Authors with a FSF copyright assignment
=======================================
-Ales Nyakhaychyk <nyakhaychyk@i1fn.linux.by> Translations [be]
-
-Andrey Jivsov <openpgp@brainhub.org> Assigns past and future changes for ECC.
- (g10/ecdh.c. other changes to support ECC)
-
-Ben Kibbey <bjk@luxsci.net> Assigns past and future changes.
-
-Birger Langkjer <birger.langkjer@image.dk> Translations [da]
-
-Maxim Britov <maxim.britov@gmail.com> Translations [ru]
-
-Daniel Resare <daniel@resare.com> Translations [sv]
-Per Tunedal <per@clipanish.com> Translations [sv]
-Daniel Nylander <po@danielnylander.se> Translations [sv]
-
-Daiki Ueno <ueno@unixuser.org> Assigns Past and Future Changes.
- (changed:passphrase.c and related code)
-
-David Shaw <dshaw@jabberwocky.com> Assigns past and future changes.
- (all in keyserver/,
- a lot of changes in g10/ see the ChangeLog,
- bug fixes here and there)
-
-Dokianakis Theofanis <madf@hellug.gr> Translations [el]
-
-Edmund GRIMLEY EVANS <edmundo@rano.org> Translations [eo]
-
-Florian Weimer <fw@deneb.enyo.de> Assigns past and future changes
- (changed:g10/parse-packet.c, include/iobuf.h, util/iobuf.c)
-
-g10 Code GmbH <info@g10code.com> Assigns past and future changes
- (all work since 2001 as indicated by mail addresses in ChangeLogs)
-
-Gaël Quéri <gael@lautre.net> Translations [fr]
- (fixed a lot of typos)
-
-Gregory Steuck <steuck@iname.com> Translations [ru]
-
-Nagy Ferenc László <nfl@nfllab.com> Translations [hu]
-
-Ivo Timmermans <itimmermans@bigfoot.com> Translations [nl]
-
-Jacobo Tarri'o Barreiro <jtarrio@iname.com> Translations [gl]
-
-Janusz Aleksander Urbanowicz <alex@bofh.torun.pl> Translations [pl]
-Jakub Bogusz <qboosh@pld-linux.org> Translations [pl]
-
-Jedi Lin <Jedi@idej.org> Translations [zh-tw]
-
-Jouni Hiltunen <jouni.hiltunen@kolumbus.fi> Translations [fi]
-Tommi Vainikainen <Tommi.Vainikainen@iki.fi> Translations [fi]
-
-Laurentiu Buzdugan <lbgnupg@rolix.org> Translations [ro]
-
-Magda Procha'zkova' <magda@math.muni.cz> Translations [cs]
-
-Michael Roth <mroth@nessie.de> Assigns changes.
- (wrote cipher/des.c., changes and bug fixes all over the place)
-
-Michal Majer <mmajer@econ.umb.sk> Translations [sk]
-
-Marco d'Itri <md@linux.it> Translations [it]
-
-Marcus Brinkmann <marcus@g10code.de>
- (gpgconf and fixes all over the place)
-
-Matthew Skala <mskala@ansuz.sooke.bc.ca> Disclaimer
- (wrote cipher/twofish.c)
-
-Moritz Schulte <moritz@g10code.com>
- (ssh support gpg-agent)
-
-Niklas Hernaeus <nh@df.lth.se> Disclaimer
- (weak key patches)
-
-Nilgun Belma Buguner <nilgun@technologist.com> Translations [tr]
-
-Nils Ellmenreich <nils 'at' infosun.fmi.uni-passau.de>
- Assigns past and future changes
- (configure.in, cipher/rndlinux.c, FAQ)
-
-Paul Eggert <eggert@twinsun.com>
- (configuration macros for LFS)
-
-Pavel I. Shajdo <pshajdo@gmail.com> Translations [ru]
- (man pages)
-
-Pedro Morais <morais@poli.org> Translations [pt_PT]
-
-Rémi Guyomarch <rguyom@mail.dotcom.fr> Assigns past and future changes.
- (g10/compress.c, g10/encr-data.c,
- g10/free-packet.c, g10/mdfilter.c, g10/plaintext.c, util/iobuf.c)
-
-Stefan Bellon <sbellon@sbellon.de> Assigns past and future changes.
- (All patches to support RISC OS)
-
-Timo Schulz <twoaday@freakmail.de> Assigns past and future changes.
- (util/w32reg.c, g10/passphrase.c, g10/hkp.c)
-
-Tedi Heriyanto <tedi_h@gmx.net> Translations [id]
-
-Thiago Jung Bauermann <jungmann@cwb.matrix.com.br> Translations [pt_BR]
-Rafael Caetano dos Santos <rcaetano@linux.ime.usp.br> Translations [pt_BR]
-
-Toomas Soome <tsoome@ut.ee> Translations [et]
-
-Urko Lusa <ulusa@euskalnet.net> Translations [es_ES]
-
-Walter Koch <koch@u32.de> Translations [de]
-
-Werner Koch <wk@gnupg.org> Assigns GNU Privacy Guard and future changes.
- (started the whole thing, wrote the S/MIME extensions, the
- smartcard daemon and the gpg-agent)
-
-Yosiaki IIDA <iida@ring.gr.jp> Translations [ja]
-
-Yuri Chornoivan, yurchor at ukr dot net: Translations [uk]
-
-Yutaka Niibe Assigns Past and Future Changes
- (scd/)
+The list of authors who signed a FSF copyright assignment is kept in
+the GIT master branch's copy of this file.
Authors with a DCO
==================
-Andre Heinecke <aheinecke@intevation.de>
-2014-09-19:4525694.FcpLvWDUFT@esus:
-
-Andreas Schwier <andreas.schwier@cardcontact.de>
-2014-07-22:53CED1D8.1010306@cardcontact.de:
-
-Christian Aistleitner <christian@quelltextlich.at>
-2013-05-26:20130626112332.GA2228@quelltextlich.at:
-
-Damien Goutte-Gattat <dgouttegattat@incenp.org>
-2015-01-17:54BA49AA.2040708@incenp.org:
-
-Daniel Kahn Gillmor <dkg@fifthhorseman.net>
-2014-09-24:87oau6w9q7.fsf@alice.fifthhorseman.net:
-
-Hans of Guardian <hans@guardianproject.info>
-2013-06-26:D84473D7-F3F7-43D5-A9CE-16580B88D574@guardianproject.info:
-
-Ineiev <ineiev@gnu.org>
-2017-05-09:20170509121611.GH25850@gnu.org:
-
-Jonas Borgström <jonas@borgstrom.se>
-2013-08-29:521F1E7A.5080602@borgstrom.se:
-
-Joshua Rogers <git@internot.info>
-2014-12-22:5497FE75.7010503@internot.info:
-
-Kyle Butt <kylebutt@gmail.com>
-2013-05-29:CAAODAYLbCtqOG6msLLL0UTdASKWT6u2ptxsgUQ1JpusBESBoNQ@mail.gmail.com:
-
-Stefan Tomanek <tomanek@internet-sicherheit.de>
-2014-01-30:20140129234449.GY30808@zirkel.wertarbyte.de:
-
-Tobias Mueller <muelli@cryptobitch.de>
-2016-11-23:1479937342.11180.3.camel@cryptobitch.de:
-
-Werner Koch <wk@gnupg.org>
-2013-03-29:87620ahchj.fsf@vigenere.g10code.de:
-
-William L. Thomson Jr. <wlt@o-sinc.com>
-2017-05-23:assp.0316398ca8.20170523093623.00a17d03@o-sinc.com:
-
-Yann E. MORIN <yann.morin.1998@free.fr>
-2016-07-10:20160710093202.GA3688@free.fr:
-
-Arnaud Fontaine <arnaud.fontaine at ssi.gouv.fr>
-2016-10-17:580484F4.8040806@ssi.gouv.fr:
-
-Phil Pennock <phil.pennock@spodhuis.org>
-Phil Pennock <phil@pennock-tech.com>
-2017-01-19:20170119061225.GA26207@breadbox.private.spodhuis.org:
+The list of authors who signed the Developer's Certificate of Origin
+is kept in the GIT master branch's copy of this file.
Other authors
+Noteworthy changes in version 2.2.2 (2017-11-07)
+------------------------------------------------
+
+ * gpg: Avoid duplicate key imports by concurrently running gpg
+ processes. [#3446]
+
+ * gpg: Fix creating on-disk subkey with on-card primary key. [#3280]
+
+ * gpg: Fix validity retrieval for multiple keyrings. [Debian#878812]
+
+ * gpg: Fix --dry-run and import option show-only for secret keys.
+
+ * gpg: Print "sec" or "sbb" for secret keys with import option
+ import-show. [#3431]
+
+ * gpg: Make import less verbose. [#3397]
+
+ * gpg: Add alias "Key-Grip" for parameter "Keygrip" and new
+ parameter "Subkey-Grip" to unattended key generation. [#3478]
+
+ * gpg: Improve "factory-reset" command for OpenPGP cards. [#3286]
+
+ * gpg: Ease switching Gnuk tokens into ECC mode by using the magic
+ keysize value 25519.
+
+ * gpgsm: Fix --with-colon listing in crt records for fields > 12.
+
+ * gpgsm: Do not expect X.509 keyids to be unique. [#1644]
+
+ * agent: Fix stucked Pinentry when using --max-passphrase-days. [#3190]
+
+ * agent: New option --s2k-count. [#3276 (workaround)]
+
+ * dirmngr: Do not follow https-to-http redirects. [#3436]
+
+ * dirmngr: Reduce default LDAP timeout from 100 to 15 seconds. [#3487]
+
+ * gpgconf: Ignore non-installed components for commands
+ --apply-profile and --apply-defaults. [#3313]
+
+ * Add configure option --enable-werror. [#2423]
+
+
Noteworthy changes in version 2.2.1 (2017-09-19)
------------------------------------------------
certificates are configured. If build with GNUTLS, this was
already the case.
+ See-also: gnupg-announce/2017q3/000415.html
+
Noteworthy changes in version 2.2.0 (2017-08-28)
------------------------------------------------
Note that the 2.0 series of GnuPG will reach end-of-life on
2017-12-31. It is not possible to install a 2.2.x version along
- with any 2.0.x version. However, it is possible to install GnuPG
- 1.4 along with any 2.x version.
+ with any 2.0.x version.
* BUILD INSTRUCTIONS
/* The digest algorithm to use for ssh fingerprints when
* communicating with the user. */
int ssh_fingerprint_digest;
+
+ /* The value of the option --s2k-count. If this option is not given
+ * or 0 an auto-calibrated value is used. */
+ unsigned long s2k_count;
} opt;
/* The current S2K which might be different from the calibrated
count. */
unsigned long s2k_count;
+
+ /* If pinentry is active for this thread. It can be more than 1,
+ when pinentry is called recursively. */
+ int pinentry_active;
};
char **passphrase_addr);
/*-- protect.c --*/
+unsigned long get_calibrated_s2k_count (void);
unsigned long get_standard_s2k_count (void);
unsigned char get_standard_s2k_count_rfc4880 (void);
+unsigned long get_standard_s2k_time (void);
int agent_protect (const unsigned char *plainkey, const char *passphrase,
unsigned char **result, size_t *resultlen,
unsigned long s2k_count, int use_ocb);
} entry_features;
-/* The control variable of the connection owning the current pinentry.
- This is only valid if ENTRY_CTX is not NULL. Note, that we care
- only about the value of the pointer and that it should never be
- dereferenced. */
-static ctrl_t entry_owner;
-
/* A mutex used to serialize access to the pinentry. */
static npth_mutex_t entry_lock;
void
agent_reset_query (ctrl_t ctrl)
{
- if (entry_ctx && popup_tid && entry_owner == ctrl)
+ if (entry_ctx && popup_tid && ctrl->pinentry_active)
{
agent_popup_message_stop (ctrl);
}
stalled pinentry does not block other threads. Fixme: We should
have a timeout in Assuan for the disconnect operation. */
static gpg_error_t
-unlock_pinentry (gpg_error_t rc)
+unlock_pinentry (ctrl_t ctrl, gpg_error_t rc)
{
assuan_context_t ctx = entry_ctx;
int err;
}
}
- entry_ctx = NULL;
- err = npth_mutex_unlock (&entry_lock);
- if (err)
+ if (--ctrl->pinentry_active == 0)
{
- log_error ("failed to release the entry lock: %s\n", strerror (err));
- if (!rc)
- rc = gpg_error_from_errno (err);
+ entry_ctx = NULL;
+ err = npth_mutex_unlock (&entry_lock);
+ if (err)
+ {
+ log_error ("failed to release the entry lock: %s\n", strerror (err));
+ if (!rc)
+ rc = gpg_error_from_errno (err);
+ }
+ assuan_release (ctx);
}
- assuan_release (ctx);
return rc;
}
char *flavor_version;
int err;
+ if (ctrl->pinentry_active)
+ {
+ /* It's trying to use pinentry recursively. In this situation,
+ the thread holds ENTRY_LOCK already. */
+ ctrl->pinentry_active++;
+ return 0;
+ }
+
npth_clock_gettime (&abstime);
abstime.tv_sec += LOCK_TIMEOUT;
err = npth_mutex_timedlock (&entry_lock, &abstime);
return rc;
}
- entry_owner = ctrl;
-
if (entry_ctx)
return 0;
the Wine implementation does not flush stdin,stdout and stderr
- see above. Let's try to ignore the error. */
#ifndef HAVE_W32_SYSTEM
- return unlock_pinentry (tmperr);
+ return unlock_pinentry (ctrl, tmperr);
#endif
}
log_error ("can't allocate assuan context: %s\n", gpg_strerror (rc));
return rc;
}
+
+ ctrl->pinentry_active = 1;
+ entry_ctx = ctx;
+
/* We don't want to log the pinentry communication to make the logs
easier to read. We might want to add a new debug option to enable
pinentry logging. */
that atfork is used to change the environment for pinentry. We
start the server in detached mode to suppress the console window
under Windows. */
- rc = assuan_pipe_connect (ctx, full_pgmname, argv,
+ rc = assuan_pipe_connect (entry_ctx, full_pgmname, argv,
no_close_list, atfork_cb, ctrl,
ASSUAN_PIPE_CONNECT_DETACHED);
if (rc)
{
log_error ("can't connect to the PIN entry module '%s': %s\n",
full_pgmname, gpg_strerror (rc));
- assuan_release (ctx);
- return unlock_pinentry (gpg_error (GPG_ERR_NO_PIN_ENTRY));
+ return unlock_pinentry (ctrl, gpg_error (GPG_ERR_NO_PIN_ENTRY));
}
- entry_ctx = ctx;
if (DBG_IPC)
log_debug ("connection to PIN entry established\n");
{
char *optstr;
if (asprintf (&optstr, "OPTION pinentry-user-data=%s", value) < 0 )
- return unlock_pinentry (out_of_core ());
+ return unlock_pinentry (ctrl, out_of_core ());
rc = assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
NULL);
xfree (optstr);
if (rc && gpg_err_code (rc) != GPG_ERR_UNKNOWN_OPTION)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
}
rc = assuan_transact (entry_ctx,
opt.no_grab? "OPTION no-grab":"OPTION grab",
NULL, NULL, NULL, NULL, NULL, NULL);
if (rc)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
value = session_env_getenv (ctrl->session_env, "GPG_TTY");
if (value)
{
char *optstr;
if (asprintf (&optstr, "OPTION ttyname=%s", value) < 0 )
- return unlock_pinentry (out_of_core ());
+ return unlock_pinentry (ctrl, out_of_core ());
rc = assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
NULL);
xfree (optstr);
if (rc)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
}
value = session_env_getenv (ctrl->session_env, "TERM");
if (value)
{
char *optstr;
if (asprintf (&optstr, "OPTION ttytype=%s", value) < 0 )
- return unlock_pinentry (out_of_core ());
+ return unlock_pinentry (ctrl, out_of_core ());
rc = assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
NULL);
xfree (optstr);
if (rc)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
}
if (ctrl->lc_ctype)
{
char *optstr;
if (asprintf (&optstr, "OPTION lc-ctype=%s", ctrl->lc_ctype) < 0 )
- return unlock_pinentry (out_of_core ());
+ return unlock_pinentry (ctrl, out_of_core ());
rc = assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
NULL);
xfree (optstr);
if (rc)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
}
if (ctrl->lc_messages)
{
char *optstr;
if (asprintf (&optstr, "OPTION lc-messages=%s", ctrl->lc_messages) < 0 )
- return unlock_pinentry (out_of_core ());
+ return unlock_pinentry (ctrl, out_of_core ());
rc = assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
NULL);
xfree (optstr);
if (rc)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
}
rc = assuan_transact (entry_ctx, "OPTION allow-external-password-cache",
NULL, NULL, NULL, NULL, NULL, NULL);
if (rc && gpg_err_code (rc) != GPG_ERR_UNKNOWN_OPTION)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
}
if (opt.allow_emacs_pinentry)
rc = assuan_transact (entry_ctx, "OPTION allow-emacs-prompt",
NULL, NULL, NULL, NULL, NULL, NULL);
if (rc && gpg_err_code (rc) != GPG_ERR_UNKNOWN_OPTION)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
}
if (*s == '|' && (s2=strchr (s+1,'|')))
s = s2+1;
if (asprintf (&optstr, "OPTION default-%s=%s", tbl[idx].key, s) < 0 )
- return unlock_pinentry (out_of_core ());
+ return unlock_pinentry (ctrl, out_of_core ());
assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
NULL);
xfree (optstr);
rc = agent_inq_pinentry_launched (ctrl, pinentry_pid, flavor_version);
if (gpg_err_code (rc) == GPG_ERR_CANCELED
|| gpg_err_code (rc) == GPG_ERR_FULLY_CANCELED)
- return unlock_pinentry (gpg_err_make (GPG_ERR_SOURCE_DEFAULT,
- gpg_err_code (rc)));
+ return unlock_pinentry (ctrl, gpg_err_make (GPG_ERR_SOURCE_DEFAULT,
+ gpg_err_code (rc)));
rc = 0;
}
rc = assuan_transact (entry_ctx, line,
NULL, NULL, NULL, NULL, NULL, NULL);
if (rc && gpg_err_code (rc) != GPG_ERR_ASS_UNKNOWN_CMD)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
build_cmd_setdesc (line, DIM(line), desc_text);
rc = assuan_transact (entry_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
if (rc)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
snprintf (line, DIM(line), "SETPROMPT %s",
prompt_text? prompt_text : is_pin? L_("PIN:") : L_("Passphrase:"));
rc = assuan_transact (entry_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
if (rc)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
/* If a passphrase quality indicator has been requested and a
minimum passphrase length has not been disabled, send the command
{
rc = setup_qualitybar (ctrl);
if (rc)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
}
if (initial_errtext)
rc = assuan_transact (entry_ctx, line,
NULL, NULL, NULL, NULL, NULL, NULL);
if (rc)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
}
if (pininfo->with_repeat)
rc = assuan_transact (entry_ctx, line,
NULL, NULL, NULL, NULL, NULL, NULL);
if (rc)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
errtext = NULL;
}
rc = assuan_transact (entry_ctx, line,
NULL, NULL, NULL, NULL, NULL, NULL);
if (rc)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
}
saveflag = assuan_get_flag (entry_ctx, ASSUAN_CONFIDENTIAL);
errtext = is_pin? L_("PIN too long")
: L_("Passphrase too long");
else if (rc)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
if (!errtext && pininfo->min_digits)
{
|| gpg_err_code (rc) == GPG_ERR_BAD_PIN)
errtext = (is_pin? L_("Bad PIN") : L_("Bad Passphrase"));
else if (rc)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
}
if (!errtext)
if (pininfo->with_repeat
&& (pinentry_status & PINENTRY_STATUS_PIN_REPEATED))
pininfo->repeat_okay = 1;
- return unlock_pinentry (0); /* okay, got a PIN or passphrase */
+ return unlock_pinentry (ctrl, 0); /* okay, got a PIN or passphrase */
}
if ((pinentry_status & PINENTRY_STATUS_PASSWORD_FROM_CACHE))
pininfo->failed_tries --;
}
- return unlock_pinentry (gpg_error (pininfo->min_digits? GPG_ERR_BAD_PIN
+ return unlock_pinentry (ctrl, gpg_error (pininfo->min_digits? GPG_ERR_BAD_PIN
: GPG_ERR_BAD_PASSPHRASE));
}
rc = assuan_transact (entry_ctx, line,
NULL, NULL, NULL, NULL, NULL, NULL);
if (rc && gpg_err_code (rc) != GPG_ERR_ASS_UNKNOWN_CMD)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
if (desc)
snprintf (line, DIM(line), "RESET");
rc = assuan_transact (entry_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
if (rc)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
snprintf (line, DIM(line), "SETPROMPT %s", prompt);
rc = assuan_transact (entry_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
if (rc)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
if (with_qualitybar && opt.min_passphrase_len)
{
rc = setup_qualitybar (ctrl);
if (rc)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
}
if (errtext)
snprintf (line, DIM(line), "SETERROR %s", errtext);
rc = assuan_transact (entry_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
if (rc)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
}
memset (&parm, 0, sizeof parm);
parm.size = ASSUAN_LINELENGTH/2 - 5;
parm.buffer = gcry_malloc_secure (parm.size+10);
if (!parm.buffer)
- return unlock_pinentry (out_of_core ());
+ return unlock_pinentry (ctrl, out_of_core ());
saveflag = assuan_get_flag (entry_ctx, ASSUAN_CONFIDENTIAL);
assuan_begin_confidential (entry_ctx);
xfree (parm.buffer);
else
*retpass = parm.buffer;
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
}
rc = gpg_err_make (gpg_err_source (rc), GPG_ERR_CANCELED);
if (rc)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
if (ok)
{
rc = assuan_transact (entry_ctx,
line, NULL, NULL, NULL, NULL, NULL, NULL);
if (rc)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
}
if (notok)
{
NULL, NULL, NULL, NULL, NULL, NULL);
}
if (rc)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
}
rc = assuan_transact (entry_ctx, "CONFIRM",
if (rc && gpg_err_source (rc) && gpg_err_code (rc) == GPG_ERR_ASS_CANCELED)
rc = gpg_err_make (gpg_err_source (rc), GPG_ERR_CANCELED);
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
}
rc = gpg_err_make (gpg_err_source (rc), GPG_ERR_CANCELED);
if (rc)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
if (ok_btn)
{
rc = assuan_transact (entry_ctx, line, NULL, NULL, NULL,
NULL, NULL, NULL);
if (rc)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
}
rc = assuan_transact (entry_ctx, "CONFIRM --one-button", NULL, NULL, NULL,
if (rc && gpg_err_source (rc) && gpg_err_code (rc) == GPG_ERR_ASS_CANCELED)
rc = gpg_err_make (gpg_err_source (rc), GPG_ERR_CANCELED);
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
}
snprintf (line, DIM(line), "RESET");
rc = assuan_transact (entry_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
if (rc)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
if (ok_btn)
{
snprintf (line, DIM(line), "SETOK %s", ok_btn);
rc = assuan_transact (entry_ctx, line, NULL,NULL,NULL,NULL,NULL,NULL);
if (rc)
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
}
err = npth_attr_init (&tattr);
if (err)
- return unlock_pinentry (gpg_error_from_errno (err));
+ return unlock_pinentry (ctrl, gpg_error_from_errno (err));
npth_attr_setdetachstate (&tattr, NPTH_CREATE_JOINABLE);
popup_finished = 0;
rc = gpg_error_from_errno (err);
log_error ("error spawning popup message handler: %s\n",
strerror (err) );
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
}
npth_setname_np (popup_tid, "popup-message");
/* Thread IDs are opaque, but we try our best here by resetting it
to the same content that a static global variable has. */
memset (&popup_tid, '\0', sizeof (popup_tid));
- entry_owner = NULL;
/* Now we can close the connection. */
- unlock_pinentry (0);
+ unlock_pinentry (ctrl, 0);
}
int
rc = assuan_transact (entry_ctx, line,
NULL, NULL, NULL, NULL, NULL, NULL);
- return unlock_pinentry (rc);
+ return unlock_pinentry (ctrl, rc);
}
static gpg_error_t
cmd_scd (assuan_context_t ctx, char *line)
{
- ctrl_t ctrl = assuan_get_pointer (ctx);
int rc;
-
+#ifdef BUILD_WITH_SCDAEMON
+ ctrl_t ctrl = assuan_get_pointer (ctx);
if (ctrl->restricted)
return leave_cmd (ctx, gpg_error (GPG_ERR_FORBIDDEN));
rc = divert_generic_cmd (ctrl, line, ctx);
-
+#else
+ (void)ctx; (void)line;
+ rc = gpg_error (GPG_ERR_NOT_SUPPORTED);
+#endif
return rc;
}
"Multipurpose function to return a variety of information.\n"
"Supported values for WHAT are:\n"
"\n"
- " version - Return the version of the program.\n"
- " pid - Return the process id of the server.\n"
- " socket_name - Return the name of the socket.\n"
+ " version - Return the version of the program.\n"
+ " pid - Return the process id of the server.\n"
+ " socket_name - Return the name of the socket.\n"
" ssh_socket_name - Return the name of the ssh socket.\n"
- " scd_running - Return OK if the SCdaemon is already running.\n"
- " s2k_count - Return the calibrated S2K count.\n"
+ " scd_running - Return OK if the SCdaemon is already running.\n"
+ " s2k_time - Return the time in milliseconds required for S2K.\n"
+ " s2k_count - Return the standard S2K count.\n"
+ " s2k_count_cal - Return the calibrated S2K count.\n"
" std_env_names - List the names of the standard environment.\n"
" std_session_env - List the standard session environment.\n"
" std_startup_env - List the standard startup environment.\n"
- " cmd_has_option\n"
- " - Returns OK if the command CMD implements the option OPT.\n"
- " connections - Return number of active connections.\n"
- " jent_active - Returns OK if Libgcrypt's JENT is active.\n"
- " restricted - Returns OK if the connection is in restricted mode.\n";
+ " connections - Return number of active connections.\n"
+ " jent_active - Returns OK if Libgcrypt's JENT is active.\n"
+ " restricted - Returns OK if the connection is in restricted mode.\n"
+ " cmd_has_option CMD OPT\n"
+ " - Returns OK if command CMD has option OPT.\n";
static gpg_error_t
cmd_getinfo (assuan_context_t ctx, char *line)
{
rc = gpg_error (GPG_ERR_FALSE);
#endif
}
+ else if (!strcmp (line, "s2k_count_cal"))
+ {
+ char numbuf[50];
+
+ snprintf (numbuf, sizeof numbuf, "%lu", get_calibrated_s2k_count ());
+ rc = assuan_send_data (ctx, numbuf, strlen (numbuf));
+ }
+ else if (!strcmp (line, "s2k_time"))
+ {
+ char numbuf[50];
+
+ snprintf (numbuf, sizeof numbuf, "%lu", get_standard_s2k_time ());
+ rc = assuan_send_data (ctx, numbuf, strlen (numbuf));
+ }
else
rc = set_error (GPG_ERR_ASS_PARAMETER, "unknown value for WHAT");
return rc;
oPuttySupport,
oDisableScdaemon,
oDisableCheckOwnSocket,
+ oS2KCount,
+
oWriteEnvFile
};
),
ARGPARSE_s_n (oEnableExtendedKeyFormat, "enable-extended-key-format", "@"),
+ ARGPARSE_s_u (oS2KCount, "s2k-count", "@"),
+
/* Dummy options for backward compatibility. */
ARGPARSE_o_s (oWriteEnvFile, "write-env-file", "@"),
ARGPARSE_s_n (oUseStandardSocket, "use-standard-socket", "@"),
disable_check_own_socket = 0;
/* Note: When changing the next line, change also gpgconf_list. */
opt.ssh_fingerprint_digest = GCRY_MD_MD5;
+ opt.s2k_count = 0;
return 1;
}
opt.ssh_fingerprint_digest = i;
break;
+ case oS2KCount:
+ opt.s2k_count = pargs->r.ret_ulong;
+ break;
+
default:
return 0; /* not handled */
}
}
/* Pass on all the collected status information. */
- if (assuan_context)
+ for (sitem = sparm.info; sitem; sitem = sitem->next)
{
- for (sitem = sparm.info; sitem; sitem = sitem->next)
- {
- if (!strcmp (sitem->keyword, "SERIALNO"))
- serialno = sitem->data;
- assuan_write_status (assuan_context, sitem->keyword, sitem->data);
- }
+ if (!strcmp (sitem->keyword, "SERIALNO"))
+ serialno = sitem->data;
+ if (assuan_context)
+ assuan_write_status (assuan_context, sitem->keyword, sitem->data);
}
if (!serialno)
}
-
-/* Return the standard S2K count. */
+/* Return the calibrated S2K count. This is only public for the use
+ * of the Assuan getinfo s2k_count_cal command. */
unsigned long
-get_standard_s2k_count (void)
+get_calibrated_s2k_count (void)
{
static unsigned long count;
}
+/* Return the standard S2K count. */
+unsigned long
+get_standard_s2k_count (void)
+{
+ if (opt.s2k_count)
+ return opt.s2k_count < 65536 ? 65536 : opt.s2k_count;
+
+ return get_calibrated_s2k_count ();
+}
+
+
+/* Return the milliseconds required for the standard S2K
+ * operation. */
+unsigned long
+get_standard_s2k_time (void)
+{
+ return calibrate_s2k_count_one (get_standard_s2k_count ());
+}
+
+
/* Same as get_standard_s2k_count but return the count in the encoding
as described by rfc4880. */
unsigned char
git="$(call GETVAR,speedo_pkg_$(1)_git)"; \
gitref="$(call GETVAR,speedo_pkg_$(1)_gitref)"; \
tar="$(call GETVAR,speedo_pkg_$(1)_tar)"; \
+ ver="$(call GETVAR,$(1)_ver)"; \
sha2="$(call GETVAR,$(1)_sha2)"; \
sha1="$(call GETVAR,$(1)_sha1)"; \
pkgsdir="$(sdir)/$(1)"; \
git="$(call GETVAR,speedo_pkg_$(1)_git)"; \
gitref="$(call GETVAR,speedo_pkg_$(1)_gitref)"; \
tar="$(call GETVAR,speedo_pkg_$(1)_tar)"; \
+ ver="$(call GETVAR,$(1)_ver)"; \
sha2="$(call GETVAR,$(1)_sha2)"; \
sha1="$(call GETVAR,$(1)_sha1)"; \
pkgsdir="$(sdir)/$(1)"; \
touch $(stampdir)/stamp-w64-$(1)-03-install
$(stampdir)/stamp-final-$(1): $(stampdir)/stamp-$(1)-03-install
+ @($(call SETVARS,$(1)); \
+ printf "%-14s %-12s %s\n" $(1) "$$$${ver}" "$$$${sha1}" \
+ >> $(bdir)/pkg-versions.txt)
@echo "speedo: $(1) done"
@touch $(stampdir)/stamp-final-$(1)
