diff options
| -rw-r--r-- | AUTHORS | 11 | ||||
| -rw-r--r-- | THANKS | 3 | ||||
| -rw-r--r-- | TODO | 2 | ||||
| -rw-r--r-- | cipher/ChangeLog | 5 | ||||
| -rw-r--r-- | cipher/rand-dummy.c | 12 | ||||
| -rw-r--r-- | cipher/rand-unix.c | 4 | ||||
| -rw-r--r-- | configure.in | 2 | ||||
| -rw-r--r-- | doc/FAQ | 263 | ||||
| -rw-r--r-- | g10/ChangeLog | 4 | ||||
| -rw-r--r-- | g10/getkey.c | 2 | ||||
| -rw-r--r-- | g10/keygen.c | 5 | ||||
| -rw-r--r-- | g10/mainproc.c | 4 | ||||
| -rw-r--r-- | g10/ringedit.c | 43 | ||||
| -rw-r--r-- | g10/signal.c | 9 | ||||
| -rw-r--r-- | g10/tdbio.c | 10 | ||||
| -rw-r--r-- | g10/trustdb.c | 165 | ||||
| -rw-r--r-- | include/util.h | 5 | ||||
| -rw-r--r-- | po/POTFILES.in | 2 | ||||
| -rw-r--r-- | po/de.po | 186 | ||||
| -rw-r--r-- | po/en.po | 17 | ||||
| -rw-r--r-- | tools/shmtest.c | 9 | ||||
| -rw-r--r-- | util/ChangeLog | 4 | ||||
| -rw-r--r-- | util/errors.c | 89 | ||||
| -rw-r--r-- | util/logger.c | 5 | ||||
| -rw-r--r-- | util/secmem.c | 4 | ||||
| -rw-r--r-- | util/strgutil.c | 26 | ||||
| -rw-r--r-- | zlib/Makefile | 321 |
27 files changed, 803 insertions, 409 deletions
@@ -10,11 +10,14 @@ mskala@ansuz.sooke.bc.ca GNUPG Natural Resources Canada 1998-08-11 Disclaims changes by Matthew Skala. -GNUPG Niklas Hernaeus ?????????? -(Weak key patches) +GNUPG Michael Roth Germany 1998-09-17 +Assigns changes (wrote cipher/des.c). +mroth@nessie.de + +GNUPG Niklas Hernaeus 1998-09-18 +Disclaims changes (Weak key patches). +nh@df.lth.se -GNUPG Michael Roth ?????????? -(DES code) TRANSLATIONS Marco d'Itri 1997-02-22 Disclaim @@ -24,6 +24,7 @@ Ian McKellar imckellar@harvestroad.com.au James Troup james@nocrew.org Jean-loup Gailly gzip@prep.ai.mit.edu Jens Bachem bachem@rrz.uni-koeln.de +John A. Martin jam@jamux.com Jörg Schilling schilling@fokus.gmd.de Karl Fogel kfogel@guanabana.onshore.com Karsten Thygesen karthy@kom.auc.dk @@ -36,7 +37,7 @@ Max Valianskiy maxcom@maxcom.ml.org Michael Roth mroth@nessie.de Michael Sobolev mss@despair.transas.com Nicolas Graner Nicolas.Graner@cri.u-psud.fr -Niklas Hernaeus nh@sleipner.df.lth.se +Niklas Hernaeus [Please don't spam him] Nimrod Zimerman zimerman@forfree.at Oskari Jääskeläinen f33003a@cc.hut.fi Paul D. Smith psmith@baynetworks.com @@ -1,4 +1,6 @@ + * check for working mmap() + * after creating a new uid, the preferences in the trustdb are not updated. We should always sync the trustdb in such cases. diff --git a/cipher/ChangeLog b/cipher/ChangeLog index 251f4df9d..ad6a76a37 100644 --- a/cipher/ChangeLog +++ b/cipher/ChangeLog @@ -1,3 +1,8 @@ +Tue Oct 6 10:06:32 1998 Werner Koch (wk@isil.d.shuttle.de) + + * rand-unix.c (HAVE_GETTIMEOFDAY): Fixed (was ..GETTIMEOFTIME :-) + * rand-dummy.c (HAVE_GETTIMEOFDAY): Ditto. + Mon Sep 28 13:23:09 1998 Werner Koch (wk@isil.d.shuttle.de) * md.c (md_digest): New. diff --git a/cipher/rand-dummy.c b/cipher/rand-dummy.c index e2c754ebb..2cb275bdc 100644 --- a/cipher/rand-dummy.c +++ b/cipher/rand-dummy.c @@ -30,7 +30,7 @@ #ifdef HAVE_GETHRTIME #include <sys/times.h> #endif -#ifndef HAVE_GETTIMEOFTIME +#ifdef HAVE_GETTIMEOFDAY #include <sys/times.h> #endif #ifdef HAVE_GETRUSAGE @@ -38,6 +38,9 @@ #endif #include <string.h> #include <unistd.h> +#ifdef __MINGW32__ + #include <process.h> +#endif #include <fcntl.h> #include "util.h" #include "ttyio.h" @@ -72,7 +75,7 @@ fast_random_poll() tv = gethrtime(); add_randomness( &tv, sizeof(tv), 1 ); } - #elif HAVE_GETTIMEOFTIME + #elif HAVE_GETTIMEOFDAY { struct timeval tv; if( gettimeofday( &tv, NULL ) ) BUG(); @@ -80,9 +83,12 @@ fast_random_poll() add_randomness( &tv.tv_usec, sizeof(tv.tv_usec), 1 ); } #else /* use times */ - { struct tms buf; + { + #ifndef __MINGW32__ + struct tms buf; times( &buf ); add_randomness( &buf, sizeof buf, 1 ); + #endif } #endif #ifdef HAVE_GETRUSAGE diff --git a/cipher/rand-unix.c b/cipher/rand-unix.c index 855b23b8e..33f964d58 100644 --- a/cipher/rand-unix.c +++ b/cipher/rand-unix.c @@ -30,7 +30,7 @@ #ifdef HAVE_GETHRTIME #include <sys/times.h> #endif -#ifndef HAVE_GETTIMEOFTIME +#ifdef HAVE_GETTIMEOFDAY #include <sys/times.h> #endif #ifdef HAVE_GETRUSAGE @@ -65,7 +65,7 @@ fast_random_poll() tv = gethrtime(); add_randomness( &tv, sizeof(tv), 1 ); } - #elif HAVE_GETTIMEOFTIME + #elif HAVE_GETTIMEOFDAY { struct timeval tv; if( gettimeofday( &tv, NULL ) ) BUG(); diff --git a/configure.in b/configure.in index bd5bc7b5a..633b33354 100644 --- a/configure.in +++ b/configure.in @@ -182,7 +182,7 @@ dnl Checks for library functions. AC_FUNC_VPRINTF AC_CHECK_FUNCS(strerror stpcpy strlwr tcgetattr rand strtoul mmap) AC_CHECK_FUNCS(memmove gettimeofday getrusage gethrtime setrlimit) -AC_CHECK_FUNCS(atexit raise getpagesize strftime) +AC_CHECK_FUNCS(memicmp atexit raise getpagesize strftime) WK_CHECK_MLOCK diff --git a/doc/FAQ b/doc/FAQ new file mode 100644 index 000000000..62003e2ec --- /dev/null +++ b/doc/FAQ @@ -0,0 +1,263 @@ + GNU Privacy Guard -- Frequently Asked Questions + ================================================= + + This FAQ is partly compiled from messages of the developers mailing list. + + Many thanks to Kirk Fort, Brian Warner, ... + + + Q: How does this whole thing work? + A: To generate a secret/public keypair, run + + gpg --gen-key + + and choose the default values. + + Data that is encrypted with a public key can only be decrypted by the + matching secret key. The secret key is protected by a password, the + public key is not. + + So to send your friend a message, you would encrypt your message with his + public key, and he would only be able to decrypt it by having the secret + key and putting in the password to use his secret key. + + GNUPG is also usefull for signing things. Things that are encrypted with + the secret key can be decrypted with the public key. To sign something, a + hash is taken of the data, and then the hash is in some form encoded + with the secret + key. If someone has your public key, they can verify that it is from + you and that it hasn't changed by checking the encoded form of the + hash with the public key. + + A keyring is just a large file that stores keys. You have a public keyring + where you store yours and your friend's public keys. You have a secret + keyring that you keep your secret key on, and be very careful with this + secret keyring: Never ever give anyone else access to it and use a *good* + passphrase to protect the data in it. + + You can 'conventionally' encrypt something by using the option 'gpg -c'. + It is encrypted using a passphrase, and does not use public and secret + keys. If the person you send the data to knows that passphrase, they can + decrypt it. This is usually most usefull for encrypting things to + yourself, although you can encrypt things to your own public key in the + same way. It should be used for communication with partners you know and + where it is easy to exchange the passphrases (e.g. with your boy friend or + your wife). The advantage is that you can chnage the passphrase from time + to time and decrease the risk, that many old messages may be decryptted by + people who accidently got your passphrase. + + You can add and copy keys to and from your keyring with the 'gpg --import' + and 'gpg --export' option. 