mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
Preparing a new release
This commit is contained in:
parent
b37c1ce1b9
commit
de5070caf0
@ -1,3 +1,9 @@
|
||||
2006-07-27 Werner Koch <wk@g10code.com>
|
||||
|
||||
Released 1.9.22.
|
||||
|
||||
* configure.ac: Call AB_INIT.
|
||||
|
||||
2006-07-03 Werner Koch <wk@g10code.com>
|
||||
|
||||
* configure.ac: Test for ksba_dn_teststr.
|
||||
|
5
NEWS
5
NEWS
@ -1,12 +1,13 @@
|
||||
Noteworthy changes in version 1.9.22
|
||||
Noteworthy changes in version 1.9.22 (2006-07-27)
|
||||
-------------------------------------------------
|
||||
|
||||
|
||||
* Enhanced pkcs#12 support to allow import from simple keyBags.
|
||||
|
||||
* Exporting to pkcs#12 now create bag attributes so that Mozilla is
|
||||
able to import the files.
|
||||
|
||||
* Fixed uploading of certain keys to the smart card.
|
||||
|
||||
|
||||
Noteworthy changes in version 1.9.21 (2006-06-20)
|
||||
-------------------------------------------------
|
||||
|
2
README
2
README
@ -13,7 +13,7 @@ You should use this GnuPG version if you want to use the gpg-agent or
|
||||
gpgsm (the S/MIME variant of gpg). Note that the gpg-agent is also
|
||||
helpful when using the standard gpg versions (1.4.x as well as some of
|
||||
the old 1.2.x). There are no problems installing 1.4 and 1.9
|
||||
alongside; in act we suggest to do this.
|
||||
alongside; in dact we suggest to do this.
|
||||
|
||||
|
||||
BUILD INSTRUCTIONS
|
||||
|
3
TODO
3
TODO
@ -112,8 +112,7 @@ might want to have an agent context for each service request
|
||||
Remove the whole stuff?
|
||||
** qbits
|
||||
We pass a new qbit parameter to genkey - implement this in libgcrypt.
|
||||
** Makefile.am
|
||||
Remove the no-pointer-sign kludge.
|
||||
|
||||
|
||||
* common/
|
||||
** ttyio
|
||||
|
@ -27,7 +27,7 @@ min_automake_version="1.9.3"
|
||||
# Set my_issvn to "yes" for non-released code. Remember to run an
|
||||
# "svn up" and "autogen.sh" right before creating a distribution.
|
||||
m4_define([my_version], [1.9.22])
|
||||
m4_define([my_issvn], [yes])
|
||||
m4_define([my_issvn], [no])
|
||||
|
||||
|
||||
m4_define([svn_revision], m4_esyscmd([echo -n $((svn info 2>/dev/null \
|
||||
@ -57,6 +57,7 @@ AC_CONFIG_SRCDIR(sm/gpgsm.c)
|
||||
AM_CONFIG_HEADER(config.h)
|
||||
AC_CANONICAL_TARGET()
|
||||
AM_INIT_AUTOMAKE($PACKAGE, $VERSION)
|
||||
AB_INIT
|
||||
|
||||
AC_GNU_SOURCE
|
||||
|
||||
@ -1250,7 +1251,6 @@ jnlib/Makefile
|
||||
common/Makefile
|
||||
kbx/Makefile
|
||||
g10/Makefile
|
||||
keyserver/Makefile
|
||||
sm/Makefile
|
||||
agent/Makefile
|
||||
scd/Makefile
|
||||
@ -1260,6 +1260,7 @@ tests/Makefile
|
||||
])
|
||||
AC_OUTPUT
|
||||
|
||||
#./autogen keyserver/Makefile
|
||||
#tests/pkits/Makefile
|
||||
|
||||
|
||||
|
@ -1,3 +1,24 @@
|
||||
2006-07-27 Werner Koch <wk@g10code.com>
|
||||
|
||||
* parse-packet.c (parse_comment): Cap comments at 65k.
|
||||
(parse_gpg_control): Skip too large control packets.
|
||||
|
||||
2006-07-24 David Shaw <dshaw@jabberwocky.com> (wk)
|
||||
|
||||
* keydb.h, pkclist.c (select_algo_from_prefs, algo_available):
|
||||
Pass a union for preference hints rather than doing void * games.
|
||||
|
||||
* sign.c (sign_file): Use it here.
|
||||
|
||||
* sign.c (sign_file): When signing with multiple DSA keys, one
|
||||
being DSA1 and one being DSA2 and encrypting at the same time, if
|
||||
the recipient preferences give a hash that can work with the DSA2
|
||||
key, then allow the DSA1 key to be promoted rather than giving up
|
||||
and using hash_for().
|
||||
|
||||
* pkclist.c (algo_available): Automatically enable DSA2 mode when
|
||||
handling a key that clearly isn't DSA1 (i.e. q!=160).
