1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

Preparing a new release

This commit is contained in:
Werner Koch 2006-07-27 14:18:55 +00:00
parent b37c1ce1b9
commit de5070caf0
20 changed files with 235 additions and 121 deletions

View File

@ -1,3 +1,9 @@
2006-07-27 Werner Koch <wk@g10code.com>
Released 1.9.22.
* configure.ac: Call AB_INIT.
2006-07-03 Werner Koch <wk@g10code.com> 2006-07-03 Werner Koch <wk@g10code.com>
* configure.ac: Test for ksba_dn_teststr. * configure.ac: Test for ksba_dn_teststr.

5
NEWS
View File

@ -1,12 +1,13 @@
Noteworthy changes in version 1.9.22 Noteworthy changes in version 1.9.22 (2006-07-27)
------------------------------------------------- -------------------------------------------------
* Enhanced pkcs#12 support to allow import from simple keyBags. * Enhanced pkcs#12 support to allow import from simple keyBags.
* Exporting to pkcs#12 now create bag attributes so that Mozilla is * Exporting to pkcs#12 now create bag attributes so that Mozilla is
able to import the files. able to import the files.
* Fixed uploading of certain keys to the smart card.
Noteworthy changes in version 1.9.21 (2006-06-20) Noteworthy changes in version 1.9.21 (2006-06-20)
------------------------------------------------- -------------------------------------------------

2
README
View File

@ -13,7 +13,7 @@ You should use this GnuPG version if you want to use the gpg-agent or
gpgsm (the S/MIME variant of gpg). Note that the gpg-agent is also gpgsm (the S/MIME variant of gpg). Note that the gpg-agent is also
helpful when using the standard gpg versions (1.4.x as well as some of helpful when using the standard gpg versions (1.4.x as well as some of
the old 1.2.x). There are no problems installing 1.4 and 1.9 the old 1.2.x). There are no problems installing 1.4 and 1.9
alongside; in act we suggest to do this. alongside; in dact we suggest to do this.
BUILD INSTRUCTIONS BUILD INSTRUCTIONS

3
TODO
View File

@ -112,8 +112,7 @@ might want to have an agent context for each service request
Remove the whole stuff? Remove the whole stuff?
** qbits ** qbits
We pass a new qbit parameter to genkey - implement this in libgcrypt. We pass a new qbit parameter to genkey - implement this in libgcrypt.
** Makefile.am
Remove the no-pointer-sign kludge.
* common/ * common/
** ttyio ** ttyio

View File

@ -27,7 +27,7 @@ min_automake_version="1.9.3"
# Set my_issvn to "yes" for non-released code. Remember to run an # Set my_issvn to "yes" for non-released code. Remember to run an
# "svn up" and "autogen.sh" right before creating a distribution. # "svn up" and "autogen.sh" right before creating a distribution.
m4_define([my_version], [1.9.22]) m4_define([my_version], [1.9.22])
m4_define([my_issvn], [yes]) m4_define([my_issvn], [no])
m4_define([svn_revision], m4_esyscmd([echo -n $((svn info 2>/dev/null \ m4_define([svn_revision], m4_esyscmd([echo -n $((svn info 2>/dev/null \
@ -57,6 +57,7 @@ AC_CONFIG_SRCDIR(sm/gpgsm.c)
AM_CONFIG_HEADER(config.h) AM_CONFIG_HEADER(config.h)
AC_CANONICAL_TARGET() AC_CANONICAL_TARGET()
AM_INIT_AUTOMAKE($PACKAGE, $VERSION) AM_INIT_AUTOMAKE($PACKAGE, $VERSION)
AB_INIT
AC_GNU_SOURCE AC_GNU_SOURCE
@ -1250,7 +1251,6 @@ jnlib/Makefile
common/Makefile common/Makefile
kbx/Makefile kbx/Makefile
g10/Makefile g10/Makefile
keyserver/Makefile
sm/Makefile sm/Makefile
agent/Makefile agent/Makefile
scd/Makefile scd/Makefile
@ -1260,6 +1260,7 @@ tests/Makefile
]) ])
AC_OUTPUT AC_OUTPUT
#./autogen keyserver/Makefile
#tests/pkits/Makefile #tests/pkits/Makefile

View File

@ -1,3 +1,24 @@
2006-07-27 Werner Koch <wk@g10code.com>
* parse-packet.c (parse_comment): Cap comments at 65k.
(parse_gpg_control): Skip too large control packets.
2006-07-24 David Shaw <dshaw@jabberwocky.com> (wk)
* keydb.h, pkclist.c (select_algo_from_prefs, algo_available):
Pass a union for preference hints rather than doing void * games.
* sign.c (sign_file): Use it here.
* sign.c (sign_file): When signing with multiple DSA keys, one
being DSA1 and one being DSA2 and encrypting at the same time, if
the recipient preferences give a hash that can work with the DSA2
key, then allow the DSA1 key to be promoted rather than giving up
and using hash_for().
* pkclist.c (algo_available): Automatically enable DSA2 mode when
handling a key that clearly isn't DSA1 (i.e. q!=160).
2006-06-30 Werner Koch <wk@g10code.com> 2006-06-30 Werner Koch <wk@g10code.com>
* misc.c (checksum_mpi): No need for nbits as they are alredy * misc.c (checksum_mpi): No need for nbits as they are alredy

