mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
Merged in my changes, after disk crash. Fortunately the CVS was not
affected - but everything else and it seems that there is no backup of the BTS data is available :-(
This commit is contained in:
parent
6be3bee320
commit
b725d8ec27
2
AUTHORS
2
AUTHORS
@ -6,7 +6,7 @@ Authors
|
||||
|
||||
Birger Langkjer <birger.langkjer@image.dk> Translations [da]
|
||||
|
||||
Daniel Resare <daniel@resare.com> xxxx [sv]
|
||||
Daniel Resare <daniel@resare.com> Translations [sv]
|
||||
|
||||
David Shaw <dshaw@jabberwocky.com> Assignment
|
||||
(all in keyserver/,
|
||||
|
4
NEWS
4
NEWS
@ -1,3 +1,7 @@
|
||||
* The default cipher algorithm for encryption is now CAST5,
|
||||
default default hash algorithm is SHA-1. This will give us
|
||||
better interoperability with other OpenPGP implementations.
|
||||
|
||||
* Symmetric encrypted messages now use a fixed file size if
|
||||
possible. This is a tradeoff: it breaks PGP 5, but fixes PGP 2,
|
||||
6, and 7. Note this was only an issue with RFC-1991 style
|
||||
|
49
TODO
49
TODO
@ -1,9 +1,19 @@
|
||||
* change the maintainer address in faq.raw
|
||||
|
||||
* Do we need a configure test for putenv?
|
||||
|
||||
* Add remarks to the man page about OpenPGP OPTIONAL algorithms and
|
||||
issue warnings when such an algorithm is used (disabled by expert modus?)
|
||||
|
||||
* Return status information even when an imported key is already
|
||||
stored. This is useful for GPGME's detailed info fucntion.
|
||||
|
||||
* Describe some pitfalls when using EGD. Check that ~/.gnupg/entropy
|
||||
really is the default. What about needed permission?
|
||||
|
||||
* Using an expired key for signing should give an error message
|
||||
"expired key"and not "unusable key'. Furthermore the error should
|
||||
also be thrown when the defaultkey has expired. Reported by
|
||||
"expired key" and not "unusable key'. Furthermore the error should
|
||||
also be thrown when the default key has expired. Reported by
|
||||
Eric.VanBuggenhaut@AdValvas.be.
|
||||
|
||||
* pause scrolling help in --edit-key and elsewhere.
|
||||
@ -14,8 +24,6 @@
|
||||
* Selection using +wordlist does not work.
|
||||
What about adding a feature -word to the +wordlist search mode.
|
||||
|
||||
* add listing of notation data
|
||||
|
||||
* Check the changes to the gpg random gatherer on all W32 platforms.
|
||||
|
||||
* Put a note into readme.w32 that there is a man page and a options
|
||||
@ -32,10 +40,6 @@
|
||||
it's end and allow for multiple signature for one message. And
|
||||
add a real grammar to the code in mainproc.c
|
||||
|
||||
* option to set the signature expiration time for key sigs.
|
||||
Rework the way we create signature subpackets - the current code
|
||||
is not easy to understand.
|
||||
|
||||
* Option to warn when a non MDC message is decrypted?
|
||||
|
||||
* If there is no secure memory, allocate more memory for the secure
|
||||
@ -51,20 +55,14 @@
|
||||
|
||||
* Add an is_valid flag to each user ID.
|
||||
|
||||
* Do not create a secring.gpg if it is not needed; I have fixed this
|
||||
sometime ago but it has later reappeared.
|
||||
|
||||
* Check for consistent spelling of user ID, key ID etc.
|
||||
Replace "user id not found" in getkey.c by "no valid user ID found".
|
||||
|
||||
* Replace the printing of the user name by [self-signature] when
|
||||
appropriate so that a key listing does not get clobbered.
|
||||
|
||||
* Using --list-only to check for recipients while decrypting may
|
||||
yield an error about an unknown packet.
|
||||
|
||||
* Check that the way we select cipher and digest algorithms w/o
|
||||
preferences is okay and make AES the default.
|
||||
preferences is okay and make AES the default in some future.
|
||||
|
||||
* Concatenated encryption messages don't work corectly - only the
|
||||
first one is processed.
|
||||
@ -72,27 +70,11 @@
|
||||
* Add option to put the list of recipients (from the encryption
|
||||
layer) into the signatures notation data.
|
||||
|
||||
* Allow to update key signatures. It is also not possible to resign
|
||||
an already revoked key signature.
|
||||
|
||||
* For FreeBSD only: spit out a message that rndcontrol (8) should be
|
||||
used to enable the use of IRQs for entropy gathering.
|
||||
|
||||
* --passphrase-fd can't work with -cs: document this or find a way
|
||||
to work around.
|
||||
|
||||
* With option -i prompt before adding a key to the keyring and show some
|
||||
info what we are about to add.
|
||||
|
||||
* --disable-asm should still assemble _udiv_qrnnd when needed
|
||||
|
||||
* replace the keyserver stuff either by a call to a specialized
|
||||
utility and SOCKSify this utility.
|
||||
[David is working on this]
|
||||
|
||||
* Check the beginning of file to detect already compressed files (gzip,
|
||||
bzip2, xdelta and some picture formats) [Timo has some code for this]
|
||||
|
||||
* Get new assembler stuff from gmp 3.1
|
||||
|
||||
* Use new-format headers for compressed packets.
|
||||
@ -101,8 +83,6 @@
|
||||
* use DEL and ^H for erasing the previous character (util/ttyio.c).
|
||||
or better readline.
|
||||
|
||||
* Print a warning if the directory mode is wrong.
|
||||
|
||||
* preferences of hash algorithms are not yet used.
|
||||
|
||||
* add test cases for invalid data (scrambled armor or other random data)
|
||||
@ -117,9 +97,6 @@
|
||||
verification status of the message to the output (i.e. write something to
|
||||
the --output file and not only to stderr.
|
||||
|
||||
* The user is asked for a revocation reasons even if this one can't
|
||||
be used with v3 keys.
|
||||
|
||||
* keyflags don't distinguish between {certify,signature}-only.
