security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

* trustlist.c (read_list): Allow colons in the fingerprint. 

(headerblurb): Rephrased.

* gpg-agent.c (handle_connections): Increase the stack size ot 256k.

* de.po: Updated.

* scdaemon.c (main): Bumbed thread stack size up to 512k.

* keylist.c (list_cert_raw): Print the keygrip.
This commit is contained in:
Werner Koch 2004-07-22 09:37:36 +00:00
parent 2e10dbd6c8
commit d9147773b4
14 changed files with 275 additions and 200 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
ChangeLog
View File

@ -1,3 +1,12 @@
2004-07-22 Werner Koch <wk@g10code.de>
Released 1.9.10.
2004-07-21 Werner Koch <wk@g10code.de>
* configure.ac: Don't set DIE to no after it might has been set to
yes.
2004-07-20 Werner Koch <wk@g10code.de>
* Makefile.am (sm): Build kbx only if gpgsm is to be build.

11
NEWS
View File

@ -1,5 +1,12 @@
Noteworthy changes in version 1.9.10
------------------------------------------------
Noteworthy changes in version 1.9.10 (2004-07-22)
-------------------------------------------------
* Fixed a serious bug in the checking of trusted root certificates.
* New configure option --enable-agent-pnly allows to build and
install just the agent.
* Fixed a problem with the log file handling.
Noteworthy changes in version 1.9.9 (2004-06-08)

34
README
View File

@ -9,6 +9,10 @@ GnuPG 2.0 release. Note that GnuPG 1.3 and 1.9 are not always in sync
and thus features and bug fixes done in 1.3 are not necessary
available in 1.9.
You should use this GnuPG version if you want to use the gpg-agent or
gpgsm (the S/MIME variant of gpg). Note that the gpg-agent is also
helpful when using the standard gpg versions (1.2.x or 1.3.x).
BUILD INSTRUCTIONS
==================
@ -20,7 +24,10 @@ GnuPG 1.9 depends on the following packages:
libassuan (ftp://ftp.gnupg.org/gcrypt/alpha/libassuan/)
libksba (ftp://ftp.gnupg.org/gcrypt/alpha/libksba/)
You also need the pinentry package for most function of GnupG; however
If you use the configure option --enable-agent-only, libksba is not
required.
You also need the pinentry package for most function of GnuPG; however
it is not a build requirement. pinentry is available at
ftp://ftp.gnupg.org/gcrypt/pinentry/ .
@ -28,7 +35,7 @@ You should get the latest versions of course, the GnuPG configure
script complains if a version is not sufficient.
After building and installing the above packages in the order as given
above, you may now continue with GnupG installation (you may also just
above, you may now continue with GnuPG installation (you may also just
try to build GnuPG to see whether your already installed versions are
sufficient).
@ -42,9 +49,9 @@ As with all packages, you just have to do
If everything succeeds, you have a working GnuPG with support for
S/MIME and smartcards. Note that there is no binary gpg but a gpg2 so
that this package won't confict with a GnuPG 1.2 or1.3
installation. gpg2 behaves just like gpg and it is possible to symlink
oto gpg if you want to use gpg 1.9.
that this package won't confict with a GnuPG 1.2 or 1.3
installation. gpg2 behaves just like gpg; it is however suggested to
keep using gpg 1.2.x or 1.3.x.
In case of problem please ask on gpa-dev@gnupg.org for advise. Note
that this release is only expected to build on GNU and *BSD systems.
@ -71,7 +78,7 @@ gpgsm:
prepended before each block.
gpg2:
gpg2: (Note that these card commands are also available with gpg 1.3.x)
-----
--card-status
@ -268,9 +275,10 @@ policies.txt
trustlist.txt
A list of trusted certificates usually maintained by
gpg-agent. It can however be edited manually. The file will
be created automagically with some explaining comments.
A list of trusted certificates. The file will be created
automagically with some explaining comments. By using
gpg-agent's option --allow-mark-trusted, gpg-agent may add new
entries after user confirmation.
random_seed
@ -436,7 +444,7 @@ modes for gpgsm, here is the entire list of ways to specify a key:
*Heine
Please note that we have reused the hash mark indentifier which was
Please note that we have reused the hash mark identifier which was
used in old GnuPG versions to indicate the so called local-id. It is
not anymore used and there should be no conflict when used with X.509
stuff.
@ -456,7 +464,7 @@ file.
gpgsm --import foo.p12
This require that the gpg-agent is running.
This requires that the gpg-agent is running.
HOW TO EXPORT A PRIVATE KEY
@ -482,8 +490,8 @@ however you must have build GnuPG with support for the OpenSC library.
The build process automagically detects the presence of this library
and will include support for these cards.
The other card we currently support is the Telesec NetKey card with
the NKS 2.0 card application.
The other cards we currently support are the Telesec NetKey card with
the NKS 2.0 card application and all generic DINSIG cards.
Before GPGSM can make use of a new card it must gather some
information, like the card's serial number, the public keys and the

11
TODO
View File

@ -1,12 +1,5 @@
-*- outline -*-
* Keylisting
Add the keygrip to the dump output
Explain how to setup a root CA key as trusted
Look for new system-wide certificates
Explain how trustlist.txt might be managed.
* src/base64
** Make parsing more robust
@ -83,4 +76,6 @@ might want to have an agent context for each service request
** Add a test to check the extkeyusage.
* doc/
** Explain how to setup a root CA key as trusted
** Explain how trustlist.txt might be managed.

7
agent/ChangeLog
View File

@ -1,3 +1,10 @@
2004-07-22 Werner Koch <wk@g10code.de>
* trustlist.c (read_list): Allow colons in the fingerprint.
(headerblurb): Rephrased.
* gpg-agent.c (handle_connections): Increase the stack size ot 256k.
2004-06-20 Moritz Schulte <moritz@g10code.com>
* gpg-agent.c: Include <sys/stat.h> (build fix for BSD).