'gpg --export-secret-keys' will export secret + keys. This is normally not usefull, but you can generate the key on one + machine then move it to another machine. + + Keys can be signed under the 'gpg --edit-key' option. When you sign a + key, you are saying that you are certain that the key belongs to the + person it says it comes from. You should be very sure that is really + taht person: You should verify the key fingerprint + + gpg --fingerprint user-id + + over phone (if you really know the voice of the other person) or at + a key signing party (which are often held at computer conferences) + or at a meeting of your local GNU/Linux User Group. + + Hmm, what else. You may use the option "-o filename" to force output + to this filename (use "-" to force output to stdout). + "-r" just lets you specify the recipient (which public key you encrypt with) + on the command line instead of typing it interactively. + + Oh yeah, this is important. By default all data is encrypted in some weird + binary format. If you want to have things appear in ascii text that is + readable, just add the '-a' option. But the preferred methos is to use + a MIME aware mail reader (Mutt, Pine and many more). + + There is a small security glitch in the OpenPGP (and therefor GNUPG) system; + to avoid this you should always sign and encrypt a message instead of only + encrypting it. + + + Q: What is the recommended key size? + A: 1024 bit for DSA signatures; even for plain ElGamal + signatures this is sufficient as the size of the hash + is probably the weakest link if the keyssize is larger + than 1024 bits. Encryption keys may have greater sizes, + but you should than check the fingerprint of this key. + + Q: Why are some signatures with an ELG-E key valid? + A: These are ElGamal Key generated by GNUPG in v3 (rfc1991) + packets. The OpenPGP draft later changed the algorithm + identifier for ElGamal keys which are usable for signatures + and encryption from 16 to 20. GNUPG now uses 20 when it + generates new ElGamal keys but still accept 16 (which is + according to OpenPGP "encryption only") if this key is in + a v3 packet. GNUPG is the only program which had used + these v3 ElGamal keys - so this assumption is quite safe. + + Q: Why is PGP 5.x not able to encrypt messages with my public key. + A: PGP Inc refuses to accept ElGamal keys of type 20 even for + encryption. They only supports type 16 (which are identical + at least for decryption). To be better interoperable, GNUPG + (starting with version 0.3.3) now also uses type 16 for the + ElGamal subkey which is created if the default key algorithm + is choosen. You may add an type 16 ElGamal key to your public + key which is easy as your key signatures are still valid. + + Q: I can't delete a user id because it is already deleted on my + public keyring. + A: Because you can only select from the public key ring, there is + no direct way to do this. However it is not so complicated + do to it anyway: Create a new user id with exactly the same name, + you will notice that there are two identical user ids on the + secret ring now. Now select this user id and delete it; both + user ids from the secret ring will be remoed. + + Q: How can I encrypt a message in way pgp 2.x is able to decrypt it later? + A: You can't do that because pgp 2.x normally uses IDEA which is not + supported by GNUPG because it is patented, but if you have a modified + version of PGP you can try this: + + gpg --rfc1991 --cipher-algo 3des ... + + Q: How can I conventional encrypt a message, so that PGP can decrypt it? + A: You can't do this for PGP 2. For PGP 5 you should use this: + + gpg -c --cipher-algo 3des --compress-algo 1 --no-comment myfile + + You may replace "3des" by "cast5"; "blowfish" does not work with + all versions of pgp5. You may also want to put + no-comment + compress-algo 1 + into your ~/.gnupg/options file - this does not affect the normal + gnupg operation. + + + Q: Why does it sometimes take so long to create keys? + A: The problem here is that we need a lot of random bytes and for that + we (on Linux the /dev/random device) must collect some random data. + It is really not easy to fill the Linux internal entropy buffer; I + talked to Ted Ts'o and he commited that the best way to fill the + buffer is to play with your keyboard. + Good security has it's price. + What I do is to hit several times on the shift,control, alternate, + capslock keys, as these keys do not produce any output to the screen. + This way you get your keys really fast (it's the same thing pgp2 does). + + Another problem might be another program which eats up your random bytes + (a program (look at your daemons) that reads from /dev/[u]random). + + Q: And it really takes long when I work on a remote system. Why? + A: Don't do this at all! + You should never create keys or even use gnupg on a remote system because + you normally have + no physical control over your secret keyring (which is in most cases + vulnerable to advanced dictionary attacks) - I strongly encourage + everyone to only create keys on a local computer (a disconnected + laptop is probably the best choice) and if you need it on your + connected box (I know: We all do this) be sure to have a strong + password for your account, your secret key and trust your Root. + + When I check gnupg on a remote system via ssh (I have no Alpha here ;-) + I have the same problem too: it takes *very* long to create the keys, + so I use a special option --quick-random to generate insecure keys which are + only good for some tests. + + + Q: How does the whole trust thing work? + A: It works more or less like PGP. The difference is, that the trust is + computed at the time it is needed; this is one of the reasons for the + trustdb which holds a list of valid key