security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

backup

This commit is contained in:
Werner Koch 1998-10-12 20:16:38 +00:00
parent 786a2870df
commit 8477407e79
48 changed files with 1965 additions and 1215 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ChangeLog
View File

@ -1,3 +1,9 @@
Thu Oct 8 10:55:15 1998 Werner Koch (wk@isil.d.shuttle.de)
* Makefile.am (g10defs.h): creates include file
* acconfig.h: now includes g10defs.h
* configure.in: Removed G10_LOCALEDIR and GNUPG_LIB
Thu Sep 17 18:49:40 1998 Werner Koch (wk@(none))
* Makefile.am (dist-hook): Now creates RPM file.

2
INSTALL
View File

@ -63,7 +63,7 @@ The Linux files should look like this:
cr--r--r-- 1 root sys 1, 9 Feb 16 08:23 /dev/urandom
You can create them with:
mknod /dev/random c 1 8
mknod /dev/random c 1 8
mknod /dev/urandom c 1 9
The FreeBSD files [from the 970202 snapshot]:
crw-r--r-- 1 root wheel 2, 3 Feb 25 16:54 /dev/random

16
Makefile.am
View File

@ -3,6 +3,22 @@
SUBDIRS = intl po zlib util mpi cipher tools g10 doc checks
EXTRA_DIST = VERSION PROJECTS
all-am: g10defs.h
all-recursive-am: g10defs.h
g10defs.h : config.h
@( set -e; \
echo "/* Generated automatically by Makefile */" ; \
echo "#ifdef __MINGW32__"; \
echo "#define G10_LOCALEDIR \"c:/lib/gnupg/locale\""; \
echo "#define GNUPG_LIBDIR \"c:/lib/gnupg\""; \
echo "#else";\
echo "#define G10_LOCALEDIR \"$(prefix)/$(DATADIRNAME)/locale\""; \
echo "#define GNUPG_LIBDIR \"$(libdir)/gnupg\""; \
echo "#endif";\
) >g10defs.h
dist-hook:
@set -e; \

5
NEWS
View File

@ -1,3 +1,8 @@
Noteworthy changes in version 0.4.2
-----------------------------------
* Fixed this huge memory leak.
Noteworthy changes in version 0.4.1
-----------------------------------
* A secondary key is used when the primary key is specified but cannot

18
README
View File

@ -1,5 +1,3 @@
-----BEGIN PGP SIGNED MESSAGE-----
GNUPG - The GNU Privacy Guard
-------------------------------
Version 0.4
@ -332,12 +330,12 @@
post them to the mailing list <g10@net.lut.ac.uk> (this is a closed list,
please subscribe before posting, see above (~line 33)).
-----BEGIN PGP SIGNATURE-----
Version: GNUPG v0.4.0a (GNU/Linux)
Comment: For info finger gcrypt@ftp.guug.de
iQB1AwUBNhtSpB0Z9MEMmFelAQHWNQMAuPaj71rzjjtVNlYDV0MYljPFZqAK7tvmbH3i9Lti
UuvGPCpx1/ej7jwZ2LSQ61O8c/xRwV07chHa5MGmSGT4KZg5g5MejUOliMQJIJwjY5PoZAVb
6F7+hZf5Bt5Jl2J7
=6Mbb
-----END PGP SIGNATURE-----
Supported targets:
------------------
powerpc-unknown-linux-gnu (linuxppc)
hppa1.1-hp-hpux10.20

2
THANKS
View File

@ -28,6 +28,7 @@ John A. Martin jam@jamux.com
Jörg Schilling schilling@fokus.gmd.de
Karl Fogel kfogel@guanabana.onshore.com
Karsten Thygesen karthy@kom.auc.dk
Kazu Yamamoto kazu@iijlab.net
Lars Kellogg-Stedman lars@bu.edu
Marco d'Itri md@linux.it
Mark Adler madler@alumni.caltech.edu
@ -46,6 +47,7 @@ QingLong qinglong@bolizm.ihep.su
Ralph Gillen gillen@theochem.uni-duesseldorf.de
Roland Rosenfeld roland@spinnaker.rhein.de
Serge Munhoven munhoven@mema.ucl.ac.be
SL Baur steve@xemacs.org
Steffen Ullrich ccrlphr@xensei.com
Steffen Zahn zahn@berlin.snafu.de
Thomas Roessler roessler@guug.de

12
TODO
View File

@ -1,4 +1,16 @@
* calculation of marginals never yields a completely trusted key.
* list-keys: change valid-days to key expiration date
* disable comments but those in secret keyrings.
* abgelaufene secret keys verhinder ein korrektes initialisieren der
Trustdb.
* import should skip all ascii armored messages headers which are
not keys (some folks are mailing signed public keyblocks :-)
* The critical bit of signature subpackets is not yet supported; i.e.
it is ignored.

2
VERSION
View File

@ -1 +1 @@
0.4.1
0.4.1a

4
acconfig.h
View File

@ -31,9 +31,7 @@
#undef M_GUARD
#undef VERSION
#undef PACKAGE
#undef G10_LOCALEDIR
#undef PRINTABLE_OS_NAME
#undef GNUPG_LIBDIR
/* Define if your locale.h file contains LC_MESSAGES. */
#undef HAVE_LC_MESSAGES
@ -85,4 +83,6 @@
@BOTTOM@
#include "g10defs.h"
#endif /*G10_CONFIG_H*/

1
checks/run-gpg.patterns
View File

@ -4,3 +4,4 @@ gpg: note: cipher algorithm 3 not found in preferences
gpg: note: cipher algorithm 4 not found in preferences
gpg: note: secret key 2E5FA4F4 is NOT protected.
gpg: note: secret key 439F02CA is NOT protected.
gpg: warning: using insecure random number generator

4
cipher/ChangeLog
View File

@ -1,3 +1,7 @@
1998-10-10 SL Baur <steve@altair.xemacs.org>
* Makefile.am: fix sed -O substitutions to catch -O6, etc.
Tue Oct 6 10:06:32 1998 Werner Koch (wk@isil.d.shuttle.de)
* rand-unix.c (HAVE_GETTIMEOFDAY): Fixed (was ..GETTIMEOFTIME :-)

4
cipher/Makefile.am
View File

@ -49,11 +49,11 @@ EXTRA_twofish_SOURCES = twofish.c
tiger: $(srcdir)/tiger.c
`echo $(COMPILE) -shared -fPIC -lc -o tiger $(srcdir)/tiger.c | \
sed -e 's/-O2/-O1/' `
sed -e 's/-O[2-9]*/-O1/' `
twofish: $(srcdir)/twofish.c
`echo $(COMPILE) -shared -fPIC -lc -o twofish $(srcdir)/twofish.c | \
sed -e 's/-O2/ /' `
sed -e 's/-O[0-9]*/ /' `
install-exec-hook:

1
cipher/dsa.c
View File

@ -293,6 +293,7 @@ verify(MPI r, MPI s, MPI hash, DSA_public_key *pkey )
/* u2 = r * w mod q */
mpi_mulm( u2, r, w, pkey->q );
/* v = g^u1 * y^u2 mod p mod q */
base[0] = pkey->g; exp[0] = u1;
base[1] = pkey->y; exp[1] = u2;

2
cipher/md.c
View File

@ -495,7 +495,7 @@ md_stop_debug( MD_HANDLE md )
#ifdef HAVE_U64_TYPEDEF
{ /* a kludge to pull in the __muldi3 for Solaris */
volatile u32 a = (u32)(ulong)md;
volatile u32 b = 42;
volatile u64 b = 42;
volatile u64 c;
c = a * b;
}

25
configure.in
View File

@ -8,17 +8,6 @@ AC_CONFIG_AUX_DIR(scripts)
AM_CONFIG_HEADER(config.h)
if test "x$exec_prefix" = xNONE ; then
if test "x$prefix" = xNONE ; then
g10_prefix="$ac_default_prefix"
else
g10_prefix="$prefix"
fi
else
g10_prefix="$exec_prefix"
fi
VERSION=`cat $srcdir/VERSION`
PACKAGE=gnupg
ALL_LINGUAS="en de it fr"
@ -84,6 +73,8 @@ AC_PROG_CPP
AC_ISC_POSIX
AC_PROG_RANLIB
AC_PROG_INSTALL
AM_CYGWIN32
case "${target}" in
i386--mingw32)
@ -94,14 +85,11 @@ case "${target}" in
RANLIB="i386--mingw32-ranlib"
ac_cv_have_dev_random=no
AC_DEFINE(USE_RAND_W32)
GNUPG_LIBDIR="c:/lib/gnupg"
;;
*)
AC_DEFINE(USE_RAND_UNIX)
GNUPG_LIBDIR="$g10_prefix/lib/gnupg"
;;
esac
AC_DEFINE_UNQUOTED(GNUPG_LIBDIR, "$GNUPG_LIBDIR")
case "${target}" in
i386--mingw32)
@ -254,10 +242,7 @@ fi
AC_SUBST(ZLIBS)
G10_LOCALEDIR="$g10_prefix/$DATADIRNAME/locale"
AC_SUBST(G10_LOCALEDIR)
AC_DEFINE_UNQUOTED(G10_LOCALEDIR, "$G10_LOCALEDIR")
dnl WK_LINK_FILES($nls_cv_header_libgt, $nls_cv_header_intl )
WK_LINK_FILES($nls_cv_header_libgt, $nls_cv_header_intl )
WK_DO_LINK_FILES
@ -275,5 +260,7 @@ doc/Makefile
tools/Makefile
zlib/Makefile
checks/Makefile
],[echo timestamp >stamp-h; sed -e "/POTFILES =/r po/POTFILES" po/Makefile.in > po/Makefile])
],[echo timestamp >stamp-h; \
sed -e "/POTFILES =/r po/POTFILES" po/Makefile.in > po/Makefile
])

119
doc/DETAILS
View File

@ -1,16 +1,44 @@
Format of "---with-colons" listings
===================================
sec::1024:17:6C7EE1B8621CC013:1998-07-07:0:::Werner Koch <werner.koch@guug.de>:
ssb::1536:20:5CE086B5B5A18FF4:1998-07-07:0:::
1. Field: Type of record
pub = public key
sub = subkey (secondary key)
sec = secret key
ssb = secret subkey (secondary key)
uid = user id (only field 10 is used).
fpr = fingerprint: (fingerprint is in field 10)
2. Field: A letter describing the calculated trust, see doc/FAQ
(not used for secret keys)
3. Field: length of key in bits.
4. Field: Algorithm: 1 = RSA
16 = ElGamal (encrypt only)
17 = DSA (sometimes called DH, sign only)
20 = ElGamal (sign and encrypt)
5. Field: KeyID
6. Field: Creation Date (in UTC)
7. Field: key expieres n days after creation.
(I will change this to a key exiration date)
8. Field: Local ID: record number of the dir record in the trustdb
this value is only valid as long as the trustdb is not
deleted. May be later used to lookup the key: You will be
able to use "#<local-id> as the user id. This is needed
because keyids may not be unique - a program may use this
number to access keys later.
9. Field: Ownertrust (primary public keys only)
10. Field: User-ID. The value is quoted like a C string to avoid
control characters (the colon is quoted "\x3a").
More fields may be added later.
* For packet version 3 we calculate the keyids this way:
RSA := low 64 bits of n
ELGAMAL := build a v3 pubkey packet (with CTB 0x99) and calculate
a rmd160 hash value from it. This is used as the
fingerprint and the low 64 bits are the keyid.
* Revocation certificates consist only of the signature packet;
"import" knows how to handle this. The rationale behind it is
to keep them small.
Key generation
==============
Key generation shows progress by printing different characters to
stderr:
"." Last 10 Miller-Rabin tests failed
@ -38,7 +66,6 @@
Layout of the TrustDB
=====================
The TrustDB is built from fixed length records, where the first byte
@ -66,7 +93,10 @@ Record type 1:
against the pubring)
1 u32 record number of keyhashtable
1 u32 first free record
8 bytes reserved
1 u32 record number of shadow directory hash table
It does not make sense to combine this table with the key table
becuase the keyid is not in every case a part of the fingerprint.
4 bytes reserved for version extension record
Record type 2: (directory record)
@ -131,17 +161,46 @@ Record type 5: (pref record)
Record type 6 (sigrec)
-------------
Used to keep track of valid key signatures. Self-signatures are not
stored.
Used to keep track of key signatures. Self-signatures are not
stored. If a public key is not in the DB, the signature points to
a shadow dir record, which in turn has a list of records which
might be interested in this key (and the signature record here
is one).
1 byte value 6
1 byte reserved
1 u32 LID points back to the dir record
1 u32 next next sigrec of this owner or 0 to indicate the
1 u32 next next sigrec of this uid or 0 to indicate the
last sigrec.
6 times
1 u32 Local_id of signators dir record
1 byte reserved
1 u32 Local_id of signators dir or shadow dir record
1 byte Flag: Bit 0 = checked: Bit 1 is valid (we have a real
directory record for this)
1 = valid is set (but my be revoked)
Record type 8: (shadow directory record)
--------------
This record is used to reserved a LID for a public key. We
need this to create the sig records of other keys, even if we
do not yet have the public key of the signature.
This record (the record number to be more precise) will be reused
as the dir record when we import the real public key.
1 byte value 8
1 byte reserved
1 u32 LID (This is simply the record number of this record.)
2 u32 keyid
1 byte pubkey algorithm
3 byte reserved
1 u32 hintlist A list of records which have references to
this key. This is used for fast access to
signature records which are not yet checked.
Note, that this is only a hint and the actual records
may not anymore hold signature records for that key
but that the code cares about this.
18 byte reserved
@ -191,6 +250,9 @@ Record Type 10 (hash table)
big table. The hash value is simple the 1st, 2nd, ... byte of
the fingerprint (depending on the indirection level).
When used to hash shadow directory records, a different table is used
and indexed by the keyid.
1 byte value 10
1 byte reserved
n u32 recnum; n depends on the record length:
@ -214,6 +276,7 @@ Record Type 10 (hash table)
Record type 11 (hash list)
--------------
see hash table for an explanation.
This is also used for other purposes.
1 byte value 11
1 byte reserved
@ -223,7 +286,11 @@ Record type 11 (hash list)
For the current record length of 40, n is 7
Record type 254: (free record)
Record type 254 (free record)
---------------
All these records form a linked list of unused records.
1 byte value 254
1 byte reserved (0)
1 u32 next_free
@ -285,6 +352,20 @@ There is one enhancement used with the old style packet headers:
Other Notes
===========
* For packet version 3 we calculate the keyids this way:
RSA := low 64 bits of n
ELGAMAL := build a v3 pubkey packet (with CTB 0x99) and calculate
a rmd160 hash value from it. This is used as the
fingerprint and the low 64 bits are the keyid.
* Revocation certificates consist only of the signature packet;
"import" knows how to handle this. The rationale behind it is
to keep them small.

