Add new SVN only file README.maint

doc/
	* gpg.texi (GPG Configuration): Document envvar LANGUAGE.
	(GPG Configuration Options): Document show-primary-uid-only.
g10/
	* gpg.c (main): Add verify option show-primary-uid-only.
	* options.h (VERIFY_SHOW_PRIMARY_UID_ONLY): New.
	* mainproc.c (check_sig_and_print): Implement it.

	* encr-data.c (decrypt_data): Correctly test for unknown algorithm.
	* import.c (check_prefs): Ditto.
	* keyedit.c (show_prefs): Ditto.
	* mainproc.c (proc_symkey_enc): Ditto.

NEWS

@@ -1,3 +1,9 @@
+Noteworthy changes in version 2.0.3
+------------------------------------------------
+
+ * New --verify-option show-primary-uid-only. 
+
+
 Noteworthy changes in version 2.0.2 (2007-01-31)
 ------------------------------------------------
 
@@ -14,7 +20,7 @@ Noteworthy changes in version 2.0.2 (2007-01-31)
    short.  New option --min-passphrase-len defaults to 8.
 
  * The status code BEGIN_SIGNING now shows the used hash algorithms.
- 
+
 
 Noteworthy changes in version 2.0.1 (2006-11-28)
 ------------------------------------------------

README.maint

@@ -0,0 +1,42 @@
+            Notes for the GnuPG maintainer  (SVN only)
+           ============================================
+
+Here are some notes on how to maintain GnuPG.
+
+
+Release process:
+================
+
+  * Make sure that all new PO files are checked in.
+  * Decide whether you want to update the automake standard files 
+    (Mainly config.guess and config.sub).
+  * [1.4 only] Update gpg.texi and gpgv.texi from the trunk.
+  * Run "make update-po".
+  * Write NEWS entries and set the release date in NEWS.
+  * In configure.ac set "my_issvn" to "no".
+  * Commit all changes to the SVN.
+  * Update the SVN then (to sync the release number of all files).
+  * Run "./autogen.sh --force"
+    (--force is required for the svn magic in configure.ac and a good
+    idea in any case)
+  * Run "make distcheck"
+  * Build and test the new tarball (best on a different machine).
+  * [1.4 only] Build and test the W32 vesion.
+  * Sign the tarball
+  * Get the previous tarball and run "mkdiff gnupg".  
+    You might need to set a different signature key than mine.  mkdiff
+    has an option for this.
+  * If you are satisied with the result tag the release.  Use "svn
+    info" to get the current URL and use an svn cp command similar to
+    "svn cp svn+ssh://host/gnupg/trunk  svn+ssh://host/gnupg/tags/2.n.m"
+    (for 1.4 you should see "branches/STABLE-BRANCH-1-4" instead of "trunk",
+     however tags are all below tags).
+  * Copy the files to the FTP server
+  * Update the webpages - at least the file swdb.wml needs an update.
+  * Add a new headline to NEWS.
+  * Bump "my_version" up and set "my_issvn" back to "yes" in configure.ac 
+  * Write an announcement.
+
+
+
+

THANKS

@@ -17,6 +17,7 @@ Anthony Carrico            acarrico at memebeam.org
 Anthony Mulcahy 	   anthony at kcn.ne.jp
 Ariel T Glenn		   ariel at columbia.edu
 ARIGA Seiji                ariga at os.rim.or.jp
+Benjamin Donnachie         benjamin at py-soft.co.uk
 Bernhard Herzog            bh at intevation.de
 Bernhard Reiter            bernhard at intevation.de
 Billy Halsey               bshalsey at paxoo.com

doc/ChangeLog

@@ -1,3 +1,8 @@
+2007-02-26  Werner Koch  <wk@g10code.com>
+
+	* gpg.texi (GPG Configuration): Document envvar LANGUAGE.
+	(GPG Configuration Options): Document show-primary-uid-only.
+
 2007-02-18  Werner Koch  <wk@g10code.com>
 
 	* gpg.texi (GPG Esoteric Options): No card reader options for gpg2. 

doc/DETAILS

@@ -559,14 +559,14 @@ more arguments in future versions.
         The output was truncated to MAXNO items.  This status code is issued
         for certain external requests
 
-    ERROR <error location> <error code> 
+    ERROR <error location> <error code> [<more>]
 
         This is a generic error status message, it might be followed
-        by error location specific data. <error token> and
-        <error_location> should not contain a space.  The error code
-        is a either a string commencing with a letter or such string
-        prefix with a numerical error code and an underscore; e.g.:
-        "151011327_EOF"
+        by error location specific data. <error code> and
+        <error_location> should not contain spaces.  The error code is
+        a either a string commencing with a letter or such a string
+        prefixed with a numerical error code and an underscore; e.g.:
+        "151011327_EOF".
 
