security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

See ChangeLog: Tue Jun 29 21:44:25 CEST 1999 Werner Koch

This commit is contained in:
Werner Koch 1999-06-29 19:50:54 +00:00
parent 38c47646ea
commit 75ed03c960
29 changed files with 1025 additions and 1284 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
ChangeLog
View File

@ -1,6 +1,15 @@
Sat Jun 26 12:15:59 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
Tue Jun 29 21:44:25 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (use_local_zlib): The lost dollar is back.
* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Add EMX case.
* configure.in: Another variant of the MX vendor string
* configure.in (--with-capabilities): Some test code (Remi).
Sat Jun 26 12:15:59 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4 (GNUPG_CHECK_RDYNAMIC): Support for HPUX and IRIX.
* configure.in (HAVE_DL_SHL_LOAD): New for HPUX (Dave Dykstra).

8
Makefile.am
View File

@ -1,10 +1,10 @@
## Process this file with automake to produce Makefile.in
#if COMPILE_LIBGCRYPT
#gcrypt = gcrypt
#else
if COMPILE_LIBGCRYPT
gcrypt = gcrypt
else
gcrypt =
#endif
endif
SUBDIRS = intl zlib util mpi cipher tools g10 po doc checks ${gcrypt}
EXTRA_DIST = VERSION PROJECTS BUGS

4
NEWS
View File

@ -1,3 +1,7 @@
*
Noteworthy changes in version 0.9.8
-----------------------------------

8
TODO
View File

@ -6,16 +6,10 @@
* Speed up calculation of key validity.
* See why we always get this "Hmmm, public key not anymore available"
Rewrite that stuff.
* print a warning when a revoked/expired _secret_ key is used.
* remove more "Fixmes"
* Use capabilities if available. glibc2 does not support it yet?
What about 2.2 or should we use the system calls directly?
* when decryptiong multiple key: print a warning only if no usable pubkey
encrypt package was found. Extension: display a list of all recipients.
@ -29,8 +23,6 @@
* convert the given user ID to UTF-8 and add an option to suppress this.
* A way to disable keys.
Nice to have
------------

2
VERSION
View File

@ -1 +1 @@
0.9.8
0.9.8a

1
acconfig.h
View File

@ -92,6 +92,7 @@
* with special properties like no file modes */
#undef HAVE_DOSISH_SYSTEM
#undef USE_CAPABILITIES
@BOTTOM@

23
acinclude.m4
View File

@ -560,11 +560,20 @@ AC_CHECK_TOOL(AS, as, false)
# GNUPG_SYS_SYMBOL_UNDERSCORE - does the compiler prefix global symbols
# with an underscore?
AC_DEFUN(GNUPG_SYS_SYMBOL_UNDERSCORE,
[if test "$cross_compiling" = yes; then
AC_MSG_CHECKING([for _ prefix in compiled symbols])
ac_cv_sys_symbol_underscore=yes
AC_MSG_RESULT(assume yes)
else
[ac_cv_sys_symbol_underscore="check"
case "${target}" in
i386-emx-os2 | i[3456]86-pc-os2*emx )
ac_cv_sys_symbol_underscore=yes
;;
*)
if test "$cross_compiling" = yes; then
ac_cv_sys_symbol_underscore=yes
fi
;;
esac
if test "$ac_cv_sys_symbol_underscore" = "check"; then
ac_cv_sys_symbol_underscore=""
AC_REQUIRE([GNUPG_PROG_NM])dnl
AC_REQUIRE([GNUPG_SYS_NM_PARSE])dnl
AC_MSG_CHECKING([for _ prefix in compiled symbols])
@ -597,8 +606,10 @@ else
fi
rm -rf conftest*
])
AC_MSG_RESULT($ac_cv_sys_symbol_underscore)
else
AC_MSG_CHECKING([for _ prefix in compiled symbols])
fi
AC_MSG_RESULT($ac_cv_sys_symbol_underscore)
if test x$ac_cv_sys_symbol_underscore = xyes; then
AC_DEFINE(WITH_SYMBOL_UNDERSCORE,1,
[define if compiled symbols have a leading underscore])

