See ChangeLog: Wed Feb 24 11:07:27 CET 1999 Werner Koch

AUTHORS

@@ -56,6 +56,7 @@ es_ES.po
 
 TRANSLATIONS	Thiago Jung Bauermann ????????????????
 pt_BR.po
+jungmann@cwb.matrix.com.br
 
 
 TRANSLATIONS	Janusz A. Urbanowicz  ???????????

BUGS

@@ -42,6 +42,8 @@ an "info standards" to find out why a disclaimer is needed for GNU.)
     Buserror on IRIX 6.4: Crash while doing a keygen. I think while creating
     the prime.	Other buserrors are reported when doing a "gpg README"
     on sparc-solaris2.6.
+    --> I hope I've fixed this: Please, can someone it. I can't reproduce it
+	on the alpha I have access to.
 
 [ **] #7 1999-02-22 <dwpalmer@dwpalm.jf.intel.com> 0.9.3
     Conventional encrytion incompatibilty:

ChangeLog

@@ -1,3 +1,7 @@
+Wed Feb 24 11:07:27 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+	* configure.in: New option --enable-static-rnd.
+
 Mon Feb 22 20:04:00 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
 
 	* BUGS: Now we assign bug numbers.

NEWS

@@ -1,4 +1,6 @@
 
+    * New configure option --enable-static-rnd=[egd|linux|unix|none]
+      to select a random gathering module for static linking.
 
 Noteworthy changes in version 0.9.3
 -----------------------------------

THANKS

@@ -37,6 +37,7 @@ Janusz A. Urbanowicz	alex@bofh.torun.pl
 James Troup		james@nocrew.org
 Jean-loup Gailly	gzip@prep.ai.mit.edu
 Jens Bachem		bachem@rrz.uni-koeln.de
+Joachim Backes		backes@rhrk.uni-kl.de
 John A. Martin		jam@jamux.com
 Johnny Teveßen		j.tevessen@gmx.de
 Jörg Schilling		schilling@fokus.gmd.de
@@ -64,6 +65,7 @@ Philippe Laliberte	arsphl@oeil.qc.ca
 Peter Gutmann		pgut001@cs.auckland.ac.nz
 QingLong		qinglong@bolizm.ihep.su
 Ralph Gillen		gillen@theochem.uni-duesseldorf.de
+Rat			ratinox@peorth.gweep.net
 Reinhard Wobst		R.Wobst@ifw-dresden.de
 Reuben Sumner		rasumner@wisdom.weizmann.ac.il
 Roddy Strachan		roddy@satlink.com.au
@@ -76,7 +78,7 @@ Steffen Ullrich 	ccrlphr@xensei.com
 Steffen Zahn		zahn@berlin.snafu.de
 Steven Bakker		steven@icoe.att.com
 Susanne Schultz 	schultz@hsp.de
-Thiago Jung Bauermann	jungmann@usa.net
+Thiago Jung Bauermann	jungmann@cwb.matrix.com.br
 Thomas Roessler 	roessler@guug.de
 Tom Spindler		dogcow@home.merit.edu
 Tom Zerucha		tzeruch@ceddec.com

TODO

@@ -17,6 +17,10 @@
   * Use capabilities if available.  glibc2 does not support it yet?
     What about 2.2 or should we use the system calls directly?
 
+  * wehndecryptiong multiple key: print a warning only if no usable pubkey
+    encrypte package was found.  Extension: display a list of all recipients.
+
+
 
 Nice to have
 ------------

cipher/ChangeLog

@@ -1,3 +1,10 @@
+Wed Feb 24 11:07:27 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+	* cipher.c (context): Fixed alignment
+	* md.c: Ditto.
+
+	* rndegd.c: New
+
 Mon Feb 22 20:04:00 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
 
 	* rndegd.c: New.

cipher/cipher.c

@@ -60,7 +60,7 @@ struct cipher_handle_s {
     int  (*setkey)( void *c, byte *key, unsigned keylen );
     void (*encrypt)( void *c, byte *outbuf, byte *inbuf );
     void (*decrypt)( void *c, byte *outbuf, byte *inbuf );
-    byte context[1];
+    PROPERLY_ALIGNED_TYPE context;
 };
 
 
@@ -328,8 +328,10 @@ cipher_open( int algo, int mode, int secure )
     /* ? perform selftest here and mark this with a flag in cipher_table ? */
 
     hd = secure ? m_alloc_secure_clear( sizeof *hd
-					+ cipher_table[i].contextsize )
+					+ cipher_table[i].contextsize
-		: m_alloc_clear( sizeof *hd + cipher_table[i].contextsize );
+					- sizeof(PROPERLY_ALIGNED_TYPE) )
+		: m_alloc_clear( sizeof *hd + cipher_table[i].contextsize
+					   - sizeof(PROPERLY_ALIGNED_TYPE)  );
     hd->algo = algo;
     hd->blocksize = cipher_table[i].blocksize;
     hd->setkey	= cipher_table[i].setkey;
@@ -360,7 +362,7 @@ cipher_close( CIPHER_HANDLE c )
 int
 cipher_setkey( CIPHER_HANDLE c, byte *key, unsigned keylen )
 {
-    return (*c->setkey)( &c->context, key, keylen );
+    return (*c->setkey)( &c->context.c, key, keylen );
 }
 
