Add dummu option --passwd for gpg.

Collected changes.
2010-01-08 19:18:49 +00:00 · 2010-01-08 19:18:49 +00:00 · be45bf3d54
parent 5f4595a529
commit be45bf3d54
26 changed files with 248 additions and 71 deletions
--- a/README.maint
+++ b/README.maint
@ -26,7 +26,7 @@ Release process:
  * Run "make -C po update-po".
  * Write NEWS entries and set the release date in NEWS.
  * In configure.ac set "my_issvn" to "no".
-  * Put a "Released <version>" line into the top level ChangeLog.
+  * Put a "Release <version>" line into the top level ChangeLog.
  * Commit all changes to the SVN.
  * Update the SVN then (to sync the release number of all files).
  * Run "./autogen.sh --force"
--- a/agent/ChangeLog
+++ b/agent/ChangeLog
@ -1,3 +1,7 @@
 2009-12-21  Werner Koch  <wk@g10code.com>
 	* command.c (cmd_getinfo): Add sub-command s2k_count.
 2009-12-14  Werner Koch  <wk@g10code.com>
 	* protect.c (agent_unprotect): Decode the S2K count here and take
--- a/agent/command.c
+++ b/agent/command.c
@ -1637,6 +1637,7 @@ static const char hlp_getinfo[] =
  "  socket_name - Return the name of the socket.\n"
  "  ssh_socket_name - Return the name of the ssh socket.\n"
  "  scd_running - Return OK if the SCdaemon is already running.\n"
  "  s2k_count   - Return the calibrated S2K count.\n"
  "  cmd_has_option\n"
  "              - Returns OK if the command CMD implements the option OPT.";
 static gpg_error_t
@ -1678,6 +1679,13 @@ cmd_getinfo (assuan_context_t ctx, char *line)
    {
      rc = agent_scd_check_running ()? 0 : gpg_error (GPG_ERR_GENERAL);
    }
  else if (!strcmp (line, "s2k_count"))
    {
      char numbuf[50];
      snprintf (numbuf, sizeof numbuf, "%lu", get_standard_s2k_count ());
      rc = assuan_send_data (ctx, numbuf, strlen (numbuf));
    }
  else if (!strncmp (line, "cmd_has_option", 14)
           && (line[14] == ' ' || line[14] == '\t' || !line[14]))
    {
--- a/agent/divert-scd.c
+++ b/agent/divert-scd.c
@ -80,7 +80,7 @@ ask_for_card (ctrl_t ctrl, const unsigned char *shadow_info, char **r_kid)
        }
      else
        {
-          log_error ("error accesing card: %s\n", gpg_strerror (rc));
+          log_error ("error accessing card: %s\n", gpg_strerror (rc));
        }
      if (!rc)
--- a/agent/minip12.c
+++ b/agent/minip12.c
@ -1698,7 +1698,7 @@ build_key_sequence (gcry_mpi_t *kparms, size_t *r_length)
    }
  if (i != 8)
    {
-      log_error ("invalid paramters for p12_build\n");
+      log_error ("invalid parameters for p12_build\n");
      return NULL;
    }
  /* Now this all goes into a sequence. */
--- a/common/estream.c
+++ b/common/estream.c
@ -1423,7 +1423,7 @@ es_readn (estream_t ES__RESTRICT stream,
 }
 /* Try to unread DATA_N bytes from DATA into STREAM, storing the
-   amount of bytes succesfully unread in *BYTES_UNREAD.  */
+   amount of bytes successfully unread in *BYTES_UNREAD.  */
 static void
 es_unreadn (estream_t ES__RESTRICT stream,
 	    const unsigned char *ES__RESTRICT data, size_t data_n,
--- a/doc/DETAILS
+++ b/doc/DETAILS
@ -730,7 +730,9 @@ version: the third field contains the version of GnuPG.
 pubkey: the third field contains the public key algorithmdcaiphers
 	this version of GnuPG supports, separated by semicolons.  The
-	algorithm numbers are as specified in RFC-4880.
+	algorithm numbers are as specified in RFC-4880.  Note that in
 	contrast to the --status-fd interface these are _not_ the
 	Libgcrypt identifiers.
   cfg:pubkey:1;2;3;16;17
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,29 @@
 2010-01-08  Werner Koch  <wk@g10code.com>
 	* cpr.c (write_status_error): Rename to write_status_errcode.