View File

@ -27,7 +27,7 @@ AM_CPPFLAGS = -I$(top_srcdir)/gl -I$(top_srcdir)/common \
include $(top_srcdir)/am/cmacros.am include $(top_srcdir)/am/cmacros.am
AM_CFLAGS = $(LIBGCRYPT_CFLAGS) -Wno-pointer-sign AM_CFLAGS = $(LIBGCRYPT_CFLAGS)
needed_libs = ../gl/libgnu.a ../common/libcommon.a ../jnlib/libjnlib.a needed_libs = ../gl/libgnu.a ../common/libcommon.a ../jnlib/libjnlib.a

View File

@ -357,7 +357,6 @@ enum cmd_and_opt_values
oAllowMultisigVerification, oAllowMultisigVerification,
oEnableDSA2, oEnableDSA2,
oDisableDSA2, oDisableDSA2,
oDebugAllowRun,
oNoop oNoop
}; };
@ -705,7 +704,6 @@ static ARGPARSE_OPTS opts[] = {
{ oAutoKeyLocate, "auto-key-locate", 2, "@"}, { oAutoKeyLocate, "auto-key-locate", 2, "@"},
{ oNoAutoKeyLocate, "no-auto-key-locate", 0, "@"}, { oNoAutoKeyLocate, "no-auto-key-locate", 0, "@"},
{ oDebugAllowRun, "debug_allow_run", 0, "@"},
{0,NULL,0,NULL} {0,NULL,0,NULL}
}; };
@ -1761,7 +1759,6 @@ main (int argc, char **argv )
int with_fpr = 0; /* make an option out of --fingerprint */ int with_fpr = 0; /* make an option out of --fingerprint */
int any_explicit_recipient = 0; int any_explicit_recipient = 0;
int require_secmem=0,got_secmem=0; int require_secmem=0,got_secmem=0;
int allow_run = 0;
#ifdef __riscos__ #ifdef __riscos__
opt.lock_once = 1; opt.lock_once = 1;
@ -2754,8 +2751,6 @@ main (int argc, char **argv )
case oEnableDSA2: opt.flags.dsa2=1; break; case oEnableDSA2: opt.flags.dsa2=1; break;
case oDisableDSA2: opt.flags.dsa2=0; break; case oDisableDSA2: opt.flags.dsa2=0; break;
case oDebugAllowRun: allow_run = 1; break;
case oNoop: break; case oNoop: break;
default : pargs.err = configfp? 1:2; break; default : pargs.err = configfp? 1:2; break;
@ -2809,8 +2804,7 @@ main (int argc, char **argv )
} }
#endif #endif
if (!allow_run) log_info ("WARNING: This version of gpg is not ready for use, use gpg 1.4.x\n");
log_fatal ("This version of gpg is not ready for use, use gpg 1.4.x\n");
/* FIXME: We should use logging to a file only in server mode; /* FIXME: We should use logging to a file only in server mode;
however we have not yet implemetyed that. Thus we try to get however we have not yet implemetyed that. Thus we try to get

View File

@ -144,6 +144,14 @@ struct keydb_search_desc {
int exact; int exact;
}; };
/* Helper type for preference fucntions. */
union pref_hint
{
int digest_length;
};
/*-- keydb.c --*/ /*-- keydb.c --*/
/* /*
@ -175,9 +183,10 @@ void show_revocation_reason( PKT_public_key *pk, int mode );
int check_signatures_trust( PKT_signature *sig ); int check_signatures_trust( PKT_signature *sig );
void release_pk_list( PK_LIST pk_list ); void release_pk_list( PK_LIST pk_list );
int build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned use ); int build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned use );
int algo_available( preftype_t preftype, int algo, void *hint ); int algo_available( preftype_t preftype, int algo,
const union pref_hint *hint );
int select_algo_from_prefs( PK_LIST pk_list, int preftype, int select_algo_from_prefs( PK_LIST pk_list, int preftype,
int request, void *hint ); int request, const union pref_hint *hint);
int select_mdc_from_pklist (PK_LIST pk_list); int select_mdc_from_pklist (PK_LIST pk_list);
/*-- skclist.c --*/ /*-- skclist.c --*/

View File

@ -2147,6 +2147,16 @@ parse_comment( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
{ {
byte *p; byte *p;
/* Cap comment packet at a reasonable value to avoid an integer
overflow in the malloc below. Comment packets are actually not
anymore define my OpenPGP and we even stopped to use our
private comment packet. */
if (pktlen>65536)
{
log_error ("packet(%d) too large\n", pkttype);
iobuf_skip_rest (inp, pktlen, 0);
return G10ERR_INVALID_PACKET;
}
packet->pkt.comment = xmalloc(sizeof *packet->pkt.comment + pktlen - 1); packet->pkt.comment = xmalloc(sizeof *packet->pkt.comment + pktlen - 1);
packet->pkt.comment->len = pktlen; packet->pkt.comment->len = pktlen;
p = packet->pkt.comment->data; p = packet->pkt.comment->data;
@ -2220,6 +2230,7 @@ parse_plaintext( IOBUF inp, int pkttype, unsigned long pktlen,
} }
mode = iobuf_get_noeof(inp); if( pktlen ) pktlen--; mode = iobuf_get_noeof(inp); if( pktlen ) pktlen--;
namelen = iobuf_get_noeof(inp); if( pktlen ) pktlen--; namelen = iobuf_get_noeof(inp); if( pktlen ) pktlen--;
/* Note that namelen will never exceed 255 bytes. */
pt = pkt->pkt.plaintext = xmalloc(sizeof *pkt->pkt.plaintext + namelen -1); pt = pkt->pkt.plaintext = xmalloc(sizeof *pkt->pkt.plaintext + namelen -1);
pt->new_ctb = new_ctb; pt->new_ctb = new_ctb;
pt->mode = mode; pt->mode = mode;
@ -2399,6 +2410,9 @@ parse_gpg_control( IOBUF inp, int pkttype,
if ( sesmark[i] != iobuf_get_noeof(inp) ) if ( sesmark[i] != iobuf_get_noeof(inp) )
goto skipit; goto skipit;
} }
if (pktlen > 4096)
goto skipit; /* Definitely too large. We skip it to avoid an
overflow in the malloc. */
if ( list_mode ) if ( list_mode )
puts ("- gpg control packet"); puts ("- gpg control packet");