     ATTRIBUTE <fpr> <octets> <type> <index> <count>
 	      <timestamp> <expiredate> <flags>

doc/gpg.texi

@@ -1003,6 +1003,11 @@ the signature. Defaults to no.
 Show revoked and expired user IDs during signature verification.
 Defaults to no.
 
+@item show-primary-uid-only
+Show only the primary user ID during signature verification.  That is
+all the AKA lines as well as photo Ids are not shown with the signature
+verification status.
+
 @item pka-lookups
 Enable PKA lookups to verify sender addresses. Note that PKA is based
 on DNS, and so enabling this option may disclose information on when
@@ -2581,6 +2586,16 @@ value. The option @option{--gpg-agent-info} can be used to override it.
 @itemx LINES
 Used to size some displays to the full size of the screen.
 
+
+@item LANGUAGE
+Apart from its use by GNU, it is used in the W32 version to override the
+language selection done through the Registry.  If used and set to a a
+valid and available language name (@var{langid}), the file with the
+translation is loaded from
+@code{@var{gpgdir}/gnupg.nls/@var{langid}.mo}.  Here @var{gpgdir} is the
+directory out of which the gpg binary has been laoded.  If it can't be
+loaded the Registry is tried as a fallback.
+
 @end table
 
 

g10/ChangeLog

@@ -1,3 +1,16 @@
+2007-02-26  Werner Koch  <wk@g10code.com>
+
+	* gpg.c (main): Add verify option show-primary-uid-only.
+	* options.h (VERIFY_SHOW_PRIMARY_UID_ONLY): New.
+	* mainproc.c (check_sig_and_print): Implement it.
+
+2007-02-22  Werner Koch  <wk@g10code.com>
+
+	* encr-data.c (decrypt_data): Correctly test for unknown algorithm.
+	* import.c (check_prefs): Ditto.
+	* keyedit.c (show_prefs): Ditto.
+	* mainproc.c (proc_symkey_enc): Ditto.
+
 2007-02-06  Werner Koch  <wk@g10code.com>
 
 	* export.c (do_export_stream): Allow reset-subkey-passwd along

g10/encr-data.c

@@ -90,11 +90,10 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
 
   if ( opt.verbose && !dek->algo_info_printed )
     {
-      const char *s = gcry_cipher_algo_name (dek->algo);
-      if (s && *s)
-        log_info(_("%s encrypted data\n"), s );
+      if (!gcry_cipher_test_algo (dek->algo))
+        log_info (_("%s encrypted data\n"), gcry_cipher_algo_name (dek->algo));
       else
-        log_info(_("encrypted with unknown algorithm %d\n"), dek->algo );
+        log_info (_("encrypted with unknown algorithm %d\n"), dek->algo );
       dek->algo_info_printed = 1;
     }
   rc = openpgp_cipher_test_algo (dek->algo);

g10/gpg.c

@@ -2601,6 +2601,8 @@ main (int argc, char **argv )
 		   N_("show user ID validity during signature verification")},
 		  {"show-unusable-uids",VERIFY_SHOW_UNUSABLE_UIDS,NULL,
 		   N_("show revoked and expired user IDs in signature verification")},
+		  {"show-primary-uid-only",VERIFY_SHOW_PRIMARY_UID_ONLY,NULL,
+		   N_("show only the primary user ID in signature verification")},
 		  {"pka-lookups",VERIFY_PKA_LOOKUPS,NULL,
 		   N_("validate signatures with PKA data")},
 		  {"pka-trust-increase",VERIFY_PKA_TRUST_INCREASE,NULL,

