an options file.
 
+B<--default-key>  I<name>
+    Use I<name> as default user-id for signatures.  If this
+    is not used the default user-id is the first user-id in
+    the secret keyring.
+
 B<-r>  I<name>, B<--remote-user>  I<name>
     Use I<name> as the user-id for encryption.
     This option is silently ignored for the list commands,
@@ -202,14 +207,15 @@ B<--no>
     Assume no on most questions.
 
 B<--keyring> I<file>
-    Add I<file> to the list of key-rings.
+    Add I<file> to the list of keyrings.
     If I<file> begins with a tilde and a slash, these
     are replaced by the HOME directory. If the filename
     does not contain a slash, it is assumed to be in the
     home-directory (F<~/.gnupg> if B<--homedir>) is not used.
 
 B<--secret-keyring> I<file>
-    Same as B<--keyring> but for secret key-rings.
+    Same as B<--keyring> but for secret keyrings.
+
 
 B<--homedir> I<dir>
     Set the name of the home directory to I<dir>. If this
@@ -287,8 +293,8 @@ B<--no-armor>
     Assume the input data is not in ASCCI armored format.
 
 B<--no-default-keyring>
-    Do not add the default key-rings to the list of
+    Do not add the default keyrings to the list of
-    key-rings.
+    keyrings.
 
 B<--skip-verify>
     Skip the signature verification step.  This may be used to
@@ -329,17 +335,14 @@ C<GNUPGHOME>  If set, direcory used instead of F<~/.gnupg>.
 
 =head1 FILES
 
-F<~/.gnupg/secring.gpg>     The secret key-ring
+F<~/.gnupg/secring.gpg>     The secret keyring
 
-F<~/.gnupg/pubring.gpg>     The public key-ring
+F<~/.gnupg/pubring.gpg>     The public keyring
 
 F<~/.gnupg/trustdb.gpg>     The trust database
 
-F<~/.gnupg/gnupg.gpg>	    Signature of GNUPG files.
-
 F<~/.gnupg/options>	    May contain options
 
-
 =head1 SEE ALSO
 
 gpgm(1)  gpgd(1)

g10/ChangeLog

@@ -1,3 +1,20 @@
+Wed Jul  8 10:45:28 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+	* plaintext.c (special_md_putc): New.
+	(handle_plaintext): add clearsig argument
+	* mainproc.c (proc_plaintext): detection of clearsig
+	* sign.c (write_dased_escaped): Changed clearsig format
+
+Tue Jul  7 18:56:19 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+	* armor.c (find_header): Now makes sure that there is only one
+	empty line for clearsigs, as this is what OP now says.
+
+Mon Jul  6 13:09:07 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+	* g10.c (main): New option default-secret-key
+	* getkey.c (get_seckey_byname): support for this option.
+
 Mon Jul  6 09:03:49 1998  Werner Koch  (wk@isil.d.shuttle.de)
 
 	* getkey.c (add_keyring): Keyrings are now added to end of the

g10/armor.c

@@ -380,16 +380,13 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
 		state = fhdrEOF;
 	    break;
 
-	  case fhdrWAITClearsig: /* skip all empty lines (for clearsig) */
+	  case fhdrWAITClearsig: /* skip the empty line (for clearsig) */
 	    c = 0;
 	    for(n=0; n < buflen && (c=iobuf_get2(a)) != -1 && c != '\n'; )
 		buf[n++] = c;
 	    if( n < buflen || c == '\n' ) {
 		buf[n] = 0;
-		if( !n || (buf[0]=='\r' && !buf[1]) ) /* empty line */
+		state = fhdrCHECKDashEscaped3;
-		    ;
-		else
-		    state = fhdrCHECKDashEscaped3;
 	    }
 	    else {
 		/* fixme: we should check whether this line continues
@@ -590,6 +587,7 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen,
 	    buf[1] = '\n';
 	    n = 2;
 	}
+
     }
 
 
@@ -715,13 +713,6 @@ fake_packet( armor_filter_context_t *afx, IOBUF a,
 	    break;
 
 	  case fhdrENDClearsig:
-	    /* FIXME: this is wrong: Only the last CRLF should
-	     * not be included in the hash, muts rewrite the FSM again
-	     * This proble does only occur if the last line does not end
-	     * in with a LF?
-	     */
-	    if( emplines )
-		emplines--; /* don't count the last one */
 	    state = fhdrENDClearsigHelp;
 	    afx->helplen = n;
 	    break;

g10/export.c

@@ -125,6 +125,24 @@ do_export( STRLIST users, int secret )
 
 	/* and write it */
 	for( kbctx=NULL; (node = walk_kbnode( keyblock, &kbctx, 0 )); ) {
+	    if( opt.do_not_export_rsa ) {
+		int algo;
+		switch( node->pkt->pkttype ) {
+		  /* note: we can´ do this for subkeys here */
+		  case PKT_PUBLIC_KEY:
+		    algo = node->pkt->pkt.public_key->pubkey_algo;
+		    break;
+		  case PKT_SECRET_KEY:
+		    algo = node->pkt->pkt.secret_key->pubkey_algo;
+		    break;
+		  case PKT_SIGNATURE:
+		    algo = node->pkt->pkt.signature->pubkey_algo;
+		    break;
+		  default: algo = 0;
+		}
+		if( is_RSA(algo) )
+		    continue;
+	    }
 	    if( (rc = build_packet( out, node->pkt )) ) {
 		log_error("build_packet(%d) failed: %s\n",
 			    node->pkt->pkttype, g10_errstr(rc) );

g10/g10.c

@@ -76,6 +76,7 @@ static ARGPARSE_OPTS opts[] = {
   #endif
     { 537, "export"          , 0, N_("export keys") },
     { 563, "export-secret-keys" , 0, "@" },
+    { 565, "do-not-export-rsa", 0, "@" },
     { 530, "import",      0     , N_("import/merge keys")},
     { 521, "list-packets",0,N_("list only the sequence of packets")},
   #ifdef IS_G10MAINT
@@ -105,6 +106,7 @@ static ARGPARSE_OPTS opts[] = {
     { 502, "no",        0, N_("assume no on most questions")},
     { 509, "keyring"   ,2, N_("add this keyring to the list of keyrings")},
     { 517, "secret-keyring" ,2, N_("add this secret keyring to the list")},
+    { 541, "default-key" ,2, N_("|NAME|use NAME as default secret key")},
     { 518, "options"   , 2, N_("read options from file")},
 