26
doc/FAQ
View File

@ -171,7 +171,7 @@
(ownertrust) to a key. I have plans to use a cache for calculated
trust values to speed up calcualtion.
You can see the calculated trust value using this command:
You can see the validity (calculated trust value) using this command:
gpgm --list-keys --with-colons
@ -187,8 +187,8 @@
is only used for keys for which
the secret key is also available.
You can get a list of the assigned ownertrust values (how far you trust
the owner to correctly sign another another ones key)
You can get a list of the assigned trust values (how far you trust
the owner to correctly sign another one's key)
gpgm --list-ownertrust
@ -259,5 +259,23 @@
gpg [--options] --sign --encrypt foo.txt
Q: What kind of output is this: "key C26EE891.298, uid 09FB: ...."?
A: This is the internal representaion of a user id in the trustdb.
"C26EE891" is the keyid, "298" is the local id (a record number
in the trustdb) and "09FB" are the last two bytes of a ripe-md-160
hash of the user id for this key.
Q: What is trust, validity and ownertrust?
A: "ownertrust" is used instead of "trust" to make clear that
this is the value you have assigned to key to express, how far you
trust the owner of this key to correctly sign (and so introduce)
other keys. "validity" or calculated trust is a value which
says, how far the gnupg thinks a key is valid (that it really belongs
to the one who claims to be the owner of the key).
For more see the chapter "The Web of Trust" in the
Manual [gpg: Oops: Internal error: manual not found - sorry]
[That's it for now.)]

8
doc/gpg.1pod
View File

@ -12,7 +12,7 @@ B<gpgm> [--homedir name] [--options file] [options] command [args]
B<gpg> is the main program for the GNUPG system. B<gpgm> is a maintenance
tool which has some commands B<gpgm> does not have; it is there because
it does not handle sensitive data ans therefore has no need to allocate
it does not handle sensitive data and therefore has no need to allocate
secure memory.
=head1 COMMANDS
@ -315,13 +315,13 @@ B<--marginals-needed> I<n>
B<--cipher-algo> I<name>
Use I<name> as cipher algorithm. Running the program
with the option B<--verbose> yields a list of supported
with the command B<--version> yields a list of supported
algorithms. If this is not used the cipher algorithm is
selected from the preferences stored with the key.
B<--digest-algo> I<name>
Use I<name> as message digest algorithm. Running the
program with the option B<--verbose> yields a list of
program with the command B<--version> yields a list of
supported algorithms. Please note that using this
option may violate the OpenPGP requirement, that a
160 bit hash is to be used for DSA.
@ -357,7 +357,7 @@ B<--compress-algo> I<number>
B<--digest-algo> I<name>
Use I<name> as message digest algorithm. Running the
program with the option B<--verbose> yields a list of
program with the command B<--version> yields a list of
supported algorithms.

12
g10/ChangeLog
View File

@ -1,3 +1,15 @@
Thu Oct 8 11:35:51 1998 Werner Koch (wk@isil.d.shuttle.de)
* armor.c (is_armored): Ad test on old comment packets.
* tdbio.c (tdbio_search_dir_bypk): fixed memory leak.
* getkey.c: Changed the caching algorithms.
Wed Oct 7 19:33:28 1998 Werner Koch (wk@isil.d.shuttle.de)
* kbnodes.c (unused_nodes): New.
Wed Oct 7 11:15:36 1998 Werner Koch (wk@isil.d.shuttle.de)
* keyedit.c (sign_uids): Fixed a problem with SK which could caused

1
g10/Makefile.am
View File

@ -86,3 +86,4 @@ g10maint.o: $(srcdir)/g10.c
$(PROGRAMS): $(needed_libs)

1
g10/armor.c
View File

@ -165,6 +165,7 @@ is_armored( byte *buf )
case PKT_PUBKEY_ENC:
case PKT_SIGNATURE:
case PKT_COMMENT:
case PKT_OLD_COMMENT:
case PKT_PLAINTEXT:
case PKT_COMPRESSED:
case PKT_ENCRYPTED:

6
g10/g10.c
View File

@ -41,6 +41,7 @@
#include "ttyio.h"
#include "i18n.h"
#include "status.h"
#include "g10defs.h"
#ifndef IS_G10MAINT
#define IS_G10 1
@ -503,8 +504,8 @@ main( int argc, char **argv )
log_set_name("gpg");
secure_random_alloc(); /* put random number into secure memory */
disable_core_dumps();
init_signals();
#endif
init_signals();
i18n_init();
opt.compress = -1; /* defaults to standard compress level */
/* fixme: set the next two to zero and decide where used */
@ -571,7 +572,6 @@ main( int argc, char **argv )
/* Okay, we are now working under our real uid */
#endif
if( default_config )
configname = make_filename(opt.homedir, "options", NULL );
@ -1232,6 +1232,8 @@ main( int argc, char **argv )
void
g10_exit( int rc )
{
if( opt.debug & DBG_MEMSTAT_VALUE )
m_print_stats("on exit");
if( opt.debug )
secmem_dump_stats();
secmem_term();

160
g10/getkey.c
View File

@ -33,27 +33,11 @@
#include "main.h"
#include "i18n.h"
#define MAX_PK_CACHE_ENTRIES 500
#define MAX_UNK_CACHE_ENTRIES 1000
#define MAX_PK_CACHE_ENTRIES 50
#define MAX_UID_CACHE_ENTRIES 50
typedef struct keyid_list {
struct keyid_list *next;
u32 keyid[2];
} *keyid_list_t;
typedef struct user_id_db {
struct user_id_db *next;
u32 keyid[2];
int len;
char name[1];
} *user_id_db_t;
typedef struct pk_cache_entry {
struct pk_cache_entry *next;
u32 keyid[2];
PKT_public_key *pk;
} *pk_cache_entry_t;
typedef struct enum_seckey_context {
int eof;
STRLIST sl;
@ -64,10 +48,39 @@ typedef struct enum_seckey_context {
static STRLIST keyrings;
static STRLIST secret_keyrings;
static keyid_list_t unknown_keyids;
#if MAX_UNK_CACHE_ENTRIES
typedef struct keyid_list {
struct keyid_list *next;
u32 keyid[2];
} *keyid_list_t;
static keyid_list_t unknown_keyids;
static int unk_cache_entries; /* number of entries in unknown keys cache */
static int unk_cache_disabled;
#endif
#if MAX_PK_CACHE_ENTRIES
typedef struct pk_cache_entry {
struct pk_cache_entry *next;
u32 keyid[2];
PKT_public_key *pk;
} *pk_cache_entry_t;
static pk_cache_entry_t pk_cache;
static int pk_cache_entries; /* number of entries in pk cache */
static int pk_cache_disabled;
#endif
#if MAX_UID_CACHE_ENTRIES < 5
#error we really need the userid cache
#endif
typedef struct user_id_db {
struct user_id_db *next;
u32 keyid[2];
int len;
char name[1];
} *user_id_db_t;
static user_id_db_t user_id_db;
static pk_cache_entry_t pk_cache;
static int pk_cache_entries; /* number of entries in pk cache */
static int uid_cache_entries; /* number of entries in uid cache */
static int lookup( PKT_public_key *pk,
@ -166,9 +179,13 @@ add_secret_keyring( const char *name )
static void
cache_public_key( PKT_public_key *pk )
{
#if MAX_PK_CACHE_ENTRIES
pk_cache_entry_t ce;
u32 keyid[2];
if( pk_cache_disabled )
return;
if( is_ELGAMAL(pk->pubkey_algo)
|| pk->pubkey_algo == PUBKEY_ALGO_DSA
|| is_RSA(pk->pubkey_algo) ) {
@ -184,24 +201,20 @@ cache_public_key( PKT_public_key *pk )
return;
}
if( pk_cache_entries > MAX_PK_CACHE_ENTRIES ) {
/* FIMXE: use another algorithm to free some cache slots */
if( pk_cache_entries == MAX_PK_CACHE_ENTRIES ) {
pk_cache_entries++;
log_info("too many entries in pk cache - disabled\n");
}
ce = pk_cache;
free_public_key( ce->pk );
}
else {
pk_cache_entries++;
ce = m_alloc( sizeof *ce );
ce->next = pk_cache;
pk_cache = ce;
if( pk_cache_entries >= MAX_PK_CACHE_ENTRIES ) {
/* fixme: use another algorithm to free some cache slots */
pk_cache_disabled=1;
log_info("too many entries in pk cache - disabled\n");
return;
}
pk_cache_entries++;
ce = m_alloc( sizeof *ce );
ce->next = pk_cache;
pk_cache = ce;
ce->pk = copy_public_key( NULL, pk );
ce->keyid[0] = keyid[0];
ce->keyid[1] = keyid[1];
#endif
}
@ -220,6 +233,13 @@ cache_user_id( PKT_user_id *uid, u32 *keyid )
return;
}
if( uid_cache_entries >= MAX_UID_CACHE_ENTRIES ) {
/* fixme: use another algorithm to free some cache slots */
r = user_id_db;
user_id_db = r->next;
m_free(r);
uid_cache_entries--;
}
r = m_alloc( sizeof *r + uid->len-1 );
r->keyid[0] = keyid[0];
r->keyid[1] = keyid[1];
@ -227,6 +247,7 @@ cache_user_id( PKT_user_id *uid, u32 *keyid )
memcpy(r->name, uid->name, r->len);
r->next = user_id_db;
user_id_db = r;
uid_cache_entries++;
}
@ -239,23 +260,30 @@ cache_user_id( PKT_user_id *uid, u32 *keyid )
int
get_pubkey( PKT_public_key *pk, u32 *keyid )
{
keyid_list_t kl;
int internal = 0;
int rc = 0;
pk_cache_entry_t ce;
/* let's see whether we checked the keyid already */
for( kl = unknown_keyids; kl; kl = kl->next )
if( kl->keyid[0] == keyid[0] && kl->keyid[1] == keyid[1] )
return G10ERR_NO_PUBKEY; /* already checked and not found */
#if MAX_UNK_CACHE_ENTRIES
{ /* let's see whether we checked the keyid already */
keyid_list_t kl;
for( kl = unknown_keyids; kl; kl = kl->next )
if( kl->keyid[0] == keyid[0] && kl->keyid[1] == keyid[1] )
return G10ERR_NO_PUBKEY; /* already checked and not found */
}
#endif
/* Try to get it from our cache */
for( ce = pk_cache; ce; ce = ce->next )
if( ce->keyid[0] == keyid[0] && ce->keyid[1] == keyid[1] ) {
if( pk )
copy_public_key( pk, ce->pk );
return 0;
#if MAX_PK_CACHE_ENTRIES
{ /* Try to get it from the cache */
pk_cache_entry_t ce;
for( ce = pk_cache; ce; ce = ce->next ) {
if( ce->keyid[0] == keyid[0] && ce->keyid[1] == keyid[1] ) {
if( pk )
copy_public_key( pk, ce->pk );
return 0;
}
}
}
#endif
/* more init stuff */
if( !pk ) {
pk = m_alloc_clear( sizeof *pk );
@ -268,12 +296,24 @@ get_pubkey( PKT_public_key *pk, u32 *keyid )
if( !rc )
goto leave;
#if MAX_UNK_CACHE_ENTRIES
/* not found: store it for future reference */
kl = m_alloc( sizeof *kl );
kl->keyid[0] = keyid[0];
kl->keyid[1] = keyid[1];
kl->next = unknown_keyids;
unknown_keyids = kl;
if( unk_cache_disabled )
;
else if( ++unk_cache_entries > MAX_UNK_CACHE_ENTRIES ) {
unk_cache_disabled = 1;
log_info("too many entries in unk cache - disabled\n");
}
else {
keyid_list_t kl;
kl = m_alloc( sizeof *kl );
kl->keyid[0] = keyid[0];
kl->keyid[1] = keyid[1];
kl->next = unknown_keyids;
unknown_keyids = kl;
}
#endif
rc = G10ERR_NO_PUBKEY;
leave:
@ -829,9 +869,10 @@ lookup( PKT_public_key *pk, int mode, u32 *keyid,
break;
}
else if( mode == 16 || mode == 20 ) {
byte afp[MAX_FINGERPRINT_LEN];
size_t an;
byte *afp = fingerprint_from_pk(
k->pkt->pkt.public_key, NULL, &an );
fingerprint_from_pk(k->pkt->pkt.public_key, afp, &an );
if( DBG_CACHE ) {
u32 aki[2];
@ -845,10 +886,8 @@ lookup( PKT_public_key *pk, int mode, u32 *keyid,
&& ( !pk->pubkey_algo
|| pk->pubkey_algo
== k->pkt->pkt.public_key->pubkey_algo) ) {
m_free(afp);
break;
}
m_free(afp);
}
else
BUG();
@ -1008,16 +1047,15 @@ lookup_sk( PKT_secret_key *sk, int mode, u32 *keyid, const char *name,
}
else if( mode == 16 || mode == 20 ) {
size_t an;
byte *afp = fingerprint_from_sk(
k->pkt->pkt.secret_key, NULL, &an );
byte afp[MAX_FINGERPRINT_LEN];
fingerprint_from_sk(k->pkt->pkt.secret_key, afp, &an );
if( an == mode && !memcmp( afp, name, an)
&& ( !sk->pubkey_algo
|| sk->pubkey_algo
== k->pkt->pkt.secret_key->pubkey_algo) ) {
m_free(afp);
break;
}
m_free(afp);
}
else
BUG();

36
g10/kbnode.c
View File

@ -28,12 +28,20 @@
#include "packet.h"
#include "keydb.h"
#define USE_UNUSED_NODES 1
static KBNODE unused_nodes;
KBNODE
new_kbnode( PACKET *pkt )
{
KBNODE n = m_alloc( sizeof *n );
KBNODE n;
n = unused_nodes;
if( n )
unused_nodes = n->next;
else
n = m_alloc( sizeof *n );
n->next = NULL;
n->pkt = pkt;
n->flag = 0;
@ -45,7 +53,13 @@ new_kbnode( PACKET *pkt )
KBNODE
clone_kbnode( KBNODE node )
{
KBNODE n = m_alloc( sizeof *n );
KBNODE n;
n = unused_nodes;
if( n )
unused_nodes = n->next;
else
n = m_alloc( sizeof *n );
n->next = NULL;
n->pkt = node->pkt;
n->flag = 0;
@ -61,9 +75,16 @@ release_kbnode( KBNODE n )
while( n ) {
n2 = n->next;
if( !(n->private_flag & 2) )
if( !(n->private_flag & 2) ) {
free_packet( n->pkt );
m_free( n->pkt );
}
#if USE_UNUSED_NODES
n->next = unused_nodes;
unused_nodes = n;
#else
m_free( n );
#endif
n = n2;
}
}
@ -230,9 +251,16 @@ commit_kbnode( KBNODE *root )
*root = nl = n->next;
else
nl->next = n->next;
if( !(n->private_flag & 2) )
if( !(n->private_flag & 2) ) {
free_packet( n->pkt );
m_free( n->pkt );
}
#if USE_UNUSED_NODES
n->next = unused_nodes;
unused_nodes = n;
#else
m_free( n );
#endif
changed = 1;
}
else

6
g10/keyedit.c
View File

@ -902,10 +902,11 @@ show_key_and_fingerprint( KBNODE keyblock )
static void
show_fingerprint( PKT_public_key *pk )
{
byte *array, *p;
byte array[MAX_FINGERPRINT_LEN], *p;
size_t i, n;
p = array = fingerprint_from_pk( pk, NULL, &n );
fingerprint_from_pk( pk, array, &n );
p = array;
tty_printf(" Fingerprint:");
if( n == 20 ) {
for(i=0; i < n ; i++, i++, p += 2 ) {
@ -922,7 +923,6 @@ show_fingerprint( PKT_public_key *pk )
}
}
tty_printf("\n");
m_free(array);
}