g10/import.c

@@ -603,11 +603,14 @@ check_prefs(KBNODE keyblock)
 		{
 		  if (openpgp_cipher_test_algo (prefs->value))
 		    {
-		      const char *algo = gcry_cipher_algo_name (prefs->value);
+		      const char *algo = 
+                        (gcry_cipher_test_algo (prefs->value)
+                         ? num 
+                         : gcry_cipher_algo_name (prefs->value));
 		      if(!problem)
 			check_prefs_warning(pk);
 		      log_info(_("         \"%s\": preference for cipher"
-				 " algorithm %s\n"),user,algo?algo:num);
+				 " algorithm %s\n"), user, algo);
 		      problem=1;
 		    }
 		}
@@ -615,11 +618,14 @@ check_prefs(KBNODE keyblock)
 		{
 		  if(openpgp_md_test_algo(prefs->value))
 		    {
-		      const char *algo = gcry_md_algo_name (prefs->value);
+		      const char *algo =
+                        (gcry_md_test_algo (prefs->value)
+                         ? num 
+                         : gcry_md_algo_name (prefs->value));
 		      if(!problem)
 			check_prefs_warning(pk);
 		      log_info(_("         \"%s\": preference for digest"
-				 " algorithm %s\n"),user,algo?algo:num);
+				 " algorithm %s\n"), user, algo);
 		      problem=1;
 		    }
 		}

g10/keyedit.c

@@ -2319,14 +2319,13 @@ show_prefs (PKT_user_id *uid, PKT_signature *selfsig, int verbose)
 	tty_printf (_("Cipher: "));
         for(i=any=0; prefs[i].type; i++ ) {
             if( prefs[i].type == PREFTYPE_SYM ) {
-                const char *s = gcry_cipher_algo_name (prefs[i].value);
-                
                 if (any)
                     tty_printf (", ");
                 any = 1;
                 /* We don't want to display strings for experimental algos */
-                if (s && prefs[i].value < 100 )
-                    tty_printf ("%s", s );
+                if (!gcry_cipher_test_algo (prefs[i].value)
+                    && prefs[i].value < 100 )
+                    tty_printf ("%s", gcry_cipher_algo_name (prefs[i].value));
                 else
                     tty_printf ("[%d]", prefs[i].value);
                 if (prefs[i].value == CIPHER_ALGO_3DES )
@@ -2342,14 +2341,13 @@ show_prefs (PKT_user_id *uid, PKT_signature *selfsig, int verbose)
 	tty_printf (_("Digest: "));
         for(i=any=0; prefs[i].type; i++ ) {
             if( prefs[i].type == PREFTYPE_HASH ) {
-                const char *s = gcry_md_algo_name (prefs[i].value);
-                
                 if (any)
                     tty_printf (", ");
                 any = 1;
                 /* We don't want to display strings for experimental algos */
-                if (s && prefs[i].value < 100 )
-                    tty_printf ("%s", s );
+                if (!gcry_md_test_algo (prefs[i].value)
+                    && prefs[i].value < 100 )
+                    tty_printf ("%s", gcry_md_algo_name (prefs[i].value) );
                 else
                     tty_printf ("[%d]", prefs[i].value);
                 if (prefs[i].value == DIGEST_ALGO_SHA1 )

g10/mainproc.c

@@ -273,7 +273,7 @@ proc_symkey_enc( CTX c, PACKET *pkt )
         int algo = enc->cipher_algo;
 	const char *s = gcry_cipher_algo_name (algo);
 
-	if(s)
+	if (!gcry_cipher_test_algo (algo))
 	  {
 	    if(!opt.quiet)
 	      {
@@ -1768,7 +1768,8 @@ check_sig_and_print( CTX c, KBNODE node )
 
         /* If we have a good signature and already printed 
          * the primary user ID, print all the other user IDs */
-        if ( count && !rc ) {
+        if ( count && !rc
+             && !(opt.verify_options&VERIFY_SHOW_PRIMARY_UID_ONLY)) {
 	    char *p;
             for( un=keyblock; un; un = un->next ) {
                 if( un->pkt->pkttype != PKT_USER_ID )

g10/options.h

@@ -341,6 +341,7 @@ EXTERN_UNLESS_MAIN_MODULE int memory_stat_debug_mode;
 #define VERIFY_SHOW_UNUSABLE_UIDS        (1<<6)
 #define VERIFY_PKA_LOOKUPS               (1<<7)
 #define VERIFY_PKA_TRUST_INCREASE        (1<<8)
+#define VERIFY_SHOW_PRIMARY_UID_ONLY     (1<<9)
 
 #define KEYSERVER_USE_TEMP_FILES         (1<<0)
 #define KEYSERVER_KEEP_TEMP_FILES        (1<<1)

sm/encrypt.c

@@ -76,8 +76,8 @@ init_dek (DEK dek)
       return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
     }
   
-  /* Extra check for algorithms we considere to be to weak for
-     encryption, qlthough we suppor them fro decryption.  Note that
+  /* Extra check for algorithms we consider to be too weak for
+     encryption, although we support them for decryption.  Note that
      there is another check below discriminating on the key length. */
   switch (dek->algo)
     {