security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

Merge branch 'STABLE-BRANCH-2-2' into master 

--

Resolved Conflicts:
	NEWS  - removed
	configure.ac - removed

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2018-05-13 13:29:40 +02:00
parent 1793f2c46a 1ced88edf4
commit 7b7576637d
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
73 changed files with 3270 additions and 3583 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
Makefile.am
View File

@ -18,10 +18,21 @@
## Process this file with automake to produce Makefile.in ## Process this file with automake to produce Makefile.in
# Location of the released tarball archives. Note that this is an
# internal archive and before uploading this to the public server,
# manual tests should be run and the git release tat set and pushed.
# Adjust as needed.
RELEASE_ARCHIVE_DIR = wk@vigenere:tarballs/gnupg/v2.2
# The key used to sign the released sources. Adjust as needed.
RELEASE_SIGNING_KEY = D8692123C4065DEA5E0F3AB5249B39D24F25E3B6
# Autoconf flags.
ACLOCAL_AMFLAGS = -I m4 ACLOCAL_AMFLAGS = -I m4
AM_DISTCHECK_CONFIGURE_FLAGS = --enable-gnupg-builddir-envvar \ AM_DISTCHECK_CONFIGURE_FLAGS = --enable-gnupg-builddir-envvar \
--enable-all-tests --enable-symcryptrun --enable-g13 \ --enable-all-tests --enable-symcryptrun --enable-g13 \
--enable-gpg2-is-gpg --enable-gpgtar --enable-wks-tools --disable-ntbtls --enable-gpgtar --enable-wks-tools --disable-ntbtls
GITLOG_TO_CHANGELOG=gitlog-to-changelog GITLOG_TO_CHANGELOG=gitlog-to-changelog
@ -151,8 +162,68 @@ TESTS_ENVIRONMENT = \
objdir=$(abs_top_builddir) \ objdir=$(abs_top_builddir) \
GPGSCM_PATH=$(abs_top_srcdir)/tests/gpgscm GPGSCM_PATH=$(abs_top_srcdir)/tests/gpgscm
.PHONY: check-all .PHONY: check-all release sign-release
check-all: check-all:
$(TESTS_ENVIRONMENT) \ $(TESTS_ENVIRONMENT) \
$(abs_top_builddir)/tests/gpgscm/gpgscm \ $(abs_top_builddir)/tests/gpgscm/gpgscm \
$(abs_srcdir)/tests/run-tests.scm $(TESTFLAGS) $(TESTS) $(abs_srcdir)/tests/run-tests.scm $(TESTFLAGS) $(TESTS)
# Names of to help the release target.
RELEASE_NAME = $(PACKAGE_TARNAME)-$(PACKAGE_VERSION)
RELEASE_W32_STEM_NAME = $(PACKAGE_TARNAME)-w32-$(PACKAGE_VERSION)
release:
+(set -e;\
if [ "$(abs_top_builddir)" = "$(abs_top_srcdir)" ]; then \
echo "error: build directory must not be the source directory" >&2;\
exit 2;\
fi ;\
echo "/* Build started at $$(date -uIseconds) */" ;\
cd $(top_srcdir); \
./autogen.sh --force; \
cd $(abs_top_builddir); \
rm -rf dist; mkdir dist ; cd dist ; \
$(abs_top_srcdir)/configure --enable-maintainer-mode; \
$(MAKE) distcheck TESTFLAGS=--parallel; \
$(TAR) xjf $(RELEASE_NAME).tar.bz2 ;\
$(MAKE) -f $(RELEASE_NAME)/build-aux/speedo.mk w32-release ;\
echo "/* Build finished at $$(date -uIseconds) */" ;\
echo "/*" ;\
echo " * Please run the final step interactivly:" ;\
echo " * make sign-release" ;\
echo " */" ;\
) 2>&1 | tee "$(RELEASE_NAME).buildlog"
sign-release:
+(set -e; \
cd dist; \
release_w32_name="$(RELEASE_W32_STEM_NAME)_$$(date -u +%Y%m%d)" ;\
files1="$(RELEASE_NAME).tar.bz2 \
$${release_w32_name}.tar.xz \
$${release_w32_name}.exe" ;\
files2="$(RELEASE_NAME).tar.bz2.sig \
$(RELEASE_NAME).swdb \
$(RELEASE_NAME).buildlog \
$${release_w32_name}.tar.xz.sig \
$${release_w32_name}.exe.sig \
$${release_w32_name}.exe.swdb" ;\
$(MAKE) -f $(RELEASE_NAME)/build-aux/speedo.mk w32-sign-installer ;\
echo "/* Signing the source tarball ..." ;\
gpg -sbu $(RELEASE_SIGNING_KEY) $(RELEASE_NAME).tar.bz2 ;\
echo "/* Signing the W32 source tarball ..." ;\
gpg -sbu $(RELEASE_SIGNING_KEY) $${release_w32_name}.tar.xz ;\
echo "/* Signing the W32 installer ..." ;\
gpg -sbu $(RELEASE_SIGNING_KEY) $${release_w32_name}.exe ;\
cat $(RELEASE_NAME).swdb >swdb.snippet;\
echo '#+macro: gnupg22_branch STABLE-BRANCH-2-2' >>swdb.snippet;\
cat $${release_w32_name}.exe.swdb >>swdb.snippet;\
echo >>swdb.snippet ;\
sha1sum $${files1} >>swdb.snippet ;\
cat "../$(RELEASE_NAME).buildlog" swdb.snippet \
| gzip >$(RELEASE_NAME).buildlog ;\
echo "Release created - copying it to the local archive ..." ;\
scp -p $${files1} $${files2} $(RELEASE_ARCHIVE_DIR)/ || true;\
echo '/*' ;\
echo ' * All done; for checksums see dist/swdb.snippet' ;\
echo ' */' ;\
)

18
agent/command.c
View File

@ -2825,6 +2825,7 @@ static const char hlp_getinfo[] =
" std_env_names - List the names of the standard environment.\n" " std_env_names - List the names of the standard environment.\n"
" std_session_env - List the standard session environment.\n" " std_session_env - List the standard session environment.\n"
" std_startup_env - List the standard startup environment.\n" " std_startup_env - List the standard startup environment.\n"
" getenv NAME - Return value of envvar NAME.\n"
" connections - Return number of active connections.\n" " connections - Return number of active connections.\n"
" jent_active - Returns OK if Libgcrypt's JENT is active.\n" " jent_active - Returns OK if Libgcrypt's JENT is active.\n"
" restricted - Returns OK if the connection is in restricted mode.\n" " restricted - Returns OK if the connection is in restricted mode.\n"
@ -2961,6 +2962,23 @@ cmd_getinfo (assuan_context_t ctx, char *line)
} }
} }
} }
else if (!strncmp (line, "getenv", 6)
&& (line[6] == ' ' || line[6] == '\t' || !line[6]))
{
line += 6;
while (*line == ' ' || *line == '\t')
line++;
if (!*line)
rc = gpg_error (GPG_ERR_MISSING_VALUE);
else
{
const char *s = getenv (line);
if (!s)
rc = set_error (GPG_ERR_NOT_FOUND, "No such envvar");
else
rc = assuan_send_data (ctx, s, strlen (s));
}
}
else if (!strcmp (line, "connections")) else if (!strcmp (line, "connections"))
{ {
char numbuf[20]; char numbuf[20];

4
build-aux/getswdb.sh
View File

@ -175,9 +175,9 @@ fi
# to help detect rollback attacks. # to help detect rollback attacks.
# #
if [ $skip_selfcheck = no ]; then if [ $skip_selfcheck = no ]; then
gnupg_ver=$(awk '$1=="gnupg21_ver" {print $2;exit}' swdb.lst) gnupg_ver=$(awk '$1=="gnupg22_ver" {print $2;exit}' swdb.lst)
if [ -z "$gnupg_ver" ]; then if [ -z "$gnupg_ver" ]; then
echo "GnuPG 2.1 version missing in swdb.lst!" >&2 echo "GnuPG 2.2 version missing in swdb.lst!" >&2
exit 1 exit 1
fi fi
gnupg_ver_num=$(echo "$gnupg_ver" | cvtver) gnupg_ver_num=$(echo "$gnupg_ver" | cvtver)

7
build-aux/speedo/w32/inst.nsi
View File

@ -625,6 +625,7 @@ Section "GnuPG" SEC_gnupg
File "bin/gpgconf.exe" File "bin/gpgconf.exe"
File "bin/gpg-connect-agent.exe" File "bin/gpg-connect-agent.exe"
File "bin/gpgtar.exe" File "bin/gpgtar.exe"
File "libexec/dirmngr_ldap.exe"
File "libexec/gpg-preset-passphrase.exe" File "libexec/gpg-preset-passphrase.exe"
File "libexec/gpg-wks-client.exe" File "libexec/gpg-wks-client.exe"
@ -743,6 +744,8 @@ Section "-libgpg-error" SEC_libgpg_error
File share/locale/de/LC_MESSAGES/libgpg-error.mo File share/locale/de/LC_MESSAGES/libgpg-error.mo
SetOutPath "$INSTDIR\share\locale\eo\LC_MESSAGES" SetOutPath "$INSTDIR\share\locale\eo\LC_MESSAGES"
File share/locale/eo/LC_MESSAGES/libgpg-error.mo File share/locale/eo/LC_MESSAGES/libgpg-error.mo
SetOutPath "$INSTDIR\share\locale\es\LC_MESSAGES"
File share/locale/es/LC_MESSAGES/libgpg-error.mo
SetOutPath "$INSTDIR\share\locale\fr\LC_MESSAGES" SetOutPath "$INSTDIR\share\locale\fr\LC_MESSAGES"
File share/locale/fr/LC_MESSAGES/libgpg-error.mo File share/locale/fr/LC_MESSAGES/libgpg-error.mo
SetOutPath "$INSTDIR\share\locale\hu\LC_MESSAGES" SetOutPath "$INSTDIR\share\locale\hu\LC_MESSAGES"
@ -1249,6 +1252,9 @@ Section "-un.libgpg-error"
Delete "$INSTDIR\share\locale\eo\LC_MESSAGES\libgpg-error.mo" Delete "$INSTDIR\share\locale\eo\LC_MESSAGES\libgpg-error.mo"
RMDir "$INSTDIR\share\locale\eo\LC_MESSAGES" RMDir "$INSTDIR\share\locale\eo\LC_MESSAGES"
RMDir "$INSTDIR\share\locale\eo" RMDir "$INSTDIR\share\locale\eo"
Delete "$INSTDIR\share\locale\es\LC_MESSAGES\libgpg-error.mo"
RMDir "$INSTDIR\share\locale\es\LC_MESSAGES"
RMDir "$INSTDIR\share\locale\es"
Delete "$INSTDIR\share\locale\fr\LC_MESSAGES\libgpg-error.mo" Delete "$INSTDIR\share\locale\fr\LC_MESSAGES\libgpg-error.mo"
RMDir "$INSTDIR\share\locale\fr\LC_MESSAGES" RMDir "$INSTDIR\share\locale\fr\LC_MESSAGES"
RMDir "$INSTDIR\share\locale\fr" RMDir "$INSTDIR\share\locale\fr"
@ -1307,6 +1313,7 @@ Section "-un.gnupg"
Delete "$INSTDIR\bin\gpgconf.exe" Delete "$INSTDIR\bin\gpgconf.exe"
Delete "$INSTDIR\bin\gpg-connect-agent.exe" Delete "$INSTDIR\bin\gpg-connect-agent.exe"
Delete "$INSTDIR\bin\gpgtar.exe" Delete "$INSTDIR\bin\gpgtar.exe"
Delete "$INSTDIR\bin\dirmngr_ldap.exe"
Delete "$INSTDIR\bin\gpg-preset-passphrase.exe" Delete "$INSTDIR\bin\gpg-preset-passphrase.exe"
Delete "$INSTDIR\bin\gpg-wks-client.exe" Delete "$INSTDIR\bin\gpg-wks-client.exe"

2
common/exechelp-w32.c
View File

@ -556,7 +556,7 @@ gnupg_spawn_process (const char *pgmname, const char *argv[],
memset (&si, 0, sizeof si); memset (&si, 0, sizeof si);
si.cb = sizeof (si); si.cb = sizeof (si);
si.dwFlags = STARTF_USESTDHANDLES | STARTF_USESHOWWINDOW; si.dwFlags = STARTF_USESTDHANDLES | STARTF_USESHOWWINDOW;
si.wShowWindow = DEBUG_W32_SPAWN? SW_SHOW : SW_MINIMIZE; si.wShowWindow = DEBUG_W32_SPAWN? SW_SHOW : SW_HIDE;
si.hStdInput = inpipe[0] == INVALID_HANDLE_VALUE? nullhd[0] : inpipe[0]; si.hStdInput = inpipe[0] == INVALID_HANDLE_VALUE? nullhd[0] : inpipe[0];
si.hStdOutput = outpipe[1] == INVALID_HANDLE_VALUE? nullhd[1] : outpipe[1]; si.hStdOutput = outpipe[1] == INVALID_HANDLE_VALUE? nullhd[1] : outpipe[1];
si.hStdError = errpipe[1] == INVALID_HANDLE_VALUE? nullhd[2] : errpipe[1]; si.hStdError = errpipe[1] == INVALID_HANDLE_VALUE? nullhd[2] : errpipe[1];

1
common/miscellaneous.c
View File

@ -401,6 +401,7 @@ is_file_compressed (const char *s, int *ret_rc)
*ret_rc = gpg_error_from_syserror (); *ret_rc = gpg_error_from_syserror ();
return 0; return 0;
} }
iobuf_ioctl (a, IOBUF_IOCTL_NO_CACHE, 1, NULL);
if ( iobuf_get_filelength( a, &overflow ) < 6 && !overflow) { if ( iobuf_get_filelength( a, &overflow ) < 6 && !overflow) {
*ret_rc = 0; *ret_rc = 0;

12
configure.ac
View File

@ -665,7 +665,6 @@ case "${host}" in
have_dosish_system=yes have_dosish_system=yes
have_w32_system=yes have_w32_system=yes
require_iconv=no require_iconv=no
use_ldapwrapper=no # Fixme: Do this only for CE.
require_pipe_to_unblock_pselect=no require_pipe_to_unblock_pselect=no
case "${host}" in case "${host}" in
*-mingw32ce*) *-mingw32ce*)
@ -976,6 +975,17 @@ else
*** we need the support of the New Portable Threads Library. *** we need the support of the New Portable Threads Library.
***]]) ***]])
fi fi
#
# Enable debugging of nPth
#
AC_ARG_ENABLE(npth-debug,
AC_HELP_STRING([--enable-npth-debug],
[build with debug version of npth]),
[if test $enableval = yes ; then
AC_DEFINE(NPTH_ENABLE_DEBUG,1,
[Build with debug version of nPth])
fi])
# #

5
dirmngr/certcache.c
View File

@ -423,6 +423,9 @@ load_certs_from_dir (const char *dirname, unsigned int trustclass)
log_info (_("certificate '%s' already cached\n"), fname); log_info (_("certificate '%s' already cached\n"), fname);
else if (!err) else if (!err)
{ {
if ((trustclass & CERTTRUST_CLASS_CONFIG))
http_register_cfg_ca (fname);
if (trustclass) if (trustclass)
log_info (_("trusted certificate '%s' loaded\n"), fname); log_info (_("trusted certificate '%s' loaded\n"), fname);
else else
@ -763,6 +766,8 @@ cert_cache_deinit (int full)
} }
} }
http_register_cfg_ca (NULL);
total_nonperm_certificates = 0; total_nonperm_certificates = 0;
any_cert_of_class = 0; any_cert_of_class = 0;
initialization_done = 0; initialization_done = 0;

7
dirmngr/crlcache.c
View File

@ -125,6 +125,9 @@
idea anyway to limit the number of opened cache files. */ idea anyway to limit the number of opened cache files. */
#define MAX_OPEN_DB_FILES 5 #define MAX_OPEN_DB_FILES 5
#ifndef O_BINARY
# define O_BINARY 0
#endif
static const char oidstr_crlNumber[] = "2.5.29.20"; static const char oidstr_crlNumber[] = "2.5.29.20";
/* static const char oidstr_issuingDistributionPoint[] = "2.5.29.28"; */ /* static const char oidstr_issuingDistributionPoint[] = "2.5.29.28"; */
@ -1139,7 +1142,7 @@ lock_db_file (crl_cache_t cache, crl_cache_entry_t entry)
xfree (fname); xfree (fname);
return NULL; return NULL;
} }
fd = open (fname, O_RDONLY); fd = open (fname, O_RDONLY | O_BINARY);
if (fd == -1) if (fd == -1)
{ {
log_error (_("error opening cache file '%s': %s\n"), log_error (_("error opening cache file '%s': %s\n"),
@ -2051,7 +2054,7 @@ crl_cache_insert (ctrl_t ctrl, const char *url, ksba_reader_t reader)
} }
} }
fd_cdb = open (fname, O_WRONLY | O_CREAT | O_TRUNC, 0644); fd_cdb = open (fname, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY, 0644);
if (fd_cdb == -1) if (fd_cdb == -1)
{ {
err = gpg_error_from_errno (errno); err = gpg_error_from_errno (errno);

159
dirmngr/crlfetch.c
View File

@ -28,6 +28,7 @@
#include "dirmngr.h" #include "dirmngr.h"
#include "misc.h" #include "misc.h"
#include "http.h" #include "http.h"
#include "ks-engine.h" /* For ks_http_fetch. */
#if USE_LDAP #if USE_LDAP
# include "ldap-wrapper.h" # include "ldap-wrapper.h"
@ -154,41 +155,17 @@ crl_fetch (ctrl_t ctrl, const char *url, ksba_reader_t *reader)
{ {
gpg_error_t err; gpg_error_t err;
parsed_uri_t uri; parsed_uri_t uri;
char *free_this = NULL; estream_t httpfp = NULL;
int redirects_left = 2; /* We allow for 2 redirect levels. */
*reader = NULL; *reader = NULL;
if (!url) if (!url)
return gpg_error (GPG_ERR_INV_ARG); return gpg_error (GPG_ERR_INV_ARG);
once_more:
err = http_parse_uri (&uri, url, 0); err = http_parse_uri (&uri, url, 0);
http_release_parsed_uri (uri); http_release_parsed_uri (uri);
if (err && !strncmp (url, "https:", 6))
{
/* FIXME: We now support https.
* Our HTTP code does not support TLS, thus we can't use this
* scheme and it is frankly not useful for CRL retrieval anyway.
* We resort to using http, assuming that the server also
* provides plain http access. */
free_this = xtrymalloc (strlen (url) + 1);
if (free_this)
{
strcpy (stpcpy (free_this,"http:"), url+6);
err = http_parse_uri (&uri, free_this, 0);
http_release_parsed_uri (uri);
if (!err)
{
log_info (_("using \"http\" instead of \"https\"\n"));
url = free_this;
}
}
}
if (!err) /* Yes, our HTTP code groks that. */ if (!err) /* Yes, our HTTP code groks that. */
{ {
http_t hd;
if (opt.disable_http) if (opt.disable_http)
{ {
log_error (_("CRL access not possible due to disabled %s\n"), log_error (_("CRL access not possible due to disabled %s\n"),
@ -196,97 +173,57 @@ crl_fetch (ctrl_t ctrl, const char *url, ksba_reader_t *reader)
err = gpg_error (GPG_ERR_NOT_SUPPORTED); err = gpg_error (GPG_ERR_NOT_SUPPORTED);
} }
else else
err = http_open_document (&hd, url, NULL,
((opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0)
|(DBG_LOOKUP? HTTP_FLAG_LOG_RESP:0)
|(dirmngr_use_tor()? HTTP_FLAG_FORCE_TOR:0)
|(opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4:0)
|(opt.disable_ipv6? HTTP_FLAG_IGNORE_IPv6:0)
),
ctrl->http_proxy, NULL, NULL, NULL);
switch ( err? 99999 : http_get_status_code (hd) )
{ {
case 200: /* Note that we also allow root certificates loaded from
{ * "/etc/gnupg/trusted-certs/". We also do not consult the
estream_t fp = http_get_read_ptr (hd); * CRL for the TLS connection - that may lead to a loop.
struct reader_cb_context_s *cb_ctx; * Due to cacert.org redirecting their https URL to http we
* also allow such a downgrade. */
err = ks_http_fetch (ctrl, url,
(KS_HTTP_FETCH_TRUST_CFG
| KS_HTTP_FETCH_NO_CRL
| KS_HTTP_FETCH_ALLOW_DOWNGRADE ),
&httpfp);
}
cb_ctx = xtrycalloc (1, sizeof *cb_ctx); if (err)
if (!cb_ctx) log_error (_("error retrieving '%s': %s\n"), url, gpg_strerror (err));
err = gpg_error_from_syserror (); else
if (!err) {
err = ksba_reader_new (reader); struct reader_cb_context_s *cb_ctx;
if (!err)
{
cb_ctx->fp = fp;
err = ksba_reader_set_cb (*reader, &my_es_read, cb_ctx);
}
if (err)
{
log_error (_("error initializing reader object: %s\n"),
gpg_strerror (err));
ksba_reader_release (*reader);
*reader = NULL;
http_close (hd, 0);
}
else
{
/* The ksba reader misses a user pointer thus we need
to come up with our own way of associating a file
pointer (or well the callback context) with the
reader. It is only required when closing the
reader thus there is no performance issue doing it
this way. FIXME: We now have a close notification
which might be used here. */
register_file_reader (*reader, cb_ctx);
http_close (hd, 1);
}
}
break;
case 301: /* Redirection (perm.). */ cb_ctx = xtrycalloc (1, sizeof *cb_ctx);
case 302: /* Redirection (temp.). */ if (!cb_ctx)
{ err = gpg_error_from_syserror ();
const char *s = http_get_header (hd, "Location"); else if (!(err = ksba_reader_new (reader)))
{
cb_ctx->fp = httpfp;
err = ksba_reader_set_cb (*reader, &my_es_read, cb_ctx);
if (!err)
{
/* The ksba reader misses a user pointer thus we
* need to come up with our own way of associating a
* file pointer (or well the callback context) with
* the reader. It is only required when closing the
* reader thus there is no performance issue doing
* it this way. FIXME: We now have a close
* notification which might be used here. */
register_file_reader (*reader, cb_ctx);
httpfp = NULL;
}
}
log_info (_("URL '%s' redirected to '%s' (%u)\n"), if (err)
url, s?s:"[none]", http_get_status_code (hd)); {
if (s && *s && redirects_left-- ) log_error (_("error initializing reader object: %s\n"),
{ gpg_strerror (err));
xfree (free_this); url = NULL; ksba_reader_release (*reader);
free_this = xtrystrdup (s); *reader = NULL;
if (!free_this) xfree (cb_ctx);
err = gpg_error_from_errno (errno); }
else
{
url = free_this;
http_close (hd, 0);
/* Note, that our implementation of redirection
actually handles a redirect to LDAP. */
goto once_more;
}
}
else
err = gpg_error (GPG_ERR_NO_DATA);
log_error (_("too many redirections\n")); /* Or no "Location". */
http_close (hd, 0);
}
break;
case 99999: /* Made up status code for error reporting. */
log_error (_("error retrieving '%s': %s\n"),
url, gpg_strerror (err));
break;
default:
log_error (_("error retrieving '%s': http status %u\n"),
url, http_get_status_code (hd));
err = gpg_error (GPG_ERR_NO_DATA);
http_close (hd, 0);
} }
} }
else /* Let the LDAP code try other schemes. */ else /* Let the LDAP code parse other schemes. */
{ {
if (opt.disable_ldap) if (opt.disable_ldap)
{ {
@ -310,7 +247,7 @@ crl_fetch (ctrl_t ctrl, const char *url, ksba_reader_t *reader)
} }
} }
xfree (free_this); es_fclose (httpfp);
return err; return err;
} }

3
dirmngr/dirmngr.c
View File

@ -2243,7 +2243,8 @@ handle_connections (assuan_fd_t listen_fd)
npth_timersub (&abstime, &curtime, &timeout); npth_timersub (&abstime, &curtime, &timeout);
#ifndef HAVE_W32_SYSTEM #ifndef HAVE_W32_SYSTEM
ret = npth_pselect (nfd+1, &read_fdset, NULL, NULL, &timeout, npth_sigev_sigmask()); ret = npth_pselect (nfd+1, &read_fdset, NULL, NULL, &timeout,
npth_sigev_sigmask());
saved_errno = errno; saved_errno = errno;
while (npth_sigev_get_pending(&signo)) while (npth_sigev_get_pending(&signo))

53
dirmngr/dirmngr_ldap.c
View File

@ -29,7 +29,6 @@
# include <signal.h> # include <signal.h>
#endif #endif
#include <errno.h> #include <errno.h>
#include <assert.h>
#include <sys/time.h> #include <sys/time.h>
#include <unistd.h> #include <unistd.h>
#ifndef USE_LDAPWRAPPER #ifndef USE_LDAPWRAPPER
@ -343,7 +342,7 @@ ldap_wrapper_main (char **argv, estream_t outstream)
usage (1); usage (1);
#else #else
/* All passed arguments should be fine in this case. */ /* All passed arguments should be fine in this case. */
assert (argc); log_assert (argc);
#endif #endif
#ifdef USE_LDAPWRAPPER #ifdef USE_LDAPWRAPPER
@ -382,16 +381,56 @@ catch_alarm (int dummy)
} }
#endif #endif
#ifdef HAVE_W32_SYSTEM
static DWORD CALLBACK
alarm_thread (void *arg)
{
HANDLE timer = arg;
WaitForSingleObject (timer, INFINITE);
_exit (10);
return 0;
}
#endif
static void static void
set_timeout (my_opt_t myopt) set_timeout (my_opt_t myopt)
{ {
#ifdef HAVE_W32_SYSTEM
/* FIXME for W32. */
(void)myopt;
#else
if (myopt->alarm_timeout) if (myopt->alarm_timeout)
alarm (myopt->alarm_timeout); {
#ifdef HAVE_W32_SYSTEM
static HANDLE timer;
LARGE_INTEGER due_time;
/* A negative value is a relative time. */
due_time.QuadPart = (unsigned long long)-10000000 * myopt->alarm_timeout;
if (!timer)
{
SECURITY_ATTRIBUTES sec_attr;
DWORD tid;
memset (&sec_attr, 0, sizeof sec_attr);
sec_attr.nLength = sizeof sec_attr;
sec_attr.bInheritHandle = FALSE;
/* Create a manual resetable timer. */
timer = CreateWaitableTimer (NULL, TRUE, NULL);
/* Intially set the timer. */
SetWaitableTimer (timer, &due_time, 0, NULL, NULL, 0);
if (CreateThread (&sec_attr, 0, alarm_thread, timer, 0, &tid))
log_error ("failed to create alarm thread\n");
}
else /* Retrigger the timer. */
SetWaitableTimer (timer, &due_time, 0, NULL, NULL, 0);
#else
alarm (myopt->alarm_timeout);
#endif #endif
}
} }

4
dirmngr/http-ntbtls.c
View File

@ -87,13 +87,15 @@ gnupg_http_tls_verify_cb (void *opaque,
} }
else /* Use the certificates as requested from the HTTP module. */ else /* Use the certificates as requested from the HTTP module. */
{ {
if ((http_flags & HTTP_FLAG_TRUST_CFG))
validate_flags |= VALIDATE_FLAG_TRUST_CONFIG;
if ((http_flags & HTTP_FLAG_TRUST_DEF)) if ((http_flags & HTTP_FLAG_TRUST_DEF))
validate_flags |= VALIDATE_FLAG_TRUST_HKP; validate_flags |= VALIDATE_FLAG_TRUST_HKP;
if ((http_flags & HTTP_FLAG_TRUST_SYS)) if ((http_flags & HTTP_FLAG_TRUST_SYS))
validate_flags |= VALIDATE_FLAG_TRUST_SYSTEM; validate_flags |= VALIDATE_FLAG_TRUST_SYSTEM;
/* If HKP trust is requested and there are no HKP certificates /* If HKP trust is requested and there are no HKP certificates
* configured, also try thye standard system certificates. */ * configured, also try the standard system certificates. */
if ((validate_flags & VALIDATE_FLAG_TRUST_HKP) if ((validate_flags & VALIDATE_FLAG_TRUST_HKP)
&& !cert_cache_any_in_class (CERTTRUST_CLASS_HKP)) && !cert_cache_any_in_class (CERTTRUST_CLASS_HKP))
validate_flags |= VALIDATE_FLAG_TRUST_SYSTEM; validate_flags |= VALIDATE_FLAG_TRUST_SYSTEM;

60
dirmngr/http.c
View File

@ -318,6 +318,9 @@ static gpg_error_t (*tls_callback) (http_t, http_session_t, int);
/* The list of files with trusted CA certificates. */ /* The list of files with trusted CA certificates. */
static strlist_t tls_ca_certlist; static strlist_t tls_ca_certlist;
/* The list of files with extra trusted CA certificates. */
static strlist_t cfg_ca_certlist;
/* The global callback for net activity. */ /* The global callback for net activity. */
static void (*netactivity_cb)(void); static void (*netactivity_cb)(void);
@ -596,6 +599,35 @@ http_register_tls_ca (const char *fname)
} }
/* Register a CA certificate for future use. The certificate is
* expected to be in FNAME. PEM format is assume if FNAME has a
* suffix of ".pem". If FNAME is NULL the list of CA files is
* removed. This is a variant of http_register_tls_ca which puts the
* certificate into a separate list enabled using HTTP_FLAG_TRUST_CFG. */
void
http_register_cfg_ca (const char *fname)
{
strlist_t sl;
if (!fname)
{
free_strlist (cfg_ca_certlist);
cfg_ca_certlist = NULL;
}
else
{
/* Warn if we can't access right now, but register it anyway in
case it becomes accessible later */
if (access (fname, F_OK))
log_info (_("can't access '%s': %s\n"), fname,
gpg_strerror (gpg_error_from_syserror()));
sl = add_to_strlist (&cfg_ca_certlist, fname);
if (*sl->d && !strcmp (sl->d + strlen (sl->d) - 4, ".pem"))
sl->flags = 1;
}
}
/* Register a callback which is called every time the HTTP mode has /* Register a callback which is called every time the HTTP mode has
* made a successful connection to some server. */ * made a successful connection to some server. */
void void
@ -680,6 +712,7 @@ http_session_release (http_session_t sess)
* Valid values for FLAGS are: * Valid values for FLAGS are:
* HTTP_FLAG_TRUST_DEF - Use the CAs set with http_register_tls_ca * HTTP_FLAG_TRUST_DEF - Use the CAs set with http_register_tls_ca
* HTTP_FLAG_TRUST_SYS - Also use the CAs defined by the system * HTTP_FLAG_TRUST_SYS - Also use the CAs defined by the system
* HTTP_FLAG_TRUST_CFG - Also use CAs set with http_register_cfg_ca
* HTTP_FLAG_NO_CRL - Do not consult CRLs for https. * HTTP_FLAG_NO_CRL - Do not consult CRLs for https.
*/ */
gpg_error_t gpg_error_t
@ -793,6 +826,21 @@ http_session_new (http_session_t *r_session,
#endif /* gnutls >= 3.0.20 */ #endif /* gnutls >= 3.0.20 */
} }
/* Add other configured certificates to the session. */
if ((flags & HTTP_FLAG_TRUST_CFG))
{
for (sl = cfg_ca_certlist; sl; sl = sl->next)
{
rc = gnutls_certificate_set_x509_trust_file
(sess->certcred, sl->d,
(sl->flags & 1)? GNUTLS_X509_FMT_PEM : GNUTLS_X509_FMT_DER);
if (rc < 0)
log_info ("setting extra CA from file '%s' failed: %s\n",
sl->d, gnutls_strerror (rc));
}
}
rc = gnutls_init (&sess->tls_session, GNUTLS_CLIENT); rc = gnutls_init (&sess->tls_session, GNUTLS_CLIENT);
if (rc < 0) if (rc < 0)
{ {
@ -1688,9 +1736,19 @@ send_request (http_t hd, const char *httphost, const char *auth,
#ifdef USE_TLS #ifdef USE_TLS
if (hd->uri->use_tls && !hd->session->tls_session) if (hd->uri->use_tls && !hd->session->tls_session)
{ {
log_error ("TLS requested but no GNUTLS context available\n"); log_error ("TLS requested but no TLS context available\n");
return gpg_err_make (default_errsource, GPG_ERR_INTERNAL); return gpg_err_make (default_errsource, GPG_ERR_INTERNAL);
} }
if (opt_debug)
log_debug ("Using TLS library: %s %s\n",
# if HTTP_USE_NTBTLS
"NTBTLS", ntbtls_check_version (NULL)
# elif HTTP_USE_GNUTLS
"GNUTLS", gnutls_check_version (NULL)
# else
"?", "?"
# endif /*HTTP_USE_*TLS*/
);
#endif /*USE_TLS*/ #endif /*USE_TLS*/
if ((hd->flags & HTTP_FLAG_FORCE_TOR)) if ((hd->flags & HTTP_FLAG_FORCE_TOR))

6
dirmngr/http.h
View File

@ -88,8 +88,9 @@ enum
HTTP_FLAG_IGNORE_IPv4 = 64, /* Do not use IPv4. */ HTTP_FLAG_IGNORE_IPv4 = 64, /* Do not use IPv4. */
HTTP_FLAG_IGNORE_IPv6 = 128, /* Do not use IPv6. */ HTTP_FLAG_IGNORE_IPv6 = 128, /* Do not use IPv6. */
HTTP_FLAG_TRUST_DEF = 256, /* Use the CAs configured for HKP. */ HTTP_FLAG_TRUST_DEF = 256, /* Use the CAs configured for HKP. */
HTTP_FLAG_TRUST_SYS = 512, /* Also use the system defined CAs. */ HTTP_FLAG_TRUST_SYS = 512, /* Also use the system defined CAs. */
HTTP_FLAG_NO_CRL = 1024 /* Do not consult CRLs for https. */ HTTP_FLAG_TRUST_CFG = 1024, /* Also use configured CAs. */
HTTP_FLAG_NO_CRL = 2048 /* Do not consult CRLs for https. */
}; };
@ -110,6 +111,7 @@ void http_set_verbose (int verbose, int debug);
void http_register_tls_callback (gpg_error_t (*cb)(http_t,http_session_t,int)); void http_register_tls_callback (gpg_error_t (*cb)(http_t,http_session_t,int));
void http_register_tls_ca (const char *fname); void http_register_tls_ca (const char *fname);
void http_register_cfg_ca (const char *fname);
void http_register_netactivity_cb (void (*cb)(void)); void http_register_netactivity_cb (void (*cb)(void));