|
||||
|
||||
* Instead of issuing a "signature packet without keyid" gpg should
|
||||
|
@ -1,3 +1,10 @@
|
||||
2002-04-06 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* rijndael.c (rijndael_get_info): We do only support a 128 bit
|
||||
blocksize so it makes sense to change the algorithm strings to
|
||||
AES.
|
||||
* cipher.c (string_to_cipher_algo): Map "RIJNDAEL" to "AES".
|
||||
|
||||
2002-02-14 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* random.c (mix_pool): Removed the failsafe stuff again. It makes
|
||||
|
@ -253,15 +253,29 @@ load_cipher_modules(void)
|
||||
int
|
||||
string_to_cipher_algo( const char *string )
|
||||
{
|
||||
int i;
|
||||
const char *s;
|
||||
int i;
|
||||
const char *s;
|
||||
|
||||
do {
|
||||
for(i=0; (s=cipher_table[i].name); i++ )
|
||||
if( !ascii_strcasecmp( s, string ) )
|
||||
return cipher_table[i].algo;
|
||||
/* kludge to alias RIJNDAEL to AES */
|
||||
if ( *string == 'R' || *string == 'r')
|
||||
{
|
||||
if (!ascii_strcasecmp (string, "RIJNDAEL"))
|
||||
string = "AES";
|
||||
else if (!ascii_strcasecmp (string, "RIJNDAEL192"))
|
||||
string = "AES192";
|
||||
else if (!ascii_strcasecmp (string, "RIJNDAEL256"))
|
||||
string = "AES256";
|
||||
}
|
||||
|
||||
do
|
||||
{
|
||||
for(i=0; (s=cipher_table[i].name); i++ )
|
||||
{
|
||||
if( !ascii_strcasecmp( s, string ) )
|
||||
return cipher_table[i].algo;
|
||||
}
|
||||
} while( load_cipher_modules() );
|
||||
return 0;
|
||||
return 0;
|
||||
}
|
||||
|
||||
/****************
|
||||
|
@ -2151,11 +2151,11 @@ rijndael_get_info (int algo, size_t *keylen,
|
||||
= rijndael_decrypt;
|
||||
|
||||
if( algo == 7 )
|
||||
return "RIJNDAEL";
|
||||
return "AES";
|
||||
if (algo == 8)
|
||||
return "RIJNDAEL192";
|
||||
return "AES192";
|
||||
if (algo == 9)
|
||||
return "RIJNDAEL256";
|
||||
return "AES256";
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
2
doc/FAQ
2
doc/FAQ
@ -4,7 +4,7 @@ GNUPG FREQUENTLY ASKED QUESTIONS
|
||||
|
||||
Version: 1.5.6
|
||||
Last-Modified: Sep 14, 2001
|
||||
Maintained-by: Nils Ellmenreich <nils 'at' gnupg.org>
|
||||
Maintained-by: We are looking for a new maintainer, <faq 'at' gnupg.org>
|
||||
|
||||
|
||||
This is the GnuPG FAQ. The latest HTML version is available
|
||||
|
@ -1538,7 +1538,6 @@ Allow the import and use of keys with user IDs which are not
|
||||
self-signed. This is not recommended, as a non self-signed user ID is
|
||||
trivial to forge.
|
||||
</para></listitem></varlistentry>
|
||||
<varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term>--no-allow-non-selfsigned-uid</term>
|
||||
@ -1546,6 +1545,7 @@ trivial to forge.
|
||||
Reset the --allow-non-selfsigned-uid option.
|
||||
</para></listitem></varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term>--allow-freeform-uid</term>
|
||||
<listitem><para>
|
||||
Disable all checks on the form of the user ID while generating a new
|
||||
|
29
doc/gpg.texi
29
doc/gpg.texi
@ -582,17 +582,20 @@ each time.
|
||||
@item ---keyserver-options @code{parameters}
|
||||
This is a space or comma delimited string that gives options for the
|
||||
keyserver. Options can be prepended with a `no-' to give the opposite
|
||||
meaning. While not all options are available for all keyserver
|
||||
schemes, some common options are:
|
||||
meaning. While not all options are available for all keyserver types,
|
||||
some common options are:
|
||||
|
||||
@table @asis
|
||||
@item include-revoked
|
||||
When receiving or searching for a key, include keys that are marked on
|
||||
the keyserver as revoked.
|
||||
the keyserver as revoked. Note that this option is always set when
|
||||
using the NAI HKP keyserver, as this keyserver does not differentiate
|
||||
between revoked and unrevoked keys.
|
||||
|
||||
@item include-disabled
|
||||
When receiving or searching for a key, include keys that are marked on
|
||||
the keyserver as disabled.
|
||||
the keyserver as disabled. Note that this option is not used with HKP
|
||||
keyservers, as they do not support disabling keys.
|
||||
|
||||
@item use-temp-files
|
||||
On most Unix-like platforms, GnuPG communicates with the keyserver
|
||||
@ -911,7 +914,9 @@ Try to be more RFC1991 (PGP 2.x) compliant.
|
||||
@item ---pgp2
|
||||
Set up all options to be as PGP 2.x compliant as possible, and warn if
|
||||
an action is taken (e.g. encrypting to a non-RSA key) that will create
|
||||
a message that PGP 2.x will not be able to handle.
|
||||
a message that PGP 2.x will not be able to handle. Note that `PGP
|
||||
2.x' here means `MIT PGP 2.6.2'. There are other versions of PGP 2.x
|
||||
available, but the MIT release is a good common baseline.
|
||||
|
||||
This option implies `---rfc1991 --no-openpgp --no-force-v4-certs
|
||||
---no-comment --escape-from --no-force-v3-sigs --cipher-algo IDEA
|
||||
@ -949,16 +954,14 @@ Reset the ---force-v4-certs option.
|
||||
Force the use of encryption with appended manipulation
|
||||
code. This is always used with the newer ciphers (those
|
||||
with a blocksize greater than 64 bit).
|
||||
This option might not be implemented yet.
|
||||
|
||||
@item ---allow-non-selfsigned-uid
|
||||
Allow the import of keys with user IDs which are not self-signed, but
|
||||
have at least one signature.