# Insert the template for each source package.
$(foreach spkg, $(speedo_spkgs), $(eval $(call SPKG_template,$(spkg))))
-$(stampdir)/stamp-final: $(stampdir)/stamp-directories
+$(stampdir)/stamp-final: $(stampdir)/stamp-directories clean-pkg-versions
ifeq ($(TARGETOS),w32)
$(stampdir)/stamp-final: $(addprefix $(stampdir)/stamp-w64-final-,$(speedo_w64_build_list))
endif
$(stampdir)/stamp-final: $(addprefix $(stampdir)/stamp-final-,$(speedo_build_list))
touch $(stampdir)/stamp-final
+clean-pkg-versions:
+ @: >$(bdir)/pkg-versions.txt
+
all-speedo: $(stampdir)/stamp-final
report-speedo: $(addprefix report-,$(speedo_build_list))
awk '/^Notewo/ {if(okay>1){exit}; okay++};okay {print $0}' \
<$(topsrc)/NEWS >$(bdir)/NEWS.tmp
+# Sort the file with the package versions.
+$(bdir)/pkg-versions.sorted: $(bdir)/pkg-versions.txt
+ grep -v '^gnupg ' <$(bdir)/pkg-versions.txt \
+ | sort | uniq >$(bdir)/pkg-versions.sorted
+
$(bdir)/README.txt: $(bdir)/NEWS.tmp $(topsrc)/README $(w32src)/README.txt \
- $(w32src)/pkg-copyright.txt
+ $(w32src)/pkg-copyright.txt $(bdir)/pkg-versions.sorted
sed -e '/^;.*/d;' \
-e '/!NEWSFILE!/{r $(bdir)/NEWS.tmp' -e 'd;}' \
-e '/!GNUPGREADME!/{r $(topsrc)/README' -e 'd;}' \
-e '/!PKG-COPYRIGHT!/{r $(w32src)/pkg-copyright.txt' -e 'd;}' \
+ -e '/!PKG-VERSIONS!/{r $(bdir)/pkg-versions.sorted' -e 'd;}' \
-e 's,!VERSION!,$(INST_VERSION),g' \
< $(w32src)/README.txt \
| sed -e '/^#/d' \
# Mark phony targets
#
.PHONY: all all-speedo report-speedo clean-stamps clean-speedo installer \
- w32_insthelpers check-tools
+ w32_insthelpers check-tools clean-pkg-versions
;; replaced by the Makefile; those words are enclosed by exclamation
;; marks.
- GNUPG for Windows
- ===================
+
+ GNU Privacy Guard for Windows
+ ===============================
This is GnuPG for Windows, version !VERSION!.
1. Important notes
2. Changes
3. GnuPG README file
- 4. Legal notices
+ 4. Package versions
+ 5. Legal notices
1. Important Notes
!NEWSFILE!
-3. GnuPG README file
+3. GnuPG README File
====================
Below is the README file as distributed with the GnuPG source.
!GNUPGREADME!
-4. Legal notices pertaining to the individual packets
-=====================================================
+4. Software Versions of the Included Packages
+=============================================
+
+GnuPG for Windows depends on several independet developed packages
+which are part of the installation. These packages along with their
+version numbers and the SHA-1 checksums of their compressed tarballs
+are listed here:
+
+!PKG-VERSIONS!
+
+
+5. Legal Notices Pertaining to the Individual Packages
+======================================================
GnuPG for Windows consist of several independent developed packages,
available under different license conditions. Most of these packages
Here is a list with collected copyright notices. For details see the
-description of each individual package. [Compiled by wk 2016-06-17]
+description of each individual package. [Compiled by wk 2017-11-07]
-GnuPG is
- Copyright (C) 1997-2016 Werner Koch
- Copyright (C) 1994-2016 Free Software Foundation, Inc.
- Copyright (C) 2003-2016 g10 Code GmbH
+GNUPG is
+
+ Copyright (C) 1997-2017 Werner Koch
+ Copyright (C) 1994-2017 Free Software Foundation, Inc.
+ Copyright (C) 2003-2017 g10 Code GmbH
Copyright (C) 2002 Klarälvdalens Datakonsult AB
Copyright (C) 1995-1997, 2000-2007 Ulrich Drepper <drepper@gnu.ai.mit.edu>
Copyright (C) 1994 X Consortium
License for more details.
You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
- 02110-1301, USA
+ along with this program; if not, see <https://www.gnu.org/licenses/>.
-GPGME is
+LIBGCRYPT is
+
+ Copyright (C) 1989,1991-2017 Free Software Foundation, Inc.
+ Copyright (C) 1994 X Consortium
+ Copyright (C) 1996 L. Peter Deutsch
+ Copyright (C) 1997 Werner Koch
+ Copyright (C) 1998 The Internet Society
+ Copyright (C) 1996-1999 Peter Gutmann, Paul Kendall, and Chris Wedgwood
+ Copyright (C) 1996-2006 Peter Gutmann, Matt Thomlinson and Blake Coverett
+ Copyright (C) 2003 Nikos Mavroyanopoulos
+ Copyright (C) 2006-2007 NTT (Nippon Telegraph and Telephone Corporation)
+ Copyright (C) 2012-2017 g10 Code GmbH
+ Copyright (C) 2012 Simon Josefsson, Niels Möller
+ Copyright (c) 2012 Intel Corporation
+ Copyright (C) 2013 Christian Grothoff
+ Copyright (C) 2013-2017 Jussi Kivilinna
+ Copyright (C) 2013-2014 Dmitry Eremin-Solenikov
+ Copyright (C) 2014 Stephan Mueller
+ Copyright (C) 2017 Bundesamt für Sicherheit in der Informationstechnik
+
+ Libgcrypt is free software; you can redistribute it and/or modify
+ it under the terms of the GNU Lesser General Public License as
+ published by the Free Software Foundation; either version 2.1 of
+ the License, or (at your option) any later version.
+
+ Libgcrypt is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with this program; if not, see <http://www.gnu.org/licenses/>.
+
+
+LIBGPG-ERROR is
+
+ Copyright (C) 2003-2004, 2010, 2013-2017 g10 Code GmbH
+
+ libgpg-error is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public License
+ as published by the Free Software Foundation; either version 2.1 of
+ the License, or (at your option) any later version.
+
+ libgpg-error is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with this program; if not, see <http://www.gnu.org/licenses/>.
+
+
+LIBASSUAN is
+
+ Copyright (C) 1992-2013 Free Software Foundation, Inc.
+ Copyright (C) 1994 X Consortium
Copyright (C) 2000 Werner Koch (dd9jn)
- Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006 g10 Code GmbH
+ Copyright (C) 2001-2016 g10 Code GmbH
+ Copyright (C) 2004 Simon Josefsson
- GPGME is free software; you can redistribute it and/or modify it
+ Assuan is free software; you can redistribute it and/or modify it
under the terms of the GNU Lesser General Public License as
published by the Free Software Foundation; either version 2.1 of
the License, or (at your option) any later version.
- GPGME is distributed in the hope that it will be useful, but
+ Assuan is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
- You should have received a copy of the GNU Lesser General Public License
+ You should have received a copy of the GNU Lesser General Public
+ License along with this program; if not, see <http://www.gnu.org/licenses/>.
+
+
+LIBKSBA is
+
+ Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006, 2010, 2011
+ 2012, 2013, 2014, 2015 g10 Code GmbH
+ Copyright (C) 2001, 2002, 2003, 2007 Free Software Foundation, Inc.
+ Copyright (C) 2000, 2001 Fabio Fiorina
+
+ The library and the header files are distributed under the following
+ terms (LGPLv3+/GPLv2+):
+
+ KSBA is free software; you can redistribute it and/or modify
+ it under the terms of either
+
+ - the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at
+ your option) any later version.
+
+ or
+
+ - the GNU General Public License as published by the Free
+ Software Foundation; either version 2 of the License, or (at
+ your option) any later version.
+
+ or both in parallel, as here.
+
+ KSBA is distributed in the hope that it will be useful, but WITHOUT
+ ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
+ License for more details.
+
+ The other parts (e.g. manual, build system, tests) are distributed
+ under the following terms (GPLv3):
+
+ KSBA is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ KSBA is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+
+NPTH is
+
+ Copyright (C) 2011, 2012, 2014, 2015, 2017 g10 Code GmbH
+
+ nPth is free software; you can redistribute it and/or modify
+ it under the terms of the GNU Lesser General Public License as
+ published by the Free Software Foundation; either version 2.1 of
+ the License, or (at your option) any later version.
+
+ nPth is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
+ the GNU Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+
+NTBTLS is
+
+ Copyright (C) 2006-2014 Brainspark B.V.
+ Copyright (C) 2014-2017 g10 Code GmbH
+
+ NTBTLS is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ NTBTLS is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
along with this program; if not, see <http://www.gnu.org/licenses/>.
-LIBGPG-ERROR is
- Copyright (C) 2003, 2004 g10 Code GmbH
+PINENTRY is
- libgpg-error is free software; you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public License
- as published by the Free Software Foundation; either version 2.1 of
+ Copyright (C) 1999 Robert Bihlmeyer <robbe@orcus.priv.at>
+ Copyright (C) 2001-2004, 2007-2008, 2010, 2015-2016 g10 Code GmbH
+ Copyright (C) 2002, 2008 Klarälvdalens Datakonsult AB (KDAB)
+ Copyright (C) 2004 by Albrecht Dreß <albrecht.dress@arcor.de>
+ Copyright 2007 Ingo Klöcker
+ Copyright (C) 2014 Serge Voilokov
+ Copyright (C) 2015 Daiki Ueno
+ Copyright (C) 2015 Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+ Copyright 2016 Intevation GmbH
+
+ PINENTRY is free software; you can redistribute it and/or modify it
+ under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ PINENTRY is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, see <https://www.gnu.org/licenses/>.
+
+
+GPGME is
+
+ Copyright (C) 1991-2013 Free Software Foundation, Inc.
+ Copyright (C) 2000-2001 Werner Koch
+ Copyright (C) 2001-2017 g10 Code GmbH
+ Copyright (C) 2002 Klarälvdalens Datakonsult AB
+ Copyright (C) 2004-2008 Igor Belyi
+ Copyright (C) 2002 John Goerzen
+ Copyright (C) 2014, 2015 Martin Albrecht
+ Copyright (C) 2015 Ben McGinnes
+ Copyright (C) 2015-2016 Bundesamt für Sicherheit in der Informationstechnik
+ Copyright (C) 2016 Intevation GmbH
+
+ GPGME is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as
+ published by the Free Software Foundation; either version 2.1 of
the License, or (at your option) any later version.
- libgpg-error is distributed in the hope that it will be useful, but
+ GPGME is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
NSIS is
- Copyright (C) 1999-2005 Nullsoft, Inc.
+ Copyright 1999-2009 Nullsoft and Contributors
+ Copyright 2002-2008 Amir Szekely
+ Copyright 2003 Ramon
This license applies to everything in the NSIS package, except where
otherwise noted.
The user interface used with the installer is
- Copyright (C) 2002-2005 Joost Verburg
+ Copyright 2002-2009 Joost Verburg
[It is distributed along with NSIS and the same conditions as stated
above apply]
-ADNS is
-
- Copyright (C) 1997-2000,2003,2006 Ian Jackson
- Copyright (C) 1999-2000,2003,2006 Tony Finch
- Copyright (C) 1991 Massachusetts Institute of Technology
-
-
TinySCHEME is part of the GnuPG package and is
Copyright (c) 2000, Dimitrios Souflis
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-libdns is part of the GnuPG package and is
+LIBDNS is part of the GnuPG package and is
Copyright (c) 2008, 2009, 2010, 2012-2016 William Ahern
USE OR OTHER DEALINGS IN THE SOFTWARE.
-SQLite has
+ZLIB is
+
+ (C) 1995-2013 Jean-loup Gailly and Mark Adler
+
+ This software is provided 'as-is', without any express or implied
+ warranty. In no event will the authors be held liable for any damages
+ arising from the use of this software.
+
+ Permission is granted to anyone to use this software for any purpose,
+ including commercial applications, and to alter it and redistribute it
+ freely, subject to the following restrictions:
+
+ 1. The origin of this software must not be misrepresented; you must not
+ claim that you wrote the original software. If you use this software
+ in a product, an acknowledgment in the product documentation would be
+ appreciated but is not required.
+ 2. Altered source versions must be plainly marked as such, and must not be
+ misrepresented as being the original software.
+ 3. This notice may not be removed or altered from any source distribution.
+
+ Jean-loup Gailly Mark Adler
+ jloup@gzip.org madler@alumni.caltech.edu
+
+
+BZIP2 is
+
+ This program, "bzip2", the associated library "libbzip2", and all
+ documentation, are copyright (C) 1996-2010 Julian R Seward. All
+ rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+
+ 2. The origin of this software must not be misrepresented; you must
+ not claim that you wrote the original software. If you use this
+ software in a product, an acknowledgment in the product
+ documentation would be appreciated but is not required.
+
+ 3. Altered source versions must be plainly marked as such, and must
+ not be misrepresented as being the original software.
+
+ 4. The name of the author may not be used to endorse or promote
+ products derived from this software without specific prior written
+ permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS
+ OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+SQLITE has
been put into the public-domain by its author D. Richard Hipp:
The author disclaims copyright to this source code. In place of
for (s++, i=9; i < 15; i++, s++)
if (!digitp (s))
return 0;
+ if (*s == 'Z')
+ s++;
if ( !(!*s || (isascii (*s) && isspace(*s)) || *s == ':' || *s == ','))
return 0; /* Wrong delimiter. */
}
-/* Scan an ISO timestamp and return an Epoch based timestamp. The only
- supported format is "yyyymmddThhmmss" delimited by white space, nul, a
- colon or a comma. Returns (time_t)(-1) for an invalid string. */
+/* Scan an ISO timestamp and return an Epoch based timestamp. The
+ only supported format is "yyyymmddThhmmss[Z]" delimited by white
+ space, nul, a colon or a comma. Returns (time_t)(-1) for an
+ invalid string. */
time_t
isotime2epoch (const char *string)
{
m4_define([mym4_package],[gnupg])
m4_define([mym4_major], [2])
m4_define([mym4_minor], [2])
-m4_define([mym4_micro], [1])
+m4_define([mym4_micro], [2])
# To start a new development series, i.e a new major or minor number
# you need to mark an arbitrary commit before the first beta release
AC_GNU_SOURCE
-# Before we do anything with the C compiler, we first save the user's
-# CFLAGS (they are restored at the end of the configure script). This
-# is because some configure checks don't work with -Werror, but we'd
-# like to use -Werror with our build.
-CFLAGS_orig=$CFLAGS
-CFLAGS=
# Some status variables.
have_gpg_error=no
fi])
#
+# Add -Werror to CFLAGS. This hack can be used to avoid problems with
+# misbehaving autoconf tests in case the user supplied -Werror.
+#
+AC_ARG_ENABLE(werror,
+ AC_HELP_STRING([--enable-werror],
+ [append -Werror to CFLAGS]),
+ [if test $enableval = yes ; then
+ CFLAGS="$CFLAGS -Werror"
+ fi])
+
+#
# Configure option --enable-all-tests
#
AC_MSG_CHECKING([whether "make check" shall run all tests])
fi
#
-# Add user CFLAGS.
-#
-CFLAGS="$CFLAGS $CFLAGS_orig"
-
-#
# Decide what to build
#
AC_DEFINE(BUILD_WITH_SCDAEMON,1,[Defined if SCDAEMON is to be build])
fi
if test "$build_dirmngr" = yes ; then
- AC_DEFINE(BUILD_WITH_DIRMNGR,1,[Defined if SCDAEMON is to be build])
+ AC_DEFINE(BUILD_WITH_DIRMNGR,1,[Defined if DIRMNGR is to be build])
fi
if test "$build_g13" = yes ; then
AC_DEFINE(BUILD_WITH_G13,1,[Defined if G13 is to be build])
};
#define DEFAULT_MAX_REPLIES 10
-#define DEFAULT_LDAP_TIMEOUT 100 /* arbitrary large timeout */
+#define DEFAULT_LDAP_TIMEOUT 15 /* seconds */
#define DEFAULT_CONNECT_TIMEOUT (15*1000) /* 15 seconds */
#define DEFAULT_CONNECT_QUICK_TIMEOUT ( 2*1000) /* 2 seconds */
typedef struct timeval my_ldap_timeval_t;
#endif
-#define DEFAULT_LDAP_TIMEOUT 100 /* Arbitrary long timeout. */
+#define DEFAULT_LDAP_TIMEOUT 15 /* Arbitrary long timeout. */
/* Constants for the options. */
estream_t fp = NULL;
char *request_buffer = NULL;
parsed_uri_t uri = NULL;
- int is_onion;
+ int is_onion, is_https;
err = http_parse_uri (&uri, url, 0);
if (err)
goto leave;
is_onion = uri->onion;
+ is_https = uri->use_tls;
once_more:
/* Note that we only use the system provided certificates with the
url, s?s:"[none]", http_get_status_code (http));
if (s && *s && redirects_left-- )
{
- if (is_onion)
+ if (is_onion || is_https)
{
/* Make sure that an onion address only redirects to
- * another onion address. */
+ * another onion address, or that a https address
+ * only redirects to a https address. */
http_release_parsed_uri (uri);
uri = NULL;
err = http_parse_uri (&uri, s, 0);
if (err)
goto leave;
- if (! uri->onion)
+ if ((is_onion && ! uri->onion) || (is_https && ! uri->use_tls))
{
err = gpg_error (GPG_ERR_FORBIDDEN);
goto leave;
@item --ldaptimeout @var{secs}
@opindex ldaptimeout
Specify the number of seconds to wait for an LDAP query before timing
-out. The default is currently 100 seconds. 0 will never timeout.
+out. The default are 15 seconds. 0 will never timeout.
@item --add-servers
@node Agent Options
@section Option Summary
+Options may either be used on the command line or, after stripping off
+the two leading dashes, in the configuration file.
+
@table @gnupgtabopt
@anchor{option --options}
@opindex options
Reads configuration from @var{file} instead of from the default
per-user configuration file. The default configuration file is named
-@file{gpg-agent.conf} and expected in the @file{.gnupg} directory directly
-below the home directory of the user.
+@file{gpg-agent.conf} and expected in the @file{.gnupg} directory
+directly below the home directory of the user. This option is ignored
+if used in an options file.
@anchor{option --homedir}
@include opt-homedir.texi
communicated to the user, e.g. in pinentry dialogs. OpenSSH has
transitioned from using MD5 to the more secure SHA256.
-@end table
+@item --s2k-count @var{n}
+@opindex s2k-count
+Specify the iteration count used to protect the passphrase. This
+option can be used to override the auto-calibration done by default.
+The auto-calibration computes a count which requires 100ms to mangle
+a given passphrase.
+
+To view the actually used iteration count and the milliseconds
+required for an S2K operation use:
+
+@example
+gpg-connect-agent 'GETINFO s2k_count' /bye
+gpg-connect-agent 'GETINFO s2k_time' /bye
+@end example
-All the long options may also be given in the configuration file after
-stripping off the two leading dashes.