6
dirmngr/ks-action.c
View File

@ -257,7 +257,9 @@ ks_action_get (ctrl_t ctrl, uri_item_t keyservers,
if (is_hkp_s) if (is_hkp_s)
err = ks_hkp_get (ctrl, uri->parsed_uri, sl->d, &infp); err = ks_hkp_get (ctrl, uri->parsed_uri, sl->d, &infp);
else if (is_http_s) else if (is_http_s)
err = ks_http_fetch (ctrl, uri->parsed_uri->original, &infp); err = ks_http_fetch (ctrl, uri->parsed_uri->original,
KS_HTTP_FETCH_NOCACHE,
&infp);
else else
BUG (); BUG ();
@ -314,7 +316,7 @@ ks_action_fetch (ctrl_t ctrl, const char *url, estream_t outfp)
if (parsed_uri->is_http) if (parsed_uri->is_http)
{ {
err = ks_http_fetch (ctrl, url, &infp); err = ks_http_fetch (ctrl, url, KS_HTTP_FETCH_NOCACHE, &infp);
if (!err) if (!err)
{ {
err = copy_stream (infp, outfp); err = copy_stream (infp, outfp);

6
dirmngr/ks-engine-hkp.c
View File

@ -55,7 +55,7 @@
/* Number of seconds after a host is marked as resurrected. */ /* Number of seconds after a host is marked as resurrected. */
#define RESURRECT_INTERVAL (3600*3) /* 3 hours */ #define RESURRECT_INTERVAL (3600+1800) /* 1.5 hours */
/* To match the behaviour of our old gpgkeys helper code we escape /* To match the behaviour of our old gpgkeys helper code we escape
more characters than actually needed. */ more characters than actually needed. */
@ -110,7 +110,7 @@ static hostinfo_t *hosttable;
static int hosttable_size; static int hosttable_size;
/* The number of host slots we initially allocate for HOSTTABLE. */ /* The number of host slots we initially allocate for HOSTTABLE. */
#define INITIAL_HOSTTABLE_SIZE 10 #define INITIAL_HOSTTABLE_SIZE 50
/* Create a new hostinfo object, fill in NAME and put it into /* Create a new hostinfo object, fill in NAME and put it into
@ -583,7 +583,7 @@ map_host (ctrl_t ctrl, const char *name, const char *srvtag, int force_reselect,
/* Deal with the pool name before selecting a host. */ /* Deal with the pool name before selecting a host. */
if (r_httphost) if (r_httphost)
{ {
*r_httphost = xtrystrdup (hi->cname? hi->cname : hi->name); *r_httphost = xtrystrdup (hi->name);
if (!*r_httphost) if (!*r_httphost)
return gpg_error_from_syserror (); return gpg_error_from_syserror ();
} }

41
dirmngr/ks-engine-http.c
View File

@ -62,12 +62,17 @@ ks_http_help (ctrl_t ctrl, parsed_uri_t uri)
/* Get the key from URL which is expected to specify a http style /* Get the key from URL which is expected to specify a http style
scheme. On success R_FP has an open stream to read the data. */ * scheme. On success R_FP has an open stream to read the data.
* Despite its name this function is also used to retrieve arbitrary
* data via https or http.
*/
gpg_error_t gpg_error_t
ks_http_fetch (ctrl_t ctrl, const char *url, estream_t *r_fp) ks_http_fetch (ctrl_t ctrl, const char *url, unsigned int flags,
estream_t *r_fp)
{ {
gpg_error_t err; gpg_error_t err;
http_session_t session = NULL; http_session_t session = NULL;
unsigned int session_flags;
http_t http = NULL; http_t http = NULL;
int redirects_left = MAX_REDIRECTS; int redirects_left = MAX_REDIRECTS;
estream_t fp = NULL; estream_t fp = NULL;
@ -81,12 +86,16 @@ ks_http_fetch (ctrl_t ctrl, const char *url, estream_t *r_fp)
is_onion = uri->onion; is_onion = uri->onion;
is_https = uri->use_tls; is_https = uri->use_tls;
once_more: /* By default we only use the system provided certificates with this
/* Note that we only use the system provided certificates with the
* fetch command. */ * fetch command. */
err = http_session_new (&session, NULL, session_flags = HTTP_FLAG_TRUST_SYS;
((ctrl->http_no_crl? HTTP_FLAG_NO_CRL : 0) if ((flags & KS_HTTP_FETCH_NO_CRL) || ctrl->http_no_crl)
| HTTP_FLAG_TRUST_SYS), session_flags |= HTTP_FLAG_NO_CRL;
if ((flags & KS_HTTP_FETCH_TRUST_CFG))
session_flags |= HTTP_FLAG_TRUST_CFG;
once_more:
err = http_session_new (&session, NULL, session_flags,
gnupg_http_tls_verify_cb, ctrl); gnupg_http_tls_verify_cb, ctrl);
if (err) if (err)
goto leave; goto leave;
@ -100,6 +109,7 @@ ks_http_fetch (ctrl_t ctrl, const char *url, estream_t *r_fp)
/* httphost */ NULL, /* httphost */ NULL,
/* fixme: AUTH */ NULL, /* fixme: AUTH */ NULL,
((opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0) ((opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0)
| (DBG_LOOKUP? HTTP_FLAG_LOG_RESP:0)
| (dirmngr_use_tor ()? HTTP_FLAG_FORCE_TOR:0) | (dirmngr_use_tor ()? HTTP_FLAG_FORCE_TOR:0)
| (opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0) | (opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0)
| (opt.disable_ipv6? HTTP_FLAG_IGNORE_IPv6 : 0)), | (opt.disable_ipv6? HTTP_FLAG_IGNORE_IPv6 : 0)),
@ -111,10 +121,11 @@ ks_http_fetch (ctrl_t ctrl, const char *url, estream_t *r_fp)
{ {
fp = http_get_write_ptr (http); fp = http_get_write_ptr (http);
/* Avoid caches to get the most recent copy of the key. We set /* Avoid caches to get the most recent copy of the key. We set
both the Pragma and Cache-Control versions of the header, so * both the Pragma and Cache-Control versions of the header, so
we're good with both HTTP 1.0 and 1.1. */ * we're good with both HTTP 1.0 and 1.1. */
es_fputs ("Pragma: no-cache\r\n" if ((flags & KS_HTTP_FETCH_NOCACHE))
"Cache-Control: no-cache\r\n", fp); es_fputs ("Pragma: no-cache\r\n"
"Cache-Control: no-cache\r\n", fp);
http_start_data (http); http_start_data (http);
if (es_ferror (fp)) if (es_ferror (fp))
err = gpg_error_from_syserror (); err = gpg_error_from_syserror ();
@ -164,7 +175,13 @@ ks_http_fetch (ctrl_t ctrl, const char *url, estream_t *r_fp)
if (err) if (err)
goto leave; goto leave;
if ((is_onion && ! uri->onion) || (is_https && ! uri->use_tls)) if (is_onion && !uri->onion)
{
err = gpg_error (GPG_ERR_FORBIDDEN);
goto leave;
}
if (!(flags & KS_HTTP_FETCH_ALLOW_DOWNGRADE)
&& is_https && !uri->use_tls)
{ {
err = gpg_error (GPG_ERR_FORBIDDEN); err = gpg_error (GPG_ERR_FORBIDDEN);
goto leave; goto leave;

10
dirmngr/ks-engine.h
View File

@ -41,8 +41,16 @@ gpg_error_t ks_hkp_put (ctrl_t ctrl, parsed_uri_t uri,
const void *data, size_t datalen); const void *data, size_t datalen);
/*-- ks-engine-http.c --*/ /*-- ks-engine-http.c --*/
/* Flags for the ks_http_fetch. */
#define KS_HTTP_FETCH_NOCACHE 1 /* Request no caching. */
#define KS_HTTP_FETCH_TRUST_CFG 2 /* Requests HTTP_FLAG_TRUST_CFG. */
#define KS_HTTP_FETCH_NO_CRL 4 /* Requests HTTP_FLAG_NO_CRL. */
#define KS_HTTP_FETCH_ALLOW_DOWNGRADE 8 /* Allow redirect https -> http. */
gpg_error_t ks_http_help (ctrl_t ctrl, parsed_uri_t uri); gpg_error_t ks_http_help (ctrl_t ctrl, parsed_uri_t uri);
gpg_error_t ks_http_fetch (ctrl_t ctrl, const char *url, estream_t *r_fp); gpg_error_t ks_http_fetch (ctrl_t ctrl, const char *url, unsigned int flags,
estream_t *r_fp);
/*-- ks-engine-finger.c --*/ /*-- ks-engine-finger.c --*/

1
dirmngr/ldap-wrapper-ce.c
View File

@ -45,6 +45,7 @@
#ifdef USE_LDAPWRAPPER #ifdef USE_LDAPWRAPPER
# error This module is not expected to be build. # error This module is not expected to be build.
#endif #endif
#error This module might not anymore work.

761
dirmngr/ldap-wrapper.c
View File

@ -1,5 +1,5 @@
/* ldap-wrapper.c - LDAP access via a wrapper process /* ldap-wrapper.c - LDAP access via a wrapper process
* Copyright (C) 2004, 2005, 2007, 2008 g10 Code GmbH * Copyright (C) 2004, 2005, 2007, 2008, 2018 g10 Code GmbH
* Copyright (C) 2010 Free Software Foundation, Inc. * Copyright (C) 2010 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
@ -19,31 +19,34 @@
*/ */
/* /*
We can't use LDAP directly for these reasons: * We can't use LDAP directly for these reasons:
*
1. On some systems the LDAP library uses (indirectly) pthreads and * 1. On some systems the LDAP library uses (indirectly) pthreads and
that is not compatible with PTh. * that is not compatible with GNU Pth. Since 2.1 we use nPth
* instead of GNU Pth which does not have this problem anymore
2. It is huge library in particular if TLS comes into play. So * because it will use pthreads if the platform supports it. Thus
problems with unfreed memory might turn up and we don't want * this was a historical reasons.
this in a long running daemon. *
* 2. It is huge library in particular if TLS comes into play. So
3. There is no easy way for timeouts. In particular the timeout * problems with unfreed memory might turn up and we don't want
value does not work for DNS lookups (well, this is usual) and it * this in a long running daemon.
seems not to work while loading a large attribute like a *
CRL. Having a separate process allows us to either tell the * 3. There is no easy way for timeouts. In particular the timeout
process to commit suicide or have our own housekepping function * value does not work for DNS lookups (well, this is usual) and it
kill it after some time. The latter also allows proper * seems not to work while loading a large attribute like a
cancellation of a query at any point of time. * CRL. Having a separate process allows us to either tell the
* process to commit suicide or have our own housekepping function
4. Given that we are going out to the network and usually get back * kill it after some time. The latter also allows proper
a long response, the fork/exec overhead is acceptable. * cancellation of a query at any point of time.
*
Note that under WindowsCE the number of processes is strongly * 4. Given that we are going out to the network and usually get back
limited (32 processes including the kernel processes) and thus we * a long response, the fork/exec overhead is acceptable.
don't use the process approach but implement a different wrapper in *
ldap-wrapper-ce.c. * Note that under WindowsCE the number of processes is strongly
*/ * limited (32 processes including the kernel processes) and thus we
* don't use the process approach but implement a different wrapper in
* ldap-wrapper-ce.c.
*/
#include <config.h> #include <config.h>
@ -89,39 +92,66 @@ struct wrapper_context_s
{ {
struct wrapper_context_s *next; struct wrapper_context_s *next;
pid_t pid; /* The pid of the wrapper process. */ pid_t pid; /* The pid of the wrapper process. */
int printable_pid; /* Helper to print diagnostics after the process has int printable_pid; /* Helper to print diagnostics after the process has
been cleaned up. */ * been cleaned up. */
int fd; /* Connected with stdout of the ldap wrapper. */ estream_t fp; /* Connected with stdout of the ldap wrapper. */
gpg_error_t fd_error; /* Set to the gpg_error of the last read error gpg_error_t fp_err; /* Set to the gpg_error of the last read error
if any. */ * if any. */
int log_fd; /* Connected with stderr of the ldap wrapper. */ estream_t log_fp; /* Connected with stderr of the ldap wrapper. */
ctrl_t ctrl; /* Connection data. */ ctrl_t ctrl; /* Connection data. */
int ready; /* Internally used to mark to be removed contexts. */ int ready; /* Internally used to mark to be removed contexts. */
ksba_reader_t reader; /* The ksba reader object or NULL. */ ksba_reader_t reader;/* The ksba reader object or NULL. */
char *line; /* Used to print the log lines (malloced). */ char *line; /* Used to print the log lines (malloced). */
size_t linesize;/* Allocated size of LINE. */ size_t linesize; /* Allocated size of LINE. */
size_t linelen; /* Use size of LINE. */ size_t linelen; /* Use size of LINE. */
time_t stamp; /* The last time we noticed ativity. */ time_t stamp; /* The last time we noticed ativity. */
int reaper_idx; /* Private to ldap_wrapper_thread. */
}; };
/* We keep a global list of spawned wrapper process. A separate thread /* We keep a global list of spawned wrapper process. A separate
makes use of this list to log error messages and to watch out for * thread makes use of this list to log error messages and to watch
finished processes. */ * out for finished processes. Access to list is protected by a
static struct wrapper_context_s *wrapper_list; * mutex. The condition variable is used to wakeup the reaper
* thread. */
static struct wrapper_context_s *reaper_list;
static npth_mutex_t reaper_list_mutex = NPTH_MUTEX_INITIALIZER;
static npth_cond_t reaper_run_cond = NPTH_COND_INITIALIZER;
/* We need to know whether we are shutting down the process. */ /* We need to know whether we are shutting down the process. */
static int shutting_down; static int shutting_down;
/* Close the pth file descriptor FD and set it to -1. */
#define SAFE_CLOSE(fd) \
do { int _fd = fd; if (_fd != -1) { close (_fd); fd = -1;} } while (0) /* Close the estream fp and set it to NULL. */
#define SAFE_CLOSE(fp) \
do { estream_t _fp = fp; es_fclose (_fp); fp = NULL; } while (0)
static void
lock_reaper_list (void)
{
if (npth_mutex_lock (&reaper_list_mutex))
log_fatal ("%s: failed to acquire mutex: %s\n", __func__,
gpg_strerror (gpg_error_from_syserror ()));
}
static void
unlock_reaper_list (void)
{
if (npth_mutex_unlock (&reaper_list_mutex))
log_fatal ("%s: failed to release mutex: %s\n", __func__,
gpg_strerror (gpg_error_from_syserror ()));
}
/* Read a fixed amount of data from READER into BUFFER. */ /* Read a fixed amount of data from READER into BUFFER. */
static gpg_error_t static gpg_error_t
read_buffer (ksba_reader_t reader, unsigned char *buffer, size_t count) read_buffer (ksba_reader_t reader, unsigned char *buffer, size_t count)
@ -151,8 +181,8 @@ destroy_wrapper (struct wrapper_context_s *ctx)
gnupg_release_process (ctx->pid); gnupg_release_process (ctx->pid);
} }
ksba_reader_release (ctx->reader); ksba_reader_release (ctx->reader);
SAFE_CLOSE (ctx->fd); SAFE_CLOSE (ctx->fp);
SAFE_CLOSE (ctx->log_fd); SAFE_CLOSE (ctx->log_fp);
xfree (ctx->line); xfree (ctx->line);
xfree (ctx); xfree (ctx);
} }
@ -218,25 +248,27 @@ print_log_line (struct wrapper_context_s *ctx, char *line)
/* Read data from the log stream. Returns true if the log stream /* Read data from the log stream. Returns true if the log stream
indicated EOF or error. */ * indicated EOF or error. */
static int static int
read_log_data (struct wrapper_context_s *ctx) read_log_data (struct wrapper_context_s *ctx)
{ {
int n; int rc;
size_t n;
char line[256]; char line[256];
/* We must use the npth_read function for pipes, always. */ rc = es_read (ctx->log_fp, line, sizeof line - 1, &n);
do if (rc || !n) /* Error or EOF. */
n = npth_read (ctx->log_fd, line, sizeof line - 1);
while (n < 0 && errno == EINTR);
if (n <= 0) /* EOF or error. */
{ {
if (n < 0) if (rc)
log_error (_("error reading log from ldap wrapper %d: %s\n"), {
(int)ctx->pid, strerror (errno)); gpg_error_t err = gpg_error_from_syserror ();
print_log_line (ctx, NULL); if (gpg_err_code (err) == GPG_ERR_EAGAIN)
SAFE_CLOSE (ctx->log_fd); return 0;
log_error (_("error reading log from ldap wrapper %d: %s\n"),
(int)ctx->pid, gpg_strerror (err));
}
print_log_line (ctx, NULL); /* Flush. */
SAFE_CLOSE (ctx->log_fp);
return 1; return 1;
} }
@ -251,15 +283,18 @@ read_log_data (struct wrapper_context_s *ctx)
/* This function is run by a separate thread to maintain the list of /* This function is run by a separate thread to maintain the list of
wrappers and to log error messages from these wrappers. */ wrappers and to log error messages from these wrappers. */
void * void *
ldap_wrapper_thread (void *dummy) ldap_reaper_thread (void *dummy)
{ {
int nfds; gpg_error_t err;
struct wrapper_context_s *ctx; struct wrapper_context_s *ctx;
struct wrapper_context_s *ctx_prev; struct wrapper_context_s *ctx_prev;
struct timespec abstime; struct timespec abstime;
struct timespec curtime; struct timespec curtime;
struct timespec timeout; struct timespec timeout;
fd_set fdset; int millisecs;
gpgrt_poll_t *fparray = NULL;
int fparraysize = 0;
int count, i;
int ret; int ret;
time_t exptime; time_t exptime;
@ -272,6 +307,61 @@ ldap_wrapper_thread (void *dummy)
{ {
int any_action = 0; int any_action = 0;
/* Wait until we are needed and then setup the FPARRAY. */
/* Note: There is one unlock inside the block! */
lock_reaper_list ();
{
while (!reaper_list && !shutting_down)
{
if (npth_cond_wait (&reaper_run_cond, &reaper_list_mutex))
log_error ("ldap-reaper: waiting on condition failed: %s\n",
gpg_strerror (gpg_error_from_syserror ()));
}
for (count = 0, ctx = reaper_list; ctx; ctx = ctx->next)
if (ctx->log_fp)
count++;
if (count > fparraysize || !fparray)
{
/* Need to realloc the array. We simply discard it and
* replace it by a new one. */
xfree (fparray);
fparray = xtrycalloc (count? count : 1, sizeof *fparray);
if (!fparray)
{
err = gpg_error_from_syserror ();
log_error ("ldap-reaper can't allocate poll array: %s"
" - waiting 1s\n", gpg_strerror (err));
/* Note: Here we unlock and continue! */
unlock_reaper_list ();
npth_sleep (1);
continue;
}
fparraysize = count;
}
for (count = 0, ctx = reaper_list; ctx; ctx = ctx->next)
{
if (ctx->log_fp)
{
log_assert (count < fparraysize);
fparray[count].stream = ctx->log_fp;
fparray[count].want_read = 1;
fparray[count].ignore = 0;
ctx->reaper_idx = count;
count++;
}
else
{
ctx->reaper_idx = -1;
fparray[count].ignore = 1;
}
}
for (i=count; i < fparraysize; i++)
fparray[i].ignore = 1;
}
unlock_reaper_list (); /* Note the one unlock inside the block. */
/* Compute the next timeout. */
npth_clock_gettime (&curtime); npth_clock_gettime (&curtime);
if (!(npth_timercmp (&curtime, &abstime, <))) if (!(npth_timercmp (&curtime, &abstime, <)))
{ {
@ -280,142 +370,166 @@ ldap_wrapper_thread (void *dummy)
abstime.tv_sec += TIMERTICK_INTERVAL; abstime.tv_sec += TIMERTICK_INTERVAL;
} }
npth_timersub (&abstime, &curtime, &timeout); npth_timersub (&abstime, &curtime, &timeout);
millisecs = timeout.tv_sec * 1000;
millisecs += timeout.tv_nsec / 1000000;
if (millisecs < 0)
millisecs = 1;
FD_ZERO (&fdset); if (DBG_EXTPROG)
nfds = -1;
for (ctx = wrapper_list; ctx; ctx = ctx->next)
{ {
if (ctx->log_fd != -1) log_debug ("ldap-reaper: next run (count=%d size=%d, timeout=%d)\n",
{ count, fparraysize, millisecs);
FD_SET (ctx->log_fd, &fdset); for (count=0; count < fparraysize; count++)
if (ctx->log_fd > nfds) if (!fparray[count].ignore)
nfds = ctx->log_fd; log_debug ("ldap-reaper: fp[%d] stream=%p want=%d\n",
} count, fparray[count].stream,fparray[count].want_read);
} }
nfds++;
/* FIXME: For Windows, we have to use a reader thread on the ret = es_poll (fparray, fparraysize, millisecs);
pipe that signals an event (and a npth_select_ev variant). */ if (ret < 0)
ret = npth_pselect (nfds + 1, &fdset, NULL, NULL, &timeout, NULL);
if (ret == -1)
{ {
if (errno != EINTR) err = gpg_error_from_syserror ();
{ log_error ("ldap-reaper failed to poll: %s"
log_error (_("npth_select failed: %s - waiting 1s\n"), " - waiting 1s\n", gpg_strerror (err));
strerror (errno)); /* In case the reason for the error is a too large array, we
npth_sleep (1); * release it so that it will be allocated smaller in the
} * next round. */
xfree (fparray);
fparray = NULL;
fparraysize = 0;
npth_sleep (1);
continue; continue;
} }
if (DBG_EXTPROG)
{
for (count=0; count < fparraysize; count++)
if (!fparray[count].ignore)
log_debug ("ldap-reaper: fp[%d] stream=%p r=%d %c%c%c%c%c%c%c\n",
count, fparray[count].stream, ret,
fparray[count].got_read? 'r':'-',
fparray[count].got_write?'w':'-',
fparray[count].got_oob? 'o':'-',
fparray[count].got_rdhup?'H':'-',
fparray[count].got_err? 'e':'-',
fparray[count].got_hup? 'h':'-',
fparray[count].got_nval? 'n':'-');
}
/* All timestamps before exptime should be considered expired. */ /* All timestamps before exptime should be considered expired. */
exptime = time (NULL); exptime = time (NULL);
if (exptime > INACTIVITY_TIMEOUT) if (exptime > INACTIVITY_TIMEOUT)
exptime -= INACTIVITY_TIMEOUT; exptime -= INACTIVITY_TIMEOUT;
/* Note that there is no need to lock the list because we always lock_reaper_list ();
add entries at the head (with a pending event status) and {
thus traversing the list will even work if we have a context for (ctx = reaper_list; ctx; ctx = ctx->next)
switch in waitpid (which should anyway only happen with Pth's
hard system call mapping). */
for (ctx = wrapper_list; ctx; ctx = ctx->next)
{
/* Check whether there is any logging to be done. */
if (nfds && ctx->log_fd != -1 && FD_ISSET (ctx->log_fd, &fdset))
{
if (read_log_data (ctx))
{
SAFE_CLOSE (ctx->log_fd);
any_action = 1;
}
}
/* Check whether the process is still running. */
if (ctx->pid != (pid_t)(-1))
{
gpg_error_t err;
int status;
err = gnupg_wait_process ("[dirmngr_ldap]", ctx->pid, 0,
&status);
if (!err)
{
log_info (_("ldap wrapper %d ready"), (int)ctx->pid);
ctx->ready = 1;
gnupg_release_process (ctx->pid);
ctx->pid = (pid_t)(-1);
any_action = 1;
}
else if (gpg_err_code (err) == GPG_ERR_GENERAL)
{
if (status == 10)
log_info (_("ldap wrapper %d ready: timeout\n"),
(int)ctx->pid);
else
log_info (_("ldap wrapper %d ready: exitcode=%d\n"),
(int)ctx->pid, status);
ctx->ready = 1;
gnupg_release_process (ctx->pid);
ctx->pid = (pid_t)(-1);
any_action = 1;
}
else if (gpg_err_code (err) != GPG_ERR_TIMEOUT)
{
log_error (_("waiting for ldap wrapper %d failed: %s\n"),
(int)ctx->pid, gpg_strerror (err));
any_action = 1;
}
}
/* Check whether we should terminate the process. */
if (ctx->pid != (pid_t)(-1)
&& ctx->stamp != (time_t)(-1) && ctx->stamp < exptime)
{
gnupg_kill_process (ctx->pid);
ctx->stamp = (time_t)(-1);
log_info (_("ldap wrapper %d stalled - killing\n"),
(int)ctx->pid);
/* We need to close the log fd because the cleanup loop
waits for it. */
SAFE_CLOSE (ctx->log_fd);
any_action = 1;
}
}
/* If something has been printed to the log file or we got an
EOF from a wrapper, we now print the list of active
wrappers. */
if (any_action && DBG_LOOKUP)
{
log_info ("ldap worker stati:\n");
for (ctx = wrapper_list; ctx; ctx = ctx->next)
log_info (" c=%p pid=%d/%d rdr=%p ctrl=%p/%d la=%lu rdy=%d\n",
ctx,
(int)ctx->pid, (int)ctx->printable_pid,
ctx->reader,
ctx->ctrl, ctx->ctrl? ctx->ctrl->refcount:0,
(unsigned long)ctx->stamp, ctx->ready);
}
/* Use a separate loop to check whether ready marked wrappers
may be removed. We may only do so if the ksba reader object
is not anymore in use or we are in shutdown state. */
again:
for (ctx_prev=NULL, ctx=wrapper_list; ctx; ctx_prev=ctx, ctx=ctx->next)
if (ctx->ready
&& ((ctx->log_fd == -1 && !ctx->reader) || shutting_down))
{ {
if (ctx_prev) /* Check whether there is any logging to be done. We need
ctx_prev->next = ctx->next; * to check FPARRAYSIZE because it can be 0 in case
else * es_poll returned a timeout. */
wrapper_list = ctx->next; if (fparraysize && ctx->log_fp && ctx->reaper_idx >= 0)
destroy_wrapper (ctx); {
/* We need to restart because destroy_wrapper might have log_assert (ctx->reaper_idx < fparraysize);
done a context switch. */ if (fparray[ctx->reaper_idx].got_read)
goto again; {
if (read_log_data (ctx))
{
SAFE_CLOSE (ctx->log_fp);
any_action = 1;
}
}
}
/* Check whether the process is still running. */
if (ctx->pid != (pid_t)(-1))
{
int status;
err = gnupg_wait_process ("[dirmngr_ldap]", ctx->pid, 0,
&status);
if (!err)
{
if (DBG_EXTPROG)
log_info (_("ldap wrapper %d ready"), (int)ctx->pid);
ctx->ready = 1;
gnupg_release_process (ctx->pid);
ctx->pid = (pid_t)(-1);
any_action = 1;
}
else if (gpg_err_code (err) == GPG_ERR_GENERAL)
{
if (status == 10)
log_info (_("ldap wrapper %d ready: timeout\n"),
(int)ctx->pid);
else
log_info (_("ldap wrapper %d ready: exitcode=%d\n"),
(int)ctx->pid, status);
ctx->ready = 1;
gnupg_release_process (ctx->pid);
ctx->pid = (pid_t)(-1);
any_action = 1;
}
else if (gpg_err_code (err) != GPG_ERR_TIMEOUT)
{
log_error (_("waiting for ldap wrapper %d failed: %s\n"),
(int)ctx->pid, gpg_strerror (err));
any_action = 1;
}
}
/* Check whether we should terminate the process. */
if (ctx->pid != (pid_t)(-1)
&& ctx->stamp != (time_t)(-1) && ctx->stamp < exptime)
{
gnupg_kill_process (ctx->pid);
ctx->stamp = (time_t)(-1);
log_info (_("ldap wrapper %d stalled - killing\n"),
(int)ctx->pid);
/* We need to close the log stream because the cleanup
* loop waits for it. */
SAFE_CLOSE (ctx->log_fp);
any_action = 1;
}
} }
/* If something has been printed to the log file or we got an
* EOF from a wrapper, we now print the list of active
* wrappers. */
if (any_action && DBG_EXTPROG)
{
log_debug ("ldap worker stati:\n");
for (ctx = reaper_list; ctx; ctx = ctx->next)
log_debug (" c=%p pid=%d/%d rdr=%p logfp=%p"
" ctrl=%p/%d la=%lu rdy=%d\n",
ctx,
(int)ctx->pid, (int)ctx->printable_pid,
ctx->reader, ctx->log_fp,
ctx->ctrl, ctx->ctrl? ctx->ctrl->refcount:0,
(unsigned long)ctx->stamp, ctx->ready);
}
/* An extra loop to check whether ready marked wrappers may be
* removed. We may only do so if the ksba reader object is
* not anymore in use or we are in shutdown state. */
again:
for (ctx_prev=NULL, ctx=reaper_list; ctx; ctx_prev=ctx, ctx=ctx->next)
{
if (ctx->ready
&& ((!ctx->log_fp && !ctx->reader) || shutting_down))
{
if (ctx_prev)
ctx_prev->next = ctx->next;
else
reaper_list = ctx->next;
destroy_wrapper (ctx);
goto again;
}
}
}
unlock_reaper_list ();
} }
/*NOTREACHED*/ /*NOTREACHED*/
return NULL; /* Make the compiler happy. */ return NULL; /* Make the compiler happy. */
} }
@ -424,7 +538,7 @@ ldap_wrapper_thread (void *dummy)
/* Start the reaper thread for the ldap wrapper. */ /* Start the reaper thread for the ldap wrapper. */
void void
ldap_wrapper_launch_thread (void) ldap_reaper_launch_thread (void)
{ {
static int done; static int done;
npth_attr_t tattr; npth_attr_t tattr;
@ -435,14 +549,21 @@ ldap_wrapper_launch_thread (void)
return; return;
done = 1; done = 1;
#ifdef HAVE_W32_SYSTEM
/* Static init does not yet work in W32 nPth. */
if (npth_cond_init (&reaper_run_cond, NULL))
log_fatal ("%s: failed to init condition variabale: %s\n",
__func__, gpg_strerror (gpg_error_from_syserror ()));
#endif
npth_attr_init (&tattr); npth_attr_init (&tattr);
npth_attr_setdetachstate (&tattr, NPTH_CREATE_DETACHED); npth_attr_setdetachstate (&tattr, NPTH_CREATE_DETACHED);
err = npth_create (&thread, &tattr, ldap_wrapper_thread, NULL); if (npth_create (&thread, &tattr, ldap_reaper_thread, NULL))
if (err)
{ {
log_error (_("error spawning ldap wrapper reaper thread: %s\n"), err = gpg_error_from_syserror ();
strerror (err) ); log_error ("error spawning ldap reaper reaper thread: %s\n",
gpg_strerror (err) );
dirmngr_exit (1); dirmngr_exit (1);
} }
npth_setname_np (thread, "ldap-reaper"); npth_setname_np (thread, "ldap-reaper");
@ -451,16 +572,20 @@ ldap_wrapper_launch_thread (void)
/* Wait until all ldap wrappers have terminated. We assume that the /* Wait until all ldap wrappers have terminated. We assume that the
kill has already been sent to all of them. */ kill has already been sent to all of them. */
void void
ldap_wrapper_wait_connections () ldap_wrapper_wait_connections ()
{ {
shutting_down = 1; lock_reaper_list ();
/* FIXME: This is a busy wait. */ {
while (wrapper_list) shutting_down = 1;
if (npth_cond_signal (&reaper_run_cond))
log_error ("%s: Ooops: signaling condition failed: %s\n",
__func__, gpg_strerror (gpg_error_from_syserror ()));
}
unlock_reaper_list ();
while (reaper_list)
npth_usleep (200); npth_usleep (200);
} }
@ -475,30 +600,35 @@ ldap_wrapper_release_context (ksba_reader_t reader)
if (!reader ) if (!reader )
return; return;
for (ctx=wrapper_list; ctx; ctx=ctx->next) lock_reaper_list ();
if (ctx->reader == reader) {
{ for (ctx=reaper_list; ctx; ctx=ctx->next)
if (DBG_LOOKUP) if (ctx->reader == reader)
log_info ("releasing ldap worker c=%p pid=%d/%d rdr=%p ctrl=%p/%d\n", {
ctx, if (DBG_EXTPROG)
(int)ctx->pid, (int)ctx->printable_pid, log_debug ("releasing ldap worker c=%p pid=%d/%d rdr=%p"
ctx->reader, " ctrl=%p/%d\n", ctx,
ctx->ctrl, ctx->ctrl? ctx->ctrl->refcount:0); (int)ctx->pid, (int)ctx->printable_pid,
ctx->reader,
ctx->ctrl, ctx->ctrl? ctx->ctrl->refcount:0);
ctx->reader = NULL; ctx->reader = NULL;
SAFE_CLOSE (ctx->fd); SAFE_CLOSE (ctx->fp);
if (ctx->ctrl) if (ctx->ctrl)
{ {
ctx->ctrl->refcount--; ctx->ctrl->refcount--;
ctx->ctrl = NULL; ctx->ctrl = NULL;
} }
if (ctx->fd_error) if (ctx->fp_err)
log_info (_("reading from ldap wrapper %d failed: %s\n"), log_info ("%s: reading from ldap wrapper %d failed: %s\n",
ctx->printable_pid, gpg_strerror (ctx->fd_error)); __func__, ctx->printable_pid, gpg_strerror (ctx->fp_err));
break; break;
} }
}
unlock_reaper_list ();
} }
/* Cleanup all resources held by the connection associated with /* Cleanup all resources held by the connection associated with
CTRL. This is used after a cancel to kill running wrappers. */ CTRL. This is used after a cancel to kill running wrappers. */
void void
@ -506,41 +636,45 @@ ldap_wrapper_connection_cleanup (ctrl_t ctrl)
{ {
struct wrapper_context_s *ctx; struct wrapper_context_s *ctx;
for (ctx=wrapper_list; ctx; ctx=ctx->next) lock_reaper_list ();
if (ctx->ctrl && ctx->ctrl == ctrl) {
{ for (ctx=reaper_list; ctx; ctx=ctx->next)
ctx->ctrl->refcount--; if (ctx->ctrl && ctx->ctrl == ctrl)
ctx->ctrl = NULL; {
if (ctx->pid != (pid_t)(-1)) ctx->ctrl->refcount--;
gnupg_kill_process (ctx->pid); ctx->ctrl = NULL;
if (ctx->fd_error) if (ctx->pid != (pid_t)(-1))
log_info (_("reading from ldap wrapper %d failed: %s\n"), gnupg_kill_process (ctx->pid);
ctx->printable_pid, gpg_strerror (ctx->fd_error)); if (ctx->fp_err)
} log_info ("%s: reading from ldap wrapper %d failed: %s\n",
__func__, ctx->printable_pid, gpg_strerror (ctx->fp_err));
}
}
unlock_reaper_list ();
} }
/* This is the callback used by the ldap wrapper to feed the ksba /* This is the callback used by the ldap wrapper to feed the ksba
reader with the wrappers stdout. See the description of * reader with the wrapper's stdout. See the description of
ksba_reader_set_cb for details. */ * ksba_reader_set_cb for details. */
static int static int
reader_callback (void *cb_value, char *buffer, size_t count, size_t *nread) reader_callback (void *cb_value, char *buffer, size_t count, size_t *nread)
{ {
struct wrapper_context_s *ctx = cb_value; struct wrapper_context_s *ctx = cb_value;
size_t nleft = count; size_t nleft = count;
int nfds;
struct timespec abstime; struct timespec abstime;
struct timespec curtime; struct timespec curtime;
struct timespec timeout; struct timespec timeout;
int saved_errno; int millisecs;
fd_set fdset, read_fdset; gpgrt_poll_t fparray[1];
int ret; int ret;
gpg_error_t err;
/* FIXME: We might want to add some internal buffering because the /* FIXME: We might want to add some internal buffering because the
ksba code does not do any buffering for itself (because a ksba ksba code does not do any buffering for itself (because a ksba
reader may be detached from another stream to read other data and reader may be detached from another stream to read other data and
the it would be cumbersome to get back already buffered then it would be cumbersome to get back already buffered stuff). */
stuff). */
if (!buffer && !count && !nread) if (!buffer && !count && !nread)
return -1; /* Rewind is not supported. */ return -1; /* Rewind is not supported. */
@ -548,81 +682,108 @@ reader_callback (void *cb_value, char *buffer, size_t count, size_t *nread)
/* If we ever encountered a read error, don't continue (we don't want to /* If we ever encountered a read error, don't continue (we don't want to
possibly overwrite the last error cause). Bail out also if the possibly overwrite the last error cause). Bail out also if the
file descriptor has been closed. */ file descriptor has been closed. */
if (ctx->fd_error || ctx->fd == -1) if (ctx->fp_err || !ctx->fp)
{ {
*nread = 0; *nread = 0;
return -1; return -1;
} }
FD_ZERO (&fdset); memset (fparray, 0, sizeof fparray);
FD_SET (ctx->fd, &fdset); fparray[0].stream = ctx->fp;
nfds = ctx->fd + 1; fparray[0].want_read = 1;
npth_clock_gettime (&abstime); npth_clock_gettime (&abstime);
abstime.tv_sec += TIMERTICK_INTERVAL; abstime.tv_sec += TIMERTICK_INTERVAL;
while (nleft > 0) while (nleft > 0)
{ {
int n;
gpg_error_t err;
npth_clock_gettime (&curtime); npth_clock_gettime (&curtime);
if (!(npth_timercmp (&curtime, &abstime, <))) if (!(npth_timercmp (&curtime, &abstime, <)))
{ {
err = dirmngr_tick (ctx->ctrl); err = dirmngr_tick (ctx->ctrl);
if (err) if (err)
{ {
ctx->fd_error = err; ctx->fp_err = err;
SAFE_CLOSE (ctx->fd); SAFE_CLOSE (ctx->fp);
return -1; return -1;
} }
npth_clock_gettime (&abstime); npth_clock_gettime (&abstime);
abstime.tv_sec += TIMERTICK_INTERVAL; abstime.tv_sec += TIMERTICK_INTERVAL;
} }
npth_timersub (&abstime, &curtime, &timeout); npth_timersub (&abstime, &curtime, &timeout);
millisecs = timeout.tv_sec * 1000;
millisecs += timeout.tv_nsec / 1000000;
if (millisecs < 0)
millisecs = 1;
read_fdset = fdset; if (DBG_EXTPROG)
ret = npth_pselect (nfds, &read_fdset, NULL, NULL, &timeout, NULL); {
saved_errno = errno; log_debug ("%s: fp[0] stream=%p want=%d\n",
__func__, fparray[0].stream,fparray[0].want_read);
}
if (ret == -1 && saved_errno != EINTR) ret = es_poll (fparray, DIM (fparray), millisecs);
if (ret < 0)
{ {
ctx->fd_error = gpg_error_from_errno (errno); ctx->fp_err = gpg_error_from_syserror ();
SAFE_CLOSE (ctx->fd); log_error ("error polling stdout of ldap wrapper %d: %s\n",
ctx->printable_pid, gpg_strerror (ctx->fp_err));
SAFE_CLOSE (ctx->fp);
return -1; return -1;
} }
if (ret <= 0) if (DBG_EXTPROG)
/* Timeout. Will be handled when calculating the next timeout. */ {
continue; log_debug ("%s: fp[0] stream=%p r=%d %c%c%c%c%c%c%c\n",
__func__, fparray[0].stream, ret,
fparray[0].got_read? 'r':'-',
fparray[0].got_write?'w':'-',
fparray[0].got_oob? 'o':'-',
fparray[0].got_rdhup?'H':'-',
fparray[0].got_err? 'e':'-',
fparray[0].got_hup? 'h':'-',
fparray[0].got_nval? 'n':'-');
}
if (!ret)
{
/* Timeout. Will be handled when calculating the next timeout. */
continue;
}
/* This should not block now that select returned with a file if (fparray[0].got_read)
descriptor. So it shouldn't be necessary to use npth_read
(and it is slightly dangerous in the sense that a concurrent
thread might (accidentially?) change the status of ctx->fd
before we read. FIXME: Set ctx->fd to nonblocking? */
n = read (ctx->fd, buffer, nleft);
if (n < 0)
{ {
ctx->fd_error = gpg_error_from_errno (errno); size_t n;
SAFE_CLOSE (ctx->fd);
return -1; if (es_read (ctx->fp, buffer, nleft, &n))
{
ctx->fp_err = gpg_error_from_syserror ();
if (gpg_err_code (ctx->fp_err) == GPG_ERR_EAGAIN)
ctx->fp_err = 0;
else
{
log_error ("%s: error reading: %s (%d)\n",
__func__, gpg_strerror (ctx->fp_err), ctx->fp_err);
SAFE_CLOSE (ctx->fp);
return -1;
}
}
else if (!n) /* EOF */
{
if (nleft == count)
return -1; /* EOF. */
break;
}
nleft -= n;
buffer += n;
if (n > 0 && ctx->stamp != (time_t)(-1))
ctx->stamp = time (NULL);
} }
else if (!n)
{
if (nleft == count)
return -1; /* EOF. */
break;
}
nleft -= n;
buffer += n;
if (n > 0 && ctx->stamp != (time_t)(-1))
ctx->stamp = time (NULL);
} }
*nread = count - nleft; *nread = count - nleft;
return 0; return 0;
} }
/* Fork and exec the LDAP wrapper and return a new libksba reader /* Fork and exec the LDAP wrapper and return a new libksba reader
object at READER. ARGV is a NULL terminated list of arguments for object at READER. ARGV is a NULL terminated list of arguments for
the wrapper. The function returns 0 on success or an error code. the wrapper. The function returns 0 on success or an error code.
@ -646,7 +807,7 @@ ldap_wrapper (ctrl_t ctrl, ksba_reader_t *reader, const char *argv[])
int j; int j;
const char **arg_list; const char **arg_list;
const char *pgmname; const char *pgmname;
int outpipe[2], errpipe[2]; estream_t outfp, errfp;
/* It would be too simple to connect stderr just to our logging /* It would be too simple to connect stderr just to our logging
stream. The problem is that if we are running multi-threaded stream. The problem is that if we are running multi-threaded
@ -656,7 +817,7 @@ ldap_wrapper (ctrl_t ctrl, ksba_reader_t *reader, const char *argv[])
wrapper module to do the logging on its own. Given that we anyway wrapper module to do the logging on its own. Given that we anyway
need a way to reap the child process and this is best done using a need a way to reap the child process and this is best done using a
general reaping thread, that thread can do the logging too. */ general reaping thread, that thread can do the logging too. */
ldap_wrapper_launch_thread (); ldap_reaper_launch_thread ();
*reader = NULL; *reader = NULL;
@ -696,41 +857,21 @@ ldap_wrapper (ctrl_t ctrl, ksba_reader_t *reader, const char *argv[])
return err; return err;
} }
err = gnupg_create_inbound_pipe (outpipe, NULL, 0); err = gnupg_spawn_process (pgmname, arg_list,
if (!err) NULL, NULL, GNUPG_SPAWN_NONBLOCK,
{ NULL, &outfp, &errfp, &pid);
err = gnupg_create_inbound_pipe (errpipe, NULL, 0);
if (err)
{
close (outpipe[0]);
close (outpipe[1]);
}
}
if (err)
{
log_error (_("error creating a pipe: %s\n"), gpg_strerror (err));
xfree (arg_list);
xfree (ctx);
return err;
}
err = gnupg_spawn_process_fd (pgmname, arg_list,
-1, outpipe[1], errpipe[1], &pid);
xfree (arg_list); xfree (arg_list);
close (outpipe[1]);
close (errpipe[1]);
if (err) if (err)
{ {
close (outpipe[0]);
close (errpipe[0]);
xfree (ctx); xfree (ctx);
log_error ("error running '%s': %s\n", pgmname, gpg_strerror (err));
return err; return err;
} }
ctx->pid = pid; ctx->pid = pid;
ctx->printable_pid = (int) pid; ctx->printable_pid = (int) pid;
ctx->fd = outpipe[0]; ctx->fp = outfp;
ctx->log_fd = errpipe[0]; ctx->log_fp = errfp;
ctx->ctrl = ctrl; ctx->ctrl = ctrl;
ctrl->refcount++; ctrl->refcount++;
ctx->stamp = time (NULL); ctx->stamp = time (NULL);
@ -749,12 +890,20 @@ ldap_wrapper (ctrl_t ctrl, ksba_reader_t *reader, const char *argv[])
} }
/* Hook the context into our list of running wrappers. */ /* Hook the context into our list of running wrappers. */
ctx->reader = *reader; lock_reaper_list ();
ctx->next = wrapper_list; {
wrapper_list = ctx; ctx->reader = *reader;
if (opt.verbose) ctx->next = reaper_list;
log_info ("ldap wrapper %d started (reader %p)\n", reaper_list = ctx;
(int)ctx->pid, ctx->reader); if (npth_cond_signal (&reaper_run_cond))
log_error ("ldap-wrapper: Ooops: signaling condition failed: %s (%d)\n",
gpg_strerror (gpg_error_from_syserror ()), errno);
}
unlock_reaper_list ();
if (DBG_EXTPROG)
log_debug ("ldap wrapper %d started (%p, %s)\n",
(int)ctx->pid, ctx->reader, pgmname);
/* Need to wait for the first byte so we are able to detect an empty /* Need to wait for the first byte so we are able to detect an empty
output and not let the consumer see an EOF without further error output and not let the consumer see an EOF without further error