|
||||
This only allows the import - key validation will fail and you
|
||||
have to check the validity of the key by other means. This hack is
|
||||
needed for some German keys generated with pgp 2.6.3in. You should really
|
||||
avoid using it, because OpenPGP has better mechanics to do separate signing
|
||||
and encryption keys.
|
||||
Allow the import and use of keys with user IDs which are not
|
||||
self-signed. This is not recommended, as a non self-signed user ID is
|
||||
trivial to forge.
|
||||
|
||||
@item ---no-allow-non-selfsigned-uid
|
||||
Reset the ---allow-non-selfsigned-uid option.
|
||||
|
||||
@item ---allow-freeform-uid
|
||||
Disable all checks on the form of the user ID while generating a new
|
||||
|
@ -1,3 +1,43 @@
|
||||
2002-04-06 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* keyring.c (keyring_get_keyblock): Disable the keylist mode here.
|
||||
|
||||
* encode.c (encode_simple, encode_crypt): Only test on compressed
|
||||
files if a compress level was not explicity set.
|
||||
|
||||
* keygen.c (keygen_set_std_prefs): Removed Blowfish and Twofish
|
||||
from the list of default preferences, swapped the preferences of
|
||||
RMD160 and SHA1. Don't include a preference to 3DES unless the
|
||||
IDEA kludge gets used.
|
||||
|
||||
* free-packet.c (free_packet): call free_encrypted also for
|
||||
PKT_ENCRYPTED_MDC.
|
||||
|
||||
* compress.c (release_context): New.
|
||||
(handle_compressed): Allocate the context and setup a closure to
|
||||
release the context. This is required because there is no
|
||||
guarabntee that the filter gets popped from the chain at the end
|
||||
of the function. Problem noted by Timo and probably also the
|
||||
cause for a couple of other reports.
|
||||
(compress_filter): Use the release function if set.
|
||||
|
||||
* tdbio.c [__CYGWIN32__]: Don't rename ftruncate. Noted by
|
||||
Disastry.
|
||||
|
||||
* parse-packet.c (parse_signature): Put parens around a bit test.
|
||||
|
||||
* exec.c (make_tempdir): Double backslash for TMP directory
|
||||
creation under Windows. Better strlen the DIRSEP_S constants for
|
||||
allocation measurements.
|
||||
|
||||
* decrypt.c (decrypt_messages): Release the passphrase aquired
|
||||
by get_last_passphrase.
|
||||
|
||||
2002-04-02 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* Makefile.am (EXTRA_DIST): Removed OPTIONS an pubring.asc - they
|
||||
are no longer of any use.
|
||||
|
||||
2002-04-03 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* keyserver.c (parse_keyserver_options): fix auto-key-retrieve to
|
||||
@ -37,6 +77,16 @@
|
||||
|
||||
* hkp.c (write_quoted): quote backslashes from keyserver searches
|
||||
|
||||
2002-03-26 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* keygen.c (ask_keysize): Removed the warning for key sizes > 1536.
|
||||
|
||||
2002-03-25 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* keyedit.c (sign_uids): Use 2 strings and not a %s so that
|
||||
translations can be done the right way.
|
||||
* helptext.c: Fixed small typo.
|
||||
|
||||
2002-03-23 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* import.c (append_uid, merge_sigs): it is okay to import
|
||||
@ -95,6 +145,10 @@
|
||||
* sign.c (clearsign_file): Allow --not-dash-escaped to work with
|
||||
v3 keys.
|
||||
|
||||
2002-03-14 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* main.h: Changed the default algorithms to CAST5 and SHA1.
|
||||
|
||||
2002-03-13 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* import.c (chk_self_sigs): Show which user ID a bad self-sig
|
||||
|
@ -19,7 +19,7 @@
|
||||
## Process this file with automake to produce Makefile.in
|
||||
|
||||
INCLUDES = -I.. -I$(top_srcdir)/include -I$(top_srcdir)/intl
|
||||
EXTRA_DIST = OPTIONS pubring.asc options.skel
|
||||
EXTRA_DIST = options.skel
|
||||
# it seems that we can't use this with automake 1.5
|
||||
#OMIT_DEPENDENCIES = zlib.h zconf.h
|
||||
LDFLAGS = @LDFLAGS@ @DYNLINK_LDFLAGS@
|
||||
|
@ -266,12 +266,21 @@ compress_filter( void *opaque, int control,
|
||||
zfx->opaque = NULL;
|
||||
m_free(zfx->outbuf); zfx->outbuf = NULL;
|
||||
}
|
||||
if (zfx->release)
|
||||
zfx->release (zfx);
|
||||
}
|
||||
else if( control == IOBUFCTRL_DESC )
|
||||
*(char**)buf = "compress_filter";
|
||||
return rc;
|
||||
}
|
||||
|
||||
|
||||
static void
|
||||
release_context (compress_filter_context_t *ctx)
|
||||
{
|
||||
m_free (ctx);
|
||||
}
|
||||
|
||||
/****************