|
||||
|
||||
2006-06-30 Werner Koch <wk@g10code.com>
|
||||
|
||||
* misc.c (checksum_mpi): No need for nbits as they are alredy
|
||||
|
@ -27,7 +27,7 @@ AM_CPPFLAGS = -I$(top_srcdir)/gl -I$(top_srcdir)/common \
|
||||
|
||||
include $(top_srcdir)/am/cmacros.am
|
||||
|
||||
AM_CFLAGS = $(LIBGCRYPT_CFLAGS) -Wno-pointer-sign
|
||||
AM_CFLAGS = $(LIBGCRYPT_CFLAGS)
|
||||
|
||||
needed_libs = ../gl/libgnu.a ../common/libcommon.a ../jnlib/libjnlib.a
|
||||
|
||||
|
@ -357,7 +357,6 @@ enum cmd_and_opt_values
|
||||
oAllowMultisigVerification,
|
||||
oEnableDSA2,
|
||||
oDisableDSA2,
|
||||
oDebugAllowRun,
|
||||
|
||||
oNoop
|
||||
};
|
||||
@ -705,7 +704,6 @@ static ARGPARSE_OPTS opts[] = {
|
||||
{ oAutoKeyLocate, "auto-key-locate", 2, "@"},
|
||||
{ oNoAutoKeyLocate, "no-auto-key-locate", 0, "@"},
|
||||
|
||||
{ oDebugAllowRun, "debug_allow_run", 0, "@"},
|
||||
{0,NULL,0,NULL}
|
||||
};
|
||||
|
||||
@ -1761,7 +1759,6 @@ main (int argc, char **argv )
|
||||
int with_fpr = 0; /* make an option out of --fingerprint */
|
||||
int any_explicit_recipient = 0;
|
||||
int require_secmem=0,got_secmem=0;
|
||||
int allow_run = 0;
|
||||
|
||||
#ifdef __riscos__
|
||||
opt.lock_once = 1;
|
||||
@ -2754,8 +2751,6 @@ main (int argc, char **argv )
|
||||
case oEnableDSA2: opt.flags.dsa2=1; break;
|
||||
case oDisableDSA2: opt.flags.dsa2=0; break;
|
||||
|
||||
case oDebugAllowRun: allow_run = 1; break;
|
||||
|
||||
case oNoop: break;
|
||||
|
||||
default : pargs.err = configfp? 1:2; break;
|
||||
@ -2809,8 +2804,7 @@ main (int argc, char **argv )
|
||||
}
|
||||
#endif
|
||||
|
||||
if (!allow_run)
|
||||
log_fatal ("This version of gpg is not ready for use, use gpg 1.4.x\n");
|
||||
log_info ("WARNING: This version of gpg is not ready for use, use gpg 1.4.x\n");
|
||||
|
||||
/* FIXME: We should use logging to a file only in server mode;
|
||||
however we have not yet implemetyed that. Thus we try to get
|
||||
|
13
g10/keydb.h
13
g10/keydb.h
@ -144,6 +144,14 @@ struct keydb_search_desc {
|
||||
int exact;
|
||||
};
|
||||
|
||||
|
||||
/* Helper type for preference fucntions. */
|
||||
union pref_hint
|
||||
{
|
||||
int digest_length;
|
||||
};
|
||||
|
||||
|
||||
/*-- keydb.c --*/
|
||||
|
||||
/*
|
||||
@ -175,9 +183,10 @@ void show_revocation_reason( PKT_public_key *pk, int mode );
|
||||
int check_signatures_trust( PKT_signature *sig );
|
||||
void release_pk_list( PK_LIST pk_list );
|
||||
int build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned use );
|
||||
int algo_available( preftype_t preftype, int algo, void *hint );
|
||||
int algo_available( preftype_t preftype, int algo,
|
||||
const union pref_hint *hint );
|
||||
int select_algo_from_prefs( PK_LIST pk_list, int preftype,
|
||||
int request, void *hint );
|
||||
int request, const union pref_hint *hint);
|
||||
int select_mdc_from_pklist (PK_LIST pk_list);
|
||||
|
||||
/*-- skclist.c --*/
|
||||
|
@ -2147,6 +2147,16 @@ parse_comment( IOBUF inp, int pkttype, unsigned long pktlen, PACKET *packet )
|
||||
{
|
||||
byte *p;
|
||||
|
||||
/* Cap comment packet at a reasonable value to avoid an integer
|
||||
overflow in the malloc below. Comment packets are actually not
|
||||
anymore define my OpenPGP and we even stopped to use our
|
||||
private comment packet. */
|
||||
if (pktlen>65536)
|
||||
{
|
||||
log_error ("packet(%d) too large\n", pkttype);
|
||||
iobuf_skip_rest (inp, pktlen, 0);
|
||||
return G10ERR_INVALID_PACKET;
|
||||
}
|
||||
packet->pkt.comment = xmalloc(sizeof *packet->pkt.comment + pktlen - 1);
|
||||
packet->pkt.comment->len = pktlen;
|
||||
p = packet->pkt.comment->data;
|
||||
@ -2220,6 +2230,7 @@ parse_plaintext( IOBUF inp, int pkttype, unsigned long pktlen,
|
||||
}
|
||||
mode = iobuf_get_noeof(inp); if( pktlen ) pktlen--;
|
||||
namelen = iobuf_get_noeof(inp); if( pktlen ) pktlen--;
|
||||
/* Note that namelen will never exceed 255 bytes. */
|
||||
pt = pkt->pkt.plaintext = xmalloc(sizeof *pkt->pkt.plaintext + namelen -1);
|
||||
pt->new_ctb = new_ctb;
|
||||
pt->mode = mode;
|
||||
@ -2399,6 +2410,9 @@ parse_gpg_control( IOBUF inp, int pkttype,
|
||||
if ( sesmark[i] != iobuf_get_noeof(inp) )
|
||||
goto skipit;
|
||||
}
|
||||
if (pktlen > 4096)
|
||||
goto skipit; /* Definitely too large. We skip it to avoid an
|
||||
overflow in the malloc. */
|
||||
if ( list_mode )
|
||||
puts ("- gpg control packet");
|
||||
|
||||
|
@ -1186,7 +1186,7 @@ build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned int use )
|
||||
preference list, so I'm including it. -dms */
|
||||