 
@@ -383,7 +385,7 @@ do_ecb_encrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nblocks )
     unsigned n;
 
     for(n=0; n < nblocks; n++ ) {
-	(*c->encrypt)( &c->context, outbuf, inbuf );
+	(*c->encrypt)( &c->context.c, outbuf, inbuf );
 	inbuf  += c->blocksize;
 	outbuf += c->blocksize;
     }
@@ -395,7 +397,7 @@ do_ecb_decrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nblocks )
     unsigned n;
 
     for(n=0; n < nblocks; n++ ) {
-	(*c->decrypt)( &c->context, outbuf, inbuf );
+	(*c->decrypt)( &c->context.c, outbuf, inbuf );
 	inbuf  += c->blocksize;
 	outbuf += c->blocksize;
     }
@@ -428,7 +430,7 @@ do_cfb_encrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nbytes )
 	int i;
 	/* encrypt the IV (and save the current one) */
 	memcpy( c->lastiv, c->iv, blocksize );
-	(*c->encrypt)( &c->context, c->iv, c->iv );
+	(*c->encrypt)( &c->context.c, c->iv, c->iv );
 	/* XOR the input with the IV and store input into IV */
 	for(ivp=c->iv,i=0; i < blocksize; i++ )
 	    *outbuf++ = (*ivp++ ^= *inbuf++);
@@ -437,7 +439,7 @@ do_cfb_encrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nbytes )
     if( nbytes ) { /* process the remaining bytes */
 	/* encrypt the IV (and save the current one) */
 	memcpy( c->lastiv, c->iv, blocksize );
-	(*c->encrypt)( &c->context, c->iv, c->iv );
+	(*c->encrypt)( &c->context.c, c->iv, c->iv );
 	c->unused = blocksize;
 	/* and apply the xor */
 	c->unused -= nbytes;
@@ -479,7 +481,7 @@ do_cfb_decrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nbytes )
 	int i;
 	/* encrypt the IV (and save the current one) */
 	memcpy( c->lastiv, c->iv, blocksize );
-	(*c->encrypt)( &c->context, c->iv, c->iv );
+	(*c->encrypt)( &c->context.c, c->iv, c->iv );
 	/* XOR the input with the IV and store input into IV */
 	for(ivp=c->iv,i=0; i < blocksize; i++ ) {
 	    temp = *inbuf++;
@@ -491,7 +493,7 @@ do_cfb_decrypt( CIPHER_HANDLE c, byte *outbuf, byte *inbuf, unsigned nbytes )
     if( nbytes ) { /* process the remaining bytes */
 	/* encrypt the IV (and save the current one) */
 	memcpy( c->lastiv, c->iv, blocksize );
-	(*c->encrypt)( &c->context, c->iv, c->iv );
+	(*c->encrypt)( &c->context.c, c->iv, c->iv );
 	c->unused = blocksize;
 	/* and apply the xor */
 	c->unused -= nbytes;

cipher/md.c

@@ -47,7 +47,7 @@ struct md_digest_list_s {
     void (*final)( void *c );
     byte *(*read)( void *c );
     size_t contextsize; /* allocate this amount of context */
-    char context[1];
+    PROPERLY_ALIGNED_TYPE context;
 };
 
 static struct md_digest_list_s *digest_list;
@@ -238,13 +238,15 @@ md_enable( MD_HANDLE h, int algo )
 	return;
     }
     /* and allocate a new list entry */
-    ac = h->secure? m_alloc_secure( sizeof *ac + r->contextsize )
+    ac = h->secure? m_alloc_secure( sizeof *ac + r->contextsize
-		  : m_alloc( sizeof *ac + r->contextsize );
+					       - sizeof(r->context) )
+		  : m_alloc( sizeof *ac + r->contextsize
+					       - sizeof(r->context) );
     *ac = *r;
     ac->next = h->list;
     h->list = ac;
     /* and init this instance */
-    (*ac->init)( &ac->context );
+    (*ac->init)( &ac->context.c );
 }
 
 
@@ -264,9 +266,12 @@ md_copy( MD_HANDLE a )
     /* and now copy the complete list of algorithms */
     /* I know that the copied list is reversed, but that doesn't matter */
     for( ar=a->list; ar; ar = ar->next ) {
-	br = a->secure ? m_alloc_secure( sizeof *br + ar->contextsize )
+	br = a->secure ? m_alloc_secure( sizeof *br + ar->contextsize
-		       : m_alloc( sizeof *br + ar->contextsize );
+					       - sizeof(ar->context) )
-	memcpy( br, ar, sizeof(*br) + ar->contextsize );
+		       : m_alloc( sizeof *br + ar->contextsize
+					       - sizeof(ar->context) );
+	memcpy( br, ar, sizeof(*br) + ar->contextsize
+				    - sizeof(ar->context) );
 	br->next = b->list;
 	b->list = br;
     }
@@ -288,8 +293,8 @@ md_reset( MD_HANDLE a )
 
     a->bufcount = 0;
     for( r=a->list; r; r = r->next ) {
-	memset( r->context, 0, r->contextsize );
+	memset( r->context.c, 0, r->contextsize );
-	(*r->init)( &r->context );
+	(*r->init)( &r->context.c );
     }
 }
 