+To view the auto-calibrated count use:
+
+@example
+gpg-connect-agent 'GETINFO s2k_count_cal' /bye
+@end example
+
+
+@end table
@mansect files
@code{pinentry-invisible-char},
@code{default-cache-ttl},
@code{max-cache-ttl}, @code{ignore-cache-for-signing},
+@code{s2k-count},
@code{no-allow-external-cache}, @code{allow-emacs-pinentry},
@code{no-allow-mark-trusted}, @code{disable-scdaemon}, and
@code{disable-check-own-socket}. @code{scdaemon-program} is also
@code{>} after these tags indicate that the key is stored on a
smartcard. See also @option{--list-keys}.
-@item --list-signatures
-@opindex list-signatures
-@itemx --list-sigs
-@opindex list-sigs
-Same as @option{--list-keys}, but the signatures are listed too.
-This command has the same effect as
-using @option{--list-keys} with @option{--with-sig-list}.
-
-For each signature listed, there are several flags in between the "sig"
-tag and keyid. These flags give additional information about each
-signature. From left to right, they are the numbers 1-3 for certificate
-check level (see @option{--ask-cert-level}), "L" for a local or
-non-exportable signature (see @option{--lsign-key}), "R" for a
-nonRevocable signature (see the @option{--edit-key} command "nrsign"),
-"P" for a signature that contains a policy URL (see
-@option{--cert-policy-url}), "N" for a signature that contains a
-notation (see @option{--cert-notation}), "X" for an eXpired signature
-(see @option{--ask-cert-expire}), and the numbers 1-9 or "T" for 10 and
-above to indicate trust signature levels (see the @option{--edit-key}
-command "tsign").
-
@item --check-signatures
@opindex check-signatures
@itemx --check-sigs
@opindex check-sigs
-Same as @option{--list-signatures}, but the signatures are verified. Note
-that for performance reasons the revocation status of a signing key is
-not shown.
-This command has the same effect as
+Same as @option{--list-keys}, but the key signatures are verified and
+listed too. Note that for performance reasons the revocation status
+of a signing key is not shown. This command has the same effect as
using @option{--list-keys} with @option{--with-sig-check}.
-The status of the verification is indicated by a flag directly following
-the "sig" tag (and thus before the flags described above for
-@option{--list-signatures}). A "!" indicates that the signature has been
-successfully verified, a "-" denotes a bad signature and a "%" is used
-if an error occurred while checking the signature (e.g. a non supported
-algorithm).
+The status of the verification is indicated by a flag directly
+following the "sig" tag (and thus before the flags described below. A
+"!" indicates that the signature has been successfully verified, a "-"
+denotes a bad signature and a "%" is used if an error occurred while
+checking the signature (e.g. a non supported algorithm). Signatures
+where the public key is not availabale are not listed; to see their
+keyids the command @option{--list-sigs} can be used.
+
+For each signature listed, there are several flags in between the
+signature status flag and keyid. These flags give additional
+information about each key signature. From left to right, they are
+the numbers 1-3 for certificate check level (see
+@option{--ask-cert-level}), "L" for a local or non-exportable
+signature (see @option{--lsign-key}), "R" for a nonRevocable signature
+(see the @option{--edit-key} command "nrsign"), "P" for a signature
+that contains a policy URL (see @option{--cert-policy-url}), "N" for a
+signature that contains a notation (see @option{--cert-notation}), "X"
+for an eXpired signature (see @option{--ask-cert-expire}), and the
+numbers 1-9 or "T" for 10 and above to indicate trust signature levels
+(see the @option{--edit-key} command "tsign").
+
@item --locate-keys
@opindex locate-keys
List all keys (or the specified ones) along with their
fingerprints. This is the same output as @option{--list-keys} but with
the additional output of a line with the fingerprint. May also be
-combined with @option{--list-signatures} or @option{--check-signatures}. If this
+combined with @option{--check-signatures}. If this
command is given twice, the fingerprints of all secondary keys are
listed too. This command also forces pretty printing of fingerprints
if the keyid format has been set to "none".
@opindex list-options
This is a space or comma delimited string that gives options used when
listing keys and signatures (that is, @option{--list-keys},
-@option{--list-signatures}, @option{--list-public-keys},
+@option{--check-signatures}, @option{--list-public-keys},
@option{--list-secret-keys}, and the @option{--edit-key} functions).
Options can be prepended with a @option{no-} (after the two dashes) to
give the opposite meaning. The options are:
@item show-photos
@opindex list-options:show-photos
- Causes @option{--list-keys}, @option{--list-signatures},
+ Causes @option{--list-keys}, @option{--check-signatures},
@option{--list-public-keys}, and @option{--list-secret-keys} to
display any photo IDs attached to the key. Defaults to no. See also
@option{--photo-viewer}. Does not work with @option{--with-colons}:
@item show-policy-urls
@opindex list-options:show-policy-urls
- Show policy URLs in the @option{--list-signatures} or @option{--check-signatures}
+ Show policy URLs in the @option{--check-signatures}
listings. Defaults to no.
@item show-notations
@opindex list-options:show-std-notations
@opindex list-options:show-user-notations
Show all, IETF standard, or user-defined signature notations in the
- @option{--list-signatures} or @option{--check-signatures} listings. Defaults to no.
+ @option{--check-signatures} listings. Defaults to no.
@item show-keyserver-urls
@opindex list-options:show-keyserver-urls
- Show any preferred keyserver URL in the @option{--list-signatures} or
+ Show any preferred keyserver URL in the
@option{--check-signatures} listings. Defaults to no.
@item show-uid-validity
@item show-sig-expire
@opindex list-options:show-sig-expire
- Show signature expiration dates (if any) during @option{--list-signatures} or
+ Show signature expiration dates (if any) during
@option{--check-signatures} listings. Defaults to no.
@item show-sig-subpackets
optional argument list of the subpackets to list. If no argument is
passed, list all subpackets. Defaults to no. This option is only
meaningful when using @option{--with-colons} along with
- @option{--list-signatures} or @option{--check-signatures}.
+ @option{--check-signatures}.
@end table
Show a listing of the key as imported right before it is stored.
This can be combined with the option @option{--dry-run} to only look
at keys; the option @option{show-only} is a shortcut for this
- combination.
+ combination. Note that suffixes like '#' for "sec" and "sbb" lines
+ may or may not be printed.
@item import-export
Run the entire import code but instead of storing the key to the
Print key listings delimited by colons (like @option{--with-colons}) and
print the public key data.
+@item --list-signatures
+@opindex list-signatures
+@itemx --list-sigs
+@opindex list-sigs
+Same as @option{--list-keys}, but the signatures are listed too. This
+command has the same effect as using @option{--list-keys} with
+@option{--with-sig-list}. Note that in contrast to
+@option{--check-signatures} the key signatures are not verified.
+
+
@item --fast-list-mode
@opindex fast-list-mode
Changes the output of the list commands to work faster; this is achieved
@end table
@mansect see also
-@command{gpg2}(1)
+@command{gpg}(1)
@include see-also-note.texi
select the prompt. Returns 0 to use the default size (i.e. NBITS)
or the selected size. */
static unsigned int
-ask_card_rsa_keysize (int keyno, unsigned int nbits)
+ask_card_keyattr (int keyno, unsigned int nbits)
{
unsigned int min_nbits = 1024;
unsigned int max_nbits = 4096;
xfree (prompt);
xfree (answer);
- if (req_nbits != nbits && (req_nbits % 32) )
+ if (req_nbits == 25519)
{
- req_nbits = ((req_nbits + 31) / 32) * 32;
- tty_printf (_("rounded up to %u bits\n"), req_nbits);
- }
-
- if (req_nbits == nbits)
- return 0; /* Use default. */
+ if (req_nbits == nbits)
+ return 0; /* Use default. */
- if (req_nbits < min_nbits || req_nbits > max_nbits)
- {
- tty_printf (_("%s keysizes must be in the range %u-%u\n"),
- "RSA", min_nbits, max_nbits);
+ tty_printf (_("The card will now be re-configured"
+ " to generate a key of type: %s\n"),
+ keyno==1? "cv25519":"ed25519");
+ show_keysize_warning ();
+ return req_nbits;
}
else
{
- tty_printf (_("The card will now be re-configured "
- "to generate a key of %u bits\n"), req_nbits);
- show_keysize_warning ();
- return req_nbits;
+ if (req_nbits != nbits && (req_nbits % 32) )
+ {
+ req_nbits = ((req_nbits + 31) / 32) * 32;
+ tty_printf (_("rounded up to %u bits\n"), req_nbits);
+ }
+
+ if (req_nbits == nbits)
+ return 0; /* Use default. */
+
+ if (req_nbits < min_nbits || req_nbits > max_nbits)
+ {
+ tty_printf (_("%s keysizes must be in the range %u-%u\n"),
+ "RSA", min_nbits, max_nbits);
+ }
+ else
+ {
+ tty_printf (_("The card will now be re-configured"
+ " to generate a key of %u bits\n"), req_nbits);
+ show_keysize_warning ();
+ return req_nbits;
+ }
}
}
}
/* Change the size of key KEYNO (0..2) to NBITS and show an error
- message if that fails. */
+ * message if that fails. Using the magic value 25519 for NBITS
+ * switches to ed25519 or cv25519 depending on the KEYNO. */
static gpg_error_t
-do_change_rsa_keysize (int keyno, unsigned int nbits)
+do_change_keyattr (int keyno, unsigned int nbits)
{
gpg_error_t err;
char args[100];
- snprintf (args, sizeof args, "--force %d 1 rsa%u", keyno+1, nbits);
+ if (nbits == 25519)
+ snprintf (args, sizeof args, "--force %d %d %s",
+ keyno+1,
+ keyno == 1? PUBKEY_ALGO_ECDH : PUBKEY_ALGO_EDDSA,
+ keyno == 1? "cv25519" : "ed25519");
+ else
+ snprintf (args, sizeof args, "--force %d 1 rsa%u", keyno+1, nbits);
err = agent_scd_setattr ("KEY-ATTR", args, strlen (args), NULL);
if (err)
log_error (_("error changing size of key %d to %u bits: %s\n"),
for (keyno = 0; keyno < DIM (info.key_attr); keyno++)
{
- if (info.key_attr[keyno].algo == PUBKEY_ALGO_RSA)
+ if (info.key_attr[keyno].algo == PUBKEY_ALGO_RSA
+ || info.key_attr[keyno].algo == PUBKEY_ALGO_ECDH
+ || info.key_attr[keyno].algo == PUBKEY_ALGO_EDDSA)
{
- nbits = ask_card_rsa_keysize (keyno, info.key_attr[keyno].nbits);
- if (nbits && do_change_rsa_keysize (keyno, nbits))
+ if (info.key_attr[keyno].algo == PUBKEY_ALGO_RSA)
+ nbits = ask_card_keyattr (keyno, info.key_attr[keyno].nbits);
+ else
+ nbits = ask_card_keyattr (keyno, 25519 /* magic */);
+
+ if (nbits && do_change_keyattr (keyno, nbits))
{
/* Error: Better read the default key size again. */
agent_release_card_info (&info);
key size. */
if (info.is_v2 && info.extcap.aac)
{
- if (info.key_attr[keyno-1].algo == PUBKEY_ALGO_RSA)
+ if (info.key_attr[keyno-1].algo == PUBKEY_ALGO_RSA
+ || info.key_attr[keyno].algo == PUBKEY_ALGO_ECDH
+ || info.key_attr[keyno].algo == PUBKEY_ALGO_EDDSA)
{
unsigned int nbits;
ask_again:
- nbits = ask_card_rsa_keysize (keyno-1, info.key_attr[keyno-1].nbits);
- if (nbits && do_change_rsa_keysize (keyno-1, nbits))
+ if (info.key_attr[keyno].algo == PUBKEY_ALGO_RSA)
+ nbits = ask_card_keyattr (keyno-1, info.key_attr[keyno-1].nbits);
+ else
+ nbits = ask_card_keyattr (keyno-1, 25519);
+
+ if (nbits && do_change_keyattr (keyno-1, nbits))
{
/* Error: Better read the default key size again. */
agent_release_card_info (&info);
scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40
scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40
scd apdu 00 e6 00 00
- scd reset
- scd serialno undefined
- scd apdu 00 A4 04 00 06 D2 76 00 01 24 01
scd apdu 00 44 00 00
/echo Card has been reset to factory defaults
goto leave;
}
- /* The card is in termination state - reset and select again. */
- err = send_apdu (NULL, "RESET", 0);
- if (err)
- goto leave;
- err = send_apdu ("undefined", "dummy select", 0);
- if (err)
- goto leave;
-
- /* Select the OpenPGP application. (no error checking here). */
- send_apdu ("00A4040006D27600012401", "SELECT AID", 0xffff);
-
/* Send activate datafile command. This is used without
confirmation if the card is already in termination state. */
err = send_apdu ("00440000", "ACTIVATE DF", 0);
*
* Like get_pubkey_byfprint, PK may be NULL. In that case, this
* function effectively just checks for the existence of the key. */
-int
+gpg_error_t
get_pubkey_byfprint_fast (PKT_public_key * pk,
const byte * fprint, size_t fprint_len)
{
- int rc = 0;
- KEYDB_HANDLE hd;
+ gpg_error_t err;
KBNODE keyblock;
+
+ err = get_keyblock_byfprint_fast (&keyblock, NULL, fprint, fprint_len, 0);
+ if (!err)
+ {
+ if (pk)
+ copy_public_key (pk, keyblock->pkt->pkt.public_key);
+ release_kbnode (keyblock);
+ }
+
+ return err;
+}
+
+
+/* This function is similar to get_pubkey_byfprint_fast but returns a
+ * keydb handle at R_HD and the keyblock at R_KEYBLOCK. R_KEYBLOCK or
+ * R_HD may be NULL. If LOCK is set the handle has been opend in
+ * locked mode and keydb_disable_caching () has been called. On error
+ * R_KEYBLOCK is set to NULL but R_HD must be released by the caller;
+ * it may have a value of NULL, though. This allows to do an insert
+ * operation on a locked keydb handle. */
+gpg_error_t
+get_keyblock_byfprint_fast (kbnode_t *r_keyblock, KEYDB_HANDLE *r_hd,
+ const byte *fprint, size_t fprint_len, int lock)
+{
+ gpg_error_t err;
+ KEYDB_HANDLE hd;
+ kbnode_t keyblock;
byte fprbuf[MAX_FINGERPRINT_LEN];
int i;
+ if (r_keyblock)
+ *r_keyblock = NULL;
+ if (r_hd)
+ *r_hd = NULL;
+
for (i = 0; i < MAX_FINGERPRINT_LEN && i < fprint_len; i++)
fprbuf[i] = fprint[i];
while (i < MAX_FINGERPRINT_LEN)
if (!hd)
return gpg_error_from_syserror ();
- rc = keydb_search_fpr (hd, fprbuf);
- if (gpg_err_code (rc) == GPG_ERR_NOT_FOUND)
+ if (lock)
{
- keydb_release (hd);
- return GPG_ERR_NO_PUBKEY;
+ err = keydb_lock (hd);
+ if (err)
+ {
+ /* If locking did not work, we better don't return a handle
+ * at all - there was a reason that locking has been
+ * requested. */
+ keydb_release (hd);
+ return err;
+ }
+ keydb_disable_caching (hd);
}
- rc = keydb_get_keyblock (hd, &keyblock);
- keydb_release (hd);
- if (rc)
+
+ /* Fo all other errors we return the handle. */
+ if (r_hd)
+ *r_hd = hd;
+
+ err = keydb_search_fpr (hd, fprbuf);
+ if (gpg_err_code (err) == GPG_ERR_NOT_FOUND)
{
- log_error ("keydb_get_keyblock failed: %s\n", gpg_strerror (rc));
- return GPG_ERR_NO_PUBKEY;
+ if (!r_hd)
+ keydb_release (hd);
+ return gpg_error (GPG_ERR_NO_PUBKEY);
+ }
+ err = keydb_get_keyblock (hd, &keyblock);
+ if (err)
+ {
+ log_error ("keydb_get_keyblock failed: %s\n", gpg_strerror (err));
+ if (!r_hd)
+ keydb_release (hd);
+ return gpg_error (GPG_ERR_NO_PUBKEY);
}
log_assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY
|| keyblock->pkt->pkttype == PKT_PUBLIC_SUBKEY);
- if (pk)
- copy_public_key (pk, keyblock->pkt->pkt.public_key);
- release_kbnode (keyblock);
/* Not caching key here since it won't have all of the fields
properly set. */
+ if (r_keyblock)
+ *r_keyblock = keyblock;
+ else
+ release_kbnode (keyblock);
+
+ if (!r_hd)
+ keydb_release (hd);
+
return 0;
}
+
const char *
parse_def_secret_key (ctrl_t ctrl)
{
static int read_block (IOBUF a, int with_meta,
PACKET **pending_pkt, kbnode_t *ret_root, int *r_v3keys);
static void revocation_present (ctrl_t ctrl, kbnode_t keyblock);
-static int import_one (ctrl_t ctrl,
+static gpg_error_t import_one (ctrl_t ctrl,
kbnode_t keyblock,
struct import_stats_s *stats,
unsigned char **fpr, size_t *fpr_len,
*
* Key revocation certificates have special handling.
*/
-static int
+static gpg_error_t
import_keys_internal (ctrl_t ctrl, iobuf_t inp, char **fnames, int nnames,
import_stats_t stats_handle,
unsigned char **fpr, size_t *fpr_len,
int origin, const char *url)
{
int i;
- int rc = 0;
+ gpg_error_t err = 0;
struct import_stats_s *stats = stats_handle;
if (!stats)
if (inp)
{
- rc = import (ctrl, inp, "[stream]", stats, fpr, fpr_len, options,
- screener, screener_arg, origin, url);
+ err = import (ctrl, inp, "[stream]", stats, fpr, fpr_len, options,
+ screener, screener_arg, origin, url);
}
else
{
log_error (_("can't open '%s': %s\n"), fname, strerror (errno));
else
{
- rc = import (ctrl, inp2, fname, stats, fpr, fpr_len, options,
+ err = import (ctrl, inp2, fname, stats, fpr, fpr_len, options,
screener, screener_arg, origin, url);
iobuf_close (inp2);
/* Must invalidate that ugly cache to actually close it. */
iobuf_ioctl (NULL, IOBUF_IOCTL_INVALIDATE_CACHE, 0, (char*)fname);
- if (rc)
+ if (err)
log_error ("import from '%s' failed: %s\n",
- fname, gpg_strerror (rc) );
+ fname, gpg_strerror (err) );
}
if (!fname)
break;
if (!(options & IMPORT_FAST))
check_or_update_trustdb (ctrl);
- return rc;
+ return err;
}
}
-int
+gpg_error_t
import_keys_es_stream (ctrl_t ctrl, estream_t fp,
import_stats_t stats_handle,
unsigned char **fpr, size_t *fpr_len,
import_screener_t screener, void *screener_arg,
int origin, const char *url)
{
- int rc;
+ gpg_error_t err;
iobuf_t inp;
inp = iobuf_esopen (fp, "rb", 1);
if (!inp)
{
- rc = gpg_error_from_syserror ();
- log_error ("iobuf_esopen failed: %s\n", gpg_strerror (rc));
- return rc;
+ err = gpg_error_from_syserror ();
+ log_error ("iobuf_esopen failed: %s\n", gpg_strerror (err));
+ return err;
}
- rc = import_keys_internal (ctrl, inp, NULL, 0, stats_handle,
+ err = import_keys_internal (ctrl, inp, NULL, 0, stats_handle,
fpr, fpr_len, options,
screener, screener_arg, origin, url);
iobuf_close (inp);
- return rc;
+ return err;
}
* even most error messages are suppressed. ORIGIN is the origin of
* the key (0 for unknown) and URL the corresponding URL.