View File

@ -1186,7 +1186,7 @@ build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned int use )
preference list, so I'm including it. -dms */ preference list, so I'm including it. -dms */
int int
algo_available( preftype_t preftype, int algo, void *hint ) algo_available( preftype_t preftype, int algo, const union pref_hint *hint)
{ {
if( preftype == PREFTYPE_SYM ) if( preftype == PREFTYPE_SYM )
{ {
@ -1210,18 +1210,18 @@ algo_available( preftype_t preftype, int algo, void *hint )
} }
else if( preftype == PREFTYPE_HASH ) else if( preftype == PREFTYPE_HASH )
{ {
if(hint) if (hint && hint->digest_length)
{ {
if(opt.flags.dsa2) if (hint->digest_length!=20 || opt.flags.dsa2)
{ {
/* If --enable-dsa2 is set, then we'll accept a hash /* If --enable-dsa2 is set or the hash isn't 160 bits
that is larger than we need. If --enable-dsa2 is not (which implies DSA2), then we'll accept a hash that
set, then we won't accept any hash that isn't exactly is larger than we need. Otherwise we won't accept
the right size. */ any hash that isn't exactly the right size. */
if ((*(int *)hint) > gcry_md_get_algo_dlen (algo)) if (hint->digest_length > gcry_md_get_algo_dlen (algo))
return 0; return 0;
} }
else if (((*(int *)hint) != gcry_md_get_algo_dlen (algo))) else if (hint->digest_length != gcry_md_get_algo_dlen (algo))
return 0; return 0;
} }
@ -1259,7 +1259,8 @@ algo_available( preftype_t preftype, int algo, void *hint )
* Return -1 if we could not find an algorithm. * Return -1 if we could not find an algorithm.
*/ */
int int
select_algo_from_prefs(PK_LIST pk_list, int preftype, int request, void *hint) select_algo_from_prefs(PK_LIST pk_list, int preftype, int request,
const union pref_hint *hint)
{ {
PK_LIST pkr; PK_LIST pkr;
u32 bits[8]; u32 bits[8];

