Some bug fixes of the last release

2025-07-02 22:46:30 +02:00 · 1998-11-10 12:59:59 +00:00 · 1998-11-10 12:59:59 +00:00 · b076ce3021
commit b076ce3021
parent 35c1054507
52 changed files with 2853 additions and 1804 deletions
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,27 @@
+Tue Nov 10 10:08:59 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+	* g10.c (g10_exit): Now looks at the new g10_errors_seen.
+	* mainproc.c (check_sig_and_print): Sets g10_errors_seen.
+
+	* *.c : i18n many more strings.
+
+	* ringedit.c (locate_keyblock_by_keyid): Add HAVE_LIBGDBM
+	(locate_keyblock_by_fpr): Ditto.
+
+	* g10.c (main): removed unsused "int errors".
+	(main): Add new option --charset.
+
+	* g10.c (main): special message for the unix newbie.
+
+Mon Nov  9 07:17:42 1998  Werner Koch  <werner.koch@guug.de>
+
+	* getkey.c (finish_lookup): Kludge to prefere algo 16.
+
+	* trustdb.c (new_lid_table): Clear cached item.
+
+	* status.c (cpr_get_utf8): New.
+	* pkclist.c (build_pk_list): Uses this.
+
 Sun Nov  8 17:20:39 1998  Werner Koch  (wk@isil.d.shuttle.de)

 	* mainproc.c (check_sig_and_print): Why did I use strlen()-1
--- a/g10/encode.c
+++ b/g10/encode.c
@ -152,7 +152,7 @@ encode_simple( const char *filename, int mode )
    }
    if( filename ) {
 	if( !(filesize = iobuf_get_filelength(inp)) )
-	    log_info(_("%s: warning: empty file\n"), filename );
+	    log_info(_("%s: WARNING: empty file\n"), filename );
    }
    else
 	filesize = 0; /* stdin */
@ -266,7 +266,7 @@ encode_crypt( const char *filename, STRLIST remusr )
    }
    if( filename ) {
 	if( !(filesize = iobuf_get_filelength(inp)) )
-	    log_info(_("%s: warning: empty file\n"), filename );
+	    log_info(_("%s: WARNING: empty file\n"), filename );
    }
    else
 	filesize = 0; /* stdin */
--- a/g10/encr-data.c
+++ b/g10/encr-data.c
@ -56,9 +56,9 @@ decrypt_data( PKT_encrypted *ed, DEK *dek )
    if( opt.verbose ) {
 	const char *s = cipher_algo_to_string( dek->algo );
 	if( s )
-	    log_info("%s encrypted data\n", s );
+	    log_info(_("%s encrypted data\n"), s );
 	else
-	    log_info("encrypted with unknown algorithm %d\n", dek->algo );
+	    log_info(_("encrypted with unknown algorithm %d\n"), dek->algo );
    }
    if( (rc=check_cipher_algo(dek->algo)) )
 	return rc;
@ -71,7 +71,7 @@ decrypt_data( PKT_encrypted *ed, DEK *dek )
    dfx.cipher_hd = cipher_open( dek->algo, CIPHER_MODE_AUTO_CFB, 1 );
    rc = cipher_setkey( dfx.cipher_hd, dek->key, dek->keylen );
    if( rc == G10ERR_WEAK_KEY )
-	log_info(_("Warning: Message was encrypted with "
+	log_info(_("WARNING: Message was encrypted with "
 		    "a weak key in the symmetric cipher.\n"));
    else if( rc )
 	log_error("key setup failed: %s\n", g10_errstr(rc) );
--- a/g10/export.c
+++ b/g10/export.c
@ -32,6 +32,7 @@
 #include "memory.h"
 #include "util.h"
 #include "main.h"
+#include "i18n.h"

 static int do_export( STRLIST users, int secret );

@ -158,7 +159,7 @@ do_export( STRLIST users, int secret )
    else
 	iobuf_close(out);
    if( !any )
-	log_info("warning: nothing exported\n");
+	log_info(_("WARNING: nothing exported\n"));
    return rc;
 }

--- a/g10/g10.c
+++ b/g10/g10.c
@ -144,6 +144,7 @@ enum cmd_and_opt_values { aNull = 0,
    oS2KMode,
    oS2KDigest,
    oS2KCipher,
+    oCharset,
 aTest };


@ -220,6 +221,7 @@ static ARGPARSE_OPTS opts[] = {
    { oKeyring, "keyring"   ,2, N_("add this keyring to the list of keyrings")},
    { oSecretKeyring, "secret-keyring" ,2, N_("add this secret keyring to the list")},
    { oDefaultKey, "default-key" ,2, N_("|NAME|use NAME as default secret key")},
+    { oCharset, "charset"   , 2, N_("|NAME| set terminal charset to NAME") },
    { oOptions, "options"   , 2, N_("read options from file")},

    { oDebug, "debug"     ,4|16, N_("set debugging flags")},
@ -295,6 +297,9 @@ static ARGPARSE_OPTS opts[] = {



+int g10_errors_seen = 0;
+
+
 static int maybe_setuid = 1;

 static char *build_list( const char *text,
@ -488,7 +493,6 @@ main( int argc, char **argv )
    unsigned configlineno;
    int parse_debug = 0;
    int default_config =1;
-    int errors=0;
    int default_keyring = 1;
    int greeting = 1;
    enum cmd_and_opt_values cmd = 0;
@ -599,7 +603,7 @@ main( int argc, char **argv )
 	if( !configfp ) {
 	    if( default_config ) {
 		if( parse_debug )
-		    log_info(_("note: no default option file '%s'\n"),
+		    log_info(_("NOTE: no default option file '%s'\n"),
 							    configname );
 	    }
 	    else {
@ -755,8 +759,13 @@ main( int argc, char **argv )
 	  case oNoSecmemWarn:
 	    break;  /* dummies */
 	#endif
+	  case oCharset:
+	    if( set_native_charset( pargs.r.ret_str ) )
+		log_error(_("%s is not a valid character set\n"),
+						    pargs.r.ret_str);
+	    break;

-	  default : errors++; pargs.err = configfp? 1:2; break;
+	  default : pargs.err = configfp? 1:2; break;
 	}
    }
    if( configfp ) {
@ -812,7 +821,7 @@ main( int argc, char **argv )
 	log_error(_("marginals-needed must be greater than 1\n"));
    switch( opt.s2k_mode ) {
      case 0:
-	log_info(_("note: simple S2K mode (0) is strongly discouraged\n"));
+	log_info(_("NOTE: simple S2K mode (0) is strongly discouraged\n"));
 	break;
      case 1: case 3: break;
      default:
@ -1228,9 +1237,15 @@ main( int argc, char **argv )
 	/* fixme: g10maint should do regular maintenace tasks here */
 	if( argc > 1 )
 	    wrong_args(_("[filename]"));
+	/* Issue some output for the unix newbie */
+	if( !fname && !opt.outfile && isatty( fileno(stdin) )
+		&& isatty( fileno(stdout) ) && isatty( fileno(stderr) ) )
+	    log_info(_("Go ahead and type your message ...\n"));
+
 	if( !(a = iobuf_open(fname)) )
 	    log_error(_("can't open '%s'\n"), print_fname_stdin(fname));
 	else {
+
 	    if( !opt.no_armor ) {
 		if( use_armor_filter( a ) ) {
 		    memset( &afx, 0, sizeof afx);
@ -1263,7 +1278,8 @@ g10_exit( int rc )
    if( opt.debug )
 	secmem_dump_stats();
    secmem_term();
-    rc = rc? rc : log_get_errorcount(0)? 2:0;
+    rc = rc? rc : log_get_errorcount(0)? 2 :
+			g10_errors_seen? 1 : 0;
    /*write_status( STATUS_LEAVE );*/
    exit(rc );
 }
--- a/g10/getkey.c
+++ b/g10/getkey.c
@ -160,7 +160,7 @@ cache_public_key( PKT_public_key *pk )
    if( pk_cache_entries >= MAX_PK_CACHE_ENTRIES ) {
 	/* fixme: use another algorithm to free some cache slots */
 	pk_cache_disabled=1;
-	log_info("too many entries in pk cache - disabled\n");
+	log_info(_("too many entries in pk cache - disabled\n"));
 	return;
    }
    pk_cache_entries++;
@ -258,7 +258,7 @@ get_pubkey( PKT_public_key *pk, u32 *keyid )
 	;
    else if( ++unk_cache_entries > MAX_UNK_CACHE_ENTRIES ) {
 	unk_cache_disabled = 1;
-	log_info("too many entries in unk cache - disabled\n");
+	log_info(_("too many entries in unk cache - disabled\n"));
    }
    else {
 	keyid_list_t kl;
@ -937,12 +937,29 @@ finish_lookup( KBNODE keyblock, PKT_public_key *pk, KBNODE k, byte *namehash,
 	    /* if the usage is not correct, try to use a subkey */
 	    KBNODE save_k = k;