2
agent/gpg-agent.c
View File

@ -1158,7 +1158,7 @@ handle_connections (int listen_fd)
tattr = pth_attr_new();
pth_attr_set (tattr, PTH_ATTR_JOINABLE, 0);
pth_attr_set (tattr, PTH_ATTR_STACK_SIZE, 32*1024);
pth_attr_set (tattr, PTH_ATTR_STACK_SIZE, 256*1024);
pth_attr_set (tattr, PTH_ATTR_NAME, "gpg-agent");
sigemptyset (&sigs );

28
agent/trustlist.c
View File

@ -32,15 +32,16 @@
#include <assuan.h> /* fixme: need a way to avoid assuan calls here */
static const char headerblurb[] =
"# This is the list of trusted keys. Comments like this one and empty\n"
"# lines are allowed but keep in mind that the entire file is integrity\n"
"# This is the list of trusted keys. Comment lines, like this one, as\n"
"# well as empty lines are ignored. The entire file may be integrity\n"
"# protected by the use of a MAC, so changing the file does not make\n"
"# much sense without the knowledge of the MAC key. Lines do have a\n"
"# length limit but this is not serious limitation as the format of the\n"
"# sense without the knowledge of the MAC key. Lines do have a length\n"
"# limit but this is not serious limitation as the format of the\n"
"# entries is fixed and checked by gpg-agent: A non-comment line starts\n"
"# with optional white spaces, followed by exactly 40 hex character,\n"
"# optioanlly followed by a flag character which my either be 'P', 'S'\n"
"# or '*'. Additional data delimited with by a white space is ignored.\n"
"# with optional white spaces, followed by the SHA-1 fingerpint in hex,\n"
"# optionally followed by a flag character which my either be 'P', 'S'\n"
"# or '*'. Additional data, delimited by white space, is ignored.\n"
"#\n"
"# NOTE: You should give the gpg-agent a HUP after editing this file.\n"
"\n";
@ -97,7 +98,7 @@ static int
read_list (char *key, int *keyflag)
{
int rc;
int c, i;
int c, i, j;
char *p, line[256];
if (!trustfp)
@ -125,16 +126,17 @@ read_list (char *key, int *keyflag)
: GPG_ERR_INCOMPLETE_LINE);
}
/* Allow for emty lines and spaces */
/* Allow for empty lines and spaces */
for (p=line; spacep (p); p++)
;
}
while (!*p || *p == '\n' || *p == '#');
for (i=0; hexdigitp (p+i) && i < 40; i++)
key[i] = p[i] >= 'a'? (p[i] & 0xdf): p[i];
key[i] = 0;
if (i!=40 || !(spacep (p+i) || p[i] == '\n'))
for (i=j=0; (p[i] == ':' || hexdigitp (p+i)) && j < 40; i++)
if ( p[i] != ':' )
key[j++] = p[i] >= 'a'? (p[i] & 0xdf): p[i];
key[j] = 0;
if (j!=40 || !(spacep (p+i) || p[i] == '\n'))
{
log_error ("invalid formatted fingerprint in trustlist\n");
return gpg_error (GPG_ERR_BAD_DATA);

3
configure.ac
View File

@ -24,7 +24,7 @@ min_automake_version="1.7.6"
# Version number: Remember to change it immediately *after* a release.
# Add a "-cvs" prefix for non-released code.
AC_INIT(gnupg, 1.9.10-cvs, gnupg-devel@gnupg.org)
AC_INIT(gnupg, 1.9.10, gnupg-devel@gnupg.org)
# Set development_version to yes if the minor number is odd or you
# feel that the default check for a development version is not
# sufficient.
@ -1067,7 +1067,6 @@ if test "$have_libassuan" = "no"; then
***]])
fi
if test "$have_ksba" = "no"; then
die=no
AC_MSG_NOTICE([[
***
*** You need libksba to build this program.

4
po/ChangeLog
View File

@ -1,3 +1,7 @@
2004-07-22 Werner Koch <wk@g10code.de>
* de.po: Updated.
2004-04-06 Werner Koch <wk@gnupg.org>
* Makevars (DOMAIN): Init from PACKAGE_GT