     { 510, "debug"     ,4|16, N_("set debugging flags")},
@@ -168,8 +170,6 @@ static ARGPARSE_OPTS opts[] = {
 
 {0} };
 
-/* (Free numbers: 541) */
-
 
 enum cmd_values { aNull = 0,
     aSym, aStore, aEncr, aKeygen, aSign, aSignEncr,
@@ -575,6 +575,7 @@ main( int argc, char **argv )
 	  case 536: opt.marginals_needed = pargs.r.ret_int; break;
 	  case 537: set_cmd( &cmd, aExport); break;
 	  case 538: trustdb_name = pargs.r.ret_str; break;
+	  case 541: opt.def_secret_key = pargs.r.ret_str; break;
 	  case 543: break; /* no-options */
 	  case 544: opt.homedir = pargs.r.ret_str; break;
 	  case 545: opt.batch = 0; break;
@@ -591,6 +592,7 @@ main( int argc, char **argv )
 	  case 561: opt.rfc1991 = 1; break;
 	  case 562: opt.emulate_bugs |= 1; break;
 	  case 563: set_cmd( &cmd, aExportSecret); break;
+	  case 565: opt.do_not_export_rsa = 1; break;
 	  default : errors++; pargs.err = configfp? 1:2; break;
 	}
     }

g10/getkey.c

@@ -532,8 +532,12 @@ get_seckey_byname( PKT_secret_key *sk, const char *name, int unprotect )
 {
     int rc;
 
-    rc = name ? key_byname( 1, NULL, sk, name )
+    if( !name && opt.def_secret_key && *opt.def_secret_key )
-	      : lookup_sk( sk, 15, NULL, NULL );
+	rc = key_byname( 1, NULL, sk, opt.def_secret_key );
+    else if( !name ) /* use the first one as default key */
+	rc = lookup_sk( sk, 15, NULL, NULL );
+    else
+	rc = key_byname( 1, NULL, sk, name );
     if( !rc && unprotect )
 	rc = check_secret_key( sk );
 

g10/import.c

@@ -33,6 +33,7 @@
 #include "util.h"
 #include "trustdb.h"
 #include "main.h"
+#include "i18n.h"
 
 
 static int read_block( IOBUF a, compress_filter_context_t *cfx,
@@ -101,7 +102,7 @@ import_keys( const char *fname )
     if( !fname )
 	fname = "[stdin]";
     if( !inp ) {
-	log_error("%s: can't open file: %s\n", fname, strerror(errno) );
+	log_error_f(fname, _("can't open file: %s\n"), strerror(errno) );
 	return G10ERR_OPEN_FILE;
     }
 
@@ -116,9 +117,10 @@ import_keys( const char *fname )
 	else if( keyblock->pkt->pkttype == PKT_SIGNATURE
 		 && keyblock->pkt->pkt.signature->sig_class == 0x20 )
 	    rc = import_revoke_cert( fname, keyblock );
-	else
+	else {
-	    log_info("%s: skipping block of type %d\n",
+	    log_info_f(fname, _("skipping block of type %d\n"),
-					    fname, keyblock->pkt->pkttype );
+					    keyblock->pkt->pkttype );
+	}
 	release_kbnode(keyblock);
 	if( rc )
 	    break;
@@ -126,7 +128,7 @@ import_keys( const char *fname )
     if( rc == -1 )
 	rc = 0;
     else if( rc && rc != G10ERR_INV_KEYRING )
-	log_error("%s: read error: %s\n", fname, g10_errstr(rc));
+	log_error_f( fname, _("read error: %s\n"), g10_errstr(rc));
 
     iobuf_close(inp);
     return rc;
@@ -255,7 +257,7 @@ import_one( const char *fname, KBNODE keyblock )
     uidnode = find_next_kbnode( keyblock, PKT_USER_ID );
 
     if( opt.verbose ) {
-	log_info("%s: pub  %4u%c/%08lX %s   ", fname,
+	log_info_f( fname, "pub  %4u%c/%08lX %s   ",
 		  nbits_from_pk( pk ),
 		  pubkey_letter( pk->pubkey_algo ),
 		  (ulong)keyid[1], datestr_from_pk(pk) );
@@ -265,7 +267,7 @@ import_one( const char *fname, KBNODE keyblock )
 	putc('\n', stderr);
     }
     if( !uidnode ) {
-	log_error("%s: No user id for key %08lX\n", fname, (ulong)keyid[1]);
+	log_error_f(fname, _("key %08lX: no user id\n"), (ulong)keyid[1]);
 	return 0;
     }
 
@@ -275,8 +277,8 @@ import_one( const char *fname, KBNODE keyblock )
 	return rc== -1? 0:rc;
 
     if( !delete_inv_parts( fname, keyblock, keyid ) ) {
-	log_info("%s: key %08lX, no valid user ids\n",
+	log_info_f( fname, _("key %08lX: no valid user ids\n"),
-						    fname, (ulong)keyid[1]);
+						    (ulong)keyid[1]);
 	return 0;
     }
 
