Imported Upstream version 2.0.29

diff --git a/AUTHORS b/AUTHORS
index 323954b..9b57c16 100644 (file)
--- a/AUTHORS
+++ b/AUTHORS
@@ -183,10 +183,8 @@ name gpg2keys_*.
 
 =========
 
- Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
-           2006, 2007, 2008, 2009, 2010, 2011,
-           2012, 2013 Free Software Foundation, Inc.
- Copyright 1997, 1998, 2013, 2014 Werner Koch
+ Copyright 1997-2015 Werner Koch
+ Copyright 1998-2013 Free Software Foundation, Inc.
 
  This file is free software; as a special exception the author gives
  unlimited permission to copy and/or distribute it, with or without

diff --git a/NEWS b/NEWS
index d86126e..14ab547 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,19 @@
+Noteworthy changes in version 2.0.29 (2015-09-08)
+-------------------------------------------------
+
+ * gpg: Print a PGP-2 fingerprint again instead of a row of "0".
+
+ * gpg: Fixed a race condition from multiple several "gpg --verify".
+
+ * gpg: Print FAILURE status lines to help GPGME.
+
+ * gpgsm: Fixed a regression in CSR generation.
+
+ * scdaemon: Fixed problems with some pinpads.
+
+ * Fixed a few other bugs.
+
+
 Noteworthy changes in version 2.0.28 (2015-06-02)
 -------------------------------------------------
 

diff --git a/README b/README
index a33598e..a031c5e 100644 (file)
--- a/README
+++ b/README
@@ -2,8 +2,8 @@
                       =======================
                             Version 2.0
 
+   Copyright 1997-2015 Werner Koch
    Copyright 1998-2015 Free Software Foundation, Inc.
-   Copyright 1997-1998, 2013-2015 Werner Koch
 
 
 INTRODUCTION

diff --git a/common/status.h b/common/status.h
index cfb64ca..f101bf0 100644 (file)
--- a/common/status.h
+++ b/common/status.h
@@ -20,7 +20,7 @@
 #ifndef GNUPG_COMMON_STATUS_H
 #define GNUPG_COMMON_STATUS_H
 
-enum 
+enum
   {
     STATUS_ENTER,
     STATUS_LEAVE,
@@ -39,7 +39,7 @@ enum
     STATUS_TRUST_MARGINAL,
     STATUS_TRUST_FULLY,
     STATUS_TRUST_ULTIMATE,
-  
+
     STATUS_NEED_PASSPHRASE,
     STATUS_VALIDSIG,
     STATUS_SIG_ID,
@@ -59,20 +59,20 @@ enum
     STATUS_ERRMDC,
     STATUS_IMPORTED,
     STATUS_IMPORT_OK,
-    STATUS_IMPORT_PROBLEM, 
+    STATUS_IMPORT_PROBLEM,
     STATUS_IMPORT_RES,
     STATUS_IMPORT_CHECK,
 
     STATUS_FILE_START,
     STATUS_FILE_DONE,
     STATUS_FILE_ERROR,
-  
+
     STATUS_BEGIN_DECRYPTION,
     STATUS_END_DECRYPTION,
     STATUS_BEGIN_ENCRYPTION,
     STATUS_END_ENCRYPTION,
     STATUS_BEGIN_SIGNING,
-  
+
     STATUS_DELETE_PROBLEM,
 
     STATUS_GET_BOOL,
@@ -126,6 +126,7 @@ enum
 
     STATUS_TRUNCATED,
     STATUS_ERROR,
+    STATUS_FAILURE,
     STATUS_SUCCESS
 };
 

diff --git a/configure.ac b/configure.ac
index c93e762..665c2b7 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -26,7 +26,7 @@ min_automake_version="1.14"
 # (git tag -s gnupg-2.n.m) and run "./autogen.sh --force".  Please
 # bump the version number immediately *after* the release and do
 # another commit and push so that the git magic is able to work.
-m4_define([mym4_version], [2.0.28])
+m4_define([mym4_version], [2.0.29])
 
 # Below is m4 magic to extract and compute the git revision number,
 # the decimalized short revision number, a beta version string and a

diff --git a/doc/DETAILS b/doc/DETAILS
index 65974dd..645814a 100644 (file)
--- a/doc/DETAILS
+++ b/doc/DETAILS
@@ -434,9 +434,9 @@ more arguments in future versions.
     DECRYPTION_OKAY
        The decryption process succeeded.  This means, that either the
        correct secret key has been used or the correct passphrase
-       for a conventional encrypted message was given.  The program
-       itself may return an errorcode because it may not be possible to
-       verify a signature for some reasons.
+       for a symmetric with passphrase encrypted message was given.
+        The program itself may return an errorcode because it may not
+        be possible to verify a signature for some reasons.
 
     NO_PUBKEY  <long keyid>
     NO_SECKEY  <long keyid>

diff --git a/doc/gpg-agent.texi b/doc/gpg-agent.texi
index b7b0d4c..9f20704 100644 (file)
--- a/doc/gpg-agent.texi
+++ b/doc/gpg-agent.texi
@@ -1177,7 +1177,7 @@ Replaced by a single @code{@@}
 @subsection Ask for a passphrase
 
 This function is usually used to ask for a passphrase to be used for
-conventional encryption, but may also be used by programs which need
+symmetric encryption, but may also be used by programs which need
 special handling of passphrases.  This command uses a syntax which helps
 clients to use the agent with minimum effort.
 

diff --git a/doc/gpg.texi b/doc/gpg.texi
index 06e772e..ee31d75 100644 (file)
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -1719,12 +1719,7 @@ can be done if someone else has write access to your public keyring.
 
 @item --no-sig-create-check
 @opindex no-sig-create-check
-GnuPG normally verifies each signature right after creation to protect
-against bugs and hardware malfunctions which could leak out bits from
-the secret key. This extra verification needs some time (about 115%
-for DSA keys), and so this option can be used to disable it.
-However, due to the fact that the signature creation needs manual
-interaction, this performance penalty does not matter in most settings.
+This option is obsolete.  It has no function.
 
 @item --auto-check-trustdb
 @itemx --no-auto-check-trustdb
@@ -2266,9 +2261,9 @@ to consider (e.g. @option{--symmetric}).
 @item --s2k-cipher-algo @code{name}
 @opindex s2k-cipher-algo
 Use @code{name} as the cipher algorithm used to protect secret keys.
-The default cipher is CAST5. This cipher is also used for
-conventional encryption if @option{--personal-cipher-preferences} and
-@option{--cipher-algo} is not given.
+The default cipher is CAST5. This cipher is also used for symmetric
+encryption with a passphrase if @option{--personal-cipher-preferences}
+and @option{--cipher-algo} is not given.
 
 @item --s2k-digest-algo @code{name}
 @opindex s2k-digest-algo
@@ -2281,7 +2276,7 @@ Selects how passphrases are mangled. If @code{n} is 0 a plain
 passphrase (which is not recommended) will be used, a 1 adds a salt to
 the passphrase and a 3 (the default) iterates the whole process a
 number of times (see --s2k-count).  Unless @option{--rfc1991} is used,
-this mode is also used for conventional encryption.
+this mode is also used for symmetric encryption with a passphrase.
 
 @item --s2k-count @code{n}
 @opindex s2k-count
@@ -3473,7 +3468,7 @@ sense.  Although OpenPGP works with time intervals, GnuPG uses an
 absolute value internally and thus the last year we can represent is
 2105.
 
-@item  Ceation-Date: @var{iso-date}
+@item Creation-Date: @var{iso-date}
 Set the creation date of the key as stored in the key information and
 which is also part of the fingerprint calculation.  Either a date like
 "1986-04-26" or a full timestamp like "19860426T042640" may be used.

diff --git a/g10/build-packet.c b/g10/build-packet.c
index e986987..5cc03cf 100644 (file)
--- a/g10/build-packet.c
+++ b/g10/build-packet.c
@@ -398,7 +398,8 @@ do_secret_key( IOBUF out, int ctb, PKT_secret_key *sk )
 
       assert (gcry_mpi_get_flag (sk->skey[npkey], GCRYMPI_FLAG_OPAQUE));
       p = gcry_mpi_get_opaque (sk->skey[npkey], &ndatabits );
-      iobuf_write (a, p, (ndatabits+7)/8 );
+      if (p)
+        iobuf_write (a, p, (ndatabits+7)/8 );
     }
   else if ( sk->is_protected )
     {
@@ -410,7 +411,8 @@ do_secret_key( IOBUF out, int ctb, PKT_secret_key *sk )
 
           assert (gcry_mpi_get_flag (sk->skey[i], GCRYMPI_FLAG_OPAQUE));
           p = gcry_mpi_get_opaque (sk->skey[i], &ndatabits);
-          iobuf_write (a, p, (ndatabits+7)/8);
+          if (p)
+            iobuf_write (a, p, (ndatabits+7)/8);
         }
       write_16(a, sk->csum );
     }

diff --git a/g10/cpr.c b/g10/cpr.c
index 0fc45b1..3142ac4 100644 (file)
--- a/g10/cpr.c
+++ b/g10/cpr.c
@@ -303,6 +303,20 @@ write_status_begin_signing (gcry_md_hd_t md)
 }
 
 
+/* Write a FAILURE status line.  */
+void
+write_status_failure (const char *where, gpg_error_t err)
+{
+  if (!statusfp || !status_currently_allowed (STATUS_FAILURE))
+    return;  /* Not enabled or allowed. */
+
+  fprintf (statusfp, "[GNUPG:] %s %s %u\n",
+           get_status_string (STATUS_FAILURE), where, err);
+  if (fflush (statusfp) && opt.exit_on_status_write_error)
+    g10_exit (0);
+}
+
+
 static int
 myread(int fd, void *buf, size_t count)
 {

diff --git a/g10/getkey.c b/g10/getkey.c
index a27c8e2..476445f 100644 (file)
--- a/g10/getkey.c
+++ b/g10/getkey.c
@@ -1414,6 +1414,7 @@ get_seckeyblock_byfprint (KBNODE *ret_keyblock, const byte *fprint,
     return G10ERR_GENERAL; /* Oops */
 
   memset (&ctx, 0, sizeof ctx);
+  ctx.exact = 1 ;
   ctx.not_allocated = 1;
   ctx.kr_handle = keydb_new (1);
   ctx.nitems = 1;
@@ -3098,6 +3099,9 @@ get_ctx_handle(GETKEY_CTX ctx)
 static void
 free_akl(struct akl *akl)
 {
+  if (! akl)
+    return;
+
   if(akl->spec)
     free_keyserver_spec(akl->spec);
 

diff --git a/g10/gpg.c b/g10/gpg.c
index 060495e..97975fb 100644 (file)
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -1,6 +1,7 @@
 /* gpg.c - The GnuPG utility (main for gpg)
- * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
- *               2006, 2007, 2008, 2009, 2010 Free Software Foundation, Inc.
+ * Copyright (C) 1998-2011 Free Software Foundation, Inc.
+ * Copyright (C) 1997-2015 Werner Koch
+ * Copyright (C) 2015 g10 Code GmbH
  *
  * This file is part of GnuPG.
  *
@@ -331,7 +332,6 @@ enum cmd_and_opt_values
     oNoExpensiveTrustChecks,
     oFixedListMode,
     oNoSigCache,
-    oNoSigCreateCheck,
     oAutoCheckTrustDB,
     oNoAutoCheckTrustDB,
     oPreservePermissions,
@@ -697,7 +697,6 @@ static ARGPARSE_OPTS opts[] = {
   ARGPARSE_s_n (oAutoKeyRetrieve, "auto-key-retrieve", "@"),
   ARGPARSE_s_n (oNoAutoKeyRetrieve, "no-auto-key-retrieve", "@"),
   ARGPARSE_s_n (oNoSigCache,         "no-sig-cache", "@"),
-  ARGPARSE_s_n (oNoSigCreateCheck,   "no-sig-create-check", "@"),
   ARGPARSE_s_n (oAutoCheckTrustDB, "auto-check-trustdb", "@"),
   ARGPARSE_s_n (oNoAutoCheckTrustDB, "no-auto-check-trustdb", "@"),
   ARGPARSE_s_n (oMergeOnly,      "merge-only", "@" ),
@@ -776,6 +775,7 @@ static ARGPARSE_OPTS opts[] = {
   /* Dummy options.  */
   ARGPARSE_s_n (oNoop, "sk-comments", "@"),
   ARGPARSE_s_n (oNoop, "no-sk-comments", "@"),
+  ARGPARSE_s_n (oNoop, "no-sig-create-check", "@"),
 