@@ -323,8 +328,8 @@ md_write( MD_HANDLE a, byte *inbuf, size_t inlen)
 	    BUG();
     }
     for(r=a->list; r; r = r->next ) {
-	(*r->write)( &r->context, a->buffer, a->bufcount );
+	(*r->write)( &r->context.c, a->buffer, a->bufcount );
-	(*r->write)( &r->context, inbuf, inlen );
+	(*r->write)( &r->context.c, inbuf, inlen );
     }
     a->bufcount = 0;
 }
@@ -340,7 +345,7 @@ md_final(MD_HANDLE a)
 	md_write( a, NULL, 0 );
 
     for(r=a->list; r; r = r->next ) {
-	(*r->final)( &r->context );
+	(*r->final)( &r->context.c );
     }
 }
 
@@ -357,13 +362,13 @@ md_read( MD_HANDLE a, int algo )
 	if( (r=a->list) ) {
 	    if( r->next )
 		log_debug("more than algorithm in md_read(0)\n");
-	    return (*r->read)( &r->context );
+	    return (*r->read)( &r->context.c );
 	}
     }
     else {
 	for(r=a->list; r; r = r->next )
 	    if( r->algo == algo )
-		return (*r->read)( &r->context );
+		return (*r->read)( &r->context.c );
     }
     BUG();
     return NULL;
@@ -408,7 +413,7 @@ md_digest( MD_HANDLE a, int algo, byte *buffer, int buflen )
      * the context (extra overhead - should be fixed)*/
     context = a->secure ? m_alloc_secure( r->contextsize )
 			: m_alloc( r->contextsize );
-    memcpy( context, r->context, r->contextsize );
+    memcpy( context, r->context.c, r->contextsize );
     (*r->final)( context );
     digest = (*r->read)( context );
 

cipher/rndegd.c

@@ -24,11 +24,12 @@
 #include <assert.h>
 #include <errno.h>
 #include <sys/time.h>
-#include <sys/types.h>
 #include <sys/stat.h>
 #include <string.h>
 #include <unistd.h>
+#include <sys/types.h>
 #include <sys/socket.h>
+#include <sys/un.h>
 #include "types.h"
 #include "util.h"
 #include "ttyio.h"
@@ -40,17 +41,10 @@
   #include "i18n.h"
 #endif
 
-static int gather_random( void (*add)(const void*, size_t, int), int requester,
+#ifndef offsetof
-					  size_t length, int level );
+#define offsetof(type, member) ((size_t) &((type *)0)->member)
-
-#ifdef IS_MODULE
-static void tty_printf(const char *fmt, ... )
-{
-    g10_log_info("tty_printf not available (%s)\n", fmt );
-}
 #endif
 
-
 static int
 do_write( int fd, void *buf, size_t nbytes )
 {
@@ -60,7 +54,7 @@ do_write( int fd, void *buf, size_t nbytes )
     while( nleft > 0 ) {
 	nwritten = write( fd, buf, nleft);
 	if( nwritten < 0 ) {
-	    if( errno = EINTR )
+	    if( errno == EINTR )
 		continue;
 	    return -1;
 	}
@@ -70,18 +64,6 @@ do_write( int fd, void *buf, size_t nbytes )
     return 0;
 }
 
-    my $bytes = shift;
-    $msg = pack("CC", 0x01, $bytes);
-    $s->syswrite($msg, length($msg));
-    my $nread = $s->sysread($buf, 1);
-    die unless $nread == 1;
-    my $count = unpack("C",$buf);
-    $nread = $s->sysread($buf, $count);
-    die "didn't get all the entropy" unless $nread == $count;
-    print "got $count bytes of entropy: ",unpack("H*",$buf),"\n";
-
-
-
 
 static int
 gather_random( void (*add)(const void*, size_t, int), int requester,
@@ -90,7 +72,7 @@ gather_random( void (*add)(const void*, size_t, int), int requester,
     static int fd = -1;
     int n;
     int warn=0;
-    byte buffer[768];
+    byte buffer[256+2];
 
     if( fd == -1 ) {
 	const char *name = "/tmp/entropy";
@@ -100,7 +82,8 @@ gather_random( void (*add)(const void*, size_t, int), int requester,
 	memset( &addr, 0, sizeof addr );
 	addr.sun_family = AF_UNIX;
 	strcpy( addr.sun_path, name );	  /* fixme: check that it is long enough */
-	addr_len = strlen(addr.sun_path) + sizeof addr.sun_family;
+	addr_len = offsetof( struct sockaddr_un, sun_path )
+		   + strlen( addr.sun_path );
 
 	fd = socket(AF_UNIX, SOCK_STREAM, 0);
 	if( fd == -1 )
@@ -111,44 +94,65 @@ gather_random( void (*add)(const void*, size_t, int), int requester,
 						    name, strerror(errno) );
     }
 
-    if( do_write( fd, "\x01", 1 ) == -1 )
-	g10_log_fatal("can't write to the EGD: %s\n", strerror(errno) );
 
     while( length ) {
 	fd_set rfds;
 	struct timeval tv;
 	int rc;
+	int nbytes;
+	int cmd;
 