77
configure.in
View File

@ -102,16 +102,25 @@ AC_ARG_WITH(included-zlib,
[g10_force_zlib=yes], [g10_force_zlib=no] )
AC_MSG_RESULT($g10_force_zlib)
dnl This does not work because automakes install tareget still needs libtool
dnl dnl
dnl dnl Check wether we want to compile libgcrypt
dnl dnl
dnl AC_MSG_CHECKING([whether compilation of libgcrypt is requested])
dnl AC_ARG_ENABLE(libgcrypt,
dnl [ --enable-libgcrypt compile the libgcrypt [default=no]],
dnl [compile_libgcrypt="$enableval"],[compile_libgcrypt=no])
dnl AM_CONDITIONAL(COMPILE_LIBGCRYPT, test x$compile_libgcrypt = xyes)
dnl AC_MSG_RESULT($compile_libgcrypt)
dnl
dnl Check wether we want to compile libgcrypt
dnl
AC_MSG_CHECKING([whether compilation of libgcrypt is requested])
AC_ARG_ENABLE(libgcrypt,
[ --enable-libgcrypt compile the libgcrypt [default=no]],
[compile_libgcrypt="$enableval"],[compile_libgcrypt=no])
AM_CONDITIONAL(COMPILE_LIBGCRYPT, test x$compile_libgcrypt = xyes)
AC_MSG_RESULT($compile_libgcrypt)
dnl
dnl Check whether we want to use Linux capabilities
dnl
AC_MSG_CHECKING([whether use of capabilities is requested])
AC_ARG_WITH(capabilities,
[ --with-capabilities use linux capabilities [default=no]],
[use_capabilities="$withval"],[use_capabilities=no])
AC_MSG_RESULT($use_capabilities)
dnl Checks for programs.
@ -135,12 +144,11 @@ AC_CHECK_PROG(DOCBOOK_TO_MAN, docbook-to-man, yes, no)
AM_CONDITIONAL(HAVE_DOCBOOK_TO_MAN, test "$ac_cv_prog_DOCBOOK_TO_MAN" = yes)
dnl if test x$compile_libgcrypt = xyes; then
dnl dnl Don't default to build shared libs
dnl AM_DISABLE_SHARED
dnl AM_PROG_LIBTOOL
dnl fi
dnl
dnl Don't default to build shared libs
dnl
AM_DISABLE_SHARED
AM_PROG_LIBTOOL
MPI_OPT_FLAGS=""
@ -165,7 +173,7 @@ case "${target}" in
try_gettext="no"
try_gdbm="no"
;;
i386-emx-os2 | i[3456]86-pc-os2emx )
i386-emx-os2 | i[3456]86-pc-os2*emx )
# OS/2 with the EMX environment
ac_cv_have_dev_random=no
AC_DEFINE(HAVE_DRIVE_LETTERS)
@ -173,6 +181,7 @@ case "${target}" in
try_gettext="no"
try_gdbm="no"
;;
*-*-hpux*)
if test -z "$GCC" ; then
CFLAGS="$CFLAGS -Ae -D_HPUX_SOURCE"
@ -204,7 +213,7 @@ case "${target}" in
i386--mingw32)
PRINTABLE_OS_NAME="MingW32"
;;
i386-emx-os2 | i[3456]86-pc-os2emx)
i386-emx-os2 | i[3456]86-pc-os2*emx )
PRINTABLE_OS_NAME="OS/2"
;;
*-linux*)
@ -356,12 +365,38 @@ fi
dnl Checks for library functions.
AC_FUNC_VPRINTF
AC_CHECK_FUNCS(strerror stpcpy strlwr tcgetattr rand strtoul mmap)
AC_CHECK_FUNCS(strerror stpcpy strlwr stricmp tcgetattr rand strtoul mmap)
AC_CHECK_FUNCS(memmove gettimeofday getrusage gethrtime setrlimit)
AC_CHECK_FUNCS(memicmp atexit raise getpagesize strftime nl_langinfo)
GNUPG_CHECK_MLOCK
dnl
dnl Check whether we can use Linux capabilities as requested
dnl
if test "$use_capabilities" = "yes" ; then
use_capabilities=no
AC_CHECK_HEADERS(sys/capability.h)
if test "$ac_cv_header_sys_capability_h" = "yes" ; then
AC_CHECK_LIB(cap, cap_init, ac_need_libcap=1)
if test "$ac_cv_lib_cap_cap_init" = "yes"; then
AC_DEFINE(USE_CAPABILITIES)
use_capabilities=yes
fi
fi
if test "$use_capabilities" = "no" ; then
AC_MSG_WARN([[
*** The use of capabilities on this system is not possible.
*** You need a recent Linux kernel and some patches:
*** fcaps-2.2.9-990610.patch (kernel patch for 2.2.9)
*** fcap-module-990613.tar.gz (kernel module)
*** libcap-1.92.tar.gz (user mode library and utilities)
*** And you have to configure the kernel with CONFIG_VFS_CAP_PLUGIN
*** set (filesystems menu). Be warned: This code is *really* ALPHA.]])
fi
fi
GNUPG_CHECK_IPC
if test "$ac_cv_header_sys_shm_h" = "yes"; then
AC_DEFINE(USE_SHM_COPROCESSING)
@ -415,7 +450,7 @@ if test "$use_static_rnd" = default; then
i386--mingw32)
static_modules="$static_modules rndw32"
;;
i386-emx-os2|i[3456]86-pc-os2emx)
i386-emx-os2|i[3456]86-pc-os2*emx)
static_modules="$static_modules rndos2"
;;
m68k-atari-mint)
@ -541,7 +576,7 @@ else
fi
fi
if test "use_local_zlib" = yes ; then
if test "$use_local_zlib" = yes ; then
AM_CONDITIONAL(ENABLE_LOCAL_ZLIB, true)
GNUPG_LINK_FILES(zlib/zlib.h, zlib.h )
GNUPG_LINK_FILES(zlib/zconf.h, zconf.h )

26
debian/changelog vendored
View File

@ -1,3 +1,29 @@
gnupg (0.9.8-1) unstable; urgency=low
* New upstream version.
* debian/rules (binary-arch): don't create a gpgm manpage as the binary
no longer exists. Noticed by Wichert Akkerman
<wichert@cs.leidenuniv.nl>. [#38864]
-- James Troup <james@nocrew.org> Sun, 27 Jun 1999 01:07:58 +0100
gnupg (0.9.7-1) unstable; urgency=low
* New upstream version.
-- James Troup <james@nocrew.org> Tue, 25 May 1999 13:23:24 +0100
gnupg (0.9.6-1) unstable; urgency=low
* New upstream version.
* debian/copyright: update version number, noticed by Lazarus Long
<lazarus@frontiernet.net>.
* debian/control (Depends): depend on makedev (>= 2.3.1-13) to ensure
that /dev/urandom exists; reported by Steffen Markert
<smort@rz.tu-ilmenau.de>. [#32076]
-- James Troup <james@nocrew.org> Tue, 11 May 1999 21:06:27 +0100
gnupg (0.9.5-1) unstable; urgency=low
* New upstream version.