   ARGPARSE_end ()
 };
@@ -2816,7 +2816,6 @@ main (int argc, char **argv)
             }
             break;
           case oNoSigCache: opt.no_sig_cache = 1; break;
-          case oNoSigCreateCheck: opt.no_sig_create_check = 1; break;
          case oAllowNonSelfsignedUID: opt.allow_non_selfsigned_uid = 1; break;
          case oNoAllowNonSelfsignedUID: opt.allow_non_selfsigned_uid=0; break;
          case oAllowFreeformUID: opt.allow_freeform_uid = 1; break;
@@ -3506,15 +3505,21 @@ main (int argc, char **argv)
        if( argc > 1 )
            wrong_args(_("--store [filename]"));
        if( (rc = encode_store(fname)) )
+          {
+            write_status_failure ("store", rc);
            log_error ("storing `%s' failed: %s\n",
                        print_fname_stdin(fname),g10_errstr(rc) );
+          }
        break;
       case aSym: /* encrypt the given file only with the symmetric cipher */
        if( argc > 1 )
            wrong_args(_("--symmetric [filename]"));
        if( (rc = encode_symmetric(fname)) )
+          {
+            write_status_failure ("symencrypt", rc);
             log_error (_("symmetric encryption of `%s' failed: %s\n"),
                         print_fname_stdin(fname),g10_errstr(rc) );
+          }
        break;
 
       case aEncr: /* encrypt the given file */
@@ -3525,8 +3530,11 @@ main (int argc, char **argv)
            if( argc > 1 )
              wrong_args(_("--encrypt [filename]"));
            if( (rc = encode_crypt(fname,remusr,0)) )
-             log_error("%s: encryption failed: %s\n",
-                       print_fname_stdin(fname), g10_errstr(rc) );
+              {
+                write_status_failure ("encrypt", rc);
+                log_error("%s: encryption failed: %s\n",
+                          print_fname_stdin(fname), g10_errstr(rc) );
+              }
          }
        break;
 
@@ -3546,8 +3554,11 @@ main (int argc, char **argv)
        else
          {
            if( (rc = encode_crypt(fname,remusr,1)) )
-             log_error("%s: encryption failed: %s\n",
-                       print_fname_stdin(fname), g10_errstr(rc) );
+              {
+                write_status_failure ("encrypt", rc);
+                log_error("%s: encryption failed: %s\n",
+                          print_fname_stdin(fname), g10_errstr(rc) );
+              }
          }
        break;
 
@@ -3566,7 +3577,10 @@ main (int argc, char **argv)
            }
        }
        if( (rc = sign_file( sl, detached_sig, locusr, 0, NULL, NULL)) )
+          {
+            write_status_failure ("sign", rc);
            log_error("signing failed: %s\n", g10_errstr(rc) );
+          }
        free_strlist(sl);
        break;
 
@@ -3580,8 +3594,11 @@ main (int argc, char **argv)
        else
            sl = NULL;
        if( (rc = sign_file(sl, detached_sig, locusr, 1, remusr, NULL)) )
+          {
+            write_status_failure ("sign-encrypt", rc);
            log_error("%s: sign+encrypt failed: %s\n",
                      print_fname_stdin(fname), g10_errstr(rc) );
+          }
        free_strlist(sl);
        break;
 
@@ -3604,8 +3621,11 @@ main (int argc, char **argv)
            else
              sl = NULL;
            if( (rc = sign_file(sl, detached_sig, locusr, 2, remusr, NULL)) )
-             log_error("%s: symmetric+sign+encrypt failed: %s\n",
-                       print_fname_stdin(fname), g10_errstr(rc) );
+              {
+                write_status_failure ("sign-encrypt", rc);
+                log_error("%s: symmetric+sign+encrypt failed: %s\n",
+                          print_fname_stdin(fname), g10_errstr(rc) );
+              }
            free_strlist(sl);
          }
        break;
@@ -3615,16 +3635,22 @@ main (int argc, char **argv)
            wrong_args(_("--sign --symmetric [filename]"));
        rc = sign_symencrypt_file (fname, locusr);
         if (rc)
+          {
+            write_status_failure ("sign-symencrypt", rc);
            log_error("%s: sign+symmetric failed: %s\n",
                       print_fname_stdin(fname), g10_errstr(rc) );
+          }
        break;
 
       case aClearsign: /* make a clearsig */
        if( argc > 1 )
            wrong_args(_("--clearsign [filename]"));
        if( (rc = clearsign_file(fname, locusr, NULL)) )
+          {
+            write_status_failure ("sign", rc);
            log_error("%s: clearsign failed: %s\n",
                       print_fname_stdin(fname), g10_errstr(rc) );
+          }
        break;
 
       case aVerify:
@@ -3638,6 +3664,8 @@ main (int argc, char **argv)
            if( (rc = verify_signatures( argc, argv ) ))
              log_error("verify signatures failed: %s\n", g10_errstr(rc) );
          }
+        if (rc)
+          write_status_failure ("verify", rc);
        break;
 
       case aDecrypt:
@@ -3648,7 +3676,10 @@ main (int argc, char **argv)
            if( argc > 1 )
              wrong_args(_("--decrypt [filename]"));
            if( (rc = decrypt_message( fname ) ))
-             log_error("decrypt_message failed: %s\n", g10_errstr(rc) );
+              {
+                write_status_failure ("decrypt", rc);
+                log_error("decrypt_message failed: %s\n", g10_errstr(rc));
+              }
          }
        break;
 
@@ -3782,11 +3813,20 @@ main (int argc, char **argv)
        if(rc)
          {
            if(cmd==aSendKeys)
-             log_error(_("keyserver send failed: %s\n"),g10_errstr(rc));
+              {
+                write_status_failure ("send-keys", rc);
+                log_error(_("keyserver send failed: %s\n"),g10_errstr(rc));
+              }
            else if(cmd==aRecvKeys)
-             log_error(_("keyserver receive failed: %s\n"),g10_errstr(rc));
+              {
+                write_status_failure ("recv-keys", rc);
+                log_error(_("keyserver receive failed: %s\n"),g10_errstr(rc));
+              }
            else
-             log_error(_("key export failed: %s\n"),g10_errstr(rc));
+              {
+                write_status_failure ("export", rc);
+                log_error(_("key export failed: %s\n"),g10_errstr(rc));
+              }
          }
        free_strlist(sl);
        break;
@@ -3797,7 +3837,10 @@ main (int argc, char **argv)
          append_to_strlist2( &sl, *argv, utf8_strings );
        rc=keyserver_search( sl );
        if(rc)
-         log_error(_("keyserver search failed: %s\n"),g10_errstr(rc));
+          {
+            write_status_failure ("search-keys", rc);
+            log_error(_("keyserver search failed: %s\n"), g10_errstr(rc));
+          }
        free_strlist(sl);
        break;
 
@@ -3807,7 +3850,10 @@ main (int argc, char **argv)
            append_to_strlist2( &sl, *argv, utf8_strings );
        rc=keyserver_refresh(sl);
        if(rc)
-         log_error(_("keyserver refresh failed: %s\n"),g10_errstr(rc));
+          {
+            write_status_failure ("refresh-keys", rc);
+            log_error(_("keyserver refresh failed: %s\n"),g10_errstr(rc));
+          }
        free_strlist(sl);
        break;
 
@@ -3817,7 +3863,10 @@ main (int argc, char **argv)
            append_to_strlist2( &sl, *argv, utf8_strings );
        rc=keyserver_fetch(sl);
        if(rc)
-         log_error("key fetch failed: %s\n",g10_errstr(rc));
+          {
+            write_status_failure ("fetch-keys", rc);
+            log_error("key fetch failed: %s\n",g10_errstr(rc));
+          }
        free_strlist(sl);
        break;
 
@@ -3858,7 +3907,10 @@ main (int argc, char **argv)
            wrong_args("--dearmor [file]");
        rc = dearmor_file( argc? *argv: NULL );
        if( rc )
+          {
+            write_status_failure ("dearmor", rc);
            log_error(_("dearmoring failed: %s\n"), g10_errstr(rc));
+          }
        break;
 
       case aEnArmor:
@@ -3866,7 +3918,10 @@ main (int argc, char **argv)
            wrong_args("--enarmor [file]");
        rc = enarmor_file( argc? *argv: NULL );
        if( rc )
+          {
+            write_status_failure ("enarmor", rc);
            log_error(_("enarmoring failed: %s\n"), g10_errstr(rc));
+          }
        break;
 
 
@@ -4055,7 +4110,7 @@ main (int argc, char **argv)
         else if (argc == 1)
             change_pin (atoi (*argv),1);
         else
-        wrong_args ("--change-pin [no]");
+          wrong_args ("--change-pin [no]");
         break;
 #endif /* ENABLE_CARD_SUPPORT*/
 
@@ -4107,7 +4162,10 @@ main (int argc, char **argv)
            }
            rc = proc_packets(NULL, a );
            if( rc )
+              {
+                write_status_failure ("-", rc);
                log_error("processing message failed: %s\n", g10_errstr(rc) );
+              }
            iobuf_close(a);
        }
        break;

diff --git a/g10/keyid.c b/g10/keyid.c
index 6af0f48..83020e9 100644 (file)
--- a/g10/keyid.c
+++ b/g10/keyid.c
@@ -115,14 +115,18 @@ hash_public_key( gcry_md_hd_t md, PKT_public_key *pk )
   if(npkey==0 && pk->pkey[0]
      && gcry_mpi_get_flag (pk->pkey[0], GCRYMPI_FLAG_OPAQUE))
     {
-      gcry_md_write (md, pp[0], nn[0]);
+      if (pp[0])
+        gcry_md_write (md, pp[0], nn[0]);
     }
   else
-    for(i=0; i < npkey; i++ )
-      {
-       gcry_md_write ( md, pp[i], nn[i] );
-       xfree(pp[i]);
-      }
+    {
+      for(i=0; i < npkey; i++ )
+        {
+          if (pp[i])
+            gcry_md_write ( md, pp[i], nn[i] );
+          xfree(pp[i]);
+        }
+    }
 }
 
 static gcry_md_hd_t
@@ -666,7 +670,7 @@ fingerprint_from_pk( PKT_public_key *pk, byte *array, size_t *ret_len )
 
   if ( pk->version < 4 )
     {
-      if ( is_RSA(pk->pubkey_algo) && opt.flags.allow_weak_digest_algos)
+      if (is_RSA(pk->pubkey_algo))
         {
           /* RSA in version 3 packets is special. */
           gcry_md_hd_t md;

diff --git a/g10/keylist.c b/g10/keylist.c
index bb19bc3..457695b 100644 (file)
--- a/g10/keylist.c
+++ b/g10/keylist.c
@@ -1590,6 +1590,14 @@ print_fingerprint (PKT_public_key *pk, PKT_secret_key *sk, int mode )
         putc ('\n', fp);
     else
         tty_printf ("\n");
+
+    if (n==16 && !opt.with_colons && !opt.flags.allow_weak_digest_algos)
+      {
+        if (fp)
+          fprintf (fp, _("WARNING: a PGP-2 fingerprint is not safe\n"));
+        else
+          tty_printf (_("WARNING: a PGP-2 fingerprint is not safe\n"));
+      }
 }
 
 /* Print the serial number of an OpenPGP card if available. */

diff --git a/g10/main.h b/g10/main.h
index 4ee1b73..86fbabe 100644 (file)
--- a/g10/main.h
+++ b/g10/main.h
@@ -163,6 +163,7 @@ void set_status_fd ( int fd );
 int  is_status_enabled ( void );
 void write_status ( int no );
 void write_status_error (const char *where, int errcode);
+void write_status_failure (const char *where, gpg_error_t err);
 void write_status_text ( int no, const char *text );
 void write_status_strings (int no, const char *text,
                            ...) GNUPG_GCC_A_SENTINEL(0);

diff --git a/g10/options.h b/g10/options.h
index 9b12b77..cc8718e 100644 (file)
--- a/g10/options.h
+++ b/g10/options.h
@@ -194,7 +194,6 @@ struct
   int try_all_secrets;
   int no_expensive_trust_checks;
   int no_sig_cache;
-  int no_sig_create_check;
   int no_auto_check_trustdb;
   int preserve_permissions;
   int no_homedir_creation;

diff --git a/g10/seckey-cert.c b/g10/seckey-cert.c
index 9995aa4..ad2f52d 100644 (file)
--- a/g10/seckey-cert.c
+++ b/g10/seckey-cert.c
@@ -40,7 +40,6 @@ do_check( PKT_secret_key *sk, const char *tryagain_text, int mode,
           int *canceled )
 {
     gpg_error_t err;
-    byte *buffer;
     u16 csum=0;
     int i, res;
     size_t nbytes;
@@ -116,10 +115,13 @@ do_check( PKT_secret_key *sk, const char *tryagain_text, int mode,
             p = gcry_mpi_get_opaque ( sk->skey[i], &ndatabits );
             ndata = (ndatabits+7)/8;
 