|
||||
int
|
||||
algo_available( preftype_t preftype, int algo, void *hint )
|
||||
algo_available( preftype_t preftype, int algo, const union pref_hint *hint)
|
||||
{
|
||||
if( preftype == PREFTYPE_SYM )
|
||||
{
|
||||
@ -1210,18 +1210,18 @@ algo_available( preftype_t preftype, int algo, void *hint )
|
||||
}
|
||||
else if( preftype == PREFTYPE_HASH )
|
||||
{
|
||||
if(hint)
|
||||
if (hint && hint->digest_length)
|
||||
{
|
||||
if(opt.flags.dsa2)
|
||||
if (hint->digest_length!=20 || opt.flags.dsa2)
|
||||
{
|
||||
/* If --enable-dsa2 is set, then we'll accept a hash
|
||||
that is larger than we need. If --enable-dsa2 is not
|
||||
set, then we won't accept any hash that isn't exactly
|
||||
the right size. */
|
||||
if ((*(int *)hint) > gcry_md_get_algo_dlen (algo))
|
||||
/* If --enable-dsa2 is set or the hash isn't 160 bits
|
||||
(which implies DSA2), then we'll accept a hash that
|
||||
is larger than we need. Otherwise we won't accept
|
||||
any hash that isn't exactly the right size. */
|
||||
if (hint->digest_length > gcry_md_get_algo_dlen (algo))
|
||||
return 0;
|
||||
}
|
||||
else if (((*(int *)hint) != gcry_md_get_algo_dlen (algo)))
|
||||
else if (hint->digest_length != gcry_md_get_algo_dlen (algo))
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -1259,7 +1259,8 @@ algo_available( preftype_t preftype, int algo, void *hint )
|
||||
* Return -1 if we could not find an algorithm.
|
||||
*/
|
||||
int
|
||||
select_algo_from_prefs(PK_LIST pk_list, int preftype, int request, void *hint)
|
||||
select_algo_from_prefs(PK_LIST pk_list, int preftype, int request,
|
||||
const union pref_hint *hint)
|
||||
{
|
||||
PK_LIST pkr;
|
||||
u32 bits[8];
|
||||
|
95
g10/sign.c
95
g10/sign.c
@ -320,27 +320,6 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig,
|
||||
}
|
||||
else
|
||||
{
|
||||
#if 0 /* disabled *.
|
||||
/* Disabled for now. It seems reasonable to accept a
|
||||
truncated hash for a DSA1 key, even though we don't
|
||||
generate it without --enable-dsa2. Be liberal in what you
|
||||
accept, etc. */
|
||||
|
||||
/* If it's a DSA key, and q is 160 bits, it might be an
|
||||
old-style DSA key. If the hash doesn't match the q, fail
|
||||
unless --enable-dsa2 is set. If the q isn't 160 bits, then
|
||||
allow any hash since it must be a DSA2 key (if the hash is
|
||||
too small, we'll fail in encode_md_value). */
|
||||
if (sk->pubkey_algo==PUBKEY_ALGO_DSA
|
||||
&& (gcry_mpi_get_nbits (sk->skey[1])/8)==20
|
||||
&& !opt.flags.dsa2
|
||||
&& gcry_md_get_algo_dlen (digest_algo)!=20)
|
||||
{
|
||||
log_error(_("DSA requires the use of a 160 bit hash algorithm\n"));
|
||||
return G10ERR_GENERAL;
|
||||
}
|
||||
#endif /* disabled */
|
||||
|
||||
frame = encode_md_value( NULL, sk, md, digest_algo );
|
||||
if (!frame)
|
||||
return G10ERR_GENERAL;
|
||||
@ -869,8 +848,13 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
|
||||
if (DBG_HASHING)
|
||||
gcry_md_start_debug (mfx.md, "sign");
|
||||
|
||||
/* If we're encrypting and signing, it is reasonable to pick the
|
||||
hash algorithm to use out of the recepient key prefs. */
|
||||
/* If we're encrypting and signing, it is reasonable to pick the
|
||||
hash algorithm to use out of the recepient key prefs. This is
|
||||
best effort only, as in a DSA2 and smartcard world there are
|
||||
cases where we cannot please everyone with a single hash (DSA2
|
||||
wants >160 and smartcards want =160). In the future this could
|
||||
be more complex with different hashes for each sk, but the
|
||||
current design requires a single hash for all SKs. */
|
||||
if(pk_list)
|
||||
{
|
||||
if(opt.def_digest_algo)
|
||||
@ -886,30 +870,57 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
|
||||
}
|
||||
else
|
||||
{
|
||||
int hashlen=0,algo;
|
||||
int algo, smartcard=0;
|
||||
union pref_hint hint;
|
||||
|
||||
hint.digest_length = 0;
|
||||
|
||||
/* Of course, if the recipient asks for something
|
||||
unreasonable (like a non-160-bit hash for DSA, for
|
||||
example), then don't do it. Check all sk's - if any
|
||||
are DSA, then the hash must be 160-bit. In the future
|
||||
this can be more complex with different hashes for each
|
||||
sk, but so long as there is only one signing algorithm
|
||||
with hash restrictions, this is ok. -dms */
|
||||
unreasonable (like the wrong hash for a DSA key) then
|
||||
don't do it. Check all sk's - if any are DSA or live
|
||||
on a smartcard, then the hash has restrictions and we
|
||||
may not be able to give the recipient what they want.