*/
-static int
+static gpg_error_t
import_one (ctrl_t ctrl,
kbnode_t keyblock, struct import_stats_s *stats,
unsigned char **fpr, size_t *fpr_len, unsigned int options,
import_screener_t screener, void *screener_arg,
int origin, const char *url)
{
+ gpg_error_t err = 0;
PKT_public_key *pk;
- PKT_public_key *pk_orig = NULL;
kbnode_t node, uidnode;
kbnode_t keyblock_orig = NULL;
byte fpr2[MAX_FINGERPRINT_LEN];
size_t fpr2len;
u32 keyid[2];
- int rc = 0;
int new_key = 0;
int mod_key = 0;
int same_key = 0;
char pkstrbuf[PUBKEY_STRING_SIZE];
int merge_keys_done = 0;
int any_filter = 0;
+ KEYDB_HANDLE hd = NULL;
/* Get the key and print some info about it. */
node = find_kbnode( keyblock, PKT_PUBLIC_KEY );
merge_keys_done = 1;
/* Note that we do not want to show the validity because the key
* has not yet imported. */
- list_keyblock_direct (ctrl, keyblock, 0, 0,
+ list_keyblock_direct (ctrl, keyblock, from_sk, 0,
opt.fingerprint || opt.with_fingerprint, 1);
es_fflush (es_stdout);
}
merge_keys_and_selfsig (ctrl, keyblock);
merge_keys_done = 1;
}
- rc = write_keyblock_to_output (keyblock, opt.armor, opt.export_options);
+ err = write_keyblock_to_output (keyblock, opt.armor, opt.export_options);
goto leave;
}
goto leave;
/* Do we have this key already in one of our pubrings ? */
- pk_orig = xmalloc_clear( sizeof *pk_orig );
- rc = get_pubkey_byfprint_fast (pk_orig, fpr2, fpr2len);
- if (rc && gpg_err_code (rc) != GPG_ERR_NO_PUBKEY
- && gpg_err_code (rc) != GPG_ERR_UNUSABLE_PUBKEY )
- {
+ err = get_keyblock_byfprint_fast (&keyblock_orig, &hd,
+ fpr2, fpr2len, 1/*locked*/);
+ if ((err
+ && gpg_err_code (err) != GPG_ERR_NO_PUBKEY
+ && gpg_err_code (err) != GPG_ERR_UNUSABLE_PUBKEY)
+ || !hd)
+ {
+ /* The !hd above is to catch a misbehaving function which
+ * returns NO_PUBKEY for failing to allocate a handle. */
if (!silent)
log_error (_("key %s: public key not found: %s\n"),
- keystr(keyid), gpg_strerror (rc));
+ keystr(keyid), gpg_strerror (err));
}
- else if ( rc && (opt.import_options&IMPORT_MERGE_ONLY) )
+ else if (err && (opt.import_options&IMPORT_MERGE_ONLY) )
{
if (opt.verbose && !silent )
log_info( _("key %s: new key - skipped\n"), keystr(keyid));
- rc = 0;
+ err = 0;
stats->skipped_new_keys++;
}
- else if (rc ) /* Insert this key. */
+ else if (err) /* Insert this key. */
{
- KEYDB_HANDLE hd;
+ /* Note: ERR can only be NO_PUBKEY or UNUSABLE_PUBKEY. */
int n_sigs_cleaned, n_uids_cleaned;
- hd = keydb_new ();
- if (!hd)
- return gpg_error_from_syserror ();
-
- rc = keydb_locate_writable (hd);
- if (rc)
+ err = keydb_locate_writable (hd);
+ if (err)
{
- log_error (_("no writable keyring found: %s\n"), gpg_strerror (rc));
- keydb_release (hd);
- return GPG_ERR_GENERAL;
+ log_error (_("no writable keyring found: %s\n"), gpg_strerror (err));
+ err = gpg_error (GPG_ERR_GENERAL);
+ goto leave;
}
if (opt.verbose > 1 )
log_info (_("writing to '%s'\n"), keydb_get_resource_name (hd) );
* and thus the address of KEYBLOCK won't change. */
if ( !(options & IMPORT_RESTORE) )
{
- rc = insert_key_origin (keyblock, origin, url);
- if (rc)
+ err = insert_key_origin (keyblock, origin, url);
+ if (err)
{
- log_error ("insert_key_origin failed: %s\n", gpg_strerror (rc));
- keydb_release (hd);
- return GPG_ERR_GENERAL;
+ log_error ("insert_key_origin failed: %s\n", gpg_strerror (err));
+ err = gpg_error (GPG_ERR_GENERAL);
+ goto leave;
}
}
- rc = keydb_insert_keyblock (hd, keyblock );
- if (rc)
+ err = keydb_insert_keyblock (hd, keyblock );
+ if (err)
log_error (_("error writing keyring '%s': %s\n"),
- keydb_get_resource_name (hd), gpg_strerror (rc));
+ keydb_get_resource_name (hd), gpg_strerror (err));
else if (!(opt.import_options & IMPORT_KEEP_OWNERTTRUST))
{
/* This should not be possible since we delete the
if (non_self)
revalidation_mark (ctrl);
}
+
+ /* Release the handle and thus unlock the keyring asap. */
keydb_release (hd);
+ hd = NULL;
/* We are ready. */
if (!opt.quiet && !silent)
stats->imported++;
new_key = 1;
}
- else /* Merge the key. */
+ else /* Key already exists - merge. */
{
- KEYDB_HANDLE hd;
int n_uids, n_sigs, n_subk, n_sigs_cleaned, n_uids_cleaned;
u32 curtime = make_timestamp ();
/* Compare the original against the new key; just to be sure nothing
* weird is going on */
- if (cmp_public_keys( pk_orig, pk ) )
+ if (cmp_public_keys (keyblock_orig->pkt->pkt.public_key, pk))
{
if (!silent)
log_error( _("key %s: doesn't match our copy\n"),keystr(keyid));
goto leave;
}
- /* Now read the original keyblock again so that we can use
- that handle for updating the keyblock. */
- hd = keydb_new ();
- if (!hd)
- {
- rc = gpg_error_from_syserror ();
- goto leave;
- }
- keydb_disable_caching (hd);
- rc = keydb_search_fpr (hd, fpr2);
- if (rc )
- {
- log_error (_("key %s: can't locate original keyblock: %s\n"),
- keystr(keyid), gpg_strerror (rc));
- keydb_release (hd);
- goto leave;
- }
- rc = keydb_get_keyblock (hd, &keyblock_orig);
- if (rc)
- {
- log_error (_("key %s: can't read original keyblock: %s\n"),
- keystr(keyid), gpg_strerror (rc));
- keydb_release (hd);
- goto leave;
- }
-
/* Make sure the original direct key sigs are all sane. */
n_sigs_cleaned = fix_bad_direct_key_sigs (ctrl, keyblock_orig, keyid);
if (n_sigs_cleaned)
commit_kbnode (&keyblock_orig);
- /* and try to merge the block */
+ /* Try to merge KEYBLOCK into KEYBLOCK_ORIG. */
clear_kbnode_flags( keyblock_orig );
clear_kbnode_flags( keyblock );
n_uids = n_sigs = n_subk = n_uids_cleaned = 0;
- rc = merge_blocks (ctrl, options, keyblock_orig, keyblock, keyid,
- curtime, origin, url,
- &n_uids, &n_sigs, &n_subk );
- if (rc )
- {
- keydb_release (hd);
- goto leave;
- }
+ err = merge_blocks (ctrl, options, keyblock_orig, keyblock, keyid,
+ curtime, origin, url,
+ &n_uids, &n_sigs, &n_subk );
+ if (err)
+ goto leave;
if ((options & IMPORT_CLEAN))
clean_key (ctrl, keyblock_orig, opt.verbose, (options&IMPORT_MINIMAL),
* and thus the address of KEYBLOCK won't change. */
if ( !(options & IMPORT_RESTORE) )
{
- rc = update_key_origin (keyblock_orig, curtime, origin, url);
- if (rc)
+ err = update_key_origin (keyblock_orig, curtime, origin, url);
+ if (err)
{
log_error ("update_key_origin failed: %s\n",
- gpg_strerror (rc));
- keydb_release (hd);
+ gpg_strerror (err));
goto leave;
}
}
mod_key = 1;
/* KEYBLOCK_ORIG has been updated; write */
- rc = keydb_update_keyblock (ctrl, hd, keyblock_orig);
- if (rc)
+ err = keydb_update_keyblock (ctrl, hd, keyblock_orig);
+ if (err)
log_error (_("error writing keyring '%s': %s\n"),
- keydb_get_resource_name (hd), gpg_strerror (rc) );
+ keydb_get_resource_name (hd), gpg_strerror (err));
else if (non_self)
revalidation_mark (ctrl);
+ /* Release the handle and thus unlock the keyring asap. */
+ keydb_release (hd);
+ hd = NULL;
+
/* We are ready. */
if (!opt.quiet && !silent)
{
}
else
{
+ /* Release the handle and thus unlock the keyring asap. */
+ keydb_release (hd);
+ hd = NULL;
+
/* Fixme: we do not track the time we last checked a key for
* updates. To do this we would need to rewrite even the
* keys which have no changes. */
stats->unchanged++;
}
-
- keydb_release (hd); hd = NULL;
}
leave:
+ keydb_release (hd);
if (mod_key || new_key || same_key)
{
/* A little explanation for this: we fill in the fingerprint
}
release_kbnode( keyblock_orig );
- free_public_key( pk_orig );
- return rc;
+ return err;
}
/* At least we cancel the secret key import when the public key
import was skipped due to MERGE_ONLY option and a new
key. */
- if (stats->skipped_new_keys <= nr_prev)
+ if (!(opt.dry_run || (options & IMPORT_DRY_RUN))
+ && stats->skipped_new_keys <= nr_prev)
{
/* Read the keyblock again to get the effects of a merge. */
/* Fixme: we should do this based on the fingerprint or
/* Okay, we have a revocation key, and a
* revocation issued by it. Do we have the key
* itself? */
- int rc;
+ gpg_error_t err;
- rc=get_pubkey_byfprint_fast (NULL,sig->revkey[idx].fpr,
- MAX_FINGERPRINT_LEN);
- if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY
- || gpg_err_code (rc) == GPG_ERR_UNUSABLE_PUBKEY)
+ err = get_pubkey_byfprint_fast (NULL,
+ sig->revkey[idx].fpr,
+ MAX_FINGERPRINT_LEN);
+ if (gpg_err_code (err) == GPG_ERR_NO_PUBKEY
+ || gpg_err_code (err) == GPG_ERR_UNUSABLE_PUBKEY)
{
- char *tempkeystr=xstrdup(keystr_from_pk(pk));
+ char *tempkeystr = xstrdup (keystr_from_pk (pk));
/* No, so try and get it */
if ((opt.keyserver_options.options
opt.keyserver, 0);
/* Do we have it now? */
- rc=get_pubkey_byfprint_fast (NULL,
+ err = get_pubkey_byfprint_fast (NULL,
sig->revkey[idx].fpr,
MAX_FINGERPRINT_LEN);
}
- if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY
- || gpg_err_code (rc) == GPG_ERR_UNUSABLE_PUBKEY)
+ if (gpg_err_code (err) == GPG_ERR_NO_PUBKEY
+ || gpg_err_code (err) == GPG_ERR_UNUSABLE_PUBKEY)
log_info(_("WARNING: key %s may be revoked:"
" revocation key %s not present.\n"),
tempkeystr,keystr(keyid));
#include "key-check.h"
+
+/* Print PREFIX followed by TEXT. With mode > 0 use log_info, with
+ * mode < 0 use ttyio, else print to stdout. If TEXT is not NULL, it
+ * may be modified by this function. */
+static void
+print_info (int mode, const char *prefix, char *text)
+{
+ char *p;
+
+ if (!text)
+ text = "";
+ else if ((p = strchr (text,'\n')))
+ *p = 0; /* Strip LF. */
+
+ if (mode > 0)
+ log_info ("%s %s\n", prefix, text);
+ else
+ tty_fprintf (mode? NULL:es_stdout, "%s %s\n", prefix, text);
+}
+
+
/* Order two signatures. The actual ordering isn't important. Our
* goal is to ensure that identical signatures occur together. */
static int
int only_selected, int only_selfsigs)
{
gpg_error_t err;
- estream_t fp = mode < 0? NULL : mode ? log_get_stream () : es_stdout;
PKT_public_key *pk;
KBNODE n, n_next, *n_prevp, n2;
char *pending_desc = NULL;
has_selfsig = 1;
}
- if ((n2 && n2 != last_printed_component)
- || (! n2 && last_printed_component != current_component))
+ if (DBG_PACKET
+ && ((n2 && n2 != last_printed_component)
+ || (! n2 && last_printed_component != current_component)))
{
int is_reordered = n2 && n2 != current_component;
if (n2)
;
else if (last_printed_component->pkt->pkttype == PKT_USER_ID)
{
- tty_fprintf (fp, "uid ");
- tty_print_utf8_string2 (fp,
- last_printed_component
- ->pkt->pkt.user_id->name,
- last_printed_component
- ->pkt->pkt.user_id->len, 0);
+ log_debug ("uid ");
+ print_utf8_buffer (log_get_stream (),
+ last_printed_component
+ ->pkt->pkt.user_id->name,
+ last_printed_component
+ ->pkt->pkt.user_id->len);
+ log_flush ();
}
else if (last_printed_component->pkt->pkttype
== PKT_PUBLIC_KEY)
- tty_fprintf (fp, "pub %s",
- pk_keyid_str (last_printed_component
+ log_debug ("pub %s\n",
+ pk_keyid_str (last_printed_component
->pkt->pkt.public_key));
else
- tty_fprintf (fp, "sub %s",
- pk_keyid_str (last_printed_component
- ->pkt->pkt.public_key));
+ log_debug ("sub %s\n",
+ pk_keyid_str (last_printed_component
+ ->pkt->pkt.public_key));
if (modified)
{
if (is_reordered)
- tty_fprintf (fp, _(" (reordered signatures follow)"));
- if (mode > 0)
- log_printf ("\n");
- else
- tty_fprintf (fp, "\n");
+ log_debug ("%s\n", _(" (reordered signatures follow)"));
}
}
- if (modified)
- keyedit_print_one_sig (ctrl, fp, rc, kb, n, NULL, NULL, NULL,
+ if (DBG_PACKET && modified)
+ keyedit_print_one_sig (ctrl, log_get_stream (),
+ rc, kb, n, NULL, NULL, NULL,
has_selfsig, 0, only_selfsigs);
}
}
}
- if (dups || missing_issuer || bad_signature || reordered)
- tty_fprintf (fp, _("key %s:\n"), pk_keyid_str (pk));
-
- if (dups)
- tty_fprintf (fp,
- ngettext ("%d duplicate signature removed\n",
- "%d duplicate signatures removed\n", dups), dups);
- if (missing_issuer)
- tty_fprintf (fp,
- ngettext ("%d signature not checked due to a missing key\n",
- "%d signatures not checked due to missing keys\n",
- missing_issuer), missing_issuer);
- if (bad_signature)
- tty_fprintf (fp,
- ngettext ("%d bad signature\n",
- "%d bad signatures\n",
- bad_signature), bad_signature);
- if (reordered)
- tty_fprintf (fp,
- ngettext ("%d signature reordered\n",
- "%d signatures reordered\n",
- reordered), reordered);
-
- if (only_selfsigs && (bad_signature || reordered))
- tty_fprintf (fp, _("Warning: errors found and only checked self-signatures,"
- " run '%s' to check all signatures.\n"), "check");
+ if (!opt.quiet)
+ {
+ char prefix[100];
+ char *p;
+
+ /* To avoid string changes in 2.2 we strip the LF here. */
+ snprintf (prefix, sizeof prefix, _("key %s:\n"), pk_keyid_str (pk));
+ p = strrchr (prefix, '\n');
+ if (p)
+ *p = 0;
+
+ if (dups)
+ {
+ p = xtryasprintf
+ (ngettext ("%d duplicate signature removed\n",
+ "%d duplicate signatures removed\n", dups), dups);
+ print_info (mode, prefix, p);
+ xfree (p);
+ }
+
+ if (missing_issuer)
+ {
+ p = xtryasprintf
+ (ngettext ("%d signature not checked due to a missing key\n",
+ "%d signatures not checked due to missing keys\n",
+ missing_issuer), missing_issuer);
+ print_info (mode, prefix, p);
+ xfree (p);
+ }
+ if (bad_signature)
+ {
+ p = xtryasprintf (ngettext ("%d bad signature\n",
+ "%d bad signatures\n",
+ bad_signature), bad_signature);
+ print_info (mode, prefix, p);
+ xfree (p);
+ }
+
+ if (reordered)
+ {
+ p = xtryasprintf (ngettext ("%d signature reordered\n",
+ "%d signatures reordered\n",
+ reordered), reordered);
+ print_info (mode, prefix, p);
+ xfree (p);
+ }
+
+ if (only_selfsigs && (bad_signature || reordered))
+ {
+ p = xtryasprintf
+ (_("Warning: errors found and only checked self-signatures,"
+ " run '%s' to check all signatures.\n"), "check");
+ print_info (mode, prefix, p);
+ xfree (p);
+ }
+ }
return modified;
}
/ keybox_lock, as appropriate). */
int locked;
+ /* If this flag is set a lock will only be released by
+ * keydb_release. */
+ int keep_lock;
+
/* The index into ACTIVE of the resources in which the last search
result was found. Initially -1. */
int found;
log_assert (active_handles > 0);
active_handles--;
+ hd->keep_lock = 0;
unlock_all (hd);
for (i=0; i < hd->used; i++)
{
}
+/* Take a lock on the files immediately and not only during insert or
+ * update. This lock is released with keydb_release. */
+gpg_error_t
+keydb_lock (KEYDB_HANDLE hd)
+{
+ gpg_error_t err;
+
+ if (!hd)
+ return gpg_error (GPG_ERR_INV_ARG);
+
+ err = lock_all (hd);
+ if (!err)
+ hd->keep_lock = 1;
+
+ return err;
+}
+
+
/* Set a flag on the handle to suppress use of cached results. This
* is required for updating a keyring and for key listings. Fixme:
* Using a new parameter for keydb_new might be a better solution. */
{
int i;
- if (!hd->locked)
+ if (!hd->locked || hd->keep_lock)
return;
for (i=hd->used-1; i >= 0; i--)
/* Free all resources owned by the database handle. */
void keydb_release (KEYDB_HANDLE hd);
+/* Take a lock on the files immediately and not only during insert or
+ * update. This lock is released with keydb_release. */
+gpg_error_t keydb_lock (KEYDB_HANDLE hd);
+
/* Set a flag on the handle to suppress use of cached results. This
is required for updating a keyring and for key listings. Fixme:
Using a new parameter for keydb_new might be a better solution. */
/* This function is similar to get_pubkey_byfprint, but it doesn't
merge the self-signed data into the public key and subkeys or into
the user ids. */
-int get_pubkey_byfprint_fast (PKT_public_key *pk,
- const byte *fprint, size_t fprint_len);
+gpg_error_t get_pubkey_byfprint_fast (PKT_public_key *pk,
+ const byte *fprint, size_t fprint_len);
+
+/* This function is similar to get_pubkey_byfprint, but it doesn't
+ merge the self-signed data into the public key and subkeys or into
+ the user ids. */
+gpg_error_t get_keyblock_byfprint_fast (kbnode_t *r_keyblock,
+ KEYDB_HANDLE *r_hd,
+ const byte *fprint, size_t fprint_len,
+ int lock);
+
/* Returns true if a secret key is available for the public key with
key id KEYID. */
/* Need an SK for this command */
#define KEYEDIT_NEED_SK 1
-/* Cannot be viewing the SK for this command */
-#define KEYEDIT_NOT_SK 2
-/* Must be viewing the SK for this command */
-#define KEYEDIT_ONLY_SK 4
+/* Need an SUB KEY for this command */
+#define KEYEDIT_NEED_SUBSK 2
/* Match the tail of the string */
#define KEYEDIT_TAIL_MATCH 8
{ "key", cmdSELKEY, 0, N_("select subkey N")},
{ "check", cmdCHECK, 0, N_("check signatures")},
{ "c", cmdCHECK, 0, NULL},
- { "change-usage", cmdCHANGEUSAGE, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK, NULL},
- { "cross-certify", cmdBACKSIGN, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK, NULL},
- { "backsign", cmdBACKSIGN, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK, NULL},
- { "sign", cmdSIGN, KEYEDIT_NOT_SK | KEYEDIT_TAIL_MATCH,
+ { "change-usage", cmdCHANGEUSAGE, KEYEDIT_NEED_SK, NULL},
+ { "cross-certify", cmdBACKSIGN, KEYEDIT_NEED_SK, NULL},
+ { "backsign", cmdBACKSIGN, KEYEDIT_NEED_SK, NULL},
+ { "sign", cmdSIGN, KEYEDIT_TAIL_MATCH,
N_("sign selected user IDs [* see below for related commands]")},
- { "s", cmdSIGN, KEYEDIT_NOT_SK, NULL},
+ { "s", cmdSIGN, 0, NULL},
/* "lsign" and friends will never match since "sign" comes first
and it is a tail match. They are just here so they show up in
the help menu. */
{ "nrsign", cmdNOP, 0,
N_("sign selected user IDs with a non-revocable signature")},
{ "debug", cmdDEBUG, 0, NULL},
- { "adduid", cmdADDUID, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK, N_("add a user ID")},
- { "addphoto", cmdADDPHOTO, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
+ { "adduid", cmdADDUID, KEYEDIT_NEED_SK, N_("add a user ID")},
+ { "addphoto", cmdADDPHOTO, KEYEDIT_NEED_SK,
N_("add a photo ID")},
- { "deluid", cmdDELUID, KEYEDIT_NOT_SK, N_("delete selected user IDs")},
+ { "deluid", cmdDELUID, 0, N_("delete selected user IDs")},
/* delphoto is really deluid in disguise */
- { "delphoto", cmdDELUID, KEYEDIT_NOT_SK, NULL},
- { "addkey", cmdADDKEY, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK, N_("add a subkey")},
+ { "delphoto", cmdDELUID, 0, NULL},
+ { "addkey", cmdADDKEY, KEYEDIT_NEED_SK, N_("add a subkey")},
#ifdef ENABLE_CARD_SUPPORT
- { "addcardkey", cmdADDCARDKEY, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
+ { "addcardkey", cmdADDCARDKEY, KEYEDIT_NEED_SK,
N_("add a key to a smartcard")},
- { "keytocard", cmdKEYTOCARD, KEYEDIT_NEED_SK | KEYEDIT_ONLY_SK,
+ { "keytocard", cmdKEYTOCARD, KEYEDIT_NEED_SK | KEYEDIT_NEED_SUBSK,
N_("move a key to a smartcard")},
- { "bkuptocard", cmdBKUPTOCARD, KEYEDIT_NEED_SK | KEYEDIT_ONLY_SK,
+ { "bkuptocard", cmdBKUPTOCARD, KEYEDIT_NEED_SK | KEYEDIT_NEED_SUBSK,
N_("move a backup key to a smartcard")},
#endif /*ENABLE_CARD_SUPPORT */
- { "delkey", cmdDELKEY, KEYEDIT_NOT_SK, N_("delete selected subkeys")},
- { "addrevoker", cmdADDREVOKER, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
+ { "delkey", cmdDELKEY, 0, N_("delete selected subkeys")},
+ { "addrevoker", cmdADDREVOKER, KEYEDIT_NEED_SK,
N_("add a revocation key")},
- { "delsig", cmdDELSIG, KEYEDIT_NOT_SK,
+ { "delsig", cmdDELSIG, 0,
N_("delete signatures from the selected user IDs")},
- { "expire", cmdEXPIRE, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
+ { "expire", cmdEXPIRE, KEYEDIT_NEED_SK | KEYEDIT_NEED_SUBSK,
N_("change the expiration date for the key or selected subkeys")},
- { "primary", cmdPRIMARY, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
+ { "primary", cmdPRIMARY, KEYEDIT_NEED_SK,
N_("flag the selected user ID as primary")},
{ "toggle", cmdTOGGLE, KEYEDIT_NEED_SK, NULL}, /* Dummy command. */
{ "t", cmdTOGGLE, KEYEDIT_NEED_SK, NULL},
- { "pref", cmdPREF, KEYEDIT_NOT_SK, N_("list preferences (expert)")},
- { "showpref", cmdSHOWPREF, KEYEDIT_NOT_SK, N_("list preferences (verbose)")},
- { "setpref", cmdSETPREF, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
+ { "pref", cmdPREF, 0, N_("list preferences (expert)")},
+ { "showpref", cmdSHOWPREF, 0, N_("list preferences (verbose)")},
+ { "setpref", cmdSETPREF, KEYEDIT_NEED_SK,
N_("set preference list for the selected user IDs")},
- { "updpref", cmdSETPREF, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK, NULL},
- { "keyserver", cmdPREFKS, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
+ { "updpref", cmdSETPREF, KEYEDIT_NEED_SK, NULL},
+ { "keyserver", cmdPREFKS, KEYEDIT_NEED_SK,
N_("set the preferred keyserver URL for the selected user IDs")},
- { "notation", cmdNOTATION, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
+ { "notation", cmdNOTATION, KEYEDIT_NEED_SK,
N_("set a notation for the selected user IDs")},
- { "passwd", cmdPASSWD, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