|
||||
* Handle a compressed packet
|
||||
*/
|
||||
@ -279,26 +288,19 @@ int
|
||||
handle_compressed( void *procctx, PKT_compressed *cd,
|
||||
int (*callback)(IOBUF, void *), void *passthru )
|
||||
{
|
||||
compress_filter_context_t cfx;
|
||||
compress_filter_context_t *cfx;
|
||||
int rc;
|
||||
|
||||
memset( &cfx, 0, sizeof cfx );
|
||||
if( cd->algorithm < 1 || cd->algorithm > 2 )
|
||||
return G10ERR_COMPR_ALGO;
|
||||
cfx.algo = cd->algorithm;
|
||||
|
||||
iobuf_push_filter( cd->buf, compress_filter, &cfx );
|
||||
cfx = m_alloc_clear (sizeof *cfx);
|
||||
cfx->algo = cd->algorithm;
|
||||
cfx->release = release_context;
|
||||
iobuf_push_filter( cd->buf, compress_filter, cfx );
|
||||
if( callback )
|
||||
rc = callback(cd->buf, passthru );
|
||||
else
|
||||
rc = proc_packets(procctx, cd->buf);
|
||||
#if 0
|
||||
iobuf_pop_filter( cd->buf, compress_filter, &cfx );
|
||||
if( cd->len )
|
||||
iobuf_set_limit( cd->buf, 0 ); /* disable the readlimit */
|
||||
else
|
||||
iobuf_clear_eof( cd->buf );
|
||||
#endif
|
||||
cd->buf = NULL;
|
||||
return rc;
|
||||
}
|
||||
|
@ -121,6 +121,7 @@ decrypt_messages(int nfiles, char **files)
|
||||
g10_errstr(rc));
|
||||
p = get_last_passphrase();
|
||||
set_next_passphrase(p);
|
||||
m_free (p);
|
||||
files++;
|
||||
m_free(output);
|
||||
write_status( STATUS_FILE_DONE );
|
||||
|
@ -86,7 +86,7 @@ encode_simple( const char *filename, int mode )
|
||||
memset( &tfx, 0, sizeof tfx);
|
||||
init_packet(&pkt);
|
||||
|
||||
if (is_file_compressed(filename, &rc))
|
||||
if (opt.compress == -1 && is_file_compressed(filename, &rc))
|
||||
{
|
||||
if (opt.verbose)
|
||||
log_info(_("`%s' already compressed\n"), filename);
|
||||
@ -290,7 +290,7 @@ encode_crypt( const char *filename, STRLIST remusr )
|
||||
}
|
||||
}
|
||||
|
||||
if (is_file_compressed(filename, &rc2))
|
||||
if (opt.compress == -1 && is_file_compressed(filename, &rc2))
|
||||
{
|
||||
if (opt.verbose)
|
||||
log_info(_("`%s' already compressed\n"), filename);
|
||||
|
@ -149,6 +149,7 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
|
||||
/*log_hexdump("MDC message :", dfx.defer, 20);*/
|
||||
}
|
||||
|
||||
|
||||
leave:
|
||||
cipher_close(dfx.cipher_hd);
|
||||
md_close( dfx.mdc_hash );
|
||||
|
10
g10/exec.c
10
g10/exec.c
@ -64,7 +64,7 @@ static int make_tempdir(struct exec_info *info)
|
||||
#elif defined (__MINGW32__) || defined (__CYGWIN32__)
|
||||
tmp=m_alloc(256);
|
||||
if(GetTempPath(256,tmp)==0)
|
||||
strcpy(tmp,"c:\temp");
|
||||
strcpy(tmp,"c:\\temp");
|
||||
else
|
||||
{
|
||||
int len=strlen(tmp);
|
||||
@ -83,7 +83,7 @@ static int make_tempdir(struct exec_info *info)
|
||||
}
|
||||
}
|
||||
|
||||
info->tempdir=m_alloc(strlen(tmp)+1+10+1);
|
||||
info->tempdir=m_alloc(strlen(tmp)+strlen(DIRSEP_S)+10+1);
|
||||
|
||||
sprintf(info->tempdir,"%s" DIRSEP_S "gpg-XXXXXX",tmp);
|
||||
|
||||
@ -98,13 +98,15 @@ static int make_tempdir(struct exec_info *info)
|
||||
{
|
||||
info->madedir=1;
|
||||
|
||||
info->tempfile_in=m_alloc(strlen(info->tempdir)+1+10+1);
|
||||
info->tempfile_in=m_alloc(strlen(info->tempdir)
|
||||
+strlen(DIRSEP_S)+6+strlen(EXTSEP_S)+3+1);
|
||||
sprintf(info->tempfile_in,"%s" DIRSEP_S "datain" EXTSEP_S "%s",
|
||||
info->tempdir,info->binary?"bin":"txt");
|
||||
|
||||
if(!info->writeonly)
|
||||
{
|
||||
info->tempfile_out=m_alloc(strlen(info->tempdir)+1+11+1);
|
||||
info->tempfile_out=m_alloc(strlen(info->tempdir)
|
||||
+strlen(DIRSEP_S)+7+strlen(EXTSEP_S)+3+1);
|
||||
sprintf(info->tempfile_out,"%s" DIRSEP_S "dataout" EXTSEP_S "%s",
|
||||
info->tempdir,info->binary?"bin":"txt");
|
||||
}
|
||||
|
@ -68,7 +68,7 @@ struct unarmor_pump_s;
|
||||
typedef struct unarmor_pump_s *UnarmorPump;
|
||||
|
||||
|
||||
typedef struct {
|
||||
struct compress_filter_context_s {
|
||||
int status;
|
||||
void *opaque; /* (used for z_stream) */
|
||||
byte *inbuf;
|
||||
@ -77,7 +77,9 @@ typedef struct {
|
||||
unsigned outbufsize;
|
||||
int algo; /* compress algo */
|
||||
int algo1hack;
|
||||
} compress_filter_context_t;
|
||||
void (*release)(struct compress_filter_context_s*);
|
||||
};
|
||||
typedef struct compress_filter_context_s compress_filter_context_t;
|
||||
|
||||
|
||||
typedef struct {
|
||||
|
@ -390,6 +390,7 @@ free_packet( PACKET *pkt )
|
||||
free_compressed( pkt->pkt.compressed);
|
||||
break;
|
||||
case PKT_ENCRYPTED:
|
||||
case PKT_ENCRYPTED_MDC:
|
||||
free_encrypted( pkt->pkt.encrypted );
|
||||
break;
|