+	nbytes = length < 255? length : 255;
+	/* send request */
+	cmd = level >= 2 ? 2 : 1;
+	buffer[0] = cmd;
+	buffer[1] = nbytes;
+	if( do_write( fd, buffer, 2 ) == -1 )
+	    g10_log_fatal("can't write to the EGD: %s\n", strerror(errno) );
+	/* wait on reply */
 	FD_ZERO(&rfds);
 	FD_SET(fd, &rfds);
 	tv.tv_sec = 3;
 	tv.tv_usec = 0;
 	if( !(rc=select(fd+1, &rfds, NULL, NULL, &tv)) ) {
 	    if( !warn )
-		tty_printf( _(
+	      #ifdef IS_MODULE
+		fprintf( stderr,
+	      #else
+		tty_printf(
+	      #endif
+			    _(
 "\n"
 "Not enough random bytes available.  Please do some other work to give\n"
 "the OS a chance to collect more entropy! (Need %d more bytes)\n"), length );
-	    warn = 0; /* set to 1 to print onyl one warning */
+	    warn = 0; /*  <--- set to 1 to display the message only once */
 	    continue;
 	}
 	else if( rc == -1 ) {
-	    tty_printf("select() error: %s\n", strerror(errno));
+	    g10_log_error("select error on EGD: %s\n", strerror(errno));
 	    continue;
 	}
 
+	/* collect reply */
 	do {
-	    int nbytes = length < sizeof(buffer)? length : sizeof(buffer);
+	    n = read(fd, buffer, nbytes+2 );
-	    n = read(fd, buffer, nbytes );
-	    if( n >= 0 && n > nbytes ) {
-		g10_log_error("bogus read from random device (n=%d)\n", n );
-		n = nbytes;
-	    }
 	} while( n == -1 && errno == EINTR );
+	/* process reply */
 	if( n == -1 )
-	    g10_log_fatal("read error on EGD: %s\n", strerror(errno));
+	    g10_log_error("read error on EGD: %s\n", strerror(errno));
-	(*add)( buffer, n, requester );
+	else if( n < 2 )
-	length -= n;
+	    g10_log_error("bad EGD reply: too short\n");
+	else if( buffer[0] != cmd )
+	    g10_log_error("bad EGD reply: cmd mismatch %d/%d\n",
+							cmd, *buffer );
+	else if( buffer[1] != nbytes )
+	    g10_log_error("bad EGD reply: count mismatch %d/%d\n",
+						      nbytes, buffer[1] );
+	else {
+	    n -= 2;
+	    (*add)( buffer+2, n, requester );
+	    length -= n;
+	}
     }
     memset(buffer, 0, sizeof(buffer) );
 

cipher/rndunix.c

@@ -477,13 +477,14 @@ slow_poll(FILE *dbgfp, int dbgall, size_t *nbytes )
 
 			/* Try and estimate how much entropy we're getting
 			 * from a data source */
-			if (dataSources[i].usefulness)
+			if (dataSources[i].usefulness) {
 			    if (dataSources[i].usefulness < 0)
 				total = (dataSources[i].length + 999)
 					/ -dataSources[i].usefulness;
 			    else
 				total = dataSources[i].length
 					/ dataSources[i].usefulness;
+			}
 			if( dbgfp )
 			    fprintf(dbgfp,
 			       "%s %s contributed %d bytes, "

configure.in

@@ -24,12 +24,45 @@ AC_DEFINE_UNQUOTED(PACKAGE, "$PACKAGE")
 MODULES_IN_CIPHER=`awk '/# MODULES: / { for(i=3;i<=NF;i++) print $i}' \
                                                 $srcdir/cipher/Makefile.am`
 
+dnl
+dnl  Check for random module options
+dnl
+dnl  Fixme: get the list of available modules from MODULES_IN_CIPHER
+dnl         and check agiants this list
+
+AC_MSG_CHECKING([which static random module to use])
+AC_ARG_ENABLE(static-rnd,
+    [  --enable-static-rnd=[egd|unix|linux|nonde]  ],
+[use_static_rnd=$enableval], [use_static_rnd=default] )
+
+if test "$use_static_rnd" = no; then
+    use_static_rnd=default
+fi
+
+case "$use_static_rnd" in
+    egd | linux | unix | none | default )
+      AC_MSG_RESULT($use_static_rnd)
+      ;;
+    * )
+      AC_MSG_RESULT(invalid argument)
+      AC_MSG_ERROR(there is no random module rnd$use_static_rnd)
+      ;;
+esac
+
+dnl
+dnl See whether the user wants to disable checking for 7dev/random
+
 AC_MSG_CHECKING([whether use of /dev/random is requested])
 AC_ARG_ENABLE(dev-random,
 [  --disable-dev-random    disable the use of dev random],
     try_dev_random=$enableval, try_dev_random=yes)
 AC_MSG_RESULT($try_dev_random)
 
+
+dnl
+dnl  Check other options
+dnl
+
 AC_MSG_CHECKING([whether use of extensions is requested])
 AC_ARG_ENABLE(dynload,
 [  --disable-dynload       disable use of extensions],
@@ -68,6 +101,7 @@ AC_ARG_WITH(included-zlib,
 [g10_force_zlib=yes], [g10_force_zlib=no] )
 AC_MSG_RESULT($g10_force_zlib)
 
+
 dnl Checks for programs.
 