350
po/de.po
View File

@ -8,17 +8,17 @@
#
msgid ""
msgstr ""
"Project-Id-Version: gnupg2 1.9.7\n"
"Project-Id-Version: gnupg2 1.9.10\n"
"Report-Msgid-Bugs-To: translations@gnupg.org\n"
"POT-Creation-Date: 2004-04-29 19:50+0200\n"
"PO-Revision-Date: 2004-04-06 11:47+0200\n"
"POT-Creation-Date: 2004-07-22 09:54+0200\n"
"PO-Revision-Date: 2004-07-22 10:05+0200\n"
"Last-Translator: Werner Koch <wk@gnupg.org>\n"
"Language-Team: de\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=iso-8859-1\n"
"Content-Transfer-Encoding: 8bit\n"
#: agent/gpg-agent.c:94 agent/protect-tool.c:92 scd/scdaemon.c:92
#: agent/gpg-agent.c:96 agent/protect-tool.c:94 scd/scdaemon.c:92
msgid ""
"@Options:\n"
" "
@ -26,51 +26,59 @@ msgstr ""
"@Optionen:\n"
" "
#: agent/gpg-agent.c:96 scd/scdaemon.c:94
#: agent/gpg-agent.c:98 scd/scdaemon.c:94
msgid "run in server mode (foreground)"
msgstr "Im Server Modus ausführen"
#: agent/gpg-agent.c:97 scd/scdaemon.c:95
#: agent/gpg-agent.c:99 scd/scdaemon.c:95
msgid "run in daemon mode (background)"
msgstr "Im Daemon Modus ausführen"
#: agent/gpg-agent.c:98 kbx/kbxutil.c:73 scd/scdaemon.c:96 sm/gpgsm.c:312
#: agent/gpg-agent.c:100 kbx/kbxutil.c:75 scd/scdaemon.c:96 sm/gpgsm.c:313
#: tools/gpgconf.c:62
msgid "verbose"
msgstr "ausführlich"
#: agent/gpg-agent.c:99 kbx/kbxutil.c:74 scd/scdaemon.c:97 sm/gpgsm.c:313
#: agent/gpg-agent.c:101 kbx/kbxutil.c:76 scd/scdaemon.c:97 sm/gpgsm.c:314
msgid "be somewhat more quiet"
msgstr "etwas weniger Aussageb erzeugen"
#: agent/gpg-agent.c:100 scd/scdaemon.c:98
#: agent/gpg-agent.c:102 scd/scdaemon.c:98
msgid "sh-style command output"
msgstr "Ausgabe für /bin/sh"
#: agent/gpg-agent.c:101 scd/scdaemon.c:99
#: agent/gpg-agent.c:103 scd/scdaemon.c:99
msgid "csh-style command output"
msgstr "Ausgabe für /bin/csh"
#: agent/gpg-agent.c:102
#: agent/gpg-agent.c:104
msgid "|FILE|read options from FILE"
msgstr "|DATEI|Konfigurationsoptionen aus DATEI lesen"
#: agent/gpg-agent.c:107 scd/scdaemon.c:106
#: agent/gpg-agent.c:109 scd/scdaemon.c:106
msgid "do not detach from the console"
msgstr "Im Vordergrund laufen lassen"
#: agent/gpg-agent.c:108
#: agent/gpg-agent.c:110
msgid "do not grab keyboard and mouse"
msgstr "Tastatur und Maus nicht \"grabben\""
#: agent/gpg-agent.c:109 scd/scdaemon.c:107 sm/gpgsm.c:315
#: agent/gpg-agent.c:111 scd/scdaemon.c:107 sm/gpgsm.c:316
msgid "use a log file for the server"
msgstr "Logausgaben in eine Datei umlenken"
#: agent/gpg-agent.c:110
#: agent/gpg-agent.c:112
msgid "do not allow multiple connections"
msgstr "Nicht mehr als eine Verbindung erlauben"
#: agent/gpg-agent.c:115
msgid "|PGM|use PGM as the PIN-Entry program"
msgstr "|PGM|benutze PGM as PIN-Entry"
#: agent/gpg-agent.c:117
msgid "|PGM|use PGM as the SCdaemon program"
msgstr "|PGM|benutze PGM as SCdaemon"
#: agent/gpg-agent.c:124
msgid "ignore requests to change the TTY"
msgstr "Ignoriere Anfragen, das TTY zu wechseln"
@ -79,21 +87,33 @@ msgstr "Ignoriere Anfragen, das TTY zu wechseln"
msgid "ignore requests to change the X display"
msgstr "Ignoriere Anfragen, das X-Display zu wechseln"
#: agent/gpg-agent.c:180 agent/protect-tool.c:124 scd/scdaemon.c:165
#: sm/gpgsm.c:479 tools/gpgconf.c:85
#: agent/gpg-agent.c:129
msgid "|N|expire cached PINs after N seconds"
msgstr "|N|lasse PINs im Cache nach N Sekunden verfallen"
#: agent/gpg-agent.c:131
msgid "do not use the PIN cache when signing"
msgstr "benutze PINs im Cache nicht bem Signieren"
#: agent/gpg-agent.c:133
msgid "allow clients to mark keys as \"trusted\""
msgstr "erlaube Aufrufern Schlüssel als \"vertrauenswürdig\" zu markieren"
#: agent/gpg-agent.c:191 agent/protect-tool.c:127 scd/scdaemon.c:165
#: sm/gpgsm.c:481 tools/gpgconf.c:85
msgid "Please report bugs to <"
msgstr "Fehlerberichte bitte an <"
#: agent/gpg-agent.c:180 agent/protect-tool.c:124 scd/scdaemon.c:165
#: sm/gpgsm.c:479 tools/gpgconf.c:85
#: agent/gpg-agent.c:191 agent/protect-tool.c:127 scd/scdaemon.c:165
#: sm/gpgsm.c:481 tools/gpgconf.c:85
msgid ">.\n"
msgstr ">.\n"
#: agent/gpg-agent.c:183
#: agent/gpg-agent.c:194
msgid "Usage: gpg-agent [options] (-h for help)"
msgstr "Gebrauch: gpg-agent [Optionen] (-h für Hilfe)"
#: agent/gpg-agent.c:185
#: agent/gpg-agent.c:196
msgid ""
"Syntax: gpg-agent [options] [command [args]]\n"
"Secret key management for GnuPG\n"
@ -101,55 +121,55 @@ msgstr ""
"Syntax: gpg-agent [Optionen] [Kommando [Argumente]]\n"
"Verwaltung von geheimen Schlüssel für GnuPG\n"
#: agent/gpg-agent.c:256 scd/scdaemon.c:239 sm/gpgsm.c:602
#: agent/gpg-agent.c:267 scd/scdaemon.c:239 sm/gpgsm.c:604
#, c-format
msgid "invalid debug-level `%s' given\n"
msgstr "ungültige Debugebene `%s' angegeben\n"
#: agent/gpg-agent.c:414 agent/protect-tool.c:1035 kbx/kbxutil.c:230
#: scd/scdaemon.c:352 sm/gpgsm.c:725
#: agent/gpg-agent.c:439 agent/protect-tool.c:1040 kbx/kbxutil.c:232
#: scd/scdaemon.c:352 sm/gpgsm.c:726
#, c-format