-            if ( ndata > 1 )
+            if ( ndata > 1 && p )
                 csumc = p[ndata-2] << 8 | p[ndata-1];
            data = xmalloc_secure ( ndata );
-           gcry_cipher_decrypt ( cipher_hd, data, ndata, p, ndata );
+            if (p)
+              gcry_cipher_decrypt ( cipher_hd, data, ndata, p, ndata );
+            else
+              memset (data, 0, ndata);
            gcry_mpi_release (sk->skey[i]); sk->skey[i] = NULL ;
 
            p = data;
@@ -129,7 +131,7 @@ do_check( PKT_secret_key *sk, const char *tryagain_text, int mode,
                    attack */
                 sk->csum = 0;
                 csum = 1;
-                if( ndata < 20 ) 
+                if( ndata < 20 )
                     log_error("not enough bytes for SHA-1 checksum\n");
                 else {
                     gcry_md_hd_t h;
@@ -139,7 +141,7 @@ do_check( PKT_secret_key *sk, const char *tryagain_text, int mode,
                     gcry_md_write (h, data, ndata - 20);
                     gcry_md_final (h);
                     if (!memcmp (gcry_md_read (h, DIGEST_ALGO_SHA1),
-                                 data + ndata - 20, 20) ) 
+                                 data + ndata - 20, 20) )
                       {
                         /* Digest does match.  We have to keep the old
                            style checksum in sk->csum, so that the
@@ -147,7 +149,7 @@ do_check( PKT_secret_key *sk, const char *tryagain_text, int mode,
                            This test gets used when we are adding new
                            keys. */
                         sk->csum = csum = checksum (data, ndata-20);
-                      } 
+                      }
                     gcry_md_close (h);
                 }
             }
@@ -197,21 +199,28 @@ do_check( PKT_secret_key *sk, const char *tryagain_text, int mode,
 
                 assert (gcry_mpi_get_flag (sk->skey[i], GCRYMPI_FLAG_OPAQUE));
                 p = gcry_mpi_get_opaque (sk->skey[i], &ndatabits);
-                ndata = (ndatabits+7)/8;
-                assert (ndata >= 2);
-                assert (ndata == ((p[0] << 8 | p[1]) + 7)/8 + 2);
-                buffer = xmalloc_secure (ndata);
-               gcry_cipher_sync (cipher_hd);
-                buffer[0] = p[0];
-                buffer[1] = p[1];
-                gcry_cipher_decrypt (cipher_hd, buffer+2, ndata-2,
-                                     p+2, ndata-2);
-                csum += checksum (buffer, ndata);
-                gcry_mpi_release (sk->skey[i]);
-
-               err = gcry_mpi_scan( &sk->skey[i], GCRYMPI_FMT_PGP,
-                                    buffer, ndata, &ndata );
-               xfree (buffer);
+                if (!p)
+                  err = -1;
+                else
+                  {
+                    byte *buffer;
+
+                    ndata = (ndatabits+7)/8;
+                    assert (ndata >= 2);
+                    assert (ndata == ((p[0] << 8 | p[1]) + 7)/8 + 2);
+                    buffer = xmalloc_secure (ndata);
+                    gcry_cipher_sync (cipher_hd);
+                    buffer[0] = p[0];
+                    buffer[1] = p[1];
+                    gcry_cipher_decrypt (cipher_hd, buffer+2, ndata-2,
+                                         p+2, ndata-2);
+                    csum += checksum (buffer, ndata);
+                    gcry_mpi_release (sk->skey[i]);
+
+                    err = gcry_mpi_scan( &sk->skey[i], GCRYMPI_FMT_PGP,
+                                         buffer, ndata, &ndata );
+                    xfree (buffer);
+                  }
                 if (err)
                   {
                     /* Checksum was okay, but not correctly
@@ -346,11 +355,11 @@ protect_secret_key( PKT_secret_key *sk, DEK *dek )
 
        if ( openpgp_cipher_test_algo ( sk->protect.algo ) ) {
             /* Unsupport protection algorithm. */
-            rc = gpg_error (GPG_ERR_CIPHER_ALGO); 
+            rc = gpg_error (GPG_ERR_CIPHER_ALGO);
         }
        else {
            print_cipher_algo_note( sk->protect.algo );
-           
+
            if ( openpgp_cipher_open (&cipher_hd, sk->protect.algo,
                                      GCRY_CIPHER_MODE_CFB,
                                      (GCRY_CIPHER_SECURE
@@ -399,10 +408,10 @@ protect_secret_key( PKT_secret_key *sk, DEK *dek )
                    p += narr[j];
                    xfree(bufarr[j]);
                }
-                
+
                 if (opt.simple_sk_checksum) {
                     log_info (_("generating the deprecated 16-bit checksum"
-                              " for secret key protection\n")); 
+                              " for secret key protection\n"));
                     csum = checksum( data, ndata-2);
                     sk->csum = csum;
                     *p++ =     csum >> 8;
@@ -458,7 +467,7 @@ protect_secret_key( PKT_secret_key *sk, DEK *dek )
                    gcry_cipher_encrypt (cipher_hd, data+2, nbytes,
                                          buffer, nbytes);
                    xfree( buffer );
-                    
+
                     gcry_mpi_release (sk->skey[i]);
                     sk->skey[i] = gcry_mpi_set_opaque (NULL,
                                                        data, (nbytes+2)*8 );

diff --git a/g10/sign.c b/g10/sign.c
index e7e79cc..58bc981 100644 (file)
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -291,10 +291,16 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig,
         gcry_mpi_release (frame);
       }
 
-    if (!rc && !opt.no_sig_create_check) {
+    if (!rc
+#if GCRYPT_VERSION_NUMBER >= 0x010700 /* Libgcrypt >= 1.7 */
+        && is_DSA (sk->pubkey_algo)
+#endif /* Libgcrypt >= 1.7 */
+        )
+      {
         /* Check that the signature verification worked and nothing is
-         * fooling us e.g. by a bug in the signature create
-         * code or by deliberately introduced faults. */
+         * fooling us e.g. by a bug in the signature creation code or by
+         * deliberately introduced faults.  Libgcrypt 1.7 includes
+         * this check for RSA and thus we don't need it in that case.  */
         PKT_public_key *pk = xmalloc_clear (sizeof *pk);
 
         if( get_pubkey( pk, sig->keyid ) )
@@ -312,6 +318,7 @@ do_sign( PKT_secret_key *sk, PKT_signature *sig,
                          g10_errstr (rc));
         free_public_key (pk);
     }
+
     if( rc )
        log_error(_("signing failed: %s\n"), g10_errstr(rc) );
     else {

diff --git a/g10/tdbio.c b/g10/tdbio.c
index 6e26108..84a0ba6 100644 (file)
--- a/g10/tdbio.c
+++ b/g10/tdbio.c
@@ -93,7 +93,33 @@ static int in_transaction;
 
 static void open_db(void);
 
+static int
+take_write_lock (void)
+{
+  if (!lockhandle)
+    lockhandle = create_dotlock (db_name);
+  if (!lockhandle)
+    log_fatal ( _("can't create lock for `%s'\n"), db_name );
+
+  if (!is_locked)
+    {
+      if (make_dotlock (lockhandle, -1) )
+        log_fatal ( _("can't lock `%s'\n"), db_name );
+      else
+        is_locked = 1;
+      return 0;
+    }
+  else
+    return 1;
+}
 
+static void
+release_write_lock (void)
+{
+  if (!opt.lock_once)
+    if (!release_dotlock (lockhandle))
+      is_locked = 0;
+}
 \f
 /*************************************
  ************* record cache **********
@@ -249,12 +275,7 @@ put_record_into_cache( ulong recno, const char *data )
        int n = dirty_count / 5; /* discard some dirty entries */
        if( !n )
            n = 1;
-       if( !is_locked ) {
-           if( make_dotlock( lockhandle, -1 ) )
-               log_fatal("can't acquire lock - giving up\n");
-           else
-               is_locked = 1;
-       }
+        take_write_lock ();
        for( unused = NULL, r = cache_list; r; r = r->next ) {
            if( r->flags.used && r->flags.dirty ) {
                int rc = write_cache_item( r );
@@ -268,10 +289,7 @@ put_record_into_cache( ulong recno, const char *data )
                    break;
            }
        }
-       if( !opt.lock_once ) {
-           if( !release_dotlock( lockhandle ) )
-               is_locked = 0;
-       }
+        release_write_lock ();
        assert( unused );
        r = unused;
        r->flags.used = 1;
@@ -310,13 +328,9 @@ tdbio_sync()
     if( !cache_is_dirty )
        return 0;
 
-    if( !is_locked ) {
-       if( make_dotlock( lockhandle, -1 ) )
-           log_fatal("can't acquire lock - giving up\n");
-       else
-           is_locked = 1;
-       did_lock = 1;
-    }
+    if (!take_write_lock ())
+        did_lock = 1;
+
     for( r = cache_list; r; r = r->next ) {
        if( r->flags.used && r->flags.dirty ) {
            int rc = write_cache_item( r );
@@ -325,10 +339,8 @@ tdbio_sync()
        }
     }
     cache_is_dirty = 0;
-    if( did_lock && !opt.lock_once ) {
-       if( !release_dotlock( lockhandle ) )
-           is_locked = 0;
-    }
+    if (did_lock)
+        release_write_lock ();
 
     return 0;
 }
@@ -365,20 +377,12 @@ tdbio_end_transaction()
 
     if( !in_transaction )
        log_bug("tdbio: no active transaction\n");
-    if( !is_locked ) {
-       if( make_dotlock( lockhandle, -1 ) )
-           log_fatal("can't acquire lock - giving up\n");
-       else
-           is_locked = 1;
-    }
+    take_write_lock ();
     block_all_signals();
     in_transaction = 0;
     rc = tdbio_sync();
     unblock_all_signals();
-    if( !opt.lock_once ) {
-       if( !release_dotlock( lockhandle ) )
-           is_locked = 0;
-    }
+    release_write_lock ();
     return rc;
 }
 
@@ -476,6 +480,7 @@ int
 tdbio_set_dbname( const char *new_dbname, int create, int *r_nofile)
 {
     char *fname;
+    struct stat statbuf;
     static int initialized = 0;
 
     if( !initialized ) {
@@ -497,12 +502,25 @@ tdbio_set_dbname( const char *new_dbname, int create, int *r_nofile)
     else
       fname = xstrdup (new_dbname);
 
+    xfree (db_name);
+    db_name = fname;
+
+    /*
+     * Quick check for (likely) case where there is trustdb.gpg
+     * already.  This check is not required in theory, but it helps in
+     * practice, avoiding costly operations of preparing and taking
+     * the lock.
+     */
+    if (stat (fname, &statbuf) == 0 && statbuf.st_size > 0)
+      /* OK, we have the valid trustdb.gpg already.  */
+      return 0;
+
+    take_write_lock ();
+
     if( access( fname, R_OK ) ) {
-       if( errno != ENOENT ) {
-           log_error( _("can't access `%s': %s\n"), fname, strerror(errno) );
-           xfree(fname);
-           return G10ERR_TRUSTDB;
-       }
+        if( errno != ENOENT )
+            log_fatal( _("can't access `%s': %s\n"), fname, strerror(errno) );
+
        if (!create)
           *r_nofile = 1;
         else {
@@ -532,16 +550,6 @@ tdbio_set_dbname( const char *new_dbname, int create, int *r_nofile)
            }
            *p = save_slash;
 
-           xfree(db_name);
-           db_name = fname;
-#ifdef __riscos__
-           if( !lockhandle )
-               lockhandle = create_dotlock( db_name );
-           if( !lockhandle )
-               log_fatal( _("can't create lock for `%s'\n"), db_name );
-            if( make_dotlock( lockhandle, -1 ) )
-                log_fatal( _("can't lock `%s'\n"), db_name );
-#endif /* __riscos__ */
            oldmask=umask(077);
             if (is_secured_filename (fname)) {
                 fp = NULL;
@@ -557,13 +565,6 @@ tdbio_set_dbname( const char *new_dbname, int create, int *r_nofile)
            if( db_fd == -1 )
                log_fatal( _("can't open `%s': %s\n"), db_name, strerror(errno) );
 