@@ -284,27 +286,27 @@ import_one( const char *fname, KBNODE keyblock )
     pk_orig = m_alloc_clear( sizeof *pk_orig );
     rc = get_pubkey( pk_orig, keyid );
     if( rc && rc != G10ERR_NO_PUBKEY ) {
-	log_error("%s: key %08lX, public key not found: %s\n",
+	log_error_f( fname, _("key %08lX: public key not found: %s\n"),
-				fname, (ulong)keyid[1], g10_errstr(rc));
+				(ulong)keyid[1], g10_errstr(rc));
     }
     else if( rc ) { /* insert this key */
 	/* get default resource */
 	if( get_keyblock_handle( NULL, 0, &kbpos ) ) {
-	    log_error("no default public keyring\n");
+	    log_error(_("no default public keyring\n"));
 	    return G10ERR_GENERAL;
 	}
 	if( opt.verbose > 1 )
-	    log_info("%s: writing to '%s'\n",
+	    log_info_f( fname, _("writing to '%s'\n"),
-				fname, keyblock_resource_name(&kbpos) );
+				keyblock_resource_name(&kbpos) );
 	if( (rc=lock_keyblock( &kbpos )) )
-	    log_error("can't lock public keyring '%s': %s\n",
+	    log_error_f( keyblock_resource_name(&kbpos),
-			     keyblock_resource_name(&kbpos), g10_errstr(rc) );
+			_("can't lock public keyring: %s\n"), g10_errstr(rc) );
 	else if( (rc=insert_keyblock( &kbpos, keyblock )) )
-	    log_error("%s: can't write to '%s': %s\n", fname,
+	    log_error_f( keyblock_resource_name(&kbpos),
-			     keyblock_resource_name(&kbpos), g10_errstr(rc) );
+			_("can't write to keyring: %s\n"), g10_errstr(rc) );
 	unlock_keyblock( &kbpos );
 	/* we are ready */
-	log_info("%s: key %08lX imported\n", fname, (ulong)keyid[1]);
+	log_info_f( fname, _("key %08lX: public key imported\n"), (ulong)keyid[1]);
     }
     else { /* merge */
 	int n_uids, n_sigs, n_subk;
@@ -312,8 +314,8 @@ import_one( const char *fname, KBNODE keyblock )
 	/* Compare the original against the new key; just to be sure nothing
 	 * weird is going on */
 	if( cmp_public_keys( pk_orig, pk ) ) {
-	    log_error("%s: key %08lX, doesn't match our copy\n",
+	    log_error_f( fname, _("key %08lX: doesn't match our copy\n"),
-						    fname, (ulong)keyid[1]);
+							  (ulong)keyid[1]);
 	    rc = G10ERR_GENERAL;
 	    goto leave;
 	}
@@ -324,14 +326,16 @@ import_one( const char *fname, KBNODE keyblock )
 	/* now read the original keyblock */
 	rc = find_keyblock_bypk( &kbpos, pk_orig );
 	if( rc ) {
-	    log_error("%s: key %08lX, can't locate original keyblock: %s\n",
+	    log_error_f(fname,
-				     fname, (ulong)keyid[1], g10_errstr(rc));
+			_("key %08lX: can't locate original keyblock: %s\n"),
+				     (ulong)keyid[1], g10_errstr(rc));
 	    goto leave;
 	}
 	rc = read_keyblock( &kbpos, &keyblock_orig );
 	if( rc ) {
-	    log_error("%s: key %08lX, can't read original keyblock: %s\n",
+	    log_error_f(fname,
-				     fname, (ulong)keyid[1], g10_errstr(rc));
+			_("key %08lX: can't read original keyblock: %s\n"),
+					    (ulong)keyid[1], g10_errstr(rc));
 	    goto leave;
 	}
 	/* and try to merge the block */
@@ -345,37 +349,37 @@ import_one( const char *fname, KBNODE keyblock )
 	if( n_uids || n_sigs || n_subk ) {
 	    /* keyblock_orig has been updated; write */
 	    if( opt.verbose > 1 )
-		log_info("%s: writing to '%s'\n",
+		log_info_f(keyblock_resource_name(&kbpos),
-				    fname, keyblock_resource_name(&kbpos) );
+				      _("writing keyblock\n"));
 	    if( (rc=lock_keyblock( &kbpos )) )
-		log_error("can't lock public keyring '%s': %s\n",
+		log_error_f(keyblock_resource_name(&kbpos),
-				 keyblock_resource_name(&kbpos), g10_errstr(rc) );
+			 _("can't lock public keyring: %s\n"), g10_errstr(rc) );
 	    else if( (rc=update_keyblock( &kbpos, keyblock )) )
-		log_error("%s: can't write to '%s': %s\n", fname,
+		log_error_f( keyblock_resource_name(&kbpos),
-				 keyblock_resource_name(&kbpos), g10_errstr(rc) );
+			    _("can't write keyblock: %s\n"), g10_errstr(rc) );
 	    unlock_keyblock( &kbpos );
 	    /* we are ready */
 	    if( n_uids == 1 )
-		log_info("%s: key %08lX, 1 new user-id\n",
+		log_info_f(fname, _("key %08lX: 1 new user-id\n"),
-					 fname, (ulong)keyid[1]);
+					 (ulong)keyid[1]);
 	    else if( n_uids )
-		log_info("%s: key %08lX, %d new user-ids\n",
+		log_info_f(fname, _("key %08lX: %d new user-ids\n"),
-					 fname, (ulong)keyid[1], n_uids );
+					 (ulong)keyid[1], n_uids );
 	    if( n_sigs == 1 )
-		log_info("%s: key %08lX, 1 new signature\n",
+		log_info_f(fname, _("key %08lX: 1 new signature\n"),
-					 fname, (ulong)keyid[1]);
+					 (ulong)keyid[1]);
 	    else if( n_sigs )
-		log_info("%s: key %08lX, %d new signatures\n",
+		log_info_f(fname, _("key %08lX: %d new signatures\n"),
-					 fname, (ulong)keyid[1], n_sigs );
+					 (ulong)keyid[1], n_sigs );
 	    if( n_subk == 1 )
-		log_info("%s: key %08lX, 1 new subkey\n",
+		log_info_f(fname, _("key %08lX: 1 new subkey\n"),
-					 fname, (ulong)keyid[1]);
+					 (ulong)keyid[1]);
 	    else if( n_subk )
-		log_info("%s: key %08lX, %d new subkeys\n",
+		log_info_f(fname, _("key %08lX: %d new subkeys\n"),
-					 fname, (ulong)keyid[1], n_subk );
+					 (ulong)keyid[1], n_subk );
 	}
 	else
-	    log_info("%s: key %08lX, not changed\n", fname, (ulong)keyid[1] );
+	    log_info_f(fname, _("key %08lX: not changed\n"), (ulong)keyid[1] );
     }
 