|
||||
For DSA, pass a hint for the largest q we have. Note
|
||||
that this means that a q>160 key will override a q=160
|
||||
key and force the use of truncation for the q=160 key.
|
||||
The alternative would be to ignore the recipient prefs
|
||||
completely and get a different hash for each DSA key in
|
||||
hash_for(). The override behavior here is more or less
|
||||
reasonable as it is under the control of the user which
|
||||
keys they sign with for a given message and the fact
|
||||
that the message with multiple signatures won't be
|
||||
usable on an implementation that doesn't understand
|
||||
DSA2 anyway. */
|
||||
|
||||
/* Current smartcards only do 160-bit hashes as well.
|
||||
Note that this may well have to change as the cards add
|
||||
algorithms. */
|
||||
for (sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next )
|
||||
{
|
||||
if (sk_rover->sk->pubkey_algo == PUBKEY_ALGO_DSA)
|
||||
{
|
||||
int temp_hashlen = gcry_mpi_get_nbits
|
||||
(sk_rover->sk->skey[1])+7/8;
|
||||
|
||||
for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next )
|
||||
if(sk_rover->sk->pubkey_algo==PUBKEY_ALGO_DSA
|
||||
|| (sk_rover->sk->is_protected
|
||||
&& sk_rover->sk->protect.s2k.mode==1002))
|
||||
hashlen=20;
|
||||
/* Pick a hash that is large enough for our
|
||||
largest q */
|
||||
|
||||
if((algo=
|
||||
select_algo_from_prefs(pk_list,PREFTYPE_HASH,-1,
|
||||
hashlen?&hashlen:NULL))>0)
|
||||
recipient_digest_algo=algo;
|
||||
if (hint.digest_length<temp_hashlen)
|
||||
hint.digest_length=temp_hashlen;
|
||||
}
|
||||
else if (sk_rover->sk->is_protected
|
||||
&& sk_rover->sk->protect.s2k.mode == 1002)
|
||||
smartcard = 1;
|
||||
}
|
||||
|
||||
/* Current smartcards only do 160-bit hashes. If we have
|
||||
to have a >160-bit hash, then we can't use the
|
||||
recipient prefs as we'd need both =160 and >160 at the
|
||||
same time and recipient prefs currently require a
|
||||
single hash for all signatures. All this may well have
|
||||
to change as the cards add algorithms. */
|
||||
|
||||
if (!smartcard || (smartcard && hint.digest_length==20))
|
||||
if ( (algo=
|
||||
select_algo_from_prefs(pk_list,PREFTYPE_HASH,-1,&hint)) > 0)
|
||||
recipient_digest_algo=algo;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -1,3 +1,12 @@
|
||||
2006-07-24 David Shaw <dshaw@jabberwocky.com> (wk)
|
||||
|
||||
* curl-shim.c (curl_easy_perform): Minor cleanup of proxy code.
|
||||
|
||||
* gpgkeys_hkp.c (send_key)
|
||||
* gpgkeys_ldap.c (send_key, send_key_keyserver): Fix string
|
||||
matching problem when the ascii armored form of the key happens to
|
||||
match "KEY" at the beginning of the line.
|
||||
|
||||
2006-04-26 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* gpgkeys_http.c, gpgkeys_oldhkp.c: Removed.