2
debian/control vendored
View File

@ -6,7 +6,7 @@ Standards-Version: 2.5.0.0
Package: gnupg
Architecture: any
Depends: ${shlibs:Depends}
Depends: ${shlibs:Depends}, makedev (>= 2.3.1-13)
Description: GNU privacy guard - a free PGP replacement.
GnuPG is the GNU encryption and signing tool. As you can see from the
version number, the program may have some bugs and some features may not

4
debian/copyright vendored
View File

@ -4,14 +4,14 @@ have some bugs and some features may not work at all.
This package was put together by me, James Troup
<james@nocrew.org>, from the sources, which I obtained from
ftp://ftp.gnupg.org/pub/gcrypt/gnupg-0.9.2.tar.gz. The changes were
ftp://ftp.gnupg.org/pub/gcrypt/gnupg-0.9.8.tar.gz. The changes were
minimal, namely:
- adding support for the Debian package maintenance scheme, by adding
various debian/* files.
Program Copyright (C) 1998, 1999 Free Software Foundation, Inc.
Modifications for Debian Copyright (C) 1998 James Troup.
Modifications for Debian Copyright (C) 1998,1999 James Troup.
GNUPG is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by

4
debian/rules vendored
View File

@ -1,5 +1,5 @@
#!/usr/bin/make -f
# debian/rules file - for GNUPG (0.9.4)
# debian/rules file - for GNUPG (0.9.8)
# Based on sample debian/rules file - for GNU Hello (1.3).
# Copyright 1994,1995 by Ian Jackson.
# Copyright 1998 James Troup
@ -34,9 +34,7 @@ binary-arch: checkroot build # test
install -d debian/tmp/DEBIAN/
install -m 755 debian/preinst debian/tmp/DEBIAN/preinst
$(MAKE) prefix=`pwd`/debian/tmp/usr install
rm debian/tmp/usr/man/man1/gpgm.1
gzip -9v debian/tmp/usr/man/man1/*
ln -s gpg.1.gz debian/tmp/usr/man/man1/gpgm.1.gz
strip debian/tmp/usr/bin/*
strip --strip-unneeded debian/tmp/usr/lib/gnupg/*
install -d debian/tmp/usr/doc/gnupg/

5
doc/DETAILS
View File

@ -238,8 +238,9 @@ the DB is always of type 2 and this is the only record of this type.
1 byte ownertrust
1 byte dirflag
1 byte maximum validity of all the user ids
4 byte time of last validity check.
15 byte reserved
1 u32 time of last validity check.
1 u32 Must check when this time has been reached.
(0 = no check required)
Record type 3: (key record)

2
doc/FAQ
View File

@ -191,6 +191,8 @@
u = The key is ultimately trusted; this
is only used for keys for which
the secret key is also available.
r = The key has been revoked
d = The key has been disabled
The value in the "pub" record is the best one of all "uid" records.

17
g10/ChangeLog
View File

@ -1,3 +1,20 @@
Tue Jun 29 21:44:25 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* trustdb.h (TRUST_FLAG_DISABLED): New.
* status.c (USE_CAPABILITIES): Capabilities support (Remi).
* tdbio.c : Added new fields to the DIR record.
(tdbio_write_record): Fixed the update of the hash tables.
(tdbio_delete_record): Drop the record from the hash tables.
(drop_from_hashtbl): New.
* status.c (cpr_get): Special online help mode.
* helptext.c ("keyedit.cmd"): Removed.
* keyedit.c (keyedit_menu): Use only help system.
(enable_disable_key): New bit doies not yet work.
Sat Jun 26 12:15:59 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>

4
g10/helptext.c
View File

@ -146,10 +146,6 @@ static struct helptexts { const char *key; const char *help; } helptexts[] = {
},
{ N_("keyedit.cmd"),
"Please enter \"help\" to see the list of commands."
},
{ N_("keyedit.save.okay"),
"Answer \"yes\" or \"no\""
},

28
g10/keyedit.c
View File

@ -59,6 +59,7 @@ static int count_selected_uids( KBNODE keyblock );
static int count_selected_keys( KBNODE keyblock );
static int menu_revsig( KBNODE keyblock );
static int menu_revkey( KBNODE pub_keyblock, KBNODE sec_keyblock );
static int enable_disable_key( KBNODE keyblock, int disable );
#define CONTROL_D ('D' - 'A' + 1)
@ -550,6 +551,7 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands )
cmdLSIGN, cmdREVSIG, cmdREVKEY, cmdDELSIG,
cmdDEBUG, cmdSAVE, cmdADDUID, cmdDELUID, cmdADDKEY, cmdDELKEY,
cmdTOGGLE, cmdSELKEY, cmdPASSWD, cmdTRUST, cmdPREF, cmdEXPIRE,
cmdENABLEKEY, cmdDISABLEKEY,
cmdNOP };
static struct { const char *name;
enum cmdids id;
@ -586,6 +588,8 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands )
{ N_("trust") , cmdTRUST , 0, N_("change the ownertrust") },
{ N_("revsig") , cmdREVSIG , 0, N_("revoke signatures") },
{ N_("revkey") , cmdREVKEY , 1, N_("revoke a secondary key") },
{ N_("disable") , cmdDISABLEKEY , 0, N_("disable a key") },
{ N_("enable") , cmdENABLEKEY , 0, N_("enable a key") },
{ NULL, cmdNONE } };
enum cmdids cmd;
@ -662,7 +666,7 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands )
have_commands = 0;
}
if( !have_commands ) {
answer = cpr_get("keyedit.cmd", _("Command> "));
answer = cpr_get("", _("Command> "));
cpr_kill_prompt();
}
trim_spaces(answer);
@ -842,12 +846,10 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands )
break;
case cmdADDKEY:
secmem_dump_stats();
if( generate_subkeypair( keyblock, sec_keyblock ) ) {
redisplay = 1;
sec_modified = modified = 1;
}
secmem_dump_stats();
break;
@ -934,6 +936,14 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands )
}
break;
case cmdENABLEKEY:
case cmdDISABLEKEY:
if( enable_disable_key( keyblock, cmd == cmdDISABLEKEY ) ) {
redisplay = 1;
modified = 1;
}
break;
default:
tty_printf("\n");
tty_printf(_("Invalid command (try \"help\")\n"));
@ -1859,3 +1869,15 @@ menu_revkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
}
static int
enable_disable_key( KBNODE keyblock, int disable )
{
int entire;
int changed = 0;
entire = !count_selected_keys( keyblock );
return changed;
}