||||
case PKT_PLAINTEXT:
|
||||
|
10
g10/g10.c
10
g10/g10.c
@ -832,7 +832,7 @@ main( int argc, char **argv )
|
||||
#endif
|
||||
}
|
||||
|
||||
#ifdef HAVE_DOSISH_SYSTEM
|
||||
#ifdef HAVE_DOSISH_SYSTEM
|
||||
if ( strchr (opt.homedir,'\\') ) {
|
||||
char *d, *buf = m_alloc (strlen (opt.homedir)+1);
|
||||
const char *s = opt.homedir;
|
||||
@ -841,13 +841,13 @@ main( int argc, char **argv )
|
||||
*d = 0;
|
||||
opt.homedir = buf;
|
||||
}
|
||||
#endif
|
||||
#undef USE_SHM_COPROCESSING
|
||||
#ifdef USE_SHM_COPROCESSING
|
||||
#endif
|
||||
#undef USE_SHM_COPROCESSING /* huh? */
|
||||
#ifdef USE_SHM_COPROCESSING
|
||||
if( opt.shm_coprocess ) {
|
||||
init_shm_coprocessing(requested_shm_size, 1 );
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
/* initialize the secure memory. */
|
||||
secmem_init( 16384 );
|
||||
maybe_setuid = 0;
|
||||
|
@ -230,7 +230,7 @@ static struct helptexts { const char *key; const char *help; } helptexts[] = {
|
||||
{ "keyedit.updpref.okay", N_(
|
||||
"Change the preferences of all user IDs (or just of the selected ones)\n"
|
||||
"to the current list of preferences. The timestamp of all affected\n"
|
||||
"self-signatures fill be advanced by one second.\n"
|
||||
"self-signatures will be advanced by one second.\n"
|
||||
)},
|
||||
|
||||
|
||||
|
@ -371,10 +371,19 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
|
||||
|
||||
/* Fixme: see whether there is a revocation in which
|
||||
* case we should allow to sign it again. */
|
||||
tty_printf(_("\"%s\" was already %ssigned by key %08lX\n"),
|
||||
uidnode->pkt->pkt.user_id->name,
|
||||
(!node->pkt->pkt.signature->flags.exportable &&
|
||||
local)?"locally ":"",(ulong)sk_keyid[1] );
|
||||
/* Note: I kept the %s and the empty string in the
|
||||
else branch so that not too many translations
|
||||
get broken. */
|
||||
if (!node->pkt->pkt.signature->flags.exportable && local)
|
||||
tty_printf(_(
|
||||
"\"%s\" was already locally signed by key %08lX\n"),
|
||||
uidnode->pkt->pkt.user_id->name,
|
||||
(ulong)sk_keyid[1] );
|
||||
else
|
||||
tty_printf(_(
|
||||
"\"%s\" was already %ssigned by key %08lX\n"),
|
||||
uidnode->pkt->pkt.user_id->name,
|
||||
"",(ulong)sk_keyid[1] );
|
||||
sprintf (buf, "%08lX%08lX",
|
||||
(ulong)sk->keyid[0], (ulong)sk->keyid[1] );
|
||||
write_status_text (STATUS_ALREADY_SIGNED, buf);
|
||||
|
10
g10/keygen.c
10
g10/keygen.c
@ -219,9 +219,9 @@ keygen_set_std_prefs (const char *string)
|
||||
|
||||
if (!string || !ascii_strcasecmp (string, "default")) {
|
||||
if ( !check_cipher_algo(CIPHER_ALGO_IDEA) )
|
||||
string = "S7 S10 S3 S4 S2 S1 H3 H2 Z2 Z1";
|
||||
string = "S7 S3 S2 S1 H2 H3 Z2 Z1";
|
||||
else
|
||||
string = "S7 S10 S3 S4 S2 H3 H2 Z2 Z1";
|
||||
string = "S7 S3 H2 H3 Z2 Z1";
|
||||
|
||||
/* If we have it, IDEA goes *after* 3DES so it won't be used
|
||||
unless we're encrypting along with a V3 key. Ideally, we
|
||||
@ -348,6 +348,7 @@ keygen_upd_std_prefs( PKT_signature *sig, void *opaque )
|
||||
/****************
|
||||
* Add preference to the self signature packet.
|
||||
* This is only called for packets with version > 3.
|
||||
|
||||
*/
|
||||
int
|
||||
keygen_add_std_prefs( PKT_signature *sig, void *opaque )
|
||||
@ -865,11 +866,6 @@ ask_keysize( int algo )
|
||||
break;
|
||||
}
|
||||
}
|
||||
else if( nbits > 1536 && !cpr_enabled() && algo != PUBKEY_ALGO_RSA ) {
|
||||
if( cpr_get_answer_is_yes("keygen.size.large.okay",_(
|
||||
"Do you really need such a large keysize? ")) )
|
||||
break;
|
||||
}
|
||||
else
|
||||
break;
|
||||
}
|
||||
|
@ -354,6 +354,7 @@ keyring_get_keyblock (KEYRING_HANDLE hd, KBNODE *ret_kb)
|
||||
int in_cert = 0;
|
||||
int pk_no = 0;
|
||||
int uid_no = 0;
|
||||
int save_mode;
|
||||
|
||||
if (ret_kb)
|
||||
*ret_kb = NULL;
|
||||
@ -377,6 +378,7 @@ keyring_get_keyblock (KEYRING_HANDLE hd, KBNODE *ret_kb)
|
||||
init_packet (pkt);
|
||||
hd->found.n_packets = 0;;
|
||||
lastnode = NULL;
|
||||
save_mode = set_packet_list_mode(0);
|
||||
while ((rc=parse_packet (a, pkt)) != -1) {
|
||||
hd->found.n_packets++;
|
||||
if (rc == G10ERR_UNKNOWN_PACKET) {
|
||||
@ -444,6 +446,7 @@ keyring_get_keyblock (KEYRING_HANDLE hd, KBNODE *ret_kb)
|
||||
pkt = m_alloc (sizeof *pkt);
|
||||
init_packet(pkt);
|
||||
}
|
||||
set_packet_list_mode(save_mode);
|
||||
|
||||
if (rc == -1 && keyblock)
|
||||
rc = 0; /* got the entire keyblock */
|
||||
|
@ -25,9 +25,9 @@
|
||||
#include "cipher.h"
|
||||
#include "keydb.h"