|
||||
|
@ -164,13 +164,11 @@ curl_easy_perform(CURL *curl)
|
||||
/* Emulate the libcurl proxy behavior. If the calling program set a
|
||||
proxy, use it. If it didn't set a proxy or set it to NULL, check
|
||||
for one in the environment. If the calling program explicitly
|
||||
set a null-string proxy, don't set a proxy at all. */
|
||||
set a null-string proxy the http code doesn't use a proxy at
|
||||
all. */
|
||||
|
||||
if(curl->proxy)
|
||||
{
|
||||
if(*curl->proxy)
|
||||
proxy=curl->proxy;
|
||||
}
|
||||
proxy=curl->proxy;
|
||||
else
|
||||
proxy=getenv(HTTP_PROXY_ENV);
|
||||
|
||||
|
@ -86,7 +86,7 @@ send_key(int *eof)
|
||||
CURLcode res;
|
||||
char request[MAX_URL+15];
|
||||
int begin=0,end=0,ret=KEYSERVER_INTERNAL_ERROR;
|
||||
char keyid[17];
|
||||
char keyid[17],state[6];
|
||||
char line[MAX_LINE];
|
||||
char *key=NULL,*encoded_key=NULL;
|
||||
size_t keylen=0,keymax=0;
|
||||
@ -94,7 +94,8 @@ send_key(int *eof)
|
||||
/* Read and throw away input until we see the BEGIN */
|
||||
|
||||
while(fgets(line,MAX_LINE,input)!=NULL)
|
||||
if(sscanf(line,"KEY %16s BEGIN\n",keyid)==1)
|
||||
if(sscanf(line,"KEY%*[ ]%16s%*[ ]%5s\n",keyid,state)==2
|
||||
&& strcmp(state,"BEGIN")==0)
|
||||
{
|
||||
begin=1;
|
||||
break;
|
||||
@ -112,7 +113,8 @@ send_key(int *eof)
|
||||
/* Now slurp up everything until we see the END */
|
||||
|
||||
while(fgets(line,MAX_LINE,input))
|
||||
if(sscanf(line,"KEY %16s END\n",keyid)==1)
|
||||
if(sscanf(line,"KEY%*[ ]%16s%*[ ]%3s\n",keyid,state)==2
|
||||
&& strcmp(state,"END")==0)
|
||||
{
|
||||
end=1;
|
||||
break;
|
||||
@ -194,6 +196,7 @@ send_key(int *eof)
|
||||
{
|
||||
fprintf(console,"gpgkeys: HTTP post error %d: %s\n",res,errorbuffer);
|
||||
ret=curl_err_to_gpg_err(res);
|
||||
goto fail;
|
||||
}
|
||||
else
|
||||
fprintf(output,"\nKEY %s SENT\n",keyid);
|
||||
|
@ -567,7 +567,7 @@ send_key(int *eof)
|
||||
{
|
||||
int err,begin=0,end=0,keysize=1,ret=KEYSERVER_INTERNAL_ERROR;
|
||||
char *dn=NULL,line[MAX_LINE],*key=NULL;
|
||||
char keyid[17];
|
||||
char keyid[17],state[6];
|
||||
LDAPMod **modlist,**addlist,**ml;
|
||||
|
||||
modlist=malloc(sizeof(LDAPMod *));
|
||||
@ -608,7 +608,8 @@ send_key(int *eof)
|
||||
/* Assemble the INFO stuff into LDAP attributes */
|
||||
|
||||
while(fgets(line,MAX_LINE,input)!=NULL)
|
||||
if(sscanf(line,"INFO %16s BEGIN\n",keyid)==1)
|
||||
if(sscanf(line,"INFO%*[ ]%16s%*[ ]%5s\n",keyid,state)==2
|
||||
&& strcmp(state,"BEGIN")==0)
|
||||
{
|
||||
begin=1;
|
||||
break;
|
||||
@ -653,7 +654,8 @@ send_key(int *eof)
|
||||
/* Now parse each line until we see the END */
|
||||
|
||||
while(fgets(line,MAX_LINE,input)!=NULL)
|
||||
if(sscanf(line,"INFO %16s END\n",keyid)==1)
|
||||
if(sscanf(line,"INFO%*[ ]%16s%*[ ]%3s\n",keyid,state)==2
|
||||
&& strcmp(state,"END")==0)
|
||||
{
|
||||
end=1;
|
||||
break;
|
||||
@ -674,7 +676,8 @@ send_key(int *eof)
|
||||
/* Read and throw away stdin until we see the BEGIN */
|
||||
|
||||
while(fgets(line,MAX_LINE,input)!=NULL)
|
||||
if(sscanf(line,"KEY %16s BEGIN\n",keyid)==1)
|
||||
if(sscanf(line,"KEY%*[ ]%16s%*[ ]%5s\n",keyid,state)==2
|
||||
&& strcmp(state,"BEGIN")==0)
|
||||
{
|
||||
begin=1;
|
||||
break;
|
||||
@ -692,7 +695,8 @@ send_key(int *eof)
|
||||
/* Now slurp up everything until we see the END */
|
||||
|
||||
while(fgets(line,MAX_LINE,input)!=NULL)
|
||||
if(sscanf(line,"KEY %16s END\n",keyid)==1)
|
||||
if(sscanf(line,"KEY%*[ ]%16s%*[ ]%3s\n",keyid,state)==2
|
||||
&& strcmp(state,"END")==0)
|
||||
{
|
||||
end=1;
|
||||
break;
|
||||