View File

@ -320,27 +320,6 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig,
} }
else else
{ {
#if 0 /* disabled *.
/* Disabled for now. It seems reasonable to accept a
truncated hash for a DSA1 key, even though we don't
generate it without --enable-dsa2. Be liberal in what you
accept, etc. */
/* If it's a DSA key, and q is 160 bits, it might be an
old-style DSA key. If the hash doesn't match the q, fail
unless --enable-dsa2 is set. If the q isn't 160 bits, then
allow any hash since it must be a DSA2 key (if the hash is
too small, we'll fail in encode_md_value). */
if (sk->pubkey_algo==PUBKEY_ALGO_DSA
&& (gcry_mpi_get_nbits (sk->skey[1])/8)==20
&& !opt.flags.dsa2
&& gcry_md_get_algo_dlen (digest_algo)!=20)
{
log_error(_("DSA requires the use of a 160 bit hash algorithm\n"));
return G10ERR_GENERAL;
}
#endif /* disabled */
frame = encode_md_value( NULL, sk, md, digest_algo ); frame = encode_md_value( NULL, sk, md, digest_algo );
if (!frame) if (!frame)
return G10ERR_GENERAL; return G10ERR_GENERAL;
@ -869,8 +848,13 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
if (DBG_HASHING) if (DBG_HASHING)
gcry_md_start_debug (mfx.md, "sign"); gcry_md_start_debug (mfx.md, "sign");
/* If we're encrypting and signing, it is reasonable to pick the /* If we're encrypting and signing, it is reasonable to pick the
hash algorithm to use out of the recepient key prefs. */ hash algorithm to use out of the recepient key prefs. This is
best effort only, as in a DSA2 and smartcard world there are
cases where we cannot please everyone with a single hash (DSA2
wants >160 and smartcards want =160). In the future this could
be more complex with different hashes for each sk, but the
current design requires a single hash for all SKs. */
if(pk_list) if(pk_list)
{ {
if(opt.def_digest_algo) if(opt.def_digest_algo)
@ -886,30 +870,57 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
} }
else else
{ {
int hashlen=0,algo; int algo, smartcard=0;
union pref_hint hint;
hint.digest_length = 0;
/* Of course, if the recipient asks for something /* Of course, if the recipient asks for something
unreasonable (like a non-160-bit hash for DSA, for unreasonable (like the wrong hash for a DSA key) then
example), then don't do it. Check all sk's - if any don't do it. Check all sk's - if any are DSA or live
are DSA, then the hash must be 160-bit. In the future on a smartcard, then the hash has restrictions and we
this can be more complex with different hashes for each may not be able to give the recipient what they want.
sk, but so long as there is only one signing algorithm For DSA, pass a hint for the largest q we have. Note
with hash restrictions, this is ok. -dms */ that this means that a q>160 key will override a q=160
key and force the use of truncation for the q=160 key.
The alternative would be to ignore the recipient prefs
completely and get a different hash for each DSA key in
hash_for(). The override behavior here is more or less
reasonable as it is under the control of the user which
keys they sign with for a given message and the fact
that the message with multiple signatures won't be
usable on an implementation that doesn't understand
DSA2 anyway. */
/* Current smartcards only do 160-bit hashes as well. for (sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next )
Note that this may well have to change as the cards add {
algorithms. */ if (sk_rover->sk->pubkey_algo == PUBKEY_ALGO_DSA)
{
int temp_hashlen = gcry_mpi_get_nbits
(sk_rover->sk->skey[1])+7/8;
for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) /* Pick a hash that is large enough for our
if(sk_rover->sk->pubkey_algo==PUBKEY_ALGO_DSA largest q */
|| (sk_rover->sk->is_protected
&& sk_rover->sk->protect.s2k.mode==1002))
hashlen=20;
if((algo= if (hint.digest_length<temp_hashlen)
select_algo_from_prefs(pk_list,PREFTYPE_HASH,-1, hint.digest_length=temp_hashlen;
hashlen?&hashlen:NULL))>0) }
recipient_digest_algo=algo; else if (sk_rover->sk->is_protected
&& sk_rover->sk->protect.s2k.mode == 1002)
smartcard = 1;
}
/* Current smartcards only do 160-bit hashes. If we have
to have a >160-bit hash, then we can't use the
recipient prefs as we'd need both =160 and >160 at the
same time and recipient prefs currently require a
single hash for all signatures. All this may well have
to change as the cards add algorithms. */
if (!smartcard || (smartcard && hint.digest_length==20))
if ( (algo=
select_algo_from_prefs(pk_list,PREFTYPE_HASH,-1,&hint)) > 0)
recipient_digest_algo=algo;
} }
} }

View File

@ -1,3 +1,12 @@
2006-07-24 David Shaw <dshaw@jabberwocky.com> (wk)
* curl-shim.c (curl_easy_perform): Minor cleanup of proxy code.
* gpgkeys_hkp.c (send_key)
* gpgkeys_ldap.c (send_key, send_key_keyserver): Fix string
matching problem when the ascii armored form of the key happens to
match "KEY" at the beginning of the line.
2006-04-26 David Shaw <dshaw@jabberwocky.com> 2006-04-26 David Shaw <dshaw@jabberwocky.com>
* gpgkeys_http.c, gpgkeys_oldhkp.c: Removed. * gpgkeys_http.c, gpgkeys_oldhkp.c: Removed.

View File

@ -164,13 +164,11 @@ curl_easy_perform(CURL *curl)
/* Emulate the libcurl proxy behavior. If the calling program set a /* Emulate the libcurl proxy behavior. If the calling program set a
proxy, use it. If it didn't set a proxy or set it to NULL, check proxy, use it. If it didn't set a proxy or set it to NULL, check
for one in the environment. If the calling program explicitly for one in the environment. If the calling program explicitly
set a null-string proxy, don't set a proxy at all. */ set a null-string proxy the http code doesn't use a proxy at
all. */
if(curl->proxy) if(curl->proxy)
{ proxy=curl->proxy;
if(*curl->proxy)
proxy=curl->proxy;
}
else else
proxy=getenv(HTTP_PROXY_ENV); proxy=getenv(HTTP_PROXY_ENV);

View File

@ -86,7 +86,7 @@ send_key(int *eof)
CURLcode res; CURLcode res;
char request[MAX_URL+15]; char request[MAX_URL+15];
int begin=0,end=0,ret=KEYSERVER_INTERNAL_ERROR; int begin=0,end=0,ret=KEYSERVER_INTERNAL_ERROR;
char keyid[17]; char keyid[17],state[6];
char line[MAX_LINE]; char line[MAX_LINE];
char *key=NULL,*encoded_key=NULL; char *key=NULL,*encoded_key=NULL;
size_t keylen=0,keymax=0; size_t keylen=0,keymax=0;
@ -94,7 +94,8 @@ send_key(int *eof)
/* Read and throw away input until we see the BEGIN */ /* Read and throw away input until we see the BEGIN */
while(fgets(line,MAX_LINE,input)!=NULL) while(fgets(line,MAX_LINE,input)!=NULL)
if(sscanf(line,"KEY %16s BEGIN\n",keyid)==1) if(sscanf(line,"KEY%*[ ]%16s%*[ ]%5s\n",keyid,state)==2
&& strcmp(state,"BEGIN")==0)
{ {
begin=1; begin=1;
break; break;
@ -112,7 +113,8 @@ send_key(int *eof)
/* Now slurp up everything until we see the END */ /* Now slurp up everything until we see the END */
while(fgets(line,MAX_LINE,input)) while(fgets(line,MAX_LINE,input))
if(sscanf(line,"KEY %16s END\n",keyid)==1) if(sscanf(line,"KEY%*[ ]%16s%*[ ]%3s\n",keyid,state)==2
&& strcmp(state,"END")==0)
{ {
end=1; end=1;
break; break;
@ -194,6 +196,7 @@ send_key(int *eof)
{ {
fprintf(console,"gpgkeys: HTTP post error %d: %s\n",res,errorbuffer); fprintf(console,"gpgkeys: HTTP post error %d: %s\n",res,errorbuffer);
ret=curl_err_to_gpg_err(res); ret=curl_err_to_gpg_err(res);
goto fail;
} }
else else
fprintf(output,"\nKEY %s SENT\n",keyid); fprintf(output,"\nKEY %s SENT\n",keyid);