12
dirmngr/ldap.c
View File

@ -136,8 +136,12 @@ run_ldap_wrapper (ctrl_t ctrl,
argv[argc++] = "--pass"; argv[argc++] = "--pass";
argv[argc++] = pass; argv[argc++] = pass;
} }
if (opt.verbose)
if (DBG_LOOKUP)
argv[argc++] = "-vv"; argv[argc++] = "-vv";
else if (DBG_EXTPROG)
argv[argc++] = "-v";
argv[argc++] = "--log-with-pid"; argv[argc++] = "--log-with-pid";
if (multi_mode) if (multi_mode)
argv[argc++] = "--multi"; argv[argc++] = "--multi";
@ -564,8 +568,12 @@ start_cert_fetch_ldap (ctrl_t ctrl, cert_fetch_context_t *context,
argv[argc++] = "--pass"; argv[argc++] = "--pass";
argv[argc++] = pass; argv[argc++] = pass;
} }
if (opt.verbose)
if (DBG_LOOKUP)
argv[argc++] = "-vv"; argv[argc++] = "-vv";
else if (DBG_EXTPROG)
argv[argc++] = "-v";
argv[argc++] = "--log-with-pid"; argv[argc++] = "--log-with-pid";
argv[argc++] = "--multi"; argv[argc++] = "--multi";
if (opt.ldaptimeout) if (opt.ldaptimeout)

2
dirmngr/loadswdb.c
View File

@ -126,7 +126,7 @@ fetch_file (ctrl_t ctrl, const char *url, estream_t *r_fp)
size_t nread, nwritten; size_t nread, nwritten;
char buffer[1024]; char buffer[1024];
if ((err = ks_http_fetch (ctrl, url, &httpfp))) if ((err = ks_http_fetch (ctrl, url, KS_HTTP_FETCH_NOCACHE, &httpfp)))
goto leave; goto leave;
/* We now read the data from the web server into a memory buffer. /* We now read the data from the web server into a memory buffer.

121
dirmngr/server.c
View File

@ -1105,7 +1105,7 @@ cmd_ldapserver (assuan_context_t ctx, char *line)
static const char hlp_isvalid[] = static const char hlp_isvalid[] =
"ISVALID [--only-ocsp] [--force-default-responder]" "ISVALID [--only-ocsp] [--force-default-responder]"
" <certificate_id>|<certificate_fpr>\n" " <certificate_id> [<certificate_fpr>]\n"
"\n" "\n"
"This command checks whether the certificate identified by the\n" "This command checks whether the certificate identified by the\n"
"certificate_id is valid. This is done by consulting CRLs or\n" "certificate_id is valid. This is done by consulting CRLs or\n"
@ -1117,8 +1117,9 @@ static const char hlp_isvalid[] =
"delimited by a single dot. The first part is the SHA-1 hash of the\n" "delimited by a single dot. The first part is the SHA-1 hash of the\n"
"issuer name and the second part the serial number.\n" "issuer name and the second part the serial number.\n"
"\n" "\n"
"Alternatively the certificate's fingerprint may be given in which\n" "If an OCSP check is desired CERTIFICATE_FPR with the hex encoded\n"
"case an OCSP request is done before consulting the CRL.\n" "fingerprint of the certificate is required. In this case an OCSP\n"
"request is done before consulting the CRL.\n"
"\n" "\n"
"If the option --only-ocsp is given, no fallback to a CRL check will\n" "If the option --only-ocsp is given, no fallback to a CRL check will\n"
"be used.\n" "be used.\n"
@ -1130,7 +1131,7 @@ static gpg_error_t
cmd_isvalid (assuan_context_t ctx, char *line) cmd_isvalid (assuan_context_t ctx, char *line)
{ {
ctrl_t ctrl = assuan_get_pointer (ctx); ctrl_t ctrl = assuan_get_pointer (ctx);
char *issuerhash, *serialno; char *issuerhash, *serialno, *fpr;
gpg_error_t err; gpg_error_t err;
int did_inquire = 0; int did_inquire = 0;
int ocsp_mode = 0; int ocsp_mode = 0;
@ -1141,25 +1142,36 @@ cmd_isvalid (assuan_context_t ctx, char *line)
force_default_responder = has_option (line, "--force-default-responder"); force_default_responder = has_option (line, "--force-default-responder");
line = skip_options (line); line = skip_options (line);
issuerhash = xstrdup (line); /* We need to work on a copy of the /* We need to work on a copy of the line because that same Assuan
line because that same Assuan * context may be used for an inquiry. That is because Assuan
context may be used for an inquiry. * reuses its line buffer. */
That is because Assuan reuses its issuerhash = xstrdup (line);
line buffer.
*/
serialno = strchr (issuerhash, '.'); serialno = strchr (issuerhash, '.');
if (serialno) if (!serialno)
*serialno++ = 0;
else
{ {
char *endp = strchr (issuerhash, ' '); xfree (issuerhash);
return leave_cmd (ctx, PARM_ERROR (_("serialno missing in cert ID")));
}
*serialno++ = 0;
if (strlen (issuerhash) != 40)
{
xfree (issuerhash);
return leave_cmd (ctx, PARM_ERROR ("cert ID is too short"));
}
fpr = strchr (serialno, ' ');
while (fpr && spacep (fpr))
fpr++;
if (fpr && *fpr)
{
char *endp = strchr (fpr, ' ');
if (endp) if (endp)
*endp = 0; *endp = 0;
if (strlen (issuerhash) != 40) if (strlen (fpr) != 40)
{ {
xfree (issuerhash); xfree (issuerhash);
return leave_cmd (ctx, PARM_ERROR (_("serialno missing in cert ID"))); return leave_cmd (ctx, PARM_ERROR ("fingerprint too short"));
} }
ocsp_mode = 1; ocsp_mode = 1;
} }
@ -1168,17 +1180,24 @@ cmd_isvalid (assuan_context_t ctx, char *line)
again: again:
if (ocsp_mode) if (ocsp_mode)
{ {
/* Note, that we ignore the given issuer hash and instead rely /* Note, that we currently ignore the supplied fingerprint FPR;
on the current certificate semantics used with this * instead ocsp_isvalid does an inquire to ask for the cert.
command. */ * The fingerprint may eventually be used to lookup the
* certificate in a local cache. */
if (!opt.allow_ocsp) if (!opt.allow_ocsp)
err = gpg_error (GPG_ERR_NOT_SUPPORTED); err = gpg_error (GPG_ERR_NOT_SUPPORTED);
else else
err = ocsp_isvalid (ctrl, NULL, NULL, force_default_responder); err = ocsp_isvalid (ctrl, NULL, NULL, force_default_responder);
/* Fixme: If we got no ocsp response and --only-ocsp is not used
we should fall back to CRL mode. Thus we need to clear if (gpg_err_code (err) == GPG_ERR_CONFIGURATION
OCSP_MODE, get the issuerhash and the serialno from the && gpg_err_source (err) == GPG_ERR_SOURCE_DIRMNGR)
current certificate and jump to again. */ {
/* No default responder configured - fallback to CRL. */
if (!only_ocsp)
log_info ("falling back to CRL check\n");
ocsp_mode = 0;
goto again;
}
} }
else if (only_ocsp) else if (only_ocsp)
err = gpg_error (GPG_ERR_NO_CRL_KNOWN); err = gpg_error (GPG_ERR_NO_CRL_KNOWN);
@ -1858,7 +1877,7 @@ static const char hlp_validate[] =
" INQUIRE CERTLIST\n" " INQUIRE CERTLIST\n"
"\n" "\n"
"Here the first certificate is the target certificate, the remaining\n" "Here the first certificate is the target certificate, the remaining\n"
"certificates are suggested intermediary certificates. All certifciates\n" "certificates are suggested intermediary certificates. All certificates\n"
"need to be PEM encoded.\n" "need to be PEM encoded.\n"
"\n" "\n"
"The option --systrust changes the behaviour to include the system\n" "The option --systrust changes the behaviour to include the system\n"
@ -1909,7 +1928,7 @@ cmd_validate (assuan_context_t ctx, char *line)
err = gpg_error (GPG_ERR_MISSING_CERT); err = gpg_error (GPG_ERR_MISSING_CERT);
if (!err) if (!err)
{ {
/* Extraxt the first certificate from the list. */ /* Extract the first certificate from the list. */
cert = certlist->cert; cert = certlist->cert;
ksba_cert_ref (cert); ksba_cert_ref (cert);
} }
@ -1978,6 +1997,38 @@ make_keyserver_item (const char *uri, uri_item_t *r_item)
uri_item_t item; uri_item_t item;
*r_item = NULL; *r_item = NULL;
/* We used to have DNS CNAME redirection from the URLs below to
* sks-keyserver. pools. The idea was to allow for a quick way to
* switch to a different set of pools. The problem with that
* approach is that TLS needs to verify the hostname and - because
* DNS is not secured - it can only check the user supplied hostname
* and not a hostname from a CNAME RR. Thus the final server all
* need to have certificates with the actual pool name as well as
* for keys.gnupg.net - that would render the advantage of
* keys.gnupg.net useless and so we better give up on this. Because
* the keys.gnupg.net URL are still in widespread use we do a static
* mapping here.
*/
if (!strcmp (uri, "hkps://keys.gnupg.net")
|| !strcmp (uri, "keys.gnupg.net"))
uri = "hkps://hkps.pool.sks-keyservers.net";
else if (!strcmp (uri, "https://keys.gnupg.net"))
uri = "https://hkps.pool.sks-keyservers.net";
else if (!strcmp (uri, "hkp://keys.gnupg.net"))
uri = "hkp://hkps.pool.sks-keyservers.net";
else if (!strcmp (uri, "http://keys.gnupg.net"))
uri = "http://hkps.pool.sks-keyservers.net";
else if (!strcmp (uri, "hkps://http-keys.gnupg.net")
|| !strcmp (uri, "http-keys.gnupg.net"))
uri = "hkps://ha.pool.sks-keyservers.net";
else if (!strcmp (uri, "https://http-keys.gnupg.net"))
uri = "https://ha.pool.sks-keyservers.net";
else if (!strcmp (uri, "hkp://http-keys.gnupg.net"))
uri = "hkp://ha.pool.sks-keyservers.net";
else if (!strcmp (uri, "http://http-keys.gnupg.net"))
uri = "http://ha.pool.sks-keyservers.net";
item = xtrymalloc (sizeof *item + strlen (uri)); item = xtrymalloc (sizeof *item + strlen (uri));
if (!item) if (!item)
return gpg_error_from_syserror (); return gpg_error_from_syserror ();
@ -2489,7 +2540,8 @@ static const char hlp_getinfo[] =
"dnsinfo - Return info about the DNS resolver\n" "dnsinfo - Return info about the DNS resolver\n"
"socket_name - Return the name of the socket.\n" "socket_name - Return the name of the socket.\n"
"session_id - Return the current session_id.\n" "session_id - Return the current session_id.\n"
"workqueue - Inspect the work queue\n"; "workqueue - Inspect the work queue\n"
"getenv NAME - Return value of envvar NAME\n";
static gpg_error_t static gpg_error_t
cmd_getinfo (assuan_context_t ctx, char *line) cmd_getinfo (assuan_context_t ctx, char *line)
{ {
@ -2557,6 +2609,23 @@ cmd_getinfo (assuan_context_t ctx, char *line)
workqueue_dump_queue (ctrl); workqueue_dump_queue (ctrl);
err = 0; err = 0;
} }
else if (!strncmp (line, "getenv", 6)
&& (line[6] == ' ' || line[6] == '\t' || !line[6]))
{
line += 6;
while (*line == ' ' || *line == '\t')
line++;
if (!*line)
err = gpg_error (GPG_ERR_MISSING_VALUE);
else
{
const char *s = getenv (line);
if (!s)
err = set_error (GPG_ERR_NOT_FOUND, "No such envvar");
else
err = assuan_send_data (ctx, s, strlen (s));
}
}
else else
err = set_error (GPG_ERR_ASS_PARAMETER, "unknown value for WHAT"); err = set_error (GPG_ERR_ASS_PARAMETER, "unknown value for WHAT");

30
doc/DETAILS
View File

@ -105,6 +105,19 @@ described here.
certificate (i.e. for the trust anchor) and an 'f' for all other certificate (i.e. for the trust anchor) and an 'f' for all other
valid certificates. valid certificates.
In "sig" records, this field may have one of these values as first
character:
- ! :: Signature is good.
- - :: Signature is bad.
- ? :: No public key to verify signature or public key is not usable.
- % :: Other error verifying a signature
More values may be added later. The field may also be empty if
gpg has been invoked in a non-checking mode (--list-sigs) or in a
fast checking mode. Since 2.2.7 '?' will also be printed by the
command --list-sigs if the key is not in the local keyring.
*** Field 3 - Key length *** Field 3 - Key length
The length of key in bits. The length of key in bits.
@ -195,9 +208,11 @@ described here.
gpg's --edit-key menu does. gpg's --edit-key menu does.
For "sig" records, this is the fingerprint of the key that issued For "sig" records, this is the fingerprint of the key that issued
the signature. Note that this is only filled in if the signature the signature. Note that this may only be filled if the signature
verified correctly. Note also that for various technical reasons, verified correctly. Note also that for various technical reasons,
this fingerprint is only available if --no-sig-cache is used. this fingerprint is only available if --no-sig-cache is used.
Since 2.2.7 this field will also be set if the key is missing but
the signature carries an issuer fingerprint as meta data.
*** Field 14 - Flag field *** Field 14 - Flag field
@ -437,14 +452,17 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
available. This is the case with CMS and might eventually also be available. This is the case with CMS and might eventually also be
available for OpenPGP. available for OpenPGP.
*** ERRSIG <keyid> <pkalgo> <hashalgo> <sig_class> <time> <rc> *** ERRSIG <keyid> <pkalgo> <hashalgo> <sig_class> <time> <rc> <fpr>
It was not possible to check the signature. This may be caused by It was not possible to check the signature. This may be caused by
a missing public key or an unsupported algorithm. A RC of 4 a missing public key or an unsupported algorithm. A RC of 4
indicates unknown algorithm, a 9 indicates a missing public indicates unknown algorithm, a 9 indicates a missing public
key. The other fields give more information about this signature. key. The other fields give more information about this signature.
sig_class is a 2 byte hex-value. The fingerprint may be used sig_class is a 2 byte hex-value. The fingerprint may be used
instead of the keyid if it is available. This is the case with instead of the long_keyid_or_fpr if it is available. This is the
gpgsm and might eventually also be available for OpenPGP. case with gpgsm and might eventually also be available for
OpenPGP. The ERRSIG line has FPR filed which is only available
since 2.2.7; that FPR may either be missing or - if the signature
has no fingerprint as meta data.
Note, that TIME may either be the number of seconds since Epoch or Note, that TIME may either be the number of seconds since Epoch or
an ISO 8601 string. The latter can be detected by the presence of an ISO 8601 string. The latter can be detected by the presence of
@ -722,7 +740,9 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
The used key has been revoked by its owner. No arguments yet. The used key has been revoked by its owner. No arguments yet.
*** NO_PUBKEY <long keyid> *** NO_PUBKEY <long keyid>
The public key is not available The public key is not available. Note the arg should in general
not be used because it is better to take it from the ERRSIG
status line which is printed right before this one.
*** NO_SECKEY <long keyid> *** NO_SECKEY <long keyid>
The secret key is not available The secret key is not available

3
doc/Makefile.am
View File

@ -49,7 +49,8 @@ EXTRA_DIST = samplekeys.asc mksamplekeys com-certs.pem \
gnupg-card-architecture.png gnupg-card-architecture.pdf \ gnupg-card-architecture.png gnupg-card-architecture.pdf \
FAQ gnupg7.texi mkdefsinc.c defsincdate \ FAQ gnupg7.texi mkdefsinc.c defsincdate \
opt-homedir.texi see-also-note.texi specify-user-id.texi \ opt-homedir.texi see-also-note.texi specify-user-id.texi \
gpgv.texi yat2m.c ChangeLog-2011 whats-new-in-2.1.txt gpgv.texi yat2m.c ChangeLog-2011 whats-new-in-2.1.txt \
trust-values.texi
BUILT_SOURCES = gnupg-module-overview.png gnupg-module-overview.pdf \ BUILT_SOURCES = gnupg-module-overview.png gnupg-module-overview.pdf \
gnupg-card-architecture.png gnupg-card-architecture.pdf \ gnupg-card-architecture.png gnupg-card-architecture.pdf \

7
doc/dirmngr.texi
View File

@ -208,9 +208,10 @@ flag names. To get a list of all supported flags the single word
@opindex debug-all @opindex debug-all
Same as @code{--debug=0xffffffff} Same as @code{--debug=0xffffffff}
@item --gnutls-debug @var{level} @item --tls-debug @var{level}
@opindex gnutls-debug @opindex tls-debug
Enable debugging of GNUTLS at @var{level}. Enable debugging of the TLS layer at @var{level}. The details of the
debug level depend on the used TLS library and are not set in stone.
@item --debug-wait @var{n} @item --debug-wait @var{n}
@opindex debug-wait @opindex debug-wait

2
doc/examples/vsnfd.prf
View File

@ -15,7 +15,7 @@ enable-crl-checks
[gpg-agent] [gpg-agent]
enable-extended-key-format enable-extended-key-format
default-cache-ttl 900 default-cache-ttl 900
max-cache-ttl [] 3600 max-cache-ttl 3600
no-allow-mark-trusted no-allow-mark-trusted
no-allow-external-cache no-allow-external-cache
enforce-passphrase-constraints enforce-passphrase-constraints

6
doc/gnupg.texi
View File

@ -140,6 +140,7 @@ the administration and the architecture.
* Invoking GPGSM:: Using the S/MIME protocol. * Invoking GPGSM:: Using the S/MIME protocol.
* Invoking SCDAEMON:: How to handle Smartcards. * Invoking SCDAEMON:: How to handle Smartcards.
* Specify a User ID:: How to Specify a User Id. * Specify a User ID:: How to Specify a User Id.
* Trust Values:: How GnuPG displays trust values.
* Helper Tools:: Description of small helper tools * Helper Tools:: Description of small helper tools
* Web Key Service:: Tools for the Web Key Service * Web Key Service:: Tools for the Web Key Service
@ -179,6 +180,11 @@ the administration and the architecture.
@anchor{how-to-specify-a-user-id} @anchor{how-to-specify-a-user-id}
@include specify-user-id.texi @include specify-user-id.texi
@node Trust Values
@chapter Trust Values
@anchor{trust-values}
@cindex trust values
@include trust-values.texi
@include tools.texi @include tools.texi
@include wks.texi @include wks.texi

60
doc/gpg.texi
View File

@ -214,7 +214,10 @@ symmetric cipher used is @value{GPGSYMENCALGO}, but may be chosen with the
@option{--encrypt} (for a message that may be decrypted via a secret key @option{--encrypt} (for a message that may be decrypted via a secret key
or a passphrase), or @option{--sign} and @option{--encrypt} together or a passphrase), or @option{--sign} and @option{--encrypt} together
(for a signed message that may be decrypted via a secret key or a (for a signed message that may be decrypted via a secret key or a
passphrase). passphrase). @command{@gpgname} caches the passphrase used for
symmetric encryption so that a decrypt operation may not require that
the user needs to enter the passphrase. The option
@option{--no-symkey-cache} can be used to disable this feature.
@item --store @item --store
@opindex store @opindex store
@ -1037,38 +1040,13 @@ signing.
@c man:.RS @c man:.RS
The listing shows you the key with its secondary keys and all user The listing shows you the key with its secondary keys and all user
ids. The primary user id is indicated by a dot, and selected keys or IDs. The primary user ID is indicated by a dot, and selected keys or
user ids are indicated by an asterisk. The trust user IDs are indicated by an asterisk. The trust
value is displayed with the primary key: the first is the assigned owner value is displayed with the primary key: "trust" is the assigned owner
trust and the second is the calculated trust value. Letters are used for trust and "validity" is the calculated validity of the key. Validity
the values: values are also displayed for all user IDs.
For possible values of trust, @pxref{trust-values}.
@c man:.RE @c man:.RE
@table @asis
@item -
No ownertrust assigned / not yet calculated.
@item e
Trust
calculation has failed; probably due to an expired key.
@item q
Not enough information for calculation.
@item n
Never trust this key.
@item m
Marginally trusted.
@item f
Fully trusted.
@item u
Ultimately trusted.
@end table
@c ******** End Edit-key Options ********** @c ******** End Edit-key Options **********
@item --sign-key @var{name} @item --sign-key @var{name}
@ -3188,6 +3166,12 @@ are:
Pinentry the user is not prompted again if he enters a bad password. Pinentry the user is not prompted again if he enters a bad password.
@end table @end table
@item --no-symkey-cache
@opindex no-symkey-cache
Disable the passphrase cache used for symmetrical en- and decryption.
This cache is based on the message specific salt value
(cf. @option{--s2k-mode}).
@item --request-origin @var{origin} @item --request-origin @var{origin}
@opindex request-origin @opindex request-origin
Tell gpg to assume that the operation ultimately originated at Tell gpg to assume that the operation ultimately originated at
@ -3302,8 +3286,14 @@ print the public key data.
Same as @option{--list-keys}, but the signatures are listed too. This Same as @option{--list-keys}, but the signatures are listed too. This
command has the same effect as using @option{--list-keys} with command has the same effect as using @option{--list-keys} with
@option{--with-sig-list}. Note that in contrast to @option{--with-sig-list}. Note that in contrast to
@option{--check-signatures} the key signatures are not verified. @option{--check-signatures} the key signatures are not verified. This
command can be used to create a list of signing keys missing in the
lcoal keyring; for example:
@example
gpg --list-sigs --with-colons USERID | \
awk -F: '$1=="sig" && $2=="?" @{if($13)@{print $13@}else@{print $5@}@}'
@end example
@item --fast-list-mode @item --fast-list-mode
@opindex fast-list-mode @opindex fast-list-mode
@ -3831,6 +3821,10 @@ which is equivalent to
imports only the user ids of a key containing the strings "Alfa" imports only the user ids of a key containing the strings "Alfa"
or "Alpha" but not the string "test". or "Alpha" but not the string "test".
@mansect trust values
@ifset isman
@include trust-values.texi
@end ifset
@mansect return value @mansect return value
@chapheading RETURN VALUE @chapheading RETURN VALUE

47
doc/trust-values.texi Normal file
View File

@ -0,0 +1,47 @@
@c Copyright (C) 2018 Free Software Foundation, Inc.
@c This is part of the GnuPG manual.
@c For copying conditions, see the file gnupg.texi.
Trust values are used to indicate ownertrust and validity of keys and
user IDs. They are displayed with letters or strings:
@table @asis
@item -
@itemx unknown
No ownertrust assigned / not yet calculated.
@item e
@itemx expired
Trust calculation has failed; probably due to an expired key.
@item q
@itemx undefined, undef
Not enough information for calculation.
@item n
@itemx never
Never trust this key.
@item m
@itemx marginal
Marginally trusted.
@item f
@itemx full
Fully trusted.
@item u
@itemx ultimate
Ultimately trusted.
@item r
@itemx revoked
For validity only: the key or the user ID has been revoked.
@item ?
@itemx err
The program encountered an unknown trust value.
@end table

2
g10/card-util.c
View File

@ -633,7 +633,7 @@ current_card_status (ctrl_t ctrl, estream_t fp,
{ {
tty_fprintf (fp, " created ....: %s\n", tty_fprintf (fp, " created ....: %s\n",
isotimestamp (info.fpr3time)); isotimestamp (info.fpr3time));
print_keygrip (fp, info.grp2); print_keygrip (fp, info.grp3);
} }
tty_fprintf (fp, "General key info..: "); tty_fprintf (fp, "General key info..: ");