@ -778,7 +782,7 @@ send_key_keyserver(int *eof)
|
||||
{
|
||||
int err,begin=0,end=0,keysize=1,ret=KEYSERVER_INTERNAL_ERROR;
|
||||
char *dn=NULL,line[MAX_LINE],*key[2]={NULL,NULL};
|
||||
char keyid[17];
|
||||
char keyid[17],state[6];
|
||||
LDAPMod mod, *attrs[2];
|
||||
|
||||
memset(&mod,0,sizeof(mod));
|
||||
@ -812,7 +816,8 @@ send_key_keyserver(int *eof)
|
||||
/* Read and throw away stdin until we see the BEGIN */
|
||||
|
||||
while(fgets(line,MAX_LINE,input)!=NULL)
|
||||
if(sscanf(line,"KEY %16s BEGIN\n",keyid)==1)
|
||||
if(sscanf(line,"KEY%*[ ]%16s%*[ ]%5s\n",keyid,state)==2
|
||||
&& strcmp(state,"BEGIN")==0)
|
||||
{
|
||||
begin=1;
|
||||
break;
|
||||
@ -830,7 +835,8 @@ send_key_keyserver(int *eof)
|
||||
/* Now slurp up everything until we see the END */
|
||||
|
||||
while(fgets(line,MAX_LINE,input)!=NULL)
|
||||
if(sscanf(line,"KEY %16s END\n",keyid)==1)
|
||||
if(sscanf(line,"KEY%*[ ]%16s%*[ ]%3s\n",keyid,state)==2
|
||||
&& strcmp(state,"END")==0)
|
||||
{
|
||||
end=1;
|
||||
break;
|
||||
|
@ -1,3 +1,7 @@
|
||||
2006-07-27 Werner Koch <wk@g10code.com>
|
||||
|
||||
* autobuild.m4: New.
|
||||
|
||||
2006-06-30 Werner Koch <wk@g10code.com>
|
||||
|
||||
* ldap.m4: New. Taken from gnupg 1.4.4
|
||||
|
@ -3,3 +3,6 @@ EXTRA_DIST = intmax.m4 longdouble.m4 longlong.m4 printf-posix.m4 signed.m4 size_
|
||||
EXTRA_DIST += ldap.m4
|
||||
|
||||
EXTRA_DIST += gpg-error.m4 libgcrypt.m4 libassuan.m4 ksba.m4
|
||||
|
||||
EXTRA_DIST += autobuild.m4
|
||||
|
||||
|
34
m4/autobuild.m4
Normal file
34
m4/autobuild.m4
Normal file
@ -0,0 +1,34 @@
|
||||
# autobuild.m4 serial 2 (autobuild-3.3)
|
||||
# Copyright (C) 2004 Simon Josefsson
|
||||
#
|
||||
# This file is free software, distributed under the terms of the GNU
|
||||
# General Public License. As a special exception to the GNU General
|
||||
# Public License, this file may be distributed as part of a program
|
||||
# that contains a configuration script generated by Autoconf, under
|
||||
# the same distribution terms as the rest of that program.
|
||||
#
|
||||
# This file can can be used in projects which are not available under
|
||||
# the GNU General Public License or the GNU Library General Public
|
||||
# License but which still want to provide support for Autobuild.
|
||||
|
||||
# Usage: AB_INIT([MODE]).
|
||||
AC_DEFUN([AB_INIT],
|
||||
[
|
||||
AC_REQUIRE([AC_CANONICAL_BUILD])
|
||||
AC_REQUIRE([AC_CANONICAL_HOST])
|
||||
|
||||
AC_MSG_NOTICE([autobuild project... ${PACKAGE_NAME:-$PACKAGE}])
|
||||
AC_MSG_NOTICE([autobuild revision... ${PACKAGE_VERSION:-$VERSION}])
|
||||
hostname=`hostname`
|
||||
if test "$hostname"; then
|
||||
AC_MSG_NOTICE([autobuild hostname... $hostname])
|
||||
fi
|
||||
ifelse([$1],[],,[AC_MSG_NOTICE([autobuild mode... $1])])
|
||||
date=`date +%Y%m%d-%H%M%S`
|
||||
if test "$?" != 0; then
|
||||
date=`date`
|
||||
fi
|
||||
if test "$date"; then
|
||||
AC_MSG_NOTICE([autobuild timestamp... $date])
|
||||
fi
|
||||
])
|
70
po/de.po
70
po/de.po
@ -10,7 +10,7 @@ msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: gnupg2 1.9.18\n"
|
||||
"Report-Msgid-Bugs-To: translations@gnupg.org\n"
|
||||
"POT-Creation-Date: 2006-06-20 18:45+0200\n"
|
||||
"POT-Creation-Date: 2006-07-24 16:19+0200\n"
|
||||
"PO-Revision-Date: 2006-06-20 20:04+0200\n"
|
||||
"Last-Translator: Werner Koch <wk@gnupg.org>\n"
|
||||
"Language-Team: de\n"
|
||||
@ -215,45 +215,45 @@ msgstr "stat() Aufruf für `%s' fehlgeschlagen: %s\n"
|
||||
msgid "can't use `%s' as home directory\n"
|
||||
msgstr "Die Datei `%s' kann nicht als Home-Verzeichniss benutzt werden\n"