-	    for( ; k; k = k->next ) {
-		if( k->pkt->pkttype == PKT_PUBLIC_SUBKEY
-		    && !check_pubkey_algo2(
-			    k->pkt->pkt.public_key->pubkey_algo,
-					     pk->pubkey_usage ) )
-		    break;
+	    k = NULL;
+	    /* kludge for pgp 5: which doesn't accept type 20:
+	     * try to use a type 16 subkey instead */
+	    if( pk->pubkey_usage == PUBKEY_USAGE_ENC ) {
+		for( k = save_k; k; k = k->next ) {
+		    if( k->pkt->pkttype == PKT_PUBLIC_SUBKEY
+			&& k->pkt->pkt.public_key->pubkey_algo
+			    == PUBKEY_ALGO_ELGAMAL_E
+			&& !check_pubkey_algo2(
+				k->pkt->pkt.public_key->pubkey_algo,
+						 pk->pubkey_usage ) )
+			break;
+		}
+	    }
+
+	    if( !k ) {
+		for(k = save_k ; k; k = k->next ) {
+		    if( k->pkt->pkttype == PKT_PUBLIC_SUBKEY
+			&& !check_pubkey_algo2(
+				k->pkt->pkt.public_key->pubkey_algo,
+						 pk->pubkey_usage ) )
+			break;
+		}
 	    }
 	    if( !k )
 		k = save_k;
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@ -451,7 +451,8 @@ fix_keyblock( KBNODE keyblock )
 	    if( subkey ) {
 		PKT_signature *sig = node->pkt->pkt.signature;
 		if( sig->sig_class >= 0x10 && sig->sig_class <= 0x13 ) {
-		    log_info("moving a key signature to the correct place\n");
+		    log_info(_(
+			"moving a key signature to the correct place\n"));
 		    last->next = node->next;
 		    node->next = subkey->next;
 		    subkey->next = node;
--- a/g10/main.h
+++ b/g10/main.h
@ -38,6 +38,8 @@ typedef struct {


 /*-- g10.c --*/
+extern int g10_errors_seen;
+
 #if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 5 )
  void g10_exit(int rc) __attribute__ ((noreturn));
 #else
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@ -195,7 +195,7 @@ proc_pubkey_enc( CTX c, PACKET *pkt )
 	;
    else if( !result ) {
 	if( opt.verbose > 1 )
-	    log_info( "pubkey_enc packet: Good DEK\n" );
+	    log_info( _("public key encrypted data: Good DEK\n") );
    }
    else {
 	log_error(_("public key decryption failed: %s\n"), g10_errstr(result));
@ -225,7 +225,7 @@ proc_encrypted( CTX c, PACKET *pkt )
 	;
    else if( !result ) {
 	if( opt.verbose > 1 )
-	    log_info("decryption okay\n");
+	    log_info(_("decryption okay\n"));
    }
    else {
 	log_error(_("decryption failed: %s\n"), g10_errstr(result));
@ -245,9 +245,9 @@ proc_plaintext( CTX c, PACKET *pkt )
    KBNODE n;

    if( pt->namelen == 8 && !memcmp( pt->name, "_CONSOLE", 8 ) )
-	log_info(_("note: sender requested \"for-your-eyes-only\"\n"));
+	log_info(_("NOTE: sender requested \"for-your-eyes-only\"\n"));
    else if( opt.verbose )
-	log_info("original file name='%.*s'\n", pt->namelen, pt->name);
+	log_info(_("original file name='%.*s'\n"), pt->namelen, pt->name);
    free_md_filter_context( &c->mfx );
    c->mfx.md = md_open( 0, 0);
    /* fixme: we may need to push the textfilter if we have sigclass 1
@ -833,7 +833,7 @@ check_sig_and_print( CTX c, KBNODE node )
    int rc;

    if( opt.skip_verify ) {
-	log_info("signature verification suppressed\n");
+	log_info(_("signature verification suppressed\n"));
 	return 0;
    }

@ -854,6 +854,8 @@ check_sig_and_print( CTX c, KBNODE node )
 	putc('\n', stderr);
 	if( !rc )
 	    rc = check_signatures_trust( sig );
+	if( rc )
+	    g10_errors_seen = 1;
 	if( opt.batch && rc )
 	    g10_exit(1);
    }
@ -932,12 +934,12 @@ proc_tree( CTX c, KBNODE node )
 	    }
 	}
 	else
-	    log_info("old style signature\n");
+	    log_info(_("old style (PGP 2.x) signature\n"));

 	check_sig_and_print( c, node );
    }
    else
-	log_error("proc_tree: invalid root packet\n");
+	log_error(_("invalid root packet detected in proc_tree()\n"));

 }

--- a/g10/misc.c
+++ b/g10/misc.c
@ -34,6 +34,7 @@
 #include "util.h"
 #include "main.h"
 #include "options.h"
+#include "i18n.h"


 const char *g10m_revision_string(int);
@ -84,9 +85,9 @@ disable_core_dumps()
    limit.rlim_cur = 0;
    limit.rlim_max = 0;
    if( setrlimit( RLIMIT_CORE, &limit ) )
-	log_fatal("can't disable core dumps: %s\n", strerror(errno) );
+	log_fatal(_("can't disable core dumps: %s\n"), strerror(errno) );
  #else
-    log_info("WARNING: Program may create a core file!\n");
+    log_info(_("WARNING: Program may create a core file!\n"));
  #endif
 }

--- a/g10/options.skel
+++ b/g10/options.skel
@ -35,3 +35,9 @@ force-v3-sigs

 compress-algo 1

+# If you do not use the Latin-1 (ISO-8859-1) charset, you should
+# tell GnuPG which is the native character set.  Please check
+# the man page for supported character sets.
+#charset koi8-r
+
+
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@ -33,6 +33,7 @@
 #include "filter.h"
 #include "options.h"
 #include "main.h"
+#include "i18n.h"

 static int mpi_print_mode = 0;
 static int list_mode = 0;
@ -105,7 +106,7 @@ unknown_pubkey_warning( int algo )
    algo &= 0xff;
    if( !unknown_pubkey_algos[algo] ) {
 	if( opt.verbose )
-	    log_info("can't handle public key algorithm %d\n", algo );
+	    log_info(_("can't handle public key algorithm %d\n"), algo );
 	unknown_pubkey_algos[algo] = 1;
    }
 }
--- a/g10/passphrase.c
+++ b/g10/passphrase.c
@ -171,11 +171,11 @@ passphrase_to_dek( u32 *keyid, int cipher_algo, STRING2KEY *s2k, int mode )
    else if( opt.batch )
 	log_fatal("Can't query password in batchmode\n");
    else {
-	pw = cpr_get_hidden(N_("passphrase.enter"), _("Enter pass phrase: ") );
+	pw = cpr_get_hidden(N_("passphrase.enter"), _("Enter passphrase: ") );
 	tty_kill_prompt();
 	if( mode == 2 && !cpr_enabled() ) {
 	    char *pw2 = cpr_get_hidden(N_("passphrase.repeat"),
-				       _("Repeat pass phrase: ") );
+				       _("Repeat passphrase: ") );
 	    tty_kill_prompt();
 	    if( strcmp(pw, pw2) ) {
 		m_free(pw2);
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@ -180,7 +180,7 @@ do_we_trust( PKT_public_key *pk, int trustlevel )
    int rc;