 	Change all callers.
 	(write_status_error): New.
 	* gpg.c: Add option --passwd.
 	(aPasswd): New.
 	(main): Implement.
 	* keyedit.c (keyedit_passwd): New.
 	* gpg.c (oPasswd, oPasswdFD, oPasswdFile, oPasswdRepeat): Change
 	to oPassphrase, oPassphraseFD, oPassphraseFile, oPassphraseRepeat.
 	* options.h (struct): s/passwd_repeat/passphrase_repeat/.
 	* gpg.c (main): Ditto.
 	* passphrase.c (passphrase_to_dek_ext): Ditto.
 2009-12-21  Werner Koch  <wk@g10code.com>
 	* call-agent.c (agent_get_s2k_count): New.
 	* gpg.c (main):  Set s2k_count to 0.
 	* (encode_s2k_iterations): Move ...
 	* passphrase.c (encode_s2k_iterations): ... here.  Call
 	agent_get_s2k_count if called with a 0 arg.
 	(passphrase_to_dek_ext): Set S2K_COUNT via encode_s2k_iterations.
 2009-12-17  Werner Koch  <wk@g10code.com>
 	* sig-check.c (do_check_messages): Evaluate the HAS_EXPIRED flag.
--- a/g10/call-agent.c
+++ b/g10/call-agent.c
@ -1254,3 +1254,38 @@ gpg_agent_get_confirmation (const char *desc)
 }
 /* Return the S2K iteration count as computed by gpg-agent.  */
 gpg_error_t
 agent_get_s2k_count (unsigned long *r_count)
 {
  gpg_error_t err;
  membuf_t data;
  char *buf;
  *r_count = 0;
  err = start_agent (0);
  if (err)
    return err;
  init_membuf (&data, 32);
  err = assuan_transact (agent_ctx, "GETINFO s2k_count", 
                        membuf_data_cb, &data,
                        NULL, NULL, NULL, NULL);
  if (err)
    xfree (get_membuf (&data, NULL));
  else 
    {
      put_membuf (&data, "", 1);
      buf = get_membuf (&data, NULL);
      if (!buf)
        err = gpg_error_from_syserror ();
      else
        {
          *r_count = strtoul (buf, NULL, 10);
          xfree (buf);
        }
    }
  return err;
 }
--- a/g10/call-agent.h
+++ b/g10/call-agent.h
@ -137,6 +137,9 @@ gpg_error_t agent_clear_passphrase (const char *cache_id);
 /* Present the prompt DESC and ask the user to confirm.  */
 gpg_error_t gpg_agent_get_confirmation (const char *desc);
 /* Return the S2K iteration count as computed by gpg-agent.  */
 gpg_error_t agent_get_s2k_count (unsigned long *r_count);
 #endif /*GNUPG_G10_CALL_AGENT_H*/
--- a/g10/card-util.c
+++ b/g10/card-util.c
@ -948,7 +948,7 @@ change_cert (const char *args)
    }
  else
    {
-      tty_printf ("usage error: redirectrion to file required\n");
+      tty_printf ("usage error: redirection to file required\n");
      return -1;
    }
@ -977,7 +977,7 @@ read_cert (const char *args)
    }
  else
    {
-      tty_printf ("usage error: redirectrion to file required\n");
+      tty_printf ("usage error: redirection to file required\n");
      return -1;
    }
--- a/g10/cpr.c
+++ b/g10/cpr.c
@ -1,6 +1,6 @@
 /* status.c - Status message and command-fd interface 
 * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003,
- *               2004, 2005, 2006 Free Software Foundation, Inc.
+ *               2004, 2005, 2006, 2010 Free Software Foundation, Inc.
 *
 * This file is part of GnuPG.