 AC_CANONICAL_SYSTEM
@@ -300,23 +334,31 @@ dnl Figure out the default linkage mode for cipher modules
 dnl
 dnl (We always need a static rmd160)
 static_modules="$static_modules rmd160"
-if test "$ac_cv_have_dev_random" = yes; then
+if test "$use_static_rnd" = default; then
-    static_modules="$static_modules rndlinux"
+  if test "$ac_cv_have_dev_random" = yes; then
+      static_modules="$static_modules rndlinux"
+  else
+      case "${target}" in
+          i386--mingw32)
+              static_modules="$static_modules rndw32"
+              ;;
+          i386-emx-os2)
+              static_modules="$static_modules rndos2"
+              ;;
+          m68k-atari-mint)
+              static_modules="$static_modules rndatari"
+              ;;
+          *)
+              static_modules="$static_modules rndunix"
+             ;;
+      esac
+  fi
 else
-    case "${target}" in
+  if test "$use_static_rnd" = none; then
-        i386--mingw32)
+    :
-            static_modules="$static_modules rndw32"
+  else
-            ;;
+    static_modules="$static_modules rnd$use_static_rnd"
-        i386-emx-os2)
+  fi
-            static_modules="$static_modules rndos2"
-            ;;
-        m68k-atari-mint)
-            static_modules="$static_modules rndatari"
-            ;;
-        *)
-            static_modules="$static_modules rndunix"
-           ;;
-    esac
 fi
 
 dnl
@@ -350,6 +392,8 @@ AC_SUBST(DYNAMIC_CIPHER_MODS)
 dnl
 dnl And build the constructor file
 dnl
+
+test -d cipher || mkdir cipher
 cat <<EOF >cipher/construct.c
 /* automatically generated by configure - do not edit */
 

g10/ChangeLog

@@ -1,3 +1,9 @@
+Wed Feb 24 11:07:27 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+	* keylist.c (secret_key_list): Now really list the secret key.
+
+	* trustdb.c (do_init_trustdb): New. Init is now deferred.
+
 Mon Feb 22 20:04:00 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
 
 	* getkey.c (lookup_sk): Return G10ERR_NO_SECKEY and not x_PUBKEY.

g10/keylist.c

@@ -68,7 +68,7 @@ secret_key_list( int nnames, char **names )
 	STRLIST list = NULL;
 	for( ; nnames ; nnames--, names++ )
 	    add_to_strlist( &list, *names );
-	list_one( list, 0 );
+	list_one( list, 1 );
 	free_strlist( list );
     }
 }

g10/trustdb.c

@@ -127,6 +127,15 @@ static LOCAL_ID_TABLE ultikey_table;
 static LOCAL_ID_TABLE unused_lid_tables;
 static struct local_id_item *unused_lid_items;
 
+static struct {
+    int init;
+    int level;
+    char *dbname;
+} trustdb_args;
+#define INIT_TRUSTDB() do { if( !trustdb_args.init ) \
+				do_init_trustdb();   \
+			  } while(0)
+static void do_init_trustdb(void);
 
 #define HEXTOBIN(a) ( (a) >= '0' && (a) <= '9' ? ((a)-'0') : \
 		      (a) >= 'A' && (a) <= 'F' ? ((a)-'A'+10) : ((a)-'a'+10))
@@ -324,6 +333,7 @@ keyid_from_lid( ulong lid, u32 *keyid )
     TRUSTREC rec;
     int rc;
 
+    INIT_TRUSTDB();
     rc = tdbio_read_record( lid, &rec, 0 );
     if( rc ) {
 	log_error(_("error reading dir record for LID %lu: %s\n"),
@@ -364,6 +374,7 @@ lid_from_keyblock( KBNODE keyblock )
     pk = node->pkt->pkt.public_key;
     if( !pk->local_id ) {
 	TRUSTREC rec;
+	INIT_TRUSTDB();
 
 	get_dir_record( pk, &rec );
     }
@@ -1185,31 +1196,45 @@ do_check( TRUSTREC *dr, unsigned *validity )
  */
 int
 init_trustdb( int level, const char *dbname )
+{
+    /* just store the args */
+    if( trustdb_args.init )
+	return 0;
+    trustdb_args.level = level;
+    trustdb_args.dbname = dbname? m_strdup(dbname): NULL;
+    return 0;
+}
+
+static void
+do_init_trustdb()
 {
     int rc=0;
+    int level = trustdb_args.level;
+    const char* dbname = trustdb_args.dbname;
+
+    trustdb_args.init = 1;
 
     if( !ultikey_table )
 	ultikey_table = new_lid_table();
 
     if( !level || level==1 ) {
 	rc = tdbio_set_dbname( dbname, !!level );
-	if( rc )
+	if( !rc ) {
-	    return rc;
+	    if( !level )
-	if( !level )
+		return;
-	    return 0;
 
-	/* verify that our own keys are in the trustDB
+	    /* verify that our own keys are in the trustDB
-	 * or move them to the trustdb. */
+	     * or move them to the trustdb. */
-	rc = verify_own_keys();
+	    rc = verify_own_keys();
-
-	/* should we check whether there is no other ultimately trusted
-	 * key in the database? */
 
+	    /* should we check whether there is no other ultimately trusted
+	     * key in the database? */
+	}
     }
     else
 	BUG();
-
+    if( rc )
-    return rc;
+	log_fatal("can't init trustdb: %s\n", g10_errstr(rc) );
 }
 
 
@@ -1218,6 +1243,8 @@ list_trustdb( const char *username )
 {
     TRUSTREC rec;
 
+    INIT_TRUSTDB();
+
     if( username && *username == '#' ) {
 	int rc;
 	ulong lid = atoi(username+1);
@@ -1274,6 +1301,7 @@ export_ownertrust()
     byte *p;
     int rc;
 
+    INIT_TRUSTDB();
     printf(_("# List of assigned trustvalues, created %s\n"
 	     "# (Use \"gpgm --import-ownertrust\" to restore them)\n"),
 	   asctimestamp( make_timestamp() ) );
@@ -1309,6 +1337,7 @@ import_ownertrust( const char *fname )
     size_t n, fprlen;
     unsigned otrust;
 