View File

@ -567,7 +567,7 @@ send_key(int *eof)
{ {
int err,begin=0,end=0,keysize=1,ret=KEYSERVER_INTERNAL_ERROR; int err,begin=0,end=0,keysize=1,ret=KEYSERVER_INTERNAL_ERROR;
char *dn=NULL,line[MAX_LINE],*key=NULL; char *dn=NULL,line[MAX_LINE],*key=NULL;
char keyid[17]; char keyid[17],state[6];
LDAPMod **modlist,**addlist,**ml; LDAPMod **modlist,**addlist,**ml;
modlist=malloc(sizeof(LDAPMod *)); modlist=malloc(sizeof(LDAPMod *));
@ -608,7 +608,8 @@ send_key(int *eof)
/* Assemble the INFO stuff into LDAP attributes */ /* Assemble the INFO stuff into LDAP attributes */
while(fgets(line,MAX_LINE,input)!=NULL) while(fgets(line,MAX_LINE,input)!=NULL)
if(sscanf(line,"INFO %16s BEGIN\n",keyid)==1) if(sscanf(line,"INFO%*[ ]%16s%*[ ]%5s\n",keyid,state)==2
&& strcmp(state,"BEGIN")==0)
{ {
begin=1; begin=1;
break; break;
@ -653,7 +654,8 @@ send_key(int *eof)
/* Now parse each line until we see the END */ /* Now parse each line until we see the END */
while(fgets(line,MAX_LINE,input)!=NULL) while(fgets(line,MAX_LINE,input)!=NULL)
if(sscanf(line,"INFO %16s END\n",keyid)==1) if(sscanf(line,"INFO%*[ ]%16s%*[ ]%3s\n",keyid,state)==2
&& strcmp(state,"END")==0)
{ {
end=1; end=1;
break; break;
@ -674,7 +676,8 @@ send_key(int *eof)
/* Read and throw away stdin until we see the BEGIN */ /* Read and throw away stdin until we see the BEGIN */
while(fgets(line,MAX_LINE,input)!=NULL) while(fgets(line,MAX_LINE,input)!=NULL)
if(sscanf(line,"KEY %16s BEGIN\n",keyid)==1) if(sscanf(line,"KEY%*[ ]%16s%*[ ]%5s\n",keyid,state)==2
&& strcmp(state,"BEGIN")==0)
{ {
begin=1; begin=1;
break; break;
@ -692,7 +695,8 @@ send_key(int *eof)
/* Now slurp up everything until we see the END */ /* Now slurp up everything until we see the END */
while(fgets(line,MAX_LINE,input)!=NULL) while(fgets(line,MAX_LINE,input)!=NULL)
if(sscanf(line,"KEY %16s END\n",keyid)==1) if(sscanf(line,"KEY%*[ ]%16s%*[ ]%3s\n",keyid,state)==2
&& strcmp(state,"END")==0)
{ {
end=1; end=1;
break; break;
@ -778,7 +782,7 @@ send_key_keyserver(int *eof)
{ {
int err,begin=0,end=0,keysize=1,ret=KEYSERVER_INTERNAL_ERROR; int err,begin=0,end=0,keysize=1,ret=KEYSERVER_INTERNAL_ERROR;
char *dn=NULL,line[MAX_LINE],*key[2]={NULL,NULL}; char *dn=NULL,line[MAX_LINE],*key[2]={NULL,NULL};
char keyid[17]; char keyid[17],state[6];
LDAPMod mod, *attrs[2]; LDAPMod mod, *attrs[2];
memset(&mod,0,sizeof(mod)); memset(&mod,0,sizeof(mod));
@ -812,7 +816,8 @@ send_key_keyserver(int *eof)
/* Read and throw away stdin until we see the BEGIN */ /* Read and throw away stdin until we see the BEGIN */
while(fgets(line,MAX_LINE,input)!=NULL) while(fgets(line,MAX_LINE,input)!=NULL)
if(sscanf(line,"KEY %16s BEGIN\n",keyid)==1) if(sscanf(line,"KEY%*[ ]%16s%*[ ]%5s\n",keyid,state)==2
&& strcmp(state,"BEGIN")==0)
{ {
begin=1; begin=1;
break; break;
@ -830,7 +835,8 @@ send_key_keyserver(int *eof)
/* Now slurp up everything until we see the END */ /* Now slurp up everything until we see the END */
while(fgets(line,MAX_LINE,input)!=NULL) while(fgets(line,MAX_LINE,input)!=NULL)
if(sscanf(line,"KEY %16s END\n",keyid)==1) if(sscanf(line,"KEY%*[ ]%16s%*[ ]%3s\n",keyid,state)==2
&& strcmp(state,"END")==0)
{ {
end=1; end=1;
break; break;