2
g10/keyid.c
View File

@ -330,7 +330,7 @@ expirestr_from_sk( PKT_secret_key *sk )
/**************** .
* Return a byte array with the fingerprint for the given PK/SK
* The length of the array is returned in ret_len. Caller must free
* the array or provide array as buffer of length MAX_FINGERPRINT_LEN
* the array or provide an array of length MAX_FINGERPRINT_LEN.
*/
byte *

10
g10/mainproc.c
View File

@ -413,11 +413,14 @@ print_userid( PACKET *pkt )
static void
print_fingerprint( PKT_public_key *pk, PKT_secret_key *sk )
{
byte *array, *p;
byte array[MAX_FINGERPRINT_LEN], *p;
size_t i, n;
p = array = sk? fingerprint_from_sk( sk, NULL, &n )
: fingerprint_from_pk( pk, NULL, &n );
if( sk )
fingerprint_from_sk( sk, array, &n );
else
fingerprint_from_pk( pk, array, &n );
p = array;
if( opt.with_colons ) {
printf("fpr:::::::::");
for(i=0; i < n ; i++, p++ )
@ -442,7 +445,6 @@ print_fingerprint( PKT_public_key *pk, PKT_secret_key *sk )
}
}
putchar('\n');
m_free(array);
}

26
g10/revoke.c
View File

@ -57,7 +57,7 @@ gen_revoke( const char *uname )
KBPOS kbpos;
if( opt.batch ) {
log_error("sorry, can't do this in batch mode\n");
log_error(_("sorry, can't do this in batch mode\n"));
return G10ERR_GENERAL;
}
@ -70,21 +70,21 @@ gen_revoke( const char *uname )
/* search the userid */
rc = find_secret_keyblock_byname( &kbpos, uname );
if( rc ) {
log_error("secret key for user '%s' not found\n", uname );
log_error(_("secret key for user '%s' not found\n"), uname );
goto leave;
}
/* read the keyblock */
rc = read_keyblock( &kbpos, &keyblock );
if( rc ) {
log_error("error reading the certificate: %s\n", g10_errstr(rc) );
log_error(_("error reading the certificate: %s\n"), g10_errstr(rc) );
goto leave;
}
/* get the keyid from the keyblock */
node = find_kbnode( keyblock, PKT_SECRET_KEY );
if( !node ) { /* maybe better to use log_bug ? */
log_error("Oops; secret key not found anymore!\n");
log_error(_("Oops; secret key not found anymore!\n"));
rc = G10ERR_GENERAL;
goto leave;
}
@ -107,11 +107,11 @@ gen_revoke( const char *uname )
pk = m_alloc_clear( sizeof *pk );
rc = get_pubkey( pk, sk_keyid );
if( rc ) {
log_error("no corresponding public key: %s\n", g10_errstr(rc) );
log_error(_("no corresponding public key: %s\n"), g10_errstr(rc) );
goto leave;
}
if( cmp_public_secret_key( pk, sk ) ) {
log_error("public key does not match secret key!\n" );
log_error(_("public key does not match secret key!\n") );
rc = G10ERR_GENERAL;
goto leave;
}
@ -125,11 +125,11 @@ gen_revoke( const char *uname )
switch( is_secret_key_protected( sk ) ) {
case -1:
log_error("unknown protection algorithm\n");
log_error(_("unknown protection algorithm\n"));
rc = G10ERR_PUBKEY_ALGO;
break;
case 0:
tty_printf("Warning: This key is not protected!\n");
tty_printf(_("note: This key is not protected!\n"));
break;
default:
rc = check_secret_key( sk, 0 );
@ -140,7 +140,7 @@ gen_revoke( const char *uname )
if( !opt.armor )
tty_printf("ASCII armored output forced.\n");
tty_printf(_("ASCII armored output forced.\n"));
if( (rc = open_outfile( NULL, 0, &out )) )
goto leave;
@ -155,7 +155,7 @@ gen_revoke( const char *uname )
/* create it */
rc = make_keysig_packet( &sig, pk, NULL, NULL, sk, 0x20, 0, NULL, NULL);
if( rc ) {
log_error("make_keysig_packet failed: %s\n", g10_errstr(rc));
log_error(_("make_keysig_packet failed: %s\n"), g10_errstr(rc));
goto leave;
}
init_packet( &pkt );
@ -164,17 +164,17 @@ gen_revoke( const char *uname )
rc = build_packet( out, &pkt );
if( rc ) {
log_error("build_packet failed: %s\n", g10_errstr(rc) );
log_error(_("build_packet failed: %s\n"), g10_errstr(rc) );
goto leave;
}
/* and issue a usage notice */
tty_printf("Revocation certificate created.\n\n"
tty_printf(_("Revocation certificate created.\n\n"
"Please move it to a medium which you can hide away; if Mallory gets\n"
"access to this certificate he can use it to make your key unusable.\n"
"It is smart to print this certificate and store it away, just in case\n"
"your media become unreadable. But have some caution: The print system of\n"
"your machine might store the data and make it available to others!\n");
"your machine might store the data and make it available to others!\n"));

5
g10/ringedit.c
View File

@ -679,9 +679,11 @@ keyring_enum( KBPOS *kbpos, KBNODE *ret_root, int skipsigs )
/* skip pakets at the beginning of a keyring, until we find
* a start packet; issue a warning if it is not a comment */
if( !root && pkt->pkttype != PKT_COMMENT
&& pkt->pkttype != PKT_OLD_COMMENT )
&& pkt->pkttype != PKT_OLD_COMMENT ) {
log_info("keyring_enum: skipped packet of type %d\n",
pkt->pkttype );
break;
}
if( !root || (skipsigs && ( pkt->pkttype == PKT_SIGNATURE
||pkt->pkttype == PKT_COMMENT
||pkt->pkttype == PKT_OLD_COMMENT )) ) {
@ -704,6 +706,7 @@ keyring_enum( KBPOS *kbpos, KBNODE *ret_root, int skipsigs )
*ret_root = root;
free_packet( pkt );
m_free( pkt );
return rc;
}