28
g10/compress.c
View File

@ -309,15 +309,19 @@ int
handle_compressed (ctrl_t ctrl, void *procctx, PKT_compressed *cd, handle_compressed (ctrl_t ctrl, void *procctx, PKT_compressed *cd,
int (*callback)(IOBUF, void *), void *passthru ) int (*callback)(IOBUF, void *), void *passthru )
{ {
compress_filter_context_t *cfx;
int rc; int rc;
if(check_compress_algo(cd->algorithm)) if(check_compress_algo(cd->algorithm))
return GPG_ERR_COMPR_ALGO; return GPG_ERR_COMPR_ALGO;
cfx = xmalloc_clear (sizeof *cfx); if(cd->algorithm) {
cfx->release = release_context; compress_filter_context_t *cfx;
cfx->algo = cd->algorithm;
push_compress_filter(cd->buf,cfx,cd->algorithm); cfx = xmalloc_clear (sizeof *cfx);
cfx->release = release_context;
cfx->algo = cd->algorithm;
if (push_compress_filter(cd->buf, cfx, cd->algorithm))
xfree (cfx);
}
if( callback ) if( callback )
rc = callback(cd->buf, passthru ); rc = callback(cd->buf, passthru );
else else
@ -326,16 +330,20 @@ handle_compressed (ctrl_t ctrl, void *procctx, PKT_compressed *cd,
return rc; return rc;
} }
void gpg_error_t
push_compress_filter(IOBUF out,compress_filter_context_t *zfx,int algo) push_compress_filter(IOBUF out,compress_filter_context_t *zfx,int algo)
{ {
push_compress_filter2(out,zfx,algo,0); return push_compress_filter2(out,zfx,algo,0);
} }
void
/* Push a compress filter and return 0 if that succeeded. */
gpg_error_t
push_compress_filter2(IOBUF out,compress_filter_context_t *zfx, push_compress_filter2(IOBUF out,compress_filter_context_t *zfx,
int algo,int rel) int algo,int rel)
{ {
gpg_error_t err = gpg_error (GPG_ERR_FALSE);
if(algo>=0) if(algo>=0)
zfx->algo=algo; zfx->algo=algo;
else else
@ -350,16 +358,20 @@ push_compress_filter2(IOBUF out,compress_filter_context_t *zfx,
case COMPRESS_ALGO_ZIP: case COMPRESS_ALGO_ZIP:
case COMPRESS_ALGO_ZLIB: case COMPRESS_ALGO_ZLIB:
iobuf_push_filter2(out,compress_filter,zfx,rel); iobuf_push_filter2(out,compress_filter,zfx,rel);
err = 0;
break; break;
#endif #endif
#ifdef HAVE_BZIP2 #ifdef HAVE_BZIP2
case COMPRESS_ALGO_BZIP2: case COMPRESS_ALGO_BZIP2:
iobuf_push_filter2(out,compress_filter_bz2,zfx,rel); iobuf_push_filter2(out,compress_filter_bz2,zfx,rel);
err = 0;
break; break;
#endif #endif
default: default:
BUG(); BUG();
} }
return err;
} }

7
g10/filter.h
View File

@ -177,9 +177,10 @@ void unarmor_pump_release (UnarmorPump x);
int unarmor_pump (UnarmorPump x, int c); int unarmor_pump (UnarmorPump x, int c);
/*-- compress.c --*/ /*-- compress.c --*/
void push_compress_filter(iobuf_t out,compress_filter_context_t *zfx,int algo); gpg_error_t push_compress_filter (iobuf_t out, compress_filter_context_t *zfx,
void push_compress_filter2(iobuf_t out,compress_filter_context_t *zfx, int algo);
int algo,int rel); gpg_error_t push_compress_filter2 (iobuf_t out,compress_filter_context_t *zfx,
int algo, int rel);
/*-- cipher.c --*/ /*-- cipher.c --*/
int cipher_filter_cfb (void *opaque, int control, int cipher_filter_cfb (void *opaque, int control,

21
g10/getkey.c
View File

@ -4136,15 +4136,20 @@ get_seckey_default_or_card (ctrl_t ctrl, PKT_public_key *pk,
*********************************************/ *********************************************/
/* Return a string with a printable representation of the user_id. /* Return a string with a printable representation of the user_id.
* this string must be freed by xfree. */ * this string must be freed by xfree. If R_NOUID is not NULL it is
* set to true if a user id was not found; otherwise to false. */
static char * static char *
get_user_id_string (ctrl_t ctrl, u32 * keyid, int mode, size_t *r_len) get_user_id_string (ctrl_t ctrl, u32 * keyid, int mode, size_t *r_len,
int *r_nouid)
{ {
user_id_db_t r; user_id_db_t r;
keyid_list_t a; keyid_list_t a;
int pass = 0; int pass = 0;
char *p; char *p;
if (r_nouid)
*r_nouid = 0;
/* Try it two times; second pass reads from the database. */ /* Try it two times; second pass reads from the database. */
do do
{ {
@ -4191,6 +4196,8 @@ get_user_id_string (ctrl_t ctrl, u32 * keyid, int mode, size_t *r_len)
else else
p = xasprintf ("%s [?]", keystr (keyid)); p = xasprintf ("%s [?]", keystr (keyid));
if (r_nouid)
*r_nouid = 1;
if (r_len) if (r_len)
*r_len = strlen (p); *r_len = strlen (p);
return p; return p;
@ -4200,7 +4207,7 @@ get_user_id_string (ctrl_t ctrl, u32 * keyid, int mode, size_t *r_len)
char * char *
get_user_id_string_native (ctrl_t ctrl, u32 * keyid) get_user_id_string_native (ctrl_t ctrl, u32 * keyid)
{ {
char *p = get_user_id_string (ctrl, keyid, 0, NULL); char *p = get_user_id_string (ctrl, keyid, 0, NULL, NULL);
char *p2 = utf8_to_native (p, strlen (p), 0); char *p2 = utf8_to_native (p, strlen (p), 0);
xfree (p); xfree (p);
return p2; return p2;
@ -4210,15 +4217,15 @@ get_user_id_string_native (ctrl_t ctrl, u32 * keyid)
char * char *
get_long_user_id_string (ctrl_t ctrl, u32 * keyid) get_long_user_id_string (ctrl_t ctrl, u32 * keyid)
{ {
return get_user_id_string (ctrl, keyid, 1, NULL); return get_user_id_string (ctrl, keyid, 1, NULL, NULL);
} }
/* Please try to use get_user_byfpr instead of this one. */ /* Please try to use get_user_byfpr instead of this one. */
char * char *
get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn) get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn, int *r_nouid)
{ {
return get_user_id_string (ctrl, keyid, 2, rn); return get_user_id_string (ctrl, keyid, 2, rn, r_nouid);
} }
@ -4227,7 +4234,7 @@ char *
get_user_id_native (ctrl_t ctrl, u32 *keyid) get_user_id_native (ctrl_t ctrl, u32 *keyid)
{ {
size_t rn; size_t rn;
char *p = get_user_id (ctrl, keyid, &rn); char *p = get_user_id (ctrl, keyid, &rn, NULL);
char *p2 = utf8_to_native (p, rn, 0); char *p2 = utf8_to_native (p, rn, 0);
xfree (p); xfree (p);
return p2; return p2;

5
g10/gpg.c
View File

@ -429,6 +429,7 @@ enum cmd_and_opt_values
oSender, oSender,
oKeyOrigin, oKeyOrigin,
oRequestOrigin, oRequestOrigin,
oNoSymkeyCache,
oNoop oNoop
}; };
@ -902,6 +903,7 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_s (oAutoKeyLocate, "auto-key-locate", "@"), ARGPARSE_s_s (oAutoKeyLocate, "auto-key-locate", "@"),
ARGPARSE_s_n (oNoAutoKeyLocate, "no-auto-key-locate", "@"), ARGPARSE_s_n (oNoAutoKeyLocate, "no-auto-key-locate", "@"),
ARGPARSE_s_n (oNoAutostart, "no-autostart", "@"), ARGPARSE_s_n (oNoAutostart, "no-autostart", "@"),
ARGPARSE_s_n (oNoSymkeyCache, "no-symkey-cache", "@"),
/* Dummy options with warnings. */ /* Dummy options with warnings. */
ARGPARSE_s_n (oUseAgent, "use-agent", "@"), ARGPARSE_s_n (oUseAgent, "use-agent", "@"),
@ -3624,6 +3626,7 @@ main (int argc, char **argv)
break; break;
case oNoAutostart: opt.autostart = 0; break; case oNoAutostart: opt.autostart = 0; break;
case oNoSymkeyCache: opt.no_symkey_cache = 1; break;
case oDefaultNewKeyAlgo: case oDefaultNewKeyAlgo:
opt.def_new_key_algo = pargs.r.ret_str; opt.def_new_key_algo = pargs.r.ret_str;
@ -5214,7 +5217,7 @@ g10_exit( int rc )
/* If we had an error but not printed an error message, do it now. /* If we had an error but not printed an error message, do it now.
* Note that write_status_failure will never print a second failure * Note that write_status_failure will never print a second failure
* status line. */ * status line. */
if (log_get_errorcount (0)) if (rc)
write_status_failure ("gpg-exit", gpg_error (GPG_ERR_GENERAL)); write_status_failure ("gpg-exit", gpg_error (GPG_ERR_GENERAL));
gcry_control (GCRYCTL_UPDATE_RANDOM_SEED_FILE); gcry_control (GCRYCTL_UPDATE_RANDOM_SEED_FILE);

6
g10/import.c
View File

@ -767,7 +767,7 @@ valid_keyblock_packet (int pkttype)
* Meta data (ring trust packets) are only considered of WITH_META is set. * Meta data (ring trust packets) are only considered of WITH_META is set.
* PENDING_PKT should be initialized to NULL and not changed by the caller. * PENDING_PKT should be initialized to NULL and not changed by the caller.
* Return: 0 = okay, -1 no more blocks or another errorcode. * Return: 0 = okay, -1 no more blocks or another errorcode.
* The int at at R_V3KEY counts the number of unsupported v3 * The int at R_V3KEY counts the number of unsupported v3
* keyblocks. * keyblocks.
*/ */
static int static int
@ -856,7 +856,9 @@ read_block( IOBUF a, int with_meta,
{ {
compress_filter_context_t *cfx = xmalloc_clear( sizeof *cfx ); compress_filter_context_t *cfx = xmalloc_clear( sizeof *cfx );
pkt->pkt.compressed->buf = NULL; pkt->pkt.compressed->buf = NULL;
push_compress_filter2(a,cfx,pkt->pkt.compressed->algorithm,1); if (push_compress_filter2 (a, cfx,
pkt->pkt.compressed->algorithm, 1))
xfree (cfx); /* e.g. in case of compression_algo NONE. */
} }
free_packet (pkt, &parsectx); free_packet (pkt, &parsectx);
init_packet(pkt); init_packet(pkt);

8
g10/keydb.h
View File

@ -405,10 +405,10 @@ void setup_main_keyids (kbnode_t keyblock);
data structures. */ data structures. */
void merge_keys_and_selfsig (ctrl_t ctrl, kbnode_t keyblock); void merge_keys_and_selfsig (ctrl_t ctrl, kbnode_t keyblock);
char*get_user_id_string_native (ctrl_t ctrl, u32 *keyid); char *get_user_id_string_native (ctrl_t ctrl, u32 *keyid);
char*get_long_user_id_string (ctrl_t ctrl, u32 *keyid); char *get_long_user_id_string (ctrl_t ctrl, u32 *keyid);
char*get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn); char *get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn, int *r_nouid);
char*get_user_id_native (ctrl_t ctrl, u32 *keyid); char *get_user_id_native (ctrl_t ctrl, u32 *keyid);
char *get_user_id_byfpr (ctrl_t ctrl, const byte *fpr, size_t *rn); char *get_user_id_byfpr (ctrl_t ctrl, const byte *fpr, size_t *rn);
char *get_user_id_byfpr_native (ctrl_t ctrl, const byte *fpr); char *get_user_id_byfpr_native (ctrl_t ctrl, const byte *fpr);

2
g10/keyedit.c
View File

@ -264,7 +264,7 @@ keyedit_print_one_sig (ctrl_t ctrl, estream_t fp,
else else
{ {
size_t n; size_t n;
char *p = get_user_id (ctrl, sig->keyid, &n); char *p = get_user_id (ctrl, sig->keyid, &n, NULL);
tty_print_utf8_string2 (fp, p, n, tty_print_utf8_string2 (fp, p, n,
opt.screen_columns - keystrlen () - 26 - opt.screen_columns - keystrlen () - 26 -
((opt. ((opt.

15
g10/keylist.c
View File

@ -1182,7 +1182,7 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr,
else if (!opt.fast_list_mode) else if (!opt.fast_list_mode)
{ {
size_t n; size_t n;
char *p = get_user_id (ctrl, sig->keyid, &n); char *p = get_user_id (ctrl, sig->keyid, &n, NULL);
print_utf8_buffer (es_stdout, p, n); print_utf8_buffer (es_stdout, p, n);
xfree (p); xfree (p);
} }
@ -1553,6 +1553,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
byte fparray[MAX_FINGERPRINT_LEN]; byte fparray[MAX_FINGERPRINT_LEN];
char *siguid; char *siguid;
size_t siguidlen; size_t siguidlen;
char *issuer_fpr = NULL;
if (sig->sig_class == 0x20 || sig->sig_class == 0x28 if (sig->sig_class == 0x20 || sig->sig_class == 0x28
|| sig->sig_class == 0x30) || sig->sig_class == 0x30)
@ -1610,11 +1611,16 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
else else
{ {
rc = 0; rc = 0;
sigrc = ' '; sigrc = ' '; /* Note the fix-up below in --list-sigs mode. */
} }
if (sigrc != '%' && sigrc != '?' && !opt.fast_list_mode) if (sigrc != '%' && sigrc != '?' && !opt.fast_list_mode)
siguid = get_user_id (ctrl, sig->keyid, &siguidlen); {
int nouid;
siguid = get_user_id (ctrl, sig->keyid, &siguidlen, &nouid);
if (!opt.check_sigs && nouid)
sigrc = '?'; /* No key in local keyring. */
}
else else
{ {
siguid = NULL; siguid = NULL;
@ -1653,6 +1659,8 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
for (i = 0; i < fplen; i++) for (i = 0; i < fplen; i++)
es_fprintf (es_stdout, "%02X", fparray[i]); es_fprintf (es_stdout, "%02X", fparray[i]);
} }
else if ((issuer_fpr = issuer_fpr_string (sig)))
es_fputs (issuer_fpr, es_stdout);
es_fprintf (es_stdout, ":::%d:\n", sig->digest_algo); es_fprintf (es_stdout, ":::%d:\n", sig->digest_algo);
@ -1661,6 +1669,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
/* fixme: check or list other sigs here */ /* fixme: check or list other sigs here */
xfree (siguid); xfree (siguid);
xfree (issuer_fpr);
} }
} }

63
g10/mainproc.c
View File

@ -1307,7 +1307,7 @@ list_node (CTX c, kbnode_t node)
} }
else if (!opt.fast_list_mode) else if (!opt.fast_list_mode)
{ {
p = get_user_id (c->ctrl, sig->keyid, &n); p = get_user_id (c->ctrl, sig->keyid, &n, NULL);
es_write_sanitized (es_stdout, p, n, es_write_sanitized (es_stdout, p, n,
opt.with_colons?":":NULL, NULL ); opt.with_colons?":":NULL, NULL );
xfree (p); xfree (p);
@ -1710,21 +1710,40 @@ akl_has_wkd_method (void)
} }
/* Return the ISSUER fingerprint string in human readbale format if /* Return the ISSUER fingerprint buffer and its lenbgth at R_LEN.
* available. Caller must release the string. */ * Returns NULL if not available. The returned buffer is valid as
static char * * long as SIG is not modified. */
issuer_fpr_string (PKT_signature *sig) static const byte *
issuer_fpr_raw (PKT_signature *sig, size_t *r_len)
{ {
const byte *p; const byte *p;
size_t n; size_t n;
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_ISSUER_FPR, &n); p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_ISSUER_FPR, &n);
if (p && n == 21 && p[0] == 4) if (p && n == 21 && p[0] == 4)
return bin2hex (p+1, n-1, NULL); {
*r_len = n - 1;
return p+1;
}
*r_len = 0;
return NULL; return NULL;
} }
/* Return the ISSUER fingerprint string in human readbale format if
* available. Caller must release the string. */
/* FIXME: Move to another file. */
char *
issuer_fpr_string (PKT_signature *sig)
{
const byte *p;
size_t n;
p = issuer_fpr_raw (sig, &n);
return p? bin2hex (p, n, NULL) : NULL;
}
static void static void
print_good_bad_signature (int statno, const char *keyid_str, kbnode_t un, print_good_bad_signature (int statno, const char *keyid_str, kbnode_t un,
PKT_signature *sig, int rc) PKT_signature *sig, int rc)
@ -1761,7 +1780,7 @@ check_sig_and_print (CTX c, kbnode_t node)
int rc; int rc;
int is_expkey = 0; int is_expkey = 0;
int is_revkey = 0; int is_revkey = 0;
char *issuer_fpr; char *issuer_fpr = NULL;
PKT_public_key *pk = NULL; /* The public key for the signature or NULL. */ PKT_public_key *pk = NULL; /* The public key for the signature or NULL. */
int tried_ks_by_fpr; int tried_ks_by_fpr;
@ -1888,13 +1907,14 @@ check_sig_and_print (CTX c, kbnode_t node)
write_status_text (STATUS_NEWSIG, NULL); write_status_text (STATUS_NEWSIG, NULL);
astr = openpgp_pk_algo_name ( sig->pubkey_algo ); astr = openpgp_pk_algo_name ( sig->pubkey_algo );
if ((issuer_fpr = issuer_fpr_string (sig))) issuer_fpr = issuer_fpr_string (sig);
if (issuer_fpr)
{ {
log_info (_("Signature made %s\n"), asctimestamp(sig->timestamp)); log_info (_("Signature made %s\n"), asctimestamp(sig->timestamp));
log_info (_(" using %s key %s\n"), log_info (_(" using %s key %s\n"),
astr? astr: "?", issuer_fpr); astr? astr: "?", issuer_fpr);
xfree (issuer_fpr);
} }
else if (!keystrlen () || keystrlen () > 8) else if (!keystrlen () || keystrlen () > 8)
{ {
@ -2001,14 +2021,14 @@ check_sig_and_print (CTX c, kbnode_t node)
const byte *p; const byte *p;
size_t n; size_t n;
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_ISSUER_FPR, &n); p = issuer_fpr_raw (sig, &n);
if (p && n == 21 && p[0] == 4) if (p)
{ {
/* v4 packet with a SHA-1 fingerprint. */ /* v4 packet with a SHA-1 fingerprint. */
free_public_key (pk); free_public_key (pk);
pk = NULL; pk = NULL;
glo_ctrl.in_auto_key_retrieve++; glo_ctrl.in_auto_key_retrieve++;
res = keyserver_import_fprint (c->ctrl, p+1, n-1, opt.keyserver, 1); res = keyserver_import_fprint (c->ctrl, p, n, opt.keyserver, 1);
tried_ks_by_fpr = 1; tried_ks_by_fpr = 1;
glo_ctrl.in_auto_key_retrieve--; glo_ctrl.in_auto_key_retrieve--;
if (!res) if (!res)
@ -2375,22 +2395,23 @@ check_sig_and_print (CTX c, kbnode_t node)
} }
else else
{ {
char buf[50]; write_status_printf (STATUS_ERRSIG, "%08lX%08lX %d %d %02x %lu %d %s",
(ulong)sig->keyid[0], (ulong)sig->keyid[1],
snprintf (buf, sizeof buf, "%08lX%08lX %d %d %02x %lu %d", sig->pubkey_algo, sig->digest_algo,
(ulong)sig->keyid[0], (ulong)sig->keyid[1], sig->sig_class, (ulong)sig->timestamp,
sig->pubkey_algo, sig->digest_algo, gpg_err_code (rc),
sig->sig_class, (ulong)sig->timestamp, gpg_err_code (rc)); issuer_fpr? issuer_fpr:"-");
write_status_text (STATUS_ERRSIG, buf);
if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY) if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY)
{ {
buf[16] = 0; write_status_printf (STATUS_NO_PUBKEY, "%08lX%08lX",
write_status_text (STATUS_NO_PUBKEY, buf); (ulong)sig->keyid[0], (ulong)sig->keyid[1]);
} }
if (gpg_err_code (rc) != GPG_ERR_NOT_PROCESSED) if (gpg_err_code (rc) != GPG_ERR_NOT_PROCESSED)
log_error (_("Can't check signature: %s\n"), gpg_strerror (rc)); log_error (_("Can't check signature: %s\n"), gpg_strerror (rc));
} }
free_public_key (pk);
xfree (issuer_fpr);
return rc; return rc;
} }

4
g10/options.h
View File

@ -249,7 +249,7 @@ struct
unsigned int allow_weak_digest_algos:1; unsigned int allow_weak_digest_algos:1;
unsigned int large_rsa:1; unsigned int large_rsa:1;
unsigned int disable_signer_uid:1; unsigned int disable_signer_uid:1;
/* Flag to enbale experimental features from RFC4880bis. */ /* Flag to enable experimental features from RFC4880bis. */
unsigned int rfc4880bis:1; unsigned int rfc4880bis:1;
} flags; } flags;
@ -282,6 +282,8 @@ struct
int unwrap_encryption; int unwrap_encryption;
int only_sign_text_ids; int only_sign_text_ids;
int no_symkey_cache; /* Disable the cache used for --symmetric. */
} opt; } opt;
/* CTRL is used to keep some global variables we currently can't /* CTRL is used to keep some global variables we currently can't

2
g10/packet.h
View File

@ -620,6 +620,8 @@ int proc_signature_packets_by_fd (ctrl_t ctrl,
int proc_encryption_packets (ctrl_t ctrl, void *ctx, iobuf_t a); int proc_encryption_packets (ctrl_t ctrl, void *ctx, iobuf_t a);
int list_packets( iobuf_t a ); int list_packets( iobuf_t a );
char *issuer_fpr_string (PKT_signature *sig);
/*-- parse-packet.c --*/ /*-- parse-packet.c --*/
/* Sets the packet list mode to MODE (i.e., whether we are dumping a /* Sets the packet list mode to MODE (i.e., whether we are dumping a

5
g10/passphrase.c
View File

@ -317,6 +317,9 @@ passphrase_to_dek (int cipher_algo, STRING2KEY *s2k,
canceled = &dummy_canceled; canceled = &dummy_canceled;
*canceled = 0; *canceled = 0;
if (opt.no_symkey_cache)
nocache = 1; /* Force no symmtric key caching. */
if ( !s2k ) if ( !s2k )
{ {
log_assert (create && !nocache); log_assert (create && !nocache);
@ -485,7 +488,7 @@ gpg_format_keydesc (ctrl_t ctrl, PKT_public_key *pk, int mode, int escaped)
&& pk->keyid[1] != pk->main_keyid[1]); && pk->keyid[1] != pk->main_keyid[1]);
algo_name = openpgp_pk_algo_name (pk->pubkey_algo); algo_name = openpgp_pk_algo_name (pk->pubkey_algo);
timestr = strtimestamp (pk->timestamp); timestr = strtimestamp (pk->timestamp);
uid = get_user_id (ctrl, is_subkey? pk->main_keyid:pk->keyid, &uidlen); uid = get_user_id (ctrl, is_subkey? pk->main_keyid:pk->keyid, &uidlen, NULL);
orig_codeset = i18n_switchto_utf8 (); orig_codeset = i18n_switchto_utf8 ();

2
g10/pkclist.c
View File

@ -1149,7 +1149,7 @@ build_pk_list (ctrl_t ctrl, strlist_t rcpts, PK_LIST *ret_pk_list)
else else
{ {
size_t n; size_t n;
char *p = get_user_id (ctrl, keyid, &n ); char *p = get_user_id (ctrl, keyid, &n, NULL);
tty_print_utf8_string ( p, n ); tty_print_utf8_string ( p, n );
xfree(p); xfree(p);
} }

2
g10/revoke.c
View File

@ -571,7 +571,7 @@ gen_standard_revoke (ctrl_t ctrl, PKT_public_key *psk, const char *cache_nonce)
kl = opt.keyid_format == KF_NONE? 0 : keystrlen (); kl = opt.keyid_format == KF_NONE? 0 : keystrlen ();
tmpstr = get_user_id (ctrl, keyid, &len); tmpstr = get_user_id (ctrl, keyid, &len, NULL);
es_fprintf (memfp, "uid%*s%.*s\n\n", es_fprintf (memfp, "uid%*s%.*s\n\n",
kl + 10, "", kl + 10, "",
(int)len, tmpstr); (int)len, tmpstr);

53
po/ca.po
View File

@ -7988,33 +7988,18 @@ msgstr "no s'ha pogut eliminar el bloc de claus: %s\n"
msgid "reader to file mapping table full - waiting\n" msgid "reader to file mapping table full - waiting\n"
msgstr "" msgstr ""
msgid "using \"http\" instead of \"https\"\n"
msgstr ""
#, c-format #, c-format
msgid "CRL access not possible due to disabled %s\n" msgid "CRL access not possible due to disabled %s\n"
msgstr "" msgstr ""
#, fuzzy, c-format
#| msgid "%s: error writing dir record: %s\n"
msgid "error initializing reader object: %s\n"
msgstr "%s: error en escriure el registre de directoris: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
msgid "too many redirections\n"
msgstr "hi ha massa preferències «%c»\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error retrieving '%s': %s\n" msgid "error retrieving '%s': %s\n"
msgstr "error en crear «%s»: %s\n" msgstr "error en crear «%s»: %s\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error retrieving '%s': http status %u\n" #| msgid "%s: error writing dir record: %s\n"
msgstr "error en la lectura de «%s»: %s\n" msgid "error initializing reader object: %s\n"
msgstr "%s: error en escriure el registre de directoris: %s\n"
#, fuzzy #, fuzzy
msgid "CRL access not possible due to Tor mode\n" msgid "CRL access not possible due to Tor mode\n"
@ -8475,10 +8460,6 @@ msgstr "error mentre s'escrivia l'anell «%s»: %s\n"
msgid "error reading log from ldap wrapper %d: %s\n" msgid "error reading log from ldap wrapper %d: %s\n"
msgstr "error en la lectura de «%s»: %s\n" msgstr "error en la lectura de «%s»: %s\n"
#, fuzzy, c-format
msgid "npth_select failed: %s - waiting 1s\n"
msgstr "ha fallat l'actualització de la clau secreta: %s\n"
#, c-format #, c-format
msgid "ldap wrapper %d ready" msgid "ldap wrapper %d ready"
msgstr "" msgstr ""
@ -8499,14 +8480,6 @@ msgstr "ha fallat l'actualització: %s\n"
msgid "ldap wrapper %d stalled - killing\n" msgid "ldap wrapper %d stalled - killing\n"
msgstr "" msgstr ""
#, c-format
msgid "error spawning ldap wrapper reaper thread: %s\n"
msgstr ""
#, fuzzy, c-format
msgid "reading from ldap wrapper %d failed: %s\n"
msgstr "no s'ha pogut eliminar el bloc de claus: %s\n"
#, c-format #, c-format
msgid "invalid char 0x%02x in host name - not added\n" msgid "invalid char 0x%02x in host name - not added\n"
msgstr "" msgstr ""
@ -8574,6 +8547,14 @@ msgstr "error mentre s'escrivia l'anell «%s»: %s\n"
msgid "error reading HTTP response for '%s': %s\n" msgid "error reading HTTP response for '%s': %s\n"
msgstr "error en la lectura de «%s»: %s\n" msgstr "error en la lectura de «%s»: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
msgid "too many redirections\n"
msgstr "hi ha massa preferències «%c»\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error parsing OCSP response for '%s': %s\n" msgid "error parsing OCSP response for '%s': %s\n"
msgstr "error mentre s'enviava a «%s»: %s\n" msgstr "error mentre s'enviava a «%s»: %s\n"
@ -9191,6 +9172,18 @@ msgid ""
"Check a passphrase given on stdin against the patternfile\n" "Check a passphrase given on stdin against the patternfile\n"
msgstr "" msgstr ""
#, fuzzy
#~ msgid "error retrieving '%s': http status %u\n"
#~ msgstr "error en la lectura de «%s»: %s\n"
#, fuzzy
#~ msgid "npth_select failed: %s - waiting 1s\n"
#~ msgstr "ha fallat l'actualització de la clau secreta: %s\n"
#, fuzzy
#~ msgid "reading from ldap wrapper %d failed: %s\n"
#~ msgstr "no s'ha pogut eliminar el bloc de claus: %s\n"
#, fuzzy #, fuzzy
#~ msgid "What keysize do you want for the Signature key? (%u) " #~ msgid "What keysize do you want for the Signature key? (%u) "
#~ msgstr "Quina grandària voleu? (1024) " #~ msgstr "Quina grandària voleu? (1024) "

52
po/cs.po
View File

@ -7487,32 +7487,18 @@ msgstr "volání crl_cache_insert přes vydavatele selhalo: %s\n"
msgid "reader to file mapping table full - waiting\n" msgid "reader to file mapping table full - waiting\n"
msgstr "tabulka mapování čtenáře na soubor je plná  čeká se\n" msgstr "tabulka mapování čtenáře na soubor je plná  čeká se\n"
msgid "using \"http\" instead of \"https\"\n"
msgstr "namísto „https“ se použije „http“\n"
# Poslední argument je název protokolu # Poslední argument je název protokolu
#, c-format #, c-format
msgid "CRL access not possible due to disabled %s\n" msgid "CRL access not possible due to disabled %s\n"
msgstr "Přístup k CRL není možný kvůli vypnutému %s\n" msgstr "Přístup k CRL není možný kvůli vypnutému %s\n"
#, c-format
msgid "error initializing reader object: %s\n"
msgstr "chyba při inicializaci čtecího objektu: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr "URL „%s“ přesměrováno na „%s“ (%u)\n"
msgid "too many redirections\n"
msgstr "příliš mnoho přesměrování\n"
#, c-format #, c-format
msgid "error retrieving '%s': %s\n" msgid "error retrieving '%s': %s\n"
msgstr "chyba při získávání „%s“: %s\n" msgstr "chyba při získávání „%s“: %s\n"
#, c-format #, c-format
msgid "error retrieving '%s': http status %u\n" msgid "error initializing reader object: %s\n"
msgstr "chyba při získávání „%s“: status HTTP je %u\n" msgstr "chyba při inicializaci čtecího objektu: %s\n"
# Poslední argument je název protokolu # Poslední argument je název protokolu
msgid "CRL access not possible due to Tor mode\n" msgid "CRL access not possible due to Tor mode\n"
@ -7928,10 +7914,6 @@ msgstr "chyba při tisknutí řádku protokolu: %s\n"
msgid "error reading log from ldap wrapper %d: %s\n" msgid "error reading log from ldap wrapper %d: %s\n"
msgstr "chyba při čtení protokolu z ldapové obálky č.%d: %s\n" msgstr "chyba při čtení protokolu z ldapové obálky č.%d: %s\n"
#, c-format
msgid "npth_select failed: %s - waiting 1s\n"
msgstr "npth_select selhala: %s  čeká se 1s\n"
#, c-format #, c-format
msgid "ldap wrapper %d ready" msgid "ldap wrapper %d ready"
msgstr "ldapová obálka %d připravena" msgstr "ldapová obálka %d připravena"
@ -7952,14 +7934,6 @@ msgstr "čekání na ldapovou obálku %d selhalo: %s\n"
msgid "ldap wrapper %d stalled - killing\n" msgid "ldap wrapper %d stalled - killing\n"
msgstr "ldapová obálka %d se zasekla  bude zabita\n" msgstr "ldapová obálka %d se zasekla  bude zabita\n"
#, c-format
msgid "error spawning ldap wrapper reaper thread: %s\n"
msgstr "chyba při zakládání vlákna ovládajícího obálku LDAPu: %s\n"
#, c-format
msgid "reading from ldap wrapper %d failed: %s\n"
msgstr "čtení z ldapové obálky %d selhalo: %s\n"
#, c-format #, c-format
msgid "invalid char 0x%02x in host name - not added\n" msgid "invalid char 0x%02x in host name - not added\n"
msgstr "v názvu stroje je neplatný znak 0x%02x  nepřidáno\n" msgstr "v názvu stroje je neplatný znak 0x%02x  nepřidáno\n"
@ -8023,6 +7997,13 @@ msgstr "chyba při připojování na „%s“: %s\n"
msgid "error reading HTTP response for '%s': %s\n" msgid "error reading HTTP response for '%s': %s\n"
msgstr "chyba při čtení HTTP odpovědi od „%s“: %s\n" msgstr "chyba při čtení HTTP odpovědi od „%s“: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr "URL „%s“ přesměrováno na „%s“ (%u)\n"
msgid "too many redirections\n"
msgstr "příliš mnoho přesměrování\n"
#, c-format #, c-format
msgid "error parsing OCSP response for '%s': %s\n" msgid "error parsing OCSP response for '%s': %s\n"
msgstr "chyba při rozebírání OCSP odpovědi od „%s“: %s\n" msgstr "chyba při rozebírání OCSP odpovědi od „%s“: %s\n"
@ -8612,6 +8593,21 @@ msgstr ""
"Syntaxe: gpg-check-pattern [volby] soubor_se_vzorem\n" "Syntaxe: gpg-check-pattern [volby] soubor_se_vzorem\n"
"Prověří heslo zadané na vstupu proti souboru se vzory\n" "Prověří heslo zadané na vstupu proti souboru se vzory\n"
#~ msgid "using \"http\" instead of \"https\"\n"
#~ msgstr "namísto „https“ se použije „http“\n"
#~ msgid "error retrieving '%s': http status %u\n"
#~ msgstr "chyba při získávání „%s“: status HTTP je %u\n"
#~ msgid "npth_select failed: %s - waiting 1s\n"
#~ msgstr "npth_select selhala: %s  čeká se 1s\n"
#~ msgid "error spawning ldap wrapper reaper thread: %s\n"
#~ msgstr "chyba při zakládání vlákna ovládajícího obálku LDAPu: %s\n"
#~ msgid "reading from ldap wrapper %d failed: %s\n"
#~ msgstr "čtení z ldapové obálky %d selhalo: %s\n"
#~ msgid "What keysize do you want for the Signature key? (%u) " #~ msgid "What keysize do you want for the Signature key? (%u) "
#~ msgstr "Jakou délku klíče pro podepisování si přejete? (%u) " #~ msgstr "Jakou délku klíče pro podepisování si přejete? (%u) "