signatures. If you are not + running in batch mode you will be asked to assign a trust parameter + (ownertrust) to a key. I have plans to use a cache for calculated + trust values to speed up calcualtion. + + You can see the calculated trust value using this command: + + gpgm --list-keys --with-colons + + If the first field is "pub", the second field shows you the trust: + + o = Unknown (this key is new to the system) + e = The key has expired + q = Undefined (no value assigned) + n = Don't trust this key at all + m = There is marginal trust in this key + f = The key is full trusted. + u = The key is ultimately trusted; this + is only used for keys for which + the secret key is also available. + + You can get a list of the assigned ownertrust values (how far you trust + the owner to correctly sign another another ones key) + + gpgm --list-ownertrust + + The first field is the fingerprint of the primary key, the second one + the assigned value: + + - = No Ownertrust value yet assigned. + n = Never trust this keyholder to correctly verifiy others signatures. + m = Have marginal trust in the keyholders capability to sign other keys. + f = Assume that the key holder really knows how to sign keys. + u = No need to trust ourself because we have the secret key. + + Please keep these values confidential, as they express some opiones of + you about others. PGP does store these information with the keyring, so + it is not a good idea to publish the keyring instead of exporting the + keyring - gnupg stores the trust in the trust-DB and therefor it is okay + to give the keyring away (but we have a --export command too). + + + Q: What is the differenc between options and commands? + A: If you do a "gpg --help", you will get two separate lists. The first is a list + of commands. The second is a list of options. Whenever you run GPG, you *must* + pick exactly one command (**with one exception, see below). You *may* pick one + or more options. The command should, just by convention, come at the end of the + argument list, after all the options. If the command takes a file (all the + basic ones do), the filename comes at the very end. So the basic way to + run gpg is: + + gpg [--option something] [--option2] [--option3 something] --command file + + Some options take arguments, for example the --output option (which can be + abbreviated -o) is an option which takes a filename. The option's argument + must follow immediately after the option itself: otherwise gpg doesn't know + which option the argument is supposed to go with. As an option, --output and + its filename must come before the command. The --remote-user (-r) option takes + a name or keyid to encrypt the message to, which must come right after the -r + argument. The --encrypt (or -e) command comes after all the options, followed + by the file you wish to encrypt. So use: + + gpg -r alice -o secret.txt -e test.txt + + If you write the options out in full, it is easier to read: + + gpg --remote-user alice --output secret.txt --encrypt test.txt + + If you're saving it in a file called ".txt" then you'd probably expect to see + ascii-armored text in there, so you need to add the --armor (-a) option, + which doesn't take any arguments: + + gpg --armor --remote-user alice --output secret.txt --encrypt test.txt + + If you imagine square brackets around the optional parts, it becomes a bit + clearer: + + gpg [--armor] [--remote-user alice] [--output secret.txt] --encrypt test.txt + + The optional parts can be rearranged any way you want: + + gpg --output secret.txt --remote-user alice --armor --encrypt test.txt + + If your filename begins with a hyphen (e.g. "-a.txt"), gnupg assumes this is + an option and may complain. To avoid this you have either to use + "./-a.txt" or stop the option and command processing with two hyphens: + "-- -a.txt". + + ** the exception: signing and encrypting at the same time. Use + + gpg [--options] --sign --encrypt foo.txt + + + +[That's it for now.)] diff --git a/g10/ChangeLog b/g10/ChangeLog index 38a506d9c..911554abb 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,7 @@ +Sat Oct 3 11:01:21 1998 Werner Koch (wk@isil.d.shuttle.de) + + * keygen.c (ask_alogo): enable ElGamal enc-only only for addmode. + Wed Sep 30 10:15:33 1998 Werner Koch (wk@isil.d.shuttle.de) * import.c (import_one): Fixed update of wrong keyblock. diff --git a/g10/getkey.c b/g10/getkey.c index eed62e916..886d53cc9 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -1078,6 +1078,8 @@ enum_secret_keys( void **context, PKT_secret_key *sk, int with_subkeys ) } if( !sk ) { /* free the context */ + if( c->iobuf ) + iobuf_close(c->iobuf); m_free( c ); *context = NULL; return 0; diff --git a/g10/keygen.c b/g10/keygen.c index 1d1cdbfc2..3a7582013 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -384,7 +384,8 @@ ask_algo( int *ret_v4, int addmode ) if( !addmode ) tty_printf(_(" (%d) DSA and ElGamal (default)\n"), 1 ); tty_printf( _(" (%d) ElGamal (sign and encrypt)\n"), 2 ); - tty_printf( _(" (%d) ElGamal (encrypt only)\n"), 3 ); + if( addmode ) + tty_printf( _(" (%d) ElGamal (encrypt only)\n"), 3 ); tty_printf( _(" (%d) DSA (sign only)\n"), 4 ); tty_printf( _(" (%d) ElGamal in a v3 packet\n"), 5 ); @@ -402,7 +403,7 @@ ask_algo( int *ret_v4, int addmode ) algo = PUBKEY_ALGO_ELGAMAL; break; } - else if( algo == 3 ) { + else if( algo == 3 && addmode ) { algo = PUBKEY_ALGO_ELGAMAL_E; break; } diff --git a/g10/mainproc.c b/g10/mainproc.c index dd40c10f5..e5c83287a 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -848,7 +848,9 @@ check_sig_and_print( CTX c, KBNODE node ) rc = do_check_sig(c, node, NULL ); if( !rc || rc == G10ERR_BAD_SIGN ) { - write_status( rc? STATUS_BADSIG : STATUS_GOODSIG ); + char *us = get_user_id_string( sig->keyid ); + write_status_text( rc? STATUS_BADSIG : STATUS_GOODSIG, us ); + m_free(us); log_info(rc? _("BAD signature from \"") : _("Good signature from \"")); print_keyid( stderr, sig->keyid ); diff --git a/g10/ringedit.c b/g10/ringedit.c index 6f505ef2a..ace7adc5f 100644 --- a/g10/ringedit.c +++ b/g10/ringedit.c @@ -111,13 +111,9 @@ add_keyblock_resource( const char *filename, int force, int secret ) if( i == MAX_RESOURCES ) return G10ERR_RESOURCE_LIMIT; - #if __MINGW32__ - iobuf = NULL; - #else iobuf = iobuf_open( filename ); if( !iobuf && !force ) return G10ERR_OPEN_FILE; - #endif if( !iobuf ) { iobuf = iobuf_create( filename ); @@ -129,6 +125,12 @@ add_keyblock_resource( const char *filename, int force, int secret ) log_info("%s: keyring created\n", filename ); } + #ifdef __MINGW32__ + /* must close it again */ + iobuf_close( iobuf ); + iobuf = NULL; + #endif + resource_table[i].used = 1; resource_table[i].secret = !!secret; resource_table[i].fname = m_strdup(filename); @@ -329,7 +331,7 @@ read_keyblock( KBPOS *kbpos, KBNODE *ret_root ) * all others are reserved! * Note that you do not need a search prior to this function, * only a handle is needed. - * NOTE: It is not allowed to do an insert/update/delte with this + * NOTE: It is not allowed to do an insert/update/delete with this * keyblock, if you want to do this, use search/read! */ int @@ -706,7 +708,6 @@ keyring_enum( KBPOS *kbpos, KBNODE *ret_root, int skipsigs ) } - /**************** * Perform insert/delete/update operation. * mode 1 = insert @@ -768,10 +769,33 @@ keyring_copy( KBPOS *kbpos, int mode, KBNODE root ) } /* create the new file */ + #ifdef __MINGW32__ + /* Here is another Windoze bug?: + * you cant rename("pubring.gpg.tmp", "pubring.gpg"); + * but rename("pubring.gpg.tmp", "pubring.aaa"); + * works. So we replace .gpg by .bak or .tmp + */ + if( strlen(rentry->fname) > 4 + && !strcmp(rentry->fname+strlen(rentry->fname)-4, ".gpg") ) { + bakfname = m_alloc( strlen( rentry->fname ) + 1 ); + strcpy(bakfname,rentry->fname); + strcpy(bakfname+strlen(rentry->fname)-4, ".bak"); + tmpfname = m_alloc( strlen( rentry->fname ) + 1 ); + strcpy(tmpfname,rentry->fname); + strcpy(tmpfname+strlen(rentry->fname)-4, ".tmp"); + } + else { /* file does not end with gpg; hmmm */ + bakfname = m_alloc( strlen( rentry->fname ) + 5 ); + strcpy(stpcpy(bakfname,rentry->fname),".bak"); + tmpfname = m_alloc( strlen( rentry->fname ) + 5 ); + strcpy(stpcpy(tmpfname,rentry->fname),".tmp"); + } + #else bakfname = m_alloc( strlen( rentry->fname ) + 2 ); strcpy(stpcpy(bakfname,rentry->fname),"~"); tmpfname = m_alloc( strlen( rentry->fname ) + 5 ); strcpy(stpcpy(tmpfname,rentry->fname),".tmp"); + #endif newfp = iobuf_create( tmpfname ); if( !newfp ) { log_error("%s: can't create: %s\n", tmpfname, strerror(errno) ); @@ -857,6 +881,7 @@ keyring_copy( KBPOS *kbpos, int mode, KBNODE root ) goto leave; } /* if the new file is a secring, restrict the permissions */ + #ifndef __MINGW32__ if( rentry->secret ) { if( chmod( tmpfname, S_IRUSR | S_IWUSR ) ) { log_error("%s: chmod failed: %s\n", @@ -865,9 +890,11 @@ keyring_copy( KBPOS *kbpos, int mode, KBNODE root ) goto leave; } } + #endif + /* rename and make backup file */ if( !rentry->secret ) { /* but not for secret keyrings */ - #if __MINGW32__ + #ifdef __MINGW32__ remove( bakfname ); #endif if( rename( rentry->fname, bakfname ) ) { @@ -877,7 +904,7 @@ keyring_copy( KBPOS *kbpos, int mode, KBNODE root ) goto leave; } } - #if __MINGW32__ + #ifdef __MINGW32__ remove( rentry->fname ); #endif if( rename( tmpfname, rentry->fname ) ) { diff --git a/g10/signal.c b/g10/signal.c index c491329b4..d89b548b1 100644 --- a/g10/signal.c +++ b/g10/signal.c @@ -45,7 +45,7 @@ signal_name( int signum ) return sys_siglist[signum]; #else static char buf[20]; - sprintf( "signal %d", signum ); + sprintf(buf, "signal %d", signum ); return buf; #endif } @@ -70,7 +70,7 @@ got_usr_signal( int sig ) caught_sigusr1 = 1; } - +#ifndef __MINGW32__ static void do_sigaction( int sig, struct sigaction *nact ) { @@ -80,10 +80,12 @@ do_sigaction( int sig, struct sigaction *nact ) if( oact.sa_handler != SIG_IGN ) sigaction( sig, nact, NULL); } +#endif void init_signals() { + #ifndef __MINGW32__ struct sigaction nact; nact.sa_handler = got_fatal_signal; @@ -97,12 +99,14 @@ init_signals() do_sigaction( SIGSEGV, &nact ); nact.sa_handler = got_usr_signal; sigaction( SIGUSR1, &nact, NULL ); + #endif } void pause_on_sigusr( int which ) { + #ifndef __MINGW32__ sigset_t mask, oldmask; assert( which == 1 ); @@ -114,5 +118,6 @@ pause_on_sigusr( int which ) sigsuspend( &oldmask ); caught_sigusr1 = 0; sigprocmask( SIG_UNBLOCK, &mask, NULL ); + #endif } diff --git a/g10/tdbio.c b/g10/tdbio.c index 02950b502..ef29742fd 100644 --- a/g10/tdbio.c +++ b/g10/tdbio.c @@ -86,13 +86,17 @@ tdbio_set_dbname( const char *new_dbname, int create ) } *p = '/'; - fp =fopen( fname, "w" ); + fp =fopen( fname, "wb" ); if( !fp ) log_fatal_f( fname, _("can't create: %s\n"), strerror(errno) ); fclose(fp); m_free(db_name); db_name = fname; + #ifdef __MINGW32__ + db_fd = open( db_name, O_RDWR | O_BINARY ); + #else db_fd = open( db_name, O_RDWR ); + #endif if( db_fd == -1 ) log_fatal_f( db_name, _("can't open: %s\n"), strerror(errno) ); @@ -131,7 +135,11 @@ open_db() TRUSTREC rec; assert( db_fd == -1 ); + #ifdef __MINGW32__ + db_fd = open( db_name, O_RDWR | O_BINARY ); + #else db_fd = open( db_name, O_RDWR ); + #endif if( db_fd == -1 ) log_fatal_f( db_name, _("can't open: %s\n"), strerror(errno) ); if( tdbio_read_record( 0, &rec, RECTYPE_VER ) ) diff --git a/g10/trustdb.c b/g10/trustdb.c index 2ecc2e2bc..702ce8e70 100644 --- a/g10/trustdb.c +++ b/g10/trustdb.c @@ -410,6 +410,7 @@ verify_own_keys() rc = 0; leave: + enum_secret_keys( &enum_context, NULL, 0 ); /* free context */ free_secret_key( sk ); free_public_key( pk ); return rc; @@ -1945,6 +1946,8 @@ clear_trust_checked_flag( PKT_public_key *pk ) * Update all the info from the public keyblock, the signatures-checked * flag is reset. The key must already exist in the keydb. * Note: This function clears all keyblock flags. + * + * Implementation of this function needs a cache for tdbio record updates */ int update_trust_record( KBNODE keyblock ) @@ -1954,6 +1957,7 @@ update_trust_record( KBNODE keyblock ) TRUSTREC drec; int modified = 0; int rc = 0; + ulong recno, newrecno; clear_kbnode_flags( keyblock ); node = find_kbnode( keyblock, PKT_PUBLIC_KEY ); @@ -1961,20 +1965,172 @@ update_trust_record( KBNODE keyblock ) rc = get_dir_record( primary_pk, &drec ); if( rc ) return rc; +#if 0 + /* fixme: start a transaction */ + /* now upate keys and user ids */ + for( node=keyblock; node; node = node->next ) { + if( node->pkt->pkttype == PKT_PUBLIC_KEY + || node->pkt->pkttype == PKT_PUBLIC_SUBKEY ) { + PKT_public_key *pk = node->pkt->pkt.public_key; + byte fpr[MAX_FINGERPRINT_LEN]; + size_t fprlen; + TRUSTREC krec; + + fingerprint_from_pk( pk, fpr, &fprlen ); + /* do we already have this key? */ + for( recno=drec.r.dir.keylist; recno; recno = krec.r.key.next ) { + rc = tdbio_read_record( recno, &krec, RECTYPE_KEY ); + if( rc ) { + log_error("lid %lu: read key record failed: %s\n", + primary_pk->local_id, g10_errstr(rc)); + goto leave; + } + if( krec.r.key.fingerprint_len == fprlen + && !memcmp( krec.r.key.fingerprint_len, fpr, fprlen ) ) + break; + } + if( recno ) { /* yes */ + /* here we would compare/update the keyflags */ + } + else { /* no: insert this new key */ + memset( krec, 0, sizeof(krec) ); + krec.rectype = RECTYPE_KEY; + krec.r.key.pubkey_algo = pk->pubkey_algo; + krec.r.key.fingerprint_len = fprlen; + memcpy(krec.r.key.fingerprint, fpr, fprlen ); + krec.recnum = newrecno = tdbio_new_recnum(); + if( tdbio_write_record( krec ) ) { + log_error("writing key record failed\n"); + rc = G10ERR_TRUSTDB; + goto leave; + } + /* and put this new record at the end of the keylist */ + if( !