See ChangeLog: Fri Jul 23 13:53:03 CEST 1999 Werner Koch

AUTHORS

@@ -48,7 +48,7 @@ Fixed a lot of typos.
 
 TRANSLATIONS	Walter Koch	1998-09-08
 Disclaimer.  [de]
-walterk@dip.de
+koch@hsp.de
 
 
 TRANSLATIONS	Gregory Steuck	1998-10-20

BUGS

@@ -29,14 +29,6 @@ and after about half a day in the rsync snapshots.
     The for loop the exp.date is set before v3 detection?
     [is this bug still alive? - can someone please check it]
 
-[  *] #5
-    /home/jam/.gnupg/pubring.gpg: can't open gdbm file: Can't be writer
-    keyblock resource `/home/jam/.gnupg/pubring.gpg': file open error
-    OOPS in close enum_keyblocks - ignored
-    [gdbm is experimental and will be replaced by the new keybox code]
-    FIX: 1999-07-22 (Fixed the second error, there will be no fix for
-    the first one, becuase GDBM is to be replaced)
-
 [ **] #6 1999-02-22 <backes@rhrk.uni-kl.de> 0.9.3
     Buserror on IRIX 6.4: Crash while doing a keygen. I think while creating
     the prime.	Other buserrors are reported when doing a "gpg README"
@@ -48,11 +40,6 @@ and after about half a day in the rsync snapshots.
     rndunix hangs on hp/ux.  The problem is related to my_plcose which is
     not always called.	(I suggest to use EGD instead of rndunix.)
 
-[ **] #19 1999-06-11
-    "trustdb transaction too large" with about 500 signatures on a key
-    FAEBD5FC.
-    FIX: 1999-07-12  (less memory requirement and increased the limit)
-
 [  *] #22 1999-07-22
     Solaris make has problems with the generated POTFILES - seems to be a
     gettext bug.  Use GNU gmake as a workaround.

ChangeLog

@@ -1,3 +1,10 @@
+Fri Jul 23 13:53:03 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+
+	* VERSION: Set to 0.9.9.
+
+	* configure.in: Print a notice when rndunix is used.
+
 Thu Jul 15 10:15:35 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
 
 	* acinclude.m4 (GNUPG_SYS_SYMBOL_UNDERSCORE): Fixed last modification.

NEWS

@@ -1,3 +1,5 @@
+Noteworthy changes in version 0.9.9
+-----------------------------------
 
     * New options --[no-]utf8-strings.
 

OBUGS

@@ -19,6 +19,14 @@
     gpg:[stdin]: key A6A59DB9: secret key not found: public key not found
     FIX: 1999-02-22 wk
 
+[  *] #5
+    /home/jam/.gnupg/pubring.gpg: can't open gdbm file: Can't be writer
+    keyblock resource `/home/jam/.gnupg/pubring.gpg': file open error
+    OOPS in close enum_keyblocks - ignored
+    [gdbm is experimental and will be replaced by the new keybox code]
+    FIX: 1999-07-22 (Fixed the second error, there will be no fix for
+    the first one, becuase GDBM is to be replaced)
+
 [  *] #7 1999-02-22 <dwpalmer@dwpalm.jf.intel.com> 0.9.3
     Conventional encrytion incompatibilty:
      $ gpg -c --cipher-algo cast5 --compress-algo 1 --no-comment secrets.txt
@@ -77,6 +85,11 @@
     Import does not detect identical user IDs.
     FIX: 1999-05-22
 
+[ **] #19 1999-06-11
+    "trustdb transaction too large" with about 500 signatures on a key
+    FAEBD5FC.
+    FIX: 1999-07-12  (less memory requirement and increased the limit)
+
 [ **] #20 1999-06-16 <jashley@yorktown.designlab.ukans.edu>  0.9.7
     Using "addkey" in the edit menu with more than 1 subkey leads to
     "out of secure memory" in some cases.

README

@@ -1,6 +1,8 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+
 		    GnuPG - The GNU Privacy Guard
 		   -------------------------------
-			   Version 0.9.8
+			   Version 0.9.9
 
     GnuPG is now in Beta test and you should report all bugs to the
     mailing list (see below).  The 0.9.x versions are released mainly
@@ -445,3 +447,12 @@
 
     Have fun and remember: Echelon is looking at you kid.
 