View File

@ -1,3 +1,7 @@
2006-07-27 Werner Koch <wk@g10code.com>
* autobuild.m4: New.
2006-06-30 Werner Koch <wk@g10code.com> 2006-06-30 Werner Koch <wk@g10code.com>
* ldap.m4: New. Taken from gnupg 1.4.4 * ldap.m4: New. Taken from gnupg 1.4.4

View File

@ -3,3 +3,6 @@ EXTRA_DIST = intmax.m4 longdouble.m4 longlong.m4 printf-posix.m4 signed.m4 size_
EXTRA_DIST += ldap.m4 EXTRA_DIST += ldap.m4
EXTRA_DIST += gpg-error.m4 libgcrypt.m4 libassuan.m4 ksba.m4 EXTRA_DIST += gpg-error.m4 libgcrypt.m4 libassuan.m4 ksba.m4
EXTRA_DIST += autobuild.m4

34
m4/autobuild.m4 Normal file
View File

@ -0,0 +1,34 @@
# autobuild.m4 serial 2 (autobuild-3.3)
# Copyright (C) 2004 Simon Josefsson
#
# This file is free software, distributed under the terms of the GNU
# General Public License. As a special exception to the GNU General
# Public License, this file may be distributed as part of a program
# that contains a configuration script generated by Autoconf, under
# the same distribution terms as the rest of that program.
#
# This file can can be used in projects which are not available under
# the GNU General Public License or the GNU Library General Public
# License but which still want to provide support for Autobuild.
# Usage: AB_INIT([MODE]).
AC_DEFUN([AB_INIT],
[
AC_REQUIRE([AC_CANONICAL_BUILD])
AC_REQUIRE([AC_CANONICAL_HOST])
AC_MSG_NOTICE([autobuild project... ${PACKAGE_NAME:-$PACKAGE}])
AC_MSG_NOTICE([autobuild revision... ${PACKAGE_VERSION:-$VERSION}])
hostname=`hostname`
if test "$hostname"; then
AC_MSG_NOTICE([autobuild hostname... $hostname])
fi
ifelse([$1],[],,[AC_MSG_NOTICE([autobuild mode... $1])])
date=`date +%Y%m%d-%H%M%S`
if test "$?" != 0; then
date=`date`
fi
if test "$date"; then
AC_MSG_NOTICE([autobuild timestamp... $date])
fi
])