61
po/da.po
View File

@ -7946,36 +7946,19 @@ msgstr "modtagelse af linje mislykkedes: %s\n"
msgid "reader to file mapping table full - waiting\n" msgid "reader to file mapping table full - waiting\n"
msgstr "" msgstr ""
msgid "using \"http\" instead of \"https\"\n"
msgstr ""
#, c-format #, c-format
msgid "CRL access not possible due to disabled %s\n" msgid "CRL access not possible due to disabled %s\n"
msgstr "" msgstr ""
#, fuzzy, c-format
#| msgid "%s: error writing dir record: %s\n"
msgid "error initializing reader object: %s\n"
msgstr "%s: fejl ved skrivning af mappepost: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
#| msgid "too many cipher preferences\n"
msgid "too many redirections\n"
msgstr "for mange chifferpræferencer\n"
#, fuzzy, c-format #, fuzzy, c-format
#| msgid "error retrieving `%s' via %s: %s\n" #| msgid "error retrieving `%s' via %s: %s\n"
msgid "error retrieving '%s': %s\n" msgid "error retrieving '%s': %s\n"
msgstr "fejl ved indhentelse af »%s« via %s: %s\n" msgstr "fejl ved indhentelse af »%s« via %s: %s\n"
#, fuzzy, c-format #, fuzzy, c-format
#| msgid "error running `%s': exit status %d\n" #| msgid "%s: error writing dir record: %s\n"
msgid "error retrieving '%s': http status %u\n" msgid "error initializing reader object: %s\n"
msgstr "fejl ved kørsel af »%s«: afslutningsstatus %d\n" msgstr "%s: fejl ved skrivning af mappepost: %s\n"
#, fuzzy #, fuzzy
#| msgid "certificate `%s' not found: %s\n" #| msgid "certificate `%s' not found: %s\n"
@ -8476,11 +8459,6 @@ msgstr "fejl ved skrivning til »%s«: %s\n"
msgid "error reading log from ldap wrapper %d: %s\n" msgid "error reading log from ldap wrapper %d: %s\n"
msgstr "fejl ved læsning fra %s: %s\n" msgstr "fejl ved læsning fra %s: %s\n"
#, fuzzy, c-format
#| msgid "pth_select failed: %s - waiting 1s\n"
msgid "npth_select failed: %s - waiting 1s\n"
msgstr "pth_select mislykkeds: %s - venter 1s\n"
#, c-format #, c-format
msgid "ldap wrapper %d ready" msgid "ldap wrapper %d ready"
msgstr "" msgstr ""
@ -8502,15 +8480,6 @@ msgstr "ventning på at proces %d skulle terminere mislykkedes: %s\n"
msgid "ldap wrapper %d stalled - killing\n" msgid "ldap wrapper %d stalled - killing\n"
msgstr "" msgstr ""
#, c-format
msgid "error spawning ldap wrapper reaper thread: %s\n"
msgstr ""
#, fuzzy, c-format
#| msgid "reading public key failed: %s\n"
msgid "reading from ldap wrapper %d failed: %s\n"
msgstr "læsning af offentlig nøgle mislykkedes: %s\n"
#, c-format #, c-format
msgid "invalid char 0x%02x in host name - not added\n" msgid "invalid char 0x%02x in host name - not added\n"
msgstr "" msgstr ""
@ -8588,6 +8557,15 @@ msgstr "fejl ved skrivning til »%s«: %s\n"
msgid "error reading HTTP response for '%s': %s\n" msgid "error reading HTTP response for '%s': %s\n"
msgstr "fejl ved læsning fra %s: %s\n" msgstr "fejl ved læsning fra %s: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
#| msgid "too many cipher preferences\n"
msgid "too many redirections\n"
msgstr "for mange chifferpræferencer\n"
#, fuzzy, c-format #, fuzzy, c-format
#| msgid "error binding socket to `%s': %s\n" #| msgid "error binding socket to `%s': %s\n"
msgid "error parsing OCSP response for '%s': %s\n" msgid "error parsing OCSP response for '%s': %s\n"
@ -9259,6 +9237,21 @@ msgstr ""
"Syntaks: gpg-check-pattern [tilvalg] mønsterfil\n" "Syntaks: gpg-check-pattern [tilvalg] mønsterfil\n"
"Kontroller en adgangsfrase angivet på stdin mod mønsterfilen\n" "Kontroller en adgangsfrase angivet på stdin mod mønsterfilen\n"
#, fuzzy
#~| msgid "error running `%s': exit status %d\n"
#~ msgid "error retrieving '%s': http status %u\n"
#~ msgstr "fejl ved kørsel af »%s«: afslutningsstatus %d\n"
#, fuzzy
#~| msgid "pth_select failed: %s - waiting 1s\n"
#~ msgid "npth_select failed: %s - waiting 1s\n"
#~ msgstr "pth_select mislykkeds: %s - venter 1s\n"
#, fuzzy
#~| msgid "reading public key failed: %s\n"
#~ msgid "reading from ldap wrapper %d failed: %s\n"
#~ msgstr "læsning af offentlig nøgle mislykkedes: %s\n"
#~ msgid "What keysize do you want for the Signature key? (%u) " #~ msgid "What keysize do you want for the Signature key? (%u) "
#~ msgstr "Hvilken nøglestørrelse ønsker du for underskriftsnøglen (%u) " #~ msgstr "Hvilken nøglestørrelse ønsker du for underskriftsnøglen (%u) "

52
po/de.po
View File

@ -7653,31 +7653,17 @@ msgstr "crl_cache_insert über den Issuer fehlgeschlagen: %s\n"
msgid "reader to file mapping table full - waiting\n" msgid "reader to file mapping table full - waiting\n"
msgstr "\"reader to file\" Zuordnungstabelle ist voll - warte\n" msgstr "\"reader to file\" Zuordnungstabelle ist voll - warte\n"
msgid "using \"http\" instead of \"https\"\n"
msgstr "Es wird \"HTTP\" anstatt \"HTTPS\" verwendet\n"
#, c-format #, c-format
msgid "CRL access not possible due to disabled %s\n" msgid "CRL access not possible due to disabled %s\n"
msgstr "CRL Zugriff nicht möglich da %s abgeschaltet ist\n" msgstr "CRL Zugriff nicht möglich da %s abgeschaltet ist\n"
#, c-format
msgid "error initializing reader object: %s\n"
msgstr "Fehler beim Initialisieren des \"reader\" Objekts: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr "URL `%s' nach `%s' umgeleitet (%u)\n"
msgid "too many redirections\n"
msgstr "zu viele verschachtelte Umleitungen\n"
#, c-format #, c-format
msgid "error retrieving '%s': %s\n" msgid "error retrieving '%s': %s\n"
msgstr "Fehler beim Holen von `%s': %s\n" msgstr "Fehler beim Holen von `%s': %s\n"
#, c-format #, c-format
msgid "error retrieving '%s': http status %u\n" msgid "error initializing reader object: %s\n"
msgstr "Fehler beim Holen von `%s': HTTP Status %u\n" msgstr "Fehler beim Initialisieren des \"reader\" Objekts: %s\n"
msgid "CRL access not possible due to Tor mode\n" msgid "CRL access not possible due to Tor mode\n"
msgstr "CRL Zugriff ist im Tor Modus nicht möglich\n" msgstr "CRL Zugriff ist im Tor Modus nicht möglich\n"
@ -8096,10 +8082,6 @@ msgstr "Fehler beim Schreiben einer Logzeile: %s\n"
msgid "error reading log from ldap wrapper %d: %s\n" msgid "error reading log from ldap wrapper %d: %s\n"
msgstr "Fehler beim Lesen des Logs vom LDAP Wrapper %d: %s\n" msgstr "Fehler beim Lesen des Logs vom LDAP Wrapper %d: %s\n"
#, c-format
msgid "npth_select failed: %s - waiting 1s\n"
msgstr "npth_select()-Aufruf fehlgeschlagen: %s - warte 1s\n"
#, c-format #, c-format
msgid "ldap wrapper %d ready" msgid "ldap wrapper %d ready"
msgstr "LDAP Wrapper %d fertig" msgstr "LDAP Wrapper %d fertig"
@ -8120,14 +8102,6 @@ msgstr "Warten auf den LDAP Wrapper %d fehlgeschlagen: %s\n"
msgid "ldap wrapper %d stalled - killing\n" msgid "ldap wrapper %d stalled - killing\n"
msgstr "LDAP Wrapper %d versackt - abgeschossen\n" msgstr "LDAP Wrapper %d versackt - abgeschossen\n"
#, c-format
msgid "error spawning ldap wrapper reaper thread: %s\n"
msgstr "Fehler beim Starten des LDAP Wrapper Kontrollthreads: %s\n"
#, c-format
msgid "reading from ldap wrapper %d failed: %s\n"
msgstr "Lesen vom LDAP Wrapper %d fehlgeschlagen: %s\n"
#, c-format #, c-format
msgid "invalid char 0x%02x in host name - not added\n" msgid "invalid char 0x%02x in host name - not added\n"
msgstr "Ungültiges Zeichen 0x%02X im Hostnamen - nicht hinzugefügt\n" msgstr "Ungültiges Zeichen 0x%02X im Hostnamen - nicht hinzugefügt\n"
@ -8191,6 +8165,13 @@ msgstr "Fehler beim Verbinden mit '%s': %s\n"
msgid "error reading HTTP response for '%s': %s\n" msgid "error reading HTTP response for '%s': %s\n"
msgstr "Fehler beim Lesen der HTTP Antwort von `%s': %s\n" msgstr "Fehler beim Lesen der HTTP Antwort von `%s': %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr "URL `%s' nach `%s' umgeleitet (%u)\n"
msgid "too many redirections\n"
msgstr "zu viele verschachtelte Umleitungen\n"
#, c-format #, c-format
msgid "error parsing OCSP response for '%s': %s\n" msgid "error parsing OCSP response for '%s': %s\n"
msgstr "Fehler beim Zerlegen der OCSP Antwort für `%s': %s\n" msgstr "Fehler beim Zerlegen der OCSP Antwort für `%s': %s\n"
@ -8785,6 +8766,21 @@ msgstr ""
"Syntax: gpg-check-pattern [optionen] Musterdatei\n" "Syntax: gpg-check-pattern [optionen] Musterdatei\n"
"Die von stdin gelesene Passphrase gegen die Musterdatei prüfen\n" "Die von stdin gelesene Passphrase gegen die Musterdatei prüfen\n"
#~ msgid "using \"http\" instead of \"https\"\n"
#~ msgstr "Es wird \"HTTP\" anstatt \"HTTPS\" verwendet\n"
#~ msgid "error retrieving '%s': http status %u\n"
#~ msgstr "Fehler beim Holen von `%s': HTTP Status %u\n"
#~ msgid "npth_select failed: %s - waiting 1s\n"
#~ msgstr "npth_select()-Aufruf fehlgeschlagen: %s - warte 1s\n"
#~ msgid "error spawning ldap wrapper reaper thread: %s\n"
#~ msgstr "Fehler beim Starten des LDAP Wrapper Kontrollthreads: %s\n"
#~ msgid "reading from ldap wrapper %d failed: %s\n"
#~ msgstr "Lesen vom LDAP Wrapper %d fehlgeschlagen: %s\n"
#~ msgid "What keysize do you want for the Signature key? (%u) " #~ msgid "What keysize do you want for the Signature key? (%u) "
#~ msgstr "" #~ msgstr ""
#~ "Welche Schlüssellänge wünschen Sie für den Signatur-Schlüssel? (%u) " #~ "Welche Schlüssellänge wünschen Sie für den Signatur-Schlüssel? (%u) "

53
po/el.po
View File

@ -7827,33 +7827,18 @@ msgstr "διαγραφή block κλειδιών απέτυχε: %s\n"
msgid "reader to file mapping table full - waiting\n" msgid "reader to file mapping table full - waiting\n"
msgstr "" msgstr ""
msgid "using \"http\" instead of \"https\"\n"
msgstr ""
#, c-format #, c-format
msgid "CRL access not possible due to disabled %s\n" msgid "CRL access not possible due to disabled %s\n"
msgstr "" msgstr ""
#, fuzzy, c-format
#| msgid "%s: error writing dir record: %s\n"
msgid "error initializing reader object: %s\n"
msgstr "%s: σφάλμα στην εγγραφή της εγγραφής dir : %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
msgid "too many redirections\n"
msgstr "πάρα πολλές `%c' προεπιλογές\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error retrieving '%s': %s\n" msgid "error retrieving '%s': %s\n"
msgstr "σφάλμα κατά τη δημιουργία του `%s': %s\n" msgstr "σφάλμα κατά τη δημιουργία του `%s': %s\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error retrieving '%s': http status %u\n" #| msgid "%s: error writing dir record: %s\n"
msgstr "σφάλμα κατά την ανάγνωση του `%s': %s\n" msgid "error initializing reader object: %s\n"
msgstr "%s: σφάλμα στην εγγραφή της εγγραφής dir : %s\n"
#, fuzzy #, fuzzy
msgid "CRL access not possible due to Tor mode\n" msgid "CRL access not possible due to Tor mode\n"
@ -8301,10 +8286,6 @@ msgstr "αδυναμία εγγραφής της κλειδοθήκης `%s': %s
msgid "error reading log from ldap wrapper %d: %s\n" msgid "error reading log from ldap wrapper %d: %s\n"
msgstr "σφάλμα κατά την ανάγνωση του `%s': %s\n" msgstr "σφάλμα κατά την ανάγνωση του `%s': %s\n"
#, fuzzy, c-format
msgid "npth_select failed: %s - waiting 1s\n"
msgstr "η ενημέρωση μυστικού απέτυχε: %s\n"
#, c-format #, c-format
msgid "ldap wrapper %d ready" msgid "ldap wrapper %d ready"
msgstr "" msgstr ""
@ -8325,14 +8306,6 @@ msgstr "η ενημέρωση απέτυχε: %s\n"
msgid "ldap wrapper %d stalled - killing\n" msgid "ldap wrapper %d stalled - killing\n"
msgstr "" msgstr ""
#, c-format
msgid "error spawning ldap wrapper reaper thread: %s\n"
msgstr ""
#, fuzzy, c-format
msgid "reading from ldap wrapper %d failed: %s\n"
msgstr "διαγραφή block κλειδιών απέτυχε: %s\n"
#, c-format #, c-format
msgid "invalid char 0x%02x in host name - not added\n" msgid "invalid char 0x%02x in host name - not added\n"
msgstr "" msgstr ""
@ -8400,6 +8373,14 @@ msgstr "αδυναμία εγγραφής της κλειδοθήκης `%s': %s
msgid "error reading HTTP response for '%s': %s\n" msgid "error reading HTTP response for '%s': %s\n"
msgstr "σφάλμα κατά την ανάγνωση του `%s': %s\n" msgstr "σφάλμα κατά την ανάγνωση του `%s': %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
msgid "too many redirections\n"
msgstr "πάρα πολλές `%c' προεπιλογές\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error parsing OCSP response for '%s': %s\n" msgid "error parsing OCSP response for '%s': %s\n"
msgstr "σφάλμα στη αποστολή προς το `%s': %s\n" msgstr "σφάλμα στη αποστολή προς το `%s': %s\n"
@ -9017,6 +8998,18 @@ msgid ""
"Check a passphrase given on stdin against the patternfile\n" "Check a passphrase given on stdin against the patternfile\n"
msgstr "" msgstr ""
#, fuzzy
#~ msgid "error retrieving '%s': http status %u\n"
#~ msgstr "σφάλμα κατά την ανάγνωση του `%s': %s\n"
#, fuzzy
#~ msgid "npth_select failed: %s - waiting 1s\n"
#~ msgstr "η ενημέρωση μυστικού απέτυχε: %s\n"
#, fuzzy
#~ msgid "reading from ldap wrapper %d failed: %s\n"
#~ msgstr "διαγραφή block κλειδιών απέτυχε: %s\n"
#, fuzzy #, fuzzy
#~ msgid "What keysize do you want for the Signature key? (%u) " #~ msgid "What keysize do you want for the Signature key? (%u) "
#~ msgstr "Τι μέγεθος κλειδιού θα θέλατε; (1024) " #~ msgstr "Τι μέγεθος κλειδιού θα θέλατε; (1024) "

53
po/eo.po
View File

@ -7770,33 +7770,18 @@ msgstr "forviŝo de ŝlosilbloko malsukcesis: %s\n"
msgid "reader to file mapping table full - waiting\n" msgid "reader to file mapping table full - waiting\n"
msgstr "" msgstr ""
msgid "using \"http\" instead of \"https\"\n"
msgstr ""
#, c-format #, c-format
msgid "CRL access not possible due to disabled %s\n" msgid "CRL access not possible due to disabled %s\n"
msgstr "" msgstr ""
#, fuzzy, c-format
#| msgid "%s: error writing dir record: %s\n"
msgid "error initializing reader object: %s\n"
msgstr "%s: eraro dum skribo de dosieruja registro: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
msgid "too many redirections\n"
msgstr "tro da '%c'-preferoj\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error retrieving '%s': %s\n" msgid "error retrieving '%s': %s\n"
msgstr "eraro dum kreado de '%s': %s\n" msgstr "eraro dum kreado de '%s': %s\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error retrieving '%s': http status %u\n" #| msgid "%s: error writing dir record: %s\n"
msgstr "eraro dum legado de '%s': %s\n" msgid "error initializing reader object: %s\n"
msgstr "%s: eraro dum skribo de dosieruja registro: %s\n"
#, fuzzy #, fuzzy
msgid "CRL access not possible due to Tor mode\n" msgid "CRL access not possible due to Tor mode\n"
@ -8243,10 +8228,6 @@ msgstr "eraro dum skribado de ŝlosilaro '%s': %s\n"
msgid "error reading log from ldap wrapper %d: %s\n" msgid "error reading log from ldap wrapper %d: %s\n"
msgstr "eraro dum legado de '%s': %s\n" msgstr "eraro dum legado de '%s': %s\n"
#, fuzzy, c-format
msgid "npth_select failed: %s - waiting 1s\n"
msgstr "aktualigo de sekreto malsukcesis: %s\n"
#, c-format #, c-format
msgid "ldap wrapper %d ready" msgid "ldap wrapper %d ready"
msgstr "" msgstr ""
@ -8267,14 +8248,6 @@ msgstr "aktualigo malsukcesis: %s\n"
msgid "ldap wrapper %d stalled - killing\n" msgid "ldap wrapper %d stalled - killing\n"
msgstr "" msgstr ""
#, c-format
msgid "error spawning ldap wrapper reaper thread: %s\n"
msgstr ""
#, fuzzy, c-format
msgid "reading from ldap wrapper %d failed: %s\n"
msgstr "forviŝo de ŝlosilbloko malsukcesis: %s\n"
#, c-format #, c-format
msgid "invalid char 0x%02x in host name - not added\n" msgid "invalid char 0x%02x in host name - not added\n"
msgstr "" msgstr ""
@ -8342,6 +8315,14 @@ msgstr "eraro dum skribado de ŝlosilaro '%s': %s\n"
msgid "error reading HTTP response for '%s': %s\n" msgid "error reading HTTP response for '%s': %s\n"
msgstr "eraro dum legado de '%s': %s\n" msgstr "eraro dum legado de '%s': %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
msgid "too many redirections\n"
msgstr "tro da '%c'-preferoj\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error parsing OCSP response for '%s': %s\n" msgid "error parsing OCSP response for '%s': %s\n"
msgstr "eraro dum sendo al '%s': %s\n" msgstr "eraro dum sendo al '%s': %s\n"
@ -8958,6 +8939,18 @@ msgid ""
"Check a passphrase given on stdin against the patternfile\n" "Check a passphrase given on stdin against the patternfile\n"
msgstr "" msgstr ""
#, fuzzy
#~ msgid "error retrieving '%s': http status %u\n"
#~ msgstr "eraro dum legado de '%s': %s\n"
#, fuzzy
#~ msgid "npth_select failed: %s - waiting 1s\n"
#~ msgstr "aktualigo de sekreto malsukcesis: %s\n"
#, fuzzy
#~ msgid "reading from ldap wrapper %d failed: %s\n"
#~ msgstr "forviŝo de ŝlosilbloko malsukcesis: %s\n"
#, fuzzy #, fuzzy
#~ msgid "What keysize do you want for the Signature key? (%u) " #~ msgid "What keysize do you want for the Signature key? (%u) "
#~ msgstr "Kiun ŝlosilgrandon vi deziras? (1024) " #~ msgstr "Kiun ŝlosilgrandon vi deziras? (1024) "

3643
po/es.po
View File

File diff suppressed because it is too large Load Diff

53
po/et.po
View File

@ -7743,33 +7743,18 @@ msgstr "võtmebloki kustutamine ebaõnnestus: %s\n"
msgid "reader to file mapping table full - waiting\n" msgid "reader to file mapping table full - waiting\n"
msgstr "" msgstr ""
msgid "using \"http\" instead of \"https\"\n"
msgstr ""
#, c-format #, c-format
msgid "CRL access not possible due to disabled %s\n" msgid "CRL access not possible due to disabled %s\n"
msgstr "" msgstr ""
#, fuzzy, c-format
#| msgid "%s: error writing dir record: %s\n"
msgid "error initializing reader object: %s\n"
msgstr "%s: viga kataloogikirje kirjutamisel: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
msgid "too many redirections\n"
msgstr "liiga palju `%c' eelistusi\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error retrieving '%s': %s\n" msgid "error retrieving '%s': %s\n"
msgstr "viga `%s' loomisel: %s\n" msgstr "viga `%s' loomisel: %s\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error retrieving '%s': http status %u\n" #| msgid "%s: error writing dir record: %s\n"
msgstr "viga `%s' lugemisel: %s\n" msgid "error initializing reader object: %s\n"
msgstr "%s: viga kataloogikirje kirjutamisel: %s\n"
#, fuzzy #, fuzzy
msgid "CRL access not possible due to Tor mode\n" msgid "CRL access not possible due to Tor mode\n"
@ -8217,10 +8202,6 @@ msgstr "viga võtmehoidlasse `%s' kirjutamisel: %s\n"
msgid "error reading log from ldap wrapper %d: %s\n" msgid "error reading log from ldap wrapper %d: %s\n"
msgstr "viga `%s' lugemisel: %s\n" msgstr "viga `%s' lugemisel: %s\n"
#, fuzzy, c-format
msgid "npth_select failed: %s - waiting 1s\n"
msgstr "salajase võtme uuendamine ebaõnnestus: %s\n"
#, c-format #, c-format
msgid "ldap wrapper %d ready" msgid "ldap wrapper %d ready"
msgstr "" msgstr ""
@ -8241,14 +8222,6 @@ msgstr "uuendamine ebaõnnestus: %s\n"
msgid "ldap wrapper %d stalled - killing\n" msgid "ldap wrapper %d stalled - killing\n"
msgstr "" msgstr ""
#, c-format
msgid "error spawning ldap wrapper reaper thread: %s\n"
msgstr ""
#, fuzzy, c-format
msgid "reading from ldap wrapper %d failed: %s\n"
msgstr "võtmebloki kustutamine ebaõnnestus: %s\n"
#, c-format #, c-format
msgid "invalid char 0x%02x in host name - not added\n" msgid "invalid char 0x%02x in host name - not added\n"
msgstr "" msgstr ""
@ -8316,6 +8289,14 @@ msgstr "viga võtmehoidlasse `%s' kirjutamisel: %s\n"
msgid "error reading HTTP response for '%s': %s\n" msgid "error reading HTTP response for '%s': %s\n"
msgstr "viga `%s' lugemisel: %s\n" msgstr "viga `%s' lugemisel: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
msgid "too many redirections\n"
msgstr "liiga palju `%c' eelistusi\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error parsing OCSP response for '%s': %s\n" msgid "error parsing OCSP response for '%s': %s\n"
msgstr "viga teate saatmisel serverile `%s': %s\n" msgstr "viga teate saatmisel serverile `%s': %s\n"
@ -8933,6 +8914,18 @@ msgid ""
"Check a passphrase given on stdin against the patternfile\n" "Check a passphrase given on stdin against the patternfile\n"
msgstr "" msgstr ""
#, fuzzy
#~ msgid "error retrieving '%s': http status %u\n"
#~ msgstr "viga `%s' lugemisel: %s\n"
#, fuzzy
#~ msgid "npth_select failed: %s - waiting 1s\n"
#~ msgstr "salajase võtme uuendamine ebaõnnestus: %s\n"
#, fuzzy
#~ msgid "reading from ldap wrapper %d failed: %s\n"
#~ msgstr "võtmebloki kustutamine ebaõnnestus: %s\n"
#, fuzzy #, fuzzy
#~ msgid "What keysize do you want for the Signature key? (%u) " #~ msgid "What keysize do you want for the Signature key? (%u) "
#~ msgstr "Millist võtmepikkust te soovite? (1024) " #~ msgstr "Millist võtmepikkust te soovite? (1024) "

53
po/fi.po
View File

@ -7804,33 +7804,18 @@ msgstr "avainlohkojen poisto epäonnistui: %s\n"
msgid "reader to file mapping table full - waiting\n" msgid "reader to file mapping table full - waiting\n"
msgstr "" msgstr ""
msgid "using \"http\" instead of \"https\"\n"
msgstr ""
#, c-format #, c-format
msgid "CRL access not possible due to disabled %s\n" msgid "CRL access not possible due to disabled %s\n"
msgstr "" msgstr ""
#, fuzzy, c-format
#| msgid "%s: error writing dir record: %s\n"
msgid "error initializing reader object: %s\n"
msgstr "%s: virhe kirjoitettaessa hakemistotietuetta: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
msgid "too many redirections\n"
msgstr "liian monta \"%c\" valintaa\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error retrieving '%s': %s\n" msgid "error retrieving '%s': %s\n"
msgstr "virhe luotaessa \"%s\": %s\n" msgstr "virhe luotaessa \"%s\": %s\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error retrieving '%s': http status %u\n" #| msgid "%s: error writing dir record: %s\n"
msgstr "virhe luettaessa tiedostoa \"%s\": %s\n" msgid "error initializing reader object: %s\n"
msgstr "%s: virhe kirjoitettaessa hakemistotietuetta: %s\n"
#, fuzzy #, fuzzy
msgid "CRL access not possible due to Tor mode\n" msgid "CRL access not possible due to Tor mode\n"
@ -8279,10 +8264,6 @@ msgstr "virhe kirjoitettaessa avainrenkaaseen \"%s\": %s\n"
msgid "error reading log from ldap wrapper %d: %s\n" msgid "error reading log from ldap wrapper %d: %s\n"
msgstr "virhe luettaessa tiedostoa \"%s\": %s\n" msgstr "virhe luettaessa tiedostoa \"%s\": %s\n"
#, fuzzy, c-format
msgid "npth_select failed: %s - waiting 1s\n"
msgstr "salaisen päivitys epäonnistui: %s\n"
#, c-format #, c-format
msgid "ldap wrapper %d ready" msgid "ldap wrapper %d ready"
msgstr "" msgstr ""
@ -8303,14 +8284,6 @@ msgstr "päivitys epäonnistui: %s\n"
msgid "ldap wrapper %d stalled - killing\n" msgid "ldap wrapper %d stalled - killing\n"
msgstr "" msgstr ""
#, c-format
msgid "error spawning ldap wrapper reaper thread: %s\n"
msgstr ""
#, fuzzy, c-format
msgid "reading from ldap wrapper %d failed: %s\n"
msgstr "avainlohkojen poisto epäonnistui: %s\n"
#, c-format #, c-format
msgid "invalid char 0x%02x in host name - not added\n" msgid "invalid char 0x%02x in host name - not added\n"
msgstr "" msgstr ""
@ -8378,6 +8351,14 @@ msgstr "virhe kirjoitettaessa avainrenkaaseen \"%s\": %s\n"
msgid "error reading HTTP response for '%s': %s\n" msgid "error reading HTTP response for '%s': %s\n"
msgstr "virhe luettaessa tiedostoa \"%s\": %s\n" msgstr "virhe luettaessa tiedostoa \"%s\": %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
msgid "too many redirections\n"
msgstr "liian monta \"%c\" valintaa\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error parsing OCSP response for '%s': %s\n" msgid "error parsing OCSP response for '%s': %s\n"
msgstr "virhe lähettäessä kohteeseen \"%s\": %s\n" msgstr "virhe lähettäessä kohteeseen \"%s\": %s\n"
@ -8995,6 +8976,18 @@ msgid ""
"Check a passphrase given on stdin against the patternfile\n" "Check a passphrase given on stdin against the patternfile\n"
msgstr "" msgstr ""
#, fuzzy
#~ msgid "error retrieving '%s': http status %u\n"
#~ msgstr "virhe luettaessa tiedostoa \"%s\": %s\n"
#, fuzzy
#~ msgid "npth_select failed: %s - waiting 1s\n"
#~ msgstr "salaisen päivitys epäonnistui: %s\n"
#, fuzzy
#~ msgid "reading from ldap wrapper %d failed: %s\n"
#~ msgstr "avainlohkojen poisto epäonnistui: %s\n"
#, fuzzy #, fuzzy
#~ msgid "What keysize do you want for the Signature key? (%u) " #~ msgid "What keysize do you want for the Signature key? (%u) "
#~ msgstr "Minkä kokoisen avaimen haluat? (1024) " #~ msgstr "Minkä kokoisen avaimen haluat? (1024) "

54
po/fr.po
View File

@ -7805,33 +7805,19 @@ msgstr "échec de crl_cache_insert par émetteur : %s\n"
msgid "reader to file mapping table full - waiting\n" msgid "reader to file mapping table full - waiting\n"
msgstr "table de projection de lecteur vers fichier pleine — attente\n" msgstr "table de projection de lecteur vers fichier pleine — attente\n"
msgid "using \"http\" instead of \"https\"\n"
msgstr "utilisation d'« http » au lieu d'« https »\n"
#, c-format #, c-format
msgid "CRL access not possible due to disabled %s\n" msgid "CRL access not possible due to disabled %s\n"
msgstr "" msgstr ""
"accès à la liste de révocations de certificat impossible car %s est " "accès à la liste de révocations de certificat impossible car %s est "
"désactivé\n" "désactivé\n"
#, c-format
msgid "error initializing reader object: %s\n"
msgstr "erreur d'initialisation de l'objet lecteur : %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr "URL « %s » redirigée vers « %s » (%u)\n"
msgid "too many redirections\n"
msgstr "trop de redirections\n"
#, c-format #, c-format
msgid "error retrieving '%s': %s\n" msgid "error retrieving '%s': %s\n"
msgstr "erreur de récupération de « %s » : %s\n" msgstr "erreur de récupération de « %s » : %s\n"
#, c-format #, c-format
msgid "error retrieving '%s': http status %u\n" msgid "error initializing reader object: %s\n"
msgstr "erreur de récupération de « %s » : état HTTP %u\n" msgstr "erreur d'initialisation de l'objet lecteur : %s\n"
#, fuzzy #, fuzzy
#| msgid "CRL access not possible due to disabled %s\n" #| msgid "CRL access not possible due to disabled %s\n"
@ -8264,10 +8250,6 @@ msgstr "erreur d'affichage de ligne du journal : %s\n"
msgid "error reading log from ldap wrapper %d: %s\n" msgid "error reading log from ldap wrapper %d: %s\n"
msgstr "erreur de lecture du journal par l'enveloppe LDAP %d : %s\n" msgstr "erreur de lecture du journal par l'enveloppe LDAP %d : %s\n"
#, c-format
msgid "npth_select failed: %s - waiting 1s\n"
msgstr "échec de npth_select : %s — attente 1 s\n"
#, c-format #, c-format
msgid "ldap wrapper %d ready" msgid "ldap wrapper %d ready"
msgstr "enveloppe LDAP %d prête" msgstr "enveloppe LDAP %d prête"
@ -8288,15 +8270,6 @@ msgstr "échec d'attente de l'enveloppe LDAP %d : %s\n"
msgid "ldap wrapper %d stalled - killing\n" msgid "ldap wrapper %d stalled - killing\n"
msgstr "enveloppe LDAP %d à l'arrêt — le processus va être tué\n" msgstr "enveloppe LDAP %d à l'arrêt — le processus va être tué\n"
# NOTE: Incorrectly set as translatable?
#, c-format
msgid "error spawning ldap wrapper reaper thread: %s\n"
msgstr "error spawning ldap wrapper reaper thread: %s\n"
#, c-format
msgid "reading from ldap wrapper %d failed: %s\n"
msgstr "échec de lecture par l'enveloppe LDAP %d : %s\n"
#, c-format #, c-format
msgid "invalid char 0x%02x in host name - not added\n" msgid "invalid char 0x%02x in host name - not added\n"
msgstr "caractère 0x%02x incorrect dans le nom d'hôte — non ajouté\n" msgstr "caractère 0x%02x incorrect dans le nom d'hôte — non ajouté\n"
@ -8362,6 +8335,13 @@ msgstr "erreur de connexion à « %s » : %s\n"
msgid "error reading HTTP response for '%s': %s\n" msgid "error reading HTTP response for '%s': %s\n"
msgstr "erreur de lecture de réponse HTTP pour « %s » : %s\n" msgstr "erreur de lecture de réponse HTTP pour « %s » : %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr "URL « %s » redirigée vers « %s » (%u)\n"
msgid "too many redirections\n"
msgstr "trop de redirections\n"
#, c-format #, c-format
msgid "error parsing OCSP response for '%s': %s\n" msgid "error parsing OCSP response for '%s': %s\n"
msgstr "erreur d'analyse de réponse OCSP pour « %s » : %s\n" msgstr "erreur d'analyse de réponse OCSP pour « %s » : %s\n"
@ -8983,6 +8963,22 @@ msgstr ""
"Vérifier une phrase secrète donnée sur l'entrée standard par rapport à " "Vérifier une phrase secrète donnée sur l'entrée standard par rapport à "
"ficmotif\n" "ficmotif\n"
#~ msgid "using \"http\" instead of \"https\"\n"
#~ msgstr "utilisation d'« http » au lieu d'« https »\n"
#~ msgid "error retrieving '%s': http status %u\n"
#~ msgstr "erreur de récupération de « %s » : état HTTP %u\n"
#~ msgid "npth_select failed: %s - waiting 1s\n"
#~ msgstr "échec de npth_select : %s — attente 1 s\n"
# NOTE: Incorrectly set as translatable?
#~ msgid "error spawning ldap wrapper reaper thread: %s\n"
#~ msgstr "error spawning ldap wrapper reaper thread: %s\n"
#~ msgid "reading from ldap wrapper %d failed: %s\n"
#~ msgstr "échec de lecture par l'enveloppe LDAP %d : %s\n"
#~ msgid "What keysize do you want for the Signature key? (%u) " #~ msgid "What keysize do you want for the Signature key? (%u) "
#~ msgstr "" #~ msgstr ""
#~ "Quelle taille de clef désirez-vous pour la clef de signature ? (%u) " #~ "Quelle taille de clef désirez-vous pour la clef de signature ? (%u) "