(recno=drec.r.dir.keylist) ) { + /* this is the first key */ + drec.r.dir.keylist = newrecno; + modified = 1; + } + else { /* we already have key, append it to the list */ + for( ; recno; recno = krec.r.key.next ) { + rc = tdbio_read_record( recno, &krec, RECTYPE_KEY ); + if( rc ) { + log_error("lid %lu: read key record failed: %s\n", + primary_pk->local_id, g10_errstr(rc)); + goto leave; + } + } + krec.r.key.next = newrecno; + if( tdbio_write_record( krec ) ) { + log_error("writing key record failed\n"); + rc = G10ERR_TRUSTDB; + goto leave; + } + } + } /* end insert new key */ + } /* end packet type public key packet */ + else if( node->pkt->pkttype == PKT_USER_ID ) { + PKT_user_id *uid = node->pkt->pkt.user_id; + TRUSTREC urec; + byte nhash[20]; + rmd160_hash_buffer( nhash, uid->name, uid->len ); + for( recno=dir->r.dir.uidlist; recno; recno = urec->r.uid.next ) { + rc = tdbio_read_record( recno, urec, RECTYPE_UID ); + if( rc ) { + if( rc == -1 ) + rc = G10ERR_READ_FILE + log_error("lid %lu, uid %02X%02X: read error\n" + primary_pk->local_id, nhash[18], nhash[19] ); + goto leave; + } + if( !memcmp( nhash, urec->r.uid.namehash, 20 ) ) + break; + } + if( !recno ) { /* new user id */ + + } + + } + else if( node->pkt->pkttype == PKT_SIGNATURE ) { + PKT_signature *sig = node->pkt->pkt.signature; + + if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] + && (node->pkt->pkt.signature->sig_class&~3) == 0x10 ) { + /* must verify this selfsignature here, so that we can + * build the preference record and validate the uid record + */ + if( !uidlist ) { + log_error("key %08lX: self-signature without user id\n", + (ulong)keyid[1] ); + } + else if( (rc = check_key_signature( keyblock, node, NULL ))) { + log_error("key %08lX, uid %02X%02X: " + "invalid self-signature: %s\n", + (ulong)keyid[1], uidlist->r.uid.namehash[18], + uidlist->r.uid.namehash[19], g10_errstr(rc) ); + rc = 0; + } + else { /* build the prefrecord */ + static struct { + sigsubpkttype_t subpkttype; + int preftype; + } prefs[] = { + { SIGSUBPKT_PREF_SYM, PREFTYPE_SYM }, + { SIGSUBPKT_PREF_HASH, PREFTYPE_HASH }, + { SIGSUBPKT_PREF_COMPR, PREFTYPE_COMPR }, + { 0, 0 } + }; + const byte *s; + size_t n; + int k, i; + assert(uidlist); + assert(!uidlist->help_pref); + uidlist->mark |= 1; /* mark valid */ + + i = 0; + for(k=0; prefs[k].subpkttype; k++ ) { + s = parse_sig_subpkt2( sig, prefs[k].subpkttype, &n ); + if( s ) { + while( n ) { + if( !i || i >= ITEMS_PER_PREF_RECORD ) { + rec = m_alloc_clear( sizeof *rec ); + rec->rectype = RECTYPE_PREF; + rec->next = uidlist->help_pref; + uidlist->help_pref = rec; + i = 0; + } + rec->r.pref.data[i++] = prefs[k].preftype; + rec->r.pref.data[i++] = *s++; + n--; + } + } + } + } + } + else if( 0 /* is revocation sig etc */ ) { + /* handle it here */ + } + else { /* not a selfsignature */ + } + } + } /* end loop over all nodes */ if( drec.r.dir.dirflags & DIRF_CHECKED ) /* <<--- FIXME: remove this! */ modified = 1; - if( modified ) { + leave: + if( rc ) + ; /* fixme: cancel transaction */ + else if( modified ) { /* reset the checked flag */ drec.r.dir.dirflags &= ~DIRF_CHECKED; rc = tdbio_write_record( &drec ); if( rc ) log_error("update_trust_record: write dir record failed: %s\n", g10_errstr(rc)); + /* fixme: commit_transaction */ } - +#endif return rc; } @@ -2004,6 +2160,11 @@ rel_mem_uidnode( u32 *keyid, int err, TRUSTREC *rec ) * * We build everything we can do at this point. We cannot build * the sig records, because their LIDs are needed and we may not have them. + * + * + * FIXME: This is too complicated: Most of the stuff is duplicated in + * update_trustdb and it will be easier to use a trust record cache instead + * of the complicated lists. */ int insert_trust_record( PKT_public_key *orig_pk ) diff --git a/include/util.h b/include/util.h index 05610452c..a79b8ef72 100644 --- a/include/util.h +++ b/include/util.h @@ -146,13 +146,16 @@ STRLIST add_to_strlist( STRLIST *list, const char *string ); STRLIST append_to_strlist( STRLIST *list, const char *string ); STRLIST strlist_prev( STRLIST head, STRLIST node ); STRLIST strlist_last( STRLIST node ); -int memicmp( const char *a, const char *b, size_t n ); const char *memistr( const char *buf, size_t buflen, const char *sub ); char *mem2str( char *, const void *, size_t); char *trim_spaces( char *string ); int string_count_chr( const char *string, int c ); #define stricmp(a,b) strcasecmp((a),(b)) + +#ifndef HAVE_MEMICMP +int memicmp( const char *a, const char *b, size_t n ); +#endif #ifndef HAVE_STPCPY char *stpcpy(char *a,const char *b); #endif diff --git a/po/POTFILES.in b/po/POTFILES.in index 6b5f524bc..b8e36082a 100644 --- a/po/POTFILES.in +++ b/po/POTFILES.in @@ -5,6 +5,8 @@ util/secmem.c util/argparse.c util/miscutil.c +util/errors.c +util/logger.c # cipher cipher/random.c @@ -27,6 +27,192 @@ msgstr "ja" msgid "yY" msgstr "jJ" + +#: util/errors.c:54 +msgid "General error" +msgstr "Allgemeiner Fehler" + +#: util/errors.c:55 +msgid "Unknown packet type" +msgstr "Unbekannter Packet Typ" + +#: util/errors.c:56 +msgid "Unknown version" +msgstr "Unbekannte Version" + +#: util/errors.c:57 +msgid "Unknown pubkey algorithm" +msgstr "Unbekanntes Public-Key Verfahren" + +#: util/errors.c:58 +msgid "Unknown digest algorithm" +msgstr "Unbekannte Hashmethode" + +#: util/errors.c:59 +msgid "Bad public key" +msgstr "Falscher öffentlicher Schüssel" + +#: util/errors.c:60 +msgid "Bad secret key" +msgstr "Falcher geheimer Schlüssel" + +#: util/errors.c:61 +msgid "Bad signature" +msgstr "Falsche Signatur" + +#: util/errors.c:62 +msgid "Checksum error" +msgstr "Prüfsummen Fehler" + +#: util/errors.c:63 +msgid "Bad passphrase" +msgstr "Falsche \"Passphrase\"" + +#: util/errors.c:64 +msgid "Public key not found" +msgstr "Öffentlicher Schlüssel nicht gefunden" + +#: util/errors.c:65 +msgid "Unknown cipher