View File

@ -10,7 +10,7 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: gnupg2 1.9.18\n" "Project-Id-Version: gnupg2 1.9.18\n"
"Report-Msgid-Bugs-To: translations@gnupg.org\n" "Report-Msgid-Bugs-To: translations@gnupg.org\n"
"POT-Creation-Date: 2006-06-20 18:45+0200\n" "POT-Creation-Date: 2006-07-24 16:19+0200\n"
"PO-Revision-Date: 2006-06-20 20:04+0200\n" "PO-Revision-Date: 2006-06-20 20:04+0200\n"
"Last-Translator: Werner Koch <wk@gnupg.org>\n" "Last-Translator: Werner Koch <wk@gnupg.org>\n"
"Language-Team: de\n" "Language-Team: de\n"
@ -215,45 +215,45 @@ msgstr "stat() Aufruf für `%s' fehlgeschlagen: %s\n"
msgid "can't use `%s' as home directory\n" msgid "can't use `%s' as home directory\n"
msgstr "Die Datei `%s' kann nicht als Home-Verzeichniss benutzt werden\n" msgstr "Die Datei `%s' kann nicht als Home-Verzeichniss benutzt werden\n"
#: agent/gpg-agent.c:1402 #: agent/gpg-agent.c:1403
#, c-format #, c-format
msgid "handler 0x%lx for fd %d started\n" msgid "handler 0x%lx for fd %d started\n"
msgstr "Handhabungsroutine 0x%lx für fd %d gestartet\n" msgstr "Handhabungsroutine 0x%lx für fd %d gestartet\n"
#: agent/gpg-agent.c:1412 #: agent/gpg-agent.c:1413
#, c-format #, c-format
msgid "handler 0x%lx for fd %d terminated\n" msgid "handler 0x%lx for fd %d terminated\n"
msgstr "Handhabungsroutine 0x%lx für den fd %d beendet\n" msgstr "Handhabungsroutine 0x%lx für den fd %d beendet\n"
#: agent/gpg-agent.c:1426 #: agent/gpg-agent.c:1427
#, c-format #, c-format
msgid "ssh handler 0x%lx for fd %d started\n" msgid "ssh handler 0x%lx for fd %d started\n"
msgstr "SSH Handhabungsroutine 0x%lx für fd %d gestartet\n" msgstr "SSH Handhabungsroutine 0x%lx für fd %d gestartet\n"
#: agent/gpg-agent.c:1433 #: agent/gpg-agent.c:1434
#, c-format #, c-format
msgid "ssh handler 0x%lx for fd %d terminated\n" msgid "ssh handler 0x%lx for fd %d terminated\n"
msgstr "SSH Handhabungsroutine 0x%lx für fd %d beendet\n" msgstr "SSH Handhabungsroutine 0x%lx für fd %d beendet\n"
#: agent/gpg-agent.c:1527 scd/scdaemon.c:1108 #: agent/gpg-agent.c:1528 scd/scdaemon.c:1108
#, c-format #, c-format
msgid "pth_select failed: %s - waiting 1s\n" msgid "pth_select failed: %s - waiting 1s\n"
msgstr "pth_select() Aufruf fehlgeschlagen: %s - warte 1s\n" msgstr "pth_select() Aufruf fehlgeschlagen: %s - warte 1s\n"
#: agent/gpg-agent.c:1611 scd/scdaemon.c:1165 #: agent/gpg-agent.c:1612 scd/scdaemon.c:1165
#, c-format #, c-format
msgid "%s %s stopped\n" msgid "%s %s stopped\n"
msgstr "%s %s angehalten\n" msgstr "%s %s angehalten\n"
#: agent/gpg-agent.c:1632 #: agent/gpg-agent.c:1633
msgid "no gpg-agent running in this session\n" msgid "no gpg-agent running in this session\n"
msgstr "Der gpg-agent läuft nicht für diese Session\n" msgstr "Der gpg-agent läuft nicht für diese Session\n"
#: agent/gpg-agent.c:1642 common/simple-pwquery.c:324 sm/call-agent.c:144 #: agent/gpg-agent.c:1643 common/simple-pwquery.c:324 sm/call-agent.c:144
msgid "malformed GPG_AGENT_INFO environment variable\n" msgid "malformed GPG_AGENT_INFO environment variable\n"
msgstr "Die Variable GPG_AGENT_INFO ist fehlerhaft\n" msgstr "Die Variable GPG_AGENT_INFO ist fehlerhaft\n"
#: agent/gpg-agent.c:1654 common/simple-pwquery.c:336 sm/call-agent.c:156 #: agent/gpg-agent.c:1655 common/simple-pwquery.c:336 sm/call-agent.c:156
#, c-format #, c-format
msgid "gpg-agent protocol version %d is not supported\n" msgid "gpg-agent protocol version %d is not supported\n"
msgstr "Das gpg-agent Protocol %d wird nicht unterstützt\n" msgstr "Das gpg-agent Protocol %d wird nicht unterstützt\n"
@ -816,23 +816,23 @@ msgstr "keine"
msgid "[none]" msgid "[none]"
msgstr "[keine]" msgstr "[keine]"
#: sm/certdump.c:499 sm/certdump.c:562 #: sm/certdump.c:529 sm/certdump.c:592
msgid "[Error - invalid encoding]" msgid "[Error - invalid encoding]"
msgstr "[Fehler - Ungültige Kodierung]" msgstr "[Fehler - Ungültige Kodierung]"
#: sm/certdump.c:507 #: sm/certdump.c:537
msgid "[Error - out of core]" msgid "[Error - out of core]"
msgstr "[Fehler - Nich genügend Speicher]" msgstr "[Fehler - Nich genügend Speicher]"
#: sm/certdump.c:542 #: sm/certdump.c:572
msgid "[Error - No name]" msgid "[Error - No name]"
msgstr "[Fehler - Kein Name]" msgstr "[Fehler - Kein Name]"
#: sm/certdump.c:567 #: sm/certdump.c:597
msgid "[Error - invalid DN]" msgid "[Error - invalid DN]"
msgstr "[Fehler - Ungültiger DN]" msgstr "[Fehler - Ungültiger DN]"
#: sm/certdump.c:728 #: sm/certdump.c:758
#, c-format #, c-format
msgid "" msgid ""
"Please enter the passphrase to unlock the secret key for:\n" "Please enter the passphrase to unlock the secret key for:\n"
@ -916,91 +916,91 @@ msgstr "Der Herausgeber wird von einer externen Stelle gesucht\n"
msgid "number of issuers matching: %d\n" msgid "number of issuers matching: %d\n"
msgstr "Anzahl der übereinstimmenden Heruasgeber: %d\n" msgstr "Anzahl der übereinstimmenden Heruasgeber: %d\n"
#: sm/certchain.c:514 sm/certchain.c:676 sm/certchain.c:1114 sm/decrypt.c:261 #: sm/certchain.c:514 sm/certchain.c:678 sm/certchain.c:1116 sm/decrypt.c:261