 *
@ -157,8 +157,23 @@ write_status_text ( int no, const char *text)
 }
 /* Wrte an ERROR status line using a full gpg-error error value.  */
 void
-write_status_error (const char *where, int errcode)
+write_status_error (const char *where, gpg_error_t err)
 {
  if (!statusfp || !status_currently_allowed (STATUS_ERROR))
    return;  /* Not enabled or allowed. */
  fprintf (statusfp, "[GNUPG:] %s %s %u\n", 
           get_status_string (STATUS_ERROR), where, err);
  if (fflush (statusfp) && opt.exit_on_status_write_error)
    g10_exit (0);
 }
 /* Same as above but only putputs the error code. */
 void
 write_status_errcode (const char *where, int errcode)
 {
  if (!statusfp || !status_currently_allowed (STATUS_ERROR))
    return;  /* Not enabled or allowed. */
--- a/g10/gpg.c
+++ b/g10/gpg.c
@ -1,6 +1,6 @@
 /* gpg.c - The GnuPG utility (main for gpg)
 * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
- *               2006, 2007, 2008, 2009 Free Software Foundation, Inc.
+ *               2006, 2007, 2008, 2009, 2010 Free Software Foundation, Inc.
 *
 * This file is part of GnuPG.
 *
@ -146,6 +146,7 @@ enum cmd_and_opt_values
    aCardStatus,
    aCardEdit,
    aChangePIN,
    aPasswd,
    aServer,
    oTextmode,
@ -207,10 +208,10 @@ enum cmd_and_opt_values
    oCompressLevel,
    oBZ2CompressLevel,
    oBZ2DecompressLowmem,
-    oPasswd,
+    oPassphrase,
-    oPasswdFD,
+    oPassphraseFD,
-    oPasswdFile,
+    oPassphraseFile,
-    oPasswdRepeat,
+    oPassphraseRepeat,
    oCommandFD,
    oCommandFile,
    oQuickRandom,
@ -390,6 +391,7 @@ static ARGPARSE_OPTS opts[] = {
  ARGPARSE_c (oFingerprint, "fingerprint", N_("list keys and fingerprints")),
  ARGPARSE_c (aListSecretKeys, "list-secret-keys", N_("list secret keys")),
  ARGPARSE_c (aKeygen,	   "gen-key",  N_("generate a new key pair")),
  ARGPARSE_c (aGenRevoke, "gen-revoke",N_("generate a revocation certificate")),
  ARGPARSE_c (aDeleteKeys,"delete-keys", 
              N_("remove keys from the public keyring")),
  ARGPARSE_c (aDeleteSecretKeys, "delete-secret-keys",
@ -398,7 +400,7 @@ static ARGPARSE_OPTS opts[] = {
  ARGPARSE_c (aLSignKey, "lsign-key"  ,N_("sign a key locally")),
  ARGPARSE_c (aEditKey,  "edit-key"   ,N_("sign or edit a key")),
  ARGPARSE_c (aEditKey,  "key-edit"   ,"@"),
-  ARGPARSE_c (aGenRevoke, "gen-revoke",N_("generate a revocation certificate")),
+  ARGPARSE_c (aPasswd,   "passwd",     N_("change a passphrase")),
  ARGPARSE_c (aDesigRevoke, "desig-revoke","@" ),
  ARGPARSE_c (aExport, "export"           , N_("export keys") ),
  ARGPARSE_c (aSendKeys, "send-keys"     , N_("export keys to a key server") ),
@ -600,10 +602,10 @@ static ARGPARSE_OPTS opts[] = {
              "delete-secret-and-public-keys", "@"),
  ARGPARSE_c (aRebuildKeydbCaches, "rebuild-keydb-caches", "@"),
-  ARGPARSE_s_s (oPasswd, "passphrase", "@"),
+  ARGPARSE_s_s (oPassphrase,      "passphrase", "@"),
-  ARGPARSE_s_i (oPasswdFD, "passphrase-fd", "@"),
+  ARGPARSE_s_i (oPassphraseFD,    "passphrase-fd", "@"),
-  ARGPARSE_s_s (oPasswdFile, "passphrase-file", "@"),
+  ARGPARSE_s_s (oPassphraseFile,  "passphrase-file", "@"),
-  ARGPARSE_s_i (oPasswdRepeat, "passphrase-repeat", "@"),
+  ARGPARSE_s_i (oPassphraseRepeat,"passphrase-repeat", "@"),
  ARGPARSE_s_i (oCommandFD, "command-fd", "@"),
  ARGPARSE_s_s (oCommandFile, "command-file", "@"),
  ARGPARSE_s_n (oQuickRandom, "debug-quick-random", "@"),
@ -1431,6 +1433,7 @@ check_permissions(const char *path,int item)
 }
 /* Print the OpenPGP defined algo numbers.  */
 static void
 print_algo_numbers(int (*checker)(int))
 {
@ -1795,33 +1798,6 @@ parse_trust_model(const char *model)
 }
 /* Pack an s2k iteration count into the form specified in 2440.  If
   we're in between valid values, round up. */
 static unsigned char
 encode_s2k_iterations(int iterations)
 {
  unsigned char c=0,result;