547
g10/tdbio.c
View File

@ -39,6 +39,18 @@
#include "trustdb.h"
#include "tdbio.h"
/* a type used to pass infomation to cmp_krec_fpr */
struct cmp_krec_fpr_struct {
int pubkey_algo;
const char *fpr;
int fprlen;
};
/* a type used to pass infomation to cmp_sdir */
struct cmp_sdir_struct {
int pubkey_algo;
u32 keyid[2];
};
static char *db_name;
@ -148,6 +160,47 @@ open_db()
}
/****************
* Make a hashtable: type 0 = key hash, 1 = sdir hash
*/
static void
create_hashtable( TRUSTREC *vr, int type )
{
TRUSTREC rec;
off_t offset;
ulong recnum;
int i, n, rc;
offset = lseek( db_fd, 0, SEEK_END );
if( offset == -1 )
log_fatal("trustdb: lseek to end failed: %s\n", strerror(errno) );
recnum = offset / TRUST_RECORD_LEN;
assert(recnum); /* this is will never be the first record */
if( !type )
vr->r.ver.keyhashtbl = recnum;
else
vr->r.ver.sdirhashtbl = recnum;
/* Now write the records */
n = (256+ITEMS_PER_HTBL_RECORD-1) / ITEMS_PER_HTBL_RECORD;
for(i=0; i < n; i++, recnum++ ) {
memset( &rec, 0, sizeof rec );
rec.rectype = RECTYPE_HTBL; /* free record */
rec.recnum = recnum;
rc = tdbio_write_record( &rec );
if( rc )
log_fatal_f(db_name,_("failed to create hashtable: %s\n"),
g10_errstr(rc));
}
/* update the version record */
rc = tdbio_write_record( vr );
if( rc )
log_fatal_f( db_name, _("error updating version record: %s\n"),
g10_errstr(rc));
}
/****************
* Return the record number of the keyhash tbl or create a new one.
*/
@ -165,48 +218,45 @@ get_keyhashrec()
if( rc )
log_fatal_f( db_name, _("error reading version record: %s\n"),
g10_errstr(rc) );
if( vr.r.ver.keyhashtbl )
keyhashtbl = vr.r.ver.keyhashtbl;
else {
TRUSTREC rec;
off_t offset;
ulong recnum;
int i, n;
if( !vr.r.ver.keyhashtbl )
create_hashtable( &vr, 0 );
offset = lseek( db_fd, 0, SEEK_END );
if( offset == -1 )
log_fatal("trustdb: lseek to end failed: %s\n", strerror(errno) );
recnum = offset / TRUST_RECORD_LEN;
assert(recnum); /* this is will never be the first record */
keyhashtbl = recnum;
/* Now write the records */
n = (256+ITEMS_PER_HTBL_RECORD-1) / ITEMS_PER_HTBL_RECORD;
for(i=0; i < n; i++, recnum++ ) {
memset( &rec, 0, sizeof rec );
rec.rectype = RECTYPE_HTBL; /* free record */
rec.recnum = recnum;
rc = tdbio_write_record( &rec );
if( rc )
log_fatal_f(db_name,_("failed to create hashtable: %s\n"),
g10_errstr(rc));
}
/* update the version record */
vr.r.ver.keyhashtbl = keyhashtbl;
rc = tdbio_write_record( &vr );
if( rc )
log_fatal_f( db_name, _("error updating version record: %s\n"),
g10_errstr(rc));
}
return keyhashtbl;
return vr.r.ver.keyhashtbl;
}
/****************
* Return the record number of the shadow direcory hash table
* or create a new one.
*/
static ulong
get_sdirhashrec()
{
static ulong sdirhashtbl; /* record number of the hashtable */
TRUSTREC vr;
int rc;
if( sdirhashtbl )
return sdirhashtbl;
rc = tdbio_read_record( 0, &vr, RECTYPE_VER );
if( rc )
log_fatal_f( db_name, _("error reading version record: %s\n"),
g10_errstr(rc) );
if( !vr.r.ver.sdirhashtbl )
create_hashtable( &vr, 1 );
return vr.r.ver.sdirhashtbl;
}
/****************
* Update the key hashtbl or create the table if it does not exist
* Update a hashtable.
* table gives the start of the table, key and keylen is the key,
* newrecnum is the record number to insert.
*/
static int
update_keyhashtbl( TRUSTREC *kr )
upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum )
{
TRUSTREC lastrec, rec;
ulong hashrec, item;
@ -214,40 +264,40 @@ update_keyhashtbl( TRUSTREC *kr )
int level=0;
int rc, i;
hashrec = get_keyhashrec();
hashrec = table;
next_level:
msb = kr->r.key.fingerprint[level];
msb = key[level];
hashrec += msb / ITEMS_PER_HTBL_RECORD;
rc = tdbio_read_record( hashrec, &rec, RECTYPE_HTBL );
if( rc ) {
log_error( db_name, "update_keyhashtbl read failed: %s\n",
log_error( db_name, "upd_hashtable: read failed: %s\n",
g10_errstr(rc) );
return rc;
}
item = rec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD];
if( !item ) { /* insert new one */
rec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD] = kr->recnum;
if( !item ) { /* insert a new item into the hash table */
rec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD] = newrecnum;
rc = tdbio_write_record( &rec );
if( rc ) {
log_error( db_name, "update_keyhashtbl write htbl failed: %s\n",
log_error( db_name, "upd_hashtable: write htbl failed: %s\n",
g10_errstr(rc) );
return rc;
}
}
else if( item != kr->recnum ) { /* must do an update */
else if( item != newrecnum ) { /* must do an update */
lastrec = rec;
rc = tdbio_read_record( item, &rec, 0 );
if( rc ) {
log_error( db_name, "update_keyhashtbl read item failed: %s\n",
log_error( db_name, "upd_hashtable: read item failed: %s\n",
g10_errstr(rc) );
return rc;
}
if( rec.rectype == RECTYPE_HTBL ) {
hashrec = item;
level++;
if( level >= kr->r.key.fingerprint_len ) {
log_error( db_name, "keyhashtbl has invalid indirections\n");
if( level >= keylen ) {
log_error( db_name, "hashtable has invalid indirections.\n");
return G10ERR_TRUSTDB;
}
goto next_level;
@ -256,15 +306,13 @@ update_keyhashtbl( TRUSTREC *kr )
/* see whether the key is already in this list */
for(;;) {
for(i=0; i < ITEMS_PER_HLST_RECORD; i++ ) {
if( rec.r.hlst.rnum[i] == kr->recnum ) {
log_debug("HTBL: no update needed for keyrec %lu\n",
kr->recnum );
return 0;
if( rec.r.hlst.rnum[i] == newrecnum ) {
return 0; /* okay, already in the list */
}
}
if( rec.r.hlst.next ) {
rc = tdbio_read_record( rec.r.hlst.next,
&rec, RECTYPE_HLST);
&rec, RECTYPE_HLST);
if( rc ) {
log_error( db_name,
"scan keyhashtbl read hlst failed: %s\n",
@ -279,13 +327,13 @@ update_keyhashtbl( TRUSTREC *kr )
for(;;) {
for(i=0; i < ITEMS_PER_HLST_RECORD; i++ ) {
if( !rec.r.hlst.rnum[i] ) {
rec.r.hlst.rnum[i] = kr->recnum;
rec.r.hlst.rnum[i] = newrecnum;
rc = tdbio_write_record( &rec );
if( rc )
log_error( db_name,
"update_keyhashtbl write hlst failed: %s\n",
"upd_hashtable: write hlst failed: %s\n",
g10_errstr(rc) );
return rc; /* ready */
return rc; /* done */
}
}
if( rec.r.hlst.next ) {
@ -293,7 +341,7 @@ update_keyhashtbl( TRUSTREC *kr )
&rec, RECTYPE_HLST );
if( rc ) {
log_error( db_name,
"update_keyhashtbl read hlst failed: %s\n",
"upd_hashtable: read hlst failed: %s\n",
g10_errstr(rc) );
return rc;
}
@ -303,26 +351,26 @@ update_keyhashtbl( TRUSTREC *kr )
rc = tdbio_write_record( &rec );
if( rc ) {
log_error( db_name,
"update_keyhashtbl write hlst failed: %s\n",
"upd_hashtable: write hlst failed: %s\n",
g10_errstr(rc) );
return rc;
}
memset( &rec, 0, sizeof rec );
rec.rectype = RECTYPE_HLST;
rec.recnum = item;
rec.r.hlst.rnum[0] = kr->recnum;
rec.r.hlst.rnum[0] = newrecnum;
rc = tdbio_write_record( &rec );
if( rc )
log_error( db_name,
"update_keyhashtbl write ext hlst failed: %s\n",
"upd_hashtable: write ext hlst failed: %s\n",
g10_errstr(rc) );
return rc; /* ready */
return rc; /* done */
}
}
} /* end loop over hlst slots */
}
else if( rec.rectype == RECTYPE_KEY ) { /* insert a list record */
if( rec.recnum == kr->recnum ) {
log_debug("HTBL: no update needed for keyrec %lu\n",
kr->recnum );
else if( rec.rectype == RECTYPE_KEY
|| rec.rectype == RECTYPE_SDIR ) { /* insert a list record */
if( rec.recnum == newrecnum ) {
return 0;
}
item = rec.recnum; /* save number of key record */
@ -330,11 +378,11 @@ update_keyhashtbl( TRUSTREC *kr )
rec.rectype = RECTYPE_HLST;
rec.recnum = tdbio_new_recnum();
rec.r.hlst.rnum[0] = item; /* old keyrecord */
rec.r.hlst.rnum[1] = kr->recnum; /* and new one */
rec.r.hlst.rnum[1] = newrecnum; /* and new one */
rc = tdbio_write_record( &rec );
if( rc ) {
log_error( db_name,
"update_keyhashtbl write new hlst failed: %s\n",
"upd_hashtable: write new hlst failed: %s\n",
g10_errstr(rc) );
return rc;
}
@ -342,13 +390,12 @@ update_keyhashtbl( TRUSTREC *kr )
lastrec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD] = rec.recnum;
rc = tdbio_write_record( &lastrec );
if( rc )
log_error( db_name,
"update_keyhashtbl update htbl failed: %s\n",
g10_errstr(rc) );
log_error( db_name, "upd_hashtable: update htbl failed: %s\n",
g10_errstr(rc) );
return rc; /* ready */
}
else {
log_error( db_name, "keyhashtbl %lu points to an invalid record\n",
log_error( db_name, "hashtbl %lu points to an invalid record\n",
item);
return G10ERR_TRUSTDB;
}
@ -359,6 +406,119 @@ update_keyhashtbl( TRUSTREC *kr )
/****************
* Lookup a record via the hashtable tablewith key/keylen and return the
* result in rec. cmp() should return if the record is the desired one.
* Returns -1 if not found, 0 if found or another errocode
*/
static int
lookup_hashtable( ulong table, const byte *key, size_t keylen,
int (*cmpfnc)(void*, const TRUSTREC *), void *cmpdata,
TRUSTREC *rec )
{
int rc;
ulong hashrec, item;
int msb;
int level=0;
hashrec = table;
next_level:
msb = key[level];
hashrec += msb / ITEMS_PER_HTBL_RECORD;
rc = tdbio_read_record( hashrec, rec, RECTYPE_HTBL );
if( rc ) {
log_error( db_name, "lookup_hashtable failed: %s\n", g10_errstr(rc) );
return rc;
}
item = rec->r.htbl.item[msb % ITEMS_PER_HTBL_RECORD];
if( !item )
return -1; /* not found */
rc = tdbio_read_record( item, rec, 0 );
if( rc ) {
log_error( db_name, "hashtable read failed: %s\n", g10_errstr(rc) );
return rc;
}
if( rec->rectype == RECTYPE_HTBL ) {
hashrec = item;
level++;
if( level >= keylen ) {
log_error( db_name, "hashtable has invalid indirections\n");
return G10ERR_TRUSTDB;
}
goto next_level;
}
else if( rec->rectype == RECTYPE_HLST ) {
for(;;) {
int i;
for(i=0; i < ITEMS_PER_HLST_RECORD; i++ ) {
if( rec->r.hlst.rnum[i] ) {
TRUSTREC tmp;
rc = tdbio_read_record( rec->r.hlst.rnum[i], &tmp, 0 );
if( rc ) {
log_error( "lookup_hashtable: read item failed: %s\n",
g10_errstr(rc) );
return rc;
}
if( (*cmpfnc)( cmpdata, &tmp ) ) {
*rec = tmp;
return 0;
}
}
}
if( rec->r.hlst.next ) {
rc = tdbio_read_record( rec->r.hlst.next, rec, RECTYPE_HLST );
if( rc ) {
log_error( "lookup_hashtable: read hlst failed: %s\n",
g10_errstr(rc) );
return rc;
}
}
else
return -1; /* not found */
}
}
if( (*cmpfnc)( cmpdata, rec ) )
return 0; /* really found */
return -1; /* no: not found */
}
/****************
* Update the key hashtbl or create the table if it does not exist
*/
static int
update_keyhashtbl( TRUSTREC *kr )
{
return upd_hashtable( get_keyhashrec(),
kr->r.key.fingerprint,
kr->r.key.fingerprint_len, kr->recnum );
}
/****************
* Update the shadow dir hashtbl or create the table if it does not exist
*/
static int
update_sdirhashtbl( TRUSTREC *sr )
{
byte key[8];
u32tobuf( key , sr->r.sdir.keyid[0] );
u32tobuf( key+4 , sr->r.sdir.keyid[1] );
return upd_hashtable( get_sdirhashrec(), key, 8, sr->recnum );
}
void
tdbio_dump_record( TRUSTREC *rec, FILE *fp )
{
@ -371,8 +531,9 @@ tdbio_dump_record( TRUSTREC *rec, FILE *fp )
switch( rec->rectype ) {
case 0: fprintf(fp, "blank\n");
break;
case RECTYPE_VER: fprintf(fp, "version, keyhashtbl=%lu, firstfree=%lu\n",
rec->r.ver.keyhashtbl, rec->r.ver.firstfree );
case RECTYPE_VER: fprintf(fp, "version, kd=%lu, sd=%lu, free=%lu\n",
rec->r.ver.keyhashtbl, rec->r.ver.sdirhashtbl,
rec->r.ver.firstfree );
break;
case RECTYPE_FREE: fprintf(fp, "free, next=%lu\n", rec->r.free.next );
break;
@ -411,6 +572,10 @@ tdbio_dump_record( TRUSTREC *rec, FILE *fp )
rec->r.uid.prefrec,
rec->r.uid.siglist,
rec->r.uid.namehash[18], rec->r.uid.namehash[19]);
if( rec->r.uid.uidflags & UIDF_CHECKED )
fputs(", checked", fp );
if( rec->r.uid.uidflags & UIDF_VALID )
fputs(", valid", fp );
if( rec->r.uid.uidflags & UIDF_REVOKED )
fputs(", revoked", fp );
putc('\n', fp);
@ -436,6 +601,14 @@ tdbio_dump_record( TRUSTREC *rec, FILE *fp )
}
putc('\n', fp);
break;
case RECTYPE_SDIR:
fprintf(fp, "sdir %lu, keyid=%08lX%08lX, algo=%d, hint=%lu\n",
rec->r.sdir.lid,
(ulong)rec->r.sdir.keyid[0],
(ulong)rec->r.sdir.keyid[1],
rec->r.sdir.pubkey_algo,
(ulong)rec->r.sdir.hintlist );
break;
case RECTYPE_CACH:
fprintf(fp, "cach\n");
break;
@ -483,6 +656,7 @@ tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected )
return G10ERR_READ_FILE;
}
rec->recnum = recnum;
rec->dirty = 0;
p = buf;
rec->rectype = *p++;
if( expected && rec->rectype != expected ) {
@ -508,6 +682,7 @@ tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected )
rec->r.ver.validated= buftoulong(p); p += 4;
rec->r.ver.keyhashtbl=buftoulong(p); p += 4;
rec->r.ver.firstfree =buftoulong(p); p += 4;
rec->r.ver.sdirhashtbl =buftoulong(p); p += 4;
if( recnum ) {
log_error_f( db_name, "version record with recnum %lu\n",
(ulong)recnum );
@ -568,6 +743,19 @@ tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected )
rec->r.sig.sig[i].flag = *p++;
}
break;
case RECTYPE_SDIR: /* shadow directory record */
rec->r.sdir.lid = buftoulong(p); p += 4;
rec->r.sdir.keyid[0]= buftou32(p); p += 4;
rec->r.sdir.keyid[1]= buftou32(p); p += 4;
rec->r.sdir.pubkey_algo = *p++;
p += 3;
rec->r.sdir.hintlist = buftoulong(p);
if( rec->r.sdir.lid != recnum ) {
log_error_f( db_name, "sdir LID != recnum (%lu,%lu)\n",
rec->r.sdir.lid, (ulong)recnum );
rc = G10ERR_TRUSTDB;
}
break;
case RECTYPE_CACH: /* cache record (FIXME)*/
rec->r.cache.lid = buftoulong(p); p += 4;
memcpy(rec->r.cache.blockhash, p, 20); p += 20;
@ -609,6 +797,8 @@ tdbio_write_record( TRUSTREC *rec )
if( db_fd == -1 )
open_db();
tdbio_dump_record( rec, stdout );
memset(buf, 0, TRUST_RECORD_LEN);
p = buf;
*p++ = rec->rectype; p++;
@ -626,6 +816,7 @@ tdbio_write_record( TRUSTREC *rec )
ulongtobuf(p, rec->r.ver.validated); p += 4;
ulongtobuf(p, rec->r.ver.keyhashtbl); p += 4;
ulongtobuf(p, rec->r.ver.firstfree ); p += 4;
ulongtobuf(p, rec->r.ver.sdirhashtbl ); p += 4;
break;
case RECTYPE_FREE:
@ -677,6 +868,15 @@ tdbio_write_record( TRUSTREC *rec )
}
break;
case RECTYPE_SDIR:
ulongtobuf( p, rec->r.sdir.lid); p += 4;
u32tobuf( p, rec->r.sdir.keyid[0] ); p += 4;
u32tobuf( p, rec->r.sdir.keyid[1] ); p += 4;
*p++ = rec->r.sdir.pubkey_algo;
p += 3;
ulongtobuf( p, rec->r.sdir.hintlist );
break;
case RECTYPE_CACH: /* FIXME*/
ulongtobuf(p, rec->r.cache.lid); p += 4;
memcpy(p, rec->r.cache.blockhash, 20); p += 20;
@ -711,6 +911,8 @@ tdbio_write_record( TRUSTREC *rec )
}
else if( rec->rectype == RECTYPE_KEY )
rc = update_keyhashtbl( rec );
else if( rec->rectype == RECTYPE_SDIR )
rc = update_sdirhashtbl( rec );
return rc;
}
@ -805,13 +1007,13 @@ tdbio_new_recnum()
int
tdbio_search_dir_bypk( PKT_public_key *pk, TRUSTREC *rec )
{
byte *fingerprint;
byte fingerprint[MAX_FINGERPRINT_LEN];
size_t fingerlen;
u32 keyid[2];
int rc;
keyid_from_pk( pk, keyid );
fingerprint = fingerprint_from_pk( pk, NULL, &fingerlen );
fingerprint_from_pk( pk, fingerprint, &fingerlen );
rc = tdbio_search_dir_byfpr( fingerprint, fingerlen,
pk->pubkey_algo, rec );
@ -827,185 +1029,74 @@ tdbio_search_dir_bypk( PKT_public_key *pk, TRUSTREC *rec )
}
static int
cmp_krec_fpr( void *dataptr, const TRUSTREC *rec )
{
const struct cmp_krec_fpr_struct *d = dataptr;
return rec->rectype == RECTYPE_KEY
&& ( !d->pubkey_algo || rec->r.key.pubkey_algo == d->pubkey_algo )
&& rec->r.key.fingerprint_len == d->fprlen
&& !memcmp( rec->r.key.fingerprint, d->fpr, d->fprlen );
}
int
tdbio_search_dir_byfpr( const byte *fingerprint, size_t fingerlen,
int pubkey_algo, TRUSTREC *rec )
{
struct cmp_krec_fpr_struct cmpdata;
ulong recnum;
int rc;
ulong hashrec, item;
int msb;
int level=0;
assert( fingerlen == 20 || fingerlen == 16 );
/* locate the key using the hash table */
hashrec = get_keyhashrec();
next_level:
msb = fingerprint[level];
hashrec += msb / ITEMS_PER_HTBL_RECORD;
rc = tdbio_read_record( hashrec, rec, RECTYPE_HTBL );
if( rc ) {
log_error( db_name, "scan keyhashtbl failed: %s\n", g10_errstr(rc) );
return rc;
cmpdata.pubkey_algo = pubkey_algo;
cmpdata.fpr = fingerprint;
cmpdata.fprlen = fingerlen;
rc = lookup_hashtable( get_keyhashrec(), fingerprint, fingerlen,
cmp_krec_fpr, &cmpdata, rec );
if( !rc ) {
recnum = rec->r.key.lid;
/* Now read the dir record */
rc = tdbio_read_record( recnum, rec, RECTYPE_DIR);
if( rc )
log_error_f(db_name, "can't read dirrec %lu: %s\n",
recnum, g10_errstr(rc) );
}
item = rec->r.htbl.item[msb % ITEMS_PER_HTBL_RECORD];
if( !item )
return -1; /* not found */
rc = tdbio_read_record( item, rec, 0 );
if( rc ) {
log_error( db_name, "keyhashtbl read failed: %s\n", g10_errstr(rc) );
return rc;
}
if( rec->rectype == RECTYPE_HTBL ) {
hashrec = item;
level++;
if( level >= fingerlen ) {
log_error( db_name, "keyhashtbl has invalid indirections\n");
return G10ERR_TRUSTDB;
}
goto next_level;
}
else if( rec->rectype == RECTYPE_HLST ) {
for(;;) {
int i;
for(i=0; i < ITEMS_PER_HLST_RECORD; i++ ) {
if( rec->r.hlst.rnum[i] ) {
TRUSTREC tmp;
rc = tdbio_read_record( rec->r.hlst.rnum[i],
&tmp, RECTYPE_KEY );
if( rc ) {
log_error( db_name,
"scan keyhashtbl read key failed: %s\n",
g10_errstr(rc) );
return rc;
}
if( (!pubkey_algo || tmp.r.key.pubkey_algo == pubkey_algo)
&& tmp.r.key.fingerprint_len == fingerlen
&& !memcmp(tmp.r.key.fingerprint,
fingerprint, fingerlen) ) {
*rec = tmp;
goto found;
}
}
}
if( rec->r.hlst.next ) {
rc = tdbio_read_record( rec->r.hlst.next, rec, RECTYPE_HLST );
if( rc ) {
log_error( db_name,
"scan keyhashtbl read hlst failed: %s\n",
g10_errstr(rc) );
return rc;
}
}
else
return -1; /* not found */
}
found:
;
}
else if( rec->rectype == RECTYPE_KEY ) {
/* must check that it is the requested key */
if( (pubkey_algo && rec->r.key.pubkey_algo != pubkey_algo)
|| rec->r.key.fingerprint_len != fingerlen
|| memcmp(rec->r.key.fingerprint, fingerprint, fingerlen) )
return -1; /* no: not found */
}
else {
log_error( db_name, "keyhashtbl %lu points to an invalid record\n",
item);
return G10ERR_TRUSTDB;
}
recnum = rec->r.key.lid;
/* Now read the dir record */
rc = tdbio_read_record( recnum, rec, RECTYPE_DIR);
if( rc )
log_error_f(db_name, "can't read dirrec %lu: %s\n",
recnum, g10_errstr(rc) );
return rc;
}
static int
del_reclist( ulong recno, int type )
cmp_sdir( void *dataptr, const TRUSTREC *rec )
{
TRUSTREC rec;
int rc;
const struct cmp_sdir_struct *d = dataptr;
while( recno ) {
rc = tdbio_read_record( recno, &rec, type);
if( rc ) {
log_error_f(db_name, "can't read record %lu: %s\n",
recno, g10_errstr(rc));
return rc;
}
switch( type ) {
case RECTYPE_PREF: recno = rec.r.pref.next; break;
case RECTYPE_UID: recno = rec.r.uid.next; break;
default: BUG();
}
rc = tdbio_delete_record( rec.recnum );
if( rc ) {
log_error_f(db_name, "can't delete record %lu: %s\n",
rec.recnum, g10_errstr(rc));
return rc;
}
}
return 0;
return rec->rectype == RECTYPE_SDIR
&& ( !d->pubkey_algo || rec->r.sdir.pubkey_algo == d->pubkey_algo )
&& rec->r.sdir.keyid[0] == d->keyid[0]
&& rec->r.sdir.keyid[1] == d->keyid[1];
}
/****************
* Delete the Userid UIDLID from DIRLID
*/
int
tdbio_delete_uidrec( ulong dirlid, ulong uidlid )
tdbio_search_sdir( u32 *keyid, int pubkey_algo, TRUSTREC *rec )
{
TRUSTREC dirrec, rec;
ulong recno;
struct cmp_sdir_struct cmpdata;
int rc;
byte key[8];
rc = tdbio_read_record( dirlid, &dirrec, RECTYPE_DIR);
if( rc ) {
log_error_f(db_name, "can't read dirrec %lu: %s\n", dirlid, g10_errstr(rc));
return rc;
}
recno = dirrec.r.dir.uidlist;
for( ; recno; recno = rec.r.uid.next ) {
rc = tdbio_read_record( recno, &rec, RECTYPE_UID);
if( rc ) {
log_error_f(db_name, "can't read uidrec %lu: %s\n",
recno, g10_errstr(rc));
return rc;
}
if( recno == uidlid ) {
rc = del_reclist( rec.r.uid.prefrec, RECTYPE_PREF );
if( rc )
return rc;
rc = del_reclist( rec.r.uid.siglist, RECTYPE_SIG );
if( rc )
return rc;
rc = tdbio_delete_record( recno );
if( rc ) {
log_error_f(db_name, "can't delete uidrec %lu: %s\n",
recno, g10_errstr(rc));
return rc;
}
dirrec.r.dir.uidlist = 0;
rc = tdbio_write_record( &dirrec );
if( rc ) {
log_error_f(db_name, "can't update dirrec %lu: %s\n",
dirrec.recnum, g10_errstr(rc));
return rc;
}
return 0;
}
}
return -1; /* not found */
/* locate the shadow dir record using the hash table */
u32tobuf( key , keyid[0] );
u32tobuf( key+4 , keyid[1] );
cmpdata.pubkey_algo = pubkey_algo;
cmpdata.keyid[0] = keyid[0];
cmpdata.keyid[1] = keyid[1];
rc = lookup_hashtable( get_sdirhashrec(), key, 8,
cmp_sdir, &cmpdata, rec );
return rc;
}