11
g10/status.c
View File

@ -25,6 +25,9 @@
#include <errno.h>
#include <unistd.h>
#ifdef USE_SHM_COPROCESSING
#ifdef USE_CAPABILITIES
#include <sys/capability.h>
#endif
#ifdef HAVE_SYS_IPC_H
#include <sys/ipc.h>
#endif
@ -165,6 +168,9 @@ init_shm_coprocessing ( ulong requested_shm_size, int lock_mem )
log_debug("mapped %uk shared memory at %p, id=%d\n",
(unsigned)shm_size/1024, shm_area, shm_id );
if( lock_mem ) {
#ifdef USE_CAPABILITIES
cap_set_proc( cap_from_text("cap_ipc_lock+ep") );
#endif
#ifdef IPC_HAVE_SHM_LOCK
if ( shmctl (shm_id, SHM_LOCK, 0) )
log_info("locking shared memory %d failed: %s\n",
@ -181,6 +187,9 @@ init_shm_coprocessing ( ulong requested_shm_size, int lock_mem )
#else
log_info("Locking shared memory %d failed: No way to do it\n", shm_id );
#endif
#ifdef USE_CAPABILITIES
cap_set_proc( cap_from_text("cap_ipc_lock+p") );
#endif
}
@ -279,7 +288,7 @@ cpr_get( const char *keyword, const char *prompt )
#endif
for(;;) {
p = tty_get( prompt );
if( *p == '?' && !p[1] ) {
if( *p=='?' && !p[1] && !(keyword && !*keyword)) {
m_free(p);
display_online_help( keyword );
}