algorithm" +msgstr "Unbekanntes Verschlüsselungsverfahren" + +#: util/errors.c:66 +msgid "Can't open the keyring" +msgstr "Der Schlüsselring kann nicht geöffnet werden" + +#: util/errors.c:67 +msgid "Invalid packet" +msgstr "Ungültiges Packet" + +#: util/errors.c:68 +msgid "Invalid armor" +msgstr "Ungültige ASCII-Hülle" + +#: util/errors.c:69 +msgid "No such user id" +msgstr "Keine User-ID" + +#: util/errors.c:70 +msgid "Secret key not available" +msgstr "Geheimer Schlüssel ist nicht vorhanden" + +#: util/errors.c:71 +msgid "Wrong secret key used" +msgstr "Falscher geheimer Schlüssel benutzt" + +#: util/errors.c:72 +msgid "Not supported" +msgstr "Wird nicht unterstützt" + +#: util/errors.c:73 +msgid "Bad key" +msgstr "Falscher Schlüssel" + +#: util/errors.c:74 +msgid "File read error" +msgstr "Dateilesefehler" + +#: util/errors.c:75 +msgid "File write error" +msgstr "Dateischreibfehler" + +#: util/errors.c:76 +msgid "Unknown compress algorithm" +msgstr "Unbekanntes Komprimierverfahren" + +#: util/errors.c:77 +msgid "File open error" +msgstr "Fehler beim öffnen der Datei" + +#: util/errors.c:78 +msgid "File create error" +msgstr "Fehler beim erzeugen der Datei" + +#: util/errors.c:79 +msgid "Invalid passphrase" +msgstr "Ungültige \"Passphrase\"" + +#: util/errors.c:80 +msgid "Unimplemented pubkey algorithm" +msgstr "Öffentliches Schlüsselverfahren ist nicht implementiert." + +#: util/errors.c:81 +msgid "Unimplemented cipher algorithm" +msgstr "Verschlüsselungsverfahren ist nicht implementiert" + +#: util/errors.c:82 +msgid "Unknown signature class" +msgstr "Unbekannte Signatur-Klasse" + +#: util/errors.c:83 +msgid "Trust database error" +msgstr "Fehler in der Trust-DB" + +#: util/errors.c:84 +msgid "Bad MPI" +msgstr "Falsche MPI" + +#: util/errors.c:85 +msgid "Resource limit" +msgstr "Zu wenig Resourcen" + +#: util/errors.c:86 +msgid "Invalid keyring" +msgstr "Ungültiger Schlüsselring" + +#: util/errors.c:87 +msgid "Bad certificate" +msgstr "Falsches Zertifikat" + +#: util/errors.c:88 +msgid "Malformed user id" +msgstr "Falsch geformte User-ID" + +#: util/errors.c:89 +msgid "File close error" +msgstr "Fehler beim schließen der Datei" + +#: util/errors.c:90 +msgid "File rename error" +msgstr "Fehler beim umbennen einer Datei" + +#: util/errors.c:91 +msgid "File delete error" +msgstr "Fehler beim löchen einer Datei" + +#: util/errors.c:92 +msgid "Unexpected data" +msgstr "Unerwartete Daten" + +#: util/errors.c:93 +msgid "Timestamp conflict" +msgstr "Zeitstempel Konflikt" + +#: util/errors.c:94 +msgid "Unusable pubkey algorithm" +msgstr "Unbenutzbares öffentliches Schlüsselverfahren" + +#: util/errors.c:95 +msgid "File exists" +msgstr "Date existier bereits" + +#: util/errors.c:96 +msgid "Weak key" +msgstr "Schwacher Schlüssel" + +#: util/logger.c:177 +#, c-format +msgid "Ohhhh jeeee ... this is a bug (%s:%d:%s)\n" +msgstr "Ohhh jeeee ... dies ist eine Wanze (Programmfehler) (%s:%d:%s)\n" + +#: util/logger.c:183 +#, c-format +msgid "you found a bug ... (%s:%d)\n" +msgstr "Sie haben eine Wanze (Programmfehler) gefunden ... (%s:%d)\n" + + + + #: cipher/rand-dummy.c:106 msgid "warning: using insecure random number generator!!\n" msgstr "Der Zufallszahlengenerator erzeugt keine echten Zufallszahlen!\n" @@ -725,7 +725,22 @@ msgstr "" #: g10/keygen.c:393 msgid "keygen.algo" -msgstr "Select the algorithm to use:Needs more explanation here." +msgstr "" +"Select the algorithm to use.\n" +"DSA (aka DSS) is the digital signature algorithm which can only be used\n" +"for signatures. This is the suggested algorithm because verification of\n" +"DSA signatures are much faster than those of ElGamal\n" +"ElGamal is a algorithm which can be used for signatures and encryption.\n" +"OpenPGP distunguishs between two flavors of this algorithms: a encrypt only\n" +"and a sign+encrypt; actually it is the same, but some parameters must be\n" +"selected in a special way to create a safe key for signatures: this program\n" +"does this but other OpenPGP implemenations are not required to understand\n" +"the signature+encryption flavor.\n" +"The first (primary) key must always be a key which is capable of signing;\n" +"this is the reason why the ecrytion only ElGamal key is disabled in this.\n" +"You should not select the \"ElGamal in a v3 packet\", because that key is\n" +"not compatible to other OpenPGP implementations." + #: g10/keygen.c:393 msgid "Your selection? " diff --git a/tools/shmtest.c b/tools/shmtest.c index 5d8e01910..fb336bd2e 100644 --- a/tools/shmtest.c +++ b/tools/shmtest.c @@ -19,6 +19,13 @@ #include "ttyio.h" #include "i18n.h" +#ifdef __MINGW32__ +int main( int argc, char **argv ) +{ + fprintf(stderr, "Sorry, not yet available for Windoze\n"); + exit(1); +} +#else static int serverpid = -1; @@ -186,4 +193,4 @@ main(int argc, char **argv) } - +#endif /* !__MINGW32__ */ diff --git a/util/ChangeLog b/util/ChangeLog index 4eb7b9697..05c624430 100644 --- a/util/ChangeLog +++ b/util/ChangeLog @@ -1,3 +1,7 @@ +Tue Oct 6 09:53:56 1998 Werner Koch (wk@isil.d.shuttle.de) + + * strgutil.c (memicmp): Add HAVE_MEMICMP. + Mon Sep 21 19:45:01 1998 Werner Koch (wk@(none)) * secmem.c: New flags to allow suspend/resume of warnings. diff --git a/util/errors.c b/util/errors.c index dc3f7e811..b4db10b17 100644 --- a/util/errors.c +++ b/util/errors.c @@ -24,6 +24,7 @@ #include <stdarg.h> #include "errors.h" +#include "i18n.h" #ifndef HAVE_STRERROR char * @@ -50,52 +51,52 @@ g10_errstr( int err ) switch( err ) { case -1: p = "eof"; break; case 0: p = "okay"; break; - X(GENERAL, "General error") - X(UNKNOWN_PACKET, "Unknown packet type") - X(UNKNOWN_VERSION,"Unknown version") - X(PUBKEY_ALGO ,"Unknown pubkey algorithm") - X(DIGEST_ALGO ,"Unknown digest algorithm") - X(BAD_PUBKEY ,"Bad public key") - X(BAD_SECKEY ,"Bad secret key") - X(BAD_SIGN ,"Bad signature") - X(CHECKSUM , "Checksum error") - X(BAD_PASS , "Bad passphrase") - X(NO_PUBKEY ,"Public key not found") - X(CIPHER_ALGO ,"Unknown cipher algorithm") - X(KEYRING_OPEN ,"Can't open the keyring") - X(INVALID_PACKET ,"Invalid packet") - X(INVALID_ARMOR ,"Invalid armor") - X(NO_USER_ID ,"No such user id") - X(NO_SECKEY ,"Secret key not available") - X(WRONG_SECKEY ,"Wrong secret key used") - X(UNSUPPORTED ,"Not supported") - X(BAD_KEY ,"Bad key") - X(READ_FILE ,"File read error") - X(WRITE_FILE ,"File write error") - X(COMPR_ALGO ,"Unknown compress algorithm") - X(OPEN_FILE ,"File open error") - X(CREATE_FILE ,"File create error") - X(PASSPHRASE ,"Invalid