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v0.9.8a (GNU/Linux)
+Comment: For info see http://www.gnupg.org
+
+iQB1AwUBN5g4Lx0Z9MEMmFelAQE+RwL/Ws+kNklTHJnABT8YU8BqN8x310DyUm+e
+ViS23npv3S/kRnHbCOOQo4cEjUYZFFrJXzQgodBvKbLVzMgdj4XQvkulTSBYK6pm
+B7GeQptWRCNJ7m+Hw0Z4gwJ7giQTdfF8
+=pJ7c
+-----END PGP SIGNATURE-----

THANKS

@@ -92,7 +92,7 @@ Tomas Fasth		tomas.fasth@twinspot.net
 Thomas Mikkelsen	tbm@image.dk
 Ulf Möller		3umoelle@informatik.uni-hamburg.de
 Urko Lusa		ulusa@lacueva.ddns.org
-Walter Koch		walterk@dip.de
+Walter Koch		koch@hsp.de
 Werner Koch		werner.koch@guug.de
 Wim Vandeputte		bunbun@reptile.rug.ac.be
 			nbecker@hns.com

TODO

@@ -1,7 +1,4 @@
 
-  * Check that uids without a self signature don't become fully trusted and
-    print a warning when such a key is used.
-
 
 Scheduled for 1.1
 -----------------
@@ -43,4 +40,12 @@ Nice to have
     verification status of the message to the output (i.e. write something to
     the --output file and not only to stderr.
   * configure option where to find zlib
+  * Check the beginning of file to detect already compresssed files (gzip,
+    bzip2, xdelta and some picture formats)
+  * Display more validity information about the user IDs at certain places.
+    We need a more general function to extract such kind of info from the
+    trustdb.
+  * Evaluate whether it make sense to replace the namehashs either by
+    using the user ID directly or by using pointers into the trustdb.
+
 

VERSION

@@ -1 +1 @@
-0.9.8b
+0.9.9

cipher/cipher.c

@@ -260,7 +260,7 @@ disable_cipher_algo( int algo )
 	}
     }
     /* fixme: we should use a linked list */
-    log_fatal("can't disable cipher algo %d: table full\n");
+    log_fatal("can't disable cipher algo %d: table full\n", algo );
 }
 
 /****************
@@ -396,7 +396,7 @@ cipher_setiv( CIPHER_HANDLE c, const byte *iv, unsigned ivlen )
     if( iv ) {
 	if( ivlen != c->blocksize )
 	    log_info("WARNING: cipher_setiv: ivlen=%u blklen=%u\n",
-					     ivlen, c->blocksize );
+					     ivlen, (unsigned)c->blocksize );
 	if( ivlen > c->blocksize )
 	    ivlen = c->blocksize;
 	memcpy( c->iv, iv, ivlen );

cipher/pubkey.c

@@ -278,7 +278,7 @@ disable_pubkey_algo( int algo )
 	    return;
 	}
     }
-    log_fatal("can't disable pubkey algo %d: table full\n");
+    log_fatal("can't disable pubkey algo %d: table full\n", algo );
 }
 
 

configure.in

@@ -50,6 +50,8 @@ case "$use_static_rnd" in
       ;;
 esac
 
+
+
 dnl
 dnl See whether the user wants to disable checking for /dev/random
 
@@ -116,8 +118,11 @@ if test x$compile_libgcrypt = xyes ; then
     else
         compile_libgcrypt=no
         AC_MSG_WARN([[
+***
 *** LIBGCRYPT is not yet ready for public testing.
-*** Maybe you have more luck with the next release of GnuPG]])
+*** Maybe you have more luck with the next release of GnuPG
+*** Watch the gnupg-announce mailing list or the webpage.
+***]])
     fi
 fi
 AM_CONDITIONAL(COMPILE_LIBGCRYPT, test x$compile_libgcrypt = xyes)
@@ -400,13 +405,15 @@ if test "$ac_cv_header_sys_capability_h" = "yes" ; then
 fi
 if test "$use_capabilities" = "no" ; then
     AC_MSG_WARN([[
+***
 *** The use of capabilities on this system is not possible.
 *** You need a recent Linux kernel and some patches:
 ***   fcaps-2.2.9-990610.patch      (kernel patch for 2.2.9)
 ***   fcap-module-990613.tar.gz     (kernel module)
 ***   libcap-1.92.tar.gz            (user mode library and utilities)
 *** And you have to configure the kernel with CONFIG_VFS_CAP_PLUGIN
-*** set (filesystems menu). Be warned: This code is *really* ALPHA.]])
+*** set (filesystems menu). Be warned: This code is *really* ALPHA.
+***]])
 fi
 fi
 