    if( (trustlevel & TRUST_FLAG_REVOKED) ) {
-	log_info("%08lX: key has been revoked!\n",
+	log_info(_("key %08lX: key has been revoked!\n"),
 					(ulong)keyid_from_pk( pk, NULL) );
 	if( opt.batch )
 	    return 0;
@ -208,12 +208,13 @@ do_we_trust( PKT_public_key *pk, int trustlevel )
 	return do_we_trust( pk, trustlevel );

      case TRUST_EXPIRED:
-	log_info("%08lX: key has expired\n", (ulong)keyid_from_pk( pk, NULL) );
+	log_info(_("%08lX: key has expired\n"),
+				    (ulong)keyid_from_pk( pk, NULL) );
 	return 0; /* no */

      case TRUST_UNDEFINED:
 	if( opt.batch || opt.answer_no )
-	    log_info("%08lX: no info to calculate a trust probability\n",
+	    log_info(_("%08lX: no info to calculate a trust probability\n"),
 					(ulong)keyid_from_pk( pk, NULL) );
 	else {
 	    rc = add_ownertrust( pk );
@ -229,24 +230,24 @@ do_we_trust( PKT_public_key *pk, int trustlevel )
 	return 0;

      case TRUST_NEVER:
-	log_info("%08lX: We do NOT trust this key\n",
+	log_info(_("%08lX: We do NOT trust this key\n"),
 					(ulong)keyid_from_pk( pk, NULL) );
 	return 0; /* no */

      case TRUST_MARGINAL:
-	log_info("%08lX: I'm not sure whether this key really belongs to the owner\n"
-		 "but I proceed anyway\n",
-					(ulong)keyid_from_pk( pk, NULL) );
+	log_info(
+       _("%08lX: It is not sure taht this key really belongs to the owner\n"
+	 "but it is accepted anyway\n"), (ulong)keyid_from_pk( pk, NULL) );
 	return 1; /* yes */

      case TRUST_FULLY:
 	if( opt.verbose )
-	    log_info("This key probably belongs to the owner\n");
+	    log_info(_("This key probably belongs to the owner\n"));
 	return 1; /* yes */

      case TRUST_ULTIMATE:
 	if( opt.verbose )
-	    log_info("This key belongs to us (we have the secret key)\n");
+	    log_info(_("This key belongs to us (we have the secret key)\n"));
 	return 1; /* yes */

      default: BUG();
@ -422,8 +423,8 @@ build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned usage )
 	for(;;) {
 	    rc = 0;
 	    m_free(answer);
-	    answer = cpr_get(N_("pklist.user_id.enter"),
-			      _("Enter the user ID: "));
+	    answer = cpr_get_utf8(N_("pklist.user_id.enter"),
+				   _("Enter the user ID: "));
 	    trim_spaces(answer);
 	    cpr_kill_prompt();
 	    if( !*answer )
--- a/g10/plaintext.c
+++ b/g10/plaintext.c
@ -233,7 +233,7 @@ ask_for_detached_datafile( md_filter_context_t *mfx, const char *inname )

    if( !fp ) {
 	if( opt.verbose )
-	    log_info("reading stdin ...\n");
+	    log_info(_("reading stdin ...\n"));
 	while( (c = getchar()) != EOF ) {
 	    if( mfx->md )
 		md_putc(mfx->md, c );
--- a/g10/pubkey-enc.c
+++ b/g10/pubkey-enc.c
@ -81,7 +81,7 @@ get_session_key( PKT_pubkey_enc *k, DEK *dek )
 	    if( !rc )
 		rc = get_it( k, dek, sk, keyid );
 	    if( !rc ) {
-		log_info( _("okay, we are the anonymous receiver.\n") );
+		log_info(_("okay, we are the anonymous receiver.\n") );
 		break;
 	    }
 	}
@ -133,7 +133,7 @@ get_it( PKT_pubkey_enc *k, DEK *dek, PKT_secret_key *sk, u32 *keyid )
    if( n + 7 > nframe )
 	{ rc = G10ERR_WRONG_SECKEY; goto leave; }
    if( frame[n] == 1 && frame[nframe-1] == 2 ) {
-	log_info("old encoding of DEK is not supported\n");
+	log_info(_("old encoding of the DEK is not supported\n"));
 	rc = G10ERR_CIPHER_ALGO;
 	goto leave;
    }
@ -180,7 +180,7 @@ get_it( PKT_pubkey_enc *k, DEK *dek, PKT_secret_key *sk, u32 *keyid )
 	    log_error("can't check algorithm against preferences\n");
 	else if( dek->algo != CIPHER_ALGO_3DES
 	    && !is_algo_in_prefs( pk->local_id, PREFTYPE_SYM, dek->algo ) )
-	    log_info(_("note: cipher algorithm %d not found in preferences\n"),
+	    log_info(_("NOTE: cipher algorithm %d not found in preferences\n"),
 								 dek->algo );
 	free_public_key( pk );
 	rc = 0;
--- a/g10/revoke.c
+++ b/g10/revoke.c
@ -129,7 +129,7 @@ gen_revoke( const char *uname )
 	rc = G10ERR_PUBKEY_ALGO;
 	break;
      case 0:
-	tty_printf(_("note: This key is not protected!\n"));
+	tty_printf(_("NOTE: This key is not protected!\n"));
 	break;
      default:
 	rc = check_secret_key( sk, 0 );
--- a/g10/ringedit.c
+++ b/g10/ringedit.c
@ -274,12 +274,13 @@ add_keyblock_resource( const char *url, int force, int secret )

 	    iobuf = iobuf_create( filename );
 	    if( !iobuf ) {
-		log_error("%s: can't create keyring: %s\n", filename, strerror(errno));
+		log_error(_("%s: can't create keyring: %s\n"),
+					    filename, strerror(errno));
 		rc = G10ERR_OPEN_FILE;
 		goto leave;
 	    }
 	    else
-		log_info("%s: keyring created\n", filename );
+		log_info(_("%s: keyring created\n"), filename );
 	}
      #ifdef __MINGW32__
 	/* must close it again */
@ -512,10 +513,12 @@ locate_keyblock_by_fpr( KBPOS *kbpos, const byte *fpr, int fprlen, int secret )
 	if( rentry->used && !rentry->secret == !secret ) {
 	    kbpos->rt = rentry->rt;
 	    switch( rentry->rt ) {
+	     #ifdef HAVE_LIBGDBM
 	      case rt_GDBM:
 		any = 1;
 		rc = do_gdbm_locate( rentry->dbf, kbpos, fpr, fprlen );
 		break;
+	     #endif
 	      default:
 		rc = G10ERR_UNSUPPORTED;
 		break;
@ -551,10 +554,12 @@ locate_keyblock_by_keyid( KBPOS *kbpos, u32 *keyid, int shortkid, int secret )
 	if( rentry->used && !rentry->secret == !secret ) {
 	    kbpos->rt = rentry->rt;
 	    switch( rentry->rt ) {
+	     #ifdef HAVE_LIBGDBM
 	      case rt_GDBM:
 		any = 1;
 		rc = do_gdbm_locate_by_keyid( rentry->dbf, kbpos, keyid );
 		break;
+	     #endif
 	      default:
 		rc = G10ERR_UNSUPPORTED;
 		break;
@ -1049,8 +1054,6 @@ keyring_enum( KBPOS *kbpos, KBNODE *ret_root, int skipsigs )
 	     * a start packet; issue a warning if it is not a comment */
 	    if( !root && pkt->pkttype != PKT_COMMENT
 		      && pkt->pkttype != PKT_OLD_COMMENT ) {
-		log_info("keyring_enum: skipped packet of type %d\n",
-			    pkt->pkttype );
 		break;
 	    }
 	    if( !root || (skipsigs && ( pkt->pkttype == PKT_SIGNATURE
@ -1108,11 +1111,11 @@ keyring_copy( KBPOS *kbpos, int mode, KBNODE root )
 	/* insert: create a new file */
 	newfp = iobuf_create( rentry->fname );
 	if( !newfp ) {
-	    log_error("%s: can't create: %s\n", rentry->fname, strerror(errno));
+	    log_error(_("%s: can't create: %s\n"), rentry->fname, strerror(errno));
 	    return G10ERR_OPEN_FILE;
 	}
 	else
-	    log_info("%s: keyring created\n", rentry->fname );
+	    log_info(_("%s: keyring created\n"), rentry->fname );