53
po/gl.po
View File

@ -7829,33 +7829,18 @@ msgstr "fallou o borrado do bloque de chaves: %s\n"
msgid "reader to file mapping table full - waiting\n" msgid "reader to file mapping table full - waiting\n"
msgstr "" msgstr ""
msgid "using \"http\" instead of \"https\"\n"
msgstr ""
#, c-format #, c-format
msgid "CRL access not possible due to disabled %s\n" msgid "CRL access not possible due to disabled %s\n"
msgstr "" msgstr ""
#, fuzzy, c-format
#| msgid "%s: error writing dir record: %s\n"
msgid "error initializing reader object: %s\n"
msgstr "%s: erro ao escribi-lo rexistro de directorios: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
msgid "too many redirections\n"
msgstr "demasiadas preferencias `%c'\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error retrieving '%s': %s\n" msgid "error retrieving '%s': %s\n"
msgstr "erro ao crear `%s': %s\n" msgstr "erro ao crear `%s': %s\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error retrieving '%s': http status %u\n" #| msgid "%s: error writing dir record: %s\n"
msgstr "erro lendo `%s': %s\n" msgid "error initializing reader object: %s\n"
msgstr "%s: erro ao escribi-lo rexistro de directorios: %s\n"
#, fuzzy #, fuzzy
msgid "CRL access not possible due to Tor mode\n" msgid "CRL access not possible due to Tor mode\n"
@ -8305,10 +8290,6 @@ msgstr "erro escribindo no chaveiro `%s': %s\n"
msgid "error reading log from ldap wrapper %d: %s\n" msgid "error reading log from ldap wrapper %d: %s\n"
msgstr "erro lendo `%s': %s\n" msgstr "erro lendo `%s': %s\n"
#, fuzzy, c-format
msgid "npth_select failed: %s - waiting 1s\n"
msgstr "o segredo da actualización fallou: %s\n"
#, c-format #, c-format
msgid "ldap wrapper %d ready" msgid "ldap wrapper %d ready"
msgstr "" msgstr ""
@ -8329,14 +8310,6 @@ msgstr "a actualización fallou: %s\n"
msgid "ldap wrapper %d stalled - killing\n" msgid "ldap wrapper %d stalled - killing\n"
msgstr "" msgstr ""
#, c-format
msgid "error spawning ldap wrapper reaper thread: %s\n"
msgstr ""
#, fuzzy, c-format
msgid "reading from ldap wrapper %d failed: %s\n"
msgstr "fallou o borrado do bloque de chaves: %s\n"
#, c-format #, c-format
msgid "invalid char 0x%02x in host name - not added\n" msgid "invalid char 0x%02x in host name - not added\n"
msgstr "" msgstr ""
@ -8404,6 +8377,14 @@ msgstr "erro escribindo no chaveiro `%s': %s\n"
msgid "error reading HTTP response for '%s': %s\n" msgid "error reading HTTP response for '%s': %s\n"
msgstr "erro lendo `%s': %s\n" msgstr "erro lendo `%s': %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
msgid "too many redirections\n"
msgstr "demasiadas preferencias `%c'\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error parsing OCSP response for '%s': %s\n" msgid "error parsing OCSP response for '%s': %s\n"
msgstr "erro ao enviar a `%s': %s\n" msgstr "erro ao enviar a `%s': %s\n"
@ -9024,6 +9005,18 @@ msgid ""
"Check a passphrase given on stdin against the patternfile\n" "Check a passphrase given on stdin against the patternfile\n"
msgstr "" msgstr ""
#, fuzzy
#~ msgid "error retrieving '%s': http status %u\n"
#~ msgstr "erro lendo `%s': %s\n"
#, fuzzy
#~ msgid "npth_select failed: %s - waiting 1s\n"
#~ msgstr "o segredo da actualización fallou: %s\n"
#, fuzzy
#~ msgid "reading from ldap wrapper %d failed: %s\n"
#~ msgstr "fallou o borrado do bloque de chaves: %s\n"
#, fuzzy #, fuzzy
#~ msgid "What keysize do you want for the Signature key? (%u) " #~ msgid "What keysize do you want for the Signature key? (%u) "
#~ msgstr "¿Qué tamaño de chave quere? (1024) " #~ msgstr "¿Qué tamaño de chave quere? (1024) "

53
po/hu.po
View File

@ -7773,33 +7773,18 @@ msgstr "A kulcsblokk törlése sikertelen: %s.\n"
msgid "reader to file mapping table full - waiting\n" msgid "reader to file mapping table full - waiting\n"
msgstr "" msgstr ""
msgid "using \"http\" instead of \"https\"\n"
msgstr ""
#, c-format #, c-format
msgid "CRL access not possible due to disabled %s\n" msgid "CRL access not possible due to disabled %s\n"
msgstr "" msgstr ""
#, fuzzy, c-format
#| msgid "%s: error writing dir record: %s\n"
msgid "error initializing reader object: %s\n"
msgstr "%s: Hiba könyvtárrekord írásakor: %s.\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
msgid "too many redirections\n"
msgstr "Túl sok \"%c\" preferencia.\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error retrieving '%s': %s\n" msgid "error retrieving '%s': %s\n"
msgstr "Hiba \"%s\" létrehozásakor: %s\n" msgstr "Hiba \"%s\" létrehozásakor: %s\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error retrieving '%s': http status %u\n" #| msgid "%s: error writing dir record: %s\n"
msgstr "Hiba \"%s\" olvasásakor: %s\n" msgid "error initializing reader object: %s\n"
msgstr "%s: Hiba könyvtárrekord írásakor: %s.\n"
#, fuzzy #, fuzzy
msgid "CRL access not possible due to Tor mode\n" msgid "CRL access not possible due to Tor mode\n"
@ -8247,10 +8232,6 @@ msgstr "Hiba a \"%s\" kulcskarika írásakor: %s\n"
msgid "error reading log from ldap wrapper %d: %s\n" msgid "error reading log from ldap wrapper %d: %s\n"
msgstr "Hiba \"%s\" olvasásakor: %s\n" msgstr "Hiba \"%s\" olvasásakor: %s\n"
#, fuzzy, c-format
msgid "npth_select failed: %s - waiting 1s\n"
msgstr "Titkoskulcs-blokk frissítése sikertelen: %s\n"
#, c-format #, c-format
msgid "ldap wrapper %d ready" msgid "ldap wrapper %d ready"
msgstr "" msgstr ""
@ -8271,14 +8252,6 @@ msgstr "Frissítés sikertelen: %s.\n"
msgid "ldap wrapper %d stalled - killing\n" msgid "ldap wrapper %d stalled - killing\n"
msgstr "" msgstr ""
#, c-format
msgid "error spawning ldap wrapper reaper thread: %s\n"
msgstr ""
#, fuzzy, c-format
msgid "reading from ldap wrapper %d failed: %s\n"
msgstr "A kulcsblokk törlése sikertelen: %s.\n"
#, c-format #, c-format
msgid "invalid char 0x%02x in host name - not added\n" msgid "invalid char 0x%02x in host name - not added\n"
msgstr "" msgstr ""
@ -8346,6 +8319,14 @@ msgstr "Hiba a \"%s\" kulcskarika írásakor: %s\n"
msgid "error reading HTTP response for '%s': %s\n" msgid "error reading HTTP response for '%s': %s\n"
msgstr "Hiba \"%s\" olvasásakor: %s\n" msgstr "Hiba \"%s\" olvasásakor: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
msgid "too many redirections\n"
msgstr "Túl sok \"%c\" preferencia.\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error parsing OCSP response for '%s': %s\n" msgid "error parsing OCSP response for '%s': %s\n"
msgstr "Hiba %s-ra/-re küldéskor: %s\n" msgstr "Hiba %s-ra/-re küldéskor: %s\n"
@ -8963,6 +8944,18 @@ msgid ""
"Check a passphrase given on stdin against the patternfile\n" "Check a passphrase given on stdin against the patternfile\n"
msgstr "" msgstr ""
#, fuzzy
#~ msgid "error retrieving '%s': http status %u\n"
#~ msgstr "Hiba \"%s\" olvasásakor: %s\n"
#, fuzzy
#~ msgid "npth_select failed: %s - waiting 1s\n"
#~ msgstr "Titkoskulcs-blokk frissítése sikertelen: %s\n"
#, fuzzy
#~ msgid "reading from ldap wrapper %d failed: %s\n"
#~ msgstr "A kulcsblokk törlése sikertelen: %s.\n"
#, fuzzy #, fuzzy
#~ msgid "What keysize do you want for the Signature key? (%u) " #~ msgid "What keysize do you want for the Signature key? (%u) "
#~ msgstr "Milyen kulcsméretet szeretne? (1024) " #~ msgstr "Milyen kulcsméretet szeretne? (1024) "

53
po/id.po
View File

@ -7766,33 +7766,18 @@ msgstr "gagal menghapus keyblok: %s\n"
msgid "reader to file mapping table full - waiting\n" msgid "reader to file mapping table full - waiting\n"
msgstr "" msgstr ""
msgid "using \"http\" instead of \"https\"\n"
msgstr ""
#, c-format #, c-format
msgid "CRL access not possible due to disabled %s\n" msgid "CRL access not possible due to disabled %s\n"
msgstr "" msgstr ""
#, fuzzy, c-format
#| msgid "%s: error writing dir record: %s\n"
msgid "error initializing reader object: %s\n"
msgstr "%s: kesalahan menulis dir record: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
msgid "too many redirections\n"
msgstr "terlalu banyak preferensi `%c'\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error retrieving '%s': %s\n" msgid "error retrieving '%s': %s\n"
msgstr "kesalahan penciptaan : `%s': %s\n" msgstr "kesalahan penciptaan : `%s': %s\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error retrieving '%s': http status %u\n" #| msgid "%s: error writing dir record: %s\n"
msgstr "kesalahan membaca `%s': %s\n" msgid "error initializing reader object: %s\n"
msgstr "%s: kesalahan menulis dir record: %s\n"
#, fuzzy #, fuzzy
msgid "CRL access not possible due to Tor mode\n" msgid "CRL access not possible due to Tor mode\n"
@ -8240,10 +8225,6 @@ msgstr "kesalahan menulis keyring `%s': %s\n"
msgid "error reading log from ldap wrapper %d: %s\n" msgid "error reading log from ldap wrapper %d: %s\n"
msgstr "kesalahan membaca `%s': %s\n" msgstr "kesalahan membaca `%s': %s\n"
#, fuzzy, c-format
msgid "npth_select failed: %s - waiting 1s\n"
msgstr "gagal perbarui rahasia: %s\n"
#, c-format #, c-format
msgid "ldap wrapper %d ready" msgid "ldap wrapper %d ready"
msgstr "" msgstr ""
@ -8264,14 +8245,6 @@ msgstr "gagal memperbarui: %s\n"
msgid "ldap wrapper %d stalled - killing\n" msgid "ldap wrapper %d stalled - killing\n"
msgstr "" msgstr ""
#, c-format
msgid "error spawning ldap wrapper reaper thread: %s\n"
msgstr ""
#, fuzzy, c-format
msgid "reading from ldap wrapper %d failed: %s\n"
msgstr "gagal menghapus keyblok: %s\n"
#, c-format #, c-format
msgid "invalid char 0x%02x in host name - not added\n" msgid "invalid char 0x%02x in host name - not added\n"
msgstr "" msgstr ""
@ -8339,6 +8312,14 @@ msgstr "kesalahan menulis keyring `%s': %s\n"
msgid "error reading HTTP response for '%s': %s\n" msgid "error reading HTTP response for '%s': %s\n"
msgstr "kesalahan membaca `%s': %s\n" msgstr "kesalahan membaca `%s': %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
msgid "too many redirections\n"
msgstr "terlalu banyak preferensi `%c'\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error parsing OCSP response for '%s': %s\n" msgid "error parsing OCSP response for '%s': %s\n"
msgstr "kesalahan mengirim ke `%s': %s\n" msgstr "kesalahan mengirim ke `%s': %s\n"
@ -8956,6 +8937,18 @@ msgid ""
"Check a passphrase given on stdin against the patternfile\n" "Check a passphrase given on stdin against the patternfile\n"
msgstr "" msgstr ""
#, fuzzy
#~ msgid "error retrieving '%s': http status %u\n"
#~ msgstr "kesalahan membaca `%s': %s\n"
#, fuzzy
#~ msgid "npth_select failed: %s - waiting 1s\n"
#~ msgstr "gagal perbarui rahasia: %s\n"
#, fuzzy
#~ msgid "reading from ldap wrapper %d failed: %s\n"
#~ msgstr "gagal menghapus keyblok: %s\n"
#, fuzzy #, fuzzy
#~ msgid "What keysize do you want for the Signature key? (%u) " #~ msgid "What keysize do you want for the Signature key? (%u) "
#~ msgstr "Keysize yang anda inginkan? (1024) " #~ msgstr "Keysize yang anda inginkan? (1024) "

53
po/it.po
View File

@ -7806,33 +7806,18 @@ msgstr "cancellazione del keyblock fallita: %s\n"
msgid "reader to file mapping table full - waiting\n" msgid "reader to file mapping table full - waiting\n"
msgstr "" msgstr ""
msgid "using \"http\" instead of \"https\"\n"
msgstr ""
#, c-format #, c-format
msgid "CRL access not possible due to disabled %s\n" msgid "CRL access not possible due to disabled %s\n"
msgstr "" msgstr ""
#, fuzzy, c-format
#| msgid "%s: error writing dir record: %s\n"
msgid "error initializing reader object: %s\n"
msgstr "%s: errore durante la scrittura del dir record: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
msgid "too many redirections\n"
msgstr "ci sono troppe preferenze `%c'\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error retrieving '%s': %s\n" msgid "error retrieving '%s': %s\n"
msgstr "errore creando `%s': %s\n" msgstr "errore creando `%s': %s\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error retrieving '%s': http status %u\n" #| msgid "%s: error writing dir record: %s\n"
msgstr "errore leggendo `%s': %s\n" msgid "error initializing reader object: %s\n"
msgstr "%s: errore durante la scrittura del dir record: %s\n"
#, fuzzy #, fuzzy
msgid "CRL access not possible due to Tor mode\n" msgid "CRL access not possible due to Tor mode\n"
@ -8281,10 +8266,6 @@ msgstr "errore scrivendo il portachiavi `%s': %s\n"
msgid "error reading log from ldap wrapper %d: %s\n" msgid "error reading log from ldap wrapper %d: %s\n"
msgstr "errore leggendo `%s': %s\n" msgstr "errore leggendo `%s': %s\n"
#, fuzzy, c-format
msgid "npth_select failed: %s - waiting 1s\n"
msgstr "aggiornamento della chiave segreta fallito: %s\n"
#, c-format #, c-format
msgid "ldap wrapper %d ready" msgid "ldap wrapper %d ready"
msgstr "" msgstr ""
@ -8305,14 +8286,6 @@ msgstr "aggiornamento fallito: %s\n"
msgid "ldap wrapper %d stalled - killing\n" msgid "ldap wrapper %d stalled - killing\n"
msgstr "" msgstr ""
#, c-format
msgid "error spawning ldap wrapper reaper thread: %s\n"
msgstr ""
#, fuzzy, c-format
msgid "reading from ldap wrapper %d failed: %s\n"
msgstr "cancellazione del keyblock fallita: %s\n"
#, c-format #, c-format
msgid "invalid char 0x%02x in host name - not added\n" msgid "invalid char 0x%02x in host name - not added\n"
msgstr "" msgstr ""
@ -8380,6 +8353,14 @@ msgstr "errore scrivendo il portachiavi `%s': %s\n"
msgid "error reading HTTP response for '%s': %s\n" msgid "error reading HTTP response for '%s': %s\n"
msgstr "errore leggendo `%s': %s\n" msgstr "errore leggendo `%s': %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
msgid "too many redirections\n"
msgstr "ci sono troppe preferenze `%c'\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error parsing OCSP response for '%s': %s\n" msgid "error parsing OCSP response for '%s': %s\n"
msgstr "errore leggendo `%s': %s\n" msgstr "errore leggendo `%s': %s\n"
@ -8997,6 +8978,18 @@ msgid ""
"Check a passphrase given on stdin against the patternfile\n" "Check a passphrase given on stdin against the patternfile\n"
msgstr "" msgstr ""
#, fuzzy
#~ msgid "error retrieving '%s': http status %u\n"
#~ msgstr "errore leggendo `%s': %s\n"
#, fuzzy
#~ msgid "npth_select failed: %s - waiting 1s\n"
#~ msgstr "aggiornamento della chiave segreta fallito: %s\n"
#, fuzzy
#~ msgid "reading from ldap wrapper %d failed: %s\n"
#~ msgstr "cancellazione del keyblock fallita: %s\n"
#, fuzzy #, fuzzy
#~ msgid "What keysize do you want for the Signature key? (%u) " #~ msgid "What keysize do you want for the Signature key? (%u) "
#~ msgstr "Di che dimensioni vuoi la chiave? (1024) " #~ msgstr "Di che dimensioni vuoi la chiave? (1024) "

155
po/ja.po
View File

@ -4,13 +4,13 @@
# IIDA Yosiaki <iida@gnu.org>, 1999, 2000, 2002, 2003, 2004. # IIDA Yosiaki <iida@gnu.org>, 1999, 2000, 2002, 2003, 2004.
# Yoshihiro Kajiki <kajiki@ylug.org>, 1999. # Yoshihiro Kajiki <kajiki@ylug.org>, 1999.
# Takashi P.KATOH, 2002. # Takashi P.KATOH, 2002.
# NIIBE Yutaka <gniibe@fsij.org>, 2013, 2014, 2015, 2016, 2017. # NIIBE Yutaka <gniibe@fsij.org>, 2013, 2014, 2015, 2016, 2017, 2018.
# #
msgid "" msgid ""
msgstr "" msgstr ""
"Project-Id-Version: gnupg 2.2.6\n" "Project-Id-Version: gnupg 2.2.6\n"
"Report-Msgid-Bugs-To: translations@gnupg.org\n" "Report-Msgid-Bugs-To: translations@gnupg.org\n"
"PO-Revision-Date: 2018-03-30 19:31+0900\n" "PO-Revision-Date: 2018-04-12 10:51+0900\n"
"Last-Translator: NIIBE Yutaka <gniibe@fsij.org>\n" "Last-Translator: NIIBE Yutaka <gniibe@fsij.org>\n"
"Language-Team: none\n" "Language-Team: none\n"
"Language: ja\n" "Language: ja\n"
@ -278,7 +278,7 @@ msgstr ""
"避けましょう。" "避けましょう。"
msgid "Warning: You have entered an insecure passphrase." msgid "Warning: You have entered an insecure passphrase."
msgstr "*警告*: 安全とは言えないパスフレーズが入力されました。" msgstr "警告: 安全とは言えないパスフレーズが入力されました。"
#, c-format #, c-format
msgid "Please enter the passphrase to%0Aprotect your new key" msgid "Please enter the passphrase to%0Aprotect your new key"
@ -397,7 +397,7 @@ msgstr "選択されたダイジェスト・アルゴリズムは、無効です
#, c-format #, c-format
msgid "Note: no default option file '%s'\n" msgid "Note: no default option file '%s'\n"
msgstr "*注意*: デフォルトのオプション・ファイル '%s' がありません\n" msgstr "注意: デフォルトのオプション・ファイル '%s' がありません\n"
#, c-format #, c-format
msgid "option file '%s': %s\n" msgid "option file '%s': %s\n"
@ -409,7 +409,7 @@ msgstr "'%s' からオプションを読み込みます\n"
#, c-format #, c-format
msgid "Note: '%s' is not considered an option\n" msgid "Note: '%s' is not considered an option\n"
msgstr "*注意*: '%s'はオプションとは考えられません\n" msgstr "注意: '%s'はオプションとは考えられません\n"
#, c-format #, c-format
msgid "can't create socket: %s\n" msgid "can't create socket: %s\n"
@ -626,7 +626,7 @@ msgstr "誤り"
#, c-format #, c-format
msgid "Note: This passphrase has never been changed.%0APlease change it now." msgid "Note: This passphrase has never been changed.%0APlease change it now."
msgstr "*注意*: パスフレーズは変更されていません。%0A今、変更してください。" msgstr "注意: パスフレーズは変更されていません。%0A今、変更してください。"
#, c-format #, c-format
msgid "" msgid ""
@ -1195,12 +1195,11 @@ msgstr "*警告*: %s\n"
msgid "Note: Outdated servers may lack important security fixes.\n" msgid "Note: Outdated servers may lack important security fixes.\n"
msgstr "" msgstr ""
"*注意*: 古いサーバは、重要なセキュリティの修正が欠如しているかもしれませ" "注意: 古いサーバは、重要なセキュリティの修正が欠如しているかもしれません。\n"
"ん。\n"
#, c-format #, c-format
msgid "Note: Use the command \"%s\" to restart them.\n" msgid "Note: Use the command \"%s\" to restart them.\n"
msgstr "*注意*: \"%s\"コマンドを使って再起動してください。\n" msgstr "注意: \"%s\"コマンドを使って再起動してください。\n"
#, c-format #, c-format
msgid "%s is not compliant with %s mode\n" msgid "%s is not compliant with %s mode\n"
@ -1320,9 +1319,9 @@ msgid ""
" If the key generation does not succeed, please check the\n" " If the key generation does not succeed, please check the\n"
" documentation of your card to see what sizes are allowed.\n" " documentation of your card to see what sizes are allowed.\n"
msgstr "" msgstr ""
"*注意*: カードが要求された鍵長をサポートしているという保証はありません。\n" "注意: カードが要求された鍵長をサポートしているという保証はありません。\n"
" 鍵生成が成功しない場合、あなたのカードに関する技術文書を確認し、\n" " 鍵生成が成功しない場合、あなたのカードに関する技術文書を確認し、\n"
" 利用できる鍵長について確認ください。\n" " 利用できる鍵長について確認ください。\n"
#, c-format #, c-format
msgid "What keysize do you want? (%u) " msgid "What keysize do you want? (%u) "
@ -1364,12 +1363,12 @@ msgstr "無効な選択です。\n"
#, c-format #, c-format
msgid "The card will now be re-configured to generate a key of %u bits\n" msgid "The card will now be re-configured to generate a key of %u bits\n"
msgstr "今、%uビットの鍵を生成するようにカードは再コンフィグされました\n" msgstr "カードは、今、%uビットの鍵を生成するように再コンフィグされます\n"
#, c-format #, c-format
msgid "The card will now be re-configured to generate a key of type: %s\n" msgid "The card will now be re-configured to generate a key of type: %s\n"
msgstr "" msgstr ""
"カードは、今、こちらのタイプの鍵を生成するように再コンフィグされました: %s\n" "カードは、今、こちらのタイプの鍵を生成するように再コンフィグされま: %s\n"
#, c-format #, c-format
msgid "error changing key attribute for key %d: %s\n" msgid "error changing key attribute for key %d: %s\n"
@ -1377,7 +1376,7 @@ msgstr "鍵%dの属性を変更する際にエラー: %s\n"
#, c-format #, c-format
msgid "error getting card info: %s\n" msgid "error getting card info: %s\n"
msgstr "情報の取得エラー: %s\n" msgstr "カード情報の取得エラー: %s\n"
msgid "This command is not supported by this card\n" msgid "This command is not supported by this card\n"
msgstr "このカードでは、このコマンドはサポートされていません。\n" msgstr "このカードでは、このコマンドはサポートされていません。\n"
@ -1386,7 +1385,7 @@ msgid "Make off-card backup of encryption key? (Y/n) "
msgstr "暗号化鍵のカード外バックアップを作成しますか? (Y/n) " msgstr "暗号化鍵のカード外バックアップを作成しますか? (Y/n) "
msgid "Note: keys are already stored on the card!\n" msgid "Note: keys are already stored on the card!\n"
msgstr "*注意*: 秘密鍵はもうカードに保管してあります!\n" msgstr "注意: 秘密鍵はもうカードに保管してあります!\n"
msgid "Replace existing keys? (y/N) " msgid "Replace existing keys? (y/N) "
msgstr "既存の鍵を置き換えますか? (y/N) " msgstr "既存の鍵を置き換えますか? (y/N) "
@ -1421,7 +1420,7 @@ msgid "KEYTOCARD failed: %s\n"
msgstr "KEYTOCARDが失敗しました: %s\n" msgstr "KEYTOCARDが失敗しました: %s\n"
msgid "Note: This command destroys all keys stored on the card!\n" msgid "Note: This command destroys all keys stored on the card!\n"
msgstr "*注意*: このコマンドはカードに保管してあるすべての鍵を破壊します!\n" msgstr "注意: このコマンドはカードに保管してあるすべての鍵を破壊します!\n"
msgid "Continue? (y/N) " msgid "Continue? (y/N) "
msgstr "続けますか? (y/N) " msgstr "続けますか? (y/N) "
@ -1555,7 +1554,7 @@ msgstr "所有者信用情報をクリアしました\n"
#, c-format #, c-format
msgid "there is a secret key for public key \"%s\"!\n" msgid "there is a secret key for public key \"%s\"!\n"
msgstr "この公開鍵にたいする秘密鍵\"%s\"があります!\n" msgstr "この公開鍵にする秘密鍵\"%s\"があります!\n"
msgid "use option \"--delete-secret-keys\" to delete it first.\n" msgid "use option \"--delete-secret-keys\" to delete it first.\n"
msgstr "まず\"--delete-secret-keys\"オプションでこれを削除してください。\n" msgstr "まず\"--delete-secret-keys\"オプションでこれを削除してください。\n"
@ -2091,11 +2090,11 @@ msgstr "(選択肢の一覧には\"help\"を使ってください)\n"
#, c-format #, c-format
msgid "Note: old default options file '%s' ignored\n" msgid "Note: old default options file '%s' ignored\n"
msgstr "*注意*: 以前デフォルトだったオプション・ファイル'%s'は、無視されます\n" msgstr "注意: 以前デフォルトだったオプション・ファイル'%s'は、無視されます\n"
#, c-format #, c-format
msgid "Note: %s is not for normal use!\n" msgid "Note: %s is not for normal use!\n"
msgstr "*注意*: 普通%sは使いません!\n" msgstr "注意: 普通%sは使いません!\n"
#, c-format #, c-format
msgid "'%s' is not a valid signature expiration\n" msgid "'%s' is not a valid signature expiration\n"
@ -2250,7 +2249,7 @@ msgid "invalid min-cert-level; must be 1, 2, or 3\n"
msgstr "無効なmin-cert-level。0か1か2か3でなければなりません\n" msgstr "無効なmin-cert-level。0か1か2か3でなければなりません\n"
msgid "Note: simple S2K mode (0) is strongly discouraged\n" msgid "Note: simple S2K mode (0) is strongly discouraged\n"
msgstr "*注意*: 単純なS2Kモード(0)の使用には強く反対します\n" msgstr "注意: 単純なS2Kモード(0)の使用には強く反対します\n"
msgid "invalid S2K mode; must be 0, 1 or 3\n" msgid "invalid S2K mode; must be 0, 1 or 3\n"
msgstr "無効なS2Kモード。0か1か3でなければなりません\n" msgstr "無効なS2Kモード。0か1か3でなければなりません\n"
@ -2350,7 +2349,8 @@ msgstr "'%s'は有効な鍵ID, フィンガープリント、keygripではない
msgid "WARNING: no command supplied. Trying to guess what you mean ...\n" msgid "WARNING: no command supplied. Trying to guess what you mean ...\n"
msgstr "" msgstr ""
"警告: コマンドが指定されていません。なにを意味しているのか当ててみます ...\n" "*警告*: コマンドが指定されていません。なにを意味しているのか当ててみま"
"す ...\n"
msgid "Go ahead and type your message ...\n" msgid "Go ahead and type your message ...\n"
msgstr "開始します。メッセージを打ってください ...\n" msgstr "開始します。メッセージを打ってください ...\n"
@ -2868,7 +2868,7 @@ msgid ""
"The self-signature on \"%s\"\n" "The self-signature on \"%s\"\n"
"is a PGP 2.x-style signature.\n" "is a PGP 2.x-style signature.\n"
msgstr "" msgstr ""
"\"%s\"にたいする自己署名は、\n" "\"%s\"にする自己署名は、\n"
"PGP 2.x形式の署名です。\n" "PGP 2.x形式の署名です。\n"
msgid "Do you want to promote it to an OpenPGP self-signature? (y/N) " msgid "Do you want to promote it to an OpenPGP self-signature? (y/N) "
@ -2890,7 +2890,7 @@ msgid ""
"Your current signature on \"%s\"\n" "Your current signature on \"%s\"\n"
"is a local signature.\n" "is a local signature.\n"
msgstr "" msgstr ""
"\"%s\"にたいするあなたの今の署名\n" "\"%s\"にするあなたの今の署名\n"
"はローカルな署名です。\n" "はローカルな署名です。\n"
msgid "Do you want to promote it to a full exportable signature? (y/N) " msgid "Do you want to promote it to a full exportable signature? (y/N) "
@ -3467,15 +3467,11 @@ msgstr "主鍵の有効期限を変更します。\n"
msgid "You can't change the expiration date of a v3 key\n" msgid "You can't change the expiration date of a v3 key\n"
msgstr "v3鍵の有効期限は変更できません\n" msgstr "v3鍵の有効期限は変更できません\n"
#, fuzzy
#| msgid "Changing expiration time for a subkey.\n"
msgid "Changing usage of a subkey.\n" msgid "Changing usage of a subkey.\n"
msgstr "副鍵の有効期限を変更します。\n" msgstr "副鍵の使用法を変更します。\n"
#, fuzzy
#| msgid "Changing expiration time for the primary key.\n"
msgid "Changing usage of the primary key.\n" msgid "Changing usage of the primary key.\n"
msgstr "主鍵の有効期限を変更します。\n" msgstr "主鍵の使用法を変更します。\n"
#, c-format #, c-format
msgid "signing subkey %s is already cross-certified\n" msgid "signing subkey %s is already cross-certified\n"
@ -3982,7 +3978,7 @@ msgstr "バックアップ・ファイル'%s'が作成できません: %s\n"
#, c-format #, c-format
msgid "Note: backup of card key saved to '%s'\n" msgid "Note: backup of card key saved to '%s'\n"
msgstr "*注意*: カード鍵のバックアップが'%s'へ保存されます\n" msgstr "注意: カード鍵のバックアップが'%s'へ保存されます\n"
#, c-format #, c-format
msgid "writing public key to '%s'\n" msgid "writing public key to '%s'\n"
@ -4017,7 +4013,7 @@ msgid ""
msgstr "鍵は%lu秒未来にできました (時間歪曲か時計の障害でしょう)\n" msgstr "鍵は%lu秒未来にできました (時間歪曲か時計の障害でしょう)\n"
msgid "Note: creating subkeys for v3 keys is not OpenPGP compliant\n" msgid "Note: creating subkeys for v3 keys is not OpenPGP compliant\n"
msgstr "*注意*: v3鍵に対する副鍵の作成は、OpenPGPに適合しません\n" msgstr "注意: v3鍵に対する副鍵の作成は、OpenPGPに適合しません\n"
msgid "Secret parts of primary key are not available.\n" msgid "Secret parts of primary key are not available.\n"
msgstr "主鍵の秘密部分が利用できません。\n" msgstr "主鍵の秘密部分が利用できません。\n"
@ -4069,7 +4065,7 @@ msgstr[0] "エラーのため%d個の署名を検査しません\n"
#, c-format #, c-format
msgid "Warning: %lu key skipped due to its large size\n" msgid "Warning: %lu key skipped due to its large size\n"
msgid_plural "Warning: %lu keys skipped due to their large sizes\n" msgid_plural "Warning: %lu keys skipped due to their large sizes\n"
msgstr[0] "*警告*: %lu個の鍵がその大きさのためスキップされました\n" msgstr[0] "警告: %lu個の鍵がその大きさのためスキップされました\n"
msgid "Keyring" msgid "Keyring"
msgstr "鍵リング" msgstr "鍵リング"
@ -4262,7 +4258,7 @@ msgid "decryption failed: %s\n"
msgstr "復号に失敗しました: %s\n" msgstr "復号に失敗しました: %s\n"
msgid "Note: sender requested \"for-your-eyes-only\"\n" msgid "Note: sender requested \"for-your-eyes-only\"\n"
msgstr "*注意*: 送信者は\"極秘とする\"ように求めています\n" msgstr "注意: 送信者は\"極秘とする\"ように求めています\n"
#, c-format #, c-format
msgid "original file name='%.*s'\n" msgid "original file name='%.*s'\n"
@ -4401,7 +4397,7 @@ msgstr "*警告*: ダイジェスト・アルゴリズム %s は廃止されて
#, c-format #, c-format
msgid "Note: signatures using the %s algorithm are rejected\n" msgid "Note: signatures using the %s algorithm are rejected\n"
msgstr "*注意*: アルゴリズム %s を用いた署名は拒否されました\n" msgstr "注意: アルゴリズム %s を用いた署名は拒否されました\n"
#, c-format #, c-format
msgid "(reported error: %s)\n" msgid "(reported error: %s)\n"
@ -4725,15 +4721,15 @@ msgid "WARNING: This subkey has been revoked by its owner!\n"
msgstr "*警告*: この副鍵は所有者によって失効されています!\n" msgstr "*警告*: この副鍵は所有者によって失効されています!\n"
msgid "Note: This key has been disabled.\n" msgid "Note: This key has been disabled.\n"
msgstr "*注意*: この鍵は使用禁止に設定されています。\n" msgstr "注意: この鍵は使用禁止に設定されています。\n"
#, c-format #, c-format
msgid "Note: Verified signer's address is '%s'\n" msgid "Note: Verified signer's address is '%s'\n"
msgstr "*注意*: 確認された署名者のアドレスは'%s'です\n" msgstr "注意: 確認された署名者のアドレスは'%s'です\n"
#, c-format #, c-format
msgid "Note: Signer's address '%s' does not match DNS entry\n" msgid "Note: Signer's address '%s' does not match DNS entry\n"
msgstr "*注意*: 署名者のアドレス'%s'がDNSのエントリと一致しません\n" msgstr "注意: 署名者のアドレス'%s'がDNSのエントリと一致しません\n"
msgid "trustlevel adjusted to FULL due to valid PKA info\n" msgid "trustlevel adjusted to FULL due to valid PKA info\n"
msgstr "PKA情報が有効のため、信用レベルがFULLに調整されました\n" msgstr "PKA情報が有効のため、信用レベルがFULLに調整されました\n"
@ -4742,7 +4738,7 @@ msgid "trustlevel adjusted to NEVER due to bad PKA info\n"
msgstr "PKA情報が無効のため、信用レベルがNEVERに調整されました\n" msgstr "PKA情報が無効のため、信用レベルがNEVERに調整されました\n"
msgid "Note: This key has expired!\n" msgid "Note: This key has expired!\n"
msgstr "*注意*: この鍵は期限切れです!\n" msgstr "注意: この鍵は期限切れです!\n"
msgid "WARNING: This key is not certified with a trusted signature!\n" msgid "WARNING: This key is not certified with a trusted signature!\n"
msgstr "*警告*: この鍵は信用できる署名で証明されていません!\n" msgstr "*警告*: この鍵は信用できる署名で証明されていません!\n"
@ -4823,11 +4819,11 @@ msgstr "有効な宛先がありません\n"
#, c-format #, c-format
msgid "Note: key %s has no %s feature\n" msgid "Note: key %s has no %s feature\n"
msgstr "*注意*: 鍵%sには %s の機能がありません\n" msgstr "注意: 鍵%sには %s の機能がありません\n"
#, c-format #, c-format
msgid "Note: key %s has no preference for %s\n" msgid "Note: key %s has no preference for %s\n"
msgstr "*注意*: 鍵%sには%sに対する優先指定がありません\n" msgstr "注意: 鍵%sには%sに対する優先指定がありません\n"
msgid "data not saved; use option \"--output\" to save it\n" msgid "data not saved; use option \"--output\" to save it\n"
msgstr "" msgstr ""
@ -4877,10 +4873,10 @@ msgstr "*警告*: 暗号アルゴリズム%sは受取人の優先指定に入っ
#, c-format #, c-format
msgid "Note: secret key %s expired at %s\n" msgid "Note: secret key %s expired at %s\n"
msgstr "*注意*: 秘密鍵%sは%sで期限切れとなります\n" msgstr "注意: 秘密鍵%sは%sで期限切れとなります\n"
msgid "Note: key has been revoked" msgid "Note: key has been revoked"
msgstr "*注意*: 鍵は失効済みです" msgstr "注意: 鍵は失効済みです"
#, c-format #, c-format
msgid "build_packet failed: %s\n" msgid "build_packet failed: %s\n"
@ -5074,28 +5070,27 @@ msgstr[0] "鍵%sは%lu日、未来にできました (時間歪曲か時計の
#, c-format #, c-format
msgid "Note: signature key %s expired %s\n" msgid "Note: signature key %s expired %s\n"
msgstr "*注意*: 署名鍵%sは%sに期限切れとなります\n" msgstr "注意: 署名鍵%sは%sに期限切れとなります\n"
#, c-format #, c-format
msgid "Note: signature key %s has been revoked\n" msgid "Note: signature key %s has been revoked\n"
msgstr "*注意*: 鍵 %s は失効済みです\n" msgstr "注意: 鍵 %s は失効済みです\n"
#, fuzzy, c-format #, c-format
#| msgid "standalone signature of class 0x%02x\n"
msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n" msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n"
msgstr "クラス0x%02xのスタンドアロン署名\n" msgstr "鍵%sによる不正な鍵への署名: %s (0x%02x, 0x%x)\n"
#, c-format #, c-format
msgid "assuming bad signature from key %s due to an unknown critical bit\n" msgid "assuming bad signature from key %s due to an unknown critical bit\n"
msgstr "不明のクリティカル・ビットにより、鍵%sの署名を不正とみなします\n" msgstr "不明のクリティカル・ビットのため、鍵%sによる署名を不正とみなします\n"
#, c-format #, c-format
msgid "key %s: no subkey for subkey revocation signature\n" msgid "key %s: no subkey for subkey revocation signature\n"
msgstr "鍵%s: 副鍵失効署名にたいする副鍵がありません\n" msgstr "鍵%s: 副鍵失効署名にする副鍵がありません\n"
#, c-format #, c-format
msgid "key %s: no subkey for subkey binding signature\n" msgid "key %s: no subkey for subkey binding signature\n"
msgstr "鍵%s: 副鍵対応への署名にたいする副鍵がありません\n" msgstr "鍵%s: 副鍵対応への署名にする副鍵がありません\n"
#, c-format #, c-format
msgid "WARNING: unable to %%-expand notation (too large). Using unexpanded.\n" msgid "WARNING: unable to %%-expand notation (too large). Using unexpanded.\n"
@ -5225,7 +5220,7 @@ msgid "%s: trustdb created\n"
msgstr "%s: 信用データベースができました\n" msgstr "%s: 信用データベースができました\n"
msgid "Note: trustdb not writable\n" msgid "Note: trustdb not writable\n"
msgstr "*注意*: 信用データベースが、書き込み不能です\n" msgstr "注意: 信用データベースが、書き込み不能です\n"
#, c-format #, c-format
msgid "%s: invalid trustdb\n" msgid "%s: invalid trustdb\n"
@ -6089,7 +6084,7 @@ msgid "failed to open '%s': %s\n"
msgstr "'%s'が開けません: %s\n" msgstr "'%s'が開けません: %s\n"
msgid "Note: non-critical certificate policy not allowed" msgid "Note: non-critical certificate policy not allowed"
msgstr "*注意*: クリティカルでない証明書ポリシーは認められません" msgstr "注意: クリティカルでない証明書ポリシーは認められません"
msgid "certificate policy not allowed" msgid "certificate policy not allowed"
msgstr "証明書ポリシーは認められません" msgstr "証明書ポリシーは認められません"
@ -6605,7 +6600,7 @@ msgstr ""
#, c-format #, c-format
msgid "Note: won't be able to encrypt to '%s': %s\n" msgid "Note: won't be able to encrypt to '%s': %s\n"
msgstr "*注意*:'%s'に対して暗号化できません: %s\n" msgstr "注意:'%s'に対して暗号化できません: %s\n"
#, c-format #, c-format
msgid "unknown validation model '%s'\n" msgid "unknown validation model '%s'\n"
@ -7233,31 +7228,17 @@ msgstr "発行者からcrl_cache_insertが失敗しました: %s\n"
msgid "reader to file mapping table full - waiting\n" msgid "reader to file mapping table full - waiting\n"
msgstr "readerからファイル・マッピングのテーブルがいっぱいです - 待ちます\n" msgstr "readerからファイル・マッピングのテーブルがいっぱいです - 待ちます\n"
msgid "using \"http\" instead of \"https\"\n"
msgstr "\"http\" を \"https\" の代わりに使います\n"
#, c-format #, c-format
msgid "CRL access not possible due to disabled %s\n" msgid "CRL access not possible due to disabled %s\n"
msgstr "CRLアクセスは停止された%sのため不可能です\n" msgstr "CRLアクセスは停止された%sのため不可能です\n"
#, c-format
msgid "error initializing reader object: %s\n"
msgstr "リーダ・オブジェクトの初期化エラー: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr "URL'%s' は '%s' (%u) へリダイレクトされました\n"
msgid "too many redirections\n"
msgstr "リダイレクトが多すぎます\n"
#, c-format #, c-format
msgid "error retrieving '%s': %s\n" msgid "error retrieving '%s': %s\n"
msgstr "'%s'を取得する際のエラー: %s\n" msgstr "'%s'を取得する際のエラー: %s\n"
#, c-format #, c-format
msgid "error retrieving '%s': http status %u\n" msgid "error initializing reader object: %s\n"
msgstr "'%s'の取得エラー: httpステイタス %u\n" msgstr "リーダ・オブジェクトの初期化エラー: %s\n"
msgid "CRL access not possible due to Tor mode\n" msgid "CRL access not possible due to Tor mode\n"
msgstr "CRLアクセスはTorモードのため不可能です\n" msgstr "CRLアクセスはTorモードのため不可能です\n"
@ -7672,10 +7653,6 @@ msgstr "log出力エラー: %s\n"
msgid "error reading log from ldap wrapper %d: %s\n" msgid "error reading log from ldap wrapper %d: %s\n"
msgstr "ldap wrapper %dからのログの読み込みエラー: %s\n" msgstr "ldap wrapper %dからのログの読み込みエラー: %s\n"
#, c-format
msgid "npth_select failed: %s - waiting 1s\n"
msgstr "npth_selectに失敗しました: %s - 一秒待ちます\n"
#, c-format #, c-format
msgid "ldap wrapper %d ready" msgid "ldap wrapper %d ready"
msgstr "ldap wrapper %d が準備完了" msgstr "ldap wrapper %d が準備完了"
@ -7696,14 +7673,6 @@ msgstr "ldap wrapper %dの待ちが失敗: %s\n"
msgid "ldap wrapper %d stalled - killing\n" msgid "ldap wrapper %d stalled - killing\n"
msgstr "ldap wrapper %d が止まりました - killしています\n" msgstr "ldap wrapper %d が止まりました - killしています\n"
#, c-format
msgid "error spawning ldap wrapper reaper thread: %s\n"
msgstr "ldap wrapperのスレッドの起動でエラー: %s\n"
#, c-format
msgid "reading from ldap wrapper %d failed: %s\n"
msgstr "ldap wrapper %d からの読み込みに失敗しました: %s\n"
#, c-format #, c-format
msgid "invalid char 0x%02x in host name - not added\n" msgid "invalid char 0x%02x in host name - not added\n"
msgstr "ホスト名に無効な文字 0x%02x - 加えません\n" msgstr "ホスト名に無効な文字 0x%02x - 加えません\n"
@ -7767,6 +7736,13 @@ msgstr "'%s'の接続エラー: %s\n"
msgid "error reading HTTP response for '%s': %s\n" msgid "error reading HTTP response for '%s': %s\n"
msgstr "'%s'のHTTP応答の読み込みエラー: %s\n" msgstr "'%s'のHTTP応答の読み込みエラー: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr "URL'%s' は '%s' (%u) へリダイレクトされました\n"
msgid "too many redirections\n"
msgstr "リダイレクトが多すぎます\n"
#, c-format #, c-format
msgid "error parsing OCSP response for '%s': %s\n" msgid "error parsing OCSP response for '%s': %s\n"
msgstr "'%s'に対するOCSP応答構文解析エラー: %s\n" msgstr "'%s'に対するOCSP応答構文解析エラー: %s\n"
@ -8356,6 +8332,21 @@ msgstr ""
"形式: gpg-check-pattern [オプション] パターンファイル\n" "形式: gpg-check-pattern [オプション] パターンファイル\n"
"パターンファイルに対して標準入力のパスフレーズを確認する\n" "パターンファイルに対して標準入力のパスフレーズを確認する\n"
#~ msgid "using \"http\" instead of \"https\"\n"
#~ msgstr "\"http\" を \"https\" の代わりに使います\n"
#~ msgid "error retrieving '%s': http status %u\n"
#~ msgstr "'%s'の取得エラー: httpステイタス %u\n"
#~ msgid "npth_select failed: %s - waiting 1s\n"
#~ msgstr "npth_selectに失敗しました: %s - 一秒待ちます\n"
#~ msgid "error spawning ldap wrapper reaper thread: %s\n"
#~ msgstr "ldap wrapperのスレッドの起動でエラー: %s\n"
#~ msgid "reading from ldap wrapper %d failed: %s\n"
#~ msgstr "ldap wrapper %d からの読み込みに失敗しました: %s\n"
#~ msgid "No change." #~ msgid "No change."
#~ msgstr "変更なし。" #~ msgstr "変更なし。"