msgid "libgcrypt is too old (need %s, have %s)\n"
msgstr ""
"Die Bibliothek \"libgcrypt\" is zu alt (benötigt wird %s, vorhanden ist %s)\n"
#: agent/gpg-agent.c:487 scd/scdaemon.c:432 sm/gpgsm.c:823
#: agent/gpg-agent.c:512 scd/scdaemon.c:432 sm/gpgsm.c:824
#, c-format
msgid "NOTE: no default option file `%s'\n"
msgstr "Notiz: Voreingestellte Konfigurationsdatei `%s' fehlt\n"
#: agent/gpg-agent.c:492 agent/gpg-agent.c:955 scd/scdaemon.c:437
#: sm/gpgsm.c:827
#: agent/gpg-agent.c:517 agent/gpg-agent.c:983 scd/scdaemon.c:437
#: sm/gpgsm.c:828
#, c-format
msgid "option file `%s': %s\n"
msgstr "Konfigurationsdatei `%s': %s\n"
#: agent/gpg-agent.c:500 scd/scdaemon.c:445 sm/gpgsm.c:834
#: agent/gpg-agent.c:525 scd/scdaemon.c:445 sm/gpgsm.c:835
#, c-format
msgid "reading options from `%s'\n"
msgstr "Optionen werden aus `%s' gelesen\n"
#: agent/gpg-agent.c:641 scd/scdaemon.c:619
#: agent/gpg-agent.c:668 scd/scdaemon.c:619
msgid "please use the option `--daemon' to run the program in the background\n"
msgstr ""
"Bitte die Option `--daemon' nutzen um das Programm im Hintergund "
"auszuführen\n"
#: agent/gpg-agent.c:988 agent/gpg-agent.c:1022
#: agent/gpg-agent.c:1016 agent/gpg-agent.c:1050
#, c-format
msgid "can't create directory `%s': %s\n"
msgstr "Das Verzeichniss `%s' kann nicht erstell werden: %s\n"
#: agent/gpg-agent.c:991 agent/gpg-agent.c:1027
#: agent/gpg-agent.c:1019 agent/gpg-agent.c:1055
#, c-format
msgid "directory `%s' created\n"
msgstr "Verzeichniss `%s' wurde erstellt\n"
#: agent/protect-tool.c:127
#: agent/protect-tool.c:130
msgid "Usage: gpg-protect-tool [options] (-h for help)\n"
msgstr "Gebrauch: gpg-protect-tool [Optionen] (-h für Hilfe)\n"
#: agent/protect-tool.c:129
#: agent/protect-tool.c:132
msgid ""
"Syntax: gpg-protect-tool [options] [args]]\n"
"Secret key maintenance tool\n"
@ -157,7 +177,7 @@ msgstr ""
"Syntax: gpg-protect-tool [Optionen] [Argumente]\n"
"Werkzeug zum Bearbeiten von geheimen Schlüsseln\n"
#: agent/protect-tool.c:1142
#: agent/protect-tool.c:1148
msgid ""
"Please enter the passphrase or the PIN\n"
"needed to complete this operation."
@ -165,7 +185,7 @@ msgstr ""
"Die Eingabe des Mantras (Passphrase) bzw. der PIN\n"
"wird benötigt um diese Aktion auszuführen."
#: agent/protect-tool.c:1145
#: agent/protect-tool.c:1151
msgid "Passphrase:"
msgstr "Passphrase:"
@ -236,19 +256,19 @@ msgstr "Falsches Mantra (Passphrase)"
msgid "Passphrase"
msgstr "Mantra"
#: common/sysutils.c:84
#: common/sysutils.c:87
#, c-format
msgid "can't disable core dumps: %s\n"
msgstr ""
"Das Erstellen eines Speicherabzugs (core-dump) kann nicht verhindert werden: "
"%s\n"
#: common/sysutils.c:159
#: common/sysutils.c:182
#, c-format
msgid "Warning: unsafe ownership on %s \"%s\"\n"
msgstr "WARNUNG: Unsichere Besitzrechte für %s \"%s\"\n"
#: common/sysutils.c:191
#: common/sysutils.c:214
#, c-format
msgid "Warning: unsafe permissions on %s \"%s\"\n"
msgstr "WARNUNG: Unsichere Zugriffsrechte für %s \"%s\"\n"
@ -287,12 +307,12 @@ msgstr "Vom Benutzer abgebrochen\n"
msgid "problem with the agent\n"
msgstr "Problem mit dem Agenten\n"
#: jnlib/logging.c:547
#: jnlib/logging.c:555
#, c-format
msgid "you found a bug ... (%s:%d)\n"
msgstr "Sie haben einen Bug (Softwarefehler) gefunden ... (%s:%d)\n"
#: kbx/kbxutil.c:62 sm/gpgsm.c:223 tools/gpgconf.c:53
#: kbx/kbxutil.c:63 sm/gpgsm.c:224 tools/gpgconf.c:53
msgid ""
"@Commands:\n"
" "
@ -300,7 +320,7 @@ msgstr ""
"@Kommandos:\n"
" "
#: kbx/kbxutil.c:68 sm/gpgsm.c:258 tools/gpgconf.c:59
#: kbx/kbxutil.c:70 sm/gpgsm.c:259 tools/gpgconf.c:59
msgid ""
"@\n"
"Options:\n"
@ -310,39 +330,31 @@ msgstr ""
"Optionen:\n"
" "
#: kbx/kbxutil.c:70 sm/gpgsm.c:260
msgid "create ascii armored output"
msgstr "Ausgabe mit ASCII Hülle wird erzeugt"
#: kbx/kbxutil.c:72 sm/gpgsm.c:311 tools/gpgconf.c:61
msgid "use as output file"
msgstr "als Ausgabedatei benutzen"
#: kbx/kbxutil.c:75 sm/gpgsm.c:320 tools/gpgconf.c:64
#: kbx/kbxutil.c:77 sm/gpgsm.c:321 tools/gpgconf.c:64
msgid "do not make any changes"
msgstr "Keine Änderungen durchführen"
#: kbx/kbxutil.c:77
#: kbx/kbxutil.c:79
msgid "set debugging flags"
msgstr "Debug Flags setzen"
#: kbx/kbxutil.c:78
#: kbx/kbxutil.c:80
msgid "enable full debugging"
msgstr "Alle Debug Flags setzen"
#: kbx/kbxutil.c:99
#: kbx/kbxutil.c:101
msgid "Please report bugs to "
msgstr "Bite richten sie Berichte über Bugs (Softwarefehler) an "
#: kbx/kbxutil.c:99
#: kbx/kbxutil.c:101
msgid ".\n"
msgstr ".\n"
#: kbx/kbxutil.c:103
#: kbx/kbxutil.c:105
msgid "Usage: kbxutil [options] [files] (-h for help)"
msgstr "Gebrauch: kbxutil [Optionen] [Dateien] (-h für Hilfe)"
#: kbx/kbxutil.c:106
#: kbx/kbxutil.c:108
msgid ""
"Syntax: kbxutil [options] [files]\n"
"list, export, import Keybox data\n"
@ -350,7 +362,7 @@ msgstr ""
"Syntax: kbxutil [Optionen] [Dateien]\n"
"Anlistem exportieren und Importieren von KeyBox Dateien\n"
#: scd/scdaemon.c:100 sm/gpgsm.c:332