+    INIT_TRUSTDB();
     if( !fname || (*fname == '-' && !fname[1]) ) {
 	fp = stdin;
 	fname = "[stdin]";
@@ -1481,6 +1510,7 @@ list_trust_path( const char *username )
     TRUST_SEG_LIST trust_seg_list, tsl, tsl2;
     PKT_public_key *pk = m_alloc_clear( sizeof *pk );
 
+    INIT_TRUSTDB();
     if( (rc = get_pubkey_byname(NULL, pk, username, NULL )) )
 	log_error(_("user '%s' not found: %s\n"), username, g10_errstr(rc) );
     else if( (rc=tdbio_search_dir_bypk( pk, &rec )) && rc != -1 )
@@ -1557,6 +1587,7 @@ check_trustdb( const char *username )
     int rc;
     int recheck = username && *username == '*' && !username[1];
 
+    INIT_TRUSTDB();
     if( username && !recheck ) {
 	rc = find_keyblock_byname( &kbpos, username );
 	if( !rc )
@@ -1657,6 +1688,7 @@ update_trustdb( )
     KBPOS kbpos;
     int rc;
 
+    INIT_TRUSTDB();
     rc = enum_keyblocks( 0, &kbpos, &keyblock );
     if( !rc ) {
 	ulong count=0, upd_count=0, err_count=0, new_count=0;
@@ -1749,6 +1781,7 @@ check_trust( PKT_public_key *pk, unsigned *r_trustlevel )
     u32 keyid[2];
 
 
+    INIT_TRUSTDB();
     keyid_from_pk( pk, keyid );
 
     /* get the pubkey record */
@@ -1814,6 +1847,7 @@ query_trust_info( PKT_public_key *pk )
     unsigned trustlevel;
     int c;
 
+    INIT_TRUSTDB();
     if( check_trust( pk, &trustlevel ) )
 	return '?';
     if( trustlevel & TRUST_FLAG_REVOKED )
@@ -1851,6 +1885,7 @@ enum_cert_paths( void **context, ulong *lid,
     struct enum_cert_paths_ctx *ctx;
     TRUST_SEG_LIST tsl;
 
+    INIT_TRUSTDB();
     if( !lid ) {  /* release the context */
 	if( *context ) {
 	    TRUST_SEG_LIST tsl2;
@@ -1919,6 +1954,7 @@ enum_cert_paths_print( void **context, FILE *fp,
 
     if( !*context )
 	return;
+    INIT_TRUSTDB();
     ctx = *context;
     if( !ctx->tsl )
 	return;
@@ -1959,6 +1995,7 @@ get_ownertrust( ulong lid )
 {
     TRUSTREC rec;
 
+    INIT_TRUSTDB();
     read_record( lid, &rec, RECTYPE_DIR );
     return rec.r.dir.ownertrust;
 }
@@ -1969,6 +2006,7 @@ get_ownertrust_info( ulong lid )
     unsigned otrust;
     int c;
 
+    INIT_TRUSTDB();
     otrust = get_ownertrust( lid );
     c = trust_letter( (otrust & TRUST_MASK) );
     if( !c )
@@ -1991,6 +2029,7 @@ get_pref_data( ulong lid, const byte *namehash, size_t *ret_n )
     TRUSTREC rec;
     ulong recno;
 
+    INIT_TRUSTDB();
     read_record( lid, &rec, RECTYPE_DIR );
     for( recno=rec.r.dir.uidlist; recno; recno = rec.r.uid.next ) {
 	read_record( recno, &rec, RECTYPE_UID );
@@ -2023,6 +2062,7 @@ is_algo_in_prefs( ulong lid, int preftype, int algo )
     int i;
     byte *pref;
 
+    INIT_TRUSTDB();
     read_record( lid, &rec, RECTYPE_DIR );
     for( recno=rec.r.dir.uidlist; recno; recno = rec.r.uid.next ) {
 	read_record( recno, &rec, RECTYPE_UID );
@@ -2070,6 +2110,7 @@ int
 query_trust_record( PKT_public_key *pk )
 {
     TRUSTREC rec;
+    INIT_TRUSTDB();
     return get_dir_record( pk, &rec );
 }
 
@@ -2080,6 +2121,7 @@ clear_trust_checked_flag( PKT_public_key *pk )
     TRUSTREC rec;
     int rc;
 
+    INIT_TRUSTDB();
     rc = get_dir_record( pk, &rec );
     if( rc )
 	return rc;
@@ -3066,6 +3108,7 @@ update_trust_record( KBNODE keyblock, int recheck, int *modified )
     RECNO_LIST recno_list = NULL; /* list of verified records */
     /* fixme: replace recno_list by a lookup on node->recno */
 
+    INIT_TRUSTDB();
     if( modified )
 	*modified = 0;
 
@@ -3194,6 +3237,8 @@ insert_trust_record( PKT_public_key *pk )
     int rc = 0;
     ulong hintlist = 0;
 
+    INIT_TRUSTDB();
+
     if( pk->local_id )
 	log_bug("pk->local_id=%lu\n", pk->local_id );
 
@@ -3292,6 +3337,7 @@ update_ownertrust( ulong lid, unsigned new_trust )
 {
     TRUSTREC rec;
 