  unsigned int count;
  if(iterations<=1024)
    return 0;
  if(iterations>=65011712)
    return 255;
  /* Need count to be in the range 16-31 */
  for(count=iterations>>6;count>=32;count>>=1)
    c++;
  result=(c<<4)|(count-16);
  if(S2K_DECODE_COUNT(result)<iterations)
    result++;
  return result;
 }
 /* This fucntion called to initialized a new control object.  It is
   assumed that this object has been zeroed out before calling this
   function. */
@ -1995,7 +1971,7 @@ main (int argc, char **argv)
    opt.cert_digest_algo = 0;
    opt.compress_algo = -1; /* defaults to DEFAULT_COMPRESS_ALGO */
    opt.s2k_mode = 3; /* iterated+salted */
-    opt.s2k_count = 96; /* 65536 iterations */
+    opt.s2k_count = 0; /* Auto-calibrate when needed.  */
 #ifdef USE_CAST5
    opt.s2k_cipher_algo = CIPHER_ALGO_CAST5;
 #else
@ -2023,7 +1999,7 @@ main (int argc, char **argv)
    opt.def_sig_expire="0";
    opt.def_cert_expire="0";
    set_homedir ( default_homedir () );
-    opt.passwd_repeat=1;
+    opt.passphrase_repeat=1;
    /* Check whether we have a config file on the command line.  */
    orig_argc = argc;
@ -2208,6 +2184,7 @@ main (int argc, char **argv)
 	  case aDeleteSecretKeys:
 	  case aDeleteSecretAndPublicKeys:
 	  case aDeleteKeys:
          case aPasswd:
            set_cmd (&cmd, pargs.r_opt);
            greeting=1;
            break;
@ -2518,7 +2495,10 @@ main (int argc, char **argv)
 	  case oS2KDigest: s2k_digest_string = xstrdup(pargs.r.ret_str); break;
 	  case oS2KCipher: s2k_cipher_string = xstrdup(pargs.r.ret_str); break;
 	  case oS2KCount:
-	    opt.s2k_count=encode_s2k_iterations(pargs.r.ret_int);
+	    if (pargs.r.ret_int)
              opt.s2k_count = encode_s2k_iterations (pargs.r.ret_int);
            else
              opt.s2k_count = 0;  /* Auto-calibrate when needed.  */
 	    break;
          case oSimpleSKChecksum: opt.simple_sk_checksum = 1; break;
 	  case oNoEncryptTo: opt.no_encrypt_to = 1; break;
@ -2582,16 +2562,16 @@ main (int argc, char **argv)
 	  case oCompressLevel: opt.compress_level = pargs.r.ret_int; break;
 	  case oBZ2CompressLevel: opt.bz2_compress_level = pargs.r.ret_int; break;
 	  case oBZ2DecompressLowmem: opt.bz2_decompress_lowmem=1; break;
-	  case oPasswd:
+	  case oPassphrase:
 	    set_passphrase_from_string(pargs.r.ret_str);
 	    break;
-	  case oPasswdFD:
+	  case oPassphraseFD:
            pwfd = translate_sys2libc_fd_int (pargs.r.ret_int, 0);
            break;
-	  case oPasswdFile:
+	  case oPassphraseFile:
            pwfd = open_info_file (pargs.r.ret_str, 0, 1);
            break;
-	  case oPasswdRepeat: opt.passwd_repeat=pargs.r.ret_int; break;
+	  case oPassphraseRepeat: opt.passphrase_repeat=pargs.r.ret_int; break;
 	  case oCommandFD:
            opt.command_fd = translate_sys2libc_fd_int (pargs.r.ret_int, 0);
            break;
@ -3665,6 +3645,17 @@ main (int argc, char **argv)
 	xfree(username);
 	break;
      case aPasswd:
        if (argc != 1)
          wrong_args (_("--passwd <user-id>"));
        else
          {
            username = make_username (fname);
            keyedit_passwd (username);
            xfree (username);
          }
        break;
      case aDeleteKeys:
      case aDeleteSecretKeys:
      case aDeleteSecretAndPublicKeys:
--- a/g10/keydb.h
+++ b/g10/keydb.h
@ -173,6 +173,7 @@ int  build_sk_list( strlist_t locusr, SK_LIST *ret_sk_list,
 					    int unlock, unsigned use );
 /*-- passphrase.h --*/
 unsigned char encode_s2k_iterations (int iterations);
 assuan_context_t agent_open (int try, const char *orig_codeset);
 void agent_close (assuan_context_t ctx);
 int  have_static_passphrase(void);
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@ -1,6 +1,6 @@
 /* keyedit.c - keyedit stuff
 * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
- *               2008, 2009 Free Software Foundation, Inc.