#: scd/scdaemon.c:100 sm/gpgsm.c:333
msgid "read options from file"
msgstr "Konfigurationsoptionen aus Datei lesen"
@ -523,8 +535,8 @@ msgstr "Der Herausgeber wird von einer externen Stelle gesucht\n"
msgid "number of issuers matching: %d\n"
msgstr "Anzahl der übereinstimmenden Heruasgeber: %d\n"
#: sm/certchain.c:403 sm/certchain.c:561 sm/certchain.c:909 sm/decrypt.c:260
#: sm/encrypt.c:341 sm/sign.c:324 sm/verify.c:107
#: sm/certchain.c:403 sm/certchain.c:561 sm/certchain.c:912 sm/decrypt.c:260
#: sm/encrypt.c:341 sm/sign.c:324 sm/verify.c:106
msgid "failed to allocated keyDB handle\n"
msgstr "Ein keyDB Handle konnte nicht bereitgestellt werden\n"
@ -589,25 +601,25 @@ msgstr "Das Wurzelzertifikat wurde nun als vertrauensw
msgid "checking the trust list failed: %s\n"
msgstr "Fehler beim Prüfen der vertrauenswürdigen Zertifikate: %s\n"
#: sm/certchain.c:721 sm/import.c:145
#: sm/certchain.c:724 sm/import.c:166
msgid "certificate chain too long\n"
msgstr "Der Zertifikatkette ist zu lang\n"
#: sm/certchain.c:733
#: sm/certchain.c:736
msgid "issuer certificate not found"
msgstr "Herausgeberzertifikat nicht gefunden"
#: sm/certchain.c:766
#: sm/certchain.c:769
msgid "certificate has a BAD signature"
msgstr "Das Zertifikat hat eine FALSCHE Signatur"
#: sm/certchain.c:789
#: sm/certchain.c:792
msgid "found another possible matching CA certificate - trying again"
msgstr ""
"Eine anderes möglicherweise passendes CA-Zertifikat gefunden - versuche "
"nochmal"
#: sm/certchain.c:812
#: sm/certchain.c:815
#, c-format
msgid "certificate chain longer than allowed by CA (%d)"
msgstr "Die Zertifikatkette ist länger als von der CA erlaubt (%d)"
@ -660,227 +672,235 @@ msgstr "Schwacher Schl
msgid "no valid recipients given\n"
msgstr "Keine gültigen Empfänger angegeben\n"
#: sm/gpgsm.c:225
#: sm/gpgsm.c:226
msgid "|[FILE]|make a signature"
msgstr "|[DATEI]|Erzeuge eine Signatur"
#: sm/gpgsm.c:226
#: sm/gpgsm.c:227
msgid "|[FILE]|make a clear text signature"
msgstr "|[DATEI]|Erzeuge eine Klartextsignatur"
#: sm/gpgsm.c:227
#: sm/gpgsm.c:228
msgid "make a detached signature"
msgstr "Erzeuge eine abgetrennte Signatur"
#: sm/gpgsm.c:228
#: sm/gpgsm.c:229
msgid "encrypt data"
msgstr "Verschlüssele die Daten"
#: sm/gpgsm.c:229
#: sm/gpgsm.c:230
msgid "encryption only with symmetric cipher"
msgstr "Verschlüsselung nur mit symmetrischem Algrithmus"
#: sm/gpgsm.c:230
#: sm/gpgsm.c:231
msgid "decrypt data (default)"
msgstr "Enschlüssele die Daten"
#: sm/gpgsm.c:231
#: sm/gpgsm.c:232
msgid "verify a signature"
msgstr "Überprüfen einer Signatur"
#: sm/gpgsm.c:233
#: sm/gpgsm.c:234
msgid "list keys"
msgstr "Schlüssel anzeigen"
#: sm/gpgsm.c:234
#: sm/gpgsm.c:235
msgid "list external keys"
msgstr "Externe Schlüssel anzeigen"
#: sm/gpgsm.c:235
#: sm/gpgsm.c:236
msgid "list secret keys"
msgstr "Geheime Schlüssel anzeigen"
#: sm/gpgsm.c:236
#: sm/gpgsm.c:237
msgid "list certificate chain"
msgstr "Schlüssel mit Zertifikatekette anzeigen"
#: sm/gpgsm.c:238
#: sm/gpgsm.c:239
msgid "list keys and fingerprints"
msgstr "Schlüssel und Fingerprint anzeigen"
#: sm/gpgsm.c:239
#: sm/gpgsm.c:240
msgid "generate a new key pair"
msgstr "Neues Schlüsselpaar erzeugen"
#: sm/gpgsm.c:240
#: sm/gpgsm.c:241
msgid "remove key from the public keyring"
msgstr "Schlüssel aus dem öffentlichen Schlüsselbund löschen"
#: sm/gpgsm.c:241
#: sm/gpgsm.c:242
msgid "export keys to a key server"
msgstr "Schlüssen an eine Schlüsselserver exportieren"
#: sm/gpgsm.c:242
#: sm/gpgsm.c:243
msgid "import keys from a key server"
msgstr "Schlüssel von einem Schlüsselserver importieren"
#: sm/gpgsm.c:243
#: sm/gpgsm.c:244
msgid "import certificates"
msgstr "Zertifikate importieren"
#: sm/gpgsm.c:244
#: sm/gpgsm.c:245
msgid "export certificates"
msgstr "Zertifikate exportieren"
#: sm/gpgsm.c:245
#: sm/gpgsm.c:246
msgid "register a smartcard"
msgstr "Smartcard registrieren"
#: sm/gpgsm.c:246
#: sm/gpgsm.c:247
msgid "run in server mode"
msgstr "Im Server Modus ausführen"
#: sm/gpgsm.c:247
#: sm/gpgsm.c:248
msgid "pass a command to the dirmngr"
msgstr "Das Kommand an den Dirmngr durchreichen"
#: sm/gpgsm.c:249
#: sm/gpgsm.c:250
msgid "invoke gpg-protect-tool"
msgstr "Rufe das gpg-protect-tool auf"
#: sm/gpgsm.c:250
#: sm/gpgsm.c:251
msgid "change a passphrase"
msgstr "Das Mantra (Passphrase) ändern"
#: sm/gpgsm.c:262
#: sm/gpgsm.c:261
msgid "create ascii armored output"
msgstr "Ausgabe mit ASCII Hülle wird erzeugt"
#: sm/gpgsm.c:263
msgid "create base-64 encoded output"
msgstr "Ausgabe im Basis-64 format erzeugen"
#: sm/gpgsm.c:264
#: sm/gpgsm.c:265
msgid "assume input is in PEM format"
msgstr "Eingabedaten sind im PEM Format"
#: sm/gpgsm.c:266
#: sm/gpgsm.c:267
msgid "assume input is in base-64 format"
msgstr "Eingabedaten sin im Basis-64 Format"
#: sm/gpgsm.c:268
#: sm/gpgsm.c:269
msgid "assume input is in binary format"
msgstr "Eingabedaten sind im Binärformat"
#: sm/gpgsm.c:270