   leave:
@@ -408,7 +412,7 @@ import_secret_one( const char *fname, KBNODE keyblock )
     uidnode = find_next_kbnode( keyblock, PKT_USER_ID );
 
     if( opt.verbose ) {
-	log_info("%s: sec  %4u%c/%08lX %s   ", fname,
+	log_info_f(fname, "sec  %4u%c/%08lX %s   ",
 		  nbits_from_sk( sk ),
 		  pubkey_letter( sk->pubkey_algo ),
 		  (ulong)keyid[1], datestr_from_sk(sk) );
@@ -418,7 +422,7 @@ import_secret_one( const char *fname, KBNODE keyblock )
 	putc('\n', stderr);
     }
     if( !uidnode ) {
-	log_error("%s: No user id for key %08lX\n", fname, (ulong)keyid[1]);
+	log_error_f(fname, _("key %08lX: no user id\n"), (ulong)keyid[1]);
 	return 0;
     }
 
@@ -433,25 +437,24 @@ import_secret_one( const char *fname, KBNODE keyblock )
 	    return G10ERR_GENERAL;
 	}
 	if( opt.verbose > 1 )
-	    log_info("%s: writing to '%s'\n",
+	    log_info_f(keyblock_resource_name(&kbpos), _("writing keyblock\n"));
-				fname, keyblock_resource_name(&kbpos) );
 	if( (rc=lock_keyblock( &kbpos )) )
-	    log_error("can't lock secret keyring '%s': %s\n",
+	    log_error_f( keyblock_resource_name(&kbpos),
-			     keyblock_resource_name(&kbpos), g10_errstr(rc) );
+		      _("can't lock secret keyring: %s\n"), g10_errstr(rc) );
 	else if( (rc=insert_keyblock( &kbpos, keyblock )) )
-	    log_error("%s: can't write to '%s': %s\n", fname,
+	    log_error_f(keyblock_resource_name(&kbpos),
-			     keyblock_resource_name(&kbpos), g10_errstr(rc) );
+		      _("can't write keyring\n"), g10_errstr(rc) );
 	unlock_keyblock( &kbpos );
 	/* we are ready */
-	log_info("%s: key %08lX imported\n", fname, (ulong)keyid[1]);
+	log_info_f(fname, _("key %08lX: secret key imported\n"), (ulong)keyid[1]);
     }
     else if( !rc ) { /* we can't merge secret keys */
-	log_error("%s: key %08lX already in secret keyring\n",
+	log_error_f(fname, _("key %08lX: already in secret keyring\n"),
-						fname, (ulong)keyid[1]);
+						(ulong)keyid[1]);
     }
     else
-	log_error("%s: key %08lX, secret key not found: %s\n",
+	log_error_f(fname, _("key %08lX: secret key not found: %s\n"),
-				fname, (ulong)keyid[1], g10_errstr(rc));
+				(ulong)keyid[1], g10_errstr(rc));
 
     release_kbnode( keyblock_orig );
     return rc;
@@ -480,29 +483,30 @@ import_revoke_cert( const char *fname, KBNODE node )
     pk = m_alloc_clear( sizeof *pk );
     rc = get_pubkey( pk, keyid );
     if( rc == G10ERR_NO_PUBKEY ) {
-	log_info("%s: key %08lX, no public key - "
+	log_info_f(fname, _("key %08lX: no public key - "
-		 "can't apply revocation certificate\n",
+		 "can't apply revocation certificate\n"), (ulong)keyid[1]);
-				fname, (ulong)keyid[1]);
 	rc = 0;
 	goto leave;
     }
     else if( rc ) {
-	log_error("%s: key %08lX, public key not found: %s\n",
+	log_error_f(fname, _("key %08lX: public key not found: %s\n"),
-				fname, (ulong)keyid[1], g10_errstr(rc));
+				       (ulong)keyid[1], g10_errstr(rc));
 	goto leave;
     }
 
     /* read the original keyblock */
     rc = find_keyblock_bypk( &kbpos, pk );
     if( rc ) {
-	log_error("%s: key %08lX, can't locate original keyblock: %s\n",
+	log_error_f(fname,
-				 fname, (ulong)keyid[1], g10_errstr(rc));
+		_("key %08lX: can't locate original keyblock: %s\n"),
+					(ulong)keyid[1], g10_errstr(rc));
 	goto leave;
     }
     rc = read_keyblock( &kbpos, &keyblock );
     if( rc ) {
-	log_error("%s: key %08lX, can't read original keyblock: %s\n",
+	log_error_f(fname,
-				 fname, (ulong)keyid[1], g10_errstr(rc));
+		_("key %08lX: can't read original keyblock: %s\n"),
+					(ulong)keyid[1], g10_errstr(rc));
 	goto leave;
     }
 