-#ifndef __riscos__
-           if( !lockhandle )
-               lockhandle = create_dotlock( db_name );
-           if( !lockhandle )
-               log_fatal( _("can't create lock for `%s'\n"), db_name );
-#endif /* !__riscos__ */
-
             rc = create_version_record ();
            if( rc )
                log_fatal( _("%s: failed to create version record: %s"),
@@ -574,12 +575,10 @@ tdbio_set_dbname( const char *new_dbname, int create, int *r_nofile)
 
            if( !opt.quiet )
                log_info(_("%s: trustdb created\n"), db_name);
-
-           return 0;
        }
     }
-    xfree(db_name);
-    db_name = fname;
+
+    release_write_lock ();
     return 0;
 }
 
@@ -599,14 +598,6 @@ open_db()
 
   assert( db_fd == -1 );
 
-  if (!lockhandle )
-    lockhandle = create_dotlock( db_name );
-  if (!lockhandle )
-    log_fatal( _("can't create lock for `%s'\n"), db_name );
-#ifdef __riscos__
-  if (make_dotlock( lockhandle, -1 ) )
-    log_fatal( _("can't lock `%s'\n"), db_name );
-#endif /* __riscos__ */
   db_fd = open (db_name, O_RDWR | MY_O_BINARY );
   if (db_fd == -1 && (errno == EACCES
 #ifdef EROFS

diff --git a/g10/trustdb.c b/g10/trustdb.c
index 11b6a26..9b49b06 100644 (file)
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@@ -2445,7 +2445,7 @@ validate_keys (int interactive)
         ;
 
       /* Store the calculated valididation status somewhere */
-      if (opt.verbose > 1)
+      if (opt.verbose > 1 && DBG_TRUST)
         dump_key_array (depth, keys);
 
       for (kar=keys; kar->keyblock; kar++)

diff --git a/po/be.po b/po/be.po
index 2478aef..606b297 100644 (file)
--- a/po/be.po
+++ b/po/be.po
@@ -3782,6 +3782,10 @@ msgstr ""
 msgid "      Key fingerprint ="
 msgstr "паказаць ключы й адбіткі пальцаў"
 
+#, fuzzy, c-format
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr "нерэчаісны хэш-альгарытм \"%s\"\n"
+
 msgid "      Card serial no. ="
 msgstr ""
 
@@ -4876,6 +4880,14 @@ msgstr "памылка чытаньня файла"
 msgid "trustdb: sync failed: %s\n"
 msgstr ""
 
+#, fuzzy, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "%s: немагчыма стварыць тэчку: %s\n"
+
+#, fuzzy, c-format
+msgid "can't lock `%s'\n"
+msgstr "немагчыма адкрыць \"%s\"\n"
+
 #, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr ""
@@ -4895,14 +4907,6 @@ msgstr "немагчыма адкрыць %s: %s\n"
 msgid "%s: directory does not exist!\n"
 msgstr ""
 
-#, fuzzy, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "%s: немагчыма стварыць тэчку: %s\n"
-
-#, fuzzy, c-format
-msgid "can't lock `%s'\n"
-msgstr "немагчыма адкрыць \"%s\"\n"
-
 #, c-format
 msgid "%s: failed to create version record: %s"
 msgstr ""

diff --git a/po/ca.po b/po/ca.po
index bf9b79d..86eb364 100644 (file)
--- a/po/ca.po
+++ b/po/ca.po
@@ -4141,6 +4141,10 @@ msgstr "      Empremta digital de la subclau:"
 msgid "      Key fingerprint ="
 msgstr "     Empremta digital ="
 
+#, fuzzy, c-format
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr "signatura %s, algorisme de resum %s\n"
+
 msgid "      Card serial no. ="
 msgstr ""
 
@@ -5353,6 +5357,14 @@ msgstr "error de lectura: %s\n"
 msgid "trustdb: sync failed: %s\n"
 msgstr "base de dades de confiança: no s'ha pogut sincronitzar: %s\n"
 
+#, fuzzy, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "no es pot crear el directori «%s»: %s\n"
+
+#, fuzzy, c-format
+msgid "can't lock `%s'\n"
+msgstr "no s'ha pogut obrir «%s»\n"
+
 #, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "reg de la base de dades de confiança %lu: ha fallat lseek: %s\n"
@@ -5375,14 +5387,6 @@ msgstr "no s'ha pogut tancar «%s»: %s\n"
 msgid "%s: directory does not exist!\n"
 msgstr "%s: el directori no existeix!\n"
 
-#, fuzzy, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "no es pot crear el directori «%s»: %s\n"
-
-#, fuzzy, c-format
-msgid "can't lock `%s'\n"
-msgstr "no s'ha pogut obrir «%s»\n"
-
 #, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: no s'ha pogut crear un registre de versió: %s"

diff --git a/po/cs.po b/po/cs.po
index 15a90d9..0aaabcb 100644 (file)
--- a/po/cs.po
+++ b/po/cs.po
@@ -3873,6 +3873,11 @@ msgstr "          Otisk podklíče:"
 msgid "      Key fingerprint ="
 msgstr "          Otisk klíče ="
 
+#, fuzzy, c-format
+#| msgid "WARNING: using experimental digest algorithm %s\n"
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr "VAROVÁNÍ: používám experimentální hashovací algoritmus %s\n"
+
 msgid "      Card serial no. ="
 msgstr "  Sériové číslo karty ="
 
@@ -5016,6 +5021,14 @@ msgid "trustdb: sync failed: %s\n"
 msgstr "databáze důvěry: synchronizace selhala %s\n"
 
 #, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "nemohu vytvořit zámek pro  „%s“\n"
+
+#, c-format
+msgid "can't lock `%s'\n"
+msgstr "nelze zamknout „%s“\n"
+
+#, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "záznam v databázi důvěry %lu: lseek() se nepodařil: %s\n"
 
@@ -5035,14 +5048,6 @@ msgid "%s: directory does not exist!\n"
 msgstr "%s: adresář neexistuje!\n"
 
 #, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "nemohu vytvořit zámek pro  „%s“\n"
-
-#, c-format
-msgid "can't lock `%s'\n"
-msgstr "nelze zamknout „%s“\n"
-
-#, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: nepodařilo se vytvořit záznam verze: %s"
 

diff --git a/po/da.po b/po/da.po
index 0d5c736..06d9ab0 100644 (file)
--- a/po/da.po
+++ b/po/da.po
@@ -3856,6 +3856,11 @@ msgstr "  Undernøglefingeraftryk:"
 msgid "      Key fingerprint ="
 msgstr "    Nøglefingeraftryk ="
 
+#, fuzzy, c-format
+#| msgid "WARNING: using experimental digest algorithm %s\n"
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr "ADVARSEL: bruger eksperimentel sammendragsalgoritme %s\n"
+
 msgid "      Card serial no. ="
 msgstr "   Serielnr. for kort ="
 
@@ -5000,6 +5005,14 @@ msgid "trustdb: sync failed: %s\n"
 msgstr "trustdb: synkronisering mislykkedes: %s\n"
 
 #, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "kan ikke oprette lås for »%s«\n"
+
+#, c-format
+msgid "can't lock `%s'\n"
+msgstr "kan ikke låse »%s«\n"
+
+#, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "trustdb rec %lu: lseek mislykkedes: %s\n"
 
@@ -5019,14 +5032,6 @@ msgid "%s: directory does not exist!\n"
 msgstr "%s: mappe findes ikke!\n"
 
 #, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "kan ikke oprette lås for »%s«\n"
-
-#, c-format
-msgid "can't lock `%s'\n"
-msgstr "kan ikke låse »%s«\n"
-
-#, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: kunne ikke oprette versionspost: %s"
 

diff --git a/po/de.po b/po/de.po
index 681c6de..839868b 100644 (file)
--- a/po/de.po
+++ b/po/de.po
@@ -9,7 +9,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: gnupg-2.0.18\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"PO-Revision-Date: 2015-06-02 13:13+0200\n"
+"PO-Revision-Date: 2015-09-08 15:57+0200\n"
 "Last-Translator: Werner Koch <wk@gnupg.org>\n"
 "Language-Team: German <de@li.org>\n"
 "Language: de\n"
@@ -3915,6 +3915,10 @@ msgstr " Unter-Fingerabdruck  ="
 msgid "      Key fingerprint ="
 msgstr "  Schl.-Fingerabdruck ="
 
+#, c-format
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr "WARNUNG: Ein PGP-2 Fingerabdruck ist unsicher\n"
+
 msgid "      Card serial no. ="
 msgstr "      Kartenseriennr. ="
 
@@ -5102,6 +5106,14 @@ msgid "trustdb: sync failed: %s\n"
 msgstr "\"Trust-DB\": sync fehlgeschlagen: %s\n"
 
 #, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "Datei `%s' konnte nicht gesperrt werden\n"
+
+#, c-format
+msgid "can't lock `%s'\n"
+msgstr "'%s' kann nicht gesperrt werden\n"
+
+#, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "trustdb Satz %lu: lseek fehlgeschlagen: %s\n"
 
@@ -5121,14 +5133,6 @@ msgid "%s: directory does not exist!\n"
 msgstr "%s: Verzeichnis existiert nicht!\n"
 
 #, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "Datei `%s' konnte nicht gesperrt werden\n"
-
-#, c-format
-msgid "can't lock `%s'\n"
-msgstr "'%s' kann nicht gesperrt werden\n"
-
-#, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: Fehler beim Erzeugen des Versionsatzes: %s"
 

diff --git a/po/el.po b/po/el.po
index e094b07..b55f03a 100644 (file)
--- a/po/el.po
+++ b/po/el.po
@@ -4047,6 +4047,10 @@ msgstr "      
 msgid "      Key fingerprint ="
 msgstr "     Áðïôýðùìá êëåéäéïý ="
 
+#, fuzzy, c-format
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr "%s õðïãñáöÞ, áëãüñéèìïò ðåñßëçøçò %s\n"
+
 msgid "      Card serial no. ="
 msgstr ""
 
@@ -5231,6 +5235,14 @@ msgstr "
 msgid "trustdb: sync failed: %s\n"
 msgstr "trustdb: sync áðÝôõ÷å: %s\n"
 
+#, fuzzy, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "áäõíáìßá äçìéïõñãßáò ôïõ `%s': %s\n"
+
+#, fuzzy, c-format
+msgid "can't lock `%s'\n"
+msgstr "áäõíáìßá ðñüóâáóçò ôïõ `%s'\n"
+
 #, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "trustdb rec %lu: áðïôõ÷ßá lseek: %s\n"
@@ -5250,14 +5262,6 @@ msgstr "
 msgid "%s: directory does not exist!\n"
 msgstr "%s: ï öÜêåëïò äåí õðÜñ÷åé!\n"
 
-#, fuzzy, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "áäõíáìßá äçìéïõñãßáò ôïõ `%s': %s\n"
-
-#, fuzzy, c-format
-msgid "can't lock `%s'\n"
-msgstr "áäõíáìßá ðñüóâáóçò ôïõ `%s'\n"
-
 #, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: áðïôõ÷ßá äçìéïõñãßáò ìéáò åããñáöÞò Ýêäïóçò: %s"

diff --git a/po/eo.po b/po/eo.po
index a6e7818..8fc95a9 100644 (file)
--- a/po/eo.po
+++ b/po/eo.po
@@ -4026,6 +4026,10 @@ msgstr "     
 msgid "      Key fingerprint ="
 msgstr "     Þlosilo-fingrospuro ="
 
+#, fuzzy, c-format
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr "%s-subskribo de: %s\n"
+
 msgid "      Card serial no. ="
 msgstr ""
 
@@ -5186,6 +5190,14 @@ msgstr "kiraso: %s\n"
 msgid "trustdb: sync failed: %s\n"
 msgstr "fido-datenaro: sync malsukcesis: %s\n"
 
+#, fuzzy, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "ne povas krei '%s': %s\n"
+
+#, fuzzy, c-format
+msgid "can't lock `%s'\n"
+msgstr "ne povas malfermi '%s'\n"
+
 #, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "fido-datenaro loko %lu: lseek malsukcesis: %s\n"
@@ -5205,14 +5217,6 @@ msgstr "ne povas fermi '%s': %s\n"
 msgid "%s: directory does not exist!\n"
 msgstr "%s: dosierujo ne ekzistas!\n"
 