 	kbctx=NULL;
 	while( (node = walk_kbnode( root, &kbctx, 0 )) ) {
@ -1285,7 +1288,7 @@ keyring_copy( KBPOS *kbpos, int mode, KBNODE root )
 	rc = G10ERR_RENAME_FILE;
 	if( rentry->secret ) {
 	    log_info(_(
-		"Warning: 2 files with confidential information exists.\n"));
+		"WARNING: 2 files with confidential information exists.\n"));
 	    log_info(_("%s is the unchanged one\n"), rentry->fname );
 	    log_info(_("%s is the new one\n"), tmpfname );
 	    log_info(_("Please fix this possible security flaw\n"));
@ -1469,7 +1472,7 @@ do_gdbm_locate_by_keyid( GDBM_FILE dbf, KBPOS *kbpos, u32 *keyid )
 	return G10ERR_INV_KEYRING;
    }
    if( content.dsize > 21 )
-	log_info("gdbm_fetch: warning: more than one fingerprint\n" );
+	log_info("gdbm_fetch: WARNING: more than one fingerprint\n" );

    rc = do_gdbm_locate( dbf, kbpos, content.dptr+1, 20 );
    free( content.dptr ); /* can't use m_free() here */
--- a/g10/seckey-cert.c
+++ b/g10/seckey-cert.c
@ -212,7 +212,7 @@ protect_secret_key( PKT_secret_key *sk, DEK *dek )
 	    cipher_hd = cipher_open( sk->protect.algo,
 				     CIPHER_MODE_AUTO_CFB, 1 );
 	    if( cipher_setkey( cipher_hd, dek->key, dek->keylen ) )
-		log_info(_("Warning: Weak key detected"
+		log_info(_("WARNING: Weak key detected"
 			   " - please change passphrase again.\n"));
 	    cipher_setiv( cipher_hd, NULL );
 	    cipher_encrypt( cipher_hd, sk->protect.iv, sk->protect.iv, 8 );
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@ -167,7 +167,7 @@ do_check( PKT_public_key *pk, PKT_signature *sig, MD_HANDLE digest )
    }

    if( pk->expiredate && pk->expiredate < cur_time ) {
-	log_info(_("warning: signature key expired %s\n"),
+	log_info(_("NOTE: signature key expired %s\n"),
 					asctimestamp( pk->expiredate ) );
 	write_status(STATUS_SIGEXPIRED);
    }
--- a/g10/sign.c
+++ b/g10/sign.c
@ -62,11 +62,11 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig,
    rc = pubkey_sign( sk->pubkey_algo, sig->data, frame, sk->skey );
    mpi_free(frame);
    if( rc )
-	log_error("pubkey_sign failed: %s\n", g10_errstr(rc) );
+	log_error(_("signing failed: %s\n"), g10_errstr(rc) );
    else {
 	if( opt.verbose ) {
 	    char *ustr = get_user_id_string( sig->keyid );
-	    log_info("%s signature from: %s\n",
+	    log_info(_("%s signature from: %s\n"),
 		      pubkey_algo_to_string(sk->pubkey_algo), ustr );
 	    m_free(ustr);
 	}
@ -197,12 +197,12 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,

    if( outfile ) {
 	if( !(out = iobuf_create( outfile )) ) {
-	    log_error("can't create %s: %s\n", outfile, strerror(errno) );
+	    log_error(_("can't create %s: %s\n"), outfile, strerror(errno) );
 	    rc = G10ERR_CREATE_FILE;
 	    goto leave;
 	}
 	else if( opt.verbose )
-	    log_info("writing to '%s'\n", outfile );
+	    log_info(_("writing to '%s'\n"), outfile );
    }
    else if( (rc = open_outfile( fname, opt.armor? 1: detached? 2:0, &out )))
 	goto leave;
@ -293,12 +293,13 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
 	    STRLIST sl;

 	    if( opt.verbose )
-		log_info("signing:" );
+		log_info(_("signing:") );
 	    /* must walk reverse trough this list */
 	    for( sl = strlist_last(filenames); sl;
 			sl = strlist_prev( filenames, sl ) ) {
 		if( !(inp = iobuf_open(sl->d)) ) {
-		    log_error("can't open %s: %s\n", sl->d, strerror(errno) );
+		    log_error(_("can't open %s: %s\n"),
+					    sl->d, strerror(errno) );
 		    rc = G10ERR_OPEN_FILE;
 		    goto leave;
 		}
@ -332,7 +333,7 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
 	}
 	if( fname ) {
 	    if( !(filesize = iobuf_get_filelength(inp)) )
-		log_info("warning: '%s' is an empty file\n", fname );
+		log_info(_("WARNING: '%s' is an empty file\n"), fname );

 	    /* because the text_filter modifies the length of the
 	     * data, it is not possible to know the used length
@ -538,12 +539,12 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )

    if( outfile ) {
 	if( !(out = iobuf_create( outfile )) ) {
-	    log_error("can't create %s: %s\n", outfile, strerror(errno) );
+	    log_error(_("can't create %s: %s\n"), outfile, strerror(errno) );
 	    rc = G10ERR_CREATE_FILE;
 	    goto leave;
 	}
 	else if( opt.verbose )
-	    log_info("writing to '%s'\n", outfile );
+	    log_info(_("writing to '%s'\n"), outfile );
    }
    else if( (rc = open_outfile( fname, 1, &out )) )
 	goto leave;
--- a/g10/skclist.c
+++ b/g10/skclist.c
@ -31,6 +31,7 @@
 #include "keydb.h"
 #include "memory.h"
 #include "util.h"
+#include "i18n.h"


 void
@ -90,14 +91,14 @@ build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list, int unlock,
 	    sk->pubkey_usage = usage;
 	    if( (rc = get_seckey_byname( sk, locusr->d, unlock )) ) {
 		free_secret_key( sk ); sk = NULL;
-		log_error("skipped '%s': %s\n", locusr->d, g10_errstr(rc) );
+		log_error(_("skipped '%s': %s\n"), locusr->d, g10_errstr(rc) );
 	    }
 	    else if( !(rc=check_pubkey_algo2(sk->pubkey_algo, usage)) ) {
 		SK_LIST r;
 		if( sk->version == 4 && (usage & PUBKEY_USAGE_SIG)
 		    && sk->pubkey_algo == PUBKEY_ALGO_ELGAMAL_E ) {
-		    log_info("skipped '%s': this is a PGP generated "
-			"ElGamal key which is not secure for signatures!\n",
+		    log_info(_("skipped '%s': this is a PGP generated "
+			"ElGamal key which is not secure for signatures!\n"),
 			locusr->d );
 		    free_secret_key( sk ); sk = NULL;
 		}
--- a/g10/status.c
+++ b/g10/status.c
@ -142,7 +142,7 @@ init_shm_coprocessing ( ulong requested_shm_size, int lock_mem )
    if ( shm_area == (char*)-1 )
 	log_fatal("can't attach %uk shared memory: %s\n",
 				(unsigned)shm_size/1024, strerror(errno));
-    log_info("mapped %uk shared memory at %p, id=%d\n",
+    log_debug("mapped %uk shared memory at %p, id=%d\n",
 			    (unsigned)shm_size/1024, shm_area, shm_id );
    if( lock_mem ) {
      #ifdef IPC_HAVE_SHM_LOCK
@ -292,6 +292,19 @@ cpr_get( const char *keyword, const char *prompt )
    }
 }