@@ -512,9 +516,8 @@ import_revoke_cert( const char *fname, KBNODE node )
      * special case. */
     rc = check_key_signature( keyblock, node, NULL);
     if( rc ) {
-	log_error("%s: key %08lX, invalid revocation certificate"
+	log_error_f(fname, _("key %08lX: invalid revocation certificate"
-		  ": %s - rejected\n",
+		  ": %s - rejected\n"), (ulong)keyid[1], g10_errstr(rc));
-		  fname, (ulong)keyid[1], g10_errstr(rc));
     }
 
 
@@ -537,18 +540,17 @@ import_revoke_cert( const char *fname, KBNODE node )
 
     /* and write the keyblock back */
     if( opt.verbose > 1 )
-	log_info("%s: writing to '%s'\n",
+	log_info_f( keyblock_resource_name(&kbpos), _("writing keyblock\n"));
-			    fname, keyblock_resource_name(&kbpos) );
     if( (rc=lock_keyblock( &kbpos )) )
-	log_error("can't lock public keyring '%s': %s\n",
+	log_error_f( keyblock_resource_name(&kbpos),
-			 keyblock_resource_name(&kbpos), g10_errstr(rc) );
+		    _("can't lock public keyring: %s\n"), g10_errstr(rc) );
     else if( (rc=update_keyblock( &kbpos, keyblock )) )
-	log_error("%s: can't write to '%s': %s\n", fname,
+	log_error_f(keyblock_resource_name(&kbpos),
-			 keyblock_resource_name(&kbpos), g10_errstr(rc) );
+		    _("can't write keyblock: %s\n"), g10_errstr(rc) );
     unlock_keyblock( &kbpos );
     /* we are ready */
-    log_info("%s: key %08lX, added revocation certificate\n",
+    log_info_f(fname, _("key %08lX: revocation certificate imported\n"),
-				 fname, (ulong)keyid[1]);
+					(ulong)keyid[1]);
 
   leave:
     release_kbnode( keyblock );
@@ -577,16 +579,16 @@ chk_self_sigs( const char *fname, KBNODE keyblock,
 	if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] ) {
 	    unode = find_prev_kbnode( keyblock, n, PKT_USER_ID );
 	    if( !unode )  {
-		log_error("%s: key %08lX, no user-id for signature\n",
+		log_error_f(fname, _("key %08lX: no user-id for signature\n"),
-					fname, (ulong)keyid[1]);
+					(ulong)keyid[1]);
 		return -1;  /* the complete keyblock is invalid */
 	    }
 	    rc = check_key_signature( keyblock, n, NULL);
 	    if( rc ) {
-		log_error( rc == G10ERR_PUBKEY_ALGO ?
+		log_error_f( fname,  rc == G10ERR_PUBKEY_ALGO ?
-			  "%s: key %08lX, unsupported public key algorithm\n":
+			  _("key %08lX: unsupported public key algorithm\n"):
-			  "%s: key %08lX, invalid self-signature\n",
+			  _("key %08lX: invalid self-signature\n"),
-			  fname, (ulong)keyid[1]);
+				 (ulong)keyid[1]);
 
 		unode->flag |= 2; /* mark as invalid */
 	    }
@@ -614,8 +616,8 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid )
 	    uid_seen = 1;
 	    if( (node->flag & 2) || !(node->flag & 1) ) {
 		if( opt.verbose ) {
-		    log_info("%s: key %08lX, removed userid '",
+		    log_info_f(fname, _("key %08lX: skipped userid '"),
-						  fname, (ulong)keyid[1]);
+							 (ulong)keyid[1]);
 		    print_string( stderr, node->pkt->pkt.user_id->name,
 				      node->pkt->pkt.user_id->len, 0 );
 		    fputs("'\n", stderr );
@@ -637,15 +639,15 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid )
 	else if( node->pkt->pkttype == PKT_SIGNATURE
 		 && node->pkt->pkt.signature->sig_class == 0x20 )  {
 	    if( uid_seen ) {
-		log_error("%s: key %08lX, revocation certificate at wrong "
+		log_error_f(fname, _("key %08lX: revocation certificate at wrong "
-			   "place - removed\n", fname, (ulong)keyid[1]);
+			   "place - skipped\n"), fname, (ulong)keyid[1]);
 		delete_kbnode( node );
 	    }
 	    else {
 		int rc = check_key_signature( keyblock, node, NULL);
 		if( rc ) {
-		    log_error("%s: key %08lX, invalid revocation certificate"
+		    log_error_f(fname, _("key %08lX: invalid revocation certificate"
-			      ": %s - removed\n",
+			      ": %s - skipped\n"),
 			      fname, (ulong)keyid[1], g10_errstr(rc));
 		    delete_kbnode( node );
 		}
@@ -706,8 +708,8 @@ merge_blocks( const char *fname, KBNODE keyblock_orig, KBNODE keyblock,
 		insert_kbnode( keyblock_orig, n2, 0 );
 		n2->flag |= 1;
 		node->flag |= 1;
-		log_info("%s: key %08lX, added revocation certificate\n",
+		log_info_f(fname, _("key %08lX: revocation certificate added\n"),
-					 fname, (ulong)keyid[1]);
+					 (ulong)keyid[1]);
 	    }
 	}
     }
@@ -769,7 +771,7 @@ append_uid( KBNODE keyblock, KBNODE node, int *n_sigs,
     assert(node->pkt->pkttype == PKT_USER_ID );
     /* at lease a self signature comes next to the user-id */
     if( node->next->pkt->pkttype == PKT_USER_ID ) {
-	log_error("%s: key %08lX, our copy has no self-signature\n",
+	log_error_f(fname, _("key %08lX: our copy has no self-signature\n"),
 						  fname, (ulong)keyid[1]);
 	return G10ERR_GENERAL;
     }
@@ -805,8 +807,8 @@ merge_sigs( KBNODE dst, KBNODE src, int *n_sigs,
     /* at least a self signature comes next to the user-ids */
     assert(src->next->pkt->pkttype != PKT_USER_ID );
     if( dst->next->pkt->pkttype == PKT_USER_ID ) {
-	log_error("%s: key %08lX, our copy has no self-signature\n",
+	log_error_f(fname, _("key %08lX: our copy has no self-signature\n"),
-						  fname, (ulong)keyid[1]);
+						  (ulong)keyid[1]);
 	return 0;
     }
 