-#, fuzzy, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "ne povas krei '%s': %s\n"
-
-#, fuzzy, c-format
-msgid "can't lock `%s'\n"
-msgstr "ne povas malfermi '%s'\n"
-
 #, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: malsukcesis krei versiregistron: %s"

diff --git a/po/es.po b/po/es.po
index 7fe8148..33330d2 100644 (file)
--- a/po/es.po
+++ b/po/es.po
@@ -3873,6 +3873,11 @@ msgstr "      Huella de subclave:"
 msgid "      Key fingerprint ="
 msgstr "      Huella de clave ="
 
+#, fuzzy, c-format
+#| msgid "WARNING: using experimental digest algorithm %s\n"
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr "ATENCIÓN: usando algoritmo de resumen experimental %s\n"
+
 msgid "      Card serial no. ="
 msgstr "      Número de serie de la tarjeta ="
 
@@ -5020,6 +5025,14 @@ msgid "trustdb: sync failed: %s\n"
 msgstr "base de datos de confianza: fallo sincronización: %s\n"
 
 #, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "no se puede crear el bloqueo para `%s'\n"
+
+#, c-format
+msgid "can't lock `%s'\n"
+msgstr "no se puede bloquear `%s'\n"
+
+#, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "registro base de datos de confianza %lu: lseek fallido: %s\n"
 
@@ -5040,14 +5053,6 @@ msgid "%s: directory does not exist!\n"
 msgstr "%s: ¡el directorio no existe!\n"
 
 #, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "no se puede crear el bloqueo para `%s'\n"
-
-#, c-format
-msgid "can't lock `%s'\n"
-msgstr "no se puede bloquear `%s'\n"
-
-#, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: fallo en la creación del registro de versión: %s"
 

diff --git a/po/et.po b/po/et.po
index ba781a7..d18984e 100644 (file)
--- a/po/et.po
+++ b/po/et.po
@@ -3994,6 +3994,10 @@ msgstr "     Alamv
 msgid "      Key fingerprint ="
 msgstr "     Võtme sõrmejälg ="
 
+#, fuzzy, c-format
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr "%s allkiri, sõnumilühendi algoritm %s\n"
+
 msgid "      Card serial no. ="
 msgstr ""
 
@@ -5153,6 +5157,14 @@ msgstr "viga lugemisel: %s\n"
 msgid "trustdb: sync failed: %s\n"
 msgstr "trustdb: sync ebaõnnestus: %s\n"
 
+#, fuzzy, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "`%s' ei õnnestu luua: %s\n"
+
+#, fuzzy, c-format
+msgid "can't lock `%s'\n"
+msgstr "`%s' ei õnnestu avada\n"
+
 #, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "trustdb kirje %lu: lseek ebaõnnestus: %s\n"
@@ -5172,14 +5184,6 @@ msgstr "`%s' ei 
 msgid "%s: directory does not exist!\n"
 msgstr "%s: kataloogi ei ole!\n"
 
-#, fuzzy, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "`%s' ei õnnestu luua: %s\n"
-
-#, fuzzy, c-format
-msgid "can't lock `%s'\n"
-msgstr "`%s' ei õnnestu avada\n"
-
 #, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: versioonikirje loomine ei õnnestu: %s"

diff --git a/po/fi.po b/po/fi.po
index 6b3d566..85e042e 100644 (file)
--- a/po/fi.po
+++ b/po/fi.po
@@ -4030,6 +4030,11 @@ msgstr "      Aliavaimen sormenjälki:"
 msgid "      Key fingerprint ="
 msgstr "     Avaimen sormenjälki ="
 
+# Ensimmäinen %s on binary, textmode tai unknown, ks. alla
+#, fuzzy, c-format
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr "%sallekirjoitus, tiivistealgoritmi %s\n"
+
 msgid "      Card serial no. ="
 msgstr ""
 
@@ -5216,6 +5221,14 @@ msgstr "lukuvirhe: %s\n"
 msgid "trustdb: sync failed: %s\n"
 msgstr "trustdb: synkronointi epäonnistui: %s\n"
 
+#, fuzzy, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "tiedostoa \"%s\" ei voi luoda: %s\n"
+
+#, fuzzy, c-format
+msgid "can't lock `%s'\n"
+msgstr "tiedostoa \"%s\" ei voi avata\n"
+
 #, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "trustdb rec %lu: lseek epäonnistui: %s\n"
@@ -5235,14 +5248,6 @@ msgstr "tiedostoa \"%s\" ei voi sulkea: %s\n"
 msgid "%s: directory does not exist!\n"
 msgstr "%s: hakemistoa ei ole olemassa!\n"
 
-#, fuzzy, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "tiedostoa \"%s\" ei voi luoda: %s\n"
-
-#, fuzzy, c-format
-msgid "can't lock `%s'\n"
-msgstr "tiedostoa \"%s\" ei voi avata\n"
-
 #, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: versiotietueen luonti epäonnistui: %s"

diff --git a/po/fr.po b/po/fr.po
index a640f2e..b0775c9 100644 (file)
--- a/po/fr.po
+++ b/po/fr.po
@@ -3942,6 +3942,11 @@ msgstr " Empreinte de sous-clef :"
 msgid "      Key fingerprint ="
 msgstr " Empreinte de la clef ="
 
+#, fuzzy, c-format
+#| msgid "WARNING: using experimental digest algorithm %s\n"
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr "Attention : utilisation de l'algorithme expérimental de hachage %s\n"
+
 msgid "      Card serial no. ="
 msgstr " Nº de série de carte ="
 
@@ -5137,6 +5142,14 @@ msgid "trustdb: sync failed: %s\n"
 msgstr "base de confiance : échec de synchronisation : %s\n"
 
 #, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "impossible de créer un verrou pour « %s »\n"
+
+#, c-format
+msgid "can't lock `%s'\n"
+msgstr "impossible de verrouiller « %s »\n"
+
+#, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "enregistrement de base de confiance %lu : échec de lseek : %s\n"
 
@@ -5157,14 +5170,6 @@ msgid "%s: directory does not exist!\n"
 msgstr "%s : le répertoire n'existe pas.\n"
 
 #, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "impossible de créer un verrou pour « %s »\n"
-
-#, c-format
-msgid "can't lock `%s'\n"
-msgstr "impossible de verrouiller « %s »\n"
-
-#, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s : impossible de créer un enregistrement de version : %s"
 

diff --git a/po/gl.po b/po/gl.po
index 3c62fc8..f675ea7 100644 (file)
--- a/po/gl.po
+++ b/po/gl.po
@@ -4044,6 +4044,10 @@ msgstr "     Pegada dactilar da sub-chave:"
 msgid "      Key fingerprint ="
 msgstr "     Pegada dactilar ="
 
+#, fuzzy, c-format
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr "Sinatura %s, algoritmo de resumo %s\n"
+
 msgid "      Card serial no. ="
 msgstr ""
 
@@ -5219,6 +5223,14 @@ msgstr "erro de lectura: %s\n"
 msgid "trustdb: sync failed: %s\n"
 msgstr "base de datos de confianza: fallou a sincronización: %s\n"
 
+#, fuzzy, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "non se pode crear `%s': %s\n"
+
+#, fuzzy, c-format
+msgid "can't lock `%s'\n"
+msgstr "non se puido abrir `%s'\n"
+
 #, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "rexistro da base de datos de confianza %lu: lseek fallou: %s\n"
@@ -5239,14 +5251,6 @@ msgstr "non se pode pechar `%s': %s\n"
 msgid "%s: directory does not exist!\n"
 msgstr "%s: ¡o directorio non existe!\n"
 
-#, fuzzy, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "non se pode crear `%s': %s\n"
-
-#, fuzzy, c-format
-msgid "can't lock `%s'\n"
-msgstr "non se puido abrir `%s'\n"
-
 #, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: non se puido crea-lo rexistro de versión: %s"

diff --git a/po/hu.po b/po/hu.po
index f763ca5..a43f640 100644 (file)
--- a/po/hu.po
+++ b/po/hu.po
@@ -4003,6 +4003,10 @@ msgstr "         Alkulcsujjlenyomat:"
 msgid "      Key fingerprint ="
 msgstr " Kulcs ujjlenyomata ="
 
+#, fuzzy, c-format
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr "%s aláírás, %s kivonatoló algoritmus.\n"
+
 msgid "      Card serial no. ="
 msgstr ""
 
@@ -5184,6 +5188,14 @@ msgstr "Olvas
 msgid "trustdb: sync failed: %s\n"
 msgstr "Bizalmi adatbázis: szinkronizáció sikertelen: %s.\n"
 
+#, fuzzy, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "Nem tudom létrehozni a(z) \"%s\" állományt: %s.\n"
+
+#, fuzzy, c-format
+msgid "can't lock `%s'\n"
+msgstr "Nem tudom megnyitni %s-t!\n"
+
 #, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "Bizalmi adatbázis %lu. rekord: lseek sikertelen: %s.\n"
@@ -5203,14 +5215,6 @@ msgstr "Nem tudom bez
 msgid "%s: directory does not exist!\n"
 msgstr "%s: Könyvtár nem létezik!\n"
 
-#, fuzzy, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "Nem tudom létrehozni a(z) \"%s\" állományt: %s.\n"
-
-#, fuzzy, c-format
-msgid "can't lock `%s'\n"
-msgstr "Nem tudom megnyitni %s-t!\n"
-
 #, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: Nem sikerült verziórekordot létrehoznom: %s"

diff --git a/po/id.po b/po/id.po
index 53d8174..5238a4b 100644 (file)
--- a/po/id.po
+++ b/po/id.po
@@ -4017,6 +4017,10 @@ msgstr "     Fingerprint subkunci ="
 msgid "      Key fingerprint ="
 msgstr "     Fingerprint kunci ="
 
+#, fuzzy, c-format
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr "%s signature, algoritma digest %s\n"
+
 msgid "      Card serial no. ="
 msgstr ""
 
@@ -5182,6 +5186,14 @@ msgstr "kesalahan pembacaan: %s\n"
 msgid "trustdb: sync failed: %s\n"
 msgstr "trustdb: gagal sync: %s\n"
 
+#, fuzzy, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "tidak dapat membuat %s: %s\n"
+
+#, fuzzy, c-format
+msgid "can't lock `%s'\n"
+msgstr "tidak dapat membuka `%s'\n"
+
 #, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "trustdb rec %lu: lseek gagal: %s\n"
@@ -5201,14 +5213,6 @@ msgstr "tidak dapat menutup `%s': %s\n"
 msgid "%s: directory does not exist!\n"
 msgstr "%s: direktori tidak ada!\n"
 
-#, fuzzy, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "tidak dapat membuat %s: %s\n"
-
-#, fuzzy, c-format
-msgid "can't lock `%s'\n"
-msgstr "tidak dapat membuka `%s'\n"
-
 #, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: gagal membuat catatan versi: %s"

diff --git a/po/it.po b/po/it.po
index dc61449..0612633 100644 (file)
--- a/po/it.po
+++ b/po/it.po
@@ -4030,6 +4030,10 @@ msgstr "     Impronta digitale della subchiave:"
 msgid "      Key fingerprint ="
 msgstr "     Impronta digitale ="
 
+#, fuzzy, c-format
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr "Firma %s, algoritmo di digest %s\n"
+
 msgid "      Card serial no. ="
 msgstr ""
 
@@ -5222,6 +5226,14 @@ msgstr "errore di lettura: %s\n"
 msgid "trustdb: sync failed: %s\n"
 msgstr "trustdb: sync fallita: %s\n"
 
+#, fuzzy, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "impossibile creare `%s': %s\n"
+
+#, fuzzy, c-format
+msgid "can't lock `%s'\n"
+msgstr "impossibile aprire `%s'\n"
+
 #, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "trustdb rec %lu: lseek fallita: %s\n"
@@ -5241,14 +5253,6 @@ msgstr "impossibile chiudere `%s': %s\n"
 msgid "%s: directory does not exist!\n"
 msgstr "%s: la directory non esiste!\n"
 