31
g10/tdbio.h
View File

@ -39,6 +39,7 @@
#define RECTYPE_UID 4
#define RECTYPE_PREF 5
#define RECTYPE_SIG 6
#define RECTYPE_SDIR 8
#define RECTYPE_CACH 9
#define RECTYPE_HTBL 10
#define RECTYPE_HLST 11
@ -47,19 +48,28 @@
#define DIRF_CHECKED 1 /* everything has been checked, the other bits are
valid */
#define DIRF_MISKEY 2 /* some keys are missing, so they could not be checked*/
#define DIRF_MISKEY 2 /* not all signatures are checked */
/* this flag is used as a quick hint, that we */
/* do not need to look at the sig records */
#define DIRF_ERROR 4 /* severe errors: the key is not valid for some reasons
but we mark it to avoid duplicate checks */
#define DIRF_REVOKED 8 /* the complete key has been revoked */
#define KEYF_REVOKED DIRF_REVOKED /* this key has been revoked
(only useful on subkeys)*/
#define UIDF_REVOKED DIRF_REVOKED /* this user id has been revoked */
#define KEYF_REVOKED 8 /* this key has been revoked (only useful on subkeys)*/
#define UIDF_CHECKED 1 /* user id has been checked - other bits are valid */
#define UIDF_VALID 2 /* this is a valid user id */
#define UIDF_REVOKED 8 /* this user id has been revoked */
#define SIGF_CHECKED 1 /* signature has been checked - bits 0..6 are valid */
#define SIGF_VALID 2 /* the signature is valid */
#define SIGF_REVOKED 8 /* this signature has been revoked */
#define SIGF_NOPUBKEY 128 /* there is no pubkey for this sig */
struct trust_record {
int rectype;
int mark;
int dirty; /* for now only used internal by functions */
struct trust_record *next; /* help pointer to build lists in memory */
ulong recnum;
union {
@ -70,6 +80,7 @@ struct trust_record {
ulong validated; /* timestamp of last validation */
ulong keyhashtbl;
ulong firstfree;
ulong sdirhashtbl;
} ver;
struct { /* free record */
ulong next;
@ -109,9 +120,15 @@ struct trust_record {
ulong next; /* recnno of next record or NULL for last one */
struct {
ulong lid; /* of pubkey record of signator (0=unused) */
byte flag; /* SIGRF_xxxxx */
byte flag; /* SIGF_xxxxx */
} sig[SIGS_PER_RECORD];
} sig;
struct {
ulong lid;
u32 keyid[2];
byte pubkey_algo;
u32 hintlist;
} sdir;
struct { /* cache record */
ulong lid;
byte blockhash[20];
@ -122,7 +139,7 @@ struct trust_record {
} htbl;
struct {
ulong next;
ulong rnum[ITEMS_PER_HLST_RECORD]; /* of a key record */
ulong rnum[ITEMS_PER_HLST_RECORD]; /* of another record */
} hlst;
} r;
};
@ -154,7 +171,7 @@ ulong tdbio_new_recnum(void);
int tdbio_search_dir_bypk( PKT_public_key *pk, TRUSTREC *rec );
int tdbio_search_dir_byfpr( const byte *fingerprint, size_t fingerlen,
int pubkey_algo, TRUSTREC *rec );
int tdbio_delete_uidrec( ulong dirlid, ulong uidlid );
int tdbio_search_sdir( u32 *keyid, int pubkey_algo, TRUSTREC *rec );
#define buftoulong( p ) ((*(byte*)(p) << 24) | (*((byte*)(p)+1)<< 16) | \

1333
g10/trustdb.c
View File

File diff suppressed because it is too large Load Diff

1
g10/trustdb.h
View File

@ -55,6 +55,7 @@ int get_ownertrust_info( ulong lid );
byte *get_pref_data( ulong lid, const byte *namehash, size_t *ret_n );
int is_algo_in_prefs( ulong lid, int preftype, int algo );
int keyid_from_lid( ulong lid, u32 *keyid );
ulong lid_from_keyblock( KBNODE keyblock );
int query_trust_record( PKT_public_key *pk );
int clear_trust_checked_flag( PKT_public_key *pk );
int insert_trust_record( PKT_public_key *pk );

1
include/memory.h
View File

@ -59,6 +59,7 @@ char *m_strdup( const char * a);
#endif
size_t m_size( const void *a );
void m_print_stats(const char *prefix);
/*-- secmem.c --*/
void secmem_init( size_t npool );

4
mpi/ChangeLog
View File

@ -1,3 +1,7 @@
Thu Oct 8 13:28:17 1998 Werner Koch (wk@isil.d.shuttle.de)
* mpi-mpow.c (mpi_mulpowm): Fixed mem leak (m_free/mpi_free).
Thu Sep 17 18:08:50 1998 Werner Koch (wk@(none))
* hppa1.1/udiv-qrnnd.S: Fix from Steffen Zahn for HPUX 10.20

8
mpi/mpi-div.c
View File

@ -146,8 +146,7 @@ mpi_tdiv_qr( MPI quot, MPI rem, MPI num, MPI den)
* We need space for an extra limb in the remainder, because it's
* up-shifted (normalized) below. */
rsize = nsize + 1;
if( rem->alloced < rsize )
mpi_resize( rem, rsize);
mpi_resize( rem, rsize);
qsize = rsize - dsize; /* qsize cannot be bigger than this. */
if( qsize <= 0 ) {
@ -165,7 +164,7 @@ mpi_tdiv_qr( MPI quot, MPI rem, MPI num, MPI den)
return;
}
if( quot && quot->alloced < qsize )
if( quot )
mpi_resize( quot, qsize);
/* Read pointers here, when reallocation is finished. */
@ -198,7 +197,8 @@ mpi_tdiv_qr( MPI quot, MPI rem, MPI num, MPI den)
/* Make sure QP and NP point to different objects. Otherwise the
* numerator would be gradually overwritten by the quotient limbs. */
if(qp == np) { /* Copy NP object to temporary space. */
np = marker[markidx++] = mpi_alloc_limb_space(nsize,mpi_is_secure(quot));
np = marker[markidx++] = mpi_alloc_limb_space(nsize,
mpi_is_secure(quot));
MPN_COPY(np, qp, nsize);
}
}

3
mpi/mpi-inv.c
View File

@ -260,6 +260,9 @@ mpi_invm( MPI x, MPI a, MPI n )
mpi_free(u3);
mpi_free(v3);
mpi_free(t3);
mpi_free(u);
mpi_free(v);
#endif
}

2
mpi/mpi-mpow.c
View File

@ -111,7 +111,7 @@ mpi_mulpowm( MPI res, MPI *basearray, MPI *exparray, MPI m)
}
/* cleanup */
m_free(tmp);
mpi_free(tmp);
for(i=0; i < (1<<k); i++ )
mpi_free(G[i]);
m_free(G);

1
mpi/mpiutil.c
View File

@ -372,4 +372,3 @@ mpi_swap( MPI a, MPI b)
tmp = *a; *a = *b; *b = tmp;
}

9
po/ChangeLog
View File

@ -1,3 +1,12 @@
Mon Oct 12 09:08:09 1998 Werner Koch (wk@isil.d.shuttle.de)
* it.po: Imported new version.
* de.po: Imported new version.
Sun Oct 11 16:24:27 1998 Werner Koch (wk@isil.d.shuttle.de)
* fr.po: Imported new version
Wed Oct 7 13:12:00 1998 Werner Koch (wk@isil.d.shuttle.de)
* Makefile.in.in: Fixed mkinstalldirs problems

35
po/de.po
View File

@ -1,6 +1,10 @@
msgid ""
msgstr ""
"POT-Creation-Date: 1998-10-07 14:24+0200\n"
"PO-Revision-Date: 1998-10-11 20:10+0200\n"
"Last-Translator: Walter Koch <walterk@mail.dip.de>\n"
"Language-Team: German <de@li.org>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=\n"
"Date: 1998-01-26 22:08:36+0100\n"
"From: Werner Koch <wk@frodo>\n"
@ -61,7 +65,7 @@ msgstr "Falsche Signatur"
#: util/errors.c:62
msgid "Checksum error"
msgstr "Prüfsummen Fehler"
msgstr "Prüfsummen-Fehler"
#: util/errors.c:63
msgid "Bad passphrase"
@ -311,7 +315,7 @@ msgstr "Schl
#: g10/g10.c:169
msgid "sign or edit a key"
msgstr ""
msgstr "Unterschreiben oder Bearbeiten eines Schlüssels"
#: g10/g10.c:170
msgid "generate a revocation certificate"
@ -341,11 +345,11 @@ msgstr "Keine \"Owner trust\" Werte ge
#: g10/g10.c:180
msgid "|[NAMES]|check the trust database"
msgstr ""
msgstr "|[NAMES]|Überprüfen der \"Trust\"-Datenbank"
#: g10/g10.c:181
msgid "fix a corrupted trust database"
msgstr ""
msgstr "Reparieren einer beschädigten \"Trust\"-Datenbank"
#: g10/g10.c:182
msgid "De-Armor a file or stdin"
@ -357,7 +361,7 @@ msgstr "Datei oder stdin in eine ASCII-H
#: g10/g10.c:184
msgid "|algo [files]|print message digests"
msgstr "|algo [files]|Hashwerte der Dateien ausgeben"
msgstr "|algo [files]|Message-Digests für die Dateien ausgeben"
#: g10/g10.c:185
msgid "print all message digests"
@ -471,7 +475,7 @@ msgstr "Fehler beim Erzeugen der \"Passphrase\": %s\n"
#: g10/g10.c:222
#, fuzzy
msgid "|NAME|use message digest algorithm NAME for passphrases"
msgstr "|NAME|Die Hashmethode NAME benutzen"
msgstr "|NAME|Die Hashmethode NAME für die \"Passphrase\" benutzen"
#: g10/g10.c:224
#, fuzzy
@ -2013,7 +2017,7 @@ msgstr "Eine abgetrennte Signatur erzeugen"
#: g10/plaintext.c:215
msgid "Please enter name of data file: "
msgstr ""
msgstr "Bitte geben Sie den Namen der Datendatei ein: "
#: g10/plaintext.c:299
#, c-format
@ -2031,12 +2035,12 @@ msgstr "Ung
#: g10/seckey-cert.c:215
msgid "Warning: Weak key detected - please change passphrase again.\n"
msgstr ""
msgstr "Warnung: Unsicherer Schlüssel entdeckt - bitte die \"Passphrase\" nochmal eingeben.\n"
#: g10/sig-check.c:155
msgid ""
"this is a PGP generated ElGamal key which is NOT secure for signatures!\n"
msgstr ""
msgstr "Dieser durch PGP erzeugte ElGamal-Schlüssel ist für Signaturen NICHT sicher genug!\n"
#: g10/sig-check.c:165
msgid "public key created in future (time warp or clock problem)\n"
@ -2051,12 +2055,12 @@ msgstr "Achtung: Schl
#: g10/trustdb.c:127
msgid "The trust DB is corrupted; please run \"gpgm --fix-trust-db\".\n"
msgstr ""
msgstr "Die \"Trust\"-Datenbank ist beschädigt; verwenden Sie \"gpgm --fix-trust-db\".\n"
#: g10/trustdb.c:406
#, c-format
msgid "chained sigrec %lu has a wrong owner\n"
msgstr ""
msgstr "Verketteter Signatursatz %lu hat einen falschen Besitzer\n"
#: g10/trustdb.c:453
#, c-format
@ -2138,11 +2142,11 @@ msgstr "Keine Hilfe f
#: g10/pubkey-enc.c:78
#, c-format
msgid "anonymous receiver; trying secret key %08lX ...\n"
msgstr ""
msgstr "Ungenannter Empfänger: Versuch mit geheimen Schlüssel %08lX ...\n"
#: g10/pubkey-enc.c:84
msgid "okay, we are the anonymous receiver.\n"
msgstr ""
msgstr "Gut, wir sind der ungenannte Empfänger.\n"
#: g10/pubkey-enc.c:183
#, c-format
@ -2167,15 +2171,18 @@ msgstr "
msgid ""
"Warning: Message was encrypted with a weak key in the symmetric cipher.\n"
msgstr ""
"Warnung: Botschaft wurde mit einem unsicheren Schlüssel verschlüsselt.\n"
#: g10/seskey.c:52
msgid "weak key created - retrying\n"
msgstr ""
msgstr "Unsicherer Schlüssel erzeugt - neuer Versuch\n"
#: g10/seskey.c:57
#, c-format
msgid "cannot avoid weak key for symmetric cipher; tried %d times!\n"
msgstr ""
"Trotz %d-fachen Versuch konnte die Erzeugung eines unsicheren Schlüssel"
"für sym.Verschlüsselung nicht vermieden werden!\n"
#, fuzzy
#~ msgid "error reading sigrec: %s\n"