g10/mainproc.c

@@ -232,22 +232,34 @@ static void
 proc_plaintext( CTX c, PACKET *pkt )
 {
     PKT_plaintext *pt = pkt->pkt.plaintext;
-    int any, rc;
+    int any, clearsig, rc;
     KBNODE n;
 
     if( opt.verbose )
 	log_info("original file name='%.*s'\n", pt->namelen, pt->name);
     free_md_filter_context( &c->mfx );
-    /* fixme: look at the sigclass to check whether we should use the
-     *	      textmode filter (sigclass 0x01)
-     */
     c->mfx.md = md_open( 0, 0);
-    any = 0;
+    /* fixme: we may need to push the textfilter if we have sigclass 1
+     * and no armoring - Not yet tested */
+    any = clearsig = 0;
     for(n=c->list; n; n = n->next ) {
-	if( n->pkt->pkttype == PKT_ONEPASS_SIG
+	if( n->pkt->pkttype == PKT_ONEPASS_SIG ) {
-	    && n->pkt->pkt.onepass_sig->digest_algo ) {
+	    if( n->pkt->pkt.onepass_sig->digest_algo ) {
-	    md_enable( c->mfx.md, n->pkt->pkt.onepass_sig->digest_algo );
+		md_enable( c->mfx.md, n->pkt->pkt.onepass_sig->digest_algo );
-	    any = 1;
+		any = 1;
+	    }
+	    /* Check whether this is a cleartext signature.  We assume that
+	     * we have one if the sig_class is 1 and the keyid is 0, that
+	     * are the faked packets produced by armor.c.  There is a
+	     * possibility that this fails, but there is no other easy way
+	     * to do it. (We could use a special packet type to indicate
+	     * this, but this may also be faked - it simply can't be verified
+	     * and is _no_ security issue)
+	     */
+	    if( n->pkt->pkt.onepass_sig->sig_class == 0x01
+		&& !n->pkt->pkt.onepass_sig->keyid[0]
+		&& !n->pkt->pkt.onepass_sig->keyid[1]  )
+		clearsig = 1;
 	}
     }
     if( !any ) { /* no onepass sig packet: enable all algos */
@@ -260,7 +272,7 @@ proc_plaintext( CTX c, PACKET *pkt )
 	if( c->mfx.md->list )
 	    m_check( c->mfx.md->list );
     }
-    rc = handle_plaintext( pt, &c->mfx, c->sigs_only );
+    rc = handle_plaintext( pt, &c->mfx, c->sigs_only, clearsig );
     if( rc )
 	log_error( "handle plaintext failed: %s\n", g10_errstr(rc));
     if( c->mfx.md ) {

g10/options.h

@@ -37,9 +37,10 @@ struct {
     int no_armor;
     int list_packets; /* list-packets mode */
     int def_cipher_algo;
-    int reserved;
+    int do_not_export_rsa;
     int def_digest_algo;
     int def_compress_algo;
+    const char *def_secret_key;
     int no_comment;
     int marginals_needed;
     int completes_needed;

g10/packet.h

@@ -282,7 +282,8 @@ int decrypt_data( PKT_encrypted *ed, DEK *dek );
 int encrypt_data( PKT_encrypted *ed, DEK *dek );
 
 /*-- plaintext.c --*/
-int handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,int nooutput);
+int handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
+					int nooutput, int clearsig );
 int ask_for_detached_datafile( md_filter_context_t *mfx, const char *inname );
 
 /*-- comment.c --*/

g10/plaintext.c

@@ -33,6 +33,46 @@
 #include "i18n.h"
 
 
+/****************
+ * Defer the last CR,LF
+ */
+static void
+special_md_putc( MD_HANDLE md, int c, int *state )
+{
+    if( c == -1 ) { /* flush */
+	if( *state == 1 ) {
+	    md_putc(md, '\r');
+	}
+	*state = 0;
+	return;
+    }
+  again:
+    switch( *state ) {
+      case 0:
+	if( c == '\r' )
+	    *state = 1;
+	else
+	    md_putc(md, c );
+	break;
+      case 1:
+	if( c == '\n' )
+	    *state = 2;
+	else {
+	    md_putc(md, '\r');
+	    *state = 0;
+	    goto again;
+	}
+	break;
+      case 2:
+	md_putc(md, '\r');
+	md_putc(md, '\n');
+	*state = 0;
+	goto again;
+      default: BUG();
+    }
+}
+
+
 /****************
  * Handle a plaintext packet.  If MFX is not NULL, update the MDs
  * Note: we should use the filter stuff here, but we have to add some
@@ -40,13 +80,15 @@
  *	 bytes from the plaintext.
  */
 int
-handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx, int nooutput )
+handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
+		  int nooutput, int clearsig )
 {
     char *fname = NULL;
     FILE *fp = NULL;
     int rc = 0;
     int c;
     int convert = pt->mode == 't';
+    int special_state = 0;
 