+ { "passwd", cmdPASSWD, KEYEDIT_NEED_SK | KEYEDIT_NEED_SUBSK,
N_("change the passphrase")},
- { "password", cmdPASSWD, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK, NULL},
+ { "password", cmdPASSWD, KEYEDIT_NEED_SK | KEYEDIT_NEED_SUBSK, NULL},
#ifndef NO_TRUST_MODELS
- { "trust", cmdTRUST, KEYEDIT_NOT_SK, N_("change the ownertrust")},
+ { "trust", cmdTRUST, 0, N_("change the ownertrust")},
#endif /*!NO_TRUST_MODELS*/
- { "revsig", cmdREVSIG, KEYEDIT_NOT_SK,
+ { "revsig", cmdREVSIG, 0,
N_("revoke signatures on the selected user IDs")},
- { "revuid", cmdREVUID, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
+ { "revuid", cmdREVUID, KEYEDIT_NEED_SK,
N_("revoke selected user IDs")},
- { "revphoto", cmdREVUID, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK, NULL},
- { "revkey", cmdREVKEY, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
+ { "revphoto", cmdREVUID, KEYEDIT_NEED_SK, NULL},
+ { "revkey", cmdREVKEY, KEYEDIT_NEED_SK,
N_("revoke key or selected subkeys")},
#ifndef NO_TRUST_MODELS
- { "enable", cmdENABLEKEY, KEYEDIT_NOT_SK, N_("enable key")},
- { "disable", cmdDISABLEKEY, KEYEDIT_NOT_SK, N_("disable key")},
+ { "enable", cmdENABLEKEY, 0, N_("enable key")},
+ { "disable", cmdDISABLEKEY, 0, N_("disable key")},
#endif /*!NO_TRUST_MODELS*/
{ "showphoto", cmdSHOWPHOTO, 0, N_("show selected photo IDs")},
- { "clean", cmdCLEAN, KEYEDIT_NOT_SK,
+ { "clean", cmdCLEAN, 0,
N_("compact unusable user IDs and remove unusable signatures from key")},
- { "minimize", cmdMINIMIZE, KEYEDIT_NOT_SK,
+ { "minimize", cmdMINIMIZE, 0,
N_("compact unusable user IDs and remove all signatures from key")},
{ NULL, cmdNONE, 0, NULL}
KBNODE keyblock = NULL;
KEYDB_HANDLE kdbhd = NULL;
int have_seckey = 0;
+ int have_anyseckey = 0;
char *answer = NULL;
int redisplay = 1;
int modified = 0;
/* See whether we have a matching secret key. */
if (seckey_check)
{
- have_seckey = !agent_probe_any_secret_key (ctrl, keyblock);
+ have_anyseckey = !agent_probe_any_secret_key (ctrl, keyblock);
+ if (have_anyseckey
+ && !agent_probe_secret_key (ctrl, keyblock->pkt->pkt.public_key))
+ {
+ /* The primary key is also available. */
+ have_seckey = 1;
+ }
+
if (have_seckey && !quiet)
- tty_printf (_("Secret key is available.\n"));
+ tty_printf (_("Secret key is available.\n"));
+ else if (have_anyseckey && !quiet)
+ tty_printf (_("Secret subkeys are available.\n"));
}
/* Main command loop. */
else if (!ascii_strcasecmp (answer, cmds[i].name))
break;
}
- if ((cmds[i].flags & KEYEDIT_NEED_SK) && !have_seckey)
+ if ((cmds[i].flags & (KEYEDIT_NEED_SK|KEYEDIT_NEED_SUBSK))
+ && !(((cmds[i].flags & KEYEDIT_NEED_SK) && have_seckey)
+ || ((cmds[i].flags & KEYEDIT_NEED_SUBSK) && have_anyseckey)))
{
tty_printf (_("Need the secret key to do this.\n"));
cmd = cmdNOP;
}
- else
+ else
cmd = cmds[i].id;
}
case cmdHELP:
for (i = 0; cmds[i].name; i++)
{
- if ((cmds[i].flags & KEYEDIT_NEED_SK) && !have_seckey)
+ if ((cmds[i].flags & (KEYEDIT_NEED_SK|KEYEDIT_NEED_SUBSK))
+ && !(((cmds[i].flags & KEYEDIT_NEED_SK) && have_seckey)
+ ||((cmds[i].flags&KEYEDIT_NEED_SUBSK)&&have_anyseckey)))
; /* Skip those item if we do not have the secret key. */
else if (cmds[i].desc)
tty_printf ("%-11s %s\n", cmds[i].name, _(cmds[i].desc));
pCARDBACKUPKEY,
pHANDLE,
pKEYSERVER,
- pKEYGRIP
+ pKEYGRIP,
+ pSUBKEYGRIP,
};
struct para_data_s {
{ "Handle", pHANDLE },
{ "Keyserver", pKEYSERVER },
{ "Keygrip", pKEYGRIP },
+ { "Key-Grip", pKEYGRIP },
+ { "Subkey-grip", pSUBKEYGRIP },
{ NULL, 0 }
};
IOBUF fp;
if (!err && card && get_parameter (para, pAUTHKEYTYPE))
{
err = gen_card_key (3, get_parameter_algo( para, pAUTHKEYTYPE, NULL ),
- 0, pub_root, ×tamp,
- get_parameter_u32 (para, pKEYEXPIRE));
+ 0, pub_root, ×tamp, expire);
if (!err)
err = write_keybinding (ctrl, pub_root, pri_psk, NULL,
PUBKEY_USAGE_AUTH, timestamp, cache_nonce);
if (!err && get_parameter (para, pSUBKEYTYPE))
{
- sub_psk = NULL;
+ int subkey_algo = get_parameter_algo (para, pSUBKEYTYPE, NULL);
+
s = NULL;
- if (!card || (s = get_parameter_value (para, pCARDBACKUPKEY)))
+ key_from_hexgrip = get_parameter_value (para, pSUBKEYGRIP);
+ if (key_from_hexgrip)
+ err = do_create_from_keygrip (ctrl, subkey_algo, key_from_hexgrip,
+ pub_root, timestamp,
+ get_parameter_u32 (para, pSUBKEYEXPIRE),
+ 1);
+ else if (!card || (s = get_parameter_value (para, pCARDBACKUPKEY)))
{
- err = do_create (get_parameter_algo (para, pSUBKEYTYPE, NULL),
+ err = do_create (subkey_algo,
get_parameter_uint (para, pSUBKEYLENGTH),
get_parameter_value (para, pSUBKEYCURVE),
pub_root,
}
else
{
- err = gen_card_key (2, get_parameter_algo (para, pSUBKEYTYPE, NULL),
- 0, pub_root, ×tamp,
- get_parameter_u32 (para, pKEYEXPIRE));
+ err = gen_card_key (2, subkey_algo, 0, pub_root, ×tamp, expire);
}
if (!err)
err = agent_passwd (ctrl, hexgrip, desc, 1 /*=verify*/,
&cache_nonce, &passwd_nonce);
xfree (desc);
+ if (gpg_err_code (err) == GPG_ERR_NOT_IMPLEMENTED
+ && gpg_err_source (err) == GPG_ERR_SOURCE_GPGAGENT)
+ err = 0; /* Very likely that the key is on a card. */
if (err)
goto leave;
}
void import_keys (ctrl_t ctrl, char **fnames, int nnames,
import_stats_t stats_hd, unsigned int options,
int origin, const char *url);
-int import_keys_es_stream (ctrl_t ctrl, estream_t fp,
+gpg_error_t import_keys_es_stream (ctrl_t ctrl, estream_t fp,
import_stats_t stats_handle,
unsigned char **fpr, size_t *fpr_len,
unsigned int options,
{
int rc;
PKT_public_key *pk;
+ KBNODE keyblock = NULL;
if (!name || !*name)
return gpg_error (GPG_ERR_INV_USER_ID);
if (from_file)
rc = get_pubkey_fromfile (ctrl, pk, name);
else
- rc = get_best_pubkey_byname (ctrl, NULL, pk, name, NULL, 0, 0);
+ rc = get_best_pubkey_byname (ctrl, NULL, pk, name, &keyblock, 0, 0);
if (rc)
{
int code;
if (rc)
{
/* Key found but not usable for us (e.g. sign-only key). */
+ release_kbnode (keyblock);
send_status_inv_recp (3, name); /* Wrong key usage */
log_error (_("%s: skipped: %s\n"), name, gpg_strerror (rc) );
free_public_key (pk);
{
int trustlevel;
- trustlevel = get_validity (ctrl, NULL, pk, pk->user_id, NULL, 1);
+ trustlevel = get_validity (ctrl, keyblock, pk, pk->user_id, NULL, 1);
+ release_kbnode (keyblock);
if ( (trustlevel & TRUST_FLAG_DISABLED) )
{
/* Key has been disabled. */
#ifdef NO_TRUST_MODELS
(void)string;
#else
+
+ /* Some users have conf files with entries like
+ * trusted-key 0x1234567812345678 # foo
+ * That is obviously wrong. Before fixing bug#1206 trailing garbage
+ * on a key specification if was ignored. We detect the above use case
+ * here and cut off the junk-looking-like-a comment. */
+ if (strchr (string, '#'))
+ {
+ char *buf;
+
+ buf = xtrystrdup (string);
+ if (buf)
+ {
+ *strchr (buf, '#') = 0;
+ tdb_register_trusted_key (buf);
+ xfree (buf);
+ return;
+ }
+ }
+
tdb_register_trusted_key (string);
#endif
}
msgstr "Quina grandària voleu? (1024) "
#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+
+#, c-format
msgid "rounded up to %u bits\n"
msgstr "arrodonida fins a %u bits\n"
msgstr "clau %08lX: no correspon a la nostra còpia\n"
#, fuzzy, c-format
-msgid "key %s: can't locate original keyblock: %s\n"
-msgstr "clau %08lX: no s'ha trobat el bloc de claus original: %s\n"
-
-#, fuzzy, c-format
-msgid "key %s: can't read original keyblock: %s\n"
-msgstr "clau %08lX: no s'ha pogut llegir el bloc de claus original: %s\n"
-
-#, fuzzy, c-format
msgid "key %s: \"%s\" 1 new user ID\n"
msgstr "clau %08lX: «%s» 1 ID d'usuari nou\n"
"clau %08lX: falta la clau pública: no es pot aplicar el certificat\n"
"de revocació\n"
+#, fuzzy, c-format
+msgid "key %s: can't locate original keyblock: %s\n"
+msgstr "clau %08lX: no s'ha trobat el bloc de claus original: %s\n"
+
+#, fuzzy, c-format
+msgid "key %s: can't read original keyblock: %s\n"
+msgstr "clau %08lX: no s'ha pogut llegir el bloc de claus original: %s\n"
+
# O «rebutjara»? ivb
# Per tots els canvis d'anglicisme «ignorat» -> «es descarta»,
# «es rebutja» està bé. jm
msgid "Secret key is available.\n"
msgstr "La clau secreta està disponible.\n"
+#, fuzzy
+#| msgid "Secret key is available.\n"
+msgid "Secret subkeys are available.\n"
+msgstr "La clau secreta està disponible.\n"
+
msgid "Need the secret key to do this.\n"
msgstr "Cal la clau secreta per a fer açò.\n"
msgstr ""
"Project-Id-Version: gnupg2 2.1.10\n"
"Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"PO-Revision-Date: 2015-12-07 20:45+0100\n"
+"PO-Revision-Date: 2017-11-02 17:38+0100\n"
"Last-Translator: Petr Pisar <petr.pisar@atlas.cz>\n"
"Language-Team: Czech <gnupg-i18n@gnupg.org>\n"
"Language: cs\n"
msgid "What keysize do you want for the Authentication key? (%u) "
msgstr "Jakou délku klíče pro autentizaci si přejete? (%u) "
+#, fuzzy, c-format
+#| msgid "The card will now be re-configured to generate a key of %u bits\n"
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr "Karta bude nyní přenastavena na generování klíče dlouhého %u bitů\n"
+
#, c-format
msgid "rounded up to %u bits\n"
msgstr "zaokrouhleno na %u bitů\n"
msgstr "klíč %s: neodpovídá naší kopii\n"
#, c-format
-msgid "key %s: can't locate original keyblock: %s\n"
-msgstr "klíč %s: nemohu najít originální blok klíče: %s\n"
-
-#, c-format
-msgid "key %s: can't read original keyblock: %s\n"
-msgstr "klíč %s: nemohu číst originální blok klíče: %s\n"
-
-#, c-format
msgid "key %s: \"%s\" 1 new user ID\n"
msgstr "klíč %s: „%s“ 1 nový identifikátor uživatele\n"
msgstr "klíč %s: chybí veřejný klíč – nemohu aplikovat revokační certifikát\n"
#, c-format
+msgid "key %s: can't locate original keyblock: %s\n"
+msgstr "klíč %s: nemohu najít originální blok klíče: %s\n"
+
+#, c-format
+msgid "key %s: can't read original keyblock: %s\n"
+msgstr "klíč %s: nemohu číst originální blok klíče: %s\n"
+
+#, c-format
msgid "key %s: invalid revocation certificate: %s - rejected\n"
msgstr "klíč %s: neplatný revokační certifikát: %s – zamítnuto\n"
msgid "Secret key is available.\n"
msgstr "Tajný klíč je dostupný.\n"
+#, fuzzy
+#| msgid "Secret key is available.\n"
+msgid "Secret subkeys are available.\n"
+msgstr "Tajný klíč je dostupný.\n"
+
msgid "Need the secret key to do this.\n"
msgstr "Pro provedení této operace je potřeba tajný klíč.\n"
msgstr ""
"Project-Id-Version: gnupg\n"
"Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"PO-Revision-Date: 2012-11-01 20:27+0200\n"
+"PO-Revision-Date: 2017-11-02 17:39+0100\n"
"Last-Translator: Joe Hansen <joedalton2@yahoo.dk>\n"
"Language-Team: Danish <debian-l10n-danish@lists.debian.org>\n"
"Language: da\n"
msgid "Replace existing key? (y/N) "
msgstr "Erstat eksisterende nøgle? (j/N) "
-#, fuzzy
-#| msgid ""
-#| "NOTE: There is no guarantee that the card supports the requested size.\n"
-#| " If the key generation does not succeed, please check the\n"
-#| " documentation of your card to see what sizes are allowed.\n"
msgid ""
"Note: There is no guarantee that the card supports the requested size.\n"
" If the key generation does not succeed, please check the\n"
msgid "What keysize do you want for the Authentication key? (%u) "
msgstr "Hvilken nøglestørrelse ønsker du for godkendelsesnøglen? (%u) "
+#, fuzzy, c-format
+#| msgid "The card will now be re-configured to generate a key of %u bits\n"
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr "Kortet vil nu blive omkonfigureret til at oprette en nøgle på %u bit\n"
+
#, c-format
msgid "rounded up to %u bits\n"
msgstr "afrundet op til %u bit\n"
msgstr "nøgle %s: stemmer ikke med vores kopi\n"
#, c-format
-msgid "key %s: can't locate original keyblock: %s\n"
-msgstr "nøgle %s: kan ikke lokalisere original nøgleblok: %s\n"
-
-#, c-format
-msgid "key %s: can't read original keyblock: %s\n"
-msgstr "nøgle %s: kan ikke læse original nøgleblok: %s\n"
-
-#, c-format
msgid "key %s: \"%s\" 1 new user ID\n"
msgstr "nøgle %s: »%s« 1 ny bruger-id\n"
"nøgle %s: ingen offentlig nøgle - kan ikke anvende tilbagekaldscertifikat\n"
#, c-format
+msgid "key %s: can't locate original keyblock: %s\n"
+msgstr "nøgle %s: kan ikke lokalisere original nøgleblok: %s\n"
+
+#, c-format
+msgid "key %s: can't read original keyblock: %s\n"
+msgstr "nøgle %s: kan ikke læse original nøgleblok: %s\n"
+
+#, c-format
msgid "key %s: invalid revocation certificate: %s - rejected\n"
msgstr "nøgle %s: ugyldigt tilbagekaldscertifikat: %s - afvist\n"
msgid "Secret key is available.\n"
msgstr "Hemmelig nøgle er tilgængelig.\n"
+#, fuzzy
+#| msgid "Secret key is available.\n"
+msgid "Secret subkeys are available.\n"
+msgstr "Hemmelig nøgle er tilgængelig.\n"
+
msgid "Need the secret key to do this.\n"
msgstr "Har brug for den hemmelige nøgle for dette.\n"
msgstr ""
"Project-Id-Version: gnupg-2.1.0\n"
"Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"PO-Revision-Date: 2017-08-09 12:49+0200\n"
+"PO-Revision-Date: 2017-11-02 17:36+0100\n"
"Last-Translator: Werner Koch <wk@gnupg.org>\n"
"Language-Team: German <de@li.org>\n"
"Language: de\n"
msgstr "Das Erzeugen eines Datenstroms aus dem Socket schlug fehl: %s\n"
msgid "Please insert the card with serial number"
-msgstr "Die legen Sie die Karte mit der folgenden Seriennummer ein:"
+msgstr "Bitte legen Sie die Karte mit der folgenden Seriennummer ein"
msgid "Please remove the current card and insert the one with serial number"
msgstr ""
"Welche Schlüssellänge wünschen Sie für den Authentisierungs-Schlüssel? (%u) "
#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr "Die Karte wird nun rekonfiguriert für einen Schlüssel des Typs: %s\n"
+
+#, c-format
msgid "rounded up to %u bits\n"
msgstr "aufgerundet auf %u Bit\n"
msgstr "Schlüssel %s: Stimmt nicht mit unserer Kopie überein\n"
#, c-format
-msgid "key %s: can't locate original keyblock: %s\n"
-msgstr "Schlüssel %s: der originale Schlüsselblock wurde nicht gefunden: %s\n"
-
-#, c-format
-msgid "key %s: can't read original keyblock: %s\n"
-msgstr "Schlüssel %s: Lesefehler im originalen Schlüsselblock: %s\n"
-
-#, c-format
msgid "key %s: \"%s\" 1 new user ID\n"
msgstr "Schlüssel %s: \"%s\" 1 neue User-ID\n"
"angebracht werden\n"
#, c-format
+msgid "key %s: can't locate original keyblock: %s\n"
+msgstr "Schlüssel %s: der originale Schlüsselblock wurde nicht gefunden: %s\n"
+
+#, c-format
+msgid "key %s: can't read original keyblock: %s\n"
+msgstr "Schlüssel %s: Lesefehler im originalen Schlüsselblock: %s\n"
+
+#, c-format
msgid "key %s: invalid revocation certificate: %s - rejected\n"
msgstr "Schlüssel %s: Ungültiges Widerrufzertifikat: %s - zurückgewiesen\n"
msgid "Secret key is available.\n"
msgstr "Geheimer Schlüssel ist vorhanden.\n"
+msgid "Secret subkeys are available.\n"
+msgstr "Geheimer Unterschlüssel ist vorhanden.\n"
+
msgid "Need the secret key to do this.\n"
msgstr "Hierzu wird der geheime Schlüssel benötigt.\n"
"WARNUNG: Wir müssen noch eine mit diesem Schlüssel signierte Nachricht "
"sehen.\n"
-#, fuzzy
-#| msgid "Warning: we've only seen a single message signed by this key!\n"
msgid ""
"Warning: we've only seen one message signed using this key and user id!\n"
msgstr ""
msgstr "Τι μέγεθος κλειδιού θα θέλατε; (1024) "
#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+
+#, c-format
msgid "rounded up to %u bits\n"
msgstr "στρογγυλοποιήθηκε έως τα %u bits\n"
msgstr "κλειδί %08lX: δεν ταιριάζει με το αντίγραφο μας\n"
#, fuzzy, c-format
-msgid "key %s: can't locate original keyblock: %s\n"
-msgstr "κλειδί %08lX: αδυναμία εντοπισμού του αρχικού τμήματος κλειδιού: %s\n"
-
-#, fuzzy, c-format
-msgid "key %s: can't read original keyblock: %s\n"
-msgstr "κλειδί %08lX: αδυναμία ανάγνωσης του αρχικού τμήματος κλειδιού: %s\n"
-
-#, fuzzy, c-format
msgid "key %s: \"%s\" 1 new user ID\n"
msgstr "κλειδί %08lX: \"%s\" 1 νέο user ID\n"
"ανάκλησης\n"
#, fuzzy, c-format
+msgid "key %s: can't locate original keyblock: %s\n"
+msgstr "κλειδί %08lX: αδυναμία εντοπισμού του αρχικού τμήματος κλειδιού: %s\n"
+
+#, fuzzy, c-format
+msgid "key %s: can't read original keyblock: %s\n"
+msgstr "κλειδί %08lX: αδυναμία ανάγνωσης του αρχικού τμήματος κλειδιού: %s\n"
+
+#, fuzzy, c-format
msgid "key %s: invalid revocation certificate: %s - rejected\n"
msgstr "κλειδί %08lX: μη έγκυρο πιστοποιητικό ανάκλησης: %s - απόρριψη\n"
msgid "Secret key is available.\n"
msgstr "Το μυστικό κλειδί είναι διαθέσιμο.\n"
+#, fuzzy
+#| msgid "Secret key is available.\n"
+msgid "Secret subkeys are available.\n"
+msgstr "Το μυστικό κλειδί είναι διαθέσιμο.\n"
+
msgid "Need the secret key to do this.\n"
msgstr "Απαιτείται το μυστικό κλειδί για να γίνει αυτό.\n"
msgstr "Kiun ŝlosilgrandon vi deziras? (1024) "
#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+
+#, c-format
msgid "rounded up to %u bits\n"
msgstr "rondigita ĝis %u bitoj\n"
msgstr "ŝlosilo %08lX: diferencas de nia kopio\n"
#, fuzzy, c-format
-msgid "key %s: can't locate original keyblock: %s\n"
-msgstr "ŝlosilo %08lX: ne povas trovi originalan ŝlosilblokon: %s\n"
-
-#, fuzzy, c-format
-msgid "key %s: can't read original keyblock: %s\n"
-msgstr "ŝlosilo %08lX: ne povas legi originalan ŝlosilblokon: %s\n"
-
-#, fuzzy, c-format
msgid "key %s: \"%s\" 1 new user ID\n"
msgstr "ŝlosilo %08lX: 1 nova uzantidentigilo\n"
"ŝlosilo %08lX: publika ŝlosilo mankas - ne povas apliki revokatestilon\n"
#, fuzzy, c-format
+msgid "key %s: can't locate original keyblock: %s\n"
+msgstr "ŝlosilo %08lX: ne povas trovi originalan ŝlosilblokon: %s\n"
+
+#, fuzzy, c-format
+msgid "key %s: can't read original keyblock: %s\n"
+msgstr "ŝlosilo %08lX: ne povas legi originalan ŝlosilblokon: %s\n"
+
+#, fuzzy, c-format
msgid "key %s: invalid revocation certificate: %s - rejected\n"
msgstr "ŝlosilo %08lX: nevalida revokatestilo: %s - malakceptita\n"
msgid "Secret key is available.\n"
msgstr "Sekreta ŝlosilo estas havebla.\n"
+#, fuzzy
+#| msgid "Secret key is available.\n"
+msgid "Secret subkeys are available.\n"
+msgstr "Sekreta ŝlosilo estas havebla.\n"
+
msgid "Need the secret key to do this.\n"
msgstr "Bezonas la sekretan ŝlosilon por fari tion.\n"
msgstr ""
"Project-Id-Version: gnupg 2.0.9\n"
"Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"PO-Revision-Date: 2015-10-09 17:10+0200\n"
+"PO-Revision-Date: 2017-11-02 17:39+0100\n"
"Last-Translator: Jaime Suárez <jaime.suma@gmail.com>\n"
"Language-Team: Spanish <es@li.org>\n"
"Language: es\n"
msgid "Replace existing key? (y/N) "
msgstr "¿Reemplazar la clave existente? (s/N) "
-#, fuzzy
-#| msgid ""
-#| "NOTE: There is no guarantee that the card supports the requested size.\n"
-#| " If the key generation does not succeed, please check the\n"
-#| " documentation of your card to see what sizes are allowed.\n"
msgid ""
"Note: There is no guarantee that the card supports the requested size.\n"
" If the key generation does not succeed, please check the\n"
msgid "What keysize do you want for the Authentication key? (%u) "
msgstr "¿De qué tamaño quiere la clave de Autenticación? (%u) "
+#, fuzzy, c-format
+#| msgid "The card will now be re-configured to generate a key of %u bits\n"
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr "Ahora la tarjeta se reconfigurará para generar una clave de %u bits\n"
+
#, c-format
msgid "rounded up to %u bits\n"
msgstr "redondeados a %u bits\n"
msgstr "clave %s: no coincide con nuestra copia\n"
#, c-format
-msgid "key %s: can't locate original keyblock: %s\n"
-msgstr "clave %s: no puede localizarse el bloque de claves original: %s\n"
-
-#, c-format
-msgid "key %s: can't read original keyblock: %s\n"
-msgstr "clave %s: no puede leerse el bloque de claves original: %s\n"
-
-#, c-format
msgid "key %s: \"%s\" 1 new user ID\n"
msgstr "clave %s: \"%s\" 1 ID de usuario nuevo\n"
"certificado de revocación\n"
#, c-format
+msgid "key %s: can't locate original keyblock: %s\n"
+msgstr "clave %s: no puede localizarse el bloque de claves original: %s\n"
+
+#, c-format
+msgid "key %s: can't read original keyblock: %s\n"
+msgstr "clave %s: no puede leerse el bloque de claves original: %s\n"
+
+#, c-format
msgid "key %s: invalid revocation certificate: %s - rejected\n"
msgstr "clave %s: certificado de revocación inválido: %s - rechazado\n"
msgid "Secret key is available.\n"
msgstr "Clave secreta disponible.\n"
+#, fuzzy
+#| msgid "Secret key is available.\n"
+msgid "Secret subkeys are available.\n"
+msgstr "Clave secreta disponible.\n"
+
msgid "Need the secret key to do this.\n"
msgstr "Se necesita la clave secreta para hacer esto.\n"
msgstr "Millist võtmepikkust te soovite? (1024) "
#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+
+#, c-format
msgid "rounded up to %u bits\n"
msgstr "ümardatud üles %u bitini\n"
msgstr "võti %08lX: ei sobi meie koopiaga\n"