233
po/fr.po
View File

@ -4,9 +4,9 @@
#
msgid ""
msgstr ""
"Project-Id-Version: gnupg-0.4.0\n"
"POT-Creation-Date: 1998-10-07 14:24+0200\n"
"PO-Revision-Date: 1998-09-17 03:14+0200\n"
"Project-Id-Version: gnupg-0.4.1\n"
"POT-Creation-Date: 1998-10-10 20:37+0200\n"
"PO-Revision-Date: 1998-10-11 00:21+0200\n"
"Last-Translator: Gaël Quéri <gqueri@mail.dotcom.fr>\n"
"Language-Team: French <fr@li.org>\n"
"MIME-Version: 1.0\n"
@ -27,205 +27,183 @@ msgstr "oO"
#: util/errors.c:54
msgid "General error"
msgstr ""
msgstr "Erreur Générale"
#: util/errors.c:55
msgid "Unknown packet type"
msgstr ""
msgstr "Type de paquet inconnu"
#: util/errors.c:56
msgid "Unknown version"
msgstr ""
msgstr "Version inconnue"
#: util/errors.c:57
msgid "Unknown pubkey algorithm"
msgstr ""
msgstr "Algorithme de clé publique inconnu"
#: util/errors.c:58
msgid "Unknown digest algorithm"
msgstr ""
msgstr "Algorithme de hachage inconnu"
#: util/errors.c:59
#, fuzzy
msgid "Bad public key"
msgstr "pas de porte-clés public par défaut\n"
msgstr "Mauvaise clé publique"
#: util/errors.c:60
#, fuzzy
msgid "Bad secret key"
msgstr "lister les clés secrètes"
msgstr "Mauvaise clé secrète"
#: util/errors.c:61
#, fuzzy
msgid "Bad signature"
msgstr "une mauvaise signature\n"
msgstr "Mauvaise signature"
#: util/errors.c:62
msgid "Checksum error"
msgstr ""
msgstr "Erreur de somme de vérification"
#: util/errors.c:63
#, fuzzy
msgid "Bad passphrase"
msgstr "Répétez le mot de passe: "
msgstr "Mauvais mot de passe"
#: util/errors.c:64
#, fuzzy
msgid "Public key not found"
msgstr "clé %08lX: clé publique pas trouvée: %s\n"
msgstr "Clé publique non trouvée"
#: util/errors.c:65
#, fuzzy
msgid "Unknown cipher algorithm"
msgstr "|NOM|utiliser l'algorithme de cryptage NOM"
msgstr "Algorithme de chiffrement inconnu"
#: util/errors.c:66
#, fuzzy
msgid "Can't open the keyring"
msgstr "ne peut écrire le porte-clés\n"
msgstr "Ne peut ouvrir le porte-clés"
#: util/errors.c:67
#, fuzzy
msgid "Invalid packet"
msgstr "valeur invalide\n"
msgstr "Paquet invalide"
#: util/errors.c:68
msgid "Invalid armor"
msgstr ""
msgstr "Armure invalide"
#: util/errors.c:69
#, fuzzy
msgid "No such user id"
msgstr "Pas de tel utilisateur.\n"
msgstr "Pas de tel utilisateur."
#: util/errors.c:70
#, fuzzy
msgid "Secret key not available"
msgstr "La clé secrète est disponible.\n"
msgstr "La clé secrète n'est pas disponible."
#: util/errors.c:71
#, fuzzy
msgid "Wrong secret key used"
msgstr "lister les clés secrètes"
msgstr "Mauvaise clé secrète utilisée"
#: util/errors.c:72
msgid "Not supported"
msgstr ""
msgstr "Non supporté"
#: util/errors.c:73
#, fuzzy
msgid "Bad key"
msgstr "aj.clé"
msgstr "Mauvaise clé"
#: util/errors.c:74
#, fuzzy
msgid "File read error"
msgstr "erreur de lecture: %s\n"
msgstr "Erreur de lecture"
#: util/errors.c:75
msgid "File write error"
msgstr ""
msgstr "Erreur d'écriture"
#: util/errors.c:76
#, fuzzy
msgid "Unknown compress algorithm"
msgstr "|N|utiliser l'algorithme de compression N"
msgstr "Algorithme de compression inconnu"
#: util/errors.c:77
msgid "File open error"
msgstr ""
msgstr "Erreur d'ouverture de fichier"
#: util/errors.c:78
msgid "File create error"
msgstr ""
msgstr "Erreur de création de fichier"
#: util/errors.c:79
#, fuzzy
msgid "Invalid passphrase"
msgstr "Entrez le mot de passe: "
msgstr "Mot de passe invalide"
#: util/errors.c:80
msgid "Unimplemented pubkey algorithm"
msgstr ""
msgstr "Algorithme de clé publique non implémenté"
#: util/errors.c:81
#, fuzzy
msgid "Unimplemented cipher algorithm"
msgstr "l'algorithme de cryptage sélectionné est invalide\n"
msgstr "Algorithme de chiffrement non implémenté"
#: util/errors.c:82
msgid "Unknown signature class"
msgstr ""
msgstr "Classe de signature inconnue"
#: util/errors.c:83
msgid "Trust database error"
msgstr ""
msgstr "Erreur dans la base de confiance"
#: util/errors.c:84
msgid "Bad MPI"
msgstr ""
msgstr "Mauvais MPI"
#: util/errors.c:85
msgid "Resource limit"
msgstr ""
msgstr "Limite de ressources"
#: util/errors.c:86
#, fuzzy
msgid "Invalid keyring"
msgstr "Choix invalide.\n"
msgstr "Porte-clés invalide"
#: util/errors.c:87
msgid "Bad certificate"
msgstr ""
msgstr "Mauvais certificat"
#: util/errors.c:88
#, fuzzy
msgid "Malformed user id"
msgstr "ajouter un utilisateur"
msgstr "Nom d'utilisateur déformé"
#: util/errors.c:89
msgid "File close error"
msgstr ""
msgstr "Erreur de fermeture de fichier"
#: util/errors.c:90
msgid "File rename error"
msgstr ""
msgstr "Erreur pendant le changement de nom du fichier"
#: util/errors.c:91
msgid "File delete error"
msgstr ""
msgstr "Erreur pendant la suppression du fichier"
#: util/errors.c:92
msgid "Unexpected data"
msgstr ""
msgstr "Données inattendues"
#: util/errors.c:93
msgid "Timestamp conflict"
msgstr ""
msgstr "Conflit de dates"
#: util/errors.c:94
#, fuzzy
msgid "Unusable pubkey algorithm"
msgstr "|N|utiliser l'algorithme de compression N"
msgstr "Algorithme de clés publiques inutilisable"
#: util/errors.c:95
#, fuzzy
msgid "File exists"
msgstr "Le fichier '%s' existe. "
msgstr "Le fichier existe"
#: util/errors.c:96
msgid "Weak key"
msgstr ""
msgstr "Mauvaise clé"
#: util/logger.c:177
#, c-format
msgid "Ohhhh jeeee ... this is a bug (%s:%d:%s)\n"
msgstr ""
msgstr "Ouais ... c'est un bug (%s:%d:%s)\n"
#: util/logger.c:183
#, c-format
msgid "you found a bug ... (%s:%d)\n"
msgstr ""
msgstr "vous avez trouvé un bug ... (%s:%d)\n"
#: cipher/rand-dummy.c:112
msgid "warning: using insecure random number generator!!\n"
@ -283,7 +261,7 @@ msgstr "crypter les donn
#: g10/g10.c:154
msgid "encryption only with symmetric cipher"
msgstr "cryptage symétrique seumement"
msgstr "chiffrement symétrique seumement"
#: g10/g10.c:155
msgid "store only"
@ -359,7 +337,7 @@ msgstr "|[NOMS]|v
#: g10/g10.c:181
msgid "fix a corrupted trust database"
msgstr ""
msgstr "réparer une base de confiance corrompue"
#: g10/g10.c:182
msgid "De-Armor a file or stdin"
@ -393,7 +371,7 @@ msgstr "cr
#: g10/g10.c:196
msgid "use this user-id to sign or decrypt"
msgstr "utiliser ce nom d'utilisateur pour signer/décrypter"
msgstr "utiliser ce nom pour signer ou décrypter"
#: g10/g10.c:197
msgid "use this user-id for encryption"
@ -469,28 +447,24 @@ msgid "(default is 3)"
msgstr "(3 par défaut)"
#: g10/g10.c:218
#, fuzzy
msgid "|FILE|load extension module FILE"
msgstr "|fich|charger un module d'extension"
msgstr "|FICH|charger le module d'extension FICH"
#: g10/g10.c:219
msgid "emulate the mode described in RFC1991"
msgstr "émuler le mode décrit dans la RFC1991"
#: g10/g10.c:220
#, fuzzy
msgid "|N|use passphrase mode N"
msgstr "Entrez le mot de passe: "
msgstr "|N|utiliser le mode de mots de passe N"
#: g10/g10.c:222
#, fuzzy
msgid "|NAME|use message digest algorithm NAME for passphrases"
msgstr "|NOM|utiliser la fonction de hachage NOM"
msgstr "|NOM|utiliser le hachage NOM pour les mots de passe"
#: g10/g10.c:224
#, fuzzy
msgid "|NAME|use cipher algorithm NAME for passphrases"
msgstr "|NOM|utiliser l'algorithme de cryptage NOM"
msgstr "|NOM|utiliser le cryptage NOM pour les mots de passe"
#: g10/g10.c:226
msgid "|NAME|use cipher algorithm NAME"
@ -506,10 +480,9 @@ msgstr "|N|utiliser l'algorithme de compression N"
#: g10/g10.c:229
msgid "throw keyid field of encrypted packets"
msgstr "enlever l'idendification de la clé des paquets cryptés"
msgstr "enlever l'identification des paquets cryptés"
#: g10/g10.c:237
#, fuzzy
msgid ""
"@\n"
"Examples:\n"
@ -617,11 +590,11 @@ msgstr "le nombre de singatures marginales minimal doit
#: g10/g10.c:796
msgid "note: simple S2K mode (0) is strongly discouraged\n"
msgstr ""
msgstr "note: le mode S2K simple (0) est fortement déconseillé\n"
#: g10/g10.c:800
msgid "invalid S2K mode; must be 0, 1 or 3\n"
msgstr ""
msgstr "mode S2K invalide; doit être 0, 1 ou 3\n"
#: g10/g10.c:876
#, c-format
@ -711,63 +684,61 @@ msgstr ""
#: g10/armor.c:335 g10/armor.c:375
msgid "armor header: "
msgstr ""
msgstr "entête d'armure: "
#: g10/armor.c:340
#, fuzzy
msgid "invalid clearsig header\n"
msgstr "Caractère invalide dans le nom\n"
msgstr "entête de signature claire invalide\n"
#: g10/armor.c:366
msgid "invalid armor header: "
msgstr ""
msgstr "entête d'armure invalide: "
#: g10/armor.c:440
#, fuzzy, c-format
#, c-format
msgid "armor: %s\n"
msgstr "erreur de lecture: %s\n"
msgstr "armure: %s\n"
#: g10/armor.c:484
msgid "invalid dash escaped line: "
msgstr ""
msgstr "ligne d'échappement invalide: "
#: g10/armor.c:553
msgid "invalid clear text header: "
msgstr ""
msgstr "entête de texte clair invalide: "
#: g10/armor.c:783
#, fuzzy, c-format
msgid "invalid radix64 character %02x skipped\n"
msgstr "Caractère invalide dans le nom\n"
msgstr "caractère %02x invalide en base 64 sauté\n"
#: g10/armor.c:816
msgid "premature eof (no CRC)\n"
msgstr ""
msgstr "fin de fichier prématurée (pas de CRC)\n"
#: g10/armor.c:835
msgid "premature eof (in CRC)\n"
msgstr ""
msgstr "fin de fichier prématurée (dans le CRC)\n"
#: g10/armor.c:839
msgid "malformed CRC\n"
msgstr ""
msgstr "CRC malformé\n"
#: g10/armor.c:843
#, c-format
msgid "CRC error; %06lx - %06lx\n"
msgstr ""
msgstr "Erreur de CRC; 06lx - %06lx\n"
#: g10/armor.c:862
msgid "premature eof (in Trailer)\n"
msgstr ""
msgstr "fin de fichier prématurée (dans la remorque)\n"
#: g10/armor.c:866
msgid "error in trailer line\n"
msgstr ""
msgstr "erreur dans la ligne de remorque\n"
#: g10/armor.c:1120
msgid "no valid RFC1991 or OpenPGP data found.\n"
msgstr ""
msgstr "pas de donnée RFC1991 ou OpenPGP valide trouvée.\n"
#: g10/pkclist.c:71
#, c-format
@ -775,7 +746,7 @@ msgid ""
"No owner trust defined for %lu:\n"
"%4u%c/%08lX %s \""
msgstr ""
"Pas de possesseur de confiance défini pour %lu:\n"
"Pas de confiance définie pour %lu:\n"
"%4u%c/%08lX %s"
#: g10/pkclist.c:81
@ -790,8 +761,8 @@ msgid ""
" 4 = I trust fully\n"
" s = please show me more information\n"
msgstr ""
"Décidez combien vous avez confiance en cet utilisateur pour vérifier\n"
"correctement les clés des autres utilisateurs (en cherchant des passeports,\n"
"Décidez à quel point vous avez confiance en cet utilisateur pour vérifier\n"
"correctement les clés des autres utilisateurs (en regardant des passeports,\n"
"en vérifiant les empreintes de diverses sources...)?\n"
"\n"
" 1 = Je ne sais pas\n"
@ -1316,7 +1287,8 @@ msgstr "%s crypt
#: g10/getkey.c:884
#, c-format
msgid "using secondary key %08lX instead of primary key %08lX\n"
msgstr ""
msgstr "utilisation de la clé secondaire %08lX à la place de la clé\n"
"principale %08lX\n"
#: g10/import.c:105 g10/trustdb.c:1389
#, c-format
@ -1442,9 +1414,9 @@ msgid "can't lock secret keyring: %s\n"
msgstr "ne peut verrouiller le porte-clés secret: %s\n"
#: g10/import.c:466
#, fuzzy, c-format
#, c-format
msgid "can't write keyring: %s\n"
msgstr "ne peut écrire sur le porte-clés: %s\n"
msgstr "ne peut écrire le porte-clés: %s\n"
#. we are ready
#: g10/import.c:469
@ -1467,7 +1439,7 @@ msgstr "cl
#, c-format
msgid "key %08lX: no public key - can't apply revocation certificate\n"
msgstr ""
"clé %08lX: pas de clé publique - ne peut appliquer le certificat de "
"clé %08lX: pas de clé publique - ne peut appliquer le certificat de\n"
"révocation\n"
#: g10/import.c:538
@ -1666,7 +1638,7 @@ msgstr "montrer cette aide"
# g10/keyedit.c:556 ???
#: g10/keyedit.c:455
msgid "fpr"
msgstr ""
msgstr "fpr"
#: g10/keyedit.c:455
msgid "show fingerprint"
@ -1686,7 +1658,7 @@ msgstr "l"
#: g10/keyedit.c:458
msgid "uid"
msgstr ""
msgstr "uid"
#: g10/keyedit.c:458
msgid "select user id N"
@ -1710,7 +1682,7 @@ msgstr "lister les signatures"
#: g10/keyedit.c:461
msgid "c"
msgstr ""
msgstr "c"
#: g10/keyedit.c:462
msgid "sign"
@ -1722,7 +1694,7 @@ msgstr "signer la cl
#: g10/keyedit.c:463
msgid "s"
msgstr ""
msgstr "s"
#: g10/keyedit.c:464
msgid "debug"
@ -1770,11 +1742,11 @@ msgstr "passer de la liste des cl
#: g10/keyedit.c:471
msgid "t"
msgstr ""
msgstr "t"
#: g10/keyedit.c:472
msgid "pref"
msgstr ""
msgstr "préf"
#: g10/keyedit.c:472
msgid "list preferences"
@ -1849,9 +1821,9 @@ msgid "Key not changed so no update needed.\n"
msgstr "La clé n'a pas changé donc la mise à jour est inutile.\n"
#: g10/keyedit.c:606 g10/keyedit.c:664
#, fuzzy, c-format
#, c-format
msgid "update of trust db failed: %s\n"
msgstr "la mise à jour de la clé secrète a échoué: %s\n"
msgstr "la mise à jour de la base de confiance a échoué: %s\n"
#: g10/keyedit.c:637
msgid "keyedit.sign_all.okay"
@ -1903,7 +1875,7 @@ msgstr "Voulez-vous vraiment supprimer cette cl
#: g10/keyedit.c:746
msgid "Invalid command (try \"help\")\n"
msgstr "Commande invalide (essayez \"aide\")\n"
msgstr "Commande invalide (essayez \"help\")\n"
#: g10/keyedit.c:1129
#, c-format
@ -1927,7 +1899,7 @@ msgstr "le d
#: g10/mainproc.c:247
msgid "note: sender requested \"for-your-eyes-only\"\n"
msgstr ""
msgstr "note: l'expéditeur a demandé \"pour vos yeux seulement\"\n"
#: g10/mainproc.c:846
#, c-format
@ -1983,7 +1955,8 @@ msgstr "R
#: g10/plaintext.c:102
msgid "data not saved; use option \"--output\" to save it\n"
msgstr ""
msgstr "données non enregistrées; utilisez l'option \"--output\" pour\n"
"les enregistrer\n"
#: g10/plaintext.c:214
msgid "detached_signature.filename"
@ -2015,19 +1988,22 @@ msgstr "Attention: Mauvaise cl
msgid ""
"this is a PGP generated ElGamal key which is NOT secure for signatures!\n"
msgstr ""
"Cela est une clé ElGamal générée par PGP qui n'est PAS sûre pour les\n"
"signatures!\n"
#: g10/sig-check.c:165
msgid "public key created in future (time warp or clock problem)\n"
msgstr "clé publique créée dans le futur (problème d'horloge)\n"
msgstr "clé publique créée dans le futur (voyage dans le temps ou problème\n"
"d'horloge)\n"
#: g10/sig-check.c:171
#, c-format
msgid "warning: signature key expired %s\n"
msgstr "attention: la clé de signatute a expiré le %s\n"
msgstr "attention: la clé de signature a expiré le %s\n"
#: g10/trustdb.c:127
msgid "The trust DB is corrupted; please run \"gpgm --fix-trust-db\".\n"
msgstr ""
msgstr "La base de confiance est corrompue; exécutez \"gpgm --fix-trust-db\".\n"
#: g10/trustdb.c:406
#, c-format
@ -2065,14 +2041,14 @@ msgid "enum_secret_keys failed: %s\n"
msgstr "enum_secret_keys a échoué: %s\n"
#: g10/trustdb.c:964
#, fuzzy, c-format
#, c-format
msgid "key %08lX.%lu, uid %02X%02X: no public key for signature %08lX\n"
msgstr "clé %08lX: pas d'utilisateur pour la signature\n"
msgstr "clé %08lX.%lu, uid %02X%02X: pas de clé publique pour la signature %08lX\n"
#: g10/trustdb.c:971
#, fuzzy, c-format
#, c-format
msgid "key %08lX.%lu, uid %02X%02X: invalid %ssignature: %s\n"
msgstr "clé %08lX: auto-signature invalide\n"
msgstr "clé %08lXi.%lu, uid %02X%02X: %ssignature invalide: %s\n"
#: g10/trustdb.c:1658
#, c-format
@ -2154,6 +2130,3 @@ msgid "cannot avoid weak key for symmetric cipher; tried %d times!\n"
msgstr ""
"ne peut éviter une mauvaise clé pour le chiffrement symétrique: \n"
"%d essais ont eu lieu!\n"
#~ msgid "error reading sigrec: %s\n"
#~ msgstr "erreur pendant la lecture de l'enregistrement de signature: %s\n"