145
g10/tdbio.c
View File

@ -69,8 +69,8 @@ struct cmp_krec_fpr_struct {
int fprlen;
};
/* a type used to pass infomation to cmp_sdir */
struct cmp_sdir_struct {
/* a type used to pass infomation to cmp_[s]dir */
struct cmp_xdir_struct {
int pubkey_algo;
u32 keyid[2];
};
@ -852,8 +852,9 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum )
return rc; /* ready */
}
else {
log_error( "hashtbl %lu points to an invalid record\n",
item);
log_error( "hashtbl %lu: %lu/%d points to an invalid record %lu\n",
table, hashrec, (msb % ITEMS_PER_HTBL_RECORD), item);
list_trustdb(NULL);
return G10ERR_TRUSTDB;
}
}
@ -862,6 +863,92 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum )
}
/****************
* Drop an entry from a hashtable
* table gives the start of the table, key and keylen is the key,
*/
static int
drop_from_hashtable( ulong table, byte *key, int keylen, ulong recnum )
{
TRUSTREC rec;
ulong hashrec, item;
int msb;
int level=0;
int rc, i;
hashrec = table;
next_level:
msb = key[level];
hashrec += msb / ITEMS_PER_HTBL_RECORD;
rc = tdbio_read_record( hashrec, &rec, RECTYPE_HTBL );
if( rc ) {
log_error( db_name, "drop_from_hashtable: read failed: %s\n",
g10_errstr(rc) );
return rc;
}
item = rec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD];
if( !item ) /* not found - forget about it */
return 0;
if( item == recnum ) { /* tables points direct to the record */
rec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD] = 0;
rc = tdbio_write_record( &rec );
if( rc )
log_error( db_name, "drop_from_hashtable: write htbl failed: %s\n",
g10_errstr(rc) );
return rc;
}
rc = tdbio_read_record( item, &rec, 0 );
if( rc ) {
log_error( "drop_from_hashtable: read item failed: %s\n",
g10_errstr(rc) );
return rc;
}
if( rec.rectype == RECTYPE_HTBL ) {
hashrec = item;
level++;
if( level >= keylen ) {
log_error( "hashtable has invalid indirections.\n");
return G10ERR_TRUSTDB;
}
goto next_level;
}
if( rec.rectype == RECTYPE_HLST ) {
for(;;) {
for(i=0; i < ITEMS_PER_HLST_RECORD; i++ ) {
if( rec.r.hlst.rnum[i] == recnum ) {
rec.r.hlst.rnum[i] = 0; /* drop */
rc = tdbio_write_record( &rec );
if( rc )
log_error( db_name, "drop_from_hashtable: write htbl failed: %s\n",
g10_errstr(rc) );
return rc;
}
}
if( rec.r.hlst.next ) {
rc = tdbio_read_record( rec.r.hlst.next,
&rec, RECTYPE_HLST);
if( rc ) {
log_error( "scan keyhashtbl read hlst failed: %s\n",
g10_errstr(rc) );
return rc;
}
}
else
return 0; /* key not in table */
}
}
log_error( "hashtbl %lu: %lu/%d points to wrong record %lu\n",
table, hashrec, (msb % ITEMS_PER_HTBL_RECORD), item);
return G10ERR_TRUSTDB;
}
/****************
* Lookup a record via the hashtable tablewith key/keylen and return the
@ -973,6 +1060,30 @@ update_sdirhashtbl( TRUSTREC *sr )
return upd_hashtable( get_sdirhashrec(), key, 8, sr->recnum );
}
/****************
* Drop the records from the key-hashtbl
*/
static int
drop_from_keyhashtbl( TRUSTREC *kr )
{
return drop_from_hashtable( get_keyhashrec(),
kr->r.key.fingerprint,
kr->r.key.fingerprint_len, kr->recnum );
}
/****************
* Drop record drom the shadow dir hashtbl
*/
static int
drop_from_sdirhashtbl( TRUSTREC *sr )
{
byte key[8];
u32tobuf( key , sr->r.sdir.keyid[0] );
u32tobuf( key+4 , sr->r.sdir.keyid[1] );
return drop_from_hashtable( get_sdirhashrec(), key, 8, sr->recnum );
}
@ -1009,6 +1120,8 @@ tdbio_dump_record( TRUSTREC *rec, FILE *fp )
if( rec->r.dir.valcheck )
fprintf( fp, ", v=%02x/%s", rec->r.dir.validity,
strtimestamp(rec->r.dir.valcheck) );
if( rec->r.dir.checkat )
fprintf( fp, ", a=%s", strtimestamp(rec->r.dir.checkat) );
if( rec->r.dir.dirflags & DIRF_CHECKED ) {
if( rec->r.dir.dirflags & DIRF_VALID )
fputs(", valid", fp );
@ -1071,7 +1184,8 @@ tdbio_dump_record( TRUSTREC *rec, FILE *fp )
fprintf(fp, " %lu:", rec->r.sig.sig[i].lid );
if( rec->r.sig.sig[i].flag & SIGF_CHECKED ) {
fprintf(fp,"%c%c%c",
(rec->r.sig.sig[i].flag & SIGF_VALID) ? 'V':'-',
(rec->r.sig.sig[i].flag & SIGF_VALID) ? 'V':
(rec->r.sig.sig[i].flag & SIGF_IGNORED) ? 'I':'-',
(rec->r.sig.sig[i].flag & SIGF_EXPIRED) ? 'E':'-',
(rec->r.sig.sig[i].flag & SIGF_REVOKED) ? 'R':'-');
}
@ -1196,6 +1310,7 @@ tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected )
rec->r.dir.dirflags = *p++;
rec->r.dir.validity = *p++;
rec->r.dir.valcheck = buftoulong(p); p += 4;
rec->r.dir.checkat = buftoulong(p); p += 4;
switch( rec->r.dir.validity ) {
case 0:
case TRUST_UNDEFINED:
@ -1346,6 +1461,7 @@ tdbio_write_record( TRUSTREC *rec )
*p++ = rec->r.dir.dirflags;
*p++ = rec->r.dir.validity;
ulongtobuf(p, rec->r.dir.valcheck); p += 4;
ulongtobuf(p, rec->r.dir.checkat); p += 4;
assert( rec->r.dir.lid == recnum );
break;
@ -1419,7 +1535,7 @@ tdbio_write_record( TRUSTREC *rec )
rc = put_record_into_cache( recnum, buf );
if( rc )
;
if( rec->rectype == RECTYPE_KEY )
else if( rec->rectype == RECTYPE_KEY )
rc = update_keyhashtbl( rec );
else if( rec->rectype == RECTYPE_SDIR )
rc = update_sdirhashtbl( rec );
@ -1433,6 +1549,19 @@ tdbio_delete_record( ulong recnum )
TRUSTREC vr, rec;
int rc;
/* Must read the record fist, so we can drop it from the hash tables */
rc = tdbio_read_record( recnum, &rec, 0 );
if( rc )
;
else if( rec.rectype == RECTYPE_KEY )
rc = drop_from_keyhashtbl( &rec );
else if( rec.rectype == RECTYPE_SDIR )
rc = drop_from_sdirhashtbl( &rec );
if( rc )
return rc;
/* now we can chnage it to a free record */
rc = tdbio_read_record( 0, &vr, RECTYPE_VER );
if( rc )
log_fatal( _("%s: error reading version record: %s\n"),
@ -1595,7 +1724,7 @@ tdbio_search_dir_byfpr( const byte *fingerprint, size_t fingerlen,
static int
cmp_sdir( void *dataptr, const TRUSTREC *rec )
{
const struct cmp_sdir_struct *d = dataptr;
const struct cmp_xdir_struct *d = dataptr;
return rec->rectype == RECTYPE_SDIR
&& ( !d->pubkey_algo || rec->r.sdir.pubkey_algo == d->pubkey_algo )
@ -1607,7 +1736,7 @@ cmp_sdir( void *dataptr, const TRUSTREC *rec )
int
tdbio_search_sdir( u32 *keyid, int pubkey_algo, TRUSTREC *rec )
{
struct cmp_sdir_struct cmpdata;
struct cmp_xdir_struct cmpdata;
int rc;
byte key[8];