+    INIT_TRUSTDB();
     read_record( lid, &rec, RECTYPE_DIR );
     rec.r.dir.ownertrust = new_trust;
     write_record( &rec );

include/types.h

@@ -97,8 +97,17 @@
   #endif
 #endif
 
-
+typedef union {
-
+    int a;
+    short b;
+    char c[1];
+    long d;
+  #ifdef HAVE_U64_TYPEDEF
+    u64 e;
+  #endif
+    float f;
+    double g;
+} PROPERLY_ALIGNED_TYPE;
 
 typedef struct string_list {
     struct string_list *next;

mpi/ChangeLog

@@ -1,3 +1,8 @@
+Wed Feb 24 11:07:27 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+	* mips3/mpih-sub1.S: Removed left over junk in last line. (Should I
+	blame me or my editor?).
+
 Sat Feb 13 12:04:43 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
 
 	* Makefile.am: Removed the +=. Add MPI_OPT_FLAGS.

mpi/mips3/mpih-sub1.S

@@ -120,4 +120,4 @@ mpihelp_sub_n:
 	or	$2,$2,$8
 
 	.end	mpihelp_sub_n
-	n
+

po/ChangeLog

@@ -1,3 +1,7 @@
+Wed Feb 24 11:07:27 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+	* de.po: Imported update for 0.9.3
+
 Wed Feb 10 17:15:39 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
 
 	* pl.po: New version.

po/de.po

@@ -5,7 +5,7 @@
 msgid ""
 msgstr ""
 "POT-Creation-Date: 1999-02-19 15:31+0100\n"
-"PO-Revision-Date: 1998-12-27 13:34+0100\n"
+"PO-Revision-Date: 1999-02-21 13:34+0100\n"
 "Last-Translator: Walter Koch <walterk@mail.dip.de>\n"
 "Language-Team: German <de@li.org>\n"
 "MIME-Version: 1.0\n"
@@ -30,11 +30,11 @@ msgstr ""
 
 #: util/secmem.c:250
 msgid "operation is not possible without initialized secure memory\n"
-msgstr ""
+msgstr "Vorgang ist ohne sicheren Hauptspeichern nicht möglich\n"
 
 #: util/secmem.c:251
 msgid "(you may have used the wrong program for this task)\n"
-msgstr ""
+msgstr "(möglicherweise haben Sie das falsche Programm für diese Aufgabe benutzt)\n"
 
 #: util/miscutil.c:143
 msgid "yes"
@@ -217,24 +217,20 @@ msgid "weak key"
 msgstr "Unsicherer Schlüssel"
 
 #: util/errors.c:97
-#, fuzzy
 msgid "invalid argument"
-msgstr "Ungültige ASCII-Hülle"
+msgstr "Ungültiges Argument"
 
 #: util/errors.c:98
-#, fuzzy
 msgid "bad URI"
-msgstr "Falsche MPI"
+msgstr "fehlerhafter URI"
 
 #: util/errors.c:99
-#, fuzzy
 msgid "unsupported URI"
-msgstr "Wird nicht unterstützt"
+msgstr "Nicht unterstützter URI"
 
 #: util/errors.c:100
-#, fuzzy
 msgid "network error"
-msgstr "Allgemeiner Fehler"
+msgstr "Netzwerkfehler"
 
 #: util/logger.c:178
 #, c-format
@@ -420,9 +416,8 @@ msgid "create ascii armored output"
 msgstr "Ausgabe mit ASCII-Hülle versehen"
 
 #: g10/g10.c:221
-#, fuzzy
 msgid "|NAME|encrypt for NAME"
-msgstr "|NAME|Terminalzeichensatz NAME benutzen"
+msgstr "|NAME|verschlüsseln für NAME"
 
 #: g10/g10.c:226
 msgid "use this user-id to sign or decrypt"
@@ -1334,14 +1329,13 @@ msgid "public and secret key created and signed.\n"
 msgstr "Öffentlichen und geheimen Schlüssel erzeugt und signiert.\n"
 
 #: g10/keygen.c:929
-#, fuzzy
 msgid ""
 "Note that this key cannot be used for encryption.  You may want to use\n"
 "the command \"--edit-key\" to generate a secondary key for this purpose.\n"
 msgstr ""
 "Bitte beachten Sie, daß dieser Schlüssel nicht zum Verschlüsseln benutzt\n"
-"werden kann.  Sie können aber mit dem Befehl \"--add-key\" einen\n"
+"werden kann.  Sie können aber mit dem Befehl \"--edit-key\" einen\n"
-"Zweitschlüssel zu diesem Schlüssel hinzufügen.\n"
+"Zweitschlüssel für diesem Zweck erzeugen.\n"
 
 #: g10/keygen.c:943 g10/keygen.c:1042
 #, c-format
@@ -1349,19 +1343,19 @@ msgid "Key generation failed: %s\n"
 msgstr "Schlüsselerzeugung fehlgeschlagen: %s\n"
 
 #: g10/keygen.c:987 g10/sig-check.c:172 g10/sign.c:52
-#, fuzzy, c-format
+#, c-format
 msgid ""
 "key has been created %lu second in future (time warp or clock problem)\n"
 msgstr ""
-"Öffentlicher Schlüssel wurde in der Zukunft %lu %s erzeugt (Zeitreise oder "
+"Der Schlüssel wurde %lu Sekunde in der Zukunft erzeugt (Zeitreise oder "
 "Uhren stimmen nicht überein)\n"
 