     /* create the filename as C string */
     if( nooutput )
@@ -86,10 +128,14 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx, int nooutput )
 		rc = G10ERR_READ_FILE;
 		goto leave;
 	    }
-	    if( mfx->md )
+	    if( mfx->md ) {
-		md_putc(mfx->md, c );
+		if( convert && clearsig )
+		    special_md_putc(mfx->md, c, &special_state );
+		else
+		    md_putc(mfx->md, c );
+	    }
 	    if( convert && c == '\r' )
-		continue; /* FIXME: this hack is too simple */
+		continue; /* fixme: this hack might be too simple */
 	    if( fp ) {
 		if( putc( c, fp ) == EOF ) {
 		    log_error("Error writing to '%s': %s\n",
@@ -102,10 +148,14 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx, int nooutput )
     }
     else {
 	while( (c = iobuf_get(pt->buf)) != -1 ) {
-	    if( mfx->md )
+	    if( mfx->md ) {
-		md_putc(mfx->md, c );
+		if( convert && clearsig )
+		    special_md_putc(mfx->md, c, &special_state	);
+		else
+		    md_putc(mfx->md, c );
+	    }
 	    if( convert && c == '\r' )
-		continue; /* FIXME: this hack is too simple */
+		continue; /* fixme: this hack might be too simple */
 	    if( fp ) {
 		if( putc( c, fp ) == EOF ) {
 		    log_error("Error writing to '%s': %s\n",
@@ -117,6 +167,8 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx, int nooutput )
 	}
 	iobuf_clear_eof(pt->buf);
     }
+    if( mfx->md && convert && clearsig )
+	special_md_putc(mfx->md, -1, &special_state  ); /* flush */
 
     if( fp && fp != stdout && fclose(fp) ) {
 	log_error("Error closing '%s': %s\n", fname, strerror(errno) );

g10/sign.c

@@ -416,14 +416,14 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
 
 
 /****************
- * note: we do not count empty lines at the beginning
+ * Note: We do not calculate the hash over the last CR,LF
  */
 static int
 write_dash_escaped( IOBUF inp, IOBUF out, MD_HANDLE md )
 {
     int c;
     int lastlf = 1;
-    int skip_empty = 1;
+    int state = 0;
 
     while( (c = iobuf_get(inp)) != -1 ) {
 	/* Note: We don't escape "From " because the MUA should cope with it */
@@ -431,21 +431,41 @@ write_dash_escaped( IOBUF inp, IOBUF out, MD_HANDLE md )
 	    if( c == '-' ) {
 		iobuf_put( out, c );
 		iobuf_put( out, ' ' );
-		skip_empty = 0;
 	    }
-	    else if( skip_empty && c == '\r' )
-		skip_empty = 2;
-	    else
-		skip_empty = 0;
 	}
 
-	if( !skip_empty )
+      again:
-	    md_putc(md, c );
+	switch( state ) {
+	  case 0:
+	    if( c == '\r' )
+		state = 1;
+	    else
+		md_putc(md, c );
+	    break;
+	  case 1:
+	    if( c == '\n' )
+		state = 2;
+	    else {
+		md_putc(md, '\r');
+		state = 0;
+		goto again;
+	    }
+	    break;
+	  case 2:
+	    md_putc(md, '\r');
+	    md_putc(md, '\n');
+	    state = 0;
+	    goto again;
+	  default: BUG();
+	}
 	iobuf_put( out, c );
 	lastlf = c == '\n';
-	if( skip_empty == 2 )
-	    skip_empty = lastlf ? 0 : 1;
     }
+    if( state == 1 )
+	md_putc(md, '\r');
+    if( !lastlf )
+	iobuf_put( out, '\n' );
+
     return 0; /* fixme: add error handling */
 }
 
@@ -537,13 +557,11 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
 	PKT_secret_key *sk = sk_rover->sk;
 	md_enable(textmd, hash_for(sk->pubkey_algo));
     }
-
     iobuf_push_filter( inp, text_filter, &tfx );
     rc = write_dash_escaped( inp, out, textmd );
     if( rc )
 	goto leave;
 
-    iobuf_writestr(out, "\n" );
     afx.what = 2;
     iobuf_push_filter( out, armor_filter, &afx );
 

g10/textfilter.c

@@ -51,8 +51,11 @@ read_line( byte *buf, size_t *r_buflen, IOBUF a )
     for(c=0, n=0; n < buflen && (c=iobuf_get2(a)) != -1 && c != '\n'; )
 	buf[n++] = c;
     buf[n] = 0;
-    if( c == -1 )
+    if( c == -1 ) {
 	rc = -1;
+	if( !n || buf[n-1] != '\n' )
+	    no_lf = 1;
+    }
     else if( c != '\n' ) {
 	IOBUF b = iobuf_temp();
 	while( (c=iobuf_get2(a)) != -1 && c != '\n' ) {

include/cipher.h

@@ -44,6 +44,9 @@
 #define PUBKEY_ALGO_DSA       17
 #define PUBKEY_ALGO_ELGAMAL   20     /* sign and encrypt elgamal */
 
+#define PUBKEY_USAGE_SIG     1	    /* key is good for signatures */
+#define PUBKEY_USAGE_ENC     2	    /* key is good for encryption */
+
 #define DIGEST_ALGO_MD5       1
 #define DIGEST_ALGO_SHA1      2
 #define DIGEST_ALGO_RMD160    3
@@ -79,9 +82,7 @@ typedef struct {
     int  bufcount;
     int  secure;
     FILE  *debug;
-    int guard1;
     struct md_digest_list_s *list;
-    int guard2;
 } *MD_HANDLE;
 