#, fuzzy, c-format
-msgid "key %s: can't locate original keyblock: %s\n"
-msgstr "võti %08lX: ei leia algset võtmeblokki: %s\n"
-
-#, fuzzy, c-format
-msgid "key %s: can't read original keyblock: %s\n"
-msgstr "võti %08lX: ei õnnestu lugeda algset võtmeblokki: %s\n"
-
-#, fuzzy, c-format
msgid "key %s: \"%s\" 1 new user ID\n"
msgstr "võti %08lX: \"%s\" 1 uus kasutaja ID\n"
"võti %08lX: avalik võti puudub - tühistamise sertifikaati ei saa rakendada\n"
#, fuzzy, c-format
+msgid "key %s: can't locate original keyblock: %s\n"
+msgstr "võti %08lX: ei leia algset võtmeblokki: %s\n"
+
+#, fuzzy, c-format
+msgid "key %s: can't read original keyblock: %s\n"
+msgstr "võti %08lX: ei õnnestu lugeda algset võtmeblokki: %s\n"
+
+#, fuzzy, c-format
msgid "key %s: invalid revocation certificate: %s - rejected\n"
msgstr "võti %08lX: vigane tühistamise sertifikaat: %s - lükkasin tagasi\n"
msgid "Secret key is available.\n"
msgstr "Salajane võti on kasutatav.\n"
+#, fuzzy
+#| msgid "Secret key is available.\n"
+msgid "Secret subkeys are available.\n"
+msgstr "Salajane võti on kasutatav.\n"
+
msgid "Need the secret key to do this.\n"
msgstr "Selle tegamiseks on vaja salajast võtit.\n"
msgstr "Minkä kokoisen avaimen haluat? (1024) "
#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+
+#, c-format
msgid "rounded up to %u bits\n"
msgstr "pyöristetty %u bittiin\n"
msgstr "avain %08lX: ei vastaa omaa kopiotamme\n"
#, fuzzy, c-format
-msgid "key %s: can't locate original keyblock: %s\n"
-msgstr "avain %08lX: alkuperäistä avainlohkoa ei löydy: %s\n"
-
-#, fuzzy, c-format
-msgid "key %s: can't read original keyblock: %s\n"
-msgstr "avain %08lX. alkuperäisen avainlohko lukeminen ei onnistu: %s\n"
-
-#, fuzzy, c-format
msgid "key %s: \"%s\" 1 new user ID\n"
msgstr "avain %08lX: \"%s\" 1 uusi käyttäjätunnus\n"
"avain %08lX: ei julkista avainta - mitätöintivarmennetta ei voida käyttää\n"
#, fuzzy, c-format
+msgid "key %s: can't locate original keyblock: %s\n"
+msgstr "avain %08lX: alkuperäistä avainlohkoa ei löydy: %s\n"
+
+#, fuzzy, c-format
+msgid "key %s: can't read original keyblock: %s\n"
+msgstr "avain %08lX. alkuperäisen avainlohko lukeminen ei onnistu: %s\n"
+
+#, fuzzy, c-format
msgid "key %s: invalid revocation certificate: %s - rejected\n"
msgstr "avain %08lX: pätemätön mitätöintivarmenne: %s - hylätty\n"
msgid "Secret key is available.\n"
msgstr "Salainen avain on saatavilla.\n"
+#, fuzzy
+#| msgid "Secret key is available.\n"
+msgid "Secret subkeys are available.\n"
+msgstr "Salainen avain on saatavilla.\n"
+
msgid "Need the secret key to do this.\n"
msgstr "Tähän tarvitaan salainen avain.\n"
msgstr ""
"Project-Id-Version: gnupg 2.1\n"
"Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"PO-Revision-Date: 2015-09-10 16:22+0200\n"
+"PO-Revision-Date: 2017-11-02 17:40+0100\n"
"Last-Translator: David Prévot <david@tilapin.org>\n"
"Language-Team: French <traduc@traduc.org>\n"
"Language: fr\n"
msgstr ""
"Quelle taille de clef désirez-vous pour la clef d'authentification ? (%u) "
+#, fuzzy, c-format
+#| msgid "The card will now be re-configured to generate a key of %u bits\n"
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+"La carte sera maintenant reconfigurée pour générer une clef de %u bits\n"
+
#, c-format
msgid "rounded up to %u bits\n"
msgstr "arrondie à %u bits\n"
msgstr "clef %s : ne correspond pas à notre copie\n"
#, c-format
-msgid "key %s: can't locate original keyblock: %s\n"
-msgstr "clef %s : impossible de trouver le bloc de clef d'origine : %s\n"
-
-#, c-format
-msgid "key %s: can't read original keyblock: %s\n"
-msgstr "clef %s : impossible de lire le bloc de clef d'origine : %s\n"
-
-#, c-format
msgid "key %s: \"%s\" 1 new user ID\n"
msgstr "clef %s : « %s » 1 nouvelle identité\n"
" de révocation\n"
#, c-format
+msgid "key %s: can't locate original keyblock: %s\n"
+msgstr "clef %s : impossible de trouver le bloc de clef d'origine : %s\n"
+
+#, c-format
+msgid "key %s: can't read original keyblock: %s\n"
+msgstr "clef %s : impossible de lire le bloc de clef d'origine : %s\n"
+
+#, c-format
msgid "key %s: invalid revocation certificate: %s - rejected\n"
msgstr "clef %s : certificat de révocation incorrect : %s — rejeté\n"
msgid "Secret key is available.\n"
msgstr "La clef secrète est disponible.\n"
+#, fuzzy
+#| msgid "Secret key is available.\n"
+msgid "Secret subkeys are available.\n"
+msgstr "La clef secrète est disponible.\n"
+
msgid "Need the secret key to do this.\n"
msgstr "La clef secrète est nécessaire pour faire cela.\n"
msgstr "¿Qué tamaño de chave quere? (1024) "
#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+
+#, c-format
msgid "rounded up to %u bits\n"
msgstr "redondeado a %u bits\n"
msgstr "chave %08lX: non coincide coa nosa copia\n"
#, fuzzy, c-format
-msgid "key %s: can't locate original keyblock: %s\n"
-msgstr ""
-"chave %08lX: non foi posible localiza-lo bloque de chaves original:\n"
-"%s\n"
-
-#, fuzzy, c-format
-msgid "key %s: can't read original keyblock: %s\n"
-msgstr ""
-"chave %08lX: non foi posible le-lo bloque de chaves original:\n"
-"%s\n"
-
-#, fuzzy, c-format
msgid "key %s: \"%s\" 1 new user ID\n"
msgstr "chave %08lX: \"%s\" 1 novo ID de usuario\n"
"certificado de revocación\n"
#, fuzzy, c-format
+msgid "key %s: can't locate original keyblock: %s\n"
+msgstr ""
+"chave %08lX: non foi posible localiza-lo bloque de chaves original:\n"
+"%s\n"
+
+#, fuzzy, c-format
+msgid "key %s: can't read original keyblock: %s\n"
+msgstr ""
+"chave %08lX: non foi posible le-lo bloque de chaves original:\n"
+"%s\n"
+
+#, fuzzy, c-format
msgid "key %s: invalid revocation certificate: %s - rejected\n"
msgstr ""
"chave %08lX: certificado de revocación incorrecto:\n"
msgid "Secret key is available.\n"
msgstr "A chave secreta está disponible.\n"
+#, fuzzy
+#| msgid "Secret key is available.\n"
+msgid "Secret subkeys are available.\n"
+msgstr "A chave secreta está disponible.\n"
+
msgid "Need the secret key to do this.\n"
msgstr "Cómpre a chave secreta para facer isto.\n"
msgstr "Milyen kulcsméretet szeretne? (1024) "
#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+
+#, c-format
msgid "rounded up to %u bits\n"
msgstr "Felkerekítve %u bitre.\n"
msgstr "%08lX kulcs: Nem egyezik a mi másolatunkkal!\n"
#, fuzzy, c-format
-msgid "key %s: can't locate original keyblock: %s\n"
-msgstr "%08lX kulcs: Nem találom az eredeti kulcsblokkot: %s\n"
-
-#, fuzzy, c-format
-msgid "key %s: can't read original keyblock: %s\n"
-msgstr "%08lX kulcs: Nem tudom beolvasni az eredeti kulcsblokkot: %s\n"
-
-#, fuzzy, c-format
msgid "key %s: \"%s\" 1 new user ID\n"
msgstr "%08lX kulcs: \"%s\" 1 új felhasználói azonosító.\n"
msgstr "%08lX kulcs: Nincs nyilvános kulcs - nem tudok visszavonni.\n"
#, fuzzy, c-format
+msgid "key %s: can't locate original keyblock: %s\n"
+msgstr "%08lX kulcs: Nem találom az eredeti kulcsblokkot: %s\n"
+
+#, fuzzy, c-format
+msgid "key %s: can't read original keyblock: %s\n"
+msgstr "%08lX kulcs: Nem tudom beolvasni az eredeti kulcsblokkot: %s\n"
+
+#, fuzzy, c-format
msgid "key %s: invalid revocation certificate: %s - rejected\n"
msgstr "%08lX kulcs: Érvénytelen visszavonó igazolás: %s - visszautasítva.\n"
msgid "Secret key is available.\n"
msgstr "Titkos kulcs rendelkezésre áll.\n"
+#, fuzzy
+#| msgid "Secret key is available.\n"
+msgid "Secret subkeys are available.\n"
+msgstr "Titkos kulcs rendelkezésre áll.\n"
+
msgid "Need the secret key to do this.\n"
msgstr "Ehhez szükség van a titkos kulcsra.\n"
msgstr "Keysize yang anda inginkan? (1024) "
#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+
+#, c-format
msgid "rounded up to %u bits\n"
msgstr "dibulatkan hingga %u bit\n"
msgstr "kunci %08lX: tidak cocok dengan duplikat kami\n"
#, fuzzy, c-format
-msgid "key %s: can't locate original keyblock: %s\n"
-msgstr "kunci %08lX: tidak dapat menemukan keyblock orisinal: %s\n"
-
-#, fuzzy, c-format
-msgid "key %s: can't read original keyblock: %s\n"
-msgstr "kunci %08lX: tidak dapat membaca keyblok orisinal: %s\n"
-
-#, fuzzy, c-format
msgid "key %s: \"%s\" 1 new user ID\n"
msgstr "kunci %08lX: 1 user ID baru \"%s\"\n"
"pembatalan\n"
#, fuzzy, c-format
+msgid "key %s: can't locate original keyblock: %s\n"
+msgstr "kunci %08lX: tidak dapat menemukan keyblock orisinal: %s\n"
+
+#, fuzzy, c-format
+msgid "key %s: can't read original keyblock: %s\n"
+msgstr "kunci %08lX: tidak dapat membaca keyblok orisinal: %s\n"
+
+#, fuzzy, c-format
msgid "key %s: invalid revocation certificate: %s - rejected\n"
msgstr "kunci %08lX: sertifikat pembatalan tidak valid: %s - ditolak\n"
msgid "Secret key is available.\n"
msgstr "Kunci rahasia tersedia.\n"
+#, fuzzy
+#| msgid "Secret key is available.\n"
+msgid "Secret subkeys are available.\n"
+msgstr "Kunci rahasia tersedia.\n"
+
msgid "Need the secret key to do this.\n"
msgstr "Perlu kunci rahasia untuk melakukan hal ini.\n"
msgstr "Di che dimensioni vuoi la chiave? (1024) "
#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+
+#, c-format
msgid "rounded up to %u bits\n"
msgstr "arrotondate a %u bit\n"
msgstr "chiave %08lX: non corrisponde alla nostra copia\n"
#, fuzzy, c-format
-msgid "key %s: can't locate original keyblock: %s\n"
-msgstr "chiave %08lX: impossibile individuare il keyblock originale: %s\n"
-
-#, fuzzy, c-format
-msgid "key %s: can't read original keyblock: %s\n"
-msgstr "chiave %08lX: impossibile leggere il keyblock originale: %s\n"
-
-#, fuzzy, c-format
msgid "key %s: \"%s\" 1 new user ID\n"
msgstr "chiave %08lX: \"%s\" 1 nuovo user ID\n"
"certificato di revoca\n"
#, fuzzy, c-format
+msgid "key %s: can't locate original keyblock: %s\n"
+msgstr "chiave %08lX: impossibile individuare il keyblock originale: %s\n"
+
+#, fuzzy, c-format
+msgid "key %s: can't read original keyblock: %s\n"
+msgstr "chiave %08lX: impossibile leggere il keyblock originale: %s\n"
+
+#, fuzzy, c-format
msgid "key %s: invalid revocation certificate: %s - rejected\n"
msgstr "chiave %08lX: certificato di revoca non valido: %s - rifiutato\n"
msgid "Secret key is available.\n"
msgstr "È disponibile una chiave segreta.\n"
+#, fuzzy
+#| msgid "Secret key is available.\n"
+msgid "Secret subkeys are available.\n"
+msgstr "È disponibile una chiave segreta.\n"
+
msgid "Need the secret key to do this.\n"
msgstr "Per fare questo serve la chiave segreta.\n"
#
msgid ""
msgstr ""
-"Project-Id-Version: gnupg 2.1.23\n"
+"Project-Id-Version: gnupg 2.2.2\n"
"Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"PO-Revision-Date: 2017-08-22 11:22+0900\n"
+"PO-Revision-Date: 2017-11-07 11:11+0900\n"
"Last-Translator: NIIBE Yutaka <gniibe@fsij.org>\n"
"Language-Team: none\n"
"Language: ja\n"
msgid "What keysize do you want for the Authentication key? (%u) "
msgstr "認証鍵の鍵長は? (%u) "
+#, fuzzy, c-format
+#| msgid "The card will now be re-configured to generate a key of %u bits\n"
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr "今、%uビットの鍵を生成するようにカードは再コンフィグされました\n"
+
#, c-format
msgid "rounded up to %u bits\n"
msgstr "%uビットに切り上げます\n"
msgstr "鍵%s: こちらの複製と合いません\n"
#, c-format
-msgid "key %s: can't locate original keyblock: %s\n"
-msgstr "鍵%s: 元の鍵ブロックに位置づけできません: %s\n"
-
-#, c-format
-msgid "key %s: can't read original keyblock: %s\n"
-msgstr "鍵%s: 元の鍵ブロックを読み込めません: %s\n"
-
-#, c-format
msgid "key %s: \"%s\" 1 new user ID\n"
msgstr "鍵%s: \"%s\" 新しいユーザIDを1個\n"
msgstr "鍵%s: 公開鍵がありません - 失効証明書を適用できません\n"
#, c-format
+msgid "key %s: can't locate original keyblock: %s\n"
+msgstr "鍵%s: 元の鍵ブロックに位置づけできません: %s\n"
+
+#, c-format
+msgid "key %s: can't read original keyblock: %s\n"
+msgstr "鍵%s: 元の鍵ブロックを読み込めません: %s\n"
+
+#, c-format
msgid "key %s: invalid revocation certificate: %s - rejected\n"
msgstr "鍵%s: 無効な失効証明書: %s - 拒否\n"
msgid "Secret key is available.\n"
msgstr "秘密鍵が利用できます。\n"
+msgid "Secret subkeys are available.\n"
+msgstr "秘密副鍵が利用できます。\n"
+
msgid "Need the secret key to do this.\n"
msgstr "この実行には秘密鍵がいります。\n"
msgstr ""
"Project-Id-Version: GNU gnupg 2.1\n"
"Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"PO-Revision-Date: 2017-08-15 10:19+0200\n"
+"PO-Revision-Date: 2017-11-02 17:40+0100\n"
"Last-Translator: Åka Sikrom <a4@hush.com>\n"
"Language-Team: Norwegian Bokmål <i18n-nb@lister.ping.uio.no>\n"
"Language: nb\n"
msgid "What keysize do you want for the Authentication key? (%u) "
msgstr "Hvor stor skal autentiseringsnøkkelen være? (%u) "
+#, fuzzy, c-format
+#| msgid "The card will now be re-configured to generate a key of %u bits\n"
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr "Kortet blir nå satt opp på nytt for å lage nøkkel på %u bit\n"
+
#, c-format
msgid "rounded up to %u bits\n"
msgstr "rundet opp til %u bit\n"
msgstr "nøkkel %s: stemmer ikke med vår kopi\n"
#, c-format
-msgid "key %s: can't locate original keyblock: %s\n"
-msgstr "nøkkel %s: finner ikke original nøkkelblokk: %s\n"
-
-#, c-format
-msgid "key %s: can't read original keyblock: %s\n"
-msgstr "nøkkel %s: klarte ikke å lese opprinnelig nøkkelblokk: %s\n"
-
-#, c-format
msgid "key %s: \"%s\" 1 new user ID\n"
msgstr "nøkkel %s: «%s» 1 ny bruker-ID\n"
"opphevelsessertifikat\n"
#, c-format
+msgid "key %s: can't locate original keyblock: %s\n"
+msgstr "nøkkel %s: finner ikke original nøkkelblokk: %s\n"
+
+#, c-format
+msgid "key %s: can't read original keyblock: %s\n"
+msgstr "nøkkel %s: klarte ikke å lese opprinnelig nøkkelblokk: %s\n"
+
+#, c-format
msgid "key %s: invalid revocation certificate: %s - rejected\n"
msgstr "nøkkel %s: ugyldig opphevingssertifikat: %s - avvist\n"
msgid "Secret key is available.\n"
msgstr "Hemmelig nøkkel er tilgjengelig.\n"
+#, fuzzy
+#| msgid "Secret key is available.\n"
+msgid "Secret subkeys are available.\n"
+msgstr "Hemmelig nøkkel er tilgjengelig.\n"
+
msgid "Need the secret key to do this.\n"
msgstr "Du trenger tilhørende hemmelig nøkkel for å gjøre dette.\n"
msgstr ""
"Project-Id-Version: gnupg-2.0.20\n"
"Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"PO-Revision-Date: 2017-02-22 16:03+0100\n"
+"PO-Revision-Date: 2017-11-02 17:41+0100\n"
"Last-Translator: Jakub Bogusz <qboosh@pld-linux.org>\n"
"Language-Team: Polish <translation-team-pl@lists.sourceforge.net>\n"
"Language: pl\n"
msgid "Replace existing key? (y/N) "
msgstr "Zastąpić istniejący klucz? (t/N) "
-#, fuzzy
-#| msgid ""
-#| "NOTE: There is no guarantee that the card supports the requested size.\n"
-#| " If the key generation does not succeed, please check the\n"
-#| " documentation of your card to see what sizes are allowed.\n"
msgid ""
"Note: There is no guarantee that the card supports the requested size.\n"
" If the key generation does not succeed, please check the\n"
msgid "What keysize do you want for the Authentication key? (%u) "
msgstr "Jakiej długości klucz do uwierzytelniania wygenerować? (%u) "
+#, fuzzy, c-format
+#| msgid "The card will now be re-configured to generate a key of %u bits\n"
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr "Karta zostanie przekonfigurowana do tworzenia klucza %u-bitowego\n"
+
#, c-format
msgid "rounded up to %u bits\n"
msgstr "zaokrąglono do %u bitów\n"
msgstr "klucz %s: nie zgadza się z lokalną kopią\n"
#, c-format
-msgid "key %s: can't locate original keyblock: %s\n"
-msgstr "klucz %s: brak oryginalnego bloku klucza; %s\n"
-
-#, c-format
-msgid "key %s: can't read original keyblock: %s\n"
-msgstr "klucz %s: nie można odczytać oryginalnego bloku klucza: %s\n"
-
-#, c-format
msgid "key %s: \"%s\" 1 new user ID\n"
msgstr "klucz %s: ,,%s'' 1 nowy identyfikator użytkownika\n"
" unieważnienia\n"
#, c-format
+msgid "key %s: can't locate original keyblock: %s\n"
+msgstr "klucz %s: brak oryginalnego bloku klucza; %s\n"
+
+#, c-format
+msgid "key %s: can't read original keyblock: %s\n"
+msgstr "klucz %s: nie można odczytać oryginalnego bloku klucza: %s\n"
+
+#, c-format
msgid "key %s: invalid revocation certificate: %s - rejected\n"
msgstr "klucz %s: niepoprawny certyfikat unieważnienia: %s - odrzucony\n"
msgid "Secret key is available.\n"
msgstr "Dostępny jest klucz tajny.\n"
+#, fuzzy
+#| msgid "Secret key is available.\n"
+msgid "Secret subkeys are available.\n"
+msgstr "Dostępny jest klucz tajny.\n"
+
msgid "Need the secret key to do this.\n"
msgstr "Do wykonania tej operacji potrzebny jest klucz tajny.\n"
msgstr "Qual o tamanho de chave desejado? (1024) "
#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+
+#, c-format
msgid "rounded up to %u bits\n"
msgstr "arredondado para %u bits\n"
msgstr "chave %08lX: não corresponde à nossa cópia\n"
#, fuzzy, c-format
-msgid "key %s: can't locate original keyblock: %s\n"
-msgstr "chave %08lX: impossível localizar bloco de chaves original: %s\n"
-
-#, fuzzy, c-format
-msgid "key %s: can't read original keyblock: %s\n"
-msgstr "chave %08lX: impossível ler bloco de chaves original: %s\n"
-
-#, fuzzy, c-format
msgid "key %s: \"%s\" 1 new user ID\n"
msgstr "chave %8lX: \"%s\" 1 novo ID de utilizador\n"
"de revogação\n"
#, fuzzy, c-format
+msgid "key %s: can't locate original keyblock: %s\n"
+msgstr "chave %08lX: impossível localizar bloco de chaves original: %s\n"
+
+#, fuzzy, c-format
+msgid "key %s: can't read original keyblock: %s\n"
+msgstr "chave %08lX: impossível ler bloco de chaves original: %s\n"
+
+#, fuzzy, c-format
msgid "key %s: invalid revocation certificate: %s - rejected\n"
msgstr "chave %08lX: certificado de revogação inválido: %s - rejeitado\n"
msgid "Secret key is available.\n"
msgstr "Chave secreta disponível.\n"
+#, fuzzy
+#| msgid "Secret key is available.\n"
+msgid "Secret subkeys are available.\n"
+msgstr "Chave secreta disponível.\n"
+
msgid "Need the secret key to do this.\n"
msgstr "A chave secreta é necessária para fazer isto.\n"
msgstr "Ce lungime de cheie doriţi? (%u) "
#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+
+#, c-format
msgid "rounded up to %u bits\n"
msgstr "rotunjită prin adaos la %u biţi\n"
msgstr "cheia %s: nu se potriveşte cu copia noastră\n"
#, c-format
-msgid "key %s: can't locate original keyblock: %s\n"
-msgstr "cheia %s: nu pot găsi keyblock-ul original: %s\n"
-
-#, c-format
-msgid "key %s: can't read original keyblock: %s\n"
-msgstr "cheia %s: nu pot citi keyblock-ul original: %s\n"
-
-#, c-format
msgid "key %s: \"%s\" 1 new user ID\n"
msgstr "cheia %s: \"%s\" 1 nou ID utilizator\n"
"cheia %s: nici o cheie publică - nu pot aplica certificatul de revocare\n"
#, c-format
+msgid "key %s: can't locate original keyblock: %s\n"
+msgstr "cheia %s: nu pot găsi keyblock-ul original: %s\n"
+
+#, c-format
+msgid "key %s: can't read original keyblock: %s\n"
+msgstr "cheia %s: nu pot citi keyblock-ul original: %s\n"
+
+#, c-format
msgid "key %s: invalid revocation certificate: %s - rejected\n"
msgstr "cheia %s: certificat de revocare invalid: %s - respins\n"
msgid "Secret key is available.\n"
msgstr "Cheia secretă este disponibilă.\n"
+#, fuzzy
+#| msgid "Secret key is available.\n"
+msgid "Secret subkeys are available.\n"
+msgstr "Cheia secretă este disponibilă.\n"
+
msgid "Need the secret key to do this.\n"
msgstr "Aveţi nevoie de cheia secretă pentru a face aceasta.\n"
# Designated-Translator: none
msgid ""
msgstr ""
-"Project-Id-Version: GnuPG 2.1.0\n"
+"Project-Id-Version: GnuPG 2.2.0\n"
"Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"PO-Revision-Date: 2017-08-05 17:17+0000\n"
+"PO-Revision-Date: 2017-11-02 17:41+0100\n"
"Last-Translator: Ineiev <ineiev@gnu.org>\n"
"Language-Team: Russian <gnupg-ru@gnupg.org>\n"
"Language: ru\n"
msgstr "Слишком длинная фраза-пароль"
msgid "Invalid characters in PIN"
-msgstr "Ð\9dедопÑ\83Ñ\81Ñ\82имÑ\8bй Ñ\81имвол в PIN"
+msgstr "Ð\9dедопÑ\83Ñ\81Ñ\82имÑ\8bе Ñ\81имволÑ\8b в PIN"
msgid "PIN too short"
msgstr "Слишком короткий PIN"
#, c-format
msgid "no authentication key for ssh on card: %s\n"
-msgstr "на каÑ\80Ñ\82е неÑ\82 оÑ\81новного аÑ\83Ñ\82енÑ\82иÑ\84икаÑ\86ионного клÑ\8eÑ\87а для ssh: %s\n"
+msgstr "на каÑ\80Ñ\82е неÑ\82 клÑ\8eÑ\87а Ñ\83доÑ\81Ñ\82овеÑ\80ениÑ\8f лиÑ\87ноÑ\81Ñ\82и для ssh: %s\n"
#, c-format
msgid "no suitable card key found: %s\n"
#, c-format
msgid "A passphrase should be at least %u character long."
msgid_plural "A passphrase should be at least %u characters long."
-msgstr[0] "Фраза-пароль не должна быть короче %u символа"
-msgstr[1] "Фраза-пароль не должна быть короче %u символов"
-msgstr[2] "Фраза-пароль не должна быть короче %u символов"
+msgstr[0] "Фраза-пароль не должна быть короче %u символа."
+msgstr[1] "Фраза-пароль не должна быть короче %u символов."
+msgstr[2] "Фраза-пароль не должна быть короче %u символов."