@@ -455,6 +462,7 @@ dnl
 dnl Figure out the default linkage mode for cipher modules
 dnl
 dnl (We always need a static rmd160)
+print_egd_notice=no
 static_modules="$static_modules rmd160"
 if test "$use_static_rnd" = default; then
   if test "$ac_cv_have_dev_random" = yes; then
@@ -472,6 +480,7 @@ if test "$use_static_rnd" = default; then
               ;;
           *)
               static_modules="$static_modules rndunix"
+              print_egd_notice=yes
              ;;
       esac
   fi
@@ -480,7 +489,32 @@ else
     :
   else
     static_modules="$static_modules rnd$use_static_rnd"
+    if test "$use_static_rnd" = "unix"; then
+        print_egd_notice=yes
     fi
+  fi
+fi
+
+
+if test "$print_egd_notice" = "yes"; then
+    AC_MSG_WARN([[
+***
+*** The performance of the UNIX random gatherer module is not very good
+*** and it does not keep the entropy pool over multiple invocations of
+*** GnuPG.  The suggested way to overcome this problem is to use the
+***
+***               Entropy Gathering Daemon (EGD)
+***
+*** which provides a entropy source for the whole system.  It is written
+*** in Perl and available at the GnuPG FTP servers.  For more information
+*** consult the GnuPG webpages:
+***
+***           http://www.gnupg.org/donwload.html#egd
+***
+*** You may want to run ./configure with --enable-static-rnd=none to be
+*** able to load the EGD client code dynamically; this way you can choose
+*** between RNDUNIX and RNDEGD without recompilation.
+***]])
 fi
 
 dnl

g10/ChangeLog

@@ -1,3 +1,23 @@
+Fri Jul 23 13:53:03 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+
+	* ringedit.c (enum_keyblocks): Removed annoying error message in cases
+	when we have no keyring at all to enum.
+
+	* getkey.c (classify_user_id): Rewrote to relax the recognition of
+	keyIDs and fingerprints (Michael).
+
+	* mainproc.c (check_sig_and_print): Print status NO_PUBKEY.
+	(print_failed_pkenc): Print status NO_SECKEY.
+
+	* import.c (mark_non_selfsigned_uids_valid): New.
+	* g10.c: New option --allow-non-selfsigned-uid.
+
+	* pkclist.c (print_fpr): New.
+	(do_we_trust_pre): Print the fpr before asking whether to use the key
+	anyway.
+	(do_edit_ownertrust): Likewise.
+
 Thu Jul 22 20:03:03 CEST 1999  Werner Koch  <wk@isil.d.shuttle.de>
 
 

g10/keyedit.c

@@ -655,7 +655,7 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
     toggle = 0;
     cur_keyblock = keyblock;
     for(;;) { /* main loop */
-	int i, arg_number=0;
+	int i, arg_number;
 	char *p;
 
 	tty_printf("\n");

g10/pkclist.c

@@ -39,6 +39,36 @@
 
 #define CONTROL_D ('D' - 'A' + 1)
 
+/* fixme: we have nearly the same code in keyedit.c */
+static void
+print_fpr( PKT_public_key *pk )
+{
+    byte array[MAX_FINGERPRINT_LEN], *p;
+    size_t i, n;
+
+    fingerprint_from_pk( pk, array, &n );
+    p = array;
+    /* Translators: this shoud fit into 24 bytes to that the fingerprint
+     * data is properly aligned with the user ID */
+    tty_printf(_("             Fingerprint:"));
+    if( n == 20 ) {
+	for(i=0; i < n ; i++, i++, p += 2 ) {
+	    if( i == 10 )
+		tty_printf(" ");
+	    tty_printf(" %02X%02X", *p, p[1] );
+	}
+    }
+    else {
+	for(i=0; i < n ; i++, p++ ) {
+	    if( i && !(i%8) )
+		tty_printf(" ");
+	    tty_printf(" %02X", *p );
+	}
+    }
+    tty_printf("\n");
+}
+
+
 
 static void
 show_paths( ulong lid, int only_first )
@@ -148,7 +178,9 @@ do_edit_ownertrust( ulong lid, int mode, unsigned *new_trust, int defer_help )
 		p = get_user_id( keyid, &n );
 		tty_print_string( p, n ),
 		m_free(p);
-		tty_printf("\"\n\n");
+		tty_printf("\"\n");
+		print_fpr( pk );
+		tty_printf("\n");
 	    }
 	    tty_printf(_(
 "Please decide how far you trust this user to correctly\n"
@@ -375,6 +407,7 @@ do_we_trust( PKT_public_key *pk, int trustlevel )
 }
 
 
+
 /****************
  * wrapper around do_we_trust, so we can ask whether to use the
  * key anyway.
@@ -402,7 +435,9 @@ do_we_trust_pre( PKT_public_key *pk, int trustlevel )
 	p = get_user_id( keyid, &n );
 	tty_print_string( p, n ),
 	m_free(p);
-	tty_printf("\"\n\n");
+	tty_printf("\"\n");
+	print_fpr( pk );
+	tty_printf("\n");
 
 	tty_printf(_(
 "It is NOT certain that the key belongs to its owner.\n"