+ *               2008, 2009, 2010 Free Software Foundation, Inc.
 *
 * This file is part of GnuPG.
 *
@ -2326,6 +2326,19 @@ keyedit_menu( const char *username, strlist_t locusr,
    xfree(answer);
 }
 /* Change the passphrase of the secret key identified by USERNAME.  */
 void
 keyedit_passwd (const char *username)
 {
  gpg_error_t err = gpg_error (GPG_ERR_BUG);  /* Not yet implemented.  */
  log_info ("error changing the passphrase for `%s': %s\n", 
             username, gpg_strerror (err));
  write_status_error ("keyedit.passwd", err);
 }
 static void
 tty_print_notations(int indent,PKT_signature *sig)
 {
--- a/g10/keygen.c
+++ b/g10/keygen.c
@ -3683,7 +3683,7 @@ do_generate_keypair (struct para_data_s *para,
        log_error ("key generation failed: %s\n", g10_errstr(rc) );
      else
        tty_printf (_("Key generation failed: %s\n"), g10_errstr(rc) );
-      write_status_error (card? "card_key_generate":"key_generate", rc);
+      write_status_errcode (card? "card_key_generate":"key_generate", rc);
      print_status_key_not_created ( get_parameter_value (para, pHANDLE) );
    }
  else
@ -4116,7 +4116,7 @@ gen_card_key_with_backup (int algo, int keyno, int is_primary,
      log_error (_("storing key onto card failed: %s\n"), g10_errstr (rc));
      free_secret_key (sk_unprotected);
      free_secret_key (sk_protected);
-      write_status_error ("save_key_to_card", rc);
+      write_status_errcode ("save_key_to_card", rc);
      return rc;
    }
--- a/g10/main.h
+++ b/g10/main.h
@ -1,6 +1,6 @@
 /* main.h
 * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
- *               2008, 2009 Free Software Foundation, Inc.
+ *               2008, 2009, 2010 Free Software Foundation, Inc.
 *
 * This file is part of GnuPG.
 *
@ -156,7 +156,8 @@ int mpi_print( FILE *fp, gcry_mpi_t a, int mode );
 void set_status_fd ( int fd );
 int  is_status_enabled ( void );
 void write_status ( int no );
-void write_status_error (const char *where, int errcode);
+void write_status_error (const char *where, gpg_error_t err);
 void write_status_errcode (const char *where, int errcode);
 void write_status_text ( int no, const char *text );
 void write_status_buffer ( int no,
                           const char *buffer, size_t len, int wrap );
@ -215,6 +216,7 @@ int delete_keys( strlist_t names, int secret, int allow_both );
 /*-- keyedit.c --*/
 void keyedit_menu( const char *username, strlist_t locusr,
 		   strlist_t commands, int quiet, int seckey_check );
 void keyedit_passwd (const char *username);
 void show_basic_key_info (KBNODE keyblock);
 /*-- keygen.c --*/
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@ -361,7 +361,13 @@ proc_pubkey_enc( CTX c, PACKET *pkt )
    if( is_status_enabled() ) {
 	char buf[50];
-	sprintf(buf, "%08lX%08lX %d 0",
+        /* FIXME: For ECC support we need to map the OpenPGP algo
           number to the Libgcrypt definef one.  This is due a
           chicken-egg problem: We need to have code in libgcrypt for
           a new algorithm so to implement a proposed new algorithm
           before the IANA will finally assign an OpenPGP
           indentifier.  */
 	snprintf (buf, sizeof buf, "%08lX%08lX %d 0",
 		(ulong)enc->keyid[0], (ulong)enc->keyid[1], enc->pubkey_algo );
 	write_status_text( STATUS_ENC_TO, buf );
    }
--- a/g10/options.h
+++ b/g10/options.h
@ -1,6 +1,6 @@
 /* options.h
 * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006,
- *               2007 Free Software Foundation, Inc.