196
po/it.po
View File

@ -5,8 +5,8 @@
msgid ""
msgstr ""
"Project-Id-Version: gnupg-0.4.0\n"
"POT-Creation-Date: 1998-10-07 14:24+0200\n"
"PO-Revision-Date: 1998-09-20 16:15+02:00\n"
"POT-Creation-Date: 1998-10-11 12:08+0200\n"
"PO-Revision-Date: 1998-10-11 12:34+02:00\n"
"Last-Translator: Marco d'Itri <md@linux.it>\n"
"Language-Team: Italian <it@li.org>\n"
"MIME-Version: 1.0\n"
@ -27,204 +27,185 @@ msgstr "sS"
#: util/errors.c:54
msgid "General error"
msgstr ""
msgstr "Errore generale"
#: util/errors.c:55
msgid "Unknown packet type"
msgstr ""
msgstr "Tipo del pacchetto sconosciuto"
#: util/errors.c:56
msgid "Unknown version"
msgstr ""
msgstr "Versione sconosciuta"
#: util/errors.c:57
msgid "Unknown pubkey algorithm"
msgstr ""
msgstr "Algoritmo della chiave pubblica sconosciuto"
#: util/errors.c:58
msgid "Unknown digest algorithm"
msgstr ""
msgstr "Algoritmo del digest sconosciuto"
#: util/errors.c:59
#, fuzzy
msgid "Bad public key"
msgstr "nessun portachiavi pubblico predefinito\n"
msgstr "Chiave pubblica errata o danneggiata"
#: util/errors.c:60
#, fuzzy
msgid "Bad secret key"
msgstr "elenca le chiavi segrete"
msgstr "Chiave segreta errata o danneggiata"
#: util/errors.c:61
#, fuzzy
msgid "Bad signature"
msgstr "una firma non corretta\n"
msgstr "Firma errata o danneggiata"
#: util/errors.c:62
msgid "Checksum error"
msgstr ""
msgstr "Checksum errato"
#: util/errors.c:63
#, fuzzy
msgid "Bad passphrase"
msgstr "Ripeti la passphrase: "
msgstr "Passphrase errata"
#: util/errors.c:64
#, fuzzy
msgid "Public key not found"
msgstr "chiave %08lX: chiave pubblica non trovata: %s\n"
msgstr "Chiave pubblica non trovata"
#: util/errors.c:65
#, fuzzy
msgid "Unknown cipher algorithm"
msgstr "|NAME|usa l'algoritmo di cifratura NOME"
msgstr "Algoritmo di cifratura sconosciuto"
#: util/errors.c:66
#, fuzzy
msgid "Can't open the keyring"
msgstr "impossibile scrivere il portachiavi\n"
msgstr "Impossibile aprire il portachiavi"
#: util/errors.c:67
#, fuzzy
msgid "Invalid packet"
msgstr "valore non valido\n"
msgstr "Pacchetto non valido"
#: util/errors.c:68
msgid "Invalid armor"
msgstr ""
msgstr "Armatura non valida"
#: util/errors.c:69
#, fuzzy
msgid "No such user id"
msgstr "User ID inesistente.\n"
msgstr "User id inesistente"
#: util/errors.c:70
#, fuzzy
msgid "Secret key not available"
msgstr "È disponibile una chiave segreta.\n"
msgstr "La chiave segreta non è disponibile."
#: util/errors.c:71
#, fuzzy
msgid "Wrong secret key used"
msgstr "elenca le chiavi segrete"
msgstr "È stata usata la chiave segreta sbagliata"
#: util/errors.c:72
msgid "Not supported"
msgstr ""
msgstr "Non gestito"
#: util/errors.c:73
msgid "Bad key"
msgstr ""
msgstr "Chiave danneggiata"
#: util/errors.c:74
#, fuzzy
msgid "File read error"
msgstr "errore di lettura: %s\n"
msgstr "Errore durante la lettura del file"
#: util/errors.c:75
msgid "File write error"
msgstr ""
msgstr "Errore durante la scrittura del file"
#: util/errors.c:76
#, fuzzy
msgid "Unknown compress algorithm"
msgstr "|N|usa l'algoritmo di compressione N"
msgstr "Algoritmo di compressione sconosciuto"
#: util/errors.c:77
msgid "File open error"
msgstr ""
msgstr "Errore durante l'apertura del file"
#: util/errors.c:78
msgid "File create error"
msgstr ""
msgstr "Errore durante la creazione del file"
#: util/errors.c:79
#, fuzzy
msgid "Invalid passphrase"
msgstr "Inserisci la passphrase: "
msgstr "Passphrase non valida"
#: util/errors.c:80
msgid "Unimplemented pubkey algorithm"
msgstr ""
msgstr "Algoritmo della chiave pubblica non implementato"
#: util/errors.c:81
#, fuzzy
msgid "Unimplemented cipher algorithm"
msgstr "l'algoritmo di cifratura selezionato non è valido\n"
msgstr "Algoritmo di cifratura non implementato"
#: util/errors.c:82
msgid "Unknown signature class"
msgstr ""
msgstr "Classe della firma sconosciuta."
#: util/errors.c:83
msgid "Trust database error"
msgstr ""
msgstr "Errore nel database della fiducia"
#: util/errors.c:84
msgid "Bad MPI"
msgstr ""
msgstr "MPI danneggiato"
#: util/errors.c:85
msgid "Resource limit"
msgstr ""
msgstr "Limite della risorsa"
#: util/errors.c:86
#, fuzzy
msgid "Invalid keyring"
msgstr "Scelta non valida.\n"
msgstr "Portachiavi non valido"
#: util/errors.c:87
msgid "Bad certificate"
msgstr ""
msgstr "Certificato danneggiato"
#: util/errors.c:88
#, fuzzy
msgid "Malformed user id"
msgstr "aggiungi un user id"
msgstr "User id malformato"
#: util/errors.c:89
msgid "File close error"
msgstr ""
msgstr "Errore durante la chiusura del file"
#: util/errors.c:90
msgid "File rename error"
msgstr ""
msgstr "Errore durante la rinominazione del file"
#: util/errors.c:91
msgid "File delete error"
msgstr ""
msgstr "Errore durante la cancellazione del file"
#: util/errors.c:92
msgid "Unexpected data"
msgstr ""
msgstr "Dati inaspettati"
#: util/errors.c:93
msgid "Timestamp conflict"
msgstr ""
msgstr "Date in conflitto"
#: util/errors.c:94
#, fuzzy
msgid "Unusable pubkey algorithm"
msgstr "|N|usa l'algoritmo di compressione N"
msgstr "Algoritmo della chiave pubblica non utilizzabile"
#: util/errors.c:95
#, fuzzy
msgid "File exists"
msgstr "Il file '%s' esiste. "
msgstr "Il file esiste"
#: util/errors.c:96
msgid "Weak key"
msgstr ""
msgstr "Chiave debole"
#: util/logger.c:177
#, c-format
msgid "Ohhhh jeeee ... this is a bug (%s:%d:%s)\n"
msgstr ""
msgstr "Ohhh... questo è un bug (%s:%d:%s)\n"
#: util/logger.c:183
#, c-format
msgid "you found a bug ... (%s:%d)\n"
msgstr ""
msgstr "Hai trovato un bug... (%s:%d)\n"
#: cipher/rand-dummy.c:112
msgid "warning: using insecure random number generator!!\n"
@ -356,7 +337,7 @@ msgstr "|[NAMES]|controlla il TrustDB"
#: g10/g10.c:181
msgid "fix a corrupted trust database"
msgstr ""
msgstr "ripara un database della fiducia rovinato"
#: g10/g10.c:182
msgid "De-Armor a file or stdin"
@ -466,28 +447,24 @@ msgid "(default is 3)"
msgstr "(predefinito è 3)"
#: g10/g10.c:218
#, fuzzy
msgid "|FILE|load extension module FILE"
msgstr "|file|carica un modulo di estensione"
msgstr "|FILE|carica il modulo di estensione FILE"
#: g10/g10.c:219
msgid "emulate the mode described in RFC1991"
msgstr "emula il modo descritto nel RFC1991"
#: g10/g10.c:220
#, fuzzy
msgid "|N|use passphrase mode N"
msgstr "Inserisci la passphrase: "
msgstr "|N|usa il modo N per la passphrase"
#: g10/g10.c:222
#, fuzzy
msgid "|NAME|use message digest algorithm NAME for passphrases"
msgstr "|NAME|usa l'algoritmo di message digest NOME"
#: g10/g10.c:224
#, fuzzy
msgid "|NAME|use cipher algorithm NAME for passphrases"
msgstr "|NAME|usa l'algoritmo di cifratura NOME"
msgstr "|NAME|usa l'algoritmo di cifratura NOME per le passphrase"
#: g10/g10.c:226
msgid "|NAME|use cipher algorithm NAME"
@ -506,7 +483,6 @@ msgid "throw keyid field of encrypted packets"
msgstr "elimina il campo keyid dei pacchetti crittografati"
#: g10/g10.c:237
#, fuzzy
msgid ""
"@\n"
"Examples:\n"
@ -523,8 +499,8 @@ msgstr ""
" -se -r Bob [file] firma e cifra per l'utente Bob\n"
" --clearsign [file] fai una firma mantenendo il testo in chiaro\n"
" --detach-sign [file] fai una firma separata\n"
" --list-keys [names] mostra le chiavi\n"
" --fingerprint [names] mostra le impronte digitali\n"
" --list-keys [nomi] mostra le chiavi\n"
" --fingerprint [nomi] mostra le impronte digitali\n"
#: g10/g10.c:312
msgid "Please report bugs to <gnupg-bugs@gnu.org>.\n"
@ -614,11 +590,11 @@ msgstr "marginals-needed deve essere maggiore di 1\n"
#: g10/g10.c:796
msgid "note: simple S2K mode (0) is strongly discouraged\n"
msgstr ""
msgstr "nota: il modo S2K semplice (0) è fortemente scoraggiato\n"
#: g10/g10.c:800
msgid "invalid S2K mode; must be 0, 1 or 3\n"
msgstr ""
msgstr "modo S2K non valido; deve essere 0, 1 o 3\n"
#: g10/g10.c:876
#, c-format
@ -708,63 +684,62 @@ msgstr ""
#: g10/armor.c:335 g10/armor.c:375
msgid "armor header: "
msgstr ""
msgstr "header dell'armatura: "
#: g10/armor.c:340
#, fuzzy
msgid "invalid clearsig header\n"
msgstr "Carattere non valido nel nome\n"
msgstr "header della firma in chiaro non valido\n"
#: g10/armor.c:366
msgid "invalid armor header: "
msgstr ""
msgstr "header dell'armatura non valido: "
#: g10/armor.c:440
#, fuzzy, c-format
#, c-format
msgid "armor: %s\n"
msgstr "errore di lettura: %s\n"
msgstr "armatura: %s\n"
#: g10/armor.c:484
msgid "invalid dash escaped line: "
msgstr ""
msgstr "riga protetta con il trattino non valida: "
#: g10/armor.c:553
msgid "invalid clear text header: "
msgstr ""
msgstr "header del testo in chiaro non valido: "
#: g10/armor.c:783
#, fuzzy, c-format
#, c-format
msgid "invalid radix64 character %02x skipped\n"
msgstr "Carattere non valido nel nome\n"
msgstr "Carattere radix64 non valido %02x saltato\n"
#: g10/armor.c:816
msgid "premature eof (no CRC)\n"
msgstr ""
msgstr "eof prematura (nessun CRC)\n"
#: g10/armor.c:835
msgid "premature eof (in CRC)\n"
msgstr ""
msgstr "eof prematura (nel CRC)\n"
#: g10/armor.c:839
msgid "malformed CRC\n"
msgstr ""
msgstr "CRC malformato\n"
#: g10/armor.c:843
#, c-format
msgid "CRC error; %06lx - %06lx\n"
msgstr ""
msgstr "errore nel CRC; %06lx - %06lx\n"
#: g10/armor.c:862
msgid "premature eof (in Trailer)\n"
msgstr ""
msgstr "eof prematura (nella coda)\n"
#: g10/armor.c:866
msgid "error in trailer line\n"
msgstr ""
msgstr "errore nella riga della coda\n"
#: g10/armor.c:1120
msgid "no valid RFC1991 or OpenPGP data found.\n"
msgstr ""
msgstr "Non sono stati trovati dati RFC1991 o OpenPGP validi.\n"
#: g10/pkclist.c:71
#, c-format
@ -1302,7 +1277,7 @@ msgstr "%s crittografato per: %s\n"
#: g10/getkey.c:884
#, c-format
msgid "using secondary key %08lX instead of primary key %08lX\n"
msgstr ""
msgstr "uso la chiave secondaria %08lX invece della chiave primaria %08lX\n"
#: g10/import.c:105 g10/trustdb.c:1389
#, c-format
@ -1428,9 +1403,9 @@ msgid "can't lock secret keyring: %s\n"
msgstr "impossibile bloccare il portachiavi segreto: %s\n"
#: g10/import.c:466
#, fuzzy, c-format
#, c-format
msgid "can't write keyring: %s\n"
msgstr "impossibile scrivere sul portachiavi pubblico: %s\n"
msgstr "impossibile scrivere il portachiavi: %s\n"
#. we are ready
#: g10/import.c:469
@ -1833,9 +1808,9 @@ msgid "Key not changed so no update needed.\n"
msgstr "La chiave non è cambiata quindi non sono necessari aggiornamenti.\n"
#: g10/keyedit.c:606 g10/keyedit.c:664
#, fuzzy, c-format
#, c-format
msgid "update of trust db failed: %s\n"
msgstr "aggiornamento della chiave segreta fallito: %s\n"
msgstr "aggiornamento del trustdb fallito: %s\n"
#: g10/keyedit.c:637
msgid "keyedit.sign_all.okay"
@ -1911,7 +1886,7 @@ msgstr "decifratura fallita: %s\n"
#: g10/mainproc.c:247
msgid "note: sender requested \"for-your-eyes-only\"\n"
msgstr ""
msgstr "nota: il mittente ha richiesto \"solo-per-i-tuoi-occhi\"\n"
#: g10/mainproc.c:846
#, c-format
@ -1964,7 +1939,7 @@ msgstr "Ripeti la passphrase: "
#: g10/plaintext.c:102
msgid "data not saved; use option \"--output\" to save it\n"
msgstr ""
msgstr "i dati non sono stati salvati; usa l'opzione \"--output\" per salvarli\n"
#: g10/plaintext.c:214
msgid "detached_signature.filename"
@ -1997,7 +1972,7 @@ msgstr ""
#: g10/sig-check.c:155
msgid ""
"this is a PGP generated ElGamal key which is NOT secure for signatures!\n"
msgstr ""
msgstr "questa è una chiave ElGamal generata da PGP che NON è sicura per le firme!\n"
#: g10/sig-check.c:165
msgid "public key created in future (time warp or clock problem)\n"
@ -2012,7 +1987,7 @@ msgstr "attenzione: firma della chiave scaduta il %s\n"
#: g10/trustdb.c:127
msgid "The trust DB is corrupted; please run \"gpgm --fix-trust-db\".\n"
msgstr ""
msgstr "Il trustdb è rovinato; per favore esegui \"gpgm --fix-trust-db\".\n"
#: g10/trustdb.c:406
#, c-format
@ -2050,14 +2025,14 @@ msgid "enum_secret_keys failed: %s\n"
msgstr "enum_secret_keys fallito: %s\n"
#: g10/trustdb.c:964
#, fuzzy, c-format
#, c-format
msgid "key %08lX.%lu, uid %02X%02X: no public key for signature %08lX\n"
msgstr "chiave %08lX: nessun user id per la firma\n"
msgstr "chiave %08lX.%lu: uid %02X%02X: nessuna chiave pubblica per la firma %08lX\n"
#: g10/trustdb.c:971
#, fuzzy, c-format
#, c-format
msgid "key %08lX.%lu, uid %02X%02X: invalid %ssignature: %s\n"
msgstr "chiave %08lX: autofirma non valida\n"
msgstr "chiave %08lX.%lu, uid %02X%02X: firma %s non valida: %s\n"
#: g10/trustdb.c:1658
#, c-format
@ -2140,6 +2115,3 @@ msgid "cannot avoid weak key for symmetric cipher; tried %d times!\n"
msgstr ""
"Impossibile evitare una chiave debole per il cifrario simmetrico;\n"
"ho provato %d volte!\n"
#~ msgid "error reading sigrec: %s\n"
#~ msgstr "errore leggendo la sigrec: %s\n"