|
||||
|
||||
#define DEFAULT_CIPHER_ALGO CIPHER_ALGO_BLOWFISH
|
||||
#define DEFAULT_CIPHER_ALGO CIPHER_ALGO_CAST5
|
||||
#define DEFAULT_PUBKEY_ALGO PUBKEY_ALGO_ELGAMAL
|
||||
#define DEFAULT_DIGEST_ALGO DIGEST_ALGO_RMD160
|
||||
#define DEFAULT_DIGEST_ALGO DIGEST_ALGO_SHA1
|
||||
|
||||
|
||||
typedef struct {
|
||||
|
@ -96,7 +96,7 @@ lock-once
|
||||
# support).
|
||||
#
|
||||
# Example HKP keyserver:
|
||||
# x-hkp://wwwkeys.nl.pgp.net
|
||||
# x-hkp://keyserver.cryptnet.net
|
||||
#
|
||||
# Example email keyserver:
|
||||
# mailto:pgp-public-keys@keys.nl.pgp.net
|
||||
@ -118,9 +118,9 @@ lock-once
|
||||
# Most servers do synchronize with each other and DNS round-robin may
|
||||
# give you a quasi-random server each time.
|
||||
|
||||
#keyserver x-hkp://keyserver.cryptnet.net
|
||||
#keyserver mailto:pgp-public-keys@keys.nl.pgp.net
|
||||
#keyserver ldap://keyserver.pgp.com
|
||||
#keyserver x-hkp://wwwkeys.nl.pgp.net
|
||||
|
||||
# Options for keyserver functions
|
||||
#
|
||||
|
@ -1254,7 +1254,7 @@ parse_signature( IOBUF inp, int pkttype, unsigned long pktlen,
|
||||
if(p && *p==0)
|
||||
sig->flags.exportable=0;
|
||||
|
||||
/* Find all revokation keys. Back to hashed area only. */
|
||||
/* Find all revocation keys. Back to hashed area only. */
|
||||
if(sig->sig_class==0x1F)
|
||||
{
|
||||
struct revocation_key *revkey;
|
||||
@ -1267,7 +1267,7 @@ parse_signature( IOBUF inp, int pkttype, unsigned long pktlen,
|
||||
&len,&seq)))
|
||||
{
|
||||
if(len==sizeof(struct revocation_key) &&
|
||||
revkey->class&0x80) /* 0x80 bit must be set */
|
||||
(revkey->class&0x80)) /* 0x80 bit must be set */
|
||||
{
|
||||
sig->revkey=m_realloc(sig->revkey,
|
||||
sizeof(struct revocation_key *)*(sig->numrevkeys+1));
|
||||
|
@ -39,7 +39,7 @@
|
||||
#include "trustdb.h"
|
||||
#include "tdbio.h"
|
||||
|
||||
#ifdef HAVE_DOSISH_SYSTEM
|
||||
#if defined(HAVE_DOSISH_SYSTEM) && !defined(__CYGWIN32__)
|
||||
#define ftruncate chsize
|
||||
#endif
|
||||
|
||||
|
12
po/ChangeLog
12
po/ChangeLog
@ -1,3 +1,15 @@
|
||||
2002-04-06 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* fr.po: Updated.
|
||||
|
||||
2002-04-02 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* de.po, de.glo: Updated.
|
||||
|
||||
2002-03-08 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* et.po: Updated.
|
||||
|
||||
2002-03-06 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* pt_PT.po: Removed.
|
||||
|
62
po/de.glo
62
po/de.glo
@ -1,6 +1,6 @@
|
||||
# Glossary for GnuPG german translation
|
||||
# Zusammenstellung der Liste:
|
||||
# Copyright (C) 1998, 1999, 2000, 20001 Free Software Foundation, Inc.
|
||||
# Copyright (C) 1998 Free Software Foundation, Inc.
|
||||
# Walter Koch <koch@hsp.de>, 1998.
|
||||
#
|
||||
# This is just a textfile for your information.
|
||||
@ -18,15 +18,16 @@
|
||||
# 5. (*) Uneinheitlich verwendet
|
||||
# 6. - Gefällt mir (Walter Koch) nicht so toll
|
||||
# 7. Die erste genannte Übersetzung ist die in de.po verwendete
|
||||
# 8. # - Wurde in früherere de.po-Version verwendet
|
||||
|
||||
|
||||
|
||||
Agent Agent
|
||||
agent Agent
|
||||
aka alias
|
||||
algorithm Verfahren
|
||||
anonymous ungenannter
|
||||
argument > Argument
|
||||
armor ASCII-Hülle
|
||||
assigned zugewiesen
|
||||
associate with a person <einer Person zuordnen
|
||||
authentication Authentisierung
|
||||
available vorhanden [besser?: verfügbar, greifbar?]
|
||||
@ -34,7 +35,7 @@ bad [MPI] fehlerhafte MPI
|
||||
bad [signature] falsch[e] Unterschrift
|
||||
break (the encryption) <(Die Verschlüsselung) aufbrechen
|
||||
bug "Bug (Programmfehler)"
|
||||
cache Lager *Zwischenspeicher
|
||||
cache Cache, -#Lager *Zwischenspeicher
|
||||
can't read nicht lesbar
|
||||
cancelled Abbruch, abgebrochen
|
||||
casual >zufällig, >gelegentlich >unregelmäßig
|
||||
@ -45,11 +46,13 @@ check (verb) pr
|
||||
checking [sth.] [sth-]-Überprüfung
|
||||
checksum Prüfsumme
|
||||
cipher algorithm Verschlüsselungsverfahren
|
||||
clearsign
|
||||
clearsig header Klartextsignatur-Einleitung
|
||||
created erzeugt
|
||||
command Befehl
|
||||
comment Bemerkung
|
||||
compress algorithm Komprimierverfahren,*Komprimierungsverfahren ?
|
||||
compressed komprimiert
|
||||
compromised nicht mehr sicher
|
||||
core dump core-dump-Datei
|
||||
, (Speicherauszug?)
|
||||
@ -61,18 +64,23 @@ created erstellt
|
||||
creation <Erzeugung
|
||||
critical bit ???
|
||||
dash escaped mit Bindestrich \"escapte\", *m.Bindestrichen maskiert?
|
||||
decryption Enschlüsselung
|
||||
decryption Entschlüsselung
|
||||
default option <Standardoption
|
||||
default option file --voreingestellte Optionendatei
|
||||
DEK ???