+ *               2007, 2010 Free Software Foundation, Inc.
 *
 * This file is part of GnuPG.
 *
@ -248,7 +248,7 @@ struct
    struct akl *next;
  } *auto_key_locate;
-  int passwd_repeat;
+  int passphrase_repeat;
 } opt;
 /* CTRL is used to keep some global variables we currently can't
--- a/g10/passphrase.c
+++ b/g10/passphrase.c
@ -50,6 +50,58 @@ static char *next_pw = NULL;
 static char *last_pw = NULL;
 /* Pack an s2k iteration count into the form specified in 2440.  If
   we're in between valid values, round up.  With value 0 return the
   old default.  */
 unsigned char
 encode_s2k_iterations (int iterations)
 {
  gpg_error_t err;
  unsigned char c=0;
  unsigned char result;
  unsigned int count;
  if (!iterations)
    {
      unsigned long mycnt;
      /* Ask the gpg-agent for a useful iteration count.  */
      err = agent_get_s2k_count (&mycnt);
      if (err || mycnt < 65536)
        {
          /* Don't print an error if an older agent is used.  */
          if (err && gpg_err_code (err) != GPG_ERR_ASS_PARAMETER)
            log_error (_("problem with the agent: %s\n"), gpg_strerror (err));
          /* Default to 65536 which we used up to 2.0.13.  */
          return 96; 
        }
      else if (mycnt >= 65011712)
        return 255; /* Largest possible value.  */
      else
        return encode_s2k_iterations ((int)mycnt);
    }
  if (iterations <= 1024)
    return 0;  /* Command line arg compatibility.  */
  if (iterations >= 65011712)
    return 255;
  /* Need count to be in the range 16-31 */
  for (count=iterations>>6; count>=32; count>>=1)
    c++;
  result = (c<<4)|(count-16);
  if (S2K_DECODE_COUNT(result) < iterations)
    result++;
  return result;
 }
 /* Hash a passphrase using the supplied s2k. 
   Always needs: dek->algo, s2k->mode, s2k->hash_algo.  */
 static void
@ -374,7 +426,7 @@ passphrase_get ( u32 *keyid, int mode, const char *cacheid, int repeat,
      if (canceled)
        *canceled = 1;
-      write_status_error ("get_passphrase", rc);
+      write_status_errcode ("get_passphrase", rc);
    }
  if (pk)
@ -474,7 +526,15 @@ passphrase_to_dek_ext (u32 *keyid, int pubkey_algo,
    {
      gcry_randomize (s2k->salt, 8, GCRY_STRONG_RANDOM);
      if ( s2k->mode == 3 )
-        s2k->count = opt.s2k_count;
+        {
          /* We delay the encoding until it is really needed.  This is
             if we are going to dynamically calibrate it, we need to
             call out to gpg-agent and that should not be done during
             option processing in main().  */
          if (!opt.s2k_count)
            opt.s2k_count = encode_s2k_iterations (0);
          s2k->count = opt.s2k_count;
        }
    }
  /* If we do not have a passphrase available in NEXT_PW and status
@ -584,7 +644,7 @@ passphrase_to_dek_ext (u32 *keyid, int pubkey_algo,
      /* Divert to the gpg-agent. */
      pw = passphrase_get (keyid, mode == 2, s2k_cacheid,
-                           (mode == 2 || mode == 4)? opt.passwd_repeat : 0,
+                           (mode == 2 || mode == 4)? opt.passphrase_repeat : 0,
                           tryagain_text, custdesc, custprompt, canceled);
      if (*canceled)
        {
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@ -1663,7 +1663,7 @@ clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy,int self_only)
      /* Everything else we delete */
      /* At this point, if 12 is set, the signing key was unavailable.