+char *
+cpr_get_utf8( const char *keyword, const char *prompt )
+{
+    char *p;
+    p = cpr_get( keyword, prompt );
+    if( p ) {
+	char *utf8 = native_to_utf8( p );
+	m_free( p );
+	p = utf8;
+    }
+    return p;
+}
+
 char *
 cpr_get_hidden( const char *keyword, const char *prompt )
 {
--- a/g10/status.h
+++ b/g10/status.h
@ -60,6 +60,7 @@ void write_status_text ( int no, const char *text );

 int cpr_enabled(void);
 char *cpr_get( const char *keyword, const char *prompt );
+char *cpr_get_utf8( const char *keyword, const char *prompt );
 char *cpr_get_hidden( const char *keyword, const char *prompt );
 void cpr_kill_prompt(void);
 int  cpr_get_answer_is_yes( const char *keyword, const char *prompt );
--- a/g10/tdbio.c
+++ b/g10/tdbio.c
@ -215,8 +215,8 @@ put_record_into_cache( ulong recno, const char *data )
 	/* but we can't do this while in a transaction
 	 * we increase the cache size instead */
 	if( cache_entries < MAX_CACHE_ENTRIES_HARD ) { /* no */
-	    if( !(cache_entries % 100) )
-		log_info("increasing tdbio cache size\n");
+	    if( opt.debug && !(cache_entries % 100) )
+		log_debug("increasing tdbio cache size\n");
 	    r = m_alloc( sizeof *r );
 	    r->flags.used = 1;
 	    r->recno = recno;
@ -228,7 +228,7 @@ put_record_into_cache( ulong recno, const char *data )
 	    cache_entries++;
 	    return 0;
 	}
-	log_info("hard cache size limit reached\n");
+	log_info(_("trustdb transaction to large\n"));
 	return G10ERR_RESOURCE_LIMIT;
    }
    if( dirty_count ) {
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@ -42,6 +42,7 @@
 #include "i18n.h"
 #include "tdbio.h"

+#define MAX_CERT_DEPTH 5

 #if MAX_FINGERPRINT_LEN > 20
  #error Must change structure of trustdb
@ -139,7 +140,7 @@ read_record( ulong recno, TRUSTREC *rec, int rectype )
    int rc = tdbio_read_record( recno, rec, rectype );
    if( !rc )
 	return;
-    log_error("trust record %lu, req type %d: read failed: %s\n",
+    log_error(_("trust record %lu, req type %d: read failed: %s\n"),
 				    recno, rectype,  g10_errstr(rc) );
    die_invalid_db();
 }
@ -154,7 +155,7 @@ write_record( TRUSTREC *rec )
    int rc = tdbio_write_record( rec );
    if( !rc )
 	return;
-    log_error("trust record %lu, type %d: write failed: %s\n",
+    log_error(_("trust record %lu, type %d: write failed: %s\n"),
 			    rec->recnum, rec->rectype, g10_errstr(rc) );
    die_invalid_db();
 }
@ -168,7 +169,7 @@ delete_record( ulong recno )
    int rc = tdbio_delete_record( recno );
    if( !rc )
 	return;
-    log_error("trust record %lu: delete failed: %s\n",
+    log_error(_("trust record %lu: delete failed: %s\n"),
 					      recno, g10_errstr(rc) );
    die_invalid_db();
 }
@ -182,7 +183,7 @@ do_sync( )
    int rc = tdbio_sync();
    if( !rc )
 	return;
-    log_error("trust db: sync failed: %s\n", g10_errstr(rc) );
+    log_error(_("trust db: sync failed: %s\n"), g10_errstr(rc) );
    g10_exit(2);
 }

@ -237,7 +238,7 @@ new_lid_table(void)
    a = unused_lid_tables;
    if( a ) {
 	unused_lid_tables = a->next;
-	a->next = NULL;
+	memset( a, 0, sizeof *a );
    }
    else
 	a = m_alloc_clear( sizeof *a );
@ -311,24 +312,24 @@ keyid_from_lid( ulong lid, u32 *keyid )

    rc = tdbio_read_record( lid, &rec, 0 );
    if( rc ) {
-	log_error("error reading dir record for LID %lu: %s\n",
+	log_error(_("error reading dir record for LID %lu: %s\n"),
 						    lid, g10_errstr(rc));
 	return G10ERR_TRUSTDB;
    }
    if( rec.rectype == RECTYPE_SDIR )
 	return 0;
    if( rec.rectype != RECTYPE_DIR ) {
-	log_error("lid %lu: expected dir record, got type %d\n",
+	log_error(_("lid %lu: expected dir record, got type %d\n"),
 						    lid, rec.rectype );
 	return G10ERR_TRUSTDB;
    }
    if( !rec.r.dir.keylist ) {
-	log_error("no primary key for LID %lu\n", lid );
+	log_error(_("no primary key for LID %lu\n"), lid );
 	return G10ERR_TRUSTDB;
    }
    rc = tdbio_read_record( rec.r.dir.keylist, &rec, RECTYPE_KEY );
    if( rc ) {
-	log_error("error reading primary key for LID %lu: %s\n",
+	log_error(_("error reading primary key for LID %lu: %s\n"),
 						    lid, g10_errstr(rc));
 	return G10ERR_TRUSTDB;
    }
@ -444,7 +445,7 @@ verify_own_keys()
 	    log_debug("key %08lX: checking secret key\n", (ulong)keyid[1] );

 	if( is_secret_key_protected( sk ) < 1 )
-	    log_info("note: secret key %08lX is NOT protected.\n",
+	    log_info(_("NOTE: secret key %08lX is NOT protected.\n"),
 							    (ulong)keyid[1] );

 	/* see whether we can access the public key of this secret key */
@ -484,7 +485,7 @@ verify_own_keys()
 	if( ins_lid_table_item( ultikey_table, pk->local_id, 0 ) )
 	    log_error(_("key %08lX: already in secret key table\n"),
 							(ulong)keyid[1]);
-	else if( opt.verbose )
+	else if( opt.verbose > 1 )
 	    log_info(_("key %08lX: accepted as secret key.\n"),
 							(ulong)keyid[1]);
      skip:
@ -492,7 +493,7 @@ verify_own_keys()
 	release_public_key_parts( pk );
    }
    if( rc != -1 )
-	log_error(_("enum_secret_keys failed: %s\n"), g10_errstr(rc) );
+	log_error(_("enumerate secret keys failed: %s\n"), g10_errstr(rc) );
    else
 	rc = 0;

@ -666,7 +667,8 @@ list_records( ulong lid )