25
scripts/gnupg.spec
View File

@ -26,14 +26,12 @@ tar -xvzf $RPM_SOURCE_DIR/gnupg-@pkg_version@.tar.gz
%build
cd gnupg-@pkg_version@
chown -R root.root *
./configure
./configure --prefix=/usr
make
%install
cd gnupg-@pkg_version@
make install
chmod +s /usr/local/bin/gpg
chmod +s /usr/local/bin/gpgm
%files
%doc gnupg-@pkg_version@/doc/DETAILS
@ -47,13 +45,16 @@ chmod +s /usr/local/bin/gpgm
%doc gnupg-@pkg_version@/README
%doc gnupg-@pkg_version@/THANKS
%doc gnupg-@pkg_version@/TODO
/usr/local/man/man1/gpg.1
/usr/local/bin/gpg
/usr/local/bin/gpgm
/usr/local/share/locale/en/LC_MESSAGES/gnupg.mo
/usr/local/share/locale/de/LC_MESSAGES/gnupg.mo
/usr/local/share/locale/it/LC_MESSAGES/gnupg.mo
/usr/local/share/locale/fr/LC_MESSAGES/gnupg.mo
/usr/local/lib/gnupg/tiger
/usr/local/lib/gnupg/twofish
/usr/man/man1/gpg.1
/usr/bin/gpg
/usr/bin/gpgm
/usr/share/locale/en/LC_MESSAGES/gnupg.mo
/usr/share/locale/de/LC_MESSAGES/gnupg.mo
/usr/share/locale/it/LC_MESSAGES/gnupg.mo
/usr/share/locale/fr/LC_MESSAGES/gnupg.mo
/usr/lib/gnupg/tiger
/usr/lib/gnupg/twofish
%attr (4755,root,root) /usr/bin/gpg
%attr (4755,root,root) /usr/bin/gpgm

4
util/ChangeLog
View File

@ -1,3 +1,7 @@
Wed Oct 7 19:27:50 1998 Werner Koch (wk@isil.d.shuttle.de)
* memory.c (m_print_stats): New.
Tue Oct 6 09:53:56 1998 Werner Koch (wk@isil.d.shuttle.de)
* strgutil.c (memicmp): Add HAVE_MEMICMP.

3
util/Makefile.am
View File

@ -6,7 +6,8 @@ noinst_LIBRARIES = libutil.a
libutil_a_SOURCES = g10u.c logger.c fileutil.c miscutil.c strgutil.c \
ttyio.c argparse.c memory.c secmem.c errors.c iobuf.c
ttyio.c argparse.c memory.c secmem.c errors.c iobuf.c \
dotlock.c

178
util/dotlock.c Normal file
View File

@ -0,0 +1,178 @@
/* dotlock.c - dotfile locking
* Copyright (C) 1998 Free Software Foundation, Inc.
*
* This file is part of GNUPG.
*
* GNUPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GNUPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#include <config.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <ctype.h>
#include "types.h"
#include "util.h"
#include "memory.h"
#if 0
/****************
* Create a lockfile with the given name. A TIMEOUT of 0
* returns immediately, -1 waits forever (hopefully not), other
* values are timeouts in milliseconds.
* Returns: a char pointer used as handle for reelase lock
* or NULL in case of an error.
*
* Notes: This function creates a lock file in the same directory
* as file_to_lock with the name "file_to_lock.lock"
* A temporary file ".#lk.<pid>.<hostname> is used.
* This function does nothing for Windoze.
*/
int
make_dotlock( const char *file_to_lock, long timeout )
{
int rc=-1, fd=-1, pid;
char pidstr[16];
char *tname = NULL;
char *p;
log_debug("dotlock_make: lock='%s'\n", lockfile );
sprintf( pidstr, "%10d\n", getpid() );
/* add the hostname to the second line (FQDN or IP addr?) */
/* create a temporary file */
tname = CreateTmpFile2( p, ".#lk" );
free(p);
if( !tname )
log_fatal( "could not create temporary lock file '%s'\n");
log_debug( "dotlock_make: tmpname='%s'\n", tname );
chmod( tname, 0644 ); /* just in case an "umask" is set */
if( !(fd = open( tname, O_WRONLY )) )
log_fatal( "could not open temporary lock file '%s'\n", tname);
if( write(fd, pidstr, 11 ) != 11 )
log_fatal( "error writing to temporary lock file '%s'\n", tname);
if( close(fd) ) {
log_fatal( "error closing '%s'\n", tname);
retry:
if( !link(tname, lockfile) )
rc = 0; /* okay */
else if( errno != EEXIST )
log_error( "lock not made: link() failed: %s\n", strerror(errno) );
else { /* lock file already there */
if( (pid = read_lockfile(lockfile)) == -1 ) {
if( errno == ENOENT ) {
log_debug( "lockfile disappeared\n");
goto retry;
}
log_debug("cannot read lockfile\n");
}
else if( pid == getpid() ) {
log_info( "Oops: lock already hold by us\n");
rc = 0; /* okay */
}
else if( kill(pid, 0) && errno == ESRCH ) {
log_info( "removing stale lockfile (created by %d)", (int)pid );
remove( lockfile );
goto retry;
}
log_debug( "lock not made: lock file exists\n" );
}
if( tname ) {
remove(tname);
free(tname);
}
if( !rc )
log_debug( "lock made\n");
return rc;
}
/****************
* Create a lockfile for a existing file
* Returns: a char pointer used as handle for release lock
* or NULL in case of an error.
*
* Notes: This function creates a lock file in the same directory
* as file_to_lock with the name "lock.<inode-no>"
*
* int
* make_inodelock( const char *file_to_lock )
*
*/
/****************
* release a lock
* Returns: 0 := success
*/
int
release_dotlock( const char *lockfile )
{
int pid = ReadLockfile( lockfile );
if( pid == -1 ) {
Log_printf( LERROR, "ReleaseLock: lockfile error");
return -1;
}
if( pid != getpid() ) {
Log_printf( LERROR, "ReleaseLock: not our lock (pid=%d)", pid);
return -1;
}
if( remove(lockfile) ) {
Log_printf( LERROR, "ReleaseLock: error removing lockfile '%s'",
lockfile);
return -1;
}
Log_printf( LMESG, "ReleaseLock: released lockfile '%s'", lockfile);
return 0;
}
/****************
* Read the lock file and return the pid, returns -1 on error.
*/
static int
read_lockfile( const char *name )
{
int fd, pid;
char pidstr[16];
if( (fd = open(name, O_RDONLY)) == -1 ) {
int e = errno;
Log_printf(LJUNK, "error opening lockfile '%s'", name );
errno = e; /* restore errno */
return -1;
}
if( read(fd, pidstr, 10 ) != 10 ) {
Log_printf(LNOISE, "error reading lockfile '%s'", name );
close(fd);
errno = 0;
return -1;
}
close(fd);
pid = atoi(pidstr);
if( !pid || pid == -1 ) {
Log_printf(LERROR, "invalid pid %d in lockfile '%s'", pid, name );
errno = 0;
return -1;
}
return pid;
}
#endif

44
util/memory.c
View File

@ -80,6 +80,10 @@ const void membug( const char *fmt, ... );
#endif
#ifdef M_GUARD
static long used_memory;
#endif
#ifdef M_DEBUG /* stuff used for memory debuging */
struct info_entry {
@ -302,6 +306,7 @@ dump_table( void)
sum, chunks );
}
static void
check_allmem( const char *info )
{
@ -333,6 +338,40 @@ membug( const char *fmt, ... )
}
void
m_print_stats( const char *prefix )
{
#ifdef M_DEBUG
unsigned n;
struct memtbl_entry *e;
ulong sum = 0, chunks =0;
for( e = memtbl, n = 0; n < memtbl_len; n++, e++ ) {
if(e->inuse) {
sum += e->user_n;
chunks++;
}
}
log_debug( "%s%smemstat: %8lu bytes in %ld chunks used\n",
prefix? prefix:"", prefix? ": ":"", sum, chunks );
#elif defined(M_GUARD)
log_debug( "%s%smemstat: %8ld bytes\n",
prefix? prefix:"", prefix? ": ":"", used_memory );
#endif
}
void
m_dump_table( const char *prefix )
{
#if M_DEBUG
fprintf(stderr,"Memory-Table-Dump: %s\n", prefix);
dump_table();
#endif
m_print_stats( prefix );
}
static void
out_of_core(size_t n, int secure)
{
@ -354,6 +393,7 @@ FNAME(alloc)( size_t n FNAMEPRT )
if( !(p = malloc( n + EXTRA_ALIGN+5 )) )
out_of_core(n,0);
store_len(p,n,0);
used_memory += n;
p[4+EXTRA_ALIGN+n] = MAGIC_END_BYTE;
return p+EXTRA_ALIGN+4;
#else
@ -457,8 +497,10 @@ FNAME(free)( void *a FNAMEPRT )
m_check(p);
if( m_is_secure(a) )
secmem_free(p-EXTRA_ALIGN-4);
else
else {
used_memory -= m_size(a);
free(p-EXTRA_ALIGN-4);
}
#else
if( m_is_secure(a) )
secmem_free(p);