|
||||
delete entfernen, *>löschen
|
||||
depend on >sich verlassen auf,>angewiesen sein auf,>abhängen von
|
||||
depreciated - taugt nicht mehr viel
|
||||
detached [sign] abgetrennte [Unterschrift]
|
||||
determined attacker >zielbewusster,>entschlossener Angreifer
|
||||
digest algorithm Hashmethode
|
||||
direct [key sig] -"direct key"
|
||||
disabled abgeschaltet
|
||||
duplicated (adj.) doppelt
|
||||
encrypted verschlüsselte
|
||||
enviorement variable Umgebungsvariable
|
||||
eventually >schließlich, endlich Nicht: eventuell
|
||||
expand
|
||||
expiration date <Verfalldatum
|
||||
expire <verfallen
|
||||
expires verfällt
|
||||
@ -81,12 +89,15 @@ failed fehlgeschlagen
|
||||
faked [RNG] - *manipulierter Zufallszahlengenerator
|
||||
faked [certificate] gefälscht
|
||||
fingerprint Fingerabdruck
|
||||
flag [verb] -kennzeichnen
|
||||
found [xyz found] entdeckt [xyz entdeckt]
|
||||
for-your-eyes-only Vertraulichkeit (\"for-your-eyes-only\")
|
||||
, Verschlußsache
|
||||
generated erzeugter
|
||||
good certificate Korrektes Zertifikat
|
||||
handle benutzt
|
||||
handle [verb] benutzen, behandeln, mit ... umgehen
|
||||
hint Tip
|
||||
human readable -nicht als Klartext darstellbar
|
||||
ignored unbeachtet
|
||||
include <enthalten
|
||||
init *initialisieren
|
||||
@ -97,10 +108,12 @@ key-ID Schl
|
||||
|
||||
key binding Schlüsselanbindung
|
||||
keyblock Schlüsselblock
|
||||
keyserver Schlüsselserver, -*Schlüssel-Server
|
||||
keyserver Schlüsselserver, Schlü.server, -*Schlüssel-Server
|
||||
keysize
|
||||
keyring Schlüsselbund
|
||||
lifetime >Gültigkeitsdauer, >Geltungsdauer
|
||||
listed
|
||||
locally (nur) für diesen Rechner, #(nur) auf diesem Rechner
|
||||
lookup - Suche
|
||||
machine häufig: Computer, Rechner
|
||||
main key Hauptschlüssel
|
||||
@ -115,17 +128,26 @@ merge (to) >zusammenf
|
||||
message Botschaft
|
||||
mode Modus, Methode *
|
||||
move schieben, *verschieben
|
||||
multiple signature Mehrfachunterschriften
|
||||
NAI
|
||||
network error Netzwerkfehler
|
||||
non-revocably nicht-widerrufbar, unwiderruflich??
|
||||
note Hinweis
|
||||
okay in Ordnung
|
||||
Ooops Huch
|
||||
OpenPGP
|
||||
original Ursprünglicher
|
||||
option Option
|
||||
original ursprünglicher
|
||||
overrides -ersetzt
|
||||
ownertrust \"Owner trust\" *Vertrauenswürdigkeit des Besitzers
|
||||
packet Paket
|
||||
packet type Pakettyp
|
||||
parse -zerlegen
|
||||
passphrase Mantra
|
||||
permission [file] Zugriffsrechte
|
||||
Photo-ID Foto-ID
|
||||
policy Richtlinie
|
||||
policy URL Richtlinien-URL
|
||||
preference items ????
|
||||
preferences Einstellungen *(die gesamten) Einstellungen
|
||||
preferred bevorzugt
|
||||
@ -134,14 +156,15 @@ problem [to do sth.] -Schwierigkeit
|
||||
prompt (to) auch: >abfragen, >anfordern, >verlangen
|
||||
protected
|
||||
protection algorithm Schutzverfahren
|
||||
pubkey algorithm Public-Key Verfahren (*)
|
||||
pubkey algorithm Public-Key-Verfahren
|
||||
public key öffentlicher Schüssel
|
||||
public key algorithm Public-Key Verfahren *Public-Key-Verfahren
|
||||
public key algorithm Public-Key-Verfahren
|
||||
quit *(Programm) verlassen, beenden
|
||||
radix64 radix64
|
||||
random Zufall
|
||||
random bytes Zufallswerte
|
||||
reason Grund (für revocation)
|
||||
[xyz] rebuild [xyz]-Neuaufbau, neu erzeugt
|
||||
regular file normale Datei
|
||||
response Antwort (Reaktion?)
|
||||
retry ???? (Wiederholung?, Wiederaufnahme?)
|
||||
@ -150,14 +173,19 @@ reveal auch: <jemandem zeigen, >anderen zeigen
|
||||
revocation Widerruf <*>Rückruf
|
||||
revocation certificate *<Rückrufurkunde *Rückruf-Zertifikat
|
||||
revoke widerrufen
|
||||
revocably widerrufbar
|
||||
RNG Zufallsgenerator
|
||||
secondary key Zweitschlüssel
|
||||
secret key geheimer Schlüssel
|
||||
secret keyring geheimer Schlüsselbund, geh. Schlüsselbund
|
||||
secret parts geheime Teile
|
||||
security need(s) >Sicherheitsbedüfnis(se), >Sicherheitsbedarf
|
||||
self-signature Eigenbeglaubigung
|
||||
sender Absender
|
||||
sensitive - empfindlich
|
||||
set [sth.] einstellen, festlegen
|
||||
session Sitzung
|
||||
show [an]zeigen, zeigen
|
||||
sign user id User-ID beglaubigen *
|
||||
signed unterschriebene
|
||||
signature (files) Unterschrift *
|
||||
@ -167,6 +195,8 @@ skipped
|
||||
so far bislang
|
||||
specify >spezifizieren, <angeben, ?festlegen
|
||||
stdin - stdin, *die Standardeingabe
|
||||
string Zeichenkette
|
||||
[PGP2-]style[ key] [PGP2-] artiger [Schlüssel]
|
||||
subkey Unterschlüssel
|
||||
superseeded überholt, veraltet
|
||||
terminal charset - Terminalzeichensatz *Terminal-Zeichensatz(s.o.)
|
||||
@ -178,21 +208,31 @@ trusted - vertrauensw
|
||||
trustvalues - trustvalues >Vertrauensniveaus?? *Vertrauensmaß? >Vertrauenswerte?