-#, fuzzy, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "impossibile creare `%s': %s\n"
-
-#, fuzzy, c-format
-msgid "can't lock `%s'\n"
-msgstr "impossibile aprire `%s'\n"
-
 #, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: creazione del record della versione fallita: %s"

diff --git a/po/ja.po b/po/ja.po
index ad88b43..d5415cd 100644 (file)
--- a/po/ja.po
+++ b/po/ja.po
@@ -7,9 +7,9 @@
 #
 msgid ""
 msgstr ""
-"Project-Id-Version: GNU gnupg 2.0.27\n"
+"Project-Id-Version: GNU gnupg 2.0.28\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"PO-Revision-Date: 2015-06-02 13:05+0200\n"
+"PO-Revision-Date: 2015-06-16 12:51+0900\n"
 "Last-Translator: NIIBE Yutaka <gniibe@fsij.org>\n"
 "Language-Team: Japanese <translation-team-ja@lists.sourceforge.net>\n"
 "Language: ja\n"
@@ -31,43 +31,33 @@ msgid "|pinentry-label|_OK"
 msgstr "|pinentry-label|_OK"
 
 msgid "|pinentry-label|_Cancel"
-msgstr "|pinentry-label|_キャンセル"
+msgstr "|pinentry-label|キャンセル(_C)"
 
-#, fuzzy
-#| msgid "|pinentry-label|_OK"
 msgid "|pinentry-label|_Yes"
-msgstr "|pinentry-label|_OK"
+msgstr "|pinentry-label|_Yes"
 
-#, fuzzy
-#| msgid "|pinentry-label|_OK"
 msgid "|pinentry-label|_No"
-msgstr "|pinentry-label|_OK"
+msgstr "|pinentry-label|_No"
 
 msgid "|pinentry-label|PIN:"
 msgstr "|pinentry-label|PIN:"
 
-#, fuzzy
-#| msgid "|pinentry-label|_Cancel"
 msgid "|pinentry-label|_Save in password manager"
-msgstr "|pinentry-label|_キャンセル"
+msgstr "|pinentry-label|パスワードマネージャに保存する(_S)"
 
-#, fuzzy
-#| msgid "Do you really want to revoke the selected subkeys? (y/N) "
 msgid "Do you really want to make your passphrase visible on the screen?"
-msgstr "選択した副鍵を本当に失効しますか? (y/N) "
+msgstr "本当に画面にパスフレーズを見えるようにしますか?"
 
 msgid "|pinentry-tt|Make passphrase visible"
-msgstr ""
+msgstr "|pinentry-tt|パスフレーズを見えるようにする"
 
-#, fuzzy
-#| msgid "Enter new passphrase"
 msgid "|pinentry-tt|Hide passphrase"
-msgstr "新しいパスフレーズを入力してください"
+msgstr "|pinentry-tt|パスフレーズを隠す"
 
 #. TRANSLATORS: This string is displayed by Pinentry as the label
 #. for the quality bar.
 msgid "Quality:"
-msgstr "品質: %s"
+msgstr "品質:"
 
 #. TRANSLATORS: This string is a tooltip, shown by pinentry when
 #. hovering over the quality bar.  Please use an appropriate
@@ -376,10 +366,8 @@ msgstr "sshサポートを有効にする"
 msgid "enable putty support"
 msgstr "puttyサポートを有効にする"
 
-#, fuzzy
-#| msgid "do not allow the reuse of old passphrases"
 msgid "disallow the use of an external password cache"
-msgstr "å\8f¤ã\81\84ã\83\91ã\82¹ã\83\95ã\83¬ã\83¼ã\82ºã\82\92å\86\8d使ç\94¨ã\81\99ã\82\8bã\81\93ã\81¨ã\82\92èª\8dã\82\81ã\81ªã\81\84"
+msgstr "å¤\96é\83¨ã\81®ã\83\91ã\82¹ã\83¯ã\83¼ã\83\89ã\82­ã\83£ã\83\83ã\82·ã\83¥ã\81®ä½¿ç\94¨ã\82\92èª\8dã\82\81ã\81ªã\81\84"
 
 msgid "|FILE|write environment settings also to FILE"
 msgstr "|FILE|FILEに環境変数の設定も書き出す"
@@ -3787,6 +3775,11 @@ msgstr "副鍵フィンガー・プリント:"
 msgid "      Key fingerprint ="
 msgstr "   フィンガー・プリント ="
 
+#, fuzzy, c-format
+#| msgid "WARNING: using experimental digest algorithm %s\n"
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr "*警告*: 実験的ダイジェスト・アルゴリズム %sを使用\n"
+
 msgid "      Card serial no. ="
 msgstr "   カード・シリアル番号 ="
 
@@ -4903,6 +4896,14 @@ msgid "trustdb: sync failed: %s\n"
 msgstr "信用データベース: 同期に失敗しました: %s\n"
 
 #, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "「%s」のロックを作成できません\n"
+
+#, c-format
+msgid "can't lock `%s'\n"
+msgstr "「%s」がロックできません\n"
+
+#, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "信用データベース レコード%lu: シークに失敗しました: %s\n"
 
@@ -4922,14 +4923,6 @@ msgid "%s: directory does not exist!\n"
 msgstr "%s: ディレクトリがありません!\n"
 
 #, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "「%s」のロックを作成できません\n"
-
-#, c-format
-msgid "can't lock `%s'\n"
-msgstr "「%s」がロックできません\n"
-
-#, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: バージョン・レコードの作成に失敗しました: %s"
 
@@ -5178,12 +5171,10 @@ msgid "keyword too long"
 msgstr "キーワードが長すぎます"
 
 msgid "missing argument"
-msgstr "引数ありません"
+msgstr "å¼\95æ\95°ã\81\8cã\81\82ã\82\8aã\81¾ã\81\9bã\82\93"
 
-#, fuzzy
-#| msgid "invalid value\n"
 msgid "invalid argument"
-msgstr "ç\84¡å\8a¹ã\81ªå\80¤\n"
+msgstr "ç\84¡å\8a¹ã\81ªå¼\95æ\95°"
 
 msgid "invalid command"
 msgstr "無効なコマンド"
@@ -5201,10 +5192,9 @@ msgstr "無効なオプション"
 msgid "missing argument for option \"%.50s\"\n"
 msgstr "オプション\"%.50s\"に引数がありません\n"
 
-#, fuzzy, c-format
-#| msgid "missing argument for option \"%.50s\"\n"
+#, c-format
 msgid "invalid argument for option \"%.50s\"\n"
-msgstr "オプション\"%.50s\"に引数がありません\n"
+msgstr "オプション\"%.50s\"に無効な引数です\n"
 
 #, c-format
 msgid "option \"%.50s\" does not expect an argument\n"

diff --git a/po/nb.po b/po/nb.po
index 98fbbc2..f7a3a1b 100644 (file)
--- a/po/nb.po
+++ b/po/nb.po
@@ -3844,6 +3844,11 @@ msgstr "      Fingeravstrykk for undern
 msgid "      Key fingerprint ="
 msgstr " Nøkkelfingeravtrykk ="
 
+#, fuzzy, c-format
+#| msgid "WARNING: using experimental digest algorithm %s\n"
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr "ADVARSEL: bruker eksperimentell digest-algoritme %s\n"
+
 msgid "      Card serial no. ="
 msgstr "      Serienummer for kort ="
 
@@ -4955,6 +4960,14 @@ msgid "trustdb: sync failed: %s\n"
 msgstr ""
 
 #, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "kan ikke opprette lås for «%s»\n"
+
+#, c-format
+msgid "can't lock `%s'\n"
+msgstr "kan ikke låse «%s»\n"
+
+#, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr ""
 
@@ -4974,14 +4987,6 @@ msgid "%s: directory does not exist!\n"
 msgstr ""
 
 #, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "kan ikke opprette lås for «%s»\n"
-
-#, c-format
-msgid "can't lock `%s'\n"
-msgstr "kan ikke låse «%s»\n"
-
-#, c-format
 msgid "%s: failed to create version record: %s"
 msgstr ""
 

diff --git a/po/nl.po b/po/nl.po
index f2a839c..bf40d9f 100644 (file)
--- a/po/nl.po
+++ b/po/nl.po
@@ -3987,6 +3987,11 @@ msgstr "       Vingerafdruk van de subsleutel:"
 msgid "      Key fingerprint ="
 msgstr "      Vingerafdruk van de sleutel ="
 
+#, fuzzy, c-format
+#| msgid "WARNING: using experimental digest algorithm %s\n"
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr "WAARSCHUWING: er wordt een experimenteel hashalgoritme %s gebruikt\n"
+
 msgid "      Card serial no. ="
 msgstr "         Serienummer van de kaart ="
 
@@ -5187,6 +5192,14 @@ msgid "trustdb: sync failed: %s\n"
 msgstr "betrouwbaarheidsdatabank (trustdb): synchronisatie mislukt: %s\n"
 
 #, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "kan geen grendel maken voor `%s'\n"
+
+#, c-format
+msgid "can't lock `%s'\n"
+msgstr "kan `%s' niet vergrendelen\n"
+
+#, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr ""
 "betrouwbaarheidsdatabank (trustdb): element %lu: lseek is mislukt: %s\n"
@@ -5209,14 +5222,6 @@ msgid "%s: directory does not exist!\n"
 msgstr "%s: map bestaat niet!\n"
 
 #, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "kan geen grendel maken voor `%s'\n"
-
-#, c-format
-msgid "can't lock `%s'\n"
-msgstr "kan `%s' niet vergrendelen\n"
-
-#, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: het registreren van de versie is mislukt: %s"
 

diff --git a/po/pl.po b/po/pl.po
index f1efab6..331510c 100644 (file)
--- a/po/pl.po
+++ b/po/pl.po
@@ -3882,6 +3882,11 @@ msgstr "       Odcisk podklucza:"
 msgid "      Key fingerprint ="
 msgstr "       Odcisk klucza ="
 
+#, fuzzy, c-format
+#| msgid "WARNING: using experimental digest algorithm %s\n"
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr "OSTRZEŻENIE: użycie eksperymentalnego algorytmu skrótu %s\n"
+
 msgid "      Card serial no. ="
 msgstr "    Nr seryjny karty ="
 
@@ -5038,6 +5043,14 @@ msgid "trustdb: sync failed: %s\n"
 msgstr "baza zaufania: synchronizacja nie powiodła się %s\n"
 
 #, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "nie można utworzyć blokady dla ,,%s''\n"
+
+#, c-format
+msgid "can't lock `%s'\n"
+msgstr "nie można zablokować ,,%s''\n"
+
+#, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "baza zaufania, wpis %lu: funkcja lseek() nie powiodła się: %s\n"
 
@@ -5057,14 +5070,6 @@ msgid "%s: directory does not exist!\n"
 msgstr "%s: katalog nie istnieje!\n"
 
 #, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "nie można utworzyć blokady dla ,,%s''\n"
-
-#, c-format
-msgid "can't lock `%s'\n"
-msgstr "nie można zablokować ,,%s''\n"
-
-#, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: stworzenie zapisu o wersji nie powiodło się: %s"
 

diff --git a/po/pt.po b/po/pt.po
index 1ebd6ab..d51a531 100644 (file)
--- a/po/pt.po
+++ b/po/pt.po
@@ -4016,6 +4016,10 @@ msgstr "      Impress
 msgid "      Key fingerprint ="
 msgstr "  Impressão da chave ="
 
+#, fuzzy, c-format
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr "assinatura %s de: \"%s\"\n"
+
 msgid "      Card serial no. ="
 msgstr ""
 
@@ -5184,6 +5188,14 @@ msgstr "armadura: %s\n"
 msgid "trustdb: sync failed: %s\n"
 msgstr "base de dados de confiança: sincronização falhou: %s\n"
 
+#, fuzzy, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "impossível criar `%s': %s\n"
+
+#, fuzzy, c-format
+msgid "can't lock `%s'\n"
+msgstr "impossível abrir `%s'\n"
+
 #, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "base de dados de confiança rec %lu: lseek falhou: %s\n"
@@ -5203,14 +5215,6 @@ msgstr "imposs
 msgid "%s: directory does not exist!\n"
 msgstr "%s: diretoria inexistente!\n"
 
-#, fuzzy, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "impossível criar `%s': %s\n"
-
-#, fuzzy, c-format
-msgid "can't lock `%s'\n"
-msgstr "impossível abrir `%s'\n"
-
 #, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: falha ao criar registo de versão: %s"

diff --git a/po/pt_BR.po b/po/pt_BR.po
index 579ea19..f74ef0f 100644 (file)
--- a/po/pt_BR.po
+++ b/po/pt_BR.po
@@ -4032,6 +4032,10 @@ msgstr "       Impress
 msgid "      Key fingerprint ="
 msgstr "       Impressão digital:"
 
+#, fuzzy, c-format
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr "assinatura %s de: %s\n"
+
 msgid "      Card serial no. ="
 msgstr ""
 
@@ -5194,6 +5198,14 @@ msgstr "erro de leitura: %s\n"
 msgid "trustdb: sync failed: %s\n"
 msgstr "banco de dados de confiabilidade: sincronização falhou: %s\n"
 