#: sm/gpgsm.c:271
msgid "|NAME|encrypt for NAME"
msgstr "|NAME|Verschlüsseln für NAME"
#: sm/gpgsm.c:273
#: sm/gpgsm.c:274
msgid "never consult a CRL"
msgstr "Niemals eine CRL konsultieren"
#: sm/gpgsm.c:278
#: sm/gpgsm.c:279
msgid "check validity using OCSP"
msgstr "Die Gültigkeit mittels OCSP prüfen"
#: sm/gpgsm.c:281
#: sm/gpgsm.c:282
msgid "|N|number of certificates to include"
msgstr "|N|Sende N Zertifikate mit"
#: sm/gpgsm.c:284
#: sm/gpgsm.c:285
msgid "|FILE|take policy information from FILE"
msgstr "|DATEI|Richtlinieninformationen DATEI entnehmen"
#: sm/gpgsm.c:287
#: sm/gpgsm.c:288
msgid "do not check certificate policies"
msgstr "Zertikikatrichtlinien nicht überprüfen"
#: sm/gpgsm.c:291
#: sm/gpgsm.c:292
msgid "fetch missing issuer certificates"
msgstr "Fehlende Zertifikate automatisch holen"
#: sm/gpgsm.c:295
#: sm/gpgsm.c:296
msgid "|NAME|use NAME as default recipient"
msgstr "|NAME|Benutze NAME als voreingestellten Empfänger"
#: sm/gpgsm.c:297
#: sm/gpgsm.c:298
msgid "use the default key as default recipient"
msgstr "Benuzte voreingestellten Schlüssel als Standardempfänger"
#: sm/gpgsm.c:303
#: sm/gpgsm.c:304
msgid "use this user-id to sign or decrypt"
msgstr "Benuzte diese Benutzer ID zum Signieren oder Entschlüsseln"
#: sm/gpgsm.c:306
#: sm/gpgsm.c:307
msgid "|N|set compress level N (0 disables)"
msgstr "|N|Benutze Komprimierungsstufe N"
#: sm/gpgsm.c:308
#: sm/gpgsm.c:309
msgid "use canonical text mode"
msgstr "Kanonischen Textmodus benutzen"
#: sm/gpgsm.c:314
#: sm/gpgsm.c:312 tools/gpgconf.c:61
msgid "use as output file"
msgstr "als Ausgabedatei benutzen"
#: sm/gpgsm.c:315
msgid "don't use the terminal at all"
msgstr "Das Terminal überhaupt nicht benutzen"
#: sm/gpgsm.c:317
#: sm/gpgsm.c:318
msgid "force v3 signatures"
msgstr "Version 3 Signaturen erzwingen"
#: sm/gpgsm.c:318
#: sm/gpgsm.c:319
msgid "always use a MDC for encryption"
msgstr "Immer das MDC Verfahren zum verschlüsseln mitbenutzen"
#: sm/gpgsm.c:323
#: sm/gpgsm.c:324
msgid "batch mode: never ask"
msgstr "Stapelverarbeitungs Modus: Nie nachfragen"
#: sm/gpgsm.c:324
#: sm/gpgsm.c:325
msgid "assume yes on most questions"
msgstr "\"Ja\" auf die meisten Anfragen annehmen"
#: sm/gpgsm.c:325
#: sm/gpgsm.c:326
msgid "assume no on most questions"
msgstr "\"Nein\" auf die meisten Anfragen annehmen"
#: sm/gpgsm.c:327
#: sm/gpgsm.c:328
msgid "add this keyring to the list of keyrings"
msgstr "Diesen Keyring in die Liste der Keyrings aufnehmen"
#: sm/gpgsm.c:328
#: sm/gpgsm.c:329
msgid "add this secret keyring to the list"
msgstr "Diese geheimen Keyring in die Liste aufnehmen"
#: sm/gpgsm.c:329
#: sm/gpgsm.c:330
msgid "|NAME|use NAME as default secret key"
msgstr "|NAME|Benutze NAME als voreingestellten Schlüssel"
#: sm/gpgsm.c:330
#: sm/gpgsm.c:331
msgid "|HOST|use this keyserver to lookup keys"
msgstr "|HOST|Benutze HOST als Schlüsselserver"
#: sm/gpgsm.c:331
#: sm/gpgsm.c:332
msgid "|NAME|set terminal charset to NAME"
msgstr "|NAME|Den Zeichensatz für das Terminal auf NAME setzen"
#: sm/gpgsm.c:340
#: sm/gpgsm.c:342
msgid "|FD|write status info to this FD"
msgstr "|FD|Statusinformationen auf Dateidescriptor FD schreiben"
#: sm/gpgsm.c:347
#: sm/gpgsm.c:349
msgid "|FILE|load extension module FILE"
msgstr "|DATEI|Das Erweiterungsmodul DATEI laden"
#: sm/gpgsm.c:353
#: sm/gpgsm.c:355
msgid "|NAME|use cipher algorithm NAME"
msgstr "|NAME|Den Verhsclüsselungsalgrithmus NAME benutzen"
#: sm/gpgsm.c:355
#: sm/gpgsm.c:357
msgid "|NAME|use message digest algorithm NAME"
msgstr "|NAME|Den Hashalgorithmus NAME benutzen"
#: sm/gpgsm.c:357
#: sm/gpgsm.c:359
msgid "|N|use compress algorithm N"
msgstr "|N|Den Kompressionsalgorithmus Nummer N benutzen"
#: sm/gpgsm.c:365
#: sm/gpgsm.c:367
msgid ""
"@\n"
"(See the man page for a complete listing of all commands and options)\n"
@ -888,7 +908,7 @@ msgstr ""
"@\n"
"(Die \"man\" Seite beschreibt alle Kommands und Optionen)\n"
#: sm/gpgsm.c:368
#: sm/gpgsm.c:370
msgid ""
"@\n"
"Examples:\n"
@ -908,11 +928,11 @@ msgstr ""
" --list-keys [Namen] Schlüssel anzeigenn\n"
" --fingerprint [Namen] \"Fingerabdrücke\" anzeigen\\n\n"
#: sm/gpgsm.c:482
#: sm/gpgsm.c:484
msgid "Usage: gpgsm [options] [files] (-h for help)"
msgstr "Gebrauch: gpgsm [Optionen] [Dateien] (-h für Hilfe)"
#: sm/gpgsm.c:485
#: sm/gpgsm.c:487
msgid ""
"Syntax: gpgsm [options] [files]\n"
"sign, check, encrypt or decrypt using the S/MIME protocol\n"
@ -921,7 +941,7 @@ msgstr ""
"Gebrauch: gpgsm [Optionen] [Dateien]\n"
"Signieren, prüfen, ver- und entschlüsseln mittels S/MIME protocol\n"
#: sm/gpgsm.c:492
#: sm/gpgsm.c:494
msgid ""
"\n"
"Supported algorithms:\n"
@ -929,129 +949,144 @@ msgstr ""
"\n"
"Unterstützte Algorithmen:\n"
#: sm/gpgsm.c:573
#: sm/gpgsm.c:575
msgid "usage: gpgsm [options] "
msgstr "Gebrauch: gpgsm [Optionen] "
#: sm/gpgsm.c:639
#: sm/gpgsm.c:641
msgid "conflicting commands\n"
msgstr "Widersprechende Kommandos\n"
#: sm/gpgsm.c:655