-	 If 9 or 10 is set, it's superceded.  Otherwise, it's
+	 If 9 or 10 is set, it's superseded.  Otherwise, it's
 	 invalid. */
      if(noisy)
@ -1671,7 +1671,7 @@ clean_sigs_from_uid(KBNODE keyblock,KBNODE uidnode,int noisy,int self_only)
 		 keystr(node->pkt->pkt.signature->keyid),
 		 uidnode->pkt->pkt.user_id->name,
 		 node->flag&(1<<12)?"key unavailable":
-		 node->flag&(1<<9)?"signature superceded":"invalid signature");
+		 node->flag&(1<<9)?"signature superseded":"invalid signature");
      delete_kbnode(node);
      deleted++;
--- a/jnlib/argparse.c
+++ b/jnlib/argparse.c
@ -1107,7 +1107,7 @@ strusage( int level )
      break;
    case 11: p = "foo"; break;
    case 13: p = "0.0"; break;
-    case 14: p = "Copyright (C) 2009 Free Software Foundation, Inc."; break;
+    case 14: p = "Copyright (C) 2010 Free Software Foundation, Inc."; break;
    case 15: p =
 "This is free software: you are free to change and redistribute it.\n"
 "There is NO WARRANTY, to the extent permitted by law.\n";
--- a/scd/app-p15.c
+++ b/scd/app-p15.c
@ -2909,7 +2909,7 @@ do_sign (app_t app, const char *keyidstr, int hashalgo,
  if (aodf->pinflags.integrity_protected
      || aodf->pinflags.confidentiality_protected)
    {
-      log_error ("PIN verification requires unsupported protecion method\n");
+      log_error ("PIN verification requires unsupported protection method\n");
      return gpg_error (GPG_ERR_BAD_PIN_METHOD);
    }
  if (!aodf->stored_length && aodf->pinflags.needs_padding)
--- a/scd/ccid-driver.c
+++ b/scd/ccid-driver.c
@ -845,11 +845,11 @@ parse_ccid_descriptor (ccid_driver_t handle,
  if ((us & 0x0020))
    DEBUGOUT ("    Auto baud rate change\n");
  if ((us & 0x0040))
-    DEBUGOUT ("    Auto parameter negotation made by CCID\n");
+    DEBUGOUT ("    Auto parameter negotiation made by CCID\n");
  else if ((us & 0x0080))
    DEBUGOUT ("    Auto PPS made by CCID\n");
  else if ((us & (0x0040 | 0x0080)))
-    DEBUGOUT ("    WARNING: conflicting negotation features\n");
+    DEBUGOUT ("    WARNING: conflicting negotiation features\n");
  if ((us & 0x0100))
    DEBUGOUT ("    CCID can set ICC in clock stop mode\n");
--- a/tests/openpgp/ChangeLog
+++ b/tests/openpgp/ChangeLog
@ -1,3 +1,8 @@
 2009-12-21  Werner Koch  <wk@g10code.com>
 	* Makefile.am (required_pgms): New.
 	(./gpg_dearmor): Depend on them.
 2009-06-05  David Shaw  <dshaw@jabberwocky.com>
 	* defs.inc: Improved all_cipher_algos and all_hash_algos to work
--- a/tests/openpgp/Makefile.am
+++ b/tests/openpgp/Makefile.am
@ -19,6 +19,10 @@
 GPG_IMPORT = ../../g10/gpg2 --homedir . \
              --quiet --yes --no-permission-warning --import
 # Programs required before we can run these tests.
 required_pgms = ../../g10/gpg2 ../../agent/gpg-agent \
                ../../tools/gpg-connect-agent
 TESTS = version.test mds.test \
 	decrypt.test decrypt-dsa.test \
 	sigs.test sigs-dsa.test \
@ -60,7 +64,9 @@ prepared.stamp: ./pubring.gpg ./secring.gpg ./plain-1 ./plain-2 ./plain-3 \
 	 $(GPG_IMPORT) $(srcdir)/pubdemo.asc	 
 	 echo timestamp >./prepared.stamp
-./gpg_dearmor:
+# We need to depend on a couple of programs so that the tests don't
 # start before all programs are built.
 ./gpg_dearmor:  $(required_pgms)
 	echo '#!/bin/sh' >./gpg_dearmor
 	echo "../../g10/gpg2 --no-options --no-greeting \
             --no-secmem-warning --batch --dearmor" >>./gpg_dearmor