+#, fuzzy, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "impossível criar %s: %s\n"
+
+#, fuzzy, c-format
+msgid "can't lock `%s'\n"
+msgstr "impossível abrir `%s'\n"
+
 #, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "banco de dados de confiabilidade rec %lu: lseek falhou: %s\n"
@@ -5213,14 +5225,6 @@ msgstr "imposs
 msgid "%s: directory does not exist!\n"
 msgstr "%s: diretório inexistente!\n"
 
-#, fuzzy, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "impossível criar %s: %s\n"
-
-#, fuzzy, c-format
-msgid "can't lock `%s'\n"
-msgstr "impossível abrir `%s'\n"
-
 #, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: falha ao criar registro de versão: %s"

diff --git a/po/ro.po b/po/ro.po
index 5ddab61..be90de5 100644 (file)
--- a/po/ro.po
+++ b/po/ro.po
@@ -3940,6 +3940,11 @@ msgstr "      Amprent
 msgid "      Key fingerprint ="
 msgstr "      Amprentã cheie ="
 
+#, fuzzy, c-format
+#| msgid "WARNING: using experimental digest algorithm %s\n"
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr "AVERTISMENT: folosesc algoritmul rezumat experimental %s\n"
+
 msgid "      Card serial no. ="
 msgstr "      Card nr. serie ="
 
@@ -5095,6 +5100,14 @@ msgid "trustdb: sync failed: %s\n"
 msgstr "trustdb: sincronizarea a eºuat: %s\n"
 
 #, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "nu pot crea încuietoare (lock) pentru `%s'\n"
+
+#, c-format
+msgid "can't lock `%s'\n"
+msgstr "nu pot încuia (lock) `%s'\n"
+
+#, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "trustdb rec %lu: lseek a eºuat: %s\n"
 
@@ -5114,14 +5127,6 @@ msgid "%s: directory does not exist!\n"
 msgstr "%s: directorul nu existã!\n"
 
 #, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "nu pot crea încuietoare (lock) pentru `%s'\n"
-
-#, c-format
-msgid "can't lock `%s'\n"
-msgstr "nu pot încuia (lock) `%s'\n"
-
-#, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: am eºuat sã creez înregistrare versiune: %s"
 

diff --git a/po/ru.po b/po/ru.po
index e50702a..a5156be 100644 (file)
--- a/po/ru.po
+++ b/po/ru.po
@@ -11,7 +11,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: GnuPG 2.0.10\n"
 "Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"PO-Revision-Date: 2015-02-14 17:16+0000\n"
+"PO-Revision-Date: 2015-06-25 17:16+0000\n"
 "Last-Translator: Ineiev <ineiev@gnu.org>\n"
 "Language-Team: Russian <gnupg-ru@gnupg.org>\n"
 "Language: ru\n"
@@ -36,9 +36,27 @@ msgstr "|pinentry-label|_OK"
 msgid "|pinentry-label|_Cancel"
 msgstr "|pinentry-label|Отмена (_C)"
 
+msgid "|pinentry-label|_Yes"
+msgstr "|pinentry-label|Да (_Y)"
+
+msgid "|pinentry-label|_No"
+msgstr "|pinentry-label|Нет (_N)"
+
 msgid "|pinentry-label|PIN:"
 msgstr "|pinentry-label|PIN:"
 
+msgid "|pinentry-label|_Save in password manager"
+msgstr "|pinentry-label|Сохранить в диспетчере паролей (_S)"
+
+msgid "Do you really want to make your passphrase visible on the screen?"
+msgstr "Вы действительно хотите, чтобы фраза-пароль была видна на экране?"
+
+msgid "|pinentry-tt|Make passphrase visible"
+msgstr "|pinentry-tt|Показывать фразу-пароль"
+
+msgid "|pinentry-tt|Hide passphrase"
+msgstr "|pinentry-tt|Скрывать фразу-пароль"
+
 #. TRANSLATORS: This string is displayed by Pinentry as the label
 #. for the quality bar.
 msgid "Quality:"
@@ -363,6 +381,9 @@ msgstr "включить поддержку ssh"
 msgid "enable putty support"
 msgstr "включить поддержку putty"
 
+msgid "disallow the use of an external password cache"
+msgstr "не позволять пользоваться внешней памятью паролей"
+
 msgid "|FILE|write environment settings also to FILE"
 msgstr "|FILE|сохранить состояние среды также в файл FILE"
 
@@ -1490,6 +1511,10 @@ msgid "[User ID not found]"
 msgstr "[ID пользователя не найден]"
 
 #, c-format
+msgid "key %s: secret key without public key - skipped\n"
+msgstr "ключ %s: закрытый ключ без открытого ключа - пропущен\n"
+
+#, c-format
 msgid "automatically retrieved `%s' via %s\n"
 msgstr "автоматически получили `%s' через %s\n"
 
@@ -1513,10 +1538,6 @@ msgstr "нет закрытого подключа для открытого п
 msgid "using subkey %s instead of primary key %s\n"
 msgstr "использую подключ %s вместо главного ключа %s\n"
 
-#, c-format
-msgid "key %s: secret key without public key - skipped\n"
-msgstr "ключ %s: закрытый ключ без открытого ключа - пропущен\n"
-
 msgid "make a signature"
 msgstr "создать подпись"
 
@@ -3811,6 +3832,10 @@ msgstr "       Отпечаток подключа:"
 msgid "      Key fingerprint ="
 msgstr "      Отпечаток ключа ="
 
+#, c-format
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr "ВНИМАНИЕ: отпечаток PGP-2 не безопасен\n"
+
 msgid "      Card serial no. ="
 msgstr " серийный номер карты ="
 
@@ -3935,6 +3960,10 @@ msgstr "ВНИМАНИЕ: обработчик сервера ключей от
 msgid "keyserver did not send VERSION\n"
 msgstr "сервер ключей не прислал VERSION\n"
 
+#, c-format
+msgid "keyserver communications error: %s\n"
+msgstr "ошибка связи с сервером ключей: %s\n"
+
 msgid "no keyserver known (use option --keyserver)\n"
 msgstr "не заданы серверы ключей (используйте --keyserver)\n"
 
@@ -3960,10 +3989,6 @@ msgid "keyserver internal error\n"
 msgstr "внутренняя ошибка сервера ключей\n"
 
 #, c-format
-msgid "keyserver communications error: %s\n"
-msgstr "ошибка связи с сервером ключей: %s\n"
-
-#, c-format
 msgid "\"%s\" not a key ID: skipping\n"
 msgstr "\"%s\" не идентификатор ключа: пропущен\n"
 
@@ -4954,6 +4979,14 @@ msgid "trustdb: sync failed: %s\n"
 msgstr "таблица доверия: сбой синхронизации: %s\n"
 
 #, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "невозможно создать блокировку для `%s'\n"
+
+#, c-format
+msgid "can't lock `%s'\n"
+msgstr "невозможно заблокировать `%s'\n"
+
+#, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "таблица доверия, запись %lu: сбой lseek: %s\n"
 
@@ -4973,14 +5006,6 @@ msgid "%s: directory does not exist!\n"
 msgstr "%s: каталог не существует!\n"
 
 #, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "невозможно создать блокировку для `%s'\n"
-
-#, c-format
-msgid "can't lock `%s'\n"
-msgstr "невозможно заблокировать `%s'\n"
-
-#, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: сбой создания записи о версии: %s"
 
@@ -5236,6 +5261,9 @@ msgstr "ключевое слово слишком длинное"
 msgid "missing argument"
 msgstr "пропущен аргумент"
 
+msgid "invalid argument"
+msgstr "недопустимый аргумент"
+
 msgid "invalid command"
 msgstr "недопустимая команда"
 
@@ -5253,6 +5281,10 @@ msgid "missing argument for option \"%.50s\"\n"
 msgstr "не хватает аргумента для параметра \"%.50s\"\n"
 
 #, c-format
+msgid "invalid argument for option \"%.50s\"\n"
+msgstr "недопустимый аргумент для параметра \"%.50s\"\n"
+
+#, c-format
 msgid "option \"%.50s\" does not expect an argument\n"
 msgstr "у параметра \"%.50s\" не должно быть аргумента\n"
 

diff --git a/po/sk.po b/po/sk.po
index 23bac58..9d5feb9 100644 (file)
--- a/po/sk.po
+++ b/po/sk.po
@@ -4024,6 +4024,10 @@ msgstr "      Fingerprint podk
 msgid "      Key fingerprint ="
 msgstr "   Fingerprint kµúèa ="
 
+#, fuzzy, c-format
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr "%s podpis, hashovací algoritmus %s\n"
+
 msgid "      Card serial no. ="
 msgstr ""
 
@@ -5200,6 +5204,14 @@ msgstr "chyba pri 
 msgid "trustdb: sync failed: %s\n"
 msgstr "databáza dôvery: synchronizácia zlyhala %s\n"
 
+#, fuzzy, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "nemô¾em vytvori» `%s': %s\n"
+
+#, fuzzy, c-format
+msgid "can't lock `%s'\n"
+msgstr "nemo¾no otvori» `%s'\n"
+
 #, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "záznam v databáze dôvery %lu: lseek() sa nepodaril: %s\n"
@@ -5219,14 +5231,6 @@ msgstr "nem
 msgid "%s: directory does not exist!\n"
 msgstr "%s: adresár neexistuje!\n"
 
-#, fuzzy, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "nemô¾em vytvori» `%s': %s\n"
-
-#, fuzzy, c-format
-msgid "can't lock `%s'\n"
-msgstr "nemo¾no otvori» `%s'\n"
-
 #, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: nepodarilo sa vytvori» záznam verzie: %s"

diff --git a/po/sv.po b/po/sv.po
index 3e8b6cd..0817012 100644 (file)
--- a/po/sv.po
+++ b/po/sv.po
@@ -3950,6 +3950,11 @@ msgstr "   Undernyckelns fingeravtryck:"
 msgid "      Key fingerprint ="
 msgstr "Nyckelns fingeravtryck ="
 
+#, fuzzy, c-format
+#| msgid "WARNING: using experimental digest algorithm %s\n"
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr "VARNING: använder experimentella sammandragsalgoritmen %s\n"
+
 msgid "      Card serial no. ="
 msgstr "       Kortets serienr ="
 
@@ -5129,6 +5134,15 @@ msgid "trustdb: sync failed: %s\n"
 msgstr "tillitsdatabas: synkronisering misslyckades: %s\n"
 
 #, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "kan inte skapa lås för \"%s\"\n"
+
+# se förra kommentaren
+#, c-format
+msgid "can't lock `%s'\n"
+msgstr "kan inte låsa \"%s\"\n"
+
+#, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "tillitsdatabasposten %lu: lseek misslyckades: %s\n"
 
@@ -5148,15 +5162,6 @@ msgid "%s: directory does not exist!\n"
 msgstr "%s: katalogen finns inte!\n"
 
 #, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "kan inte skapa lås för \"%s\"\n"
-
-# se förra kommentaren
-#, c-format
-msgid "can't lock `%s'\n"
-msgstr "kan inte låsa \"%s\"\n"
-
-#, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: misslyckades med att skapa versionspost: %s"
 

diff --git a/po/tr.po b/po/tr.po
index 889f532..eb8af01 100644 (file)
--- a/po/tr.po
+++ b/po/tr.po
@@ -3912,6 +3912,11 @@ msgstr "Yardımcı anahtar parmak izi:"
 msgid "      Key fingerprint ="
 msgstr "     Anahtar parmakizi ="
 
+#, fuzzy, c-format
+#| msgid "WARNING: using experimental digest algorithm %s\n"
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr "UYARI: deneysel %s özet algoritması kullanılıyor\n"
+
 msgid "      Card serial no. ="
 msgstr "      Kart seri no. ="
 
@@ -5065,6 +5070,14 @@ msgid "trustdb: sync failed: %s\n"
 msgstr "güvence veritabanı: eşzamanlama başarısız: %s\n"
 
 #, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "`%s' için kilit oluşturulamıyor\n"
+
+#, c-format
+msgid "can't lock `%s'\n"
+msgstr "`%s' kiltlenemedi\n"
+
+#, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "güvence veritabanı %lu kaydı: erişim başarısız: %s\n"
 
@@ -5084,14 +5097,6 @@ msgid "%s: directory does not exist!\n"
 msgstr "%s: dizin yok!\n"
 