52
po/nb.po
View File

@ -7365,31 +7365,17 @@ msgstr "crl_cache_insert via utsteder mislyktes: %s\n"
msgid "reader to file mapping table full - waiting\n" msgid "reader to file mapping table full - waiting\n"
msgstr "tilknytningstabell for overføring fra leser til fil er full. Venter\n" msgstr "tilknytningstabell for overføring fra leser til fil er full. Venter\n"
msgid "using \"http\" instead of \"https\"\n"
msgstr "bruker «http» i stedet for «https»\n"
#, c-format #, c-format
msgid "CRL access not possible due to disabled %s\n" msgid "CRL access not possible due to disabled %s\n"
msgstr "Ingen CRL-tilgang fordi %s er slått av\n" msgstr "Ingen CRL-tilgang fordi %s er slått av\n"
#, c-format
msgid "error initializing reader object: %s\n"
msgstr "feil under innlasting av leserobjekt: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr "Videresendt fra adresse «%s» til «%s» (%u)\n"
msgid "too many redirections\n"
msgstr "for mange videresendinger\n"
#, c-format #, c-format
msgid "error retrieving '%s': %s\n" msgid "error retrieving '%s': %s\n"
msgstr "feil under henting av «%s»: %s\n" msgstr "feil under henting av «%s»: %s\n"
#, c-format #, c-format
msgid "error retrieving '%s': http status %u\n" msgid "error initializing reader object: %s\n"
msgstr "feil under henting av «%s»: http-status %u\n" msgstr "feil under innlasting av leserobjekt: %s\n"
msgid "CRL access not possible due to Tor mode\n" msgid "CRL access not possible due to Tor mode\n"
msgstr "Ingen CRL-tilgang i Tor-modus\n" msgstr "Ingen CRL-tilgang i Tor-modus\n"
@ -7804,10 +7790,6 @@ msgstr "feil under utskrift av logglinje: %s\n"
msgid "error reading log from ldap wrapper %d: %s\n" msgid "error reading log from ldap wrapper %d: %s\n"
msgstr "feil under lesing av logg fra ldap-grensesnitt %d: %s\n" msgstr "feil under lesing av logg fra ldap-grensesnitt %d: %s\n"
#, c-format
msgid "npth_select failed: %s - waiting 1s\n"
msgstr "npth_select mislyktes: %s - venter 1s\n"
#, c-format #, c-format
msgid "ldap wrapper %d ready" msgid "ldap wrapper %d ready"
msgstr "ldap-grensesnitt %d klart" msgstr "ldap-grensesnitt %d klart"
@ -7828,14 +7810,6 @@ msgstr "venting på ldap-grensesnitt %d mislyktes: %s\n"
msgid "ldap wrapper %d stalled - killing\n" msgid "ldap wrapper %d stalled - killing\n"
msgstr "ldap-grensesnitt %d steilet - dreper prosess\n" msgstr "ldap-grensesnitt %d steilet - dreper prosess\n"
#, c-format
msgid "error spawning ldap wrapper reaper thread: %s\n"
msgstr "feil under oppbygging av «reaper»-tråd for ldap-grensesnitt: %s\n"
#, c-format
msgid "reading from ldap wrapper %d failed: %s\n"
msgstr "lesing fra ldap-grensesnitt %d mislyktes: %s\n"
#, c-format #, c-format
msgid "invalid char 0x%02x in host name - not added\n" msgid "invalid char 0x%02x in host name - not added\n"
msgstr "vertsnavn inneholder ugyldig tegn 0x%02x, og ble ikke lagt til\n" msgstr "vertsnavn inneholder ugyldig tegn 0x%02x, og ble ikke lagt til\n"
@ -7899,6 +7873,13 @@ msgstr "feil under tilkobling til «%s»: %s\n"
msgid "error reading HTTP response for '%s': %s\n" msgid "error reading HTTP response for '%s': %s\n"
msgstr "feil under lesing av HTTP-svar for «%s»: %s\n" msgstr "feil under lesing av HTTP-svar for «%s»: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr "Videresendt fra adresse «%s» til «%s» (%u)\n"
msgid "too many redirections\n"
msgstr "for mange videresendinger\n"
#, c-format #, c-format
msgid "error parsing OCSP response for '%s': %s\n" msgid "error parsing OCSP response for '%s': %s\n"
msgstr "feil under tolking av OCSP-svar for «%s»: %s\n" msgstr "feil under tolking av OCSP-svar for «%s»: %s\n"
@ -8488,6 +8469,21 @@ msgstr ""
"Syntaks: gpg-check-pattern [valg] mønsterfil\n" "Syntaks: gpg-check-pattern [valg] mønsterfil\n"
"Kontroller passordfrase oppgitt på standard innkanal mot valgt mønsterfil\n" "Kontroller passordfrase oppgitt på standard innkanal mot valgt mønsterfil\n"
#~ msgid "using \"http\" instead of \"https\"\n"
#~ msgstr "bruker «http» i stedet for «https»\n"
#~ msgid "error retrieving '%s': http status %u\n"
#~ msgstr "feil under henting av «%s»: http-status %u\n"
#~ msgid "npth_select failed: %s - waiting 1s\n"
#~ msgstr "npth_select mislyktes: %s - venter 1s\n"
#~ msgid "error spawning ldap wrapper reaper thread: %s\n"
#~ msgstr "feil under oppbygging av «reaper»-tråd for ldap-grensesnitt: %s\n"
#~ msgid "reading from ldap wrapper %d failed: %s\n"
#~ msgstr "lesing fra ldap-grensesnitt %d mislyktes: %s\n"
#~ msgid "What keysize do you want for the Signature key? (%u) " #~ msgid "What keysize do you want for the Signature key? (%u) "
#~ msgstr "Hvor stor skal signaturnøkkelen være? (%u) " #~ msgstr "Hvor stor skal signaturnøkkelen være? (%u) "

61
po/pl.po
View File

@ -8009,36 +8009,19 @@ msgstr "odbieranie linii nie powiodło się: %s\n"
msgid "reader to file mapping table full - waiting\n" msgid "reader to file mapping table full - waiting\n"
msgstr "" msgstr ""
msgid "using \"http\" instead of \"https\"\n"
msgstr ""
#, c-format #, c-format
msgid "CRL access not possible due to disabled %s\n" msgid "CRL access not possible due to disabled %s\n"
msgstr "" msgstr ""
#, fuzzy, c-format
#| msgid "%s: error writing dir record: %s\n"
msgid "error initializing reader object: %s\n"
msgstr "%s: błąd zapisu wpisu katalogowego: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
#| msgid "too many cipher preferences\n"
msgid "too many redirections\n"
msgstr "zbyt wiele ustawień szyfru\n"
#, fuzzy, c-format #, fuzzy, c-format
#| msgid "error retrieving `%s' via %s: %s\n" #| msgid "error retrieving `%s' via %s: %s\n"
msgid "error retrieving '%s': %s\n" msgid "error retrieving '%s': %s\n"
msgstr "błąd odtwarzania ,,%s'' poprzez %s: %s\n" msgstr "błąd odtwarzania ,,%s'' poprzez %s: %s\n"
#, fuzzy, c-format #, fuzzy, c-format
#| msgid "error running `%s': exit status %d\n" #| msgid "%s: error writing dir record: %s\n"
msgid "error retrieving '%s': http status %u\n" msgid "error initializing reader object: %s\n"
msgstr "błąd uruchamiania ,,%s'': kod wyjścia %d\n" msgstr "%s: błąd zapisu wpisu katalogowego: %s\n"
#, fuzzy #, fuzzy
#| msgid "certificate `%s' not found: %s\n" #| msgid "certificate `%s' not found: %s\n"
@ -8540,11 +8523,6 @@ msgstr "błąd zapisu do %s: %s\n"
msgid "error reading log from ldap wrapper %d: %s\n" msgid "error reading log from ldap wrapper %d: %s\n"
msgstr "błąd odczytu z %s: %s\n" msgstr "błąd odczytu z %s: %s\n"
#, fuzzy, c-format
#| msgid "pth_select failed: %s - waiting 1s\n"
msgid "npth_select failed: %s - waiting 1s\n"
msgstr "pth_select nie powiodło się: %s - czekanie 1s\n"
#, c-format #, c-format
msgid "ldap wrapper %d ready" msgid "ldap wrapper %d ready"
msgstr "" msgstr ""
@ -8566,15 +8544,6 @@ msgstr "oczekiwanie na zakończenie procesu %d nie powiodło się: %s\n"
msgid "ldap wrapper %d stalled - killing\n" msgid "ldap wrapper %d stalled - killing\n"
msgstr "" msgstr ""
#, c-format
msgid "error spawning ldap wrapper reaper thread: %s\n"
msgstr ""
#, fuzzy, c-format
#| msgid "reading public key failed: %s\n"
msgid "reading from ldap wrapper %d failed: %s\n"
msgstr "odczyt klucza publicznego nie powiódł się: %s\n"
#, c-format #, c-format
msgid "invalid char 0x%02x in host name - not added\n" msgid "invalid char 0x%02x in host name - not added\n"
msgstr "" msgstr ""
@ -8652,6 +8621,15 @@ msgstr "błąd zapisu do ,,%s'': %s\n"
msgid "error reading HTTP response for '%s': %s\n" msgid "error reading HTTP response for '%s': %s\n"
msgstr "błąd odczytu z %s: %s\n" msgstr "błąd odczytu z %s: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
#| msgid "too many cipher preferences\n"
msgid "too many redirections\n"
msgstr "zbyt wiele ustawień szyfru\n"
#, fuzzy, c-format #, fuzzy, c-format
#| msgid "error binding socket to `%s': %s\n" #| msgid "error binding socket to `%s': %s\n"
msgid "error parsing OCSP response for '%s': %s\n" msgid "error parsing OCSP response for '%s': %s\n"
@ -9327,6 +9305,21 @@ msgstr ""
"Składnia: gpg-check-pattern [opcje] plik-wzorców\n" "Składnia: gpg-check-pattern [opcje] plik-wzorców\n"
"Sprawdzanie hasła ze standardowego wejścia względem pliku wzorców\n" "Sprawdzanie hasła ze standardowego wejścia względem pliku wzorców\n"
#, fuzzy
#~| msgid "error running `%s': exit status %d\n"
#~ msgid "error retrieving '%s': http status %u\n"
#~ msgstr "błąd uruchamiania ,,%s'': kod wyjścia %d\n"
#, fuzzy
#~| msgid "pth_select failed: %s - waiting 1s\n"
#~ msgid "npth_select failed: %s - waiting 1s\n"
#~ msgstr "pth_select nie powiodło się: %s - czekanie 1s\n"
#, fuzzy
#~| msgid "reading public key failed: %s\n"
#~ msgid "reading from ldap wrapper %d failed: %s\n"
#~ msgstr "odczyt klucza publicznego nie powiódł się: %s\n"
#~ msgid "What keysize do you want for the Signature key? (%u) " #~ msgid "What keysize do you want for the Signature key? (%u) "
#~ msgstr "Jakiej długości klucz do podpisywania wygenerować? (%u) " #~ msgstr "Jakiej długości klucz do podpisywania wygenerować? (%u) "

53
po/pt.po
View File

@ -7773,33 +7773,18 @@ msgstr "remoção do bloco de chave falhou: %s\n"
msgid "reader to file mapping table full - waiting\n" msgid "reader to file mapping table full - waiting\n"
msgstr "" msgstr ""
msgid "using \"http\" instead of \"https\"\n"
msgstr ""
#, c-format #, c-format
msgid "CRL access not possible due to disabled %s\n" msgid "CRL access not possible due to disabled %s\n"
msgstr "" msgstr ""
#, fuzzy, c-format
#| msgid "%s: error writing dir record: %s\n"
msgid "error initializing reader object: %s\n"
msgstr "%s: erro ao escrever registo de diretório: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
msgid "too many redirections\n"
msgstr "demasiadas preferências `%c'\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error retrieving '%s': %s\n" msgid "error retrieving '%s': %s\n"
msgstr "erro ao criar `%s': %s\n" msgstr "erro ao criar `%s': %s\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error retrieving '%s': http status %u\n" #| msgid "%s: error writing dir record: %s\n"
msgstr "erro na leitura de `%s': %s\n" msgid "error initializing reader object: %s\n"
msgstr "%s: erro ao escrever registo de diretório: %s\n"
#, fuzzy #, fuzzy
msgid "CRL access not possible due to Tor mode\n" msgid "CRL access not possible due to Tor mode\n"
@ -8249,10 +8234,6 @@ msgstr "erro na escrita do porta-chaves `%s': %s\n"
msgid "error reading log from ldap wrapper %d: %s\n" msgid "error reading log from ldap wrapper %d: %s\n"
msgstr "erro na leitura de `%s': %s\n" msgstr "erro na leitura de `%s': %s\n"
#, fuzzy, c-format
msgid "npth_select failed: %s - waiting 1s\n"
msgstr "actualização da chave secreta falhou: %s\n"
#, c-format #, c-format
msgid "ldap wrapper %d ready" msgid "ldap wrapper %d ready"
msgstr "" msgstr ""
@ -8273,14 +8254,6 @@ msgstr "actualização falhou: %s\n"
msgid "ldap wrapper %d stalled - killing\n" msgid "ldap wrapper %d stalled - killing\n"
msgstr "" msgstr ""
#, c-format
msgid "error spawning ldap wrapper reaper thread: %s\n"
msgstr ""
#, fuzzy, c-format
msgid "reading from ldap wrapper %d failed: %s\n"
msgstr "remoção do bloco de chave falhou: %s\n"
#, c-format #, c-format
msgid "invalid char 0x%02x in host name - not added\n" msgid "invalid char 0x%02x in host name - not added\n"
msgstr "" msgstr ""
@ -8348,6 +8321,14 @@ msgstr "erro na escrita do porta-chaves `%s': %s\n"
msgid "error reading HTTP response for '%s': %s\n" msgid "error reading HTTP response for '%s': %s\n"
msgstr "erro na leitura de `%s': %s\n" msgstr "erro na leitura de `%s': %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
msgid "too many redirections\n"
msgstr "demasiadas preferências `%c'\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error parsing OCSP response for '%s': %s\n" msgid "error parsing OCSP response for '%s': %s\n"
msgstr "erro ao enviar para `%s': %s\n" msgstr "erro ao enviar para `%s': %s\n"
@ -8965,6 +8946,18 @@ msgid ""
"Check a passphrase given on stdin against the patternfile\n" "Check a passphrase given on stdin against the patternfile\n"
msgstr "" msgstr ""
#, fuzzy
#~ msgid "error retrieving '%s': http status %u\n"
#~ msgstr "erro na leitura de `%s': %s\n"
#, fuzzy
#~ msgid "npth_select failed: %s - waiting 1s\n"
#~ msgstr "actualização da chave secreta falhou: %s\n"
#, fuzzy
#~ msgid "reading from ldap wrapper %d failed: %s\n"
#~ msgstr "remoção do bloco de chave falhou: %s\n"
#, fuzzy #, fuzzy
#~ msgid "What keysize do you want for the Signature key? (%u) " #~ msgid "What keysize do you want for the Signature key? (%u) "
#~ msgstr "Qual o tamanho de chave desejado? (1024) " #~ msgstr "Qual o tamanho de chave desejado? (1024) "

57
po/ro.po
View File

@ -7835,34 +7835,18 @@ msgstr "citirea cheii publice a eşuat: %s\n"
msgid "reader to file mapping table full - waiting\n" msgid "reader to file mapping table full - waiting\n"
msgstr "" msgstr ""
msgid "using \"http\" instead of \"https\"\n"
msgstr ""
#, c-format #, c-format
msgid "CRL access not possible due to disabled %s\n" msgid "CRL access not possible due to disabled %s\n"
msgstr "" msgstr ""
#, fuzzy, c-format
#| msgid "%s: error writing dir record: %s\n"
msgid "error initializing reader object: %s\n"
msgstr "%s: eroare scriere înregistrare dir: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
#| msgid "too many cipher preferences\n"
msgid "too many redirections\n"
msgstr "prea multe preferinţe de cifrare\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error retrieving '%s': %s\n" msgid "error retrieving '%s': %s\n"
msgstr "eroare la creearea `%s': %s\n" msgstr "eroare la creearea `%s': %s\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error retrieving '%s': http status %u\n" #| msgid "%s: error writing dir record: %s\n"
msgstr "eroare la citire `%s': %s\n" msgid "error initializing reader object: %s\n"
msgstr "%s: eroare scriere înregistrare dir: %s\n"
#, fuzzy #, fuzzy
msgid "CRL access not possible due to Tor mode\n" msgid "CRL access not possible due to Tor mode\n"
@ -8324,10 +8308,6 @@ msgstr "eroare la scrierea inelului de chei `%s': %s\n"
msgid "error reading log from ldap wrapper %d: %s\n" msgid "error reading log from ldap wrapper %d: %s\n"
msgstr "eroare la citire `%s': %s\n" msgstr "eroare la citire `%s': %s\n"
#, fuzzy, c-format
msgid "npth_select failed: %s - waiting 1s\n"
msgstr "actualizarea secretului a eşuat: %s\n"
#, c-format #, c-format
msgid "ldap wrapper %d ready" msgid "ldap wrapper %d ready"
msgstr "" msgstr ""
@ -8348,15 +8328,6 @@ msgstr "actualizarea a eşuat: %s\n"
msgid "ldap wrapper %d stalled - killing\n" msgid "ldap wrapper %d stalled - killing\n"
msgstr "" msgstr ""
#, c-format
msgid "error spawning ldap wrapper reaper thread: %s\n"
msgstr ""
#, fuzzy, c-format
#| msgid "reading public key failed: %s\n"
msgid "reading from ldap wrapper %d failed: %s\n"
msgstr "citirea cheii publice a eşuat: %s\n"
#, c-format #, c-format
msgid "invalid char 0x%02x in host name - not added\n" msgid "invalid char 0x%02x in host name - not added\n"
msgstr "" msgstr ""
@ -8426,6 +8397,15 @@ msgstr "eroare la scrierea inelului de chei `%s': %s\n"
msgid "error reading HTTP response for '%s': %s\n" msgid "error reading HTTP response for '%s': %s\n"
msgstr "eroare la citire `%s': %s\n" msgstr "eroare la citire `%s': %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
#| msgid "too many cipher preferences\n"
msgid "too many redirections\n"
msgstr "prea multe preferinţe de cifrare\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error parsing OCSP response for '%s': %s\n" msgid "error parsing OCSP response for '%s': %s\n"
msgstr "eroare trimitere la `%s': %s\n" msgstr "eroare trimitere la `%s': %s\n"
@ -9047,6 +9027,19 @@ msgid ""
"Check a passphrase given on stdin against the patternfile\n" "Check a passphrase given on stdin against the patternfile\n"
msgstr "" msgstr ""
#, fuzzy
#~ msgid "error retrieving '%s': http status %u\n"
#~ msgstr "eroare la citire `%s': %s\n"
#, fuzzy
#~ msgid "npth_select failed: %s - waiting 1s\n"
#~ msgstr "actualizarea secretului a eşuat: %s\n"
#, fuzzy
#~| msgid "reading public key failed: %s\n"
#~ msgid "reading from ldap wrapper %d failed: %s\n"
#~ msgstr "citirea cheii publice a eşuat: %s\n"
#, fuzzy #, fuzzy
#~ msgid "What keysize do you want for the Signature key? (%u) " #~ msgid "What keysize do you want for the Signature key? (%u) "
#~ msgstr "Ce lungime de cheie doriţi? (%u) " #~ msgstr "Ce lungime de cheie doriţi? (%u) "

53
po/ru.po
View File

@ -7492,33 +7492,19 @@ msgstr "сбой crl_cache_insert через издателя: %s\n"
msgid "reader to file mapping table full - waiting\n" msgid "reader to file mapping table full - waiting\n"
msgstr "ожидание ресурсов для объекта чтения\n" msgstr "ожидание ресурсов для объекта чтения\n"
msgid "using \"http\" instead of \"https\"\n"
msgstr "используется \"http\" вместо \"https\"\n"
#, c-format #, c-format
msgid "CRL access not possible due to disabled %s\n" msgid "CRL access not possible due to disabled %s\n"
msgstr "" msgstr ""
"Доступ к списку отозванных сертификатов невозможен\n" "Доступ к списку отозванных сертификатов невозможен\n"
"из-за того, что не задействуется %s\n" "из-за того, что не задействуется %s\n"
#, c-format
msgid "error initializing reader object: %s\n"
msgstr "ошибка инициализации объекта устройства чтения: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr "URL '%s' перенаправлен на '%s' (%u)\n"
msgid "too many redirections\n"
msgstr "слишком много перенаправлений\n"
#, c-format #, c-format
msgid "error retrieving '%s': %s\n" msgid "error retrieving '%s': %s\n"
msgstr "ошибка получения '%s': %s\n" msgstr "ошибка получения '%s': %s\n"
#, c-format #, c-format
msgid "error retrieving '%s': http status %u\n" msgid "error initializing reader object: %s\n"
msgstr "ошибка получения '%s': статус HTTP %u\n" msgstr "ошибка инициализации объекта устройства чтения: %s\n"
msgid "CRL access not possible due to Tor mode\n" msgid "CRL access not possible due to Tor mode\n"
msgstr "" msgstr ""
@ -7942,10 +7928,6 @@ msgstr "ошибка вывода строки журнала: %s\n"
msgid "error reading log from ldap wrapper %d: %s\n" msgid "error reading log from ldap wrapper %d: %s\n"
msgstr "ошибка чтения журнала из обертки LDAP %d: %s\n" msgstr "ошибка чтения журнала из обертки LDAP %d: %s\n"
#, c-format
msgid "npth_select failed: %s - waiting 1s\n"
msgstr "сбой npth_select: %s - жду 1 секунду\n"
#, c-format #, c-format
msgid "ldap wrapper %d ready" msgid "ldap wrapper %d ready"
msgstr "обертка LDAP %d готова" msgstr "обертка LDAP %d готова"
@ -7966,14 +7948,6 @@ msgstr "сбой при ожидании обертки LDAP %d: %s\n"
msgid "ldap wrapper %d stalled - killing\n" msgid "ldap wrapper %d stalled - killing\n"
msgstr "обертка LDAP %d зависла - будет удалена\n" msgstr "обертка LDAP %d зависла - будет удалена\n"
#, c-format
msgid "error spawning ldap wrapper reaper thread: %s\n"
msgstr "ошибка при запуске прерывающего потока управления обертки LDAP: %s\n"
#, c-format
msgid "reading from ldap wrapper %d failed: %s\n"
msgstr "сбой при чтении из обертки LDAP %d: %s\n"
#, c-format #, c-format
msgid "invalid char 0x%02x in host name - not added\n" msgid "invalid char 0x%02x in host name - not added\n"
msgstr "недопустимый символ 0x%02x в имени хоста - не добавляется\n" msgstr "недопустимый символ 0x%02x в имени хоста - не добавляется\n"
@ -8037,6 +8011,13 @@ msgstr "ошибка соединения с '%s': %s\n"
msgid "error reading HTTP response for '%s': %s\n" msgid "error reading HTTP response for '%s': %s\n"
msgstr "ошибка чтения ответа HTTP для '%s': %s\n" msgstr "ошибка чтения ответа HTTP для '%s': %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr "URL '%s' перенаправлен на '%s' (%u)\n"
msgid "too many redirections\n"
msgstr "слишком много перенаправлений\n"
#, c-format #, c-format
msgid "error parsing OCSP response for '%s': %s\n" msgid "error parsing OCSP response for '%s': %s\n"
msgstr "ошибка разбора ответа OCSP для '%s': %s\n" msgstr "ошибка разбора ответа OCSP для '%s': %s\n"
@ -8630,6 +8611,22 @@ msgstr ""
"Синтаксис: gpg-check-pattern [параметры] файл_образцов\n" "Синтаксис: gpg-check-pattern [параметры] файл_образцов\n"
"Проверить фразу-пароль, поступающую из stdin, по файлу образцов\n" "Проверить фразу-пароль, поступающую из stdin, по файлу образцов\n"
#~ msgid "using \"http\" instead of \"https\"\n"
#~ msgstr "используется \"http\" вместо \"https\"\n"
#~ msgid "error retrieving '%s': http status %u\n"
#~ msgstr "ошибка получения '%s': статус HTTP %u\n"
#~ msgid "npth_select failed: %s - waiting 1s\n"
#~ msgstr "сбой npth_select: %s - жду 1 секунду\n"
#~ msgid "error spawning ldap wrapper reaper thread: %s\n"
#~ msgstr ""
#~ "ошибка при запуске прерывающего потока управления обертки LDAP: %s\n"
#~ msgid "reading from ldap wrapper %d failed: %s\n"
#~ msgstr "сбой при чтении из обертки LDAP %d: %s\n"
#~ msgid "What keysize do you want for the Signature key? (%u) " #~ msgid "What keysize do you want for the Signature key? (%u) "
#~ msgstr "Какой Вам нужен размер ключа для подписей? (%u) " #~ msgstr "Какой Вам нужен размер ключа для подписей? (%u) "