#, c-format
msgid "A passphrase should contain at least %u digit or%%0Aspecial character."
msgstr "включить поддержку ssh"
msgid "|ALGO|use ALGO to show ssh fingerprints"
-msgstr "|ALGO|иÑ\81полÑ\8cзоваÑ\82Ñ\8c алгоÑ\80иÑ\82м ALGO длÑ\8f оÑ\82обÑ\80ажениÑ\8f оÑ\82пеÑ\87аÑ\82ков"
+msgstr "|ALGO|иÑ\81полÑ\8cзоваÑ\82Ñ\8c длÑ\8f оÑ\82обÑ\80ажениÑ\8f оÑ\82пеÑ\87аÑ\82ков алгоÑ\80иÑ\82м ALGO"
msgid "enable putty support"
msgstr "включить поддержку putty"
msgstr "Об ошибках в программе сообщайте по адресу <@EMAIL@>.\n"
msgid "Usage: @GPG_AGENT@ [options] (-h for help)"
-msgstr "Вызов: @GPG_AGENT@ [параметры] (-h для подсказки)"
+msgstr "Вызов: @GPG_AGENT@ [параметры] (-h - подсказка)"
msgid ""
"Syntax: @GPG_AGENT@ [options] [command [args]]\n"
msgstr "в этом сеансе агент gpg не работает\n"
msgid "Usage: gpg-preset-passphrase [options] KEYGRIP (-h for help)\n"
-msgstr ""
-"Вызов: gpg-preset-passphrase [параметры] КОД_КЛЮЧА (-h для подсказки)\n"
+msgstr "Вызов: gpg-preset-passphrase [параметры] КОД_КЛЮЧА (-h - подсказка)\n"
msgid ""
"Syntax: gpg-preset-passphrase [options] KEYGRIP\n"
" "
msgid "Usage: gpg-protect-tool [options] (-h for help)\n"
-msgstr "Вызов: gpg-protect-tool [параметры] (-h для подсказки)\n"
+msgstr "Вызов: gpg-protect-tool [параметры] (-h - подсказка)\n"
msgid ""
"Syntax: gpg-protect-tool [options] [args]\n"
#, c-format
msgid "%s key uses an unsafe (%u bit) hash\n"
-msgstr "%s ключ использует небезопасный (%u бит) хеш\n"
+msgstr "%s ключ использует небезопасный (%u-битный) хеш\n"
#, c-format
msgid "a %zu bit hash is not valid for a %u bit %s key\n"
#, c-format
msgid "Warning: unsafe ownership on %s \"%s\"\n"
-msgstr "Внимание: небезопасный владелец %s \"%s\"\n"
+msgstr "Внимание: небезопасный владелец объекта %s \"%s\"\n"
#, c-format
msgid "Warning: unsafe permissions on %s \"%s\"\n"
-msgstr "Внимание: небезопасные права доступа %s \"%s\"\n"
+msgstr "Внимание: небезопасные права доступа объекта %s \"%s\"\n"
#, c-format
msgid "waiting for file '%s' to become accessible ...\n"
-msgstr "ожидаÑ\8e доÑ\81Ñ\82Ñ\83пноÑ\81Ñ\82и Ñ\84айла '%s'\n"
+msgstr "ожидаÑ\8e доÑ\81Ñ\82Ñ\83па к Ñ\84айлÑ\83 '%s'\n"
#, c-format
msgid "renaming '%s' to '%s' failed: %s\n"
msgstr "алгоритм (не поддерживается): %s"
msgid "seems to be not encrypted"
-msgstr "кажеÑ\82Ñ\81Ñ\8f, не зашифровано"
+msgstr "по-видимомÑ\83, не зашифровано"
msgid "Number of recipients"
msgstr "Количество получателей"
#, c-format
msgid "Signer %d"
-msgstr "Подпись %d"
+msgstr "Подпись ключом %d"
#, c-format
msgid "attr hash algorithm: %s"
#, c-format
msgid "removing stale lockfile (created by %d)\n"
-msgstr "удаляю залипшую блокировку (созданную %d)\n"
+msgstr "удаляю залипшую блокировку (созданную процессом %d)\n"
#, c-format
msgid "waiting for lock (held by %d%s) %s...\n"
-msgstr "жду снятия блокировки (заблокировано %d%s) %s...\n"
+msgstr "жду снятия блокировки (заблокировано процессом %d%s) %s...\n"
msgid "(deadlock?) "
msgstr "(мертвая точка?) "
"заканчиваться знаком '='\n"
msgid "a user notation name must contain the '@' character\n"
-msgstr "имя замечания должно содержать символ '@'\n"
+msgstr "имÑ\8f полÑ\8cзоваÑ\82елÑ\8cÑ\81кого замеÑ\87аниÑ\8f должно Ñ\81одеÑ\80жаÑ\82Ñ\8c Ñ\81имвол '@'\n"
msgid "a notation name must not contain more than one '@' character\n"
msgstr "имя замечания не должно содержать более одного символа '@'\n"
msgstr "в тексте замечания не должно быть управляющих символов\n"
msgid "a notation name may not contain an '=' character\n"
-msgstr "имÑ\8f пÑ\80имечания не должно содержать символа '='\n"
+msgstr "имÑ\8f замечания не должно содержать символа '='\n"
msgid "a notation name must have only printable characters or spaces\n"
msgstr "имя замечания должно содержать только печатные символы или пробелы\n"
msgid "Note: Outdated servers may lack important security fixes.\n"
msgstr ""
-"Ð\97амеÑ\87ание: Ð\9dа Ñ\81Ñ\82аÑ\80Ñ\8bÑ\85 Ñ\81еÑ\80веÑ\80аÑ\85 могÑ\83Ñ\82 бÑ\8bÑ\82Ñ\8c оÑ\81Ñ\82аваÑ\82Ñ\8cÑ\81Ñ\8f оÑ\88ибки, кÑ\80иÑ\82иÑ\87нÑ\8bе длÑ\8f "
+"Замечание: На старых серверах могут оставаться ошибки, критичные для "
"безопасности.\n"
#, c-format
msgstr "в пакетном режиме это действие невозможно\n"
msgid "This command is only available for version 2 cards\n"
-msgstr "Эта команда доступна только для карт версии 2.\n"
+msgstr "Эта команда доступна только для карт версии 2\n"
msgid "Reset Code not or not anymore available\n"
msgstr "Код сброса (больше) не доступен\n"
msgstr "не указан"
msgid "not forced"
-msgstr "не принудительный"
+msgstr "не требуется"
msgid "forced"
-msgstr "принудительный"
+msgstr "требуется"
msgid "Error: Only plain ASCII is currently allowed.\n"
msgstr "Ошибка: Допустим только простой текст ASCII.\n"
#, c-format
msgid "What keysize do you want for the Authentication key? (%u) "
-msgstr "Какой Вам нужен размер ключа для аутентификации? (%u) "
+msgstr "Какой Вам нужен размер ключа для удостоверения личности? (%u) "
+
+#, fuzzy, c-format
+#| msgid "The card will now be re-configured to generate a key of %u bits\n"
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr "Теперь карта будет перенастроена на генерацию ключа длиной %u бит\n"
#, c-format
msgid "rounded up to %u bits\n"
msgstr " (2) Ключ шифрования\n"
msgid " (3) Authentication key\n"
-msgstr " (3) Ключ аутентификации\n"
+msgstr " (3) Ключ удостоверения личности\n"
msgid "Invalid selection.\n"
msgstr "Неправильный выбор.\n"
msgstr "сбой записи ключа на карту: %s\n"
msgid "This command is not supported by this card\n"
-msgstr "Данная команда этой картой не поддерживается.\n"
+msgstr "Данная команда этой картой не поддерживается\n"
msgid "Note: This command destroys all keys stored on the card!\n"
msgstr "Замечание: эта команда сотрет с карты все ключи!\n"
#, c-format
msgid "Warning: '%s' should be a long key ID or a fingerprint\n"
msgstr ""
-"Внимание: '%s' должно быть должно быть длинным идентификатором или "
-"отпечатком ключа\n"
+"Внимание: '%s' должно быть длинным идентификатором или отпечатком ключа\n"
#, c-format
msgid "error looking up: %s\n"
" --fingerprint [имена] показать отпечатки\n"
msgid "Usage: @GPG@ [options] [files] (-h for help)"
-msgstr "Вызов: @GPG@ [параметры] [файлы] (-h для подсказки)"
+msgstr "Вызов: @GPG@ [параметры] [файлы] (-h - подсказка)"
msgid ""
"Syntax: @GPG@ [options] [files]\n"
msgstr "неизвестный элемент в файле настроек '%s'\n"
msgid "display photo IDs during key listings"
-msgstr "показать в списке ключей фотоидентификаторы"
+msgstr "показывать в списке ключей фотоидентификаторы"
msgid "show key usage information during key listings"
-msgstr "показать в списке ключей сведения о назначении ключа"
+msgstr "показывать в списке ключей сведения о назначении ключа"
msgid "show policy URLs during signature listings"
-msgstr "показать в списке подписей URL правил"
+msgstr "показывать в списке подписей URL правил"
msgid "show all notations during signature listings"
-msgstr "показать в списке подписей все замечания"
+msgstr "показывать в списке подписей все замечания"
msgid "show IETF standard notations during signature listings"
-msgstr "показать в списке подписей замечания стандарта IETF"
+msgstr "показывать в списке подписей замечания стандарта IETF"
msgid "show user-supplied notations during signature listings"
-msgstr "показать в списке подписей пользовательские замечания"
+msgstr "показывать в списке подписей пользовательские замечания"
msgid "show preferred keyserver URLs during signature listings"
-msgstr "показать в списке подписей URL предпочтительных серверов ключей"
+msgstr "показывать в списке подписей URL предпочтительных серверов ключей"
msgid "show user ID validity during key listings"
msgstr ""
-"показать в списке ключей действительность идентификаторов пользователей"
+"показывать в списке ключей действительность идентификаторов пользователей"
msgid "show revoked and expired user IDs in key listings"
msgstr ""
-"показать в списке ключей отозванные и просроченные идентификаторы "
+"показывать в списке ключей отозванные и просроченные идентификаторы "
"пользователей"
msgid "show revoked and expired subkeys in key listings"
-msgstr "показать в списке ключей отозванные и просроченные подключи"
+msgstr "показывать в списке ключей отозванные и просроченные подключи"
msgid "show the keyring name in key listings"
-msgstr "показать в списке ключей название таблицы ключей"
+msgstr "показывать в списке ключей название таблицы ключей"
msgid "show expiration dates during signature listings"
-msgstr "показать в списке подписей сроки действия"
+msgstr "показывать в списке подписей сроки действия"
#, c-format
msgid "unknown TOFU policy '%s'\n"
#, c-format
msgid "will not run with insecure memory due to %s\n"
-msgstr "не бÑ\83деÑ\82 работать с небезопасной памятью из-за %s\n"
+msgstr "оÑ\82казÑ\8bваÑ\8eÑ\81Ñ\8c работать с небезопасной памятью из-за %s\n"
msgid "selected cipher algorithm is invalid\n"
msgstr "выбран недопустимый алгоритм шифрования\n"
msgstr "|ALGO|отвергать подписи, сделанные по данному алгоритму"
msgid "Usage: gpgv [options] [files] (-h for help)"
-msgstr "Вызов: gpgv [параметры] [файлы] (-h для подсказки)"
+msgstr "Вызов: gpgv [параметры] [файлы] (-h - подсказка)"
msgid ""
"Syntax: gpgv [options] [files]\n"
#, c-format
msgid "No help available for '%s'"
-msgstr "Ð\9dеÑ\82 Ñ\81пÑ\80авки длÑ\8f '%s'"
+msgstr "Ð\9dеÑ\82 Ñ\81пÑ\80авки по клÑ\8eÑ\87евомÑ\83 Ñ\81ловÑ\83 '%s'"
msgid "import signatures that are marked as local-only"
msgstr "импортировать подписи, обозначенные как 'только локальные'"
msgstr "устранить при импорте повреждения от сервера ключей pks"
msgid "do not clear the ownertrust values during import"
-msgstr "не сбрасывать уровни доверия владельцам после импорта"
+msgstr "не сбрасывать уровни доверия владельцам при импорте"
msgid "do not update the trustdb after import"
msgstr "не обновлять таблицу доверия после импорта"
msgstr "ключ %s: не совпадает с нашей копией\n"
#, c-format
-msgid "key %s: can't locate original keyblock: %s\n"
-msgstr "ключ %s: оригинальный блок ключей не найден: %s\n"
-
-#, c-format
-msgid "key %s: can't read original keyblock: %s\n"
-msgstr "ключ %s: оригинальный блок ключей не читается: %s\n"
-
-#, c-format
msgid "key %s: \"%s\" 1 new user ID\n"
msgstr "ключ %s: \"%s\" 1 новый идентификатор пользователя\n"
msgstr "ключ %s: нет открытого ключа - не могу применить сертификат отзыва\n"
#, c-format
+msgid "key %s: can't locate original keyblock: %s\n"
+msgstr "ключ %s: оригинальный блок ключей не найден: %s\n"
+
+#, c-format
+msgid "key %s: can't read original keyblock: %s\n"
+msgstr "ключ %s: оригинальный блок ключей не читается: %s\n"
+
+#, c-format
msgid "key %s: invalid revocation certificate: %s - rejected\n"
msgstr "ключ %s: недействительный сертификат отзыва: %s - отвергнут\n"
#, c-format
msgid "key %s: removed multiple subkey binding\n"
-msgstr "клÑ\8eÑ\87 %s: Ñ\83далено многокÑ\80аÑ\82ное Ñ\81вÑ\8fзÑ\8bвание подключей\n"
+msgstr "клÑ\8eÑ\87 %s: Ñ\83далена многокÑ\80аÑ\82наÑ\8f Ñ\81вÑ\8fзÑ\8c подключей\n"
#, c-format
msgid "key %s: no subkey for key revocation\n"
msgid "Secret key is available.\n"
msgstr "Секретный ключ доступен.\n"
+msgid "Secret subkeys are available.\n"
+msgstr "Секретные подключи доступны.\n"
+
msgid "Need the secret key to do this.\n"
msgstr "Для данного действия нужен секретный ключ.\n"
"пользователем\n"
msgid "Set preference list to:\n"
-msgstr "Установить предпочтения в:\n"
+msgstr "Установить предпочтения, равные:\n"
msgid "Really update the preferences for the selected user IDs? (y/N) "
msgstr ""
msgstr " годен до: %s"
# perhaps this should be somewhere in help/man
-# (S - подпись, C - сертификация, E - шифрование, A - аутентификация)
+# (S - подпись, C - сертификация, E - шифрование, A - удостоверение личности)
# too long for repeating messages.
#, c-format
msgid "usage: %s"
msgstr "Ничего не удалено.\n"
msgid "invalid"
-msgstr "недопустимый"
+msgstr "недопустим"
#, c-format
msgid "User ID \"%s\" compacted: %s\n"
#, c-format
msgid "Displaying %s photo ID of size %ld for key %s (uid %d)\n"
-msgstr "Показ фотоидентификатора %s размера %ld для ключа %s (uid %d)\n"
+msgstr ""
+"Показ фотоидентификатора %s размера %ld для ключа %s (идентификатор "
+"пользователя %d)\n"
#, c-format
msgid "invalid value for option '%s'\n"
-msgstr "недопÑ\83Ñ\81Ñ\82имое знаÑ\87ениÑ\8f длÑ\8f паÑ\80амеÑ\82Ñ\80а \"%s\"\n"
+msgstr "недопустимое значения параметра \"%s\"\n"
#, c-format
msgid "preference '%s' duplicated\n"
msgstr "предпочтение '%s' дублируется\n"
msgid "too many cipher preferences\n"
-msgstr "слишком много шифровых предпочтений\n"
+msgstr "слишком много предпочтений шифров\n"
msgid "too many digest preferences\n"
-msgstr "слишком много предпочтений для хеш-функций\n"
+msgstr "слишком много предпочтений хеш-функций\n"
msgid "too many compression preferences\n"
-msgstr "Ñ\81лиÑ\88ком много пÑ\80едпоÑ\87Ñ\82ений длÑ\8f меÑ\82одов Ñ\81жаÑ\82иÑ\8f\n"
+msgstr "слишком много предпочтений методов сжатия\n"
#, c-format
msgid "invalid item '%s' in preference string\n"
msgstr "запись самоподписи\n"
msgid "writing key binding signature\n"
-msgstr "запись объединяющей подписи\n"
+msgstr "запись связующей подписи\n"
#, c-format
msgid "keysize invalid; using %u bits\n"
msgstr "Зашифровать"
msgid "Authenticate"
-msgstr "Ð\90Ñ\83Ñ\82енÑ\82иÑ\84иÑ\86иÑ\80овать"
+msgstr "УдоÑ\81Ñ\82овеÑ\80иÑ\82Ñ\8c лиÑ\87ноÑ\81ть"
#. TRANSLATORS: Please use only plain ASCII characters for the
#. translation. If this is not possible use single digits. The
#, c-format
msgid " (%c) Toggle the sign capability\n"
-msgstr " (%c) Ð\9fеÑ\80еклÑ\8eÑ\87иÑ\82Ñ\8c возможноÑ\81Ñ\82Ñ\8c иÑ\81полÑ\8cзованиÑ\8f длÑ\8f подпиÑ\81и\n"
+msgstr " (%c) Переключить возможность подписи\n"
#, c-format
msgid " (%c) Toggle the encrypt capability\n"
-msgstr " (%c) Переключить возможность использования для шифрования\n"
+msgstr " (%c) Переключить возможность шифрования\n"
#, c-format
msgid " (%c) Toggle the authenticate capability\n"
-msgstr " (%c) Переключить возможность использования для аутентификации\n"
+msgstr " (%c) Переключить возможность удостоверения личности\n"
#, c-format
msgid " (%c) Finished\n"
#, c-format
msgid " (%d) DSA (set your own capabilities)\n"
-msgstr " (%d) DSA (с требуемыми возможностями)\n"
+msgstr " (%d) DSA (задать возможности)\n"
#, c-format
msgid " (%d) RSA (set your own capabilities)\n"
-msgstr " (%d) RSA (с требуемыми возможностями)\n"
+msgstr " (%d) RSA (задать возможности)\n"
#, c-format
msgid " (%d) ECC and ECC\n"
#, c-format
msgid " (%d) ECC (set your own capabilities)\n"
-msgstr " (%d) ECC (с требуемыми возможностями)\n"
+msgstr " (%d) ECC (задать возможности)\n"
#, c-format
msgid " (%d) ECC (encrypt only)\n"
#, c-format
msgid "%s keys may be between %u and %u bits long.\n"
-msgstr "длина ключей %s может быть от %u до %u бит.\n"
+msgstr "длина ключей %s может быть от %u до %u.\n"
#, c-format
msgid "What keysize do you want for the subkey? (%u) "
#, c-format
msgid "You are using the '%s' character set.\n"
-msgstr "Используется таблица символов: '%s'.\n"
+msgstr "Используется таблица символов '%s'.\n"
#, c-format
msgid ""
msgstr "NnCcEeOoQq"
msgid "Change (N)ame, (C)omment, (E)mail or (Q)uit? "
-msgstr "Сменить (N)Имя, (C)Примечание, (E)Адрес или (Q)Выход? "
+msgstr "Сменить (N)Имя, (C)Примечание, (E)Адрес; (Q)Выход? "
msgid "Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? "
-msgstr "Сменить (N)Имя, (C)Примечание, (E)Адрес или (O)Принять/(Q)Выход? "
+msgstr "Сменить (N)Имя, (C)Примечание, (E)Адрес; (O)Принять/(Q)Выход? "
msgid "Change (N)ame, (E)mail, or (Q)uit? "
-msgstr "Сменить (N)Имя, (E)Адрес или (Q)Выход? "
+msgstr "Сменить (N)Имя, (E)Адрес; (Q)Выход? "
msgid "Change (N)ame, (E)mail, or (O)kay/(Q)uit? "
-msgstr "Сменить (N)Имя, (E)Адрес или (O)Принять/(Q)Выход? "
+msgstr "Сменить (N)Имя, (E)Адрес; (O)Принять/(Q)Выход? "
msgid "Please correct the error first\n"
msgstr "Сначала исправьте ошибку\n"
" \"%s\"\n"
"\n"
msgstr ""
-"СоздаеÑ\82Ñ\81Ñ\8f клÑ\8eÑ\87 длÑ\8f:\n"
+"СоздаеÑ\82Ñ\81Ñ\8f клÑ\8eÑ\87 полÑ\8cзоваÑ\82елÑ\8f\n"
" \"%s\"\n"
"\n"
#, c-format
msgid "A key for \"%s\" already exists\n"
-msgstr "Ð\9aлÑ\8eÑ\87 для \"%s\" уже существует\n"
+msgstr "Ð\9aлÑ\8eÑ\87 полÑ\8cзоваÑ\82еля \"%s\" уже существует\n"
msgid "Create anyway? (y/N) "
msgstr "Все равно создать новый? (y/N) "
"Note that this key cannot be used for encryption. You may want to use\n"
"the command \"--edit-key\" to generate a subkey for this purpose.\n"
msgstr ""
-"УÑ\87Ñ\82иÑ\82е, Ñ\87Ñ\82о даннÑ\8bй клÑ\8eÑ\87 не можеÑ\82 иÑ\81полÑ\8cзоваÑ\82Ñ\8cÑ\81Ñ\8f длÑ\8f Ñ\88иÑ\84Ñ\80ованиÑ\8f. Ð\92Ñ\8b можеÑ\82е\n"
+"УÑ\87Ñ\82иÑ\82е, Ñ\87Ñ\82о даннÑ\8bй клÑ\8eÑ\87 не можеÑ\82 иÑ\81полÑ\8cзоваÑ\82Ñ\8cÑ\81Ñ\8f длÑ\8f Ñ\88иÑ\84Ñ\80ованиÑ\8f. Ð\9cожно\n"
"воспользоваться командой \"--edit-key\" и создать подключ для этих целей.\n"
#, c-format
msgstr "включить в результаты поиска отозванные ключи"
msgid "include subkeys when searching by key ID"
-msgstr "иÑ\81каÑ\82Ñ\8c по иденÑ\82иÑ\84икаÑ\82оÑ\80Ñ\83 клÑ\8eÑ\87а, вклÑ\8eÑ\87аÑ\8f подклÑ\8eÑ\87и"
+msgstr "добавиÑ\82Ñ\8c подклÑ\8eÑ\87и в поиÑ\81к по иденÑ\82иÑ\84икаÑ\82оÑ\80Ñ\83 клÑ\8eÑ\87а"
msgid "override timeout options set for dirmngr"
msgstr "переназначить настройки времени ожидания для dirmngr"
msgstr "отключен"
msgid "Enter number(s), N)ext, or Q)uit > "
-msgstr "Введите числа, N) Следующее или Q) Выход> "
+msgstr "Введите числа, N) Следующее; Q) Выход > "
#, c-format
msgid "invalid keyserver protocol (us %d!=handler %d)\n"
#, c-format
msgid "key \"%s\" not found on keyserver\n"
-msgstr "клÑ\8eÑ\87 \"%s\" не найден на Ñ\81еÑ\80веÑ\80е клÑ\8eÑ\87ей\n"
+msgstr "клÑ\8eÑ\87 \"%s\" на Ñ\81еÑ\80веÑ\80е клÑ\8eÑ\87ей не найден\n"
msgid "key not found on keyserver\n"
msgstr "ключ не найден на сервере ключей\n"
msgstr "получение ключа %s с %s\n"
msgid "no keyserver known\n"
-msgstr "ни один Ñ\81еÑ\80веÑ\80 клÑ\8eÑ\87ей не извеÑ\81Ñ\82ен\n"
+msgstr "не извеÑ\81Ñ\82но ни одного Ñ\81еÑ\80веÑ\80а клÑ\8eÑ\87ей\n"
#, c-format
msgid "skipped \"%s\": %s\n"
"Keeping the image close to 240x288 is a good size to use.\n"
msgstr ""
"\n"
-"Выберите изображение для Вашего фотоидентификатора. Это должен быть файл "
+"Выберите изображение для своего фотоидентификатора. Это должен быть файл "
"JPEG.\n"
"Помните, что изображение будет храниться в Вашем открытом ключе и увеличит\n"
"его размер! Рекомендуется размер около 240x288.\n"
"of the gpg command \"--generate-revocation\" in the GnuPG manual."
msgstr ""
"Пользуйтесь им для отзыва этого ключа в случае раскрытия или потери\n"
-"секретного ключа. Однако, если секретный ключ доступен, лучше создать\n"
+"секретного ключа. Однако если секретный ключ доступен, лучше создать\n"
"новый сертификат с указанием причины отзыва. Подробности см. в описании\n"
"команды gpg \"--generate-revocation\" в руководстве по GnuPG."