 #, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "`%s' için kilit oluşturulamıyor\n"
-
-#, c-format
-msgid "can't lock `%s'\n"
-msgstr "`%s' kiltlenemedi\n"
-
-#, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: sürüm kaydı oluşturmada başarısız: %s"
 

diff --git a/po/uk.po b/po/uk.po
index 77998ae..1ad8d81 100644 (file)
--- a/po/uk.po
+++ b/po/uk.po
@@ -3915,6 +3915,13 @@ msgstr "       Відбиток підключа:"
 msgid "      Key fingerprint ="
 msgstr "      Відбиток ключа ="
 
+#, fuzzy, c-format
+#| msgid "WARNING: using experimental digest algorithm %s\n"
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr ""
+"УВАГА: використовуємо експериментальний алгоритм обчислення контрольних сум "
+"%s\n"
+
 msgid "      Card serial no. ="
 msgstr "Серійний номер картки ="
 
@@ -5074,6 +5081,14 @@ msgid "trustdb: sync failed: %s\n"
 msgstr "trustdb: помилка синхронізації: %s\n"
 
 #, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "не вдалося створити блокування для «%s»\n"
+
+#, c-format
+msgid "can't lock `%s'\n"
+msgstr "не вдалося заблокувати «%s»\n"
+
+#, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "запис trustdb %lu: помилка lseek: %s\n"
 
@@ -5093,14 +5108,6 @@ msgid "%s: directory does not exist!\n"
 msgstr "%s: каталогу не існує!\n"
 
 #, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "не вдалося створити блокування для «%s»\n"
-
-#, c-format
-msgid "can't lock `%s'\n"
-msgstr "не вдалося заблокувати «%s»\n"
-
-#, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: не вдалося створити запис щодо версії: %s"
 

diff --git a/po/zh_CN.po b/po/zh_CN.po
index 8ab5db7..20f44b9 100644 (file)
--- a/po/zh_CN.po
+++ b/po/zh_CN.po
@@ -3835,6 +3835,11 @@ msgstr " 子钥指纹："
 msgid "      Key fingerprint ="
 msgstr "密钥指纹 ="
 
+#, fuzzy, c-format
+#| msgid "WARNING: using experimental digest algorithm %s\n"
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr "警告：使用试验性质的散列算法 %s\n"
+
 msgid "      Card serial no. ="
 msgstr "卡序列号 ="
 
@@ -4934,6 +4939,14 @@ msgid "trustdb: sync failed: %s\n"
 msgstr "信任度数据库：同步失败：%s\n"
 
 #, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "不能为‘%s’创建锁定\n"
+
+#, c-format
+msgid "can't lock `%s'\n"
+msgstr "无法锁定‘%s’\n"
+
+#, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "信任度数据库记录 %lu：lseek 失败：%s\n"
 
@@ -4953,14 +4966,6 @@ msgid "%s: directory does not exist!\n"
 msgstr "%s：目录不存在！\n"
 
 #, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "不能为‘%s’创建锁定\n"
-
-#, c-format
-msgid "can't lock `%s'\n"
-msgstr "无法锁定‘%s’\n"
-
-#, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s：建立版本记录失败：%s"
 

diff --git a/po/zh_TW.po b/po/zh_TW.po
index f8192f6..c1319a0 100644 (file)
--- a/po/zh_TW.po
+++ b/po/zh_TW.po
@@ -3759,6 +3759,11 @@ msgstr "                子鑰指紋:"
 msgid "      Key fingerprint ="
 msgstr "      金鑰指紋 ="
 
+#, fuzzy, c-format
+#| msgid "WARNING: using experimental digest algorithm %s\n"
+msgid "WARNING: a PGP-2 fingerprint is not safe\n"
+msgstr "警告: 正在使用實驗性的 %s 摘要演算法\n"
+
 msgid "      Card serial no. ="
 msgstr "      卡片序號 ="
 
@@ -4861,6 +4866,14 @@ msgid "trustdb: sync failed: %s\n"
 msgstr "信任資料庫: 同步化失敗: %s\n"
 
 #, c-format
+msgid "can't create lock for `%s'\n"
+msgstr "無法為 `%s' 建立鎖定\n"
+
+#, c-format
+msgid "can't lock `%s'\n"
+msgstr "無法鎖定 `%s'\n"
+
+#, c-format
 msgid "trustdb rec %lu: lseek failed: %s\n"
 msgstr "信任資料庫記錄 %lu: 本機搜尋失敗: %s\n"
 
@@ -4880,14 +4893,6 @@ msgid "%s: directory does not exist!\n"
 msgstr "%s: 目錄不存在!\n"
 
 #, c-format
-msgid "can't create lock for `%s'\n"
-msgstr "無法為 `%s' 建立鎖定\n"
-
-#, c-format
-msgid "can't lock `%s'\n"
-msgstr "無法鎖定 `%s'\n"
-
-#, c-format
 msgid "%s: failed to create version record: %s"
 msgstr "%s: 建立版本記錄失敗: %s"
 

diff --git a/scd/apdu.c b/scd/apdu.c
index 72b291e..f9a1a2d 100644 (file)
--- a/scd/apdu.c
+++ b/scd/apdu.c
@@ -1784,8 +1784,12 @@ pcsc_vendor_specific_init (int slot)
               reader_table[slot].is_spr532 = 1;
               reader_table[slot].pinpad_varlen_supported = 1;
             }
-          else if (strstr (reader_table[slot].rdrname, "ST-2xxx")
-                   || strstr (reader_table[slot].rdrname, "cyberJack")
+          else if (strstr (reader_table[slot].rdrname, "ST-2xxx"))
+            {
+              reader_table[slot].pcsc.pinmax = 15;
+              reader_table[slot].pinpad_varlen_supported = 1;
+            }
+          else if (strstr (reader_table[slot].rdrname, "cyberJack")
                    || strstr (reader_table[slot].rdrname, "DIGIPASS")
                    || strstr (reader_table[slot].rdrname, "Gnuk")
                    || strstr (reader_table[slot].rdrname, "KAAN"))
@@ -1850,8 +1854,12 @@ pcsc_vendor_specific_init (int slot)
       reader_table[slot].is_spr532 = 1;
       reader_table[slot].pinpad_varlen_supported = 1;
     }
-  else if ((vendor == 0x046a && product == 0x003e)  /* Cherry ST-2xxx */
-           || vendor == 0x0c4b /* Tested with Reiner cyberJack GO */
+  else if (vendor == 0x046a && product == 0x003e) /* Cherry ST-2xxx */
+    {
+      reader_table[slot].pcsc.pinmax = 15;
+      reader_table[slot].pinpad_varlen_supported = 1;
+    }
+  else if (vendor == 0x0c4b /* Tested with Reiner cyberJack GO */
            || vendor == 0x1a44 /* Tested with Vasco DIGIPASS 920 */
            || vendor == 0x234b /* Tested with FSIJ Gnuk Token */
            || vendor == 0x0d46 /* Tested with KAAN Advanced??? */)
@@ -2244,8 +2252,16 @@ pcsc_pinpad_verify (int slot, int class, int ins, int p0, int p1,
   int sw;
   unsigned char *pin_verify;
   int len = PIN_VERIFY_STRUCTURE_SIZE + pininfo->fixedlen;
-  unsigned char result[2];
-  pcsc_dword_t resultlen = 2;
+  /*
+   * The result buffer is only expected to have two-byte result on
+   * return.  However, some implementation uses this buffer for lower
+   * layer too and it assumes that there is enough space for lower
+   * layer communication.  Such an implementation fails for TPDU
+   * readers with "insufficient buffer", as it needs header and
+   * trailer.  Six is the number for header + result + trailer (TPDU).
+   */
+  unsigned char result[6];
+  pcsc_dword_t resultlen = 6;
   int no_lc;
 
   if (!reader_table[slot].atrlen
@@ -2319,8 +2335,8 @@ pcsc_pinpad_modify (int slot, int class, int ins, int p0, int p1,
   int sw;
   unsigned char *pin_modify;
   int len = PIN_MODIFY_STRUCTURE_SIZE + 2 * pininfo->fixedlen;
-  unsigned char result[2];
-  pcsc_dword_t resultlen = 2;
+  unsigned char result[6];      /* See the comment at pinpad_verify.  */
+  pcsc_dword_t resultlen = 6;
   int no_lc;
 
   if (!reader_table[slot].atrlen

diff --git a/scd/ccid-driver.c b/scd/ccid-driver.c
index 490569f..8a68a44 100644 (file)
--- a/scd/ccid-driver.c
+++ b/scd/ccid-driver.c
@@ -3355,6 +3355,7 @@ ccid_transceive_secure (ccid_driver_t handle,
   size_t dummy_nresp;
   int testmode;
   int cherry_mode = 0;
+  int add_zero = 0;
   int enable_varlen = 0;
 
   testmode = !resp && !nresp;
@@ -3396,7 +3397,7 @@ ccid_transceive_secure (ccid_driver_t handle,
       enable_varlen = 1;
       break;
     case VENDOR_CHERRY:
-      pininfo->maxlen = 25;
+      pininfo->maxlen = 15;
       enable_varlen = 1;
       /* The CHERRY XX44 keyboard echos an asterisk for each entered
          character on the keyboard channel.  We use a special variant
@@ -3405,6 +3406,7 @@ ccid_transceive_secure (ccid_driver_t handle,
          Lc byte to the APDU.  It seems that it will be replaced with
          the actual length instead of being appended before the APDU
          is send to the card. */
+      add_zero = 1;
       if (handle->id_product != CHERRY_ST2000)
         cherry_mode = 1;
       break;
@@ -3527,7 +3529,7 @@ ccid_transceive_secure (ccid_driver_t handle,
   msg[msglen++] = apdu_buf[1]; /* INS */
   msg[msglen++] = apdu_buf[2]; /* P1 */
   msg[msglen++] = apdu_buf[3]; /* P2 */
-  if (cherry_mode)
+  if (add_zero)
     msg[msglen++] = 0;
   else if (pininfo->fixedlen != 0)
     {

diff --git a/sm/certreqgen.c b/sm/certreqgen.c
index ab8fbc8..a1e9bf8 100644 (file)
--- a/sm/certreqgen.c
+++ b/sm/certreqgen.c
@@ -587,7 +587,13 @@ proc_parameters (ctrl_t ctrl,
 
 
 /* Parameters are checked, the key pair has been created.  Now
-   generate the request and write it out */
+   generate the request and write it out.
+
+   Note: We use SHA-1 here because Libksba hash a shortcut to use
+   assume that if SIG_VAL uses as algo the string "rsa".  To fix that
+   we would need to replace that string by an appropriate OID.  We
+   leave this change for 2.1.
+ */
 static int
 create_request (ctrl_t ctrl,
                 struct para_data_s *para,
@@ -597,6 +603,7 @@ create_request (ctrl_t ctrl,
 {
   ksba_certreq_t cr;
   gpg_error_t err;
+  int hashalgo = GCRY_MD_SHA1;
   gcry_md_hd_t md;
   ksba_stop_reason_t stopreason;
   int rc = 0;
@@ -611,7 +618,7 @@ create_request (ctrl_t ctrl,
   if (err)
     return err;
 
-  rc = gcry_md_open (&md, GCRY_MD_SHA256, 0);
+  rc = gcry_md_open (&md, hashalgo, 0);
   if (rc)
     {
       log_error ("md_open failed: %s\n", gpg_strerror (rc));
@@ -792,10 +799,10 @@ create_request (ctrl_t ctrl,
 
           if (carddirect)
             rc = gpgsm_scd_pksign (ctrl, carddirect, NULL,
-                                     gcry_md_read(md, GCRY_MD_SHA1),
-                                     gcry_md_get_algo_dlen (GCRY_MD_SHA1),
-                                     GCRY_MD_SHA1,
-                                     &sigval, &siglen);
+                                   gcry_md_read (md, hashalgo),
+                                   gcry_md_get_algo_dlen (hashalgo),
+                                   hashalgo,
+                                   &sigval, &siglen);
           else
             {
               char *orig_codeset;
@@ -808,9 +815,9 @@ create_request (ctrl_t ctrl,
                    " more.\n"));
               i18n_switchback (orig_codeset);
               rc = gpgsm_agent_pksign (ctrl, hexgrip, desc,
-                                       gcry_md_read(md, GCRY_MD_SHA1),
-                                       gcry_md_get_algo_dlen (GCRY_MD_SHA1),
-                                       GCRY_MD_SHA1,
+                                       gcry_md_read(md, hashalgo),
+                                       gcry_md_get_algo_dlen (hashalgo),
+                                       hashalgo,
                                        &sigval, &siglen);
               xfree (desc);
             }