#: sm/encrypt.c:342 sm/sign.c:325 sm/verify.c:107 #: sm/encrypt.c:342 sm/sign.c:325 sm/verify.c:107
msgid "failed to allocated keyDB handle\n" msgid "failed to allocated keyDB handle\n"
msgstr "Ein keyDB Handle konnte nicht bereitgestellt werden\n" msgstr "Ein keyDB Handle konnte nicht bereitgestellt werden\n"
#: sm/certchain.c:603 #: sm/certchain.c:605
msgid "certificate has been revoked" msgid "certificate has been revoked"
msgstr "Das Zertifikat wurde widerrufen" msgstr "Das Zertifikat wurde widerrufen"
#: sm/certchain.c:612 #: sm/certchain.c:614
msgid "no CRL found for certificate" msgid "no CRL found for certificate"
msgstr "Keine CRL für das Zertifikat gefunden" msgstr "Keine CRL für das Zertifikat gefunden"
#: sm/certchain.c:616 #: sm/certchain.c:618
msgid "the available CRL is too old" msgid "the available CRL is too old"
msgstr "Die vorhandene CRL ist zu alt" msgstr "Die vorhandene CRL ist zu alt"
#: sm/certchain.c:618 #: sm/certchain.c:620
msgid "please make sure that the \"dirmngr\" is properly installed\n" msgid "please make sure that the \"dirmngr\" is properly installed\n"
msgstr "" msgstr ""
"Bitte vergewissern Sie sich das der \"dirmngr\" richtig installierrt ist\n" "Bitte vergewissern Sie sich das der \"dirmngr\" richtig installierrt ist\n"
#: sm/certchain.c:623 #: sm/certchain.c:625
#, c-format #, c-format
msgid "checking the CRL failed: %s" msgid "checking the CRL failed: %s"
msgstr "Die CRL konnte nicht geprüft werden: %s" msgstr "Die CRL konnte nicht geprüft werden: %s"
#: sm/certchain.c:696 #: sm/certchain.c:698
msgid "no issuer found in certificate" msgid "no issuer found in certificate"
msgstr "Im Zertifikat ist kein Herausgeber enthalten" msgstr "Im Zertifikat ist kein Herausgeber enthalten"
#: sm/certchain.c:709 #: sm/certchain.c:711
#, c-format #, c-format
msgid "certificate with invalid validity: %s" msgid "certificate with invalid validity: %s"
msgstr "Zertifikat mit unzulässiger Gültigkeit: %s" msgstr "Zertifikat mit unzulässiger Gültigkeit: %s"
#: sm/certchain.c:725 #: sm/certchain.c:727
msgid "certificate not yet valid" msgid "certificate not yet valid"
msgstr "Das Zertifikat ist noch nicht gültig" msgstr "Das Zertifikat ist noch nicht gültig"
#: sm/certchain.c:738 #: sm/certchain.c:740
msgid "certificate has expired" msgid "certificate has expired"
msgstr "Das Zertifikat ist abgelaufen" msgstr "Das Zertifikat ist abgelaufen"
#: sm/certchain.c:775 #: sm/certchain.c:777
msgid "self-signed certificate has a BAD signature" msgid "self-signed certificate has a BAD signature"
msgstr "Das eigenbeglaubigte Zertifikat hat eine FALSCHE Signatur" msgstr "Das eigenbeglaubigte Zertifikat hat eine FALSCHE Signatur"
#: sm/certchain.c:840 #: sm/certchain.c:842
msgid "root certificate is not marked trusted" msgid "root certificate is not marked trusted"
msgstr "Das Wurzelzertifikat ist nicht als vertrauenswürdig markiert" msgstr "Das Wurzelzertifikat ist nicht als vertrauenswürdig markiert"
#: sm/certchain.c:851 #: sm/certchain.c:853
#, c-format #, c-format
msgid "fingerprint=%s\n" msgid "fingerprint=%s\n"
msgstr "Fingerprint=%s\n" msgstr "Fingerprint=%s\n"
#: sm/certchain.c:856 #: sm/certchain.c:858
msgid "root certificate has now been marked as trusted\n" msgid "root certificate has now been marked as trusted\n"
msgstr "Das Wurzelzertifikat wurde nun als vertrauenswürdig markiert\n" msgstr "Das Wurzelzertifikat wurde nun als vertrauenswürdig markiert\n"
#: sm/certchain.c:871 #: sm/certchain.c:873
#, c-format #, c-format
msgid "checking the trust list failed: %s\n" msgid "checking the trust list failed: %s\n"
msgstr "Fehler beim Prüfen der vertrauenswürdigen Zertifikate: %s\n" msgstr "Fehler beim Prüfen der vertrauenswürdigen Zertifikate: %s\n"
#: sm/certchain.c:897 sm/import.c:158 #: sm/certchain.c:899 sm/import.c:158
msgid "certificate chain too long\n" msgid "certificate chain too long\n"
msgstr "Der Zertifikatkette ist zu lang\n" msgstr "Der Zertifikatkette ist zu lang\n"
#: sm/certchain.c:909 #: sm/certchain.c:911
msgid "issuer certificate not found" msgid "issuer certificate not found"
msgstr "Herausgeberzertifikat nicht gefunden" msgstr "Herausgeberzertifikat nicht gefunden"
#: sm/certchain.c:942 #: sm/certchain.c:944
msgid "certificate has a BAD signature" msgid "certificate has a BAD signature"
msgstr "Das Zertifikat hat eine FALSCHE Signatur" msgstr "Das Zertifikat hat eine FALSCHE Signatur"
#: sm/certchain.c:972 #: sm/certchain.c:974
msgid "found another possible matching CA certificate - trying again" msgid "found another possible matching CA certificate - trying again"
msgstr "" msgstr ""
"Eine anderes möglicherweise passendes CA-Zertifikat gefunden - versuche " "Eine anderes möglicherweise passendes CA-Zertifikat gefunden - versuche "
"nochmal" "nochmal"
#: sm/certchain.c:995 #: sm/certchain.c:997
#, c-format #, c-format
msgid "certificate chain longer than allowed by CA (%d)" msgid "certificate chain longer than allowed by CA (%d)"
msgstr "Die Zertifikatkette ist länger als von der CA erlaubt (%d)" msgstr "Die Zertifikatkette ist länger als von der CA erlaubt (%d)"