#: sm/gpgsm.c:657
#, c-format
msgid "can't encrypt to `%s': %s\n"
msgstr "Verschlüsseln für `%s' nicht möglich: %s\n"
#: sm/gpgsm.c:730
#: sm/gpgsm.c:731
#, c-format
msgid "libksba is too old (need %s, have %s)\n"
msgstr "Die Bibliothek Libksba is nicht aktuell (benötige %s, habe %s)\n"
#: sm/gpgsm.c:1169
#: sm/gpgsm.c:1175
msgid "WARNING: program may create a core file!\n"
msgstr "WARNUNG: Programm könnte eine core-dump-Datei schreiben!\n"
#: sm/gpgsm.c:1181
#: sm/gpgsm.c:1187
msgid "WARNING: running with faked system time: "
msgstr "WARNUNG: Ausführung mit gefälschter Systemzeit: "
#: sm/gpgsm.c:1201
#: sm/gpgsm.c:1213
msgid "selected cipher algorithm is invalid\n"
msgstr "Das ausgewählte Verschlüsselungsverfahren ist ungültig\n"
#: sm/gpgsm.c:1209
#: sm/gpgsm.c:1221
msgid "selected digest algorithm is invalid\n"
msgstr "Das ausgewählte Hashverfahren ist ungültig\n"
#: sm/gpgsm.c:1239
#: sm/gpgsm.c:1251
#, c-format
msgid "can't sign using `%s': %s\n"
msgstr "Signieren mit `%s' nicht möglich: %s\n"
#: sm/gpgsm.c:1406
#: sm/gpgsm.c:1415
msgid "this command has not yet been implemented\n"
msgstr "Diee Kommando wurde noch nicht implementiert\n"
#: sm/gpgsm.c:1629 sm/gpgsm.c:1662
#: sm/gpgsm.c:1638 sm/gpgsm.c:1671
#, c-format
msgid "can't open `%s': %s\n"
msgstr "Datei `%s' kann nicht geöffnet werden: %s\n"
#: sm/import.c:114
#: sm/import.c:118
#, c-format
msgid "total number processed: %lu\n"
msgstr "gesamte verarbeitete Anzahl: %lu\n"
#: sm/import.c:117
#: sm/import.c:121
#, c-format
msgid " imported: %lu"
msgstr " importiert: %lu"
#: sm/import.c:121
#: sm/import.c:125
#, c-format
msgid " unchanged: %lu\n"
msgstr " nicht geändert: %lu\n"
#: sm/import.c:123
#: sm/import.c:127
#, c-format
msgid " secret keys read: %lu\n"
msgstr " gelesene private Schlüssel: %lu\n"
#: sm/import.c:129
#, c-format
msgid " secret keys imported: %lu\n"
msgstr "importierte priv. Schlüssel: %lu\n"
#: sm/import.c:131
#, c-format
msgid " secret keys unchanged: %lu\n"
msgstr "ungeänderte priv. Schlüssel: %lu\n"
#: sm/import.c:133
#, c-format
msgid " not imported: %lu\n"
msgstr " nicht importiert: %lu\n"
#: sm/import.c:204
#: sm/import.c:229
msgid "error storing certificate\n"
msgstr "Fehler beim speichern des Zertifikats\n"
#: sm/import.c:211
#: sm/import.c:237
msgid "basic certificate checks failed - not imported\n"
msgstr "Grundlegende Zertifikatprüfungen fehlgeschlagen - nicht importiert\n"
#: sm/import.c:396 sm/import.c:428
#: sm/import.c:423 sm/import.c:455
#, c-format
msgid "error importing certificate: %s\n"
msgstr "Fehler beim Importieren des Zertifikats: %s\n"
#: sm/import.c:457
#: sm/import.c:484
#, c-format
msgid "error creating a pipe: %s\n"
msgstr "Fehler beim Erzeugen einer \"Pipe\": %s\n"
#: sm/import.c:465
#: sm/import.c:492
#, c-format
msgid "error forking process: %s\n"
msgstr "Fehler beim \"Forken\" des Prozess: %s\n"
#: sm/import.c:562 sm/import.c:587
#: sm/import.c:590 sm/import.c:615
#, c-format
msgid "error creating temporary file: %s\n"
msgstr "Fehler beim Erstellen einer temporären Datei: %s\n"
#: sm/import.c:570
#: sm/import.c:598
#, c-format
msgid "error writing to temporary file: %s\n"
msgstr "Fehler beim Schreiben auf eine temporäre Datei: %s\n"
#: sm/import.c:579
#: sm/import.c:607
#, c-format
msgid "error reading input: %s\n"
msgstr "Fehler beim Lesen der Eingabe: %s\n"
#: sm/import.c:649
#: sm/import.c:703
#, c-format
msgid "waiting for protect-tool to terminate failed: %s\n"
msgstr ""
"Das Warten auf die Beendigung des protect-tools ist fehlgeschlagen: %s\n"
#: sm/import.c:652
#: sm/import.c:706
#, c-format
msgid "error running `%s': probably not installed\n"
msgstr "Feler bei Ausführung von `%s': wahrscheinlich nicht installiert\n"
#: sm/import.c:654
#: sm/import.c:708
#, c-format
msgid "error running `%s': exit status %d\n"
msgstr "Fehler bei Ausführung von `%s': Endestatus %d\n"
#: sm/import.c:657
#: sm/import.c:711
#, c-format
msgid "error running `%s': terminated\n"
msgstr "Fehler beim Ausführen von `%s': beendet\n"
@ -1113,24 +1148,24 @@ msgstr "Fehler beim Holen der gespeicherten Flags: %s\n"
msgid "error storing flags: %s\n"
msgstr "Fehler beim Speichern der Flags: %s\n"
#: sm/verify.c:387
#: sm/verify.c:381
msgid "Signature made "
msgstr "Signatur erzeugt am "
#: sm/verify.c:391
#: sm/verify.c:385
msgid "[date not given]"
msgstr "[Datum nicht vorhanden]"
#: sm/verify.c:392
#: sm/verify.c:386
#, c-format
msgid " using certificate ID %08lX\n"
msgstr "mittels Zertifikat ID %08lX\n"
#: sm/verify.c:505
#: sm/verify.c:499
msgid "Good signature from"
msgstr "Korrekte Signatur von"
#: sm/verify.c:506
#: sm/verify.c:500
msgid " aka"
msgstr " alias"
@ -1188,6 +1223,3 @@ msgstr "Komponente nicht gefunden"
#~ msgstr ""
#~ "Schlüsselverwendungszweck nicht vorhanden - wird zum Verschlüsseln "
#~ "akzeptiert\n"
#~ msgid " skipped new keys: %lu\n"
#~ msgstr " übersprungene Schlüssel: %lu\n"