 

include/util.h

@@ -72,6 +72,14 @@ void g10_log_mpidump( const char *text, MPI a );
   void g10_log_error( const char *fmt, ... ) __attribute__ ((format (printf,1,2)));
   void g10_log_info( const char *fmt, ... )  __attribute__ ((format (printf,1,2)));
   void g10_log_debug( const char *fmt, ... ) __attribute__ ((format (printf,1,2)));
+  void g10_log_fatal_f( const char *fname, const char *fmt, ... )
+			    __attribute__ ((noreturn, format (printf,2,3)));
+  void g10_log_error_f( const char *fname, const char *fmt, ... )
+			    __attribute__ ((format (printf,2,3)));
+  void g10_log_info_f( const char *fname, const char *fmt, ... )
+			    __attribute__ ((format (printf,2,3)));
+  void g10_log_debug_f( const char *fname,  const char *fmt, ... )
+			    __attribute__ ((format (printf,2,3)));
   #define BUG() g10_log_bug0(  __FILE__ , __LINE__, __FUNCTION__ )
 #else
   void g10_log_bug( const char *fmt, ... );
@@ -80,6 +88,10 @@ void g10_log_mpidump( const char *text, MPI a );
   void g10_log_error( const char *fmt, ... );
   void g10_log_info( const char *fmt, ... );
   void g10_log_debug( const char *fmt, ... );
+  void g10_log_fatal_f( const char *fname, const char *fmt, ... );
+  void g10_log_error_f( const char *fname, const char *fmt, ... );
+  void g10_log_info_f( const char *fname, const char *fmt, ... );
+  void g10_log_debug_f( const char *fname, const char *fmt, ... );
   #define BUG() g10_log_bug0( __FILE__ , __LINE__ )
 #endif
 
@@ -91,7 +103,10 @@ void g10_log_mpidump( const char *text, MPI a );
 #define log_error   g10_log_error
 #define log_info    g10_log_info
 #define log_debug   g10_log_debug
-
+#define log_fatal_f g10_log_fatal_f
+#define log_error_f g10_log_error_f
+#define log_info_f  g10_log_info_f
+#define log_debug_f g10_log_debug_f
 
 
 /*-- errors.c --*/

po/POTFILES.in

@@ -3,14 +3,33 @@
 
 # utility
 util/secmem.c
+util/argparse.c
 
 # cipher
 cipher/random.c
-
+cipher/rand-dummy.c
+cipher/rand-unix.c
+cipher/rand-w32.c
 
 # main program
 
 g10/g10.c
 g10/pkclist.c
 g10/keygen.c
+g10/decrypt.c
+g10/encode.c
+g10/import.c
+g10/keyedit.c
+g10/keylist.c
+g10/mainproc.c
+g10/passphrase.c
+g10/plaintext.c
+g10/pref.c
+g10/seckey-cert.c
+g10/sig-check.c
+g10/sign.c
+g10/trustdb.c
+g10/verify.c
+
+
 #---end--

util/ChangeLog

@@ -1,3 +1,7 @@
+Tue Jul  7 11:49:25 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+	* logger.c (log_set_filename): New.
+
 Mon Jul  6 09:03:49 1998  Werner Koch  (wk@isil.d.shuttle.de)
 
 	* strgutil.c (append_to_strlist): New.

util/iobuf.c

@@ -893,6 +893,8 @@ iobuf_peek(IOBUF a, byte *buf, unsigned buflen )
 {
     int n=0;
 
+    if( a->filter_eof )
+	return -1;
     if( !(a->d.start < a->d.len) ) {
 	if( underflow(a) == -1 )
 	    return -1;

util/logger.c

@@ -73,6 +73,15 @@ print_prefix(const char *text)
 	fprintf(stderr, "?%s: %s", pidstring, text );
 }
 
+static void
+print_prefix_f(const char *text, const char *fname)
+{
+    if( pgm_name )
+	fprintf(stderr, "%s%s:%s: %s", pgm_name, pidstring, fname, text );
+    else
+	fprintf(stderr, "?%s:%s: %s", pidstring, fname, text );
+}
+
 void
 g10_log_info( const char *fmt, ... )
 {
@@ -84,6 +93,17 @@ g10_log_info( const char *fmt, ... )
     va_end(arg_ptr);
 }
 
+void
+g10_log_info_f( const char *fname, const char *fmt, ... )
+{
+    va_list arg_ptr ;
+
+    print_prefix_f("", fname);
+    va_start( arg_ptr, fmt ) ;
+    vfprintf(stderr,fmt,arg_ptr) ;
+    va_end(arg_ptr);
+}
+
 void
 g10_log_error( const char *fmt, ... )
 {
@@ -96,6 +116,18 @@ g10_log_error( const char *fmt, ... )
     errorcount++;
 }
 
+void
+g10_log_error_f( const char *fname, const char *fmt, ... )
+{
+    va_list arg_ptr ;
+
+    print_prefix_f("", fname);
+    va_start( arg_ptr, fmt ) ;
+    vfprintf(stderr,fmt,arg_ptr) ;
+    va_end(arg_ptr);
+    errorcount++;
+}
+
 void
 g10_log_fatal( const char *fmt, ... )
 {
@@ -109,6 +141,19 @@ g10_log_fatal( const char *fmt, ... )
     exit(2);
 }
 
+void
+g10_log_fatal_f( const char *fname, const char *fmt, ... )
+{
+    va_list arg_ptr ;
+
+    print_prefix_f("fatal: ", fname);
+    va_start( arg_ptr, fmt ) ;
+    vfprintf(stderr,fmt,arg_ptr) ;
+    va_end(arg_ptr);
+    secmem_dump_stats();
+    exit(2);
+}
+
 void
 g10_log_bug( const char *fmt, ... )
 {
@@ -149,6 +194,17 @@ g10_log_debug( const char *fmt, ... )
     va_end(arg_ptr);
 }
 
+void
+g10_log_debug_f( const char *fname, const char *fmt, ... )
+{
+    va_list arg_ptr ;
+
+    print_prefix_f("DBG: ", fname);
+    va_start( arg_ptr, fmt ) ;
+    vfprintf(stderr,fmt,arg_ptr) ;
+    va_end(arg_ptr);
+}
+
 
 
 void

zlib/Makefile

@@ -92,7 +92,7 @@ POSUB = po
 RANLIB = ranlib
 USE_INCLUDED_LIBINTL = yes
 USE_NLS = yes
-VERSION = 0.3.1
+VERSION = 0.3.1a
 ZLIBS = 
 l =