7
g10/tdbio.h
View File

@ -66,6 +66,7 @@
#define SIGF_VALID 2 /* the signature is valid */
#define SIGF_EXPIRED 4 /* the key of this signature has expired */
#define SIGF_REVOKED 8 /* this signature has been revoked */
#define SIGF_IGNORED 64 /* this signature is ignored by the system */
#define SIGF_NOPUBKEY 128 /* there is no pubkey for this sig */
struct trust_record {
@ -97,8 +98,9 @@ struct trust_record {
ulong cacherec; /* the cache record */
byte ownertrust;
byte dirflags;
byte validity; /* calculated trustlevel over all uids */
ulong valcheck; /* timestamp of last validation check */
byte validity; /* calculated trustlevel over all uids */
ulong valcheck; /* timestamp of last validation check */
ulong checkat; /* Check key when this time has been reached*/
} dir;
struct { /* primary public key record */
ulong lid;
@ -187,6 +189,7 @@ ulong tdbio_new_recnum(void);
int tdbio_search_dir_bypk( PKT_public_key *pk, TRUSTREC *rec );
int tdbio_search_dir_byfpr( const byte *fingerprint, size_t fingerlen,
int pubkey_algo, TRUSTREC *rec );
int tdbio_search_dir( u32 *keyid, int pubkey_algo, TRUSTREC *rec );
int tdbio_search_sdir( u32 *keyid, int pubkey_algo, TRUSTREC *rec );
void tdbio_invalid(void);

1742
g10/trustdb.c
View File

File diff suppressed because it is too large Load Diff

1
g10/trustdb.h
View File

@ -34,6 +34,7 @@
/* trust values not covered by the mask */
#define TRUST_FLAG_REVOKED 32 /* r: revoked */
#define TRUST_FLAG_SUB_REVOKED 64
#define TRUST_FLAG_DISABLED 128 /* d: key/uid disabled */
#define PREFTYPE_SYM 1

5
include/ChangeLog
View File

@ -1,3 +1,8 @@
Tue Jun 29 21:44:25 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* util.h (stricmp): Use strcasecmp as replacement.
Sat Jun 26 12:15:59 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>

6
include/util.h
View File

@ -175,8 +175,6 @@ char *native_to_utf8( const char *string );
char *utf8_to_native( const char *string );
int check_utf8_string( const char *string );
#define stricmp(a,b) strcasecmp((a),(b))
#ifndef HAVE_MEMICMP
int memicmp( const char *a, const char *b, size_t n );
#endif
@ -192,7 +190,9 @@ char *strlwr(char *a);
#ifndef HAVE_MEMMOVE
#define memmove(d, s, n) bcopy((s), (d), (n))
#endif
#ifndef HAVE_STRICMP
#define stricmp(a,b) strcasecmp( (a), (b) )
#endif
/**** other missing stuff ****/
#ifndef HAVE_ATEXIT /* For SunOS */

1
mpi/mpi-mul.c
View File

@ -189,6 +189,7 @@ mpi_mul( MPI w, MPI u, MPI v)
}
void
mpi_mulm( MPI w, MPI u, MPI v, MPI m)
{

6
po/ChangeLog
View File

@ -1,6 +1,10 @@
Sat Jun 26 12:15:59 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
Tue Jun 29 21:44:25 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* it.po: Updated (Marco).
Sat Jun 26 12:15:59 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* pt_BR.po: Updated (Thiago).
Thu Jun 10 14:18:23 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>