4
scd/ChangeLog
View File

@ -1,3 +1,7 @@
2004-07-22 Werner Koch <wk@g10code.de>
* scdaemon.c (main): Bumbed thread stack size up to 512k.
2004-07-16 Werner Koch <wk@gnupg.org>
* apdu.c (reader_table_s): Add function pointers for the backends.

2
scd/scdaemon.c
View File

@ -603,7 +603,7 @@ main (int argc, char **argv )
tattr = pth_attr_new();
pth_attr_set (tattr, PTH_ATTR_JOINABLE, 0);
pth_attr_set (tattr, PTH_ATTR_STACK_SIZE, 64*1024);
pth_attr_set (tattr, PTH_ATTR_STACK_SIZE, 512*1024);
pth_attr_set (tattr, PTH_ATTR_NAME, "ticker");
if (!pth_spawn (tattr, ticker_thread, NULL))

4
sm/ChangeLog
View File

@ -1,3 +1,7 @@
2004-07-22 Werner Koch <wk@g10code.de>
* keylist.c (list_cert_raw): Print the keygrip.
2004-07-20 Werner Koch <wk@gnupg.org>
* certchain.c (gpgsm_validate_chain): The trust check didn't

6
sm/keylist.c
View File

@ -500,7 +500,7 @@ print_names_raw (FILE *fp, int indent, ksba_name_t name)
/* List one certificate in raw mode useful to have a closer look at
the certificate. This one does not beautification and only minimal
the certificate. This one does no beautification and only minimal
output sanitation. It is mainly useful for debugging. */
static void
list_cert_raw (ctrl_t ctrl, ksba_cert_t cert, FILE *fp, int have_secret,
@ -559,6 +559,10 @@ list_cert_raw (ctrl_t ctrl, ksba_cert_t cert, FILE *fp, int have_secret,
fprintf (fp, " md5_fpr: %s\n", dn?dn:"error");
xfree (dn);
dn = gpgsm_get_keygrip_hexstring (cert);
fprintf (fp, " keygrip: %s\n", dn?dn:"error");
xfree (dn);
ksba_cert_get_validity (cert, 0, t);
fputs (" notBefore: ", fp);
gpgsm_print_time (fp, t);