    rc = tdbio_read_record( lid, &dr, RECTYPE_DIR );
    if( rc ) {
-	log_error("lid %lu: read dir record failed: %s\n", lid, g10_errstr(rc));
+	log_error(_("lid %lu: read dir record failed: %s\n"),
+						lid, g10_errstr(rc));
 	return rc;
    }
    tdbio_dump_record( &dr, stdout );
@ -674,7 +676,7 @@ list_records( ulong lid )
    for( recno=dr.r.dir.keylist; recno; recno = rec.r.key.next ) {
 	rc = tdbio_read_record( recno, &rec, 0 );
 	if( rc ) {
-	    log_error("lid %lu: read key record failed: %s\n",
+	    log_error(_("lid %lu: read key record failed: %s\n"),
 						lid, g10_errstr(rc));
 	    return rc;
 	}
@ -684,7 +686,7 @@ list_records( ulong lid )
    for( recno=dr.r.dir.uidlist; recno; recno = ur.r.uid.next ) {
 	rc = tdbio_read_record( recno, &ur, RECTYPE_UID );
 	if( rc ) {
-	    log_error("lid %lu: read uid record failed: %s\n",
+	    log_error(_("lid %lu: read uid record failed: %s\n"),
 						lid, g10_errstr(rc));
 	    return rc;
 	}
@ -693,7 +695,7 @@ list_records( ulong lid )
 	for(recno=ur.r.uid.prefrec; recno; recno = rec.r.pref.next ) {
 	    rc = tdbio_read_record( recno, &rec, RECTYPE_PREF );
 	    if( rc ) {
-		log_error("lid %lu: read pref record failed: %s\n",
+		log_error(_("lid %lu: read pref record failed: %s\n"),
 						    lid, g10_errstr(rc));
 		return rc;
 	    }
@ -703,7 +705,7 @@ list_records( ulong lid )
 	for(recno=ur.r.uid.siglist; recno; recno = rec.r.sig.next ) {
 	    rc = tdbio_read_record( recno, &rec, RECTYPE_SIG );
 	    if( rc ) {
-		log_error("lid %lu: read sig record failed: %s\n",
+		log_error(_("lid %lu: read sig record failed: %s\n"),
 						    lid, g10_errstr(rc));
 		return rc;
 	    }
@ -893,15 +895,15 @@ static int
 do_check( TRUSTREC *dr, unsigned *trustlevel )
 {
    if( !dr->r.dir.keylist ) {
-	log_error("Ooops, no keys\n");
+	log_error(_("Ooops, no keys\n"));
 	return G10ERR_TRUSTDB;
    }
    if( !dr->r.dir.uidlist ) {
-	log_error("Ooops, no user ids\n");
+	log_error(_("Ooops, no user ids\n"));
 	return G10ERR_TRUSTDB;
    }

-    *trustlevel = verify_key( 5, dr );
+    *trustlevel = verify_key( MAX_CERT_DEPTH, dr );

    if( dr->r.dir.dirflags & DIRF_REVOKED )
 	*trustlevel |= TRUST_FLAG_REVOKED;
@ -955,25 +957,29 @@ list_trustdb( const char *username )
 	ulong lid = atoi(username+1);

 	if( (rc = list_records( lid)) )
-	    log_error("user '%s' read problem: %s\n", username, g10_errstr(rc));
+	    log_error(_("user '%s' read problem: %s\n"),
+					    username, g10_errstr(rc));
 	else if( (rc = list_sigs( lid )) )
-	    log_error("user '%s' list problem: %s\n", username, g10_errstr(rc));
+	    log_error(_("user '%s' list problem: %s\n"),
+					    username, g10_errstr(rc));
    }
    else if( username ) {
 	PKT_public_key *pk = m_alloc_clear( sizeof *pk );
 	int rc;

 	if( (rc = get_pubkey_byname( NULL, pk, username, NULL )) )
-	    log_error("user '%s' not found: %s\n", username, g10_errstr(rc) );
+	    log_error(_("user '%s' not found: %s\n"), username, g10_errstr(rc) );
 	else if( (rc=tdbio_search_dir_bypk( pk, &rec )) && rc != -1 )
-	    log_error("problem finding '%s' in trustdb: %s\n",
+	    log_error(_("problem finding '%s' in trustdb: %s\n"),
 						username, g10_errstr(rc));
 	else if( rc == -1 )
-	    log_error("user '%s' not in trustdb\n", username);
+	    log_error(_("user '%s' not in trustdb\n"), username);
 	else if( (rc = list_records( pk->local_id)) )
-	    log_error("user '%s' read problem: %s\n", username, g10_errstr(rc));
+	    log_error(_("user '%s' read problem: %s\n"),
+						username, g10_errstr(rc));
 	else if( (rc = list_sigs( pk->local_id )) )
-	    log_error("user '%s' list problem: %s\n", username, g10_errstr(rc));
+	    log_error(_("user '%s' list problem: %s\n"),
+						username, g10_errstr(rc));
 	free_public_key( pk );
    }
    else {
@ -1002,20 +1008,20 @@ export_ownertrust()
    byte *p;
    int rc;

-    printf("# List of assigned trustvalues, created %s\n"
-	   "# (Use \"gpgm --import-ownertrust\" to restore them)\n",
+    printf(_("# List of assigned trustvalues, created %s\n"
+	     "# (Use \"gpgm --import-ownertrust\" to restore them)\n"),
 	   asctimestamp( make_timestamp() ) );
    for(recnum=0; !tdbio_read_record( recnum, &rec, 0); recnum++ ) {
 	if( rec.rectype == RECTYPE_DIR ) {
 	    if( !rec.r.dir.keylist ) {
-		log_error("Oops; directory record w/o primary key\n");
+		log_error(_("directory record w/o primary key\n"));
 		continue;
 	    }
 	    if( !rec.r.dir.ownertrust )
 		continue;
 	    rc = tdbio_read_record( rec.r.dir.keylist, &rec2, RECTYPE_KEY);
 	    if( rc ) {
-		log_error("error reading key record: %s\n", g10_errstr(rc));
+		log_error(_("error reading key record: %s\n"), g10_errstr(rc));
 		continue;
 	    }
 	    p = rec2.r.key.fingerprint;
@ -1055,7 +1061,7 @@ import_ownertrust( const char *fname )
 	    continue;
 	n = strlen(line);
 	if( line[n-1] != '\n' ) {
-	    log_error_f(fname, "line to long\n" );
+	    log_error_f(fname, _("line to long\n") );
 	    /* ... or last line does not have a LF */
 	    break; /* can't continue */
 	}
@ -1063,16 +1069,16 @@ import_ownertrust( const char *fname )
 	    if( !isxdigit(*p) )
 		break;
 	if( *p != ':' ) {
-	    log_error_f(fname, "error: missing colon\n" );
+	    log_error_f(fname, _("error: missing colon\n") );
 	    continue;
 	}
 	fprlen = p - line;
 	if( fprlen != 32 && fprlen != 40 ) {
-	    log_error_f(fname, "error: invalid fingerprint\n" );
+	    log_error_f(fname, _("error: invalid fingerprint\n") );
 	    continue;
 	}
 	if( sscanf(p, ":%u:", &otrust ) != 1 ) {
-	    log_error_f(fname, "error: no otrust value\n" );
+	    log_error_f(fname, _("error: no ownertrust value\n") );
 	    continue;
 	}
 	if( !otrust )
@ -1086,10 +1092,10 @@ import_ownertrust( const char *fname )
 	rc = tdbio_search_dir_byfpr( line, fprlen, 0, &rec );
 	if( !rc ) { /* found: update */
 	    if( rec.r.dir.ownertrust )
-		log_info("LID %lu: changing trust from %u to %u\n",
+		log_info(_("LID %lu: changing trust from %u to %u\n"),
 			  rec.r.dir.lid, rec.r.dir.ownertrust, otrust );
 	    else
-		log_info("LID %lu: setting trust to %u\n",
+		log_info(_("LID %lu: setting trust to %u\n"),
 				   rec.r.dir.lid, otrust );
 	    rec.r.dir.ownertrust = otrust;
 	    write_record( &rec );
@ -1097,25 +1103,25 @@ import_ownertrust( const char *fname )
 	else if( rc == -1 ) { /* not found; get the key from the ring */
 	    PKT_public_key *pk = m_alloc_clear( sizeof *pk );