|
||||
|
||||
#: agent/gpg-agent.c:1402
|
||||
#: agent/gpg-agent.c:1403
|
||||
#, c-format
|
||||
msgid "handler 0x%lx for fd %d started\n"
|
||||
msgstr "Handhabungsroutine 0x%lx für fd %d gestartet\n"
|
||||
|
||||
#: agent/gpg-agent.c:1412
|
||||
#: agent/gpg-agent.c:1413
|
||||
#, c-format
|
||||
msgid "handler 0x%lx for fd %d terminated\n"
|
||||
msgstr "Handhabungsroutine 0x%lx für den fd %d beendet\n"
|
||||
|
||||
#: agent/gpg-agent.c:1426
|
||||
#: agent/gpg-agent.c:1427
|
||||
#, c-format
|
||||
msgid "ssh handler 0x%lx for fd %d started\n"
|
||||
msgstr "SSH Handhabungsroutine 0x%lx für fd %d gestartet\n"
|
||||
|
||||
#: agent/gpg-agent.c:1433
|
||||
#: agent/gpg-agent.c:1434
|
||||
#, c-format
|
||||
msgid "ssh handler 0x%lx for fd %d terminated\n"
|
||||
msgstr "SSH Handhabungsroutine 0x%lx für fd %d beendet\n"
|
||||
|
||||
#: agent/gpg-agent.c:1527 scd/scdaemon.c:1108
|
||||
#: agent/gpg-agent.c:1528 scd/scdaemon.c:1108
|
||||
#, c-format
|
||||
msgid "pth_select failed: %s - waiting 1s\n"
|
||||
msgstr "pth_select() Aufruf fehlgeschlagen: %s - warte 1s\n"
|
||||
|
||||
#: agent/gpg-agent.c:1611 scd/scdaemon.c:1165
|
||||
#: agent/gpg-agent.c:1612 scd/scdaemon.c:1165
|
||||
#, c-format
|
||||
msgid "%s %s stopped\n"
|
||||
msgstr "%s %s angehalten\n"
|
||||
|
||||
#: agent/gpg-agent.c:1632
|
||||
#: agent/gpg-agent.c:1633
|
||||
msgid "no gpg-agent running in this session\n"
|
||||
msgstr "Der gpg-agent läuft nicht für diese Session\n"
|
||||
|
||||
#: agent/gpg-agent.c:1642 common/simple-pwquery.c:324 sm/call-agent.c:144
|
||||
#: agent/gpg-agent.c:1643 common/simple-pwquery.c:324 sm/call-agent.c:144
|
||||
msgid "malformed GPG_AGENT_INFO environment variable\n"
|
||||
msgstr "Die Variable GPG_AGENT_INFO ist fehlerhaft\n"
|
||||
|
||||
#: agent/gpg-agent.c:1654 common/simple-pwquery.c:336 sm/call-agent.c:156
|
||||
#: agent/gpg-agent.c:1655 common/simple-pwquery.c:336 sm/call-agent.c:156
|
||||
#, c-format
|
||||
msgid "gpg-agent protocol version %d is not supported\n"
|
||||
msgstr "Das gpg-agent Protocol %d wird nicht unterstützt\n"
|
||||
@ -816,23 +816,23 @@ msgstr "keine"
|
||||
msgid "[none]"
|
||||
msgstr "[keine]"
|
||||
|
||||
#: sm/certdump.c:499 sm/certdump.c:562
|
||||
#: sm/certdump.c:529 sm/certdump.c:592
|
||||
msgid "[Error - invalid encoding]"
|
||||
msgstr "[Fehler - Ungültige Kodierung]"
|
||||
|
||||
#: sm/certdump.c:507
|
||||
#: sm/certdump.c:537
|
||||
msgid "[Error - out of core]"
|
||||
msgstr "[Fehler - Nich genügend Speicher]"
|
||||
|
||||
#: sm/certdump.c:542
|
||||
#: sm/certdump.c:572
|
||||
msgid "[Error - No name]"
|
||||
msgstr "[Fehler - Kein Name]"
|
||||
|
||||
#: sm/certdump.c:567
|
||||
#: sm/certdump.c:597
|
||||
msgid "[Error - invalid DN]"
|
||||
msgstr "[Fehler - Ungültiger DN]"
|
||||
|
||||
#: sm/certdump.c:728
|
||||
#: sm/certdump.c:758
|
||||
#, c-format
|
||||
msgid ""
|
||||
"Please enter the passphrase to unlock the secret key for:\n"
|
||||
@ -916,91 +916,91 @@ msgstr "Der Herausgeber wird von einer externen Stelle gesucht\n"
|
||||
msgid "number of issuers matching: %d\n"
|
||||
msgstr "Anzahl der übereinstimmenden Heruasgeber: %d\n"
|
||||
|
||||
#: sm/certchain.c:514 sm/certchain.c:676 sm/certchain.c:1114 sm/decrypt.c:261
|
||||
#: sm/certchain.c:514 sm/certchain.c:678 sm/certchain.c:1116 sm/decrypt.c:261
|
||||
#: sm/encrypt.c:342 sm/sign.c:325 sm/verify.c:107
|
||||
msgid "failed to allocated keyDB handle\n"
|
||||
msgstr "Ein keyDB Handle konnte nicht bereitgestellt werden\n"
|
||||
|
||||
#: sm/certchain.c:603