 #: g10/keygen.c:989 g10/sig-check.c:174 g10/sign.c:54
-#, fuzzy, c-format
+#, c-format
 msgid ""
 "key has been created %lu seconds in future (time warp or clock problem)\n"
 msgstr ""
-"Öffentlicher Schlüssel wurde in der Zukunft %lu %s erzeugt (Zeitreise oder "
+"Der Schlüssel wurde %lu Sekunden in der Zukunft erzeugt (Zeitreise oder "
 "Uhren stimmen nicht überein)\n"
 
 #: g10/keygen.c:1020
@@ -1667,14 +1661,14 @@ msgid "key %08lX: invalid self-signature\n"
 msgstr "Schlüssel %08lX: Ungültige Eigenbeglaubigung\n"
 
 #: g10/import.c:719
-#, fuzzy, c-format
+#, c-format
 msgid "key %08lX: no subkey for key binding\n"
-msgstr "Schlüssel %08lX.%lu: Korrekte Unterschlüssel-Anbindung\n"
+msgstr "Schlüssel %08lX: Kein Unterschlüssel für die Schlüsselanbindung\n"
 
 #: g10/import.c:728
-#, fuzzy, c-format
+#, c-format
 msgid "key %08lX: invalid subkey binding\n"
-msgstr "Schlüssel %08lX.%lu: Ungültige Unterschlüssel-Anbindung\n"
+msgstr "Schlüssel %08lX: Ungültige Unterschlüssel-Anbindung\n"
 
 #: g10/import.c:759
 #, c-format
@@ -1684,7 +1678,7 @@ msgstr "Schl
 #: g10/import.c:779
 #, fuzzy, c-format
 msgid "key %08lX: skipped subkey\n"
-msgstr "Schlüssel %08lX: 1 neuer Unterschlüssel\n"
+msgstr "Schlüssel %08lX: Unterschlüssel ignoriert\n"
 
 #: g10/import.c:798
 #, c-format
@@ -2149,9 +2143,8 @@ msgid "Good signature from \""
 msgstr "Korrekte Unterschrift von \""
 
 #: g10/mainproc.c:866
-#, fuzzy
+msgid  "                aka \""
-msgid "                aka \""
+msgstr "                alias \""
-msgstr "           importiert: %lu"
 
 #: g10/mainproc.c:908
 #, c-format
@@ -2191,7 +2184,7 @@ msgstr ""
 #, fuzzy
 msgid "this cipher algorithm is depreciated; please use a more standard one!\n"
 msgstr ""
-"Diees Verschlüsselungsmethode ist nicht viel wert; verwenden Sie eine "
+"Diees Verschlüsselungsmethode taugt nicht mehr viel; verwenden Sie eine "
 "stärker standardisierte Methode!\n"
 
 #: g10/parse-packet.c:113

util/ChangeLog

@@ -1,3 +1,7 @@
+Wed Feb 24 11:07:27 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
+
+	* iobuf.c (block_filter): Fixed the oscillating partial packet chunks.
+
 Fri Feb 19 15:49:15 CET 1999  Werner Koch  <wk@isil.d.shuttle.de>
 
 	* iobuf.c (iobuf_push_filter2): New to allow transer of context

util/iobuf.c

@@ -41,7 +41,7 @@ typedef struct {
 
 /* The first partial length header block must be of size 512
  * to make it easier (and efficienter) we use a min. block size of 512
- * for all chznks (but the last one) */
+ * for all chunks (but the last one) */
 #define OP_MIN_PARTIAL_CHUNK	  512
 #define OP_MIN_PARTIAL_CHUNK_2POW 9
 
@@ -259,7 +259,7 @@ block_filter(void *opaque, int control, IOBUF chain, byte *buf, size_t *ret_len)
 
 	    assert( a->buflen <= OP_MIN_PARTIAL_CHUNK );
 	    if( nbytes < OP_MIN_PARTIAL_CHUNK ) {
-		/* not enough to write a partial block out , so we store it*/
+		/* not enough to write a partial block out; so we store it*/
 		if( !a->buffer )
 		    a->buffer = m_alloc( OP_MIN_PARTIAL_CHUNK );
 		memcpy( a->buffer + a->buflen, buf, size );
@@ -272,7 +272,7 @@ block_filter(void *opaque, int control, IOBUF chain, byte *buf, size_t *ret_len)
 		    /* find the best matching block length - this is limited
 		     * by the size of the internal buffering */
 		    for( blen=OP_MIN_PARTIAL_CHUNK*2,
-			    c=OP_MIN_PARTIAL_CHUNK_2POW+1; blen < nbytes;
+			    c=OP_MIN_PARTIAL_CHUNK_2POW+1; blen <= nbytes;
 							    blen *=2, c++ )
 			;
 		    blen /= 2; c--;
@@ -305,7 +305,7 @@ block_filter(void *opaque, int control, IOBUF chain, byte *buf, size_t *ret_len)
 		}
 	    }
 	}
-	else { /* the gnupg scheme */
+	else { /* the gnupg scheme (which is not openpgp compliant) */
 	    size_t avail, n;
 
 	    for(p=buf; !rc && size; ) {
@@ -361,7 +361,7 @@ block_filter(void *opaque, int control, IOBUF chain, byte *buf, size_t *ret_len)
 		 * and frankly we can't do so, because this length must be
 		 * a power of 2. This is _really_ complicated because we
 		 * have to check the possible length of a packet prior
-		 * to it's creation: a chein of filters becomes complicated
+		 * to it's creation: a chain of filters becomes complicated
 		 * and we need a lot of code to handle compressed packets etc.
 		 *   :-(((((((
 		 */