-	    log_info_f(fname, "key not in trustdb, searching ring.\n");
+	    log_info_f(fname, _("key not in trustdb, searching ring.\n"));
 	    rc = get_pubkey_byfprint( pk, line, fprlen );
 	    if( rc )
-		log_info_f(fname, "key not in ring: %s\n", g10_errstr(rc));
+		log_info_f(fname, _("key not in ring: %s\n"), g10_errstr(rc));
 	    else {
 		rc = query_trust_record( pk );	/* only as assertion */
 		if( rc != -1 )
-		    log_error_f(fname, "Oops: key is now in trustdb???\n");
+		    log_error_f(fname, _("Oops: key is now in trustdb???\n"));
 		else {
 		    rc = insert_trust_record( pk );
 		    if( !rc )
 			goto repeat; /* update the ownertrust */
-		    log_error_f(fname, "insert trust record failed: %s\n",
+		    log_error_f(fname, _("insert trust record failed: %s\n"),
 							   g10_errstr(rc) );
 		}
 	    }
 	}
 	else /* error */
-	    log_error_f(fname, "error finding dir record: %s\n",
+	    log_error_f(fname, _("error finding dir record: %s\n"),
 						    g10_errstr(rc));
    }
    if( ferror(fp) )
@ -1166,15 +1172,16 @@ list_trust_path( int max_depth, const char *username )
    }

    if( (rc = get_pubkey_byname(NULL, pk, username, NULL )) )
-	log_error("user '%s' not found: %s\n", username, g10_errstr(rc) );
+	log_error(_("user '%s' not found: %s\n"), username, g10_errstr(rc) );
    else if( (rc=tdbio_search_dir_bypk( pk, &rec )) && rc != -1 )
-	log_error("problem finding '%s' in trustdb: %s\n",
+	log_error(_("problem finding '%s' in trustdb: %s\n"),
 					    username, g10_errstr(rc));
    else if( rc == -1 ) {
-	log_info("user '%s' not in trustdb - inserting\n", username);
+	log_info(_("user '%s' not in trustdb - inserting\n"), username);
 	rc = insert_trust_record( pk );
 	if( rc )
-	    log_error("failed to put '%s' into trustdb: %s\n", username, g10_errstr(rc));
+	    log_error(_("failed to put '%s' into trustdb: %s\n"),
+						    username, g10_errstr(rc));
 	else {
 	    assert( pk->local_id );
 	}
@ -1217,7 +1224,7 @@ check_trustdb( const char *username )
 	if( !rc )
 	    rc = read_keyblock( &kbpos, &keyblock );
 	if( rc ) {
-	    log_error("%s: keyblock read problem: %s\n",
+	    log_error(_("%s: keyblock read problem: %s\n"),
 				    username, g10_errstr(rc));
 	}
 	else {
@ -1231,12 +1238,12 @@ check_trustdb( const char *username )

 	    }
 	    if( rc )
-		log_error("%s: update failed: %s\n",
+		log_error(_("%s: update failed: %s\n"),
 					   username, g10_errstr(rc) );
 	    else if( modified )
-		log_info("%s: updated\n", username );
+		log_info(_("%s: updated\n"), username );
 	    else
-		log_info("%s: okay\n", username );
+		log_info(_("%s: okay\n"), username );

 	}
 	release_kbnode( keyblock ); keyblock = NULL;
@ -1251,7 +1258,8 @@ check_trustdb( const char *username )
 		int modified;

 		if( !rec.r.dir.keylist ) {
-		    log_info("lid %lu: dir record w/o key - skipped\n", recnum);
+		    log_info(_("lid %lu: dir record w/o key - skipped\n"),
+								  recnum);
 		    count++;
 		    skip_count++;
 		    continue;
@ -1263,7 +1271,7 @@ check_trustdb( const char *username )
 					    tmp.r.key.fingerprint,
 					    tmp.r.key.fingerprint_len );
 		if( rc ) {
-		    log_error("lid %lu: keyblock not found: %s\n",
+		    log_error(_("lid %lu: keyblock not found: %s\n"),
 						 recnum, g10_errstr(rc) );
 		    count++;
 		    skip_count++;
@ -1272,17 +1280,17 @@ check_trustdb( const char *username )

 		rc = update_trust_record( keyblock, 0, &modified );
 		if( rc ) {
-		    log_error("lid %lu: update failed: %s\n",
+		    log_error(_("lid %lu: update failed: %s\n"),
 						 recnum, g10_errstr(rc) );
 		    err_count++;
 		}
 		else if( modified ) {
 		    if( opt.verbose )
-			log_info("lid %lu: updated\n", recnum );
+			log_info(_("lid %lu: updated\n"), recnum );
 		    upd_count++;
 		}
 		else if( opt.verbose > 1 )
-		    log_info("lid %lu: okay\n", recnum );
+		    log_info(_("lid %lu: okay\n"), recnum );

 		release_kbnode( keyblock ); keyblock = NULL;
 		if( !(++count % 100) )
@ -1325,33 +1333,33 @@ update_trustdb( )
 				       ) ->pkt->pkt.public_key;
 		rc = insert_trust_record( pk );
 		if( rc && !pk->local_id ) {
-		    log_error("lid ?: insert failed: %s\n",
+		    log_error(_("lid ?: insert failed: %s\n"),
 						     g10_errstr(rc) );
 		    err_count++;
 		}
 		else if( rc ) {
-		    log_error("lid %lu: insert failed: %s\n",
+		    log_error(_("lid %lu: insert failed: %s\n"),
 				       pk->local_id, g10_errstr(rc) );
 		    err_count++;
 		}
 		else {
 		    if( opt.verbose )
-			log_info("lid %lu: inserted\n", pk->local_id );
+			log_info(_("lid %lu: inserted\n"), pk->local_id );
 		    new_count++;
 		}
 	    }
 	    else if( rc ) {
-		log_error("lid %lu: update failed: %s\n",
+		log_error(_("lid %lu: update failed: %s\n"),
 			 lid_from_keyblock(keyblock), g10_errstr(rc) );
 		err_count++;
 	    }
 	    else if( modified ) {
 		if( opt.verbose )
-		    log_info("lid %lu: updated\n", lid_from_keyblock(keyblock));
+		    log_info(_("lid %lu: updated\n"), lid_from_keyblock(keyblock));
 		upd_count++;
 	    }
 	    else if( opt.verbose > 1 )
-		log_info("lid %lu: okay\n", lid_from_keyblock(keyblock) );
+		log_info(_("lid %lu: okay\n"), lid_from_keyblock(keyblock) );

 	    release_kbnode( keyblock ); keyblock = NULL;
 	    if( !(++count % 100) )
@ -1366,7 +1374,7 @@ update_trustdb( )
 	    log_info(_("\t%lu keys inserted\n"), new_count);
    }
    if( rc && rc != -1 )
-	log_error("enum_keyblocks failed: %s\n", g10_errstr(rc));
+	log_error(_("enumerate keyblocks failed: %s\n"), g10_errstr(rc));

    enum_keyblocks( 2, &kbpos, &keyblock ); /* close */
    release_kbnode( keyblock );
@ -1411,7 +1419,7 @@ check_trust( PKT_public_key *pk, unsigned *r_trustlevel )
    }
    else { /* no local_id: scan the trustdb */
 	if( (rc=tdbio_search_dir_bypk( pk, &rec )) && rc != -1 ) {
-	    log_error("check_trust: search dir record failed: %s\n",
+	    log_error(_("check_trust: search dir record failed: %s\n"),
 							    g10_errstr(rc));
 	    return rc;
 	}
@ -1501,8 +1509,46 @@ query_trust_info( PKT_public_key *pk )
 int
 enum_trust_web( void **context, ulong *lid )
 {
-    /* REPLACE THIS with a BETTER ONE  */
+  #if 0
+    struct {
+       int init;
+    } *ctx;
+    int rc;
+    int wipe=0;
+    TRUSTREC rec;
+    TRUST_INFO *tmppath;
+    TRUST_SEG_LIST trust_seg_list, tsl, tsl2;
+    PKT_public_key *pk = m_alloc_clear( sizeof *pk );