|
||||
#: sm/certchain.c:605
|
||||
msgid "certificate has been revoked"
|
||||
msgstr "Das Zertifikat wurde widerrufen"
|
||||
|
||||
#: sm/certchain.c:612
|
||||
#: sm/certchain.c:614
|
||||
msgid "no CRL found for certificate"
|
||||
msgstr "Keine CRL für das Zertifikat gefunden"
|
||||
|
||||
#: sm/certchain.c:616
|
||||
#: sm/certchain.c:618
|
||||
msgid "the available CRL is too old"
|
||||
msgstr "Die vorhandene CRL ist zu alt"
|
||||
|
||||
#: sm/certchain.c:618
|
||||
#: sm/certchain.c:620
|
||||
msgid "please make sure that the \"dirmngr\" is properly installed\n"
|
||||
msgstr ""
|
||||
"Bitte vergewissern Sie sich das der \"dirmngr\" richtig installierrt ist\n"
|
||||
|
||||
#: sm/certchain.c:623
|
||||
#: sm/certchain.c:625
|
||||
#, c-format
|
||||
msgid "checking the CRL failed: %s"
|
||||
msgstr "Die CRL konnte nicht geprüft werden: %s"
|
||||
|
||||
#: sm/certchain.c:696
|
||||
#: sm/certchain.c:698
|
||||
msgid "no issuer found in certificate"
|
||||
msgstr "Im Zertifikat ist kein Herausgeber enthalten"
|
||||
|
||||
#: sm/certchain.c:709
|
||||
#: sm/certchain.c:711
|
||||
#, c-format
|
||||
msgid "certificate with invalid validity: %s"
|
||||
msgstr "Zertifikat mit unzulässiger Gültigkeit: %s"
|
||||
|
||||
#: sm/certchain.c:725
|
||||
#: sm/certchain.c:727
|
||||
msgid "certificate not yet valid"
|
||||
msgstr "Das Zertifikat ist noch nicht gültig"
|
||||
|
||||
#: sm/certchain.c:738
|
||||
#: sm/certchain.c:740
|
||||
msgid "certificate has expired"
|
||||
msgstr "Das Zertifikat ist abgelaufen"
|
||||
|
||||
#: sm/certchain.c:775
|
||||
#: sm/certchain.c:777
|
||||
msgid "self-signed certificate has a BAD signature"
|
||||
msgstr "Das eigenbeglaubigte Zertifikat hat eine FALSCHE Signatur"
|
||||
|
||||
#: sm/certchain.c:840
|
||||
#: sm/certchain.c:842
|
||||
msgid "root certificate is not marked trusted"
|
||||
msgstr "Das Wurzelzertifikat ist nicht als vertrauenswürdig markiert"
|
||||
|
||||
#: sm/certchain.c:851
|
||||
#: sm/certchain.c:853
|
||||
#, c-format
|
||||
msgid "fingerprint=%s\n"
|
||||
msgstr "Fingerprint=%s\n"
|
||||
|
||||
#: sm/certchain.c:856
|
||||
#: sm/certchain.c:858
|
||||
msgid "root certificate has now been marked as trusted\n"
|
||||
msgstr "Das Wurzelzertifikat wurde nun als vertrauenswürdig markiert\n"
|
||||
|
||||
#: sm/certchain.c:871
|
||||
#: sm/certchain.c:873
|
||||
#, c-format
|
||||
msgid "checking the trust list failed: %s\n"
|
||||
msgstr "Fehler beim Prüfen der vertrauenswürdigen Zertifikate: %s\n"
|
||||
|
||||
#: sm/certchain.c:897 sm/import.c:158
|
||||
#: sm/certchain.c:899 sm/import.c:158
|
||||
msgid "certificate chain too long\n"
|
||||
msgstr "Der Zertifikatkette ist zu lang\n"
|
||||
|
||||
#: sm/certchain.c:909
|
||||
#: sm/certchain.c:911
|
||||
msgid "issuer certificate not found"
|
||||
msgstr "Herausgeberzertifikat nicht gefunden"
|
||||
|
||||
#: sm/certchain.c:942
|
||||
#: sm/certchain.c:944
|
||||
msgid "certificate has a BAD signature"
|
||||
msgstr "Das Zertifikat hat eine FALSCHE Signatur"
|
||||
|
||||
#: sm/certchain.c:972
|
||||
#: sm/certchain.c:974
|
||||
msgid "found another possible matching CA certificate - trying again"
|
||||
msgstr ""
|
||||
"Eine anderes möglicherweise passendes CA-Zertifikat gefunden - versuche "
|
||||
"nochmal"
|
||||
|
||||
#: sm/certchain.c:995
|
||||
#: sm/certchain.c:997
|
||||
#, c-format
|
||||
msgid "certificate chain longer than allowed by CA (%d)"
|
||||
msgstr "Die Zertifikatkette ist länger als von der CA erlaubt (%d)"
|
||||
|
Loading…
x
Reference in New Issue
Block a user