passphrase") - X(NI_PUBKEY ,"Unimplemented pubkey algorithm") - X(NI_CIPHER ,"Unimplemented cipher algorithm") - X(SIG_CLASS ,"Unknown signature class") - X(TRUSTDB ,"Trust database error") - X(BAD_MPI ,"Bad MPI") - X(RESOURCE_LIMIT ,"Resource limit") - X(INV_KEYRING ,"Invalid keyring") - X(BAD_CERT ,"Bad certificate") - X(INV_USER_ID ,"Malformed user id") - X(CLOSE_FILE ,"File close error") - X(RENAME_FILE ,"File rename error") - X(DELETE_FILE ,"File delete error") - X(UNEXPECTED ,"Unexpected data") - X(TIME_CONFLICT ,"Timestamp conflict") - X(WR_PUBKEY_ALGO ,"Unusable pubkey algorithm") - X(FILE_EXISTS ,"File exists") - X(WEAK_KEY ,"Weak key") + X(GENERAL, N_("General error")) + X(UNKNOWN_PACKET, N_("Unknown packet type")) + X(UNKNOWN_VERSION,N_("Unknown version")) + X(PUBKEY_ALGO ,N_("Unknown pubkey algorithm")) + X(DIGEST_ALGO ,N_("Unknown digest algorithm")) + X(BAD_PUBKEY ,N_("Bad public key")) + X(BAD_SECKEY ,N_("Bad secret key")) + X(BAD_SIGN ,N_("Bad signature")) + X(CHECKSUM , N_("Checksum error")) + X(BAD_PASS , N_("Bad passphrase")) + X(NO_PUBKEY ,N_("Public key not found")) + X(CIPHER_ALGO ,N_("Unknown cipher algorithm")) + X(KEYRING_OPEN ,N_("Can't open the keyring")) + X(INVALID_PACKET ,N_("Invalid packet")) + X(INVALID_ARMOR ,N_("Invalid armor")) + X(NO_USER_ID ,N_("No such user id")) + X(NO_SECKEY ,N_("Secret key not available")) + X(WRONG_SECKEY ,N_("Wrong secret key used")) + X(UNSUPPORTED ,N_("Not supported")) + X(BAD_KEY ,N_("Bad key")) + X(READ_FILE ,N_("File read error")) + X(WRITE_FILE ,N_("File write error")) + X(COMPR_ALGO ,N_("Unknown compress algorithm")) + X(OPEN_FILE ,N_("File open error")) + X(CREATE_FILE ,N_("File create error")) + X(PASSPHRASE ,N_("Invalid passphrase")) + X(NI_PUBKEY ,N_("Unimplemented pubkey algorithm")) + X(NI_CIPHER ,N_("Unimplemented cipher algorithm")) + X(SIG_CLASS ,N_("Unknown signature class")) + X(TRUSTDB ,N_("Trust database error")) + X(BAD_MPI ,N_("Bad MPI")) + X(RESOURCE_LIMIT ,N_("Resource limit")) + X(INV_KEYRING ,N_("Invalid keyring")) + X(BAD_CERT ,N_("Bad certificate")) + X(INV_USER_ID ,N_("Malformed user id")) + X(CLOSE_FILE ,N_("File close error")) + X(RENAME_FILE ,N_("File rename error")) + X(DELETE_FILE ,N_("File delete error")) + X(UNEXPECTED ,N_("Unexpected data")) + X(TIME_CONFLICT ,N_("Timestamp conflict")) + X(WR_PUBKEY_ALGO ,N_("Unusable pubkey algorithm")) + X(FILE_EXISTS ,N_("File exists")) + X(WEAK_KEY ,N_("Weak key")) default: p = buf; sprintf(buf, "g10err=%d", err); break; } #undef X - return p; + return _(p); } diff --git a/util/logger.c b/util/logger.c index aabeaec7d..60f59da8a 100644 --- a/util/logger.c +++ b/util/logger.c @@ -24,6 +24,7 @@ #include <stdarg.h> #include "util.h" +#include "i18n.h" static char pidstring[15]; static char *pgm_name; @@ -173,13 +174,13 @@ g10_log_bug( const char *fmt, ... ) void g10_log_bug0( const char *file, int line, const char *func ) { - log_bug("you found a bug ... (%s:%d:%s)\n", file, line, func ); + log_bug(_("Ohhhh jeeee ... this is a bug (%s:%d:%s)\n"), file, line, func ); } #else void g10_log_bug0( const char *file, int line ) { - log_bug("you found a bug ... (%s:%d)\n", file, line); + log_bug(_("you found a bug ... (%s:%d)\n"), file, line); } #endif diff --git a/util/secmem.c b/util/secmem.c index 1f1616a18..ffcb45674 100644 --- a/util/secmem.c +++ b/util/secmem.c @@ -160,7 +160,7 @@ init_pool( size_t n) } #endif if( pool == (void*)-1 ) - log_error("can't mmap pool of %u bytes: %s - using malloc\n", + log_info("can't mmap pool of %u bytes: %s - using malloc\n", (unsigned)poolsize, strerror(errno)); else { pool_is_mmapped = 1; @@ -217,6 +217,7 @@ void secmem_init( size_t n ) { if( !n ) { + #ifndef __MINGW32__ uid_t uid; disable_secmem=1; @@ -225,6 +226,7 @@ secmem_init( size_t n ) if( setuid( uid ) ) log_fatal("failed to drop setuid\n" ); } + #endif } else { if( n < DEFAULT_POOLSIZE ) diff --git a/util/strgutil.c b/util/strgutil.c index d19ba6e54..809b0c3f2 100644 --- a/util/strgutil.c +++ b/util/strgutil.c @@ -92,17 +92,6 @@ strlist_last( STRLIST node ) - -int -memicmp( const char *a, const char *b, size_t n ) -{ - for( ; n; n--, a++, b++ ) - if( *a != *b && toupper(*(const byte*)a) != toupper(*(const byte*)b) ) - return *(const byte *)a - *(const byte*)b; - return 0; -} - - /**************** * look for the substring SUB in buffer and return a pointer to that * substring in BUF or NULL if not found. @@ -217,3 +206,18 @@ strlwr(char *s) } #endif +/**************** + * mingw32/cpd has a memicmp() + */ +#ifndef HAVE_MEMICMP +int +memicmp( const char *a, const char *b, size_t n ) +{ + for( ; n; n--, a++, b++ ) + if( *a != *b && toupper(*(const byte*)a) != toupper(*(const byte*)b) ) + return *(const byte *)a - *(const byte*)b; + return 0; +} +#endif + + diff --git a/zlib/Makefile b/zlib/Makefile deleted file mode 100644 index 19fb03b42..000000000 --- a/zlib/Makefile +++ /dev/null @@ -1,321 +0,0 @@ -# Generated automatically from Makefile.in by configure. -# Makefile.in generated automatically by automake 1.2f from Makefile.am - -# Copyright (C) 1994, 1995, 1996, 1997, 1998 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -# Process this file with automake to produce Makefile.in -# Copyright (C) 1995-1996 Jean-loup Gailly. -# For conditions of distribution and use, see copyright notice in zlib.h -# This is used if a systems lacks support of zlib - - -SHELL = /bin/sh - -srcdir = . -top_srcdir = .. -prefix = /usr/local -exec_prefix = ${prefix} - -bindir = ${exec_prefix}/bin -sbindir = ${exec_prefix}/sbin -libexecdir = ${exec_prefix}/libexec -datadir = ${prefix}/share -sysconfdir = ${prefix}/etc -sharedstatedir = ${prefix}/com -localstatedir = ${prefix}/var -libdir = ${exec_prefix}/lib -infodir = ${prefix}/info -mandir = ${prefix}/man -includedir = ${prefix}/include -oldincludedir = /usr/include - -pkgdatadir = $(datadir)/gnupg -pkglibdir = $(libdir)/gnupg -pkgincludedir = $(includedir)/gnupg - -top_builddir = .. - -ACLOCAL = aclocal -AUTOCONF = autoconf -AUTOMAKE = automake -AUTOHEADER = autoheader - -INSTALL = /usr/bin/install -c -INSTALL_PROGRAM = ${INSTALL} -INSTALL_DATA = ${INSTALL} -m 644 -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -transform = s,x,x, - -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_alias = i586-pc-linux-gnu -build_triplet = i586-pc-linux-gnu -host_alias = i586-pc-linux-gnu -host_triplet = i586-pc-linux-gnu -target_alias = i586-pc-linux-gnu -target_triplet = i586-pc-linux-gnu -CATALOGS = en.gmo de.gmo it.gmo fr.gmo -CATOBJEXT = .gmo -CC = gcc -CPP = gcc -E -DATADIRNAME = share -DYNLINK_LDFLAGS = -rdynamic -G10_LOCALEDIR = /usr/local//locale -GENCAT = -GMOFILES = en.gmo de.gmo it.gmo fr.gmo -GMSGFMT = /usr/local/bin/msgfmt -GT_NO = -GT_YES = #YES# -INCLUDE_LOCALE_H = #include <locale.h> -INSTOBJEXT = .mo -INTLDEPS = $(top_builddir)/intl/libintl.a -INTLLIBS = $(top_builddir)/intl/libintl.a -INTLOBJS = $(GETTOBJS) -MKINSTALLDIRS = scripts/mkinstalldirs -MPI_EXTRA_ASM_OBJS = -MSGFMT = /usr/local/bin/msgfmt -PACKAGE = gnupg -POFILES = en.po de.po it.po fr.po -POSUB = po -RANLIB = ranlib -USE_INCLUDED_LIBINTL = yes -USE_NLS = yes -VERSION = 0.4.0a -ZLIBS = -l = - -CFLAGS = -O -Wall - -EXTRA_DIST = README algorithm.doc ChangeLog example.c - -# I found no other easy way to use this only if zlib is neede -# doing this with SUBDIR = @xxx@ in the top Makefile.am does not -# work because automake doesn't scan this Makefile.am here. -#noinst_LIBRARIES = libzlib.a - -libzlib_a_SOURCES = adler32.c compress.c crc32.c gzio.c \ - uncompr.c deflate.c trees.c zutil.c \ - inflate.c infblock.c inftrees.c \ - infcodes.c infutil.c inffast.c \ - zlib.h zconf.h deflate.h infblock.h \ - infcodes.h inffast.h inftrees.h infutil.h zutil.h - -CLEANFILES = example foo.gz -mkinstalldirs = $(SHELL) $(top_srcdir)/scripts/mkinstalldirs -CONFIG_HEADER = ../config.h -CONFIG_CLEAN_FILES = -LIBRARIES = $(noinst_LIBRARIES) - - -DEFS = -DHAVE_CONFIG_H -I. -I$(srcdir) -I.. -CPPFLAGS = -LDFLAGS = -LIBS = -ldl -lz -libzlib_a_LIBADD = -libzlib_a_OBJECTS = adler32.o compress.o crc32.o gzio.o uncompr.o \ -deflate.o trees.o zutil.o inflate.o infblock.o inftrees.o infcodes.o \ -infutil.o inffast.o -AR = ar -COMPILE = $(CC) $(DEFS) $(INCLUDES) $(CPPFLAGS) $(CFLAGS) -LINK = $(CC) $(CFLAGS) $(LDFLAGS) -o $@ -DIST_COMMON = README ChangeLog Makefile.am Makefile.in - - -DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) - -TAR = tar -GZIP = --best -DEP_FILES = .deps/adler32.P .deps/compress.P .deps/crc32.P \ -.deps/deflate.P .deps/gzio.P .deps/infblock.P .deps/infcodes.P \ -.deps/inffast.P .deps/inflate.P .deps/inftrees.P .deps/infutil.P \ -.deps/trees.P .deps/uncompr.P .deps/zutil.P -SOURCES = $(libzlib_a_SOURCES) -OBJECTS = $(libzlib_a_OBJECTS) - -default: all - -.SUFFIXES: -.SUFFIXES: .S .c .o .s -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) - cd $(top_srcdir) && $(AUTOMAKE) --gnu zlib/Makefile - -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status $(BUILT_SOURCES) - cd $(top_builddir) \ - && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status - - -mostlyclean-noinstLIBRARIES: - -clean-noinstLIBRARIES: - -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) - -distclean-noinstLIBRARIES: - -maintainer-clean-noinstLIBRARIES: - -.s.o: - $(COMPILE) -c $< - -.S.o: - $(COMPILE) -c $< - -mostlyclean-compile: - -rm -f *.o core *.core - -clean-compile: - -distclean-compile: - -rm -f *.tab.c - -maintainer-clean-compile: - -libzlib.a: $(libzlib_a_OBJECTS) $(libzlib_a_DEPENDENCIES) - -rm -f libzlib.a - $(AR) cru libzlib.a $(libzlib_a_OBJECTS) $(libzlib_a_LIBADD) - $(RANLIB) libzlib.a - -tags: TAGS - -ID: $(HEADERS) $(SOURCES) $(LISP) - here=`pwd` && cd $(srcdir) \ - && mkid -f$$here/ID $(SOURCES) $(HEADERS) $(LISP) - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ - || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) - -mostlyclean-tags: - -clean-tags: - -distclean-tags: - -rm -f TAGS ID - -maintainer-clean-tags: - -distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) - -subdir = zlib - -distdir: $(DISTFILES) - here=`cd $(top_builddir) && pwd`; \ - top_distdir=`cd $(top_distdir) && pwd`; \ - distdir=`cd $(distdir) && pwd`; \ - cd $(top_srcdir) \ - && $(AUTOMAKE) --include-deps --build-dir=$$here --srcdir-name=$(top_srcdir) --output-dir=$$top_distdir --gnu zlib/Makefile - @for file in $(DISTFILES); do \ - d=$(srcdir); \ - test -f $(distdir)/$$file \ - || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ - || cp -p $$d/$$file $(distdir)/$$file; \ - done - -DEPS_MAGIC := $(shell mkdir .deps > /dev/null 2>&1 || :) - --include $(DEP_FILES) - -mostlyclean-depend: - -clean-depend: - -distclean-depend: - -maintainer-clean-depend: - -rm -rf .deps - -%.o: %.c - @echo '$(COMPILE) -c $<'; \ - $(COMPILE) -Wp,-MD,.deps/$(*F).P -c $< - -%.lo: %.c - @echo '$(LTCOMPILE) -c $<'; \ - $(LTCOMPILE) -Wp,-MD,.deps/$(*F).p -c $< - @-sed -e 's/^\([^:]*\)\.o:/\1.lo \1.o:/' \ - < .deps/$(*F).p > .deps/$(*F).P - @-rm -f .deps/$(*F).p -info: -dvi: -check: all - $(MAKE) -installcheck: -install-exec: - @$(NORMAL_INSTALL) - -install-data: - @$(NORMAL_INSTALL) - -install: install-exec install-data all - @: - -uninstall: - -all: Makefile $(LIBRARIES) - -install-strip: - $(MAKE) INSTALL_PROGRAM='$(INSTALL_PROGRAM) -s' INSTALL_SCRIPT='$(INSTALL_PROGRAM)' install -installdirs: - - -mostlyclean-generic: - -test -z "$(MOSTLYCLEANFILES)" || rm -f $(MOSTLYCLEANFILES) - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -rm -f Makefile $(DISTCLEANFILES) - -rm -f config.cache config.log stamp-h stamp-h[0-9]* - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - -test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES) - -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) -mostlyclean: mostlyclean-noinstLIBRARIES mostlyclean-compile \ - mostlyclean-tags mostlyclean-depend mostlyclean-generic - -clean: clean-noinstLIBRARIES clean-compile clean-tags clean-depend \ - clean-generic mostlyclean - -distclean: distclean-noinstLIBRARIES distclean-compile distclean-tags \ - distclean-depend distclean-generic clean - -rm -f config.status - -maintainer-clean: maintainer-clean-noinstLIBRARIES \ - maintainer-clean-compile maintainer-clean-tags \ - maintainer-clean-depend maintainer-clean-generic \ - distclean - @echo "This command is intended for maintainers to use;" - @echo "it deletes files that may require special tools to rebuild." - -.PHONY: default mostlyclean-noinstLIBRARIES distclean-noinstLIBRARIES \ -clean-noinstLIBRARIES maintainer-clean-noinstLIBRARIES \ -mostlyclean-compile distclean-compile clean-compile \ -maintainer-clean-compile tags mostlyclean-tags distclean-tags \ -clean-tags maintainer-clean-tags distdir mostlyclean-depend \ -distclean-depend clean-depend maintainer-clean-depend info dvi \ -installcheck install-exec install-data install uninstall all \ -installdirs mostlyclean-generic distclean-generic clean-generic \ -maintainer-clean-generic clean mostlyclean distclean maintainer-clean - - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: |