124
po/it.po
View File

@ -6,7 +6,7 @@ msgid ""
msgstr ""
"Project-Id-Version: gnupg-0.9.7\n"
"POT-Creation-Date: 1999-06-26 11:22+0200\n"
"PO-Revision-Date: 1999-05-15 18:09+02:00\n"
"PO-Revision-Date: 1999-06-28 19:49+02:00\n"
"Last-Translator: Marco d'Itri <md@linux.it>\n"
"Language-Team: Italian <it@li.org>\n"
"MIME-Version: 1.0\n"
@ -38,9 +38,8 @@ msgid "quit"
msgstr "quit"
#: util/miscutil.c:176
#, fuzzy
msgid "qQ"
msgstr "q"
msgstr "qQ"
#: util/errors.c:54
msgid "general error"
@ -448,7 +447,7 @@ msgstr "meno prolisso"
#: g10/g10.c:234
msgid "don't use the terminal at all"
msgstr ""
msgstr "non usa per niente il terminale"
#: g10/g10.c:235
msgid "force v3 signatures"
@ -533,7 +532,7 @@ msgstr "emula il modo descritto in RFC 1991"
#: g10/g10.c:258
msgid "set all packet, cipher and digest options to OpenPGP behavior"
msgstr ""
msgstr "imposta per OpenPGP le opzioni di pacchetto, cifrario e digest"
#: g10/g10.c:259
msgid "|N|use passphrase mode N"
@ -565,7 +564,7 @@ msgstr "elimina il campo keyid dei pacchetti cifrati"
#: g10/g10.c:268
msgid "|NAME=VALUE|use this notation data"
msgstr ""
msgstr "|NOME=VALORE|usa questi dati per una nota"
#: g10/g10.c:270
msgid ""
@ -651,7 +650,7 @@ msgstr "l'algoritmo di digest selezionato non
#: g10/g10.c:849
msgid "the given policy URL is invalid\n"
msgstr ""
msgstr "L'URL della policy indicato non è valido\n"
#: g10/g10.c:852
#, c-format
@ -764,20 +763,24 @@ msgstr "impossibile aprire `%s'\n"
msgid ""
"the first character of a notation name must be a letter or an underscore\n"
msgstr ""
"il primo carattere del nome di una nota deve essere una lettera o un\n"
"underscore\n"
#: g10/g10.c:1463
msgid ""
"a notation name must have only letters, digits, dots or underscores and end "
"with an '='\n"
msgstr ""
"il nome di una nota deve essere formato solo da lettere, numeri, punti o\n"
"underscore e deve finire con `='\n"
#: g10/g10.c:1469
msgid "dots in a notation name must be surrounded by other characters\n"
msgstr ""
msgstr "nel nome di una nota i punti devono avere altri caratteri intorno\n"
#: g10/g10.c:1477
msgid "a notation value must not use any control characters\n"
msgstr ""
msgstr "il valore di una nota non deve usare caratteri di controllo\n"
#: g10/armor.c:296
#, c-format
@ -1052,9 +1055,9 @@ msgid "%s: skipped: %s\n"
msgstr "%s: saltata: %s\n"
#: g10/pkclist.c:588 g10/pkclist.c:687
#, fuzzy, c-format
#, c-format
msgid "%s: skipped: public key already present\n"
msgstr "%s: il keyblock ha problemi di lettura: %s\n"
msgstr "%s: saltato: chiave pubblica già presente\n"
#: g10/pkclist.c:611
msgid ""
@ -1356,7 +1359,6 @@ msgid "DSA keypair will have 1024 bits.\n"
msgstr "La coppia DSA avrà 1024 bit.\n"
#: g10/keygen.c:859
#, fuzzy
msgid "Key generation canceled.\n"
msgstr "Generazione della chiave annullata.\n"
@ -1467,7 +1469,7 @@ msgid "using secondary key %08lX instead of primary key %08lX\n"
msgstr "uso la chiave secondaria %08lX invece della chiave primaria %08lX\n"
#: g10/import.c:116
#, fuzzy, c-format
#, c-format
msgid "can't open `%s': %s\n"
msgstr "impossibile aprire `%s': %s\n"
@ -1482,9 +1484,9 @@ msgid "%lu keys so far processed\n"
msgstr "Per ora sono state esaminate %lu chiavi\n"
#: g10/import.c:172
#, fuzzy, c-format
#, c-format
msgid "error reading `%s': %s\n"
msgstr "errore nella creazione della passhprase: %s\n"
msgstr "errore leggendo `%s': %s\n"
#: g10/import.c:175
#, c-format
@ -1570,14 +1572,14 @@ msgid "writing to `%s'\n"
msgstr "scrittura in `%s'\n"
#: g10/import.c:379 g10/import.c:435 g10/import.c:544 g10/import.c:645
#, fuzzy, c-format
#, c-format
msgid "can't lock keyring `%s': %s\n"
msgstr "impossibile bloccare il portachiavi pubblico: %s\n"
msgstr "impossibile fare il lock del portachiavi `%s': %s\n"
#: g10/import.c:382 g10/import.c:438 g10/import.c:547 g10/import.c:648
#, fuzzy, c-format
#, c-format
msgid "error writing keyring `%s': %s\n"
msgstr "%s: errore durante la scrittura del record di versione: %s\n"
msgstr "errore scrivendo il portachiavi `%s': %s\n"
#: g10/import.c:387
#, c-format
@ -1724,7 +1726,7 @@ msgstr "chiave %08lX: certificato di revoca non valido: %s - saltato\n"
#: g10/import.c:915
#, c-format
msgid "key %08lX: duplicated user ID detected - merged\n"
msgstr ""
msgstr "chiave %08lX: trovato un user ID duplicato - unito\n"
#: g10/import.c:966
#, c-format
@ -1988,14 +1990,12 @@ msgid "delete a secondary key"
msgstr "cancella una chiave secondaria"
#: g10/keyedit.c:579
#, fuzzy
msgid "delsig"
msgstr "lsign"
msgstr "delsign"
#: g10/keyedit.c:579
#, fuzzy
msgid "delete signatures"
msgstr "elenca le firme"
msgstr "cancella le firme"
#: g10/keyedit.c:580
msgid "expire"
@ -2152,35 +2152,33 @@ msgstr "Comando non valido (prova \"help\")\n"
#: g10/keyedit.c:1294
msgid "Delete this good signature? (y/N/q)"
msgstr ""
msgstr "Cancellare questa firma corretta? (s/N/q)"
#: g10/keyedit.c:1298
msgid "Delete this invalid signature? (y/N/q)"
msgstr ""
msgstr "Cancellare questa firma non valida? (s/N/q)"
#: g10/keyedit.c:1302
msgid "Delete this unknown signature? (y/N/q)"
msgstr ""
msgstr "Cancellare questa firma sconosciuta? (s/N/q)"
#: g10/keyedit.c:1308
#, fuzzy
msgid "Really delete this self-signature? (y/N)"
msgstr "Creare davvero i certificati di revoca? (s/N)"
msgstr "Cancellare davvero questa autofirma? (s/N)"
#: g10/keyedit.c:1322
#, fuzzy, c-format
#, c-format
msgid "Deleted %d signature.\n"
msgstr "%d firme non corrette\n"
msgstr "Cancellata %d firma.\n"
#: g10/keyedit.c:1323
#, fuzzy, c-format
#, c-format
msgid "Deleted %d signatures.\n"
msgstr "%d firme non corrette\n"
msgstr "Cancellate %d firme.\n"
#: g10/keyedit.c:1326
#, fuzzy
msgid "Nothing deleted.\n"
msgstr "ATTENZIONE: non è stato esportato nulla\n"
msgstr "Non è stato cancellato nulla.\n"
#: g10/keyedit.c:1395
msgid "Please remove selections from the secret keys.\n"
@ -2191,14 +2189,12 @@ msgid "Please select at most one secondary key.\n"
msgstr "Seleziona al massimo una chiave secondaria.\n"
#: g10/keyedit.c:1405
#, fuzzy
msgid "Changing expiration time for a secondary key.\n"
msgstr "Modifico il tempo di scadenza per una chiave secondaria.\n"
msgstr "Cambio la data di scadenza per una chiave secondaria.\n"
#: g10/keyedit.c:1407
#, fuzzy
msgid "Changing expiration time for the primary key.\n"
msgstr "Modifico il tempo di scadenza per la chiave primaria.\n"
msgstr "Cambio la data di scadenza per la chiave primaria.\n"
#: g10/keyedit.c:1448
msgid "You can't change the expiration date of a v3 key\n"
@ -2285,17 +2281,16 @@ msgid "original file name='%.*s'\n"
msgstr "nome del file originale='%.*s'\n"
#: g10/mainproc.c:505 g10/mainproc.c:514
#, fuzzy
msgid "WARNING: invalid notation data found\n"
msgstr "Non sono stati trovati dati OpenPGP validi.\n"
msgstr "ATTENZIONE: trovati dati di una nota non validi\n"
#: g10/mainproc.c:517
msgid "Notation: "
msgstr ""
msgstr "Nota: "
#: g10/mainproc.c:524
msgid "Policy: "
msgstr ""
msgstr "Policy: "
#: g10/mainproc.c:929
msgid "signature verification suppressed\n"
@ -2638,9 +2633,8 @@ msgid "%s: failed to append a record: %s\n"
msgstr "%s: accodatura a un record fallita: %s\n"
#: g10/tdbio.c:1630
#, fuzzy
msgid "the trustdb is corrupted; please run \"gpg --fix-trustdb\".\n"
msgstr "Il trustdb è danneggiato; eseguire \"gpgm --fix-trust-db\".\n"
msgstr "Il trustdb è danneggiato; eseguire \"gpg --fix-trust-db\".\n"
#: g10/trustdb.c:163
#, c-format
@ -3099,7 +3093,7 @@ msgstr "Sovrascrivo (s/N)? "
#: g10/openfile.c:97
#, c-format
msgid "%s: unknown suffix\n"
msgstr ""
msgstr "%s: suffisso sconosciuto\n"
#: g10/openfile.c:122
msgid "writing to stdout\n"
@ -3241,23 +3235,20 @@ msgid "keyedit.remove.subkey.okay"
msgstr "keyedit.remove.subkey.okay"
#: g10/helptext.c:176
#, fuzzy
msgid "keyedit.delsig.valid"
msgstr "keyedit.sign_all.okay"
msgstr "keyedit.delsig.valid"
#: g10/helptext.c:181
#, fuzzy
msgid "keyedit.delsig.unknown"
msgstr "keyedit.sign_all.okay"
msgstr "keyedit.delsig.unknown"
#: g10/helptext.c:187
#, fuzzy
msgid "keyedit.delsig.invalid"
msgstr "keyedit.sign_all.okay"
msgstr "keyedit.delsig.invalid"
#: g10/helptext.c:191
msgid "keyedit.delsig.selfsig"
msgstr ""
msgstr "keyedit.delsig.selfsig<"
#: g10/helptext.c:200
msgid "passphrase.enter"
@ -3283,30 +3274,3 @@ msgstr "Non
#, c-format
msgid "No help available for `%s'"
msgstr "Non è disponibile un aiuto per `%s'"
#~ msgid "can't open file: %s\n"
#~ msgstr "impossibile aprire il file: %s\n"
#~ msgid "read error: %s\n"
#~ msgstr "errore di lettura: %s\n"
#~ msgid "can't write to keyring: %s\n"
#~ msgstr "impossibile scrivere sul portachiavi pubblico: %s\n"
#~ msgid "writing keyblock\n"
#~ msgstr "scrittura del keyblock\n"
#~ msgid "can't write keyblock: %s\n"
#~ msgstr "impossibile aprire il keyblock: %s\n"
#~ msgid "can't lock secret keyring: %s\n"
#~ msgstr "impossibile bloccare il portachiavi segreto: %s\n"
#~ msgid "can't write keyring: %s\n"
#~ msgstr "impossibile scrivere il portachiavi: %s\n"
#~ msgid "encrypted message is valid\n"
#~ msgstr "il messaggio cifrato è valido\n"
#~ msgid "Can't check MDC: %s\n"
#~ msgstr "Impossibile controllare il MDC: %s\n"