#, c-format
msgid "can't create lock for '%s'\n"
-msgstr "невозможно создать блокировку для '%s'\n"
+msgstr "не удается создать блокировку для '%s'\n"
#, c-format
msgid "can't lock '%s'\n"
-msgstr "невозможно заблокировать '%s'\n"
+msgstr "не удается заблокировать '%s'\n"
#, c-format
msgid "trustdb rec %lu: lseek failed: %s\n"
msgstr "полностью включить отладку"
msgid "Usage: kbxutil [options] [files] (-h for help)"
-msgstr "Вызов: kbxutil [параметры] [файлы] (-h для подсказки)"
+msgstr "Вызов: kbxutil [параметры] [файлы] (-h - подсказка)"
msgid ""
"Syntax: kbxutil [options] [files]\n"
#, c-format
msgid "RSA prime %s missing or not of size %d bits\n"
-msgstr "Простое число RSA %s пропущено или его размер не равен %d бит\n"
+msgstr "Простое число RSA %s пропущено или его размер не равен %d\n"
#, c-format
msgid "failed to store the key: %s\n"
msgstr "использовать входные данные переменой длины для клавиатуры считывателя"
msgid "Usage: @SCDAEMON@ [options] (-h for help)"
-msgstr "Вызов: @SCDAEMON@ [параметры] (-h для подсказки)"
+msgstr "Вызов: @SCDAEMON@ [параметры] (-h - подсказка)"
msgid ""
"Syntax: scdaemon [options] [command [args]]\n"
#, c-format
msgid "dirmngr cache-only key lookup failed: %s\n"
-msgstr "клÑ\8eÑ\87 не найден в бÑ\83Ñ\84еÑ\80е dirmngr: %s\n"
+msgstr "клÑ\8eÑ\87 в бÑ\83Ñ\84еÑ\80е dirmngr не найден: %s\n"
msgid "failed to allocate keyDB handle\n"
msgstr "сбой при выделении памяти под указатель на базу данных\n"
msgstr "|NAME|использовать хеш-функцию NAME"
msgid "Usage: @GPGSM@ [options] [files] (-h for help)"
-msgstr "Вызов: @GPGSM@ [параметры] [файлы] (-h для подсказки)"
+msgstr "Вызов: @GPGSM@ [параметры] [файлы] (-h - подсказка)"
msgid ""
"Syntax: @GPGSM@ [options] [files]\n"
"Default operation depends on the input data\n"
msgstr ""
"Синтаксис: @GPGSM@ [параметры] [файлы]\n"
-"Подписать, проверить, зашифровать или расшифровать, используя протокол S/"
-"MIME\n"
+"Подписать, проверить, зашифровать или расшифровать по протоколу S/MIME\n"
"Операция по умолчанию зависит от входных данных\n"
#, c-format
#, c-format
msgid "hash algorithm %d (%s) for signer %d not supported; using %s\n"
-msgstr "хеш-функция %d (%s) для %d не поддерживается; использую %s\n"
+msgstr ""
+"хеш-функция %d (%s) для пользователя %d не поддерживается; использую %s\n"
#, c-format
msgid "hash algorithm used for signer %d: %s (%s)\n"
-msgstr "Ñ\85еÑ\88-Ñ\84Ñ\83нкÑ\86иÑ\8f длÑ\8f подпиÑ\81и %d: %s (%s)\n"
+msgstr "Ñ\85еÑ\88-Ñ\84Ñ\83нкÑ\86иÑ\8f длÑ\8f полÑ\8cзоваÑ\82елÑ\8f %d: %s (%s)\n"
#, c-format
msgid "checking for qualified certificate failed: %s\n"
#, c-format
msgid "invalid SHA1 fingerprint string '%s'\n"
-msgstr "неверный отпечаток SHA1 '%s'\n"
+msgstr "неверная строка отпечатока SHA1 '%s'\n"
#, c-format
msgid "error fetching certificate by S/N: %s\n"
msgid "Usage: dirmngr-client [options] [certfile|pattern] (-h for help)\n"
msgstr ""
-"Вызов: dirmngr-client [параметры] [файл_сертификата|шаблон] (-h для "
-"подÑ\81казки)\n"
+"Вызов: dirmngr-client [параметры] [файл_сертификата|шаблон] (-h - "
+"подÑ\81казка)\n"
msgid ""
"Syntax: dirmngr-client [options] [certfile|pattern]\n"
"not valid and other error codes for general failures\n"
msgstr ""
"Синтаксис: dirmngr-client [параметры] [файл_сертификата|шаблон]\n"
-"Проверка сертификата X.509 по списку отозванных сертификатов или по OCSP\n"
+"Проверка сертификата X.509 по списку отозванных сертификатов или по OCSP.\n"
"Процесс возвращает 0, если сертификат достоверен, 1, если недостоверен,\n"
-"и другие коды ошибок при общих отказах\n"
+"и другие коды ошибок при общих отказах.\n"
#, c-format
msgid "error reading certificate from stdin: %s\n"
"(Полный список команд и параметров см. в руководстве \"info\")\n"
msgid "Usage: @DIRMNGR@ [options] (-h for help)"
-msgstr "Вызов: @DIRMNGR@ [параметры] (-h для подсказки)"
+msgstr "Вызов: @DIRMNGR@ [параметры] (-h - подсказка)"
msgid ""
"Syntax: @DIRMNGR@ [options] [command [args]]\n"
msgstr "|N|подключиться к порту N"
msgid "|NAME|use user NAME for authentication"
-msgstr "|NAME|иÑ\81полÑ\8cзоваÑ\82Ñ\8c длÑ\8f аÑ\83Ñ\82енÑ\82иÑ\84икаÑ\86ии полÑ\8cзоваÑ\82елÑ\8f NAME"
+msgstr "|NAME|иÑ\81полÑ\8cзоваÑ\82Ñ\8c имÑ\8f полÑ\8cзоваÑ\82елÑ\8f NAME длÑ\8f Ñ\83доÑ\81Ñ\82овеÑ\80ениÑ\8f лиÑ\87ноÑ\81Ñ\82и"
msgid "|PASS|use password PASS for authentication"
-msgstr "|PASS|использовать для аутентификации пароль PASS"
+msgstr "|PASS|использовать для удостоверения личности пароль PASS"
msgid "take password from $DIRMNGR_LDAP_PASS"
msgstr "взять пароль из $DIRMNGR_LDAP_PASS"
msgstr "|STRING|вернуть атрибут STRING"
msgid "Usage: dirmngr_ldap [options] [URL] (-h for help)\n"
-msgstr "Вызов: dirmngr_ldap [параметры] [URL] (-h для подсказки)\n"
+msgstr "Вызов: dirmngr_ldap [параметры] [URL] (-h - подсказка)\n"
msgid ""
"Syntax: dirmngr_ldap [options] [URL]\n"
msgstr "выполнить при запуске подстановку subst"
msgid "Usage: @GPG@-connect-agent [options] (-h for help)"
-msgstr "Вызов: @GPG@-connect-agent [параметры] (-h для подсказки)"
+msgstr "Вызов: @GPG@-connect-agent [параметры] (-h - подсказка)"
msgid ""
"Syntax: @GPG@-connect-agent [options]\n"
msgstr "задействовать изменения во время исполнения, если возможно"
msgid "Usage: @GPGCONF@ [options] (-h for help)"
-msgstr "Вызов: @GPGCONF@ [параметры] (-h для подсказки)"
+msgstr "Вызов: @GPGCONF@ [параметры] (-h - подсказка)"
msgid ""
"Syntax: @GPGCONF@ [options]\n"
msgstr "имя входного файла (по умолчанию stdin)"
msgid "Usage: symcryptrun [options] (-h for help)"
-msgstr "Вызов: symcryptrun [параметры] (-h для подсказки)"
+msgstr "Вызов: symcryptrun [параметры] (-h - подсказка)"
msgid ""
"Syntax: symcryptrun --class CLASS --program PROGRAM --keyfile KEYFILE "
msgstr "класс %s не поддерживается\n"
msgid "Usage: gpg-check-pattern [options] patternfile (-h for help)\n"
-msgstr ""
-"Вызов: gpg-check-pattern [параметры] файл_образцов (-h для подсказки)\n"
+msgstr "Вызов: gpg-check-pattern [параметры] файл_образцов (-h - подсказка)\n"
msgid ""
"Syntax: gpg-check-pattern [options] patternfile\n"
msgstr "Akú veľkosť kľúča si prajete? (1024) "
#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+
+#, c-format
msgid "rounded up to %u bits\n"
msgstr "zaokrúhlené na %u bitov\n"
msgstr "kľúč %08lX: nezodpovedá našej kópii\n"
#, fuzzy, c-format
-msgid "key %s: can't locate original keyblock: %s\n"
-msgstr "kľúč %08lX: nemôžem nájsť originálny blok kľúča: %s\n"
-
-#, fuzzy, c-format
-msgid "key %s: can't read original keyblock: %s\n"
-msgstr "kľúč %08lX: nemôžem čítať originálny blok kľúča: %s\n"
-
-#, fuzzy, c-format
msgid "key %s: \"%s\" 1 new user ID\n"
msgstr "kľúč %08lX: \"%s\" 1 nový identifikátor užívateľa\n"
"kľúč %08lX: chýba verejný kľúč - nemôžem aplikovať revokačný certifikát\n"
#, fuzzy, c-format
+msgid "key %s: can't locate original keyblock: %s\n"
+msgstr "kľúč %08lX: nemôžem nájsť originálny blok kľúča: %s\n"
+
+#, fuzzy, c-format
+msgid "key %s: can't read original keyblock: %s\n"
+msgstr "kľúč %08lX: nemôžem čítať originálny blok kľúča: %s\n"
+
+#, fuzzy, c-format
msgid "key %s: invalid revocation certificate: %s - rejected\n"
msgstr "kľúč %08lX: neplatný revokačný certifikát: %s - zamietnuté\n"
msgid "Secret key is available.\n"
msgstr "Tajný kľúč je dostupný.\n"
+#, fuzzy
+#| msgid "Secret key is available.\n"
+msgid "Secret subkeys are available.\n"
+msgstr "Tajný kľúč je dostupný.\n"
+
msgid "Need the secret key to do this.\n"
msgstr "Na vykonanie tejto operácie je potrebný tajný kľúč.\n"
msgstr ""
"Project-Id-Version: gnupg trunk\n"
"Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"PO-Revision-Date: 2011-01-12 14:53+0100\n"
+"PO-Revision-Date: 2017-11-02 17:41+0100\n"
"Last-Translator: Daniel Nylander <po@danielnylander.se>\n"
"Language-Team: Swedish <tp-sv@listor.tp-sv.se>\n"
"Language: sv\n"
msgid "Replace existing key? (y/N) "
msgstr "Ersätt existerande nyckel? (j/N) "
-#, fuzzy
-#| msgid ""
-#| "NOTE: There is no guarantee that the card supports the requested size.\n"
-#| " If the key generation does not succeed, please check the\n"
-#| " documentation of your card to see what sizes are allowed.\n"
msgid ""
"Note: There is no guarantee that the card supports the requested size.\n"
" If the key generation does not succeed, please check the\n"
msgid "What keysize do you want for the Authentication key? (%u) "
msgstr "Vilken nyckelstorlek vill du använda för autentiseringsnyckeln? (%u) "
+#, fuzzy, c-format
+#| msgid "The card will now be re-configured to generate a key of %u bits\n"
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+"Kortet kommer nu att konfigureras om för att generera en nyckel med %u "
+"bitar\n"
+
#, c-format
msgid "rounded up to %u bits\n"
msgstr "avrundade uppåt till %u bitar\n"
msgstr "nyckel %s: stämmer inte mot vår lokala kopia\n"
#, c-format
-msgid "key %s: can't locate original keyblock: %s\n"
-msgstr "nyckel %s: kan inte hitta det ursprungliga nyckelblocket: %s\n"
-
-#, c-format
-msgid "key %s: can't read original keyblock: %s\n"
-msgstr "nyckel %s: kan inte läsa det ursprungliga nyckelblocket %s\n"
-
-#, c-format
msgid "key %s: \"%s\" 1 new user ID\n"
msgstr "nyckel %s: \"%s\" 1 ny användaridentitet\n"
msgstr "nyckel %s: ingen publik nyckel - kan inte verkställa spärrcertifikat\n"
#, c-format
+msgid "key %s: can't locate original keyblock: %s\n"
+msgstr "nyckel %s: kan inte hitta det ursprungliga nyckelblocket: %s\n"
+
+#, c-format
+msgid "key %s: can't read original keyblock: %s\n"
+msgstr "nyckel %s: kan inte läsa det ursprungliga nyckelblocket %s\n"
+
+#, c-format
msgid "key %s: invalid revocation certificate: %s - rejected\n"
msgstr "nyckel %s: ogiltigt spärrcertifikat: %s - avvisat\n"
msgid "Secret key is available.\n"
msgstr "Den hemliga nyckeln finns tillgänglig.\n"
+#, fuzzy
+#| msgid "Secret key is available.\n"
+msgid "Secret subkeys are available.\n"
+msgstr "Den hemliga nyckeln finns tillgänglig.\n"
+
msgid "Need the secret key to do this.\n"
msgstr "Den hemliga nyckeln behövs för att göra detta.\n"
msgstr "İstediğiniz anahtar uzunluğu nedir? (%u) "
#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+
+#, c-format
msgid "rounded up to %u bits\n"
msgstr "%u bite yuvarlandı\n"
msgstr "anahtar %s: bizim kopyamızla eşleşmiyor\n"
#, c-format
-msgid "key %s: can't locate original keyblock: %s\n"
-msgstr "anahtar %s: özgün anahtar bloku bulunamadı: %s\n"
-
-#, c-format
-msgid "key %s: can't read original keyblock: %s\n"
-msgstr "anahtar %s: özgün anahtar bloku okunamadı: %s\n"
-
-#, c-format
msgid "key %s: \"%s\" 1 new user ID\n"
msgstr "anahtar %s: \"%s\" 1 yeni kullanıcı kimliği\n"
"uygulanamaz\n"
#, c-format
+msgid "key %s: can't locate original keyblock: %s\n"
+msgstr "anahtar %s: özgün anahtar bloku bulunamadı: %s\n"
+
+#, c-format
+msgid "key %s: can't read original keyblock: %s\n"
+msgstr "anahtar %s: özgün anahtar bloku okunamadı: %s\n"
+
+#, c-format
msgid "key %s: invalid revocation certificate: %s - rejected\n"
msgstr ""
"anahtar %s: yürürlükten kaldırma sertifikası geçersiz: %s - reddedildi\n"
msgid "Secret key is available.\n"
msgstr "Gizli anahtar mevcut.\n"
+#, fuzzy
+#| msgid "Secret key is available.\n"
+msgid "Secret subkeys are available.\n"
+msgstr "Gizli anahtar mevcut.\n"
+
msgid "Need the secret key to do this.\n"
msgstr "Bunu yapmak için gizli anahtar gerekli.\n"
msgstr ""
"Project-Id-Version: GNU gnupg 2.1.0\n"
"Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"PO-Revision-Date: 2017-01-27 14:10+0200\n"
+"PO-Revision-Date: 2017-11-02 17:41+0100\n"
"Last-Translator: Yuri Chornoivan <yurchor@ukr.net>\n"
"Language-Team: Ukrainian <kde-i18n-uk@kde.org>\n"
"Language: uk\n"
msgid "What keysize do you want for the Authentication key? (%u) "
msgstr "Якому розміру ключа для розпізнавання ви надаєте перевагу? (%u) "
+#, fuzzy, c-format
+#| msgid "The card will now be re-configured to generate a key of %u bits\n"
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+"Зараз налаштування картки буде змінено для створення %u-бітового ключа\n"
+
#, c-format
msgid "rounded up to %u bits\n"
msgstr "округлено до %u бітів\n"
msgstr "ключ %s: не відповідає нашій копії\n"
#, c-format
-msgid "key %s: can't locate original keyblock: %s\n"
-msgstr "ключ %s: не вдалося знайти початковий блок ключів: %s\n"
-
-#, c-format
-msgid "key %s: can't read original keyblock: %s\n"
-msgstr "ключ %s: не вдалося прочитати початковий блок ключів: %s\n"
-
-#, c-format
msgid "key %s: \"%s\" 1 new user ID\n"
msgstr "ключ %s: «%s» 1 новий ідентифікатор користувача\n"
"відкликання\n"
#, c-format
+msgid "key %s: can't locate original keyblock: %s\n"
+msgstr "ключ %s: не вдалося знайти початковий блок ключів: %s\n"
+
+#, c-format
+msgid "key %s: can't read original keyblock: %s\n"
+msgstr "ключ %s: не вдалося прочитати початковий блок ключів: %s\n"
+
+#, c-format
msgid "key %s: invalid revocation certificate: %s - rejected\n"
msgstr "ключ %s: некоректний сертифікат відкликання: %s — відкинуто\n"
msgid "Secret key is available.\n"
msgstr "Доступний закритий ключ.\n"
+#, fuzzy
+#| msgid "Secret key is available.\n"
+msgid "Secret subkeys are available.\n"
+msgstr "Доступний закритий ключ.\n"
+
msgid "Need the secret key to do this.\n"
msgstr "Для цього потрібен закритий ключ.\n"
msgstr "您想要用多大的密钥尺寸?(%u)"
#, c-format
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr ""
+
+#, c-format
msgid "rounded up to %u bits\n"
msgstr "舍入到 %u 位\n"
msgstr "密钥 %s:与我们的副本不吻合\n"
#, c-format
-msgid "key %s: can't locate original keyblock: %s\n"
-msgstr "密钥 %s:无法定位原始的密钥区块:%s\n"
-
-#, c-format
-msgid "key %s: can't read original keyblock: %s\n"
-msgstr "密钥 %s:无法读取原始的密钥区块: %s\n"
-
-#, c-format
msgid "key %s: \"%s\" 1 new user ID\n"
msgstr "密钥 %s:“%s”一个新的用户标识\n"
msgstr "密钥 %s:没有公钥――无法应用吊销证书\n"
#, c-format
+msgid "key %s: can't locate original keyblock: %s\n"
+msgstr "密钥 %s:无法定位原始的密钥区块:%s\n"
+
+#, c-format
+msgid "key %s: can't read original keyblock: %s\n"
+msgstr "密钥 %s:无法读取原始的密钥区块: %s\n"
+
+#, c-format
msgid "key %s: invalid revocation certificate: %s - rejected\n"
msgstr "密钥 %s:无效的吊销证书:%s――已拒绝\n"
msgid "Secret key is available.\n"
msgstr "私钥可用。\n"
+#, fuzzy
+#| msgid "Secret key is available.\n"
+msgid "Secret subkeys are available.\n"
+msgstr "私钥可用。\n"
+
msgid "Need the secret key to do this.\n"
msgstr "要有私钥才能这么做。\n"
msgstr ""
"Project-Id-Version: GNU gnupg 2.1.0\n"
"Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"PO-Revision-Date: 2014-11-22 20:56+0800\n"
+"PO-Revision-Date: 2017-11-02 17:42+0100\n"
"Last-Translator: Jedi Lin <Jedi@Jedi.org>\n"
"Language-Team: Chinese (traditional) <zh-l10n@linux.org.tw>\n"
"Language: zh_TW\n"
msgid "What keysize do you want for the Authentication key? (%u) "
msgstr "你的認證金鑰想要用多大的金鑰尺寸? (%u) "
+#, fuzzy, c-format
+#| msgid "The card will now be re-configured to generate a key of %u bits\n"
+msgid "The card will now be re-configured to generate a key of type: %s\n"
+msgstr "這張卡片將重新加以組態, 以便產生 %u 位元的金鑰\n"
+
#, c-format
msgid "rounded up to %u bits\n"
msgstr "加大到 %u 位元\n"
msgstr "金鑰 %s: 跟我們的副本不吻合\n"
#, c-format
-msgid "key %s: can't locate original keyblock: %s\n"
-msgstr "金鑰 %s: 無法定址原始的金鑰區塊: %s\n"
-
-#, c-format
-msgid "key %s: can't read original keyblock: %s\n"
-msgstr "金鑰 %s: 無法讀取原始的金鑰區塊: %s\n"
-
-#, c-format
msgid "key %s: \"%s\" 1 new user ID\n"
msgstr "金鑰 %s: \"%s\" 1 個新的使用者 ID\n"
msgstr "金鑰 %s: 沒有公鑰 - 無法套用撤銷憑證\n"
#, c-format
+msgid "key %s: can't locate original keyblock: %s\n"
+msgstr "金鑰 %s: 無法定址原始的金鑰區塊: %s\n"
+
+#, c-format
+msgid "key %s: can't read original keyblock: %s\n"
+msgstr "金鑰 %s: 無法讀取原始的金鑰區塊: %s\n"
+
+#, c-format
msgid "key %s: invalid revocation certificate: %s - rejected\n"
msgstr "金鑰 %s: 無效的撤銷憑證: %s - 已駁回\n"
msgid "Secret key is available.\n"
msgstr "私鑰可用.\n"
+#, fuzzy
+#| msgid "Secret key is available.\n"
+msgid "Secret subkeys are available.\n"
+msgstr "私鑰可用.\n"
+
msgid "Need the secret key to do this.\n"
msgstr "要有私鑰纔能這麼做.\n"
ksba_cert_t cert;
- err = gpgsm_find_cert (parm->ctrl, line, ski, &cert);
+ err = gpgsm_find_cert (parm->ctrl, line, ski, &cert, 1);
if (err)
{
log_error ("certificate not found: %s\n", gpg_strerror (err));
if (!*line)
return gpg_error (GPG_ERR_ASS_PARAMETER);
- err = gpgsm_find_cert (parm->ctrl, line, NULL, &cert);
+ err = gpgsm_find_cert (parm->ctrl, line, NULL, &cert, 1);
if (err)
{
log_error ("certificate not found: %s\n", gpg_strerror (err));
subjectKeyIdentifier. */
int
gpgsm_find_cert (ctrl_t ctrl,
- const char *name, ksba_sexp_t keyid, ksba_cert_t *r_cert)
+ const char *name, ksba_sexp_t keyid, ksba_cert_t *r_cert,
+ int allow_ambiguous)
{
int rc;
KEYDB_SEARCH_DESC desc;
won't lead to ambiguous names. */
if (!rc && !keyid)
{
+ ksba_isotime_t notbefore = "";
+ const unsigned char *image = NULL;
+ size_t length = 0;
+ if (allow_ambiguous)
+ {
+ /* We want to return the newest certificate */
+ if (ksba_cert_get_validity (*r_cert, 0, notbefore))
+ *notbefore = '\0';
+ image = ksba_cert_get_image (*r_cert, &length);
+ }
next_ambiguous:
rc = keydb_search (ctrl, kh, &desc, 1);
if (rc == -1)
if (!rc)
{
ksba_cert_t cert2 = NULL;
+ ksba_isotime_t notbefore2 = "";
+ const unsigned char *image2 = NULL;
+ size_t length2 = 0;
+ int cmp = 0;
if (!keydb_get_cert (kh, &cert2))
{
ksba_cert_release (cert2);
goto next_ambiguous;
}
+ if (allow_ambiguous)
+ {
+ if (ksba_cert_get_validity (cert2, 0, notbefore2))
+ *notbefore2 = '\0';
+ image2 = ksba_cert_get_image (cert2, &length2);
+ cmp = strcmp (notbefore, notbefore2);
+ /* use certificate image bits as last resort for stable ordering */
+ if (!cmp)
+ cmp = memcmp (image, image2, length < length2 ? length : length2);
+ if (!cmp)
+ cmp = length < length2 ? -1 : length > length2 ? 1 : 0;
+ if (cmp < 0)
+ {
+ ksba_cert_release (*r_cert);
+ *r_cert = cert2;
+ strcpy (notbefore, notbefore2);
+ image = image2;
+ length = length2;
+ }
+ else
+ ksba_cert_release (cert2);
+ goto next_ambiguous;
+ }
ksba_cert_release (cert2);
}
rc = gpg_error (GPG_ERR_AMBIGUOUS_NAME);
ksba_cert_t cert = NULL;
char *grip = NULL;
- rc = gpgsm_find_cert (&ctrl, *argv, NULL, &cert);
+ rc = gpgsm_find_cert (&ctrl, *argv, NULL, &cert, 0);
if (rc)
;
else if (!(grip = gpgsm_get_keygrip_hexstring (cert)))
certlist_t *listaddr, int is_encrypt_to);
void gpgsm_release_certlist (certlist_t list);
int gpgsm_find_cert (ctrl_t ctrl, const char *name, ksba_sexp_t keyid,
- ksba_cert_t *r_cert);
+ ksba_cert_t *r_cert, int allow_ambiguous);
/*-- keylist.c --*/
gpg_error_t gpgsm_list_keys (ctrl_t ctrl, strlist_t names,
es_putc ('S', fp);
if ((use & KSBA_KEYUSAGE_KEY_CERT_SIGN))
es_putc ('C', fp);
-
- es_putc (':', fp);
}
es_putc (':', fp);
/* Field 12, capabilities: */
print_capabilities (cert, fp);
+ es_putc (':', fp);
/* Field 13, not used: */
es_putc (':', fp);
/* Field 14, not used: */
line = skip_options (line);
- err = gpgsm_find_cert (ctrl, line, NULL, &cert);
+ err = gpgsm_find_cert (ctrl, line, NULL, &cert, 0);
if (err)
;
else if (!(grip = gpgsm_get_keygrip_hexstring (cert)))
"faked-system-time 1008241200")
(create-file "gpg-agent.conf"
(string-append "pinentry-program " (tool 'pinentry))
- (string-append "scdaemon-program " (tool 'scdaemon))
+ (if (assoc "scdaemon" gpg-components)
+ (string-append "scdaemon-program " (tool 'scdaemon))
+ "# No scdaemon available")
)
(start-agent)
(create-file
(if (flag "--extended-key-format" *args*)
"enable-extended-key-format" "#enable-extended-key-format")
(string-append "pinentry-program " (tool 'pinentry))
- (string-append "scdaemon-program " (tool 'scdaemon))
+ (if (assoc "scdaemon" gpg-components)
+ (string-append "scdaemon-program " (tool 'scdaemon))
+ "# No scdaemon available")
))
;; Initialize the test environment, install appropriate configuration
\f
/* Retrieve the options for the component COMPONENT from backend
- BACKEND, which we already know is a program-type backend. */
+ * BACKEND, which we already know is a program-type backend. With
+ * ONLY_INSTALLED set components which are not installed are silently
+ * ignored. */
static void
-retrieve_options_from_program (gc_component_t component, gc_backend_t backend)
+retrieve_options_from_program (gc_component_t component, gc_backend_t backend,
+ int only_installed)
{
gpg_error_t err;
const char *pgmname;
argv[0] = "--gpgconf-list";
argv[1] = NULL;
+ if (only_installed && access (pgmname, X_OK))
+ {
+ return; /* The component is not installed. */
+ }
+
err = gnupg_spawn_process (pgmname, argv, NULL, NULL, 0,
NULL, &outfp, NULL, &pid);
if (err)
/* Retrieve the currently active options and their defaults from all
involved backends for this component. Using -1 for component will
- retrieve all options from all components. */
+ retrieve all options from all installed components. */
void
gc_component_retrieve_options (int component)
{
assert (backend != GC_BACKEND_ANY);
if (gc_backend[backend].program)
- retrieve_options_from_program (component, backend);
+ retrieve_options_from_program (component, backend,
+ process_all);
else
retrieve_options_from_file (component, backend);
}