+    if( !*context ) {
+	asssert( *lid );
+
+	ctx = m_alloc_clear( sizeof *ctx );
+	*context = ctx;
+	/* collect the paths */
+	read_record( *lid, &rec, RECTYPE_DIR );
+	tmppath = m_alloc_clear( (MAX_CERT_DEPTH+1)* sizeof *tmppath );
+	trust_seg_list = NULL;
+	collect_paths( 0, MAX_CERT_DEPTH, 1, &rec, tmppath, &trust_seg_list );
+	m_free( tmppath );
+	/* and now print them */
+	for(tsl = trust_seg_list; tsl; tsl = tsl->next ) {
+	    print_path( tsl->pathlen, tsl->path );
+	}
+    }
+    else
+	ctx = *context;
+
+    if( !lid ) {  /* release the context */
+	if( *
+	 /* release the list */
+	 for(tsl = trust_seg_list; tsl; tsl = tsl2 ) {
+	     tsl2 = tsl->next;
+	     m_free( tsl );
+	 }
+	 trust_seg_list = NULL;
+    }
+   #endif
    return -1; /* eof */
 }

@ -1552,7 +1598,7 @@ get_pref_data( ulong lid, const byte *namehash, size_t *ret_n )
 	    /* found the correct one or the first one */
 	    read_record( rec.r.uid.prefrec, &rec, RECTYPE_PREF );
 	    if( rec.r.pref.next )
-		log_info("warning: can't yet handle long pref records\n");
+		log_info(_("WARNING: can't yet handle long pref records\n"));
 	    buf = m_alloc( ITEMS_PER_PREF_RECORD );
 	    memcpy( buf, rec.r.pref.data, ITEMS_PER_PREF_RECORD );
 	    *ret_n = ITEMS_PER_PREF_RECORD;
@ -1581,7 +1627,7 @@ is_algo_in_prefs( ulong lid, int preftype, int algo )
 	if( rec.r.uid.prefrec ) {
 	    read_record( rec.r.uid.prefrec, &rec, RECTYPE_PREF );
 	    if( rec.r.pref.next )
-		log_info("warning: can't yet handle long pref records\n");
+		log_info(_("WARNING: can't yet handle long pref records\n"));
 	    pref = rec.r.pref.data;
 	    for(i=0; i+1 < ITEMS_PER_PREF_RECORD; i+=2 ) {
 		if( pref[i] == preftype && pref[i+1] == algo )
@ -1603,7 +1649,7 @@ get_dir_record( PKT_public_key *pk, TRUSTREC *rec )
    }
    else { /* no local_id: scan the trustdb */
 	if( (rc=tdbio_search_dir_bypk( pk, rec )) && rc != -1 )
-	    log_error("get_dir_record: search_record failed: %s\n",
+	    log_error(_("get_dir_record: search_record failed: %s\n"),
 							    g10_errstr(rc));
    }
    return rc;
@ -1663,11 +1709,11 @@ check_hint_sig( ulong lid, KBNODE keyblock, u32 *keyid, byte *uidrec_hash,
    int revoke = 0;

    if( sigrec->r.sig.sig[sigidx].flag & SIGF_CHECKED )
-	log_info(_("note: sig rec %lu[%d] in hintlist "
+	log_info(_("NOTE: sig rec %lu[%d] in hintlist "
 		   "of %lu but marked as checked\n"),
 		    sigrec->recnum, sigidx, hint_owner );
    if( !(sigrec->r.sig.sig[sigidx].flag & SIGF_NOPUBKEY) )
-	log_info(_("note: sig rec %lu[%d] in hintlist "
+	log_info(_("NOTE: sig rec %lu[%d] in hintlist "
 		   "of %lu but not marked\n"),
 		    sigrec->recnum, sigidx, hint_owner );

@ -1866,7 +1912,7 @@ create_shadow_dir( PKT_signature *sig, ulong lid  )
    /* first see whether we already have such a record */
    rc = tdbio_search_sdir( sig->keyid, sig->pubkey_algo, &sdir );
    if( rc && rc != -1 ) {
-	log_error("tdbio_search_dir failed: %s\n", g10_errstr(rc));
+	log_error(_("tdbio_search_dir failed: %s\n"), g10_errstr(rc));
 	die_invalid_db();
    }
    if( rc == -1 ) { /* not found: create */
@ -2283,7 +2329,7 @@ upd_pref_record( TRUSTREC *urec, u32 *keyid, PKT_signature *sig )
 	    if( n_prefs_rec >= DIM(prefs_rec)-1 ) {
 		log_info("uid %08lX.%lu/%02X%02X: %s\n",
 			  (ulong)keyid[1], lid, uidhash[18], uidhash[19],
-			  _("Too many preferences items") );
+			  _("Too many preference items") );
 		break;
 	    }
 	    prefs_rec[n_prefs_rec++] = prec.r.pref.data[i];
@ -2304,7 +2350,7 @@ upd_pref_record( TRUSTREC *urec, u32 *keyid, PKT_signature *sig )
    }

    if( n_prefs_sig > ITEMS_PER_PREF_RECORD )
-	log_info("cannot yet handle long preferences");
+	 log_info(_("WARNING: can't yet handle long pref records\n"));

    memset( &prec, 0, sizeof prec );
    prec.recnum = tdbio_new_recnum();
@ -2452,7 +2498,7 @@ upd_cert_record( KBNODE keyblock, KBNODE signode, u32 *keyid,
 			log_info("sig %08lX.%lu/%02X%02X/%08lX: %s\n",
 				  (ulong)keyid[1], lid, uidhash[18],
 				 uidhash[19], (ulong)sig->keyid[1],
-				 _("public key lost") );
+				 _("Hmmm, public key lost?") );
 		    rec.r.sig.sig[i].flag = SIGF_NOPUBKEY;
 		    if( revoke )
 			rec.r.sig.sig[i].flag |= SIGF_REVOKED;
@ -2477,8 +2523,8 @@ upd_cert_record( KBNODE keyblock, KBNODE signode, u32 *keyid,
 		    && (!tmp.r.sdir.pubkey_algo
 			 || tmp.r.sdir.pubkey_algo == sig->pubkey_algo )) {
 		    if( !(rec.r.sig.sig[i].flag & SIGF_NOPUBKEY) )
-			log_info("uid %08lX.%lu/%02X%02X: "
-				 "has shadow dir %lu but not yet marked.\n",
+			log_info(_("uid %08lX.%lu/%02X%02X: "
+				"has shadow dir %lu but is not yet marked.\n"),
 				(ulong)keyid[1], lid,
 				uidhash[18], uidhash[19], tmp.recnum );
 		    rec.r.sig.sig[i].flag = SIGF_NOPUBKEY;
@ -2491,7 +2537,7 @@ upd_cert_record( KBNODE keyblock, KBNODE signode, u32 *keyid,
 		}
 	    }
 	    else {
-		log_error("sig record %lu[%d] points to wrong record.\n",
+		log_error(_("sig record %lu[%d] points to wrong record.\n"),
 			    rec.r.sig.sig[i].lid, i );
 		die_invalid_db();
 	    }
@ -2733,7 +2779,7 @@ insert_trust_record( PKT_public_key *pk )
    /* get the keyblock which has the key */
    rc = get_keyblock_byfprint( &keyblock, fingerprint, fingerlen );
    if( rc ) { /* that should never happen */
-	log_error( "insert_trust_record: keyblock not found: %s\n",
+	log_error( _("insert_trust_record: keyblock not found: %s\n"),
 							  g10_errstr(rc) );
 	goto leave;
    }
@ -2751,7 +2797,7 @@ insert_trust_record( PKT_public_key *pk )
 	keyid_from_pk( pk, bkid );

 	if( akid[0] != bkid[0] || akid[1] != bkid[1] ) {
-	    log_error("did not use primary key for insert_trust_record()\n");
+	    log_error(_("did not use primary key for insert_trust_record()\n"));
 	    rc = G10ERR_GENERAL;
 	    goto leave;
 	}
@ -2763,7 +2809,7 @@ insert_trust_record( PKT_public_key *pk )
     */
    rc = tdbio_search_sdir( pk->keyid, pk->pubkey_algo, &shadow );
    if( rc && rc != -1 ) {
-	log_error("tdbio_search_dir failed: %s\n", g10_errstr(rc));
+	log_error(_("tdbio_search_dir failed: %s\n"), g10_errstr(rc));
 	die_invalid_db();
    }
    memset( &dirrec, 0, sizeof dirrec );