5
util/ChangeLog
View File

@ -1,3 +1,8 @@
Tue Jun 29 21:44:25 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* secmem.c (USE_CAPABILITIES): Capabilities support (Remi).
Sat Jun 26 12:15:59 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>

30
util/secmem.c
View File

@ -29,6 +29,9 @@
#include <sys/mman.h>
#include <sys/types.h>
#include <fcntl.h>
#ifdef USE_CAPABILITIES
#include <sys/capability.h>
#endif
#endif
#include "types.h"
@ -80,7 +83,26 @@ print_warn(void)
static void
lock_pool( void *p, size_t n )
{
#ifdef HAVE_MLOCK
#if defined(USE_CAPABILITIES) && defined(HAVE_MLOCK)
int err;
cap_set_proc( cap_from_text("cap_ipc_lock+ep") );
err = mlock( p, n );
if( err && errno )
err = errno;
cap_set_proc( cap_from_text("cap_ipc_lock+p") );
if( err ) {
if( errno != EPERM
#ifdef EAGAIN /* OpenBSD returns this */
&& errno != EAGAIN
#endif
)
log_error("can´t lock memory: %s\n", strerror(err));
show_warning = 1;
}
#elif defined(HAVE_MLOCK)
uid_t uid;
int err;
@ -216,7 +238,11 @@ void
secmem_init( size_t n )
{
if( !n ) {
#ifndef HAVE_DOSISH_SYSTEM
#ifdef USE_CAPABILITIES
/* drop all capabilities */
cap_set_proc( cap_from_text("all-eip") );
#elif !defined(HAVE_DOSISH_SYSTEM)
uid_t uid;
disable_secmem=1;