|
||||
trying Versuch
|
||||
type [message] [Botschaft] eintippen
|
||||
ulimately [trust] uneingeschränktes [Vertrauen]
|
||||
ulimately [trust] uneingeschränkt [vertrauen]
|
||||
ultimate trust uneingeschränktes Vertrauen
|
||||
unable
|
||||
unattended unbeaufsichtigt
|
||||
unavailble
|
||||
untrusted - nichtvertrauenswürdig, *nicht vertrauenswürdig
|
||||
unusable unbrauchbar
|
||||
update Ändern, Änderung >Aktualisieren, >Aktualisierung *auf den
|
||||
URL (die) URL
|
||||
[the] use [of]
|
||||
User - User, *<Benutzer, *Teilnehmer
|
||||
user ID User-ID
|
||||
user IDs User-IDs
|
||||
user interface >Benutzer-Schnittstelle
|
||||
username Username, *<Benutzername,
|
||||
used benutzt (no loger used)
|
||||
using xyz verwende xyz
|
||||
valid gültig
|
||||
validate -- authentifizieren (>besser authentisieren ?? So im
|
||||
Wörterbuch der neuen Rechtschreibung)
|
||||
validation -- >Authentisierung
|
||||
verbose ausführlich
|
||||
verify < überprüfen
|
||||
warning Warnung
|
||||
weak key unsicherer Schlüssel
|
||||
writeable schreibbarer
|
||||
wisely >klug, vernünftig(erweise), >gescheit; möglichst sinnvoll
|
||||
|
||||
|
813
po/es_ES.po
813
po/es_ES.po
File diff suppressed because it is too large
Load Diff
813
po/pt_BR.po
813
po/pt_BR.po
File diff suppressed because it is too large
Load Diff
@ -17,11 +17,13 @@ if [ "$1" = "--dry-run" ]; then
|
||||
shift
|
||||
fi
|
||||
|
||||
if [ -z "$1" -o -z "$2" ]; then
|
||||
echo "usage: mail-signed-keys keyring signedby" >&2
|
||||
if [ -z "$1" -o -z "$2" -o -z "$3" ]; then
|
||||
echo "usage: mail-signed-keys keyring signedby signame" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
signame="$3"
|
||||
|
||||
if [ ! -f $1 ]; then
|
||||
echo "mail-signed-keys: '$1': no such file" >&2
|
||||
exit 1
|
||||
@ -30,7 +32,7 @@ fi
|
||||
[ -f '.#tdb.tmp' ] && rm '.#tdb.tmp'
|
||||
ro="--homedir . --no-options --trustdb-name=./.#tdb.tmp --dry-run --lock-never --no-default-keyring --keyring $1"
|
||||
|
||||
signedby=`gpg $ro --fast-list-mode --list-keys --with-colons $2 \
|
||||
signedby=`gpg $ro --list-keys --with-colons $2 \
|
||||
2>/dev/null | awk -F: '$1=="pub" {print $5; exit 0}'`
|
||||
|
||||
if [ -z "$signedby" ]; then
|
||||
@ -46,7 +48,8 @@ if [ "$dryrun" = "0" ]; then
|
||||
fi
|
||||
|
||||
gpg $ro --check-sigs --with-colons 2>/dev/null \
|
||||
| awk -F: -v signedby="$signedby" -v gpgopt="$ro" -v dryrun="$dryrun" '
|
||||
| awk -F: -v signedby="$signedby" -v gpgopt="$ro" \
|
||||
-v dryrun="$dryrun" -v signame="$signame" '
|
||||
BEGIN { sendmail="/usr/lib/sendmail -oi -t " }
|
||||
$1 == "pub" { nextkid=$5; nextuid=$10
|
||||
if( uidcount > 0 ) { myflush() }
|
||||
@ -78,9 +81,10 @@ function myflush()
|
||||
print "Hi," | sendmail
|
||||
print "" | sendmail
|
||||
print "Here you get back the signed key." | sendmail
|
||||
print "Please send it yourself to a keyserver." | sendmail
|
||||
print "" | sendmail
|
||||
print "ciao," | sendmail
|
||||
print " your Key Signator" | sendmail
|
||||
print "Peace," | sendmail
|
||||
print " " signame | sendmail
|
||||
print "" | sendmail
|
||||
cmd = "gpg " gpgopt " --export -a " kid " 2>/dev/null"
|
||||
while( (cmd | getline) > 0 ) {
|
||||
|
@ -1,9 +1,17 @@
|
||||
2002-04-08 Werner Koch <wk@gnupg.org>
|
||||
|
||||
Fixed filename of last entry.
|
||||
|
||||
2002-03-29 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* strgutil.c (print_string, utf8_to_native): If a delimiter is
|
||||
* miscutil.c (print_string, utf8_to_native): If a delimiter is
|
||||
used, then quote the backslash character as well. Problem noted
|
||||
by Rainer Perske.
|
||||
|
||||
2002-03-15 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* argparse.c (optfile_parse): Fixed missing argument handling.
|
||||
|
||||
2002-02-28 Timo Schulz <ts@winpt.org>
|
||||
|
||||
* http.c (write_server): Convert integer to a HANDLE for W32.
|
||||
|
@ -273,10 +273,12 @@ optfile_parse( FILE *fp, const char *filename, unsigned *lineno,
|
||||
arg->r_opt = -arg->r_opt;
|
||||
if( !opts[idx].short_opt ) /* unknown command/option */
|
||||
arg->r_opt = (opts[idx].flags & 256)? -7:-2;
|
||||
else if( (opts[idx].flags & 8) ) /* no argument */
|
||||
arg->r_opt = -3; /* error */
|
||||
else /* no or optional argument */
|
||||
else if( !(opts[idx].flags & 7) ) /* does not take an arg */
|
||||
arg->r_type = 0; /* okay */
|
||||
else if( (opts[idx].flags & 8) ) /* argument is optional */
|
||||
arg->r_type = 0; /* okay */
|
||||
else /* required argument */
|
||||
arg->r_opt = -3; /* error */
|
||||
break;
|
||||
}
|
||||
else if( state == 3 ) { /* no argument found */
|
||||
|
Loading…
x
Reference in New Issue
Block a user