53
po/sk.po
View File

@ -7797,33 +7797,18 @@ msgstr "zmazanie bloku kľúča sa nepodarilo: %s\n"
msgid "reader to file mapping table full - waiting\n" msgid "reader to file mapping table full - waiting\n"
msgstr "" msgstr ""
msgid "using \"http\" instead of \"https\"\n"
msgstr ""
#, c-format #, c-format
msgid "CRL access not possible due to disabled %s\n" msgid "CRL access not possible due to disabled %s\n"
msgstr "" msgstr ""
#, fuzzy, c-format
#| msgid "%s: error writing dir record: %s\n"
msgid "error initializing reader object: %s\n"
msgstr "%s: chyba pri zápise adresárového záznamu: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
msgid "too many redirections\n"
msgstr "príliš veľa `%c' predvolieb\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error retrieving '%s': %s\n" msgid "error retrieving '%s': %s\n"
msgstr "chyba pri vytváraní `%s': %s\n" msgstr "chyba pri vytváraní `%s': %s\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error retrieving '%s': http status %u\n" #| msgid "%s: error writing dir record: %s\n"
msgstr "chyba pri čítaní `%s': %s\n" msgid "error initializing reader object: %s\n"
msgstr "%s: chyba pri zápise adresárového záznamu: %s\n"
#, fuzzy #, fuzzy
msgid "CRL access not possible due to Tor mode\n" msgid "CRL access not possible due to Tor mode\n"
@ -8272,10 +8257,6 @@ msgstr "chyba pri zápise súboru kľúčov (keyring) `%s': %s\n"
msgid "error reading log from ldap wrapper %d: %s\n" msgid "error reading log from ldap wrapper %d: %s\n"
msgstr "chyba pri čítaní `%s': %s\n" msgstr "chyba pri čítaní `%s': %s\n"
#, fuzzy, c-format
msgid "npth_select failed: %s - waiting 1s\n"
msgstr "aktualizácia tajného kľúča zlyhala: %s\n"
#, c-format #, c-format
msgid "ldap wrapper %d ready" msgid "ldap wrapper %d ready"
msgstr "" msgstr ""
@ -8296,14 +8277,6 @@ msgstr "aktualizácia zlyhala: %s\n"
msgid "ldap wrapper %d stalled - killing\n" msgid "ldap wrapper %d stalled - killing\n"
msgstr "" msgstr ""
#, c-format
msgid "error spawning ldap wrapper reaper thread: %s\n"
msgstr ""
#, fuzzy, c-format
msgid "reading from ldap wrapper %d failed: %s\n"
msgstr "zmazanie bloku kľúča sa nepodarilo: %s\n"
#, c-format #, c-format
msgid "invalid char 0x%02x in host name - not added\n" msgid "invalid char 0x%02x in host name - not added\n"
msgstr "" msgstr ""
@ -8371,6 +8344,14 @@ msgstr "chyba pri zápise súboru kľúčov (keyring) `%s': %s\n"
msgid "error reading HTTP response for '%s': %s\n" msgid "error reading HTTP response for '%s': %s\n"
msgstr "chyba pri čítaní `%s': %s\n" msgstr "chyba pri čítaní `%s': %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
msgid "too many redirections\n"
msgstr "príliš veľa `%c' predvolieb\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error parsing OCSP response for '%s': %s\n" msgid "error parsing OCSP response for '%s': %s\n"
msgstr "chyba pri posielaní na `%s': %s\n" msgstr "chyba pri posielaní na `%s': %s\n"
@ -8988,6 +8969,18 @@ msgid ""
"Check a passphrase given on stdin against the patternfile\n" "Check a passphrase given on stdin against the patternfile\n"
msgstr "" msgstr ""
#, fuzzy
#~ msgid "error retrieving '%s': http status %u\n"
#~ msgstr "chyba pri čítaní `%s': %s\n"
#, fuzzy
#~ msgid "npth_select failed: %s - waiting 1s\n"
#~ msgstr "aktualizácia tajného kľúča zlyhala: %s\n"
#, fuzzy
#~ msgid "reading from ldap wrapper %d failed: %s\n"
#~ msgstr "zmazanie bloku kľúča sa nepodarilo: %s\n"
#, fuzzy #, fuzzy
#~ msgid "What keysize do you want for the Signature key? (%u) " #~ msgid "What keysize do you want for the Signature key? (%u) "
#~ msgstr "Akú veľkosť kľúča si prajete? (1024) " #~ msgstr "Akú veľkosť kľúča si prajete? (1024) "

61
po/sv.po
View File

@ -8088,36 +8088,19 @@ msgstr "mottagande rad misslyckades: %s\n"
msgid "reader to file mapping table full - waiting\n" msgid "reader to file mapping table full - waiting\n"
msgstr "" msgstr ""
msgid "using \"http\" instead of \"https\"\n"
msgstr ""
#, c-format #, c-format
msgid "CRL access not possible due to disabled %s\n" msgid "CRL access not possible due to disabled %s\n"
msgstr "" msgstr ""
#, fuzzy, c-format
#| msgid "%s: error writing dir record: %s\n"
msgid "error initializing reader object: %s\n"
msgstr "%s: fel vid läsning av katalogpost: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
#| msgid "too many cipher preferences\n"
msgid "too many redirections\n"
msgstr "för många chifferinställningar\n"
#, fuzzy, c-format #, fuzzy, c-format
#| msgid "error retrieving `%s' via %s: %s\n" #| msgid "error retrieving `%s' via %s: %s\n"
msgid "error retrieving '%s': %s\n" msgid "error retrieving '%s': %s\n"
msgstr "fel vid hämtning av \"%s\" via %s: %s\n" msgstr "fel vid hämtning av \"%s\" via %s: %s\n"
#, fuzzy, c-format #, fuzzy, c-format
#| msgid "error running `%s': exit status %d\n" #| msgid "%s: error writing dir record: %s\n"
msgid "error retrieving '%s': http status %u\n" msgid "error initializing reader object: %s\n"
msgstr "fel vid körning av \"%s\": avslutsstatus %d\n" msgstr "%s: fel vid läsning av katalogpost: %s\n"
#, fuzzy #, fuzzy
#| msgid "certificate `%s' not found: %s\n" #| msgid "certificate `%s' not found: %s\n"
@ -8622,11 +8605,6 @@ msgstr "fel vid skrivning till %s: %s\n"
msgid "error reading log from ldap wrapper %d: %s\n" msgid "error reading log from ldap wrapper %d: %s\n"
msgstr "fel vid läsning från %s: %s\n" msgstr "fel vid läsning från %s: %s\n"
#, fuzzy, c-format
#| msgid "pth_select failed: %s - waiting 1s\n"
msgid "npth_select failed: %s - waiting 1s\n"
msgstr "pth_select misslyckades: %s - väntar 1 s\n"
#, c-format #, c-format
msgid "ldap wrapper %d ready" msgid "ldap wrapper %d ready"
msgstr "" msgstr ""
@ -8648,15 +8626,6 @@ msgstr "misslyckades med att vänta på att processen %d skulle avslutas: %s\n"
msgid "ldap wrapper %d stalled - killing\n" msgid "ldap wrapper %d stalled - killing\n"
msgstr "" msgstr ""
#, c-format
msgid "error spawning ldap wrapper reaper thread: %s\n"
msgstr ""
#, fuzzy, c-format
#| msgid "reading public key failed: %s\n"
msgid "reading from ldap wrapper %d failed: %s\n"
msgstr "läsning av publik nyckel misslyckades: %s\n"
#, c-format #, c-format
msgid "invalid char 0x%02x in host name - not added\n" msgid "invalid char 0x%02x in host name - not added\n"
msgstr "" msgstr ""
@ -8734,6 +8703,15 @@ msgstr "fel vid skrivning till \"%s\": %s\n"
msgid "error reading HTTP response for '%s': %s\n" msgid "error reading HTTP response for '%s': %s\n"
msgstr "fel vid läsning från %s: %s\n" msgstr "fel vid läsning från %s: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
#| msgid "too many cipher preferences\n"
msgid "too many redirections\n"
msgstr "för många chifferinställningar\n"
#, fuzzy, c-format #, fuzzy, c-format
#| msgid "error binding socket to `%s': %s\n" #| msgid "error binding socket to `%s': %s\n"
msgid "error parsing OCSP response for '%s': %s\n" msgid "error parsing OCSP response for '%s': %s\n"
@ -9408,6 +9386,21 @@ msgstr ""
"Syntax: gpg-check-pattern [flaggor] mönsterfil\n" "Syntax: gpg-check-pattern [flaggor] mönsterfil\n"
"Kontrollera en lösenfras angiven på standard in mot mönsterfilen\n" "Kontrollera en lösenfras angiven på standard in mot mönsterfilen\n"
#, fuzzy
#~| msgid "error running `%s': exit status %d\n"
#~ msgid "error retrieving '%s': http status %u\n"
#~ msgstr "fel vid körning av \"%s\": avslutsstatus %d\n"
#, fuzzy
#~| msgid "pth_select failed: %s - waiting 1s\n"
#~ msgid "npth_select failed: %s - waiting 1s\n"
#~ msgstr "pth_select misslyckades: %s - väntar 1 s\n"
#, fuzzy
#~| msgid "reading public key failed: %s\n"
#~ msgid "reading from ldap wrapper %d failed: %s\n"
#~ msgstr "läsning av publik nyckel misslyckades: %s\n"
#~ msgid "What keysize do you want for the Signature key? (%u) " #~ msgid "What keysize do you want for the Signature key? (%u) "
#~ msgstr "Vilken nyckelstorlek vill du använda för signaturnyckeln? (%u) " #~ msgstr "Vilken nyckelstorlek vill du använda för signaturnyckeln? (%u) "

61
po/tr.po
View File

@ -7990,36 +7990,19 @@ msgstr "satır alımı başarısız: %s\n"
msgid "reader to file mapping table full - waiting\n" msgid "reader to file mapping table full - waiting\n"
msgstr "" msgstr ""
msgid "using \"http\" instead of \"https\"\n"
msgstr ""
#, c-format #, c-format
msgid "CRL access not possible due to disabled %s\n" msgid "CRL access not possible due to disabled %s\n"
msgstr "" msgstr ""
#, fuzzy, c-format
#| msgid "%s: error writing dir record: %s\n"
msgid "error initializing reader object: %s\n"
msgstr "%s: dizin kaydını yazma hatası: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
#| msgid "too many cipher preferences\n"
msgid "too many redirections\n"
msgstr "çok fazla şifreleme tercihi\n"
#, fuzzy, c-format #, fuzzy, c-format
#| msgid "error retrieving `%s' via %s: %s\n" #| msgid "error retrieving `%s' via %s: %s\n"
msgid "error retrieving '%s': %s\n" msgid "error retrieving '%s': %s\n"
msgstr "`%s' %s üzerinden alınırken hata: %s\n" msgstr "`%s' %s üzerinden alınırken hata: %s\n"
#, fuzzy, c-format #, fuzzy, c-format
#| msgid "error running `%s': exit status %d\n" #| msgid "%s: error writing dir record: %s\n"
msgid "error retrieving '%s': http status %u\n" msgid "error initializing reader object: %s\n"
msgstr "`%s' çalışırken hata: çıkış durumu: %d\n" msgstr "%s: dizin kaydını yazma hatası: %s\n"
#, fuzzy #, fuzzy
#| msgid "certificate `%s' not found: %s\n" #| msgid "certificate `%s' not found: %s\n"
@ -8521,11 +8504,6 @@ msgstr "%s yazılırken hata: %s\n"
msgid "error reading log from ldap wrapper %d: %s\n" msgid "error reading log from ldap wrapper %d: %s\n"
msgstr "%s okunurken hata: %s\n" msgstr "%s okunurken hata: %s\n"
#, fuzzy, c-format
#| msgid "pth_select failed: %s - waiting 1s\n"
msgid "npth_select failed: %s - waiting 1s\n"
msgstr "pth_select başarısız: %s - 1s bekliyor\n"
#, c-format #, c-format
msgid "ldap wrapper %d ready" msgid "ldap wrapper %d ready"
msgstr "" msgstr ""
@ -8547,15 +8525,6 @@ msgstr "süreç %d sonlanacak diye beklerken başarısızlık: %s\n"
msgid "ldap wrapper %d stalled - killing\n" msgid "ldap wrapper %d stalled - killing\n"
msgstr "" msgstr ""
#, c-format
msgid "error spawning ldap wrapper reaper thread: %s\n"
msgstr ""
#, fuzzy, c-format
#| msgid "reading public key failed: %s\n"
msgid "reading from ldap wrapper %d failed: %s\n"
msgstr "genel anahtar okuması başarısız: %s\n"
#, c-format #, c-format
msgid "invalid char 0x%02x in host name - not added\n" msgid "invalid char 0x%02x in host name - not added\n"
msgstr "" msgstr ""
@ -8633,6 +8602,15 @@ msgstr "`%s' yazılırken hata: %s\n"
msgid "error reading HTTP response for '%s': %s\n" msgid "error reading HTTP response for '%s': %s\n"
msgstr "%s okunurken hata: %s\n" msgstr "%s okunurken hata: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
#| msgid "too many cipher preferences\n"
msgid "too many redirections\n"
msgstr "çok fazla şifreleme tercihi\n"
#, fuzzy, c-format #, fuzzy, c-format
#| msgid "error binding socket to `%s': %s\n" #| msgid "error binding socket to `%s': %s\n"
msgid "error parsing OCSP response for '%s': %s\n" msgid "error parsing OCSP response for '%s': %s\n"
@ -9309,6 +9287,21 @@ msgstr ""
"Standart girdiden verilen anahtar parolasını örüntü dosyasıyla " "Standart girdiden verilen anahtar parolasını örüntü dosyasıyla "
"karşılaştırır\n" "karşılaştırır\n"
#, fuzzy
#~| msgid "error running `%s': exit status %d\n"
#~ msgid "error retrieving '%s': http status %u\n"
#~ msgstr "`%s' çalışırken hata: çıkış durumu: %d\n"
#, fuzzy
#~| msgid "pth_select failed: %s - waiting 1s\n"
#~ msgid "npth_select failed: %s - waiting 1s\n"
#~ msgstr "pth_select başarısız: %s - 1s bekliyor\n"
#, fuzzy
#~| msgid "reading public key failed: %s\n"
#~ msgid "reading from ldap wrapper %d failed: %s\n"
#~ msgstr "genel anahtar okuması başarısız: %s\n"
#, fuzzy #, fuzzy
#~ msgid "What keysize do you want for the Signature key? (%u) " #~ msgid "What keysize do you want for the Signature key? (%u) "
#~ msgstr "İstediğiniz anahtar uzunluğu nedir? (%u) " #~ msgstr "İstediğiniz anahtar uzunluğu nedir? (%u) "

55
po/uk.po
View File

@ -7608,31 +7608,17 @@ msgstr "помилка crl_cache_insert за видавцем: %s\n"
msgid "reader to file mapping table full - waiting\n" msgid "reader to file mapping table full - waiting\n"
msgstr "засіб читання до таблиці відповідності файлів переповнено — очікуємо\n" msgstr "засіб читання до таблиці відповідності файлів переповнено — очікуємо\n"
msgid "using \"http\" instead of \"https\"\n"
msgstr "використовуємо «http» замість «https»\n"
#, c-format #, c-format
msgid "CRL access not possible due to disabled %s\n" msgid "CRL access not possible due to disabled %s\n"
msgstr "Доступ до CRL неможливий через вимкнений %s\n" msgstr "Доступ до CRL неможливий через вимкнений %s\n"
#, c-format
msgid "error initializing reader object: %s\n"
msgstr "помилка під час спроби ініціалізації об’єкта читання: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr "Адресу «%s» переспрямовано до «%s» (%u)\n"
msgid "too many redirections\n"
msgstr "занадто багато переспрямувань\n"
#, c-format #, c-format
msgid "error retrieving '%s': %s\n" msgid "error retrieving '%s': %s\n"
msgstr "помилка отримання «%s»: %s\n" msgstr "помилка отримання «%s»: %s\n"
#, c-format #, c-format
msgid "error retrieving '%s': http status %u\n" msgid "error initializing reader object: %s\n"
msgstr "помилка отримання «%s»: стан http %u\n" msgstr "помилка під час спроби ініціалізації об’єкта читання: %s\n"
msgid "CRL access not possible due to Tor mode\n" msgid "CRL access not possible due to Tor mode\n"
msgstr "Доступ до CRL неможливий через увімкнений режим Tor\n" msgstr "Доступ до CRL неможливий через увімкнений режим Tor\n"
@ -8051,10 +8037,6 @@ msgstr "помилка під час спроби виводу рядка жур
msgid "error reading log from ldap wrapper %d: %s\n" msgid "error reading log from ldap wrapper %d: %s\n"
msgstr "помилка під час спроби читання журналу з обгортки LDAP %d: %s\n" msgstr "помилка під час спроби читання журналу з обгортки LDAP %d: %s\n"
#, c-format
msgid "npth_select failed: %s - waiting 1s\n"
msgstr "помилка npth_select: %s — очікування у 1 с\n"
#, c-format #, c-format
msgid "ldap wrapper %d ready" msgid "ldap wrapper %d ready"
msgstr "обгортка LDAP %d готова" msgstr "обгортка LDAP %d готова"
@ -8075,15 +8057,6 @@ msgstr "очікування даних з обгортки LDAP %d зазнал
msgid "ldap wrapper %d stalled - killing\n" msgid "ldap wrapper %d stalled - killing\n"
msgstr "обгортка LDAP %d не відповідає — завершуємо роботу\n" msgstr "обгортка LDAP %d не відповідає — завершуємо роботу\n"
#, c-format
msgid "error spawning ldap wrapper reaper thread: %s\n"
msgstr ""
"помилка під час спроби породження потоку обгортки отримання даних LDAP: %s\n"
#, c-format
msgid "reading from ldap wrapper %d failed: %s\n"
msgstr "спроба читання з обгортки LDAP %d зазнала невдачі: %s\n"
#, c-format #, c-format
msgid "invalid char 0x%02x in host name - not added\n" msgid "invalid char 0x%02x in host name - not added\n"
msgstr "некоректний символ 0x%02x у назві вузла — не додано\n" msgstr "некоректний символ 0x%02x у назві вузла — не додано\n"
@ -8147,6 +8120,13 @@ msgstr "помилка під час спроби встановлення з’
msgid "error reading HTTP response for '%s': %s\n" msgid "error reading HTTP response for '%s': %s\n"
msgstr "помилка під час спроби читання відповіді за HTTP для «%s»: %s\n" msgstr "помилка під час спроби читання відповіді за HTTP для «%s»: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr "Адресу «%s» переспрямовано до «%s» (%u)\n"
msgid "too many redirections\n"
msgstr "занадто багато переспрямувань\n"
#, c-format #, c-format
msgid "error parsing OCSP response for '%s': %s\n" msgid "error parsing OCSP response for '%s': %s\n"
msgstr "помилка під час обробки відповіді за OCSP для «%s»: %s\n" msgstr "помилка під час обробки відповіді за OCSP для «%s»: %s\n"
@ -8740,6 +8720,23 @@ msgstr ""
"Синтаксис: gpg-check-pattern [параметри] файл_шаблонів\n" "Синтаксис: gpg-check-pattern [параметри] файл_шаблонів\n"
"Перевірити пароль, вказаний у stdin, за допомогою файлааблонів\n" "Перевірити пароль, вказаний у stdin, за допомогою файлааблонів\n"
#~ msgid "using \"http\" instead of \"https\"\n"
#~ msgstr "використовуємо «http» замість «https»\n"
#~ msgid "error retrieving '%s': http status %u\n"
#~ msgstr "помилка отримання «%s»: стан http %u\n"
#~ msgid "npth_select failed: %s - waiting 1s\n"
#~ msgstr "помилка npth_select: %s — очікування у 1 с\n"
#~ msgid "error spawning ldap wrapper reaper thread: %s\n"
#~ msgstr ""
#~ "помилка під час спроби породження потоку обгортки отримання даних LDAP: "
#~ "%s\n"
#~ msgid "reading from ldap wrapper %d failed: %s\n"
#~ msgstr "спроба читання з обгортки LDAP %d зазнала невдачі: %s\n"
#~ msgid "What keysize do you want for the Signature key? (%u) " #~ msgid "What keysize do you want for the Signature key? (%u) "
#~ msgstr "Якому розміру ключа підписування ви надаєте перевагу? (%u) " #~ msgstr "Якому розміру ключа підписування ви надаєте перевагу? (%u) "

57
po/zh_CN.po
View File

@ -7662,34 +7662,18 @@ msgstr "无法读出公钥:%s\n"
msgid "reader to file mapping table full - waiting\n" msgid "reader to file mapping table full - waiting\n"
msgstr "" msgstr ""
msgid "using \"http\" instead of \"https\"\n"
msgstr ""
#, c-format #, c-format
msgid "CRL access not possible due to disabled %s\n" msgid "CRL access not possible due to disabled %s\n"
msgstr "" msgstr ""
#, fuzzy, c-format
#| msgid "%s: error writing dir record: %s\n"
msgid "error initializing reader object: %s\n"
msgstr "%s写入目录记录时出错%s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
#| msgid "too many cipher preferences\n"
msgid "too many redirections\n"
msgstr "太多对称加密算法首选项\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error retrieving '%s': %s\n" msgid "error retrieving '%s': %s\n"
msgstr "建立‘%s时发生错误%s\n" msgstr "建立‘%s时发生错误%s\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error retrieving '%s': http status %u\n" #| msgid "%s: error writing dir record: %s\n"
msgstr "读取‘%s时出错%s\n" msgid "error initializing reader object: %s\n"
msgstr "%s写入目录记录时出错%s\n"
#, fuzzy #, fuzzy
msgid "CRL access not possible due to Tor mode\n" msgid "CRL access not possible due to Tor mode\n"
@ -8147,10 +8131,6 @@ msgstr "写入钥匙环‘%s时出错 %s\n"
msgid "error reading log from ldap wrapper %d: %s\n" msgid "error reading log from ldap wrapper %d: %s\n"
msgstr "读取‘%s时出错%s\n" msgstr "读取‘%s时出错%s\n"
#, fuzzy, c-format
msgid "npth_select failed: %s - waiting 1s\n"
msgstr "更新私钥失败:%s\n"
#, c-format #, c-format
msgid "ldap wrapper %d ready" msgid "ldap wrapper %d ready"
msgstr "" msgstr ""
@ -8171,15 +8151,6 @@ msgstr "更新失败:%s\n"
msgid "ldap wrapper %d stalled - killing\n" msgid "ldap wrapper %d stalled - killing\n"
msgstr "" msgstr ""
#, c-format
msgid "error spawning ldap wrapper reaper thread: %s\n"
msgstr ""
#, fuzzy, c-format
#| msgid "reading public key failed: %s\n"
msgid "reading from ldap wrapper %d failed: %s\n"
msgstr "无法读出公钥:%s\n"
#, c-format #, c-format
msgid "invalid char 0x%02x in host name - not added\n" msgid "invalid char 0x%02x in host name - not added\n"
msgstr "" msgstr ""
@ -8249,6 +8220,15 @@ msgstr "写入钥匙环‘%s时出错 %s\n"
msgid "error reading HTTP response for '%s': %s\n" msgid "error reading HTTP response for '%s': %s\n"
msgstr "读取‘%s时出错%s\n" msgstr "读取‘%s时出错%s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr ""
#, fuzzy
#| msgid "too many cipher preferences\n"
msgid "too many redirections\n"
msgstr "太多对称加密算法首选项\n"
#, fuzzy, c-format #, fuzzy, c-format
msgid "error parsing OCSP response for '%s': %s\n" msgid "error parsing OCSP response for '%s': %s\n"
msgstr "在‘%s中寻找信任度记录时出错%s\n" msgstr "在‘%s中寻找信任度记录时出错%s\n"
@ -8868,6 +8848,19 @@ msgid ""
"Check a passphrase given on stdin against the patternfile\n" "Check a passphrase given on stdin against the patternfile\n"
msgstr "" msgstr ""
#, fuzzy
#~ msgid "error retrieving '%s': http status %u\n"
#~ msgstr "读取‘%s时出错%s\n"
#, fuzzy
#~ msgid "npth_select failed: %s - waiting 1s\n"
#~ msgstr "更新私钥失败:%s\n"
#, fuzzy
#~| msgid "reading public key failed: %s\n"
#~ msgid "reading from ldap wrapper %d failed: %s\n"
#~ msgstr "无法读出公钥:%s\n"
#, fuzzy #, fuzzy
#~ msgid "What keysize do you want for the Signature key? (%u) " #~ msgid "What keysize do you want for the Signature key? (%u) "
#~ msgstr "您想要用多大的密钥尺寸?(%u)" #~ msgstr "您想要用多大的密钥尺寸?(%u)"

52
po/zh_TW.po
View File

@ -7381,31 +7381,17 @@ msgstr "經由發行者的 crl_cache_insert 失敗: %s\n"
msgid "reader to file mapping table full - waiting\n" msgid "reader to file mapping table full - waiting\n"
msgstr "讀取程式至檔案映射表已滿 - 正在等待\n" msgstr "讀取程式至檔案映射表已滿 - 正在等待\n"
msgid "using \"http\" instead of \"https\"\n"
msgstr "正改以 \"http\" 代替 \"https\"\n"
#, c-format #, c-format
msgid "CRL access not possible due to disabled %s\n" msgid "CRL access not possible due to disabled %s\n"
msgstr "不可能存取 CRL 因已停用 %s\n" msgstr "不可能存取 CRL 因已停用 %s\n"
#, c-format
msgid "error initializing reader object: %s\n"
msgstr "啟始讀取程式物件時出錯: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr "網址 '%s' 重新轉向至 '%s' (%u)\n"
msgid "too many redirections\n"
msgstr "太多重新導向\n"
#, c-format #, c-format
msgid "error retrieving '%s': %s\n" msgid "error retrieving '%s': %s\n"
msgstr "取回 '%s' 時出錯: %s\n" msgstr "取回 '%s' 時出錯: %s\n"
#, c-format #, c-format
msgid "error retrieving '%s': http status %u\n" msgid "error initializing reader object: %s\n"
msgstr "取回 '%s' 時出錯: http 狀態 %u\n" msgstr "啟始讀取程式物件時出錯: %s\n"
#, fuzzy #, fuzzy
#| msgid "CRL access not possible due to disabled %s\n" #| msgid "CRL access not possible due to disabled %s\n"
@ -7821,10 +7807,6 @@ msgstr "印出日誌記錄列時出錯: %s\n"
msgid "error reading log from ldap wrapper %d: %s\n" msgid "error reading log from ldap wrapper %d: %s\n"
msgstr "從 ldap 封裝程式 %d 讀取日誌記錄時出錯: %s\n" msgstr "從 ldap 封裝程式 %d 讀取日誌記錄時出錯: %s\n"
#, c-format
msgid "npth_select failed: %s - waiting 1s\n"
msgstr "npth_select 失敗: %s - 等 1 秒鐘\n"
#, c-format #, c-format
msgid "ldap wrapper %d ready" msgid "ldap wrapper %d ready"
msgstr "ldap 封裝程式 %d 準備妥當" msgstr "ldap 封裝程式 %d 準備妥當"
@ -7845,14 +7827,6 @@ msgstr "等候 ldap 封裝程式 %d 時失敗: %s\n"
msgid "ldap wrapper %d stalled - killing\n" msgid "ldap wrapper %d stalled - killing\n"
msgstr "ldap 封裝程式 %d 已卡住 - 正在中止\n" msgstr "ldap 封裝程式 %d 已卡住 - 正在中止\n"
#, c-format
msgid "error spawning ldap wrapper reaper thread: %s\n"
msgstr "繁衍 ldap 封裝程式收割執行緒時出錯: %s\n"
#, c-format
msgid "reading from ldap wrapper %d failed: %s\n"
msgstr "從 ldap 封裝程式 %d 讀取時失敗: %s\n"
#, c-format #, c-format
msgid "invalid char 0x%02x in host name - not added\n" msgid "invalid char 0x%02x in host name - not added\n"
msgstr "主機名稱中有無效的字符 0x%02x - 不予加入\n" msgstr "主機名稱中有無效的字符 0x%02x - 不予加入\n"
@ -7918,6 +7892,13 @@ msgstr "連線至 '%s' 時出錯: %s\n"
msgid "error reading HTTP response for '%s': %s\n" msgid "error reading HTTP response for '%s': %s\n"
msgstr "讀取 '%s' HTTP 回應時出錯: %s\n" msgstr "讀取 '%s' HTTP 回應時出錯: %s\n"
#, c-format
msgid "URL '%s' redirected to '%s' (%u)\n"
msgstr "網址 '%s' 重新轉向至 '%s' (%u)\n"
msgid "too many redirections\n"
msgstr "太多重新導向\n"
#, c-format #, c-format
msgid "error parsing OCSP response for '%s': %s\n" msgid "error parsing OCSP response for '%s': %s\n"
msgstr "剖析 '%s' OCSP 回應時出錯: %s\n" msgstr "剖析 '%s' OCSP 回應時出錯: %s\n"
@ -8524,6 +8505,21 @@ msgstr ""
"語法: gpg-check-pattern [選項] 樣式檔案\n" "語法: gpg-check-pattern [選項] 樣式檔案\n"
"用樣式檔案來檢查由標準輸入給定的密語\n" "用樣式檔案來檢查由標準輸入給定的密語\n"
#~ msgid "using \"http\" instead of \"https\"\n"
#~ msgstr "正改以 \"http\" 代替 \"https\"\n"
#~ msgid "error retrieving '%s': http status %u\n"
#~ msgstr "取回 '%s' 時出錯: http 狀態 %u\n"
#~ msgid "npth_select failed: %s - waiting 1s\n"
#~ msgstr "npth_select 失敗: %s - 等 1 秒鐘\n"
#~ msgid "error spawning ldap wrapper reaper thread: %s\n"
#~ msgstr "繁衍 ldap 封裝程式收割執行緒時出錯: %s\n"
#~ msgid "reading from ldap wrapper %d failed: %s\n"
#~ msgstr "從 ldap 封裝程式 %d 讀取時失敗: %s\n"
#~ msgid "What keysize do you want for the Signature key? (%u) " #~ msgid "What keysize do you want for the Signature key? (%u) "
#~ msgstr "你的簽署金鑰想要用多大的金鑰尺寸? (%u) " #~ msgstr "你的簽署金鑰想要用多大的金鑰尺寸? (%u) "

41
sm/call-dirmngr.c
View File

@ -491,8 +491,8 @@ isvalid_status_cb (void *opaque, const char *line)
Values for USE_OCSP: Values for USE_OCSP:
0 = Do CRL check. 0 = Do CRL check.
1 = Do an OCSP check. 1 = Do an OCSP check but fallback to CRL unless CRLS are disabled.
2 = Do an OCSP check using only the default responder. 2 = Do only an OCSP check using only the default responder.
*/ */
int int
gpgsm_dirmngr_isvalid (ctrl_t ctrl, gpgsm_dirmngr_isvalid (ctrl_t ctrl,
@ -500,7 +500,7 @@ gpgsm_dirmngr_isvalid (ctrl_t ctrl,
{ {
static int did_options; static int did_options;
int rc; int rc;
char *certid; char *certid, *certfpr;
char line[ASSUAN_LINELENGTH]; char line[ASSUAN_LINELENGTH];
struct inq_certificate_parm_s parm; struct inq_certificate_parm_s parm;
struct isvalid_status_parm_s stparm; struct isvalid_status_parm_s stparm;
@ -509,19 +509,13 @@ gpgsm_dirmngr_isvalid (ctrl_t ctrl,
if (rc) if (rc)
return rc; return rc;
if (use_ocsp) certfpr = gpgsm_get_fingerprint_hexstring (cert, GCRY_MD_SHA1);
certid = gpgsm_get_certid (cert);
if (!certid)
{ {
certid = gpgsm_get_fingerprint_hexstring (cert, GCRY_MD_SHA1); log_error ("error getting the certificate ID\n");
} release_dirmngr (ctrl);
else return gpg_error (GPG_ERR_GENERAL);
{
certid = gpgsm_get_certid (cert);
if (!certid)
{
log_error ("error getting the certificate ID\n");
release_dirmngr (ctrl);
return gpg_error (GPG_ERR_GENERAL);
}
} }
if (opt.verbose > 1) if (opt.verbose > 1)
@ -541,13 +535,8 @@ gpgsm_dirmngr_isvalid (ctrl_t ctrl,
stparm.seen = 0; stparm.seen = 0;
memset (stparm.fpr, 0, 20); memset (stparm.fpr, 0, 20);
/* FIXME: If --disable-crl-checks has been set, we should pass an
option to dirmngr, so that no fallback CRL check is done after an
ocsp check. It is not a problem right now as dirmngr does not
fallback to CRL checking. */
/* It is sufficient to send the options only once because we have /* It is sufficient to send the options only once because we have
one connection per process only. */ * one connection per process only. */
if (!did_options) if (!did_options)
{ {
if (opt.force_crl_refresh) if (opt.force_crl_refresh)
@ -555,10 +544,14 @@ gpgsm_dirmngr_isvalid (ctrl_t ctrl,
NULL, NULL, NULL, NULL, NULL, NULL); NULL, NULL, NULL, NULL, NULL, NULL);
did_options = 1; did_options = 1;
} }
snprintf (line, DIM(line), "ISVALID%s %s", snprintf (line, DIM(line), "ISVALID%s%s %s%s%s",
use_ocsp == 2? " --only-ocsp --force-default-responder":"", use_ocsp == 2 || opt.no_crl_check ? " --only-ocsp":"",
certid); use_ocsp == 2? " --force-default-responder":"",
certid,
use_ocsp? " ":"",
use_ocsp? certfpr:"");
xfree (certid); xfree (certid);
xfree (certfpr);
rc = assuan_transact (dirmngr_ctx, line, NULL, NULL, rc = assuan_transact (dirmngr_ctx, line, NULL, NULL,
inq_certificate, &parm, inq_certificate, &parm,